9a28903258b09748787fbe3b4716ba51ce9594df
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2015-02-10  Julien Isorce  <j.isorce@samsung.com>
2
3         Render: properly update body's background image
4         https://bugs.webkit.org/show_bug.cgi?id=140183
5
6         When HTML and BODY renderers are both composited the
7         skipBodyBackground condition should also take into account
8         if the HTML's layer can draw its contents.
9
10         Reviewed by Darin Adler.
11
12         Test: animations/animation-background-image.html
13
14         * rendering/RenderBox.cpp:
15         (WebCore::skipBodyBackground): Do not skip
16         if document's layer cannot draw its content.
17         Previously both body and html did not paint the background
18         when they are both composited.
19
20         * rendering/RenderLayerBacking.cpp:
21         (WebCore::RenderLayerBacking::contentChanged): Also redisplay
22         the content.
23
24 2015-02-10  Eric Carlson  <eric.carlson@apple.com>
25
26         [iOS] don't get out of sync when interrupt/resume calls are not balanced
27         https://bugs.webkit.org/show_bug.cgi?id=141310
28
29         Reviewed by Jer Noble.
30
31         No new tests, updated media/video-interruption-with-resume-allowing-play.html.
32
33         * platform/audio/MediaSession.cpp:
34         (WebCore::MediaSession::beginInterruption): Count interruptions.
35         (WebCore::MediaSession::endInterruption): Ignore calls when m_interruptionCount is already zero.
36         * platform/audio/MediaSession.h:
37
38 2015-02-10  Carlos Garcia Campos  <cgarcia@igalia.com>
39
40         [GTK] GMutexLocker build issue
41         https://bugs.webkit.org/show_bug.cgi?id=141381
42
43         Reviewed by Žan Doberšek.
44
45         Use always WTF::GMutexLocker because newer glib versions have a
46         GMutexLocker in the public API.
47
48         * platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp:
49         (WebCore::AudioSourceProviderGStreamer::provideInput):
50         (WebCore::AudioSourceProviderGStreamer::handleAudioBuffer):
51         (WebCore::AudioSourceProviderGStreamer::clearAdapters):
52         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
53         (WebCore::MediaPlayerPrivateGStreamerBase::naturalSize):
54         (WebCore::MediaPlayerPrivateGStreamerBase::updateTexture):
55         (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
56         (WebCore::MediaPlayerPrivateGStreamerBase::paint):
57         * platform/graphics/gstreamer/VideoSinkGStreamer.cpp:
58         (webkitVideoSinkTimeoutCallback):
59         (webkitVideoSinkRender):
60         (unlockSampleMutex):
61         (webkitVideoSinkUnlockStop):
62         (webkitVideoSinkStart):
63         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
64         (webKitWebSrcGetProperty):
65         (webKitWebSrcStop):
66         (webKitWebSrcStart):
67         (webKitWebSrcChangeState):
68         (webKitWebSrcQueryWithParent):
69         (webKitWebSrcGetUri):
70         (webKitWebSrcSetUri):
71         (webKitWebSrcNeedDataMainCb):
72         (webKitWebSrcNeedDataCb):
73         (webKitWebSrcEnoughDataMainCb):
74         (webKitWebSrcEnoughDataCb):
75         (webKitWebSrcSeekDataCb):
76         (webKitWebSrcSetMediaPlayer):
77         (StreamingClient::createReadBuffer):
78         (StreamingClient::handleResponseReceived):
79         (StreamingClient::handleDataReceived):
80         (StreamingClient::handleNotifyFinished):
81         (ResourceHandleStreamingClient::wasBlocked):
82         (ResourceHandleStreamingClient::cannotShowURL):
83
84 2015-02-09  Alex Christensen  <achristensen@webkit.org>
85
86         Update WEBCORE_EXPORT to prepare to start using it.
87         https://bugs.webkit.org/show_bug.cgi?id=141409
88
89         Reviewed by Tim Horton.
90
91         * bindings/js/JSDOMGlobalObject.h:
92         * bindings/objc/DOMInternal.h:
93         * bindings/objc/ExceptionHandlers.mm:
94         * bindings/objc/WebScriptObjectPrivate.h:
95         * bindings/scripts/CodeGeneratorJS.pm:
96         (GenerateHeader):
97         * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
98         * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
99         * bindings/scripts/test/JS/JSTestEventConstructor.h:
100         * bindings/scripts/test/JS/JSTestEventTarget.h:
101         * bindings/scripts/test/JS/JSTestException.h:
102         * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
103         * bindings/scripts/test/JS/JSTestInterface.h:
104         * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
105         * bindings/scripts/test/JS/JSTestNamedConstructor.h:
106         * bindings/scripts/test/JS/JSTestNondeterministic.h:
107         * bindings/scripts/test/JS/JSTestObj.h:
108         * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
109         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
110         * bindings/scripts/test/JS/JSTestTypedefs.h:
111         * bindings/scripts/test/JS/JSattribute.h:
112         * bindings/scripts/test/JS/JSreadonly.h:
113         * css/StyleProperties.h:
114         * dom/DeviceMotionData.h:
115         * dom/Node.h:
116         * dom/Position.h:
117         * dom/ScriptExecutionContext.h:
118         * editing/Editor.h:
119         * editing/htmlediting.h:
120         * html/HTMLInputElement.h:
121         * html/TimeRanges.h:
122         * loader/FrameLoader.h:
123         * loader/cache/CacheValidation.h:
124         * loader/cache/MemoryCache.h:
125         * loader/icon/IconDatabase.h:
126         * page/DatabaseProvider.h:
127         * page/DiagnosticLoggingKeys.h:
128         * page/EventHandler.h:
129         * page/FrameSnapshotting.h:
130         * page/MainFrame.h:
131         * page/PageConsoleClient.h:
132         * page/PageOverlay.h:
133         * platform/CrossThreadCopier.h:
134         * platform/FileSystem.h:
135         * platform/PlatformSpeechSynthesizer.h:
136         * platform/RemoteCommandListener.h:
137         * platform/RuntimeApplicationChecks.h:
138         * platform/graphics/Font.h:
139         * platform/graphics/FontCache.h:
140         * platform/graphics/FontGlyphs.h:
141         * platform/graphics/FontRanges.h:
142         * platform/graphics/GeometryUtilities.h:
143         * platform/graphics/GlyphPage.h:
144         * platform/graphics/Region.h:
145         * platform/graphics/ca/PlatformCALayer.h:
146         * platform/graphics/ca/TileController.h:
147         * platform/graphics/transforms/TransformationMatrix.h:
148         * platform/mac/WebCoreFullScreenWarningView.h:
149         * platform/network/BlobDataFileReference.h:
150         * platform/network/ResourceRequestBase.h:
151         * platform/network/ResourceResponseBase.h:
152         * platform/network/create-http-header-name-table:
153         * platform/network/mac/WebCoreURLResponse.h:
154         * platform/sql/SQLiteDatabaseTracker.h:
155         * platform/sql/SQLiteStatement.h:
156         * rendering/HitTestLocation.h:
157         * rendering/HitTestResult.h:
158         * storage/StorageEventDispatcher.h:
159         Added WEBCORE_EXPORT macros.
160
161 2015-02-09  Chris Dumez  <cdumez@apple.com>
162
163         Check for self-assignment in Length::operator=(const Length&)
164         https://bugs.webkit.org/show_bug.cgi?id=141402
165
166         Reviewed by Andreas Kling.
167
168         Check for self-assignment in Length::operator=(const Length&) as
169         calling memcpy() with the same source and destination addresses has
170         undefined behavior.
171
172         * platform/Length.h:
173         (WebCore::Length::operator=):
174
175 2015-02-09  Roger Fong  <roger_fong@apple.com>
176
177         WebGL: Update 1.0.2 conformance layout tests and address new failure.
178         https://bugs.webkit.org/show_bug.cgi?id=141408.
179         <rdar://problem/19773236>
180
181         Reviewed by Dean Jackson.
182
183         Tests covered by updated 1.0.2 conformance tests.
184
185         * html/canvas/WebGLRenderingContextBase.cpp: 
186         Return null string instead of empty string if parameter validation fails.
187         (WebCore::WebGLRenderingContextBase::getProgramInfoLog):
188         (WebCore::WebGLRenderingContextBase::getShaderInfoLog):
189         (WebCore::WebGLRenderingContextBase::getShaderSource):
190
191 2015-02-09  Timothy Horton  <timothy_horton@apple.com>
192
193         Avoid using a HashMap for DisplayRefreshMonitorManager, which rarely has more than one item
194         https://bugs.webkit.org/show_bug.cgi?id=141353
195
196         Reviewed by Anders Carlsson.
197
198         No new tests, because there's no behavior change.
199
200         * platform/graphics/DisplayRefreshMonitorManager.cpp:
201         (WebCore::DisplayRefreshMonitorManager::ensureMonitorForClient):
202         (WebCore::DisplayRefreshMonitorManager::unregisterClient):
203         (WebCore::DisplayRefreshMonitorManager::displayDidRefresh):
204         * platform/graphics/DisplayRefreshMonitorManager.h:
205         Use a Vector of RefPtr<DisplayRefreshMonitor> instead of a HashMap
206         from uint64_t to RefPtr<DisplayRefreshMonitor>. There's usually only one
207         display, so there's usually only one DisplayRefreshMonitor. Linear search
208         on the Vector will be faster than the hash lookup in all conceivable cases.
209         This also avoids the situation mentioned in the comments in DisplayRefreshMonitorManager.h
210         where we don't know enough about PlatformDisplayID to safely hash it.
211
212 2015-02-09  Jer Noble  <jer.noble@apple.com>
213
214         [Mac] Disable the currentTime estimation code in HTMLMediaElement for Yosemite+
215         https://bugs.webkit.org/show_bug.cgi?id=141399
216
217         Reviewed by Eric Carlson.
218
219         Apparenty -[AVPlayer rate] means different things for HLS and progressive content; for progressive,
220         the -rate is the actual rate of playback. For HLS, the -rate is the requested rate, and will return
221         the requested value even if time is not progressing.
222
223         We added the currentTime estimation engine because asking AVFoundation for its -currentTime used to
224         be expensive, but we've been assured that in recent iOS and OS X releases, -currentTime should be
225         very fast. That, in combination with the HLS behavior of -rate and how it breaks the currentTime
226         estimation, means we should probably turn it off for iOS and Yosemite.
227
228         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
229         (WebCore::MediaPlayerPrivateAVFoundationObjC::maximumDurationToCacheMediaTime): Move implementation to .mm.
230         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
231         (WebCore::MediaPlayerPrivateAVFoundationObjC::maximumDurationToCacheMediaTime): Disable on iOS and >=10.10.
232
233 2015-02-07  Roger Fong  <roger_fong@apple.com>
234
235         WebGL 2: Texture call format, internal format, and type validation.
236         https://bugs.webkit.org/show_bug.cgi?id=141318.
237         <rdar://problem/19733828>
238
239         Reviewed by Brent Fulgham.
240
241         Tests will be covered by WebGL2 conformance tests.
242
243         * html/canvas/WebGL2RenderingContext.cpp:
244         (WebCore::WebGL2RenderingContext::getFramebufferAttachmentParameter): Add missing ExceptionCode argument.
245         (WebCore::WebGL2RenderingContext::copyTexImage2D): Validate texture formats based on GLES3 spec.
246         (WebCore::WebGL2RenderingContext::texSubImage2DBase): Validate using internal format from texture target.
247         (WebCore::WebGL2RenderingContext::texSubImage2DImpl): Validate using internal format from texture target.
248         (WebCore::WebGL2RenderingContext::texSubImage2D): Validate using internal format from texture target.
249         (WebCore::WebGL2RenderingContext::validateTexFuncParameters): Do extra validation for copyTexImage2D.
250         (WebCore::WebGL2RenderingContext::validateTexFuncFormatAndType): Validate internal format, format and type combination.
251         (WebCore::WebGL2RenderingContext::validateTexFuncData): Validate new data types.
252         This method now accepts an internal format argument.
253         (WebCore::WebGL2RenderingContext::baseInternalFormatFromInternalFormat):
254         Helper method to convert internal format to base internal format.
255         * html/canvas/WebGL2RenderingContext.h:
256
257         * html/canvas/WebGLRenderingContext.cpp:
258         (WebCore::WebGLRenderingContext::copyTexImage2D): Moved from WebGLRenderingContextBase.
259         (WebCore::WebGLRenderingContext::texSubImage2DBase): Ditto.
260         (WebCore::WebGLRenderingContext::texSubImage2DImpl): Ditto.
261         (WebCore::WebGLRenderingContext::texSubImage2D): Ditto.
262         (WebCore::WebGLRenderingContext::validateTexFuncParameters): Ditto.
263         (WebCore::WebGLRenderingContext::validateTexFuncFormatAndType): Ditto.
264         (WebCore::WebGLRenderingContext::validateTexFuncData): Ditto.
265         * html/canvas/WebGLRenderingContext.h:
266
267         * html/canvas/WebGLRenderingContextBase.cpp:
268         (WebCore::WebGLRenderingContextBase::texImage2DBase):
269         (WebCore::WebGLRenderingContextBase::validateTexFunc):
270         (WebCore::WebGLRenderingContextBase::texImage2D):
271         (WebCore::WebGLRenderingContextBase::copyTexImage2D): Deleted.
272         (WebCore::WebGLRenderingContextBase::texSubImage2DBase): Deleted.
273         (WebCore::WebGLRenderingContextBase::texSubImage2DImpl): Deleted.
274         (WebCore::WebGLRenderingContextBase::texSubImage2D): Deleted.
275         (WebCore::WebGLRenderingContextBase::validateTexFuncFormatAndType): Deleted.
276         (WebCore::WebGLRenderingContextBase::validateTexFuncParameters): Deleted.
277         (WebCore::WebGLRenderingContextBase::validateTexFuncData): Deleted.
278         * html/canvas/WebGLRenderingContextBase.h: Modify validation type enums to differentiate between CopyImage, TexImage and TexSubImage calls.
279         (WebCore::ScopedDrawingBufferBinder::ScopedDrawingBufferBinder):  Moved from WebGLRenderingContextBase.
280         (WebCore::ScopedDrawingBufferBinder::~ScopedDrawingBufferBinder): Ditto.
281         (WebCore::clip1D): Ditto.
282         (WebCore::clip2D): Ditto.
283         * platform/graphics/GraphicsContext3D.h: Rename a typo'ed enum.
284
285 2015-02-09  Commit Queue  <commit-queue@webkit.org>
286
287         Unreviewed, rolling out r179494.
288         https://bugs.webkit.org/show_bug.cgi?id=141395
289
290         Caused slowdown in a WebKit client test scenario (Requested by
291         kling on #webkit).
292
293         Reverted changeset:
294
295         "[Cocoa] Make decoded image data purgeable ASAP."
296         https://bugs.webkit.org/show_bug.cgi?id=140298
297         http://trac.webkit.org/changeset/179494
298
299 2015-02-09  Jer Noble  <jer.noble@apple.com>
300
301         [WebAudio] AudioBufferSourceNodes should accurately play backwards if given a negative playbackRate.
302         https://bugs.webkit.org/show_bug.cgi?id=140955
303
304         Reviewed by Eric Carlson.
305
306         Tests: webaudio/audiobuffersource-negative-playbackrate-interpolated.html
307                webaudio/audiobuffersource-negative-playbackrate.html
308
309         Add support for playing an AudioBufferSourceNode at a negative playbackRate. Change the meaning of
310         start() to set the initial playback position at the end of the play range if the rate of playback
311         is negtive.
312
313         * Modules/webaudio/AudioBufferSourceNode.cpp:
314         (WebCore::AudioBufferSourceNode::AudioBufferSourceNode): Allow the playbackRate AudioParam to range from [-32, 32].
315         (WebCore::AudioBufferSourceNode::renderFromBuffer): Change variable names from "start" and "end" to "min" and "max"
316             for clarity. Add a non-interpolated and interpolated render step for negative playback.
317         (WebCore::AudioBufferSourceNode::start): Drive-by fix: default value of grainDuration is not 0.02.
318         (WebCore::AudioBufferSourceNode::startPlaying): Start playing at the end of the buffer for negative playback.
319         (WebCore::AudioBufferSourceNode::totalPitchRate): Allow the pitch to be negative.
320
321 2015-02-09  Darin Adler  <darin@apple.com>
322
323         Try to fix build on platforms that use SVG "all in one" file (Windows).
324
325         * svg/SVGAElement.cpp: Don't do "using namespace HTMLNames;" outside of
326         function boundaries, because that will be inherited by other files.
327         (WebCore::SVGAElement::isURLAttribute): Use XLinkNames directly here
328         instead of using HTMLNames implicitly.
329
330         * svg/SVGElement.cpp: Don't do "using namespace HTMLNames;" outside of
331         function boundaries, because that will be inherited by other files.
332         (WebCore::populateAttributeNameToCSSPropertyIDMap): Instead do it in here.
333         (WebCore::populateAttributeNameToAnimatedPropertyTypeMap): And here.
334         (WebCore::populateCSSPropertyWithSVGDOMNameToAnimatedPropertyTypeMap): And here.
335         (WebCore::SVGElement::parseAttribute): And use HTMLNames directly here
336         instead of implicitly.
337
338 2015-02-09  Eric Carlson  <eric.carlson@apple.com>
339
340         [iOS] exit from fullscreen when player view controller calls delegate
341         https://bugs.webkit.org/show_bug.cgi?id=141350
342
343         Reviewed by Jer Noble.
344
345         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
346         (-[WebAVPlayerController playerViewControllerWillCancelOptimizedFullscree:]): New, ask delegate
347             to exit from fullscreen.
348
349 2015-02-06  Sergio Villar Senin  <svillar@igalia.com>
350
351         ASSERTION FAILED: resolvedInitialPosition <= resolvedFinalPosition in WebCore::GridSpan::GridSpan
352         https://bugs.webkit.org/show_bug.cgi?id=141328
353
354         Reviewed by Darin Adler.
355
356         Whenever
357         GridResolvedPosition::resolveGridPositionsFromAutoPlacementPosition()
358         was trying to place an item with span, it was completely ignoring
359         the resolvedInitialPosition returned by
360         GridResolvedPosition::resolveGridPositionAgainstOppositePosition()
361         and only using the finalResolvedPosition. This works with an
362         unlimited grid which can indefinitely grow. But if the item spans
363         over the grid track limits, then it might happen that the final
364         resolved position is placed before the initial resolved position,
365         something that is forbidden.
366
367         The solution is to directly use the GridSpan returned by
368         GridResolvedPosition::resolveGridPositionAgainstOppositePosition(), if the item
369         does not surpass the track limits then the returned initialResolvedPosition
370         is identical to the provided one, otherwise it's properly corrected to respect
371         track boundaries.
372
373         * rendering/style/GridResolvedPosition.cpp:
374         (WebCore::GridResolvedPosition::resolveGridPositionsFromAutoPlacementPosition):
375
376 2015-01-22  Sergio Villar Senin  <svillar@igalia.com>
377
378         [CSS Grid Layout] Tracks' growth limits must be >= base sizes
379         https://bugs.webkit.org/show_bug.cgi?id=140540
380
381         Reviewed by Antti Koivisto.
382
383         The track sizing algorithm is supposed to avoid those situations
384         but they easily (specially when we mix absolute lengths and
385         intrinsic lengths in min and max track sizing functions) and
386         frequently appear. In those cases the outcome from the algorithm
387         is wrong, tracks are not correctly sized.
388
389         In order to fulfill the restriction, m_usedBreadth and
390         m_maxBreadth are now private members of GridTrack and the class
391         now provides a couple of methods to modify them respecting the
392         growthLimit >= baseSize precondition.
393
394         Apart from that, the members and methods of GridTrack were also
395         renamed to match the ones used in the recent algorithm rewrite:
396         usedBreadth became baseSize and maxBreadth is now growthLimit.
397
398         Although the algorithm was not modified at all, this change
399         detected and fixed several invalid results (tracks and/or grids
400         bigger than expected).
401
402         * rendering/RenderGrid.cpp:
403         (WebCore::GridTrack::GridTrack): Renamed fields and methods. Added
404         assertions.
405         (WebCore::GridTrack::baseSize): Renamed from usedBreadth.
406         (WebCore::GridTrack::growthLimit): Renamed from maxBreadth.
407         (WebCore::GridTrack::setBaseSize):
408         (WebCore::GridTrack::setGrowthLimit):
409         (WebCore::GridTrack::growBaseSize): Renamed from growUsedBreadth.
410         (WebCore::GridTrack::growGrowthLimit): Renamed from growMaxBreadth.
411         (WebCore::GridTrack::growthLimitIsInfinite): New helper method.
412         (WebCore::GridTrack::growthLimitIfNotInfinite): Renamed from
413         maxBreadthIfNotInfinite.
414         (WebCore::GridTrack::isGrowthLimitBiggerThanBaseSize): New helper
415         method to verify ASSERTs are true.
416         (WebCore::GridTrack::ensureGrowthLimitIsBiggerThanBaseSize): Ditto.
417         (WebCore::GridTrackForNormalization::GridTrackForNormalization):
418         (WebCore::RenderGrid::computeIntrinsicLogicalWidths):
419         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
420         (WebCore::RenderGrid::computeNormalizedFractionBreadth):
421         (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions):
422         (WebCore::sortByGridTrackGrowthPotential):
423         (WebCore::RenderGrid::distributeSpaceToTracks):
424         (WebCore::RenderGrid::tracksAreWiderThanMinTrackBreadth):
425         (WebCore::RenderGrid::layoutGridItems):
426         (WebCore::RenderGrid::gridAreaBreadthForChild):
427         (WebCore::RenderGrid::populateGridPositions):
428         (WebCore::GridTrack::growUsedBreadth): Renamed to growBaseSize.
429         (WebCore::GridTrack::usedBreadth): Renamed to baseSize.
430         (WebCore::GridTrack::growMaxBreadth): Renamed to growGrowthLimit.
431         (WebCore::GridTrack::maxBreadthIfNotInfinite): Renamed to
432         growthLimitIfNotInfinite.
