2015-07-23  Alexey Proskuryakov  <ap@apple.com>

        Merge r186677, which is a follow-up fix to r186642.

    2015-07-10  Brady Eidson  <beidson@apple.com>

            ASSERT restoring from page cache as DocumentLoader reattaches to its Frame.
            <rdar://problem/21766282> and https://bugs.webkit.org/show_bug.cgi?id=146786

            Reviewed by NOBODY (Fixing obvious boneheaded mistake in r186642)

            No new tests (Covered by existing)

            * loader/DocumentLoader.cpp:
            (WebCore::DocumentLoader::attachToFrame): Bail if reattaching to the current Frame,
              which happens when restoring from the page cache.

2015-07-22  Babak Shafiei  <bshafiei@apple.com>

        Merge r187183.

    2015-07-22  Jeremy Jones  <jeremyj@apple.com>

            Fix fullscreen and PiP video animation and sizing regressions.
            https://bugs.webkit.org/show_bug.cgi?id=147189
            <rdar://problem/21930899>

            Reviewed by Jer Noble.

            Fixes WK1 specific regressions introduced by r187044. Flicker when entering fullscreen,
            wrong animation and missing initial animation rects.

            * platform/ios/WebVideoFullscreenControllerAVKit.mm:
            (elementRectInWindow): Added.
            (WebVideoFullscreenControllerContext::didSetupFullscreen): Clear background decreases flash.
            (WebVideoFullscreenControllerContext::fullscreenMayReturnToInline): Use consistent inline rect.
            (WebVideoFullscreenControllerContext::setVideoLayerFrame): 
            Clear the transform on the web thread instead of on the UI thread.
            (WebVideoFullscreenControllerContext::setUpFullscreen): Use consistent inline rect.
            (WebVideoFullscreenControllerContext::exitFullscreen): Use consistent inline rect.
            * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: 
            (-[WebAVPlayerLayer resolveBounds]): Clear transform after setting frame.

2015-07-22  Babak Shafiei  <bshafiei@apple.com>

        Merge r187181.

    2015-07-22  Jeremy Jones  <jeremyj@apple.com>

            Adopt AVKit's AVSimplePlayerLayerView change for PiP.
            https://bugs.webkit.org/show_bug.cgi?id=147186
            <rdar://problem/21928170>

            Reviewed by Jer Noble.

            Adopt AVKit changes by inheriting from UIView instead of from AVPictureInPicturePlayerLayerView.

            * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
            (WebAVPlayerLayerView_layerClass): Style.
            (WebAVPlayerLayerView_playerController): Style.
            (WebAVPlayerLayerView_videoView): Style.
            (getWebAVPictureInPicturePlayerLayerViewClass): Inherit from UIView.

2015-07-21  Alexey Proskuryakov  <ap@apple.com>

        Merge r186980.

    2015-07-17  Simon Fraser  <simon.fraser@apple.com>

            Attempt to fix the build.

            * html/HTMLMediaElement.cpp:
            (WebCore::HTMLMediaElement::webkitCurrentPlaybackTargetIsWireless):
            * html/HTMLMediaElement.h:

2015-07-21  Babak Shafiei  <bshafiei@apple.com>

        Merge r187128.

    2015-07-21  Tim Horton  <timothy_horton@apple.com>

            Placing video in fullscreen caused WebKit crash at WebCore::Range::textQuads
            https://bugs.webkit.org/show_bug.cgi?id=147166
            <rdar://problem/21928558>

            Reviewed by Simon Fraser.

            * editing/FrameSelection.cpp:
            (WebCore::FrameSelection::getClippedVisibleTextRectangles):
            Check the Range, as always.

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r187098. rdar://problem/21878275

    2015-07-20  Ada Chan  <adachan@apple.com>

            Follow-up to my earlier fix for r147085
            https://bugs.webkit.org/show_bug.cgi?id=147085

            Reviewed by Eric Carlson.

            * Modules/webaudio/AudioContext.cpp:
            (WebCore::AudioContext::isPlayingAudioDidChange):
            Null-check document() before dereferencing it in case the audio context's document is destroyed
            by the time the code block is called on the main thread.

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r187053. rdar://problem/21778212

    2015-07-20  Nan Wang  <n_wang@apple.com>

            AX: Selection change as a result of focusing an element may cause Safari to crash
            https://bugs.webkit.org/show_bug.cgi?id=147052
            <rdar://problem/21778212>

            Reviewed by Chris Fleizach.

            When focusing an element, it may trigger a deferred layout that invalidates the render
            element, which will cause axObjectCache() to be a nullptr, and lead to a crash. Fix that
            by using a RefPtr to hold the object and also caching the axObjectCache().

            Test: platform/mac/accessibility/focus-crash.html

            * accessibility/AccessibilityRenderObject.cpp:
            (WebCore::AccessibilityRenderObject::setFocused):
            (WebCore::AccessibilityRenderObject::setSelectedRows):

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r187044. rdar://problem/21661808

    2015-07-20  Jeremy Jones  <jeremyj@apple.com>

            Adopt AVPlayerLayerView
            https://bugs.webkit.org/show_bug.cgi?id=146862

            Reviewed by Jer Noble.

            The CALayerHost is replaced with WebLayerHostView to be compatible with UIView animations.
            Some animation is improved in the conversion.

            WebAVPlayerLayerView and WebAVPictureInPicturePlayerLayerView derive from AVKit and UIKit respectively.
            Because these frameworks are loaded at runtime, these classes must be generate using objc/runtime.h to
            register them from c functions at runtime. The most important part of these UIViews is that their
            backing layer is a WebAVPlayerLayer.

            WebCALayerHostWrapper and WebAVVideoLayer are combined into WebAVPlayerLayer to simplify the hierarchy.
            WebAVPlayerLayer is a stand-in for an AVPlayerLayer.

            * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
            (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenLayer): -removeFromSuperlayer is redundant.
            (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenGravity): syncTextTrackBounds on change.
            (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenFrame):
            We never want animation here, since all animation will happen in UIViews.
            This is just for going into the final size after a transform based animation.

            * platform/ios/WebVideoFullscreenControllerAVKit.mm:
            (WebVideoFullscreenControllerContext::didSetupFullscreen): layer -> view
            (WebVideoFullscreenControllerContext::didCleanupFullscreen): layer -> view
            (WebVideoFullscreenControllerContext::setUpFullscreen): layer -> view

            (WebVideoFullscreenControllerContext::setVideoLayerFrame): layer -> view
            Use fence port to synchronize between the UIThread and the WebThread,
            the same way WebKit2 uses a fence port to synchronize between processes.

            (WebVideoFullscreenControllerContext::setVideoLayerGravity):
            No longer necessary to cache videoGravity at this level.

            * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
            * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:

            (-[WebAVPlayerLayer init]):
            (-[WebAVPlayerLayer dealloc]):
            (-[WebAVPlayerLayer playerController]):
            (-[WebAVPlayerLayer setBounds:]):
            (-[WebAVPlayerLayer resolveBounds]):
            (-[WebAVPlayerLayer setVideoGravity:]):
            (-[WebAVPlayerLayer videoGravity]):
            (-[WebAVPlayerLayer videoRect]):
            (+[WebAVPlayerLayer keyPathsForValuesAffectingVideoRect]):
            Added class WebAVPlayerLayer, replacing WebAVVideoLayer and WebCALayerHostWrapper.

            (WebAVPictureInPicturePlayerLayerView_layerClass):
            (getWebAVPictureInPicturePlayerLayerViewClass):
            Added runtime class WebAVPictureInPicturePlayerLayerView

            (WebAVPlayerLayerView_layerClass):
            (WebAVPlayerLayerView_playerController):
            (WebAVPlayerLayerView_setPlayerController):
            (WebAVPlayerLayerView_videoView):
            (WebAVPlayerLayerView_setVideoView):
            (WebAVPlayerLayerView_startRoutingVideoToPictureInPicturePlayerLayerView):
            (WebAVPlayerLayerView_stopRoutingVideoToPictureInPicturePlayerLayerView):
            (WebAVPlayerLayerView_pictureInPicturePlayerLayerView):
            (getWebAVPlayerLayerViewClass):
            Added runtime class WebAVPlayerLayerView

            (WebVideoFullscreenInterfaceAVKit::setVideoDimensions):
            Dimensions are also stored in WebAVPlayerLayer so it can make decisions about
            animating the video layer.

            (WebVideoFullscreenInterfaceAVKit::setExternalPlayback):
            (WebVideoFullscreenInterfaceAVKit::enterFullscreen):
            (WebVideoFullscreenInterfaceAVKit::didStopPictureInPicture):
            (WebVideoFullscreenInterfaceAVKit::cleanupFullscreen):
            Straightforward layer to view conversion.

            (WebVideoFullscreenInterfaceAVKit::preparedToReturnToInline):
            Set view frame using the view hierarchy instead of assuming it is directly in a window.

            (WebVideoFullscreenInterfaceAVKit::exitFullscreen):
            Set view frame using the view hierarchy instead of assuming it is directly in a window.
            dispatch_async before calling didExitFullscreen() to allows CATransactions to complete.

            (WebVideoFullscreenInterfaceAVKit::setupFullscreen):
            Set view frame using the view hierarchy instead of assuming it is directly in a window.
            dispatch_async before calling didSetupFullscreen() to allows CATransactions to complete.

            (-[WebCALayerHostWrapper dealloc]): Deleted.
            (-[WebCALayerHostWrapper setVideoSublayer:]): Deleted.
            (-[WebCALayerHostWrapper videoSublayer]): Deleted.
            (-[WebCALayerHostWrapper setBounds:]): Deleted.
            (-[WebCALayerHostWrapper resolveBounds]): Deleted.
            Class WebCALayerHostWrapper deleted. Functionality rolled into WebAVPlayerLayer.

            (+[WebAVVideoLayer videoLayer]): Deleted.
            (-[WebAVVideoLayer init]): Deleted.
            (-[WebAVVideoLayer setPlayerViewController:]): Deleted.
            (-[WebAVVideoLayer setVideoSublayer:]): Deleted.
            (-[WebAVVideoLayer setBounds:]): Deleted.
            (-[WebAVVideoLayer setVideoLayerGravity:]): Deleted.
            (-[WebAVVideoLayer videoLayerGravity]): Deleted.
            (-[WebAVVideoLayer enterPIPModeRedirectingVideoToLayer:]): Deleted.
            (-[WebAVVideoLayer leavePIPMode]): Deleted.
            Class WebAVVideoLayer deleted. Functionality rolled into WebAVPlayerLayer.

            * platform/ios/WebVideoFullscreenModel.h:
            * platform/ios/WebVideoFullscreenModelVideoElement.h:
            * platform/ios/WebVideoFullscreenModelVideoElement.mm:
            No need to store frame and gravity in the model. It is stored in the UI where it is used.

            (WebVideoFullscreenModelVideoElement::videoLayerFrame): Deleted.
            (WebVideoFullscreenModelVideoElement::videoLayerGravity): Deleted.
            * platform/spi/cocoa/AVKitSPI.h: Add AVPlayerLayerView.

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r187039. rdar://problem/21474317

    2015-07-20  Tim Horton  <timothy_horton@apple.com>

            REGRESSION (r174287): Flash of black when opening a new web view or navigating to a new page
            https://bugs.webkit.org/show_bug.cgi?id=147127
            <rdar://problem/21474317>

            Reviewed by Simon Fraser.

            * rendering/RenderView.cpp:
            (WebCore::RenderView::paintBoxDecorations):
            Avoid using an invalid documentBackgroundColor, fall back to baseBackgroundColor
            like we did before r174287.

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186910. rdar://problem/21863296

    2015-07-16  Benjamin Poulain  <bpoulain@apple.com>

            [Content extensions] Combine suffixes when generating NFAs
            https://bugs.webkit.org/show_bug.cgi?id=146961

            Reviewed by Alex Christensen.

            In this patch, I add a mechanism very similar to the prefix tree
            but for the suffix (called a reverse suffix tree here).

            The idea is here is to reuse the existing NFA nodes when generating
            a chain of suffix Term that were already generated previously.
            When generating a disjunction ending with the same suffix, we now
            have the same trailing NFA nodes for both sides of the disjunction.

            Mixing the prefix and suffix generation can be tricky, we do not want
            transitions from a pattern to creep into the suffix of an other.

            To avoid any conflict, the rules here are very simple:
            -Only use the reverse suffix tree for terms without actions
             up to a leaf term with actions.

             This rule ensure that no action will accidentally make its way
             to an other rule by resuing a vertex of the reverse suffix tree.

            -Only use the reverse suffix tree for chains of terms in which
             each term only has zero or one following term.

             With this condition, when taking any vertex of the reverse suffix
             tree, there is only one edge that move out of that vertex when reading
             from left to right.
             For any vertex, there is only one possible string generated
             left-to-right, a single suffix.

            This is overly restrictive but it is fast, easier to verify, and it works
            well in practice.
            For all the more complicated cases, we can count on the Minimizer to
            find a better solution.


            With all the simple suffixes merged, our NFAs are smaller, which
            let us combine more patterns.
            The DFAs are also smaller and faster to produce since their size
            is relative to the NFA sizes.

            Overall, I get the following gains:
            -Chris's test case:
                compile time -40%.
                bytecode size -14%.
            -Armand's test case:
                compile time -53%.
                bytecode size -13%.

            * WebCore.xcodeproj/project.pbxproj:
            * contentextensions/CombinedURLFilters.cpp:
            (WebCore::ContentExtensions::ActiveSubtree::ActiveSubtree):
            (WebCore::ContentExtensions::generateInfixUnsuitableForReverseSuffixTree):
            (WebCore::ContentExtensions::generateSuffixWithReverseSuffixTree):
            (WebCore::ContentExtensions::clearReverseSuffixTree):
            (WebCore::ContentExtensions::generateNFAForSubtree):
            * contentextensions/DFA.cpp:
            (WebCore::ContentExtensions::DFA::debugPrintDot):
            Forgot to close a tag, dot was not happy.

            * contentextensions/HashableActionList.h: Added.
            (WebCore::ContentExtensions::HashableActionList::HashableActionList):
            (WebCore::ContentExtensions::HashableActionList::isEmptyValue):
            (WebCore::ContentExtensions::HashableActionList::isDeletedValue):
            (WebCore::ContentExtensions::HashableActionList::operator==):
            (WebCore::ContentExtensions::HashableActionList::operator!=):
            (WebCore::ContentExtensions::HashableActionListHash::hash):
            (WebCore::ContentExtensions::HashableActionListHash::equal):
            We need a way to group reverse suffix tree by their terminal actions.
            This new hash structure lets us find unique vertex for a list of actions
            in any order.

            * contentextensions/ImmutableNFANodeBuilder.h:
            (WebCore::ContentExtensions::ImmutableNFANodeBuilder::isValid):
            (WebCore::ContentExtensions::ImmutableNFANodeBuilder::nodeId):
            (WebCore::ContentExtensions::ImmutableNFANodeBuilder::addTransition):
            (WebCore::ContentExtensions::ImmutableNFANodeBuilder::addEpsilonTransition):
            (WebCore::ContentExtensions::ImmutableNFANodeBuilder::ImmutableNFANodeBuilder): Deleted.
            (WebCore::ContentExtensions::ImmutableNFANodeBuilder::~ImmutableNFANodeBuilder): Deleted.
            (WebCore::ContentExtensions::ImmutableNFANodeBuilder::operator=): Deleted.
            * contentextensions/Term.h:
            (WebCore::ContentExtensions::Term::generateGraph):
            (WebCore::ContentExtensions::Term::generateSubgraphForAtom):
            Node building changes a bit.

            Previously, it was assumed nodes are always built from left to right.
            Getting the node on the right was done by providing the left node and the term
            doing the transition.

            Now we have both left to right and right to left generation.

            The right-to-left has a specific property: no edge can be added after
            it's initial term (rule 2 of our reverse suffix tree). This simplifies
            things a bit since we can finalize all the nodes in the suffix tree.
            All we need is to keep their ID to be able to link new nodes
            to the reverse suffix tree.

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186715. rdar://problem/21863296

    2015-07-11  Benjamin Poulain  <benjamin@webkit.org>

            Fix CONTENT_EXTENSIONS_STATE_MACHINE_DEBUGGING
            https://bugs.webkit.org/show_bug.cgi?id=146879

            Reviewed by Andreas Kling.

            Some of my recent changes broke CONTENT_EXTENSIONS_STATE_MACHINE_DEBUGGING :(

            * contentextensions/CombinedURLFilters.cpp:
            (WebCore::ContentExtensions::prefixTreeVertexToString):
            (WebCore::ContentExtensions::recursivePrint):
            (WebCore::ContentExtensions::CombinedURLFilters::print):
            * contentextensions/ContentExtensionsDebugging.h:
            * contentextensions/DFA.cpp:
            (WebCore::ContentExtensions::DFA::debugPrintDot):

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186955. rdar://problem/14489674

    2015-07-17  Mark Lam  <mark.lam@apple.com>

            Remove leak of objects between isolated worlds on custom events, message events, and pop state events.
            https://bugs.webkit.org/show_bug.cgi?id=118884

            Reviewed by Filip Pizlo and Mark Lam.
            Patch by Keith Miller  <keith_miller@apple.com>.

            Tests: fast/events/event-leak-objects.html
                   fast/events/event-properties-gc.html

            Fixes an issue where objects passed as certain properties of events could cross isolated worlds. This
            was fixed by checking that any object passed by an event must be serializable or originate from the same
            isolated world as the one it is currently being accessed in. In the case of MessageEvents and PopStateEvents we
            cache the values of the data and state properties, respectively, as they may be a deserialized object. In case
            an object was deserialized in a world with elevated privileges we also check the cached value is from the same
            world, if it is from a different world we recompute it. For testing purposes, I added a new function to Internals
            that determines whether a JSObject originated in the current world.

            * CMakeLists.txt:
            * WebCore.xcodeproj/project.pbxproj:
            * bindings/js/DOMWrapperWorld.h:
            (WebCore::worldForDOMObject):
            * bindings/js/JSBindingsAllInOne.cpp:
            * bindings/js/JSCustomEventCustom.cpp: Copied from Source/WebCore/dom/CustomEvent.cpp.
            (WebCore::JSCustomEvent::detail):
            * bindings/js/JSMessageEventCustom.cpp:
            (WebCore::JSMessageEvent::data):
            * bindings/js/JSPopStateEventCustom.cpp:
            (WebCore::JSPopStateEvent::state):
            * dom/CustomEvent.cpp:
            (WebCore::CustomEvent::initCustomEvent):
            (WebCore::CustomEvent::trySerializeDetail):
            * dom/CustomEvent.h:
            * dom/CustomEvent.idl:
            * dom/MessageEvent.cpp:
            (WebCore::MessageEvent::initMessageEvent):
            (WebCore::MessageEvent::trySerializeData):
            * dom/MessageEvent.h:
            * dom/PopStateEvent.cpp:
            (WebCore::PopStateEvent::trySerializeState):
            * dom/PopStateEvent.h:
            * testing/Internals.cpp:
            (WebCore::Internals::isFromCurrentWorld):
            * testing/Internals.h:
            * testing/Internals.idl:

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r187035. rdar://problem/21712311

    2015-07-20  Andreas Kling  <akling@apple.com>

            Unreviewed assertion fix following r187031.

            Just have GenericEventQueue::resume() return early if the queue isn't suspended.
            Suspend/Resume calls are not always symmetrical in HTMLMediaElement.

            * dom/GenericEventQueue.cpp:
            (WebCore::GenericEventQueue::resume):

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r187031. rdar://problem/21712311

    2015-07-20  Andreas Kling  <akling@apple.com>

            Improve behavior of media elements in page cache.
            <https://webkit.org/b/147020>
            <rdar://problem/21712311>

            Reviewed by Chris Dumez.

            Make improvements for media elements when transitioning in/out of page cache:

            - Events that were scheduled when going into cache will now be delivered
              when the page is restored from cache.

            - Data buffering is turned off while in the cache. This reduces the memory
              cost of cached pages with media elements on iOS (where mediaserverd would
              keep upcoming video frames in memory for cached pages.)

            Test: media/restore-from-page-cache.html (amended)

            * dom/GenericEventQueue.h:
            * dom/GenericEventQueue.cpp:
            (WebCore::GenericEventQueue::enqueueEvent):
            (WebCore::GenericEventQueue::suspend):
            (WebCore::GenericEventQueue::resume):

                Add a simple suspend/resume mechanism to GenericEventQueue that can
                be used to support page caching.

            * html/HTMLMediaElement.cpp:
            (WebCore::HTMLMediaElement::stop):
            (WebCore::HTMLMediaElement::suspend):
            (WebCore::HTMLMediaElement::resume):
            (WebCore::HTMLMediaElement::stopWithoutDestroyingMediaPlayer):

                Adapt to event queueing changes and add calls to setShouldBufferData().

            * html/HTMLSourceElement.h:
            * html/HTMLSourceElement.cpp:
            (WebCore::HTMLSourceElement::HTMLSourceElement):
            (WebCore::HTMLSourceElement::create):
            (WebCore::HTMLSourceElement::activeDOMObjectName):
            (WebCore::HTMLSourceElement::canSuspendForPageCache):
            (WebCore::HTMLSourceElement::suspend):
            (WebCore::HTMLSourceElement::resume):
            (WebCore::HTMLSourceElement::stop):

                Turn HTMLSourceElement into an ActiveDOMObject so it gets all the
                appropriate page cache notifications directly. Suspend the delayed
                error event delivery timer when cached.

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r187025. rdar://problem/21878275

    2015-07-18  Ada Chan  <adachan@apple.com>

            Fix deadlock between -[AVPlayerItem currentTime] and -[AVPlayer isExternalPlaybackActive]
            https://bugs.webkit.org/show_bug.cgi?id=147085
            <rdar://problem/21878275>

            Reviewed by Jer Noble.

            * Modules/webaudio/AudioContext.cpp:
            (WebCore::AudioContext::isPlayingAudioDidChange):
            Call Document::updateIsPlayingMedia() on the main thread, since we could be on the audio I/O
            thread here and the Document::updateIsPlayingMedia() call could block, causing a deadlock.

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186991. rdar://problem/21643094

    2015-07-18  David Kilzer  <ddkilzer@apple.com>

            REGRESSION (r186976): Use piFloat instead of M_PI

            Attempt to fix the following build failure:

                PathUtilities.cpp(183): error C2065: 'M_PI' : undeclared identifier [...\Source\WebCore\WebCore.vcxproj\WebCore.vcxproj]

            * platform/graphics/PathUtilities.cpp:
            (WebCore::walkGraphAndExtractPolygon): Use piFloat since M_PI is
            not defined on Windows.

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186990. rdar://problem/21643094

    2015-07-18  David Kilzer  <ddkilzer@apple.com>

            REGRESSION (r186976): Windows build broke due to missing definition of M_PI

            Attempt to fix the following build failure:

                PathUtilities.cpp(182): error C2065: 'M_PI' : undeclared identifier [...\Source\WebCore\WebCore.vcxproj\WebCore.vcxproj]

            * platform/graphics/PathUtilities.cpp: Include <wtf/MathExtras.h>.

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186982. rdar://problem/21567820

    2015-07-17  Andy Estes  <aestes@apple.com>

            [iOS] Further tighten the sandbox around pages fetched with Content-Disposition: attachment
            https://bugs.webkit.org/show_bug.cgi?id=147044
            rdar://problem/21567820

            Reviewed by Brady Eidson.

            In addition to placing resources fetched with 'Content-Disposition: attachment' in a unique origin,
            this change does the following:

            - Switches the sandbox type from SandboxOrigin to SandboxAll, which enforces the same restrictions as <iframe sandbox>.
            - Disables processing of <meta http-equiv> elements.
            - Disables loading of cross-origin subframes.

            Tests: http/tests/contentdispositionattachmentsandbox/cross-origin-frames-disabled.html
                   http/tests/contentdispositionattachmentsandbox/form-submission-disabled.html
                   http/tests/contentdispositionattachmentsandbox/http-equiv-disabled.html
                   http/tests/contentdispositionattachmentsandbox/plugins-disabled.html
                   http/tests/contentdispositionattachmentsandbox/scripts-disabled.html

            * dom/Document.cpp:
            (WebCore::Document::processHttpEquiv): Switched to calling Document::httpEquivPolicy(). Logged an error to the console for policies other than Enabled.
            (WebCore::Document::initSecurityContext): Switched sandbox enforcement from SandboxOrigin to SandboxAll.
            (WebCore::Document::httpEquivPolicy): Returned a HttpEquivPolicy based on shouldEnforceContentDispositionAttachmentSandbox() and Settings::httpEquivEnabled().
            (WebCore::Document::shouldEnforceContentDispositionAttachmentSandbox): Returned true if Settings::contentDispositionAttachmentSandboxEnabled()
            and the document was fetched as an attachment.
            * dom/Document.h:
            * loader/cache/CachedResourceLoader.cpp:
            (WebCore::CachedResourceLoader::canRequest): When requesting a subframe main resource when the parent frame enforces an attachment sandbox,
            only continue if the parent frame's SecurityOrigin allows the request.
            * page/Settings.in: Added contentDispositionAttachmentSandboxEnabled with an initial value of false.

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186979. rdar://problem/19192076

    2015-07-17  Dean Jackson  <dino@apple.com>

            Picture in Picture interacts poorly with AirPlay/HDMI
            https://bugs.webkit.org/show_bug.cgi?id=147061
            <rdar://problem/19192076>

            Reviewed by Tim Horton.

            When we are actively playing to an external target, the
            picture in picture button should be hidden.

            Also, the availability of picture in picture is also
            dependent on AirPlay, so that we don't auto-pip when
            we're displaying on a TV.

            * Modules/mediacontrols/mediaControlsiOS.js:
            (ControllerIOS.prototype.configureInlineControls): Call the update function.
            (ControllerIOS.prototype.updatePictureInPictureButton): Add or remove a hidden class.
            * html/MediaElementSession.cpp:
            (WebCore::MediaElementSession::allowsPictureInPicture): Check Airplay status.

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186978. rdar://problem/21643094

    2015-07-17  Tim Horton  <timothy_horton@apple.com>

            [iOS] TextIndicator has a large forehead when line-height > 1
            https://bugs.webkit.org/show_bug.cgi?id=147058
            <rdar://problem/21643094>

            Reviewed by Dean Jackson.

            * editing/FrameSelection.cpp:
            (WebCore::FrameSelection::getClippedVisibleTextRectangles):
            * editing/FrameSelection.h:
            Add a parameter controlling whether getClippedVisibleTextRectangles
            returns selection-height rects (including extra line-height) or text-height
            rects (including only the text height). Plumb it down.

            * page/TextIndicator.cpp:
            (WebCore::TextIndicator::createWithRange):
            (WebCore::TextIndicator::createWithSelectionInFrame):
            Use the tighter text-height rects on iOS, where there's no selection highlight to cover up.
            Remove an assertion that is no longer always true, and which is mostly obsoleted by the
            fact that we don't let FrameSnapshotting code arbitrarily decide the rect to snapshot anymore.

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186976. rdar://problem/21643094

    2015-07-17  Tim Horton  <timothy_horton@apple.com>

            Improve rect shrink-wrapping algorithm
            https://bugs.webkit.org/show_bug.cgi?id=147037
            <rdar://problem/21643094>

            Reviewed by Simon Fraser.

            * platform/graphics/FloatPoint.h:
            (WebCore::areEssentiallyEqual):
            Added; implementation is the same as FloatSize's.

            * platform/graphics/PathUtilities.cpp:
            (WebCore::FloatPointGraph::FloatPointGraph):
            (WebCore::FloatPointGraph::~FloatPointGraph):
            (WebCore::FloatPointGraph::Node::Node):
            (WebCore::FloatPointGraph::Node::nextPoints):
            (WebCore::FloatPointGraph::Node::addNextPoint):
            (WebCore::FloatPointGraph::Node::isVisited):
            (WebCore::FloatPointGraph::Node::visit):
            (WebCore::FloatPointGraph::Node::reset):
            (WebCore::FloatPointGraph::reset):
            (WebCore::FloatPointGraph::findOrCreateNode):
            (WebCore::findLineSegmentIntersection):
            (WebCore::addIntersectionPoints):
            (WebCore::walkGraphAndExtractPolygon):
            (WebCore::findUnvisitedPolygonStartPoint):
            (WebCore::unitePolygons):
            (WebCore::edgesForRect):
            (WebCore::PathUtilities::pathWithShrinkWrappedRects):
            (WebCore::addShrinkWrapRightCorner): Deleted.
            (WebCore::addShrinkWrapLeftCorner): Deleted.
            (WebCore::addShrinkWrappedPathForRects): Deleted.
            (WebCore::rectsIntersectOrTouch): Deleted.
            (WebCore::findSetContainingRect): Deleted.
            Add a new implementation of shrink-wrap, which is significantly more
            generic than the old one, which assumed a top-down progression of rects.

            This version uses polygon intersection to find the path around the
            set of rects, and then follows said path and adds appropriately-sized
            arcs for the corners.

            The polygon intersection algorithm first finds all the intersection points
            between all of the rects, then builds a graph of edges outward from one point.
            It then traverses the graph, choosing at each point the next edge which
            has not been visited and has the greatest interior angle, recording the polygon as it goes.

            If at the end of the traversal we have not returned to the initial node,
            we give up on shrink-wrapping and just use a bounding box around the rects.

            If any of the original rects have not been visited at all, we repeat the traversal
            starting with that rect, making an additional polygon (since we removed completely contained
            rects before we started, having not visited the rect at all means that it's not connected
            to the others).

            Once we have a set of united polygons, we follow each one, determining the ideal (always
            equal in width and height, never more than half the length of either edge, so that we always
            have a smooth curve) arc radius and projecting it onto the edge, and then
            adding an arc between the end of the previous path and beginning of the next.

            Because the shrink-wrap algorithm is fairly expensive, if there are more than 20 rects,
            we fall back to a bounding box. Given the current use cases, this is more than enough
            rects, but can certainly be adjusted in the future if needed.

            * testing/Internals.cpp:
            (WebCore::Internals::pathWithShrinkWrappedRects):
            * testing/Internals.h:
            * testing/Internals.idl:
            Add a radius parameter.

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186974. rdar://problem/21106945

    2015-07-17  Nan Wang  <n_wang@apple.com>

            AX: iframe within table cell is inaccessible to VoiceOver
            https://bugs.webkit.org/show_bug.cgi?id=147001
            <rdar://problem/21106945>

            Reviewed by Chris Fleizach.

            When a table cell is created before its parent table determines if it should be ignored or not,
            the table cell may cache the wrong role. Fix that by allowing each table cell to update its role
            after the table makes this determination.

            Test: accessibility/iframe-within-cell.html

            * accessibility/AccessibilityTable.cpp:
            (WebCore::AccessibilityTable::addChildren):
            (WebCore::AccessibilityTable::addChildrenFromSection):

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186968. rdar://problem/21359811

    2015-07-17  Myles C. Maxfield  <mmaxfield@apple.com>

            Video posters disappear once media has loaded
            https://bugs.webkit.org/show_bug.cgi?id=147045

            Reviewed by Simon Fraser.

            After r184932, all video elements are composited. However, there is logic in
            RenderLayerBacking::updateConfiguration() which adds the video layer to the page
            if the video is composited, without checking first to see if it should actually
            do so.

            Test: compositing/video/poster.html

            * rendering/RenderLayerBacking.cpp:
            (WebCore::RenderLayerBacking::updateConfiguration):

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186964. rdar://problem/21803781

    2015-07-17  Dan Bernstein  <mitz@apple.com>

            WebCore part of <rdar://problem/21803781> The external URL policy is not reported correctly in navigation actions that create new windows
            https://bugs.webkit.org/show_bug.cgi?id=147040

            Reviewed by Dean Jackson.

            Test: TestWebKitAPI/Tests/WebKit2Cocoa/ShouldOpenExternalURLsInNewWindowActions.mm

            * loader/FrameLoader.cpp:
            (WebCore::shouldOpenExternalURLsPolicyToApply): Pulled the logic out of
            applyShouldOpenExternalURLsPolicyToNewDocumentLoader into this new helper.
            (WebCore::FrameLoader::loadURL): When targeting a new frame, apply the external URLs policy
            to the action passed to checkNewWindowPolicy.
            (WebCore::FrameLoader::applyShouldOpenExternalURLsPolicyToNewDocumentLoader): Call the new
            helper function.
            (WebCore::createWindow): Include the external URL policy in the action passed to
            createWindow.

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186957. rdar://problem/21867831

    2015-07-17  Benjamin Poulain  <bpoulain@apple.com>

            [Content Extensions] CSS-display-none rules are not working properly
            https://bugs.webkit.org/show_bug.cgi?id=147024

            Reviewed by Sam Weinig.

            There were 2 bugs prevening rules with css-display-none and a url-filter from working
            correctly.

            First, ContentExtensions::serializeActions() was merging selectors regardless of their
            trigger. All the CSS Selectors would be grouped together and applied regardless of which
            rule apply.

            That problem was fixed by grouping CSS rules by trigger. We want all the undistinguishable
            CSS rules to be merged. The trigger makes 2 rules dinstinguishable as one rule can apply
            on a page while the next rule does not. The simplest approach is to group by trigger.

            The second problem had to do with rules added before the document is created.
            When accumulating those rules, we were only keeping the last one. The reason was that
            DocumentLoader::addPendingContentExtensionDisplayNoneSelector() would only keep a single
            selector list by extension.

            This is fixed by keeping a vector of all the rules that apply.

            Tests: http/tests/contentextensions/css-display-none-with-different-case-sensitivity-are-not-merged.html
                   http/tests/contentextensions/css-display-none-with-different-triggers-are-not-merged.html
                   http/tests/contentextensions/two-distinguishable-css-display-none-rules-on-main-resource.html

            * contentextensions/ContentExtensionCompiler.cpp:
            (WebCore::ContentExtensions::serializeActions):
            * contentextensions/ContentExtensionRule.h:
            (WebCore::ContentExtensions::Trigger::isEmpty):
            (WebCore::ContentExtensions::TriggerHash::hash):
            (WebCore::ContentExtensions::TriggerHash::equal):
            (WebCore::ContentExtensions::TriggerHashTraits::constructDeletedValue):
            (WebCore::ContentExtensions::TriggerHashTraits::isDeletedValue):
            (WebCore::ContentExtensions::TriggerHashTraits::emptyValue):
            (WebCore::ContentExtensions::TriggerHashTraits::isEmptyValue):
            * contentextensions/ContentExtensionsBackend.cpp:
            (WebCore::ContentExtensions::ContentExtensionsBackend::processContentExtensionRulesForLoad): Deleted.
            * loader/DocumentLoader.cpp:
            (WebCore::DocumentLoader::commitData):
            (WebCore::DocumentLoader::addPendingContentExtensionDisplayNoneSelector):
            * loader/DocumentLoader.h:

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186956. rdar://problem/21643094

    2015-07-17  Tim Horton  <timothy_horton@apple.com>

            iOS TextIndicators include text that is not supposed to be indicated
            https://bugs.webkit.org/show_bug.cgi?id=147028
            <rdar://problem/21643094>

            Reviewed by Sam Weinig.

            Paint the selection and background, but not other foregrounds, for iOS TextIndicators.

            * page/FrameSnapshotting.cpp:
            (WebCore::snapshotFrameRect):
            * page/FrameSnapshotting.h:
            Add a new snapshot option where we'll paint backgrounds and the selected
            foreground and nothing else.
            Pass the new snapshot option through as a paint behavior.

            * page/TextIndicator.cpp:
            (WebCore::TextIndicator::createWithRange):
            Implement the incantations necessary to make a temporary selection
            change not get sent to the UI process and actually have WebCore know about it
            and accurately respond to questions about it.

            (WebCore::TextIndicator::createWithSelectionInFrame):
            Paint selection and backgrounds on iOS.

            * rendering/PaintPhase.h:
            * rendering/RenderLayer.cpp:
            (WebCore::RenderLayer::paintLayerContents):
            * rendering/RenderElement.cpp:
            (WebCore::RenderElement::selectionColor):
            Add a new paint behavior, SelectionAndBackgroundsOnly, which behaves
            the same as selection only except it allows backgrounds to paint.

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186916. rdar://problem/21643094

    2015-07-16  Tim Horton  <timothy_horton@apple.com>

            Add shrink-wrapped link highlights
            https://bugs.webkit.org/show_bug.cgi?id=147021
            <rdar://problem/21643094>

            Reviewed by Enrica Casucci.

            * WebCore.xcodeproj/project.pbxproj:
            * page/TextIndicator.cpp:
            (WebCore::TextIndicator::createWithRange):
            (WebCore::TextIndicator::createWithSelectionInFrame):
            * page/TextIndicator.h:
            Add a margin parameter to TextIndicator; this inflates each text rect
            by the given amount.

            Use snapshotFrameRect instead of snapshotSelection because we really
            want an image that exactly fits textBoundingRectInDocumentCoordinates,
            and snapshotSelection comes up with selection rects in different ways,
            especially on iOS (where it comes up with nothing!).

            For now, avoid forcing black text or painting only the selection on iOS.
            Eventually, we should have TextIndicator options for these things that
            are then respected at the presentation layer.

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186912. rdar://problem/21866271

    2015-07-16  Alex Christensen  <achristensen@webkit.org>

            [Content Extensions] Cache domain actions
            https://bugs.webkit.org/show_bug.cgi?id=146817

            Reviewed by Benjamin Poulain.

            Right now we run regular expressions on the domain every time we have any rules that match with if-domain or unless-domain.
            This caches the results of running regular expressions on the domain of the main document's url so we only need to
            run those regular expressions when the main document changes domain.  We also spend less time adding unused actions into HashSets.

            All behavior is covered by existing api tests, but I added some to explicitly test if-domain and unless-domain with multiple load types.

            * contentextensions/ContentExtension.cpp:
            (WebCore::ContentExtensions::ContentExtension::globalDisplayNoneStyleSheet):
            (WebCore::ContentExtensions::ContentExtension::cachedDomainActions):
            * contentextensions/ContentExtension.h:
            (WebCore::ContentExtensions::ContentExtension::identifier):
            (WebCore::ContentExtensions::ContentExtension::compiledExtension):
            * contentextensions/ContentExtensionsBackend.cpp:
            (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
            * contentextensions/DFABytecodeInterpreter.cpp:
            (WebCore::ContentExtensions::getJumpDistance):
            (WebCore::ContentExtensions::matchesDomain):
            (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretAppendAction):
            (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretTestFlagsAndAppendAction):
            (WebCore::ContentExtensions::DFABytecodeInterpreter::actionsForDefaultStylesheetFromDFARoot):
            (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretWithDomains):
            (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
            * contentextensions/DFABytecodeInterpreter.h:

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186890. rdar://problem/21643094

    2015-07-15  Tim Horton  <timothy_horton@apple.com>

            Move indicator rect uniting code to TextIndicatorWindow instead of TextIndicator
            https://bugs.webkit.org/show_bug.cgi?id=146992
            <rdar://problem/21643094>

            Reviewed by Daniel Bates.

            Having to unite all the rects if any overlap is an implementation
            detail of the Mac TextIndicatorWindow presentation, not a fundamental
            property of TextIndicator.

            Other TextIndicator presentations might be able to handle overlapping
            rects more effectively, so we shouldn't lose information unless we need to.

            This also avoids having a second copy of some constants!

            * page/TextIndicator.cpp:
            (WebCore::outsetIndicatorRectIncludingShadow): Deleted.
            (WebCore::textIndicatorsForTextRectsOverlap): Deleted.
            (WebCore::TextIndicator::TextIndicator): Deleted.
            * page/mac/TextIndicatorWindow.mm:
            (outsetIndicatorRectIncludingShadow):
            (textIndicatorsForTextRectsOverlap):
            (-[WebTextIndicatorView initWithFrame:textIndicator:margin:offset:]):

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186875. rdar://problem/21643094

    2015-07-15  Brent Fulgham  <bfulgham@apple.com>

            [Win] Another build fix after r186858.

            * html/canvas/DOMPath.h: Don't use WEBCORE_EXPORT on the
            overall class and the destructor declaration.

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186867. rdar://problem/21643094

    2015-07-15  Brent Fulgham  <bfulgham@apple.com>

            [Win] Unreviewed build fix after r186858.

            Add missing DOMPath and PathUtilities files to project.

            * WebCore.vcxproj/WebCore.vcxproj:
            * WebCore.vcxproj/WebCore.vcxproj.filters:

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186863. rdar://problem/21715050

    2015-07-15  Brady Eidson  <beidson@apple.com>

            WebKit document.cookie mis-parsing.
            rdar://problem/21715050 and https://bugs.webkit.org/show_bug.cgi?id=146976

            Reviewed by Sam Weinig.

            * platform/network/mac/CookieJarMac.mm:
            (WebCore::setCookiesFromDOM): Use new CFNetwork SPI when available.

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186858. rdar://problem/21643094

    2015-07-15  Tim Horton  <timothy_horton@apple.com>

            Factor rect shrink-wrapping code out of RenderThemeMac for future reuse
            https://bugs.webkit.org/show_bug.cgi?id=146973
            <rdar://problem/21643094>

            Reviewed by Anders Carlsson.

            Test: fast/shrink-wrap/rect-shrink-wrap.html

            * WebCore.xcodeproj/project.pbxproj:
            Add DOMPath.cpp and PathUtilities.{h, cpp}.

            * bindings/js/JSDOMBinding.h:
            (WebCore::NativeValueTraits<double>::nativeValue):
            Make it possible to use sequence<double> in IDL files.

            * bindings/scripts/CodeGeneratorJS.pm:
            Export JSDOMPath for use in Internals.

            * html/canvas/DOMPath.cpp: Added.
            (WebCore::DOMPath::~DOMPath):
            * html/canvas/DOMPath.h:
            Out-of-line the DOMPath destructor so as not to anger the bindings
            integrity checker (otherwise, the address of the DOMPath destructor
            is different in WebCoreTestSupport and WebCore, causing us to fail
            the vtable equality test).

            * platform/graphics/Path.h:
            Forward declare FloatRect instead of including it unnecessarily.
            Export ensurePlatformPath().

            * platform/graphics/PathUtilities.cpp: Added.
            (WebCore::addShrinkWrapRightCorner):
            (WebCore::addShrinkWrapLeftCorner):
            (WebCore::addShrinkWrappedPathForRects):
            These parts are extracted from RenderThemeMac, with two changes:
                + support for arbitrarily-aligned rects
                  (the other version assumed they were horizontally center-aligned)
                + support for overlapping rects
                  (the other version assumed they touched but did not overlap)

            There are still things missing:
                + support for a fallback when the shape is too hard to shrink-wrap

            And things broken:
                + if the distance between two edges is smaller than the corner radius,
                  we'll end up with a sharp edge in the path

            Both of these cases are covered in the layout test and can be improved.

            (WebCore::rectsIntersectOrTouch):
            Rect intersection with <= instead of <.

            (WebCore::contiguousRectGroupsFromRects):
            Given a set of rects, find all of the contiguous regions. We'll
            shrink-wrap each region independently.

            (WebCore::PathUtilities::pathWithShrinkWrappedRects):
            * platform/graphics/PathUtilities.h: Added.
            Add PathUtilities, where the shrink-wrapping code lives.

            * rendering/RenderThemeMac.mm:
            (WebCore::paintAttachmentTitleBackground):
            (WebCore::addAttachmentTitleBackgroundRightCorner): Deleted.
            (WebCore::addAttachmentTitleBackgroundLeftCorner): Deleted.
            Remove shrink-wrapping implementation and make use of the one in PathUtilities.

            * testing/Internals.cpp:
            (WebCore::Internals::pathWithShrinkWrappedRects):
            * testing/Internals.h:
            * testing/Internals.idl:
            Expose pathWithShrinkWrappedRects to tests via Internals.
            It takes a sequence<double> where every four values are the x, y, w, h
            of a rect, and returns a DOMPath which can be used with Canvas.

2015-07-20  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186854. rdar://problem/21840147

    2015-07-15  Eric Carlson  <eric.carlson@apple.com>

            [Mac] AirPlay route is not always set automatically
            https://bugs.webkit.org/show_bug.cgi?id=146969

            Reviewed by Jer Noble.

            * Modules/mediasession/WebMediaSessionManager.cpp:
            (WebCore::WebMediaSessionManager::configurePlaybackTargetClients): Return early if there are
              no clients. Make the first client in the vector automatically play to the target if there
              is no other match and there is an active route.
            (WebCore::WebMediaSessionManager::watchdogTimerFired): Call picker.invalidatePlaybackTargets,
              not stopMonitoringPlaybackTargets.

            * platform/graphics/MediaPlaybackTargetPicker.cpp:
            (WebCore::MediaPlaybackTargetPicker::invalidatePlaybackTargets): New.
            * platform/graphics/MediaPlaybackTargetPicker.h:

            * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.h:
            * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
            (WebCore::MediaPlaybackTargetPickerMac::stopMonitoringPlaybackTargets): Do nothing, AirPlay
              automatically stops monitoring when appropriate and release the picker also releases
              the output context, which drops the route.
            (WebCore::MediaPlaybackTargetPickerMac::invalidatePlaybackTargets): New.

2015-07-16  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186799. rdar://problem/20542574

    2015-07-13  Brent Fulgham  <bfulgham@apple.com>

            [Win] Unreviewed build fix.

            * platform/graphics/avfoundation/cf/InbandTextTrackPrivateAVCF.cpp:
            (WebCore::InbandTextTrackPrivateAVCF::readNativeSampleBuffer): Don't try to build
            the new Legible Output API features if they aren't available in the build
            environment.

2015-07-16  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186798. rdar://problem/20542574

    2015-07-13  Brent Fulgham  <bfulgham@apple.com>

            [Win] Update Media Player logic for new Legible Output API
            https://bugs.webkit.org/show_bug.cgi?id=146922
            <rdar://problem/20542574>

            Reviewed by Eric Carlson.

            * AVFoundationSupport.py: Check for updated AVFCF feature.
            * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
            (WebCore::InbandTextTrackPrivateAVF::processNativeSamples): Update to call the
            new 'readNativeSampleBuffer' method.
            (WebCore::InbandTextTrackPrivateAVF::readNativeSampleBuffer): Added. This is a no-op
            on Windows if it has the new AVCF API. Otherwise, it contains the same implementation
            that has always been used in 'processNativeSamples'.
            * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.h:
            * platform/graphics/avfoundation/cf/InbandTextTrackPrivateAVCF.cpp:
            (WebCore::InbandTextTrackPrivateAVCF::readNativeSampleBuffer): Added. Use the new
            Legible Output API instead of the old CoreMedia solution if it is available.
            * platform/graphics/avfoundation/cf/InbandTextTrackPrivateAVCF.h:
            (WebCore::InbandTextTrackPrivateAVCF::mediaSelectionOption):
            * platform/graphics/avfoundation/cf/InbandTextTrackPrivateLegacyAVCF.cpp:
            (WebCore::InbandTextTrackPrivateLegacyAVCF::readNativeSampleBuffer): Add a stub implementation.
            * platform/graphics/avfoundation/cf/InbandTextTrackPrivateLegacyAVCF.h:
            * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
            (WebCore::AVFWrapper::createPlayerItem): Use the new Legible Output API if it is available.

2015-07-16  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186911. rdar://problem/21822541

    2015-07-16  Simon Fraser  <simon.fraser@apple.com>

            Fix disappearing position:fixed elements in fixed layout mode
            https://bugs.webkit.org/show_bug.cgi?id=147019

            Reviewed by Tim Horton.

            Test: compositing/fixed-with-fixed-layout.html

            When in fixed layout mode, and being scaled down, viewportConstrainedVisibleContentRect() is
            the wrong thing to use to determine if position:fixed elements are clipped out. In this case,
            use the simpler document bounds (before scaling).

            In the long term,  there needs to be an equivalent of viewportConstrainedVisibleContentRect()
            that gives an appropriate rect that can be used here.

            * rendering/RenderLayerCompositor.cpp:
            (WebCore::RenderLayerCompositor::requiresCompositingForPosition):

2015-07-16  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186895. rdar://problem/21692212

    2015-07-16  Brady Eidson  <beidson@apple.com>

            WebKit document.cookie mis-parsing.
            rdar://problem/21715050 and https://bugs.webkit.org/show_bug.cgi?id=146976

            Reviewed by Sam Weinig.

            * platform/network/cf/CookieJarCFNet.cpp:
            (WebCore::createCookies): Use new SPI if available.
            (WebCore::setCookiesFromDOM):
            * platform/spi/cf/CFNetworkSPI.h:

2015-07-16  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186879. rdar://problem/21758704

    2015-07-15  Dean Jackson  <dino@apple.com>

            Tag WebGL layers with sRGB colorspace
            https://bugs.webkit.org/show_bug.cgi?id=146986
            <rdar://problem/21758704>

            Fix the build on older El Capitan releases.

            * platform/graphics/mac/WebGLLayer.mm:
            (-[WebGLLayer initWithGraphicsContext3D:]):
            * platform/spi/cocoa/QuartzCoreSPI.h:

2015-07-16  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186878. rdar://problem/21758722

    2015-07-15  Sam Weinig  <sam@webkit.org>

            Color match plug-ins
            <rdar://problem/21758722>
            https://bugs.webkit.org/show_bug.cgi?id=146987

            Reviewed by Dean Jackson.

            * platform/spi/cocoa/QuartzCoreSPI.h:
            Add colorMatchUntaggedContent property.

2015-07-16  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186868. rdar://problem/21758704

    2015-07-15  Dean Jackson  <dino@apple.com>

            Tag WebGL layers with sRGB colorspace
            https://bugs.webkit.org/show_bug.cgi?id=146986
            <rdar://problem/21758704>

            Reviewed by Simon Fraser.

            Label a CAOpenGLLayer as using the sRGB colorspace,
            like the rest of our page content.

            Test: fast/canvas/webgl/match-page-color-space.html

            * platform/graphics/mac/WebGLLayer.mm:
            (-[WebGLLayer initWithGraphicsContext3D:]): Set the colorspace property on the layer.
            (-[WebGLLayer copyCGLPixelFormatForDisplayMask:]):
            (-[WebGLLayer drawInCGLContext:pixelFormat:forLayerTime:displayTime:]):
            (-[WebGLLayer copyImageSnapshotWithColorSpace:]):

2015-07-16  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186865. rdar://problem/21823835

    2015-07-15  Wenson Hsieh  <wenson_hsieh@apple.com>

            Scroll snapping to elements is broken for main frame scrolling
            https://bugs.webkit.org/show_bug.cgi?id=146957

            Reviewed by Brent Fulgham.

            Fixes the case of elements with scroll snap coordinates in a scroll snapping mainframe by changing
            RenderBox::findEnclosingScrollableContainer to return the body's RenderBox when all enclosing elements
            are not overflow scrollable but the mainframe can scroll.

            Test: css3/scroll-snap/scroll-snap-coordinate-mainframe.html

            * page/FrameView.h: Export isScrollable so that the Internals API can use it.
            * rendering/RenderBox.cpp: Include MainFrame.h.
            (WebCore::RenderBox::findEnclosingScrollableContainer): Changed to return the body's RenderBox if
                none of its parent elements are overflow scrolling.
            * testing/Internals.cpp:
            (WebCore::Internals::scrollSnapOffsets): Updated to return snap offsets for the body element,
                allowing us to call window.internals.scrollSnapOffsets(document.body).

2015-07-16  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186857. rdar://problem/21840845

    2015-07-15  Enrica Casucci  <enrica@apple.com>

            [iOS] Should look for RTF and RTFD pasteboard types before plain text.
            https://bugs.webkit.org/show_bug.cgi?id=146971
            rdar://problem/21840845

            Reviewed by Sam Weinig.

            The list of pasteboard types returned by supportedPasteboardTypes
            determines the order in which WebKit looks for data in the pasteboard
            to create a fragment. The incorrect order could make plain text to
            be preferred over rich format.

            * platform/ios/PasteboardIOS.mm:
            (WebCore::Pasteboard::supportedPasteboardTypes):

2015-07-16  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186840. rdar://problem/21823681

    2015-07-15  Wenson Hsieh  <wenson_hsieh@apple.com>

            Negative scroll snap repeat values cause web process to hang indefinitely
            https://bugs.webkit.org/show_bug.cgi?id=146953
            <rdar://problem/21823681>

            Reviewed by Simon Fraser.

            Fixed dangerous behavior caused by setting -scroll-snap-points-x or -y to negative or very small
            positive values. In the case of negative or 0 repeats, the web process would hang indefinitely. In
            the case of very small positive values, a massive amount of memory could potentially be allocated
            just to store snap offsets.

            Tests: css3/scroll-snap/scroll-snap-negative-repeat.html
                   css3/scroll-snap/scroll-snap-subpixel-repeat.html

            * css/CSSParser.cpp:
            (WebCore::CSSParser::parseNonElementSnapPoints): Changed to consider negative snap repeat values as invalid CSS.
            * page/scrolling/AxisScrollSnapOffsets.cpp:
            (WebCore::updateFromStyle): Changed to threshold non-negative snap repeat values to 1px.

2015-07-16  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186837. rdar://problem/21774358

    2015-07-14  Dean Jackson  <dino@apple.com>

            Placeholder colors should be system grays
            https://bugs.webkit.org/show_bug.cgi?id=146955
            <rdar://problem/21774358>

            Reviewed by Sam Weinig.

            Update the PiP and Airplay placards to use the correct shades
            of gray.

            * Modules/mediacontrols/mediaControlsApple.css: No need to specify the
            font here, nor have rules for Picture in Picture, which isn't available
            on OS X.
            (audio::-webkit-media-controls-time-remaining-display): We should specify
            font style here.
            (video:-webkit-full-screen::-webkit-media-controls-panel): Drive-by cleanup.
            (audio::-webkit-media-controls-wireless-playback-status): Use a gray background
            and system gray for text and artwork.
            (audio::-webkit-media-controls-wireless-playback-status.small): Ditto.
            (audio::-webkit-media-controls-picture-in-picture-button): Deleted (not on OS X).
            (audio::-webkit-media-controls-wireless-playback-text-top): Deleted use of background color.
            (audio::-webkit-media-controls-wireless-playback-text-bottom): Ditto..

            * Modules/mediacontrols/mediaControlsiOS.css: Use a gray background
            and system gray for text and artwork.
            (audio::-webkit-media-controls-wireless-playback-status):
            (audio::-webkit-media-controls-wireless-playback-text-top):
            (audio::-webkit-media-controls-wireless-playback-status.picture-in-picture):

2015-07-16  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186828. rdar://problem/19925709

    2015-07-14  Andreas Kling  <akling@apple.com>

            Don't persist history item tree for subframes across reloads.
            <https://webkit.org/b/146937>
            <rdar://problem/19925709>

            Reviewed by Brady Eidson.

            Throw away the subframe history items when reloading a page. This ensures that we
            don't accumulate outdated frame metadata when subframes change name across page loads.
            Since the history item tree is encoded in the UA session state and gets serialized to
            disk, it's important that we don't let it grow unbounded.

            * loader/HistoryController.cpp:
            (WebCore::HistoryController::updateForReload):

2015-07-16  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186827. rdar://problem/21736723

    2015-07-14  Antti Koivisto  <antti@apple.com>

            REGRESSION (r177876): store.apple.com profile and cart icons are missing
            https://bugs.webkit.org/show_bug.cgi?id=146894

            Reviewed by Myles C. Maxfield.

            If we had several @font-face rules for the same face covering overlapping ranges we
            would only try to get glyphs from the first one. If it didn't have the glyph we wouldn't
            try the other ones.

            Test: fast/css/font-face-multiple-missing-glyphs.html

            * platform/graphics/FontCascadeFonts.cpp:
            (WebCore::FontCascadeFonts::glyphDataForVariant):
            (WebCore::FontCascadeFonts::glyphDataForNormalVariant):

                Get GlyphData with one call.

            * platform/graphics/FontRanges.cpp:
            (WebCore::FontRanges::~FontRanges):
            (WebCore::FontRanges::glyphDataForCharacter):

                Check that we actually have a glyph in the font for the character before returning it.

            (WebCore::FontRanges::fontForCharacter):
            (WebCore::FontRanges::fontForFirstRange):
            * platform/graphics/FontRanges.h:
            (WebCore::FontRanges::size):
            (WebCore::FontRanges::rangeAt):

2015-07-16  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186807. rdar://problem/21782350

    2015-07-14  Alex Christensen  <achristensen@webkit.org>

            [Content Extensions] Fix if-domain and unless-domain when loading main documents.
            https://bugs.webkit.org/show_bug.cgi?id=146868

            Reviewed by Benjamin Poulain.

            Tests: http/tests/contentextensions/block-everything-if-domain.html
                   http/tests/contentextensions/block-everything-unless-domain-iframe.html
                   http/tests/contentextensions/block-everything-unless-domain-redirect.php
                   http/tests/contentextensions/block-everything-unless-domain.html

            * contentextensions/ContentExtensionsBackend.cpp:
            (WebCore::ContentExtensions::ContentExtensionsBackend::processContentExtensionRulesForLoad):
            If we are loading a new main document, use that main document url as the main document url for domain comparison.

2015-07-16  Matthew Hanson  <matthew_hanson@apple.com>

        Merge r186786. rdar://problem/9222837

    2015-07-13  Simon Fraser  <simon.fraser@apple.com>

            [iOS WK2] When choosing an initial viewport scale, take overflow on the <body> into account
            https://bugs.webkit.org/show_bug.cgi?id=146918
            rdar://problem/9222837

            Reviewed by Tim Horton.

            Use as input to the viewport scaling algorithm a contents size from the FrameView
            that takes overflow on the viewport renderer into account. This prevents unexpected
            viewports scaling on pages that have content that overflows their expressed contents size,
            but apply overflow to the <body>.

            * page/FrameView.cpp:
            (WebCore::FrameView::contentsSizeRespectingOverflow): Look for overflow:hidden on each axis of
            the m_viewportRenderer, which is computed post-layout by calculateScrollbarModesForLayout()
            and is used for scrollbar logic on OS X. Clip unscaledDocumentRect on each axis, and then
            apply page scale.
            * page/FrameView.h:

2015-07-16  Lucas Forschler  <lforschler@apple.com>

        Merge r186764. rdar://problem/20923632

    2015-07-13  Eric Carlson  <eric.carlson@apple.com>

            [iOS] Cancel AirPlay explicitly when exiting from full screen
            https://bugs.webkit.org/show_bug.cgi?id=146902
            <rdar://problem/20923632>

            Reviewed by Brent Fulgham.

            * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
            * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
            (WebVideoFullscreenInterfaceAVKit::~WebVideoFullscreenInterfaceAVKit): Call setExternalPlayback(false)
              if playing to an external screen.

2015-07-12  Babak Shafiei  <bshafiei@apple.com>

        Merge r186741.

    2015-07-12  Chris Fleizach  <cfleizach@apple.com>

            AX: WEB: VoiceOver for iOS does not read <iframe> elements during linear (swipe) navigation.
            https://bugs.webkit.org/show_bug.cgi?id=146861

            Reviewed by Darin Adler.

            AttachmentViews exist only on WK1 so we need account for both platforms.

            Test: platform/ios-simulator/accessibility/iframe-access.html

            * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
            (-[WebAccessibilityObjectWrapper accessibilityElementAtIndex:]):

2015-07-12  Babak Shafiei  <bshafiei@apple.com>

        Merge r186712.

    2015-07-10  Simon Fraser  <simon.fraser@apple.com>

            [iOS WK2] Scrolling issues on horizontally scrollable RTL pages
            https://bugs.webkit.org/show_bug.cgi?id=146872
            rdar://problem/7569416

            Reviewed by Sam Weinig.

            Horizontally scrollable RTL pages in WebKit2 had a variety of issues: they had
            a gap down the right edge, and unreachable content on the left side, focussing
            form fields scrolled to the wrong location, and programmatic scrolls scrolled
            to the wrong place.

            Fix by plumbing the WebCore notion of scrollOrigin through to the UI process,
            and using it in various places. There are three main aspects to the patch:

            1. scroll origin is included in RemoteLayerTreeTransaction, and plumbed through
               to -[WKWebView _scrollToContentOffset:] for correct programmatic scrolling,
               including zooming to focussed form elements.
            2. WebPageProxy::computeCustomFixedPositionRect() uses the actual documentRect()
               rather than just conjuring up a rect with a zero origin, which makes position:fixed
               work correctly.
            3. _interactionViewsContainerView (which hosts tap highlights) is positioned to 
               coincide with the origin of the documentRect (i.e. at the scroll origin, which
               may not be top-left). This allows tap highlights to show in the correct location.
            4. ScrollView::unobscuredContentRect() is fixed to take scroll origin into account;
               if the returned rect is wrong, RenderLayer::hitTest() incorrectly clips the hit
               testing area.

            * platform/ios/ScrollViewIOS.mm:
            (WebCore::ScrollView::unobscuredContentRect):

2015-07-12  Babak Shafiei  <bshafiei@apple.com>

        Merge r186707.

    2015-07-10  Chris Dumez  <cdumez@apple.com>

            [WK2] Diagnostic logging messages are causing too much IPC
            https://bugs.webkit.org/show_bug.cgi?id=146873
            <rdar://problem/21779205>

            Reviewed by Ryosuke Niwa.

            Move shouldLogAfterSampling() utility function to DiagnosticLoggingClient
            so it can be easily reused.

            * page/DiagnosticLoggingClient.h:
            (WebCore::DiagnosticLoggingClient::shouldLogAfterSampling):

2015-07-12  Babak Shafiei  <bshafiei@apple.com>

        Merge r186684.

    2015-07-10  Zalan Bujtas  <zalan@apple.com>

            Crash at WebCore::WebPage::innerFrameQuad.
            https://bugs.webkit.org/show_bug.cgi?id=146843
            rdar://problem/21501819

            Reviewed by Andreas Kling.

            We may end up with a null rootEditableElement() after calling Document::updateLayout().

            Speculative fix. Not reproducible.

            * page/Frame.cpp: Some const cleanup.
            (WebCore::Frame::visiblePositionForPoint):
            * page/Frame.h:

2015-07-12  Babak Shafiei  <bshafiei@apple.com>

        Merge r186683.

    2015-07-10  Brady Eidson  <beidson@apple.com>

            Crash in HistoryController::updateForCommit dereferencing a null HistoryItem.
            <rdar://problem/21371589> and https://bugs.webkit.org/show_bug.cgi?id=146842

            Reviewed by Chris Dumez.

            No new tests (Unknown how to reproduce).

            This patch basically rolls back part of http://trac.webkit.org/changeset/179472.

            r179472 changed HistoryController::setCurrentItem() to take a reference instead of a pointer.
            Unfortunately, we sometimes call setCurrentItem(nullptr).

            We'd like to *not* do that, and there are assertions in place to try to catch when we do,
            but in the meantime it is not valid to dereference nullptr.

            * loader/FrameLoader.cpp:
            (WebCore::FrameLoader::loadSameDocumentItem):

            * loader/HistoryController.cpp:
            (WebCore::HistoryController::updateForCommit):
            (WebCore::HistoryController::recursiveUpdateForCommit):
            (WebCore::HistoryController::recursiveUpdateForSameDocumentNavigation):
            (WebCore::HistoryController::setCurrentItem): Take a ptr instead of a ref.
            (WebCore::HistoryController::createItem):
            * loader/HistoryController.h:

2015-07-12  Babak Shafiei  <bshafiei@apple.com>

        Merge r186718.

    2015-07-11  Joseph Pecoraro  <pecoraro@apple.com>

            Update default link action sheets for app links
            https://bugs.webkit.org/show_bug.cgi?id=146658
            <rdar://problem/21221902>

            Reviewed by Dan Bernstein.

            * English.lproj/Localizable.strings:
            * platform/spi/ios/LaunchServicesSPI.h:

2015-07-12  Babak Shafiei  <bshafiei@apple.com>

        Merge r186727.

    2015-07-11  Babak Shafiei  <bshafiei@apple.com>

            Unreviewed build fix.

            * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
            (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::load):
            (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::cancelLoad):

2015-07-10  Matthew Hanson  <matthew_hanson@apple.com>

        Disable non-shipping features.

        * Configurations/FeatureDefines.xcconfig:

2015-07-09  Zalan Bujtas  <zalan@apple.com>

        Plugin create can end up destroying its renderer.
        https://bugs.webkit.org/show_bug.cgi?id=146824
        rdar://problem/18921429

        Reviewed by Andreas Kling.

        Plugins can run arbitrary code during initialization. If the plugin
        happens to destroy the associated node, its renderer becomes invalid.
        This patch checks whether the renderer survived the createPlugin() call.
        (This WeakPtr pattern is also used in RenderWidget to avoid dangling pointers.)

        Speculative fix. Not reproducible.

        * loader/SubframeLoader.cpp:
        (WebCore::SubframeLoader::loadPlugin):

2015-07-09  Dan Bernstein  <mitz@apple.com>

        WebCore part of Track and expose policies for external URL schemes and App Links separately
        https://bugs.webkit.org/show_bug.cgi?id=146822

        Reviewed by Anders Carlsson.

        * loader/FrameLoaderTypes.h: Added ShouldOpenExternalURLsPolicy::ShouldAllowExternalSchemes,
        meaning external schemes are allowed but App Links are not. The opposite state doesn’t
        exist.

        * page/ContextMenuController.cpp:
        (WebCore::ContextMenuController::contextMenuItemSelected): Opening a link in a new window
        or in the current window should never open it as an App Link.

2015-07-09  Daniel Bates  <dabates@apple.com>

        Fetching Content Security Policy report URL should respect same origin policy
        https://bugs.webkit.org/show_bug.cgi?id=146754
        <rdar://problem/18860259>

        Reviewed by Brady Eidson.

        Inspired by Blink r149791 (by Mike West <mkwst@chromium.org>):
        <https://src.chromium.org/viewvc/blink?revision=149791&view=revision>

        As per <http://www.w3.org/TR/2015/CR-CSP2-20150219/#send-violation-reports>, fetching the
        Content Security Policy report URL should include cookies if and only if the origin of
        the protected resource is equal to the origin of the report URL.

        Tests: http/tests/security/contentSecurityPolicy/report-cross-origin-no-cookies-when-private-browsing-enabled.html
               http/tests/security/contentSecurityPolicy/report-cross-origin-no-cookies-when-private-browsing-toggled.html
               http/tests/security/contentSecurityPolicy/report-cross-origin-no-cookies.html
               http/tests/security/contentSecurityPolicy/report-same-origin-no-cookies-when-private-browsing-toggled.html
               http/tests/security/contentSecurityPolicy/report-same-origin-with-cookies-when-private-browsing-enabled.html
               http/tests/security/contentSecurityPolicy/report-same-origin-with-cookies.html

        * loader/PingLoader.cpp:
        (WebCore::PingLoader::sendViolationReport):

2015-07-09  Timothy Horton  <timothy_horton@apple.com>

        Use CoreAnimation fences instead of synchronous IPC to synchronize resize
        https://bugs.webkit.org/show_bug.cgi?id=146294
        <rdar://problem/21090193>

        Reviewed by Anders Carlsson.

        * platform/cocoa/MachSendRight.h:
        Export some constructors.

        * platform/spi/cocoa/QuartzCoreSPI.h:
        Add some SPI.

2015-07-09  Brady Eidson  <beidson@apple.com>

        Followup to r186647

        Reviewed by NOBODY.

        Thanks, EWS and commit-queue, for not catching this!

        * loader/DocumentLoader.h: Add a semi-colon.

2015-07-09  Dean Jackson  <dino@apple.com>

        REGRESSION: Inline media scrubbing always pauses the video
        https://bugs.webkit.org/show_bug.cgi?id=146819
        <rdar://problem/21572027>

        Reviewed by Eric Carlson. Joseph Pecoraro also was really
        helpful in diagnosing the problem.

        When we moved some code from a getter/setter in the child
        class to the base class, it was no longer being called due
        to the bad way we were implementing inheritance. The solution
        was to have the child class explicitly call into the base
        class.

        The much better solution would have been to rewrite everything
        to use ES6 classes or, as a smaller change, assign the __proto__
        directly on the child prototype. But I felt that was a bit
        too risky at this point.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.extend): Describe in a comment why the extend function
        is not suitable.
        * Modules/mediacontrols/mediaControlsiOS.js: Add a getter/setter for
        scrubbing that calls into the base Controller.

2015-07-09  Chris Fleizach  <cfleizach@apple.com>

        AX: <details> element should allow expand/close through AX API
        https://bugs.webkit.org/show_bug.cgi?id=146549

        Reviewed by Mario Sanchez Prada.

        Forgot this file with the original commit.

        * html/HTMLDetailsElement.cpp:
        (WebCore::HTMLDetailsElement::toggleOpen):

2015-07-09  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Add 3 byte jump size.
        https://bugs.webkit.org/show_bug.cgi?id=146425

        Reviewed by Darin Adler.

        * contentextensions/DFABytecode.h:
        (WebCore::ContentExtensions::smallestPossibleJumpSize):
        * contentextensions/DFABytecodeCompiler.cpp:
        (WebCore::ContentExtensions::appendZeroes):
        (WebCore::ContentExtensions::DFABytecodeCompiler::compile):
        * contentextensions/DFABytecodeInterpreter.cpp:
        (WebCore::ContentExtensions::jumpSizeInBytes):
        (WebCore::ContentExtensions::getJumpSize):
        (WebCore::ContentExtensions::getJumpDistance):
        Added DFABytecodeJumpSize::Int24.

2015-07-09  Brady Eidson  <beidson@apple.com>

        Add better ASSERTs to learn more about what is going wrong in DocumentLoader::detachFromFrame()
        https://bugs.webkit.org/show_bug.cgi?id=146816

        Reviewed by Alex Christensen.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::attachToFrame): Set the "has ever been attached" flag to true.
        (WebCore::DocumentLoader::detachFromFrame): ASSERT m_frame is non-null, but with a message 
          depending on the value of the "has ever been attached" flag.
        * loader/DocumentLoader.h:

2015-07-09  Brent Fulgham  <bfulgham@apple.com>

        [Mac, iOS] The mimeTypeCache should return a reference
        https://bugs.webkit.org/show_bug.cgi?id=146809

        Reviewed by Eric Carlson.

        No new tests: No change in functionality.

        Don't copy the mime type cache every time someone asks it a question. Return
        by reference instead.

        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        (WebCore::mimeTypeCache):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::mimeTypeCache):
        * platform/mock/mediasource/MockMediaPlayerMediaSource.cpp:
        (WebCore::mimeTypeCache):

2015-07-09  Wenson Hsieh  <whsieh@berkeley.edu>

        Rubber banding is broken when using a Mighty Mouse
        https://bugs.webkit.org/show_bug.cgi?id=146693

        Reviewed by Tim Horton.

        Sets the "constrain content edge scrolling" flag to true by default, causing scrolling
        with a Mighty Mouse to not extend beyond the container's edges.

        Test: platform/mac-wk2/tiled-drawing/scrolling/stateless-scrolling-no-rubber-band.html

        * rendering/RenderLayer.cpp: Remove code that defaulted the flag to false.
        (WebCore::RenderLayer::RenderLayer): Deleted.
        * rendering/RenderMarquee.cpp: Added special case for marquees that allows content to scroll.
        (WebCore::RenderMarquee::RenderMarquee): See above.

2015-07-09  Brady Eidson  <beidson@apple.com>

        DocumentLoader::detachFromFrame() is being called with no current Frame set.
        <rdar://problem/21293082> and https://bugs.webkit.org/show_bug.cgi?id=146786 

        Reviewed by Sam Weinig.

        No new tests (Unknown how to reproduce).

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::attachToFrame):
        (WebCore::DocumentLoader::detachFromFrame): Null check m_frame before dereferencing it.
        (WebCore::DocumentLoader::setFrame): Deleted, renamed to attachToFrame(), and take's
          a Frame& instead of a Frame*.
        * loader/DocumentLoader.h:
        
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::initForSynthesizedDocument): setFrame is now attachToFrame.
        (WebCore::FrameLoader::setPolicyDocumentLoader): Ditto.
        (WebCore::FrameLoader::transitionToCommitted): Ditto.

2015-07-09  Matthew Daiter  <mdaiter@apple.com>

        Expose MediaStream methods to be used in the MediaStream Engine
        https://bugs.webkit.org/show_bug.cgi?id=146791
        <rdar://problem/21747589>

        Reviewed by Brent Fulgham.

        * Modules/mediastream/MediaStream.cpp: 
        (WebCore::MediaStream::getAudioTracks): Removed const
        (WebCore::MediaStream::getVideoTracks): Ditto
        * Modules/mediastream/MediaStream.h: Needed to change functions to
        override
        * platform/mediastream/MediaStreamPrivate.h: Added certain calls to
        PrivateClient that exposes methods to be used in the engine

2015-07-09  Devin Rousso  <drousso@apple.com>

        Web Inspector: Fix shape-highlight layout tests
        https://bugs.webkit.org/show_bug.cgi?id=146080

        Reviewed by Joseph Pecoraro.

        * inspector/InspectorOverlay.cpp:
        (WebCore::buildObjectForShapeOutside): Now properly returns the shape margin.

2015-07-09  Eric Carlson  <eric.carlson@apple.com>

        [Mac] AirPlay to password protected AppleTV fails
        https://bugs.webkit.org/show_bug.cgi?id=146812

        Reviewed by Dean Jackson.

        * Modules/mediasession/WebMediaSessionManager.cpp:
        (WebCore::WebMediaSessionManager::showPlaybackTargetPicker): Initialize previouslyRequestedPicker.
        (WebCore::WebMediaSessionManager::clientStateDidChange): Cleanup the logic and add a comment
          to make it slightly easier to follow. Don't begin playing to a device unless playback
          has just started (don't switch in mid-play).
        (WebCore::WebMediaSessionManager::configurePlaybackTargetClients): Use the last client to
          request the device picker as a fallback in case no other client is a canditate. Add more
          logging to make it possible to debug the selection logic.
        (WebCore::WebMediaSessionManager::scheduleDelayedTask): Fiddle with the logging.

2015-07-09  Matthew Daiter  <mdaiter@apple.com>

        Implementing platform-specific section of enumerateDevices
        https://bugs.webkit.org/show_bug.cgi?id=146461
        <rdar://problem/21614466>

        Reviewed by Darin Adler.

        * Modules/mediastream/MediaDeviceInfo.cpp: Changed access methods
        (WebCore::MediaDeviceInfo::audioInputType): Added AtomicString
        permanent refs
        (WebCore::MediaDeviceInfo::audioOutputType): Ditto
        (WebCore::MediaDeviceInfo::videoInputType): Ditto
        * Modules/mediastream/MediaDeviceInfo.h: Changed String refs to values
        (WebCore::MediaDeviceInfo::label): Ditto
        (WebCore::MediaDeviceInfo::deviceId): Ditto
        (WebCore::MediaDeviceInfo::groupId): Ditto
        (WebCore::MediaDeviceInfo::kind): Ditto
        * platform/mediastream/MediaDevicesPrivate.cpp: Implemented query for
        available devices
        (WebCore::MediaDevicesPrivate::MediaDevicesPrivate):
        (WebCore::MediaDevicesPrivate::create):
        (WebCore::MediaDevicesPrivate::availableMediaDevices):
        * platform/mediastream/MediaDevicesPrivate.h:
        (WebCore::MediaDevicesPrivate::~MediaDevicesPrivate):
        * WebCore.xcodeproj/project.pbxproj:
        * platform/mediastream/MediaStreamTrackSourcesRequestClient.h: Needed
        to tack on extra fields to hold data
        (WebCore::TrackSourceInfo::create):
        (WebCore::TrackSourceInfo::groupId):
        (WebCore::TrackSourceInfo::deviceId):
        (WebCore::TrackSourceInfo::TrackSourceInfo):
        * platform/mediastream/mac/AVCaptureDeviceManager.mm:
        (WebCore::AVCaptureDeviceManager::getSourcesInfo):

2015-07-09  Per Arne Vollan  <peavo@outlook.com>

        [Win] Add memory pressure handler.
        https://bugs.webkit.org/show_bug.cgi?id=146685

        Reviewed by Brent Fulgham.

        Add memory pressure handler implementation on Windows.
        We check the memory usage at regular intervals with a timer.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::releaseMemory):
        (WebCore::MemoryPressureHandler::install):
        (WebCore::MemoryPressureHandler::uninstall):
        (WebCore::MemoryPressureHandler::holdOff):
        * platform/win/MemoryPressureHandlerWin.cpp: Added.
        (WebCore::CheckMemoryTimer::CheckMemoryTimer):
        (WebCore::CheckMemoryTimer::fired):
        (WebCore::CheckMemoryTimer::handleMemoryLow):
        (WebCore::MemoryPressureHandler::platformReleaseMemory):
        (WebCore::memCheckTimer):
        (WebCore::MemoryPressureHandler::install):
        (WebCore::MemoryPressureHandler::uninstall):
        (WebCore::MemoryPressureHandler::holdOff):
        (WebCore::MemoryPressureHandler::respondToMemoryPressure):
        (WebCore::MemoryPressureHandler::ReliefLogger::platformMemoryUsage):
        (WebCore::MemoryPressureHandler::ReliefLogger::platformLog):
        * platform/win/Win32Handle.h:
        (WebCore::Win32Handle::operator=):

2015-07-09  Matthew Daiter  <mdaiter@apple.com>

        Exposed AVVideoCaptureSource's bounds
        https://bugs.webkit.org/show_bug.cgi?id=146760
        <rdar://problem/21736772>

        Reviewed by Brent Fulgham.

        * platform/mediastream/mac/AVVideoCaptureSource.h:
        (WebCore::AVVideoCaptureSource::width): Needed access to video width
        (WebCore::AVVideoCaptureSource::height): Needed access to video height

2015-07-09  Karlen Simonyan  <szkarlen@gmail.com>

        [WinCairo] ClearType should be enabled on Cairo port
        https://bugs.webkit.org/show_bug.cgi?id=145492

        Reviewed by Brent Fulgham.

        * platform/graphics/win/FontPlatformDataCairoWin.cpp:
        (WebCore::FontPlatformData::FontPlatformData):
        Use CAIRO_ANTIALIAS_BEST instead of CAIRO_ANTIALIAS_GRAY.

2015-07-02  Chris Fleizach  <cfleizach@apple.com>

        AX: <details> element should allow expand/close through AX API
        https://bugs.webkit.org/show_bug.cgi?id=146549

        Reviewed by Mario Sanchez Prada.

        Allow AXExpanded to be writeable for <details> element, which, when set
        will toggle the opening and closing of the element. 
        Post a notification when that happens as well.

        Modified test: platform/mac/accessibility/details-summary.html

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::hierarchicalLevel):
        (WebCore::AccessibilityNodeObject::setIsExpanded):
        (WebCore::shouldUseAccessibilityObjectInnerText):
        * accessibility/AccessibilityNodeObject.h:
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::supportsPressAction):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::canSetExpandedAttribute):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityIsAttributeSettable:]):
        (-[WebAccessibilityObjectWrapper _accessibilitySetValue:forAttribute:]):
        * html/HTMLDetailsElement.cpp:
        (WebCore::HTMLDetailsElement::toggleOpen):

2015-07-09  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Prevent crashes with plugins.
        https://bugs.webkit.org/show_bug.cgi?id=146705
        rdar://problem/20855444

        Reviewed by Brady Eidson.

        * loader/NetscapePlugInStreamLoader.cpp:
        (WebCore::NetscapePlugInStreamLoader::create):
        Call addPlugInStreamLoader in ResourceLoader::willSendRequest to always add blocked loads.
        * loader/NetscapePlugInStreamLoader.h:
        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::willSendRequest):
        Removed unnecessary early returns.
        * loader/ResourceLoader.h:
        (WebCore::ResourceLoader::isPlugInStreamLoader):

2015-07-09  Brent Fulgham  <bfulgham@apple.com>

        [Win] Honor CACFLayer content scale factor
        https://bugs.webkit.org/show_bug.cgi?id=146792

        Reviewed by Dean Jackson.

        * AVFoundationSupport.py: Check for the CACFLayerSet/GetContentsScale
        * platform/graphics/ca/win/PlatformCALayerWin.cpp:
        (PlatformCALayerWin::PlatformCALayerWin): Use owner's scale factor (if
        present).
        (PlatformCALayerWin::contentsScale): Use CACFLayer API if present.
        (PlatformCALayerWin::setContentsScale): Ditto.
        * platform/graphics/ca/win/PlatformCALayerWinInternal.cpp:
        (PlatformCALayerWinInternal::PlatformCALayerWinInternal): Use owner's scale
        factor (if present).
        (PlatformCALayerWinInternal::addTile): Use tile parent's scale factor.

2015-07-08  Matt Rajca  <mrajca@apple.com>

        Media Session: report to chrome client 'hasActiveMediaElements' changes
        https://bugs.webkit.org/show_bug.cgi?id=146745

        Reviewed by Eric Carlson.

        * Modules/mediasession/MediaSession.cpp: All updates to active media elements are now funneled through a helper
          method that will invoke the 'hasMediaSessionWithActiveMediaElementsDidChange' callback when necessary.
        (WebCore::MediaSession::removeMediaElement):
        (WebCore::MediaSession::changeActiveMediaElements):
        (WebCore::MediaSession::addActiveMediaElement):
        (WebCore::MediaSession::releaseSession):
        * Modules/mediasession/MediaSession.h:
        * Modules/mediasession/MediaSessionManager.cpp:
        (WebCore::MediaSessionManager::hasActiveMediaElements):
        * Modules/mediasession/MediaSessionManager.h:

2015-07-09  Darin Adler  <darin@apple.com>

        REGRESSION (r182866): repeated prompts for password on internal Apple website using workers
        https://bugs.webkit.org/show_bug.cgi?id=146769

        Reviewed by Sam Weinig.

        Not sure how to make a regression test for this. Sure would be nice to have one though.

        * loader/ThreadableLoader.cpp:
        (WebCore::ThreadableLoaderOptions::ThreadableLoaderOptions): Added. Calls through to the
        base class copy constructor to copy data members of the base class (the lack of this was
        the bug). Also initializes all the data members of this class.
        (WebCore::ThreadableLoaderOptions::isolatedCopy): Changed to call the constructor above.

        * loader/ThreadableLoader.h: Added new constructor.

2015-07-09  Chris Fleizach  <cfleizach@apple.com>

        AX: VoiceOver cannot get to any content in Yahoo Mail messages table
        https://bugs.webkit.org/show_bug.cgi?id=146674

        Reviewed by Darin Adler.

        A table row could have any number of parent elements in the render tree, but for the purposes
        of accessibility we only want to report the AXTable as the parent so that it looks like a sane
        data table.

        Test: accessibility/aria-table-with-presentational-elements.html

        * accessibility/AccessibilityARIAGridRow.cpp:
        (WebCore::AccessibilityARIAGridRow::disclosedByRow):
        (WebCore::AccessibilityARIAGridRow::parentObjectUnignored):
        (WebCore::AccessibilityARIAGridRow::parentTable):
        * accessibility/AccessibilityARIAGridRow.h:

2015-07-08  Sungmann Cho  <sungmann.cho@navercorp.com>

        [GTK] The "Missing Plug-in" buttons are not showing up on some flash contents.
        https://bugs.webkit.org/show_bug.cgi?id=146707

        Reviewed by Martin Robinson.

        Currently, WebKitGTK+ doesn't show the "Missing Plug-in" buttons if the plugin-related tags
        don't have a "type" attribute. In such a case, WebCore tries to guess the MIME type from
        the extensions by using MIMETypeRegistry::getMIMETypeForExtension(). For WebKitGTK+,
        MIMETypeRegistry::getMIMETypeForExtension() goes through |extensionMap|, which is a simple
        array of <extension, mime type>, looking for the mime type for the given extension.
        But |extensionMap| in MIMETypeRegistryGtk.cpp doesn't have the information for ".swf",
        so WebCore fails to guess the MIME type and regard the content type as ObjectContentFrame,
        not ObjectContentNetscapePlugin.

        * platform/gtk/MIMETypeRegistryGtk.cpp:

2015-07-08  Brady Eidson  <beidson@apple.com>

        Crash calling [WebView close] in didFinishLoadForFrame callback.
        <rdar://problem/21690765> and https://bugs.webkit.org/show_bug.cgi?id=146773

        Reviewed by David Kilzer.

        Added API Test "WebViewCloseInsideDidFinishLoadForFrame"

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::checkLoadCompleteForThisFrame): After the delegate callback,
          don't use the local Page* variable from earlier, but instead refetch it from m_frame.

2015-07-08  Daniel Bates  <dabates@apple.com>

        Cleanup: Make ContentSecurityPolicy::ReportingStatus an enum class
        https://bugs.webkit.org/show_bug.cgi?id=146670

        Reviewed by Darin Adler.

        Make calling the ContentSecurityPolicy::allow* functions less error prone by making
        ContentSecurityPolicy::ReportingStatus an enum class. Among other benefits this will
        prevent a caller from inadvertently passing an enumerator of ContentSecurityPolicy::ReportingStatus
        as the boolean argument overridingContentSecurityPolicy, which is taken by the various
        ContentSecurityPolicy::allow* functions, by causing a compile-time error (since an enum class
        enumerator cannot be implicitly converted to an integral type).

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::initScript):
        * page/ContentSecurityPolicy.cpp:
        (WebCore::CSPDirectiveList::allowJavaScriptURLs):
        (WebCore::CSPDirectiveList::allowInlineEventHandlers):
        (WebCore::CSPDirectiveList::allowInlineScript):
        (WebCore::CSPDirectiveList::allowInlineStyle):
        (WebCore::CSPDirectiveList::allowEval):
        (WebCore::CSPDirectiveList::allowPluginType):
        (WebCore::CSPDirectiveList::allowScriptFromSource):
        (WebCore::CSPDirectiveList::allowObjectFromSource):
        (WebCore::CSPDirectiveList::allowChildFrameFromSource):
        (WebCore::CSPDirectiveList::allowImageFromSource):
        (WebCore::CSPDirectiveList::allowStyleFromSource):
        (WebCore::CSPDirectiveList::allowFontFromSource):
        (WebCore::CSPDirectiveList::allowMediaFromSource):
        (WebCore::CSPDirectiveList::allowConnectToSource):
        (WebCore::CSPDirectiveList::allowFormAction):
        (WebCore::CSPDirectiveList::allowBaseURI):
        (WebCore::ContentSecurityPolicy::didReceiveHeader):
        (WebCore::ContentSecurityPolicy::evalDisabledErrorMessage):
        * page/ContentSecurityPolicy.h:
        * page/DOMSecurityPolicy.cpp:
        (WebCore::DOMSecurityPolicy::allowsEval):

2015-07-08  Matthew Daiter  <mdaiter@apple.com>

        Activate DOMURLMediaStream
        https://bugs.webkit.org/show_bug.cgi?id=146764
        <rdar://problem/21738101>

        Reviewed by Eric Carlson.

        * DerivedSources.make: Added DOMURLMediaStream.idl to list
        * WebCore.xcodeproj/project.pbxproj: Added DOMURLMediaStream.cpp and
        DOMURLMediaStream.h to compile

2015-07-08  Matthew Daiter  <mdaiter@apple.com>

        Make sure MediaStream uses blob protocol
        https://bugs.webkit.org/show_bug.cgi?id=146752
        <rdar://problem/21736057>

        Reviewed by Eric Carlson.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::selectNextSourceChild): Added MediaStream
        blob protocol

2015-07-08  Andreas Kling  <akling@apple.com>

        Videos on apple.com don't show up when restored from page cache.
        <https://webkit.org/b/146766>
        <rdar://problem/21712311>

        Reviewed by Darin Adler.

        Break out most of HTMLMediaElement::stop() (override of ActiveDOMObject::stop(), to be clear)
        into a stopWithoutDestroyingMediaPlayer() function that both stop() and suspend() can call.

        Before this change, suspend() would call stop() when moving into the page cache, killing the
        internal MediaPlayer object which caused the video to disappear from the page.

        Test: LayoutTests/media/restore-from-page-cache.html (amended)

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::stopWithoutDestroyingMediaPlayer):
        (WebCore::HTMLMediaElement::stop):
        (WebCore::HTMLMediaElement::suspend):
        * html/HTMLMediaElement.h:

2015-07-08  Matthew Daiter  <mdaiter@apple.com>

        Make MediaStream conform to its private client like MediaSource does
        https://bugs.webkit.org/show_bug.cgi?id=146756
        <rdar://problem/21736457>

        Reviewed by Brent Fulgham.

        MediaStream should be inheriting its PrivateClient's getters and
        setters for RefCounted, not inheriting its own.

        * Modules/mediastream/MediaStream.h: Changed MediaStream's inherit
        statements
        * platform/mediastream/MediaStreamPrivate.h: Changed
        MediaStreamPrivateClient to inherit RefCounted<MediaStreamPrivateClient>

2015-07-08  Matthew Daiter  <mdaiter@apple.com>

        Made AVMediaCaptureSource's session accessor public
        https://bugs.webkit.org/show_bug.cgi?id=146758
        <rdar://problem/21736651>

        Reviewed by Brent Fulgham.

        * platform/mediastream/mac/AVMediaCaptureSource.h:
        (WebCore::AVMediaCaptureSource::session): Changed to public

2015-07-08  Matthew Daiter  <mdaiter@apple.com>

        Make sure MediaStream engine loaded for interpreting MediaStreams
        https://bugs.webkit.org/show_bug.cgi?id=146748
        <rdar://problem/21735416>

        Reviewed by Brent Fulgham.

        Prevent the MediaSource engine from being used to process
        MediaStreams, since they are not compatible

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: 
        (WebCore::MediaPlayerPrivateAVFoundationObjC::supportsType):
        Changed MediaStream to never be loaded
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::supportsType): 
        Changed MediaStream to never be loaded


2015-07-08  Benjamin Poulain  <bpoulain@apple.com>

        [Content Extensions] Fuse undistinguishable actions as much as possible
        https://bugs.webkit.org/show_bug.cgi?id=146762

        Reviewed by Alex Christensen.

        Our previous code that fused actions was based on test lists that were
        grouping similar actions in the input.

        The input we get from developers is more distributed. It is very common to
        have trigger flags all over the place, and "css-display-none" mixed with "block".

        This patch refines the merging code to merge those cases as much as possible.

        The size taken by the actions is negligible, but having different actions make
        nodes unkillable by the Minimizer. By merging many more actions, the minimizer
        no longer see those subtrees as distinguishable and can do a better job.

        On a large test list, this cuts the bytecode size by 2 megabytes.

        Tests: http/tests/contentextensions/css-display-none-after-ignore-previous-rules.html
               http/tests/contentextensions/single-css-display-none.html

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::resolvePendingDisplayNoneActions):
        (WebCore::ContentExtensions::serializeActions):

2015-07-08  Matthew Daiter  <mdaiter@apple.com>

        Cleared contentMIMETypes for MediaStreams
        https://bugs.webkit.org/show_bug.cgi?id=146750
        <rdar://problem/21735678>

        Reviewed by Brent Fulgham.

        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::load): Needed to clear contentMIMETypes

2015-07-08  Dean Jackson  <dino@apple.com>

        Audio elements with controls force their enclosing stacking context to composite
        https://bugs.webkit.org/show_bug.cgi?id=146751
        <rdar://problem/21466572>

        Reviewed by Simon Fraser.

        There were a number of issues with audio controls, on both iOS and OS X.

        - they used a blurry background which was not the intended design
        - they cause the page to composite, which causes a degradation in
          text rendering quality
        - they inserted 20px of padding above every audio element, which
          could break existing page designs.

        Removing the need for compositing and blending means that the
        colors used for control tints need to be adjusted for the non-blended
        case. Wherever I could, I kept as much as possible in a shared
        rule and made specific changes for audio or video.

        The controls were also unintentionally relying on the compositing
        to create stacking contexts and control the rendering order. Without
        them, I needed to add some explicit stacking.

        I also made some drive-by whitespace clean-ups.

        * Modules/mediacontrols/mediaControlsApple.css: Remove as much compositing
        as possible in audio controls.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.drawTimelineBackground): Use specific colors for audio.

        * Modules/mediacontrols/mediaControlsiOS.css: Remove as much need for compositing
        as possible.

2015-07-08  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Crash when appending an SVG <use> element dynamically which has animated SVG <path> element
        https://bugs.webkit.org/show_bug.cgi?id=146690
        <rdar://problem/20790376>

        Reviewed by Dean Jackson.

        Test: svg/animations/insert-animate-use-path-while-animation.svg

        The crashing call stack shows that
        SVGAnimatedListPropertyTearOff<SVGPathSegList>::m_animVal is null when
        trying to access it in synchronizeWrappersIfNeeded(). This happens because
        animationStarted() was not called for this animatedType.
        
        SVGAnimateElementBase::resetAnimatedType() calls
        SVGAnimatedPathAnimator::startAnimValAnimation() at the beginning of the
        animation. For the target element and all its instances, this function calls
        SVGAnimatedPathSegListPropertyTearOff::animationStarted() which calls
        SVGAnimatedListPropertyTearOff<SVGPathSegList>::animationStarted(). This
        last function allocates the member m_animVal when calling
        SVGAnimatedListPropertyTearOff<SVGPathSegList>::animVal(). 
        
        When adding a new instance of the same animating target element, 
        SVGAnimateElementBase::resetAnimatedType() just keeps calling
        SVGAnimatedPathAnimator::animValDidChange() for all the instances of the
        targetElement without ensuring that all of them have started their
        animations.
        
        The fix is to make SVGAnimatedPathAnimator::resetAnimValToBaseVal() ensure
        that animationStarted() is called for the targetElement and all its instances.

        * svg/SVGAnimatedPath.cpp:
        (WebCore::SVGAnimatedPathAnimator::startAnimValAnimation): Move resetting
        the animation value and starting the animatedTypes code to a new overriding
        function which is named resetAnimValToBaseVal().
        
        (WebCore::SVGAnimatedPathAnimator::resetAnimValToBaseVal): Call the overriding
        function which calls buildSVGPathByteStreamFromSVGPathSegList() as before
        and ensure that all the animatedTypes have started their animations.
        
        * svg/SVGAnimatedPath.h:

2015-07-08  Brady Eidson  <beidson@apple.com>

        Move PingLoaders to the NetworkingProcess.
        <rdar://problem/18860263> and https://bugs.webkit.org/show_bug.cgi?id=146710

        Reviewed by Tim Horton.

        No new tests.
        There's no current solution for communicating back to a page that a ping load has reached its target.
        Until we have such a solution, any attempt at a layout test will be fragile at best.

        * WebCore.xcodeproj/project.pbxproj:
        
        * loader/LoaderStrategy.cpp:
        (WebCore::LoaderStrategy::createPingHandle): Default implementation is create the PingHandle directly.
        * loader/LoaderStrategy.h:

        PingLoader becomes a static class for now that crafts the ResourceRequest then passes it off
        to the LoaderStrategy:        
        * loader/PingLoader.cpp:
        (WebCore::PingLoader::loadImage):
        (WebCore::PingLoader::sendPing):
        (WebCore::PingLoader::sendViolationReport):
        (WebCore::PingLoader::startPingLoad):
        (WebCore::PingLoader::createPingLoader): Deleted.
        (WebCore::PingLoader::PingLoader): Deleted.
        (WebCore::PingLoader::~PingLoader): Deleted.
        * loader/PingLoader.h:
        (WebCore::PingLoader::timeoutTimerFired): Deleted.

        PingHandle does what PingLoader used to - It's a basic ResourceHandleClient that simply waits
        for any response/completion/failure and then deletes itself.
        * platform/network/PingHandle.h: Added.
        (WebCore::PingHandle::PingHandle):
        (WebCore::PingHandle::usesAsyncCallbacks):
        (WebCore::PingHandle::timeoutTimerFired):
        (WebCore::PingHandle::~PingHandle):

2015-07-08  Csaba Osztrogonác  <ossy@webkit.org>

        Add new sources to StyleAllInOne.cpp
        https://bugs.webkit.org/show_bug.cgi?id=146584

        Reviewed by Brent Fulgham.

        * WebCore.vcxproj/WebCore.vcxproj:
        * rendering/style/StyleAllInOne.cpp:

2015-07-08  Csaba Osztrogonác  <ossy@webkit.org>

        Add new sources to DOMAllInOne.cpp
        https://bugs.webkit.org/show_bug.cgi?id=146587

        Reviewed by Brent Fulgham.

        * WebCore.vcxproj/WebCore.vcxproj:
        * dom/DOMAllInOne.cpp:

2015-07-08  Csaba Osztrogonác  <ossy@webkit.org>

        Add new sources to AccessibilityAllInOne.cpp
        https://bugs.webkit.org/show_bug.cgi?id=146582

        Reviewed by Brent Fulgham.

        * WebCore.vcxproj/WebCore.vcxproj:
        * accessibility/AccessibilityAllInOne.cpp:

2015-07-08  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Two clicks required to enable AirPlay at youtube.com
        https://bugs.webkit.org/show_bug.cgi?id=146733
        <rdar://problem/21556356>

        Reviewed by Brent Fulgham.

        * Modules/mediasession/WebMediaSessionManager.cpp:
        (WebCore::WebMediaSessionManager::clientStateDidChange): Only log when state has changed.
          Don't steal the route if another client is actively playing to the device.
        (WebCore::WebMediaSessionManager::setPlaybackTarget): Set m_targetChanged.
        (WebCore::WebMediaSessionManager::configurePlaybackTargetClients): Don't consider the
          requestedPicker flag until after a target change.
        * Modules/mediasession/WebMediaSessionManager.h:

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::webkitShowPlaybackTargetPicker): Add logging.
        (WebCore::HTMLMediaElement::setShouldPlayToPlaybackTarget): Ditto.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldPlayToPlaybackTarget): Always log.

2015-07-08  Zalan Bujtas  <zalan@apple.com>

        Do not waste window server memory for placeholder windows initiated by ThemeMac.
        https://bugs.webkit.org/show_bug.cgi?id=146730
        rdar://problem/20321222

        Using defer:YES prevents us from wasting any window server resources for WebCoreThemeWindow(s).

        Patch by Darin Adler.
        Reviewed by Zalan Bujtas.

        Not testable.

        * platform/mac/ThemeMac.mm:
        (-[WebCoreThemeView window]):

2015-07-08  Xabier Rodriguez Calvar  <calvaris@igalia.com>

        [GTK] Deactivate GObject bindings for static methods
        https://bugs.webkit.org/show_bug.cgi?id=146717

        Reviewed by Carlos Garcia Campos.

        Static methods are currently not supported by GObject bindings so we deactivate them from the generation.

        Current tests suffice. Expectations updated.

        * bindings/scripts/CodeGeneratorGObject.pm:
        (SkipFunction): Skip isStatic functions.
        * bindings/scripts/test/GObject/WebKitDOMTestInterface.h:
        * bindings/scripts/test/GObject/WebKitDOMTestInterface.cpp:
        (webkit_dom_test_interface_implements_method4): Deleted.
        (webkit_dom_test_interface_supplemental_method4): Deleted.
        * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
        * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
        (webkit_dom_test_obj_class_method): Deleted.
        (webkit_dom_test_obj_class_method_with_optional): Deleted.
        (webkit_dom_test_obj_overloaded_method1): Deleted.

2015-07-07  Benjamin Poulain  <bpoulain@apple.com>

        Remove the overflow checks from the important vectors used by the content extensions machines
        https://bugs.webkit.org/show_bug.cgi?id=146703

        Reviewed by Andreas Kling.

        Most of the overflow checks cannot be eliminated by clang. Removing them
        explicitly removes 400 ms from the compile time of a very large test list.

        * contentextensions/ContentExtensionsDebugging.h:
        * contentextensions/DFA.h:
        * contentextensions/DFACombiner.cpp:
        * contentextensions/DFAMinimizer.cpp:
        * contentextensions/ImmutableNFA.h:
        * contentextensions/MutableRangeList.h:
        * contentextensions/NFAToDFA.cpp:
        (WebCore::ContentExtensions::epsilonClosureExcludingSelf):
        (WebCore::ContentExtensions::resolveEpsilonClosures):
        (WebCore::ContentExtensions::extendSetWithClosure):
        (WebCore::ContentExtensions::DataConverterWithEpsilonClosure::convert):
        (WebCore::ContentExtensions::DataConverterWithEpsilonClosure::extend):
        (WebCore::ContentExtensions::createCombinedTransition):
        (WebCore::ContentExtensions::getOrCreateDFANode):
        (WebCore::ContentExtensions::NFAToDFA::convert):

2015-07-07  Dean Jackson  <dino@apple.com>

        [iOS] MediaControls: Start Play and Can't Play buttons need to be cutout and blurred
        https://bugs.webkit.org/show_bug.cgi?id=146226

        Reviewed by Simon Fraser.

        This patch takes what Said Abou-Hallawa posted in an earlier revision and
        makes a few tweaks to workaround the bugs he's listed.

        Replicate the iOS System blur backdrop in pure CSS, so that the large
        start button looks more correct. Also add artwork for a failure state.

        * Modules/mediacontrols/mediaControlsiOS.css: New style rules for the start
        button, which now is a collection of elements rather than a <button>.
        (video::-webkit-media-controls-start-playback-button):
        (video::-webkit-media-controls-start-playback-background):
        (video::-webkit-media-controls-start-playback-tint):

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.createBase): Replace the <button> with the hierarchy of
        elements to replicate the blur. Give some of them a class attribute, so they
        can match selectors (see the bugs Said filed in the original bugzilla).
        (ControllerIOS.prototype.handleStartPlaybackButtonTouchStart): Toggle classes on
        the hierarchy as needed.
        (ControllerIOS.prototype.handleStartPlaybackButtonTouchEnd): Ditto.
        (ControllerIOS.prototype.updateStatusDisplay): Ditto.

2015-07-07  Zalan Bujtas  <zalan@apple.com>

        Crash when parent iframe is set to display none and the child frame is mutated the same time.
        https://bugs.webkit.org/show_bug.cgi?id=146699
        rdar://problem/16207881

        Reviewed by Andreas Kling.

        When the parent iframe is set to display: none, we destroy the associated renderer (RenderIFrame).
        However if the child frame is mutated the same time, during layout we try to access this RenderIFrame
        to check whether it needs frame flattening.
        This patch checks whether the parent render widget is still valid.

        Test: fast/frames/crash-display-none-iframe-during-onbeforeload.html

        * page/FrameView.cpp:
        (WebCore::FrameView::isInChildFrameWithFrameFlattening): rearrange early returns.

2015-07-06  Matt Rajca  <mrajca@apple.com>

        Media Session: remove seek forward/backward attributes
        https://bugs.webkit.org/show_bug.cgi?id=146645

        Reviewed by Eric Carlson.

        * Modules/mediasession/MediaRemoteControls.h:
        * Modules/mediasession/MediaRemoteControls.idl:

2015-07-07  Brent Fulgham  <bfulgham@apple.com>

        REGRESSION (r183133-r183138): Secondary clicking in whitespace selects preceding word
        https://bugs.webkit.org/show_bug.cgi?id=146695
        <rdar://problem/21441466>

        Reviewed by Tim Horton.

        When we would currently use dictionary lookup to decide on our text selection, first check if we
        are targeting an editable field. If we are, use the original selection behavior. Otherwise, use
        the new "dictionary lookup" selection.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::selectClosestContextualWordOrLinkFromMouseEvent): Only use dictionary lookup
        when our target node is not editable.
        

2015-07-07  Brady Eidson  <beidson@apple.com>

        Another attempt to fix CURL/Soup builds after r186476

        Reviewed by NOBODY.

        * platform/network/curl/SocketStreamHandle.h:

        * platform/network/soup/SocketStreamHandle.h:

2015-07-07  Brady Eidson  <beidson@apple.com>

        Attempt to fix CURL/Soup builds after r186476

        Reviewed by NOBODY.

        * platform/network/curl/SocketStreamHandle.h:
        (WebCore::SocketStreamHandle::create):

        * platform/network/soup/SocketStreamHandle.h:
        (WebCore::SocketStreamHandle::create):

2015-07-07  Brady Eidson  <beidson@apple.com>

        HTTP Auth cached after disabling private browsing/reset.
        <rdar://problem/8293055> and https://bugs.webkit.org/show_bug.cgi?id=146654

        Reviewed by Tim Horton.

        Test: http/tests/security/private-browsing-http-auth.html

        - Change most static CredentialStorage methods to be instance methods instead.
        - Make a CredentialStorage objects be per-NetworkStorageSession.

        * Modules/websockets/WebSocketChannel.cpp:
        (WebCore::WebSocketChannel::WebSocketChannel):
        (WebCore::WebSocketChannel::connect): Only start the web socket load if a networking
          context is available.

        * platform/network/CredentialStorage.cpp:
        (WebCore::CredentialStorage::defaultCredentialStorage): Returns the credential storage
          from the default NetworkStorageSession.
        (WebCore::CredentialStorage::set):
        (WebCore::CredentialStorage::get):
        (WebCore::CredentialStorage::remove):
        (WebCore::CredentialStorage::findDefaultProtectionSpaceForURL):
        (WebCore::CredentialStorage::clearCredentials):
        (WebCore::protectionSpaceToCredentialMap): Deleted.
        (WebCore::originsWithCredentials): Deleted.
        (WebCore::pathToDefaultProtectionSpaceMap): Deleted.
        (WebCore::findDefaultProtectionSpaceForURL): Deleted.
        (WebCore::CredentialStorage::setPrivateMode): Deleted. Was a no-op anyways.
        * platform/network/CredentialStorage.h:
        
        * platform/network/NetworkStorageSession.h:
        (WebCore::NetworkStorageSession::credentialStorage):
        
        * platform/network/cf/ResourceHandleCFNet.cpp:
        (WebCore::ResourceHandle::createCFURLConnection):
        (WebCore::ResourceHandle::willSendRequest):
        (WebCore::ResourceHandle::didReceiveAuthenticationChallenge):
        (WebCore::ResourceHandle::receivedCredential):
        
        * platform/network/cf/SocketStreamHandle.h:
        (WebCore::SocketStreamHandle::create):
        * platform/network/cf/SocketStreamHandleCFNet.cpp:
        (WebCore::SocketStreamHandle::SocketStreamHandle):
        (WebCore::SocketStreamHandle::getStoredCONNECTProxyCredentials):
        (WebCore::getStoredCONNECTProxyCredentials): Deleted.
        
        * platform/network/curl/ResourceHandleCurl.cpp:
        (WebCore::ResourceHandle::didReceiveAuthenticationChallenge):
        (WebCore::ResourceHandle::receivedCredential):
        * platform/network/curl/ResourceHandleManager.cpp:
        (WebCore::ResourceHandleManager::applyAuthenticationToRequest):
        
        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::ResourceHandle::createNSURLConnection):
        (WebCore::ResourceHandle::willSendRequest):
        (WebCore::ResourceHandle::didReceiveAuthenticationChallenge):
        (WebCore::ResourceHandle::receivedCredential):
        
        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::applyAuthenticationToRequest):
        (WebCore::ResourceHandle::didReceiveAuthenticationChallenge):
        (WebCore::ResourceHandle::receivedCredential):
        
2015-07-07  Zalan Bujtas  <zalan@apple.com>

        REGRESSION(169105): CSS Regions: renderer returns wrong selection root when it is inside a column flow.
        https://bugs.webkit.org/show_bug.cgi?id=146529
        rdar://problem/21613670

        Reviewed by Mihnea Ovidenie and David Kilzer.

        This patch ensures that RenderObject::selectionRoot() handles column flows properly while searching for the associated
        selection root.
        When the renderer is inside a column flow and the column flow is part of a named flow, we stop
        traversing the ancestor chain, searching for the selection root, when we reach the column flow.
        Since the column flow is not a selection root, we mistakenly fall back to the RenderView as selection root.
        Instead, we should check if the column is inside a named flow and return the selection root accordingly.
        Returning the wrong selection root confuses RenderView::splitSelectionBetweenSubtrees() logic and this particular
        RenderObject could end up in multiple selection trees.

        Test: fast/regions/selection/crash-when-element-is-inside-column-and-the-containing-block-is-inside-flow.html

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::selectionRoot):

2015-07-07  Brent Fulgham  <bfulgham@apple.com>

        [Mac] REGRESSION (r184794): Play/Pause control doesn't update state in full screen
        https://bugs.webkit.org/show_bug.cgi?id=146689
        <rdar://problem/21393490>

        Reviewed by Dean Jackson.

        The changes in r184794 did not take full screen mode into account. This needed to be corrected.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.handlePanelTransitionEnd):
        (Controller.prototype.setPlaying):
        (Controller.prototype.showControls):

2015-07-07  Wenson Hsieh  <whsieh@berkeley.edu>
        
        Snap point regions containing X and Y snap points should do a better job animating
        https://bugs.webkit.org/show_bug.cgi?id=142523
        <rdar://problem/20100753>

        Reviewed by Brent Fulgham.

        Reimplemented snap point animations to use a single timer for both horizontal and
        vertical axes to better support 2D snap scrolling. Instead of making velocity
        dependent on progress to the snap point and handling 2D snapping with different
        timer update functions, this implementation uses a fixed animation time to coordinate
        the snapping animation across both axes.

        Test: platform/mac-wk2/tiled-drawing/scrolling/scroll-snap/scroll-snap-mandatory-2d-overflow.html

        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h: Refactored to use a single scroll snap timer.
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm: See above.
        (WebCore::ScrollingTreeFrameScrollingNodeMac::startScrollSnapTimer): See above.
        (WebCore::ScrollingTreeFrameScrollingNodeMac::stopScrollSnapTimer): See above.
        * platform/cocoa/ScrollController.h: Refactored to use a single scroll snap timer and update function to handle
            snapping in both axes. This entails removing the ScrollEventAxis parameter from various functions below. Also
            removed methods that computed "snap" and "glide" offsets.
        (WebCore::ScrollControllerClient::startScrollSnapTimer): See above.
        (WebCore::ScrollControllerClient::stopScrollSnapTimer): See above.
        * platform/cocoa/ScrollController.mm: See above.
        (WebCore::ScrollController::ScrollController): Added new constants used to compute animation offsets.
        (WebCore::ScrollController::snapRubberBandTimerFired):  Added a check to prevent the rubber band timer from firing
            alongside the scroll snap timer. This results in scroll snapping taking precedence over rubber banding when
            scrolling against the edge of a container in the case of 2D scrolling. We didn't run into this issue before
            because snapping wasn't working properly at the edges of a 2D scrolling container. In the future, we may want
            to unify both snap scrolling and rubber banding timers to solve this issue.
        (WebCore::ScrollController::isScrollSnapInProgress): Refactored to use a single scroll snap timer.
        (WebCore::ScrollController::processWheelEventForScrollSnapOnAxis): Fixed an issue where wheel deltas were being pushed
            to the snap state incorrectly.
        (WebCore::ScrollController::processWheelEventForScrollSnap): Fixed an issue with 2D snapping where scrolling in 2 axes
            simultaneously would cause the vertical axis to override the horizontal axis. This is more like a sub-issue of fixing
            2D scrolling, and is required for 2D snap animations to work properly.
        (WebCore::ScrollController::startScrollSnapTimer): Refactored to use a single scroll snap timer.
        (WebCore::ScrollController::stopScrollSnapTimer): See above.
        (WebCore::ScrollController::scrollSnapTimerFired): This new method handles snap scroll updates on both axes.
        (WebCore::ScrollController::beginScrollSnapAnimation): Refactored to account for single scroll snap timer.
        (WebCore::ScrollController::endScrollSnapAnimation): See above.
        (WebCore::ScrollController::initializeScrollSnapAnimationParameters): New method that initializes parameters used to
            coordinate the animation state across horizontal and vertical axes.
        (WebCore::ScrollController::isSnappingOnAxis):  Checks whether or not a given axis is currently scroll snapping. This will
            return true in the case of active 2D scroll snapping.
        (WebCore::ScrollController::hasActiveScrollSnapTimerForAxis): Deleted.
        (WebCore::ScrollController::horizontalScrollSnapTimerFired): Deleted.
        (WebCore::ScrollController::verticalScrollSnapTimerFired): Deleted.
        (WebCore::ScrollController::scrollSnapAnimationUpdate): Deleted.
        (WebCore::ScrollController::initializeGlideParameters): Deleted.
        (WebCore::snapProgress): Deleted.
        (WebCore::clampedSnapMagnitude): Deleted.
        (WebCore::ScrollController::computeSnapDelta): Deleted.
        (WebCore::snapGlide): Deleted.
        (WebCore::ScrollController::computeGlideDelta): Deleted.
        * platform/cocoa/ScrollSnapAnimatorState.h:  Added a new datastructure, ScrollSnapAnimationCurveState, which tracks
            the scroll snap animation state across both axes.
        * platform/cocoa/ScrollSnapAnimatorState.mm: Removed fields relevant to the former "gliding" model and renamed the
            initial wheel delta variable to reflect this.
        (WebCore::ScrollSnapAnimatorState::averageInitialWheelDelta): Fixed an issue where wheel deltas were being pushed
            to the snap state incorrectly.
        (WebCore::ScrollSnapAnimatorState::clearInitialWheelDeltaWindow): Tiny for loop incrementor style fix.
        (WebCore::ScrollSnapAnimatorState::isSnapping): Checks whether this state is in either snapping or gliding mode.
        (WebCore::ScrollSnapAnimatorState::canReachTargetWithCurrentInitialScrollDelta): Checks whether the scroll velocity is
            consistent with the initial and target offsets.
        (WebCore::ScrollSnapAnimatorState::interpolatedOffsetAtProgress): Interpolates the offset for a given progress value.
        (WebCore::ScrollSnapAnimationCurveState::ScrollSnapAnimationCurveState): New constants.
        (WebCore::ScrollSnapAnimationCurveState::initializeSnapProgressCurve): Abstracts out part of the initialization process.
        (WebCore::ScrollSnapAnimationCurveState::initializeInterpolationCoefficientsIfNecessary): Abstracts out part of the
            initialization process.
        (WebCore::ScrollSnapAnimationCurveState::interpolatedPositionAtProgress): Abstracts out curve interpolation.
        (WebCore::ScrollSnapAnimationCurveState::shouldCompleteSnapAnimationImmediatelyAtTime): Added.
        (WebCore::ScrollSnapAnimationCurveState::animationProgressAtTime): Added.
        
2015-07-07  Chris Dumez  <cdumez@apple.com>

        Unreviewed, attempt to fix iOS build.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::setupFullscreen):

2015-07-07  Andreas Kling  <akling@apple.com>

        REGRESSION(r183706): HTMLImageElement sometimes fails to register as document named item.
        <https://webkit.org/b/146679>
        <rdar://problem/21613839>

        Reviewed by Antti Koivisto.

        After r183706, Element::hasName() no longer returns outdated information when called
        inside a parseAttribute() override. HTMLImageElement was relying on this to check
        if it *used* to have a name attribute before the currently parsing one was set.

        Since parseAttribute() only shows subclasses the new attribute value, I'm adding a
        flag to HTMLImageElement that remembers whether we had a name attribute or not.

        Test: fast/dom/HTMLImageElement/remove-img-with-name-from-document-crash.html

        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::parseAttribute):
        * html/HTMLImageElement.h:

2015-07-07  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] Remove ReadableStreamReader.read() custom binding
        https://bugs.webkit.org/show_bug.cgi?id=146643

        Reviewed by Darin Adler.

        Moved ReadableStreamReader.read handling from callbacks to promises.
        Introduced DOMPromiseIteratorWithCallback for that purpose: it takes resolve() to resolve a promise with a not-ending iterator value,
        resolveEnd() to resolve a promise with a terminating iterator value and reject().
        Added template helper routine to convert typed values to JS iterator wrapping the value.
        Removed ReadableStreamReader.read custom binding.

        Covered by rebased tests.

        * Modules/streams/ReadableStream.cpp: Updated code to use DOMPromiseIteratorWithCallback API.
        (WebCore::ReadableStream::releaseReader):
        (WebCore::ReadableStream::changeStateToErrored):
        (WebCore::ReadableStream::read):
        (WebCore::ReadableStream::resolveReadCallback):
        * Modules/streams/ReadableStream.h:
        * Modules/streams/ReadableStreamReader.cpp:
        (WebCore::ReadableStreamReader::read):
        * Modules/streams/ReadableStreamReader.h:
        * Modules/streams/ReadableStreamReader.idl: Removed custom binding.
        * bindings/js/JSDOMBinding.h:
        (WebCore::toJSIterator): create JS iterator from typed value.
        (WebCore::toJSIteratorEnd): create JS end iterator.
        * bindings/js/JSDOMPromise.cpp:
        (WebCore::DeferredWrapper::globalObject): Added globaObject getter and removed promise getter.
        * bindings/js/JSDOMPromise.h:
        (WebCore::DOMPromiseIteratorWithCallback::DOMPromiseIteratorWithCallback):
        (WebCore::Error>::resolve):
        (WebCore::Error>::resolveEnd):
        (WebCore::Error>::reject):
        * bindings/js/JSReadableStreamReaderCustom.cpp: Removed custom binding.

2015-07-06  Zalan Bujtas  <zalan@apple.com>

        REGRESSION: Slider thumb does not render properly (image tests with <input type="range">)
        https://bugs.webkit.org/show_bug.cgi?id=146669
        rdar://problem/21677831

        Reviewed by Simon Fraser.

        Draw NSSliderCell's knob only when slider's thumb paint is requested.

        Covered by existing tests.

        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::paintSliderThumb):

2015-07-06  Csaba Osztrogonác  <ossy@webkit.org>

        Move shouldIgnoreAttributeCase inline function to Element.h
        https://bugs.webkit.org/show_bug.cgi?id=146588

        Reviewed by Andreas Kling.

        * dom/Element.cpp:
        (WebCore::shouldIgnoreAttributeCase): Deleted.
        * dom/Element.h:
        (WebCore::shouldIgnoreAttributeCase):
        * dom/NamedNodeMap.cpp:
        (WebCore::shouldIgnoreAttributeCase): Deleted.

2015-07-06  Brent Fulgham  <bfulgham@apple.com>

        Ensure media playback is stopped during page close
        https://bugs.webkit.org/show_bug.cgi?id=146554
        <rdar://problem/18033944>

        Reviewed by Brady Eidson.

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::WebAudio::hostingDocument): Added.
        * Modules/webaudio/AudioContext.h:
        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::hostingDocument): Added.
        * dom/Document.cpp:
        (WebCore::Document::~Document): Call new 'stopAllMediaPlaybackForDocument' at destruction time.
        * platform/audio/PlatformMediaSession.h:
        Made PlatformMediaSessionManager a friend so it can access the protected 'client' accessor.
        Updated PlatformMediaSessionClient to require clients to have a "hostingDocument" member.
        * platform/audio/PlatformMediaSessionManager.cpp:
        (WebCore::PlatformMediaSessionManager::stopAllMediaPlaybackForDocument): Added. Only pauses
        playback on elements that match the provided document.
        (WebCore::PlatformMediaSessionManager::stopAllMediaPlaybackForProcess): Added. Pauses playback
        on all elements in the current process.
        * platform/audio/PlatformMediaSessionManager.h:

2015-07-06  Daniel Bates  <dabates@apple.com>

        Isolated worlds should respect Content Security Policy; User Agent Shadow DOM
        should be exempt from Content Security Policy
        https://bugs.webkit.org/show_bug.cgi?id=144830
        <rdar://problem/18860261>

        Inadvertently omitted argument overrideContentSecurityPolicy in calls to ContentSecurityPolicy::allowEval()
        that explicitly specified a report status. And the report status, which is an enum, was being implicitly
        converted to bool.

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::initScript):
        * page/DOMSecurityPolicy.cpp:
        (WebCore::DOMSecurityPolicy::allowsEval):

2015-07-06  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r186385.
        https://bugs.webkit.org/show_bug.cgi?id=146668

        crashes 3 webaudio tests in debug builds (Requested by
        alexchristensen on #webkit).

        Reverted changeset:

        "Ensure media playback is stopped during page close"
        https://bugs.webkit.org/show_bug.cgi?id=146554
        http://trac.webkit.org/changeset/186385

2015-07-06  Andreas Kling  <akling@apple.com>

        Crash when setting text direction via MakeTextWritingDirection* editing commands.
        <https://webkit.org/b/146665>
        <rdar://problem/20835477>

        Reviewed by Ryosuke Niwa.

        Fix two buggy clients of enclosingBlock(node) that would fail if the returned
        element is the same as the node passed in.

        Test: editing/style/change-text-direction-crash.html

        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::splitAncestorsWithUnicodeBidi):
        (WebCore::ApplyStyleCommand::removeEmbeddingUpToEnclosingBlock):

2015-07-06  Simon Fraser  <simon.fraser@apple.com>

        Revert use of  SVG <mask> elements for -webkit-mask-image (r176798, r177494)
        https://bugs.webkit.org/show_bug.cgi?id=146653

        Reviewed by Dean Jackson.

        Fixes rdar://problem/21435233.

        r177494 caused a number of regressions (bugs 141857, 146509, 146561), added new layering violations, and
        was not being maintained, so revert it.

        This patch reverts r176798.

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSValue.cpp:
        (WebCore::CSSValue::cssText): Deleted.
        (WebCore::CSSValue::destroy): Deleted.
        * css/CSSValue.h:
        (WebCore::CSSValue::isWebKitCSSResourceValue): Deleted.
        * css/StyleBuilderConverter.h:
        (WebCore::maskImageValueFromIterator): Deleted.
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::State::clear): Deleted.
        * css/StyleResolver.h:
        (WebCore::StyleResolver::State::maskImagesWithPendingSVGDocuments): Deleted.
        * css/WebKitCSSResourceValue.cpp: Removed.
        * css/WebKitCSSResourceValue.h: Removed.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::addCachedResource): Deleted.
        * loader/cache/CachedResourceLoader.h:
        * loader/cache/CachedSVGDocument.cpp:
        (WebCore::CachedSVGDocument::finishLoading):
        (WebCore::CachedSVGDocument::CachedSVGDocument): Deleted.
        * loader/cache/CachedSVGDocument.h:
        * loader/cache/CachedSVGDocumentReference.cpp:
        (WebCore::CachedSVGDocumentReference::CachedSVGDocumentReference):
        (WebCore::CachedSVGDocumentReference::~CachedSVGDocumentReference):
        (WebCore::CachedSVGDocumentReference::load):
        * loader/cache/CachedSVGDocumentReference.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::containsSVGDocument): Deleted.
        * page/FrameView.h:
        * page/Page.cpp:
        (WebCore::Page::createPageFromBuffer): Deleted.
        * page/Page.h:
        * platform/ScrollView.h:
        (WebCore::ScrollView::containsSVGDocument): Deleted.
        * platform/graphics/MaskImageOperation.cpp: Removed.
        * platform/graphics/MaskImageOperation.h: Removed.
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::RenderLayer): Deleted.
        * rendering/RenderLayer.h:
        * rendering/RenderLayerFilterInfo.cpp:
        * rendering/RenderLayerFilterInfo.h:
        * rendering/RenderLayerMaskImageInfo.h: Removed.
        * rendering/style/FillLayer.cpp:
        (WebCore::FillLayer::operator==):
        (WebCore::FillLayer::cullEmptyLayers):
        (WebCore::layerImagesIdentical):
        (WebCore::FillLayer::FillLayer): Deleted.
        (WebCore::FillLayer::operator=): Deleted.
        (WebCore::FillLayer::hasNonEmptyMaskImage): Deleted.
        (WebCore::FillLayer::imagesAreLoaded): Deleted.
        * rendering/style/FillLayer.h:
        (WebCore::FillLayer::maskImage): Deleted.
        (WebCore::FillLayer::imageOrMaskImage): Deleted.
        (WebCore::FillLayer::setMaskImage): Deleted.
        (WebCore::FillLayer::clearMaskImage): Deleted.
        (WebCore::FillLayer::hasMaskImage): Deleted.
        * rendering/svg/RenderSVGResourceMasker.cpp:
        (WebCore::RenderSVGResourceMasker::applyResource):
        (WebCore::RenderSVGResourceMasker::applySVGMask): Deleted.
        (WebCore::RenderSVGResourceMasker::drawMaskForRenderer): Deleted.
        * rendering/svg/RenderSVGResourceMasker.h:
        * svg/SVGMaskElement.cpp:
        (WebCore::SVGMaskElement::createElementRenderer):
        (WebCore::SVGMaskElement::addClientRenderLayer): Deleted.
        (WebCore::SVGMaskElement::removeClientRenderLayer): Deleted.
        * svg/SVGMaskElement.h:
        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::updateExternalDocument):
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::dataChanged):

2015-07-06  Simon Fraser  <simon.fraser@apple.com>

        Revert use of SVG <mask> elements for -webkit-mask-image (r176798, r177494, r186180)
        https://bugs.webkit.org/show_bug.cgi?id=146653

        Reviewed by Dean Jackson.

        Fixes rdar://problem/21435233.

        r177494 caused a number of regressions (bugs 141857, 146509, 146561), added new layering violations, and
        was not being maintained, so revert it.

        This patch reverts r177494.

        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseFillProperty):
        (WebCore::CSSParser::parseMaskImage): Deleted.
        * css/CSSParser.h:
        * css/CSSPropertyNames.in:
        * css/CSSValue.h:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertMaskImageOperations): Deleted.
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::loadPendingSVGDocuments):
        (WebCore::StyleResolver::loadPendingImages):
        (WebCore::StyleResolver::adjustStyleForMaskImages): Deleted.
        (WebCore::StyleResolver::applyMatchedProperties): Deleted.
        * css/StyleResolver.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::containsSVGDocument):
        * page/FrameView.h:
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):
        (WebCore::blendFunc): Deleted.
        (WebCore::MaskImagePropertyWrapper::MaskImagePropertyWrapper): Deleted.
        (WebCore::MaskImagePropertyWrapper::equals): Deleted.
        * platform/ScrollView.h:
        (WebCore::ScrollView::containsSVGDocument):
        * platform/graphics/MaskImageOperation.cpp:
        (WebCore::MaskImageOperation::~MaskImageOperation): Deleted.
        (WebCore::MaskImageOperation::operator==): Deleted.
        * platform/graphics/MaskImageOperation.h:
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::maskClipRect):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::updateFillImages):
        (WebCore::RenderElement::~RenderElement): Deleted.
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::~RenderLayer): Deleted.
        (WebCore::RenderLayer::calculateClipRects): Deleted.
        * rendering/RenderLayer.h:
        * rendering/RenderLayerMaskImageInfo.cpp: Removed.
        * rendering/style/FillLayer.h:
        (WebCore::FillLayer::image):
        (WebCore::FillLayer::imageOrMaskImage):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::setMaskImage): Deleted.
        * rendering/style/RenderStyle.h:

2015-07-06  Simon Fraser  <simon.fraser@apple.com>

        Revert use of SVG <mask> elements for -webkit-mask-image (r176798, r177494, r186180)
        https://bugs.webkit.org/show_bug.cgi?id=146653
        
        Fixes rdar://problem/21435233.

        This patch reverts r186180, but keeps the layout test.

        This feature caused a number of regressions (bugs 141857, 146509, 146561), added new layering violations, and
        was not being maintained, so revert it.
        
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource): Deleted.
        * loader/cache/CachedResourceRequest.h:
        (WebCore::CachedResourceRequest::acceptOverride): Deleted.
        (WebCore::CachedResourceRequest::setAcceptOverride): Deleted.
        * loader/cache/CachedSVGDocumentReference.cpp:
        (WebCore::CachedSVGDocumentReference::load): Deleted.
        * loader/cache/CachedSVGDocumentReference.h:
        (WebCore::CachedSVGDocumentReference::setAcceptsAnyImageType): Deleted.
        * platform/graphics/MaskImageOperation.cpp:
        (WebCore::MaskImageOperation::ensureCachedSVGDocumentReference):
        (WebCore::MaskImageOperation::notifyFinished):

2015-07-06  Daniel Bates  <dabates@apple.com>

        Fix the Windows build following <https://trac.webkit.org/changeset/186388>
        (https://bugs.webkit.org/show_bug.cgi?id=144830)

        As we for for Mac in WebCoreAVFResourceLoader::startLoading(), instantiate ResourceLoaderOptions
        with ContentSecurityPolicyImposition::DoPolicyCheck.

        * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
        (WebCore::WebCoreAVCFResourceLoader::startLoading):

2015-07-06  Daniel Bates  <dabates@apple.com>

        Isolated worlds should respect Content Security Policy; User Agent Shadow DOM
        should be exempt from Content Security Policy
        https://bugs.webkit.org/show_bug.cgi?id=144830
        <rdar://problem/18860261>

        Reviewed by Geoffrey Garen.

        Make scripts that run in an isolated world be subject to the Content Security Policy (CSP) of the page
        and exempt features implemented using a user agent shadow DOM. As a side effect of this change,
        Safari Content Extensions will respect the CSP policy of the page when loading subresources (e.g. an image).

        Tests: http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-audio.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-background.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-cursor.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-filter-on-image.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-css-webkit-image-set.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-embed-plugin.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-external-script.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-iframe.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-image-after-redirect.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-image.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-inline-script.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-inline-style.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-inline-stylesheet.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-object-plugin.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-object.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-feimage-element.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-font.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-svg-use-element.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-track.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/allow-video.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/block-loading-user-agent-image-from-non-user-agent-content.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-allowed.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-blocked.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-blocked2.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/default-src-object-data-url-blocked3.html
               http/tests/security/contentSecurityPolicy/userAgentShadowDOM/video-controls-allowed.html
               http/tests/security/isolatedWorld/image-load-should-not-bypass-main-world-csp.html

        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::connect): Pass shouldBypassMainWorldContentSecurityPolicy to ContentSecurityPolicy::allowConnectToSource().
        * css/CSSCanvasValue.h:
        (WebCore::CSSCanvasValue::loadSubimages): Modified to take argument ResourceLoaderOptions (unused).
        * css/CSSCrossfadeValue.cpp:
        (WebCore::CSSCrossfadeValue::fixedSize): Explicitly instantiate default ResourceLoaderOptions and pass
        pass it when requesting a cached image. Added FIXME comment to skip Content Security Policy check when
        the cross fade is applied to an element in a user agent shadow tree.
        (WebCore::CSSCrossfadeValue::loadSubimages): Take a ResourceLoaderOptions as an argument and passes it
        as appropriate.
        (WebCore::CSSCrossfadeValue::image): Explicitly instantiate default ResourceLoaderOptions and pass it
        when requesting a cached image. Added FIXME comment to skip Content Security Policy check when the cross
        fade is applied to an element in a user agent shadow tree.
        * css/CSSCrossfadeValue.h:
        * css/CSSCursorImageValue.cpp:
        (WebCore::CSSCursorImageValue::cachedImage): Take a ResourceLoaderOptions as an argument and passes it
        as appropriate.
        * css/CSSCursorImageValue.h:
        * css/CSSFilterImageValue.cpp:
        (WebCore::CSSFilterImageValue::fixedSize): Explicitly instantiate default ResourceLoaderOptions and pass
        pass it when requesting a cached image. Added FIXME comment to skip Content Security Policy check when
        the cross fade is applied to an element in a user agent shadow tree.
        (WebCore::CSSFilterImageValue::loadSubimages): Take a ResourceLoaderOptions as an argument and passes it
        as appropriate.
        (WebCore::CSSFilterImageValue::loadSubimages): Explicitly instantiate default ResourceLoaderOptions and pass
        pass it when requesting a cached image. Added FIXME comment to skip Content Security Policy check when
        the cross fade is applied to an element in a user agent shadow tree.
        (WebCore::CSSFilterImageValue::image):
        * css/CSSFilterImageValue.h:
        * css/CSSFontFaceSrcValue.cpp:
        (WebCore::CSSFontFaceSrcValue::cachedFont): Take a boolean, isInitiatingElementInUserAgentShadowTree,
        so as to determine the appropriate CSP imposition. In particular, we skip the CSP check when the initiating element
        (e.g. SVG font-face element) is in a user agent shadow tree.
        * css/CSSFontFaceSrcValue.h:
        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::addFontFaceRule): Take a boolean, isInitiatingElementInUserAgentShadowTree, and passes
        it as appropriate.
        * css/CSSFontSelector.h:
        * css/CSSGradientValue.h:
        (WebCore::CSSGradientValue::loadSubimages): Take a ResourceLoaderOptions as an argument and passes it
        as appropriate.
        * css/CSSImageGeneratorValue.cpp:
        (WebCore::CSSImageGeneratorValue::loadSubimages): Ditto.
        (WebCore::CSSImageGeneratorValue::cachedImageForCSSValue): Ditto.
        * css/CSSImageGeneratorValue.h:
        * css/CSSImageSetValue.cpp:
        (WebCore::CSSImageSetValue::cachedImageSet): Deleted.
        * css/CSSImageSetValue.h:
        * css/CSSImageValue.cpp:
        (WebCore::CSSImageValue::cachedImage): Deleted.
        * css/CSSImageValue.h:
        * css/RuleSet.cpp:
        (WebCore::RuleSet::addChildRules): Take a boolean, isInitiatingElementInUserAgentShadowTree, and passes
        it as appropriate.
        (WebCore::RuleSet::addRulesFromSheet): Added FIXME comment to skip Content Security Policy check when
        when stylesheet is in a user agent shadow tree.
        * css/RuleSet.h:
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::StyleResolver): Determine whether the SVG font-face element is in a user agent shadow tree
        and pass the appropriate value when calling CSSFontSelector::addFontFaceRule(). Also, modernized code; used C++11 range
        -based for-loop instead of const_iterator idiom.
        (WebCore::StyleResolver::loadPendingSVGDocuments): Skip CSP check when requesting subresources as a byproduct of
        resolving style for an element in a user agent shadow tree.
        (WebCore::StyleResolver::loadPendingImage): Ditto.
        (WebCore::StyleResolver::loadPendingShapeImage): Ditto.
        * css/StyleRuleImport.cpp:
        (WebCore::StyleRuleImport::requestStyleSheet): Added FIXME comment to skip Content Security Policy check when
        when stylesheet is in a user agent shadow tree.
        * dom/Element.h:
        * dom/InlineStyleSheetOwner.cpp:
        (WebCore::InlineStyleSheetOwner::createSheet): Skip CSP check for an inline <style> that is in a user agent shadow tree.
        * dom/Node.cpp:
        (WebCore::Node::isInUserAgentShadowTree): Added.
        * dom/Node.h:
        * dom/ScriptElement.cpp:
        (WebCore::ScriptElement::requestScript): Skip CSP check for an external JavaScript script in a user agent shadow tree.
        (WebCore::ScriptElement::executeScript): Skip CSP check for an inline JavaScript script that is in a user agent shadow tree.
        * dom/StyledElement.cpp:
        (WebCore::StyledElement::styleAttributeChanged): Skip CSP check when modifying the inline style of an element in a user
        agent shadow tree.
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::isSafeToLoadURL): Skip CSP check for a <audio>, <video> in a user agent shadow tree.
        (WebCore::HTMLMediaElement::outOfBandTrackSources): Ditto.
        * html/HTMLTrackElement.cpp:
        (WebCore::HTMLTrackElement::canLoadURL): Ditto.
        * html/track/LoadableTextTrack.cpp:
        (WebCore::LoadableTextTrack::loadTimerFired): Determine whether the <track> is in a user agent shadow tree
        and pass the appropriate value when calling TextTrackLoader::load().
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::startLoadingMainResource): Do CSP check when loading a resource by default.
        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::updateFromElement): Skip CSP check for an image that is in a user agent shadow tree.
        * loader/MediaResourceLoader.cpp:
        (WebCore::MediaResourceLoader::start): Instantiate ResourceLoaderOptions passing placeholder value ContentSecurityPolicyImposition::DoPolicyCheck.
        This value does not affect the request because we do not check the Content Security Policy for raw resource requests.
        * loader/NetscapePlugInStreamLoader.cpp:
        (WebCore::NetscapePlugInStreamLoader::NetscapePlugInStreamLoader): Added FIXME comment to skip Content Security Policy check
        when when associated plugin element is in a user agent shadow tree.
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy): Skip CSP check for a <iframe> in a user agent shadow tree.
        * loader/ResourceLoaderOptions.h: Defined enum class ContentSecurityPolicyImposition with explicit type uint8_t so
        as to provide a hint to the compiler (for better packing) when it computes the memory layout for struct that
        contains an instance of this class.
        (WebCore::ResourceLoaderOptions::ResourceLoaderOptions): Added argument contentSecurityPolicyImposition.
        (WebCore::ResourceLoaderOptions::contentSecurityPolicyImposition): Added.
        (WebCore::ResourceLoaderOptions::setContentSecurityPolicyImposition): Added.
        * loader/SubframeLoader.cpp:
        (WebCore::SubframeLoader::pluginIsLoadable): Skip CSP check for a plugin element that is in a user agent shadow tree.
        (WebCore::SubframeLoader::createJavaAppletWidget): Skip CSP check for an applet element that is in a user agent shadow tree.
        * loader/TextTrackLoader.cpp:
        (WebCore::TextTrackLoader::load): Take a boolean, isInitiatingElementInUserAgentShadowTree, and sets the appropriate
        Content Security Policy imposition for the text track request.
        * loader/TextTrackLoader.h:
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestUserCSSStyleSheet): Skip CSP check for a user-specified stylesheet.
        (WebCore::CachedResourceLoader::canRequest): Only check the CSP of the page if specified in the resource loader options for the request.
        (WebCore::CachedResourceLoader::defaultCachedResourceOptions): Add ContentSecurityPolicyImposition::DoPolicyCheck to the default
        resource loader options so that do check the CSP policy of the page before performing a resource request by default.
        * loader/cache/CachedSVGDocumentReference.cpp:
        (WebCore::CachedSVGDocumentReference::load): Take a ResourceLoaderOptions as an argument and passes it as appropriate.
        * loader/cache/CachedSVGDocumentReference.h:
        * loader/icon/IconLoader.cpp:
        (WebCore::IconLoader::startLoading): Instantiate ResourceLoaderOptions passing placeholder value ContentSecurityPolicyImposition::DoPolicyCheck.
        This value does not affect the request because we do not check the Content Security Policy for raw resource requests.
        * page/ContentSecurityPolicy.cpp:
        (WebCore::ContentSecurityPolicy::allowJavaScriptURLs): Take an argument called overrideContentSecurityPolicy (defaults to false). When
        overrideContentSecurityPolicy := true, this function unconditionally returns true.
        (WebCore::ContentSecurityPolicy::allowInlineEventHandlers): Ditto.
        (WebCore::ContentSecurityPolicy::allowInlineScript): Ditto.
        (WebCore::ContentSecurityPolicy::allowInlineStyle): Ditto.
        (WebCore::ContentSecurityPolicy::allowEval): Ditto.
        (WebCore::ContentSecurityPolicy::allowPluginType): Ditto.
        (WebCore::ContentSecurityPolicy::allowScriptFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowObjectFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowChildFrameFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowImageFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowStyleFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowFontFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowMediaFromSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowConnectToSource): Ditto.
        (WebCore::ContentSecurityPolicy::allowFormAction): Ditto.
        (WebCore::ContentSecurityPolicy::allowBaseURI): Ditto.
        * page/ContentSecurityPolicy.h:
        * page/DOMSecurityPolicy.cpp:
        * page/EventSource.cpp:
        (WebCore::EventSource::create): Pass shouldBypassMainWorldContentSecurityPolicy to ContentSecurityPolicy::allowConnectToSource().
        * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
        (WebCore::WebCoreAVFResourceLoader::startLoading): Instantiate ResourceLoaderOptions passing placeholder value ContentSecurityPolicyImposition::DoPolicyCheck.
        This value does not affect the request because we do not check the Content Security Policy for raw resource requests.
        * svg/SVGFEImageElement.cpp:
        (WebCore::SVGFEImageElement::requestImageResource): Skip CSP check for a SVG FEImage element in a user agent shadow tree.
        * svg/SVGFontFaceUriElement.cpp:
        (WebCore::SVGFontFaceUriElement::loadFont): Skip CSP check for a SVG font-face-uri element in a user agent shadow tree.
        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::updateExternalDocument): Skip CSP check for a SVG use element in a user agent shadow tree.
        * testing/Internals.cpp:
        (WebCore::Internals::ensureUserAgentShadowRoot): Added.
        * testing/Internals.h:
        * testing/Internals.idl: Added declaration for ensureUserAgentShadowRoot().
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::open): Pass shouldBypassMainWorldContentSecurityPolicy to ContentSecurityPolicy::allowConnectToSource().

2015-07-06  Brent Fulgham  <bfulgham@apple.com>

        Ensure media playback is stopped during page close
        https://bugs.webkit.org/show_bug.cgi?id=146554
        <rdar://problem/18033944>

        Reviewed by Brady Eidson.

        * Modules/webaudio/AudioContext.h:
        (WebCore::WebAudio::hostingDocument): Added.
        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::hostingDocument): Added.
        * dom/Document.cpp:
        (WebCore::Document::~Document): Call new 'stopAllMediaPlaybackForDocument' at destruction time.
        * platform/audio/PlatformMediaSession.h:
        Made PlatformMediaSessionManager a friend so it can access the protected 'client' accessor.
        Updated PlatformMediaSessionClient to require clients to have a "hostingDocument" member.
        * platform/audio/PlatformMediaSessionManager.cpp:
        (WebCore::PlatformMediaSessionManager::stopAllMediaPlaybackForDocument): Added. Only pauses
        playback on elements that match the provided document.
        (WebCore::PlatformMediaSessionManager::stopAllMediaPlaybackForProcess): Added. Pauses playback
        on all elements in the current process.
        * platform/audio/PlatformMediaSessionManager.h:

2015-07-06  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Remove memory page reporting
        https://bugs.webkit.org/show_bug.cgi?id=146659

        Reviewed by Benjamin Poulain.

        * contentextensions/CompiledContentExtension.cpp:
        (WebCore::ContentExtensions::CompiledContentExtension::~CompiledContentExtension):
        (WebCore::ContentExtensions::CompiledContentExtension::globalDisplayNoneSelectors):
        * contentextensions/CompiledContentExtension.h:
        * contentextensions/ContentExtension.cpp:
        (WebCore::ContentExtensions::ContentExtension::globalDisplayNoneStyleSheet):
        * contentextensions/ContentExtension.h:
        (WebCore::ContentExtensions::ContentExtension::compiledExtension):
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
        * contentextensions/DFABytecodeInterpreter.cpp:
        (WebCore::ContentExtensions::getBits):
        (WebCore::ContentExtensions::getInstruction):
        (WebCore::ContentExtensions::jumpSizeInBytes):
        (WebCore::ContentExtensions::getJumpSize):
        (WebCore::ContentExtensions::getJumpDistance):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretAppendAction):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretTestFlagsAndAppendAction):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::actionsForDefaultStylesheetFromDFARoot):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
        * contentextensions/DFABytecodeInterpreter.h:
        Don't keep track of memory page usage.  It wasn't even correct anyways.

2015-07-06  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Increase maxNFASize
        https://bugs.webkit.org/show_bug.cgi?id=146656

        Reviewed by Benjamin Poulain.

        Because of memory improvements in r186375, r186374, and r186079,
        we can now increase the maximum number of NFA nodes in order to avoid
        long compile times of some large, complicated content blockers.
        This also improves the interpreting time of content blockers.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        Increase maxNFASize to 75000 to avoid long compile times.

2015-07-06  Dean Jackson  <dino@apple.com>

        Memory corruption in WebGLRenderingContext::simulateVertexAttrib0
        https://bugs.webkit.org/show_bug.cgi?id=146652
        <rdar://problem/21567767>

        Follow-up fix.

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0):

2015-07-06  Dean Jackson  <dino@apple.com>

        Memory corruption in WebGLRenderingContext::simulateVertexAttrib0
        https://bugs.webkit.org/show_bug.cgi?id=146652
        <rdar://problem/21567767>

        Reviewed by Brent Fulgham.

        The expression "(numVertex + 1) * 4 * sizeof(GC3Dfloat)" could potentially
        overflow. Make it use checked arithmetic.

        I couldn't make a test case that reliably exercised this.

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0): Used Checked<GC3Dsizeiptr>
        for calculating the size of the buffer.

2015-07-06  Said Abou-Hallawa  <sabouhallawa@apple.com>

        [Mac] REGRESSION: (r181403) Enter/Exit full screen on 1x secondary display plugged into 2x Mac displays WebView as 1/4 size during transition
        https://bugs.webkit.org/show_bug.cgi?id=146651

        Reviewed by Simon Fraser.

        * platform/mac/WebCoreFullScreenPlaceholderView.mm: set layerContentsPlacement
        to NSViewLayerContentsPlacementScaleProportionallyToFit so AppKit resizes the
        content CALayer to fit in the WebView.

2015-07-06  Benjamin Poulain  <benjamin@webkit.org>

        Reduce the memory usage of the prefix tree
        https://bugs.webkit.org/show_bug.cgi?id=146615

        Reviewed by Sam Weinig.

        This patch introduces two little changes that reduces the size
        of the prefix tree by about 40%.

        First, the Terms are interned. The new class CombinedFiltersAlphabet
        takes care of keeping a unique version of each term for use
        by the CombinedURLFilters.

        Since each Term is fairly big but we have a small number of
        unique term, we significantly reduce the edge size.

        Second, the actions are no longer stored on each Vertex.
        They are now stored on the side, in a HashMap indexed by
        their Vertex.

        This works well because the Actions are sparse over the tree.
        Typically, only the leaves have actions. Internal vertices
        sometime get actions but that's uncommon.

        ---

        The next step to reduce the memory footprint would be to
        make PrefixTreeVertex into a custom packed structure instead
        of using a Vector.

        Such change is very invasive and more error prone so I decided
        against it for this patch.

        * WebCore.xcodeproj/project.pbxproj:
        * contentextensions/CombinedFiltersAlphabet.cpp: Copied from Source/WebCore/contentextensions/CombinedURLFilters.h.
        (WebCore::ContentExtensions::TermCreatorTranslator::hash):
        (WebCore::ContentExtensions::TermCreatorTranslator::equal):
        (WebCore::ContentExtensions::TermCreatorTranslator::translate):
        (WebCore::ContentExtensions::CombinedFiltersAlphabet::interned):
        (WebCore::ContentExtensions::CombinedFiltersAlphabet::memoryUsed):
        * contentextensions/CombinedFiltersAlphabet.h: Copied from Source/WebCore/contentextensions/CombinedURLFilters.h.
        (WebCore::ContentExtensions::CombinedFiltersAlphabet::TermPointerHash::hash):
        (WebCore::ContentExtensions::CombinedFiltersAlphabet::TermPointerHash::equal):
        * contentextensions/CombinedURLFilters.cpp:
        (WebCore::ContentExtensions::recursiveMemoryUsed):
        (WebCore::ContentExtensions::CombinedURLFilters::memoryUsed):
        (WebCore::ContentExtensions::prefixTreeVertexToString):
        (WebCore::ContentExtensions::recursivePrint):
        (WebCore::ContentExtensions::CombinedURLFilters::addPattern):
        (WebCore::ContentExtensions::generateNFAForSubtree):
        (WebCore::ContentExtensions::CombinedURLFilters::processNFAs):
        * contentextensions/CombinedURLFilters.h:
        * contentextensions/ContentExtensionsDebugging.h:
        * contentextensions/Term.h:
        (WebCore::ContentExtensions::Term::isValid):
        (WebCore::ContentExtensions::Term::destroy):
        (WebCore::ContentExtensions::Term::memoryUsed):
        (WebCore::ContentExtensions::Term::toString): Deleted.
        (WebCore::ContentExtensions::TermHash::hash): Deleted.
        (WebCore::ContentExtensions::TermHash::equal): Deleted.
        (WebCore::ContentExtensions::Term::Term): Deleted.
        (WebCore::ContentExtensions::Term::isKnownToMatchAnyString): Deleted.
        (WebCore::ContentExtensions::Term::hasFixedLength): Deleted.
        (WebCore::ContentExtensions::Term::operator==): Deleted.
        (WebCore::ContentExtensions::Term::hash): Deleted.
        (WebCore::ContentExtensions::Term::isDeletedValue): Deleted.
        (WebCore::ContentExtensions::Term::isUniversalTransition): Deleted.
        (WebCore::ContentExtensions::Term::generateSubgraphForAtom): Deleted.

2015-07-06  Benjamin Poulain  <benjamin@webkit.org>

        [Content Extensions] Make the DFA transitions ranges instead of characters
        https://bugs.webkit.org/show_bug.cgi?id=146575

        Reviewed by Alex Christensen.

        This patch changes the DFA and code using the DFA to use ranges
        to represent the transitions between any two nodes.

        This patch builds on top of the tools introduced in r186079.

        The DFA structure is basically the same as ImmutableNFA but without
        any epsilon transitions.

        This patch introduces a transition iterator to make the DFA
        compatible with the existing algorithms.

        ---

        The DFA combiner is rebuilt on top of MutableRangeList. Combining the transitions
        of two nodes is one by merging the range list of each not into a common
        MutableRangeList.
        The data converter takes care of creating the signature of the combination.

        The code got simpler since MutableRangeList does most of the work now. It is also
        much faster.

        ---

        The minimizer is more intersting.

        With the current algorithm, we cannot resolve overlaps between ranges. On the other
        hand, the minimizer does not care about the symbol of the transitions if we are careful
        to partition transitions of the same symbol together.

        What I did was to turn the minimizer into a pure transition based one, BUT each
        "symbol" is actually an unbreakable range.

        The first step is to go over all the transitions of all the nodes and find the largest
        ranges such that the alphabet of interest is covered but there is not a single intersection
        between any two nodes (what I called "singular transitions" in the code). 

        This can be done efficiently with MutableRangeList.
        A little trick there is that I also used the converter to count how many real transition
        overlaps any singular transition.

        Those singular transitions become the alphabet of our minimizer. The "symbol" of our alphabet
        is simply the position of the singular transition in the list.

        The partition of transition is created by populating each set with all the transition that
        overlaps the symbols.
        Note that since the partition is created on the fly, the Transition structure used for
        repartitioning only contains the source of the transitions.

        Once our transition parition has been carefuly created, we can completely forget about
        the symbols and only work with subsets.

        Since the singular transitions have no overlap (unlike fallback transitions), this new minimizer
        will find the minimial solution for well formed input.

        * WebCore.xcodeproj/project.pbxproj:
        * contentextensions/DFA.cpp:
        (WebCore::ContentExtensions::DFA::memoryUsed):
        (WebCore::ContentExtensions::printTransitions):
        (WebCore::ContentExtensions::DFANode::actions): Deleted.
        (WebCore::ContentExtensions::DFANode::transitions): Deleted.
        (WebCore::ContentExtensions::DFANode::fallbackTransitionDestination): Deleted.
        (WebCore::ContentExtensions::DFANode::changeFallbackTransition): Deleted.
        (WebCore::ContentExtensions::DFANode::addFallbackTransition): Deleted.
        (WebCore::ContentExtensions::DFANode::containsTransition): Deleted.
        (WebCore::ContentExtensions::DFANode::kill): Deleted.
        (WebCore::ContentExtensions::DFA::debugPrintDot): Deleted.
        * contentextensions/DFA.h:
        (WebCore::ContentExtensions::DFANode::ConstRangeIterator::range):
        (WebCore::ContentExtensions::DFANode::ConstRangeIterator::target):
        (WebCore::ContentExtensions::DFANode::RangeIterator::range):
        (WebCore::ContentExtensions::DFANode::RangeIterator::target):
        (WebCore::ContentExtensions::DFANode::RangeIterator::resetTarget):
        * contentextensions/DFABytecodeCompiler.cpp:
        (WebCore::ContentExtensions::DFABytecodeCompiler::ranges):
        (WebCore::ContentExtensions::DFABytecodeCompiler::nodeTransitionsMaxBytecodeSize):
        (WebCore::ContentExtensions::DFABytecodeCompiler::compileNodeTransitions):
        * contentextensions/DFACombiner.cpp:
        (WebCore::ContentExtensions::DFAMerger::TargetConverter::convert):
        (WebCore::ContentExtensions::DFAMerger::TargetConverter::extend):
        (WebCore::ContentExtensions::DFAMerger::TargetConverter::setHalfSignature):
        (WebCore::ContentExtensions::DFAMerger::merge):
        (WebCore::ContentExtensions::DFAMerger::getOrCreateCombinedNode):
        (WebCore::ContentExtensions::DFAMerger::setHalfSignature): Deleted.
        (WebCore::ContentExtensions::DFAMerger::populateTransitions): Deleted.
        (WebCore::ContentExtensions::DFAMerger::populateFromFallbackTransitions): Deleted.
        (WebCore::ContentExtensions::DFAMerger::createTransitions): Deleted.
        (WebCore::ContentExtensions::DFAMerger::createFallbackTransitionIfNeeded): Deleted.
        * contentextensions/DFAMinimizer.cpp:
        (WebCore::ContentExtensions::DFAMinimizer::minimize):
        * contentextensions/DFANode.cpp: Added.
        (WebCore::ContentExtensions::DFANode::actions):
        (WebCore::ContentExtensions::DFANode::containsTransition):
        (WebCore::ContentExtensions::DFANode::kill):
        (WebCore::ContentExtensions::DFANode::canUseFallbackTransition):
        (WebCore::ContentExtensions::DFANode::bestFallbackTarget):
        * contentextensions/DFANode.h:
        (WebCore::ContentExtensions::CharRange::size):
        (WebCore::ContentExtensions::DFANode::ConstRangeIterator::operator*):
        (WebCore::ContentExtensions::DFANode::ConstRangeIterator::operator==):
        (WebCore::ContentExtensions::DFANode::ConstRangeIterator::operator!=):
        (WebCore::ContentExtensions::DFANode::ConstRangeIterator::operator++):
        (WebCore::ContentExtensions::DFANode::ConstRangeIterator::first):
        (WebCore::ContentExtensions::DFANode::ConstRangeIterator::last):
        (WebCore::ContentExtensions::DFANode::ConstRangeIterator::data):
        (WebCore::ContentExtensions::DFANode::IterableConstRange::begin):
        (WebCore::ContentExtensions::DFANode::IterableConstRange::end):
        (WebCore::ContentExtensions::DFANode::transitions):
        (WebCore::ContentExtensions::DFANode::RangeIterator::operator*):
        (WebCore::ContentExtensions::DFANode::RangeIterator::operator==):
        (WebCore::ContentExtensions::DFANode::RangeIterator::operator!=):
        (WebCore::ContentExtensions::DFANode::RangeIterator::operator++):
        (WebCore::ContentExtensions::DFANode::RangeIterator::first):
        (WebCore::ContentExtensions::DFANode::RangeIterator::last):
        (WebCore::ContentExtensions::DFANode::RangeIterator::data):
        (WebCore::ContentExtensions::DFANode::IterableRange::begin):
        (WebCore::ContentExtensions::DFANode::IterableRange::end):
        (WebCore::ContentExtensions::DFANode::hasFallbackTransition): Deleted.
        (WebCore::ContentExtensions::DFANode::transitionsLength): Deleted.
        (WebCore::ContentExtensions::DFANode::transitionsStart): Deleted.
        (WebCore::ContentExtensions::DFANode::resetTransitions): Deleted.
        (WebCore::ContentExtensions::DFANode::setHasFallbackTransitionWithoutChangingDFA): Deleted.
        * contentextensions/ImmutableNFA.h:
        (WebCore::ContentExtensions::ImmutableNFA::ConstRangeIterator::first):
        (WebCore::ContentExtensions::ImmutableNFA::ConstRangeIterator::last):
        (WebCore::ContentExtensions::ImmutableNFA::ConstRangeIterator::data):
        (WebCore::ContentExtensions::ImmutableNFA::ConstRangeIterator::range):
        (WebCore::ContentExtensions::ImmutableNFA::ConstRangeIterator::operator*): Deleted.
        (WebCore::ContentExtensions::ImmutableNFA::ConstRangeIterator::operator->): Deleted.
        * contentextensions/ImmutableNFANodeBuilder.h:
        (WebCore::ContentExtensions::ImmutableNFANodeBuilder::FakeRangeIterator::first):
        (WebCore::ContentExtensions::ImmutableNFANodeBuilder::FakeRangeIterator::last):
        (WebCore::ContentExtensions::ImmutableNFANodeBuilder::FakeRangeIterator::operator*): Deleted.
        (WebCore::ContentExtensions::ImmutableNFANodeBuilder::FakeRangeIterator::operator->): Deleted.
        * contentextensions/MutableRange.h:
        (WebCore::ContentExtensions::MutableRange::size): Deleted.
        * contentextensions/MutableRangeList.h:
        (WebCore::ContentExtensions::MutableRangeList::ConstIterator::first):
        (WebCore::ContentExtensions::MutableRangeList::ConstIterator::last):
        (WebCore::ContentExtensions::MutableRangeList::ConstIterator::data):
        (WebCore::ContentExtensions::MutableRangeList::extend):
        (WebCore::ContentExtensions::MutableRangeList::size):
        (WebCore::ContentExtensions::MutableRangeList::initializeFrom):
        * contentextensions/NFAToDFA.cpp:
        (WebCore::ContentExtensions::NFAToDFA::convert):
        (WebCore::ContentExtensions::canUseFallbackTransition): Deleted.
        (WebCore::ContentExtensions::findBestFallbackTarget): Deleted.

2015-07-06  Timothy Hatcher  <timothy@apple.com>

        Fix ASSERT causing crashes in Inspector tests on the bots.

        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::enable): Reset stopwatch before starting it.

2015-07-06  Brady Eidson  <beidson@apple.com>

        Remove unused "m_isPrivate" flag on NetworkStorageSession.
        https://bugs.webkit.org/show_bug.cgi?id=146648

        Reviewed by Alex Christensen.

        No new tests (No behavior change).

        * platform/network/NetworkStorageSession.h:
        (WebCore::NetworkStorageSession::isPrivateBrowsingSession): Deleted.

        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::NetworkStorageSession): Deleted.
        (WebCore::NetworkStorageSession::createPrivateBrowsingSession): Deleted.

        * platform/network/soup/NetworkStorageSessionSoup.cpp:
        (WebCore::NetworkStorageSession::NetworkStorageSession): Deleted.
        (WebCore::NetworkStorageSession::createPrivateBrowsingSession): Deleted.

2015-07-04  Timothy Hatcher  <timothy@apple.com>

        Web Inspector: Add a dedicated Network tab that is always live
        https://bugs.webkit.org/show_bug.cgi?id=146568

        Make sure the executionStopwatch is always started and never stops so resource loads
        always get timestamps, even when Timeline is not recording.

        Reviewed by Joseph Pecoraro.

        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::enable): Start executionStopwatch.
        (WebCore::InspectorPageAgent::frameStartedLoading): Reset and start executionStopwatch.
        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::internalStart): Removed executionStopwatch code.
        (WebCore::InspectorTimelineAgent::internalStop): Ditto.

2015-07-02  Timothy Hatcher  <timothy@apple.com>

        Update the localized strings file.

        * English.lproj/Localizable.strings: Updated with the script.

2015-07-06  Zalan Bujtas  <zalan@apple.com>

        Crash: LayoutState root's container is nullptr when the layout root is detached.
        https://bugs.webkit.org/show_bug.cgi?id=146646
        rdar://problem/21371544

        Reviewed by Simon Fraser.

        This is a speculative fix to ensure that when the root of the LayoutState is detached
        we don't try to access its container (nullptr).
        This is related to trac.webkit.org/r185484.

        Not reproducible.

        * rendering/LayoutState.cpp:
        (WebCore::LayoutState::LayoutState):
        * rendering/LayoutState.h:
        (WebCore::LayoutState::LayoutState): Deleted.

2015-07-06  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Inactive AirPlay route should automatically timeout
        https://bugs.webkit.org/show_bug.cgi?id=146642
        <rdar://problem/21602955>

        Automatically clear a media element's AirPlay connection after it has been paused
        for 60 minutes, or after 8 minutes if it played to the end before pausing.

        Reviewed by Brent Fulgham.

        * Modules/mediasession/WebMediaSessionManager.cpp:
        (WebCore::WebMediaSessionManager::WebMediaSessionManager): Initialize m_watchdogTimer.
        (WebCore::WebMediaSessionManager::clientStateDidChange): Schedule watchdog timer configuration
          if the client started playing or paused.
        (WebCore::WebMediaSessionManager::configurePlaybackTargetClients): Schedule watchdog timer configuration.
        (WebCore::WebMediaSessionManager::toString): Print watchdog configuration flag.
        (WebCore::WebMediaSessionManager::taskTimerFired): Call configureWatchdogTimer.
        (WebCore::WebMediaSessionManager::configureWatchdogTimer): New, start or stop watchdog timer.
        (WebCore::WebMediaSessionManager::watchdogTimerFired): Stop monitoring for targets, which 
          clears the route.
        * Modules/mediasession/WebMediaSessionManager.h:

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaState): Set DidPlayToEnd when appropriate.

        * page/MediaProducer.h: Add DidPlayToEnd.

        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
        (WebCore::MediaPlaybackTargetPickerMac::~MediaPlaybackTargetPickerMac): Clear m_client, call
          stopMonitoringPlaybackTargets.
        (WebCore::MediaPlaybackTargetPickerMac::pendingActionTimerFired): Send a neutered 
          MediaPlaybackTarget when m_outputDeviceMenuController is NULL.
        (WebCore::MediaPlaybackTargetPickerMac::devicePicker): Add logging.
        (WebCore::MediaPlaybackTargetPickerMac::stopMonitoringPlaybackTargets): Clear the menu
          controller to cancel the route.

2015-07-06  Zan Dobersek  <zdobersek@igalia.com>

        [GTK] Fix build errors with OpenGL ES
        https://bugs.webkit.org/show_bug.cgi?id=146626

        Reviewed by Carlos Garcia Campos.

        * platform/graphics/ANGLEWebKitBridge.h: Include <GLES2/gl2.h>
        when building with OpenGL ES 2 support enabled.
        (WebCore::ANGLEShaderSymbol::isSampler): Don't test for
        OpenGL-specific GL_SAMPLER_2D_RECT_ARB value when OpenGL ES 2
        support is enabled.

2015-07-06  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] Remove ReadableStream custom constructor
        https://bugs.webkit.org/show_bug.cgi?id=146547

        Reviewed by Darin Adler.

        Removed custom binding.
        Made use of Dictionary in lieu of JSObject to reduce readable stream constructor parameter parsing.
        Added support for passing ExecState to construtor within binding generator.

        No change in behavior.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::create):
        * Modules/streams/ReadableStream.h:
        (WebCore::ReadableStream::create):
        * Modules/streams/ReadableStream.idl:
        * bindings/js/JSDictionary.cpp:
        (WebCore::JSDictionary::convertValue):
        * bindings/js/JSDictionary.h:
        * bindings/js/JSReadableStreamCustom.cpp:
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::create):
        (WebCore::ReadableJSStream::ReadableJSStream):
        * bindings/js/ReadableJSStream.h:
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateConstructorDefinition):
        * bindings/scripts/IDLAttributes.txt:

2015-07-06  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        Promise-returning functions should reject promises if the callee is not of the expected type
        https://bugs.webkit.org/show_bug.cgi?id=146585

        Reviewed by Darin Adler.

        Updated binding generator to reject promise in case the casting of the thisValue is not working properly
        (i.e. the callee is not wrapping a DOM object of the expected class.

        Covered by rebased test and binding expectations.

        * bindings/js/JSDOMPromise.h:
        (WebCore::callPromiseFunction): Removed wrapper class parameter.
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSTestObj.cpp: Updated binding expectations.
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunction):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionPromise):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithFloatArgument):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithFloatArgumentPromise):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithException):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithExceptionPromise):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithOptionalIntArgument):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithOptionalIntArgumentPromise):

2015-07-05  Chris Dumez  <cdumez@apple.com>

        [WK2] Current page's scroll position is lost when transferring sessionState from one view to another
        https://bugs.webkit.org/show_bug.cgi?id=146625
        <rdar://problem/21585268>

        Reviewed by Gavin Barraclough.

        Export HistoryController:saveScrollPositionAndViewStateToItem()
        so that it can be called from WebKit2.

        * loader/HistoryController.h:

2015-07-05  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r180582): background-attachment: local; does not scroll the background image when scrolling the the element's contents
        https://bugs.webkit.org/show_bug.cgi?id=146623

        Reviewed by Zalan Bujtas.
        
        r180582 erroneously asserted that m_destOrigin in BackgroundImageGeometry was unused.
        However, it is needed to compute the correct phase when the destination rect is
        altered by clipping.

        Test: fast/backgrounds/background-attachment-local.html

        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry):
        * rendering/RenderBoxModelObject.h:
        (WebCore::BackgroundImageGeometry::BackgroundImageGeometry):
        (WebCore::BackgroundImageGeometry::relativePhase):
        * rendering/svg/RenderSVGResourceMasker.cpp:
        (WebCore::RenderSVGResourceMasker::drawMaskForRenderer):

2015-07-05  Chris Dumez  <cdumez@apple.com>

        [WK2] WebBackForwardListItems' pageState is not kept up-to-date
        https://bugs.webkit.org/show_bug.cgi?id=146614
        <rdar://problem/21585268>

        Reviewed by Gavin Barraclough.

        WebBackForwardListItems' pageState on UIProcess-side were not kept
        up-to-date when it was updated on WebContent process side. This meant
        that we were losing the scroll position (among other things) when
        transferring the session state over from one view to another.

        We now call notifyHistoryItemChanged(item) after saving the scroll
        position and the view state on the HistoryItem. As a result, the
        WebBackForwardListProxy will send the updated pageState to the
        UIProcess.

        * history/HistoryItem.cpp:
        (WebCore::HistoryItem::notifyChanged):
        * history/HistoryItem.h:
        * loader/HistoryController.cpp:
        (WebCore::HistoryController::saveScrollPositionAndViewStateToItem):

2015-07-04  Chris Dumez  <cdumez@apple.com>

        Unreviewed Windows build fix after r186279.

        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        (WebCore::AVFWrapper::destroyVideoLayer):
        * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
        (WebCore::CACFLayerTreeHost::destroyRenderer):

2015-07-04  Chris Dumez  <cdumez@apple.com>

        Drop RefPtr::clear() method
        https://bugs.webkit.org/show_bug.cgi?id=146556

        Reviewed by Brady Eidson.

        Drop RefPtr::clear() method in favor of "= nullptr;" pattern.

2015-07-03  Dan Bernstein  <mitz@apple.com>

        Fixed the iOS 8 build.

        * editing/cocoa/HTMLConverter.mm:

2015-07-03  Chris Dumez  <cdumez@apple.com>

        REGRESSION (r178097): HTMLSelectElement.add(option, undefined) prepends option to the list of options; should append to the end of the list of options
        https://bugs.webkit.org/show_bug.cgi?id=146566
        <rdar://problem/21663919>

        Reviewed by Ryosuke Niwa.

        HTMLSelectElement.add(X, undefined) is supposed to be equivalent to
        HTMLSelectElement.add(X) which should *append* X. The same is true
        for HTMLOptionsCollection.add(X, undefined).

        However, due to a bug in our bindings generator for overloaded
        operations, the actual behavior was not the expected one. The
        second overload would be chosen: add(X, index) and undefined would
        be converted as 0-index, which would *prepend* X.

        This patch fixes the bindings generator so that undefined is allowed
        for optional parameters of an overload operation, when doing the
        overload resolution.

        Tests:
        - fast/dom/HTMLSelectElement/add.html
        - fast/dom/HTMLSelectElement/options-collection-add.html
        - http/tests/websocket/tests/hybi/undefined-protocol.html

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateParametersCheckExpression):
        Allow undefined value for optional parameters when doing the overload
        resolution.

        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithOptionalParameter1):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithOptionalParameter2):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethodWithOptionalParameter):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        (WebCore::JSTestOverloadedConstructorsConstructor::constructJSTestOverloadedConstructors):
        * bindings/scripts/test/TestObj.idl:
        Add bindings tests coverage and rebaseline.

2015-07-03  Dan Bernstein  <mitz@apple.com>

        Fixed the Mavericks build after r186236.

        * loader/cache/CachedResource.h:
        (WebCore::CachedResource::url): Removed the export macro from this inline function.

2015-07-03  Dan Bernstein  <mitz@apple.com>

        Tried to fix the iOS build.

        * bridge/objc/objc_class.mm:
        (JSC::Bindings::ObjcClass::fieldNamed):

2015-07-03  Dan Bernstein  <mitz@apple.com>

        Tried to fix the iOS build.

        * editing/cocoa/HTMLConverter.mm:

2015-07-03  Dan Bernstein  <mitz@apple.com>

        Tried to fix the iOS build.

        * page/FrameView.cpp:
        (WebCore::FrameView::calculateExtendedBackgroundMode):

2015-07-03  Dan Bernstein  <mitz@apple.com>

        [Xcode] Update some build settings as recommended by Xcode 7
        https://bugs.webkit.org/show_bug.cgi?id=146597

        Reviewed by Sam Weinig.

        * Configurations/Base.xcconfig: Enabled CLANG_WARN_UNREACHABLE_CODE,
        GCC_WARN_UNDECLARED_SELECTOR, and GCC_NO_COMMON_BLOCKS. Removed GCC_MODEL_TUNING.

        * WebCore.xcodeproj/project.pbxproj: Updated LastUpgradeCheck. Disabled -Wunreachable-code
        for two bison-generated source files. Updated for rename of WebScriptObject.h.

        * bindings/objc/WebScriptObject.mm:
        (-[WebUndefined dealloc]): Removed unreachable code and suppressed warning about not calling
        super.
        * bridge/objc/WebScriptObject.h: Renamed to WebScriptObjectProtocol.h to enabled inlcuding
        the other WebScriptObject.h.
        * bridge/objc/WebScriptObjectProtocol.h: Renamed from WebScriptObject.h.

        * bridge/objc/objc_class.mm: Updated for rename and included WebScriptObject.h because we
        use selectors declared in that file.

        * bridge/objc/objc_instance.mm: Ditto.
        (ObjCRuntimeMethod::create): Resolved ambiguity between JSC::JSValue and the Objective-C
        JSValue class.
        (ObjCRuntimeMethod::createStructure): Ditto.
        (ObjcInstance::invokeMethod): Ditto.
        (ObjcInstance::invokeObjcMethod): Ditto.
        (ObjcInstance::invokeDefaultMethod): Ditto.
        (ObjcInstance::setValueOfUndefinedField): Ditto.
        (ObjcInstance::getValueOfUndefinedField): Ditto.
        (ObjcInstance::defaultValue): Ditto.
        (ObjcInstance::stringValue): Ditto.
        (ObjcInstance::numberValue): Ditto.
        (ObjcInstance::booleanValue): Ditto.
        (ObjcInstance::valueOf): Ditto,

        * bridge/objc/objc_runtime.h: Moved definition of isFallbackMethod() from here to the
        implementation.
        * bridge/objc/objc_runtime.mm: Updated for rename and included WebScriptObject.h because we
        use selectors declared in that file.
        (JSC::Bindings::ObjcMethod::isFallbackMethod): Moved definition from the header to here.

        * bridge/objc/objc_utility.mm: Updated for rename.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addScrollbarPseudoClassType): Removed unreachable code.

        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        Added declarations to the WebCoreMovieObserver interface.
        (WebCore::MediaPlayerPrivateQTKit::disableUnsupportedTracks): Suppressed
        -Wundeclared-selector around invocation of a selector that is not declared anywhere.

2015-07-03  Kyounga Ra  <kyounga@alticast.com>

        Memory leak for a protected Element having pending events in ImageLoader. 
        https://bugs.webkit.org/show_bug.cgi?id=146538

        Reviewed by Brady Eidson.

        If ImageLoader is destroyed before an active derefElementTimer is fired, protected element's refCount never be zero..

        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::~ImageLoader):
        (WebCore::ImageLoader::updateFromElement):
        (WebCore::ImageLoader::updateRenderer):
        (WebCore::ImageLoader::updatedHasPendingEvent):
        (WebCore::ImageLoader::timerFired):
        * loader/ImageLoader.h:

2015-07-03  Daniel Bates  <dabates@apple.com>

        REGRESSION (r178097): JavaScript TypeError after clicking on compose button in Yahoo Mail
        https://bugs.webkit.org/show_bug.cgi?id=146515
        <rdar://problem/21348421>

        Reviewed by Chris Dumez.

        Fixes an issue where extra arguments passed to a Web IDL overloaded function, whose implementation
        is generated by the bindings generator script, are not ignored as per the note in section "Interface object [[Call]] method"
        of the Web IDL spec, <http://www.w3.org/TR/2012/CR-WebIDL-20120419/> (19 April 2012).

        Currently for an overloaded function the JavaScript bindings generator script emits code to
        throw a TypeError when it cannot find a candidate function that takes the same number of
        arguments as passed by a caller. Prior to the change made in bug #139179 (r178097), the
        bindings code for HTMLSelectElement.add() was written by hand and ignored extra arguments
        that were passed to it. Following this change, the bindings code for HTMLSelectElement.add()
        is generated by the bindings generator script. Therefore, we throw a TypeError when Yahoo Mail
        calls HTMLSelectElement.add() with extra arguments because the code emitted by the bindings
        generator script does not ignore them.

        * bindings/scripts/CodeGeneratorJS.pm:
        (LengthOfLongestFunctionParameterList): Added. Computes the length of longest overload parameter list.
        (GenerateOverloadedFunction): Emit code that ignores more arguments than LengthOfLongestFunctionParameterList().
        (GenerateOverloadedConstructorDefinition): Ditto.
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod12): Added; expected result for an overloaded
        function that takes a variadic number of Blob elements.
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod): Update expected result. The added
        if-conditional expression for the IDL declaration overloadedMethod(Blob... blobArgs) is empty
        because we do not support overloading of functions with variadic arguments.
        (WebCore::jsTestObjConstructorFunctionOverloadedMethod1):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        (WebCore::JSTestOverloadedConstructorsConstructor::constructJSTestOverloadedConstructors5): Added; expected
        result for an overloaded constructors that takes a variadic number of long arguments.
        (WebCore::JSTestOverloadedConstructorsConstructor::constructJSTestOverloadedConstructors): Update expected
        result. The added if-conditional expression for the IDL declaration Constructor(long... longArgs) is empty
        because we do not support overloading of constructors with variadic arguments.
        * bindings/scripts/test/TestObj.idl: Added declaration overloadedMethod(Blob...). Also fixed
        typo in license block text.
        * bindings/scripts/test/TestOverloadedConstructors.idl: Added declaration Constructor(long... longArgs).
        Also fixed typo in license block text.

2015-07-03  Mario Sanchez Prada  <mario@endlessm.com>

        Crash on xLarge memory allocation using bmalloc on 32bit systems
        https://bugs.webkit.org/show_bug.cgi?id=146440

        Reviewed by Gustavo Noronha Silva.

        Disable the gcc's -ftree-sra optimization (automatically enabled
        with -O1 and higher levels) for WebCore and 32bit Intel architectures,
        as that causes the crash in bmalloc when allocating large amounts of
        memory from the texture mapper's tiled backing store implementation.

        * CMakeLists.txt: Pass -fno-free-sra to gcc on 32bit Intel architectures.

2015-07-03  Csaba Osztrogonác  <ossy@webkit.org>

        Fix the !ENABLE(VIDEO) build after r186054
        https://bugs.webkit.org/show_bug.cgi?id=146592

        Reviewed by Eric Carlson.

        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::releaseCriticalMemory):

2015-07-03  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] Remove ReadableStream and Reader cancel() custom binding
        https://bugs.webkit.org/show_bug.cgi?id=146458

        Reviewed by Darin Adler.

        Removed stream and reader cancel custom binding.
        Updated binding generator to correctly handle promise-based APIs with optional parameters.

        No behavior changes.

        * Modules/streams/ReadableStream.idl: Removed custom
        * Modules/streams/ReadableStreamReader.idl: Ditto.
        * bindings/js/JSReadableStreamCustom.cpp:
        (WebCore::JSReadableStream::cancel): Deleted.
        * bindings/js/JSReadableStreamReaderCustom.cpp:
        (WebCore::JSReadableStreamReader::cancel): Deleted.
        * bindings/scripts/CodeGeneratorJS.pm: Handling of promise parameter in case of optional arguments.
        (GenerateParametersCheck):
        (GenerateReturnParameters): Utility function to generate return parameters (exception and promise).
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithOptionalIntArgument):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithOptionalIntArgumentPromise):
        * bindings/scripts/test/TestObj.idl:


2015-07-02  Doug Russell  <d_russell@apple.com>

        AX: Selection change as a result of focusing an element should include that 
        information in the intent
        https://bugs.webkit.org/show_bug.cgi?id=146533

        Reviewed by Chris Fleizach.

        Added focusChange flag to AXTextStateChangeIntent.
        Added intent support to selection logic called by Element::updateFocusAppearance().
        Added NSAccessibilityTextSelectionChangedFocus to mac notifications.

        Test: platform/mac/accessibility/selection-notification-focus-change.html

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::postTextStateChangeNotification):
        * accessibility/AXTextStateChangeIntent.h:
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::setTextSelectionIntent):
        (WebCore::AccessibilityRenderObject::setFocused):
        * accessibility/mac/AXObjectCacheMac.mm:
        (WebCore::AXObjectCache::postTextStateChangePlatformNotification):
        * dom/Element.cpp:
        (WebCore::Element::updateFocusAppearance):
        * dom/Element.h:
        (WebCore::Element::defaultFocusTextStateChangeIntent):
        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::moveWithoutValidationTo):
        (WebCore::FrameSelection::setSelectionByMouseIfDifferent):
        (WebCore::FrameSelection::selectAll):
        * editing/FrameSelection.h:
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::updateFocusAppearance):
        * html/HTMLTextAreaElement.cpp:
        (WebCore::HTMLTextAreaElement::updateFocusAppearance):
        * html/HTMLTextFormControlElement.cpp:
        (WebCore::HTMLTextFormControlElement::select):
        (WebCore::HTMLTextFormControlElement::setSelectionRange):
        (WebCore::HTMLTextFormControlElement::restoreCachedSelection):
        * html/HTMLTextFormControlElement.h:
        * page/EventHandler.cpp:
        (WebCore::setInitialKeyboardSelection):
        * page/FocusController.cpp:
        (WebCore::FocusController::advanceFocusInDocumentOrder):

2015-07-02  Przemek Piorkowski  <piorkowskiprzemyslaw@gmail.com>

        [EFL] test_ewk2_application_cache_manager has been failed since r185527
        https://bugs.webkit.org/show_bug.cgi?id=146016

        Reviewed by Gyuyoung Kim.

        In order to handle properly WebApplicationCacheManagerProxy implementation which use
        WebsiteDataRecord it is necessary to enable PUBLIC_SUFFIX_LIST for EFL. 
        Implementation of PUBLIC_SUFFIX_LIST already exists for soup so EFL can use it as well.

        * PlatformEfl.cmake: PublicSuffixSoup.cpp added to source files.

2015-07-02  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r186251.
        https://bugs.webkit.org/show_bug.cgi?id=146573

        caused crashes in webaudio tests (Requested by cdumez on
        #webkit).

        Reverted changeset:

        "Ensure media playback is stopped during page close"
        https://bugs.webkit.org/show_bug.cgi?id=146554
        http://trac.webkit.org/changeset/186251

2015-07-02  Brent Fulgham  <bfulgham@apple.com>

        Ensure media playback is stopped during page close
        https://bugs.webkit.org/show_bug.cgi?id=146554
        <rdar://problem/18033944>

        Reviewed by Zalan Bujtas.

        Add new method to Page class to stop all media playback. It just uses the process
        MediaSessionManager singleton to inform all hosted in a particular document to stop.

        * Modules/webaudio/AudioContext.h:
        (WebCore::WebAudio::hostingDocument): Added.
        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::hostingDocument): Added.
        * dom/Document.cpp:
        (WebCore::Document::commonTeardown): Call the new PlatformMediaSessionManager::stopAllMediaPlaybackForDocument
        method on document cleanup.
        * platform/audio/PlatformMediaSession.h:
        Made PlatformMediaSessionManager a friend so it can access the protected 'client' accessor.
        Updated PlatformMediaSessionClient to require clients to have a "hostingDocument" member.
        * platform/audio/PlatformMediaSessionManager.cpp:
        (WebCore::PlatformMediaSessionManager::stopAllMediaPlaybackForDocument): Added. Only pauses
        playback on elements that match the provided document.
        * platform/audio/PlatformMediaSessionManager.h:

2015-07-02  Dean Jackson  <dino@apple.com>

        Tapping a video in Safari causes the video to flash gray for a quick moment
        https://bugs.webkit.org/show_bug.cgi?id=146570
        <rdar://problem/21325181>

        Reviewed by Brent Fulgham.

        On iOS, video elements should not show the tap highlight.

        * css/html.css:
        (video):

2015-07-02  Dean Jackson  <dino@apple.com>

        WebKit should use 80% white background for PiP indicator
        https://bugs.webkit.org/show_bug.cgi?id=146444
        <rdar://problem/21555726>

        Reviewed by Brent Fulgham.

        The designers wanted 80% white, not 80% black (r186104).
        I've also reverted the AirPlay background back to black.

        * Modules/mediacontrols/mediaControlsiOS.css:
        (audio::-webkit-media-controls-wireless-playback-status):
        (audio::-webkit-media-controls-wireless-playback-status.small):
        (audio::-webkit-media-controls-wireless-playback-status.picture-in-picture):

2015-07-02  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Clear current AirPlay source before setting another
        https://bugs.webkit.org/show_bug.cgi?id=145959

        Reviewed by Brent Fulgham.

        * Modules/mediasession/WebMediaSessionManager.cpp:
        (WebCore::WebMediaSessionManager::clientStateDidChange): Don't make a client begin playing 
          to the target just because it has paused.
        (WebCore::WebMediaSessionManager::configurePlaybackTargetClients): Always select a client that
          requrested the picker, and never consider paused clients when choosing a client to begin
          playing to the targer. Call setShouldPlayToPlaybackTarget(true) after all of the other 
          clients have been told to stop playing to the target.

2015-07-02  Beth Dakin  <bdakin@apple.com>

        Allow the UIDelegate to customize an image preview
        https://bugs.webkit.org/show_bug.cgi?id=146557
        -and corresponding-
        rdar://problem/21657424

        Reviewed by Tim Horton.

        Add WEBCORE_EXPORT to use this in WK2.
        * loader/cache/CachedResource.h:
        (WebCore::CachedResource::url):

2015-07-02  Brady Eidson  <beidson@apple.com>

        Add preference to disable all http-equiv.
        <rdar://problem/9091261> and https://bugs.webkit.org/show_bug.cgi?id=146553

        Reviewed by Sam Weinig.

        No new tests (Covered by existing test)

        * dom/Document.cpp:
        (WebCore::Document::processHttpEquiv):
        * page/Settings.in:

2015-07-02  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] Remove ReadableStreamController.enqueue() custom binding
        https://bugs.webkit.org/show_bug.cgi?id=146455

        Reviewed by Darin Adler.

        Made enqueue not custom. Updated error to use Default=Undefined in IDL.

        No change in behavior.

        * Modules/streams/ReadableStreamController.h:
        (WebCore::ReadableStreamController::error): Removed unneeded variation of error.
        (WebCore::ReadableStreamController::enqueue): Calling ReadableJSStream enqueue method.
        * Modules/streams/ReadableStreamController.idl: Updated error with Default=Undefined and made enqueue not custom.
        * bindings/js/JSDOMBinding.cpp:
        (WebCore::createDOMException): Adding support for RangeError exceptions.
        * bindings/js/JSReadableStreamControllerCustom.cpp:
        (WebCore::constructJSReadableStreamController): Deleted.
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::error): Updated to pass error value as parameter.
        (WebCore::ReadableJSStream::enqueue): Added exception throwing through ExceptionCode.
        (WebCore::ReadableJSStream::retrieveChunkSize): Ditto.
        * bindings/js/ReadableJSStream.h:
        * dom/ExceptionCode.h: Adding RangeError.

2015-07-02  Brady Eidson  <beidson@apple.com>

        [Content Extensions] Block synchronous XMLHTTPRequest.
        <rdar://problem/21573006> and https://bugs.webkit.org/show_bug.cgi?id=146271

        Reviewed by Alex Christensen.

        Test: http/tests/contentextensions/sync-xhr-blocked.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadResourceSynchronously): If content blocked, set up an error, clear
          the response, and clear the response data.

2015-07-01  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Aggregate profile call information on the backend to drastically reduce profile sizes
        https://bugs.webkit.org/show_bug.cgi?id=146536

        Reviewed by Timothy Hatcher.

        * inspector/TimelineRecordFactory.cpp:
        (WebCore::buildAggregateCallInfoInspectorObject):
        (WebCore::buildInspectorObject):
        Replace the array of Call objects with a single aggregated call info object.

2015-07-01  Brent Fulgham  <bfulgham@apple.com>

        [Win] REGRESSION (r185124) CACFLayer handling broken
        https://bugs.webkit.org/show_bug.cgi?id=146530
        <rdar://problem/21642241>

        Reviewed by Tim Horton.

        At some point in the past, the set of LayerChange flags
        overflowed the default MSVC enum type of 'int'. This caused
        Windows rendering code to not receive various update notifications.

        Zalan's change moved the DebugIndicatorsChanged flag into that
        overflow set, which made it obvious that something was wrong.

        The fix is to tell the compiler to use a compatible base type
        for the enum.

        * platform/graphics/ca/GraphicsLayerCA.h: Prevent overflow.

2015-07-01  Alex Christensen  <achristensen@webkit.org>

        Reduce resolution of performance.now.
        https://bugs.webkit.org/show_bug.cgi?id=146531
        rdar://problem/20116796

        Reviewed by Simon Fraser.

        Test: http/tests/misc/webtiming-resolution.html

        * page/Performance.cpp:
        (WebCore::Performance::now):
        Floor the time returned by performance.now to the nearest 5 microseconds.

2015-07-01  Eric Carlson  <eric.carlson@apple.com>

        [iOS] Build fix

        Reviewed by Brent Fulgham.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebAVVideoLayer enterPIPModeRedirectingVideoToLayer:]): Renamed from enterOptimizedFullScreenModeRedirectingVideoToLayer.
        (-[WebAVVideoLayer leavePIPMode]): Renamed from leaveOptimizedFullScreenMode.
        (-[WebAVVideoLayer enterOptimizedFullScreenModeRedirectingVideoToLayer:]): Deleted.
        (-[WebAVVideoLayer leaveOptimizedFullScreenMode]): Deleted.

2015-07-01  Myles C. Maxfield  <mmaxfield@apple.com>

        [iOS] Support bold and thin italicized system fonts
        https://bugs.webkit.org/show_bug.cgi?id=146463
        <rdar://problem/20948885>

        Reviewed by Darin Adler.

        Add the italicized attribute to font descriptors.

        Test: fast/text/weighted-italicized-system-font.html

        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::createCTFontWithFamilyNameAndWeight):
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::fontWithFamilySpecialCase):
        (WebCore::fontWithFamily):
        * platform/spi/cocoa/CoreTextSPI.h:

2015-07-01  Alex Christensen  <achristensen@webkit.org>

        Fix ANGLE Windows build after r186169.
        https://bugs.webkit.org/show_bug.cgi?id=146532

        Reviewed by Brent Fulgham.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        Don't compile OpenGLShims.cpp or Extensions3DOpenGL.cpp on Windows 
        because Windows uses OpenGLES through ANGLE, not OpenGL.
        * platform/graphics/ANGLEWebKitBridge.h:
        Use OpenGLESShims.h on Windows instead of OpenGLShims.h.
        * platform/graphics/OpenGLESShims.h:
        Added needed definitions from OpenGL to compile successfully.
        * platform/graphics/win/GL/glext.h: Removed.

2015-07-01  Dean Jackson  <dino@apple.com>

        Disable the experimental WebGL2 implementation
        https://bugs.webkit.org/show_bug.cgi?id=146526
        <rdar://problem/21641235>

        Reviewed by Myles Maxfield.

        Add (and disable) an ENABLE_WEBGL2 flag. Also protect
        anything that is specific to WebGL2.

        Covered by running the WebGL 1.0.2 conformance suite
        and our LayoutTests.

        * Configurations/FeatureDefines.xcconfig:
        * bindings/js/JSCanvasRenderingContextCustom.cpp:
        (WebCore::toJS):
        * bindings/js/JSWebGL2RenderingContextCustom.cpp:
        * bindings/js/JSWebGLRenderingContextBaseCustom.cpp:
        (WebCore::toJS):
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::is3dType):
        * html/canvas/WebGL2RenderingContext.cpp:
        * html/canvas/WebGL2RenderingContext.h:
        * html/canvas/WebGL2RenderingContext.idl:
        * html/canvas/WebGLFramebuffer.cpp:
        (WebCore::WebGLFramebuffer::drawBuffersIfNecessary):
        * html/canvas/WebGLGetInfo.cpp:
        * html/canvas/WebGLGetInfo.h:
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::create):
        * html/canvas/WebGLVertexArrayObject.cpp:
        * html/canvas/WebGLVertexArrayObject.h:
        * html/canvas/WebGLVertexArrayObject.idl:

2015-07-01  Chris Dumez  <cdumez@apple.com>

        Regression(183998): Disqus comments take a very long time to load
        https://bugs.webkit.org/show_bug.cgi?id=146522
        <rdar://problem/21590601>

        Reviewed by Simon Fraser.

        Stop throttling requestAnimationFrame() in iframes that are not visible
        due to them being zero-sized or display:none. Those are usually utility
        iframes and throttling them is risky.

        Se still throttle requestAnimationFrame() in iframes that would be
        visible in theory but are currently not noticeable because they are
        outside the viewport.

        Test:
        - fast/animation/request-animation-frame-throttle-subframe.html
        - fast/animation/request-animation-frame-throttle-subframe-display-none.html
        - fast/animation/request-animation-frame-throttle-subframe-zero-size.html

        * page/FrameView.cpp:
        (WebCore::FrameView::updateScriptedAnimationsAndTimersThrottlingState):

2015-06-30  Ryosuke Niwa  <rniwa@webkit.org>

        REGRESSION (r179168): Characters overlap after resizing the font on the copy-pasted Japanese text
        https://bugs.webkit.org/show_bug.cgi?id=146492

        Reviewed by Darin Adler.

        The bug was caused by WebKit serializing the used line-height size (e.g. 18px) in the copied content
        instead of string "normal" and removeStyleFromRulesAndContext failing to strip it down when text with
        a font that influences the line height got pasted. This is because the used value of line-height
        property of the context and the pasted content doesn't match when the context doesn't use the same font.

        Fixed the bug by not considering line-height as a list of editing properties we try to preserve. This is
        fine because we don't provide editing operations to directly manipulate line-height.

        Test: editing/pasteboard/cjk-line-height.html

        * editing/EditingStyle.cpp:
        (WebCore::editingProperties): Removed CSSPropertyLineHeight.

2015-06-30  Brent Fulgham  <bfulgham@apple.com>

        REGRESSION (r184296): View keeps scrolling upward
        https://bugs.webkit.org/show_bug.cgi?id=146497
        <rdar://problem/21524942>

        Reviewed by Darin Adler.

        Avoid improperly triggering the ScrollController wheel event handling
        logic when the wheel event deltaX/deltaY are zero. On certain sites,
        this caused a programmatic JavaScript scroll to be triggered unexpectedly,
        scrolling the page back to some initial state.

        This bug was introduced while trying to make sure scrollbars were notified
        when the wheel event had come to an end. Revise that change so that we still
        follow the right code path for non-stretchable regions. However, make sure
        that for zero-delta wheel events we make sure to properly handle the wheel
        event phase. 

        * platform/mac/ScrollAnimatorMac.h:
        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::ScrollAnimatorMac::shouldForwardWheelEventsToParent): New helper function
        to reduce the complexity of the logic in handleWheelEvent.
        (WebCore::ScrollAnimatorMac::handleWheelEvent): When wheel events should be forwarded
        to the parent scroll view, if the event was handled or has no change in position
        trigger the 'handleWheelEventPhase' logic so that scrollbars are hidden, etc.

2015-06-30  Dean Jackson  <dino@apple.com>

        Hide the inline controls when going into PiP
        https://bugs.webkit.org/show_bug.cgi?id=146487
        <rdar://problem/19881159>

        Reviewed by Eric Carlson.

        When the presentation mode is PiP, toggle a class
        on the container element so that we can completely
        hide the control toolbar. The placard should still
        remain visible.

        * Modules/mediacontrols/mediaControlsiOS.css:
        (video::-webkit-media-controls-panel-container.picture-in-picture): Add
        a rule that hides the toolbar when PiP is active.
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.showControls):
        (ControllerIOS.prototype.handlePresentationModeChange): Toggle a
        class. Also fix a bug I noticed where exiting from PiP was
        not auto-hiding the controls until the user tapped.

2015-07-01  Matthew Daiter  <mdaiter@apple.com>

        Enable MEDIA_STREAM flag
        https://bugs.webkit.org/show_bug.cgi?id=145947
        <rdar://problem/21365829>

        Reviewed by Eric Carlson.

        * Configurations/FeatureDefines.xcconfig: Added MEDIA_STREAM flag
        * Modules/mediastream/MediaStreamTrack.h:
        * WebCore.xcodeproj/project.pbxproj: Changed project headers to
        private headers
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
        * platform/mediastream/RealtimeMediaSource.h:
        * platform/mediastream/mac/AVAudioCaptureSource.mm:
        * platform/mediastream/mac/AVCaptureDeviceManager.mm:
        (WebCore::refreshCaptureDeviceList): Deleted.
        * platform/mediastream/mac/AVMediaCaptureSource.mm:
        (WebCore::AVMediaCaptureSource::startProducingData):
        (WebCore::AVMediaCaptureSource::stopProducingData):

2015-07-01  Brent Fulgham  <bfulgham@apple.com>

        REGRESSION (r185016): Intermittent crash in WebCore::TextTrackList::remove
        https://bugs.webkit.org/show_bug.cgi?id=146493
        <rdar://problem/21511122>

        Reviewed by Eric Carlson.

        The m_textTracks member is frequently null checked during other operations, but
        was not checked during track removal. This needs to be corrected.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::removeTextTrack): Check that m_textTracks is
        not null before using it during track removal.

2015-07-01  Antti Koivisto  <antti@apple.com>

        PNG mask images are loaded with Accept:image/svg+xml
        https://bugs.webkit.org/show_bug.cgi?id=146509
        rdar://problem/21584740

        Reviewed by Simon Fraser.

        For some strange reason MaskImageOperation code loads all mask images, including non-SVG ones
        using CachedSVGDocument. Resulting bad accept header may cause server to reject the request.

        This is far from ideal but as a quick fix we can override the accept header for mask images to
        allow any image type.

        Test: http/tests/misc/mask-image-accept.html

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):
        * loader/cache/CachedResourceRequest.h:
        (WebCore::CachedResourceRequest::acceptOverride):
        (WebCore::CachedResourceRequest::setAcceptOverride):
        * loader/cache/CachedSVGDocumentReference.cpp:
        (WebCore::CachedSVGDocumentReference::load):
        * loader/cache/CachedSVGDocumentReference.h:
        (WebCore::CachedSVGDocumentReference::loadRequested):
        (WebCore::CachedSVGDocumentReference::setAcceptsAnyImageType):
        (WebCore::CachedSVGDocumentReference::document):
        * platform/graphics/MaskImageOperation.cpp:
        (WebCore::MaskImageOperation::ensureCachedSVGDocumentReference):

2015-07-01  Jer Noble  <jer.noble@apple.com>

        [MSE] Failures on W3C media-source tests regarding MIME types
        https://bugs.webkit.org/show_bug.cgi?id=146499

        Reviewed by Eric Carlson.

        Tests: http/tests/media/media-source/SourceBuffer-abort-readyState.html
               http/tests/media/media-source/SourceBuffer-abort-removed.html
               http/tests/media/media-source/SourceBuffer-abort-updating.html
               http/tests/media/media-source/SourceBuffer-abort.html

        Multiple failures in the W3C media-source test suite due to two failures in isTypeSupported MIME type handling:
        - MIME types without codec strings were being rejected.
        - MIME types with codec strings which are rejected by the system are being reported as supported.

        For the first, stop rejecting MIME types with non-existent codec strings. For MIME types which do have non-empty
        codec strings, treat a "Maybe" response as unsupported.

        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::isTypeSupported):

2015-06-30  Alex Christensen  <achristensen@webkit.org>

        Update ANGLE to b11e2483742db884bd0af41f78f528240577356b.
        https://bugs.webkit.org/show_bug.cgi?id=145010

        Reviewed by Dean Jackson.

        * CMakeLists.txt:
        * platform/graphics/ANGLEWebKitBridge.cpp:
        (WebCore::appendSymbol):
        (WebCore::getStructInfo):
        (WebCore::getSymbolInfo):
        (WebCore::ANGLEWebKitBridge::cleanupCompilers):
        (WebCore::ANGLEWebKitBridge::compileShaderSource):
        (WebCore::getValidationResultValue): Deleted.
        * platform/graphics/ANGLEWebKitBridge.h:
        (WebCore::ANGLEShaderSymbol::isSampler):
        * platform/graphics/GraphicsContext3D.h:
        (WebCore::GraphicsContext3D::SymbolInfo::SymbolInfo):
        * platform/graphics/mac/GraphicsContext3DMac.mm:
        * platform/graphics/opengl/Extensions3DOpenGL.cpp:
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::checkVaryingsPacking):
        (WebCore::GraphicsContext3D::precisionsMatch):
        Update WebCore to reflect changes in ANGLE.

2015-06-30  Zalan Bujtas  <zalan@apple.com>

        Frame flattening: Hit-testing an iframe could end up destroying the associated inline tree context.
        https://bugs.webkit.org/show_bug.cgi?id=146447
        rdar://problem/20613501

        Reviewed by Simon Fraser.

        This patch ensures that the render tree associated with the document on which
        the hit-test is initiated does not get laid out, unless it was directly mutated prior to the hittest.

        Hit-test requirements:
        1. A clean the render tree before hit-testing gets propagated to the renderers.
        Document::updateLayout() ensures it by calling both updateStyleIfNeeded() and layout() not only on the current tree, but also
        on the ancestors if needed.

        2. No render tree mutation while hit-testing the renderers.

        When an iframe is being hit-tested, this hit-test could bubble down to the child frame's render view.
        In order to ensure #1, we call Document::updateLayout() on the current (subframe) document.
        If updateStyleIfNeeded() mutates the render tree, we mark it dirty for layout(). However frame flattening also
        marks the parent renderer (RenderIFrame) dirty.
        While calling layout() to clean the current render tree, we end up laying out the parent tree too.
        Laying out the parent tree could end up destroying the inline tree context from where the
        hittest just bubbled down. (InlineFlowBox -> RenderWidget -> RenderView).

        This patch protects the render tree from such unintentional inline tree mutation during hittesting.
        After the initial layout we set a layout disallow flag on the frame view to defer subsequent layouts.
        This patch only changes behavior when frame flattening is enabled, but in future we may always want to enable this.

        Test: fast/frames/flattening/hittest-iframe-while-style-changes-crash.html

        * page/FrameView.cpp:
        (WebCore::FrameView::layout):
        (WebCore::FrameView::startLayoutAtMainFrameViewIfNeeded): Deleted. -> Assertion in no longer valid.
        * page/FrameView.h:
        * rendering/RenderView.cpp:
        (WebCore::FrameFlatteningLayoutDisallower::FrameFlatteningLayoutDisallower):
        (WebCore::FrameFlatteningLayoutDisallower::~FrameFlatteningLayoutDisallower):
        (WebCore::RenderView::hitTest): Protect the render tree from subsequent layouts.

2015-06-30  Andy VanWagoner  <thetalecrafter@gmail.com>

        Implement ECMAScript Internationalization API
        https://bugs.webkit.org/show_bug.cgi?id=90906

        Reviewed by Benjamin Poulain.

        Test: js/intl.html

        * Configurations/FeatureDefines.xcconfig: add ENABLE_INTL flag

2015-06-30  Wenson Hsieh  <whsieh@berkeley.edu>

        scroll-snap-points do not work very well with mechanical scroll wheel events
        https://bugs.webkit.org/show_bug.cgi?id=142501
        <rdar://problem/20093511>

        Reviewed by Brent Fulgham.

        Stateless scroll events generated by scrolling with a mechanical mouse wheel now trigger scroll
        snapping after a fixed delay.

        Test: platform/mac-wk2/tiled-drawing/scrolling/scroll-snap/scroll-snap-mandatory-overflow-stateless.html

        * platform/cocoa/ScrollController.h: Added member to track stateless scrolling.
        * platform/cocoa/ScrollController.mm: Added constant for delay for stateless scroll snapping.
        (WebCore::ScrollController::processWheelEventForScrollSnapOnAxis): Triggers timer upon stateless scroll events.
        (WebCore::ScrollController::horizontalScrollSnapTimerFired): Timer now handles stateless scrolling updates.
        (WebCore::ScrollController::verticalScrollSnapTimerFired): See above.
        (WebCore::ScrollController::beginScrollSnapAnimation): Handles stateless scroll snapping.

2015-06-30  Simon Fraser  <simon.fraser@apple.com>

        Try to fix Gtk and EFL builds.

        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::flushCompositingStateForThisLayerOnly):
        (WebCore::GraphicsLayerTextureMapper::flushCompositingState):
        * platform/graphics/texmap/GraphicsLayerTextureMapper.h:
        * platform/graphics/texmap/coordinated/CompositingCoordinator.cpp:
        (WebCore::CompositingCoordinator::flushPendingLayerChanges):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::flushCompositingState):
        (WebCore::CoordinatedGraphicsLayer::flushCompositingStateForThisLayerOnly):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:

2015-06-30  Simon Fraser  <simon.fraser@apple.com>

        [iOS] Missing tiles inside position:fixed on scrolling
        https://bugs.webkit.org/show_bug.cgi?id=146485
        rdar://problem/21226861

        Reviewed by Tim Horton.

        Layer flushing adjusts the coverage rect for tiled layers, but does so at times
        when position:fixed layers are moved around by the scrolling tree. The computed
        coverage rect then doesn't reflect the layer's on-screen position, causing missing
        tiles.

        Fix by pushing the notion of being in a "stable state" onto FrameView, and passing
        that state into the layer flush. When not in a stable state, flushing doesn't change
        the visible and coverage rects for layers that are viewport-constrained.

        * page/FrameView.cpp:
        (WebCore::FrameView::reset):
        * page/FrameView.h: Remove some velocity-related data members that were unused.
        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::flushCompositingState):
        (WebCore::GraphicsLayer::flushCompositingStateForThisLayerOnly):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::flushCompositingState):
        (WebCore::GraphicsLayerCA::flushCompositingStateForThisLayerOnly):
        (WebCore::GraphicsLayerCA::setVisibleAndCoverageRects): If this is a viewport-constrained
        layer, and the viewport is not stable, don't touch the rects.
        (WebCore::GraphicsLayerCA::recursiveCommitChanges):
        * platform/graphics/ca/GraphicsLayerCA.h:
        (WebCore::GraphicsLayerCA::CommitState::CommitState):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::flushPendingLayerChanges):

2015-06-30  Simon Fraser  <simon.fraser@apple.com>

        Rename GraphicsLayer's allowsBackingStoreDetachment to isViewportConstrained
        https://bugs.webkit.org/show_bug.cgi?id=146483

        Reviewed by Tim Horton.

        What GraphicsLayer really needs to know is whether some other thread/process
        is moving its platform layers around behind its back, and this is is better
        expressed as "isViewportConstrained" rather than "allowsBackingStoreDetachment".
        
        The sense of the flag is flipped, and boolean logic adjusted accordingly.

        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::setIsViewportConstrained):
        (WebCore::GraphicsLayer::isViewportConstrained):
        (WebCore::GraphicsLayer::setAllowsBackingStoreDetachment): Deleted.
        (WebCore::GraphicsLayer::allowsBackingStoreDetachment): Deleted.
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::GraphicsLayerCA):
        (WebCore::GraphicsLayerCA::setVisibleAndCoverageRects):
        (WebCore::GraphicsLayerCA::recursiveCommitChanges):
        * platform/graphics/ca/GraphicsLayerCA.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::setIsScrollCoordinatedWithViewportConstrainedRole):

2015-06-30  Dean Jackson  <dino@apple.com>

        CABackdropFilter should set windowServerAware to false
        https://bugs.webkit.org/show_bug.cgi?id=146469
        <rdar://problem/21618614>

        Reviewed by Simon Fraser.

        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
        (PlatformCALayerCocoa::PlatformCALayerCocoa): Set windowServerAware
        to false on Mac (it's not available on iOS).

2015-06-30  Chris Dumez  <cdumez@apple.com>

        Rolling out r175171
        https://bugs.webkit.org/show_bug.cgi?id=146470
        <rdar://problem/21349934>

        Unreviewed, rolling out <http://trac.webkit.org/changeset/175171>. It
        wasn't a huge win and Brady says it caused crash at
        <rdar://problem/21349934>.

        * platform/network/cf/ResourceRequest.h:
        * platform/network/cocoa/ResourceRequestCocoa.mm:
        (WebCore::ResourceRequest::doUpdatePlatformRequest):
        (WebCore::ResourceRequest::doUpdatePlatformHTTPBody):

2015-06-30  Matt Baker  <mattbaker@apple.com>

        Web Inspector: Reduce rendering frames "Other" time by instrumenting compositing
        https://bugs.webkit.org/show_bug.cgi?id=146168

        Reviewed by Brian Burg.

        Added Inspector instrumentation for measuring CoreAnimation compositing time. We mark the start of a composite
        event when the LayerFlushScheduler triggers a scheduled layer flush. InspectorController now exports a function
        for marking the end of the composite event, which should be called during the CA transaction post-commit phase
        (based on platform support). Lacking platform support, the event is considered complete after CoreAnimation
        runloop observers have run.

        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::didComposite):
        * inspector/InspectorController.h:
        New export for instrumentation in WebKit2.

        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::willCompositeImpl):
        (WebCore::InspectorInstrumentation::didCompositeImpl):
        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::willComposite):
        (WebCore::InspectorInstrumentation::didComposite):
        Plumbing for new instrumentation.

        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::internalStart):
        (WebCore::InspectorTimelineAgent::internalStop):
        (WebCore::InspectorTimelineAgent::willComposite):
        (WebCore::InspectorTimelineAgent::didComposite):
        (WebCore::toProtocol):
        * inspector/InspectorTimelineAgent.h:
        New Composite event type and instrumentation.

        * page/FrameView.cpp:
        (WebCore::FrameView::flushCompositingStateIncludingSubframes):
        Hook for start of compositing.

        * platform/spi/cocoa/QuartzCoreSPI.h:
        New header include and interface declaration.

2015-06-30  Beth Dakin  <bdakin@apple.com>

        The bounds on InteractionInformationAtPosition should be more precise
        https://bugs.webkit.org/show_bug.cgi?id=146468
        -and corresponding-
        rdar://problem/20739834

        Reviewed by Enrica Casucci and Simon Fraser.

        Export absoluteContentQuad().
        * rendering/RenderBox.h:

2015-06-30  Zalan Bujtas  <zalan@apple.com>

        Addressing post-review comments in r185756.

        * html/RubyTextElement.cpp:
        (WebCore::RubyTextElement::createElementRenderer):

2015-06-30  Zalan Bujtas  <zalan@apple.com>

        Addressing post-review comments in r185916

        * platform/LayoutUnit.h:
        (WebCore::roundToDevicePixel):

2015-06-30  Matt Rajca  <mrajca@apple.com>

        MediaSession: Use setSessionInternal to set the default media session in HTMLMediaElement's constructor
        https://bugs.webkit.org/show_bug.cgi?id=146465

        Reviewed by Eric Carlson.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement):

2015-06-30  Matt Rajca  <mrajca@apple.com>

        Media Session: implement algorithm for updating a media element's session (6.1)
        https://bugs.webkit.org/show_bug.cgi?id=146460

        Reviewed by Darin Adler.

        In addition to storing a pointer to the new media session, we now:

        - pause the media element if it is 'active' in the current media session
        - remove the media element from the current media session
        - release the current media session if there are no more active media elements
        - set the default media session if the new media session is null
        - update the 'kind' attribute to match the kind of the new media session

        * Modules/mediasession/MediaSession.cpp:
        (WebCore::MediaSession::isMediaElementActive):
        (WebCore::MediaSession::hasActiveMediaElements):
        * Modules/mediasession/MediaSession.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::setSession):
        (WebCore::HTMLMediaElement::setSessionInternal):
        * html/HTMLMediaElement.h:

2015-06-29  Anders Carlsson  <andersca@apple.com>

        Get rid of unused WKSI functions
        https://bugs.webkit.org/show_bug.cgi?id=146443

        Reviewed by Tim Horton.

        * platform/graphics/cg/PathCG.cpp:
        (WebCore::Path::platformAddPathForRoundedRect):
        Just call CGPathAddRoundedRect directly.

        * platform/ios/WebCoreSystemInterfaceIOS.mm:
        * platform/mac/WebCoreSystemInterface.h:
        * platform/mac/WebCoreSystemInterface.mm:

2015-06-30  Youenn Fablet  <youenn.fablet@crf.canon.fr> and Xabier Rodriguez Calvar  <calvaris@igalia.com>

        [Streams API] Finish pulling must always be done asynchronously as it is the expected promise behavior (according to the spec)
        https://bugs.webkit.org/show_bug.cgi?id=146408

        Reviewed by Darin Adler.

        Current tests cover the case already.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::pull): Call finishPull() in a postTask to delay it and simulate the promise
        resolution.

2015-06-30  Youenn Fablet  <youenn.fablet@crf.canon.fr> and Xabier Rodriguez Calvar  <calvaris@igalia.com>

        [Streams API] Synced bad strategy test with reference implementation
        https://bugs.webkit.org/show_bug.cgi?id=146411

        Reviewed by Darin Adler.

        Current tests cover the case.

        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::retrieveChunkSize): Check for negative size then running the JavaScript function.

2015-06-30  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] Remove ReadableStream.getReader() custom binding
        https://bugs.webkit.org/show_bug.cgi?id=146404

        Reviewed by Darin Adler.

        Covered by existing tests.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::getReader): Updated to take an exception.
        * Modules/streams/ReadableStream.h:
        * Modules/streams/ReadableStream.idl: Updated to remove custom binding.
        * bindings/js/JSReadableStreamCustom.cpp:
        (WebCore::JSReadableStream::getReader): Deleted.
        * bindings/js/JSReadableStreamReaderCustom.cpp:
        (WebCore::constructJSReadableStreamReader): Updated to pass an exception to getReader.

2015-06-29  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] ReadableStreamReader.closed should use DOMPromise
        https://bugs.webkit.org/show_bug.cgi?id=146406

        Reviewed by Darin Adler.

        Added storage of ClosedPromise as Optional of ReadableStream.
        Updated code accordingly.

