60f6a6361a41806565ce0168dcb309a0be3a2d0a
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2015-02-12  Dean Jackson  <dino@apple.com>
2
3         [iOS Media] Audio should hide timeline scrubber until playback starts
4         https://bugs.webkit.org/show_bug.cgi?id=141542
5         <rdar://problem/19820685>
6
7         Reviewed by Eric Carlson.
8
9         We regressed from the system behaviour in iOS 7, where the timeline
10         scrubber for an audio element is not shown until the user starts
11         playback.
12
13         * Modules/mediacontrols/mediaControlsiOS.css:
14         (video::-webkit-media-controls-panel): Fix the alignment of the flexbox.
15         (audio::-webkit-media-controls-status-display): Add the style for the status display.
16         * Modules/mediacontrols/mediaControlsiOS.js:
17         (ControllerIOS.prototype.configureInlineControls): Start hidden if we are an <audio>.
18         (ControllerIOS.prototype.configureFullScreenControls): Drive by comment change.
19         (ControllerIOS.prototype.setPlaying): Unhide the timeline.
20
21 2015-02-12  Chris Dumez  <cdumez@apple.com>
22
23         Drop the quirks-mode exception for CSS MIME types
24         https://bugs.webkit.org/show_bug.cgi?id=141501
25
26         Reviewed by Alexey Proskuryakov.
27
28         Drop the quirks-mode exception for CSS MIME types.
29         This matches Firefox's behavior.
30
31         This patch is based on the following Blink revision:
32         http://src.chromium.org/viewvc/blink?view=revision&revision=189669
33
34         Tests:
35         - http/tests/misc/css-accept-any-type.html
36         - http/tests/security/cross-origin-css.html
37
38         * css/StyleSheetContents.cpp:
39         (WebCore::StyleSheetContents::parseAuthorStyleSheet):
40         * dom/ProcessingInstruction.cpp:
41         (WebCore::ProcessingInstruction::setCSSStyleSheet):
42         * inspector/InspectorPageAgent.cpp:
43         (WebCore::InspectorPageAgent::cachedResourceContent):
44         * loader/cache/CachedCSSStyleSheet.cpp:
45         (WebCore::CachedCSSStyleSheet::sheetText):
46         (WebCore::CachedCSSStyleSheet::canUseSheet):
47         * loader/cache/CachedCSSStyleSheet.h:
48
49 2015-02-12  Beth Dakin  <bdakin@apple.com>
50
51         REGRESSION: Should not send wheel events with a delta of 0
52         https://bugs.webkit.org/show_bug.cgi?id=141537
53         -and corresponding-
54         rdar://problem/18903118
55
56         Reviewed by Simon Fraser.
57
58         This code should not have been removed entirely to accommodate rubber-banding, it 
59         just needs to return false instead of true in order to allow the MayBegin and 
60         Ended phases to be handled by the ElasticityController.
61         * dom/Element.cpp:
62         (WebCore::Element::dispatchWheelEvent):
63
64 2015-02-12  Dean Jackson  <dino@apple.com>
65
66         [iOS Media] Implement 3-style media timeline (buffered, played, unavailable)
67         https://bugs.webkit.org/show_bug.cgi?id=141526
68         <rdar://problem/19603337>
69
70         Reviewed by Eric Carlson and Antoine Quint.
71
72         Implement a 3-style media scrubber for iOS. This draws white for
73         the region that has been played (before the playhead), black
74         for the region that is buffered, and is hollow for the rest.
75
76         * Modules/mediacontrols/mediaControlsApple.js:
77         (Controller.prototype.updateProgress): Update progress is now completely
78         shared between OS X and iOS. This calls the implementation specific
79         drawTimelineBackground.
80         (Controller.prototype.drawTimelineBackground): Move the OS X code to here.
81         * Modules/mediacontrols/mediaControlsiOS.css:
82         (audio::-webkit-media-controls-timeline): New styles for the timeline. Updated thumb image, etc.
83         (video::-webkit-media-controls-timeline::-webkit-slider-runnable-track):
84         (audio::-webkit-media-controls-timeline::-webkit-slider-thumb):
85         (audio::-webkit-media-controls-timeline::-webkit-slider-thumb:active):
86         (video::-webkit-media-controls-time-remaining-display):
87         * Modules/mediacontrols/mediaControlsiOS.js:
88         (ControllerIOS): Create a globally unique canvas context name in the constructor.
89         (ControllerIOS.prototype.createControls): Set the background of the timeline to a canvas.
90         (ControllerIOS.prototype.addRoundedRect): Helper function.
91         (ControllerIOS.prototype.drawTimelineBackground): Draw the 3-style content.
92         (ControllerIOS.prototype.updateProgress): Deleted.
93
94 2015-02-12  Daniel Bates  <dabates@apple.com>
95
96         Fix some Mac linker warnings
97         https://bugs.webkit.org/show_bug.cgi?id=141522
98
99         Reviewed by Alex Christensen.
100
101         Following <https://trac.webkit.org/changeset/179945>, the linker warns about the following hidden WebCore symbols:
102         
103         ld: warning: cannot export hidden symbol __ZN7WebCore20LogNotYetImplementedE from /.../OpenSource/WebKitBuild/WebCore.build/Debug/WebCore.build/Objects-normal/x86_64/Logging.o
104         ld: warning: cannot export hidden symbol _wkCreateURLPasteboardFlavorTypeName from /.../OpenSource/WebKitBuild/WebCore.build/Debug/WebCore.build/Objects-normal/x86_64/WebCoreSystemInterface.o
105         ld: warning: cannot export hidden symbol _wkCreateURLNPasteboardFlavorTypeName from /.../OpenSource/WebKitBuild/WebCore.build/Debug/WebCore.build/Objects-normal/x86_64/WebCoreSystemInterface.o
106
107         * WebCore.exp.in: Remove symbols for functions wkCreateURLPasteboardFlavorTypeName and wkCreateURLNPasteboardFlavorTypeName.
108         * platform/Logging.h: Export WTFLogChannel for LogNotYetImplemented, which is referenced from
109         notImplementedLoggingChannel() in file NotImplemented.cpp. We make use of the associated
110         header, NotImplemented.h, in both WebKit and WebKit2.
111         * platform/mac/WebCoreSystemInterface.mm: Remove declarations for functions
112         wkCreateURLPasteboardFlavorTypeName and wkCreateURLNPasteboardFlavorTypeName that
113         were inadvertently not removed in r25494.
114
115 2015-02-12  Joseph Pecoraro  <pecoraro@apple.com>
116
117         Web Inspector: Crash inspecting styles of element with mutated stylesheet
118         https://bugs.webkit.org/show_bug.cgi?id=141451
119
120         Reviewed by Timothy Hatcher.
121
122         Test: inspector/css/stylesheet-with-mutations.html
123
124         * css/CSSStyleSheet.h:
125         * css/CSSStyleSheet.cpp:
126         (WebCore::CSSStyleSheet::CSSStyleSheet):
127         (WebCore::CSSStyleSheet::didMutateRules):
128         Keep a flag on the CSSStyleSheet to know when it has had a rule
129         mutation from the contents.
130
131         * inspector/InspectorStyleSheet.h:
132         * inspector/InspectorStyleSheet.cpp:
133         (WebCore::InspectorStyleSheet::reparseStyleSheet):
134         When completely replacing the stylesheet's contents, we will have
135         destroyed any previous rules, so clear the has mutations flag.
136
137         (WebCore::selectorsFromSource):
138         Previously there was a mismatch between the rules the parsed
139         SourceData had, and the actual CSSSelectors we were iterating.
140         We use the SourceData so we can get the exact user authored
141         text instead of generated longhands from actualy selector objects.
142         Add an ASSERT and bail to catch and more gracefully handle
143         any possible mismatches in the future.
144
145         (WebCore::InspectorStyleSheet::styleSheetMutated):
146         (WebCore::InspectorStyleSheet::ensureParsedDataReady):
147         When a CSSStyleSheet has been mutated beyond the inspector's
148         knowledge right now, fall back to readonly generated selectors.
149         We should better handle this in the future:
150         <https://webkit.org/b/141450> Web Inspector: Better support for CSSOM StyleSheet mutations (insertRule/deleteRule)
151
152 2015-02-12  Commit Queue  <commit-queue@webkit.org>
153
154         Unreviewed, rolling out r179987.
155         https://bugs.webkit.org/show_bug.cgi?id=141525
156
157         caused debug tests to fail (Requested by alexchristensen on
158         #webkit).
159
160         Reverted changeset:
161
162         "[CSS Grid Layout] Invalid initialization of track sizes with
163         non spanning grid items"
164         https://bugs.webkit.org/show_bug.cgi?id=140763
165         http://trac.webkit.org/changeset/179987
166
167 2015-02-12  Brian J. Burg  <burg@cs.washington.edu>
168
169         REGRESSION(r178060): empty arguments are passed when logging to system console
170         https://bugs.webkit.org/show_bug.cgi?id=141511
171
172         Reviewed by Timothy Hatcher.
173
174         * page/PageConsoleClient.cpp:
175         (WebCore::PageConsoleClient::messageWithTypeAndLevel): Change premature move to copyRef.
176
177 2015-02-12  Alex Christensen  <achristensen@webkit.org>
178
179         [Win] Unreviewed debug build fix after r179980.
180
181         * svg/SVGSVGElement.cpp:
182         (WebCore::SVGSVGElement::currentViewportSize):
183         Explicitly call constructor.
184
185 2015-01-23  Sergio Villar Senin  <svillar@igalia.com>
186
187         [CSS Grid Layout] Invalid initialization of track sizes with non spanning grid items
188         https://bugs.webkit.org/show_bug.cgi?id=140763
189
190         Reviewed by Antti Koivisto.
191
192         Content sized tracks with non-spanning grid items were not
193         properly sized because the growth limit was sometimes infinity
194         (-1) after calling resolveContentBasedTrackSizingFunctions() when
195         it should not. This patch adds an special initialization phase for
196         non-spanning grid items as the new track sizing algorithm
197         describes.
198
199         Granted, that was handled in the old algorithm in
200         distributeSpaceToTracks() as a special case. The problem is that
201         it regressed after the optimization added in r173868 because that
202         method is no longer called when the space to distribute is 0.
203
204         That's why we could fix this by allowing calls to
205         distributeSpaceToTracks() with spaceToDistribute>=0 but by fixing
206         it with an explicit initialization our implementation becomes
207         closer to the new algorithm and the initialization is now explicit
208         in the code instead of a side effect of calling
209         distributeSpaceToTracks() with no space to be distributed. It also
210         brings a slight performance improvement as we save sorts and hash
211         lookups.
212
213         I also took the change to add caching to several GridTrackSize
214         methods that were hot on the profiler (each one accounted for ~1%
215         of the total time, now they account for ~0.3% each).
216
217         Test: fast/css-grid-layout/grid-initialize-span-one-items.html
218
219         * rendering/RenderGrid.cpp:
220         (WebCore::GridItemWithSpan::span): New helper method for ASSERTs.
221         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions):
222         Exclude non spanning grid items from the calls to
223         resolveContentBasedTrackSizingFunctionsForItems().
224         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForNonSpanningItems):
225         New method to resolve track sizes only using non-spanning grid
226         items.
227         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
228         Ensure that it isn't called for non-spanning grid items.
229         * rendering/RenderGrid.h:
230         * rendering/style/GridTrackSize.h:
231         (WebCore::GridTrackSize::GridTrackSize): Cache return values.
232         (WebCore::GridTrackSize::setLength): Ditto.
233         (WebCore::GridTrackSize::setMinMax): Ditto.
234         (WebCore::GridTrackSize::cacheMinMaxTrackBreadthTypes): New method
235         that caches the return values for hasXXXTrackBreadth() methods.
236         (WebCore::GridTrackSize::hasMinOrMaxContentMinTrackBreadth): Use
237         the cached return value.
238         (WebCore::GridTrackSize::hasMaxContentMaxTrackBreadth): Ditto.
239         (WebCore::GridTrackSize::hasMinContentMaxTrackBreadth): Ditto.
240         (WebCore::GridTrackSize::hasMinOrMaxContentMaxTrackBreadth): Ditto.
241         (WebCore::GridTrackSize::hasMaxContentMinTrackBreadth): Ditto.
242         (WebCore::GridTrackSize::hasMinContentMinTrackBreadth): Ditto.
243         (WebCore::GridTrackSize::hasMinContentMinTrackBreadthAndMinOrMaxContentMaxTrackBreadth):
244         Ditto.
245         (WebCore::GridTrackSize::hasMaxContentMinTrackBreadthAndMaxContentMaxTrackBreadth):
246         Ditto.
247
248 2015-02-12  Zan Dobersek  <zdobersek@igalia.com>
249
250         Remove the USE(ACCELERATED_COMPOSITING) guard from the
251         MediaPlayerPrivateGStreamerBase destructor.
252
253         The guard was removed in r163079. It was still defined through CMake
254         for the EFL and GTK ports when the guarded code was introduced in
255         r172828. In r171741 the macro was finally removed for the GTK and EFL
256         ports as well, but the guards for the affected code weren't updated
257         so TextureMapperPlatformLayer::Client::platformLayerWillBeDestroyed()
258         wasn't being called anymore.
259
260         Rubber-stamped by Philippe Normand.
261
262         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
263         (WebCore::MediaPlayerPrivateGStreamerBase::~MediaPlayerPrivateGStreamerBase):
264
265 2015-02-11  Darin Adler  <darin@apple.com>
266
267         Streamline and simplify SVGSVGElement and related classes
268         https://bugs.webkit.org/show_bug.cgi?id=141463
269
270         Reviewed by Antti Koivisto.
271
272         * dom/Document.cpp: Removed unneeded include of SVGSVGElement.h.
273         * loader/FrameLoader.cpp: Ditto.
274         * rendering/RenderBoxModelObject.cpp: Ditto.
275         * rendering/svg/RenderSVGForeignObject.cpp: Ditto.
276         * svg/SVGImageElement.cpp: Ditto.
277         * svg/SVGMarkerElement.cpp: Ditto.
278         * svg/SVGPathElement.cpp: Ditto.
279         * svg/SVGPatternElement.cpp: Ditto.
280         * svg/SVGTransform.cpp: Ditto.
281
282         * page/FrameView.cpp:
283         (WebCore::FrameView::scrollToAnchor): Updated to call the SVGSVGElement function
284         named scrollToAnchor (was setupInitialView). Also refactored to avoid repeating
285         the expression frame().document() so often.
286
287         * platform/graphics/FloatSize.h: Added operator/.
288
289         * svg/SVGDocument.cpp:
290         (WebCore::SVGDocument::rootElement): Rearranged to use early return.
291         (WebCore::SVGDocument::zoomAndPanEnabled): Ditto.
292         (WebCore::SVGDocument::startPan): Ditto. Also used FloatPoint math instead
293         of breaking things apart into x and y.
294         (WebCore::SVGDocument::updatePan): Ditto.
295
296         * svg/SVGDocument.h: Removed some unneeded includes and forward declarations.
297         Moved function bodies out of the class to make it more readable. Renamed
298         m_translate to m_panningOffset and made it a FloatSize instead of FloatPoint.
299
300         * svg/SVGDocumentExtensions.cpp:
301         (WebCore::SVGDocumentExtensions::startAnimations): Use a modern for loop
302         and update since timeContainer() now returns a reference.
303
304         * svg/SVGSVGElement.cpp: Removed many unneeded includes.
305         (WebCore::SVGSVGElement::SVGSVGElement): Moved initialization of scalars to
306         the class definition. Updated since m_timerContainer is a Ref (later should
307         change it to be a std::unique_ptr or just directly contained in SVGSVGElement).
308         (WebCore::SVGSVGElement::~SVGSVGElement): Removed comment that doesn't say much,
309         but is worded in a confusing way.
310         (WebCore::SVGSVGElement::contentScriptType): Use NeverDestroyed instead of
311         DEPRECATED_DEFINE_STATIC_LOCAL.
312         (WebCore::SVGSVGElement::contentStyleType): Ditto.
313         (WebCore::SVGSVGElement::viewport): Streamlined a bit.
314         (WebCore::SVGSVGElement::pixelUnitToMillimeterX): Ditto.
315         (WebCore::SVGSVGElement::pixelUnitToMillimeterY): Ditto.
316         (WebCore::SVGSVGElement::currentView): Changed to return a reference.
317         (WebCore::SVGSVGElement::frameForCurrentScale): Added. Helper for the two
318         functions below.
319         (WebCore::SVGSVGElement::currentScale): Updated to use frameForCurrentScale.
320         (WebCore::SVGSVGElement::setCurrentScale): Ditto.
321         (WebCore::SVGSVGElement::setCurrentTranslate): Optimized the case where there
322         is no change to the translation. Also changed the data member's name to
323         m_currentTranslate to more directly match the DOM API naming.
324         (WebCore::SVGSVGElement::parseAttribute): Simplified the parsing a bit, and
325         changed to pass a reference to SVGZoomAndPan::parseAttribute.
326         (WebCore::SVGSVGElement::svgAttributeChanged): Tweaked formatting and removed
327         code that converts the renderer pointer to a RenderObject* unnecessarily.
328         (WebCore::SVGSVGElement::suspendRedraw): Removed FIXME about implementing this,
329         since we don't really plan to do that.
330         (WebCore::SVGSVGElement::unsuspendRedraw): Ditto.
331         (WebCore::SVGSVGElement::unsuspendRedrawAll): Ditto.
332         (WebCore::SVGSVGElement::forceRedraw): Ditto.
333         (WebCore::SVGSVGElement::collectIntersectionOrEnclosureList): Changed return
334         type to Ref, and pass in a function instead of an enumeration value.
335         (WebCore::SVGSVGElement::getIntersectionList): Updated for above.
336         (WebCore::SVGSVGElement::getEnclosureList): Ditto.
337         (WebCore::SVGSVGElement::checkIntersection): Use && instead of early return
338         for the null check.
339         (WebCore::SVGSVGElement::checkEnclosure): Ditto.
340         (WebCore::SVGSVGElement::createSVGLength): Use initialization list syntax
341         for greater brevity.
342         (WebCore::SVGSVGElement::createSVGAngle): Ditto.
343         (WebCore::SVGSVGElement::createSVGPoint): Ditto.
344         (WebCore::SVGSVGElement::createSVGMatrix): Ditto.
345         (WebCore::SVGSVGElement::createSVGRect): Ditto.
346         (WebCore::SVGSVGElement::createSVGTransform): Removed unneeded explicit
347         constructor invocation.
348         (WebCore::SVGSVGElement::createSVGTransformFromMatrix): Removed unneeded cast.
349         (WebCore::SVGSVGElement::insertedInto): Updated since timeContainer() now
350         returns a reference.
351         (WebCore::SVGSVGElement::setCurrentTime): Use isfinite instead of isnan, so
352         we won't store infinity as the current time.
353         (WebCore::SVGSVGElement::currentViewBoxRect): Renamed locals and changed
354         to use initializer lists for brevity.
355         (WebCore::SVGSVGElement::currentViewportSize): Streamlined code by using
356         initializer lists, using local variables only for things used more than once,
357         and using the / operator defined above.
358         (WebCore::SVGSVGElement::viewBoxToViewTransform): Use the concatenate function
359         in a way that is more straightforward, rather than doing it with a temporary.
360         (WebCore::SVGSVGElement::scrollToAnchor): Renamed this from
361         setupInitialView.
362         (WebCore::SVGSVGElement::inheritViewAttributes): Changed this to work with
363         references rather than pointers.
364         (WebCore::SVGSVGElement::getElementById): Use getAllElementsById as the
365         FIXME comment suggested for better efficiency when there are a lot of descendants
366         of the <svg> element at the cost of making it less efficient if there are
367         a lot of elements all with the desired ID, but not inside the <svg> element.
368         (WebCore::SVGSVGElement::isValid): Moved here from the header.
369
370         * svg/SVGSVGElement.h: Removed unneeded forward declarations. Moved the
371         animated properties to the top of the file, then other DOM, the other
372         public members. Changed return types to references and Ref. Moved
373         function bodies out of the class definition. Made createSVGNumber inline.
374
375         * svg/SVGViewElement.cpp: Removed unneeded includes.
376         (WebCore::SVGViewElement::isSupportedAttribute): Deleted.
377         (WebCore::SVGViewElement::parseAttribute): Changed to not rely on
378         isSupportedAttribute. Eventually I will do this in all the SVG classes.
379
380         * svg/SVGViewSpec.cpp: Removed unneeded include of SVGSVGElement.h.
381         (WebCore::SVGViewSpec::parseViewSpec): Updated for change in the name
382         of the parse function in the SVGZoomAndPan class.
383
384         * svg/SVGZoomAndPan.cpp:
385         (WebCore::SVGZoomAndPan::isKnownAttribute): Deleted.
386         (WebCore::SVGZoomAndPan::addSupportedAttributes): Deleted.
387         (WebCore::SVGZoomAndPan::parse): Renamed from parseZoomAndPan since
388         this is a member of the SVGZoomAndPan class and also has an argument
389         of SVGZoomAndPanType.
390         (WebCore::SVGZoomAndPan::parseAttributeValue): Added. Helper so the
391         template function is not so big. Also write it in a simpler way.
392         (WebCore::SVGZoomAndPan::ref): Deleted.
393         (WebCore::SVGZoomAndPan::deref): Deleted.
394         (WebCore::SVGZoomAndPan::setZoomAndPan): Deleted.
395
396         * svg/SVGZoomAndPan.h: Removed unneeded includes. Reformatted the enum.
397         Moved function bodies out of the class definition. Removed many unneeded
398         functions.
399
400         * svg/animation/SVGSMILElement.cpp:
401         (WebCore::SVGSMILElement::insertedInto): Updated since timeContainer
402         now returns a reference rather than a pointer.
403
404 2015-02-11  Darin Adler  <darin@apple.com>
405
406         SVGUseElement follow-up improvements
407         https://bugs.webkit.org/show_bug.cgi?id=141382
408
409         Reviewed by Antti Koivisto.
410
411         * loader/cache/CachedSVGDocumentClient.h: Removed unneeded forward declaration.
412
413         * page/EventHandler.cpp: Removed unneeded include of SVGUseElement.h.
414         * rendering/svg/RenderSVGViewportContainer.cpp: Ditto.
415
416         * svg/SVGDocumentExtensions.cpp:
417         (WebCore::SVGDocumentExtensions::clearTargetDependencies): Removed too-specific
418         check that assumed that SVG elements in shadow trees are always for <use> elements.
419         This amounted to an unneeded optimization that could be removed with no bad effect.
420
421         * svg/SVGElement.cpp:
422         (WebCore::SVGElement::correspondingElement): Removed the assertions so this could
423         be used more freely outside of cases where the shadow tree state is fully consistent.
424         It's fine to have this just be a mechanical getter; there's nothing super-tricky
425         here that needs to be caught by the assertion.
426         (WebCore::SVGElement::title): Removed unneeded special handling for titles inside
427         the shadow tree.
428
429         * svg/SVGGElement.cpp:
430         (WebCore::SVGGElement::create): Added an overload that doesn't require explicitly
431         passing in the tag name.
432         * svg/SVGGElement.h: Ditto.
433         * svg/SVGSVGElement.cpp:
434         (WebCore::SVGSVGElement::create): Ditto.
435         * svg/SVGSVGElement.h: Ditto.
436
437         * svg/SVGUseElement.cpp: Removed a lot of unneeded includes.
438         (WebCore::SVGUseElement::SVGUseElement): Removed code to initialize some booleans.
439         We do that in the class definition now.
440         (WebCore::SVGUseElement::create): Removed the code that calls the
441         ensureUserAgentShadowRoot function unconditionally. That's properly done when
442         needed; no need to do it here.
443         (WebCore::SVGUseElement::~SVGUseElement): Removed unneeded code to destroy the
444         shadow tree (that happens automatically) and simplified the code to stop loading
445         the external document.
446         (WebCore::SVGUseElement::isSupportedAttribute): Deleted.
447         (WebCore::SVGUseElement::parseAttribute): Simplified this. Removed assumptions
448         about the intersection of various sets of attributes, and also removed the
449         isSupportedAttribute function. This seems to serve no purpose here, or in any
450         other SVG element class. I plan to remove it everywhere over time.
451         (WebCore::isWellFormedDocument): Deleted.
452         (WebCore::SVGUseElement::insertedInto): Simplified code by removing all the
453         special cases during initial parsing, and did the invalidation here rather than
454         deferring it to didNotifySubtreeInsertions. Added a call to the new function,
455         updateExternalDocument, since that won't do anything when the element is not
456         in a document.
457         (WebCore::SVGUseElement::didNotifySubtreeInsertions): Deleted.
458         (WebCore::SVGUseElement::removedFrom): Added code to call clearShadowTree and
459         updateExternalDocument. Both are efficient when doing nothing, and both are
460         appropriate since the element is no longer in a document.
461         (WebCore::SVGUseElement::referencedDocument): Deleted. No longer needed.
462         (WebCore::SVGUseElement::externalDocument): Streamlined the logic here, removing
463         multiple unneeded checks.
464         (WebCore::SVGUseElement::transferSizeAttributesToTargetClone): Renamed since
465         "target clone" is clear enough within this class, without explicitly stating
466         "shadow tree". All the clones are in the shadow tree.
467         (WebCore::SVGUseElement::svgAttributeChanged): Removed unneeded code calling
468         isSupportedAttribute. Changed the code that detects changes in href to just
469         call updateExternalDocument (for the document URL) and invalidateShadowTree
470         (for the fragment). Also updated the transferSizeAttributesToTargetClone logic
471         to only trigger on width and height and updated names.
472         (WebCore::SVGUseElement::willAttachRenderers): Updated for the new name of
473         m_shouldRebuildShadowTree and added a call through to the base class.