433         * rendering/RenderGrid.h:
434
435 2015-02-08  Chris Fleizach  <cfleizach@apple.com>
436
437         AX: VoiceOver appears unresponsive when JavaScript alerts are triggered via focus or blur events
438         https://bugs.webkit.org/show_bug.cgi?id=140485
439
440         Reviewed by Anders Carlsson.
441
442         If setting an accessibility attribute results in a modal alert being displayed, it can cause VoiceOver
443         to hang. A simple solution is perform the actual work after a short delay, which will ensure the call
444         returns without hanging.
445
446         Test: platform/mac/accessibility/setting-attributes-is-asynchronous.html
447
448         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
449         (-[WebAccessibilityObjectWrapper accessibilitySetValue:forAttribute:]):
450         (-[WebAccessibilityObjectWrapper _accessibilitySetValue:forAttribute:]):
451
452 2015-02-08  Benjamin Poulain  <benjamin@webkit.org>
453
454         Add parsing support for CSS Selector L4's case-insensitive attribute
455         https://bugs.webkit.org/show_bug.cgi?id=141373
456
457         Reviewed by Darin Adler.
458
459         This patch adds parsing for the case-insensitive attribute value
460         matching of CSS Selectors Level 4: http://dev.w3.org/csswg/selectors-4/#attribute-case
461         Excuse of a grammar: http://dev.w3.org/csswg/selectors-4/#grammar
462
463         This patch also covers serialization for CSSOM. The serialization
464         is defined here: http://dev.w3.org/csswg/cssom/#serializing-selectors
465
466         Matching is completely ignored in this patch. All the simple selectors
467         are treated as regular attribute selectors.
468
469         Tests: fast/css/parsing-css-attribute-case-insensitive-value-1.html
470                fast/css/parsing-css-attribute-case-insensitive-value-2.html
471                fast/css/parsing-css-attribute-case-insensitive-value-3.html
472                fast/css/parsing-css-attribute-case-insensitive-value-4.html
473
474         * css/CSSGrammar.y.in:
475         * css/CSSParserValues.h:
476         (WebCore::CSSParserSelector::setAttributeValueMatchingIsCaseInsensitive):
477         * css/CSSSelector.cpp:
478         (WebCore::CSSSelector::CSSSelector):
479         (WebCore::CSSSelector::selectorText):
480         * css/CSSSelector.h:
481         (WebCore::CSSSelector::CSSSelector):
482         (WebCore::CSSSelector::setAttributeValueMatchingIsCaseInsensitive):
483         (WebCore::CSSSelector::attributeValueMatchingIsCaseInsensitive):
484
485 2015-02-08  Darin Adler  <darin@apple.com>
486
487         Fix CMake-based build.
488
489         * CMakeLists.txt: Added a dependency on the CMakeLists.txt itself, analogous
490         to the one I added in DerivedSources.make.
491
492 2015-02-08  Darin Adler  <darin@apple.com>
493
494         Fix debug build.
495
496         * bindings/js/JSEventListener.h: Removed a call to forwardEventListeners.
497
498 2015-02-08  Darin Adler  <darin@apple.com>
499
500         Remove the SVG instance tree
501         https://bugs.webkit.org/show_bug.cgi?id=140602
502
503         Reviewed by Dean Jackson.
504
505         * CMakeLists.txt: Removed SVGElementInstance source files.
506         * DerivedSources.cpp: Ditto.
507         * DerivedSources.make: Ditto.
508         * WebCore.vcxproj/WebCore.vcxproj: Ditto.
509         * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
510         * WebCore.xcodeproj/project.pbxproj: Ditto.
511         * bindings/js/JSBindingsAllInOne.cpp: Ditto.
512
513         * bindings/js/JSEventListener.cpp:
514         (WebCore::forwardsEventListeners): Deleted. Only returned true for JSSVGElementInstance.
515         (WebCore::correspondingElementWrapper): Deleted. Only used for JSSVGElementInstance.
516         (WebCore::createJSEventListenerForAttribute): Deleted. Argument type was JSSVGElementInstance.
517         (WebCore::createJSEventListenerForAdd): Removed most of the code; later we can delete this entirely.
518
519         * bindings/js/JSEventListener.h: Removed the overload of createJSEventListenerForAttribute
520         that takes a JSSVGElementInstance.
521
522         * bindings/js/JSSVGElementInstanceCustom.cpp: Removed.
523
524         * dom/ContainerNodeAlgorithms.h: Updated comment to reflect the fact that
525         this code is really now only used for ContainerNode and no longer needs to
526         exist in a generic form.
527
528         * dom/EventTarget.h: Removed forward declaration of SVGElementInstance.
529         * svg/SVGElement.h: Ditto.
530
531         * dom/EventTargetFactory.in: Removed SVGElementInstance.
532
533         * svg/SVGElementInstance.cpp: Removed.
534         * svg/SVGElementInstance.h: Removed.
535         * svg/SVGElementInstance.idl: Removed.
536
537         * svg/SVGUseElement.cpp:
538         (WebCore::SVGUseElement::insertedInto): Removed obsolete comment.
539         (WebCore::SVGUseElement::instanceTreeIsLoading): Deleted. Unused
540         function that I forgot to delete in my last patch. It also had a
541         glaring mistake, a missing "return" before the recursive call to
542         itself that would cause it to return false when it should return true.
543
544         * svg/SVGUseElement.h: Removed instanceTreeIsLoading.
545
546         * dom/EventDispatcher.cpp: Removed include of SVGElementInstance.h.
547         * page/EventHandler.cpp: Ditto.
548         * rendering/svg/RenderSVGViewportContainer.cpp: Ditto.
549         * svg/SVGAElement.cpp: Ditto.
550         * svg/SVGAllInOne.cpp: Ditto.
551         * svg/SVGAnimateMotionElement.cpp: Ditto.
552         * svg/SVGAnimatedTypeAnimator.h: Ditto.
553         * svg/SVGAnimationElement.cpp: Ditto.
554         * svg/SVGCircleElement.cpp: Ditto.
555         * svg/SVGClipPathElement.cpp: Ditto.
556         * svg/SVGComponentTransferFunctionElement.cpp: Ditto.
557         * svg/SVGCursorElement.cpp: Ditto.
558         * svg/SVGElement.cpp: Ditto.
559         * svg/SVGEllipseElement.cpp: Ditto.
560         * svg/SVGFEBlendElement.cpp: Ditto.
561         * svg/SVGFEColorMatrixElement.cpp: Ditto.
562         * svg/SVGFECompositeElement.cpp: Ditto.
563         * svg/SVGFEConvolveMatrixElement.cpp: Ditto.
564         * svg/SVGFEDiffuseLightingElement.cpp: Ditto.
565         * svg/SVGFEDisplacementMapElement.cpp: Ditto.
566         * svg/SVGFEDropShadowElement.cpp: Ditto.
567         * svg/SVGFEGaussianBlurElement.cpp: Ditto.
568         * svg/SVGFEImageElement.cpp: Ditto.
569         * svg/SVGFELightElement.cpp: Ditto.
570         * svg/SVGFEMergeNodeElement.cpp: Ditto.
571         * svg/SVGFEMorphologyElement.cpp: Ditto.
572         * svg/SVGFEOffsetElement.cpp: Ditto.
573         * svg/SVGFESpecularLightingElement.cpp: Ditto.
574         * svg/SVGFETileElement.cpp: Ditto.
575         * svg/SVGFETurbulenceElement.cpp: Ditto.
576         * svg/SVGFilterElement.cpp: Ditto.
577         * svg/SVGFilterPrimitiveStandardAttributes.cpp: Ditto.
578         * svg/SVGForeignObjectElement.cpp: Ditto.
579         * svg/SVGGElement.cpp: Ditto.
580         * svg/SVGGradientElement.cpp: Ditto.
581         * svg/SVGGraphicsElement.cpp: Ditto.
582         * svg/SVGImageElement.cpp: Ditto.
583         * svg/SVGLineElement.cpp: Ditto.
584         * svg/SVGLinearGradientElement.cpp: Ditto.
585         * svg/SVGMarkerElement.cpp: Ditto.
586         * svg/SVGMaskElement.cpp: Ditto.
587         * svg/SVGPathElement.cpp: Ditto.
588         * svg/SVGPatternElement.cpp: Ditto.
589         * svg/SVGPolyElement.cpp: Ditto.
590         * svg/SVGRadialGradientElement.cpp: Ditto.
591         * svg/SVGRectElement.cpp: Ditto.
592         * svg/SVGSVGElement.cpp: Ditto.
593         * svg/SVGScriptElement.cpp: Ditto.
594         * svg/SVGStopElement.cpp: Ditto.
595         * svg/SVGSymbolElement.cpp: Ditto.
596         * svg/SVGTRefElement.cpp: Ditto.
597         * svg/SVGTextContentElement.cpp: Ditto.
598         * svg/SVGTextElement.cpp: Ditto.
599         * svg/SVGTextPathElement.cpp: Ditto.
600         * svg/SVGTextPositioningElement.cpp: Ditto.
601
602 2015-02-07  Dean Jackson  <dino@apple.com>
603
604         Tweak inline playback controls to match system spec
605         https://bugs.webkit.org/show_bug.cgi?id=141375
606         <rdar://problem/19760754>
607
608         Reviewed by Sam Weinig.
609
610         Rework the UI of the inline media controls on iOS, to
611         better match the system specification. I've batched a
612         few changes into one patch because many of them are
613         inter-dependent, and not very aggressive. Changes are:
614
615         - updated artwork for the buttons.
616         - separate artwork for normal and active states.
617         - background images are now explicitly sized and positioned
618           in the middle of the element, allowing audio and video
619           to use the same glyphs even though the elements are
620           different sizes.
621         - use plus-darker blend mode on the button glyphs.
622         - rearranged some of the rules to group things in a
623           logical order.
624         - time should front-pad a "0" character, if less than 10.
625         - no need for an "active" class on the Airplay button (although
626           I won't be surprised if this changes back).
627
628         * Modules/mediacontrols/mediaControlsiOS.css:
629         (::-webkit-media-controls):
630         (video::-webkit-media-controls-wireless-playback-picker-button.active): Deleted.
631         (audio::-webkit-media-controls-wireless-playback-picker-button.active): Deleted.
632         (audio::-webkit-media-controls-play-button:active): Deleted.
633         (audio::-webkit-media-controls-play-button.paused): Deleted.
634         (video::-webkit-media-controls-timeline): Deleted.
635         * Modules/mediacontrols/mediaControlsiOS.js:
636         (ControllerIOS.prototype.updateWirelessPlaybackStatus): No need
637         for the "active" class.
638         (ControllerIOS.prototype.formatTime): Pad with a leading zero.
639
640 2015-02-08  Darin Adler  <darin@apple.com>
641
642         Make SVGUseElement work without creating any SVGElementInstance objects
643         https://bugs.webkit.org/show_bug.cgi?id=141374
644
645         Reviewed by Sam Weinig.
646
647         * dom/ElementIterator.h: Changed the * and -> operators to be const.
648         There is no need for the iterator itself to be modified just to dereference it.
649
650         * dom/TypedElementDescendantIterator.h: Added DoubleTypedElementDescendantIterator.
651         This allows callers to call descendantsOfType on two elements, as long as the caller
652         can guarantee that both have the same number of descendants of that type. It's handy
653         for walking a tree of cloned elements to set up something between each original and
654         its clone. In the future we might instead change the cloning machinery so it can do
655         this work as we clone, and if so, we could consider deleting this.
656
657         * svg/SVGElement.cpp:
658         (WebCore::SVGElement::correspondingElement): Made this const.
659         (WebCore::SVGElement::invalidateInstances): Got rid of the rule that said "this can
660         only be done for an element in a document", since it's useful to do this on an element
661         that has just been removed from a document. Removed the "updateStyleIfNeeded" call
662         here now that the other changes make it no longer needed. Removed an unimportant
663         assertion that we only invalidate use elements that are in a document; that's not
664         a necessary restriction. Streamlined the logic a bit.
665
666         * svg/SVGElement.h: Made correspondingElement const.
667
668         * svg/SVGUseElement.cpp:
669         (WebCore::SVGUseElement::insertedInto): Removed an assertion about
670         m_targetElementInstance since that's gone now.
671         (WebCore::SVGUseElement::svgAttributeChanged): Changed code that transfers
672         size attributes to the shadow tree to use shadowTreeTargetClone instead of
673         m_targetElementInstance.
674         (WebCore::SVGUseElement::clearResourceReferences): Removed code to detach
675         m_targetElementInstance, and also the call to removeAllTargetReferencesForElement,
676         because we no longer use those.
677         (WebCore::SVGUseElement::buildPendingResource): Moved the code to build the
678         shadow tree in here and deleted the buildShadowAndInstanceTree function.
679         Also changed logic so that we use a pending resource any time the target is not
680         a valid one. That helps us correctly handle cases where we initially have an
681         invalid target, but later get a value one
682         (WebCore::SVGUseElement::buildShadowAndInstanceTree): Deleted. The code here
683         was greatly simplified and moved into buildPendingResource.
684         (WebCore::SVGUseElement::buildInstanceTree): Deleted.
685         (WebCore::SVGUseElement::hasCycleUseReferencing): Deleted. Cycles are now
686         detected by the new isValidTarget function and so there's no need for a
687         separate explicit check for a cycle.
688         (WebCore::associateClonesWithOriginals): Added. Helper that makes
689         functions that build the shadow tree simpler and easier to read.
690         (WebCore::associateReplacementCloneWithOriginal): Added. Helper to
691         make associateReplacementClonesWithOriginals simple.
692         (WebCore::associateReplacementClonesWithOriginals): Added. Helper that
693         makes functions that build the shadow tree simpler and easier to read.
694         (WebCore::SVGUseElement::buildShadowTree): Call associateClonesWithOriginals
695         since associateInstancesWithShadowTreeElements no longer does this.
696         (WebCore::SVGUseElement::isValidTarget): Added. Covers all the different
697         reasons a target might not be valid: type of element, reference cycles, and
698         also "not in document" (refactored in here; not sure when that can happen
699         in practice, might be possible to remove it later).
700         (WebCore::SVGUseElement::expandUseElementsInShadowTree): Add checks for
701         documents that are still loading; this used to be checked when building the
702         instance tree. Added calls to associateReplacementClonesWithOriginals and
703         associateClonesWithOriginals; that used to be done by later in the
704         associateInstancesWithShadowTreeElements function. Use isValidTarget so
705         we handle cycles as well as invalid target types.
706         (WebCore::SVGUseElement::expandSymbolElementsInShadowTree): Added a call to
707         associateReplacementClonesWithOriginals, since we can no longer do that in
708         associateInstancesWithShadowTreeElements.
709         (WebCore::SVGUseElement::associateInstancesWithShadowTreeElements): Deleted.
710         (WebCore::SVGUseElement::instanceForShadowTreeElement): Deleted.
711         (WebCore::SVGUseElement::invalidateDependentShadowTrees): Removed a comment
712         that simply restated the name of the function.
713
714         * svg/SVGUseElement.h: Removed instanceForShadowTreeElement,
715         buildShadowAndInstanceTree, detachInstance, buildInstanceTree,
716         hasCycleUseReferencing, associateInstancesWithShadowTreeElements,
717         instanceForShadowTreeElement, and m_targetElementInstance. Added isValidTarget.
718
719 2015-02-08  Chris Dumez  <cdumez@apple.com>
720
721         [WK2] Add logging to validate the network cache efficacy (Part 1)
722         https://bugs.webkit.org/show_bug.cgi?id=141269
723         <rdar://problem/19632080>
724
725         Reviewed by Antti Koivisto.
726
727         Export an extra symbol.
728
729         * WebCore.exp.in:
730
731 2015-02-07  Chris Fleizach  <cfleizach@apple.com>
732
733         AX: The input element with type="search" has no default focus outline
734         https://bugs.webkit.org/show_bug.cgi?id=140326
735
736         Reviewed by Darin Adler.
737
738         The platform RenderTheme takes care of the search field, and that code
739         was missing a check for whether the element was focused.
740
741         Test: fast/css/focus-ring-exists-for-search-field.html
742
743         * rendering/RenderThemeMac.mm:
744         (WebCore::RenderThemeMac::paintSearchField):
745
746 2015-02-07  Tim Horton  <timothy_horton@apple.com>
747
748         Add some dictionary lookup tests
749         https://bugs.webkit.org/show_bug.cgi?id=141355
750
751         Reviewed by Darin Adler.
752
753         Tests: platform/mac/editing/dictionary-lookup/dictionary-lookup-input.html
754                platform/mac/editing/dictionary-lookup/dictionary-lookup-inside-selection.html
755                platform/mac/editing/dictionary-lookup/dictionary-lookup-outside-selection.html
756                platform/mac/editing/dictionary-lookup/dictionary-lookup-rtl.html
757                platform/mac/editing/dictionary-lookup/dictionary-lookup.html
758
759         * WebCore.exp.in:
760         Remove an unneeded export.
761
762         * editing/mac/DictionaryLookup.h:
763         Use OBJC_CLASS instead of @class so that this can be included in pure-C++ files.
764
765         * testing/Internals.cpp:
766         (WebCore::Internals::rangeForDictionaryLookupAtLocation):
767         * testing/Internals.h:
768         * testing/Internals.idl:
769         Expose rangeForDictionaryLookupAtHitTestResult fairly directly to JavaScript.
770
771 2015-02-07  Chris Dumez  <cdumez@apple.com>
772
773         Add Vector::removeFirstMatching() / removeAllMatching() methods taking lambda functions
774         https://bugs.webkit.org/show_bug.cgi?id=141321
775
776         Reviewed by Darin Adler.
777
778         Use new Vector::removeFirstMatching() / removeAllMatching() methods.
779
780 2015-02-07  Darin Adler  <darin@apple.com>
781
782         Stop dispatching events to with SVGElementInstance objects as their targets
783         https://bugs.webkit.org/show_bug.cgi?id=141108
784
785         Reviewed by Anders Carlsson.
786
787         Test: svg/custom/use-event-retargeting.html
788
789         * dom/EventDispatcher.cpp:
790         (WebCore::eventTargetRespectingTargetRules): Replaced the code that retargeted
791         events at SVGElementInstance objects with code that retargets them at the use
792         element instead. Also wrote the code in a simpler way.
793
794 2015-02-07  Jer Noble  <jer.noble@apple.com>
795
796         [Mac] Set -contentsScale on AVPlayerLayer to allow AVPlayer to select the appropriate HLS variant.
797         https://bugs.webkit.org/show_bug.cgi?id=141354
798         rdar://problem/19717591
799
800         Reviewed by Darin Adler.
801
802         AVPlayer will try to determine the correct HLS variant based on the bounds of an AVPlayerLayer.
803         When not in a layer tree, AVFoundation is not able to determine the correct mapping from logical
804         units to pixel values. To provide AVPlayer with that scaling value, set -contentsScale based on
805         both the current device scale and the current page scale.
806
807         Since this needs to be set at initialization time, before the AVPlayer is has any AVPlayerItems,
808         add some plumbing up from MediaPlayer to as the HTMLMediaElement for the appropriate contents
809         scale.
810
811         * html/HTMLMediaElement.cpp:
812         (WebCore::HTMLMediaElement::mediaPlayerContentsScale):
813         * html/HTMLMediaElement.h:
814         * platform/graphics/MediaPlayer.h:
815         (WebCore::MediaPlayerClient::mediaPlayerContentsScale):
816         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
817         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer):
818         * platform/graphics/ca/GraphicsLayerCA.cpp:
819         (WebCore::GraphicsLayerCA::updateContentsScale):
820
821 2015-02-07  Alexey Proskuryakov  <ap@apple.com>
822
823         ASan complains about plugins/snapshotting/snapshot-plugin-not-quite-blocked-by-image.html
824         https://bugs.webkit.org/show_bug.cgi?id=141352
825         rdar://problem/19717490
826
827         Reviewed by Anders Carlsson.
828
829         * dom/Document.cpp: (WebCore::Document::ensurePlugInsInjectedScript): This string
830         is not null terminated.
831
832 2015-02-06  Zalan Bujtas  <zalan@apple.com>
833
834         ASSERT repaintContainer->hasLayer() in WebCore::RenderObject::repaintUsingContainer
835         https://bugs.webkit.org/show_bug.cgi?id=140750
836
837         Reviewed by Simon Fraser.
838
839         There's a short period of time when RenderObject::layer() still returns a valid pointer
840         even though we already cleared the hasLayer() flag.
841         Do not use the layer as repaint container in such cases.
842
843         Test: compositing/repaint-container-assertion-when-toggling-compositing.html
844
845         * rendering/RenderObject.cpp:
846         (WebCore::RenderObject::enclosingLayer):
847
848 2015-02-06  Chris Dumez  <cdumez@apple.com>
849
850         Have SQLiteStatement::database() return a reference
851         https://bugs.webkit.org/show_bug.cgi?id=141348
852
853         Reviewed by Andreas Kling.
854
855         Have SQLiteStatement::database() return a reference as it can never
856         return null.
857
858         * loader/icon/IconDatabase.cpp:
859         (WebCore::readySQLiteStatement):
860         * platform/sql/SQLiteStatement.h:
861         (WebCore::SQLiteStatement::database):
862
863 2015-02-06  Brent Fulgham  <bfulgham@apple.com>
864
865         Add youtube-nocookie URL to isYouTubeURL predicate 
866         https://bugs.webkit.org/show_bug.cgi?id=141347
867         <rdar://problem/19430657>
868
869         Reviewed by Eric Carlson.
870
871         * Modules/plugins/YouTubePluginReplacement.cpp:
872         (WebCore::isYouTubeURL): Update for additional youtube-nocookie site.
873
874 2015-02-06  Said Abou-Hallawa  <sabouhallawa@apple.com>
875
876         Invalid cast in WebCore::SVGAnimateElement::calculateAnimatedValue.
877         https://bugs.webkit.org/show_bug.cgi?id=135171.