        Covered by existing tests.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::clearCallbacks):
        (WebCore::ReadableStream::releaseReader):
        (WebCore::ReadableStream::changeStateToErrored):
        (WebCore::ReadableStream::closed):
        * Modules/streams/ReadableStream.h:
        * Modules/streams/ReadableStreamReader.cpp:
        (WebCore::ReadableStreamReader::closed):
        * Modules/streams/ReadableStreamReader.h:
        * bindings/js/JSReadableStreamReaderCustom.cpp:
        (WebCore::JSReadableStreamReader::closed):

2015-06-29  Simon Fraser  <simon.fraser@apple.com>

        [iOS WK2] WKWebViews in Facebook app start off black
        https://bugs.webkit.org/show_bug.cgi?id=146445
        rdar://problem/21600433

        Reviewed by Tim Horton.

        If -isOpaque is toggled on a WKWebView, we failed to make the page tiles non-opaque
        for a while. After r183775, RenderLayerCompositor::rootBackgroundTransparencyChanged() was called,
        but only considered the computed document background color, and not the view transparency.
        
        Fix by having rootBackgroundTransparencyChanged() simply use viewHasTransparentBackground(),
        which checks the FrameView transparency. Now we just need to store a transparency bool rather
        than the old color (we only checked its alpha anyway).

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::rootBackgroundTransparencyChanged):

2015-06-29  Dean Jackson  <dino@apple.com>

        WebKit should use 80% black background for PiP indicator
        https://bugs.webkit.org/show_bug.cgi?id=146444
        <rdar://problem/21555726>

        Reviewed by Sam Weinig.

        Change the black background to a slightly less black background.
        This also involved making the placard artwork white, in order
        to keep it visible against the new grey.

        * Modules/mediacontrols/mediaControlsiOS.css:
        (audio::-webkit-media-controls-wireless-playback-status):
        (audio::-webkit-media-controls-wireless-playback-status.small):
        (audio::-webkit-media-controls-wireless-playback-status.picture-in-picture):

2015-06-29  Brady Eidson  <beidson@apple.com>

        Flag sync XHRs from the network process so they can be handled appropriately.
        <rdar://problem/21579162> and https://bugs.webkit.org/show_bug.cgi?id=146441

        Reviewed by Darin Adler.

        * platform/network/ResourceHandleClient.h:
        (WebCore::ResourceHandleClient::loadingSynchronousXHR): Added so clients of asynchronous
          loads can signal they should be treated like synchronous loads at the platform level.

        * platform/network/cf/ResourceHandleCFNet.cpp:
        (WebCore::ResourceHandle::start): Adjust SchedulingBehavior based on the client.

        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::ResourceHandle::start): Adjust SchedulingBehavior based on the client.

2015-06-29  Chris Fleizach  <cfleizach@apple.com>

        AX: PlatformSpeechSynthesizer code doesn't catch Objective-C exceptions
        https://bugs.webkit.org/show_bug.cgi?id=146419

        Reviewed by Simon Fraser.

        Make sure ObjC exception resulting from calling into the platform cause problems in WebKit.

        * platform/ios/PlatformSpeechSynthesizerIOS.mm:
        (-[WebSpeechSynthesisWrapper speakUtterance:]):
        (-[WebSpeechSynthesisWrapper pause]):
        (-[WebSpeechSynthesisWrapper resume]):
        (-[WebSpeechSynthesisWrapper cancel]):
        (-[WebSpeechSynthesisWrapper speechSynthesizer:didStartSpeechUtterance:]):
        (WebCore::PlatformSpeechSynthesizer::initializeVoiceList):
        (WebCore::PlatformSpeechSynthesizer::pause):

2015-06-29  Matt Rajca  <mrajca@apple.com>

        Removing an element from a media session should also remove it from the sets of active participating elements
        https://bugs.webkit.org/show_bug.cgi?id=146420

        Reviewed by Eric Carlson.

        * Modules/mediasession/MediaSession.cpp:
        (WebCore::MediaSession::removeMediaElement):

2015-06-29  Dean Jackson  <dino@apple.com>

        Temporarily disable PICTURE_SIZES
        https://bugs.webkit.org/show_bug.cgi?id=146435
        <rdar://problem/21087013>

        Reviewed by Tim Horton.

        Temporarily disable PICTURE_SIZES because it causes problems with out
        of date <picture> polyfills.

        * Configurations/FeatureDefines.xcconfig:

2015-06-29  Tim Horton  <timothy_horton@apple.com>

        Fix the build.

        * editing/cocoa/HTMLConverter.mm:
        * platform/spi/cocoa/NSAttributedStringSPI.h:

2015-06-29  Tim Horton  <timothy_horton@apple.com>

        Fix the build.

        * platform/spi/cocoa/NSAttributedStringSPI.h:

2015-06-29  Tim Horton  <timothy_horton@apple.com>

        Fix the build.

        * platform/spi/cocoa/NSAttributedStringSPI.h:

2015-06-27  Ryosuke Niwa  <rniwa@webkit.org>

        Font panel doesn't get updated when bolding text via cmd+b in Mail on OS X
        https://bugs.webkit.org/show_bug.cgi?id=146379

        Reviewed by Darin Adler.

        The bug was caused by WebKit not updating the font panel when the typing style changes.
        There was also a bug that WebKit never updated font attributes on OS X.

        Fixed the bugs by always updating the font panel after applying style instead of only
        when the selection changes and setting the font attributes.

        I tried really had to write a WebKit API test but I couldn't get it to work so there are
        no new tests :(

        * WebCore.xcodeproj/project.pbxproj:
        * editing/Editor.cpp:
        (WebCore::Editor::applyStyle):
        (WebCore::Editor::shouldApplyStyle):
        (WebCore::Editor::applyParagraphStyle):
        (WebCore::Editor::applyStyleToSelection):
        (WebCore::Editor::applyParagraphStyleToSelection):
        (WebCore::Editor::selectionStartHasStyle):
        (WebCore::Editor::document):
        (WebCore::Editor::styleForSelectionStart): Deleted.
        * editing/Editor.h:
        * editing/cocoa/EditorCocoa.h: Added. Shares the declaration for NSUnderlineStyle in iOS.
        * editing/cocoa/EditorCocoa.mm: Added.
        (WebCore::Editor::styleForSelectionStart): Moved from Editor.cpp
        (WebCore::Editor::getTextDecorationAttributesRespectingTypingStyle): Extracted from iOS's
        fontAttributesForSelectionStart implementation.
        * editing/cocoa/HTMLConverter.mm:
        * editing/ios/EditorIOS.mm:
        (WebCore::Editor::fontAttributesForSelectionStart):
        * editing/mac/EditorMac.mm:
        (WebCore::Editor::fontAttributesForSelectionStart):
        * loader/EmptyClients.h:
        * page/EditorClient.h:

2015-06-29  Matt Rajca  <mrajca@apple.com>

        MediaSession: use a HashSet for the collection of participating elements
        https://bugs.webkit.org/show_bug.cgi?id=146421

        Reviewed by Eric Carlson.

        * Modules/mediasession/MediaSession.cpp:
        (WebCore::MediaSession::addMediaElement):
        (WebCore::MediaSession::removeMediaElement):
        * Modules/mediasession/MediaSession.h:

2015-06-29  Dean Jackson  <dino@apple.com>

        Setting to enable/disable media controls sizing on page zoom
        https://bugs.webkit.org/show_bug.cgi?id=146423
        <rdar://problem/18379634>

        Reviewed by Eric Carlson.

        Add a new setting "MediaControlsScaleWithPageZoom" that can disable
        the behaviour we currently implement on iOS, where the media controls
        attempt to remain at a fixed size independent of page zoom.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::setMediaControlsDependOnPageScaleFactor): Do not
        set this value to true if the new setting is disabled.
        * page/Settings.cpp:
        * page/Settings.in: Add the new setting.

2015-06-29  Adam Bergkvist  <adam.bergkvist@ericsson.com>

        WebRTC: Update the MediaStream API
        https://bugs.webkit.org/show_bug.cgi?id=146313

        Reviewed by Eric Carlson.

        Update the MediaStream API (MediaStream, MediaStreamTrack and
        RealtimeMediaSource) to match the Media Capture and Stream
        specification [1]. Notable changes:

        Updated event handling to synchronously update corresponding
        state/attributes as events are dispatched.

        Removed 'new' state from MediaStreamTrack. A track is either 'live' or
        'ended'. As a consequence 'started' event is also removed.

        MediaStreamTrack always has a source (disconnected source concept was
        removed from the spec). Therefore, more state can be kept at the source
        without going away.

        Calculate MediaStream.active internally, from the track set, instead of
        setting it externally.

        Updated RealtimeMediaSource Observer interface.

        Replaced MediaStream's separate audio and video track lists with a
        single track set (more aligned with spec).

        Updated MediaStream constructor to adopt instead of clone track
        arguments (or tracks from MediaStream argument).

        Removed MediaStreamTrack.getSources() and corresponding test (removed
        from spec).

        Test status: 3 added, 8 existing enabled (some updated) and 1 removed.

        [1] http://w3c.github.io/mediacapture-main/archives/20150523/getusermedia.html

        Tests: fast/mediastream/MediaStreamTrack-clone.html
               fast/mediastream/MediaStreamTrack-kind.html
               fast/mediastream/MediaStreamTrack-stop.html

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::create):
        (WebCore::MediaStream::MediaStream):
        (WebCore::MediaStream::clone):
        (WebCore::MediaStream::addTrack):
        (WebCore::MediaStream::removeTrack):
        (WebCore::MediaStream::getTrackById):
        (WebCore::MediaStream::getAudioTracks):
        (WebCore::MediaStream::getVideoTracks):
        (WebCore::MediaStream::getTracks):
        (WebCore::MediaStream::contextDestroyed):
        (WebCore::MediaStream::trackDidEnd):
        (WebCore::MediaStream::activeStatusChanged):
        (WebCore::MediaStream::didAddTrackToPrivate):
        (WebCore::MediaStream::didRemoveTrackFromPrivate):
        (WebCore::MediaStream::internalAddTrack):
        (WebCore::MediaStream::internalRemoveTrack):
        (WebCore::MediaStream::scheduleActiveStateChange):
        (WebCore::MediaStream::activityEventTimerFired):
        (WebCore::MediaStream::trackVectorForType):
        (WebCore::MediaStream::~MediaStream): Deleted.
        (WebCore::MediaStream::registry): Deleted.
        (WebCore::MediaStream::addObserver): Deleted.
        (WebCore::MediaStream::removeObserver): Deleted.
        * Modules/mediastream/MediaStream.h:
        * Modules/mediastream/MediaStream.idl:
        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::MediaStreamTrack):
        (WebCore::MediaStreamTrack::~MediaStreamTrack):
        (WebCore::MediaStreamTrack::kind):
        (WebCore::MediaStreamTrack::id):
        (WebCore::MediaStreamTrack::label):
        (WebCore::MediaStreamTrack::enabled):
        (WebCore::MediaStreamTrack::setEnabled):
        (WebCore::MediaStreamTrack::muted):
        (WebCore::MediaStreamTrack::readonly):
        (WebCore::MediaStreamTrack::remote):
        (WebCore::MediaStreamTrack::readyState):
        (WebCore::MediaStreamTrack::ended):
        (WebCore::MediaStreamTrack::clone):
        (WebCore::MediaStreamTrack::stopProducingData):
        (WebCore::MediaStreamTrack::states):
        (WebCore::MediaStreamTrack::getCapabilities):
        (WebCore::MediaStreamTrack::applyConstraints):
        (WebCore::MediaStreamTrack::trackEnded):
        (WebCore::MediaStreamTrack::trackMutedChanged):
        (WebCore::MediaStreamTrack::stop):
        (WebCore::MediaStreamTrack::getConstraints): Deleted.
        (WebCore::MediaStreamTrack::addObserver): Deleted.
        (WebCore::MediaStreamTrack::removeObserver): Deleted.
        (WebCore::MediaStreamTrack::configureTrackRendering): Deleted.
        (WebCore::MediaStreamTrack::activeDOMObjectName): Deleted.
        (WebCore::MediaStreamTrack::canSuspendForPageCache): Deleted.
        * Modules/mediastream/MediaStreamTrack.h:
        * Modules/mediastream/MediaStreamTrack.idl:
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::didRemoveRemoteStream): Deleted.
        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::didCreateStream):
        * platform/mediastream/MediaStreamPrivate.cpp:
        (WebCore::MediaStreamPrivate::create):
        (WebCore::MediaStreamPrivate::MediaStreamPrivate):
        (WebCore::MediaStreamPrivate::tracks):
        (WebCore::MediaStreamPrivate::updateActiveState):
        (WebCore::MediaStreamPrivate::addTrack):
        (WebCore::MediaStreamPrivate::removeTrack):
        * platform/mediastream/MediaStreamPrivate.h:
        (WebCore::MediaStreamPrivate::active): Deleted.
        * platform/mediastream/MediaStreamTrackPrivate.cpp:
        (WebCore::MediaStreamTrackPrivate::create):
        (WebCore::MediaStreamTrackPrivate::MediaStreamTrackPrivate):
        (WebCore::MediaStreamTrackPrivate::~MediaStreamTrackPrivate):
        (WebCore::MediaStreamTrackPrivate::label):
        (WebCore::MediaStreamTrackPrivate::setEnabled):
        (WebCore::MediaStreamTrackPrivate::endTrack):
        (WebCore::MediaStreamTrackPrivate::clone):
        (WebCore::MediaStreamTrackPrivate::type):
        (WebCore::MediaStreamTrackPrivate::applyConstraints):
        (WebCore::MediaStreamTrackPrivate::sourceStopped):
        (WebCore::MediaStreamTrackPrivate::sourceMutedChanged):
        (WebCore::MediaStreamTrackPrivate::preventSourceFromStopping):
        (WebCore::MediaStreamTrackPrivate::muted): Deleted.
        (WebCore::MediaStreamTrackPrivate::readonly): Deleted.
        (WebCore::MediaStreamTrackPrivate::remote): Deleted.
        (WebCore::MediaStreamTrackPrivate::constraints): Deleted.
        (WebCore::MediaStreamTrackPrivate::states): Deleted.
        (WebCore::MediaStreamTrackPrivate::capabilities): Deleted.
        * platform/mediastream/MediaStreamTrackPrivate.h:
        (WebCore::MediaStreamTrackPrivate::id):
        (WebCore::MediaStreamTrackPrivate::ended):
        (WebCore::MediaStreamTrackPrivate::enabled):
        (WebCore::MediaStreamTrackPrivate::setClient):
        (WebCore::MediaStreamTrackPrivate::source): Deleted.
        (WebCore::MediaStreamTrackPrivate::client): Deleted.
        * platform/mediastream/RealtimeMediaSource.cpp:
        (WebCore::RealtimeMediaSource::RealtimeMediaSource):
        (WebCore::RealtimeMediaSource::reset):
        (WebCore::RealtimeMediaSource::setMuted):
        (WebCore::RealtimeMediaSource::readonly):
        (WebCore::RealtimeMediaSource::stop):
        (WebCore::RealtimeMediaSource::requestStop):
        (WebCore::RealtimeMediaSource::addObserver): Deleted.
        (WebCore::RealtimeMediaSource::removeObserver): Deleted.
        * platform/mediastream/RealtimeMediaSource.h:
        (WebCore::RealtimeMediaSource::stopped):
        (WebCore::RealtimeMediaSource::id): Deleted.
        (WebCore::RealtimeMediaSource::muted): Deleted.
        (WebCore::RealtimeMediaSource::setReadonly): Deleted.
        * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.cpp:
        (WebCore::RealtimeMediaSourceCenterOwr::createMediaStream): Deleted.
        * platform/mock/MockRealtimeMediaSourceCenter.cpp:
        (WebCore::MockRealtimeMediaSourceCenter::createMediaStream): Deleted.

2015-06-29  Benjamin Poulain  <benjamin@webkit.org>

        Make the NFA transitions range-based
        https://bugs.webkit.org/show_bug.cgi?id=146338

        Reviewed by Alex Christensen.

        Change the NFA to use range based transition for any kind of transition.
        The fallback transition is also absorbed as ranges.

        Previously, the NFA would only have single transitions and a fallback
        transition for all cases not covered by single transitions.

        The problem with that design was that character ranges (e.g. [a-z]) were
        extended as individual transitions. Something like [^a] would cover
        most of the alphabet with transitions.
        When converting the NFA to DFA, the time is proportional to the number of states
        multiplied by the number of transitions. With many individual transitions,
        the run time was an order of magnitude higher than what we want.

        This patch changes the NFA to only handle ranges of characters. A single transition
        becomes a range with the character as first and last character in the range
        ('a' becomes 'a' to 'a').
        Ranges of characters are handled direclty (e.g. [a-z] becomes a single 'a' to 'z' transition).

        In the context of the state machines, ranges have identifies (the target of the transitions).
        When two ranges collide, they have to be split such that each part retain its target
        except the intersection that gets the union of the targets.

        Handling the union of ranges efficiently is critical because we have to do
        it for every NFA node in any subset when building the DFA. The helper
        class that does that is MutableRange.

        The union of ranges is done efficiently because of preconditions on our list of ranges:
        -The ranges must be sorted.
        -No range in a list can intersect any other range in the same list.

        To merge two ranges, we can go over them in order and split them part by part.
        It is easy to find what goes where because they are both sorted and we can
        compare the characters of each to know how to move forward.
        The time to merge 2 range list is proportional to O(n+m) where 'n' and 'm' are
        the number of ranges in each list.

        Since taking the union of two lists usually create new ranges, we have to allocate
        those somewhere efficiently. To do that, MutableRange support an inline capacity,
        which is used for the NFAToDFA Convertion.

        ---

        With ranges, the NFA-to-DFA conversion changes very little:
        -Each NFA nodes contains a list of ranges and each range has a list of targets.
        -The subset construction select any number of NFA nodes corresponding to
         a single deterministic state.
        -For the subset, we can use MutableRange to merge the ranges of every
         NFA node in the set. The resulting list has rangeis with targets corresponding
         to the union of all the transitions.
        -We go over all the ranges the same way we used to go over the transitions.
         Since the DFA does not support ranges, the ranges are spread as individual
         transitions + fallback transition.

        ---

        With the efficient merging solved, we still need the actual NFA to use ranges
        instead of individual transitions.

        I could have used MutableRange for that but it is not the most compact
        way to represent ranges that do not need merging.

        Instead, the NFA uses a custom structure: ImmutableNFA. It is basically
        the same thing, but in that one you cannot change a list of range
        after creating it.

        Consequently, the sorted ranges in ImmutableNFA are also subsequent
        in memory, which is really nice to go over them efficiently
        when merging ranges in the NFA-to-DFA conversion. :)

        When building the NFA, we don't know all the transitions when creating
        each node, BUT we know that we have very few node "unfinished" at any
        time. Since we build by going depth-first in the prefix-tree, we only
        have the max-depth of live nodes in the worst case.

        To help building the NFA out of the prefix tree, we have
        ImmutableNFANodeBuilder. It keeps all the informations about a NFA node,
        but in a non-compact, mutable form. When a ImmutableNFANodeBuilder
        is destroyed, it serialize the information into the immutable NFA.

        * WebCore.xcodeproj/project.pbxproj:
        * contentextensions/CombinedURLFilters.cpp:
        (WebCore::ContentExtensions::generateNFAForSubtree):
        (WebCore::ContentExtensions::CombinedURLFilters::processNFAs):
        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        * contentextensions/DFA.cpp:
        (WebCore::ContentExtensions::DFA::empty):
        * contentextensions/DFA.h:
        * contentextensions/ImmutableNFA.h: Added.
        (WebCore::ContentExtensions::ImmutableNFA::ConstTargetIterator::operator*):
        (WebCore::ContentExtensions::ImmutableNFA::ConstTargetIterator::operator->):
        (WebCore::ContentExtensions::ImmutableNFA::ConstTargetIterator::operator==):
        (WebCore::ContentExtensions::ImmutableNFA::ConstTargetIterator::operator!=):
        (WebCore::ContentExtensions::ImmutableNFA::ConstTargetIterator::operator++):
        (WebCore::ContentExtensions::ImmutableNFA::IterableConstTargets::begin):
        (WebCore::ContentExtensions::ImmutableNFA::IterableConstTargets::end):
        (WebCore::ContentExtensions::ImmutableNFA::ConstRangeIterator::operator*):
        (WebCore::ContentExtensions::ImmutableNFA::ConstRangeIterator::operator->):
        (WebCore::ContentExtensions::ImmutableNFA::ConstRangeIterator::operator==):
        (WebCore::ContentExtensions::ImmutableNFA::ConstRangeIterator::operator!=):
        (WebCore::ContentExtensions::ImmutableNFA::ConstRangeIterator::operator++):
        (WebCore::ContentExtensions::ImmutableNFA::ConstRangeIterator::data):
        (WebCore::ContentExtensions::ImmutableNFA::IterableConstRange::begin):
        (WebCore::ContentExtensions::ImmutableNFA::IterableConstRange::end):
        (WebCore::ContentExtensions::ImmutableNFA::IterableConstRange::debugPrint):
        (WebCore::ContentExtensions::ImmutableNFA::transitionsForNode):
        (WebCore::ContentExtensions::ImmutableNFA::root):
        (WebCore::ContentExtensions::ImmutableNFA::finalize):
        (WebCore::ContentExtensions::ImmutableNFA::memoryUsed):
        * contentextensions/ImmutableNFANodeBuilder.h: Added.
        (WebCore::ContentExtensions::ImmutableNFANodeBuilder::ImmutableNFANodeBuilder):
        (WebCore::ContentExtensions::ImmutableNFANodeBuilder::~ImmutableNFANodeBuilder):
        (WebCore::ContentExtensions::ImmutableNFANodeBuilder::addTransition):
        (WebCore::ContentExtensions::ImmutableNFANodeBuilder::addEpsilonTransition):
        (WebCore::ContentExtensions::ImmutableNFANodeBuilder::setActions):
        (WebCore::ContentExtensions::ImmutableNFANodeBuilder::operator=):
        (WebCore::ContentExtensions::ImmutableNFANodeBuilder::finalize):
        (WebCore::ContentExtensions::ImmutableNFANodeBuilder::sinkActions):
        (WebCore::ContentExtensions::ImmutableNFANodeBuilder::sinkTransitions):
        (WebCore::ContentExtensions::ImmutableNFANodeBuilder::sinkEpsilonTransitions):
        * contentextensions/MutableRange.h: Added.
        (WebCore::ContentExtensions::MutableRange::MutableRange):
        (WebCore::ContentExtensions::MutableRange::operator=):
        (WebCore::ContentExtensions::MutableRange::size):
        * contentextensions/MutableRangeList.h: Added.
        (WebCore::ContentExtensions::MutableRangeList::ConstIterator::operator*):
        (WebCore::ContentExtensions::MutableRangeList::ConstIterator::operator->):
        (WebCore::ContentExtensions::MutableRangeList::ConstIterator::operator==):
        (WebCore::ContentExtensions::MutableRangeList::ConstIterator::operator!=):
        (WebCore::ContentExtensions::MutableRangeList::ConstIterator::operator++):
        (WebCore::ContentExtensions::MutableRangeList::begin):
        (WebCore::ContentExtensions::MutableRangeList::end):
        (WebCore::ContentExtensions::MutableRangeList::appendRange):
        (WebCore::ContentExtensions::MutableRangeList::extend):
        (WebCore::ContentExtensions::MutableRangeList::isEmpty):
        (WebCore::ContentExtensions::MutableRangeList::clear):
        (WebCore::ContentExtensions::MutableRangeList::debugPrint):
        (WebCore::ContentExtensions::MutableRangeList::insertBetween):
        (WebCore::ContentExtensions::MutableRangeList::initializeFrom):
        * contentextensions/NFA.cpp:
        (WebCore::ContentExtensions::NFA::debugPrintDot):
        (WebCore::ContentExtensions::NFA::NFA): Deleted.
        (WebCore::ContentExtensions::NFA::createNode): Deleted.
        (WebCore::ContentExtensions::NFA::memoryUsed): Deleted.
        (WebCore::ContentExtensions::NFA::addTransition): Deleted.
        (WebCore::ContentExtensions::NFA::addEpsilonTransition): Deleted.
        (WebCore::ContentExtensions::NFA::addTransitionsOnAnyCharacter): Deleted.
        (WebCore::ContentExtensions::NFA::setActions): Deleted.
        (WebCore::ContentExtensions::NFA::graphSize): Deleted.
        (WebCore::ContentExtensions::NFA::restoreToGraphSize): Deleted.
        (WebCore::ContentExtensions::printRange): Deleted.
        (WebCore::ContentExtensions::printTransitions): Deleted.
        * contentextensions/NFA.h:
        (WebCore::ContentExtensions::NFA::root): Deleted.
        (WebCore::ContentExtensions::NFA::addRuleId): Deleted.
        * contentextensions/NFANode.h:
        * contentextensions/NFAToDFA.cpp:
        (WebCore::ContentExtensions::epsilonClosureExcludingSelf):
        (WebCore::ContentExtensions::resolveEpsilonClosures):
        (WebCore::ContentExtensions::NodeIdSetToUniqueNodeIdSetSource::NodeIdSetToUniqueNodeIdSetSource):
        (WebCore::ContentExtensions::NodeIdSetToUniqueNodeIdSetTranslator::translate):
        (WebCore::ContentExtensions::DataConverterWithEpsilonClosure::convert):
        (WebCore::ContentExtensions::DataConverterWithEpsilonClosure::extend):
        (WebCore::ContentExtensions::createCombinedTransition):
        (WebCore::ContentExtensions::canUseFallbackTransition):
        (WebCore::ContentExtensions::findBestFallbackTarget):
        (WebCore::ContentExtensions::getOrCreateDFANode):
        (WebCore::ContentExtensions::NFAToDFA::convert):
        (WebCore::ContentExtensions::populateTransitions): Deleted.
        * contentextensions/NFAToDFA.h:
        * contentextensions/Term.h:
        (WebCore::ContentExtensions::Term::Term):
        (WebCore::ContentExtensions::Term::generateGraph):
        (WebCore::ContentExtensions::Term::generateSubgraphForAtom):
        (WebCore::ContentExtensions::Term::Term::generateGraph): Deleted.

2015-06-29  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        Binding generator should allow using JSC::Value for "any" parameter in lieu of ScriptValue
        https://bugs.webkit.org/show_bug.cgi?id=146403

        Reviewed by Darin Adler.

        Covered by existing tests.

        Enabling new APIs to use JSC::JSValue by using implicit case from ScriptValue to JSC::JSValue.
        Updated binding generator to include ScruptValue header in the needed JSXX.cpp files.
        Applied approach to ReadableStreamController.error.

        * Modules/streams/ReadableStreamController.h:
        (WebCore::ReadableStreamController::error):
        * Modules/streams/ReadableStreamController.idl:
        * bindings/js/JSReadableStreamControllerCustom.cpp:
        (WebCore::constructJSReadableStreamController): Deleted.
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::error):
        * bindings/js/ReadableJSStream.h:
        * bindings/scripts/CodeGeneratorJS.pm:
        (JSValueToNative):
        * bindings/scripts/test/JS/JSTestObj.cpp:

2015-06-29  Anders Carlsson  <andersca@apple.com>

        Use DISPATCH_SOURCE_TYPE_MEMORYPRESSURE instead of DISPATCH_SOURCE_TYPE_MEMORYSTATUS
        https://bugs.webkit.org/show_bug.cgi?id=146413
        rdar://problem/21295036

        Reviewed by Andreas Kling.

        Replace SPI with API.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/cocoa/MemoryPressureHandlerCocoa.mm:
        (WebCore::MemoryPressureHandler::install):
        * platform/mac/WebCoreSystemInterface.h:
        * platform/spi/cocoa/DispatchSPI.h: Removed.

2015-06-29  Andreas Kling  <akling@apple.com>

        [iOS] Pausing a media element should discard buffered data immediately if under memory pressure.
        <https://webkit.org/b/146410>
        <rdar://problem/20366883>

        Reviewed by Darin Adler.

        When moving a media element into paused state, call purgeBufferedDataIfPossible()
        right away if the system is under memory pressure.

        This ensures that mediaserverd drops its forward-looking frame queue right
        away instead of waiting for a new pressure notification.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::pauseInternal):

2015-06-29  Matt Rajca  <mrajca@apple.com>

        Media Session: Media elements should report a null session for Default sessions
        https://bugs.webkit.org/show_bug.cgi?id=146373

        Reviewed by Eric Carlson.

        If a media element's current session is a 'Default' media session, its session property should report null in
        the JavaScript API.

        * Modules/mediasession/MediaSession.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::session):

2015-06-29  Said Abou-Hallawa  <sabouhallawa@apple.com>

        [Mac] Disable QTKit by default.
        https://bugs.webkit.org/show_bug.cgi?id=146352

        Reviewed by Darin Adler.
        
        Fix the the requirement for enabling QTKit and AVFoundation.

        * page/Settings.cpp:
        (WebCore::invalidateAfterGenericFamilyChange): Remove the requirement
        for enabling QTKit and AVFoundation. The initial state of QTKit should
        be disabled on all OS X ports. And the initial state of AVFoundation
        should be enabled  on all OS X ports.

2015-06-29  Hyungwook Lee  <hyungwook.lee@navercorp.com>

        [EFL] Purge unused favicons from IconDatabase after 30 days.
        https://bugs.webkit.org/show_bug.cgi?id=146334

        Reviewed by Gyuyoung Kim.

        We need purge unused favicons from IconDatabase for database size control.

        * loader/icon/IconDatabase.cpp:
        (WebCore::IconDatabase::performURLImport):

2015-06-26  Matt Rajca  <mrajca@apple.com>

        Add support for 'Default' media session types
        https://bugs.webkit.org/show_bug.cgi?id=146355

        Reviewed by Darin Adler.

        * Modules/mediasession/MediaSession.cpp:
        (WebCore::MediaSession::MediaSession): Added a new constructor for creating 'Default' media sessions.
        (WebCore::MediaSession::kind): 'Default' media sessions are represented by an empty string.
        * Modules/mediasession/MediaSession.h:
        * dom/Document.cpp:
        (WebCore::Document::defaultMediaSession): Lazily construct the default media session.
        * dom/Document.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement): New media elements are assigned to the 'Default' media session.

2015-06-28  Andreas Kling  <akling@apple.com>

        [iOS] Drop buffered data in paused media elements on memory pressure.
        <https://webkit.org/b/146369>
        <rdar://problem/20366883>

        Reviewed by Eric Carlson.

        To avoid getting crushed under mediaserverd memory growth when viewing
        a page with multiple media elements, add a step to the memory pressure
        handler that drops buffered data from all media elements that are
        not currently playing.

        On a test page with a bunch of embedded YouTube videos, this pass frees
        up ~4MB per paused video when the system memory pressure hits.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::allMediaElements):
        (WebCore::HTMLMediaElement::HTMLMediaElement):
        (WebCore::HTMLMediaElement::~HTMLMediaElement):
        (WebCore::HTMLMediaElement::purgeBufferedDataIfPossible):
        * html/HTMLMediaElement.h:
        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::releaseCriticalMemory):

2015-06-28  Chris Dumez  <cdumez@apple.com>

        Crash: com.apple.WebKit.WebContent at com.apple.WebCore: WebCore::CachedFrameBase::restore + 333
        https://bugs.webkit.org/show_bug.cgi?id=146388
        <rdar://problem/21567343>

        Reviewed by Darin Adler.

        Pages that are currently loading are not supposed to go into the
        PageCache. However, PageCache::canCache() only checks if the
        FrameLoader's documentLoader is loading. If the subframe is in
        provisional load stage, we would fail to detect that the frame is
        actually loading because the FrameLoader active documentLoader would
        be the provisional documentLoader, not the regular documentLoader.
        Therefore, the page would get added to the PageCache and the frame
        would keep loading while in the PageCache.

        On http://www.audiusa.com/models, this is what was happening. It was
        crashing because the subframe would finish loading while in the
        PageCache, in which case we would fire the 'load' event and the
        content 'load' event handler would then proceed to remove the iframe.
        Upon restoring the PageCache entry, we would run into trouble as we
        would have a CachedFrame whose Frame has been removed.

        The solution proposed is to prevent page-caching if a subframe is in
        provisional load stage.

        Test: http/tests/navigation/page-cache-iframe-provisional-load.html

        * history/PageCache.cpp:
        (WebCore::logCanCacheFrameDecision):
        (WebCore::PageCache::canCachePageContainingThisFrame):
        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::provisionalLoadKey):
        * page/DiagnosticLoggingKeys.h:

2015-06-28  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] Add support for chunks with customized sizes
        https://bugs.webkit.org/show_bug.cgi?id=146312

        Reviewed by Darin Adler.

        Covered by rebased tests.

        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::read): Decrement totalQueueSize with the chunk specific size.
        (WebCore::ReadableJSStream::enqueue): Calls retrieveSize, enqueue chunk with its size and increment totalQueueSize.
        (WebCore::ReadableJSStream::retrieveChunkSize): Calls size JS callback and convert it to double.
        * bindings/js/ReadableJSStream.h:

2015-06-28  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API]Remove ReadableStreamController.close custom binding
        https://bugs.webkit.org/show_bug.cgi?id=146380

        Reviewed by Darin Adler.

        No change in behavior.

        * Modules/streams/ReadableStreamController.h:
        (WebCore::ReadableStreamController::close): Calling ReadableJSStream close method.
        * Modules/streams/ReadableStreamController.idl: Removed Custom.
        * bindings/js/JSReadableStreamControllerCustom.cpp:
        (WebCore::JSReadableStreamController::close): Deleted.
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::close): Moved custom binding code here.
        * bindings/js/ReadableJSStream.h:

2015-06-27  Chris Fleizach  <cfleizach@apple.com>

        AX: implement @aria-roledescription
        https://bugs.webkit.org/show_bug.cgi?id=146274

        Reviewed by Darin Adler.

        Add support for aria-roledescription.

        Test: accessibility/aria-roledescription.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::hasHighlighting):
        (WebCore::AccessibilityObject::roleDescription):
        (WebCore::nodeHasPresentationRole):
        * accessibility/AccessibilityObject.h:
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper _accessibilityMaxValue]):
        (-[WebAccessibilityObjectWrapper accessibilityRoleDescription]):
        (-[WebAccessibilityObjectWrapper accessibilityLabel]):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper roleDescription]):

2015-06-27  Darin Adler  <darin@apple.com>

        Fix the build.

        * platform/network/cf/ResourceErrorCF.cpp:
        (WebCore::ResourceError::cfError): Take out log statement. Add FIXME comment
        that explains part of the reason we may get null here.
        * platform/network/mac/ResourceErrorMac.mm:
        (WebCore::createNSErrorFromResourceErrorBase): Ditto.

2015-06-27  David Kilzer  <ddkilzer@apple.com>

        Crash in WebCore::ResourceError::cfError() after provisional load failed
        <http://webkit.org/b/146384>

        Reviewed by Darin Adler.

        This is a speculative fix based on the crashing stack.

        * platform/network/cf/ResourceErrorCF.cpp:
        (WebCore::ResourceError::cfError): Add NULL check.
        * platform/network/mac/ResourceErrorMac.mm:
        (WebCore::createNSErrorFromResourceErrorBase): Add nil check in
        case we ever turn off USE(CFNETWORK) for iOS.

2015-06-27  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Only flag a video element as eligible for auto-play to AppleTV one time
        https://bugs.webkit.org/show_bug.cgi?id=146386

        Reviewed by Brent Fulgham.

        * Modules/mediasession/WebMediaSessionManager.cpp:
        (WebCore::WebMediaSessionManager::removeAllPlaybackTargetPickerClients): Drive-by fix - early 
          return when there are no clients.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::pendingActionTimerFired): Set m_failedToPlayToWirelessTarget if the
          media engine is still unable to play to the wireless target.
        (WebCore::HTMLMediaElement::prepareForLoad): Clear m_failedToPlayToWirelessTarget.
        (WebCore::HTMLMediaElement::mediaState): Don't set the ExternalDeviceAutoPlayCandidate flag
          if m_failedToPlayToWirelessTarget is true.
        * html/HTMLMediaElement.h:

2015-06-27  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] Implement ReadableStreamController.desiredSize property
        https://bugs.webkit.org/show_bug.cgi?id=146311

        Reviewed by Darin Adler.

        Covered by rebased tests.

        * Modules/streams/ReadableStreamController.h: Adding desiredSize getter.
        (WebCore::ReadableStreamController::desiredSize): Ditto.
        * Modules/streams/ReadableStreamController.idl: Added desiredSize attribute.

2015-06-27  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK][SOUP] Implement WebCore::PublicSuffix for soup and enable PUBLIC_SUFFIX_LIST for GTK+
        https://bugs.webkit.org/show_bug.cgi?id=146318

        Reviewed by Sergio Villar Senin.

        This is covered by unit tests.

        * PlatformGTK.cmake:
        * platform/soup/PublicSuffixSoup.cpp: Added.
        (WebCore::isPublicSuffix):
        (WebCore::topPrivatelyControlledDomain):

2015-06-26  Myles C. Maxfield  <mmaxfield@apple.com>

        [iOS] AppleGothic has been superseded by Apple SD Gothic Neo
        https://bugs.webkit.org/show_bug.cgi?id=146372
        <rdar://problem/21574004>

        Reviewed by Dean Jackson.

        Test: fast/text/hangul-generic-font-families.html

        * page/mac/SettingsMac.mm:
        (WebCore::Settings::initializeDefaultFontFamilies):

2015-06-26  Matt Daiter  <mdaiter@apple.com>

        Supporting getStartDate and added tests
        https://bugs.webkit.org/show_bug.cgi?id=145676
        <rdar://problem/20876076>

        Reviewed by Brent Fulgham.

        Test: http/tests/media/hls/video-controller-getStartDate.html

        * bindings/js/JSDOMBinding.cpp:
        (WebCore::jsDateOrNaN):
        * bindings/js/JSDOMBinding.h:
        * bindings/scripts/CodeGeneratorJS.pm: Added features to return 
        NaN for Date
        * bindings/scripts/CodeGeneratorGObject.pm: Needed to add
        type checking code for GObject (no date)
        (NativeToJSValue):
        * bindings/scripts/IDLAttributes.txt: 
        * html/HTMLMediaElement.cpp: Added getStartDate function
        (WebCore::HTMLMediaElement::getStartDate):
        * html/HTMLMediaElement.h: Needed to add declarations
        * html/HTMLMediaElement.idl: Needed to modify for returning NaN
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::getStartDate):
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/MediaPlayerPrivate.h: Added in Mac-specific platform
        (WebCore::MediaPlayerPrivateInterface::getStartDate):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::getStartDate):

2015-06-26  Beth Dakin  <bdakin@apple.com>

        WebPage::getPositionInformation() should not copy an image that is larger than the  
        screen
        https://bugs.webkit.org/show_bug.cgi?id=146367

        Reviewed by Tim Horton.

        Export the rect version of this function too.
        * platform/graphics/GraphicsContext.h:

2015-06-26  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Muted videos should not automatically play to AppleTV
        https://bugs.webkit.org/show_bug.cgi?id=146366

        Reviewed by Dean Jackson.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement): Initialize m_initiallyMuted.
        (WebCore::HTMLMediaElement::scheduleDelayedAction): Support CheckMediaState.
        (WebCore::HTMLMediaElement::setReadyState): Set m_initiallyMuted to true if the element is
          muted or the volume is less than 5%.
        (WebCore::HTMLMediaElement::setMuted): Update media state asynchronously so multiple state
          changes can be coalesced.
        (WebCore::HTMLMediaElement::mediaPlayerEngineUpdated): Ditto.
        (WebCore::HTMLMediaElement::setPlaying): Ditto.
        (WebCore::HTMLMediaElement::mediaPlayerCurrentPlaybackTargetIsWirelessChanged): Ditto.
        (WebCore::HTMLMediaElement::removeEventListener): Ditto.
        (WebCore::HTMLMediaElement::enqueuePlaybackTargetAvailabilityChangedEvent): Ditto.
        (WebCore::HTMLMediaElement::updateMediaState): Update after a timer when passed UpdateMediaState::Asynchronously.
        (WebCore::HTMLMediaElement::mediaState): Don't set the ExternalDeviceAutoPlayCandidate flag if
          m_initiallyMuted is true.
        * html/HTMLMediaElement.h:
        * html/HTMLMediaElementEnums.h:

2015-06-26  Daniel Bates  <dabates@apple.com>

        Rolling out r184660
        https://bugs.webkit.org/show_bug.cgi?id=145200

        Reverting r184660 because it caused a regression.

        * English.lproj/Localizable.strings:
        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::createAutoFillButton): Deleted.
        * platform/LocalizedStrings.cpp:
        (WebCore::AXAutoFillButtonText): Deleted.
        * platform/LocalizedStrings.h:
        * platform/efl/LocalizedStringsEfl.cpp:
        (WebCore::AXAutoFillButtonText): Deleted.
        * platform/gtk/LocalizedStringsGtk.cpp:
        (WebCore::AXAutoFillButtonText): Deleted.

2015-06-26  Daniel Bates  <dabates@apple.com>

        Rolling out r185881
        https://bugs.webkit.org/show_bug.cgi?id=146243
        And
        r185828
        https://bugs.webkit.org/show_bug.cgi?id=145241

        Reverting r185881 and r185828 because the latter caused a regression.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::accessibilityTextFieldDecorationHitTest): Deleted.
        (WebCore::AccessibilityRenderObject::accessibilityHitTest): Deleted.
        * accessibility/AccessibilityRenderObject.h:

2015-06-26  Dean Jackson  <dino@apple.com>

        No audio on animated page with the attached fixed layout epub
        https://bugs.webkit.org/show_bug.cgi?id=146365

        Reviewed by Eric Carlson.

        The new restriction RequireUserGestureForAudioRateChange conflicted
        with existing clients who expected RequireUserGestureForRateChange
        to allow autoplaying audio. Update the logic to ensure that
        RequireUserGestureForRateChange covers all media when set to
        false.

        This may require a revisit once we're using RequireUserGestureForAudioRateChange
        in production, because the global setting will trump that, and
        most clients have the global setting to false. We'll need to come
        up with a way to allow legacy clients to preserve their behaviour.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement): Only restrict audio
        if RequireUserGestureForRateChange is also false.

2015-06-25  Anders Carlsson  <andersca@apple.com>

        Get rid of ScrollbarThemeClient now that it's unused
        https://bugs.webkit.org/show_bug.cgi?id=146327

        Reviewed by Beth Dakin.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/Scrollbar.cpp:
        (WebCore::Scrollbar::scrollbarOverlayStyle): Deleted.
        (WebCore::Scrollbar::isScrollableAreaActive): Deleted.
        (WebCore::Scrollbar::isScrollViewScrollbar): Deleted.
        (WebCore::Scrollbar::root): Deleted.
        * platform/Scrollbar.h:
        (WebCore::Scrollbar::isCustomScrollbar):
        (WebCore::Scrollbar::orientation):
        (WebCore::Scrollbar::value):
        (WebCore::Scrollbar::currentPos):
        (WebCore::Scrollbar::visibleSize):
        (WebCore::Scrollbar::totalSize):
        (WebCore::Scrollbar::maximum):
        (WebCore::Scrollbar::controlSize):
        (WebCore::Scrollbar::lineStep):
        (WebCore::Scrollbar::pageStep):
        (WebCore::Scrollbar::pressedPart):
        (WebCore::Scrollbar::hoveredPart):
        (WebCore::Scrollbar::enabled):
        (WebCore::Scrollbar::styleChanged):
        (WebCore::Scrollbar::isAlphaLocked):
        (WebCore::Scrollbar::setIsAlphaLocked):
        * platform/ScrollbarTheme.h:
        * platform/ScrollbarThemeClient.h: Removed.
        (WebCore::ScrollbarThemeClient::~ScrollbarThemeClient): Deleted.
        * platform/mac/ScrollbarThemeMac.mm:
        (WebCore::ScrollbarThemeMac::updateScrollbarOverlayStyle):
        * rendering/RenderScrollbarTheme.cpp:

2015-06-26  Chris Dumez  <cdumez@apple.com>

        Prevent new loads while in PageCache (or being added to PageCache)
        https://bugs.webkit.org/show_bug.cgi?id=146299
        <rdar://problem/21523788>

        Reviewed by Darin Adler.

        Generalize the change in r185337 to prevent new loads while in the
        PageCache (or being added to the PageCache), instead of merely
        preventing new loads in pagehide event handlers. We should never
        have any pages that are still loading inside the PageCache.

        The fix in r185337 was apparently insufficient to address the
        problem so generalizing the check / policy will hopefully catch
        more cases where content is able to start loads while being added
        to the PageCache. This patch also removes some of the complexity
        added in r185337 as it is no longer needed.

        No new tests, already covered by:
        http/tests/navigation/image-load-in-pagehide-handler.html
        http/tests/navigation/subframe-pagehide-handler-starts-load.html
        http/tests/navigation/subframe-pagehide-handler-starts-load2.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::stopLoading):
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::loadWithDocumentLoader):
        (WebCore::FrameLoader::stopAllLoaders):
        (WebCore::FrameLoader::handleBeforeUnloadEvent):
        (WebCore::FrameLoader::FrameLoader): Deleted.
        * loader/FrameLoader.h:
        (WebCore::FrameLoader::pageDismissalEventBeingDispatched):
        * loader/ImageLoader.cpp:
        (WebCore::pageIsBeingDismissed):
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::load):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestImage):
        * page/Page.cpp:
        (WebCore::Page::inPageCache):
        * page/Page.h:
        (WebCore::Page::group): Deleted.

2015-06-26  Simon Fraser  <simon.fraser@apple.com>

        [OS X] Change the layer tiling threshold from 2000 to 2048 pixels
        https://bugs.webkit.org/show_bug.cgi?id=146353

        Reviewed by Tim Horton.

        Programmers love powers of two.

        * platform/graphics/ca/GraphicsLayerCA.cpp:

2015-06-26  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Sans-serif generic font family should map to PingFang
        https://bugs.webkit.org/show_bug.cgi?id=146333
        <rdar://problem/21521217>

        Reviewed by Alexey Proskuryakov.

        Also performs a little bit of cleanup.

        Test: fast/text/han-generic-font-families.html

        * page/mac/SettingsMac.mm:
        (WebCore::sansSerifTraditionalHanFontFamily):
        (WebCore::sansSerifSimplifiedHanFontFamily):
        (WebCore::Settings::initializeDefaultFontFamilies):

2015-06-26  Per Arne Vollan  <peavo@outlook.com>

        [Curl] Compile errors; ResourceResponseBase::resourceLoadTiming() has changed return type.
        https://bugs.webkit.org/show_bug.cgi?id=146343

        Reviewed by Brent Fulgham.

        * platform/network/curl/ResourceHandleManager.cpp:
        (WebCore::calculateWebTimingInformations):
        (WebCore::headerCallback):
        (WebCore::ResourceHandleManager::initializeHandle):
        (WebCore::ResourceHandleManager::initCookieSession):
        (WebCore::sockoptfunction): Deleted.

2015-06-26  Chris Fleizach  <cfleizach@apple.com>

        iOS speech synthesizer should expose names
        https://bugs.webkit.org/show_bug.cgi?id=146319

        Reviewed by Mario Sanchez Prada.

        Use newer API to get the name and identifier of each voice asset.

        * platform/ios/PlatformSpeechSynthesizerIOS.mm:
        (WebCore::PlatformSpeechSynthesizer::initializeVoiceList):

2015-06-26  Csaba Osztrogonác  <ossy@webkit.org>

        [EFL] Remove unnecessary overriden methods from ScrollBarEfl
        https://bugs.webkit.org/show_bug.cgi?id=146342

        Reviewed by Gyuyoung Kim.

        * platform/efl/ScrollbarEfl.cpp:
        (WebCore::ScrollbarEfl::setParent): Deleted.
        (WebCore::ScrollbarEfl::setFrameRect): Deleted.
        (WebCore::ScrollbarEfl::frameRectsChanged): Deleted.
        (WebCore::ScrollbarEfl::invalidate): Deleted.
        * platform/efl/ScrollbarEfl.h:

2015-06-26  Csaba Osztrogonác  <ossy@webkit.org>

        Convert some of WebCore/dom over to range-for loops
        https://bugs.webkit.org/show_bug.cgi?id=126250

        Reviewed by Darin Adler.

        Based on the original patch of Sam Weinig <sam@webkit.org>.

        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::replaceChild):
        (WebCore::willRemoveChildren):
        (WebCore::ContainerNode::appendChild):
        * dom/MutationObserver.cpp:
        (WebCore::MutationObserver::disconnect):
        (WebCore::MutationObserver::getObservedNodes):
        (WebCore::MutationObserver::deliver):
        * dom/MutationObserverInterestGroup.cpp:
        (WebCore::MutationObserverInterestGroup::isOldValueRequested):
        (WebCore::MutationObserverInterestGroup::enqueueMutationRecord):
        * dom/MutationObserverRegistration.cpp:
        (WebCore::MutationObserverRegistration::clearTransientRegistrations):
        (WebCore::MutationObserverRegistration::addRegistrationNodesToSet):
        * dom/Node.cpp:
        (WebCore::Node::dumpStatistics):
        (WebCore::collectMatchingObserversForMutation):
        (WebCore::Node::notifyMutationObserversNodeWillDetach):

2015-06-25  Lucas Forschler  <lforschler@apple.com>

        Unreviewed build fix.
        
        * platform/audio/VectorMath.cpp:
        (WebCore::VectorMath::vsmul):
        (WebCore::VectorMath::vadd):
        (WebCore::VectorMath::vmul):
        (WebCore::VectorMath::zvmul):

2015-06-25  Stephanie Lewis  <slewis@apple.com>

        Build fix.

        Unreviewed.

        * platform/audio/DirectConvolver.cpp:
        (WebCore::DirectConvolver::process):

2015-06-25  Chris Fleizach  <cfleizach@apple.com>

        AX: improve list heuristics (presentational use versus actual lists)
        https://bugs.webkit.org/show_bug.cgi?id=134187

        Rolling this change back in. 
        It was taken out to allow clients to have time to update their expectations of what is a list vs. a group

        Test: accessibility/list-detection2.html

        * accessibility/AccessibilityList.cpp:
        (WebCore::AccessibilityList::isDescriptionList):
        (WebCore::AccessibilityList::childHasPseudoVisibleListItemMarkers):
        (WebCore::AccessibilityList::determineAccessibilityRole):
        * accessibility/AccessibilityList.h:

2015-06-25  Brent Fulgham  <bfulgham@apple.com>

        Unreviewed build fix after r185964.

        Correct a few pointers-that-should-be-references-now errors.

        * platform/win/PopupMenuWin.cpp:
        (WebCore::AccessiblePopupMenu::accLocation):
        (WebCore::AccessiblePopupMenu::accHitTest):

2015-06-25  Doug Russell  <d_russell@apple.com>

        Bug 146300 AX: AccessibilityObject focus events that don't cause a selection 
        change can leave m_isSynchronizingSelection set to true
        https://bugs.webkit.org/show_bug.cgi?id=146300

        Reviewed by Chris Fleizach.

        Added a clearTextSelectionIntent() convenience function to be used after any
        event that can, but isn't guaranteed to result in a selection change. Matches
        calls to setTextSelectionIntent() convenience function.
        Added support for tests listening for focus change notifications.

        Test: platform/mac/accessibility/focus-setting-selection-syncronizing-not-clearing.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::clearTextSelectionIntent):
        (WebCore::AccessibilityRenderObject::setSelectedTextRange):
        (WebCore::AccessibilityRenderObject::setFocused):
        (WebCore::AccessibilityRenderObject::setSelectedVisiblePositionRange):
        * accessibility/mac/AXObjectCacheMac.mm:
        (WebCore::AXObjectCache::platformHandleFocusedUIElementChanged):

2015-06-25  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Add a way to match a domain but not subdomains
        https://bugs.webkit.org/show_bug.cgi?id=146241
        rdar://problem/21557754

        Reviewed by Darin Adler.

        This patch makes it possible to have a trigger with an if-domain apply to sub2.sub1.webkit.org
        but not sub1.webkit.org by making the domains default to only applying to the domain and not subdomains.
        To make a domain apply to a domain and any subdomains, the domain must begin with a '*'.

        * contentextensions/CombinedURLFilters.cpp:
        (WebCore::ContentExtensions::CombinedURLFilters::addDomain):
        (WebCore::ContentExtensions::CombinedURLFilters::addPattern):
        Make domains apply only to the exact domain unless there is a * at the beginning,
        in which case they apply to the domain and any subdomains.

2015-06-25  Simon Fraser  <simon.fraser@apple.com>

        [iOS WK2] Swiping back just after scrolling can cause some tiles to disappear
        https://bugs.webkit.org/show_bug.cgi?id=146329
        rdar://problem/21233010

        Reviewed by Tim Horton.

        Have the Compositing log channel dump the visible rect used for layer flushing.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::flushPendingLayerChanges):

2015-06-25  Brent Fulgham  <bfulgham@apple.com>

        [WIN] Enable WEB_TIMING API
        https://bugs.webkit.org/show_bug.cgi?id=146330
        <rdar://problem/21530765>

        Reviewed by Dean Jackson.

        Tested by internal HLS tests.

        Enable WEB_TIMING features on Windows by activating the feature flag,
        and correcting some build errors.

        * platform/network/cf/ResourceHandleCFNet.cpp:
        (WebCore::ResourceHandle::start): "setCollectionTimingData" is only
        defined for PLATFORM(COCOA).
        * platform/network/cf/SynchronousResourceHandleCFURLConnectionDelegate.cpp:
        (WebCore::SynchronousResourceHandleCFURLConnectionDelegate::didReceiveResponse):
        The 'ResourceHandle::getConnectionTimingData' method is only defined
        for PLATFORM(COCOA).

2015-06-25  Dean Jackson  <dino@apple.com>

        Inline media controls disappear when returning a video to inline
        https://bugs.webkit.org/show_bug.cgi?id=146328
        <rdar://problem/21142862>

        Reviewed by Tim Horton.

        We were getting into a state where the controls were being
        hidden via a timer while we were in fullscreen or on
        another tab. Meanwhile, we could exit from such
        a condition to a point where the controls were
        not visible, but not completely removed from the DOM, confusing
        the logic that decided whether to show them on tap.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.hideControls): If we are in the act of hiding
        controls, we can clear any existing timers that are going to try
        to hide them again.
        (Controller.prototype.resetHideControlsTimer): Make sure we null
        out the hideTimer object, since we look at its value often to
        decide whether or not a timer exists.
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.handlePlayButtonTouchEnd): If the user
        taps play, then we should call showControls, which resets the hide
        timers amongst other things. We need to do this due to the next change,
        so that a timer started before we pressed play doesn't cause the
        controls to instantly disappear as soon as we start playing.
        (ControllerIOS.prototype.handleWrapperTouchStart): We can get into
        the state where controls are invisible but still in the tree. Since the
        controlsAreHidden() logic only looks for the latter, we need to also
        look for invisible when the user taps for the controls. Yes, this
        naming doesn't make much sense :(

2015-06-25  Joseph Pecoraro  <pecoraro@apple.com>

        [Mac] Web Inspector: Window dragging on toolbar should behave more like native window dragging
        https://bugs.webkit.org/show_bug.cgi?id=146324

        Reviewed by Timothy Hatcher.

        * inspector/InspectorFrontendClient.h:
        * inspector/InspectorFrontendClientLocal.h:
        Do nothing or pass it up to the the frontend client.

        * inspector/InspectorFrontendHost.h:
        * inspector/InspectorFrontendHost.idl:
        * inspector/InspectorFrontendHost.cpp:
        (WebCore::InspectorFrontendHost::startWindowDrag):
        Add a new host function to get native window dragging behavior.

2015-06-25  Tim Horton  <timothy_horton@apple.com>

        Viewport units are wrong when scaled in 2-up mode, cause content to hop around on apple.com/music
        https://bugs.webkit.org/show_bug.cgi?id=146322
        <rdar://problem/21413884>

        Reviewed by Simon Fraser.

        * page/FrameView.cpp:
        (WebCore::FrameView::viewportSizeForCSSViewportUnits):
        Use the fixed layout size, if enabled, instead of the visibleContentRect,
        for the viewport unit size. This ensures that viewport units take up the whole
        fixed-layout viewport, not just the size of the view scaled by the page scale
        (which visibleContentRect provides).

2015-06-25  Eric Carlson  <eric.carlson@apple.com>

        [Mac] AirPlay menu button still doesn't always show on page load
        https://bugs.webkit.org/show_bug.cgi?id=146325

        Reviewed by Dean Jackson.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaState): A player that can't currently play to a wireless 
          target does require target monitoring if an availability event listner has been registered,
          otherwise we may not register for availability change notifications.

2015-06-25  Anders Carlsson  <andersca@apple.com>

        Stop using ScrollbarThemeClient and just use Scrollbar directly
        https://bugs.webkit.org/show_bug.cgi?id=146320

        Reviewed by Tim Horton.

        * page/scrolling/mac/ScrollingStateFrameScrollingNodeMac.mm:
        (WebCore::ScrollingStateFrameScrollingNode::setScrollbarPaintersFromScrollbars):
        * platform/ScrollableArea.cpp:
        (WebCore::ScrollableArea::setScrollbarOverlayStyle):
        * platform/Scrollbar.cpp:
        (WebCore::Scrollbar::Scrollbar):
        (WebCore::Scrollbar::~Scrollbar):
        (WebCore::Scrollbar::offsetDidChange):
        (WebCore::Scrollbar::updateThumb):
        (WebCore::Scrollbar::paint):
        (WebCore::thumbUnderMouse):
        (WebCore::Scrollbar::autoscrollPressedPart):
        (WebCore::Scrollbar::startTimerIfNeeded):
        (WebCore::Scrollbar::moveThumb):
        (WebCore::Scrollbar::setHoveredPart):
        (WebCore::Scrollbar::setPressedPart):
        (WebCore::Scrollbar::mouseMoved):
        (WebCore::Scrollbar::mouseUp):
        (WebCore::Scrollbar::mouseDown):
        (WebCore::Scrollbar::setEnabled):
        * platform/ScrollbarTheme.h:
        (WebCore::ScrollbarTheme::updateEnabledState):
        (WebCore::ScrollbarTheme::paint):
        (WebCore::ScrollbarTheme::hitTest):
        (WebCore::ScrollbarTheme::updateScrollbarOverlayStyle):
        (WebCore::ScrollbarTheme::invalidateParts):
        (WebCore::ScrollbarTheme::invalidatePart):
        (WebCore::ScrollbarTheme::paintTickmarks):
        (WebCore::ScrollbarTheme::shouldCenterOnThumb):
        (WebCore::ScrollbarTheme::shouldSnapBackToDragOrigin):
        (WebCore::ScrollbarTheme::shouldDragDocumentInsteadOfThumb):
        (WebCore::ScrollbarTheme::thumbPosition):
        (WebCore::ScrollbarTheme::thumbLength):
        (WebCore::ScrollbarTheme::trackPosition):
        (WebCore::ScrollbarTheme::trackLength):
        (WebCore::ScrollbarTheme::registerScrollbar):
        (WebCore::ScrollbarTheme::unregisterScrollbar):
        * platform/ScrollbarThemeComposite.cpp:
        (WebCore::ScrollbarThemeComposite::paint):
        (WebCore::ScrollbarThemeComposite::hitTest):
        (WebCore::ScrollbarThemeComposite::invalidatePart):
        (WebCore::ScrollbarThemeComposite::splitTrack):
        (WebCore::usedTotalSize):
        (WebCore::ScrollbarThemeComposite::thumbPosition):
        (WebCore::ScrollbarThemeComposite::thumbLength):
        (WebCore::ScrollbarThemeComposite::minimumThumbLength):
        (WebCore::ScrollbarThemeComposite::trackPosition):
        (WebCore::ScrollbarThemeComposite::trackLength):
        (WebCore::ScrollbarThemeComposite::thumbRect):
        * platform/ScrollbarThemeComposite.h:
        (WebCore::ScrollbarThemeComposite::willPaintScrollbar):
        (WebCore::ScrollbarThemeComposite::didPaintScrollbar):
        (WebCore::ScrollbarThemeComposite::paintScrollbarBackground):
        (WebCore::ScrollbarThemeComposite::paintTrackBackground):
        (WebCore::ScrollbarThemeComposite::paintTrackPiece):
        (WebCore::ScrollbarThemeComposite::paintButton):
        (WebCore::ScrollbarThemeComposite::paintThumb):
        (WebCore::ScrollbarThemeComposite::constrainTrackRectToTrackPieces):
        * platform/efl/ScrollbarThemeEfl.h:
        * platform/gtk/ScrollbarThemeGtk.cpp:
        (WebCore::ScrollbarThemeGtk::hasThumb):
        (WebCore::ScrollbarThemeGtk::backButtonRect):
        (WebCore::ScrollbarThemeGtk::forwardButtonRect):
        (WebCore::ScrollbarThemeGtk::trackRect):
        (WebCore::ScrollbarThemeGtk::registerScrollbar):
        (WebCore::ScrollbarThemeGtk::unregisterScrollbar):
        (WebCore::ScrollbarThemeGtk::updateScrollbarsFrameThickness):
        (WebCore::ScrollbarThemeGtk::thumbRect):
        (WebCore::ScrollbarThemeGtk::paintTrackBackground):
        (WebCore::ScrollbarThemeGtk::paintScrollbarBackground):
        (WebCore::ScrollbarThemeGtk::paintThumb):
        (WebCore::ScrollbarThemeGtk::paintButton):
        (WebCore::ScrollbarThemeGtk::paint):
        (WebCore::ScrollbarThemeGtk::shouldCenterOnThumb):
        (WebCore::ScrollbarThemeGtk::buttonSize):
        (WebCore::ScrollbarThemeGtk::minimumThumbLength):
        * platform/gtk/ScrollbarThemeGtk.h:
        (WebCore::ScrollbarThemeGtk::hasButtons):
        * platform/ios/ScrollbarThemeIOS.h:
        * platform/ios/ScrollbarThemeIOS.mm:
        (WebCore::ScrollbarThemeIOS::registerScrollbar):
        (WebCore::ScrollbarThemeIOS::unregisterScrollbar):
        (WebCore::ScrollbarThemeIOS::hasButtons):
        (WebCore::ScrollbarThemeIOS::hasThumb):
        (WebCore::ScrollbarThemeIOS::backButtonRect):
        (WebCore::ScrollbarThemeIOS::forwardButtonRect):
        (WebCore::ScrollbarThemeIOS::trackRect):
        (WebCore::ScrollbarThemeIOS::minimumThumbLength):
        (WebCore::ScrollbarThemeIOS::shouldCenterOnThumb):
        (WebCore::ScrollbarThemeIOS::paint):
        * platform/mac/ScrollAnimatorMac.mm:
        (scrollbarPainterForScrollbar):
        (-[WebScrollbarPainterControllerDelegate scrollerImpPair:convertContentPoint:toScrollerImp:]):
        (-[WebScrollbarPartAnimation startAnimation]):
        (-[WebScrollbarPainterDelegate mouseLocationInScrollerForScrollerImp:]):
        (-[WebScrollbarPainterDelegate setUpAlphaAnimation:scrollerPainter:part:animateAlphaTo:duration:]):
        (-[WebScrollbarPainterDelegate scrollerImp:animateKnobAlphaTo:duration:]):
        (-[WebScrollbarPainterDelegate scrollerImp:animateTrackAlphaTo:duration:]):
        (-[WebScrollbarPainterDelegate scrollerImp:animateUIStateTransitionWithDuration:]):
        (-[WebScrollbarPainterDelegate scrollerImp:animateExpansionTransitionWithDuration:]):
        (WebCore::ScrollAnimatorMac::mouseEnteredScrollbar):
        (WebCore::ScrollAnimatorMac::mouseExitedScrollbar):
        (WebCore::ScrollAnimatorMac::didAddVerticalScrollbar):
        (WebCore::ScrollAnimatorMac::willRemoveVerticalScrollbar):
        (WebCore::ScrollAnimatorMac::didAddHorizontalScrollbar):
        (WebCore::ScrollAnimatorMac::willRemoveHorizontalScrollbar):
        (WebCore::ScrollAnimatorMac::invalidateScrollbarPartLayers):
        (WebCore::ScrollAnimatorMac::verticalScrollbarLayerDidChange):
        (WebCore::ScrollAnimatorMac::horizontalScrollbarLayerDidChange):
        (WebCore::ScrollAnimatorMac::shouldScrollbarParticipateInHitTesting):
        (WebCore::ScrollAnimatorMac::updateScrollerStyle):
        * platform/mac/ScrollbarThemeMac.h:
        * platform/mac/ScrollbarThemeMac.mm:
        (WebCore::ScrollbarThemeMac::registerScrollbar):
        (WebCore::ScrollbarThemeMac::unregisterScrollbar):
        (WebCore::ScrollbarThemeMac::setNewPainterForScrollbar):
        (WebCore::ScrollbarThemeMac::painterForScrollbar):
        (WebCore::ScrollbarThemeMac::updateScrollbarOverlayStyle):
        (WebCore::ScrollbarThemeMac::hasButtons):
        (WebCore::ScrollbarThemeMac::hasThumb):
        (WebCore::ScrollbarThemeMac::backButtonRect):
        (WebCore::ScrollbarThemeMac::forwardButtonRect):
        (WebCore::ScrollbarThemeMac::trackRect):
        (WebCore::ScrollbarThemeMac::minimumThumbLength):
        (WebCore::ScrollbarThemeMac::shouldCenterOnThumb):
        (WebCore::ScrollbarThemeMac::shouldDragDocumentInsteadOfThumb):
        (WebCore::ScrollbarThemeMac::updateEnabledState):
        (WebCore::ScrollbarThemeMac::setPaintCharacteristicsForScrollbar):
        (WebCore::ScrollbarThemeMac::paint):
        * platform/mock/ScrollbarThemeMock.cpp:
        (WebCore::ScrollbarThemeMock::trackRect):
        (WebCore::ScrollbarThemeMock::paintTrackBackground):
        (WebCore::ScrollbarThemeMock::paintThumb):
        * platform/mock/ScrollbarThemeMock.h:
        (WebCore::ScrollbarThemeMock::hasButtons): Deleted.
        (WebCore::ScrollbarThemeMock::hasThumb): Deleted.
        (WebCore::ScrollbarThemeMock::backButtonRect): Deleted.
        (WebCore::ScrollbarThemeMock::forwardButtonRect): Deleted.
        (WebCore::ScrollbarThemeMock::maxOverlapBetweenPages): Deleted.
        (WebCore::ScrollbarThemeMock::isMockTheme): Deleted.
        * platform/win/ScrollbarThemeSafari.cpp:
        (WebCore::ScrollbarThemeSafari::hasButtons):
        (WebCore::ScrollbarThemeSafari::hasThumb):
        (WebCore::ScrollbarThemeSafari::backButtonRect):
        (WebCore::ScrollbarThemeSafari::forwardButtonRect):
        (WebCore::ScrollbarThemeSafari::trackRect):
        (WebCore::ScrollbarThemeSafari::minimumThumbLength):
        (WebCore::ScrollbarThemeSafari::shouldCenterOnThumb):
        (WebCore::ScrollbarThemeSafari::paintTrackBackground):
        (WebCore::ScrollbarThemeSafari::paintButton):
        (WebCore::ScrollbarThemeSafari::paintThumb):
        * platform/win/ScrollbarThemeSafari.h:
        * platform/win/ScrollbarThemeWin.cpp:
        (WebCore::ScrollbarThemeWin::hasThumb):
        (WebCore::ScrollbarThemeWin::backButtonRect):
        (WebCore::ScrollbarThemeWin::forwardButtonRect):
        (WebCore::ScrollbarThemeWin::trackRect):
        (WebCore::ScrollbarThemeWin::shouldCenterOnThumb):
        (WebCore::ScrollbarThemeWin::shouldSnapBackToDragOrigin):
        (WebCore::ScrollbarThemeWin::paintTrackBackground):
        (WebCore::ScrollbarThemeWin::paintTrackPiece):
        (WebCore::ScrollbarThemeWin::paintButton):
        (WebCore::paintGripper):
        (WebCore::ScrollbarThemeWin::paintThumb):
        * platform/win/ScrollbarThemeWin.h:
        * rendering/RenderScrollbar.h:
        (isType):
        * rendering/RenderScrollbarPart.cpp:
        (WebCore::RenderScrollbarPart::styleDidChange):
        (WebCore::RenderScrollbarPart::imageChanged):
        * rendering/RenderScrollbarTheme.cpp:
        (WebCore::RenderScrollbarTheme::buttonSizesAlongTrackAxis):
        (WebCore::RenderScrollbarTheme::hasButtons):
        (WebCore::RenderScrollbarTheme::hasThumb):
        (WebCore::RenderScrollbarTheme::minimumThumbLength):
        (WebCore::RenderScrollbarTheme::backButtonRect):
        (WebCore::RenderScrollbarTheme::forwardButtonRect):
        (WebCore::RenderScrollbarTheme::trackRect):
        (WebCore::RenderScrollbarTheme::constrainTrackRectToTrackPieces):
        (WebCore::RenderScrollbarTheme::willPaintScrollbar):
        (WebCore::RenderScrollbarTheme::didPaintScrollbar):
        (WebCore::RenderScrollbarTheme::paintScrollbarBackground):
        (WebCore::RenderScrollbarTheme::paintTrackBackground):
        (WebCore::RenderScrollbarTheme::paintTrackPiece):
        (WebCore::RenderScrollbarTheme::paintButton):
        (WebCore::RenderScrollbarTheme::paintThumb):
        (WebCore::RenderScrollbarTheme::paintTickmarks):
        * rendering/RenderScrollbarTheme.h:

2015-06-24  Matt Rajca  <mrajca@apple.com>

        MediaSession: fall back to "content" kind when an unsupported media session kind is passed in
        https://bugs.webkit.org/show_bug.cgi?id=146293

        Reviewed by Eric Carlson.

        * Modules/mediasession/MediaSession.cpp:
        (WebCore::MediaSession::parseKind): Parse the media session kind to one of the four supported types.
        (WebCore::MediaSession::MediaSession):
        (WebCore::MediaSession::kind): Format the value as a string (which the JS bindings expect).
        * Modules/mediasession/MediaSession.h: The media session kind is now stored as an enum rather than a string
          since we only support a small, fixed number of values.

2015-06-25  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Crash in WebCore::MediaPlayer::canPlayToWirelessPlaybackTarget
        https://bugs.webkit.org/show_bug.cgi?id=146317

        Reviewed by Brent Fulgham.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaState): NULL-check m_player before using it.

2015-06-25  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r185956.
        https://bugs.webkit.org/show_bug.cgi?id=146321

        Causes massive crashes on test bots (Requested by bfulgham on
        #webkit).

        Reverted changeset:

        "Enabling MEDIA_STREAM"
        https://bugs.webkit.org/show_bug.cgi?id=145947
        http://trac.webkit.org/changeset/185956

2015-06-25  Brent Fulgham  <bfulgham@apple.com>

        [Win] Update MediaPlayerPrivateAVFoundationCF::supportsType
        https://bugs.webkit.org/show_bug.cgi?id=146302
        <rdar://problem/19726553>

        Reviewed by Eric Carlson.

        Tested by existing media tests.

        Update the AVFoundationCF version of 'supportsType' to more closely match the AVFoundation
        version. Use this new code when the necessary AVFoundationCF functions are present.

        * AVFoundationSupport.py: Check for presence of AVCFURLAssetIsPlayableExtendedMIMEType.
        (fileContains): Added helper function.
        * WebCore.vcxproj/WebCoreGenerated.vcxproj: Add AVFoundationSupport.py to project file to make
        maintenance easier.
        * WebCore.vcxproj/WebCoreGenerated.vcxproj.filters: Ditto.
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::isUnsupportedMIMEType): Moved from ObjC version.
        (WebCore::MediaPlayerPrivateAVFoundation::staticMIMETypeList): Ditto.
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
        * platform/graphics/avfoundation/cf/AVFoundationCFSoftLinking.h: Add missing declaration.
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        (WebCore::avfMIMETypes): Added CF version of AVFoundation code.
        (WebCore::MediaPlayerPrivateAVFoundationCF::supportsType): Update to use new AVCF
        method if it is available.
        (WebCore::MediaPlayerPrivateAVFoundationCF::languageOfPrimaryAudioTrack): Handle case of a
        null language locale. This is a drive-by fix of a bug found during testing.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::isUnsupportedMIMEType): Deleted.
        (WebCore::staticMIMETypeList): Deleted.

2015-06-25  Matthew Daiter  <mdaiter@apple.com>

        Enabling MEDIA_STREAM
        https://bugs.webkit.org/show_bug.cgi?id=145947
        <rdar://problem/21365829>

        Reviewed by Brent Fulgham.

        * Configurations/FeatureDefines.xcconfig:
        * Modules/mediastream/UserMediaClient.h:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/mediastream/mac/AVAudioCaptureSource.mm:
        * platform/mock/UserMediaClientMock.h:

2015-06-25  Zalan Bujtas  <zalan@apple.com>

        Do not send touch events to the slider's thumb when it does not have a renderer.
        https://bugs.webkit.org/show_bug.cgi?id=146307
        rdar://problem/21539399

        Reviewed by Simon Fraser.

        Bail out early if either the touch target or the renderer() is null.

        Test: fast/events/touch/input-range-with-thumb-display-none-crash.html

        * html/shadow/SliderThumbElement.cpp:
        (WebCore::findTouchWithIdentifier):
        (WebCore::SliderThumbElement::handleTouchStart):
        (WebCore::SliderThumbElement::handleTouchMove):
        (WebCore::SliderThumbElement::handleTouchEndAndCancel):

2015-06-25  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] Implement HighWaterMark
        https://bugs.webkit.org/show_bug.cgi?id=146235

        Reviewed by Darin Adler.

        Retrieval of HighWaterMark parameter from arguments passed to the ReadableStream JS constructor.
        Retrieval of size function callback from arguments passed to the ReadableStream JS constructor.
        Calling doPull() if buffer size is below HighWaterMark.

        Covered by rebased tests.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::pull): Adding precise check for HWM.
        * Modules/streams/ReadableStream.h: Introducing hasEnoughValues.
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::getHighWaterMark): Utility routine to get properly HWM value.
        (WebCore::ReadableJSStream::create): Retrieval of HWM and size function.
        (WebCore::ReadableJSStream::ReadableJSStream):
        * bindings/js/ReadableJSStream.h: Adding hasEnoughValues and desiredSize prototypes.

2015-06-25  Tim Horton  <timothy_horton@apple.com>

        Try to fix the iOS EWS build.

        * platform/spi/cocoa/SecuritySPI.h:

2015-06-25  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Empty gtk-font-name setting causes WebProcess crash rendering pages
        https://bugs.webkit.org/show_bug.cgi?id=146246

        Reviewed by Sergio Villar Senin.

        Return early if system font is empty.

        * rendering/RenderThemeGtk.cpp:
        (WebCore::RenderThemeGtk::updateCachedSystemFontDescription):

2015-06-24  Chris Dumez  <cdumez@apple.com>

        Unreviewed, EFL build fix after r185940.

        Members were initialized in wrong order.

        * Modules/mediastream/MediaDeviceInfo.cpp:
        (WebCore::MediaDeviceInfo::MediaDeviceInfo):

2015-06-24  Chris Dumez  <cdumez@apple.com>

        Unreviewed, Build fix after r185940.

        Move implementation inside WebCore namespace.

        * Modules/mediastream/MediaDeviceInfo.cpp:

2015-06-24  Chris Dumez  <cdumez@apple.com>

        Unreviewed, speculative GTK build fix after 185940.

        Add new cpp file to CMakeLists.txt.

        * CMakeLists.txt:

2015-06-24  Matt Daiter  <mdaiter@apple.com>

        Building MediaDeviceInfo for enumerateDevices
        https://bugs.webkit.org/show_bug.cgi?id=146257
        <rdar://problem/21513462>

        Reviewed by Eric Carlson.

        MediaDeviceInfo necessary for enumerateDevices

        * CMakeLists.txt: Added MediaDevicesInfo.idl
        * DerivedSources.make: Added MediaDevicesInfo.idl
        * Modules/mediastream/MediaDeviceInfo.h: Created class for MediaDevicesInfo
        (WebCore::MediaDeviceInfo::create): Allocates class
        (WebCore::MediaDeviceInfo::MediaDeviceInfo): Creates class for public
        (WebCore::MediaDeviceInfo::~MediaDeviceInfo): 
        (WebCore::MediaDeviceInfo::label):
        (WebCore::MediaDeviceInfo::deviceId):
        (WebCore::MediaDeviceInfo::groupId):
        (WebCore::MediaDeviceInfo::kind):
        * Modules/mediastream/MediaDeviceInfo.idl:
        * WebCore.xcodeproj/project.pbxproj:

2015-06-24  Anders Carlsson  <andersca@apple.com>

        Detect view services by using the "com.apple.UIKit.vends-view-services" entitlement
        https://bugs.webkit.org/show_bug.cgi?id=146301

        Reviewed by Tim Horton.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/spi/cocoa/SecuritySPI.h:

2015-06-24  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Add a new color -apple-wireless-playback-target-active
        https://bugs.webkit.org/show_bug.cgi?id=146269
        <rdar://problem/21465189>

        Reviewed by Dean Jackson.

        At the moment we use -apple-system-blue to indicate an Airplay route is
        active. This might not always be blue, so we need to add another system
        color with a name that will allow us to change the underlying color.
        Initially -apple-wireless-playback-target-active will be an alias to
        -apple-system-blue.

        Existing tests are modified to include the new color value.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.updateWirelessTargetPickerButton):
        * Modules/mediacontrols/mediaControlsiOS.css:
        (video::-webkit-media-controls-wireless-playback-picker-button.playing):
        Use the new color value in the media controls.
        
        * css/CSSParser.cpp:
        (WebCore::isAppleLegacyCssValueKeyword): Returns true if the value keyword
        has an '-apple' prefix which has to be replaced by '-webkit'
        
        (WebCore::cssValueKeywordID): Call a new function which handles all the
        '-apple' legacy keywords.
        
        * css/CSSValueKeywords.in: Define the new color keyword.
        
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::systemColor):
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::systemColor):
        Define the value of the new color keyword to be an alias of systemBlueColor.

2015-06-24  Matt Rajca  <mrajca@apple.com>

        MediaSession: propagate MediaSessionMetadata to WebPageProxy
        https://bugs.webkit.org/show_bug.cgi?id=146282

        Reviewed by Darin Adler and Tim Horton.

        * Modules/mediasession/MediaSession.cpp:
        (WebCore::MediaSession::setMetadata):

2015-06-24  Chris Dumez  <cdumez@apple.com>

        Null dereference in DocumentLoader::areAllLoadersPageCacheAcceptable()
        https://bugs.webkit.org/show_bug.cgi?id=146286
        <rdar://problem/21523788>

        Reviewed by Sam Weinig.

        Add null check for the Page in areAllLoadersPageCacheAcceptable()
        to fix this top crasher until I can investigate how this can happen.

        * loader/DocumentLoader.cpp:
        (WebCore::areAllLoadersPageCacheAcceptable):

2015-06-24  Anders Carlsson  <andersca@apple.com>

        Move PluginMainThreadScheduler to WebKit/win
        https://bugs.webkit.org/show_bug.cgi?id=146289

        Reviewed by Tim Horton.

        * CMakeLists.txt:
        * Configurations/WebCore.xcconfig:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * plugins/PluginMainThreadScheduler.cpp:
        (WebCore::PluginMainThreadScheduler::scheduler): Deleted.
        (WebCore::PluginMainThreadScheduler::PluginMainThreadScheduler): Deleted.
        (WebCore::PluginMainThreadScheduler::scheduleCall): Deleted.
        (WebCore::PluginMainThreadScheduler::registerPlugin): Deleted.
        (WebCore::PluginMainThreadScheduler::unregisterPlugin): Deleted.
        (WebCore::PluginMainThreadScheduler::dispatchCallsForPlugin): Deleted.
        (WebCore::PluginMainThreadScheduler::dispatchCalls): Deleted.
        (WebCore::PluginMainThreadScheduler::mainThreadCallback): Deleted.
        * plugins/PluginMainThreadScheduler.h:
        (WebCore::PluginMainThreadScheduler::Call::Call): Deleted.
        (WebCore::PluginMainThreadScheduler::Call::performCall): Deleted.

2015-06-24  Dean Jackson  <dino@apple.com>

        Better fix for Element with blur backdrop-filter shows edge duplication and dark edges
        https://bugs.webkit.org/show_bug.cgi?id=146287
        <rdar://problem/21530437>

        Reviewed by Simon Fraser.

        There is no need to carry around a bit in FilterOperations indicating what
        type of source property the object came from. Whether or not to clip to the
        bounds of the filter region is purely a property of the type of CALayer
        we are applying the filter to.

        This basically reverts r185846.

        Covered by the test for the previous commit.

        * css/CSSPropertyNames.in:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertBackdropFilterOperations): Deleted.
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::blendFilterOperations): Deleted.
        * platform/graphics/ca/cocoa/PlatformCAFiltersCocoa.mm: Set the normalized
        edges property if we are a CABackdropLayer.
        * platform/graphics/filters/FilterOperations.cpp:
        (WebCore::FilterOperations::operator==):
        (WebCore::FilterOperations::operationsMatch):
        (WebCore::FilterOperations::operator=): Deleted.
        * platform/graphics/filters/FilterOperations.h:
        (WebCore::FilterOperations::isUsedForBackdropFilters): Deleted.
        (WebCore::FilterOperations::setUsedForBackdropFilters): Deleted.

2015-06-24  Doug Russell  <d_russell@apple.com>

        Bug 146177 - AX: AXObjectCache should try to use an unignored accessibilityObject 
        when posting a selection notification when on the border between two accessibilityObjects
        https://bugs.webkit.org/show_bug.cgi?id=146177

        Reviewed by Darin Adler.

        Add support for position to be passed for selection changes to allow checking.
        for boundaries in the case of ignored elements.
        Add support for searching for unignored siblings of AccessibilityObjects.
        Include AccessibilityObject wrappers in notifications for tests.

        Test: platform/mac/accessibility/selection-element-tabbing-to-link.html

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::postTextStateChangeNotification):
        * accessibility/AXObjectCache.h:
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::previousSiblingUnignored):
        (WebCore::AccessibilityObject::nextSiblingUnignored):
        * accessibility/AccessibilityObject.h:
        * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
        (isValueTypeSupported):
        (arrayRemovingNonSupportedTypes):
        (dictionaryRemovingNonSupportedTypes):
        (-[WebAccessibilityObjectWrapperBase accessibilityPostedNotification:userInfo:]):
        * editing/mac/FrameSelectionMac.mm:
        (WebCore::FrameSelection::notifyAccessibilityForSelectionChange):

2015-06-24  Anders Carlsson  <andersca@apple.com>

        Enable -Winconsistent-missing-override when building with Xcode
        https://bugs.webkit.org/show_bug.cgi?id=146288

        Reviewed by Sam Weinig.

        * Configurations/Base.xcconfig:
        * Modules/encryptedmedia/MediaKeySession.h:
        * Modules/webdatabase/DatabaseTask.h:
        * html/DateTimeLocalInputType.h:
        * page/scrolling/ios/ScrollingCoordinatorIOS.h:
        * page/scrolling/mac/ScrollingCoordinatorMac.h:
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
        (WebCore::MediaPlayerPrivateAVFoundation::platformLayer): Deleted.
        (WebCore::MediaPlayerPrivateAVFoundation::supportsScanning): Deleted.
        (WebCore::MediaPlayerPrivateAVFoundation::fileSize): Deleted.
        (WebCore::MediaPlayerPrivateAVFoundation::engineDescription): Deleted.
        (WebCore::MediaPlayerPrivateAVFoundation::platformErrorCode): Deleted.
        (WebCore::MediaPlayerPrivateAVFoundation::notifyTrackModeChanged): Deleted.
        * platform/graphics/avfoundation/VideoTrackPrivateAVF.h:
        (WebCore::VideoTrackPrivateAVF::trackIndex): Deleted.
        * platform/graphics/avfoundation/objc/CDMSessionAVFoundationObjC.h:
        (WebCore::CDMSessionAVFoundationObjC::type): Deleted.
        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.h:
        (WebCore::CDMSessionMediaSourceAVFObjC::type): Deleted.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::supportsAcceleratedRendering): Deleted.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::canPlayToWirelessPlaybackTarget): Deleted.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::WebCoreNSURLAuthenticationChallengeClient::receivedCredential): Deleted.
        (WebCore::WebCoreNSURLAuthenticationChallengeClient::receivedRequestToContinueWithoutCredential): Deleted.
        (WebCore::WebCoreNSURLAuthenticationChallengeClient::receivedCancellation): Deleted.
        (WebCore::WebCoreNSURLAuthenticationChallengeClient::receivedRequestToPerformDefaultHandling): Deleted.
        (WebCore::WebCoreNSURLAuthenticationChallengeClient::receivedChallengeRejection): Deleted.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::supportsFullscreen): Deleted.
        * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
        (WebCore::MediaPlayerPrivateQTKit::supportsScanning): Deleted.
        (WebCore::MediaPlayerPrivateQTKit::networkState): Deleted.
        (WebCore::MediaPlayerPrivateQTKit::readyState): Deleted.
        (WebCore::MediaPlayerPrivateQTKit::maximumDurationToCacheMediaTime): Deleted.
        (WebCore::MediaPlayerPrivateQTKit::engineDescription): Deleted.
        * platform/mac/ScrollAnimatorMac.h:
        * platform/mac/SerializedPlatformRepresentationMac.h:
        (WebCore::SerializedPlatformRepresentationMac::platformType): Deleted.
        * platform/mac/ThemeMac.h:
        (WebCore::ThemeMac::controlRequiresPreWhiteSpace): Deleted.
        * testing/MockCDM.cpp:
        (WebCore::MockCDMSession::setClient): Deleted.

2015-06-24  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        Improve JSDOMPromise callPromiseFunction naming
        https://bugs.webkit.org/show_bug.cgi?id=146280

        Unreviewed.

        No change in behavior.

        * bindings/js/JSDOMPromise.h:
        (WebCore::callPromiseFunction):

2015-06-24  Tim Horton  <timothy_horton@apple.com>

        REGRESSION (r185804): Crash selecting time in the form on https://backup.brighthorizons.com/BackupCareRequest.aspx
        <rdar://problem/21525376>

        Reviewed by Sam Weinig.

        * page/TextIndicator.cpp:
        (WebCore::TextIndicator::createWithRange):
        Null check.

2015-06-24  Zalan Bujtas  <zalan@apple.com>

        Subpixel rendering: roundToDevicePixel() snaps to wrong value.
        https://bugs.webkit.org/show_bug.cgi?id=146273
        rdar://problem/18509840

        Reviewed by Simon Fraser.

        Due to the floating point approximate representation, we can't always produce
        the correct snap value. This patch addresses the issue by removing redundant kFixedPointDenominator multiplication
        and by changing the rounding in roundToDevicePixel() from float to double.

        API test is added.

        * platform/LayoutUnit.h:
        (WebCore::roundToDevicePixel):

2015-06-23  Matt Rajca  <mrajca@apple.com>

        MediaSession: Support setting of metadata
        https://bugs.webkit.org/show_bug.cgi?id=146253

        Reviewed by Eric Carlson.

        * Modules/mediasession/MediaSession.cpp:
        (WebCore::MediaSession::MediaSession): Store a reference to the document so we can use it in setMetadata.
        (WebCore::MediaSession::setMetadata): Implemented as described in the Media Session spec.
        * Modules/mediasession/MediaSession.h:
        * Modules/mediasession/MediaSession.idl: Added the setMetadata method.
        * Modules/mediasession/MediaSessionMetadata.h:
        (WebCore::MediaSessionMetadata::MediaSessionMetadata): Added to keep track of media session metadata.
        (WebCore::MediaSessionMetadata::title):
        (WebCore::MediaSessionMetadata::artist):
        (WebCore::MediaSessionMetadata::album):
        (WebCore::MediaSessionMetadata::artworkURL):
        * WebCore.xcodeproj/project.pbxproj: Added MediaSessionMetadata.h.

2015-06-24  Daniel Bates  <dabates@apple.com>

        Content Security Policy error message when frame load is blocked does not read well
        https://bugs.webkit.org/show_bug.cgi?id=146279

        Reviewed by Csaba Osztrogonác.

        Substitute "Refused to load frame" for "Refused to frame" as the prefix of the error message
        emitted when the Content Security Policy of the page blocks a frame load.

        * page/ContentSecurityPolicy.cpp:
        (WebCore::CSPDirectiveList::checkSourceAndReportViolation):

2015-06-11  Sergio Villar Senin  <svillar@igalia.com>

        intrinsic size keywords don't work for heights
        https://bugs.webkit.org/show_bug.cgi?id=113610

        Reviewed by Darin Adler.

        Based on Blink's r148314 & r150355 by <cbiesinger@chromium.org>.

        Adds intrinsic values support to heigh & min/max-height. This involves the
        following changes:
        - RenderBox needs to pass the content height through to computeLogicalHeight and
        related functions, which needs it to resolve max-content, et. al.
        - Make the callers pass the content height to this function. Some callers pass
        logicalHeight() (adjusted for border/padding) which works because if
        logicalHeight is not the content height, then it is the height we ended up using,
        so the constrain* functions will just constrain to that value again.
        - Parsing code needs to be adjusted to support intrinsic values for heights.

        Tests: fast/css-intrinsic-dimensions/height-css-tables-collapsed.html
               fast/css-intrinsic-dimensions/height-css-tables.html
               fast/css-intrinsic-dimensions/height-flexbox.html
               fast/css-intrinsic-dimensions/height-positioned-replaced.html
               fast/css-intrinsic-dimensions/height-positioned.html
               fast/css-intrinsic-dimensions/height-replaced.html
               fast/css-intrinsic-dimensions/height-tables-collapsed.html
               fast/css-intrinsic-dimensions/height-tables.html
               fast/css-intrinsic-dimensions/height.html

        * css/CSSParser.cpp:
        (WebCore::CSSParser::isValidSize): Refactored from validateWidth and
        validateHeight.
        (WebCore::CSSParser::parseValue):
        (WebCore::CSSParser::validateWidth): Deleted.
        (WebCore::CSSParser::validateHeight): Deleted.
        * css/CSSParser.h:
        * platform/Length.h:
        (WebCore::Length::isFillAvailable):
        (WebCore::Length::isFitContent):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::constrainLogicalHeightByMinMax):
        (WebCore::RenderBox::constrainContentBoxLogicalHeightByMinMax):
        (WebCore::RenderBox::computeLogicalHeight):
        (WebCore::RenderBox::computeLogicalHeightUsing):
        (WebCore::RenderBox::computeContentLogicalHeight):
        (WebCore::RenderBox::computeIntrinsicLogicalContentHeightUsing):
        (WebCore::RenderBox::computeContentAndScrollbarLogicalHeightUsing):
        (WebCore::RenderBox::computePercentageLogicalHeight):
        (WebCore::RenderBox::computeReplacedLogicalHeightUsing):
        (WebCore::RenderBox::availableLogicalHeight):
        (WebCore::RenderBox::availableLogicalHeightUsing):
        (WebCore::RenderBox::computePositionedLogicalHeight):
        (WebCore::RenderBox::computePositionedLogicalHeightUsing):
        * rendering/RenderBox.h:
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::computeMainAxisExtentForChild):
        (WebCore::RenderFlexibleBox::applyStretchAlignmentToChild):
        * rendering/RenderFlowThread.cpp:
        (WebCore::RenderFlowThread::addForcedRegionBreak):
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::computeUsedBreadthOfSpecifiedLength):
        (WebCore::RenderGrid::applyStretchAlignmentToChildIfNeeded):
        * rendering/RenderMultiColumnSet.cpp:
        (WebCore::RenderMultiColumnSet::calculateMaxColumnHeight):
        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::hasReplacedLogicalHeight):
        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::convertStyleLogicalHeightToComputedHeight):
        (WebCore::RenderTable::layout):

2015-06-24  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r185906.
        https://bugs.webkit.org/show_bug.cgi?id=146276

        MSVC doesn't yet provide a const-qualified std::array<T,
        N>::size(), failing to compile the static_assert (Requested by
        zdobersek on #webkit).

        Reverted changeset:

        "Improve the source code generated by make_names.pl"
        https://bugs.webkit.org/show_bug.cgi?id=146208
        http://trac.webkit.org/changeset/185906

2015-06-24  Zan Dobersek  <zdobersek@igalia.com>

        Improve the source code generated by make_names.pl
        https://bugs.webkit.org/show_bug.cgi?id=146208

        Reviewed by Darin Adler.

        Clean up and optimize the output that's generated by the make_names.pl script
        when generating large sets of DOM names for attributes and tags.

        The GenerateStrings() function in the StaticString.pm module is split into
        GenerateStringData() and GenerateASCIILiteral() so that the two new functions
        can be used independently, with the original function still being called when
        generating font names.

        Tags and attributes have the corresponding static QualifiedName globals defined
        as before. After that, two static const std::array<> objects are defined for
        both types -- the first is an ordered array of addresses of the QualifiedName
        objects (corresponding to the C array that was defined in getHTMLTags(),
        getSVGAttrs() etc.), and the second is an ordered array of StringImpl::StaticASCIILiteral
        objects that replaces separately defined StringImpl::StaticASCIILiteral objects
        and the additional tables that contained pairs of QualifiedName object addresses
        and the corresponding StaticASCIILiteral object references in the init() function.
        This is all generated by the printStaticData() function in make_names.pl.

        The printQualifiedNameCreation() function generates a static_assert() that ensures
        that the corresponding std::array<QualifiedName*> and std::array<StaticASCIILiteral>
        objects have the same amount of items, and then sets up a loop that walks through
        the two arrays and properly constructs the QualifiedName objects from the static
        literal data.

        On the GTK port, this shaves off ~54kB from the final stripped shared library
        on a 64-bit build, and ~21kB on a 32-bit build.

        * bindings/scripts/StaticString.pm:
        (GenerateStringData):
        (GenerateASCIILiteral):
        (GenerateStrings):
        * dom/make_names.pl:
        (printCppHead):
        (printNamesCppFile):
        (printStaticData):
        (printQualifiedNameCreation):
        (printInit): Deleted.
        (printDefinitions): Deleted.

2015-06-24  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        Refactor UserMediaRequest to share more codes between MediaDevices.getUserMedia and legacy webkitGetUserMedia
        https://bugs.webkit.org/show_bug.cgi?id=146237

        Reviewed by Darin Adler.

        Covered by existing tests, no change in behavior.

        * Modules/mediastream/MediaConstraintsImpl.cpp:
        (WebCore::MediaConstraintsImpl::create): Simplified error handling by removing exception code parameter.
        * Modules/mediastream/MediaConstraintsImpl.h: Ditto.
        * Modules/mediastream/MediaDevices.cpp:
        (WebCore::MediaDevices::getUserMedia): Removed code now in UserMediaRequest::start.
        * Modules/mediastream/NavigatorUserMedia.cpp:
        (WebCore::NavigatorUserMedia::webkitGetUserMedia): Ditto.
        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::parseOptions): Simplified error handling by removing exception code parameter.
        (WebCore::UserMediaRequest::start): Renamed create in start and added common code.
        * Modules/mediastream/UserMediaRequest.h:

2015-06-23  Andreas Kling  <akling@apple.com>

        Should reduce tile coverage for the first paint after a tab switch.
        <https://webkit.org/b/146252>
        <rdar://problem/19821583>

        Reviewed by Darin Adler.

        Reduce the number of tiles we need to paint after switching tabs,
        to shorten the time it takes before we can flush pixels to screen.

        We accomplish this by piggybacking on the "speculative tiling enabled"
        mode of FrameView, which was previously only used to throttle painting
        and layer flushes during page load.

        When a FrameView becomes visible, which is what happens when you
        switch to its tab, we revert the speculative tiling optimization to
        its initial state, and reset the "scrolled by user" flag.

        In practice this means that after switching tabs, we only generate
        enough tiles to fill the viewport. Then, after 500ms has passed
        or the user scrolls the page, we go back to the usual speculative
        tiling mode.

        * page/FrameView.cpp:
        (WebCore::FrameView::show):

2015-06-23  Anders Carlsson  <andersca@apple.com>

        Remove windowResizerRect code, nobody is using it anymore
        https://bugs.webkit.org/show_bug.cgi?id=146265

        Reviewed by Beth Dakin.

        * loader/EmptyClients.h:
        * page/Chrome.cpp:
        (WebCore::Chrome::windowResizerRect): Deleted.
        * page/Chrome.h:
        * page/ChromeClient.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::windowResizerRect): Deleted.
        * page/FrameView.h:
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::ScrollView): Deleted.
        (WebCore::ScrollView::windowResizerRectChanged): Deleted.
        (WebCore::ScrollView::containsScrollbarsAvoidingResizer): Deleted.
        (WebCore::ScrollView::adjustScrollbarsAvoidingResizerCount): Deleted.
        (WebCore::ScrollView::setParent): Deleted.
        * platform/ScrollView.h:
        (WebCore::ScrollView::windowResizerRect): Deleted.
        * platform/Scrollbar.cpp:
        (WebCore::Scrollbar::Scrollbar): Deleted.
        (WebCore::Scrollbar::setFrameRect): Deleted.
        (WebCore::Scrollbar::setParent): Deleted.
        * platform/Scrollbar.h:

2015-06-23  Dean Jackson  <dino@apple.com>

        Media controls are missing the white backdrop in UIWebViews
        https://bugs.webkit.org/show_bug.cgi?id=146251
        <rdar://problem/20181345>

        Reviewed by Simon Fraser.

        Implement two new CALayer subclasses that explicitly set
        something that resembles the system appearance for
        media-controls-dark-bar-background and media-controls-light-bar-background.
        This way, WebKit1 clients get a visible result.

        Creating the actual system recipes is tracked by:
        https://bugs.webkit.org/show_bug.cgi?id=146250

        * WebCore.xcodeproj/project.pbxproj: Add new files.
        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
        (PlatformCALayerCocoa::PlatformCALayerCocoa): Use the new CALayer subclasses for
        the appropriate layer types.
        * platform/graphics/ca/cocoa/WebSystemBackdropLayer.h: Added.
        * platform/graphics/ca/cocoa/WebSystemBackdropLayer.mm: Added.
        (-[WebLightSystemBackdropLayer init]):
        (-[WebLightSystemBackdropLayer setBackgroundColor:]): Only set to a light grey.
        (-[WebDarkSystemBackdropLayer init]):
        (-[WebDarkSystemBackdropLayer setBackgroundColor:]): Only set to a dark grey.

2015-06-18  Matt Rajca  <mrajca@apple.com>

        Support releasing media sessions
        https://bugs.webkit.org/show_bug.cgi?id=146132

        Reviewed by Darin Adler.

        * Modules/mediasession/MediaSession.cpp: Implemented as described in the Media Session spec.
        (WebCore::MediaSession::releaseSession):
        (WebCore::MediaSession::releaseInternal):
        * Modules/mediasession/MediaSession.h:

2015-06-23  Chris Fleizach  <cfleizach@apple.com>

        AX: iOS: VoiceOver and ARIA: has popup property not announced
        https://bugs.webkit.org/show_bug.cgi?id=146188

        Reviewed by Darin Adler.

        Expose the existing "has popup" property to the iOS Accessibility API.

        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper accessibilityHasPopup]):

2015-06-23  Javier Fernandez  <jfernandez@igalia.com>

        [CSS Grid Layout] Performance optimization: avoid computing overflow alignment if not needed
        https://bugs.webkit.org/show_bug.cgi?id=146231

        Reviewed by Sergio Villar Senin.

        We don't need to apply any overflow handling if alignment value don't have a potential
        risk of data loss, as it's the case of 'start' value.

        This patch avoid computing the overflow in all the cases, since it adds an unneeded
        overhead which affects performance.

        New code improves performance around 3%-8%, depending on the grid tests.

        No new tests, no new funcitonality.

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::rowPositionForChild):
        (WebCore::RenderGrid::columnPositionForChild):

2015-06-23  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        MediaDevices.getUserMedia should migrate from callbacks to DOMPromise
        https://bugs.webkit.org/show_bug.cgi?id=146200

        Reviewed by Darin Adler.

        Introduced DOMPromiseWithCallback to resolve/reject promises while allowing promise clients to use a typed callback approach.
        Migrated MediaDevices.getUserMedia from callbacks to DOMPromiseWithCallback.
        Removed MediaDevices.getUserMedia custom binding.

        Covered by existing tests.

        * CMakeLists.txt: Removing custom binding.
        * Modules/mediastream/MediaDevices.cpp:
        (WebCore::MediaDevices::getUserMedia): Moving from callback to promise.
        * Modules/mediastream/MediaDevices.h: Ditto.
        * Modules/mediastream/MediaDevices.idl: Removing custom binding.
        * Modules/mediastream/NavigatorUserMedia.cpp:
        (WebCore::NavigatorUserMedia::webkitGetUserMedia): Converting from promise callback to API callbacks.
        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::create): Moving from callback to promise.
        (WebCore::UserMediaRequest::UserMediaRequest): Ditto.
        (WebCore::UserMediaRequest::didCreateStream): Ditto.
        (WebCore::UserMediaRequest::failedToCreateStreamWithConstraintsError): Ditto.
        (WebCore::UserMediaRequest::failedToCreateStreamWithPermissionError): Ditto.
        * Modules/mediastream/UserMediaRequest.h: Ditto.
        * bindings/js/JSDOMPromise.h: Introducing DOMPromiseWithCallback and removing crypto specific header.
        (WebCore::DOMPromiseWithCallback::DOMPromiseWithCallback):
        (WebCore::Error>::resolve):
        (WebCore::Error>::reject):
        * bindings/js/JSMediaDevicesCustom.cpp: Removed.
        * bindings/js/JSSubtleCryptoCustom.cpp: Updating headers.

2015-06-23  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] Implement ReadableStream js source "'cancel" callback
        https://bugs.webkit.org/show_bug.cgi?id=146204

        Reviewed by Darin Adler.

        Calling "cancel" JS function when web app is cancelling a JS readable stream.
        Handling of promise returned value in case of async cancel.

        Covered by rebased tests.

        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::invoke): Refactoring to pass cancel reason or controller to the JS function.
        (WebCore::ReadableJSStream::doStart): Ditto.
        (WebCore::startReadableStreamAsync): Renaming readableStream as protectedStream.
        (WebCore::createPullResultFulfilledFunction): Ditto.
        (WebCore::ReadableJSStream::doPull): Refactoring to pass cancel reason or controller to the JS function.
        (WebCore::createCancelResultFulfilledFunction): Cancel promise fullfil callback.
        (WebCore::createCancelResultRejectedFunction): Cancel promise reject callback.
        (WebCore::ReadableJSStream::doCancel): Calling cancel JS callback and handling promise returned value.
        * bindings/js/ReadableJSStream.h: Refactoring to pass cancel reason or controller to the JS function.

2015-06-22  Ryuan Choi  <ryuan.choi@navercorp.com>

        [EFL] Hyphenation is not supported
        https://bugs.webkit.org/show_bug.cgi?id=89830

        Reviewed by Gyuyoung Kim.

        Share libHyphen backend of GTK port.

        Rebased fast/text/hyphenate-*.html

        * PlatformEfl.cmake:
        * PlatformGTK.cmake:
        * platform/efl/FileSystemEfl.cpp:
        (WebCore::listDirectory): Deleted because of lack of functionality.
        eina_file_ls returns full directory path so fnmatch fails to check dict file.
        This patch reuse Posix implementation instead of EFL port specific function.
        * platform/posix/FileSystemPOSIX.cpp: Ditto.
        * platform/text/gtk/HyphenationLibHyphen.cpp: Moved to platform/text/hyphen
        * platform/text/hyphen/HyphenationLibHyphen.cpp:
        Renamed from Source/WebCore/platform/text/gtk/HyphenationLibHyphen.cpp.
        (WebCore::scanTestDictionariesDirectoryIfNecessary):
        Added PLATFORM guard and EFL implementation for the test directory

2015-06-22  Chris Dumez  <cdumez@apple.com>

        [WK1] WebAllowDenyPolicyListener.denyOnlyThisRequest() should not start a new permission request
        https://bugs.webkit.org/show_bug.cgi?id=146228
        <rdar://problem/15179262>

        Reviewed by Daniel Bates.

        Add Geolocation::resetIsAllowed() API that merely resets
        m_allowGeolocation to Unknown, so that we will request the permission
        again the next time a position is requested.

        * Modules/geolocation/Geolocation.h:
        (WebCore::Geolocation::resetIsAllowed):

2015-06-22  Simon Fraser  <simon.fraser@apple.com>

        ASSERT(!m_zOrderListsDirty) when mousing over web view with incremental rendering suppressed
        https://bugs.webkit.org/show_bug.cgi?id=146225

        Reviewed by Zalan Bujtas.

        Update RenderLayer's z-order lists when hit testing. There's no guarantee that they've
        been updated; this happens to work most of the time because painting updates them,
        but if incremental rendering is suppressed, we may not have painted yet.
        
        Easy to hit on webkit.org in MiniBrowser, but I wasn't able to make a reduced testcase.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::hitTest):
        (WebCore::RenderLayer::updateLayerListsIfNeeded): Flip the order of the tests, since checking
        dirty bits is cheaper than calling isStackingContext().

2015-06-22  Dean Jackson  <dino@apple.com>

        Rename PlatformCA*Mac to PlatformCA*Cocoa
        https://bugs.webkit.org/show_bug.cgi?id=146224
        <rdar://problem/21497182>

        Reviewed by Simon Fraser.

        Rename PlatformCALayerMac and related files in platform/graphics/ca/mac
        to the more accurate Cocoa suffix.

        * WebCore.xcodeproj/project.pbxproj:
        * page/mac/ServicesOverlayController.mm:
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        * platform/graphics/ca/PlatformCAAnimation.h:
        * platform/graphics/ca/PlatformCALayer.h:
        * platform/graphics/ca/cocoa/LayerFlushSchedulerMac.cpp: Renamed from Source/WebCore/platform/graphics/ca/mac/LayerFlushSchedulerMac.cpp.
        * platform/graphics/ca/cocoa/PlatformCAAnimationCocoa.h: Renamed from Source/WebCore/platform/graphics/ca/mac/PlatformCAAnimationMac.h.
        * platform/graphics/ca/cocoa/PlatformCAAnimationCocoa.mm: Renamed from Source/WebCore/platform/graphics/ca/mac/PlatformCAAnimationMac.mm.
        * platform/graphics/ca/cocoa/PlatformCAFiltersCocoa.mm: Renamed from Source/WebCore/platform/graphics/ca/mac/PlatformCAFiltersMac.mm.
        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.h: Renamed from Source/WebCore/platform/graphics/ca/mac/PlatformCALayerMac.h.
        * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm: Renamed from Source/WebCore/platform/graphics/ca/mac/PlatformCALayerMac.mm.
        * platform/graphics/ca/cocoa/WebTiledBackingLayer.h: Renamed from Source/WebCore/platform/graphics/ca/mac/WebTiledBackingLayer.h.
        * platform/graphics/ca/cocoa/WebTiledBackingLayer.mm: Renamed from Source/WebCore/platform/graphics/ca/mac/WebTiledBackingLayer.mm.
        * platform/graphics/ca/mac/LayerFlushSchedulerMac.cpp:
        * platform/graphics/ca/mac/PlatformCAAnimationMac.mm:
        * platform/graphics/ca/mac/PlatformCAFiltersMac.mm:
        * platform/graphics/ca/mac/PlatformCALayerMac.mm:
        * platform/graphics/ca/mac/WebTiledBackingLayer.mm:

2015-06-22  Alex Christensen  <achristensen@webkit.org>

        [cssjit] Disable compiling scrollbar pseudoclass selectors
        https://bugs.webkit.org/show_bug.cgi?id=146220

        Reviewed by Benjamin Poulain.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addScrollbarPseudoClassType):
        Don't compile selectors with scrollbar pseudoclasses.

2015-06-22  Simon Fraser  <simon.fraser@apple.com>

        -webkit-clip-path clips incorrectly if the element bounds go beyond the top edge of the page
        https://bugs.webkit.org/show_bug.cgi?id=146218
        rdar://problem/21127840

        Reviewed by Zalan Bujtas.

        The clip path is computed using the RenderLayer's bounding box, so needs to be offset
        by the offsetFromRenderer when set on the mask layer.

        Test: compositing/masks/compositing-clip-path-origin.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateMaskingLayerGeometry):

2015-06-22  Michael Catanzaro  <mcatanzaro@igalia.com>

        Web sockets should be treated as active mixed content
        https://bugs.webkit.org/show_bug.cgi?id=140624

        Reviewed by Sam Weinig.

        Tests: http/tests/security/mixedContent/websocket/insecure-websocket-in-iframe.html
               http/tests/security/mixedContent/websocket/insecure-websocket-in-main-frame.html

        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::connect): Block ws:// WebSocket connections from https:// pages, and
        emit the onerror event after doing so.
        * platform/SchemeRegistry.cpp:
        (WebCore::secureSchemes): Add wss:// to the list of secure schemes.

2015-06-22  Dean Jackson  <dino@apple.com>

        Element with blur backdrop-filter shows edge duplication and dark edges
        https://bugs.webkit.org/show_bug.cgi?id=146215
        <rdar://problem/20367695>

        Reviewed by Tim Horton.

        The input images to backdrop filters should duplicate their edge pixels
        outwards, rather than using transparent pixels. This is a flag we
        set on the Gaussian blur, but means we have to remember if the
        FilterOperations list came from a regular filter or a backdrop filter.

        Test: css3/filters/backdrop/blur-input-bounds.html

        * css/CSSPropertyNames.in: New custom convertor for backdrop-filter.
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertBackdropFilterOperations): New convertor
        that sets the backdrop flag, but is otherwise the same as a normal filter
        convertor.
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::blendFilterOperations): Inherit the backdrop flag if either of our
        inputs has it.
        * platform/graphics/ca/mac/PlatformCAFiltersMac.mm: Set the inputNormalizeEdges
        key on the CAFilter if necessary.
        * platform/graphics/filters/FilterOperations.cpp: Add a new flag indicating if
        these operations are intended for backdrops.
        (WebCore::FilterOperations::operator=):
        (WebCore::FilterOperations::operator==):
        * platform/graphics/filters/FilterOperations.h:
        (WebCore::FilterOperations::isUsedForBackdropFilters):
        (WebCore::FilterOperations::setUsedForBackdropFilters):

2015-06-22  Tim Horton  <timothy_horton@apple.com>

        [TextIndicator] Text shifts one pixel to the left when I force click to bring up Lookup in Mail messages
        https://bugs.webkit.org/show_bug.cgi?id=146214
        <rdar://problem/20782970>

        Reviewed by Dean Jackson.

        * page/mac/TextIndicatorWindow.mm:
        (-[WebTextIndicatorView initWithFrame:textIndicator:margin:offset:]):
        (WebCore::TextIndicatorWindow::setTextIndicator):
        (-[WebTextIndicatorView initWithFrame:textIndicator:margin:]): Deleted.
        When the WebView is at a nonintegral position, we can end up needing a TextIndicator
        with a nonintegral position. We need to round the window position, so we need to apply
        the fractional part to the indicator layers inside, not to the window.

2015-06-22  Myles C. Maxfield  <mmaxfield@apple.com>

        [iOS] Arabic text styled with Georgia is rendered as boxes
        https://bugs.webkit.org/show_bug.cgi?id=145681
        <rdar://problem/21169844>

        Reviewed by Darin Adler.

        Georgia doesn't support Arabic, so we ask CoreText what font does support Arabic. It returns
        TimesNewRomanPSMT. However, WebKit explicitly disallows this font on iOS. Therefore, instead
        of using TimesNewRomanPSMT, we will simply just use GeezaPro.

        Test: fast/text/arabic-times-new-roman.html

        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::FontCache::systemFallbackForCharacters):
        * platform/graphics/Font.h: Let FontCacheIOS call fontFamilyShouldNotBeUsedForArabic()
        * platform/graphics/cocoa/FontCocoa.mm:
        (WebCore::fontFamilyShouldNotBeUsedForArabic):

2015-06-22  Alex Christensen  <achristensen@webkit.org>

        Unreviewed non-mac debug build fix after r185840.

        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::willSendRequest):
        Added enable flag around assertion.

2015-06-20  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Add SPI to reload without content blocking.
        https://bugs.webkit.org/show_bug.cgi?id=146128
        rdar://problem/20351903

        Reviewed by Sam Weinig.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::loadResource):
        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::willSendRequest):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::open):
        * page/Page.h:
        (WebCore::Page::userContentController):
        (WebCore::Page::userContentExtensionsEnabled):
        (WebCore::Page::setUserContentExtensionsEnabled):
        (WebCore::Page::group):
        * page/UserContentController.cpp:
        (WebCore::UserContentController::removeAllUserContentExtensions):
        (WebCore::UserContentController::processContentExtensionRulesForLoad):
        (WebCore::UserContentController::actionsForResourceLoad):
        * page/UserContentController.h:

2015-06-22  Zalan Bujtas  <zalan@apple.com>

        REGRESSION(r169105) Dangling renderer pointer in SelectionSubtreeRoot::SelectionSubtreeData.
        https://bugs.webkit.org/show_bug.cgi?id=146116
        rdar://problem/20959369

        Reviewed by Brent Fulgham.

        This patch ensures that we don't adjust the selection unless the visual selection still matches this subtree root.

        When multiple selection roots are present we need to ensure that a RenderObject
        only shows up in one of them.
        RenderView::splitSelectionBetweenSubtrees(), as the name implies, splits the
        selection and sets the selection range (start/end) on each selection root.
        However, SelectionSubtreeRoot::adjustForVisibleSelection() later recomputes the range
        based on visible selection and that could end up collecting renderers as selection start/end
        from another selection subtree.
        RenderObject's holds the last selection state (RenderObject::setSelectionState).
        If we set a renderer first as "on selection border" and later "inside" using multiple selection roots,
        we can't clean up selections properly when this object gets destroyed.
        One of the roots ends up with a dangling RenderObject pointer.

        Test: fast/regions/crash-when-renderer-is-in-multiple-selection-subtrees.html

        * rendering/SelectionSubtreeRoot.cpp:
        (WebCore::SelectionSubtreeRoot::adjustForVisibleSelection):

2015-06-22  Jeremy Jones  <jeremyj@apple.com>

        Do not exit fullscreen when starting PiP since this is done automatically.
        https://bugs.webkit.org/show_bug.cgi?id=144871

        Reviewed by Darin Adler.

        Since we don't explicitly exit fullscreen, update state in shouldExitFullscreenWithReason()

        * platform/ios/WebVideoFullscreenInterfaceAVKit.h: Declare shouldExitFullscreenWithReason().
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebAVPlayerController playerViewController:shouldExitFullScreenWithReason:]): Forward to WebVideoFullscreenInterfaceAVKit.
        (WebVideoFullscreenInterfaceAVKit::shouldExitFullscreenWithReason): Added.
        (WebVideoFullscreenInterfaceAVKit::willStartPictureInPicture): Remove enter fullscreen code.
        * platform/spi/cocoa/AVKitSPI.h: Add missing enums.

2015-06-22  Daniel Bates  <dabates@apple.com>

        AX: UI Automation cannot find AutoFill or search cancel buttons
        https://bugs.webkit.org/show_bug.cgi?id=145241
        <rdar://problem/21051411>

        Reviewed by Chris Fleizach.

        Add support for hit testing the search cancel button and AutoFill button so that
        they can be accessed by UI Automation.

        Currently the accessibility hit test machinery ignores nodes in a shadow tree.
        So, it neither finds the <input type="search"> cancel button nor the AutoFill button
        when it performs a hit test. Therefore these buttons cannot be accessed using
        UI Automation.

        Tests: accessibility/hit-test-input-auto-fill-button.html
               accessibility/hit-test-input-search-cancel-button.html
               accessibility/input-search-cancel-button.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::accessibilityTextFieldDecorationHitTest): Added; returns
        the AccessibilityObject for the search cancel button or AutoFill text field decoration as applicable.
        (WebCore::AccessibilityRenderObject::accessibilityHitTest): Check whether the hit node
        is a text field decoration.

2015-06-22  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] Implement ReadableStream cancel (abstract part)
        https://bugs.webkit.org/show_bug.cgi?id=146111

        Reviewed by Darin Adler.

        This patch implements ReadableStream and ReadableStreamReader cancel.
        The reader delegates cancellation to its stream.

        This patch also ensures that controller.close() will not throw in case cancellation is on-going.

        A follow-up patch will implement the calling of 'cancel' JS callback for JS sources.

        Covered by rebased tests.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::cancel): Checks whether locked or not before cancelling.
        (WebCore::ReadableStream::cancelNoCheck): Cancel without lock check.
        (WebCore::ReadableStream::notifyCancelSucceeded): Async cancel callback.
        (WebCore::ReadableStream::notifyCancelFailed): Ditto.
        * Modules/streams/ReadableStream.h:
        * Modules/streams/ReadableStream.idl: Cleaned up IDL.
        * Modules/streams/ReadableStreamReader.cpp:
        (WebCore::ReadableStreamReader::cancel):
        * Modules/streams/ReadableStreamReader.h:
        * Modules/streams/ReadableStreamReader.idl: Cleaned up IDL
        * bindings/js/JSReadableStreamControllerCustom.cpp:
        (WebCore::JSReadableStreamController::close):
        * bindings/js/JSReadableStreamCustom.cpp:
        (WebCore::JSReadableStream::cancel):
        * bindings/js/JSReadableStreamReaderCustom.cpp:
        (WebCore::JSReadableStreamReader::cancel):
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::doCancel):
        * bindings/js/ReadableJSStream.h:

2015-06-22  Adam Bergkvist  <adam.bergkvist@ericsson.com>

        WebRTC: Navigator.webkitGetUserMedia() requires three arguments
        https://bugs.webkit.org/show_bug.cgi?id=146022

        Reviewed by Eric Carlson.

        Updated custom binding to make the third error callback argument
        mandatory. Updated and unskipped three tests (for the GTK+ port).

        * bindings/js/JSNavigatorCustom.cpp:
        (WebCore::JSNavigator::webkitGetUserMedia):

2015-06-22  Carlos Garcia Campos  <cgarcia@igalia.com>

        Unreviewed. Fix GTK+ build after r185818.

        Actually rollout r185320.

        * platform/network/soup/DNSSoup.cpp:
        (WebCore::DNSResolveQueue::platformProxyIsEnabledInSystemPreferences):
        (WebCore::DNSResolveQueue::platformResolve):
        (WebCore::gotProxySettingsCallback): Deleted.
        (WebCore::DNSResolveQueue::platformMaybeResolveHost): Deleted.

2015-06-16  Gavin Barraclough  <barraclough@apple.com>

        Page load performance regression due to bugs.webkit.org/show_bug.cgi?id=145542
        https://bugs.webkit.org/show_bug.cgi?id=146198

        Unreviewed rollout.

        * platform/network/DNSResolveQueue.cpp:
        (WebCore::DNSResolveQueue::DNSResolveQueue):
        (WebCore::DNSResolveQueue::isUsingProxy):
        (WebCore::DNSResolveQueue::add):
        (WebCore::DNSResolveQueue::timerFired):
        * platform/network/DNSResolveQueue.h:
        * platform/network/cf/DNSCFNet.cpp:
        (WebCore::DNSResolveQueue::platformProxyIsEnabledInSystemPreferences):
        (WebCore::clientCallback):
        (WebCore::DNSResolveQueue::platformResolve):
        (WebCore::proxyIsEnabledInSystemPreferences): Deleted.
        (WebCore::isUsingProxy): Deleted.
        (WebCore::DNSResolveQueue::platformMaybeResolveHost): Deleted.
        * platform/network/soup/DNSSoup.cpp:

2015-06-21  Alexey Proskuryakov  <ap@apple.com>

        REGRESSION (r172975): navigator.language unable to tell region for Traditional Chinese users
        https://bugs.webkit.org/show_bug.cgi?id=146121
        rdar://problem/21395180

        Reviewed by Darin Adler.

        Revert to previous behavior, which is wrong in many ways, but not as wrong as the new one.

        * platform/mac/Language.mm:
        (WebCore::httpStyleLanguageCode):
        (WebCore::platformUserPreferredLanguages):
        * platform/spi/cf/CFBundleSPI.h:

2015-06-19  Andy Estes  <aestes@apple.com>

        Give Node::didNotifySubtreeInsertions() a better name
        https://bugs.webkit.org/show_bug.cgi?id=146170

        Reviewed by Darin Adler.

        didNotifySubtreeInsertions() is not a good name. It sounds like we are notifying the subtree insertions, which doesn't make sense.

        This function is really about notifying the Node that the subtree it's a part of has finished being inserted into the DOM
        (i.e. all nodes have received their call to insertedInto()). Change the name to finishedInsertingSubtree() to better reflect this.

        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::notifyChildInserted):
        * dom/ContainerNodeAlgorithms.h:
        (WebCore::ChildNodeInsertionNotifier::notifyNodeInsertedIntoDocument):
        (WebCore::ChildNodeInsertionNotifier::notifyNodeInsertedIntoTree):
        * dom/Element.cpp:
        (WebCore::Element::addShadowRoot):
        * dom/Node.h:
        (WebCore::Node::finishedInsertingSubtree): Renamed from didNotifySubtreeInsertions.
        (WebCore::Node::didNotifySubtreeInsertions): Renamed to finishedInsertingSubtree.
        * dom/ScriptElement.cpp:
        (WebCore::ScriptElement::finishedInsertingSubtree): Renamed from didNotifySubtreeInsertions.
        (WebCore::ScriptElement::didNotifySubtreeInsertions): Renamed to finishedInsertingSubtree.
        * dom/ScriptElement.h:
        * html/HTMLFrameElementBase.cpp:
        (WebCore::HTMLFrameElementBase::insertedInto):
        (WebCore::HTMLFrameElementBase::finishedInsertingSubtree): Renamed from didNotifySubtreeInsertions.
        (WebCore::HTMLFrameElementBase::didNotifySubtreeInsertions): Renamed to finishedInsertingSubtree.
        * html/HTMLFrameElementBase.h:
        * html/HTMLScriptElement.cpp:
        (WebCore::HTMLScriptElement::insertedInto):
        (WebCore::HTMLScriptElement::finishedInsertingSubtree): Renamed from didNotifySubtreeInsertions.
        (WebCore::HTMLScriptElement::didNotifySubtreeInsertions): Renamed to finishedInsertingSubtree.
        * html/HTMLScriptElement.h:
        * svg/SVGFEImageElement.cpp:
        (WebCore::SVGFEImageElement::insertedInto):
        (WebCore::SVGFEImageElement::finishedInsertingSubtree): Renamed from didNotifySubtreeInsertions.
        (WebCore::SVGFEImageElement::didNotifySubtreeInsertions): Renamed to finishedInsertingSubtree.
        * svg/SVGFEImageElement.h:
        * svg/SVGMPathElement.cpp:
        (WebCore::SVGMPathElement::insertedInto):
        (WebCore::SVGMPathElement::finishedInsertingSubtree): Renamed from didNotifySubtreeInsertions.
        (WebCore::SVGMPathElement::didNotifySubtreeInsertions): Renamed to finishedInsertingSubtree.
        * svg/SVGMPathElement.h:
        * svg/SVGScriptElement.cpp:
        (WebCore::SVGScriptElement::insertedInto):
        (WebCore::SVGScriptElement::finishedInsertingSubtree): Renamed from didNotifySubtreeInsertions.
        (WebCore::SVGScriptElement::didNotifySubtreeInsertions): Renamed to finishedInsertingSubtree.
        * svg/SVGScriptElement.h:
        * svg/SVGTRefElement.cpp:
        (WebCore::SVGTRefElement::insertedInto):
        (WebCore::SVGTRefElement::finishedInsertingSubtree): Renamed from didNotifySubtreeInsertions.
        (WebCore::SVGTRefElement::didNotifySubtreeInsertions): Renamed to finishedInsertingSubtree.
        * svg/SVGTRefElement.h:
        * svg/SVGTextPathElement.cpp:
        (WebCore::SVGTextPathElement::insertedInto):
        (WebCore::SVGTextPathElement::finishedInsertingSubtree): Renamed from didNotifySubtreeInsertions.
        (WebCore::SVGTextPathElement::didNotifySubtreeInsertions): Renamed to finishedInsertingSubtree.
        * svg/SVGTextPathElement.h:
        * svg/animation/SVGSMILElement.cpp:
        (WebCore::SVGSMILElement::insertedInto):
        (WebCore::SVGSMILElement::finishedInsertingSubtree): Renamed from didNotifySubtreeInsertions.
        (WebCore::SVGSMILElement::didNotifySubtreeInsertions): Renamed to finishedInsertingSubtree.
        * svg/animation/SVGSMILElement.h:

2015-06-21  Philip Chimento  <philip.chimento@gmail.com>

        libwebkit2gtk fails to link without opengl
        https://bugs.webkit.org/show_bug.cgi?id=138332

        Reviewed by Carlos Garcia Campos.

        * CMakeLists.txt: The third-party ANGLE directories need to be
        included even if ENABLE(GRAPHICS_CONTEXT_3D) is false. They must
        be included after the OpenGL headers as the comment says.
        * platform/graphics/texmap/BitmapTexturePool.cpp: Remove
        reference to no longer existent header file.

2015-06-20  Tim Horton  <timothy_horton@apple.com>

        Deselection of text causes a noticeable jump on force touch machines
        https://bugs.webkit.org/show_bug.cgi?id=146173
        <rdar://problem/20992842>

        Reviewed by Sam Weinig.

        When we have a TextIndicator of type Crossfade, we end up putting
        a layer with the blue highlight + text painted into it on top of the
        content, and cross-fading that layer to the yellow-highlighted text.

        This is necessary for BounceAndCrossfade TextIndicators, because the
        blue highlight has to bounce, but is not necessary for Crossfade-only
        ones; we can just fade in the yellow highlight on top of the
        existing blue page highlight, and all is well.

        So, get rid of the Crossfade TextIndicator type and use FadeIn, separately
        keeping track of whether or not we can add a margin (we still can't
        add a margin to TextIndicators that indicate the page's current selection,
        because the blue highlight cannot have the margin applied to it, and we
        want the bounds to match exactly).

        * page/TextIndicator.cpp:
        (WebCore::TextIndicator::createWithRange):
        If the range is the same as the selection, turn off the margin.
        We were previously doing this based on the presentation transition, but now
        there's no difference in presentation transition in this case.

        (WebCore::TextIndicator::createWithSelectionInFrame):
        (WebCore::TextIndicator::wantsBounce):
        (WebCore::TextIndicator::wantsContentCrossfade):
        (WebCore::TextIndicator::wantsFadeIn):
        (WebCore::TextIndicator::wantsManualAnimation):
        * page/TextIndicator.h:
        Get rid of TextIndicatorPresentationTransition::Crossfade.

        (WebCore::TextIndicator::setWantsMargin):
        (WebCore::TextIndicator::wantsMargin):
        Keep track of whether we want a margin.

        * page/mac/TextIndicatorWindow.mm:
        (-[WebTextIndicatorView initWithFrame:textIndicator:margin:]):
        Determine if we should use a margin based on wantsMargin instead of the
        presentation transition.

2015-06-20  Ryuan Choi  <ryuan.choi@navercorp.com>

        [EFL] Do not consider test directories when DEVELOPER_MODE is OFF
        https://bugs.webkit.org/show_bug.cgi?id=146171

        Reviewed by Gyuyoung Kim.

        * platform/efl/EflInspectorUtilities.cpp:
        (WebCore::inspectorResourcePath): Only used WEB_INSPECTOR_DIR which CMake decides properly.

2015-06-19  Michael Catanzaro  <mcatanzaro@igalia.com>

        Fix absolute value warning in LocalizedStringsGtk.cpp
        https://bugs.webkit.org/show_bug.cgi?id=145919

        Reviewed by Martin Robinson.

        Use abs(static_cast<int>(time)) rather than static_cast<int>(abs(time)) to avoid clang's
        warnings about passing a float to abs() instead of std::abs(). Also, because casting an int
        to an int is silly.

        * platform/gtk/LocalizedStringsGtk.cpp:
        (WebCore::localizedMediaTimeDescription):

2015-06-19  Devin Rousso  <drousso@apple.com>

        Web Inspector: Highlight currently edited CSS selector
        https://bugs.webkit.org/show_bug.cgi?id=145658

        Reviewed by Joseph Pecoraro.

        Test: inspector/dom/highlight-multiple-shapes.html

        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::buildObjectForHighlightedNode):
        * inspector/InspectorController.h:
        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::highlightSelector): Gets a list of all nodes matching a given selector string and highlights each of them.
        * inspector/InspectorDOMAgent.h:
        * inspector/InspectorOverlay.cpp:
        (WebCore::InspectorOverlay::hideHighlight):
        (WebCore::InspectorOverlay::highlightNodeList): Loops through a given NodeList to create highlightObjects for each of them.
        (WebCore::InspectorOverlay::shouldShowOverlay):
        (WebCore::buildObjectForElementData): Don't show flow fragments when highlighting multiple nodes.
        (WebCore::InspectorOverlay::buildHighlightObjectForNode):
        (WebCore::InspectorOverlay::buildObjectForHighlightedNode): Now returns an array containing the highlightObject for each highligthed node.
        (WebCore::InspectorOverlay::drawNodeHighlight): Now sends an array to the InspectorOverlayPage.js to provide support for highlighting multiple nodes.
        * inspector/InspectorOverlay.h:
        * inspector/InspectorOverlayPage.js: Now expects an array as its parameter and loops through it to highlight each node given.
        If the parameter array contains more than one element, do not draw the textbox containing info on that node.
        (drawNodeHighlight):

2015-06-19  Joseph Pecoraro  <pecoraro@apple.com>

        Crash under WebCore::PageConsoleClient::addMessage attempting to log insecure content message in ImageDocument
        https://bugs.webkit.org/show_bug.cgi?id=146096

        Reviewed by Timothy Hatcher.

        Was able to reproduce this using a user stylesheet with an http css font
        on a pdf (ImageDocument) main document loaded over https. Was unable to
        create a reliable test for this scenario.

        * page/PageConsoleClient.cpp:
        (WebCore::getParserLocationForConsoleMessage):
        The scriptableDocumentParser could be null, such as in an ImageDocument.

2015-06-19  Dean Jackson  <dino@apple.com>

        Extremely large canvas crashes on pre-El Capitan machines
        https://bugs.webkit.org/show_bug.cgi?id=146169
        <rdar://problem/21410046>

        Reviewed by Tim Horton.

        On machines before El Capitan, make the maximum canvas size
        8k by 8k.

        Covered by existing tests.

        * html/HTMLCanvasElement.cpp:

2015-06-19  Tim Horton  <timothy_horton@apple.com>

        Selection services cannot be invoked when force click is enabled
        https://bugs.webkit.org/show_bug.cgi?id=146166
        <rdar://problem/21468362>

        Reviewed by Darin Adler.

        * page/mac/ServicesOverlayController.h:
        Turn Highlight::Type into something we can use for dirty flags.

        * page/mac/ServicesOverlayController.mm:
        (WebCore::ServicesOverlayController::Highlight::createForSelection):
        (WebCore::ServicesOverlayController::Highlight::createForTelephoneNumber):
        (WebCore::ServicesOverlayController::ServicesOverlayController):
        (WebCore::ServicesOverlayController::selectionRectsDidChange):
        (WebCore::ServicesOverlayController::selectedTelephoneNumberRangesChanged):
        (WebCore::ServicesOverlayController::invalidateHighlightsOfType):
        (WebCore::ServicesOverlayController::buildPotentialHighlightsIfNeeded):
        (WebCore::ServicesOverlayController::remainingTimeUntilHighlightShouldBeShown):
        (WebCore::ServicesOverlayController::buildPhoneNumberHighlights):
        (WebCore::ServicesOverlayController::buildSelectionHighlight):
        (WebCore::ServicesOverlayController::findTelephoneNumberHighlightContainingSelectionHighlight):
        (WebCore::ServicesOverlayController::determineActiveHighlight):
        (WebCore::ServicesOverlayController::didScrollFrame):
        (WebCore::ServicesOverlayController::handleClick):
        Coalesce highlight rebuilding so that things (like TextIndicator creation)
        that change the selection and then reset it immediately don't cause us
        to lose the active highlight.

        This also means that if the selection changes multiple times in a runloop
        (easily possible from script), we won't waste a lot of time rebuilding highlights.

        (WebCore::ServicesOverlayController::didRebuildPotentialHighlights):
        Merged into buildPotentialHighlightsIfNeeded.

2015-06-19  Matt Baker  <mattbaker@apple.com>

        Web Inspector: TimelineAgent needs to handle nested runloops
        https://bugs.webkit.org/show_bug.cgi?id=145090

        Reviewed by Joseph Pecoraro.

        Previously nested run loops caused InspectorTimelineAgent to prematurely pop the current run loop record. This
        patch adds a counter to track the run loop nesting level, and rendering frame records are only pushed/popped
        when the nesting level is zero. Run loop entry/exit notifications received while the debugger is paused do not
        affect the nesting level.

        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::internalStart):
        (WebCore::InspectorTimelineAgent::internalStop):
        (WebCore::InspectorTimelineAgent::InspectorTimelineAgent):
        * inspector/InspectorTimelineAgent.h:

2015-06-19  Brent Fulgham  <bfulgham@apple.com>

        Follow-up fix to r185766.
        https://bugs.webkit.org/show_bug.cgi?id=22132

        Reviewed by Zalan Bujtas.

        Suggested by Darin Adler in the bug.

        * platform/graphics/filters/FETile.cpp:
        (WebCore::FETile::platformApplySoftware): Use WTF::move when passing
        the new tileImageCopy RefPtr.

2015-06-19  Michael Catanzaro  <mcatanzaro@igalia.com>

        [SOUP] Fix return-type-c-linkage warning after r185553
        https://bugs.webkit.org/show_bug.cgi?id=146014

        Reviewed by Martin Robinson.

        * platform/network/soup/WebKitSoupRequestGeneric.cpp:
        (webkitSoupRequestGenericGetRequest): Return a pointer rather than a reference.
        * platform/network/soup/WebKitSoupRequestGeneric.h: webkitSoupRequestGenericGetRequest now
        returns a pointer rather than a reference.

2015-06-19  Dean Jackson  <dino@apple.com>

        Played <audio> looks invisible against the gray background
        https://bugs.webkit.org/show_bug.cgi?id=146164
        <rdar://problem/21014284>

        Reviewed by Brent Fulgham.

        The plus-darker blend mode was not allowing any white to
        show through in the rendering. We don't need this for
        audio controls, where we draw on an opaque grey background.

        * Modules/mediacontrols/mediaControlsiOS.css:
        (audio::-webkit-media-controls-panel): Darken the color of the controls a
        little to make white stand out more.
        (audio::-webkit-media-controls-timeline): Remove the plus-darker blending.
        (video::-webkit-media-controls-timeline): Apply blending only to video.

2015-06-19  Andy Estes  <aestes@apple.com>

        Various assertion failures occur when executing script in the midst of DOM insertion
        https://bugs.webkit.org/show_bug.cgi?id=132482

        Reviewed by Darin Adler.

        Prior to this change, when an element containing a <script> child was inserted into a document, the script was
        executed in ScriptElement::insertedInto(). That script can access nodes that follow it in the newly-inserted
        hierarchy but are not yet fully inserted, leading to at least the following problems:

            - The script could remove a node that is not yet marked as in the document.
            - The script could remove a named <map> that has yet to be added to TreeScope::m_imageMapsByName.
            - The script could remove a form control that has yet to be added to FormController::m_formElementsWithState.

        These scenarios all result in assertion failures. This change ensures that each node in the newly-inserted
        hierarchy is fully inserted before executing any scripts.

        Tests: fast/dom/element-removed-while-inserting-parent-crash.html
               fast/dom/named-map-removed-while-inserting-parent-crash.html
               fast/forms/form-control-removed-while-inserting-parent-crash.html
               svg/dom/element-removed-while-inserting-parent-crash.html

        * dom/ScriptElement.cpp:
        (WebCore::ScriptElement::shouldNotifySubtreeInsertions): Renamed from insertedInto().
        Returned true in the case where insertedInto() would've called prepareScript().
        (WebCore::ScriptElement::didNotifySubtreeInsertions): Called prepareScript().
        (WebCore::ScriptElement::insertedInto): Renamed to shouldNotifySubtreeInsertions().
        * dom/ScriptElement.h:
        * html/HTMLScriptElement.cpp:
        (WebCore::HTMLScriptElement::insertedInto): If shouldNotifySubtreeInsertions() is true, returned InsertionShouldCallDidNotifySubtreeInsertions.
        Otherwise, returned InsertionDone.
        (WebCore::HTMLScriptElement::didNotifySubtreeInsertions): Called ScriptElement::didNotifySubtreeInsertions().
        * html/HTMLScriptElement.h:
        * svg/SVGScriptElement.cpp:
        (WebCore::SVGScriptElement::insertedInto): Did the same as HTMLScriptElement::insertedInto().
        (WebCore::SVGScriptElement::didNotifySubtreeInsertions): Called ScriptElement::didNotifySubtreeInsertions().
        * svg/SVGScriptElement.h:

2015-06-19  Brent Fulgham  <bfulgham@apple.com>

        All calls of ImageBuffer::create should null check the return value
        https://bugs.webkit.org/show_bug.cgi?id=22132

        Reviewed by Zalan Bujtas.

        ImageBuffer::create returns nullptr for a number of reasons, and should be
        expected to do so. We missed this check in a few places, resulting in
        crashes on some systems. Likewise, ImageBuffer::copyImage may return nullptr
        in normal use and should be checked.

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::drawPattern): Add nullptr check for create and copyImage. Remove
        extra call to 'setImageObserver'.
        * platform/graphics/cairo/ImageBufferCairo.cpp:
        (WebCore::ImageBuffer::drawPattern): Add nullptr check for copyImage.
        * platform/graphics/cg/ImageBufferCG.cpp:
        (WebCore::ImageBuffer::drawPattern): Add nullptr checks for copyImage.
        * platform/graphics/filters/FETile.cpp:
        (WebCore::FETile::platformApplySoftware): Add nullptr check for copyImage.
        * platform/graphics/filters/FilterEffect.cpp:
        (WebCore::FilterEffect::asImageBuffer): Add nullptr check for create.
        (WebCore::FilterEffect::openCLImageToImageBuffer): Ditto.
        * platform/graphics/texmap/BitmapTexture.cpp:
        (WebCore::BitmapTexture::updateContents): Add nullptr checks for create and copyImage.
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::drawPatternForContainer): Add nullptr check for copyImage.

2015-06-19  Jeremy Jones  <jeremyj@apple.com>

        Get CAContext directly for CALayer instead of walking the layer tree.
        https://bugs.webkit.org/show_bug.cgi?id=146138
        <rdar://problem/21455974>

        Reviewed by Darin Adler.

        This will get the context directly from the CALayer instead of getting all CAContexts, walking the layer tree 
        to the root and comparing that against each CAContext's root layer.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenLayer):

2015-06-18  Brent Fulgham  <bfulgham@apple.com>

        [iOS] scrollIntoViewIfNeeded is not working with scroll-snap points
        https://bugs.webkit.org/show_bug.cgi?id=145318
        <rdar://problem/21081501>

        Reviewed by Simon Fraser.

        Use the ScrollController in iOS to track the scroll snap point state.
        We do not need the animation implementation or timers since the actual
        animation is handled by UIKit.

        This change lets us communicate the current offset into the scroll snap
        offset vector between the WebProcess and RemoteScrollingTree so that
        both sides stay in sync regardless of whether user gestures or style
        updates have caused us to shift to a different snap point.

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated): Set the
        current horizontal and vertical scroll snap offset indices.
        (WebCore::AsyncScrollingCoordinator::updateOverflowScrollingNode): Ditto.
        * page/scrolling/AsyncScrollingCoordinator.h: Mark the setActiveScrollSnapIndices
        for export so that it can be reached by the UIProcess.
        * page/scrolling/ScrollingCoordinator.h: Keep track of horizontal and
        vertical scroll snap offset indices.
        * page/scrolling/ScrollingStateScrollingNode.cpp:
        (WebCore::ScrollingStateScrollingNode::setCurrentHorizontalSnapPointIndex): Added.
        (WebCore::ScrollingStateScrollingNode::setCurrentVerticalSnapPointIndex): Added.
        * page/scrolling/ScrollingStateScrollingNode.h:
        (WebCore::ScrollingStateScrollingNode::currentHorizontalSnapPointIndex): Added.
        (WebCore::ScrollingStateScrollingNode::currentVerticalSnapPointIndex): Added.
        * page/scrolling/ScrollingTree.h:
        * page/scrolling/ScrollingTreeScrollingNode.cpp:
        (WebCore::ScrollingTreeScrollingNode::updateBeforeChildren): Update the scroll snap
        point offset indices if either has changed.
        * page/scrolling/ScrollingTreeScrollingNode.h:
        (WebCore::ScrollingTreeScrollingNode::currentHorizontalSnapPointIndex): Added.
        (WebCore::ScrollingTreeScrollingNode::currentVerticalSnapPointIndex): Added.
        (WebCore::ScrollingTreeScrollingNode::setCurrentHorizontalSnapPointIndex): Added.
        (WebCore::ScrollingTreeScrollingNode::setCurrentVerticalSnapPointIndex): Added.
        * page/scrolling/ThreadedScrollingTree.cpp:
        (WebCore::ThreadedScrollingTree::currentSnapPointIndicesDidChange): New method
        to handle notifications about scroll snap index changes from the UIProcess.
        * page/scrolling/ThreadedScrollingTree.h:
        * page/scrolling/ios/ScrollingTreeIOS.cpp:
        (WebCore::ScrollingTreeIOS::currentSnapPointIndicesDidChange): New method
        to handle notifications about scroll snap index changes from the UIProcess.
        * page/scrolling/ios/ScrollingTreeIOS.h:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren): Update scroll
        snap point current offset indices if they have changed.
        (WebCore::ScrollingTreeFrameScrollingNodeMac::scrollOffsetOnAxis): Remove unneeded
        PLATFORM(MAC) macro.
        * platform/ScrollAnimator.cpp:
        (WebCore::ScrollAnimator::ScrollAnimator): We have a ScrollController if we are
        supporting scroll snap points or rubber banding.
        (WebCore::ScrollAnimator::processWheelEventForScrollSnap): This method is not needed
        for iOS builds.
        (WebCore::ScrollAnimator::updateActiveScrollSnapIndexForOffset): Enable this on iOS.
        (WebCore::ScrollAnimator::updateScrollSnapState): Renamed from 'updateScrollAnimatorsAndTimers'
        and enabled on iOS.
        (WebCore::ScrollAnimator::updateScrollAnimatorsAndTimers): Deleted.
        * platform/ScrollAnimator.h: Enable some scroll snap methods on iOS.
        * platform/ScrollableArea.cpp:
        (WebCore::ScrollableArea::handleWheelEvent): Enable scroll snap index bookkeeping on iOS, too.
        (WebCore::ScrollableArea::updateScrollSnapState): Revise to call 'updateScrollSnapState' instead
        of 'updateScrollAnimatorsAndTimers'.
        * platform/cocoa/ScrollController.h: Enable some methods on iOS. Reorder methods to
        reduce the number of macros needed to do so.
        * platform/cocoa/ScrollController.mm:
        (systemUptime): Only build for Mac.
        (WebCore::ScrollController::ScrollController): Disable rubber band-specific members on iOS.
        (WebCore::ScrollController::handleWheelEvent): Only build this on Mac.
        (WebCore::ScrollController::isRubberBandInProgress): Always return 'false' on iOS.
        (WebCore::ScrollController::startSnapRubberbandTimer): Only build this on Mac.
        (WebCore::ScrollController::shouldRubberBandInHorizontalDirection): Ditto.
        (WebCore::ScrollController::scrollSnapPointState): Enable on iOS.
        (WebCore::ScrollController::hasActiveScrollSnapTimerForAxis): Only build on Mac.
        (WebCore::ScrollController::updateScrollSnapState): renamed from 'updateScrollAnimatorsAndTimers'
        (WebCore::ScrollController::startScrollSnapTimer): Only build on Mac.
        (WebCore::ScrollController::initializeGlideParameters): Ditto.
        (WebCore::ScrollController::activeScrollSnapIndexForAxis): Enable on iOS.
        (WebCore::ScrollController::setActiveScrollSnapIndicesForOffset): Ditto.
        (WebCore::ScrollController::beginScrollSnapAnimation): Only build on Mac.
        (WebCore::ScrollController::computeGlideDelta): Ditto.
        (WebCore::ScrollController::updateScrollAnimatorsAndTimers): Deleted.
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer): Capture any changes in scroll
        snap offset indices.

2015-06-19  Jeremy Jones  <jeremyj@apple.com>

        Fullscreen view should not update bounds of video when in PiP.
        https://bugs.webkit.org/show_bug.cgi?id=146134

        Reviewed by Darin Adler.

        Don't update bounds on video layer when it is not a child.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebAVVideoLayer setBounds:]):

2015-06-19  Zalan Bujtas  <zalan@apple.com>

        RenderRubyText requires RenderRubyRun parent.
        https://bugs.webkit.org/show_bug.cgi?id=146148
        rdar://problem/21423319

        Reviewed by Simon Fraser.

        RenderRubyText expects its parent to be RenderRubyRun and since a
        a non-block <rt> requires anonymous wrapper, we should check whether
        the display type is actually block.

        Test: fast/ruby/crash-when-ruby-rt-is-non-block.html

        * html/RubyTextElement.cpp:
        (WebCore::RubyTextElement::createElementRenderer):

2015-06-19  Jeremy Jones  <jeremyj@apple.com>

        cancelPreviousPerformRequestsWithTarget for -resolveBounds in wrong class.
        https://bugs.webkit.org/show_bug.cgi?id=146140

        Reviewed by Eric Carlson.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebCALayerHostWrapper dealloc]): Added.
        (-[WebAVVideoLayer dealloc]): Deleted.

2015-06-19  Per Arne Vollan  <peavo@outlook.com>

        [WinCairo] Null pointer crash in BitmapTexture::updateContents.
        https://bugs.webkit.org/show_bug.cgi?id=146147

        Reviewed by Brent Fulgham.

        Added null pointer check.

        * platform/graphics/texmap/BitmapTexture.cpp:
        (WebCore::BitmapTexture::updateContents):

2015-06-19  Anders Carlsson  <andersca@apple.com>

        Spintracer treats the web process as hung when it's showing JavaScript dialogs in the UI process
        https://bugs.webkit.org/show_bug.cgi?id=146124
        rdar://problem/21449395

        Reviewed by Geoffrey Garen.

        * platform/spi/cg/CoreGraphicsSPI.h:

2015-06-19  Csaba Osztrogonác  <ossy@webkit.org>

        Remove unnecessary svn:executable flags
        https://bugs.webkit.org/show_bug.cgi?id=146107

        Reviewed by Alexey Proskuryakov.

        * html/canvas/CanvasRenderingContext2D.cpp: Removed property svn:executable.
        * mathml/MathMLMencloseElement.cpp: Removed property svn:executable.
        * mathml/MathMLMencloseElement.h: Removed property svn:executable.
        * platform/efl/RenderThemeEfl.cpp: Removed property svn:executable.
        * rendering/mathml/RenderMathMLMenclose.cpp: Removed property svn:executable.
        * rendering/mathml/RenderMathMLMenclose.h: Removed property svn:executable.

2015-06-19  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        Bindings generator should generate code to catch exception and reject promises for Promise-based APIs
        https://bugs.webkit.org/show_bug.cgi?id=146060

        Reviewed by Darin Adler.

        The binding generator splits the function that binds JS to the DOM class implementation in two for functions returning promise.
        The first function, called from JS, is responsible of casting this to the expected JSXXX class.
        If casting fails, an exception is raised. Otherwise, it calls the second function.
        After calling the second function, it checks whether an exception is raised, in which case it returns a rejected promise.
        The second function is responsible of argument conversion and calling the DOM class function.

        Covered by expectations and AudioContext promise still working.
        A test case is added for a promise returning function taking a typed argument as input (if argument value cannot be typed, the promise is rejected).
        A second test case is a promise-returning function that can raise an exception. In that case the DOMException is used as rejection value.

        As can be seen from generated code, this generalized code adds a mandatory check (is there an exception?) at the end of the function.
        This check is done even in cases we know there will be no exception.
        This may be covered by another patch if this optimization is thought useful enough.

        * bindings/js/JSDOMPromise.cpp:
        (WebCore::rejectPromiseWithExceptionIfAny): Utility method for the binding code.
        (WebCore::callPromiseFunction): Ditto.
        * bindings/js/JSDOMPromise.h:
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        (GenerateFunctionCastedThis): Extracted from GenerateImplementationFunctionCall to reuse it in case of promise-returning functions.
        (GenerateImplementationFunctionCall):
        (GenerateCallbackImplementation): Deleted.
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunction):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionPromise):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithFloatArgument):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithFloatArgumentPromise):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithException):
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunctionWithExceptionPromise):
        * bindings/scripts/test/TestObj.idl:

2015-06-18  Jeremy Jones  <jeremyj@apple.com>

        Disable UIWindow for fullscreen video for selected clients.
        https://bugs.webkit.org/show_bug.cgi?id=145852

        Reviewed by Simon Fraser.

        Disable UIWindow for fullscreen video doesn't work everywhere (rdar://problem/21315993), so just disable it when creating a UIWindow won't work.
        Fix some interface hiding and layout problems that showed up in the non UIWindow code path.

        * platform/RuntimeApplicationChecksIOS.h:
        * platform/RuntimeApplicationChecksIOS.mm: Remove iAD bundle identifier.
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::setupFullscreen): Opt out of UIWindow when hosted in another process. And fix view parenting for non-window case.
        (WebVideoFullscreenInterfaceAVKit::exitFullscreen): Fix for AVKit exit fullscreen complaining about -needsLayout.

        (WebVideoFullscreenInterfaceAVKit::requestHideAndExitFullscreen):
        (WebVideoFullscreenInterfaceAVKit::preparedToReturnToInline):
        (WebVideoFullscreenInterfaceAVKit::willStartOptimizedFullscreen):
        (WebVideoFullscreenInterfaceAVKit::didStartOptimizedFullscreen):
        (WebVideoFullscreenInterfaceAVKit::willStopOptimizedFullscreen):
        (WebVideoFullscreenInterfaceAVKit::didStopOptimizedFullscreen):
        These hide and show the view controller where we hide and show the window.

2015-06-18  Dean Jackson  <dino@apple.com>

        Provide a way for web developers to draw a Theme-specific Wireless Playback icon
        https://bugs.webkit.org/show_bug.cgi?id=146123
        <rdar://problem/21119287>

        Reviewed by Simon Fraser.

        Implement a -webkit-named-image() CSS <image> generator that allows a site to
        request artwork by name and get the platform variant. At the moment
        we only support "wireless-playback" which returns a generic image everywhere
        but Cocoa platforms, where we render the AirPlay icon.

        In order to do this I added a ThemeCocoa to share any Theme code between
        Mac and iOS.

        Test: fast/css/named-icons.html

        * WebCore.xcodeproj/project.pbxproj: Add new files CSSNamedImageValue, NamedImageGeneratedImage and ThemeCocoa.

        * css/CSSImageGeneratorValue.cpp: Handle the new NamedImageClass in the switch statements for downcasting.
        (WebCore::CSSImageGeneratorValue::image):
        (WebCore::CSSImageGeneratorValue::isFixedSize):
        (WebCore::CSSImageGeneratorValue::isPending):
        (WebCore::CSSImageGeneratorValue::knownToBeOpaque):

        * css/CSSNamedImageValue.cpp: New class. Just holds a name String.
        (WebCore::CSSNamedImageValue::customCSSText):
        (WebCore::CSSNamedImageValue::image):
        (WebCore::CSSNamedImageValue::equals):
        * css/CSSNamedImageValue.h:
        (WebCore::CSSNamedImageValue::create):
        (WebCore::CSSNamedImageValue::isFixedSize):
        (WebCore::CSSNamedImageValue::isPending):
        (WebCore::CSSNamedImageValue::CSSNamedImageValue):

        * css/CSSParser.cpp:
        (WebCore::CSSParser::isGeneratedImageValue): Allow "-webkit-named-image(".
        (WebCore::CSSParser::parseGeneratedImage): Call parseNamedImage if we hit named-icon.
        (WebCore::CSSParser::parseNamedImage): Parse the function looking for a CSS ident.
        * css/CSSParser.h:

        * css/CSSValue.cpp: Handle NamedImageClass in the various switch statements.
        (WebCore::CSSValue::equals):
        (WebCore::CSSValue::cssText):
        (WebCore::CSSValue::destroy):
        * css/CSSValue.h:
        (WebCore::CSSValue::isNamedImageValue): Helper to detect the correct CSSValue subclass.

        * platform/Theme.cpp:
        (WebCore::Theme::drawNamedImage): Draw a generic wireless playback icon.
        * platform/Theme.h: Add drawNamedImage.

        * platform/cocoa/ThemeCocoa.cpp: New shared base class for ThemeMac and ThemeIOS.
        (WebCore::fitContextToBox):
        (WebCore::ThemeCocoa::drawNamedImage): Draw an AirPlay icon for wireless playback.
        * platform/cocoa/ThemeCocoa.h:

        * platform/graphics/CrossfadeGeneratedImage.h: Drive-by removal of unnecessary forward class definition.

        * platform/graphics/ImageBuffer.h: Add NamedImageGeneratedImage as a friend class.

        * platform/graphics/NamedImageGeneratedImage.cpp: New class. Calls into the Theme to render the artwork.
        (WebCore::NamedImageGeneratedImage::NamedImageGeneratedImage):
        (WebCore::NamedImageGeneratedImage::draw):
        (WebCore::NamedImageGeneratedImage::drawPattern):
        * platform/graphics/NamedImageGeneratedImage.h:

        * platform/ios/ThemeIOS.h: Inherit from ThemeCocoa.
        * platform/mac/ThemeMac.h: Ditto.

2015-06-18  KyungTae Kim  <ktf.kim@samsung.com> and Myles C. Maxfield  <mmaxfield@apple.com>

        [CSS3] Add support for the word-break:keep-all CSS property
        https://bugs.webkit.org/show_bug.cgi?id=123782

        Reviewed by Darin Adler.

        Add support for word-break:keep-all CSS property by CSS3 spec:
        http://www.w3.org/TR/2013/WD-css-text-3-20131010/#word-break-property

        Test: fast/text/word-break-keep-all.html

        * css/CSSParser.cpp:
        (WebCore::isValidKeywordPropertyAndValue):
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        (WebCore::CSSPrimitiveValue::operator EWordBreak):
        * css/CSSValueKeywords.in:
        * rendering/RenderText.cpp:
        (WebCore::RenderText::computePreferredLogicalWidths):
        * rendering/break_lines.h:
        (WebCore::nextBreakablePositionKeepingAllWords):
        (WebCore::nextBreakablePositionKeepingAllWordsIgnoringNBSP):
        (WebCore::isBreakable):
        * rendering/line/BreakingContext.h:
        (WebCore::BreakingContext::handleText):
        (WebCore::BreakingContext::optimalLineBreakLocationForTrailingWord):
        * rendering/style/RenderStyleConstants.h:

2015-06-18  Jon Lee  <jonlee@apple.com>

        Update AVKit usage of pip
        https://bugs.webkit.org/show_bug.cgi?id=146095
        <rdar://problem/21386853>

        Reviewed by Eric Carlson.

        - Rename enum VideoFullscreenModeOptimized to VideoFullscreenModePictureInPicture
        - Rename MediaElementSession::allowsAlternateFullscreen to allowsPictureInPicture
        - Rename Settings::allowsAlternateFullscreen to allowsPictureInPictureMediaPlayback
        - Update AVKit calls and AVKitSPI.h
        - Rename WebVideoFullscreenInterfaceAVKit delegate functions and member variables

        * html/HTMLMediaElement.cpp:
        * html/HTMLVideoElement.cpp:
        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::allowsPictureInPicture): Renamed.
        (WebCore::MediaElementSession::allowsAlternateFullscreen): Deleted.
        * html/MediaElementSession.h:
        * page/Settings.cpp:
        * page/Settings.in:
        * platform/graphics/MediaPlayerEnums.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.h: Remove unused setIsOptimized.
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        * platform/spi/cocoa/AVKitSPI.h: Remove unused typedef.
        * platform/spi/mac/AVFoundationSPI.h:

2015-06-18  Jeremy Jones  <jeremyj@apple.com>

        Fix crash when entering fullscreen during exit fullscreen animation.
        https://bugs.webkit.org/show_bug.cgi?id=146117

        Reviewed by Simon Fraser.

        Because enterFullscreen can be called during exitFullscreen animation, the exit fullscreen teardown
        should not imply a fullscreen state change on video element.

        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (WebVideoFullscreenControllerContext::exitFullscreen): May be called from mainThread
        (-[WebVideoFullscreenController exitFullscreen]): May be called from mainThread
        * platform/ios/WebVideoFullscreenModelVideoElement.mm:
        (WebVideoFullscreenModelVideoElement::setVideoElement): 
        Changing associated video element does not imply fullscreen mode change.

2015-06-18  Brian J. Burg  <burg@cs.washington.edu>

        Web Inspector: improve generated types for objects passed to backend commands
        https://bugs.webkit.org/show_bug.cgi?id=146091

        Reviewed by Joseph Pecoraro.

        Update type signatures for backend command implementations. In a few cases, clean
        up relevant helper function signatures and copy data out of parameter objects where
        the code previously held onto a reference.

        No new tests, no behavior changed.

        * inspector/InspectorCSSAgent.cpp:
        (WebCore::computePseudoClassMask):
        (WebCore::InspectorCSSAgent::setStyleText):
        (WebCore::InspectorCSSAgent::setRuleSelector):
        (WebCore::InspectorCSSAgent::forcePseudoState):
        * inspector/InspectorCSSAgent.h:
        * inspector/InspectorDOMAgent.cpp:
        (WebCore::parseColor):
        (WebCore::parseConfigColor):
        (WebCore::parseQuad):
        (WebCore::InspectorDOMAgent::performSearch):
        (WebCore::InspectorDOMAgent::setSearchingForNode):
        (WebCore::InspectorDOMAgent::highlightConfigFromInspectorObject):
        (WebCore::InspectorDOMAgent::setInspectModeEnabled):
        (WebCore::InspectorDOMAgent::highlightRect):
        (WebCore::InspectorDOMAgent::highlightQuad):
        (WebCore::InspectorDOMAgent::innerHighlightQuad):
        (WebCore::InspectorDOMAgent::highlightNode):
        (WebCore::InspectorDOMAgent::highlightFrame):
        * inspector/InspectorDOMAgent.h:
        * inspector/InspectorDOMStorageAgent.cpp:
        (WebCore::InspectorDOMStorageAgent::getDOMStorageItems):
        (WebCore::InspectorDOMStorageAgent::setDOMStorageItem):
        (WebCore::InspectorDOMStorageAgent::removeDOMStorageItem):
        (WebCore::InspectorDOMStorageAgent::findStorageArea):
        * inspector/InspectorDOMStorageAgent.h:
        * inspector/InspectorIndexedDBAgent.cpp:
        (WebCore::InspectorIndexedDBAgent::requestData):
        * inspector/InspectorIndexedDBAgent.h:
        * inspector/InspectorReplayAgent.cpp:
        (WebCore::InspectorReplayAgent::replayToPosition):
        * inspector/InspectorReplayAgent.h:
        * inspector/InspectorResourceAgent.cpp:
        (WebCore::InspectorResourceAgent::willSendRequest):
        (WebCore::InspectorResourceAgent::setExtraHTTPHeaders):
        Clean up extraHTTPHeaders to copy header key/values out of the InspectorObject, rather
        than retaining the protocol object indefinitely. This matches the ownership scheme used
        everywhere else.

        * inspector/InspectorResourceAgent.h:
        * inspector/InspectorStyleSheet.h:
        (WebCore::InspectorCSSId::InspectorCSSId):
        * inspector/InspectorWorkerAgent.cpp:
        (WebCore::InspectorWorkerAgent::sendMessageToWorker):
        * inspector/InspectorWorkerAgent.h:

2015-06-18  Anders Carlsson  <andersca@apple.com>

        Remove shouldInterruptJavaScript
        https://bugs.webkit.org/show_bug.cgi?id=146118

        Reviewed by Antti Koivisto.

        The WebKit SPI methods for deciding whether JavaScript execution should be interrupted hasn't been used
        for many releases. Furthermore, they don't make sense in the multi-process architecture since it's still possible
        to interrupt execution (by closing the browser tab or window) from the UI process.

        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::shouldInterruptScript):
        * loader/EmptyClients.h:
        * page/Chrome.cpp:
        (WebCore::Chrome::shouldInterruptJavaScript): Deleted.
        * page/Chrome.h:
        * page/ChromeClient.h:

2015-06-18  Benjamin Poulain  <bpoulain@apple.com>

        [CSS JIT][ARMv7] The pseudo element early exit trashes r6
        https://bugs.webkit.org/show_bug.cgi?id=146078

        Reviewed by Alex Christensen.

        The pseudo element early failure runs before we generate the prologue.
        The reason is that we can often exit immediately on function entry, before
        we even touch any memory.

        On ARMv7, we don't have many spare registers so the MacroAssembler
        uses r6 as a scratch register and the client code is expected to save
        it.

        In the early failure case, we were not pushing r6 before using the MacroAssembler
        and its value could be trashed.

        This patch push the macro assembler registers separately from the prologue.

        For restoring the registers, a new function generateFunctionEnding() encapsulate
        the pop() and ret().

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::SelectorCodeGenerator::pushMacroAssemblerRegisters):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::popMacroAssemblerRegisters):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generatePrologue):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateEpilogue):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateSelectorChecker):

        * cssjit/StackAllocator.h:
        (WebCore::StackAllocator::operator=):
        We have a new case for the stack allocator: some stack changes are conditional
        at compile time instead of runtime. This is easy to deal with by overriding
        the stack if a path is not taken at compile time.

2015-06-17  Conrad Shultz  <conrad_shultz@apple.com>

        REGRESSION: js/dom/navigator-plugins-crash.html asserts a lot
        https://bugs.webkit.org/show_bug.cgi?id=144399

        Reviewed by Darin Adler.

        Earlier work made the array of web-visible plug-ins dynamic, but allowed DOMPlugin (and, indirectly by extension,
        DOMMimeType) to continue keeping a reference to a plug-in in terms of an index into that array. This superficially
        appeared correct since DOMPlugin immutably holds onto a PluginData instance, which in turn immutably holds onto a
        Page instance. PluginStrategy::getWebVisiblePluginInfo() is passed this Page, which is used to determine the contents
        of the plugin array. The expectation was that keeping an index would still be safe since the Page is not changing,
        but this is not strictly correct since relevant attributes of the Page and/or the available plugins may still change.

        It's not entirely clear why the test failures are intermittent and occur only on certain configurations, but address
        them by eliminating the incorrect storage of indexes in favor of keeping copies of the relevant plugin info itself.

        * plugins/DOMMimeType.cpp:
        (WebCore::DOMMimeType::DOMMimeType):
        Instead of storing the MIME type index, retrieve and store the MIME class info and plugin info.
        (WebCore::DOMMimeType::type):
        Directly access the m_mimeClassInfo member.
        (WebCore::DOMMimeType::suffixes):
        Ditto.
        (WebCore::DOMMimeType::description):
        Ditto.
        (WebCore::DOMMimeType::enabledPlugin):
        Directly access the m_pluginInfo member.
        (WebCore::DOMMimeType::mimeClassInfo): Deleted.

        * plugins/DOMMimeType.h:
        Update member variables.

        * plugins/DOMPlugin.cpp:
        (WebCore::DOMPlugin::DOMPlugin):
        Instead of storing the plugin index, store the plugin info directly.
        (WebCore::DOMPlugin::name):
        Directly access m_pluginInfo.
        (WebCore::DOMPlugin::filename):
        Ditto.
        (WebCore::DOMPlugin::description):
        Ditto.
        (WebCore::DOMPlugin::length):
        Ditto.
        (WebCore::DOMPlugin::item):
        Access m_pluginInfo directly; find the matching plug-in based on matching PluginInfo (for which an overloaded
        comparator is supplied below).
        (WebCore::DOMPlugin::pluginInfo): Deleted.

        * plugins/DOMPlugin.h:
        Update member variables.
        (WebCore::DOMPlugin::create):
        Accept a PluginInfo instead of a plugin index.

        * plugins/DOMPluginArray.cpp:
        (WebCore::DOMPluginArray::item):
        (WebCore::DOMPluginArray::namedItem):

        * plugins/PluginData.h:
        (WebCore::operator==):
        Added; compare PluginInfo structs on the basis of member equality.

2015-06-17  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Log blocked loads to the WebInspector console
        https://bugs.webkit.org/show_bug.cgi?id=146089

        Reviewed by Joseph Pecoraro.

        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::processContentExtensionRulesForLoad):
        (WebCore::ContentExtensions::ContentExtensionsBackend::displayNoneCSSRule):
        Log which URLs are blocked and the URL of the page they are blocked from.

2015-06-18  Joseph Pecoraro  <pecoraro@apple.com>

        Crash under WebCore::DOMWindow::dispatchMessageEventWithOriginCheck attempting to log console message
        https://bugs.webkit.org/show_bug.cgi?id=146093

        Reviewed by Timothy Hatcher.

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::dispatchMessageEventWithOriginCheck):
        The console could be null so null check its use.

2015-06-18  Csaba Osztrogonác  <ossy@webkit.org>

        Suppress null-conversion warnings in ANGLE
        https://bugs.webkit.org/show_bug.cgi?id=145125

        Reviewed by Alex Christensen.

        * CMakeLists.txt:

2015-06-18  Youenn Fablet <youenn.fablet@crf.canon.fr> and Xabier Rodriguez Calvar  <calvaris@igalia.com>

        [Streams API] Implement ReadableStreamReader.releaseLock
        https://bugs.webkit.org/show_bug.cgi?id=145299

        Reviewed by Darin Adler.

        Covered by rebased tests.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::close): Moving some close code to newly added releaseReader.
        (WebCore::ReadableStream::releaseReader): Implements reader release and callbacks finalization.
        (WebCore::ReadableStream::changeStateToErrored): Calls releaseReader.
        * Modules/streams/ReadableStream.h:
        (WebCore::ReadableStream::hasReadPendingRequests): Added to enable reader.releaseLock throwing if read requests are pending.
        * Modules/streams/ReadableStreamReader.cpp:
        (WebCore::ReadableStreamReader::releaseLock): Implementation of releaseLock
        * Modules/streams/ReadableStreamReader.h:
        * Modules/streams/ReadableStreamReader.idl:
        (WebCore::releaseLock): Deleted.

2015-06-18  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        GObject and ObjC bindings generator should not generate code for promise-based APIs
        https://bugs.webkit.org/show_bug.cgi?id=146059

        Reviewed by Darin Adler.

        Covered by rebased expectations.

        * bindings/scripts/CodeGeneratorGObject.pm:
        (SkipFunction): Disabling GObject DOM binding for functions returning promises.
        * bindings/scripts/CodeGeneratorObjC.pm:
        (SkipFunction): Disabling ObjC DOM binding for functions returning promises.
        * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp: Rebasing expectation.
        (webkit_dom_test_obj_get_read_only_long_attr): Deleted.
        (webkit_dom_test_obj_get_read_only_string_attr): Deleted.
        * bindings/scripts/test/GObject/WebKitDOMTestObj.h: Rebasing expectation.
        * bindings/scripts/test/ObjC/DOMTestObj.h: Ditto.
        * bindings/scripts/test/ObjC/DOMTestObj.mm: Ditto.
        (core): Deleted.

2015-06-17  Ryuan Choi  <ryuan.choi@navercorp.com>

        [EFL] test_ewk2_context_url_scheme_register has been crashed since r185553
        https://bugs.webkit.org/show_bug.cgi?id=146075

        Reviewed by Carlos Garcia Campos.

        Since r185553, CustomProtocolManager sends StartLoading message to UIProcess
        with request of SoupGenericRequest instead of request itself.
        But, request of SoupGenericRequest is nullptr in EFL port because EFL port
        does not use m_initiatingPageID.

        This patch updates request of SoupGenericRequest although m_initiatingPageID is null.

        * platform/network/soup/ResourceRequestSoup.cpp: 
        (WebCore::ResourceRequest::updateSoupRequest):

2015-06-17  Daniel Bates  <dabates@apple.com>

        Client may receive began editing callback for already focused text field
        https://bugs.webkit.org/show_bug.cgi?id=146074
        <rdar://problem/21293562>

        Reviewed by Darin Adler.

        Fixes an issue where the client would be notified that began editing in a text field
        for each programmatic DOM focus event dispatched at the text field regardless of
        whether the field was focused. The client should only be notified that began editing
        exactly once when a text field becomes focused (either programmatically or by user interaction).

        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::forwardEvent): Move logic to dispatch editing began callback from here...
        (WebCore::TextFieldInputType::handleFocusEvent): to here. This function is called when the
        text field becomes newly focused.
        * html/TextFieldInputType.h:

2015-06-17  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Fail to parse invalid arrays
        https://bugs.webkit.org/show_bug.cgi?id=146079
        rdar://problem/21422649

        Reviewed by Benjamin Poulain.

        Covered by new and corrected API tests.

        * contentextensions/ContentExtensionParser.cpp:
        (WebCore::ContentExtensions::loadTrigger):
        Fail to parse invalid arrays for if-domain, unless-domain, resource-type, and load-type arrays.

2015-06-16  Jon Honeycutt  <jhoneycutt@apple.com>

        Position::findParent() should take a reference
        https://bugs.webkit.org/show_bug.cgi?id=146038

        Reviewed by Darin Adler.

        * dom/Position.cpp:
        (WebCore::Position::containerNode):
        (WebCore::Position::parentAnchoredEquivalent):
        Pass a reference; there is already a null check.
        (WebCore::Position::previous):
        Add a missing null check. Code below this expects that node is non-null.
        (WebCore::Position::next):
        Ditto.
        (WebCore::Position::atStartOfTree):
        (WebCore::Position::atEndOfTree):
        Pass a reference.
        (WebCore::Position::findParent):
        Changed to take a reference.

        * dom/Position.h:
        Ditto.

2015-06-17  Brent Fulgham  <bfulgham@apple.com>

        Overflow regions with scroll snap points are not reliably rubber banding
        https://bugs.webkit.org/show_bug.cgi?id=142522
        <rdar://problem/20100726>

        Reviewed by Darin Adler.

        When computing the target scroll destination, update the nearest snap point index
        and other bookkeeping, but keep the original gesture target if it would have taken
        us beyond either limit of the scroll container.

        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::scrollExtents): Add new method
        to support client API.
        * platform/ScrollAnimator.cpp:
        (WebCore::ScrollAnimator::scrollExtents): Add new method to support client API.
        * platform/ScrollAnimator.h:
        * platform/cocoa/ScrollController.h:
        (WebCore::ScrollControllerClient::scrollExtents): Added new pure virtual method to API.
        * platform/cocoa/ScrollController.mm:
        (WebCore::ScrollController::beginScrollSnapAnimation): Hold onto original user gesture
        target, and use that instead of our nearest snap point if the gesture takes us past
        either extreme of the scroll container.

2015-06-17  Tim Horton  <timothy_horton@apple.com>

        Swipe gesture can get stuck, preventing scrolling and other gestures
        https://bugs.webkit.org/show_bug.cgi?id=146088
        <rdar://problem/16056087>

        Reviewed by Darin Adler.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/spi/mac/NSEventSPI.h: Added.
        Add an SPI header.

2015-06-16  Matt Rajca  <mrajca@apple.com>

        MediaSession: handle MediaEventTrackNext and MediaEventTrackPrevious events
        https://bugs.webkit.org/show_bug.cgi?id=146028

        Reviewed by Darin Adler.

        * Modules/mediasession/MediaRemoteControls.idl: Added nexttrack/previoustrack event handlers.
        * Modules/mediasession/MediaSession.cpp: Dispatch the nexttrack/previoustrack events.
        (WebCore::MediaSession::skipToNextTrack):
        (WebCore::MediaSession::skipToPreviousTrack):
        * Modules/mediasession/MediaSession.h:
        * Modules/mediasession/MediaSessionManager.cpp: Skip to the next/previous track as described in the media session spec.
        (WebCore::MediaSessionManager::skipToNextTrack):
        (WebCore::MediaSessionManager::skipToPreviousTrack):
        * Modules/mediasession/MediaSessionManager.h:
        * dom/EventNames.h: Added the nexttrack/previoustrack event names.
        * page/Page.cpp: Tell MediaSessionManager to handle the new track-skipping events.
        (WebCore::Page::handleMediaEvent):

2015-06-17  Chris Fleizach  <cfleizach@apple.com>

        AX: VoiceOver in iOS not announcing generic WAI-ARIA region, even if labelled properly
        https://bugs.webkit.org/show_bug.cgi?id=146066

        Reviewed by Darin Adler.

        Allow the region role to identify as a landmark type.

        Updated test: platform/ios-simulator/accessibility/landmark-types.html

        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper _accessibilityIsLandmarkRole:]):

2015-06-17  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r173283-r173296): Amazon.com front page has no caret in the search field
        https://bugs.webkit.org/show_bug.cgi?id=146073
        rdar://problem/21022203

        Reviewed by Tim Horton.

        Text controls (text inputs and textareas) need backing store even when empty, because
        they need to be able to paint a caret.

        Test: compositing/backing/form-controls-backing.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::isSimpleContainerCompositingLayer):

2015-06-17  Zalan Bujtas  <zalan@apple.com>

        Selection cache produces invalid result when ancestor has float element.
        https://bugs.webkit.org/show_bug.cgi?id=146042
        rdar://problem/20604592

        Reviewed by Ryosuke Niwa.

        Selection cache already takes floats into account, however it's not enough to check current
        block against floats. Any of the ancestor's float starting from the selection root block
        can impact the selection offsets.

        Test: fast/block/selection-cache-is-incorrect-when-non-direct-parent-has-float.html

        * rendering/LogicalSelectionOffsetCaches.h:
        (WebCore::LogicalSelectionOffsetCaches::ContainingBlockInfo::ContainingBlockInfo):
        (WebCore::LogicalSelectionOffsetCaches::ContainingBlockInfo::setBlock):
        (WebCore::LogicalSelectionOffsetCaches::ContainingBlockInfo::block):
        (WebCore::LogicalSelectionOffsetCaches::ContainingBlockInfo::cache):
        (WebCore::LogicalSelectionOffsetCaches::ContainingBlockInfo::hasFloatsOrFlowThreads):
        (WebCore::LogicalSelectionOffsetCaches::LogicalSelectionOffsetCaches):

2015-06-17  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] Expose element tag name as an object attribute
        https://bugs.webkit.org/show_bug.cgi?id=146062

        Reviewed by Mario Sanchez Prada.

        Expose the element tag name as an object attribute with name "tag" and
        value being the lowercase tag name, both being what Gecko does for ATK.

        No new tests. We already have sufficient coverage for AtkObject attributes.
        These tests have been updated to reflect the addition of the new attribute.

        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (webkitAccessibleGetAttributes):

2015-06-17  Antti Koivisto  <antti@apple.com>

        iOS WebKit1: [LegacyTileLayer drawInContext:] should ensure it has web lock
        https://bugs.webkit.org/show_bug.cgi?id=146072
        rdar://problem/21149759

        Reviewed by Simon Fraser

        There are some scenarios where we end up drawing without web lock due to client or system issues.
        This can cause crashes.

        * platform/ios/LegacyTileLayer.mm:
        (-[LegacyTileLayer setNeedsDisplayInRect:]):
        (-[LegacyTileLayer drawInContext:]):

            Ensure we have the web lock when called in main thread (even though we should have it already).

2015-06-17  Brent Fulgham  <bfulgham@apple.com>

        CSS scroll snap: defining snap points on axis that does not scroll does not work properly
        https://bugs.webkit.org/show_bug.cgi?id=146043
        <rdar://problem/20125511>

        Reviewed by Simon Fraser.

        Tested by css3/scroll-snap/scroll-snap-mismatch.html

        We always seed the set of scroll snap points with the start and end of the scroll container. This is not
        the right behavior if there are no scroll points defined, because we end up creating a snap for the start
        and end of the container, and any scroll gesture just takes us across the entire element.
        
        Instead, when we do not find any scroll snap points, we should clear the snap point state for the container.

        * page/scrolling/AxisScrollSnapOffsets.cpp:
        (WebCore::updateFromStyle): If we did not find any snap points (i.e., the snapOffsets container
        only holds '0', return an empty Vector. 
        (WebCore::updateSnapOffsetsForScrollableArea): If the set of snap points produced by 'updateFromStyle' is empty,
        clear the horizontal (or vertical) snap offsets for the scroll area.
        

2015-06-17  Chris Fleizach  <cfleizach@apple.com>

        AX: input role="spinbutton" gets skipped in voiceover
        https://bugs.webkit.org/show_bug.cgi?id=145514

        Reviewed by Mario Sanchez Prada.

        SpinButton role was added, but left out of iOS.
        To prevent this from happening again, explicitly list every role in the switch statement that
        determines accessible visibility.

        Test: platform/ios-simulator/accessibility/spinbutton.html

        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):
        (-[WebAccessibilityObjectWrapper isAccessibilityElement]):

2015-06-17  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] ReadableJSStream should handle promises returned by JS source pull callback
        https://bugs.webkit.org/show_bug.cgi?id=145965

        Reviewed by Darin Adler.

        Implemented asynchronous pulling.
        In particular, ensuring that doPull is not called as long as previous call to doPull is finished.
        Storing whether to pull automatically when the current pull is finished. 

        Covered by rebased tests.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::pull): stores whether to pull again.
        (WebCore::ReadableStream::finishPulling): called when pulling finishes.
        * Modules/streams/ReadableStream.h:
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::createPullResultFulfilledFunction): The promise resolve callback.
        (WebCore::ReadableJSStream::doPull): Handling of promise.
        * bindings/js/ReadableJSStream.h:

2015-06-16  Carlos Garcia Campos  <cgarcia@igalia.com>

        WebProcess crashes after too many redirect error when there's an active NPAPI plugin
        https://bugs.webkit.org/show_bug.cgi?id=146019

        Reviewed by Darin Adler.

        This happens with the GTK+ port after a navigation action ends up
        in an infinite redirection and the ResourceHandle fails with too
        many redirections error. I should actually happen after any error
        is reported by the ResourceHnalder before the load is
        committed. But tt only happens if there's an active NPAPI
        plugin. The problem is that FrameLoader::receivedMainResourceError()
        is called recursively because DocumentLoader::stopLoading() ends up
        calling mainReceivedError() that calls FrameLoader::receivedMainResourceError()
        again. DocumentLoader::stopLoading() checks if the document is
        still loading, which can happen if the main resource is loading,
        if there's any subresource loading or if there's a plugin
        loading. So, in case of being loading, those cases are handled
        individually to cancel the main resource, or set an error in the
        document loader and cancel subresources and plugins, except for
        this case of plugins, that mainReceivedError is called instead of
        setting cancelled error on the document loader.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::stopLoading): If the document is still
        loading because there are active plugins, set the cancelled error
        on the document instead of calling mainReceivedError again.

2015-06-16  Youenn Fablet <youenn.fablet@crf.canon.fr> and Xabier Rodriguez Calvar  <calvaris@igalia.com>

        [Streams API] Implement ReadableStream locked property
        https://bugs.webkit.org/show_bug.cgi?id=146023

        Reviewed by Darin Adler.

        Covered by rebased tests.

        * Modules/streams/ReadableStream.h:
        (WebCore::ReadableStream::locked): Renamed isLocked by locked.
        * Modules/streams/ReadableStream.idl: Adding locked.
        * bindings/js/JSReadableStreamCustom.cpp:
        (WebCore::JSReadableStream::getReader): Using isLocked.
        * bindings/js/JSReadableStreamReaderCustom.cpp:
        (WebCore::constructJSReadableStreamReader): Using isLocked.

2015-06-16  Myles C. Maxfield  <mmaxfield@apple.com>

        REGRESSION(r184899): [Cocoa] font-variant: small-caps is not honored with web fonts
        https://bugs.webkit.org/show_bug.cgi?id=145873
        <rdar://problem/21314282>

        Reviewed by Dean Jackson.

        When font-variant: small-caps is applied, we create a smaller version of the original font
        and draw capital characters in that smaller font. CGFontRefs do not have an intrinsic size,
        and web fonts historically only had a CGFontRef, which means that there was no need to
        convert the CGFontRef to be smaller (as opposed to regular fonts, which had a CTFontRef and
        therefore needed the conversion). Instead, we just changed m_size, which represents
        the size that the text should be drawn in.

        However, r184899 gave CTFontRefs to web fonts. This means that now the FontPlatformData's
        m_size variable disagreed with the CTFontRef member. The solution here is to unify the web
        font and regular font codepaths, and treat them the same throughout.

        Note that this patch removes the last use of the m_isCustomFont variable. As soon as we
        entirely migrate to CORETEXT_WEB_FONTS, we should delete this variable.

        Test: fast/text/small-caps-web-font.html

        * platform/graphics/cocoa/FontCocoa.mm:
        (WebCore::Font::platformCreateScaledFont): Treat web fonts the same as regular fonts.
        * platform/text/TextFlags.h: Add a comment regarding teh deletion of m_isCustomFont.

2015-06-16  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Implement branch compaction for DFA bytecode.
        https://bugs.webkit.org/show_bug.cgi?id=145619

        Reviewed by Benjamin Poulain.

        This patch adds another pass to the DFABytecodeCompiler which finds where the bytecode from each node
        would be if it were compiled with no branch compaction, then uses that as a worst-case value to determine
        how many bytes are needed to store the relative jump distance.  Then when linking, it will fill in the 
        value as it already did, but with a variable size jump.  The jumps are also now signed distances relative to
        where the jump is stored.

        This patch is covered by existing tests, which have many jumps that are near the -128/127 byte boundary,
        and the switch from 16-bit jumps to 32-bit jumps near the -65536/65535 byte boundary is analogous.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        * contentextensions/DFABytecode.h:
        (WebCore::ContentExtensions::smallestPossibleJumpSize):
        (WebCore::ContentExtensions::instructionSizeWithArguments):
        * contentextensions/DFABytecodeCompiler.cpp:
        (WebCore::ContentExtensions::append):
        (WebCore::ContentExtensions::appendZeroes):
        (WebCore::ContentExtensions::setBits):
        (WebCore::ContentExtensions::appendActionBytecodeSize):
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitAppendAction):
        (WebCore::ContentExtensions::DFABytecodeCompiler::longestPossibleJump):
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitJump):
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitCheckValue):
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitCheckValueRange):
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitTerminate):
        (WebCore::ContentExtensions::DFABytecodeCompiler::compileNode):
        (WebCore::ContentExtensions::DFABytecodeCompiler::compiledNodeMaxBytecodeSize):
        (WebCore::ContentExtensions::DFABytecodeCompiler::ranges):
        (WebCore::ContentExtensions::DFABytecodeCompiler::checkForRangeMaxBytecodeSize):
        (WebCore::ContentExtensions::DFABytecodeCompiler::compileCheckForRange):
        (WebCore::ContentExtensions::DFABytecodeCompiler::nodeTransitionsMaxBytecodeSize):
        (WebCore::ContentExtensions::DFABytecodeCompiler::compileNodeTransitions):
        (WebCore::ContentExtensions::DFABytecodeCompiler::compile):
        (WebCore::ContentExtensions::set32Bits): Deleted.
        * contentextensions/DFABytecodeCompiler.h:
        * contentextensions/DFABytecodeInterpreter.cpp:
        (WebCore::ContentExtensions::getBits):
        (WebCore::ContentExtensions::getInstruction):
        (WebCore::ContentExtensions::jumpSizeInBytes):
        (WebCore::ContentExtensions::getJumpSize):
        (WebCore::ContentExtensions::getJumpDistance):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretAppendAction):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretTestFlagsAndAppendAction):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::actionsForDefaultStylesheetFromDFARoot):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
        * loader/ResourceLoadInfo.h:

2015-06-16  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        [GTK] [Wayland] Should be possible to build with support for both X11 and Wayland.
        https://bugs.webkit.org/show_bug.cgi?id=145701

        Reviewed by Darin Adler.

        No new tests, no behavior changes.

        When building both targets, we have to include the wayland-egl
        headers in order to build the Wayland target. This causes that
        EGLNativePixmapType and EGLNativeWindowType get defined as
        different types than when building only the X11 target.

        By type casting them to the ones that are expected, we are able
        to build both targets at the same time.

        I have done tests (building each target alone as also both targets
        at the same time), and everything seems to works as expected.

        Once built for both targets, if you try to launch the MiniBrowser
        from inside a Wayland compositor (Weston on top of X for example),
        it will trigger the X11 target if the DISPLAY environment variable
        is set and the environment variable GDK_BACKEND is not set to wayland,
        otherwise it will trigger the Wayland target.

        * platform/graphics/GLContext.cpp:
        (WebCore::GLContext::createContextForWindow): Add type casts. We have
        to consider here two different type casts depending on the type of
        GLNativeWindowType to avoid a build failure on 32-bits platforms.
        The static_cast one was already beeing done as an implicit cast
        (from uint64_t to XID), the reinterpret_cast is the new one that
        we need to do only when building on both platforms.
        * platform/graphics/egl/GLContextEGL.cpp: Add missing include when
        building both targets that is required for defining DefaultRootWindow().
        (WebCore::GLContextEGL::createPixmapContext): Add type cast.

2015-06-15  Jon Honeycutt  <jhoneycutt@apple.com>

        [iOS] Crash long pressing on <input type=file>
        https://bugs.webkit.org/show_bug.cgi?id=146009
        <rdar://problem/21234453>

        Reviewed by Ryosuke Niwa.

        * dom/Position.cpp:
        (WebCore::Position::atStartOfTree):
        (WebCore::Position::atEndOfTree):
        Null check the container node before passing it to findParent().

2015-06-15  Chris Fleizach  <cfleizach@apple.com>

        AX:  iOS accessibility tests are not running because we need WKTR support
        https://bugs.webkit.org/show_bug.cgi?id=145991

        Reviewed by Daniel Bates.

        Make some minor modifications to support notification handling in WKTR.

        * accessibility/ios/AXObjectCacheIOS.mm:
        (WebCore::AXObjectCache::postPlatformNotification):
        (WebCore::AXObjectCache::postTextStateChangePlatformNotification):
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper accessibilityClickPoint]):
        (-[WebAccessibilityObjectWrapper description]):
        (-[WebAccessibilityObjectWrapper accessibilitySetPostedNotificationCallback:withContext:]): Deleted.
        (-[WebAccessibilityObjectWrapper accessibilityPostedNotification:]): Deleted.

2015-06-16  Mark Lam  <mark.lam@apple.com>

        Use NakedPtr<Exception>& to return exception results.
        https://bugs.webkit.org/show_bug.cgi?id=145870

        Reviewed by Anders Carlsson and Filip Pizlo.

        No new WebCore tests because this functionality is already covered by existing tests.
        API tests added for WTF::NakedPtr.

        * bindings/js/JSCallbackData.cpp:
        (WebCore::JSCallbackData::invokeCallback):
        * bindings/js/JSCustomXPathNSResolver.cpp:
        (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI):
        * bindings/js/JSErrorHandler.cpp:
        (WebCore::JSErrorHandler::handleEvent):
        * bindings/js/JSEventListener.cpp:
        (WebCore::JSEventListener::handleEvent):
        * bindings/js/JSMainThreadExecState.cpp:
        (WebCore::JSMainThreadExecState::didLeaveScriptContext):
        (WebCore::functionCallHandlerFromAnyThread):
        (WebCore::evaluateHandlerFromAnyThread):
        * bindings/js/JSMainThreadExecState.h:
        (WebCore::JSMainThreadExecState::currentState):
        (WebCore::JSMainThreadExecState::call):
        (WebCore::JSMainThreadExecState::evaluate):
        * bindings/js/JSMutationCallback.cpp:
        (WebCore::JSMutationCallback::call):
        * bindings/js/ScheduledAction.cpp:
        (WebCore::ScheduledAction::executeFunctionInContext):
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::evaluateInWorld):
        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::evaluate):
        (WebCore::WorkerScriptController::setException):
        * bindings/js/WorkerScriptController.h:
        (WebCore::WorkerScriptController::workerGlobalScopeWrapper):
        * bindings/objc/WebScriptObject.mm:
        (-[WebScriptObject callWebScriptMethod:withArguments:]):
        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::importScripts):

2015-06-16  Brent Fulgham  <bfulgham@apple.com>

        CSS Scroll Snap - support snapping to nested elements
        https://bugs.webkit.org/show_bug.cgi?id=145843
        <rdar://problem/21339581>

        Reviewed by Darin Adler.

        Tested by css3/scroll-snap/nested-elements.html

        The Scroll Snap Point implementation was not properly handling nested elements.
        This could be resolved by recursively calling 'appendChildSnapOffsets', but this
        seemed like an inefficient approach, especially considering how often this method
        is called during various scaling and other operations.
        
        Instead, do the following:
        (1) Add a new HashSet to RenderView that holds a collection of RenderElements that
            have scroll-snap-coordinates.
        (2) During RenderElement::styleWillChange, register all elements that have the
            scroll-snap-coordinates style with the RenderView.
        (3) When performing 'appendChildSnapOffsets', refer to the HashSet of elements, select the
            subset of these entries relevant to the current scrolling container, and build up the
            set of scroll-snap-coordinates needed for the current scrolling container.

        * page/scrolling/AxisScrollSnapOffsets.cpp:
        (WebCore::appendChildSnapOffsets): Check the scroll-snap-coordinate RenderElement HashSet
        for the RenderView to find all elements that are children of the current scrolling container.
        Add the scroll-snap-coordinates for these RenderElements to the current set of snap points.
        * rendering/RenderElement.cpp:
        (WebCore::findEnclosingScrollableContainer): New helper function.
        (WebCore::RenderElement::styleWillChange): If the current element has scroll-snap-coordinate
        defined, remember it for later so we can use it with the relevant scrolling container
        after layout completes.
        (WebCore::RenderElement::willBeRemovedFromTree): Unregister the current element from the
        RenderView.
        (WebCore::RenderElement::findEnclosingScrollableContainer): Added. Locate the relevant
        scrolling container for the current object.
        * rendering/RenderElement.h:
        * rendering/RenderView.cpp:
        (WebCore::Document::registerRenderElementWithScrollSnapCoordinates): Added.
        (WebCore::Document::unregisterRenderElementWithScrollSnapCoordinates): Added.
        * rendering/RenderView.h:

2015-06-16  Brady Eidson  <beidson@apple.com>

        [IndexedDB] array index keys are concatenated across cursor lifetime
        <rdar://problem/19684902> and https://bugs.webkit.org/show_bug.cgi?id=138504

        Reviewed by Brady Eidson, patch by Mark Dixon <mark@lowla.io>

        Tested by:
        storage/indexeddb/keypath-arrays.html

        IDBKeyData and IDBKeyPath need to clear any existing array values before calling
        decodeObjects to update the value of an existing object.
        
        * Modules/indexeddb/IDBKeyData.cpp:
        (WebCore::IDBKeyData::decode):
        * Modules/indexeddb/IDBKeyPath.cpp:
        (WebCore::IDBKeyPath::decode):

2015-06-16  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Canvas dimensions should be limited to 4096x4096 pixels on iOS devices.
        https://bugs.webkit.org/show_bug.cgi?id=145998

        Reviewed by Darin Adler.

        The value of MaxCanvasArea should depend on the platform. If the platform
        is iOS, the limit should be 64M. Otherwise the limit should be 1G.

        Test: fast/canvas/pattern-too-large-to-create-2.html

        * html/HTMLCanvasElement.cpp: Change MaxCanvasArea value based on the platform. 
        
        * rendering/svg/RenderSVGShape.h:
        (WebCore::RenderSVGShape::graphicsElement): Remove un-implemented constructor.

2015-06-16  Chris Dumez  <cdumez@apple.com>

        REGRESSION(r185012): chat frame in Gmail now says "Something's not right"
        https://bugs.webkit.org/show_bug.cgi?id=146025
        <rdar://problem/21391412>

        Reviewed by Darin Adler.

        Only throttle timers in non-visible iframes once they've reached the
        max nesting level to avoid throttling critical one-shot timers. This is
        consistent with the default DOMTimer throttling behavior that is
        defined in the specification.

        Power-wise, we are mostly interested in DOMTimers that fire frequently
        and cause high CPU usage over an extended period of time anyway.

        * dom/Document.cpp:
        (WebCore::Document::setTimerThrottlingEnabled):
        (WebCore::Document::timerAlignmentInterval):
        * dom/Document.h:
        * dom/ScriptExecutionContext.cpp:
        (WebCore::ScriptExecutionContext::timerAlignmentInterval):
        * dom/ScriptExecutionContext.h:
        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::alignedFireTime):

2015-06-16  sylvain-galineau  <galineau@adobe.com>

        Incorrect order of arguments in initial-letter property
        https://bugs.webkit.org/show_bug.cgi?id=139667

        Reviewed by Sam Weinig.

        The CSS specification swapped the order of the initial-letters numeric values.
        The drop cap's height now comes first, followed by its optional vertical position.
        See http://www.w3.org/TR/css-inline/#sizing-drop-initials.
         
        No new tests. Existing tests updated.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue): swap arguments to reflect new spec order.

2015-06-16  Alex Christensen  <achristensen@webkit.org>

        Remove some unused values.
        https://bugs.webkit.org/show_bug.cgi?id=145997

        Reviewed by Gyuyoung Kim.

        This patch should have no change in behavior.

        * accessibility/AccessibilityObject.cpp:
        (WebCore::computeBestScrollOffset):
        (WebCore::AccessibilityObject::scrollToMakeVisibleWithSubFocus):
        (WebCore::AccessibilityObject::scrollToGlobalPoint):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::validateTexFuncData):
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::validateTexFuncData):
        * platform/graphics/StringTruncator.cpp:
        (WebCore::leftTruncateToBuffer):
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::paintCurrentFrameInContext):
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::localSelectionRect):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::anchorRect):
        * rendering/SimpleLineLayoutTextFragmentIterator.cpp:
        (WebCore::SimpleLineLayout::TextFragmentIterator::skipToNextPosition):
        * rendering/svg/SVGTextQuery.cpp:
        (WebCore::SVGTextQuery::modifyStartEndPositionsRespectingLigatures):
        Remove unused values.

2015-06-16  Youenn Fablet <youenn.fablet@crf.canon.fr> and Xabier Rodriguez Calvar  <calvaris@igalia.com>

        [Streams API] Calling controller.error() should trigger storing an undefined error
        https://bugs.webkit.org/show_bug.cgi?id=145976

        Reviewed by Darin Adler.

        Covered by rebased test.

        * bindings/js/JSReadableStreamControllerCustom.cpp:
        (WebCore::JSReadableStreamController::error): Storing undefined if no error value passed.
        * bindings/js/ReadableJSStream.cpp: Removed storeError(ExecState*).
        (WebCore::ReadableJSStream::ReadableJSStream):

2015-06-16  Chris Dumez  <cdumez@apple.com>

        Purge StyledElement's presentation attribute cache on memory pressure
        https://bugs.webkit.org/show_bug.cgi?id=145999
        <rdar://problem/21359252>

        Reviewed by Andreas Kling.

        Purge StyledElement's presentation attribute cache on memory pressure.

        * dom/StyledElement.cpp:
        (WebCore::presentationAttributeCache):
        (WebCore::presentationAttributeCacheCleaner):
        (WebCore::StyledElement::clearPresentationAttributeCache):
        * dom/StyledElement.h:
        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::releaseNoncriticalMemory):

2015-06-15  Brent Fulgham  <bfulgham@apple.com>

        REGRESSION(r175251, Mavericks Only): Playback may stall
        https://bugs.webkit.org/show_bug.cgi?id=145989
        <rdar://problem/21271919>

        Unreviewed post-review correction.

        Dave Kilzer pointed out that the macro around the waitForVideoOutputMediaDataWillChange
        call was incorrect. This patch corrects this error.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoOutput): Correct the
        macro definition.

2015-06-15  Chris Fleizach  <cfleizach@apple.com>

        AX: Changing state of radio buttons causes VoiceOver to go busy for a short time.
        https://bugs.webkit.org/show_bug.cgi?id=145933

        Reviewed by Dean Jackson.

        When radio buttons animate the new focus selection state, the thread activity looks a lot like short burst of
        activity to draw, then wait on CoreAnimation to apply those changes.

        Since those periods of activity during animation are so short, VoiceOver is not able to query for all the
        attributes it needs, and gets stuck in the queue behind rendering.

        The fix here is to turn off button state animations while VoiceOver is running.

        * platform/mac/ThemeMac.mm:
        (WebCore::updateStates):

2015-06-15  Zalan Bujtas  <zalan@apple.com>

        RootInlineBox::m_lineBreakObj becomes invalid when a child renderer is removed and the line does not get marked dirty.
        https://bugs.webkit.org/show_bug.cgi?id=145988
        rdar://problem/20959137

        Reviewed by David Hyatt.

        This patch ensures that we find the right first inline box so that we can dirty the
        the appropriate line boxes.
        With marking the right line boxes dirty, now we can update RootInlineBox::m_lineBreakObj at the next layout.

        Test: fast/inline/crash-when-child-renderer-is-removed-and-line-stays-clean.html

        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::culledInlineFirstLineBox):
        (WebCore::RenderInline::culledInlineLastLineBox):
        * rendering/RootInlineBox.cpp:
        (WebCore::RootInlineBox::setLineBreakInfo): Deleted. Remove misleading assert and comment.

2015-06-15  Matt Rajca  <mrajca@apple.com>

        Media Session: Improve the safety of playback toggling
        https://bugs.webkit.org/show_bug.cgi?id=145986

        Reviewed by Darin Adler.

        * Modules/mediasession/MediaSession.cpp:
        (WebCore::MediaSession::togglePlayback): Improved the safety of the loop so that we don't re-visit elements that
          may have been deleted underneath us.
        * Modules/mediasession/MediaSession.h: Added a pointer to the set of iterated active participating elements so
          we can remove any elements that are deleted from the underlying "real" set.

2015-06-15  Brent Fulgham  <bfulgham@apple.com>

        REGRESSION(r175251, Mavericks Only): Playback may stall
        https://bugs.webkit.org/show_bug.cgi?id=145989
        <rdar://problem/21271919>

        Reviewed by Dean Jackson.

        Revert r175251 for Mavericks build targets.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoLayer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoOutput):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::paintWithVideoOutput):

2015-06-15  Darin Adler  <darin@apple.com>

        REGRESSION (r182215): Reproducible crash at drawsvg.org due to reentrant layout
        https://bugs.webkit.org/show_bug.cgi?id=145964

        Reviewed by Simon Fraser.

        Test: svg/as-object/mutate-on-load.html

        * page/FrameView.cpp:
        (WebCore::FrameView::forceLayoutParentViewIfNeeded): Don't do a synchronous layout here,
        because it can lead indirectly to unwanted layout reentrancy. Instead schedule a layout.

2015-06-15  Matt Rajca  <mrajca@apple.com>

        Media Session: Active participating elements can change while being iterated 
        https://bugs.webkit.org/show_bug.cgi?id=145978

        Reviewed by Alex Christensen.

        * Modules/mediasession/MediaSession.cpp:
        (WebCore::MediaSession::togglePlayback): Iterate through a copy of m_activeParticipatingElements since its contents
          can be modified in the loop.

2015-06-15  Chris Fleizach  <cfleizach@apple.com>

        AX: no accessibility support for details element
        https://bugs.webkit.org/show_bug.cgi?id=131111

        Reviewed by Darin Adler.

        Add accessibility support for Mac for details element by:
           1) Returning new subroles for <details> and <summary>
           2) Exposing isExpanded property for <details> element.

        Test: platform/mac/accessibility/details-summary.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::supportsARIAPressed):
        (WebCore::AccessibilityObject::supportsExpanded):
        (WebCore::AccessibilityObject::isExpanded):
        (WebCore::AccessibilityObject::supportsARIAExpanded): Deleted.
        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::canvasHasFallbackContent):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored):
        (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper accessibilitySupportsARIAExpanded]):
        (-[WebAccessibilityObjectWrapper accessibilityIsExpanded]):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper additionalAccessibilityAttributeNames]):
        (createAccessibilityRoleMap):
        (-[WebAccessibilityObjectWrapper subrole]):
        * html/HTMLDetailsElement.h:
        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::buildObjectForAccessibilityProperties):

2015-06-15  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Limit number of rules.
        https://bugs.webkit.org/show_bug.cgi?id=145663

        Reviewed by Benjamin Poulain.

        Added an API test to make sure that parsing fails when there are too many rules.

        * contentextensions/ContentExtensionError.cpp:
        (WebCore::ContentExtensions::contentExtensionErrorCategory):
        * contentextensions/ContentExtensionError.h:
        * contentextensions/ContentExtensionParser.cpp:
        (WebCore::ContentExtensions::loadEncodedRules):
        Fail to parse a content extension with more than 50000 rules.

2015-06-12  Alexey Proskuryakov  <ap@apple.com>

        -[WKWebView evaluateJavaScript] provides a misleading error when the return cannot be serialized
        https://bugs.webkit.org/show_bug.cgi?id=145900

        Reviewed by Sam Weinig.

        * English.lproj/Localizable.strings:

2015-06-15  Carlos Garcia Campos  <cgarcia@igalia.com>

        [SOUP] Custom URI schemes don't work for requests containing a fragment identifier
        https://bugs.webkit.org/show_bug.cgi?id=145969

        Reviewed by Sergio Villar Senin.

        For URIs like foo:bar#baz, what the custom protocol manager
        receives in the UI process is foo:bar, so the user can't handle fragments.

        * platform/network/soup/ResourceRequestSoup.cpp:
        (WebCore::ResourceRequest::updateSoupRequest): If the SoupRequest
        is a WebKitSoupRequestGeneric, call
        webkitSoupRequestGenericSetRequest with the ResourceRequest.
        * platform/network/soup/WebKitSoupRequestGeneric.cpp:
        (webkitSoupRequestGenericSetRequest):
        (webkitSoupRequestGenericGetRequest):
        * platform/network/soup/WebKitSoupRequestGeneric.h:

2015-06-15  Carlos Garcia Campos  <cgarcia@igalia.com>

        [SOUP] Move WebKitSoupRequestGeneric to platform layer
        https://bugs.webkit.org/show_bug.cgi?id=145968

        Reviewed by Sergio Villar Senin.

        * PlatformEfl.cmake:
        * PlatformGTK.cmake:
        * platform/network/soup/WebKitSoupRequestGeneric.cpp: Renamed from Source/WebKit2/WebProcess/soup/WebKitSoupRequestGeneric.cpp.
        (webkitSoupRequestGenericFinalize):
        (webkit_soup_request_generic_init):
        (webkitSoupRequestGenericSendAsync):
        (webkitSoupRequestGenericSendFinish):
        (webkitSoupRequestGenericGetContentLength):
        (webkitSoupRequestGenericGetContentType):
        (webkit_soup_request_generic_class_init):
        (webkitSoupRequestGenericSetContentLength):
        (webkitSoupRequestGenericSetContentType):
        * platform/network/soup/WebKitSoupRequestGeneric.h: Renamed from Source/WebKit2/WebProcess/soup/WebKitSoupRequestGeneric.h.
        * platform/network/soup/WebKitSoupRequestGenericClient.h: Renamed from Source/WebKit2/WebProcess/soup/WebKitSoupRequestGenericClient.h.

2015-06-13  Chris Dumez  <cdumez@apple.com>

        [WK2] API::Navigation objects are leaked on history navigation to HistoryItems in PageCache
        https://bugs.webkit.org/show_bug.cgi?id=145948

        Reviewed by Darin Adler.

        API::Navigation objects were leaked on history navigation to
        HistoryItems in PageCache. In such case, we would create 2 Navigation
        objects instead of 1 and the first one would be leaked. The reason
        we create the second one is because we fail to pass along the
        navigationID from the UIProcess to the WebProcess and then back to the
        UIProcess. On the IPC back to the UIProcess, the navigationID ends up
        being 0 so the UIProcess creates a new Navigation object, thinking that
        the load was triggered by the WebContent process.

        We now pass along the navigationID, even if the HistoryItem is in the
        PageCache and we end up reusing the cached DocumentLoader, instead of
        creating a new one. A new updateCachedDocumentLoader() delegate is
        added to the FrameLoaderClient, similarly to the pre-existing
        createDocumentLoader() but for the case where the DocumentLoader gets
        reused.

        * loader/EmptyClients.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        * loader/FrameLoaderClient.h:

2015-06-13  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] ReadableJSStream should handle promises returned by JS source start callback
        https://bugs.webkit.org/show_bug.cgi?id=145792

        Reviewed by Darin Adler.

        Covered by rebased tests.

        When calling start callback, the returned value is checked.
        If it is not a promise, we do as if it is a resolved promise.
        If it is a promise, we call its then() method with two resolve/reject JS functions.

        * Modules/streams/ReadableStream.cpp:
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::invoke): Returns a JSPromise* if any is returned by the JS source callback.
        (WebCore::thenPromise): Utility method to call the promise.
        (WebCore::createStartResultFulfilledFunction): The promise resolve callback.
        (WebCore::ReadableJSStream::doStart): Calls thenPromise if a JSPromise* is returned by invoke.
        (WebCore::ReadableJSStream::ReadableJSStream):
        * bindings/js/ReadableJSStream.h:

2015-06-13  Andres Gonzalez  <agonzalez334@nc.rr.com>

        AX: WebKit exposes all Ruby Text as Unknown (Japanese EPUB accessibility blocker)
        https://bugs.webkit.org/show_bug.cgi?id=141303

        Reviewed by Chris Fleizach.

        Test: accessibility/ruby-hierarchy-roles.html

        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored):
        (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (createAccessibilityRoleMap):
        (-[WebAccessibilityObjectWrapper subrole]):

2015-06-12  Chris Fleizach  <cfleizach@apple.com>

        AX: iOS: after updating control, VoiceOver speaks aria-expanded states reversed (says "collapsed" when "expanded")
        https://bugs.webkit.org/show_bug.cgi?id=145943

        Reviewed by Darin Adler.

        iOS Accessibility platform needs to be notified of when aria expanded changes.

        * accessibility/ios/AXObjectCacheIOS.mm:
        (WebCore::AXObjectCache::postPlatformNotification):
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.h:
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper postValueChangedNotification]):
        (-[WebAccessibilityObjectWrapper postExpandedChangedNotification]):
        (-[WebAccessibilityObjectWrapper postScrollStatusChangeNotification]):

2015-06-12  Chris Fleizach  <cfleizach@apple.com>

        AX:ARIA Toggle buttons aren't properly conveyed on iOS using VoiceOver
        https://bugs.webkit.org/show_bug.cgi?id=145949

        Reviewed by Darin Adler.

        Expose pressed state information to the iOS platform AX API.

        Test: Updated inspector-protocol/dom/getAccessibilityPropertiesForNode.html 
              There was a FIXME for this issue in that test: https://bugs.webkit.org/show_bug.cgi?id=129830

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::isPressed):
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::classList):
        (WebCore::AccessibilityObject::supportsARIAPressed):
        (WebCore::AccessibilityObject::supportsARIAExpanded):
        * accessibility/AccessibilityObject.h:
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper accessibilityARIALiveRegionIsAtomic]):
        (-[WebAccessibilityObjectWrapper accessibilitySupportsARIAPressed]):
        (-[WebAccessibilityObjectWrapper accessibilityIsPressed]):
        (-[WebAccessibilityObjectWrapper accessibilitySupportsARIAExpanded]):

2015-06-12  Gyuyoung Kim  <gyuyoung.kim@webkit.org>

        Purge PassRefPtr in JavaScriptCore - 2
        https://bugs.webkit.org/show_bug.cgi?id=145834

        Reviewed by Darin Adler.

        Fix call sites depends on changing of JSC.

        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::getParameter):
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::getParameter):
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::getUniform):
        (WebCore::WebGLRenderingContextBase::getVertexAttrib):
        (WebCore::WebGLRenderingContextBase::getWebGLFloatArrayParameter):
        (WebCore::WebGLRenderingContextBase::getWebGLIntArrayParameter):

2015-06-12  Zalan Bujtas  <zalan@apple.com>

        Be more defensive at renderer type checking when initializing flow segments.
        https://bugs.webkit.org/show_bug.cgi?id=145942

        Reviewed by Simon Fraser.

        FlowContents::initializeSegments should ignore unsupported renderers so that when we miss
        a simple line layout path invalidation, we don't downcast the unsupported renderer to RenderText.

        I have not reproduced this issue (but related to rdar://problem/21312452)

        * rendering/SimpleLineLayoutFlowContents.cpp:
        (WebCore::SimpleLineLayout::initializeSegments):

2015-06-12  Anders Carlsson  <andersca@apple.com>

        deleteEmptyDirectory should delete .DS_Store files on OS X
        https://bugs.webkit.org/show_bug.cgi?id=145944

        Reviewed by Dan Bernstein.

        deleteEmptyDirectory is often used when clearing website data, so we should
        take extra care to delete empty directories so the user won't think that clearing
        website data didn't do anything because it would leave directories with .DS_Store 
        files behind.

        * platform/mac/FileSystemMac.mm:
        (WebCore::deleteEmptyDirectory):
        * platform/posix/FileSystemPOSIX.cpp:

2015-06-12  Manuel Rego Casasnovas  <rego@igalia.com>

        [CSS Grid Layout] Fix grid-template-areas parsing to avoid spaces
        https://bugs.webkit.org/show_bug.cgi?id=145860

        Reviewed by Sergio Villar Senin.

        The spec doesn't require to have spaces between unnamed and named areas
        in grid-template-areas syntax. But spaces are currently required in our
        code.

        This was confirmed in the CSS WG mailing list:
        https://lists.w3.org/Archives/Public/www-style/2015May/0239.html

        This patch updates grid-template-areas parsing to allow the possibility
        of removing spaces between unnamed and named areas.

        Added new cases to fast/css-grid-layout/grid-template-areas-get-set.html.

        * css/CSSParser.cpp:
        (WebCore::parseGridTemplateAreasColumnNames): New helper method to
        determine the column names split by white spaces or dots.
        (WebCore::CSSParser::parseGridTemplateAreasRow): Use the new helper
        method to get the column names.
        (WebCore::containsOnlyDots): Deleted. Not needed anymore as
        parseGridTemplateAreasColumnNames() is using a single dot for unnamed
        grid areas (despite of being defined with 1 or more dots).

2015-06-12  Eric Carlson  <eric.carlson@apple.com>

        [Mac] AirPlay menu button doesn't always show on page load
        https://bugs.webkit.org/show_bug.cgi?id=145936

        Reviewed by Brent Fulgham.

        * Modules/mediasession/WebMediaSessionManager.cpp:
        (WebCore::mediaProducerStateString): New, return a string representing MediaStateFlags.
        (WebCore::WebMediaSessionManager::clientStateDidChange): Log the states as strings.
        (WebCore::WebMediaSessionManager::toString): New, return a string representing ConfigurationTasks.
        (WebCore::WebMediaSessionManager::scheduleDelayedTask): Add logging.
        (WebCore::WebMediaSessionManager::taskTimerFired): Add logging.
        * Modules/mediasession/WebMediaSessionManager.h:

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h: Override wirelessVideoPlaybackDisabled
          so it is possible to activate route monitoring for a movie loaded with this engine.
        * platform/graphics/mac/MediaPlayerPrivateQTKit.h: Ditto.