474         (WebCore::createAllowedElementSet): Added. A more efficient way to implement
475         the initialization of the set for isDisallowedElement.
476         (WebCore::isDisallowedElement): Simplified this by using the function above,
477         and also overloaded for both SVGElement and Element for a tiny efficiency boost.
478         (WebCore::SVGUseElement::clearShadowTree): Renamed form clearResourceReferences.
479         This is a much more straightforward name. Also deleted the code that sets the
480         m_needsShadowTreeRecreation flag to false. That should be done by the build
481         function, not here.
482         (WebCore::SVGUseElement::buildPendingResource): Made this just invalidate the
483         shadow tree now instead of explicitly building it.
484         (WebCore::SVGUseElement::updateShadowTree): Moved the code to create a shadow
485         tree here from buildPendingResource. ALso changed the logic so that we
486         always blow away the old shadow tree. Moved the comment about rebuilding things
487         every time here. Updated the code to use the findTarget and cloneTarget functions,
488         eliminating the buildShadowTree function entirely. Moved the call to
489         transferSizeAttributesToShadowTreeTargetClone inside cloneTarget. Also updated
490         for the name change for m_shouldRebuildShadowTree.
491         (WebCore::SVGUseElement::targetClone): Renamed from shadowTreeTargetClone.
492         No need to emphasize "shadow tree" since that's where all clones are.
493         (WebCore::isDirectReference): Streamlined a bit using "using namespace".
494         (WebCore::SVGUseElement::toClipPath): Rewrote to use early return and updated
495         for name changes. Also used ASCIILiteral.
496         (WebCore::SVGUseElement::rendererClipChild): Changed local variable names.
497         (WebCore::removeDisallowedElementsFromSubtree): Wrote the iteration in a
498         slightly more idiomatic style.
499         (WebCore::SVGUseElement::findTarget): Added. This new function implements
500         the rule for finding a valid target for a use element. This replaces logic
501         that was duplicated in two different places and it also includes all the
502         rules that were formerly in the isValidTarget function. Also, this implements
503         a correct check for a cycle that handles cases the code in isValidTarget did not.
504         (WebCore::SVGUseElement::isValidTarget): Deleted.
505         (WebCore::SVGUseElement::cloneTarget): Added. Helper function used both when
506         cloning the target of the top level <use> elements and for other <use> elements
507         inside the shadow tree.
508         (WebCore::cloneDataAndChildren): Added. Helper function that allows both the
509         <use> and <symbol> element expanding functions to be shorter and share more code.
510         (WebCore::SVGUseElement::expandUseElementsInShadowTree): Removed unneeded checks
511         of cachedDocumentIsStillLoading. Used the new findTarget function, which handles
512         finding the target cross-document correctly. Removed the incorrect use of
513         referencedDocument when creating new elements and finding targets. Refactored
514         to use the new cloneDataAndChildren function and also moved the code that removes
515         the special attributes here, replacing the transferAttributesToShadowTreeReplacement
516         function. Made a few other simplifications.
517         (WebCore::SVGUseElement::expandSymbolElementsInShadowTree): Ditto, just like the
518         <use> changes only simpler.
519         (WebCore::SVGUseElement::transferEventListenersToShadowTree): Made this const.
520         Removed unneeded assertions.
521         (WebCore::SVGUseElement::invalidateShadowTree): Updated for name change.
522         (WebCore::SVGUseElement::invalidateDependentShadowTrees): Removed assertion.
523         (WebCore::SVGUseElement::transferAttributesToShadowTreeReplacement): Deleted.
524         (WebCore::SVGUseElement::selfHasRelativeLengths): Tweaked names.
525         (WebCore::SVGUseElement::notifyFinished): Removed the inDocument check, since
526         this function will only be called for elements that are in a document.
527         (WebCore::SVGUseElement::cachedDocumentIsStillLoading): Deleted.
528         (WebCore::SVGUseElement::finishParsingChildren): Removed the code that calls
529         buildPendingResource here. Shadow tree updating is driven solely by renderer
530         generation now.
531         (WebCore::SVGUseElement::updateExternalDocument): Replaced setCachedDocument
532         with this. This function knows how to load a different document if the URL
533         has changed, or leave it alone if not, and also stop the load if it should.
534         (WebCore::SVGUseElement::isValid): Moved this here from the header, since it's
535         always being called virtually.
536         (WebCore::SVGUseElement::haveLoadedRequiredResources): Ditto.
537         (WebCore::SVGUseElement::setHaveFiredLoadEvent): Ditto.
538         (WebCore::SVGUseElement::haveFiredLoadEvent): Ditto.
539         (WebCore::SVGUseElement::svgLoadEventTimer): Ditto.
540
541         * svg/SVGUseElement.h: Removed unneeded include. Moved the animated properties
542         to the top of the class because they are public DOM API and so are logical to
543         list first. I'd like to do that for other classes too over time. Changed to
544         derive privately from CachedSVGDocumentClient. Made the function
545         invalidateDependentShadowTrees private. Removed didNotifySubtreeInsertions,
546         isSupportedAttribute, clearResourceReferences, buildShadowTree,
547         transferAttributesToShadowTreeReplacement, isParserInserted, and
548         m_wasInsertedByParser. Added updateExternalDocument, cloneTarget, targetClone,
549         updateShadowTree, and clearShadowTree. Also did a couple other renames,
550         including renaming m_cachedDocument to m_externalDocument.
551
552         * svg/svgtags.in: Removed constructorNeedsCreatedByParser from the <use>
553         element since we don't have to handle constructing by the parser specially.
554
555 2015-02-11  Dhi Aurrahman  <diorahman@rockybars.com>
556
557         CSS selector JIT compilation support for :lang()
558         https://bugs.webkit.org/show_bug.cgi?id=140818
559
560         Reviewed by Benjamin Poulain.
561
562         Add the JIT support for :lang(), to ensure :lang() no longer force the engine to
563         the slow path.
564
565         Test: fast/selectors/lang-chained-multiple.html
566
567         * cssjit/SelectorCompiler.cpp:
568         (WebCore::SelectorCompiler::addPseudoClassType):
569         Get rid of the FunctionType::CannotCompile
570         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatching):
571         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsInLanguage):
572
573 2015-02-11  Alex Christensen  <achristensen@webkit.org>
574
575         Fix more weak external symbol errors.
576
577         * bindings/scripts/CodeGeneratorJS.pm:
578         (GenerateHeader):
579         * page/make_settings.pl:
580         (printGetterAndSetter):
581         Remove some WEBCORE_EXPORT macros.
582
583 2015-02-11  Alex Christensen  <achristensen@webkit.org>
584
585         Do not export functions defined in headers.
586         This prevents weak external symbol errors in some configurations.
587
588         * dom/Range.h:
589         (WebCore::Range::startContainer):
590         (WebCore::Range::startOffset):
591         (WebCore::Range::endContainer):
592         (WebCore::Range::endOffset):
593         * inspector/InspectorController.h:
594         * page/Settings.h:
595         (WebCore::Settings::setMediaKeysStorageDirectory):
596         * page/make_settings.pl:
597         (printGetterAndSetter):
598         * platform/network/cocoa/ProtectionSpaceCocoa.h:
599         (WebCore::ProtectionSpace::encodingRequiresPlatformData):
600         * platform/text/TextEncoding.h:
601         (WebCore::TextEncoding::decode):
602         Removed WEBCORE_EXPORT macros.
603
604 2015-02-11  Chris Dumez  <cdumez@apple.com>
605
606         [WK2] Add logging to validate the network cache efficacy (Part 2)
607         https://bugs.webkit.org/show_bug.cgi?id=141345
608         <rdar://problem/19632080>
609
610         Reviewed by Sam Weinig.
611
612         Add a few more diagnostic logging keys for the network cache efficacy
613         logging.
614
615 2015-02-11  Sam Weinig  <sam@webkit.org>
616
617         REGRESSION(r179166): Crash when accessing document.dir on a document with no elements
618         <rdar://problem/19804351>
619         https://bugs.webkit.org/show_bug.cgi?id=141480
620
621         Reviewed by Chris Dumez.
622
623         Test: fast/dom/document-dir-empty-document-crash.html
624
625         * html/HTMLDocument.cpp:
626         (WebCore::HTMLDocument::dir):
627         Don't unnecessarily dereference the documentElement. is<HTMLHtmlElement>() will handle null just fine.
628
629 2015-02-11  Mark Rowe  <mrowe@apple.com>
630
631         <https://webkit.org/b/141492> extract-localizable-strings.pl shouldn't update the target file if the contents haven't changed
632
633         Avoid updating the target file if the contents haven't changed. This prevents Xcode from copying the identical
634         file into the framework and resigning it, which avoids the resulting relinking of all targets that depend on
635         the framework.
636
637         Reviewed by Dan Bernstein.
638
639         * extract-localizable-strings.pl: Write our output to a temporary file. If the output differs from the
640         existing contents of the target file, move the temporary file over the target file. Otherwise, delete
641         the temporary file.
642
643 2015-02-11  Chris Dumez  <cdumez@apple.com>
644
645         Turn recent assertions into release assertions to help track down crash in DocumentLoader::stopLoadingForPolicyChange()
646         https://bugs.webkit.org/show_bug.cgi?id=141484
647         <rdar://problem/13811738>
648
649         Reviewed by Andy Estes.
650
651         Turn recent assertions into release assertions to help track down crash in
652         DocumentLoader::stopLoadingForPolicyChange(). This should increase the
653         likelyhood of tripping them so that we better understand why this happens.
654
655         * loader/DocumentLoader.cpp:
656         (WebCore::DocumentLoader::~DocumentLoader):
657         (WebCore::DocumentLoader::detachFromFrame):
658
659 2015-02-11  Jer Noble  <jer.noble@apple.com>
660
661         [MSE] SampleMap::addRange() returns an inverted iterator_range, possibly causing a crash when that iterator_range is traversed.
662         https://bugs.webkit.org/show_bug.cgi?id=141479
663         rdar://problem/19067597
664
665         Reviewed by Chris Dumez.
666
667         When looking backwards through a presentationOrder map to find samples, we then reverse our iterators
668         and put them in an iterator_range to return to the caller. But in addition to reversing the iterators
669         themselves, we also need to put them in the iterator_range in reverse order, so that when the caller
670         iterates from iterator_range.first -> iterator_range.second, they don't end up off the end of the
671         the underlying storage.
672
673         * Modules/mediasource/SampleMap.cpp:
674         (WebCore::PresentationOrderSampleMap::findSamplesWithinPresentationRangeFromEnd):
675
676 2015-02-11  Simon Fraser  <simon.fraser@apple.com>
677
678         Improve the showFrameTree() output slightly
679         https://bugs.webkit.org/show_bug.cgi?id=141482
680
681         Reviewed by Zalan Bujtas.
682
683         Have showFrameTree() show the Frame's RenderView so it can be correlated with
684         layer dumps, and show styleRecalc and needsLayout state.
685
686         * page/FrameTree.cpp:
687         (printFrames):
688         * page/FrameView.cpp:
689         (WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive): Add an explanatory
690         comment about why we don't walk the Frame tree.
691
692 2015-02-11  Alex Christensen  <achristensen@webkit.org>
693
694         Stop using WebCore.exp.in on Mac and iOS.
695         https://bugs.webkit.org/show_bug.cgi?id=141413
696
697         Reviewed by Dan Bates.
698
699         * Configurations/Base.xcconfig:
700         Make symbols hidden by default unless exported by WEBCORE_EXPORT macros.
701         * platform/PlatformExportMacros.h:
702         Start using WEBCORE_EXPORT on Mac and iOS (but not Windows yet).
703
704 2015-02-11  ChangSeok Oh  <changseok.oh@collabora.com>
705
706         Div having contentEditable and display:flex cannot be edited if it is empty.
707         https://bugs.webkit.org/show_bug.cgi?id=141218
708
709         Reviewed by Ryosuke Niwa.
710
711         RenderFlexibleBox should be treated as a candidate for visible position. Visible selection
712         in an editable area is recalculated whenever an inner value of div is changed. If the inner value
713         is empty, the visible selection recalculated with DeleteSelectionCommand::m_endingPostion
714         is not correct. Because RenderBlockFlow is only considered but not RenderFlexibleBox
715         in Position::isCandidate so that a calculated ending VisiblePosition for an editable div
716         having "display : flex" goes weird and VisibleSelection is empty accordingly.
717
718         Test: fast/events/key-events-in-editable-flexbox.html
719
720         * dom/Position.cpp:
721         (WebCore::Position::isCandidate):
722
723 2015-02-11  ChangSeok Oh  <changseok.oh@collabora.com>
724
725         Activate ReliefLogger of a memory pressure handler for linux system.
726         https://bugs.webkit.org/show_bug.cgi?id=123611
727
728         Reviewed by Anders Carlsson.
729
730         Put more logs for the time when a system goes under memory pressure or viceversa.
731
732         No new tests since no engine behavior changed.
733
734         * platform/linux/MemoryPressureHandlerLinux.cpp:
735         (WebCore::MemoryPressureHandler::waitForMemoryPressureEvent): Wait a memory pressure event
736         from cgroup in a seperated thread. Once a pressure event happens, respondToMemoryPressure()
737         would be called to get back some resources.
738         (WebCore::MemoryPressureHandler::install): Install memoryPressureHandler module
739         to make it work.
740
741 2015-02-11  Alex Christensen  <achristensen@webkit.org>
742
743         Final preparations to switch to WEBCORE_EXPORT.
744
745         * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
746         Export the vtable and a function.
747
748 2015-02-11  Sam Weinig  <sam@webkit.org>
749
750         performance.now can crash if accessed from a window that has navigated
751         <rdar://problem/16892506>
752         https://bugs.webkit.org/show_bug.cgi?id=141478
753
754         Reviewed by Alexey Proskuryakov.
755
756         Test: fast/performance/performance-now-crash-on-navigated-window.html
757
758         * page/Performance.cpp:
759         (WebCore::Performance::now):
760         Check for a null frame, which can happen when the window has been navigated.
761
762 2015-02-10  Alexey Proskuryakov  <ap@apple.com>
763
764         URL::setUser and URL::setPass don't percent encode
765         https://bugs.webkit.org/show_bug.cgi?id=141453
766         rdar://problem/14844503&16551802&19623145
767
768         Reviewed by Darin Adler.
769
770         Tests: fast/url/url-credentials-escaping.html
771                http/tests/xmlhttprequest/basic-auth-credentials-escaping.html
772
773         Start adding some code that performs escaping in a way that matches the URL Standard.
774         Right now, it's only used where we failed to do any escaping at all, and over time,
775         we'll be moving towards a new implementation.
776
777         * html/URLUtils.h:
778         (WebCore::URLUtils<T>::username):
779         (WebCore::URLUtils<T>::password):
780         * platform/URL.cpp:
781         (WebCore::isSchemeFirstChar):
782         (WebCore::URL::user):
783         (WebCore::URL::pass):
784         (WebCore::URL::encodedUser):
785         (WebCore::URL::encodedPass):
786         (WebCore::URL::setUser):
787         (WebCore::URL::setPass):
788         (WebCore::encodeWithURLEscapeSequences):
789         * platform/URL.h:
790
791 2015-02-11  Alex Christensen  <achristensen@webkit.org>
792
793         Add a few more WEBCORE_EXPORT macros for debug and iOS builds.
794
795         * page/EventHandler.h:
796         * page/ios/WebEventRegion.h:
797         * platform/sql/SQLiteDatabaseTracker.h:
798
799 2015-02-11  Darin Adler  <darin@apple.com>
800
801         REGRESSION(r179476): It broke the !ENABLE(PICTURE_SIZES) build
802         https://bugs.webkit.org/show_bug.cgi?id=141327
803
804         Reviewed by Csaba Osztrogonác.
805
806         * html/parser/HTMLPreloadScanner.cpp:
807         (WebCore::TokenPreloadScanner::StartTagScanner::processAttributes):
808         Put #if around use of m_sizesAttribute.
809
810 2015-02-11  Commit Queue  <commit-queue@webkit.org>
811
812         Unreviewed, rolling out r179921.
813         https://bugs.webkit.org/show_bug.cgi?id=141473
814
815         caused about 30 test failures on yosemite and mavericks
816         (Requested by alexchristensen on #webkit).
817
818         Reverted changeset:
819
820         "Div having contentEditable and display:flex cannot be edited
821         if it is empty."
822         https://bugs.webkit.org/show_bug.cgi?id=141218
823         http://trac.webkit.org/changeset/179921
824
825 2015-02-11  ChangSeok Oh  <changseok.oh@collabora.com>
826
827         Div having contentEditable and display:flex cannot be edited if it is empty.
828         https://bugs.webkit.org/show_bug.cgi?id=141218
829
830         Reviewed by Ryosuke Niwa.
831
832         RenderFlexibleBox should be treated as a candidate for visible position. Visible selection
833         in an editable area is recalculated whenever an inner value of div is changed. If the inner value
834         is empty, the visible selection recalculated with DeleteSelectionCommand::m_endingPostion
835         is not correct. Because RenderBlockFlow is only considered but not RenderFlexibleBox
836         in Position::isCandidate so that a calculated ending VisiblePosition for an editable div
837         having "display : flex" goes weird and VisibleSelection is empty accordingly.
838
839         Test: fast/events/key-events-in-editable-flexbox.html
840
841         * dom/Position.cpp:
842         (WebCore::Position::isCandidate):
843
844 2015-02-11  Commit Queue  <commit-queue@webkit.org>
845
846         Unreviewed, rolling out r179910.
847         https://bugs.webkit.org/show_bug.cgi?id=141464
848
849         Caused assertions on debug bots (Requested by ap on #webkit).
850
851         Reverted changeset:
852
853         "[WK2] Add logging to validate the network cache efficacy
854         (Part 2)"
855         https://bugs.webkit.org/show_bug.cgi?id=141345
856         http://trac.webkit.org/changeset/179910
857
858 2015-02-10  Chris Dumez  <cdumez@apple.com>
859
860         Optimize MutableStyleProperties::removePropertiesInSet()
861         https://bugs.webkit.org/show_bug.cgi?id=141460
862
863         Reviewed by Andreas Kling.
864
865         Optimize MutableStyleProperties::removePropertiesInSet() by doing an
866         in-place removal of the vector properties, using the new and efficient
867         Vector::removalAllMatching().
868
869         I see a ~11% speed-up on CSS/CSSPropertySetterGetter.html performance
870         test.
871
872         This change was inspired by the following Blink revision:
873         https://src.chromium.org/viewvc/blink?view=rev&revision=189387
874
875         Test: PerformanceTests/CSS/CSSPropertySetterGetter.html
876
877         * css/StyleProperties.cpp:
878         (WebCore::MutableStyleProperties::removePropertiesInSet):
879
880 2015-02-10  Alex Christensen  <achristensen@webkit.org>
881
882         [Win] Fix debug build after r179807.
883         https://bugs.webkit.org/show_bug.cgi?id=141461
884
885         Reviewed by Benjamin Poulain.
886
887         * dom/TypedElementDescendantIterator.h:
888         Explicitly call Iterator constructor to reduce complexity when iterating descendantsOfType.
889
890 2015-02-10  Chris Dumez  <cdumez@apple.com>
891
892         [WK2] Add logging to validate the network cache efficacy (Part 2)
893         https://bugs.webkit.org/show_bug.cgi?id=141345
894
895         Reviewed by Antti Koivisto.
896
897         Add a few more diagnostic logging keys for the network cache efficacy
898         logging.
899
900 2015-02-10  Commit Queue  <commit-queue@webkit.org>
901
902         Unreviewed, rolling out r179896.
903         https://bugs.webkit.org/show_bug.cgi?id=141452
904
905         broke linking debug builds (Requested by thorton on #webkit).
906
907         Reverted changeset:
908
909         "Stop using WebCore.exp.in on Mac and iOS."
910         https://bugs.webkit.org/show_bug.cgi?id=141413
911         http://trac.webkit.org/changeset/179896
912
913 2015-02-10  Alex Christensen  <achristensen@webkit.org>
914
915         Fix bindings tests after r179886.
916
917         * bindings/scripts/test/ObjC/DOMFloat64Array.h:
918         * bindings/scripts/test/ObjC/DOMTestActiveDOMObject.h:
919         * bindings/scripts/test/ObjC/DOMTestCallback.h:
920         * bindings/scripts/test/ObjC/DOMTestCustomNamedGetter.h:
921         * bindings/scripts/test/ObjC/DOMTestEventConstructor.h:
922         * bindings/scripts/test/ObjC/DOMTestEventTarget.h:
923         * bindings/scripts/test/ObjC/DOMTestException.h:
924         * bindings/scripts/test/ObjC/DOMTestGenerateIsReachable.h:
925         * bindings/scripts/test/ObjC/DOMTestInterface.h:
926         * bindings/scripts/test/ObjC/DOMTestMediaQueryListListener.h:
927         * bindings/scripts/test/ObjC/DOMTestNamedConstructor.h:
928         * bindings/scripts/test/ObjC/DOMTestNode.h:
929         * bindings/scripts/test/ObjC/DOMTestNondeterministic.h:
930         * bindings/scripts/test/ObjC/DOMTestObj.h:
931         * bindings/scripts/test/ObjC/DOMTestOverloadedConstructors.h:
932         * bindings/scripts/test/ObjC/DOMTestSerializedScriptValueInterface.h:
933         * bindings/scripts/test/ObjC/DOMTestTypedefs.h:
934         * bindings/scripts/test/ObjC/DOMattribute.h:
935         * bindings/scripts/test/ObjC/DOMreadonly.h:
936
937 2015-02-10  Alex Christensen  <achristensen@webkit.org>
938
939         Stop using WebCore.exp.in on Mac and iOS.
940         https://bugs.webkit.org/show_bug.cgi?id=141413
941
942         Reviewed by Dan Bates.
943
944         * Configurations/Base.xcconfig:
945         Make symbols hidden by default unless exported by WEBCORE_EXPORT macros.
946         * platform/PlatformExportMacros.h:
947         Start using WEBCORE_EXPORT on Mac and iOS (but not Windows yet).
948
949 2015-02-10  Chris Dumez  <cdumez@apple.com>
950
951         Add another assertion to help track down crash in DocumentLoader::stopLoadingForPolicyChange()
952         https://bugs.webkit.org/show_bug.cgi?id=141447
953         <rdar://problem/13811738>
954
955         Reviewed by Alexey Proskuryakov.
956
957         Add another assertion to help track down crash in
958         DocumentLoader::stopLoadingForPolicyChange().
959
960         The trace seems to hint that frameLoader() returns null when
961         stopLoadingForPolicyChange() is called. frameLoader() can only return
962         null after DocumentLoader::detachFromFrame() has been called.
963         Also, stopLoadingForPolicyChange() here is called from the
964         DocumentLoader::continueAfterContentPolicy() policy callback which
965         requires m_waitingForContentPolicy to be true. Therefore, we should
966         assert that m_waitingForContentPolicy is false when m_frame is cleared
967         in DocumentLoader::detachFromFrame().
968
969         * loader/DocumentLoader.cpp:
970         (WebCore::DocumentLoader::detachFromFrame):
971
972 2015-02-10  Alex Christensen  <achristensen@webkit.org>
973
974         Stop using WebCore.exp.in on Mac and iOS.
975         https://bugs.webkit.org/show_bug.cgi?id=141413
976
977         Reviewed by Dan Bates.
978
979         * Configurations/Base.xcconfig:
980         Make symbols hidden by default unless exported by WEBCORE_EXPORT macros.
981         * platform/PlatformExportMacros.h:
982         Start using WEBCORE_EXPORT on Mac and iOS (but not Windows yet).
983
984 2015-02-10  Alex Christensen  <achristensen@webkit.org>
985
986         Add more WEBCORE_EXPORT macros for iOS.
987         https://bugs.webkit.org/show_bug.cgi?id=141430
988
989         Reviewed by Tim Horton.
990
991         * bindings/objc/WebScriptObject.h:
992         * bindings/scripts/CodeGeneratorObjC.pm:
993         (GenerateHeader):
994         * dom/Event.h:
995         * dom/Node.h:
996         * editing/FrameSelection.h:
997         * html/HTMLFormControlElement.h:
998         * html/HTMLMediaSession.h:
999         * page/Frame.h:
1000         * page/FrameView.h:
1001         * platform/ScrollView.h:
1002         * platform/ios/PasteboardIOS.mm:
1003         * platform/ios/wak/WAKAppKitStubs.h:
1004         * platform/ios/wak/WAKClipView.h:
1005         * platform/ios/wak/WAKScrollView.h:
1006         * platform/ios/wak/WAKView.h:
1007         * platform/ios/wak/WAKWindow.h:
1008         * platform/ios/wak/WAKWindow.mm:
1009         * platform/ios/wak/WKContentObservation.h:
1010         * platform/ios/wak/WKGraphics.h:
1011         * platform/ios/wak/WebCoreThread.h:
1012         * platform/ios/wak/WebCoreThread.mm:
1013         * platform/ios/wak/WebCoreThreadRun.h:
1014         * platform/ios/wak/WebCoreThreadSystemInterface.h:
1015         * platform/network/ios/QuickLook.h:
1016         * platform/text/TextBreakIterator.h:
1017
1018 2015-02-09  David Hyatt  <hyatt@apple.com>
1019
1020         text-underline-position: under is broken
1021         https://bugs.webkit.org/show_bug.cgi?id=141400
1022         <rdar://problem/18569583>
1023
1024         Reviewed by Simon Fraser.
1025
1026         Added fast/text/text-underline-position-under.html
1027
1028         * rendering/InlineFlowBox.cpp:
1029         (WebCore::InlineFlowBox::computeMaxLogicalBottom):
1030         (WebCore::InlineFlowBox::computeMaxLogicalTop): Deleted.