878
879         Reviewed by Dean Jackson.
880
881         The bug happens when an SVG element is animated by <animateMotion> followed by an
882         <animateColor> or an <animate> and the values of the "attributeName" in both elements
883         are the same. The problem is <animateMotion> should not have an attribute to animate.
884         If it does by fuzz or by mistake, then we assume the <animateMotion> and the <animate>
885         animate the same attribute for the same element target. Therefore we schedule them in
886         the same AnimationVector in SMILTimeContainer::schedule(). When we call
887         SVGAnimateElementBase::calculateAnimatedValue() for an SVGAnimateColorElement and the
888         resultElement is SVGAnimateMotionElement, we fail to cast it to SVGAnimateElementBase
889         because SVGAnimateMotionElement is derived from SVGAnimationElement which is the base
890         class of all animate elements including SVGAnimateElementBase.
891
892         The fix is to nullify setting "attributeName" of an SVGAnimationElement. By doing so,
893         "attributeName" and its value will be ignored from the <animateMotion> which is correct.
894         
895         Tests: svg/animations/animate-montion-invalid-attribute.svg.
896
897         * svg/SVGAnimateElementBase.cpp:
898         (WebCore::SVGAnimateElementBase::setAttributeName):
899         Do not call SVGAnimationElement::setAttributeName() since SVGAnimationElement should
900         not have an attribute to animate. We prevent this by bypassing the parent in the class 
901         hierarchy: SVGAnimationElement and calling SVGSMILElement::setAttributeName() directly.
902         
903         * svg/SVGAnimationElement.cpp:
904         (WebCore::SVGAnimationElement::setAttributeName): Deleted.
905         * svg/SVGAnimationElement.h:
906         SVGAnimationElement should not have an attribute to animate. So implement its
907         setAttributeName() as a null function.
908
909 2015-02-06  Simon Fraser  <simon.fraser@apple.com>
910
911         Convert the compositing overlap map to use LayoutRects
912         https://bugs.webkit.org/show_bug.cgi?id=141346
913         rdar://problem/18206365
914
915         Reviewed by Zalan Bujtas.
916         
917         If two compositing layers were adjoining but not overlapping, but happened to
918         have non-integral offsets, then using enclosing IntRects in the overlap map
919         would cause us to think they are overlapping, and create unnecessary backing store.
920         
921         Fix by converting the overlap map to use LayoutRects.
922
923         Test: compositing/layer-creation/subpixel-adjacent-layers-overlap.html
924
925         * rendering/RenderLayerCompositor.cpp:
926         (WebCore::OverlapMapContainer::add):
927         (WebCore::OverlapMapContainer::overlapsLayers):
928         (WebCore::RenderLayerCompositor::OverlapMap::add):
929         (WebCore::RenderLayerCompositor::OverlapMap::overlapsLayers):
930         (WebCore::RenderLayerCompositor::OverlapMap::RectList::append):
931         (WebCore::RenderLayerCompositor::OverlapMap::RectList::intersects):
932         (WebCore::RenderLayerCompositor::logLayerInfo):
933         (WebCore::RenderLayerCompositor::addToOverlapMap):
934         (WebCore::RenderLayerCompositor::addToOverlapMapRecursive):
935         (WebCore::RenderLayerCompositor::computeCompositingRequirements):
936         * rendering/RenderLayerCompositor.h:
937
938 2015-02-06  Andreas Kling  <akling@apple.com>
939
940         Ref-ify various getters that return HTMLCollection.
941         <https://webkit.org/b/141336>
942
943         Reviewed by Anders Carlsson.
944
945         Make all the getters that return HTMLCollection objects (and never return nullptr)
946         return Ref instead of RefPtr.
947
948         Removed a couple of useless null checks that were exposed by this change.
949
950         * accessibility/AccessibilityRenderObject.cpp:
951         (WebCore::AccessibilityRenderObject::getDocumentLinks):
952         * bindings/js/JSDOMWindowCustom.cpp:
953         (WebCore::namedItemGetter):
954         * bindings/js/JSHTMLDocumentCustom.cpp:
955         (WebCore::JSHTMLDocument::nameGetter):
956         * dom/Document.cpp:
957         (WebCore::Document::ensureCachedCollection):
958         (WebCore::Document::images):
959         (WebCore::Document::applets):
960         (WebCore::Document::embeds):
961         (WebCore::Document::plugins):
962         (WebCore::Document::scripts):
963         (WebCore::Document::links):
964         (WebCore::Document::forms):
965         (WebCore::Document::anchors):
966         (WebCore::Document::all):
967         (WebCore::Document::windowNamedItems):
968         (WebCore::Document::documentNamedItems):
969         (WebCore::Document::iconURLs):
970         * dom/Document.h:
971         * dom/Element.cpp:
972         (WebCore::Element::ensureCachedHTMLCollection):
973         * dom/Element.h:
974         * html/ColorInputType.cpp:
975         (WebCore::ColorInputType::suggestions):
976         * html/HTMLDataListElement.cpp:
977         (WebCore::HTMLDataListElement::options):
978         * html/HTMLDataListElement.h:
979         * html/HTMLElement.cpp:
980         (WebCore::HTMLElement::children):
981         * html/HTMLElement.h:
982         * html/HTMLFieldSetElement.cpp:
983         (WebCore::HTMLFieldSetElement::elements):
984         * html/HTMLFieldSetElement.h:
985         * html/HTMLFormElement.cpp:
986         (WebCore::HTMLFormElement::elements):
987         * html/HTMLFormElement.h:
988         * html/HTMLInputElement.cpp:
989         (WebCore::HTMLInputElement::setupDateTimeChooserParameters):
990         * html/HTMLMapElement.cpp:
991         (WebCore::HTMLMapElement::areas):
992         * html/HTMLMapElement.h:
993         * html/HTMLSelectElement.cpp:
994         (WebCore::HTMLSelectElement::selectedOptions):
995         (WebCore::HTMLSelectElement::options):
996         * html/HTMLSelectElement.h:
997         * html/HTMLTableElement.cpp:
998         (WebCore::HTMLTableElement::rows):
999         (WebCore::HTMLTableElement::tBodies):
1000         * html/HTMLTableElement.h:
1001         * html/HTMLTableRowElement.cpp:
1002         (WebCore::HTMLTableRowElement::insertCell):
1003         (WebCore::HTMLTableRowElement::deleteCell):
1004         (WebCore::HTMLTableRowElement::cells):
1005         * html/HTMLTableRowElement.h:
1006         * html/HTMLTableSectionElement.cpp:
1007         (WebCore::HTMLTableSectionElement::insertRow):
1008         (WebCore::HTMLTableSectionElement::deleteRow):
1009         (WebCore::HTMLTableSectionElement::rows):
1010         * html/HTMLTableSectionElement.h:
1011         * html/RangeInputType.cpp:
1012         (WebCore::RangeInputType::updateTickMarkValues):
1013         * rendering/RenderTheme.cpp:
1014         (WebCore::RenderTheme::paintSliderTicks):
1015
1016 2015-02-06  Brent Fulgham  <bfulgham@apple.com>
1017
1018         [iOS] Implement audio track selection in fullscreen.
1019         https://bugs.webkit.org/show_bug.cgi?id=131236
1020         <rdar://problem/16552632>
1021
1022         Reviewed by Eric Carlson.
1023
1024         * platform/ios/WebVideoFullscreenModelVideoElement.h:
1025         * platform/ios/WebVideoFullscreenModelVideoElement.mm:
1026         (WebVideoFullscreenModelVideoElement::selectAudioMediaOption): Provide implementation.
1027         (WebVideoFullscreenModelVideoElement::updateLegibleOptions): Add audio track information
1028         to menu displayed to user.
1029
1030 2015-02-06  Bartlomiej Gajda  <b.gajda@samsung.com>
1031
1032         [MSE] Implement Append Error algorithm.
1033         https://bugs.webkit.org/show_bug.cgi?id=139439
1034
1035         Reviewed by Jer Noble.
1036
1037         If Source Buffer has not received first init segment, then it shall call endOfStream after receiving
1038         Media Segment, as per Media Source spec. (from 17 July 2014) in paragraph 3.5.1 point 6.1.
1039
1040         Based this change on Editor's Draft 12 December 2014, as it clarifies order of events.
1041
1042         Test: media/media-source/media-source-append-media-segment-without-init.html
1043
1044         * Modules/mediasource/MediaSource.cpp:
1045         (WebCore::MediaSource::streamEndedWithError):
1046         * Modules/mediasource/MediaSource.h:
1047         * Modules/mediasource/SourceBuffer.cpp:
1048         (WebCore::SourceBuffer::sourceBufferPrivateAppendComplete):
1049         (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveInitializationSegment):
1050         (WebCore::SourceBuffer::validateInitializationSegment):
1051         (WebCore::SourceBuffer::appendError):
1052         * Modules/mediasource/SourceBuffer.h:
1053
1054 2015-02-06  Timothy Horton  <timothy_horton@apple.com>
1055
1056         REGRESSION: Lookup doesn't work in RTL
1057         https://bugs.webkit.org/show_bug.cgi?id=141338
1058         <rdar://problem/19738407>
1059
1060         Reviewed by Dan Bernstein.
1061
1062         * editing/Editor.cpp:
1063         (WebCore::Editor::scanSelectionForTelephoneNumbers):
1064         * editing/mac/DictionaryLookup.mm:
1065         (WebCore::rangeExpandedAroundPositionByCharacters):
1066         Positions are independent of writing direction, so we don't
1067         need to (and shouldn't) do anything special for RTL here.
1068
1069 2015-02-06  Maciej Stachowiak  <mjs@apple.com>
1070
1071         REGRESSION(r179706): Caused memory corruption on some tests (Requested by _ap_ on #webkit).
1072         https://bugs.webkit.org/show_bug.cgi?id=141324
1073
1074         Reviewed by Alexey Proskuryakov.
1075
1076         No new tests. This is caught by existing tests under ASAN, and I don't know how to reproduce
1077         it without ASAN.
1078
1079         * rendering/RenderLineBoxList.cpp:
1080         (WebCore::RenderLineBoxList::dirtyLinesFromChangedChild): Give up
1081         and just always invalidate the next line. It's too hard to come up
1082         with the condition that catches all needed cases, doesn't itself
1083         cause a crash, and isn't overzealous. And we do this for the
1084         previous line anyway.  Also clean up the code a bit since it
1085         confusingly reuses a variable, and declares it uninitialized, for
1086         no good reason.
1087
1088 2015-02-05  Dhi Aurrahman  <diorahman@rockybars.com>
1089
1090         Remove duplicate loop after r179532
1091         https://bugs.webkit.org/show_bug.cgi?id=141300
1092
1093         Reviewed by Benjamin Poulain.
1094
1095         No new tests, no behavior changed.
1096
1097         * css/SelectorCheckerTestFunctions.h:
1098         (WebCore::matchesLangPseudoClass):
1099
1100 2015-02-05  Commit Queue  <commit-queue@webkit.org>
1101
1102         Unreviewed, rolling out r179725.
1103         https://bugs.webkit.org/show_bug.cgi?id=141320
1104
1105         caused 2 layout tests to fail (Requested by zalan on #webkit).
1106
1107         Reverted changeset:
1108
1109         "[MSE] Implement Append Error algorithm."
1110         https://bugs.webkit.org/show_bug.cgi?id=139439
1111         http://trac.webkit.org/changeset/179725
1112
1113 2015-02-05  Andreas Kling  <akling@apple.com>
1114
1115         [iOS] Run a full garbage collection on memory warning.
1116         <https://webkit.org/b/141313>
1117         <rdar://problem/19738024>
1118
1119         Reviewed by Chris Dumez.
1120
1121         Make sure that we run a full GC when trying to free up memory, as this might
1122         be our last chance to execute before the kernel suspends this process.
1123
1124         This aligns WebKit2 with the old WebKit1 behavior.
1125
1126         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
1127         (WebCore::MemoryPressureHandler::platformReleaseMemory):
1128
1129
1130 2015-02-05  Hyungwook Lee  <hyungwook.lee@navercorp.com>
1131
1132         Fix ASSERTION FAILED: !root->needsLayout() in FrameView::layout()
1133         https://bugs.webkit.org/show_bug.cgi?id=141032
1134
1135         Reviewed by Darin Adler.
1136
1137         This patch moves the !root->needsLayout() assert statement above
1138         updateLayerPositionsAfterLayout() that can modify dirty bit system
1139         when we have RenderMarquee.
1140
1141         * page/FrameView.cpp:
1142         (WebCore::FrameView::layout):
1143
1144 2015-02-05  Bartlomiej Gajda  <b.gajda@samsung.com>
1145
1146         [MSE] Implement Append Error algorithm.
1147         https://bugs.webkit.org/show_bug.cgi?id=139439
1148
1149         Reviewed by Jer Noble.
1150
1151         If Source Buffer has not received first init segment, then it shall call endOfStream after receiving
1152         Media Segment, as per Media Source spec. (from 17 July 2014) in paragraph 3.5.1 point 6.1.
1153
1154         Based this change on Editor's Draft 12 December 2014, as it clarifies order of events.
1155
1156         Test: media/media-source/media-source-append-media-segment-without-init.html
1157
1158         * Modules/mediasource/MediaSource.cpp:
1159         (WebCore::MediaSource::streamEndedWithError):
1160         * Modules/mediasource/MediaSource.h:
1161         * Modules/mediasource/SourceBuffer.cpp:
1162         (WebCore::SourceBuffer::sourceBufferPrivateAppendComplete):
1163         (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveInitializationSegment):
1164         (WebCore::SourceBuffer::validateInitializationSegment):
1165         (WebCore::SourceBuffer::appendError):
1166         * Modules/mediasource/SourceBuffer.h:
1167
1168 2015-02-05  Maciej Stachowiak  <mjs@apple.com>
1169
1170         Crash due to failing to dirty a removed text node's line box
1171         https://bugs.webkit.org/show_bug.cgi?id=136544
1172
1173         Reviewed by David Hyatt.
1174         
1175         Test: fast/text/remove-text-node-linebox-not-dirty-crash.html
1176
1177         * rendering/RenderLineBoxList.cpp:
1178         (WebCore::RenderLineBoxList::dirtyLinesFromChangedChild): Make the check for dirtying the next
1179         line box a bit more inclusive to avoid a case of a line box for a destroyed render object not
1180         being dirtied. In particular, when the text node's parent has no line boxes but contains BRs.
1181
1182 2015-02-05  Chris Dumez  <cdumez@apple.com>
1183
1184         Free memory read under MemoryCache::pruneLiveResourcesToSize()
1185         https://bugs.webkit.org/show_bug.cgi?id=141292
1186         <rdar://problem/19725522>
1187
1188         Reviewed by Antti Koivisto.
1189
1190         In MemoryCache::pruneLiveResourcesToSize(), we were iterating over the
1191         m_liveDecodedResources ListHashSet and possibly calling
1192         CachedResource::destroyDecodedData() on the current value. Doing so
1193         would cause a call to ListHashSet::remove() to remove the value pointed
1194         by the current iterator, thus invalidating our iterator.
1195
1196         In this patch, we increment the ListHashSet iterator *before* calling
1197         CachedResource::destroyDecodedData(), while the current iterator is
1198         still valid. Note that this is safe because unlike iteration of most
1199         WTF Hash data structures, iteration is guaranteed safe against mutation
1200         of the ListHashSet, except for removal of the item currently pointed to
1201         by a given iterator.
1202
1203         Test: http/tests/cache/memory-cache-pruning.html
1204
1205         * loader/cache/MemoryCache.cpp:
1206         (WebCore::MemoryCache::pruneLiveResourcesToSize):
1207
1208 2015-02-05  Jer Noble  <jer.noble@apple.com>
1209
1210         [Mac] HLS <video> will not fire 'progress' events, only 'stalled'.
1211         https://bugs.webkit.org/show_bug.cgi?id=141284
1212
1213         Reviewed by Brent Fulgham.
1214
1215         Test: http/tests/media/hls/hls-progress.html
1216
1217         totalBytes() will always return 0 for HLS streams, which will cause didLoadingProgress() to always
1218         return false. Skip this optimization. 
1219
1220         Drive-by fix: duration() will always return 0 for this class as well. Use durationMediaTime() instead.
1221
1222         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
1223         (WebCore::MediaPlayerPrivateAVFoundation::didLoadingProgress):
1224
1225 2015-02-05  Darin Adler  <darin@apple.com>
1226
1227         Move InstanceInvalidationGuard/UpdateBlocker to SVGElement from SVGElementInstance
1228         https://bugs.webkit.org/show_bug.cgi?id=141148
1229
1230         Reviewed by Brent Fulgham and Anders Carlsson.
1231
1232         Inspired by this change Rob Buis made in Blink:
1233
1234             http://src.chromium.org/viewvc/blink?view=revision&revision=173343
1235
1236         I actually wrote the whole thing and then discovered we did it almost identically.
1237
1238         * svg/SVGAnimatedTypeAnimator.cpp:
1239         (WebCore::SVGElementAnimatedPropertyList::setInstanceUpdatesBlocked): Added this
1240         helper function to get around a circular header dependency.
1241         * svg/SVGAnimatedTypeAnimator.h:
1242         (WebCore::SVGAnimatedTypeAnimator::executeAction): Use setInstanceUpdatesBlocked.
1243
1244         * svg/SVGElement.cpp:
1245         (WebCore::SVGElement::removedFrom): Use invalidateInstances.
1246         (WebCore::SVGElement::finishParsingChildren): Ditto.
1247         (WebCore::SVGElement::svgAttributeChanged): Ditto.
1248         (WebCore::SVGElement::childrenChanged): Ditto.
1249         (WebCore::SVGElement::setInstanceUpdatesBlocked): Added an assertion that will
1250         catch anyone who nests InstanceUpdateBlocker by accident.
1251         (WebCore::SVGElement::invalidateInstances): Moved this here from
1252         SVGElementInstance::invalidateAllInstancesOfElement. I had already modified this
1253         so it had nothing to do with SVGElementInstance, so it was a simple matter of
1254         converting this into a member function. Added a FIXME about the mysterious
1255         updateStyleIfNeeded that makes multiple tests fail if it's removed.
1256
1257         * svg/SVGElement.h: Added public InstanceUpdateBlocker class, protected
1258         InstanceInvalidationGuard class, and private invalidateInstances function.
1259         Unlike the ones in SVGElementInstance these use references so they are then
1260         not copyable without using the WTF_MAKE_NONCOPYABLE macro.
1261
1262         * svg/SVGElementInstance.cpp:
1263         (WebCore::SVGElementInstance::invalidateAllInstancesOfElement): Deleted.
1264         (WebCore::SVGElementInstance::InstanceUpdateBlocker::InstanceUpdateBlocker): Deleted.
1265         (WebCore::SVGElementInstance::InstanceUpdateBlocker::~InstanceUpdateBlocker): Deleted.
1266         * svg/SVGElementInstance.h: Removed InvalidationGuard, InstanceUpdateBlocker, and
1267         invalidateAllInstancesOfElement. Didn't do any further cleanup since we soon will
1268         delete this entire file.
1269
1270         * svg/SVGAElement.cpp:
1271         (WebCore::SVGAElement::svgAttributeChanged): Updated to use new name and reference
1272         instead of pointer.
1273         * svg/SVGAnimateElementBase.cpp:
1274         (WebCore::applyCSSPropertyToTargetAndInstances): Ditto.
1275         (WebCore::removeCSSPropertyFromTargetAndInstances): Ditto.
1276         (WebCore::notifyTargetAndInstancesAboutAnimValChange): Ditto.
1277         * svg/SVGAnimatedPath.cpp:
1278         (WebCore::SVGAnimatedPathAnimator::startAnimValAnimation): Ditto.
1279         * svg/SVGCircleElement.cpp:
1280         (WebCore::SVGCircleElement::svgAttributeChanged): Ditto.
1281         * svg/SVGClipPathElement.cpp:
1282         (WebCore::SVGClipPathElement::svgAttributeChanged): Ditto.
1283         * svg/SVGComponentTransferFunctionElement.cpp:
1284         (WebCore::SVGComponentTransferFunctionElement::svgAttributeChanged): Ditto.
1285         * svg/SVGCursorElement.cpp:
1286         (WebCore::SVGCursorElement::svgAttributeChanged): Ditto.
1287         * svg/SVGEllipseElement.cpp:
1288         (WebCore::SVGEllipseElement::svgAttributeChanged): Ditto.
1289         * svg/SVGFEBlendElement.cpp:
1290         (WebCore::SVGFEBlendElement::svgAttributeChanged): Ditto.
1291         * svg/SVGFEColorMatrixElement.cpp:
1292         (WebCore::SVGFEColorMatrixElement::svgAttributeChanged): Ditto.
1293         * svg/SVGFECompositeElement.cpp:
1294         (WebCore::SVGFECompositeElement::svgAttributeChanged): Ditto.
1295         * svg/SVGFEConvolveMatrixElement.cpp:
1296         (WebCore::SVGFEConvolveMatrixElement::svgAttributeChanged): Ditto.
1297         * svg/SVGFEDiffuseLightingElement.cpp:
1298         (WebCore::SVGFEDiffuseLightingElement::svgAttributeChanged): Ditto.
1299         * svg/SVGFEDisplacementMapElement.cpp:
1300         (WebCore::SVGFEDisplacementMapElement::svgAttributeChanged): Ditto.
1301         * svg/SVGFEDropShadowElement.cpp:
1302         (WebCore::SVGFEDropShadowElement::svgAttributeChanged): Ditto.
1303         * svg/SVGFEGaussianBlurElement.cpp:
1304         (WebCore::SVGFEGaussianBlurElement::svgAttributeChanged): Ditto.
1305         * svg/SVGFEImageElement.cpp:
1306         (WebCore::SVGFEImageElement::svgAttributeChanged): Ditto.
1307         * svg/SVGFELightElement.cpp:
1308         (WebCore::SVGFELightElement::svgAttributeChanged): Ditto.
1309         * svg/SVGFEMergeNodeElement.cpp:
1310         (WebCore::SVGFEMergeNodeElement::svgAttributeChanged): Ditto.
1311         * svg/SVGFEMorphologyElement.cpp:
1312         (WebCore::SVGFEMorphologyElement::svgAttributeChanged): Ditto.