2015-06-12  Zan Dobersek  <zdobersek@igalia.com>

        Add the remaining missing override specifiers under Source/WebCore/
        https://bugs.webkit.org/show_bug.cgi?id=145907

        Reviewed by Darin Adler.

        Fix the remaining compiler warnings about missing override specifiers
        for overriding method declarations in classes under Source/WebCore/.

        Where the addition had to be performed on all virtual methods of the
        class, the virtual specifier was removed so now only the override
        specifier is in use.

        * Modules/indexeddb/IDBOpenDBRequest.h:
        * Modules/indexeddb/IDBRequest.h:
        * Modules/webdatabase/DatabaseServer.h:
        * bindings/js/ReadableJSStream.h:
        * editing/InsertTextCommand.h:
        * mathml/MathMLInlineContainerElement.h:
        * platform/audio/EqualPowerPanner.h:
        (WebCore::EqualPowerPanner::reset):
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::NullMediaPlayerPrivate::load):
        (WebCore::NullMediaPlayerPrivate::cancelLoad):
        (WebCore::NullMediaPlayerPrivate::prepareToPlay):
        (WebCore::NullMediaPlayerPrivate::play):
        (WebCore::NullMediaPlayerPrivate::pause):
        (WebCore::NullMediaPlayerPrivate::platformMedia):
        (WebCore::NullMediaPlayerPrivate::platformLayer):
        (WebCore::NullMediaPlayerPrivate::naturalSize):
        (WebCore::NullMediaPlayerPrivate::hasVideo):
        (WebCore::NullMediaPlayerPrivate::hasAudio):
        (WebCore::NullMediaPlayerPrivate::setVisible):
        (WebCore::NullMediaPlayerPrivate::durationDouble):
        (WebCore::NullMediaPlayerPrivate::currentTimeDouble):
        (WebCore::NullMediaPlayerPrivate::seekDouble):
        (WebCore::NullMediaPlayerPrivate::seeking):
        (WebCore::NullMediaPlayerPrivate::setRateDouble):
        (WebCore::NullMediaPlayerPrivate::setPreservesPitch):
        (WebCore::NullMediaPlayerPrivate::paused):
        (WebCore::NullMediaPlayerPrivate::setVolumeDouble):
        (WebCore::NullMediaPlayerPrivate::supportsMuting):
        (WebCore::NullMediaPlayerPrivate::setMuted):
        (WebCore::NullMediaPlayerPrivate::hasClosedCaptions):
        (WebCore::NullMediaPlayerPrivate::setClosedCaptionsVisible):
        (WebCore::NullMediaPlayerPrivate::networkState):
        (WebCore::NullMediaPlayerPrivate::readyState):
        (WebCore::NullMediaPlayerPrivate::maxTimeSeekableDouble):
        (WebCore::NullMediaPlayerPrivate::minTimeSeekable):
        (WebCore::NullMediaPlayerPrivate::buffered):
        (WebCore::NullMediaPlayerPrivate::totalBytes):
        (WebCore::NullMediaPlayerPrivate::didLoadingProgress):
        (WebCore::NullMediaPlayerPrivate::setSize):
        (WebCore::NullMediaPlayerPrivate::canLoadPoster):
        (WebCore::NullMediaPlayerPrivate::setPoster):
        (WebCore::NullMediaPlayerPrivate::hasSingleSecurityOrigin):
        * platform/graphics/filters/DistantLightSource.h:
        * platform/graphics/filters/FEComposite.h:
        * platform/graphics/filters/FEDisplacementMap.h:
        (WebCore::FEDisplacementMap::determineAbsolutePaintRect):
        * platform/graphics/filters/FEFlood.h:
        (WebCore::FEFlood::determineAbsolutePaintRect):
        * platform/graphics/filters/PointLightSource.h:
        * platform/graphics/filters/SpotLightSource.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        (WebCore::MediaPlayerPrivateGStreamer::hasVideo):
        (WebCore::MediaPlayerPrivateGStreamer::hasAudio):
        (WebCore::MediaPlayerPrivateGStreamer::audioSourceProvider):
        (WebCore::MediaPlayerPrivateGStreamer::engineDescription):
        (WebCore::MediaPlayerPrivateGStreamer::isLiveStream):
        (WebCore::MediaPlayerPrivateGStreamer::totalVideoFrames):
        (WebCore::MediaPlayerPrivateGStreamer::droppedVideoFrames):
        (WebCore::MediaPlayerPrivateGStreamer::corruptedVideoFrames):
        (WebCore::MediaPlayerPrivateGStreamer::totalFrameDelay):
        * platform/graphics/texmap/BitmapTextureGL.h:
        (WebCore::BitmapTextureGL::isBackedByOpenGL):
        * platform/graphics/transforms/Matrix3DTransformOperation.h:
        * platform/graphics/transforms/MatrixTransformOperation.h:
        * platform/graphics/transforms/PerspectiveTransformOperation.h:
        * platform/graphics/transforms/RotateTransformOperation.h:
        * platform/graphics/transforms/ScaleTransformOperation.h:
        * platform/graphics/transforms/SkewTransformOperation.h:
        * platform/image-decoders/png/PNGImageDecoder.h:
        (WebCore::PNGImageDecoder::filenameExtension):
        * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.h:
        * platform/mock/MockRealtimeMediaSourceCenter.h:

2015-06-12  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r185512.
        https://bugs.webkit.org/show_bug.cgi?id=145932

        Many asserts on layout tests and on API tests (Requested by
        ap_ on #webkit).

        Reverted changeset:

        "Use modern for-loops in WebCore/rendering - 1"
        https://bugs.webkit.org/show_bug.cgi?id=145831
        http://trac.webkit.org/changeset/185512

2015-06-12  Simon Fraser  <simon.fraser@apple.com>

        OpenGLESSPI.h doesn't need to include UIKit.h
        https://bugs.webkit.org/show_bug.cgi?id=145931

        Reviewed by Darin Adler.

        No need to suck in all of UIKit from OpenGLESSPI.h.

        * platform/spi/ios/OpenGLESSPI.h:

2015-06-12  Matt Rajca  <mrajca@apple.com>

        Add barebones implementation of media session invocation algorithm.
        https://bugs.webkit.org/show_bug.cgi?id=145847

        Reviewed by Darin Adler.

        * Modules/mediasession/MediaSession.cpp:
        (WebCore::MediaSession::invoke): Move the media session to an active state.
        * Modules/mediasession/MediaSession.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::playInternal): Call the media session invocation algorithm as described in the
          Media Session spec.

2015-06-12  Hunseop Jeong  <hs85.jeong@samsung.com>

        Use modern for-loops in WebCore/rendering - 1
        https://bugs.webkit.org/show_bug.cgi?id=145831

        Reviewed by Darin Adler.

        No new tests because there is no behavior change.

        * rendering/AutoTableLayout.cpp:
        (WebCore::AutoTableLayout::computeIntrinsicLogicalWidths):
        (WebCore::AutoTableLayout::calcEffectiveLogicalWidth):
        * rendering/FilterEffectRenderer.cpp:
        (WebCore::FilterEffectRenderer::build):
        (WebCore::FilterEffectRenderer::clearIntermediateResults):
        * rendering/FilterEffectRenderer.h:
        * rendering/FloatingObjects.cpp:
        (WebCore::FloatingObjects::clearLineBoxTreePointers):
        (WebCore::FloatingObjects::moveAllToFloatInfoMap):
        (WebCore::FloatingObjects::computePlacedFloatsTree):
        * rendering/FlowThreadController.cpp:
        (WebCore::FlowThreadController::collectFixedPositionedLayers):
        * rendering/HitTestResult.cpp:
        (WebCore::HitTestResult::append):
        * rendering/ImageQualityController.cpp:
        (WebCore::ImageQualityController::highQualityRepaintTimerFired):
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::paint):
        * rendering/RenderBlock.cpp:
        (WebCore::removeBlockFromDescendantAndContainerMaps):
        (WebCore::RenderBlock::addOverflowFromPositionedObjects):
        (WebCore::RenderBlock::dirtyForLayoutFromPercentageHeightDescendants):
        (WebCore::RenderBlock::simplifiedNormalFlowLayout):
        (WebCore::RenderBlock::layoutPositionedObjects):
        (WebCore::RenderBlock::markPositionedObjectsForLayout):
        (WebCore::RenderBlock::paintContinuationOutlines):
        (WebCore::clipOutPositionedObjects):
        (WebCore::RenderBlock::removeFromTrackedRendererMaps):
        (WebCore::RenderBlock::removePositionedObjects):
        (WebCore::RenderBlock::checkPositionedObjectsNeedLayout):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::rebuildFloatingObjectSetFromIntrudingFloats):
        (WebCore::RenderBlockFlow::styleDidChange):
        (WebCore::RenderBlockFlow::moveFloatsTo):
        (WebCore::RenderBlockFlow::addOverflowFromFloats):
        (WebCore::RenderBlockFlow::repaintOverhangingFloats):
        (WebCore::RenderBlockFlow::paintFloats):
        (WebCore::RenderBlockFlow::clipOutFloatingObjects):
        (WebCore::RenderBlockFlow::lowestFloatLogicalBottom):
        (WebCore::RenderBlockFlow::lowestInitialLetterLogicalBottom):
        (WebCore::RenderBlockFlow::addOverhangingFloats):
        (WebCore::RenderBlockFlow::addIntrudingFloats):
        (WebCore::RenderBlockFlow::markSiblingsWithFloatsForLayout):
        (WebCore::RenderBlockFlow::adjustForBorderFit):
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::setLogicalWidthForTextRun):
        (WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange):
        (WebCore::RenderBlockFlow::linkToEndLineIfNeeded):
        (WebCore::RenderBlockFlow::repaintDirtyFloats):
        (WebCore::RenderBlockFlow::layoutLineBoxes):
        (WebCore::RenderBlockFlow::checkFloatsInCleanLine):
        (WebCore::RenderBlockFlow::determineStartPosition):
        (WebCore::RenderBlockFlow::checkPaginationAndFloatsAtEndLine):
        * rendering/RenderCounter.cpp:
        (WebCore::RenderCounter::destroyCounterNodes):
        (WebCore::updateCounters):
        (WebCore::RenderCounter::rendererStyleChanged):
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::autoMarginOffsetInMainAxis):
        (WebCore::RenderFlexibleBox::freezeViolations):
        (WebCore::RenderFlexibleBox::resolveFlexibleLengths):
        (WebCore::RenderFlexibleBox::numberOfInFlowPositionedChildren):
        (WebCore::RenderFlexibleBox::layoutColumnReverse):
        (WebCore::RenderFlexibleBox::alignFlexLines):
        (WebCore::RenderFlexibleBox::alignChildren):
        (WebCore::RenderFlexibleBox::flipForWrapReverse):
        * rendering/RenderFlowThread.cpp:
        (WebCore::RenderFlowThread::updateAllLayerToRegionMappings):
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::addAnnotatedRegions):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::updateDescendantsAreContiguousInStackingOrder):
        (WebCore::RenderLayer::updateDescendantDependentFlags):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::descendantLayerPaintsIntoAncestor):
        (WebCore::RenderLayerBacking::startAnimation):
        * rendering/RenderLineBoxList.cpp:
        (WebCore::RenderLineBoxList::paint):
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::updateFromElement):
        * rendering/RenderMenuList.cpp:
        (WebCore::selectedOptionCount):
        (RenderMenuList::updateOptionsWidth):
        * rendering/RenderMultiColumnSet.cpp:
        (WebCore::RenderMultiColumnSet::distributeImplicitBreaks):

2015-06-12  Csaba Osztrogonác  <ossy@webkit.org>

        Fix unused private field warning in ResourceHandleSoup.cpp
        https://bugs.webkit.org/show_bug.cgi?id=145910

        Reviewed by Darin Adler.

        * platform/network/soup/ResourceHandleSoup.cpp:

2015-06-12  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: CRASH trying to inspect text that was removed/replaced
        https://bugs.webkit.org/show_bug.cgi?id=145898

        Reviewed by Darin Adler.

        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::inspect):
        (WebCore::InspectorDOMAgent::focusNode):
        Ensure we only cause focusNode with a node to focus. If the original
        node that was provided is no longer in the document, then we won't
        actually find a node to inspect.

2015-06-12  KwangHyuk Kim  <hyuki.kim@samsung.com>

        [EFL] canvas/philip/tests/toDataURL.jpeg.foo tests have been failed since r185417.
        https://bugs.webkit.org/show_bug.cgi?id=145878

        Reviewed by Gyuyoung Kim.

        Fix input buffer alignment issue.

        No new tests, canvas/philip/tests/toDataURL.jpeg.foo can be used.

        * platform/graphics/efl/ImageBufferEfl.cpp:
        (WebCore::encodeImagePNG):
        (WebCore::encodeImageJPEG):
        (WebCore::ImageBuffer::toDataURL):

2015-06-12  Zan Dobersek  <zdobersek@igalia.com>

        Add missing override specifiers under Source/WebCore/svg/
        https://bugs.webkit.org/show_bug.cgi?id=145841

        Reviewed by Darin Adler.

        Add missing override specifiers to virtual method overrides for classes
        under Source/WebCore/svg/, suppressing a bunch of warnings when compiling
        with Clang 3.6.

        Add the BEGIN_DECLARE_ANIMATED_PROPERTIES_BASE() macro that doesn't
        override the localAttributeToPropertyMap() method declaration, and
        have the BEGIN_DECLARE_ANIMATED_PROPERTIES() macro add the override
        specifier. The new macro is used in SVGElement.

        Change the DECLARE_ANIMATED_PROPERTY() to accept the optional override
        specifier as the fifth parameter. Current DECLARE_ANIMATED_*() macros
        are modified to just pass an empty argument, not adding any specifier.
        DECLARE_ANIMATED_BOOLEAN_OVERRIDE() and DECLARE_ANIMATED_STRING_OVERRIDE()
        macros are added to override the methods for the externalResourcesRequired
        and href animated properties, where required.

        * svg/SVGAElement.h:
        * svg/SVGAltGlyphElement.h:
        * svg/SVGAnimatedAngle.h:
        * svg/SVGAnimatedBoolean.h:
        * svg/SVGAnimatedEnumeration.h:
        * svg/SVGAnimatedInteger.h:
        * svg/SVGAnimatedLength.h:
        * svg/SVGAnimatedNumber.h:
        * svg/SVGAnimatedPreserveAspectRatio.h:
        * svg/SVGAnimatedRect.h:
        * svg/SVGAnimatedString.h:
        * svg/SVGAnimationElement.h:
        * svg/SVGCircleElement.h:
        * svg/SVGClipPathElement.h:
        * svg/SVGCursorElement.h:
        * svg/SVGDefsElement.h:
        * svg/SVGElement.h:
        * svg/SVGEllipseElement.h:
        * svg/SVGFEImageElement.h:
        * svg/SVGFilterElement.h:
        * svg/SVGFontElement.h:
        * svg/SVGForeignObjectElement.h:
        * svg/SVGGElement.h:
        * svg/SVGGlyphRefElement.h:
        * svg/SVGGradientElement.h:
        * svg/SVGImageElement.h:
        * svg/SVGLineElement.h:
        * svg/SVGMPathElement.h:
        * svg/SVGMarkerElement.h:
        * svg/SVGMaskElement.h:
        * svg/SVGPathElement.h:
        * svg/SVGPatternElement.h:
        * svg/SVGPolyElement.h:
        * svg/SVGRectElement.h:
        * svg/SVGSVGElement.h:
        * svg/SVGScriptElement.h:
        * svg/SVGSwitchElement.h:
        * svg/SVGSymbolElement.h:
        * svg/SVGTRefElement.h:
        * svg/SVGTextContentElement.h:
        * svg/SVGTextPathElement.h:
        * svg/SVGURIReference.h: Add the hrefBaseValue() pure virtual method
        so it can be overridden by any class that also overrides the
        corresponding setHrefBaseValue() method.
        * svg/SVGUseElement.h:
        * svg/SVGViewElement.h:
        * svg/properties/SVGAnimatedPropertyMacros.h:
        * svg/properties/SVGMatrixTearOff.h:
        (WebCore::SVGMatrixTearOff::commitChange):

2015-06-12  Zan Dobersek  <zdobersek@igalia.com>

        [GLib] Move files under Source/WTF/wtf/gobject to Source/WTF/wtf/glib
        https://bugs.webkit.org/show_bug.cgi?id=145799

        Reviewed by Carlos Garcia Campos.

        Update header inclusions for headers that have been moved
        to Source/WTF/wtf/glib/.

        * accessibility/atk/AXObjectCacheAtk.cpp:
        * accessibility/atk/WebKitAccessibleInterfaceText.cpp:
        * bindings/gobject/DOMObjectCache.cpp:
        * bindings/gobject/GObjectEventListener.h:
        * bindings/gobject/GObjectNodeFilterCondition.h:
        * bindings/gobject/GObjectXPathNSResolver.h:
        * bindings/gobject/WebKitDOMEventTarget.cpp:
        * platform/Pasteboard.h:
        * platform/audio/gstreamer/AudioDestinationGStreamer.cpp:
        * platform/audio/gstreamer/AudioFileReaderGStreamer.cpp:
        * platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp:
        * platform/audio/gstreamer/WebKitWebAudioSourceGStreamer.cpp:
        * platform/audio/gtk/AudioBusGtk.cpp:
        * platform/geoclue/GeolocationProviderGeoclue.h:
        * platform/geoclue/GeolocationProviderGeoclue2.cpp:
        * platform/glib/BatteryProviderUPower.cpp:
        * platform/glib/BatteryProviderUPower.h:
        * platform/graphics/gstreamer/GRefPtrGStreamer.h:
        * platform/graphics/gstreamer/GStreamerUtilities.cpp:
        * platform/graphics/gstreamer/GUniquePtrGStreamer.h:
        * platform/graphics/gstreamer/InbandTextTrackPrivateGStreamer.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
        * platform/graphics/gstreamer/MediaSourceGStreamer.cpp:
        * platform/graphics/gstreamer/TrackPrivateBaseGStreamer.cpp:
        * platform/graphics/gstreamer/TrackPrivateBaseGStreamer.h:
        * platform/graphics/gstreamer/VideoSinkGStreamer.cpp:
        * platform/graphics/gstreamer/WebKitMediaSourceGStreamer.cpp:
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        * platform/graphics/gtk/ImageBufferGtk.cpp:
        * platform/graphics/gtk/ImageGtk.cpp:
        * platform/gtk/ContextMenuGtk.cpp:
        * platform/gtk/ContextMenuItemGtk.cpp:
        * platform/gtk/DataObjectGtk.cpp:
        * platform/gtk/DataObjectGtk.h:
        * platform/gtk/FileSystemGtk.cpp:
        * platform/gtk/GRefPtrGtk.h:
        * platform/gtk/GUniquePtrGtk.h:
        * platform/gtk/GamepadsGtk.cpp:
        * platform/gtk/GtkUtilities.cpp:
        * platform/gtk/LanguageGtk.cpp:
        * platform/gtk/LocalizedStringsGtk.cpp:
        * platform/gtk/PasteboardHelper.cpp:
        * platform/gtk/ScrollbarThemeGtk.cpp:
        * platform/gtk/SharedBufferGtk.cpp:
        * platform/gtk/SharedTimerGtk.cpp:
        * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.cpp:
        * platform/network/ResourceHandleInternal.h:
        * platform/network/gtk/CredentialBackingStore.cpp:
        * platform/network/soup/CertificateInfo.h:
        * platform/network/soup/CookieJarSoup.cpp:
        * platform/network/soup/DNSSoup.cpp:
        * platform/network/soup/GRefPtrSoup.h:
        * platform/network/soup/GUniquePtrSoup.h:
        * platform/network/soup/ResourceError.h:
        * platform/network/soup/ResourceErrorSoup.cpp:
        * platform/network/soup/ResourceHandleSoup.cpp:
        * platform/network/soup/ResourceResponse.h:
        * platform/network/soup/SocketStreamHandle.h:
        * platform/network/soup/SocketStreamHandleSoup.cpp:
        * platform/network/soup/SoupNetworkSession.h:
        * platform/text/gtk/HyphenationLibHyphen.cpp:
        * rendering/RenderThemeGtk.cpp:

2015-06-12  Yoav Weiss  <yoav@yoav.ws>

        Fix the build when the PICTURE_SIZES flag is off
        https://bugs.webkit.org/show_bug.cgi?id=145926

        Reviewed by Csaba Osztrogonác.

        No new tests since there's no functionality change.

        * html/parser/HTMLPreloadScanner.cpp: Remove the guard around the definition of m_sizesAttribute.

2015-06-12  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r185492.
        https://bugs.webkit.org/show_bug.cgi?id=145927

        Causes crashes on debug (Requested by rego on #webkit).

        Reverted changeset:

        "[CSS Grid Layout] Fix grid-template-areas parsing to avoid
        spaces"
        https://bugs.webkit.org/show_bug.cgi?id=145860
        http://trac.webkit.org/changeset/185492

2015-06-12  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        Bindings generator should generate code for Promise-based APIs
        https://bugs.webkit.org/show_bug.cgi?id=145833

        Reviewed by Darin Adler.

        Covered by existing tests.

        * Modules/webaudio/AudioContext.idl: Removing custom binding for resume, suspend and close.
        * bindings/js/JSAudioContextCustom.cpp: Ditto.
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader): Refactoring to use IsReturningPromise.
        (GenerateImplementation): Disabling include for return type if it is a promise.
        (GenerateParametersCheck): Adding DeferredWrapper() as argument to the DOM method if JS method returns a promise.
        (GenerateImplementationFunctionCall): Added support for promise-returning API.
        (IsReturningPromise): Checking whether function is returning a promise.
        * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
        (webkit_dom_test_obj_test_promise_function):
        * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunction):
        * bindings/scripts/test/ObjC/DOMTestObj.h:
        * bindings/scripts/test/ObjC/DOMTestObj.mm:
        (-[DOMTestObj testPromiseFunction]):
        * bindings/scripts/test/TestObj.idl: Adding promise returning function.


2015-06-12  Manuel Rego Casasnovas  <rego@igalia.com>

        [CSS Grid Layout] Fix grid-template-areas parsing to avoid spaces
        https://bugs.webkit.org/show_bug.cgi?id=145860

        Reviewed by Sergio Villar Senin.

        The spec doesn't require to have spaces between unnamed and named areas
        in grid-template-areas syntax. But spaces are currently required in our
        code.

        This was confirmed in the CSS WG mailing list:
        https://lists.w3.org/Archives/Public/www-style/2015May/0239.html

        This patch updates grid-template-areas parsing to allow the possibility
        of removing spaces between unnamed and named areas.

        Added new cases to fast/css-grid-layout/grid-template-areas-get-set.html.

        * css/CSSParser.cpp:
        (WebCore::parseGridTemplateAreasColumnNames): New helper method to
        determine the column names split by white spaces or dots.
        (WebCore::CSSParser::parseGridTemplateAreasRow): Use the new helper
        method to get the column names.
        (WebCore::containsOnlyDots): Deleted. Not needed anymore as
        parseGridTemplateAreasColumnNames() is using a single dot for unnamed
        grid areas (despite of being defined with 1 or more dots).

2015-06-11  Mark Lam  <mark.lam@apple.com>

        WebCore::reportException() needs to be able to accept a raw thrown value in addition to Exception objects.
        https://bugs.webkit.org/show_bug.cgi?id=145872

        Reviewed by Michael Saboff.

        API test added: WebKit1.ReportExceptionTest.

        * bindings/js/JSDOMBinding.cpp:
        (WebCore::reportException):
        - Added a version of reportException() that takes a JSValue instead of an Exception
          object.  This version will ensure that we have an Exception object before calling
          into the original reportException() as follows:

          1. If the JSValue is already an Exception object, we're good to go.

          2. Else, if VM::lastException() is available, use that as the exception.
             This is how the old code use to behave (in terms of where it gets the exception
             stack trace).  The assumption is that reportException() will be called in
             a timely manner before the exception stack trace has been purged.

          3. Else, create an Exception object with no stack trace.  This is the fall back
             in case the client did not call reportException() in a timely manner.

        - Also clear the last exception after we've reported it.  This is how the old code
          before r185259 behave (in terms of the lifecycle of the last exception stack
          trace).  We're restoring that behavior here.

        * bindings/js/JSDOMBinding.h:

2015-06-11  Zalan Bujtas  <zalan@apple.com>

        Do not crash when the descendant frame tree is destroyed during layout.
        https://bugs.webkit.org/show_bug.cgi?id=144540
        rdar://problem/20793184

        Reviewed by Andreas Kling.

        Widget::setFrameRect(), through WebHTMLView layout, could trigger a style recalc, which in turn
        could initiate an onBeforeLoad callback.
        If javascript happens to destroy the current iframe in the onBeforeLoad callback, we lose the descendant
        render tree, including the child FrameView (the iframe element's view). However the RenderIFrame
        object stays protected until after the layout is done. (see protectRenderWidgetUntilLayoutIsDone())

        Climbing back on the callstack, we need to make sure that
        1. the root widget of the descendant render tree (FrameView) stays valid as long as it is needed.
        2. RenderFrameBase::layoutWithFlattening() can handle the case when the associated widget (child FrameView) is set to nullptr.
        (see RenderWidget::willBeDestroyed() -> setWidget(nullptr))

        (and later, when layout is finished this (RenderIFrame) object gets destroyed too.)

        Covered by fast/frames/flattening/crash-remove-iframe-during-object-beforeload.html.

        * page/FrameView.cpp:
        (WebCore::FrameView::setFrameRect):
        (WebCore::FrameView::updateEmbeddedObject):
        (WebCore::FrameView::updateWidgetPositions):
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::setFrameRect):
        * platform/mac/WidgetMac.mm:
        (WebCore::Widget::setFrameRect):
        * rendering/RenderFrameBase.cpp:
        (WebCore::RenderFrameBase::layoutWithFlattening):
        (WebCore::RenderFrameBase::childRenderView):
        (WebCore::RenderFrameBase::peformLayoutWithFlattening):
        * rendering/RenderFrameBase.h:
        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::updateWidgetPosition):
        * rendering/RenderWidget.h:

2015-06-11  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r185470.
        https://bugs.webkit.org/show_bug.cgi?id=145902

        Caused ASan violations (Requested by ap on #webkit).

        Reverted changeset:

        "Add an appearance keyword for wireless playback / airplay
        icon"
        https://bugs.webkit.org/show_bug.cgi?id=145892
        http://trac.webkit.org/changeset/185470

2015-06-11  Brady Eidson  <beidson@apple.com>

        IndexedDB onupgradeneeded event has incorrect value for oldVersion.
        <rdar://problem/18309792> and https://bugs.webkit.org/show_bug.cgi?id=136888

        Reviewed by Sam Weinig.

        Test: storage/indexeddb/version-change-event-basic.html

        "NoIntVersion" is an internal bookkeeping concept that we never should've been passing to Javascript.
        
        This cleans up things by:
        - Adjusting an old version of "NoIntVersion" to "0" before making the version change callback.
        - Removing the VersionNullness parameter from almost everywhere.
        - Removing the nullability of the newVersion parameter from the IDL.

        * Modules/indexeddb/IDBDatabase.cpp:
        (WebCore::IDBDatabase::onVersionChange):
        * Modules/indexeddb/IDBDatabase.h:
        
        * Modules/indexeddb/IDBDatabaseBackend.cpp:
        (WebCore::IDBDatabaseBackend::runIntVersionChangeTransaction):
        (WebCore::IDBDatabaseBackend::deleteDatabase):
        
        * Modules/indexeddb/IDBDatabaseCallbacks.h:
        * Modules/indexeddb/IDBDatabaseCallbacksImpl.cpp:
        (WebCore::IDBDatabaseCallbacksImpl::onVersionChange):
        * Modules/indexeddb/IDBDatabaseCallbacksImpl.h:
        
        * Modules/indexeddb/IDBOpenDBRequest.cpp:
        (WebCore::IDBOpenDBRequest::onBlocked):
        (WebCore::IDBOpenDBRequest::onUpgradeNeeded):
        
        * Modules/indexeddb/IDBTransactionBackendOperations.cpp:
        (WebCore::IDBDatabaseBackend::VersionChangeOperation::perform):
        
        * Modules/indexeddb/IDBVersionChangeEvent.cpp:
        (WebCore::IDBVersionChangeEvent::IDBVersionChangeEvent):
        * Modules/indexeddb/IDBVersionChangeEvent.h:
        (WebCore::IDBVersionChangeEvent::create):
        (WebCore::IDBVersionChangeEvent::newVersion):
        * Modules/indexeddb/IDBVersionChangeEvent.idl:

2015-06-11  Matt Rajca  <mrajca@apple.com>

        Media Session: Add plumbing for media control event delivery.
        https://bugs.webkit.org/show_bug.cgi?id=145859

        Reviewed by Anders Carlsson.

        * Modules/mediasession/MediaEventTypes.h: Added.
        * WebCore.xcodeproj/project.pbxproj:
        * page/Page.cpp:
        (WebCore::Page::handleMediaEvent): Toggle media playback upon receiving the PlayPause event as described in the spec.
        * page/Page.h:

2015-06-11  Jon Lee  <jonlee@apple.com>

        Update media controls JS and CSS to use picture-in-picture
        https://bugs.webkit.org/show_bug.cgi?id=145827
        <rdar://problem/21311576>

        Reviewed by Dean Jackson.

        * English.lproj/mediaControlsLocalizedStrings.js: Update localized strings.
        Add a string for the placeholder text, and for the aria-label of the
        placard.

        * Modules/mediacontrols/MediaControlsHost.idl: Remove uncalled functions.
        * Modules/mediacontrols/MediaControlsHost.h: Also remove optimizedFullscreenSupported(),
        which was never used.
        * Modules/mediacontrols/MediaControlsHost.cpp: Remove uncalled functions and media part IDs.
        (WebCore::MediaControlsHost::enterFullscreenOptimized): Deleted.
        (WebCore::MediaControlsHost::mediaUIImageData): Deleted.

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-picture-in-picture-button): Update pseudo-element name.
        (audio::-webkit-media-controls-optimized-fullscreen-button): Deleted.
        * Modules/mediacontrols/mediaControlsApple.js: Update global variable name, and classes.
        (Controller.prototype.createControls): Update button name. Add aria-label to the placeholder.
        (Controller.prototype.updateFullscreenButtons):
        (Controller.prototype.updateLayoutForDisplayedWidth):
        (Controller.prototype.handlePictureInPictureButtonClicked): Update handler names.
        (Controller.prototype.handleOptimizedFullscreenButtonClicked): Deleted.

        * Modules/mediacontrols/mediaControlsiOS.css: Rename pseudo-element.
        (audio::-webkit-media-controls-picture-in-picture-button): Add mask images.
        (audio::-webkit-media-controls-picture-in-picture-button:active):
        (video::-webkit-media-controls-picture-in-picture-button):
        (video::-webkit-media-controls-picture-in-picture-button.return-from-picture-in-picture):
        (audio::-webkit-media-controls-wireless-playback-status.picture-in-picture):
        (audio::-webkit-media-controls-wireless-playback-text-top.picture-in-picture):
        (audio::-webkit-media-controls-wireless-playback-text-bottom.picture-in-picture):
        (audio::-webkit-media-controls-optimized-fullscreen-button): Deleted.
        (audio::-webkit-media-controls-optimized-fullscreen-button:active): Deleted.
        (video::-webkit-media-controls-optimized-fullscreen-button): Deleted.
        (audio::-webkit-media-controls-wireless-playback-status.optimized): Deleted. The placard
        pseudo-element should be updated from wireless-playback-status to just playback-status
        since it serves both for pip and AirPlay.
        (audio::-webkit-media-controls-wireless-playback-text-top.optimized): Deleted.
        (audio::-webkit-media-controls-wireless-playback-text-bottom.optimized): Deleted.
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.createControls): Update button names.
        (ControllerIOS.prototype.configureInlineControls):
        (ControllerIOS.prototype.handlePictureInPictureButtonClicked): Update handler name.
        (ControllerIOS.prototype.handlePictureInPictureTouchStart):
        (ControllerIOS.prototype.handlePictureInPictureTouchEnd):
        (ControllerIOS.prototype.handlePictureInPictureTouchCancel):
        (ControllerIOS.prototype.handlePresentationModeChange): Remove changes to the inline bg
        image style, and rely on the CSS to fill those in. Use localized strings for the placard.
        Move the aria-label to createControls().
        (ControllerIOS.prototype.handleOptimizedFullscreenButtonClicked): Deleted.
        (ControllerIOS.prototype.handleOptimizedFullscreenTouchStart): Deleted.
        (ControllerIOS.prototype.handleOptimizedFullscreenTouchEnd): Deleted.
        (ControllerIOS.prototype.handleOptimizedFullscreenTouchCancel): Deleted.

        * html/HTMLMediaElement.cpp: Remove enterFullscreenOptimized since it is never called.
        (WebCore::HTMLMediaElement::enterFullscreenOptimized): Deleted.
        * html/HTMLMediaElement.h:
        * platform/ios/WebCoreSystemInterfaceIOS.h: Remove wkGetMediaUIImageData.
        * platform/ios/WebCoreSystemInterfaceIOS.mm:
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::mediaControlsStyleSheet): Remove calls to wkGetMediaUIImageData.

2015-06-11  Dean Jackson  <dino@apple.com>

        Add an appearance keyword for wireless playback / airplay icon
        https://bugs.webkit.org/show_bug.cgi?id=145892
        <rdar://problem/21344872>

        Reviewed by Simon Fraser.

        Add a new "-webkit-appearance" value named "-apple-airplay"
        which will be used to render an icon. This change simply
        adds support for the value, and puts in hooks for drawing.

        At the moment this is only going to be used by Airplay, so
        the public-facing name is "-apple-airplay". However, the
        implementation in Theme has a more generic name, in case
        we hook it up for other ports later.

        Test: fast/css/appearance-airplay.html

        * css/CSSParser.cpp:
        (WebCore::cssValueKeywordID): This new keyword should not get
        translated into having a -webkit prefix.
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): New mapping from
        the Theme to the CSS value.
        * css/CSSValueKeywords.in: Add "-apple-airplay".
        * platform/ThemeTypes.h: New ControlPart.
        * rendering/RenderTheme.cpp: Stub implementation of the rendering and
        style update for the new appearance.
        (WebCore::RenderTheme::adjustStyle):
        (WebCore::RenderTheme::paint):
        (WebCore::RenderTheme::adjustWirelessPlaybackIconStyle):
        (WebCore::RenderTheme::paintWirelessPlaybackIcon):
        * rendering/RenderTheme.h:
        * rendering/RenderThemeMac.h:
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::adjustWirelessPlaybackIconStyle):
        (WebCore::RenderThemeMac::paintWirelessPlaybackIcon):

2015-06-11  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r185464.
        https://bugs.webkit.org/show_bug.cgi?id=145894

        "This patch is breaking binding tests" (Requested by youenn on
        #webkit).

        Reverted changeset:

        "Bindings generator should generate code for Promise-based
        APIs"
        https://bugs.webkit.org/show_bug.cgi?id=145833
        http://trac.webkit.org/changeset/185464

2015-06-11  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r185465.
        https://bugs.webkit.org/show_bug.cgi?id=145893

        "This patch is breaking 32bit mac build" (Requested by youenn
        on #webkit).

        Reverted changeset:

        "[Streams API] ReadableJSStream should handle promises
        returned by JS source start callback"
        https://bugs.webkit.org/show_bug.cgi?id=145792
        http://trac.webkit.org/changeset/185465

2015-06-11  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] ReadableJSStream should handle promises returned by JS source start callback
        https://bugs.webkit.org/show_bug.cgi?id=145792

        Reviewed by Darin Adler.

        Covered by rebased tests.

        When calling start callback, the returned value is checked.
        If it is not a promise, we do as if it is a resolved promise.
        If it is a promise, we call its then() method with two resolve/reject JS functions.

        * Modules/streams/ReadableStream.cpp:
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::invoke): Returns a JSPromise* if any is returned by the JS source callback.
        (WebCore::thenPromise): Utility method to call the promise.
        (WebCore::createStartResultFulfilledFunction): The promise resolve callback.
        (WebCore::ReadableJSStream::doStart): Calls thenPromise if a JSPromise* is returned by invoke.
        (WebCore::ReadableJSStream::ReadableJSStream):
        * bindings/js/ReadableJSStream.h:

2015-06-11  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        Bindings generator should generate code for Promise-based APIs
        https://bugs.webkit.org/show_bug.cgi?id=145833

        Reviewed by Darin Adler.

        Covered by existing tests.

        * Modules/webaudio/AudioContext.idl: Removing custom binding for resume, suspend and close.
        * bindings/js/JSAudioContextCustom.cpp: Ditto.
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader): Refactoring to use IsReturningPromise.
        (GenerateImplementation): Disabling include for return type if it is a promise.
        (GenerateParametersCheck): Adding DeferredWrapper() as argument to the DOM method if JS method returns a promise.
        (GenerateImplementationFunctionCall): Added support for promise-returning API.
        (IsReturningPromise): Checking whether function is returning a promise.
        * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
        (webkit_dom_test_obj_test_promise_function):
        * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionTestPromiseFunction):
        * bindings/scripts/test/ObjC/DOMTestObj.h:
        * bindings/scripts/test/ObjC/DOMTestObj.mm:
        (-[DOMTestObj testPromiseFunction]):
        * bindings/scripts/test/TestObj.idl: Adding promise returning function.


2015-06-08  Simon Fraser  <simon.fraser@apple.com>

        Missing content in UIWebView snapshots sometimes
        https://bugs.webkit.org/show_bug.cgi?id=145779
        rdar://problem/20744708

        Reviewed by Darin Adler.
        
        When expanding collapsed parts of quoted text on iOS, sometimes the "concertina"
        images would be blank. This happened because we'd fail to create tiles for regions
        outside the LegacyTileCache's visibleRect.
        
        Fix by giving LegacyTileCache an optional override visibleRect, which is set
        and cleared during -renderInContext: using the context clip rect.

        * platform/ios/LegacyTileCache.h:
        * platform/ios/LegacyTileCache.mm:
        (WebCore::LegacyTileCache::visibleRectInLayer):
        (WebCore::LegacyTileCache::setOverrideVisibleRect):
        * platform/ios/LegacyTileLayer.mm:
        (-[LegacyTileHostLayer renderInContext:]):

2015-06-11  Daniel Bates  <dabates@apple.com>

        Simplify event handling logic for search cancel button
        https://bugs.webkit.org/show_bug.cgi?id=145780

        Reviewed by Darin Adler.

        Following the patch for <https://bugs.webkit.org/show_bug.cgi?id=145774> we can take advantage
        of the DOM click event to simplify the event handling logic for the search cancel button.
        It is sufficient to listen for mousedown and click events instead of listening for mousedown
        and mouseup events, capturing all events during drag, and using the hover state of the button
        on mouse release together with a instance variable set on mouse press to determine whether
        the cancel button was clicked.

        As a side effect of removing the requirement that the search cancel button be hovered (a
        workaround to ensure that the mouse was pressed and released on the button in absence of
        listening for an explicit DOM click event) we can remove the accessibility-specific class,
        AccessibilitySearchFieldCancelButton, that was primarily used to fake the hover state of
        the button so that the accessibility machinery could simulate a click on it. Instead we
        can add use the default accessibility machinery for clicking on an element.

        No new tests since no functionality was changed.

        * CMakeLists.txt: Remove reference to file AccessibilitySearchFieldButtons.cpp.
        * WebCore.vcxproj/WebCore.vcxproj: Remove reference to files AccessibilitySearchFieldButtons.{cpp, h}.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * accessibility/AXObjectCache.cpp:
        (WebCore::createFromRenderer): Remove special-purpose logic that instantiated
        AccessibilitySearchFieldCancelButton for the search cancel button. Instead we can make
        use of the existing accessibility machinery to handle this button.
        * accessibility/AccessibilityAllInOne.cpp: Remove #include of AccessibilitySearchFieldButtons.cpp
        since the file is no longer needed.
        * accessibility/AccessibilitySearchFieldButtons.cpp: Removed.
        * accessibility/AccessibilitySearchFieldButtons.h: Removed.
        * dom/Element.h:
        (WebCore::Element::isSearchFieldCancelButtonElement): Deleted.
        * html/shadow/TextControlInnerElements.cpp:
        (WebCore::SearchFieldCancelButtonElement::SearchFieldCancelButtonElement): Set the ARIA role
        and label attributes so that the accessibility system identifies the search cancel button as
        a button and shows a description for the button, respectively.
        (WebCore::SearchFieldCancelButtonElement::defaultEventHandler): Simplify the event handling logic
        such that we clear the field when we receive a DOM click event (i.e. the mouse was pressed
        and released on the button). Remove unused variable, oldValue. Substitute emptyString() for the
        empty string literal in the call to HTMLInputElement::setValueForUser() to avoid an implicit
        conversion to String. Also remove out-of-date comment that repeated what the code does.
        (WebCore::SearchFieldCancelButtonElement::willDetachRenderers): Deleted. We no longer need to use
        custom style resolve callbacks to reset the state of the EventHandler since we no longer need to
        have the EventHandler dispatch all mouse events to us on mouse press.
        * html/shadow/TextControlInnerElements.h:

2015-06-11  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r185453.
        https://bugs.webkit.org/show_bug.cgi?id=145881

        it broke the 32-bit build (Requested by clopez on #webkit).

        Reverted changeset:

        "[GTK] [Wayland] Should be possible to build with support for
        both X11 and Wayland."
        https://bugs.webkit.org/show_bug.cgi?id=145701
        http://trac.webkit.org/changeset/185453

2015-06-11  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        [GTK] [Wayland] Should be possible to build with support for both X11 and Wayland.
        https://bugs.webkit.org/show_bug.cgi?id=145701

        Reviewed by Žan Doberšek.

        No new tests, no behavior changes.

        When building both targets, we have to include the wayland-egl
        headers in order to build the Wayland target. This causes that
        EGLNativePixmapType and EGLNativeWindowType get defined as
        different types than when building only the X11 target.

        By type casting them to the ones that are expected, we are able
        to build both targets at the same time.

        I have done tests (building each target alone as also both targets
        at the same time), and everything seems to works as expected.

        Once built for both targets, if you try to launch the MiniBrowser
        from inside a Wayland compositor (Weston on top of X for example),
        it will trigger the X11 target if the DISPLAY environment variable
        is set and the environment variable GDK_BACKEND is not set to wayland,
        otherwise it will trigger the Wayland target.

        * platform/graphics/GLContext.cpp:
        (WebCore::GLContext::createContextForWindow): Add type cast.
        * platform/graphics/egl/GLContextEGL.cpp: Add missing include when
        building both targets that is required for defining DefaultRootWindow().
        (WebCore::GLContextEGL::createPixmapContext): Add type cast.

2015-06-11  Hunseop Jeong  <hs85.jeong@samsung.com>

        [EFL] Fix the debug build after r185417.
        https://bugs.webkit.org/show_bug.cgi?id=145876 

        Reviewed by Gyuyoung Kim.

        * platform/graphics/efl/ImageBufferEfl.cpp: added the missing "MIMETypeRegistry.h".

2015-06-11  Myles C. Maxfield  <mmaxfield@apple.com>

        [iOS] Tahoma isn't installed on iOS, so there is no need to blacklist it
        https://bugs.webkit.org/show_bug.cgi?id=145865

        Reviewed by Dan Bernstein.

        No new tests because I can't copy Tahoma into our open source repository.

        * platform/graphics/cocoa/FontCocoa.mm:
        (WebCore::fontFamilyShouldNotBeUsedForArabic):

2015-06-10  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r185442.
        https://bugs.webkit.org/show_bug.cgi?id=145871

        seems to have broken WTF.StringOperators test (Requested by
        alexchristensen on #webkit).

        Reverted changeset:

        "[Content Extensions] Limit number of rules."
        https://bugs.webkit.org/show_bug.cgi?id=145663
        http://trac.webkit.org/changeset/185442

2015-06-10  Jon Lee  <jonlee@apple.com>

        Update presentation mode JS API to using 'picture-in-picture'
        https://bugs.webkit.org/show_bug.cgi?id=145826
        rdar://problem/2131153

        Reviewed by Anders Carlsson.

        Update presentation modes to use 'picture-in-picture' in lieu of 'optimized'.

        * html/HTMLVideoElement.idl: Update to "picture-in-picture".
        * html/HTMLVideoElement.cpp:
        (WebCore::presentationModePictureInPicture): Rename static function returning string.
        (WebCore::presentationModeOptimized): Deleted.
        (WebCore::HTMLVideoElement::webkitSupportsPresentationMode): Use the new static function name.
        (WebCore::HTMLVideoElement::webkitSetPresentationMode): Ditto.
        (WebCore::HTMLVideoElement::webkitPresentationMode): Ditto.

        * Modules/mediacontrols/mediaControlsiOS.js: Update to 'picture-in-picture'.
        (ControllerIOS.prototype.configureInlineControls): 
        (ControllerIOS.prototype.isFullScreen):
        (ControllerIOS.prototype.handleOptimizedFullscreenButtonClicked):
        (ControllerIOS.prototype.handlePresentationModeChange):
        (ControllerIOS.prototype.controlsAlwaysVisible):

2015-06-10  Boris Smus  <boris@smus.com>

        [Mobile Safari, WKWebView] increase DeviceOrientationEvent events emission frequency
        https://bugs.webkit.org/show_bug.cgi?id=145814

        Reviewed by Benjamin Poulain.

        Increased the sampling rate of DeviceOrientationEvent from 20 Hz to 60
        Hz to make good head tracking possible.

        * platform/ios/WebCoreMotionManager.h:

2015-06-10  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Limit number of rules.
        https://bugs.webkit.org/show_bug.cgi?id=145663
        rdar://problem/21242407

        Reviewed by Benjamin Poulain.

        Added an API test to make sure that parsing fails when there are too many rules.

        * contentextensions/ContentExtensionError.cpp:
        (WebCore::ContentExtensions::contentExtensionErrorCategory):
        * contentextensions/ContentExtensionError.h:
        * contentextensions/ContentExtensionParser.cpp:
        (WebCore::ContentExtensions::loadEncodedRules):
        Fail to parse a content extension with more than 50000 rules.

2015-06-10  Said Abou-Hallawa  <sabouhallawa@apple.com>

        REGRESSION (r184895): Vertical border elements ([-webkit]-border-image set to 'repeat') that used to render perfectly are now rendering incorrectly.
        https://bugs.webkit.org/show_bug.cgi?id=145801

        Reviewed by Simon Fraser.

        When using the tiling to draw the sides of an image-border, the image slice
        is repeated only in one direction. For top and bottom sides, the slice is
        repeated horizontally and for left and right sides, it's repeated vertically.
        The tile might be scaled in the other direction of the tiling if the border
        extent and the slice extent are different in this direction.
        
        The bug happens because we were scaling the tile in the tiling direction.

        Test: fast/borders/border-image-repeat-stretch.html

        * rendering/style/NinePieceImage.cpp:
        (WebCore::NinePieceImage::scaleSlicesIfNeeded): Fix the type and the name
        of deviceScaleFactor.
        
        (WebCore::NinePieceImage::computeIntrinsicSideTileScale): Fix the scaling
        direction of the border image side tiling.
        
        * rendering/style/NinePieceImage.h:

2015-06-10  Chris Dumez  <cdumez@apple.com>

        ASSERT_WITH_SECURITY_IMPLICATION in WebCore::DocumentOrderedMap::getElementById
        https://bugs.webkit.org/show_bug.cgi?id=145857
        <rdar://problem/16798440>

        Reviewed by Darin Adler.

        Make sure Node::insertedInto() gets called on the inserted node and its
        descendants after its insertion into the tree but *before*
        ContainerNode::childrenChanged() is called on the parent node. This is
        needed so that the descendants know they've been inserted into the tree
        (and their InDocumentFlag flag gets set) before the parent node does
        anything with them in childrenChanged().

        In the case of <rdar://problem/16798440>, executing HTMLScriptElement's
        childrenChanged() after appending a child to a script element was causing
        the script to be executed. The script would call getElementBy() which
        would traverse the DOM tree and find a matching Element in the newly
        inserted subtree. However, the matching Element's InDocumentFlag flag was
        not set yet because the element's insertedInto() method has not been called
        yet at this point. This would cause us to hit an assertion as
        DocumentOrderedMap::getElementById() is only supposed to return elements
        that are in a Document.

        This patch is based on Blink r178976 by <esprehn@chromium.org>:
        https://src.chromium.org/viewvc/blink?view=rev&revision=178976

        Tests: fast/dom/script-getElementById-during-insertion.html
               fast/dom/script-remove-child-id-map.html

        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::notifyChildInserted):
        (WebCore::ContainerNode::notifyChildRemoved):
        (WebCore::ContainerNode::removeChildren):
        (WebCore::ContainerNode::parserInsertBefore): Deleted.
        (WebCore::ContainerNode::removeChild): Deleted.
        (WebCore::ContainerNode::parserRemoveChild): Deleted.
        (WebCore::ContainerNode::parserAppendChild): Deleted.
        (WebCore::ContainerNode::childrenChanged): Deleted.
        (WebCore::ContainerNode::setAttributeEventListener): Deleted.
        (WebCore::ContainerNode::querySelector): Deleted.
        * dom/ContainerNodeAlgorithms.cpp:
        (WebCore::ChildNodeInsertionNotifier::notifyDescendantInsertedIntoDocument):
        (WebCore::ChildNodeInsertionNotifier::notifyDescendantInsertedIntoTree):
        * dom/ContainerNodeAlgorithms.h:
        (WebCore::ChildNodeInsertionNotifier::notifyNodeInsertedIntoDocument):
        (WebCore::ChildNodeInsertionNotifier::notifyNodeInsertedIntoTree):
        (WebCore::ChildNodeInsertionNotifier::notify):
        (WebCore::ChildNodeRemovalNotifier::notifyNodeRemovedFromDocument): Deleted.
        * dom/Element.cpp:
        (WebCore::Element::addShadowRoot):

2015-06-10  Alex Christensen  <achristensen@webkit.org>

        [Web Timing] Fix flaky test.
        https://bugs.webkit.org/show_bug.cgi?id=145846

        Reviewed by Alexey Proskuryakov.

        The timing data is gathered in ResourceHandle::getConnectionTimingData as 
        millisecond deltas from the fetch start time, not the navigation start time.
        The difference between navigation and fetch start time is usually so small that 
        it only caused one flaky test, but this should fix that flakiness. This patch 
        corrects how the millisecond deltas are used.

        * page/PerformanceTiming.cpp:
        (WebCore::PerformanceTiming::domainLookupStart):
        (WebCore::PerformanceTiming::domainLookupEnd):
        (WebCore::PerformanceTiming::connectStart):
        (WebCore::PerformanceTiming::connectEnd):
        (WebCore::PerformanceTiming::secureConnectionStart):
        (WebCore::PerformanceTiming::requestStart):
        (WebCore::PerformanceTiming::responseStart):
        (WebCore::PerformanceTiming::responseEnd):
        (WebCore::PerformanceTiming::documentLoadTiming):
        (WebCore::PerformanceTiming::resourceLoadTimeRelativeToFetchStart):
        (WebCore::PerformanceTiming::monotonicTimeToIntegerMilliseconds):
        (WebCore::PerformanceTiming::resourceLoadTimeRelativeToAbsolute): Deleted.
        * page/PerformanceTiming.h:

2015-06-10  Beth Dakin  <bdakin@apple.com>

        Overriding the overlay scrollbar style on WKView doesn't take effect immediately
        https://bugs.webkit.org/show_bug.cgi?id=145855
        -and corresponding-
        rdar://problem/20948706

        Reviewed by Simon Fraser.

        Since we opt into layer-per-part scrollbars in order to move the knob on the 
        secondary thread, AppKit is creating its own layers for the knob and track. To 
        invalidate them, we need to call into the ScrollbarPainter’s setNeedsDisplay.

        New virtual function on ScrollAnimator to call into ScrollbarPainter’s 
        setNeedsDispay.
        * platform/ScrollAnimator.h:

        Call the new function when setting the overlay style.
        * platform/ScrollableArea.cpp:
        (WebCore::ScrollableArea::setScrollbarOverlayStyle):

        Add setNeedsDisplay to the list of ScrollbarPainter methods.
        * platform/mac/NSScrollerImpDetails.h:

        Implement invalidateScrollbarPartLayers.
        * platform/mac/ScrollAnimatorMac.h:
        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::ScrollAnimatorMac::invalidateScrollbarPartLayers):

2015-06-10  Matt Rajca  <mrajca@apple.com>

        MediaRemoteControls should be marked JSGenerateToJSObject.
        https://bugs.webkit.org/show_bug.cgi?id=145849

        Reviewed by Eric Carlson.

        Since MediaRemoteControls has a parent interface, we need to add the JSGenerateToJSObject attribute so the
        toJS(...) function gets generated. This is required for event handling to work.

        * Modules/mediasession/MediaRemoteControls.idl:

2015-06-10  Dean Jackson  <dino@apple.com>

        User can not scroll on page when dragging inside video
        https://bugs.webkit.org/show_bug.cgi?id=145848
        <rdar://problem/20997158>

        Reviewed by Brent Fulgham.

        Revert the change made in http://trac.webkit.org/changeset/183797
        which breaks panning on pages if the touch starts inside the video.

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.handleWrapperTouchStart): Do not return true, which stops
        the handleEvent call in the superclass from preventing the default action.

2015-06-10  Matt Rajca  <mrajca@apple.com>

        Explicitly keep track of active HTMLMediaElements in MediaSessions.
        https://bugs.webkit.org/show_bug.cgi?id=145829

        Reviewed by Eric Carlson.

        * Modules/mediasession/MediaSession.cpp: Add support for keeping track of active media elements.
        (WebCore::MediaSession::addActiveMediaElement):
        * Modules/mediasession/MediaSession.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::playInternal): If the paused attribute is true and the readyState attribute has the
          value HAVE_FUTURE_DATA or HAVE_ENOUGH_DATA, the media element becomes an active participating element of the
          media session.

2015-06-10  Chris Dumez  <cdumez@apple.com>

        Drop unused argument for Node::didNotifySubtreeInsertions()
        https://bugs.webkit.org/show_bug.cgi?id=145845

        Reviewed by Andreas Kling.

        * dom/ContainerNodeAlgorithms.h:
        (WebCore::ChildNodeInsertionNotifier::notify):
        * dom/Node.h:
        (WebCore::Node::didNotifySubtreeInsertions):
        * html/HTMLFrameElementBase.cpp:
        (WebCore::HTMLFrameElementBase::didNotifySubtreeInsertions):
        * html/HTMLFrameElementBase.h:
        * svg/SVGFEImageElement.cpp:
        (WebCore::SVGFEImageElement::didNotifySubtreeInsertions):
        * svg/SVGFEImageElement.h:
        * svg/SVGMPathElement.cpp:
        (WebCore::SVGMPathElement::didNotifySubtreeInsertions):
        * svg/SVGMPathElement.h:
        * svg/SVGTRefElement.cpp:
        (WebCore::SVGTRefElement::didNotifySubtreeInsertions):
        * svg/SVGTRefElement.h:
        * svg/SVGTextPathElement.cpp:
        (WebCore::SVGTextPathElement::didNotifySubtreeInsertions):
        * svg/SVGTextPathElement.h:
        * svg/animation/SVGSMILElement.cpp:
        (WebCore::SVGSMILElement::didNotifySubtreeInsertions):
        * svg/animation/SVGSMILElement.h:

2015-06-10  KwangHyuk Kim  <hyuki.kim@samsung.com>

        [EFL] Jpeg image export implementation for Canvas.
        https://bugs.webkit.org/show_bug.cgi?id=145457

        Reviewed by Gyuyoung Kim.

        Add implementation of jpeg image export on Webkit EFL by using JPEGImageEncoder.

        No new tests, fast/canvas/toDataURL-supportedTypes.html can be reused.

        * PlatformEfl.cmake:
        * platform/MIMETypeRegistry.cpp:
        (WebCore::initializeSupportedImageMIMETypesForEncoding):
        * platform/graphics/cairo/ImageBufferCairo.cpp:
        * platform/graphics/efl/ImageBufferEfl.cpp: Added.
        (WebCore::writeFunction):
        (WebCore::encodeImage):
        (WebCore::ImageBuffer::toDataURL):
        * platform/image-encoders/JPEGImageEncoder.cpp:
        (WebCore::compressRGBABigEndianToJPEG):

2015-06-10  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Move KeyBindingTranslator from platform to WebKit2 layer
        https://bugs.webkit.org/show_bug.cgi?id=145840

        Reviewed by Martin Robinson.

        It's currently used only by WebKit2 in the UI process and it's
        another file built twice because of the GTK2 plugin process.

        * PlatformGTK.cmake:

2015-06-10  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Get rid of GetEditorCommandsForKeyEvent sync message
        https://bugs.webkit.org/show_bug.cgi?id=145598

        Reviewed by Žan Doberšek.

        * platform/PlatformKeyboardEvent.h:
        (WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent):
        (WebCore::PlatformKeyboardEvent::commands):
        * platform/gtk/KeyBindingTranslator.cpp: Use a single list of
        custom key bindings. We don't need to distinguish between key down and
        key press commands, since the web editor client already does that
        when executing the commands.
        (WebCore::KeyBindingTranslator::commandsForKeyEvent): This is
        getEditorCommandsForKeyEvent() renamed as commandsForKeyEvent(),
        since it now returns the list of commands to simplify the
        code. Also simplify the custom key bindings handling, by using the
        global list instead of moving it to a HashMap.
        (WebCore::KeyBindingTranslator::getEditorCommandsForKeyEvent): Deleted.
        * platform/gtk/KeyBindingTranslator.h:

2015-06-10  Per Arne Vollan  <peavo@outlook.com>

        [WinCairo] Crash on exit when terminating egl
        https://bugs.webkit.org/show_bug.cgi?id=145832

        Reviewed by Carlos Garcia Campos.

        Avoid terminating egl on exit for WinCairo.

        * platform/graphics/PlatformDisplay.cpp:
        (WebCore::PlatformDisplay::~PlatformDisplay):

2015-06-10  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        Refactor AudioContext implementation to enable automatic binding generation of promise-based methods
        https://bugs.webkit.org/show_bug.cgi?id=145223

        Reviewed by Darin Adler.

        Introducing DOMPromise as a typed wrapper above DeferredWrapper.
        This DOMPromise allows constraining Promise resolution/rejection to a single resolution type and rejection type. 
        This might be useful for typed callback usage of promise based APIs, like getUserMedia() or ReadableStreamReader.read().

        Applying DOMPromise to AudioContext close, suspend and resume.
        Changed binding code to represent what could be automatically generated by binding generator.
        Fixing unneeded copies of std::function callbacks.

        Disabling DOMPromise copy constructors to lower chances that resolution/rejection is done twice on the same object.

        Covered by existing tests.

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::addReaction):
        (WebCore::AudioContext::setState):
        (WebCore::AudioContext::suspend):
        (WebCore::AudioContext::resume):
        (WebCore::AudioContext::close):
        * Modules/webaudio/AudioContext.h:
        * bindings/js/JSAudioContextCustom.cpp:
        (WebCore::JSAudioContext::suspend):
        (WebCore::JSAudioContext::resume):
        (WebCore::JSAudioContext::close):
        * bindings/js/JSDOMPromise.cpp:
        (WebCore::DeferredWrapper::callFunction):
        * bindings/js/JSDOMPromise.h:
        (WebCore::DeferredWrapper::resolve):
        (WebCore::DeferredWrapper::reject):
        (WebCore::DOMPromise::DOMPromise):
        (WebCore::DOMPromise::resolve):
        (WebCore::DOMPromise::reject):

2015-06-10  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] Implement pulling of a source by a ReadableStream
        https://bugs.webkit.org/show_bug.cgi?id=145262

        Reviewed by Darin Adler

        Introduced abstract ReadableStream::doPull() which is overriden in ReadableJSStream.
        Added support to call the "pull" JS callback in ReadableJSStream::doPull().
        Added calls to pull as requested by the spec (when resolving a read callback, at start time...).

        Fixed issue in ReadableStreamReader::read() (use of successCallback(JSValue()) in lieu of endCallback())

        Covered by rebased tests.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::start): calling pull() once start.
        (WebCore::ReadableStream::pull): calling doPull() if readableStream states requires to.
        (WebCore::ReadableStream::read): calling pull() after resolving a read callback.
        * Modules/streams/ReadableStream.h:
        * Modules/streams/ReadableStreamReader.cpp:
        (WebCore::ReadableStreamReader::read): fixed JSValue() bug.
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::doPull): calling of JS callback.
        (WebCore::ReadableJSStream::storeException): catches exception and store them.
        (WebCore::ReadableJSStream::storeError): refactoring for checkForException.
        (WebCore::ReadableJSStream::enqueue):
        * bindings/js/ReadableJSStream.h:

2015-06-09  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        DeferredWrapper should clear its JS strong references once its promise is resolved/rejected
        https://bugs.webkit.org/show_bug.cgi?id=145753

        Reviewed by Darin Adler.

        Clear strong references at the end of DeferredWrapper::resolve and DeferredWrapper::reject.
        Added assertions to check that resolve or reject is called only once.

        Removed DeferredWrapper constructor that creates internally its promise.
        Reason is DeferredWrapper can be resolved synchronously and promise
        will be lost when returning it at the end of the binding promise function.
        Updated all custom bindings accordingly.

        Covered by existing tests.

        * bindings/js/JSAudioContextCustom.cpp:
        (WebCore::JSAudioContext::suspend): Updated DeferredWrapper constructor to properly return the promise.
        (WebCore::JSAudioContext::resume): Ditto.
        (WebCore::JSAudioContext::close): Ditto.
        * bindings/js/JSDOMPromise.cpp:
        (WebCore::DeferredWrapper::resolve): Cleared strong references after promise resolution.
        (WebCore::DeferredWrapper::reject): Cleared strong references after promise rejection.
        * bindings/js/JSDOMPromise.h:
        (WebCore::DeferredWrapper::resolve): Added ASSERT to check promise is not yet rejected/resolved.
        (WebCore::DeferredWrapper::reject): Ditto.
        (WebCore::DeferredWrapper::reject<ExceptionCode>): Ditto.
        (WebCore::DeferredWrapper::resolve<String>): Ditto.
        (WebCore::DeferredWrapper::resolve<bool>): Ditto.
        (WebCore::DeferredWrapper::resolve<JSC::JSValue>): Ditto.
        (WebCore::char>>):
        (WebCore::DeferredWrapper::reject<String>): Ditto.
        * bindings/js/JSMediaDevicesCustom.cpp:
        (WebCore::JSMediaDevices::getUserMedia): Updated DeferredWrapper constructor to properly return the promise.
        * bindings/js/JSReadableStreamReaderCustom.cpp:
        (WebCore::JSReadableStreamReader::read): Ditto.
        (WebCore::JSReadableStreamReader::closed): Ditto.
        * bindings/js/JSSubtleCryptoCustom.cpp:
        (WebCore::JSSubtleCrypto::encrypt): Ditto.
        (WebCore::JSSubtleCrypto::decrypt): Ditto.
        (WebCore::JSSubtleCrypto::sign): Ditto.
        (WebCore::JSSubtleCrypto::verify): Ditto.
        (WebCore::JSSubtleCrypto::digest): Ditto.
        (WebCore::JSSubtleCrypto::generateKey): Ditto.
        (WebCore::JSSubtleCrypto::importKey): Ditto.
        (WebCore::JSSubtleCrypto::exportKey): Ditto.
        (WebCore::JSSubtleCrypto::wrapKey): Ditto.
        (WebCore::JSSubtleCrypto::unwrapKey): Ditto.

2015-06-09  Zalan Bujtas  <zalan@apple.com>

        Protect FrameView from being destroyed in Document::recalcStyle()
        https://bugs.webkit.org/show_bug.cgi?id=143033
        rdar://problem/20326871

        Reviewed by Andreas Kling.

        This patch ensures that FrameView stays valid in Document::recalcStyle().
        It follows the defensive pattern we use to deal with the refcounted FrameView (see EventDispatcher::dispatchEvent)

        When the iframe destroys itself in the onBeforeLoad callback (as the result of
        PostResolutionCallbackDisabler -> HTMLObjectElement::updateWidget -> guardedDispatchBeforeLoadEvent),
        we detach the frame and release the FrameView. However Document::recalcStyle() expects
        the FrameView to stay valid.

        Covered by fast/frames/flattening/crash-remove-iframe-during-object-beforeload.html.

        * dom/Document.cpp:
        (WebCore::Document::recalcStyle):

2015-06-09  Daegyu Lee  <daegyu.lee@navercorp.com>

        3D-transformed video does not display on platforms without accelerated video rendering
        https://bugs.webkit.org/show_bug.cgi?id=144782

        Reviewed by Simon Fraser.

        Video element does not get GraphicsLayer when MediaPlayerPrivate::supportsAcceleratedRendering() returns false
        which means not using accelerated video decoding.
        Although the video element gets GraphicsLayer by changing the CSS style of video element by javascript,
        there is no way to set GraphicsLayer::setDrawsContent(true) for updating the video content.
        As a result, after changing the CSS style, the video content does not show.
        To avoid missing setDrawsContent(true), add conditions(!supportsAcceleratedRendering() && m_requiresOwnBackingStore).

        Test: media/video-transformed-by-javascript.html
              media/video-transformed-by-javascript-expected.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::containsPaintedContent):

2015-06-09  Ryosuke Niwa  <rniwa@webkit.org>

        REGRESSION(r180867): Tabbing to login field on iCloud.com doesn't have highlight for text
        https://bugs.webkit.org/show_bug.cgi?id=145830

        Reviewed by Darin Adler.

        The bug was caused by setSelection not updating RenderView when there is a style recalc scheduled
        that doesn't trigger a layout. Fixed the bug by explicitly updating the selection in
        Document::recalcStyle in that case.

        Test: editing/selection/update-selection-by-style-change.html

        * dom/Document.cpp:
        (WebCore::Document::recalcStyle):
        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::updateAppearanceAfterLayout): Renamed from didLayout.
        * editing/FrameSelection.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::performPostLayoutTasks):

2015-06-09  Dean Jackson  <dino@apple.com>

        MediaControls: Reenable resize of controls on pinch zoom
        https://bugs.webkit.org/show_bug.cgi?id=145824
        <rdar://problem/21212778>

        Reviewed by Darin Adler.

        Reinstate the code that updated the scaling of the
        controls in response to changes in page scale.
        This time around we have to change both the controls
        panel, and its blurry background.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.set pageScaleFactor): Deleted a comment.
        * Modules/mediacontrols/mediaControlsiOS.css:
        (video::-webkit-media-controls-panel-background): Set the background to pin
        to the bottom of its view.
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.get pageScaleFactor): Basic getter, copied from mediaControlsApple.
        (ControllerIOS.prototype.set pageScaleFactor): The setter that reacts to the page scale
        and applies an inverse scaling on the control panel using a transform, and adjusts the
        height on the background similarly.

2015-06-09  Andreas Kling  <akling@apple.com>

        GraphicsContext state stack wasting lots of memory when empty.
        <https://webkit.org/b/145817>

        Reviewed by Geoffrey Garen.

        Give the GraphicsContextState stack an inline capacity of 1, and make sure
        to free any heap-allocated backing store when the stack goes empty.

        The 1 is because HTMLCanvasElement keeps one "save" on the underlying
        GraphicsContext at all times, and this prevents those canvases from always
        sitting on an empty stack with 16 capacity.

        This saves ~520 kB on cnet.com video pages.

        * platform/graphics/GraphicsContext.cpp:
        (WebCore::GraphicsContext::restore):
        * platform/graphics/GraphicsContext.h:

2015-06-09  Said Abou-Hallawa  <sabouhallawa@apple.com>

        SVG Fragment is not rendered if it is the css background image of an HTML element
        https://bugs.webkit.org/show_bug.cgi?id=91790

        Reviewed by Darin Adler.

        To show an SVG fragment, the SVGImage has to scrollToFragment() using
        the resource url. The changes http://trac.webkit.org/changeset/164804
        and http://trac.webkit.org/changeset/164983 set the url of SVGImage to
        to be used later in SVGImage::draw(). The problem is the SVGImage url
        is only set when it is the src of an <img> tag. We did not do the same
        thing when the SVGImage is the css background image of an HTML element.
        
        The fix is to set the url of the SVGImage always when it's created by 
        the CachedImage. The CachedImage must have a valid url when the SVGImage
        is created.

        Test: svg/css/svg-resource-fragment-identifier-background.html

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::load):
        (WebCore::CachedImage::checkShouldPaintBrokenImage):
        Replace the calls resourceRequest().url() and m_resourceRequest.url() by
        calling url() since they are all the same.
        
        (WebCore::CachedImage::createImage): Pass the resource url to SVGImage
        and change ImageObserver& by ImageObserver*, since null is not legal.
        
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::SVGImage):
        * svg/graphics/SVGImage.h: Add a url parameter to SVGImage constructor.
        
        * svg/graphics/SVGImageCache.cpp:
        (WebCore::SVGImageCache::findImageForRenderer): Add a new helper function.
        
        (WebCore::SVGImageCache::imageSizeForRenderer):
        (WebCore::SVGImageCache::imageForRenderer): Code clean up.
        
        * svg/graphics/SVGImageCache.h: Make imageForRenderer() const.

        * svg/graphics/SVGImageForContainer.cpp: Remove unneeded header file.

2015-06-09  Matt Rajca  <mrajca@apple.com>

        Add support for toggling playback in MediaSessions and MediaSessionManagers.
        https://bugs.webkit.org/show_bug.cgi?id=145822

        Reviewed by Eric Carlson.

        * Modules/mediasession/MediaSession.cpp: Toggle playback of all active media elements.
        (WebCore::MediaSession::togglePlayback):
        * Modules/mediasession/MediaSession.h:
        * Modules/mediasession/MediaSessionManager.cpp: Toggle playback of all media sessions as described in the
          Media Session spec.
        (WebCore::MediaSessionManager::togglePlayback):
        * Modules/mediasession/MediaSessionManager.h:

2015-06-09  Darin Adler  <darin@apple.com>

        Takes two delete key presses to delete pasted emoji up-pointing index finger with skin tone
        https://bugs.webkit.org/show_bug.cgi?id=145823

        Reviewed by Anders Carlsson.

        Tests: editing/deleting/delete-emoji.html

        * rendering/RenderText.cpp:
        (WebCore::isHangulLVT): Use constants instead of macros. Also changed to take a UChar since
        the Hangul processing can work on UTF-16 code unit at a time and doesn't have to handle
        surrogate pairs.
        (WebCore::isMark): Use U_GC_M_MASK instead of writing the algorithm out another way.
        (WebCore::isInArmenianToLimbuRange): Added.
        (WebCore::RenderText::previousOffsetForBackwardDeletion): Refactored for clarity and to use
        the U16_PREV macro instead of doing what it does in a sloppier way. Added code to allow a
        variation selector before an emoji modifier to fix the bug. Changed Hangul logic to work a
        code unit at a time, since it can, to use an enum class, and to use constants rather than
        all capital macros. Also changed the "dumb" case to use a more appropriate ICU macro.

2015-06-09  Said Abou-Hallawa  <sabouhallawa@apple.com>

        feComposite filter does not clip the paint rect to its effect rect when the operator is 'in' or 'atop'
        https://bugs.webkit.org/show_bug.cgi?id=137856

        Reviewed by Darin Adler.

        There was bug in calculating the absolutePaintRect of the feComposite filter
        when the operator is equal to 'in' or 'atop'. The absolutePaintRect was set
        to the absolutePaintRect of the background FilterEffect which is correct.
        What was missing is clipping this rectangle to the maxEffectRect of the
        filter which we do for other operators.

        Tests: svg/filters/feComposite-background-rect-control-operators.svg

        * platform/graphics/IntRect.h:
        (WebCore::operator-=):
        (WebCore::operator-): Add new operators to IntRect.

        * platform/graphics/filters/FEComposite.cpp:
        (WebCore::FEComposite::determineAbsolutePaintRect): Make sure the filter
        absolutePaintRect is clipped to maxEffectRect for all operators.
        
        (WebCore::FEComposite::platformApplySoftware): Code clean-up.
        
        * platform/graphics/filters/FilterEffect.cpp:
        (WebCore::FilterEffect::determineAbsolutePaintRect): Move the clipping
        part to a separate function.
        
        (WebCore::FilterEffect::clipAbsolutePaintRect): Clip the absolutePaintRect
        to the maxEffectRect of the filter.
        
        * platform/graphics/filters/FilterEffect.h:

2015-06-09  Matt Rajca  <mrajca@apple.com>

        Implement MediaSessionManager to keep track of all MediaSessions.
        https://bugs.webkit.org/show_bug.cgi?id=145806

        Reviewed by Eric Carlson.

        * Modules/mediasession/MediaSession.cpp:
        (WebCore::MediaSession::MediaSession): Add ourselves to the MediaSessionManager upon construction.
        (WebCore::MediaSession::~MediaSession): Remove ourselves from the MediaSessionManager before destruction.
        * Modules/mediasession/MediaSessionManager.cpp: Added to keep track of all living MediaSessions.
        (WebCore::MediaSessionManager::singleton):
        (WebCore::MediaSessionManager::addMediaSession):
        (WebCore::MediaSessionManager::removeMediaSession):
        * Modules/mediasession/MediaSessionManager.h: Added.
        * WebCore.xcodeproj/project.pbxproj: Added new MediaSessionManager sources.

2015-06-09  Ryuan Choi  <ryuan.choi@navercorp.com>

        [CoordinatedGraphics] Remove RefCounted from Tile
        https://bugs.webkit.org/show_bug.cgi?id=145788

        Reviewed by Darin Adler.

        Since r185140, Tile does not need to be RefCounted.

        No new tests, no behavior changes.

        * platform/graphics/texmap/coordinated/Tile.cpp:
        (WebCore::Tile::create): Deleted.
        * platform/graphics/texmap/coordinated/Tile.h:
        * platform/graphics/texmap/coordinated/TiledBackingStore.cpp:
        (WebCore::TiledBackingStore::invalidate):
        (WebCore::TiledBackingStore::updateTileBuffers): Simplifies not to use unnecessary Vector.
        (WebCore::TiledBackingStore::coverageRatio):
        (WebCore::TiledBackingStore::createTiles):
        (WebCore::TiledBackingStore::resizeEdgeTiles):
        (WebCore::TiledBackingStore::setKeepRect):
        (WebCore::TiledBackingStore::tileAt): Deleted one line wrapper.
        (WebCore::TiledBackingStore::setTile): Ditto.
        (WebCore::TiledBackingStore::removeTile): Ditto.
        * platform/graphics/texmap/coordinated/TiledBackingStore.h:

2015-06-09  Chris Dumez  <cdumez@apple.com>

        Allow one sync GC per gcTimer interval on critical memory pressure warning
        https://bugs.webkit.org/show_bug.cgi?id=145773

        Reviewed by Geoffrey Garen.

        * bindings/js/GCController.cpp:
        (WebCore::GCController::garbageCollectNowIfNotDoneRecently):

        Add new GCController::garbageCollectNowIfNotDoneRecently() API that
        allows one synchronous GC per full GC timer interval. If called more
        than once per interval, it becomes equivalent to garbageCollectSoon()
        and merely accelerates the next collection.

        * bindings/js/GCController.h:
        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::releaseCriticalMemory):

        Call the new GCController::garbageCollectNowIfNotDoneRecently() on
        critical memory pressure instead of garbageCollectionSoon() to try
        as do a synchronous GC if one wasn't already done recently.
        Also drop call to fullSweep() as GCController::garbageCollectNow*()
        already do a sweep after the collection.

2015-06-09  Darin Adler  <darin@apple.com>

        Follow-up fix for:
        JavaScript bindings are unnecessarily checking for impossible empty JSValue arguments
        https://bugs.webkit.org/show_bug.cgi?id=145811

        There was one unusual case in the bindings generator that was depending on this.

        * bindings/js/JSDOMBinding.h:
        (WebCore::argumentOrNull): Deleted.
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateParametersCheck): Stop using argumentOrNull.
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp: Updated.
        * bindings/scripts/test/JS/JSTestObj.cpp: Updated.

2015-06-09  Darin Adler  <darin@apple.com>

        JavaScript bindings are unnecessarily checking for impossible empty JSValue arguments
        https://bugs.webkit.org/show_bug.cgi?id=145811

        Reviewed by Antti Koivisto.

        At some point, someone who didn't understand JSValue very well added checks for
        isEmpty (and the function isEmpty itself) in JavaScript bindings. But the engine
        never would pass an empty JSValue to a binding; that's used only inside the
        engine itself. I think this was done by some Google V8 experts a while back, so
        it's not entirely surprising they didn't understand this. But we don't want to
        keep all that unneeded code.

        * bindings/js/JSAudioTrackCustom.cpp:
        (WebCore::JSAudioTrack::setKind): Removed the isEmpty clause here. I presume this
        was copied and pasted from script-generated bindings. While I was at it, I used a
        slightly more efficient code path that avoids doing a ref/deref on the string by
        using auto&. That's trickier to do correctly for functions with more than one
        argument, so I didn't do it in the bindings generator yet.
        (WebCore::JSAudioTrack::setLanguage): Ditto.
        * bindings/js/JSTextTrackCustom.cpp:
        (WebCore::JSTextTrack::setKind): Ditto.
        (WebCore::JSTextTrack::setLanguage): Ditto.
        * bindings/js/JSVideoTrackCustom.cpp:
        (WebCore::JSVideoTrack::setKind): Ditto.
        (WebCore::JSVideoTrack::setLanguage): Ditto.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation): Use "=" syntax instead of constructor style syntax for
        the argument processing. I think this is more readable.
        (GenerateParametersCheck): For the enum code path, did the more efficient auto&
        idiom to avoid ref/deref on a string. For the toExistingAtomicString path,
        restructured so we don't have to check the flag indicating that something is atomic.
        Later we could also avoid the ref/deref; added a FIXME about that.
        (GetNativeType): Use String, not const String, for local variables. Sure, the
        string is const, but so is every other local variable type we use! No need to be
        wordy about it.
        (JSValueToNative): Removed the uneeded calls to isEmpty. Since the call sites no
        longer use construction syntax, used initializer syntax style for a couple classes
        that are constructed with multiple arguments.

        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp: Updated.
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestEventTarget.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestInterface.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestNondeterministic.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestObj.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestTypedefs.cpp: Ditto.

2015-06-09  Csaba Osztrogonác  <ossy@webkit.org>

        Fix unused private field warning in GraphicsLayerUpdater.h
        https://bugs.webkit.org/show_bug.cgi?id=145757

        Reviewed by Darin Adler.

        * platform/graphics/GraphicsLayerUpdater.cpp:
        (WebCore::GraphicsLayerUpdater::GraphicsLayerUpdater):
        * platform/graphics/GraphicsLayerUpdater.h:

2015-06-09  Yusuke Suzuki  <utatane.tea@gmail.com>

        Crash when passing Symbol to NPAPI plugin objects
        https://bugs.webkit.org/show_bug.cgi?id=145798

        Reviewed by Darin Adler.

        Test: plugins/npruntime/script-object-with-symbols.html

        For C bridge APIs, we add guards for symbols.
        This is the same to the existing guards in Objective-C APIs.

        * bridge/c/c_class.cpp:
        (JSC::Bindings::CClass::methodNamed):
        (JSC::Bindings::CClass::fieldNamed):
        * bridge/objc/objc_class.mm:
        (JSC::Bindings::ObjcClass::methodNamed):
        (JSC::Bindings::ObjcClass::fieldNamed):
        (JSC::Bindings::ObjcClass::fallbackObject):

2015-06-09  Csaba Osztrogonác  <ossy@webkit.org>

        [cmake] Fix the style issues in cmake project files
        https://bugs.webkit.org/show_bug.cgi?id=145755

        Reviewed by Darin Adler.

        * CMakeLists.txt:
        * PlatformEfl.cmake:
        * PlatformGTK.cmake:
        * PlatformMac.cmake:
        * PlatformWin.cmake:
        * PlatformWinCairo.cmake:

2015-06-09  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] ReadableJSStream should handle JS source getters that throw
        https://bugs.webkit.org/show_bug.cgi?id=145600

        Reviewed by Darin Adler.

        Checking whether there is an exception when trying to access to a source method.
        If so, rethrowing it in case of "start".

        Refactoring of code to prepare pulling, cancelling and additional parameter handling in ReadableStream construtor.

        Fixed the case of ReadableStream constructor called with an undefined parameter.

        Covered by rebased test expectation.

        * bindings/js/JSReadableStreamCustom.cpp:
        (WebCore::constructJSReadableStream): Refactoring to group all parameter check and exception handling in ReadableJSStream::create.
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::getPropertyFromObject):
        (WebCore::callFunction):
        (WebCore::ReadableJSStream::invoke): Added method to be used also for pulling and cancelling.
        (WebCore::ReadableJSStream::doStart):
        (WebCore::ReadableJSStream::create):
        * bindings/js/ReadableJSStream.h:

2015-06-08  Dan Bernstein  <mitz@apple.com>

        Made MicroTask.h a project header.

        Rubber-stamped by Anders Carlsson.

        * WebCore.xcodeproj/project.pbxproj: Demoted MicroTask.h from Public to Project. WebCore
        doesn’t have public headers, and this header isn’t used by WebKit.

2015-06-08  Gyuyoung Kim  <gyuyoung.kim@webkit.org>

        Purge PassRefPtr in JavaScriptCore
        https://bugs.webkit.org/show_bug.cgi?id=145750

        Reviewed by Darin Adler.

        As a step to purge PassRefPtr, this patch replaces PassRefPtr with Ref or RefPtr.

        No new tests, no behavior changes.

        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::commonVM):

2015-06-08  Zalan Bujtas  <zalan@apple.com>

        Subpixel rendering: Clip-path does not work properly on subpixel positions.
        https://bugs.webkit.org/show_bug.cgi?id=145749
        rdar://problem/20824305

        Reviewed by Simon Fraser.

        This patch ensures that clip-path is device pixel snapped both for composited and
        non-composited content.

        Tests: compositing/masks/compositing-clip-path-on-subpixel-position.html
               fast/masking/clip-path-on-subpixel-position.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::setupClipPath):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateMaskingLayerGeometry):

2015-06-08  Chris Dumez  <cdumez@apple.com>

        Access GCController instance via GCController::singleton() instead of a free function
        https://bugs.webkit.org/show_bug.cgi?id=145776

        Reviewed by Darin Adler.

        Access GCController instance via GCController::singleton() instead of a
        free function as per coding style and for consistency with other
        singleton classes in the codebase.

        * bindings/js/GCController.cpp:
        (WebCore::GCController::singleton):
        (WebCore::gcController): Deleted.
        * bindings/js/GCController.h:
        * bindings/js/JSDOMWindowShell.cpp:
        (WebCore::JSDOMWindowShell::setWindow):
        * bindings/js/ScriptCachedFrameData.cpp:
        (WebCore::ScriptCachedFrameData::clear):
        * bindings/js/ScriptController.cpp:
        (WebCore::collectGarbageAfterWindowShellDestruction):
        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::releaseCriticalMemory):

2015-06-08  Daniel Bates  <dabates@apple.com>

        Mouse release on AutoFill button activates it; should only activate on click
        https://bugs.webkit.org/show_bug.cgi?id=145774
        <rdar://problem/21069245>

        Reviewed by Ryosuke Niwa.

        Fixes an issue where a click event was dispatched to a shadow tree node regardless of whether
        both the mouse press and mouse release were targeted at it. In particular, releasing the mouse
        on the AutoFill button activates it regardless of whether the mouse was pressed on it.

        Currently we always dispatch a click event to a node n where the mouse was released when n is
        in a shadow tree regardless of whether the mouse was pressed on n. Instead we should only
        dispatch a click event to n if the mouse was pressed and released on n. If n is a shadow tree
        descendant, the mouse was released on n, and n never received a mouse press then we should
        dispatch the click event at the shadow host element of n to preserve the illusion to web
        developers that the shadow host element is a single element.

        Test: fast/forms/auto-fill-button/mouse-down-input-mouse-release-auto-fill-button.html

        * page/EventHandler.cpp:
        (WebCore::targetNodeForClickEvent): Added; returns the target node for the DOM click event.
        (WebCore::EventHandler::handleMouseReleaseEvent): Modified to use dispatch the DOM click event
        at the node returned by targetNodeForClickEvent().
        (WebCore::mouseIsReleasedOnPressedElement): Deleted.

2015-06-08  Chris Dumez  <cdumez@apple.com>

        WebContent crash in WebCore::Page::sessionID() const + 0 (Page.cpp:1660)
        https://bugs.webkit.org/show_bug.cgi?id=145748
        <rdar://problem/21226577>

        Reviewed by Brady Eidson.

        We would sometimes crash when pruning the PageCache because it was
        possible for frames to still be loading while in the PageCache and
        we would try to stop the load when the CachedFrame is destroyed. This
        code path was not supposed to be exercised as we were not supposed to
        have pages still loading inside the PageCache.

        r185017 made sure we don't insert into the PageCache pages that are
        still loading. However, nothing was preventing content from starting
        new loads in their 'pagehide' event handlers, *after* the decision
        to put the page in the PageCache was made.

        This patch prevents content from starting loads from a 'pagehide'
        event handler so that we can no longer have content that is loading
        inside the PageCache. 'ping' image loads still go through though as
        these are specially handled and use PingLoaders.

        Tests: http/tests/navigation/image-load-in-pagehide-handler.html
               http/tests/navigation/subframe-pagehide-handler-starts-load.html
               http/tests/navigation/subframe-pagehide-handler-starts-load2.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::FrameLoader):
        (WebCore::FrameLoader::stopLoading):
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::loadWithDocumentLoader):
        (WebCore::FrameLoader::stopAllLoaders):
        (WebCore::FrameLoader::handleBeforeUnloadEvent):
        * loader/FrameLoader.h:
        (WebCore::FrameLoader::pageDismissalEventBeingDispatched):
        (WebCore::FrameLoader::PageDismissalEventType::PageDismissalEventType):
        (WebCore::FrameLoader::PageDismissalEventType::operator Page::DismissalType):

        Add wrapper class for m_pageDismissalEventBeingDispatched member type.
        The wrapper takes care of updating the m_dismissalEventBeingDispatched
        member on the Page every time the member on FrameLoader is updated. We
        now cache this information on the Page so that clients can cheaply
        query if a dismissal event is being dispatched in any of the Page's
        frame, without having to traverse the frame tree.

        * loader/ImageLoader.cpp:
        (WebCore::pageIsBeingDismissed):

        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::load):

        Abort the load early if we are currently dispatching a 'pagehide'
        event. We don't allow new loads at such point because we've already
        made the decision to add the Page to the PageCache.

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestImage):

        * page/Chrome.cpp:
        (WebCore::Chrome::runModal): Deleted.
        (WebCore::Chrome::setToolbarsVisible): Deleted.
        (WebCore::Chrome::toolbarsVisible): Deleted.
        (WebCore::Chrome::runJavaScriptConfirm): Deleted.
        (WebCore::Chrome::runJavaScriptPrompt): Deleted.
        (WebCore::Chrome::shouldInterruptJavaScript): Deleted.
        * page/Chrome.h:
        * page/ChromeClient.h:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::canShowModalDialogNow):

        Drop ChromeClient::shouldRunModalDialogDuringPageDismissal() and code
        using it as it is unused and I did not think it was worth updating
        this code.

        * page/Page.h:
        (WebCore::Page::dismissalEventBeingDispatched):
        (WebCore::Page::setDismissalEventBeingDispatched):

        Add a m_dismissalEventBeingDispatched member to the Page so that we can
        easily query if a dismissal event is being dispatched in any of the
        frames, without having to traverse the frame tree. I suspect more call
        sites of FrameLoader::pageDismissalEventBeingDispatched() may actually
        want this but I did not make such change in this patch. It is important
        to check all the frames and not simply the current one because a frame's
        pagehide event handler may trigger a load in another frame.

2015-06-08  Hunseop Jeong  <hs85.jeong@samsung.com>

        Replaced 0 with nullptr in WebCore/Modules.
        https://bugs.webkit.org/show_bug.cgi?id=145758

        Reviewed by Darin Adler.

        No new tests, no behavior changes.

        * Modules/battery/BatteryManager.cpp:
        (WebCore::BatteryManager::BatteryManager):
        * Modules/encryptedmedia/CDM.cpp:
        (WebCore::CDM::CDM):
        * Modules/encryptedmedia/MediaKeys.cpp:
        (WebCore::MediaKeys::MediaKeys):
        (WebCore::MediaKeys::~MediaKeys):
        * Modules/indexeddb/IDBCursor.h:
        (WebCore::IDBCursor::continueFunction):
        * Modules/indexeddb/IDBCursorBackendOperations.cpp:
        (WebCore::CursorAdvanceOperation::perform):
        (WebCore::CursorIterationOperation::perform):
        * Modules/indexeddb/IDBDatabase.cpp:
        (WebCore::IDBDatabase::transactionFinished):
        * Modules/indexeddb/IDBDatabaseCallbacksImpl.cpp:
        (WebCore::IDBDatabaseCallbacksImpl::IDBDatabaseCallbacksImpl):
        * Modules/indexeddb/IDBEventDispatcher.cpp:
        (WebCore::IDBEventDispatcher::dispatch):
        * Modules/indexeddb/IDBIndex.h:
        (WebCore::IDBIndex::openCursor):
        (WebCore::IDBIndex::count):
        (WebCore::IDBIndex::openKeyCursor):
        * Modules/indexeddb/IDBObjectStore.cpp:
        (WebCore::IDBObjectStore::add):
        (WebCore::IDBObjectStore::put):
        (WebCore::IDBObjectStore::index):
        (WebCore::IDBObjectStore::openCursor):
        * Modules/indexeddb/IDBObjectStore.h:
        (WebCore::IDBObjectStore::count):
        * Modules/indexeddb/IDBOpenDBRequest.cpp:
        (WebCore::IDBOpenDBRequest::onUpgradeNeeded):
        (WebCore::IDBOpenDBRequest::onSuccess):
        * Modules/indexeddb/IDBRequest.cpp:
        (WebCore::IDBRequest::IDBRequest):
        * Modules/indexeddb/IDBTransaction.cpp:
        (WebCore::IDBTransaction::OpenCursorNotifier::cursorFinished):
        * Modules/indexeddb/IDBTransactionBackend.cpp:
        (WebCore::IDBTransactionBackend::commit):
        * Modules/indexeddb/IDBTransactionBackendOperations.cpp:
        (WebCore::OpenCursorOperation::perform):
        * Modules/indieui/UIRequestEvent.cpp:
        (WebCore::UIRequestEventInit::UIRequestEventInit):
        (WebCore::UIRequestEvent::UIRequestEvent):
        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::MediaSource):
        (WebCore::MediaSource::setReadyState):
        (WebCore::MediaSource::removeSourceBuffer):
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::~SourceBuffer):
        (WebCore::SourceBuffer::removedFromMediaSource):
        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::~MediaStream):
        * Modules/mediastream/MediaStreamEvent.cpp:
        (WebCore::MediaStreamEventInit::MediaStreamEventInit):
        * Modules/mediastream/MediaStreamTrackEvent.cpp:
        (WebCore::MediaStreamTrackEventInit::MediaStreamTrackEventInit):
        * Modules/mediastream/RTCDataChannel.cpp:
        (WebCore::RTCDataChannel::stop):
        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::contextDestroyed):
        * Modules/notifications/Notification.cpp:
        (WebCore::Notification::Notification):
        * Modules/notifications/Notification.h:
        * Modules/speech/SpeechSynthesis.cpp:
        (WebCore::SpeechSynthesis::SpeechSynthesis):
        (WebCore::SpeechSynthesis::setPlatformSynthesizer):
        (WebCore::SpeechSynthesis::cancel):
        (WebCore::SpeechSynthesis::handleSpeakingCompleted):
        * Modules/speech/SpeechSynthesisUtterance.cpp:
        (WebCore::SpeechSynthesisUtterance::~SpeechSynthesisUtterance):
        * Modules/webaudio/AudioBufferSourceNode.cpp:
        (WebCore::AudioBufferSourceNode::AudioBufferSourceNode):
        (WebCore::AudioBufferSourceNode::clearPannerNode):
        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::createMediaStreamSource):
        * Modules/webaudio/MediaElementAudioSourceNode.cpp:
        (WebCore::MediaElementAudioSourceNode::~MediaElementAudioSourceNode):
        * Modules/webaudio/OscillatorNode.cpp:
        (WebCore::OscillatorNode::setType):
        (WebCore::OscillatorNode::process):
        * Modules/webdatabase/DatabaseManager.cpp:
        (WebCore::DatabaseManager::DatabaseManager):
        * Modules/webdatabase/DatabaseThread.cpp:
        (WebCore::DatabaseThread::DatabaseThread):
        (WebCore::DatabaseThread::databaseThread):
        * Modules/webdatabase/DatabaseThread.h:
        * Modules/webdatabase/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::DatabaseTracker):
        * Modules/webdatabase/SQLCallbackWrapper.h:
        (WebCore::SQLCallbackWrapper::clear):
        (WebCore::SQLCallbackWrapper::unwrap):
        * Modules/webdatabase/SQLStatementBackend.cpp:
        (WebCore::SQLStatementBackend::clearFailureDueToQuota):
        * Modules/webdatabase/SQLTransaction.cpp:
        (WebCore::SQLTransaction::deliverTransactionErrorCallback):
        * Modules/webdatabase/SQLTransactionBackend.cpp:
        (WebCore::SQLTransactionBackend::doCleanup):
        (WebCore::SQLTransactionBackend::getNextStatement):
        * Modules/webdatabase/SQLTransactionCoordinator.cpp:
        (WebCore::SQLTransactionCoordinator::releaseLock):
        * Modules/websockets/ThreadableWebSocketChannelClientWrapper.cpp:
        (WebCore::ThreadableWebSocketChannelClientWrapper::ThreadableWebSocketChannelClientWrapper):
        (WebCore::ThreadableWebSocketChannelClientWrapper::clearPeer):
        (WebCore::ThreadableWebSocketChannelClientWrapper::clearClient):
        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::stop):
        * Modules/websockets/WebSocketChannel.cpp:
        (WebCore::WebSocketChannel::disconnect):
        (WebCore::WebSocketChannel::didCloseSocketStream):
        * Modules/websockets/WebSocketFrame.h:
        * Modules/websockets/WebSocketHandshake.cpp:
        (WebCore::WebSocketHandshake::clearScriptExecutionContext):
        (WebCore::WebSocketHandshake::readStatusLine):
        * Modules/websockets/WorkerThreadableWebSocketChannel.cpp:
        (WebCore::WorkerThreadableWebSocketChannel::Peer::disconnect):
        (WebCore::WorkerThreadableWebSocketChannel::Peer::didClose):
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::Bridge):

2015-06-08  Chris Fleizach  <cfleizach@apple.com>

        AX: improve list heuristics (presentational use versus actual lists)
       ​https://bugs.webkit.org/show_bug.cgi?id=134187

        Unreviewed. Rolling this change out temporarily.

        * accessibility/AccessibilityList.cpp:
        (WebCore::AccessibilityList::isDescriptionList):
        (WebCore::AccessibilityList::determineAccessibilityRole):
        (WebCore::AccessibilityList::childHasPseudoVisibleListItemMarkers): Deleted.
        * accessibility/AccessibilityList.h:

2015-06-08  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Enable AVFoundation by default when QTKit is disabled by default
        https://bugs.webkit.org/show_bug.cgi?id=145760

        Reviewed by Alexey Proskuryakov.

        No new tests, this change makes existing tests pass.

        Settings::gAVFoundationEnabled defaults to true.

        * page/Settings.cpp:
        (WebCore::invalidateAfterGenericFamilyChange):

2015-06-08  Ryosuke Niwa  <rniwa@webkit.org>

        Explicitly dismiss correction panel when user types a new character
        https://bugs.webkit.org/show_bug.cgi?id=145732
        <rdar://problem/19596892>

        Reviewed by Darin Adler.

        Explicitly dismiss the correction panel when the user types a new character.
        This patch shouldn't change any behavior we're currently relying on AppKit to do the same.

        Manually ran tests in ManualTests/autocorrection.

        * editing/AlternativeTextController.cpp:
        (WebCore::AlternativeTextController::respondToAppliedEditing):

2015-06-08  Javier Fernandez  <jfernandez@igalia.com>

        [CSS Grid Layout] Setting height on a grid item doesn't have any effect
        https://bugs.webkit.org/show_bug.cgi?id=145604

        Reviewed by Sergio Villar Senin.

        Box Alignment spec states that stretch is only possible when height is
        'auto' and no 'auto' margins are used.

        It might be the case that style changes so that stretching is not allowed,
        hence we need to detect it and clear the override height the stretching
        algorithm previously set. The new layout triggered by the style change
        will then set grid item's height according to the new style rules.

        Test: fast/css-grid-layout/grid-item-should-not-be-stretched-when-height-or-margin-change.html

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::applyStretchAlignmentToChildIfNeeded):

2015-06-08  Brady Eidson  <beidson@apple.com>

        Completely remove all IDB properties/constructors when it is disabled at runtime.
        rdar://problem/18429374 and https://bugs.webkit.org/show_bug.cgi?id=137034

        Reviewed by Geoffrey Garen.

        Test: storage/indexeddb/properties-disabled-at-runtime.html

        - Make constructors all runtime enabled.
        - Remove autogeneration of the window.(webkit)indexedDB accessors.
        - Add manual overrides for the (webkit)indexedDB accessors at runtime.
        
        * Modules/indexeddb/DOMWindowIndexedDatabase.idl:
        * Modules/indexeddb/IDBAny.idl:
        * Modules/indexeddb/IDBCursor.idl:
        * Modules/indexeddb/IDBCursorWithValue.idl:
        * Modules/indexeddb/IDBDatabase.idl:
        * Modules/indexeddb/IDBFactory.idl:
        * Modules/indexeddb/IDBIndex.idl:
        * Modules/indexeddb/IDBKeyRange.idl:
        * Modules/indexeddb/IDBObjectStore.idl:
        * Modules/indexeddb/IDBOpenDBRequest.idl:
        * Modules/indexeddb/IDBRequest.idl:
        * Modules/indexeddb/IDBTransaction.idl:
        * Modules/indexeddb/IDBVersionChangeEvent.idl:
        * page/DOMWindow.idl:

        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::jsDOMWindowIndexedDB):
        (WebCore::JSDOMWindow::getOwnPropertySlot):

2015-06-08  Michael Catanzaro  <mcatanzaro@igalia.com>

        [SOUP] Performs DNS prefetch when a proxy is configured (information leak)
        https://bugs.webkit.org/show_bug.cgi?id=145542

        Reviewed by Alexey Proskuryakov.

        No new tests, because it's hard to test whether a DNS request has been sent. We could do
        this by adding new API to modify the GProxyResolver and GResolver used by the SoupSession in
        the network process, but even if such API were desirable, it would be a big job. Tests
        should not be allowed to dictate our public API.

        * platform/network/DNSResolveQueue.cpp:
        (WebCore::DNSResolveQueue::add): Do not check whether the system is using a proxy, since
        this can't be determined for all ports here.
        (WebCore::DNSResolveQueue::timerFired): Do not check whether the system is using a proxy,
        since this can't be determined for all ports here.
        (WebCore::DNSResolveQueue::DNSResolveQueue): Remove member variables and member functions
        that are only needed by the CF backend. Rename platformResolve to
        platformMaybeResolveHost.
        (WebCore::DNSResolveQueue::isUsingProxy): Moved to DNSCFNet.cpp.
        * platform/network/DNSResolveQueue.h: Remove member variables that are only needed by the
        CF backend.
        * platform/network/cf/DNSCFNet.cpp:
        (WebCore::proxyIsEnabledInSystemPreferences): Renamed from
        platformProxyIsEnabledInSystemPreferences.
        (WebCore::isUsingProxy): Moved from DNSResolveQueue.cpp. The member variables removed from
        DNSResolveQueue are not static here. This is safe since it's a singleton.
        (WebCore::DNSResolveQueue::platformMaybeResolveHost): Renamed from platformResolve.
        Bail early from here if a proxy is configured.
        (WebCore::DNSResolveQueue::platformProxyIsEnabledInSystemPreferences): Renamed to
        proxyIsEnabledInSystemPreferences.
        (WebCore::DNSResolveQueue::platformResolve): Renamed to platformMaybeResolveHost.
        * platform/network/soup/DNSSoup.cpp:
        (WebCore::gotProxySettingsCallback): Added. Call soup_session_prefetch_dns from here only
        if a proxy would not be used to resolve the host.
        (WebCore::DNSResolveQueue::platformMaybeResolveHost): Renamed from platformResolve.
        Look up proxy settings using g_proxy_resolver_lookup_async rather than calling
        soup_session_prefetch_dns directly.
        (WebCore::DNSResolveQueue::platformProxyIsEnabledInSystemPreferences): Deleted.
        (WebCore::DNSResolveQueue::platformResolve): Renamed to platformMaybeResolveHost.

2015-06-08  Hunseop Jeong  <hs85.jeong@samsung.com>

        Use modern for-loops in WebCore/Modules - 2
        https://bugs.webkit.org/show_bug.cgi?id=145541

        Reviewed by Darin Adler.

        No new tests, no behavior changes.

        * Modules/mediastream/RTCConfiguration.h:
        (WebCore::RTCConfiguration::iceServers):
        * Modules/mediastream/RTCDTMFSender.cpp:
        (WebCore::RTCDTMFSender::scheduledEventTimerFired):
        * Modules/mediastream/RTCDataChannel.cpp:
        (WebCore::RTCDataChannel::scheduledEventTimerFired):
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::processIceServer):
        (WebCore::RTCPeerConnection::~RTCPeerConnection):
        (WebCore::RTCPeerConnection::getStreamById):
        (WebCore::RTCPeerConnection::hasLocalStreamWithTrackId):
        (WebCore::RTCPeerConnection::stop):
        (WebCore::RTCPeerConnection::scheduledEventTimerFired):
        * Modules/mediastream/RTCStatsReport.cpp:
        (WebCore::RTCStatsReport::names):
        * Modules/navigatorcontentutils/NavigatorContentUtils.cpp:
        (WebCore::initProtocolHandlerWhitelist):
        * Modules/speech/SpeechSynthesis.cpp:
        (WebCore::SpeechSynthesis::getVoices):
        * Modules/webaudio/AudioBuffer.cpp:
        (WebCore::AudioBuffer::memoryCost):
        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::createMediaStreamSource):
        (WebCore::AudioContext::derefFinishedSourceNodes):
        (WebCore::AudioContext::derefUnfinishedSourceNodes):
        (WebCore::AudioContext::handleDeferredFinishDerefs):
        (WebCore::AudioContext::handleDirtyAudioSummingJunctions):
        (WebCore::AudioContext::handleDirtyAudioNodeOutputs):
        (WebCore::AudioContext::updateAutomaticPullNodes):
        (WebCore::AudioContext::processAutomaticPullNodes):
        * Modules/webaudio/AudioNode.cpp:
        (WebCore::AudioNode::updateChannelsForInputs):
        (WebCore::AudioNode::checkNumberOfChannelsForInput):
        (WebCore::AudioNode::pullInputs):
        (WebCore::AudioNode::inputsAreSilent):
        (WebCore::AudioNode::silenceOutputs):
        (WebCore::AudioNode::unsilenceOutputs):
        (WebCore::AudioNode::enableOutputsIfNecessary):
        (WebCore::AudioNode::disableOutputsIfNecessary):
        (WebCore::AudioNode::finishDeref):
        * Modules/webaudio/AudioNodeInput.cpp:
        (WebCore::AudioNodeInput::numberOfChannels):
        (WebCore::AudioNodeInput::sumAllConnections):
        * Modules/webaudio/AudioNodeOutput.cpp:
        (WebCore::AudioNodeOutput::propagateChannelCount):
        (WebCore::AudioNodeOutput::disable):
        (WebCore::AudioNodeOutput::enable):
        * Modules/webaudio/AudioParam.cpp:
        (WebCore::AudioParam::calculateFinalValues):
        * Modules/webaudio/AudioParamTimeline.cpp:
        (WebCore::AudioParamTimeline::insertEvent):
        * Modules/webaudio/AudioSummingJunction.cpp:
        (WebCore::AudioSummingJunction::updateRenderingState):
        * Modules/webaudio/MediaStreamAudioSource.cpp:
        (WebCore::MediaStreamAudioSource::setAudioFormat):
        (WebCore::MediaStreamAudioSource::consumeAudio):
        * Modules/webaudio/WaveShaperProcessor.cpp:
        (WebCore::WaveShaperProcessor::setOversample):
        * Modules/webdatabase/DatabaseThread.cpp:
        (WebCore::DatabaseThread::handlePausedQueue):
        (WebCore::DatabaseThread::databaseThread):
        * Modules/webdatabase/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::interruptAllDatabasesForContext):
        (WebCore::DatabaseTracker::databaseNamesForOrigin):
        (WebCore::DatabaseTracker::getOpenDatabases):
        (WebCore::DatabaseTracker::usageForOrigin):
        (WebCore::DatabaseTracker::deleteAllDatabases):
        (WebCore::DatabaseTracker::deleteOrigin):
        (WebCore::DatabaseTracker::deleteDatabaseFile):
        (WebCore::DatabaseTracker::removeDeletedOpenedDatabases):
        (WebCore::DatabaseTracker::setDatabasesPaused):
        * Modules/webdatabase/SQLTransactionCoordinator.cpp:
        (WebCore::SQLTransactionCoordinator::shutdown):
        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::connect):
        * Modules/websockets/WebSocketExtensionDispatcher.cpp:
        (WebCore::WebSocketExtensionDispatcher::addProcessor):
        (WebCore::WebSocketExtensionDispatcher::appendAcceptedExtension):
        (WebCore::WebSocketExtensionDispatcher::processHeaderValue):
        * Modules/websockets/WebSocketHandshake.cpp:
        (WebCore::WebSocketHandshake::clientHandshakeMessage):

2015-06-07  Darin Adler  <darin@apple.com>

        REGRESSION (r181720): Unnecessary layout triggered any time animated GIF advances to a new frame
        https://bugs.webkit.org/show_bug.cgi?id=145733

        Reviewed by Andreas Kling.

        Test: fast/images/animated-gif-no-layout.html

        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::styleDidChange): Correctly pass ImageSizeChangeNone in cases
        where we don't need to report a change in intrinsic size that happened outside the
        repaintOrMarkForLayout function.
        (WebCore::RenderImage::repaintOrMarkForLayout): Move work that should only be done
        when size changed inside the if statement.

        * testing/Internals.cpp:
        (WebCore::Internals::layoutCount): Added.
        * testing/Internals.h: Added layoutCount.
        * testing/Internals.idl: Ditto.

2015-06-07  Michael Catanzaro  <mcatanzaro@igalia.com>

        Fix strncpy use in WebCore::Text::formatForDebugger
        https://bugs.webkit.org/show_bug.cgi?id=145608

        Reviewed by Darin Adler.

        r185137 replaced a call to strncpy with a call to strlcpy, which broke the build on Linux
        since strlcpy does not exist there. r185148 reverted this to use strncpy again, but got the
        size argument off by one, "introducing" a buffer overrun. But this code has always been
        wrong, since it used strncpy without ensuring that the buffer is null-terminated after the
        call to strncpy. Fix this as well.

        * dom/Text.cpp:
        (WebCore::Text::formatForDebugger):

2015-06-07  Antti Koivisto  <antti@apple.com>

        CrashTracer: [USER] com.apple.WebKit.WebContent.Development at com.apple.WebCore: WebCore::FrameLoader::subresourceCachePolicy const + 11
        https://bugs.webkit.org/show_bug.cgi?id=145736
        rdar://problem/21246971

        Reviewed by David Kilzer.

        No repro, no test.

        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::setCSSStyleSheet):

            Null check frame. It may be null during frame teardown.

2015-06-06  Anders Carlsson  <andersca@apple.com>

        Remove support from getting plug-in information from Carbon resources
        https://bugs.webkit.org/show_bug.cgi?id=145730

        Reviewed by Dan Bernstein.

        Remove a now unused function.

        * platform/mac/WebCoreNSStringExtras.h:
        * platform/mac/WebCoreNSStringExtras.mm:
        (stringEncodingForResource): Deleted.

2015-06-06  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r185284.
        https://bugs.webkit.org/show_bug.cgi?id=145723

        it needs some discussion before landing (Requested by dino on
        #webkit).

        Reverted changeset:

        "[iOS] Don't force compositing layers for no-op 3D transforms
        on low-memory devices."
        https://bugs.webkit.org/show_bug.cgi?id=145719
        http://trac.webkit.org/changeset/185284

2015-06-06  Ryosuke Niwa  <rniwa@webkit.org>

        Typing is slow in Gmail on iPads
        https://bugs.webkit.org/show_bug.cgi?id=145686

        Reviewed by Enrica Casucci.

        The bug was caused by nextCandidate and nextVisuallyDistinctCandidate traversing through each character
        in a text node without a renderer. Skip any node that doesn't have a renderer in both of those functions
        and corresponding previous* functions.

        It's fine to skip unrendered nodes in PositionIterator because only other clients of PositionIterator
        are Position::upstream and Position::downstream and they don't care about un-rendered nodes either.

        * dom/PositionIterator.cpp:
        (WebCore::PositionIterator::increment):
        (WebCore::PositionIterator::decrement):
        * editing/htmlediting.cpp:
        (WebCore::nextVisuallyDistinctCandidate):
        (WebCore::previousVisuallyDistinctCandidate):

2015-06-06  Mark Lam  <mark.lam@apple.com>

        Returned Exception* values need to be initialized to nullptr when no exceptions are thrown.
        https://bugs.webkit.org/show_bug.cgi?id=145720

        Reviewed by Dan Bernstein.

        No new tests because this issue is already covered by the existing inspector-protocol tests.

        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::evaluate):

2015-06-05  Andreas Kling  <akling@apple.com>

        [iOS] Don't force compositing layers for no-op 3D transforms on low-memory devices.
        <https://webkit.org/b/145719>
        <rdar://problem/19973042>

        Reviewed by Geoffrey Garen.

        We put elements with 3D identity transforms onto compositing layers because
        we anticipate that they will somehow animate in the future.

        This can get extremely expensive, especially on low-memory devices.
        This patch makes WebKit stop handing out compositing layers for this kinda thing:

            -webkit-transform: translate3d(0,0,0)

        ..on devices with 512MB or less. This dramatically improves stability on some
        web pages.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::requiresCompositingForTransform):

2015-06-05  Matt Baker  <mattbaker@apple.com>

        Web Inspector: "Other" time in the framerate table is often negative
        https://bugs.webkit.org/show_bug.cgi?id=145712

        Reviewed by Timothy Hatcher.

        The Inspector frontend flattens the timeline event tree it receives from the backend, which can contain nested
        paint records. The nested records represent a single paint event, but were being interpreted as two separate
        events for purposes of calculating total layout time. This caused the calculated "other" time to be less than
        it should be (and in some cases negative).

        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::addRecordToTimeline):
        Paint records are no longer nested, we simply drop the child paint event.

2015-06-05  Chris Dumez  <cdumez@apple.com>

        Unreviewed, speculative Windows build fix after r185273.

        * platform/VNodeTracker.h:

2015-06-05  Chris Dumez  <cdumez@apple.com>

        [WK2][iOS] Limit the number of vnodes used by the WebContent processes
        https://bugs.webkit.org/show_bug.cgi?id=145672
        <rdar://problem/21126637>

        Reviewed by Antti Koivisto.

        Limit the number of vnodes used by the WebContent processes to reduce
        the chance of getting killed due to the system running out of vnodes.
        We sometimes see the WebContent process use up to 50% of the system's
        vnode limit on some tests on iOS, which seems excessive. Most vnodes
        are due to CachedResources which are mmap'd from the WebKit disk cache
        and kept alive due to caches such as the Memory Cache / PageCache.

        This patch adds tracking for the number of SharedBuffer objects that are
        backed by a CFDataRef as this should track most of the vnodes used by
        the process. The WebContent process registers a vnode pressure handler
        upon initialization (likely it already does for memory pressure
        handling). This handler gets called when the process uses over 15% of
        of system's vnode limit and the "critical" flag is set if it uses over
        20% of the system limit. The vnode pressure handler currently calls the
        memory pressure handler as freeing our caches (especially PageCache,
        MemoryCache) and doing a JS GC frees up vnodes.

        On iPhone 6 Plus, the system limit is at 3000, which would lead to the
        following limits being used:
        soft: 450 / hard: 600

        However, on older hardware, the system limit can be as low as 2000,
        which would lead to the following limits being used:
        soft: 300 / hard: 400

        vnode tracking is currently only enabled on iOS because system vnode
        limits are usually much higher on Mac (e.g. 473695 on Mac Pro, 9984
        on a 2011 MacBook Air) and we normally don't get killed.

        * WebCore.xcodeproj/project.pbxproj:

        Add new files to the XCode project.

        * platform/SharedBuffer.h:

        Add a VNodeTracker::Token member next to the CFDataRef member that we
        initialize if the SharedBuffer is constructed from a CFDataRef.

        * platform/VNodeTracker.cpp: Added.
        (WebCore::VNodeTracker::singleton):
        (WebCore::VNodeTracker::VNodeTracker):
        (WebCore::VNodeTracker::checkPressureState):
        (WebCore::VNodeTracker::pressureWarningTimerFired):
        (WebCore::VNodeTracker::nextPressureWarningInterval):
        (WebCore::VNodeTracker::platformInitialize):
        * platform/VNodeTracker.h: Added.
        (WebCore::VNodeTracker::setPressureHandler):

        Add a new VNodeTracker singleton to keep track the number of vnodes
        used by the process since the system does not issue warnings before
        reaching its vnode limit. Call sites should request Tokens for
        every vnode they use for tracking purposes. Each process can then
        set a vnode pressure handler function that will be called when the
        process is over the designated limits.

        * platform/cf/SharedBufferCF.cpp:
        (WebCore::SharedBuffer::SharedBuffer):

        Take a VNodeToken from the VNodeTracker when constructing the
        SharedBuffer from a CFDataRef as these usually use mmap.

        * platform/cocoa/VNodeTrackerCocoa.cpp: Added.
        (WebCore::VNodeTracker::platformInitialize):

        Get the system's vnode limit and uses 15% of that value as soft
        limit for the process and 20% of that value as hard limit.

2015-06-05  Dean Jackson  <dino@apple.com>

        Lingering checkbox animations when rapidly switching between views on WK1
        https://bugs.webkit.org/show_bug.cgi?id=145715
        <rdar://problem/17381121>

        Reviewed by Simon Fraser.

        On WK1, the NSView we use for NSButtonCells is parented in the ScrollView.
        Our checkbox and radiobutton animations cause AppKit to create a CALayer which
        is parented into that view. As we render the animations, we see the CALayer getting
        drawn also.

        The fix was to use an unparented layer on WK1 when drawing these controls, the same
        way WK2 does. This technique may apply to all controls, but restricting it
        to just the buttons at the moment is less risky.

        This only happens during the swap between a checked and non-checked state,
        and we have no way to test it :(

        * platform/mac/ThemeMac.h: New optional parameter to ensuredView.
        * platform/mac/ThemeMac.mm:
        (WebCore::paintToggleButton): If we're on Yosemite or highter, use an unparented view.
        (WebCore::ThemeMac::ensuredView): Return either a parented or unparented view.

2015-06-05  Matt Rajca  <mrajca@apple.com>

        MediaSessions should keep track of their participating media elements.
        https://bugs.webkit.org/show_bug.cgi?id=145703

        Reviewed by Eric Carlson.

        * Modules/mediasession/MediaSession.cpp:
        (WebCore::MediaSession::addMediaElement): Add the given media element to the media session.
        (WebCore::MediaSession::removeMediaElement): Remove the given media element from the media session.
        (WebCore::MediaSession::activeParticipatingElements): Dynamically build a vector of actively-playing media
          elements.
        * Modules/mediasession/MediaSession.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::~HTMLMediaElement): Ensure the element is removed from its media session.
        (WebCore::HTMLMediaElement::setSession): Update sessions' references to their media elements.

2015-06-05  Chris Dumez  <cdumez@apple.com>

        Regression(r176212): Broke app switching on iCloud.com
        https://bugs.webkit.org/show_bug.cgi?id=145708
        <rdar://problem/21235277>

        Reviewed by Simon Fraser.

        Roll out r176212 and follow-up fixes for now, to fix iCloud.com.
        We can reconsider later how to do this in a safer way.

        * bindings/js/JSCSSStyleDeclarationCustom.cpp:
        (WebCore::JSCSSStyleDeclaration::putDelegate): Deleted.
        (WebCore::JSCSSStyleDeclaration::getOwnPropertyNames): Deleted.
        * dom/Element.cpp:
        * dom/Element.h:
        * dom/ElementRareData.cpp:
        * dom/ElementRareData.h:
        (WebCore::ElementRareData::ElementRareData):
        (WebCore::ElementRareData::~ElementRareData): Deleted.
        * dom/Node.cpp:
        (WebCore::Node::materializeRareData):
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::notifyObserversCanvasChanged): Deleted.
        * page/DOMTimer.cpp:
        (WebCore::DOMTimerFireState::scriptMadeNonUserObservableChanges): Deleted.
        (WebCore::DOMTimerFireState::scriptMadeUserObservableChanges): Deleted.
        (WebCore::NestedTimersMap::instanceForContext): Deleted.
        (WebCore::DOMTimer::install): Deleted.
        (WebCore::DOMTimer::fired): Deleted.
        (WebCore::DOMTimer::alignedFireTime): Deleted.
        (WebCore::DOMTimer::activeDOMObjectName): Deleted.
        * page/DOMTimer.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::reset): Deleted.
        (WebCore::FrameView::viewportContentsChanged): Deleted.
        (WebCore::FrameView::autoSizeIfEnabled): Deleted.
        * page/FrameView.h:

2015-06-05  Myles C. Maxfield  <mmaxfield@apple.com>

        [iOS] Emoji overlap preceeding lines
        https://bugs.webkit.org/show_bug.cgi?id=145678
        <rdar://problem/10684914>

        Reviewed by Enrica Casucci.

        In WebKit, we first lay out lines, and then we lay out text inside those lines. Text is vertically centered in
        its containing line. If the author has not specified a particular line-height, the height of a line comes from
        the font metrics for the primary font of the line.

        In iOS, we were specifically hardcoding the line height metric of Apple Color Emoji to be 0. This means that,
        if Apple Color Emoji is the primary font for a line, and an explicit line-height was not specified, the lines
        are laid out with 0 height. Then, when we vertically center the text inside the line, the top half of the text
        overlaps the preceeding line.

        I'm not sure exactly why were were hardcoding this value to 0, as it is surely wrong. I'm going to ask Enrica
        to review this patch; hopefully she knows the answer.

        Test: fast/text/emoji.html

        * platform/graphics/cocoa/FontCocoa.mm:
        (WebCore::Font::platformInit):

2015-06-05  Alex Christensen  <achristensen@webkit.org>

        [Web Timing] Use new SPI to enable data collection.
        https://bugs.webkit.org/show_bug.cgi?id=145650
        rdar://problem/21203358

        Reviewed by Chris Dumez.

        * platform/network/cf/ResourceHandleCFNet.cpp:
        (WebCore::ResourceHandle::createCFURLConnection):
        Gather web timing data on iOS.
        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::ResourceHandle::createNSURLConnection):
        (WebCore::ResourceHandle::setCollectsTimingData):
        Gather web timing data on Mac.

2015-06-05  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] ReadableStream should store callbacks as a Deque
        https://bugs.webkit.org/show_bug.cgi?id=145641

        Reviewed by Darin Adler.

        Covered by existing tests.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::resolveReadCallback): Use of Deque.takeFirst
        * Modules/streams/ReadableStream.h: Using Deque in lieu of Vector for storing callbacks.

2015-06-05  Mark Lam  <mark.lam@apple.com>

        finally blocks should not set the exception stack trace when re-throwing the exception.
        https://bugs.webkit.org/show_bug.cgi?id=145525

        Reviewed by Geoffrey Garen.

        Update to use the new JSC::Exception object.

        Test: inspector/debugger/break-on-exceptions.html

        * ForwardingHeaders/runtime/Exception.h: Added.
        * bindings/js/JSCallbackData.cpp:
        (WebCore::JSCallbackData::invokeCallback):
        * bindings/js/JSCustomXPathNSResolver.cpp:
        (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI):
        * bindings/js/JSDOMBinding.cpp:
        (WebCore::jsArray):
        (WebCore::reportException):
        (WebCore::reportCurrentException):
        * bindings/js/JSDOMBinding.h:
        * bindings/js/JSErrorHandler.cpp:
        (WebCore::JSErrorHandler::handleEvent):
        * bindings/js/JSEventListener.cpp:
        (WebCore::JSEventListener::handleEvent):
        * bindings/js/JSMainThreadExecState.cpp:
        (WebCore::JSMainThreadExecState::didLeaveScriptContext):
        (WebCore::functionCallHandlerFromAnyThread):
        (WebCore::evaluateHandlerFromAnyThread):
        * bindings/js/JSMainThreadExecState.h:
        (WebCore::JSMainThreadExecState::currentState):
        (WebCore::JSMainThreadExecState::call):
        (WebCore::JSMainThreadExecState::evaluate):
        (WebCore::JSMainThreadExecState::runTask):

        * bindings/js/JSMediaDevicesCustom.cpp:
        (WebCore::JSMediaDevices::getUserMedia):
        - Fixed a bug where the exception was not cleared before entering the VM to
          call JS code.

        * bindings/js/JSMutationCallback.cpp:
        (WebCore::JSMutationCallback::call):
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::getPropertyFromObject):
        (WebCore::callFunction):
        (WebCore::ReadableJSStream::Source::start):
        * bindings/js/ScheduledAction.cpp:
        (WebCore::ScheduledAction::executeFunctionInContext):
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::evaluateInWorld):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::SerializedScriptValue::create):
        (WebCore::SerializedScriptValue::deserialize):
        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::evaluate):
        (WebCore::WorkerScriptController::setException):
        (WebCore::WorkerScriptController::scheduleExecutionTermination):
        * bindings/js/WorkerScriptController.h:
        (WebCore::WorkerScriptController::workerGlobalScopeWrapper):
        * bindings/js/WorkerScriptDebugServer.cpp:
        (WebCore::WorkerScriptDebugServer::runEventLoopWhilePaused):
        (WebCore::WorkerScriptDebugServer::reportException):
        * bindings/js/WorkerScriptDebugServer.h:
        * bindings/objc/WebScriptObject.mm:
        (WebCore::createJSWrapper):
        (WebCore::addExceptionToConsole):
        (-[WebScriptObject callWebScriptMethod:withArguments:]):
        (-[WebScriptObject evaluateWebScript:]):
        - Changed to call a version of JSMainThreadExecState::evaluate() that provides
          a stub returnedException because evaluateWebScript: doesn't need the exception.

        * inspector/PageScriptDebugServer.cpp:
        (WebCore::PageScriptDebugServer::isContentScript):
        (WebCore::PageScriptDebugServer::reportException):
        * inspector/PageScriptDebugServer.h:
        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::importScripts):

2015-06-05  Eric Carlson  <eric.carlson@apple.com>

        Layout tests fullscreen/video-controls-drag.html and media/video-fullscreeen-only-controls.html
        fail on WK1 and WK2
        https://bugs.webkit.org/show_bug.cgi?id=145675

        Reviewed by Dean Jackson.

        No new tests, changes covered by existing tests.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.updateControls): Use shouldHaveControls() to test if controls should
          be visible.
        (Controller.prototype.handleWrapperMouseMove): Don't return early when in fullscreen.
        (Controller.prototype.updateFullscreenButtons): Drive-by fix: always show the (exit) fullscreen
          button when in fullscreen.
          

2015-06-04  David Hyatt  <hyatt@apple.com>

        Underlines too close in vertical Chinese text.
        https://bugs.webkit.org/show_bug.cgi?id=145651
        <rdar://problem/11105920>

        Reviewed by Simon Fraser.

        Added fast/text/decorations-vertical-underline.html

        * style/InlineTextBoxStyle.cpp:
        (WebCore::computeUnderlineOffset):
        Make sure the to map text-underline-position: auto to under when a line has an ideographic baseline.

2015-06-05  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        [GTK] [Wayland] The MiniBrowser crashes inside Weston.
        https://bugs.webkit.org/show_bug.cgi?id=145645

        Reviewed by Žan Doberšek.

        No new tests, no behavior changes.

        The issue was caused because we were not properly initializing the
        Wayland display, and we were returning a nullptr in PlatformDisplayWayland::create(),
        therefore a crash was happening on WebKit2/UIProcess/API/gtk/WebKitWebViewBase.cpp:1136
        <http://trac.webkit.org/browser/trunk/Source/WebKit2/UIProcess/API/gtk/WebKitWebViewBase.cpp?rev=185245#L1136>

        * platform/graphics/wayland/PlatformDisplayWayland.cpp:
        (WebCore::PlatformDisplayWayland::create): When connecting to the Wayland
        server socket we should use the default value (NULL). This allows the value
        to be overwritten at run-time by the environment variables WAYLAND_DISPLAY or
        WAYLAND_SOCKET that the Wayland compositor should define. Also add a couple
        of warnings to get information about what is going wrong when we fail to
        initialize the display instead of just crashing without giving more information.
        * platform/graphics/wayland/PlatformDisplayWayland.h:
        (WebCore::PlatformDisplayWayland::isInitialized): Not longer check for m_webkitgtk
        to signal that the display is ready because the UIProcess embedded Wayland
        subcompositer is still not implemented. Added a FIXME note about it.

2015-06-05  Dean Jackson  <dino@apple.com>

        [Mac] Popup focus is cut off
        https://bugs.webkit.org/show_bug.cgi?id=145688
        <rdar://problem/18313375>

        Reviewed by Brent Fulgham.

        Yosemite increased the width of focus rings, causing
        some ugly clipping on Yosemite. The solution was to
        not set a clip (which was code introduced for Leopard).

        Test: fast/forms/select-element-focus-ring.html

        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::paintMenuList): Don't clip on Yosemite.

2015-06-05  Manuel Rego Casasnovas  <rego@igalia.com>

        [CSS Grid Layout] Support dots sequences in grid-template-areas
        https://bugs.webkit.org/show_bug.cgi?id=145693

        Reviewed by Sergio Villar Senin.

        The CSS WG agreed to consider a sequence of "." characters a single null
        cell token for grid-template-areas. That way authors can match the
        number of dots to the width of the column.

        For more information see:
        https://lists.w3.org/Archives/Public/www-style/2015May/0175.html

        Added new test cases to check the new behavior.

        * css/CSSParser.cpp:
        (WebCore::containsOnlyDots): New helper function to check that the grid
        area name is composed by only dots.
        (WebCore::CSSParser::parseGridTemplateAreasRow): Use the new helper
        function to look for unnamed areas.

2015-06-04  Joonghun Park  <jh718.park@samsung.com>

        Purge PassRefPtr create() factory functions in WebCore/css
        https://bugs.webkit.org/show_bug.cgi?id=144905

        Reviewed by Darin Adler.

        Return Ref instead of PassRefPtr in create() factory functions in css,
        because the factory can't return null.

        No new tests, no new behaviours.

        * css/BasicShapeFunctions.cpp:
        (WebCore::valueForCenterCoordinate):
        (WebCore::basicShapeRadiusToCSSValue):
        (WebCore::valueForBasicShape):
        * css/BasicShapeFunctions.h:
        * css/CSSBasicShapes.h:
        * css/CSSCalculationValue.cpp:
        (WebCore::createCSS):
        (WebCore::CSSCalcValue::create):
        * css/CSSCalculationValue.h:
        * css/CSSCharsetRule.h:
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::valueForNinePieceImageSlice):
        (WebCore::valueForNinePieceImageQuad):
        (WebCore::zoomAdjustedPixelValue):
        (WebCore::zoomAdjustedNumberValue):
        (WebCore::zoomAdjustedPixelValueForLength):
        (WebCore::valueForReflection):
        (WebCore::createPositionListForLayer):
        (WebCore::positionOffsetValue):
        (WebCore::percentageOrZoomAdjustedValue):
        (WebCore::autoOrZoomAdjustedValue):
        (WebCore::getBorderRadiusCornerValues):
        (WebCore::getBorderRadiusCornerValue):
        (WebCore::getBorderRadiusShorthandValue):
        (WebCore::matrixTransformValue):
        (WebCore::computedTransform):
        (WebCore::adjustLengthForZoom):
        (WebCore::ComputedStyleExtractor::valueForShadow):
        (WebCore::ComputedStyleExtractor::valueForFilter):
        (WebCore::specifiedValueForGridTrackBreadth):
        (WebCore::specifiedValueForGridTrackSize):
        (WebCore::valueForGridTrackList):
        (WebCore::scrollSnapDestination):
        (WebCore::scrollSnapPoints):
        (WebCore::scrollSnapCoordinates):
        (WebCore::createAnimationTriggerValue):
        (WebCore::getAnimationTriggerValue):
        (WebCore::ComputedStyleExtractor::getFontSizeCSSValuePreferringKeyword):
        (WebCore::fillSizeToCSSValue):
        (WebCore::lineHeightFromStyle):
        (WebCore::fontSizeFromStyle):
        (WebCore::zoomAdjustedPaddingOrMarginPixelValue):
        (WebCore::shapePropertyValue):
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSComputedStyleDeclaration.h:
        * css/CSSFontFace.h:
        (WebCore::CSSFontFace::create):
        * css/CSSFontFaceLoadEvent.h:
        * css/CSSFontFaceRule.h:
        * css/CSSGrammar.y.in:
        * css/CSSGridLineNamesValue.cpp:
        (WebCore::CSSGridLineNamesValue::cloneForCSSOM):
        * css/CSSGridLineNamesValue.h:
        (WebCore::CSSGridLineNamesValue::create):
        * css/CSSImportRule.h:
        * css/CSSKeyframeRule.h:
        (WebCore::StyleKeyframe::create):
        * css/CSSKeyframesRule.h:
        * css/CSSMediaRule.h:
        * css/CSSPageRule.h:
        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseGridLineNames):
        (WebCore::CSSParser::parseDashboardRegions):
        (WebCore::CSSParser::parseClipShape):
        (WebCore::CSSParser::parseBasicShape):
        (WebCore::BorderImageSliceParseContext::commitBorderImageSlice):
        (WebCore::BorderImageQuadParseContext::commitBorderImageQuad):
        * css/CSSParser.h:
        (WebCore::CSSParser::ValueWithCalculation::calculation):
        * css/CSSPrimitiveValue.cpp:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        (WebCore::CSSPrimitiveValue::init):
        (WebCore::CSSPrimitiveValue::cloneForCSSOM):
        * css/CSSPrimitiveValue.h:
        (WebCore::CSSPrimitiveValue::create):
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        * css/CSSPropertySourceData.h:
        (WebCore::CSSStyleSourceData::create):
        (WebCore::CSSRuleSourceData::create):
        (WebCore::CSSRuleSourceData::createUnknown):
        * css/CSSRuleList.h:
        * css/CSSSegmentedFontFace.h:
        (WebCore::CSSSegmentedFontFace::create):
        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::createRareData):
        * css/CSSSelector.h:
        (WebCore::CSSSelector::RareData::create):
        * css/CSSStyleRule.h:
        * css/CSSSupportsRule.h:
        * css/CSSValuePool.h:
        (WebCore::CSSValuePool::createValue):
        * css/FontLoader.cpp:
        (WebCore::LoadFontCallback::create):
        * css/LengthRepeat.h:
        (WebCore::LengthRepeat::create):
        (WebCore::LengthRepeat::cloneForCSSOM):
        * css/MediaList.h:
        (WebCore::MediaQuerySet::create):
        (WebCore::MediaQuerySet::createAllowingDescriptionSyntax):
        (WebCore::MediaList::create):
        * css/MediaQueryList.cpp:
        (WebCore::MediaQueryList::create):
        * css/MediaQueryList.h:
        * css/MediaQueryMatcher.h:
        (WebCore::MediaQueryMatcher::create):
        * css/Pair.h:
        (WebCore::Pair::create):
        * css/Rect.h:
        (WebCore::Rect::create):
        (WebCore::Rect::cloneForCSSOM):
        (WebCore::Quad::create):
        (WebCore::Quad::cloneForCSSOM):
        * css/SVGCSSComputedStyleDeclaration.cpp:
        (WebCore::paintOrder):
        (WebCore::ComputedStyleExtractor::svgPropertyValue):
        * css/StyleMedia.h:
        (WebCore::StyleMedia::create):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::keyframeStylesForAnimation):
        * css/StyleSheetList.h:
        (WebCore::StyleSheetList::create):
        * css/ViewportStyleResolver.h:
        (WebCore::ViewportStyleResolver::create):
        * css/WebKitCSSMatrix.h:
        * css/WebKitCSSRegionRule.h:
        * css/WebKitCSSViewportRule.h:
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::blendFilter):
        * rendering/style/RenderStyle.h:
        (WebCore::adjustFloatForAbsoluteZoom):
        * rendering/style/StyleInheritedData.h:

2015-06-04  Benjamin Poulain  <bpoulain@apple.com>

        The last 2 merged DFAs are not minimized by DFACombiner

        * contentextensions/DFACombiner.cpp:
        (WebCore::ContentExtensions::DFACombiner::combineDFAs):
        I introduced a bug when I made minimization conditional: the last merge
        does not minimize if we do not reach the minimum size.

2015-06-04  Brent Fulgham  <bfulgham@apple.com>

        Latching algorithm in findEnclosingOverflowScroll is broken
        https://bugs.webkit.org/show_bug.cgi?id=145642
        <rdar://problem/21242308>

        Reviewed by Simon Fraser.

        Test: platform/mac-wk2/tiled-drawing/scrolling/iframe_in_iframe.html

        * page/mac/EventHandlerMac.mm:
        (WebCore::scrollableAreaForBox): Added helper function.
        (WebCore::findEnclosingScrollableContainer): Renamed from findEnclosingOverflowScroll.
        Only identify something as our scroll element if it can be scrolled in either
        axis of the gesture's motion.
        (WebCore::scrollableAreaForContainerNode): Use new helper function.
        (WebCore::EventHandler::platformPrepareForWheelEvents): Use new function
        name, and pass horizontal and vertical deltas.
        (WebCore::findEnclosingOverflowScroll): Deleted.

2015-06-04  Gyuyoung Kim  <gyuyoung.kim@webkit.org>

        REGRESSION(r185091): Crash happens on indexdb tests
        https://bugs.webkit.org/show_bug.cgi?id=145549

        Reviewed by Darin Adler.

        * Modules/indexeddb/IDBDatabaseError.h:
        (WebCore::IDBDatabaseError::create): Revert Ref usage of IDBDatabaseError::create().

2015-06-04  Simon Fraser  <simon.fraser@apple.com>

        Crash in EventDispatcher::dispatchEvent entering a location on Google Maps
        https://bugs.webkit.org/show_bug.cgi?id=145677
        rdar://problem/20698280

        Reviewed by Dean Jackson.

        If a transition is running on a pseudo-element, and the host element is removed
        from the DOM just as the transition ends, and there is a transition event listener,
        then we'd crash with a null dereference in event dispatch code.
        
        AnimationController tries to clean up running animations when renderers are destroyed,
        but omitted to remove the element from two vectors that store element references.
        Elements are only added to these vectors briefly on animation end, before firing
        events, but failure to remove the vector entries could result in attempting
        to fire an event on a pseudo-element with no host element.
        
        Also convert EventDispatcher code to be more robust to potentially null event
        targets, since it's not clear that eventTargetRespectingTargetRules() can always
        manage to return a non-null node.
        
        Hard to make a test because this is timing sensitive.

        * dom/EventDispatcher.cpp:
        (WebCore::eventTargetRespectingTargetRules):
        (WebCore::EventDispatcher::dispatchScopedEvent):
        (WebCore::EventDispatcher::dispatchEvent):
        (WebCore::EventPath::EventPath):
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::clear):

2015-06-04  Hunseop Jeong  <hs85.jeong@samsung.com>

        Replace 0 with nullptr in WebCore/Page.
        https://bugs.webkit.org/show_bug.cgi?id=145631

        Reviewed by Darin Adler.

        No new tests, no behavior changes.

        * page/AutoscrollController.cpp:
        (WebCore::AutoscrollController::AutoscrollController):
        (WebCore::AutoscrollController::stopAutoscrollTimer):
        * page/ContentSecurityPolicy.cpp:
        (WebCore::CSPSourceList::parseSource):
        * page/ContentSecurityPolicy.h:
        * page/ContextMenuController.cpp:
        (WebCore::ContextMenuController::clearContextMenu):
        * page/DOMSelection.cpp:
        (WebCore::DOMSelection::clearTreeScope):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::resetDOMWindowProperties):
        (WebCore::DOMWindow::localStorage):
        (WebCore::DOMWindow::focus):
        * page/DOMWindow.h:
        * page/DOMWindowExtension.cpp:
        (WebCore::DOMWindowExtension::reconnectFrameFromPageCache):
        (WebCore::DOMWindowExtension::willDestroyGlobalObjectInCachedFrame):
        * page/DOMWindowProperty.cpp:
        (WebCore::DOMWindowProperty::DOMWindowProperty):
        (WebCore::DOMWindowProperty::~DOMWindowProperty):
        (WebCore::DOMWindowProperty::disconnectFrameForPageCache):
        (WebCore::DOMWindowProperty::willDestroyGlobalObjectInCachedFrame):
        (WebCore::DOMWindowProperty::willDestroyGlobalObjectInFrame):
        * page/DragController.cpp:
        (WebCore::DragController::dragEnded):
        (WebCore::DragController::performDragOperation):
        (WebCore::DragController::tryDocumentDrag):
        (WebCore::DragController::concludeEditDrag):
        (WebCore::DragController::startDrag):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::EventHandler):
        (WebCore::EventHandler::resizeLayerDestroyed):
        (WebCore::EventHandler::freeDataTransfer):
        (WebCore::EventHandler::dragSourceEndedAt):
        (WebCore::EventHandler::handleDrag):
        * page/EventHandler.h:
        * page/FocusController.cpp:
        (WebCore::FocusController::advanceFocusInDocumentOrder):
        * page/Frame.cpp:
        (WebCore::Frame::~Frame):
        (WebCore::Frame::searchForLabelsBeforeElement):
        (WebCore::Frame::willDetachPage):
        (WebCore::Frame::createView):
        * page/Frame.h:
        (WebCore::Frame::detachFromPage):
        * page/FrameDestructionObserver.cpp:
        (WebCore::FrameDestructionObserver::FrameDestructionObserver):
        (WebCore::FrameDestructionObserver::~FrameDestructionObserver):
        (WebCore::FrameDestructionObserver::frameDestroyed):
        * page/FrameTree.cpp:
        (WebCore::FrameTree::~FrameTree):
        (WebCore::FrameTree::removeChild):
        * page/FrameTree.h:
        (WebCore::FrameTree::FrameTree):
        (WebCore::FrameTree::detachFromParent):
        * page/History.cpp:
        (WebCore::History::History):
        * page/Page.cpp:
        (WebCore::Page::Page):
        (WebCore::Page::~Page):
        (WebCore::Page::findStringMatchingRanges):
        * page/PageGroup.cpp:
        * page/Performance.cpp:
        (WebCore::Performance::Performance):
        * page/PointerLockController.cpp:
        (WebCore::PointerLockController::didLosePointerLock):
        (WebCore::PointerLockController::clearElement):
        * page/SecurityOrigin.h:
        (WebCore::SecurityOrigin::canAccessDatabase):
        * page/Settings.cpp:
        (WebCore::Settings::Settings):
        * page/SpatialNavigation.cpp:
        (WebCore::FocusCandidate::FocusCandidate):
        * page/SpatialNavigation.h:
        (WebCore::FocusCandidate::FocusCandidate):
        * page/scrolling/ScrollingTreeNode.cpp:
        (WebCore::ScrollingTreeNode::ScrollingTreeNode):
        * page/scrolling/coordinatedgraphics/ScrollingCoordinatorCoordinatedGraphics.cpp:
        (WebCore::ScrollingCoordinatorCoordinatedGraphics::willDestroyScrollableArea):

2015-06-04  Benjamin Poulain  <bpoulain@apple.com>

        Combine tiny DFAs into slightly larger ones
        https://bugs.webkit.org/show_bug.cgi?id=145572

        Reviewed by Alex Christensen.

        This patch changes the ContentExtensions compiler to combine tiny DFA
        until they reach a minimum size.

        The main tool introduced here is DFAMerger. It combines 2 DFAs into
        a single DFA that represent the union of the two machines.
        That is done by a simple subset construction on the "name" of the nodes
        in each DFAs.

        Since we only merge 2 machines, and they are both deterministic, we know that
        we can only be in one state of each machine, or a state in one machine without
        equivalent in the other machine.
        We exploit that to identify the mapping between nodes. To identify a node in
        the new machine from nodes in the original machines, we just concatenate the node
        IDs into a single 64 bits number. If there is no node in one of the machine, we
        use a special tag.

        The current algorithm does not have any subgraph pruning, machines grow very very
        quickly. Because of that, we only merge very small DFAs at the moment.

        Test: http/tests/contentextensions/filters-with-quantifiers-combined.html

        * WebCore.xcodeproj/project.pbxproj:
        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        * contentextensions/ContentExtensionsDebugging.h:
        * contentextensions/DFA.cpp:
        (WebCore::ContentExtensions::DFA::graphSize):
        (WebCore::ContentExtensions::DFA::debugPrintDot):
        * contentextensions/DFA.h:
        * contentextensions/DFACombiner.cpp: Added.
        (WebCore::ContentExtensions::DFAMerger::DFAMerger):
        (WebCore::ContentExtensions::DFAMerger::merge):
        (WebCore::ContentExtensions::DFAMerger::signatureForIndices):
        (WebCore::ContentExtensions::DFAMerger::extractIndexA):
        (WebCore::ContentExtensions::DFAMerger::extractIndexB):
        (WebCore::ContentExtensions::DFAMerger::getOrCreateCombinedNode):
        (WebCore::ContentExtensions::DFAMerger::setHalfSignature):
        (WebCore::ContentExtensions::DFAMerger::populateTransitions):
        (WebCore::ContentExtensions::DFAMerger::populateFromFallbackTransitions):
        (WebCore::ContentExtensions::DFAMerger::createTransitions):
        (WebCore::ContentExtensions::DFAMerger::createFallbackTransitionIfNeeded):
        (WebCore::ContentExtensions::DFACombiner::combineDFAs):
        * contentextensions/DFACombiner.h: Copied from Source/WebCore/contentextensions/DFA.h.
        (WebCore::ContentExtensions::DFACombiner::addDFA):

2015-06-04  Matt Rajca  <mrajca@apple.com>

        Rename MediaSessionManager to PlatformMediaSessionManager for consistency with PlatformMediaSession.
        https://bugs.webkit.org/show_bug.cgi?id=145648

        Reviewed by Eric Carlson.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLMediaElement.cpp:
        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::effectivePreloadForElement):
        (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
        * platform/audio/PlatformMediaSession.cpp:
        (WebCore::PlatformMediaSession::PlatformMediaSession):
        (WebCore::PlatformMediaSession::~PlatformMediaSession):
        (WebCore::PlatformMediaSession::clientWillBeginPlayback):
        (WebCore::PlatformMediaSession::clientWillPausePlayback):
        (WebCore::PlatformMediaSession::clientDataBufferingTimerFired):
        (WebCore::PlatformMediaSession::updateClientDataBuffering):
        * platform/audio/PlatformMediaSessionManager.cpp: Renamed from Source/WebCore/platform/audio/MediaSessionManager.cpp.
        (WebCore::PlatformMediaSessionManager::sharedManager):
        (WebCore::PlatformMediaSessionManager::PlatformMediaSessionManager):
        (WebCore::PlatformMediaSessionManager::resetRestrictions):
        (WebCore::PlatformMediaSessionManager::has):
        (WebCore::PlatformMediaSessionManager::activeAudioSessionRequired):
        (WebCore::PlatformMediaSessionManager::count):
        (WebCore::PlatformMediaSessionManager::beginInterruption):
        (WebCore::PlatformMediaSessionManager::endInterruption):
        (WebCore::PlatformMediaSessionManager::addSession):
        (WebCore::PlatformMediaSessionManager::removeSession):
        (WebCore::PlatformMediaSessionManager::addRestriction):
        (WebCore::PlatformMediaSessionManager::removeRestriction):
        (WebCore::PlatformMediaSessionManager::restrictions):
        (WebCore::PlatformMediaSessionManager::sessionWillBeginPlayback):
        (WebCore::PlatformMediaSessionManager::sessionWillEndPlayback):
        (WebCore::PlatformMediaSessionManager::setCurrentSession):
        (WebCore::PlatformMediaSessionManager::currentSession):
        (WebCore::PlatformMediaSessionManager::sessionRestrictsInlineVideoPlayback):
        (WebCore::PlatformMediaSessionManager::sessionCanLoadMedia):
        (WebCore::PlatformMediaSessionManager::applicationWillEnterBackground):
        (WebCore::PlatformMediaSessionManager::applicationWillEnterForeground):
        (WebCore::PlatformMediaSessionManager::updateSessionState):
        (WebCore::PlatformMediaSessionManager::didReceiveRemoteControlCommand):
        (WebCore::PlatformMediaSessionManager::systemWillSleep):
        (WebCore::PlatformMediaSessionManager::systemDidWake):
        (WebCore::PlatformMediaSessionManager::audioOutputDeviceChanged):
        * platform/audio/PlatformMediaSessionManager.h: Renamed from Source/WebCore/platform/audio/MediaSessionManager.h.
        (WebCore::PlatformMediaSessionManager::~PlatformMediaSessionManager):
        (WebCore::PlatformMediaSessionManager::configureWireLessTargetMonitoring):
        (WebCore::PlatformMediaSessionManager::hasWirelessTargetsAvailable):
        (WebCore::PlatformMediaSessionManager::sessions):
        * platform/audio/mac/AudioDestinationMac.cpp:
        * platform/audio/mac/MediaSessionManagerMac.cpp:
        (PlatformMediaSessionManager::updateSessionState):
        (MediaSessionManager::updateSessionState): Deleted.
        * testing/Internals.cpp:

2015-06-04  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Don't show default controls after playing to wireless target, again
        https://bugs.webkit.org/show_bug.cgi?id=145620
        <rdar://problem/21145806>

        Reviewed by Dean Jackson.

        Follow up to fix two tests broken by r185207.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.updateControls): Always show controls when the video element
          is the fullscreen element because custom controls aren't possible.

2015-06-04  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Add ASSERT to FontPlatformData::ctFont()
        https://bugs.webkit.org/show_bug.cgi?id=145659

        Reviewed by Dean Jackson.

        The new ASSERT needs to be guarded with CORETEXT_WEB_FONTS, which is defined in FontCustomPlatformData.h,
        and is not accessible to FontPlatformData. Therefore, I've moved the definition into TextFlags.h, which
        both files include.

        No new tests because there is no behavior change.

        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::ctFont): Add the ASSERT.
        * platform/graphics/mac/FontCustomPlatformData.h: Move the CORETEXT_WEB_FONTS preprocessor
        macro from here ...
        * platform/text/TextFlags.h: ... to here.

2015-06-04  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r185208.
        https://bugs.webkit.org/show_bug.cgi?id=145655

        platform/mac-wk2/tiled-drawing/scrolling/fast-scroll-iframe-
        latched-select.html (Requested by shallawa on #webkit).

        Reverted changeset:

        "Latching algorithm in findEnclosingOverflowScroll is broken"
        https://bugs.webkit.org/show_bug.cgi?id=145642
        http://trac.webkit.org/changeset/185208

2015-06-04  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Remove unnecessary code from FontPlatformData::ctFont()
        https://bugs.webkit.org/show_bug.cgi?id=145652

        Hoefler Text Italic no longer has initial and final swashes by default, so there
        is no reason to explicitly disable them.

        Reviewed by Andreas Kling.

        No new tests because there is no behavior change.

        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::ctFont):
        (WebCore::createFeatureSettingDictionary): Deleted.
        (WebCore::cascadeToLastResortAndDisableSwashesFontDescriptor): Deleted.

2015-06-04  Brent Fulgham  <bfulgham@apple.com>

        Latching algorithm in findEnclosingOverflowScroll is broken
        https://bugs.webkit.org/show_bug.cgi?id=145642
        <rdar://problem/21242308>

        Reviewed by Simon Fraser.

        Test: platform/mac-wk2/tiled-drawing/scrolling/iframe_in_iframe.html

        * page/mac/EventHandlerMac.mm:
        (WebCore::findEnclosingOverflowScrollForDominantDirection): Renamed from
        'findEnclosingOverflowScroll'. Only identify element as our overflow
        scroll element if it can be scrolled in either axis of the gesture's
        motion.
        (WebCore::scrolledToEdgeInDominantDirection): Renamed.
        (WebCore::EventHandler::platformPrepareForWheelEvents): Use new function
        name, and pass horizontal and vertical deltas.
        (WebCore::findEnclosingOverflowScroll): Deleted.

2015-06-04  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Don't show default controls after playing to wireless target, again
        https://bugs.webkit.org/show_bug.cgi?id=145620
        <rdar://problem/21145806>

        Reviewed by Dean Jackson.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.updateControls): Show or hide the panel as appropriate.
        (Controller.prototype.handleWrapperMouseMove): Early return if !video.controls.
        (Controller.prototype.addControls): Call updateControls instead of this.setNeedsTimelineMetricsUpdate
          so all needed setup is done.
        (Controller.prototype.resetHideControlsTimer): Only start the hide timer if playing.

2015-06-04  Chris Dumez  <cdumez@apple.com>

        [WK2] Prune more resources from the MemoryCache before process suspension
        https://bugs.webkit.org/show_bug.cgi?id=145633

        Reviewed by Andreas Kling.

        Prune more resources from the MemoryCache before process suspension or
        on simulated memory warning by doing a synchronous JS garbage collection
        and sweep *before* pruning dead resources from the memory cache.
        Previously, we would do the garbage collection after pruning the
        MemoryCache which meant that a lot of resources became dead after we
        tried to prune them.

        At the end a basic browsing on apple.com, we are able to remove ~17%
        more resources from the MemoryCache on simulated memory warning with this
        change.

        Pruning as much as we can from the memory cache on critical memory
        pressure or before process suspension is not only useful to free up
        memory but also to make room in the vnode table as a lot of
        CachedResources are mmmap'd from the network disk cache.

        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::MemoryPressureHandler):
        (WebCore::MemoryPressureHandler::releaseCriticalMemory):

        - Pass 'synchronous' argument so that we know if we need to do a
          synchronous JS garbage collection.
        - Move here code from in the Cocoa handler that is doing a JS garbage
          collection as well as a sweep, and make this code cross-platform.
          This code used to be iOS specific but I see no reason we shouldn't
          do this on Mac.

        (WebCore::MemoryPressureHandler::releaseMemory):
        * platform/MemoryPressureHandler.h:

        Use enum class arguments for critical / synchronous. The 'synchronous'
        argument is new so that the call site can let us know if memory needs
        to be freed synchronously (e.g. in case of imminent process suspension).

        * platform/cocoa/MemoryPressureHandlerCocoa.mm:
        (WebCore::MemoryPressureHandler::platformReleaseMemory):

        Remove iOS-specific code that was doing a JS garbage collection and
        sweep as this code is now in the generic memory pressure handler.

        (WebCore::MemoryPressureHandler::install):

        On simulated memory pressure, set 'synchronous' argument to Yes so that
        a synchronous GC is done by the generic memory pressure handler. This
        way, we no longer need to do a sync GC after calling the memory pressure
        handler. This avoids code duplication and makes sure the GC is done
        before pruning the memory cache.


2015-06-04  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Clean up m_isEmoji in FontPlatformData
        https://bugs.webkit.org/show_bug.cgi?id=145644

        Reviewed by Andreas Kling.

        m_isEmoji used to be a public member variable only defined on iOS. This
        means that, whenever it was consulted, the sites were surrounded by
        PLATFORM(IOS) guards. A cleaner design is to use a getter and setter,
        which on non-iOS platforms, always return false / do nothing. Then, the
        use sites can just use these functions without having ugly guards.

        No new tests because there is no behavior change.

        * platform/graphics/FontPlatformData.h:
        (WebCore::FontPlatformData::hash): Simplify isEmoji use site.
        (WebCore::FontPlatformData::isEmoji): Getter. Returns false on Mac.
        (WebCore::FontPlatformData::setIsEmoji): Setter. Does nothing on Mac.
        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::pointAdjustedForEmoji): Simplify isEmoji use site.
        (WebCore::FontCascade::drawGlyphs): Ditto.
        * platform/graphics/cocoa/FontCocoa.mm:
        (WebCore::Font::platformInit): Ditto.
        (WebCore::canUseFastGlyphAdvanceGetter): Ditto.
        (WebCore::isEmoji): Deleted.
        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::platformDataInit): Simplify isEmoji use
        site.
        (WebCore::FontPlatformData::platformDataAssign): Ditto.
        (WebCore::FontPlatformData::platformIsEqual): Ditto.
        (WebCore::FontPlatformData::ctFontSize): Ditto.
        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::FontCache::getSystemFontFallbackForCharacters): Ditto.
        (WebCore::FontCache::createFontPlatformData): Ditto.
        * platform/graphics/mac/ComplexTextController.cpp:
        (WebCore::ComplexTextController::adjustGlyphsAndAdvances): Ditto.

2015-06-03  Brent Fulgham  <bfulgham@apple.com>

        REGRESSION (r181879): Scrolling order on pages with focused iframe is broken.
        https://bugs.webkit.org/show_bug.cgi?id=145637
        <rdar://problem/20635581>

        Reviewed by Zalan Bujtas.

        Test: platform/mac-wk2/tiled-drawing/scrolling/iframe_in_iframe.html

        This page revealed a bug in our RenderBox code caused by the mismatch between
        our scrolling units, which are all integrally snapped, with our client height
        and widths, which are not snapped at all. 
        
        In certain cases, the client height would have a small subpixel difference compared
        to the scroll height, which would cause WebKit to believe it was scrollable. When
        this happened, it would get stuck latched to this element and block scrolling events. 

        * page/Frame.cpp:
        (WebCore::Frame::scrollOverflowLayer): Use roundToInt for clientWidth and clientHeight,
        rather than integer truncation.
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::canBeScrolledAndHasScrollableArea): Need to round clientWidth
        and clientHeight to compare with scrollWidth/scrollHeight.
        * rendering/RenderBox.h:
        (WebCore::RenderBox::hasScrollableOverflowX): Ditto.
        (WebCore::RenderBox::hasScrollableOverflowY): Ditto.
        * rendering/RenderMarquee.cpp:
        (WebCore::RenderMarquee::computePosition): Use roundToInt for clientWidth and
        clientHeight, rather than integer truncation.

2015-06-04  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Clean up m_font inside FontPlatformData
        https://bugs.webkit.org/show_bug.cgi?id=145634

        Reviewed by Andreas Kling.

        FontPlatformDatas are used as keys in a HashMap. This means that they need
        to be able to represent a "deleted" value. Previously, this "deleted" value
        was represented as setting the pointer value of m_font to -1, and guarding
        all uses of m_font to make sure it wasn't -1 before dereferencing it.

        This patch simplifies FontPlatformData to represent a "deleted" value using
        a separate boolean member variable. This class is already big enough that
        the increased space is negligable (the class already contains two CoreText
        fonts in addition to a CoreGraphics font). Because of this simplification,
        m_font can now be a RetainPtr, instead of being manually retained and
        released.

        There is still a long way to go before FontPlatformData is acceptably
        clean and understandable. This patch improves one aspect of it, and more
        improvements will eventually follow.

        No new tests because there is no behavior change.

        * platform/graphics/FontCache.cpp: Remove unused variable.
        * platform/graphics/FontPlatformData.cpp:
        (WebCore::FontPlatformData::FontPlatformData): Clean up all the PLATFORM
        macros in favor of a single bool. Also, update to include new state.
        (WebCore::FontPlatformData::operator=): Update to include new state.
        * platform/graphics/FontPlatformData.h:
        (WebCore::FontPlatformData::font): Update to account for RetainPtr.
        (WebCore::FontPlatformData::nsFont): Ditto.
        (WebCore::FontPlatformData::setNSFont): Ditto.
        (WebCore::FontPlatformData::hash): Update to include new state.
        (WebCore::FontPlatformData::operator==): Ditto.
        (WebCore::FontPlatformData::isHashTableDeletedValue): Use new state.
        (WebCore::FontPlatformData::hashTableDeletedFontValue): Deleted.
        (WebCore::FontPlatformData::isValidCTFontRef): Deleted.
        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::platformDataInit): No need for manual retain
        and release.
        (WebCore::FontPlatformData::platformDataAssign): Ditto.
        (WebCore::FontPlatformData::platformIsEqual): Update to account for
        RetanPtr.
        (WebCore::FontPlatformData::setFont): No need for manual retain and
        release.
        (WebCore::FontPlatformData::FontPlatformData): Deleted.
        (WebCore::FontPlatformData::~FontPlatformData): Deleted.
        * platform/graphics/win/FontPlatformDataCairoWin.cpp:
        (WebCore::FontPlatformData::~FontPlatformData): m_scaledFont is always
        valid.
        (WebCore::FontPlatformData::platformDataAssign): Ditto.

2015-06-03  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        [GTK] [Wayland] Build is broken on trunk
        https://bugs.webkit.org/show_bug.cgi?id=142879

        Reviewed by Carlos Garcia Campos.

        No new tests, no behavior changes.

        Patch on GLContext.h picked from bug 136831 by
        Iago Toral <itoral@igalia.com> and Zan Dobersek <zdobersek@igalia.com>

        * platform/graphics/GLContext.h: Include wayland-egl.h before eglplatform.h
        to use the Wayland platform when building for Wayland.
        * platform/graphics/PlatformDisplay.cpp: Fix the include of GDK
        headers for the different targets.
        * platform/graphics/wayland/WaylandSurface.cpp: Fix build after r183731.
        (WebCore::WaylandSurface::~WaylandSurface):

2015-06-04  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] Implement ReadableStreamController enqueue
        https://bugs.webkit.org/show_bug.cgi?id=145210

        Reviewed by Darin Adler.

        Added possibility to enqueue any JSValue within ReadableJSStream.
        They are stored in a Vector of strongified JSValue.

        Added support for streams that contain data but are asked to close.
        This is done through m_closeRequested boolean and splitting actual closing of the stream from changeStateToClosed().

        Chunk size and backpressure mechanism is not yet implemented.
        Neither is pulling once enqueued data is processed.

        Covered by rebased tests.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::changeStateToClosed): Split method with newly added close().
        (WebCore::ReadableStream::close): Does the actual closing of stream once stream has no more values.
        (WebCore::ReadableStream::read): Close the stream when stream is emptied and close is requested.
        (WebCore::ReadableStream::resolveReadCallback): Added to enable ReadableJSStream to resolve read callbacks immediatly at enqueue time.
        * Modules/streams/ReadableStream.h:
        (WebCore::ReadableStream::isErrored): Getter added for the custom binding code.
        (WebCore::ReadableStream::isCloseRequested): Ditto.
        * bindings/js/JSReadableStreamControllerCustom.cpp:
        (WebCore::JSReadableStreamController::enqueue): binding code for enqueue, taking care of raising exception if readable stream cannot enqueue.
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::hasValue):
        (WebCore::ReadableJSStream::read):
        (WebCore::ReadableJSStream::enqueue):
        * bindings/js/ReadableJSStream.h:

2015-06-04  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] ReadableJSStream does not need a ReadableStreamSource
        https://bugs.webkit.org/show_bug.cgi?id=145601

        Reviewed by Darin Adler.

        Covered by existing tests.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::ReadableStream): Remoed m_source.
        * Modules/streams/ReadableStream.h: Ditto
        * Modules/streams/ReadableStreamSource.h: Deleted.
        * WebCore.vcxproj/WebCore.vcxproj: Removing Modules/streams/ReadableStreamSource.h.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::globalObject):
        (WebCore::ReadableJSStream::doStart): Equivalent of ReadableJSStream::Source::start().
        (WebCore::ReadableJSStream::create): Updated according new constructor.
        (WebCore::ReadableJSStream::ReadableJSStream):
        (WebCore::startReadableStreamAsync): Deleted.
        (WebCore::ReadableJSStream::jsController): Deleted.
        (WebCore::ReadableJSStream::storeError): Deleted.
        * bindings/js/ReadableJSStream.h: Added m_source member to store the JS source as a JS object.

2015-06-04  Zan Dobersek  <zdobersek@igalia.com>

        Shrink the ArabicCharShapingMode enum in SVGGlyph.cpp
        https://bugs.webkit.org/show_bug.cgi?id=145564

        Reviewed by Darin Adler.

        Shrink the ArabicCharShapingMode enum to just one byte.
        This drops the size of the static s_arabicCharShapingMode
        array of  ArabicCharShapingMode values from 888 bytes to 222.

        * platform/graphics/SVGGlyph.cpp:
        (WebCore::processArabicFormDetection):

2015-06-03  Zalan Bujtas  <zalan@apple.com>

        Use borderBoxRect instead of contentBoxRect for backdrop filter.
        https://bugs.webkit.org/show_bug.cgi?id=145606

        Reviewed by Simon Fraser.

        Backdrop filter should use border box rect. It also needs to take css clip into account.

        Tests: css3/filters/backdrop/backdrop-filter-with-cliprect.html
               css3/filters/backdrop/backdrop-filter-with-mask.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateBackdropFiltersGeometry):

2015-06-03  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        MediaDevices.getUserMedia should put promises in resolve/reject state synchronously
        https://bugs.webkit.org/show_bug.cgi?id=145308

        Reviewed by Darin Adler.

        Removed the calls to callToMainThread in which were resolved and rejected promises.
        Cleaned up the code to remove unneeded callback copies.

        Covered by existing tests.

        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::create):
        (WebCore::UserMediaRequest::UserMediaRequest):
        (WebCore::UserMediaRequest::didCreateStream):
        (WebCore::UserMediaRequest::failedToCreateStreamWithConstraintsError):
        (WebCore::UserMediaRequest::failedToCreateStreamWithPermissionError):
        * Modules/mediastream/UserMediaRequest.h:

2015-06-03  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r184968): missing media player buttons (control bar exists, but no buttons)
        https://bugs.webkit.org/show_bug.cgi?id=145630

        Reviewed by Zalan Bujtas.

        r184968 changed the initial value of m_intersectsCoverageRect to false. However,
        this triggered a bug with mask layers, whose value of m_intersectsCoverageRect was never
        updated.

        Fix by copying the value of m_intersectsCoverageRect from the main layer to its
        mask layer, just as we do for m_visibleRect and m_coverageRect.

        Test: compositing/visible-rect/mask-layer-coverage.html

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::setVisibleAndCoverageRects):

2015-06-03  Simon Fraser  <simon.fraser@apple.com>

        Layer tree dumps should include mask layers
        https://bugs.webkit.org/show_bug.cgi?id=145629

        Reviewed by Zalan Bujtas.

        Dumping the layer tree omitted to dump the mask layer, so fix 
        GraphicsLayer::dumpProperties() to dump this layer.

        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::dumpProperties):

2015-06-03  Greg Hughes  <ghughes@apple.com>

        AX: Expose field sets to accessibility clients
        https://bugs.webkit.org/show_bug.cgi?id=145585
   
        Expose fieldsets to the accessibility API via a subrole of AXFieldset.

        Reviewed by Chris Fleizach.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper subrole]):

2015-06-03  Myles C. Maxfield  <mmaxfield@apple.com>

        Remove dead code FontPlatformData::roundsGlyphAdvances()
        https://bugs.webkit.org/show_bug.cgi?id=145628

        Reviewed by Simon Fraser.

        No new tests because there is no behavior change.

        * WebCore.order:
        * platform/graphics/FontPlatformData.h:
        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::roundsGlyphAdvances): Deleted.

2015-06-03  Ryuan Choi  <ryuan.choi@navercorp.com>

        [CoordinatedGraphics] Merge CoordinatedTile into Tile
        https://bugs.webkit.org/show_bug.cgi?id=145602

        Reviewed by Darin Adler.

        CoordinatedTile only implements Tile since Qt and WebKit1/Efl were dropped.
        So, there is no reason that CoordinatedTile inherits Tile interface.

        No new tests, no behavior changes.

        * PlatformEfl.cmake:
        * PlatformGTK.cmake:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
        * platform/graphics/texmap/coordinated/CoordinatedTile.cpp: Renamed to Tile.cpp
        * platform/graphics/texmap/coordinated/CoordinatedTile.h: Merged into Tile.h
        (WebCore::CoordinatedTile::coordinate): Deleted.
        (WebCore::CoordinatedTile::rect): Deleted.
        * platform/graphics/texmap/coordinated/Tile.cpp: Renamed from CoordinatedTile.cpp.
        * platform/graphics/texmap/coordinated/Tile.h:
        * platform/graphics/texmap/coordinated/TiledBackingStore.cpp:
        (WebCore::TiledBackingStore::createTiles):

2015-06-03  Matt Rajca  <mrajca@apple.com>

        Add basic Media Session support to HTMLMediaElement.
        https://bugs.webkit.org/show_bug.cgi?id=145581

        Reviewed by Eric Carlson.

        HTMLMediaElements now have:

        - a 'kind' attribute representing the intrinsic media category
        - a 'session' attribute representing the current media session, if any

        * CMakeLists.txt: Include the new HTMLMediaElementMediaSession sources.
        * DerivedSources.make: Include the new IDL file.
        * Modules/mediasession/HTMLMediaElementMediaSession.cpp: Added.
        (WebCore::HTMLMediaElementMediaSession::session):
        * Modules/mediasession/HTMLMediaElementMediaSession.h: Added basic translation of the IDL file.
        (WebCore::HTMLMediaElementMediaSession::kind):
        (WebCore::HTMLMediaElementMediaSession::setKind):
        (WebCore::HTMLMediaElementMediaSession::setSession):
        * Modules/mediasession/HTMLMediaElementMediaSession.idl: Added from the Media Session spec.
        * PlatformMac.cmake: Include DOMHTMLMediaElementMediaSession.cpp.
        * WebCore.xcodeproj/project.pbxproj: Include the new HTMLMediaElementMediaSession sources.
        * html/HTMLMediaElement.h: Added accessors for 'kind' and 'session'.
        (WebCore::HTMLMediaElement::kind):
        (WebCore::HTMLMediaElement::setKind):
        (WebCore::HTMLMediaElement::session):
        (WebCore::HTMLMediaElement::setSession):

2015-06-03  Myles C. Maxfield  <mmaxfield@apple.com>

        Cleanup after r185175.
        https://bugs.webkit.org/show_bug.cgi?id=145569
        <rdar://problem/20671711>

        Unreviewed.

        No new tests because there is no behavior change.

        * platform/graphics/WidthIterator.h:

2015-06-02  Myles C. Maxfield  <mmaxfield@apple.com>

        SoftBank Emoji are not transformed by shaping when in a run of their own
        https://bugs.webkit.org/show_bug.cgi?id=145569
        <rdar://problem/20671711>

        Reviewed by Dean Jackson.

        Normally, we don't perform shaping on single glyphs. However, these particular codepoints
        need to have shaping run on them, even if they are alone.

        Test: fast/text/softbank-emoji.html Note that this test may fail in different locales on
        different platforms. This patch disables the test on iOS.

        * Source/WebCore/platform/graphics/WidthIterator.cpp:
        (WebCore::applyFontTransforms): Move the length-of-1 check into shouldApplyFontTransforms()
        (WebCore::shouldApplyFontTransforms): Return true if we have one of these emoji characters in
        a run of its own
        (WebCore::advanceInternal): Keep track of the previous character, and use it to call
        shouldApplyFontTransforms. 
        * Source/WebCore/platform/graphics/WidthIterator.h: shouldApplyFontTransforms() needs
        some more information to perform its duties.

2015-06-03  Daniel Bates  <dabates@apple.com>

        Caps lock indicator should not be shown in read-only or disabled field
        https://bugs.webkit.org/show_bug.cgi?id=145612
        <rdar://problem/21227454>

        Reviewed by Darin Adler.

        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::disabledAttributeChanged): Update caps lock indicator state.
        (WebCore::TextFieldInputType::readonlyAttributeChanged): Ditto.
        (WebCore::TextFieldInputType::shouldDrawCapsLockIndicator): Do not draw the caps lock indicator
        when the field is read-only or disabled.

2015-06-03  Dean Jackson  <dino@apple.com>

        Crash in GraphicsContext3D::getInternalFramebufferSize
        https://bugs.webkit.org/show_bug.cgi?id=145479
        <rdar://problem/16461048>

        Reviewed by Eric Carlson.

        If we are in an unitialized or lost state, don't try to access the context.

        In order to test this, I added an Internal setting that always
        forces WebGL into a pending state.

        Test: fast/canvas/webgl/useWhilePending.html

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::create): Check internal settings for
        a forced pending state.
        (WebCore::WebGLRenderingContextBase::drawingBufferWidth): Guard against a pending state.
        (WebCore::WebGLRenderingContextBase::drawingBufferHeight): Ditto.
        * page/Settings.cpp: New Internal setting for forcing a pending policy.
        (WebCore::Settings::Settings):
        (WebCore::Settings::setForcePendingWebGLPolicy):
        * page/Settings.h:
        (WebCore::Settings::isForcePendingWebGLPolicy):
        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::Backup::Backup):
        (WebCore::InternalSettings::Backup::restoreTo):
        (WebCore::InternalSettings::setForcePendingWebGLPolicy):
        * testing/InternalSettings.h:
        * testing/InternalSettings.idl:

2015-06-03  Hunseop Jeong  <hs85.jeong@samsung.com>

        Use modern for-loops in WebCore/page.
        https://bugs.webkit.org/show_bug.cgi?id=145455

        Reviewed by Darin Adler.

        No new tests, no behavior changes.

        * page/Chrome.cpp:
        (WebCore::Chrome::notifyPopupOpeningObservers):
        * page/ContentSecurityPolicy.cpp:
        (WebCore::CSPSourceList::matches):
        (WebCore::CSPDirectiveList::gatherReportURIs):
        (WebCore::ContentSecurityPolicy::copyStateFrom):
        (WebCore::isAllowedByAll):
        (WebCore::isAllowedByAllWithState):
        (WebCore::isAllowedByAllWithContext):
        (WebCore::isAllowedByAllWithURL):
        (WebCore::ContentSecurityPolicy::evalDisabledErrorMessage):
        (WebCore::ContentSecurityPolicy::allowPluginType):
        (WebCore::ContentSecurityPolicy::reflectedXSSDisposition):
        (WebCore::ContentSecurityPolicy::gatherReportURIs):
        * page/ContextMenuController.cpp:
        (WebCore::ContextMenuController::populate):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::dispatchAllPendingBeforeUnloadEvents):
        (WebCore::DOMWindow::dispatchAllPendingUnloadEvents):
        (WebCore::DOMWindow::willDestroyCachedFrame):
        (WebCore::DOMWindow::willDestroyDocumentInFrame):
        (WebCore::DOMWindow::willDetachDocumentFromFrame):
        (WebCore::DOMWindow::disconnectDOMWindowProperties):
        (WebCore::DOMWindow::reconnectDOMWindowProperties):
        (WebCore::DOMWindow::getMatchedCSSRules):
        * page/DeviceController.cpp:
        (WebCore::DeviceController::dispatchDeviceEvent):
        (WebCore::DeviceController::fireDeviceEvent):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::updateMouseEventTargetNode):
        (WebCore::EventHandler::handleTouchEvent):
        * page/FocusController.cpp:
        (WebCore::FocusController::setIsVisibleAndActiveInternal):
        * page/Frame.cpp:
        (WebCore::Frame::orientationChanged):
        (WebCore::Frame::injectUserScriptsForWorld):
        * page/FrameView.cpp:
        (WebCore::FrameView::scrollContentsFastPath):
        (WebCore::FrameView::serviceScriptedAnimations):
        (WebCore::FrameView::trackedRepaintRectsAsText):
        (WebCore::FrameView::updateWidgetPositions):
        (WebCore::FrameView::notifyWidgets):
        * page/Page.cpp:
        (WebCore::networkStateChanged):
        (WebCore::Page::stringToViewMode):
        (WebCore::Page::updateStyleForAllPagesAfterGlobalChangeInEnvironment):
        (WebCore::Page::refreshPlugins):
        (WebCore::Page::lockAllOverlayScrollbarsToHidden):
        (WebCore::Page::pluginViews):
        (WebCore::Page::storageBlockingStateChanged):
        (WebCore::Page::setIsVisibleInternal):
        * page/PageGroup.cpp:
        (WebCore::PageGroup::captionPreferencesChanged):
        * page/PageGroupLoadDeferrer.cpp:
        (WebCore::PageGroupLoadDeferrer::PageGroupLoadDeferrer):
        (WebCore::PageGroupLoadDeferrer::~PageGroupLoadDeferrer):
        * page/PageSerializer.cpp:
        (WebCore::PageSerializer::serializeFrame):
        * page/Performance.cpp:
        (WebCore::Performance::webkitGetEntriesByType):
        (WebCore::Performance::webkitGetEntriesByName):
        * page/PerformanceResourceTiming.cpp:
        (WebCore::passesTimingAllowCheck):
        * page/PerformanceUserTiming.cpp:
        (WebCore::convertToEntrySequence):
        * page/SecurityPolicy.cpp:
        (WebCore::SecurityPolicy::isAccessWhiteListed):
        * page/UserContentURLPattern.cpp:
        (WebCore::UserContentURLPattern::matchesPatterns):
        * page/WindowFeatures.cpp:
        (WebCore::WindowFeatures::parseDialogFeatures):
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::updateAnimations):
        (WebCore::AnimationControllerPrivate::fireEventsAndUpdateStyle):
        (WebCore::AnimationControllerPrivate::suspendAnimationsForDocument):
        (WebCore::AnimationControllerPrivate::resumeAnimationsForDocument):
        (WebCore::AnimationControllerPrivate::numberOfActiveAnimations):
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::ShorthandPropertyWrapper::equals):
        (WebCore::ShorthandPropertyWrapper::blend):
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::setStateScrollingNodeSnapOffsetsAsFloat):
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::absoluteNonFastScrollableRegionForFrame):
        (WebCore::ScrollingCoordinator::hasVisibleSlowRepaintViewportConstrainedObjects):

2015-06-03  Daniel Bates  <dabates@apple.com>

        AutoFill button should not be shown in read-only or disabled field
        https://bugs.webkit.org/show_bug.cgi?id=145579
        <rdar://problem/21212494>

        Reviewed by Darin Adler.

        Fixes an issue where the AutoFill button is shown in a read-only or disabled
        field. We should not show the AutoFill button in such cases.

        Tests: fast/forms/auto-fill-button/hide-auto-fill-button-when-input-becomes-disabled.html
               fast/forms/auto-fill-button/hide-auto-fill-button-when-input-becomes-readonly.html
               fast/forms/auto-fill-button/input-auto-fill-button.html
               fast/forms/auto-fill-button/input-disabled-auto-fill-button.html
               fast/forms/auto-fill-button/input-readonly-auto-fill-button.html
               fast/forms/auto-fill-button/input-readonly-non-empty-auto-fill-button.html

        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::disabledAttributeChanged): Update AutoFill button state.
        (WebCore::TextFieldInputType::readonlyAttributeChanged): Ditto.
        (WebCore::TextFieldInputType::shouldDrawAutoFillButton): Do not draw AutoFill button
        when the field is disabled or read-only.

2015-06-03  Brent Fulgham  <bfulgham@apple.com>

        REGRESSION: (r181879): Scrolling in select/option region in iFrame scrolls both select and iframe
        https://bugs.webkit.org/show_bug.cgi?id=145574
        <rdar://problem/20966828>

        Reviewed by Simon Fraser.

        Tested by platform/mac-wk2/tiled-drawing/scrolling/fast-scroll-iframe-latched-select.html

        When the scroll gesture is started when the latched scrollable container is not at the limit of its
        scroll region, we are NOT supposed to propagate the scroll event to the enclosing region. However,
        we were doing two things wrong:
        (1) When we recognized we were latching, we were using the right wheel event target, but not using
            the latched scrollable container.
        (2) Likewise, we were not using latched ScrollableArea when handling wheel events.

        Instead, we were using the current scrollable container and ScrollableArea under the mouse pointer,
        which could be different from the point we started latching as the content scrolled.
        
        The fix was to properly track the scrollable container and scrollable area during latching.

        I attempted to store the latched ScrollableArea in the latchingState object, like we already do for the
        scrollable container, but found that this did not work properly. I think the life cycle of the
        ScrollableArea may not match the scrollable container, and since they are not reference counted I
        simply retrieve the ScrollableArea when needed.

        * page/mac/EventHandlerMac.mm:
        (WebCore::scrollableAreaForContainerNode): Helper function to return the correct ScrollableArea
        for the two types of RenderBox elements.
        (WebCore::latchedToFrameOrBody): Helper predicate to identify Frame and Body elements.
        (WebCore::EventHandler::platformPrepareForWheelEvents): Use the correct ScrollableArea for the given
        ContainerNode. When latching, make sure to use the ScrollableArea that is related to the latched scrollable
        container, not the area currently underneath the mouse pointer.

2015-06-03  Brady Eidson  <beidson@apple.com>

        REGRESSION (r183498): Certain types of frame loads in iframes with <base target="_blank"> can open urls in new window/tabs
        https://bugs.webkit.org/show_bug.cgi?id=145580

        Reviewed by Mark Lam.

        Tests: fast/loader/fragment-navigation-base-blank.html
               fast/loader/iframe-meta-refresh-base-blank.html
               fast/loader/iframe-set-location-base-blank.html
               fast/loader/refresh-iframe-base-blank.html

        Before 183498, callers of FrameLoader::changeLocation() got automatically assigned a frame name of "_self".
        After 183498, many remained without a frame name.
        
        Later on, FrameLoader applies the <base> target as their frame name if they don't already have one. 
        
        When the <base> target is "_blank", that causes a new window/tab.
        
        Restoring "_self" to these call sites fixes this.

        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorFrontendClientLocal::openInNewTab):
        
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::navigate):
        
        * loader/FrameLoadRequest.h:
        (WebCore::FrameLoadRequest::FrameLoadRequest):
        
        * loader/NavigationScheduler.cpp:
        (WebCore::NavigationScheduler::scheduleLocationChange):
        
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::createWindow):

2015-06-03  Alexey Proskuryakov  <ap@apple.com>

        More iOS build fixing.

        * platform/spi/mac/AVFoundationSPI.h:

2015-06-03  Zalan Bujtas  <zalan@apple.com>

        Subpixel rendering: Composited layer with subpixel gap does not get painted properly when its position changes.
        https://bugs.webkit.org/show_bug.cgi?id=145587

        Reviewed by Simon Fraser.

        The composited layer always snaps to an enclosing device pixel (floors) while the renderer rounds.
        At certain positions (for example 0.5px on a 1x display), a gap is formed between the layer(0px) and its renderer(1px).
        In such cases, when the the renderer moves to a position (1.1px) where the gap is closed, we need to issue repaint on the layer
        in order to get the renderering right.

        Test: compositing/child-layer-with-subpixel-gap-needs-repaint-when-parent-moves.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateAfterLayout):
        (WebCore::devicePixelFractionGapFromRendererChanged):
        (WebCore::RenderLayerBacking::updateGeometry):
        * rendering/RenderLayerBacking.h:

2015-06-03  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] ReadableStreamReader::closed() should be called once by binding code
        https://bugs.webkit.org/show_bug.cgi?id=145551

        Reviewed by Darin Adler.

        Covered by existing tests.

        * bindings/js/JSReadableStreamReaderCustom.cpp:
        (WebCore::JSReadableStreamReader::closed): Calling ReadableStreamReader::closed only at creation of the promise.

2015-06-02  Gyuyoung Kim  <gyuyoung.kim@webkit.org>

        [EFL][GTK] Fix build error since r185137
        https://bugs.webkit.org/show_bug.cgi?id=145596

        Unreviewed, fix build break on EFL and GTK port.

        * dom/Text.cpp:
        (WebCore::Text::formatForDebugger): Use strncpy() instead of strlcpy().

2015-06-02  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] Switch from parenthesis to brackets for grid line names
        https://bugs.webkit.org/show_bug.cgi?id=144996

        Reviewed by Darin Adler.

        Grid line names are now enclosed by brackets instead of parentheses
        as mentioned in the latest version of the spec. Appartently the CSS
        code is now more readable and avoids issues with tools like SASS.

        * css/CSSGrammar.y.in:
        * css/CSSGridLineNamesValue.cpp:
        (WebCore::CSSGridLineNamesValue::customCSSText):

2015-06-02  Alexey Proskuryakov  <ap@apple.com>

        iOS build fix

        * platform/spi/mac/AVFoundationSPI.h:

2015-06-02  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r185128 and r185132.
        https://bugs.webkit.org/show_bug.cgi?id=145597

        The new test hits a bad assertion (Requested by ap on
        #webkit).

        Reverted changesets:

        "Crash in GraphicsContext3D::getInternalFramebufferSize"
        https://bugs.webkit.org/show_bug.cgi?id=145479
        http://trac.webkit.org/changeset/185128

        "Skip webgl/useWhilePending.html on WebKit 1."
        http://trac.webkit.org/changeset/185132

2015-06-02  Ryuan Choi  <ryuan.choi@navercorp.com>

        [CoordinatedGraphics] Refactor TiledBackingStoreClient
        https://bugs.webkit.org/show_bug.cgi?id=145577

        Reviewed by Gyuyoung Kim.

        This patch removes and simplifies unnecessary virtual methods of TiledBackingStoreClient.

        No new tests, no behavior changes.

        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::didUpdateTileBuffers): Renamed from tiledBackingStorePaintEnd.
        (WebCore::CoordinatedGraphicsLayer::tiledBackingStorePaintBegin): Deleted.
        (WebCore::CoordinatedGraphicsLayer::tiledBackingStorePaintEnd): Deleted.
        (WebCore::CoordinatedGraphicsLayer::tiledBackingStoreBackgroundColor):
        Deleted because tiledBackingStoreBackgroundColor() is not used anywhere.
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
        * platform/graphics/texmap/coordinated/CoordinatedTile.cpp:
        (WebCore::CoordinatedTile::updateBackBuffer):
        Simplified not to call unnecessary methods. In addition, used modern for loop.
        (WebCore::CoordinatedTile::swapBackBufferToFront): Deleted.
        * platform/graphics/texmap/coordinated/CoordinatedTile.h:
        * platform/graphics/texmap/coordinated/Tile.h:
        * platform/graphics/texmap/coordinated/TiledBackingStore.cpp:
        (WebCore::TiledBackingStore::updateTileBuffers):
        * platform/graphics/texmap/coordinated/TiledBackingStoreClient.h:

2015-06-02  Doug Russell  <d_russell@apple.com>

        AX: debugging attributes for text markers
        https://bugs.webkit.org/show_bug.cgi?id=145283

        Reviewed by Chris Fleizach.

        AXTextMarkerDebugDescription: returns the result of
        VisiblePosition::formatForDebugger() for the visible position that a text marker
        represents.
        AXTextMarkerNodeDebugDescription: calls Node::showNode() and
        Node::showNodePathForThis() for the visible position that a text marker
        represents.
        AXTextMarkerNodeTreeDebugDescription: calls Node::showTreeForThis() for the
        visible position that a text marker represents.
        AXTextMarkerRangeDebugDescription: returns the result of
        formatForDebugger(VisiblePositionRange) for the visible position range that a text
        marker range represents.

        This is debug only tooling. Tests would be flakey and not very helpful.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper debugDescriptionForTextMarker:]):
        (-[WebAccessibilityObjectWrapper debugDescriptionForTextMarkerRange:]):
        (-[WebAccessibilityObjectWrapper showNodeForTextMarker:]):
        (-[WebAccessibilityObjectWrapper showNodeTreeForTextMarker:]):
        (formatForDebugger):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
        * dom/Text.cpp:
        (WebCore::Text::formatForDebugger):

2015-06-02  Matt Rajca  <mrajca@apple.com>

        MediaSessions should keep track of their current state.
        https://bugs.webkit.org/show_bug.cgi?id=145575

        Reviewed by Alex Christensen.

        * Modules/mediasession/MediaSession.h: Per the Media Session spec, the state can be 'Idle', 'Active', or
          'Interrupted'. Sessions are created in an 'Idle' state.

2015-06-02  Jon Lee  <jonlee@apple.com>

        Build fix when building with internal SDKs
        https://bugs.webkit.org/show_bug.cgi?id=145576
        rdar://problem/21089476

        Reviewed by Alexey Proskuryakov.

        * platform/spi/mac/AVFoundationSPI.h: Include the right header.

2015-06-02  Dean Jackson  <dino@apple.com>

        No need to guard the sizes attribute against PICTURE_SIZES in preload scanner.
        https://bugs.webkit.org/show_bug.cgi?id=145573
        <rdar://problem/21210038>

        Reviewed by Myles Maxfield.

        The PICTURE_SIZES feature flag doesn't need to be used to
        guard preloading of the sizes attribute.

        * html/parser/HTMLPreloadScanner.cpp:
        (WebCore::TokenPreloadScanner::StartTagScanner::processAttributes): Deleted.
        (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute): Deleted.

2015-06-02  Anders Carlsson  <andersca@apple.com>

        Use UUIDs for WebSQL database filenames instead of a sequential number
        https://bugs.webkit.org/show_bug.cgi?id=145571

        Reviewed by Dan Bernstein.

        This is a first step towards getting rid of the iOS specific code path where we truncate
        database files instead of deleting them (in order to avoid file corruption).

        * Modules/webdatabase/DatabaseTracker.cpp:
        (WebCore::generateDatabaseFileName):
        (WebCore::DatabaseTracker::fullPathForDatabaseNoLock):
        * platform/sql/SQLiteFileSystem.cpp:
        (WebCore::SQLiteFileSystem::getFileNameForNewDatabase): Deleted.
        * platform/sql/SQLiteFileSystem.h:

2015-06-02  Dean Jackson  <dino@apple.com>

        Crash in GraphicsContext3D::getInternalFramebufferSize
        https://bugs.webkit.org/show_bug.cgi?id=145479
        <rdar://problem/16461048>

        Reviewed by Eric Carlson.

        If we are in an unitialized or lost state, don't try to access the context.

        In order to test this, I added an Internal setting that always
        forces WebGL into a pending state.

        Test: fast/canvas/webgl/useWhilePending.html

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::create): Check internal settings for
        a forced pending state.
        (WebCore::WebGLRenderingContextBase::drawingBufferWidth): Guard against a pending state.
        (WebCore::WebGLRenderingContextBase::drawingBufferHeight): Ditto.
        * page/Settings.cpp: New Internal setting for forcing a pending policy.
        (WebCore::Settings::Settings):
        (WebCore::Settings::setForcePendingWebGLPolicy):
        * page/Settings.h:
        (WebCore::Settings::isForcePendingWebGLPolicy):
        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::Backup::Backup):
        (WebCore::InternalSettings::Backup::restoreTo):
        (WebCore::InternalSettings::setForcePendingWebGLPolicy):
        * testing/InternalSettings.h:
        * testing/InternalSettings.idl:

2015-06-02  Matt Rajca  <mrajca@apple.com>

        Added a stub implementation of MediaSession, part of the Media Session spec.
        https://bugs.webkit.org/show_bug.cgi?id=145530

        Reviewed by Eric Carlson.

        * CMakeLists.txt: Added new MediaSession sources.
        * DerivedSources.make:
        * Modules/mediasession/MediaSession.cpp: Added stub implementation.
        (WebCore::MediaSession::MediaSession): Per the Media Session spec, a Media Remote Controls object should only be
          set for 'content' sessions; it is null otherwise.
        (WebCore::MediaSession::~MediaSession):
        (WebCore::MediaSession::controls):
        (WebCore::MediaSession::releaseSession):
        * Modules/mediasession/MediaSession.h: Added basic translation of IDL file.
        * Modules/mediasession/MediaSession.idl: Added from the Media Session spec.
        * WebCore.xcodeproj/project.pbxproj: Added new MediaSession sources.

2015-06-02  Zalan Bujtas  <zalan@apple.com>

        Backdrop filter is pulling in content from behind the window.
        https://bugs.webkit.org/show_bug.cgi?id=145561
        rdar://problem/20909309

        Reviewed by Simon Fraser.

        This patch ensures that the backdrop filter layer is positioned and sized properly.

        The backdrop filter layer should take its size and position from its renderer and not
        directly from the composited layer.
        In certain cases the composited layer's size is expanded to cover items like box shadow or an absolute positioned descendant.
        In such cases, we ended up applying the backdrop filter to those areas as well.

        Tests: css3/filters/backdrop/backdrop-filter-does-not-size-properly-absolute.html
               css3/filters/backdrop/backdrop-filter-does-not-size-properly-border-and-padding.html

        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::setBackdropFiltersRect):
        (WebCore::GraphicsLayer::backdropFiltersRect):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::setBackdropFiltersRect):
        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
        (WebCore::GraphicsLayerCA::updateBackdropFilters):
        (WebCore::GraphicsLayerCA::updateBackdropFiltersRect):
        (WebCore::GraphicsLayerCA::updateContentsRects):
        (WebCore::GraphicsLayerCA::updateGeometry): Deleted.
        * platform/graphics/ca/GraphicsLayerCA.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateBackdropFiltersGeometry):
        (WebCore::RenderLayerBacking::updateGeometry):
        * rendering/RenderLayerBacking.h:

2015-06-02  Eric Carlson  <eric.carlson@apple.com>

        [Mac] occasional crash in Document::playbackTargetAvailabilityDidChange
        https://bugs.webkit.org/show_bug.cgi?id=145559

        Reviewed by Darin Adler.

        No new tests, covered by existing tests.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::registerWithDocument): Pass document to m_mediaSession->registerWithDocument.
        (WebCore::HTMLMediaElement::unregisterWithDocument): Pass document to m_mediaSession->unRegisterWithDocument.
        (WebCore::HTMLMediaElement::documentWillSuspendForPageCache): Ditto.
        (WebCore::HTMLMediaElement::documentDidResumeFromPageCache): Ditto.

        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::registerWithDocument): Take a document.
        (WebCore::MediaElementSession::unregisterWithDocument): Ditto.
        * html/MediaElementSession.h:

2015-06-02  Chris Dumez  <cdumez@apple.com>

        Calling FrameView::viewportContentsChanged() after style recalcs is too expensive
        https://bugs.webkit.org/show_bug.cgi?id=145554
        <rdar://problem/21189478>

        Reviewed by Darin Adler and Simon Fraser.

        Only call FrameView::viewportContentsChanged() after a style recalc if
        composited layers have been updated (and there is no pending layout).

        We already viewportContentsChanged() after layout so we only need to
        call viewportContentsChanged() after a style recalc if it did not cause
        a layout but may have caused an element to become visible. In
        particular, this can happen in the case of composited animations (e.g.
        using -webkit-transform to move an element inside the viewport).
        Therefore, we now only call viewportContentsChanged() after a style
        recalc if it caused composited layers to be updated. This avoids a lot
        of unnecessary calls to viewportContentsChanged(), which is expensive.

        No new tests, already covered by:
        fast/images/animated-gif-webkit-transform.html

        * dom/Document.cpp:
        (WebCore::Document::recalcStyle):
        * page/FrameView.cpp:
        (WebCore::FrameView::updateCompositingLayersAfterStyleChange):
        * page/FrameView.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::didRecalcStyleWithNoPendingLayout):
        (WebCore::RenderLayerCompositor::updateCompositingLayers):
        * rendering/RenderLayerCompositor.h:

2015-06-02  Myles C. Maxfield  <mmaxfield@apple.com>

        Remove use of CTFontSetRenderingParameters()
        https://bugs.webkit.org/show_bug.cgi?id=145560

        Reviewed by Simon Fraser.

        Instead, always use CTFontSetRenderingStyle().

        No new tests because there is no behavior change.

        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::RenderingStyleSaver::RenderingStyleSaver): Deleted.
        (WebCore::RenderingStyleSaver::~RenderingStyleSaver): Deleted.

2015-06-02  Anders Carlsson  <andersca@apple.com>

        Move WKFontAntialiasingStateSaver to its own file
        https://bugs.webkit.org/show_bug.cgi?id=145557
        rdar://problem/21134776

        Reviewed by Dan Bernstein.

        Also rename it to FontAntialiasingStateSaver. Also, change it to use the CoreGraphicsSPI.h header for its
        CGFontAntialiasingStyle definition instead of using an explicit typedef.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/ca/mac/PlatformCALayerMac.mm:
        (PlatformCALayer::drawLayerContents):
        * platform/graphics/ios/FontAntialiasingStateSaver.h: Copied from Source/WebCore/platform/ios/wak/WKGraphics.h.
        (WebCore::FontAntialiasingStateSaver::FontAntialiasingStateSaver):
        (WebCore::FontAntialiasingStateSaver::setup):
        (WebCore::FontAntialiasingStateSaver::restore):
        * platform/ios/LegacyTileCache.mm:
        (WebCore::LegacyTileCache::drawWindowContent):
        * platform/ios/wak/WKGraphics.h:
        (WKFontAntialiasingStateSaver::WKFontAntialiasingStateSaver): Deleted.
        * platform/ios/wak/WKGraphics.mm:
        (WKFontAntialiasingStateSaver::setup): Deleted.
        (WKFontAntialiasingStateSaver::restore): Deleted.

2015-06-02  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] Implement ReadableStreamReader read method in closed and errored state
        https://bugs.webkit.org/show_bug.cgi?id=144790

        Reviewed by Darin Adler.

        Reader delegates read() promise handling to its stream except if reader is no longer locking the stream and stream is readable.
        Storing of reader read() promise callbacks as a Vector in ReadableStream.
        Added resolution/rejection of read() promises in case of errored/closed streams.

        Test: streams/readable-stream-reader-read.html

        * ForwardingHeaders/runtime/IteratorOperations.h: Added.
        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::cleanCallbacks): Clean the read requests.
        (WebCore::ReadableStream::changeStateToClosed): Run success callbacks with undefined for read requests.
        (WebCore::ReadableStream::changeStateToErrored): Run failure callbacks with the errors for read requests.
        (WebCore::ReadableStream::closed): Parameter name changed.
        (WebCore::ReadableStream::read): Added. Succeeds with empty when closed, fails with error when errored, reads a
        value if there is one and pushes the callbacks to the queue otherwise.
        * Modules/streams/ReadableStream.h:
        (WebCore::ReadableStream::ReadCallbacks::ReadCallbacks): Struct containing success and failure callbacks.
        * Modules/streams/ReadableStreamReader.cpp:
        (WebCore::ReadableStreamReader::closed): Parameter name changed.
        (WebCore::ReadableStreamReader::read): Invoke success with empty if we streams if we don't have the right reader
        and call the stream otherwise to read.
        * Modules/streams/ReadableStreamReader.h:
        * bindings/js/JSReadableStreamReaderCustom.cpp:
        (WebCore::JSReadableStreamReader::read): Create the callback lambdas and invoke read. Failure rejects the
        promise and success creates the result from the read value.
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::hasValue):
        (WebCore::ReadableJSStream::read): Not implemented yet.
        * bindings/js/ReadableJSStream.h:

2015-06-01  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] FontPlatformData's equality check should always use reference URLs
        https://bugs.webkit.org/show_bug.cgi?id=144168

        Reviewed by Tim Horton.

        <rdar://problem/18985642> is not fixed, so we need to continue using the older
        objectForEqualityCheck().

        No new tests because there is no behavior change.

        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::objectForEqualityCheck):

2015-06-02  Andy Estes  <aestes@apple.com>

        [Mac] REGRESSION (r175941): Max.app crashes when adding a sound file to a patch due to removing cursor resources from WebCore.framework
        https://bugs.webkit.org/show_bug.cgi?id=145555

        Reviewed by Darin Adler.

        Re-added the cursor resources used by Max.app and ran sort-Xcode-project-file.

        * Resources/copyCursor.png: Added.
        * Resources/moveCursor.png: Added.
        * Resources/northEastSouthWestResizeCursor.png: Added.
        * Resources/northSouthResizeCursor.png: Added.
        * Resources/northWestSouthEastResizeCursor.png: Added.
        * WebCore.xcodeproj/project.pbxproj:

2015-06-02  Brady Eidson  <beidson@apple.com>

        WebKit policy delegate should suggest if a navigation should be allowed to open URLs externally.
        rdar://problem/21025301 and https://bugs.webkit.org/show_bug.cgi?id=145280

        Reviewed by Alex Christensen.

        Tests: loader/navigation-policy/should-open-external-urls/main-frame-click.html
               loader/navigation-policy/should-open-external-urls/main-frame-navigated-programatically-by-subframe.html
               loader/navigation-policy/should-open-external-urls/main-frame-with-flag-progamatic.html
               loader/navigation-policy/should-open-external-urls/main-frame-without-flag-programatic.html
               loader/navigation-policy/should-open-external-urls/subframe-click-target-self.html
               loader/navigation-policy/should-open-external-urls/subframe-click-target-top.html
               loader/navigation-policy/should-open-external-urls/user-gesture-target-blank-with-flag-from-subframe.html
               loader/navigation-policy/should-open-external-urls/user-gesture-target-blank-with-flag.html
               loader/navigation-policy/should-open-external-urls/user-gesture-target-blank-without-flag-from-subframe.html
               loader/navigation-policy/should-open-external-urls/user-gesture-target-blank-without-flag.html
               loader/navigation-policy/should-open-external-urls/user-gesture-window-open-with-flag-from-subframe.html
               loader/navigation-policy/should-open-external-urls/user-gesture-window-open-with-flag.html
               loader/navigation-policy/should-open-external-urls/user-gesture-window-open-without-flag-from-subframe.html
               loader/navigation-policy/should-open-external-urls/user-gesture-window-open-without-flag.html
               loader/navigation-policy/should-open-external-urls/window-open-with-flag-from-subframe.html
               loader/navigation-policy/should-open-external-urls/window-open-with-flag.html
               loader/navigation-policy/should-open-external-urls/window-open-without-flag-from-subframe.html
               loader/navigation-policy/should-open-external-urls/window-open-without-flag.html

        The "should open external URLs" flag is only for main frames.
        It doesn't enforce any sort of policy internal to WebKit, but rather is for notifications to the policy delegate.
        
        It is set from one of two places:
        1 - A main frame is navigated by any frame as the result of a user gesture.
        2 - WebKit2 API explicitly states the flag is true.
        
        The flag value propagates when:
        1 - When a main frame document is navigated to a new main frame document.
        2 - When a new window is opened from a page whose main frame had the flag set.
        3 - When a new window is opened as the result of a user gesture.
        
        The flag resets to false when:
        1 - A subframe navigates a main frame without a user gesture.
        
        This patch is large, but does little more than the following:
        1 - Adds a ShouldOpenExternalURLs flag to both FrameLoadRequest and NavigationAction.
        2 - Makes sure anybody who creates either of those objects sets a sensible for that flag.
        3 - When FrameLoader creates a new DocumentLoader, it sets its flag based on whether or not the load is in a main frame,
            whether or not the load is from a user gesture, and based on the initiator's value of the flag. 
            
        * dom/Document.cpp:
        (WebCore::Document::processHttpEquiv):
        (WebCore::Document::shouldOpenExternalURLsPolicyToPropagate):
        * dom/Document.h:
        
        * html/HTMLAnchorElement.cpp:
        (WebCore::HTMLAnchorElement::handleClick):
        
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::handleClick):
        
        * html/parser/XSSAuditorDelegate.cpp:
        (WebCore::XSSAuditorDelegate::didBlockScript):
        
        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorFrontendClientLocal::openInNewTab):
        
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::navigate):
        
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::setTriggeringAction):
        (WebCore::DocumentLoader::shouldOpenExternalURLsPolicyToPropagate):
        * loader/DocumentLoader.h:
        (WebCore::DocumentLoader::shouldOpenExternalURLsPolicy): Deleted.
        
        * loader/FrameLoadRequest.cpp:
        (WebCore::FrameLoadRequest::FrameLoadRequest):
        * loader/FrameLoadRequest.h:
        (WebCore::FrameLoadRequest::FrameLoadRequest):
        
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::urlSelected):
        (WebCore::FrameLoader::receivedFirstData):
        (WebCore::FrameLoader::loadURLIntoChildFrame):
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::loadWithNavigationAction):
        (WebCore::FrameLoader::reloadWithOverrideEncoding):
        (WebCore::FrameLoader::reload):
        (WebCore::FrameLoader::loadPostRequest):
        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
        (WebCore::FrameLoader::applyShouldOpenExternalURLsPolicyToNewDocumentLoader):
        * loader/FrameLoader.h:
        
        * loader/NavigationAction.cpp:
        (WebCore::NavigationAction::NavigationAction):
        (WebCore::NavigationAction::copyWithShouldOpenExternalURLsPolicy):
        * loader/NavigationAction.h:
        (WebCore::NavigationAction::setShouldOpenExternalURLsPolicy): Deleted.
        
        * loader/NavigationScheduler.cpp:
        (WebCore::ScheduledURLNavigation::ScheduledURLNavigation):
        (WebCore::ScheduledRedirect::ScheduledRedirect):
        (WebCore::ScheduledLocationChange::ScheduledLocationChange):
        (WebCore::ScheduledRefresh::ScheduledRefresh):
        (WebCore::ScheduledFormSubmission::ScheduledFormSubmission):
        (WebCore::NavigationScheduler::scheduleRedirect):
        (WebCore::NavigationScheduler::scheduleLocationChange):
        (WebCore::NavigationScheduler::scheduleRefresh):
        * loader/NavigationScheduler.h:
        
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):
        
        * loader/SubframeLoader.cpp:
        (WebCore::SubframeLoader::loadOrRedirectSubframe):
        
        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::selectCache):
        
        * page/ContextMenuController.cpp:
        (WebCore::openNewWindow):
        (WebCore::ContextMenuController::contextMenuItemSelected):
        
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::setLocation):
        (WebCore::DOMWindow::createWindow):
        (WebCore::DOMWindow::open):
        
        * page/DragController.cpp:
        (WebCore::DragController::performDragOperation):
        
        * page/Location.cpp:
        (WebCore::Location::reload):
        
        * replay/ReplayInputDispatchMethods.cpp:
        (WebCore::InitialNavigation::dispatch):
        
        * svg/SVGAElement.cpp:
        (WebCore::SVGAElement::defaultEventHandler):

2015-06-02  Yusuke Suzuki  <utatane.tea@gmail.com>

        Heap-use-after-free read of size 4 in JavaScriptCore: WTF::StringImpl::isSymbol() (StringImpl.h:496)
        https://bugs.webkit.org/show_bug.cgi?id=145532

        Reviewed by Geoffrey Garen.

        Hold the ownership of AtomicStringImpl*.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateParametersCheck):
        * dom/TreeScope.cpp:
        (WebCore::TreeScope::getElementById):

2015-06-02  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        SharedBuffer::copy should return a Ref<SharedBuffer>
        https://bugs.webkit.org/show_bug.cgi?id=145499

        Reviewed by Andreas Kling.

        Changing SharedBuffer::copy to return a Ref<> and adapting some code accordingly.

        Covered by existing tests.

        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::didReceiveResponse):
        * loader/appcache/ApplicationCacheResource.cpp:
        (WebCore::ApplicationCacheResource::deliver):
        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::copy):
        * platform/SharedBuffer.h:

2015-06-01  Hunseop Jeong  <hs85.jeong@samsung.com>

        Use modern for-loops in WebCore/Modules - 1
        https://bugs.webkit.org/show_bug.cgi?id=145507

        Reviewed by Darin Adler.

        No new tests, no behavior changes.

        * Modules/battery/BatteryController.cpp:
        (WebCore::BatteryController::~BatteryController):
        (WebCore::BatteryController::updateBatteryStatus):
        (WebCore::BatteryController::didChangeBatteryStatus):
        * Modules/encryptedmedia/CDM.cpp:
        (WebCore::CDMFactoryForKeySystem):
        * Modules/encryptedmedia/MediaKeys.cpp:
        (WebCore::MediaKeys::~MediaKeys):
        * Modules/geolocation/Geolocation.cpp:
        (WebCore::Geolocation::resumeTimerFired):
        (WebCore::Geolocation::resetAllGeolocationPermission):
        (WebCore::Geolocation::makeCachedPositionCallbacks):
        (WebCore::Geolocation::sendError):
        (WebCore::Geolocation::sendPosition):
        (WebCore::Geolocation::stopTimer):
        (WebCore::Geolocation::cancelRequests):
        (WebCore::Geolocation::extractNotifiersWithCachedPosition):
        (WebCore::Geolocation::copyToSet):
        (WebCore::Geolocation::handlePendingPermissionNotifiers):
        * Modules/geolocation/GeolocationController.cpp:
        (WebCore::GeolocationController::positionChanged):
        (WebCore::GeolocationController::errorOccurred):
        * Modules/indexeddb/IDBDatabase.cpp:
        (WebCore::IDBDatabase::objectStoreNames):
        (WebCore::IDBDatabase::transaction):
        (WebCore::IDBDatabase::forceClose):
        (WebCore::IDBDatabase::closeConnection):
        (WebCore::IDBDatabase::findObjectStoreId):
        * Modules/indexeddb/IDBDatabaseBackend.cpp:
        (WebCore::IDBDatabaseBackend::runIntVersionChangeTransaction):
        (WebCore::IDBDatabaseBackend::deleteDatabase):
        (WebCore::IDBDatabaseBackend::close):
        * Modules/indexeddb/IDBDatabaseMetadata.cpp:
        (WebCore::IDBDatabaseMetadata::isolatedCopy):
        (WebCore::IDBObjectStoreMetadata::isolatedCopy):
        * Modules/indexeddb/IDBKey.cpp:
        (WebCore::IDBKey::isValid):
        * Modules/indexeddb/IDBKey.h:
        (WebCore::IDBKey::createMultiEntryArray):
        (WebCore::IDBKey::createArray):
        * Modules/indexeddb/IDBKeyPath.cpp:
        (WebCore::IDBKeyPath::IDBKeyPath):
        (WebCore::IDBKeyPath::isValid):
        (WebCore::IDBKeyPath::isolatedCopy):
        * Modules/indexeddb/IDBObjectStore.cpp:
        (WebCore::IDBObjectStore::indexNames):
        (WebCore::IDBObjectStore::put):
        Rename the two 'i's to 'keyData' and 'indexKeyData'.
        (WebCore::IDBObjectStore::index):
        (WebCore::IDBObjectStore::findIndexId):
        * Modules/indexeddb/IDBPendingTransactionMonitor.cpp:
        (WebCore::IDBPendingTransactionMonitor::deactivateNewTransactions):
        * Modules/indexeddb/IDBRequest.cpp:
        (WebCore::IDBRequest::abort):
        * Modules/indexeddb/IDBTransaction.cpp:
        (WebCore::IDBTransaction::closeOpenCursors):
        (WebCore::IDBTransaction::onAbort):
        (WebCore::IDBTransaction::dispatchEvent):
        * Modules/indexeddb/IDBTransactionBackend.cpp:
        (WebCore::IDBTransactionBackend::create):
        (WebCore::IDBTransactionBackend::closeOpenCursors):
        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::onReadyStateChange):
        * Modules/mediastream/MediaConstraintsImpl.cpp:
        (WebCore::MediaConstraintsImpl::initialize):
        (WebCore::MediaConstraintsImpl::getMandatoryConstraints):
        (WebCore::MediaConstraintsImpl::getOptionalConstraintValue):
        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::create):
        (WebCore::MediaStream::cloneMediaStreamTrackVector):
        (WebCore::MediaStream::addTrack):
        (WebCore::MediaStream::removeTrack):
        (WebCore::MediaStream::haveTrackWithSource):
        (WebCore::MediaStream::getTrackById):
        (WebCore::MediaStream::getTracks):
        (WebCore::MediaStream::trackDidEnd):
        (WebCore::MediaStream::scheduledEventTimerFired):
        * Modules/mediastream/MediaStreamCapabilities.cpp:
        (WebCore::MediaStreamCapabilities::sourceType):
        (WebCore::MediaStreamCapabilities::sourceId):
        (WebCore::MediaStreamCapabilities::facingMode):
        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::trackDidEnd):
        * Modules/mediastream/MediaStreamTrackSourcesRequest.cpp:
        (WebCore::MediaStreamTrackSourcesRequest::didCompleteRequest):

2015-06-01  Myles C. Maxfield  <mmaxfield@apple.com>

        [SVG -> OTF Converter] Remove unnecessary hacks
        https://bugs.webkit.org/show_bug.cgi?id=145088

        Reviewed by Simon Fraser.

        Not needed anymore.

        Test: svg/text/offset-square-svg-font.html

        * svg/SVGToOTFFontConversion.cpp:
        (WebCore::SVGToOTFFontConverter::appendKERNTable):
        (WebCore::SVGToOTFFontConverter::SVGToOTFFontConverter):

2015-06-01  Andreas Kling  <akling@apple.com>

        CSS animations in filling-forwards state shouldn't force compositing.
        <https://webkit.org/b/145389>
        <rdar://problem/17923642>

        Reviewed by Simon Fraser.

        Stop checking if a CSS animation is filling forwards when computing
        compositing requirements.

        This prevents finished animations from pinning elements in composited
        state, and frees up a bunch of IOSurface memory on some content.

        * page/animation/AnimationBase.h:
        (WebCore::AnimationBase::isAnimatingProperty): Deleted.
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateGeometry):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::requiresCompositingForAnimation):

2015-06-01  Myles C. Maxfield  <mmaxfield@apple.com>

        Out of bounds read in WebCore::ComplexTextController::adjustGlyphsAndAdvances
        https://bugs.webkit.org/show_bug.cgi?id=145537
        <rdar://problem/20959267>

        Reviewed by Darin Adler.

        U16_IS_SURROGATE_LEAD(ch) assumes U16_IS_SURROGATE(ch). In this case, that isn't true.

        Test: fast/text/crash-complex-text-surrogate.html

        * platform/graphics/mac/ComplexTextController.cpp:
        (WebCore::ComplexTextController::adjustGlyphsAndAdvances):

2015-05-30  Zalan Bujtas  <zalan@apple.com>

        REGRESSION (179771): zooming on facebook images covers image
        https://bugs.webkit.org/show_bug.cgi?id=145485

        Reviewed by Simon Fraser.