1031         * rendering/InlineFlowBox.h:
1032         Switch to using the bottom to compute the offset. Using the top is incorrect, since
1033         the heights of boxes can vary.
1034
1035         Fix a bug where the y() of the box was being used instead of the logical value, making the result
1036         wrong for vertical text.
1037
1038         * rendering/RootInlineBox.cpp:
1039         (WebCore::RootInlineBox::maxLogicalBottom):
1040         (WebCore::RootInlineBox::maxLogicalTop): Deleted.
1041         Switch to using the bottom instead of the top. Make sure the root box contributes its own bottom,
1042         since the old code just ignored the root's placement.
1043
1044         * rendering/RootInlineBox.h:
1045         * style/InlineTextBoxStyle.cpp:
1046         (WebCore::computeUnderlineOffset):
1047         Call the bottom function now instead of the top.
1048
1049 2015-02-10  Chris Dumez  <cdumez@apple.com>
1050
1051         Add assertion to help track down WebCore::DocumentLoader::stopLoadingForPolicyChange() crash
1052         https://bugs.webkit.org/show_bug.cgi?id=141441
1053         <rdar://problem/13811738>
1054
1055         Reviewed by Alexey Proskuryakov.
1056
1057         Add assertion to help track down a crash in
1058         WebCore::DocumentLoader::stopLoadingForPolicyChange().
1059
1060         * loader/DocumentLoader.cpp:
1061         (WebCore::DocumentLoader::~DocumentLoader):
1062         Make sure the DocumentLoader is not waiting for a content policy
1063         response when it is destroyed. If this were to happen, then the
1064         lambda function passed to PolicyChecker::checkContentPolicy()
1065         would outlive the DocumentLoader. This is an issue because
1066         that lambda function captures [this], which is the DocumentLoader.
1067         This would cause DocumentLoader::continueAfterContentPolicy() to
1068         be called after the DocumentLoader has been destroyed, which would
1069         explain the crash.
1070
1071 2015-02-07  Zalan Bujtas  <zalan@apple.com>
1072
1073         REGRESSION (r168046): Crash in WebCore::InlineBox::renderer / WebCore::RenderFlowThread::checkLinesConsistency
1074         https://bugs.webkit.org/show_bug.cgi?id=133462
1075
1076         Reviewed by David Hyatt.
1077
1078         RenderFlowThread::m_lineToRegionMap stores pointers to the root inlineboxes in the block flow.
1079         Normally root inlineboxes remove themselves from this map in their dtors. However when collapsing an anonymous block,
1080         we detach the inline tree first and destroy them after. The detached root boxes can't access
1081         the flowthread containing block and we end up with dangling pointers in this map.
1082         Call removeFlowChildInfo() before detaching the subtree to ensure proper pointer removal.
1083
1084         Test: fast/multicol/newmulticol/crash-when-switching-to-floating.html
1085
1086         * rendering/RenderBlock.cpp:
1087         (WebCore::RenderBlock::collapseAnonymousBoxChild):
1088
1089 2015-02-10  Julien Isorce  <j.isorce@samsung.com>
1090
1091         Render: properly update body's background image
1092         https://bugs.webkit.org/show_bug.cgi?id=140183
1093
1094         When HTML and BODY renderers are both composited the
1095         skipBodyBackground condition should also take into account
1096         if the HTML's layer can draw its contents.
1097
1098         Reviewed by Darin Adler.
1099
1100         Test: animations/animation-background-image.html
1101
1102         * rendering/RenderBox.cpp:
1103         (WebCore::skipBodyBackground): Do not skip
1104         if document's layer cannot draw its content.
1105         Previously both body and html did not paint the background
1106         when they are both composited.
1107
1108         * rendering/RenderLayerBacking.cpp:
1109         (WebCore::RenderLayerBacking::contentChanged): Also redisplay
1110         the content.
1111
1112 2015-02-10  Eric Carlson  <eric.carlson@apple.com>
1113
1114         [iOS] don't get out of sync when interrupt/resume calls are not balanced
1115         https://bugs.webkit.org/show_bug.cgi?id=141310
1116
1117         Reviewed by Jer Noble.
1118
1119         No new tests, updated media/video-interruption-with-resume-allowing-play.html.
1120
1121         * platform/audio/MediaSession.cpp:
1122         (WebCore::MediaSession::beginInterruption): Count interruptions.
1123         (WebCore::MediaSession::endInterruption): Ignore calls when m_interruptionCount is already zero.
1124         * platform/audio/MediaSession.h:
1125
1126 2015-02-10  Carlos Garcia Campos  <cgarcia@igalia.com>
1127
1128         [GTK] GMutexLocker build issue
1129         https://bugs.webkit.org/show_bug.cgi?id=141381
1130
1131         Reviewed by Žan Doberšek.
1132
1133         Use always WTF::GMutexLocker because newer glib versions have a
1134         GMutexLocker in the public API.
1135
1136         * platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp:
1137         (WebCore::AudioSourceProviderGStreamer::provideInput):
1138         (WebCore::AudioSourceProviderGStreamer::handleAudioBuffer):
1139         (WebCore::AudioSourceProviderGStreamer::clearAdapters):
1140         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
1141         (WebCore::MediaPlayerPrivateGStreamerBase::naturalSize):
1142         (WebCore::MediaPlayerPrivateGStreamerBase::updateTexture):
1143         (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
1144         (WebCore::MediaPlayerPrivateGStreamerBase::paint):
1145         * platform/graphics/gstreamer/VideoSinkGStreamer.cpp:
1146         (webkitVideoSinkTimeoutCallback):
1147         (webkitVideoSinkRender):
1148         (unlockSampleMutex):
1149         (webkitVideoSinkUnlockStop):
1150         (webkitVideoSinkStart):
1151         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
1152         (webKitWebSrcGetProperty):
1153         (webKitWebSrcStop):
1154         (webKitWebSrcStart):
1155         (webKitWebSrcChangeState):
1156         (webKitWebSrcQueryWithParent):
1157         (webKitWebSrcGetUri):
1158         (webKitWebSrcSetUri):
1159         (webKitWebSrcNeedDataMainCb):
1160         (webKitWebSrcNeedDataCb):
1161         (webKitWebSrcEnoughDataMainCb):
1162         (webKitWebSrcEnoughDataCb):
1163         (webKitWebSrcSeekDataCb):
1164         (webKitWebSrcSetMediaPlayer):
1165         (StreamingClient::createReadBuffer):
1166         (StreamingClient::handleResponseReceived):
1167         (StreamingClient::handleDataReceived):
1168         (StreamingClient::handleNotifyFinished):
1169         (ResourceHandleStreamingClient::wasBlocked):
1170         (ResourceHandleStreamingClient::cannotShowURL):
1171
1172 2015-02-09  Alex Christensen  <achristensen@webkit.org>
1173
1174         Update WEBCORE_EXPORT to prepare to start using it.
1175         https://bugs.webkit.org/show_bug.cgi?id=141409
1176
1177         Reviewed by Tim Horton.
1178
1179         * bindings/js/JSDOMGlobalObject.h:
1180         * bindings/objc/DOMInternal.h:
1181         * bindings/objc/ExceptionHandlers.mm:
1182         * bindings/objc/WebScriptObjectPrivate.h:
1183         * bindings/scripts/CodeGeneratorJS.pm:
1184         (GenerateHeader):
1185         * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
1186         * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
1187         * bindings/scripts/test/JS/JSTestEventConstructor.h:
1188         * bindings/scripts/test/JS/JSTestEventTarget.h:
1189         * bindings/scripts/test/JS/JSTestException.h:
1190         * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
1191         * bindings/scripts/test/JS/JSTestInterface.h:
1192         * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
1193         * bindings/scripts/test/JS/JSTestNamedConstructor.h:
1194         * bindings/scripts/test/JS/JSTestNondeterministic.h:
1195         * bindings/scripts/test/JS/JSTestObj.h:
1196         * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
1197         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
1198         * bindings/scripts/test/JS/JSTestTypedefs.h:
1199         * bindings/scripts/test/JS/JSattribute.h:
1200         * bindings/scripts/test/JS/JSreadonly.h:
1201         * css/StyleProperties.h:
1202         * dom/DeviceMotionData.h:
1203         * dom/Node.h:
1204         * dom/Position.h:
1205         * dom/ScriptExecutionContext.h:
1206         * editing/Editor.h:
1207         * editing/htmlediting.h:
1208         * html/HTMLInputElement.h:
1209         * html/TimeRanges.h:
1210         * loader/FrameLoader.h:
1211         * loader/cache/CacheValidation.h:
1212         * loader/cache/MemoryCache.h:
1213         * loader/icon/IconDatabase.h:
1214         * page/DatabaseProvider.h:
1215         * page/DiagnosticLoggingKeys.h:
1216         * page/EventHandler.h:
1217         * page/FrameSnapshotting.h:
1218         * page/MainFrame.h:
1219         * page/PageConsoleClient.h:
1220         * page/PageOverlay.h:
1221         * platform/CrossThreadCopier.h:
1222         * platform/FileSystem.h:
1223         * platform/PlatformSpeechSynthesizer.h:
1224         * platform/RemoteCommandListener.h:
1225         * platform/RuntimeApplicationChecks.h:
1226         * platform/graphics/Font.h:
1227         * platform/graphics/FontCache.h:
1228         * platform/graphics/FontGlyphs.h:
1229         * platform/graphics/FontRanges.h:
1230         * platform/graphics/GeometryUtilities.h:
1231         * platform/graphics/GlyphPage.h:
1232         * platform/graphics/Region.h:
1233         * platform/graphics/ca/PlatformCALayer.h:
1234         * platform/graphics/ca/TileController.h:
1235         * platform/graphics/transforms/TransformationMatrix.h:
1236         * platform/mac/WebCoreFullScreenWarningView.h:
1237         * platform/network/BlobDataFileReference.h:
1238         * platform/network/ResourceRequestBase.h:
1239         * platform/network/ResourceResponseBase.h:
1240         * platform/network/create-http-header-name-table:
1241         * platform/network/mac/WebCoreURLResponse.h:
1242         * platform/sql/SQLiteDatabaseTracker.h:
1243         * platform/sql/SQLiteStatement.h:
1244         * rendering/HitTestLocation.h:
1245         * rendering/HitTestResult.h:
1246         * storage/StorageEventDispatcher.h:
1247         Added WEBCORE_EXPORT macros.
1248
1249 2015-02-09  Chris Dumez  <cdumez@apple.com>
1250
1251         Check for self-assignment in Length::operator=(const Length&)
1252         https://bugs.webkit.org/show_bug.cgi?id=141402
1253
1254         Reviewed by Andreas Kling.
1255
1256         Check for self-assignment in Length::operator=(const Length&) as
1257         calling memcpy() with the same source and destination addresses has
1258         undefined behavior.
1259
1260         * platform/Length.h:
1261         (WebCore::Length::operator=):
1262
1263 2015-02-09  Roger Fong  <roger_fong@apple.com>
1264
1265         WebGL: Update 1.0.2 conformance layout tests and address new failure.
1266         https://bugs.webkit.org/show_bug.cgi?id=141408.
1267         <rdar://problem/19773236>
1268
1269         Reviewed by Dean Jackson.
1270
1271         Tests covered by updated 1.0.2 conformance tests.
1272
1273         * html/canvas/WebGLRenderingContextBase.cpp: 
1274         Return null string instead of empty string if parameter validation fails.
1275         (WebCore::WebGLRenderingContextBase::getProgramInfoLog):
1276         (WebCore::WebGLRenderingContextBase::getShaderInfoLog):
1277         (WebCore::WebGLRenderingContextBase::getShaderSource):
1278
1279 2015-02-09  Timothy Horton  <timothy_horton@apple.com>
1280
1281         Avoid using a HashMap for DisplayRefreshMonitorManager, which rarely has more than one item
1282         https://bugs.webkit.org/show_bug.cgi?id=141353
1283
1284         Reviewed by Anders Carlsson.
1285
1286         No new tests, because there's no behavior change.
1287
1288         * platform/graphics/DisplayRefreshMonitorManager.cpp:
1289         (WebCore::DisplayRefreshMonitorManager::ensureMonitorForClient):
1290         (WebCore::DisplayRefreshMonitorManager::unregisterClient):
1291         (WebCore::DisplayRefreshMonitorManager::displayDidRefresh):
1292         * platform/graphics/DisplayRefreshMonitorManager.h:
1293         Use a Vector of RefPtr<DisplayRefreshMonitor> instead of a HashMap
1294         from uint64_t to RefPtr<DisplayRefreshMonitor>. There's usually only one
1295         display, so there's usually only one DisplayRefreshMonitor. Linear search
1296         on the Vector will be faster than the hash lookup in all conceivable cases.
1297         This also avoids the situation mentioned in the comments in DisplayRefreshMonitorManager.h
1298         where we don't know enough about PlatformDisplayID to safely hash it.
1299
1300 2015-02-09  Jer Noble  <jer.noble@apple.com>
1301
1302         [Mac] Disable the currentTime estimation code in HTMLMediaElement for Yosemite+
1303         https://bugs.webkit.org/show_bug.cgi?id=141399
1304
1305         Reviewed by Eric Carlson.
1306
1307         Apparenty -[AVPlayer rate] means different things for HLS and progressive content; for progressive,
1308         the -rate is the actual rate of playback. For HLS, the -rate is the requested rate, and will return
1309         the requested value even if time is not progressing.
1310
1311         We added the currentTime estimation engine because asking AVFoundation for its -currentTime used to
1312         be expensive, but we've been assured that in recent iOS and OS X releases, -currentTime should be
1313         very fast. That, in combination with the HLS behavior of -rate and how it breaks the currentTime
1314         estimation, means we should probably turn it off for iOS and Yosemite.
1315
1316         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
1317         (WebCore::MediaPlayerPrivateAVFoundationObjC::maximumDurationToCacheMediaTime): Move implementation to .mm.
1318         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1319         (WebCore::MediaPlayerPrivateAVFoundationObjC::maximumDurationToCacheMediaTime): Disable on iOS and >=10.10.
1320
1321 2015-02-07  Roger Fong  <roger_fong@apple.com>
1322
1323         WebGL 2: Texture call format, internal format, and type validation.
1324         https://bugs.webkit.org/show_bug.cgi?id=141318.
1325         <rdar://problem/19733828>
1326
1327         Reviewed by Brent Fulgham.
1328
1329         Tests will be covered by WebGL2 conformance tests.
1330
1331         * html/canvas/WebGL2RenderingContext.cpp:
1332         (WebCore::WebGL2RenderingContext::getFramebufferAttachmentParameter): Add missing ExceptionCode argument.
1333         (WebCore::WebGL2RenderingContext::copyTexImage2D): Validate texture formats based on GLES3 spec.
1334         (WebCore::WebGL2RenderingContext::texSubImage2DBase): Validate using internal format from texture target.
1335         (WebCore::WebGL2RenderingContext::texSubImage2DImpl): Validate using internal format from texture target.
1336         (WebCore::WebGL2RenderingContext::texSubImage2D): Validate using internal format from texture target.
1337         (WebCore::WebGL2RenderingContext::validateTexFuncParameters): Do extra validation for copyTexImage2D.
1338         (WebCore::WebGL2RenderingContext::validateTexFuncFormatAndType): Validate internal format, format and type combination.
1339         (WebCore::WebGL2RenderingContext::validateTexFuncData): Validate new data types.
1340         This method now accepts an internal format argument.
1341         (WebCore::WebGL2RenderingContext::baseInternalFormatFromInternalFormat):
1342         Helper method to convert internal format to base internal format.
1343         * html/canvas/WebGL2RenderingContext.h:
1344
1345         * html/canvas/WebGLRenderingContext.cpp:
1346         (WebCore::WebGLRenderingContext::copyTexImage2D): Moved from WebGLRenderingContextBase.
1347         (WebCore::WebGLRenderingContext::texSubImage2DBase): Ditto.
1348         (WebCore::WebGLRenderingContext::texSubImage2DImpl): Ditto.
1349         (WebCore::WebGLRenderingContext::texSubImage2D): Ditto.
1350         (WebCore::WebGLRenderingContext::validateTexFuncParameters): Ditto.
1351         (WebCore::WebGLRenderingContext::validateTexFuncFormatAndType): Ditto.
1352         (WebCore::WebGLRenderingContext::validateTexFuncData): Ditto.
1353         * html/canvas/WebGLRenderingContext.h:
1354
1355         * html/canvas/WebGLRenderingContextBase.cpp:
1356         (WebCore::WebGLRenderingContextBase::texImage2DBase):
1357         (WebCore::WebGLRenderingContextBase::validateTexFunc):
1358         (WebCore::WebGLRenderingContextBase::texImage2D):
1359         (WebCore::WebGLRenderingContextBase::copyTexImage2D): Deleted.
1360         (WebCore::WebGLRenderingContextBase::texSubImage2DBase): Deleted.
1361         (WebCore::WebGLRenderingContextBase::texSubImage2DImpl): Deleted.
1362         (WebCore::WebGLRenderingContextBase::texSubImage2D): Deleted.
1363         (WebCore::WebGLRenderingContextBase::validateTexFuncFormatAndType): Deleted.
1364         (WebCore::WebGLRenderingContextBase::validateTexFuncParameters): Deleted.
1365         (WebCore::WebGLRenderingContextBase::validateTexFuncData): Deleted.
1366         * html/canvas/WebGLRenderingContextBase.h: Modify validation type enums to differentiate between CopyImage, TexImage and TexSubImage calls.
1367         (WebCore::ScopedDrawingBufferBinder::ScopedDrawingBufferBinder):  Moved from WebGLRenderingContextBase.
1368         (WebCore::ScopedDrawingBufferBinder::~ScopedDrawingBufferBinder): Ditto.
1369         (WebCore::clip1D): Ditto.
1370         (WebCore::clip2D): Ditto.
1371         * platform/graphics/GraphicsContext3D.h: Rename a typo'ed enum.
1372
1373 2015-02-09  Commit Queue  <commit-queue@webkit.org>
1374
1375         Unreviewed, rolling out r179494.
1376         https://bugs.webkit.org/show_bug.cgi?id=141395
1377
1378         Caused slowdown in a WebKit client test scenario (Requested by
1379         kling on #webkit).
1380
1381         Reverted changeset:
1382
1383         "[Cocoa] Make decoded image data purgeable ASAP."
1384         https://bugs.webkit.org/show_bug.cgi?id=140298
1385         http://trac.webkit.org/changeset/179494
1386
1387 2015-02-09  Jer Noble  <jer.noble@apple.com>
1388
1389         [WebAudio] AudioBufferSourceNodes should accurately play backwards if given a negative playbackRate.
1390         https://bugs.webkit.org/show_bug.cgi?id=140955
1391
1392         Reviewed by Eric Carlson.
1393
1394         Tests: webaudio/audiobuffersource-negative-playbackrate-interpolated.html
1395                webaudio/audiobuffersource-negative-playbackrate.html
1396
1397         Add support for playing an AudioBufferSourceNode at a negative playbackRate. Change the meaning of
1398         start() to set the initial playback position at the end of the play range if the rate of playback
1399         is negtive.
1400
1401         * Modules/webaudio/AudioBufferSourceNode.cpp:
1402         (WebCore::AudioBufferSourceNode::AudioBufferSourceNode): Allow the playbackRate AudioParam to range from [-32, 32].
1403         (WebCore::AudioBufferSourceNode::renderFromBuffer): Change variable names from "start" and "end" to "min" and "max"
1404             for clarity. Add a non-interpolated and interpolated render step for negative playback.
1405         (WebCore::AudioBufferSourceNode::start): Drive-by fix: default value of grainDuration is not 0.02.
1406         (WebCore::AudioBufferSourceNode::startPlaying): Start playing at the end of the buffer for negative playback.
1407         (WebCore::AudioBufferSourceNode::totalPitchRate): Allow the pitch to be negative.
1408
1409 2015-02-09  Darin Adler  <darin@apple.com>
1410
1411         Try to fix build on platforms that use SVG "all in one" file (Windows).
1412
1413         * svg/SVGAElement.cpp: Don't do "using namespace HTMLNames;" outside of
1414         function boundaries, because that will be inherited by other files.
1415         (WebCore::SVGAElement::isURLAttribute): Use XLinkNames directly here
1416         instead of using HTMLNames implicitly.
1417
1418         * svg/SVGElement.cpp: Don't do "using namespace HTMLNames;" outside of
1419         function boundaries, because that will be inherited by other files.
1420         (WebCore::populateAttributeNameToCSSPropertyIDMap): Instead do it in here.
1421         (WebCore::populateAttributeNameToAnimatedPropertyTypeMap): And here.
1422         (WebCore::populateCSSPropertyWithSVGDOMNameToAnimatedPropertyTypeMap): And here.
1423         (WebCore::SVGElement::parseAttribute): And use HTMLNames directly here
1424         instead of implicitly.
1425
1426 2015-02-09  Eric Carlson  <eric.carlson@apple.com>
1427
1428         [iOS] exit from fullscreen when player view controller calls delegate
1429         https://bugs.webkit.org/show_bug.cgi?id=141350
1430
1431         Reviewed by Jer Noble.
1432
1433         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
1434         (-[WebAVPlayerController playerViewControllerWillCancelOptimizedFullscree:]): New, ask delegate
1435             to exit from fullscreen.
1436
1437 2015-02-06  Sergio Villar Senin  <svillar@igalia.com>
1438
1439         ASSERTION FAILED: resolvedInitialPosition <= resolvedFinalPosition in WebCore::GridSpan::GridSpan
1440         https://bugs.webkit.org/show_bug.cgi?id=141328
1441
1442         Reviewed by Darin Adler.
1443
1444         Whenever
1445         GridResolvedPosition::resolveGridPositionsFromAutoPlacementPosition()
1446         was trying to place an item with span, it was completely ignoring
1447         the resolvedInitialPosition returned by
1448         GridResolvedPosition::resolveGridPositionAgainstOppositePosition()
1449         and only using the finalResolvedPosition. This works with an
1450         unlimited grid which can indefinitely grow. But if the item spans
1451         over the grid track limits, then it might happen that the final
1452         resolved position is placed before the initial resolved position,
1453         something that is forbidden.
1454
1455         The solution is to directly use the GridSpan returned by
1456         GridResolvedPosition::resolveGridPositionAgainstOppositePosition(), if the item
1457         does not surpass the track limits then the returned initialResolvedPosition
1458         is identical to the provided one, otherwise it's properly corrected to respect
1459         track boundaries.
1460
1461         * rendering/style/GridResolvedPosition.cpp:
1462         (WebCore::GridResolvedPosition::resolveGridPositionsFromAutoPlacementPosition):
1463
1464 2015-01-22  Sergio Villar Senin  <svillar@igalia.com>
1465
1466         [CSS Grid Layout] Tracks' growth limits must be >= base sizes
1467         https://bugs.webkit.org/show_bug.cgi?id=140540
1468
1469         Reviewed by Antti Koivisto.
1470
1471         The track sizing algorithm is supposed to avoid those situations
1472         but they easily (specially when we mix absolute lengths and
1473         intrinsic lengths in min and max track sizing functions) and
1474         frequently appear. In those cases the outcome from the algorithm
1475         is wrong, tracks are not correctly sized.
1476
1477         In order to fulfill the restriction, m_usedBreadth and
1478         m_maxBreadth are now private members of GridTrack and the class
1479         now provides a couple of methods to modify them respecting the
1480         growthLimit >= baseSize precondition.
1481
1482         Apart from that, the members and methods of GridTrack were also
1483         renamed to match the ones used in the recent algorithm rewrite:
1484         usedBreadth became baseSize and maxBreadth is now growthLimit.
1485
1486         Although the algorithm was not modified at all, this change
1487         detected and fixed several invalid results (tracks and/or grids
1488         bigger than expected).
1489
1490         * rendering/RenderGrid.cpp:
1491         (WebCore::GridTrack::GridTrack): Renamed fields and methods. Added
1492         assertions.
1493         (WebCore::GridTrack::baseSize): Renamed from usedBreadth.
1494         (WebCore::GridTrack::growthLimit): Renamed from maxBreadth.
1495         (WebCore::GridTrack::setBaseSize):
1496         (WebCore::GridTrack::setGrowthLimit):
1497         (WebCore::GridTrack::growBaseSize): Renamed from growUsedBreadth.
1498         (WebCore::GridTrack::growGrowthLimit): Renamed from growMaxBreadth.
1499         (WebCore::GridTrack::growthLimitIsInfinite): New helper method.
1500         (WebCore::GridTrack::growthLimitIfNotInfinite): Renamed from
1501         maxBreadthIfNotInfinite.
1502         (WebCore::GridTrack::isGrowthLimitBiggerThanBaseSize): New helper
1503         method to verify ASSERTs are true.
1504         (WebCore::GridTrack::ensureGrowthLimitIsBiggerThanBaseSize): Ditto.
1505         (WebCore::GridTrackForNormalization::GridTrackForNormalization):
1506         (WebCore::RenderGrid::computeIntrinsicLogicalWidths):
1507         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
1508         (WebCore::RenderGrid::computeNormalizedFractionBreadth):
1509         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions):
1510         (WebCore::sortByGridTrackGrowthPotential):
1511         (WebCore::RenderGrid::distributeSpaceToTracks):
1512         (WebCore::RenderGrid::tracksAreWiderThanMinTrackBreadth):
1513         (WebCore::RenderGrid::layoutGridItems):
1514         (WebCore::RenderGrid::gridAreaBreadthForChild):
1515         (WebCore::RenderGrid::populateGridPositions):
1516         (WebCore::GridTrack::growUsedBreadth): Renamed to growBaseSize.
1517         (WebCore::GridTrack::usedBreadth): Renamed to baseSize.