1313         * svg/SVGFEOffsetElement.cpp:
1314         (WebCore::SVGFEOffsetElement::svgAttributeChanged): Ditto.
1315         * svg/SVGFESpecularLightingElement.cpp:
1316         (WebCore::SVGFESpecularLightingElement::svgAttributeChanged): Ditto.
1317         * svg/SVGFETileElement.cpp:
1318         (WebCore::SVGFETileElement::svgAttributeChanged): Ditto.
1319         * svg/SVGFETurbulenceElement.cpp:
1320         (WebCore::SVGFETurbulenceElement::svgAttributeChanged): Ditto.
1321         * svg/SVGFilterElement.cpp:
1322         (WebCore::SVGFilterElement::svgAttributeChanged): Ditto.
1323         * svg/SVGFilterPrimitiveStandardAttributes.cpp:
1324         (WebCore::SVGFilterPrimitiveStandardAttributes::svgAttributeChanged): Ditto.
1325         * svg/SVGForeignObjectElement.cpp:
1326         (WebCore::SVGForeignObjectElement::svgAttributeChanged): Ditto.
1327         * svg/SVGGElement.cpp:
1328         (WebCore::SVGGElement::svgAttributeChanged): Ditto.
1329         * svg/SVGGradientElement.cpp:
1330         (WebCore::SVGGradientElement::svgAttributeChanged): Ditto.
1331         * svg/SVGGraphicsElement.cpp:
1332         (WebCore::SVGGraphicsElement::svgAttributeChanged): Ditto.
1333         * svg/SVGImageElement.cpp:
1334         (WebCore::SVGImageElement::svgAttributeChanged): Ditto.
1335         * svg/SVGLineElement.cpp:
1336         (WebCore::SVGLineElement::svgAttributeChanged): Ditto.
1337         * svg/SVGLinearGradientElement.cpp:
1338         (WebCore::SVGLinearGradientElement::svgAttributeChanged): Ditto.
1339         * svg/SVGMPathElement.cpp:
1340         (WebCore::SVGMPathElement::svgAttributeChanged): Ditto.
1341         * svg/SVGMarkerElement.cpp:
1342         (WebCore::SVGMarkerElement::svgAttributeChanged): Ditto.
1343         * svg/SVGMaskElement.cpp:
1344         (WebCore::SVGMaskElement::svgAttributeChanged): Ditto.
1345         * svg/SVGPathElement.cpp:
1346         (WebCore::SVGPathElement::svgAttributeChanged): Ditto.
1347         * svg/SVGPatternElement.cpp:
1348         (WebCore::SVGPatternElement::svgAttributeChanged): Ditto.
1349         * svg/SVGPolyElement.cpp:
1350         (WebCore::SVGPolyElement::svgAttributeChanged): Ditto.
1351         * svg/SVGRadialGradientElement.cpp:
1352         (WebCore::SVGRadialGradientElement::svgAttributeChanged): Ditto.
1353         * svg/SVGRectElement.cpp:
1354         (WebCore::SVGRectElement::svgAttributeChanged): Ditto.
1355         * svg/SVGSVGElement.cpp:
1356         (WebCore::SVGSVGElement::svgAttributeChanged): Ditto.
1357         * svg/SVGScriptElement.cpp:
1358         (WebCore::SVGScriptElement::svgAttributeChanged): Ditto.
1359         * svg/SVGStopElement.cpp:
1360         (WebCore::SVGStopElement::svgAttributeChanged): Ditto.
1361         * svg/SVGSymbolElement.cpp:
1362         (WebCore::SVGSymbolElement::svgAttributeChanged): Ditto.
1363         * svg/SVGTRefElement.cpp:
1364         (WebCore::SVGTRefElement::svgAttributeChanged): Ditto.
1365         * svg/SVGTextContentElement.cpp:
1366         (WebCore::SVGTextContentElement::svgAttributeChanged): Ditto.
1367         * svg/SVGTextPathElement.cpp:
1368         (WebCore::SVGTextPathElement::svgAttributeChanged): Ditto.
1369         * svg/SVGTextPositioningElement.cpp:
1370         (WebCore::SVGTextPositioningElement::svgAttributeChanged): Ditto.
1371         * svg/SVGUseElement.cpp:
1372         (WebCore::SVGUseElement::svgAttributeChanged): Ditto.
1373         * svg/animation/SVGSMILElement.cpp:
1374         (WebCore::SVGSMILElement::svgAttributeChanged): Ditto.
1375
1376 2015-02-05  Brent Fulgham  <bfulgham@apple.com>
1377
1378         Remind ourselves to remove work-around code
1379         https://bugs.webkit.org/show_bug.cgi?id=141289
1380
1381         Unreviewed gardening: Add a reminder FIXME to CSSParser
1382         so we can remove the MSVC-specific hack in the future.
1383
1384         * css/CSSParser.cpp:
1385
1386 2015-02-05  Zalan Bujtas  <zalan@apple.com>
1387
1388         Do not destroy RenderQuote's text fragment child when quotation mark string is changing.
1389         https://bugs.webkit.org/show_bug.cgi?id=141271
1390         rdar://problem/18169375
1391
1392         Reviewed by Antti Koivisto.
1393
1394         Similar approach as https://codereview.chromium.org/679593004/
1395
1396         This patch ensures that laying out a RenderQuote does not force a sibling RenderQuote's
1397         child renderer(RenderText) to be destroyed.
1398         BreakingContext holds a pointer to the next renderer on the line (BreakingContext::m_nextObject).
1399         While laying out the line, initiated by BreakingContext, placing the current renderer could end up destroying the "next" renderer.
1400         This happens when the pseudo after quotation mark(RenderQuote) becomes floated, the sibling <q>'s pseudo
1401         before text needs to be changed (from " to ') so that we don't end up with 2 sets of the same opening
1402         strings.
1403         The fix is to reuse the RenderTextFragment object instead of destroy/recreate it.
1404
1405         Test: fast/css/content/quote-crash-when-floating.html
1406
1407         * rendering/RenderQuote.cpp:
1408         (WebCore::RenderQuote::RenderQuote):
1409         (WebCore::fragmentChild):
1410         (WebCore::RenderQuote::updateText):
1411         * rendering/RenderQuote.h:
1412         * rendering/RenderTextFragment.cpp:
1413         (WebCore::RenderTextFragment::setText):
1414         (WebCore::RenderTextFragment::setContentString):
1415         * rendering/RenderTextFragment.h:
1416
1417 2015-02-04  Dean Jackson  <dino@apple.com>
1418
1419         [Media iOS] Add a debug setting to always show the optimized fullscreen button
1420         https://bugs.webkit.org/show_bug.cgi?id=141277
1421         <rdar://problem/19724471>
1422
1423         Reviewed by Eric Carlson.
1424
1425         Add a debug option so that we can test the optimized fullscreen
1426         control on media that doesn't support it.
1427
1428         * Modules/mediacontrols/mediaControlsiOS.js: Add gSimulateOptimizedFullscreenAvailable.
1429         (ControllerIOS.prototype.createControls): Check the setting.
1430         (ControllerIOS.prototype.configureInlineControls): Ditto.
1431         (ControllerIOS.prototype.formatTime): Drive-by whitespace cleanup.
1432         (ControllerIOS.prototype.handleBaseGestureChange):
1433         (ControllerIOS.prototype.handleWrapperTouchStart):
1434         (ControllerIOS.prototype.handleOptimizedFullscreenTouchEnd):
1435         (ControllerIOS.prototype.handlePresentationModeChange): Drive-by variable renaming.
1436
1437 2015-02-05  Youenn Fablet  <youenn.fablet@crf.canon.fr> and Xabier Rodriguez Calvar <calvaris@igalia.com>
1438
1439         [Streams API] Implement a barebone ReadableStream interface
1440         https://bugs.webkit.org/show_bug.cgi?id=141045
1441
1442         Reviewed by Benjamin Poulain.
1443
1444         This patch implements the ReadableStream IDL (https://streams.spec.whatwg.org/#rs-model).
1445         No functionality is yet added.
1446         ReadableStreamSource is expected to be implemented for native sources (such as HTTP sources)
1447         as well as JavaScript source through ReadableStreamJSSource.
1448
1449         Test: streams/readablestream-constructor.html
1450
1451         * CMakeLists.txt:
1452         * Configurations/FeatureDefines.xcconfig:
1453         * DerivedSources.cpp:
1454         * DerivedSources.make:
1455         * Modules/streams/ReadableStream.cpp: Added.
1456         (WebCore::ReadableStream::create):
1457         (WebCore::ReadableStream::ReadableStream):
1458         (WebCore::ReadableStream::~ReadableStream):
1459         (WebCore::ReadableStream::state):
1460         (WebCore::ReadableStream::closed):
1461         (WebCore::ReadableStream::ready):
1462         * Modules/streams/ReadableStream.h: Added.
1463         * Modules/streams/ReadableStream.idl: Added.
1464         * Modules/streams/ReadableStreamSource.h: Added.
1465         * WebCore.vcxproj/WebCore.vcxproj:
1466         * WebCore.vcxproj/WebCore.vcxproj.filters:
1467         * WebCore.vcxproj/WebCoreCommon.props:
1468         * WebCore.xcodeproj/project.pbxproj:
1469         * bindings/js/JSBindingsAllInOne.cpp:
1470         * bindings/js/JSReadableStreamCustom.cpp: Added.
1471         (WebCore::JSReadableStream::read):
1472         (WebCore::JSReadableStream::ready):
1473         (WebCore::JSReadableStream::closed):
1474         (WebCore::JSReadableStream::cancel):
1475         (WebCore::JSReadableStream::pipeTo):
1476         (WebCore::JSReadableStream::pipeThrough):
1477         (WebCore::constructJSReadableStream):
1478         * bindings/js/ReadableStreamJSSource.cpp: Added.
1479         (WebCore::ReadableStreamJSSource::create):
1480         (WebCore::ReadableStreamJSSource::ReadableStreamJSSource):
1481         (WebCore::ReadableStreamJSSource::setInternalError):
1482         * bindings/JSReadableStreamJSSource.h: Added.
1483
1484 2015-02-04  Brent Fulgham  <bfulgham@apple.com>
1485
1486         [Win] Unreviewed project file corrections.
1487
1488         Correct some parsing errors caused by recent manual editing of
1489         the project files.
1490
1491         * WebCore.vcxproj/WebCore.vcxproj:
1492         * WebCore.vcxproj/WebCore.vcxproj.filters:
1493
1494 2015-02-04  Eric Carlson  <eric.carlson@apple.com>
1495
1496         [iOS] add method to toggle playback when in the background
1497         https://bugs.webkit.org/show_bug.cgi?id=141270
1498
1499         Reviewed by Dean Jackson.
1500
1501         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
1502         (-[WebAVPlayerController togglePlaybackEvenWhenInBackground:]): Added.
1503
1504 2015-02-04  Jer Noble  <jer.noble@apple.com>
1505
1506         [Mac][EME] Support ClearKey encryption with AES128-encrypted HLS
1507         https://bugs.webkit.org/show_bug.cgi?id=140825
1508
1509         Reviewed by Eric Carlson.
1510
1511         Test: http/tests/media/clearkey/clear-key-hls-aes128.html
1512
1513         Add support for ClearKey encryption when used with an AES-128 encrypted HLS stream.
1514
1515         * Modules/encryptedmedia/CDM.cpp:
1516         (WebCore::installedCDMFactories): Add the CDMPrivateClearKey factory.
1517         * Modules/encryptedmedia/CDMPrivateClearKey.cpp:
1518         (WebCore::CDMPrivateClearKey::supportsKeySystem): Support the "org.w3c.clearkey" key system.
1519         (WebCore::CDMPrivateClearKey::supportsKeySystemAndMimeType): Ditto.
1520         (WebCore::CDMPrivateClearKey::supportsMIMEType): Ditto.
1521         (WebCore::CDMPrivateClearKey::createSession): Create a CDMSessionClearKey.
1522         * Modules/encryptedmedia/CDMPrivateClearKey.h:
1523         (WebCore::CDMPrivateClearKey::create): Simple factory.
1524         (WebCore::CDMPrivateClearKey::~CDMPrivateClearKey): Virtual destructor.
1525         (WebCore::CDMPrivateClearKey::CDMPrivateClearKey): Simple destructor.
1526         * Modules/encryptedmedia/CDMSessionClearKey.cpp: Added.
1527         (WebCore::clearKeyVM): Static method returning the VM to be used by JSON parsing.
1528         (WebCore::CDMSessionClearKey::CDMSessionClearKey): Simple constructor.
1529         (WebCore::CDMSessionClearKey::~CDMSessionClearKey): Simple destructor.
1530         (WebCore::CDMSessionClearKey::generateKeyRequest): Store the initData, ensure that it consists of a UTF8-encoded key
1531             URI, and return same.
1532         (WebCore::CDMSessionClearKey::releaseKeys): Purged all cached keys.
1533         (WebCore::CDMSessionClearKey::update): Parse raw JSON-encoded JWK keys, rejecting non-AES, non-oct keys.
1534         (WebCore::CDMSessionClearKey::cachedKeyForKeyID): Return cached keys.
1535         * Modules/encryptedmedia/CDMSessionClearKey.h:
1536
1537         Add support for the "org.w3c.clearkey" CDM to MediaPlayerPrivateAVFoundationObjC, and do so in a platform-agnostic
1538         way by simply asking for raw key data from MediaPlayerClient when notified that a key has been added.
1539
1540         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
1541         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1542         (WebCore::keySystemIsSupported):
1543         (WebCore::MediaPlayerPrivateAVFoundationObjC::supportsType):
1544         (WebCore::MediaPlayerPrivateAVFoundationObjC::supportsKeySystem):
1545         (WebCore::fulfillRequestWithKeyData): Added utility method.
1546         (WebCore::MediaPlayerPrivateAVFoundationObjC::shouldWaitForLoadingOfResource):
1547         (WebCore::MediaPlayerPrivateAVFoundationObjC::keyAdded):
1548
1549         Pipe a keyAdded() notification down to MediaPlayer and a cachedKeyForKeyId() request up to CDMSessionClearKey:
1550
1551         * Modules/encryptedmedia/MediaKeySession.cpp:
1552         (WebCore::MediaKeySession::cachedKeyForKeyId):
1553         (WebCore::MediaKeySession::addKeyTimerFired):
1554         * Modules/encryptedmedia/MediaKeySession.h:
1555         * Modules/encryptedmedia/MediaKeys.cpp:
1556         (WebCore::MediaKeys::keyAdded):
1557         (WebCore::MediaKeys::cachedKeyForKeyId):
1558         * Modules/encryptedmedia/MediaKeys.h:
1559         * html/HTMLMediaElement.cpp:
1560         (WebCore::HTMLMediaElement::keyAdded):
1561         * html/HTMLMediaElement.h:
1562         * platform/graphics/CDMSession.h:
1563         (WebCore::CDMSession::cachedKeyForKeyID):
1564         * platform/graphics/MediaPlayer.cpp:
1565         (WebCore::MediaPlayer::keyAdded):
1566         (WebCore::MediaPlayer::cachedKeyForKeyId):
1567         * platform/graphics/MediaPlayer.h:
1568         (WebCore::MediaPlayerClient::mediaPlayerCachedKeyForKeyId):
1569         * platform/graphics/MediaPlayerPrivate.h:
1570         (WebCore::MediaPlayerPrivateInterface::keyAdded):
1571
1572         Add new files to project:
1573
1574         * WebCore.xcodeproj/project.pbxproj:
1575         * CMakeLists.txt:
1576         * WebCore.vcxproj/WebCore.vcxproj:
1577         * WebCore.vcxproj/WebCore.vcxproj.filters:
1578
1579 2015-02-04  Commit Queue  <commit-queue@webkit.org>
1580
1581         Unreviewed, rolling out r179618.
1582         https://bugs.webkit.org/show_bug.cgi?id=141263
1583
1584         Off-by-one error causing flaky behavior in webaudio
1585         /audiobuffersource-negative-playbackrate.html (Requested by
1586         jernoble_ on #webkit).
1587
1588         Reverted changeset:
1589
1590         "[WebAudio] AudioBufferSourceNodes should accurately play
1591         backwards if given a negative playbackRate."
1592         https://bugs.webkit.org/show_bug.cgi?id=140955
1593         http://trac.webkit.org/changeset/179618
1594
1595 2015-02-03  David Hyatt  <hyatt@apple.com>
1596
1597         Tables don't repaginate properly when the pagination height changes or the pagination offset changes.
1598         https://bugs.webkit.org/show_bug.cgi?id=141207
1599         <rdar://problem/18387659>
1600
1601         Reviewed by Dean Jackson.
1602
1603         Added fast/multicol/table-dynamic-movement.html
1604
1605         Change markForPaginationRelayoutIfNeeded to be called always and to check needsLayout inside it.
1606
1607         Make RenderTable override markForPaginationRelayoutIfNeeded and also dirty the sections if the table
1608         ended up getting marked for relayout.
1609
1610         Make sure rows do the right thing as well.
1611
1612         * rendering/RenderBlock.cpp:
1613         (WebCore::RenderBlock::layoutPositionedObjects):
1614         (WebCore::RenderBlock::markForPaginationRelayoutIfNeeded):
1615         * rendering/RenderBlock.h:
1616         * rendering/RenderBlockFlow.cpp:
1617         (WebCore::RenderBlockFlow::layoutBlockChild):
1618         (WebCore::RenderBlockFlow::adjustBlockChildForPagination):
1619         (WebCore::RenderBlockFlow::positionNewFloats):
1620         * rendering/RenderDeprecatedFlexibleBox.cpp:
1621         (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
1622         (WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox):
1623         * rendering/RenderTable.cpp:
1624         (WebCore::RenderTable::markForPaginationRelayoutIfNeeded):
1625         * rendering/RenderTable.h:
1626         * rendering/RenderTableRow.cpp:
1627         (WebCore::RenderTableRow::layout):
1628         * rendering/RenderTableSection.cpp:
1629         (WebCore::RenderTableSection::layout):
1630
1631 2015-02-04  Said Abou-Hallawa  <sabouhallawa@apple.com>
1632
1633         When using SVG as an image, we should load datauri images when these images are not in the image cache.
1634         https://bugs.webkit.org/show_bug.cgi?id=99677.
1635
1636         Reviewed by Darin Adler.
1637         
1638         Data URI sub-resources are not loaded because the networking context of FrameLoader
1639         attached to the SubResourceLoader is set to null. This is done intentionally to
1640         disallow any resource from loading external sub-resources. For example if an <img>
1641         tag has its 'src' attribute points to an svg file, this svg is not allowed to load
1642         an external image through the 'xlink' attribute of an <image> element. This restriction
1643         is not valid if the value of the 'xlink' attribute is a data URI. In this case the image 
1644         should be loaded into memory since there is no network traffic involved. All we need
1645         to do is to decode the data part of the URI.
1646         
1647         The fix is to pass the root FrameLoader, which has a valid NetworkingContext, through
1648         the FrameLoaderClient, to the ResourceHandle::create() which uses the NetworkingContext
1649         to decode the data and fire the load events of the data URI resources.
1650
1651         Tests:  svg/as-image/svg-image-with-data-uri-background.html
1652                 svg/as-image/svg-image-with-data-uri-from-canvas.html
1653                 svg/as-image/svg-image-with-data-uri-images-disabled.html
1654                 svg/as-image/svg-image-with-data-uri-reloading.html
1655                 svg/as-image/svg-image-with-data-uri-use-data-uri.svg
1656                 svg/as-image/svg-image-with-svg-data-uri.html
1657
1658         * accessibility/AccessibilityRenderObject.cpp:
1659         Remove unreferenced header file.
1660
1661         * loader/FrameLoaderClient.h:
1662         Define the null virtual function dataProtocolLoader() which should return the FrameLoader
1663         for loading data URI resources.
1664
1665         * loader/ResourceLoader.cpp:
1666         (WebCore::ResourceLoader::start):
1667         (WebCore::ResourceLoader::dataProtocolFrameLoader):
1668         * loader/ResourceLoader.h:
1669         Add ResourceLoader::dataProtocolFrameLoader() which returns the root FrameLoader. The
1670         root FrameLoader is used to get a valid NetworkingContext which can be passed to
1671         ResourceHandle::create() when url().protocolIsData().
1672
1673         * loader/cache/CachedImage.cpp:
1674         (WebCore::CachedImage::load):
1675         (WebCore::CachedImage::finishLoading):
1676         * loader/cache/CachedResourceLoader.cpp:
1677         (WebCore::CachedResourceLoader::shouldPerformImageLoad):
1678         (WebCore::CachedResourceLoader::shouldDeferImageLoad):
1679         * loader/cache/CachedResourceLoader.h:
1680         Allow loading data URI sub-resources as long as loading images is not disabled. Also we
1681         need to call setDataProtocolLoader() before calling setData() for the isSVGImage case, 
1682         setData() will create a page by calling Page::createPageFromBuffer() via SVGImage::dataChanged(),
1683         and we need to pass the correct FrameLoaderClient to the created FrameLoader of the main
1684          frame of this page.
1685
1686         * svg/graphics/SVGImage.cpp:
1687         (WebCore::SVGImage::SVGImage):
1688         (WebCore::SVGImage::dataChanged):
1689         * svg/graphics/SVGImage.h:
1690         Create a new FrameLoaderClient of type SVGFrameLoaderClient and set it in pageConfiguration
1691         which is used when creating the page from the SVG data URI.
1692
1693         * WebCore.xcodeproj/project.pbxproj:
1694         * svg/graphics/SVGImageChromeClient.h: Removed.
1695         * svg/graphics/SVGImageClients.h: Added.
1696         Add a new class SVGImageChromeClient which overrides the function dataProtocolLoader().
1697         Rename the header file SVGImageChromeClient.h to be SVGImageClients.h since it now 
1698         includes the classes SVGImageChromeClient and SVGFrameLoaderClient.