        Scaling an infinite rect should always produce an infinite rect.
        (Based on Simon Fraser's patch)

        Test: compositing/layer-creation/zoomed-clip-intersection.html

        * platform/graphics/LayoutRect.cpp:
        (WebCore::LayoutRect::scale):

2015-06-01  Gyuyoung Kim  <gyuyoung.kim@webkit.org>

        Purge PassRefPtr in WebCore/Modules - 3
        https://bugs.webkit.org/show_bug.cgi?id=145508

        Reviewed by Darin Adler.

        As a step to purge PassRefPtr, this patch removes PassRefPtr, then use Ref or RefPtr.

        * Modules/indexeddb/IDBCursor.cpp:
        (WebCore::IDBCursor::create):
        * Modules/indexeddb/IDBCursor.h:
        * Modules/indexeddb/IDBCursorBackend.h:
        (WebCore::IDBCursorBackend::create):
        * Modules/indexeddb/IDBCursorBackendOperations.h:
        (WebCore::CursorIterationOperation::create):
        (WebCore::CursorAdvanceOperation::create):
        * Modules/indexeddb/IDBDatabase.cpp:
        (WebCore::IDBDatabase::create):
        * Modules/indexeddb/IDBDatabase.h:
        * Modules/indexeddb/IDBDatabaseBackend.cpp:
        (WebCore::IDBDatabaseBackend::create):
        * Modules/indexeddb/IDBDatabaseBackend.h:
        * Modules/indexeddb/IDBDatabaseCallbacksImpl.cpp:
        (WebCore::IDBDatabaseCallbacksImpl::create):
        * Modules/indexeddb/IDBDatabaseCallbacksImpl.h:
        * Modules/indexeddb/IDBDatabaseError.h:
        (WebCore::IDBDatabaseError::create):
        * Modules/indexeddb/IDBIndex.h:
        (WebCore::IDBIndex::create):
        * Modules/indexeddb/IDBKey.h:
        (WebCore::IDBKey::createInvalid):
        (WebCore::IDBKey::createNumber):
        (WebCore::IDBKey::createString):
        (WebCore::IDBKey::createDate):
        (WebCore::IDBKey::createArray):
        * Modules/indexeddb/IDBKeyRange.cpp:
        (WebCore::IDBKeyRange::create):
        * Modules/indexeddb/IDBKeyRange.h:
        (WebCore::IDBKeyRange::create):
        * Modules/indexeddb/IDBObjectStore.cpp:
        * Modules/indexeddb/IDBObjectStore.h:
        (WebCore::IDBObjectStore::create):
        * Modules/indexeddb/IDBOpenDBRequest.cpp:
        (WebCore::IDBOpenDBRequest::create):
        * Modules/indexeddb/IDBOpenDBRequest.h:
        * Modules/indexeddb/IDBRecordIdentifier.h:
        (WebCore::IDBRecordIdentifier::create):
        * Modules/indexeddb/IDBRequest.cpp:
        (WebCore::IDBRequest::create):
        (WebCore::IDBRequest::getResultCursor):
        * Modules/indexeddb/IDBRequest.h:
        * Modules/indexeddb/IDBTransaction.cpp:
        (WebCore::IDBTransaction::create):
        * Modules/indexeddb/IDBTransaction.h:
        * Modules/indexeddb/IDBTransactionBackend.cpp:
        (WebCore::IDBTransactionBackend::create):
        * Modules/indexeddb/IDBTransactionBackend.h:
        * Modules/indexeddb/IDBTransactionBackendOperations.h:
        (WebCore::CreateObjectStoreOperation::create):
        (WebCore::DeleteObjectStoreOperation::create):
        (WebCore::IDBDatabaseBackend::VersionChangeOperation::create):
        (WebCore::CreateObjectStoreAbortOperation::create):
        (WebCore::DeleteObjectStoreAbortOperation::create):
        (WebCore::IDBDatabaseBackend::VersionChangeAbortOperation::create):
        (WebCore::CreateIndexOperation::create):
        (WebCore::CreateIndexAbortOperation::create):
        (WebCore::DeleteIndexOperation::create):
        (WebCore::DeleteIndexAbortOperation::create):
        (WebCore::GetOperation::create):
        (WebCore::PutOperation::create):
        (WebCore::SetIndexesReadyOperation::create):
        (WebCore::OpenCursorOperation::create):
        (WebCore::CountOperation::create):
        (WebCore::DeleteRangeOperation::create):
        (WebCore::ClearObjectStoreOperation::create):
        * Modules/mediasource/VideoPlaybackQuality.cpp:
        (WebCore::VideoPlaybackQuality::create):
        * Modules/mediasource/VideoPlaybackQuality.h:
        * Modules/mediastream/MediaConstraintsImpl.cpp:
        (WebCore::MediaConstraintsImpl::create):
        * Modules/mediastream/MediaConstraintsImpl.h:
        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::create):
        * Modules/mediastream/MediaStream.h:
        * Modules/mediastream/RTCDTMFSender.cpp:
        (WebCore::RTCDTMFSender::create):
        * Modules/mediastream/RTCDTMFSender.h:
        * Modules/mediastream/RTCOfferAnswerOptions.cpp:
        (WebCore::RTCOfferAnswerOptions::create):
        (WebCore::RTCOfferOptions::create):
        * Modules/mediastream/RTCOfferAnswerOptions.h:
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::parseConfiguration):
        (WebCore::RTCPeerConnection::create):
        * Modules/mediastream/RTCPeerConnection.h:
        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::create):
        * Modules/webdatabase/AbstractDatabaseServer.h:
        * Modules/webdatabase/DOMWindowWebDatabase.cpp:
        (WebCore::DOMWindowWebDatabase::openDatabase):
        * Modules/webdatabase/DOMWindowWebDatabase.h:
        * Modules/webdatabase/DatabaseManager.cpp:
        (WebCore::DatabaseManager::existingDatabaseContextFor):
        (WebCore::DatabaseManager::databaseContextFor):
        (WebCore::DatabaseManager::openDatabase):
        * Modules/webdatabase/DatabaseManager.h:
        * Modules/webdatabase/DatabaseServer.cpp:
        (WebCore::DatabaseServer::openDatabase):
        (WebCore::DatabaseServer::createDatabase):
        * Modules/webdatabase/DatabaseServer.h:

2015-06-01  Daniel Bates  <dabates@apple.com>

        Notify client that we began editing when text field is focused
        https://bugs.webkit.org/show_bug.cgi?id=145439
        <rdar://problem/21142108>

        Reviewed by Anders Carlsson.

        Inform the editor client that we began editing when a text field is focused either
        by being explicitly focused (programmatically or by user interaction) or implicitly
        focused when the window became active.

        Currently we only notify the editor client that we began editing a text field when
        when a person actually changes the value of the field. And we always notify the
        client that we ended editing when a text field is defocused regardless of whether
        we executed a began editing callback. Moreover we notify a client that we
        ended editing when the field is defocused (either explicitly or implicitly when the
        window becomes inactive). Instead we should always notify the client that we began
        editing when the field is focused so that this callback is symmetric with the end
        editing callback.

        * html/SearchInputType.cpp:
        (WebCore::SearchInputType::didSetValueByUserEdit): Remove parameter for ValueChangeState,
        which was used to determine whether we should notify the client that we began editing, because
        we we will notify the client that editing began when the text field is focused as opposed to
        when the value of text field first changes.
        * html/SearchInputType.h: Ditto.
        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::forwardEvent): Notify the client that we began editing when
        the text field is focused.
        (WebCore::TextFieldInputType::subtreeHasChanged): Update call site of didSetValueByUserEdit()
        following the removal of its parameter.
        (WebCore::TextFieldInputType::didSetValueByUserEdit): Ditto.
        * html/TextFieldInputType.h:

2015-06-01  Anders Carlsson  <andersca@apple.com>

        WAKScrollView.h cannot be imported standalone
        https://bugs.webkit.org/show_bug.cgi?id=145529

        Reviewed by Dan Bernstein.

        * page/mac/WebCoreFrameView.h:
        Remove the __cplusplus #ifdefs since WebCoreFrameView.h is only used by Objective-C++ code.
        (The different non-C++ method declarations were wrong anyway!)

        * platform/ScrollTypes.h:
        Remove the #ifdef __cplusplus surrounding the code, add header includes to make the file self-contained,
        and reformat the enum definitions.

2015-06-01  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] resource-type and load-type should be independent.
        https://bugs.webkit.org/show_bug.cgi?id=145528
        rdar://problem/21190765

        Reviewed by Benjamin Poulain.

        Covered by existing tests and a new API test.
        
        Right now we use the same uint16_t to store all the load-type and resource-type flags,
        then we just do a bitwise and to check both at the same time. This results in a trigger
        with load-type and resource-type firing if either condition is met, not both conditions.
        A trigger with both resource-type and load-type conditions should only fire if both conditions are met.

        * contentextensions/DFABytecodeInterpreter.cpp:
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretTestFlagsAndAppendAction):
        Check and correctly handle rules with both resource-type and load-type flags.
        * loader/ResourceLoadInfo.h:
        Add masks to separate flags from resource-type and load-type.

2015-06-01  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Reduce DFA memory usage.
        https://bugs.webkit.org/show_bug.cgi?id=145526

        Reviewed by Benjamin Poulain.

        * contentextensions/DFA.cpp:
        (WebCore::ContentExtensions::DFA::memoryUsed):
        (WebCore::ContentExtensions::DFANode::transitions):
        (WebCore::ContentExtensions::DFANode::fallbackTransitionDestination):
        (WebCore::ContentExtensions::DFANode::changeFallbackTransition):
        (WebCore::ContentExtensions::DFANode::addFallbackTransition):
        (WebCore::ContentExtensions::DFANode::containsTransition):
        (WebCore::ContentExtensions::DFANode::kill):
        * contentextensions/DFA.h:
        * contentextensions/DFAMinimizer.cpp:
        (WebCore::ContentExtensions::DFAMinimizer::minimize):
        * contentextensions/NFAToDFA.cpp:
        (WebCore::ContentExtensions::NFAToDFA::convert):
        Use separate Vectors for the transition characters and destinations to avoid wasting memory to padding a std::pair.

2015-06-01  Matt Rajca  <mrajca@apple.com>

        Implemented the `eventTargetInterface` and `scriptExecutionContext` methods required by EventTarget, as well as
        some required infrastructure.
        https://bugs.webkit.org/show_bug.cgi?id=145523

        Reviewed by Eric Carlson.

        * Modules/mediasession/MediaRemoteControls.cpp:
        (WebCore::MediaRemoteControls::MediaRemoteControls): Initialize all instance variables.
        * Modules/mediasession/MediaRemoteControls.h: MediaRemoteControl's constructor now takes a script execution
          context, which we provide to EventTarget. The required eventTargetInterface method has also been implemented.
        (WebCore::MediaRemoteControls::create):
        * Modules/mediasession/MediaRemoteControls.idl: Indicate MediaRemoteControls now takes a constructor that is
          passed in a script execution context. To prevent build errors, event handlers have been removed until they are
          implemented.
        * WebCore.xcodeproj/project.pbxproj: We should be building the derived JSMediaRemoteControls class with WebCore.
        * dom/EventTargetFactory.in: Ensure a MediaRemoteControlsEventTargetInterfaceType is generated.

2015-06-01  Benjamin Poulain  <bpoulain@apple.com>

        [CSS JIT] Fail to compile when we are out of executable memory
        https://bugs.webkit.org/show_bug.cgi?id=145483
        rdar://problem/21166612

        Reviewed by Andreas Kling.

        We should use a soft failure when the Linker fails to allocate
        executable memory for the CSS JIT. We will just fallback to slow
        code when that happen, better slow CSS than crashing.

        Credit to Chris for finding this problem.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::SelectorCodeGenerator::compile):

2015-06-01  Chris Dumez  <cdumez@apple.com>

        ASSERT(revalidatingResource.inCache()) in MemoryCache when reloading tumblr.com
        https://bugs.webkit.org/show_bug.cgi?id=145518
        <rdar://problem/21168573>

        Reviewed by Darin Adler.

        There was an assertion in MemoryCache::revalidationSucceeded() making
        sure that the resource that was revalidated is still in the memory
        cache. However, nothing prevents this resource from being pruned while
        it is being revalidated. We do make sure that the resource in question
        cannot be destroyed though (see CachedResource::canDelete()).

        This patch gets rid of this assertion as it is incorrect. Also, the
        fact that the resource is no longer in the memory cache is not an
        issue. We are merely going to call MemoryCache::remove() to remove
        it from the memory cache before re-adding it and updating its
        HTTP response. The call to MemoryCache::remove() will simply be a
        no-op in this case and we will not have any problem adding the
        resource back to the memory cache because the resource is kept alive.

        Test: http/tests/cache/memory-cache-pruning-during-revalidation.html

        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::revalidationSucceeded): Deleted.

2015-06-01  Matt Rajca  <mrajca@apple.com>

        Add stub implementation of MediaRemoteControls, part of the Media Session spec.
        https://bugs.webkit.org/show_bug.cgi?id=145462

        Reviewed by Eric Carlson.

        * CMakeLists.txt: Added IDL file as well as the corresponding implementation file.
        * DerivedSources.make: Included the new IDL file.
        * Modules/mediasession/MediaRemoteControls.cpp: Added an empty implementation file.
        (MediaRemoteControls::~MediaRemoteControls):
        * Modules/mediasession/MediaRemoteControls.h: Added a stubbed header file with accessors for the four attributes declared in the IDL file.
        (WebCore::MediaRemoteControls::previousTrackEnabled):
        (WebCore::MediaRemoteControls::setPreviousTrackEnabled):
        (WebCore::MediaRemoteControls::nextTrackEnabled):
        (WebCore::MediaRemoteControls::setNextTrackEnabled):
        (WebCore::MediaRemoteControls::seekForwardEnabled):
        (WebCore::MediaRemoteControls::setSeekForwardEnabled):
        (WebCore::MediaRemoteControls::seekBackwardEnabled):
        (WebCore::MediaRemoteControls::setSeekBackwardEnabled):
        * Modules/mediasession/MediaRemoteControls.idl: Added from the Media Session spec.
        * WebCore.xcodeproj/project.pbxproj: Included the new IDL file and MediaRemoteControls.cpp/.h sources.

2015-06-01  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] Simplify the interface of GridResolvedPosition
        https://bugs.webkit.org/show_bug.cgi?id=139077

        Reviewed by Darin Adler.

        The interface of GridResolvedPosition is full of static methods
        that are used only internally, we should not expose them.

        Apart from that resolveGridPositionsFromStyle() do always return
        a valid GridSpan from now on meaning that the caller has to ensure
        that the resolution does not require running the auto-placement
        algorithm. A new class called GridUnresolvedSpan was added for
        that purpose.

        No new tests as this is a refactoring.

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::placeItemsOnGrid):
        (WebCore::RenderGrid::populateExplicitGridAndOrderIterator):
        (WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid):
        (WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid):
        * rendering/style/GridPosition.h:
        * rendering/style/GridResolvedPosition.cpp:
        (WebCore::gridLinesForSide):
        (WebCore::implicitNamedGridLineForSide):
        (WebCore::isNonExistentNamedLineOrArea):
        (WebCore::GridUnresolvedSpan::requiresAutoPlacement):
        (WebCore::GridUnresolvedSpan::adjustGridPositionsFromStyle):
        (WebCore::adjustGridPositionForRowEndColumnEndSide):
        (WebCore::adjustGridPositionForSide):
        (WebCore::resolveNamedGridLinePositionFromStyle):
        (WebCore::firstNamedGridLineBeforePosition):
        (WebCore::resolveRowStartColumnStartNamedGridLinePositionAgainstOppositePosition):
        (WebCore::resolveRowEndColumnEndNamedGridLinePositionAgainstOppositePosition):
        (WebCore::resolveNamedGridLinePositionAgainstOppositePosition):
        (WebCore::resolveGridPositionAgainstOppositePosition):
        (WebCore::GridResolvedPosition::resolveGridPositionsFromAutoPlacementPosition):
        (WebCore::resolveGridPositionFromStyle):
        (WebCore::GridResolvedPosition::GridResolvedPosition):
        (WebCore::GridResolvedPosition::unresolvedSpanFromStyle):
        (WebCore::GridResolvedPosition::resolveGridPositionsFromStyle):
        (WebCore::GridResolvedPosition::adjustGridPositionsFromStyle): Deleted.
        (WebCore::GridResolvedPosition::resolveNamedGridLinePositionFromStyle): Deleted.
        (WebCore::GridResolvedPosition::resolveGridPositionFromStyle): Deleted.
        (WebCore::GridResolvedPosition::resolveGridPositionAgainstOppositePosition): Deleted.
        (WebCore::GridResolvedPosition::resolveNamedGridLinePositionAgainstOppositePosition): Deleted.
        (WebCore::GridResolvedPosition::resolveRowStartColumnStartNamedGridLinePositionAgainstOppositePosition): Deleted.
        (WebCore::GridResolvedPosition::resolveRowEndColumnEndNamedGridLinePositionAgainstOppositePosition): Deleted.
        * rendering/style/GridResolvedPosition.h:
        (WebCore::GridUnresolvedSpan::GridUnresolvedSpan): New class.
        (WebCore::GridUnresolvedSpan::initialPosition):
        (WebCore::GridUnresolvedSpan::finalPosition):
        (WebCore::GridUnresolvedSpan::initialPositionSide):
        (WebCore::GridUnresolvedSpan::finalPositionSide):
        (WebCore::GridResolvedPosition::adjustGridPositionForRowEndColumnEndSide): Deleted.
        (WebCore::GridResolvedPosition::adjustGridPositionForSide): Deleted.
        (WebCore::GridResolvedPosition::GridResolvedPosition): Deleted.

2015-06-01  Csaba Osztrogonác  <ossy@webkit.org>

        Fix the !ENABLE(VIDEO_TRACK) build after r184799
        https://bugs.webkit.org/show_bug.cgi?id=145510

        Reviewed by Eric Carlson.

        * testing/Internals.cpp:
        (WebCore::Internals::userPreferredAudioCharacteristics):
        (WebCore::Internals::setUserPreferredAudioCharacteristic):

2015-06-01  Csaba Osztrogonác  <ossy@webkit.org>

        Fix logical-not-parentheses warning in CachedScript.cpp
        https://bugs.webkit.org/show_bug.cgi?id=145254

        Reviewed by Sam Weinig.

        * loader/cache/CachedScript.cpp:
        (WebCore::CachedScript::mimeTypeAllowedByNosniff): "!X==Y" should be "X!=Y" here.

2015-05-31  Dan Bernstein  <mitz@apple.com>

        Remove Panther support
        https://bugs.webkit.org/show_bug.cgi?id=145506

        Reviewed by Sam Weinig.

        * platform/ios/wak/WAKAppKitStubs.h: Don't check for pre-Tiger SDKs.

2015-05-31  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        Remove unused variable kZoomTicks.
        https://bugs.webkit.org/show_bug.cgi?id=145504

        Reviewed by Sam Weinig.

        No new tests, no behavior changes.

        * platform/ScrollAnimatorNone.cpp:

2015-05-31  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        Async XMLHttpRequest should get access to AppCache resources stored as flat files
        https://bugs.webkit.org/show_bug.cgi?id=138506

        Reviewed by Darin Adler.

        This patch reads flat file data when DocumentLoader substituteResource delivery timer is fired.
        Refactoring to remove ApplicationCacheHost/DocumentLoader friend link.
        Added ResourceLoader::deliverResponseAndData helper function, taking a SharedBuffer as input to remove an unneeded copy for flat files (no change for other files). 

        Test: http/tests/appcache/simple-video-async.html

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::substituteResourceDeliveryTimerFired):
        (WebCore::DocumentLoader::scheduleArchiveLoad):
        (WebCore::DocumentLoader::scheduleSubstituteResourceLoad): Helper function to remove ApplicationCacheHost friend link.
        * loader/DocumentLoader.h:
        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::deliverResponseAndData): Helper function, code mostly moved from DocumentLoader::substituteResourceDeliveryTimerFired.
        * loader/ResourceLoader.h:
        * loader/SubstituteResource.h:
        (WebCore::SubstituteResource::deliver): Introduced to be overriden by ApplicationCacheResource to take care of flat file case.
        * loader/appcache/ApplicationCacheHost.cpp:
        (WebCore::ApplicationCacheHost::maybeLoadResource):
        (WebCore::ApplicationCacheHost::scheduleLoadFallbackResourceFromApplicationCache):
        * loader/appcache/ApplicationCacheResource.cpp:
        (WebCore::ApplicationCacheResource::deliver): Use SharedBuffer::createWithContentsOfFile to load data stored in flat file.
        * loader/appcache/ApplicationCacheResource.h:

2015-05-31  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] Implement ReadableStreamController constructor
        https://bugs.webkit.org/show_bug.cgi?id=143752

        Reviewed by Darin Adler.

        Covered by rebased test and expectation.

        * Modules/streams/ReadableStreamController.idl: Adding CustomConstructor.
        * bindings/js/JSReadableStreamControllerCustom.cpp:
        (WebCore::constructJSReadableStreamController): Throws an exception whenever called.

2015-05-30  Brady Eidson  <beidson@apple.com>

        Make FrameLoader methods that take PassRefPtr<Event> take raw pointers instead.
        https://bugs.webkit.org/show_bug.cgi?id=145495

        Reviewed by Alexey Proskuryakov.

        No new tests (No change in behavior).

        In most cases ownership of the Event is not actually being transferred, and these functions are all rarely called anyways.
        
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::handleClick):
        
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::urlSelected):
        (WebCore::FrameLoader::loadFrameRequest):
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::loadPostRequest):
        * loader/FrameLoader.h:

2015-05-30  Andreas Kling  <akling@apple.com>

        [iOS] Tiling coverage sometimes inflated by outdated scale factor.
        <https://webkit.org/b/145494>
        <rdar://problem/20989389>

        Reviewed by Benjamin Poulain.

        Have GraphicsLayerCA plumb the current contents scale through to TileController::adjustCoverageRect()
        instead of TileController getting it from TileGrid.

        This avoids a situation where adjustCoverageRect() could cause temporarily oversized tiling coverage
        if called while TileGrid's content scale is outdated, and we're neither zooming or pinching, following
        a pinch zoom that increased the scale factor.

        Specifically, if all the velocity data is zero, we pad the coverage rect by a horizontal and vertical
        margin computed like so:

            margin = defaultTileSize / tileGrid.scale

        If the actual scale is 5, but the TileGrid's outdated scale is e.g 0.8, you'll get a much larger
        margin than you really wanted. Then the whole thing gets scaled up by 5x later on, and we explode
        in a fiery feast of IOSurface allocations.

        * platform/graphics/TiledBacking.h:
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::adjustCoverageRect):
        * platform/graphics/ca/TileController.cpp:
        (WebCore::TileController::computeTileCoverageRect):
        * platform/graphics/ca/TileController.h:

2015-05-30  Brady Eidson  <beidson@apple.com>

        Fix Windows tests broken by r185007.
        https://bugs.webkit.org/show_bug.cgi?id=145472

        Unreviewed. Discussed with Alexey Proskuryakov.

        No new tests (Fixing the four broken ones should suffice).

        The bug was that evaluating arguments in a method/constructor call has no guaranteed sequencing.
        
        Clang seems to always do LTR, allowing the PassRefPtr to be evaluated as a bool in the call to
        navigationType() before it is "consumed" by the PassRefPtr argument.
        
        In Visual Studio the PassRefPtr consumption happened before the bool evaluation, meaning `false`
        was always passed in to navigationType(), breaking the four tests.
        
        The fix? Using PassRefPtr here was silly in the first place.
        No ownership is being transferred.
        Raw pointers it is.
        
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::loadPostRequest):
        * loader/NavigationAction.cpp:

        (WebCore::NavigationAction::NavigationAction):
        * loader/NavigationAction.h: Nobody is actually transferring ownership of these Events.
          Raw pointers will work just fine, thanks.

2015-05-29  Joseph Pecoraro  <pecoraro@apple.com>

        Unreviewed bindings test rebaseline after r185023.

        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        (WebCore::isObservable): Deleted.
        (WebCore::JSTestGenerateIsReachableOwner::isReachableFromOpaqueRoots): Deleted.

2015-05-29  Andreas Kling  <akling@apple.com>

        [iOS] Reduce tiling coverage when doing a pure pinch zoom with no panning.
        <https://webkit.org/b/145481>
        <rdar://problem/20989389>

        Reviewed by Benjamin Poulain.

        When we're zooming in with a pinch gesture but not panning the page
        at the same time, make the coverage rect be the visible rect.

        This reduces memory pressure during zooming, especially on slower
        devices that struggle to keep up with the current viewport.

        * platform/graphics/ca/TileController.cpp:
        (WebCore::TileController::computeTileCoverageRect):

2015-05-29  Keith Miller  <keith_miller@apple.com>

        WeakMap reference w/ DOM element as key does not survive long enough.
        https://bugs.webkit.org/show_bug.cgi?id=137651

        Reviewed by Geoffrey Garen.

        Remove isObservable functions as an "unobservable wrappers"
        optimization is invalid with WeakMaps. Performance testing
        will be done after the code is commited. If major
        performance issues occur the patch will be rolled out.

        Test: js/dom/weakmap-gc-unobservable-dom-nodes.html

        * bindings/js/JSNodeCustom.cpp:
        (WebCore::isReachableFromDOM):
        (WebCore::JSNodeOwner::isReachableFromOpaqueRoots):
        (WebCore::JSNode::insertBefore):
        (WebCore::isObservable): Deleted.
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):

2015-05-29  Anders Carlsson  <andersca@apple.com>

        Get rid of WAKViewPrivate.h
        https://bugs.webkit.org/show_bug.cgi?id=145482
        rdar://problem/21162149

        Reviewed by Dan Bernstein.

        Merge WAKViewPrivate.h into WAKViewInternal.h and move the NSView sizing enum
        to WAKView.h since that was the only thing WebKit used (indirectly) from WAKViewPrivate.h.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/WAKViewInternal.h:
        (WAKViewForWKViewRef):
        * platform/ios/ScrollViewIOS.mm:
        * platform/ios/wak/WAKResponder.m:
        * platform/ios/wak/WAKView.h:
        * platform/ios/wak/WAKView.mm:
        * platform/ios/wak/WAKViewPrivate.h: Removed.
        (WAKViewForWKViewRef): Deleted.
        * platform/ios/wak/WAKWindow.mm:
        * platform/ios/wak/WKView.h:
        * platform/ios/wak/WKView.mm:

2015-05-29  Daniel Bates  <dabates@apple.com>

        Clean up logic for updating caps lock indicator state
        https://bugs.webkit.org/show_bug.cgi?id=145329

        Reviewed by Sam Weinig.

        Remove logic to explicitly update the state of the caps lock indicator, which was used
        when the caps logic indicator was implemented as part of RenderTextControl. Currently,
        the caps logic indicator is implemented as part of a shadow DOM and we have existing
        logic to forward DOM focus and blur events to it so that it may update its state.

        No change in behavior.

        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::focusedOrActiveStateChanged): Deleted.
        * editing/FrameSelection.h:
        * page/EventHandler.cpp:
        (WebCore::EventHandler::keyEvent): Inline the code from EventHandler::capsLockStateMayHaveChanged()
        into this function because it is the only caller of EventHandler::capsLockStateMayHaveChanged() after
        we removed the call site in FrameSelection::focusedOrActiveStateChanged().
        (WebCore::EventHandler::capsLockStateMayHaveChanged): Deleted.
        * page/EventHandler.h:

2015-05-29  Zalan Bujtas  <zalan@apple.com>

        Text disappears shortly after page load on Nexus 7 site.
        https://bugs.webkit.org/show_bug.cgi?id=145467
        rdar://problem/18327239

        Reviewed by Simon Fraser.

        This patch ensures that overlap testing for composited layers works properly when the sibling
        layer gets composited through its child.

        When a layer gets composited through its child content, the recursive overlap testing should build up the
        overlapmap stack so that sibling content is intersected both against the child and its parent bounds.

        Tests: compositing/sibling-layer-does-not-get-composited-overflow-hidden-case.html
               compositing/sibling-layer-does-not-get-composited-transform-case.html

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::addToOverlapMapRecursive):
        (WebCore::RenderLayerCompositor::OverlapMap::contains): Deleted.

2015-05-29  Brady Eidson  <beidson@apple.com>

        Review feedback followup for r185003.
        https://bugs.webkit.org/show_bug.cgi?id=145463

        Reviewed by Darin Adler.

        * platform/sql/SQLiteDatabase.cpp:
        (WebCore::SQLiteDatabase::overrideUnauthorizedFunctions): `static const` one thing, c++-style cast another.

2015-05-29  Chris Dumez  <cdumez@apple.com>

        WebContent crash in WebCore::Page::sessionID() const + 0 (Page.cpp:1660)
        https://bugs.webkit.org/show_bug.cgi?id=145422
        <rdar://problem/20613631>

        Reviewed by Brady Eidson.

        We sometimes crash when destroying a PageCache CachedFrame because its
        DocumentLoader is still loading. This should never happen as we are not
        supposed to let pages are still have pending loads into the PageCache.

        However, we were using DocumentLoader::isLoadingInAPISense() as check
        in PageCache::canCachePageContainingThisFrame() which is not exactly
        what we want. isLoadingInAPISense() no longer considers subresource
        loads once the frame as loaded. This means if the JS triggers a new
        load in a subframe after it has been loaded, then isLoadingInAPISense()
        will return false, despite the pending load.

        This patch replaces the isLoadingInAPISense() check with isLoading()
        as this will consider all pending loads, even after the frame is
        loaded.

        In most cases, using isLoadingInAPISense() was not an issue because
        we call DocumentLoader::stopLoading() in all subframes before starting
        a provisional load. However, nothing seems to prevent JS from
        triggering a new load after that and before the new load gets committed
        (which is when we save the page into PageCache).

        No new test as we don't have a reliable reproduction case and the
        issue is timing related.

        * history/PageCache.cpp:
        (WebCore::logCanCacheFrameDecision):
        (WebCore::PageCache::canCachePageContainingThisFrame):
        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::isLoading):
        (WebCore::DiagnosticLoggingKeys::loadingAPISenseKey): Deleted.
        * page/DiagnosticLoggingKeys.h:

2015-05-29  Chris Dumez  <cdumez@apple.com>

        Consider throttling DOM timers in iframes outside the viewport
        https://bugs.webkit.org/show_bug.cgi?id=145465
        <rdar://problem/20768957>

        Reviewed by Darin Adler.

        Throttle DOM timers in iframes that are outside the viewport to decrease
        CPU usage, improve performance and reduce power use.

        The approach is similar to what we already did for requestAnimationFrame
        in r183998.

        We already has support for throttling DOM timers at:
        - Page level: for backgound pages
        - DOM timer level: for timers changing the style of an element outside
          the viewport or drawing on a canvas outside the viewport.

        This patch adds support for throttling DOM timers at Document level so
        we can throttle all timers inside a specific iframe / Document. It relies
        on the same timerAlignmentInterval that is used for throttling at Page
        level with tweaks so that different Documents inside the same Page can
        have a different timerAlignmentInterval.

        Test: fast/dom/timer-throttling-subframe.html

        * dom/Document.cpp:
        (WebCore::Document::setTimerThrottlingEnabled):
        (WebCore::Document::timerAlignmentInterval):
        * dom/Document.h:
        (WebCore::Document::isTimerThrottlingEnabled):
        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::alignedFireTime):
        The previous code was not throttling the timer if its fireTime was in
        the past. This was causing some aggressive timers on mashable.com to
        not be throttled so I got rid of this behavior. I don't see any reason
        why we would not throttle a timer simply because it is supposed to have
        fired already.

        * page/FrameView.cpp:
        (WebCore::FrameView::viewportContentsChanged):
        (WebCore::FrameView::updateScriptedAnimationsAndTimersThrottlingState):
        * page/FrameView.h:

        * testing/Internals.cpp:
        (WebCore::Internals::areTimersThrottled):
        * testing/Internals.h:
        * testing/Internals.idl:
        Add API to facilitate layout testing of this functionality.

2015-05-29  Brady Eidson  <beidson@apple.com>

        NavigationAction constructor cleanup.
        https://bugs.webkit.org/show_bug.cgi?id=145472

        Reviewed by Alex Christensen.

        No new tests (Refactor, no change in behavior).

        * loader/NavigationAction.cpp:
        (WebCore::NavigationAction::NavigationAction): Delegate many of the various constructors
          to a single full-featured constructor.
        * loader/NavigationAction.h:

2015-05-29  Matt Rajca  <mrajca@apple.com>

        Rename MediaSession and MediaSessionClient to PlatformMediaSession and PlatformMediaSessionClient so we can use MediaSession for the formal implementation of the Media Session spec.
        https://bugs.webkit.org/show_bug.cgi?id=145447

        Reviewed by Eric Carlson.

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::AudioContext):
        (WebCore::AudioContext::suspendPlayback):
        * Modules/webaudio/AudioContext.h:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLAudioElement.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::pausedForUserInteraction):
        (WebCore::HTMLMediaElement::mediaType):
        (WebCore::HTMLMediaElement::presentationType):
        (WebCore::HTMLMediaElement::displayType):
        (WebCore::HTMLMediaElement::didReceiveRemoteControlCommand):
        * html/HTMLMediaElement.h:
        * html/HTMLMediaSession.cpp:
        (WebCore::HTMLMediaSession::HTMLMediaSession):
        (WebCore::HTMLMediaSession::requiresFullscreenForVideoPlayback):
        * html/HTMLMediaSession.h:
        * html/HTMLVideoElement.h:
        * platform/RemoteCommandListener.h:
        * platform/audio/MediaSessionManager.cpp:
        (WebCore::MediaSessionManager::resetRestrictions):
        (WebCore::MediaSessionManager::has):
        (WebCore::MediaSessionManager::activeAudioSessionRequired):
        (WebCore::MediaSessionManager::count):
        (WebCore::MediaSessionManager::beginInterruption):
        (WebCore::MediaSessionManager::endInterruption):
        (WebCore::MediaSessionManager::addSession):
        (WebCore::MediaSessionManager::removeSession):
        (WebCore::MediaSessionManager::addRestriction):
        (WebCore::MediaSessionManager::removeRestriction):
        (WebCore::MediaSessionManager::restrictions):
        (WebCore::MediaSessionManager::sessionWillBeginPlayback):
        (WebCore::MediaSessionManager::sessionWillEndPlayback):
        (WebCore::MediaSessionManager::setCurrentSession):
        (WebCore::MediaSessionManager::currentSession):
        (WebCore::MediaSessionManager::sessionRestrictsInlineVideoPlayback):
        (WebCore::MediaSessionManager::sessionCanLoadMedia):
        (WebCore::MediaSessionManager::applicationWillEnterBackground):
        (WebCore::MediaSessionManager::applicationWillEnterForeground):
        (WebCore::MediaSessionManager::didReceiveRemoteControlCommand):
        (WebCore::MediaSessionManager::systemWillSleep):
        (WebCore::MediaSessionManager::systemDidWake):
        * platform/audio/MediaSessionManager.h:
        (WebCore::MediaSessionManager::sessions):
        * platform/audio/PlatformMediaSession.cpp: Renamed from Source/WebCore/platform/audio/MediaSession.cpp.
        (WebCore::stateName):
        (WebCore::PlatformMediaSession::create):
        (WebCore::PlatformMediaSession::PlatformMediaSession):
        (WebCore::PlatformMediaSession::~PlatformMediaSession):
        (WebCore::PlatformMediaSession::setState):
        (WebCore::PlatformMediaSession::beginInterruption):
        (WebCore::PlatformMediaSession::endInterruption):
        (WebCore::PlatformMediaSession::clientWillBeginPlayback):
        (WebCore::PlatformMediaSession::clientWillPausePlayback):
        (WebCore::PlatformMediaSession::pauseSession):
        (WebCore::PlatformMediaSession::mediaType):
        (WebCore::PlatformMediaSession::presentationType):
        (WebCore::PlatformMediaSession::title):
        (WebCore::PlatformMediaSession::duration):
        (WebCore::PlatformMediaSession::currentTime):
        (WebCore::PlatformMediaSession::canReceiveRemoteControlCommands):
        (WebCore::PlatformMediaSession::didReceiveRemoteControlCommand):
        (WebCore::PlatformMediaSession::visibilityChanged):
        (WebCore::PlatformMediaSession::clientDataBufferingTimerFired):
        (WebCore::PlatformMediaSession::updateClientDataBuffering):
        (WebCore::PlatformMediaSession::isHidden):
        (WebCore::PlatformMediaSession::displayType):
        (WebCore::PlatformMediaSessionClient::mediaSessionTitle):
        (WebCore::PlatformMediaSessionClient::mediaSessionDuration):
        (WebCore::PlatformMediaSessionClient::mediaSessionCurrentTime):
        * platform/audio/PlatformMediaSession.h: Renamed from Source/WebCore/platform/audio/MediaSession.h.
        (WebCore::PlatformMediaSession::state):
        (WebCore::PlatformMediaSession::canPlayToWirelessPlaybackTarget):
        (WebCore::PlatformMediaSession::isPlayingToWirelessPlaybackTarget):
        (WebCore::PlatformMediaSession::requiresPlaybackTargetRouteMonitoring):
        (WebCore::PlatformMediaSession::client):
        (WebCore::PlatformMediaSessionClient::PlatformMediaSessionClient):
        (WebCore::PlatformMediaSessionClient::displayType):
        (WebCore::PlatformMediaSessionClient::setShouldBufferData):
        (WebCore::PlatformMediaSessionClient::elementIsHidden):
        (WebCore::PlatformMediaSessionClient::wirelessRoutesAvailableDidChange):
        (WebCore::PlatformMediaSessionClient::setWirelessPlaybackTarget):
        (WebCore::PlatformMediaSessionClient::canPlayToWirelessPlaybackTarget):
        (WebCore::PlatformMediaSessionClient::isPlayingToWirelessPlaybackTarget):
        (WebCore::PlatformMediaSessionClient::setShouldPlayToPlaybackTarget):
        (WebCore::PlatformMediaSessionClient::~PlatformMediaSessionClient):
        * platform/audio/ios/MediaSessionManagerIOS.h:
        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (WebCore::MediaSessionManageriOS::resetRestrictions):
        (WebCore::MediaSessionManageriOS::sessionWillBeginPlayback):
        (WebCore::MediaSessionManageriOS::sessionWillEndPlayback):
        (WebCore::MediaSessionManageriOS::updateNowPlayingInfo):
        (WebCore::MediaSessionManageriOS::sessionCanLoadMedia):
        (-[WebMediaSessionHelper interruption:]):
        * platform/audio/mac/MediaSessionManagerMac.cpp:
        (MediaSessionManager::updateSessionState):
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::handlePlaybackCommand):
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerClient::mediaPlayerHandlePlaybackCommand):
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::rateChanged):
        * platform/ios/RemoteCommandListenerIOS.mm:
        (WebCore::RemoteCommandListenerIOS::RemoteCommandListenerIOS):
        * testing/Internals.cpp:
        (WebCore::Internals::beginMediaSessionInterruption):
        (WebCore::Internals::endMediaSessionInterruption):
        (WebCore::Internals::setMediaSessionRestrictions):
        (WebCore::Internals::postRemoteControlCommand):

2015-05-29  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Decrease maxNFASize
        https://bugs.webkit.org/show_bug.cgi?id=145461

        Reviewed by Gavin Barraclough.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        Decrease maxNFASize based on analysis of memory usage and compiling and interpreting time.

2015-05-29  Brady Eidson  <beidson@apple.com>

        WebSQL default functions can bypass authorizer.
        <rdar://problem/21048994> and https://bugs.webkit.org/show_bug.cgi?id=145463

        Reviewed by Sam Weinig and Alexey Proskuryakov.

        No new tests yet.

        * platform/sql/SQLiteDatabase.cpp:
        (WebCore::unauthorizedSQLFunction): Function to install into SQLite to override some built-in functions.
        (WebCore::SQLiteDatabase::open):
        (WebCore::SQLiteDatabase::overrideUnauthorizedFunctions): Install function overrides for functions that
           take arbitrary input that are also meant to be disabled by virtue of them not being whitelisted.
        * platform/sql/SQLiteDatabase.h:

2015-05-29  Roger Fong  <roger_fong@apple.com>

        Unreviewed. Shift fullscreen controls down 20px.
        <rdar://problem/21161523>

        * Modules/mediacontrols/mediaControlsApple.css:
        (video:-webkit-full-screen::-webkit-media-controls-panel):
        Fullscreen control panel is too high and overlaps with caption menu.
        Shift it down 20px.

2015-05-28  Simon Fraser  <simon.fraser@apple.com>

        Some assertion failures in compositing code after r183820
        https://bugs.webkit.org/show_bug.cgi?id=144630

        Reviewed by Alexey Proskuryakov.

        Reinstate the assertion commented out in r183843. Fixed by having blending no longer
        escape the media elements, which was fixed via bug 145420.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::computeCompositingRequirements):

2015-05-29  Hunseop Jeong  <hs85.jeong@samsung.com>

        Use modern for-loops in WebCore/plugins, storage, style, testing and workers.
        https://bugs.webkit.org/show_bug.cgi?id=145425

        Reviewed by Darin Adler.

        No new tests, no behavior changes.

        * plugins/DOMMimeTypeArray.cpp:
        (WebCore::DOMMimeTypeArray::canGetItemsForName):
        * plugins/DOMPlugin.cpp:
        (WebCore::DOMPlugin::canGetItemsForName):
        * plugins/DOMPluginArray.cpp:
        (WebCore::DOMPluginArray::canGetItemsForName):
        * plugins/PluginData.cpp:
        (WebCore::PluginData::getWebVisibleMimesAndPluginIndices):
        * plugins/PluginMainThreadScheduler.cpp:
        (WebCore::PluginMainThreadScheduler::dispatchCallsForPlugin):
        (WebCore::PluginMainThreadScheduler::dispatchCalls):
        * storage/StorageEventDispatcher.cpp:
        (WebCore::StorageEventDispatcher::dispatchLocalStorageEvents):
        (WebCore::StorageEventDispatcher::dispatchSessionStorageEventsToFrames):
        (WebCore::StorageEventDispatcher::dispatchLocalStorageEventsToFrames):
        * storage/StorageMap.cpp:
        (WebCore::StorageMap::importItems):
        * style/StyleResolveTree.cpp:
        (WebCore::Style::pseudoStyleCacheIsInvalid):
        * testing/Internals.cpp:
        (WebCore::Internals::nodesFromRect):
        * workers/Worker.cpp:
        (WebCore::networkStateChanged):
        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::importScripts):

2015-05-29  Alex Christensen  <achristensen@webkit.org>

        Unreviewed build fix when using content extensions debugging.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        Update variable name.

2015-05-29  Brady Eidson  <beidson@apple.com>

        Typo followup to r184987

        Unreviewed.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadURLIntoChildFrame): Misplaced brace.

2015-05-29  Brady Eidson  <beidson@apple.com>

        Small FrameLoader refactoring.
        https://bugs.webkit.org/show_bug.cgi?id=145459

        Reviewed by Alex Christensen.

        No new tests (No behavior change).

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadURLIntoChildFrame):
        (WebCore::FrameLoader::loadFrameRequest):
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::loadPostRequest):
        * loader/FrameLoader.h:

2015-05-29  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        MediaDevices.getUserMedia should reject promise instead of throwing exceptions
        https://bugs.webkit.org/show_bug.cgi?id=145282

        Reviewed by Darin Adler.

        Ensuring at the custom binding level that all potential errors are used to reject promise.
        Cleaned up the wrappers by removing unneeded RefPtr.

        Covered by modified test.

        * Modules/mediastream/MediaDevices.cpp:
        (WebCore::MediaDevices::getUserMedia):
        * Modules/mediastream/MediaDevices.h:
        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::create):
        * bindings/js/JSMediaDevicesCustom.cpp:
        (WebCore::JSMediaDevices::getUserMedia):

2015-05-28  Hunseop Jeong  <hs85.jeong@samsung.com>

        Replaced 0 with nullptr in WebCore/accessibility.
        https://bugs.webkit.org/show_bug.cgi?id=145309

        Reviewed by Chris Fleizach.

        No new tests, no behavior change.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::mathPrescripts):
        (WebCore::AccessibilityRenderObject::mathPostscripts):
        * accessibility/AccessibilityScrollView.cpp:
        (WebCore::AccessibilityScrollView::scrollBar):
        * accessibility/atk/AXObjectCacheAtk.cpp:
        (WebCore::notifyChildrenSelectionChange):
        * accessibility/atk/WebKitAccessibleHyperlink.cpp:
        (webkitAccessibleHyperlinkInit):
        * accessibility/atk/WebKitAccessibleInterfaceDocument.cpp:
        (webkitAccessibleDocumentGetAttributes):
        * accessibility/atk/WebKitAccessibleInterfaceText.cpp:
        (getAttributeSetForAccessibilityObject):
        (attributeSetDifference):
        * accessibility/atk/WebKitAccessibleUtil.h:
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (webkitAccessibleRefChild):
        (webkitAccessibleGetAttributes):
        (webkitAccessibleGetObjectLocale):
        (getInterfaceMaskFromObject):
        (objectFocusedAndCaretOffsetUnignored):
        (cacheAndReturnAtkProperty):

2015-05-28  Zalan Bujtas  <zalan@apple.com>

        Subpixel rendering: Pixel crack in text selection of simple text in <textarea>.
        https://bugs.webkit.org/show_bug.cgi?id=145393
        rdar://problem/19918941

        Reviewed by Darin Adler.

        Float to LayoutUnit conversion is lossy. To ensure that selection
        painting always lines up (snaps) properly, the calculated width needs to
        be adjusted by ceiling the float to the next LayoutUnit value.

        Test: fast/text/hidpi-text-selection-gap-between-words.html

        * platform/graphics/FontCascade.cpp:
        (WebCore::FontCascade::adjustSelectionRectForSimpleText):
        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::FontCascade::adjustSelectionRectForComplexText):

2015-05-28  Andreas Kling  <akling@apple.com>

        GraphicsLayerCA should start out with m_intersectsCoverageRect=false
        <https://webkit.org/b/145443>
        <rdar://problem/19685798>

        Reviewed by Simon Fraser.

        Since the coverage rect of a newly-constructed GraphicsLayerCA is always empty,
        there's no way that the layer's own bounding box can intersect with it.
        Hence the m_intersectsCoverageRect flag should be false after construction.

        This fixes an issue where compositing layers in subframes would be marked as
        non-volatile, despite being far outside the viewport and coverage rect.

        Test: compositing/visible-rect/iframe-with-layers-outside-viewport.html

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::GraphicsLayerCA):

2015-05-28  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r184796 and r184832.
        https://bugs.webkit.org/show_bug.cgi?id=145449

        2% performance regression (Requested by litherum on #webkit).

        Reverted changesets:

        "[Cocoa] Use CTFontDrawGlyphs() instead of
        CGContextShowGlyphsWithAdvances()/CGContextShowGlyphsAtPositions()"
        https://bugs.webkit.org/show_bug.cgi?id=145234
        http://trac.webkit.org/changeset/184796

        "Cleanup after r184796"
        https://bugs.webkit.org/show_bug.cgi?id=145333
        http://trac.webkit.org/changeset/184832

2015-05-28  Matt Rajca  <mrajca@apple.com>

        Rename HTMLMediaSession to MediaElementSession to reserve "media session" for the Media Session API.
        https://bugs.webkit.org/show_bug.cgi?id=145440

        Reviewed by Eric Carlson.

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement):
        (WebCore::HTMLMediaElement::loadInternal):
        (WebCore::HTMLMediaElement::loadResource):
        (WebCore::HTMLMediaElement::suspend):
        (WebCore::HTMLMediaElement::resume):
        (WebCore::HTMLMediaElement::removeBehaviorsRestrictionsAfterFirstUserGesture):
        (WebCore::HTMLMediaElement::mediaState):
        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::mediaSession):
        * html/MediaElementSession.cpp: Renamed from Source/WebCore/html/HTMLMediaSession.cpp.
        (WebCore::restrictionName):
        (WebCore::MediaElementSession::MediaElementSession):
        (WebCore::MediaElementSession::registerWithDocument):
        (WebCore::MediaElementSession::unregisterWithDocument):
        (WebCore::MediaElementSession::addBehaviorRestriction):
        (WebCore::MediaElementSession::removeBehaviorRestriction):
        (WebCore::MediaElementSession::playbackPermitted):
        (WebCore::MediaElementSession::dataLoadingPermitted):
        (WebCore::MediaElementSession::fullscreenPermitted):
        (WebCore::MediaElementSession::pageAllowsDataLoading):
        (WebCore::MediaElementSession::pageAllowsPlaybackAfterResuming):
        (WebCore::MediaElementSession::showPlaybackTargetPicker):
        (WebCore::MediaElementSession::hasWirelessPlaybackTargets):
        (WebCore::MediaElementSession::wirelessVideoPlaybackDisabled):
        (WebCore::MediaElementSession::setWirelessVideoPlaybackDisabled):
        (WebCore::MediaElementSession::setHasPlaybackTargetAvailabilityListeners):
        (WebCore::MediaElementSession::setPlaybackTarget):
        (WebCore::MediaElementSession::targetAvailabilityChangedTimerFired):
        (WebCore::MediaElementSession::externalOutputDeviceAvailableDidChange):
        (WebCore::MediaElementSession::canPlayToWirelessPlaybackTarget):
        (WebCore::MediaElementSession::isPlayingToWirelessPlaybackTarget):
        (WebCore::MediaElementSession::setShouldPlayToPlaybackTarget):
        (WebCore::MediaElementSession::mediaStateDidChange):
        (WebCore::MediaElementSession::effectivePreloadForElement):
        (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
        (WebCore::MediaElementSession::mediaEngineUpdated):
        (WebCore::MediaElementSession::allowsAlternateFullscreen):
        (WebCore::MediaElementSession::maximumMediaSourceBufferSize):
        * html/MediaElementSession.h: Renamed from Source/WebCore/html/HTMLMediaSession.h.
        * testing/Internals.cpp:
        (WebCore::Internals::setMediaElementRestrictions):
        (WebCore::Internals::setAudioContextRestrictions):

2015-05-28  Myles C. Maxfield  <mmaxfield@apple.com>

        Crash under ICU with ASAN during editing/selection/move-by-word-visually-crash-test-5.html
        https://bugs.webkit.org/show_bug.cgi?id=145429
        <rdar://problem/20992218>

        Reviewed by Alexey Proskuryakov.

        WebKit uses some strings which contain the lower 8-bits of UTF-16 (thereby saving space). However,
        ICU doesn't understand this encoding. When we want to use ICU functions with strings in this encoding,
        we create a UTextProvider which converts our encoded strings to UTF-16 for ICU, one chunk at a time.
        This object contains a vtable which we populate to perform the conversion.

        The WebKit function which actually returns the UTF-16 chunks has two relevant arguments: an index into
        the encoded string which ICU is requesting, and a direction from that index which ICU is interested
        in. This function populates a "chunk" which is characterized by a pointer to a buffer, the length of
        the populated data in the buffer, and an offset into the chunk which represents the index that the
        requested character was put into.

        When ICU requests data going backward, we fill in the chunk accordingly, with the requested character
        all the way at the end. We then set the offset equal to the length of the buffer. However, this length
        value is stale from the previous time the function ran. Therefore, ICU was reading the wrong index in
        the chunk when expecting the requested character.

        Covered by editing/selection/move-by-word-visually-crash-test-5.html.

        * platform/text/icu/UTextProviderLatin1.cpp:
        (WebCore::uTextLatin1Access):

2015-05-28  Eric Carlson  <eric.carlson@apple.com>

        [iOS] Fix controls bug caused by r184794
        https://bugs.webkit.org/show_bug.cgi?id=145445

        Reviewed by Dean Jackson.

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.showControls): Check video.controls instead of trying to call
        showInlinePlaybackPlaceholderOnly, which doesn't exist.

2015-05-28  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Code clean up for extracting information from the mix of WritingMode and TextDirection
        https://bugs.webkit.org/show_bug.cgi?id=143399

        Reviewed by Darin Adler.
        
        There should be eight TextFlows. A TextFlow consists of two directions.
        The first one controls the inline growing direction and the second one
        controls the block growing direction. We are going to use the cardinal
        directions to define these combinations.

        We need to extract the following information easily from the TextFlow

        -- isTextFlowReversed() // RTL
        -- isTextFlowFlipped()  // the opposite direction to normal
        -- isTextFlowVertical() // The line grows vertically
        
        Mixing WritingMode and TextDirection into TextFlow and choosing their values
        carefully to ease implementing the above functions can make things clearer.

        * Modules/notifications/Notification.h:
        * platform/graphics/TextRun.h:
        * platform/ios/SelectionRect.h:
        * platform/text/BidiResolver.h:
        * platform/text/StringWithDirection.h:
        * platform/text/TextFlags.h:
        (WebCore::isLeftToRightDirection): Deleted.
        enum TextDirection is moved from TextFlags.h to WritingMode.h. So include
        WritingMode.h instead of including TextFlags.h.
        
        * css/CSSProperty.cpp:
        (WebCore::resolveToPhysicalProperty): Instead of handling the eight possible
        cases of the text flows one by one, we can map from a LogicalSide to a
        PhysicalSide using the TextFlow value.
        
        * platform/LengthBox.h:
        (WebCore::BoxExtent::before):
        (WebCore::BoxExtent::after):
        (WebCore::BoxExtent::start):
        (WebCore::BoxExtent::end):
        Use mapLogicalSideToPhysicalSide() to convert from a LogicalSide to a PhysicalSide.
        
        * platform/text/WritingMode.h:
        (WebCore::isLeftToRightDirection): Usually the default enum is defined
        first. And usually the default value is equal to zero. Since LTR is the
        default for the text direction, it should be defined before RTL.
        
        (WebCore::makeTextFlow): Returns a TextFlow given a WritingMode and a
        TextDirection.
        
        (WebCore::isReversedTextFlow): Returns true if the text direction is RTL.
        
        (WebCore::isFlippedTextFlow):
        (WebCore::isFlippedWritingMode): Returns true if the block growing direction
        is in the opposite direction of normal.
        
        (WebCore::isVerticalTextFlow):
        (WebCore::isVerticalWritingMode): Returns true if the line grows vertically.
               
        (WebCore::isHorizontalWritingMode):
        (WebCore::isFlippedLinesWritingMode): Use isVerticalWritingMode() and 
        isFlippedWritingMode() to answer these questions.
        
        (WebCore::isHorizontalPhysicalSide): 
        (WebCore::mirrorPhysicalSide): top <-> bottom and left <-> right conversion.
        (WebCore::rotatePhysicalSide): top <-> left and right <-> bottom conversion.
        
        (WebCore::mapLogicalSideToPhysicalSide): Maps a LogicalSide to a PhysicalSide
        using either the TextFlow or the WritingMode.
        
        (WebCore::isFlippedBlocksWritingMode): Deleted.
        * rendering/RenderMultiColumnSet.cpp:
        (WebCore::RenderMultiColumnSet::collectLayerFragments):
        (WebCore::RenderMultiColumnSet::columnTranslationForOffset):
        * rendering/shapes/Shape.cpp:
        (WebCore::physicalRectToLogical):
        (WebCore::physicalPointToLogical):
        * rendering/style/RenderStyle.h:
        Rename isFlippedBlocksWritingMode() to be isFlippedWritingMode() so we can
        be consistent with other WritingMode query functions.

2015-05-28  Matt Rajca  <mrajca@apple.com>

        Add ENABLE_MEDIA_SESSION feature flag (which is off by default).
        https://bugs.webkit.org/show_bug.cgi?id=145415

        Reviewed by Eric Carlson.

        * Configurations/FeatureDefines.xcconfig:

2015-05-28  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] ReadableStreamReader should not be exposed
        https://bugs.webkit.org/show_bug.cgi?id=143564

        Reviewed by Darin Adler.

        Covered by rebased tests.

        * Modules/streams/ReadableStreamReader.idl: Adding NoInterfaceObject to ReadableStreamReader.idl.

2015-05-28  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        [CMake] Improve detection and usage of GL/GLES/EGL libraries.
        https://bugs.webkit.org/show_bug.cgi?id=145408

        Reviewed by Carlos Garcia Campos.

        No new tests, no behavior changes.

        * CMakeLists.txt: Ensure that we include the libraries and includes
        for the GL/GLESv2/EGL libraries before including the ANGLE directories.
        Define also any CFLAG that the system GL/GLESv2/EGL libraries may need.
        * PlatformEfl.cmake: Remove some includes that are now unneeded,
        because we are including now the EGL libraries on CMakeLists.txt
        * PlatformGTK.cmake: Remove unneeded include (We are including the EGL
        libraries now on CMakeLists.txt)

2015-05-28  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        Binding generator should support interfaces with CustomConstructor and NoInterfaceObject
        https://bugs.webkit.org/show_bug.cgi?id=145016

        Reviewed by Darin Adler.

        Updated code generator to generate the necessary declarations (constructor property in the prototype, the constructor class).
        In the case of CustomConstructor with NoInterfaceObject, the implementation of the constructor property related JS function is changed as follow:
        It creates a constructor object and shadows the constructor property JS function with this object.
        This ensures that only one constructor object is created per prototype.
        The constructor is not exposed as it is not added to the global object constructor map.

        NoInterfaceObject is asking to not make the interface visible, which is contradictory with having a visible constructor of the interface.
        The case for having NoInterfaceObject and CustomConstructor is the following:
        We do not want to expose the interface but we still want to have a constructor property on the prototype of objects implementing the interface.
        One such case is https://streams.spec.whatwg.org/#globals

        Added TestCustomConstructorWithNoInterfaceObject.idl to check that case.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        (GenerateAttributesHashTable):
        (GenerateImplementation):
        (HasConstructorProperty):
        * bindings/scripts/test/GObject/WebKitDOMTestCustomConstructorWithNoInterfaceObject.cpp: Added.
        (WebKit::kit):
        (WebKit::core):
        (WebKit::wrapTestCustomConstructorWithNoInterfaceObject):
        (webkit_dom_test_custom_constructor_with_no_interface_object_finalize):
        (webkit_dom_test_custom_constructor_with_no_interface_object_constructor):
        (webkit_dom_test_custom_constructor_with_no_interface_object_class_init):
        (webkit_dom_test_custom_constructor_with_no_interface_object_init):
        * bindings/scripts/test/GObject/WebKitDOMTestCustomConstructorWithNoInterfaceObject.h: Added.
        * bindings/scripts/test/GObject/WebKitDOMTestCustomConstructorWithNoInterfaceObjectPrivate.h: Added.
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp: Added.
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::create):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::createStructure):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::JSTestCustomConstructorWithNoInterfaceObjectPrototype):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectConstructor::create):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectConstructor::createStructure):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectConstructor::JSTestCustomConstructorWithNoInterfaceObjectConstructor):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectConstructor::finishCreation):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectConstructor::getConstructData):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::finishCreation):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObject::JSTestCustomConstructorWithNoInterfaceObject):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObject::createPrototype):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObject::getPrototype):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObject::destroy):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObject::~JSTestCustomConstructorWithNoInterfaceObject):
        (WebCore::jsTestCustomConstructorWithNoInterfaceObjectConstructor):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObject::getConstructor):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectOwner::isReachableFromOpaqueRoots):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectOwner::finalize):
        (WebCore::toJS):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObject::toWrapped):
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.h: Added.
        (WebCore::wrapperOwner):
        (WebCore::toJS):
        * bindings/scripts/test/ObjC/DOMTestCustomConstructorWithNoInterfaceObject.h: Added.
        * bindings/scripts/test/ObjC/DOMTestCustomConstructorWithNoInterfaceObject.mm: Added.
        (-[DOMTestCustomConstructorWithNoInterfaceObject dealloc]):
        (-[DOMTestCustomConstructorWithNoInterfaceObject finalize]):
        (core):
        (kit):
        * bindings/scripts/test/ObjC/DOMTestCustomConstructorWithNoInterfaceObjectInternal.h: Added.
        * bindings/scripts/test/TestCustomConstructor.idl: Added.

2015-05-19  Jon Honeycutt  <jhoneycutt@apple.com>

        [iOS] When viewing an MJPEG stream as the main resource, only the first
        frame paints

        <https://bugs.webkit.org/show_bug.cgi?id=145185>
        <rdar://problem/20124694>

        This bug is caused by state not being restored between successive loads
        of multipart/x-mixed-replace content. Each part of the stream is not
        treated as a wholly new load, so if state is cleared as part of the
        previous page being destroyed, it may not be restored when loading
        the next stream part.

        On WK1, tile cache updates are disabled in FrameView::clear(), which is
        called as the previous page is destroyed, but were not being
        reenabled when loading new replacement content from the stream.

        On WK2, the exposed content rect was being reset to an empty rect as
        the previous page was destroyed, but it was not being reset by loading
        replacement content.

        To fix these issues, I added two WebFrameLoaderClient callbacks;
        willReplaceMultipartContent() and didReplaceMultipartContent(). These
        are used to save and restore state between successive loads.

        Reviewed by Darin Adler.

        * loader/DocumentLoader.cpp:
        Call the new client callbacks.
        (WebCore::DocumentLoader::commitLoad):
        If replacing content in a multipart/x-mixed-replace stream, call the
        WebFrameLoaderClient's didReplaceMultipartContent().

        (WebCore::DocumentLoader::setupForReplace):
        Call the WebFrameLoaderClient's willReplaceMultipartContent().

        * loader/EmptyClients.h:

        * loader/FrameLoaderClient.h:

        * page/FrameView.cpp:
        (WebCore::FrameView::didReplaceMultipartContent):
        Re-enable tile cache updates that were disabled in FrameView::clear().
        This fixes the issue for WK1.

        * page/FrameView.h:
        Declare an exported function, didReplaceMultipartContent(), that WebKit
        can call.

2015-05-27  Brady Eidson  <beidson@apple.com>

        Remove unused ResourceRequest "user initiated" flag.
        https://bugs.webkit.org/show_bug.cgi?id=145428

        Reviewed by Alexey Proskuryakov.

        No new tests (No change in behavior).

        * platform/ios/WebCoreSystemInterfaceIOS.mm:
        * platform/mac/WebCoreSystemInterface.mm:

        * platform/network/ResourceRequestBase.h:
        (WebCore::ResourceRequestBase::initiatedByUserGesture): Deleted.
        (WebCore::ResourceRequestBase::setInitiatedByUserGesture): Deleted.
        (WebCore::ResourceRequestBase::encodeWithoutPlatformData): Deleted.
        (WebCore::ResourceRequestBase::decodeWithoutPlatformData): Deleted.

        * platform/network/cf/ResourceRequestCFNet.cpp:
        (WebCore::ResourceRequest::doUpdatePlatformRequest): Deleted.
        (WebCore::ResourceRequest::doUpdateResourceRequest): Deleted.

        * platform/network/cocoa/ResourceRequestCocoa.mm:
        (WebCore::ResourceRequest::doUpdateResourceRequest): Deleted.
        (WebCore::ResourceRequest::doUpdatePlatformRequest): Deleted.

2015-05-27  Brady Eidson  <beidson@apple.com>

        Add a "should open urls externally" flag to DocumentLoader.
        rdar://problem/21025301 and https://bugs.webkit.org/show_bug.cgi?id=145417

        Reviewed by Geoff Garen.

        No new tests (No change in behavior, testable at API level with a followup patch)

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::setTriggeringAction): Apply the current flag value to the 
          new NavigationAction so it can be used later.
        * loader/DocumentLoader.h:
        (WebCore::DocumentLoader::setShouldOpenExternalURLsPolicy):
        (WebCore::DocumentLoader::shouldOpenExternalURLsPolicy):
        (WebCore::DocumentLoader::setTriggeringAction): Deleted.

        FrameLoadRequest should hold the new flag to pass into FrameLoader machinery:
        * loader/FrameLoadRequest.h:
        (WebCore::FrameLoadRequest::setShouldOpenExternalURLsPolicy):
        (WebCore::FrameLoadRequest::shouldOpenExternalURLsPolicy):

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::load): Set the flag on the newly created DocumentLoader but
          only if it is for the main frame.

        * loader/FrameLoaderTypes.h: Add a new enum for the flag.

        Navigation action should hold the new flag to pass to the policy delegate:
        * loader/NavigationAction.cpp:
        (WebCore::NavigationAction::NavigationAction):
        * loader/NavigationAction.h:
        (WebCore::NavigationAction::shouldOpenExternalURLsPolicy):
        (WebCore::NavigationAction::setShouldOpenExternalURLsPolicy):

        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy): Include the flag from the DocumentLoader
          in the NavigationAction.

2015-05-27  Gyuyoung Kim  <gyuyoung.kim@webkit.org>

        Purge PassRefPtr in WebCore/Modules - 2
        https://bugs.webkit.org/show_bug.cgi?id=145304

        Reviewed by Darin Adler.

        As a step to remove PassRefPtr, this patch replaces PassRefPtr with Ref or RefPtr.

        No new tests, no behavior changes

        * Modules/mediasource/SourceBufferList.h:
        * Modules/mediastream/AllAudioCapabilities.h:
        (WebCore::AllAudioCapabilities::create):
        * Modules/mediastream/AllVideoCapabilities.h:
        (WebCore::AllVideoCapabilities::create):
        * Modules/mediastream/CapabilityRange.cpp:
        (WebCore::CapabilityRange::create):
        * Modules/mediastream/CapabilityRange.h:
        * Modules/mediastream/MediaSourceStates.cpp:
        (WebCore::MediaSourceStates::create):
        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::create):
        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::create):
        * Modules/mediastream/MediaStreamTrackSourcesRequest.cpp:
        (WebCore::MediaStreamTrackSourcesRequest::create):
        * Modules/mediastream/MediaTrackConstraint.cpp:
        (WebCore::MediaTrackConstraint::create):
        * Modules/mediastream/MediaTrackConstraint.h:
        * Modules/mediastream/RTCConfiguration.h:
        (WebCore::RTCConfiguration::create):
        * Modules/mediastream/RTCIceServer.h:
        (WebCore::RTCIceServer::create):
        * Modules/mediastream/RTCSessionDescription.cpp:
        (WebCore::RTCSessionDescription::create):
        * Modules/mediastream/RTCSessionDescription.h:
        * Modules/mediastream/RTCSessionDescriptionRequestImpl.cpp:
        (WebCore::RTCSessionDescriptionRequestImpl::create):
        * Modules/mediastream/RTCStatsReport.cpp:
        (WebCore::RTCStatsReport::create):
        * Modules/mediastream/RTCStatsReport.h:
        * Modules/mediastream/RTCStatsRequestImpl.cpp:
        (WebCore::RTCStatsRequestImpl::create):
        * Modules/mediastream/RTCStatsRequestImpl.h:
        * Modules/mediastream/RTCStatsResponse.cpp:
        (WebCore::RTCStatsResponse::create):
        * Modules/mediastream/RTCStatsResponse.h:
        * Modules/mediastream/RTCVoidRequestImpl.cpp:
        (WebCore::RTCVoidRequestImpl::create):
        * Modules/mediastream/RTCVoidRequestImpl.h:
        * Modules/mediastream/SourceInfo.cpp:
        (WebCore::SourceInfo::create):
        * Modules/mediastream/SourceInfo.h:
        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::create):
        * Modules/mediastream/UserMediaRequest.h:
        * Modules/quota/StorageInfo.h:
        (WebCore::StorageInfo::create):
        * Modules/quota/StorageQuota.h:
        (WebCore::StorageQuota::create):
        * Modules/speech/SpeechSynthesis.cpp:
        (WebCore::SpeechSynthesis::create):
        * Modules/speech/SpeechSynthesis.h:
        * Modules/speech/SpeechSynthesisUtterance.cpp:
        (WebCore::SpeechSynthesisUtterance::create):
        * Modules/speech/SpeechSynthesisUtterance.h:
        * Modules/speech/SpeechSynthesisVoice.cpp:
        (WebCore::SpeechSynthesisVoice::create):
        * Modules/speech/SpeechSynthesisVoice.h:
        * Modules/webaudio/ChannelMergerNode.cpp:
        (WebCore::ChannelMergerNode::create):
        * Modules/webaudio/ChannelMergerNode.h:
        * Modules/webaudio/ChannelSplitterNode.cpp:
        (WebCore::ChannelSplitterNode::create):
        * Modules/webaudio/ChannelSplitterNode.h:
        * Modules/webaudio/DefaultAudioDestinationNode.h:
        (WebCore::DefaultAudioDestinationNode::create):
        * Modules/webaudio/GainNode.h:
        (WebCore::GainNode::create):
        * Modules/webaudio/MediaElementAudioSourceNode.cpp:
        (WebCore::MediaElementAudioSourceNode::create):
        * Modules/webaudio/MediaElementAudioSourceNode.h:
        * Modules/webaudio/MediaStreamAudioDestinationNode.cpp:
        (WebCore::MediaStreamAudioDestinationNode::create):
        * Modules/webaudio/MediaStreamAudioDestinationNode.h:
        * Modules/webaudio/MediaStreamAudioSource.cpp:
        (WebCore::MediaStreamAudioSource::create):
        * Modules/webaudio/MediaStreamAudioSource.h:
        * Modules/webaudio/MediaStreamAudioSourceNode.cpp:
        (WebCore::MediaStreamAudioSourceNode::create):
        * Modules/webaudio/MediaStreamAudioSourceNode.h:
        * Modules/webaudio/OscillatorNode.cpp:
        (WebCore::OscillatorNode::setType):
        * Modules/webaudio/PannerNode.h:
        (WebCore::PannerNode::create):
        * Modules/webaudio/PeriodicWave.cpp:
        (WebCore::PeriodicWave::create):
        (WebCore::PeriodicWave::createSine):
        (WebCore::PeriodicWave::createSquare):
        (WebCore::PeriodicWave::createSawtooth):
        (WebCore::PeriodicWave::createTriangle):
        * Modules/webaudio/PeriodicWave.h:
        * Modules/webaudio/ScriptProcessorNode.cpp:
        (WebCore::ScriptProcessorNode::create):
        * Modules/webaudio/ScriptProcessorNode.h:
        * Modules/webaudio/WaveShaperNode.h:
        (WebCore::WaveShaperNode::create):

2015-05-27  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r183820): webkit.org/blog/ background painting issue on reload, when the page contains videos
        https://bugs.webkit.org/show_bug.cgi?id=145420

        Reviewed by Dean Jackson.

        After r183820, the media controls no longer had a wrapper that created CSS stacking context.
        The media controls on Mac use mix-blend-mode, which causes the compositing code to look for
        a stacking context ancestor and make it composited. After this change, it would walk up
        to a layer outside of the media element (e.g. the document element's layer), and make
        that composited. This triggered bugs with root background painting.

        Prevent mix-blend-mode affecting content outside the media elements by having the media element's
        layer act as a stacking context.

        Test: media/controls-layers.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::RenderLayer):
        * rendering/RenderLayer.h:

2015-05-27  Andreas Kling  <akling@apple.com>

        [WK2] Local storage areas should get torn down when they have no remaining references.
        <https://webkit.org/b/143339>
        <rdar://problem/20156436>

        Reviewed by Darin Adler.

        Add StorageArea::securityOrigin() implementations.

        * loader/EmptyClients.cpp:
        * storage/StorageArea.h:

2015-05-27  Dean Jackson  <dino@apple.com>

        img.currentSrc problem in strict mode with old picturefill
        https://bugs.webkit.org/show_bug.cgi?id=144095
        <rdar://problem/21087013>

        Reviewed by Simon Fraser.

        Add a PICTURE_SIZES flag. This allows us to easily remove the currentSrc
        attribute on HTMLImageElement, which is causing some issues with
        <picture> polyfills.

        * Configurations/FeatureDefines.xcconfig:
        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::setBestFitURLAndDPRFromImageCandidate): Add guard around use of m_currentSrc.
        * html/HTMLImageElement.h:
        * html/HTMLImageElement.idl: Guard the currentSrc attribute.
        * html/parser/HTMLPreloadScanner.cpp:
        (WebCore::TokenPreloadScanner::StartTagScanner::processAttributes):
        (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):

2015-05-27  Daniel Bates  <dabates@apple.com>

        Attempt to fix internal build following <http://trac.webkit.org/changeset/184760>
        (https://bugs.webkit.org/show_bug.cgi?id=145289)

        Reviewed by Jer Noble.

        * platform/spi/mac/AVFoundationSPI.h:

2015-05-27  Jeremy Jones  <jeremyj@apple.com>

        Refactor WebKit1 specific threading code out of WebVideoFullscreen code that is shared with WebKit2.
        https://bugs.webkit.org/show_bug.cgi?id=143954

        Reviewed by Darin Adler.

        WebVideoFullscreenInterfaceAVKit is used in both WebKit1 and WebKit2. In WebKit1, the model runs in the WebThread, while
        the interface is on the main thread. So there is code to dispatch between these two thread when communicating between the
        interface and the model. In WebKit2, this is handled automatically by the IPC mechanism. As a result, the threading code
        in WebVideoFullscreenbInterfaceAVKit and in WebVideoFullscreenModelVideoElement is redundant in WebKit2 and relies on
        WebThreadRun being a no-op in WebKit2.

        This change clarifies this and simplifies the WebKit2 path by moving the WebKit1 specific threading code into
        WebVideoFullscreenControllerContext, which is the WebKit1 specific controller.

        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (WebVideoFullscreenControllerContext::WebVideoFullscreenControllerContext):
        (WebVideoFullscreenControllerContext::setController):
        (WebVideoFullscreenControllerContext::didSetupFullscreen):
        (WebVideoFullscreenControllerContext::didExitFullscreen):
        (WebVideoFullscreenControllerContext::didCleanupFullscreen):
        (WebVideoFullscreenControllerContext::fullscreenMayReturnToInline):
        (WebVideoFullscreenControllerContext::resetMediaState):
        (WebVideoFullscreenControllerContext::setDuration):
        (WebVideoFullscreenControllerContext::setCurrentTime):
        (WebVideoFullscreenControllerContext::setBufferedTime):
        (WebVideoFullscreenControllerContext::setRate):
        (WebVideoFullscreenControllerContext::setVideoDimensions):
        (WebVideoFullscreenControllerContext::setSeekableRanges):
        (WebVideoFullscreenControllerContext::setCanPlayFastReverse):
        (WebVideoFullscreenControllerContext::setAudioMediaSelectionOptions):
        (WebVideoFullscreenControllerContext::setLegibleMediaSelectionOptions):
        (WebVideoFullscreenControllerContext::setExternalPlayback):
        (WebVideoFullscreenControllerContext::play):
        (WebVideoFullscreenControllerContext::pause):
        (WebVideoFullscreenControllerContext::togglePlayState):
        (WebVideoFullscreenControllerContext::beginScrubbing):
        (WebVideoFullscreenControllerContext::endScrubbing):
        (WebVideoFullscreenControllerContext::seekToTime):
        (WebVideoFullscreenControllerContext::fastSeek):
        (WebVideoFullscreenControllerContext::beginScanningForward):
        (WebVideoFullscreenControllerContext::beginScanningBackward):
        (WebVideoFullscreenControllerContext::endScanning):
        (WebVideoFullscreenControllerContext::requestExitFullscreen):
        (WebVideoFullscreenControllerContext::setVideoLayerFrame):
        (WebVideoFullscreenControllerContext::setVideoLayerGravity):
        (WebVideoFullscreenControllerContext::selectAudioMediaOption):
        (WebVideoFullscreenControllerContext::selectLegibleMediaOption):
        (WebVideoFullscreenControllerContext::fullscreenModeChanged):
        (WebVideoFullscreenControllerContext::setupFullscreen):
        (WebVideoFullscreenControllerContext::exitFullscreen):
        (WebVideoFullscreenControllerContext::requestHideAndExitFullscreen):
        (-[WebVideoFullscreenController init]):
        (-[WebVideoFullscreenController dealloc]):
        (-[WebVideoFullscreenController enterFullscreen:mode:]):
        (-[WebVideoFullscreenController exitFullscreen]):
        (-[WebVideoFullscreenController requestHideAndExitFullscreen]):
        (-[WebVideoFullscreenController didFinishFullscreen:]):
        (WebVideoFullscreenControllerChangeObserver::setTarget): Deleted.
        (-[WebVideoFullscreenController didSetupFullscreen]): Deleted.
        (-[WebVideoFullscreenController didEnterFullscreen]): Deleted.
        (-[WebVideoFullscreenController didExitFullscreen]): Deleted.
        (-[WebVideoFullscreenController didCleanupFullscreen]): Deleted.
        (-[WebVideoFullscreenController fullscreenMayReturnToInline]): Deleted.
        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebAVVideoLayer setBounds:]):
        (-[WebAVVideoLayer resolveBounds]):
        (WebVideoFullscreenInterfaceAVKit::resetMediaState):
        (WebVideoFullscreenInterfaceAVKit::setDuration):
        (WebVideoFullscreenInterfaceAVKit::setCurrentTime):
        (WebVideoFullscreenInterfaceAVKit::setBufferedTime):
        (WebVideoFullscreenInterfaceAVKit::setRate):
        (WebVideoFullscreenInterfaceAVKit::setVideoDimensions):
        (WebVideoFullscreenInterfaceAVKit::setSeekableRanges):
        (WebVideoFullscreenInterfaceAVKit::setCanPlayFastReverse):
        (WebVideoFullscreenInterfaceAVKit::setAudioMediaSelectionOptions):
        (WebVideoFullscreenInterfaceAVKit::setLegibleMediaSelectionOptions):
        (WebVideoFullscreenInterfaceAVKit::setExternalPlayback):
        (WebVideoFullscreenInterfaceAVKit::setupFullscreen):
        (WebVideoFullscreenInterfaceAVKit::enterFullscreen):
        (WebVideoFullscreenInterfaceAVKit::enterFullscreenStandard):
        (WebVideoFullscreenInterfaceAVKit::exitFullscreen):
        (WebVideoFullscreenInterfaceAVKit::exitFullscreenInternal):
        (WebVideoFullscreenInterfaceAVKit::cleanupFullscreen):
        (WebVideoFullscreenInterfaceAVKit::cleanupFullscreenInternal):
        (WebVideoFullscreenInterfaceAVKit::requestHideAndExitFullscreen):
        (WebVideoFullscreenInterfaceAVKit::preparedToReturnToInline):
        (WebVideoFullscreenInterfaceAVKit::willStartOptimizedFullscreen):
        (WebVideoFullscreenInterfaceAVKit::didStartOptimizedFullscreen):
        (WebVideoFullscreenInterfaceAVKit::willStopOptimizedFullscreen):
        (WebVideoFullscreenInterfaceAVKit::didStopOptimizedFullscreen):
        (WebVideoFullscreenInterfaceAVKit::willCancelOptimizedFullscreen):
        (WebVideoFullscreenInterfaceAVKit::didCancelOptimizedFullscreen):
        (WebVideoFullscreenInterfaceAVKit::setVideoLayerFrame):
        (WebVideoFullscreenInterfaceAVKit::setupFullscreenInternal): Deleted.
        * platform/ios/WebVideoFullscreenModel.h:
        * platform/ios/WebVideoFullscreenModelVideoElement.h:
        * platform/ios/WebVideoFullscreenModelVideoElement.mm:
        (WebVideoFullscreenModelVideoElement::setVideoFullscreenLayer):
        (WebVideoFullscreenModelVideoElement::play):
        (WebVideoFullscreenModelVideoElement::pause):
        (WebVideoFullscreenModelVideoElement::togglePlayState):
        (WebVideoFullscreenModelVideoElement::beginScrubbing):
        (WebVideoFullscreenModelVideoElement::endScrubbing):
        (WebVideoFullscreenModelVideoElement::seekToTime):
        (WebVideoFullscreenModelVideoElement::fastSeek):
        (WebVideoFullscreenModelVideoElement::beginScanningForward):
        (WebVideoFullscreenModelVideoElement::beginScanningBackward):
        (WebVideoFullscreenModelVideoElement::endScanning):
        (WebVideoFullscreenModelVideoElement::requestExitFullscreen):
        (WebVideoFullscreenModelVideoElement::fullscreenModeChanged):
        (WebVideoFullscreenModelVideoElement::videoLayerFrame): Deleted.
        (WebVideoFullscreenModelVideoElement::videoLayerGravity): Deleted.

2015-05-27  Eric Carlson  <eric.carlson@apple.com>

        [Mac] short-circuit MIME type lookup when possible
        https://bugs.webkit.org/show_bug.cgi?id=145362

        Reviewed by Jer Noble.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::isUnsupportedMIMEType): Renamed from unsupportedMIMEType. Convert type to lower case
        once instead of calling equalIgnoringCase many times.
        (WebCore::staticMIMETypeList): Renamed from staticMimeTypeCache. Initialize static set in a lambda,
        using an array of C strings in a loop.
        (WebCore::avfMIMETypes): Renamed from avfMimeTypeCache. Initialize static set in a lambda.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::getSupportedTypes): avfMimeTypeCache -> avfMIMETypes.
        (WebCore::keySystemIsSupported): equalIgnoringCase -> equalIgnoringASCIICase.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::supportsType): Ditto.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::supportsKeySystem): unsupportedMIMEType -> 
        isUnsupportedMIMEType, equalIgnoringCase -> equalIgnoringASCIICase, staticMimeTypeCache -> 
        staticMIMETypeList, avfMimeTypeCache -> avfMIMETypes.
        (WebCore::unsupportedMIMEType): Deleted.
        (WebCore::staticMimeTypeCache): Deleted.
        (WebCore::avfMimeTypeCache): Deleted.

2015-05-27  Eric Carlson  <eric.carlson@apple.com>

        [Mac] short-circuit MIME type lookup when possible
        https://bugs.webkit.org/show_bug.cgi?id=145362

        Reviewed by Dean Jackson.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::unsupportedMIMEType): New, reject types known to not be supported.
        (WebCore::staticMimeTypeCache): Accept MIME types known to be supported.
        (WebCore::avfMimeTypeCache): Renamed from mimeTypeCache.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::getSupportedTypes): mimeTypeCache -> staticMimeTypeCache.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::supportsType): Return immediately if
        unsupportedMIMEType returns true, don't call AVFoundation if staticMimeTypeCache returns true.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::supportsKeySystem): Ditto.
        (WebCore::mimeTypeCache): Deleted.

2015-05-27  Eric Carlson  <eric.carlson@apple.com>

        [Mac] occasional crash in MediaPlayerPrivateAVFoundationObjC::didStopLoadingRequest
        https://bugs.webkit.org/show_bug.cgi?id=145409

        Reviewed by Dean Jackson.

        * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
        (WebCore::WebCoreAVFResourceLoader::stopLoading): NULL-check m_avRequest.

2015-05-26  Dean Jackson  <dino@apple.com>

        Backdrop filters don't animate
        https://bugs.webkit.org/show_bug.cgi?id=145386
        <rdar://problem/21110037>

        Reviewed by Simon Fraser.

        Add support for animation of backdrop filters.

        Note that, at the moment, we can only animate/transition
        backdrop-filter if it is already present on the element. See
        https://bugs.webkit.org/show_bug.cgi?id=145107

        Test: css3/filters/backdrop/animation.html

        * page/animation/AnimationBase.h: Add m_backdropFilterFunctionListsMatch and backdropFilterFunctionListsMatch.
        (WebCore::AnimationBase::backdropFilterFunctionListsMatch):

        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::blendFunc): backdrop-filter is also supported.
        (WebCore::PropertyWrapperAcceleratedBackdropFilter::PropertyWrapperAcceleratedBackdropFilter): Added. Works
        similarly to the PropertyWrapperAcceleratedFilter.
        (WebCore::PropertyWrapperAcceleratedBackdropFilter::animationIsAccelerated):
        (WebCore::PropertyWrapperAcceleratedBackdropFilter::blend):
        (WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap): Construct the
        PropertyWrapperAcceleratedBackdropFilter.

        * page/animation/ImplicitAnimation.cpp:
        (WebCore::ImplicitAnimation::reset): Call checkForMatchingBackdropFilterFunctionLists.
        (WebCore::ImplicitAnimation::validateTransformFunctionList): Fix typo.
        (WebCore::ImplicitAnimation::checkForMatchingFilterFunctionLists): Remove whitespace.
        (WebCore::ImplicitAnimation::checkForMatchingBackdropFilterFunctionLists): New method that
        checks if the individual filters in a filter list match.
        * page/animation/ImplicitAnimation.h: Add checkForMatchingBackdropFilterFunctionLists.

        * page/animation/KeyframeAnimation.cpp:
        (WebCore::KeyframeAnimation::KeyframeAnimation): Call checkForMatchingBackdropFilterFunctionLists.
        (WebCore::KeyframeAnimation::checkForMatchingBackdropFilterFunctionLists): Copied from
        checkForMatchingFilterFunctionLists, but calls backdropFilter() instead of filter().
        (WebCore::KeyframeAnimation::checkForMatchingFilterFunctionLists): This was accidentally checking
        for backdrop filters as well, but it wouldn't have worked.
        * page/animation/KeyframeAnimation.h: Add checkForMatchingBackdropFilterFunctionLists.

        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::validateFilterOperations): Modify the ASSERT to allow AnimatedPropertyWebkitBackdropFilter.
        * platform/graphics/GraphicsLayerClient.h: Add AnimatedPropertyWebkitBackdropFilter to the enum.

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::propertyIdToString): Support new enum.
        (WebCore::GraphicsLayerCA::addAnimation): Support AnimatedPropertyWebkitBackdropFilter.
        (WebCore::GraphicsLayerCA::createFilterAnimationsFromKeyframes): Ditto.
        (WebCore::GraphicsLayerCA::animatedLayer): Use a switch statement now that we have more than
        two options, and handle AnimatedPropertyWebkitBackdropFilter.
        (WebCore::GraphicsLayerCA::updateAnimations): Deleted a blank line.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::startAnimation): Support animation of backdrop-filter.
        (WebCore::RenderLayerBacking::startTransition): Ditto. Copied the code from the filter transition.
        (WebCore::RenderLayerBacking::graphicsLayerToCSSProperty):
        (WebCore::RenderLayerBacking::cssToGraphicsLayerProperty):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::requiresCompositingForAnimation):

2015-05-27  Jeremy Jones  <jeremyj@apple.com>

        Handle case where -startOptimizedFullscreen fails.
        https://bugs.webkit.org/show_bug.cgi?id=145340

        Reviewed by Eric Carlson.

        Add new AVPlayerViewController delegate methods and remove old ones.
        -startOptimizedFullscreen can either fail silently because it is not allowed or it will call a delegate.
        We prevent silent failure by testing preconditions in enterFullscreenOptimized, and add the 
        delegate -playerViewControllerFailedToStartOptimizedFullscreen to handle explicitly failure.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.h: added/removed method declarations.
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: 
        (-[WebAVPlayerController playerViewControllerFailedToStartOptimizedFullscreen:withError:]): Added.
        (WebVideoFullscreenInterfaceAVKit::enterFullscreenOptimized): Handle silent failure.
        (WebVideoFullscreenInterfaceAVKit::didStartOptimizedFullscreen): Hide window on main thread.
        (WebVideoFullscreenInterfaceAVKit::failedToStartOptimizedFullscreen): Added
        (-[WebAVPlayerController playerViewControllerWillCancelOptimizedFullscreen:]): Deleted.
        (-[WebAVPlayerController playerViewControllerDidCancelOptimizedFullscreen:]): Deleted.
        (WebVideoFullscreenInterfaceAVKit::willCancelOptimizedFullscreen): Deleted.
        (WebVideoFullscreenInterfaceAVKit::didCancelOptimizedFullscreen): Deleted.
        * platform/spi/cocoa/AVKitSPI.h: Remove dead SPI. Add isOptimizedFullscreenPossible.

2015-05-27  Myles C. Maxfield  <mmaxfield@apple.com>

        [iOS] Arabic ligatures are broken in Google Maps
        https://bugs.webkit.org/show_bug.cgi?id=145336
        <rdar://problem/20689607>

        Reviewed by Darin Adler.

        When we fall off the end of the font fallback list, we ask the platform for which particular font we should use
        to display a particular codepoint. When we do this, we supply the font which is first in the fallback list so
        that the platform can try to match it as best it can. However, web fonts' FontPlatformData have a null m_font
        property, which means that we were passing nullptr to this platform fallback function.

        The solution is something I've wanted to do for a while, which is migrate webfonts from using
        CGDataProviderCreateWithCFData() to using CTFontManagerCreateFontDescriptorFromData(). This call creates a
        CoreText font for an in-memory buffer (the old call was creating a CoreGraphics front from the same thing).
        This means that we can use the FontPlatformData constructor which accepts a CoreText font, thereby making web
        fonts not have a null m_font property. Note that not all platforms can use this call, which means that this
        new codepath is gated to only certain OSes (which is okay because only certain OSes use the
        CTFontCreatePhysicalFontDescriptorForCharactersWithLanguage() call inside FontCache). Because web fonts are the
        only user of the constructor which just takes a CG font, we can make the constructor private to the
        FontPlatformData class (as soon as all platforms can use this new codepath).

        Test: platform/ios-simulator/fast/text/arabic-with-no-supporting-webfont.html

        * platform/graphics/FontPlatformData.h: Make the FontPlatformData constructor which takes a CGFontRef private.
        * platform/graphics/mac/FontCustomPlatformData.cpp:
        (WebCore::FontCustomPlatformData::fontPlatformData): Use the CoreText type instead of the CoreGraphics type.
        (WebCore::createFontCustomPlatformData): Migrate to CTFontManagerCreateFontDescriptorFromData().
        * platform/graphics/mac/FontCustomPlatformData.h:
        (WebCore::FontCustomPlatformData::FontCustomPlatformData): Store a CTFontDescriptorRef instead of a CGFontRef.

2015-05-26  Said Abou-Hallawa  <sabouhallawa@apple.com>

        An SVG with no intrinsic size does not draw correct slices when used as a border-image for an HTML element.
        https://bugs.webkit.org/show_bug.cgi?id=139405

        Reviewed by Darin Adler.
        
        When using a non-intrinsic-sized image as an image-border, all the source
        slices have to be extracted from the top-left corner of the source image.
        This is because the right and bottom sides of the image can not be known.
        Also all the slices should not be stretched. In other words, the sizes of
        source slices for a non-intrinsic-sized image should be equal to the sizes
        of the destination container slices.

        This is not compliant with the css3 w3c specs. I think the specs makes it
        harder to predict what exactly will be drawn for the image-border in this
        case. See http://www.w3.org/TR/css3-background/#border-image-slice. This
        approach is implemented by FireFox. And I think it gives a more predictable 
        rendering for image-border in the case of non-intrinsic-sized images.
        
        Test: fast/borders/border-image-fill-no-intrinsic-size.html

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/LengthBox.cpp: Removed.
        * platform/graphics/LayoutBoxExtent.cpp: Removed.
        * platform/graphics/LayoutBoxExtent.h: Removed.
        * platform/graphics/LayoutRect.h:
        Delete LengthBox.cpp and move all the functionalities to LengthBox.h.
        Delete LayoutBoxExtent.cpp since it is the same class as LengthBox.
        
        * css/CSSProperty.cpp:
        * platform/text/WritingMode.h:
        Move the enums LogicalBoxSide and PhysicalBoxSide
        from CSSProperty.cpp to WritingMode.h so it can be used by other classes.
        
        * css/CSSToStyleMap.cpp:
        (WebCore::CSSToStyleMap::mapNinePieceImageSlice):
        (WebCore::CSSToStyleMap::mapNinePieceImageQuad):
        * css/CSSToStyleMap.h:
        * inspector/InspectorOverlay.cpp:
        (WebCore::buildRendererHighlight):
        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::addBorderOutsetVisualOverflow):
        * rendering/RenderBox.h:
        (WebCore::RenderBox::marginLogicalLeft):
        (WebCore::RenderBox::marginLogicalRight):
        (WebCore::RenderBox::setMarginBefore):
        (WebCore::RenderBox::setMarginAfter):
        (WebCore::RenderBox::setMarginStart):
        (WebCore::RenderBox::setMarginEnd):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::setClip):
        (WebCore::RenderStyle::noneDashboardRegions):
        * rendering/style/RenderStyle.h:
        Use the new BoxExtent access methods for getting and settings the sides of
        LengthBox and LayoutBoxExtent.
        
        * platform/LengthBox.h:
        (WebCore::BoxExtent::BoxExtent):
        (WebCore::BoxExtent::at):
        (WebCore::BoxExtent::top):
        (WebCore::BoxExtent::right):
        (WebCore::BoxExtent::bottom):
        (WebCore::BoxExtent::left):
        (WebCore::BoxExtent::setAt):
        (WebCore::BoxExtent::setTop):
        (WebCore::BoxExtent::setRight):
        (WebCore::BoxExtent::setBottom):
        (WebCore::BoxExtent::setLeft):
        (WebCore::BoxExtent::before):
        (WebCore::BoxExtent::end):
        (WebCore::BoxExtent::after):
        (WebCore::BoxExtent::start):
        (WebCore::BoxExtent::setBefore):
        (WebCore::BoxExtent::setEnd):
        (WebCore::BoxExtent::setAfter):
        (WebCore::BoxExtent::setStart):
        (WebCore::BoxExtent::operator==):
        (WebCore::BoxExtent::operator!=):
        (WebCore::LengthBox::LengthBox):
        (WebCore::LengthBox::isZero):
        (WebCore::LengthBox::left): Deleted.
        (WebCore::LengthBox::right): Deleted.
        (WebCore::LengthBox::top): Deleted.
        (WebCore::LengthBox::bottom): Deleted.
        (WebCore::LengthBox::operator==): Deleted.
        (WebCore::LengthBox::operator!=): Deleted.
        (WebCore::LengthBox::nonZero): Deleted.
        Define a new template class for 'BoxExtent'. A 'BoxExtent' represents the
        extent of four sides of a box. Use this class template to define the exiting 
        classes 'LengthBox' and 'LayoutBoxExtent'. Use it also to and define the
        new class FloatBoxExtent
            
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::calculateImageIntrinsicDimensions):
        * rendering/RenderBoxModelObject.h:
        (WebCore::RenderBoxModelObject::calculateFillTileSize):
        * rendering/RenderListMarker.cpp:
        (WebCore::RenderListMarker::updateContent):
        * rendering/shapes/ShapeOutsideInfo.cpp:
        (WebCore::ShapeOutsideInfo::createShapeForImage):
        Change the return value of calculateImageIntrinsicDimensions() to be a
        bool which indicates whether the image has an intrinsic size or not. Add
        a new reference argument to this function receive the resolved image size.
        
        (WebCore::RenderBoxModelObject::paintNinePieceImage): Move all the painting
        code of this function to NinePieceImage::paint()
        
        (WebCore::computeBorderImageSide): Deleted.
        Renamed to be NinePieceImage::computeSlice().
        
        * rendering/style/BorderData.h:
        (WebCore::BorderData::borderWidth): Add a new method to return the extents
        of the border in a FloatBoxExtent.
        
        * rendering/style/NinePieceImage.cpp:
        (WebCore::NinePieceImage::computeSlice): Moved from NinePieceImage::computeSlice().
        
        (WebCore::NinePieceImage::computeSlices): The first version of this function
        computes the slices given their lengths. The slices have to be clamped to
        the container size. The second version of this function computes the slices
        given their lengths, their actual extents and their source slices.
        
        (WebCore::NinePieceImage::scaleSlicesIfNeeded):  Reduce the slices if they
        are too large.
        
        (WebCore::NinePieceImage::isEmptyPieceRect): Returns true if an ImagePiece
        should not be drawn.
        
        (WebCore::NinePieceImage::horizontalTileRules):
        (WebCore::NinePieceImage::verticalTileRules):
        Fill vectors of tiling rules to be passed to GraphicsContext::drawTiledImage()
        
        (WebCore::NinePieceImage::computeIntrinsicRects): Computes the nine pieces
        rectangles for an intrinsic-sized container.
        
        (WebCore::NinePieceImage::computeNonIntrinsicRects): Computes the nine
        pieces rectangles for an non-intrinsic-sized source image. The computed
        rectangles have to start at (0, 0) and their sizes should be equal to
        the sizes of the nine pieces rectangles of the destination container.
        
        (WebCore::NinePieceImage::computeIntrinsicSideTileScale):
        (WebCore::NinePieceImage::computeIntrinsicMiddleTileScale):
        (WebCore::NinePieceImage::computeIntrinsicTileScales):
        (WebCore::NinePieceImage::computeNonIntrinsicTileScales):
        Computes the scaling factors for drawing the tiles. For non-intrinsic source
        images, there should not be any scaling factors. 
        
        (WebCore::NinePieceImage::paint): Moved from RenderBoxModelObject::paintNinePieceImage()
        but simplified and restructured.
        
        (WebCore::NinePieceImageData::NinePieceImageData): Use nullptr instead of 0.
        
        * rendering/style/NinePieceImage.h:
        (WebCore::operator++):
        (WebCore::isCornerPiece): 
        (WebCore::isMiddlePiece):
        (WebCore::imagePieceHorizontalSide):
        (WebCore::imagePieceVerticalSide):
        Add helper functions for the enum ImagePiece.

2015-05-26  Andreas Kling  <akling@apple.com>

        <font face> doesn't support plus character in font family names.
        <https://webkit.org/b/145400>
        <rdar://problem/21097484>

        Reviewed by Darin Adler.

        Turn CSSParser::parseFontFaceValue() into a fast-path parser for
        <font face> attributes.
        Going through the full CSS parser was hurting us here, as it would
        misunderstand unquoted family names and choke on e.g '+'.

        Test: fast/dom/HTMLFontElement/face-attribute.html

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseFontFaceValue):

2015-05-26  Chris Fleizach  <cfleizach@apple.com>

        AX: display:none content exposed to accessibility when aria-hidden is toggled on ancestor element
        https://bugs.webkit.org/show_bug.cgi?id=139142

        Reviewed by Darin Adler.
     
        Amend the code that determines when an invisible, but aria-hidden=false, element is exposed to accessibility.

        The new guideline is that you must have aria-hidden=false on every node that is not rendered (except text which inherits)
        otherwise the element will not be visible.

        Modified existing test: accessibility/aria-hidden-false-works-in-subtrees.html

        * accessibility/AXObjectCache.cpp:
        (WebCore::isNodeAriaVisible):
        (WebCore::AXObjectCache::rootWebArea):

2015-05-26  Roger Fong  <roger_fong@apple.com>

        Enable element unsigned index in WebGL2 again.
        https://bugs.webkit.org/show_bug.cgi?id=145392
        <rdar://problem/21112585>.

        Reviewed by Dean Jackson.

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::validateDrawElements):
        Fix some incorrect logic that disables the feature for WebGL2.

2015-05-26  Chris Dumez  <cdumez@apple.com>

        Add assertions to make sure pages in the PageCache are not loading
        https://bugs.webkit.org/show_bug.cgi?id=145397
        <rdar://problem/20613631>

        Reviewed by Antti Koivisto.

        Add assertions to make sure pages in the PageCache are not loading.
        These will hopefully help track down why PacheCache entries sometimes
        have pending subresource loads when being destroyed.

        * history/CachedFrame.cpp:
        (WebCore::CachedFrame::CachedFrame):
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::stopLoadingSubresources):
        (WebCore::DocumentLoader::addSubresourceLoader):

2015-05-26  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r184872.
        https://bugs.webkit.org/show_bug.cgi?id=145396

        Bindings tests broken on the bots. (Requested by dethbakin on
        #webkit).

        Reverted changeset:

        "Binding generator should support interfaces with
        CustomConstructor and NoInterfaceObject"
        https://bugs.webkit.org/show_bug.cgi?id=145016
        http://trac.webkit.org/changeset/184872

2015-05-26  Zalan Bujtas  <zalan@apple.com>

        Overhanging float sets are not cleaned up properly when floating renderer is destroyed.
        https://bugs.webkit.org/show_bug.cgi?id=145323
        rdar://problem/20980628

        Reviewed by Dave Hyatt.

        This patch ensures when an overhanging float renderer is destroyed,
        all the sibling containers' floating object set(m_floatingObjects) gets properly cleaned up.

        When an overhanging float is present, we cache the renderer on the parent and on the affected
        sibling containers too. (RenderBlockFlow::m_floatingObjects) These caches(sets) get cleared and repopulated
        during ::layout(). In order to have a float renderer removed from a set, a layout needs to be initiated on the container.
        This is normally done through RenderBlockFlow::markSiblingsWithFloatsForLayout() and RenderBlockFlow::markAllDescendantsWithFloatsForLayout().
        However, when the float container's parent's writing direction changes (and we promote the children containers to new formatting contexts),
        the layout propagation through siblings does not work anymore.

        The avoidsFloats() check in RenderBlockFlow::markSiblingsWithFloatsForLayout() has very little performance gain, but it prevents us
        from propagating layout to siblings when certain properties of the parent container changes.

        Test: fast/block/float/crash-when-floating-object-is-removed.xhtml

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::markSiblingsWithFloatsForLayout):
        * rendering/RenderBox.cpp:
        (WebCore::outermostBlockContainingFloatingObject):
        (WebCore::RenderBox::removeFloatingOrPositionedChildFromBlockLists):
        (WebCore::RenderBox::outermostBlockContainingFloatingObject): Deleted.
        * rendering/RenderBox.h:

2015-05-26  Ryuan Choi  <ryuan.choi@navercorp.com>

        [EFL][CoordinatedGraphics] Remove CoordinatedTileClient and CoordinatedTileBackend
        https://bugs.webkit.org/show_bug.cgi?id=133337

        Reviewed by Darin Adler.

        This patch simplifies relationship between CoordinatedGraphicsLayer and TiledBackingStore
        by removing TiledBackingStoreBackend because TiledBackingStore only support
        CoordinatedTileBackend.
        And it also moves CoordinatedTileClient interface to TiledBackingStoreClient.

        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::createBackingStore):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
        * platform/graphics/texmap/coordinated/CoordinatedTile.cpp:
        (WebCore::CoordinatedTile::create):
        (WebCore::CoordinatedTile::CoordinatedTile):
        (WebCore::CoordinatedTile::~CoordinatedTile):
        (WebCore::CoordinatedTile::updateBackBuffer):
        (WebCore::CoordinatedTileBackend::CoordinatedTileBackend): Deleted.
        (WebCore::CoordinatedTileBackend::createTile): Deleted.
        (WebCore::CoordinatedTileBackend::paintCheckerPattern): Deleted.
        * platform/graphics/texmap/coordinated/CoordinatedTile.h:
        (WebCore::CoordinatedTile::create): Deleted.
        (WebCore::CoordinatedTileClient::~CoordinatedTileClient): Deleted.
        * platform/graphics/texmap/coordinated/TiledBackingStore.cpp:
        (WebCore::TiledBackingStore::TiledBackingStore):
        (WebCore::TiledBackingStore::createTiles):
        * platform/graphics/texmap/coordinated/TiledBackingStore.h:
        * platform/graphics/texmap/coordinated/TiledBackingStoreBackend.h: Removed.
        (WebCore::TiledBackingStoreBackend::~TiledBackingStoreBackend): Deleted.
        * platform/graphics/texmap/coordinated/TiledBackingStoreClient.h:

2015-05-26  Daegyu Lee  <daegyu.lee@navercorp.com>

        Fullscreen video does not display on platforms without accelerated video rendering
        https://bugs.webkit.org/show_bug.cgi?id=145118

        In order to paint video contents in fullscreen mode, add supportsAcceleratedRendering condition. 

        Reviewed by Simon Fraser.

        * rendering/RenderVideo.cpp:
        (WebCore::RenderVideo::paintReplaced):

2015-05-26  Said Abou-Hallawa  <sabouhallawa@apple.com>

        SVG fragment identifier rendering issue
        https://bugs.webkit.org/show_bug.cgi?id=137328

        Reviewed by Darin Adler.

        This is a follow up for http://trac.webkit.org/changeset/164983. In this
        changeset, scrolling to the fragment should have been added before the
        the paint to guarantee setting the proper display position for the SVG
        fragment.

        Test: svg/css/svg-resource-fragment-identifier-order.html

        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::draw): Move view->scrollToFragment() before calling 
        view->paint().

2015-05-26  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        Binding generator should support interfaces with CustomConstructor and NoInterfaceObject
        https://bugs.webkit.org/show_bug.cgi?id=145016

        Reviewed by Darin Adler.

        Updated code generator to generate the necessary declarations (constructor property in the prototype, the constructor class).
        In the case of CustomConstructor with NoInterfaceObject, the implementation of the constructor property related JS function is changed as follow:
        It creates a constructor object and shadows the constructor property JS function with this object.
        This ensures that only one constructor object is created per prototype.
        The constructor is not exposed as it is not added to the global object constructor map.

        NoInterfaceObject is asking to not make the interface visible, which is contradictory with having a visible constructor of the interface.
        The case for having NoInterfaceObject and CustomConstructor is the following:
        We do not want to expose the interface but we still want to have a constructor property on the prototype of objects implementing the interface.
        One such case is https://streams.spec.whatwg.org/#globals

        Added TestCustomConstructorWithNoInterfaceObject.idl to check that case.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        (GenerateAttributesHashTable):
        (GenerateImplementation):
        (HasConstructorProperty):
        * bindings/scripts/test/GObject/WebKitDOMTestCustomConstructorWithNoInterfaceObject.cpp: Added.
        (WebKit::kit):
        (WebKit::core):
        (WebKit::wrapTestCustomConstructorWithNoInterfaceObject):
        (webkit_dom_test_custom_constructor_with_no_interface_object_finalize):
        (webkit_dom_test_custom_constructor_with_no_interface_object_constructor):
        (webkit_dom_test_custom_constructor_with_no_interface_object_class_init):
        (webkit_dom_test_custom_constructor_with_no_interface_object_init):
        * bindings/scripts/test/GObject/WebKitDOMTestCustomConstructorWithNoInterfaceObject.h: Added.
        * bindings/scripts/test/GObject/WebKitDOMTestCustomConstructorWithNoInterfaceObjectPrivate.h: Added.
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp: Added.
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::create):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::createStructure):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::JSTestCustomConstructorWithNoInterfaceObjectPrototype):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectConstructor::create):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectConstructor::createStructure):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectConstructor::JSTestCustomConstructorWithNoInterfaceObjectConstructor):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectConstructor::finishCreation):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectConstructor::getConstructData):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::finishCreation):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObject::JSTestCustomConstructorWithNoInterfaceObject):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObject::createPrototype):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObject::getPrototype):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObject::destroy):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObject::~JSTestCustomConstructorWithNoInterfaceObject):
        (WebCore::jsTestCustomConstructorWithNoInterfaceObjectConstructor):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObject::getConstructor):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectOwner::isReachableFromOpaqueRoots):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObjectOwner::finalize):
        (WebCore::toJS):
        (WebCore::JSTestCustomConstructorWithNoInterfaceObject::toWrapped):
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.h: Added.
        (WebCore::wrapperOwner):
        (WebCore::toJS):
        * bindings/scripts/test/ObjC/DOMTestCustomConstructorWithNoInterfaceObject.h: Added.
        * bindings/scripts/test/ObjC/DOMTestCustomConstructorWithNoInterfaceObject.mm: Added.
        (-[DOMTestCustomConstructorWithNoInterfaceObject dealloc]):
        (-[DOMTestCustomConstructorWithNoInterfaceObject finalize]):
        (core):
        (kit):
        * bindings/scripts/test/ObjC/DOMTestCustomConstructorWithNoInterfaceObjectInternal.h: Added.
        * bindings/scripts/test/TestCustomConstructor.idl: Added.

2015-05-26  Joseph Pecoraro  <pecoraro@apple.com>

        CSS properties (font-synthesis, column-fill) are missing in getComputedStyles
        https://bugs.webkit.org/show_bug.cgi?id=145343

        Reviewed by Timothy Hatcher.

        * css/CSSComputedStyleDeclaration.cpp:

2015-05-26  Dan Bernstein  <mitz@apple.com>

        <rdar://problem/21104551> Update build settings

        Reviewed by Anders Carlsson.

        * Configurations/DebugRelease.xcconfig:
        * Configurations/FeatureDefines.xcconfig:
        * Configurations/Version.xcconfig:

2015-05-26  Csaba Osztrogonác  <ossy@webkit.org>

        [ARM] Build SVGPathElement.cpp with -O2 due to a GCC bug
        https://bugs.webkit.org/show_bug.cgi?id=145377

        Reviewed by Carlos Garcia Campos.

        * CMakeLists.txt:

2015-05-25  Dan Bernstein  <mitz@apple.com>

        Fixed a failing bindings test after r184853.

        * bindings/scripts/CodeGeneratorObjC.pm:
        (GenerateImplementation): Removed an extraneous semicolon.

2015-05-25  Dan Bernstein  <mitz@apple.com>

        ASSERT_MAIN_THREAD and DOM_ASSERT_MAIN_THREAD are unnecessary no-ops
        https://bugs.webkit.org/show_bug.cgi?id=145372

        Reviewed by Sam Weinig.

        * Configurations/Base.xcconfig: Removed DISABLE_THREAD_CHECK from DEBUG_DEFINES.

        * bindings/objc/DOMAbstractView.mm:
        (-[DOMAbstractView dealloc]): Removed use of DOM_ASSERT_MAIN_THREAD.
        (kit): Ditto.

        * bindings/objc/ExceptionHandlers.h: Removed definition of DOM_ASSERT_MAIN_THREAD.

        * bindings/scripts/CodeGeneratorObjC.pm:
        (GenerateImplementation): Don’t emit DOM_ASSERT_MAIN_THREAD.

        Updated expected bindings test results:
        * bindings/scripts/test/ObjC/DOMFloat64Array.mm:
        * bindings/scripts/test/ObjC/DOMTestActiveDOMObject.mm:
        * bindings/scripts/test/ObjC/DOMTestCallback.mm:
        * bindings/scripts/test/ObjC/DOMTestCustomNamedGetter.mm:
        * bindings/scripts/test/ObjC/DOMTestEventConstructor.mm:
        * bindings/scripts/test/ObjC/DOMTestEventTarget.mm:
        * bindings/scripts/test/ObjC/DOMTestException.mm:
        * bindings/scripts/test/ObjC/DOMTestGenerateIsReachable.mm:
        * bindings/scripts/test/ObjC/DOMTestInterface.mm:
        * bindings/scripts/test/ObjC/DOMTestMediaQueryListListener.mm:
        * bindings/scripts/test/ObjC/DOMTestNamedConstructor.mm:
        * bindings/scripts/test/ObjC/DOMTestNode.mm:
        * bindings/scripts/test/ObjC/DOMTestNondeterministic.mm:
        * bindings/scripts/test/ObjC/DOMTestObj.mm:
        * bindings/scripts/test/ObjC/DOMTestOverloadedConstructors.mm:
        * bindings/scripts/test/ObjC/DOMTestSerializedScriptValueInterface.mm:
        * bindings/scripts/test/ObjC/DOMTestTypedefs.mm:
        * bindings/scripts/test/ObjC/DOMattribute.mm:
        * bindings/scripts/test/ObjC/DOMreadonly.mm:

2015-05-25  Hunseop Jeong  <hs85.jeong@samsung.com>

        Replaced 0 with nullptr in WebCore/svg.
        https://bugs.webkit.org/show_bug.cgi?id=145367

        Reviewed by Gyuyoung Kim.

        No new tests, no behavior changes.

        * svg/PatternAttributes.h:
        (WebCore::PatternAttributes::PatternAttributes):
        * svg/SVGAnimatedType.h:
        * svg/SVGElement.cpp:
        (WebCore::SVGElement::cursorElementRemoved):
        (WebCore::SVGElement::cursorImageValueRemoved):
        (WebCore::SVGElement::getPresentationAttribute):
        * svg/SVGException.cpp:
        (WebCore::SVGException::initializeDescription):
        * svg/SVGFEImageElement.cpp:
        (WebCore::SVGFEImageElement::clearResourceReferences):
        * svg/SVGFontFaceElement.cpp:
        (WebCore::SVGFontFaceElement::SVGFontFaceElement):
        (WebCore::SVGFontFaceElement::removedFrom):
        * svg/SVGFontFaceUriElement.cpp:
        (WebCore::SVGFontFaceUriElement::loadFont):
        * svg/SVGLength.h:
        (WebCore::SVGLength::blend):
        * svg/SVGPathBlender.cpp:
        (WebCore::SVGPathBlender::SVGPathBlender):
        (WebCore::SVGPathBlender::cleanup):
        * svg/SVGPathBuilder.cpp:
        (WebCore::SVGPathBuilder::SVGPathBuilder):
        * svg/SVGPathBuilder.h:
        * svg/SVGPathByteStreamBuilder.cpp:
        (WebCore::SVGPathByteStreamBuilder::SVGPathByteStreamBuilder):
        * svg/SVGPathByteStreamBuilder.h:
        * svg/SVGPathElement.cpp:
        (WebCore::SVGPathElement::dPropertyInfo):
        * svg/SVGPathParser.cpp:
        (WebCore::SVGPathParser::SVGPathParser):
        (WebCore::SVGPathParser::cleanup):
        * svg/SVGPathSegListBuilder.cpp:
        (WebCore::SVGPathSegListBuilder::SVGPathSegListBuilder):
        * svg/SVGPathSegListBuilder.h:
        * svg/SVGPathTraversalStateBuilder.cpp:
        (WebCore::SVGPathTraversalStateBuilder::SVGPathTraversalStateBuilder):
        * svg/SVGPathUtilities.cpp:
        (WebCore::globalSVGPathBuilder):
        (WebCore::globalSVGPathSegListBuilder):
        (WebCore::globalSVGPathByteStreamBuilder):
        (WebCore::globalSVGPathStringBuilder):
        (WebCore::globalSVGPathTraversalStateBuilder):
        (WebCore::globalSVGPathParser):
        (WebCore::globalSVGPathBlender):
        * svg/SVGPolyElement.cpp:
        (WebCore::SVGPolyElement::pointsPropertyInfo):
        * svg/SVGTRefElement.cpp:
        (WebCore::SVGTRefTargetEventListener::cast):
        (WebCore::SVGTRefTargetEventListener::SVGTRefTargetEventListener):
        * svg/SVGTextContentElement.cpp:
        (WebCore::SVGTextContentElement::textLengthPropertyInfo):
        * svg/SVGURIReference.h:
        * svg/SVGViewSpec.cpp:
        (WebCore::SVGViewSpec::viewBoxPropertyInfo):
        (WebCore::SVGViewSpec::preserveAspectRatioPropertyInfo):
        (WebCore::SVGViewSpec::transformPropertyInfo):
        * svg/SVGViewSpec.h:
        (WebCore::SVGViewSpec::resetContextElement):
        * svg/animation/SMILTimeContainer.cpp:
        (WebCore::SMILTimeContainer::updateAnimations):
        * svg/animation/SVGSMILElement.cpp:
        (WebCore::ConditionEventListener::cast):
        (WebCore::ConditionEventListener::disconnectAnimation):
        (WebCore::SVGSMILElement::SVGSMILElement):
        (WebCore::SVGSMILElement::removedFrom):
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::drawForContainer):
        * svg/graphics/filters/SVGFEImage.cpp:
        (WebCore::FEImage::FEImage):
        * svg/graphics/filters/SVGFilterBuilder.cpp:
        (WebCore::SVGFilterBuilder::clearEffects):
        * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
        (WebCore::SVGAnimatedPathSegListPropertyTearOff::animationEnded):
        (WebCore::SVGAnimatedPathSegListPropertyTearOff::SVGAnimatedPathSegListPropertyTearOff):
        * svg/properties/SVGAnimatedPropertyDescription.h:
        (WebCore::SVGAnimatedPropertyDescription::SVGAnimatedPropertyDescription):
        * svg/properties/SVGAnimatedPropertyTearOff.h:
        (WebCore::SVGAnimatedPropertyTearOff::~SVGAnimatedPropertyTearOff):
        * svg/properties/SVGAnimatedStaticPropertyTearOff.h:
        (WebCore::SVGAnimatedStaticPropertyTearOff::animationEnded):
        (WebCore::SVGAnimatedStaticPropertyTearOff::SVGAnimatedStaticPropertyTearOff):
        * svg/properties/SVGPropertyTearOff.h:
        (WebCore::SVGPropertyTearOff::SVGPropertyTearOff):

2015-05-24  Sam Weinig  <sam@webkit.org>

        Crash when using a removed ScriptMessageHandler
        <rdar://problem/20888499>
        https://bugs.webkit.org/show_bug.cgi?id=145359

        Reviewed by Dan Bernstein.

        Added tests:
            WKUserContentController.ScriptMessageHandlerBasicRemove
            WKUserContentController.ScriptMessageHandlerCallRemovedHandler

        * page/UserMessageHandler.cpp:
        (WebCore::UserMessageHandler::~UserMessageHandler):
        (WebCore::UserMessageHandler::postMessage):
        (WebCore::UserMessageHandler::name):
        * page/UserMessageHandler.h:
        (WebCore::UserMessageHandler::create):
        * page/UserMessageHandler.idl:
        * page/UserMessageHandlerDescriptor.cpp:
        (WebCore::UserMessageHandlerDescriptor::UserMessageHandlerDescriptor):
        * page/UserMessageHandlerDescriptor.h:
        (WebCore::UserMessageHandlerDescriptor::client):
        (WebCore::UserMessageHandlerDescriptor::invalidateClient):
        Add support for invalidating the descriptor and throw an exception if someone tries
        to post a message using an invalidated descriptor.

        * page/UserMessageHandlersNamespace.cpp:
        (WebCore::UserMessageHandlersNamespace::handler):
        Add logic to remove message handlers if their descriptor has been invalidated.

2015-05-23  Dan Bernstein  <mitz@apple.com>

        Remove unused definitions of WEBKIT_VERSION_MIN_REQUIRED
        https://bugs.webkit.org/show_bug.cgi?id=145345

        Reviewed by Sam Weinig.

        * Configurations/WebCore.xcconfig: Also changed to use $(inherited).

2015-05-24  Hunseop Jeong  <hs85.jeong@samsung.com>

        Use modern for-loops in WebCore/svg.
        https://bugs.webkit.org/show_bug.cgi?id=145209

        Reviewed by Darin Adler.

        No new tests, no behavior changes.

        * svg/SVGAnimateElementBase.cpp:
        (WebCore::propertyTypesAreConsistent):
        * svg/SVGAnimatedPath.cpp:
        (WebCore::SVGAnimatedPathAnimator::startAnimValAnimation):
        * svg/SVGAnimatedTypeAnimator.h:
        (WebCore::SVGAnimatedTypeAnimator::executeAction):
        * svg/SVGAnimationElement.cpp:
        (WebCore::SVGAnimationElement::parseAttribute):
        * svg/SVGCursorElement.cpp:
        (WebCore::SVGCursorElement::~SVGCursorElement):
        * svg/SVGDocumentExtensions.cpp:
        (WebCore::SVGDocumentExtensions::pauseAnimations):
        (WebCore::SVGDocumentExtensions::unpauseAnimations):
        (WebCore::SVGDocumentExtensions::dispatchSVGLoadEventToOutermostSVGElements):
        (WebCore::SVGDocumentExtensions::isElementWithPendingResources):
        (WebCore::SVGDocumentExtensions::removeElementFromPendingResources):
        (WebCore::SVGDocumentExtensions::removeAllTargetReferencesForElement):
        * svg/SVGElement.cpp:
        (WebCore::populateAttributeNameToCSSPropertyIDMap):
        (WebCore::populateAttributeNameToAnimatedPropertyTypeMap):
        (WebCore::populateCSSPropertyWithSVGDOMNameToAnimatedPropertyTypeMap):
        (WebCore::hasLoadListener):
        * svg/SVGFontData.cpp:
        (WebCore::SVGFontData::applySVGGlyphSelection):
        * svg/SVGFontElement.cpp:
        (WebCore::SVGFontElement::registerLigaturesInGlyphCache):
        (WebCore::SVGKerningMap::insert):
        (WebCore::stringMatchesUnicodeRange):
        * svg/SVGPathByteStream.h:
        (WebCore::SVGPathByteStream::append):
        * svg/animation/SMILTimeContainer.cpp:
        (WebCore::SMILTimeContainer::setElapsed):
        (WebCore::SMILTimeContainer::updateAnimations):
        * svg/animation/SVGSMILElement.cpp:
        (WebCore::SVGSMILElement::parseBeginOrEnd):
        (WebCore::SVGSMILElement::connectConditions):
        (WebCore::SVGSMILElement::disconnectConditions):
        (WebCore::SVGSMILElement::notifyDependentsIntervalChanged):
        (WebCore::SVGSMILElement::createInstanceTimesFromSyncbase):
        * svg/graphics/filters/SVGFilterBuilder.cpp:
        (WebCore::SVGFilterBuilder::clearResultsRecursive):
        * svg/graphics/filters/SVGFilterBuilder.h:
        (WebCore::SVGFilterBuilder::addBuiltinEffects):
        * svg/properties/SVGAnimatedProperty.cpp:
        (WebCore::SVGAnimatedProperty::~SVGAnimatedProperty):
        * svg/properties/SVGListProperty.h:
        (WebCore::SVGListProperty::detachListWrappersAndResize):
        * svg/properties/SVGPathSegListPropertyTearOff.cpp:
        (WebCore::SVGPathSegListPropertyTearOff::clearContextAndRoles):

2015-05-24  Jeremy Jones  <jeremyj@apple.com>

        Register media MIME types as supported by HTML view in WebKit1.
        https://bugs.webkit.org/show_bug.cgi?id=145356

        Reviewed by Eric Carlson.

        getSupportedMediaMIMETypes is now used in WebKit1.

        * platform/MIMETypeRegistry.h: Export getSupportedMediaMIMETypes.

2015-05-23  Antti Koivisto  <antti@apple.com>

        Permanent redirects should have long implicit cache lifetime
        https://bugs.webkit.org/show_bug.cgi?id=145348
        rdar://problem/20680519

        Reviewed by Sam Weinig.

        301 Moved Permanently response that doesn't specify explicit lifetime should have long implicit lifetime.
        This matches other browsers.

        * platform/network/CacheValidation.cpp:
        (WebCore::computeFreshnessLifetimeForHTTPFamily):

            Give 301 Moved Permanently (and similarly semantically permanent 410 Gone) long implicit lifetime.

        (WebCore::updateRedirectChainStatus):

2015-05-23  Myles C. Maxfield  <mmaxfield@apple.com>

        Cleanup after r184796
        https://bugs.webkit.org/show_bug.cgi?id=145333

        Reviewed by Alexey Proskuryakov.

        No new tests because there is no behavior change.

        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::RenderingStyleSaver::RenderingStyleSaver): Deleted.
        (WebCore::RenderingStyleSaver::~RenderingStyleSaver): Deleted.

2015-05-23  Yusuke Suzuki  <utatane.tea@gmail.com>

        Introduce UniquedStringImpl and SymbolImpl to separate symbolic strings from AtomicStringImpl
        https://bugs.webkit.org/show_bug.cgi?id=144848

        Reviewed by Darin Adler.

        Use UniquedStringImpl, SymbolImpl and AtomicStringImpl.

        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::write):

2015-05-23  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Ignore -webkit-flow-*content while collecting text content for innerText.
        https://bugs.webkit.org/show_bug.cgi?id=145344
        rdar://problem/20959522

        Reviewed by Antti Koivisto.

        This patch ensures that when a -webkit-flow-into content is present in a simple line layout container,
        we skip it while collecting the text content for innerText.
        It's not always guaranteed that a simple line layout container only contains simple text nodes. In such cases,
        we need to ensure that text offset computing only takes the simple text nodes into account.

        Test: fast/text/simple-line-layout-inner-text-with-flow-content.html

        * editing/TextIterator.cpp:
        (WebCore::TextIterator::handleTextNode):
        * editing/TextIterator.h:

2015-05-22  Mark Lam  <mark.lam@apple.com>

        Document::ensurePlugInsInjectedScript() should evaluate the injected script on its own frame.
        https://bugs.webkit.org/show_bug.cgi?id=145328

        Reviewed by Jon Lee.

        trac.webkit.org/r184329 fixed HTMLPlugInImageElement::didAddUserAgentShadowRoot()
        to use the document's frame instead of the page's main frame.  However,
        Document::ensurePlugInsInjectedScript() is still evaluating the injected script on
        the main frame.

        As a result, HTMLPlugInImageElement::didAddUserAgentShadowRoot()'s attempt to get
        the injected createOverlay function from the document frame's global object will
        fail.  Fixing Document::ensurePlugInsInjectedScript() to evaluating the injected
        script on the document's frame fixes the issue.

        No new tests.

        * dom/Document.cpp:
        (WebCore::Document::ensurePlugInsInjectedScript):

2015-05-22  Eric Carlson  <eric.carlson@apple.com>

        MediaPlayer doesn't need isPlayingToWirelessPlaybackTarget and isCurrentPlaybackTargetWireless
        https://bugs.webkit.org/show_bug.cgi?id=145325

        Reviewed by Brent Fulgham.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::webkitCurrentPlaybackTargetIsWireless): Call isCurrentPlaybackTargetWireless
        directly.
        (WebCore::HTMLMediaElement::wirelessRoutesAvailableDidChange): Ditto.
        (WebCore::HTMLMediaElement::isPlayingToWirelessPlaybackTarget): Ditto.
        (WebCore::HTMLMediaElement::mediaState): Ditto.

        * html/HTMLMediaSession.cpp:
        (WebCore::HTMLMediaSession::currentPlaybackTargetIsWireless): Deleted.
        * html/HTMLMediaSession.h:

        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::isPlayingToWirelessPlaybackTarget): Deleted.
        * platform/graphics/MediaPlayer.h:

        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::isPlayingToWirelessPlaybackTarget): Deleted.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::isPlayingToWirelessPlaybackTarget): Deleted.

        * platform/ios/WebVideoFullscreenModelVideoElement.mm:
        (WebVideoFullscreenModelVideoElement::updateForEventName): Call webkitCurrentPlaybackTargetIsWireless.

2015-05-22  Jon Lee  <jonlee@apple.com>

        Rename MediaPlaybackAllowsInline
        https://bugs.webkit.org/show_bug.cgi?id=145315

        Reviewed by Eric Carlson.

        Our API uses allowsInlineMediaPlayback. Our symbols should reflect the same.

        * page/Settings.cpp: Update the static variable name as well as the setting.
        * page/Settings.in: Ditto.

        * Modules/mediacontrols/MediaControlsHost.idl: Rename to allowsInlineMediaPlayback.
        Affects the media controls code.
        * Modules/mediacontrols/MediaControlsHost.h:
        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::allowsInlineMediaPlayback):
        (WebCore::MediaControlsHost::mediaPlaybackAllowsInline): Deleted.

        Update to use the new name in the media controls.
        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.shouldHaveControls):
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.shouldHaveStartPlaybackButton):

        * css/MediaQueryEvaluator.cpp:
        (WebCore::video_playable_inlineMediaFeatureEval):
        * html/HTMLMediaSession.cpp:
        (WebCore::HTMLMediaSession::requiresFullscreenForVideoPlayback):

2015-05-22  Jon Lee  <jonlee@apple.com>

        Rename MediaPlaybackAllowsAirPlay
        https://bugs.webkit.org/show_bug.cgi?id=145316

        Reviewed by Eric Carlson.

        In preparation for an API rename, update internal symbols from mediaPlaybackAllowsAirPlay
        to allowsAirPlayForMediaPlayback.

        * page/Settings.in: Update the setting name.

        * html/HTMLMediaSession.cpp:
        (WebCore::HTMLMediaSession::wirelessVideoPlaybackDisabled): Update the call to settings.
        * testing/InternalSettings.h: Update the name of the member variable.
        * testing/InternalSettings.cpp: Update the names and calls to settings.
        (WebCore::InternalSettings::Backup::Backup):
        (WebCore::InternalSettings::InternalSettings):
        (WebCore::InternalSettings::resetToConsistentState):
        (WebCore::InternalSettings::setWirelessPlaybackDisabled):

2015-05-22  Jon Lee  <jonlee@apple.com>

        Rename MediaPlaybackRequiresUserGesture
        https://bugs.webkit.org/show_bug.cgi?id=145314

        Reviewed by Anders Carlsson.

        In preparation for an API rename, update internal symbols from mediaPlaybackRequiresUserGesture
        to requiresUserGestureForMediaPlayback.

        * page/Settings.cpp: update static const default variable name.
        * page/Settings.in: update the setting name and static const default variable name.

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::constructCommon): Update settings call.
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement): Ditto.

2015-05-22  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: Figure out why list-detection2.html test fails on GTK
        https://bugs.webkit.org/show_bug.cgi?id=145273

        Reviewed by Chris Fleizach.

        Only consider the text under the pseudo element for GTK and EFL.
        The other platforms expose rendered text content through their
        own accessible objects. This will fix the crash on Windows until
        it can be looked into properly.

        No new tests. This should stop list-detection2.html to stop crashing on Windows.

        * accessibility/AccessibilityList.cpp:
        (WebCore::AccessibilityList::childHasPseudoVisibleListItemMarkers):

2015-05-22  Jer Noble  <jer.noble@apple.com>

        [Mac] Audio tracks tagged as 'describes-video' are not automatically selected when that system accessibility option is set.
        https://bugs.webkit.org/show_bug.cgi?id=145228

        Reviewed by Eric Carlson.

        Tests: http/tests/media/hls/hls-accessiblity-describes-video.html
               media/accessiblity-describes-video.html

        Add support to CaptionUserPreferences to return the user's preferred audio characteristics,
        including "public.accessibility.describes-video". When the media accessibility options change,
        trigger the HTMLMediaElement to update the list of tracks, and chose a new audio track if
        appropriate. Manually filter those tracks matching the requested characteristics in
        MediaSelectionGroupAVFObjC.  Allow these characteristics to be overrided by Internals for
        testing purposes.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::captionPreferencesChanged): Call tracksChanged().
        (WebCore::HTMLMediaElement::mediaPlayerPreferredAudioCharacteristics): Pass through to the page's caption preferences.
        * html/HTMLMediaElement.h:
        * page/CaptionUserPreferences.cpp:
        (WebCore::CaptionUserPreferences::setPreferredAudioCharacteristic): Simple setter.
        (WebCore::CaptionUserPreferences::preferredAudioCharacteristics): Simple getter.
        * page/CaptionUserPreferences.h:
        * page/CaptionUserPreferencesMediaAF.cpp:
        (WebCore::CaptionUserPreferencesMediaAF::~CaptionUserPreferencesMediaAF): Unregister for audio characteristics change notifications.
        (WebCore::CaptionUserPreferencesMediaAF::setInterestedInCaptionPreferenceChanges): Register for same.
        (WebCore::CaptionUserPreferencesMediaAF::setPreferredAudioCharacteristic): If in testing mode, pass to superclass; otherwise no-op.
        (WebCore::CaptionUserPreferencesMediaAF::preferredAudioCharacteristics): If in testing mode, pass to superclass;
            otherwise, ask the media accessibility framework.
        * page/CaptionUserPreferencesMediaAF.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::tracksChanged): Pass through to m_private.
        (WebCore::MediaPlayer::preferredAudioCharacteristics): Pass through to HTMLMediaElement.
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerClient::mediaPlayerPreferredAudioCharacteristics): Added; return empty vector by default.
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::tracksChanged): Added; no-op by default.
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
        * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.h:
        * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.mm:
        (WebCore::MediaSelectionGroupAVFObjC::create): Added characteristics parameter.
        (WebCore::MediaSelectionGroupAVFObjC::MediaSelectionGroupAVFObjC): Ditto.
        (WebCore::MediaSelectionGroupAVFObjC::updateOptions): Add an additional filter against the
            passed-in characteristics.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::determineChangedTracksFromNewTracksAndOldItems): Pass the characteristics to the media selection group.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::updateAudioTracks): Pass in the user's preferred characteristics.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::updateVideoTracks): Pass in an empty vector.
        * testing/Internals.cpp:
        (WebCore::Internals::userPreferredAudioCharacteristics): Added; return the current setting.
        (WebCore::Internals::setUserPreferredAudioCharacteristic): Added; pass through to CaptionUserPreferences.
        * testing/Internals.h:
        * testing/Internals.idl:

        Add soft link macros which account for a possible failure to look up constants.

        * platform/cf/MediaAccessibilitySoftLink.cpp:
        * platform/cf/MediaAccessibilitySoftLink.h:
        * platform/mac/SoftLinking.h:
        * platform/win/SoftLinking.h:

2015-05-22  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Use CTFontDrawGlyphs() instead of CGContextShowGlyphsWithAdvances()/CGContextShowGlyphsAtPositions()
        https://bugs.webkit.org/show_bug.cgi?id=145234

        Reviewed by Enrica Casucci.

        Eventually, we want to migrate entirely off of text-related CoreGraphics calls
        and onto CoreText calls (in order to reduce complexity as well as eventually
        removing the need for FontPlatformData to hold a CGFontRef). There is an
        equivalent call to CGContextShowGlyphsWithAdvances() and
        CGContextShowGlyphsAtPositions(), namely, CTFontDrawGlyphs(), which we have
        found is as performant as its CoreGraphics counterparts. This patch simply
        migrates these two CG calls to its CT counterpart.

        Performance was measured on a iPhone 4s as well as a Mid 2010 Mac Pro.

        No new tests because there is no behavior change.

        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::showGlyphsWithAdvances):
        (WebCore::FontCascade::drawGlyphs):

2015-05-22  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Don't show default controls after playing to wireless target
        https://bugs.webkit.org/show_bug.cgi?id=145317

        Reviewed by Dean Jackson.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.handlePanelTransitionEnd): Don't show controls unless the video
        element has the 'controls' attribute.
        (Controller.prototype.setPlaying): Check this.video.controls directly because we never want
        to show controls unless the attribute is present.
        (Controller.prototype.showControls): Ditto.
        (Controller.prototype.updateWirelessPlaybackStatus): Call reconnectControls.
        (Controller.prototype.handleWirelessPlaybackChange): Don't call reconnectControls, it will
        happen in updateWirelessPlaybackStatus.
        (Controller.prototype.showInlinePlaybackPlaceholderOnly): Deleted.

2015-05-22  Chris Dumez  <cdumez@apple.com>

        [CG] Regression(r78652): Partially decoded images are not properly removed from MemoryCache when pruning
        https://bugs.webkit.org/show_bug.cgi?id=145310

        Reviewed by Antti Koivisto.

        r78652 added partially decoded images to the MemoryCache's list of live
        decoded resources so that they can be pruned on memory pressure. This
        was needed because CG decodes part of the image to determine its
        properties (e.g. its size). On memory pressure, we call
        BitmapImage::destroyDecodedData() which clears the ImageSource and
        frees up this extra decoded data.

        However, we would fail to remove such partially decoded images from the
        MemoryCache's list of live resources when pruning. This is because
        BitmapImage::destroyMetadataAndNotify() fails to take into account the
        decoded properties size when no frame has been cleared. We would thus
        fail to detect a decoded size change and not call
        CachedImage::decodedSizeChanged(). As a result, the CachedImage's
        decoded size is not reset to 0 and we don't remove it from live decoded
        resources.

        This patch updates BitmapImage::destroyMetadataAndNotify() to account
        for m_decodedPropertiesSize even if frameBytesCleared is 0. This way,
        images for which we have't decoded any frames yet will correctly report
        that we cleared the decoded data used to determine the image properties
        and their decoded size will be properly reset to 0. As a result, these
        will be removed from the MemoryCache's list of live decoded resources.

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::destroyDecodedData):
        (WebCore::BitmapImage::destroyMetadataAndNotify):
        (WebCore::BitmapImage::dataChanged):
        * platform/graphics/BitmapImage.h:

2015-05-22  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Unable to get cursor in new Rule section after creating multiple New Rules
        https://bugs.webkit.org/show_bug.cgi?id=145294

        Reviewed by Timothy Hatcher.

        * inspector/InspectorStyleSheet.cpp:
        (WebCore::InspectorStyleSheet::ensureParsedDataReady):
        Allow stylesheets with mutations for the inspector stylesheet
        which we control mutations of.

2015-05-22  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Device picker menu should be persistent
        https://bugs.webkit.org/show_bug.cgi?id=145311

        Reviewed by Brent Fulgham.

        * Modules/mediasession/WebMediaSessionManager.cpp:
        (WebCore::WebMediaSessionManager::addPlaybackTargetPickerClient): Add logging.
        (WebCore::WebMediaSessionManager::removePlaybackTargetPickerClient): Ditto.
        (WebCore::WebMediaSessionManager::removeAllPlaybackTargetPickerClients): Ditto.
        (WebCore::WebMediaSessionManager::showPlaybackTargetPicker): Ditto.
        (WebCore::WebMediaSessionManager::clientStateDidChange): Ditto.
        (WebCore::WebMediaSessionManager::externalOutputDeviceAvailableDidChange): Ditto.
        (WebCore::WebMediaSessionManager::configurePlaybackTargetMonitoring): Ditto.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaState): Don't set ExternalDeviceAutoPlayCandidate unless
        there is an event listener.

        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
        (WebCore::MediaPlaybackTargetPickerMac::~MediaPlaybackTargetPickerMac): Release the menu
        controller and remove observers.
        (WebCore::MediaPlaybackTargetPickerMac::create): Add logging.
        (WebCore::MediaPlaybackTargetPickerMac::pendingActionTimerFired): Ditto.
        (WebCore::MediaPlaybackTargetPickerMac::availableDevicesDidChange): Ditto.
        (WebCore::MediaPlaybackTargetPickerMac::devicePicker): Ditto.
        (WebCore::MediaPlaybackTargetPickerMac::showPlaybackTargetPicker): Ditto.
        (WebCore::MediaPlaybackTargetPickerMac::addPendingAction): Start the timer after
        a brief pause to debounce multiple identical notifications. 
        (WebCore::MediaPlaybackTargetPickerMac::currentDeviceDidChange): Add logging.
        (WebCore::MediaPlaybackTargetPickerMac::startingMonitoringPlaybackTargets): Add logging.
        (WebCore::MediaPlaybackTargetPickerMac::stopMonitoringPlaybackTargets): Don't release
        the menu controller delegate.
        (-[WebAVOutputDeviceMenuControllerHelper observeValueForKeyPath:ofObject:change:context:]): Add logging.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setWirelessPlaybackTarget): Update logging.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldPlayToPlaybackTarget): Ditto.

2015-05-22  Alexey Proskuryakov  <ap@apple.com>

        Build fix. Added a platform ifdef.

        * platform/network/cf/ResourceRequestCFNet.cpp:
        (WebCore::ResourceRequest::isUserInitiatedKey):

2015-05-22  Tim Horton  <timothy_horton@apple.com>

        Remove action menu support
        https://bugs.webkit.org/show_bug.cgi?id=145305
        <rdar://problem/21070771>

        Reviewed by Anders Carlsson.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/spi/mac/NSMenuSPI.h:
        * platform/spi/mac/NSViewSPI.h: Removed.
        Remove some SPI.

2015-05-22  Antti Koivisto  <antti@apple.com>

        MaskImageOperation code does not manage CachedImageClients correctly
        https://bugs.webkit.org/show_bug.cgi?id=145276
        rdar://problem/20959822

        * rendering/RenderLayerMaskImageInfo.cpp:
        (WebCore::RenderLayer::MaskImageInfo::removeMaskImageClients):

            Followup fix: clear m_maskImageOperations vector.

2015-05-22  Brady Eidson  <beidson@apple.com>

        Rework how the ResourceRequest user initiated property key is used.
        Followup to https://bugs.webkit.org/show_bug.cgi?id=145281

        Reviewed by Dan Bernstein.

        * platform/mac/WebCoreSystemInterface.h:

        * platform/network/cf/ResourceRequest.h:
        * platform/network/cf/ResourceRequestCFNet.cpp:
        (WebCore::ResourceRequest::doUpdatePlatformRequest):
        (WebCore::ResourceRequest::doUpdateResourceRequest):
        (WebCore::ResourceRequest::isUserInitiatedKey):

        * platform/network/cocoa/ResourceRequestCocoa.mm:
        (WebCore::ResourceRequest::doUpdateResourceRequest):
        (WebCore::ResourceRequest::doUpdatePlatformRequest):

2015-05-22  Zalan Bujtas  <zalan@apple.com>

        Unreviewed build fix for ENABLE(TREE_DEBUGGING)

        * editing/VisibleSelection.h:
        * html/parser/HTMLElementStack.h:
        * html/parser/HTMLFormattingElementList.h:

2015-05-22  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: Figure out why list-detection2.html test fails on GTK
        https://bugs.webkit.org/show_bug.cgi?id=145273

        Reviewed by Chris Fleizach.

        Platforms which expose rendered text content through the parent element "ignore" the
        child renderers. This was causing AccessibilityList::childHasPseudoVisibleListItemMarker
        to fail, which in turn caused the list detection heuristic to fail. Therefore add one
        final check to this method to look for non-empty, non-whitespace text under the ::before
        pseudo element.

        No new tests; list-detection2.html now passes on GTK.

        * accessibility/AccessibilityList.cpp:
        (WebCore::AccessibilityList::childHasPseudoVisibleListItemMarkers):

2015-05-21  Jer Noble  <jer.noble@apple.com>

        [iOS] Tell AVPlayerLayer when we enter optimized fullscreen mode.
        https://bugs.webkit.org/show_bug.cgi?id=145289

        Reviewed by Eric Carlson.

        AVFoundation would normally already know that its AVPlayerLayer is in optimized
        fullscreen mode, but because of the WebProcess/UIProcess split, they need to be
        told explicitly in the WebProcess when the UIProcess enters optimized fullscreen
        mode.

        * html/HTMLMediaElement.h:
        * html/HTMLVideoElement.cpp:
        (WebCore::HTMLVideoElement::fullscreenModeChanged): Pass to private().
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::setVideoFullscreenMode): Pass to m_private.
        (WebCore::MediaPlayer::fullscreenMode): Pass to m_client.
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerClient::mediaPlayerFullscreenMode): Default implementation returns None.
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::setVideoFullscreenMode): Default implementation is a no-op.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer): Get the fullscreen
            mode from MediaPlayer and tell the AVPlayerLayer if the mode is optimized.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenMode):
            Ditto.
        * platform/spi/mac/AVFoundationSPI.h:

2015-05-21  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [GTK] Implement computedRoleString in AccessibilityUIElement
        https://bugs.webkit.org/show_bug.cgi?id=128420

        Reviewed by Chris Fleizach.

        Expose all ARIA roles (not just landmark-related roles) via an "xml-roles" AtkObject
        attribute as per http://www.w3.org/TR/core-aam-1.1/#roleMappingGeneralRules

        Expose non-empty computed role strings via AtkObject attribute named "computed-role".
        Currently the computed role and the ARIA role value happen to be the same string, but
        that might not always be the case. And AtkObject attributes are cheap.

        Test: platform/gtk/accessibility/xml-roles-exposed.html.

        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (webkitAccessibleGetAttributes):

2015-05-21  Antti Koivisto  <antti@apple.com>

        MaskImageOperation code does not manage CachedImageClients correctly
        https://bugs.webkit.org/show_bug.cgi?id=145276
        rdar://problem/20959822

        Reviewed by Andreas Kling.

        Test: css3/masking/mask-image-client-crash.html

        * platform/graphics/MaskImageOperation.cpp:
        (WebCore::MaskImageOperation::isMaskLoaded):
        (WebCore::MaskImageOperation::setImage):

            If image changes transfer the clients to the new image.

        (WebCore::MaskImageOperation::setRenderLayerImageClient):

            Always use setImage.

        (WebCore::MaskImageOperation::notifyFinished):
        * platform/graphics/MaskImageOperation.h:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLayer.h:
        * rendering/RenderLayerMaskImageInfo.cpp:
        (WebCore::RenderLayer::MaskImageInfo::~MaskImageInfo):
        (WebCore::RenderLayer::MaskImageInfo::updateMaskImageClients):

            Store the MaskImageOperations where we added clients.

        (WebCore::RenderLayer::MaskImageInfo::removeMaskImageClients):

            Make sure we remove the clients from the same MaskImageOperations we added them to.

        * rendering/RenderLayerMaskImageInfo.h:

2015-05-21  Daniel Bates  <dabates@apple.com>

        Update Autofill button icon
        https://bugs.webkit.org/show_bug.cgi?id=145191
        <rdar://problem/20178942>

        Reviewed by Jessie Berlin.

        * css/html.css:
        (input::-webkit-auto-fill-button):
        (input::-webkit-auto-fill-button:active):
        (input::-webkit-auto-fill-button:hover):

2015-05-21  Brady Eidson  <beidson@apple.com>

        Add an "initiated by user gesture" flag to ResourceRequest.
        https://bugs.webkit.org/show_bug.cgi?id=145281

        Reviewed by Alex Christensen.

        Allow WebKit to tell WebCore what the new property key is:
        * platform/ios/WebCoreSystemInterfaceIOS.mm:
        * platform/mac/WebCoreSystemInterface.h:
        * platform/mac/WebCoreSystemInterface.mm:

        Add the flag to ResourceRequest, and make sure it encodes/decodes:
        * platform/network/ResourceRequestBase.h:
        (WebCore::ResourceRequestBase::initiatedByUserGesture):
        (WebCore::ResourceRequestBase::setInitiatedByUserGesture):
        (WebCore::ResourceRequestBase::encodeWithoutPlatformData):
        (WebCore::ResourceRequestBase::decodeWithoutPlatformData):

        Set/get the property on native CFURLRequestRefs:
        * platform/network/cf/ResourceRequestCFNet.cpp:
        (WebCore::ResourceRequest::doUpdatePlatformRequest):
        (WebCore::ResourceRequest::doUpdateResourceRequest):

        Set/get the property on native NSURLRequests:
        * platform/network/cocoa/ResourceRequestCocoa.mm:
        (WebCore::ResourceRequest::doUpdateResourceRequest):
        (WebCore::ResourceRequest::doUpdatePlatformRequest):

2015-05-21  Daniel Bates  <dabates@apple.com>

        Rollout <http://trac.webkit.org/changeset/183909>
        (https://bugs.webkit.org/show_bug.cgi?id=144657)

        Revert <http://trac.webkit.org/changeset/183909> since pausing the database
        thread prevents in-progress transactions from completing. We need to think
        about this change some more.

        * Modules/webdatabase/AbstractDatabaseServer.h:
        * Modules/webdatabase/DatabaseManager.cpp:
        (WebCore::DatabaseManager::setPauseAllDatabases): Deleted.
        * Modules/webdatabase/DatabaseManager.h:
        * Modules/webdatabase/DatabaseServer.cpp:
        (WebCore::DatabaseServer::setPauseAllDatabases): Deleted.
        * Modules/webdatabase/DatabaseServer.h:

2015-05-21  Jake Nielsen  <jacob_nielsen@apple.com>

        r184718 and r184725 caused four tests to begin crashing

        Unreviewed rollback.

        Tests that started crashing:

        svg/carto.net/textbox.svg svg/custom/tref-clone-crash.html svg/custom/use-animation-in-fill.html svg/custom/use-multiple-on-nested-disallowed-font.html

        * svg/SVGAnimateElementBase.cpp:
        (WebCore::propertyTypesAreConsistent):
        * svg/SVGAnimatedPath.cpp:
        (WebCore::SVGAnimatedPathAnimator::startAnimValAnimation):
        * svg/SVGAnimatedTypeAnimator.h:
        (WebCore::SVGAnimatedTypeAnimator::executeAction):
        * svg/SVGAnimationElement.cpp:
        (WebCore::SVGAnimationElement::parseAttribute):
        * svg/SVGCursorElement.cpp:
        (WebCore::SVGCursorElement::~SVGCursorElement):
        (WebCore::SVGCursorElement::isSupportedAttribute):
        * svg/SVGDocumentExtensions.cpp:
        (WebCore::SVGDocumentExtensions::pauseAnimations):
        (WebCore::SVGDocumentExtensions::unpauseAnimations):
        (WebCore::SVGDocumentExtensions::dispatchSVGLoadEventToOutermostSVGElements):
        (WebCore::SVGDocumentExtensions::isElementWithPendingResources):
        (WebCore::SVGDocumentExtensions::removeElementFromPendingResources):
        (WebCore::SVGDocumentExtensions::removeAllTargetReferencesForElement):
        (WebCore::SVGDocumentExtensions::rebuildElements):
        * svg/SVGElement.cpp:
        (WebCore::populateAttributeNameToCSSPropertyIDMap):
        (WebCore::populateAttributeNameToAnimatedPropertyTypeMap):
        (WebCore::attributeNameToAnimatedPropertyTypeMap):
        (WebCore::populateCSSPropertyWithSVGDOMNameToAnimatedPropertyTypeMap):
        (WebCore::cssPropertyWithSVGDOMNameToAnimatedPropertyTypeMap):
        (WebCore::hasLoadListener):
        * svg/SVGFontData.cpp:
        (WebCore::SVGFontData::applySVGGlyphSelection):
        * svg/SVGFontElement.cpp:
        (WebCore::SVGFontElement::registerLigaturesInGlyphCache):
        (WebCore::SVGKerningMap::insert):
        (WebCore::stringMatchesUnicodeRange):
        * svg/SVGPathByteStream.h:
        (WebCore::SVGPathByteStream::begin):
        (WebCore::SVGPathByteStream::end):
        (WebCore::SVGPathByteStream::append):
        (WebCore::SVGPathByteStream::clear):
        (WebCore::SVGPathByteStream::isEmpty):
        * svg/SVGPathUtilities.cpp:
        (WebCore::appendSVGPathByteStreamFromSVGPathSeg):
        * svg/animation/SMILTimeContainer.cpp:
        (WebCore::SMILTimeContainer::setElapsed):
        (WebCore::SMILTimeContainer::updateAnimations):
        * svg/animation/SVGSMILElement.cpp:
        (WebCore::SVGSMILElement::parseBeginOrEnd):
        (WebCore::SVGSMILElement::connectConditions):
        (WebCore::SVGSMILElement::disconnectConditions):
        (WebCore::SVGSMILElement::notifyDependentsIntervalChanged):
        (WebCore::SVGSMILElement::createInstanceTimesFromSyncbase):
        * svg/graphics/filters/SVGFilterBuilder.cpp:
        (WebCore::SVGFilterBuilder::clearResultsRecursive):
        * svg/graphics/filters/SVGFilterBuilder.h:
        (WebCore::SVGFilterBuilder::addBuiltinEffects):
        * svg/properties/SVGAnimatedProperty.cpp:
        (WebCore::SVGAnimatedProperty::~SVGAnimatedProperty):
        * svg/properties/SVGListProperty.h:
        (WebCore::SVGListProperty::detachListWrappersAndResize):
        * svg/properties/SVGPathSegListPropertyTearOff.cpp:
        (WebCore::SVGPathSegListPropertyTearOff::clearContextAndRoles):

2015-05-21  Brent Fulgham  <bfulgham@apple.com>

        Scroll-snap points needs to be updated during programmatic scrolls
        https://bugs.webkit.org/show_bug.cgi?id=145216
        <rdar://problem/21051039>

        Reviewed by Dean Jackson.

        Whenever we adjust the current scroll position, make sure we also update the current
        active scroll snap offset index (if applicable).

        * platform/ScrollAnimator.cpp:
        (WebCore::ScrollAnimator::scrollToOffsetWithoutAnimation): Call the new 'updateActiveScrollSnapIndexForOffset'
        method after moving to a new position.
        (WebCore::ScrollAnimator::setCurrentPosition): Ditto.
        (WebCore::ScrollAnimator::updateActiveScrollSnapIndexForOffset): New method. Asks the scroll controller to
        identify the closest scroll snap offset index. If it finds something relevant, update the ScrollableArea state
        to track these new values.
        * platform/ScrollAnimator.h:
        * platform/cocoa/ScrollController.h:
        (WebCore::ScrollController::activeScrollSnapIndexDidChange):
        (WebCore::ScrollController::setScrollSnapIndexDidChange):
        * platform/cocoa/ScrollController.mm:
        (WebCore::ScrollController::setNearestScrollSnapIndexForAxisAndOffset): Added. Find the closest relevant scroll snap offset
        index for the given scroll offset, and update the internal scroll snap state to reflect it.
        (WebCore::ScrollController::setActiveScrollSnapIndicesForOffset): Given the x and y offset for a scroll,
        set the relevant scroll snap offset indices.
        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::ScrollAnimatorMac::immediateScrollTo): Call the new 'updateActiveScrollSnapIndexForOffset' method
        after moving to a new position.
        (WebCore::ScrollAnimatorMac::immediateScrollBy): Ditto.

2015-05-21  Matt Baker  <mattbaker@apple.com>

        Unreviewed build fix.

        * svg/SVGAnimateElementBase.cpp:
        (WebCore::propertyTypesAreConsistent): should be type.properties, not type.properties().

2015-05-21  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] Remove ReadableStreamReader closed promise internal slot
        https://bugs.webkit.org/show_bug.cgi?id=145215

        Reviewed by Darin Adler.

        Using the new JSPromiseDeferred member generated by binding generator to handle closed promise attribute.
        Removed internal slots routines previously used to ensure persistency of the promise.

        Existing tests cover the changes.

        * bindings/js/JSReadableStreamReaderCustom.cpp:
        (WebCore::JSReadableStreamReader::closed):
        (WebCore::JSReadableStreamReader::cancel): Deleted.
        (WebCore::JSReadableStreamReader::releaseLock): Deleted.
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::getPropertyFromObject): Deleted.
        (WebCore::callFunction): Deleted.
        (WebCore::ReadableJSStream::Source::create): Deleted.
        (WebCore::ReadableJSStream::Source::Source): Deleted.
        * bindings/js/ReadableJSStream.h:

2015-05-21  Roger Fong  <roger_fong@apple.com>

        Media Controls stop updating after hovering for a few seconds.
        https://bugs.webkit.org/show_bug.cgi?id=144770.
        <rdar://problem/19823121>

        Reviewed by Jer Noble.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.createBase):
        We should never hide controls immediately as a result of mousing out of the controls.
        It should only happen when the mouse leaves the video entirely.
        (Controller.prototype.updateTimelineMetricsIfNeeded):
        Don’t update if controls are hidden, timeline dimensions will be 0.
        (Controller.prototype.handlePanelTransitionEnd): 
        Instead of adjusting visibility via adding and removing classes,
        remove controls entirely from the tree.
        (Controller.prototype.showControls):
        Add controls back into the tree when showing controls.
        (Controller.prototype.updateForShowingControls):
        Helper method for showControls.
        (Controller.prototype.controlsAreHidden):
        Controls also hidden if removed from tree.

        Remove forceUpdate logic, no longer necessary.
        (Controller.prototype.handleDurationChange): 
        (Controller.prototype.updateProgress):
        (Controller.prototype.updateTime):

        Override methods to use add and remove panelContainer for iOS.
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.handlePanelTransitionEnd):
        (ControllerIOS.prototype.showControls):
        (ControllerIOS.prototype.controlsAreHidden):

2015-05-21  Chris Dumez  <cdumez@apple.com>

        Regression(r179293): We no longer call destroyDecodedData() on CachedResources on memory pressure
        https://bugs.webkit.org/show_bug.cgi?id=145270
        <rdar://problem/20734901>

        Reviewed by Andreas Kling.

        We no longer call destroyDecodedData() on CachedResources on memory
        pressure after r179293. In r179293, we started calling
        MemoryCache::evictResources() on memory pressure instead of
        MemoryCache::pruneToPercentage(0). However, unlike
        MemoryCache::pruneToPercentage(), it appears
        MemoryCache::evictResources() removes the CachedResources from the
        memory cache without calling destroyDecodedData() on them.
        This caused a regression on Membuster.

        This patch now calls MemoryCache::pruneLiveResourcesToSize(0) on
        critical memory pressure, instead of evictResources(). We don't need to
        call pruneDeadResourcesToSize(0) here because the non-critical memory
        pressure handler already takes care of this.

        During local testing, this change seemed to decrease the overall memory
        usage of WebProcesses by ~10MB on Membuster (tested on Yosemite).

        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::releaseNoncriticalMemory):
        (WebCore::MemoryPressureHandler::releaseCriticalMemory):

2015-05-21  Said Abou-Hallawa  <sabouhallawa@apple.com>

        SVG as image uses very tiny default font-size
        https://bugs.webkit.org/show_bug.cgi?id=68090

        Reviewed by Darin Adler.

        When loading a document, WebKit creates a Page object and then changes its setting
        from the browser's preferences. This is true for interactive resources also, such as a
        stand-alone SVG or an SVG embedded in an <object> tag for example. For non-interactive
        resources, like an SVG embedded in an <img> tag for example, this function is called
        after loading the resource is finished. This function creates an artificial page and
        fabricates a scoped settings for it. This turns out to be problematic for cases like
        the default font size because its initial value is zero. We cannot go from WebCore to
        WebKit to ask for the global settings. But we can inherit the global settings from the
        the master page. This is not the best solution because of two reasons. (1) Once the
        resource is cached and the styles for the text elements are calculated, nothing can
        change the values of styles except removing the resource itself from the cache if the
        browser's preferences change. Also there is no mechanism to notify this artificial
        page if the browser's preferences change. (2) An image like a non-interactive SVG,
        should be displayed the same way regardless of the browser's preferences. A user may
        be able to change the default font size for other text. But this should not affect
        images even if they are vector images like SVG. An easy and more agreeable solution
        is to hard-code the default font size for this case and do not depend on the global
        settings at all.

        Test: svg/text/text-default-font-size.html

        * page/Settings.in: Set the initial value of the setting defaultFontSize to be 16.
        
2015-05-21  Hunseop Jeong  <hs85.jeong@samsung.com>

        Use modern for-loops in WebCore/svg.
        https://bugs.webkit.org/show_bug.cgi?id=145209

        Reviewed by Darin Adler.

        No new tests, no new tests.

        * svg/SVGAnimateElementBase.cpp:
        (WebCore::propertyTypesAreConsistent):
        * svg/SVGAnimatedPath.cpp:
        (WebCore::SVGAnimatedPathAnimator::startAnimValAnimation):
        * svg/SVGAnimatedTypeAnimator.h:
        (WebCore::SVGAnimatedTypeAnimator::executeAction):
        * svg/SVGAnimationElement.cpp:
        (WebCore::SVGAnimationElement::parseAttribute):
        * svg/SVGCursorElement.cpp:
        (WebCore::SVGCursorElement::~SVGCursorElement):
        * svg/SVGDocumentExtensions.cpp:
        (WebCore::SVGDocumentExtensions::pauseAnimations):
        (WebCore::SVGDocumentExtensions::unpauseAnimations):
        (WebCore::SVGDocumentExtensions::dispatchSVGLoadEventToOutermostSVGElements):
        (WebCore::SVGDocumentExtensions::isElementWithPendingResources):
        (WebCore::SVGDocumentExtensions::removeElementFromPendingResources):
        (WebCore::SVGDocumentExtensions::removeAllTargetReferencesForElement):
        * svg/SVGElement.cpp:
        (WebCore::populateAttributeNameToCSSPropertyIDMap):
        (WebCore::populateAttributeNameToAnimatedPropertyTypeMap):
        (WebCore::populateCSSPropertyWithSVGDOMNameToAnimatedPropertyTypeMap):
        (WebCore::hasLoadListener):
        * svg/SVGFontData.cpp:
        (WebCore::SVGFontData::applySVGGlyphSelection):
        * svg/SVGFontElement.cpp:
        (WebCore::SVGFontElement::registerLigaturesInGlyphCache):
        (WebCore::SVGKerningMap::insert):
        (WebCore::stringMatchesUnicodeRange):
        * svg/SVGPathByteStream.h:
        (WebCore::SVGPathByteStream::append):
        * svg/animation/SMILTimeContainer.cpp:
        (WebCore::SMILTimeContainer::setElapsed):
        (WebCore::SMILTimeContainer::updateAnimations):
        * svg/animation/SVGSMILElement.cpp:
        (WebCore::SVGSMILElement::parseBeginOrEnd):
        (WebCore::SVGSMILElement::connectConditions):
        (WebCore::SVGSMILElement::disconnectConditions):
        (WebCore::SVGSMILElement::notifyDependentsIntervalChanged):
        (WebCore::SVGSMILElement::createInstanceTimesFromSyncbase):
        * svg/graphics/filters/SVGFilterBuilder.cpp:
        (WebCore::SVGFilterBuilder::clearResultsRecursive):
        * svg/graphics/filters/SVGFilterBuilder.h:
        (WebCore::SVGFilterBuilder::addBuiltinEffects):
        * svg/properties/SVGAnimatedProperty.cpp:
        (WebCore::SVGAnimatedProperty::~SVGAnimatedProperty):
        * svg/properties/SVGListProperty.h:
        (WebCore::SVGListProperty::detachListWrappersAndResize):
        * svg/properties/SVGPathSegListPropertyTearOff.cpp:
        (WebCore::SVGPathSegListPropertyTearOff::clearContextAndRoles):

2015-05-21  Gyuyoung Kim  <gyuyoung.kim@webkit.org>

        Purge PassRefPtr in WebCore/Modules
        https://bugs.webkit.org/show_bug.cgi?id=145112

        Reviewed by Darin Adler.

        As a step to remove PassRefPtr, this patch replaces PassRefPtr with Ref or RefPtr
        depends on null of return value.

        No new tests, no behavior changes.

        * Modules/encryptedmedia/MediaKeySession.cpp:
        (WebCore::MediaKeySession::create):
        * Modules/encryptedmedia/MediaKeySession.h:
        * Modules/encryptedmedia/MediaKeys.cpp:
        (WebCore::MediaKeys::create):
        (WebCore::MediaKeys::createSession):
        * Modules/encryptedmedia/MediaKeys.h:
        * Modules/gamepad/Gamepad.h:
        * Modules/gamepad/NavigatorGamepad.cpp:
        (WebCore::NavigatorGamepad::gamepadFromPlatformGamepad):
        * Modules/gamepad/deprecated/Gamepad.h:
        * Modules/geolocation/GeolocationError.h:
        (WebCore::GeolocationError::create):
        * Modules/geolocation/GeolocationPosition.h:
        (WebCore::GeolocationPosition::create):
        * Modules/geolocation/Geoposition.h:
        (WebCore::Geoposition::create):
        * Modules/geolocation/PositionError.h:
        (WebCore::PositionError::create):
        * Modules/geolocation/PositionOptions.h:
        (WebCore::PositionOptions::create):
        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::create):
        * Modules/mediacontrols/MediaControlsHost.h:
        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::create):
        * Modules/mediasource/MediaSource.h:
        * Modules/mediastream/RTCDataChannel.cpp:
        (WebCore::RTCDataChannel::create):
        * Modules/mediastream/RTCDataChannel.h:
        * Modules/mediastream/RTCIceCandidate.cpp:
        (WebCore::RTCIceCandidate::create):
        * Modules/mediastream/RTCIceCandidate.h:
        * Modules/webaudio/OfflineAudioContext.cpp:
        (WebCore::OfflineAudioContext::create):
        * Modules/webaudio/OfflineAudioContext.h:
        * Modules/webaudio/OfflineAudioDestinationNode.h:
        (WebCore::OfflineAudioDestinationNode::create):
        * Modules/webaudio/OscillatorNode.cpp:
        (WebCore::OscillatorNode::create):
        * Modules/webaudio/OscillatorNode.h:
        * Modules/webdatabase/Database.cpp:
        (WebCore::Database::runTransaction):
        * Modules/webdatabase/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::originLockFor):
        * Modules/webdatabase/DatabaseTracker.h:
        * Modules/webdatabase/SQLError.h:
        (WebCore::SQLError::create):
        * Modules/webdatabase/SQLResultSet.h:
        (WebCore::SQLResultSet::create):
        * Modules/webdatabase/SQLResultSetRowList.h:
        (WebCore::SQLResultSetRowList::create):
        * Modules/webdatabase/SQLStatementBackend.cpp:
        (WebCore::SQLStatementBackend::create):
        * Modules/webdatabase/SQLStatementBackend.h:
        * Modules/webdatabase/SQLTransactionBackend.cpp:
        (WebCore::SQLTransactionBackend::create):
        * Modules/webdatabase/SQLTransactionBackend.h:
        * Modules/websockets/ThreadableWebSocketChannelClientWrapper.cpp:
        (WebCore::ThreadableWebSocketChannelClientWrapper::create):
        * Modules/websockets/ThreadableWebSocketChannelClientWrapper.h:
        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::create):
        * Modules/websockets/WebSocket.h:
        * Modules/websockets/WebSocketChannel.h:
        (WebCore::WebSocketChannel::create):
        * Modules/websockets/WorkerThreadableWebSocketChannel.h:
        (WebCore::WorkerThreadableWebSocketChannel::create):
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::create):
        * editing/InsertListCommand.h:
        (WebCore::InsertListCommand::create):
        * workers/Worker.cpp:
        (WebCore::Worker::create):
        * workers/Worker.h:
        * xml/XPathExpression.cpp:
        (WebCore::XPathExpression::createExpression):
        (WebCore::XPathExpression::evaluate):
        * xml/XPathExpression.h:

2015-05-20  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r184667 and r184682.
        https://bugs.webkit.org/show_bug.cgi?id=145245

        Broke media/media-controls-timeline-updates.html on WebKit2
        (Requested by ap on #webkit).

        Reverted changesets:

        "Media Controls stop updating after hovering for a few
        seconds."
        https://bugs.webkit.org/show_bug.cgi?id=144770
        http://trac.webkit.org/changeset/184667

        "Unreviewed. Media Controls stop updating after hovering for a
        few seconds."
        https://bugs.webkit.org/show_bug.cgi?id=144770
        http://trac.webkit.org/changeset/184682

2015-05-20  Jon Lee  <jonlee@apple.com>

        [iOS] Update optimized fullscreen controls artwork
        https://bugs.webkit.org/show_bug.cgi?id=145208
        rdar://problem/21034032

        Reviewed by Jer Noble.

        Update the artwork when media goes into optimized fullscreen. Add a new UI part
        representing return-from-optimized.

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::mediaUIImageData): Return data for the return button.
        * Modules/mediacontrols/MediaControlsHost.idl: Add a new part ID.
        * Modules/mediacontrols/mediaControlsApple.js: Add a new ClassName to apply to the
        button when in the proper state.
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.handlePresentationModeChange): Add the ClassName when the
        video goes into optimized fullscreen mode. Remove it otherwise.
        * platform/ios/WebCoreSystemInterfaceIOS.h:
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::mediaControlsStyleSheet): Add the return button data to the
        stylesheet.

2015-05-20  Alex Christensen  <achristensen@webkit.org>

        [ContentExtensions] Properly initialize ActionKey.state
        https://bugs.webkit.org/show_bug.cgi?id=145237
        rdar://problem/20716683

        Reviewed by Benjamin Poulain.

        * contentextensions/DFAMinimizer.cpp:
        Initialize ActionKey.state to Valid if it is a valid ActionKey.
        Inlining can now be done safely.

2015-05-20  Roger Fong  <roger_fong@apple.com>

        Unreviewed. Media Controls stop updating after hovering for a few seconds.
        https://bugs.webkit.org/show_bug.cgi?id=144770.
        <rdar://problem/19823121>

        Followup to r184667.
        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.showControls):
        Only put controls back into the tree if they don’t yet exist in the tree.
        Otherwise we interrupt operations like scrubbing.

2015-05-20  Enrica Casucci  <enrica@apple.com>

        [iOS] Using CSS viewport units causes incorrect layout.
        https://bugs.webkit.org/show_bug.cgi?id=145225
        rdar://problem/20924495

        Reviewed by Benjamin Poulain.

        * page/ViewportConfiguration.cpp:
        (WebCore::ViewportConfiguration::initialScaleFromSize):
        (WebCore::ViewportConfiguration::initialScale):
        (WebCore::ViewportConfiguration::initialScaleIgnoringContentSize):
        * page/ViewportConfiguration.h:
        (WebCore::ViewportConfiguration::initialScaleFromSize):
        (WebCore::ViewportConfiguration::initialScaleIgnoringContentSize):

2015-05-20  Chris Fleizach  <cfleizach@apple.com>

        AX: improve list heuristics (presentational use versus actual lists)
        https://bugs.webkit.org/show_bug.cgi?id=134187

        Reviewed by Darin Adler.

        Improve heuristics for list detection by:
            1. Not exposing lists without list markers (unless explicitly marked as lists)
            2. Recognizing css: before-content as list markers

        Test: accessibility/list-detection2.html

        * accessibility/AccessibilityList.cpp:
        (WebCore::AccessibilityList::isDescriptionList):
        (WebCore::AccessibilityList::childHasPseudoVisibleListItemMarkers):
        (WebCore::AccessibilityList::determineAccessibilityRole):
        * accessibility/AccessibilityList.h:

2015-05-20  Antti Koivisto  <antti@apple.com>

        REGRESSION (r172591): Can no longer style <optgroup> with colors (LayoutTests/fast/forms/select/optgroup-rendering.html)
        https://bugs.webkit.org/show_bug.cgi?id=145227
        rdar://problem/20967472

        Reviewed by Darin Adler.

        Test: fast/forms/select/select-painting.html

        Use computedStyle() consistently for option and optgroup items.

        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::paintItemForeground):
        (WebCore::RenderListBox::paintItemBackground):

            We can always use computedStyle() and it can't be null. If there was renderer style it would return that.

        * rendering/RenderMenuList.cpp:
        (RenderMenuList::itemStyle):
        (RenderMenuList::getItemBackgroundColor):

2015-05-19  Jer Noble  <jer.noble@apple.com>

        Touching HTMLMediaElement.h or MediaPlayer.h causes a world rebuild.
        https://bugs.webkit.org/show_bug.cgi?id=145193

        Reviewed by Eric Carlson.

        HTMLMediaElement.h and MediaPlayer.h are included in a number of headers solely for access to the enums
        defined within the classes contained within. Move these enums into their own--otherwise empty--classes.
        Then add `using` declarations to pull those inherited enums back into the namespace of HTMLMediaElement
        and MediaPlayer.

        Classes and headers which do not need to directly include HTMLMediaElement.h can now include HTMLMediaElementEnums.h
        instead; the same goes for MediaPlayer.h and MediaPlayerEnums.h.

        * WebCore.xcodeproj/project.pbxproj: Add new files to project.
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::TrackGroup::TrackGroup): Move definition here from the header.
        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::videoFullscreenGravity): MediaPlayer -> MediaPlayerEnums.
        (WebCore::HTMLMediaElement::preloadValue): Ditto.
        (WebCore::HTMLMediaElement::TrackGroup::TrackGroup): Deleted; moved to implementation file.
        * html/HTMLMediaElementEnums.h: Added.
        * html/MediaControllerInterface.h: Inherit from HTMLMediaElementEnums.
        * page/ChromeClient.h: HTMLMediaElement -> HTMLMediaElementEnums.
        * platform/graphics/MediaPlayer.h: MediaPlayer -> MediaPlayerEnums.
        * platform/graphics/MediaPlayerEnums.h: Added.
        * platform/ios/WebVideoFullscreenControllerAVKit.h:
        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (-[WebVideoFullscreenController enterFullscreen:mode:]): HTMLMediaElement -> HTMLMediaElementEnums.
        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::setupFullscreen): Ditto.
        (WebVideoFullscreenInterfaceAVKit::setupFullscreenInternal): Ditto.
        (WebVideoFullscreenInterfaceAVKit::enterFullscreen): Ditto.
        (WebVideoFullscreenInterfaceAVKit::exitFullscreenInternal): Ditto.
        (WebVideoFullscreenInterfaceAVKit::cleanupFullscreenInternal): Ditto.
        (WebVideoFullscreenInterfaceAVKit::requestHideAndExitFullscreen): Ditto.
        (WebVideoFullscreenInterfaceAVKit::mayAutomaticallyShowVideoOptimized): Ditto.
        (WebVideoFullscreenInterfaceAVKit::willStartOptimizedFullscreen): Ditto.
        (WebVideoFullscreenInterfaceAVKit::didStopOptimizedFullscreen): Ditto.
        (WebVideoFullscreenInterfaceAVKit::didCancelOptimizedFullscreen): Ditto.
        (WebVideoFullscreenInterfaceAVKit::setMode): Ditto.
        (WebVideoFullscreenInterfaceAVKit::clearMode): Ditto.
        * platform/ios/WebVideoFullscreenModel.h:
        * platform/ios/WebVideoFullscreenModelVideoElement.h:
        * platform/ios/WebVideoFullscreenModelVideoElement.mm:
        (WebVideoFullscreenModelVideoElement::setVideoElement): Ditto.
        (WebVideoFullscreenModelVideoElement::fullscreenModeChanged): Ditto.

2015-05-20  Roger Fong  <roger_fong@apple.com>

        Media Controls stop updating after hovering for a few seconds.
        https://bugs.webkit.org/show_bug.cgi?id=144770.
        <rdar://problem/19823121>

        Reviewed by Jer Noble.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.createBase):
        We should never hide controls immediately as a result of mousing out of the controls.
        It should only happen when the mouse leaves the video entirely.
        (Controller.prototype.updateTimelineMetricsIfNeeded):
        Don’t update if controls are hidden, timeline dimensions will be 0.
        (Controller.prototype.handlePanelTransitionEnd): 
        Instead of adjusting visibility via adding and removing classes,
        remove controls entirely from the tree.
        (Controller.prototype.showControls):
        Add controls back into the tree when showing controls.
        (Controller.prototype.updateForShowingControls):
        Helper method for showControls.
        (Controller.prototype.controlsAreHidden):
        Controls also hidden if removed from tree.

        Remove forceUpdate logic, no longer necessary.
        (Controller.prototype.handleDurationChange): 
        (Controller.prototype.updateProgress):
        (Controller.prototype.updateTime):

        Override methods to use add and remove panelContainer for iOS.
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.handlePanelTransitionEnd):
        (ControllerIOS.prototype.showControls):
        (ControllerIOS.prototype.controlsAreHidden):

2015-05-20  Eric Carlson  <eric.carlson@apple.com>

        [Mac] inform media session of all state changes
        https://bugs.webkit.org/show_bug.cgi?id=145222

        Reviewed by Dean Jackson.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::~HTMLMediaElement): Call updateMediaState.
        (WebCore::HTMLMediaElement::mediaPlayerEngineUpdated): Ditto.
        (WebCore::HTMLMediaElement::mediaPlayerFirstVideoFrameAvailable): Ditto.
        (WebCore::HTMLMediaElement::removeEventListener): Ditto.
        (WebCore::HTMLMediaElement::enqueuePlaybackTargetAvailabilityChangedEvent): Ditto.

2015-05-20  Daniel Bates  <dabates@apple.com>

        AX: AutoFill button is not accessible with VoiceOver
        https://bugs.webkit.org/show_bug.cgi?id=145200
        <rdar://problem/20507480>

        Reviewed by Chris Fleizach.

        Add ARIA label and role attributes to the AutoFill button markup so that VoiceOver
        can identify and interact with it.

        Test: accessibility/input-auto-fill-button.html

        * English.lproj/Localizable.strings: Add placeholder localized string for AutoFill button.
        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::createAutoFillButton): Add ARIA label and role attributes.
        * platform/LocalizedStrings.cpp:
        (WebCore::AXAutoFillButtonText): Added; returns the localized string for the AutoFill button.
        * platform/LocalizedStrings.h:
        * platform/efl/LocalizedStringsEfl.cpp:
        (WebCore::AXAutoFillButtonText): Ditto.
        * platform/gtk/LocalizedStringsGtk.cpp:
        (WebCore::AXAutoFillButtonText): Ditto.

2015-05-20  Dean Jackson  <dino@apple.com>

        Label text for default buttons don’t have the correct white color
        https://bugs.webkit.org/show_bug.cgi?id=145221
        <rdar://problem/20985817>

        Follow-up commit. After discussion with the AppKit team, we've
        concluded that a solid white is the color that best matches
        the system.

        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::systemColor): Use Color::white.

2015-05-20  Dean Jackson  <dino@apple.com>

        Label text for default buttons don’t have the correct white color
        https://bugs.webkit.org/show_bug.cgi?id=145221
        <rdar://problem/20985817>

        Reviewed by Tim Horton.

        Use a 85% solid white for the active text color on buttons.

        As has been disappointingly pointed out in other patches, we don't
        have a good way to test ActiveButtonText since it only applies at
        paint time.

        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::systemColor): Move to an 85% solid white.

2015-05-20  Alexey Proskuryakov  <ap@apple.com>

        ThreadableLoaderOptions::isolatedCopy() doesn't produce a copy that is safe for sending to another thread
        https://bugs.webkit.org/show_bug.cgi?id=145217

        Reviewed by Anders Carlsson.

        Caught by existing tests, rarely. I don't know how to catch such bugs more reliably.

        * loader/ThreadableLoader.cpp: (WebCore::ThreadableLoaderOptions::isolatedCopy):
        * loader/ThreadableLoader.h:

2015-05-20  Tim Horton  <timothy_horton@apple.com>

        Add a mechanism to opt-out of the automatic scaling applied to not-really-responsive sites
        https://bugs.webkit.org/show_bug.cgi?id=144760

        Reviewed by Darin Adler.

        Add a new viewport property, shrink-to-fit, which can be used to disable
        the automatic scaling introduced in r181400. This provides sites with a
        way to tell WebKit that they're really sure they want to be laid out at
        window-width/height, even if they fail to fit within that size.

        * dom/ViewportArguments.cpp:
        (WebCore::ViewportArguments::resolve):
        (WebCore::findBooleanValue):
        (WebCore::setViewportFeature):
        * dom/ViewportArguments.h:
        (WebCore::ViewportArguments::ViewportArguments):
        (WebCore::ViewportArguments::operator==):
        * page/ViewportConfiguration.cpp:
        (WebCore::ViewportConfiguration::shouldIgnoreHorizontalScalingConstraints):
        (WebCore::ViewportConfiguration::shouldIgnoreVerticalScalingConstraints):
        (WebCore::ViewportConfiguration::webpageParameters):
        (WebCore::ViewportConfiguration::textDocumentParameters):
        (WebCore::ViewportConfiguration::imageDocumentParameters):
        (WebCore::ViewportConfiguration::testingParameters):
        (WebCore::booleanViewportArgumentIsSet):
        (WebCore::ViewportConfiguration::updateConfiguration):
        (WebCore::ViewportConfigurationTextStream::operator<<):
        (WebCore::viewportArgumentUserZoomIsSet): Deleted.
        * page/ViewportConfiguration.h:
        (WebCore::ViewportConfiguration::Parameters::Parameters):
        Plumb the shrink-to-fit viewport property through.
        If shrink-to-fit is set to yes, or not set, we behave as usual; if it is
        set to no, we will bail from shouldIgnore[Horizontal|Vertical]ScalingConstraints,
        effectively disabling the automatic scaling introduced in r181400.

2015-05-20  Antti Koivisto  <antti@apple.com>

        Assertion failure in WebCore::BidiRun::BidiRun()
        https://bugs.webkit.org/show_bug.cgi?id=145203
        rdar://problem/20958973

        Reviewed by Andreas Kling.

        Test: fast/text/text-combine-crash.html

        * rendering/line/BreakingContext.h:
        (WebCore::BreakingContext::handleText):

            Renove !isCombined() check. RenderCombineText::combineText() doesn't
            do any work unless needed and text may become uncombined too.

        * rendering/line/LineBreaker.cpp:
        (WebCore::LineBreaker::skipLeadingWhitespace):

            Same here.

2015-05-20  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        AudioContext resume/close/suspend should reject promises with a DOM exception in lieu of throwing exceptions
        https://bugs.webkit.org/show_bug.cgi?id=145064

        Reviewed by Darin Adler.

        Rejecting resume/suspend/close promises with InvalidStateError values in case context is offline.
        Removed unneeded calls to postTask for resolving/rejecting promises.
        Adding promise rejection of DOM Exception values, 0 being equivalent of no error passed to reject callback.

        Test: webaudio/audiocontext-promise-throwing.html

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::suspendContext): Rejecting promise in lieu of throwing exception.
        (WebCore::AudioContext::resumeContext): Ditto.
        (WebCore::AudioContext::closeContext): Ditto.
        * Modules/webaudio/AudioContext.h:
        * bindings/js/JSAudioContextCustom.cpp:
        (WebCore::JSAudioContext::suspend): Removing ExceptionCode handling.
        (WebCore::JSAudioContext::resume): Ditto.
        (WebCore::JSAudioContext::close): Ditto.
        * bindings/js/JSDOMBinding.cpp:
        (WebCore::createDOMException): Splitting DOM exception creation from throwing.
        (WebCore::setDOMException): Ditto.
        * bindings/js/JSDOMBinding.h: Adding createDOMException prototype.
        * bindings/js/JSDOMPromise.h:
        (WebCore::DeferredWrapper::reject<ExceptionCode>):

2015-05-20  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r184645.
        https://bugs.webkit.org/show_bug.cgi?id=145220

        Broken build (Requested by jacob_nielsen on #webkit).

        Reverted changeset:

        "AX: AutoFill button is not accessible with VoiceOver"
        https://bugs.webkit.org/show_bug.cgi?id=145200
        http://trac.webkit.org/changeset/184645

2015-05-20  Daniel Bates  <dabates@apple.com>

        AX: AutoFill button is not accessible with VoiceOver
        https://bugs.webkit.org/show_bug.cgi?id=145200
        <rdar://problem/20507480>

        Reviewed by Chris Fleizach.

        Add ARIA label and role attributes to the AutoFill button markup so that VoiceOver
        can identify and interact with it.

        Test: accessibility/input-auto-fill-button.html

        * English.lproj/Localizable.strings: Add placeholder localized string for AutoFill button.
        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::createAutoFillButton): Add ARIA label and role attributes.
        * platform/LocalizedStrings.cpp:
        (WebCore::AXAutoFillButtonText): Added; returns the localized string for the AutoFill button.
        * platform/LocalizedStrings.h:
        * platform/efl/LocalizedStringsEfl.cpp:
        (WebCore::AXAutoFillButtonText): Ditto.
        * platform/gtk/LocalizedStringsGtk.cpp:
        (WebCore::AXAutoFillButtonText): Ditto.

2015-05-20  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Relax restrictions on triggers that match everything.
        https://bugs.webkit.org/show_bug.cgi?id=145069

        Reviewed by Benjamin Poulain.

        Added API tests that cover the new functionality and test for correctness in behavior.

        * contentextensions/CompiledContentExtension.cpp:
        (WebCore::ContentExtensions::CompiledContentExtension::globalDisplayNoneSelectors):
        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::addUniversalActionsToDFA):
        (WebCore::ContentExtensions::compileRuleList):
        Put universalActionsWithoutDomains into the DFA from filtersWithoutDomains and
        put universalActionsWithDomains into the DFA from filtersWithDomains.        
        * contentextensions/ContentExtensionError.cpp:
        (WebCore::ContentExtensions::contentExtensionErrorCategory):
        * contentextensions/ContentExtensionError.h:
        Remove error codes for errors that are not errors any more.
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
        * contentextensions/ContentExtensionsBackend.h:
        * contentextensions/DFABytecode.h:
        (WebCore::ContentExtensions::instructionSizeWithArguments):
        * contentextensions/DFABytecodeCompiler.cpp:
        (WebCore::ContentExtensions::set32Bits):
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitAppendAction):
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitJump):
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitCheckValue):
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitCheckValueRange):
        (WebCore::ContentExtensions::DFABytecodeCompiler::compileNode):
        (WebCore::ContentExtensions::DFABytecodeCompiler::compile):
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitTestFlagsAndAppendAction): Deleted.
        * contentextensions/DFABytecodeCompiler.h:
        * contentextensions/DFABytecodeInterpreter.cpp:
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretAppendAction):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretTestFlagsAndAppendAction):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::actionsForDefaultStylesheetFromDFARoot):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::actionsFromDFARoot): Deleted.
        * contentextensions/DFABytecodeInterpreter.h:
        Add a new bytecode AppendActionDefaultStylesheet to mark actions that are css-display-none
        that need to be put in the default stylesheet to be ignored or not as a whole.
        css-display-none actions with flags or domain rules and css-display-none actions 
        after ignore-previous-rules actions are not to be in this precompiled stylesheet, but
        they will be applied as needed per page.  The precompiled stylesheet is already applied
        if no ignore-previous-rules action is triggered.
        * loader/ResourceLoadInfo.h:

2015-05-20  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        JS binding generator should create a member variable for each Promise attribute of an interface
        https://bugs.webkit.org/show_bug.cgi?id=145056

        Reviewed by Darin Adler.

        For each attribute XXX whose type is Promise, a member m_XXXPromiseDeferred is created, its type being a JSC::Strong of JSPromiseDeferred.
        The purpose is to enable custom getters to create the JSPromiseDeferred and store ino the class member to ensure the same promise is returned each time
        the custom getter is called.
        This patch will enable simplifying ReadableStreamReader custom binding.

        Covered by added attribute in TestObj.idl.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
        (webkit_dom_test_obj_get_property):
        (webkit_dom_test_obj_class_init):
        (webkit_dom_test_obj_get_test_promise_attr):
        (webkit_dom_test_obj_set_nullable_string_value): Deleted.
        * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjTestPromiseAttr):
        (WebCore::jsTestObjAttributeWithReservedEnumType): Deleted.
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/ObjC/DOMTestObj.h:
        * bindings/scripts/test/ObjC/DOMTestObj.mm:
        (-[DOMTestObj testPromiseAttr]):
        (-[DOMTestObj attribute]): Deleted.
        * bindings/scripts/test/TestObj.idl:

2015-05-20  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        AudioContext suspend/resume/close should resolve promises immediately when state is already suspended/active/closed
        https://bugs.webkit.org/show_bug.cgi?id=145164

        Reviewed by Jer Noble.

        Test: webaudio/audiocontext-promise.html

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::suspendContext): Immediatly call callbacks whenever possible to resolve/reject promises.
        (WebCore::AudioContext::resumeContext): Ditto.
        (WebCore::AudioContext::closeContext): Ditto

2015-05-20  Carlos Garcia Campos  <cgarcia@igalia.com>

        REGRESSION(r184420): [GTK] webkit_dom_html_element_get_children has been removed
        https://bugs.webkit.org/show_bug.cgi?id=145174

        Reviewed by Philippe Normand.

        children property has been moved to Element, Document and
        DocumentFragment to match the spec, so we need to expose the new
        get_children and bring back webkit_dom_html_element_get_children()
        as deprecated.

        * bindings/gobject/WebKitDOMDeprecated.cpp:
        (webkit_dom_html_element_get_children):
        * bindings/gobject/WebKitDOMDeprecated.h:
        * bindings/gobject/WebKitDOMDeprecated.symbols:
        * bindings/gobject/webkitdom.symbols:

2015-05-20  Hunseop Jeong  <hs85.jeong@samsung.com>

        nullptr cleanup in WebCore/xml.
        https://bugs.webkit.org/show_bug.cgi?id=145165

        Reviewed by Csaba Osztrogonác.

        No new tests, no behavior changes

        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::responseXML):
        (WebCore::XMLHttpRequest::internalAbort):
        (WebCore::XMLHttpRequest::clearResponseBuffers):
        (WebCore::XMLHttpRequest::clearRequest):
        (WebCore::XMLHttpRequest::didFinishLoading):
        * xml/XMLHttpRequestProgressEventThrottle.cpp:
        (WebCore::XMLHttpRequestProgressEventThrottle::flushProgressEvent):
        * xml/XSLImportRule.cpp:
        (WebCore::XSLImportRule::XSLImportRule):
        (WebCore::XSLImportRule::~XSLImportRule):
        (WebCore::XSLImportRule::setXSLStyleSheet):
        (WebCore::XSLImportRule::loadSheet):
        * xml/XSLStyleSheet.h:
        * xml/XSLStyleSheetLibxslt.cpp:
        (WebCore::XSLStyleSheet::XSLStyleSheet):
        (WebCore::XSLStyleSheet::~XSLStyleSheet):
        (WebCore::XSLStyleSheet::clearDocuments):
        * xml/XSLTProcessorLibxslt.cpp:
        (WebCore::saveResultToString):
        (WebCore::xsltParamArrayFromParameterMap):
        (WebCore::xmlDocPtrFromNode):
        (WebCore::XSLTProcessor::transformToString):
        * xml/parser/XMLDocumentParser.cpp:
        (WebCore::XMLDocumentParser::clearCurrentNodeStack):
        (WebCore::XMLDocumentParser::exitText):
        (WebCore::XMLDocumentParser::notifyFinished):
        * xml/parser/XMLDocumentParser.h:
        * xml/parser/XMLDocumentParserLibxml2.cpp:
        (WebCore::openFunc):
        (WebCore::XMLDocumentParser::XMLDocumentParser):
        * xml/parser/XMLDocumentParserScope.cpp:
        * xml/parser/XMLDocumentParserScope.h:

2015-05-19  Carlos Garcia Campos  <cgarcia@igalia.com>

        [SOUP] Network Cache: Implement ShareableResource for Soup and enable it for GTK platform
        https://bugs.webkit.org/show_bug.cgi?id=144380

        Reviewed by Antti Koivisto.

        Add a soup implementation of SharedBuffer::tryReplaceContentsWithPlatformBuffer().

        Covered by http/tests/cache/disk-cache/ tests.

        * loader/cache/CachedResource.cpp: Define
        CachedResource::tryReplaceEncodedData() also for Soup.
        * loader/cache/CachedResource.h: Ditto.
        * platform/soup/SharedBufferSoup.cpp:
        (WebCore::SharedBuffer::tryReplaceContentsWithPlatformBuffer):

2015-05-17  Sam Weinig  <sam@webkit.org>

        Organize event handlers a bit
        https://bugs.webkit.org/show_bug.cgi?id=145106

        Reviewed by Darin Adler.

        - Add GlobalEventHandlers.idl (from https://html.spec.whatwg.org/multipage/webappapis.html#globaleventhandlers)
          and move all event handlers shared by Element, Document and DOMWindow there. Put all the standard defined
          event handlers at the top (commenting out the ones that aren't implemented yet) and the non-standard ones
          at the bottom.

          There is one change in behavior here. Previously, the media related event handlers where only exposed on
          Element and DOMWindow. The spec says they should also be on Document, so this adds support for that (this
          is tested in fast/dom/event-handler-attributes.html).

        - Add WindowEventHandlers.idl (from https://html.spec.whatwg.org/multipage/webappapis.html#windoweventhandlers)
          and move all event handlers shared by DOMWindow, HTMLBodyElement and HTMLFrameSetElement there. Put all the 
          standard defined event handlers at the top (commenting out the ones that aren't implemented yet) and the 
          non-standard ones at the bottom.

        - Group remaining event handlers in Element, Document, DOMWindow, HTMLBodyElement and HTMLFrameSetElement by
          their grouping, and add some FIXMEs for future cleaning.

        * CMakeLists.txt:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:
        - Add GlobalEventHandlers.idl and WindowEventHandlers.idl.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        Add special cases for WindowEventHandler when used on DOMWindow and DocumentEventHandler when used on Document
        so that event handlers using those extended attributes can be set on shared interfaces. This is used to allow
        DOMWindow to implement WindowEventHandlers.

        * dom/Document.idl:
        Move event handlers to GlobalEventHandlers and have Document implement it. Group remaining event handlers.

        * dom/Element.idl:
        Move event handlers to GlobalEventHandlers and have Element implement it. Group remaining event handlers.

        * dom/GlobalEventHandlers.idl:
        Added.

        * html/HTMLBodyElement.idl:
        Move event handlers to WindowEventHandlers and have HTMLBodyElement implement it. Group remaining event handlers.
        
        * html/HTMLFrameSetElement.idl:
        Move event handlers to WindowEventHandlers and have HTMLFrameSetElement implement it. Group remaining event handlers.

        * page/DOMWindow.idl:
        Move event handlers to GlobalEventHandlers and WindowEventHandlers and have DOMWindow implement both of them. Group 
        remaining event handlers.

        * page/WindowEventHandlers.idl:
        Added.

2015-05-19  Antti Koivisto  <antti@apple.com>

        Crash under WebCore::invalidateStyleRecursively
        https://bugs.webkit.org/show_bug.cgi?id=145186
        rdar://problem/19736838

        Reviewed by Andreas Kling

        We have seen crashes where we run out of stack under invalidateStyleRecursively in StyleInvalidationAnalysis
        on some devices.

        Switch to iterative algorithm.

        * css/StyleInvalidationAnalysis.cpp:
        (WebCore::StyleInvalidationAnalysis::StyleInvalidationAnalysis):
        (WebCore::invalidateIfNeeded):
        (WebCore::invalidateStyleForTree):
        (WebCore::StyleInvalidationAnalysis::invalidateStyle):
        (WebCore::invalidateStyleRecursively): Deleted.

2015-05-19  Yusuke Suzuki  <utatane.tea@gmail.com>

        Move AtomicStringImpl table related operations from AtomicString to AtomicStringImpl
        https://bugs.webkit.org/show_bug.cgi?id=145109

        Reviewed by Darin Adler.

        * dom/TreeScope.cpp:
        (WebCore::TreeScope::getElementById):

2015-05-19  Jon Lee  <jonlee@apple.com>

        [iOS] Optimized fullscreen placeholder is incorrectly sized
        https://bugs.webkit.org/show_bug.cgi?id=145196
        rdar://problem/21031188

        Reviewed by Dean Jackson.

        Add a new media part UI for the placeholder text when entering optimized fullscreen,
        and use it as part of the title text in the placeholder. Now the wireless playback status
        div serves as a multi-purpose placeholder.

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::mediaUIImageData): Return the placeholder text.
        * Modules/mediacontrols/MediaControlsHost.idl: Add a new UI part for placeholder text.
        * Modules/mediacontrols/mediaControlsApple.js: Add a new "optimized" ClassName when
        the presentation mode is set to optimized.

        * Modules/mediacontrols/mediaControlsiOS.css:
        (audio::-webkit-media-controls-wireless-playback-status): The text should be at
        medium weight, not light weight.
        (audio::-webkit-media-controls-wireless-playback-text-top): The title text should be
        white for both wireless playback and optimized fullscreen. It matches the style
        when taking a video fullscreen.

        Add new CSS rules when the placard is used for optimized fullscreen.
        (audio::-webkit-media-controls-wireless-playback-status.optimized): Accommodate the
        size of the graphic, and position appropriately.
        (audio::-webkit-media-controls-wireless-playback-text-top.optimized): One line is
        needed, so use this one, and place it where the bottom one is since more room is
        needed to accommodate the graphic.
        (audio::-webkit-media-controls-wireless-playback-text-bottom.optimized): One line is
        needed, so hide this one.
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.createControls): Several of the container divs are already
        created in Controller.prototype.createControls(). Fly-by fix to avoid creation of
        those divs. Only the panelContainer is new for the iOS controls. Fly-by fix of a
        missing semicolon.
        (ControllerIOS.prototype.handlePresentationModeChange): When the presentation mode
        changes do several things:
            1- Update the background image. Clear the inline background image when going back
               to inline or in wireless playback.
            2- Add the "optimized" ClassName to the placeholder container, and the two text
               divs when entering optimized fullscreen. Remove them in other cases.
            3- Set -webkit-media-controls-wireless-playback-text-top to the placeholder text.
               This is better than embedding it inside the graphic. Clear the -bottom text.
        * platform/ios/WebCoreSystemInterfaceIOS.h: Add a new enum to obtain the placeholder
        text.

2015-05-19  Ryuan Choi  <ryuan.choi@navercorp.com>

        [EFL] Use GSimpleProxyResolver instead of custom SoupProxyResolver
        https://bugs.webkit.org/show_bug.cgi?id=145154

        Reviewed by Gyuyoung Kim.

        SoupProxyResolver was deprecated since libsoup 2.42.
        So, this patch refactors the custom SoupProxyResolver to GSimpleProxyResolver
        which provides same functionality in gio.

        No new tests, because there is not behavior change.

        * PlatformEfl.cmake:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * platform/network/soup/ProxyResolverSoup.cpp: Removed.
        * platform/network/soup/ProxyResolverSoup.h: Removed.
        * platform/network/soup/SoupNetworkSession.cpp:
        (WebCore::SoupNetworkSession::setHTTPProxy): Moved to private member.
        (WebCore::SoupNetworkSession::httpProxy): Deleted because nobody calls it.
        * platform/network/soup/SoupNetworkSession.h:

2015-05-19  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r184595.
        https://bugs.webkit.org/show_bug.cgi?id=145197

        Introduced a crash in 15 layout tests on Mavericks on #webkit
        (Requested by rniwa on #webkit).

        Reverted changeset:

        "Media Controls stop updating after hovering for a few
        seconds."
        https://bugs.webkit.org/show_bug.cgi?id=144770
        http://trac.webkit.org/changeset/184595

2015-05-19  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        REGRESSION(r181571): Build broken when USE(OPENGL_ES_2) is defined.
        https://bugs.webkit.org/show_bug.cgi?id=145156

        Reviewed by Alex Christensen.

        No new tests, no behavior changes.

        Vertex Array Objects are not available in OpenGLESv2.
        Add guards to avoid using this when building with GLESv2.

        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::createVertexArray):
        (WebCore::GraphicsContext3D::deleteVertexArray):
        (WebCore::GraphicsContext3D::isVertexArray):
        (WebCore::GraphicsContext3D::bindVertexArray):

2015-05-19  Roger Fong  <roger_fong@apple.com>

        Upper half of volume control should be filled, not hollow.
        https://bugs.webkit.org/show_bug.cgi?id=145187.
        <rdar://problem/21021970>

        Reviewed by Dean Jackson.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.drawVolumeBackground):

2015-05-19  Michael Saboff  <msaboff@apple.com>

        REGRESSION(183787): JIT is enabled for all builds
        https://bugs.webkit.org/show_bug.cgi?id=145179

        Reviewed by Geoffrey Garen.

        Eliminated the setting of ENABLE_JIT, as wtf/Platform.h has appropriate logic to
        set it depending on OS and CPU type.

        Only changed the way build options are initialized.

        * Configurations/FeatureDefines.xcconfig:

2015-05-19  Chris Dumez  <cdumez@apple.com>

        [Mac] Font lookups are flakey due to caching
        https://bugs.webkit.org/show_bug.cgi?id=145180
        <rdar://problem/21012406>

        Reviewed by Darin Adler.

        Font lookups were flakey on Mac due to the cache in fontWithFamily().
        The reason is that the "desired family" to "available family" mapping
        is sometimes dependent on the desired traits. However, our cache was
        only using the "desired family" as key.

        This patch now uses a std::pair as key containing both the "desired
        family" and the "desired traits" for correctness. I also updated the
        cache to use WTF types instead of NS types.

        Test: platform/mac/fast/text/font-weights.html

        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::desiredFamilyToAvailableFamilyMap):
        (WebCore::hasDesiredFamilyToAvailableFamilyMapping):
        (WebCore::rememberDesiredFamilyToAvailableFamilyMapping):
        (WebCore::fontWithFamily):
        (WebCore::invalidateFontCache):
        (WebCore::desiredFamilyToAvailableFamilyDictionary): Deleted.

2015-05-19  Brady Eidson  <beidson@apple.com>

        X-Frame-Options headers not respected when loading from application cache.
        <rdar://problem/14877623> and https://bugs.webkit.org/show_bug.cgi?id=131800

        Reviewed by Alexey Proskuryakov.

        Test: http/tests/appcache/x-frame-options-prevents-framing.php

        This patch updates SubstituteData to hold on to a ResourceResponse instead of just a URL.
        
        It also updates all users of SubstituteData to reflect this.
        
        Finally it updates ApplicationCacheHost to put the full response (including x-frame-options header)
        in the SubstituteData so they can be checked at the appropriate times.
        
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::handleSubstituteDataLoadNow):
        (WebCore::DocumentLoader::responseReceived): Update an ASSERT to reflect that it's okay to not have
          a main resource as long as you have a substitute identifier for it.
        (WebCore::DocumentLoader::documentURL):
        (WebCore::DocumentLoader::contentFilterDidDecide):
        
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadArchive):
        (WebCore::FrameLoader::defaultSubstituteDataForURL):

        * loader/SubstituteData.h:
        (WebCore::SubstituteData::SubstituteData):
        (WebCore::SubstituteData::shouldRevealToSessionHistory):
        (WebCore::SubstituteData::mimeType):
        (WebCore::SubstituteData::textEncoding):
        (WebCore::SubstituteData::response):
        (WebCore::SubstituteData::responseURL): Deleted.

        * loader/appcache/ApplicationCacheHost.cpp:
        (WebCore::ApplicationCacheHost::maybeLoadMainResource): Put the full ResourceResponse here, which 
          includes x-frame-options headers sent back when the resources was initially loaded from the network.

        * platform/network/ResourceResponseBase.h:

2015-05-19  Brent Fulgham  <bfulgham@apple.com>

        REGRESSION(142590): Part 2: Scroll-snap points are improperly snapping to earlier index values (Scrolling Thread) 
        https://bugs.webkit.org/show_bug.cgi?id=145175
        <rdar://problem/21023785>

        Reviewed by Beth Dakin.

        Extend the main-thread scrolling changes done in Bug 145140 to also handle Scrolling Thread snapping.
        The post-layout fixup (needed to handle window resize and device orientation changes) should not fire
        while Scrolling Thread scroll-snap animations are running, since these animations will most likely
        move the scroll view into the proper position. If we attempt to 'fix up' the scroll position before
        these animations finish, we get an ugly 'jump' in the display.

        * page/FrameView.cpp:
        (WebCore::FrameView::isScrollSnapInProgress): New method based on isRubberBandInProgress, which considers
        both the ScrollAnimator (main thread) scrolling, as well as the ScrollingCoordinator (Scrolling Thread)
        scrolling operations. Returns true if a scroll-snap animation is still active.
        * page/FrameView.h:
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::isScrollSnapInProgress): Added. Returns scrolling tree's
        'isScrollSnapInProgress' state.
        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ScrollingCoordinator.h:
        (WebCore::ScrollingCoordinator::isScrollSnapInProgress): Added default 'false' stub.
        * page/scrolling/ScrollingTree.cpp:
        (WebCore::ScrollingTree::ScrollingTree): Use modern C++11 initializers.
        (WebCore::ScrollingTree::isScrollSnapInProgress): Added.
        (WebCore::ScrollingTree::setMainFrameIsScrollSnapping): Added.
        * page/scrolling/ScrollingTree.h:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::handleWheelEvent): Update scrolling tree state to match the
        ScrollController's scroll-snap state.
        (WebCore::ScrollingTreeFrameScrollingNodeMac::startScrollSnapTimer): Added. When starting a scroll snap timer,
        always set the scrolling tree scroll-snapping state to true.
        (WebCore::ScrollingTreeFrameScrollingNodeMac::stopScrollSnapTimer): Added. When ending a scroll snap timer,
        only set the scrolling tree scroll-snapping state to false if the other axis animator is inactive.
        * platform/ScrollableArea.cpp:
        (WebCore::ScrollableArea::updateScrollSnapState): Revise implementation to use its 'isScrollSnapInProgress'
        method, rather than only looking at the ScrollAnimator (main thread) state.
        * platform/ScrollableArea.h:
        (WebCore::ScrollableArea::isScrollSnapInProgress): Added.
        * platform/cocoa/ScrollController.h:
        * platform/cocoa/ScrollController.mm:
        (WebCore::ScrollController::hasActiveScrollSnapTimerForAxis): Added. Reports if the scroll snap animation
        timer on the requested axis is running or not.
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::isScrollSnapInProgress): Added.
        * rendering/RenderLayer.h:

2015-05-19  Roger Fong  <roger_fong@apple.com>

        Media Controls stop updating after hovering for a few seconds.
        https://bugs.webkit.org/show_bug.cgi?id=144770.
        <rdar://problem/19823121>

        Reviewed by Jer Noble.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.createBase):
        We should never hide controls immediately as a result of mousing out of the controls.
        It should only happen when the mouse leaves the video entirely.
        (Controller.prototype.updateTimelineMetricsIfNeeded):
        Don’t update if controls are hidden, timeline dimensions will be 0.
        (Controller.prototype.handlePanelTransitionEnd): 
        Instead of adjusting visibility via adding and removing classes,
        remove controls entirely from the tree.
        (Controller.prototype.showControls):
        Add controls back into the tree when showing controls.
        (Controller.prototype.updateForShowingControls):
        Helper method for showControls.
        (Controller.prototype.controlsAreHidden):
        Controls also hidden if removed from tree.

        Remove forceUpdate logic, no longer necessary.
        (Controller.prototype.handleDurationChange): 
        (Controller.prototype.updateProgress):
        (Controller.prototype.updateTime):

        Override methods to use add and remove panelContainer for iOS.
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.handlePanelTransitionEnd):
        (ControllerIOS.prototype.showControls):
        (ControllerIOS.prototype.controlsAreHidden):

2015-05-19  Brent Fulgham  <bfulgham@apple.com>

        Scroll-snap animations should not start on axes with zero-delta
        https://bugs.webkit.org/show_bug.cgi?id=145148

        Reviewed by Dean Jackson.

        Don't begin a scroll snap animation on an axis that had no change in position (on that axis)
        during the gesture.

        * platform/cocoa/ScrollController.mm:
        (WebCore::ScrollController::processWheelEventForScrollSnapOnAxis): Don't begin a scroll snap
        animation if no movement on this axis was ever made.

2015-05-19  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        AudioContext should resolve promises with jsUndefined() and not jsNull()
        https://bugs.webkit.org/show_bug.cgi?id=145063

        Reviewed by Sam Weinig.

        Covered by updated test.

        * bindings/js/JSDOMPromise.h:
        (WebCore::DeferredWrapper::resolve): resolving std::nullptr_t as jsUndefined() and not jsNull()

2015-05-19  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] Migrate closed promise handling from ReadableStreamReader to ReadableStream
        https://bugs.webkit.org/show_bug.cgi?id=145110

        Reviewed by Darin Adler.

        Reader is now just checking whether it is the reader locking the stream or not.
        If not and stream is readable, it resolves the closed promise.
        Otherwise, it delegates the promise handling to its stream.

        No change in behavior.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::cleanCallbacks): Cleaning of closed callbacks.
        (WebCore::ReadableStream::changeStateToClosed): Resolving closed promise if set.
        (WebCore::ReadableStream::changeStateToErrored): Rejecting closed promise if set.
        (WebCore::ReadableStream::getReader): Removed reader state notification.
        (WebCore::ReadableStream::closed): Moved from reader to stream.
        * Modules/streams/ReadableStream.h:
        (WebCore::ReadableStream::reader): Added to allow reader to check whether it is locking its stream or not.
        (WebCore::ReadableStream::isReadable): Added as an improvement over internalState which is removed.
        (WebCore::ReadableStream::internalState): Deleted.
        * Modules/streams/ReadableStreamReader.cpp:
        (WebCore::ReadableStreamReader::closed):
        * Modules/streams/ReadableStreamReader.h: Removed state and closed promise callbacks.
        * bindings/js/JSReadableStreamControllerCustom.cpp:
        (WebCore::JSReadableStreamController::close): Refactoring of internalState to isReadable.
        (WebCore::JSReadableStreamController::error): Ditto.
        * bindings/js/JSReadableStreamReaderCustom.cpp:
        (WebCore::JSReadableStreamReader::closed): Refactoring to have the promise value as callback parameter.

2015-05-19  Jeremy Jones  <jeremyj@apple.com>

        Remove use of deprecated AVKit SPI cancelOptimizedFullscreen.
        https://bugs.webkit.org/show_bug.cgi?id=145159

        Reviewed by Eric Carlson.

        Remove cancelOptimizedFullscreen, and use stopOptimizedFullscreen instead.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::cleanupFullscreenInternal):
        * platform/spi/cocoa/AVKitSPI.h: remove declaration.

2015-05-19  Zalan Bujtas  <zalan@apple.com>

        Merged anonymous blocks should invalidate simple line layout path.
        https://bugs.webkit.org/show_bug.cgi?id=145104
        rdar://problem/20980930

        Reviewed by Antti Koivisto.

        When anonymous blocks are merged together, it's not guaranteed that the final block can use simple line layout.
        This patch ensures that the flow block, where the other block's content gets moved to, is no longer on simple line layout path.
        Whether the final flow block ends up using inline boxes or simple line layout will be determined during the next layout.

        Test: fast/block/crash-when-anonymous-blocks-are-merged-with-simple-line-layout.html

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::insertChildInternal):

2015-05-19  Beth Dakin  <bdakin@apple.com>

        Crash in WebCore::RenderLayer::updateScrollbarsAfterLayout
        https://bugs.webkit.org/show_bug.cgi?id=145142

        Reviewed by Simon Fraser.

        I have not been able to reproduce this crash, but according to symbolication 
        m_vBar is null. It seems like this crash was probably caused by 
        http://trac.webkit.org/changeset/173668 which made it so that overflow:scroll 
        behaves like overflow:auto when the scrollbars are overlay. I can see how you 
        could encounter this crash with that change if the layout caused 
        styleRequiresScrollbar() to return true when it used to return false. Then this 
        code, by failing to null-check the scrollbars, assumes that 
        styleRequiresScrollbar() could not have changed based on a layout. But it could 
        change if the css changed the scrollbars to be custom or if the user managed 
        switch to legacy style scrollbars at just the wrong time. Or I suppose it could 
        also happen if the user has legacy scrollbars and the style switched from auto to 
        scroll during the layout.

        Anyway, we should null-check  the scrollbars. This is a speculative fix.
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::updateScrollbarsAfterLayout):

2015-05-19  Hunseop Jeong  <hs85.jeong@samsung.com>

        Use modern for-loops in WebCore/xml.
        https://bugs.webkit.org/show_bug.cgi?id=145046

        Reviewed by Chris Dumez.

        No new tests, no new tests.

        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::uppercaseKnownHTTPMethod):
        * xml/XPathExpressionNode.cpp:
        (WebCore::XPath::Expression::setSubexpressions):
        * xml/XPathFunctions.cpp:
        (WebCore::XPath::FunSum::evaluate):
        (WebCore::XPath::populateFunctionMap):
        * xml/XPathNodeSet.cpp:
        (WebCore::XPath::NodeSet::traversalSort):
        * xml/XPathParser.cpp:
        (WebCore::XPath::populateAxisNamesMap):
        * xml/XPathPath.cpp:
        (WebCore::XPath::Filter::evaluate):
        (WebCore::XPath::LocationPath::evaluate):
        * xml/XPathPredicate.cpp:
        (WebCore::XPath::EqTestOp::compare):
        (WebCore::XPath::Union::evaluate):
        * xml/XPathStep.cpp:
        (WebCore::XPath::Step::optimize):
        (WebCore::XPath::Step::predicatesAreContextListInsensitive):
        (WebCore::XPath::Step::evaluate):
        (WebCore::XPath::nodeMatches):
        * xml/XSLStyleSheetLibxslt.cpp:
        (WebCore::XSLStyleSheet::~XSLStyleSheet):
        (WebCore::XSLStyleSheet::isLoading):
        (WebCore::XSLStyleSheet::clearDocuments):
        (WebCore::XSLStyleSheet::locateStylesheetSubResource):
        * xml/XSLTProcessorLibxslt.cpp:
        (WebCore::xsltParamArrayFromParameterMap):

2015-05-19  Jon Lee  <jonlee@apple.com>

        Improve text rendering of placeholder
        https://bugs.webkit.org/show_bug.cgi?id=145135

        Reviewed by Eric Carlson.