1518         (WebCore::GridTrack::growMaxBreadth): Renamed to growGrowthLimit.
1519         (WebCore::GridTrack::maxBreadthIfNotInfinite): Renamed to
1520         growthLimitIfNotInfinite.
1521         * rendering/RenderGrid.h:
1522
1523 2015-02-08  Chris Fleizach  <cfleizach@apple.com>
1524
1525         AX: VoiceOver appears unresponsive when JavaScript alerts are triggered via focus or blur events
1526         https://bugs.webkit.org/show_bug.cgi?id=140485
1527
1528         Reviewed by Anders Carlsson.
1529
1530         If setting an accessibility attribute results in a modal alert being displayed, it can cause VoiceOver
1531         to hang. A simple solution is perform the actual work after a short delay, which will ensure the call
1532         returns without hanging.
1533
1534         Test: platform/mac/accessibility/setting-attributes-is-asynchronous.html
1535
1536         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
1537         (-[WebAccessibilityObjectWrapper accessibilitySetValue:forAttribute:]):
1538         (-[WebAccessibilityObjectWrapper _accessibilitySetValue:forAttribute:]):
1539
1540 2015-02-08  Benjamin Poulain  <benjamin@webkit.org>
1541
1542         Add parsing support for CSS Selector L4's case-insensitive attribute
1543         https://bugs.webkit.org/show_bug.cgi?id=141373
1544
1545         Reviewed by Darin Adler.
1546
1547         This patch adds parsing for the case-insensitive attribute value
1548         matching of CSS Selectors Level 4: http://dev.w3.org/csswg/selectors-4/#attribute-case
1549         Excuse of a grammar: http://dev.w3.org/csswg/selectors-4/#grammar
1550
1551         This patch also covers serialization for CSSOM. The serialization
1552         is defined here: http://dev.w3.org/csswg/cssom/#serializing-selectors
1553
1554         Matching is completely ignored in this patch. All the simple selectors
1555         are treated as regular attribute selectors.
1556
1557         Tests: fast/css/parsing-css-attribute-case-insensitive-value-1.html
1558                fast/css/parsing-css-attribute-case-insensitive-value-2.html
1559                fast/css/parsing-css-attribute-case-insensitive-value-3.html
1560                fast/css/parsing-css-attribute-case-insensitive-value-4.html
1561
1562         * css/CSSGrammar.y.in:
1563         * css/CSSParserValues.h:
1564         (WebCore::CSSParserSelector::setAttributeValueMatchingIsCaseInsensitive):
1565         * css/CSSSelector.cpp:
1566         (WebCore::CSSSelector::CSSSelector):
1567         (WebCore::CSSSelector::selectorText):
1568         * css/CSSSelector.h:
1569         (WebCore::CSSSelector::CSSSelector):
1570         (WebCore::CSSSelector::setAttributeValueMatchingIsCaseInsensitive):
1571         (WebCore::CSSSelector::attributeValueMatchingIsCaseInsensitive):
1572
1573 2015-02-08  Darin Adler  <darin@apple.com>
1574
1575         Fix CMake-based build.
1576
1577         * CMakeLists.txt: Added a dependency on the CMakeLists.txt itself, analogous
1578         to the one I added in DerivedSources.make.
1579
1580 2015-02-08  Darin Adler  <darin@apple.com>
1581
1582         Fix debug build.
1583
1584         * bindings/js/JSEventListener.h: Removed a call to forwardEventListeners.
1585
1586 2015-02-08  Darin Adler  <darin@apple.com>
1587
1588         Remove the SVG instance tree
1589         https://bugs.webkit.org/show_bug.cgi?id=140602
1590
1591         Reviewed by Dean Jackson.
1592
1593         * CMakeLists.txt: Removed SVGElementInstance source files.
1594         * DerivedSources.cpp: Ditto.
1595         * DerivedSources.make: Ditto.
1596         * WebCore.vcxproj/WebCore.vcxproj: Ditto.
1597         * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
1598         * WebCore.xcodeproj/project.pbxproj: Ditto.
1599         * bindings/js/JSBindingsAllInOne.cpp: Ditto.
1600
1601         * bindings/js/JSEventListener.cpp:
1602         (WebCore::forwardsEventListeners): Deleted. Only returned true for JSSVGElementInstance.
1603         (WebCore::correspondingElementWrapper): Deleted. Only used for JSSVGElementInstance.
1604         (WebCore::createJSEventListenerForAttribute): Deleted. Argument type was JSSVGElementInstance.
1605         (WebCore::createJSEventListenerForAdd): Removed most of the code; later we can delete this entirely.
1606
1607         * bindings/js/JSEventListener.h: Removed the overload of createJSEventListenerForAttribute
1608         that takes a JSSVGElementInstance.
1609
1610         * bindings/js/JSSVGElementInstanceCustom.cpp: Removed.
1611
1612         * dom/ContainerNodeAlgorithms.h: Updated comment to reflect the fact that
1613         this code is really now only used for ContainerNode and no longer needs to
1614         exist in a generic form.
1615
1616         * dom/EventTarget.h: Removed forward declaration of SVGElementInstance.
1617         * svg/SVGElement.h: Ditto.
1618
1619         * dom/EventTargetFactory.in: Removed SVGElementInstance.
1620
1621         * svg/SVGElementInstance.cpp: Removed.
1622         * svg/SVGElementInstance.h: Removed.
1623         * svg/SVGElementInstance.idl: Removed.
1624
1625         * svg/SVGUseElement.cpp:
1626         (WebCore::SVGUseElement::insertedInto): Removed obsolete comment.
1627         (WebCore::SVGUseElement::instanceTreeIsLoading): Deleted. Unused
1628         function that I forgot to delete in my last patch. It also had a
1629         glaring mistake, a missing "return" before the recursive call to
1630         itself that would cause it to return false when it should return true.
1631
1632         * svg/SVGUseElement.h: Removed instanceTreeIsLoading.
1633
1634         * dom/EventDispatcher.cpp: Removed include of SVGElementInstance.h.
1635         * page/EventHandler.cpp: Ditto.
1636         * rendering/svg/RenderSVGViewportContainer.cpp: Ditto.
1637         * svg/SVGAElement.cpp: Ditto.
1638         * svg/SVGAllInOne.cpp: Ditto.
1639         * svg/SVGAnimateMotionElement.cpp: Ditto.
1640         * svg/SVGAnimatedTypeAnimator.h: Ditto.
1641         * svg/SVGAnimationElement.cpp: Ditto.
1642         * svg/SVGCircleElement.cpp: Ditto.
1643         * svg/SVGClipPathElement.cpp: Ditto.
1644         * svg/SVGComponentTransferFunctionElement.cpp: Ditto.
1645         * svg/SVGCursorElement.cpp: Ditto.
1646         * svg/SVGElement.cpp: Ditto.
1647         * svg/SVGEllipseElement.cpp: Ditto.
1648         * svg/SVGFEBlendElement.cpp: Ditto.
1649         * svg/SVGFEColorMatrixElement.cpp: Ditto.
1650         * svg/SVGFECompositeElement.cpp: Ditto.
1651         * svg/SVGFEConvolveMatrixElement.cpp: Ditto.
1652         * svg/SVGFEDiffuseLightingElement.cpp: Ditto.
1653         * svg/SVGFEDisplacementMapElement.cpp: Ditto.
1654         * svg/SVGFEDropShadowElement.cpp: Ditto.
1655         * svg/SVGFEGaussianBlurElement.cpp: Ditto.
1656         * svg/SVGFEImageElement.cpp: Ditto.
1657         * svg/SVGFELightElement.cpp: Ditto.
1658         * svg/SVGFEMergeNodeElement.cpp: Ditto.
1659         * svg/SVGFEMorphologyElement.cpp: Ditto.
1660         * svg/SVGFEOffsetElement.cpp: Ditto.
1661         * svg/SVGFESpecularLightingElement.cpp: Ditto.
1662         * svg/SVGFETileElement.cpp: Ditto.
1663         * svg/SVGFETurbulenceElement.cpp: Ditto.
1664         * svg/SVGFilterElement.cpp: Ditto.
1665         * svg/SVGFilterPrimitiveStandardAttributes.cpp: Ditto.
1666         * svg/SVGForeignObjectElement.cpp: Ditto.
1667         * svg/SVGGElement.cpp: Ditto.
1668         * svg/SVGGradientElement.cpp: Ditto.
1669         * svg/SVGGraphicsElement.cpp: Ditto.
1670         * svg/SVGImageElement.cpp: Ditto.
1671         * svg/SVGLineElement.cpp: Ditto.
1672         * svg/SVGLinearGradientElement.cpp: Ditto.
1673         * svg/SVGMarkerElement.cpp: Ditto.
1674         * svg/SVGMaskElement.cpp: Ditto.
1675         * svg/SVGPathElement.cpp: Ditto.
1676         * svg/SVGPatternElement.cpp: Ditto.
1677         * svg/SVGPolyElement.cpp: Ditto.
1678         * svg/SVGRadialGradientElement.cpp: Ditto.
1679         * svg/SVGRectElement.cpp: Ditto.
1680         * svg/SVGSVGElement.cpp: Ditto.
1681         * svg/SVGScriptElement.cpp: Ditto.
1682         * svg/SVGStopElement.cpp: Ditto.
1683         * svg/SVGSymbolElement.cpp: Ditto.
1684         * svg/SVGTRefElement.cpp: Ditto.
1685         * svg/SVGTextContentElement.cpp: Ditto.
1686         * svg/SVGTextElement.cpp: Ditto.
1687         * svg/SVGTextPathElement.cpp: Ditto.
1688         * svg/SVGTextPositioningElement.cpp: Ditto.
1689
1690 2015-02-07  Dean Jackson  <dino@apple.com>
1691
1692         Tweak inline playback controls to match system spec
1693         https://bugs.webkit.org/show_bug.cgi?id=141375
1694         <rdar://problem/19760754>
1695
1696         Reviewed by Sam Weinig.
1697
1698         Rework the UI of the inline media controls on iOS, to
1699         better match the system specification. I've batched a
1700         few changes into one patch because many of them are
1701         inter-dependent, and not very aggressive. Changes are:
1702
1703         - updated artwork for the buttons.
1704         - separate artwork for normal and active states.
1705         - background images are now explicitly sized and positioned
1706           in the middle of the element, allowing audio and video
1707           to use the same glyphs even though the elements are
1708           different sizes.
1709         - use plus-darker blend mode on the button glyphs.
1710         - rearranged some of the rules to group things in a
1711           logical order.
1712         - time should front-pad a "0" character, if less than 10.
1713         - no need for an "active" class on the Airplay button (although
1714           I won't be surprised if this changes back).
1715
1716         * Modules/mediacontrols/mediaControlsiOS.css:
1717         (::-webkit-media-controls):
1718         (video::-webkit-media-controls-wireless-playback-picker-button.active): Deleted.
1719         (audio::-webkit-media-controls-wireless-playback-picker-button.active): Deleted.
1720         (audio::-webkit-media-controls-play-button:active): Deleted.
1721         (audio::-webkit-media-controls-play-button.paused): Deleted.
1722         (video::-webkit-media-controls-timeline): Deleted.
1723         * Modules/mediacontrols/mediaControlsiOS.js:
1724         (ControllerIOS.prototype.updateWirelessPlaybackStatus): No need
1725         for the "active" class.
1726         (ControllerIOS.prototype.formatTime): Pad with a leading zero.
1727
1728 2015-02-08  Darin Adler  <darin@apple.com>
1729
1730         Make SVGUseElement work without creating any SVGElementInstance objects
1731         https://bugs.webkit.org/show_bug.cgi?id=141374
1732
1733         Reviewed by Sam Weinig.
1734
1735         * dom/ElementIterator.h: Changed the * and -> operators to be const.
1736         There is no need for the iterator itself to be modified just to dereference it.
1737
1738         * dom/TypedElementDescendantIterator.h: Added DoubleTypedElementDescendantIterator.
1739         This allows callers to call descendantsOfType on two elements, as long as the caller
1740         can guarantee that both have the same number of descendants of that type. It's handy
1741         for walking a tree of cloned elements to set up something between each original and
1742         its clone. In the future we might instead change the cloning machinery so it can do
1743         this work as we clone, and if so, we could consider deleting this.
1744
1745         * svg/SVGElement.cpp:
1746         (WebCore::SVGElement::correspondingElement): Made this const.
1747         (WebCore::SVGElement::invalidateInstances): Got rid of the rule that said "this can
1748         only be done for an element in a document", since it's useful to do this on an element
1749         that has just been removed from a document. Removed the "updateStyleIfNeeded" call
1750         here now that the other changes make it no longer needed. Removed an unimportant
1751         assertion that we only invalidate use elements that are in a document; that's not
1752         a necessary restriction. Streamlined the logic a bit.
1753
1754         * svg/SVGElement.h: Made correspondingElement const.
1755
1756         * svg/SVGUseElement.cpp:
1757         (WebCore::SVGUseElement::insertedInto): Removed an assertion about
1758         m_targetElementInstance since that's gone now.
1759         (WebCore::SVGUseElement::svgAttributeChanged): Changed code that transfers
1760         size attributes to the shadow tree to use shadowTreeTargetClone instead of
1761         m_targetElementInstance.
1762         (WebCore::SVGUseElement::clearResourceReferences): Removed code to detach
1763         m_targetElementInstance, and also the call to removeAllTargetReferencesForElement,
1764         because we no longer use those.
1765         (WebCore::SVGUseElement::buildPendingResource): Moved the code to build the
1766         shadow tree in here and deleted the buildShadowAndInstanceTree function.
1767         Also changed logic so that we use a pending resource any time the target is not
1768         a valid one. That helps us correctly handle cases where we initially have an
1769         invalid target, but later get a value one
1770         (WebCore::SVGUseElement::buildShadowAndInstanceTree): Deleted. The code here
1771         was greatly simplified and moved into buildPendingResource.
1772         (WebCore::SVGUseElement::buildInstanceTree): Deleted.
1773         (WebCore::SVGUseElement::hasCycleUseReferencing): Deleted. Cycles are now
1774         detected by the new isValidTarget function and so there's no need for a
1775         separate explicit check for a cycle.
1776         (WebCore::associateClonesWithOriginals): Added. Helper that makes
1777         functions that build the shadow tree simpler and easier to read.
1778         (WebCore::associateReplacementCloneWithOriginal): Added. Helper to
1779         make associateReplacementClonesWithOriginals simple.
1780         (WebCore::associateReplacementClonesWithOriginals): Added. Helper that
1781         makes functions that build the shadow tree simpler and easier to read.
1782         (WebCore::SVGUseElement::buildShadowTree): Call associateClonesWithOriginals
1783         since associateInstancesWithShadowTreeElements no longer does this.
1784         (WebCore::SVGUseElement::isValidTarget): Added. Covers all the different
1785         reasons a target might not be valid: type of element, reference cycles, and
1786         also "not in document" (refactored in here; not sure when that can happen
1787         in practice, might be possible to remove it later).
1788         (WebCore::SVGUseElement::expandUseElementsInShadowTree): Add checks for
1789         documents that are still loading; this used to be checked when building the
1790         instance tree. Added calls to associateReplacementClonesWithOriginals and
1791         associateClonesWithOriginals; that used to be done by later in the
1792         associateInstancesWithShadowTreeElements function. Use isValidTarget so
1793         we handle cycles as well as invalid target types.
1794         (WebCore::SVGUseElement::expandSymbolElementsInShadowTree): Added a call to
1795         associateReplacementClonesWithOriginals, since we can no longer do that in
1796         associateInstancesWithShadowTreeElements.
1797         (WebCore::SVGUseElement::associateInstancesWithShadowTreeElements): Deleted.
1798         (WebCore::SVGUseElement::instanceForShadowTreeElement): Deleted.
1799         (WebCore::SVGUseElement::invalidateDependentShadowTrees): Removed a comment
1800         that simply restated the name of the function.
1801
1802         * svg/SVGUseElement.h: Removed instanceForShadowTreeElement,
1803         buildShadowAndInstanceTree, detachInstance, buildInstanceTree,
1804         hasCycleUseReferencing, associateInstancesWithShadowTreeElements,
1805         instanceForShadowTreeElement, and m_targetElementInstance. Added isValidTarget.
1806
1807 2015-02-08  Chris Dumez  <cdumez@apple.com>
1808
1809         [WK2] Add logging to validate the network cache efficacy (Part 1)
1810         https://bugs.webkit.org/show_bug.cgi?id=141269
1811         <rdar://problem/19632080>
1812
1813         Reviewed by Antti Koivisto.
1814
1815         Export an extra symbol.
1816
1817         * WebCore.exp.in:
1818
1819 2015-02-07  Chris Fleizach  <cfleizach@apple.com>
1820
1821         AX: The input element with type="search" has no default focus outline
1822         https://bugs.webkit.org/show_bug.cgi?id=140326
1823
1824         Reviewed by Darin Adler.
1825
1826         The platform RenderTheme takes care of the search field, and that code
1827         was missing a check for whether the element was focused.
1828
1829         Test: fast/css/focus-ring-exists-for-search-field.html
1830
1831         * rendering/RenderThemeMac.mm:
1832         (WebCore::RenderThemeMac::paintSearchField):
1833
1834 2015-02-07  Tim Horton  <timothy_horton@apple.com>
1835
1836         Add some dictionary lookup tests
1837         https://bugs.webkit.org/show_bug.cgi?id=141355
1838
1839         Reviewed by Darin Adler.
1840
1841         Tests: platform/mac/editing/dictionary-lookup/dictionary-lookup-input.html
1842                platform/mac/editing/dictionary-lookup/dictionary-lookup-inside-selection.html
1843                platform/mac/editing/dictionary-lookup/dictionary-lookup-outside-selection.html
1844                platform/mac/editing/dictionary-lookup/dictionary-lookup-rtl.html
1845                platform/mac/editing/dictionary-lookup/dictionary-lookup.html
1846
1847         * WebCore.exp.in:
1848         Remove an unneeded export.
1849
1850         * editing/mac/DictionaryLookup.h:
1851         Use OBJC_CLASS instead of @class so that this can be included in pure-C++ files.
1852
1853         * testing/Internals.cpp:
1854         (WebCore::Internals::rangeForDictionaryLookupAtLocation):
1855         * testing/Internals.h:
1856         * testing/Internals.idl:
1857         Expose rangeForDictionaryLookupAtHitTestResult fairly directly to JavaScript.
1858
1859 2015-02-07  Chris Dumez  <cdumez@apple.com>
1860
1861         Add Vector::removeFirstMatching() / removeAllMatching() methods taking lambda functions
1862         https://bugs.webkit.org/show_bug.cgi?id=141321
1863
1864         Reviewed by Darin Adler.
1865
1866         Use new Vector::removeFirstMatching() / removeAllMatching() methods.
1867
1868 2015-02-07  Darin Adler  <darin@apple.com>
1869
1870         Stop dispatching events to with SVGElementInstance objects as their targets
1871         https://bugs.webkit.org/show_bug.cgi?id=141108
1872
1873         Reviewed by Anders Carlsson.
1874
1875         Test: svg/custom/use-event-retargeting.html
1876
1877         * dom/EventDispatcher.cpp:
1878         (WebCore::eventTargetRespectingTargetRules): Replaced the code that retargeted
1879         events at SVGElementInstance objects with code that retargets them at the use
1880         element instead. Also wrote the code in a simpler way.
1881
1882 2015-02-07  Jer Noble  <jer.noble@apple.com>
1883
1884         [Mac] Set -contentsScale on AVPlayerLayer to allow AVPlayer to select the appropriate HLS variant.
1885         https://bugs.webkit.org/show_bug.cgi?id=141354
1886         rdar://problem/19717591
1887
1888         Reviewed by Darin Adler.
1889
1890         AVPlayer will try to determine the correct HLS variant based on the bounds of an AVPlayerLayer.
1891         When not in a layer tree, AVFoundation is not able to determine the correct mapping from logical
1892         units to pixel values. To provide AVPlayer with that scaling value, set -contentsScale based on
1893         both the current device scale and the current page scale.
1894
1895         Since this needs to be set at initialization time, before the AVPlayer is has any AVPlayerItems,
1896         add some plumbing up from MediaPlayer to as the HTMLMediaElement for the appropriate contents
1897         scale.
1898
1899         * html/HTMLMediaElement.cpp:
1900         (WebCore::HTMLMediaElement::mediaPlayerContentsScale):
1901         * html/HTMLMediaElement.h:
1902         * platform/graphics/MediaPlayer.h:
1903         (WebCore::MediaPlayerClient::mediaPlayerContentsScale):
1904         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1905         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer):
1906         * platform/graphics/ca/GraphicsLayerCA.cpp:
1907         (WebCore::GraphicsLayerCA::updateContentsScale):
1908
1909 2015-02-07  Alexey Proskuryakov  <ap@apple.com>
1910
1911         ASan complains about plugins/snapshotting/snapshot-plugin-not-quite-blocked-by-image.html
1912         https://bugs.webkit.org/show_bug.cgi?id=141352
1913         rdar://problem/19717490
1914
1915         Reviewed by Anders Carlsson.
1916
1917         * dom/Document.cpp: (WebCore::Document::ensurePlugInsInjectedScript): This string
1918         is not null terminated.
1919
1920 2015-02-06  Zalan Bujtas  <zalan@apple.com>
1921
1922         ASSERT repaintContainer->hasLayer() in WebCore::RenderObject::repaintUsingContainer
1923         https://bugs.webkit.org/show_bug.cgi?id=140750
1924
1925         Reviewed by Simon Fraser.
1926
1927         There's a short period of time when RenderObject::layer() still returns a valid pointer
1928         even though we already cleared the hasLayer() flag.
1929         Do not use the layer as repaint container in such cases.
1930
1931         Test: compositing/repaint-container-assertion-when-toggling-compositing.html
1932
1933         * rendering/RenderObject.cpp:
1934         (WebCore::RenderObject::enclosingLayer):
1935
1936 2015-02-06  Chris Dumez  <cdumez@apple.com>
1937
1938         Have SQLiteStatement::database() return a reference
1939         https://bugs.webkit.org/show_bug.cgi?id=141348
1940
1941         Reviewed by Andreas Kling.
1942
1943         Have SQLiteStatement::database() return a reference as it can never
1944         return null.
1945
1946         * loader/icon/IconDatabase.cpp:
1947         (WebCore::readySQLiteStatement):
1948         * platform/sql/SQLiteStatement.h:
1949         (WebCore::SQLiteStatement::database):
1950
1951 2015-02-06  Brent Fulgham  <bfulgham@apple.com>
1952
1953         Add youtube-nocookie URL to isYouTubeURL predicate 
1954         https://bugs.webkit.org/show_bug.cgi?id=141347
1955         <rdar://problem/19430657>
1956
1957         Reviewed by Eric Carlson.
1958
1959         * Modules/plugins/YouTubePluginReplacement.cpp:
1960         (WebCore::isYouTubeURL): Update for additional youtube-nocookie site.
1961
1962 2015-02-06  Said Abou-Hallawa  <sabouhallawa@apple.com>
1963
1964         Invalid cast in WebCore::SVGAnimateElement::calculateAnimatedValue.
1965         https://bugs.webkit.org/show_bug.cgi?id=135171.
1966
1967         Reviewed by Dean Jackson.
1968
1969         The bug happens when an SVG element is animated by <animateMotion> followed by an
1970         <animateColor> or an <animate> and the values of the "attributeName" in both elements
1971         are the same. The problem is <animateMotion> should not have an attribute to animate.
1972         If it does by fuzz or by mistake, then we assume the <animateMotion> and the <animate>
1973         animate the same attribute for the same element target. Therefore we schedule them in
1974         the same AnimationVector in SMILTimeContainer::schedule(). When we call
1975         SVGAnimateElementBase::calculateAnimatedValue() for an SVGAnimateColorElement and the
1976         resultElement is SVGAnimateMotionElement, we fail to cast it to SVGAnimateElementBase
1977         because SVGAnimateMotionElement is derived from SVGAnimationElement which is the base
1978         class of all animate elements including SVGAnimateElementBase.
1979
1980         The fix is to nullify setting "attributeName" of an SVGAnimationElement. By doing so,
1981         "attributeName" and its value will be ignored from the <animateMotion> which is correct.
1982         
1983         Tests: svg/animations/animate-montion-invalid-attribute.svg.
1984
1985         * svg/SVGAnimateElementBase.cpp:
1986         (WebCore::SVGAnimateElementBase::setAttributeName):
1987         Do not call SVGAnimationElement::setAttributeName() since SVGAnimationElement should
1988         not have an attribute to animate. We prevent this by bypassing the parent in the class 
1989         hierarchy: SVGAnimationElement and calling SVGSMILElement::setAttributeName() directly.
1990         
1991         * svg/SVGAnimationElement.cpp:
1992         (WebCore::SVGAnimationElement::setAttributeName): Deleted.
1993         * svg/SVGAnimationElement.h:
1994         SVGAnimationElement should not have an attribute to animate. So implement its
1995         setAttributeName() as a null function.
1996
1997 2015-02-06  Simon Fraser  <simon.fraser@apple.com>
1998
1999         Convert the compositing overlap map to use LayoutRects
2000         https://bugs.webkit.org/show_bug.cgi?id=141346
2001         rdar://problem/18206365
2002
2003         Reviewed by Zalan Bujtas.
2004         
2005         If two compositing layers were adjoining but not overlapping, but happened to
2006         have non-integral offsets, then using enclosing IntRects in the overlap map
2007         would cause us to think they are overlapping, and create unnecessary backing store.