1699
1700 2015-02-04  Timothy Horton  <timothy_horton@apple.com>
1701
1702         Fix a misplaced include in CaptionUserPreferencesMediaAF
1703         https://bugs.webkit.org/show_bug.cgi?id=141239
1704
1705         Reviewed by Jer Noble.
1706
1707         * page/CaptionUserPreferencesMediaAF.cpp:
1708         CoreText is a system header, and there's already a good spot for it!
1709
1710 2015-02-04  Jer Noble  <jer.noble@apple.com>
1711
1712         [WebAudio] AudioBufferSourceNodes should accurately play backwards if given a negative playbackRate.
1713         https://bugs.webkit.org/show_bug.cgi?id=140955
1714
1715         Reviewed by Eric Carlson.
1716
1717         Tests: webaudio/audiobuffersource-negative-playbackrate-interpolated.html
1718                webaudio/audiobuffersource-negative-playbackrate.html
1719
1720         Add support for playing an AudioBufferSourceNode at a negative playbackRate. Change the meaning of
1721         start() to set the initial playback position at the end of the play range if the rate of playback
1722         is negtive.
1723
1724         * Modules/webaudio/AudioBufferSourceNode.cpp:
1725         (WebCore::AudioBufferSourceNode::AudioBufferSourceNode): Allow the playbackRate AudioParam to range from [-32, 32].
1726         (WebCore::AudioBufferSourceNode::renderFromBuffer): Change variable names from "start" and "end" to "min" and "max"
1727             for clarity. Add a non-interpolated and interpolated render step for negative playback.
1728         (WebCore::AudioBufferSourceNode::start): Drive-by fix: default value of grainDuration is not 0.02.
1729         (WebCore::AudioBufferSourceNode::startPlaying): Start playing at the end of the buffer for negative playback.
1730         (WebCore::AudioBufferSourceNode::totalPitchRate): Allow the pitch to be negative.
1731
1732 2015-02-04  Eric Carlson  <eric.carlson@apple.com>
1733
1734         video.attribute should not return true just because of fullscreen
1735         https://bugs.webkit.org/show_bug.cgi?id=141219
1736
1737         Reviewed by Dean Jackson.
1738
1739         No new tests, updated media/video-fullscreeen-only-controls.html
1740
1741         * Modules/mediacontrols/mediaControlsApple.js:
1742         (Controller.prototype.shouldHaveControls):
1743         * Modules/mediacontrols/mediaControlsiOS.js:
1744         (ControllerIOS.prototype.isFullScreen):
1745
1746         * html/HTMLMediaElement.cpp:
1747         (WebCore::HTMLMediaElement::controls): Don't consider fullscreen status.
1748         (WebCore::HTMLMediaElement::configureMediaControls): Create controls if a video element
1749             isn't allowed to play inline, or if it is in fullscreen.
1750
1751 2015-02-04  Mark Lam  <mark.lam@apple.com>
1752
1753         Remove concept of makeUsableFromMultipleThreads().
1754         <https://webkit.org/b/141221>
1755
1756         Reviewed by Mark Hahnenberg.
1757
1758         No new tests.
1759
1760         * bindings/js/JSDOMWindowBase.cpp:
1761         (WebCore::JSDOMWindowBase::commonVM):
1762
1763 2015-02-04  Simon Fraser  <simon.fraser@apple.com>
1764
1765         [iOS WK2] Assert in ScrollingTreeOverflowScrollingNodeIOS::updateAfterChildren() on tab switching
1766         https://bugs.webkit.org/show_bug.cgi?id=141223
1767         rdar://problem/18458993
1768
1769         Reviewed by Tim Horton.
1770         
1771         It's possible to submit a RemoteLayerTree transaction that contains data
1772         about a created layer, but doesn't have any properties for that layer. This
1773         happens when the newly created layer isn't reached during the traversal that
1774         gathers layer properties (i.e. it's not rooted). However, whether we create
1775         a scrolling layer or not requires having properties; they are missing, so we
1776         create a normal layer, but then the scrolling tree commit asserts that we
1777         should have a scrolling layer.
1778         
1779         Fix by making scrolling layers have a corresponding layer type, which is
1780         stored in layer creation properties. This required exposing layer types
1781         up through GraphicsLayer, but that allows for some nice cleanup:
1782         
1783         1. No need to have the hokey shouldUseTiledBacking() GraphicsLayerClient hack
1784            for creating the page tiled layer.
1785         2. The notion of "custom behaviors" can be removed from GraphicsLayer entirely.
1786
1787         Not testable because it requires tab switching.
1788
1789         * WebCore.exp.in:
1790         * platform/graphics/GraphicsLayer.cpp:
1791         (WebCore::GraphicsLayer::GraphicsLayer):
1792         * platform/graphics/GraphicsLayer.h:
1793         (WebCore::GraphicsLayer::initialize):
1794         (WebCore::GraphicsLayer::setCustomBehavior): Deleted.
1795         (WebCore::GraphicsLayer::customBehavior): Deleted.
1796         * platform/graphics/GraphicsLayerClient.h:
1797         (WebCore::GraphicsLayerClient::shouldUseTiledBacking): Deleted.
1798         * platform/graphics/GraphicsLayerFactory.h:
1799         * platform/graphics/ca/GraphicsLayerCA.cpp:
1800         (WebCore::GraphicsLayer::create):
1801         (WebCore::GraphicsLayerCA::GraphicsLayerCA):
1802         (WebCore::GraphicsLayerCA::initialize):
1803         (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
1804         (WebCore::GraphicsLayerCA::ensureStructuralLayer):
1805         (WebCore::GraphicsLayerCA::swapFromOrToTiledLayer):
1806         (WebCore::GraphicsLayerCA::updateCustomBehavior): Deleted.
1807         (WebCore::GraphicsLayerCA::setCustomBehavior): Deleted.
1808         * platform/graphics/ca/GraphicsLayerCA.h:
1809         (WebCore::GraphicsLayerCA::moveAnimations):
1810         (WebCore::GraphicsLayerCA::copyAnimations):
1811         * platform/graphics/ca/PlatformCALayer.h:
1812         * platform/graphics/ca/mac/PlatformCALayerMac.h:
1813         * platform/graphics/ca/mac/PlatformCALayerMac.mm:
1814         (PlatformCALayerMac::PlatformCALayerMac):
1815         (PlatformCALayerMac::commonInit):
1816         (PlatformCALayerMac::updateCustomBehavior): Deleted.
1817         * rendering/RenderLayerBacking.cpp:
1818         (WebCore::RenderLayerBacking::createGraphicsLayer):
1819         (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer):
1820         (WebCore::RenderLayerBacking::updateScrollingLayers):
1821         (WebCore::RenderLayerBacking::shouldUseTiledBacking): Deleted.
1822         * rendering/RenderLayerBacking.h:
1823
1824 2015-02-04  Dean Jackson  <dino@apple.com>
1825
1826         [Media] Fullscreen button should always come last in inline controls (141245)
1827         https://bugs.webkit.org/show_bug.cgi?id=141245
1828         <rdar://problem/19714622>
1829
1830         Reviewed by Eric Carlson.
1831
1832         Make sure the optimizedFullscreen button is inserted before the
1833         normal fullscreen button.
1834
1835         * Modules/mediacontrols/mediaControlsiOS.js:
1836         (ControllerIOS.prototype.configureInlineControls):
1837
1838 2015-02-04  Dean Jackson  <dino@apple.com>
1839
1840         REGRESSION: AirPlay button not visible but present in inline toolbar
1841         https://bugs.webkit.org/show_bug.cgi?id=141244
1842         <rdar://problem/19328322>
1843
1844         Reviewed by Eric Carlson.
1845
1846         Replace the use of mask-image with a background-image (which matches
1847         what the other buttons are doing).
1848
1849         * Modules/mediacontrols/mediaControlsiOS.css:
1850         (::-webkit-media-controls):
1851         (video::-webkit-media-controls-wireless-playback-picker-button):
1852         (audio::-webkit-media-controls-wireless-playback-picker-button):
1853         (video::-webkit-media-controls-wireless-playback-picker-button.active):
1854         (audio::-webkit-media-controls-wireless-playback-picker-button.active):
1855
1856 2015-02-04  Chris Dumez  <cdumez@apple.com>
1857
1858         Add removeFirst(value) / removeAll(value) methods to WTF::Vector
1859         https://bugs.webkit.org/show_bug.cgi?id=141192
1860
1861         Reviewed by Benjamin Poulain.
1862
1863         Use new Vector::removeFirst(value) / removeAll(value) API to simplify the
1864         code a bit.
1865
1866         * css/StyleSheetContents.cpp:
1867         (WebCore::StyleSheetContents::unregisterClient):
1868         * html/HTMLFormElement.cpp:
1869         (WebCore::HTMLFormElement::removeFormElement):
1870         (WebCore::HTMLFormElement::removeImgElement):
1871         (WebCore::removeFromVector): Deleted.
1872         * page/Chrome.cpp:
1873         (WebCore::Chrome::unregisterPopupOpeningObserver):
1874         * page/PageOverlayController.cpp:
1875         (WebCore::PageOverlayController::uninstallPageOverlay):
1876         * page/SecurityPolicy.cpp:
1877         (WebCore::SecurityPolicy::removeOriginAccessWhitelistEntry):
1878         * platform/graphics/GraphicsLayer.cpp:
1879         (WebCore::GraphicsLayer::removeFromParent):
1880         * platform/graphics/texmap/TextureMapperAnimation.cpp:
1881         (WebCore::TextureMapperAnimations::remove):
1882         * rendering/RenderSearchField.cpp:
1883         (WebCore::RenderSearchField::addSearchResult):
1884         * rendering/RenderTable.cpp:
1885         (WebCore::RenderTable::removeCaption):
1886         * rendering/svg/RenderSVGText.cpp:
1887         (WebCore::RenderSVGText::subtreeChildWillBeRemoved):
1888         * svg/SVGDocumentExtensions.cpp:
1889         (WebCore::SVGDocumentExtensions::removeAllElementReferencesForTarget):
1890         * svg/animation/SMILTimeContainer.cpp:
1891         (WebCore::SMILTimeContainer::unschedule):
1892
1893 2015-02-03  Maciej Stachowiak  <mjs@apple.com>
1894
1895         Crash when printing snapshotted plugins
1896         https://bugs.webkit.org/show_bug.cgi?id=141212
1897
1898         Reviewed by Simon Fraser.
1899
1900         Test: plugins/snapshotting/print-snapshotted-plugin.html
1901
1902         * html/HTMLPlugInImageElement.cpp:
1903         (WebCore::HTMLPlugInImageElement::childShouldCreateRenderer): New
1904         method. If the current renderer is a snapshotted plugin, only
1905         allow children to create renderers if they are part of the
1906         snapshot shadow dom. Otherwise RenderEmbeddedObject invariants
1907         will be violated. This DOM class can have many other renderers, but they
1908         can just follow their own rules.
1909         (WebCore::HTMLPlugInImageElement::partOfSnapshotOverlay): Make this
1910         const-correct, and don't create UA shadow DOM as a side effect if it doesn't
1911         already exist.
1912         * html/HTMLPlugInImageElement.h:
1913
1914 2015-02-03  Chris Dumez  <cdumez@apple.com>
1915
1916         Regression(r179584): Assertion hit in toResourceLoadPriority() on Yosemite
1917         https://bugs.webkit.org/show_bug.cgi?id=141230
1918
1919         Reviewed by Alexey Proskuryakov.
1920
1921         Handle -1 priority value again in toResourceLoadPriority() as it seems to
1922         be returned by CFNetwork on some configurations.
1923
1924         No new tests, already covered by existing tests.
1925
1926         * platform/network/cf/ResourceRequestCFNet.h:
1927         (WebCore::toResourceLoadPriority):
1928
1929 2015-02-03  Chris Dumez  <cdumez@apple.com>
1930
1931         Drop ResourceLoadPriorityUnresolved resource load priority and use Optional<> instead
1932         https://bugs.webkit.org/show_bug.cgi?id=141186
1933
1934         Reviewed by Antti Koivisto.
1935
1936         Drop ResourceLoadPriorityUnresolved resource load priority value and use
1937         Optional<ResourceLoadPriority> when needed instead. If the Optional
1938         doesn't have a value, then it means it is unresolved. Having
1939         ResourceLoadPriorityUnresolved in ResourceLoadPriority was confusing
1940         because this value is only valid in CachedResourceRequest, it is not
1941         a valid value in CachedResource or in ResourceRequest. After this
1942         refactoring, it now becomes more obvious.
1943
1944 2015-02-03  Chris Dumez  <cdumez@apple.com>
1945
1946         REGRESSION(176609): Very high memory usage in Canvas/reuse.html performance test
1947         https://bugs.webkit.org/show_bug.cgi?id=139812
1948
1949         Reviewed by Geoffrey Garen.
1950
1951         Update DOMTimerFireState.elementsChangedOutsideViewport to keep only
1952         weak pointers to the Elements, instead of ref'ing them, so as to not
1953         extend their life unnecessarily (by preventing garbage-collection).
1954         The same approach was already adopted in r176496 for
1955         DOMTimer.m_elementsCausingThrottling to address the same issue.
1956
1957         No new tests, already covered by Canvas/reuse.html performance test.
1958
1959         * page/DOMTimer.cpp:
1960         (WebCore::DOMTimerFireState::setScriptMadeNonUserObservableChangesToElement):
1961         (WebCore::DOMTimerFireState::elementsChangedOutsideViewport):
1962
1963 2015-02-03  Jer Noble  <jer.noble@apple.com>
1964
1965         [MSE] Setting timestampOffset does not change the timestamps in the actual sample, leading to visual and audible errors.
1966         https://bugs.webkit.org/show_bug.cgi?id=140929
1967
1968         Reviewed by Alexey Proskuryakov.
1969
1970         Fixes http/tests/media/media-source/mediasource-config-change-mp4-v-framerate.html.
1971
1972         Only apply the timestamp offset to the actual sample after step 1.6, where we may loop back to
1973         the top, to avoid double-offsetting the same sample.
1974
1975         * Modules/mediasource/SourceBuffer.cpp:
1976         (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):
1977
1978 2015-02-03  Jeremy Jones  <jeremyj@apple.com>
1979
1980         Restore interface before exiting optimized fullscreen mode.
1981         https://bugs.webkit.org/show_bug.cgi?id=141167
1982
1983         Reviewed by Simon Fraser.
1984
1985         This change allows the user interface to be restored before exiting optimized fullscreen mode.
1986
1987         * platform/ios/WebVideoFullscreenInterfaceAVKit.h: Add declaration.
1988         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: 
1989         (-[WebAVPlayerController playerViewController:restoreUserInterfaceForOptimizedFullscreenStopWithCompletionHandler:]): Added.
1990         (WebVideoFullscreenInterfaceAVKit::fullscreenMayReturnToInline): Added.
1991         * platform/spi/ios/AVKitSPI.h: Add new SPI.
1992
1993 2015-02-03  Jeremy Jones  <jeremyj@apple.com>
1994
1995         Prevent flicker when exiting fullscreen by synchronizing transactions.
1996         https://bugs.webkit.org/show_bug.cgi?id=140897
1997
1998         Reviewed by Tim Horton.
1999
2000         Synchronize across CAContexts when moving the video layer between layer hierarchies.
2001         Normally transactions involving multiple CAContexts are not synchronized.
2002
2003         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
2004         (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenLayer):
2005         * platform/spi/cocoa/QuartzCoreSPI.h: add additional CAContext SPI declarations.
2006
2007 2015-02-03  Ryosuke Niwa  <rniwa@webkit.org>
2008
2009         Smart quoting could move the caret backwards in some configurations
2010         https://bugs.webkit.org/show_bug.cgi?id=141203
2011         <rdar://problem/17452543>
2012
2013         Reviewed by Enrica Casucci.
2014
2015         The bug was caused by markAndReplaceFor not running the code to preserve the selection after
2016         text replacement only when smart quote is enabled. Furthermore, when smart link was disabled,
2017         we never applied smart quote due to the following condition at line 2502:
2018
2019         if (!(shouldPerformReplacement || shouldCheckForCorrection || shouldMarkLink) || !doReplacement)
2020             continue;
2021
2022         This condition prevented the code to apply smart quote from running when both continuous
2023         spellchecking, smart link, and text replacement are disabled.
2024
2025         Fixed the bug by treating smart quotes and smart dashes like any other text replacement and set
2026         shouldPerformReplacement to true whenever either one of those text checking options are present.
2027
2028         Smart link didn't have this issue due to the explicit check for shouldMarkLink.
2029
2030         Smart dashes didn't suffer this problem either because dashes replacement happens only once
2031         the caret has moved past the dashes but his patch makes go through the same code path to preserve
2032         the selection as well for consistency.
2033
2034         Test: editing/inserting/smart-quote-with-all-configurations.html
2035
2036         * editing/Editor.cpp:
2037         (WebCore::Editor::markAndReplaceFor):
2038
2039 2015-02-02  Enrica Casucci  <enrica@apple.com>
2040
2041         Additional emoji support.
2042         https://bugs.webkit.org/show_bug.cgi?id=141047
2043         rdar://problem/19045135
2044
2045         Reviewed by Darin Adler.
2046
2047         Adds support for emoji modifiers and group emoji.
2048
2049         Test: editing/deleting/delete-emoji.html
2050
2051         * platform/graphics/FontCascade.cpp:
2052         (WebCore::FontCascade::characterRangeCodePath):
2053         * platform/text/TextBreakIterator.cpp:
2054         (WebCore::cursorMovementIterator):
2055         * rendering/RenderText.cpp:
2056         (WebCore::isEmojiGroupCandidate):
2057         (WebCore::isEmojiModifier):
2058         (WebCore::RenderText::previousOffsetForBackwardDeletion):
2059
2060 2015-02-03  Jer Noble  <jer.noble@apple.com>
2061
2062         Passing invalid values to OfflineAudioContext's constructor should not crash.
2063         https://bugs.webkit.org/show_bug.cgi?id=141197
2064
2065         Reviewed by Darin Adler.
2066
2067         Test: webaudio/offlineaudiocontext-constructor.html
2068
2069         Throw a SYNTAX_ERR exception if passed in a zero for channelCount or numberOfSamples. This avoids
2070         a crash where OfflineAudioDestinationNode is passed a null renderTarget.
2071
2072         * Modules/webaudio/OfflineAudioContext.cpp:
2073         (WebCore::OfflineAudioContext::create):
2074
2075 2015-02-03  Jer Noble  <jer.noble@apple.com>
2076
2077         [MSE] Setting timestampOffset does not change the timestamps in the actual sample, leading to visual and audible errors.
2078         https://bugs.webkit.org/show_bug.cgi?id=140929
2079
2080         Reviewed by Darin Adler.
2081
2082         Test: media/media-source/media-source-timeoffset.html
2083
2084         Changing timestampOffset will correctly offset the presentation and decode times within SourceBuffer and
2085         will correctly modify things like buffered ranges. But those changes need to be reflected in the underlying
2086         MediaSample for decoders to decode and display the samples at the correct times.
2087
2088         Add a method to MediaSample which allows the caller to offset timestamps of the underlying PlatformMediaSample.
2089
2090         * Modules/mediasource/SourceBuffer.cpp:
2091         (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample): Call offsetTimestampsBy() on the sample.
2092         * platform/MediaSample.h:
2093         * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
2094         (WebCore::MediaSampleAVFObjC::offsetTimestampsBy): Create a new sample with the same underlying data
2095             but with a new timing info array, each timing info offset by the requested amount.
2096         * platform/mock/mediasource/MockBox.h:
2097         (WebCore::MockBox::offsetTimestampsBy): Offset m_presentationTimestamp and m_decodeTimestamp;
2098         * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
2099         (WebCore::MockMediaSample::offsetTimestampsBy): Pass to MockBox.
2100
2101 2015-02-03  Jer Noble  <jer.noble@apple.com>
2102
2103         [Mac][EME] Crash in CDMSessionMediaSourceAVFObjC::layerDidReceiveError() - NSError not KVO compliant for key NSUnderlyingError.
2104         https://bugs.webkit.org/show_bug.cgi?id=140529
2105
2106         Reviewed by Darin Adler.
2107
2108         The underlying error should be fetched from the userInfo dictionary, not the error itself.
2109
2110         * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
2111         (WebCore::systemCodeForError):
2112
2113 2015-02-03  Commit Queue  <commit-queue@webkit.org>
2114
2115         Unreviewed, rolling out r179548.
2116         https://bugs.webkit.org/show_bug.cgi?id=141201
2117
2118         Hits debug assertions in 50+ SVG tests (Requested by brrian on
2119         #webkit).
2120
2121         Reverted changeset:
2122
2123         "Move InstanceInvalidationGuard/UpdateBlocker to SVGElement
2124         from SVGElementInstance"
2125         https://bugs.webkit.org/show_bug.cgi?id=141148
2126         http://trac.webkit.org/changeset/179548
2127
2128 2015-02-03  Jer Noble  <jer.noble@apple.com>
2129
2130         [Mac] HLS audio is not correctly selected according to system language
2131         https://bugs.webkit.org/show_bug.cgi?id=140398
2132         rdar://problem/19218487
2133
2134         Reviewed by Darin Adler.
2135
2136         Test: http/tests/media/hls/hls-audio-tracks-locale-selection.html
2137
2138         When AVMediaSelectionOptions come and go and no explicit track selection choice has
2139         been made, automatically pick the most appropriate track according to the user's
2140         current preferred locale settings.
2141
2142         * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.h:
2143         * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.mm:
2144         (WebCore::MediaSelectionGroupAVFObjC::MediaSelectionGroupAVFObjC): Set m_shouldSelectOptionAutomatically
2145             to true by default.
2146         (WebCore::MediaSelectionGroupAVFObjC::updateOptions): If m_shouldSelectOptionAutomatically is set
2147             pick the most appropriate media selection option.
2148         (WebCore::MediaSelectionGroupAVFObjC::setSelectedOption): Set m_shouldSelectOptionAutomatically to false.
2149         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
2150         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerItem): Remove these automatic selection
2151             requests as they are ineffective when -appliesMediaSelectionCriteriaAutomatically is NO.