        * Modules/mediacontrols/mediaControlsApple.css: The <p> elements of the wireless playback
        text are being popped out into separate layers, causing the text to render antialiased, which
        looks bad on non-retina machines. Explicitly set the background color (which is ok since the
        container element for the placeholder is also black). Also extend the height out 1pt to prevent
        clipping of descenders.
        (audio::-webkit-media-controls-wireless-playback-text-top): Set background color to black and add
        1 to the height.
        (audio::-webkit-media-controls-wireless-playback-text-bottom): Ditto.

2015-05-19  Jon Lee  <jonlee@apple.com>

        [iOS] Current time display should be right-aligned
        https://bugs.webkit.org/show_bug.cgi?id=145163
        rdar://problem/21014339

        Reviewed by Eric Carlson.

        * Modules/mediacontrols/mediaControlsiOS.css: Use flex-start and flex-end
        instead of right and left, similar to the Mac controls.
        (video::-webkit-media-controls-current-time-display):
        (video::-webkit-media-controls-time-remaining-display):

2015-05-14  Chris Fleizach  <cfleizach@apple.com>

        AX: Select text mechanism returns results outside of text control regions
        https://bugs.webkit.org/show_bug.cgi?id=145041

        Reviewed by Mario Sanchez Prada.

        The behavior of the select text mechanism (inside accessibility) should make sure that results
        returned stay within text control elements if the search was initiated inside a text control element.

        Test: platform/mac/accessibility/select-text-stays-inside-text-controls.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::rangeClosestToRange):
        (WebCore::AccessibilityObject::selectText):

2015-05-19  Chris Dumez  <cdumez@apple.com>

        Mark static variables as const when possible
        https://bugs.webkit.org/show_bug.cgi?id=145161

        Reviewed by Andreas Kling.

        * Modules/mediasession/WebMediaSessionManager.cpp:
        * Modules/mediasource/SourceBuffer.cpp:
        * Modules/webdatabase/SQLException.cpp:
        * dom/DOMCoreException.cpp:
        * inspector/NetworkResourcesData.cpp:
        * loader/icon/IconDatabase.cpp:
        (WebCore::urlForLogging):
        * page/AutoscrollController.cpp:
        * page/Page.cpp:
        * platform/RuntimeApplicationChecksIOS.mm:
        (WebCore::applicationIsAdSheet):
        (WebCore::applicationIsMobileMail):
        (WebCore::applicationIsMobileSafari):
        (WebCore::applicationIsDumpRenderTree):
        (WebCore::applicationIsWebApp):
        (WebCore::applicationIsOkCupid):
        (WebCore::applicationIsFacebook):
        (WebCore::applicationIsEpicurious):
        (WebCore::applicationIsDaijisenDictionary):
        (WebCore::applicationIsNASAHD):
        (WebCore::applicationIsMASH):
        (WebCore::applicationIsTheEconomistOnIPhone):
        (WebCore::applicationIsWebProcess):
        (WebCore::applicationIsIBooksOnIOS):
        * platform/audio/HRTFElevation.cpp:
        * platform/audio/mac/AudioHardwareListenerMac.cpp:
        (WebCore::processIsRunningPropertyDescriptor):
        (WebCore::outputDevicePropertyDescriptor):
        * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::toCoreTextFontWeight):
        (WebCore::toAppKitFontWeight):
        (WebCore::toNSFontWeight):
        * platform/mac/ScrollAnimatorMac.mm:
        (supportsUIStateTransitionProgress):
        (supportsExpansionTransitionProgress):
        (supportsContentAreaScrolledInDirection):
        * platform/mac/ScrollbarThemeMac.mm:
        * platform/mac/WebCoreNSURLExtras.mm:
        (WebCore::dataForURLComponentType):
        * platform/mock/ScrollbarThemeMock.cpp:
        * platform/text/icu/UTextProviderLatin1.cpp:
        * platform/text/ios/LocalizedDateCache.mm:
        (WebCore::LocalizedDateCache::calculateMaximumWidth):
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlockFlow::matchedEndLine):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintTranslucentBorderSides):
        * rendering/RenderFrameBase.cpp:
        (WebCore::shouldExpandFrame):
        * rendering/RenderTableSection.cpp:
        * rendering/RenderThemeIOS.mm:
        (WebCore::getInsetGradient):
        (WebCore::getShineGradient):
        (WebCore::getShadeGradient):
        (WebCore::getConvexGradient):
        (WebCore::getConcaveGradient):
        (WebCore::getSliderTrackGradient):
        (WebCore::getReadonlySliderTrackGradient):
        (WebCore::getSliderThumbOpaquePressedGradient):
        (WebCore::RenderThemeIOS::paintCheckboxDecorations):
        (WebCore::RenderThemeIOS::paintRadioDecorations):
        * rendering/RenderThemeMac.mm:
        (WebCore::toFontWeight):
        (WebCore::TopGradientInterpolate):
        (WebCore::BottomGradientInterpolate):
        (WebCore::MainGradientInterpolate):
        (WebCore::TrackGradientInterpolate):

2015-05-18  Gyuyoung Kim  <gyuyoung.kim@webkit.org>

        Use Ref instead of PassRefPtr in WebCore/bindings
        https://bugs.webkit.org/show_bug.cgi?id=144981

        Reviewed by Darin Adler.

        As a step to purge PassRefPtr, remove PassRefPtr in WebCore/bindings.

        No new tests, no behavior changes.

        * bindings/gobject/GObjectNodeFilterCondition.h:
        (WebCore::GObjectNodeFilterCondition::create):
        * bindings/gobject/GObjectXPathNSResolver.h:
        (WebCore::GObjectXPathNSResolver::create):
        * bindings/js/JSCustomXPathNSResolver.cpp:
        (WebCore::JSCustomXPathNSResolver::create):
        * bindings/js/JSCustomXPathNSResolver.h:
        * bindings/js/JSDOMGlobalObjectTask.cpp:
        * bindings/js/JSErrorHandler.h:
        (WebCore::JSErrorHandler::create):
        * bindings/js/JSLazyEventListener.cpp:
        (WebCore::JSLazyEventListener::createForNode):
        (WebCore::JSLazyEventListener::createForDOMWindow):
        * bindings/js/JSLazyEventListener.h:
        * bindings/js/JSMutationCallback.h:
        (WebCore::JSMutationCallback::create):
        * bindings/js/JSNodeFilterCondition.h:
        (WebCore::JSNodeFilterCondition::create):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::SerializedScriptValue::create):
        (WebCore::SerializedScriptValue::numberValue):
        (WebCore::SerializedScriptValue::undefinedValue):
        (WebCore::SerializedScriptValue::nullValue):
        * bindings/js/SerializedScriptValue.h:
        * bindings/objc/ObjCEventListener.h:
        * bindings/objc/ObjCEventListener.mm:
        (WebCore::ObjCEventListener::wrap):
        * bindings/objc/ObjCNodeFilterCondition.h:
        (WebCore::ObjCNodeFilterCondition::create):

2015-05-18  Csaba Osztrogonác  <ossy@webkit.org>

        Fix uninitialized warnings in RealtimeMediaSourceCenterOwr.cpp
        https://bugs.webkit.org/show_bug.cgi?id=145119

        Reviewed by Gyuyoung Kim.

        * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.cpp:
        (WebCore::RealtimeMediaSourceCenterOwr::validateRequestConstraints):
        (WebCore::RealtimeMediaSourceCenterOwr::mediaSourcesAvailable):

2015-05-18  Michael Catanzaro  <mcatanzaro@igalia.com>

        [CMake] Ignore warnings in system headers
        https://bugs.webkit.org/show_bug.cgi?id=144747

        Reviewed by Darin Adler.

        Separate include directories into WebKit project includes and system includes. Suppress all
        warnings from headers in system include directories using the SYSTEM argument to
        the include_directories command.

        * CMakeLists.txt:
        * PlatformEfl.cmake:
        * PlatformGTK.cmake:
        * PlatformMac.cmake:

2015-05-18  Myles C. Maxfield  <mmaxfield@apple.com>

        Addressing post-review comments on r184353
        https://bugs.webkit.org/show_bug.cgi?id=145146

        Reviewed by Benjamin Poulain.

        See per-file comments.

        No new tests because there is no behavior change.

        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::fontWithFamilySpecialCase): Use equalIgnoringASCIICase() AtomicString overload.
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::updateCachedSystemFontDescription): Implement Ben's ideas for
        cheaply constructing AtomicStrings only when necessary.

2015-05-18  Skachkov Alexandr  <gskachkov@gmail.com>

        [ES6] Arrow function syntax. Feature flag for arrow function
        https://bugs.webkit.org/show_bug.cgi?id=145108

        Reviewed by Ryosuke Niwa.

        Added feature flag ENABLE_ES6_ARROWFUNCTION_SYNTAX for arrow function

        * Configurations/FeatureDefines.xcconfig:

2015-05-18  Brent Fulgham  <bfulgham@apple.com>

        REGRESSION(142590): Scroll-snap points are improperly snapping to earlier index values
        https://bugs.webkit.org/show_bug.cgi?id=145140
        <rdar://problem/21006738>

        Reviewed by Beth Dakin.

        The new "nearestActiveSnapPoint" logic is firing while scroll snap animations are running. We need
        to add an "isScrollSnapInProgress" predicate, much like the existing "isRubberBandInProgress" to avoid
        certain "fix-up" logic that we don't want running while we are in the process of moving to a new position.

        * platform/ScrollAnimator.h:
        (WebCore::ScrollAnimator::ScrollAnimator::isScrollSnapInProgress): Added.
        * platform/ScrollableArea.cpp:
        (WebCore::ScrollableArea::updateScrollSnapState): If we are in the midst of a scroll snap operation,
        do not attempt to reset position to the current active snap point.
        * platform/cocoa/ScrollController.h:
        * platform/cocoa/ScrollController.mm:
        (WebCore::ScrollController::isScrollSnapInProgress): Added.
        * platform/mac/ScrollAnimatorMac.h:
        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::ScrollAnimatorMac::isScrollSnapInProgress): Added.

2015-05-17  Manuel Rego Casasnovas  <rego@igalia.com>

        [CSS Grid Layout] Add scrollbar width in intrinsic logical widths computation
        https://bugs.webkit.org/show_bug.cgi?id=145021

        Like for flexboxes we've to take into account the scrollbar logical
        width while computing the intrinsic min and max logical widths.

        Reviewed by Sergio Villar Senin.

        Test: fast/css-grid-layout/compute-intrinsic-widths-scrollbar.html

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::computeIntrinsicLogicalWidths): Add scrollbar
        logical width.

2015-05-17  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] Delegate ReadableStreamReader reference counting to ReadableStream
        https://bugs.webkit.org/show_bug.cgi?id=144907

        Reviewed by Darin Adler.

        Changed the link between readadable stream and reader.
        Controller ref()/deref() now increments/decrements its stream ref counter, similarly to ReadableStreamController.
        This ensures that even if JS scripts do not keep track of the readable stream,
        the readable stream will not be disposed as long as the JS script has access to its reader.

        All readers of a given stream are kept by the stream, either in an array (for released readers) 
        or and in ReadableStream::m_reader for the active reader.
        This removes the need for the code synchronizing stream and reader.

        As a reader can now already count on its stream, the reader no longer needs to store the error in errored state.
        Removal of ReadableJSStream::Reader as closed promise rejection error is directly retrieved from the ReadableStream.
        Moved the creation of reader directly in ReadableStream.

        Next step should be to remove ReadableStreamReader::m_state and to delegate the handling of ReadableStreamReader closed promise callbacks to ReadableStream.

        No change in behavior.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::changeStateToClosed):
        (WebCore::ReadableStream::changeStateToErrored):
        (WebCore::ReadableStream::getReader):
        * Modules/streams/ReadableStream.h:
        (WebCore::ReadableStream::reader):
        * Modules/streams/ReadableStreamReader.cpp:
        (WebCore::ReadableStreamReader::clean):
        (WebCore::ReadableStreamReader::ref):
        (WebCore::ReadableStreamReader::deref):
        (WebCore::ReadableStreamReader::closed):
        (WebCore::ReadableStreamReader::changeStateToClosed):
        (WebCore::ReadableStreamReader::changeStateToErrored):
        * Modules/streams/ReadableStreamReader.h:
        (WebCore::ReadableStreamReader::ReadableStreamReader):
        * Modules/streams/ReadableStreamReader.idl:
        * bindings/js/JSReadableStreamCustom.cpp:
        (WebCore::JSReadableStream::getReader):
        * bindings/js/JSReadableStreamReaderCustom.cpp:
        (WebCore::JSReadableStreamReader::closed):
        (WebCore::constructJSReadableStreamReader):
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::storeError):
        (WebCore::ReadableJSStream::ReadableJSStream): Deleted.
        * bindings/js/ReadableJSStream.h:

2015-05-17  Alexey Proskuryakov  <ap@apple.com>

        Crash when uploading huge files to YouTube or Google Drive
        https://bugs.webkit.org/show_bug.cgi?id=145083
        rdar://problem/15468529

        Reviewed by Darin Adler.

        This fixes the crash, but uploading will fail.

        * fileapi/FileReaderLoader.cpp:
        (WebCore::FileReaderLoader::start): Tell SubresourceLoader to not store a copy of
        all received data, FileReaderLoader has its own buffer.
        (WebCore::FileReaderLoader::didReceiveResponse): Fixed a bounds check - not every
        64-bit value that doesn't fit into 32 bits is negative. With this, FileReader fails
        on huge files right away, as intended.
        (WebCore::FileReaderLoader::didReceiveData): Fixed multiple bugs in code that's
        executed when size is not available upfront. This is the code that used to crash,
        but with the above fix, it's not executed by YouTube.
        Not only overflow was handled incorrectly, but even simply growing a buffer for
        append was buggy.

2015-05-16  Zalan Bujtas  <zalan@apple.com>

        REGRESSION (Subpixel): Dashed underline is missing when box is positioned at subpixels.
        https://bugs.webkit.org/show_bug.cgi?id=145097
        rdar://problem/18588415

        Reviewed by Simon Fraser.

        Dashed and dotted border painting needs clipping in order to properly display corners.
        Similarly to solid border's quad calculation, we pixelsnap the border positions before computing the clipping quad values.

        Test: fast/borders/dashed-border-on-subpixel-position.html
              fast/borders/dotted-border-on-subpixel-position.html

        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::clipBorderSidePolygon):

2015-05-16  Sungmann Cho  <sungmann.cho@navercorp.com>

        Remove styleText() and applyStyleText() from InspectorStyle.
        https://bugs.webkit.org/show_bug.cgi?id=145093

        Reviewed by Darin Adler.

        styleText() and applyStyleText() in InspectorStyle are private aliases for the public
        accessors in the same class but are rarely used. I think it would be better off removing
        these aliases and updating all the current call sites to use the public accessors directly
        as noted in InspectorStyleSheet.h.

        No new tests, no behavior change.

        * inspector/InspectorStyleSheet.cpp:
        (WebCore::InspectorStyle::populateAllProperties):
        * inspector/InspectorStyleSheet.h:

2015-05-16  Sungmann Cho  <sungmann.cho@navercorp.com>

        Remove MessageType variant of addMessageToConsole() from ChromeClient.
        https://bugs.webkit.org/show_bug.cgi?id=145095

        Reviewed by Darin Adler.

        All addMessageToConsole() in ChromeClient are exactly the same thing.
        So there is no reason to keep all this methods.

        No new tests, no behavior change.

        * page/ChromeClient.h:
        * page/PageConsoleClient.cpp:
        (WebCore::PageConsoleClient::messageWithTypeAndLevel):

2015-05-15  Sam Weinig  <sam@webkit.org>

        Add getElementById to DocumentFragment
        https://bugs.webkit.org/show_bug.cgi?id=145094

        Reviewed by Alexey Proskuryakov.

        Match the latest DOM standard and other browsers by adding getElementById
        to DocumentFragment in addition to Document and SVGSVGElement. Add NonElementParentNode
        interface that the DOM standard defines.

        Test: fast/dom/DocumentFragment/getElementById.html

        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:
        Add NonElementParentNode.idl

        * dom/Document.idl:
        Mark Document as implementing NonElementParentNode and remove now redundant getElementById
        declaration.

        * dom/DocumentFragment.cpp:
        (WebCore::DocumentFragment::getElementById):
        * dom/DocumentFragment.h:
        Add implementation of getElementById for DocumentFragments. Add a fast path for ShadowRoots
        which can take advantage of the fact that they are TreeScopes to use the elements by id cache
        in TreeScrope.

        * dom/DocumentFragment.idl:
        Mark DocumentFragment as implementing NonElementParentNode.

        * dom/NonElementParentNode.idl: Copied from Source/WebCore/dom/NonDocumentTypeChildNode.idl.
        Added.

        * svg/SVGSVGElement.cpp:
        (WebCore::SVGSVGElement::getElementById):
        * svg/SVGSVGElement.h:
        * svg/SVGSVGElement.idl:
        Convert to taking an AtomicString to match other getElementByIds.

2015-05-15  Antti Koivisto  <antti@apple.com>

        When redirecting to data URL use HTTP response for same origin policy checks
        https://bugs.webkit.org/show_bug.cgi?id=145054
        rdar://problem/20299050

        Reviewed by Alexey Proskuryakov.

        Test: http/tests/security/canvas-remote-read-data-url-image-redirect.html

        * dom/ScriptElement.cpp:
        (WebCore::ScriptElement::notifyFinished):
        * dom/ScriptExecutionContext.cpp:
        (WebCore::ScriptExecutionContext::sanitizeScriptError):
        * html/canvas/CanvasRenderingContext.cpp:
        (WebCore::CanvasRenderingContext::wouldTaintOrigin):
        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::notifyFinished):
        * loader/MediaResourceLoader.cpp:
        (WebCore::MediaResourceLoader::responseReceived):
        * loader/TextTrackLoader.cpp:
        (WebCore::TextTrackLoader::notifyFinished):
        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::isOriginClean):
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::passesAccessControlCheck):
        (WebCore::CachedResource::passesSameOriginPolicyCheck):

            Factor repeatedly used same origin policy test into a function.

        (WebCore::CachedResource::redirectReceived):

            When redirecting to a data URL save the redirect response.

        (WebCore::CachedResource::responseForSameOriginPolicyChecks):

            In case we got redirected to data use that response instead of the final data response for policy checks.

        * loader/cache/CachedResource.h:

2015-05-16  Jon Lee  <jonlee@apple.com>

        [iOS] wireless playback picker button is drawn incorrectly
        https://bugs.webkit.org/show_bug.cgi?id=145057
        rdar://problem/20877518

        Reviewed by Jer Noble.

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.updateWirelessTargetPickerButton): This method is
        defined in Controller, but is only meant to run on Macs. Override it with
        an empty function for iOS.

2015-05-15  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r183300): Background missing on top links on apple.com
        https://bugs.webkit.org/show_bug.cgi?id=145079
        rdar://problem/20914252

        Reviewed by Tim Horton.
        
        Re-land r184421 with a fix to check against rects.coverageRect
        rather than the stale m_coverageRect.

        Test: compositing/visible-rect/backing-change-height-from-zero.html

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::setVisibleAndCoverageRects):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::shouldSkipLayerInDump):

2015-05-15  Matt Baker  <mattbaker@apple.com>

        Web Inspector: REGRESSION (r181625): Timeline recording started from console.profile is always empty
        https://bugs.webkit.org/show_bug.cgi?id=144882

        Reviewed by Joseph Pecoraro.

        A timeline recording will always be stopped before the end of the current run loop is observed. Before
        dispatching the recording stopped event, any events that are currently in progress should be considered
        complete and sent to the frontend.

        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::internalStop):

2015-05-15  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r184421.
        https://bugs.webkit.org/show_bug.cgi?id=145087

        Introduced 42 layout test failures (Requested by rniwa on
        #webkit).

        Reverted changeset:

        "REGRESSION (r183300): Background missing on top links on
        apple.com"
        https://bugs.webkit.org/show_bug.cgi?id=145079
        http://trac.webkit.org/changeset/184421

2015-05-15  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r183300): Background missing on top links on apple.com
        https://bugs.webkit.org/show_bug.cgi?id=145079
        rdar://problem/20914252

        Reviewed by Tim Horton.

        GraphicsLayerCA::setVisibleAndCoverageRects() only set the m_intersectsCoverageRect
        flag if the coverage rect changed, but it doesn't if you simply change the size of
        the layer.

        Instead, always re-evaluate the intersection, and set the CoverageRectChanged bit
        if it changes.

        Test: compositing/visible-rect/backing-change-height-from-zero.html

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::setVisibleAndCoverageRects):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::shouldSkipLayerInDump): Don't skip any layers in a
        debug layer dump, to assist debugging.

2015-05-15  Sam Weinig  <sam@webkit.org>

        Move HTMLElement's children property to ParentNode
        https://bugs.webkit.org/show_bug.cgi?id=145072

        Reviewed by Chris Dumez.

        Match the latest DOM standard and other browsers by moving the children property
        to ParentNode, thus exposing it on Element, Document and DocumentFragment.

        Test: fast/dom/ParentNode-children.html

        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::children):
        Moved implementation from HTMLElement to here.

        (WebCore::ContainerNode::ensureCachedHTMLCollection):
        (WebCore::ContainerNode::cachedHTMLCollection):
        Moved implementation from Element to here so that ContainerNode::children
        can use it.

        (WebCore::ContainerNode::firstElementChild):
        (WebCore::ContainerNode::lastElementChild):
        (WebCore::ContainerNode::childElementCount):
        Remove unnecessary assertions.

        * dom/ContainerNode.h:
        Moved declarations from HTMLElement and Element to here.

        * dom/Element.cpp:
        (WebCore::Element::ensureCachedHTMLCollection): Deleted.
        (WebCore::Element::cachedHTMLCollection): Deleted.
        * dom/Element.h:
        Moved to ContainerNode.

        * dom/Node.cpp:
        (WebCore::Node::previousElementSibling):
        (WebCore::Node::nextElementSibling):
        Remove unnecessary assertions.

        * dom/ParentNode.idl:
        Moved the children property here from HTMLElement.

        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::children): Deleted.
        * html/HTMLElement.h:
        Moved to ContainerNode.

        * html/HTMLElement.idl:
        Get rid of the children property for all bindings except Objective-C which needs
        to keep it to avoid changing the public API.

2015-05-15  Zalan Bujtas  <zalan@apple.com>

        WebCore ASan debug build fails. ERROR: WebCore has a weak external symbol in it.
        https://bugs.webkit.org/show_bug.cgi?id=145070

        Reviewed by David Kilzer.

        Build fix.

        * Configurations/WebCore.unexp:

2015-05-15  Beth Dakin  <bdakin@apple.com>

        Prefix force on MouseEvent and add constants for click and force click values
        https://bugs.webkit.org/show_bug.cgi?id=145065
        -and corresponding-
        rdar://problem/20770052

        Reviewed by Tim Horton.

        (WebCore::MouseEvent::webkitForce):
        * dom/MouseEvent.idl:

2015-05-15  Jer Noble  <jer.noble@apple.com>

        [MediaControls] Refactor media controls & bring improvements made to iOS controls to Mac.
        https://bugs.webkit.org/show_bug.cgi?id=144973

        Reviewed by Dean Jackson.

        Pull improvements made to the iOS media controls back into the Mac controls by moving
        code from mediaControlsiOS.js into MediaControlsApple.js.

        The largest refactored feature is the ability to drop individual controls from the media
        controls when the video is too small to contain them. To allow these controls to resize
        dynamically, a new "resize" event is fired inside the media element's shadow DOM.

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-panel .dropped): Added; sets "display: none".
        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller): Set defaults for new variables.
        (Controller.prototype.updateControls): Update the controls width; moved from iOS.js.
        (Controller.prototype.handleReadyStateChange): Update the controls; moved from iOS.js.
        (Controller.prototype.handleTimeUpdate): Update the progress; moved from iOS.js.
        (Controller.prototype.handleTimelineInput): Pause if scrubbing; moved from iOS.js.
        (Controller.prototype.handleTimelineChange): Update the progress; moved from iOS.js.
        (Controller.prototype.showControls): Update the controls width; moved from iOS.js.
        (Controller.prototype.hideControls): Removed _potentiallyScrubbing check; not needed due to changes
            to controlsAlwaysVisible().
        (Controller.prototype.scheduleUpdateLayoutForDisplayedWidth): Moved from iOS.js.
        (Controller.prototype.isControlVisible): Added; checks whether control is parented & not hidden.
        (Controller.prototype.updateLayoutForDisplayedWidth): Moved from iOS.js and refactored.
        (Controller.prototype.controlsAlwaysVisible): Return true if scrubbing.
        (Controller.prototype.updateHasAudio): Check currentPlaybackTargetIsWireless(); moved from iOS.js.
        (Controller.prototype.get scrubbing): Simple getter for _scrubbing.
        (Controller.prototype.set scrubbing): Check play state if scrubbing; start playback (if necessary)
            if not scrubbing.
        (Controller.prototype.get pageScaleFactor): Moved from iOS.js.
        (Controller.prototype.set pageScaleFactor): Ditto.
        (Controller.prototype.handleRootResize): Schedule an update of the contrtols width.

        Remove a bunch of newly unnecessary code from the iOS media controls:

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS):
        (ControllerIOS.prototype.createControls): Remove ivars moved into Apple.js.
        (ControllerIOS.prototype.configureInlineControls): Remove spacer; made unnecessary.
        (ControllerIOS.prototype.showControls): Deleted.
        (ControllerIOS.prototype.updateTime): Deleted.
        (ControllerIOS.prototype.handleTimelineTouchStart): Just call "scrubbing = true", handled in Apple.js.
        (ControllerIOS.prototype.handleTimelineTouchEnd): Just call "scrubbing = false", handled in Apple.js.
        (ControllerIOS.prototype.handleReadyStateChange): Deleted.
        (ControllerIOS.prototype.setPlaying): Don't check _timelineIsHidden; not needed.
        (ControllerIOS.prototype.get pageScaleFactor): Deleted.
        (ControllerIOS.prototype.set pageScaleFactor): Deleted.
        (ControllerIOS.prototype.scheduleUpdateLayoutForDisplayedWidth): Deleted.
        (ControllerIOS.prototypeupdateLayoutForDisplayedWidth): Deleted.

        Fire a "resize" event at the shadow DOM root when layout results in a size change.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::layoutSizeChanged): Fire the "resize" event at the shadow DOM.
        * html/HTMLMediaElement.h:
        * rendering/RenderMedia.cpp:
        (WebCore::RenderMedia::layout): Trigger layoutSizeChanged()
        * rendering/RenderMedia.h:

        Drive-by fixes:

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.createControls): aria-label text is totally wrong; removed.
        (Controller.prototype.updateWirelessPlaybackStatus): Use class-names to hide controls, not inline styles.

2015-05-15  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Fail to load old content extension files
        https://bugs.webkit.org/show_bug.cgi?id=145027

        Reviewed by Eric Carlson.

        * contentextensions/DFABytecode.h:

2015-05-15  Eric Carlson  <eric.carlson@apple.com>

        Unreviewed build fix.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: Add clang pragmas to ignore
        deprecation warnings.

2015-05-15  Jeremy Jones  <jeremyj@apple.com>

        Limit alternate fullscreen with linked on or after.
        https://bugs.webkit.org/show_bug.cgi?id=144894

        Reviewed by Dean Jackson.

        * platform/ios/WebCoreSystemInterfaceIOS.h: add new wkIOSSystemVersion

2015-05-15  Roger Fong  <roger_fong@apple.com>

        Unreviewed. Revert part of r184361.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.configureInlineControls):
        HI wants the buttons flipped.

2015-05-15  Sungmann Cho  <sungmann.cho@navercorp.com>

        Fix trivial typo in TextEncodingDetectorICU.cpp.
        https://bugs.webkit.org/show_bug.cgi?id=145055

        Reviewed by Alexey Proskuryakov.

        No new tests, no behavior change..

        * platform/text/TextEncodingDetectorICU.cpp:
        (WebCore::detectTextEncoding):

2015-05-15  Alexey Proskuryakov  <ap@apple.com>

        Cyrillic top-level domains are displayed as punycode
        https://bugs.webkit.org/show_bug.cgi?id=145024
        rdar://problem/17747133
        rdar://problem/14116594

        Reviewed by Tim Horton.

        Handling each TLD in code is annoying, but we can probably survive like this
        for a few more years, and maybe we'll think of an entirely different way to deal
        with non-ASCII domain labels in the meanwhile.

        * platform/mac/WebCoreNSURLExtras.mm:
        (WebCore::isSecondLevelDomainNameAllowedByTLDRules):
        (WebCore::allCharactersAllowedByTLDRules):

2015-05-15  Roger Fong  <roger_fong@apple.com>

        Cursor is displayed after full screen video controls fade away.
        https://bugs.webkit.org/show_bug.cgi?id=145034.
        <rdar://problem/20458604>

        Reviewed by Jer Noble.

        * Modules/mediacontrols/mediaControlsApple.css:
        (video::-webkit-media-controls-panel):
        Unnecessary cursor style is on the control panel while hidden but
        the cursor will already be hidden anyways from being auto-hidden.
        Causes style to change when controls are hidden,
        which causes the cursor to reappear.

2015-05-15  Roger Fong  <roger_fong@apple.com>

        Checkmark on OFF option of captions sometimes does not appear.
        https://bugs.webkit.org/show_bug.cgi?id=145060.
        <rdar://problem/19388333>

        Reviewed by Eric Carlson.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.buildCaptionMenu):
        Audio tracks don’t have an OFF option.
        Remove related code to allow OFF option for subtitles to work properly.

2015-05-15  Zalan Bujtas  <zalan@apple.com>

        White edge on animating panel on http://rokkosunnyvale.com
        https://bugs.webkit.org/show_bug.cgi?id=144986
        rdar://problem/20907683

        Reviewed by Simon Fraser.

        Background image geometry calculation needs to be based on the final painting size of the container
        in order to accurately compute tile sizes, repeating positions etc.
        The container's size is pixelsnapped at painting using absolute coordinates. This patch
        ensures that we snap to the same size while computing background geometry.

        Test: fast/images/background-image-size-changes-fractional-position.html

        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::paintBoxDecorations):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::paintBoxDecorations):
        (WebCore::RenderBox::paintBackground):
        (WebCore::RenderBox::getBackgroundPaintedExtent):
        (WebCore::RenderBox::computeBackgroundIsKnownToBeObscured):
        (WebCore::RenderBox::maskClipRect):
        (WebCore::RenderBox::repaintLayerRectsForImage): unable to get absolute coords.
        * rendering/RenderBox.h:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry):
        (WebCore::RenderBoxModelObject::getGeometryForBackgroundImage):
        (WebCore::RenderBoxModelObject::boxShadowShouldBeAppliedToBackground):
        * rendering/RenderBoxModelObject.h:
        * rendering/RenderFieldset.cpp:
        (WebCore::RenderFieldset::paintBoxDecorations):
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::boxShadowShouldBeAppliedToBackground):
        (WebCore::RenderImage::computeBackgroundIsKnownToBeObscured):
        * rendering/RenderImage.h:
        * rendering/RenderLayer.cpp: unable to get absolute coords.
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateDirectlyCompositedBackgroundImage): currently not used.
        * rendering/RenderObject.h:
        (WebCore::RenderObject::computeBackgroundIsKnownToBeObscured):
        (WebCore::RenderObject::backgroundIsKnownToBeObscured):
        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::paintBoxDecorations):
        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::boxShadowShouldBeAppliedToBackground):
        * rendering/RenderTableCell.h:

2015-05-15  Jer Noble  <jer.noble@apple.com>

        Crash in RenderFlowThread::popFlowThreadLayoutState() due to mismatched push/pop count
        https://bugs.webkit.org/show_bug.cgi?id=145042

        Reviewed by David Hyatt.

        RenderFlowThread previously used a ListHashSet to store its stack of active objects. This
        is problematic because, if the same object is pushed twice, only a single entry of that
        object is added to the stack. After this occurs, a matching number of pushes will pop too
        many items off the stack, causing a crash when popping a stack with zero items. This
        specifically happens in FrameView::layout(), which will push its root renderer on the stack
        of active items, and then ask the root to layout(), which will attempt to push itself on the
        stack of active items.

        Instead of a ListHashSet, use a Vector, which has similar memory characteristics and no 
        uniqueness requirements.

        * rendering/RenderFlowThread.cpp:
        (WebCore::RenderFlowThread::pushFlowThreadLayoutState):
        (WebCore::RenderFlowThread::popFlowThreadLayoutState):
        * rendering/RenderFlowThread.h:

2015-05-15  Per Arne Vollan  <peavo@outlook.com>

        [Curl] WebSocket platform part is not implemented.
        https://bugs.webkit.org/show_bug.cgi?id=144628

        Reviewed by Darin Adler.

        Add Curl platform code implementation for WebSockets.

        * platform/network/curl/SocketStreamHandle.h:
        (WebCore::SocketStreamHandle::create):
        (WebCore::SocketStreamHandle::SocketData::SocketData):
        * platform/network/curl/SocketStreamHandleCurl.cpp:
        (WebCore::SocketStreamHandle::SocketStreamHandle):
        (WebCore::SocketStreamHandle::~SocketStreamHandle):
        (WebCore::SocketStreamHandle::platformSend):
        (WebCore::SocketStreamHandle::platformClose):
        (WebCore::SocketStreamHandle::readData):
        (WebCore::SocketStreamHandle::sendData):
        (WebCore::SocketStreamHandle::waitForAvailableData):
        (WebCore::SocketStreamHandle::startThread):
        (WebCore::SocketStreamHandle::stopThread):
        (WebCore::SocketStreamHandle::didReceiveData):
        (WebCore::SocketStreamHandle::didOpenSocket):
        (WebCore::SocketStreamHandle::createCopy):

2015-05-14  Carlos Garcia Campos  <cgarcia@igalia.com>

        REGRESSION(r183861): [SOUP] Downloads are broken when using the Network Process
        https://bugs.webkit.org/show_bug.cgi?id=144738

        Reviewed by Alexey Proskuryakov.

        Add ResourceHandle::releaseForDownload() that releases the current
        handle to be used as a download.

        * platform/network/ResourceHandle.h:
        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::ResourceHandle::releaseForDownload):

2015-05-15  Zan Dobersek  <zdobersek@igalia.com>

        [GTK] Fix PlatformDisplayWayland construction error, implement the destructor
        https://bugs.webkit.org/show_bug.cgi?id=144997

        Reviewed by Carlos Garcia Campos.

        The PlatformDisplayWayland constructor is private, so we can't use
        std::make_unique<>() to construct an object of this class.

        Implement the PlatformDisplayWayland destructor, cleaning out all
        the Wayland resources, if present.

        * platform/graphics/wayland/PlatformDisplayWayland.cpp:
        (WebCore::PlatformDisplayWayland::create):
        (WebCore::PlatformDisplayWayland::PlatformDisplayWayland):
        (WebCore::PlatformDisplayWayland::~PlatformDisplayWayland):

2015-05-14  Zalan Bujtas  <zalan@apple.com>

        Images on www.fitstylelife.com jiggle on hover.
        https://bugs.webkit.org/show_bug.cgi?id=145020
        rdar://problem/20885337

        Reviewed by Simon Fraser.

        This patch ensures that the clipping layer of a composited content is pixel snapped properly.

        Tests: compositing/composited-parent-clipping-layer-on-subpixel-position.html
               compositing/parent-clipping-layer-on-subpixel-position.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateGeometry):

2015-05-14  Chris Dumez  <cdumez@apple.com>

        Have DOMWindow::createWindow() take references to frames
        https://bugs.webkit.org/show_bug.cgi?id=145037

        Reviewed by Gyuyoung Kim.

        Have DOMWindow::createWindow() take references to frames instead of
        pointers as they are expected to be non-null. Also return a RefPtr
        instead of a PassRefPtr.

        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorFrontendClientLocal::openInNewTab):
        * loader/FrameLoader.cpp:
        (WebCore::createWindow):
        * loader/FrameLoader.h:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::createWindow):
        (WebCore::DOMWindow::open):
        (WebCore::DOMWindow::showModalDialog):
        * page/DOMWindow.h:

2015-05-14  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r183794): Garbage tiles when body background switches to fixed
        https://bugs.webkit.org/show_bug.cgi?id=145032
        rdar://problem/20963679

        Reviewed by Dean Jackson.
        
        After r183794 (or possibly an earlier commit), we failed to dynamically update
        the configuration of layers that handled fixed background attachment on the root.
        
        This would result in unpainted tiles, and non-fixed-background behavior.
        
        Fix by calling RenderLayerCompositor::rootOrBodyStyleChanged() whenever the
        style changes on the root or body renderers, and triggering a compositing update
        if the fixedness of the background changes. It calls the existing rootBackgroundTransparencyChanged()
        if the color changes.

        Test: platform/mac-wk2/tiled-drawing/toggle-to-fixed-background.html

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::styleDidChange):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::rootOrBodyStyleChanged):
        (WebCore::RenderLayerCompositor::rootBackgroundTransparencyChanged):
        * rendering/RenderLayerCompositor.h:

2015-05-14  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r184359 and r184362.
        https://bugs.webkit.org/show_bug.cgi?id=145035

        Introduced a crash in six media element tests (Requested by
        rniwa on #webkit).

        Reverted changesets:

        "[MediaControls] Refactor media controls & bring improvements
        made to iOS controls to Mac."
        https://bugs.webkit.org/show_bug.cgi?id=144973
        http://trac.webkit.org/changeset/184359

        "Unreviewed build fix after r184359; typo."
        http://trac.webkit.org/changeset/184362

2015-05-14  Jer Noble  <jer.noble@apple.com>

        Unreviewed build fix after r184359; typo.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::layoutSizeChanged):

2015-05-14  Roger Fong  <roger_fong@apple.com>

        Adjust button CSS and positioning in preparation.
        https://bugs.webkit.org/show_bug.cgi?id=144973.
        <rdar://problem/20306227>

        Reviewed by Dean Jackson.

        The only visual change here is the swapping of the rewind and play button positions.
        Also, position buttons based off of both left and right margins instead of just one of the two.
        This allows the controls drop off to work without having to use a spacer element to take the place
        of the timeline if the controls are too small.
        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-rewind-button):
        (audio::-webkit-media-controls-play-button):
        (audio::-webkit-media-controls-panel .mute-box):
        (audio::-webkit-media-controls-wireless-playback-picker-button):
        (audio::-webkit-media-controls-toggle-closed-captions-button):
        (audio::-webkit-media-controls-fullscreen-button):
        (audio::-webkit-media-controls-fullscreen-button.exit):
        (audio::-webkit-media-controls-time-remaining-display):
        (audio:-webkit-full-screen::-webkit-media-controls-toggle-closed-captions-button):
        (audio:-webkit-full-screen::-webkit-media-controls-wireless-playback-picker-button):
        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.configureInlineControls):

2015-05-14  Dean Jackson  <dino@apple.com>

        MediaControls: controls are live even when invisible
        https://bugs.webkit.org/show_bug.cgi?id=145029
        <rdar://problem/20865442>

        Reviewed by Jer Noble.

        When the controls are invisible they should ignore touch/mouse
        events.

        * Modules/mediacontrols/mediaControlsiOS.css: Add pointer-events: none where appropriate.
        (video::-webkit-media-controls-panel-container):
        (video::-webkit-media-controls-panel-background):
        (video::-webkit-media-controls-panel):
        (video::-webkit-media-controls-panel.paused):

2015-05-14  Jer Noble  <jer.noble@apple.com>

        [MediaControls] Refactor media controls & bring improvements made to iOS controls to Mac.
        https://bugs.webkit.org/show_bug.cgi?id=144973

        Reviewed by Dean Jackson.

        Pull improvements made to the iOS media controls back into the Mac controls by moving
        code from mediaControlsiOS.js into MediaControlsApple.js.

        The largest refactored feature is the ability to drop individual controls from the media
        controls when the video is too small to contain them. To allow these controls to resize
        dynamically, a new "resize" event is fired inside the media element's shadow DOM.

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-panel .dropped): Added; sets "display: none".
        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller): Set defaults for new variables.
        (Controller.prototype.updateControls): Update the controls width; moved from iOS.js.
        (Controller.prototype.handleReadyStateChange): Update the controls; moved from iOS.js.
        (Controller.prototype.handleTimeUpdate): Update the progress; moved from iOS.js.
        (Controller.prototype.handleTimelineInput): Pause if scrubbing; moved from iOS.js.
        (Controller.prototype.handleTimelineChange): Update the progress; moved from iOS.js.
        (Controller.prototype.showControls): Update the controls width; moved from iOS.js.
        (Controller.prototype.hideControls): Removed _potentiallyScrubbing check; not needed due to changes
            to controlsAlwaysVisible().
        (Controller.prototype.scheduleUpdateLayoutForDisplayedWidth): Moved from iOS.js.
        (Controller.prototype.isControlVisible): Added; checks whether control is parented & not hidden.
        (Controller.prototype.updateLayoutForDisplayedWidth): Moved from iOS.js and refactored.
        (Controller.prototype.controlsAlwaysVisible): Return true if scrubbing.
        (Controller.prototype.updateHasAudio): Check currentPlaybackTargetIsWireless(); moved from iOS.js.
        (Controller.prototype.get scrubbing): Simple getter for _scrubbing.
        (Controller.prototype.set scrubbing): Check play state if scrubbing; start playback (if necessary)
            if not scrubbing.
        (Controller.prototype.get pageScaleFactor): Moved from iOS.js.
        (Controller.prototype.set pageScaleFactor): Ditto.
        (Controller.prototype.handleRootResize): Schedule an update of the contrtols width.

        Remove a bunch of newly unnecessary code from the iOS media controls:

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS):
        (ControllerIOS.prototype.createControls): Remove ivars moved into Apple.js.
        (ControllerIOS.prototype.configureInlineControls): Remove spacer; made unnecessary.
        (ControllerIOS.prototype.showControls): Deleted.
        (ControllerIOS.prototype.updateTime): Deleted.
        (ControllerIOS.prototype.handleTimelineTouchStart): Just call "scrubbing = true", handled in Apple.js.
        (ControllerIOS.prototype.handleTimelineTouchEnd): Just call "scrubbing = false", handled in Apple.js.
        (ControllerIOS.prototype.handleReadyStateChange): Deleted.
        (ControllerIOS.prototype.setPlaying): Don't check _timelineIsHidden; not needed.
        (ControllerIOS.prototype.get pageScaleFactor): Deleted.
        (ControllerIOS.prototype.set pageScaleFactor): Deleted.
        (ControllerIOS.prototype.scheduleUpdateLayoutForDisplayedWidth): Deleted.
        (ControllerIOS.prototypeupdateLayoutForDisplayedWidth): Deleted.

        Fire a "resize" event at the shadow DOM root when layout results in a size change.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::layoutSizeChanged): Fire the "resize" event at the shadow DOM.
        * html/HTMLMediaElement.h:
        * rendering/RenderMedia.cpp:
        (WebCore::RenderMedia::layout): Trigger layoutSizeChanged()
        * rendering/RenderMedia.h:

        Drive-by fixes:

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.createControls): aria-label text is totally wrong; removed.
        (Controller.prototype.updateWirelessPlaybackStatus): Use class-names to hide controls, not inline styles.

2015-05-13  Ryosuke Niwa  <rniwa@webkit.org>

        Crash in ReplaceSelectionCommand::removeRedundantStylesAndKeepStyleSpanInline
        https://bugs.webkit.org/show_bug.cgi?id=119068

        Reviewed by Enrica Casucci.

        The bug was caused by makeInsertedContentRoundTrippableWithHTMLTreeBuilder not updating
        nodes kept tracked by insertedNodes and moveNodeOutOfAncestor stumbling upon it.

        Fixed the bug by updating insertedNodes in makeInsertedContentRoundTrippableWithHTMLTreeBuilder.

        Test: editing/inserting/insert-table-in-paragraph-crash.html

        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::ReplaceSelectionCommand::makeInsertedContentRoundTrippableWithHTMLTreeBuilder):
        (WebCore::ReplaceSelectionCommand::moveNodeOutOfAncestor):
        * editing/ReplaceSelectionCommand.h:

2015-05-14  Myles C. Maxfield  <mmaxfield@apple.com>

        [Mac] Expose more font weights for -apple-system
        https://bugs.webkit.org/show_bug.cgi?id=144707

        Reviewed by Simon Fraser.

        Previously, when we parsed a CSS declaration of the form font: keyword; where keyword
        is one of caption, icon, menu, message-box, small-caption, -webkit-mini-control, -webkit-small-control,
        or -webkit-control (which html.css does for form controls), we would ask the system what the appropriate
        system font is, get that font's family name, and synthesize a font-family CSS property for the element.
        Then, later when we actually go to look up the font, we would look up the font by family name using this
        information. However, this round-tripping of a font through a family name is actually lossy, and is not
        guaranteed to preserve system-font-ness (which we use for various things including metrics calculations).

        This patch modifies this logic to specify a token family name instead, which the font lookup code special
        cases (and reacts by making the appropriate system-font lookup call). This approach is currently how iOS
        handles these system fonts; this patch simply brings this approach to OS X.

        There is also an added progression here. We used to simply call [NSFont fontWithName:size:] on the system
        font family name (which the parser found for us) which entirely disregards weight. This means that we
        used to be getting synthesized bold in form controls which ask for a heavy weight. Migrating to this
        system-font aware call means that we get the real bold font instead of synthesized bold.

        Once this system-font-ness is guaranteed to be preserved between parsing time and font lookup time, we
        can safely migrate to using [NSFont systemFontOfSize:weight] instead of [NSFont systemFontOfSize:] on
        platforms which support it.

        Tests: fast/text/systemFont.html
               fast/css/css2-system-fonts.html
               fast/forms/select/optgroup-rendering.html
               fast/forms/validation-message-appearance.html

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseSystemFont): Add a comment regarding why we are bothering with expanding out
        the font property in the first place.
        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::FontCascade::primaryFontIsSystemFont): Update to use new system font tokens.
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::toNSFontWeight): New static method to map font weights to NSFontWeight constants available on
        Yosemite and later.
        (WebCore::fontWithFamilySpecialCase): Pull all these special-case font token name handling into a
        separate function, which returns an Optional.
        (WebCore::fontWithFamily):
        * platform/mac/ThemeMac.mm:
        (WebCore::ThemeMac::controlFont): Use the font token name instead of the generated system font family
        name.
        * platform/spi/mac/NSFontSPI.h: Add [NSFont systemFontWithSize:weight:] and the proper NSFontWeight
        constants.
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::updateCachedSystemFontDescription): Use the font token names instead of the
        generated system font family name.
        (WebCore::RenderThemeMac::setFontFromControlSize): Ditto.

2015-05-14  Roger Fong  <roger_fong@apple.com>

        Add internals setting to disable wireless playback availability for layout tests
        https://bugs.webkit.org/show_bug.cgi?id=145012.
        <rdar://problem/20946504>

        Reviewed by Eric Carlson.

        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::resetToConsistentState):
        (WebCore::InternalSettings::setWirelessPlaybackDisabled):
        * testing/InternalSettings.idl:

2015-05-14  Beth Dakin  <bdakin@apple.com>

        Change range of possible forces for mouseforcechanged DOM event
        https://bugs.webkit.org/show_bug.cgi?id=144987
        -and corresponding-
        rdar://problem/20472802

        Reviewed by Tim Horton.

        Change to a 0-3 range.
        * platform/PlatformMouseEvent.h:
        * platform/mac/PlatformEventFactoryMac.mm:
        (WebCore::PlatformMouseEventBuilder::PlatformMouseEventBuilder):

2015-05-14  Manuel Rego Casasnovas  <rego@igalia.com>

        Fix typo in RenderBox::instrinsicScrollbarLogicalWidth()
        https://bugs.webkit.org/show_bug.cgi?id=144999

        Reviewed by Sergio Villar Senin.

        Rename RenderBox::instrinsicScrollbarLogicalWidth() to
        RenderBox::intrinsicScrollbarLogicalWidth().

        No new tests, no behavior changes.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::computeIntrinsicLogicalWidths):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::computeIntrinsicLogicalWidths):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::intrinsicScrollbarLogicalWidth):
        (WebCore::RenderBox::instrinsicScrollbarLogicalWidth): Deleted.
        * rendering/RenderBox.h:
        * rendering/RenderDeprecatedFlexibleBox.cpp:
        (WebCore::RenderDeprecatedFlexibleBox::computeIntrinsicLogicalWidths):
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::computeIntrinsicLogicalWidths):

2015-05-14  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        SharedBuffer::createWithContentsOfFile should use map file routines
        https://bugs.webkit.org/show_bug.cgi?id=144192

        Reviewed by Darin Adler.

        Made use of mmap routines within SharedBuffer::createWithContentsOfFile for EFL, GTK and Mac ports.
        If mapping is failing, it falls back to the previous version of SharedBuffer::createWithContentsOfFile renamed as
        SharedBuffer::createFromReadingFile (using open/read method).
        File content is mapped until SharedBuffer is cleared, destroyed or additional content is appended to the SharedBuffer.

        A helper class, MappedFileData, is introduced to handle mapped files through calls to open/mmap/munmap/close.

        Patch covered by existing layout tests and added unit tests.

        * platform/FileSystem.cpp:
        (WebCore::MappedFileData::MappedFileData):
        (WebCore::MappedFileData::operator=):
        (WebCore::MappedFileData::~MappedFileData):
        * platform/FileSystem.h:
        (WebCore::MappedFileData::MappedFileData):
        (WebCore::MappedFileData::operator bool):
        (WebCore::MappedFileData::data):
        (WebCore::MappedFileData::size):
        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::SharedBuffer):
        (WebCore::SharedBuffer::createWithContentsOfFile): Making use of MappedFileData before using createFromReadingFile.
        (WebCore::SharedBuffer::size): Checking whether data is coming from a MappedFileData.
        (WebCore::SharedBuffer::data): Ditto.
        (WebCore::SharedBuffer::append): Ditto.
        (WebCore::SharedBuffer::clear): Clearing MappedFileData if needed.
        (WebCore::SharedBuffer::copy): Transferring mapped data to buffer if needed.
        (WebCore::SharedBuffer::getSomeData):
        (WebCore::SharedBuffer::maybeTransferMappedFileData):
        * platform/SharedBuffer.h:
        * platform/gtk/SharedBufferGtk.cpp:
        (WebCore::SharedBuffer::createFromReadingFile): renamed from createWithContentsOfFile.
        * platform/mac/SharedBufferMac.mm:
        (WebCore::SharedBuffer::createFromReadingFile): Dito.
        * platform/posix/SharedBufferPOSIX.cpp:
        (WebCore::SharedBuffer::createFromReadingFile): Ditto.
        * platform/win/SharedBufferWin.cpp:
        (WebCore::SharedBuffer::createFromReadingFile): Ditto.

2015-05-13  Simon Fraser  <simon.fraser@apple.com>

        Get the ScriptController from the correct frame for media elements and plug-ins
        https://bugs.webkit.org/show_bug.cgi?id=144983
        rdar://problem/20692642&19943135

        Reviewed by Sam Weinig.

        HTMLMediaElement, QuickTimePluginReplacement and HTMLPlugInImageElement were
        getting the main frame's ScriptController instead of the one for their frame.
        This caused media controls JS to be running in the context of the main frame,
        which broke media controls which use getCSSCanvasContext() and -webkit-canvas.
        
        Fix by getting the frame via the element's document.
        
        Also undo r180584 which was working around this bug.

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.drawTimelineBackground):
        * Modules/plugins/QuickTimePluginReplacement.mm:
        (WebCore::QuickTimePluginReplacement::ensureReplacementScriptInjected):
        (WebCore::QuickTimePluginReplacement::installReplacement):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::updateCaptionContainer):
        (WebCore::HTMLMediaElement::ensureMediaControlsInjectedScript):
        (WebCore::HTMLMediaElement::didAddUserAgentShadowRoot):
        (WebCore::HTMLMediaElement::pageScaleFactorChanged):
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::didAddUserAgentShadowRoot):

2015-05-13  Sungmann Cho  <sungmann.cho@navercorp.com>

        Fix trivial typos in ApplyBlockElementCommand
        https://bugs.webkit.org/show_bug.cgi?id=144984

        Reviewed by Alexey Proskuryakov.

        No new tests, no behavior change.

        * editing/ApplyBlockElementCommand.cpp:
        (WebCore::ApplyBlockElementCommand::formatSelection):
        (WebCore::ApplyBlockElementCommand::endOfNextParagraphSplittingTextNodesIfNeeded):
        (WebCore::ApplyBlockElementCommand::endOfNextParagrahSplittingTextNodesIfNeeded): Deleted.
        * editing/ApplyBlockElementCommand.h:

2015-05-13  David Kilzer  <ddkilzer@apple.com>

        REGRESION (r179958): Crash in WebCore::DocumentLoader::detachFromFrame when -[id<WebPolicyDelegate> decidePolicyForMIMEType:request:frame:decisionListener:] fails to call -[id<WebPolicyDecisionListener> download|ignore|use]
        <http://webkit.org/b/144975>

        Reviewed by Andy Estes.

        This change reverts r179958.  It changes RELEASE_ASSERT*()
        statements back to Debug-only ASSERT*() statements.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::~DocumentLoader):
        (WebCore::DocumentLoader::continueAfterContentPolicy):
        (WebCore::DocumentLoader::detachFromFrame):

2015-05-13  Antti Koivisto  <antti@apple.com>

        Cached CSS image resources don't show up after reloading <http://nightly.webkit.org/start/>
        https://bugs.webkit.org/show_bug.cgi?id=144952
        rdar://problem/13387307

        Reviewed by Oliver Hunt.

        This is a symptom of a general problem that we don't revalidate subresources of cached parsed stylesheets.

        Fix by tightening the check we perform when choosing to used the cached sheet. If there are expired subresources
        we reparse the sheet.

        Test: http/tests/cache/stylesheet-sharing.html

        * css/CSSCrossfadeValue.cpp:
        (WebCore::CSSCrossfadeValue::traverseSubresources):
        (WebCore::CSSCrossfadeValue::hasFailedOrCanceledSubresources): Deleted.

            Replace hasFailedOrCanceledSubresources with general purpose subresource traversal functions.

        * css/CSSCrossfadeValue.h:
        * css/CSSFilterImageValue.cpp:
        (WebCore::CSSFilterImageValue::traverseSubresources):
        (WebCore::CSSFilterImageValue::hasFailedOrCanceledSubresources): Deleted.
        * css/CSSFilterImageValue.h:
        * css/CSSFontFaceSrcValue.cpp:
        (WebCore::CSSFontFaceSrcValue::traverseSubresources):
        (WebCore::CSSFontFaceSrcValue::hasFailedOrCanceledSubresources): Deleted.
        * css/CSSFontFaceSrcValue.h:
        * css/CSSImageSetValue.cpp:
        (WebCore::CSSImageSetValue::traverseSubresources):
        (WebCore::CSSImageSetValue::hasFailedOrCanceledSubresources): Deleted.
        * css/CSSImageSetValue.h:
        * css/CSSImageValue.cpp:
        (WebCore::CSSImageValue::traverseSubresources):
        (WebCore::CSSImageValue::hasFailedOrCanceledSubresources): Deleted.
        * css/CSSImageValue.h:
        * css/CSSValue.cpp:
        (WebCore::CSSValue::traverseSubresources):
        (WebCore::CSSValue::hasFailedOrCanceledSubresources): Deleted.
        * css/CSSValue.h:
        * css/CSSValueList.cpp:
        (WebCore::CSSValueList::traverseSubresources):
        (WebCore::CSSValueList::hasFailedOrCanceledSubresources): Deleted.
        * css/CSSValueList.h:
        * css/StyleProperties.cpp:
        (WebCore::StyleProperties::traverseSubresources):
        (WebCore::StyleProperties::hasFailedOrCanceledSubresources): Deleted.
        * css/StyleProperties.h:
        * css/StyleSheetContents.cpp:
        (WebCore::traverseSubresourcesInRules):
        (WebCore::StyleSheetContents::traverseSubresources):
        (WebCore::StyleSheetContents::subresourcesAllowReuse):

            Disallow reuse if there are expired subresources.

        (WebCore::StyleSheetContents::isLoadingSubresources):

            Testing support.

        (WebCore::childRulesHaveFailedOrCanceledSubresources): Deleted.
        (WebCore::StyleSheetContents::hasFailedOrCanceledSubresources): Deleted.
        * css/StyleSheetContents.h:
        (WebCore::StyleSheetContents::loadCompleted):
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::setCSSStyleSheet):
        * loader/cache/CachedCSSStyleSheet.cpp:
        (WebCore::CachedCSSStyleSheet::restoreParsedStyleSheet):
        * loader/cache/CachedCSSStyleSheet.h:
        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::makeRevalidationDecision):
        (WebCore::CachedImage::mustRevalidateDueToCacheHeaders): Deleted.

            Move the logging code out from this function (it requires frame access this function doesn't otherwise need)
            and refactor to return a decision enum.

        * loader/cache/CachedImage.h:
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::makeRevalidationDecision):
        (WebCore::logResourceRevalidationReason): Deleted.
        (WebCore::CachedResource::mustRevalidateDueToCacheHeaders): Deleted.
        * loader/cache/CachedResource.h:
        (WebCore::CachedResource::loadFailedOrCanceled):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::logRevalidation):
        (WebCore::logResourceRevalidationDecision):
        (WebCore::CachedResourceLoader::determineRevalidationPolicy):

            Move logging here.

        * testing/Internals.cpp:
        (WebCore::Internals::isSharingStyleSheetContents):
        (WebCore::Internals::isStyleSheetLoadingSubresources):
        * testing/Internals.h:
        * testing/Internals.idl:

2015-05-13  Ryuan Choi  <ryuan.choi@navercorp.com>

        [CoordinatedGraphics] Remove scaleFactor from SurfaceUpdateInfo
        https://bugs.webkit.org/show_bug.cgi?id=144935

        Reviewed by Darin Adler.

        The members of SurfaceUpdateInfo are only used to update tile except scaleFactor.
        So, this patch removes scaleFactor from SurfaceUpdateInfo.
        In addition, removes unnecessary parameters in createTile() 

        No new tests because there is no behavior change.

        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::createTile):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
        * platform/graphics/texmap/coordinated/CoordinatedTile.cpp:
        (WebCore::CoordinatedTile::updateBackBuffer):
        * platform/graphics/texmap/coordinated/CoordinatedTile.h:
        * platform/graphics/texmap/coordinated/SurfaceUpdateInfo.h:

2015-05-13  Sam Weinig  <sam@webkit.org>

        Modernize ContainerNode::childElementCount
        https://bugs.webkit.org/show_bug.cgi?id=144930

        Reviewed by Darin Adler.

        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::childElementCount):
        Use std::distance to compute the number of child elements.

        * dom/ElementChildIterator.h:
        Add typedefs to make the child element iterators conform STL standards.

2015-05-13  Ryosuke Niwa  <rniwa@webkit.org>

        REGRESSION(r183770): Crash inside WebEditorClient::shouldApplyStyle when applying underline
        https://bugs.webkit.org/show_bug.cgi?id=144949
        <rdar://problem/20895753>

        Reviewed by Darin Adler.

        The crash was caused by the variant of applyStyleToSelection that takes EditingStyle passing
        a null pointer to shouldApplyStyle when we're only applying text decoration changes so that
        m_mutableStyle in the editing style is null. This didn't reproduce in execCommand since we
        wouldn't call shouldApplyStyle in that case. It didn't reproduce in my manual testing because
        font panel also sets text shadow, which ends up filling up m_mutableStyle.

        Fixed the bug by creating a mutable style properties when one is not provided by EditingStyle.
        Also fixed the "FIXME" in the function by converting text decoration changes to a corresponding
        text decoration value. The values passed to shouldApplyStyle now matches the old behavior prior
        to r183770.

        Test: editing/style/underline-by-user.html

        * editing/EditingStyle.cpp:
        (WebCore::EditingStyle::styleWithResolvedTextDecorations): Added.
        * editing/EditingStyle.h:
        * editing/Editor.cpp:
        (WebCore::Editor::applyStyleToSelection): Use styleWithResolvedTextDecorations to avoid the crash.

2015-05-13  Eric Carlson  <eric.carlson@apple.com>

        Work around HTMLMediaElement::documentDidResumeFromPageCache being called twice
        https://bugs.webkit.org/show_bug.cgi?id=144969

        Reviewed by Alexey Proskuryakov.

        * dom/Document.cpp:
        (WebCore::Document::addPlaybackTargetPickerClient): Replace ASSERT with early 
        return to work around https://webkit.org/b/144970.

2015-05-13  Timothy Horton  <timothy_horton@apple.com>

        Going back after resizing causes scroll knob to appear in the middle of the page
        https://bugs.webkit.org/show_bug.cgi?id=144968
        <rdar://problem/18299827>

        Reviewed by Beth Dakin.

        * history/CachedPage.cpp:
        (WebCore::CachedPage::restore):
        (WebCore::CachedPage::clear):
        * history/CachedPage.h:
        (WebCore::CachedPage::markForContentsSizeChanged):
        * history/PageCache.cpp:
        (WebCore::PageCache::markPagesForContentsSizeChanged):
        * history/PageCache.h:
        Add a flag that will cause us to call updateContentsSize() after a page
        comes out of the page cache, if necessary.

        * page/FrameView.cpp:
        (WebCore::FrameView::setContentsSize):
        * page/FrameView.h:
        Mark all cached pages for this frame as needing updateContentsSize()
        when setContentsSize happens. This will ensure that scrollbar layers
        are repositioned when coming out of the page cache.

2015-05-13  Beth Dakin  <bdakin@apple.com>

        Need SPI to set the overlay scroll bar style
        https://bugs.webkit.org/show_bug.cgi?id=144928
        -and corresponding-
        rdar://problem/20143614

        Reviewed by Anders Carlsson.

        New ChromeClient function preferredScrollbarOverlayStyle() will fetch the 
        scrollbar style that was set via the new SPI.
        * page/ChromeClient.h:

        If the preferredScrollbarOverlayStyle() is anything but None, then use it. None is 
        used to indicate that the normal heuristic should compute the appropriate color.
        * page/FrameView.cpp:
        (WebCore::FrameView::recalculateScrollbarOverlayStyle):
        * page/FrameView.h:

2015-05-13  Brent Fulgham  <bfulgham@apple.com>

        Scrollbars in overflow regions are not vanishing after scrolling with scroll snap points
        https://bugs.webkit.org/show_bug.cgi?id=142521
        <rdar://problem/20100706>

        Reviewed by Darin Adler.

        The scrollbars were not being dismissed because they were not being notified that the wheel
        gesture was finished. This was happening because the wheel event 'ended' state has zero
        deltaX and deltaY. If the region did not allow stretching, it would exit early, never passing
        through the 'handleWheelEventPhase' code that would notify the scrollbar controller that
        the gesture had ended.

        * platform/ScrollableArea.cpp:
        (WebCore::ScrollableArea::mouseExitedContentArea): The wrong ScrollAnimator method was being
        called when the mouse exited the content area.
        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::ScrollAnimatorMac::handleWheelEvent): Do not early return when the wheel event has
        no change in X or Y coordinate.

2015-05-12  David Hyatt  <hyatt@apple.com>

        Don't compute selection painting info when we don't have selection.
        https://bugs.webkit.org/show_bug.cgi?id=144920
        <rdar://problem/20919920>

        Reviewed by Simon Fraser.

        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::paint):

        Just set the selection paint style to the text paint style when we don't have a selection
        at all. Computing the selection style takes time in the case where a ::selection pseudo is
        used on the page, so we don't want to waste time computing that info unless it's actually
        needed.

2015-05-13  Joseph Pecoraro  <pecoraro@apple.com>

        Pass String as reference in more places
        https://bugs.webkit.org/show_bug.cgi?id=144769

        Reviewed by Daniel Bates.

        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::dumpString):
        (WebCore::CloneSerializer::dumpStringObject):
        * dom/DocumentMarkerController.cpp:
        (WebCore::DocumentMarkerController::addMarker):
        * dom/DocumentMarkerController.h:
        * inspector/InspectorApplicationCacheAgent.cpp:
        (WebCore::InspectorApplicationCacheAgent::assertFrameWithDocumentLoader):
        * inspector/InspectorApplicationCacheAgent.h:
        * inspector/InspectorNodeFinder.cpp:
        (WebCore::stripCharacters):
        (WebCore::InspectorNodeFinder::InspectorNodeFinder):
        * inspector/InspectorNodeFinder.h:

2015-05-13  Timothy Horton  <timothy_horton@apple.com>

        View scale changes are temporarily lost after restoring a page from the page cache
        https://bugs.webkit.org/show_bug.cgi?id=144934

        Reviewed by Brady Eidson.

        * history/CachedPage.cpp:
        (WebCore::CachedPage::CachedPage):
        (WebCore::CachedPage::restore):
        (WebCore::CachedPage::clear):
        * history/CachedPage.h:
        (WebCore::CachedPage::markForDeviceOrPageScaleChanged): Renamed.
        * history/PageCache.cpp:
        (WebCore::PageCache::markPagesForDeviceOrPageScaleChanged): Renamed.
        * history/PageCache.h:
        Rename PageCache/CachedPage methods to make it more clear that they
        will eventually result in calling deviceOrPageScaleFactorChanged().
        Also, use modern initialization for CachedPage members.

        * loader/HistoryController.cpp:
        (WebCore::HistoryController::saveScrollPositionAndViewStateToItem):
        (WebCore::HistoryController::restoreScrollPositionAndViewState):
        Store the pageScaleFactor on HistoryItem with the view scale factored out,
        because the view scale can change while the page is in the page cache, and
        WebCore needs a way - without consulting with WebKit2 - to apply the changed
        view scale to the cached page scale.

        * page/Page.cpp:
        (WebCore::Page::setViewScaleFactor):
        (WebCore::Page::setDeviceScaleFactor):
        * page/Page.h:
        (WebCore::Page::viewScaleFactor):
        Keep track of the viewScaleFactor, and mark all pages in the page cache
        as needing to call deviceOrPageScaleFactorChanged and do a full style recalc
        when they come back from the page cache.

        For now, we expect all callers of setPageScaleFactor (including WebKit2 and
        HistoryController) to multiply the viewScale in manually, to avoid the
        significant amount of change in WebCore that would be required to keep them
        totally separately.

2015-05-12  Zan Dobersek  <zdobersek@igalia.com>

        Reduce TransformationMatrix copies in MatrixTransformOperation, Matrix3DTransformOperation
        https://bugs.webkit.org/show_bug.cgi?id=144797

        Reviewed by Darin Adler.

        Using std::swap() on TransformationMatrix objects which don't
        provide move constructors will result in copies.

        Instead, use a helper function in both MatrixTransformOperation
        and Matrix3DTransformOperation that calls TransformationMatrix::blend()
        and returns the new Matrix(3D)TransformOperation object, and call it
        with fromT and toT arguments switched when blending to identity.

        * platform/graphics/transforms/Matrix3DTransformOperation.cpp:
        (WebCore::createOperation):
        (WebCore::Matrix3DTransformOperation::blend):
        * platform/graphics/transforms/Matrix3DTransformOperation.h: No need
        to copy the m_matrix member, it won't change when passed to
        TransformationMatrix::multiply().
        * platform/graphics/transforms/MatrixTransformOperation.cpp:
        (WebCore::createOperation):
        (WebCore::MatrixTransformOperation::blend):

2015-05-12  Carlos Garcia Campos  <cgarcia@igalia.com>

        [EGL][X11] XPixmap created in GLContextEGL::createPixmapContext() is leaked
        https://bugs.webkit.org/show_bug.cgi?id=144909

        Reviewed by Sergio Villar Senin and Žan Doberšek.

        The pixmap is created and passed to eglCreatePixmapSurface(), but
        never released. eglCreatePixmapSurface() doesn't take the
        ownership of the pixmap, so we should explicitly free it when the
        GLContextEGL is destroyed.

        * platform/graphics/egl/GLContextEGL.cpp:
        (WebCore::GLContextEGL::createPixmapContext): Use XUniquePixmap
        and transfer the ownership to the context by using the new
        constructor that receives a XUniquePixmap&&.
        (WebCore::GLContextEGL::createContext): createPixmapContext() is
        now only defined for X11.
        (WebCore::GLContextEGL::GLContextEGL): New constructor that
        receives a XUniquePixmap&&.
        * platform/graphics/egl/GLContextEGL.h: Add new constructor and
        initialize the cairo device when defined to simplify constructors.

2015-05-12  Sungmann Cho  <sungmann.cho@navercorp.com>

        Reindent DIBPixelData.h for consistency.
        https://bugs.webkit.org/show_bug.cgi?id=144942

        Reviewed by Darin Adler.

        No new tests, no behavior change.

        * platform/graphics/win/DIBPixelData.h:
        (WebCore::DIBPixelData::DIBPixelData):
        (WebCore::DIBPixelData::buffer):
        (WebCore::DIBPixelData::bufferLength):
        (WebCore::DIBPixelData::size):
        (WebCore::DIBPixelData::bytesPerRow):
        (WebCore::DIBPixelData::bitsPerPixel):

2015-05-12  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r184224.
        https://bugs.webkit.org/show_bug.cgi?id=144946

        Made inspector/page/main-frame-resource.html assert every time
        (Requested by ap on #webkit).

        Reverted changeset:

        "Web Inspector: REGRESSION (r181625): Timeline recording
        started from console.profile is always empty"
        https://bugs.webkit.org/show_bug.cgi?id=144882
        http://trac.webkit.org/changeset/184224

2015-05-12  Jer Noble  <jer.noble@apple.com>

        [Mac] Hang in MediaPlayerPrivateAVFoundationObjC::audioSourceProvider() - 'tracks' property not yet loaded
        https://bugs.webkit.org/show_bug.cgi?id=144937

        Reviewed by Eric Carlson.

        Querying for the -[AVAsset tracks] property blocks for network loading; and could
        block forever if the asset in question is not reachable. Add a "safe" mechanism for
        querying the list of audible tracks, and use that when providing the audioSourceProvider()
        with an audible track.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerItem):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::tracksChanged):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::audioSourceProvider):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::processLegacyClosedCaptionsTracks):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::safeAVAssetTracksForAudibleMedia):

2015-05-12  Ryosuke Niwa  <rniwa@webkit.org>

        Mac build fix after r184228.

        * bindings/scripts/CodeGeneratorJS.pm:

2015-05-12  Simon Fraser  <simon.fraser@apple.com>

        Turn antialiased font dilation off by default
        https://bugs.webkit.org/show_bug.cgi?id=144940
        rdar://problem/20923031

        Reviewed by Sam Weinig.

        Turn antialised font dilation off by default.

        * page/Settings.cpp:
        (WebCore::Settings::Settings):
        * platform/graphics/FontCascade.cpp:

2015-05-12  Alex Christensen  <achristensen@webkit.org>

        Don't export all JS bindings classes.
        https://bugs.webkit.org/show_bug.cgi?id=144932

        Reviewed by Dan Bernstein.

        This change is good if it compiles and links successfully.

        * bindings/scripts/CodeGeneratorJS.pm:
        (ExportLabelForClass):
        Add a list of the JS bindings classes that need WEBCORE_EXPORT to prevent exporting too many symbols from WebCore.
        * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
        * bindings/scripts/test/JS/JSTestEventConstructor.h:
        * bindings/scripts/test/JS/JSTestEventTarget.h:
        * bindings/scripts/test/JS/JSTestException.h:
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
        * bindings/scripts/test/JS/JSTestNamedConstructor.h:
        * bindings/scripts/test/JS/JSTestNode.h:
        * bindings/scripts/test/JS/JSTestNondeterministic.h:
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
        * bindings/scripts/test/JS/JSTestTypedefs.h:
        * bindings/scripts/test/JS/JSattribute.h:
        * bindings/scripts/test/JS/JSreadonly.h:
        Update bindings tests to remove WEBCORE_EXPORT from most of the tests,
        but keep one test with WEBCORE_EXPORT and one test with WEBCORE_TESTSUPPORT_EXPORT.

2015-05-12  Brent Fulgham  <bfulgham@apple.com>

        [Win] Update DXSDK_DIR settings for build system.

        Unreviewed build fix.

        * WebCore.vcxproj/WebCore.proj: Add DXSDK_DIR definition for builder.

2015-05-12  Gyuyoung Kim  <gyuyoung.kim@webkit.org>

        Return Ref instead of PassRefPtr in create() factory functions of WebCore/dom
        https://bugs.webkit.org/show_bug.cgi?id=144904

        Reviewed by Andreas Kling.

        We return Ref when we're sure if pointer can't be null. If not, we use RefPtr instead PassRefPtr.

        No new tests, no behavior changes.

        * dom/AutocompleteErrorEvent.h:
        * dom/DOMNamedFlowCollection.h:
        (WebCore::DOMNamedFlowCollection::create):
        * dom/MessageChannel.h:
        (WebCore::MessageChannel::create):
        * dom/MessagePort.h:
        * dom/MutationObserver.cpp:
        (WebCore::MutationObserver::create):
        * dom/MutationObserver.h:
        * dom/NamedFlowCollection.h:
        * dom/NodeFilter.h:
        (WebCore::NodeFilter::create):
        * dom/NodeIterator.h:
        (WebCore::NodeIterator::create):
        * dom/ProcessingInstruction.cpp:
        (WebCore::ProcessingInstruction::create):
        * dom/ProcessingInstruction.h:
        * dom/ScriptedAnimationController.h:
        (WebCore::ScriptedAnimationController::create):
        * dom/SecurityPolicyViolationEvent.h:
        * dom/StaticNodeList.h:
        * dom/TemplateContentDocumentFragment.h:
        * dom/Touch.cpp:
        (WebCore::Touch::cloneWithNewTarget):
        * dom/Touch.h:
        (WebCore::Touch::create):
        * dom/TouchEvent.h:
        * dom/TouchList.h:
        (WebCore::TouchList::create):
        * dom/TreeWalker.h:
        (WebCore::TreeWalker::create):
        * dom/WebKitNamedFlow.cpp:
        (WebCore::WebKitNamedFlow::create):
        * dom/WebKitNamedFlow.h:
        * dom/default/PlatformMessagePortChannel.cpp:
        (WebCore::PlatformMessagePortChannel::create):
        * dom/default/PlatformMessagePortChannel.h:
        (WebCore::PlatformMessagePortChannel::MessagePortQueue::create):

2015-05-12  Matt Baker  <mattbaker@apple.com>

        Web Inspector: REGRESSION (r181625): Timeline recording started from console.profile is always empty
        https://bugs.webkit.org/show_bug.cgi?id=144882

        Reviewed by Brian Burg.

        A timeline recording will always be stopped before the end of the current run loop is observed. Before
        dispatching the recording stopped event, the last run loop record must be completed and sent to the frontend
        to prevent it from being discarded.

        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::internalStop):

2015-05-12  Zalan Bujtas  <zalan@apple.com>

        REGRESSION(r175617): Some text doesn't render on internationalculinarycenter.com
        https://bugs.webkit.org/show_bug.cgi?id=144917
        rdar://problem/20545878

        Reviewed by Andreas Kling.

        This patch ensures that text stroke width value is taken into account while
        calculating visual overflow for simple line layout.
        Ceiling the text stroke width value matches the normal text layout behaviour.

        Test: fast/text/simple-line-layout-text-stroke-width.html

        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::paintFlow):
        (WebCore::SimpleLineLayout::collectFlowOverflow):

2015-05-12  Alexey Proskuryakov  <ap@apple.com>

        Build fix.

        * platform/spi/cf/CFNetworkSPI.h:

2015-05-12  Brent Fulgham  <bfulgham@apple.com>

        ROLLOUT [Win] Unreviewed build fix for older DirectX build environments.

        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:

2015-05-12  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] ARIA menu items should not have anonymous block children
        https://bugs.webkit.org/show_bug.cgi?id=144653

        Reviewed by Chris Fleizach.

        Exclude anonymous block children of menu items from the accessible tree
        for ATK. Exclude list markers from the accessibility tree if the parent
        is not being exposed as an accessible list item.

        No new tests. Instead, modified the existing tests to reflect the correct
        behavior.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored):
        * accessibility/atk/AccessibilityObjectAtk.cpp:
        (WebCore::AccessibilityObject::accessibilityPlatformIncludesObject):

2015-05-08  Alexey Proskuryakov  <ap@apple.com>

        [Mac] Share cookie storage between UI process and secondary processes
        https://bugs.webkit.org/show_bug.cgi?id=144820
        rdar://problem/20572830

        Reviewed by Darin Adler.

        * platform/network/mac/CookieJarMac.mm:
        * platform/spi/cf/CFNetworkSPI.h:
        Moved SPIs into an SPI header, so that WebKit2 could use them too without duplication.

2015-05-12  Chris Dumez  <cdumez@apple.com>

        [WK2] Log using diagnostic logging how far back in history we navigate
        https://bugs.webkit.org/show_bug.cgi?id=144919
        <rdar://problem/20920043>

        Reviewed by Gavin Barraclough.

        Add diagnostic logging keys for logging back history navigation delta.

        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::deltaKey):
        (WebCore::DiagnosticLoggingKeys::backNavigationKey):
        * page/DiagnosticLoggingKeys.h:

2015-05-12  Yoav Weiss  <yoav@yoav.ws>

        Avoid CSSPrimitiveValue allocation when parsing sizes
        https://bugs.webkit.org/show_bug.cgi?id=144910

        Reviewed by Darin Adler.

        Turn non-calc length calculation logic into a static method,
        so that it can be called without a CSSPrimitiveValue object.
        Then, call that method to calculate the default source-size length.

        No new tests, since no functionality change.

        * css/CSSPrimitiveValue.cpp:
        (WebCore::CSSPrimitiveValue::computeLengthDouble): Split out the logic for everything that's not calc into a static method.
        (WebCore::CSSPrimitiveValue::computeNonCalcLengthDouble): Static length computation logic for everything that is not calc.
        * css/CSSPrimitiveValue.h:
        (WebCore::CSSPrimitiveValue::isFontRelativeLength): Turn into static.
        * css/SourceSizeList.cpp:
        (WebCore::defaultLength): Use the new static method to compute the length.
        (WebCore::computeLength): Use the calc length computation methods directly.

2015-05-12  Brent Fulgham  <bfulgham@apple.com>

        [Win] Unreviewed build fix for older DirectX build environments.

        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp: Switch back to our
        d3d stub header to avoid build failures on July 2004 DXSDK build environments.

2015-05-12  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Refine media playback target client configuration
        https://bugs.webkit.org/show_bug.cgi?id=144892

        Reviewed by Brent Fulgham.

        Client and target picker state changes fequently happen several times in quick succession, so
        don't react to immediately so we can batch callbacks to the web process. 
        * Modules/mediasession/WebMediaSessionManager.cpp:
        (WebCore::ClientState::ClientState): Store the client as a reference rather than a pointer
        because it can never be NULL.
        (WebCore::ClientState::operator == ): New.
        (WebCore::WebMediaSessionManager::addPlaybackTargetPickerClient): Schedule the initial client 
        configuration and a target configuration check.
        (WebCore::WebMediaSessionManager::removePlaybackTargetPickerClient): Schedule a target monitoring
        update, and a target configuration check.
        (WebCore::WebMediaSessionManager::removeAllPlaybackTargetPickerClients): Ditto.
        (WebCore::WebMediaSessionManager::showPlaybackTargetPicker): Schedule a target monitoring update.
        (WebCore::WebMediaSessionManager::clientStateDidChange): If the client whose state has changed
        can play to a target, tell it to start using the target even if it isn't playing as long as
        no other client is actively using a target.
        (WebCore::WebMediaSessionManager::setPlaybackTarget): Configure clients after a pause.
        (WebCore::WebMediaSessionManager::configureNewClients): New, do new client configuration.
        (WebCore::WebMediaSessionManager::configurePlaybackTargetClients): New, configure target clients.
        (WebCore::WebMediaSessionManager::scheduleDelayedTask): Schedule the timer.
        (WebCore::WebMediaSessionManager::taskTimerFired): Execute delayed tasks.
        (WebCore::WebMediaSessionManager::find): 
        * Modules/mediasession/WebMediaSessionManager.h:

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::setMuted): Call updateMediaState.
        (WebCore::HTMLMediaElement::setPlaying): Ditto.
        (WebCore::HTMLMediaElement::mediaPlayerCurrentPlaybackTargetIsWirelessChanged): Ditto.
        (WebCore::HTMLMediaElement::enqueuePlaybackTargetAvailabilityChangedEvent): Expand logging.
        (WebCore::HTMLMediaElement::updateMediaState): New, don't broadcast a media state change
        unless something actually changed.
        * html/HTMLMediaElement.h:

        * html/HTMLMediaSession.cpp:
        (WebCore::HTMLMediaSession::externalOutputDeviceAvailableDidChange): Update logging.
        (WebCore::HTMLMediaSession::setShouldPlayToPlaybackTarget): Ditto.
        (WebCore::HTMLMediaSession::mediaEngineUpdated): Cleanup.

        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
        (WebCore::MediaPlaybackTargetPickerMac::showPlaybackTargetPicker): Remove the call to
        deprecated API and the "-Wdeprecated-declarations".

2015-05-12  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [GTK] Defer to WebCore Accessibility for table exposure
        https://bugs.webkit.org/show_bug.cgi?id=144896

        Reviewed by Chris Fleizach.

        Stop unconditionally exposing all HTMLTableElement nodes as AccessibilityTables
        for WebKitGtk.

        No new tests. Several existing tests already cover table exposure. They have
        been updated accordingly.

        * accessibility/AccessibilityTable.cpp:
        (WebCore::AccessibilityTable::computeIsTableExposableThroughAccessibility):

2015-05-12  Joanmarie Diggs  <jdiggs@igalia.com>

        [GTK][WK2] rowAtIndex is not implemented in DRT/WKTR
        https://bugs.webkit.org/show_bug.cgi?id=116971

        Reviewed by Chris Fleizach.

        Because ATK lacks API to directly get an accessible row via its index,
        the implementation of rowAtIndex gets a cell in the indexed row and
        returns the parent row. The failing test continued to fail because
        AccessibilityARIAGridCell::parentTable called parentObjectUnignored at
        most twice, the second call in place to handle rows which are included
        in the tree. However, given a well-formed ARIA grid with a rowgroup that
        is interactive, that rowgroup also needs to be in the tree necessitating
        parentObjectUnignored be called a third time to get to the grid. Given a
        poorly-formed ARIA grid, there may additional objects which pass the test
        for inclusion standing in between the cell and grid necessitating more
        calls still. Therefore, ascend the hierarchy to find the parent grid.

        No new tests. The failing test now passes.

        * accessibility/AccessibilityARIAGridCell.cpp:
        (WebCore::AccessibilityARIAGridCell::parentTable):

2015-05-08  Carlos Garcia Campos  <cgarcia@igalia.com>

        [X11] Add XUniquePtr and XUniqueResource to automatically free X resources
        https://bugs.webkit.org/show_bug.cgi?id=144521

        Reviewed by Darin Adler.

        Add XUniquePtr as a template alias of std:unique_ptr to handle X
        resources using pointers and XUniqueResource as a new class to
        handle X resources using a long unsigned identifier. This
        simplifies the code and makes it more difficult to leak X resources.

        * PlatformEfl.cmake: Add new files to compilation.
        * PlatformGTK.cmake: Ditto.
        * platform/graphics/cairo/BackingStoreBackendCairoX11.cpp:
        (WebCore::BackingStoreBackendCairoX11::BackingStoreBackendCairoX11):
        Remove the display member, and use XUnique for Pixmap and GC.
        (WebCore::BackingStoreBackendCairoX11::~BackingStoreBackendCairoX11):
        Remove code to explicitly free Pixmap and GC.
        (WebCore::BackingStoreBackendCairoX11::scroll):
        * platform/graphics/cairo/BackingStoreBackendCairoX11.h:
        * platform/graphics/glx/GLContextGLX.cpp:
        (WebCore::GLContextGLX::createWindowContext): Use XUnique and the
        new constructor that receives a XID, since there's no longer
        conflict with the one receiving a Pbuffer.
        (WebCore::GLContextGLX::createPbufferContext): Use XUnique and the
        new constructor that receives a XUniqueGLXPbuffer&&.
        (WebCore::GLContextGLX::createPixmapContext):
        (WebCore::GLContextGLX::createContext):
        (WebCore::GLContextGLX::GLContextGLX):
        (WebCore::GLContextGLX::~GLContextGLX): Remove code to explicitly
        free X resources.
        (WebCore::GLContextGLX::makeContextCurrent):
        (WebCore::GLContextGLX::cairoDevice):
        (WebCore::GLContextGLX::platformContext):
        * platform/graphics/glx/GLContextGLX.h:
        * platform/graphics/surfaces/egl/EGLXSurface.cpp:
        (WebCore::EGLXTransportSurfaceClient::EGLXTransportSurfaceClient):
        (WebCore::EGLXTransportSurfaceClient::destroy):
        (WebCore::EGLXTransportSurfaceClient::prepareTexture):
        * platform/graphics/surfaces/egl/EGLXSurface.h:
        * platform/graphics/surfaces/glx/GLXConfigSelector.h:
        (WebCore::GLXConfigSelector::findMatchingConfig): Use XUnique
        instead of the custom std::unique X11Deleter.
        (WebCore::GLXConfigSelector::findMatchingConfigWithVisualId): Ditto.
        * platform/graphics/surfaces/glx/GLXSurface.cpp:
        (WebCore::GLXTransportSurface::GLXTransportSurface): Ditto.
        (WebCore::GLXOffScreenSurface::initialize):
        * platform/graphics/surfaces/glx/X11Helper.cpp:
        (WebCore::X11Helper::createOffScreenWindow): Ditto.
        (WebCore::X11Helper::createPixmap): Ditto.
        * platform/graphics/surfaces/glx/X11Helper.h:
        * platform/graphics/x11/XUniquePtr.h: Remove X11Deleter.
        (WebCore::XPtrDeleter::operator()):
        * platform/graphics/x11/XUniqueResource.cpp: Added.
        (WebCore::XUniqueResource<XResource::Colormap>::deleteXResource):
        (WebCore::XUniqueResource<XResource::Damage>::deleteXResource):
        (WebCore::XUniqueResource<XResource::Pixmap>::deleteXResource):
        (WebCore::XUniqueResource<XResource::Window>::deleteXResource):
        (WebCore::XUniqueResource<XResource::GLXPbuffer>::deleteXResource):
        (WebCore::XUniqueResource<XResource::GLXPixmap>::deleteXResource):
        * platform/graphics/x11/XUniqueResource.h: Added.
        (WebCore::XUniqueResource::XUniqueResource):
        (WebCore::XUniqueResource::operator=):
        (WebCore::XUniqueResource::~XUniqueResource):
        (WebCore::XUniqueResource::get):
        (WebCore::XUniqueResource::release):
        (WebCore::XUniqueResource::reset):
        (WebCore::XUniqueResource::operator!):
        (WebCore::XUniqueResource::operator UnspecifiedBoolType*):

2015-05-12  Zan Dobersek  <zdobersek@igalia.com>

        Move TransformOperation-based classes off of PassRefPtr
        https://bugs.webkit.org/show_bug.cgi?id=144876

        Reviewed by Darin Adler.

        Remove uses of PassRefPtr from the TransformOperation class and its
        derivatives, operating on Ref and RefPtr objects instead.

        * platform/graphics/transforms/IdentityTransformOperation.h:
        * platform/graphics/transforms/Matrix3DTransformOperation.cpp:
        (WebCore::Matrix3DTransformOperation::blend):
        * platform/graphics/transforms/Matrix3DTransformOperation.h:
        * platform/graphics/transforms/MatrixTransformOperation.cpp:
        (WebCore::MatrixTransformOperation::blend):
        * platform/graphics/transforms/MatrixTransformOperation.h:
        * platform/graphics/transforms/PerspectiveTransformOperation.cpp:
        (WebCore::PerspectiveTransformOperation::blend):
        * platform/graphics/transforms/PerspectiveTransformOperation.h:
        * platform/graphics/transforms/RotateTransformOperation.cpp:
        (WebCore::RotateTransformOperation::blend):
        * platform/graphics/transforms/RotateTransformOperation.h:
        * platform/graphics/transforms/ScaleTransformOperation.cpp:
        (WebCore::ScaleTransformOperation::blend):
        * platform/graphics/transforms/ScaleTransformOperation.h:
        * platform/graphics/transforms/SkewTransformOperation.cpp:
        (WebCore::SkewTransformOperation::blend):
        * platform/graphics/transforms/SkewTransformOperation.h:
        * platform/graphics/transforms/TransformOperation.h:
        * platform/graphics/transforms/TransformOperations.cpp:
        (WebCore::TransformOperations::blendByMatchingOperations):
        * platform/graphics/transforms/TranslateTransformOperation.cpp:
        (WebCore::TranslateTransformOperation::blend):
        * platform/graphics/transforms/TranslateTransformOperation.h:

2015-05-12  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] ReadableStream reader should not be disposable when having pending promises
        https://bugs.webkit.org/show_bug.cgi?id=144869

        Reviewed by Darin Adler.

        Made error promise callback to take a ref to the reader so that the reader is not disposed as long as the promise callback is not resolved.

        Covered by tests added to streams/readable-stream-gc.html.

        * Modules/streams/ReadableStreamReader.cpp:
        (WebCore::ReadableStreamReader::ReadableStreamReader): Moved initialize() call outside constructor as it can ref/unref.
        (WebCore::ReadableStreamReader::releaseStreamAndClean): Added protector.
        * Modules/streams/ReadableStreamReader.h:
        * bindings/js/JSReadableStreamReaderCustom.cpp:
        (WebCore::JSReadableStreamReader::closed): Lambda for error now takes a ref to the reader.
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::Reader::create): Calling initialize() after adoptRef().

2015-05-11  Zan Dobersek  <zdobersek@igalia.com>

        Clean up redundant resources in case of failure in GLContextEGL context creation methods
        https://bugs.webkit.org/show_bug.cgi?id=144878

        Reviewed by Martin Robinson.

        GLContextEGL::createWindowContext() and GLContextEGL::createPixmapContext() methods
        should clean up the freshly-created resources when prematurely returning due to a
        failure.

        * platform/graphics/egl/GLContextEGL.cpp:
        (WebCore::GLContextEGL::createWindowContext):
        (WebCore::GLContextEGL::createPixmapContext):

2015-05-11  Dan Bernstein  <mitz@apple.com>

        WebCore part of <rdar://problem/20878075> Trying to navigate to an invalid URL loads about:blank, but -[WKWebView URL] returns the invalid URL

        Reviewed by Alexey Proskuryakov.

        Test: TestWebKitAPI/Tests/WebKit2Cocoa/ProvisionalURLChange.mm

        In some cases, trying to navigate to an invalid URL results in navigation to about:blank.
        When the about:blank load is committed, the UI process still thinks that the provisional
        URL is the original, invalid URL, and updates its state to reflect that that’s the URL that
        has been committed.

        The provisional URL changes (1) when a provisional load begins, (2) when a server redirect
        happens, (3) when the client changes the request in willSendRequest, and (4) in this
        about:blank case. For (1) and (2), there are frame loader client callbacks. (3) is client-
        initiated. So this patch addresses (4).

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::maybeLoadEmpty): If our request URL is changing to about:blank and
        while loading the main resource, call FrameLoaderClient::dispatchDidChangeProvisionalURL.
        * loader/FrameLoaderClient.h: Added dispatchDidChangeProvisionalURL with an empty
        implementation.

2015-05-11  Zalan Bujtas  <zalan@apple.com>

        Text is misplaced when custom font does not have space glyph.
        https://bugs.webkit.org/show_bug.cgi?id=144879

        Reviewed by Myles C. Maxfield

        This patch ensures that we use fallback font for the missing space glyph only when the rendered text has space in it.

        If a font does not provide all the glyphs required to render the associated text, we initiate fallback fonts. It is done while
        measuring the text at layout time. However due to the fact that we always pre-measure space, a font with no space glyph in it is never sufficient.
        (even when the text does not require space at all)
        Fallback fonts impact line positions through ascent/descent calculation.

        Test: fast/text/font-with-no-space-glyph.html

        * rendering/RenderText.cpp:
        (WebCore::RenderText::computePreferredLogicalWidths):
        * rendering/line/BreakingContext.h:
        (WebCore::WordTrailingSpace::WordTrailingSpace):
        (WebCore::WordTrailingSpace::width):
        (WebCore::BreakingContext::handleText):

2015-05-11  Simon Fraser  <simon.fraser@apple.com>

        Small tidyup in animations code
        https://bugs.webkit.org/show_bug.cgi?id=144893

        Reviewed by Eric Carlson.

        Reading progress(1, 0, 0) in callers of AnimationBase::progress() was confusing,
        particularly as the last parameter is a TimingFunction*. Put default values 
        in the header (with nullptr) and fix the callers. Also fix variable names in
        the implementation.

        * page/animation/AnimationBase.cpp:
        (WebCore::AnimationBase::progress):
        * page/animation/AnimationBase.h:
        * page/animation/ImplicitAnimation.cpp:
        (WebCore::ImplicitAnimation::animate):
        (WebCore::ImplicitAnimation::getAnimatedStyle):
        (WebCore::ImplicitAnimation::blendPropertyValueInStyle):

2015-05-11  Gyuyoung Kim  <gyuyoung.kim@webkit.org>

        Purge PassRefPtr in WebCore/rendering
        https://bugs.webkit.org/show_bug.cgi?id=144872

        Reviewed by Darin Adler.

        As a step to remove PassRefPtr, this patch replaces PassRefPtr with Ref in WebCore/rendering.

        No new tests, no behavior changes.

        * rendering/HitTestingTransformState.h:
        (WebCore::HitTestingTransformState::create):
        * rendering/RenderLayer.cpp:
        (WebCore::ClipRects::create):
        * rendering/RenderThemeGtk.cpp:
        (WebCore::RenderThemeGtk::create):
        (WebCore::RenderTheme::themeForPage):
        * rendering/RenderThemeGtk.h:
        * rendering/RenderThemeIOS.h:
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderTheme::themeForPage):
        (WebCore::RenderThemeIOS::create):
        * rendering/RenderThemeMac.h:
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderTheme::themeForPage):
        (WebCore::RenderThemeMac::create):
        * rendering/RenderThemeSafari.cpp:
        (WebCore::RenderThemeSafari::create):
        (WebCore::RenderTheme::themeForPage):
        * rendering/RenderThemeSafari.h:
        * rendering/RenderThemeWin.cpp:
        (WebCore::RenderThemeWin::create):
        (WebCore::RenderTheme::themeForPage):
        * rendering/RenderThemeWin.h:
        * rendering/TextAutoSizing.h:
        (WebCore::TextAutoSizingValue::create):
        * rendering/style/ShapeValue.h:
        (WebCore::ShapeValue::createShapeValue):
        (WebCore::ShapeValue::createBoxShapeValue):
        (WebCore::ShapeValue::createImageValue):
        * rendering/style/StyleCachedImage.h:
        * rendering/style/StyleCachedImageSet.h:
        * rendering/style/StyleGeneratedImage.h:
        * rendering/style/StylePendingImage.h:
        * rendering/style/StyleReflection.h:
        (WebCore::StyleReflection::create):

2015-05-11  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Update device picker icon when video tracks change
        https://bugs.webkit.org/show_bug.cgi?id=144889
        <rdar://problem/20907253>

        Reviewed by Brent Fulgham.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.updateHasVideo):

2015-05-11  Brent Fulgham  <bfulgham@apple.com>

        Scroll snap logic should be triggered when resizing the WebView
        https://bugs.webkit.org/show_bug.cgi?id=142590
        <rdar://problem/20125088>

        Reviewed by Simon Fraser.

        Tests coming in a second patch.

        Resizing of the main frame or overflow regions was properly recalculating the scroll snap points,
        but there was no code to honor these values when window resizing was occurring. The correction was
        handled in two ways:
        1. Scrolling thread operations that moved to new snap points needed to notify the main thread that
           it had shifted to a new snap point, so that the resize code (which happens on the main thread)
           could ensure that we stayed clamped to the correct 'tile' in the snap region.
        2. Main thread (overflow) resizes were likewise missing code to honor the current snap position
           after resizing calculations were complete.

        This change also required the addition of two indices to the scrollable area to track which scroll
        snap point was currently being used. We don't bother with a 'none' case because you cannot have a
        'none' state when you have an active set of scroll snap points, and we do not execute this code
        if the scroll snap points are null.

        The FrameView code was computing updated snap offsets after it had dispatched frame view layout
        information to the scrolling thread, which was wrong. This was also corrected.

        I think it might be possible to track all of this state inside the ScrollController, but the current
        scroll snap architecture destroys and recreates the state each time a new set of interactions starts.
        This should be fixed in the future, which would allow us to remove some of this local state.

        * page/FrameView.cpp:
        (WebCore::FrameView::performPostLayoutTasks): Make sure 'updateSnapOffsets' is called prior to
        calling 'frameViewLayoutUpdated' so the scrolling thread gets correct updated points. Add a new
        call to 'scrollToNearestActiveSnapPoint', which will keep us on our current snap point during
        resize (if appropriate).
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::updateScrollSnapOffsetIndices): Added. This finds and notifies
        the correct scroll region when a new snap position (index) has been selected by user interaction on
        the scrolling thread.
        (WebCore::AsyncScrollingCoordinator::deferTestsForReason): Added an assertion for 'isMainThread'.
        (WebCore::AsyncScrollingCoordinator::removeTestDeferralForReason): Ditto.
        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/AxisScrollSnapOffsets.h:
        (WebCore::closestSnapOffset): Modified to also return the selected snap point index so we can track
        it to handle resize operations.
        * page/scrolling/ScrollingTree.h:
        (WebCore::ScrollingTree::updateScrollSnapOffsetIndices):
        * page/scrolling/ThreadedScrollingTree.cpp:
        (WebCore::ThreadedScrollingTree::updateScrollSnapOffsetIndices): Added method to dispatch the active
        horizontal and vertical scroll snap indices back to the main thread.
        * page/scrolling/ThreadedScrollingTree.h:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::handleWheelEvent): After the scroll controller processes
        the current event, notify the main thread of any change in the active scroll snap index.
        * platform/ScrollAnimator.cpp:
        (WebCore::ScrollAnimator::activeScrollSnapOffsetIndexDidChange): Added method to allow ScrollAnimator
        clients to find out about the current scroll snap state, which is only known by the ScrollController.
        (WebCore::ScrollAnimator::activeScrollSnapOffsetIndexForAxis): Ditto.
        * platform/ScrollAnimator.h:
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::scrollToNearestActiveSnapPoint): Added method that allows us to set scroll position
        to one of our active scroll snap offsets.
        * platform/ScrollView.h:
        * platform/ScrollableArea.cpp:
        (WebCore::ScrollableArea::handleWheelEvent): If the active scroll snap offset has changed, make sure we
        keep track of the new values for potential resize operations.
        (WebCore::ScrollableArea::clearHorizontalSnapOffsets): Make sure to also clear out the current snap index.
        (WebCore::ScrollableArea::clearVerticalSnapOffsets): Ditto.
        (WebCore::ScrollableArea::nearestActiveSnapPoint): New method that returns an updated IntPoint reflecting
        the proper scroll position based on the active scroll snap offset.
        * platform/ScrollableArea.h:
        (WebCore::ScrollableArea::currentHorizontalSnapPointIndex): Added.
        (WebCore::ScrollableArea::setCurrentHorizontalSnapPointIndex): Added.
        (WebCore::ScrollableArea::currentVerticalSnapPointIndex): Added.
        (WebCore::ScrollableArea::setCurrentVerticalSnapPointIndex): Added.
        (WebCore::ScrollableArea::scrollToNearestActiveSnapPoint): Added.
        * platform/cocoa/ScrollController.h:
        (WebCore::ScrollControllerClient::activeScrollOffsetIndex): Added new method for clients to implement.
        (WebCore::ScrollController::activeScrollSnapOffsetIndexDidChange): Added.
        (WebCore::ScrollController::setScrollSnapOffsetIndexDidChange): Added.
        * platform/cocoa/ScrollController.mm:
        (WebCore::ScrollController::activeScrollSnapOffsetIndexForAxis): Helper method to return current active
        index (if applicable).
        (WebCore::ScrollController::setActiveScrollSnapOffsetIndexForAxis): Helper function to safely set
        the current active index.
        (WebCore::ScrollController::beginScrollSnapAnimation): Updated to keep track of the new active scroll snap
        index, as well as whether the current animation actually changed the active snap point offset.
        * platform/cocoa/ScrollSnapAnimatorState.h: Revise to use modern C++ initializers, and to track a new index
        that represents the current scroll snap offset.
        * platform/cocoa/ScrollSnapAnimatorState.mm:
        (WebCore::ScrollSnapAnimatorState::ScrollSnapAnimatorState): Update for modern C++ syntax.
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::scrollToNearestActiveSnapPoint): New method to set scroll position to be one of our
        active scroll snap points.
        (WebCore::RenderLayer::updateScrollInfoAfterLayout): Add a new call to 'scrollToNearestActiveSnapPoint' so that
        we stay on the current scroll snap offset during resizing.
        * rendering/RenderLayer.h:

2015-05-11  Myles C. Maxfield  <mmaxfield@apple.com>

        Addressing post-review comments after r184037.

        Unreviewed.

        No new tests because there is no behavior change.

        * rendering/SimpleLineLayoutTextFragmentIterator.cpp:
        (WebCore::SimpleLineLayout::TextFragmentIterator::runWidth):

2015-05-11  Brent Fulgham  <bfulgham@apple.com>

        [Win] Move Windows build target to Windows 7 (or newer)
        https://bugs.webkit.org/show_bug.cgi?id=144890
        <rdar://problem/20707307>

        Reviewed by Anders Carlsson.

        Update linked SDK and minimal Windows level to be compatible with
        Windows 7 or newer.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCoreGenerated.vcxproj:
        * WebCore.vcxproj/WebCoreTestSupport.vcxproj:
        * WebCorePrefix.h:
        * config.h:
        * testing/js/WebCoreTestSupportPrefix.h:

2015-05-11  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] Always include rows in the tree of accessible tables
        https://bugs.webkit.org/show_bug.cgi?id=144885

        Reviewed by Chris Fleizach.

        Remove the code that excluded rows from the tree of accessible tables for
        Gtk and Efl, the latter of which inherited the exclusion from the former.

        No new tests. We already have several tests which cover table hierarchy.
        The associated expectations have been updated as part of this fix.

        * accessibility/AccessibilityTable.cpp:
        (WebCore::AccessibilityTable::addChildrenFromSection):
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (webkitAccessibleGetParent):

2015-05-11  Matt Baker  <mattbaker@apple.com>

        Web Inspector: REGRESSION (r175203): No profile information is shown in Inspector
        https://bugs.webkit.org/show_bug.cgi?id=144808

        Reviewed by Darin Adler.

        Profiles started from the console should always use the Inspector environment's shared stopwatch.

        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::startFromConsole):

2015-05-11  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Support domain-specific rules and exceptions.
        https://bugs.webkit.org/show_bug.cgi?id=144833

        Reviewed by Darin Adler.

        Test: http/tests/contentextensions/domain-rules.html
        (And lots of API tests)

        This patch adds if-domain and unless-domain to the trigger in the JSON format.
        if-domain makes the rule apply only to domains in the list.
        unless-domain makes the rule apply to domains that are not in the list.
        
        All rules without if-domain or unless-domain are compiled into a set of DFAs.  This behavior is unchanged.
        All rules with if-domain or unless-domain are compiled into a separate set of DFAs.
        The domains are also compiled into another set of DFAs.  This makes 3 arrays of DFA bytecode instead of 1.
        
        If there are no domain specific rules, there is no change in behavior.
        If there are domain specific rules, the URL will be checked for matches in both
        filtersWithoutDomainsBytecode and filtersWithDomainsBytecode.  If there are matches from 
        filtersWithDomainsBytecode then the domain of the main document will be checked with 
        domainFiltersBytecode to see which of the matches applies to this domain.

        * contentextensions/CombinedURLFilters.cpp:
        (WebCore::ContentExtensions::CombinedURLFilters::isEmpty):
        (WebCore::ContentExtensions::CombinedURLFilters::addDomain):
        * contentextensions/CombinedURLFilters.h:
        Added addDomain, which adds characters from a domain to the prefix tree directly without using YARR.
        * contentextensions/CompiledContentExtension.cpp:
        (WebCore::ContentExtensions::CompiledContentExtension::globalDisplayNoneSelectors):
        * contentextensions/CompiledContentExtension.h:
        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::serializeActions):
        (WebCore::ContentExtensions::compileRuleList):
        Separate the rules into rules with domains and rules without domains and compile to bytecode.
        * contentextensions/ContentExtensionCompiler.h:
        Updated compiler interface to reflect the slightly more complicated structure.
        * contentextensions/ContentExtensionError.cpp:
        (WebCore::ContentExtensions::contentExtensionErrorCategory):
        * contentextensions/ContentExtensionError.h:
        Added new parsing errors.
        * contentextensions/ContentExtensionParser.cpp:
        (WebCore::ContentExtensions::getDomainList):
        (WebCore::ContentExtensions::loadTrigger):
        (WebCore::ContentExtensions::loadEncodedRules):
        * contentextensions/ContentExtensionRule.h:
        (WebCore::ContentExtensions::Trigger::operator==):
        Parse the new domain structures from JSON into the Trigger structure.
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
        Interpret as much bytecode as necessary to determine which rules apply to this URL and domain.
        * contentextensions/DFABytecode.h:
        (WebCore::ContentExtensions::instructionSizeWithArguments):
        * contentextensions/DFABytecodeCompiler.cpp:
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitAppendAction):
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitTestFlagsAndAppendAction):
        (WebCore::ContentExtensions::DFABytecodeCompiler::compileNode):
        * contentextensions/DFABytecodeCompiler.h:
        * contentextensions/DFABytecodeInterpreter.cpp:
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretAppendAction):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretTestFlagsAndAppendAction):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::actionsFromDFARoot):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
        * contentextensions/DFABytecodeInterpreter.h:
        * loader/ResourceLoadInfo.h:
        Keep track of which actions have an if-domain trigger.  If an action is in the 
        filtersWithDomainsBytecode, then it either has an if-domain or an unless-domain in its trigger.
        This requires additional information in the bytecode, so there are two new bytecode types.

2015-05-11  Yoav Weiss  <yoav@yoav.ws>

        Add srcset, sizes and picture to the features json
        https://bugs.webkit.org/show_bug.cgi?id=144862

        Reviewed by Benjamin Poulain.

        Add the srcset w descriptor and sizes attribute as a new feature in the JSON file,
        as well as adding the picture element and srcset's x descriptor as seperate features.

        No new tests, since no new functionality added.

        * features.json:

2015-05-11  Chris Dumez  <cdumez@apple.com>

        Fix checkingLogicalHeight initialization in Document::updateLayoutIfDimensionsOutOfDate()
        https://bugs.webkit.org/show_bug.cgi?id=144873

        Reviewed by Simon Fraser.

        Fix checkingLogicalHeight initialization in Document::updateLayoutIfDimensionsOutOfDate().
        checkingLogicalHeight should only be initialized to true when
        "dimensionsCheck & WidthDimensionsCheck" if isVertical is true.

        * dom/Document.cpp:
        (WebCore::Document::updateLayoutIfDimensionsOutOfDate):

2015-05-11  Daniel Bates  <dabates@apple.com>

        [iOS] Close all open databases in expiration handler of process assertion
        https://bugs.webkit.org/show_bug.cgi?id=144661
        <rdar://problem/20845052>

        Reviewed by Darin Adler.

        Expose functionality in WebCore to close all open databases. Closing a SQLite database
        will interrupt any in-progress database transactions.

        * Modules/webdatabase/AbstractDatabaseServer.h:
        * Modules/webdatabase/DatabaseManager.cpp:
        (WebCore::DatabaseManager::closeAllDatabases): Added; turns around and calls DatabaseServer::closeAllDatabases().
        * Modules/webdatabase/DatabaseManager.h: Export DatabaseManager::closeAllDatabases() so that
        we can call in from WebKit2.
        * Modules/webdatabase/DatabaseServer.cpp:
        (WebCore::DatabaseServer::closeAllDatabases): Added; turns around and calls DatabaseTracker::closeAllDatabases().
        * Modules/webdatabase/DatabaseServer.h:
        * Modules/webdatabase/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::closeAllDatabases): Added; closes all open databases.
        * Modules/webdatabase/DatabaseTracker.h: Export DatabaseTracker::closeAllDatabases() so that
        we can call in from Legacy WebKit.

2015-05-11  Antti Koivisto  <antti@apple.com>

        WebContent crash under com.apple.WebCore: WebCore::WebKitCSSResourceValue::isCSSValueNone const + 6
        https://bugs.webkit.org/show_bug.cgi?id=144870
        rdar://problem/20727702

        Reviewed by Simon Fraser.

        No repro but we are seeing null pointer crashes like this:

        Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
        0   com.apple.WebCore   0x00007fff92da5706 WebCore::WebKitCSSResourceValue::isCSSValueNone() const + 6
        1   com.apple.WebCore   0x00007fff93382b48 WebCore::MaskImageOperation::isCSSValueNone() const + 24
        2   com.apple.WebCore   0x00007fff92e0475e WebCore::FillLayer::hasNonEmptyMaskImage() const + 30

        * platform/graphics/MaskImageOperation.cpp:
        (WebCore::MaskImageOperation::MaskImageOperation):
        (WebCore::MaskImageOperation::isCSSValueNone):

            This would crash like this if both m_styleImage and m_cssMaskImageValue are null.
            There are no obvious guarantees that this doesn't happen. Two of the constructor variants allow it
            and there is setImage which may turn m_styleImage null later too.

            Fix by making null m_cssMaskImageValue always signify CSSValueNone.

        (WebCore::MaskImageOperation::cssValue):

2015-05-11  Chris Fleizach  <cfleizach@apple.com>

        AX: Crash at WebCore::AccessibilityMenuList::addChildren()
        https://bugs.webkit.org/show_bug.cgi?id=144860

        Reviewed by Mario Sanchez Prada.

        There were some unsafe pointer accesses in AccessibilityMenuList code that needed to be cleaned up.

        Test: accessibility/menu-list-crash2.html

        * accessibility/AccessibilityMenuList.cpp:
        (WebCore::AccessibilityMenuList::addChildren):

2015-05-11  Przemyslaw Szymanski  <p.szymanski3@samsung.com>

        [WebGL] Unnecessary condition check in the while loop
        https://bugs.webkit.org/show_bug.cgi?id=125001

        Reviewed by Csaba Osztrogonác.

        While loop in this case needs to be optimized a little.
        For now a conditional statement in while will execute two
        times at begin. do-while loop avoids to check first statement.

        No new tests. No behaviour changed.

        * html/canvas/WebGLFramebuffer.cpp:
        (WebCore::WebGLFramebuffer::removeAttachmentFromBoundFramebuffer):

2015-05-11  Joonghun Park  <jh718.park@samsung.com>

        [GTK] Reorder Performance class's member initialization sequence
        https://bugs.webkit.org/show_bug.cgi?id=144858

        Reviewed by Csaba Osztrogonác.

        No new tests, no new behaviors.

        * page/Performance.cpp:
        (WebCore::Performance::Performance):

2015-05-11  Zan Dobersek  <zdobersek@igalia.com>

        Reduce TransformationMatrix copies in WebKitCSSMatrix operations
        https://bugs.webkit.org/show_bug.cgi?id=144795

        Reviewed by Darin Adler.

        Instead of copying the TransformationMatrix member, performing
        the operation on it and then copying it again when creating
        the new WebKitCSSMatrix object, copy it just once by first
        creating the new WebKitCSSMatrix object and then performing
        the operation on that object's TransformationMatrix directly.

        * css/WebKitCSSMatrix.cpp:
        (WebCore::WebKitCSSMatrix::multiply):
        (WebCore::WebKitCSSMatrix::translate):
        (WebCore::WebKitCSSMatrix::scale):
        (WebCore::WebKitCSSMatrix::rotate):
        (WebCore::WebKitCSSMatrix::rotateAxisAngle):
        (WebCore::WebKitCSSMatrix::skewX):
        (WebCore::WebKitCSSMatrix::skewY):

2015-05-11  Zan Dobersek  <zdobersek@igalia.com>

        Add missing vtable override specifiers under Source/WebCore/loader, Source/WebCore/xml
        https://bugs.webkit.org/show_bug.cgi?id=144793

        Reviewed by Darin Adler.

        Update virtual method overrides under Source/WebCore/loader
        and Source/WebCore/dom which are missing the override specifier.

        * loader/DocumentThreadableLoader.h:
        (WebCore::DocumentThreadableLoader::refThreadableLoader):
        (WebCore::DocumentThreadableLoader::derefThreadableLoader):
        * loader/cache/CachedRawResource.h:
        * xml/parser/XMLDocumentParser.h:

2015-05-11  Zan Dobersek  <zdobersek@igalia.com>

        Add missing vtable override specifiers under Source/WebCore/accessibility, Source/WebCore/dom
        https://bugs.webkit.org/show_bug.cgi?id=144792

        Reviewed by Darin Adler.

        Update virtual method overrides under Source/WebCore/accessibility
        and Source/WebCore/dom which are missing the override specifier.

        * accessibility/AccessibilityMockObject.h:
        (WebCore::AccessibilityMockObject::isDetachedFromParent): Deleted.
        * accessibility/AccessibilityRenderObject.h:
        * dom/DecodedDataDocumentParser.h:
        * dom/TouchEvent.h:

2015-05-10  Zan Dobersek  <zdobersek@igalia.com>

        Have MediaStream::getAudioTracks(), MediaStream::getVideoTracks() return const references
        https://bugs.webkit.org/show_bug.cgi?id=144794

        Reviewed by Philippe Normand.

        * Modules/mediastream/MediaStream.h: getAudioTracks() and getVideoTracks()
        should return a const reference to the member variables, instead of
        copying the objects on every call.

2015-05-10  Gyuyoung Kim  <gyuyoung.kim@webkit.org>

        Use Ref instead of PassRefPtr in WebCore/page
        https://bugs.webkit.org/show_bug.cgi?id=144841

        Reviewed by Darin Adler.

        To kill PassRefPtr, this patch replaces PassRefPtr with Ref or RefPtr
        in WebCore/page.

        No new tests, no behavior changes.

        * page/DebugPageOverlays.cpp:
        * page/EventSource.cpp:
        (WebCore::EventSource::create):
        * page/EventSource.h:
        * page/History.h:
        (WebCore::History::create):
        * page/Location.h:
        (WebCore::Location::create):
        * page/MainFrame.cpp:
        (WebCore::MainFrame::create):
        * page/MainFrame.h:
        * page/Navigator.h:
        (WebCore::Navigator::create):
        * page/PageOverlay.cpp:
        (WebCore::PageOverlay::create):
        * page/PageOverlay.h:
        * page/Performance.h:
        * page/PerformanceEntryList.h:
        (WebCore::PerformanceEntryList::create):
        * page/PerformanceMark.h:
        (WebCore::PerformanceMark::create):
        * page/PerformanceMeasure.h:
        (WebCore::PerformanceMeasure::create):
        * page/PerformanceNavigation.h:
        (WebCore::PerformanceNavigation::create):
        * page/PerformanceResourceTiming.h:
        (WebCore::PerformanceResourceTiming::create):
        * page/PerformanceTiming.h:
        (WebCore::PerformanceTiming::create):
        * page/PerformanceUserTiming.h:
        (WebCore::UserTiming::create):
        * page/Screen.h:
        * page/Settings.cpp:
        (WebCore::Settings::create):
        * page/Settings.h:
        * page/TextIndicator.cpp:
        (WebCore::TextIndicator::create):
        * page/TextIndicator.h:
        * page/UserContentController.cpp:
        (WebCore::UserContentController::create):
        * page/UserContentController.h:
        * page/UserMessageHandlerDescriptor.h:
        (WebCore::UserMessageHandlerDescriptor::create):
        * page/UserMessageHandlersNamespace.h:
        * page/VisitedLinkStore.h:
        * page/WebKitNamespace.h:
        (WebCore::WebKitNamespace::create):
        * page/WebKitPoint.h:
        (WebCore::WebKitPoint::create):
        * page/WorkerNavigator.h:
        (WebCore::WorkerNavigator::create):
        * page/animation/ImplicitAnimation.h:
        (WebCore::ImplicitAnimation::create):
        * page/animation/KeyframeAnimation.h:
        * page/mac/ServicesOverlayController.h:
        * page/mac/ServicesOverlayController.mm:
        (WebCore::ServicesOverlayController::Highlight::createForSelection):
        (WebCore::ServicesOverlayController::Highlight::createForTelephoneNumber):
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::create):
        * page/scrolling/ScrollingCoordinator.h:
        * page/scrolling/ScrollingStateFixedNode.cpp:
        (WebCore::ScrollingStateFixedNode::create):
        (WebCore::ScrollingStateFixedNode::clone):
        * page/scrolling/ScrollingStateFixedNode.h:
        * page/scrolling/ScrollingStateFrameScrollingNode.cpp:
        (WebCore::ScrollingStateFrameScrollingNode::create):
        (WebCore::ScrollingStateFrameScrollingNode::clone):
        * page/scrolling/ScrollingStateFrameScrollingNode.h:
        * page/scrolling/ScrollingStateNode.h:
        * page/scrolling/ScrollingStateOverflowScrollingNode.cpp:
        (WebCore::ScrollingStateOverflowScrollingNode::create):
        (WebCore::ScrollingStateOverflowScrollingNode::clone):
        * page/scrolling/ScrollingStateOverflowScrollingNode.h:
        * page/scrolling/ScrollingStateStickyNode.cpp:
        (WebCore::ScrollingStateStickyNode::create):
        (WebCore::ScrollingStateStickyNode::clone):
        * page/scrolling/ScrollingStateStickyNode.h:
        * page/scrolling/ios/ScrollingCoordinatorIOS.mm:
        (WebCore::ScrollingCoordinator::create):
        * page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.h:
        * page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeIOS::create):
        * page/scrolling/ios/ScrollingTreeIOS.cpp:
        (WebCore::ScrollingTreeIOS::create):
        * page/scrolling/mac/ScrollingCoordinatorMac.mm:
        (WebCore::ScrollingCoordinator::create):
        * page/scrolling/mac/ScrollingTreeFixedNode.h:
        * page/scrolling/mac/ScrollingTreeFixedNode.mm:
        (WebCore::ScrollingTreeFixedNode::create):
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::create):
        * page/scrolling/mac/ScrollingTreeMac.cpp:
        (ScrollingTreeMac::create):
        * page/scrolling/mac/ScrollingTreeMac.h:
        * page/scrolling/mac/ScrollingTreeStickyNode.h:
        * page/scrolling/mac/ScrollingTreeStickyNode.mm:
        (WebCore::ScrollingTreeStickyNode::create):

2015-05-10  Simon Fraser  <simon.fraser@apple.com>

        background-position sometimes doesn't work properly with background-attachment: fixed
        https://bugs.webkit.org/show_bug.cgi?id=103757
        rdar://problem/18749925

        Reviewed by Darin Adler.
        
        Fix sizing issues with fixed backgrounds when top content inset (blurred toolbar) is in
        effect.
        
        The primary issue was that positioningAreaSize was including the top content inset
        height, and should not have been, but there were also issues with the "fixedBackgroundPaintsInLocalCoordinates"
        code path, which kicks in when the root background is fixed.

        Tests: platform/mac-wk2/tiled-drawing/top-content-inset-fixed-attachment-cover-local.html
               platform/mac-wk2/tiled-drawing/top-content-inset-fixed-attachment-cover.html
               platform/mac-wk2/tiled-drawing/top-content-inset-fixed-attachment-local.html
               platform/mac-wk2/tiled-drawing/top-content-inset-fixed-attachment-positioned.html

        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry):

2015-05-10  Sungmann Cho  <sungmann.cho@navercorp.com>

        Get rid of the public item accessors in BackForwardClient
        https://bugs.webkit.org/show_bug.cgi?id=144827

        Reviewed by Darin Adler.

        Remove backItem(), currentItem(), and forwardItem() from BackForwardClient.
        We can still use these functionalities through BackForwardController.

        No new tests, no behavior change.

        * history/BackForwardClient.h:
        (WebCore::BackForwardClient::backItem): Deleted.
        (WebCore::BackForwardClient::currentItem): Deleted.
        (WebCore::BackForwardClient::forwardItem): Deleted.

2015-05-10  Sungmann Cho  <sungmann.cho@navercorp.com>

        Rename Length::isPercent() and Length::isPercentNotCalculated().
        https://bugs.webkit.org/show_bug.cgi?id=144791

        Reviewed by Darin Adler.

        1. Rename these methods as below for consistency and clarity.

        Length::isPercentNotCalculated() => Length::isPercent()
        Length::isPercent() => Length::isPercentOrCalculated()

        2. Simplify the condition check of length type in SVGLengthContext::valueForLength().

        "length.isPercent() && !length.isCalculated()" => "length.isPercent()"

        No new tests, no behavior change.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::valueForImageSliceSide):
        (WebCore::valueForReflection):
        (WebCore::percentageOrZoomAdjustedValue):
        (WebCore::lineHeightFromStyle):
        (WebCore::ComputedStyleExtractor::propertyValue):
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::is100Percent):
        * page/animation/AnimationBase.cpp:
        (WebCore::AnimationBase::computeTransformedExtentViaTransformList):
        * platform/Length.h:
        (WebCore::Length::percent):
        (WebCore::Length::isPercent):
        (WebCore::Length::isPercentOrCalculated):
        (WebCore::Length::isSpecified):
        (WebCore::Length::isPercentNotCalculated): Deleted.
        * platform/graphics/transforms/TranslateTransformOperation.h:
        * rendering/AutoTableLayout.cpp:
        (WebCore::AutoTableLayout::recalcColumn):
        (WebCore::AutoTableLayout::fullRecalc):
        (WebCore::shouldScaleColumns):
        (WebCore::AutoTableLayout::computeIntrinsicLogicalWidths):
        (WebCore::AutoTableLayout::calcEffectiveLogicalWidth):
        (WebCore::AutoTableLayout::layout):
        * rendering/FixedTableLayout.cpp:
        (WebCore::FixedTableLayout::calcWidthArray):
        (WebCore::FixedTableLayout::applyPreferredLogicalWidthQuirks):
        (WebCore::FixedTableLayout::layout):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::isSelfCollapsingBlock):
        (WebCore::RenderBlock::textIndentOffset):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::needsPreferredWidthsRecalculation):
        (WebCore::RenderBox::computeLogicalHeight):
        (WebCore::RenderBox::computeContentAndScrollbarLogicalHeightUsing):
        (WebCore::RenderBox::computePercentageLogicalHeight):
        (WebCore::RenderBox::computeReplacedLogicalWidthRespectingMinMaxWidth):
        (WebCore::RenderBox::computeReplacedLogicalWidthUsing):
        (WebCore::RenderBox::computeReplacedLogicalHeightUsing):
        (WebCore::RenderBox::availableLogicalHeightUsing):
        (WebCore::logicalWidthIsResolvable):
        (WebCore::RenderBox::percentageLogicalHeightIsResolvableFromBlock):
        (WebCore::RenderBox::hasUnsplittableScrollingOverflow):
        (WebCore::RenderBox::layoutOverflowRectForPropagation):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::hasAutoHeightOrContainingBlockWithAutoHeight):
        (WebCore::RenderBoxModelObject::relativePositionOffset):
        (WebCore::RenderBoxModelObject::computedCSSPadding):
        (WebCore::RenderBoxModelObject::calculateImageIntrinsicDimensions):
        (WebCore::RenderBoxModelObject::calculateFillTileSize):
        * rendering/RenderDeprecatedFlexibleBox.cpp:
        (WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):
        (WebCore::RenderDeprecatedFlexibleBox::clearLineClamp):
        * rendering/RenderElement.cpp:
        (WebCore::mustRepaintFillLayers):
        * rendering/RenderFileUploadControl.cpp:
        (WebCore::RenderFileUploadControl::computeIntrinsicLogicalWidths):
        * rendering/RenderFrameSet.cpp:
        (WebCore::RenderFrameSet::layOutAxis):
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::repaintOrMarkForLayout):
        * rendering/RenderInline.cpp:
        (WebCore::computeMargin):
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::computeIntrinsicLogicalWidths):
        * rendering/RenderMenuList.cpp:
        (RenderMenuList::computeIntrinsicLogicalWidths):
        * rendering/RenderObject.cpp:
        (WebCore::objectIsRelayoutBoundary):
        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::computePreferredLogicalWidths):
        * rendering/RenderSlider.cpp:
        (WebCore::RenderSlider::computeIntrinsicLogicalWidths):
        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::convertStyleLogicalHeightToComputedHeight):
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::layoutRows):
        * rendering/RenderTextControl.cpp:
        (WebCore::RenderTextControl::computeIntrinsicLogicalWidths):
        * rendering/RenderView.cpp:
        (WebCore::RenderView::layout):
        * rendering/RootInlineBox.cpp:
        (WebCore::RootInlineBox::verticalPositionForBox):
        * rendering/style/GridLength.h:
        (WebCore::GridLength::isPercentage):
        * rendering/style/GridTrackSize.h:
        (WebCore::GridTrackSize::isPercentage):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::computedLineHeight):
        * rendering/svg/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::hasRelativeDimensions):
        * svg/SVGLengthContext.cpp:
        (WebCore::SVGLengthContext::valueForLength):
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::hasRelativeWidth):
        (WebCore::SVGImage::hasRelativeHeight):

2015-05-10  Sungmann Cho  <sungmann.cho@navercorp.com>

        Remove unnecessary semicolons.
        https://bugs.webkit.org/show_bug.cgi?id=144844

        Reviewed by Darin Adler.

        No new tests, no behavior change.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::supportsType):
        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::readString):
        * platform/mediastream/RealtimeMediaSourceCapabilities.h:
        (WebCore::RealtimeMediaSourceCapabilities::setHasVideoSource):
        * platform/network/mac/ResourceErrorMac.mm:
        (WebCore::ResourceError::nsError):
        * rendering/RenderThemeIOS.mm:
        (WebCore::getSharedFunctionRef):

2015-05-10  Sungmann Cho  <sungmann.cho@navercorp.com>

        Remove unnecessary forward declarations in StyleProperties.h
        https://bugs.webkit.org/show_bug.cgi?id=144843

        Reviewed by Darin Adler.

        No new tests, no behavior change.        

        * css/StyleProperties.h:

2015-05-10  Darin Adler  <darin@apple.com>

        [Cocoa] Fix paths and resort WebCore project file
        https://bugs.webkit.org/show_bug.cgi?id=144838

        Reviewed by Dan Bernstein.

        * WebCore.xcodeproj/project.pbxproj: Re-sorted this file with the
        sort-Xcode-project-file script and fixed the paths in the platform/ios directory.

2015-05-10  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] Refactor ReadableStreamReader close promise callback cleaning
        https://bugs.webkit.org/show_bug.cgi?id=144799

        Reviewed by Darin Adler.

        Moved close callback cleaning to releaseStream, which is now releaseStreamAndClean.
        Moved that method to private as it is no longer needed by subclasses.

        No behavior changes.

        * Modules/streams/ReadableStreamReader.cpp:
        (WebCore::ReadableStreamReader::releaseStreamAndClean):
        (WebCore::ReadableStreamReader::changeStateToClosed):
        (WebCore::ReadableStreamReader::changeStateToErrored):
        * Modules/streams/ReadableStreamReader.h:

2015-05-10  Darin Adler  <darin@apple.com>

        [Cocoa] Don't soft link DataDetectorsCore
        https://bugs.webkit.org/show_bug.cgi?id=144837

        Reviewed by Dan Bernstein.

        Linking this in the normal way should slightly speed up the web process
        startup time. We don't need to soft link it: It's present in the
        OS X base system and there is no reference cycle with WebKit.

        * Configurations/WebCore.xcconfig: Added PrivateFrameworks to
        FRAMEWORK_SEARCH_PATHS for Mac and added DataDetectorsCore to
        OTHER_LDFLAGS_PLATFORM for Mac. We may want to do this later for iOS too.

        * WebCore.xcodeproj/project.pbxproj: Added DataDetectorsCoreSPI.h.

        * editing/mac/DataDetection.mm:
        (WebCore::DataDetection::detectItemAroundHitTestResult): Removed check to see
        if DataDetectorsCore is available.

        * page/mac/ServicesOverlayController.h: Simplified a forward declaration to
        only declare what we actually use.
        * page/mac/ServicesOverlayController.mm: Moved SOFT_LINK from here to the
        DataDetectorsSPI.h header.

        * platform/spi/cocoa/DataDetectorsCoreSPI.h: Added. This is the low level
        DataDetectorsCore framework, which has no reference cycle with WebKit, and
        which we can link to normally. Moved the content here from DataDetectorsSPI.h,
        added a USE(APPLE_INTERNAL_SDK) path that uses the system headers, and fixed
        the incorrect return type on DDScannerScanQuery, which was detected when
        using the system headers in conjunction with this file.

        * platform/spi/mac/DataDetectorsSPI.h: Removed the content of this file that
        was actually about DataDetectorsCore. Also added a USE(APPLE_INTERNAL_SDK)
        path that uses the system headers and moved a few stray DataDetectors SPI
        definitions from elsewhere into this header.

2015-05-10  Chris Fleizach  <cfleizach@apple.com>

        AX: Don't expose elements as data tables just because they use display: table
        https://bugs.webkit.org/show_bug.cgi?id=144804

        Reviewed by Mario Sanchez Prada.

        Elements will create RenderTable objects if they have display:table. We shouldn't assume these are accessibility tables.

        Test: accessibility/css-table-ignored.html

        * accessibility/AccessibilityTable.cpp:
        (WebCore::AccessibilityTable::isDataTable):

2015-05-09  Chris Dumez  <cdumez@apple.com>

        Introduce ParentNode.idl / NonDocumentTypeChildNode.idl
        https://bugs.webkit.org/show_bug.cgi?id=144825

        Reviewed by Sam Weinig.

        Introduce ParentNode.idl / NonDocumentTypeChildNode.idl as per DOM
        specification and to avoid IDL code duplication:
        - https://dom.spec.whatwg.org/#interface-parentnode
        - https://dom.spec.whatwg.org/#interface-nondocumenttypechildnode

        No Web-Exposed behavior change.

        * CMakeLists.txt:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/CharacterData.idl:
        * dom/Document.idl:
        * dom/DocumentFragment.idl:
        * dom/Element.idl:
        * dom/NonDocumentTypeChildNode.idl: Copied from Source/WebCore/dom/DocumentFragment.idl.
        * dom/ParentNode.idl: Copied from Source/WebCore/dom/DocumentFragment.idl.

2015-05-09  Chris Dumez  <cdumez@apple.com>

        Invalidate the FontCache on WebProcess suspension / critical memory pressure
        https://bugs.webkit.org/show_bug.cgi?id=144821

        Reviewed by Antti Koivisto.

        Invalidate the FontCache on WebProcess suspension / critical memory
        pressure to free a bit more memory (an extra 4-16Kb per WebProcess on
        the pages I tested). We already purge inactive font data on
        non-critical memory warning but invalidating the whole FontCache takes
        care of clearing the FontCascade cache and the fontPlatformData cache
        as well.

        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::releaseCriticalMemory):

2015-05-09  Yoav Weiss  <yoav@yoav.ws>

        Remove the PICTURE_SIZES build flag
        https://bugs.webkit.org/show_bug.cgi?id=144679

        Reviewed by Benjamin Poulain.

        Removed the PICTURE_SIZES build time flag.

        No new tests, since there's no functionality change.

        * Configurations/FeatureDefines.xcconfig:
        * css/CSSGrammar.y.in:
        * css/CSSParser.cpp:
        (WebCore::CSSParser::detectAtToken):
        * css/CSSParser.h:
        * css/SourceSizeList.cpp:
        (WebCore::parseSizesAttribute): Deleted.
        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::setBestFitURLAndDPRFromImageCandidate):
        * html/HTMLImageElement.h:
        (WebCore::HTMLImageElement::currentSrc):
        * html/HTMLImageElement.idl:
        * html/parser/HTMLPreloadScanner.cpp:
        (WebCore::TokenPreloadScanner::StartTagScanner::processAttributes):
        (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):
        * html/parser/HTMLSrcsetParser.cpp:
        (WebCore::parseDescriptors):
        (WebCore::pickBestImageCandidate):

2015-05-08  Myles C. Maxfield  <mmaxfield@apple.com>

        Remove convenience constructors for TextRun
        https://bugs.webkit.org/show_bug.cgi?id=144752

        These convenience constructors are unnecessary. Moving the code that makes the StringView
        back to the call site will also help us make things more elegant in future refactoring.

        Reviewed by Darin Adler.

        No new tests because there is no behavior change.

        * css/CSSPrimitiveValue.cpp:
        (WebCore::CSSPrimitiveValue::formatNumberForCustomCSSText): Remove ambiguous call.
        * platform/graphics/StringTruncator.cpp:
        (WebCore::stringWidth):
        * platform/graphics/TextRun.h:
        (WebCore::TextRun::TextRun):
        * platform/mac/DragImageMac.mm:
        (WebCore::widthWithFont):
        (WebCore::drawAtPoint):
        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseFor):
        * rendering/SimpleLineLayoutTextFragmentIterator.cpp:
        (WebCore::SimpleLineLayout::TextFragmentIterator::Style::Style):
        (WebCore::SimpleLineLayout::TextFragmentIterator::runWidth):
        * rendering/TextPainter.cpp:
        (WebCore::TextPainter::paintText):

2015-05-08  Sam Weinig  <sam@webkit.org>

        Element Traversal is not just Elements anymore
        https://bugs.webkit.org/show_bug.cgi?id=144822

        Reviewed by Simon Fraser.

        Match other browsers and the new DOM spec at https://dom.spec.whatwg.org by
        exposing the element traversal methods on non-Elements.

        - Makes firstElementChild, lastElementChild and childElementCount available on
          Document and DocumentFragment in addition to Element.
        - Makes nextElementSibling and previousElementSibling available on CharacterData
          in addition to Element.

        Tests: fast/dom/element-traversal-on-character-data.html
               fast/dom/element-traversal-on-document-fragment.html
               fast/dom/element-traversal-on-document.html

        * dom/CharacterData.idl:
        Expose nextElementSibling and previousElementSibling.

        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::firstElementChild):
        (WebCore::ContainerNode::lastElementChild):
        (WebCore::ContainerNode::childElementCount):
        * dom/ContainerNode.h:
        Move implementations of firstElementChild, lastElementChild and childElementCount here
        from Element to make them shareable.

        * dom/Document.idl:
        * dom/DocumentFragment.idl:
        Expose firstElementChild, lastElementChild and childElementCount.

        * dom/Element.cpp:
        (WebCore::Element::firstElementChild): Deleted.
        (WebCore::Element::lastElementChild): Deleted.
        (WebCore::Element::previousElementSibling): Deleted.
        (WebCore::Element::nextElementSibling): Deleted.
        (WebCore::Element::childElementCount): Deleted.
        * dom/Element.h:
        Move element traversal functions down to Node and ContainerNode.

        * dom/Element.idl:
        Update comments to indicate where these functions are defined now.

        * dom/Node.cpp:
        (WebCore::Node::previousElementSibling):
        (WebCore::Node::nextElementSibling):
        * dom/Node.h:
        Move implementations of nextElementSibling and previousElementSibling here
        from Element to make them shareable.

2015-05-08  Michael Catanzaro  <mcatanzaro@igalia.com>, Martin Robinson <mrobinson@igalia.com>

        [GTK] Checks for DEVELOPMENT_BUILD are all wrong
        https://bugs.webkit.org/show_bug.cgi?id=144746

        Reviewed by Carlos Garcia Campos.

        Use ENABLE(DEVELOPER_MODE) rather than DEVELOPMENT_BUILD.

        * platform/gtk/GtkUtilities.cpp:
        * platform/gtk/GtkUtilities.h:
        * platform/text/gtk/HyphenationLibHyphen.cpp:
        (WebCore::availableLocales):

2015-05-08  Alexey Proskuryakov  <ap@apple.com>

        Crashes in SocketStreamHandleBase::close
        https://bugs.webkit.org/show_bug.cgi?id=144767
        rdar://problem/20486538

        Reviewed by Brady Eidson.

        This is a speculative fix, I could not reproduce the crash.

        * Modules/websockets/WebSocketChannel.cpp: (WebCore::WebSocketChannel::processFrame):
        Normally, processOutgoingFrameQueue() closes the handle in the end when called in
        OutgoingFrameQueueClosing state. But there is no definitive protection against
        processing two CLOSE frames, in which case we'd try to close the handle twice.

        * platform/network/cf/SocketStreamHandleCFNet.cpp:
        (WebCore::SocketStreamHandle::readStreamCallback): Passing empty data to the client
        results in the socket being closed, which makes no sense here.

2015-05-08  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r183996.
        https://bugs.webkit.org/show_bug.cgi?id=144806

        ASan detected use-after free (Requested by ap on #webkit).

        Reverted changeset:

        "Remove convenience constructors for TextRun"
        https://bugs.webkit.org/show_bug.cgi?id=144752
        http://trac.webkit.org/changeset/183996

2015-05-08  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Playback target clients do not unregister on page reload
        https://bugs.webkit.org/show_bug.cgi?id=144761

        Reviewed by Brady Eidson.

        * dom/Document.cpp:
        (WebCore::Document::prepareForDestruction): Unregister all target picker clients.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::registerWithDocument): Register for page cache callback.
        (WebCore::HTMLMediaElement::unregisterWithDocument): Unregister for page cache callback.
        (WebCore::HTMLMediaElement::documentWillSuspendForPageCache): New.
        (WebCore::HTMLMediaElement::documentDidResumeFromPageCache): New.

2015-05-08  Chris Dumez  <cdumez@apple.com>

        Throttle RequestAnimationFrame in subframes that are outside the viewport
        https://bugs.webkit.org/show_bug.cgi?id=144718
        <rdar://problem/20688782>

        Reviewed by Simon Fraser.

        Throttle RequestAnimationFrame in subframes that are outside the
        viewport or have "display: none" for performance and power.

        Tests: fast/animation/request-animation-frame-throttle-subframe-display-none.html
               fast/animation/request-animation-frame-throttle-subframe.html

        * dom/Document.h:
        (WebCore::Document::scriptedAnimationController):
        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::setThrottled):
        (WebCore::ScriptedAnimationController::isThrottled):
        * dom/ScriptedAnimationController.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::open):
        Call FrameView::setFrameRect() only *after* the view has been
        set on the Frame. Otherwise, setFrameRect() ends up calling
        viewportContentsChanged() and we hit the
        ASSERT(frame().view() == this) assertion in windowClipRect()
        because the Frame still has its old FrameView. This is covered
        by loader/go-back-to-different-window-size.html layout test.

        * page/FrameView.cpp:
        (WebCore::FrameView::viewportContentsChanged):
        (WebCore::FrameView::applyRecursivelyWithVisibleRect):
        (WebCore::FrameView::resumeVisibleImageAnimations):
        (WebCore::FrameView::updateScriptedAnimationsThrottlingState):
        (WebCore::FrameView::resumeVisibleImageAnimationsIncludingSubframes):
        (WebCore::FrameView::updateThrottledDOMTimersState):
        (WebCore::FrameView::scrollPositionChanged): Deleted.
        (WebCore::FrameView::sendResizeEventIfNeeded): Deleted.
        * page/FrameView.h:
        * testing/Internals.cpp:
        (WebCore::Internals::isRequestAnimationFrameThrottled):
        (WebCore::Internals::isTimerThrottled): Deleted.
        * testing/Internals.h:
        * testing/Internals.idl:

2015-05-08  Daniel Bates  <dabates@apple.com>

        Fix the iOS Simulator external SDK build following <http://trac.webkit.org/changeset/181918>

        Remove unused iOS Simulator-variant of CARenderServerRenderLayerWithTransform(). Also guard
        IOSurfaceRef-variant of CARenderServerRenderLayerWithTransform() with USE(IOSURFACE)
        since it is only applicable on platforms that use IOSurface.

        * platform/spi/cocoa/QuartzCoreSPI.h:

2015-05-08  Myles C. Maxfield  <mmaxfield@apple.com>

        Remove convenience constructors for TextRun
        https://bugs.webkit.org/show_bug.cgi?id=144752

        These convenience constructors are unnecessary. Moving the code that makes the StringView
        back to the call site will also help us make things more elegant in future refactoring.

        Reviewed by Darin Adler.

        No new tests because there is no behavior change.

        * css/CSSPrimitiveValue.cpp:
        (WebCore::CSSPrimitiveValue::formatNumberForCustomCSSText): Remove ambiguous call.
        * platform/graphics/StringTruncator.cpp:
        (WebCore::stringWidth):
        * platform/graphics/TextRun.h:
        (WebCore::TextRun::TextRun):
        * platform/mac/DragImageMac.mm:
        (WebCore::widthWithFont):
        (WebCore::drawAtPoint):
        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseFor):
        * rendering/SimpleLineLayoutTextFragmentIterator.cpp:
        (WebCore::SimpleLineLayout::TextFragmentIterator::Style::Style):
        (WebCore::SimpleLineLayout::TextFragmentIterator::runWidth):
        * rendering/TextPainter.cpp:
        (WebCore::TextPainter::paintText):

2015-05-08  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] ReadableStream constructor start function should be able to error the stream
        https://bugs.webkit.org/show_bug.cgi?id=141162

        Reviewed by Darin Adler.

        This patch implements the functionality of the ReadableStreamController error function.
        It basically changes the state of the stream to errored, resolves the ready promise and rejects the closed promise.
        Adding support to reject promise with any JSValue.

        Support for storing the error is added to both reader and stream.

        Test: streams/readable-stream-controller-error.html and rebased tests

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::changeStateToErrored):
        * Modules/streams/ReadableStream.h:
        * Modules/streams/ReadableStreamReader.cpp:
        (WebCore::ReadableStreamReader::initialize):
        (WebCore::ReadableStreamReader::closed):
        (WebCore::ReadableStreamReader::changeStateToClosed):
        (WebCore::ReadableStreamReader::changeStateToErrored):
        * Modules/streams/ReadableStreamReader.h:
        * bindings/js/JSDOMPromise.h:
        (WebCore::DeferredWrapper::reject):
        * bindings/js/JSReadableStreamControllerCustom.cpp:
        (WebCore::JSReadableStreamController::error):
        * bindings/js/JSReadableStreamReaderCustom.cpp:
        (WebCore::JSReadableStreamReader::closed):
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::createReader):
        (WebCore::ReadableJSStream::storeError):
        (WebCore::ReadableJSStream::Reader::storeError):
        (WebCore::ReadableJSStream::jsController): Deleted.
        * bindings/js/ReadableJSStream.h:

2015-05-08  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r183985.
        https://bugs.webkit.org/show_bug.cgi?id=144796

        broke loader/go-back-to-different-window-size.html (Requested
        by kling on #webkit).

        Reverted changeset:

        "Throttle RequestAnimationFrame in subframes that are outside
        the viewport"
        https://bugs.webkit.org/show_bug.cgi?id=144718
        http://trac.webkit.org/changeset/183985

2015-05-08  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        SharedBuffer::m_size should be initialized to 0 when defining it
        https://bugs.webkit.org/show_bug.cgi?id=144740

        Reviewed by Darin Adler.

        Setting m_size to 0 when declaring it and updating constructor definitions.

        No change in behaviour.

        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::SharedBuffer):
        * platform/SharedBuffer.h:
        * platform/cf/SharedBufferCF.cpp:
        (WebCore::SharedBuffer::SharedBuffer):
        * platform/soup/SharedBufferSoup.cpp:
        (WebCore::SharedBuffer::SharedBuffer):

2015-05-08  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r183945.
        https://bugs.webkit.org/show_bug.cgi?id=144789

        "It broke all the GTK+ tests" (Requested by KaL on #webkit).

        Reverted changeset:

        "[GTK] Checks for DEVELOPMENT_BUILD are all wrong"
        https://bugs.webkit.org/show_bug.cgi?id=144746
        http://trac.webkit.org/changeset/183945

2015-05-07  Chris Dumez  <cdumez@apple.com>

        Throttle RequestAnimationFrame in subframes that are outside the viewport
        https://bugs.webkit.org/show_bug.cgi?id=144718
        <rdar://problem/20688782>

        Reviewed by Simon Fraser.

        Throttle RequestAnimationFrame in subframes that are outside the
        viewport or have "display: none" for performance and power.

        Tests: fast/animation/request-animation-frame-throttle-subframe-display-none.html
               fast/animation/request-animation-frame-throttle-subframe.html

        * dom/Document.h:
        (WebCore::Document::scriptedAnimationController):
        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::setThrottled):
        (WebCore::ScriptedAnimationController::isThrottled):
        * dom/ScriptedAnimationController.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::viewportContentsChanged):
        (WebCore::FrameView::applyRecursivelyWithVisibleRect):
        (WebCore::FrameView::resumeVisibleImageAnimations):
        (WebCore::FrameView::updateScriptedAnimationsThrottlingState):
        (WebCore::FrameView::resumeVisibleImageAnimationsIncludingSubframes):
        (WebCore::FrameView::updateThrottledDOMTimersState):
        (WebCore::FrameView::scrollPositionChanged): Deleted.
        (WebCore::FrameView::sendResizeEventIfNeeded): Deleted.
        * page/FrameView.h:
        * testing/Internals.cpp:
        (WebCore::Internals::isRequestAnimationFrameThrottled):
        (WebCore::Internals::isTimerThrottled): Deleted.
        * testing/Internals.h:
        * testing/Internals.idl:

2015-05-07  Yoav Weiss  <yoav@yoav.ws>

        Calculate source-size length as a float
        https://bugs.webkit.org/show_bug.cgi?id=144766

        Reviewed by Dean Jackson.

        Make sure that the source-size length is calculated as a float,
        to align with the spec.

        Test: fast/dom/HTMLImageElement/sizes/image-sizes-1x.html
              fast/dom/HTMLImageElement/sizes/image-sizes-2x.html

        * css/SourceSizeList.cpp:
        (WebCore::parseSizesAttribute):
        (WebCore::defaultLength):
        (WebCore::computeLength):
        * css/SourceSizeList.h:
        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::parseAttribute):
        * html/parser/HTMLPreloadScanner.cpp:
        (WebCore::TokenPreloadScanner::StartTagScanner::processAttributes):
        * html/parser/HTMLSrcsetParser.cpp:
        (WebCore::pickBestImageCandidate):
        (WebCore::bestFitSourceForImageAttributes):
        * html/parser/HTMLSrcsetParser.h:

2015-05-07  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r183895.
        https://bugs.webkit.org/show_bug.cgi?id=144786

        Many tests became flaky (Requested by ap on #webkit).

        Reverted changeset:

        "Expose more font weights for -apple-system"
        https://bugs.webkit.org/show_bug.cgi?id=144707
        http://trac.webkit.org/changeset/183895

2015-05-07  Hyungwook Lee  <hyungwook.lee@navercorp.com>

        Add first-letter assert exception in RenderButton::setupInnerStyle().
        https://bugs.webkit.org/show_bug.cgi?id=140517OB

        Reviewed by Darin Adler.

        StyleResolver references inner block's render style temporary in
        RenderBlock::styleDidChange() when we have first-letter css pseudo
        element.

        * rendering/RenderButton.cpp:
        (WebCore::RenderButton::setupInnerStyle):

2015-05-07  Chris Dumez  <cdumez@apple.com>

        Unreviewed, fix build after r183970.

        WEBCORE_EXPORT should not be used on inlined functions.

        * platform/graphics/ca/GraphicsLayerCA.h:

2015-05-07  Anders Carlsson  <andersca@apple.com>

        Build fixes.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper doAXRTFForRange:]):
        * editing/cocoa/HTMLConverter.mm:
        (HTMLConverter::_addMarkersToList):
        * platform/mac/PasteboardMac.mm:
        (WebCore::writeFileWrapperAsRTFDAttachment):
        * platform/mac/PlatformPasteboardMac.mm:
        (WebCore::PlatformPasteboard::setTypes):
        Pass empty arrays and dictionaries instead of nil.

        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::paintSliderThumb):
        Pass the document view to the AppKit paint method.

2015-05-07  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Purge PassRefPtr in WebCore/html - 3
        https://bugs.webkit.org/show_bug.cgi?id=144686

        Reviewed by Andreas Kling.

        Replace PassRefPtr with Ref in create() factory functions, because
        it doesn't have to change to be null.

        No new tests, no behavior changes.

        * html/FTPDirectoryDocument.h:
        * html/HTMLDetailsElement.cpp:
        (WebCore::DetailsContentElement::create):
        * html/HTMLKeygenElement.cpp:
        * html/HTMLSummaryElement.cpp:
        (WebCore::SummaryContentElement::create):
        * html/TimeRanges.cpp:
        (WebCore::TimeRanges::create):
        * html/shadow/SliderThumbElement.cpp:
        (WebCore::SliderContainerElement::create):
        * html/shadow/SliderThumbElement.h:
        (WebCore::SliderThumbElement::create):
        * html/shadow/SpinButtonElement.cpp:
        (WebCore::SpinButtonElement::create):
        * html/shadow/SpinButtonElement.h:
        * html/shadow/TextControlInnerElements.cpp:
        (WebCore::TextControlInnerContainer::create):
        (WebCore::TextControlInnerElement::create):
        (WebCore::TextControlInnerTextElement::create):
        (WebCore::SearchFieldResultsButtonElement::create):
        (WebCore::SearchFieldCancelButtonElement::create):
        * html/shadow/TextControlInnerElements.h:
        * html/shadow/YouTubeEmbedShadowElement.cpp:
        (WebCore::YouTubeEmbedShadowElement::create):
        * html/track/InbandDataTextTrack.cpp:
        (WebCore::InbandDataTextTrack::create):
        * html/track/InbandDataTextTrack.h:
        * html/track/InbandGenericTextTrack.cpp:
        (WebCore::InbandGenericTextTrack::create):
        * html/track/InbandGenericTextTrack.h:
        * html/track/InbandWebVTTTextTrack.cpp:
        (WebCore::InbandWebVTTTextTrack::create):
        * html/track/InbandWebVTTTextTrack.h:
        * html/track/LoadableTextTrack.h:
        * html/track/TextTrack.h:
        (WebCore::TextTrack::create):
        * html/track/TextTrackCueGeneric.cpp:
        * html/track/TextTrackCueGeneric.h:
        * html/track/TextTrackList.h:
        * html/track/VTTRegionList.h:
        (WebCore::VTTRegionList::create):

2015-05-07  Dean Jackson  <dino@apple.com>

        [iOS] MediaControls: disappear while scrubbing
        https://bugs.webkit.org/show_bug.cgi?id=144777
        <rdar://problem/20065572>

        Reviewed by Eric Carlson.

        If we are scrubbing we shouldn't hide the controls.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.hideControls): Return early if we are scrubbing.
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype): Add initial value for _potentiallyScrubbing and
        rename from non-underscored value throughout the file.
        (ControllerIOS.prototype.handleTimelineTouchEnd): When we finish scrubbing, reset
        the timer to hide the controls.

2015-05-07  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r183300): Fixed elements flash when scrolling
        https://bugs.webkit.org/show_bug.cgi?id=144778
        rdar://problem/20769741

        Reviewed by Dean Jackson.

        After r183300 we can detached layer backing store when outside the coverage region.
        However, position:fixed layers are moved around by the ScrollingCoordinator behind
        GraphicsLayer's back, so we can do layer flushes with stale information about layer
        geometry.
        
        To avoid dropping backing store for layers in this situation, prevent backing
        store detachment on layers registered with the ScrollingCoordinator as viewport-constrained
        layers. Preventing detachment on a layer also prevents detachment on all descendant
        layers.

        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::setAllowsBackingStoreDetachment):
        (WebCore::GraphicsLayer::allowsBackingStoreDetachment):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::GraphicsLayerCA):
        (WebCore::GraphicsLayerCA::setVisibleAndCoverageRects): Set m_intersectsCoverageRect to true
        if backing store detachment is prevented.
        (WebCore::GraphicsLayerCA::recursiveCommitChanges): Set a bit in the CommitState to 
        communicate to descendants that detachment is prevented.
        * platform/graphics/ca/GraphicsLayerCA.h:
        (WebCore::GraphicsLayerCA::CommitState::CommitState): Deleted.
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::setIsScrollCoordinatedWithViewportConstrainedRole):
        * rendering/RenderLayerBacking.h:
        (WebCore::RenderLayerBacking::setScrollingNodeIDForRole): If registering with a non-zero
        nodeID for the ViewportConstrained role, turn off backing store detachment.

2015-05-07  Sam Weinig  <sam@webkit.org>

        Consider implementing Document.scrollingElement
        <rdar://problem/20845213>
        https://bugs.webkit.org/show_bug.cgi?id=143609

        Reviewed by Simon Fraser.

        Add the non-compliant implementation of Document.scrollingElement that the spec,
        found at http://dev.w3.org/csswg/cssom-view/#dom-document-scrollingelement, 
        says we should have while we have non-compliant implementations of Element.scrollTop
        and Element.scrollLeft (fixing that is tracked by https://bugs.webkit.org/show_bug.cgi?id=106133).

        Tests: fast/dom/Document/scrollingElement-quirks-mode.html
               fast/dom/Document/scrollingElement-standards-mode.html

        * dom/Document.cpp:
        (WebCore::Document::scrollingElement):
        * dom/Document.h:
        * dom/Document.idl:

2015-05-07  Dean Jackson  <dino@apple.com>

        [iOS] While scrubbing and holding down, video continues to play
        https://bugs.webkit.org/show_bug.cgi?id=144776
        <rdar://problem/20863757>

        Reviewed by Simon Fraser.

        When we are scrubbing a video, we should pause playback. As we
        let go of the scrubber playback can resume (but only if it was
        playing originally).

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.createControls): Listen for touchstart on the scrubber.
        (ControllerIOS.prototype.handleTimelineInput): Call the prototype, but pause if necessary.
        (ControllerIOS.prototype.handleTimelineChange): Just moved this to be with the other timeline functions.
        (ControllerIOS.prototype.handleTimelineTouchStart): Add the listeners for end and cancel. Remember that we are
        potentially about to scrub.
        (ControllerIOS.prototype.handleTimelineTouchEnd): Remove the listeners.

2015-05-07  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Applying a filter on an SVG element, which is larger than 4096 pixels, causes this element to be rendered shifted to the left
        https://bugs.webkit.org/show_bug.cgi?id=144335

        Reviewed by Daniel Bates.

        Address comments raised by Darin Adler in review.

        * platform/graphics/ImageBuffer.cpp:
        (WebCore::ImageBuffer::sizeNeedsClamping):
        (WebCore::ImageBuffer::clampedSize):
        (WebCore::ImageBuffer::isSizeClamped): Deleted.
        * platform/graphics/ImageBuffer.h:
        The condition for the negative width/height in isSizeClamped() was wrong. Use
        FloatSize::isEmpty() instead and rename the function to sizeNeedsClamping().
        The new function should return the opposite of the old function return value.
        
        * platform/graphics/filters/FilterEffect.cpp:
        (WebCore::FilterEffect::apply):
        (WebCore::FilterEffect::asUnmultipliedImage):
        (WebCore::FilterEffect::asPremultipliedImage):
        (WebCore::FilterEffect::copyUnmultipliedImage):
        (WebCore::FilterEffect::copyPremultipliedImage):
        (WebCore::FilterEffect::createUnmultipliedImageResult):
        (WebCore::FilterEffect::createPremultipliedImageResult):
        * rendering/FilterEffectRenderer.cpp:
        (WebCore::FilterEffectRenderer::updateBackingStoreRect):
        (WebCore::FilterEffectRendererHelper::beginFilterEffect):
        * rendering/svg/RenderSVGResourceFilter.cpp:
        (WebCore::RenderSVGResourceFilter::applyResource):
        Call the new function and negate the condition for the return value.

2015-05-07  Anders Carlsson  <andersca@apple.com>

        Build fix.

        * editing/mac/EditorMac.mm:
        (WebCore::dataInRTFDFormat):
        (WebCore::dataInRTFFormat):

2015-05-07  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Applying a filter on an SVG element, which is larger than 4096 pixels, causes this element to be rendered shifted to the left
        https://bugs.webkit.org/show_bug.cgi?id=144335

        Reviewed by Darin Adler.

        When the SVG element is larger than 4096x4096 pixels and it has a filter,
        a clipper or a masker, the ImageBuffer which is created for drawing the
        sourceGraphicBuffer has to be clamped to this size. The reason for this
        clamping is the FilterEffect simply ignores processing any ImageBuffer
        larger than this size.
        
        The bug was happening because we did not propagate the clamping logic to
        the FilterEffect. The FilterEffect result ImageBuffer was not clamped as
        what we do for drawing the sourceGraphicBuffer. If only the destination
        point is specified, the GraphicsContext::drawImageBuffer() assumes the
        source and the destination images have the same size which is not true
        with the clamping.
        
        The fix is to add the clamping logic to the FilterEffect. Two places we
        need to change. (1) FilterEffect::createImageBufferResult() has to apply
        the same clamping we do in SVGRenderingContext::createImageBuffer(). (2)
        FilterEffect::drawingRegionOfInputImage() has to consider the clamping 
        when mapping from absolute coordinates to the ImageBuffer coordinates.
        
        Tests: svg/filters/big-sized-off-viewport-filter.svg

        * platform/graphics/ImageBuffer.cpp:
        (WebCore::ImageBuffer::isSizeClamped):
        (WebCore::ImageBuffer::clampedSize):
        (WebCore::ImageBuffer::clampedRect):
        * platform/graphics/ImageBuffer.h:
        (WebCore::ImageBuffer::setSpaceSize): Move all the clamping helper methods
        from SVGRenderingContext and RenderSVGResourceFilter to the ImageBuffer.

        * platform/graphics/filters/FEColorMatrix.cpp:
        (WebCore::FEColorMatrix::platformApplySoftware): Use logicalSize() of the
        result image instead of using absolutePaintRect(). The later returns the
        rectangle of the element without clamping.
        
        * platform/graphics/filters/FETile.cpp:
        (WebCore::FETile::platformApplySoftware):
        * rendering/svg/RenderSVGResourceClipper.cpp:
        (WebCore::RenderSVGResourceClipper::applyClippingToContext):
        * rendering/svg/RenderSVGResourceFilter.cpp:
        (WebCore::RenderSVGResourceFilter::applyResource):
        (WebCore::RenderSVGResourceFilter::fitsInMaximumImageSize): Deleted.
        * rendering/svg/RenderSVGResourceFilter.h:
        * rendering/svg/RenderSVGResourceGradient.cpp:
        (WebCore::createMaskAndSwapContextForTextGradient):
        (WebCore::clipToTextMask):
        * rendering/svg/RenderSVGResourceMasker.cpp:
        (WebCore::RenderSVGResourceMasker::applySVGMask):
        * rendering/svg/RenderSVGResourcePattern.cpp:
        (WebCore::RenderSVGResourcePattern::buildPattern):
        (WebCore::RenderSVGResourcePattern::createTileImage): Make the modifications
        which are needed because of moving the clamping helper methods to ImageBuffer
        and because of changing the prototype of SVGRenderingContext methods.

        * platform/graphics/filters/FilterEffect.cpp:
        (WebCore::FilterEffect::drawingRegionOfInputImage): Consider the clamping
        when mapping from absolute coordinates to the ImageBuffer coordinates.

        (WebCore::FilterEffect::createImageBufferResult): Apply the same clamping
        we do in SVGRenderingContext::createImageBuffer() when creating the 
        FilterEffect result ImageBuffer.
        
        (WebCore::FilterEffect::apply):
        (WebCore::FilterEffect::asUnmultipliedImage):
        (WebCore::FilterEffect::asPremultipliedImage):
        (WebCore::FilterEffect::copyUnmultipliedImage):
        (WebCore::FilterEffect::copyPremultipliedImage):
        (WebCore::FilterEffect::createUnmultipliedImageResult):
        (WebCore::FilterEffect::createPremultipliedImageResult):
        (WebCore::FilterEffect::maxFilterArea): Deleted.
        (WebCore::FilterEffect::isFilterSizeValid): Deleted.
        * platform/graphics/filters/FilterEffect.h: Use the new ImageBuffer clamping
        helper methods and delete the local ones.

        * platform/graphics/transforms/AffineTransform.cpp:
        (WebCore::AffineTransform::scaleNonUniform):
        (WebCore::AffineTransform::scale):
        (WebCore::AffineTransform::translate):
        * platform/graphics/transforms/AffineTransform.h: Add new scale and translate
        overloads to AffineTransform.
        
        * rendering/FilterEffectRenderer.cpp:
        (WebCore::FilterEffectRenderer::updateBackingStoreRect):
        (WebCore::FilterEffectRendererHelper::beginFilterEffect): Code clean up.
        
        * rendering/svg/SVGRenderingContext.cpp:
        (WebCore::SVGRenderingContext::calculateScreenFontSizeScalingFactor):
        (WebCore::SVGRenderingContext::calculateTransformationToOutermostCoordinateSystem):
        Return the AffineTransform instead of passing it through the reference of
        an argument.
        
        (WebCore::SVGRenderingContext::createImageBuffer):
        (WebCore::SVGRenderingContext::createImageBufferForPattern): Deleted.
        Code clean up and method rename.
        
        (WebCore::SVGRenderingContext::clampedAbsoluteTargetRect): Deleted.
        (WebCore::SVGRenderingContext::clampedAbsoluteSize): Deleted.
        * rendering/svg/SVGRenderingContext.h: Move the clamping helper methods to
        the ImageBuffer class.
    
2015-05-07  Beth Dakin  <bdakin@apple.com>

        New force-related DOM events should fire in WK1 views
        https://bugs.webkit.org/show_bug.cgi?id=144663
        -and corresponding-
        rdar://problem/20281886

        Reviewed by Sam Weinig.

        All of the WK1 mouse events need to take the correspondingPressureEvent.
        * page/EventHandler.h:

        Make correspondingPressureEvent a part of CurrentEventScope. This is needed to 
        have accurate pressure information for all of the mouse events in subframes.
        * page/mac/EventHandlerMac.mm:
        (WebCore::correspondingPressureEventSlot):
        (WebCore::EventHandler::correspondingPressureEvent):
        (WebCore::CurrentEventScope::CurrentEventScope):
        (WebCore::CurrentEventScope::~CurrentEventScope):

        These events don’t have an associated pressure, so send nil for the 
        correspondingPressureEvent.
        (WebCore::EventHandler::wheelEvent):
        (WebCore::EventHandler::keyEvent):

        Pipe through correspondingPressureEvent.
        (WebCore::EventHandler::mouseDown):
        (WebCore::EventHandler::mouseDragged):
        (WebCore::EventHandler::mouseUp):
        (WebCore::EventHandler::mouseMoved):

        New function to handle pressure change events.
        (WebCore::EventHandler::pressureChange):

        Pipe through correspondingPressureEvent.
        (WebCore::EventHandler::passMouseMovedEventToScrollbars):
        (WebCore::EventHandler::currentPlatformMouseEvent):

        Take the correspondingPressureEvent in order to build a PlatformMouseEvent with 
        the correct pressure information.
        * platform/mac/PlatformEventFactoryMac.h:
        * platform/mac/PlatformEventFactoryMac.mm:
        (WebCore::globalPointForEvent):
        (WebCore::pointForEvent):
        (WebCore::mouseButtonForEvent):
        (WebCore::PlatformMouseEventBuilder::PlatformMouseEventBuilder):
        (WebCore::PlatformEventFactory::createPlatformMouseEvent):

2015-05-06  Roger Fong  <roger_fong@apple.com>

        Media Controls: Scrubber should be independent of actual video time, causes scrubber to be jumpy.
        https://bugs.webkit.org/show_bug.cgi?id=144700.
        <rdar://problem/19997548>

        Reviewed by Jer Noble.

        Update time and timeline during the timeline input event instead of the wrapper's mousemove.
        (Controller.prototype.handleWrapperMouseMove):
        (Controller.prototype.handleTimelineMouseMove):
        (Controller.prototype.drawTimelineBackground): 

        (Controller.prototype.updateControlsWhileScrubbing): 
        Updates time and scrubber to reflect timeline user input.

2015-05-07  Yoav Weiss  <yoav@yoav.ws>

        Handle meta viewport in HTMLPreloadScanner
        https://bugs.webkit.org/show_bug.cgi?id=144640

        Reviewed by Dean Jackson.

        Add support for the <meta> tag to the HTMLPreloadScanner
        and when the meta tag's name is viewport, get the document
        to process the tag's attribute value, and set its ViewportArgument.

        Tests: fast/dom/HTMLMetaElement/meta-preloader.html

        * html/parser/HTMLPreloadScanner.cpp:
        (WebCore::TokenPreloadScanner::tagIdFor): Added meta.
        (WebCore::TokenPreloadScanner::initiatorFor): Added meta.
        (WebCore::TokenPreloadScanner::StartTagScanner::StartTagScanner): Call document.processViewport is meta viewport encountered.
        (WebCore::TokenPreloadScanner::StartTagScanner::processAttributes):
        (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute): Keep track of meta viewport tags.
        (WebCore::testPreloadScannerViewportSupport): Testing function that makes sure this functionality is working.
        * html/parser/HTMLPreloadScanner.h:
        * testing/Internals.cpp:
        (WebCore::Internals::testPreloaderSettingViewport): Calls the testing function.
        * testing/Internals.h:
        * testing/Internals.idl:

2015-05-07  Zalan Bujtas  <zalan@apple.com>

        REGRESSION (r164449): Subpixel rendering: http://www.apple.com/iphone-6/ "Faster wireless." image displays vertical black line on 1x displays at specific window width.
        https://bugs.webkit.org/show_bug.cgi?id=144723
        rdar://problem/18307094

        Reviewed by Simon Fraser.

        This patch ensures that the backing store's graphics layer is always positioned on a device pixel boundary.

        While calculating the backing store's graphics layer location, its ancestor layer's compositing bounds is taken into account.
        However the compositing bounds is an unsnapped value, so in order to place the graphics layer properly,
        we need to pixel align the ancestor compositing bounds before using it to adjust the child's graphics layer position.

        Test: compositing/ancestor-compositing-layer-is-on-subpixel-position.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateGeometry):

2015-05-07  Yoav Weiss  <yoav@yoav.ws>

        Fix sizes crash and add invalid value tests.
        https://bugs.webkit.org/show_bug.cgi?id=144739

        Reviewed by Darin Adler.

        Make sure that only CSS length are allowed when the sizes parser is calling computeLength.
        Also make sure that for invalid lengths, the 100vw default is used instead.

        Test: fast/dom/HTMLImageElement/sizes/image-sizes-invalids.html

        * css/SourceSizeList.cpp:
        (WebCore::computeLength):
        (WebCore::defaultLength):
        (WebCore::parseSizesAttribute):

2015-05-07  Michael Catanzaro  <mcatanzaro@igalia.com>

        [GTK] Checks for DEVELOPMENT_BUILD are all wrong
        https://bugs.webkit.org/show_bug.cgi?id=144746

        Reviewed by Martin Robinson.

        Use DEVELOPER_MODE rather than DEVELOPMENT_BUILD.

        * platform/gtk/GtkUtilities.cpp:
        * platform/gtk/GtkUtilities.h:
        * platform/text/gtk/HyphenationLibHyphen.cpp:
        (WebCore::availableLocales):

2015-05-07  Simon Fraser  <simon.fraser@apple.com>

        Remove the WK1-only code path for independently composited iframes
        https://bugs.webkit.org/show_bug.cgi?id=144722

        Reviewed by Dean Jackson.

        In WebKit1 on Mac, we allowed iframes to be composited independently of their
        parent document, relying on the fact that the frame's platform view can host
        a layer-backed view. However, this ran into bugs (rdar://problem/18862298),
        and triggers the assertion at the end of FrameView::updateLayoutAndStyleIfNeededRecursive(),
        because the compositing update after a layout can dirty style in notifyIFramesOfCompositingChange().
        
        Removing the WK1-only code path solves these problems. It also eliminates the need
        to do compositing-specific frame overlap testing.

        * page/FrameView.cpp:
        (WebCore::FrameView::setIsOverlapped): No need to do compositing-related things here.
        Any iframe that gets composited will participate in the normal compositing overlap
        testing in its parent frame.
        (WebCore::FrameView::hasCompositedContentIncludingDescendants): Deleted.
        (WebCore::FrameView::hasCompositingAncestor): Deleted.
        * page/FrameView.h:
        * rendering/RenderLayerCompositor.cpp: Replace ownerElement() checks in this file
        with an isMainFrameCompositor() for readability. Some 0->nullptr.
        (WebCore::RenderLayerCompositor::cacheAcceleratedCompositingFlags):
        (WebCore::RenderLayerCompositor::chromeClient):
        (WebCore::RenderLayerCompositor::enclosingCompositorFlushingLayers):
        (WebCore::RenderLayerCompositor::updateCompositingLayers):
        (WebCore::RenderLayerCompositor::appendDocumentOverlayLayers):
        (WebCore::RenderLayerCompositor::updateBacking):
        (WebCore::RenderLayerCompositor::layerTreeAsText):
        (WebCore::RenderLayerCompositor::frameContentsCompositor):
        (WebCore::RenderLayerCompositor::setIsInWindow):
        (WebCore::RenderLayerCompositor::requiresCompositingForScrollableFrame):
        (WebCore::RenderLayerCompositor::requiresCompositingForFrame): frameRenderer.requiresAcceleratedCompositing()
        already bails on no content RenderView, so the shouldPropagateCompositingToEnclosingFrame() check does
        nothing and is removed.
        (WebCore::RenderLayerCompositor::isAsyncScrollableStickyLayer):
        (WebCore::RenderLayerCompositor::requiresScrollLayer):
        (WebCore::RenderLayerCompositor::documentUsesTiledBacking):
        (WebCore::RenderLayerCompositor::isMainFrameCompositor):
        (WebCore::RenderLayerCompositor::shouldCompositeOverflowControls):
        (WebCore::RenderLayerCompositor::requiresOverhangAreasLayer):
        (WebCore::RenderLayerCompositor::requiresContentShadowLayer):
        (WebCore::RenderLayerCompositor::updateLayerForTopOverhangArea):
        (WebCore::RenderLayerCompositor::updateLayerForBottomOverhangArea):
        (WebCore::RenderLayerCompositor::updateLayerForHeader):
        (WebCore::RenderLayerCompositor::updateLayerForFooter):
        (WebCore::RenderLayerCompositor::ensureRootLayer): Main frame attaches via ChromeClient,
        all other frames attach via parent frame.
        (WebCore::RenderLayerCompositor::notifyIFramesOfCompositingChange): This call to
        scheduleSetNeedsStyleRecalc(SyntheticStyleChange) was the source of dirtying style after
        layout, but is no longer needed so remove it.
        (WebCore::RenderLayerCompositor::registerAllViewportConstrainedLayers):
        (WebCore::RenderLayerCompositor::unregisterAllViewportConstrainedLayers):
        (WebCore::RenderLayerCompositor::scrollingCoordinator):
        (WebCore::RenderLayerCompositor::graphicsLayerFactory):
        (WebCore::RenderLayerCompositor::allowsIndependentlyCompositedFrames): Deleted.
        (WebCore::RenderLayerCompositor::shouldPropagateCompositingToEnclosingFrame): Deleted.
        (WebCore::RenderLayerCompositor::mainFrameBackingIsTiled): Deleted. This was mis-named;
        it really asks whether the document uses tiled backing, but does not check for main frame.
        * rendering/RenderLayerCompositor.h:
        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::paintContents): No need to do frame overlap testing for
        compositing now.

2015-05-06  Dean Jackson  <dino@apple.com>

        Handle backdrop views that have to tile
        https://bugs.webkit.org/show_bug.cgi?id=142317
        <rdar://problem/20049088>

        Reviewed by Simon Fraser.

        Take 2 - this was rolled out because Mavericks was crashing.

        Make sure backdrop layers don't tile. If they are big
        enough, we'll leave it to the platform compositor to handle.

        This also fixes a bug where if a layer changed from a backdrop
        type to a tiled type, it would still retain its custom appearance
        and we'd try to add children to the wrong layer.

        Test: compositing/media-controls-bar-appearance-big.html

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers): Check if
        a layer needs a backdrop before checking if it needs to tile.

2015-05-05  Myles C. Maxfield  <mmaxfield@apple.com>

        Revert "Introducing the Platform Abstraction Layer (PAL)"
        https://bugs.webkit.org/show_bug.cgi?id=144751

        Unreviewed.

        PAL should be a new target inside WebCore, rather than a top-level folder.

        * WebCore.xcodeproj/project.pbxproj:
        * Configurations/FeatureDefines.xcconfig:

2015-05-07  Dan Bernstein  <mitz@apple.com>

        Tried to fix the build.

        * Configurations/WebCoreTestSupport.xcconfig:

2015-05-07  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] The pre element should be mapped to ATK_ROLE_SECTION; not ATK_ROLE_PANEL
        https://bugs.webkit.org/show_bug.cgi?id=144702

        Reviewed by Chris Fleizach.

        Add a new PreRole AccessibilityRole so that per-platform mapping is possible.
        Map PreRole to ATK_ROLE_SECTION for Efl and Gtk; to NSAccessibilityGroupRole
        for the Mac. Add PreRole to the list of "text type" ATK roles.

        No new tests. Existing tests were updated to reflect the corrected mapping.

        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
        * accessibility/atk/AccessibilityObjectAtk.cpp:
        (WebCore::AccessibilityObject::allowsTextRanges):
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):
        (roleIsTextType):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (createAccessibilityRoleMap):

2015-05-07  Dan Bernstein  <mitz@apple.com>

        <rdar://problem/19317140> [Xcode] Remove usage of AspenFamily.xcconfig in Source/
        https://bugs.webkit.org/show_bug.cgi?id=144727

        Reviewed by Darin Adler.

        * Configurations/Base.xcconfig: Don’t include AspenFamily.xcconfig.
        * Configurations/WebCore.xcconfig: For iOS, define INSTALL_PATH in terms of
        INSTALL_PATH_PREFIX, and set INSTALL_PATH_PREFIX for the iOS 8.x Simulator.
        * Configurations/WebCoreTestSupport.xcconfig: Define INSTALL_PATH in terms of
        INSTALL_PATH_PREFIX and INSTALL_PATH_ACTUAL, and define INSTALL_PATH_PREFIX for the iOS 8.x
        Simulator.

2015-05-07  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Playback target isn't set on new element
        https://bugs.webkit.org/show_bug.cgi?id=144724

        Reviewed by Jer Noble.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer): Call setShouldPlayToPlaybackTarget
        if necessary.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldPlayToPlaybackTarget): Remember
        the setting in case we don't have an AVPlayer yet.

2015-05-07  Yoav Weiss  <yoav@yoav.ws>

        Fix <script srcset> being loaded by the preloader.
        https://bugs.webkit.org/show_bug.cgi?id=144675

        Reviewed by Darin Adler.

        Fix HTMLPreloadScanner to make sure that srcset is only loaded
        when it is present on an <img>.

        Tests: http/tests/loading/preload-script-src.html
               http/tests/loading/preload-script-srcset-ignored.html

        * html/parser/HTMLPreloadScanner.cpp:
        (WebCore::TokenPreloadScanner::StartTagScanner::processAttributes):

2015-05-07  Žan Doberšek  <zdobersek@igalia.com>

        Add missing type traits specialization for PlatformDisplayWayland
        https://bugs.webkit.org/show_bug.cgi?id=144671

        Reviewed by Carlos Garcia Campos.

        * platform/graphics/wayland/PlatformDisplayWayland.h:
        Add missing type traits specialization for the PlatformDisplayWayland
        class via the SPECIALIZE_TYPE_TRAITS_PLATFORM_DISPLAY macro.

2015-05-06  Manuel Rego Casasnovas  <rego@igalia.com>

        [CSS Grid Layout] Mark grid shorthands as layout dependent
        https://bugs.webkit.org/show_bug.cgi?id=144687

        Reviewed by Darin Adler.

        grid-template and grid shorthands were not marked us layout dependent,
        so you can end up calling them before the grid has been laid out and
        you'll get a crash at valueForGridTrackList() because of trackPositions
        won't be initialized yet.

        Tests: fast/css-grid-layout/grid-shorthand-computed-style-crash.html
               fast/css-grid-layout/grid-template-shorthand-computed-style-crash.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::isLayoutDependent): Add the grid shorthands only if the object
        is a RenderGrid as otherwise it's not needed (using the same condition
        for grid-template-columns and grid-template-rows properties too).

2015-05-06  Daniel Bates  <dabates@apple.com>

        [iOS][WK2] Pause/resume database thread when UIProcess enters/leaves the background
        https://bugs.webkit.org/show_bug.cgi?id=144657
        <rdar://problem/18894598>

        Reviewed by Andy Estes.

        Export WebCore functionality to pause and resume the database thread so that we can
        make use of this functionality from WebKit2.

        * Modules/webdatabase/AbstractDatabaseServer.h:
        * Modules/webdatabase/DatabaseManager.cpp:
        (WebCore::DatabaseManager::setPauseAllDatabases): Added; turns around and calls DatabaseServer::setPauseAllDatabases().
        * Modules/webdatabase/DatabaseManager.h:
        * Modules/webdatabase/DatabaseServer.cpp:
        (WebCore::DatabaseServer::setPauseAllDatabases): Added; turns around and calls
        DatabaseTracker::tracker().setDatabasesPaused() to pause or resume the database thread.
        For now, we guard this call with PLATFORM(IOS). We'll look to remove this guard once
        we fix <https://bugs.webkit.org/show_bug.cgi?id=144660>.
        * Modules/webdatabase/DatabaseServer.h:

2015-05-06  Brent Fulgham  <bfulgham@apple.com>

        Scroll-snap points do not handle margins and padding propertly
        https://bugs.webkit.org/show_bug.cgi?id=144647
        <rdar://problem/20829473>

        Reviewed by Simon Fraser.

        The calculation of scroll snap points was incorrect because it did not account for margins or padding.
        This was fixed by using the "paddingBoxRect" to represent the overall size of the view area, and
        subtracting the relevant padding when computing the size of the scroll snap offsets.

        Extend testing internals with accessor methods to retrieve string representations of the scroll snap
        offsets and scroll snap coordinates computed during layout. These values are used in the new
        'css3/scroll-snap/scroll-snap-offsets-and-coordinates.html' test.

        New tests:
        * css3/scroll-snap/scroll-snap-offsets-and-coordinates.html: Added.
        * platform/mac-wk2/tiled-drawing/scrolling/scroll-snap/scroll-snap-mandatory-borders.html: Added.
        * platform/mac-wk2/tiled-drawing/scrolling/scroll-snap/scroll-snap-mandatory-padding.html: Added.
        * platform/mac-wk2/tiled-drawing/scrolling/scroll-snap/scroll-snap-mandatory-rotated.html: Added.

        * css/LengthFunctions.h: Expose the 'valueForLength' method so we can use it in WebCoreTestSupport.
        * dom/Node.h: Expose the 'renderBox' method so we can use it in WebCoreTestSupport.
        * page/scrolling/AxisScrollSnapOffsets.cpp:
        (WebCore::appendChildSnapOffsets): Use 'contentBoxRect' for overall size, so that we don't use padding
        as part of our offset calculations.
        (WebCore::updateSnapOffsetsForScrollableArea): Ditto.
        * rendering/RenderBox.h: Expose 'canBeScrolledAndHasScrollableArea' for use in WebCoreTestSupport.
        * rendering/style/RenderStyle.h: Expose 'scrollSnapCoordinates' for use in WebCoreTestSupport.
        * testing/Internals.cpp:
        (WebCore::appendOffsets): Helper function.
        (WebCore::Internals::scrollSnapOffsets): Added.
        * testing/Internals.h:
        * testing/Internals.idl:

2015-05-06  Myles C. Maxfield  <mmaxfield@apple.com>

        Clean up TextRun constructors
        https://bugs.webkit.org/show_bug.cgi?id=144712

        Reviewed by Zalan Bujtas.

        This patch uses constructor forwarding to make TextRun's constructors much simpler. It then
        updates the implementations of RenderBlock::constructTextRun() to be more consistent with
        TextRun (via using StringViews).

        No new tests because there is no behavior change.

        * mathml/MathMLMencloseElement.cpp:
        (WebCore::MathMLMencloseElement::longDivLeftPadding):
        * platform/graphics/TextRun.h:
        (WebCore::TextRun::TextRun):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::constructTextRun):
        (WebCore::constructTextRunInternal): Deleted.
        * rendering/RenderBlock.h:
        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::RenderEmbeddedObject::paintReplaced):
        (WebCore::RenderEmbeddedObject::unavailablePluginIndicatorBounds):
        (WebCore::RenderEmbeddedObject::isInUnavailablePluginIndicator):
        * rendering/svg/SVGTextMetricsBuilder.cpp:
        (WebCore::SVGTextMetricsBuilder::SVGTextMetricsBuilder):
        * platform/win/DragImageWin.cpp:
        (WebCore::createDragImageForLink):

2015-05-06  Sungmann Cho  <sungmann.cho@navercorp.com>

        Rename URL::copy() to URL::isolatedCopy() to match String.
        https://bugs.webkit.org/show_bug.cgi?id=144684

        Reviewed by Darin Adler.

        No new tests, no behavior change.

        * Modules/websockets/WebSocketHandshake.cpp:
        (WebCore::WebSocketHandshake::setURL):
        (WebCore::WebSocketHandshake::httpURLForAuthenticationAndCookies):
        * fileapi/ThreadableBlobRegistry.cpp:
        (WebCore::BlobRegistryContext::BlobRegistryContext):
        * html/parser/HTMLPreloadScanner.cpp:
        (WebCore::TokenPreloadScanner::updatePredictedBaseURL):
        * html/parser/HTMLResourcePreloader.h:
        (WebCore::PreloadRequest::PreloadRequest):
        * html/parser/XSSAuditor.cpp:
        (WebCore::XSSAuditor::init):
        * platform/CrossThreadCopier.cpp:
        (WebCore::URL>::copy):
        * platform/URL.cpp:
        (WebCore::URL::isolatedCopy):
        (WebCore::URL::copy): Deleted.
        * platform/URL.h:
        (WebCore::URLCapture::URLCapture):
        * platform/network/BlobPart.h:
        (WebCore::BlobPart::detachFromCurrentThread):
        * platform/network/ResourceRequestBase.cpp:
        (WebCore::ResourceRequestBase::copyData):
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::ResourceResponseBase::copyData):
        * workers/WorkerThread.cpp:
        (WebCore::WorkerThreadStartupData::WorkerThreadStartupData):

2015-05-06  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r183894.
        https://bugs.webkit.org/show_bug.cgi?id=144719

        crashes on mavericks (Requested by dino on #webkit).

        Reverted changeset:

        "Handle backdrop views that have to tile"
        https://bugs.webkit.org/show_bug.cgi?id=142317
        http://trac.webkit.org/changeset/183894

2015-05-06  Jon Lee  <jonlee@apple.com>

        CoreTextSPI.h uses wrong version number to denote Yosemite
        https://bugs.webkit.org/show_bug.cgi?id=144701

        Reviewed by Dean Jackson.

        * platform/spi/cocoa/CoreTextSPI.h: Should 101000 not 10100.

2015-05-06  Jon Lee  <jonlee@apple.com>

        Expose more font weights for -apple-system
        https://bugs.webkit.org/show_bug.cgi?id=144707

        Reviewed by Dean Jackson.

        Update to platform/mac/fast/text/systemFont.html

        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::toNSFontWeight): New static method to map font weights to NSFontWeight constants available on
        Yosemite and later.
        (WebCore::fontWithFamily): Request the system font with a mapped weight on Yosemite and later.
        * platform/spi/mac/NSFontSPI.h: Add [NSFont systemFontWithSize:weight:], and the proper NSFontWeight
        constants.

2015-05-06  Dean Jackson  <dino@apple.com>

        Handle backdrop views that have to tile
        https://bugs.webkit.org/show_bug.cgi?id=142317
        <rdar://problem/20049088>

        Reviewed by Simon Fraser.

        Make sure backdrop layers don't tile. If they are big
        enough, we'll leave it to the platform compositor to handle.

        This also fixes a bug where if a layer changed from a backdrop
        type to a tiled type, it would still retain its custom appearance
        and we'd try to add children to the wrong layer.

        Test: compositing/media-controls-bar-appearance-big.html

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers): Check if
        a layer needs a backdrop before checking if it needs to tile.

2015-05-06  Carlos Garcia Campos  <cgarcia@igalia.com> and Per Arne Vollan  <peavo@outlook.com>

        [WinCairo] Compile error due to undefined symbols after r183868
        https://bugs.webkit.org/show_bug.cgi?id=144692

        Reviewed by Alex Christensen.

        Speculative build fix. Add dummy PlatformDisplayWin.

        * PlatformWinCairo.cmake: Add PlatformDisplay.cpp to compilation.
        * platform/graphics/PlatformDisplay.cpp:
        (WebCore::PlatformDisplay::createPlatformDisplay):
        * platform/graphics/PlatformDisplay.h:
        * platform/graphics/win/PlatformDisplayWin.h:
        Add stubs to compile.
        * WebCore.vcxproj/WebCore.vcxproj
        * WebCore.vcxproj/WebCore.vcxproj.filters
        Add new files to Windows build.

2015-05-06  David Hyatt  <hyatt@apple.com>

        Avoid copies in scrollOffsetForFixedPosition() and inline it.
        https://bugs.webkit.org/show_bug.cgi?id=144709

        Reviewed by Simon Fraser.

        * page/FrameView.cpp:
        (WebCore::FrameView::frameScaleFactor):
        Added so that scrollOffsetForFixedPosition() can be inlined without having to
        reference Frame's implementation.

        (WebCore::FrameView::scrollOffsetForFixedPosition): Deleted.
        Moved this to the header.

        * page/FrameView.h:
        Inline scrollOffsetForFixedPosition() and get rid of all the copying
        it was doing.

2015-05-06  David Hyatt  <hyatt@apple.com>

        RenderLayer::currentTransform computes a pixel snapped rect it doesn't use.
        https://bugs.webkit.org/show_bug.cgi?id=144708

        Reviewed by Simon Fraser.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::currentTransform):

        Only compute a pixel snapped rect if we actually end up needing it. The common case
        is that this rect is not needed, so pushing it inside the two if statements
        speeds up the common case.

2015-05-06  Timothy Horton  <timothy_horton@apple.com>

        Fix the build.

        * platform/spi/cocoa/QuartzCoreSPI.h:

2015-05-06  David Hyatt  <hyatt@apple.com>

        Optimize topLeftLocationOffset() addition in updateLayerPosition
        https://bugs.webkit.org/show_bug.cgi?id=144704

        Reviewed by Dean Jackson.

        * page/FrameView.cpp:
        (WebCore::FrameView::FrameView):
        * page/FrameView.h:
        Move the hasFlippedBlocks bit to FrameView instead of RenderView. Works better for inlining
        the check in any renderer header, and it also makes more sense conceptually, since the RenderView
        itself could be a flipped block.

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::layoutOverflowRectForPropagation):
        Change over to the FrameView bit.

        * rendering/RenderBox.h:
        (WebCore::RenderBox::applyTopLeftLocationOffset):
        Add a new inlined function that can apply the top left location offset to a point without
        multiple LayoutSize creations and copies. It invokes a helper for flipping that is not
        inlined only in the case where actual flipped blocks exist in the render tree.

        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::updateFromStyle):
        Set the bit on the FrameView now instead of the RenderView.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::updateLayerPosition):
        Call the new applyTopLeftLocationOffset function so that the point can have offsets added
        in without any extra copies.

        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLineBoxList.cpp:
        (WebCore::RenderLineBoxList::rangeIntersectsRect):
        Switch over to the bit on the FrameView.

        * rendering/RenderView.cpp:
        (WebCore::RenderView::RenderView):
        * rendering/RenderView.h:
        Get rid of the bit on the RenderView.

2015-05-05  Myles C. Maxfield  <mmaxfield@apple.com>

        Introducing the Platform Abstraction Layer (PAL)
        https://bugs.webkit.org/show_bug.cgi?id=143358

        Reviewed by Simon Fraser.

        * WebCore.xcodeproj/project.pbxproj: Let the project know about the .a
        * Configurations/FeatureDefines.xcconfig: Updated

2015-05-06  Eric Carlson  <eric.carlson@apple.com>

        [iOS] remove some unnecessary iOS-only media code
        https://bugs.webkit.org/show_bug.cgi?id=144697
        <rdar://problem/20229914>

        Reviewed by Jer Noble.

        * html/HTMLAttributeNames.in: Remove data-youtube-id.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerItem): Remove dataYouTubeID.

2015-05-06  David Hyatt  <hyatt@apple.com>

        Optimize relativePositionOffset() to avoid doing unnecessary work
        https://bugs.webkit.org/show_bug.cgi?id=144698

        Reviewed by Simon Fraser.

        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::relativePositionOffset):

        Patch relativePositionOffset to avoid doing unnecessary work in the common case where
        all values of top/left/right/bottom are either auto or fixed. We no longer fetch
        containingBlock() into a local always, but instead just invoke the function only
        when necessary.

        Also avoid computing the percentage-relative maximum for the top/right/bottom/left lengths
        when they are fixed values, since that maximum won't be examined at all.

2015-05-06  Martin Robinson  <mrobinson@igalia.com>

        [FreeType] Vertical CJK glyphs should not be rendered with synthetic oblique
        https://bugs.webkit.org/show_bug.cgi?id=144612

        Reviewed by Darin Adler.

        No new tests. This causes fast/text/international/synthesized-italic-vertical.html to pass.

        * platform/graphics/Font.cpp:
        (WebCore::Font::nonSyntheticItalicFont): Compile this method for Cairo as well.
        * platform/graphics/FontCascadeFonts.cpp:
        (WebCore::FontCascadeFonts::glyphDataForSystemFallback): When searching for the system fallback,
        ensure that we do not use synthetic oblique when rendering vertical CJK glyphs.
        (WebCore::FontCascadeFonts::glyphDataForNormalVariant): Extend the CJK fix to Cairo ports.
        * platform/graphics/FontPlatformData.h:
        (WebCore::FontPlatformData::setSyntheticOblique): Added this helper method, because
        Freetype/Cairo ports needs to be able to recreate the scaled font matrix when the
        synthetic oblique settings changes.
        * platform/graphics/freetype/FontPlatformData.h: Rename initializeWithFontFace to buildScaledFont.
        Remove the now unused m_horizontalOrientationMatrix member.
        (WebCore::FontPlatformData::setSyntheticOblique): Added the helper here as well.
        * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
        (WebCore::FontPlatformData::FontPlatformData): Calculate whether or not to use synthetic oblique here,
        before buildScaledFont is called. Call buildScaledFont instead of initializeWithFontFace.
        (WebCore::FontPlatformData::operator=):
        (WebCore::FontPlatformData::buildScaledFont): Renamed from initializeWithFontFace, does
        the same thing, except calculate whether or not to use synthetic oblique. Instead just
        reads the value.
        (WebCore::FontPlatformData::setOrientation): Instead of adjusting the font matrix, recreate
        the entire font.
        (WebCore::FontPlatformData::setSyntheticOblique): Added.
        (WebCore::rotateCairoMatrixForVerticalOrientation): Deleted.
        (WebCore::FontPlatformData::initializeWithFontFace): Deleted.

2015-05-06  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Test splitting NFAs by max NFA size.
        https://bugs.webkit.org/show_bug.cgi?id=144659

        Reviewed by Darin Adler.

        * WebCore.xcodeproj/project.pbxproj:
        * contentextensions/CombinedURLFilters.cpp:
        (WebCore::ContentExtensions::generateNFAForSubtree):
        (WebCore::ContentExtensions::CombinedURLFilters::processNFAs):
        * contentextensions/CombinedURLFilters.h:
        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        * contentextensions/DFABytecodeCompiler.h:
        * contentextensions/DFABytecodeInterpreter.h:
        Make maxNFASize a parameter so we can test it with small values.

2015-05-06  Antti Koivisto  <antti@apple.com>

        REGRESSION (r183467): Unable to start downloads in private browsing mode
        https://bugs.webkit.org/show_bug.cgi?id=144533

        Reviewed by Darin Adler.

        If willSendRequest delegate mutated the request we would lose the requester field value from the original.

        No test runner support for mutating requests.

        * platform/network/cf/ResourceRequestCFNet.cpp:
        (WebCore::ResourceRequest::updateFromDelegatePreservingOldProperties):

            This needs to keep the requester too.

        * platform/network/cocoa/ResourceRequestCocoa.mm:
        (WebCore::ResourceRequest::updateFromDelegatePreservingOldProperties): Deleted.

            Share implementations.

2015-05-06  Ryosuke Niwa  <rniwa@webkit.org>

        Toggling underline on font panel removes strike through
        https://bugs.webkit.org/show_bug.cgi?id=144670
        <rdar://problem/3790443>

        Reviewed by Darin Adler.

        * editing/EditingStyle.cpp:
        (WebCore::EditingStyle::EditingStyle): Added a variant that takes CSSStyleDeclaration.
        * editing/EditingStyle.h:
        (WebCore::EditingStyle::create): Ditto.
        * editing/Editor.cpp:
        (WebCore::Editor::applyStyleToSelection): Takes Ref<EditingStyle>&& instead of RefPtr<EditingStyle>&&.
        * editing/Editor.h:
        * editing/EditorCommand.cpp:
        (WebCore::applyCommandToFrame): Ditto.
        (WebCore::executeStrikethrough):
        (WebCore::executeUnderline):

2015-05-06  Jessie Berlin  <jberlin@webkit.org>

        More build fixing.

        * page/mac/TextIndicatorWindow.mm:

2015-05-06  Jessie Berlin  <jberlin@webkit.org>

        32-bit build fix after r183859 and r183860.

        * page/mac/TextIndicatorWindow.mm:
        Autosynthesis isn't available for our 32-bit builds.

2015-05-06  Carlos Garcia Campos  <cgarcia@igalia.com>

        [EGL] Move EGLDisplay handling to PlatformDisplay and remove PlatformDisplay definition from GLDefs.h
        https://bugs.webkit.org/show_bug.cgi?id=144685

        Reviewed by Martin Robinson.

        The EGL display is also initialized in multiple places, and could
        be unified in PlatformDisplay. Remove the PlatformDisplay
        definition from platform/graphics/opengl/GLDefs.h to avoid conflicts.

        * platform/graphics/PlatformDisplay.cpp:
        (WebCore::PlatformDisplay::PlatformDisplay): Initialize m_eglDisplay.
        (WebCore::PlatformDisplay::~PlatformDisplay): Call terminateEGLDisplay().
        (WebCore::PlatformDisplay::eglDisplay): Lazy intialize the EGL
        display and return it.
        (WebCore::PlatformDisplay::initializeEGLDisplay):
        (WebCore::PlatformDisplay::terminateEGLDisplay):
        * platform/graphics/PlatformDisplay.h:
        * platform/graphics/egl/GLContextEGL.cpp:
        (WebCore::sharedEGLDisplay): Use PlatformDisplay::eglDisplay().
        * platform/graphics/opengl/GLDefs.h: Remove unneeded definitions.
        * platform/graphics/opengl/GLPlatformSurface.cpp:
        (WebCore::GLPlatformSurface::GLPlatformSurface): Remove
        m_sharedDisplay member, PlatformDisplay::sharedDisplay() can be used instead.
        (WebCore::GLPlatformSurface::sharedDisplay): Deleted.
        * platform/graphics/opengl/GLPlatformSurface.h:
        * platform/graphics/surfaces/egl/EGLConfigSelector.h: Use
        EGLDisplay instead of PlatformDisplay.
        * platform/graphics/surfaces/egl/EGLContext.cpp:
        (WebCore::EGLOffScreenContext::initialize): Use PlatformDisplay::eglDisplay().
        * platform/graphics/surfaces/egl/EGLHelper.cpp: Remove the
        EGLDisplayConnection clas and use PlatformDisplay instead.
        (WebCore::EGLHelper::eglDisplay):
        (WebCore::EGLHelper::currentDisplay):
        (WebCore::EGLDisplayConnection::EGLDisplayConnection): Deleted.
        (WebCore::EGLDisplayConnection::~EGLDisplayConnection): Deleted.
        (WebCore::EGLDisplayConnection::display): Deleted.
        (WebCore::EGLDisplayConnection::terminate): Deleted.
        * platform/graphics/surfaces/egl/EGLHelper.h:
        * platform/graphics/surfaces/egl/EGLSurface.cpp:
        (WebCore::EGLTransportSurface::EGLTransportSurface): Use EGLHelper::eglDisplay().
        (WebCore::EGLTransportSurface::destroy): Ditto.
        (WebCore::EGLOffScreenSurface::EGLOffScreenSurface): Ditto.
        (WebCore::EGLOffScreenSurface::destroy): Ditto.
        * platform/graphics/surfaces/egl/EGLXSurface.cpp:
        (WebCore::EGLWindowTransportSurface::EGLWindowTransportSurface):
        Use PlatformDisplay::eglDisplay().
        (WebCore::EGLWindowTransportSurface::swapBuffers): Ditto.
        (WebCore::EGLPixmapSurface::EGLPixmapSurface): Ditto.
        * platform/graphics/surfaces/glx/GLXContext.cpp:
        (WebCore::GLXOffScreenContext::initialize): Use X11Helper::nativeDisplay().
        * platform/graphics/surfaces/glx/GLXSurface.cpp:
        (WebCore::GLXTransportSurface::GLXTransportSurface): Do not use m_sharedDisplay.
        (WebCore::GLXOffScreenSurface::initialize): Ditto.
        * platform/graphics/wayland/PlatformDisplayWayland.cpp:
        (WebCore::PlatformDisplayWayland::PlatformDisplayWayland): Call
        PlatformDisplay::initializeEGLDisplay() to insialize the EGL display.
        * platform/graphics/wayland/PlatformDisplayWayland.h:
        * platform/graphics/x11/PlatformDisplayX11.cpp:
        (WebCore::PlatformDisplayX11::initializeEGLDisplay): Override
        PlatformDisplay::initializeEGLDisplay() to initialize the
        m_eglDisplay member.
        * platform/graphics/x11/PlatformDisplayX11.h:

2015-05-06  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: DOMStorage exception and issue with sessionStorage
        https://bugs.webkit.org/show_bug.cgi?id=144646

        Reviewed by Timothy Hatcher.

        * inspector/InspectorDOMStorageAgent.cpp:
        (WebCore::InspectorDOMStorageAgent::findStorageArea):
        Return session storage if the identifier says not local storage.

2015-05-06  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet  <youenn.fablet@crf.canon.fr>

        Move ReadableStreamJSSource.h/.cpp to ReadableJSStream.h/.cpp
        https://bugs.webkit.org/show_bug.cgi?id=144567

        Reviewed by Darin Adler.

        In addition to renaming ReadableStreamJSSource.h/.cpp, ReadableStreamJSSource is now made a private class of
        ReadableJSStream, called ReadableJSStream::Source.
        Made some minor refactoring (passing some ExecState by ref and not by pointer).
        No functional change, existing tests cover the changes.

        * bindings/js/JSReadableStreamCustom.cpp:
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::Source::create):
        (WebCore::ReadableJSStream::Source::Source):
        (WebCore::ReadableJSStream::Source::~Source):
        (WebCore::ReadableJSStream::Source::globalObject):
        (WebCore::ReadableJSStream::Source::start):
        (WebCore::ReadableJSStream::create):
        (WebCore::ReadableJSStream::ReadableJSStream):
        * bindings/js/ReadableJSStream.h:

2015-05-05  Tim Horton  <timothy_horton@apple.com>

        REGRESSION (r183517): Yellow find-in-page highlight gets stuck forever
        https://bugs.webkit.org/show_bug.cgi?id=144651
        <rdar://problem/20755722>

        * page/mac/TextIndicatorWindow.mm:
        Fix an incorrectly-applied review comment.

2015-05-05  Timothy Horton  <timothy_horton@apple.com>

        REGRESSION (r183517): Yellow find-in-page highlight gets stuck forever
        https://bugs.webkit.org/show_bug.cgi?id=144651
        <rdar://problem/20755722>

        Reviewed by Dan Bernstein.

        * page/mac/TextIndicatorWindow.h:
        * page/mac/TextIndicatorWindow.mm:
        (WebCore::TextIndicatorWindow::clearTextIndicator):
        (WebCore::TextIndicatorWindow::setTextIndicator):
        (WebCore::TextIndicatorWindow::closeWindow):
        (WebCore::TextIndicatorWindow::startFadeOut):
        We can't keep m_fadingOut on TextIndicatorWindow, since it is reused.
        Keep it on the WebTextIndicatorView instead.

2015-05-05  Žan Doberšek  <zdobersek@igalia.com>

        Add missing vtable override specifiers under Source/WebCore/html
        https://bugs.webkit.org/show_bug.cgi?id=144578

        Reviewed by Daniel Bates.

        Update virtual method overrides under Source/WebCore/html
        which are missing the override specifier.

        * html/canvas/WebGL2RenderingContext.h:
        * html/canvas/WebGLRenderingContext.h:
        * html/track/InbandTextTrack.h:
        * html/track/TrackListBase.h:

2015-05-05  Žan Doberšek  <zdobersek@igalia.com>

        Add missing vtable override specifiers under Source/WebCore/rendering
        https://bugs.webkit.org/show_bug.cgi?id=144570

        Reviewed by Darin Adler.

        Update virtual method overrides under Source/WebCore/rendering
        which are missing the override specifiers.

        * rendering/InlineTextBox.h:
        (WebCore::InlineTextBox::calculateBoundaries): Deleted.
        * rendering/RenderFlowThread.h:
        * rendering/RenderMedia.h:
        (WebCore::RenderMedia::shadowControlsNeedCustomLayoutMetrics): Deleted.
        * rendering/RenderMultiColumnSet.h:
        * rendering/RenderRegion.h:
        * rendering/RenderRegionSet.h:
        * rendering/RenderThemeGtk.h:
        * rendering/mathml/RenderMathMLOperator.h:
        * rendering/svg/RenderSVGBlock.h:

2015-05-05  Žan Doberšek  <zdobersek@igalia.com>

        Add missing vtable override specifiers under Source/WebCore/Modules
        https://bugs.webkit.org/show_bug.cgi?id=144569

        Reviewed by Darin Adler.

        Update virtual method overrides under Source/WebCore/Modules
        which are missing the override specifier.

        * Modules/mediasource/SourceBuffer.h:
        * Modules/mediastream/MediaStreamTrack.h:
        * Modules/mediastream/RTCVoidRequestImpl.h:
        * Modules/webaudio/AudioContext.h:
        (WebCore::AudioContext::mediaType): Deleted.
        (WebCore::AudioContext::presentationType): Deleted.
        (WebCore::AudioContext::canReceiveRemoteControlCommands): Deleted.
        (WebCore::AudioContext::didReceiveRemoteControlCommand): Deleted.
        (WebCore::AudioContext::overrideBackgroundPlaybackRestriction): Deleted.
        * Modules/webaudio/MediaStreamAudioDestinationNode.h:
        * Modules/webaudio/MediaStreamAudioSourceNode.h:
        * Modules/webaudio/WaveShaperDSPKernel.h:
        * Modules/websockets/WebSocketChannel.h:
        (WebCore::WebSocketChannel::refThreadableWebSocketChannel): Deleted.
        (WebCore::WebSocketChannel::derefThreadableWebSocketChannel): Deleted.
        * Modules/websockets/WorkerThreadableWebSocketChannel.h:
        (WebCore::WorkerThreadableWebSocketChannel::refThreadableWebSocketChannel): Deleted.
        (WebCore::WorkerThreadableWebSocketChannel::derefThreadableWebSocketChannel): Deleted.

2015-05-05  Žan Doberšek  <zdobersek@igalia.com>

        EventHandler::m_eventHandlerWillResetCapturingMouseEventsElement is incorrectly initialized
        https://bugs.webkit.org/show_bug.cgi?id=144583

        Reviewed by Daniel Bates.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::EventHandler): The
        m_eventHandlerWillResetCapturingMouseEventsElement is a boolean,
        so initialize it to false, instead of to nullptr.

2015-05-05  Manuel Rego Casasnovas  <rego@igalia.com>

        [CSS Grid Layout] grid-template-areas should accept none value
        https://bugs.webkit.org/show_bug.cgi?id=144624

        Reviewed by Darin Adler.

        Default value for grid-template-areas property is "none":
        http://dev.w3.org/csswg/css-grid/#propdef-grid-template-areas

        Currently if you set the property to "none" from JavaScript, the value
        doesn't get reseted and it keeps the old value.

        Update fast/css-grid-layout/grid-template-areas-get-set.html adding a
        new test case.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseGridTemplateAreas): Add support to parse
        "none" successfully.

2015-05-05  Zalan Bujtas  <zalan@apple.com>

        Remove unused RenderLayerBacking::hasContentsLayer().
        https://bugs.webkit.org/show_bug.cgi?id=144658

        Reviewed by Simon Fraser.

        No change in functionality.

        * rendering/RenderLayerBacking.h:

2015-05-05  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Limit NFA size.
        https://bugs.webkit.org/show_bug.cgi?id=144649

        Reviewed by Benjamin Poulain.

        * contentextensions/CombinedURLFilters.cpp:
        (WebCore::ContentExtensions::generateNFAForSubtree):
        (WebCore::ContentExtensions::CombinedURLFilters::processNFAs):
        Add a maximum NFA size to ensure that we do not use too much memory when compiling.
        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        Remove debugging code that doesn't compile any more.

2015-05-05  Roger Fong  <roger_fong@apple.com>

        Unreviewed. Some assertion failures in compositing code after r183820.
        https://bugs.webkit.org/show_bug.cgi?id=144630.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::computeCompositingRequirements):

2015-05-05  Timothy Horton  <timothy_horton@apple.com>

        Add a layout mode for computing fixed layout size from a minimum size
        https://bugs.webkit.org/show_bug.cgi?id=144610
        <rdar://problem/19790341>

        Reviewed by Simon Fraser.

        * platform/spi/cocoa/QuartzCoreSPI.h:
        Add some SPI.

2015-05-05  Brent Fulgham  <bfulgham@apple.com>

        iOS] Scroll snap points trigger reentrant layout
        https://bugs.webkit.org/show_bug.cgi?id=144644
        <rdar://problem/20366547>

        Reviewed by Simon Fraser.

        Covered by scroll-snap-mandatory.html test.

        We had an iOS code path in 'appendChildSnapOffsets' that used offsetLeft and offsetTop. This code
        was sometimes called during layout, which triggered a reentrant layout call, resulting in a debug
        assertion.

        * page/scrolling/AxisScrollSnapOffsets.cpp:
        (WebCore::appendChildSnapOffsets): Remove iOS codepath.

2015-05-05  Roger Fong  <roger_fong@apple.com>

        Blurry media control icons on non retina displays.
        https://bugs.webkit.org/show_bug.cgi?id=144638.
        <rdar://problem/20526166>

        Reviewed by Dean Jackson.

        * Modules/mediacontrols/mediaControlsApple.css:
        Adjust fullscreen buttons so that they look good on both 1x and 2x displays.
        (audio::-webkit-media-controls-fullscreen-button):
        (audio::-webkit-media-controls-fullscreen-button.exit):
        (audio::-webkit-media-controls-fullscreen-button:active):
        (audio::-webkit-media-controls-panel button.exit:active):
        Handle wireless playback picker button background in mediaControlsApple.js
        (audio::-webkit-media-controls-wireless-playback-picker-button):
        (audio::-webkit-media-controls-wireless-playback-picker-button.playing): Deleted.

        * Modules/mediacontrols/mediaControlsApple.js:
        Update wireless playback picker button based on display type.
        (Controller.prototype.UIString):
        (Controller.prototype.handleReadyStateChange):
        (Controller.prototype.updateWirelessTargetPickerButton):
        (Controller.prototype.updateWirelessPlaybackStatus):

2015-05-05  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Crash under WebCore::domWindowFromExecState reloading page with inspector open
        https://bugs.webkit.org/show_bug.cgi?id=144636

        Reviewed by Mark Lam.

        This ensures we create an InjectedScript for the execution context
        (frame) preventing the global object / exec state from getting garbage
        collected before we remove it from our map.

        * inspector/PageRuntimeAgent.cpp:
        (WebCore::PageRuntimeAgent::notifyContextCreated):

2015-05-05  Dean Jackson  <dino@apple.com>

        [iOS] AirPlay placeholder in inline videos uses Helvetica or Times, should be system font
        https://bugs.webkit.org/show_bug.cgi?id=144643

        Reviewed by Brent Fulgham.

        The Airplay placard should use "-apple-system" as a font-family.

        * Modules/mediacontrols/mediaControlsiOS.css:
        (audio::-webkit-media-controls-wireless-playback-status):

2015-05-05  Zalan Bujtas  <zalan@apple.com>

        Navigating to www.apple.com hits assertion in WebCore::TextIteratorCopyableText::set()
        https://bugs.webkit.org/show_bug.cgi?id=144629
        rdar://problem/20689877

        Reviewed by Andreas Kling.

        This patch ensures that we don't emit empty text for the text iterator.
        In TextIterator::handleTextNode before emitting a string, certain characters (\n \t) need to
        be replaced with space. When such character is found, we emit the string we've processed so far and
        handle the replacement during the next callback.
        When the first character in the string needs replacing, there's nothing to emit. However if we don't
        handle at least one character, TextIterator::advance believes that processing is done and never calls  
        TextIterator::handleTextNode back with the rest of the string. 

        Test: fast/text/simple-line-layout-innerText-with-newline.html

        * editing/TextIterator.cpp:
        (WebCore::isNewLineOrTabCharacter):
        (WebCore::TextIterator::handleTextNode):

2015-05-05  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Use less memory to store the json input.
        https://bugs.webkit.org/show_bug.cgi?id=144604

        Reviewed by Benjamin Poulain.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        * contentextensions/ContentExtensionCompiler.h:
        (WebCore::ContentExtensions::loadEncodedRules):
        Don't copy strings as much or keep them alive after done using them.

2015-05-05  Eric Carlson  <eric.carlson@apple.com>

        Prevent recursive calls to show target picker menu.
        https://bugs.webkit.org/show_bug.cgi?id=144637
        <rdar://problem/20824726>

        Reviewed by Jer Noble.

        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.h: Add m_showingMenu.
        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
        (WebCore::MediaPlaybackTargetPickerMac::showPlaybackTargetPicker): Do nothing if the menu
        is already showing.

2015-05-05  Dean Jackson  <dino@apple.com>

        Use system blue for Airplay Glyph
        https://bugs.webkit.org/show_bug.cgi?id=144614

        There was a typo in the last commit.

        * Modules/mediacontrols/mediaControlsiOS.css:
        (audio::-webkit-media-controls-optimized-fullscreen-button): Transition duration should be 250ms.

2015-05-04  Dean Jackson  <dino@apple.com>

        [iOS] Use system blue for Airplay Glyph
        https://bugs.webkit.org/show_bug.cgi?id=144614

        Reviewed by Eric Carlson.

        Revert to using masks for the glyphs in the media controls,
        which allows us to:
        - use the system blue color when Airplay is active <rdar://problem/20245297>
        - fade out from the active state <rdar://problem/20245487>
        - allow the play button to give touch feedback <rdar://problem/17849930>

        While those are three separate bugs, they all get addressed by
        this single change.