2008         
2009         Fix by converting the overlap map to use LayoutRects.
2010
2011         Test: compositing/layer-creation/subpixel-adjacent-layers-overlap.html
2012
2013         * rendering/RenderLayerCompositor.cpp:
2014         (WebCore::OverlapMapContainer::add):
2015         (WebCore::OverlapMapContainer::overlapsLayers):
2016         (WebCore::RenderLayerCompositor::OverlapMap::add):
2017         (WebCore::RenderLayerCompositor::OverlapMap::overlapsLayers):
2018         (WebCore::RenderLayerCompositor::OverlapMap::RectList::append):
2019         (WebCore::RenderLayerCompositor::OverlapMap::RectList::intersects):
2020         (WebCore::RenderLayerCompositor::logLayerInfo):
2021         (WebCore::RenderLayerCompositor::addToOverlapMap):
2022         (WebCore::RenderLayerCompositor::addToOverlapMapRecursive):
2023         (WebCore::RenderLayerCompositor::computeCompositingRequirements):
2024         * rendering/RenderLayerCompositor.h:
2025
2026 2015-02-06  Andreas Kling  <akling@apple.com>
2027
2028         Ref-ify various getters that return HTMLCollection.
2029         <https://webkit.org/b/141336>
2030
2031         Reviewed by Anders Carlsson.
2032
2033         Make all the getters that return HTMLCollection objects (and never return nullptr)
2034         return Ref instead of RefPtr.
2035
2036         Removed a couple of useless null checks that were exposed by this change.
2037
2038         * accessibility/AccessibilityRenderObject.cpp:
2039         (WebCore::AccessibilityRenderObject::getDocumentLinks):
2040         * bindings/js/JSDOMWindowCustom.cpp:
2041         (WebCore::namedItemGetter):
2042         * bindings/js/JSHTMLDocumentCustom.cpp:
2043         (WebCore::JSHTMLDocument::nameGetter):
2044         * dom/Document.cpp:
2045         (WebCore::Document::ensureCachedCollection):
2046         (WebCore::Document::images):
2047         (WebCore::Document::applets):
2048         (WebCore::Document::embeds):
2049         (WebCore::Document::plugins):
2050         (WebCore::Document::scripts):
2051         (WebCore::Document::links):
2052         (WebCore::Document::forms):
2053         (WebCore::Document::anchors):
2054         (WebCore::Document::all):
2055         (WebCore::Document::windowNamedItems):
2056         (WebCore::Document::documentNamedItems):
2057         (WebCore::Document::iconURLs):
2058         * dom/Document.h:
2059         * dom/Element.cpp:
2060         (WebCore::Element::ensureCachedHTMLCollection):
2061         * dom/Element.h:
2062         * html/ColorInputType.cpp:
2063         (WebCore::ColorInputType::suggestions):
2064         * html/HTMLDataListElement.cpp:
2065         (WebCore::HTMLDataListElement::options):
2066         * html/HTMLDataListElement.h:
2067         * html/HTMLElement.cpp:
2068         (WebCore::HTMLElement::children):
2069         * html/HTMLElement.h:
2070         * html/HTMLFieldSetElement.cpp:
2071         (WebCore::HTMLFieldSetElement::elements):
2072         * html/HTMLFieldSetElement.h:
2073         * html/HTMLFormElement.cpp:
2074         (WebCore::HTMLFormElement::elements):
2075         * html/HTMLFormElement.h:
2076         * html/HTMLInputElement.cpp:
2077         (WebCore::HTMLInputElement::setupDateTimeChooserParameters):
2078         * html/HTMLMapElement.cpp:
2079         (WebCore::HTMLMapElement::areas):
2080         * html/HTMLMapElement.h:
2081         * html/HTMLSelectElement.cpp:
2082         (WebCore::HTMLSelectElement::selectedOptions):
2083         (WebCore::HTMLSelectElement::options):
2084         * html/HTMLSelectElement.h:
2085         * html/HTMLTableElement.cpp:
2086         (WebCore::HTMLTableElement::rows):
2087         (WebCore::HTMLTableElement::tBodies):
2088         * html/HTMLTableElement.h:
2089         * html/HTMLTableRowElement.cpp:
2090         (WebCore::HTMLTableRowElement::insertCell):
2091         (WebCore::HTMLTableRowElement::deleteCell):
2092         (WebCore::HTMLTableRowElement::cells):
2093         * html/HTMLTableRowElement.h:
2094         * html/HTMLTableSectionElement.cpp:
2095         (WebCore::HTMLTableSectionElement::insertRow):
2096         (WebCore::HTMLTableSectionElement::deleteRow):
2097         (WebCore::HTMLTableSectionElement::rows):
2098         * html/HTMLTableSectionElement.h:
2099         * html/RangeInputType.cpp:
2100         (WebCore::RangeInputType::updateTickMarkValues):
2101         * rendering/RenderTheme.cpp:
2102         (WebCore::RenderTheme::paintSliderTicks):
2103
2104 2015-02-06  Brent Fulgham  <bfulgham@apple.com>
2105
2106         [iOS] Implement audio track selection in fullscreen.
2107         https://bugs.webkit.org/show_bug.cgi?id=131236
2108         <rdar://problem/16552632>
2109
2110         Reviewed by Eric Carlson.
2111
2112         * platform/ios/WebVideoFullscreenModelVideoElement.h:
2113         * platform/ios/WebVideoFullscreenModelVideoElement.mm:
2114         (WebVideoFullscreenModelVideoElement::selectAudioMediaOption): Provide implementation.
2115         (WebVideoFullscreenModelVideoElement::updateLegibleOptions): Add audio track information
2116         to menu displayed to user.
2117
2118 2015-02-06  Bartlomiej Gajda  <b.gajda@samsung.com>
2119
2120         [MSE] Implement Append Error algorithm.
2121         https://bugs.webkit.org/show_bug.cgi?id=139439
2122
2123         Reviewed by Jer Noble.
2124
2125         If Source Buffer has not received first init segment, then it shall call endOfStream after receiving
2126         Media Segment, as per Media Source spec. (from 17 July 2014) in paragraph 3.5.1 point 6.1.
2127
2128         Based this change on Editor's Draft 12 December 2014, as it clarifies order of events.
2129
2130         Test: media/media-source/media-source-append-media-segment-without-init.html
2131
2132         * Modules/mediasource/MediaSource.cpp:
2133         (WebCore::MediaSource::streamEndedWithError):
2134         * Modules/mediasource/MediaSource.h:
2135         * Modules/mediasource/SourceBuffer.cpp:
2136         (WebCore::SourceBuffer::sourceBufferPrivateAppendComplete):
2137         (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveInitializationSegment):
2138         (WebCore::SourceBuffer::validateInitializationSegment):
2139         (WebCore::SourceBuffer::appendError):
2140         * Modules/mediasource/SourceBuffer.h:
2141
2142 2015-02-06  Timothy Horton  <timothy_horton@apple.com>
2143
2144         REGRESSION: Lookup doesn't work in RTL
2145         https://bugs.webkit.org/show_bug.cgi?id=141338
2146         <rdar://problem/19738407>
2147
2148         Reviewed by Dan Bernstein.
2149
2150         * editing/Editor.cpp:
2151         (WebCore::Editor::scanSelectionForTelephoneNumbers):
2152         * editing/mac/DictionaryLookup.mm:
2153         (WebCore::rangeExpandedAroundPositionByCharacters):
2154         Positions are independent of writing direction, so we don't
2155         need to (and shouldn't) do anything special for RTL here.
2156
2157 2015-02-06  Maciej Stachowiak  <mjs@apple.com>
2158
2159         REGRESSION(r179706): Caused memory corruption on some tests (Requested by _ap_ on #webkit).
2160         https://bugs.webkit.org/show_bug.cgi?id=141324
2161
2162         Reviewed by Alexey Proskuryakov.
2163
2164         No new tests. This is caught by existing tests under ASAN, and I don't know how to reproduce
2165         it without ASAN.
2166
2167         * rendering/RenderLineBoxList.cpp:
2168         (WebCore::RenderLineBoxList::dirtyLinesFromChangedChild): Give up
2169         and just always invalidate the next line. It's too hard to come up
2170         with the condition that catches all needed cases, doesn't itself
2171         cause a crash, and isn't overzealous. And we do this for the
2172         previous line anyway.  Also clean up the code a bit since it
2173         confusingly reuses a variable, and declares it uninitialized, for
2174         no good reason.
2175
2176 2015-02-05  Dhi Aurrahman  <diorahman@rockybars.com>
2177
2178         Remove duplicate loop after r179532
2179         https://bugs.webkit.org/show_bug.cgi?id=141300
2180
2181         Reviewed by Benjamin Poulain.
2182
2183         No new tests, no behavior changed.
2184
2185         * css/SelectorCheckerTestFunctions.h:
2186         (WebCore::matchesLangPseudoClass):
2187
2188 2015-02-05  Commit Queue  <commit-queue@webkit.org>
2189
2190         Unreviewed, rolling out r179725.
2191         https://bugs.webkit.org/show_bug.cgi?id=141320
2192
2193         caused 2 layout tests to fail (Requested by zalan on #webkit).
2194
2195         Reverted changeset:
2196
2197         "[MSE] Implement Append Error algorithm."
2198         https://bugs.webkit.org/show_bug.cgi?id=139439
2199         http://trac.webkit.org/changeset/179725
2200
2201 2015-02-05  Andreas Kling  <akling@apple.com>
2202
2203         [iOS] Run a full garbage collection on memory warning.
2204         <https://webkit.org/b/141313>
2205         <rdar://problem/19738024>
2206
2207         Reviewed by Chris Dumez.
2208
2209         Make sure that we run a full GC when trying to free up memory, as this might
2210         be our last chance to execute before the kernel suspends this process.
2211
2212         This aligns WebKit2 with the old WebKit1 behavior.
2213
2214         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
2215         (WebCore::MemoryPressureHandler::platformReleaseMemory):
2216
2217
2218 2015-02-05  Hyungwook Lee  <hyungwook.lee@navercorp.com>
2219
2220         Fix ASSERTION FAILED: !root->needsLayout() in FrameView::layout()
2221         https://bugs.webkit.org/show_bug.cgi?id=141032
2222
2223         Reviewed by Darin Adler.
2224
2225         This patch moves the !root->needsLayout() assert statement above
2226         updateLayerPositionsAfterLayout() that can modify dirty bit system
2227         when we have RenderMarquee.
2228
2229         * page/FrameView.cpp:
2230         (WebCore::FrameView::layout):
2231
2232 2015-02-05  Bartlomiej Gajda  <b.gajda@samsung.com>
2233
2234         [MSE] Implement Append Error algorithm.
2235         https://bugs.webkit.org/show_bug.cgi?id=139439
2236
2237         Reviewed by Jer Noble.
2238
2239         If Source Buffer has not received first init segment, then it shall call endOfStream after receiving
2240         Media Segment, as per Media Source spec. (from 17 July 2014) in paragraph 3.5.1 point 6.1.
2241
2242         Based this change on Editor's Draft 12 December 2014, as it clarifies order of events.
2243
2244         Test: media/media-source/media-source-append-media-segment-without-init.html
2245
2246         * Modules/mediasource/MediaSource.cpp:
2247         (WebCore::MediaSource::streamEndedWithError):
2248         * Modules/mediasource/MediaSource.h:
2249         * Modules/mediasource/SourceBuffer.cpp:
2250         (WebCore::SourceBuffer::sourceBufferPrivateAppendComplete):
2251         (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveInitializationSegment):
2252         (WebCore::SourceBuffer::validateInitializationSegment):
2253         (WebCore::SourceBuffer::appendError):
2254         * Modules/mediasource/SourceBuffer.h:
2255
2256 2015-02-05  Maciej Stachowiak  <mjs@apple.com>
2257
2258         Crash due to failing to dirty a removed text node's line box
2259         https://bugs.webkit.org/show_bug.cgi?id=136544
2260
2261         Reviewed by David Hyatt.
2262         
2263         Test: fast/text/remove-text-node-linebox-not-dirty-crash.html
2264
2265         * rendering/RenderLineBoxList.cpp:
2266         (WebCore::RenderLineBoxList::dirtyLinesFromChangedChild): Make the check for dirtying the next
2267         line box a bit more inclusive to avoid a case of a line box for a destroyed render object not
2268         being dirtied. In particular, when the text node's parent has no line boxes but contains BRs.
2269
2270 2015-02-05  Chris Dumez  <cdumez@apple.com>
2271
2272         Free memory read under MemoryCache::pruneLiveResourcesToSize()
2273         https://bugs.webkit.org/show_bug.cgi?id=141292
2274         <rdar://problem/19725522>
2275
2276         Reviewed by Antti Koivisto.
2277
2278         In MemoryCache::pruneLiveResourcesToSize(), we were iterating over the
2279         m_liveDecodedResources ListHashSet and possibly calling
2280         CachedResource::destroyDecodedData() on the current value. Doing so
2281         would cause a call to ListHashSet::remove() to remove the value pointed
2282         by the current iterator, thus invalidating our iterator.
2283
2284         In this patch, we increment the ListHashSet iterator *before* calling
2285         CachedResource::destroyDecodedData(), while the current iterator is
2286         still valid. Note that this is safe because unlike iteration of most
2287         WTF Hash data structures, iteration is guaranteed safe against mutation
2288         of the ListHashSet, except for removal of the item currently pointed to
2289         by a given iterator.
2290
2291         Test: http/tests/cache/memory-cache-pruning.html
2292
2293         * loader/cache/MemoryCache.cpp:
2294         (WebCore::MemoryCache::pruneLiveResourcesToSize):
2295
2296 2015-02-05  Jer Noble  <jer.noble@apple.com>
2297
2298         [Mac] HLS <video> will not fire 'progress' events, only 'stalled'.
2299         https://bugs.webkit.org/show_bug.cgi?id=141284
2300
2301         Reviewed by Brent Fulgham.
2302
2303         Test: http/tests/media/hls/hls-progress.html
2304
2305         totalBytes() will always return 0 for HLS streams, which will cause didLoadingProgress() to always
2306         return false. Skip this optimization. 
2307
2308         Drive-by fix: duration() will always return 0 for this class as well. Use durationMediaTime() instead.
2309
2310         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
2311         (WebCore::MediaPlayerPrivateAVFoundation::didLoadingProgress):
2312
2313 2015-02-05  Darin Adler  <darin@apple.com>
2314
2315         Move InstanceInvalidationGuard/UpdateBlocker to SVGElement from SVGElementInstance
2316         https://bugs.webkit.org/show_bug.cgi?id=141148
2317
2318         Reviewed by Brent Fulgham and Anders Carlsson.
2319
2320         Inspired by this change Rob Buis made in Blink:
2321
2322             http://src.chromium.org/viewvc/blink?view=revision&revision=173343
2323
2324         I actually wrote the whole thing and then discovered we did it almost identically.
2325
2326         * svg/SVGAnimatedTypeAnimator.cpp:
2327         (WebCore::SVGElementAnimatedPropertyList::setInstanceUpdatesBlocked): Added this
2328         helper function to get around a circular header dependency.
2329         * svg/SVGAnimatedTypeAnimator.h:
2330         (WebCore::SVGAnimatedTypeAnimator::executeAction): Use setInstanceUpdatesBlocked.
2331
2332         * svg/SVGElement.cpp:
2333         (WebCore::SVGElement::removedFrom): Use invalidateInstances.
2334         (WebCore::SVGElement::finishParsingChildren): Ditto.
2335         (WebCore::SVGElement::svgAttributeChanged): Ditto.
2336         (WebCore::SVGElement::childrenChanged): Ditto.
2337         (WebCore::SVGElement::setInstanceUpdatesBlocked): Added an assertion that will
2338         catch anyone who nests InstanceUpdateBlocker by accident.
2339         (WebCore::SVGElement::invalidateInstances): Moved this here from
2340         SVGElementInstance::invalidateAllInstancesOfElement. I had already modified this
2341         so it had nothing to do with SVGElementInstance, so it was a simple matter of
2342         converting this into a member function. Added a FIXME about the mysterious
2343         updateStyleIfNeeded that makes multiple tests fail if it's removed.
2344
2345         * svg/SVGElement.h: Added public InstanceUpdateBlocker class, protected
2346         InstanceInvalidationGuard class, and private invalidateInstances function.
2347         Unlike the ones in SVGElementInstance these use references so they are then
2348         not copyable without using the WTF_MAKE_NONCOPYABLE macro.
2349
2350         * svg/SVGElementInstance.cpp:
2351         (WebCore::SVGElementInstance::invalidateAllInstancesOfElement): Deleted.
2352         (WebCore::SVGElementInstance::InstanceUpdateBlocker::InstanceUpdateBlocker): Deleted.
2353         (WebCore::SVGElementInstance::InstanceUpdateBlocker::~InstanceUpdateBlocker): Deleted.
2354         * svg/SVGElementInstance.h: Removed InvalidationGuard, InstanceUpdateBlocker, and
2355         invalidateAllInstancesOfElement. Didn't do any further cleanup since we soon will
2356         delete this entire file.
2357
2358         * svg/SVGAElement.cpp:
2359         (WebCore::SVGAElement::svgAttributeChanged): Updated to use new name and reference
2360         instead of pointer.
2361         * svg/SVGAnimateElementBase.cpp:
2362         (WebCore::applyCSSPropertyToTargetAndInstances): Ditto.
2363         (WebCore::removeCSSPropertyFromTargetAndInstances): Ditto.
2364         (WebCore::notifyTargetAndInstancesAboutAnimValChange): Ditto.
2365         * svg/SVGAnimatedPath.cpp:
2366         (WebCore::SVGAnimatedPathAnimator::startAnimValAnimation): Ditto.
2367         * svg/SVGCircleElement.cpp:
2368         (WebCore::SVGCircleElement::svgAttributeChanged): Ditto.
2369         * svg/SVGClipPathElement.cpp:
2370         (WebCore::SVGClipPathElement::svgAttributeChanged): Ditto.
2371         * svg/SVGComponentTransferFunctionElement.cpp:
2372         (WebCore::SVGComponentTransferFunctionElement::svgAttributeChanged): Ditto.
2373         * svg/SVGCursorElement.cpp:
2374         (WebCore::SVGCursorElement::svgAttributeChanged): Ditto.
2375         * svg/SVGEllipseElement.cpp:
2376         (WebCore::SVGEllipseElement::svgAttributeChanged): Ditto.
2377         * svg/SVGFEBlendElement.cpp:
2378         (WebCore::SVGFEBlendElement::svgAttributeChanged): Ditto.
2379         * svg/SVGFEColorMatrixElement.cpp:
2380         (WebCore::SVGFEColorMatrixElement::svgAttributeChanged): Ditto.
2381         * svg/SVGFECompositeElement.cpp:
2382         (WebCore::SVGFECompositeElement::svgAttributeChanged): Ditto.
2383         * svg/SVGFEConvolveMatrixElement.cpp:
2384         (WebCore::SVGFEConvolveMatrixElement::svgAttributeChanged): Ditto.
2385         * svg/SVGFEDiffuseLightingElement.cpp:
2386         (WebCore::SVGFEDiffuseLightingElement::svgAttributeChanged): Ditto.
2387         * svg/SVGFEDisplacementMapElement.cpp:
2388         (WebCore::SVGFEDisplacementMapElement::svgAttributeChanged): Ditto.
2389         * svg/SVGFEDropShadowElement.cpp:
2390         (WebCore::SVGFEDropShadowElement::svgAttributeChanged): Ditto.
2391         * svg/SVGFEGaussianBlurElement.cpp:
2392         (WebCore::SVGFEGaussianBlurElement::svgAttributeChanged): Ditto.
2393         * svg/SVGFEImageElement.cpp:
2394         (WebCore::SVGFEImageElement::svgAttributeChanged): Ditto.
2395         * svg/SVGFELightElement.cpp:
2396         (WebCore::SVGFELightElement::svgAttributeChanged): Ditto.
2397         * svg/SVGFEMergeNodeElement.cpp:
2398         (WebCore::SVGFEMergeNodeElement::svgAttributeChanged): Ditto.
2399         * svg/SVGFEMorphologyElement.cpp:
2400         (WebCore::SVGFEMorphologyElement::svgAttributeChanged): Ditto.
2401         * svg/SVGFEOffsetElement.cpp:
2402         (WebCore::SVGFEOffsetElement::svgAttributeChanged): Ditto.
2403         * svg/SVGFESpecularLightingElement.cpp:
2404         (WebCore::SVGFESpecularLightingElement::svgAttributeChanged): Ditto.
2405         * svg/SVGFETileElement.cpp:
2406         (WebCore::SVGFETileElement::svgAttributeChanged): Ditto.
2407         * svg/SVGFETurbulenceElement.cpp:
2408         (WebCore::SVGFETurbulenceElement::svgAttributeChanged): Ditto.
2409         * svg/SVGFilterElement.cpp:
2410         (WebCore::SVGFilterElement::svgAttributeChanged): Ditto.
2411         * svg/SVGFilterPrimitiveStandardAttributes.cpp:
2412         (WebCore::SVGFilterPrimitiveStandardAttributes::svgAttributeChanged): Ditto.
2413         * svg/SVGForeignObjectElement.cpp:
2414         (WebCore::SVGForeignObjectElement::svgAttributeChanged): Ditto.
2415         * svg/SVGGElement.cpp:
2416         (WebCore::SVGGElement::svgAttributeChanged): Ditto.
2417         * svg/SVGGradientElement.cpp:
2418         (WebCore::SVGGradientElement::svgAttributeChanged): Ditto.
2419         * svg/SVGGraphicsElement.cpp:
2420         (WebCore::SVGGraphicsElement::svgAttributeChanged): Ditto.
2421         * svg/SVGImageElement.cpp:
2422         (WebCore::SVGImageElement::svgAttributeChanged): Ditto.
2423         * svg/SVGLineElement.cpp:
2424         (WebCore::SVGLineElement::svgAttributeChanged): Ditto.
2425         * svg/SVGLinearGradientElement.cpp:
2426         (WebCore::SVGLinearGradientElement::svgAttributeChanged): Ditto.
2427         * svg/SVGMPathElement.cpp:
2428         (WebCore::SVGMPathElement::svgAttributeChanged): Ditto.
2429         * svg/SVGMarkerElement.cpp:
2430         (WebCore::SVGMarkerElement::svgAttributeChanged): Ditto.
2431         * svg/SVGMaskElement.cpp:
2432         (WebCore::SVGMaskElement::svgAttributeChanged): Ditto.
2433         * svg/SVGPathElement.cpp:
2434         (WebCore::SVGPathElement::svgAttributeChanged): Ditto.
2435         * svg/SVGPatternElement.cpp:
2436         (WebCore::SVGPatternElement::svgAttributeChanged): Ditto.
2437         * svg/SVGPolyElement.cpp:
2438         (WebCore::SVGPolyElement::svgAttributeChanged): Ditto.
2439         * svg/SVGRadialGradientElement.cpp:
2440         (WebCore::SVGRadialGradientElement::svgAttributeChanged): Ditto.
2441         * svg/SVGRectElement.cpp:
2442         (WebCore::SVGRectElement::svgAttributeChanged): Ditto.
2443         * svg/SVGSVGElement.cpp:
2444         (WebCore::SVGSVGElement::svgAttributeChanged): Ditto.
2445         * svg/SVGScriptElement.cpp:
2446         (WebCore::SVGScriptElement::svgAttributeChanged): Ditto.
2447         * svg/SVGStopElement.cpp:
2448         (WebCore::SVGStopElement::svgAttributeChanged): Ditto.
2449         * svg/SVGSymbolElement.cpp:
2450         (WebCore::SVGSymbolElement::svgAttributeChanged): Ditto.
2451         * svg/SVGTRefElement.cpp:
2452         (WebCore::SVGTRefElement::svgAttributeChanged): Ditto.
2453         * svg/SVGTextContentElement.cpp:
2454         (WebCore::SVGTextContentElement::svgAttributeChanged): Ditto.
2455         * svg/SVGTextPathElement.cpp:
2456         (WebCore::SVGTextPathElement::svgAttributeChanged): Ditto.
2457         * svg/SVGTextPositioningElement.cpp:
2458         (WebCore::SVGTextPositioningElement::svgAttributeChanged): Ditto.
2459         * svg/SVGUseElement.cpp:
2460         (WebCore::SVGUseElement::svgAttributeChanged): Ditto.
2461         * svg/animation/SVGSMILElement.cpp:
2462         (WebCore::SVGSMILElement::svgAttributeChanged): Ditto.
2463
2464 2015-02-05  Brent Fulgham  <bfulgham@apple.com>
2465
2466         Remind ourselves to remove work-around code
2467         https://bugs.webkit.org/show_bug.cgi?id=141289
2468
2469         Unreviewed gardening: Add a reminder FIXME to CSSParser
2470         so we can remove the MSVC-specific hack in the future.
2471
2472         * css/CSSParser.cpp:
2473
2474 2015-02-05  Zalan Bujtas  <zalan@apple.com>
2475
2476         Do not destroy RenderQuote's text fragment child when quotation mark string is changing.
2477         https://bugs.webkit.org/show_bug.cgi?id=141271
2478         rdar://problem/18169375
2479
2480         Reviewed by Antti Koivisto.
2481
2482         Similar approach as https://codereview.chromium.org/679593004/
2483
2484         This patch ensures that laying out a RenderQuote does not force a sibling RenderQuote's
2485         child renderer(RenderText) to be destroyed.
2486         BreakingContext holds a pointer to the next renderer on the line (BreakingContext::m_nextObject).
2487         While laying out the line, initiated by BreakingContext, placing the current renderer could end up destroying the "next" renderer.
2488         This happens when the pseudo after quotation mark(RenderQuote) becomes floated, the sibling <q>'s pseudo
2489         before text needs to be changed (from " to ') so that we don't end up with 2 sets of the same opening
2490         strings.