2152
2153 2015-02-03  Darin Adler  <darin@apple.com>
2154
2155         Move InstanceInvalidationGuard/UpdateBlocker to SVGElement from SVGElementInstance
2156         https://bugs.webkit.org/show_bug.cgi?id=141148
2157
2158         Reviewed by Brent Fulgham.
2159
2160         Inspired by this change Rob Buis made in Blink:
2161
2162             http://src.chromium.org/viewvc/blink?view=revision&revision=173343
2163
2164         I actually wrote the whole thing and then discovered we did it almost identically.
2165
2166         * svg/SVGAnimatedTypeAnimator.cpp:
2167         (WebCore::SVGElementAnimatedPropertyList::setInstanceUpdatesBlocked): Added this
2168         helper function to get around a circular header dependency.
2169         * svg/SVGAnimatedTypeAnimator.h:
2170         (WebCore::SVGAnimatedTypeAnimator::executeAction): Use setInstanceUpdatesBlocked.
2171
2172         * svg/SVGElement.cpp:
2173         (WebCore::SVGElement::removedFrom): Use invalidateInstances.
2174         (WebCore::SVGElement::finishParsingChildren): Ditto.
2175         (WebCore::SVGElement::svgAttributeChanged): Ditto.
2176         (WebCore::SVGElement::childrenChanged): Ditto.
2177         (WebCore::SVGElement::setInstanceUpdatesBlocked): Added an assertion that will
2178         catch anyone who nests InstanceUpdateBlocker by accident.
2179         (WebCore::SVGElement::invalidateInstances): Moved this here from
2180         SVGElementInstance::invalidateAllInstancesOfElement. I had already modified this
2181         so it had nothing to do with SVGElementInstance, so it was a simple matter of
2182         converting this into a member function. Added a FIXME about the mysterious
2183         updateStyleIfNeeded that makes multiple tests fail if it's removed.
2184
2185         * svg/SVGElement.h: Added public InstanceUpdateBlocker class, protected
2186         InstanceInvalidationGuard class, and private invalidateInstances function.
2187         Unlike the ones in SVGElementInstance these use references so they are then
2188         not copyable without using the WTF_MAKE_NONCOPYABLE macro.
2189
2190         * svg/SVGElementInstance.cpp:
2191         (WebCore::SVGElementInstance::invalidateAllInstancesOfElement): Deleted.
2192         (WebCore::SVGElementInstance::InstanceUpdateBlocker::InstanceUpdateBlocker): Deleted.
2193         (WebCore::SVGElementInstance::InstanceUpdateBlocker::~InstanceUpdateBlocker): Deleted.
2194         * svg/SVGElementInstance.h: Removed InvalidationGuard, InstanceUpdateBlocker, and
2195         invalidateAllInstancesOfElement. Didn't do any further cleanup since we soon will
2196         delete this entire file.
2197
2198         * svg/SVGAElement.cpp:
2199         (WebCore::SVGAElement::svgAttributeChanged): Updated to use new name and reference
2200         instead of pointer.
2201         * svg/SVGAnimateElementBase.cpp:
2202         (WebCore::applyCSSPropertyToTargetAndInstances): Ditto.
2203         (WebCore::removeCSSPropertyFromTargetAndInstances): Ditto.
2204         (WebCore::notifyTargetAndInstancesAboutAnimValChange): Ditto.
2205         * svg/SVGAnimatedPath.cpp:
2206         (WebCore::SVGAnimatedPathAnimator::startAnimValAnimation): Ditto.
2207         * svg/SVGCircleElement.cpp:
2208         (WebCore::SVGCircleElement::svgAttributeChanged): Ditto.
2209         * svg/SVGClipPathElement.cpp:
2210         (WebCore::SVGClipPathElement::svgAttributeChanged): Ditto.
2211         * svg/SVGComponentTransferFunctionElement.cpp:
2212         (WebCore::SVGComponentTransferFunctionElement::svgAttributeChanged): Ditto.
2213         * svg/SVGCursorElement.cpp:
2214         (WebCore::SVGCursorElement::svgAttributeChanged): Ditto.
2215         * svg/SVGEllipseElement.cpp:
2216         (WebCore::SVGEllipseElement::svgAttributeChanged): Ditto.
2217         * svg/SVGFEBlendElement.cpp:
2218         (WebCore::SVGFEBlendElement::svgAttributeChanged): Ditto.
2219         * svg/SVGFEColorMatrixElement.cpp:
2220         (WebCore::SVGFEColorMatrixElement::svgAttributeChanged): Ditto.
2221         * svg/SVGFECompositeElement.cpp:
2222         (WebCore::SVGFECompositeElement::svgAttributeChanged): Ditto.
2223         * svg/SVGFEConvolveMatrixElement.cpp:
2224         (WebCore::SVGFEConvolveMatrixElement::svgAttributeChanged): Ditto.
2225         * svg/SVGFEDiffuseLightingElement.cpp:
2226         (WebCore::SVGFEDiffuseLightingElement::svgAttributeChanged): Ditto.
2227         * svg/SVGFEDisplacementMapElement.cpp:
2228         (WebCore::SVGFEDisplacementMapElement::svgAttributeChanged): Ditto.
2229         * svg/SVGFEDropShadowElement.cpp:
2230         (WebCore::SVGFEDropShadowElement::svgAttributeChanged): Ditto.
2231         * svg/SVGFEGaussianBlurElement.cpp:
2232         (WebCore::SVGFEGaussianBlurElement::svgAttributeChanged): Ditto.
2233         * svg/SVGFEImageElement.cpp:
2234         (WebCore::SVGFEImageElement::svgAttributeChanged): Ditto.
2235         * svg/SVGFELightElement.cpp:
2236         (WebCore::SVGFELightElement::svgAttributeChanged): Ditto.
2237         * svg/SVGFEMergeNodeElement.cpp:
2238         (WebCore::SVGFEMergeNodeElement::svgAttributeChanged): Ditto.
2239         * svg/SVGFEMorphologyElement.cpp:
2240         (WebCore::SVGFEMorphologyElement::svgAttributeChanged): Ditto.
2241         * svg/SVGFEOffsetElement.cpp:
2242         (WebCore::SVGFEOffsetElement::svgAttributeChanged): Ditto.
2243         * svg/SVGFESpecularLightingElement.cpp:
2244         (WebCore::SVGFESpecularLightingElement::svgAttributeChanged): Ditto.
2245         * svg/SVGFETileElement.cpp:
2246         (WebCore::SVGFETileElement::svgAttributeChanged): Ditto.
2247         * svg/SVGFETurbulenceElement.cpp:
2248         (WebCore::SVGFETurbulenceElement::svgAttributeChanged): Ditto.
2249         * svg/SVGFilterElement.cpp:
2250         (WebCore::SVGFilterElement::svgAttributeChanged): Ditto.
2251         * svg/SVGFilterPrimitiveStandardAttributes.cpp:
2252         (WebCore::SVGFilterPrimitiveStandardAttributes::svgAttributeChanged): Ditto.
2253         * svg/SVGForeignObjectElement.cpp:
2254         (WebCore::SVGForeignObjectElement::svgAttributeChanged): Ditto.
2255         * svg/SVGGElement.cpp:
2256         (WebCore::SVGGElement::svgAttributeChanged): Ditto.
2257         * svg/SVGGradientElement.cpp:
2258         (WebCore::SVGGradientElement::svgAttributeChanged): Ditto.
2259         * svg/SVGGraphicsElement.cpp:
2260         (WebCore::SVGGraphicsElement::svgAttributeChanged): Ditto.
2261         * svg/SVGImageElement.cpp:
2262         (WebCore::SVGImageElement::svgAttributeChanged): Ditto.
2263         * svg/SVGLineElement.cpp:
2264         (WebCore::SVGLineElement::svgAttributeChanged): Ditto.
2265         * svg/SVGLinearGradientElement.cpp:
2266         (WebCore::SVGLinearGradientElement::svgAttributeChanged): Ditto.
2267         * svg/SVGMPathElement.cpp:
2268         (WebCore::SVGMPathElement::svgAttributeChanged): Ditto.
2269         * svg/SVGMarkerElement.cpp:
2270         (WebCore::SVGMarkerElement::svgAttributeChanged): Ditto.
2271         * svg/SVGMaskElement.cpp:
2272         (WebCore::SVGMaskElement::svgAttributeChanged): Ditto.
2273         * svg/SVGPathElement.cpp:
2274         (WebCore::SVGPathElement::svgAttributeChanged): Ditto.
2275         * svg/SVGPatternElement.cpp:
2276         (WebCore::SVGPatternElement::svgAttributeChanged): Ditto.
2277         * svg/SVGPolyElement.cpp:
2278         (WebCore::SVGPolyElement::svgAttributeChanged): Ditto.
2279         * svg/SVGRadialGradientElement.cpp:
2280         (WebCore::SVGRadialGradientElement::svgAttributeChanged): Ditto.
2281         * svg/SVGRectElement.cpp:
2282         (WebCore::SVGRectElement::svgAttributeChanged): Ditto.
2283         * svg/SVGSVGElement.cpp:
2284         (WebCore::SVGSVGElement::svgAttributeChanged): Ditto.
2285         * svg/SVGScriptElement.cpp:
2286         (WebCore::SVGScriptElement::svgAttributeChanged): Ditto.
2287         * svg/SVGStopElement.cpp:
2288         (WebCore::SVGStopElement::svgAttributeChanged): Ditto.
2289         * svg/SVGSymbolElement.cpp:
2290         (WebCore::SVGSymbolElement::svgAttributeChanged): Ditto.
2291         * svg/SVGTRefElement.cpp:
2292         (WebCore::SVGTRefElement::svgAttributeChanged): Ditto.
2293         * svg/SVGTextContentElement.cpp:
2294         (WebCore::SVGTextContentElement::svgAttributeChanged): Ditto.
2295         * svg/SVGTextPathElement.cpp:
2296         (WebCore::SVGTextPathElement::svgAttributeChanged): Ditto.
2297         * svg/SVGTextPositioningElement.cpp:
2298         (WebCore::SVGTextPositioningElement::svgAttributeChanged): Ditto.
2299         * svg/SVGUseElement.cpp:
2300         (WebCore::SVGUseElement::svgAttributeChanged): Ditto.
2301         * svg/animation/SVGSMILElement.cpp:
2302         (WebCore::SVGSMILElement::svgAttributeChanged): Ditto.
2303
2304 2015-02-02  Darin Adler  <darin@apple.com>
2305
2306         REGRESSION (r170576): Storage leaks in parsing of CSS image sizes
2307         https://bugs.webkit.org/show_bug.cgi?id=141026
2308
2309         Reviewed by Brent Fulgham.
2310
2311         Forgot to actually fix the leak in the successful parse case!
2312
2313         * css/CSSParser.cpp:
2314         (WebCore::CSSParser::sourceSize): Added a call to destroy.
2315
2316 2015-02-02  Benjamin Poulain  <benjamin@webkit.org>
2317
2318         JIT Compile simple cases of :nth-last-child()
2319         https://bugs.webkit.org/show_bug.cgi?id=141053
2320
2321         Reviewed by Andreas Kling.
2322
2323         This patch adds the code generator for :nth-last-child(), skipping
2324         any :nth-last-child(An+B of selector list).
2325
2326         The code generator is boring here, nothing fancy.
2327         There is no optimization opportunity here so it is basically the same
2328         speed as the code generated by Clang when the simple selector is alone.
2329
2330         The only reason to JIT compile this is to avoid going to slow-path
2331         for every selector that contain :nth-last-child().
2332
2333         * cssjit/SelectorCompiler.cpp:
2334         (WebCore::SelectorCompiler::addNthChildType):
2335         The code creating the intermediate representation of :nth-child() is exactly
2336         the same as what we need for :nth-last-child(). I extracted the code from addPseudoClassType()
2337         and share it for both simple selectors.
2338
2339         (WebCore::SelectorCompiler::addPseudoClassType):
2340         I fail :nth-last-child(An+B of selector list). Let's add it later.
2341
2342         (WebCore::SelectorCompiler::minimumRegisterRequirements):
2343         Oops, there was a bug with nthChildOfFilters.
2344
2345         (WebCore::SelectorCompiler::hasAnyCombinators):
2346         (WebCore::SelectorCompiler::computeBacktrackingMemoryRequirements):
2347         (WebCore::SelectorCompiler::computeBacktrackingInformation):
2348         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatching):
2349         (WebCore::SelectorCompiler::setChildrenAffectedByBackwardPositionalRules):
2350         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthLastChild):
2351
2352 2015-02-02  Zalan Bujtas  <zalan@apple.com>
2353
2354         Simple line layout: Rename FlowContentsIterator to TextFragmentIterator.
2355         https://bugs.webkit.org/show_bug.cgi?id=141177
2356
2357         Rubber-stamped by Antti Koivisto
2358
2359         FlowContentsIterator is easy to confuse with FlowContents::Iterator.
2360         TextFragmentIterator reflects the functionality better.
2361
2362         No change in functionality.
2363
2364         * CMakeLists.txt:
2365         * WebCore.vcxproj/WebCore.vcxproj:
2366         * WebCore.vcxproj/WebCore.vcxproj.filters:
2367         * WebCore.xcodeproj/project.pbxproj:
2368         * rendering/SimpleLineLayout.cpp:
2369         (WebCore::SimpleLineLayout::LineState::setOverflowedFragment):
2370         (WebCore::SimpleLineLayout::LineState::overflowedFragment):
2371         (WebCore::SimpleLineLayout::LineState::appendFragment):
2372         (WebCore::SimpleLineLayout::begin):
2373         (WebCore::SimpleLineLayout::end):
2374         (WebCore::SimpleLineLayout::preWrap):
2375         (WebCore::SimpleLineLayout::removeTrailingWhitespace):
2376         (WebCore::SimpleLineLayout::splitFragmentToFitLine):
2377         (WebCore::SimpleLineLayout::firstFragment):
2378         (WebCore::SimpleLineLayout::createLineRuns):
2379         (WebCore::SimpleLineLayout::closeLineEndingAndAdjustRuns):
2380         (WebCore::SimpleLineLayout::splitRunsAtRendererBoundary):
2381         (WebCore::SimpleLineLayout::createTextRuns):
2382         * rendering/SimpleLineLayoutTextFragmentIterator.cpp: Renamed from Source/WebCore/rendering/SimpleLineLayoutFlowContentsIterator.cpp.
2383         (WebCore::SimpleLineLayout::TextFragmentIterator::Style::Style):
2384         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragmentIterator):
2385         (WebCore::SimpleLineLayout::TextFragmentIterator::nextTextFragment):
2386         (WebCore::SimpleLineLayout::TextFragmentIterator::textWidth):
2387         (WebCore::SimpleLineLayout::nextBreakablePosition):
2388         (WebCore::SimpleLineLayout::TextFragmentIterator::findNextBreakablePosition):
2389         (WebCore::SimpleLineLayout::findNextNonWhitespace):
2390         (WebCore::SimpleLineLayout::TextFragmentIterator::findNextNonWhitespacePosition):
2391         (WebCore::SimpleLineLayout::TextFragmentIterator::runWidth):
2392         * rendering/SimpleLineLayoutTextFragmentIterator.h: Renamed from Source/WebCore/rendering/SimpleLineLayoutFlowContentsIterator.h.
2393         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::TextFragment):
2394         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::start):
2395         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::end):
2396         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::width):
2397         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::type):
2398         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::isCollapsed):
2399         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::isBreakable):
2400         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::isEmpty):
2401         (WebCore::SimpleLineLayout::TextFragmentIterator::style):
2402         (WebCore::SimpleLineLayout::TextFragmentIterator::segmentForPosition):
2403         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::split):
2404         (WebCore::SimpleLineLayout::TextFragmentIterator::characterAt):
2405         (WebCore::SimpleLineLayout::TextFragmentIterator::isLineBreak):
2406         (WebCore::SimpleLineLayout::TextFragmentIterator::isEnd):
2407
2408 2015-02-02  Chris Dumez  <cdumez@apple.com>
2409
2410         Add diagnostic logging for ResourceResponse's source
2411         https://bugs.webkit.org/show_bug.cgi?id=141170
2412         <rdar://problem/19632080>
2413
2414         Reviewed by Antti Koivisto.
2415
2416         Add diagnostic logging for ResourceResponse's source (network, disk
2417         cache, disk cache after validation) to give us an idea of our network
2418         cache efficacy.
2419
2420         * loader/ResourceLoader.cpp:
2421         (WebCore::logResourceResponseSource):
2422         (WebCore::ResourceLoader::didReceiveResponse):
2423         * page/DiagnosticLoggingKeys.cpp:
2424         (WebCore::DiagnosticLoggingKeys::networkKey):
2425         (WebCore::DiagnosticLoggingKeys::diskCacheKey):
2426         (WebCore::DiagnosticLoggingKeys::diskCacheAfterValidationKey):
2427         (WebCore::DiagnosticLoggingKeys::resourceResponseKey):
2428         (WebCore::DiagnosticLoggingKeys::scriptKey):
2429         (WebCore::DiagnosticLoggingKeys::sourceKey):
2430         * page/DiagnosticLoggingKeys.h:
2431
2432 2015-02-02  Dhi Aurrahman  <diorahman@rockybars.com>
2433
2434         Optimize matchesLangPseudoClass() of :lang()
2435         https://bugs.webkit.org/show_bug.cgi?id=140873
2436
2437         Reviewed by Darin Adler.
2438
2439         Avoid unnecessary memory allocation.
2440
2441         No new tests, no behavior changed.
2442
2443         * css/SelectorCheckerTestFunctions.h:
2444         (WebCore::equalIgnoringASCIICase):
2445         (WebCore::containslanguageSubtagMatchingRange):
2446         (WebCore::matchesLangPseudoClass):
2447
2448 2015-02-02  Roger Fong  <roger_fong@apple.com>
2449
2450         WebGL2: Implement spec section 3.7.1 Setting and getting state (Part 2).
2451         https://bugs.webkit.org/show_bug.cgi?id=141096
2452         <rdar://problem/15002469>
2453
2454         Reviewed by Brent Fulgham.
2455
2456         This patch handles some of the valid arguments that could be passed into getParameter.
2457         The unhandled cases will be implemented as the associated WebGL2 features are implemented.
2458         In addition, getParameter queries that return 64 bit integer currently just return 0 as 
2459         we need to use ::glGetInteger64v which is only available in GLES 3.0 headers.
2460         I will be adding these headers in a future patch.
2461
2462         * bindings/js/JSWebGL2RenderingContextCustom.cpp:
2463         (WebCore::toJS): Accept a 64 bit integer type.
2464         * html/canvas/WebGL2RenderingContext.cpp: Handle various parameter inputs.
2465         (WebCore::WebGL2RenderingContext::getParameter):
2466         * html/canvas/WebGLGetInfo.cpp: Add a 64 bit integer type.
2467         (WebCore::WebGLGetInfo::WebGLGetInfo):
2468         (WebCore::WebGLGetInfo::getInt64):
2469         * html/canvas/WebGLGetInfo.h:
2470         * html/canvas/WebGLRenderingContextBase.cpp:
2471         (WebCore::WebGLRenderingContextBase::getInt64Parameter):
2472         * html/canvas/WebGLRenderingContextBase.h:
2473         * platform/graphics/GraphicsContext3D.h:
2474         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
2475         (WebCore::GraphicsContext3D::getInteger64v):
2476
2477 2015-02-02  Zalan Bujtas  <zalan@apple.com>
2478
2479         Simple line layout: use std::upper_bound in splitFragmentToFitLine()
2480         https://bugs.webkit.org/show_bug.cgi?id=141146
2481
2482         Reviewed by Antti Koivisto.
2483
2484         Replace the custom binary search implementation with std::upper_bound and
2485         move splitting functionality to TextFragment.
2486
2487         No change in functionality.
2488
2489         * rendering/SimpleLineLayout.cpp:
2490         (WebCore::SimpleLineLayout::FragmentForwardIterator::FragmentForwardIterator):
2491         (WebCore::SimpleLineLayout::FragmentForwardIterator::operator++):
2492         (WebCore::SimpleLineLayout::FragmentForwardIterator::operator!=):
2493         (WebCore::SimpleLineLayout::FragmentForwardIterator::operator*):
2494         (WebCore::SimpleLineLayout::begin):
2495         (WebCore::SimpleLineLayout::end):
2496         (WebCore::SimpleLineLayout::splitFragmentToFitLine):
2497         * rendering/SimpleLineLayoutFlowContentsIterator.cpp:
2498         (WebCore::SimpleLineLayout::FlowContentsIterator::runWidth):
2499         * rendering/SimpleLineLayoutFlowContentsIterator.h:
2500         (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::split):
2501
2502 2015-02-02  Geoffrey Garen  <ggaren@apple.com>
2503
2504         Use FastMalloc (bmalloc) instead of BlockAllocator for GC pages
2505         https://bugs.webkit.org/show_bug.cgi?id=140900
2506
2507         Reviewed by Mark Hahnenberg.
2508
2509         Re-landing just the HandleBlock piece of this patch.
2510
2511         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
2512         (WebCore::MemoryPressureHandler::install):
2513
2514 2015-02-02  Brent Fulgham  <bfulgham@apple.com>
2515
2516         [Win] 64-bit build fix after r179492.
2517
2518         * WebCore.vcxproj/WebCore.vcxproj: Forgot to build these files
2519         as standalone under 64-bit target.
2520
2521 2015-02-02  Benjamin Poulain  <bpoulain@apple.com>
2522
2523         Clean up attribute handling: part 2 - attributeNode
2524         https://bugs.webkit.org/show_bug.cgi?id=141109
2525
2526         Reviewed by Andreas Kling.
2527
2528         Our implementation was covering some old legacy behaviors of Firefox,
2529         even copying bugs in some cases.
2530
2531         The spec (https://dom.spec.whatwg.org) now defines the behavior precisely,
2532         let's move a bit closer to that.