        * Modules/mediacontrols/mediaControlsiOS.css:
        (audio::-webkit-media-controls-optimized-fullscreen-button):
        (audio::-webkit-media-controls-optimized-fullscreen-button:active):
        (video::-webkit-media-controls-play-button):
        (video::-webkit-media-controls-play-button.paused):
        (video::-webkit-media-controls-fullscreen-button):
        (video::-webkit-media-controls-wireless-playback-picker-button):
        (video::-webkit-media-controls-wireless-playback-picker-button.playing):
        (video::-webkit-media-controls-optimized-fullscreen-button):
        (video::-webkit-media-controls-play-button:active): Deleted.
        (video::-webkit-media-controls-play-button.paused:active): Deleted.
        (video::-webkit-media-controls-fullscreen-button:active): Deleted.
        (video::-webkit-media-controls-wireless-playback-picker-button:active): Deleted.

2015-05-05  Eric Carlson  <eric.carlson@apple.com>

        Only autoplay videos should not automatically play to playback target
        https://bugs.webkit.org/show_bug.cgi?id=144633

        Reviewed by Jer Noble.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement): Set RequireUserGestureToAutoplayToExternalDevice.
        (WebCore::HTMLMediaElement::removeBehaviorsRestrictionsAfterFirstUserGesture): Remove
        RequireUserGestureToAutoplayToExternalDevice.
        (WebCore::HTMLMediaElement::mediaState): Set ExternalDeviceAutoPlayCandidate if playback
        was started from a user gesture, even if the video loops and/or doesn't have audio.

        * html/HTMLMediaSession.h: Define RequireUserGestureToAutoplayToExternalDevice.
        (WebCore::HTMLMediaSession::hasBehaviorRestriction): New.

2015-05-05  Brent Fulgham  <bfulgham@apple.com>

        Unreviewed logging fix.

        * page/WheelEventTestTrigger.cpp:
        (WebCore::WheelEventTestTrigger::triggerTestTimerFired): Fix typo in logging channel.

2015-05-04  Roger Fong  <roger_fong@apple.com>

        Media control volume slider is opaque.
        https://bugs.webkit.org/show_bug.cgi?id=144470.
        <rdar://problem/20770350>

        Rubberstamped by Simon Fraser.

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-panel): 
        Don't create a stacking context just for the controls.
        Doing so causes the mix-blend-mode on the volume box to fail.

2015-05-05  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Combine NFAs properly and free memory as we compile.
        https://bugs.webkit.org/show_bug.cgi?id=144485

        Reviewed by Benjamin Poulain.

        This patch correctly combines all regular expressions with a common prefix up to
        the last quantified term into the same NFA.  It also deletes the prefix tree as it 
        creates NFAs, thus reducing the maximum memory used when compiling.

        * contentextensions/CombinedURLFilters.cpp:
        (WebCore::ContentExtensions::CombinedURLFilters::isEmpty):
        (WebCore::ContentExtensions::CombinedURLFilters::addPattern):
        (WebCore::ContentExtensions::generateNFAForSubtree):
        (WebCore::ContentExtensions::CombinedURLFilters::processNFAs):
        (WebCore::ContentExtensions::CombinedURLFilters::clear): Deleted.
        * contentextensions/CombinedURLFilters.h:
        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        * contentextensions/ContentExtensionsDebugging.h:

2015-05-04  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Use less memory when writing byte code to file
        https://bugs.webkit.org/show_bug.cgi?id=144602

        Reviewed by Darin Adler.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        * contentextensions/ContentExtensionCompiler.h:
        Compile one DFA at a time so we don't need to keep all the bytecode in memory at the same time.
        * contentextensions/DFABytecodeInterpreter.cpp:
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
        Jumps are now relative to the current DFA because we don't know about other DFAs that
        have been compiling when linking the DFA bytecode.  This will also make the DFA bytecode
        easier to minimize because more of the values are small in the DFAs after the first DFA.
        * platform/FileSystem.h:

2015-05-05  Csaba Osztrogonác  <ossy@webkit.org>

        Unreviewed, speculative WinCairo buildfix after r183807.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:

2015-05-05  Csaba Osztrogonác  <ossy@webkit.org>

        Remove TextureMapperImageBuffer
        https://bugs.webkit.org/show_bug.cgi?id=143561

        Reviewed by Žan Doberšek.

        * CMakeLists.txt:
        * PlatformEfl.cmake:
        * PlatformGTK.cmake:
        * PlatformWinCairo.cmake:
        * platform/graphics/GraphicsContext3DPrivate.cpp:
        (WebCore::GraphicsContext3DPrivate::paintToTextureMapper):
        * platform/graphics/cairo/ImageBufferCairo.cpp:
        (WebCore::ImageBufferData::paintToTextureMapper):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::paintToTextureMapper):
        * platform/graphics/texmap/BitmapTextureImageBuffer.cpp: Removed.
        * platform/graphics/texmap/BitmapTextureImageBuffer.h: Removed.
        * platform/graphics/texmap/BitmapTexturePool.cpp:
        (WebCore::BitmapTexturePool::createTexture):
        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::setFilters):
        * platform/graphics/texmap/TextureMapper.cpp:
        (WebCore::TextureMapper::create):
        (WebCore::TextureMapper::TextureMapper):
        * platform/graphics/texmap/TextureMapper.h:
        (WebCore::TextureMapper::accelerationMode): Deleted.
        * platform/graphics/texmap/TextureMapperGL.cpp:
        (WebCore::TextureMapperGL::TextureMapperGL):
        * platform/graphics/texmap/TextureMapperImageBuffer.cpp: Removed.
        * platform/graphics/texmap/TextureMapperImageBuffer.h: Removed.
        * platform/graphics/texmap/coordinated/CompositingCoordinator.cpp:
        (WebCore::CompositingCoordinator::CompositingCoordinator):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::GraphicsLayer::supportsContentsTiling):
        (WebCore::CoordinatedGraphicsLayer::setShouldSupportContentsTiling): Deleted.
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:

2015-05-05  Javier Fernandez  <jfernandez@igalia.com>

        [CSS Box Alignment] Upgrade align-content parsing to CSS3 Box Alignment spec
        https://bugs.webkit.org/show_bug.cgi?id=144443

        Reviewed by Darin Adler.

        Upgrade the align-content property to the last CSS3 Box
        Alignment specification. As it uses a different enumeration for
        Positional and Distribution alignment, it implies some changes in
        the FlexibleBox implementation.

        Test: css3/parse-align-content.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::resolveContentAlignmentAuto):
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSParser.cpp:
        (WebCore::isValidKeywordPropertyAndValue):
        (WebCore::isKeywordPropertyID):
        (WebCore::CSSParser::parseValue):
        * css/CSSPropertyNames.in:
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::layoutAndPlaceChildren):
        (WebCore::RenderFlexibleBox::layoutColumnReverse):
        (WebCore::initialAlignContentOffset):
        (WebCore::alignContentSpaceBetweenChildren):
        (WebCore::RenderFlexibleBox::alignFlexLines):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::resolveContentAlignment):
        (WebCore::RenderStyle::resolveContentJustification):
        * rendering/style/RenderStyle.h:
        * rendering/style/StyleRareNonInheritedData.cpp:
        (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
        (WebCore::StyleRareNonInheritedData::operator==):
        * rendering/style/StyleRareNonInheritedData.h:

2015-05-05  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet  <youenn.fablet@crf.canon.fr>

        streams/readable-stream.html is very flaky
        https://bugs.webkit.org/show_bug.cgi?id=144455

        Reviewed by Darin Adler.

        Changed the link between readadable stream and controller.
        Controller ref()/deref() now increments/decrements its stream ref counter.
        This ensures that even if JS scripts do not keep track of the readable stream,
        the readable stream will not be disposed as long as the JS script has access to its controller.

        Test: streams/readable-stream-gc.html

        * Modules/streams/ReadableStreamController.h:
        (WebCore::ReadableStreamController::ReadableStreamController):
        (WebCore::ReadableStreamController::ref):
        (WebCore::ReadableStreamController::deref):
        (WebCore::ReadableStreamController::create): Deleted.
        (WebCore::ReadableStreamController::stream): Deleted.
        * bindings/js/JSReadableStreamControllerCustom.cpp:
        (WebCore::JSReadableStreamController::close):
        (WebCore::JSReadableStreamController::enqueue):
        (WebCore::JSReadableStreamController::error):
        * bindings/js/ReadableStreamJSSource.cpp:
        (WebCore::ReadableStreamJSSource::~ReadableStreamJSSource):
        (WebCore::ReadableStreamJSSource::start):
        (WebCore::ReadableJSStream::jsController):
        * bindings/js/ReadableStreamJSSource.h:

2015-05-05  Myles C. Maxfield  <mmaxfield@apple.com>

        Small cleanup in RenderText::computePreferredLogicalWidths()
        https://bugs.webkit.org/show_bug.cgi?id=144615

        Reviewed by Simon Fraser.

        A little bit of cleanup before I tackle dependent widths in this function.

        No new tests because there is no behavior change.

        * rendering/RenderText.cpp:
        (WebCore::RenderText::computePreferredLogicalWidths):

2015-05-05  Joanmarie Diggs  <jdiggs@igalia.com>

        [ATK] AX: figure out platform difference for ATK to make accessibility/table-cell-display-block.html work
        https://bugs.webkit.org/show_bug.cgi?id=143083

        Reviewed by Chris Fleizach.

        The main platform difference was that ATK was mapping the td element to
        the accessible table cell, and the render block resulting from the style
        wound up being the cell parent. In contrast, AX API was mapping the cell
        element to an AXGroup which was a child of the AXCell. Rather than try to
        bend yet another case to the will of our individual platforms' table needs,
        it made more sense to clean up the code that is competing and move toward
        more platform-unified handling. This is the first step in that direction,
        with ATK moving closer toward the WebCore/AX API mapping.

        No new tests. Instead, modified and fixed the test which was being skipped
        for GTK, and also updated the expectations of some Mac tests whose FIXMEs
        should now be fixed.

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::supportsRequiredAttribute):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
        * accessibility/AccessibilityTable.cpp:
        (WebCore::AccessibilityTable::computeIsTableExposableThroughAccessibility):
        * accessibility/AccessibilityTableCell.cpp:
        (WebCore::AccessibilityTableCell::determineAccessibilityRole):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (createAccessibilityRoleMap):

2015-05-04  Jer Noble  <jer.noble@apple.com>

        [iOS] Videos on apple.com flash when touching to show or hide the controls
        https://bugs.webkit.org/show_bug.cgi?id=144598

        Reviewed by Eric Carlson.

        The apple.com site will add a "selection" rectangle atop a playing video when it recieves a touchstart
        event. The default media controls use touchstart to signal the controls to become visible. Stop the touch
        from propagating down to the page in this case.

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.handleWrapperTouchStart):

2015-05-04  Andreas Kling  <akling@apple.com>

        Record the reference time when Performance is constructed.
        <https://webkit.org/b/144616>

        Reviewed by Geoffrey Garen.

        This is a merge of Blink's r156613 by simonjam@chromium.org.

        Cache a copy of the DocumentLoader's reference timestamp when constructing
        the Performance object. That way we don't have to jump through a bunch of scary
        hoops to access it when now() is called later on.

        * page/Performance.cpp:
        (WebCore::Performance::Performance):
        (WebCore::Performance::now): Deleted.
        * page/Performance.h:

2015-05-04  Simon Fraser  <simon.fraser@apple.com>

        Fix assertions in WK1 tests after r183777.
        
        Two issues with the original change:
        
        If not in compositing mode, we shouldn't schedule layer flushes, since
        Document::documentWillSuspendForPageCache() only only calls cancelCompositingLayerUpdate()
        if in compositing mode.
        
        Second, RenderLayerCompositor::rootBackgroundTransparencyChanged() never stored the
        new color, resulting in too many triggered compositing updates.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::rootBackgroundTransparencyChanged):

2015-05-04  Zalan Bujtas  <zalan@apple.com>

        RenderWidget::setWidgetGeometry() can end up destroying *this*.
        https://bugs.webkit.org/show_bug.cgi?id=144601

        Reviewed by Andreas Kling.

        This is a speculative fix to ensure we don't crash on an invalid *this* renderer
        while flattening the current iframe.
        Calling RenderWidget::setWidgetGeometry() can result in destroying the current renderer.
        While it is not a issue in case of normal layout flow as widget positions are updated at post layout,
        frame flattening initiates this action in the middle of layout.
        This patch re-introduces refcount model for RenderWidgets so that the renderer is protected during layout
        when frame flattening is in use.

        * rendering/RenderFrameBase.cpp:
        (WebCore::RenderFrameBase::layoutWithFlattening): Let's be paranoid about child view.
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::destroy):
        * rendering/FrameView.cpp:
        (WebCore::FrameView::layout):
        * rendering/RenderView.h:
        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::~RenderWidget):
        * rendering/RenderWidget.h:
        (WebCore::RenderWidget::ref):
        (WebCore::RenderWidget::deref):

2015-05-04  Doug Russell  <d_russell@apple.com>

        AX: setting focus via accessibility object needs to set isSynchronizing in resulting selection intent
        https://bugs.webkit.org/show_bug.cgi?id=144489

        Reviewed by Chris Fleizach.

        Resolves infinite looping when navigating rapidly between controls with the search API and then focusing
        on the returned control.
        Remove isSynchronizing flag from AXTextStateChangeIntent and put it on AXObjectCache.
        Move AXTextStateChangeIntent logic in AccessibilityRenderObject into a helper method.
        Call new AXTextStateChangeIntent helper from AccessibilityRenderObject::setFocus().
        Add support for setSelectedVisibleTextRange() in accessibility tests.

        Test: platform/mac/accessibility/selection-sync.html

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::showIntent):
        (WebCore::AXObjectCache::setTextSelectionIntent):
        (WebCore::AXObjectCache::setIsSynchronizingSelection):
        (WebCore::AXObjectCache::postTextStateChangeNotification):
        * accessibility/AXObjectCache.h:
        * accessibility/AXTextStateChangeIntent.h:
        (WebCore::AXTextStateChangeIntent::AXTextStateChangeIntent):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::setTextSelectionIntent):
        (WebCore::AccessibilityRenderObject::setSelectedTextRange):
        (WebCore::AccessibilityRenderObject::setFocused):
        (WebCore::AccessibilityRenderObject::setSelectedVisiblePositionRange):
        (WebCore::AccessibilityRenderObject::boundsForVisiblePositionRange): Deleted.
        * accessibility/mac/AXObjectCacheMac.mm:
        (WebCore::AXObjectCache::postTextStateChangePlatformNotification):

2015-05-04  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Audio-only files should not have a device picker
        https://bugs.webkit.org/show_bug.cgi?id=144606
        <rdar://problem/20806387>

        Reviewed by Dean Jackson.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.hasVideo): New.
        (Controller.prototype.updateFullscreenButtons): Use hasVideo.
        (Controller.prototype.updateHasVideo): Ditto.
        (Controller.prototype.updateWirelessTargetAvailable): Don't show the target picker button
        unless a file has video.

2015-05-04  Chris Dumez  <cdumez@apple.com>

        Crash at com.apple.WebKit.WebContent at com.apple.WebCore: WebCore::createWindow + 185
        https://bugs.webkit.org/show_bug.cgi?id=144597
        <rdar://problem/20361579>

        Reviewed by Andreas Kling.

        Test: fast/dom/Window/window-open-activeWindow-null-frame.html

        In our implementation of window.open(), we make sure that the window
        which window.open() is called has a frame. However, we did not have the
        same check for the activeDOMWindow (i.e. the lexicalGlobalObject) causing
        us to crash in WebCore::createWindow() when dereferencing it.

        This patch updates WebCore::createWindow() takes a reference to the
        openerFrame instead of a pointer to make it clear the implementation
        expects it to be non-null. A null check is then added for the frame
        at the call site: DOMWindow::createWindow().

        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorFrontendClientLocal::openInNewTab):
        * loader/FrameLoader.cpp:
        (WebCore::isDocumentSandboxed):
        (WebCore::FrameLoader::submitForm):
        (WebCore::createWindow):
        Take a reference to openerFrame instead of a pointer as the
        implementation expects it to be non-null.

        * loader/FrameLoader.h:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::createWindow):
        Add null check for activeFrame before passing it to
        WebCore::createWindow().

2015-05-04  Dean Jackson  <dino@apple.com>

        Create a named CSS property for system colors
        https://bugs.webkit.org/show_bug.cgi?id=144423

        Follow-up comments from Darin Adler.

        * rendering/RenderThemeIOS.h: Cache a Color rather than an RGBA32.
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::systemColor): Use "add" to avoid multiple hits on the HashMap, and
        cache invalid responses so that we don't have to keep looking for non-existent colors.
        * rendering/RenderThemeMac.h: Same as iOS.
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::systemColor):

2015-05-04  Simon Fraser  <simon.fraser@apple.com>

        display:none iframes cause repeated compositing flushing
        https://bugs.webkit.org/show_bug.cgi?id=144529

        Reviewed by Darin Adler.
        
        FrameView::updateLayoutAndStyleIfNeededRecursive() only forces layout on rendered
        frames, by virtue of using its Widget children which are FrameViews.
        
        However, FrameView::flushCompositingStateIncludingSubframes() iterated over
        all frames, and return false if any subframe needed layout. Thus, if it saw
        non-rendered frames (which are never laid out), it would return false,
        which causes the CFRunLoopObserver that drives flushing to run again.
        
        Fix by having FrameView::flushCompositingStateIncludingSubframes() only check
        rendered frames, using FrameTree::traverseNextRendered() (which needs to be public).
        
        Also change FrameView::needsStyleRecalcOrLayout() and FrameView::updateLayoutAndStyleIfNeededRecursive()
        to fetch the list of FrameViews using FrameTree's nextRenderedSibling(), rather than using
        the Widget tree, since we'd like to eventually remove Widgets, and using the Frame
        tree matches flushCompositingStateIncludingSubframes() and other code.

        Test: compositing/iframes/display-none-subframe.html

        * page/FrameTree.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::flushCompositingStateIncludingSubframes):
        (WebCore::FrameView::needsStyleRecalcOrLayout):
        (WebCore::FrameView::renderedChildFrameViews): Helper that returns a vector
        of Ref<FrameView>s for rendered frames only.
        (WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive):
        * page/FrameView.h:

2015-05-04  Chris Dumez  <cdumez@apple.com>

        Unreviewed. Fix build with SECURITY_ASSERTIONS enabled.
        <rdar://problem/20653104>

        * dom/ScriptExecutionContext.cpp:
        (WebCore::ScriptExecutionContext::ScriptExecutionContext):
        (WebCore::ScriptExecutionContext::canSuspendActiveDOMObjectsForPageCache):
        (WebCore::ScriptExecutionContext::suspendActiveDOMObjects):
        (WebCore::ScriptExecutionContext::resumeActiveDOMObjects):
        * dom/ScriptExecutionContext.h:

2015-05-04  Simon Fraser  <simon.fraser@apple.com>

        Fix updating of tiled backing opaquenss when the page background color changes
        https://bugs.webkit.org/show_bug.cgi?id=144600
        rdar://problem/20723035

        Reviewed by Tim Horton.

        RenderLayerCompositor makes the page tiles opaque or not based on the result of
        viewHasTransparentBackground(), which consults the view transparency, and
        FrameView::documentBackgroundColor(). documentBackgroundColor() in turn is based
        on the root and/or body background colors.

        We thus need to re-evaluate whether page tiles are opaque when any of these inputs
        change, but were failing to do so for the FrameView's baseBackgroundColor, and
        the page root background color.
        
        Fix by having FrameView::setBaseBackgroundColor(), and RenderBox::styleDidChange()
        (for the root) trigger a compositing update when necessary.

        Added setViewBaseBackgroundColor() on Internals for testing.

        Test: platform/mac-wk2/tiled-drawing/background-transparency-toggle.html

        * page/FrameView.cpp:
        (WebCore::FrameView::setTransparent): Use the isViewForDocumentInFrame() helper.
        (WebCore::FrameView::setBaseBackgroundColor): Bail if we're not the view for the 
        frame's document, and trigger a compositing update check if the alpha changed.
        (WebCore::FrameView::isViewForDocumentInFrame): Helper that checks to see if
        this FrameView is associated with the Document being displayed in the FrameView's
        Frame. This returns false when we're setting up a new FrameView (its Frame still
        points to the old document, so renderView() returns the RenderView for the Frame's
        existing Document).
        * page/FrameView.h:
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::styleDidChange): Have the compositor check to see if it needs
        to do an update.
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::rootBackgroundTransparencyChanged): If the result
        of documentBackgroundColor() changed in alpha since the last time, trigger a compositing
        update.
        * rendering/RenderLayerCompositor.h:
        * testing/Internals.cpp:
        (WebCore::Internals::setViewBaseBackgroundColor):
        * testing/Internals.h:
        * testing/Internals.idl:

2015-05-04  Jer Noble  <jer.noble@apple.com>

        [iOS] Crash in -[WebCALayerHostWrapper resolveBounds]
        https://bugs.webkit.org/show_bug.cgi?id=144595

        Reviewed by Eric Carlson.

        It is possible for a WebCALayorHostWrapper to outlive the WebVideoFullscreenModel to which it refers,
        since the model pointer is bare, rather than a RefPtr. The reference to the model must be invalidated
        before the model is destroyed.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::cleanupFullscreenInternal):

2015-05-04  Ryosuke Niwa  <rniwa@webkit.org>

        Toggling underline or strike through affects each other
        https://bugs.webkit.org/show_bug.cgi?id=27818

        Reviewed by Darin Adler.

        This patch introduces a new mechanism to apply and remove text decorations. This is necessary because text
        decorations are always additive and we can't differentiate whether we're adding or removing a text decoration.
        Conceptually, we need four values for text decorations: adding underline, removing underline, adding
        line-through, and removing line-through but we have only three: underline, line-through, none.

        After this patch, there are three mechanism by which text decorations states are kept tracked. While applying
        or removing text decorations, we use newly added m_underlineChange and m_strikeThroughChange in EditingStyle.
        For the typing style, we use -webkit-text-decorations-in-effect to store the state since we need to preserve
        every type of text decorations such as overline in addition to underline and line-through. Once applied, all
        text decorations should be expressed in terms of the standard text-decoration property.

        Test: editing/execCommand/toggle-mixed-text-decorations.html

        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::applyBlockStyle):
        (WebCore::ApplyStyleCommand::removeCSSStyle): conflictsWithInlineStyleOfElement now creates a new inline style
        instead of a list of properties to remove.
        (WebCore::ApplyStyleCommand::addBlockStyle):
        (WebCore::ApplyStyleCommand::applyInlineStyleChange): Merge inline styles instead of adding as string.
        Otherwise it would generate style content attribute with multiple text-decoration properties.

        * editing/EditingStyle.cpp:
        (WebCore::HTMLElementEquivalent::matches):
        (WebCore::HTMLElementEquivalent::propertyExistsInStyle): Takes an EditingStyle instead of StyleProperties.
        (WebCore::HTMLElementEquivalent::valueIsPresentInStyle):
        (WebCore::HTMLTextDecorationEquivalent::HTMLTextDecorationEquivalent): 
        (WebCore::HTMLTextDecorationEquivalent::propertyExistsInStyle): Respect newly added m_strikeThroughChange and
        m_underlineChange in EditingStyle.
        (WebCore::HTMLTextDecorationEquivalent::valueIsPresentInStyle): Ditto.
        (WebCore::HTMLTextDecorationEquivalent::changeInStyle): Added. Retrieves the change enum for the associated
        type of text-decoration (underline or strike through).
        (WebCore::HTMLAttributeEquivalent::matches):
        (WebCore::HTMLAttributeEquivalent::valueIsPresentInStyle):
        (WebCore::EditingStyle::EditingStyle): Initialize m_underlineChange and m_strikeThroughChange. Also use the
        delegating constructor elsewhere. Also added the missing call to extractFontSizeDelta() in the variant that
        takes CSSPropertyID and String, and added a variant that takes CSSPropertyID and CSSValueID.
        (WebCore::EditingStyle::isEmpty): Return false when m_underlineChange and m_strikeThroughChange are not "none".
        (WebCore::applyTextDecorationChangeToValueList): Added.
        (WebCore::EditingStyle::overrideTypingStyleAt): Added. Used by Editor::computeAndSetTypingStyle to set a new
        typing style. Resolve m_underlineChange and m_strikeThroughChange into -webkit-text-decorations-in-effect.
        (WebCore::EditingStyle::clear): Clear m_underlineChange and m_strikeThroughChange.
        (WebCore::EditingStyle::copy): Copy m_underlineChange and m_strikeThroughChange.
        (WebCore::textDecorationValueList): Added.
        (WebCore::EditingStyle::conflictsWithInlineStyleOfElement): Now takes a pointer to MutableStyleProperties
        instead of a vector. This was necessary we can't simply remove text-decoration property in ApplyStyleCommand's
        removeCSSStyle as that would result in unrelated text decorations also getting removed. Also added the code
        for m_underlineChange and m_strikeThroughChange. Only removing text decoration changes can cause a conflict
        since text decorations are always additive.
        (WebCore::EditingStyle::conflictsWithImplicitStyleOfElement): Check isEmpty() instead of the nullity of
        m_mutableStyle to respect m_underlineChange and m_strikeThroughChange.
        (WebCore::EditingStyle::conflictsWithImplicitStyleOfAttributes):
        (WebCore::EditingStyle::extractConflictingImplicitStyleOfAttributes):
        (WebCore::EditingStyle::styleIsPresentInComputedStyleOfNode): Respect the values of m_underlineChange and
        m_strikeThroughChange. Here, the style is considered present if it has text decorations that are being added.
        (WebCore::EditingStyle::elementIsStyledSpanOrHTMLEquivalent):
        (WebCore::elementMatchesAndPropertyIsNotInInlineStyleDecl): Takes EditingStyle instead of StyleProperties to
        respect m_underlineChange and m_strikeThroughChange.
        (WebCore::EditingStyle::mergeInlineAndImplicitStyleOfElement):
        (WebCore::mergeTextDecorationValues):
        (WebCore::EditingStyle::mergeStyle): Make a copy of CSSValueList before modifying it since CSSValueList's are
        shared with other immutable StyleProperties.
        (WebCore::StyleChange::StyleChange): Set m_applyUnderline, m_applyLineThrough, and m_cssStyle if either
        m_underlineChange or m_strikeThroughChange are TextDecorationChange::Add in EditingStyle if the current position
        doesn't already have the matching style.
        (WebCore::StyleChange::operator==): Moved from the header file. Also added the logic to compare m_cssStyle now
        that it's a StyleProperties instead of String.

        * editing/EditingStyle.h: Added TextDecorationChange.
        (WebCore::EditingStyle::create): Added a variant that takes CSSPropertyID and CSSValueID.
        (WebCore::EditingStyle::conflictsWithInlineStyleOfElement):
        (WebCore::EditingStyle::setUnderlineChange): Added.
        (WebCore::EditingStyle::underlineChange): Added.
        (WebCore::EditingStyle::setStrikeThroughChange): Added.
        (WebCore::EditingStyle::strikeThroughChange): Added.
        (WebCore::StyleChange::cssStyle): Now returns StyleProperties* instead of String so that ApplyStyleCommand's
        applyInlineStyleChange could merge inline styles instead of just appending it to the end.
        (WebCore::StyleChange::operator==): Moved into the cpp file.

        * editing/Editor.cpp:
        (WebCore::Editor::applyStyle): Added. This variant takes EditingStyle instead of StyleProperties.
        (WebCore::Editor::applyStyleToSelection): Ditto.
        (WebCore::Editor::computeAndSetTypingStyle): Added a variant for EditingStyle. Also use overrideTypingStyleAt
        to set -webkit-text-decorations-in-effect based on m_underlineChange and m_strikeThroughChange 

        * editing/Editor.h:
        * editing/EditorCommand.cpp:
        (WebCore::applyCommandToFrame):
        (WebCore::isStylePresent): Extracted from executeToggleStyle.
        (WebCore::executeApplyStyle):
        (WebCore::executeToggleStyle):
        (WebCore::executeToggleStyleInList): Deleted.
        (WebCore::textDecorationChangeForToggling): Added. Used in executeStrikethrough and executeUnderline.
        (WebCore::executeStrikethrough):
        (WebCore::executeUnderline):

2015-05-04  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Fix build breakage caused by API deprecation
        https://bugs.webkit.org/show_bug.cgi?id=144593

        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
        (WebCore::MediaPlaybackTargetPickerMac::showPlaybackTargetPicker): Suppress warnings.

2015-05-04  Chris Dumez  <cdumez@apple.com>

        REGRESSION (r178156): CSS Parser incorrectly rejects valid calc() in padding-right property
        https://bugs.webkit.org/show_bug.cgi?id=144584
        <rdar://problem/20796829>

        Reviewed by Darin Adler.

        The CSS parser was rejecting calculated values at parsing time if it
        considered the value was negative and the CSS property did not allow
        negative values. However, doing so at this point will not always work
        because we don't necessarily know the font-size yet (for e.g. for
        calc(0.5em - 2px). Also, rejecting negative calculated values is not
        the right behavior as the the specification. The specification says
        we should clamp:
        http://dev.w3.org/csswg/css-values-3/#calc-range

        This patch updates validateCalculationUnit() to stop marking the value
        as invalid if it is negative. Instead, let the CSSCalcValue's permitted
        range clamp the value as needed.

        This bug was causing the bottom graphic on aldentrio.com to not be
        rendered properly.

        Test: fast/css/negative-calc-values.html
              fast/css/padding-calc-value.html

        * css/CSSParser.cpp:
        (WebCore::CSSParser::validateCalculationUnit):

2015-05-04  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Show wireless playback placard even when an element has custom controls
        https://bugs.webkit.org/show_bug.cgi?id=144548

        Reviewed by Brent Fulgham.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.shouldHaveAnyUI): Return true when playing to wireless target.
        (Controller.prototype.reconnectControls): Add controls when playing to wireless target.
        (Controller.prototype.setPlaying): Return early when there is no 'controls' attribute.
        (Controller.prototype.showControls): Ditto.
        (Controller.prototype.updateWirelessPlaybackStatus): Call updateBase when playing to wireless
        target to ensure that controls have been set up.
        (Controller.prototype.handleWirelessPlaybackChange): Call reconnectControls when playing
        to wireless target when there is no 'controls' attribute.
        (Controller.prototype.showInlinePlaybackPlaceholderOnly): New.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaPlayerCurrentPlaybackTargetIsWirelessChanged): Call configureMediaControls.
        (WebCore::HTMLMediaElement::configureMediaControls): Require controls when playing
        to wireless target.
        (WebCore::HTMLMediaElement::configureTextTrackDisplay): Remove some unhelpful, noisy, logging.

2015-05-04  Dan Bernstein  <mitz@apple.com>

        Fixed the build.

        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
        (WebCore::MediaPlaybackTargetPickerMac::showPlaybackTargetPicker): Moved off of a deprecated
        method to a non-deprecated equivalent.

2015-05-04  Javier Fernandez  <jfernandez@igalia.com>

        [CSS Box Alignment] Upgrade justify-content parsing to CSS3 Box Alignment spec.
        https://bugs.webkit.org/show_bug.cgi?id=144442

        Reviewed by David Hyatt.

        Upgrade the justify-content property to the last CSS3 Box
        Alignment specification. It defines a different enumeration for
        Positional and Distribution alignment, which requires changes in
        the FlexibleBox implementation.

        A new parsing function has been implemented to replace the basic
        keyword IDs validation. Because of the complexity of the new
        values, a new CSSPrimitiveValue derived class has been defined
        which simplifies considerably the parsing logic.

        We will follow the same approach than for Self Alignment, defining
        a single class to hold all the related alignment data. This makes
        possible to use a StyleBuilderConverter function instead of custom
        builder functions for these properties.

        Test: css3/parse-justify-content.html

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::resolveContentAlignmentAuto):
        (WebCore::valueForContentPositionAndDistributionWithOverflowAlignment):
        (WebCore::ComputedStyleExtractor::propertyValue):
        (WebCore::valueForItemPositionWithOverflowAlignment): Deleted.
        * css/CSSContentDistributionValue.cpp: Added.
        (WebCore::CSSContentDistributionValue::CSSContentDistributionValue):
        (WebCore::CSSContentDistributionValue::~CSSContentDistributionValue):
        (WebCore::CSSContentDistributionValue::customCSSText):
        (WebCore::CSSContentDistributionValue::equals):
        * css/CSSContentDistributionValue.h: Added.
        (WebCore::CSSContentDistributionValue::create):
        (WebCore::CSSContentDistributionValue::distribution):
        (WebCore::CSSContentDistributionValue::position):
        (WebCore::CSSContentDistributionValue::overflow):
        * css/CSSParser.cpp:
        (WebCore::isValidKeywordPropertyAndValue):
        (WebCore::isKeywordPropertyID):
        (WebCore::CSSParser::parseValue):
        (WebCore::isContentDistributionKeyword):
        (WebCore::isContentPositionKeyword):
        (WebCore::isAlignmentOverflowKeyword):
        (WebCore::CSSParser::parseContentDistributionOverflowPosition):
        (WebCore::CSSParser::parseItemPositionOverflowPosition):
        (WebCore::CSSParser::parseLegacyPosition): Deleted.
        * css/CSSParser.h:
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        (WebCore::CSSPrimitiveValue::operator ContentPosition):
        (WebCore::CSSPrimitiveValue::operator ContentDistributionType):
        (WebCore::CSSPrimitiveValue::operator EFlexDirection): Deleted.
        * css/CSSPropertyNames.in:
        * css/CSSValue.cpp:
        (WebCore::CSSValue::equals):
        (WebCore::CSSValue::cssText):
        (WebCore::CSSValue::destroy):
        * css/CSSValue.h:
        (WebCore::CSSValue::isContentDistributionValue):
        (WebCore::CSSValue::isWebKitCSSFilterValue): Deleted.
        * css/CSSValueKeywords.in:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertContentAlignmentData):
        (WebCore::StyleBuilderConverter::convertSelfOrDefaultAlignmentData): Deleted.
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::initialJustifyContentOffset):
        (WebCore::justifyContentSpaceBetweenChildren):
        (WebCore::RenderFlexibleBox::layoutAndPlaceChildren):
        (WebCore::RenderFlexibleBox::layoutColumnReverse):
        * rendering/RenderFullScreen.cpp:
        (WebCore::createFullScreenStyle):
        * rendering/mathml/RenderMathMLScripts.cpp:
        (WebCore::RenderMathMLScripts::fixAnonymousStyleForSubSupPair):
        (WebCore::RenderMathMLScripts::fixAnonymousStyles):
        * rendering/style/RenderStyle.h:
        * rendering/style/RenderStyleConstants.h:
        * rendering/style/StyleContentAlignmentData.h: Added.
        (WebCore::StyleContentAlignmentData::StyleContentAlignmentData):
        (WebCore::StyleContentAlignmentData::setPosition):
        (WebCore::StyleContentAlignmentData::setDistribution):
        (WebCore::StyleContentAlignmentData::setOverflow):
        (WebCore::StyleContentAlignmentData::position):
        (WebCore::StyleContentAlignmentData::distribution):
        (WebCore::StyleContentAlignmentData::overflow):
        (WebCore::StyleContentAlignmentData::operator==):
        (WebCore::StyleContentAlignmentData::operator!=):
        * rendering/style/StyleRareNonInheritedData.cpp:
        (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
        (WebCore::StyleRareNonInheritedData::operator==):
        * rendering/style/StyleRareNonInheritedData.h:

2015-05-04  Per Arne Vollan  <peavo@outlook.com>

        [WinCairo] Compile error in sharedEGLDisplay() method.
        https://bugs.webkit.org/show_bug.cgi?id=144563

        Reviewed by Alex Christensen.

        The PlatformDisplay type is undefined.

        * platform/graphics/egl/GLContextEGL.cpp:
        (WebCore::sharedEGLDisplay):

2015-05-04  Zan Dobersek  <zdobersek@igalia.com>

        [WTF] Remove Functional.h inclusions
        https://bugs.webkit.org/show_bug.cgi?id=144400

        Reviewed by Darin Adler.

        Remove unnecessary inclusions of the <wtf/Functional.h> header in WebCore.

        * Modules/mediastream/MediaStreamTrack.cpp:
        * Modules/mediastream/MediaStreamTrackSourcesRequest.cpp:
        * Modules/mediastream/UserMediaRequest.cpp:
        * page/scrolling/ScrollingTree.h:
        * page/scrolling/ios/ScrollingCoordinatorIOS.mm:
        * page/scrolling/mac/ScrollingCoordinatorMac.mm:
        * platform/MemoryPressureHandler.cpp:
        * platform/UserActivity.h: Include the <objc/objc.h> header that was previously
        indirectly included through Functional.h.
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        * platform/mac/SoftLinking.h: Unconditionally include the <objc/runtime.h> header
        that was previously included for the Mac port through Functional.h.

2015-05-04  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] Refactor ReadableJSStream and ReadableStreamJSSource
        https://bugs.webkit.org/show_bug.cgi?id=144387

        Reviewed by Darin Adler.

        Made ReadableStreamReader a private class of ReadableJSStream.
        Simplified ReadableJSStream construction so that binding constructor does not need to know about ReadableStreamJSSource. 

        No functional change, existing tests cover the changes.

        * Modules/streams/ReadableStream.h:
        (WebCore::ReadableStream::source): Added to implement jsSource(), needed by ReadableJSStream.
        * bindings/js/JSReadableStreamCustom.cpp:
        (WebCore::constructJSReadableStream): Simplified to not have to handle source creation.
        * bindings/js/ReadableStreamJSSource.cpp:
        (WebCore::ReadableStreamJSSource::globalObject): Helper function to be used in other future methods.
        (WebCore::ReadableStreamJSSource::start):
        (WebCore::ReadableJSStream::create):
        (WebCore::ReadableJSStream::createReader):
        (WebCore::ReadableJSStream::jsSource):
        (WebCore::ReadableJSStream::Reader::create):
        (WebCore::ReadableJSStream::Reader::Reader):
        * bindings/js/ReadableStreamJSSource.h:

2015-05-04  Csaba Osztrogonác  <ossy@webkit.org>

        Remove move-js-headers.sh
        https://bugs.webkit.org/show_bug.cgi?id=144323

        Reviewed by Daniel Bates.

        move-js-headers.sh was only used by the Wx port, which has been removed from trunk long ago.

        * move-js-headers.sh: Removed.

2015-05-04  Csaba Osztrogonác  <ossy@webkit.org>

        [ARM] Don't compare unsigned chars to EOF (-1)
        https://bugs.webkit.org/show_bug.cgi?id=144439

        Reviewed by Geoffrey Garen.

        * platform/linux/MemoryPressureHandlerLinux.cpp:
        (WebKit::nextToken): Don't cast return value of fgetc() to char.

2015-05-04  Manuel Rego Casasnovas  <rego@igalia.com>

        [CSS Grid Layout] Wrong computed style for named grid lines in implicit tracks
        https://bugs.webkit.org/show_bug.cgi?id=144449

        Reviewed by Sergio Villar Senin.

        If there're implicit tracks then trackPositions is bigger than
        trackSizes, so we need to use the proper index to append the trailing
        <ident>s in valueForGridTrackList().

        Test: fast/css-grid-layout/named-grid-lines-computed-style-implicit-tracks.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::valueForGridTrackList):

2015-05-03  Gyuyoung Kim  <gyuyoung.kim@webkit.org>

        Purge PassRefPtr in WebCore/html
        https://bugs.webkit.org/show_bug.cgi?id=144543

        Reviewed by Andreas Kling.

        Change PassRefPtr in create() factory functions with Ref. In some functions,
        it returns RefPtr when it might have a chance to return nullptr.

        No new tests, no behavior changes.

        * Modules/encryptedmedia/MediaKeySession.cpp:
        (WebCore::MediaKeySession::sendError):
        * html/DOMFormData.h:
        (WebCore::DOMFormData::create):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaPlayerCreateResourceLoader):
        * html/HTMLMediaElement.h:
        * html/MediaError.h:
        (WebCore::MediaError::create):
        * html/MediaKeyError.h:
        (WebCore::MediaKeyError::create):
        * html/canvas/CanvasGradient.h:
        * html/canvas/CanvasProxy.cpp:
        (WebCore::CanvasProxy::create):
        * html/canvas/CanvasProxy.h:
        * html/canvas/WebGLActiveInfo.h:
        (WebCore::WebGLActiveInfo::create):
        * html/canvas/WebGLContextAttributes.h:
        * html/canvas/WebGLContextGroup.h:
        * html/canvas/WebGLProgram.h:
        * html/canvas/WebGLQuery.h:
        * html/canvas/WebGLRenderbuffer.h:
        * html/canvas/WebGLSampler.h:
        * html/canvas/WebGLShader.h:
        * html/canvas/WebGLShaderPrecisionFormat.h:
        * html/canvas/WebGLSync.h:
        * html/canvas/WebGLTexture.h:
        * html/canvas/WebGLTransformFeedback.h:
        * html/canvas/WebGLUniformLocation.h:
        * html/canvas/WebGLVertexArrayObjectOES.h:
        * html/shadow/ImageControlsRootElement.cpp:
        (WebCore::ImageControlsRootElement::maybeCreate):
        * html/shadow/ImageControlsRootElement.h:
        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlPanelElement::create):
        (WebCore::MediaControlPanelEnclosureElement::create):
        (WebCore::MediaControlOverlayEnclosureElement::create):
        (WebCore::MediaControlTimelineContainerElement::create):
        (WebCore::MediaControlVolumeSliderContainerElement::create):
        (WebCore::MediaControlStatusDisplayElement::create):
        (WebCore::MediaControlPanelMuteButtonElement::create):
        (WebCore::MediaControlVolumeSliderMuteButtonElement::create):
        (WebCore::MediaControlPlayButtonElement::create):
        (WebCore::MediaControlOverlayPlayButtonElement::create):
        (WebCore::MediaControlSeekForwardButtonElement::create):
        (WebCore::MediaControlSeekBackButtonElement::create):
        (WebCore::MediaControlRewindButtonElement::create):
        (WebCore::MediaControlReturnToRealtimeButtonElement::create):
        (WebCore::MediaControlToggleClosedCaptionsButtonElement::create):
        (WebCore::MediaControlClosedCaptionsContainerElement::create):
        (WebCore::MediaControlClosedCaptionsTrackListElement::create):
        (WebCore::MediaControlTimelineElement::create):
        (WebCore::MediaControlPanelVolumeSliderElement::create):
        (WebCore::MediaControlFullscreenVolumeSliderElement::create):
        (WebCore::MediaControlFullscreenButtonElement::create):
        (WebCore::MediaControlFullscreenVolumeMinButtonElement::create):
        (WebCore::MediaControlFullscreenVolumeMaxButtonElement::create):
        (WebCore::MediaControlTimeRemainingDisplayElement::create):
        (WebCore::MediaControlCurrentTimeDisplayElement::create):
        * html/shadow/MediaControlElements.h:
        * html/shadow/MediaControlsApple.h:
        (WebCore::MediaControlsAppleEventListener::create):
        * html/shadow/MeterShadowElement.h:
        (WebCore::MeterInnerElement::create):
        (WebCore::MeterBarElement::create):
        (WebCore::MeterValueElement::create):
        * html/shadow/ProgressShadowElement.h:
        (WebCore::ProgressInnerElement::create):
        (WebCore::ProgressBarElement::create):
        (WebCore::ProgressValueElement::create):
        * html/shadow/mac/ImageControlsRootElementMac.cpp:
        (WebCore::ImageControlsRootElement::maybeCreate):
        * html/track/TextTrackCueList.h:
        (WebCore::TextTrackCueList::create):
        * html/track/VTTCue.cpp:
        (WebCore::VTTCue::create):
        * html/track/VTTCue.h:
        (WebCore::VTTCue::create):
        * html/track/VTTRegion.h:
        * html/track/VideoTrack.h:
        * html/track/VideoTrackList.h:
        * html/track/WebVTTElement.cpp:
        (WebCore::WebVTTElement::create):
        * html/track/WebVTTElement.h:
        * html/track/WebVTTParser.h:
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerClient::mediaPlayerCreateResourceLoader):

2015-05-03  Simon Fraser  <simon.fraser@apple.com>

        Make some static data const
        https://bugs.webkit.org/show_bug.cgi?id=144552

        Reviewed by Andreas Kling.

        Turn baseTable and shiftTable into const data.

        * platform/graphics/FormatConverter.cpp:

2015-05-02  Simon Fraser  <simon.fraser@apple.com>

        Assertion failure (!needsLayout()) loading inkedmag.com
        https://bugs.webkit.org/show_bug.cgi?id=144528
        rdar://problem/20788681

        Reviewed by Darin Adler.
        
        When animated GIFs get into catch-up mode, which is common on inkedmag.com,
        BitmapImage::advanceAnimation() can synchronously call it's observer's
        animationAdvanced(). This could cause RenderImage::repaintOrMarkForLayout()
        to repaint or mark itself as needing layout in the middle of painting.
        If painting multiple tiles, this could occur when painting the first tile,
        and then painting the second tile would assert in RenderView::paint().
        
        It's always wrong to synchronously call the observer when advancing
        the animation, since this happens when painting, and you can't repaint
        when painting. The long comment and call to startAnimation(DoNotCatchUp)
        was required to explain and work around this, but it's simpler to just
        advance the animation on a zero-delay timer.
        
        Special handling is required for the case where internalAdvanceAnimation()
        is catching up, and reaches the end of a non-repeating image; there, we
        have to set a flag and do the notify on a zero-delay timer.
        
        Lots of comment cleanup.

        Test: fast/images/set-needs-layout-in-painting.html

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::BitmapImage):
        (WebCore::BitmapImage::startTimer): Utility to create and start the timer.
        (WebCore::BitmapImage::repetitionCount):
        (WebCore::BitmapImage::startAnimation): Early return in the DoNotCatchUp clause.
        If skipping, and internalAdvanceAnimation() returns false (meaning it must have
        reached the end), then queue up a notify. Change the normal behavior to just
        start the timer.
        (WebCore::BitmapImage::stopAnimation):
        (WebCore::BitmapImage::internalAdvanceAnimation): Notify if the flag is set.
        * platform/graphics/BitmapImage.h:
        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::paint): Add a SetLayoutNeededForbiddenScope to
        detect setNeedsLayouts when painting replaced elements, including images.

2015-05-03  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK][EFL] Unify platform display handling
        https://bugs.webkit.org/show_bug.cgi?id=144517

        Reviewed by Martin Robinson.

        There are several places were we are handling the X display
        connection:

        - GLContext::sharedX11Display() creates a new connection.
        - X11Helper::nativeDisplay() creates a new connection.
        - BackingStoreBackendCairoX11 uses the GTK+ shared connection.
        - NetscapePlugin::x11HostDisplay() uses the GTK+/ecore shared connection
        - The rest of the GTK+ code uses the shared GTK+ connection

        And then we also have WaylandDisplay and the code to check if the
        current display is wayland or X11.
        We could unify all these to share the same connection to reduce
        the amount of ifdefs and ensure a single connection. That will
        also allow us to use "smart pointers" for the X resources that
        need a Display* to be freed.

        * PlatformEfl.cmake: Add new files to compilation.
        * PlatformGTK.cmake: Move some files to WebCore_SOURCES sinc ethey
        don't use GTK+ anymore, and add new files to compilation.
        * platform/graphics/GLContext.cpp:
        (WebCore::GLContext::cleanupActiveContextsAtExit): Remove the
        custom X11 connection.
        (WebCore::GLContext::createContextForWindow): Check if the shared
        display is Wayland to create a EGL context in such case.
        * platform/graphics/PlatformDisplay.cpp: Added.
        (WebCore::PlatformDisplay::createPlatformDisplay): Creates the
        shared display, using the GTK+/ecore shared connection.
        (WebCore::PlatformDisplay::sharedDisplay): Return the shared display.
        * platform/graphics/PlatformDisplay.h: Added.
        * platform/graphics/egl/GLContextEGL.cpp:
        (WebCore::sharedEGLDisplay): Use PlatformDisplay::sharedDisplay()
        to get the native display.
        (WebCore::GLContextEGL::createPixmapContext): Ditto.
        * platform/graphics/glx/GLContextGLX.cpp:
        (WebCore::GLContextGLX::createWindowContext): Ditto.
        (WebCore::GLContextGLX::createPbufferContext): Ditto.
        (WebCore::GLContextGLX::createPixmapContext): Ditto.
        (WebCore::GLContextGLX::createContext): Ditto.
        (WebCore::GLContextGLX::~GLContextGLX): Ditto.
        (WebCore::GLContextGLX::defaultFrameBufferSize): Ditto.
        (WebCore::GLContextGLX::makeContextCurrent): Ditto.
        (WebCore::GLContextGLX::swapBuffers): Ditto.
        (WebCore::GLContextGLX::cairoDevice): Ditto.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::ensureGstGLContext): Ditto.
        * platform/graphics/surfaces/glx/X11Helper.cpp:
        (WebCore::X11Helper::nativeDisplay): Ditto.
        * platform/graphics/wayland/PlatformDisplayWayland.cpp: Renamed from Source/WebCore/platform/graphics/wayland/WaylandDisplay.cpp.
        (WebCore::PlatformDisplayWayland::globalCallback):
        (WebCore::PlatformDisplayWayland::globalRemoveCallback):
        (WebCore::PlatformDisplayWayland::create): Renamed instance() as
        create() since the single instance is now handled by PlatformDisplay.
        (WebCore::PlatformDisplayWayland::PlatformDisplayWayland):
        (WebCore::PlatformDisplayWayland::createSurface):
        (WebCore::PlatformDisplayWayland::createSharingGLContext):
        * platform/graphics/wayland/PlatformDisplayWayland.h: Renamed from Source/WebCore/platform/graphics/wayland/WaylandDisplay.h.
        * platform/graphics/x11/PlatformDisplayX11.cpp: Added.
        (WebCore::PlatformDisplayX11::PlatformDisplayX11):
        (WebCore::PlatformDisplayX11::~PlatformDisplayX11):
        * platform/graphics/x11/PlatformDisplayX11.h: Added.
        * platform/gtk/GtkUtilities.cpp:
        (WebCore::getDisplaySystemType): Deleted.
        * platform/gtk/GtkUtilities.h:

2015-05-03  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] API tests crashing on debug builds due to extra unref
        https://bugs.webkit.org/show_bug.cgi?id=144508

        Reviewed by Mario Sanchez Prada.

        The problem is that we were assuming that when a new DOMWindow is
        created, the DOM object cache was notified about the previous
        DOMWindow being destroyed before objects for the new DOMWindow are
        added to the cache. However, that's not always the case and we
        only create a DOMWindowObserver for the first DOMWindow. We need
        to keep a pointer to the DOMWindow being observed to clear() the
        cache and create a new DOMWindowObserver when it changes in the
        Frame.

        Fixes crashes in several unit tests in debug builds.

        * bindings/gobject/DOMObjectCache.cpp:

2015-05-03  Alexey Proskuryakov  <ap@apple.com>

        Remove timer alignment logging that I added earler today.

        * page/Settings.cpp: (WebCore::Settings::setDOMTimerAlignmentInterval):

2015-05-02  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Purge PassRefPtr create() factory functions in html 
        https://bugs.webkit.org/show_bug.cgi?id=144522

        Reviewed by Darin Adler.

        Return Ref instead of PassRefPtr in create() factory functions in html, because the factory
        can't return null. This patch is a first step to purge in html. Following patch is going to
        be uploaded.

        No new tests, no behavior changes.

        * html/FileInputType.cpp:
        (WebCore::UploadButtonElement::create):
        (WebCore::UploadButtonElement::createForMultiple):
        * html/MediaController.cpp:
        (MediaController::create):
        * html/MediaController.h:
        * html/canvas/WebGLBuffer.cpp:
        (WebCore::WebGLBuffer::create):
        * html/canvas/WebGLBuffer.h:
        * html/canvas/WebGLContextAttributes.cpp:
        (WebCore::WebGLContextAttributes::create):
        * html/canvas/WebGLContextAttributes.h:
        * html/canvas/WebGLContextGroup.cpp:
        (WebCore::WebGLContextGroup::create):
        * html/canvas/WebGLContextGroup.h:
        * html/canvas/WebGLFramebuffer.cpp:
        (WebCore::WebGLFramebuffer::create):
        * html/canvas/WebGLFramebuffer.h:
        * html/canvas/WebGLProgram.cpp:
        (WebCore::WebGLProgram::create):
        * html/canvas/WebGLProgram.h:
        * html/canvas/WebGLQuery.cpp:
        (WebCore::WebGLQuery::create):
        * html/canvas/WebGLQuery.h:
        * html/canvas/WebGLRenderbuffer.cpp:
        (WebCore::WebGLRenderbuffer::create):
        * html/canvas/WebGLRenderbuffer.h:
        * html/canvas/WebGLSampler.cpp:
        (WebCore::WebGLSampler::create):
        * html/canvas/WebGLSampler.h:
        * html/canvas/WebGLShader.cpp:
        (WebCore::WebGLShader::create):
        * html/canvas/WebGLShader.h:
        * html/canvas/WebGLShaderPrecisionFormat.cpp:
        (WebCore::WebGLShaderPrecisionFormat::create):
        * html/canvas/WebGLShaderPrecisionFormat.h:
        * html/canvas/WebGLSync.cpp:
        (WebCore::WebGLSync::create):
        * html/canvas/WebGLSync.h:
        * html/canvas/WebGLTexture.cpp:
        (WebCore::WebGLTexture::create):
        * html/canvas/WebGLTexture.h:
        * html/canvas/WebGLTransformFeedback.cpp:
        (WebCore::WebGLTransformFeedback::create):
        * html/canvas/WebGLTransformFeedback.h:
        * html/canvas/WebGLUniformLocation.cpp:
        (WebCore::WebGLUniformLocation::create):
        * html/canvas/WebGLUniformLocation.h:
        * html/canvas/WebGLVertexArrayObject.cpp:
        (WebCore::WebGLVertexArrayObject::create):
        * html/canvas/WebGLVertexArrayObject.h:
        * html/canvas/WebGLVertexArrayObjectOES.cpp:
        (WebCore::WebGLVertexArrayObjectOES::create):
        * html/canvas/WebGLVertexArrayObjectOES.h:

2015-05-02  Andreas Kling  <akling@apple.com>

        Style recalc always causes detach from shared StyleRareNonInheritedData.
        <https://webkit.org/b/144530>

        Reviewed by Darin Adler.

        StyleResolver::adjustStyleForMaskImages() was always calling RenderStyle::ensureMaskLayers()
        when we were in style recalc. This caused the RenderStyle to COW off from the previously
        shared StyleRareNonInheritedData even if nothing actually changes.

        This patch adds an early return to adjustStyleForMaskImages() when the previous style had
        no mask images. Further refinements could be made, but this covers the most common case where
        we don't have any mask images at all.

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustStyleForMaskImages):

2015-05-02  Alexey Proskuryakov  <ap@apple.com>

        fast/frames/flattening/iframe-flattening-resize-event-count.html times out on Yosemite WK2
        https://bugs.webkit.org/show_bug.cgi?id=144155

        Unreviewed, will roll out soon.

        Added some temporary logging to better see if alignment is indeed the culprit.

        * page/Settings.cpp: (WebCore::Settings::setDOMTimerAlignmentInterval):

2015-05-02  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Use Ref instead of PassRefPtr in WebCore/svg 
        https://bugs.webkit.org/show_bug.cgi?id=144479

        Reviewed by Darin Adler.

        Remove remained PassRefPtr in svg.

        No new tests, no behavior changes.

        * svg/SVGFontFaceSrcElement.cpp:
        (WebCore::SVGFontFaceSrcElement::srcValue):
        * svg/SVGFontFaceSrcElement.h:
        * svg/properties/SVGPropertyInfo.h:

2015-05-02  Simon Fraser  <simon.fraser@apple.com>

        Small cleanup in BitmapImage
        https://bugs.webkit.org/show_bug.cgi?id=144515

        Reviewed by Darin Adler.

        Use an enum for the internalAdvanceAnimation() argument, with a default.
        
        Wrap the clearing of the timer in a clearTimer() function, called from
        stopAnimation(). This fixes the jarring reading of BitmapImage::internalAdvanceAnimation(),
        which used to start by calling stopAnimation().

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::clearTimer):
        (WebCore::BitmapImage::startAnimation):
        (WebCore::BitmapImage::stopAnimation):
        (WebCore::BitmapImage::advanceAnimation):
        (WebCore::BitmapImage::internalAdvanceAnimation):
        * platform/graphics/BitmapImage.h:
        * platform/graphics/Image.h:

2015-05-01  Simon Fraser  <simon.fraser@apple.com>

        Avoid compositing updates after style recalcs which have no compositing implications
        https://bugs.webkit.org/show_bug.cgi?id=144502

        Reviewed by Darin Adler.
        
        After r183461, we have reliable information about whether a style change with zero
        diff can be reliably ignored. Use that information to track whether a given
        recalcStyle() does anything which should force a compositing update.
        
        This eliminates up to 40% of the post-recalcStyle compositing updates on some pages.
        
        Add Internals API to test.

        Test: compositing/updates/no-style-change-updates.html

        * dom/Document.cpp:
        (WebCore::Document::recalcStyle): Tell the FrameView we're going to recalc style.
        * page/FrameView.cpp:
        (WebCore::FrameView::willRecalcStyle): Pass it on to the compositor.
        (WebCore::FrameView::updateCompositingLayersAfterStyleChange): Move the code
        that was here into RenderLayerCompositor::didRecalcStyleWithNoPendingLayout().
        * page/FrameView.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::willRecalcStyle): Reset the m_layerNeedsCompositingUpdate flag.
        (WebCore::RenderLayerCompositor::didRecalcStyleWithNoPendingLayout): Bail on the update if
        no layers changed.
        (WebCore::RenderLayerCompositor::updateCompositingLayers): Logging. Increment m_compositingUpdateCount,
        which is used for testing.
        (WebCore::RenderLayerCompositor::layerStyleChanged): Set the m_layerNeedsCompositingUpdate flag.
        (WebCore::RenderLayerCompositor::startTrackingCompositingUpdates): Reset the counter.
        (WebCore::RenderLayerCompositor::compositingUpdateCount):
        * rendering/RenderLayerCompositor.h:
        * testing/Internals.cpp:
        (WebCore::Internals::startTrackingCompositingUpdates):
        (WebCore::Internals::compositingUpdateCount):
        * testing/Internals.h:
        * testing/Internals.idl:

2015-05-01  Andreas Kling  <akling@apple.com>

        Reproducible crash removing name attribute from <img> node
        <https://webkit.org/b/144371>
        <rdar://problem/17198583>

        Reviewed by Darin Adler.

        The problem here was with HTMLImageElement::getNameAttribute(), which relies
        on Element::hasName() to avoid slow attribute lookups when the attribute
        is already known not to be present. Unfortunately hasName() uses an ElementData
        flag that wasn't getting updated until after the call to parseAttribute().

        This patch fixes the issue by moving the code that updates the hasName() flag
        before the parseAttribute() virtual dispatch.

        Test: fast/dom/HTMLImageElement/remove-name-id-attribute-from-image.html

        * dom/Element.cpp:
        (WebCore::Element::attributeChanged):

2015-05-01  Eric Carlson  <eric.carlson@apple.com>

        Postpone caption style sheet creation
        https://bugs.webkit.org/show_bug.cgi?id=144499

        Reviewed by Simon Fraser.
        
        Generating and inserting the caption user style sheet is expensive so don't do it until
        we see a text track, and only do it for the first video element in a PageGroup.

        Test: media/track/track-user-stylesheet.html

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::registerWithDocument): Only register for caption preferences
        changes if we have done so before.
        (WebCore::HTMLMediaElement::unregisterWithDocument): Only unregister for caption preferences
        changes if we registered for them.
        (WebCore::HTMLMediaElement::addTextTrack): Register for caption preference changes.
        * html/HTMLMediaElement.h:

        * page/CaptionUserPreferencesMediaAF.cpp:
        (WebCore::CaptionUserPreferencesMediaAF::setInterestedInCaptionPreferenceChanges): Only
        generate the style sheet when called for the first time.

2015-05-01  Dean Jackson  <dino@apple.com>

        [iOS] Scrubber display is broken if the buffered range is empty
        https://bugs.webkit.org/show_bug.cgi?id=144511

        Reviewed by Eric Carlson.

        Make sure that if video.buffered returns an empty list, we
        still draw the scrubber background correctly.

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.drawTimelineBackground): Ensure that buffered
        is always at least as big as the current time.

2015-05-01  Roger Fong  <roger_fong@apple.com>

        Media control volume slider should be vertical to avoid flickering issues.
        https://bugs.webkit.org/show_bug.cgi?id=144496.
        <rdar://problem/20451328>

        Reviewed by Darin Adler.

        * Modules/mediacontrols/mediaControlsApple.css:
        Resize and reposition the volume box so that it does not have to rotated via a transform.
        (audio::-webkit-media-controls-panel):
        (audio::-webkit-media-controls-panel .volume-box): Also set overflow: hidden so we can't interact
             with the volume slider while the volume box is hidden.
        (audio::-webkit-media-controls-panel .volume-box:active):
        Rotate and position the volume slider via transforms. Make sure it's not transformed in the fullscreen controls.
        (video::-webkit-media-controls-volume-slider):
        (video:-webkit-full-screen::-webkit-media-controls-volume-slider):

2015-05-01  Brent Fulgham  <bfulgham@apple.com>

        Expand test infrastructure to support scrolling tests (Part 4): Scroll Snap Support
        https://bugs.webkit.org/show_bug.cgi?id=144482

        Reviewed by Simon Fraser.

        New tests will be landed in a second patch.

        The new WheelEventTestTriggers do not work properly with scroll snap points, because some test deferral notifications
        need to be triggered for state changes on the scrolling thread. This required the following changes:
        1. A flag indicating that we want to know about WheelEvent state changes needed to be propagated to the scrolling thread,
           so that tests could be deferred until Scrolling thread rubberband or scroll-snap animations had completed.
        2. The ScrollingNodeID needed to be used for registering and clearing deferrals.
        3. The scrolling thread needed a way to dispatch messages to the main thread indicating that we should (or should not)
           defer tests due to scrolling actions.

        Note that a future patch will extend this support to include the RemoteScrollingTree.

        * page/WheelEventTestTrigger.cpp:
        (WebCore::WheelEventTestTrigger::deferTestsForReason): Added some logging features.
        (WebCore::WheelEventTestTrigger::removeTestDeferralForReason): Ditto.
        (WebCore::dumpState): Helper function for logging test deferral state.
        (WebCore::WheelEventTestTrigger::triggerTestTimerFired): Added some logging features.
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated): Make sure that the scrolling thread is
        told that it needs to send scrolling state back to the main thread. Only do this if we are in testing mode.
        (WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScroll): The scrollingNodeID should be
        used as the identifier for this operation, not the page address.
        (WebCore::AsyncScrollingCoordinator::deferTestsForReason): Added. receives messages from the scrolling thread
        and notifies the testing infrastructure.
        (WebCore::AsyncScrollingCoordinator::removeTestDeferralForReason): Ditto.
        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ScrollingStateScrollingNode.cpp:
        (WebCore::ScrollingStateScrollingNode::ScrollingStateScrollingNode): When cloning the ScrollingStateScrollingNode,
        include the testing mode state.
        (WebCore::ScrollingStateScrollingNode::setExpectsWheelEventTestTrigger): Added.
        * page/scrolling/ScrollingStateScrollingNode.h:
        (WebCore::ScrollingStateScrollingNode::expectsWheelEventTestTrigger): Added.
        * page/scrolling/ScrollingTree.h:
        (WebCore::ScrollingTree::deferTestsForReason): Added stub.
        (WebCore::ScrollingTree::removeTestDeferralForReason): Ditto.
        * page/scrolling/ThreadedScrollingTree.cpp:
        (WebCore::ThreadedScrollingTree::deferTestsForReason): Added. Dispatches messages from the scrolling thread to the
        main thread.
        (WebCore::ThreadedScrollingTree::removeTestDeferralForReason): Ditto.
        * page/scrolling/ThreadedScrollingTree.h:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::ScrollingTreeFrameScrollingNodeMac): Initialize testing state flag.
        (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren): If the 'ExpectsWheelEventTestTrigger' flag is
        set, update local state.
        (WebCore::ScrollingTreeFrameScrollingNodeMac::handleWheelEvent): If we are testing, and the wheel event should be handled
        asynchronously, tell the testing infrastructure we need to wait for the thread state to sync.
        (WebCore::ScrollingTreeFrameScrollingNodeMac::deferTestsForReason): Added. Notifies test system we need to defer tests
        until we notify them. Also used by the ScrollController during animations.
        (WebCore::ScrollingTreeFrameScrollingNodeMac::removeTestDeferralForReason): Ditto.
        * platform/Logging.h:
        * platform/ScrollAnimator.cpp:
        (WebCore::ScrollAnimator::deferTestsForReason): Added. Used by ScrollController during animation. This updates the
        testing infrastructure directly, since it is running in the same process and main thread.
        (WebCore::ScrollAnimator::removeTestDeferralForReason): Ditto.
        * platform/ScrollAnimator.h:
        * platform/cocoa/ScrollController.h:
        (WebCore::ScrollControllerClient::deferTestsForReason): Change client API.
        (WebCore::ScrollControllerClient::removeTestDeferralForReason): Ditto.
        (WebCore::ScrollControllerClient::testTrigger): Deleted.
        * platform/cocoa/ScrollController.mm:
        (WebCore::ScrollController::startSnapRubberbandTimer): Use new client API.
        (WebCore::ScrollController::stopSnapRubberbandTimer): Ditto.
        (WebCore::ScrollController::startScrollSnapTimer): Ditto.
        (WebCore::ScrollController::stopScrollSnapTimer): Ditto.

2015-05-01  Joseph Pecoraro  <pecoraro@apple.com>

        Inline some small methods instead of them being EXPORT'd and out of line
        https://bugs.webkit.org/show_bug.cgi?id=144498

        Reviewed by Darin Adler.

        * page/Page.cpp:
        (WebCore::Page::testTrigger): Deleted.
        (WebCore::Page::clearTrigger): Deleted.
        (WebCore::Page::expectsWheelEventTriggers): Deleted.
        * page/Page.h:
        (WebCore::Page::testTrigger):
        (WebCore::Page::clearTrigger):
        (WebCore::Page::expectsWheelEventTriggers):

2015-05-01  Dan Bernstein  <mitz@apple.com>

        WebCore part of <rdar://problem/8636045> Back/forward navigation to an error page in Safari breaks the back-forward list
        https://bugs.webkit.org/show_bug.cgi?id=144501

        Reviewed by Darin Adler.

        Test: TestWebKitAPI/Tests/WebKit2Cocoa/LoadAlternateHTMLString.mm

        Normally, loading substitute data (such as an error page) creates a new back-forward list
        item. FrameLoader has a mechanism that detects when a substitute data load occurs during
        handling of a provisional load error and prevents the creation of a new back-forwards list
        item in that case if the unreachable URL is the same as the failing provisional URL. This
        mechanism was broken in WebKit2, where handling the provisional load error is asynchronous.

        The fix is to capture some state (namely, the failing provisional URL) when dispatching the
        load error and allow it to be restored when loading the substitute data.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::FrameLoader): Removed initialization of
        m_delegateIsHandlingProvisionalLoadError.
        (WebCore::FrameLoader::shouldReloadToHandleUnreachableURL): Instead of checking
        m_delegateIsHandlingProvisionalLoadError and if true using the provisional document loader’s
        URL, check m_provisionalLoadErrorBeingHandledURL.
        (WebCore::FrameLoader::checkLoadCompleteForThisFrame): Instead of checking and setting
        m_delegateIsHandlingProvisionalLoadError, use m_provisionalLoadErrorBeingHandledURL.
        * loader/FrameLoader.h:
        (WebCore::FrameLoader::provisionalLoadErrorBeingHandledURL): Added this getter. The client
        can call this from its override of dispatchDidFailProvisionalLoad and store the result.
        (WebCore::FrameLoader::setProvisionalLoadErrorBeingHandledURL): Added this setter. The
        client can call this prior to loading substitute data if it’s done as part of handling a
        previously-dispatched didFailProvisionalLoad.

2015-05-01  Martin Robinson  <mrobinson@igalia.com>

        USE(...) macro should expect unprefixed variables
        https://bugs.webkit.org/show_bug.cgi?id=144454

        Reviewed by Daniel Bates.

        * DerivedSources.make: Replace all occurrences WTF_USE with USE.
        * PlatformEfl.cmake: Ditto.
        * PlatformGTK.cmake: Ditto.
        * bindings/objc/PublicDOMInterfaces.h: Ditto.
        * config.h: Ditto.
        * crypto/mac/SerializedCryptoKeyWrapMac.mm: Ditto.
        * page/AlternativeTextClient.h: Ditto.
        * platform/efl/FileSystemEfl.cpp: Ditto.
        (WebCore::fileSystemRepresentation): Ditto.
        * platform/graphics/cg/ImageBufferDataCG.h: Ditto.
        * platform/graphics/cg/PDFDocumentImage.h: Ditto.
        * platform/ios/wak/WAKAppKitStubs.h: Ditto.
        * rendering/RenderLayerCompositor.cpp: Ditto.

2015-05-01  Myles C. Maxfield  <mmaxfield@apple.com>

        [OS X] Text dilation parameters are not restored after being set
        https://bugs.webkit.org/show_bug.cgi?id=144507
        <rdar://problem/19446938>

        Reviewed by Simon Fraser and Ned Holbrook.

        Create a RAII class who is in charge of saving, applying, and restoring dilation parameters. Use this class
        around our text drawing routines.

        Note that this migrates our use of CTFontSetRenderingParameters() to CTFontSetRenderingStyle().

        Test: fast/text/dilation-save-restore.html

        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::RenderingStyleSaver::RenderingStyleSaver):
        (WebCore::RenderingStyleSaver::~RenderingStyleSaver):
        (WebCore::showGlyphsWithAdvances):
        * platform/spi/cg/CoreGraphicsSPI.h:
        * platform/spi/cocoa/CoreTextSPI.h:

2015-05-01  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r183687.
        https://bugs.webkit.org/show_bug.cgi?id=144505

        Appears to have caused assertions (Requested by ap on
        #webkit).

        Reverted changeset:

        "Media control volume slider is opaque."
        https://bugs.webkit.org/show_bug.cgi?id=144470
        http://trac.webkit.org/changeset/183687

2015-05-01  Jeremy Jones  <jeremyj@apple.com>

        Stop using deprecated AVKit SPI for enter and exit fullscreen.
        https://bugs.webkit.org/show_bug.cgi?id=144493

        Reviewed by Jer Noble.

        Replace 
            -enterFullScreenWithCompletionHandler:
            -exitFullScreenWithCompletionHandler:
        with
            -enterFullScreenAnimated:completionHandler:
            -exitFullScreenAnimated:completionHandler:
        
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::enterFullscreenStandard):
        (WebVideoFullscreenInterfaceAVKit::exitFullscreenInternal):
        * platform/spi/cocoa/AVKitSPI.h:

2015-05-01  Roger Fong  <roger_fong@apple.com>

        Media control volume slider is opaque.
        https://bugs.webkit.org/show_bug.cgi?id=144470.
        <rdar://problem/20770350>

        Rubberstamped by Simon Fraser.

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-panel): 
        Don't create a stacking context just for the controls.
        Doing so causes the mix-blend-mode on the volume box to fail.

2015-05-01  Joanmarie Diggs  <jdiggs@igalia.com>

        [GTK] REGRESSION(183368): It made editing tests assert
        https://bugs.webkit.org/show_bug.cgi?id=144447

        Reviewed by Chris Fleizach.

        Don't notify platforms of editing actions of type EditActionUnspecified.
        If we don't know what the action is, platform accessibility APIs certainly
        won't.

        Add AXTextEditTypeAttributesChange and AXTextAttributesChanged as catch-alls
        for formatting changes. ATK lacks finely-grained signals through which to
        specify which text attributes have changed. If other platforms have such
        signals, new types can always be added.

        Don't post an accessible replacement notification for AXTextEditTypeCut.
        The notification is handled by DeleteSelectionCommand. It is possible for
        white space to be inserted in preparation for a cut which was triggering
        a not-reached assert, but insertion of whitespace in preparation for a
        cut does not seem notification-worthy.

        Treat AXTextEditTypeDictation the same as other insertion types (insert,
        paste, typing) with respect to replacement notifications.

        No new tests. The hundreds of editing tests that had been crashing seem sufficient.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::showIntent):
        (WebCore::AXObjectCache::textChangeForEditType):
        * accessibility/AXObjectCache.h:
        * accessibility/AXTextStateChangeIntent.h:
        * accessibility/atk/AXObjectCacheAtk.cpp:
        (WebCore::AXObjectCache::nodeTextChangePlatformNotification):
        * editing/AppendNodeCommand.cpp:
        (WebCore::AppendNodeCommand::doApply):
        (WebCore::AppendNodeCommand::doUnapply):
        * editing/DeleteFromTextNodeCommand.cpp:
        (WebCore::DeleteFromTextNodeCommand::doApply):
        (WebCore::DeleteFromTextNodeCommand::doUnapply):
        * editing/EditCommand.cpp:
        (WebCore::EditCommand::applyEditType):
        (WebCore::EditCommand::unapplyEditType):
        * editing/InsertIntoTextNodeCommand.cpp:
        (WebCore::InsertIntoTextNodeCommand::doApply):
        (WebCore::InsertIntoTextNodeCommand::doUnapply):
        * editing/InsertNodeBeforeCommand.cpp:
        (WebCore::InsertNodeBeforeCommand::doApply):
        (WebCore::InsertNodeBeforeCommand::doUnapply):
        * editing/ReplaceInsertIntoTextNodeCommand.cpp:
        (WebCore::ReplaceInsertIntoTextNodeCommand::notifyAccessibilityForTextChange):

2015-05-01  Brady Eidson  <beidson@apple.com>

        Add API to disable meta refreshes.
        <rdar://problem/20333198> and https://bugs.webkit.org/show_bug.cgi?id=144269

        Reviewed by Alexey Proskuryakov.

        Test: loader/meta-refresh-disabled.html

        * dom/Document.cpp:
        (WebCore::Document::processHttpEquiv): Bail early if Settings have meta refreshes disabled.
        * page/Settings.in:

2015-05-01  Martin Robinson  <mrobinson@igalia.com>

        [Freetype] Properly support synthetic oblique in vertical text
        https://bugs.webkit.org/show_bug.cgi?id=144492

        Reviewed by Sergio Villar Senin.

        No new tests. Covered by existing tests.

        * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
        (WebCore::FontPlatformData::initializeWithFontFace): Skew vertical when using synthetic
        oblique for vertical text.

2015-05-01  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] REGRESSION: accessibility/canvas-fallback-content.html now crashes
        https://bugs.webkit.org/show_bug.cgi?id=144481

        Reviewed by Chris Fleizach.

        Canvas fallback content is allowed to be focusable if the canvas is displayed
        and visible. Update the style when creating an accessible object for a node in
        a canvas subtree and before Element::isFocusable() gets called.

        No new tests. The existing, crashing test no longer crashes.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::getOrCreate):

2015-05-01  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Add CombinedURLFilters debugging code.
        https://bugs.webkit.org/show_bug.cgi?id=144491

        Reviewed by Daniel Bates.

        No change in behavior.

        * contentextensions/CombinedURLFilters.cpp:
        (WebCore::ContentExtensions::recursiveMemoryUsed):
        (WebCore::ContentExtensions::CombinedURLFilters::memoryUsed):
        (WebCore::ContentExtensions::prefixTreeVertexToString):
        (WebCore::ContentExtensions::recursivePrint):
        (WebCore::ContentExtensions::CombinedURLFilters::print):
        (WebCore::ContentExtensions::CombinedURLFilters::addPattern):
        (WebCore::ContentExtensions::generateNFAForSubtree):
        (WebCore::ContentExtensions::CombinedURLFilters::processNFAs):
        * contentextensions/CombinedURLFilters.h:
        * contentextensions/NFA.cpp:
        (WebCore::ContentExtensions::NFA::memoryUsed):
        * contentextensions/NFA.h:
        * contentextensions/Term.h:
        (WebCore::ContentExtensions::quantifierToString):
        (WebCore::ContentExtensions::Term::toString):

2015-05-01  Eric Carlson  <eric.carlson@apple.com>

        Fix text track language selection logic
        https://bugs.webkit.org/show_bug.cgi?id=144467

        Reviewed by Brent Fulgham.

        No new tests, media/track/track-language-preference.html was updated.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::configureTextTrackGroup): Correct a minor style typo.
        (WebCore::HTMLMediaElement::configureTextTrackDisplay): Update logging.

        * page/CaptionUserPreferences.cpp:
        (WebCore::CaptionUserPreferences::textTrackSelectionScore): Minor cleanup.
        (WebCore::CaptionUserPreferences::textTrackLanguageSelectionScore): Give exact matches a
        higher score.

        * page/CaptionUserPreferencesMediaAF.cpp:
        (WebCore::CaptionUserPreferencesMediaAF::textTrackSelectionScore): Update for 
        indexOfBestMatchingLanguageInList change.

        * platform/Language.cpp:
        (WebCore::indexOfBestMatchingLanguageInList): Add parameter for exact match. Convert the
        passed language to lower case as we do with the preferred languages.
        * platform/Language.h:

2015-05-01  Martin Robinson  <mrobinson@igalia.com>

        [Freetype] Add support for the font-synthesis property
        https://bugs.webkit.org/show_bug.cgi?id=144472

        Reviewed by Sergio Villar Senin.

        No new tests. This causes fast/css3-text/font-synthesis.html to pass
        for WebKitGTK+.

        * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
        (WebCore::FontPlatformData::FontPlatformData): Only use synthetic bold when the font description allows it.
        (WebCore::FontPlatformData::initializeWithFontFace): Ditto for synthetic oblique.

2015-05-01  Martin Robinson  <mrobinson@igalia.com>

        [GTK] New CORS tests from r183280 fail on WebKitGTK+
        https://bugs.webkit.org/show_bug.cgi?id=144469

        Reviewed by Sergio Villar Senin.

        No new tests. This causes failing tests to pass.

        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::doRedirect): Clear the origin header on cross-origin redirects.

2015-04-30  Alex Christensen  <achristensen@webkit.org>

        Compile fix when using content extensions debugging code.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        * contentextensions/ContentExtensionsDebugging.h:
        * contentextensions/DFA.cpp:
        (WebCore::ContentExtensions::printTransitions):
        (WebCore::ContentExtensions::DFA::debugPrintDot):
        * contentextensions/DFANode.h:
        * contentextensions/NFA.cpp:
        (WebCore::ContentExtensions::NFA::memoryUsed):
        (WebCore::ContentExtensions::NFA::debugPrintDot):

2015-04-30  Dan Bernstein  <mitz@apple.com>

        Fixed the build for <rdar://problem/20758514>

        * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
        (WebCore::AudioSourceProviderAVFObjC::destroyMix): Don’t pass nil to
        -[AVMutableAudioMix setInputParameters:].

2015-04-30  Daniel Bates  <dabates@apple.com>

        Clean up: Remove unnecessary runtime computation of string length
        https://bugs.webkit.org/show_bug.cgi?id=144483

        Reviewed by Joseph Pecoraro.

        Following <http://trac.webkit.org/changeset/183649>, WebCore::fullyQualifiedInfoTableName()
        computes strlen() of the first string literal as part of concatenating two string literals.
        It is sufficient to use sizeof() - 1 instead of strlen() to compute the length of the first
        string literal because the size of the string literal is known at compile time.

        * Modules/webdatabase/DatabaseBackendBase.cpp:
        (WebCore::fullyQualifiedInfoTableName):

2015-04-30  Dean Jackson  <dino@apple.com>

        Expose -apple-system as a font family
        https://bugs.webkit.org/show_bug.cgi?id=144484
        <rdar://problem/20767330>

        Reviewed by Tim Horton.

        Accept "-apple-system" for the font-family property, and
        rename "-apple-system-font-monospaced-numbers" to
        "-apple-system-monospaced-numbers".

        Also change the media controls to use the new name.

        Covered by existing tests and this new one:
            fast/text/system-font-legacy-name.html

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-time-remaining-display):
        * Modules/mediacontrols/mediaControlsiOS.css:
        (::-webkit-media-controls):
        (audio::-webkit-media-controls-time-remaining-display):
        (audio::-webkit-media-controls-status-display):
        * platform/graphics/ios/FontCacheIOS.mm: Add support for the new name.
        (WebCore::createCTFontWithFamilyNameAndWeight):
        * platform/graphics/mac/FontCacheMac.mm: Ditto.
        (WebCore::fontWithFamily):

2015-04-30  Javier Fernandez  <jfernandez@igalia.com>

        [CSS Grid Layout] overflow-position keyword for align and justify properties.
        https://bugs.webkit.org/show_bug.cgi?id=144235

        Reviewed by Sergio Villar Senin.

        When the alignment subject is larger than the alignment container,
        it will overflow. Some alignment modes, if honored in this
        situation, may cause data loss; an overflow alignment mode can be
        explicitly specified to avoid this.

        This patch implements overflow-keyword handling for Grid Layout on
        align-self and justify-self properties.

        Test: fast/css-grid-layout/grid-align-justify-overflow.html

        * rendering/RenderGrid.cpp:
        (WebCore::computeOverflowAlignmentOffset):
        (WebCore::RenderGrid::rowPositionForChild):
        (WebCore::RenderGrid::columnPositionForChild):
        (WebCore::RenderGrid::rowAxisPositionForChild): Deleted.
        * rendering/style/RenderStyle.cpp:
        (WebCore::resolveAlignmentData):
        (WebCore::resolveJustificationData):
        (WebCore::RenderStyle::resolveAlignment):
        (WebCore::RenderStyle::resolveAlignmentOverflow):
        (WebCore::RenderStyle::resolveJustification):
        (WebCore::RenderStyle::resolveJustificationOverflow):
        * rendering/style/RenderStyle.h:

2015-04-30  Jon Honeycutt  <jhoneycutt@apple.com>

        Rebaseline bindings tests results after r183648.

        Unreviewed.

        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        (WebCore::jsTestActiveDOMObjectPrototypeFunctionPostMessage):
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
        (WebCore::jsTestCustomNamedGetterPrototypeFunctionAnotherFunction):
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        (WebCore::JSTestInterfaceConstructor::constructJSTestInterface):
        (WebCore::setJSTestInterfaceConstructorImplementsStaticAttr):
        (WebCore::setJSTestInterfaceImplementsStr2):
        (WebCore::setJSTestInterfaceConstructorSupplementalStaticAttr):
        (WebCore::setJSTestInterfaceSupplementalStr2):
        (WebCore::jsTestInterfacePrototypeFunctionImplementsMethod2):
        (WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod2):
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        (WebCore::JSTestNamedConstructorNamedConstructor::constructJSTestNamedConstructor):
        * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
        (WebCore::setJSTestNondeterministicNondeterministicWriteableAttr):
        (WebCore::setJSTestNondeterministicNondeterministicExceptionAttr):
        (WebCore::setJSTestNondeterministicNondeterministicGetterExceptionAttr):
        (WebCore::setJSTestNondeterministicNondeterministicSetterExceptionAttr):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::setJSTestObjConstructorStaticStringAttr):
        (WebCore::setJSTestObjStringAttr):
        (WebCore::setJSTestObjReflectedStringAttr):
        (WebCore::setJSTestObjReflectedURLAttr):
        (WebCore::setJSTestObjReflectedCustomURLAttr):
        (WebCore::setJSTestObjStringAttrWithGetterException):
        (WebCore::setJSTestObjStringAttrWithSetterException):
        (WebCore::jsTestObjPrototypeFunctionVoidMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionByteMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionOctetMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionLongMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionObjMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionMethodThatRequiresAllArgsAndThrows):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalString):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringIsUndefined):
        (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringIsNullString):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod1):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod3):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod11):
        (WebCore::jsTestObjConstructorFunctionOverloadedMethod12):
        (WebCore::jsTestObjPrototypeFunctionStrictFunction):
        (WebCore::jsTestObjPrototypeFunctionVariadicStringMethod):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        (WebCore::JSTestOverloadedConstructorsConstructor::constructJSTestOverloadedConstructors4):
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        (WebCore::JSTestTypedefsConstructor::constructJSTestTypedefs):
        (WebCore::setJSTestTypedefsStringAttrWithGetterException):
        (WebCore::setJSTestTypedefsStringAttrWithSetterException):
        (WebCore::jsTestTypedefsPrototypeFunctionSetShadow):

2015-04-30  Simon Fraser  <simon.fraser@apple.com>

        Fixed elements end up in the middle of the view with pageScale < 1
        https://bugs.webkit.org/show_bug.cgi?id=144428
        rdar://problem/20404982

        Reviewed by Tim Horton.

        When pageScale is < 1, we used fixed layout mode, and FrameView::fixedElementsLayoutRelativeToFrame()
        returns true. However, the scrolling thread was calling the static scrollOffsetForFixedPosition()
        hardcoding 'false' for this parameter.
        
        Fix by sending the value of fixedElementsLayoutRelativeToFrame over to the scrolling thread,
        so we can use it when doing scrolling-thread fixed position stuff.

        Not testable.

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated):
        * page/scrolling/ScrollingStateFrameScrollingNode.cpp:
        (WebCore::ScrollingStateFrameScrollingNode::ScrollingStateFrameScrollingNode):
        (WebCore::ScrollingStateFrameScrollingNode::setFixedElementsLayoutRelativeToFrame):
        * page/scrolling/ScrollingStateFrameScrollingNode.h:
        * page/scrolling/ScrollingTreeFrameScrollingNode.cpp:
        (WebCore::ScrollingTreeFrameScrollingNode::ScrollingTreeFrameScrollingNode):
        (WebCore::ScrollingTreeFrameScrollingNode::updateBeforeChildren):
        * page/scrolling/ScrollingTreeFrameScrollingNode.h:
        (WebCore::ScrollingTreeFrameScrollingNode::fixedElementsLayoutRelativeToFrame):
        (WebCore::ScrollingTreeFrameScrollingNode::shouldUpdateScrollLayerPositionSynchronously): Deleted.
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::setScrollLayerPosition):

2015-04-30  Beth Dakin  <bdakin@apple.com>

        Remove invalid assertion from MouseEvent::create()
        https://bugs.webkit.org/show_bug.cgi?id=144477

        Reviewed by Tim Horton.

        mouseforcechanged events and mouseforcewillbegin trigger this assertion. The 
        assertion does not seem valuable, so rather than changing it, just remove it.
        * dom/MouseEvent.cpp:
        (WebCore::MouseEvent::create):

2015-04-30  Dean Jackson  <dino@apple.com>

        -apple-system-font-monospaced-numbers doesn't work on iOS
        https://bugs.webkit.org/show_bug.cgi?id=144478
        <rdar://problem/20544940>

        Reviewed by Brent Fulgham.

        Make sure to start from the system font descriptor when
        asking for a monospaced numeric alternate.

        Test: platform/ios-simulator/fast/text/system-monospaced-numbers.html

        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::createCTFontWithFamilyNameAndWeight):

2015-04-30  Oliver Hunt  <oliver@apple.com>

        DOM bindings should not be using a reference type to point to a temporary object
        https://bugs.webkit.org/show_bug.cgi?id=144474

        Reviewed by Beth Dakin.

        The DOM bindings will currently try and use a local reference to point
        to a temporary object. This currently works as a by product of the compiler's
        stack layout. This patch removes the dependency on undefined behaviour
        by ensuring that we use a value rather than reference type.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateParametersCheck):
        (GetNativeTypeForCallbacks):

2015-04-30  Brady Eidson  <beidson@apple.com>

        Build fix after r183646 for less enlightened platforms.

        Unreviewed.

        * Modules/webdatabase/DatabaseBackendBase.cpp:
        (WebCore::fullyQualifiedInfoTableName): Windows doesn’t have stpcpy :(

2015-04-30  Brady Eidson  <beidson@apple.com>

        Javascript using WebSQL can create their own WebKit info table.
        <rdar://problem/20688792> and https://bugs.webkit.org/show_bug.cgi?id=144466

        Reviewed by Alex Christensen.

        Test: storage/websql/alter-to-info-table.html

        * Modules/webdatabase/DatabaseBackendBase.cpp:
        (WebCore::DatabaseBackendBase::databaseInfoTableName): Return the info table name.
        (WebCore::fullyQualifiedInfoTableName): Append "main." to the info table name.
        (WebCore::DatabaseBackendBase::DatabaseBackendBase): Use the fully qualified name.
        (WebCore::DatabaseBackendBase::performOpenAndVerify): Ditto.
        (WebCore::DatabaseBackendBase::getVersionFromDatabase): Ditto.
        (WebCore::DatabaseBackendBase::setVersionInDatabase): Ditto.

2015-04-30  Beth Dakin  <bdakin@apple.com>

        Should choose UIScrollView indicatorStyle based on the document background color
        https://bugs.webkit.org/show_bug.cgi?id=144473
        -and corresponding-
        rdar://problem/19897699

        Reviewed by Simon Fraser.

        Export this function.
        * platform/graphics/Color.h:

2015-04-30  Brent Fulgham  <bfulgham@apple.com>

        [Win] Allow WebKit to build without ANGLE support
        https://bugs.webkit.org/show_bug.cgi?id=144459
        <rdar://problem/20707307>

        Reviewed by Dean Jackson.

        * platform/graphics/GLContext.cpp: Use the ENABLE(GRAPHICS_CONTEXT_3D)
        macro to avoid compiling this code if not using WEBGL/3D contexts.

2015-04-29  David Hyatt  <hyatt@apple.com>

        Avoid containingBlock() calls when no writing mode flipping is needed.
        https://bugs.webkit.org/show_bug.cgi?id=144407

        Reviewed by Simon Fraser.

        Add a bool to RenderView that indicates whether or not any flipped blocks have been
        added to the view. Once tainted, the view just stays dirty forever. If no flipped
        blocks are ever seen, we can then optimize away calls to containingBlock().

        The motivation for this patch is to improve layer position updating, which makes many
        calls to topLeftLocationOffset(), one of the functions that can be optimized by this
        change.

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::layoutOverflowRectForPropagation):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::updateFromStyle):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLineBoxList.cpp:
        (WebCore::RenderLineBoxList::rangeIntersectsRect):
        * rendering/RenderView.cpp:
        (WebCore::RenderView::RenderView):
        * rendering/RenderView.h:

2015-04-29  Jer Noble  <jer.noble@apple.com>

        Make GenericTaskQueue even more generic (and usable inside platform/)
        https://bugs.webkit.org/show_bug.cgi?id=144414

        Reviewed by Eric Carlson.

        Templatize GenericTaskQueue so that it can be used from within platform/.

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/GenericTaskQueue.cpp: Removed.
        * html/HTMLMediaElement.h:
        * platform/GenericTaskQueue.h: Renamed from Source/WebCore/dom/GenericTaskQueue.h.
        (WebCore::TaskDispatcher::TaskDispatcher): Added default templatized class which just calls the parameter's postTask().
        (WebCore::TaskDispatcher::postTask): Call context's postTask().
        (WebCore::TaskDispatcher<Timer>::TaskDispatcher): Add a timer version which does not require a context.
        (WebCore::TaskDispatcher<Timer>::postTask): Set the timer.
        (WebCore::TaskDispatcher<Timer>::timerFired): Call the task.
        (WebCore::GenericTaskQueue::GenericTaskQueue): Moved from .cpp.
        (WebCore::GenericTaskQueue::enqueueTask): Ditto.
        (WebCore::GenericTaskQueue::close): Ditto.
        (WebCore::GenericTaskQueue::cancelAllTasks): Ditto.
        (WebCore::GenericTaskQueue::hasPendingTasks): Ditto.

2015-04-29  Joseph Pecoraro  <pecoraro@apple.com>

        Unreviewed build fix. WebCore has a weak symbol.

        WebCore has a weak external symbol in it. A common cause of weak external
        symbols is when an inline function is listed in the linker export file.
        ERROR: symbol __ZNK7WebCore4Page25expectsWheelEventTriggersEv

        * page/Page.cpp:
        (WebCore::Page::expectsWheelEventTriggers):
        * page/Page.h:
        (WebCore::Page::expectsWheelEventTriggers): Deleted.

2015-04-29  Simon Fraser  <simon.fraser@apple.com>

        Crash at WebCore::Document::absoluteRegionForEventTargets 
        https://bugs.webkit.org/show_bug.cgi?id=144426
        rdar://problem/20502166

        Reviewed by Tim Horton.

        When a frame had wheel event handlers, we would register the document itself
        as a handler in its parent document. This is problematic, because there's not
        code path that removes it when the frame is destroyed.
        
        It turns out we don't need to do this at all; the non-fast scrollable region
        already takes handlers in subframes into account.

        Tests: fast/events/wheelevent-in-frame.html
               fast/events/wheelevent-in-reattached-frame.html

        * dom/Document.cpp:
        (WebCore::Document::didAddWheelEventHandler):
        (WebCore::Document::didRemoveWheelEventHandler):

2015-04-29  Eric Carlson  <eric.carlson@apple.com>

        Not all videos should automatically play to playback target
        https://bugs.webkit.org/show_bug.cgi?id=144430
        <rdar://problem/20718523>

        Reviewed by Darin Adler.

        * Modules/mediasession/WebMediaSessionManager.cpp:
        (WebCore::WebMediaSessionManager::clientStateDidChange): Consider ExternalDeviceAutoPlayCandidate.
        Minor cleanup.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaState): Set ExternalDeviceAutoPlayCandidate when a <video>
        has a file with an audio track that does not loop.

        * page/MediaProducer.h: Add ExternalDeviceAutoPlayCandidate.

2015-04-29  Joseph Pecoraro  <pecoraro@apple.com>

        LiveNodeList may unexpectedly return an element for empty string
        https://bugs.webkit.org/show_bug.cgi?id=144429

        Reviewed by Darin Adler.

        * dom/LiveNodeList.cpp:
        (WebCore::LiveNodeList::namedItem):
        Never return a result for an empty string.

2015-04-29  Gyuyoung Kim  <gyuyoung.kim@webkit.org>

        Remove PassRefPtr in SVGFEFooElement classes
        https://bugs.webkit.org/show_bug.cgi?id=144425

        Reviewed by Darin Adler.

        As a step to use Ref instead of PassRefPtr, this patch purges PassRefPtr
        in SVGFEFooElement.

        No new tests, no behavior changes.

        * css/RGBColor.cpp:
        (WebCore::RGBColor::create):
        * css/RGBColor.h:
        * platform/graphics/filters/PointLightSource.h:
        (WebCore::PointLightSource::create):
        * platform/graphics/filters/SpotLightSource.h:
        (WebCore::SpotLightSource::create):
        * svg/SVGColor.cpp:
        (WebCore::SVGColor::rgbColor):
        * svg/SVGColor.h:
        * svg/SVGFEDistantLightElement.cpp:
        (WebCore::SVGFEDistantLightElement::lightSource):
        * svg/SVGFEDistantLightElement.h:
        * svg/SVGFELightElement.cpp:
        (WebCore::SVGFELightElement::findLightSource):
        * svg/SVGFELightElement.h:
        * svg/SVGFEPointLightElement.cpp:
        (WebCore::SVGFEPointLightElement::lightSource):
        * svg/SVGFEPointLightElement.h:
        * svg/SVGFESpotLightElement.cpp:
        (WebCore::SVGFESpotLightElement::lightSource):
        * svg/SVGFESpotLightElement.h:

2015-04-29  Dean Jackson  <dino@apple.com>

        Create a named CSS property for system colors
        https://bugs.webkit.org/show_bug.cgi?id=144423
        <rdar://problem/20491011>

        Reviewed by Tim Horton.

        Test: fast/css/apple-system-colors.html

        Expose the following values to CSS color properties:
            -apple-system-blue
            -apple-system-brown
            -apple-system-gray
            -apple-system-green
            -apple-system-orange
            -apple-system-pink
            -apple-system-purple
            -apple-system-red
            -apple-system-yellow

        On platforms other than OS X Yosemite and iOS, the
        actual color values are undefined and become transparent
        black. (In fact, not all are defined on iOS either.)

        * WebCore.xcodeproj/project.pbxproj: Two new SPI header files.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::validSystemColorValue): New helper function that
        checks if a CSSValueID is between the two system color values. This
        was being tested everywhere, which meant adding a new system color was
        at risk of being ignored. It's a static method so it can be used
        from the SVG CSS parser too.
        (WebCore::validPrimitiveValueColor): Use the new helper.
        (WebCore::CSSParser::parseValue): Ditto.
        (WebCore::CSSParser::parseBackgroundColor): Ditto.
        (WebCore::CSSParser::parseShadow): Ditto.
        (WebCore::parseDeprecatedGradientColorStop): Ditto.
        (WebCore::parseGradientColorOrKeyword): Ditto.
        * css/CSSParser.h: New static helper function.

        * css/CSSValueKeywords.in: Add the new CSS value keywords.

        * css/SVGCSSParser.cpp:
        (WebCore::validSystemControlColorValue): SVG has a restricted
        set of system colors, so use the helper from CSSParser but with
        an extra condition.
        (WebCore::CSSParser::parseSVGValue): Use the helper.

        * platform/spi/ios/UIColorSPI.h: Added.
        * platform/spi/cocoa/NSColorSPI.h: Added.

        * rendering/RenderThemeIOS.h: New systemColor override. Also add a cache for system colors.
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::systemColor): Ask UIColor to provide the color values for the new CSS values.
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::systemColor): Ditto.

2015-04-29  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r183600.
        https://bugs.webkit.org/show_bug.cgi?id=144432

        New tests time out everywhere (Requested by ap on #webkit).

        Reverted changeset:

        "Crash at WebCore::Document::absoluteRegionForEventTargets"
        https://bugs.webkit.org/show_bug.cgi?id=144426
        http://trac.webkit.org/changeset/183600

2015-04-29  Joseph Pecoraro  <pecoraro@apple.com>

        Unreviewed iOS build fix. Unused parameter no longer exists.

        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::absoluteNonFastScrollableRegionForFrame):

2015-04-29  Simon Fraser  <simon.fraser@apple.com>

        Crash at WebCore::Document::absoluteRegionForEventTargets 
        https://bugs.webkit.org/show_bug.cgi?id=144426
        rdar://problem/20502166

        Reviewed by Tim Horton.

        When a frame had wheel event handlers, we would register the document itself
        as a handler in its parent document. This is problematic, because there's not
        code path that removes it when the frame is destroyed.
        
        It turns out we don't need to do this at all; the non-fast scrollable region
        already takes handlers in subframes into account.

        Tests: fast/events/wheelevent-in-frame.html
               fast/events/wheelevent-in-reattached-frame.html

        * dom/Document.cpp:
        (WebCore::Document::didAddWheelEventHandler):
        (WebCore::Document::didRemoveWheelEventHandler):

2015-04-29  David Kilzer  <ddkilzer@apple.com>

        Attempt #2: Switch QuickLook soft-linking to use QuickLookSoftLink.{h,mm}
        <http://webkit.org/b/144362>

        Reviewed by Andy Estes.

        This patch switches soft-linking of QuickLook.framework to
        QuickLookSoftLink.{h,mm} so that we stop exporting unintended
        symbols.

        No new tests since no change in behavior.

        * WebCore.xcodeproj/project.pbxproj:
        - Add QuickLookSoftLinking.{h,mm} to the project.

        * platform/ios/QuickLookSoftLink.h: Added.
        * platform/ios/QuickLookSoftLink.mm: Added.
        * platform/mac/SoftLinking.h:
        (SOFT_LINK_CLASS_FOR_HEADER): Add macro.
        (SOFT_LINK_CLASS_FOR_SOURCE): Add macro.
        (SOFT_LINK_POINTER_FOR_HEADER): Add macro.
        (SOFT_LINK_POINTER_FOR_SOURCE): Add macro.

        * platform/network/ios/QuickLook.h:
        - Remove unused declarations.

        * platform/network/ios/QuickLook.mm:
        (WebCore::QLPreviewConverterClass): Deleted.
        (WebCore::QLTypeCopyBestMimeTypeForFileNameAndMimeType): Deleted.
        (WebCore::QLTypeCopyBestMimeTypeForURLAndMimeType): Deleted.
        (WebCore::QLTypeCopyUTIForURLAndMimeType): Deleted.
        - Remove SOFT_LINK macros and unused methods after switching to
          new QuickLookSoftLink.{h,mm}.
        (WebCore::QLPreviewGetSupportedMIMETypesSet):
        - Switch to use NeverDestroyed<>.
        (WebCore::registerQLPreviewConverterIfNeeded):
        (createQLPreviewProtocol):
        (WebCore::QLPreviewProtocol):
        (WebCore::QuickLookHandle::QuickLookHandle):
        (WebCore::QuickLookHandle::create):
        (WebCore::QuickLookHandle::shouldCreateForMIMEType):
        - Simplify code when using QuickLookSoftLink.h.

        * platform/network/ios/WebCoreURLResponseIOS.mm:
        - Include QuickLookSoftLink.h header.

2015-04-29  Simon Fraser  <simon.fraser@apple.com>

        Compute the non-fast-scrollable region in main-document coordinates
        https://bugs.webkit.org/show_bug.cgi?id=144420

        Reviewed by Tim Horton.

        Compute the non-fast-scrollable region in document coordinates, to make it easier
        to reason about. Previously, it was document coordinates offset by top content inset.

        * page/DebugPageOverlays.cpp:
        (WebCore::MouseWheelRegionOverlay::updateRegion): Traverse all frames to compute the wheel
        event handler region, mapping each to root view coords, and then mapping back into document
        coords at the end.
        (WebCore::NonFastScrollableRegionOverlay::updateRegion): No offset needed here; the
        overlay and region are both document coordinates.
        * page/FrameView.h: Make some mapping function overrides public, and expose widgetsInRenderTree().
        * page/Page.cpp:
        (WebCore::Page::nonFastScrollableRects): Remove frame argument.
        * page/Page.h:
        * page/PageOverlay.cpp:
        (WebCore::PageOverlay::bounds):
        (WebCore::PageOverlay::viewToOverlayOffset): Convenience function to map between
        view and overlay coordinates.
        * page/PageOverlay.h:
        * page/scrolling/AsyncScrollingCoordinator.cpp: New computeNonFastScrollableRegion() signature.
        (WebCore::AsyncScrollingCoordinator::updateNonFastScrollableRegion):
        (WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated):
        (WebCore::AsyncScrollingCoordinator::scrollingStateTreeAsText):
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::absoluteNonFastScrollableRegionForFrame): This function
        recurses on frames, computing an absolute (document-relative) region per frame. This
        removes the confusing offsetting through top content inset.
        Change how we get to plugins that want wheel events; we can't get from PluginViewBase
        to renderers, so use FrameView's list of Widgets, and their RenderWidgets. This fixes
        regions for transformed plugin-ins.
        For subframes, we get a region in the subframe's document coords. Map to that sub-frame,
        then to our frame, then to our document.
        (WebCore::ScrollingCoordinator::absoluteNonFastScrollableRegion): Wrapper that hides
        the recursive function.
        (WebCore::ScrollingCoordinator::computeNonFastScrollableRegion): Deleted.
        * page/scrolling/ScrollingCoordinator.h:
        * page/scrolling/ScrollingTree.cpp:
        (WebCore::ScrollingTree::shouldHandleWheelEventSynchronously): Map the event point
        from view coordinates to document coordinates for testing against the non-fast region.
        We previously assert that the root note is a FrameScrolling node.
        * page/scrolling/ScrollingTreeFrameScrollingNode.cpp:
        (WebCore::ScrollingTreeFrameScrollingNode::viewToContentsOffset): Similar to ScrollView::viewToContents()
        for the scrolling tree.
        * page/scrolling/ScrollingTreeFrameScrollingNode.h:
        * testing/Internals.cpp:
        (WebCore::Internals::nonFastScrollableRects): No need for frame arg.

2015-04-29  Brent Fulgham  <bfulgham@apple.com>

        Expand test infrastructure to support scrolling tests
        https://bugs.webkit.org/show_bug.cgi?id=143684
        <rdar://problem/20375516>

        Reviewed by Simon Fraser.

        Tested by various fast/scrolling and platform/mac-wk2/tiled-drawing/scrolling tests.

        This series of changes adds a new singleton class, 'WheelEventTestTrigger', which encapsulates a
        function object to be fired when scroll events are finished. The object also keeps track of reasons
        why the test should not yet fire (e.g., 'rubberbanding' is active) so that tests do not incorrectly
        check rendering state in the middle of an animation.

        Switch from the original WeakPtr design to ThreadSafeRefPtr, because WeakPtr cannot be shared
        across multiple threads.

        * page/FrameView.cpp:
        (WebCore::FrameView::layout): Make sure ScrollAnimator knows about any active test trigger.
        (WebCore::FrameView::setScrollPosition): Ditto.
        (WebCore::FrameView::didAddScrollbar): Ditto.
        * page/MainFrame.cpp:
        (WebCore::MainFrame::testTrigger): Moved to Page.
        (WebCore::MainFrame::ensureTestTrigger): Ditto.
        * page/MainFrame.h:
        * page/Page.cpp:
        (WebCore::Page::testTrigger): Moved from MainFrame, and converted to use RefPtr.
        (WebCore::Page::ensureTestTrigger): Ditto.
        * page/Page.h:
        * page/WheelEventTestTrigger.cpp:
        (WebCore::WheelEventTestTrigger::WheelEventTestTrigger): Remove WeakPtr code.
        (WebCore::WheelEventTestTrigger::createWeakPtr): Deleted.
        * page/WheelEventTestTrigger.h:
        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::platformPrepareForWheelEvents): Make sure the scroll animator knows about
        any active test trigger object.
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScroll): Notify WheelEventTestTrigger
        that the scrolling thread is synced with the main thread.
        * platform/ScrollAnimator.h: Hold a RefPtr to the WheelEventTestTrigger. 
        (WebCore::ScrollAnimator::ScrollAnimator::setWheelEventTestTrigger):
        * platform/cocoa/ScrollController.h:
        * platform/cocoa/ScrollController.mm:
        (WebCore::ScrollController::startSnapRubberbandTimer): Notify test trigger to hold tests until rubber band
        snapping is complete.
        (WebCore::ScrollController::stopSnapRubberbandTimer): Notify test trigger that rubber band snapping is done.
        (WebCore::ScrollController::startScrollSnapTimer): Notify test trigger to hold tests until scroll snapping
        is complete.
        (WebCore::ScrollController::stopScrollSnapTimer): Notify test trigger that scroll snapping is done.
        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::ScrollAnimatorMac::didBeginScrollGesture): Notify test trigger that a content scroll is in progress.
        (WebCore::ScrollAnimatorMac::didEndScrollGesture): Notify test trigger that a content scroll is finished.
        (WebCore::ScrollAnimatorMac::sendContentAreaScrolledSoon): Notify test trigger to hold tests until the content
        scrolling is complete.
        (WebCore::ScrollAnimatorMac::sendContentAreaScrolledTimerFired): Notify test trigger that content scrolling is done.
        * rendering/RenderBox.cpp:
        (WebCore::connectScrollAnimatorToTestTrigger): Helper function.
        (WebCore::RenderBox::setScrollLeft): Call 'connectScrollAnimatorToTestTrigger' to connect the ScrollAnimator
        to the WheelEventTestTrigger so that future scroll operations can notify the test infrastructure.
        (WebCore::RenderBox::setScrollTop): Ditto.
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::createScrollbar): Make sure the ScrollAnimator knows about any active test triggers.
        * rendering/RenderListBox.cpp:
        (WebCore::connectScrollAnimatorToTestTrigger): Helper function.
        (WebCore::RenderListBox::setScrollLeft): Call 'connectScrollAnimatorToTestTrigger' to connect the ScrollAnimator
        to the WheelEventTestTrigger so that future scroll operations can notify the test infrastructure.
        (WebCore::RenderListBox::setScrollTop): Ditto.
        (WebCore::RenderListBox::createScrollbar): Ditto.
        * testing/js/WebCoreTestSupport.cpp:
        (WebCoreTestSupport::monitorWheelEvents): Look for WheelEventTestTrigger in Page, rather than MainFrame.
        (WebCoreTestSupport::setTestCallbackAndStartNotificationTimer): Ditto.

2015-04-29  Javier Fernandez  <jfernandez@igalia.com>

        [CSS Box Alignment] Unifying alignment data in a single class
        https://bugs.webkit.org/show_bug.cgi?id=144384

        Reviewed by David Hyatt.

        The new CSS Box Alignment specification introduces more complex
        values and syntax for defining alignment properties. Most of the
        alignment values were just keyword identifiers, but the new syntax
        allows different combinations of identifiers to determine the
        alignment behavior (eg. overflow-alignment keyword).

        This patch wll help to implement later overflow handling and
        specially Content Dstribution alignment, the most complex case by
        far. It will be more consistent against style changes and repaint,
        snce we will have just one field to monitoring for value
        modfications.

        No new tests, because no new functionality was added; it's just a
        code refactoring which is just expected to pass current tests.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::resolveSelfAlignmentAuto):
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSPropertyNames.in:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertSelfOrDefaultAlignmentData):
        (WebCore::StyleBuilderConverter::convertSVGColor): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInitialWebkitMaskImage): Deleted.
        (WebCore::StyleBuilderCustom::applyInheritWebkitMaskImage): Deleted.
        (WebCore::ApplyPropertyBorderImageModifier::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyBorderImageModifier::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyBorderImageModifier::applyValue): Deleted.
        (WebCore::ApplyPropertyBorderImageModifier::getValue): Deleted.
        (WebCore::ApplyPropertyBorderImageModifier::setValue): Deleted.
        (WebCore::StyleBuilderCustom::applyInheritLineHeight): Deleted.
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle):
        * mathml/MathMLTextElement.cpp:
        (WebCore::MathMLTextElement::createElementRenderer):
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::styleDidChange):
        * rendering/RenderFullScreen.cpp:
        (WebCore::createFullScreenStyle):
        * rendering/RenderMenuList.cpp:
        (WebCore::RenderMenuList::adjustInnerStyle):
        * rendering/mathml/RenderMathMLRoot.cpp:
        (WebCore::RenderMathMLRoot::updateStyle):
        * rendering/mathml/RenderMathMLScripts.cpp:
        (WebCore::RenderMathMLScripts::fixAnonymousStyleForSubSupPair):
        (WebCore::RenderMathMLScripts::fixAnonymousStyles):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::resolveAlignment):
        (WebCore::RenderStyle::resolveJustification):
        * rendering/style/RenderStyle.h:
        * rendering/style/StyleRareNonInheritedData.cpp:
        (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
        (WebCore::StyleRareNonInheritedData::operator==):
        (WebCore::StyleRareNonInheritedData::contentDataEquivalent): Deleted.
        * rendering/style/StyleRareNonInheritedData.h:
        * rendering/style/StyleSelfAlignmentData.h: Added.
        (WebCore::StyleSelfAlignmentData::StyleSelfAlignmentData):
        (WebCore::StyleSelfAlignmentData::setPosition):
        (WebCore::StyleSelfAlignmentData::setPositionType):
        (WebCore::StyleSelfAlignmentData::setOverflow):
        (WebCore::StyleSelfAlignmentData::position):
        (WebCore::StyleSelfAlignmentData::positionType):
        (WebCore::StyleSelfAlignmentData::overflow):
        (WebCore::StyleSelfAlignmentData::operator==):
        (WebCore::StyleSelfAlignmentData::operator!=):

2015-04-29  Joseph Pecoraro  <pecoraro@apple.com>

        NodeList has issues with Symbol and empty string
        https://bugs.webkit.org/show_bug.cgi?id=144310

        Reviewed by Darin Adler.

        Tests: fast/dom/StyleSheet/stylesheet-symbol-names.html
               fast/dom/dataset-name-getter-symbols.html
               fast/dom/named-items-with-empty-name.html
               fast/dom/named-items-with-symbol-name.html
               storage/domstorage/localstorage/named-items.html

        Test different bindings objects with custom named setter
        and getter handlers. Ensure that they handle Symbol properties
        gracefully. Often times avoiding the string path.

        * dom/StaticNodeList.cpp:
        (WebCore::StaticNodeList::namedItem):
        (WebCore::StaticElementList::namedItem):
        Better handle the empty string. It should not match an item.

        * bindings/js/JSDOMBinding.h:
        (WebCore::propertyNameToString):
        In cases where we would use this, we should have handled
        Symbol properties.

        (WebCore::propertyNameToAtomicString):
        For Symbols, use the unique string. This should result
        in no matches for a Symbol property.

        * bindings/js/JSDOMStringMapCustom.cpp:
        (WebCore::JSDOMStringMap::getOwnPropertySlotDelegate):
        (WebCore::JSDOMStringMap::deleteProperty):
        (WebCore::JSDOMStringMap::putDelegate):
        * bindings/js/JSStorageCustom.cpp:
        (WebCore::JSStorage::canGetItemsForName):
        (WebCore::JSStorage::nameGetter):
        (WebCore::JSStorage::deleteProperty):
        (WebCore::JSStorage::putDelegate):
        * bindings/js/JSStyleSheetListCustom.cpp:
        (WebCore::JSStyleSheetList::canGetItemsForName):
        Treat Symbol properties as private properties. They just
        go directly through to the Object, and avoid the string
        getter/setter property path.

2015-04-29  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Register with device picker whenever a page has <video>
        https://bugs.webkit.org/show_bug.cgi?id=144408

        Reviewed by Jer Noble.

        * Modules/mediasession/WebMediaSessionManager.cpp:
        (WebCore::WebMediaSessionManager::setPlaybackTarget): Drive-by fix: don't tell a client to play
        to the target when it has not routes.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaState): Set RequiresPlaybackTargetMonitoring whenever the 
        element is <video> with a video track that does not block wireless playback.

2015-04-29  Martin Robinson  <mrobinson@igalia.com>

        [GTK] Add support for automatic hyphenation
        https://bugs.webkit.org/show_bug.cgi?id=44478

        Reviewed by Carlos Garcia Campos.

        No new tests. This patch unskips and updates results for existing hyphenation tests.

        * PlatformGTK.cmake: Add the libhypen implementation to the source list.
        * platform/gtk/GtkUtilities.cpp:
        (WebCore::topLevelPath): Add this helper function taken from the test harness.
        (WebCore::getWebKitBuildDirectory): Ditto.
        * platform/gtk/GtkUtilities.h: Add function declarations for the helper functions.
        * platform/text/Hyphenation.cpp: Surround this implementation with !USE(LIBHYPHEN),
          so that it can still be shared.
        * platform/text/gtk/HyphenationLibHyphen.cpp: Added.
        (WebCore::extractLocaleFromDictionaryFilePath): Take in a dictionary filename and
        determine the locale that it covers.
        (WebCore::scanDirectoryForDicionaries): Look for all installed dictionaries as well
        as ones in the JHBuild root for testing.
        (WebCore::scanTestDictionariesDirectoryIfNecessary): Try to scan the dictionaries installed
        in the JHBuild root.
        (WebCore::availableLocales): Getter for global hash of installed dictionaries.
        (WebCore::canHyphenate): Added libhyphen implementation.
        (WebCore::HyphenationDictionary): Helper class that properly manages the memory of
        an open libhyphen dictionary. This is useful so that they can be stored in an MRU
        cache. This is a similar approach to the CoreFoundation implementation.
        (WebCore::AtomicStringKeyedMRUCache<RefPtr<HyphenationDictionary>>::createValueForNullKey): MRU cache
        helper.
        (WebCore::AtomicStringKeyedMRUCache<RefPtr<HyphenationDictionary>>::createValueForKey): Ditto.
        (WebCore::hyphenDictionaryCache): A cache for opened hyphenation dictionaries.
        (WebCore::countLeadingSpaces): Count leading spaces, since WebCore often passes words with them.
        (WebCore::lastHyphenLocation): Added libhyphen implementation.

2015-04-29  Myles C. Maxfield  <mmaxfield@apple.com>

        Unreviewed build fix.

        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::fontWithFamily):

2015-04-29  Eric Carlson  <eric.carlson@apple.com>

        Some media tests assert after r183096
        https://bugs.webkit.org/show_bug.cgi?id=144098

        Reviewed by Brent Fulgham.

        Never assert when a MediaPlaybackTargetClient client calls one of the methods on Document
        after it has been unregistered. A media element unregisters itself when it is removed from the 
        document, but scripts can still run and modify state that results in a call to
        playbackTargetPickerClientStateDidChange. Remove the asserts instead of adding checks to
        the various call sites.

        * dom/Document.cpp:
        (WebCore::Document::showPlaybackTargetPicker): Don't assert if the client has already
        been unregistered.
        (WebCore::Document::playbackTargetPickerClientStateDidChange): Ditto.

2015-04-29  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Web process spins endlessly below layoutSimpleLines.
        https://bugs.webkit.org/show_bug.cgi?id=144403
        rdar://problem/20742783

        Reviewed by Antti Koivisto.

        When a text fragment overlaps multiple renderes and it does not fit the current line,
        we revert the text fragment iterator position so that the overlapping content
        gets processed again for the next line.
        However, TextFragmentIterator::revertToFragment() was reverting too much and
        we started processing old content all over again -> infinite loop.

        This patch ensures that text fragment iterator is reverted to the right position.

        Test: fast/text/simple-line-layout-wrapping-multiple-renderers-hang.html

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::createLineRuns):
        * rendering/SimpleLineLayoutTextFragmentIterator.cpp:
        (WebCore::SimpleLineLayout::TextFragmentIterator::revertToEndOfFragment):
        (WebCore::SimpleLineLayout::TextFragmentIterator::revertToFragment): Deleted.
        * rendering/SimpleLineLayoutTextFragmentIterator.h:

2015-04-29  Filip Pizlo  <fpizlo@apple.com>

        JSTypeInfo should have an inline type flag to indicate of getCallData() has been overridden
        https://bugs.webkit.org/show_bug.cgi?id=144397

        Reviewed by Andreas Kling.

        If you override getCallData() and you want to be called a "function", then you need to use the
        new TypeOfShouldCallGetCallData flag.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        * bridge/objc/objc_runtime.h:
        * bridge/runtime_method.h:
        * bridge/runtime_object.h:

2015-04-29  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r183553 and r183561.
        https://bugs.webkit.org/show_bug.cgi?id=144406

        broke the iOS build (Requested by thorton__ on #webkit).

        Reverted changesets:

        "Switch QuickLook soft-linking to use
        QuickLookSoftLink.{h,mm}"
        https://bugs.webkit.org/show_bug.cgi?id=144362
        http://trac.webkit.org/changeset/183553

        "Unreviewed iOS build fix after r183553: fix declaration of
        QLPreviewScheme"
        http://trac.webkit.org/changeset/183561

2015-04-29  Antti Koivisto  <antti@apple.com>

        ResourceLoadPriority should be enum class
        https://bugs.webkit.org/show_bug.cgi?id=144326

        Reviewed by Darin Adler.

        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::process):
        * loader/LinkLoader.cpp:
        (WebCore::LinkLoader::loadLink):
        * loader/ResourceLoadScheduler.cpp:
        (WebCore::ResourceLoadScheduler::scheduleLoad):
        (WebCore::ResourceLoadScheduler::servePendingRequests):
        (WebCore::ResourceLoadScheduler::HostInformation::~HostInformation):
        (WebCore::ResourceLoadScheduler::HostInformation::priorityToIndex):
        (WebCore::ResourceLoadScheduler::HostInformation::schedule):
        (WebCore::ResourceLoadScheduler::HostInformation::remove):
        (WebCore::ResourceLoadScheduler::HostInformation::hasRequests):
        (WebCore::ResourceLoadScheduler::HostInformation::limitRequests):
        * loader/ResourceLoadScheduler.h:
        (WebCore::ResourceLoadScheduler::HostInformation::requestsPending):

            Modernize ResourceLoadScheduler code a bit while switching to enum class.

        * loader/cache/CachedResource.cpp:
        (WebCore::defaultPriorityForResourceType):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):
        * loader/icon/IconLoader.cpp:
        (WebCore::IconLoader::startLoading):
        * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
        (WebCore::WebCoreAVFResourceLoader::startLoading):
        * platform/network/ResourceLoadPriority.h:
        (WebCore::operator++):
        (WebCore::operator--):
        * platform/network/ResourceRequestBase.cpp:
        (WebCore::ResourceRequestBase::adopt):
        (WebCore::ResourceRequestBase::copyData):
        (WebCore::ResourceRequestBase::cachePolicy):
        (WebCore::ResourceRequestBase::priority):
        (WebCore::ResourceRequestBase::setPriority):
        * platform/network/ResourceRequestBase.h:

            Remove bitfields. ResourceRequests are not present in large enough numbers to require this kind of optimization.
            Use modern initialization syntax.

        (WebCore::ResourceRequestBase::ResourceRequestBase):
        (WebCore::CrossThreadResourceRequestDataBase::CrossThreadResourceRequestDataBase): Deleted.
        * platform/network/cf/ResourceRequestCFNet.cpp:
        (WebCore::initializeMaximumHTTPConnectionCountPerHost):
        (WebCore::initializeHTTPConnectionSettingsOnStartup):
        * platform/network/cf/ResourceRequestCFNet.h:
        (WebCore::toResourceLoadPriority):
        (WebCore::toPlatformRequestPriority):
        * platform/network/soup/ResourceRequest.h:
        (WebCore::toSoupMessagePriority):
        * testing/Internals.cpp:
        (WebCore::stringToResourceLoadPriority):

2015-04-29  Myles C. Maxfield  <mmaxfield@apple.com>

        [OS X] Use CTFontCreateForCSS instead of doing font search ourselves
        https://bugs.webkit.org/show_bug.cgi?id=132159

        Reviewed by Darin Adler.

        On platforms that support it, delegate font selection logic to the platform. Currently, this is
        only supported on Mac, using CTFontCreateForCSS().

        This also changes the mechanism that enforces our font whitelist in our tests. We used to
        swizzle the implementations of NSFontManager methods. This patch migrates to using a whitelist of
        font family names instead.

        Note that this patch is a work in progress, because it makes the following tests fail:
        fast/css/font-weight-1.html
        fast/forms/validation-message-appearance.html
        fast/forms/select/optgroup-rendering.html

        No new tests, because there is no behavior change.

        * platform/graphics/FontCache.h: Add a function to set the whitlist.
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::fontWhitelist):
        (WebCore::FontCache::setFontWhitelist):
        (WebCore::toAppKitFontWeight):
        (WebCore::toCoreTextFontWeight):
        (WebCore::fontWithFamily): If ENABLE(PLATFORM_FONT_LOOKUP), use CTFontCreateForCSS().
        (WebCore::FontCache::createFontPlatformData):
        * platform/spi/cocoa/CoreTextSPI.h: Add signature for CTFontCreateForCSS().

2015-04-29  Jer Noble  <jer.noble@apple.com>

        Unreviewed iOS build fix after r183553: fix declaration of QLPreviewScheme

        * platform/ios/QuickLookSoftLink.mm:

2015-04-29  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Use new device picker menu API
        https://bugs.webkit.org/show_bug.cgi?id=144392

        Reviewed by Jer Noble.

        * Modules/mediasession/WebMediaSessionManager.cpp:
        (WebCore::WebMediaSessionManager::showPlaybackTargetPicker): Pass the route state to the picker.
        * platform/graphics/MediaPlaybackTargetPicker.h:

        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.h:
        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
        (WebCore::MediaPlaybackTargetPickerMac::MediaPlaybackTargetPickerMac):  m_deviceChangeTimer -> m_pendingActionTimer.
        (WebCore::MediaPlaybackTargetPickerMac::~MediaPlaybackTargetPickerMac): Ditto.
        (WebCore::MediaPlaybackTargetPickerMac::pendingActionTimerFired): Renamed from 
        outputeDeviceAvailabilityChangedTimerFired.
        (WebCore::MediaPlaybackTargetPickerMac::availableDevicesDidChange): Use addPendingAction.
        (WebCore::MediaPlaybackTargetPickerMac::showPlaybackTargetPicker): Call new picker API if it is
        available. New API returns true if a target is chosen, so call currentDeviceDidChange in that case.
        (WebCore::MediaPlaybackTargetPickerMac::addPendingAction): New.
        (WebCore::MediaPlaybackTargetPickerMac::currentDeviceDidChange): Make asynchronous because it 
        can now be called from showPlaybackTargetPicker.
        (WebCore::MediaPlaybackTargetPickerMac::outputeDeviceAvailabilityChangedTimerFired): Renamed
        pendingActionTimerFired.

        * platform/spi/cocoa/AVKitSPI.h: Add new SPI.

2015-04-29  Antti Koivisto  <antti@apple.com>

        Main resource loaded via 304 response becomes empty if reloaded by user
        https://bugs.webkit.org/show_bug.cgi?id=144386

        Reviewed by Darin Adler.

        Memory cache layer may make a main resource request conditional (add If-modified-since/If-none-match header).
        DocumentLoader stores the final ResourceRequest associated with document. If user triggered reload for
        conditionally loaded document DocumentLoader would include the same conditionals to the new request as well.
        Since these were not added by the memory cache it would pass any 304 response back to the DocumentLoader.
        However DocumentLoader has no code to handle 304 so we would end up with an empty document.

        Test: http/tests/cache/main-resource-304-reload.html

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::startLoadingMainResource):

            Ensure DocumentLoader doesn't issue conditional requests.

2015-04-28  Jer Noble  <jer.noble@apple.com>

        Replace HTMLMediaElement's seek timer with a task queue.
        https://bugs.webkit.org/show_bug.cgi?id=144353

        Reviewed by Eric Carlson.

        No change in functionality, so no new tests added.

        Replace a zero-length timer with an explicit task queue, backed by Document's postTask(). To
        make enqueued tasks cancellable, add a new GenericTaskQueue class modelled on
        GenericEventQueue which can cancel enqueued but not-yet-executed tasks.

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/GenericTaskQueue.cpp: Added.
        (WebCore::GenericTaskQueue::GenericTaskQueue): Initialize ivars.
        (WebCore::GenericTaskQueue::enqueueTask): Wrap the task and pass it to the ScriptExecutionContext.
        (WebCore::GenericTaskQueue::close): Assert that the task queue will not accept any additional tasks.
        (WebCore::GenericTaskQueue::cancelAllTasks): Revoke outstanding weak pointers, thereby cancelling tasks.
        * dom/GenericTaskQueue.h: Added.
        (WebCore::GenericTaskQueue::hasPendingTasks):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement): Initialize the task queue.
        (WebCore::HTMLMediaElement::~HTMLMediaElement): Close the task queue.
        (WebCore::HTMLMediaElement::seekWithTolerance): Post a task, rather than start a timer.
        (WebCore::HTMLMediaElement::seekTask): Renamed from seekTimerFired().
        (WebCore::HTMLMediaElement::seekTimerFired): Deleted.
        * html/HTMLMediaElement.h:

2015-04-28  David Kilzer  <ddkilzer@apple.com>

        Switch QuickLook soft-linking to use QuickLookSoftLink.{h,mm}
        <http://webkit.org/b/144362>

        Reviewed by Andy Estes.

        This patch switches soft-linking of QuickLook.framework to
        QuickLookSoftLink.{h,mm} so that we stop exporting unintended
        symbols.

        No new tests since no change in behavior.

        * WebCore.xcodeproj/project.pbxproj:
        - Add QuickLookSoftLinking.{h,mm} to the project.

        * platform/ios/QuickLookSoftLink.h: Added.
        * platform/ios/QuickLookSoftLink.mm: Added.
        * platform/mac/SoftLinking.h:
        (SOFT_LINK_CLASS_FOR_HEADER): Add macro.
        (SOFT_LINK_CLASS_FOR_SOURCE): Add macro.

        * platform/network/ios/QuickLook.h:
        - Remove unused declarations.

        * platform/network/ios/QuickLook.mm:
        (WebCore::QLPreviewConverterClass): Deleted.
        (WebCore::QLTypeCopyBestMimeTypeForFileNameAndMimeType): Deleted.
        (WebCore::QLTypeCopyBestMimeTypeForURLAndMimeType): Deleted.
        (WebCore::QLTypeCopyUTIForURLAndMimeType): Deleted.
        - Remove SOFT_LINK macros and unused methods after switching to
          new QuickLookSoftLink.{h,mm}.
        (WebCore::QLPreviewGetSupportedMIMETypesSet):
        - Switch to use NeverDestroyed<>.
        (WebCore::registerQLPreviewConverterIfNeeded):
        (createQLPreviewProtocol):
        (WebCore::QLPreviewProtocol):
        (WebCore::QuickLookHandle::QuickLookHandle):
        (WebCore::QuickLookHandle::create):
        (WebCore::QuickLookHandle::shouldCreateForMIMEType):
        - Simplify code when using QuickLookSoftLink.h.

        * platform/network/ios/WebCoreURLResponseIOS.mm:
        - Include QuickLookSoftLink.h header.

2015-04-29  Darin Adler  <darin@apple.com>

        [ES6] Implement Unicode code point escapes
        https://bugs.webkit.org/show_bug.cgi?id=144377

        Reviewed by Antti Koivisto.

        Test: js/unicode-escape-sequences.html

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseEscape): Use ICU's UCHAR_MAX_VALUE instead of writing
        out 0x10FFFF; clearer this way. Also use our replacementCharacter instead of
        writing out 0xFFFD.

        * html/parser/HTMLEntityParser.cpp:
        (WebCore::isAlphaNumeric): Deleted.
        (WebCore::HTMLEntityParser::legalEntityFor): Use ICU's UCHAR_MAX_VALUE and
        U_IS_SURROGATE instead of writing the code out. Didn't use U_IS_UNICODE_CHAR
        because that also includes U_IS_UNICODE_NONCHAR and thus would change behavior,
        but maye it's something we want to do in the future.
        (WebCore::HTMLEntityParser::consumeNamedEntity): Use isASCIIAlphanumeric instead
        of a the function in this file that does the same thing less efficiently.

        * html/parser/InputStreamPreprocessor.h:
        (WebCore::InputStreamPreprocessor::processNextInputCharacter): Use
        replacementCharacter from CharacterNames.h instead of writing out 0xFFFd.

        * xml/parser/CharacterReferenceParserInlines.h:
        (WebCore::consumeCharacterReference): Use ICU's UCHAR_MAX_VALUE instead of
        defining our own local highestValidCharacter constant.

2015-04-29  Martin Robinson  <mrobinson@igalia.com>

        [CMake] [GTK] Organize and clean up unused CMake variables
        https://bugs.webkit.org/show_bug.cgi?id=144364

        Reviewed by Gyuyoung Kim.

        * PlatformGTK.cmake: Add variables specific to this project.

2015-04-29  Carlos Garcia Campos  <cgarcia@igalia.com>

        REGRESSION(r182573): [GTK] The default context menu contains an empty item since r182573
        https://bugs.webkit.org/show_bug.cgi?id=144388

        Reviewed by Brady Eidson.

        There used to be a method in ContextMenuItem to check if share
        menu item was supported or not, but since r182573, there's a
        method to get the share menu item. If the returned menu item is
        null, it's not added to the menu, but we are not returning a null
        ContextMenu item even though we don't support share menu item.

        * platform/gtk/ContextMenuItemGtk.cpp:
        (WebCore::ContextMenuItem::shareMenuItem): Return a null ContextMenuItem.

2015-04-29  Zan Dobersek  <zdobersek@igalia.com>

        Switch to std::function<>, std::bind() in MediaPlayerPrivateAVFoundationObjC
        https://bugs.webkit.org/show_bug.cgi?id=144232

        Reviewed by Darin Adler.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (-[WebCoreAVFMovieObserver observeValueForKeyPath:ofObject:change:context:]): 
        Replace uses of WTF::Function<> and WTF::bind() with the STL alternatives.

2015-04-29  Hyungwook Lee  <hyungwook.lee@navercorp.com>

        Fix crash in WebCore::LogicalSelectionOffsetCaches::ContainingBlockInfo::setBlock().
        https://bugs.webkit.org/show_bug.cgi?id=140261

        Reviewed by Darin Adler.

        We need to check whether RenderObject is valid in RenderView::fooSubtreeSelection functions
        because invalid object has caused a crash. This patch adds isValidObjectForNewSelection(), and use it.

        * rendering/RenderView.cpp:
        (WebCore::isValidObjectForNewSelection):
        (WebCore::RenderView::clearSubtreeSelection):
        (WebCore::RenderView::applySubtreeSelection):

2015-04-29  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        Synchronous XMLHttpRequest should get access to AppCache resources stored as flat files
        https://bugs.webkit.org/show_bug.cgi?id=143711

        Reviewed by Darin Adler.

        This patch checks whether a substitute resource data is stored in memory or in file for synchronous loads.
        If data is stored in file, it reads the data through SharedBuffer::createWithContentsOfFile.
        This patch refactors some routines to replace Vector<char> by SharedBuffer to transmit response data.

        Test: http/tests/appcache/simple-video-sync.html

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):
        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::loadRequest):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadResourceSynchronously):
        * loader/FrameLoader.h:
        * loader/appcache/ApplicationCacheHost.cpp:
        (WebCore::ApplicationCacheHost::maybeLoadResource):
        (WebCore::ApplicationCacheHost::createFileURL):
        (WebCore::ApplicationCacheHost::maybeLoadSynchronously):
        (WebCore::ApplicationCacheHost::maybeLoadFallbackSynchronously):
        * loader/appcache/ApplicationCacheHost.h:
        * xml/XSLTProcessorLibxslt.cpp:
        (WebCore::docLoaderFunc):
        * xml/parser/XMLDocumentParserLibxml2.cpp:
        (WebCore::openFunc):

2015-04-29  Gyuyoung Kim  <gyuyoung.kim@webkit.org>

        Purge PassRefPtr from createSVGPathSegFoo factory functions
        https://bugs.webkit.org/show_bug.cgi?id=144374

        Reviewed by Darin Adler.

        Use Ref instead of PassRefPtr in createSVGPathSegFoo functions because
        those factory functions can't return null. Additionally let's remove unnecessary
        #include<PassRefPtr.h> there.

        No new tests, no behavior changes.

        * svg/SVGColor.cpp:
        (WebCore::SVGColor::cloneForCSSOM):
        * svg/SVGColor.h:
        * svg/SVGGlyphMap.h:
        (WebCore::GlyphMapNode::create):
        * svg/SVGPaint.cpp:
        (WebCore::SVGPaint::cloneForCSSOM):
        * svg/SVGPaint.h:
        * svg/SVGPathElement.cpp:
        (WebCore::SVGPathElement::createSVGPathSegClosePath):
        (WebCore::SVGPathElement::createSVGPathSegMovetoAbs):
        (WebCore::SVGPathElement::createSVGPathSegMovetoRel):
        (WebCore::SVGPathElement::createSVGPathSegLinetoAbs):
        (WebCore::SVGPathElement::createSVGPathSegLinetoRel):
        (WebCore::SVGPathElement::createSVGPathSegCurvetoCubicAbs):
        (WebCore::SVGPathElement::createSVGPathSegCurvetoCubicRel):
        (WebCore::SVGPathElement::createSVGPathSegCurvetoQuadraticAbs):
        (WebCore::SVGPathElement::createSVGPathSegCurvetoQuadraticRel):
        (WebCore::SVGPathElement::createSVGPathSegArcAbs):
        (WebCore::SVGPathElement::createSVGPathSegArcRel):
        (WebCore::SVGPathElement::createSVGPathSegLinetoHorizontalAbs):
        (WebCore::SVGPathElement::createSVGPathSegLinetoHorizontalRel):
        (WebCore::SVGPathElement::createSVGPathSegLinetoVerticalAbs):
        (WebCore::SVGPathElement::createSVGPathSegLinetoVerticalRel):
        (WebCore::SVGPathElement::createSVGPathSegCurvetoCubicSmoothAbs):
        (WebCore::SVGPathElement::createSVGPathSegCurvetoCubicSmoothRel):
        (WebCore::SVGPathElement::createSVGPathSegCurvetoQuadraticSmoothAbs):
        (WebCore::SVGPathElement::createSVGPathSegCurvetoQuadraticSmoothRel):
        * svg/SVGPathElement.h:
        * svg/SVGPathSegArcAbs.h:
        (WebCore::SVGPathSegArcAbs::create):
        * svg/SVGPathSegArcRel.h:
        (WebCore::SVGPathSegArcRel::create):
        * svg/SVGPathSegClosePath.h:
        (WebCore::SVGPathSegClosePath::create):
        * svg/SVGPathSegCurvetoCubicAbs.h:
        (WebCore::SVGPathSegCurvetoCubicAbs::create):
        * svg/SVGPathSegCurvetoCubicRel.h:
        (WebCore::SVGPathSegCurvetoCubicRel::create):
        * svg/SVGPathSegCurvetoCubicSmoothAbs.h:
        (WebCore::SVGPathSegCurvetoCubicSmoothAbs::create):
        * svg/SVGPathSegCurvetoCubicSmoothRel.h:
        (WebCore::SVGPathSegCurvetoCubicSmoothRel::create):
        * svg/SVGPathSegCurvetoQuadraticAbs.h:
        (WebCore::SVGPathSegCurvetoQuadraticAbs::create):
        * svg/SVGPathSegCurvetoQuadraticRel.h:
        (WebCore::SVGPathSegCurvetoQuadraticRel::create):
        * svg/SVGPathSegCurvetoQuadraticSmoothAbs.h:
        (WebCore::SVGPathSegCurvetoQuadraticSmoothAbs::create):
        * svg/SVGPathSegCurvetoQuadraticSmoothRel.h:
        (WebCore::SVGPathSegCurvetoQuadraticSmoothRel::create):
        * svg/SVGPathSegLinetoAbs.h:
        (WebCore::SVGPathSegLinetoAbs::create):
        * svg/SVGPathSegLinetoHorizontalAbs.h:
        (WebCore::SVGPathSegLinetoHorizontalAbs::create):
        * svg/SVGPathSegLinetoHorizontalRel.h:
        (WebCore::SVGPathSegLinetoHorizontalRel::create):
        * svg/SVGPathSegLinetoRel.h:
        (WebCore::SVGPathSegLinetoRel::create):
        * svg/SVGPathSegLinetoVerticalAbs.h:
        (WebCore::SVGPathSegLinetoVerticalAbs::create):
        * svg/SVGPathSegLinetoVerticalRel.h:
        (WebCore::SVGPathSegLinetoVerticalRel::create):
        * svg/SVGPathSegMovetoAbs.h:
        (WebCore::SVGPathSegMovetoAbs::create):
        * svg/SVGPathSegMovetoRel.h:
        (WebCore::SVGPathSegMovetoRel::create):
        * svg/SVGViewSpec.h:
        (WebCore::SVGViewSpec::create):
        * svg/animation/SMILTimeContainer.h:
        (WebCore::SMILTimeContainer::create):
        * svg/animation/SVGSMILElement.cpp:
        (WebCore::ConditionEventListener::create):
        * svg/graphics/SVGImage.h:
        * svg/graphics/SVGImageForContainer.h:
        * svg/graphics/filters/SVGFilter.cpp:
        (WebCore::SVGFilter::create):
        * svg/graphics/filters/SVGFilter.h:

2015-04-28  Simon Fraser  <simon.fraser@apple.com>

        Make a non-static version of FrameView::yPositionForRootContentLayer()
        https://bugs.webkit.org/show_bug.cgi?id=144375

        Reviewed by Andy Estes.

        There were two calls to the static FrameView::yPositionForRootContentLayer()
        which passed in all the arguments for the same FrameView. Make a member
        function for convenience.

        * page/FrameView.cpp:
        (WebCore::FrameView::yPositionForRootContentLayer):
        * page/FrameView.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateRootLayerPosition):

2015-04-28  Ryuan Choi  <ryuan.choi@navercorp.com>

        [CoordinatedGraphics] Merge TILED_BACKING_STORE guard with COORDINATED_GRAPHICS
        https://bugs.webkit.org/show_bug.cgi?id=143001

        Reviewed by Gyuyoung Kim.

        TiledBackingStore has only been used by Coordinated Graphics since Qt and WebKit1/Efl were dropped.
        So, this patch replaces USE(TILED_BACKING_STORE) with USE(COORDINATED_GRAPHICS) to merge the features.

        In addition, this moves TiledBackingStore and related files from platform to platform/texmap/coordinated
        where other coordinated graphics files are located.

        * CMakeLists.txt: Move TiledBackingStore.cpp because this is not common file.
        * PlatformEfl.cmake:
        * PlatformGTK.cmake:
        * WebCore.vcxproj/WebCore.vcxproj: Follow new location of TiledBackingStore* files.
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * loader/EmptyClients.h:
        * page/Chrome.cpp:
        * page/Chrome.h:
        * page/ChromeClient.h:
        * page/Frame.cpp:
        (WebCore::Frame::createView):
        * page/FrameView.cpp:
        (WebCore::FrameView::requestScrollPositionUpdate):
        * page/FrameView.h:
        * page/Page.cpp:
        (WebCore::Page::setPageScaleFactor):
        * platform/HostWindow.h:
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::unscaledVisibleContentSizeIncludingObscuredArea):
        (WebCore::ScrollView::unscaledUnobscuredVisibleContentSize):
        (WebCore::ScrollView::visibleContentRectInternal):
        (WebCore::ScrollView::scrollTo):
        * platform/ScrollView.h:
        * platform/graphics/cairo/TileCairo.h: Removed because it is dead code since r169328
        * platform/graphics/texmap/coordinated/Tile.h: Renamed from Source/WebCore/platform/graphics/Tile.h.
        * platform/graphics/texmap/coordinated/TiledBackingStore.cpp: Renamed from Source/WebCore/platform/graphics/TiledBackingStore.cpp.
        * platform/graphics/texmap/coordinated/TiledBackingStore.h: Renamed from Source/WebCore/platform/graphics/TiledBackingStore.h.
        * platform/graphics/texmap/coordinated/TiledBackingStoreBackend.h: Renamed from Source/WebCore/platform/graphics/TiledBackingStoreBackend.h.
        * platform/graphics/texmap/coordinated/TiledBackingStoreClient.h: Renamed from Source/WebCore/platform/graphics/TiledBackingStoreClient.h.

2015-04-28  Brent Fulgham  <bfulgham@apple.com>

        REGRESSION(180076): [Mac, iOS] Correct possible null dereference in printing code
        https://bugs.webkit.org/show_bug.cgi?id=144366
        <rdar://problem/20533513>

        Reviewed by Dean Jackson.

        * rendering/RenderBlockFlow.cpp:
        (WebCore::needsAppleMailPaginationQuirk): Check if the document settings is a nullptr
        before attempting to dereference it. 

2015-04-28  Andreas Kling  <akling@apple.com>

        Simplify DOM wrapper destruction, don't deref() in finalizers.
        <https://webkit.org/b/144183>

        Reviewed by Darin Adler.

        DOM JS bindings had two mechanisms to call deref() on the WebCore object,
        once through a weak finalizer, and once through the JSCell's regular destructor.

        That was once believed to be an optimization, but these days the finalizer will
        run just moments before the destructor anyway, all in the same call stack.
        And more importantly, the finalizer is not guaranteed to run, for instance in the
        case where a Weak is assigned to after going dead, but before the WeakBlock
        has been swept by the incremental sweeper.

        Simplify this by just removing the deref() from the generated finalizers.
        This makes it easier to reason about DOM wrapper destruction, and eliminates
        the awkward time window  where a DOM wrapper could have a null impl().

        We could spend more time on figuring out a way to have finalizers manage the
        destruction of these wrappers, but that would require fundamental changes to
        our implementation of JSC::Weak pointers. It would allow us to make JSDOMWrapper
        destructor-less, and shrink each wrapper object by 1 pointer (the ClassInfo*.)
        However the risk:reward ratio does not seem justified at this point in time.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        (GenerateImplementation):
        * bindings/js/JSCSSValueCustom.cpp:
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        (WebCore::JSTestActiveDOMObject::~JSTestActiveDOMObject):
        (WebCore::JSTestActiveDOMObjectOwner::finalize):
        * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
        (WebCore::JSTestCustomNamedGetter::~JSTestCustomNamedGetter):
        (WebCore::JSTestCustomNamedGetterOwner::finalize):
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        (WebCore::JSTestEventConstructor::~JSTestEventConstructor):
        (WebCore::JSTestEventConstructorOwner::finalize):
        * bindings/scripts/test/JS/JSTestEventConstructor.h:
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::JSTestEventTarget::~JSTestEventTarget):
        (WebCore::JSTestEventTargetOwner::finalize):
        * bindings/scripts/test/JS/JSTestEventTarget.h:
        * bindings/scripts/test/JS/JSTestException.cpp:
        (WebCore::JSTestException::~JSTestException):
        (WebCore::JSTestExceptionOwner::finalize):
        * bindings/scripts/test/JS/JSTestException.h:
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        (WebCore::JSTestGenerateIsReachable::~JSTestGenerateIsReachable):
        (WebCore::JSTestGenerateIsReachableOwner::finalize):
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        (WebCore::JSTestInterface::~JSTestInterface):
        (WebCore::JSTestInterfaceOwner::finalize):
        * bindings/scripts/test/JS/JSTestInterface.h:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        (WebCore::JSTestMediaQueryListListener::~JSTestMediaQueryListListener):
        (WebCore::JSTestMediaQueryListListenerOwner::finalize):
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        (WebCore::JSTestNamedConstructor::~JSTestNamedConstructor):
        (WebCore::JSTestNamedConstructorOwner::finalize):
        * bindings/scripts/test/JS/JSTestNamedConstructor.h:
        * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
        (WebCore::JSTestNondeterministic::~JSTestNondeterministic):
        (WebCore::JSTestNondeterministicOwner::finalize):
        * bindings/scripts/test/JS/JSTestNondeterministic.h:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::JSTestObj::~JSTestObj):
        (WebCore::JSTestObjOwner::finalize):
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        (WebCore::JSTestOverloadedConstructors::~JSTestOverloadedConstructors):
        (WebCore::JSTestOverloadedConstructorsOwner::finalize):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        (WebCore::JSTestSerializedScriptValueInterface::~JSTestSerializedScriptValueInterface):
        (WebCore::JSTestSerializedScriptValueInterfaceOwner::finalize):
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        (WebCore::JSTestTypedefs::~JSTestTypedefs):
        (WebCore::JSTestTypedefsOwner::finalize):
        * bindings/scripts/test/JS/JSTestTypedefs.h:
        * bindings/scripts/test/JS/JSattribute.cpp:
        (WebCore::JSattribute::~JSattribute):
        (WebCore::JSattributeOwner::finalize):
        * bindings/scripts/test/JS/JSattribute.h:
        * bindings/scripts/test/JS/JSreadonly.cpp:
        (WebCore::JSreadonly::~JSreadonly):
        (WebCore::JSreadonlyOwner::finalize):
        * bindings/scripts/test/JS/JSreadonly.h:

2015-04-28  Alex Christensen  <achristensen@webkit.org>

        Build WinCairo without cygwin.
        https://bugs.webkit.org/show_bug.cgi?id=144365

        Reviewed by Myles Maxfield.

        * WebCore.vcxproj/WebCoreGeneratedWinCairo.make:
        Pass the CC executable to build-generated-files.pl like r182164.
        * WebCore.vcxproj/build-generated-files.pl:
        Default to 8 CPUs unless otherwise specified.

2015-04-28  Sam Weinig  <sam@webkit.org>

        [Content Extensions] Process NFAs individually to avoid having all NFAs live at the same time
        https://bugs.webkit.org/show_bug.cgi?id=144363

        Reviewed by Alex Christensen.

        This brings dirty memory use when compiling our test content extension down from ~300MB to ~100MB.

        * contentextensions/CombinedURLFilters.cpp:
        (WebCore::ContentExtensions::CombinedURLFilters::processNFAs):
        (WebCore::ContentExtensions::CombinedURLFilters::createNFAs): Deleted.
        * contentextensions/CombinedURLFilters.h:
        Replace function that creates a Vector of all the NFAs with one that allows incremental processing
        as they are created.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::addUniversalActionsToDFA):
        Extract code to add universal actions into a helper, since we need to call it in two places now.

        (WebCore::ContentExtensions::compileRuleList):
        Adopt CombinedURLFilters::processNFAs. Now that we don't have a Vector of NFAs, we need to keep track
        of whether or not any NFAs were processed and if we are currently processing the first NFA so we can
        ensure that we have some bytecode generated event for empty rule sets, and that universal actions are
        placed on the first DFA.

2015-04-28  Timothy Horton  <timothy_horton@apple.com>

        [TextIndicator] Yellow highlight takes too long to fade out on scroll
        https://bugs.webkit.org/show_bug.cgi?id=144358
        <rdar://problem/19451011>

        Reviewed by Beth Dakin.

        * page/TextIndicator.h:
        Add Lifetime and DismissalAnimation enums.

        (WebCore::TextIndicator::contentImageWithHighlight):
        (WebCore::TextIndicator::contentImage):
        Fix style.

        * page/mac/TextIndicatorWindow.h:
        * page/mac/TextIndicatorWindow.mm:
        (WebCore::TextIndicatorWindow::TextIndicatorWindow):
        (WebCore::TextIndicatorWindow::~TextIndicatorWindow):
        (WebCore::TextIndicatorWindow::clearTextIndicator):
        (WebCore::TextIndicatorWindow::setTextIndicator):
        (WebCore::TextIndicatorWindow::closeWindow):
        (WebCore::TextIndicatorWindow::startFadeOut):
        Rename m_startFadeOutTimer to m_temporaryTextIndicatorTimer (and related).
        This is just about temporary-lifetime TextIndicators, like the ones
        you get when the find-in-page UI is hidden but you hit Cmd-G.

        Add clearTextIndicator, which takes a DismissalAnimation, providing
        clients an opportunity to avoid the normal fade-out animation, if it
        was going to happen.

2015-04-28  Michael Catanzaro  <mcatanzaro@igalia.com>

        Fully replace ENABLE_LLINT_C_LOOP with ENABLE_JIT
        https://bugs.webkit.org/show_bug.cgi?id=144304

        Reviewed by Geoffrey Garen.

        Define ENABLE_JIT, enabled by default, instead of ENABLE_LLINT_C_LOOP, disabled by default.

        * Configurations/FeatureDefines.xcconfig:

2015-04-28  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r183514.
        https://bugs.webkit.org/show_bug.cgi?id=144359

        It broke cloop test bots (Requested by mcatanzaro on #webkit).

        Reverted changeset:

        "Fully replace ENABLE_LLINT_C_LOOP with ENABLE_JIT"
        https://bugs.webkit.org/show_bug.cgi?id=144304
        http://trac.webkit.org/changeset/183514

2015-04-28  Michael Catanzaro  <mcatanzaro@igalia.com>

        Fully replace ENABLE_LLINT_C_LOOP with ENABLE_JIT
        https://bugs.webkit.org/show_bug.cgi?id=144304

        Reviewed by Geoffrey Garen.

        Define ENABLE_JIT, enabled by default, instead of ENABLE_LLINT_C_LOOP, disabled by default.

        * Configurations/FeatureDefines.xcconfig:

2015-04-28  Zalan Bujtas  <zalan@apple.com>

        Checkboxes on bugs.webkit.org are painted with stripes at some zoom levels.
        https://bugs.webkit.org/show_bug.cgi?id=144351

        Reviewed by Simon Fraser.

        This patch ensures that CG context is properly restored after painting dashed/dotted lines.

        Test: fast/forms/checkbox-painting-with-hr.html

        * platform/graphics/cg/GraphicsContextCG.cpp:
        (WebCore::GraphicsContext::drawLine):

2015-04-28  Simon Fraser  <simon.fraser@apple.com>

        Provide contentsToView() and viewToContents() functions on ScrollView, and use them
        https://bugs.webkit.org/show_bug.cgi?id=144357

        Reviewed by Tim Horton.

        Too much code was consulting topContentInset() and headerHeight() directly. Replace
        with calls to new contentsToView() and viewToContents() functions, which wrap the
        exisiting documentScrollOffsetRelativeToViewOrigin().
        
        Use the new functions in FrameView and ScrollView coordinate mapping functions.
        
        No behavior change.

        * page/FrameView.cpp:
        (WebCore::FrameView::convertFromRendererToContainingView):
        (WebCore::FrameView::convertFromContainingViewToRenderer):
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::viewToContents):
        (WebCore::ScrollView::contentsToView):
        (WebCore::ScrollView::rootViewToContents):
        (WebCore::ScrollView::contentsToRootView):
        (WebCore::ScrollView::rootViewToTotalContents):
        (WebCore::ScrollView::windowToContents):
        (WebCore::ScrollView::contentsToWindow):
        * platform/ScrollView.h:

2015-04-28  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Simplify code to support media engines which do not support target playback
        https://bugs.webkit.org/show_bug.cgi?id=144332

        Reviewed by Jer Noble.

        * Modules/mediasession/WebMediaSessionManager.cpp:
        (WebCore::WebMediaSessionManager::externalOutputDeviceAvailableDidChange): Always make client
        callback, let them decide if it is significant or not.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement): m_loadTimer -> m_pendingActionTimer.
        (WebCore::HTMLMediaElement::scheduleDelayedAction): Handle CheckPlaybackTargetCompatablity.
        (WebCore::HTMLMediaElement::scheduleNextSourceChild): m_loadTimer -> m_pendingActionTimer.
        (WebCore::HTMLMediaElement::loadTimerFired): Renamed pendingActionTimerFired.
        (WebCore::HTMLMediaElement::prepareForLoad): m_loadTimer -> m_pendingActionTimer.
        (WebCore::HTMLMediaElement::setDefaultPlaybackRate): Add logging.
        (WebCore::HTMLMediaElement::clearMediaPlayer): m_loadTimer -> m_pendingActionTimer.
        (WebCore::HTMLMediaElement::webkitCurrentPlaybackTargetIsSupported): Removed.
        (WebCore::HTMLMediaElement::dispatchEvent): If a 'webkitcurrentplaybacktargetiswirelesschanged'
        event is dispatched when the current target is wireless but the media engine does not support
        wireless playback, tell the media engine not to play to the target.
        * html/HTMLMediaElement.h:
        * html/HTMLMediaElement.idl:

        * html/HTMLMediaSession.cpp:
        (WebCore::HTMLMediaSession::showPlaybackTargetPicker): Drive-by fix to disallow audio-only files.
        (WebCore::HTMLMediaSession::currentPlaybackTargetIsSupported): Deleted.
        * html/HTMLMediaSession.h:

        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::isCurrentPlaybackTargetSupported): Deleted.
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/MediaPlayerPrivate.h:

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldPlayToPlaybackTarget): Use a RetainPtr
        to explicitly manage the lifetime of the temporary object.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::isPlayingToWirelessPlaybackTarget): Ditto.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setShouldPlayToPlaybackTarget):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::isCurrentPlaybackTargetWireless):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::isCurrentPlaybackTargetSupported): Deleted.

        * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::setShouldPlayToPlaybackTarget):
        (WebCore::MediaPlayerPrivateQTKit::isCurrentPlaybackTargetWireless):
        (WebCore::MediaPlayerPrivateQTKit::isCurrentPlaybackTargetSupported): Deleted.

2015-04-28  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Use less memory for CombinedURLFilters.
        https://bugs.webkit.org/show_bug.cgi?id=144290

        Reviewed by Andreas Kling.

        * contentextensions/CombinedURLFilters.cpp:
        (WebCore::ContentExtensions::recursiveMemoryUsed):
        (WebCore::ContentExtensions::CombinedURLFilters::addPattern):
        (WebCore::ContentExtensions::generateNFAForSubtree):
        (WebCore::ContentExtensions::CombinedURLFilters::createNFAs):
        * contentextensions/NFA.cpp:
        (WebCore::ContentExtensions::NFA::memoryUsed):
        (WebCore::ContentExtensions::NFA::setActions):
        * contentextensions/NFA.h:
        * contentextensions/NFANode.h:
        * contentextensions/Term.h:
        (WebCore::ContentExtensions::Term::Term::generateGraph):
        (WebCore::ContentExtensions::Term::generateSubgraphForAtom):
        Use Vectors instead of HashTables in PrefixTreeVertex because the sets stay small and need to be more memory efficient.

2015-04-28  Brady Eidson  <beidson@apple.com>

        Consolidate most "frame load" arguments into FrameLoadRequest.
        https://bugs.webkit.org/show_bug.cgi?id=144276

        Reviewed by Alexey Proskuryakov.

        No new tests (No change in behavior).
        
        This patch starts the long overdue process of wrangling the insane load methods in FrameLoader.
        
        Humble beginnings of this long process:
        - Put most of the various "frame load" arguments that are passed around within FrameLoader on FrameLoadRequest.
        - Get rid of the "easy" constructors of FrameLoadRequest, forcing users to actually think about what they're doing.
        - Change a private FrameLoader load method (urlSelected) to take a FrameLoadRequest instead of argument gobbledygook.
        - Change a public FrameLoader load methods (changeLocation) to take a FrameLoadRequest instead of gobbledygook.
        
        These cover the straightforward changes where it was easy to figure out what the values of the FrameLoadRequest
        arguments were from these various call sites.
        
        Further refactoring can be done in much smaller patches, handling fewer cases at a time. Little by little we will be
        able to reduce the number of "load" methods on FrameLoader and make sure that they mainly only take a FrameLoadRequest
        as an argument.

        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorFrontendClientLocal::openInNewTab):
        
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::navigate):
        
        * loader/FrameLoadRequest.cpp:
        (WebCore::FrameLoadRequest::FrameLoadRequest):
        * loader/FrameLoadRequest.h:
        (WebCore::FrameLoadRequest::FrameLoadRequest):
        (WebCore::FrameLoadRequest::lockHistory):
        (WebCore::FrameLoadRequest::lockBackForwardList):
        (WebCore::FrameLoadRequest::shouldSendReferrer):
        (WebCore::FrameLoadRequest::allowNavigationToInvalidURL):
        (WebCore::FrameLoadRequest::newFrameOpenerPolicy):
        (WebCore::FrameLoadRequest::shouldReplaceDocumentIfJavaScriptURL):
        
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::changeLocation):
        (WebCore::FrameLoader::urlSelected):
        (WebCore::FrameLoader::loadFrameRequest):
        * loader/FrameLoader.h:
        
        * loader/NavigationScheduler.cpp:
        (WebCore::NavigationScheduler::scheduleLocationChange):
        
        * page/ContextMenuController.cpp:
        (WebCore::openNewWindow):
        (WebCore::ContextMenuController::contextMenuItemSelected):
        
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::createWindow):

2015-04-27  Myles C. Maxfield  <mmaxfield@apple.com>

        [Mac] [iOS] Implement font-synthesis CSS property
        https://bugs.webkit.org/show_bug.cgi?id=144305

        Reviewed by Andreas Kling.

        This patch is fairly straightforward, though there are some particular pieces to the patch listed below.

        The implementation of this font-synthesis CSS property lives inside FontCacheIOS and FontCacheMac. We already
        determine if we should synthesize bold and italics, this CSS property simply guards that decision.

        Because FontCache interacts with FontDescriptions and not RenderStyles, this patch moves the source of truth
        regarding font-synthesis into FontDescription (from RenderStyle).

        Test: fast/css3-text/font-synthesis.html

        * css/CSSPropertyNames.in: Mark font-synthesis as a FontProperty, which means that the relevant state is kept
        inside FontDescription. This also means that the property must be marked as a "high priority" property, which
        is enforced by it existing at the top of CSSPropertyNames.in. The move to FontDescription must be done so that
        FontCacheIOS and FontCacheMac have access to the saved state.
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::fontSynthesisFromStyle): Update to look for state in FontDescription instead of RenderStyle.
        * css/CSSSegmentedFontFace.cpp:
        (WebCore::CSSSegmentedFontFace::fontRanges): Guard the synthetic bold and synthic italic decision on the new
        FontSynthesis state inside FontDescription.
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertFontSynthesis): Moved from
        StyleBuilderCustom::applyValueFontSynthesis(). This is because of the updated options inside of
        CSSPropertyNames.in
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyValueFontSynthesis): Deleted.
        * platform/graphics/FontDescription.h:
        (WebCore::FontDescription::FontDescription): Moved from RenderStyle.
        (WebCore::FontDescription::fontSynthesis): Ditto.
        (WebCore::FontDescription::setFontSynthesis): Ditto.
        (WebCore::FontDescription::initialFontSynthesis): Ditto.
        (WebCore::FontDescription::operator==): Update to include new state.
        * platform/graphics/FontCache.h:
        (WebCore::FontDescriptionFontDataCacheKey::makeFlagKey): Make FontDescription hashes sensitive to the new
        state inside FontDescription.
        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::FontCache::createFontPlatformData): Guard the synthetic bold and synthetic italic decision on the
        new FontSynthesis state inside FontDescription.
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::FontCache::createFontPlatformData): Ditto.
        * platform/text/TextFlags.h: Move FontSynthesis type from RenderStyleConstants.
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::fontSynthesis): Moved to FontDescription.
        (WebCore::RenderStyle::setFontSynthesis): Ditto.
        (WebCore::RenderStyle::initialFontSynthesis): Ditto.
        * rendering/style/RenderStyleConstants.h: Moved FontSynthesis type to TextFlags.
        * rendering/style/StyleRareInheritedData.h: Remove state regarding font synthesis (moved to FontDescription)

2015-04-28  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        SharedBuffer::copy is not computing the buffer size correctly when having m_dataArray
        https://bugs.webkit.org/show_bug.cgi?id=144321

        Reviewed by Darin Adler.

        Patch correctness covered by existing tests.

        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::copy): Direct appending to m_dataArray and not using append method as this method updates the SharedBuffer size.

2015-04-28  Per Arne Vollan  <peavo@outlook.com>

        [Curl] Memory leak.
        https://bugs.webkit.org/show_bug.cgi?id=144327

        Reviewed by Brent Fulgham.

        When a data url is loaded, the ResourceHandle is not released.

        * platform/network/curl/ResourceHandleManager.cpp:
        (WebCore::ResourceHandleManager::startJob):

2015-04-28  Andy Estes  <aestes@apple.com>

        Fix the Mavericks Debug build after r183467.

        * platform/network/ResourceRequestBase.h:
        (WebCore::ResourceRequestBase::requester): Removed WEBCORE_EXPORT.
        (WebCore::ResourceRequestBase::setRequester): Ditto.

2015-04-28  Csaba Osztrogonác  <ossy@webkit.org>

        Remove make-file-arrays.py
        https://bugs.webkit.org/show_bug.cgi?id=144324

        Reviewed by Gyuyoung Kim.

        * make-file-arrays.py: Removed.

2015-04-28  Antti Koivisto  <antti@apple.com>

        Build fix.

        * platform/network/ios/ResourceRequestIOS.mm:
        (WebCore::ResourceRequest::ResourceRequest):

2015-04-28  Antti Koivisto  <antti@apple.com>

        Network Cache: Disk cache getting filled by YouTube video data
        https://bugs.webkit.org/show_bug.cgi?id=144259

        Reviewed by Darin Adler.

        MSE media is loaded via XHR and tends to eventually fill the cache.

        YouTube serves the media chunks cacheable, however they are rarely (if ever) reused.
        We can reduce disk writes and keep more useful resources around by not caching them

        Test: http/tests/cache/disk-cache/disk-cache-media.html

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::startLoadingMainResource):

            Set the requester.

        * loader/cache/CachedRawResource.cpp:
        (WebCore::CachedRawResource::CachedRawResource):
        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::streamingMedia):
        * page/DiagnosticLoggingKeys.h:
        * platform/network/ResourceRequestBase.cpp:
        (WebCore::ResourceRequestBase::adopt):
        (WebCore::ResourceRequestBase::copyData):
        (WebCore::equalIgnoringHeaderFields):
        * platform/network/ResourceRequestBase.h:
        (WebCore::ResourceRequestBase::requester):
        (WebCore::ResourceRequestBase::setRequester):

            Add requester type to the request object. Currently this is main resource, xhr or unspecified.

        (WebCore::ResourceRequestBase::encodeWithoutPlatformData):
        (WebCore::ResourceRequestBase::decodeWithoutPlatformData):
        * platform/network/cf/ResourceRequest.h:
        (WebCore::ResourceRequest::deprecatedSetMainResourceRequest): Deleted.
        (WebCore::ResourceRequest::deprecatedIsMainResourceRequest): Deleted.

            Replace this iOS only field with shared mechanism.

        * platform/network/ios/QuickLook.mm:
        (WebCore::QuickLookHandle::create):
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::createRequest):

            Set the requester.

2015-04-28  Namhoon Kim  <nakim@ea.com>

        Fix windows build error in WebCore related to bulk build.
        https://bugs.webkit.org/show_bug.cgi?id=144313

        Reviewed by Csaba Osztrogonác.

        No new tests because there is no behavior change.

        * css/CSSAllInOne.cpp:
        * dom/DOMAllInOne.cpp:

2015-04-27  Simon Fraser  <simon.fraser@apple.com>

        Eliminate styleDidChange with StyleDifferenceEqual when updates are actually necessary
        https://bugs.webkit.org/show_bug.cgi?id=144198

        Followup: fix assertions seen in fullscreen and pseudo-element tests. These code
        paths set the style to the existing pointer, but with a SyntheticStyleChange.
        We have to avoid an early return in this case.

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::setStyle):

2015-04-25  Simon Fraser  <simon.fraser@apple.com>

        Eliminate styleDidChange with StyleDifferenceEqual when updates are actually necessary
        https://bugs.webkit.org/show_bug.cgi?id=144198

        Reviewed by Darin Adler, Antti Koivisto.
        
        SyntheticStyleChange style recalcs are triggered for cases where behavior depends
        on state which is outside of RenderStyle; this includes triggering compositing for
        animations, for video and canvas, and for iframes with composited content.
        
        In these cases, we'd run through RenderElement::setStyle() and its fan-out, but
        with diff == StyleDifferenceEqual, and so be unable to determine if there
        is actual work to be done.
        
        This patch enforces the contract that the diff is never StyleDifferenceEqual if
        compositing or other work has to happen from setStyle(). This is achieved by
        passing in a 'hasSideEffects' flag, which causes the diff to become at least
        StyleDifferenceRecompositeLayer.
        
        RenderLayerCompositor::layerStyleChanged() can now safely early return
        if the diff is equal. Future patches will reduce redundant work even more.

        Test: compositing/animation/no-style-recalc-during-accelerated-animation.html

        * page/animation/AnimationBase.h:
        (WebCore::AnimationBase::animate): Returns a bool now if the state changed.
        (WebCore::AnimationBase::state):
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationController::updateAnimations): bool out param which indicates
        whether any animations changed state.
        * page/animation/AnimationController.h:
        * page/animation/CompositeAnimation.cpp:
        (WebCore::CompositeAnimation::animate): If any transitions or animations changed
        state, set the animationStateChanged out param to true.
        * page/animation/CompositeAnimation.h:
        * page/animation/ImplicitAnimation.cpp:
        (WebCore::ImplicitAnimation::animate): Return true if the state changed.
        * page/animation/ImplicitAnimation.h:
        * page/animation/KeyframeAnimation.cpp:
        (WebCore::KeyframeAnimation::animate): Return true if the state changed.
        * page/animation/KeyframeAnimation.h:
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::adjustStyleDifference): We may enter here now with diff
        != StyleDifferenceEqual, but still need to do the check to see if layers changed.
        (WebCore::RenderElement::initializeStyle): When setting style for the first time,
        don't use StyleDifferenceEqual.
        (WebCore::RenderElement::setStyle): Additional flag to indicate whether this style
        change involves side effects. If the diff is equal but the flag is set, change
        the diff to StyleDifferenceRecompositeLayer (the "lowest" non-zero diff).
        * rendering/RenderElement.h:
        (WebCore::RenderElement::setAnimatableStyle): Pass true to setStyle() if hasSideEffects
        is true, or if animation state changed.
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::styleChanged): Pass the diff down.
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::layerStyleChanged): Return if the diff is equal.
        * rendering/RenderLayerCompositor.h:
        * rendering/style/RenderStyleConstants.h: StyleDifferenceNewStyle is used when
        setting style for the first time.
        * style/StyleResolveTree.cpp:
        (WebCore::Style::createRendererIfNeeded): Provide animationsChanged bool (which is unused).
        (WebCore::Style::resolveLocal): If the style change is synthetic, set the flag that
        says there are side-effects.

2015-04-27  Michael Catanzaro  <mcatanzaro@igalia.com>

        [GTK] Add one single option to control all OpenGL-related options
        https://bugs.webkit.org/show_bug.cgi?id=144105

        Reviewed by Martin Robinson.

        Test WTF_USE_TEXTURE_MAPPER since USE_TEXTURE_MAPPER has been removed.

        * PlatformGTK.cmake:

2015-04-27  Myles C. Maxfield  <mmaxfield@apple.com>

        Consolidate one-line flag-related header files into TextFlags.h
        https://bugs.webkit.org/show_bug.cgi?id=144295

        Reviewed by Tim Horton.

        There were a collection of single-line header files throughout platform/ which contain
        single-line type declaractions of flags related to text layout & rendering. This patch
        consolidates all these single-line headers into TextFlags.h

        No new tests because there is no behavior change.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSFontFace.h:
        * css/CSSPrimitiveValueMappings.h:
        * loader/cache/CachedFont.h:
        * loader/cache/CachedTextTrack.h:
        * page/Settings.h:
        * platform/DragImage.h:
        * platform/graphics/FontDescription.h:
        * platform/graphics/FontOrientation.h: Removed.
        * platform/graphics/FontPlatformData.h:
        * platform/graphics/FontRenderingMode.h: Removed.
        * platform/graphics/FontSmoothingMode.h: Removed.
        * platform/graphics/FontTraitsMask.h: Removed.
        * platform/graphics/FontWidthVariant.h: Removed.
        * platform/graphics/TextRenderingMode.h: Removed.
        * platform/graphics/cairo/FontCustomPlatformData.h:
        * platform/graphics/freetype/FontPlatformData.h:
        * platform/graphics/mac/FontCustomPlatformData.h:
        * platform/graphics/win/FontCustomPlatformData.h:
        * platform/text/NonCJKGlyphOrientation.h: Removed.
        * platform/text/TextFlags.h:
        * rendering/TextPainter.h:
        * style/StyleFontSizeFunctions.h:

2015-04-27  Daniel Bates  <dabates@apple.com>

        Form control may be associated with the wrong HTML Form element after form id change
        https://bugs.webkit.org/show_bug.cgi?id=133456
        <rdar://problem/17095055>

        Reviewed by Andy Estes.

        Fixes an issue where a form control may be associated with the wrong HTML Form element
        after the id of the HTML Form element associated with the form control is changed when
        there is more than one HTML Form element with the same id in the document. Specifically,
        a form control that has an HTML form attribute value X will always be associated with
        some HTML Form element f where f.id = X regardless of whether f.id is subsequently
        changed.

        Tests: fast/forms/change-form-id-to-be-unique-then-submit-form.html
               fast/forms/change-form-id-to-be-unique.html

        * dom/Element.cpp:
        (WebCore::Element::attributeChanged): Notify observers when the id of an element changed.
        (WebCore::Element::updateId): Added parameter NotifyObservers (defaults to NotifyObservers::Yes),
        as to whether we should notify observers of the id change.
        (WebCore::Element::updateIdForTreeScope): Ditto.
        (WebCore::Element::willModifyAttribute): Do not notify observers of the id change immediately. As
        indicated by the name of this method, we plan to modify the DOM attribute id of the element, but
        we have not actually modified it when this method is called. Instead we will notify observers
        in Element::attributeChanged(), which is called after the DOM attribute id is modified.
        (WebCore::Element::cloneAttributesFromElement): Ditto.
        * dom/Element.h: Defined enum class NotifyObservers.
        * dom/TreeScope.cpp:
        (WebCore::TreeScope::addElementById): Added boolean parameter notifyObservers (defaults to true)
        as to whether we should dispatch a notification to all observers.
        (WebCore::TreeScope::removeElementById): Ditto.
        * dom/TreeScope.h:

2015-04-27  Alex Christensen  <achristensen@webkit.org>

        Reduce allocations and memory usage when compiling content extensions.
        https://bugs.webkit.org/show_bug.cgi?id=144277

        Reviewed by Benjamin Poulain.

        Covered by existing tests.

        * contentextensions/Term.h:
        (WebCore::ContentExtensions::Term::CharacterSet::set):
        (WebCore::ContentExtensions::Term::CharacterSet::get):
        (WebCore::ContentExtensions::Term::CharacterSet::invert):
        (WebCore::ContentExtensions::Term::CharacterSet::inverted):
        (WebCore::ContentExtensions::Term::CharacterSet::bitCount):
        (WebCore::ContentExtensions::Term::CharacterSet::operator==):
        (WebCore::ContentExtensions::Term::CharacterSet::hash):
        (WebCore::ContentExtensions::Term::Term):
        (WebCore::ContentExtensions::Term::addCharacter):
        (WebCore::ContentExtensions::Term::isEndOfLineAssertion):
        (WebCore::ContentExtensions::Term::isUniversalTransition):
        (WebCore::ContentExtensions::Term::generateSubgraphForAtom):
        Use two uint64_t's instead of a BitVector with a capacity of 128 bits.

2015-04-27  Michael Catanzaro  <mcatanzaro@igalia.com>

        Rename WTF_USE_3D_GRAPHICS to ENABLE_GRAPHICS_CONTEXT_3D
        https://bugs.webkit.org/show_bug.cgi?id=144193

        Reviewed by Darin Adler.

        * CMakeLists.txt:
        * platform/graphics/ANGLEWebKitBridge.cpp:
        * platform/graphics/FormatConverter.cpp:
        * platform/graphics/FormatConverter.h:
        * platform/graphics/GLContext.h:
        * platform/graphics/GraphicsContext3D.cpp:
        * platform/graphics/GraphicsContext3DPrivate.cpp:
        * platform/graphics/OpenGLShims.cpp:
        * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
        * platform/graphics/cg/GraphicsContext3DCG.cpp:
        * platform/graphics/egl/GLContextEGL.cpp:
        * platform/graphics/egl/GLContextEGL.h:
        * platform/graphics/glx/GLContextGLX.cpp:
        * platform/graphics/glx/GLContextGLX.h:
        * platform/graphics/mac/GraphicsContext3DMac.mm:
        * platform/graphics/opengl/Extensions3DOpenGL.cpp:
        * platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:
        * platform/graphics/opengl/Extensions3DOpenGLES.cpp:
        * platform/graphics/opengl/GLPlatformContext.cpp:
        * platform/graphics/opengl/GLPlatformSurface.cpp:
        * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
        * platform/graphics/opengl/TemporaryOpenGLSetting.cpp:
        * platform/graphics/win/GraphicsContext3DWin.cpp:

2015-04-27  Jer Noble  <jer.noble@apple.com>

        [iOS] Video not centered in element on retina devices
        https://bugs.webkit.org/show_bug.cgi?id=144274

        Reviewed by Simon Fraser.

        In r173702, a transform was added to the video layer (and a matching, inverse transform
        in the UIProcess), but this transform affects the position property of the video layer
        used to position the video content within the element bounds when their aspect ratios
        do not match.

        To work around this problem, pre-apply the transform during -setPosition:.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (-[WebVideoContainerLayer setPosition:]):

2015-04-27  Jer Noble  <jer.noble@apple.com>

        Add a setting & restriction which prevents non-interactivte playback of audible media elements.
        https://bugs.webkit.org/show_bug.cgi?id=143486

        Reviewed by Eric Carlson.

        Tests: media/audio-playback-restriction-autoplay.html
               media/audio-playback-restriction-play.html

        To allow clients who want to allow non-user-interactive video-only playback, but still
        restrict playback of audible media elements, add a new setting and matching restriction
        which disallows playback of media elements containing audible characteristics.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement): Set the RequireUserGestureForAudioRateChange
            restriction if the audioPlaybackRequiresUserGesture() setting is set.
        (WebCore::HTMLMediaElement::parseAttribute): Drive-by fix. Move the opening brace
            out of the #if, as this confuses the heck out of diff and makes all subsequent
            changes appear to be within HTMLMediaElement::parseAttribute.
        (WebCore::HTMLMediaElement::autoplay): Remove the restriction check from within autoplay().
            It is checked again immediately after every autoplay() call site.
        (WebCore::HTMLMediaElement::pauseInternal): Remove the iOS-only #if.
        (WebCore::HTMLMediaElement::mediaPlayerDidAddAudioTrack): Check whether playback
            is permitted, and if not, pause.
        (WebCore::HTMLMediaElement::mediaPlayerCharacteristicChanged): Ditto.
        (WebCore::HTMLMediaElement::removeBehaviorsRestrictionsAfterFirstUserGesture): Ditto.
        * html/HTMLMediaSession.cpp:
        (WebCore::restrictionName): Since BehaviorRestrictions is a bitfield, check each bit
            individually.
        (WebCore::HTMLMediaSession::removeBehaviorRestriction): Handle RequireUserGestureForAudioRateChange.
        (WebCore::HTMLMediaSession::playbackPermitted): Check whether the element has audio and 
            audio playback is restricted, and return false if so.
        * html/HTMLMediaSession.h:
        * page/Settings.cpp:
        * page/Settings.in:
        * testing/Internals.cpp:
        (WebCore::Internals::setMediaSessionRestrictions): Added. 
        (WebCore::Internals::setMediaElementRestrictions): Added.
        * testing/Internals.h:
        * testing/Internals.idl:

2015-04-27  Jer Noble  <jer.noble@apple.com>

        [WebAudio] AudioContext does not remove user-gesture restriction during resume()
        https://bugs.webkit.org/show_bug.cgi?id=144211

        Reviewed by Eric Carlson.

        Tests: webaudio/audiocontext-restriction-audiobuffersourcenode-start.html
               webaudio/audiocontext-restriction.html

        Before the introduction of resume(), suspend(), and stop(), AudioContexts which required
        a user-gesture would start normally, but would effectively mute their outputs. Now that
        the AudioContext's state property is exposed to JavaScript, the AudioContext should stay
        in the "suspended" state until the user-gesture restriction is lifted.

        Add a new method, willBeginPlayback() which checks and potentially clears the context's
        behavior restrictions before checking with the MediaSession. Call this new willBeginPlayback()
        method when the state would transition to "running".

        Because they may be called before any nodes are created, make sure to call lazyInitialize()
        from within the JS-exposed resumePlayback(), suspendPlayback(), and stopPlayback() methods.

        Instead of clearing the behavior restrictions directly, scheduled AudioNodes should instead
        call a new method nodeWillBeginPlayback(). Because existing sites will call AudioNode.start()
        inside a user-gesture handler to clear the user-gesture restriction, call startRendering()
        from nodeWillBeginPlayback(). But because we don't want AudioNode.start() to resume playback
        unconditionally, only do so when the user-gesture restriction is set.

        Now that an AudioContext will not transition to "running" state without a user-gesture (if
        that restriction is set), there's no reason to check for that restriction from inside
        AudioDestinationNode.

        Add some internal methods to set and clear AudioContext BehaviorRestrictions for testing purposes.

        * Modules/webaudio/AudioBufferSourceNode.cpp:
        (WebCore::AudioBufferSourceNode::startPlaying):
        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::nodeWillBeginPlayback):
        (WebCore::AudioContext::willBeginPlayback):
        (WebCore::AudioContext::willPausePlayback):
        (WebCore::AudioContext::startRendering):
        (WebCore::AudioContext::suspendContext):
        (WebCore::AudioContext::resumeContext):
        (WebCore::AudioContext::closeContext):
        (WebCore::AudioContext::suspendPlayback):
        (WebCore::AudioContext::mayResumePlayback):
        * Modules/webaudio/AudioContext.h:
        (WebCore::AudioContext::behaviorRestrictions):
        (WebCore::AudioContext::userGestureRequiredForAudioStart):
        (WebCore::AudioContext::pageConsentRequiredForAudioStart):
        * Modules/webaudio/AudioDestinationNode.cpp:
        (WebCore::AudioDestinationNode::render):
        * Modules/webaudio/AudioScheduledSourceNode.cpp:
        (WebCore::AudioScheduledSourceNode::start):
        * testing/Internals.cpp:
        (WebCore::Internals::setAudioContextRestrictions):
        * testing/Internals.h:
        * testing/Internals.idl:

2015-04-27  Alexey Proskuryakov  <ap@apple.com>

        Build fix.

        * accessibility/mac/AXObjectCacheMac.mm: (WebCore::AXObjectCache::postTextReplacementPlatformNotification):
        Use -setObject:forKey:, not array subscript.

2015-04-27  Eric Carlson  <eric.carlson@apple.com>

        WirelessTargetPicker should not be visible unless a file is playable
        https://bugs.webkit.org/show_bug.cgi?id=144271
        <rdar://problem/20712003>

        Reviewed by Jer Noble.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.isPlayable): New.
        (Controller.prototype.setStatusHidden): Call updateWirelessTargetAvailable.
        (Controller.prototype.updateWirelessTargetAvailable): Don't show the button until the
            status message has been hidden.

2015-04-22  Martin Robinson  <mrobinson@igalia.com>

        [CMake] Autogenerate cmakeconfig.h.cmake
        https://bugs.webkit.org/show_bug.cgi?id=143997

        Reviewed by Csaba Osztrogonác.

        * PlatformGTK.cmake: Use the WTF_USE style variables, because those are the same
        as the ones exposed to the build.

2015-04-27  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Wrong text offsetting when range does not start from the first renderer.
        https://bugs.webkit.org/show_bug.cgi?id=144167
        rdar://problem/20639857

        Reviewed by Simon Fraser.

        This patch ensures that TextIterator returns the right text when the input range starts
        from a sibling node.

        TextIterator::m_previousTextLengthInFlow keeps track of the current node offset from the parent.
        It is required to map simple line layout runs to RenderText positions.
        This patch sets the offset value when the iteration start with a sibling node.

        Test: fast/text/range-text-with-simple-line-layout.html

        * editing/TextIterator.cpp:
        (WebCore::TextIterator::TextIterator):
        (WebCore::TextIterator::handleTextNode):

2015-04-27  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r183393.
        https://bugs.webkit.org/show_bug.cgi?id=144272

        Caused memory corruption detected by GuardMalloc (Requested by
        ap on #webkit).

        Reverted changeset:

        "Synchronous XMLHttpRequest should get access to AppCache
        resources stored as flat files"
        https://bugs.webkit.org/show_bug.cgi?id=143711
        http://trac.webkit.org/changeset/183393

2015-04-27  Per Arne Vollan  <peavo@outlook.com>

        [Curl] Favicons loaded from disc cache are ignored.
        https://bugs.webkit.org/show_bug.cgi?id=143953

        Reviewed by Alex Christensen.

        When a favicon is loaded from the Curl disc cache, the icon data is thrown away.
        This happens because we give a 304 response, which makes the icon loader ignore
        the response. We can solve this by responding with 200 OK.

        * platform/network/ResourceHandleInternal.h:
        (WebCore::ResourceHandleInternal::ResourceHandleInternal):
        * platform/network/curl/CurlCacheManager.cpp:
        (WebCore::CurlCacheManager::didReceiveResponse):
        * platform/network/curl/ResourceHandleManager.cpp:
        (WebCore::headerCallback):
        (WebCore::ResourceHandleManager::initializeHandle):

2015-04-27  Brady Eidson  <beidson@apple.com>

        Make 'enum NavigationType' be an enum class
        https://bugs.webkit.org/show_bug.cgi?id=144270

        Reviewed by Alex Christensen.

        No new tests (No change in behavior).

        I’ll be adding a new NavigationType for bug 144269 so it makes sense to make this
        an enum class first.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::reload):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        * loader/FrameLoaderTypes.h:

        * loader/NavigationAction.cpp:
        (WebCore::navigationType):
        (WebCore::NavigationAction::NavigationAction):

        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):

        * page/PerformanceNavigation.cpp:
        (WebCore::PerformanceNavigation::type):

2015-04-27  Yoav Weiss  <yoav@yoav.ws>

        Fix viewport units in Media Queries
        https://bugs.webkit.org/show_bug.cgi?id=144260

        Reviewed by Darin Adler.

        This patch makes sure that viewport units are considered "length units"
        in the context of Media Queries, by having MediaQueryExp use the unit logic
        that is in CSSPrimitiveValue.
        It does that by turning the relevant methods in CSSPrimitiveValue into static.

        It also makes sure that the logic for "resolution units" is not maintained separately 
        in MediaQueryExp, to avoid similiar issues in the future with resolution units.

        Test: fast/media/mq-viewport-units.html

        * css/CSSPrimitiveValue.h:
        (WebCore::CSSPrimitiveValue::isViewportPercentageLength): Added a static variant.
        (WebCore::CSSPrimitiveValue::isLength): Added a static variant.
        (WebCore::CSSPrimitiveValue::isResolution): Added a static variant.
        * css/MediaQueryExp.cpp:
        (WebCore::featureWithValidPositiveLenghtOrNumber): Call CSSPrimitiveValue's length unit logic.
        (WebCore::featureWithValidDensity): Call CSSPrimitiveValue's resolution unit logic.

2015-04-27  Javier Fernandez  <jfernandez@igalia.com>

        [CSS Grid Layout] Support for the justify-self and justify-items in grid layout
        https://bugs.webkit.org/show_bug.cgi?id=133280

        Reviewed by David Hyatt.

        Implementation of justify-self and justify-items properties for grid. It supports
        different writing-modes and direction. Margins, borders and paddings are also
        considered when computing the final position and stretched size.

        This patch applies also a quite important refactoring of the alignment logic in
        order to share code between the two alignment dimensions, row-axis and column-axis.

        Overflow handling is still missing and will be added later in a follow-up bug.

        Tests: fast/css-grid-layout/grid-align-justify-margin-border-padding-vertical-lr.html
               fast/css-grid-layout/grid-align-justify-margin-border-padding-vertical-rl.html
               fast/css-grid-layout/grid-align-justify-margin-border-padding.html
               fast/css-grid-layout/justify-self-cell.html

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::layoutGridItems):
        (WebCore::RenderGrid::columnAxisPositionForChild):
        (WebCore::RenderGrid::rowAxisPositionForChild):
        (WebCore::RenderGrid::rowPositionForChild):
        (WebCore::RenderGrid::columnPositionForChild):
        (WebCore::RenderGrid::findChildLogicalPosition):
        (WebCore::RenderGrid::allowedToStretchLogicalHeightForChild): Deleted.
        (WebCore::RenderGrid::needToStretchChildLogicalHeight): Deleted.
        (WebCore::RenderGrid::marginLogicalHeightForChild): Deleted.
        (WebCore::RenderGrid::availableAlignmentSpaceForChildBeforeStretching): Deleted.
        (WebCore::RenderGrid::applyStretchAlignmentToChildIfNeeded): Deleted.
        * rendering/RenderGrid.h:
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::resolveJustification):
        * rendering/style/RenderStyle.h:

2015-04-27  Darin Adler  <darin@apple.com>

        Crashes under IDBDatabase::closeConnection
        https://bugs.webkit.org/show_bug.cgi?id=141745

        Reviewed by Alexey Proskuryakov.

        * Modules/indexeddb/IDBDatabase.cpp:
        (WebCore::IDBDatabase::~IDBDatabase): Do the work of close/closeConnection without
        actually calling those functions.
        (WebCore::IDBDatabase::closeConnection): Protect the database so it's not destroyed
        in the middle of this function's execution.

2015-04-27  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] ReadableStream constructor start function should be able to close the stream
        https://bugs.webkit.org/show_bug.cgi?id=143363

        Reviewed by Benjamin Poulain.

        Implements https://streams.spec.whatwg.org/#close-readable-stream.
        When the "close" JS function is called, the stream is getting closed.
        The stream state is changed to close and if it has a reader, the reader gets closed as well:
        The reader resolves the closed promise and releases the stream.

        Enabled the possibility to resolve a promise with any JS value.
        This is used to resolve closed promise with jsUndefined and will be used for read promises in
        the future as well, though of course it is not restricted to Streams.

        Covered by reference tests that are now passing.

        * Modules/streams/ReadableStream.h:
        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::changeStateToClosed): Called by the JS function 'close'.
        * Modules/streams/ReadableStreamReader.cpp:
        (WebCore::ReadableStreamReader::ReadableStreamReader): Initialized stream.
        (WebCore::ReadableStreamReader::initialize): Added to handle state change at constructor time
        in particular closed/errored state.
        (WebCore::ReadableStreamReader::releaseStream): Releases the stream.
        (WebCore::ReadableStreamReader::closed): Stores the promise callbacks and invokes success
        immediately if the stream is already closed.
        (WebCore::ReadableStreamReader::changeStateToClosed): Changes the internal state to closed,
        resolves the promise and releases the stream.
        * Modules/streams/ReadableStreamReader.h:
        (WebCore::ReadableStreamReader::State): Added.
        * bindings/js/JSDOMPromise.h:
        (WebCore::DeferredWrapper::resolve<JSC::JSValue>): Adds the ability to resolve a promise with
        a custom JS value.
        * bindings/js/JSReadableStreamControllerCustom.cpp:
        (WebCore::JSReadableStreamController::close): Not "notImplemented" anymore. Now it closes the
        stream.
        * bindings/js/JSReadableStreamReaderCustom.cpp:
        (WebCore::JSReadableStreamReader::closed): Resolves the promise with undefined.

2015-04-27  Csaba Osztrogonác  <ossy@webkit.org>

        Fix the !ENABLE(CSS_GRID_LAYOUT) build after r183370
        https://bugs.webkit.org/show_bug.cgi?id=144255

        Reviewed by Carlos Garcia Campos.

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::computeLogicalHeight):

2015-04-27  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        Synchronous XMLHttpRequest should get access to AppCache resources stored as flat files
        https://bugs.webkit.org/show_bug.cgi?id=143711

        Reviewed by Darin Adler.

        This patch checks whether a substitute resource data is stored in memory or in file for synchronous loads.
        If data is stored in file, it reads the data through SharedBuffer::createWithContentsOfFile.
        This patch refactors some routines to replace Vector<char> by SharedBuffer to transmit response data.

        Test: http/tests/appcache/simple-video-sync.html

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):
        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::loadRequest):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadResourceSynchronously):
        * loader/FrameLoader.h:
        * loader/appcache/ApplicationCacheHost.cpp:
        (WebCore::ApplicationCacheHost::maybeLoadResource):
        (WebCore::ApplicationCacheHost::createFileURL):
        (WebCore::ApplicationCacheHost::maybeLoadSynchronously):
        (WebCore::ApplicationCacheHost::maybeLoadFallbackSynchronously):
        * loader/appcache/ApplicationCacheHost.h:
        * xml/XSLTProcessorLibxslt.cpp:
        (WebCore::docLoaderFunc):
        * xml/parser/XMLDocumentParserLibxml2.cpp:
        (WebCore::openFunc):

2015-04-24  Philippe Normand  <pnormand@igalia.com>

        [JHBuild] Move to upstream OpenWebRTC
        https://bugs.webkit.org/show_bug.cgi?id=144145

        Reviewed by Carlos Garcia Campos.

        * platform/mediastream/openwebrtc/OpenWebRTCUtilities.cpp:
        (WebCore::initializeOpenWebRTC): Update with new owr_init API.

2015-04-17  Carlos Garcia Campos  <cgarcia@igalia.com>

        [SOUP] Add initial implementation of NetworkProcess disk cache
        https://bugs.webkit.org/show_bug.cgi?id=143872

        Reviewed by Martin Robinson.

        Allow to create a GRefPtr for SoupBuffer. Even though SoupBuffer
        is not a GObject and has copy/free functions instead of ref/unref,
        it's internally refcounted, so we could use copy/free as
        ref/unref.

        * PlatformGTK.cmake:
        * platform/network/soup/GRefPtrSoup.cpp: Added.
        (WTF::refGPtr):
        (WTF::derefGPtr):
        * platform/network/soup/GRefPtrSoup.h: Added.

2015-04-26  Manuel Rego Casasnovas  <rego@igalia.com>

        [CSS Grid Layout] LayoutBox::hasDefiniteLogicalHeight() should consider abspos boxes as definite
        https://bugs.webkit.org/show_bug.cgi?id=144144

        Reviewed by Darin Adler.

        Change order in hasDefiniteLogicalHeight() ifs to consider definite
        absolutely positioned elements.

        Test: fast/css-grid-layout/percent-track-breadths-regarding-container-size.html

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::hasDefiniteLogicalHeight):

2015-04-26  Said Abou-Hallawa  <sabouhallawa@apple.com>

        SVGFilterBuilder should drive the builtin sourceAlpha from the passed sourceGraphic
        https://bugs.webkit.org/show_bug.cgi?id=144137

        Reviewed by Darin Adler.

        The SourceAlpha should be driven from the last applied FilterEffect. This
        will require the SourceAlpha FilterEffect to wrap a FilterEffect rather
        than just getting the SourceGraphic reference from FilterEffectRenderer.

        This is based on the Blink patch:
        https://src.chromium.org/viewvc/blink?revision=194115&view=revision.

        Test: svg/filters/sourceAlpha-input-filter-effect.html
        
        * platform/graphics/filters/SourceAlpha.cpp:
        (WebCore::SourceAlpha::create): Make SourceAlpha wraps a FilterEffect
        rather than a Filter.
        
        (WebCore::SourceAlpha::determineAbsolutePaintRect): Determine the paint
        rect from the wrapped FilterEffect.
        
        (WebCore::SourceAlpha::platformApplySoftware): Extract the alpha channel
        from the wrapped FilterEffect.
        
        (WebCore::SourceAlpha::SourceAlpha): 
        * platform/graphics/filters/SourceAlpha.h:
        (WebCore::SourceAlpha::SourceAlpha): Deleted.
        Reimplement the constructor of the SourceAlpha such that it wraps the
        sourceEffect in its inputEffects.
    
        * rendering/FilterEffectRenderer.cpp:
        (WebCore::FilterEffectRenderer::buildReferenceFilter): Delete the FIXME
        comment and do exactly what it said. This matches the implementation of
        Gecko and Blink.
        
        * rendering/svg/RenderSVGResourceFilter.cpp:
        (WebCore::RenderSVGResourceFilter::buildPrimitives):
        Delete the extra argument.

        * svg/graphics/filters/SVGFilterBuilder.cpp:
        (WebCore::SVGFilterBuilder::SVGFilterBuilder):
        * svg/graphics/filters/SVGFilterBuilder.h: Drive the SourceAlpha from the
        passed source FilterEffect.

        * platform/graphics/filters/FEBlend.cpp:
        * platform/graphics/filters/FEBlend.h:
        * platform/graphics/filters/FEColorMatrix.cpp:
        * platform/graphics/filters/FEColorMatrix.h:
        * platform/graphics/filters/FEComponentTransfer.cpp:
        * platform/graphics/filters/FEComponentTransfer.h:
        * platform/graphics/filters/FEComposite.cpp:
        * platform/graphics/filters/FEComposite.h:
        * platform/graphics/filters/FEConvolveMatrix.cpp:
        * platform/graphics/filters/FEConvolveMatrix.h:
        * platform/graphics/filters/FEDiffuseLighting.cpp:
        * platform/graphics/filters/FEDiffuseLighting.h:
        * platform/graphics/filters/FEDisplacementMap.cpp:
        * platform/graphics/filters/FEDisplacementMap.h:
        * platform/graphics/filters/FEDropShadow.cpp:
        * platform/graphics/filters/FEDropShadow.h:
        * platform/graphics/filters/FEFlood.cpp:
        * platform/graphics/filters/FEFlood.h:
        * platform/graphics/filters/FEGaussianBlur.cpp:
        * platform/graphics/filters/FEGaussianBlur.h:
        * platform/graphics/filters/FELighting.cpp:
        * platform/graphics/filters/FELighting.h:
        * platform/graphics/filters/FEMerge.cpp:
        * platform/graphics/filters/FEMerge.h:
        * platform/graphics/filters/FEMorphology.cpp:
        * platform/graphics/filters/FEMorphology.h:
        * platform/graphics/filters/FEOffset.cpp:
        * platform/graphics/filters/FEOffset.h:
        * platform/graphics/filters/FESpecularLighting.cpp:
        * platform/graphics/filters/FESpecularLighting.h:
        * platform/graphics/filters/FETile.cpp:
        * platform/graphics/filters/FETile.h:
        * platform/graphics/filters/FETurbulence.cpp:
        * platform/graphics/filters/FETurbulence.h:
        * platform/graphics/filters/Filter.h:
        * platform/graphics/filters/FilterEffect.cpp:
        * platform/graphics/filters/FilterEffect.h:
        * platform/graphics/filters/SourceGraphic.cpp:
        * platform/graphics/filters/SourceGraphic.h:
        * rendering/svg/RenderSVGResourceFilter.h:
        * rendering/svg/SVGRenderTreeAsText.cpp:
        Code clean up: Pointer to reference conversion. It starts by converting
        FilterEffect::m_filter from pointer to reference and it kept expanding.
        All the creations of FilterEffect were happening by passing "this" so
        passing "*this" did not require to check whether the pointer is nil.

        * svg/SVGFEBlendElement.cpp:
        * svg/SVGFEBlendElement.h:
        * svg/SVGFEColorMatrixElement.cpp:
        * svg/SVGFEColorMatrixElement.h:
        * svg/SVGFEComponentTransferElement.cpp:
        * svg/SVGFEComponentTransferElement.h:
        * svg/SVGFECompositeElement.cpp:
        * svg/SVGFECompositeElement.h:
        * svg/SVGFEConvolveMatrixElement.cpp:
        * svg/SVGFEConvolveMatrixElement.h:
        * svg/SVGFEDiffuseLightingElement.cpp:
        * svg/SVGFEDiffuseLightingElement.h:
        * svg/SVGFEDisplacementMapElement.cpp:
        * svg/SVGFEDisplacementMapElement.h:
        * svg/SVGFEDropShadowElement.cpp:
        * svg/SVGFEDropShadowElement.h:
        * svg/SVGFEFloodElement.cpp:
        * svg/SVGFEFloodElement.h:
        * svg/SVGFEGaussianBlurElement.cpp:
        * svg/SVGFEGaussianBlurElement.h:
        * svg/SVGFEImageElement.cpp:
        * svg/SVGFEImageElement.h:
        * svg/SVGFEMergeElement.cpp:
        * svg/SVGFEMergeElement.h:
        * svg/SVGFEMorphologyElement.cpp:
        * svg/SVGFEMorphologyElement.h:
        * svg/SVGFEOffsetElement.cpp:
        * svg/SVGFEOffsetElement.h:
        * svg/SVGFESpecularLightingElement.cpp:
        * svg/SVGFESpecularLightingElement.h:
        * svg/SVGFETileElement.cpp:
        * svg/SVGFETileElement.h:
        * svg/SVGFETurbulenceElement.cpp:
        * svg/SVGFETurbulenceElement.h:
        * svg/SVGFilterPrimitiveStandardAttributes.h:
        * svg/graphics/filters/SVGFEImage.cpp:
        * svg/graphics/filters/SVGFEImage.h:
        Code clean up: Pointer to reference and PassRefPtr<> to RefPtr<> or Ref<>
        conversion.

2015-04-26  Darin Adler  <darin@apple.com>

        REGRESSION (r174283): disabled default buttons use impossible-to-read white text on Mac
        https://bugs.webkit.org/show_bug.cgi?id=144237

        Reviewed by Simon Fraser.

        No test because DumpRenderTree and WebKitTestRunner don't have a good method
        for testing behaviors that are specific to active windows. That's the same reason
        that the change that caused this bug didn't come with a regression test.

        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::adjustStyle): Renamed "e" to "element". Added a comment to
        clarify the meaning of the setInsideDefaultButton function, and added an
        isDisabledFormControl check so it won't trigger on a disabled button.
        (WebCore::RenderTheme::systemColor): Moved CSSValueActivebuttontext into
        alphabetical order to match the rest of the switch statement ordering.

        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::systemColor): Moved CSSValueActivebuttontext into
        alphabetical order to match the rest of the switch statement ordering. Also
        fixed its behavior on older versions of OS X; it should just return the same
        thing that CSSValueButtontext would return in that context.

2015-04-26  Yusuke Suzuki  <utatane.tea@gmail.com>

        [ES6] Implement ES6 template literals
        https://bugs.webkit.org/show_bug.cgi?id=142691

        Reviewed by Darin Adler.

        Add ENABLE_ES6_TEMPLATE_LITERAL_SYNTAX compile time flag.

        * Configurations/FeatureDefines.xcconfig:

2015-04-26  Javier Fernandez  <jfernandez@igalia.com>

        [CSS Grid Layout] Support for align-self and align-items in grid layout
        https://bugs.webkit.org/show_bug.cgi?id=133225

        Reviewed by Darin Adler.

        Implementation of align-self and align-items properties for grid. It supports
        different writing-modes and direction. Margins, borders and paddings are also
        considered when computing the final position and stretched size.

        Overflow handling is still missing and will be added when implemented row-axis
        alignment support.

        Test: fast/css-grid-layout/grid-align.html

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::computeLogicalHeight):
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::logicalContentHeightForChild):
        (WebCore::RenderGrid::layoutGridItems):
        (WebCore::computeOverflowAlignmentOffset):
        (WebCore::RenderGrid::endOfRowForChild):
        (WebCore::RenderGrid::startOfRowForChild):
        (WebCore::RenderGrid::centeredRowPositionForChild):
        (WebCore::marginWidthForChild):
        (WebCore::marginHeightForChild):
        (WebCore::RenderGrid::allowedToStretchLogicalHeightForChild):
        (WebCore::RenderGrid::needToStretchChildLogicalHeight):
        (WebCore::RenderGrid::marginLogicalHeightForChild):
        (WebCore::RenderGrid::availableAlignmentSpaceForChildBeforeStretching):
        (WebCore::RenderGrid::applyStretchAlignmentToChildIfNeeded):
        (WebCore::RenderGrid::rowPositionForChild):
        (WebCore::RenderGrid::findChildLogicalPosition):
        (WebCore::RenderGrid::populateGridPositions): Deleted.
        * rendering/RenderGrid.h:

2015-04-26  Doug Russell  <d_russell@apple.com>

        AX: richer text change notifications (142719)
        https://bugs.webkit.org/show_bug.cgi?id=142719

        Reviewed by Darin Adler.

        Richer accessibility value change notifications. Introduce AXTextEditType,
        postTextStateChangeNotification and postTextReplacementNotification to give assistive
        tech apps more reliable context for responding to changes in web content. Also implement
        a mechanism to post value changes in password form fields in coalesced ticks to thwart
        analyzing the cadence of changes.

        Richer accessibility selection change notifications. Introduce AXTextStateChangeIntent,
        and an overload of postTextReplacementNotification to give assistive tech apps more
        reliable context for responding to changes in web content selection. Also block posting
        selection changes on password fields.

        Tests: platform/mac/accessibility/input-replacevalue-userinfo.html
               platform/mac/accessibility/selection-change-userinfo.html
               platform/mac/accessibility/value-change-userinfo.html

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::AXObjectCache):
        (WebCore::AXObjectCache::notificationPostTimerFired):
        (WebCore::AXObjectCache::passwordNotificationPostTimerFired):
        (WebCore::AXObjectCache::showIntent):
        (WebCore::AXObjectCache::setTextSelectionIntent):
        (WebCore::isPasswordFieldOrContainedByPasswordField):
        (WebCore::AXObjectCache::postTextStateChangeNotification):
        (WebCore::AXObjectCache::postTextReplacementNotification):
        (WebCore::AXObjectCache::enqueuePasswordValueChangeNotification):
        (WebCore::AXObjectCache::rootWebArea):
        (WebCore::AXObjectCache::textChangeForEditType):
        (WebCore::AXObjectCache::selectedChildrenChanged): Deleted.
        (WebCore::AXObjectCache::frameLoadingEventNotification): Deleted.
        * accessibility/AXObjectCache.h:
        (WebCore::AXObjectCache::postTextStateChangeNotification):
        (WebCore::AXObjectCache::postTextReplacementNotification):
        (WebCore::AXObjectCache::postTextStateChangePlatformNotification):
        (WebCore::AXObjectCache::postTextReplacementPlatformNotification):
        (WebCore::AXObjectCache::textChangeForEditType):
        (WebCore::AXObjectCache::nodeTextChangePlatformNotification):
        (WebCore::AXObjectCache::computedObjectAttributeCache): Deleted.
        (WebCore::AXObjectCache::getOrCreate): Deleted.
        (WebCore::AXObjectCache::attachWrapper): Deleted.
        * accessibility/AXTextStateChangeIntent.h: Added.
        (WebCore::AXTextStateChangeIntent::AXTextStateChangeIntent):
        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::passwordFieldOrContainingPasswordField):
        * accessibility/AccessibilityNodeObject.h:
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::isContainedByPasswordField):
        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::passwordFieldOrContainingPasswordField):
        (WebCore::AccessibilityObject::isPasswordField): Deleted.
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::setSelectedTextRange):
        (WebCore::AccessibilityRenderObject::setSelectedVisiblePositionRange):
        * accessibility/AccessibilityScrollView.h:
        * accessibility/atk/AXObjectCacheAtk.cpp:
        (WebCore::AXObjectCache::nodeTextChangePlatformNotification):
        * accessibility/ios/AXObjectCacheIOS.mm:
        (WebCore::AXObjectCache::postTextStateChangePlatformNotification):
        (WebCore::AXObjectCache::postTextReplacementPlatformNotification):
        * accessibility/mac/AXObjectCacheMac.mm:
        (WebCore::AXObjectCache::setShouldRepostNotificationsForTests):
        (WebCore::AXPostNotificationWithUserInfo):
        (WebCore::AXObjectCache::postPlatformNotification):
        (WebCore::AXObjectCache::postTextStateChangePlatformNotification):
        (WebCore::textReplacementChangeDictionary):
        (WebCore::AXObjectCache::postTextReplacementPlatformNotification):
        * accessibility/mac/WebAccessibilityObjectWrapperBase.h:
        * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
        (+[WebAccessibilityObjectWrapperBase accessibilitySetShouldRepostNotifications:]):
        (-[WebAccessibilityObjectWrapperBase accessibilityPostedNotification:]):
        (arrayRemovingNonJSONTypes):
        (dictionaryRemovingNonJSONTypes):
        (-[WebAccessibilityObjectWrapperBase accessibilityPostedNotification:userInfo:]):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.h:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (textMarkerRangeFromVisiblePositions):
        (-[WebAccessibilityObjectWrapper textMarkerRangeFromVisiblePositions:endPosition:]):
        * editing/AppendNodeCommand.cpp:
        (WebCore::AppendNodeCommand::AppendNodeCommand):
        (WebCore::sendAXTextChangedIgnoringLineBreaks):
        (WebCore::AppendNodeCommand::doApply):
        (WebCore::AppendNodeCommand::doUnapply):
        * editing/AppendNodeCommand.h:
        (WebCore::AppendNodeCommand::create):
        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::ApplyStyleCommand):
        (WebCore::ApplyStyleCommand::applyBlockStyle): Deleted.
        * editing/ApplyStyleCommand.h:
        * editing/CompositeEditCommand.cpp:
        (WebCore::EditCommandComposition::unapplyEditType):
        (WebCore::CompositeEditCommand::CompositeEditCommand):
        (WebCore::CompositeEditCommand::apply):
        (WebCore::CompositeEditCommand::insertParagraphSeparator):
        (WebCore::CompositeEditCommand::insertNodeBefore):
        (WebCore::CompositeEditCommand::appendNode):
        (WebCore::CompositeEditCommand::removeNodePreservingChildren):
        (WebCore::CompositeEditCommand::insertTextIntoNode):
        (WebCore::CompositeEditCommand::deleteTextFromNode):
        (WebCore::CompositeEditCommand::replaceTextInNode):
        (WebCore::CompositeEditCommand::moveParagraphs):
        (WebCore::EditCommandComposition::getNodesInCommand): Deleted.
        (WebCore::CompositeEditCommand::applyStyle): Deleted.
        (WebCore::CompositeEditCommand::insertLineBreak): Deleted.
        (WebCore::CompositeEditCommand::insertNodeAt): Deleted.
        (WebCore::CompositeEditCommand::removeChildrenInRange): Deleted.
        (WebCore::CompositeEditCommand::inputText): Deleted.
        * editing/CompositeEditCommand.h:
        * editing/DeleteFromTextNodeCommand.cpp:
        (WebCore::DeleteFromTextNodeCommand::DeleteFromTextNodeCommand):
        (WebCore::DeleteFromTextNodeCommand::doApply):
        (WebCore::DeleteFromTextNodeCommand::doUnapply):
        * editing/DeleteFromTextNodeCommand.h:
        (WebCore::DeleteFromTextNodeCommand::create):
        (WebCore::DeleteFromTextNodeCommand::deletedText):
        * editing/DeleteSelectionCommand.cpp:
        (WebCore::DeleteSelectionCommand::DeleteSelectionCommand):
        (WebCore::DeleteSelectionCommand::preservesTypingStyle): Deleted.
        * editing/DeleteSelectionCommand.h:
        (WebCore::DeleteSelectionCommand::create):
        * editing/DictationCommand.cpp:
        (WebCore::DictationCommand::insertTextRunWithoutNewlines):
        (WebCore::DictationCommand::insertParagraphSeparator):
        * editing/EditAction.h:
        * editing/EditCommand.cpp:
        (WebCore::EditCommand::EditCommand):
        (WebCore::EditCommand::editingAction):
        (WebCore::EditCommand::applyEditType):
        (WebCore::EditCommand::unapplyEditType):
        (WebCore::SimpleEditCommand::SimpleEditCommand):
        (WebCore::SimpleEditCommand::notifyAccessibilityForTextChange):
        (WebCore::EditCommand::setParent): Deleted.
        * editing/EditCommand.h:
        * editing/EditingAllInOne.cpp:
        * editing/Editor.cpp:
        (WebCore::Editor::handleTextEvent):
        (WebCore::Editor::deleteSelectionWithSmartDelete):
        (WebCore::Editor::replaceSelectionWithFragment):
        (WebCore::Editor::replaceSelectionWithText):
        (WebCore::Editor::appliedEditing):
        (WebCore::Editor::unappliedEditing):
        (WebCore::Editor::performCutOrCopy):
        (WebCore::Editor::markMisspellingsAfterTypingToWord):
        (WebCore::Editor::changeBackToReplacedString):
        (WebCore::Editor::transpose):
        (WebCore::Editor::changeSelectionAfterCommand):
        * editing/Editor.h:
        * editing/EditorCommand.cpp:
        (WebCore::executeInsertFragment):
        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::moveTo):
        (WebCore::FrameSelection::moveWithoutValidationTo):
        (WebCore::FrameSelection::setSelectionByMouseIfDifferent):
        (WebCore::FrameSelection::setSelectionWithoutUpdatingAppearance):
        (WebCore::FrameSelection::setSelection):
        (WebCore::FrameSelection::updateAndRevealSelection):
        (WebCore::isBoundary):
        (WebCore::FrameSelection::textSelectionIntent):
        (WebCore::FrameSelection::modify):
        (WebCore::FrameSelection::selectAll):
        (WebCore::FrameSelection::wordSelectionContainingCaretSelection):
        (WebCore::FrameSelection::modifyMovingBackward): Deleted.
        (WebCore::FrameSelection::selectFrameElementInParentIfFullySelected): Deleted.
        (WebCore::FrameSelection::selectionAtWordStart): Deleted.
        * editing/FrameSelection.h:
        (WebCore::FrameSelection::notifyAccessibilityForSelectionChange):
        (WebCore::FrameSelection::selection): Deleted.
        * editing/InsertIntoTextNodeCommand.cpp:
        (WebCore::InsertIntoTextNodeCommand::InsertIntoTextNodeCommand):
        (WebCore::InsertIntoTextNodeCommand::doApply):
        (WebCore::InsertIntoTextNodeCommand::doUnapply):
        * editing/InsertIntoTextNodeCommand.h:
        (WebCore::InsertIntoTextNodeCommand::create):
        (WebCore::InsertIntoTextNodeCommand::insertedText):
        * editing/InsertNodeBeforeCommand.cpp:
        (WebCore::InsertNodeBeforeCommand::InsertNodeBeforeCommand):
        (WebCore::InsertNodeBeforeCommand::doApply):
        (WebCore::InsertNodeBeforeCommand::doUnapply):
        * editing/InsertNodeBeforeCommand.h:
        (WebCore::InsertNodeBeforeCommand::create):
        * editing/InsertParagraphSeparatorCommand.cpp:
        (WebCore::InsertParagraphSeparatorCommand::InsertParagraphSeparatorCommand):
        * editing/InsertParagraphSeparatorCommand.h:
        (WebCore::InsertParagraphSeparatorCommand::create):
        * editing/InsertTextCommand.cpp:
        (WebCore::InsertTextCommand::InsertTextCommand):
        * editing/InsertTextCommand.h:
        (WebCore::InsertTextCommand::create):
        (WebCore::InsertTextCommand::createWithMarkerSupplier):
        * editing/MoveSelectionCommand.cpp:
        (WebCore::MoveSelectionCommand::doApply):
        * editing/RemoveNodePreservingChildrenCommand.cpp:
        (WebCore::RemoveNodePreservingChildrenCommand::RemoveNodePreservingChildrenCommand):
        * editing/RemoveNodePreservingChildrenCommand.h:
        (WebCore::RemoveNodePreservingChildrenCommand::create):
        * editing/ReplaceDeleteFromTextNodeCommand.cpp: Copied from Source/WebCore/editing/AppendNodeCommand.h.
        (WebCore::ReplaceDeleteFromTextNodeCommand::ReplaceDeleteFromTextNodeCommand):
        (WebCore::ReplaceDeleteFromTextNodeCommand::notifyAccessibilityForTextChange):
        * editing/ReplaceDeleteFromTextNodeCommand.h: Copied from Source/WebCore/editing/AppendNodeCommand.h.
        * editing/ReplaceInsertIntoTextNodeCommand.cpp: Added.
        (WebCore::ReplaceInsertIntoTextNodeCommand::ReplaceInsertIntoTextNodeCommand):
        (WebCore::ReplaceInsertIntoTextNodeCommand::notifyAccessibilityForTextChange):
        * editing/ReplaceInsertIntoTextNodeCommand.h: Copied from Source/WebCore/editing/RemoveNodePreservingChildrenCommand.h.
        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::ReplaceSelectionCommand::ReplaceSelectionCommand):
        (WebCore::ReplaceSelectionCommand::InsertedNodes::didReplaceNode): Deleted.
        (WebCore::ReplaceSelectionCommand::insertAsListItems): Deleted.
        * editing/ReplaceSelectionCommand.h:
        (WebCore::ReplaceSelectionCommand::create):
        * editing/TypingCommand.cpp:
        (WebCore::TypingCommand::insertTextRunWithoutNewlines):
        (WebCore::TypingCommand::insertParagraphSeparator):
        * editing/atk/FrameSelectionAtk.cpp:
        (WebCore::FrameSelection::notifyAccessibilityForSelectionChange):
        * editing/ios/DictationCommandIOS.cpp:
        (WebCore::DictationCommandIOS::DictationCommandIOS):
        * editing/ios/DictationCommandIOS.h:
        * editing/mac/FrameSelectionMac.mm:
        (WebCore::FrameSelection::notifyAccessibilityForSelectionChange):
        * html/HTMLTextFormControlElement.cpp:
        (WebCore::HTMLTextFormControlElement::setInnerTextValue):
        * page/DragController.cpp:
        (WebCore::DragController::concludeEditDrag):
        * page/EventHandler.cpp:
        (WebCore::setInitialKeyboardSelection):
        * page/FocusController.cpp:
        (WebCore::FocusController::advanceFocusInDocumentOrder):

2015-04-26  Darin Adler  <darin@apple.com>

        REGRESSION (r176751): line-height ignored in <button> elements
        https://bugs.webkit.org/show_bug.cgi?id=144234

        Reviewed by Antti Koivisto.