2491         The fix is to reuse the RenderTextFragment object instead of destroy/recreate it.
2492
2493         Test: fast/css/content/quote-crash-when-floating.html
2494
2495         * rendering/RenderQuote.cpp:
2496         (WebCore::RenderQuote::RenderQuote):
2497         (WebCore::fragmentChild):
2498         (WebCore::RenderQuote::updateText):
2499         * rendering/RenderQuote.h:
2500         * rendering/RenderTextFragment.cpp:
2501         (WebCore::RenderTextFragment::setText):
2502         (WebCore::RenderTextFragment::setContentString):
2503         * rendering/RenderTextFragment.h:
2504
2505 2015-02-04  Dean Jackson  <dino@apple.com>
2506
2507         [Media iOS] Add a debug setting to always show the optimized fullscreen button
2508         https://bugs.webkit.org/show_bug.cgi?id=141277
2509         <rdar://problem/19724471>
2510
2511         Reviewed by Eric Carlson.
2512
2513         Add a debug option so that we can test the optimized fullscreen
2514         control on media that doesn't support it.
2515
2516         * Modules/mediacontrols/mediaControlsiOS.js: Add gSimulateOptimizedFullscreenAvailable.
2517         (ControllerIOS.prototype.createControls): Check the setting.
2518         (ControllerIOS.prototype.configureInlineControls): Ditto.
2519         (ControllerIOS.prototype.formatTime): Drive-by whitespace cleanup.
2520         (ControllerIOS.prototype.handleBaseGestureChange):
2521         (ControllerIOS.prototype.handleWrapperTouchStart):
2522         (ControllerIOS.prototype.handleOptimizedFullscreenTouchEnd):
2523         (ControllerIOS.prototype.handlePresentationModeChange): Drive-by variable renaming.
2524
2525 2015-02-05  Youenn Fablet  <youenn.fablet@crf.canon.fr> and Xabier Rodriguez Calvar <calvaris@igalia.com>
2526
2527         [Streams API] Implement a barebone ReadableStream interface
2528         https://bugs.webkit.org/show_bug.cgi?id=141045
2529
2530         Reviewed by Benjamin Poulain.
2531
2532         This patch implements the ReadableStream IDL (https://streams.spec.whatwg.org/#rs-model).
2533         No functionality is yet added.
2534         ReadableStreamSource is expected to be implemented for native sources (such as HTTP sources)
2535         as well as JavaScript source through ReadableStreamJSSource.
2536
2537         Test: streams/readablestream-constructor.html
2538
2539         * CMakeLists.txt:
2540         * Configurations/FeatureDefines.xcconfig:
2541         * DerivedSources.cpp:
2542         * DerivedSources.make:
2543         * Modules/streams/ReadableStream.cpp: Added.
2544         (WebCore::ReadableStream::create):
2545         (WebCore::ReadableStream::ReadableStream):
2546         (WebCore::ReadableStream::~ReadableStream):
2547         (WebCore::ReadableStream::state):
2548         (WebCore::ReadableStream::closed):
2549         (WebCore::ReadableStream::ready):
2550         * Modules/streams/ReadableStream.h: Added.
2551         * Modules/streams/ReadableStream.idl: Added.
2552         * Modules/streams/ReadableStreamSource.h: Added.
2553         * WebCore.vcxproj/WebCore.vcxproj:
2554         * WebCore.vcxproj/WebCore.vcxproj.filters:
2555         * WebCore.vcxproj/WebCoreCommon.props:
2556         * WebCore.xcodeproj/project.pbxproj:
2557         * bindings/js/JSBindingsAllInOne.cpp:
2558         * bindings/js/JSReadableStreamCustom.cpp: Added.
2559         (WebCore::JSReadableStream::read):
2560         (WebCore::JSReadableStream::ready):
2561         (WebCore::JSReadableStream::closed):
2562         (WebCore::JSReadableStream::cancel):
2563         (WebCore::JSReadableStream::pipeTo):
2564         (WebCore::JSReadableStream::pipeThrough):
2565         (WebCore::constructJSReadableStream):
2566         * bindings/js/ReadableStreamJSSource.cpp: Added.
2567         (WebCore::ReadableStreamJSSource::create):
2568         (WebCore::ReadableStreamJSSource::ReadableStreamJSSource):
2569         (WebCore::ReadableStreamJSSource::setInternalError):
2570         * bindings/JSReadableStreamJSSource.h: Added.
2571
2572 2015-02-04  Brent Fulgham  <bfulgham@apple.com>
2573
2574         [Win] Unreviewed project file corrections.
2575
2576         Correct some parsing errors caused by recent manual editing of
2577         the project files.
2578
2579         * WebCore.vcxproj/WebCore.vcxproj:
2580         * WebCore.vcxproj/WebCore.vcxproj.filters:
2581
2582 2015-02-04  Eric Carlson  <eric.carlson@apple.com>
2583
2584         [iOS] add method to toggle playback when in the background
2585         https://bugs.webkit.org/show_bug.cgi?id=141270
2586
2587         Reviewed by Dean Jackson.
2588
2589         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
2590         (-[WebAVPlayerController togglePlaybackEvenWhenInBackground:]): Added.
2591
2592 2015-02-04  Jer Noble  <jer.noble@apple.com>
2593
2594         [Mac][EME] Support ClearKey encryption with AES128-encrypted HLS
2595         https://bugs.webkit.org/show_bug.cgi?id=140825
2596
2597         Reviewed by Eric Carlson.
2598
2599         Test: http/tests/media/clearkey/clear-key-hls-aes128.html
2600
2601         Add support for ClearKey encryption when used with an AES-128 encrypted HLS stream.
2602
2603         * Modules/encryptedmedia/CDM.cpp:
2604         (WebCore::installedCDMFactories): Add the CDMPrivateClearKey factory.
2605         * Modules/encryptedmedia/CDMPrivateClearKey.cpp:
2606         (WebCore::CDMPrivateClearKey::supportsKeySystem): Support the "org.w3c.clearkey" key system.
2607         (WebCore::CDMPrivateClearKey::supportsKeySystemAndMimeType): Ditto.
2608         (WebCore::CDMPrivateClearKey::supportsMIMEType): Ditto.
2609         (WebCore::CDMPrivateClearKey::createSession): Create a CDMSessionClearKey.
2610         * Modules/encryptedmedia/CDMPrivateClearKey.h:
2611         (WebCore::CDMPrivateClearKey::create): Simple factory.
2612         (WebCore::CDMPrivateClearKey::~CDMPrivateClearKey): Virtual destructor.
2613         (WebCore::CDMPrivateClearKey::CDMPrivateClearKey): Simple destructor.
2614         * Modules/encryptedmedia/CDMSessionClearKey.cpp: Added.
2615         (WebCore::clearKeyVM): Static method returning the VM to be used by JSON parsing.
2616         (WebCore::CDMSessionClearKey::CDMSessionClearKey): Simple constructor.
2617         (WebCore::CDMSessionClearKey::~CDMSessionClearKey): Simple destructor.
2618         (WebCore::CDMSessionClearKey::generateKeyRequest): Store the initData, ensure that it consists of a UTF8-encoded key
2619             URI, and return same.
2620         (WebCore::CDMSessionClearKey::releaseKeys): Purged all cached keys.
2621         (WebCore::CDMSessionClearKey::update): Parse raw JSON-encoded JWK keys, rejecting non-AES, non-oct keys.
2622         (WebCore::CDMSessionClearKey::cachedKeyForKeyID): Return cached keys.
2623         * Modules/encryptedmedia/CDMSessionClearKey.h:
2624
2625         Add support for the "org.w3c.clearkey" CDM to MediaPlayerPrivateAVFoundationObjC, and do so in a platform-agnostic
2626         way by simply asking for raw key data from MediaPlayerClient when notified that a key has been added.
2627
2628         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
2629         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
2630         (WebCore::keySystemIsSupported):
2631         (WebCore::MediaPlayerPrivateAVFoundationObjC::supportsType):
2632         (WebCore::MediaPlayerPrivateAVFoundationObjC::supportsKeySystem):
2633         (WebCore::fulfillRequestWithKeyData): Added utility method.
2634         (WebCore::MediaPlayerPrivateAVFoundationObjC::shouldWaitForLoadingOfResource):
2635         (WebCore::MediaPlayerPrivateAVFoundationObjC::keyAdded):
2636
2637         Pipe a keyAdded() notification down to MediaPlayer and a cachedKeyForKeyId() request up to CDMSessionClearKey:
2638
2639         * Modules/encryptedmedia/MediaKeySession.cpp:
2640         (WebCore::MediaKeySession::cachedKeyForKeyId):
2641         (WebCore::MediaKeySession::addKeyTimerFired):
2642         * Modules/encryptedmedia/MediaKeySession.h:
2643         * Modules/encryptedmedia/MediaKeys.cpp:
2644         (WebCore::MediaKeys::keyAdded):
2645         (WebCore::MediaKeys::cachedKeyForKeyId):
2646         * Modules/encryptedmedia/MediaKeys.h:
2647         * html/HTMLMediaElement.cpp:
2648         (WebCore::HTMLMediaElement::keyAdded):
2649         * html/HTMLMediaElement.h:
2650         * platform/graphics/CDMSession.h:
2651         (WebCore::CDMSession::cachedKeyForKeyID):
2652         * platform/graphics/MediaPlayer.cpp:
2653         (WebCore::MediaPlayer::keyAdded):
2654         (WebCore::MediaPlayer::cachedKeyForKeyId):
2655         * platform/graphics/MediaPlayer.h:
2656         (WebCore::MediaPlayerClient::mediaPlayerCachedKeyForKeyId):
2657         * platform/graphics/MediaPlayerPrivate.h:
2658         (WebCore::MediaPlayerPrivateInterface::keyAdded):
2659
2660         Add new files to project:
2661
2662         * WebCore.xcodeproj/project.pbxproj:
2663         * CMakeLists.txt:
2664         * WebCore.vcxproj/WebCore.vcxproj:
2665         * WebCore.vcxproj/WebCore.vcxproj.filters:
2666
2667 2015-02-04  Commit Queue  <commit-queue@webkit.org>
2668
2669         Unreviewed, rolling out r179618.
2670         https://bugs.webkit.org/show_bug.cgi?id=141263
2671
2672         Off-by-one error causing flaky behavior in webaudio
2673         /audiobuffersource-negative-playbackrate.html (Requested by
2674         jernoble_ on #webkit).
2675
2676         Reverted changeset:
2677
2678         "[WebAudio] AudioBufferSourceNodes should accurately play
2679         backwards if given a negative playbackRate."
2680         https://bugs.webkit.org/show_bug.cgi?id=140955
2681         http://trac.webkit.org/changeset/179618
2682
2683 2015-02-03  David Hyatt  <hyatt@apple.com>
2684
2685         Tables don't repaginate properly when the pagination height changes or the pagination offset changes.
2686         https://bugs.webkit.org/show_bug.cgi?id=141207
2687         <rdar://problem/18387659>
2688
2689         Reviewed by Dean Jackson.
2690
2691         Added fast/multicol/table-dynamic-movement.html
2692
2693         Change markForPaginationRelayoutIfNeeded to be called always and to check needsLayout inside it.
2694
2695         Make RenderTable override markForPaginationRelayoutIfNeeded and also dirty the sections if the table
2696         ended up getting marked for relayout.
2697
2698         Make sure rows do the right thing as well.
2699
2700         * rendering/RenderBlock.cpp:
2701         (WebCore::RenderBlock::layoutPositionedObjects):
2702         (WebCore::RenderBlock::markForPaginationRelayoutIfNeeded):
2703         * rendering/RenderBlock.h:
2704         * rendering/RenderBlockFlow.cpp:
2705         (WebCore::RenderBlockFlow::layoutBlockChild):
2706         (WebCore::RenderBlockFlow::adjustBlockChildForPagination):
2707         (WebCore::RenderBlockFlow::positionNewFloats):
2708         * rendering/RenderDeprecatedFlexibleBox.cpp:
2709         (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
2710         (WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox):
2711         * rendering/RenderTable.cpp:
2712         (WebCore::RenderTable::markForPaginationRelayoutIfNeeded):
2713         * rendering/RenderTable.h:
2714         * rendering/RenderTableRow.cpp:
2715         (WebCore::RenderTableRow::layout):
2716         * rendering/RenderTableSection.cpp:
2717         (WebCore::RenderTableSection::layout):
2718
2719 2015-02-04  Said Abou-Hallawa  <sabouhallawa@apple.com>
2720
2721         When using SVG as an image, we should load datauri images when these images are not in the image cache.
2722         https://bugs.webkit.org/show_bug.cgi?id=99677.
2723
2724         Reviewed by Darin Adler.
2725         
2726         Data URI sub-resources are not loaded because the networking context of FrameLoader
2727         attached to the SubResourceLoader is set to null. This is done intentionally to
2728         disallow any resource from loading external sub-resources. For example if an <img>
2729         tag has its 'src' attribute points to an svg file, this svg is not allowed to load
2730         an external image through the 'xlink' attribute of an <image> element. This restriction
2731         is not valid if the value of the 'xlink' attribute is a data URI. In this case the image 
2732         should be loaded into memory since there is no network traffic involved. All we need
2733         to do is to decode the data part of the URI.
2734         
2735         The fix is to pass the root FrameLoader, which has a valid NetworkingContext, through
2736         the FrameLoaderClient, to the ResourceHandle::create() which uses the NetworkingContext
2737         to decode the data and fire the load events of the data URI resources.
2738
2739         Tests:  svg/as-image/svg-image-with-data-uri-background.html
2740                 svg/as-image/svg-image-with-data-uri-from-canvas.html
2741                 svg/as-image/svg-image-with-data-uri-images-disabled.html
2742                 svg/as-image/svg-image-with-data-uri-reloading.html
2743                 svg/as-image/svg-image-with-data-uri-use-data-uri.svg
2744                 svg/as-image/svg-image-with-svg-data-uri.html
2745
2746         * accessibility/AccessibilityRenderObject.cpp:
2747         Remove unreferenced header file.
2748
2749         * loader/FrameLoaderClient.h:
2750         Define the null virtual function dataProtocolLoader() which should return the FrameLoader
2751         for loading data URI resources.
2752
2753         * loader/ResourceLoader.cpp:
2754         (WebCore::ResourceLoader::start):
2755         (WebCore::ResourceLoader::dataProtocolFrameLoader):
2756         * loader/ResourceLoader.h:
2757         Add ResourceLoader::dataProtocolFrameLoader() which returns the root FrameLoader. The
2758         root FrameLoader is used to get a valid NetworkingContext which can be passed to
2759         ResourceHandle::create() when url().protocolIsData().
2760
2761         * loader/cache/CachedImage.cpp:
2762         (WebCore::CachedImage::load):
2763         (WebCore::CachedImage::finishLoading):
2764         * loader/cache/CachedResourceLoader.cpp:
2765         (WebCore::CachedResourceLoader::shouldPerformImageLoad):
2766         (WebCore::CachedResourceLoader::shouldDeferImageLoad):
2767         * loader/cache/CachedResourceLoader.h:
2768         Allow loading data URI sub-resources as long as loading images is not disabled. Also we
2769         need to call setDataProtocolLoader() before calling setData() for the isSVGImage case, 
2770         setData() will create a page by calling Page::createPageFromBuffer() via SVGImage::dataChanged(),
2771         and we need to pass the correct FrameLoaderClient to the created FrameLoader of the main
2772          frame of this page.
2773
2774         * svg/graphics/SVGImage.cpp:
2775         (WebCore::SVGImage::SVGImage):
2776         (WebCore::SVGImage::dataChanged):
2777         * svg/graphics/SVGImage.h:
2778         Create a new FrameLoaderClient of type SVGFrameLoaderClient and set it in pageConfiguration
2779         which is used when creating the page from the SVG data URI.
2780
2781         * WebCore.xcodeproj/project.pbxproj:
2782         * svg/graphics/SVGImageChromeClient.h: Removed.
2783         * svg/graphics/SVGImageClients.h: Added.
2784         Add a new class SVGImageChromeClient which overrides the function dataProtocolLoader().
2785         Rename the header file SVGImageChromeClient.h to be SVGImageClients.h since it now 
2786         includes the classes SVGImageChromeClient and SVGFrameLoaderClient.
2787
2788 2015-02-04  Timothy Horton  <timothy_horton@apple.com>
2789
2790         Fix a misplaced include in CaptionUserPreferencesMediaAF
2791         https://bugs.webkit.org/show_bug.cgi?id=141239
2792
2793         Reviewed by Jer Noble.
2794
2795         * page/CaptionUserPreferencesMediaAF.cpp:
2796         CoreText is a system header, and there's already a good spot for it!
2797
2798 2015-02-04  Jer Noble  <jer.noble@apple.com>
2799
2800         [WebAudio] AudioBufferSourceNodes should accurately play backwards if given a negative playbackRate.
2801         https://bugs.webkit.org/show_bug.cgi?id=140955
2802
2803         Reviewed by Eric Carlson.
2804
2805         Tests: webaudio/audiobuffersource-negative-playbackrate-interpolated.html
2806                webaudio/audiobuffersource-negative-playbackrate.html
2807
2808         Add support for playing an AudioBufferSourceNode at a negative playbackRate. Change the meaning of
2809         start() to set the initial playback position at the end of the play range if the rate of playback
2810         is negtive.
2811
2812         * Modules/webaudio/AudioBufferSourceNode.cpp:
2813         (WebCore::AudioBufferSourceNode::AudioBufferSourceNode): Allow the playbackRate AudioParam to range from [-32, 32].
2814         (WebCore::AudioBufferSourceNode::renderFromBuffer): Change variable names from "start" and "end" to "min" and "max"
2815             for clarity. Add a non-interpolated and interpolated render step for negative playback.
2816         (WebCore::AudioBufferSourceNode::start): Drive-by fix: default value of grainDuration is not 0.02.
2817         (WebCore::AudioBufferSourceNode::startPlaying): Start playing at the end of the buffer for negative playback.
2818         (WebCore::AudioBufferSourceNode::totalPitchRate): Allow the pitch to be negative.
2819
2820 2015-02-04  Eric Carlson  <eric.carlson@apple.com>
2821
2822         video.attribute should not return true just because of fullscreen
2823         https://bugs.webkit.org/show_bug.cgi?id=141219
2824
2825         Reviewed by Dean Jackson.
2826
2827         No new tests, updated media/video-fullscreeen-only-controls.html
2828
2829         * Modules/mediacontrols/mediaControlsApple.js:
2830         (Controller.prototype.shouldHaveControls):
2831         * Modules/mediacontrols/mediaControlsiOS.js:
2832         (ControllerIOS.prototype.isFullScreen):
2833
2834         * html/HTMLMediaElement.cpp:
2835         (WebCore::HTMLMediaElement::controls): Don't consider fullscreen status.
2836         (WebCore::HTMLMediaElement::configureMediaControls): Create controls if a video element
2837             isn't allowed to play inline, or if it is in fullscreen.
2838
2839 2015-02-04  Mark Lam  <mark.lam@apple.com>
2840
2841         Remove concept of makeUsableFromMultipleThreads().
2842         <https://webkit.org/b/141221>
2843
2844         Reviewed by Mark Hahnenberg.
2845
2846         No new tests.
2847
2848         * bindings/js/JSDOMWindowBase.cpp:
2849         (WebCore::JSDOMWindowBase::commonVM):
2850
2851 2015-02-04  Simon Fraser  <simon.fraser@apple.com>
2852
2853         [iOS WK2] Assert in ScrollingTreeOverflowScrollingNodeIOS::updateAfterChildren() on tab switching
2854         https://bugs.webkit.org/show_bug.cgi?id=141223
2855         rdar://problem/18458993
2856
2857         Reviewed by Tim Horton.
2858         
2859         It's possible to submit a RemoteLayerTree transaction that contains data
2860         about a created layer, but doesn't have any properties for that layer. This
2861         happens when the newly created layer isn't reached during the traversal that
2862         gathers layer properties (i.e. it's not rooted). However, whether we create
2863         a scrolling layer or not requires having properties; they are missing, so we
2864         create a normal layer, but then the scrolling tree commit asserts that we
2865         should have a scrolling layer.
2866         
2867         Fix by making scrolling layers have a corresponding layer type, which is
2868         stored in layer creation properties. This required exposing layer types
2869         up through GraphicsLayer, but that allows for some nice cleanup:
2870         
2871         1. No need to have the hokey shouldUseTiledBacking() GraphicsLayerClient hack
2872            for creating the page tiled layer.
2873         2. The notion of "custom behaviors" can be removed from GraphicsLayer entirely.
2874
2875         Not testable because it requires tab switching.
2876
2877         * WebCore.exp.in:
2878         * platform/graphics/GraphicsLayer.cpp:
2879         (WebCore::GraphicsLayer::GraphicsLayer):
2880         * platform/graphics/GraphicsLayer.h:
2881         (WebCore::GraphicsLayer::initialize):
2882         (WebCore::GraphicsLayer::setCustomBehavior): Deleted.
2883         (WebCore::GraphicsLayer::customBehavior): Deleted.
2884         * platform/graphics/GraphicsLayerClient.h:
2885         (WebCore::GraphicsLayerClient::shouldUseTiledBacking): Deleted.
2886         * platform/graphics/GraphicsLayerFactory.h:
2887         * platform/graphics/ca/GraphicsLayerCA.cpp:
2888         (WebCore::GraphicsLayer::create):
2889         (WebCore::GraphicsLayerCA::GraphicsLayerCA):
2890         (WebCore::GraphicsLayerCA::initialize):
2891         (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
2892         (WebCore::GraphicsLayerCA::ensureStructuralLayer):
2893         (WebCore::GraphicsLayerCA::swapFromOrToTiledLayer):
2894         (WebCore::GraphicsLayerCA::updateCustomBehavior): Deleted.
2895         (WebCore::GraphicsLayerCA::setCustomBehavior): Deleted.
2896         * platform/graphics/ca/GraphicsLayerCA.h:
2897         (WebCore::GraphicsLayerCA::moveAnimations):
2898         (WebCore::GraphicsLayerCA::copyAnimations):
2899         * platform/graphics/ca/PlatformCALayer.h:
2900         * platform/graphics/ca/mac/PlatformCALayerMac.h:
2901         * platform/graphics/ca/mac/PlatformCALayerMac.mm:
2902         (PlatformCALayerMac::PlatformCALayerMac):
2903         (PlatformCALayerMac::commonInit):
2904         (PlatformCALayerMac::updateCustomBehavior): Deleted.
2905         * rendering/RenderLayerBacking.cpp:
2906         (WebCore::RenderLayerBacking::createGraphicsLayer):
2907         (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer):
2908         (WebCore::RenderLayerBacking::updateScrollingLayers):
2909         (WebCore::RenderLayerBacking::shouldUseTiledBacking): Deleted.
2910         * rendering/RenderLayerBacking.h:
2911
2912 2015-02-04  Dean Jackson  <dino@apple.com>
2913
2914         [Media] Fullscreen button should always come last in inline controls (141245)
2915         https://bugs.webkit.org/show_bug.cgi?id=141245
2916         <rdar://problem/19714622>
2917
2918         Reviewed by Eric Carlson.
2919
2920         Make sure the optimizedFullscreen button is inserted before the
2921         normal fullscreen button.
2922
2923         * Modules/mediacontrols/mediaControlsiOS.js:
2924         (ControllerIOS.prototype.configureInlineControls):
2925
2926 2015-02-04  Dean Jackson  <dino@apple.com>
2927
2928         REGRESSION: AirPlay button not visible but present in inline toolbar
2929         https://bugs.webkit.org/show_bug.cgi?id=141244
2930         <rdar://problem/19328322>
2931
2932         Reviewed by Eric Carlson.
2933
2934         Replace the use of mask-image with a background-image (which matches
2935         what the other buttons are doing).
2936
2937         * Modules/mediacontrols/mediaControlsiOS.css:
2938         (::-webkit-media-controls):
2939         (video::-webkit-media-controls-wireless-playback-picker-button):
2940         (audio::-webkit-media-controls-wireless-playback-picker-button):
2941         (video::-webkit-media-controls-wireless-playback-picker-button.active):
2942         (audio::-webkit-media-controls-wireless-playback-picker-button.active):
2943
2944 2015-02-04  Chris Dumez  <cdumez@apple.com>
2945
2946         Add removeFirst(value) / removeAll(value) methods to WTF::Vector
2947         https://bugs.webkit.org/show_bug.cgi?id=141192
2948
2949         Reviewed by Benjamin Poulain.
2950
2951         Use new Vector::removeFirst(value) / removeAll(value) API to simplify the
2952         code a bit.
2953
2954         * css/StyleSheetContents.cpp:
2955         (WebCore::StyleSheetContents::unregisterClient):
2956         * html/HTMLFormElement.cpp:
2957         (WebCore::HTMLFormElement::removeFormElement):
2958         (WebCore::HTMLFormElement::removeImgElement):
2959         (WebCore::removeFromVector): Deleted.