2533
2534         Tests: fast/dom/Element/attribute-ascii-case-insensitive-3.html
2535                fast/dom/Element/attribute-setAttributeNode-multiple-times.html
2536                fast/dom/Element/attribute-setAttributeNodeNS-multiple-times.html
2537                fast/dom/Element/mozilla-dom-base-tests/test_bug1075702.html
2538                fast/dom/Element/mozilla-dom-base-tests/test_bug339494.html
2539                fast/dom/Element/mozilla-dom-base-tests/test_bug364092.xhtml
2540                fast/dom/Element/setAttributeNode-overriding-lowercase-values.html
2541
2542         * dom/Element.cpp:
2543         (WebCore::findAttrNodeInList):
2544         New getter for the name-without-namespace case.
2545
2546         (WebCore::Element::setAttributeNode):
2547         This one is the tricky one: https://dom.spec.whatwg.org/#dom-element-setattributenode
2548
2549         When setAttributeNode() is used with an AttributeNode without namespace,
2550         getting the old value behaves like getAttribute(), with ASCII lowercase name matching.
2551         When used with a namespace, getting the old value behaves like getAttributeNS().
2552
2553         Setting the value is a whole different story, the name used always keeps
2554         the original case.
2555
2556         Now that's a bit tricky for us because AttributeNodes are just legacy stuff we don't
2557         used internally.
2558
2559         We have 4 cases to handle:
2560         1) The name being set is lowercase, there was no conflicting name on the element.
2561            That's easy, we just override any node that would exist, set the name otherwise.
2562         2) The name is lowercase but there was an existing attribute for it.
2563            -We create a new AttributeNode for the name to represent the old name.
2564            -We check the names are the same with attribute.name().matches(attrNode->qualifiedName())
2565             and override the value.
2566         3) The name has uppercase characters, there is no conflicting name.
2567            We would not find an element to remove, we just use setAttributeInternal() as usual
2568            to add the attribute;
2569         4) The name has uppercase characters, there is a lowercase conflicing name.
2570            This is the weird behavior: we need to nuke the old attribute, then add the new attribute
2571            with a different case.
2572
2573            First we remove the attribute with a lowercase name with removeAttributeInternal().
2574            That becomes the old node.
2575
2576            There might still be an element of the same name as what we are trying to add. We don't want
2577            to add another version of the same attribute. We need to use findAttributeIndexByName() again
2578            to find if there is a conflicting attribute. Then we call setAttributeInternal() which handle
2579            the both the cases where there was an element or not.
2580
2581         (WebCore::Element::setAttributeNodeNS):
2582         This should work like any "NS" method.
2583
2584         (WebCore::Element::removeAttributeNode):
2585         The method removeAttributeNode() is supposed to be exact.
2586
2587         (WebCore::Element::getAttributeNode):
2588         (WebCore::Element::hasAttribute):
2589         (WebCore::Element::attrIfExists):
2590         * dom/Element.h:
2591         * dom/ElementData.cpp:
2592         (WebCore::ElementData::findAttributeIndexByNameSlowCase): Deleted.
2593         (WebCore::ElementData::findAttributeIndexByNameForAttributeNode): Deleted.
2594         Kill the slow case, every caller has been updated now.
2595         * dom/ElementData.h:
2596         (WebCore::ElementData::findAttributeIndexByName):
2597         * dom/QualifiedName.h:
2598         (WebCore::QualifiedName::matchesIgnoringCaseForLocalName): Deleted.
2599
2600 2015-02-02  peavo@outlook.com  <peavo@outlook.com>
2601
2602         Memory is written to after deallocated, in GraphicsLayer::setMaskLayer.
2603         https://bugs.webkit.org/show_bug.cgi?id=141168
2604
2605         Reviewed by Brent Fulgham.
2606
2607         Visual Studio detected that a deallocated heap block had been modified in GraphicsLayer::setMaskLayer,
2608         when called from RenderLayerBacking::updateChildClippingStrategy.
2609
2610         * rendering/RenderLayerBacking.cpp:
2611         (WebCore::RenderLayerBacking::updateChildClippingStrategy):
2612
2613 2015-02-02  Andreas Kling  <akling@apple.com>
2614
2615         [Cocoa] Make decoded image data purgeable ASAP.
2616         <https://webkit.org/b/140298>
2617         <rdar://problem/19623377>
2618
2619         Reviewed by Antti Koivisto.
2620
2621         Re-landing this patch since it turned out to not be the cause of
2622         the memory regression we saw around that revision.
2623
2624         Mark decoded images as "transient" which makes CoreGraphics mark
2625         the backing stores as purgeable shortly after they're used.
2626
2627         The decoded representation will remain in CoreGraphics's caches
2628         indefinitely unless the kernel gets starved and needs the pages.
2629
2630         Most resources will now reach a state where the encoded data is
2631         mmap'ed from disk cache (once the entire resource is downloaded)
2632         and the decoded data is purgeable.
2633
2634         This also has the side effect of making the MemoryCache more
2635         palatial since the decoded data cost can be deducted for images,
2636         allowing us to cache more resources.
2637
2638         Note that the worst case for this new behavior would be something
2639         like hovering below 100% memory utilization and constantly having
2640         to drop and re-decode images. While churny, it still beats
2641         crashing the process, plus there's tiling to remove many of the
2642         reasons we'd need the decoded data.
2643
2644         * platform/graphics/cg/ImageSourceCG.cpp:
2645         (WebCore::ImageSource::createFrameAtIndex):
2646
2647 2015-02-02  Joseph Pecoraro  <pecoraro@apple.com>
2648
2649         Web Inspector: Support console.table
2650         https://bugs.webkit.org/show_bug.cgi?id=141058
2651
2652         Reviewed by Timothy Hatcher.
2653
2654         * inspector/CommandLineAPIModuleSource.js:
2655         Include "table(foo)" as an alias of "console.table(foo)" on
2656         the command line.
2657
2658 2015-02-02  Roger Fong  <roger_fong@apple.com>
2659
2660         [Win] Build fix following r179482.
2661
2662         * WebCore.vcxproj/WebCore.vcxproj:
2663         * WebCore.vcxproj/WebCore.vcxproj.filters:
2664         * bindings/js/JSBindingsAllInOne.cpp:
2665         * platform/graphics/GraphicsContext3D.h:
2666
2667 2015-02-02  Chris Dumez  <cdumez@apple.com>
2668
2669         Access MemoryCache singleton using MemoryCache::singleton()
2670         https://bugs.webkit.org/show_bug.cgi?id=141104
2671
2672         Reviewed by Andreas Kling.
2673
2674         Access MemoryCache singleton using MemoryCache::singleton() static
2675         member function, instead of a free function, as per the recent
2676         coding style discussion on WebKit-dev.
2677
2678 2015-02-02  Zalan Bujtas  <zalan@apple.com>
2679
2680         Ambiguous naming: Do not call replacedContentRect()'s return value paint rect.
2681         https://bugs.webkit.org/show_bug.cgi?id=141125
2682
2683         Reviewed by Simon Fraser.
2684
2685         It's the content box rect with the object-fit adjustment.
2686
2687         No change in functionality.
2688
2689         * rendering/RenderHTMLCanvas.cpp:
2690         (WebCore::RenderHTMLCanvas::paintReplaced):
2691         * rendering/RenderImage.cpp:
2692         (WebCore::RenderImage::updateInnerContentRect):
2693         (WebCore::RenderImage::paintReplaced):
2694         * rendering/RenderReplaced.cpp:
2695         (WebCore::RenderReplaced::replacedContentRect):
2696         * rendering/SimpleLineLayout.cpp:
2697         (WebCore::SimpleLineLayout::splitFragmentToFitLine):
2698
2699 2015-02-02  Brent Fulgham  <bfulgham@apple.com>
2700
2701         [Win] Build fix after r179476.
2702         https://bugs.webkit.org/show_bug.cgi?id=141026
2703
2704         Reviewed by Anders Carlsson.
2705
2706         MSVC has a compiler bug that forces us to make some explicit statements about how
2707         the passed pointer values are handled.
2708
2709         * css/CSSParser.cpp:
2710         (WebCore::CSSParser::SourceSize::SourceSize):
2711         (WebCore::CSSParser::sourceSize):
2712         * css/CSSParser.h:
2713
2714 2015-02-02  Benjamin Poulain  <benjamin@webkit.org>
2715
2716         Get rid of invalidSelectorVector, use Bison's error recovery instead
2717         https://bugs.webkit.org/show_bug.cgi?id=141147
2718
2719         Reviewed by Darin Adler.
2720
2721         * css/CSSGrammar.y.in:
2722         Instead of reducing a null selector, we can use a real parsing error
2723         to get out of invalid selector endings.
2724
2725         When that happens, Bison will pop the stack until it can reduce any
2726         valid error recovery rules.
2727
2728         The problem is to make sure there is no floating values because
2729         none of the reduce block between the error and the recovery would
2730         be executed.
2731
2732         In this case, "nth_selector_ending" is a non-recursive production of
2733         the NTHCHILDFUNCTIONS. In turn, NTHCHILDFUNCTIONS are productions
2734         of the non-recursive "pseudo". "pseudo" is only used as a trivial
2735         production of "specifier". "specifier" is only used by "specifier_list".
2736
2737         "specifier_list" has error recovery code -> no production could have
2738         generated a floating values between "specifier_list" and "nth_selector_ending".
2739
2740 2015-01-30  Roger Fong  <roger_fong@apple.com>
2741
2742         WebGL2: Implement spec section 3.7.1 Setting and getting state (Part 1).
2743         https://bugs.webkit.org/show_bug.cgi?id=141096
2744         <rdar://problem/15002469>
2745
2746         Reviewed by Brent Fulgham.
2747
2748         This patch implements the WebGL2 versions of getParameter, getIndexedParameter and isEnabled.
2749         It also removes the WebGL1 implementations from WebGLRenderingContextBase and moves it to WebGLRenderingContext.
2750         I’ve stubbed out most of the parameters for now, some of which will be implemented in Part 2, 
2751         and the rest as the our WebGL2 implementation progresses.        
2752
2753         * bindings/js/JSWebGL2RenderingContextCustom.cpp:
2754         (WebCore::toJS):
2755         (WebCore::JSWebGL2RenderingContext::getIndexedParameter):
2756         * html/canvas/WebGL2RenderingContext.cpp:
2757         (WebCore::WebGL2RenderingContext::getIndexedParameter):
2758         (WebCore::WebGL2RenderingContext::getParameter):
2759         (WebCore::WebGL2RenderingContext::validateCapability):
2760         * html/canvas/WebGL2RenderingContext.h:
2761         * html/canvas/WebGL2RenderingContext.idl:
2762         * html/canvas/WebGLRenderingContext.cpp:
2763         (WebCore::WebGLRenderingContext::getParameter):
2764         (WebCore::WebGLRenderingContext::validateCapability):
2765         * html/canvas/WebGLRenderingContext.h:
2766         * html/canvas/WebGLRenderingContextBase.cpp:
2767         (WebCore::WebGLRenderingContextBase::getParameter): Deleted.
2768         (WebCore::WebGLRenderingContextBase::validateCapability): Deleted.
2769         * html/canvas/WebGLRenderingContextBase.h:
2770         * html/canvas/WebGLRenderingContextBase.idl:
2771         * platform/graphics/GraphicsContext3D.h:
2772
2773 2015-02-02  Daniel Bates  <dabates@apple.com>
2774
2775         [iOS] ASSERTION FAILED: m_scriptExecutionContext->isContextThread() in ContextDestructionObserver::observeContext
2776         https://bugs.webkit.org/show_bug.cgi?id=141057
2777         <rdar://problem/19068790>
2778
2779         Reviewed by Alexey Proskuryakov.
2780
2781         Fixes an issue where we would create-/delete- the RSA crypto keys and dispatch callbacks on the wrong
2782         thread in WebKit1 for iOS. In iOS WebKit1 we should perform such operations on thread WebThread.
2783
2784         This change is covered by existing layout tests.
2785
2786         * crypto/mac/CryptoKeyRSAMac.cpp:
2787         (WebCore::CryptoKeyRSA::generatePair):
2788
2789 2015-02-02  Jeremy Jones  <jeremyj@apple.com>
2790
2791         Prevent crash when accessing WebAVPlayerController.delegate.
2792         https://bugs.webkit.org/show_bug.cgi?id=140893
2793
2794         Reviewed by Darin Adler.
2795
2796         This patch aims to prevent a null delegate access during invalidation by adding null checks before accessing the delegate, by making explicit the recreation of m_playerController, and by consolidating and correcting the teardown sequence.
2797
2798         * WebCore.exp.in:
2799         * platform/ios/WebVideoFullscreenInterface.h: add resetMediaState()
2800         * platform/ios/WebVideoFullscreenInterfaceAVKit.h: ditto.
2801         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
2802         (-[WebAVPlayerController playerViewController:shouldExitFullScreenWithReason:]): Check for null before accessing delegate.
2803         (-[WebAVPlayerController play:]): ditto.
2804         (-[WebAVPlayerController pause:]): ditto.
2805         (-[WebAVPlayerController togglePlayback:]): ditto.
2806         (-[WebAVPlayerController setPlaying:]): ditto.
2807         (-[WebAVPlayerController beginScrubbing:]): ditto.
2808         (-[WebAVPlayerController endScrubbing:]): ditto.
2809         (-[WebAVPlayerController seekToTime:]): ditto.
2810         (-[WebAVPlayerController beginScanningForward:]): ditto.
2811         (-[WebAVPlayerController endScanningForward:]): ditto.
2812         (-[WebAVPlayerController beginScanningBackward:]): ditto.
2813         (-[WebAVPlayerController endScanningBackward:]): ditto.
2814         (-[WebAVPlayerController seekToBeginning:]): ditto.
2815         (-[WebAVPlayerController seekToEnd:]): ditto.
2816         (-[WebAVPlayerController setCurrentAudioMediaSelectionOption:]): ditto.
2817         (-[WebAVPlayerController setCurrentLegibleMediaSelectionOption:]): ditto.
2818         (-[WebAVPlayerController layoutSublayersOfLayer:]): ditto.
2819         (WebVideoFullscreenInterfaceAVKit::WebVideoFullscreenInterfaceAVKit): initialize m_playerController
2820         (WebVideoFullscreenInterfaceAVKit::resetMediaState): Added.
2821         (WebVideoFullscreenInterfaceAVKit::setDuration): remove playerController()
2822         (WebVideoFullscreenInterfaceAVKit::setCurrentTime): ditto.
2823         (WebVideoFullscreenInterfaceAVKit::setRate): ditto.
2824         (WebVideoFullscreenInterfaceAVKit::setVideoDimensions): ditto.
2825         (WebVideoFullscreenInterfaceAVKit::setSeekableRanges): ditto.
2826         (WebVideoFullscreenInterfaceAVKit::setCanPlayFastReverse): ditto.
2827         (WebVideoFullscreenInterfaceAVKit::setAudioMediaSelectionOptions): ditto.
2828         (WebVideoFullscreenInterfaceAVKit::setLegibleMediaSelectionOptions): ditto.
2829         (WebVideoFullscreenInterfaceAVKit::setExternalPlayback): ditto.
2830         (WebVideoFullscreenInterfaceAVKit::setupFullscreenInternal): ditto.
2831         (WebVideoFullscreenInterfaceAVKit::enterFullscreenStandard): ditto.
2832         (WebVideoFullscreenInterfaceAVKit::cleanupFullscreenInternal): consolidated cleanup code from invalidate()
2833         (WebVideoFullscreenInterfaceAVKit::invalidate): consolidate cleanup code.
2834         (WebVideoFullscreenInterfaceAVKit::playerController): Deleted.
2835         * platform/ios/WebVideoFullscreenModelVideoElement.mm:
2836         (WebVideoFullscreenModelVideoElement::setVideoElement): call resetMediaState()
2837
2838 2015-02-02  Darin Adler  <darin@apple.com>
2839
2840         REGRESSION (r170576): Storage leaks in parsing of CSS image sizes
2841         https://bugs.webkit.org/show_bug.cgi?id=141026
2842
2843         Reviewed by Anders Carlsson.
2844
2845         * css/CSSGrammar.y.in: Fixed all the shift/reduce conflicts caused
2846         by the ENABLE_PICTURE_SIZES code by removing all the redundant
2847         maybe_space which caused them. Rearranged the productions for
2848         ENABLE_PICTURE_SIZES to tighten up the code quite a bit. Changed
2849         the code to build up the source size vector as a Vector instead of
2850         a special class, and use the SourceSize struct from inside the
2851         CSSParser class.'
2852
2853         * css/CSSParser.cpp:
2854         (WebCore::CSSParser::setupParser): Changed this to take a StringView.
2855         In the future we can change all the parsing functions to take StringView,
2856         since they don't work with the String in place.
2857         (WebCore::CSSParser::parseSizesAttribute): Changed to return a vector
2858         of SourceSize instead of a SourceSizeList. This is better because it's
2859         a real CSS data structure that does not contain a CSSParserValue.
2860         (WebCore::CSSParser::sourceSize): Added. Helper that creates a
2861         SourceSize, mapping parser data structures into real CSS ones.
2862
2863         * css/CSSParser.h: Updated for changes above.
2864
2865         * css/MediaQuery.cpp:
2866         (WebCore::MediaQuery::MediaQuery): Use std::make_unique and the copy
2867         constructor directly instead of using a MediaQuery::copy function.
2868
2869         * css/MediaQueryExp.cpp: Streamlined the class a little bit.
2870         * css/MediaQueryExp.h: Removed unneeded includes. Moved functions out
2871         of the class body so the class is easier to read. Removed the unneeded
2872         copy function.
2873
2874         * css/SourceSizeList.cpp:
2875         (WebCore::SourceSize::match): Changed to use WTF::move instead
2876         of releasing and then re-creating the unique_ptr.
2877         (WebCore::computeLength): Added a comment to explain this function
2878         is using an incorrect strategy. Also added some type checking code
2879         to handle cases where a null or non-primitive CSS value might be
2880         returned. Probably dead code, but we don't want to risk a bad cast.
2881         Worthe cleaning up when we fix the strategy.
2882         (WebCore::SourceSizeList::getEffectiveSize): Updated since the
2883         vector now contains actual SourceSize objects rather than pointers
2884         to SourceSize objects on the heap.
2885
2886         * css/SourceSizeList.h: Changed the CSSParserValue argument to be
2887         an rvalue reference to make it clearer that we take ownership of it
2888         when it's moved in. Added a move constructor and a destructor. Added
2889         comments explaining that it's not correct design to use a
2890         CSSParserValue here, outside the parser. Changed SourceSizeList's
2891         append function to move a SourceSize in rather than a unique_ptr.
2892         Made getEffectiveSize private. Moved the various inline functions to
2893         the bottom of the file to make the class definitions easier to read.
2894
2895
2896         * css/SourceSizeList.cpp: Made almost everything about this private
2897         to this source file instead of public in the header.
2898         (WebCore::match): Made this a free function instead of a member function
2899         and made it take the media query expression as an argument.
2900         (WebCore::computeLength): Changed the argument type to CSSValue*,
2901         rather than using CSSParserValue here outside the parser.
2902         (WebCore::parseSizesAttribute): Streamlined and simplified this.
2903         Now that the parser builds the list in the correct order, there was
2904         no need to iterate backwards any more so we could use a modern for
2905         loop.
2906
2907         * css/SourceSizeList.h: Removed almost everything in this header.
2908
2909         * html/HTMLImageElement.cpp:
2910         (WebCore::HTMLImageElement::parseAttribute): Call the
2911         parseSizesAttribute function as free function since it's no longer
2912         a member of a SourceSizeList class.
2913
2914         * html/parser/HTMLPreloadScanner.cpp:
2915         (WebCore::TokenPreloadScanner::StartTagScanner::processAttributes):
2916         Ditto.
2917
2918 2015-02-02  Darin Adler  <darin@apple.com>
2919
2920         Fix some leaks found by the leak bot
2921         https://bugs.webkit.org/show_bug.cgi?id=141149
2922
2923         Reviewed by Alexey Proskuryakov.
2924
2925         * bindings/js/JSSubtleCryptoCustom.cpp:
2926         (WebCore::importKey): Changed argument types to std::unique_ptr for better code clarity.
2927         (WebCore::JSSubtleCrypto::importKey): Use WTF::move instead of release.
2928         (WebCore::JSSubtleCrypto::wrapKey): Fixed leaks by adding missing delete calls to the
2929         case where we get a DOM exception.
2930         (WebCore::JSSubtleCrypto::unwrapKey): Ditto.
2931
2932         * dom/SelectorQuery.cpp:
2933         (WebCore::SelectorQuery::SelectorQuery): Use WTF::move here. Not clear how this could
2934         have caused the storage leak, but it does seem obviously missing. The leak is pretty big,
2935         implying that we leak almost all CSSSelectorList objects we parse; not sure this fixes it.
2936
2937         * loader/WorkerThreadableLoader.cpp:
2938         (WebCore::WorkerThreadableLoader::MainThreadBridge::didReceiveResponse): Added code to
2939         deleted the unguarded pointer if postTaskForModeToWorkerGlobalScope fails.
2940         (WebCore::WorkerThreadableLoader::MainThreadBridge::didReceiveData): Ditto.
2941         (WebCore::WorkerThreadableLoader::MainThreadBridge::didFail): Ditto.
2942         (WebCore::WorkerThreadableLoader::MainThreadBridge::didFailAccessControlCheck): Ditto.
2943
2944         * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.mm:
2945         (WebCore::MediaSelectionGroupAVFObjC::updateOptions): Added missing adoptNS.
2946
2947         * platform/graphics/mac/GraphicsContextMac.mm:
2948         (WebCore::GraphicsContext::updateDocumentMarkerResources): Added missing release.
2949
2950 2015-02-01  Chris Dumez  <cdumez@apple.com>
2951
2952         Use more references in HistoryItem
2953         https://bugs.webkit.org/show_bug.cgi?id=141133
2954
2955         Reviewed by Andreas Kling.
2956
2957         Use more references in HistoryItem instead of pointers.
2958
2959 2015-02-01  Commit Queue  <commit-queue@webkit.org>
2960
2961         Unreviewed, rolling out r179467 and r179470.
2962         https://bugs.webkit.org/show_bug.cgi?id=141144
2963
2964         Broke svg/custom/use-events-crash.svg (Requested by ap on
2965         #webkit).