        Test: fast/forms/button-line-height.html

        The theme code was overriding line heights on all themed form controls.
        Instead it should have only overridden line height when the theme overrides the font.
        For <input type=button> on Mac, the theme always overrides the font, but for
        other elements like <button> it does not.

        * platform/Theme.h: Changed controlFont to return an Optional so we can tell
        when the theme is overriding the font. Otherwise if the font from the user-agent
        style sheet and the font from the theme are the same, we will think we are not
        overriding the font when we actually are.

        * platform/mac/ThemeMac.h: Updated controlFont to return Optional.
        * platform/mac/ThemeMac.mm:
        (WebCore::ThemeMac::controlFont): Ditto.

        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::adjustStyle): Set line height only if the font is
        overriden by the theme, all the time for PushButtonPart on Mac, and not at all
        for other parts. Also tightened up the logic a little since RenderStyle's
        setFontDescription already does an "==" comparison; we don't have to do
        that twice.

2015-04-26  Darin Adler  <darin@apple.com>

        REGRESSION (r173801): Use after free in WebCore::NotificationCenter::~NotificationCenter
        https://bugs.webkit.org/show_bug.cgi?id=137163

        Reviewed by Andy Estes.

        Test: fast/notifications/request-notification-permission-while-reloading.html

        The test doesn't crash under WebKit2, but that's still OK for our purposes.

        * Modules/notifications/NotificationCenter.cpp:
        (WebCore::NotificationCenter::NotificationCenter): Initialize m_timer.
        (WebCore::NotificationCenter::createNotification): Moved here from the header.
        (WebCore::NotificationCenter::requestPermission): Start the timer and ref the notification
        center when we need to defer a callback. Also use a lambda for the callback and changed
        the argument to match what the bindings actually pass. Before we said PassRefPtr, but the
        bindings were not transferring ownership of the VoidCallback. The new type is a little
        strange but it's consistent with how the bindings work right now.
        (WebCore::NotificationCenter::timerFired): Added. Calls all the callbacks, then does a deref
        to match the ref we did above.
        (WebCore::NotificationCenter::requestTimedOut): Deleted.
        (WebCore::NotificationCenter::NotificationRequestCallback::createAndStartTimer): Deleted.
        (WebCore::NotificationCenter::NotificationRequestCallback::NotificationRequestCallback): Deleted.
        (WebCore::NotificationCenter::NotificationRequestCallback::startTimer): Deleted.
        (WebCore::NotificationCenter::NotificationRequestCallback::timerFired): Deleted.

        * Modules/notifications/NotificationCenter.h: Reorganized the header to be a bit more tidy.
        Changed the argument type for requestPermission to match the reality of what's passed by the
        bindings. Removed NotificationRequestCallback and replaced the m_callbacks HashSet with a
        vector of std::function.

2015-04-26  Simon Fraser  <simon.fraser@apple.com>

        Modernize animations code
        https://bugs.webkit.org/show_bug.cgi?id=144196

        Reviewed by Darin Adler.
        
        General cleanup in animation-related code.
        
        Use C++ references where possible. Use modern loops. Make classes fast-allocated.
        Use C++11 member initialization. Order member variables to optimize packing.
        
        This removes some null checks in CompositeAnimation, but the values in m_transitions
        and m_keyframeAnimations can never be null.
        
        No behavior change.

        * page/animation/AnimationBase.cpp:
        (WebCore::AnimationBase::AnimationBase):
        (WebCore::AnimationBase::animationsMatch):
        (WebCore::AnimationBase::updateStateMachine):
        (WebCore::AnimationBase::fireAnimationEventsIfNeeded):
        (WebCore::AnimationBase::beginAnimationUpdateTime):
        (WebCore::AnimationBase::getElapsedTime):
        * page/animation/AnimationBase.h:
        (WebCore::AnimationBase::animation):
        (WebCore::AnimationBase::setAnimation):
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::ensureCompositeAnimation):
        (WebCore::AnimationControllerPrivate::addToAnimationsWaitingForStartTimeResponse):
        * page/animation/CompositeAnimation.cpp:
        (WebCore::CompositeAnimation::CompositeAnimation):
        (WebCore::CompositeAnimation::clearRenderer):
        (WebCore::CompositeAnimation::updateTransitions):
        (WebCore::CompositeAnimation::updateKeyframeAnimations):
        (WebCore::CompositeAnimation::animate):
        (WebCore::CompositeAnimation::getAnimatedStyle):
        (WebCore::CompositeAnimation::timeToNextService):
        (WebCore::CompositeAnimation::getAnimationForProperty):
        (WebCore::CompositeAnimation::computeExtentOfTransformAnimation):
        (WebCore::CompositeAnimation::suspendAnimations):
        (WebCore::CompositeAnimation::resumeAnimations):
        (WebCore::CompositeAnimation::overrideImplicitAnimations):
        (WebCore::CompositeAnimation::resumeOverriddenImplicitAnimations):
        (WebCore::CompositeAnimation::isAnimatingProperty):
        (WebCore::CompositeAnimation::pauseTransitionAtTime):
        (WebCore::CompositeAnimation::numberOfActiveAnimations):
        * page/animation/CompositeAnimation.h:
        (WebCore::CompositeAnimation::create):
        (WebCore::CompositeAnimation::animationController):
        * page/animation/ImplicitAnimation.cpp:
        (WebCore::ImplicitAnimation::ImplicitAnimation):
        (WebCore::ImplicitAnimation::sendTransitionEvent):
        * page/animation/ImplicitAnimation.h:
        (WebCore::ImplicitAnimation::create):
        * page/animation/KeyframeAnimation.cpp:
        (WebCore::KeyframeAnimation::KeyframeAnimation):
        (WebCore::KeyframeAnimation::animate):
        (WebCore::KeyframeAnimation::getAnimatedStyle):
        (WebCore::KeyframeAnimation::computeExtentOfTransformAnimation):
        (WebCore::KeyframeAnimation::startAnimation):
        (WebCore::KeyframeAnimation::sendAnimationEvent):
        (WebCore::KeyframeAnimation::overrideAnimations):
        (WebCore::KeyframeAnimation::resumeOverriddenAnimations):
        (WebCore::KeyframeAnimation::timeToNextService):
        * page/animation/KeyframeAnimation.h:
        * platform/animation/Animation.cpp:
        (WebCore::Animation::animationsMatch):
        * platform/animation/Animation.h:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paint):
        (WebCore::performOverlapTests):
        * rendering/style/KeyframeList.h:
        (WebCore::KeyframeList::properties):
        (WebCore::KeyframeList::keyframes):
        (WebCore::KeyframeList::beginProperties): Deleted.
        (WebCore::KeyframeList::endProperties): Deleted.
        (WebCore::KeyframeList::operator[]): Deleted.
        * rendering/style/RenderStyle.h:

2015-04-25  Simon Fraser  <simon.fraser@apple.com>

        Expand compositing coverage rect when scrolling and animating
        https://bugs.webkit.org/show_bug.cgi?id=144214
        rdar://problem/20695926

        Reviewed by Darin Adler.
        
        r183300 added a secondary rect that gets mapped through graphics layers during
        layer flushing, which represents a rect, in layer coordinates, that represents
        the portion of this layer that's visible in the viewport.
        
        This patch extends that rect based on scrolling and animating, with the extended
        coverage rect being mapped into descendants (where it's used to determine whether
        they should detach their backing store). This required moving the responsibility for
        extending the coverage rect from TileController (where it was used to compute
        tiled extent), to GraphicsLayerCA. Thus, GraphicsLayerCA now owns the concept
        of coverage rect, and pushes it onto TileControllers.

        Test: compositing/tiling/transform-origin-tiled.html

        * platform/graphics/TiledBacking.h: Coverage rect is now pushed onto
        TiledBacking from outside; new functions reflect that.
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::flushCompositingStateForThisLayerOnly): No need to pass
        old visible rect to commitLayerChangesBeforeSublayers.
        (WebCore::accumulatesTransform):
        (WebCore::GraphicsLayerCA::recursiveVisibleRectChangeRequiresFlush): Now calls computeVisibleAndCoverageRect(),
        then adjustCoverageRect() which adjusts for scrolling and animations.
        (WebCore::GraphicsLayerCA::computeVisibleAndCoverageRect): Fetch the coverage rect from the
        TransformState, but we can only use this if mapping it through various transforms didn't clamp
        it (which can happen with severe rotations in perspective).
        (WebCore::GraphicsLayerCA::adjustCoverageRect): If this layer represents the page tiled backing,
        ask the TileController to do coverage adjustment (code which should move into here eventually).
        For other tiled layers, do motion-based adjustment. This should really be done for all layers
        (an animating non-tiled layer may contain a tiled layer).
        (WebCore::GraphicsLayerCA::setVisibleAndCoverageRects): The VisibleRectChanged wasn't needed
        any more; layers only react to changed in coverage rect now.
        (WebCore::GraphicsLayerCA::recursiveCommitChanges): If adjustCoverageRect() changed the
        coverage rect, here we push the new rect back into the TransformState so it will affect
        descendants.
        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
        (WebCore::GraphicsLayerCA::updateCoverage): Coverage and backing store attachment go
        hand-in-hand now.
        (WebCore::GraphicsLayerCA::changeLayerTypeTo):
        (WebCore::GraphicsLayerCA::computeVisibleRect): Deleted.
        (WebCore::GraphicsLayerCA::updateBackingStoreAttachment): Deleted.
        (WebCore::GraphicsLayerCA::updateVisibleRect): Deleted.
        * platform/graphics/ca/GraphicsLayerCA.h:
        * platform/graphics/ca/TileController.cpp:
        (WebCore::TileController::setVisibleRect): Visible rect is only used for scroll performance
        logging now.
        (WebCore::TileController::setCoverageRect):
        (WebCore::TileController::tilesWouldChangeForCoverageRect):
        (WebCore::TileController::revalidateTiles):
        (WebCore::TileController::boundsForSize): This is required because when computeTileCoverageRect()
        is called at the top of committing the owning layer, we haven't yet pushed a new size to the
        underlying platform layer (which TileController::bounds() consults).
        (WebCore::TileController::bounds):
        (WebCore::TileController::computeTileCoverageRect): Have to push the new size in, since the
        underlying layer hasn't been updated yet.
        (WebCore::TileController::didRevalidateTiles):
        (WebCore::TileController::tilesWouldChangeForVisibleRect): Deleted.
        * platform/graphics/ca/TileController.h:
        * platform/graphics/ca/TileCoverageMap.cpp:
        (WebCore::TileCoverageMap::TileCoverageMap): Add a layer to the tile map that shows 
        a dark blue outline for the coverage rect.
        (WebCore::TileCoverageMap::update): Fix some minor issues with map position when top
        content inset is non-zero.
        * platform/graphics/ca/TileCoverageMap.h:
        * platform/graphics/ca/TileGrid.cpp: Everything is in terms of coverage rect now.
        (WebCore::TileGrid::tilesWouldChangeForCoverageRect):
        (WebCore::TileGrid::revalidateTiles):
        (WebCore::TileGrid::tilesWouldChangeForVisibleRect): Deleted.
        * platform/graphics/ca/TileGrid.h:
        * platform/graphics/transforms/TransformState.cpp:
        (WebCore::TransformState::operator=):
        (WebCore::TransformState::mappedQuad): Pass direction into mapQuad().
        (WebCore::TransformState::mappedSecondaryQuad): Ditto.
        (WebCore::TransformState::setLastPlanarSecondaryQuad): This function allows a caller
        to pass in a secondary quad, and get it mapped into the coordinate space of the last
        "flattening" state (since the TransformState may have in-flight XY offset, or transform).
        This mapping is achieved by re-using mapQuad(), but in the inverse direction.
        (WebCore::TransformState::mapQuad): Make direction a parameter.
        (WebCore::TransformState::flattenWithTransform): This code omitted to map the secondary
        quad. Failure was detected by tests.
        * platform/graphics/transforms/TransformState.h:
        (WebCore::TransformState::isMappingSecondaryQuad):
        (WebCore::TransformState::direction):
        (WebCore::TransformState::inverseDirection):
        (WebCore::TransformState::lastPlanarSecondaryQuad): Deleted.

2015-04-25  Dan Bernstein  <mitz@apple.com>

        Updated expected bindings generation test results after r183343.

        * bindings/scripts/test/ObjC/DOMTestActiveDOMObject.h:
        * bindings/scripts/test/ObjC/DOMTestCallback.h:
        * bindings/scripts/test/ObjC/DOMTestCustomNamedGetter.h:
        * bindings/scripts/test/ObjC/DOMTestEventConstructor.h:
        * bindings/scripts/test/ObjC/DOMTestEventTarget.h:
        * bindings/scripts/test/ObjC/DOMTestException.h:
        * bindings/scripts/test/ObjC/DOMTestGenerateIsReachable.h:
        * bindings/scripts/test/ObjC/DOMTestInterface.h:
        * bindings/scripts/test/ObjC/DOMTestMediaQueryListListener.h:
        * bindings/scripts/test/ObjC/DOMTestNamedConstructor.h:
        * bindings/scripts/test/ObjC/DOMTestNode.h:
        * bindings/scripts/test/ObjC/DOMTestNondeterministic.h:
        * bindings/scripts/test/ObjC/DOMTestObj.h:
        * bindings/scripts/test/ObjC/DOMTestOverloadedConstructors.h:
        * bindings/scripts/test/ObjC/DOMTestSerializedScriptValueInterface.h:
        * bindings/scripts/test/ObjC/DOMTestTypedefs.h:
        * bindings/scripts/test/ObjC/DOMattribute.h:
        * bindings/scripts/test/ObjC/DOMreadonly.h:

2015-04-25  Myles C. Maxfield  <mmaxfield@apple.com>

        font-synthesis's initial value is "style weight"
        https://bugs.webkit.org/show_bug.cgi?id=144195

        Reviewed by Darin Adler.

        Updated fast/css3-text/font-synthesis-parse.html.

        * rendering/style/RenderStyle.h:

2015-04-25  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r183305.
        https://bugs.webkit.org/show_bug.cgi?id=144213

        Crashes on wikipedia (Requested by litherum on #webkit).

        Reverted changeset:

        "[Cocoa] FontPlatformData's equality check should always use
        reference URLs"
        https://bugs.webkit.org/show_bug.cgi?id=144168
        http://trac.webkit.org/changeset/183305

2015-04-25  Dan Bernstein  <mitz@apple.com>

        WebCore part of <rdar://problem/20697966> Avoid using TBD as an argument to NS_AVAILABLE
        https://bugs.webkit.org/show_bug.cgi?id=144201

        Reviewed by Darin Adler.

        Instead of TBD, use the high version number to which it corresponds in CFAvailability.h,
        9876.5.

        * bindings/objc/WebKitAvailability.h: Added a definition of __NSi_9876_5, so that we can
        use 9876_5 in availability macros. Removed the definition of
        __AVAILABILITY_INTERNAL__MAC_TBD, which will no longer be used.

        * bindings/scripts/CodeGeneratorObjC.pm:
        (ReadPublicInterfaces): Use 9876_5 instead of TBD.

2015-04-25  Timothy Hatcher  <timothy@apple.com>

        Update localized strings.

        * English.lproj/Localizable.strings: Updated.

2015-04-25  Darin Adler  <darin@apple.com>

        Crash if IDBTransaction is aborted right after it's created
        https://bugs.webkit.org/show_bug.cgi?id=144199

        Reviewed by Simon Fraser.

        Test: storage/indexeddb/transaction-abort.html

        * Modules/indexeddb/IDBTransactionBackend.cpp:
        (WebCore::IDBTransactionBackend::IDBTransactionBackend): Don't start the
        transaction if it is already complete (has been aborted).

2015-04-25  Martin Robinson  <mrobinson@igalia.com>

        Rename ENABLE_3D_RENDERING to ENABLE_3D_TRANSFORMS
        https://bugs.webkit.org/show_bug.cgi?id=144182

        Reviewed by Simon Fraser.

        * Configurations/FeatureDefines.xcconfig: Replace all instances of 3D_RENDERING with 3D_TRANSFORMS.
        * WebCore.vcxproj/WebCoreCommon.props: Replace all instances of 3D_RENDERING with 3D_TRANSFORMS.
        * WebCore.vcxproj/WebCoreTestSupportCommon.props: Replace all instances of 3D_RENDERING with 3D_TRANSFORMS.
        * css/CSSComputedStyleDeclaration.cpp: Replace all instances of 3D_RENDERING with 3D_TRANSFORMS.
        * css/MediaQueryEvaluator.cpp: Replace all instances of 3D_RENDERING with 3D_TRANSFORMS.
        * platform/graphics/GraphicsContext.h: Replace all instances of 3D_RENDERING with 3D_TRANSFORMS.
        * platform/graphics/cairo/GraphicsContextCairo.cpp: Replace all instances of 3D_RENDERING with 3D_TRANSFORMS.
        * platform/graphics/texmap/TextureMapperImageBuffer.cpp: Replace all instances of 3D_RENDERING with 3D_TRANSFORMS.
        * rendering/RenderLayer.cpp: Replace all instances of 3D_RENDERING with 3D_TRANSFORMS.
        * rendering/RenderLayerCompositor.cpp: Replace all instances of 3D_RENDERING with 3D_TRANSFORMS.
        * rendering/RenderObject.cpp: Replace all instances of 3D_RENDERING with 3D_TRANSFORMS.

2015-04-24  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] FontPlatformData's equality check should always use reference URLs
        https://bugs.webkit.org/show_bug.cgi?id=144168

        Reviewed by Tim Horton.

        <rdar://problem/18985642> is not fixed, so we need to continue using the older
        objectForEqualityCheck().

        No new tests because there is no behavior change.

        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::objectForEqualityCheck):

2015-04-24  Myles C. Maxfield  <mmaxfield@apple.com>

        Implement parsing support for font-synthesis CSS property
        https://bugs.webkit.org/show_bug.cgi?id=144180
        <rdar://problem/20692791>
        <rdar://problem/20625024>

        Reviewed by Tim Horton.

        See http://www.w3.org/TR/css-fonts-3/#font-synthesis-prop

        This property allows web authors to opt out of font synthesis. This patch only
        implements parsing support for the property.

        Test: fast/css3-text/font-synthesis-parse.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::fontSynthesisFromStyle): Create a CSSValue for the existing style object.
        (WebCore::ComputedStyleExtractor::propertyValue): Call fontSynthesisFromStyle().
        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue): Call parseFontSynthesis().
        (WebCore::CSSParser::parseFontSynthesis): Accept the grammar
        "none | [ weight || style ]"
        * css/CSSParser.h: Function signature.
        * css/CSSPropertyNames.in: New CSS property name.
        * css/CSSValueKeywords.in: New CSS value names.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyValueFontSynthesis): Construct an internal
        representation of font-synthesis for a given CSSValue.
        * rendering/style/RenderStyle.h: Function signature.
        * rendering/style/RenderStyleConstants.h: Internal representation of
        font-synthesis.
        * rendering/style/StyleRareInheritedData.h: Where we actually store the bits
        related to this internal representation.

2015-04-24  Simon Fraser  <simon.fraser@apple.com>

        Have the web inspector report accurate memory use for layers with detached backing store
        https://bugs.webkit.org/show_bug.cgi?id=144179

        Reviewed by Dean Jackson.

        Only report memory use for layers whose backing store is attached.

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        * platform/graphics/ca/PlatformCALayer.h: Add backingContributesToMemoryEstimate()
        which platforms can override if they allow backing store detaching.

2015-04-24  Simon Fraser  <simon.fraser@apple.com>

        Track a coverage rect through GraphicsLayerCA flushes, use it to mark backing store attached
        https://bugs.webkit.org/show_bug.cgi?id=144165

        Reviewed by Dean Jackson.
        
        Push in the clipRect as the secondary rect when doing a GraphicsLayerCA flush,
        which maps this rect through all the layers. Each layer tests intersection with
        this rect to determine if its backing store should be attached.
        
        This will cause us to drop backing store for layers that don't intersect the
        visible part of the view, which is too aggressive. A future patch will add
        some padding.

        Tests: compositing/visible-rect/coverage-clipped.html
               compositing/visible-rect/coverage-scrolling.html

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::GraphicsLayerCA): Remove initialization of things with
        C++11 initializers. Initialize the new m_intersectsCoverageRect bit.
        (WebCore::GraphicsLayerCA::flushCompositingState): Push the clipRect in as the
        secondary coverage rect. A future patch will inflate this on the way down the tree.
        (WebCore::GraphicsLayerCA::computeVisibleRect): If we're clipping, and
        we have a secondary coverage rect, that rect can be clipped to us too.
        (WebCore::GraphicsLayerCA::setVisibleAndCoverageRects):
        (WebCore::GraphicsLayerCA::recursiveCommitChanges):
        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
        (WebCore::GraphicsLayerCA::updateBackingStoreAttachment):
        (WebCore::GraphicsLayerCA::dumpAdditionalProperties):
        * platform/graphics/ca/GraphicsLayerCA.h: New CoverageRectChanged bit.
        Use more C++11 initializers.
        (WebCore::GraphicsLayerCA::coverageRect):

2015-04-24  Dean Jackson  <dino@apple.com>

        AnimationController::scrollWasUpdated() shows up in scrolling profiles on pages that don't use scroll triggers
        https://bugs.webkit.org/show_bug.cgi?id=144173
        <rdar://problem/20526168>

        Reviewed by Simon Fraser.

        Keep a list of Animations that care about scroll updates, and only
        run the animation update if the list is not empty.

        Covered by existing tests.

        * page/animation/AnimationBase.cpp:
        (WebCore::AnimationBase::updateStateMachine): Tell the AnimationController
        if this is an animation that depends on scrolling.
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::animationWillBeRemoved): Call the
        new removeFromAnimationsDependentOnScroll as this animation is deleted.
        (WebCore::AnimationControllerPrivate::addToAnimationsDependentOnScroll):
        (WebCore::AnimationControllerPrivate::removeFromAnimationsDependentOnScroll):
        (WebCore::AnimationControllerPrivate::scrollWasUpdated): Only update if
        there are animations that care.
        (WebCore::AnimationController::wantsScrollUpdates): Helper to expose this
        value to FrameView.
        * page/animation/AnimationController.h:
        * page/animation/AnimationControllerPrivate.h:
        (WebCore::AnimationControllerPrivate::wantsScrollUpdates):

2015-04-24  Tim Horton  <timothy_horton@apple.com>

        WKPDFView does not support password-protected PDFs
        https://bugs.webkit.org/show_bug.cgi?id=144162
        <rdar://problem/18411512>

        Reviewed by Andy Estes.

        * English.lproj/Localizable.strings:
        Add some localizable strings.

2015-04-24  David Kilzer  <ddkilzer@apple.com>

        Fix iOS EWS builds after updating to iOS 8.3 SDK

        * platform/spi/cocoa/CoreTextSPI.h:
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::updateCachedSystemFontDescription):
        - Update __IPHONE_OS_VERSION_MIN_REQUIRED for these constants.

2015-04-24  Jer Noble  <jer.noble@apple.com>

        Unreviewed iOS build fix; add declarations to AVKitSPI.h

        * platform/spi/cocoa/AVKitSPI.h:

2015-04-24  Enrica Casucci  <enrica@apple.com>

        Make rangeExpandedAroundPositionByCharacters to all platforms.
        https://bugs.webkit.org/show_bug.cgi?id=144161

        Reviewed by Tim Horton.

        No change in functionality, simply making this available
        to all platforms.

        * editing/VisibleUnits.cpp:
        (WebCore::rangeExpandedAroundPositionByCharacters):
        * editing/VisibleUnits.h:
        * editing/mac/DataDetection.mm:
        * editing/mac/DictionaryLookup.h:
        * editing/mac/DictionaryLookup.mm:
        (WebCore::rangeExpandedAroundPositionByCharacters): Deleted.

2015-04-24  Andreas Kling  <akling@apple.com>

        Purge PassRefPtr from NamedNodeMap.
        <https://webkit.org/b/144091>

        Reviewed by Antti Koivisto.

        Use RefPtr instead of PassRefPtr in NamedNodeMap.

        * dom/NamedNodeMap.cpp:
        (WebCore::NamedNodeMap::getNamedItem):
        (WebCore::NamedNodeMap::getNamedItemNS):
        (WebCore::NamedNodeMap::removeNamedItem):
        (WebCore::NamedNodeMap::removeNamedItemNS):
        (WebCore::NamedNodeMap::setNamedItem):
        (WebCore::NamedNodeMap::setNamedItemNS):
        (WebCore::NamedNodeMap::item):
        * dom/NamedNodeMap.h:

2015-04-24  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r183266.
        https://bugs.webkit.org/show_bug.cgi?id=144164

        Broke 32-bit build and a test. (Requested by ap on #webkit).

        Reverted changeset:

        "AX: richer text change notifications (142719)"
        https://bugs.webkit.org/show_bug.cgi?id=142719
        http://trac.webkit.org/changeset/183266

2015-04-24  Brady Eidson  <beidson@apple.com>

        Origin header is preserved on cross-origin redirects.
        https://bugs.webkit.org/show_bug.cgi?id=144157.

        Reviewed by Sam Weinig.

        Tests: http/tests/security/cors-post-redirect-301.html
               http/tests/security/cors-post-redirect-302.html
               http/tests/security/cors-post-redirect-307.html
               http/tests/security/cors-post-redirect-308.html

        * platform/network/cf/ResourceHandleCFNet.cpp:
        (WebCore::ResourceHandle::willSendRequest): Always clear any origin header for cross-origin redirects.
        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::ResourceHandle::willSendRequest): Ditto.

2015-04-24  Brent Fulgham  <bfulgham@apple.com>

        Immediate action not functional for embedded PDFs
        https://bugs.webkit.org/show_bug.cgi?id=143952
        <rdar://problem/19842365>        

        Reviewed by Tim Horton.

        Add a dictionary lookup method to allow us to retrieve
        relevant information for PDFs.

        * editing/mac/DictionaryLookup.mm:
        (WebCore::dictionaryLookupForPDFSelection): Updated to properly handle cases
        where the Lookup engine selects a smaller range than the initial automatic
        selection performed on clicking.

2015-04-24  Simon Fraser  <simon.fraser@apple.com>

        Make it possible to map a secondary quad through TransformState
        https://bugs.webkit.org/show_bug.cgi?id=144156

        Reviewed by Dean Jackson.

        A future patch will need to map two quads simultaneously through TransformState,
        so add the ability to provide an optional secondary quad.
        
        This patch also firms up the setQuad() contract, fixing webkit.org/b/106680,
        requiring the state to be flattened when setting the quad (and now, the secondary quad).
        Previously, setQuad implicitly flattened but failed to update m_mapPoint when
        doing so.

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::computeVisibleRect): Now we have to explicitly flatten
        before setting the quad.
        * platform/graphics/ca/GraphicsLayerCA.h: Drive-up #include removal.
        * platform/graphics/transforms/TransformState.cpp:
        (WebCore::TransformState::operator=): Copy the secondary quad if we have one.
        (WebCore::TransformState::translateMappedCoordinates): Move the secondary quad
        if we have one.
        (WebCore::TransformState::mappedQuad): Code factored into mapQuad().
        (WebCore::TransformState::mappedSecondaryQuad): Return the secondary quad mapped
        into the state's current coordinate space.
        (WebCore::TransformState::mapQuad): Factored code.
        * platform/graphics/transforms/TransformState.h:
        (WebCore::TransformState::setQuad): Make the contract more explicit with assertions.
        (WebCore::TransformState::setSecondaryQuad): Ditto when setting the secondary quad.
        (WebCore::TransformState::lastPlanarSecondaryQuad):
        (WebCore::TransformState::lastPlanarQuad): Deleted.

2015-04-24  Myles C. Maxfield  <mmaxfield@apple.com>

        [iOS] Reimplement r182512 and r183153 in a cleaner way
        https://bugs.webkit.org/show_bug.cgi?id=144151

        Reviewed by Enrica Casucci.

        On iOS, we create FontPlatformData's ctFont() by round tripping it through a CGFontRef.
        This causes the resultant ctFont() to lose system-font-ness. Patches r182512 and r183153
        react to this fact by making users of a FontPlatformData use the original font passed in
        to the FontPlatformData instead of the FontPlatformData's ctFont(), but only if we
        detect that the FontPlatformData represents a system font (the underlying APIs have
        different behavior for system fonts and non-system-fonts).

        However, on OS X, we create a FontPlatformData's ctFont() directly from the original
        font passed in to the constructor. This preserves system-font-ness (because it no
        longer has the CGFontRef in the middle of the transformation). Therefore, OS X has the
        correct behavior regarding system fonts.

        The difference between the two ctFont() creation codepaths seems to be historical
        rather than intentional. Rather than change all the call sites of ctFont() to use a
        different platform font object if a system font is detected, a cleaner solution is to
        simply unify the two ctFont() creation codepaths to the version which preserves system-
        font-ness. Doing this will make all users of FontPlatformData automatically have the
        correct behavior with no updates.

        This patch reverts the relevant parts of r182512 and r183153 in favor of this new
        solution.

        No new tests because there is no behavior change.

        * platform/graphics/FontPlatformData.h:
        (WebCore::FontPlatformData::hashTableDeletedFontValue): Deleted.
        * platform/graphics/cocoa/FontCocoa.mm:
        (WebCore::Font::platformWidthForGlyph):
        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::ctFontSize):
        (WebCore::FontPlatformData::ctFont):
        * platform/graphics/mac/SimpleFontDataCoreText.cpp:
        (WebCore::Font::getCFStringAttributes):

2015-04-24  Myles C. Maxfield  <mmaxfield@apple.com>

        Unreviewed build fix.

        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::FontPlatformData):

2015-04-24  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Start cleaning up FontPlatformData
        https://bugs.webkit.org/show_bug.cgi?id=144133

        Reviewed by Enrica Casucci.

        This is the start of a crusade to ultimately remove one of the CTFontRefs which we have inside
        FontPlatformData. This patch starts this effort out by removing the FontPlatformData
        constructor which accepts an NSFont. This constructor simply casts the NSFont to a CTFontRef,
        and forwards to another constructor. This patch moves this cast to callers of this constructor,
        thereby enumerating the places we have left that use NSFont with FontPlatformData.

        This patch also cleans up two of the constructors in FontPlatformData.cpp to forward on to
        a common constructor.

        This patch also collects places inside FontPlatformDataCocoa.mm where we check if a pointer is
        not 0 and not -1, and puts this common code inside a new function,
        FontPlatformData::isValidCTFontRef().

        No new tests because there is no behavior change.

        * platform/graphics/FontPlatformData.cpp:
        (WebCore::FontPlatformData::FontPlatformData): Coalesce constructors.
        * platform/graphics/FontPlatformData.h:
        (WebCore::FontPlatformData::isValidCTFontRef): Check if a pointer is not 0 and not -1.
        (WebCore::FontPlatformData::hashTableDeletedFontValue): Deleted.
        * platform/graphics/cocoa/FontCocoa.mm:
        (WebCore::Font::platformCreateScaledFont): Receive cast which has been hoisted from the deleted
        FontPlatformData constructor.
        (WebCore::Font::compositeFontReferenceFont): Ditto.
        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::~FontPlatformData): Use isValidCTFontRef().
        (WebCore::FontPlatformData::platformDataInit): Ditto.
        (WebCore::FontPlatformData::platformDataAssign): Ditto.
        (WebCore::FontPlatformData::platformIsEqual): Simplify preprocessor macros.
        (WebCore::FontPlatformData::allowsLigatures): Remove unnecessary NSFont use.
        (WebCore::FontPlatformData::FontPlatformData): Deleted.
        * platform/graphics/mac/ComplexTextControllerCoreText.mm:
        (WebCore::ComplexTextController::collectComplexTextRunsForCharacters): Remove unnecessary
        NSFont use.
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::FontCache::systemFallbackForCharacters): Receive cast which has been hoisted from the
        deleted FontPlatformData constructor.
        (WebCore::FontCache::createFontPlatformData): Ditto.
        * platform/mac/DragImageMac.mm:
        (WebCore::fontFromNSFont): Ditto.
        (WebCore::widthWithFont): Ditto.
        (WebCore::drawAtPoint): Ditto.

2015-04-24  Doug Russell  <d_russell@apple.com>

        AX: richer text change notifications (142719)
        https://bugs.webkit.org/show_bug.cgi?id=142719

        Reviewed by Darin Adler.

        Richer accessibility value change notifications. Introduce AXTextEditType, postTextStateChangeNotification and postTextReplacementNotification to give assistive tech apps more reliable context for responding to changes in web content. Also implement a mechanism to post value changes in password form fields in coalesced ticks to thwart analyzing the cadence of changes.

        Richer accessibility selection change notifications. Introduce AXTextStateChangeIntent, and an overload of postTextReplacementNotification to give assistive tech apps more reliable context for responding to changes in web content selection. Also block posting selection changes on password fields.

        Tests: platform/mac/accessibility/input-replacevalue-userinfo.html
               platform/mac/accessibility/selection-change-userinfo.html
               platform/mac/accessibility/value-change-userinfo.html

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::AXObjectCache):
        (WebCore::AXObjectCache::notificationPostTimerFired):
        (WebCore::AXObjectCache::passwordNotificationPostTimerFired):
        (WebCore::AXObjectCache::showIntent):
        (WebCore::AXObjectCache::setTextSelectionIntent):
        (WebCore::isPasswordFieldOrContainedByPasswordField):
        (WebCore::AXObjectCache::postTextStateChangeNotification):
        (WebCore::AXObjectCache::postTextReplacementNotification):
        (WebCore::AXObjectCache::enqueuePasswordValueChangeNotification):
        (WebCore::AXObjectCache::rootWebArea):
        (WebCore::AXObjectCache::selectedChildrenChanged): Deleted.
        * accessibility/AXObjectCache.h:
        (WebCore::AXObjectCache::postTextStateChangeNotification):
        (WebCore::AXObjectCache::postTextReplacementNotification):
        (WebCore::AXObjectCache::postTextStateChangePlatformNotification):
        (WebCore::AXObjectCache::postTextReplacementPlatformNotification):
        (WebCore::AXObjectCache::textChangeForEditType):
        (WebCore::AXObjectCache::nodeTextChangePlatformNotification):
        (WebCore::AXObjectCache::computedObjectAttributeCache): Deleted.
        (WebCore::AXObjectCache::getOrCreate): Deleted.
        (WebCore::AXObjectCache::attachWrapper): Deleted.
        * accessibility/AXTextStateChangeIntent.h: Added.
        (WebCore::AXTextStateChangeIntent::AXTextStateChangeIntent):
        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::passwordFieldOrContainingPasswordField):
        * accessibility/AccessibilityNodeObject.h:
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::isContainedByPasswordField):
        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::passwordFieldOrContainingPasswordField):
        (WebCore::AccessibilityObject::isPasswordField): Deleted.
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::setSelectedTextRange):
        (WebCore::AccessibilityRenderObject::setSelectedVisiblePositionRange):
        * accessibility/AccessibilityScrollView.h:
        * accessibility/atk/AXObjectCacheAtk.cpp:
        (WebCore::AXObjectCache::textChangeForEditType):
        (WebCore::AXObjectCache::nodeTextChangePlatformNotification):
        (WebCore::AXObjectCache::postPlatformNotification): Deleted.
        * accessibility/ios/AXObjectCacheIOS.mm:
        (WebCore::AXObjectCache::postTextStateChangePlatformNotification):
        (WebCore::AXObjectCache::postTextReplacementPlatformNotification):
        * accessibility/mac/AXObjectCacheMac.mm:
        (WebCore::AXObjectCache::setShouldRepostNotificationsForTests):
        (WebCore::AXPostNotificationWithUserInfo):
        (WebCore::AXObjectCache::postPlatformNotification):
        (WebCore::AXObjectCache::postTextStateChangePlatformNotification):
        (WebCore::textReplacementChangeDictionary):
        (WebCore::AXObjectCache::postTextReplacementPlatformNotification):
        * accessibility/mac/WebAccessibilityObjectWrapperBase.h:
        * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
        (+[WebAccessibilityObjectWrapperBase accessibilitySetShouldRepostNotifications:]):
        (-[WebAccessibilityObjectWrapperBase accessibilityPostedNotification:]):
        (arrayRemovingNonJSONTypes):
        (dictionaryRemovingNonJSONTypes):
        (-[WebAccessibilityObjectWrapperBase accessibilityPostedNotification:userInfo:]):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.h:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (textMarkerRangeFromVisiblePositions):
        (-[WebAccessibilityObjectWrapper textMarkerRangeFromVisiblePositions:endPosition:]):
        * editing/AppendNodeCommand.cpp:
        (WebCore::AppendNodeCommand::AppendNodeCommand):
        (WebCore::sendAXTextChangedIgnoringLineBreaks):
        (WebCore::AppendNodeCommand::doApply):
        (WebCore::AppendNodeCommand::doUnapply):
        * editing/AppendNodeCommand.h:
        (WebCore::AppendNodeCommand::create):
        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::ApplyStyleCommand):
        (WebCore::ApplyStyleCommand::applyBlockStyle): Deleted.
        * editing/ApplyStyleCommand.h:
        * editing/CompositeEditCommand.cpp:
        (WebCore::EditCommandComposition::unapplyEditType):
        (WebCore::CompositeEditCommand::CompositeEditCommand):
        (WebCore::CompositeEditCommand::apply):
        (WebCore::CompositeEditCommand::insertParagraphSeparator):
        (WebCore::CompositeEditCommand::insertNodeBefore):
        (WebCore::CompositeEditCommand::appendNode):
        (WebCore::CompositeEditCommand::removeNodePreservingChildren):
        (WebCore::CompositeEditCommand::insertTextIntoNode):
        (WebCore::CompositeEditCommand::deleteTextFromNode):
        (WebCore::CompositeEditCommand::replaceTextInNode):
        (WebCore::CompositeEditCommand::moveParagraphs):
        (WebCore::EditCommandComposition::getNodesInCommand): Deleted.
        (WebCore::CompositeEditCommand::applyStyle): Deleted.
        (WebCore::CompositeEditCommand::insertLineBreak): Deleted.
        (WebCore::CompositeEditCommand::insertNodeAt): Deleted.
        (WebCore::CompositeEditCommand::removeChildrenInRange): Deleted.
        (WebCore::CompositeEditCommand::inputText): Deleted.
        * editing/CompositeEditCommand.h:
        * editing/DeleteFromTextNodeCommand.cpp:
        (WebCore::DeleteFromTextNodeCommand::DeleteFromTextNodeCommand):
        (WebCore::DeleteFromTextNodeCommand::doApply):
        (WebCore::DeleteFromTextNodeCommand::doUnapply):
        * editing/DeleteFromTextNodeCommand.h:
        (WebCore::DeleteFromTextNodeCommand::create):
        (WebCore::DeleteFromTextNodeCommand::deletedText):
        * editing/DeleteSelectionCommand.cpp:
        (WebCore::DeleteSelectionCommand::DeleteSelectionCommand):
        (WebCore::DeleteSelectionCommand::preservesTypingStyle): Deleted.
        * editing/DeleteSelectionCommand.h:
        (WebCore::DeleteSelectionCommand::create):
        * editing/DictationCommand.cpp:
        (WebCore::DictationCommand::insertTextRunWithoutNewlines):
        (WebCore::DictationCommand::insertParagraphSeparator):
        * editing/EditAction.h:
        * editing/EditCommand.cpp:
        (WebCore::EditCommand::EditCommand):
        (WebCore::EditCommand::editingAction):
        (WebCore::EditCommand::applyEditType):
        (WebCore::EditCommand::unapplyEditType):
        (WebCore::SimpleEditCommand::SimpleEditCommand):
        (WebCore::SimpleEditCommand::notifyAccessibilityForTextChange):
        (WebCore::EditCommand::setParent): Deleted.
        * editing/EditCommand.h:
        * editing/EditingAllInOne.cpp:
        * editing/Editor.cpp:
        (WebCore::Editor::handleTextEvent):
        (WebCore::Editor::deleteSelectionWithSmartDelete):
        (WebCore::Editor::replaceSelectionWithFragment):
        (WebCore::Editor::replaceSelectionWithText):
        (WebCore::Editor::appliedEditing):
        (WebCore::Editor::unappliedEditing):
        (WebCore::Editor::performCutOrCopy):
        (WebCore::Editor::markMisspellingsAfterTypingToWord):
        (WebCore::Editor::changeBackToReplacedString):
        (WebCore::Editor::transpose):
        (WebCore::Editor::changeSelectionAfterCommand):
        * editing/Editor.h:
        * editing/EditorCommand.cpp:
        (WebCore::executeInsertFragment):
        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::moveTo):
        (WebCore::FrameSelection::moveWithoutValidationTo):
        (WebCore::FrameSelection::setSelectionByMouseIfDifferent):
        (WebCore::FrameSelection::setSelectionWithoutUpdatingAppearance):
        (WebCore::FrameSelection::setSelection):
        (WebCore::FrameSelection::updateAndRevealSelection):
        (WebCore::isBoundary):
        (WebCore::FrameSelection::textSelectionIntent):
        (WebCore::FrameSelection::modify):
        (WebCore::FrameSelection::selectAll):
        (WebCore::FrameSelection::wordSelectionContainingCaretSelection):
        (WebCore::FrameSelection::modifyMovingBackward): Deleted.
        (WebCore::FrameSelection::selectFrameElementInParentIfFullySelected): Deleted.
        (WebCore::FrameSelection::selectionAtWordStart): Deleted.
        * editing/FrameSelection.h:
        (WebCore::FrameSelection::notifyAccessibilityForSelectionChange):
        (WebCore::FrameSelection::selection): Deleted.
        * editing/InsertIntoTextNodeCommand.cpp:
        (WebCore::InsertIntoTextNodeCommand::InsertIntoTextNodeCommand):
        (WebCore::InsertIntoTextNodeCommand::doApply):
        (WebCore::InsertIntoTextNodeCommand::doUnapply):
        * editing/InsertIntoTextNodeCommand.h:
        (WebCore::InsertIntoTextNodeCommand::create):
        (WebCore::InsertIntoTextNodeCommand::insertedText):
        * editing/InsertNodeBeforeCommand.cpp:
        (WebCore::InsertNodeBeforeCommand::InsertNodeBeforeCommand):
        (WebCore::InsertNodeBeforeCommand::doApply):
        (WebCore::InsertNodeBeforeCommand::doUnapply):
        * editing/InsertNodeBeforeCommand.h:
        (WebCore::InsertNodeBeforeCommand::create):
        * editing/InsertParagraphSeparatorCommand.cpp:
        (WebCore::InsertParagraphSeparatorCommand::InsertParagraphSeparatorCommand):
        * editing/InsertParagraphSeparatorCommand.h:
        (WebCore::InsertParagraphSeparatorCommand::create):
        * editing/InsertTextCommand.cpp:
        (WebCore::InsertTextCommand::InsertTextCommand):
        * editing/InsertTextCommand.h:
        (WebCore::InsertTextCommand::create):
        (WebCore::InsertTextCommand::createWithMarkerSupplier):
        * editing/MoveSelectionCommand.cpp:
        (WebCore::MoveSelectionCommand::doApply):
        * editing/RemoveNodePreservingChildrenCommand.cpp:
        (WebCore::RemoveNodePreservingChildrenCommand::RemoveNodePreservingChildrenCommand):
        * editing/RemoveNodePreservingChildrenCommand.h:
        (WebCore::RemoveNodePreservingChildrenCommand::create):
        * editing/ReplaceDeleteFromTextNodeCommand.cpp: Copied from Source/WebCore/editing/AppendNodeCommand.h.
        (WebCore::ReplaceDeleteFromTextNodeCommand::ReplaceDeleteFromTextNodeCommand):
        (WebCore::ReplaceDeleteFromTextNodeCommand::notifyAccessibilityForTextChange):
        * editing/ReplaceDeleteFromTextNodeCommand.h: Copied from Source/WebCore/editing/AppendNodeCommand.h.
        * editing/ReplaceInsertIntoTextNodeCommand.cpp: Added.
        (WebCore::ReplaceInsertIntoTextNodeCommand::ReplaceInsertIntoTextNodeCommand):
        (WebCore::ReplaceInsertIntoTextNodeCommand::notifyAccessibilityForTextChange):
        * editing/ReplaceInsertIntoTextNodeCommand.h: Copied from Source/WebCore/editing/RemoveNodePreservingChildrenCommand.h.
        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::ReplaceSelectionCommand::ReplaceSelectionCommand):
        (WebCore::ReplaceSelectionCommand::InsertedNodes::didReplaceNode): Deleted.
        (WebCore::ReplaceSelectionCommand::insertAsListItems): Deleted.
        * editing/ReplaceSelectionCommand.h:
        (WebCore::ReplaceSelectionCommand::create):
        * editing/TypingCommand.cpp:
        (WebCore::TypingCommand::insertTextRunWithoutNewlines):
        (WebCore::TypingCommand::insertParagraphSeparator):
        * editing/atk/FrameSelectionAtk.cpp:
        (WebCore::FrameSelection::notifyAccessibilityForSelectionChange):
        * editing/ios/DictationCommandIOS.cpp:
        (WebCore::DictationCommandIOS::DictationCommandIOS):
        * editing/ios/DictationCommandIOS.h:
        * editing/mac/FrameSelectionMac.mm:
        (WebCore::FrameSelection::notifyAccessibilityForSelectionChange):
        * html/HTMLTextFormControlElement.cpp:
        (WebCore::HTMLTextFormControlElement::setInnerTextValue):
        * page/DragController.cpp:
        (WebCore::DragController::concludeEditDrag):
        * page/EventHandler.cpp:
        (WebCore::setInitialKeyboardSelection):
        * page/FocusController.cpp:
        (WebCore::FocusController::advanceFocusInDocumentOrder):

2015-04-24  Darin Adler  <darin@apple.com>

        Convert OwnPtr and PassOwnPtr uses to std::unique_ptr
        https://bugs.webkit.org/show_bug.cgi?id=128007

        Reviewed by Anders Carlsson.

        * PlatformEfl.cmake: Removed OwnPtrCairo source files.
        * PlatformGTK.cmake: Ditto.
        * PlatformWinCairo.cmake: Ditto.
        * WebCore.vcxproj/WebCore.vcxproj: Ditto.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.

        * platform/CrossThreadCopier.cpp: Removed OwnPtr specialization.
        * platform/CrossThreadCopier.h: Ditto.

        * platform/ScrollAnimatorNone.cpp: Removed unneeded include.
        * platform/ThreadGlobalData.cpp: Ditto.
        * platform/ThreadGlobalData.h: Ditto.
        * platform/graphics/avfoundation/cf/CDMSessionAVFoundationCF.h: Ditto.

        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        (WebCore::AVFWrapper::processNotification): Use unique_ptr.
        (WebCore::AVFWrapper::notificationCallback): Use make_unique.
        (WebCore::AVFWrapper::platformLayer): Ditto.

        * platform/graphics/cairo/CairoUtilities.cpp:
        (WebCore::appendPathToCairoContext): Use cairo_path_destroy directly
        instead of a smart pointer; the code path is simple enough that it is
        clear this way.

        * platform/graphics/cairo/ImageBufferCairo.cpp:
        (WebCore::ImageBuffer::ImageBuffer): Use make_unique.
        * platform/graphics/cairo/ImageBufferDataCairo.h: Use unique_ptr.

        * platform/graphics/cairo/OwnPtrCairo.cpp: Removed.
        * platform/graphics/cairo/OwnPtrCairo.h: Removed.

        * platform/graphics/cairo/PathCairo.cpp:
        (WebCore::Path::Path): Use cairo_path_destroy directly instead of a
        smart pointer; the code path is simple enough that it is clear this way.
        (WebCore::Path::operator=): Ditto.
        (WebCore::Path::addPath): Ditto.
        (WebCore::Path::apply): Ditto.
        * platform/graphics/cairo/PlatformContextCairo.cpp:
        (WebCore::PlatformContextCairo::clipForPatternFilling): Ditto.

        * platform/graphics/freetype/FontCacheFreeType.cpp: Removed unneeded include.
        * platform/graphics/glx/GLContextGLX.cpp: Ditto.

        * platform/graphics/surfaces/egl/EGLSurface.cpp:
        (WebCore::EGLOffScreenSurface::EGLOffScreenSurface): Use make_unique.

        * platform/graphics/surfaces/glx/GLXConfigSelector.h:
        (WebCore::GLXConfigSelector::findMatchingConfig): Use unique_ptr with X11Deleter.
        (WebCore::GLXConfigSelector::findMatchingConfigWithVisualId): Ditto.
        * platform/graphics/surfaces/glx/GLXSurface.cpp:
        (WebCore::GLXTransportSurface::GLXTransportSurface): Ditto.
        (WebCore::GLXOffScreenSurface::initialize): Ditto.

        * platform/graphics/surfaces/glx/OwnPtrX11.h: Removed.

        * platform/graphics/surfaces/glx/X11Helper.cpp:
        (WebCore::X11Helper::createOffScreenWindow): Use unique_ptr with X11Deleter.
        (WebCore::X11Helper::createPixmap): Ditto.

        * platform/graphics/surfaces/glx/X11Helper.h: Added X11Deleter,
        which can be used with unique_ptr to make it call XFree instead of delete.

        * platform/graphics/win/FullScreenController.cpp: Use unique_ptr.
        (FullScreenController::FullScreenController): Use make_unique.
        (FullScreenController::enterFullScreen): Ditto.
        * platform/graphics/win/FullScreenController.h: Use unique_ptr.

        * platform/graphics/win/GraphicsContext3DWin.cpp: Removed unneeded includes.

        * platform/graphics/win/WKCAImageQueue.cpp:
        (WebCore::WKCAImageQueue::WKCAImageQueue): Use make_unique.
        * platform/graphics/win/WKCAImageQueue.h: Use unique_ptr.

        * platform/network/NetworkStorageSessionStub.cpp: Removed unneeded include.

        * platform/network/ResourceHandleInternal.h: Use unique_ptr.

        * platform/network/curl/MultipartHandle.cpp:
        (WebCore::MultipartHandle::create): Deleted.
        * platform/network/curl/MultipartHandle.h: Deleted the create function.

        * platform/network/curl/ResourceHandleManager.cpp:
        (WebCore::headerCallback): Use make_unique.

2015-04-24  Per Arne Vollan  <peavo@outlook.com>

        [Win] Popup menu is not accessible.
        https://bugs.webkit.org/show_bug.cgi?id=141704

        Reviewed by Brent Fulgham.

        Get accessibility information for items in popup menus.

        * platform/win/PopupMenuWin.cpp:
        (WebCore::PopupMenuWin::onGetObject):
        (WebCore::PopupMenuWin::wndProc):
        (WebCore::AccessiblePopupMenu::AccessiblePopupMenu):
        (WebCore::AccessiblePopupMenu::~AccessiblePopupMenu):
        (WebCore::AccessiblePopupMenu::QueryInterface):
        (WebCore::AccessiblePopupMenu::AddRef):
        (WebCore::AccessiblePopupMenu::Release):
        (WebCore::AccessiblePopupMenu::GetTypeInfoCount):
        (WebCore::AccessiblePopupMenu::GetTypeInfo):
        (WebCore::AccessiblePopupMenu::GetIDsOfNames):
        (WebCore::AccessiblePopupMenu::Invoke):
        (WebCore::AccessiblePopupMenu::get_accParent):
        (WebCore::AccessiblePopupMenu::get_accChildCount):
        (WebCore::AccessiblePopupMenu::get_accChild):
        (WebCore::AccessiblePopupMenu::get_accName):
        (WebCore::AccessiblePopupMenu::get_accValue):
        (WebCore::AccessiblePopupMenu::get_accDescription):
        (WebCore::AccessiblePopupMenu::get_accRole):
        (WebCore::AccessiblePopupMenu::get_accState):
        (WebCore::AccessiblePopupMenu::get_accHelp):
        (WebCore::AccessiblePopupMenu::get_accKeyboardShortcut):
        (WebCore::AccessiblePopupMenu::get_accFocus):
        (WebCore::AccessiblePopupMenu::get_accSelection):
        (WebCore::AccessiblePopupMenu::get_accDefaultAction):
        (WebCore::AccessiblePopupMenu::accSelect):
        (WebCore::AccessiblePopupMenu::accLocation):
        (WebCore::AccessiblePopupMenu::accNavigate):
        (WebCore::AccessiblePopupMenu::accHitTest):
        (WebCore::AccessiblePopupMenu::accDoDefaultAction):
        (WebCore::AccessiblePopupMenu::put_accName):
        (WebCore::AccessiblePopupMenu::put_accValue):
        (WebCore::AccessiblePopupMenu::get_accHelpTopic):
        * platform/win/PopupMenuWin.h:
        * platform/win/ScrollbarThemeWin.h:
        (WebCore::ScrollbarThemeWin::hasButtons): Deleted.

2015-04-23  Antti Koivisto  <antti@apple.com>

        Memory cache live resources repeatedly purged during painting
        https://bugs.webkit.org/show_bug.cgi?id=144104
        <rdar://problem/20667695>

        Reviewed by Chris Dumez.

        On some PLT pages (like nytimes.com) we get into state where painting repeatedly purges live bitmaps.
        This slows down page loads significantly.

        This might have regressed because improvements in page caching keep more pages and so resources 'live'.

        With this path we do all regular cache pruning asynchronously. If memory is really critical
        the low memory handling code will still prune synchronously.

        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::removeClient):
        (WebCore::CachedResource::didAccessDecodedData):

            prune() -> pruneSoon()

        * loader/cache/MemoryCache.cpp:

            Decrease the pruning size target from 0.95 to 0.8 so we don't need to prune so often.

        (WebCore::MemoryCache::needsPruning):

            Factor into a function.

        (WebCore::MemoryCache::prune):
        (WebCore::MemoryCache::pruneSoon):

            Prune asynchronously.

        * loader/cache/MemoryCache.h:

2015-04-24  Antti Koivisto  <antti@apple.com>

        Unreviewed, rolling out r183259.

        Wrong ChangeLog.

        Reverted changeset:

        "Memory cache live resources repeatedly purged during
        painting"
        https://bugs.webkit.org/show_bug.cgi?id=144104
        http://trac.webkit.org/changeset/183259

2015-04-24  Antti Koivisto  <antti@apple.com>

        CrashTracer: WebProcess at com.apple.WebCore: WebCore::toScriptElementIfPossible + 4
        https://bugs.webkit.org/show_bug.cgi?id=144050

        Reviewed by Chris Dumez.

        We are seeing null Element pointer crashes with this stack:

        47 com.apple.WebCore:  WebCore::toScriptElementIfPossible + 4 <==
        47 com.apple.WebCore:  WebCore::ScriptRunner::timerFired + 452
        47 com.apple.WebCore:  WebCore::ThreadTimers::sharedTimerFiredInternal + 175

        The most likely cause seems to be that this code

            ASSERT(m_pendingAsyncScripts.contains(scriptElement));
            m_scriptsToExecuteSoon.append(m_pendingAsyncScripts.take(scriptElement));

        in ScriptRunner::notifyScriptReady fails to find scriptElement and we are left with null entry in
        m_scriptsToExecuteSoon. However I haven't managed to repro this or find the exact path how this
        could happen. The related code is fragile with lot of state (especially in ScriptElement class)
        and involves many opportunities for re-entry via scripts.

        No repro, no test case.

        * dom/ScriptRunner.cpp:
        (WebCore::ScriptRunner::timerFired):

            Paper this over by adding a null check. We could check m_pendingAsyncScripts.take() above
            but this also covers possibility this is caused by something else.

2015-04-24  Carlos Garcia Campos  <cgarcia@igalia.com>

        [SOUP] Use a webkit subdirectory for the disk cache
        https://bugs.webkit.org/show_bug.cgi?id=144048

        Reviewed by Martin Robinson.

        Add a static method to SoupNetworkSession to clear a soup cache
        given its directory.

        * platform/network/soup/SoupNetworkSession.cpp:
        (WebCore::strIsNumeric):
        (WebCore::SoupNetworkSession::clearCache):
        * platform/network/soup/SoupNetworkSession.h:

2015-04-23  Andy Estes  <aestes@apple.com>

        Fix the iOS build after r183234.

        * platform/ios/LegacyTileCache.mm:
        (WebCore::LegacyTileCache::commitScaleChange):

2015-04-23  Simon Fraser  <simon.fraser@apple.com>

        Fix Windows build.

        * platform/graphics/ca/win/PlatformCALayerWin.cpp:
        (PlatformCALayerWin::setBackingStoreAttached):
        (PlatformCALayerWin::backingStoreAttached):
        * platform/graphics/ca/win/PlatformCALayerWin.h:

2015-04-23  Simon Fraser  <simon.fraser@apple.com>

        Make it possible to detach GraphicsLayerCA backing store
        https://bugs.webkit.org/show_bug.cgi?id=144140

        Reviewed by Tim Horton.

        This changes makes it possible to denote a GraphicsLayerCA's backing store
        as "attached" or not. When not attached, the backing store is made volatile
        and can be purged. This will be used in a future patch.

        * platform/graphics/ca/GraphicsLayerCA.h: Add updateBackingStoreAttachment().
        * platform/graphics/ca/PlatformCALayer.h:
        * platform/graphics/ca/mac/PlatformCALayerMac.h:
        * platform/graphics/ca/mac/PlatformCALayerMac.mm: Stubs. In future, we could
        remove backing store on Mac and iOS WK1 too.
        (PlatformCALayerMac::setBackingStoreAttached):
        (PlatformCALayerMac::backingStoreAttached):

2015-04-23  Simon Fraser  <simon.fraser@apple.com>

        Remove "layer" from GraphicsLayerCA member function names
        https://bugs.webkit.org/show_bug.cgi?id=144139

        Reviewed by Myles Maxfield.

        Rename "updateLayer*" to "update*" in GraphicsLayerCA.

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
        (WebCore::GraphicsLayerCA::updateNames):
        (WebCore::GraphicsLayerCA::updateDrawsContent):
        (WebCore::GraphicsLayerCA::updateLayerNames): Deleted.
        (WebCore::GraphicsLayerCA::updateLayerDrawsContent): Deleted.
        * platform/graphics/ca/GraphicsLayerCA.h:

2015-04-23  Dan Bernstein  <mitz@apple.com>

        <rdar://problem/20663758> Fix the build after AVPlayerViewController API change

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::cleanupFullscreenInternal): Don’t pass a nil completion
        handler to -[AVPlayerViewController exitFullScreenAnimated:completionHandler:].

2015-04-23  Darin Adler  <darin@apple.com>

        Another round of removing use of OwnPtr, PassOwnPtr, and deleteOwnedPtr
        https://bugs.webkit.org/show_bug.cgi?id=144090

        Reviewed by Anders Carlsson.

        * Modules/encryptedmedia/CDMPrivateMediaPlayer.h: Removed unneeded include.

        * Modules/navigatorcontentutils/NavigatorContentUtils.h: Removed include of
        RefCountedSupplement.h.

        * Modules/websockets/ThreadableWebSocketChannelClientWrapper.cpp:
        (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveBinaryData):
        Pass data using rvalue references, and use new/delete to pass it across
        threads, rather than using PassOwnPtr.
        * Modules/websockets/ThreadableWebSocketChannelClientWrapper.h: Pass data
        in an rvalue reference instead of PassOwnPtr.
        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::didReceiveBinaryData): Take an rvalue reference
        instead of a PassOwnPtr.
        * Modules/websockets/WebSocket.h: Ditto.
        * Modules/websockets/WebSocketChannel.cpp: Ditto.
        (WebCore::WebSocketChannel::processFrame): Ditto.
        * Modules/websockets/WebSocketChannelClient.h:
        (WebCore::WebSocketChannelClient::didReceiveBinaryData): Ditto.
        * Modules/websockets/WorkerThreadableWebSocketChannel.cpp:
        (WebCore::WorkerThreadableWebSocketChannel::Peer::didReceiveBinaryData):
        Ditto.
        * Modules/websockets/WorkerThreadableWebSocketChannel.h: Ditto.

        * WebCore.xcodeproj/project.pbxproj: Removed RefCountedSupplement.h.

        * loader/cocoa/DiskCacheMonitorCocoa.mm:
        (WebCore::DiskCacheMonitor::monitorFileBackingStoreCreation): Fixed comment
        to not mention adoptPtr.

        * page/make_settings.pl:
        (generateInternalSettingsHeaderFile): Removed include of RefCountedSupplement.h.

        * platform/ColorChooserClient.h: Removed unneded include.
        * platform/ContextMenuItem.h: Ditto.

        * platform/RefCountedSupplement.h: Removed.

        * platform/ScrollAnimator.cpp: Removed unneeded include.
        * platform/ScrollAnimatorNone.h: Ditto.

        * platform/ThreadGlobalData.cpp: Added now-needed include of PassOwnPtr.h.

        * platform/graphics/GlyphMetricsMap.h: Ditto.
        * platform/graphics/MediaPlayer.h: Ditto.
        * platform/graphics/avfoundation/AVTrackPrivateAVFObjCImpl.h: Ditto.
        * platform/graphics/avfoundation/InbandMetadataTextTrackPrivateAVF.cpp: Ditto.
        * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp: Ditto.
        * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.h: Ditto.
        * platform/graphics/avfoundation/objc/AudioTrackPrivateAVFObjC.h: Ditto.
        * platform/graphics/avfoundation/objc/CDMSessionAVFoundationObjC.h: Ditto.
        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.h: Ditto.

        * platform/graphics/cg/ImageBufferCG.cpp:
        (WebCore::ImageBuffer::ImageBuffer): Use make_unique instead of adoptPtr.
        * platform/graphics/cg/ImageBufferDataCG.cpp:
        (WebCore::ImageBufferData::getData): Return a RefPtr instead of a PassRefPtr.
        * platform/graphics/cg/ImageBufferDataCG.h: Streamlined the header a bit,
        use unique_ptr instead of OwnPtr and RefPtr instead of PassRefPtr.

        * platform/graphics/cocoa/IOSurface.h: Use unique_ptr instead of OwnPtr.
        * platform/graphics/cocoa/IOSurface.mm:
        (IOSurface::ensureGraphicsContext): Use make_unique instead of adoptPtr.

        * platform/graphics/egl/GLContextEGL.cpp: Removed unneeded includes.
        * platform/graphics/filters/FilterOperation.h: Ditto.
        * platform/graphics/harfbuzz/HarfBuzzShaper.h: Ditto.
        * platform/ios/DeviceMotionClientIOS.h: Ditto.
        * platform/ios/DeviceOrientationClientIOS.h: Ditto.

        * platform/ios/LegacyTileCache.h: Use unique_ptr instead of OwnPtr.
        * platform/ios/LegacyTileCache.mm:
        (WebCore::LegacyTileCache::LegacyTileCache): Use make_unique instead of
        a create function, and also get rid of unneeded initialization to null.
        (WebCore::LegacyTileCache::commitScaleChange): Ditto.

        * platform/ios/LegacyTileGrid.h: Made constructor public and got rid of create
        function. Made constructor take a reference to the tile cache, and make both
        tileCache() and m_tileCache be references too.

        * platform/ios/LegacyTileGrid.mm:
        (WebCore::LegacyTileGrid::LegacyTileGrid): Updated to use reference.
        (WebCore::LegacyTileGrid::visibleRect): Ditto.
        (WebCore::LegacyTileGrid::tileByteSize) Ditto.:
        (WebCore::LegacyTileGrid::dropDistantTiles): Ditto.
        (WebCore::LegacyTileGrid::updateTileOpacity): Ditto.
        (WebCore::LegacyTileGrid::updateTileBorderVisibility): Ditto.
        (WebCore::LegacyTileGrid::updateHostLayerSize): Ditto.
        (WebCore::LegacyTileGrid::invalidateTiles): Ditto.
        (WebCore::LegacyTileGrid::shouldUseMinimalTileCoverage): Ditto.
        (WebCore::LegacyTileGrid::tileDistance2): Ditto.
        (WebCore::LegacyTileGrid::createTiles): Ditto.
        * platform/ios/LegacyTileGridTile.mm:
        (WebCore::LegacyTileGridTile::LegacyTileGridTile): Ditto.
        (WebCore::LegacyTileGridTile::invalidateRect): Ditto.
        (WebCore::LegacyTileGridTile::showBorder): Ditto.
        * platform/ios/LegacyTileLayer.mm:
        (-[LegacyTileHostLayer renderInContext:]): Ditto.
        (-[LegacyTileLayer layoutSublayers]): Ditto.
        (-[LegacyTileLayer drawInContext:]): Ditto.

        * platform/ios/LegacyTileLayerPool.h: Removed unneeded include.
        * platform/ios/ScrollAnimatorIOS.mm: Ditto.
        * platform/mac/ScrollAnimatorMac.mm: Ditto.
        * platform/mac/WebVideoFullscreenController.h: Ditto.
        * platform/network/BlobData.cpp: Ditto.

        * platform/network/ResourceHandle.cpp:
        (WebCore::ResourceHandle::ResourceHandle): Use make_unique instead of adoptPtr.
        * platform/network/ResourceHandle.h: Use unique_ptr instead of OwnPtr.

        * platform/network/ResourceHandleInternal.h: Added now-needed include.

        * platform/network/ResourceResponseBase.h: Removed unneeded includes and
        tweaked formatting a bit.

        * platform/network/SynchronousLoaderClient.h: Removed the create function and
        the private constructor. Used data member initialize to make the default
        empty constructor automatically get generated (and be public now).

        * platform/network/cf/FormDataStreamCFNet.cpp:
        (WebCore::formFinishFinalizationOnMainThread): Use delete instead of adoptPtr
        to delete the context argument.

        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::defaultNetworkStorageSession): Return a unique_ptr& instead of an OwnPtr&.
        (WebCore::NetworkStorageSession::switchToNewTestingSession): Use make_unique
        instead of adoptPtr.
        (WebCore::NetworkStorageSession::defaultStorageSession): Ditto.

        * platform/network/cf/ResourceHandleCFNet.cpp:
        (WebCore::ResourceHandle::platformLoadResourceSynchronously): Use a
        SynchronousLoaderClient on the stack instead of putting one on the heap with adoptPtr.
        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::ResourceHandle::platformLoadResourceSynchronously): Ditto.

        * platform/text/TextCodec.h: Removed unneeded include.
        * platform/win/CursorWin.cpp: Ditto.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateClipRects): Use move instead of release since
        we are using RefPtr&& instead of PassRefPtr.

        * rendering/RenderLayerFilterInfo.cpp:
        (WebCore::RenderLayer::FilterInfo::setRenderer): Use RefPtr&& instead of PassRefPtr.
        (WebCore::RenderLayer::FilterInfo::updateReferenceFilterClients): Streamlined to use
        modern for loops and auto.
        (WebCore::RenderLayer::FilterInfo::removeReferenceFilterClients): Ditto.

        * rendering/RenderLayerFilterInfo.h: Streamlined code and removed some stuff that
        I think is unneeded on iOS; there is no unused private field and I suspect the problem
        that led to the warning is gone. Deleted friending of deleteOwnedPtr.

        * rendering/RenderLayerMaskImageInfo.cpp: Removed unneeded includes. Moved private
        client classes in here from the header and made them members of MaskImageInfo.
        Streamlined them a bit in other ways.
        (WebCore::RenderLayer::MaskImageInfo::getIfExists): Use nullptr.
        (WebCore::RenderLayer::MaskImageInfo::MaskImageInfo): Use member initialization
        and also pass the layer in rather than the MaskImageInfo.
        (WebCore::RenderLayer::MaskImageInfo::notifyFinished): Deleted. Moved the code
        into the SVGDocumentClient.
        (WebCore::RenderLayer::MaskImageInfo::imageChanged): Deleted. Moved the code into
        the ImageClient.
        (WebCore::RenderLayer::MaskImageInfo::updateMaskImageClients): Streamlined a bit
        to use a for loop.
        (WebCore::RenderLayer::MaskImageInfo::removeMaskImageClients): Ditto.

        * rendering/RenderLayerMaskImageInfo.h: Reduced unneeded includes. Got rid of
        definitions of private member classes here in the header; they can be in the cpp
        file instead. Also cut down from three classes to two, and gave the classes less
        redundant names since they are already members of MaskImageInfo. Removed some
        unneeded functions and friending of deleteOwnedPtr.

        * testing/InternalSettings.cpp: Got rid of comment about RefCountedSupplement
        since no code anywhere was using it, so not using it here was not remarkable.

2015-04-23  Jer Noble  <jer.noble@apple.com>

        [iOS] Add a wrapper around the hosted AVPlayerLayer to intercept -setBounds:
        https://bugs.webkit.org/show_bug.cgi?id=144129

        Reviewed by Simon Fraser.

        When passing the hosted AVPlayerLayer to the fullscreen controller, the new superlayer will
        resize the hosted layer with a call to -setBounds:. But because this is a hosted layer, the
        bonuds change has no effect. Instead, wrap the CALayerHost in another CALayer whose job it is
        to intercept -setBounds: in the same way that WebAVVideoLayer did. In fact, we should just use
        that wrapper class inside WebAVVideoLayer as well, to avoid duplicating code.

        Drive-by Fix: Null-check m_videoElement in setVideoLayerFrame().

        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebCALayerHostWrapper setVideoSublayer:]):
        (-[WebCALayerHostWrapper videoSublayer]):
        (-[WebCALayerHostWrapper setBounds:]): Moved from WebAVVideoLayer.
        (-[WebCALayerHostWrapper resolveBounds]): Ditto.
        (-[WebAVVideoLayer setBounds:]): Moved to WebCALayerHostWrapper.
        (WebVideoFullscreenInterfaceAVKit::setupFullscreenInternal): Create the wrapper.
        (WebVideoFullscreenInterfaceAVKit::cleanupFullscreenInternal): Clear the wrapper.
        (-[WebAVVideoLayer resolveBounds]): Deleted. Moved to WebCALayerHostWrapper.
        * platform/ios/WebVideoFullscreenModelVideoElement.mm:
        (WebVideoFullscreenModelVideoElement::setVideoLayerFrame): Null-check m_videoElement.

2015-04-23  Tim Horton  <timothy_horton@apple.com>

        Yellow highlight has gray background color when invoking Lookup on an address in a Google Maps drop down
        https://bugs.webkit.org/show_bug.cgi?id=138737
        <rdar://problem/18904429>

        Reviewed by Simon Fraser.

        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::paint):
        Other RenderObjects don't paint box decorations in the selection painting phase,
        so RenderReplaced probably shouldn't either. This fixes the case where, when doing
        selection-only painting of a bit of text over top of a RenderReplaced, the RenderReplaced
        would paint its background, filling the previously transparent bitmap with an unwanted color.

2015-04-23  Roger Fong  <roger_fong@apple.com>

        Update media timeline controls when video is paused..
        https://bugs.webkit.org/show_bug.cgi?id=144122.
        <rdar://problem/20422927>

        Reviewed by Dean Jackson.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.drawTimelineBackground): Use timelineWidth because offsetWidth is 0 when display: none.
        (Controller.prototype.setPlaying): Show controls when pausing.
        (Controller.prototype.showControls): Update time and timeline when unhiding controls.

2015-04-23  Simon Fraser  <simon.fraser@apple.com>

        Changing TiledBacking velocity should schedule a tile revalidation
        https://bugs.webkit.org/show_bug.cgi?id=144123

        Reviewed by Tim Horton.

        Changing the velocity parameters on the TileController affect the computed
        coverage rect, so whenever we make a change to velocity data that could
        affect the outcome (basically any non-zero old or new velocities),
        schedule a layer flush.

        * platform/graphics/TiledBacking.h:
        (WebCore::VelocityData::velocityOrScaleIsChanging):
        * platform/graphics/ca/TileController.cpp:
        (WebCore::TileController::setVelocity):

2015-04-23  Jer Noble  <jer.noble@apple.com>

        [Mac] Disable QTKit by default on future OS X.
        https://bugs.webkit.org/show_bug.cgi?id=144082

        Reviewed by Darin Adler.

        Settings::gQTKitEnabled defaults to false.

        * page/Settings.cpp:

2015-04-23  Daniel Bates  <dabates@apple.com>

        Clean up: Use references instead of pointers in more SVG files
        https://bugs.webkit.org/show_bug.cgi?id=144045

        Reviewed by Darin Adler.

        * rendering/svg/SVGRootInlineBox.cpp:
        (WebCore::SVGRootInlineBox::layoutCharactersInTextBoxes): Pass reference instead of pointer.

        * rendering/svg/SVGTextLayoutEngine.cpp:
        (WebCore::SVGTextLayoutEngine::recordTextFragment): Changed parameter textBox from pointer to reference.
        (WebCore::SVGTextLayoutEngine::layoutInlineTextBox): Ditto.
        (WebCore::SVGTextLayoutEngine::currentVisualCharacterMetrics): Changed parameter textBox from pointer to
        reference and made it const since this function does not modify textBox.
        (WebCore::SVGTextLayoutEngine::layoutTextOnLineOrPath): Changed parameters from pointers to references.
        Also, removed comma from comment so that it reads well.
        * rendering/svg/SVGTextLayoutEngine.h: Updated declarations for the above functions.

        * rendering/svg/SVGTextLayoutEngineBaseline.cpp:
        (WebCore::SVGTextLayoutEngineBaseline::calculateBaselineShift): Changed parameter style from pointer to reference.
        Added case BS_LENGTH to switch block and removed default case so that the compiler checks that we handle all cases.
        Renamed parameter contextElement to context since the name of its data type conveys that it is an element.
        (WebCore::SVGTextLayoutEngineBaseline::calculateAlignmentBaselineShift): Changed parameter textRenderer from
        pointer to reference and removed runtime assertion that textRenderer is non-null (since it well-formed reference
        cannot point to a non-existent object).
        (WebCore::SVGTextLayoutEngineBaseline::calculateGlyphOrientationAngle): Changed parameter style from pointer to reference
        removed runtime assertion that style is non-null.
        * rendering/svg/SVGTextLayoutEngineBaseline.h: Updated declarations for the above functions.

2015-04-23  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r183194.
        https://bugs.webkit.org/show_bug.cgi?id=144121

        Made multiple tests flaky (Requested by ap_ on #webkit).

        Reverted changeset:

        "Memory cache live resources repeatedly purged during
        painting"
        https://bugs.webkit.org/show_bug.cgi?id=144104
        http://trac.webkit.org/changeset/183194

2015-04-23  Roger Fong  <roger_fong@apple.com>

        Unreviewed. Missed a button in r182900.

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-wireless-playback-picker-button:active):

2015-04-23  Roger Fong  <roger_fong@apple.com>

        Unreviewed. Just shift some CSS around for code cleanup purposes.

        * Modules/mediacontrols/mediaControlsApple.css:
        (video::-webkit-media-controls-panel):
        (video::-webkit-media-controls-panel:hover):

2015-04-22  Alexey Proskuryakov  <ap@apple.com>

        [iOS] WebKit services should inherit environment variables for home
        https://bugs.webkit.org/show_bug.cgi?id=144078
        rdar://problem/20571678

        Reviewed by Dan Bernstein.

        Added an SPI header for a drive-by fix.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/spi/cf/CFBundleSPI.h: Added.

2015-04-23  Alex Christensen  <achristensen@webkit.org>

        Use less memory when compiling content extensions.
        https://bugs.webkit.org/show_bug.cgi?id=144051

        Reviewed by Darin Adler and Benjamin Poulain.

        No change in functionality, correctness already covered by existing tests.

        Before this patch, a DFANode contained a HashSet of transitions.
        Large vectors of DFANodes made many small HashSets, which was inefficient use of memory.
        We now put all the actions and transitions into one big compact Vector and each node owns ranges in that vector.

        * contentextensions/CombinedURLFilters.cpp:
        (WebCore::ContentExtensions::recursiveMemoryUsed):
        (WebCore::ContentExtensions::CombinedURLFilters::memoryUsed):
        * contentextensions/CombinedURLFilters.h:
        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        * contentextensions/ContentExtensionsDebugging.h:
        * contentextensions/DFA.cpp:
        (WebCore::ContentExtensions::DFA::memoryUsed):
        (WebCore::ContentExtensions::DFANode::actions):
        (WebCore::ContentExtensions::DFANode::transitions):
        (WebCore::ContentExtensions::DFANode::fallbackTransitionDestination):
        (WebCore::ContentExtensions::DFANode::changeFallbackTransition):
        (WebCore::ContentExtensions::DFANode::addFallbackTransition):
        (WebCore::ContentExtensions::DFANode::containsTransition):
        (WebCore::ContentExtensions::DFANode::kill):
        (WebCore::ContentExtensions::DFA::minimize):
        (WebCore::ContentExtensions::DFA::DFA): Deleted.
        (WebCore::ContentExtensions::DFA::operator=): Deleted.
        * contentextensions/DFA.h:
        * contentextensions/DFABytecodeCompiler.cpp:
        (WebCore::ContentExtensions::DFABytecodeCompiler::compileNode):
        (WebCore::ContentExtensions::DFABytecodeCompiler::compileNodeTransitions):
        (WebCore::ContentExtensions::DFABytecodeCompiler::compile):
        * contentextensions/DFABytecodeCompiler.h:
        * contentextensions/DFAMinimizer.cpp:
        (WebCore::ContentExtensions::DFAMinimizer::minimize):
        * contentextensions/DFAMinimizer.h:
        * contentextensions/DFANode.h:
        (WebCore::ContentExtensions::DFANode::isKilled):
        (WebCore::ContentExtensions::DFANode::hasFallbackTransition):
        (WebCore::ContentExtensions::DFANode::hasActions):
        (WebCore::ContentExtensions::DFANode::transitionsLength):
        (WebCore::ContentExtensions::DFANode::actionsLength):
        (WebCore::ContentExtensions::DFANode::actionsStart):
        (WebCore::ContentExtensions::DFANode::setActions):
        (WebCore::ContentExtensions::DFANode::setTransitions):
        (WebCore::ContentExtensions::DFANode::resetTransitions):
        (WebCore::ContentExtensions::DFANode::transitionsStart):
        (WebCore::ContentExtensions::DFANode::setHasFallbackTransitionWithoutChangingDFA):
        * contentextensions/NFA.cpp:
        (WebCore::ContentExtensions::NFA::memoryUsed):
        * contentextensions/NFA.h:
        * contentextensions/NFAToDFA.cpp:
        (WebCore::ContentExtensions::NodeIdSetToUniqueNodeIdSetSource::NodeIdSetToUniqueNodeIdSetSource):
        (WebCore::ContentExtensions::NodeIdSetToUniqueNodeIdSetTranslator::translate):
        (WebCore::ContentExtensions::getOrCreateDFANode):
        (WebCore::ContentExtensions::NFAToDFA::convert):

2015-04-23  David Hyatt  <hyatt@apple.com>

        Don't fire a bunch of mouse moveds during scrolling.
        https://bugs.webkit.org/show_bug.cgi?id=99940

        Reviewed by Simon Fraser.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::dispatchFakeMouseMoveEventSoon):
        Even for the short interval timer, make sure to cancel and restart it instead of allowing the original to
        complete. This has the effect of preventing fake mouse moves from firing until the scroll stops.

2015-04-23  Eric Carlson  <eric.carlson@apple.com>

        Unreviewed, fix the release build.

        * html/HTMLMediaSession.cpp:
        (WebCore::HTMLMediaSession::setHasPlaybackTargetAvailabilityListeners): Add an UNUSED_PARAM.

2015-04-23  Simon Fraser  <simon.fraser@apple.com>

        Remove m_isPageTiledBackingLayer data member from GraphicsLayerCA, just use the layer type instead
        https://bugs.webkit.org/show_bug.cgi?id=144108

        Reviewed by Dean Jackson.

        No need for the m_isPageTiledBackingLayer data member. We can just check the layer
        type instead.

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::GraphicsLayerCA):
        (WebCore::GraphicsLayerCA::initialize):
        (WebCore::GraphicsLayerCA::platformCALayerShowRepaintCounter):
        (WebCore::GraphicsLayerCA::updateContentsScale):
        (WebCore::GraphicsLayerCA::getDebugBorderInfo):
        (WebCore::GraphicsLayerCA::requiresTiledLayer):
        * platform/graphics/ca/GraphicsLayerCA.h:
        (WebCore::GraphicsLayerCA::isPageTiledBackingLayer):

2015-04-23  Brady Eidson  <beidson@apple.com>

        Content extension with oft-repeated rules can cause slowdown.
        rdar://problem/20618511 and https://bugs.webkit.org/show_bug.cgi?id=144010

        Reviewed by Alex Christensen.

        No new tests (Behavior covered by existing tests).

        * WebCore.xcodeproj/project.pbxproj:

        * contentextensions/ContentExtension.cpp:
        (WebCore::ContentExtensions::ContentExtension::globalDisplayNoneStyleSheet):

        Add the String identifier for the extension and the rule action ID to Actions:
        * contentextensions/ContentExtensionRule.cpp:
        (WebCore::ContentExtensions::Action::deserialize):
        * contentextensions/ContentExtensionRule.h:
        (WebCore::ContentExtensions::Action::Action):
        (WebCore::ContentExtensions::Action::operator==):
        (WebCore::ContentExtensions::Action::setExtensionIdentifier):
        (WebCore::ContentExtensions::Action::extensionIdentifier):
        (WebCore::ContentExtensions::Action::actionID):
        (WebCore::ContentExtensions::Action::type): Deleted.

        Object to manage a CSSStyleSheet and selectors identified by ID:
        * contentextensions/ContentExtensionStyleSheet.cpp:
        (WebCore::ContentExtensions::ContentExtensionStyleSheet::ContentExtensionStyleSheet):
        (WebCore::ContentExtensions::ContentExtensionStyleSheet::addDisplayNoneSelector):
        * contentextensions/ContentExtensionStyleSheet.h:
        (WebCore::ContentExtensions::ContentExtensionStyleSheet::create):
        (WebCore::ContentExtensions::ContentExtensionStyleSheet::styleSheet):

        Instead of globbing selectors together into a String and making a new stylesheet,
        add new unique selectors to an already existing sheet:
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
        (WebCore::ContentExtensions::ContentExtensionsBackend::processContentExtensionRulesForLoad):
        (WebCore::ContentExtensions::ContentExtensionsBackend::displayNoneCSSRule):

        * dom/DocumentStyleSheetCollection.cpp:
        (WebCore::DocumentStyleSheetCollection::addDisplayNoneSelector):
        (WebCore::DocumentStyleSheetCollection::addContentExtensionUserSheet): Deleted.
        * dom/DocumentStyleSheetCollection.h:

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::commitData):
        (WebCore::DocumentLoader::addPendingContentExtensionDisplayNoneSelector):
        (WebCore::DocumentLoader::addPendingContentExtensionSheet): Deleted.
        * loader/DocumentLoader.h:

2015-04-23  Antti Koivisto  <antti@apple.com>

        Memory cache live resources repeatedly purged during painting
        https://bugs.webkit.org/show_bug.cgi?id=144104
        <rdar://problem/20667695>

        Reviewed by Chris Dumez.

        On some PLT pages (like nytimes.com) we get into state where painting repeatedly purges live bitmaps.
        This slows down page loads significantly.

        This might have regressed because improvements in page caching keep more pages and so resources 'live'.

        With this path we do all regular cache pruning asynchronously. If memory is really critical
        the low memory handling code will still prune synchronously.

        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::removeClient):
        (WebCore::CachedResource::didAccessDecodedData):

            prune() -> pruneSoon()

        * loader/cache/MemoryCache.cpp:

            Decrease the pruning size target from 0.95 to 0.8 so we don't need to prune so often.

        (WebCore::MemoryCache::needsPruning):

            Factor into a function.

        (WebCore::MemoryCache::prune):
        (WebCore::MemoryCache::pruneSoon):

            Prune asynchronously.

        * loader/cache/MemoryCache.h:

2015-04-23  Eric Carlson  <eric.carlson@apple.com>

        Unreviewed, make a suggested change I overlooked in Darin's review of
        https://bugs.webkit.org/show_bug.cgi?id=144098

        * dom/Document.cpp:
        (WebCore::Document::removePlaybackTargetPickerClient): const auto& -> auto
        (WebCore::Document::showPlaybackTargetPicker): Ditto.
        (WebCore::Document::playbackTargetPickerClientStateDidChange): Ditto.
        (WebCore::Document::playbackTargetAvailabilityDidChange): Ditto.
        (WebCore::Document::setPlaybackTarget): Ditto.
        (WebCore::Document::setShouldPlayToPlaybackTarget): Ditto.

2015-04-23  Joonghun Park  <jh718.park@samsung.com>

        Use std::unique_ptr instead of OwnPtr in ThreadGlobalData
        https://bugs.webkit.org/show_bug.cgi?id=141950

        Reviewed by Darin Adler.

        No new tests, no behavior changes.

        * dom/EventNames.h:
        (WebCore::EventNames::create):
        * loader/cache/CachedResourceRequestInitiators.h:
        * platform/ThreadGlobalData.cpp:
        (WebCore::ThreadGlobalData::ThreadGlobalData):
        (WebCore::ThreadGlobalData::destroy):
        * platform/ThreadGlobalData.h:

2015-04-23  Eric Carlson  <eric.carlson@apple.com>

        Some media tests assert after r183096
        https://bugs.webkit.org/show_bug.cgi?id=144098

        Reviewed by Darin Adler.

        * dom/Document.cpp:
        (WebCore::Document::removePlaybackTargetPickerClient): Don't assert if the client has already
            been removed from the map. This happens when a media element is removed from the document
            before its destructor runs and is not an error.
        (WebCore::Document::showPlaybackTargetPicker): It is an error to call this after the client 
            has been removed from the map so leave the assert in a debug build, but return early
            so a release build doesn't crash.
        (WebCore::Document::playbackTargetPickerClientStateDidChange): Ditto.
        (WebCore::Document::playbackTargetAvailabilityDidChange): Use "auto" for the map iterator variable.
        (WebCore::Document::setPlaybackTarget): Ditto.
        (WebCore::Document::setShouldPlayToPlaybackTarget): Ditto.
        * dom/Document.h: Fix map typedef names.

2015-04-23  Andreas Kling  <akling@apple.com>

        DOM nodes should be allocated with fastMalloc().

        Unreviewed. This got lost in the TreeShared merge. :|

        * dom/Node.h:

2015-04-23  Chris Dumez  <cdumez@apple.com>

        [WK2] WebDiagnosticLoggingClient is leaking
        https://bugs.webkit.org/show_bug.cgi?id=144089
        <rdar://problem/19706214>

        Reviewed by Darin Adler.

        WebDiagnosticLoggingClient is leaking. It is constructed inside WebPage
        constructor but there is no code destroying it.

        This patch adds a new xxxDestroyed() virtual function to
        DiagnosticLoggingClient and that is overriden in
        WebDiagnosticLoggingClient to call "delete this". This is the same
        pattern as for other WK2 clients (e.g. WebFrameLoaderClient,
        WebProgressTrackerClient).

        * loader/EmptyClients.h:
        * page/DiagnosticLoggingClient.h:
        * page/MainFrame.cpp:
        (WebCore::MainFrame::~MainFrame):

2015-04-22  Antti Koivisto  <antti@apple.com>

        CrashTracer: WebProcess at com.apple.WebCore: WebCore::toScriptElementIfPossible + 4
        https://bugs.webkit.org/show_bug.cgi?id=144050
        rdar://problem/15534973

        Reviewed by Chris Dumez.

        We are seeing null Element pointer crashes with this stack:

        47 com.apple.WebCore:  WebCore::toScriptElementIfPossible + 4 <==
        47 com.apple.WebCore:  WebCore::ScriptRunner::timerFired + 452
        47 com.apple.WebCore:  WebCore::ThreadTimers::sharedTimerFiredInternal + 175

        The most likely cause seems to be that this code

            ASSERT(m_pendingAsyncScripts.contains(scriptElement));
            m_scriptsToExecuteSoon.append(m_pendingAsyncScripts.take(scriptElement));

        in ScriptRunner::notifyScriptReady fails to find scriptElement and we are left with a null entry in
        m_scriptsToExecuteSoon. However I haven't managed to repro this or find the exact path how this
        could happen. The related code is fragile with lot of state (in ScriptElement class)
        and involves many opportunities for re-entry via scripts.

        No repro, no test case.

        * dom/ScriptRunner.cpp:
        (WebCore::ScriptRunner::timerFired):

            Paper this over by adding a null check. We could check m_pendingAsyncScripts.take() above
            but this also covers possibility this is caused by something else.

2015-04-23  Simon Fraser  <simon.fraser@apple.com>

        Use a typedef for TileGrid tile validation policy flags
        https://bugs.webkit.org/show_bug.cgi?id=144085

        Reviewed by Tim Horton.

        Replace 'unsigned' with a typedef for the bitmask of TileValidationPolicyFlags.

        * platform/graphics/ca/TileController.cpp:
        (WebCore::TileController::tileRevalidationTimerFired):
        * platform/graphics/ca/TileGrid.cpp:
        (WebCore::TileGrid::revalidateTiles):
        * platform/graphics/ca/TileGrid.h:

2015-04-23  Andreas Kling  <akling@apple.com>

        Slap Node's reference counting functions with ALWAYS_INLINE stick.

        Speculative fix for weird ~3% regression on Speedometer seen after TreeShared
        was merged into Node. Since the memory layout didn't change, failure to inline
        seems like a possible source of regression.

        * dom/Node.h:
        (WebCore::Node::ref):
        (WebCore::Node::deref):
        (WebCore::Node::hasOneRef):
        (WebCore::Node::refCount):

2015-04-22  Simon Fraser  <simon.fraser@apple.com>

        [iOS] Move computeCoverageRect code from FrameView into TileController
        https://bugs.webkit.org/show_bug.cgi?id=144087

        Reviewed by Benjamin Poulain.
        
        There is code in four different places that adjusts tiling coverage rect:
        1. LegacyTileCache. This will remain unchanged.
        2. FrameView::computeTileCoverageRect(). This was added to do velocity-based
        page tiled coverage expansion for iOS WK2.
        3. TileController::computeTileCoverageRect(): this is used for the page tiles
        on Mac.
        4. GraphicsLayerCA::adjustTiledLayerVisibleRect(). This is used by non-page
        tiled layers on both iOS and Mac.
        
        This patch reduced this list to 3, coalescing FrameView::computeTileCoverageRect()
        and TileController::computeTileCoverageRect(). It removes the rect inflation that
        affects the visibleRect passed into rootLayer->flushCompositingState() for iOS,
        but the page tiles now do an identical coverage inflation. The visible rect
        change does affect visible rect computations for non-page tiled backings, but
        a future patch will restore that.

        * page/FrameView.cpp:
        (WebCore::FrameView::setScrollVelocity):
        (WebCore::FrameView::computeCoverageRect): Deleted.
        * page/FrameView.h:
        * platform/graphics/TiledBacking.h:
        (WebCore::VelocityData::VelocityData):
        * platform/graphics/ca/TileController.cpp:
        (WebCore::TileController::setVelocity):
        (WebCore::TileController::computeTileCoverageRect):
        * platform/graphics/ca/TileController.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::flushPendingLayerChanges):

2015-04-22  Darin Adler  <darin@apple.com>

        Remove OwnPtr and PassOwnPtr use from WebKit/cf, WebKit/mac, and WebKit2
        https://bugs.webkit.org/show_bug.cgi?id=143943

        Reviewed by Anders Carlsson.

        * editing/Editor.cpp:
        (WebCore::Editor::insertDictationPhrases): Changed this iOS-only
        function to take a Vector<Vector<String>>&& and not involve PassOwnPtr.
        (WebCore::Editor::setDictationPhrasesAsChildOfElement): Changed this iOS-only
        function to take a Vector<Vector<String>> and not involve PassOwnPtr. Also made
        it take a reference rather than a pointer to the element and simplify the code
        a bit using modern for loops and auto.
        * editing/Editor.h: Ditto.

        * editing/ios/DictationCommandIOS.cpp:
        (WebCore::DictationCommandIOS::DictationCommandIOS): Take
        a Vector<Vector<String>>&& instead of a PassOwnPtr.
        (WebCore::DictationCommandIOS::~DictationCommandIOS): Deleted. No need to
        explicitly define this.
        (WebCore::DictationCommandIOS::doApply): Updated to use modern for loop and
        work with a Vector<Vector<String>> instead of an OwnPtr.
        * editing/ios/DictationCommandIOS.h: Updated to not use PassOwnPtr and OwnPtr.
        Also modernized a bit by using override.

        * platform/network/ios/QuickLook.h: Return an NSURLRequest * instead of a
        PassOwnPtr<ResourceRequest> from this iOS-specific function.
        * platform/network/ios/QuickLook.mm:
        (WebCore::registerQLPreviewConverterIfNeeded): Ditto.

2015-04-22  Jinwoo Song  <jinwoo7.song@samsung.com>

        Convert OwnPtr to std::unique_ptr in GraphicsContextCairo.cpp
        https://bugs.webkit.org/show_bug.cgi?id=144033

        Reviewed by Darin Adler.

        Use unique_ptr for creating a copy of cairo_path_t and use lambda function
        for custom deleter, cairo_path_destroy().

        * platform/graphics/cairo/GraphicsContextCairo.cpp:
        (WebCore::drawPathShadow): Use std::unique_ptr instead of OwnPtr.
        (WebCore::GraphicsContext::clip): Call cairo_path_destroy() immediately.
        * platform/graphics/cairo/OwnPtrCairo.cpp:
        (WTF::deleteOwnedPtr<cairo_path_t>): Deleted. Remove unnecessary deleter anymore.
        * platform/graphics/cairo/OwnPtrCairo.h: Ditto.

2015-04-22  Darin Adler  <darin@apple.com>

        Eliminate remaining uses of OwnPtr and PassOwnPtr in WebCore outside the editing and platform directories
        https://bugs.webkit.org/show_bug.cgi?id=143949

        Reviewed by Andreas Kling.

        * dom/ContainerNode.h: Removed unneeded includes and forward declarations.
        * dom/Document.h: Ditto.

        * dom/DocumentParser.h: Fixed comment to not mention PassOwnPtr.

        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlTextTrackContainerElement::create): Return a Ref instead of a PassRefPtr.
        (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentation): Pass a reference
        rather than a pointer to TextTrackRepresentation::create.
        (WebCore::MediaControlTextTrackContainerElement::createTextTrackRepresentationImage): Return a
        RefPtr instead of a PassRefPtr.

        * html/shadow/MediaControlElements.h: Use unique_ptr for m_textTrackRepresentation.
        Also fix a couple uses of PassRefPtr.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::DocumentLoader): Use make_unique.
        (WebCore::DocumentLoader::addAllArchiveResources): Ditto.
        (WebCore::DocumentLoader::addArchiveResource): Ditto.
        (WebCore::DocumentLoader::clearArchiveResources): Set to nullptr instead of calling clear.
        (WebCore::DocumentLoader::startLoadingMainResource): Use make_unique.
        * loader/DocumentLoader.h: Made m_archiveResourceCollection and
        m_applicationCacheHost use unique_ptr.

        * loader/WorkerThreadableLoader.cpp:
        (WebCore::WorkerThreadableLoader::MainThreadBridge::didReceiveData): Use delete here instead
        of using OwnPtr to do the deletion. Matches the other code nearby.

        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::disassociateDocumentLoader): Handle case where the host is
        null; this happens during the DocumentLoader destruction process since unique_ptr sets itself
        to null before it destroys the object it points to and OwnPtr does not.

        * loader/cocoa/DiskCacheMonitorCocoa.mm:
        (WebCore::DiskCacheMonitor::monitorFileBackingStoreCreation): Use delete instead of adoptPtr
        to delete a raw pointer.
        (WebCore::DiskCacheMonitor::DiskCacheMonitor): Use unique_ptr instead of OwnPtr.

        * page/DragController.h: Removed some unneeded forward declarations and changed the
        create function to return unique_ptr.

        * platform/LayoutUnit.h: Removed wtf_ceil workaround hack here. Not sure why we ever did it
        this way!

        * platform/graphics/FontCascade.cpp:
        (WTF::deleteOwnedPtr<WebCore::TextLayout>): Deleted.
        (WebCore::FontCascade::createLayout): Changed to return a unique_ptr.
        (WebCore::FontCascade::deleteLayout): Deleted.
        * platform/graphics/FontCascade.h: Made the above changes.

        * platform/graphics/ImageBuffer.h: Changed copyImage to return a RefPtr instead of a PassRefPtr.

        * platform/graphics/TextTrackRepresentation.cpp:
        (WebCore::TextTrackRepresentation::create): Use make_unique and return a unique_ptr.
        * platform/graphics/TextTrackRepresentation.h: Removed unneeded includes and forward declarations
        and made create return a unique_ptr.
        * platform/graphics/cairo/ImageBufferCairo.cpp:
        (WebCore::ImageBuffer::copyImage): Changed to return a RefPtr.
        * platform/graphics/cg/ImageBufferCG.cpp:
        (WebCore::ImageBuffer::copyImage): Changed to return a RefPtr.

        * platform/graphics/ios/TextTrackRepresentationIOS.h: Use reference instead of pointer,
        made more things private.
        * platform/graphics/ios/TextTrackRepresentationIOS.mm:
        (TextTrackRepresentation::create): Use make_unique.
        (TextTrackRepresentationIOS::TextTrackRepresentationIOS): Take a reference.

        * platform/graphics/mac/ComplexTextController.cpp:
        (WebCore::FontCascade::createLayout): Return a unique_ptr with a custom destruction function.
        The custom destruction function eliminates the need to put TextLayout in a visible header.
        (WebCore::FontCascade::deleteLayout): Deleted. Use a lambda instead.
        (WebCore::roundCGFloat): Deleted. Old fashioned way to deal with multiple floating point sizes.
        Just use std::round instead.
        (WebCore::ceilCGFloat): Deleted. Same as above. Just use std::ceil instead.
        (WebCore::ComplexTextController::adjustGlyphsAndAdvances): Use std::round and std::ceil.

        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderTextInfo::RenderTextInfo): Deleted. Can compile constructor and destructor
        now thanks to use of unique_ptr with a custom deleter.
        (WebCore::RenderTextInfo::~RenderTextInfo): Deleted. Ditto.
        (WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange): Updated for RenderTextInfo data member
        name change.

        * rendering/RenderView.h: Removed unneeded include.

        * rendering/line/BreakingContext.h: Removed unneeded include.
        (WebCore::BreakingContext::handleOutOfFlowPositioned): Updated for RenderTextInfo data member
        name change.
        (WebCore::BreakingContext::handleFloat): Ditto.
        (WebCore::BreakingContext::handleReplaced): Ditto.
        (WebCore::BreakingContext::handleText): Ditto.
        (WebCore::BreakingContext::optimalLineBreakLocationForTrailingWord): Ditto.

        * rendering/line/LineBreaker.h: Made the RenderTextInfo struct more like a struct by taking
        off all the m_ prefixes from the data member names. Initialized all the values in the struct
        to defaults so we don't need an explicit constructor. We also don't need an explicit destructor
        any more due to use of a unique_ptr with a deleter.

2015-04-22  Roger Fong  <roger_fong@apple.com>

        Volume slider appears/doesn't appear at the wrong times.
        https://bugs.webkit.org/show_bug.cgi?id=144072.
        <rdar://problem/20576145>

        Reviewed by Dean Jackson.

        Set background divs to match volume box dimensions.
        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-volume-slider-container-background):
        (audio::-webkit-media-controls-volume-slider-container-tint):

        Draw the volume slider immediately on mousing over the mute box.
        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.createControls):
        (Controller.prototype.handleMuteBoxOver):

2015-04-22  Jer Noble  <jer.noble@apple.com>

        [Mac][MediaSource] Crash when SourceBuffer::provideMediaData() is called re-entrantly.
        https://bugs.webkit.org/show_bug.cgi?id=144023

        Reviewed by Darin Adler.

        Partially revert r183097 (as it was not sufficient to protect against re-entrancy). Instead,
        protect against re-entrancy in provideMediaData() directly by removing the first sample
        from the TrackBuffer's decodeQueue at a time. If provideMediaData() is called re-entrantly,
        or if any other method which modifies the decodeQueue is called from inside
        provideMediaData, no iterators will be invalidated.

        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::provideMediaData):
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::didBecomeReadyForMoreSamples):

2015-04-22  Zalan Bujtas  <zalan@apple.com>

        Create RenderRubyText for <rt> only when the parent renderer is a RenderRuby.
        https://bugs.webkit.org/show_bug.cgi?id=144035
        rdar://problem/20604467

        Reviewed by Darin Adler.

        This patch extends HTMLElement::createElementRenderer()
        with the render tree insertion point so that we can create different type
        of renderers based on the render tree context.

        Test: fast/ruby/ruby-rt-with-region-crash.html

        * CMakeLists.txt:
        * Modules/plugins/PluginReplacement.h:
        * Modules/plugins/QuickTimePluginReplacement.h:
        * Modules/plugins/QuickTimePluginReplacement.mm:
        (WebCore::QuickTimePluginReplacement::createElementRenderer):
        * Modules/plugins/YouTubePluginReplacement.cpp:
        (WebCore::YouTubePluginReplacement::createElementRenderer):
        * Modules/plugins/YouTubePluginReplacement.h:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/Element.cpp:
        (WebCore::Element::createElementRenderer):
        * dom/Element.h:
        * html/HTMLAppletElement.cpp:
        (WebCore::HTMLAppletElement::createElementRenderer):
        * html/HTMLAppletElement.h:
        * html/HTMLAttachmentElement.cpp:
        (WebCore::HTMLAttachmentElement::createElementRenderer):
        * html/HTMLAttachmentElement.h:
        * html/HTMLBRElement.cpp:
        (WebCore::HTMLBRElement::createElementRenderer):
        * html/HTMLBRElement.h:
        * html/HTMLButtonElement.cpp:
        (WebCore::HTMLButtonElement::createElementRenderer):
        * html/HTMLButtonElement.h:
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::createElementRenderer):
        * html/HTMLCanvasElement.h:
        * html/HTMLDetailsElement.cpp:
        (WebCore::HTMLDetailsElement::createElementRenderer):
        * html/HTMLDetailsElement.h:
        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::createElementRenderer):
        * html/HTMLElement.h:
        * html/HTMLFieldSetElement.cpp:
        (WebCore::HTMLFieldSetElement::createElementRenderer):
        * html/HTMLFieldSetElement.h:
        * html/HTMLFrameElement.cpp:
        (WebCore::HTMLFrameElement::createElementRenderer):
        * html/HTMLFrameElement.h:
        * html/HTMLFrameSetElement.cpp:
        (WebCore::HTMLFrameSetElement::createElementRenderer):
        * html/HTMLFrameSetElement.h:
        * html/HTMLIFrameElement.cpp:
        (WebCore::HTMLIFrameElement::createElementRenderer):
        * html/HTMLIFrameElement.h:
        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::createElementRenderer):
        * html/HTMLImageElement.h:
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::createElementRenderer):
        * html/HTMLInputElement.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):
        * html/HTMLMediaElement.h:
        * html/HTMLMeterElement.cpp:
        (WebCore::HTMLMeterElement::createElementRenderer):
        * html/HTMLMeterElement.h:
        * html/HTMLPlugInElement.cpp:
        (WebCore::HTMLPlugInElement::createElementRenderer):
        * html/HTMLPlugInElement.h:
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::createElementRenderer):
        * html/HTMLPlugInImageElement.h:
        * html/HTMLProgressElement.cpp:
        (WebCore::HTMLProgressElement::createElementRenderer):
        * html/HTMLProgressElement.h:
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::createElementRenderer):
        * html/HTMLSelectElement.h:
        * html/HTMLSummaryElement.cpp:
        (WebCore::HTMLSummaryElement::createElementRenderer):
        * html/HTMLSummaryElement.h:
        * html/HTMLTextAreaElement.cpp:
        (WebCore::HTMLTextAreaElement::createElementRenderer):
        * html/HTMLTextAreaElement.h:
        * html/HTMLVideoElement.cpp:
        (WebCore::HTMLVideoElement::createElementRenderer):
        * html/HTMLVideoElement.h:
        * html/HTMLWBRElement.cpp:
        (WebCore::HTMLWBRElement::createElementRenderer):
        * html/HTMLWBRElement.h:
        * html/RubyElement.cpp:
        (WebCore::RubyElement::createElementRenderer):
        * html/RubyElement.h:
        * html/RubyTextElement.cpp:
        (WebCore::RubyTextElement::createElementRenderer):
        * html/RubyTextElement.h:
        * html/shadow/DetailsMarkerControl.cpp:
        (WebCore::DetailsMarkerControl::createElementRenderer):
        * html/shadow/DetailsMarkerControl.h:
        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlTimelineContainerElement::createElementRenderer):
        (WebCore::MediaControlVolumeSliderContainerElement::createElementRenderer):
        (WebCore::MediaControlTextTrackContainerElement::createElementRenderer):
        * html/shadow/MediaControlElements.h:
        * html/shadow/MeterShadowElement.cpp:
        (WebCore::MeterInnerElement::createElementRenderer):
        * html/shadow/MeterShadowElement.h:
        * html/shadow/ProgressShadowElement.cpp:
        (WebCore::ProgressInnerElement::createElementRenderer):
        * html/shadow/ProgressShadowElement.h:
        * html/shadow/SliderThumbElement.cpp:
        (WebCore::SliderThumbElement::createElementRenderer):
        (WebCore::SliderContainerElement::createElementRenderer):
        * html/shadow/SliderThumbElement.h:
        * html/shadow/TextControlInnerElements.cpp:
        (WebCore::TextControlInnerContainer::createElementRenderer):
        (WebCore::TextControlInnerTextElement::createElementRenderer):
        * html/shadow/TextControlInnerElements.h:
        * html/shadow/mac/ImageControlsButtonElementMac.cpp:
        (WebCore::ImageControlsButtonElementMac::createElementRenderer):
        * html/shadow/mac/ImageControlsButtonElementMac.h:
        * html/shadow/mac/ImageControlsRootElementMac.cpp:
        (WebCore::ImageControlsRootElementMac::createElementRenderer):
        * html/shadow/mac/ImageControlsRootElementMac.h:
        * html/track/VTTCue.cpp:
        (WebCore::VTTCueBox::createElementRenderer):
        * html/track/VTTCue.h:
        * mathml/MathMLInlineContainerElement.cpp:
        (WebCore::MathMLInlineContainerElement::createElementRenderer):
        * mathml/MathMLInlineContainerElement.h:
        * mathml/MathMLMathElement.cpp:
        (WebCore::MathMLMathElement::createElementRenderer):
        * mathml/MathMLMathElement.h:
        * mathml/MathMLMencloseElement.cpp:
        (WebCore::MathMLMencloseElement::createElementRenderer):
        * mathml/MathMLMencloseElement.h:
        * mathml/MathMLSelectElement.cpp:
        (WebCore::MathMLSelectElement::createElementRenderer):
        * mathml/MathMLSelectElement.h:
        * mathml/MathMLTextElement.cpp:
        (WebCore::MathMLTextElement::createElementRenderer):
        * mathml/MathMLTextElement.h:
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::clone):
        * rendering/RenderElement.cpp:
        * rendering/RenderRuby.h:
        (WebCore::isRuby):
        * style/RenderTreePosition.cpp: Added.
        (WebCore::RenderTreePosition::computeNextSibling):
        (WebCore::RenderTreePosition::invalidateNextSibling):
        (WebCore::RenderTreePosition::previousSiblingRenderer):
        (WebCore::RenderTreePosition::nextSiblingRenderer):
        (WebCore::RenderTreePosition::isRendererReparented):
        * style/RenderTreePosition.h: Added.
        (WebCore::RenderTreePosition::RenderTreePosition):
        (WebCore::RenderTreePosition::parent):
        (WebCore::RenderTreePosition::canInsert):
        (WebCore::RenderTreePosition::insert):
        * style/StyleResolveTree.cpp:
        (WebCore::Style::createRendererIfNeeded):
        (WebCore::Style::invalidateWhitespaceOnlyTextSiblingsAfterAttachIfNeeded):
        (WebCore::Style::textRendererIsNeeded):
        (WebCore::Style::RenderTreePosition::parent): Deleted.
        (WebCore::Style::isRendererReparented): Deleted.
        (WebCore::Style::nextSiblingRenderer): Deleted.
        (WebCore::Style::RenderTreePosition::RenderTreePosition): Deleted.
        (WebCore::Style::RenderTreePosition::canInsert): Deleted.
        (WebCore::Style::RenderTreePosition::insert): Deleted.
        (WebCore::Style::RenderTreePosition::computeNextSibling): Deleted.
        (WebCore::Style::RenderTreePosition::invalidateNextSibling): Deleted.
        (WebCore::Style::previousSiblingRenderer): Deleted.
        * svg/SVGAElement.cpp:
        (WebCore::SVGAElement::createElementRenderer):
        * svg/SVGAElement.h:
        * svg/SVGAltGlyphElement.cpp:
        (WebCore::SVGAltGlyphElement::createElementRenderer):
        * svg/SVGAltGlyphElement.h:
        * svg/SVGCircleElement.cpp:
        (WebCore::SVGCircleElement::createElementRenderer):
        * svg/SVGCircleElement.h:
        * svg/SVGClipPathElement.cpp:
        (WebCore::SVGClipPathElement::createElementRenderer):
        * svg/SVGClipPathElement.h:
        * svg/SVGDefsElement.cpp:
        (WebCore::SVGDefsElement::createElementRenderer):
        * svg/SVGDefsElement.h:
        * svg/SVGEllipseElement.cpp:
        (WebCore::SVGEllipseElement::createElementRenderer):
        * svg/SVGEllipseElement.h:
        * svg/SVGFilterElement.cpp:
        (WebCore::SVGFilterElement::createElementRenderer):
        * svg/SVGFilterElement.h:
        * svg/SVGFilterPrimitiveStandardAttributes.cpp:
        (WebCore::SVGFilterPrimitiveStandardAttributes::createElementRenderer):
        * svg/SVGFilterPrimitiveStandardAttributes.h:
        * svg/SVGForeignObjectElement.cpp:
        (WebCore::SVGForeignObjectElement::createElementRenderer):
        * svg/SVGForeignObjectElement.h:
        * svg/SVGGElement.cpp:
        (WebCore::SVGGElement::createElementRenderer):
        * svg/SVGGElement.h:
        * svg/SVGGraphicsElement.cpp:
        (WebCore::SVGGraphicsElement::createElementRenderer):
        * svg/SVGGraphicsElement.h:
        * svg/SVGImageElement.cpp:
        (WebCore::SVGImageElement::createElementRenderer):
        * svg/SVGImageElement.h:
        * svg/SVGLinearGradientElement.cpp:
        (WebCore::SVGLinearGradientElement::createElementRenderer):
        * svg/SVGLinearGradientElement.h:
        * svg/SVGMarkerElement.cpp:
        (WebCore::SVGMarkerElement::createElementRenderer):
        * svg/SVGMarkerElement.h:
        * svg/SVGMaskElement.cpp:
        (WebCore::SVGMaskElement::createElementRenderer):
        * svg/SVGMaskElement.h:
        * svg/SVGPathElement.cpp:
        (WebCore::SVGPathElement::createElementRenderer):
        * svg/SVGPathElement.h:
        * svg/SVGPatternElement.cpp:
        (WebCore::SVGPatternElement::createElementRenderer):
        * svg/SVGPatternElement.h:
        * svg/SVGRadialGradientElement.cpp:
        (WebCore::SVGRadialGradientElement::createElementRenderer):
        * svg/SVGRadialGradientElement.h:
        * svg/SVGRectElement.cpp:
        (WebCore::SVGRectElement::createElementRenderer):
        * svg/SVGRectElement.h:
        * svg/SVGSVGElement.cpp:
        (WebCore::SVGSVGElement::createElementRenderer):
        * svg/SVGSVGElement.h:
        * svg/SVGStopElement.cpp:
        (WebCore::SVGStopElement::createElementRenderer):
        * svg/SVGStopElement.h:
        * svg/SVGSwitchElement.cpp:
        (WebCore::SVGSwitchElement::createElementRenderer):
        * svg/SVGSwitchElement.h:
        * svg/SVGSymbolElement.cpp:
        (WebCore::SVGSymbolElement::createElementRenderer):
        * svg/SVGSymbolElement.h:
        * svg/SVGTRefElement.cpp:
        (WebCore::SVGTRefElement::createElementRenderer):
        * svg/SVGTRefElement.h:
        * svg/SVGTSpanElement.cpp:
        (WebCore::SVGTSpanElement::createElementRenderer):
        * svg/SVGTSpanElement.h:
        * svg/SVGTextElement.cpp:
        (WebCore::SVGTextElement::createElementRenderer):
        * svg/SVGTextElement.h:
        * svg/SVGTextPathElement.cpp:
        (WebCore::SVGTextPathElement::createElementRenderer):
        * svg/SVGTextPathElement.h:
        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::createElementRenderer):
        * svg/SVGUseElement.h:

2015-04-22  Brent Fulgham  <bfulgham@apple.com>

        VisibleSelection should only accept Range by reference
        https://bugs.webkit.org/show_bug.cgi?id=144047

        Reviewed by Tim Horton.

        Update VisibleSelection to expect a Range reference argument, rather than a
        Range*. Also update all uses of VisibleSelection to pass a reference instead
        of a pointer.

        No change in behavior, so new tests.

        * editing/Editor.cpp:
        (WebCore::Editor::selectionForCommand):
        (WebCore::Editor::advanceToNextMisspelling):
        (WebCore::Editor::markMisspellingsAfterTypingToWord):
        (WebCore::Editor::markAndReplaceFor):
        (WebCore::Editor::transpose):
        (WebCore::Editor::findString):
        (WebCore::Editor::rangeOfString):
        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::setSelectedRange):
        * editing/SpellingCorrectionCommand.cpp:
        (WebCore::SpellingCorrectionCommand::SpellingCorrectionCommand):
        * editing/VisibleSelection.cpp:
        (WebCore::VisibleSelection::VisibleSelection):
        * editing/VisibleSelection.h:
        * editing/mac/EditorMac.mm:
        (WebCore::Editor::replaceNodeFromPasteboard):
        * page/DragController.cpp:
        (WebCore::selectElement):
        * page/TextIndicator.cpp:
        (WebCore::TextIndicator::createWithRange):
        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::selectClosestWordFromHitTestResultBasedOnLookup):
        * rendering/SelectionSubtreeRoot.cpp:
        (WebCore::SelectionSubtreeRoot::adjustForVisibleSelection):

2015-04-22  Roger Fong  <roger_fong@apple.com>

        Audio controls should render with a black background.
        https://bugs.webkit.org/show_bug.cgi?id=144074.
        <rdar://problem/20596939>

        Reviewed by Darin Adler.

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-panel-background-container):
        (audio::-webkit-media-controls-panel .volume-box):

2015-04-22  Roger Fong  <roger_fong@apple.com>

        Inline media control icons scale down when video is too small.
        https://bugs.webkit.org/show_bug.cgi?id=144073.
        <rdar://problem/20659451>

        Reviewed by Darin Adler.

        Just make sure the buttons use min-width.
        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-rewind-button):
        (audio::-webkit-media-controls-play-button):
        (audio::-webkit-media-controls-panel .mute-box):
        (video::-webkit-media-controls-volume-max-button):
        (audio::-webkit-media-controls-wireless-playback-picker-button):
        (audio::-webkit-media-controls-toggle-closed-captions-button):
        (audio::-webkit-media-controls-fullscreen-button):

2015-04-22  Jer Noble  <jer.noble@apple.com>

        Add new optimized fullscreen delegate methods
        https://bugs.webkit.org/show_bug.cgi?id=144071

        Reviewed by Eric Carlson.

        AVPlayerViewController requires three new delegate methods to be implemented by WebKit which
        notify the delegates exactly when the owning view will enter and leave fullscreen mode. One
        of the delegate methods (-enterOptimizedFullScreenModeRedirectingVideoToLayer:) gives the
        delegate an opportunity to move the video sublayer into a new CALayer. The matching delegate
        (-leaveOptimizedFullScreenMode), allows us to return our sublayer back to its original parent.
        The third delegate (-isOptimizedFullscreenPossible) is required so the AVPlayerViewController
        knows whether to allow a standard -> optimized fullscreen transition.

        Drive-by fix: initialize ivars at declaration time.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebAVPlayerController isOptimizedFullscreenPossible]):
        (-[WebAVVideoLayer enterOptimizedFullScreenModeRedirectingVideoToLayer:]):
        (-[WebAVVideoLayer leaveOptimizedFullScreenMode]):
        (WebVideoFullscreenInterfaceAVKit::WebVideoFullscreenInterfaceAVKit):
        (WebVideoFullscreenInterfaceAVKit::setupFullscreenInternal):
        (+[WebAVPlayerController keyPathsForValuesAffectingPlayingOnExternalScreen]): Deleted.

2015-04-22  Myles C. Maxfield  <mmaxfield@apple.com>

        [iOS] Caret does not line up with text when using the system font
        https://bugs.webkit.org/show_bug.cgi?id=144076
        <rdar://problem/20578301>

        Reviewed by Enrica Casucci.

        Determining caret locations often uses the complex text codepath, which means
        the complex text codepath must know about custom tracking.

        This regression is due to r182512.

        Note that this patch is a short-term solution until I can solve the bigger issue of
        having two CTFontRefs and using each in their proper place.

        No new tests because there is no way to robustly test the system font.

        * platform/graphics/Font.h:
        (WebCore::Font::hasCustomTracking):
        * platform/graphics/cocoa/FontCocoa.mm:
        (WebCore::canUseFastGlyphAdvanceGetter):
        (WebCore::Font::platformWidthForGlyph):
        (WebCore::hasCustomTracking): Deleted.
        * platform/graphics/mac/SimpleFontDataCoreText.cpp:
        (WebCore::Font::getCFStringAttributes):

2015-04-22  Brent Fulgham  <bfulgham@apple.com>

        Context menu doesn't account for selection semantics
        https://bugs.webkit.org/show_bug.cgi?id=143958
        <rdar://problem/19735706>

        Reviewed by Tim Horton.

        Before using the default word-only selection for context menus, check with the
        lookup service to see if we can get a semantically appropriate selection.

        * editing/EditingBehavior.h:
        (WebCore::EditingBehavior::shouldSelectBasedOnDictionaryLookup): Added, so that we can
        behavior correctly when using non-Mac editing behavior.
        * editing/mac/DictionaryLookup.mm:
        (WebCore::rangeForDictionaryLookupAtHitTestResult): Modified to honor standard WebKit
        behavior when hit testing at end-of-line/end-of-paragraph, etc.
        * page/EventHandler.cpp:
        (WebCore::EventHandler::shouldAppendTrailingWhitespace): New helper function to share code.
        (WebCore::EventHandler::selectClosestWordFromHitTestResultBasedOnLookup): Added.
        (WebCore::EventHandler::selectClosestContextualWordFromMouseEvent): Added.
        (WebCore::EventHandler::selectClosestContextualWordOrLinkFromMouseEvent): Renamed from selectClosestWordOrLinkFromMouseEvent.
        Have this call the new 'selectClosestContextualWordFromMouseEvent' instead of the vanilla 'selectClosestWordFromMouseEvent'.
        * page/EventHandler.h:
        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::selectClosestWordFromHitTestResultBasedOnLookup): Added.

2015-04-21  Brent Fulgham  <bfulgham@apple.com>

        [Mac] Extend action menus to support PDF
        https://bugs.webkit.org/show_bug.cgi?id=143895
        <rdar://problem/19003333>

        Reviewed by Tim Horton.

        Tested by TestWebKitAPI ActionMenus.mm.

        Add a new dictionary lookup method to support PDF Selections. This code replicates the
        DOM Range-based logic used for HTML documents, but does so using the PDFKit API and
        its support types.

        * Configurations/Base.xcconfig: Add PDFKit include path for build.
        * editing/mac/DictionaryLookup.h:
        * editing/mac/DictionaryLookup.mm:
        (WebCore::expandSelectionByCharacters): Helper function for PDF support.
        (WebCore::dictionaryLookupForPDFSelection): Added.

2015-04-22  Zalan Bujtas  <zalan@apple.com>

        Move render ruby initialization logic from RenderElement::createFor() to *::createElementRenderer()
        https://bugs.webkit.org/show_bug.cgi?id=144058

        Reviewed by Darin Adler.

        No change in functionality.

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLTagNames.in:
        * html/RubyElement.cpp: Added.
        (WebCore::RubyElement::RubyElement):
        (WebCore::RubyElement::create):
        (WebCore::RubyElement::createElementRenderer):
        * html/RubyElement.h: Added.
        * html/RubyTextElement.cpp: Added.
        (WebCore::RubyTextElement::RubyTextElement):
        (WebCore::RubyTextElement::create):
        (WebCore::RubyTextElement::createElementRenderer):
        * html/RubyTextElement.h: Added.
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::createFor):

2015-04-22  Roger Fong  <roger_fong@apple.com>

        Show correct wireless play placard on iOS.
        <rdar://problem/20656596>

        Copy wireless player placard code from r182631 to iOS.
        * Modules/mediacontrols/mediaControlsiOS.css:
        (audio::-webkit-media-controls-wireless-playback-status):
        (audio::-webkit-media-controls-wireless-playback-text):
        (audio::-webkit-media-controls-wireless-playback-text-top):
        (audio::-webkit-media-controls-wireless-playback-text-bottom):
        (audio::-webkit-media-controls-wireless-playback-status.small):
        (audio::-webkit-media-controls-wireless-playback-text-top.small):
        (audio::-webkit-media-controls-wireless-playback-text-bottom.small):
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.createControls):
        (ControllerIOS.prototype.configureInlineControls):

2015-04-22  Roger Fong  <roger_fong@apple.com>

        Rollout part of r182263 that broke inline media controls on iOS.
        <rdar://problem/20654260>

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.handlePanelTransitionEnd):
        (Controller.prototype.setPlaying):
        (Controller.prototype.showControls):
        (Controller.prototype.hideControls):

2015-04-22  Eric Carlson  <eric.carlson@apple.com>

        Unreviewed post-review clean up after r183096.

        * Modules/mediasession/WebMediaSessionManagerClient.h:
        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.h:

2015-04-22  Nan Wang  <nanwang1101@yahoo.com>

        AX: WebKit does not expose text fields inside tree views.
        https://bugs.webkit.org/show_bug.cgi?id=142196

        Reviewed by Chris Fleizach.

        The problem is that any object in a tree which is not a static text 
        or treeitem will be ignored. Fixed it by exposing the children of treeitem.

        Test: accessibility/treeitem-child-exposed.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::isAllowedChildOfTree):

2015-04-22  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] Implement ReadableStreamController
        https://bugs.webkit.org/show_bug.cgi?id=143608

        Reviewed by Benjamin Poulain.

        Introducing ReadableStreamController, an abstraction to manage JS source stream queues.
        This new interface is not exposed to JS scripts as specified, using NoInterfaceObject.

        A controller is created at the time a ReadableJSStream is started and it is owned by it.
        The controller may outlive the stream but as its reference will be reset, the calls to
        its methods would result in exceptions.

        The constructor is not implemented yet.

        Change covered by existing tests and rebased expectations.

        * CMakeLists.txt:
        * DerivedSources.cpp:
        * DerivedSources.make: Added ReadableStreamController.idl related files.
        * Modules/streams/ReadableStreamController.h: Added.
        * Modules/streams/ReadableStreamController.idl: Added.
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSBindingsAllInOne.cpp: Added ReadableStreamController.idl related files.
        * bindings/js/JSReadableStreamControllerCustom.cpp: Added.
        * bindings/js/ReadableStreamJSSource.cpp:
        * bindings/js/ReadableStreamJSSource.h: Removed custom controller implementation.

2015-04-22  Manuel Rego Casasnovas  <rego@igalia.com>

        Rename hasOverride{Height,Width}() to hasOverrideLogicalContent{Height,Width}()
        https://bugs.webkit.org/show_bug.cgi?id=143984

        Reviewed by Darin Adler.

        This patch is renaming these LayoutBox methods, because of their names
        don't match with the getters and setters, which is confusing. Specially
        now that we also have hasOverrideContainingBlockLogical{Height,Width}().

        No new tests (this is just a refactoring).

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::fitBorderToLinesIfNeeded):
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlockFlow::updateRubyForJustifiedText):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::hasOverrideLogicalContentHeight):
        (WebCore::RenderBox::hasOverrideLogicalContentWidth):
        (WebCore::RenderBox::overrideLogicalContentWidth):
        (WebCore::RenderBox::overrideLogicalContentHeight):
        (WebCore::RenderBox::perpendicularContainingBlockLogicalHeight):
        (WebCore::RenderBox::computeLogicalWidthInRegion):
        (WebCore::RenderBox::computeLogicalHeight):
        (WebCore::RenderBox::computePercentageLogicalHeight):
        (WebCore::RenderBox::availableLogicalHeightUsing):
        * rendering/RenderBox.h:
        * rendering/RenderDeprecatedFlexibleBox.cpp:
        (WebCore::contentWidthForChild):
        (WebCore::contentHeightForChild):
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::preferredMainAxisContentExtentForChild):
        * rendering/RenderRubyBase.cpp:
        (WebCore::RenderRubyBase::adjustInlineDirectionLineBounds):
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::calcRowLogicalHeight):

2015-04-21  Jer Noble  <jer.noble@apple.com>

        [Mac][MediaSource] Crash when SourceBuffer::provideMediaData() is called re-entrantly.
        https://bugs.webkit.org/show_bug.cgi?id=144023

        Reviewed by Eric Carlson.

        Fixes non-deterministic crash in media/media-source/media-source-stalled-holds-sleep-assertion.html.

        Platform changes have introduced a re-entrancy to provideMediaData().  Calling
        SourceBufferPrivate::enqueueSample() can result in a re-entrant call back into
        SourceBuffer::provideMediaData(). To protect against this, wrap the client call
        from SourceBufferPrivateAVFObjC::didBecomeReadyForMoreSamples() to
        SourceBuffer::sourceBufferPrivateDidBecomeReadyForMoreSamples() in a dispatch_async() to the
        main thread. This gives the original provideMediaData() a chance to finish before the next
        one begins.

        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::didBecomeReadyForMoreSamples):

2015-04-21  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Use one playback target for all web processes
        https://bugs.webkit.org/show_bug.cgi?id=144009

        Reviewed by Tim Horton.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.updateWirelessPlaybackStatus): Drive-by fix to show controls when
            we show the placeholder image.

        Instead of having each Page/Document pair manage access to the playback target for the videos
        in a web process, put all of the logic into a new class - WebMediaSessionManager. A singleton
        instance talks to the target picker and manages video element access for all web processes.
        All playback target logic was removed from Document, Page, and MediaSessionManager.

        * Modules/mediasession: Added.
        * Modules/mediasession/WebMediaSessionManager.cpp: Added.
        (WebCore::ClientState::ClientState):
        (WebCore::flagsAreSet):
        (WebCore::WebMediaSessionManager::WebMediaSessionManager):
        (WebCore::WebMediaSessionManager::~WebMediaSessionManager):
        (WebCore::WebMediaSessionManager::addPlaybackTargetPickerClient):
        (WebCore::WebMediaSessionManager::removePlaybackTargetPickerClient):
        (WebCore::WebMediaSessionManager::removeAllPlaybackTargetPickerClients):
        (WebCore::WebMediaSessionManager::showPlaybackTargetPicker):
        (WebCore::WebMediaSessionManager::clientStateDidChange):
        (WebCore::WebMediaSessionManager::setPlaybackTarget):
        (WebCore::WebMediaSessionManager::externalOutputDeviceAvailableDidChange):
        (WebCore::WebMediaSessionManager::configurePlaybackTargetMonitoring):
        (WebCore::WebMediaSessionManager::taskTimerFired):
        (WebCore::WebMediaSessionManager::find):
        (WebCore::WebMediaSessionManager::forEachClient):
        * Modules/mediasession/WebMediaSessionManager.h: Added.
        * Modules/mediasession/WebMediaSessionManagerClient.h: Added.
        (WebCore::WebMediaSessionManagerClient::~WebMediaSessionManagerClient):
        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::mediaState): Replaces isPlayingAudio.
        (WebCore::AudioContext::isPlayingAudio): Deleted.
        * Modules/webaudio/AudioContext.h:
        * WebCore.xcodeproj/project.pbxproj: Added new files.
        * dom/Document.cpp:
        (WebCore::Document::Document):
        (WebCore::Document::addAudioProducer): Take a MediaProducer instead of an AudioProducer.
        (WebCore::Document::removeAudioProducer):
        (WebCore::Document::updateIsPlayingMedia):
        (WebCore::nextPlaybackTargetClientContextId):
        (WebCore::Document::addPlaybackTargetPickerClient):
        (WebCore::Document::removePlaybackTargetPickerClient):
        (WebCore::Document::showPlaybackTargetPicker):
        (WebCore::Document::playbackTargetPickerClientStateDidChange):
        (WebCore::Document::playbackTargetAvailabilityDidChange):
        (WebCore::Document::setPlaybackTarget):
        (WebCore::Document::setShouldPlayToPlaybackTarget):
        (WebCore::Document::configurePlaybackTargetMonitoring): Deleted.
        (WebCore::Document::requiresPlaybackTargetRouteMonitoring): Deleted.
        (WebCore::Document::didChoosePlaybackTarget): Deleted.
        * dom/Document.h:
        (WebCore::Document::mediaState):
        (WebCore::Document::isPlayingAudio): Deleted.
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::~HTMLMediaElement):
        (WebCore::HTMLMediaElement::registerWithDocument):
        (WebCore::HTMLMediaElement::setMuted): 
        (WebCore::HTMLMediaElement::parseAttribute):
        * html/HTMLMediaElement.h:
        * html/HTMLMediaSession.cpp:
        (WebCore::HTMLMediaSession::registerWithDocument):
        (WebCore::HTMLMediaSession::unregisterWithDocument):
        (WebCore::HTMLMediaSession::showPlaybackTargetPicker):
        (WebCore::HTMLMediaSession::setHasPlaybackTargetAvailabilityListeners):
        (WebCore::HTMLMediaSession::setPlaybackTarget):
        (WebCore::HTMLMediaSession::externalOutputDeviceAvailableDidChange):
        (WebCore::HTMLMediaSession::setShouldPlayToPlaybackTarget):
        (WebCore::HTMLMediaSession::mediaStateDidChange):
        (WebCore::HTMLMediaSession::didChoosePlaybackTarget): Deleted.
        (WebCore::HTMLMediaSession::requiresPlaybackTargetRouteMonitoring): Deleted.
        (WebCore::HTMLMediaSession::startPlayingToPlaybackTarget): Deleted.
        (WebCore::HTMLMediaSession::stopPlayingToPlaybackTarget): Deleted.
        * html/HTMLMediaSession.h:
        * page/AudioProducer.h: Removed.
        * page/ChromeClient.h:
        * page/MediaProducer.h: Copied from Source/WebCore/page/AudioProducer.h.
        (WebCore::MediaProducer::~MediaProducer):
        (WebCore::AudioProducer::~AudioProducer): Deleted.
        * page/Page.cpp:
        (WebCore::Page::Page):
        (WebCore::Page::updateIsPlayingMedia):
        (WebCore::Page::addPlaybackTargetPickerClient):
        (WebCore::Page::removePlaybackTargetPickerClient):
        (WebCore::Page::showPlaybackTargetPicker):
        (WebCore::Page::playbackTargetPickerClientStateDidChange):
        (WebCore::Page::setPlaybackTarget):
        (WebCore::Page::playbackTargetAvailabilityDidChange):
        (WebCore::Page::setShouldPlayToPlaybackTarget):
        (WebCore::Page::playbackTarget): Deleted.
        (WebCore::Page::didChoosePlaybackTarget): Deleted.
        (WebCore::Page::configurePlaybackTargetMonitoring): Deleted.
        * page/Page.h:
        (WebCore::Page::mediaState):
        (WebCore::Page::isPlayingAudio): Deleted.
        (WebCore::Page::hasWirelessPlaybackTarget): Deleted.
        * platform/audio/MediaSession.h:
        (WebCore::MediaSession::isPlayingToWirelessPlaybackTarget):
        (WebCore::MediaSession::requiresPlaybackTargetRouteMonitoring):
        (WebCore::MediaSessionClient::setShouldPlayToPlaybackTarget):
        (WebCore::MediaSession::startPlayingToPlaybackTarget): Deleted.
        (WebCore::MediaSession::stopPlayingToPlaybackTarget): Deleted.
        (WebCore::MediaSessionClient::startPlayingToPlaybackTarget): Deleted.
        (WebCore::MediaSessionClient::stopPlayingToPlaybackTarget): Deleted.
        * platform/audio/MediaSessionManager.cpp:
        (WebCore::MediaSessionManager::sessionWillBeginPlayback):
        (WebCore::MediaSessionManager::sessionCanLoadMedia):
        (WebCore::MediaSessionManager::sessionShouldBeginPlayingToWirelessPlaybackTarget): Deleted.
        * platform/audio/MediaSessionManager.h:
        * platform/graphics/MediaPlaybackTargetClient.h: Copied from Source/WebCore/platform/graphics/MediaPlaybackTargetPickerClient.h.
        (WebCore::MediaPlaybackTargetClient::~MediaPlaybackTargetClient):
        (WebCore::MediaPlaybackTargetPickerClient::~MediaPlaybackTargetPickerClient): Deleted.
        * platform/graphics/MediaPlaybackTargetPicker.cpp:
        (WebCore::MediaPlaybackTargetPicker::showPlaybackTargetPicker):
        (WebCore::MediaPlaybackTargetPicker::startingMonitoringPlaybackTargets):
        (WebCore::MediaPlaybackTargetPicker::stopMonitoringPlaybackTargets):
        * platform/graphics/MediaPlaybackTargetPicker.h:
        * platform/graphics/MediaPlaybackTargetPickerClient.h: Removed.
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::setShouldPlayToPlaybackTarget):
        (WebCore::MediaPlayer::startPlayingToPlaybackTarget): Deleted.
        (WebCore::MediaPlayer::stopPlayingToPlaybackTarget): Deleted.
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::setShouldPlayToPlaybackTarget):
        (WebCore::MediaPlayerPrivateInterface::startPlayingToPlaybackTarget): Deleted.
        (WebCore::MediaPlayerPrivateInterface::stopPlayingToPlaybackTarget): Deleted.
        * platform/graphics/avfoundation/WebMediaSessionManagerMac.cpp: Added.
        (WebCore::WebMediaSessionManagerMac::singleton):
        (WebCore::WebMediaSessionManagerMac::WebMediaSessionManagerMac):
        (WebCore::WebMediaSessionManagerMac::~WebMediaSessionManagerMac):
        (WebCore::WebMediaSessionManagerMac::targetPicker):
        * platform/graphics/avfoundation/WebMediaSessionManagerMac.h: Added.
        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.h:
        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
        (WebCore::MediaPlaybackTargetPickerMac::currentDeviceDidChange):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setWirelessPlaybackTarget):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldPlayToPlaybackTarget):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::startPlayingToPlaybackTarget): Deleted.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::stopPlayingToPlaybackTarget): Deleted.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setShouldPlayToPlaybackTarget):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::togglePlayingToPlaybackTarget): Deleted.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::startPlayingToPlaybackTarget): Deleted.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::stopPlayingToPlaybackTarget): Deleted.
        * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::setShouldPlayToPlaybackTarget):
        (WebCore::MediaPlayerPrivateQTKit::togglePlayingToPlaybackTarget): Deleted.
        (WebCore::MediaPlayerPrivateQTKit::startPlayingToPlaybackTarget): Deleted.
        (WebCore::MediaPlayerPrivateQTKit::stopPlayingToPlaybackTarget): Deleted.
        * testing/Internals.cpp:
        (WebCore::Internals::isPagePlayingAudio):

2015-04-21  Myles C. Maxfield  <mmaxfield@apple.com>

        [iOS] When computing visible rects for tiling, stop searching at UIWindows
        https://bugs.webkit.org/show_bug.cgi?id=144022
        <rdar://problem/18327227>

        Reviewed by Simon Fraser.

        [WAKWindow _visibleRectRespectingMasksToBounds:] computes a visible rect which we use
        to determine which tiles to create. We do this by finding the frame of the _hostLayer,
        and then walking up the CALayer hierarchy converting each rect into its parent's
        coordinate system (all the while clipping to bounds if necessary). This walk up the
        layer hierarchy should stop at a layer associated with a UIWindow.

        * platform/ios/wak/WAKWindow.mm:
        (-[WAKWindow _visibleRectRespectingMasksToBounds:]):

2015-04-21  Jinwoo Song  <jinwoo7.song@samsung.com>

        [Cairo] Implement Path::addPath
        https://bugs.webkit.org/show_bug.cgi?id=130580

        Reviewed by Dirk Schulze.

        Add support for addPath method for ports using cairo.
        This patch is originally authored by Jae Hyun Park <jaepark@webkit.org>.

        Test: fast/canvas/canvas-path-addPath.html

        * platform/graphics/cairo/PathCairo.cpp:
        (WebCore::Path::addPath): Implement addPath for cairo.

2015-04-21  Tim Horton  <timothy_horton@apple.com>

        Fix the iOS build.

        * platform/spi/cg/CoreGraphicsSPI.h:

2015-04-21  Said Abou-Hallawa  <sabouhallawa@apple.com>

        SVGAnimateElementBase::calculateAnimatedValue() asserts when reinserting an SVG animating element within the same animation limits
        https://bugs.webkit.org/show_bug.cgi?id=143994

        Reviewed by Simon Fraser.

        Make sure the SVG animation variables are reset cleanly such that if the
        animation restarts it can rebuild its limit values reliably and correctly.

        Tests: svg/animations/crash-reinsert-animate-length-same-limits.svg
               svg/animations/crash-reinsert-animate-transform-same-limits.svg

        * svg/SVGAnimateElementBase.h:
        * svg/SVGAnimateElementBase.cpp:
        (WebCore::SVGAnimateElementBase::resetAnimatedPropertyType):
        Call the base class resetAnimatedPropertyType() from the derived class.

        * svg/SVGAnimationElement.h:
        * svg/SVGAnimationElement.cpp:
        (WebCore::SVGAnimationElement::resetAnimatedPropertyType):
        Make resetAnimatedPropertyType() virtual. The implementation of the base
        class of this function resets the values of the animation limits. When
        updateAnimation() is called, it will be forced to recalculate the animation
        limits by calling calculateFromAndToValues() even if the limits have not
        changed.

2015-04-21  Tim Horton  <timothy_horton@apple.com>

        Long pause under _takeViewSnapshot when screen updates are disabled
        https://bugs.webkit.org/show_bug.cgi?id=144017
        <rdar://problem/20548397>

        Reviewed by Simon Fraser.

        * platform/spi/cg/CoreGraphicsSPI.h:
        Add some SPI.

2015-04-21  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r183077.
        https://bugs.webkit.org/show_bug.cgi?id=144021

        broke a bunch of tests, bfulgham is going to try again
        (Requested by thorton on #webkit).

        Reverted changeset:

        "Context menu doesn't account for selection semantics"
        https://bugs.webkit.org/show_bug.cgi?id=143958
        http://trac.webkit.org/changeset/183077

2015-04-21  Chris Dumez  <cdumez@apple.com>

        [WK2][NetworkCache] Better account of resource revalidations in efficacy logging
        https://bugs.webkit.org/show_bug.cgi?id=144014

        Reviewed by Antti Koivisto.

        Add additional diagnostic logging key for network cache efficacy
        logging.

        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::needsRevalidationKey):
        * page/DiagnosticLoggingKeys.h:

2015-04-21  Brent Fulgham  <bfulgham@apple.com>

        Context menu doesn't account for selection semantics
        https://bugs.webkit.org/show_bug.cgi?id=143958
        <rdar://problem/19735706>

        Reviewed by Tim Horton.

        Before using the default word-only selection, check with the
        lookup service to see if we can get a semantically appropriate
        selection.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::selectClosestWordFromHitTestResultBasedOnLookup):
        (WebCore::EventHandler::selectClosestWordFromHitTestResult):
        * page/EventHandler.h:
        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::selectClosestWordFromHitTestResultBasedOnLookup):

2015-04-21  Anders Carlsson  <andersca@apple.com>

        Get rid of an unneeded function from LoaderNSURLExtras.mm
        https://bugs.webkit.org/show_bug.cgi?id=144003

        Reviewed by Chris Dumez.

        Just use Vector::contains instead of vectorContainsString.

        * loader/mac/LoaderNSURLExtras.mm:
        (suggestedFilenameWithMIMEType):
        (vectorContainsString): Deleted.

2015-04-21  Chris Dumez  <cdumez@apple.com>

        Make Vector(const Vector<T, otherCapacity, otherOverflowBehaviour>&) constructor explicit
        https://bugs.webkit.org/show_bug.cgi?id=143970

        Reviewed by Darin Adler.

        Make Vector(const Vector<T, otherCapacity, otherOverflowBehaviour>&)
        constructor explicit as it copies the vector and it is easy to call it
        by mistake.

        * Modules/indexeddb/IDBDatabaseBackend.cpp:
        (WebCore::IDBDatabaseBackend::setIndexKeys):
        (WebCore::IDBDatabaseBackend::setIndexesReady):
        * Modules/indexeddb/IDBDatabaseBackend.h:
        * Modules/indexeddb/IDBServerConnection.h:
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::minimumRegisterRequirements):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementHasClasses):
        * cssjit/StackAllocator.h:
        (WebCore::StackAllocator::push):
        (WebCore::StackAllocator::pop):
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::GridIterator::nextGridItem):
        (WebCore::RenderGrid::GridIterator::isEmptyAreaEnough):
        * rendering/style/SVGRenderStyle.cpp:
        (WebCore::SVGRenderStyle::paintTypesForPaintOrder):
        * rendering/style/SVGRenderStyle.h:
        * rendering/svg/RenderSVGShape.cpp:
        (WebCore::RenderSVGShape::fillStrokeMarkers):
        * rendering/svg/SVGInlineTextBox.cpp:
        (WebCore::SVGInlineTextBox::paint):
        * svg/SVGToOTFFontConversion.cpp:
        (WebCore::SVGToOTFFontConverter::appendLigatureGlyphs):
        (WebCore::SVGToOTFFontConverter::SVGToOTFFontConverter):

2015-04-21  Chris Dumez  <cdumez@apple.com>

        Use ASSERT_WITH_SECURITY_IMPLICATION() for NoEventDispatchAssertion
        https://bugs.webkit.org/show_bug.cgi?id=143971

        Reviewed by Darin Adler.

        Use ASSERT_WITH_SECURITY_IMPLICATION() for NoEventDispatchAssertion as
        firing JS events can cause arbitrary JS execution which often leads to
        security bugs when event firing is forbidden. For e.g. firing events
        from ActiveDOMObject::suspend() means JS can construct or destroy
        ActiveDOMObjects while we are iterating over them.

        * dom/ContainerNode.cpp:
        (WebCore::dispatchChildInsertionEvents):
        (WebCore::dispatchChildRemovalEvents):
        * dom/ContainerNodeAlgorithms.h:
        (WebCore::ChildNodeInsertionNotifier::notify):
        * dom/Document.cpp:
        (WebCore::Document::dispatchWindowEvent):
        (WebCore::Document::dispatchWindowLoadEvent):
        * dom/Element.cpp:
        (WebCore::Element::dispatchFocusInEvent):
        (WebCore::Element::dispatchFocusOutEvent):
        * dom/EventDispatcher.cpp:
        (WebCore::EventDispatcher::dispatchEvent):
        * dom/EventTarget.cpp:
        (WebCore::EventTarget::fireEventListeners):
        * dom/Node.cpp:
        (WebCore::Node::dispatchSubtreeModifiedEvent):
        (WebCore::Node::dispatchDOMActivateEvent):
        * dom/ScriptExecutionContext.cpp:
        (WebCore::ScriptExecutionContext::canSuspendActiveDOMObjectsForPageCache):
        (WebCore::ScriptExecutionContext::suspendActiveDOMObjects):
        (WebCore::ScriptExecutionContext::resumeActiveDOMObjects):
        (WebCore::ScriptExecutionContext::stopActiveDOMObjects):
        (WebCore::ScriptExecutionContext::willDestroyActiveDOMObject):
        * dom/WebKitNamedFlow.cpp:
        (WebCore::WebKitNamedFlow::dispatchRegionOversetChangeEvent):

2015-04-21  Darin Adler  <darin@apple.com>

        Remove some stray uses of OwnPtr and PassOwnPtr in WTF (outside of the template definitions and traits)
        https://bugs.webkit.org/show_bug.cgi?id=143944

        Reviewed by Andreas Kling.

        * editing/ios/DictationCommandIOS.h: Added now-needed include of PassOwnPtr.h.

2015-04-20  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r177494): -webkit-mask-image: with data URI fails on non-local files
        https://bugs.webkit.org/show_bug.cgi?id=141857

        Reviewed by Dirk Schulze.
        
        r177494 regressed loading of data URIs in masks with remote content, triggering
        a cross-domain error which occurs because the mask loading happened via a separate
        SVGDocument.
        
        Fix by checking for data URIs at parsing time, which is what we used to do.

        Test: http/tests/css/data-uri-mask.html

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseMaskImage):
        * svg/SVGURIReference.h:
        (WebCore::SVGURIReference::isExternalURIReference):

2015-04-20  Chris Dumez  <cdumez@apple.com>

        Crash when showing Web Inspector on page with 'multipart/x-mixed-replace' main resource
        https://bugs.webkit.org/show_bug.cgi?id=143979
        <rdar://problem/20594948>

        Reviewed by Timothy Hatcher.

        InspectorDOMAgent::m_document was updated only once per load, from
        FrameLoader::dispatchDidCommitLoad(). However, dispatchDidCommitLoad()
        is not called for follow-up multipart replacing loads. You can see this
        from the following check in DocumentLoader::commitData():
            if (!isMultipartReplacingLoad())
                frameLoader()->receivedFirstData();

        As a result, in the case of a 'multipart/x-mixed-replace' main resource
        InspectorDOMAgent::m_document would quickly get outdated as we create
        a new Document for each replacing load. This would lead to Web Inspector
        code using a Document without frame and causing crashes.

        This patch calls InspectorInstrumentation::frameDocumentUpdated() from
        Frame::setDocument() so that InspectorDOMAgent::m_document is always up
        to date.

        No new tests, not easily testable as the main resource needs to be
        'multipart/x-mixed-replace'.

        * dom/Document.cpp:
        (WebCore::Document::applyXSLTransform):
        Stop calling InspectorInstrumentation::frameDocumentUpdated() here as
        XSLTProcessor::createDocumentFromSource() will call Frame::setDocument()
        and frameDocumentUpdated() will be called there.

        * page/Frame.cpp:
        (WebCore::Frame::setDocument):
        Call InspectorInstrumentation::frameDocumentUpdated() to make sure
        InspectorDOMAgent::m_document gets updated.

2015-04-20  Alex Christensen  <achristensen@webkit.org>

        Overwrite existing files with moveFile.
        https://bugs.webkit.org/show_bug.cgi?id=143968

        Reviewed by Brady Eidson and Anders Carlsson.

        * platform/mac/FileSystemMac.mm:
        (-[WebFileManagerDelegate fileManager:shouldProceedAfterError:movingItemAtURL:toURL:]):
        (WebCore::moveFile):
        r182932 introduced moveFile instead of renameFile.  In order to preserve behavior, it should overwrite existing files.

2015-04-20  Joseph Pecoraro  <pecoraro@apple.com>

        Unreviewed Windows build fix after r183031.

        * platform/graphics/OpenGLShims.cpp:
        (WebCore::lookupOpenGLFunctionAddress):
        Windows needs an explicit cast converting LChar* to const char*.
        Also, add a FIXME comment for sketchy behavior.

2015-04-20  Joseph Pecoraro  <pecoraro@apple.com>

        Cleanup some StringBuilder use
        https://bugs.webkit.org/show_bug.cgi?id=143550

        Reviewed by Darin Adler.

        * Modules/plugins/YouTubePluginReplacement.cpp:
        (WebCore::YouTubePluginReplacement::youTubeURL):
        * css/CSSAnimationTriggerScrollValue.cpp:
        (WebCore::CSSAnimationTriggerScrollValue::customCSSText):
        * css/CSSCanvasValue.cpp:
        (WebCore::CSSCanvasValue::customCSSText):
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::createImageBuffer):
        * page/CaptionUserPreferencesMediaAF.cpp:
        (WebCore::CaptionUserPreferencesMediaAF::captionsWindowCSS):
        (WebCore::CaptionUserPreferencesMediaAF::windowRoundedCornerRadiusCSS):
        (WebCore::CaptionUserPreferencesMediaAF::cssPropertyWithTextEdgeColor):
        (WebCore::CaptionUserPreferencesMediaAF::colorPropertyCSS):
        (WebCore::CaptionUserPreferencesMediaAF::captionsDefaultFontCSS):
        (WebCore::CaptionUserPreferencesMediaAF::captionsStyleSheetOverride):
        * page/EventSource.cpp:
        (WebCore::EventSource::didReceiveResponse):
        * page/PageSerializer.cpp:
        (WebCore::PageSerializer::serializeCSSStyleSheet):
        * platform/graphics/OpenGLShims.cpp:
        (WebCore::lookupOpenGLFunctionAddress):
        * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
        (WebCore::InbandTextTrackPrivateAVF::processCueAttributes):
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::generateHashedName):
        * platform/text/DateTimeFormat.cpp:
        (WebCore::DateTimeFormat::quoteAndAppendLiteral):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::logLayerInfo):
        * rendering/RenderTreeAsText.cpp:
        (WebCore::writeRenderRegionList):
        * testing/MicroTaskTest.cpp:
        (WebCore::MicroTaskTest::run):
        * testing/MockContentFilterSettings.cpp:
        (WebCore::MockContentFilterSettings::unblockRequestURL):

2015-04-20  Said Abou-Hallawa  <sabouhallawa@apple.com>

        SVGFitToViewBox::viewBoxToViewTransform() has to count for zero physical width and height before calling SVGPreserveAspectRatio::getCTM()
        https://bugs.webkit.org/show_bug.cgi?id=143903

        Reviewed by Daniel Bates.

        Ensure that the SVG viewBoxToView transformation is always invertible.
        CG path drawing functions crash if the context is transformed to non-
        invertible matrix.

        Tests: svg/css/crash-path-zero-height-viewbox.svg
               svg/css/crash-path-zero-width-viewbox.svg

        * svg/SVGFitToViewBox.cpp:
        (WebCore::SVGFitToViewBox::viewBoxToViewTransform):
        Do not call SVGPreserveAspectRatio::getCTM() if the physical width or the
        physical height is zero.

        * svg/SVGPreserveAspectRatio.cpp:
        (WebCore::SVGPreserveAspectRatio::getCTM):
        Ensure that we are not dividing by zero in this function.

2015-04-20  Chris Dumez  <cdumez@apple.com>

        CSSParser::parseValue() copies the m_parsedProperties vector at addParsedProperties()
        https://bugs.webkit.org/show_bug.cgi?id=143925

        Reviewed by Simon Fraser.

        Update MutableStyleProperties::addParsedProperties() to use
        CSSParser::ParsedPropertyVector type (i.e. Vector<CSSProperty, 256>)
        instead of Vector<CSSProperty> so that the properties vector is no
        longer copied unnecessarily to convert one type to the other.

        * css/CSSParser.h:
        * css/StyleProperties.cpp:
        (WebCore::MutableStyleProperties::addParsedProperties):
        * css/StyleProperties.h:

2015-04-20  Beth Dakin  <bdakin@apple.com>

        Should remove mouseForceClick and mouseForceCancelled from DOM force events
        https://bugs.webkit.org/show_bug.cgi?id=143904
        -and corresponding-
        rdar://problem/20578842

        Reviewed by Dan Bernstein.

        After more thought and discussion, we decided to remove mouseForceClick and 
        mouseForceCancelled from DOM force events. mouseForceClick is confusing and 
        redundant. mouseForceCancelled is confusing as it is currently implemented, and 
        all of its functionality can be filled by exisiting events such as mouseup, 
        mouseout, etc.

        * dom/Document.cpp:
        (WebCore::Document::addListenerTypeIfNeeded):
        * dom/Document.h:
        * dom/Document.idl:
        * dom/Element.cpp:
        (WebCore::Element::dispatchMouseForceWillBegin):
        (WebCore::Element::dispatchMouseForceClick): Deleted.
        (WebCore::Element::dispatchMouseForceCancelled): Deleted.
        * dom/Element.h:
        * dom/Element.idl:
        * dom/EventNames.h:
        * html/HTMLAttributeNames.in:
        * html/HTMLBodyElement.cpp:
        (WebCore::HTMLBodyElement::createWindowEventHandlerNameMap):
        * html/HTMLBodyElement.idl:
        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::createEventHandlerNameMap):
        * page/DOMWindow.idl:

2015-04-20  Simon Fraser  <simon.fraser@apple.com>

        Setting inline style to the same value it already has triggers a style recalc
        https://bugs.webkit.org/show_bug.cgi?id=143922

        Reviewed by Antti Koivisto.

        MutableStyleProperties::setProperty() was taking the result of CSSParser::parseValue()
        to mean "parsing changed the style", but it actually just means "parsing succeeded".
        Add a new out param, piped through various parser functions, to indicate whether
        parsing actually changed style, and instead return that from setProperty().

        Add internals.startTrackingStyleRecalcs() and internals.styleRecalcCount() so
        we can write tests for style recalc.

        Test: fast/css/set-inline-style-recalc.html

        * WebCore.xcodeproj/project.pbxproj: Let Xcode have it's way.
        * css/CSSParser.cpp:
        (WebCore::parseColorValue):
        (WebCore::parseSimpleLengthValue):
        (WebCore::parseKeywordValue):
        (WebCore::parseTranslateTransformValue):
        (WebCore::CSSParser::parseFontFaceValue):
        (WebCore::CSSParser::parseValue):
        * css/CSSParser.h:
        * css/CSSProperty.h:
        (WebCore::StylePropertyMetadata::operator==):
        (WebCore::CSSProperty::operator==):
        * css/DOMWindowCSS.cpp:
        (WebCore::DOMWindowCSS::supports):
        * css/StyleProperties.cpp:
        (WebCore::MutableStyleProperties::setProperty):
        (WebCore::MutableStyleProperties::appendPrefixingVariantProperty):
        (WebCore::MutableStyleProperties::addParsedProperties):
        (WebCore::MutableStyleProperties::addParsedProperty):
        * css/StyleProperties.h:
        * css/WebKitCSSMatrix.cpp:
        (WebCore::WebKitCSSMatrix::setMatrixValue):
        * dom/Document.cpp:
        (WebCore::Document::recalcStyle):
        (WebCore::Document::startTrackingStyleRecalcs):
        (WebCore::Document::styleRecalcCount):
        * dom/Document.h:
        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::setFont):
        * testing/Internals.cpp:
        (WebCore::Internals::startTrackingStyleRecalcs):
        (WebCore::Internals::styleRecalcCount):
        * testing/Internals.h:
        * testing/Internals.idl:

2015-04-20  Brady Eidson  <beidson@apple.com>

        Crash in StyleResolver::invalidateMatchedPropertiesCache() when using content extensions.
        <rdar://problem/20554405> and https://bugs.webkit.org/show_bug.cgi?id=143892

        Reviewed by Chris Dumez.

        Test: http/tests/contentextensions/style-resolver-changed-reentrancy.html

        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::processContentExtensionRulesForLoad):

        * dom/DocumentStyleSheetCollection.cpp:
        (WebCore::DocumentStyleSheetCollection::DocumentStyleSheetCollection):
        (WebCore::DocumentStyleSheetCollection::addContentExtensionUserSheet): Call styleResolverChanged on a delay.
        (WebCore::DocumentStyleSheetCollection::maybeAddContentExtensionSheet): Ditto.
        (WebCore::DocumentStyleSheetCollection::styleResolverChangedTimerFired):
        * dom/DocumentStyleSheetCollection.h:

2015-04-20  Per Arne Vollan  <peavo@outlook.com>

        Favicons are not always loaded.
        https://bugs.webkit.org/show_bug.cgi?id=143880

        Reviewed by Darin Adler.

        If the favicon link element(s) in the document does not have a mime type,
        the favicon is loaded from the domain root (/favicon.ico). If no favicon
        exists at this location, the favicon loading will fail. This can be solved
        by not demanding that the link element has a mime type.

        Test: fast/dom/icon-url-without-mimetype.html

        * loader/icon/IconController.cpp:
        (WebCore::iconFromLinkElements): Return the chosen icon URL instead of a vector of URLs.
        (WebCore::IconController::url):
        (WebCore::iconsFromLinkElements): Deleted.

2015-04-20  Martin Robinson  <mrobinson@igalia.com>

        [CMake] Include ICU unconditionally on the source lists
        https://bugs.webkit.org/show_bug.cgi?id=143900

        Reviewed by Darin Adler.

        No new tests. This is just a build file change.

        * CMakeLists.txt: Integrate ICU source files, includes, and libraries into the main
        sections. They are shared by all platforms.
        * PlatformGTK.cmake: Eliminate build rules that are duplicated from the main CMakeLists.txt.

2015-04-20  Chris Fleizach  <cfleizach@apple.com>

        AX: iOS: Text input field ignores value of read-only and aria-readonly attributes
        https://bugs.webkit.org/show_bug.cgi?id=143946

        Reviewed by Mario Sanchez Prada.

        Expose an existing method for determining whether the value can be set to the iOS accessibility platform.

        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper accessibilityCanSetValue]):

2015-04-20  Andreas Kling  <akling@apple.com>

        Merge TreeShared into Node.
        <https://webkit.org/b/143942>

        Reviewed by Darin Adler.

        Node was the only remaining user of TreeShared, so just fold the class into Node.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/Node.cpp:
        (WebCore::Node::Node):
        (WebCore::Node::~Node):
        * dom/Node.h:
        (WebCore::Node::ref):
        (WebCore::Node::deref):
        (WebCore::Node::hasOneRef):
        (WebCore::Node::refCount):
        (WebCore::adopted):
        (WebCore::Node::hasTreeSharedParent): Deleted.
        * platform/TreeShared.h: Removed.

2015-04-19  Benjamin Poulain  <benjamin@webkit.org>

        Improve the feature.json files

        * features.json:

2015-04-18  Jon Lee  <jonlee@apple.com>

        [Mac] Time elapsed should be right-aligned
        https://bugs.webkit.org/show_bug.cgi?id=143927

        Reviewed by Eric Carlson.

        Current time is left-aligned, which is visually jarring when going from < 1 hour to > 1 hour.

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-current-time-display): Set justify-content to flex-end.
        (audio::-webkit-media-controls-time-remaining-display): Explicitly set justify-content to flex-start.

2015-04-18  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r181656): Animated tiled layers are missing content
        https://bugs.webkit.org/show_bug.cgi?id=143911
        rdar://problem/20596328

        Reviewed by Darin Adler.

        After r181656, all requestAnimationFrame was falling back to timers, and not
        using the platform's DisplayRefreshMonitor, because of a Nullopt vs nullptr
        fumble. As a result, GraphicsLayerUpdater (which updates tiled layers during
        animations) was failing to do any updates.
        
        Replace this confusing Optional<> code with simpler code that just forces the
        clients to make a DisplayRefreshMonitor if they can, first asking
        ChromeClient, and then falling back to createDefaultDisplayRefreshMonitor().
        
        Make lots of things into references, and use C++11 initialization in some places.
        
        Add Internals API to allow a test to get the number of layer flushes that have
        occurred.
        
        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::ScriptedAnimationController):
        (WebCore::ScriptedAnimationController::windowScreenDidChange):
        (WebCore::ScriptedAnimationController::scheduleAnimation):
        (WebCore::ScriptedAnimationController::createDisplayRefreshMonitor):
        * dom/ScriptedAnimationController.h:
        * page/ChromeClient.h:
        * platform/graphics/DisplayRefreshMonitor.cpp:
        (WebCore::DisplayRefreshMonitor::createDefaultDisplayRefreshMonitor):
        (WebCore::DisplayRefreshMonitor::create):
        (WebCore::DisplayRefreshMonitor::addClient):
        (WebCore::DisplayRefreshMonitor::removeClient):
        (WebCore::DisplayRefreshMonitor::displayDidRefresh):
        * platform/graphics/DisplayRefreshMonitor.h:
        * platform/graphics/DisplayRefreshMonitorClient.cpp:
        (WebCore::DisplayRefreshMonitorClient::~DisplayRefreshMonitorClient):
        * platform/graphics/DisplayRefreshMonitorClient.h:
        * platform/graphics/DisplayRefreshMonitorManager.cpp:
        (WebCore::DisplayRefreshMonitorManager::createMonitorForClient):
        (WebCore::DisplayRefreshMonitorManager::registerClient):
        (WebCore::DisplayRefreshMonitorManager::unregisterClient):
        (WebCore::DisplayRefreshMonitorManager::scheduleAnimation):
        (WebCore::DisplayRefreshMonitorManager::displayDidRefresh):
        (WebCore::DisplayRefreshMonitorManager::windowScreenDidChange):
        * platform/graphics/DisplayRefreshMonitorManager.h:
        * platform/graphics/GraphicsLayerUpdater.cpp:
        (WebCore::GraphicsLayerUpdater::GraphicsLayerUpdater):
        (WebCore::GraphicsLayerUpdater::scheduleUpdate):
        (WebCore::GraphicsLayerUpdater::screenDidChange):
        (WebCore::GraphicsLayerUpdater::displayRefreshFired):
        (WebCore::GraphicsLayerUpdater::createDisplayRefreshMonitor):
        * platform/graphics/GraphicsLayerUpdater.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::RenderLayerCompositor):
        (WebCore::RenderLayerCompositor::flushPendingLayerChanges):
        (WebCore::RenderLayerCompositor::notifyFlushBeforeDisplayRefresh):
        (WebCore::RenderLayerCompositor::flushLayersSoon):
        (WebCore::RenderLayerCompositor::createDisplayRefreshMonitor):
        (WebCore::RenderLayerCompositor::startTrackingLayerFlushes):
        (WebCore::RenderLayerCompositor::layerFlushCount):
        * rendering/RenderLayerCompositor.h:
        * testing/Internals.cpp:
        (WebCore::Internals::startTrackingLayerFlushes):
        (WebCore::Internals::layerFlushCount):
        * testing/Internals.h:
        * testing/Internals.idl:

2015-04-17  Bem Jones-Bey  <bjonesbe@adobe.com>

        Large values for line-height cause integer overflow in RenderStyle::computedLineHeight
        https://bugs.webkit.org/show_bug.cgi?id=143863

        Reviewed by Rob Buis.

        When we compute huge values for line-height through percentage or CSS
        calc, we'll overflow the integer and later on
        ShapeOutsideInfo::computeDeltasForContainingBlockLine will ASSERT
        because it expects non-negative line height.  So for the computed
        line-height, clamp to an integer range to avoid overflow. Note that
        the code path for percentages here is safe because LayoutUnit clamps
        to an int on conversion.

        This is based on a Blink patch by Rob Buis.

        Test: fast/shapes/shape-outside-floats/shape-outside-negative-line-height-crash.html

        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::computedLineHeight): Clamp line-height to an
            int to avoid overflow.

2015-04-17  Beth Dakin  <bdakin@apple.com>

        Force mouse events should go through normal mouse event handling code paths
        https://bugs.webkit.org/show_bug.cgi?id=143749
        -and corresponding-
        rdar://problem/20472895

        Reviewed by Dean Jackson.

        This patch moves all of the code to dispatch mouseforcedown, mouseforceup, and 
        mouseforcechanged into normal mouse event dispatching code. This patch leaves 
        behind the cancel and click events because we plan to remove those, and it also 
        leaves mouseforcewillbegin because that is necessarily a very different event more 
        tied to the NSImmediateActionGestureRecognizer than these other events which are 
        tied to NSResponder’s pressureChangeWithEvent.

        New helper functions.
        * dom/Document.cpp:
        (WebCore::Document::hasListenerTypeForEventType):
        * dom/Document.h:
        * dom/Element.cpp:
        (WebCore::isForceEvent):

        Move the code to ensure the force events have listeners in order to fire to 
        dispatchMouseEvent, and delete the old implementations.
        (WebCore::Element::dispatchMouseEvent):
        (WebCore::Element::dispatchMouseForceChanged): Deleted.
        (WebCore::Element::dispatchMouseForceDown): Deleted.
        (WebCore::Element::dispatchMouseForceUp): Deleted.
        * dom/Element.h:

        Perform a hit test and pipe the events through dispatchMouseEvent(). 
        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleMouseForceEvent):
        * page/EventHandler.h:

        New types for the new events.
        * platform/PlatformEvent.h:

        Forward to EventHandler. 
        * replay/UserInputBridge.cpp:
        (WebCore::UserInputBridge::handleMouseForceEvent):
        * replay/UserInputBridge.h:

2015-04-17  Zalan Bujtas  <zalan@apple.com>

        RenderTableCell::computeCollapsed*Border() should check if the cell is still attached to the render tree.
        https://bugs.webkit.org/show_bug.cgi?id=143887
        rdar://problem/20568989

        Reviewed by Simon Fraser.

        Detached table cell has no access to its parent table. This is a speculative fix to
        avoid dereferencing the invalid table pointer.

        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::computeCollapsedStartBorder):
        (WebCore::RenderTableCell::computeCollapsedEndBorder):
        (WebCore::RenderTableCell::computeCollapsedBeforeBorder):
        (WebCore::RenderTableCell::computeCollapsedAfterBorder):

2015-04-16  Roger Fong  <roger_fong@apple.com>

        Update fullscreen button visibility on fullscreen change.
        https://bugs.webkit.org/show_bug.cgi?id=143861.
        <rdar://problem/20143218>

        Reviewed by Eric Carlson.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller): There is no need for hasVisualMedia to be a class variable.
        (Controller.prototype.handleReadyStateChange):
        (Controller.prototype.handleFullscreenChange):
        (Controller.prototype.updateFullscreenButtons):

2015-04-17  Daniel Bates  <dabates@apple.com>

        REGRESSION: SVG does not support link dragging
        https://bugs.webkit.org/show_bug.cgi?id=141597

        Reviewed by Darin Adler.

        Fixes an issue where a SVG hyperlink cannot be dragged. We should support
        dragging an SVG A element just as we support dragging an HTML A element.

        Test: fast/events/drag-and-drop-link.html

        * page/DragController.cpp: Removed explicit include of header Element.h as it will
        be ultimately included by HTMLAnchorElement.h, among other headers.
        (WebCore::isDraggableLink): Added. Extracted code from HitTestResult::isLiveLink().
        (WebCore::DragController::draggableElement): Call WebCore::isDraggableLink() to
        determine whether a element is a hyperlink that can be dragged.
        * page/DragController.h:
        * page/EventHandler.cpp:
        (WebCore::EventHandler::selectClosestWordOrLinkFromMouseEvent): Write code in terms of
         WebCore::isDraggableLink().
        * rendering/HitTestResult.cpp:
        (WebCore::HitTestResult::isLiveLink): Deleted.
        * rendering/HitTestResult.h:

2015-04-17  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r182912 and r182920.
        https://bugs.webkit.org/show_bug.cgi?id=143881

        Build breakage in some configurations (Requested by ap on
        #webkit).

        Reverted changesets:

        "Force mouse events should go through normal mouse event
        handling code paths"
        https://bugs.webkit.org/show_bug.cgi?id=143749
        http://trac.webkit.org/changeset/182912

        http://trac.webkit.org/changeset/182920

2015-04-17  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Fix review comments for https://bugs.webkit.org/show_bug.cgi?id=143590
        following http://trac.webkit.org/changeset/182876.

        Reviewed by Daniel Bates.

        * ChangeLog:
        Fixed typo.
        
        * style/StyleFontSizeFunctions.cpp:
        (WebCore::Style::computedFontSizeFromSpecifiedSize):
        Fixed a typo in an enum definition and changed the name of an argument.

2015-04-17  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] Silent WebAudio buffers support
        https://bugs.webkit.org/show_bug.cgi?id=143869

        Reviewed by Carlos Garcia Campos.

        * platform/audio/gstreamer/WebKitWebAudioSourceGStreamer.cpp:
        (webKitWebAudioSrcLoop): Set gap flag on silent buffers. The audio
        sink can then drop them and avoid un-necessary buffer processing.

2015-04-17  Carlos Garcia Campos  <cgarcia@igalia.com>

        [SOUP] Redirect to non HTTP destination is broken
        https://bugs.webkit.org/show_bug.cgi?id=143866

        Reviewed by Sergio Villar Senin.

        This is because we are passing true unconditionally as
        isHTTPFamilyRequest parameter of
        createSoupRequestAndMessageForHandle in continueAfterWillSendRequest.
        We don't actually need to pass isHTTPFamilyRequest parameter to
        createSoupRequestAndMessageForHandle, since it can simply check
        that from the given request.

        Covered by unit tets and also cache/disk-cache/disk-cache-redirect-to-data.html.

        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::continueAfterWillSendRequest):
        (WebCore::createSoupRequestAndMessageForHandle):
        (WebCore::ResourceHandle::start):

2015-04-16  Alex Christensen  <achristensen@webkit.org>

        Use less memory when compiling content extensions
        https://bugs.webkit.org/show_bug.cgi?id=143857

        Reviewed by Benjamin Poulain.

        When compiling a content extension, we convert the rule list into several intermediate forms:

        1) A String.
        2) A JSValue from JSONParse in loadEncodedRules.
        3) A Vector of ContentExtensionRules.
        4) A CombinedURLFilters object representing the pieces of the regular expressions from the triggers.
        5) A Vector of NFAs.
        6) A DFA for each NFA.
        7) A Vector of DFABytecode.
        
        Each one of these contains all the information contained in the content extension,
        so we do not need to keep them all in memory at the same time like we are doing now.
        When we are done with one, we can free that memory to greatly reduce the maximum memory usage while compiling.
        The next step will be to reduce the copies of the original JSON String and to generate NFAs one at a time.

        * contentextensions/CombinedURLFilters.cpp:
        (WebCore::ContentExtensions::CombinedURLFilters::clear):
        * contentextensions/CombinedURLFilters.h:
        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        Clear structures when finished using them.

2015-04-16  Brady Eidson  <beidson@apple.com>

        Compiling a content extension fails when user's home directory is on a different volume from /var/tmp.
        https://bugs.webkit.org/show_bug.cgi?id=143834

        Reviewed by Anders Carlsson.

        - Add moveFile() for a WK2 call site to use.
        - Remove renameFile() as it is now dead code.

        * platform/FileSystem.h:

        * platform/gtk/FileSystemGtk.cpp:
        (WebCore::renameFile): Deleted.

        * platform/mac/FileSystemMac.mm:
        (WebCore::moveFile):

        * platform/posix/FileSystemPOSIX.cpp:
        (WebCore::renameFile): Deleted.

        * platform/win/FileSystemWin.cpp:
        (WebCore::renameFile): Deleted.

2015-04-16  Roger Fong  <roger_fong@apple.com>

        Media element time displays shouldn't wrap.
        https://bugs.webkit.org/show_bug.cgi?id=143854.
        <rdar://problem/20284766>

        Reviewed by Brent Fulgham.

        * Modules/mediacontrols/mediaControlsApple.css:
        (::-webkit-media-controls): Don't wrap any text.
        (audio::-webkit-media-controls-time-remaining-display): Also increase remaining time display width by 1.
        (audio::-webkit-media-controls-time-remaining-display.five-digit-time): Ditto.
        (audio::-webkit-media-controls-time-remaining-display.six-digit-time): Ditto.

2015-04-16  Chris Dumez  <cdumez@apple.com>

        Add assertions to make sure ActiveDOMObject::suspend() / resume() / stop() overrides don't fire events
        https://bugs.webkit.org/show_bug.cgi?id=143850

        Reviewed by Alexey Proskuryakov.

        Add assertions to make sure ActiveDOMObject::suspend() / resume() / stop()
        overrides don't fire events as this is not allowed. This would cause
        arbitrary JS execution which would be very dangerous in these stages.

        Firing JS events from these functions is a common source of crashes.

        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::suspend):
        (WebCore::WebSocket::resume):
        * dom/ScriptExecutionContext.cpp:
        (WebCore::ScriptExecutionContext::suspendActiveDOMObjects):
        (WebCore::ScriptExecutionContext::resumeActiveDOMObjects):
        (WebCore::ScriptExecutionContext::stopActiveDOMObjects):
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::suspend):
        (WebCore::XMLHttpRequest::resume):
        (WebCore::XMLHttpRequest::stop):

2015-04-16  Brady Eidson  <beidson@apple.com>

        Media element can manipulate DOM during Document destruction.
        rdar://problem/20553898 and https://bugs.webkit.org/show_bug.cgi?id=143780

        Reviewed by Jer Noble.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::configureMediaControls): Bail if the element has no active document.

2015-04-13  Jer Noble  <jer.noble@apple.com>

        [iOS] When simultaneously exiting-and-entering fullscreen, WebVideoFullscreenManager/Proxy becomes confused about what video element it represents.
        https://bugs.webkit.org/show_bug.cgi?id=143680

        Reviewed by Simon Fraser.

        Add getters for the video's fullscreen layer, and be more tolerant about the order in which setVideoElement() and 
        setWebVideoFullscreenInterface are called.

        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::videoFullscreenLayer): Added simple getter.
        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        * platform/ios/WebVideoFullscreenModelVideoElement.h:
        (WebCore::WebVideoFullscreenModelVideoElement::videoElement): Added simple getter.
        (WebCore::WebVideoFullscreenModelVideoElement::setWebVideoFullscreenInterface): Deleted. Moved to .mm file.
        * platform/ios/WebVideoFullscreenModelVideoElement.mm:
        (WebVideoFullscreenModelVideoElement::WebVideoFullscreenModelVideoElement): Initialize ivars in the .h file.
        (WebVideoFullscreenModelVideoElement::setWebVideoFullscreenInterface): Call those methods skipped in setVideoElement()
            if m_videoFullscreenInterface had not yet been set.
        (WebVideoFullscreenModelVideoElement::setVideoElement): Null-check m_videoFullscreenInterface.

2015-04-16  Beth Dakin  <bdakin@apple.com>

        Force mouse events should go through normal mouse event handling code paths
        https://bugs.webkit.org/show_bug.cgi?id=143749
        -and corresponding-
        rdar://problem/20472895

        Reviewed by Dean Jackson.

        This patch moves all of the code to dispatch mouseforcedown, mouseforceup, and 
        mouseforcechanged into normal mouse event dispatching code. This patch leaves 
        behind the cancel and click events because we plan to remove those, and it also 
        leaves mouseforcewillbegin because that is necessarily a very different event more 
        tied to the NSImmediateActionGestureRecognizer than these other events which are 
        tied to NSResponder’s pressureChangeWithEvent.

        New helper functions.
        * dom/Document.cpp:
        (WebCore::Document::hasListenerTypeForEventType):
        * dom/Document.h:
        * dom/Element.cpp:
        (WebCore::isForceEvent):

        Move the code to ensure the force events have listeners in order to fire to 
        dispatchMouseEvent, and delete the old implementations.
        (WebCore::Element::dispatchMouseEvent):
        (WebCore::Element::dispatchMouseForceChanged): Deleted.
        (WebCore::Element::dispatchMouseForceDown): Deleted.
        (WebCore::Element::dispatchMouseForceUp): Deleted.
        * dom/Element.h:

        Perform a hit test and pipe the events through dispatchMouseEvent(). 
        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleMouseForceEvent):
        * page/EventHandler.h:

        New types for the new events.
        * platform/PlatformEvent.h:

        Forward to EventHandler. 
        * replay/UserInputBridge.cpp:
        (WebCore::UserInputBridge::handleMouseForceEvent):
        * replay/UserInputBridge.h:

2015-04-16  Tim Horton  <timothy_horton@apple.com>

        Sites with both width=device-width and height=device-height load zoomed out
        https://bugs.webkit.org/show_bug.cgi?id=143795
        <rdar://problem/20369671>

        Reviewed by Ben Poulain.

        * page/ViewportConfiguration.cpp:
        (WebCore::ViewportConfiguration::shouldIgnoreVerticalScalingConstraints):
        Some sites specify both width=device-width and height=device-height, and
        then lay out to device width but with a large amount of vertically scrollable content
        (so, height=device-height was a lie).

        In all other cases where we use device-width and device-height, we prefer
        width=device-width over height=device-height, but in the code to ignore scaling constraints,
        the two paths were completely separate. On sites that specify both, this
        resulted in us attempting to zoom out to fit the entire height of the very tall page,
        which isn't at all what we wanted. So, ignore height=device-height if a width is specified.

2015-04-16  Chris Dumez  <cdumez@apple.com>

        Regression(r182517): WebSocket::suspend() causes error event to be fired
        https://bugs.webkit.org/show_bug.cgi?id=143806
        <rdar://problem/20559812>

        Reviewed by Alexey Proskuryakov.

        WebSocket::suspend() causes an error event to be fired after r182517.
        This is not allowed as firing the event could trigger arbitrary JS
        execution, which is no longer allowed at this point.

        This patch delays the error event firing until after
        WebSocket::resume() is called, similarly to what we already do for
        the close event.

        Also add assertions in WebSocket::suspend() / WebSocket::resume()
        that will be hit if JS events are fired from within these functions.
        The pre-existing closed-when-entering-page-cache.html test is hitting
        one of these assertions without the fix above.

        Tests:
          - http/tests/websocket/tests/hybi/closed-when-entering-page-cache.html
          - http/tests/websocket/tests/hybi/stop-on-resume-in-error-handler.html

        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::suspend):
        (WebCore::WebSocket::resume):
        (WebCore::WebSocket::resumeTimerFired):
        (WebCore::WebSocket::stop):
        (WebCore::WebSocket::didReceiveMessageError):
        (WebCore::WebSocket::didClose):
        (WebCore::WebSocket::dispatchOrQueueEvent):
        * Modules/websockets/WebSocket.h:

2015-04-15  Roger Fong  <roger_fong@apple.com>

        Adjustments to button graphics for media controls.
        https://bugs.webkit.org/show_bug.cgi?id=143797.
        <rdar://problem/20083708>

        Reviewed by Dean Jackson.

        These changes are visual in nature and mainly affect the buttons.
        I've gotten rid of the text-shadow for all the buttons,
        used plus-lighter blending mode and changed the button opacity to reflect the specs,
        and made all the buttons turn opaque white when active.

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-panel button):
        (audio::-webkit-media-controls-rewind-button):
        (audio::-webkit-media-controls-play-button):
        (audio::-webkit-media-controls-play-button.paused):
        (video::-webkit-media-controls-volume-max-button):
        (video::-webkit-media-controls-volume-slider):
        (video::-webkit-media-controls-volume-min-button):
        (audio::-webkit-media-controls-wireless-playback-picker-button):
        (audio::-webkit-media-controls-toggle-closed-captions-button):
        (audio::-webkit-media-controls-closed-captions-container li.selected:hover::before):
        (audio::-webkit-media-controls-fullscreen-button):
        (audio::-webkit-media-controls-fullscreen-button.exit):
        (audio::-webkit-media-controls-status-display):
        (audio::-webkit-media-controls-timeline):
        (audio::-webkit-media-controls-time-remaining-display):
        (video:-webkit-full-screen::-webkit-media-controls-volume-max-button):
        (video:-webkit-full-screen::-webkit-media-controls-volume-min-button):
        (video:-webkit-full-screen::-webkit-media-controls-play-button):
        (video:-webkit-full-screen::-webkit-media-controls-play-button.paused):
        (video:-webkit-full-screen::-webkit-media-controls-seek-back-button):
        (video:-webkit-full-screen::-webkit-media-controls-seek-forward-button):
        (video::-webkit-media-controls-volume-max-button:active):
        (video::-webkit-media-controls-volume-min-button:active):
        (audio::-webkit-media-controls-toggle-closed-captions-button:active):
        (audio::-webkit-media-controls-rewind-button:active):
        (audio::-webkit-media-controls-play-button:active):
        (video:-webkit-full-screen::-webkit-media-controls-volume-max-button:active):
        (video:-webkit-full-screen::-webkit-media-controls-volume-min-button:active):
        (video:-webkit-full-screen::-webkit-media-controls-play-button:active):
        (video:-webkit-full-screen::-webkit-media-controls-seek-back-button:active):
        (video:-webkit-full-screen::-webkit-media-controls-seek-forward-button:active):
        (audio::-webkit-media-controls-fullscreen-button:active):

        Using the pseudo id itself here currently does not work, which is why we rely on the button.* selector for these.
        (video:-webkit-full-screen::-webkit-media-controls-panel button.paused:active):
        (audio::-webkit-media-controls-panel button.paused:active):
        (audio::-webkit-media-controls-panel button.exit:active):
 
        Draw volume slider knob as opaque white when active.
        Adjust colors of timeline and volume sliders now that we are using plus-lighter blending.
        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller):
        (Controller.prototype.createControls):
        (Controller.prototype.handleVolumeSliderMouseDown):
        (Controller.prototype.handleVolumeSliderMouseUp):
        (Controller.prototype.drawTimelineBackground):
        (Controller.prototype.drawVolumeBackground):

2015-04-15  Simon Fraser  <simon.fraser@apple.com>

        Pull emoji-position adjustment code into its own function
        https://bugs.webkit.org/show_bug.cgi?id=143592

        Reviewed by Myles C. Maxfield.

        First step to cleaning up FontCascade::drawGlyphs(). Pull iOS-only code related to
        emoji positioning into its own function.

        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::pointAdjustedForEmoji):
        (WebCore::FontCascade::drawGlyphs):

2015-04-16  Myles C. Maxfield  <mmaxfield@apple.com>

        [iOS] Delete hardcoded font fallback tables
        https://bugs.webkit.org/show_bug.cgi?id=143583

        Reviewed by Darin Adler

        Instead of hardcoding which font to use for a particular character, use
        CTFontCreatePhysicalFontDescriptorForCharactersWithLanguage().

        Updated test expected results:
            editing/selection/vertical-rl-rtl-extend-line-backward-br.html
            editing/selection/vertical-rl-rtl-extend-line-backward-p.html
            editing/selection/vertical-rl-rtl-extend-line-forward-br.html
            editing/selection/vertical-rl-rtl-extend-line-forward-p.html
            fast/text/international/danda-space.html
            fast/text/international/thai-baht-space.html

        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::FontCache::getSystemFontFallbackForCharacters):
        (WebCore::FontCache::systemFallbackForCharacters):
        * platform/spi/cocoa/CoreTextSPI.h:

2015-04-16  Per Arne Vollan  <peavo@outlook.com>

        [WinCairo] Compile error when environment variable WEBKITLIBRARIESDIR is not defined.
        https://bugs.webkit.org/show_bug.cgi?id=143828

        Reviewed by Brent Fulgham.

        Python throws an exception when calling os.environ['WEBKITLIBRARIESDIR'] and
        WEBKITLIBRARIESDIR is not defined. WEBKITLIBRARIESDIR is obsolete, we can remove it.

        * AVFoundationSupport.py:
        (lookFor):

2015-04-16  Alexey Proskuryakov  <ap@apple.com>

        Minor AudioContext cleanup
        https://bugs.webkit.org/show_bug.cgi?id=143816

        Reviewed by Jer Noble.

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::~AudioContext):
        (WebCore::AudioContext::lazyInitialize):
        (WebCore::AudioContext::stop):
        (WebCore::AudioContext::derefNode):
        (WebCore::AudioContext::scheduleNodeDeletion):
        (WebCore::AudioContext::deleteMarkedNodes):
        (WebCore::AudioContext::stopDispatch): Deleted.
        (WebCore::AudioContext::deleteMarkedNodesDispatch): Deleted.
        * Modules/webaudio/AudioContext.h:

        * Modules/webaudio/AudioNode.cpp: (WebCore::AudioNode::~AudioNode):

2015-04-16  Chris Dumez  <cdumez@apple.com>

        Unreviewed attempt to fix Windows build after r182881.

        Add missing header include.

        * page/PageConsoleClient.h:

2015-04-16  Chris Dumez  <cdumez@apple.com>

        Tests introduced in r182877 are flaky
        https://bugs.webkit.org/show_bug.cgi?id=143784

        Reviewed by Alexey Proskuryakov.

        Tests introduced in r182877 are flaky as the line number sometimes
        appears in the console messages. This patch updates the console
        logging code so that no Document is provided when logging. Therefore,
        no line number will ever be displayed. In this case, I don't think
        having the line number is terribly useful anyway.

        * css/StyleSheetContents.cpp:
        (WebCore::StyleSheetContents::parseAuthorStyleSheet):

2015-04-15  Simon Fraser  <simon.fraser@apple.com>

        We should dump GraphicsLayer's anchorPoint z component
        https://bugs.webkit.org/show_bug.cgi?id=143815

        Reviewed by Tim Horton.

        We didn't include the z component of a layer's anchor point when dumping.
        Dump if it's non-zero (to avoid having to change lots of test output).
        No test with non-zero z appears to dump layers.

        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::dumpProperties):
        * rendering/style/RenderStyle.cpp:
        (WebCore::requireTransformOrigin): Remove a FIXME which, on further consideration,
        is wrong.

2015-04-15  Brent Fulgham  <bfulgham@apple.com>

        [Mac] Disable "Save to Downloads" option for local files
        https://bugs.webkit.org/show_bug.cgi?id=143794

        Reviewed by Tim Horton.

        Disable the Image and Media download options if the download
        target is a local file. We can only download web resources;
        anything else is actually a no-op.

        * page/ContextMenuController.cpp:
        (WebCore::ContextMenuController::checkOrEnableIfNeeded): Disable
        menu item if appropriate.

2015-04-15  Chris Dumez  <cdumez@apple.com>

        Add a console message when a stylesheet is not parsed due to invalid MIME type
        https://bugs.webkit.org/show_bug.cgi?id=143784

        Reviewed by Joseph Pecoraro.

        After r180020, we no longer have a quirks mode exception for CSS MIME
        types. This means that we'll start rejecting stylesheets that were
        previously accepted due to this quirk. In this case we log a console
        message to help Web developers understand why their stylesheet is being
        rejected.

        * css/StyleRuleImport.cpp:
        (WebCore::StyleRuleImport::setCSSStyleSheet):

        * css/StyleSheetContents.cpp:
        (WebCore::StyleSheetContents::parseAuthorStyleSheet):
        - Initialize hasValidMIMEType to true so that it ends up being false
          only when canUseSheet(hasValidMIMEType) is called and we've determined
          the MIME type is indeed invalid. Otherwise, hasValidMIMEType would
          also be false when m_data is null or empty in
          CachedCSSStyleSheet::sheetText() and we don't want to display the MIME
          type error in this case.
        - If hasValidMIMEType is false, display the console message and abort
          early. We don't need to execute the rest of the function in this case
          as sheetText is a null String and there is no point in trying to parse
          it.
        - Drop handling of !hasValidMIMEType && !hasSyntacticallyValidCSSHeader()
          as this can no longer be reached. This handling no longer makes sense
          after r180020 as sheetText() will now always return a null String if
          the MIME type is invalid (as we no longer support the CSS MIME type
          quirks mode).

        * css/StyleSheetContents.h:
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::setCSSStyleSheet):

2015-04-15  Said Abou-Hallawa  <said@apple.com>

        Minimum font size pref breaks SVG text very badly.
        https://bugs.webkit.org/show_bug.cgi?id=143590.

        Reviewed by Simon Fraser.

        When enabling the minimum font size perf, the computed font size is set
        to the minimum font size if the computed value is smaller than the minimum.
        The bug happens because the SVG text element applies its scaling on the
        computed value after applying the minimum font size rule. This means the
        final computed value for the font size will be the scaling of the minimum
        font size and not minimum font size itself. What we need is to postpone
        applying the minimum font size rules, till the SVG scaling is applied.

        Tests: svg/text/font-small-enlarged-minimum-larger.svg
               svg/text/font-small-enlarged-minimum-smaller.svg

        * rendering/svg/RenderSVGInlineText.cpp:
        (WebCore::RenderSVGInlineText::computeNewScaledFontForStyle): Call
        computedFontSizeFromSpecifiedSizeForSVGInlineText() even if scalingFactor
        is 1. We need to make sure the minimum font size rules are applied. This
        function was assuming the mininum font size rule was applied when resolving
        the style. This is not true anymore for the SVG text.

        * style/StyleFontSizeFunctions.cpp:
        (WebCore::Style::computedFontSizeFromSpecifiedSize): Do not apply the
        minimum size rules for the SVG element until it applies its scaling to
        the font size.

2015-04-15  Mark Lam  <mark.lam@apple.com>

        Remove obsolete VMInspector debugging tool.
        https://bugs.webkit.org/show_bug.cgi?id=143798

        Reviewed by Michael Saboff.

        No new tests needed.  Just removing obsolete code.

        * ForwardingHeaders/interpreter/VMInspector.h: Removed.

2015-04-15  Timothy Horton  <timothy_horton@apple.com>

        Custom CSS cursors do not use -webkit-image-set on retina displays
        https://bugs.webkit.org/show_bug.cgi?id=120783
        <rdar://problem/14921432>

        Reviewed by Beth Dakin.
        Patch by Evan Wallace <evan.exe@gmail.com>.

        Scale NSCursor images correctly so custom CSS cursors work with
        -webkit-image-set on retina displays.

        * WebCore.exp.in:
        * page/EventHandler.cpp:
        (WebCore::EventHandler::selectCursor):
        * platform/mac/CursorMac.mm:
        (WebCore::createCustomCursor):
        (WebCore::Cursor::ensurePlatformCursor):

2015-04-15  Alexey Proskuryakov  <ap@apple.com>

        No thread safety when passing ThreadableLoaderOptions from a worker thread
        https://bugs.webkit.org/show_bug.cgi?id=143790

        Reviewed by Geoffrey Garen.

        * loader/ThreadableLoader.h:
        * loader/ThreadableLoader.cpp: (WebCore::ThreadableLoaderOptions::isolatedCopy): Added.

        * loader/WorkerThreadableLoader.cpp:
        (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Don't just send
        a structure with strings to a different thread, that's bad.

        * platform/CrossThreadCopier.h: I think that this is dead code, but for this bug,
        just removing a clearly wrong specialization.

2015-04-15  Alex Christensen  <achristensen@webkit.org>

        Progress towards CMake on Mac.
        https://bugs.webkit.org/show_bug.cgi?id=143785

        Reviewed by Csaba Osztrogonác.

        * CMakeLists.txt:
        * PlatformMac.cmake:

2015-04-15  Daniel Bates  <dabates@apple.com>

        Clean up: Have SVGTextLayoutEngine::beginTextPathLayout() take a reference to a
        RenderSVGTextPath instead of a pointer
        https://bugs.webkit.org/show_bug.cgi?id=143787

        Reviewed by Andreas Kling.

        SVGTextLayoutEngine::beginTextPathLayout() assumes that the passed RenderObject is a
        non-null pointer to a RenderSVGTextPath object. Instead we should have this function take a
        reference to a RenderSVGTextPath object to help callers catch bad usage and better document
        the expectation of a valid RenderSVGTextPath object.

        * rendering/svg/SVGRootInlineBox.cpp:
        (WebCore::SVGRootInlineBox::layoutCharactersInTextBoxes): Downcast the renderer of the
        inline box to a RenderSVGTextPath object and pass it to SVGTextLayoutEngine::beginTextPathLayout().
        We ensured that this cast is safe earlier in this function.
        SVGTextLayoutEngine::beginTextPathLayout().
        * rendering/svg/SVGTextLayoutEngine.cpp:
        (WebCore::SVGTextLayoutEngine::beginTextPathLayout): Change type of first parameter from
        RenderObject* to RenderSVGTextPath. Remove ASSERT() that was checking for a non-null
        RenderObject pointer since we are passing the renderer by reference and a well-formed
        reference must refer to a valid object.
        * rendering/svg/SVGTextLayoutEngine.h: Substitute RenderSVGTextPath& for RenderObject*.

2015-04-13  Jer Noble  <jer.noble@apple.com>

        [Fullscreen] ChromeClient::exitVideoFullscreen() should take a pointer to a HTMLVideoElement.
        https://bugs.webkit.org/show_bug.cgi?id=143674

        Reviewed by Darin Adler.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::enterFullscreen): Pass a reference.
        (WebCore::HTMLMediaElement::exitFullscreen): exitVideoFullscreen() -> exitVideoFullscreenForVideoElement(...).
        * page/ChromeClient.h:

2015-04-14  Anders Carlsson  <andersca@apple.com>

        Make creating send rights from shared memory more robust
        https://bugs.webkit.org/show_bug.cgi?id=143730
        rdar://problem/16595870

        Reviewed by Darin Adler.

        Add a bool conversion operator to MachSendRight and tidy up the default constructor.

        * platform/cocoa/MachSendRight.h:
        (WebCore::MachSendRight::operator bool):
        (WebCore::MachSendRight::MachSendRight): Deleted.

2015-04-15  Eric Carlson  <eric.carlson@apple.com>

        Generalize "isPlayingAudio" to include other media characteristics
        https://bugs.webkit.org/show_bug.cgi?id=143713

        Reviewed by Jer Noble.

        No new functionality.

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::stop): updateIsPlayingAudio -> updateIsPlayingMedia.
        (WebCore::AudioContext::isPlayingAudioDidChange): Ditto.

        * dom/Document.cpp:
        (WebCore::Document::addAudioProducer): Ditto.
        (WebCore::Document::removeAudioProducer): Ditto.
        (WebCore::Document::updateIsPlayingMedia): Renamed.
        (WebCore::Document::updateIsPlayingAudio): Deleted.
        * dom/Document.h:

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::setMuted): updateIsPlayingAudio -> updateIsPlayingMedia.
        (WebCore::HTMLMediaElement::setPlaying): Ditto.

        * page/ChromeClient.h:
        * page/Page.cpp:
        (WebCore::Page::updateIsPlayingMedia): Renamed.
        (WebCore::Page::updateIsPlayingAudio): Deleted.
        * page/Page.h:

2015-04-15  Joonghun Park  <jh718.park@samsung.com>

        Fix Debug build error 'comparison of unsigned expression >= 0 is always true [-Werror=type-limits]'
        https://bugs.webkit.org/show_bug.cgi?id=143751

        Reviewed by Csaba Osztrogonác.

        No new tests, no new behaviors.

        * rendering/svg/SVGTextChunk.cpp:
        (WebCore::SVGTextChunk::SVGTextChunk):

2015-04-14  Zalan Bujtas  <zalan@apple.com>

        Make inline continuation style change logic consistent.
        https://bugs.webkit.org/show_bug.cgi?id=143737
        rdar://problem/20486596

        Reviewed by Simon Fraser.

        Do not force RenderBlock type-casting on the first sibling of the continuation's container.
        The first sibling of the container of a continuation should be handled as the rest of the siblings.

        Test: fast/inline/inline-with-column-span-and-remove-block-child-crash.html

        * rendering/RenderInline.cpp:
        (WebCore::updateStyleOfAnonymousBlockContinuations):
        (WebCore::RenderInline::styleDidChange):

2015-04-14  Chris Dumez  <cdumez@apple.com>

        Regression(r180020): Web Inspector crashes on pages that have a stylesheet with an invalid MIME type
        https://bugs.webkit.org/show_bug.cgi?id=143745
        <rdar://problem/20243916>

        Reviewed by Joseph Pecoraro.

        After r180020, we are stricter and no longer accept CSS resources that
        are not served with a CSS MIME type. Showing Web inspector on a page
        with such bad resource would crash because
        InspectorPageAgent::cachedResourceContent() would return true but
        the result String would be null. This null String would then later
        be passed to the Yarr interpreter and crash on a String::is8Bit()
        call.

        cachedResourceContent() calls CachedCSSStyleSheet::sheetText(). Before
        r180020, it would return the text, even if the MIME type was incorrect.
        However, this is no longer the case and we now need to make sure that
        cachedResourceContent() returns false if sheetText() returns a null
        String.

        Test: http/tests/inspector/css/bad-mime-type.html

        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::cachedResourceContent):

2015-04-14  Said Abou-Hallawa  <sabouhallawa@apple.com>

        textPath layout performance improvement.
        https://bugs.webkit.org/show_bug.cgi?id=141570.

        Reviewed by Darin Adler.

        The bottleneck of the text-on-path performance is the position and angle
        calculations for every single character. If the number of characters is
        'n' and the number of path elements is 'm', the total number of processing
        the path elements is O(2 x n x m). What makes it really worse is, for every
        curve we keep splitting the curve till the split curve is almost a straight
        line. The changes we need to do are:
        1. Merge the position and the angle traversals in one pass since they are
           returning info for the same length on the path. There is a degenerate
           case for the starting point when calculating the angle. The original
           code was solving this problem by passing an epsilon instead of zero but
           because traversing the path for position and angle are now merged, we
           will pass zero for the starting point as is. All we need is to move one
           step ahead without moving the position. We need the extra step forward
           to calculate the slope of the path at the starting point.
        2. We need to add a new mode to traversing a path. The new mode will take
           a vector of lengths and returns a vector of arrow vectors. Every arrow
           vector represents a position and an angle on the path at a certain length.
           This requires changing the SVGTextLayoutEngine to calculate the lengths
           of the characters on the curve first and then passing all of them to the
           path traversal function. Instead of traversing the path for every length,
           we are going to get the required point and angle from the vector of arrow
           vectors.

        This patch is addressing the first fix only. The second one will require
        refactoring the SVGTextLayoutEngine so I am going to address it in a
        different patch.

        * platform/graphics/Path.cpp:
        (WebCore::pathLengthApplierFunction): It is cleaner to move the function
        of this method to PathTraversalState::processPathElement().
        
        (WebCore::Path::length): Use new enum Action value and access methods.
        
        (WebCore::Path::traversalStateAtLength): New function which returns the
        traversalState at a certain length on a path.
        
        (WebCore::Path::pointAtLength):
        (WebCore::Path::normalAngleAtLength): Use traversalStateAtLength() to get
        the traversalState and from it return either the position or the angle.
        
        * platform/graphics/Path.h: Define traversalStateAtLength().
        
        * platform/graphics/PathTraversalState.cpp:
        (WebCore::distanceLine): Code clean up.
        
        (WebCore::curveLength): Make the setting of m_previous and m_current happens
        only in this function.
        
        (WebCore::PathTraversalState::PathTraversalState): Add an optional parameter
        for the desired length and move the initialization of the other members to
        the class definition.
        
        (WebCore::PathTraversalState::closeSubpath):
        (WebCore::PathTraversalState::moveTo):
        (WebCore::PathTraversalState::lineTo): Add the distance to the m_totalLength
        instead of returning it since this is what all the callers were doing.
        
        (WebCore::PathTraversalState::quadraticBezierTo):
        (WebCore::PathTraversalState::cubicBezierTo): Add the distance to the
        m_totalLength. Move the setting of m_previous and m_current to curveLength().
        Remove unused members m_control1 and m_control2.

        (WebCore::PathTraversalState::processSegment): Deleted.        
        (WebCore::PathTraversalState::finalizeAppendPathElement): Create a new
        name for the function. Handle the case of the angle at the starting point
        where m_desiredLength is set to zero. The new flag m_isZeroVector will be
        set to notify the caller that the  next iteration will be the last one and
        it is only needed for the calculating the angle of a zero vector. m_current
        should not change by this last iteration.
        
        (WebCore::PathTraversalState::appendPathElement): This code is moved from
        pathLengthApplierFunction().
        
        (WebCore::PathTraversalState::processPathElement): This function is used
        by the class Path. It is a wrapper for appendPathElement(). If m_isZeroVector
        is set we append the new element to a copy for the PathTraversalState just
        to get the angle for the zero vector.

        * platform/graphics/PathTraversalState.h: Change the enum values to not
        not include the class or the enum class. Make the data members private and
        expose the needed ones through access methods. Make all the internal methods
        to be private.
        
        (WebCore::PathTraversalState::processPathElement):  Another wrapper for
        appendPathElement() which is used by SVGPathTraversalStateBuilder.
        
        (WebCore::PathTraversalState::action):
        (WebCore::PathTraversalState::setAction):
        (WebCore::PathTraversalState::desiredLength):
        (WebCore::PathTraversalState::setDesiredLength):
        (WebCore::PathTraversalState::success):
        (WebCore::PathTraversalState::totalLength):
        (WebCore::PathTraversalState::current):
        (WebCore::PathTraversalState::normalAngle): New access methods which are now
        needed after making the data members private.
        
        * rendering/svg/SVGRootInlineBox.cpp:
        (WebCore::SVGRootInlineBox::layoutCharactersInTextBoxes): Make the casting
        of the renderer on the caller side.
        
        * rendering/svg/SVGTextChunk.cpp:
        (WebCore::SVGTextChunk::SVGTextChunk): The constructor should append the
        elements of m_boxes instead of making this from outside the class.
        
        (WebCore::SVGTextChunk::totalCharacters):
        (WebCore::SVGTextChunk::totalLength):
        (WebCore::SVGTextChunk::calculateLength): Deleted.
        Replace calculateLength() by totalCharacters() and totalLength() to make
        the interface cleaner.
        
        (WebCore::SVGTextChunk::totalAnchorShift):
        (WebCore::SVGTextChunk::calculateTextAnchorShift): Deleted.
        Rename the function name.
        
        (WebCore::SVGTextChunk::layout):
        (WebCore::SVGTextChunk::processTextLengthSpacingCorrection):
        (WebCore::SVGTextChunk::buildBoxTransformations):
        (WebCore::SVGTextChunk::boxSpacingAndGlyphsTransform):
        (WebCore::SVGTextChunk::processTextAnchorCorrection):
        Move the chunk layout code from SVGTextChunkBuilder::layoutTextChunks()
        to the SVGTextChunk::layout(). Move all the helper functions as well.
        
        * rendering/svg/SVGTextChunk.h:
        (WebCore::SVGTextChunk::hasTextAnchor):
        (WebCore::SVGTextChunk::boxes): Deleted.
        Add the new methods and change most of the public methods to be private.
        
        * rendering/svg/SVGTextChunkBuilder.cpp:
        (WebCore::SVGTextChunkBuilder::totalCharacters):
        (WebCore::SVGTextChunkBuilder::totalLength):
        (WebCore::SVGTextChunkBuilder::totalAnchorShift): This code is moved from
        SVGTextLayoutEngine. It scans the boxes stored in the SVGTextChunkBuilder
        and sums up the total values.
        
        (WebCore::SVGTextChunkBuilder::transformationForTextBox):
        (WebCore::SVGTextChunkBuilder::buildTextChunks):
        (WebCore::SVGTextChunkBuilder::layoutTextChunks): Code clean up.
        
        (WebCore::SVGTextChunkBuilder::addTextChunk): Deleted.
        (WebCore::SVGTextChunkBuilder::processTextChunk): Deleted.
        (WebCore::SVGTextChunkBuilder::processTextLengthSpacingCorrection): Deleted.
        (WebCore::SVGTextChunkBuilder::processTextAnchorCorrection): Deleted.
        (WebCore::SVGTextChunkBuilder::buildSpacingAndGlyphsTransform): Deleted.
        This code now lives in SVGTextChunk.
        
        * rendering/svg/SVGTextChunkBuilder.h: Add new methods for code which was
        moved from SVGTextLayoutEngine and remove methods for code which was removed
        to SVGTextChunk.
        
        * rendering/svg/SVGTextLayoutEngine.cpp:
        (WebCore::SVGTextLayoutEngine::beginTextPathLayout): Use the sum up methods
        from SVGTextChunkBuilder instead of looping through the chunks. Also get a
        clean order for defining variables and doing the calculations.
        
        (WebCore::SVGTextLayoutEngine::finalizeTransformMatrices): Code clean up.
        
        (WebCore::SVGTextLayoutEngine::layoutTextOnLineOrPath): Do a single path
        traversal to get the position and the angle for a length on a path.
        
        * svg/SVGAnimateMotionElement.cpp:
        (WebCore::SVGAnimateMotionElement::buildTransformForProgress): Do a single
        path traversal to get the position and the angle at a length on a path.
        
        * svg/SVGPathTraversalStateBuilder.cpp:
        (WebCore::SVGPathTraversalStateBuilder::SVGPathTraversalStateBuilder):
        (WebCore::SVGPathTraversalStateBuilder::moveTo):
        (WebCore::SVGPathTraversalStateBuilder::lineTo):
        (WebCore::SVGPathTraversalStateBuilder::curveToCubic):
        (WebCore::SVGPathTraversalStateBuilder::closePath):
        (WebCore::SVGPathTraversalStateBuilder::setDesiredLength):
        (WebCore::SVGPathTraversalStateBuilder::continueConsuming):
        (WebCore::SVGPathTraversalStateBuilder::totalLength):
        (WebCore::SVGPathTraversalStateBuilder::currentPoint):
        (WebCore::SVGPathTraversalStateBuilder::incrementPathSegmentCount): Deleted.
        (WebCore::SVGPathTraversalStateBuilder::pathSegmentIndex): Deleted.
        * svg/SVGPathTraversalStateBuilder.h:
        (WebCore::SVGPathTraversalStateBuilder::pathSegmentIndex):
        Code clean up.
        
        * svg/SVGPathUtilities.cpp:
        (WebCore::getSVGPathSegAtLengthFromSVGPathByteStream):
        (WebCore::getTotalLengthOfSVGPathByteStream):
        (WebCore::getPointAtLengthOfSVGPathByteStream): Use new TraversalState::Action
        enum values.

2015-04-14  Simon Fraser  <simon.fraser@apple.com>

        Re-enable custom dilation for antialiased fonts
        https://bugs.webkit.org/show_bug.cgi?id=143738

        Reviewed by Tim Horton.
        
        Enabling custom dilation for antialised fonts broke layout tests, so re-land it,
        but disable in WebKitTestRunner and DumpRenderTree. The latter requires adding
        a private WebKit pref. This pref defaults to YES, enabling the feature by default
        in WK1 as we do for WK2.

        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::dilationSizeForTextColor):
        (WebCore::FontCascade::drawGlyphs):

2015-04-14  Andy Estes  <aestes@apple.com>

        [Content Filtering] Use ASSERT_WITH_SECURITY_IMPLICATION for verifying types from NEFilterSource
        https://bugs.webkit.org/show_bug.cgi?id=143742

        Reviewed by David Kilzer.

        * platform/cocoa/NetworkExtensionContentFilter.mm:
        (replacementDataFromDecisionInfo): ASSERT_WITH_SECURITY_IMPLICATION that decisionInfo is really a NSDictionary.
        (WebCore::NetworkExtensionContentFilter::handleDecision): ASSERT_WITH_SECURITY_IMPLICATION that replacementData is really a NSData.