2960         * page/Chrome.cpp:
2961         (WebCore::Chrome::unregisterPopupOpeningObserver):
2962         * page/PageOverlayController.cpp:
2963         (WebCore::PageOverlayController::uninstallPageOverlay):
2964         * page/SecurityPolicy.cpp:
2965         (WebCore::SecurityPolicy::removeOriginAccessWhitelistEntry):
2966         * platform/graphics/GraphicsLayer.cpp:
2967         (WebCore::GraphicsLayer::removeFromParent):
2968         * platform/graphics/texmap/TextureMapperAnimation.cpp:
2969         (WebCore::TextureMapperAnimations::remove):
2970         * rendering/RenderSearchField.cpp:
2971         (WebCore::RenderSearchField::addSearchResult):
2972         * rendering/RenderTable.cpp:
2973         (WebCore::RenderTable::removeCaption):
2974         * rendering/svg/RenderSVGText.cpp:
2975         (WebCore::RenderSVGText::subtreeChildWillBeRemoved):
2976         * svg/SVGDocumentExtensions.cpp:
2977         (WebCore::SVGDocumentExtensions::removeAllElementReferencesForTarget):
2978         * svg/animation/SMILTimeContainer.cpp:
2979         (WebCore::SMILTimeContainer::unschedule):
2980
2981 2015-02-03  Maciej Stachowiak  <mjs@apple.com>
2982
2983         Crash when printing snapshotted plugins
2984         https://bugs.webkit.org/show_bug.cgi?id=141212
2985
2986         Reviewed by Simon Fraser.
2987
2988         Test: plugins/snapshotting/print-snapshotted-plugin.html
2989
2990         * html/HTMLPlugInImageElement.cpp:
2991         (WebCore::HTMLPlugInImageElement::childShouldCreateRenderer): New
2992         method. If the current renderer is a snapshotted plugin, only
2993         allow children to create renderers if they are part of the
2994         snapshot shadow dom. Otherwise RenderEmbeddedObject invariants
2995         will be violated. This DOM class can have many other renderers, but they
2996         can just follow their own rules.
2997         (WebCore::HTMLPlugInImageElement::partOfSnapshotOverlay): Make this
2998         const-correct, and don't create UA shadow DOM as a side effect if it doesn't
2999         already exist.
3000         * html/HTMLPlugInImageElement.h:
3001
3002 2015-02-03  Chris Dumez  <cdumez@apple.com>
3003
3004         Regression(r179584): Assertion hit in toResourceLoadPriority() on Yosemite
3005         https://bugs.webkit.org/show_bug.cgi?id=141230
3006
3007         Reviewed by Alexey Proskuryakov.
3008
3009         Handle -1 priority value again in toResourceLoadPriority() as it seems to
3010         be returned by CFNetwork on some configurations.
3011
3012         No new tests, already covered by existing tests.
3013
3014         * platform/network/cf/ResourceRequestCFNet.h:
3015         (WebCore::toResourceLoadPriority):
3016
3017 2015-02-03  Chris Dumez  <cdumez@apple.com>
3018
3019         Drop ResourceLoadPriorityUnresolved resource load priority and use Optional<> instead
3020         https://bugs.webkit.org/show_bug.cgi?id=141186
3021
3022         Reviewed by Antti Koivisto.
3023
3024         Drop ResourceLoadPriorityUnresolved resource load priority value and use
3025         Optional<ResourceLoadPriority> when needed instead. If the Optional
3026         doesn't have a value, then it means it is unresolved. Having
3027         ResourceLoadPriorityUnresolved in ResourceLoadPriority was confusing
3028         because this value is only valid in CachedResourceRequest, it is not
3029         a valid value in CachedResource or in ResourceRequest. After this
3030         refactoring, it now becomes more obvious.
3031
3032 2015-02-03  Chris Dumez  <cdumez@apple.com>
3033
3034         REGRESSION(176609): Very high memory usage in Canvas/reuse.html performance test
3035         https://bugs.webkit.org/show_bug.cgi?id=139812
3036
3037         Reviewed by Geoffrey Garen.
3038
3039         Update DOMTimerFireState.elementsChangedOutsideViewport to keep only
3040         weak pointers to the Elements, instead of ref'ing them, so as to not
3041         extend their life unnecessarily (by preventing garbage-collection).
3042         The same approach was already adopted in r176496 for
3043         DOMTimer.m_elementsCausingThrottling to address the same issue.
3044
3045         No new tests, already covered by Canvas/reuse.html performance test.
3046
3047         * page/DOMTimer.cpp:
3048         (WebCore::DOMTimerFireState::setScriptMadeNonUserObservableChangesToElement):
3049         (WebCore::DOMTimerFireState::elementsChangedOutsideViewport):
3050
3051 2015-02-03  Jer Noble  <jer.noble@apple.com>
3052
3053         [MSE] Setting timestampOffset does not change the timestamps in the actual sample, leading to visual and audible errors.
3054         https://bugs.webkit.org/show_bug.cgi?id=140929
3055
3056         Reviewed by Alexey Proskuryakov.
3057
3058         Fixes http/tests/media/media-source/mediasource-config-change-mp4-v-framerate.html.
3059
3060         Only apply the timestamp offset to the actual sample after step 1.6, where we may loop back to
3061         the top, to avoid double-offsetting the same sample.
3062
3063         * Modules/mediasource/SourceBuffer.cpp:
3064         (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):
3065
3066 2015-02-03  Jeremy Jones  <jeremyj@apple.com>
3067
3068         Restore interface before exiting optimized fullscreen mode.
3069         https://bugs.webkit.org/show_bug.cgi?id=141167
3070
3071         Reviewed by Simon Fraser.
3072
3073         This change allows the user interface to be restored before exiting optimized fullscreen mode.
3074
3075         * platform/ios/WebVideoFullscreenInterfaceAVKit.h: Add declaration.
3076         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: 
3077         (-[WebAVPlayerController playerViewController:restoreUserInterfaceForOptimizedFullscreenStopWithCompletionHandler:]): Added.
3078         (WebVideoFullscreenInterfaceAVKit::fullscreenMayReturnToInline): Added.
3079         * platform/spi/ios/AVKitSPI.h: Add new SPI.
3080
3081 2015-02-03  Jeremy Jones  <jeremyj@apple.com>
3082
3083         Prevent flicker when exiting fullscreen by synchronizing transactions.
3084         https://bugs.webkit.org/show_bug.cgi?id=140897
3085
3086         Reviewed by Tim Horton.
3087
3088         Synchronize across CAContexts when moving the video layer between layer hierarchies.
3089         Normally transactions involving multiple CAContexts are not synchronized.
3090
3091         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
3092         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenLayer):
3093         * platform/spi/cocoa/QuartzCoreSPI.h: add additional CAContext SPI declarations.
3094
3095 2015-02-03  Ryosuke Niwa  <rniwa@webkit.org>
3096
3097         Smart quoting could move the caret backwards in some configurations
3098         https://bugs.webkit.org/show_bug.cgi?id=141203
3099         <rdar://problem/17452543>
3100
3101         Reviewed by Enrica Casucci.
3102
3103         The bug was caused by markAndReplaceFor not running the code to preserve the selection after
3104         text replacement only when smart quote is enabled. Furthermore, when smart link was disabled,
3105         we never applied smart quote due to the following condition at line 2502:
3106
3107         if (!(shouldPerformReplacement || shouldCheckForCorrection || shouldMarkLink) || !doReplacement)
3108             continue;
3109
3110         This condition prevented the code to apply smart quote from running when both continuous
3111         spellchecking, smart link, and text replacement are disabled.
3112
3113         Fixed the bug by treating smart quotes and smart dashes like any other text replacement and set
3114         shouldPerformReplacement to true whenever either one of those text checking options are present.
3115
3116         Smart link didn't have this issue due to the explicit check for shouldMarkLink.
3117
3118         Smart dashes didn't suffer this problem either because dashes replacement happens only once
3119         the caret has moved past the dashes but his patch makes go through the same code path to preserve
3120         the selection as well for consistency.
3121
3122         Test: editing/inserting/smart-quote-with-all-configurations.html
3123
3124         * editing/Editor.cpp:
3125         (WebCore::Editor::markAndReplaceFor):
3126
3127 2015-02-02  Enrica Casucci  <enrica@apple.com>
3128
3129         Additional emoji support.
3130         https://bugs.webkit.org/show_bug.cgi?id=141047
3131         rdar://problem/19045135
3132
3133         Reviewed by Darin Adler.
3134
3135         Adds support for emoji modifiers and group emoji.
3136
3137         Test: editing/deleting/delete-emoji.html
3138
3139         * platform/graphics/FontCascade.cpp:
3140         (WebCore::FontCascade::characterRangeCodePath):
3141         * platform/text/TextBreakIterator.cpp:
3142         (WebCore::cursorMovementIterator):
3143         * rendering/RenderText.cpp:
3144         (WebCore::isEmojiGroupCandidate):
3145         (WebCore::isEmojiModifier):
3146         (WebCore::RenderText::previousOffsetForBackwardDeletion):
3147
3148 2015-02-03  Jer Noble  <jer.noble@apple.com>
3149
3150         Passing invalid values to OfflineAudioContext's constructor should not crash.
3151         https://bugs.webkit.org/show_bug.cgi?id=141197
3152
3153         Reviewed by Darin Adler.
3154
3155         Test: webaudio/offlineaudiocontext-constructor.html
3156
3157         Throw a SYNTAX_ERR exception if passed in a zero for channelCount or numberOfSamples. This avoids
3158         a crash where OfflineAudioDestinationNode is passed a null renderTarget.
3159
3160         * Modules/webaudio/OfflineAudioContext.cpp:
3161         (WebCore::OfflineAudioContext::create):
3162
3163 2015-02-03  Jer Noble  <jer.noble@apple.com>
3164
3165         [MSE] Setting timestampOffset does not change the timestamps in the actual sample, leading to visual and audible errors.
3166         https://bugs.webkit.org/show_bug.cgi?id=140929
3167
3168         Reviewed by Darin Adler.
3169
3170         Test: media/media-source/media-source-timeoffset.html
3171
3172         Changing timestampOffset will correctly offset the presentation and decode times within SourceBuffer and
3173         will correctly modify things like buffered ranges. But those changes need to be reflected in the underlying
3174         MediaSample for decoders to decode and display the samples at the correct times.
3175
3176         Add a method to MediaSample which allows the caller to offset timestamps of the underlying PlatformMediaSample.
3177
3178         * Modules/mediasource/SourceBuffer.cpp:
3179         (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample): Call offsetTimestampsBy() on the sample.
3180         * platform/MediaSample.h:
3181         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
3182         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy): Create a new sample with the same underlying data
3183             but with a new timing info array, each timing info offset by the requested amount.
3184         * platform/mock/mediasource/MockBox.h:
3185         (WebCore::MockBox::offsetTimestampsBy): Offset m_presentationTimestamp and m_decodeTimestamp;
3186         * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
3187         (WebCore::MockMediaSample::offsetTimestampsBy): Pass to MockBox.
3188
3189 2015-02-03  Jer Noble  <jer.noble@apple.com>
3190
3191         [Mac][EME] Crash in CDMSessionMediaSourceAVFObjC::layerDidReceiveError() - NSError not KVO compliant for key NSUnderlyingError.
3192         https://bugs.webkit.org/show_bug.cgi?id=140529
3193
3194         Reviewed by Darin Adler.
3195
3196         The underlying error should be fetched from the userInfo dictionary, not the error itself.
3197
3198         * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
3199         (WebCore::systemCodeForError):
3200
3201 2015-02-03  Commit Queue  <commit-queue@webkit.org>
3202
3203         Unreviewed, rolling out r179548.
3204         https://bugs.webkit.org/show_bug.cgi?id=141201
3205
3206         Hits debug assertions in 50+ SVG tests (Requested by brrian on
3207         #webkit).
3208
3209         Reverted changeset:
3210
3211         "Move InstanceInvalidationGuard/UpdateBlocker to SVGElement
3212         from SVGElementInstance"
3213         https://bugs.webkit.org/show_bug.cgi?id=141148
3214         http://trac.webkit.org/changeset/179548
3215
3216 2015-02-03  Jer Noble  <jer.noble@apple.com>
3217
3218         [Mac] HLS audio is not correctly selected according to system language
3219         https://bugs.webkit.org/show_bug.cgi?id=140398
3220         rdar://problem/19218487
3221
3222         Reviewed by Darin Adler.
3223
3224         Test: http/tests/media/hls/hls-audio-tracks-locale-selection.html
3225
3226         When AVMediaSelectionOptions come and go and no explicit track selection choice has
3227         been made, automatically pick the most appropriate track according to the user's
3228         current preferred locale settings.
3229
3230         * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.h:
3231         * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.mm:
3232         (WebCore::MediaSelectionGroupAVFObjC::MediaSelectionGroupAVFObjC): Set m_shouldSelectOptionAutomatically
3233             to true by default.
3234         (WebCore::MediaSelectionGroupAVFObjC::updateOptions): If m_shouldSelectOptionAutomatically is set
3235             pick the most appropriate media selection option.
3236         (WebCore::MediaSelectionGroupAVFObjC::setSelectedOption): Set m_shouldSelectOptionAutomatically to false.
3237         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
3238         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerItem): Remove these automatic selection
3239             requests as they are ineffective when -appliesMediaSelectionCriteriaAutomatically is NO.
3240
3241 2015-02-03  Darin Adler  <darin@apple.com>
3242
3243         Move InstanceInvalidationGuard/UpdateBlocker to SVGElement from SVGElementInstance
3244         https://bugs.webkit.org/show_bug.cgi?id=141148
3245
3246         Reviewed by Brent Fulgham.
3247
3248         Inspired by this change Rob Buis made in Blink:
3249
3250             http://src.chromium.org/viewvc/blink?view=revision&revision=173343
3251
3252         I actually wrote the whole thing and then discovered we did it almost identically.
3253
3254         * svg/SVGAnimatedTypeAnimator.cpp:
3255         (WebCore::SVGElementAnimatedPropertyList::setInstanceUpdatesBlocked): Added this
3256         helper function to get around a circular header dependency.
3257         * svg/SVGAnimatedTypeAnimator.h:
3258         (WebCore::SVGAnimatedTypeAnimator::executeAction): Use setInstanceUpdatesBlocked.
3259
3260         * svg/SVGElement.cpp:
3261         (WebCore::SVGElement::removedFrom): Use invalidateInstances.
3262         (WebCore::SVGElement::finishParsingChildren): Ditto.
3263         (WebCore::SVGElement::svgAttributeChanged): Ditto.
3264         (WebCore::SVGElement::childrenChanged): Ditto.
3265         (WebCore::SVGElement::setInstanceUpdatesBlocked): Added an assertion that will
3266         catch anyone who nests InstanceUpdateBlocker by accident.
3267         (WebCore::SVGElement::invalidateInstances): Moved this here from
3268         SVGElementInstance::invalidateAllInstancesOfElement. I had already modified this
3269         so it had nothing to do with SVGElementInstance, so it was a simple matter of
3270         converting this into a member function. Added a FIXME about the mysterious
3271         updateStyleIfNeeded that makes multiple tests fail if it's removed.
3272
3273         * svg/SVGElement.h: Added public InstanceUpdateBlocker class, protected
3274         InstanceInvalidationGuard class, and private invalidateInstances function.
3275         Unlike the ones in SVGElementInstance these use references so they are then
3276         not copyable without using the WTF_MAKE_NONCOPYABLE macro.
3277
3278         * svg/SVGElementInstance.cpp:
3279         (WebCore::SVGElementInstance::invalidateAllInstancesOfElement): Deleted.
3280         (WebCore::SVGElementInstance::InstanceUpdateBlocker::InstanceUpdateBlocker): Deleted.
3281         (WebCore::SVGElementInstance::InstanceUpdateBlocker::~InstanceUpdateBlocker): Deleted.
3282         * svg/SVGElementInstance.h: Removed InvalidationGuard, InstanceUpdateBlocker, and
3283         invalidateAllInstancesOfElement. Didn't do any further cleanup since we soon will
3284         delete this entire file.
3285
3286         * svg/SVGAElement.cpp:
3287         (WebCore::SVGAElement::svgAttributeChanged): Updated to use new name and reference
3288         instead of pointer.
3289         * svg/SVGAnimateElementBase.cpp:
3290         (WebCore::applyCSSPropertyToTargetAndInstances): Ditto.
3291         (WebCore::removeCSSPropertyFromTargetAndInstances): Ditto.
3292         (WebCore::notifyTargetAndInstancesAboutAnimValChange): Ditto.
3293         * svg/SVGAnimatedPath.cpp:
3294         (WebCore::SVGAnimatedPathAnimator::startAnimValAnimation): Ditto.
3295         * svg/SVGCircleElement.cpp:
3296         (WebCore::SVGCircleElement::svgAttributeChanged): Ditto.
3297         * svg/SVGClipPathElement.cpp:
3298         (WebCore::SVGClipPathElement::svgAttributeChanged): Ditto.
3299         * svg/SVGComponentTransferFunctionElement.cpp:
3300         (WebCore::SVGComponentTransferFunctionElement::svgAttributeChanged): Ditto.
3301         * svg/SVGCursorElement.cpp:
3302         (WebCore::SVGCursorElement::svgAttributeChanged): Ditto.
3303         * svg/SVGEllipseElement.cpp:
3304         (WebCore::SVGEllipseElement::svgAttributeChanged): Ditto.
3305         * svg/SVGFEBlendElement.cpp:
3306         (WebCore::SVGFEBlendElement::svgAttributeChanged): Ditto.
3307         * svg/SVGFEColorMatrixElement.cpp:
3308         (WebCore::SVGFEColorMatrixElement::svgAttributeChanged): Ditto.
3309         * svg/SVGFECompositeElement.cpp:
3310         (WebCore::SVGFECompositeElement::svgAttributeChanged): Ditto.
3311         * svg/SVGFEConvolveMatrixElement.cpp:
3312         (WebCore::SVGFEConvolveMatrixElement::svgAttributeChanged): Ditto.
3313         * svg/SVGFEDiffuseLightingElement.cpp:
3314         (WebCore::SVGFEDiffuseLightingElement::svgAttributeChanged): Ditto.
3315         * svg/SVGFEDisplacementMapElement.cpp:
3316         (WebCore::SVGFEDisplacementMapElement::svgAttributeChanged): Ditto.
3317         * svg/SVGFEDropShadowElement.cpp:
3318         (WebCore::SVGFEDropShadowElement::svgAttributeChanged): Ditto.
3319         * svg/SVGFEGaussianBlurElement.cpp:
3320         (WebCore::SVGFEGaussianBlurElement::svgAttributeChanged): Ditto.
3321         * svg/SVGFEImageElement.cpp:
3322         (WebCore::SVGFEImageElement::svgAttributeChanged): Ditto.
3323         * svg/SVGFELightElement.cpp:
3324         (WebCore::SVGFELightElement::svgAttributeChanged): Ditto.
3325         * svg/SVGFEMergeNodeElement.cpp:
3326         (WebCore::SVGFEMergeNodeElement::svgAttributeChanged): Ditto.
3327         * svg/SVGFEMorphologyElement.cpp:
3328         (WebCore::SVGFEMorphologyElement::svgAttributeChanged): Ditto.
3329         * svg/SVGFEOffsetElement.cpp:
3330         (WebCore::SVGFEOffsetElement::svgAttributeChanged): Ditto.
3331         * svg/SVGFESpecularLightingElement.cpp:
3332         (WebCore::SVGFESpecularLightingElement::svgAttributeChanged): Ditto.
3333         * svg/SVGFETileElement.cpp:
3334         (WebCore::SVGFETileElement::svgAttributeChanged): Ditto.
3335         * svg/SVGFETurbulenceElement.cpp:
3336         (WebCore::SVGFETurbulenceElement::svgAttributeChanged): Ditto.
3337         * svg/SVGFilterElement.cpp:
3338         (WebCore::SVGFilterElement::svgAttributeChanged): Ditto.
3339         * svg/SVGFilterPrimitiveStandardAttributes.cpp:
3340         (WebCore::SVGFilterPrimitiveStandardAttributes::svgAttributeChanged): Ditto.
3341         * svg/SVGForeignObjectElement.cpp:
3342         (WebCore::SVGForeignObjectElement::svgAttributeChanged): Ditto.
3343         * svg/SVGGElement.cpp:
3344         (WebCore::SVGGElement::svgAttributeChanged): Ditto.
3345         * svg/SVGGradientElement.cpp:
3346         (WebCore::SVGGradientElement::svgAttributeChanged): Ditto.
3347         * svg/SVGGraphicsElement.cpp:
3348         (WebCore::SVGGraphicsElement::svgAttributeChanged): Ditto.
3349         * svg/SVGImageElement.cpp:
3350         (WebCore::SVGImageElement::svgAttributeChanged): Ditto.
3351         * svg/SVGLineElement.cpp:
3352         (WebCore::SVGLineElement::svgAttributeChanged): Ditto.
3353         * svg/SVGLinearGradientElement.cpp:
3354         (WebCore::SVGLinearGradientElement::svgAttributeChanged): Ditto.
3355         * svg/SVGMPathElement.cpp:
3356         (WebCore::SVGMPathElement::svgAttributeChanged): Ditto.
3357         * svg/SVGMarkerElement.cpp:
3358         (WebCore::SVGMarkerElement::svgAttributeChanged): Ditto.
3359         * svg/SVGMaskElement.cpp:
3360         (WebCore::SVGMaskElement::svgAttributeChanged): Ditto.
3361         * svg/SVGPathElement.cpp:
3362         (WebCore::SVGPathElement::svgAttributeChanged): Ditto.
3363         * svg/SVGPatternElement.cpp:
3364         (WebCore::SVGPatternElement::svgAttributeChanged): Ditto.
3365         * svg/SVGPolyElement.cpp:
3366         (WebCore::SVGPolyElement::svgAttributeChanged): Ditto.
3367         * svg/SVGRadialGradientElement.cpp:
3368         (WebCore::SVGRadialGradientElement::svgAttributeChanged): Ditto.
3369         * svg/SVGRectElement.cpp:
3370         (WebCore::SVGRectElement::svgAttributeChanged): Ditto.
3371         * svg/SVGSVGElement.cpp:
3372         (WebCore::SVGSVGElement::svgAttributeChanged): Ditto.
3373         * svg/SVGScriptElement.cpp:
3374         (WebCore::SVGScriptElement::svgAttributeChanged): Ditto.
3375         * svg/SVGStopElement.cpp:
3376         (WebCore::SVGStopElement::svgAttributeChanged): Ditto.
3377         * svg/SVGSymbolElement.cpp:
3378         (WebCore::SVGSymbolElement::svgAttributeChanged): Ditto.
3379         * svg/SVGTRefElement.cpp:
3380         (WebCore::SVGTRefElement::svgAttributeChanged): Ditto.
3381         * svg/SVGTextContentElement.cpp:
3382         (WebCore::SVGTextContentElement::svgAttributeChanged): Ditto.
3383         * svg/SVGTextPathElement.cpp:
3384         (WebCore::SVGTextPathElement::svgAttributeChanged): Ditto.
3385         * svg/SVGTextPositioningElement.cpp:
3386         (WebCore::SVGTextPositioningElement::svgAttributeChanged): Ditto.
3387         * svg/SVGUseElement.cpp:
3388         (WebCore::SVGUseElement::svgAttributeChanged): Ditto.
3389         * svg/animation/SVGSMILElement.cpp:
3390         (WebCore::SVGSMILElement::svgAttributeChanged): Ditto.
3391
3392 2015-02-02  Darin Adler  <darin@apple.com>
3393
3394         REGRESSION (r170576): Storage leaks in parsing of CSS image sizes
3395         https://bugs.webkit.org/show_bug.cgi?id=141026
3396
3397         Reviewed by Brent Fulgham.
3398
3399         Forgot to actually fix the leak in the successful parse case!
3400
3401         * css/CSSParser.cpp:
3402         (WebCore::CSSParser::sourceSize): Added a call to destroy.
3403
3404 2015-02-02  Benjamin Poulain  <benjamin@webkit.org>
3405
3406         JIT Compile simple cases of :nth-last-child()
3407         https://bugs.webkit.org/show_bug.cgi?id=141053
3408
3409         Reviewed by Andreas Kling.
3410
3411         This patch adds the code generator for :nth-last-child(), skipping
3412         any :nth-last-child(An+B of selector list).
3413
3414         The code generator is boring here, nothing fancy.
3415         There is no optimization opportunity here so it is basically the same
3416         speed as the code generated by Clang when the simple selector is alone.
3417
3418         The only reason to JIT compile this is to avoid going to slow-path
3419         for every selector that contain :nth-last-child().
3420
3421         * cssjit/SelectorCompiler.cpp:
3422         (WebCore::SelectorCompiler::addNthChildType):
3423         The code creating the intermediate representation of :nth-child() is exactly
3424         the same as what we need for :nth-last-child(). I extracted the code from addPseudoClassType()
3425         and share it for both simple selectors.
3426
3427         (WebCore::SelectorCompiler::addPseudoClassType):
3428         I fail :nth-last-child(An+B of selector list). Let's add it later.
3429
3430         (WebCore::SelectorCompiler::minimumRegisterRequirements):
3431         Oops, there was a bug with nthChildOfFilters.
3432
3433         (WebCore::SelectorCompiler::hasAnyCombinators):
3434         (WebCore::SelectorCompiler::computeBacktrackingMemoryRequirements):
3435         (WebCore::SelectorCompiler::computeBacktrackingInformation):
3436         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatching):
3437         (WebCore::SelectorCompiler::setChildrenAffectedByBackwardPositionalRules):
3438         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthLastChild):
3439
3440 2015-02-02  Zalan Bujtas  <zalan@apple.com>
3441
3442         Simple line layout: Rename FlowContentsIterator to TextFragmentIterator.
3443         https://bugs.webkit.org/show_bug.cgi?id=141177
3444
3445         Rubber-stamped by Antti Koivisto
3446
3447         FlowContentsIterator is easy to confuse with FlowContents::Iterator.
3448         TextFragmentIterator reflects the functionality better.
3449
3450         No change in functionality.
3451
3452         * CMakeLists.txt:
3453         * WebCore.vcxproj/WebCore.vcxproj:
3454         * WebCore.vcxproj/WebCore.vcxproj.filters:
3455         * WebCore.xcodeproj/project.pbxproj:
3456         * rendering/SimpleLineLayout.cpp:
3457         (WebCore::SimpleLineLayout::LineState::setOverflowedFragment):
3458         (WebCore::SimpleLineLayout::LineState::overflowedFragment):
3459         (WebCore::SimpleLineLayout::LineState::appendFragment):
3460         (WebCore::SimpleLineLayout::begin):
3461         (WebCore::SimpleLineLayout::end):
3462         (WebCore::SimpleLineLayout::preWrap):
3463         (WebCore::SimpleLineLayout::removeTrailingWhitespace):
3464         (WebCore::SimpleLineLayout::splitFragmentToFitLine):
3465         (WebCore::SimpleLineLayout::firstFragment):
3466         (WebCore::SimpleLineLayout::createLineRuns):
3467         (WebCore::SimpleLineLayout::closeLineEndingAndAdjustRuns):
3468         (WebCore::SimpleLineLayout::splitRunsAtRendererBoundary):
3469         (WebCore::SimpleLineLayout::createTextRuns):
3470         * rendering/SimpleLineLayoutTextFragmentIterator.cpp: Renamed from Source/WebCore/rendering/SimpleLineLayoutFlowContentsIterator.cpp.