2966
2967         Reverted changesets:
2968
2969         "Stop dispatching events with SVGElementInstance objects as
2970         their targets"
2971         https://bugs.webkit.org/show_bug.cgi?id=141108
2972         http://trac.webkit.org/changeset/179467
2973
2974         "REGRESSION(r179467): svg/custom/use-events-crash.svg times
2975         out"
2976         http://trac.webkit.org/changeset/179470
2977
2978 2015-01-31  Darin Adler  <darin@apple.com>
2979
2980         Stop dispatching events to with SVGElementInstance objects as their targets
2981         https://bugs.webkit.org/show_bug.cgi?id=141108
2982
2983         Reviewed by Anders Carlsson.
2984
2985         Test: svg/custom/use-event-retargeting.html
2986
2987         * dom/EventDispatcher.cpp:
2988         (WebCore::eventTargetRespectingTargetRules): Replaced the code that retargeted
2989         events at SVGElementInstance objects with code that retargets them at the use
2990         element instead. Also wrote the code in a simpler way.
2991
2992 2015-02-01  Zan Dobersek  <zdobersek@igalia.com>
2993
2994         [TexMap] Optimize TextureMapperLayer::removeAllChildren()
2995         https://bugs.webkit.org/show_bug.cgi?id=140734
2996
2997         Reviewed by Chris Dumez.
2998
2999         Instead of removing the children from the Vector member one by one,
3000         move the Vector out and iterate through the ex-children, clearing
3001         out the pointer to the parent.
3002
3003         * platform/graphics/texmap/TextureMapperLayer.cpp:
3004         (WebCore::TextureMapperLayer::removeAllChildren):
3005
3006 2015-02-01  Zan Dobersek  <zdobersek@igalia.com>
3007
3008         [TexMap] Avoid unnecessary TransformationMatrix copies in GraphicsLayerTransform
3009         https://bugs.webkit.org/show_bug.cgi?id=140735
3010
3011         Reviewed by Chris Dumez.
3012
3013         * platform/graphics/GraphicsLayerTransform.cpp:
3014         (WebCore::GraphicsLayerTransform::combined): Return a const reference to the matrix.
3015         (WebCore::GraphicsLayerTransform::combinedForChildren): Ditto.
3016         (WebCore::GraphicsLayerTransform::combineTransforms): First copy the parent transform,
3017         then apply the translation and multiplication. Previously this copied the parent
3018         transform into a temporary object, performed the translation and multiplication, and
3019         copied that temporary object again when assigning to the member variable.
3020         (WebCore::GraphicsLayerTransform::combineTransformsForChildren): Mark const. m_childrenDirty
3021         and m_combinedForChildren members are marked mutable.
3022         * platform/graphics/GraphicsLayerTransform.h:
3023
3024 2015-01-31  Myles C. Maxfield  <litherum@gmail.com>
3025
3026         REGRESSION (r177689): Emoji variation sequences rendered incorrectly (as characters from other non-emoji font)
3027         https://bugs.webkit.org/show_bug.cgi?id=141112
3028
3029         Reviewed by Sam Weinig.
3030
3031         Typo in r177689.
3032
3033         Test: platform/mac/fast/text/combining-mark-paint.html
3034
3035         * platform/graphics/mac/ComplexTextControllerCoreText.mm:
3036         (WebCore::ComplexTextController::collectComplexTextRunsForCharacters):
3037
3038 2015-01-31  Commit Queue  <commit-queue@webkit.org>
3039
3040         Unreviewed, rolling out r178183.
3041         https://bugs.webkit.org/show_bug.cgi?id=141132
3042
3043         Caused more mallocing than the volatility saved. (Requested by
3044         kling on #webkit).
3045
3046         Reverted changeset:
3047
3048         "[Cocoa] Make decoded image data purgeable ASAP."
3049         https://bugs.webkit.org/show_bug.cgi?id=140298
3050         http://trac.webkit.org/changeset/178183
3051
3052 2015-01-31  Chris Dumez  <cdumez@apple.com>
3053
3054         Use simpler CachedResourceMap structure in MemoryCache with CACHE_PARTITIONING enabled
3055         https://bugs.webkit.org/show_bug.cgi?id=141110
3056
3057         Reviewed by Antti Koivisto.
3058
3059         Use simpler CachedResourceMap structure in MemoryCache with CACHE_PARTITIONING
3060         enabled. Previously, we would be using a HashMap of HashMap to store
3061         CachedResources. The outer HashMap would use the URL as key and the inner
3062         HashMap would use the partition name as key. This would make traversing the
3063         structure overly complicated, especially considering that the code needs to
3064         traverse a simple HashMap if CACHE_PARTITIONING is disabled.
3065
3066         This patch updates the CachedResourceMap structure to be a simple HashMap,
3067         whose key is an std::pair<URL, String /* partitionName */>. Having a flat
3068         structure simplifies the traversal code a lot and enables more code sharing
3069         between CACHE_PARTITIONING and !CACHE_PARTITIONING. This shouldn't regress
3070         performance because we always have both a URL and a partition name when we
3071         need to look up a resource. We never need to retrieve all resources with
3072         a particular URL.
3073
3074         This patch also switches to using a URL as key instead of a String as we
3075         always have a URL has input.
3076
3077         * loader/cache/MemoryCache.cpp:
3078         (WebCore::MemoryCache::add):
3079         (WebCore::MemoryCache::revalidationSucceeded):
3080         (WebCore::MemoryCache::resourceForRequestImpl):
3081         (WebCore::MemoryCache::removeImageFromCache):
3082         (WebCore::MemoryCache::remove):
3083         After removing the resource from the CachedResourceMap, remove the
3084         sessionID from m_sessionResources if the CachedResourceMap is now
3085         empty. Previously, no code was removing sessionIDs from
3086         m_sessionResources.
3087
3088         (WebCore::MemoryCache::removeResourcesWithOrigin):
3089         (WebCore::MemoryCache::getOriginsWithCache):
3090         (WebCore::MemoryCache::getStatistics):
3091         (WebCore::MemoryCache::setDisabled):
3092         * loader/cache/MemoryCache.h:
3093
3094 2015-01-31  Sam Weinig  <sam@webkit.org>
3095
3096         Merge the iOS implementations of GraphicsContext::drawText and GraphicsContext::drawBidiText with the platform independent ones
3097         https://bugs.webkit.org/show_bug.cgi?id=141131
3098
3099         Reviewed by Antti Koivisto.
3100
3101         * platform/graphics/GraphicsContext.cpp:
3102         (WebCore::GraphicsContext::drawText):
3103         The only difference between the two implementation here was the iOS one returns the length of
3104         the text that was drawn. As all platforms now support that, we can merge by keeping the iOS one.
3105
3106         (WebCore::GraphicsContext::drawBidiText):
3107         This function had a few differences:
3108             - iOS returns the length of the text that was drawn.
3109                 Since this is not used anywhere, I dropped this ability.
3110             - iOS took additional inputs of initial bidi status and run length (and returned the
3111               the final bidi status as an out parameter)
3112                 Since this was also unused, I dropped it.
3113             - iOS used the fact that font.drawText() returns the length that was drawn, to avoid
3114               measuring the text twice.
3115                 I kept this, since all platforms now support this.
3116
3117         * platform/graphics/GraphicsContext.h:
3118         Update signatures. Remove WEBCORE_EXPORT for function that is not used outside of WebCore.
3119
3120 2015-01-31  Andreas Kling  <akling@apple.com>
3121
3122         Shrink RenderBlock.
3123         <https://webkit.org/b/141129>
3124
3125         Reviewed by Antti Koivisto.
3126
3127         Get rid of the bitfield in RenderBlock by moving the essential bits to
3128         RenderElement (plenty of space in the bitfield there.)
3129
3130         RenderBlock also had a cache of its line-height, but it doesn't appear
3131         to help any of the benchmarks that we're tracking so I'd say it's okay
3132         to lose this optimization.
3133
3134         This knocks 8 bytes off of RenderBlock (and all of its subclasses.)
3135
3136         * rendering/RenderBlock.cpp:
3137         (WebCore::RenderBlock::RenderBlock):
3138         (WebCore::RenderBlock::styleDidChange):
3139         (WebCore::RenderBlock::recomputeLogicalWidth):
3140         (WebCore::RenderBlock::lineHeight):
3141         * rendering/RenderBlock.h:
3142         (WebCore::RenderBlock::setHasMarginBeforeQuirk):
3143         (WebCore::RenderBlock::setHasMarginAfterQuirk):
3144         (WebCore::RenderBlock::setHasBorderOrPaddingLogicalWidthChanged):
3145         (WebCore::RenderBlock::hasMarginBeforeQuirk):
3146         (WebCore::RenderBlock::hasMarginAfterQuirk):
3147         (WebCore::RenderBlock::hasBorderOrPaddingLogicalWidthChanged):
3148         * rendering/RenderBlockFlow.cpp:
3149         (WebCore::RenderBlockFlow::layoutInlineChildren):
3150         (WebCore::RenderBlockFlow::invalidateLineLayoutPath):
3151         (WebCore::RenderBlockFlow::deleteLineBoxesBeforeSimpleLineLayout):
3152         (WebCore::RenderBlockFlow::ensureLineBoxes):
3153         * rendering/RenderBlockFlow.h:
3154         (WebCore::RenderBlockFlow::lineLayoutPath):
3155         (WebCore::RenderBlockFlow::setLineLayoutPath):
3156         (WebCore::RenderBlockFlow::setHasMarkupTruncation):
3157         (WebCore::RenderBlockFlow::hasMarkupTruncation):
3158         (WebCore::RenderBlockFlow::simpleLineLayout):
3159         * rendering/RenderElement.cpp:
3160         (WebCore::RenderElement::RenderElement):
3161         * rendering/RenderElement.h:
3162         (WebCore::RenderElement::setRenderBlockHasMarginBeforeQuirk):
3163         (WebCore::RenderElement::setRenderBlockHasMarginAfterQuirk):
3164         (WebCore::RenderElement::setRenderBlockHasBorderOrPaddingLogicalWidthChanged):
3165         (WebCore::RenderElement::renderBlockHasMarginBeforeQuirk):
3166         (WebCore::RenderElement::renderBlockHasMarginAfterQuirk):
3167         (WebCore::RenderElement::renderBlockHasBorderOrPaddingLogicalWidthChanged):
3168         (WebCore::RenderElement::setRenderBlockFlowLineLayoutPath):
3169         (WebCore::RenderElement::setRenderBlockFlowHasMarkupTruncation):
3170         (WebCore::RenderElement::renderBlockFlowLineLayoutPath):
3171         (WebCore::RenderElement::renderBlockFlowHasMarkupTruncation):
3172         * rendering/RenderFlowThread.cpp:
3173         (WebCore::RenderFlowThread::removeLineRegionInfo):
3174
3175 2015-01-31  Chris Dumez  <cdumez@apple.com>
3176
3177         Remove useless PageCache::singleton() call from PageCache member function
3178         https://bugs.webkit.org/show_bug.cgi?id=141127
3179
3180         Reviewed by Andreas Kling.
3181
3182         * history/PageCache.cpp:
3183         (WebCore::PageCache::get):
3184
3185 2015-01-31  Sam Weinig  <sam@webkit.org>
3186
3187         Remove empty #if/#endif
3188
3189         Rubber-stamped by Antti Koivisto.
3190
3191         * platform/graphics/FontPlatformData.h:
3192
3193 2015-01-31  Sam Weinig  <sam@webkit.org>
3194
3195         Remove support for disabling drawing of emoji
3196         https://bugs.webkit.org/show_bug.cgi?id=141126
3197
3198         Reviewed by Antti Koivisto.
3199
3200         Remove unused support for disabling the drawing of emoji.
3201
3202         * WebCore.exp.in:
3203         * platform/graphics/GraphicsContext.cpp:
3204         (WebCore::GraphicsContext::emojiDrawingEnabled): Deleted.
3205         (WebCore::GraphicsContext::setEmojiDrawingEnabled): Deleted.
3206         * platform/graphics/GraphicsContext.h:
3207         (WebCore::GraphicsContextState::GraphicsContextState):
3208         * platform/graphics/cocoa/FontCascadeCocoa.mm:
3209         (WebCore::FontCascade::drawGlyphs):
3210
3211 2015-01-31  Sam Weinig  <sam@webkit.org>
3212
3213         Remove even more Mountain Lion support
3214         https://bugs.webkit.org/show_bug.cgi?id=141124
3215
3216         Reviewed by Alexey Proskuryakov.
3217
3218         * Configurations/Base.xcconfig:
3219         * Configurations/DebugRelease.xcconfig:
3220         * Configurations/FeatureDefines.xcconfig:
3221         * Configurations/Version.xcconfig:
3222         * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
3223         (-[WebAccessibilityObjectWrapper accessibilityActionNames]):
3224         (-[WebAccessibilityObjectWrapper subrole]):
3225         * platform/graphics/ca/mac/PlatformCALayerMac.mm:
3226         (PlatformCALayer::drawLayerContents):
3227         * platform/mac/ThemeMac.mm:
3228         (-[WebCoreThemeView _focusRingVisibleRect]):
3229
3230 2015-01-30  Sam Weinig  <sam@webkit.org>
3231
3232         Merge SimpleFontDataIOS.mm and SimpleFontDataMac.mm into FontCocoa.mm
3233         https://bugs.webkit.org/show_bug.cgi?id=141101
3234
3235         Rubber-stamped by Dan Bernstein.
3236
3237         * WebCore.xcodeproj/project.pbxproj:
3238         Remove SimpleFontDataIOS.mm and SimpleFontDataMac.mm. Add FontCocoa.mm.
3239
3240         * platform/graphics/Font.h:
3241         Remove a few CG only functions from the header that can be implemented as static functions
3242         in the implementation file.
3243
3244         * platform/graphics/cocoa/FontCocoa.mm: Copied from Source/WebCore/platform/graphics/mac/SimpleFontDataMac.mm.
3245         (WebCore::fontFamilyShouldNotBeUsedForArabic):
3246         (WebCore::Font::platformInit):
3247         (WebCore::Font::platformCharWidthInit):
3248         (WebCore::Font::platformCreateScaledFont):
3249         (WebCore::Font::determinePitch):
3250         (WebCore::renderingStyle):
3251         (WebCore::advanceForColorBitmapFont):
3252         (WebCore::hasCustomTracking):
3253         (WebCore::canUseFastGlyphAdvanceGetter):
3254         (WebCore::Font::platformWidthForGlyph):
3255         (WebCore::Font::compositeFontReferenceFont):
3256         (WebCore::copyFontTableForTag): Deleted.
3257         (WebCore::Font::renderingStyle): Deleted.
3258         Merge in the iOS specific parts.
3259
3260         * platform/graphics/ios/SimpleFontDataIOS.mm: Removed.
3261         * platform/graphics/mac/SimpleFontDataMac.mm: Removed.
3262
3263 2015-01-31  Zalan Bujtas  <zalan@apple.com>
3264
3265         Regression(r179438) Simple line layout: ASSERTION at SimpleLineLayout::FlowContentsIterator::runWidth().
3266         https://bugs.webkit.org/show_bug.cgi?id=141121
3267
3268         Reviewed by Antti Koivisto.
3269
3270         When a breakable text fragment does not fit the current line, we split it.
3271         The first part stays on the current line, while the second part gets pushed to the next line.
3272         In certain cases, the first part could end up being empty.
3273         This patch ensures that we don't measure empty fragments.
3274
3275         Covered by existing tests.
3276
3277         * rendering/SimpleLineLayout.cpp:
3278         (WebCore::SimpleLineLayout::splitFragmentToFitLine):
3279
3280 2015-01-31  Commit Queue  <commit-queue@webkit.org>
3281
3282         Unreviewed, rolling out r179426.
3283         https://bugs.webkit.org/show_bug.cgi?id=141119
3284
3285         "caused a memory use regression" (Requested by Guest45 on
3286         #webkit).
3287
3288         Reverted changeset:
3289
3290         "Use FastMalloc (bmalloc) instead of BlockAllocator for GC
3291         pages"
3292         https://bugs.webkit.org/show_bug.cgi?id=140900
3293         http://trac.webkit.org/changeset/179426
3294
3295 2015-01-30  Zalan Bujtas  <zalan@apple.com>
3296
3297         Simple line layout: Improve FlowContentsIterator::TextFragment's encapsulation.
3298         https://bugs.webkit.org/show_bug.cgi?id=141090
3299
3300         Reviewed by Andreas Kling.
3301
3302         Make members private to avoid accidental change in TextFragment.
3303
3304         No change in functionality.
3305
3306         * rendering/SimpleLineLayout.cpp:
3307         (WebCore::SimpleLineLayout::LineState::addFragment):
3308         (WebCore::SimpleLineLayout::LineState::addWhitespace):
3309         (WebCore::SimpleLineLayout::splitFragmentToFitLine):
3310         (WebCore::SimpleLineLayout::firstFragment):
3311         (WebCore::SimpleLineLayout::createLineRuns):
3312         * rendering/SimpleLineLayoutFlowContentsIterator.cpp:
3313         (WebCore::SimpleLineLayout::FlowContentsIterator::nextTextFragment):
3314         * rendering/SimpleLineLayoutFlowContentsIterator.h:
3315         (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::TextFragment):
3316         (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::start):
3317         (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::end):
3318         (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::width):
3319         (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::type):
3320         (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::isCollapsed):
3321         (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::isBreakable):
3322         (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::isEmpty):
3323
3324 2015-01-30  Zalan Bujtas  <zalan@apple.com>
3325
3326         Simple line layout: Make LineState fragment handling simpler.
3327         https://bugs.webkit.org/show_bug.cgi?id=141100
3328
3329         Reviewed by Andreas Kling.
3330
3331         New fragments are appeneded to the Run's last entry
3332         instead of accumulating them until after a new run is required. 
3333         (whitespace collapse or line end)
3334         LineState::appendFragment manages whitespace collapsing now.
3335         This makes createLineRuns() logic lighter and no need to "flush"
3336         the LineState when the line ends.
3337
3338         No change in functionality.
3339
3340         * rendering/SimpleLineLayout.cpp: Make LineState members private and introduce getters.
3341         (WebCore::SimpleLineLayout::LineState::setAvailableWidth):
3342         (WebCore::SimpleLineLayout::LineState::setLogicalLeftOffset):
3343         (WebCore::SimpleLineLayout::LineState::setOverflowedFragment):
3344         (WebCore::SimpleLineLayout::LineState::availableWidth):
3345         (WebCore::SimpleLineLayout::LineState::logicalLeftOffset):
3346         (WebCore::SimpleLineLayout::LineState::overflowedFragment):
3347         (WebCore::SimpleLineLayout::LineState::hasTrailingWhitespace):
3348         (WebCore::SimpleLineLayout::LineState::isWhitespaceOnly):
3349         (WebCore::SimpleLineLayout::LineState::fits):
3350         (WebCore::SimpleLineLayout::LineState::firstCharacterFits):
3351         (WebCore::SimpleLineLayout::LineState::width):
3352         (WebCore::SimpleLineLayout::LineState::appendFragment): Append each fragment to the Run 
3353         by either creating a new run or expanding the last one.
3354         (WebCore::SimpleLineLayout::LineState::removeTrailingWhitespace): Remove trailing whitespace from
3355         the Run's and reset the trailing whitespace variables.
3356         (WebCore::SimpleLineLayout::removeTrailingWhitespace):
3357         (WebCore::SimpleLineLayout::updateLineConstrains):
3358         (WebCore::SimpleLineLayout::firstFragment):
3359         (WebCore::SimpleLineLayout::createLineRuns):
3360         (WebCore::SimpleLineLayout::closeLineEndingAndAdjustRuns):
3361         (WebCore::SimpleLineLayout::createTextRuns):
3362         (WebCore::SimpleLineLayout::LineState::createRun): Deleted.
3363         (WebCore::SimpleLineLayout::LineState::addFragment): Deleted.
3364         (WebCore::SimpleLineLayout::LineState::addWhitespace): Deleted.
3365         (WebCore::SimpleLineLayout::LineState::hasWhitespaceOnly): Deleted.
3366
3367 2015-01-30  Chris Dumez  <cdumez@apple.com>
3368
3369         Drop HistoryItem's m_prev / m_next
3370         https://bugs.webkit.org/show_bug.cgi?id=141105
3371
3372         Reviewed by Zalan Bujtas.
3373
3374         Drop HistoryItem's m_prev / m_next. Those are no longer needed after
3375         the PageCache refactoring in <http://trac.webkit.org/r179347>.
3376
3377         * history/HistoryItem.cpp:
3378         (WebCore::HistoryItem::HistoryItem):
3379         * history/HistoryItem.h:
3380
3381 2015-01-30  Jeongmin Kim  <jm86.kim@lge.com>
3382
3383         Update the comment in RenderLayer for clarity as related code location is changed
3384         https://bugs.webkit.org/show_bug.cgi?id=141103
3385
3386         Reviewed by Simon Fraser.
3387
3388         Update the comment in RenderLayer for clarity as related code location is changed
3389         The repainting in implicitClose() that is now called in setVisualUpdatesAllowed(bool) is removed
3390
3391         * rendering/RenderLayer.cpp:
3392         (WebCore::shouldSuppressPaintingLayer):
3393         * rendering/RenderLayerCompositor.cpp:
3394         (WebCore::RenderLayerCompositor::updateCompositingLayers):
3395
3396 2015-01-30  Chris Dumez  <cdumez@apple.com>
3397
3398         Optimize MemoryCache::getSessionMap() a bit
3399         https://bugs.webkit.org/show_bug.cgi?id=141069
3400
3401         Reviewed by Anders Carlsson.
3402
3403         Optimize MemoryCache::getSessionMap() a bit by doing 1 HashMap lookup
3404         instead of previously 3. Also rename the method to
3405         ensureSessionResourceMap() as we usually don't use "get" prefix for
3406         getters and the implementation will also create the HashMap value if
3407         the key is not found.
3408
3409         Also