3471         (WebCore::SimpleLineLayout::TextFragmentIterator::Style::Style):
3472         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragmentIterator):
3473         (WebCore::SimpleLineLayout::TextFragmentIterator::nextTextFragment):
3474         (WebCore::SimpleLineLayout::TextFragmentIterator::textWidth):
3475         (WebCore::SimpleLineLayout::nextBreakablePosition):
3476         (WebCore::SimpleLineLayout::TextFragmentIterator::findNextBreakablePosition):
3477         (WebCore::SimpleLineLayout::findNextNonWhitespace):
3478         (WebCore::SimpleLineLayout::TextFragmentIterator::findNextNonWhitespacePosition):
3479         (WebCore::SimpleLineLayout::TextFragmentIterator::runWidth):
3480         * rendering/SimpleLineLayoutTextFragmentIterator.h: Renamed from Source/WebCore/rendering/SimpleLineLayoutFlowContentsIterator.h.
3481         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::TextFragment):
3482         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::start):
3483         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::end):
3484         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::width):
3485         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::type):
3486         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::isCollapsed):
3487         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::isBreakable):
3488         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::isEmpty):
3489         (WebCore::SimpleLineLayout::TextFragmentIterator::style):
3490         (WebCore::SimpleLineLayout::TextFragmentIterator::segmentForPosition):
3491         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::split):
3492         (WebCore::SimpleLineLayout::TextFragmentIterator::characterAt):
3493         (WebCore::SimpleLineLayout::TextFragmentIterator::isLineBreak):
3494         (WebCore::SimpleLineLayout::TextFragmentIterator::isEnd):
3495
3496 2015-02-02  Chris Dumez  <cdumez@apple.com>
3497
3498         Add diagnostic logging for ResourceResponse's source
3499         https://bugs.webkit.org/show_bug.cgi?id=141170
3500         <rdar://problem/19632080>
3501
3502         Reviewed by Antti Koivisto.
3503
3504         Add diagnostic logging for ResourceResponse's source (network, disk
3505         cache, disk cache after validation) to give us an idea of our network
3506         cache efficacy.
3507
3508         * loader/ResourceLoader.cpp:
3509         (WebCore::logResourceResponseSource):
3510         (WebCore::ResourceLoader::didReceiveResponse):
3511         * page/DiagnosticLoggingKeys.cpp:
3512         (WebCore::DiagnosticLoggingKeys::networkKey):
3513         (WebCore::DiagnosticLoggingKeys::diskCacheKey):
3514         (WebCore::DiagnosticLoggingKeys::diskCacheAfterValidationKey):
3515         (WebCore::DiagnosticLoggingKeys::resourceResponseKey):
3516         (WebCore::DiagnosticLoggingKeys::scriptKey):
3517         (WebCore::DiagnosticLoggingKeys::sourceKey):
3518         * page/DiagnosticLoggingKeys.h:
3519
3520 2015-02-02  Dhi Aurrahman  <diorahman@rockybars.com>
3521
3522         Optimize matchesLangPseudoClass() of :lang()
3523         https://bugs.webkit.org/show_bug.cgi?id=140873
3524
3525         Reviewed by Darin Adler.
3526
3527         Avoid unnecessary memory allocation.
3528
3529         No new tests, no behavior changed.
3530
3531         * css/SelectorCheckerTestFunctions.h:
3532         (WebCore::equalIgnoringASCIICase):
3533         (WebCore::containslanguageSubtagMatchingRange):
3534         (WebCore::matchesLangPseudoClass):
3535
3536 2015-02-02  Roger Fong  <roger_fong@apple.com>
3537
3538         WebGL2: Implement spec section 3.7.1 Setting and getting state (Part 2).
3539         https://bugs.webkit.org/show_bug.cgi?id=141096
3540         <rdar://problem/15002469>
3541
3542         Reviewed by Brent Fulgham.
3543
3544         This patch handles some of the valid arguments that could be passed into getParameter.
3545         The unhandled cases will be implemented as the associated WebGL2 features are implemented.
3546         In addition, getParameter queries that return 64 bit integer currently just return 0 as 
3547         we need to use ::glGetInteger64v which is only available in GLES 3.0 headers.
3548         I will be adding these headers in a future patch.
3549
3550         * bindings/js/JSWebGL2RenderingContextCustom.cpp:
3551         (WebCore::toJS): Accept a 64 bit integer type.
3552         * html/canvas/WebGL2RenderingContext.cpp: Handle various parameter inputs.
3553         (WebCore::WebGL2RenderingContext::getParameter):
3554         * html/canvas/WebGLGetInfo.cpp: Add a 64 bit integer type.
3555         (WebCore::WebGLGetInfo::WebGLGetInfo):
3556         (WebCore::WebGLGetInfo::getInt64):
3557         * html/canvas/WebGLGetInfo.h:
3558         * html/canvas/WebGLRenderingContextBase.cpp:
3559         (WebCore::WebGLRenderingContextBase::getInt64Parameter):
3560         * html/canvas/WebGLRenderingContextBase.h:
3561         * platform/graphics/GraphicsContext3D.h:
3562         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
3563         (WebCore::GraphicsContext3D::getInteger64v):
3564
3565 2015-02-02  Zalan Bujtas  <zalan@apple.com>
3566
3567         Simple line layout: use std::upper_bound in splitFragmentToFitLine()
3568         https://bugs.webkit.org/show_bug.cgi?id=141146
3569
3570         Reviewed by Antti Koivisto.
3571
3572         Replace the custom binary search implementation with std::upper_bound and
3573         move splitting functionality to TextFragment.
3574
3575         No change in functionality.
3576
3577         * rendering/SimpleLineLayout.cpp:
3578         (WebCore::SimpleLineLayout::FragmentForwardIterator::FragmentForwardIterator):
3579         (WebCore::SimpleLineLayout::FragmentForwardIterator::operator++):
3580         (WebCore::SimpleLineLayout::FragmentForwardIterator::operator!=):
3581         (WebCore::SimpleLineLayout::FragmentForwardIterator::operator*):
3582         (WebCore::SimpleLineLayout::begin):
3583         (WebCore::SimpleLineLayout::end):
3584         (WebCore::SimpleLineLayout::splitFragmentToFitLine):
3585         * rendering/SimpleLineLayoutFlowContentsIterator.cpp:
3586         (WebCore::SimpleLineLayout::FlowContentsIterator::runWidth):
3587         * rendering/SimpleLineLayoutFlowContentsIterator.h:
3588         (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::split):
3589
3590 2015-02-02  Geoffrey Garen  <ggaren@apple.com>
3591
3592         Use FastMalloc (bmalloc) instead of BlockAllocator for GC pages
3593         https://bugs.webkit.org/show_bug.cgi?id=140900
3594
3595         Reviewed by Mark Hahnenberg.
3596
3597         Re-landing just the HandleBlock piece of this patch.
3598
3599         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
3600         (WebCore::MemoryPressureHandler::install):
3601
3602 2015-02-02  Brent Fulgham  <bfulgham@apple.com>
3603
3604         [Win] 64-bit build fix after r179492.
3605
3606         * WebCore.vcxproj/WebCore.vcxproj: Forgot to build these files
3607         as standalone under 64-bit target.
3608
3609 2015-02-02  Benjamin Poulain  <bpoulain@apple.com>
3610
3611         Clean up attribute handling: part 2 - attributeNode
3612         https://bugs.webkit.org/show_bug.cgi?id=141109
3613
3614         Reviewed by Andreas Kling.
3615
3616         Our implementation was covering some old legacy behaviors of Firefox,
3617         even copying bugs in some cases.
3618
3619         The spec (https://dom.spec.whatwg.org) now defines the behavior precisely,
3620         let's move a bit closer to that.
3621
3622         Tests: fast/dom/Element/attribute-ascii-case-insensitive-3.html
3623                fast/dom/Element/attribute-setAttributeNode-multiple-times.html
3624                fast/dom/Element/attribute-setAttributeNodeNS-multiple-times.html
3625                fast/dom/Element/mozilla-dom-base-tests/test_bug1075702.html
3626                fast/dom/Element/mozilla-dom-base-tests/test_bug339494.html
3627                fast/dom/Element/mozilla-dom-base-tests/test_bug364092.xhtml
3628                fast/dom/Element/setAttributeNode-overriding-lowercase-values.html
3629
3630         * dom/Element.cpp:
3631         (WebCore::findAttrNodeInList):
3632         New getter for the name-without-namespace case.
3633
3634         (WebCore::Element::setAttributeNode):
3635         This one is the tricky one: https://dom.spec.whatwg.org/#dom-element-setattributenode
3636
3637         When setAttributeNode() is used with an AttributeNode without namespace,
3638         getting the old value behaves like getAttribute(), with ASCII lowercase name matching.
3639         When used with a namespace, getting the old value behaves like getAttributeNS().
3640
3641         Setting the value is a whole different story, the name used always keeps
3642         the original case.
3643
3644         Now that's a bit tricky for us because AttributeNodes are just legacy stuff we don't
3645         used internally.
3646
3647         We have 4 cases to handle:
3648         1) The name being set is lowercase, there was no conflicting name on the element.
3649            That's easy, we just override any node that would exist, set the name otherwise.
3650         2) The name is lowercase but there was an existing attribute for it.
3651            -We create a new AttributeNode for the name to represent the old name.
3652            -We check the names are the same with attribute.name().matches(attrNode->qualifiedName())
3653             and override the value.
3654         3) The name has uppercase characters, there is no conflicting name.
3655            We would not find an element to remove, we just use setAttributeInternal() as usual
3656            to add the attribute;
3657         4) The name has uppercase characters, there is a lowercase conflicing name.
3658            This is the weird behavior: we need to nuke the old attribute, then add the new attribute
3659            with a different case.
3660
3661            First we remove the attribute with a lowercase name with removeAttributeInternal().
3662            That becomes the old node.
3663
3664            There might still be an element of the same name as what we are trying to add. We don't want
3665            to add another version of the same attribute. We need to use findAttributeIndexByName() again
3666            to find if there is a conflicting attribute. Then we call setAttributeInternal() which handle
3667            the both the cases where there was an element or not.
3668
3669         (WebCore::Element::setAttributeNodeNS):
3670         This should work like any "NS" method.
3671
3672         (WebCore::Element::removeAttributeNode):
3673         The method removeAttributeNode() is supposed to be exact.
3674
3675         (WebCore::Element::getAttributeNode):
3676         (WebCore::Element::hasAttribute):
3677         (WebCore::Element::attrIfExists):
3678         * dom/Element.h:
3679         * dom/ElementData.cpp:
3680         (WebCore::ElementData::findAttributeIndexByNameSlowCase): Deleted.
3681         (WebCore::ElementData::findAttributeIndexByNameForAttributeNode): Deleted.
3682         Kill the slow case, every caller has been updated now.
3683         * dom/ElementData.h:
3684         (WebCore::ElementData::findAttributeIndexByName):
3685         * dom/QualifiedName.h:
3686         (WebCore::QualifiedName::matchesIgnoringCaseForLocalName): Deleted.
3687
3688 2015-02-02  peavo@outlook.com  <peavo@outlook.com>
3689
3690         Memory is written to after deallocated, in GraphicsLayer::setMaskLayer.
3691         https://bugs.webkit.org/show_bug.cgi?id=141168
3692
3693         Reviewed by Brent Fulgham.
3694
3695         Visual Studio detected that a deallocated heap block had been modified in GraphicsLayer::setMaskLayer,
3696         when called from RenderLayerBacking::updateChildClippingStrategy.
3697
3698         * rendering/RenderLayerBacking.cpp:
3699         (WebCore::RenderLayerBacking::updateChildClippingStrategy):
3700
3701 2015-02-02  Andreas Kling  <akling@apple.com>
3702
3703         [Cocoa] Make decoded image data purgeable ASAP.
3704         <https://webkit.org/b/140298>
3705         <rdar://problem/19623377>
3706
3707         Reviewed by Antti Koivisto.
3708
3709         Re-landing this patch since it turned out to not be the cause of
3710         the memory regression we saw around that revision.
3711
3712         Mark decoded images as "transient" which makes CoreGraphics mark
3713         the backing stores as purgeable shortly after they're used.
3714
3715         The decoded representation will remain in CoreGraphics's caches
3716         indefinitely unless the kernel gets starved and needs the pages.
3717
3718         Most resources will now reach a state where the encoded data is
3719         mmap'ed from disk cache (once the entire resource is downloaded)
3720         and the decoded data is purgeable.
3721
3722         This also has the side effect of making the MemoryCache more
3723         palatial since the decoded data cost can be deducted for images,
3724         allowing us to cache more resources.
3725
3726         Note that the worst case for this new behavior would be something
3727         like hovering below 100% memory utilization and constantly having
3728         to drop and re-decode images. While churny, it still beats
3729         crashing the process, plus there's tiling to remove many of the
3730         reasons we'd need the decoded data.
3731
3732         * platform/graphics/cg/ImageSourceCG.cpp:
3733         (WebCore::ImageSource::createFrameAtIndex):
3734
3735 2015-02-02  Joseph Pecoraro  <pecoraro@apple.com>
3736
3737         Web Inspector: Support console.table
3738         https://bugs.webkit.org/show_bug.cgi?id=141058
3739
3740         Reviewed by Timothy Hatcher.
3741
3742         * inspector/CommandLineAPIModuleSource.js:
3743         Include "table(foo)" as an alias of "console.table(foo)" on
3744         the command line.
3745
3746 2015-02-02  Roger Fong  <roger_fong@apple.com>
3747
3748         [Win] Build fix following r179482.
3749
3750         * WebCore.vcxproj/WebCore.vcxproj:
3751         * WebCore.vcxproj/WebCore.vcxproj.filters:
3752         * bindings/js/JSBindingsAllInOne.cpp:
3753         * platform/graphics/GraphicsContext3D.h:
3754
3755 2015-02-02  Chris Dumez  <cdumez@apple.com>
3756
3757         Access MemoryCache singleton using MemoryCache::singleton()
3758         https://bugs.webkit.org/show_bug.cgi?id=141104
3759
3760         Reviewed by Andreas Kling.
3761
3762         Access MemoryCache singleton using MemoryCache::singleton() static
3763         member function, instead of a free function, as per the recent
3764         coding style discussion on WebKit-dev.
3765
3766 2015-02-02  Zalan Bujtas  <zalan@apple.com>
3767
3768         Ambiguous naming: Do not call replacedContentRect()'s return value paint rect.
3769         https://bugs.webkit.org/show_bug.cgi?id=141125
3770
3771         Reviewed by Simon Fraser.
3772
3773         It's the content box rect with the object-fit adjustment.
3774
3775         No change in functionality.
3776
3777         * rendering/RenderHTMLCanvas.cpp:
3778         (WebCore::RenderHTMLCanvas::paintReplaced):
3779         * rendering/RenderImage.cpp:
3780         (WebCore::RenderImage::updateInnerContentRect):
3781         (WebCore::RenderImage::paintReplaced):
3782         * rendering/RenderReplaced.cpp:
3783         (WebCore::RenderReplaced::replacedContentRect):
3784         * rendering/SimpleLineLayout.cpp:
3785         (WebCore::SimpleLineLayout::splitFragmentToFitLine):
3786
3787 2015-02-02  Brent Fulgham  <bfulgham@apple.com>
3788
3789         [Win] Build fix after r179476.
3790         https://bugs.webkit.org/show_bug.cgi?id=141026
3791
3792         Reviewed by Anders Carlsson.
3793
3794         MSVC has a compiler bug that forces us to make some explicit statements about how
3795         the passed pointer values are handled.
3796
3797         * css/CSSParser.cpp:
3798         (WebCore::CSSParser::SourceSize::SourceSize):
3799         (WebCore::CSSParser::sourceSize):
3800         * css/CSSParser.h:
3801
3802 2015-02-02  Benjamin Poulain  <benjamin@webkit.org>
3803
3804         Get rid of invalidSelectorVector, use Bison's error recovery instead
3805         https://bugs.webkit.org/show_bug.cgi?id=141147
3806
3807         Reviewed by Darin Adler.
3808
3809         * css/CSSGrammar.y.in:
3810         Instead of reducing a null selector, we can use a real parsing error
3811         to get out of invalid selector endings.
3812
3813         When that happens, Bison will pop the stack until it can reduce any
3814         valid error recovery rules.
3815
3816         The problem is to make sure there is no floating values because
3817         none of the reduce block between the error and the recovery would
3818         be executed.
3819
3820         In this case, "nth_selector_ending" is a non-recursive production of
3821         the NTHCHILDFUNCTIONS. In turn, NTHCHILDFUNCTIONS are productions
3822         of the non-recursive "pseudo". "pseudo" is only used as a trivial
3823         production of "specifier". "specifier" is only used by "specifier_list".
3824
3825         "specifier_list" has error recovery code -> no production could have
3826         generated a floating values between "specifier_list" and "nth_selector_ending".
3827
3828 2015-01-30  Roger Fong  <roger_fong@apple.com>
3829
3830         WebGL2: Implement spec section 3.7.1 Setting and getting state (Part 1).
3831         https://bugs.webkit.org/show_bug.cgi?id=141096
3832         <rdar://problem/15002469>
3833
3834         Reviewed by Brent Fulgham.
3835
3836         This patch implements the WebGL2 versions of getParameter, getIndexedParameter and isEnabled.
3837         It also removes the WebGL1 implementations from WebGLRenderingContextBase and moves it to WebGLRenderingContext.
3838         I’ve stubbed out most of the parameters for now, some of which will be implemented in Part 2, 
3839         and the rest as the our WebGL2 implementation progresses.        
3840
3841         * bindings/js/JSWebGL2RenderingContextCustom.cpp:
3842         (WebCore::toJS):
3843         (WebCore::JSWebGL2RenderingContext::getIndexedParameter):
3844         * html/canvas/WebGL2RenderingContext.cpp:
3845         (WebCore::WebGL2RenderingContext::getIndexedParameter):
3846         (WebCore::WebGL2RenderingContext::getParameter):
3847         (WebCore::WebGL2RenderingContext::validateCapability):
3848         * html/canvas/WebGL2RenderingContext.h:
3849         * html/canvas/WebGL2RenderingContext.idl:
3850         * html/canvas/WebGLRenderingContext.cpp:
3851         (WebCore::WebGLRenderingContext::getParameter):
3852         (WebCore::WebGLRenderingContext::validateCapability):
3853         * html/canvas/WebGLRenderingContext.h:
3854         * html/canvas/WebGLRenderingContextBase.cpp:
3855         (WebCore::WebGLRenderingContextBase::getParameter): Deleted.
3856         (WebCore::WebGLRenderingContextBase::validateCapability): Deleted.
3857         * html/canvas/WebGLRenderingContextBase.h:
3858         * html/canvas/WebGLRenderingContextBase.idl:
3859         * platform/graphics/GraphicsContext3D.h:
3860
3861 2015-02-02  Daniel Bates  <dabates@apple.com>
3862
3863         [iOS] ASSERTION FAILED: m_scriptExecutionContext->isContextThread() in ContextDestructionObserver::observeContext
3864         https://bugs.webkit.org/show_bug.cgi?id=141057
3865         <rdar://problem/19068790>
3866
3867         Reviewed by Alexey Proskuryakov.
3868
3869         Fixes an issue where we would create-/delete- the RSA crypto keys and dispatch callbacks on the wrong
3870         thread in WebKit1 for iOS. In iOS WebKit1 we should perform such operations on thread WebThread.
3871
3872         This change is covered by existing layout tests.
3873
3874         * crypto/mac/CryptoKeyRSAMac.cpp:
3875         (WebCore::CryptoKeyRSA::generatePair):
3876
3877 2015-02-02  Jeremy Jones  <jeremyj@apple.com>
3878
3879         Prevent crash when accessing WebAVPlayerController.delegate.
3880         https://bugs.webkit.org/show_bug.cgi?id=140893
3881
3882         Reviewed by Darin Adler.
3883
3884         This patch aims to prevent a null delegate access during invalidation by adding null checks before accessing the delegate, by making explicit the recreation of m_playerController, and by consolidating and correcting the teardown sequence.
3885
3886         * WebCore.exp.in:
3887         * platform/ios/WebVideoFullscreenInterface.h: add resetMediaState()
3888         * platform/ios/WebVideoFullscreenInterfaceAVKit.h: ditto.
3889         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
3890         (-[WebAVPlayerController playerViewController:shouldExitFullScreenWithReason:]): Check for null before accessing delegate.
3891         (-[WebAVPlayerController play:]): ditto.
3892         (-[WebAVPlayerController pause:]): ditto.
3893         (-[WebAVPlayerController togglePlayback:]): ditto.
3894         (-[WebAVPlayerController setPlaying:]): ditto.
3895         (-[WebAVPlayerController beginScrubbing:]): ditto.
3896         (-[WebAVPlayerController endScrubbing:]): ditto.
3897         (-[WebAVPlayerController seekToTime:]): ditto.
3898         (-[WebAVPlayerController beginScanningForward:]): ditto.
3899         (-[WebAVPlayerController endScanningForward:]): ditto.
3900         (-[WebAVPlayerController beginScanningBackward:]): ditto.
3901         (-[WebAVPlayerController endScanningBackward:]): ditto.
3902         (-[WebAVPlayerController seekToBeginning:]): ditto.
3903         (-[WebAVPlayerController seekToEnd:]): ditto.
3904         (-[WebAVPlayerController setCurrentAudioMediaSelectionOption:]): ditto.
3905         (-[WebAVPlayerController setCurrentLegibleMediaSelectionOption:]): ditto.
3906         (-[WebAVPlayerController layoutSublayersOfLayer:]): ditto.
3907         (WebVideoFullscreenInterfaceAVKit::WebVideoFullscreenInterfaceAVKit): initialize m_playerController
3908         (WebVideoFullscreenInterfaceAVKit::resetMediaState): Added.
3909         (WebVideoFullscreenInterfaceAVKit::setDuration): remove playerController()
3910         (WebVideoFullscreenInterfaceAVKit::setCurrentTime): ditto.
3911         (WebVideoFullscreenInterfaceAVKit::setRate): ditto.
3912         (WebVideoFullscreenInterfaceAVKit::setVideoDimensions): ditto.
3913         (WebVideoFullscreenInterfaceAVKit::setSeekableRanges): ditto.
3914         (WebVideoFullscreenInterfaceAVKit::setCanPlayFastReverse): ditto.
3915         (WebVideoFullscreenInterfaceAVKit::setAudioMediaSelectionOptions): ditto.
3916         (WebVideoFullscreenInterfaceAVKit::setLegibleMediaSelectionOptions): ditto.
3917         (WebVideoFullscreenInterfaceAVKit::setExternalPlayback): ditto.
3918         (WebVideoFullscreenInterfaceAVKit::setupFullscreenInternal): ditto.
3919         (WebVideoFullscreenInterfaceAVKit::enterFullscreenStandard): ditto.
3920         (WebVideoFullscreenInterfaceAVKit::cleanupFullscreenInternal): consolidated cleanup code from invalidate()
3921         (WebVideoFullscreenInterfaceAVKit::invalidate): consolidate cleanup code.
3922         (WebVideoFullscreenInterfaceAVKit::playerController): Deleted.
3923         * platform/ios/WebVideoFullscreenModelVideoElement.mm:
3924         (WebVideoFullscreenModelVideoElement::setVideoElement): call resetMediaState()
3925
3926 2015-02-02  Darin Adler  <darin@apple.com>
3927
3928         REGRESSION (r170576): Storage leaks in parsing of CSS image sizes
3929         https://bugs.webkit.org/show_bug.cgi?id=141026
3930
3931         Reviewed by Anders Carlsson.
3932
3933         * css/CSSGrammar.y.in: Fixed all the shift/reduce conflicts caused
3934         by the ENABLE_PICTURE_SIZES code by removing all the redundant
3935         maybe_space which caused them. Rearranged the productions for
3936         ENABLE_PICTURE_SIZES to tighten up the code quite a bit. Changed
3937         the code to build up the source size vector as a Vector instead of
3938         a special class, and use the SourceSize struct from inside the
3939         CSSParser class.'
3940
3941         * css/CSSParser.cpp:
3942         (WebCore::CSSParser::setupParser): Changed this to take a StringView.
3943         In the future we can change all the parsing functions to take StringView,
3944         since they don't work with the String in place.
3945         (WebCore::CSSParser::parseSizesAttribute): Changed to return a vector
3946         of SourceSize instead of a SourceSizeList. This is better because it's
3947         a real CSS data structure that does not contain a CSSParserValue.
3948         (WebCore::CSSParser::sourceSize): Added. Helper that creates a
3949         SourceSize, mapping parser data structures into real CSS ones.
3950
3951         * css/CSSParser.h: Updated for changes above.
3952
3953         * css/MediaQuery.cpp:
3954         (WebCore::MediaQuery::MediaQuery): Use std::make_unique and the copy
3955         constructor directly instead of using a MediaQuery::copy function.
3956