2015-04-14  Brent Fulgham  <bfulgham@apple.com>

        Correct layering violation in DumpRenderTree Build
        https://bugs.webkit.org/show_bug.cgi?id=143732

        Reviewed by Simon Fraser.

        * testing/js/WebCoreTestSupport.cpp:
        (WebCoreTestSupport::monitorWheelEvents): Added. Provides a wrapper around
        the internal WebCore objects needed to implement this function.
        (WebCoreTestSupport::setTestCallbackAndStartNotificationTimer): Ditto.
        * testing/js/WebCoreTestSupport.h:

2015-04-14  Brady Eidson  <beidson@apple.com>

        Make sure media element loads hit content filter extensions.
        <rdar://problem/20014012> and https://bugs.webkit.org/show_bug.cgi?id=143731

        Reviewed by Jer Noble.

        Tests: http/tests/contentextensions/media-filtered.html
               http/tests/contentextensions/text-track-blocked.html

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute): Skip loads that are filtered.

2015-04-14  Brian Weinstein  <bweinstein@apple.com>

        Add SPI to clear HSTS hosts added since a date.
        https://bugs.webkit.org/show_bug.cgi?id=143726
        and
        rdar://problem/16664597

        Declare _CFNetworkResetHSTSHostsSinceDate in CFNetworkSPI.h.

        Reviewed by Anders Carlsson.

        * platform/spi/cf/CFNetworkSPI.h:

2015-04-14  Roger Fong  <roger_fong@apple.com>

        Unreviewed. Time numbers on media controls move as they update on OSX.
        <rdar://problem/20141790>.

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-current-time-display):
        (audio::-webkit-media-controls-time-remaining-display):
        Don't bother justifying content to end. We size the box to fit the time displays exactly anyways.

2015-04-14  Roger Fong  <roger_fong@apple.com>

        Insert volume control in correct place after exiting wireless play.
        https://bugs.webkit.org/show_bug.cgi?id=143721.
        <rdar://problem/20526106>

        Reviewed by Darin Adler.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.updateWirelessPlaybackStatus):

2015-04-14  Brady Eidson  <beidson@apple.com>

        Media elements not in a page shouldn't load.
        https://bugs.webkit.org/show_bug.cgi?id=143720

        Reviewed by Jer Noble.

        No new tests (Theoretical problem noticed in code review).

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::loadResource): Make sure the frame is in a page.

2015-04-14  Simon Fraser  <simon.fraser@apple.com>

        [iOS] Clean up registration of layers with the ScrollingCoordinator
        https://bugs.webkit.org/show_bug.cgi?id=143725

        Reviewed by Tim Horton.

        Simplify a couple of bits of code related to the registration of layers with
        the ScrollingCoordinator in RenderLayerCompositor.

        First, RenderLayerBacking was using ScrollingNodeTypes to choose which scrolling
        roles a layer has, which let to ambiguous code where we hardcoded a ScrollingNodeType
        with knowledge of what RenderLayerBacking did with it. Clean up by using LayerScrollCoordinationRole,
        which is moved to RenderLayer.h so that RenderLayerCompositor.h and RenderLayerBacking.h
        both see it.

        Secondly, avoid having both detachFromScrollingCoordinator() and detachFromScrollingCoordinatorForRole()
        by passing in the bitmask of roles.

        * page/FrameView.cpp:
        (WebCore::FrameView::scrollLayerID):
        * rendering/RenderLayer.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::~RenderLayerBacking):
        (WebCore::RenderLayerBacking::detachFromScrollingCoordinator):
        (WebCore::RenderLayerBacking::detachFromScrollingCoordinatorForRole): Deleted.
        * rendering/RenderLayerBacking.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateScrollCoordinatedStatus):
        (WebCore::RenderLayerCompositor::removeFromScrollCoordinatedLayers):
        (WebCore::scrollCoordinationRoleForNodeType):
        (WebCore::RenderLayerCompositor::attachScrollingNode):
        (WebCore::RenderLayerCompositor::detachScrollCoordinatedLayer):
        (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer):
        (WebCore::RenderLayerCompositor::willRemoveScrollingLayerWithBacking):
        (WebCore::RenderLayerCompositor::detachScrollCoordinatedLayerForRole): Deleted.
        * rendering/RenderLayerCompositor.h:

2015-04-14  Benjamin Poulain  <benjamin@webkit.org>

        Add a conservative DFA minimizer for the content extension matcher
        https://bugs.webkit.org/show_bug.cgi?id=143501

        Reviewed by Alex Christensen.

        This patch adds a simple minimizer for DFA graphs. It is not a perfect minimizer:
        some indistinguishable are not merged, but no two distinguishable are merged.

        The general idea of the algorithm is to put all the state into a single set
        and partition iteratively until it is impossible to split any subset by using
        a transition to distinguish two states.

        Let's ignore fallback transition for now, and I'll explain later how they fit in
        the big picture.


        The first thing we do is create a partition of the transition by grouping every
        transition by the same character in the same subset. This partition of transitions
        is the base by which we will partition the states.

        Each subset in the transition partition is a "distinguisher" by which we can
        separate the state partition.

        We also create a second partition, the state partition. This is where we keep
        all the subsets of states that have been split so far.

        Let say we have the following graph.

            1 --a--> 2
            1 --b--> 3
            2 --c--> 4 (final)
            3 --c--> 4 (final)

        The partition of transition would start with:
        Set 0:
            1 --a--> 2
        Set 1:
            1 --b--> 3
        Set 2:
            2 --c--> 4
            3 --c--> 4

        The state partition would have a single set with { 1, 2, 3, 4 }.


        Next, we split the state partition by distinguishable final states. In this case,
        we would split it into { 1, 2, 3 }, { 4 }.

        We then refine the transition partition by splitting it by the states that have
        been distinguished. Here, the only transitions to 4 are both is the same set (set 2),
        so the transition partition remains the same.


        We can now execute the main loop of the algorithm:
        1) Split the states by the transitions.
        2) Split the transitions that are now reaching two different sets of the state partition.
        3) Add any newly discovered "distinguisher" (the ones we split) to the list of "distinguisher"
           to process.

        In this case, we just iterate over the partition set in order, and add newly split transitions
        to the end of the list.

        In the example, we would first visit set 0. We have that state 1 is distinguishable
        by "a", and the state partition would become { 1 }, { 2, 3 }, { 4 }.

        We then visit transition set 1, it distinguishes state 1 which is already alone -> nothing to do.

        Finally, we process the transition set 2, it distinguishes 2 and 3, they are already in the same
        set -> nothing to do.

        There is no more transition to process, we have 3 unique subsets and we should merge 2 and 3.

        ---

        Okay, now how to we fit fallback transition in this model. In this patch, I take the conservative
        approach: we split everything assuming fallback transition do not exist, then we refine
        by the fallback transitions.

        Let's take the following example:
            1 --a--> 3
            2 --a--> 3
            1 -[f]-> 4
            2 -[f]-> 5

        and at this stage in the algorithm, we have the sets { 1, 2 }, { 3 }, { 4 }, { 5 }.
        The states 1 and 2 are together because they cannot be distinguished by 'a', but
        the fallback transition distinguishes them.

        Since we have done every other split, we have one useful property: we know that every
        state in every set transition with the exact set of characters within that set.
        If that was not true, there would be one "distinguisher" 'x' that could spit the set
        into two subsets: the one with the transition 'x' and the ones without.

        Since all the transitions are the same, there is no overlap between the defined transition
        and the fallback transition. Consequently, we can use the fallback transition as a whole
        transition and use it to distinguish the states.

        The fallback transitions are handled like any other transition, we have a partition of such
        transitions and split by each of them. BUT, we can only use them after every unique transition
        has been covered.

        This trick is also what makes the minimization imperfect: it should be possible to merge
        states with overlap in their fallback transitions but we would split them.

        ---

        Antti Valmari, Petri Lehtinen, Marie-Pierre Béal and Maxime Crochemore deserve credit for their indirect
        work on this patch. Thanks for your wonderful papers about DFA minimization.

        * WebCore.xcodeproj/project.pbxproj:
        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        * contentextensions/DFA.cpp:
        (WebCore::ContentExtensions::DFA::minimize):
        (WebCore::ContentExtensions::DFA::debugPrintDot):
        * contentextensions/DFA.h:
        * contentextensions/DFABytecodeCompiler.cpp:
        (WebCore::ContentExtensions::DFABytecodeCompiler::compileNode):
        * contentextensions/DFAMinimizer.cpp: Added.
        (WebCore::ContentExtensions::DFAMinimizer::simplifyTransitions):
        (WebCore::ContentExtensions::DFAMinimizer::Partition::initialize):
        (WebCore::ContentExtensions::DFAMinimizer::Partition::markElementInCurrentGeneration):
        (WebCore::ContentExtensions::DFAMinimizer::Partition::refineGeneration):
        (WebCore::ContentExtensions::DFAMinimizer::Partition::iterateSet):
        (WebCore::ContentExtensions::DFAMinimizer::Partition::setIndex):
        (WebCore::ContentExtensions::DFAMinimizer::Partition::firstElementInSet):
        (WebCore::ContentExtensions::DFAMinimizer::Partition::size):
        (WebCore::ContentExtensions::DFAMinimizer::Partition::SetDescriptor::indexAfterMarkedElements):
        (WebCore::ContentExtensions::DFAMinimizer::Partition::SetDescriptor::end):
        (WebCore::ContentExtensions::DFAMinimizer::FullGraphPartition::FullGraphPartition):
        (WebCore::ContentExtensions::DFAMinimizer::FullGraphPartition::markNode):
        (WebCore::ContentExtensions::DFAMinimizer::FullGraphPartition::refinePartitions):
        (WebCore::ContentExtensions::DFAMinimizer::FullGraphPartition::splitByUniqueTransitions):
        (WebCore::ContentExtensions::DFAMinimizer::FullGraphPartition::splitByFallbackTransitions):
        (WebCore::ContentExtensions::DFAMinimizer::FullGraphPartition::nodeReplacement):
        (WebCore::ContentExtensions::DFAMinimizer::ActionKey::ActionKey):
        (WebCore::ContentExtensions::DFAMinimizer::ActionKey::isEmptyValue):
        (WebCore::ContentExtensions::DFAMinimizer::ActionKey::isDeletedValue):
        (WebCore::ContentExtensions::DFAMinimizer::ActionKeyHash::hash):
        (WebCore::ContentExtensions::DFAMinimizer::ActionKeyHash::equal):
        (WebCore::ContentExtensions::DFAMinimizer::minimize):
        * contentextensions/DFAMinimizer.h: Copied from Source/WebCore/contentextensions/DFA.h.
        * contentextensions/DFANode.h:
        * contentextensions/NFAToDFA.cpp:
        (WebCore::ContentExtensions::NFAToDFA::convert):
        (WebCore::ContentExtensions::simplifyTransitions): Deleted.

2015-04-14  Chris Dumez  <cdumez@apple.com>

        ASSERT(frame().view() == this) assertion hit in FrameView::windowClipRect() on Windows bots
        https://bugs.webkit.org/show_bug.cgi?id=143723

        Reviewed by Brent Fulgham.

        ASSERT(frame().view() == this) in FrameView::windowClipRect() can be hit
        if the post layout timer timer fires after the page has entered page
        cache. Upon entering page cache, we call FrameView::unscheduleRelayout()
        to stop the layout timer if it is active, however, we don't stop the
        post-layout timer. Therefore, there was nothing preventing the
        post-layout timer from firing after entering page cache.

        In this patch, we unschedule the post-layout timer in
        FrameView::unscheduleRelayout() to protect ourselves against this.

        I think we were only seeing the assertion hit on Windows because this
        timer probably gets scheduled more frequently on Windows. On Mac, I
        rarely see it getting scheduled.

        No new tests, should fix crashing tests on the bots.

        * page/FrameView.cpp:
        (WebCore::FrameView::unscheduleRelayout):

2015-04-14  Chris Dumez  <cdumez@apple.com>

        FrameView::m_frame should be a Ref<Frame>
        https://bugs.webkit.org/show_bug.cgi?id=143716

        Reviewed by Andreas Kling.

        FrameView::m_frame should be a Ref<Frame> instead of a RefPtr<Frame> as
        it can never be null.

        * page/FrameView.cpp:
        (WebCore::FrameView::FrameView):
        (WebCore::FrameView::flushCompositingStateForThisFrame):
        (WebCore::FrameView::hasCompositedContentIncludingDescendants):
        (WebCore::FrameView::flushCompositingStateIncludingSubframes):
        (WebCore::FrameView::updateCanBlitOnScrollRecursively):
        (WebCore::FrameView::setIsOverlapped):
        (WebCore::FrameView::shouldUpdateCompositingLayersAfterScrolling):
        (WebCore::FrameView::renderedCharactersExceed):
        (WebCore::FrameView::updateLayerFlushThrottling):
        (WebCore::FrameView::serviceScriptedAnimations):
        (WebCore::FrameView::updateBackgroundRecursively):
        (WebCore::FrameView::adjustScrollStepForFixedContent):
        (WebCore::FrameView::paintContentsForSnapshot):
        (WebCore::FrameView::notifyWidgetsInAllFrames):
        (WebCore::FrameView::setExposedRect):
        (WebCore::FrameView::setViewportSizeForCSSViewportUnits):
        * page/FrameView.h:

2015-04-13  Simon Fraser  <simon.fraser@apple.com>

        [iOS WK2] Interactive elements of developer.apple.com are broken
        https://bugs.webkit.org/show_bug.cgi?id=143692
        rdar://problem/19320087

        Reviewed by Sam Weinig.
        
        When a composited RenderLayer had nodes in the scrolling tree by virtue of
        both position and overflow:scroll, and one of those reasons disappeared,
        we'd fail to remove the corresponding node from the scrolling tree. This
        could leave an overflow:scroll element behaving as if it were position:fixed.
        
        Fix by having RenderLayerCompositor::updateScrollCoordinationForThisFrame()
        detach the layer on a per-role basis.

        Test: platform/ios-simulator-wk2/scrolling/remove-scrolling-role.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::detachFromScrollingCoordinatorForRole):
        * rendering/RenderLayerBacking.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::detachScrollCoordinatedLayerForRole):
        (WebCore::RenderLayerCompositor::detachScrollCoordinatedLayer): Just moved.
        (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer): Call detachScrollCoordinatedLayerForRole()
        if the layer doesn't have the relevant scrolling reasons.
        * rendering/RenderLayerCompositor.h:

2015-04-14  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r182794.
        https://bugs.webkit.org/show_bug.cgi?id=143714

        readable-stream-templated.html fails on Debug bots (Requested
        by youenn on #webkit).

        Reverted changeset:

        "[Streams API] ReadableStream constructor start function
        should be able to close the stream"
        https://bugs.webkit.org/show_bug.cgi?id=143363
        http://trac.webkit.org/changeset/182794

2015-04-14  Per Arne Vollan  <peavo@outlook.com>

        [WinCairo] Unreviewed build fix after r182707.

        * platform/network/curl/MultipartHandle.cpp:
        (WebCore::MultipartHandle::didReceiveResponse):

2015-04-14  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] ReadableStream constructor start function should be able to close the stream
        https://bugs.webkit.org/show_bug.cgi?id=143363

        Reviewed by Benjamin Poulain.

        Implements https://streams.spec.whatwg.org/#close-readable-stream.
        When the "close" JS function is called, the stream is getting closed.
        The stream state is changed to close and if it has a reader, the reader gets closed as well:
        The reader resolves the closed promise and release the stream.

        Enabled the possibility to resolve a promise with any JS value.
        This is used to resolve closed promise with jsUndefined and will be used for read promises.

        Covered by reference tests that are now passing.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::changeStateToClosed): Called by the JS function 'close'.
        * Modules/streams/ReadableStream.h:
        * Modules/streams/ReadableStreamReader.cpp:
        (WebCore::ReadableStreamReader::ReadableStreamReader):
        (WebCore::ReadableStreamReader::initialize): Added to handle state change at constructor time (in particular closed/errored state).
        (WebCore::ReadableStreamReader::releaseStream):
        (WebCore::ReadableStreamReader::closed): Storing the closed promise callbacks.
        (WebCore::ReadableStreamReader::changeStateToClosed): Resolution of closed promise.
        * Modules/streams/ReadableStreamReader.h:
        * bindings/js/JSDOMPromise.h:
        (WebCore::DeferredWrapper::resolve<JSC::JSValue>):
        * bindings/js/JSReadableStreamReaderCustom.cpp:
        (WebCore::JSReadableStreamReader::closed):
        * bindings/js/ReadableStreamJSSource.cpp:
        (WebCore::readableStreamSlotName):
        (WebCore::getReadableJSStream): Helper function to retrieve the stream from the exec state.
        (WebCore::closeReadableStreamFunction):
        (WebCore::createReadableStreamCloseFunction):
        (WebCore::createReadableStreamController):
        (WebCore::ReadableStreamJSSource::start):
        (WebCore::ReadableJSStreamReader::ReadableJSStreamReader): Deleted.

2015-04-13  Joonghun Park  <jh718.park@samsung.com>

        Use modern for-loops in Document
        https://bugs.webkit.org/show_bug.cgi?id=143600

        Reviewed by Darin Adler.

        No new tests, no behavior changes.

        * dom/Document.cpp:
        (WebCore::Document::visibilityStateChanged):
        (WebCore::Document::processBaseElement):
        (WebCore::Document::moveNodeIteratorsToNewDocument):
        (WebCore::Document::updateRangesAfterChildrenChanged):
        (WebCore::Document::nodeChildrenWillBeRemoved):
        (WebCore::Document::nodeWillBeRemoved):
        (WebCore::Document::textInserted):
        (WebCore::Document::textRemoved):
        (WebCore::Document::textNodesMerged):
        (WebCore::Document::textNodeSplit):
        (WebCore::Document::documentWillSuspendForPageCache):
        (WebCore::Document::documentDidResumeFromPageCache):
        (WebCore::Document::mediaVolumeDidChange):
        (WebCore::Document::privateBrowsingStateDidChange):
        (WebCore::Document::captionPreferencesChanged):
        (WebCore::Document::validateAutoSizingNodes):
        (WebCore::Document::resetAutoSizingNodes):
        (WebCore::Document::webkitExitFullscreen):
        (WebCore::Document::absoluteRegionForEventTargets):

2015-04-13  Manuel Rego Casasnovas  <rego@igalia.com>

        [CSS Grid Layout] Columns set in percentages collapse to auto width
        https://bugs.webkit.org/show_bug.cgi?id=141435

        Reviewed by David Hyatt.

        Based on a patch by Sergio Villar Senin  <svillar@igalia.com>.

        This patch adds 2 new new methods in RenderBox to determine if the grid
        has a definite size or not.

        RenderGrid::gridTrackSize() was not checking properly if the grid has or
        not an indefinite size.
        The condition was including auto which is not indefinite per se. For
        example, auto is definite if the containing block is definite.
        As the new method is more expensive, we just call it when it's really
        needed to avoid performance regressions.

        Finally we were setting the override logical width/height to -1 (no
        possible resolution) for all the items regardless if they've a relative
        width/height or a fixed one.
        Added the condition, including not only items with percentage logical
        width/height but also relative, to avoid overriding the value for items
        with fixed width/height as it's not needed.

        Tests: fast/css-grid-layout/grid-item-with-percent-height-in-auto-height-grid-resolution.html
               fast/css-grid-layout/percent-intrinsic-track-breadth.html
               fast/css-grid-layout/percent-track-breadths-regarding-container-size.html

        * rendering/RenderBox.cpp:
        (WebCore::logicalWidthIsResolvable):
        (WebCore::RenderBox::hasDefiniteLogicalWidth):
        (WebCore::RenderBox::percentageLogicalHeightIsResolvableFromBlock):
        (WebCore::RenderBox::hasRelativeLogicalWidth):
        * rendering/RenderBox.h:
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::hasDefiniteLogicalSize):
        (WebCore::RenderGrid::gridTrackSize):
        (WebCore::RenderGrid::logicalContentHeightForChild):
        (WebCore::RenderGrid::minContentForChild):
        (WebCore::RenderGrid::maxContentForChild):
        * rendering/RenderGrid.h:

2015-04-13  Chris Dumez  <cdumez@apple.com>

        Regression: Scrolling on popsci.com spends too much time in FrameView::viewportsContentsChanged()
        https://bugs.webkit.org/show_bug.cgi?id=143675

        Reviewed by Simon Fraser.

        Optimize resumeVisibleImageAnimationsIncludingSubframes() so that the FrameViews'
        windowClipRect gets computed less often:
        - Cache the FrameView's windowClipRect before resuming image animations in subframes
          as calling windowClipRect() on those subframes' view is going to call windowClipRect()
          on their ancestors. This avoids a lot of unnecessary windowClipRect recomputations
          in deep frame trees.
        - Stop traversing the Frame tree if the current frame does not have a content
          renderer, as this means the subframes won't have one either.
        - Stop traversing the Frame tree if the current frame's view has an empty
          windowClipRect() as this means the windowClipRect will be empty for those
          subframes as well.

        On popsci.com, this cuts down the number of uncached windowClipRect() calls by
        approximately half. I see viewportsContentsChanged() at ~0.4% when scrolling
        on popsci.com after this change.

        * page/FrameView.cpp:
        (WebCore::FrameView::resumeVisibleImageAnimationsIncludingSubframes):
        (WebCore::FrameView::windowClipRect):
        * page/FrameView.h:
        * rendering/RenderView.cpp:
        (WebCore::RenderView::resumePausedImageAnimationsIfNeeded):
        * rendering/RenderView.h:

2015-04-13  Roger Fong  <roger_fong@apple.com>

        Unreviewed. Set the title text of the placard added in r182631.
        https://bugs.webkit.org/show_bug.cgi?id=143585.
        <rdar://problem/12067439>

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.updateWirelessPlaybackStatus):

2015-04-10  Brent Fulgham  <bfulgham@apple.com>

        Expand test infrastructure to support scrolling tests
        https://bugs.webkit.org/show_bug.cgi?id=143286
        <rdar://problem/20375516>

        Reviewed by Simon Fraser.

        No new functionality.

        This series of changes adds a new singleton class, 'WheelEventTestTrigger', which encapsulates a
        function object to be fired when scroll events are finished. The object also keeps track of reasons
        why the test should not yet fire (e.g., 'rubberbanding' is active) so that tests do not incorrectly
        check rendering state in the middle of an animation.

        This code is not yet hooked up to the rendering system, and so does not have any effect on behavior.

        * CMakeLists.txt: Add new WheelEventTestTrigger files.
        * WebCore.vcxproj/WebCore.vcxproj: Ditto.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * page/MainFrame.cpp:
        (WebCore::MainFrame::MainFrame): Add new member to constructor.
        (WebCore::MainFrame::testTrigger): Added.
        (WebCore::MainFrame::ensureTestTrigger): Added.
        (WebCore::MainFrame::clearTrigger): Added.
        * page/MainFrame.h:
        * page/WheelEventTestTrigger.cpp: Added.
        (WebCore::WheelEventTestTrigger::WheelEventTestTrigger):
        (WebCore::WheelEventTestTrigger::createWeakPtr):
        (WebCore::WheelEventTestTrigger::clearAllTestDeferrals):
        (WebCore::WheelEventTestTrigger::setTestNotificationCallback):
        (WebCore::WheelEventTestTrigger::deferTestsForReason):
        (WebCore::WheelEventTestTrigger::removeTestDeferralForReason):
        (WebCore::WheelEventTestTrigger::triggerTestTimerFired):
        * page/WheelEventTestTrigger.h: Added.

2015-04-13  Jer Noble  <jer.noble@apple.com>

        [iOS] When entering optimized fullscreen, standard fullscreen view should exit.
        https://bugs.webkit.org/show_bug.cgi?id=143615

        Reviewed by Simon Fraser.

        When entering optimized fullscreen from standard fullscreen, the original fullscreen
        view should animate out.

        The original method for entering optimized fullscreen is deprecated, so replace it with
        the new method (which doesn't take completion blocks) and use delegate methods to detect
        when the animation transition completes.

        * platform/Logging.h:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (boolString): Added; use for logging boolean parameters.
        (-[WebAVPlayerController playerViewControllerWillStartOptimizedFullscreen:]): Pass to WebVideoFullscreenInterfaceAVKit.
        (-[WebAVPlayerController playerViewControllerDidStartOptimizedFullscreen:]): Ditto.
        (-[WebAVPlayerController playerViewControllerWillStopOptimizedFullscreen:]): Ditto.
        (-[WebAVPlayerController playerViewControllerDidStopOptimizedFullscreen:]): Ditto.
        (-[WebAVPlayerController playerViewControllerWillCancelOptimizedFullscreen:]): Ditto.
        (-[WebAVPlayerController playerViewControllerDidCancelOptimizedFullscreen:]): Ditto.
        (-[WebAVPlayerController playerViewController:restoreUserInterfaceForOptimizedFullscreenStopWithCompletionHandler:]): Ditto.
        (-[WebAVVideoLayer setPlayerViewController:]): Remove the KVO registration; now handled by above delegate methods.
        (WebVideoFullscreenInterfaceAVKit::setupFullscreenInternal): Add logging.
        (WebVideoFullscreenInterfaceAVKit::enterFullscreen): Ditto.
        (WebVideoFullscreenInterfaceAVKit::enterFullscreenOptimized): Use new -startOptimizedFullscreen method.
        (WebVideoFullscreenInterfaceAVKit::enterFullscreenStandard): Add logging.
        (WebVideoFullscreenInterfaceAVKit::exitFullscreenInternal): Ditto.
        (WebVideoFullscreenInterfaceAVKit::cleanupFullscreenInternal): Use hasMode() & isMode() rather than checking m_mode directly.
        (WebVideoFullscreenInterfaceAVKit::requestHideAndExitFullscreen): Ditto.
        (WebVideoFullscreenInterfaceAVKit::preparedToReturnToInline): Callback now stored on this object rather than the WebAVPlayerController.
        (WebVideoFullscreenInterfaceAVKit::mayAutomaticallyShowVideoOptimized): Moved.
        (WebVideoFullscreenInterfaceAVKit::fullscreenMayReturnToInline): Added; store the passed callback.
        (WebVideoFullscreenInterfaceAVKit::willStartOptimizedFullscreen): Exit out of standard fullscreen mode if necessary.
        (WebVideoFullscreenInterfaceAVKit::didStartOptimizedFullscreen): Moved from the start lambda in enterFullscreenOptimized().
        (WebVideoFullscreenInterfaceAVKit::willStopOptimizedFullscreen): Call the model's requestExitFullscreen() method.
        (WebVideoFullscreenInterfaceAVKit::didStopOptimizedFullscreen): Moved from the stop lambda in enterFullscreenOptimized().
        (WebVideoFullscreenInterfaceAVKit::willCancelOptimizedFullscreen): Call the model's requestExitFullscreen() method.
        (WebVideoFullscreenInterfaceAVKit::didCancelOptimizedFullscreen): Moved from the stop lambda in enterFullscreenOptimized().
        (WebVideoFullscreenInterfaceAVKit::prepareForOptimizedFullscreenStopWithCompletionHandler): Moved from -playerViewController:shouldExitFullScreenWithReason:.
        (WebVideoFullscreenInterfaceAVKit::setMode): Added; Call fullscreenModeChanged() if necessary.
        (WebVideoFullscreenInterfaceAVKit::clearMode): Ditto.
        (-[WebAVVideoLayer observeValueForKeyPath:ofObject:change:context:]): Deleted.
        (WebVideoFullscreenInterfaceAVKit::setIsOptimized): Deleted.

2015-04-13  Brent Fulgham  <bfulgham@apple.com>

        [Win] Unreviewed fix after r182757.

        * platform/win/FileSystemWin.cpp:
        (WebCore::renameFile): Checked in wrong version.

2015-04-13  Brent Fulgham  <bfulgham@apple.com>

        [Win] Unreviewed fix after r182161.

        The change caused Windows to lose Media UI, since the new 'getFileSize'
        signature was being improperly used for a 'UInt8'-based string.

        Fix was to provide implementations for the two new methods, and to make
        sure RenderThemeWin was using the proper signature.

        This should actually be a little more efficient, since we have the file
        handle when we call this new method. Previously, a Windows 'find file' was
        being done with the requested path, which was unnecessary work.

        * platform/win/FileSystemWin.cpp:
        (WebCore::getFileSizeFromByHandleFileInformationStructure): Added helper function.
        (WebCore::getFileSize): Provide implementation.
        (WebCore::renameFile):
        * rendering/RenderThemeWin.cpp:
        (WebCore::RenderThemeWin::stringWithContentsOfFile): Use the file handle to
        get the file size, rather than using the path-based size lookup (which involves
        performing an unnecessary file search.

2015-04-13  Brady Eidson  <beidson@apple.com>

        Share sheets from Share menus appear outside the browser window.
        <rdar://problem/20455592> and https://bugs.webkit.org/show_bug.cgi?id=143620

        Reviewed by Darin Adler.

        * page/ContextMenuController.h:
        (WebCore::ContextMenuController::client):

2015-04-13  Andreas Kling  <akling@apple.com>

        Rebaseline bindings tests.

        * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
        * bindings/scripts/test/JS/JSTestEventTarget.h:
        * bindings/scripts/test/JS/JSTestException.h:
        * bindings/scripts/test/JS/JSTestInterface.h:
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/JS/JSTestTypedefs.h:

2015-04-13  Jer Noble  <jer.noble@apple.com>

        [iOS] Treat a 'not found' media option index as the 'off' track.
        https://bugs.webkit.org/show_bug.cgi?id=143672

        Reviewed by Eric Carlson.

        The UIProcess will pass in UINT64_MAX for the index of the legible option to select. Treat this
        as if the captionOffMenuItem() had been selected to avoid a null dereference.

        * platform/ios/WebVideoFullscreenModelVideoElement.mm:
        (WebVideoFullscreenModelVideoElement::selectLegibleMediaOption):

2015-04-13  Said Abou-Hallawa  <sabouhallawa@apple.com>

        list-style-image with SVG image renders at incorrect size.
        https://bugs.webkit.org/show_bug.cgi?id=141367.

        Reviewed by Darin Adler.
        
        This patch imports https://codereview.chromium.org/197203003.

        When using an SVG as list marker image, don't unconditionally set the
        dimensions to a square with the dimensions of ascent / 2, but rather
        determine a suitable size using intrinsic dimensions (and ratio).

        Test: svg/as-list-image/svg-list-image-intrinsic-size-1.html

        * rendering/RenderListMarker.cpp:
        (WebCore::RenderListMarker::updateContent):

2015-04-13  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Canvas drawImage() has a security hole when the image isn't yet fully loaded.
        https://bugs.webkit.org/show_bug.cgi?id=58681.

        Reviewed by Darin Adler.

        There is a race condition which may happen if an image from a different
        origin is drawn on a canvas before it finishes loading. The check to taint
        the canvas comes before drawing it. This check returns false if the image
        is not completely loaded because we check the URL of the resource response.
        If after this check and before the drawing, the image finishes loading, the
        canvas will not be tainted but the image will be drawn.
        
        The fix is to move the check to taint the canvas after drawing the image.
        The only problem with this solution is basically the opposite of this bug:
        we will become stricter than before with images which are from a different
        origin and before they finish loading. The image has not finished loading,
        so we do not draw it. Before we check for tainting, the image finishes
        loading. So we decide to taint the canvas even the image is not drawn.
        
        But this should not be a security issue anymore. I personally do not know
        if it is even a correctness issue or not.

        Test: http/tests/canvas/canvas-tainted-after-draw-image.html

        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::drawImage):

2015-04-13  Beth Dakin  <bdakin@apple.com>

        Add force property to MouseEvents
        https://bugs.webkit.org/show_bug.cgi?id=143569
        -and corresponding-
        rdar://problem/20472954

        Reviewed by Darin Adler.

        This patch removes WebKitMouseForceEvent and uses a MouseEvent everywhere that it 
        was used. That’s possible because this patch also adds a force property to all 
        MouseEvents and to PlatformMouseEvent.

        Remove WebKitMouseForceEvent.
        * CMakeLists.txt:
        * DerivedSources.cpp:
        * DerivedSources.make:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/DOMAllInOne.cpp:

        Create MouseEvents with the appropriate force instead of WebKitMouseForceEvents. 
        This patch also gets rid of the PlatformMouseEvent parameter for these events. 
        They were re-using the cached mousedown event before, which they never should have 
        done. Instead, we create PlatformMouseEvents inside these functions and then use 
        that to make MouseEvents.
        * dom/Element.cpp:
        (WebCore::Element::dispatchMouseForceWillBegin):
        (WebCore::Element::dispatchMouseForceChanged):
        (WebCore::Element::dispatchMouseForceDown):
        (WebCore::Element::dispatchMouseForceUp):
        (WebCore::Element::dispatchMouseForceClick):
        (WebCore::Element::dispatchMouseForceCancelled):
        * dom/Element.h:

        No More WebKitMouseForceEvent.
        * dom/EventNames.in:

        Add force to MouseEvent.
        * dom/MouseEvent.cpp:
        (WebCore::MouseEvent::create):
        (WebCore::MouseEvent::MouseEvent):
        (WebCore::MouseEvent::cloneFor):
        (WebCore::SimulatedMouseEvent::SimulatedMouseEvent):
        * dom/MouseEvent.h:
        (WebCore::MouseEvent::force):
        (WebCore::MouseEvent::setForce):
        * dom/MouseEvent.idl:

        No More WebKitMouseForceEvent.
        * dom/WebKitMouseForceEvent.cpp: Removed.
        * dom/WebKitMouseForceEvent.h: Removed.
        * dom/WebKitMouseForceEvent.idl: Removed.

        PlatformMouseEvent now takes a force parameter.
        * dom/WheelEvent.cpp:
        (WebCore::WheelEvent::WheelEvent):
        * page/ContextMenuController.cpp:
        (WebCore::ContextMenuController::showContextMenuAt):
        * page/DragController.cpp:
        (WebCore::createMouseEvent):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::dispatchDragEvent):
        (WebCore::EventHandler::sendContextMenuEventForKey):
        (WebCore::EventHandler::fakeMouseMoveEventTimerFired):

        We don’t need lastMouseDownEvent() anymore. We were using it to avoid creating new 
        PlatformMouseEvents for the force events, but we fix that in this patch.
        (WebCore::EventHandler::lastMouseDownEvent): Deleted.
        * page/EventHandler.h:

        At force to PlatformMouseEvent.
        * platform/PlatformMouseEvent.h:
        (WebCore::PlatformMouseEvent::PlatformMouseEvent):
        (WebCore::PlatformMouseEvent::force):
        * replay/SerializationMethods.cpp:
        (JSC::EncodingTraits<PlatformMouseEvent>::encodeValue):
        (JSC::EncodingTraits<PlatformMouseEvent>::decodeValue):

2015-04-13  Andreas Kling  <akling@apple.com>

        Don't segregate heap objects based on Structure immortality.
        <https://webkit.org/b/143638>

        Reviewed by Darin Adler.

        * bindings/js/JSDOMBinding.h:
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        (GeneratePrototypeDeclaration):
        * bridge/objc/objc_runtime.h:
        * bridge/runtime_array.h:
        * bridge/runtime_method.h:
        * bridge/runtime_object.h:

2015-04-13  Simon Fraser  <simon.fraser@apple.com>

        Fixed position element is truncated if moved onscreen by a transform
        https://bugs.webkit.org/show_bug.cgi?id=143655
        rdar://problem/15020044

        Reviewed by Darin Adler.
        
        Our "don't do layout if transform changes" code was too aggressive.
        If an element changes between having a transform and not having one, we
        really need to do a layout since so much else depends on transforms. In
        this particular case, we clip position:fixed elements to the viewport if
        they are not transformed, and were failing to re-evaluate this when a
        transform was added. Doing a layout fixes this.

        Test: compositing/geometry/fixed-transformed.html

        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::changeRequiresLayout):
        * rendering/style/StyleTransformData.h:
        (WebCore::StyleTransformData::hasTransform):

2015-04-12  Darin Adler  <darin@apple.com>

        [Cocoa] Localizable strings are inconsistent and need to be regenerated
        https://bugs.webkit.org/show_bug.cgi?id=143661
        rdar://problem/19634388

        Reviewed by Dan Bernstein.

        * English.lproj/Localizable.strings: Updated by running the
        update-webkit-localizable-strings script.

2015-04-13  Darin Adler  <darin@apple.com>

        Remove needless recreation of URL in NavigationScheduler::scheduleLocationChange
        https://bugs.webkit.org/show_bug.cgi?id=143662

        Reviewed by Sam Weinig.

        * loader/NavigationScheduler.cpp:
        (WebCore::NavigationScheduler::scheduleLocationChange): Removed unnecessary code
        to convert a URL to a String and then back into a URL.

2015-04-13  Csaba Osztrogonác  <ossy@webkit.org>

        [cmake] Add ENABLE(ATTACHMENT_ELEMENT) to the build system
        https://bugs.webkit.org/show_bug.cgi?id=143664

        Reviewed by Gyuyoung Kim.

        * page/efl/DragControllerEfl.cpp:
        (WebCore::DragController::declareAndWriteAttachment): Added stub implementation to fix the build.
        * page/gtk/DragControllerGtk.cpp:
        (WebCore::DragController::declareAndWriteAttachment): Added stub implementation to fix the build.

2015-04-13  Sungmann Cho  <sungmann.cho@navercorp.com>

        [Curl] Small improvements to CurlCacheEntry::parseResponseHeaders()
        https://bugs.webkit.org/show_bug.cgi?id=143597

        Reviewed by Csaba Osztrogonác.

        Most lines of code in CurlCacheEntry::parseResponseHeaders() don't need to be
        executed if the response has "no-cache" or "no-store" directive, but we are
        checking these conditions in the middle of the method. We can move this to the
        beginning of the method for efficiency.

        No new tests, no behavior change.

        * platform/network/curl/CurlCacheEntry.cpp:
        (WebCore::CurlCacheEntry::parseResponseHeaders):

2015-04-13  Sergio Villar Senin  <svillar@igalia.com>

        Unreviewed, build fix after r182704.

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):

2015-04-13  Joonghun Park  <jh718.park@samsung.com>

        Use std::unique_ptr instead of PassOwnPtr|OwnPtr for ResourceResponse
        https://bugs.webkit.org/show_bug.cgi?id=143056

        Reviewed by Gyuyoung Kim.

        No new tests, no behavior changes.

        * loader/WorkerThreadableLoader.cpp:
        (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge):
        (WebCore::WorkerThreadableLoader::MainThreadBridge::didReceiveResponse):
        * platform/CrossThreadCopier.h:
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::ResourceResponseBase::adopt):
        (WebCore::ResourceResponseBase::copyData):
        * platform/network/ResourceResponseBase.h:
        * platform/network/cf/ResourceResponse.h:
        (WebCore::ResourceResponse::doPlatformCopyData):
        (WebCore::ResourceResponse::doPlatformAdopt):
        * platform/network/curl/ResourceResponse.h:
        (WebCore::ResourceResponse::doPlatformCopyData):
        (WebCore::ResourceResponse::doPlatformAdopt):
        * platform/network/soup/ResourceResponse.h:
        (WebCore::ResourceResponse::doPlatformCopyData):
        (WebCore::ResourceResponse::doPlatformAdopt):

2015-04-10  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] Support marking/unmarking tracks as infinitely growable
        https://bugs.webkit.org/show_bug.cgi?id=141431

        Reviewed by Darin Adler.

        As explained here
        http://lists.w3.org/Archives/Public/www-style/2014Mar/0512.html we
        sometimes need to consider that some tracks are infinitely
        growable even when they are really not, in order to produce more
        "natural" results.

        For example the following case:
          grid-template-columns: auto auto;
          item 1 in column 1 with min-content = max-content = 10px;
          item 2 in columns 1-2 with min-content = 30, max-content = 100px;

        will produce (45px, 55px) without this patch. But considering the
        second column as infinitely growable the result is (10px, 90px), a
        more "natural" result because column 1 just needs to be 10px to
        accommodate item 1. From now on we can flag GridTracks so that
        they can infinitely grow even when the growth limit is finite.

        Apart from that distributeSpaceToTracks() is now unconditionally
        called even though the extra space is 0. That's because it
        computes the plannedSize value.

        Test: fast/css-grid-layout/mark-as-infinitely-growable.html

        * rendering/RenderGrid.cpp:
        (WebCore::GridTrack::infiniteGrowthPotential):
        (WebCore::GridTrack::infinitelyGrowable):
        (WebCore::GridTrack::setInfinitelyGrowable):
        (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
        (WebCore::RenderGrid::trackSizeForTrackSizeComputationPhase): Updated with new phase.
        (WebCore::RenderGrid::shouldProcessTrackForTrackSizeComputationPhase): Ditto.
        (WebCore::RenderGrid::trackShouldGrowBeyondGrowthLimitsForTrackSizeComputationPhase): Ditto.
        (WebCore::RenderGrid::updateTrackSizeForTrackSizeComputationPhase): Ditto.
        (WebCore::RenderGrid::currentItemSizeForTrackSizeComputationPhase): Ditto.
        (WebCore::RenderGrid::markAsInfinitelyGrowableForTrackSizeComputationPhase):
        New helper method which does the mark/unmark just for growth limits.
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
        (WebCore::sortByGridTrackGrowthPotential): Use
        infiniteGrowthPotential() for sorting.
        (WebCore::RenderGrid::distributeSpaceToTracks):
        * rendering/RenderGrid.h:

2015-04-12  Benjamin Poulain  <benjamin@webkit.org>

        Legacy scroll behavior on HTMLBodyElement should only apply to the first body element of a document
        https://bugs.webkit.org/show_bug.cgi?id=143651

        Reviewed by Sam Weinig.

        WebKit has some very weird behaviors for the scroll methods on body. This patch
        address the first bug: only the first body element should have the legacy behavior.

        The relevant text in spec:
        -http://dev.w3.org/csswg/cssom-view/#dom-element-scrollleft
        -http://dev.w3.org/csswg/cssom-view/#dom-element-scrolltop
        -http://dev.w3.org/csswg/cssom-view/#dom-element-scrollwidth
        -http://dev.w3.org/csswg/cssom-view/#dom-element-scrollheight

        Tests: fast/dom/Element/body-scrollHeight-basics-quirks.html
               fast/dom/Element/body-scrollLeft-basics-quirks.html
               fast/dom/Element/body-scrollTop-basics-quirks.html
               fast/dom/Element/body-scrollWidth-basics-quirks.html
               fast/dom/Element/detached-body-element-does-not-scroll-main-frame-with-scrollLeft.html
               fast/dom/Element/detached-body-element-does-not-scroll-main-frame-with-scrollTop.html

        * html/HTMLBodyElement.cpp:
        (WebCore::HTMLBodyElement::isFirstBodyElementOfDocument):
        (WebCore::HTMLBodyElement::scrollLeft):
        (WebCore::HTMLBodyElement::setScrollLeft):
        (WebCore::HTMLBodyElement::scrollTop):
        (WebCore::HTMLBodyElement::setScrollTop):
        (WebCore::HTMLBodyElement::scrollHeight):
        (WebCore::HTMLBodyElement::scrollWidth):
        * html/HTMLBodyElement.h:

2015-04-12  Sungmann Cho  <sungmann.cho@navercorp.com>

        Fix trival typos related to the word "coordinate".
        https://bugs.webkit.org/show_bug.cgi?id=143644

        Reviewed by Alexey Proskuryakov.

        No new tests, no behavior change.

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::layoutOverflowRectForPropagation):

2015-04-12  Simon Fraser  <simon.fraser@apple.com>

        Scrollbars in composited overflow and iframes fail to render on Mac
        https://bugs.webkit.org/show_bug.cgi?id=143647
        rdar://problem/20340544

        Reviewed by Darin Adler.

        When adding support for drawing scrollbars on the scrolling thread, we inadvertently
        disabled scrollbar drawing in other composited, main-thread scrolling configurations.
        
        Fix by having Scrollbar::supportsUpdateOnSecondaryThread() only return true if
        the scrollable area is using async scrolling.
        
        Sadly, we can't layout-test this.

        * platform/Scrollbar.cpp:
        (WebCore::Scrollbar::supportsUpdateOnSecondaryThread):

2015-04-12  Simon Fraser  <simon.fraser@apple.com>

        Selects don't scroll at some aspect ratios
        https://bugs.webkit.org/show_bug.cgi?id=143649
        rdar://problem/19365694

        Reviewed by Darin Adler.
        
        Fix width/height flip in RenderListBox which caused us to fail to scroll when
        the list was wider than the scroll height.
        
        We're generally confused about RenderListBox scroll offsets (webkit.org/b/143648)
        but this fixes the immediate problem.

        Test: fast/forms/listbox-visible-size.html

        * rendering/RenderListBox.h:

2015-04-12  Simon Fraser  <simon.fraser@apple.com>

        Too much repainting on scrolling with fixed backgrounds
        https://bugs.webkit.org/show_bug.cgi?id=143637
        rdar://problem/20245243

        Reviewed by Darin Adler.
        
        FrameView::scrollContentsSlowPath() would repaint the entire viewport if there were
        any slow-repaint objects (those with background-attachment: fixed) and the contents
        were using compositing for scrolling.
        
        This is wrong; we only need to issue repaint for the slow-repaint renderers,
        and, if the frame is hosted in a compositing layer and not using compositing for scrolling,
        repaint that hosting layer.

        Tests: compositing/repaint/iframes/composited-iframe-with-fixed-background-doc-repaint.html
               compositing/repaint/iframes/compositing-iframe-scroll-repaint.html
               compositing/repaint/iframes/compositing-iframe-with-fixed-background-doc-repaint.html
               platform/mac-wk2/tiled-drawing/fixed-background-scroll-repaint.html

        * page/FrameView.cpp:
        (WebCore::FrameView::scrollContentsSlowPath):

2015-04-11  Matt Baker  <mattbaker@apple.com>

        Web Inspector: create content view and details sidebar for Frames timeline
        https://bugs.webkit.org/show_bug.cgi?id=143533

        Reviewed by Timothy Hatcher.

        Refactoring: RunLoop prefix changed to RenderingFrame.

        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::internalStart):
        (WebCore::toProtocol):
        * inspector/InspectorTimelineAgent.h:

2015-04-11  Chris Dumez  <cdumez@apple.com>

        Stop referring to outdated RFC2616 in CacheValidation.cpp
        https://bugs.webkit.org/show_bug.cgi?id=143619

        Reviewed by Darin Adler.

        Stop referring to outdated RFC2616 in CacheValidation.cpp and refer to
        the newer RFC7230 & RFC7234. Also update some variables to match the
        naming in the RFC for clarity.

        No behavior change.

        * platform/network/CacheValidation.cpp:
        (WebCore::updateResponseHeadersAfterRevalidation):
        (WebCore::computeCurrentAge):
        (WebCore::computeFreshnessLifetimeForHTTPFamily):
        (WebCore::isCacheHeaderSeparator):
        (WebCore::parseCacheControlDirectives):

2015-04-11  Ryosuke Niwa  <rniwa@webkit.org>

        WebKit places caret in front of pasted Numbers cells instead of behind
        https://bugs.webkit.org/show_bug.cgi?id=143627

        Reviewed by Darin Adler.

        The bug was caused by Position::downstream not respecting modern position types inside a table.
        Fixed it by using Position::atStartOfNode which respects before/after positions.

        This bug doesn't reproduce when there is no whitespace after td element in the pasted content
        because positionAtEndOfInsertedContent() will be inside the last pasted cell inside
        ReplaceSelectionCommand::completeHTMLReplacement in those cases. This related but separate bug
        is tracked in https://webkit.org/b/143628.

        Tests: editing/pasteboard/paste-table-with-unrendered-text-nodes.html

        * dom/Position.cpp:
        (WebCore::Position::downstream):

2015-04-11  Yusuke Suzuki  <utatane.tea@gmail.com>

        [ES6] Enable Symbol in web pages
        https://bugs.webkit.org/show_bug.cgi?id=143375

        Reviewed by Ryosuke Niwa.

        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorFrontendClientLocal::InspectorFrontendClientLocal):

2015-04-10  Roger Fong  <roger_fong@apple.com>

        Hide volume controls when playing wirelessly.
        https://bugs.webkit.org/show_bug.cgi?id=143621.
        <rdar://problem/20490673>

        Reviewed by Darin Adler.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.updateWirelessPlaybackStatus):

2015-04-10  Alexey Proskuryakov  <ap@apple.com>

        Build fix.

        * WebCore.xcodeproj/project.pbxproj: Make LaunchServicesSPI.h a private header
        instead of project, as it's used in WebKit.

2015-04-08  Sam Weinig  <sam@webkit.org>

        Allow LaunchServices to handle URLs on link navigations
        <rdar://problem/19446826>
        https://bugs.webkit.org/show_bug.cgi?id=143544

        Reviewed by Anders Carlsson.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/spi/ios/LaunchServicesSPI.h: Added.
        Add new SPI header.

2015-04-10  Bem Jones-Bey  <bjonesbe@adobe.com>

        Unreviewed, added CSS Shapes to features.json file.

        * features.json:

2015-04-10  Andy Estes  <aestes@apple.com>

        [Content Filtering] Support modifying request URLs
        https://bugs.webkit.org/show_bug.cgi?id=143599
        rdar://problem/20442560

        Reviewed by Darin Adler.

        Tests: contentfiltering/modify-request-url.html
               http/tests/contentfiltering/modify-redirect-request-url.html

        Allow NEFilterSource to modifiy request URLs. Also teach MockContentFilter to do the same for testing.

        * platform/cocoa/NetworkExtensionContentFilter.mm:
        (WebCore::NetworkExtensionContentFilter::willSendRequest): If NEFilterSource provided a string representing a
        valid URL in decisionInfo[NEFilterSourceOptionsRedirectURL], then used that as the request URL.
        * platform/spi/cocoa/NEFilterSourceSPI.h: Temporarily defined NEFilterSourceOptionsRedirectURL.
        * testing/MockContentFilter.cpp:
        (WebCore::MockContentFilter::willSendRequest): If settings() has a valid modifiedRequestURL, use it as the
        request URL. Only do so once MockContentFilter has reached its decision point so that both initial requests and
        redirect requests can be tested.
        * testing/MockContentFilterSettings.h: Added modifiedRequestURL.
        (WebCore::MockContentFilterSettings::modifiedRequestURL): Ditto.
        (WebCore::MockContentFilterSettings::setModifiedRequestURL): Ditto.
        * testing/MockContentFilterSettings.idl: Ditto.

2015-04-10  Zalan Bujtas  <zalan@apple.com>

        showRenderTree: Include the render object to the inlinebox output.
        https://bugs.webkit.org/show_bug.cgi?id=143610

        This helps to match the inlinebox and its renderer.

        Reviewed by Antti Koivisto.

        * rendering/InlineBox.cpp:
        (WebCore::InlineBox::showLineBox):

2015-04-09  Roger Fong  <roger_fong@apple.com>

        Update wireless player placard for OSX.
        https://bugs.webkit.org/show_bug.cgi?id=143585.
        <rdar://problem/12067439>

        Reviewed by Eric Carlson.

        * Modules/mediacontrols/mediaControlsApple.css:
        Adjust button positioning and svg.
        (audio::-webkit-media-controls-wireless-playback-picker-button):
        (audio::-webkit-media-controls-wireless-playback-picker-button.playing):
        Style the wireless playback status placard, small and big versions.
        (audio::-webkit-media-controls-wireless-playback-status):
        (audio::-webkit-media-controls-wireless-playback-text):
        (audio::-webkit-media-controls-wireless-playback-text-top):
        (audio::-webkit-media-controls-wireless-playback-text-bottom):
        (audio::-webkit-media-controls-wireless-playback-status.small):
        (audio::-webkit-media-controls-wireless-playback-text-top.small):
        (audio::-webkit-media-controls-wireless-playback-text-bottom.small):
        * Modules/mediacontrols/mediaControlsApple.js:
        Add new wireless player placard elements.
        (Controller.prototype.createControls):
        (Controller.prototype.configureInlineControls):
        Make sure to switch between small and big placards when switching between fullscreen and small videos.
        (Controller.prototype.configureFullScreenControls):
        (Controller.prototype.handleFullscreenChange):
        (Controller.prototype.updateWirelessPlaybackStatus):

2015-04-10  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Refactor MediaPlaybackTarget
        https://bugs.webkit.org/show_bug.cgi?id=143571

        Reviewed by Jer Noble.

        * WebCore.xcodeproj/project.pbxproj:
        * dom/Document.cpp:
        (WebCore::Document::addPlaybackTargetPickerClient): Don't call client if page playback target
            is NULL.
        (WebCore::Document::didChoosePlaybackTarget): MediaPlaybackTarget is passed as a Ref<>
        * dom/Document.h:

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::setWirelessPlaybackTarget): MediaPlaybackTarget is passed as a Ref<>
        * html/HTMLMediaElement.h:

        * html/HTMLMediaSession.cpp:
        (WebCore::HTMLMediaSession::HTMLMediaSession): Don't initialize m_playbackTarget.
        (WebCore::HTMLMediaSession::didChoosePlaybackTarget): MediaPlaybackTarget is passed as a Ref<>
        * html/HTMLMediaSession.h:

        * page/Page.cpp:
        (WebCore::Page::Page):
        (WebCore::Page::playbackTarget): m_playbackTarget is a RefPtr<MediaPlaybackTarget>
        (WebCore::Page::didChoosePlaybackTarget): Ditto.
        * page/Page.h:

        * platform/audio/MediaSession.h:
        (WebCore::MediaSessionClient::setWirelessPlaybackTarget): Take a Ref<MediaPlaybackTarget>&&.

        Make MediaPlaybackTarget RefCounted, and don't require it to be serializable so it can be
        subclassed to keep port-specific iformation out of the base class.
        * platform/graphics/MediaPlaybackTarget.h: 
        (WebCore::MediaPlaybackTarget::targetType):
        (WebCore::MediaPlaybackTarget::targetContext):
        (WebCore::MediaPlaybackTarget::hasActiveRoute):
        (WebCore::MediaPlaybackTarget::MediaPlaybackTarget):
        (WebCore::MediaPlaybackTarget::setDevicePickerContext): Deleted.
        (WebCore::MediaPlaybackTarget::devicePickerContext): Deleted.

        MediaPlaybackTargetContext is the struct that is serialized to pass across the process boudary.
        It has union to hold port-specific data.
        * platform/graphics/MediaPlaybackTargetContext.h: Added.

        * platform/graphics/MediaPlaybackTargetPicker.h: didChoosePlaybackTarget takes a Ref<MediaPlaybackTarget>&&
        * platform/graphics/MediaPlaybackTargetPickerClient.h: Ditto.
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::setWirelessPlaybackTarget): Ditto.
        * platform/graphics/MediaPlayer.h:

        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::setWirelessPlaybackTarget):

        * platform/graphics/avfoundation/MediaPlaybackTargetMac.h: Added.
        (WebCore::MediaPlaybackTargetMac::targetType):
        (WebCore::MediaPlaybackTargetMac::outputContext):
        * platform/graphics/avfoundation/MediaPlaybackTargetMac.mm:
        (WebCore::MediaPlaybackTargetMac::create):
        (WebCore::MediaPlaybackTargetMac::MediaPlaybackTargetMac):
        (WebCore::MediaPlaybackTargetMac::~MediaPlaybackTargetMac):
        (WebCore::MediaPlaybackTargetMac::targetContext):
        (WebCore::MediaPlaybackTargetMac::hasActiveRoute):
        (WebCore::toMediaPlaybackTargetMac):
        (WebCore::MediaPlaybackTarget::encode): Deleted.
        (WebCore::MediaPlaybackTarget::decode): Deleted.
        (WebCore::MediaPlaybackTarget::hasActiveRoute): Deleted.

        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
        (WebCore::MediaPlaybackTargetPickerMac::currentDeviceDidChange): Allocate and pass a MediaPlaybackTargetMac
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setWirelessPlaybackTarget): Take a Ref<MediaPlaybackTarget&&

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setWirelessPlaybackTarget): Ditto.

        * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::setWirelessPlaybackTarget): Ditto.

2015-04-09  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] Fix raw function pointer usages
        https://bugs.webkit.org/show_bug.cgi?id=143481

        Reviewed by Antti Koivisto.

        The argument list of
        resolveContentBasedTrackSizingFunctionsForItems() became too long
        and rather incomprehensible as it included up to 6 function
        pointers. This replaces all of them by an enum which describes the
        phase of the algorithm that is currently running. With that phase
        we have enough information to select the right function to call.

        In order not to tangle up too much the method, the new explicit
        switch statements where moved to static helper functions.

        No new tests as this is just a code refactoring.

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions):
        (WebCore::RenderGrid::trackSizeForTrackSizeComputationPhase): New helper function.
        (WebCore::RenderGrid::shouldProcessTrackForTrackSizeComputationPhase): Ditto.
        (WebCore::RenderGrid::trackShouldGrowBeyondGrowthLimitsForTrackSizeComputationPhase): Ditto.
        (WebCore::RenderGrid::updateTrackSizeForTrackSizeComputationPhase): Ditto.
        (WebCore::RenderGrid::currentItemSizeForTrackSizeComputationPhase): Ditto.
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
        (WebCore::RenderGrid::distributeSpaceToTracks):
        * rendering/RenderGrid.h:

2015-04-10  Adam Bergkvist  <adam.bergkvist@ericsson.com>

        WebRTC: Remove AudioStreamTrack and VideoStreamTrack (removed in spec)
        https://bugs.webkit.org/show_bug.cgi?id=143336

        Reviewed by Philippe Normand.

        The specific MediaStreamTrakc types (AudioStreamTrack and VideoStreamTrack) have been
        removed from the Media Capture and Streams [1] specification.

        [1] http://w3c.github.io/mediacapture-main/archives/20150324/getusermedia.html

        There are no test for this feature to remove.

        * CMakeLists.txt:
        * DerivedSources.make:
        * Modules/mediastream/AudioStreamTrack.cpp: Removed.
        * Modules/mediastream/AudioStreamTrack.h: Removed.
        * Modules/mediastream/AudioStreamTrack.idl: Removed.
        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::MediaStream):
        (WebCore::MediaStream::addRemoteTrack):
        (WebCore::MediaStream::active): Deleted.
        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::create):
        (WebCore::MediaStreamTrack::MediaStreamTrack):
        (WebCore::MediaStreamTrack::kind):
        (WebCore::MediaStreamTrack::clone):
        (WebCore::MediaStreamTrack::trackEnded): Deleted.
        * Modules/mediastream/MediaStreamTrack.h:
        * Modules/mediastream/VideoStreamTrack.cpp: Removed.
        * Modules/mediastream/VideoStreamTrack.h: Removed.
        * Modules/mediastream/VideoStreamTrack.idl: Removed.
        * WebCore.xcodeproj/project.pbxproj:

2015-04-09  Andy Estes  <aestes@apple.com>

        [Cocoa] Add a HAVE(AVKIT) and use it
        https://bugs.webkit.org/show_bug.cgi?id=143593

        Reviewed by David Kilzer.

        * page/Settings.h: Only defined setAVKitEnabled() if HAVE(AVKIT).
        * platform/ios/WebVideoFullscreenControllerAVKit.mm: Only compiled if HAVE(AVKIT).
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: Ditto.

2015-04-09  Simon Fraser  <simon.fraser@apple.com>

        Some CSS3 filters tests crash under iOS testing
        https://bugs.webkit.org/show_bug.cgi?id=143594
        rdar://problem/20491140

        Reviewed by David Kilzer.

        Some tests disable accelerated compositing via testRunner.overridePreference(). In this case,
        we'd not create a root scrolling tree node, so null-check it in AsyncScrollingCoordinator::updateNonFastScrollableRegion().

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::updateNonFastScrollableRegion):

2015-04-09  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Add <br> support.
        https://bugs.webkit.org/show_bug.cgi?id=139012

        This patch enables RenderBlockFlows to use simple line layout on text content when <br> is present.
        Simple text with <br> is a fairly common pattern on discussion(forum)-like web pages. This patch reduces memory usage
        and speeds up layout for such content.

        PerformanceTest/layout/line-layout-simple.html shows more than 2x speedup, when each paragraph is modified by appending <br> to the end.
        With <br> support enabled:
          mean: 70.02391461289068 runs/s
          median: 70.47986488932318 runs/s

        While with <br> support disabled:
          mean: 30.417295049468184 runs/s
          median: 30.36517778760357 runs/s

        Reviewed by Antti Koivisto.

        Test: fast/text/simple-line-with-br.html

        * editing/TextIterator.cpp:
        (WebCore::TextIterator::handleTextNode):
        * rendering/RenderBlock.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::setSelectionState):
        (WebCore::RenderBlockFlow::deleteLineBoxesBeforeSimpleLineLayout):
        * rendering/RenderBlockFlow.h:
        * rendering/RenderLineBreak.cpp:
        (WebCore::simpleLineLayout):
        (WebCore::ensureLineBoxes):
        (WebCore::RenderLineBreak::deleteLineBoxesBeforeSimpleLineLayout):
        (WebCore::RenderLineBreak::positionForPoint):
        (WebCore::RenderLineBreak::setSelectionState):
        (WebCore::RenderLineBreak::linesBoundingBox):
        (WebCore::RenderLineBreak::absoluteRects):
        (WebCore::RenderLineBreak::absoluteQuads):
        (WebCore::RenderLineBreak::collectSelectionRects):
        * rendering/RenderLineBreak.h:
        * rendering/RenderText.cpp:
        (WebCore::RenderText::absoluteRects):
        (WebCore::RenderText::absoluteQuadsClippedToEllipsis):
        (WebCore::RenderText::absoluteQuads):
        (WebCore::RenderText::linesBoundingBox):
        (WebCore::RenderText::caretMinOffset):
        (WebCore::RenderText::caretMaxOffset):
        (WebCore::RenderText::containsCaretOffset):
        (WebCore::RenderText::hasRenderedText):
        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseFor):
        (WebCore::SimpleLineLayout::LineState::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::consumeLineBreakIfNeeded):
        (WebCore::SimpleLineLayout::skipWhitespaceIfNeeded):
        (WebCore::SimpleLineLayout::firstFragment):
        (WebCore::SimpleLineLayout::forceFragmentToLine):
        (WebCore::SimpleLineLayout::createLineRuns):
        (WebCore::SimpleLineLayout::create):
        * rendering/SimpleLineLayoutFlowContents.cpp:
        (WebCore::SimpleLineLayout::initializeSegments):
        (WebCore::SimpleLineLayout::FlowContents::segmentForRenderer): Deleted.
        * rendering/SimpleLineLayoutFlowContents.h:
        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::paintFlow):
        (WebCore::SimpleLineLayout::hitTestFlow):
        (WebCore::SimpleLineLayout::showLineLayoutForFlow):
        * rendering/SimpleLineLayoutResolver.cpp:
        (WebCore::SimpleLineLayout::RunResolver::Run::rect):
        (WebCore::SimpleLineLayout::RunResolver::RunResolver):
        (WebCore::SimpleLineLayout::RunResolver::rangeForRenderer):
        * rendering/SimpleLineLayoutResolver.h:
        (WebCore::SimpleLineLayout::RunResolver::Iterator::inQuirksMode):
        (WebCore::SimpleLineLayout::RunResolver::Iterator::operator--):
        * rendering/SimpleLineLayoutTextFragmentIterator.cpp:
        (WebCore::SimpleLineLayout::TextFragmentIterator::nextTextFragment):
        (WebCore::SimpleLineLayout::TextFragmentIterator::findNextTextFragment):
        (WebCore::SimpleLineLayout::TextFragmentIterator::revertToFragment):
        (WebCore::SimpleLineLayout::TextFragmentIterator::skipToNextPosition):
        * rendering/SimpleLineLayoutTextFragmentIterator.h:
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::isLastInRenderer):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::isLineBreak):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::isEmpty):
        (WebCore::SimpleLineLayout::TextFragmentIterator::isSoftLineBreak):
        (WebCore::SimpleLineLayout::TextFragmentIterator::isHardLineBreak):
        (WebCore::SimpleLineLayout::TextFragmentIterator::isLineBreak): Deleted.

2015-04-09  Chris Dumez  <cdumez@apple.com>

        Regression(r182603): editing/selection/selection-invalid-offset.html is crashing
        https://bugs.webkit.org/show_bug.cgi?id=143591

        Reviewed by Ryosuke Niwa.

        Add missing null-check for m_frame->editor().client() in
        FrameSelection::updateAndRevealSelection().

        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::updateAndRevealSelection):

2015-04-09  Sungmann Cho  <sungmann.cho@navercorp.com>

        Minor cleanups to WebCore/plugins
        https://bugs.webkit.org/show_bug.cgi?id=143509

        Reviewed by Anders Carlsson.

        1. Remove unnecessary #includes.
        2. Fix some wrong namespace comments for consistency.

        No new tests, no behavior change.

        * plugins/DOMMimeType.cpp:
        * plugins/DOMMimeType.h:
        * plugins/DOMMimeTypeArray.h:
        * plugins/DOMPlugin.h:
        * plugins/DOMPluginArray.h:
        * plugins/PluginData.cpp:
        * plugins/PluginData.h:
        * plugins/PluginMainThreadScheduler.cpp:
        * plugins/PluginViewBase.h:

2015-04-09  Javier Fernandez  <jfernandez@igalia.com>

        [CSS Grid Layout] Implement justify-self and justify-item css properties.
        https://bugs.webkit.org/show_bug.cgi?id=133281

        Reviewed by David Hyatt.

        Implement the new property 'justify-items', defined in the CSS Box Alignment
        specification to describe the container's alignment behavior, in the same way
        the 'align-items' property does. The 'justify-self' 'auto' value of any relative
        positioned element will be resolved to its container's 'justify-items' value.

        Test: fast/css/parse-justify-items.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::resolveContainerAlignmentAuto): Function to resolve 'auto' values for 'align-items' or 'justify-items'.
        (WebCore::resolveSelfAlignmentAuto): Function to resolve 'auto' values for 'align-self' or 'justify-self'.
        (WebCore::valueForItemPositionWithOverflowAlignment): Take into account the 'legacy' keyword.
        (WebCore::ComputedStyleExtractor::propertyValue):
        (WebCore::resolveAlignmentAuto): Deleted (renamed to resolveContainerAlignmentAuto).
        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue): Refactoring to share logic between justify-xxx and align-xxx properties.
        (WebCore::CSSParser::parseLegacyPosition): Parsing logic of 'legacy' keyword,
        (WebCore::CSSParser::parseItemPositionOverflowPosition): Take into account the 'legacy' keyword.
        * css/CSSParser.h:
        * css/CSSPropertyNames.in:
        * css/CSSValueKeywords.in:
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInheritJustifyItems): Added.
        (WebCore::StyleBuilderCustom::applyInitialJustifyItems): Added.
        (WebCore::StyleBuilderCustom::applyValueJustifyItems): Added.
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle): Resolve 'auto' values for justify-items when parents have the 'legacy' keyword.
        * rendering/style/RenderStyle.h: Managing the new ItemPositionType fields.
        * rendering/style/RenderStyleConstants.h: Added the ItemPositionType enumeration for handling the 'legacy' keyword.
        * rendering/style/StyleRareNonInheritedData.cpp: Managing the new ItemPositionType fields.
        (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
        (WebCore::StyleRareNonInheritedData::operator==):
        * rendering/style/StyleRareNonInheritedData.h:

2015-04-09  Anders Carlsson  <andersca@apple.com>

        Make it possible to create an application cache storage with custom directories
        https://bugs.webkit.org/show_bug.cgi?id=143588

        Reviewed by Sam Weinig.

        Add cache directory and flat file directory name parameters to ApplicationCacheStorage::create.

        * loader/appcache/ApplicationCacheStorage.cpp:
        (WebCore::ApplicationCacheStorage::store):
        (WebCore::ApplicationCacheStorage::loadCache):
        (WebCore::ApplicationCacheStorage::checkForDeletedResources):
        (WebCore::ApplicationCacheStorage::flatFileAreaSize):
        (WebCore::ApplicationCacheStorage::ApplicationCacheStorage):
        (WebCore::ApplicationCacheStorage::create):
        (WebCore::ApplicationCacheStorage::singleton):
        * loader/appcache/ApplicationCacheStorage.h:

2015-04-09  Myles C. Maxfield  <mmaxfield@apple.com>

        Text-combine erroneously draws vertically after non-layout-causing style change
        https://bugs.webkit.org/show_bug.cgi?id=143461
        <rdar://problem/19285490>

        Reviewed by Darin Adler.

        RenderCombineText::styleDidChange() unconditionally uncombines its text. Layout then
        recombines it. However, if there is a style change that does not cause layout, the
        RenderCombineText will be left uncombined until the next layout.

        Test: fast/text/text-combine-style-change-no-layout.html

        * rendering/RenderCombineText.cpp:
        (WebCore::RenderCombineText::styleDidChange):

2015-04-09  Simon Fraser  <simon.fraser@apple.com>

        Revert part of 182516: it broke tests
        https://bugs.webkit.org/show_bug.cgi?id=143568
        rdar://problem/20484578

        Reviewed by Myles Maxfield.

        Revert the FontCascadeCocoa parts of r182516, since it broke some CSS shapes tests.

        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::FontCascade::drawGlyphs):
        (WebCore::dilationSizeForTextColor): Deleted.

2015-04-09  Zalan Bujtas  <zalan@apple.com>

        Simple line layout(regression): Calling innerText on RenderFlow with multiple children is slow.
        https://bugs.webkit.org/show_bug.cgi?id=143554

        Reviewed by Antti Koivisto.

        Initialize render flow's segments only when the render flow changes in TextIterator.
        The included performance test shows 6x speedup. (from ~10 runs/sec to ~60 runs/sec)

        Test: PerformanceTests/Layout/simple-line-layout-innertext.html.

        * editing/TextIterator.cpp:
        (WebCore::TextIterator::handleTextNode):
        * editing/TextIterator.h:
        * rendering/SimpleLineLayoutFlowContents.cpp: Instruments log shows that vector's expandCapacity could be expensive when flow has large amount of children.
        (WebCore::SimpleLineLayout::initializeSegments):

2015-04-09  Chris Dumez  <cdumez@apple.com>

        [WK2][iOS] editorState() should not cause a synchronous layout
        https://bugs.webkit.org/show_bug.cgi?id=142536
        <rdar://problem/20041506>

        Reviewed by Enrica Casucci.

        Add didChangeSelectionAndUpdateLayout() callback to EditorClient
        that is called at the end of FrameSelection::updateAndRevealSelection().

        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::updateAndRevealSelection):
        * loader/EmptyClients.h:
        * page/EditorClient.h:

2015-04-08  Anders Carlsson  <andersca@apple.com>

        Give each cache group a storage and use it in place of the singleton
        https://bugs.webkit.org/show_bug.cgi?id=143540

        Reviewed by Sam Weinig.

        This is another step towards making the cache storage be per page.

        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::ApplicationCacheGroup):
        (WebCore::ApplicationCacheGroup::~ApplicationCacheGroup):
        (WebCore::ApplicationCacheGroup::cacheForMainRequest):
        (WebCore::ApplicationCacheGroup::fallbackCacheForMainRequest):
        (WebCore::ApplicationCacheGroup::selectCache):
        (WebCore::ApplicationCacheGroup::makeObsolete):
        (WebCore::ApplicationCacheGroup::didReachMaxAppCacheSize):
        (WebCore::ApplicationCacheGroup::recalculateAvailableSpaceInQuota):
        (WebCore::ApplicationCacheGroup::checkIfLoadIsComplete):
        * loader/appcache/ApplicationCacheGroup.h:
        * loader/appcache/ApplicationCacheStorage.cpp:
        (WebCore::ApplicationCacheStorage::loadCacheGroup):
        (WebCore::ApplicationCacheStorage::findOrCreateCacheGroup):
        (WebCore::ApplicationCacheStorage::cacheGroupForURL):
        (WebCore::ApplicationCacheStorage::fallbackCacheGroupForURL):

2015-04-09  Andy Estes  <aestes@apple.com>

        Try to fix the Mac build after r182596.

        I was wrong to replace PLATFORM(IOS) with HAVE(PARENTAL_CONTROLS) in ContentFilterUnblockHandler.
        The conditional should be HAVE(PARENTAL_CONTROLS) && PLATFORM(IOS).

        * platform/ContentFilterUnblockHandler.h:
        * platform/cocoa/ContentFilterUnblockHandlerCocoa.mm:
        (WebCore::ContentFilterUnblockHandler::wrapWithDecisionHandler):
        (WebCore::ContentFilterUnblockHandler::needsUIProcess):
        (WebCore::ContentFilterUnblockHandler::encode):
        (WebCore::ContentFilterUnblockHandler::decode):
        (WebCore::ContentFilterUnblockHandler::canHandleRequest):
        (WebCore::ContentFilterUnblockHandler::requestUnblockAsync):

2015-04-09  Andy Estes  <aestes@apple.com>

        [Content Filtering] Add a HAVE(PARENTAL_CONTROLS) and use it
        https://bugs.webkit.org/show_bug.cgi?id=143559

        Reviewed by David Kilzer.

        * loader/ContentFilter.cpp:
        (WebCore::ContentFilter::types): Only registered ParentalControlsContentFilter if HAVE(PARENTAL_CONTROLS).
        * platform/ContentFilterUnblockHandler.h: Changed PLATFORM(IOS) to HAVE(PARENTAL_CONTROLS).
        * platform/cocoa/ContentFilterUnblockHandlerCocoa.mm:
        (WebCore::ContentFilterUnblockHandler::wrapWithDecisionHandler): Ditto.
        (WebCore::ContentFilterUnblockHandler::needsUIProcess): Ditto.
        (WebCore::ContentFilterUnblockHandler::encode): Ditto.
        (WebCore::ContentFilterUnblockHandler::decode): Ditto.
        (WebCore::ContentFilterUnblockHandler::canHandleRequest): Ditto.
        (WebCore::ContentFilterUnblockHandler::requestUnblockAsync): Ditto.
        * platform/cocoa/ParentalControlsContentFilter.mm: Wrapped the file with HAVE(PARENTAL_CONTROLS)

2015-04-09  Sergio Villar Senin  <svillar@igalia.com>

        Unreviewed, added CSS Grid Layout to features.json file.

        * features.json:

2015-04-08  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] Support the start function parameter in ReadableStream constructor
        https://bugs.webkit.org/show_bug.cgi?id=141160

        Reviewed by Benjamin Poulain.

        Stores the JS source object in ReadableStreamJSSource and calls its "start" function.
        This function takes a controller object that has three JS functions as members: close, enqueue and error.
        This controller is stored in ReadableStreamJSSource as it will be reused as "pull" parameter.
        All three JS functions do not currently do anything.

        Test: streams/readablestream-start.html

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::start): Place holder for step 11 of https://streams.spec.whatwg.org/#rs-constructor.
        * Modules/streams/ReadableStream.h:
        * bindings/js/JSReadableStreamCustom.cpp:
        (WebCore::constructJSReadableStream):
        * bindings/js/ReadableStreamJSSource.cpp:
        (WebCore::getPropertyFromObject): Helper function to get a public property from an object.
        (WebCore::setPropertyToObject): Helper function to set a public property to an object.
        (WebCore::callFunction): Helper function to call a JS function from C++.
        (WebCore::ReadableStreamJSSource::ReadableStreamJSSource):
        (WebCore::notImplementedFunction):
        (WebCore::createReadableStreamEnqueueFunction): Creates the JS function for enqueue.
        (WebCore::createReadableStreamCloseFunction): Creates the JS function for close.
        (WebCore::createReadableStreamErrorFunction): Creates the JS function for error.
        (WebCore::startReadableStreamAsync): Equivalent of promise resolution for start.
        (WebCore::ReadableStreamJSSource::start): Calls the "start" function of the JS source with all three JS functions (enqueue, close, error) as parameters.
        * bindings/js/ReadableStreamJSSource.h:

2015-04-08  Brent Fulgham  <bfulgham@apple.com>

        [Mac] Unreviewed test fix after r182584
        https://bugs.webkit.org/show_bug.cgi?id=143452

        Correct bit comparison to use the correct value for the Control-key

        * platform/mac/PlatformEventFactoryMac.mm:
        (WebCore::typeForEvent):

2015-04-08  Simon Fraser  <simon.fraser@apple.com>

        Add a debug assertion that will fire if we try to paint layer contents on a background thread
        https://bugs.webkit.org/show_bug.cgi?id=143547

        Reviewed by Alexey Proskuryakov.

        New assertion to catch cases where other frameworks erroneously trigger painting
        on a non-main (or non-Web) thread.

        * platform/graphics/mac/WebLayer.mm:
        (-[WebSimpleLayer display]):
        (-[WebSimpleLayer drawInContext:]):

2015-04-08  Brent Fulgham  <bfulgham@apple.com>

        [Mac] WebKit is not honoring OS preferences for secondary click behaviors
        https://bugs.webkit.org/show_bug.cgi?id=143452
        <rdar://problem/20437483>

        Reviewed by Tim Horton.

        We cannot rely on the event's button number to decide behavior. The OS settings might have
        mapped middle button to context menu, etc. Instead, we should ask the OS (via NSMenu) what
        the proper button press behavior is.

        * platform/mac/PlatformEventFactoryMac.mm:
        (WebCore::mouseButtonForEvent): Ask NSMenu what kind of button press we have received.

2015-04-08  Michael Catanzaro  <mcatanzaro@igalia.com>

        Fix -Wformat in AnimationBase.cpp
        https://bugs.webkit.org/show_bug.cgi?id=143541

        Reviewed by Simon Fraser.

        * page/animation/AnimationBase.cpp:
        (WebCore::nameForStateInput): Added. Converts an AnimationBase::AnimationStateInput to a
        string.
        (WebCore::AnimationBase::updateStateMachine): Print AnimationBase::AnimationStateInput as a
        string, instead of passing it to %d and assuming that works, to silence GCC's -Wformat.

2015-04-08  Brady Eidson  <beidson@apple.com>

        Expose the "Share" menu for links, images, and media.
        <rdar://problem/20435340> and https://bugs.webkit.org/show_bug.cgi?id=143502

        Reviewed by Tim Horton.

        * loader/EmptyClients.h:
        * page/ContextMenuClient.h:
        (WebCore::ContextMenuClient::shareSelectedTextMenuItem): Deleted.

        * page/ContextMenuController.cpp:
        (WebCore::ContextMenuController::populate):
        (WebCore::selectionContainsPossibleWord): Deleted.
        * page/ContextMenuController.h:
        (WebCore::ContextMenuController::page):

        * platform/ContextMenuItem.cpp:
        (WebCore::ContextMenuItem::ContextMenuItem):
        (WebCore::ContextMenuItem::isNull):
        (WebCore::ContextMenuItem::shareMenuItem):
        (WebCore::ContextMenuItem::supportsShareMenu): Deleted.
        (WebCore::ContextMenuItem::shareSelectedTextMenuItem): Deleted.
        * platform/ContextMenuItem.h:

        * platform/gtk/ContextMenuItemGtk.cpp:
        (WebCore::ContextMenuItem::shareMenuItem): Return a null item.
        (WebCore::ContextMenuItem::supportsShareMenu): Deleted.
        (WebCore::ContextMenuItem::shareSelectedTextMenuItem): Deleted.

        * platform/mac/ContextMenuItemMac.mm:
        (WebCore::ContextMenuItem::shareMenuItem): Create a full-featured Share menu item instead of just for selected text.
        (WebCore::ContextMenuItem::supportsShareMenu): Deleted.
        (WebCore::ContextMenuItem::shareSelectedTextMenuItem): Deleted.

        * rendering/HitTestResult.cpp:
        (WebCore::HitTestResult::selectedText): Instead of calculating selected text outside the HitTestResult, let the
          HitTestResult do what it does best: Calculate things!
        * rendering/HitTestResult.h:

2015-04-08  Per Arne Vollan  <peavo@outlook.com>

        [Curl] Compile error in CurlCacheEntry::parseResponseHeaders method.
        https://bugs.webkit.org/show_bug.cgi?id=143531

        Reviewed by Alex Christensen.

        Cache related methods in ResourceResponse have changed return type.

        * platform/network/curl/CurlCacheEntry.cpp:
        (WebCore::CurlCacheEntry::parseResponseHeaders):

2015-04-08  Anders Carlsson  <andersca@apple.com>

        Remove ApplicationCacheGroup::m_isCopy
        https://bugs.webkit.org/show_bug.cgi?id=143536

        Reviewed by Tim Horton.

        Code that used to set m_isCopy to true is long gone.

        * loader/appcache/ApplicationCache.cpp:
        (WebCore::ApplicationCache::~ApplicationCache):
        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::ApplicationCacheGroup):
        (WebCore::ApplicationCacheGroup::~ApplicationCacheGroup):
        * loader/appcache/ApplicationCacheGroup.h:
        (WebCore::ApplicationCacheGroup::isCopy): Deleted.

2015-04-08  Anders Carlsson  <andersca@apple.com>

        Delete ApplicationCache static member functions
        https://bugs.webkit.org/show_bug.cgi?id=143534

        Reviewed by Tim Horton.

        * loader/appcache/ApplicationCache.cpp:
        (WebCore::ApplicationCache::deleteCacheForOrigin): Deleted.
        (WebCore::ApplicationCache::deleteAllCaches): Deleted.
        (WebCore::ApplicationCache::diskUsageForOrigin): Deleted.
        * loader/appcache/ApplicationCache.h:

2015-04-08  Alex Christensen  <achristensen@webkit.org>

        Block popups from content extensions.
        https://bugs.webkit.org/show_bug.cgi?id=143497

        Reviewed by Brady Eidson.

        Test: http/tests/contentextensions/popups.html

        * loader/ResourceLoadInfo.cpp:
        (WebCore::readResourceType):
        * loader/ResourceLoadInfo.h:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::open):
        * page/UserContentController.cpp:
        (WebCore::UserContentController::actionsForResourceLoad):
        * page/UserContentController.h:
        Check content extensions before opening a window.

2015-04-08  Bem Jones-Bey  <bjonesbe@adobe.com>

        [CSS Shapes] Properly handle negative reference box widths and center coordinates
        https://bugs.webkit.org/show_bug.cgi?id=142610

        Reviewed by Rob Buis.

        Fix a few cases where values that should not be negative end up that
        way.

        This patch is based on a couple of Blink patches by Rob Buis.

        Tests: fast/shapes/shape-outside-floats/shape-outside-floats-circle-negative-radius-crash.html
               fast/shapes/shape-outside-floats/shape-outside-floats-ellipse-negative-width-crash.html

        * rendering/shapes/ShapeOutsideInfo.cpp:
        (WebCore::ShapeOutsideInfo::computeDeltasForContainingBlockLine): A
            negative margin box width means that the shape has no extent, so
            clamp to zero.
        * rendering/style/BasicShapes.cpp:
        (WebCore::BasicShapeCircle::floatValueForRadiusInBox): When computing
            the radii, take the absolute value, since the radii is based on
            the distance, which is always positive.
        (WebCore::BasicShapeEllipse::floatValueForRadiusInBox): Ditto.

2015-04-08  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r182522.
        https://bugs.webkit.org/show_bug.cgi?id=143529

        Not needed any more (Requested by ap on #webkit).

        Reverted changeset:

        "Fix the build."
        http://trac.webkit.org/changeset/182522

2015-04-08  Beth Dakin  <bdakin@apple.com>

        Force events should not require preventDefault in order to fire
        https://bugs.webkit.org/show_bug.cgi?id=143503
        -and corresponding-
        rdar://problem/20458916

        Reviewed by Tim Horton.

        Since these events will fire whether or not preventDefault was set on the 
        willBegin event, we should make sure we only send them when there are registered 
        event listeners. These are new events, so we don’t want to spam the vast majority 
        of web content that doesn’t use them yet.
        * dom/Document.cpp:
        (WebCore::Document::addListenerTypeIfNeeded):
        * dom/Document.h:
        * dom/Element.cpp:
        (WebCore::Element::dispatchMouseForceWillBegin):
        (WebCore::Element::dispatchMouseForceChanged):
        (WebCore::Element::dispatchMouseForceDown):
        (WebCore::Element::dispatchMouseForceUp):
        (WebCore::Element::dispatchMouseForceClick):
        (WebCore::Element::dispatchMouseForceCancelled):

2015-04-08  Jer Noble  <jer.noble@apple.com>

        [Mac][WebAudio] Update the AVAudioMix in the AudioSourceProviderAVFObjC when the list of enabled audio tracks change.
        https://bugs.webkit.org/show_bug.cgi?id=143332

        Reviewed by Eric Carlson.

        Some media assets (notably, mp3s) will not have an enabled audio track when the AVAsset is
        first loaded, so the AVAudioMix will have no trackID in it's parameters. Whenever the list
        of enabled tracks change, recreate the AVAudioMix with the new first enabled audio trackID.

        To facilitate this, add a new setter to AudioSourceProviderAVFObjC taking an AVAssetTrack to
        use with the AVAudioMix. Whenever this parameter changes, the AVAudioMix is destroyed and
        recreated.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaPlayerEngineUpdated): Drive-by fix: when the media
            player switches engines, re-associate the audio source node with its provider.
        * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.h:
        * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
        (WebCore::AudioSourceProviderAVFObjC::setPlayerItem): Only create the mix if there is a valid AVPlayerItem and AVAssetTrack
        (WebCore::AudioSourceProviderAVFObjC::setAudioTrack): Ditto.
        (WebCore::AudioSourceProviderAVFObjC::createMix): Don't iterate over the AVPlayerItem's tracks,
            just use the one passed in through setAudioTrack().
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::cancelLoad): Clear the provider's track.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerItem): Set the provider's track.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::tracksChanged): Ditto.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::audioSourceProvider): Ditto.

2015-04-08  Anders Carlsson  <andersca@apple.com>

        Move some ApplicationCache static member functions to ApplicationCacheStorage
        https://bugs.webkit.org/show_bug.cgi?id=143524

        Reviewed by Antti Koivisto.

        This is yet another step towards eliminating ApplicationCacheStorage::singleton() and making the storage be per page instead.

        * loader/appcache/ApplicationCache.cpp:
        (WebCore::ApplicationCache::deleteCacheForOrigin):
        (WebCore::ApplicationCache::deleteAllCaches):
        (WebCore::ApplicationCache::diskUsageForOrigin):
        * loader/appcache/ApplicationCacheStorage.cpp:
        (WebCore::ApplicationCacheStorage::deleteAllCaches):
        (WebCore::ApplicationCacheStorage::deleteCacheForOrigin):
        (WebCore::ApplicationCacheStorage::diskUsageForOrigin):
        * loader/appcache/ApplicationCacheStorage.h:

2015-04-08  ChangSeok Oh  <changseok.oh@collabora.com>

        Fill list style background with same color with that of list background.
        https://bugs.webkit.org/show_bug.cgi?id=143483

        Reviewed by Simon Fraser.

        LayoutListMarker does not have a node so its selectionBackgroundColor alway returns
        the default theme color for selection. We can make it more natural by filling
        the same color with that of LayoutListItem into it.

        Tests: fast/backgrounds/selection-background-color-of-image-list-style.html
               fast/backgrounds/selection-background-color-of-list-style.html

        * rendering/RenderListMarker.cpp:
        (WebCore::RenderListMarker::paint):

2015-04-08  Alex Christensen  <achristensen@webkit.org> and Patrick Gansterer  <paroga@webkit.org>

        Add CMake build system for WinCairo port.
        https://bugs.webkit.org/show_bug.cgi?id=115944

        Reviewed by Chris Dumez.

        * CMakeLists.txt:
        * PlatformWin.cmake:
        * PlatformWinCairo.cmake:
        * platform/graphics/texmap/TextureMapperGL.cpp:
        (WebCore::TextureMapperGL::TextureMapperGL):

2015-04-08  Chris Dumez  <cdumez@apple.com>

        Rename ActiveDOMObject::canSuspend() to canSuspendForPageCache() for clarity
        https://bugs.webkit.org/show_bug.cgi?id=143513

        Reviewed by Andreas Kling.

        Rename ActiveDOMObject::canSuspend() to canSuspendForPageCache() for
        clarity as it is only used for the page cache. Also rename the
        'DocumentWillBecomeInactive' value of the ReasonForSuspension enum to
        'PageCache' as it is only used by CachedFrame for the page cache and it
        is a lot more understandable.

2015-04-08  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r182536.
        https://bugs.webkit.org/show_bug.cgi?id=143523

        Made accessibility/table-sections.html time out on debug bots
        (Requested by ap on #webkit).

        Reverted changeset:

        "Simple line layout: Add <br> support."
        https://bugs.webkit.org/show_bug.cgi?id=139012
        http://trac.webkit.org/changeset/182536

2015-04-08  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Crash in DOMObjectCache when a wrapped object owned by the cache is unreffed by the user
        https://bugs.webkit.org/show_bug.cgi?id=143521

        Reviewed by Martin Robinson.

        This is a case we claim to support, but it only works if the
        object has only one reference. In that case, when the user unrefs
        it, the weak ref notify callback removes the object from the
        cache. However, if the object has more than one ref, the cache
        doesn't know the user unreffed it, and when clearing the cache we
        try to remove more references than what the object actually has,
        causing a crash in g_object_unref.

        * bindings/gobject/DOMObjectCache.cpp:
        (WebKit::DOMObjectCacheData::clearObject):

2015-04-08  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Add <br> support.
        https://bugs.webkit.org/show_bug.cgi?id=139012

        This patch enables RenderBlockFlows to use simple line layout on text content when <br> is present.
        Simple text with <br> is a fairly common pattern on discussion(forum)-like web pages. This patch reduces memory usage
        and speeds up layout for such content.

        PerformanceTest/layout/line-layout-simple.html shows more than 2x speedup, when each paragraph is modified by appending <br> to the end.
        With <br> support enabled:
          mean: 70.02391461289068 runs/s
          median: 70.47986488932318 runs/s
    
        While with <br> support disabled: 
          mean: 30.417295049468184 runs/s
          median: 30.36517778760357 runs/s

        Reviewed by Antti Koivisto.

        Test: fast/text/simple-line-with-br.html

        * editing/TextIterator.cpp:
        (WebCore::TextIterator::handleTextNode):
        * rendering/RenderBlock.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::setSelectionState):
        (WebCore::RenderBlockFlow::deleteLineBoxesBeforeSimpleLineLayout):
        * rendering/RenderBlockFlow.h:
        * rendering/RenderLineBreak.cpp:
        (WebCore::simpleLineLayout):
        (WebCore::ensureLineBoxes):
        (WebCore::RenderLineBreak::deleteLineBoxesBeforeSimpleLineLayout):
        (WebCore::RenderLineBreak::positionForPoint):
        (WebCore::RenderLineBreak::setSelectionState):
        (WebCore::RenderLineBreak::linesBoundingBox):
        (WebCore::RenderLineBreak::absoluteRects):
        (WebCore::RenderLineBreak::absoluteQuads):
        (WebCore::RenderLineBreak::collectSelectionRects):
        * rendering/RenderLineBreak.h:
        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseFor):
        (WebCore::SimpleLineLayout::LineState::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::consumeLineBreakIfNeeded):
        (WebCore::SimpleLineLayout::skipWhitespaceIfNeeded):
        (WebCore::SimpleLineLayout::firstFragment):
        (WebCore::SimpleLineLayout::forceFragmentToLine):
        (WebCore::SimpleLineLayout::createLineRuns):
        (WebCore::SimpleLineLayout::create):
        * rendering/SimpleLineLayoutFlowContents.cpp:
        (WebCore::SimpleLineLayout::initializeSegments):
        (WebCore::SimpleLineLayout::FlowContents::segmentForRenderer): Deleted.
        * rendering/SimpleLineLayoutFlowContents.h:
        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::paintFlow):
        (WebCore::SimpleLineLayout::hitTestFlow):
        (WebCore::SimpleLineLayout::showLineLayoutForFlow):
        * rendering/SimpleLineLayoutResolver.cpp:
        (WebCore::SimpleLineLayout::RunResolver::Run::rect):
        (WebCore::SimpleLineLayout::RunResolver::RunResolver):
        (WebCore::SimpleLineLayout::RunResolver::rangeForRenderer):
        * rendering/SimpleLineLayoutResolver.h:
        (WebCore::SimpleLineLayout::RunResolver::Iterator::inQuirksMode):
        (WebCore::SimpleLineLayout::RunResolver::Iterator::operator--):
        * rendering/SimpleLineLayoutTextFragmentIterator.cpp:
        (WebCore::SimpleLineLayout::EndOfSegmentSetter::EndOfSegmentSetter):
        (WebCore::SimpleLineLayout::EndOfSegmentSetter::~EndOfSegmentSetter):
        (WebCore::SimpleLineLayout::TextFragmentIterator::nextTextFragment):
        (WebCore::SimpleLineLayout::TextFragmentIterator::revertToFragment):
        (WebCore::SimpleLineLayout::TextFragmentIterator::skipToNextPosition):
        * rendering/SimpleLineLayoutTextFragmentIterator.h:
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::isLastInRenderer):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::isLineBreak):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::isEmpty):
        (WebCore::SimpleLineLayout::TextFragmentIterator::isSoftLineBreak):
        (WebCore::SimpleLineLayout::TextFragmentIterator::isHardLineBreak):
        (WebCore::SimpleLineLayout::TextFragmentIterator::isLineBreak): Deleted.

2015-04-08  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] compress property for the HTTP source element
        https://bugs.webkit.org/show_bug.cgi?id=143518

        Reviewed by Carlos Garcia Campos.

        Added a compress property so the default behavior or not
        requesting content encoded to the server can be overridden if
        needed. This is useful for adaptive streaming playback.

        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (webKitWebSrcSetProperty):
        (webKitWebSrcGetProperty):
        (webKitWebSrcStart):

2015-04-08  Joonghun Park  <jh718.park@samsung.com>

        Remove CSS functions min() and max() which had been dropped from specification
        https://bugs.webkit.org/show_bug.cgi?id=143440

        Reviewed by Darin Adler.

        No new tests, No Behavior changes.

        * css/CSSCalculationValue.cpp:
        (WebCore::CSSCalcValue::create):
        * css/CSSParser.cpp:
        (WebCore::CSSParser::isCalculation):

2015-04-07  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] extra-headers and keep-alive properties for HTTP source element
        https://bugs.webkit.org/show_bug.cgi?id=143480

        Reviewed by Carlos Garcia Campos.

        Keep the resource loader around when persistent HTTP connection
        support is enabled. The keep-alive property is set to false by
        default. Also before sending the HTTP request we now check the
        contents of the extra-headers GstStructure and set additional
        headers based on the structure contents.

        Patch inspired by GStreamer's souphttpsrc element.

        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (webkit_web_src_init):
        (webKitWebSrcFinalize):
        (webKitWebSrcSetProperty):
        (webKitWebSrcGetProperty):
        (webKitWebSrcStop): Clear resource loader only for non-persistent connections.
        (webKitWebSrcSetExtraHeader): Utility function to append headers
        to an existing request based on a GValue contents.
        (webKitWebSrcProcessExtraHeaders): Parse a GValue and set headers
        based on its contents.
        (webKitWebSrcStart): Extra headers and persistent connection
        support. The resource loader is now lazily initialized here.

2015-04-07  Simon Fraser  <simon.fraser@apple.com>

        Fix the build.

        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::FontCascade::drawGlyphs):
        * platform/spi/cg/CoreGraphicsSPI.h:

2015-04-07  Chris Dumez  <cdumez@apple.com>

        Unreviewed, another iOS build fix after r182516.

        I missed another use of __MAC_OS_X_VERSION_MIN_REQUIRED without a
        PLATFORM(MAC) check.

        * platform/graphics/cocoa/FontCascadeCocoa.mm:

2015-04-07  Michael Peechatt  <mpeechatt@gmail.com>

        Bug 142887 - role progress bar does not support indeterminate state
        https://bugs.webkit.org/show_bug.cgi?id=142887

        Reviewed by Chris Fleizach.

        Test: platform/mac/accessibility/progressbar-indeterminate.html

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
        When getting min or max value of an indeterminate progress indicator, return 0.
        This is so VoiceOver will recognize it as indeterminate.

2015-04-07  Chris Dumez  <cdumez@apple.com>

        Unreviewed, speculative iOS build fix after r182516.

        Add #if PLATFORM(MAC) checks.

        * platform/spi/cg/CoreGraphicsSPI.h:

2015-04-07  Simon Fraser  <simon.fraser@apple.com>

        Try to fix incremental builds by forcing *InternalSettings* to get
        regenerated.

        * testing/InternalSettings.idl:

2015-04-07  Chris Dumez  <cdumez@apple.com>

        Open WebSockets should not prevent a page from entering PageCache
        https://bugs.webkit.org/show_bug.cgi?id=143505
        <rdar://problem/19923085>

        Reviewed by Alexey Proskuryakov.

        Open WebSockets should not prevent a page from entering PageCache. This
        is currently causing mobile.nytimes.com to not be page-cacheable.

        In this patch, We close open WebSockets when entering the page cache
        and fire the "close" events after resuming, similarly to what we did
        for XMLHttpRequest in r181480. This gives a chance for the content to
        handle the 'close' event (with wasClean being false and code being
        1006) in order to reopen the connection if necessary.

        Test: http/tests/websocket/tests/hybi/closed-when-entering-page-cache.html

        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::WebSocket):
        (WebCore::WebSocket::canSuspend):
        (WebCore::WebSocket::suspend):
        (WebCore::WebSocket::resume):
        (WebCore::WebSocket::resumeTimerFired):
        (WebCore::WebSocket::didClose):
        * Modules/websockets/WebSocket.h:

2015-04-07  Simon Fraser  <simon.fraser@apple.com>

        Add experimental code to use custom font dilation when rendering into non-opaque contexts
        https://bugs.webkit.org/show_bug.cgi?id=143508

        Reviewed by Sam Weinig.

        Add GraphicsContext::setAntialiasedFontDilationEnabled(), and set it to true
        when rendering into a compositing layer which is not opaque (at the same location
        where we disable font smoothing).

        If Settings::antialiasedFontDilationEnabled() is true, when rendering non-smoothed
        text (and if CSS hasn't opted into antialiased mode), use custom font dilation
        parameters, chosen using a light/medium/dark heuristic, to make this text
        match more closely with LCD-smoothed text.

        * page/Settings.cpp:
        (WebCore::Settings::Settings):
        (WebCore::Settings::setAntialiasedFontDilationEnabled): Set global state
        in FontCascade (which can't easily get at Settings). This it not ideal,
        but is temporary.
        * page/Settings.h:
        (WebCore::Settings::antialiasedFontDilationEnabled):
        * page/Settings.in: Can't autogenerate this setting any more.
        * platform/graphics/FontCascade.cpp:
        (WebCore::FontCascade::setAntialiasedFontDilationEnabled): Set the global.
        (WebCore::FontCascade::antialiasedFontDilationEnabled):
        * platform/graphics/FontCascade.h:
        * platform/graphics/GraphicsContext.cpp:
        (WebCore::GraphicsContext::setAntialiasedFontDilationEnabled): Set graphics state
        to say that we should do dilation of antialiased text.
        * platform/graphics/GraphicsContext.h:
        (WebCore::GraphicsContextState::GraphicsContextState):
        (WebCore::GraphicsContext::antialiasedFontDilationEnabled):
        * platform/graphics/ca/mac/PlatformCALayerMac.mm:
        (PlatformCALayer::drawLayerContents): If the layer is not opaque, enable the
        dilated text code path.
        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::dilationSizeForTextColor): Heuristic (values chosen empirically) to
        computed custom dilation based on foreground color.
        (WebCore::FontCascade::drawGlyphs): Set the custom dilation parameters, and the
        antialiasing state if we're not doing smoothing, and CSS hasn't opted into the
        antialiased path.
        * platform/spi/cg/CoreGraphicsSPI.h: New SPI.

2015-04-07  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r182511.
        https://bugs.webkit.org/show_bug.cgi?id=143507

        caused debug test failures (Requested by alexchristensen on
        #webkit).

        Reverted changeset:

        "Block popups from content extensions."
        https://bugs.webkit.org/show_bug.cgi?id=143497
        http://trac.webkit.org/changeset/182511

2015-04-07  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] System fonts do not get correct tracking
        https://bugs.webkit.org/show_bug.cgi?id=143395

        Reviewed by Ryosuke Niwa.

        Inside FontPlatformData, we have two CTFonts. If the user has specified
        -webkit-system-font, we will pass in a CTFont, and the FontPlatformData
        will wrap it. However, we will then roundtrip through CGFont in order
        to create a second CTFont. We were basing our tracking and system
        font knowledge off of this round-tripped font instead of the original font.

        Note that this design is terrible and needs to be overhauled.
        FontPlatformData should only have a single platform font inside it.

        This patch also caches whether or not a font is a system font.

        No new tests because it is impossible to test the tracking of the
        system font in a robust way.

        * platform/graphics/Font.cpp:
        (WebCore::Font::Font): Rearrange member variables.
        * platform/graphics/Font.h: Move member variables around for better
        packing, and cache whether or not the font is a system font.
        * platform/graphics/FontData.h: Add comment
        * platform/graphics/cocoa/FontCocoa.mm:
        (WebCore::Font::platformInit): Cache whether or not the font is a system
        font.
        (WebCore::hasCustomTracking): Use cached value.
        (WebCore::canUseFastGlyphAdvanceGetter):
        (WebCore::Font::platformWidthForGlyph):

2015-04-07  Alex Christensen  <achristensen@webkit.org>

        Block popups from content extensions.
        https://bugs.webkit.org/show_bug.cgi?id=143497

        Reviewed by Brady Eidson.

        Test: http/tests/contentextensions/popups.html

        * loader/ResourceLoadInfo.cpp:
        (WebCore::readResourceType):
        * loader/ResourceLoadInfo.h:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::open):
        * page/UserContentController.cpp:
        (WebCore::UserContentController::actionsForResourceLoad):
        * page/UserContentController.h:
        Check content extensions before opening a window.

2015-04-07  Benjamin Poulain  <benjamin@webkit.org>

        Get the features.json files ready for open contributions
        https://bugs.webkit.org/show_bug.cgi?id=143436

        Reviewed by Darin Adler.

        * features.json:

2015-04-07  Alex Christensen  <achristensen@webkit.org>

        More unreviewed fixing API tests.

        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
        Don't check for javascript protocol.

2015-04-07  Eric Carlson  <eric.carlson@apple.com>

        [Mac] never update caption user style sheet during parsing
        https://bugs.webkit.org/show_bug.cgi?id=143499

        Reviewed by Jer Noble.

        * page/CaptionUserPreferencesMediaAF.cpp:
        (WebCore::CaptionUserPreferencesMediaAF::setInterestedInCaptionPreferenceChanges):
        (WebCore::CaptionUserPreferencesMediaAF::captionPreferencesChanged):  Ignore a
            "preferences changed" notification fired while registering for said notification, we 
            already create and insert the style sheet after a brief delay anyway.
        * page/CaptionUserPreferencesMediaAF.h:

2015-04-07  Alex Christensen  <achristensen@webkit.org>

        [Win] Unreviewed build fix after r182494.

        * platform/win/ContextMenuItemWin.cpp:
        (WebCore::ContextMenuItem::ContextMenuItem): Deleted.

2015-04-07  Alex Christensen  <achristensen@webkit.org>

        Unreviewed fixing API tests.

        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
        * platform/URL.cpp:
        (WebCore::URL::init):
        * platform/URL.h:
        (WebCore::URL::protocolIsData):
        (WebCore::URL::protocolIsJavaScript): Deleted.
        Revert part of r182492 that changed URL.h.

2015-04-07  Anders Carlsson  <andersca@apple.com>

        More work on making the application cache storage be per page
        https://bugs.webkit.org/show_bug.cgi?id=143498

        Reviewed by Andreas Kling.

        * loader/appcache/ApplicationCacheStorage.cpp:
        (WebCore::ApplicationCacheStorage::create):
        (WebCore::ApplicationCacheStorage::singleton):
        * loader/appcache/ApplicationCacheStorage.h:
        * page/Page.cpp:
        (WebCore::Page::Page):
        * page/Page.h:
        (WebCore::Page::applicationCacheStorage):
        * page/PageConfiguration.cpp:
        (WebCore::PageConfiguration::PageConfiguration): Deleted.
        * page/PageConfiguration.h:

2015-04-07  Matthew Mirman  <mmirman@apple.com>

        Source and stack information should get appended only to native errors
        and should be added directly after construction rather than when thrown.
        This fixes frozen objects being unfrozen when thrown while conforming to 
        ecma script standard and other browser behavior.
        rdar://problem/19927293
        https://bugs.webkit.org/show_bug.cgi?id=141871
        
        Reviewed by Geoffrey Garen.

        Covered by existing tests.
        
        Sets line, column, source and stack information for DOMExceptions as 
        expected by the webinspector for native errors.
        
        * bindings/js/JSDOMBinding.cpp:
        (WebCore::setDOMException):

2015-04-07  Brady Eidson  <beidson@apple.com>

        ContextMenuItem refactoring
        https://bugs.webkit.org/show_bug.cgi?id=143485

        Reviewed by Beth Dakin.

        * platform/ContextMenuItem.h:
        (WebCore::ContextMenuItem::isNull):

        * platform/gtk/ContextMenuItemGtk.cpp:
        (WebCore::ContextMenuItem::ContextMenuItem):

        * platform/mac/ContextMenuItemMac.mm:
        (WebCore::ContextMenuItem::ContextMenuItem):
        (WebCore::ContextMenuItem::platformDescription):
        (WebCore::ContextMenuItem::setSubMenu):
        (WebCore::ContextMenuItem::releasePlatformDescription): Deleted.
        (WebCore::ContextMenuItem::getPlatformDescription): Deleted.

        * platform/mac/ContextMenuMac.mm:
        (WebCore::ContextMenu::appendItem):
        (WebCore::ContextMenu::insertItem):
        (WebCore::platformMenuDescription):

        * platform/win/ContextMenuItemWin.cpp:
        (WebCore::ContextMenuItem::ContextMenuItem):

2015-04-07  Alex Christensen  <achristensen@webkit.org>

        Optimize content extensions interpreting speed.
        https://bugs.webkit.org/show_bug.cgi?id=143490

        Reviewed by Brady Eidson.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
        Measure total time added by content extensions.
        * contentextensions/DFABytecodeCompiler.cpp:
        (WebCore::ContentExtensions::DFABytecodeCompiler::compileNode):
        (WebCore::ContentExtensions::DFABytecodeCompiler::compile):
        When jumping to the root, don't re-add all the actions.
        * contentextensions/DFABytecodeCompiler.h:
        * platform/URL.cpp:
        (WebCore::URL::init):
        * platform/URL.h:
        (WebCore::URL::protocolIsJavaScript): Added.

2015-04-07  Simon Fraser  <simon.fraser@apple.com>

        Add a new setting, AntialiasedFontDilationEnabled, exposed via WK2.
        https://bugs.webkit.org/show_bug.cgi?id=143495

        Reviewed by Tim Horton.

        Add a new Setting, antialiasedFontDilationEnabled, which defaults to true. This 
        will be used in an upcoming patch.

        * page/Settings.in:

2015-04-07  Andy Estes  <aestes@apple.com>

        [Content Filtering] Add logging
        https://bugs.webkit.org/show_bug.cgi?id=143470

        Reviewed by Daniel Bates.

        Added a new ContentFiltering logging channel, and started logging some useful diagnostic messages.

        * loader/ContentFilter.cpp:
        (WebCore::ContentFilter::~ContentFilter):
        (WebCore::ContentFilter::willSendRequest):
        (WebCore::ContentFilter::startFilteringMainResource):
        (WebCore::ContentFilter::responseReceived):
        (WebCore::ContentFilter::dataReceived):
        (WebCore::ContentFilter::notifyFinished):
        (WebCore::ContentFilter::didDecide):
        * platform/Logging.h:
        * platform/cocoa/ContentFilterUnblockHandlerCocoa.mm:
        (WebCore::ContentFilterUnblockHandler::canHandleRequest):
        (WebCore::ContentFilterUnblockHandler::requestUnblockAsync):
        * platform/cocoa/NetworkExtensionContentFilter.mm:
        (WebCore::NetworkExtensionContentFilter::enabled):
        (WebCore::NetworkExtensionContentFilter::unblockHandler):
        (WebCore::NetworkExtensionContentFilter::handleDecision):
        * platform/cocoa/ParentalControlsContentFilter.mm:
        (WebCore::ParentalControlsContentFilter::enabled):
        (WebCore::ParentalControlsContentFilter::updateFilterState):
        * testing/MockContentFilter.cpp:
        (WebCore::MockContentFilter::enabled):
        (WebCore::MockContentFilter::unblockHandler):
        (WebCore::MockContentFilter::maybeDetermineStatus):

2015-04-07  Eric Carlson  <eric.carlson@apple.com>

        [Mac] video playing to external device should not be interrupted
        https://bugs.webkit.org/show_bug.cgi?id=143492

        Reviewed by Jer Noble.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.handlePanelTransitionEnd):  Drive-by fix to make sure the controls are 
            not hidden if the opacity timer is primed before they go into a state where they should
            never be hidden.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::canPlayToWirelessPlaybackTarget): Make it const.
        (WebCore::HTMLMediaElement::isPlayingToWirelessPlaybackTarget): New.
        * html/HTMLMediaElement.h:

        * html/HTMLMediaSession.cpp:
        (WebCore::HTMLMediaSession::canPlayToWirelessPlaybackTarget): New. Short-circuit call to
            client when we already know the answer.
        (WebCore::HTMLMediaSession::isPlayingToWirelessPlaybackTarget): Ditto.
        (WebCore::HTMLMediaSession::startPlayingToPlaybackTarget): Ditto.
        (WebCore::HTMLMediaSession::stopPlayingToPlaybackTarget): Ditto.
        * html/HTMLMediaSession.h:

        * platform/audio/MediaSession.cpp:
        (WebCore::MediaSession::canPlayToWirelessPlaybackTarget): Deleted, moved inline and neutered
            because only HTMLMediaSession needs to use them.
        (WebCore::MediaSession::startPlayingToPlaybackTarget): Ditto.
        (WebCore::MediaSession::stopPlayingToPlaybackTarget): Ditto.
        * platform/audio/MediaSession.h:
        (WebCore::MediaSession::canPlayToWirelessPlaybackTarget):
        (WebCore::MediaSession::isPlayingToWirelessPlaybackTarget):
        (WebCore::MediaSession::startPlayingToPlaybackTarget):
        (WebCore::MediaSession::stopPlayingToPlaybackTarget):
        (WebCore::MediaSessionClient::canPlayToWirelessPlaybackTarget):
        (WebCore::MediaSessionClient::isPlayingToWirelessPlaybackTarget):

        * platform/audio/MediaSessionManager.cpp:
        (WebCore::MediaSessionManager::MediaSessionManager):
        (WebCore::MediaSessionManager::sessionShouldBeginPlayingToWirelessPlaybackTarget): New.
        (WebCore::MediaSessionManager::sessionWillBeginPlayback): Don't interrupt an active session
            playing to a target device.
        * platform/audio/MediaSessionManager.h:

        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::isPlayingToWirelessPlaybackTarget): New, passthrough.
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::isPlayingToWirelessPlaybackTarget):

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::canPlayToWirelessPlaybackTarget):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setWirelessPlaybackTarget): Explicitly call 
            when passed a nil or inactive target context.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::startPlayingToPlaybackTarget): Add logging.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::stopPlayingToPlaybackTarget): Ditto.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::isPlayingToWirelessPlaybackTarget): New. Return
            true when playing with an active context.
        (WebCore::playerKVOProperties): "outputContext" is not observable.

2015-04-07  Sam Weinig  <sam@webkit.org>

        Re-add JSReadableStream and JSReadableStreamReader the Xcode project to
        make Xcode happy.

        * WebCore.xcodeproj/project.pbxproj:

2015-02-25  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] Update track sizes after distributing extra space
        https://bugs.webkit.org/show_bug.cgi?id=141422

        Reviewed by Antti Koivisto.

        Both old and new tracks sizing algorithms instruct us to update
        the sizes of the content sized tracks only after distributing the
        extra space for all the items in the same span group. So far we
        were doing it inside distributeSpaceToTracks(), i.e., once for
        every single item. That is wrong because it makes the algorithm
        order dependent.

        Our old implementation looked something like this (pseudocode):

        resolveContentBasedTrackSizingFunctions()
          foreach item
            resolveContentBasedTrackSizingFunctionsForItems() (x4)
              distributeSpaceToTracks()
                updateTrackSizes()

        Now it's done this way (pseudocode):

        resolveContentBasedTrackSizingFunctions()
          foreach spanGroup
            resolveContentBasedTrackSizingFunctionsForItems() (x4)
              foreach item in spanGroup
                distributeSpaceToTracks()
              updateTrackSizes()

        As it can be seen the update of track sizes only happens after
        processing all the items of a given span group. In order to
        accomplish this a new field was added to GridTrack called
        tempIncrease which stores per-track increases while distributing
        the extra space among the items in the same span group. That
        temporal increase could eventually be used to update the
        plannedIncrease which is the one we use to finally set the new
        size of the track.

        This change makes our implementation closer to the spec, removes
        the order dependency and ensures that every track satisfies their
        min track sizing functions before starting to consider the max
        track sizing functions.

        Test: fast/css-grid-layout/grid-update-sizes-after-distributing-all.html

        * rendering/RenderGrid.cpp:
        (WebCore::GridTrack::plannedSize):
        (WebCore::GridTrack::setPlannedSize): New setter.
        (WebCore::GridTrack::tempSize): New attribute.
        (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
        RenderGrid::distributeSpaceToTracks() no longer updates the track
        sizes so we have to do it after the call returns.
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions):
        Call RenderGrid::resolveContentBasedTrackSizingFunctionsForItems()
        passing a span group instead of a single item.
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
        It now receives a span group instead of a single item. Apart from
        that we need an extra function to get the unaltered track size (as
        the current one returns the base size whenever the growth limit is
        infinity).
        (WebCore::RenderGrid::distributeSpaceToTracks): This no longer
        updates track sizes but only the track's planned size;
        * rendering/RenderGrid.h:

2015-04-06  Chris Dumez  <cdumez@apple.com>

        Bing video search result pages are not PageCacheable
        https://bugs.webkit.org/show_bug.cgi?id=143463
        <rdar://problem/20440916>

        Reviewed by Alexey Proskuryakov.

        Bing video search result pages are not PageCacheable (tested on iOS).
        It both:
        - is bad for power usage as it causes a reload when clicking one of the
          results then navigating back in history.
        - degrades user experience because the results page uses infinite
          scrolling and the scroll position is not properly restored when
          navigating back, not to mention the user has to wait for the reload
          to complete.

        The issue was that the bing search page was doing a ping load when
        clicking on one of the search results. The ping load was done by
        create an image and its 'src' attribute to the ping URL. This load
        usually did not have time to complete when navigating away so we would
        cancel it and the main document would end up with an error that would
        prevent the page from entering the page cache. We already have code
        making sure load cancellations do not prevent page caching as long as
        the loads are for XHR or images. However, the latter check was broken
        in the case where the ResourceRequest's cachePartition was non-empty.
        This is because the check was using the MemoryCache::ResourceForUrl()
        API which rarely does what we want because it will request a dummy
        ResourceRequest (without cachePartition) and then call
        MemoryCache::resourceForRequest(). This patch updates the check
        to use resourceForRequest() directly as we have the ResourceRequest
        at this point.

        This patch also gets rid of the  MemoryCache::ResourceForUrl() API as
        it rarely does what we want and it is bug prone. It was only used in
        2 places, one of them causing this bug and the other in Internals.

        Tests: http/tests/navigation/page-cache-pending-image-load-cache-partition.html
               http/tests/navigation/page-cache-pending-image-load.html

        * loader/DocumentLoader.cpp:
        (WebCore::areAllLoadersPageCacheAcceptable):
        Use MemoryCache::resourceForRequest() instead of resourceForUrl() as
        we have the ResourceRequest and calling resourceForUrl() would loose
        the cachePartition.

        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::resourceForURL): Deleted.
        Drop this API as it is bug prone and rarely does what we want.

        * testing/Internals.cpp:
        (WebCore::Internals::isLoadingFromMemoryCache):
        Update call to create a dummy ResourceRequest and call
        resourceForRequest() instead of resourceForUrl(), as this API no
        longer exists. The new code also set the cachePartition on the
        dummy request so that this function actually behaves as expected
        if the cachePartition in the memory cache is non-empty.


2015-04-06  Jer Noble  <jer.noble@apple.com>

        Synchronize fullscreen animation between processes.
        https://bugs.webkit.org/show_bug.cgi?id=143131

        Reviewed by Simon Fraser.

        Rather than attempt to synchcronize animations across the WebProcess / UIProcess boundary,
        do the bounds-change animation in-process by applying a sublayer transformation to the
        video layer. This gives the same visual effect as a synchronized bounds animation, but
        without needing a synchronization fence. Resolve the difference between the transformation
        and bounds by doing a fence-synchronized bounds change after the current animation is
        scheduled to complete.

        To do this calculation correctly, WebAVPlayer needs to query both the effective
        videoLayerFrame and the videoLayerGravity. To that end, add getter methods for
        videoLayerFrame() and videoLayerGravity().

        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::videoFullscreenGravity):
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebAVVideoLayer dealloc]): Cancel outstanding performSelector requests.
        (-[WebAVVideoLayer setBounds:]): Add a scale transform to simulate a bonuds change.
        (-[WebAVVideoLayer resolveBounds]): Reset the scale transform and set the bounds.
        (WebVideoFullscreenInterfaceAVKit::setupFullscreenInternal): Set the initial video frame bounds.
        (-[WebAVPlayerController layoutSublayersOfLayer:]): Deleted.
        * platform/ios/WebVideoFullscreenModel.h:
        * platform/ios/WebVideoFullscreenModelVideoElement.h:
        * platform/ios/WebVideoFullscreenModelVideoElement.mm:
        (WebVideoFullscreenModelVideoElement::videoLayerFrame): Added; simple getter.
        (WebVideoFullscreenModelVideoElement::videoLayerGravity): Ditto.

2015-04-06  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: RunResolver::Iterator class cleanup.
        https://bugs.webkit.org/show_bug.cgi?id=143445

        Reviewed by Antti Koivisto.

        1. SimpleLineLayout::Run is an intermediate structure and should not be publicly accessible through RunResolver::Iterator.
        RunResolver::Run is the class to use to access run properties.
        2. Also move advance()/advanceLine() to private. Callers should use LineResolver to advance on lines.

        No change in functionality.

        * rendering/SimpleLineLayoutResolver.h:

2015-04-06  Simon Fraser  <simon.fraser@apple.com>

        Use a RenderObject bit for isRenderFlowThread()
        https://bugs.webkit.org/show_bug.cgi?id=143439

        Reviewed by Darin Adler.

        Turning isRenderFlowThread() into a bit in rare data rather than a virtual function reduces
        the time under RenderLayer::scrollTo() on a large overflow:scroll table from 56% to 44%.

        * rendering/RenderFlowThread.cpp:
        (WebCore::RenderFlowThread::RenderFlowThread):
        * rendering/RenderFlowThread.h:
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::setIsRenderFlowThread):
        * rendering/RenderObject.h:
        (WebCore::RenderObject::isDragging):
        (WebCore::RenderObject::hasReflection):
        (WebCore::RenderObject::isRenderFlowThread):
        (WebCore::RenderObject::RenderObjectRareData::RenderObjectRareData):

2015-04-06  Myles C. Maxfield  <mmaxfield@apple.com>

        [Win] [SVG -> OTF Converter] Support the SVG -> OTF Font Converter
        https://bugs.webkit.org/show_bug.cgi?id=143402

        Reviewed by Darin Adler.

        There are a few pieces to the converter that Windows requires that we haven't already
        implemented:
        1. Checksums were being calculated with the wrong endianness
        2. Windows requires a format 4 'cmap' subtable in addition to the format 12 one we already
        were using
        3. Windows requires a reference to a Private DICT inside the CFF table, even if the DICT
        is of 0 length.

        Covered by all our existing SVG font tests.

        * svg/SVGFontFaceElement.h: Add capHeight accessor.
        * svg/SVGFontFaceElement.cpp:
        (WebCore::SVGFontFaceElement::capHeight): Ditto.
        * svg/SVGToOTFConversion.cpp: Update the conversion process according to the above
        requirements.
        (WebCore::SVGToOTFFontConverter::appendFormat12CMAPTable):
        (WebCore::SVGToOTFFontConverter::appendFormat4CMAPTable):
        (WebCore::SVGToOTFFontConverter::appendCMAPTable): Use helpers.
        (WebCore::SVGToOTFFontConverter::appendHHEATable): Use member variables.
        (WebCore::SVGToOTFFontConverter::appendOS2Table): Update to version 2.
        (WebCore::SVGToOTFFontConverter::appendCFFTable): Create a reference to a
        zero-sized Private DICT
        (WebCore::SVGToOTFFontConverter::SVGToOTFFontConverter): Populate member
        variables.
        (WebCore::SVGToOTFFontConverter::calculateChecksum): Flip endianness

2015-04-06  Yusuke Suzuki  <utatane.tea@gmail.com>

        Return Optional<uint32_t> from PropertyName::asIndex
        https://bugs.webkit.org/show_bug.cgi?id=143422

        Reviewed by Darin Adler.

        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::getOwnPropertySlot):
        (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
        * bindings/js/JSHTMLAllCollectionCustom.cpp:
        (WebCore::callHTMLAllCollection):
        (WebCore::JSHTMLAllCollection::item):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateGetOwnPropertySlotBody):
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSFloat64Array.cpp:
        (WebCore::JSFloat64Array::getOwnPropertySlot):
        (WebCore::JSFloat64Array::getOwnPropertyDescriptor):
        (WebCore::JSFloat64Array::put):
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::JSTestEventTarget::getOwnPropertySlot):
        * bridge/runtime_array.cpp:
        (JSC::RuntimeArray::getOwnPropertySlot):
        (JSC::RuntimeArray::put):

2015-04-06  Žan Doberšek  <zdobersek@igalia.com>

        FileList constructor should move the passed-in Vector<> rvalue reference into the member variable
        https://bugs.webkit.org/show_bug.cgi?id=143412

        Reviewed by Darin Adler.

        * fileapi/FileList.h:
        (WebCore::FileList::FileList): An explicit move of the passed-in rvalue
        reference into the member variable is required, otherwise a copy is
        performed since an rvalue reference is just an lvalue.

2015-04-06  Žan Doberšek  <zdobersek@igalia.com>

        UserScript, UserStyleSheet constructors should take in Vector<String> rvalue references
        https://bugs.webkit.org/show_bug.cgi?id=143411

        Reviewed by Darin Adler.

        Have the UserScript and UserStyleSheet constructors take in Vector<String>
        rvalue references for the whitelist and blacklist parameters. Both classes
        store these Vector<String> objects, so the referenced objects can simply be
        moved into the member variable.

        Because the constructor is now demanding an rvalue, it's up to the caller
        to move in the desired object if possible, or create an explicit copy
        otherwise.

        * page/UserScript.h:
        (WebCore::UserScript::UserScript):
        * page/UserStyleSheet.h:
        (WebCore::UserStyleSheet::UserStyleSheet):

2015-04-05  Andy Estes  <aestes@apple.com>

        [Content Filtering] Only pass http(s) requests to -[NEFilterSource willSendRequest:...]
        https://bugs.webkit.org/show_bug.cgi?id=143437

        Reviewed by Dan Bernstein.

        No new tests. We can't test NEFilterSource directly.

        * platform/cocoa/NetworkExtensionContentFilter.mm:
        (WebCore::NetworkExtensionContentFilter::willSendRequest): Immediately allow requests with url schemes other than http and https.

2015-04-05  Darin Adler  <darin@apple.com>

        FrameView code uses page() without null checking
        https://bugs.webkit.org/show_bug.cgi?id=143425
        rdar://problem/18920601

        Reviewed by Anders Carlsson.

        While we don't have tests that cover this, we are seeing crashes coming in
        that indicate the shouldEnableSpeculativeTilingDuringLoading function is
        being called when the page is null. This patch adds null checks to all the
        places in FrameView that use page() without doing null checking.

        * page/FrameView.cpp:
        (WebCore::FrameView::layout): If page is null, don't try to do the
        auto-sizing logic that involves the textAutosizingWidth value from the page.
        (WebCore::FrameView::setFixedVisibleContentRect): Get settings from the
        frame rather than the page to avoid possible null-dereference.
        (WebCore::FrameView::scrollPositionChanged): Check the page for null when
        getting the event throttling delay.
        (WebCore::FrameView::updateLayerFlushThrottling): Check the page for null,
        and return early if it is null.
        (WebCore::shouldEnableSpeculativeTilingDuringLoading): Check the page for
        null, and return false if it is null.
        (WebCore::FrameView::performPostLayoutTasks): Guard the code that calls
        didLayout on the page client by a check if the page is null.
        (WebCore::FrameView::pagination): Don't call Page::pagination on a null
        page here.
        (WebCore::FrameView::visibleContentScaleFactor): Use a scale factor of 1
        if the page is null.
        (WebCore::FrameView::setVisibleScrollerThumbRect): Don't call through to
        the page client if the page is null.
        (WebCore::FrameView::scrollbarStyleChanged): Ditto.
        (WebCore::FrameView::setScrollPinningBehavior): Check the page for null
        before asking it for the scrolling coordinator.

2015-04-05  Simon Fraser  <simon.fraser@apple.com>

        Free up some bits in RenderObject by moving rarely used bits into a side table
        https://bugs.webkit.org/show_bug.cgi?id=143432

        Reviewed by Darin Adler.
        
        Add a side table (global hash) on RenderObject to store data that is rarely
        used. Move the "isDragging" and "hasReflection" bits there. Re-use one of
        those bits for "hasRareData", and leave the other unused (I have plans for it).
        
        * rendering/RenderBlock.cpp:
        (WebCore::getBlockRareData): Renamed for consistency.
        (WebCore::ensureBlockRareData): Renamed to avoid conflict with RenderObject::ensureRareData().
        (WebCore::RenderBlock::cachedFlowThreadContainingBlock):
        (WebCore::RenderBlock::cachedFlowThreadContainingBlockNeedsUpdate):
        (WebCore::RenderBlock::setCachedFlowThreadContainingBlockNeedsUpdate):
        (WebCore::RenderBlock::updateCachedFlowThreadContainingBlock):
        (WebCore::RenderBlock::locateFlowThreadContainingBlock):
        (WebCore::RenderBlock::paginationStrut):
        (WebCore::RenderBlock::pageLogicalOffset):
        (WebCore::RenderBlock::setPaginationStrut):
        (WebCore::RenderBlock::setPageLogicalOffset):
        (WebCore::getRareData): Deleted.
        (WebCore::ensureRareData): Deleted.
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::~RenderObject): Assert that rare data hasn't been resurrected
        since willBeDestroyed().
        (WebCore::RenderObject::willBeDestroyed): Clear the rare data.
        (WebCore::RenderObject::setIsDragging): If setting, ensure that we have rare data and
        set the bit. Otherwise, only clear the bit of we have rare data.
        (WebCore::RenderObject::setHasReflection): Ditto.
        (WebCore::RenderObject::rareDataMap):
        (WebCore::RenderObject::rareData):
        (WebCore::RenderObject::ensureRareData):
        (WebCore::RenderObject::clearRareData):
        * rendering/RenderObject.h:
        (WebCore::RenderObject::isDragging): Fast-fail on the hasRareData() bit, then do the
        slower lookup in rare data.
        (WebCore::RenderObject::hasReflection): Ditto.
        (WebCore::RenderObject::setEverHadLayout): Moved up to group with other bit setters.
        (WebCore::RenderObject::hasRareData):
        (WebCore::RenderObject::setHasRareData):
        (WebCore::RenderObject::RenderObjectBitfields::RenderObjectBitfields):
        (WebCore::RenderObject::RenderObjectRareData::RenderObjectRareData):
        (WebCore::RenderObject::setHasReflection): Deleted. Out of line now.
        (WebCore::RenderObject::setIsDragging): Deleted. Ditto.

2015-04-05  Darin Adler  <darin@apple.com>

        REGRESSION (r181778): Crash after scrolling Google search result page
        https://bugs.webkit.org/show_bug.cgi?id=143431

        Reviewed by Simon Fraser.

        I can't reproduce this crash, nor was I able to make a regression test,
        but the crash data makes it clear this is a null dereference.

        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::scrollWasUpdated): Check the result
        of Frame::view for null. We know this is only called when there is a
        valid FrameView, but it can be called after Frame::m_view is already null.

2015-04-05  Andy Estes  <aestes@apple.com>

        [Content Filtering] Tell the filter about requests and redirects
        https://bugs.webkit.org/show_bug.cgi?id=143414
        rdar://problem/19239549

        Reviewed by Darin Adler.

        Tests: contentfiltering/allow-after-will-send-request.html
               contentfiltering/block-after-will-send-request.html
               http/tests/contentfiltering/allow-after-redirect.html
               http/tests/contentfiltering/block-after-redirect.html

        NEFilterSource supports making filter decisions based on NSURLRequests, so this patch adds support for telling
        ContentFilter about the original main resource request as well as redirect requests.

        * bindings/js/JSMockContentFilterSettingsCustom.cpp: Updated decisionPoint values to include AfterWillSendRequest and AfterRedirect.
        (WebCore::JSMockContentFilterSettings::decisionPoint):
        (WebCore::JSMockContentFilterSettings::setDecisionPoint):
        * loader/ContentFilter.cpp:
        (WebCore::ContentFilter::willSendRequest): Called willSendRequest() on each filter using forEachContentFilterUntilBlocked().
        (WebCore::ContentFilter::redirectReceived): Called willSendRequest().
        * loader/ContentFilter.h:
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::willSendRequest): Called ContentFilter::willSendRequest() if there is a content filter.
        Asserted that this is not a redirect, and that ContentFilter does not set the request to null.
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::willSendRequest): Called redirectReceived() instead of willSendRequest().
        * loader/cache/CachedRawResource.cpp:
        (WebCore::CachedRawResource::redirectReceived): Renamed from willSendRequest(), since this function is only called during redirects.
        (WebCore::CachedRawResource::willSendRequest): Deleted.
        * loader/cache/CachedRawResource.h:
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::redirectReceived): Renamed from willSendRequest(), since this function is only called during redirects.
        (WebCore::CachedResource::willSendRequest): Deleted.
        * loader/cache/CachedResource.h:
        * platform/PlatformContentFilter.h:
        * platform/cocoa/NetworkExtensionContentFilter.h:
        * platform/cocoa/NetworkExtensionContentFilter.mm:
        (WebCore::NetworkExtensionContentFilter::willSendRequest): Called responseReceived() if there was a redirectResponse.
        Then called -[NEFilterSource willSendRequest:decisionHandler:].
        * platform/cocoa/ParentalControlsContentFilter.h:
        * platform/spi/cocoa/NEFilterSourceSPI.h: Added a #define for NEFilterSourceOptionsPageData.
        * testing/MockContentFilter.cpp:
        (WebCore::MockContentFilter::willSendRequest): Added support for willSendRequest.
        * testing/MockContentFilter.h: Added decision points for AfterWillSendRequest and AfterRedirect.
        * testing/MockContentFilterSettings.h:
        * testing/MockContentFilterSettings.idl:

2015-04-05  Sungmann Cho  <sungmann.cho@navercorp.com>

        Remove DocumentLoader::requestURL().
        https://bugs.webkit.org/show_bug.cgi?id=140001

        Reviewed by Darin Adler.

        No new tests, no behavior change.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::documentURL):
        (WebCore::DocumentLoader::requestURL): Deleted.
        * loader/DocumentLoader.h:
        * loader/ResourceLoadNotifier.cpp:
        (WebCore::ResourceLoadNotifier::dispatchWillSendRequest):

2015-04-05  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Use constants of sqlite3 directly for status of SQL result in webdatabase
        https://bugs.webkit.org/show_bug.cgi?id=143329

        Reviewed by Darin Adler.

        In webdatabase, it has used own constant vairables as well as using sqlite3 constants directly.
        It causes to use if~else statement which consumes more cpu cycles compared to switch~case. This
        patch makes to use constants of sqlite3. Additionally if~else statment is changed to switch~case
        to save cpu cycles.

        No new tests, no behavior changes.

        * Modules/webdatabase/Database.cpp:
        (WebCore::Database::performGetTableNames):
        * Modules/webdatabase/DatabaseBackendBase.cpp:
        (WebCore::retrieveTextResultFromDatabase):
        (WebCore::setTextValueInDatabase):
        (WebCore::DatabaseBackendBase::incrementalVacuumIfNeeded):
        * Modules/webdatabase/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::hasEntryForOriginNoLock):
        (WebCore::DatabaseTracker::hasEntryForDatabase):
        (WebCore::DatabaseTracker::fullPathForDatabaseNoLock):
        (WebCore::DatabaseTracker::origins):
        (WebCore::DatabaseTracker::databaseNamesForOriginNoLock):
        (WebCore::DatabaseTracker::detailsForNameAndOrigin):
        (WebCore::DatabaseTracker::setDatabaseDetails):
        (WebCore::DatabaseTracker::quotaForOriginNoLock):
        (WebCore::DatabaseTracker::setQuota):
        (WebCore::DatabaseTracker::addDatabase):
        (WebCore::DatabaseTracker::deleteOrigin):
        (WebCore::DatabaseTracker::deleteDatabase):
        (WebCore::DatabaseTracker::removeDeletedOpenedDatabases):
        (WebCore::DatabaseTracker::deleteDatabaseFileIfEmpty):
        * Modules/webdatabase/SQLStatementBackend.cpp:
        (WebCore::SQLStatementBackend::execute):
        * Modules/webdatabase/SQLStatementBackend.h:
        * Modules/webdatabase/SQLTransactionBackend.cpp:
        (WebCore::SQLTransactionBackend::runCurrentStatementAndGetNextState):
        Change to use a reference instead of a pointer in arguemnt of execute().
        * loader/appcache/ApplicationCacheStorage.cpp:
        (WebCore::ApplicationCacheStorage::loadCacheGroup):
        (WebCore::ApplicationCacheStorage::loadManifestHostHashes):
        (WebCore::ApplicationCacheStorage::cacheGroupForURL):
        (WebCore::ApplicationCacheStorage::fallbackCacheGroupForURL):
        (WebCore::ApplicationCacheStorage::calculateQuotaForOrigin):
        (WebCore::ApplicationCacheStorage::calculateUsageForOrigin):
        (WebCore::ApplicationCacheStorage::calculateRemainingSizeForOriginExcludingCache):
        (WebCore::ApplicationCacheStorage::storeUpdatedQuotaForOrigin):
        (WebCore::ApplicationCacheStorage::verifySchemaVersion):
        (WebCore::ApplicationCacheStorage::store):
        (WebCore::ApplicationCacheStorage::storeUpdatedType):
        (WebCore::ApplicationCacheStorage::ensureOriginRecord):
        (WebCore::ApplicationCacheStorage::storeNewestCache):
        (WebCore::ApplicationCacheStorage::loadCache):
        (WebCore::ApplicationCacheStorage::remove):
        (WebCore::ApplicationCacheStorage::getManifestURLs):
        (WebCore::ApplicationCacheStorage::cacheGroupSize):
        (WebCore::ApplicationCacheStorage::deleteCacheGroupRecord):
        (WebCore::ApplicationCacheStorage::checkForMaxSizeReached):
        (WebCore::ApplicationCacheStorage::checkForDeletedResources):
        (WebCore::ApplicationCacheStorage::flatFileAreaSize):
        * loader/icon/IconDatabase.cpp:
        (WebCore::IconDatabase::checkIntegrity):
        (WebCore::IconDatabase::performURLImport):
        (WebCore::IconDatabase::pruneUnretainedIcons):
        (WebCore::readySQLiteStatement):
        (WebCore::IconDatabase::setIconIDForPageURLInSQLDatabase):
        (WebCore::IconDatabase::removePageURLFromSQLDatabase):
        (WebCore::IconDatabase::getIconIDForIconURLFromSQLDatabase):
        (WebCore::IconDatabase::addIconURLToSQLDatabase):
        (WebCore::IconDatabase::getImageDataForIconURLFromSQLDatabase):
        (WebCore::IconDatabase::removeIconFromSQLDatabase):
        (WebCore::IconDatabase::writeIconSnapshotToSQLDatabase):
        * platform/sql/SQLiteDatabase.cpp:
        (WebCore::SQLiteDatabase::setMaximumSize):
        * platform/sql/SQLiteDatabase.h:
        * platform/sql/SQLiteFileSystem.cpp:
        (WebCore::SQLiteFileSystem::getFileNameForNewDatabase):
        * platform/sql/SQLiteStatement.cpp:
        (WebCore::SQLiteStatement::step):
        (WebCore::SQLiteStatement::returnIntResults):
        (WebCore::SQLiteStatement::returnInt64Results):

2015-04-05  Simon Fraser  <simon.fraser@apple.com>

        Remove "go ahead and" from comments
        https://bugs.webkit.org/show_bug.cgi?id=143421

        Reviewed by Darin Adler, Benjamin Poulain.

        Remove the phrase "go ahead and" from comments where it doesn't add
        anything (which is almost all of them).

        * Modules/webdatabase/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::deleteOriginLockFor):
        * css/CSSFontFaceSrcValue.cpp:
        (WebCore::CSSFontFaceSrcValue::isSupportedFormat):
        * css/CSSPrimitiveValue.h:
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::styleForKeyframe):
        (WebCore::StyleResolver::styleForPage):
        (WebCore::StyleResolver::applyMatchedProperties):
        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::pushDownInlineStyleAroundNode):
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::detachFromFrame):
        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::addIncrementalDataBuffer):
        * loader/icon/IconDatabase.cpp:
        (WebCore::IconDatabase::performURLImport):
        * page/PageOverlay.cpp:
        (WebCore::PageOverlay::fadeAnimationTimerFired):
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::updateScrollbars):
        (WebCore::ScrollView::scrollContents):
        * platform/graphics/DisplayRefreshMonitor.cpp:
        (WebCore::DisplayRefreshMonitor::create):
        * platform/graphics/GraphicsContext.cpp:
        * platform/graphics/mac/ComplexTextController.cpp:
        (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
        * platform/network/HTTPParsers.cpp:
        (WebCore::parseHTTPRefresh):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::removeChild):
        (WebCore::RenderBlock::layoutPositionedObjects):
        (WebCore::RenderBlock::selectionGaps):
        (WebCore::RenderBlock::blockSelectionGaps):
        (WebCore::RenderBlock::absoluteRects):
        (WebCore::RenderBlock::absoluteQuads):
        (WebCore::RenderBlock::addFocusRingRects):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::layoutBlockChild):
        (WebCore::RenderBlockFlow::handleAfterSideOfBlock):
        (WebCore::RenderBlockFlow::adjustBlockChildForPagination):
        (WebCore::RenderBlockFlow::insertFloatingObject):
        (WebCore::RenderBlockFlow::addOverhangingFloats):
        (WebCore::RenderBlockFlow::inlineSelectionGaps):
        (WebCore::RenderBlockFlow::computeInlinePreferredLogicalWidths):
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlockFlow::appendRunsForObject):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::positionLineBox):
        (WebCore::RenderBox::sizesLogicalWidthToFitContent):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::updateLayerPositions):
        (WebCore::RenderLayer::hitTestLayer):
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLayerModelObject.cpp:
        (WebCore::RenderLayerModelObject::styleWillChange):
        * rendering/RenderLineBoxList.cpp:
        (WebCore::RenderLineBoxList::dirtyLinesFromChangedChild):
        * rendering/RenderTextLineBoxes.cpp:
        (WebCore::RenderTextLineBoxes::dirtyRange):
        * rendering/line/BreakingContext.h:
        (WebCore::BreakingContext::handleOutOfFlowPositioned):
        (WebCore::BreakingContext::handleText):
        * rendering/line/LineBreaker.cpp:
        (WebCore::LineBreaker::nextLineBreak):
        * style/StyleResolveTree.cpp:
        (WebCore::Style::resolveLocal):
        * xml/XMLHttpRequestProgressEventThrottle.cpp:
        (WebCore::XMLHttpRequestProgressEventThrottle::dispatchThrottledProgressEvent):
        * xml/parser/XMLDocumentParser.cpp:
        (WebCore::XMLDocumentParser::append):

2015-04-04  Andy Estes  <aestes@apple.com>

        [Content Filtering] Blocked page is not always displayed when it should be
        https://bugs.webkit.org/show_bug.cgi?id=143410
        rdar://problem/20211099

        Reviewed by Andreas Kling.

        These tests now pass: contentfiltering/block-after-add-data.html
                              contentfiltering/block-after-response.html

        There were several problems with how ContentFilter loaded replacement data:
        (1) Replacement data was delivered to DocumentLoader as if it were the original document's data. This assumes
            that the original data was a UTF-8 encoded HTML document, which is not always true. We had a way to reset
            the encoding, but not the content type.
        (2) Replacement data was never delivered when the filter blocks in DocumentLoader::responseReceived().
        (3) The main resource load was cancelled before the replacement data could be rendered when the filter blocks
            in DocumentLoader::dataReceived().
        The result was that only when the load was blocked after DocumentLoader::notifyFinished() would the replacement
        data be shown properly, and only when problem (1) wasn't occurring.

        This patch addresses these issues by using the substitute data mechanism to deliver replacement data. By using
        substitute data, we can ensure that the original load is cancelled at the earliest opportunity and that the
        replacement data is loaded with the proper content type and encoding.

        Accomplishing this required changing the way ContentFilter interacts with DocumentLoader. Instead of placing
        ContentFilter hooks throughout DocumentLoader, this patch makes ContentFilter itself the client of the
        CachedRawResource for the duration of the filtering. If the filter decides to allow the load, DocumentLoader
        adds itself as a client causing CachedRawResource to deliver to it the response and buffered data. If the
        filter decides to block the load, DocumentLoader schedules a substitute data load. An added benefit of this
        approach is that ContentFilter can reuse CachedRawResource's original data buffer instead of keeping its own.

        * loader/ContentFilter.cpp:
        (WebCore::ContentFilter::createIfNeeded): Changed to take a DecisionFunction rather than a ResourceResponse and DocumentLoader.
        (WebCore::ContentFilter::ContentFilter): Ditto.
        (WebCore::ContentFilter::~ContentFilter): Removed ourself as a CachedRawResource client if needed.
        (WebCore::ContentFilter::startFilteringMainResource): Became the client of the CachedRawResource in order to start the filtering process.
        (WebCore::ContentFilter::unblockHandler): Returned the unblock handler.
        (WebCore::ContentFilter::replacementData): Returned the replacement data.
        (WebCore::ContentFilter::unblockRequestDeniedScript): Returned the unblock request denied script.
        (WebCore::ContentFilter::responseReceived): Called responseReceived() on each filter using forEachContentFilterUntilBlocked().
        (WebCore::ContentFilter::dataReceived): Ditto for dataReceived().
        (WebCore::ContentFilter::notifyFinished): Ditto for finishedLoading().
        (WebCore::ContentFilter::forEachContentFilterUntilBlocked): For each filter that needs more data, called the function.
        If the filter blocked the load, called didDecide() with State::Blocked.
        If all filters allowed the load, called didDecide() with State::Allowed.
        (WebCore::ContentFilter::didDecide): Set m_state and called m_decisionFunction().
        (WebCore::ContentFilter::addData): Deleted.
        (WebCore::ContentFilter::finishedAddingData): Deleted.
        (WebCore::ContentFilter::needsMoreData): Deleted.
        (WebCore::ContentFilter::didBlockData): Deleted.
        (WebCore::ContentFilter::getReplacementData): Deleted.
        * loader/ContentFilter.h:
        (WebCore::ContentFilter::type):
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::DocumentLoader): Called ContentFilter::createIfNeeded() if not loading substitute data.
        (WebCore::DocumentLoader::finishedLoading): Removed old ContentFilter code.
        (WebCore::DocumentLoader::responseReceived): Ditto.
        (WebCore::DocumentLoader::commitData): Ditto.
        (WebCore::DocumentLoader::dataReceived): Ditto.
        (WebCore::DocumentLoader::detachFromFrame): Set m_contentFilter to nullptr.
        (WebCore::DocumentLoader::startLoadingMainResource): Called becomeMainResourceClientIfFilterAllows() instead of
        becoming m_mainResource's client.
        (WebCore::DocumentLoader::clearMainResource): Set m_contentFilter to nullptr.
        (WebCore::DocumentLoader::becomeMainResourceClientIfFilterAllows): If ContentFilter is initialized, called
        ContentFilter::startFilteringMainResource(). Otherwise added ourself as a client of m_mainResource.
        (WebCore::DocumentLoader::installContentFilterUnblockHandler): Added a helper for creating and notifying
        FrameLoaderClient of the unblock handler.
        (WebCore::DocumentLoader::contentFilterDidDecide): Set m_contentFilter to nullptr. If the content filter
        allowed the load, then added ourself as the CachedRawResource's client. Otherwise, installed the unblock handler
        and scheduled a substitute data load with the replacement data.
        * loader/DocumentLoader.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::prepareForLoadStart): Removed call to PolicyChecker::prepareForLoadStart().
        * loader/NavigationScheduler.cpp:
        (WebCore::ScheduledSubstituteDataLoad::ScheduledSubstituteDataLoad): Added a ScheduledNavigation subclass that
        calls FrameLoader::load() with a FrameLoadRequest containing substitute data.
        (WebCore::NavigationScheduler::scheduleSubstituteDataLoad): Scheduled a substitute data load.
        * loader/NavigationScheduler.h:
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy): Reset m_contentFilterUnblockHandler if it couldn't handle the request.
        (WebCore::PolicyChecker::prepareForLoadStart): Deleted.
        * loader/PolicyChecker.h:
        * platform/ContentFilterUnblockHandler.h:
        (WebCore::ContentFilterUnblockHandler::unreachableURL):
        (WebCore::ContentFilterUnblockHandler::setUnreachableURL):
        (WebCore::ContentFilterUnblockHandler::unblockURLScheme): Renamed to ContentFilter::urlScheme().
        * platform/PlatformContentFilter.h:
        * platform/cocoa/ContentFilterUnblockHandlerCocoa.mm:
        (WebCore::ContentFilterUnblockHandler::wrapWithDecisionHandler): Added a helper to wrap the unblock handler with an outer DecisionHandlerFunction.
        (WebCore::ContentFilterUnblockHandler::encode): Added m_unreachableURL to the encoding.
        (WebCore::ContentFilterUnblockHandler::decode): Ditto for the decoding.
        (WebCore::ContentFilterUnblockHandler::canHandleRequest): Changed to call ContentFilter::urlScheme().
        * platform/cocoa/NetworkExtensionContentFilter.h:
        * platform/cocoa/NetworkExtensionContentFilter.mm:
        (replacementDataFromDecisionInfo): Added a helper to extract replacement data from the decisionInfo dictionary.
        (WebCore::NetworkExtensionContentFilter::enabled): Renamed from canHandleReponse(); only checks if the filter is enabled.
        (WebCore::NetworkExtensionContentFilter::create): Created a new object.
        (WebCore::NetworkExtensionContentFilter::NetworkExtensionContentFilter): Created a NEFilterSource immediately when using the modern API.
        (WebCore::NetworkExtensionContentFilter::responseReceived): Created a NEFilterSource when using the legacy API.
        Called -[NEFilterSource receivedResponse:decisionHandler:] when using the modern API.
        (WebCore::NetworkExtensionContentFilter::addData): Stopped buffering the original data.
        (WebCore::NetworkExtensionContentFilter::replacementData): Returned a SharedBuffer instead of a char* and int&.
        (WebCore::NetworkExtensionContentFilter::canHandleResponse): Deleted.
        (WebCore::createNEFilterSource): Deleted.
        (WebCore::NetworkExtensionContentFilter::getReplacementData): Deleted.
        * platform/cocoa/ParentalControlsContentFilter.h:
        * platform/cocoa/ParentalControlsContentFilter.mm:
        (WebCore::ParentalControlsContentFilter::enabled): Renamed from canHandleReponse(); only checks if the filter is enabled.
        (WebCore::ParentalControlsContentFilter::create): Created a new object.
        (WebCore::ParentalControlsContentFilter::ParentalControlsContentFilter): Initialized m_filterState to kWFEStateBuffering.
        (WebCore::canHandleResponse): Added a helper to check if the response can be filtered.
        (WebCore::ParentalControlsContentFilter::responseReceived): If !canHandleResponse(), set m_filterState to kWFEStateAllowed and return.
        Otherwise created a new WebFilterEvaluator with the response.
        (WebCore::ParentalControlsContentFilter::addData): Called updateFilterState().
        (WebCore::ParentalControlsContentFilter::finishedAddingData): Ditto.
        (WebCore::ParentalControlsContentFilter::needsMoreData): Changed to check m_filterState.
        (WebCore::ParentalControlsContentFilter::didBlockData): Ditto.
        (WebCore::ParentalControlsContentFilter::replacementData): Returned a SharedBuffer instead of a char* and int&.
        (WebCore::ParentalControlsContentFilter::updateFilterState): Updated m_filterState by calling -[WebFilterEvaluator filterState].
        (WebCore::ParentalControlsContentFilter::canHandleResponse): Deleted.
        (WebCore::ParentalControlsContentFilter::getReplacementData): Deleted.
        * platform/spi/cocoa/NEFilterSourceSPI.h:
        * platform/spi/cocoa/WebFilterEvaluatorSPI.h:
        * testing/MockContentFilter.cpp:
        (WebCore::MockContentFilter::enabled): Renamed from canHandleReponse(); only checks if the filter is enabled.
        (WebCore::MockContentFilter::create): Created a new object.
        (WebCore::MockContentFilter::responseReceived): Called maybeDetermineStatus().
        (WebCore::MockContentFilter::addData): Stopped buffering the original data.
        (WebCore::MockContentFilter::replacementData): Returned a SharedBuffer instead of a char* and int&.
        (WebCore::MockContentFilter::unblockHandler): Asserted that we blocked data.
        (WebCore::MockContentFilter::canHandleResponse): Deleted.
        (WebCore::MockContentFilter::MockContentFilter): Deleted.
        (WebCore::MockContentFilter::getReplacementData): Deleted.
        * testing/MockContentFilter.h:
        * testing/MockContentFilterSettings.cpp:
        (WebCore::MockContentFilterSettings::unblockRequestURL): Changed to use a StringBuilder.

2015-04-04  Chris Fleizach  <cfleizach@apple.com>

        AX: Heuristic: Avoid exposing an element as clickable if mouse event delegation is handled on an AXElement with more than one descendant AXElement
        https://bugs.webkit.org/show_bug.cgi?id=136247

        Reviewed by Mario Sanchez Prada.

        Modify the logic for determining whether an element supports the press action by trying to filter out objects being handled by event delegation.
        The heuristic is if an element handles click actions and has more than one of a {static text, image, control, link, heading}, then we think
        it's using event delegation, and do not expose the press action.

        Test: platform/mac/accessibility/press-action-not-exposed-for-event-delegation.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::supportsPressAction):

2015-04-04  Simon Fraser  <simon.fraser@apple.com>

        More const in CSSToStyleMap
        https://bugs.webkit.org/show_bug.cgi?id=143409

        Reviewed by Andreas Kling.

        The CSSValues passed to CSSToStyleMap functions can mostly be treated
        as |const|, except for CSSImageValues which have special behavior.
        
        This makes it clearer what the inputs and outputs of these
        functions are.

        * css/CSSPrimitiveValue.cpp:
        (WebCore::CSSPrimitiveValue::computeDegrees):
        * css/CSSPrimitiveValue.h:
        (WebCore::CSSPrimitiveValue::computeTime):
        * css/CSSToStyleMap.cpp:
        (WebCore::CSSToStyleMap::mapFillAttachment):
        (WebCore::CSSToStyleMap::mapFillClip):
        (WebCore::CSSToStyleMap::mapFillComposite):
        (WebCore::CSSToStyleMap::mapFillBlendMode):
        (WebCore::CSSToStyleMap::mapFillOrigin):
        (WebCore::CSSToStyleMap::mapFillRepeatX):
        (WebCore::CSSToStyleMap::mapFillRepeatY):
        (WebCore::CSSToStyleMap::mapFillSize):
        (WebCore::CSSToStyleMap::mapFillXPosition):
        (WebCore::CSSToStyleMap::mapFillYPosition):
        (WebCore::CSSToStyleMap::mapFillMaskSourceType):
        (WebCore::CSSToStyleMap::mapAnimationDelay):
        (WebCore::CSSToStyleMap::mapAnimationDirection):
        (WebCore::CSSToStyleMap::mapAnimationDuration):
        (WebCore::CSSToStyleMap::mapAnimationFillMode):
        (WebCore::CSSToStyleMap::mapAnimationIterationCount):
        (WebCore::CSSToStyleMap::mapAnimationName):
        (WebCore::CSSToStyleMap::mapAnimationPlayState):
        (WebCore::CSSToStyleMap::mapAnimationProperty):
        (WebCore::CSSToStyleMap::mapAnimationTimingFunction):
        (WebCore::CSSToStyleMap::mapAnimationTrigger):
        * css/CSSToStyleMap.h:

2015-04-04  Dan Bernstein  <mitz@apple.com>

        Tried to fix the build.

        * loader/icon/IconController.cpp:
        (WebCore::iconsFromLinkElements):

2015-04-02  Darin Adler  <darin@apple.com>

        Streamline icon-related code, mostly unused
        https://bugs.webkit.org/show_bug.cgi?id=143306

        Reviewed by Antti Koivisto.

        I started on this path because Document::iconURLs had a poor implementation,
        storing results in a data member with no benefit, using HTMLCollection for
        iteration of the children of the head element instead of using the simpler
        faster technique we use inside the engine. Then, I discovered this function was
        mostly-unused code left over from before the Blink fork. I removed most of it.
        We can add this back later if someone finds a use for it, but if we do we
        should do a higher quality implementation without the quirks of the old one.

        Refactoring also made it clear that logic isn't exactly sensible. There's a
        set of rules about what order to return the list in that is not followed by
        the code that tries to find the "default touch icon". Later we could add some
        more test coverage and tighten up the logic. But the reality is that at this
        time, with some small exceptions, icon logic is in the web browsers, not in WebKit.

        * CMakeLists.txt: Removed IconURL.cpp.
        * WebCore.vcxproj/WebCore.vcxproj: Ditto.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * dom/DOMAllInOne.cpp: Ditto.

        * dom/Document.cpp:
        (WebCore::Document::evaluate): Tweaked formatting.
        (WebCore::Document::shortcutIconURLs): Removed. Unused function.
        (WebCore::Document::iconURLs): Removed. Moved code to IconController.
        (WebCore::Document::addIconURL): Removed. Moved code to LinkLoader.

        * dom/Document.h: Removed shortcutIconURLs, iconURLs, addIconURL,
        and m_iconURLs.

        * dom/IconURL.cpp: Removed.
        * dom/IconURL.h: Removed everything from this header except for the
        IconType enum. Added a FIXME about possibly renaming the header.

        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::HTMLLinkElement): Pass a reference when creating
        the link loading.
        (WebCore::HTMLLinkElement::setDisabledState): Access members of the struct
        LinkRelElement without "m_" prefix.
        (WebCore::HTMLLinkElement::parseAttribute): Changed to use early return style,
        and made the part of this for parsing title use a more normal idiom.
        (WebCore::HTMLLinkElement::process): Removed many unneeded arguments, made the
        logic of the code a little easier to follow.
        (WebCore::HTMLLinkElement::removedFrom): Removed a call to a function that had
        an empty body.
        (WebCore::HTMLLinkElement::iconType): Updated for change to LinkRelElement.
        (WebCore::HTMLLinkElement::addSubresourceAttributeURLs): Ditto.
        * html/HTMLLinkElement.h: More of the same.

        * html/LinkRelAttribute.cpp:
        (WebCore::LinkRelAttribute::LinkRelAttribute): Initialize data members in the
        struct itself. Got rid of "m_" prefix since this is a struct, not a class.
        Changed code to use modern for loop; even better would be to eliminate the
        splitting into a vector entirely and use StringView (do that next time).
        * html/LinkRelAttribute.h: See above.

        * html/parser/HTMLPreloadScanner.cpp:
        (WebCore::TokenPreloadScanner::StartTagScanner::relAttributeIsStyleSheet):
        Updated for chnages to LinkRelAttribute and give the local variable a clearer name.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::didChangeIcons): Removed.
        * loader/FrameLoader.h: Removed didChangeIcons.

        * loader/FrameLoaderClient.h: Added include for String since it's no longer
        taken care of by IconURLs.h.

        * loader/LinkLoader.cpp:
        (WebCore::LinkLoader::LinkLoader): Take a reference instead of a pointer.
        (WebCore::LinkLoader::linkLoadTimerFired): Use m_client reference instead of pointer.
        (WebCore::LinkLoader::linkLoadingErrorTimerFired): Ditto.
        (WebCore::LinkLoader::notifyFinished): Use nullptr.
        (WebCore::LinkLoader::loadLink): Tweak formatting. Move the dispatchDidChangeIcons
        call in here instead of going through Document to FrameLoader and then FrameLoader to
        FrameLoaderClient, and passing extra unused arguments, the way the old code did.
        Use a reference instead of a pointer for the document.
        (WebCore::LinkLoader::released): Removed. Empty function.

        * loader/LinkLoader.h: Changed constructor argument to be a reference. Made more
        things private. Removed empty released function.

        * loader/icon/IconController.cpp:
        (WebCore::IconController::IconController): Moved initialization of data members to
        the class definition in the header.
        (WebCore::iconsFromLinkElements): Added. This function replaces the existing
        Document::iconURLs function, but has a simpler implementation and interface.
        It focuses on exactly what the code in this file needs. If we want to add some
        more features to the icon controller we might make this more complex again.
        Even now, building a vector is not necessarily helpful; the only client of this
        function ends up extracting only one of the URLs this function returns.
        (WebCore::IconController::url): Rewrote this. It's the only function actually
        using the icon URLs. This contains a combination of the logic from the various
        functions in this class before, including iconURL, urlsForTypes, appendToIconURLs,
        and defaultURL. Among other improvements, replaced the unusual code to construct
        the icon URL with a call to Document::completeURL.
        (WebCore::IconController::startLoader): Refactored a bit to remove a local variable.
        (WebCore::IconController::continueLoadWithDecision): Ditto.

        * loader/icon/IconController.h: Removed unneeded includes, unneeded use of
        WTF_MAKE_NONCOPYABLE (since classes with data members of reference type are
        automatically noncopyable), unused fucntions. Also initialize m_waitingForLoadDecision.

        * testing/Internals.cpp:
        (WebCore::Internals::iconURLs): Removed.
        (WebCore::Internals::shortcutIconURLs): Left this in place since it is used by
        tests. Changed it to return the actual value from the IconController::url function,
        since that's the interface to our icon machinery that is actually exposed on some
        platforms. That means this returns only a single URL.
        (WebCore::Internals::allIconURLs): Removed.
        * testing/Internals.h: Removed allIconURLs and iconURLs.
        * testing/Internals.idl: Removed allIconURLs.

2015-04-04  Simon Fraser  <simon.fraser@apple.com>

        Fix EFL and Gtk build.

        * dom/Document.cpp:
        (WebCore::Document::didRemoveTouchEventHandler):

2015-04-04  Simon Fraser  <simon.fraser@apple.com>

        Crash under Document::absoluteRegionForEventTargets on build.webkit.org/dashboard
        https://bugs.webkit.org/show_bug.cgi?id=143406
        rdar://problem/20407080

        Reviewed by Ryosuke Niwa.
        
        We failed to remove elements from Document's m_wheelEventTargets HashSet when the
        elements were destroyed with wheel handlers still on them. Fix by removing the
        node from the set via Node::willBeDeletedFrom().

        Tests: platform/mac-wk2/tiled-drawing/scrolling/non-fast-region/destroy-element-with-multiple-handlers-crash.html
               platform/mac-wk2/tiled-drawing/scrolling/non-fast-region/destroy-wheel-element-crash.html
               platform/mac-wk2/tiled-drawing/scrolling/non-fast-region/destroy-wheel-element-parent-crash.html

        * dom/Document.cpp:
        (WebCore::removeHandlerFromSet): Helper to remove one or all handlers on the given node.
        (WebCore::Document::didRemoveWheelEventHandler): Add a parameter to specify whether we're
        removing all handlers on the given node.
        (WebCore::Document::didRemoveTouchEventHandler): Use removeHandlerFromSet().
        * dom/Document.h:
        * dom/Node.cpp:
        (WebCore::Node::willBeDeletedFrom): Tell the document we're removing all handlers
        for this node.

2015-04-04  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r182215): Feedly crashes when closing article
        https://bugs.webkit.org/show_bug.cgi?id=143405
        rdar://problem/20382734, rdar://problem/20395497

        Reviewed by Tim Horton.
        
        Calling computeNonFastScrollableRegion() eagerly when scrollable areas come and go
        is bad, because it can cause FrameView::layout() to get called in the middle of
        RenderObject destruction, which leaves the render tree in a bad state.
        
        Fix by calling computeNonFastScrollableRegion() lazily, just before scrolling tree commit.
        
        AsyncScrollingCoordinator::frameViewNonFastScrollableRegionChanged() now just sets
        a flag to say that the non-fast region needs to be recomputed, and that schedules
        a scrolling tree commit. When the commit happens, we recompute the region. If the
        region didn't change, and no other changes are pending, there's no need to commit.

        Test: platform/mac-wk2/tiled-drawing/scrolling/non-fast-region/compute-region-inside-delete-renderer-crash.html

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::setNonFastScrollableRegionDirty):
        (WebCore::AsyncScrollingCoordinator::willCommitTree):
        (WebCore::AsyncScrollingCoordinator::updateNonFastScrollableRegion):
        (WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated):
        (WebCore::AsyncScrollingCoordinator::frameViewNonFastScrollableRegionChanged):
        (WebCore::AsyncScrollingCoordinator::scrollingStateTreeAsText): Need to eagerly update
        the non-fast scrollable region.
        * page/scrolling/AsyncScrollingCoordinator.h:
        (WebCore::AsyncScrollingCoordinator::nonFastScrollableRegionDirty):
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::ScrollingCoordinator):
        (WebCore::ScrollingCoordinator::computeNonFastScrollableRegion):
        * page/scrolling/ScrollingCoordinator.h:
        (WebCore::ScrollingCoordinator::willCommitTree):
        * page/scrolling/mac/ScrollingCoordinatorMac.mm:
        (WebCore::ScrollingCoordinatorMac::commitTreeStateIfNeeded):
        (WebCore::ScrollingCoordinatorMac::scheduleTreeStateCommit):
        (WebCore::ScrollingCoordinatorMac::commitTreeState):

2015-04-04  Simon Fraser  <simon.fraser@apple.com>

        Differentiate between composited scrolling, and async scrolling
        https://bugs.webkit.org/show_bug.cgi?id=143291

        Reviewed by Sam Weinig.
        
        ScrollableArea::usesCompositedScrolling() meant "uses aysnc scrolling", but
        FrameView::contentsInCompositedLayer() covered a related concept, that scrolling
        happens by moving compositing layers around.
        
        Make the difference between these more explicit by adding ScrollableArea::usesAsyncScrolling(),
        which means that scrolling for that ScrollableArea is asynchronous and managed
        by a ScrollingCoordinator. This is the meaning that ScrollingCoordinator::computeNonFastScrollableRegion()
        understands.
        
        ScrollableArea::usesCompositedScrolling() is now repurposed to mean "scrolling
        occurs by moving layers around, not requiring repaint". FrameView::contentsInCompositedLayer()
        is renamed to usesCompositedScrolling(), and overrides the base class function.

        This only changes behavior in tests that call setScrollingTreeIncludesFrames(true).

        * page/FrameView.cpp:
        (WebCore::FrameView::useSlowRepaints):
        (WebCore::FrameView::usesCompositedScrolling):
        (WebCore::FrameView::usesAsyncScrolling):
        (WebCore::FrameView::scrollContentsFastPath):
        (WebCore::FrameView::scrollContentsSlowPath):
        (WebCore::FrameView::contentsInCompositedLayer): Deleted.
        * page/FrameView.h:
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::computeNonFastScrollableRegion):
        * platform/ScrollableArea.h:
        (WebCore::ScrollableArea::usesAsyncScrolling):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::usesAsyncScrolling):
        * rendering/RenderLayer.h:

2015-04-04  Xabier Rodriguez Calvar <calvaris@igalia.com> and Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] Collecting a ReadableStreamReader should not unlock its stream
        https://bugs.webkit.org/show_bug.cgi?id=143333

        Reviewed by Benjamin Poulain.

        This patch stores as a boolean whether the stream is locked to a reader.
        In case the reader forget to unlock the stream, the reader can be collected and destructor called.
        In that case, the link between reader and stream will be reset but the stream will remain in locked state.

        Covered by new test in streams/readablestreamreader-constructor.html.

        * Modules/streams/ReadableStream.h:
        (WebCore::ReadableStream::isLocked):
        (WebCore::ReadableStream::lock):
        (WebCore::ReadableStream::release):
        (WebCore::ReadableStream::releaseButKeepLocked): Introduced to cut the link between reader and stream but stil keeping the stream locked.
        * Modules/streams/ReadableStreamReader.cpp:
        (WebCore::ReadableStreamReader::~ReadableStreamReader):
        * bindings/js/JSReadableStreamCustom.cpp:
        (WebCore::JSReadableStream::getReader):
        * bindings/js/JSReadableStreamReaderCustom.cpp:
        (WebCore::constructJSReadableStreamReader):

2015-04-03  Zan Dobersek  <zdobersek@igalia.com>

        MediaDevices possesses a vtable despite using ImplementationLacksVTable IDL attribute
        https://bugs.webkit.org/show_bug.cgi?id=143367

        Reviewed by Eric Carlson.

        * Modules/mediastream/MediaDevices.idl: MediaDevices ends up with a vtable
        because of inheriting from ContextDestructionObserver. This collides with
        the ImplementationLacksVTable IDL attribute, causing compilation errors
        with Clang. Since MediaDevices isn't being inherited from, but will still
        end up with a vtable, the IDL attribute should be removed.

2015-04-03  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Add memory reporting.
        https://bugs.webkit.org/show_bug.cgi?id=143386

        Reviewed by Benjamin Poulain.

        * contentextensions/CompiledContentExtension.cpp:
        (WebCore::ContentExtensions::CompiledContentExtension::globalDisplayNoneSelectors):
        * contentextensions/CompiledContentExtension.h:
        * contentextensions/ContentExtension.cpp:
        (WebCore::ContentExtensions::ContentExtension::globalDisplayNoneStyleSheet):
        * contentextensions/ContentExtension.h:
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
        * contentextensions/ContentExtensionsDebugging.h:
        * contentextensions/DFABytecodeInterpreter.cpp:
        (WebCore::ContentExtensions::getBits):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretAppendAction):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretTestFlagsAndAppendAction):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::actionsFromDFARoot):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
        * contentextensions/DFABytecodeInterpreter.h:
        (WebCore::ContentExtensions::DFABytecodeInterpreter::DFABytecodeInterpreter):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::~DFABytecodeInterpreter):
        Keep track of which memory pages in the bytecode are being hit if CONTENT_EXTENSIONS_MEMORY_REPORTING is 1.
        When CONTENT_EXTENSIONS_MEMORY_REPORTING is 0, this makes an empty vector in ContentExtension
        and passes some pointers on the stack, many of which can be optimized out by the C++ compiler.

2015-04-03  Brent Fulgham  <bfulgham@apple.com>

        Expand test infrastructure to support scrolling tests
        https://bugs.webkit.org/show_bug.cgi?id=143383

        Reviewed by Darin Adler.

        No new tests: No change in behavior.

        This is an initial set of changes that clean up a few things I noticed while extending testing support
        for scroll animations and wheel event gestures.
        1. Reduce the amount of #ifdef code in EventHandler{Mac}.
        2. Consolidate the idea of an "End Gesture" in the PlatformWheelEvent class.
        3. Remove a number of unneeded null checks in EventHandler.
        4. ScrollController must always have a client, so hold a reference instead of using a pointer.

        * WebCore.vcxproj/WebCore.vcxproj: Add new WheelEventTestTrigger files.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * page/EventHandler.cpp:
        (WebCore::EventHandler::platformNotifyIfEndGesture): Renamed from 'platformNotifySnapIfNecessary'.
        (WebCore::EventHandler::handleWheelEvent): Call 'platformNotifySnapIfNecessary' at method exit points.
        (WebCore::EventHandler::platformNotifySnapIfNecessary): Deleted.
        * page/EventHandler.h:
        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::platformCompleteWheelEvent):  Remove unneeded null checks for 'view'. Remove
        CSS_SNAP-specific call to 'platformNotifySnapIfNecessary'. This logic is now handled in the new
        'platformNotifyIfEndGesture' method.
        (WebCore::EventHandler::platformNotifyIfEndGesture): Renamed from 'platformNotifySnapIfNecessary'.
        (WebCore::EventHandler::platformNotifySnapIfNecessary): Deleted.
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::ScrollingTreeFrameScrollingNodeMac): Pass 'this' as
        reference to ScrollController constructor.
        * platform/PlatformWheelEvent.h:
        (WebCore::PlatformWheelEvent::shouldResetLatching): Call new 'isEndGesture' method.
        (WebCore::PlatformWheelEvent::isEndGesture): Added method to encapsulate some code that was duplicated
        in a number of places.
        * platform/ScrollAnimator.cpp:
        (WebCore::ScrollAnimator::ScrollAnimator): Pass 'this' as reference to ScrollController constructor.
        * platform/cocoa/ScrollController.h:
        * platform/cocoa/ScrollController.mm:
        (WebCore::ScrollController::ScrollController): Update to reflect m_client is now a reference.
        (WebCore::ScrollController::handleWheelEvent): Ditto.
        (WebCore::ScrollController::snapRubberBandTimerFired): Ditto. Also, a drive-by fix for ending rubberband
        snapping. This end-state wasn't deactivating the timer (even when the animation finished). This isn't a
        huge problem, but I (will) rely on the state of the animation timer in a future patch to decide if
        tests should run or continue waiting.
        (WebCore::ScrollController::isRubberBandInProgress): Ditto.
        (WebCore::ScrollController::startSnapRubberbandTimer): Ditto.
        (WebCore::ScrollController::stopSnapRubberbandTimer): Ditto.
        (WebCore::ScrollController::shouldRubberBandInHorizontalDirection): Ditto.
        (WebCore::ScrollController::processWheelEventForScrollSnapOnAxis): Ditto.
        (WebCore::ScrollController::startScrollSnapTimer): Ditto.
        (WebCore::ScrollController::stopScrollSnapTimer): Ditto.
        (WebCore::ScrollController::scrollSnapAnimationUpdate): Ditto.
        (WebCore::ScrollController::beginScrollSnapAnimation): Ditto.
        (WebCore::ScrollController::computeSnapDelta): Ditto.
        (WebCore::ScrollController::computeGlideDelta): Ditto.
        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::gestureShouldBeginSnap): Use new PlatformWheelEvent::isEndGesture() method.

2015-04-03  Chris Fleizach  <cfleizach@apple.com>

        AX: Toggling check box state not speaking using plain space, not VO space.
        https://bugs.webkit.org/show_bug.cgi?id=143356

        Reviewed by Darin Adler.

        The checkbox state change needs to result in a value change being generated, otherwise accessibility won't know the value has changed through keyboard usage.
  
        Test: platform/mac/accessibility/checkbox-posts-value-change-notification-after-activation-with-space.html

        * accessibility/mac/AXObjectCacheMac.mm:
        (WebCore::AXObjectCache::postPlatformNotification):

2015-04-03  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Use pre-computed simple line runs to produce innerText content.
        https://bugs.webkit.org/show_bug.cgi?id=143351

        Reviewed by Antti Koivisto.

        This is in preparation to cover <br> with simple line layout.
        Runs provide line layout information that can be used to cover hard line break cases.
        (similar to TextIterator::handleTextBox())

        Covered by existing tests.

        * editing/TextIterator.cpp:
        (WebCore::TextIterator::handleTextNode):
        (WebCore::TextIterator::emitCharacter):
        (WebCore::TextIterator::emitText):
        * editing/TextIterator.h:
        * rendering/SimpleLineLayoutResolver.h:
        (WebCore::SimpleLineLayout::RunResolver::Run::isEndOfLine):

2015-04-03  Antti Koivisto  <antti@apple.com>

        Add non-counting bloom filter class
        https://bugs.webkit.org/show_bug.cgi?id=143366

        Reviewed by Sam Weinig.

        * css/SelectorFilter.cpp:
        (WebCore::SelectorFilter::setupParentStack):
        * css/SelectorFilter.h:

        Update names.

2015-04-03  Alex Christensen  <achristensen@webkit.org>

        Remove dead code.
        https://bugs.webkit.org/show_bug.cgi?id=143352

        Reviewed by Gyuyoung Kim.

        * html/BaseChooserOnlyDateAndTimeInputType.cpp:
        (WebCore::BaseChooserOnlyDateAndTimeInputType::handleDOMActivateEvent):
        * loader/EmptyClients.cpp:
        (WebCore::EmptyChromeClient::openDateTimeChooser): Deleted.
        * loader/EmptyClients.h:
        * page/Chrome.cpp:
        (WebCore::Chrome::openDateTimeChooser): Deleted.
        * page/Chrome.h:
        * page/ChromeClient.h:
        Remove ChromeClient::openDateTimeChooser.

2015-04-03  Zan Dobersek  <zdobersek@igalia.com>

        Unreviewed, fixing Clang builds of the GTK port on Linux.

        * Modules/mediastream/MediaDevices.h:
        Include the <functional> header for uses of std::function<>.

2015-04-01 Xabier Rodriguez Calvar <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] Split ReadableStream/Reader implementation according source type (JS vs native)
        https://bugs.webkit.org/show_bug.cgi?id=143130

        Reviewed by Benjamin Poulain.

        Introduce ReadableJSStream and ReadableJSStreamReader as subclasses of ReadableStream and ReadableStreamReader.
        These classes manage JS based sources: ReadableStream JS constructor instantiates ReadableJStream.
        These classes are expected to handle JS source specific handling, in particular JSValue error storage and JSValue chunk queue.
        Making ReadableStream and ReadableStreamReader abstract, to be subclassed for native sources.

        Current tests cover the changes.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::ReadableStream): Moved suspendIfNeeded inside constructor to ease subclassing.
        (WebCore::ReadableStream::create): Deleted as ReadableStream is now abstarct.
        * Modules/streams/ReadableStream.h: Made createReader virtual pure.
        * Modules/streams/ReadableStream.idl: Skipping VTable validation as subclasses of ReadableStream may be JS wrapped.
        * Modules/streams/ReadableStreamReader.cpp: Removed ReadableStreamReader::create.
        * Modules/streams/ReadableStreamReader.h: Ditto.
        * Modules/streams/ReadableStreamReader.idl: Skipping VTable validation as subclasses of ReadableStreamReader may be JS wrapped.
        * bindings/js/JSReadableStreamCustom.cpp:
        (WebCore::constructJSReadableStream): Instantiating ReadableJSStream in lieu of ReadableStream within JS constructor.
        * bindings/js/ReadableStreamJSSource.cpp:
        (WebCore::ReadableJSStream::create):
        (WebCore::ReadableJSStream::createReader): Instantiating ReadableJSStreamReader.
        (WebCore::ReadableJSStream::ReadableJSStream):
        (WebCore::ReadableJSStreamReader::create):
        (WebCore::ReadableJSStreamReader::ReadableJSStreamReader):
        * bindings/js/ReadableStreamJSSource.h: Definition of ReadableJSStream and ReadableJSStreamReader.

2015-04-02  Timothy Horton  <timothy_horton@apple.com>

        Scrollbars are left in the wrong position when resizing a fixed layout view
        https://bugs.webkit.org/show_bug.cgi?id=143360

        Reviewed by Beth Dakin.

        Test: fast/fixed-layout/fixed-layout.html

        * platform/ScrollView.cpp:
        (WebCore::ScrollView::setFrameRect):
        Update scrollbars when the ScrollView frameRect changes. We were previously
        depending on the layout that always happens after this to update scrollbars,
        but with fixed layout mode, there won't be a layout! Also, FrameView's
        setFrameRect override will sync this scrollbar update with the scrollbar
        layers (via RenderLayerCompositor::frameViewDidChangeSize) immediately afterwards.

        * testing/Internals.cpp:
        (WebCore::Internals::resetToConsistentState):
        Turn off fixed layout when resetting state.

        (WebCore::Internals::setUseFixedLayout):
        (WebCore::Internals::setFixedLayoutSize):
        * testing/Internals.h:
        * testing/Internals.idl:
        Add internals functions to set the fixed layout size and to turn on fixed layout.

2015-04-02  Brady Eidson  <beidson@apple.com>

        Unreviewed: Reapplied Change after rollout.

        Expose the "Share" menu for text selections on platforms where it's available.
        rdar://problem/20034174 and https://bugs.webkit.org/show_bug.cgi?id=143318

        * page/ContextMenuClient.h:
        (WebCore::ContextMenuClient::shareSelectedTextMenuItem):

        * page/ContextMenuContext.h:
        (WebCore::ContextMenuContext::setSelectedText):
        (WebCore::ContextMenuContext::selectedText):

        * page/ContextMenuController.cpp:
        (WebCore::ContextMenuController::populate): Add a Share menu item returned from the client.
        (WebCore::ContextMenuController::checkOrEnableIfNeeded):

        * platform/ContextMenuItem.cpp:
        (WebCore::ContextMenuItem::shareSelectedTextMenuItem):

        * platform/ContextMenuItem.h:
        (WebCore::ContextMenuItem::supportsShareMenu):

        * platform/gtk/ContextMenuItemGtk.cpp:
        (WebCore::ContextMenuItem::shareSelectedTextMenuItem):

        * platform/mac/ContextMenuItemMac.mm:
        (WebCore::ContextMenuItem::releasePlatformDescription):
        (WebCore::ContextMenuItem::getPlatformDescription):
        (WebCore::ContextMenuItem::supportsShareMenu):
        (WebCore::ContextMenuItem::shareSelectedTextMenuItem): Use NSMenu SPI to get the Share menu.

        * platform/spi/mac/NSMenuSPI.h: Forward declare instead of #include

2015-04-02  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r182293.
        https://bugs.webkit.org/show_bug.cgi?id=143355

        Broke GTK and EFL builds. (Requested by bfulgham on #webkit).

        Reverted changeset:

        "Expose the "Share" menu for text selections on platforms
        where it's available."
        https://bugs.webkit.org/show_bug.cgi?id=143318
        http://trac.webkit.org/changeset/182293

2015-04-02  Brent Fulgham  <bfulgham@apple.com>

        REGRESSION: Caption Menus show language codes instead of display names.
        https://bugs.webkit.org/show_bug.cgi?id=143350
        <rdar://problem/20094145>

        Reviewed by Jer Noble.

        The generic caption/track label handling in CaptionUserPreferences does not convert language codes
        (e.g. 'fr-CA') into display names (e.g., 'French (Canada)'). Because we did not have an AudioTrack
        override to process these types of menu items, they were being handled using the generic code.

        * page/CaptionUserPreferencesMediaAF.cpp:
        (WebCore::buildStringForTrackBase): Helper function to share code with the two flavors
        of 'trackDisplayName'.
        (WebCore::trackDisplayName): Add a version to support AudioTracks, and modify the TextTrack
        version to use the new 'buildStringForTrackBase' function.
        (WebCore::CaptionUserPreferencesMediaAF::displayNameForTrack): Add an AudioTrack override so
        our AVFoundation tracks are processed in our CaptionUserPreferencesMediaAF implementation, not the
        generic version.
        (WebCore::CaptionUserPreferencesMediaAF::sortedTrackListForMenu): Add an AudioTrack override so
        that the menu items are sorted in order of display name, not language code.
        * page/CaptionUserPreferencesMediaAF.h:

2015-04-02  Brady Eidson  <beidson@apple.com>

        Expose the "Share" menu for text selections on platforms where it's available.
        rdar://problem/20034174 and https://bugs.webkit.org/show_bug.cgi?id=143318

        Reviewed by Sam Weinig.

        * page/ContextMenuClient.h:
        (WebCore::ContextMenuClient::shareSelectedTextMenuItem):

        * page/ContextMenuContext.h:
        (WebCore::ContextMenuContext::setSelectedText):
        (WebCore::ContextMenuContext::selectedText):

        * page/ContextMenuController.cpp:
        (WebCore::ContextMenuController::populate): Add a Share menu item returned from the client.
        (WebCore::ContextMenuController::checkOrEnableIfNeeded):

        * platform/ContextMenuItem.cpp:
        (WebCore::ContextMenuItem::shareSelectedTextMenuItem):

        * platform/ContextMenuItem.h:
        (WebCore::ContextMenuItem::supportsShareMenu):

        * platform/gtk/ContextMenuItemGtk.cpp:
        (WebCore::ContextMenuItem::shareSelectedTextMenuItem):

        * platform/mac/ContextMenuItemMac.mm:
        (WebCore::ContextMenuItem::releasePlatformDescription):
        (WebCore::ContextMenuItem::getPlatformDescription):
        (WebCore::ContextMenuItem::supportsShareMenu):
        (WebCore::ContextMenuItem::shareSelectedTextMenuItem): Use NSMenu SPI to get the Share menu.

        * platform/spi/mac/NSMenuSPI.h: Forward declare instead of #include

2015-04-02  Jer Noble  <jer.noble@apple.com>

        [Mac] Only pass in the AVURLAssetClientBundleIdentifierKey on iOS.
        https://bugs.webkit.org/show_bug.cgi?id=143347

        Reviewed by Brent Fulgham.

        Only pass in the main app bundle id into AVURLAsset via the AVURLAssetClientBundleIdentifierKey option
        on iOS. On OS X, setting this key can cause media playback to fail.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):

2015-04-02  Roger Fong  <roger_fong@apple.com>

        Show audio media controls on OSX.
        https://bugs.webkit.org/show_bug.cgi?id=143346.
        <rdar://problem/20306240>

        Reviewed by Dean Jackson.

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-panel:hover):
        Revert part of r180893.

2015-04-02  Myles C. Maxfield  <mmaxfield@apple.com>

        Disallow ruby base from having leading or trailing expansions
        https://bugs.webkit.org/show_bug.cgi?id=142608

        Reviewed by David Hyatt.

        If we determine that a ruby base should have either a leading or trailing expansion,
        we shunt that expansion over to the neighboring RenderText, assuming one exists. This
        requires that we teach RenderText how to force leading or trailing expansions if one
        wouldn't naturally be present.

        Tests: fast/ruby/ruby-expansion-cjk-2.html
               fast/ruby/ruby-expansion-cjk-3.html
               fast/ruby/ruby-expansion-cjk-4.html
               fast/ruby/ruby-expansion-cjk-5.html
               fast/ruby/ruby-expansion-cjk.html

        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::removeChild): Delete contentIsKnownToFollow.
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::expansionBehavior): Support forced leading and trailing
        expansions.
        * rendering/InlineTextBox.h:
        (WebCore::InlineTextBox::expansionBehavior): Moved to .cpp
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlockFlow::updateRubyForJustifiedText): Perform relayout even if
        there are no expansions left. This is so that ruby bases with no expansions will get
        centered.
        (WebCore::expansionBehaviorForInlineTextBox): Update to inspect neighboring rubies.
        (WebCore::RenderBlockFlow::computeInlineDirectionPositionsForSegment): Use updated
        expansionBehaviorForInlineTextBox(). Also center ruby bases if they have no expansion
        opportunities.
        (WebCore::RenderBlockFlow::createLineBoxesFromBidiRuns): Use nullptr.
        (WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange): Ditto.
        * rendering/RenderText.cpp:
        (WebCore::RenderText::RenderText): Delete contentIsKnownToFollow.
        * rendering/RenderText.h:
        (WebCore::RenderText::contentIsKnownToFollow): Deleted.
        (WebCore::RenderText::setContentIsKnownToFollow): Deleted.

2015-04-02  Alexey Proskuryakov  <ap@apple.com>

        Clean up access checks in JSHistoryCustom.cpp
        https://bugs.webkit.org/show_bug.cgi?id=143227

        Reviewed by Sam Weinig.

        * bindings/js/JSHistoryCustom.cpp:
        (WebCore::JSHistory::putDelegate):
        (WebCore::JSHistory::deleteProperty):
        (WebCore::JSHistory::deletePropertyByIndex):
        (WebCore::JSHistory::getOwnPropertyNames):
        (WebCore::JSHistory::pushState):
        (WebCore::JSHistory::replaceState):

2015-04-02  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Only add unique universal action locations.
        https://bugs.webkit.org/show_bug.cgi?id=143325

        Reviewed by Benjamin Poulain.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        Use a HashSet instead of a Vector for the universal action locations to remove duplicates.

2015-04-01  Roger Fong  <roger_fong@apple.com>

        Fix slider colors for media controls on OSX.
        https://bugs.webkit.org/show_bug.cgi?id=143328.
        <rdar://problem/20357858>

        Reviewed by Darin Adler.

        Fill in bottom portion of volume slider.
        Adjust colors to make slider controls look better. Will likely be tweaked later.
        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.drawTimelineBackground):
        (Controller.prototype.drawVolumeBackground):

2015-04-02  Yusuke Suzuki  <utatane.tea@gmail.com>

        Clean up EnumerationMode to easily extend
        https://bugs.webkit.org/show_bug.cgi?id=143276

        Reviewed by Geoffrey Garen.

        Use default EnumerationMode().

        * bindings/js/Dictionary.cpp:
        (WebCore::Dictionary::getOwnPropertiesAsStringHashMap):
        (WebCore::Dictionary::getOwnPropertyNames):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::serialize):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        * bindings/scripts/test/JS/JSFloat64Array.h:
        * bindings/scripts/test/JS/JSTestEventTarget.h:
        * bridge/NP_jsobject.cpp:
        (_NPN_Enumerate):
        * bridge/runtime_array.cpp:
        (JSC::RuntimeArray::getOwnPropertyNames):

2015-04-02  David Hyatt  <hyatt@apple.com>

        [New Block-Inside-Inline Model] Implement the correct paint order for blocks inside inlines.
        https://bugs.webkit.org/show_bug.cgi?id=143320

        Reviewed by Darin Adler.

        Added new tests in fast/block/inside-inlines.

        * rendering/EllipsisBox.cpp:
        (WebCore::EllipsisBox::nodeAtPoint):
        * rendering/EllipsisBox.h:
        * rendering/InlineBox.h:
        * rendering/InlineElementBox.cpp:
        (WebCore::InlineElementBox::paint):
        (WebCore::InlineElementBox::nodeAtPoint):
        * rendering/InlineElementBox.h:
        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::nodeAtPoint):
        (WebCore::InlineFlowBox::paint):
        * rendering/InlineFlowBox.h:
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::nodeAtPoint):
        * rendering/InlineTextBox.h:
        The HitTestAction has to be passed to nodeAtPoint so that hit test actions can be honored. All the nodeAtPoint
        functions have been patched to include this argument. Painting and hit testing have been patched for InlineElementBox
        to honor phases/actions when the element is an anonymous inline block.

        The phase filter on RenderLineBoxList has been pushed in to InlineFlowBox::paint and InlineFlowBox::nodeAtPoint so that
        we can respect it properly when inlines are painting by themselves (e.g., because they have a layer).

        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlockFlow::createLineBoxes):
        (WebCore::RenderBlockFlow::constructLine):
        Go ahead and include all of the inline flow boxes between the root and the anonymous inline block if it turns out they
        need to be constructed. This will end up being relevant for outlines and for self-painting layers (e.g., opacity).

        * rendering/RenderLineBoxList.cpp:
        (WebCore::RenderLineBoxList::paint):
        (WebCore::RenderLineBoxList::hitTest):
        Remove the filters here, since they get pushed in to InlineFlowBox.

        * rendering/RootInlineBox.cpp:
        (WebCore::RootInlineBox::nodeAtPoint):
        * rendering/RootInlineBox.h:
        * rendering/svg/SVGInlineTextBox.cpp:
        (WebCore::SVGInlineTextBox::nodeAtPoint):
        * rendering/svg/SVGInlineTextBox.h:
        More patching to pass the HitTestAction into nodeAtPoint.

2015-04-02  Adam Bergkvist  <adam.bergkvist@ericsson.com>

        WebRTC: Add support for Promise-based MediaDevices.getUserMedia()
        https://bugs.webkit.org/show_bug.cgi?id=143255

        Reviewed by Eric Carlson.

        The MediaDevices object collects functionality related to local media
        devices. This patch adds the Promise-based version of getUserMedia()
        (unprefixed). Other functionality, like enumerateDevices(), will be
        added in later patches.

        The old callback-based webkitGetUserMedia() (on Navigator) is kept for
        legacy purposes (according to the Media Capture and Streams API spec [1]).
        Both versions of getUserMedia are backed up by UserMediaRequest where
        the callbacks from the callback-based version are wrapped inside c++
        lambda functions. The new Promise-based getUserMedia() uses the lambda
        functions directly as created by the Promise bindings.

        [1] http://w3c.github.io/mediacapture-main/archives/20150324/getusermedia.html#navigatorusermedia-interface-extensions

        Test: fast/mediastream/MediaDevices-getUserMedia.html

        * CMakeLists.txt:
        * DerivedSources.make:
        * Modules/mediastream/MediaDevices.cpp: Added.
        (WebCore::MediaDevices::create):
        (WebCore::MediaDevices::MediaDevices):
        (WebCore::MediaDevices::~MediaDevices):
        (WebCore::MediaDevices::document):
        (WebCore::MediaDevices::getUserMedia):
        * Modules/mediastream/MediaDevices.h: Added.
        * Modules/mediastream/MediaDevices.idl: Added.
        * Modules/mediastream/NavigatorMediaDevices.cpp: Added.
        (WebCore::NavigatorMediaDevices::NavigatorMediaDevices):
        (WebCore::NavigatorMediaDevices::~NavigatorMediaDevices):
        (WebCore::NavigatorMediaDevices::from):
        (WebCore::NavigatorMediaDevices::mediaDevices):
        (WebCore::NavigatorMediaDevices::supplementName):
        * Modules/mediastream/NavigatorMediaDevices.h: Added.
        * Modules/mediastream/NavigatorMediaDevices.idl: Added.
        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::create):
        (WebCore::UserMediaRequest::UserMediaRequest):
        (WebCore::UserMediaRequest::didCreateStream):
        (WebCore::UserMediaRequest::failedToCreateStreamWithConstraintsError):
        (WebCore::UserMediaRequest::failedToCreateStreamWithPermissionError):
        * Modules/mediastream/UserMediaRequest.h:
        * PlatformGTK.cmake:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSMediaDevicesCustom.cpp: Added.
        (WebCore::JSMediaDevices::getUserMedia):

2015-04-02  Eric Carlson  <eric.carlson@apple.com>

        [iOS] Fix AirPlay problem caused by r182240
        https://bugs.webkit.org/show_bug.cgi?id=143337

        Reviewed by Jer Noble.

        * html/HTMLMediaSession.cpp:
        (WebCore::HTMLMediaSession::wirelessVideoPlaybackDisabled): Return false if the legacy attribute
            "x-webkit-airplay" has the value "allow".
        * html/HTMLVideoElement.cpp:
        (WebCore::HTMLVideoElement::parseAttribute): Don't call webkitWirelessVideoPlaybackDisabled when
            processing "x-webkit-airplay" and "x-webkit-wirelessvideoplaybackdisabled", just consider
            the attribute/value.

2015-04-02  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r182265.
        https://bugs.webkit.org/show_bug.cgi?id=143338

        Caused an assertion on
        http/tests/contentextensions/whitelist.html (Requested by ap
        on #webkit).

        Reverted changeset:

        "[Content Extensions] Only add unique universal action
        locations."
        https://bugs.webkit.org/show_bug.cgi?id=143325
        http://trac.webkit.org/changeset/182265

2015-04-01  Antti Koivisto  <antti@apple.com>

        Use std::chrono types to represent time in response and cache classes
        https://bugs.webkit.org/show_bug.cgi?id=143316

        Reviewed by Andreas Kling.

        Use std::chrono::system_clock::time_point to represent clock times and std::chrono::microseconds to
        represent durations. Also use WTF::Optional for optional values (instead of coding them as NaNs).

        * dom/Document.cpp:
        (WebCore::Document::lastModified):
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::CachedResource):
        (WebCore::CachedResource::freshnessLifetime):
        (WebCore::CachedResource::responseReceived):
        (WebCore::CachedResource::updateResponseAfterRevalidation):
        * loader/cache/CachedResource.h:
        * platform/network/CacheValidation.cpp:
        (WebCore::computeCurrentAge):
        (WebCore::computeFreshnessLifetimeForHTTPFamily):
        (WebCore::updateRedirectChainStatus):
        (WebCore::redirectChainAllowsReuse):
        (WebCore::parseCacheControlDirectives):
        * platform/network/CacheValidation.h:
        (WebCore::RedirectChainCacheStatus::RedirectChainCacheStatus):
        * platform/network/HTTPParsers.cpp:
        (WebCore::parseHTTPDate):
        (WebCore::parseDate): Deleted.
        * platform/network/HTTPParsers.h:
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::ResourceResponseBase::ResourceResponseBase):
        (WebCore::ResourceResponseBase::cacheControlMaxAge):
        (WebCore::parseDateValueInHeader):
        (WebCore::ResourceResponseBase::date):
        (WebCore::ResourceResponseBase::age):
        (WebCore::ResourceResponseBase::expires):
        (WebCore::ResourceResponseBase::lastModified):
        * platform/network/ResourceResponseBase.h:

2015-04-02  Joonghun Park  <jh718.park@samsung.com>

        [CSS MultiColumn] Parse "columns: auto <length>" shorthand property value properly
        https://bugs.webkit.org/show_bug.cgi?id=143248

        Reviewed by Darin Adler.

        Test: fast/multicol/columns-shorthand-parsing-2.html

        The two longhands for the 'columns' property ('column-count' and
        'column-width') may both take 'auto' as a value. When we encounter
        'auto' during parsing the value list of a declaration, we cannot just
        make a guess at which property/properties that's meant for. Instead,
        don't assign anything to 'auto' right away, but wait until all values
        have been processed and at that point set the still unassigned
        properties to 'auto'. If 'auto' isn't in the value list at all, set
        unassigned properties to 'initial' for the 'columns' property, just
        like we do for any other property.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue):
        (WebCore::CSSParser::parseColumnWidth):
        (WebCore::CSSParser::parseColumnCount):
        (WebCore::CSSParser::parseColumnsShorthand):
        * css/CSSParser.h:

2015-04-01  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r182247.
        https://bugs.webkit.org/show_bug.cgi?id=143326

        unfortunately broke some tests (Requested by dino on #webkit).

        Reverted changeset:

        "Async loading of image resources"
        https://bugs.webkit.org/show_bug.cgi?id=134488
        http://trac.webkit.org/changeset/182247

2015-04-01  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Only add unique universal action locations.
        https://bugs.webkit.org/show_bug.cgi?id=143325

        Reviewed by Benjamin Poulain.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        Use a HashSet instead of a Vector for the universal action locations to remove duplicates.

2015-04-01  Roger Fong  <roger_fong@apple.com>

        Fixes to material of inline media controls on OSX.
        https://bugs.webkit.org/show_bug.cgi?id=143317
        <rdar://problem/20357847>

        Reviewed by Dean Jackson.

        There are many existing tests for the media controls appearance.
        They are currently skipped while we are still updating the controls.

        Expand backgrounds of control panel and volume box.
        Clip the darker edges away.
        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-panel):
        (audio::-webkit-media-controls-panel-background-container):
        (audio::-webkit-media-controls-panel-tint):
        (audio::-webkit-media-controls-panel-background):
        (audio::-webkit-media-controls-panel .volume-box):
        (audio::-webkit-media-controls-volume-slider-container-background):
        (audio::-webkit-media-controls-volume-slider-container-tint):
        (audio::-webkit-media-controls-panel .volume-box:active):
        (video::-webkit-media-controls-volume-slider): 
        This needs to be above the background so it can be interacted with.
        (video:-webkit-full-screen::-webkit-media-controls-panel .volume-box):
        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.createControls): Create a new div for the control material.
        We need to clip the material and not the controls themselves.
        (Controller.prototype.configureInlineControls): Use new div.
        Remove some unnecessary logic involving hiding materials here.
        It just causes the materials to turn on and off at the wrong times. 
        (Controller.prototype.handlePanelTransitionEnd):
        (Controller.prototype.setPlaying):
        (Controller.prototype.showControls):
        (Controller.prototype.hideControls):

2015-04-01  Eric Carlson  <eric.carlson@apple.com>

        Media controls should not always auto-hide
        https://bugs.webkit.org/show_bug.cgi?id=143322

        Reviewed by Dean Jackson.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller): Intialize new properties.
        (Controller.prototype.hideControls): Do nothing if controlsAlwaysVisible() returns true;
        (Controller.prototype.controlsAlwaysVisible): New.
        (Controller.prototype.controlsAreHidden): Consult controlsAlwaysVisible().
        (Controller.prototype.currentPlaybackTargetIsWireless): Use new properties.
        (Controller.prototype.updateWirelessTargetAvailable): Cache video.webkitCurrentPlaybackTargetIsWireless
            and video.webkitWirelessVideoPlaybackDisabled because we know when they change and
            use them frequently.
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.controlsAlwaysVisible): New.
        * platform/graphics/MediaPlaybackTarget.h:

2015-04-01  Alexey Proskuryakov  <ap@apple.com>

        REGRESSION (r182121): SVG animation macros cause warnings in MSVC
        https://bugs.webkit.org/show_bug.cgi?id=143313

        Reviewed by Darin Adler.

        * svg/SVGExternalResourcesRequired.h: Undo the change that caused a type mismatch.

2015-04-01  Eric Carlson  <eric.carlson@apple.com>

        Another attempt to fixi the iOS build after r182240.

        Reviewed by Dean Jackson.

        * platform/graphics/MediaPlaybackTarget.h:
        (WebCore::MediaPlaybackTarget::hasActiveRoute):

2015-04-01  Eric Carlson  <eric.carlson@apple.com>

        Fix the iOS build after r182240.

        * platform/graphics/MediaPlaybackTarget.h:

2015-04-01  Yoav Weiss  <yoav@yoav.ws>

        Async loading of image resources
        https://bugs.webkit.org/show_bug.cgi?id=134488

        Reviewed by Dean Jackson.

        This patch changes image loading to be asynchronous (per spec), in order
        for it to be agnostic to property setting order when it comes to src, srcset and crossorigin,
        as well as to enable future hooking of the <picture>-based selection logic on top of it.

        Tests: fast/dom/HTMLImageElement/image-load-post-onload.html
        fast/dom/HTMLImageElement/sizes/image-sizes-js-change-reverse.html

        * WebCore.xcodeproj/project.pbxproj: Change MicroTask.h to be private.
        * bindings/js/JSEventListener.cpp:
        (WebCore::JSEventListener::handleEvent): Add a microtask checkpoint after event handling.
        * bindings/js/ScheduledAction.cpp:
        (WebCore::ScheduledAction::execute): Add a microtask checkpoint after running of a scheduled action.
        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::didMoveToNewDocument): Add the old document to call of elementDidMoveToNewDocument.
        * html/HTMLImageLoader.cpp:
        (WebCore::HTMLImageLoader::notifyFinished): Avoid a crash when notifyFinished is called and there's no CachedImage.
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::didMoveToNewDocument): Add the old document to call of elementDidMoveToNewDocument.
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::didMoveToNewDocument): Add the old document to call of elementDidMoveToNewDocument.
        * html/HTMLVideoElement.cpp:
        (WebCore::HTMLVideoElement::didMoveToNewDocument): Add the old document to call of elementDidMoveToNewDocument.
        * html/parser/HTMLDocumentParser.cpp:
        (WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd): Add a microtask checkpoint.
        * loader/ImageLoader.cpp: Move image resource loading to be asynchronous.
        (WebCore::ImageLoader::ImageLoaderTask::create):
        (WebCore::ImageLoader::ImageLoaderTask::run): Run the image loading microtask and called doUpdateFromElement.
        (WebCore::ImageLoader::ImageLoaderTask::ImageLoaderTask):
        (WebCore::ImageLoader::ImageLoader):
        (WebCore::ImageLoader::doUpdateFromElement): This is split from the previous updateFromElement, and performs the actual resource loading.
        (WebCore::ImageLoader::updateFromElement): Now only prepares the stage for the actual image resource loading.
        (WebCore::ImageLoader::shouldLoadImmediately): If this returns true, the image resource is loaded immediately, without queueing a microtask.
        (WebCore::ImageLoader::notifyFinished): Add asserts.
        (WebCore::ImageLoader::elementDidMoveToNewDocument): Handle document load event counters decrementing and incrementing.
        * loader/ImageLoader.h:
        (WebCore::ImageLoader::imageComplete): Make sure that the image is complete only if there aren't any pending tasks.
        (WebCore::ImageLoader::hasPendingActivity): Make sure that pending activity takes pending tasks into account.
        (WebCore::ImageLoader::hasPendingTask): Getter to know if an ImageLoader has a pending task. (Used by the image loading microtask)
        (WebCore::ImageLoader::createWeakPtr): Create a weakPtr to be used by the microtask, so it can called back the loader if it's still alive.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::canRequest): Add a 'shouldBypassMainWorldContentSecurityPolicy' flag and act upon it.
        (WebCore::CachedResourceLoader::requestImage): Add a 'shouldBypassMainWorldContentSecurityPolicy' flag.
        (WebCore::CachedResourceLoader::requestResource): Add a 'shouldBypassMainWorldContentSecurityPolicy' flag.
        * loader/cache/CachedResourceLoader.h:
        (WebCore::CachedResourceLoader::canRequest): Add a 'shouldBypassMainWorldContentSecurityPolicy' flag and act upon it.
        (WebCore::CachedResourceLoader::requestImage): Add a 'shouldBypassMainWorldContentSecurityPolicy' flag.
        (WebCore::CachedResourceLoader::requestResource): Add a 'shouldBypassMainWorldContentSecurityPolicy' flag.
        * svg/SVGImageElement.cpp:
        (WebCore::SVGImageElement::didMoveToNewDocument): Add the old document to call of elementDidMoveToNewDocument.
        * xml/parser/XMLDocumentParser.cpp:
        (WebCore::XMLDocumentParser::end): Add a microtask checkpoint after XML finishes parsing.

2015-04-01  Alex Christensen  <achristensen@webkit.org>

        Unreviewed build fix when using content extensions performance reporting.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        Time how long it takes to build the DFAs.

2015-04-01  Alex Christensen  <achristensen@webkit.org>

        Progress towards CMake on Windows and Mac.
        https://bugs.webkit.org/show_bug.cgi?id=143293

        Reviewed by Filip Pizlo.

        * PlatformMac.cmake:
        Tell open source builders where to find unicode headers.
        * PlatformWin.cmake:
        Include PlatformWinCairo.cmake.
        * PlatformWinCairo.cmake:
        Added from bug 115944 by Patrick Gansterer.
        * bindings/js/JSDOMStringListCustom.cpp:
        * bindings/js/JSDOMWrapper.cpp:
        * bindings/js/JSMessageChannelCustom.cpp:
        * bindings/js/JSPopStateEventCustom.cpp:
        * bindings/js/JSReadableStreamCustom.cpp:
        * bindings/js/ReadableStreamJSSource.cpp:
        * bindings/js/ScriptController.cpp:
        * css/CSSComputedStyleDeclaration.cpp:
        * dom/Attr.cpp:
        * dom/CollectionIndexCache.cpp:
        * platform/graphics/ANGLEWebKitBridge.h:
        Fixed include quirks.

2015-03-31  Simon Fraser  <simon.fraser@apple.com>

        Remove scrolling tree dependency on wheel event handler counts, and use fast scrolling even when there are wheel handlers
        https://bugs.webkit.org/show_bug.cgi?id=143288
        rdar://problem/16049624

        Reviewed by Beth Dakin.

        Remove the wheel event counting that Document does, and passes into the scrolling tree.
        The ScrollingTree now just uses the non-fast scrollable region to determine when to
        fast scroll on pages with wheel event handlers.
        
        If a handler includes position:fixed renderers, we just cover the whole document
        with the slow-scrolling region currently. This could be improved.
        
        * dom/Document.cpp:
        (WebCore::Document::Document):
        (WebCore::Document::didBecomeCurrentDocumentInFrame):
        (WebCore::Document::wheelEventHandlersChanged):
        (WebCore::Document::didAddWheelEventHandler):
        (WebCore::Document::didRemoveWheelEventHandler):
        (WebCore::Document::wheelEventHandlerCount):
        (WebCore::Document::touchEventHandlerCount):
        (WebCore::Document::absoluteRegionForEventTargets): Changed to return a pair<Region, bool>
        where the bool indicates whether any handler includes position:fixed content.
        (WebCore::pageWheelEventHandlerCountChanged): Deleted.
        (WebCore::wheelEventHandlerCountChanged): Deleted.
        * dom/Document.h:
        (WebCore::Document::wheelEventHandlerCount): Deleted.
        * loader/EmptyClients.h:
        * page/ChromeClient.h:
        * page/DebugPageOverlays.cpp:
        (WebCore::MouseWheelRegionOverlay::updateRegion):
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::frameViewNonFastScrollableRegionChanged):
        (WebCore::AsyncScrollingCoordinator::recomputeWheelEventHandlerCountForFrameView): Deleted.
        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::computeNonFastScrollableRegion):
        (WebCore::ScrollingCoordinator::frameViewRootLayerDidChange):
        (WebCore::ScrollingCoordinator::computeCurrentWheelEventHandlerCount): Deleted.
        (WebCore::ScrollingCoordinator::frameViewWheelEventHandlerCountChanged): Deleted.
        * page/scrolling/ScrollingCoordinator.h:
        (WebCore::ScrollingCoordinator::recomputeWheelEventHandlerCountForFrameView): Deleted.
        * page/scrolling/ScrollingStateFrameScrollingNode.cpp:
        (WebCore::ScrollingStateFrameScrollingNode::ScrollingStateFrameScrollingNode):
        (WebCore::ScrollingStateFrameScrollingNode::setWheelEventHandlerCount): Deleted.
        * page/scrolling/ScrollingStateFrameScrollingNode.h:
        * page/scrolling/ScrollingTree.cpp:
        (WebCore::ScrollingTree::ScrollingTree):
        (WebCore::ScrollingTree::shouldHandleWheelEventSynchronously):
        (WebCore::ScrollingTree::commitNewTreeState):
        * page/scrolling/ScrollingTree.h:
        * page/scrolling/mac/ScrollingCoordinatorMac.mm:
        (WebCore::ScrollingCoordinatorMac::updateTiledScrollingIndicator):
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):
        (WebCore::logWheelEventHandlerCountChanged): Deleted.
        * testing/Internals.cpp:
        (WebCore::Internals::touchEventHandlerCount):

2015-04-01  David Hyatt  <hyatt@apple.com>

        [New Block-Inside-Inline Model] Floats need to be allowed to intrude into anonymous inline-blocks.
        https://bugs.webkit.org/show_bug.cgi?id=143307

        Reviewed by Dean Jackson.

        Added fast/block/inside-inlines/basic-float-intrusion.html

        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::placeBoxesInBlockDirection):
        Make sure to exclude the margins of an anonymous inline-block when considering the height of the line.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::lineHeight):
        (WebCore::RenderBlock::baselinePosition):
        Anonymous inline-block lines ignore line-height and just return the height of the block. For baseline position, the baseline
        is considered to be at the bottom border edge of the anonymous inline-block.

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::rebuildFloatingObjectSetFromIntrudingFloats):
        (WebCore::RenderBlockFlow::addIntrudingFloats):
        * rendering/RenderBlockFlow.h:
        Patch float intrusion to handle the case of anonymous inline-blocks. Instead of collecting the floats from our parent(), we
        collect them from the containingBlock() in the anonymous inline-block case. Patch addIntrudingFloats to pass in the container
        that acts as the "parent", since it is not the parent() in the anonymous inline-block case.

        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::updateLogicalInlinePositions):
        Make sure to use the full available width for content always in the anonymous inline-block case, since we don't avoid the
        floats, but instead let them intrude into the inline-block.

        (WebCore::RenderBlockFlow::computeInlineDirectionPositionsForLine):
        Patch callers of updateLogicalInlinePositions to pass in the root line box that we're checking for.

        (WebCore::RenderBlockFlow::layoutLineBoxes):
        Defer the layout of anonymous inline-blocks, since they need to only lay out once the vertical position to lay them out
        at is known.

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::createsNewFormattingContext):
        (WebCore::RenderBox::avoidsFloats):
        Anonymous inline-blocks do not establish a new block formatting context, nor do they avoid floats.

        * rendering/line/BreakingContext.h:
        (WebCore::BreakingContext::handleReplaced):
        Add code to do a just-in-time layout of the anonymous inline-block at the time it is being examined (after the break before
        it was handled).

2015-04-01  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Do not include route button if element does not support target playback
        https://bugs.webkit.org/show_bug.cgi?id=143251

        Reviewed by Jer Noble.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.currentPlaybackTargetIsWireless): Return false if target playback is disabled.
        (Controller.prototype.updateWirelessTargetAvailable): Do not show the picker if target 
            playback is disabled.
        (Controller.prototype.handleWirelessPlaybackChange): Call updateWirelessTargetAvailable.

        * dom/Document.cpp:
        (WebCore::Document::showPlaybackTargetPicker): Update for Page::showPlaybackTargetPicker change.
        (WebCore::Document::didChoosePlaybackTarget): Notify clients in vector-order, lower level code
            now tracks which one requested the picker.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::loadResource): Don't call applyMediaPlayerRestrictions, it is done
            in mediaPlayerEngineFailedToLoad.
        (WebCore::HTMLMediaElement::setReadyState): Enqueue a target availability event if there are
            listeners readyState reaches HAVE_METADATA so controls are setup correctly.
        (WebCore::HTMLMediaElement::mediaPlayerEngineFailedToLoad): Call applyMediaPlayerRestrictions.
        (WebCore::HTMLMediaElement::clearMediaPlayer): Enqueue a target availability event in so controls
            have a chance to hide the picker.
        (WebCore::HTMLMediaElement::webkitCurrentPlaybackTargetIsSupported): New, passthrough to the
            media engine.
        (WebCore::HTMLMediaElement::canPlayToWirelessPlaybackTarget): Ditto.
        (WebCore::HTMLMediaElement::startPlayingToPlaybackTarget): Ditto.
        (WebCore::HTMLMediaElement::stopPlayingToPlaybackTarget): Ditto.
        * html/HTMLMediaElement.h:
        * html/HTMLMediaElement.idl:

        * html/HTMLMediaSession.cpp:
        (WebCore::HTMLMediaSession::HTMLMediaSession): Initialize m_playbackTarget.
        (WebCore::HTMLMediaSession::currentPlaybackTargetIsSupported): New.
        (WebCore::HTMLMediaSession::showPlaybackTargetPicker): Pull logic from showingPlaybackTargetPickerPermitted 
            inline. Don't refuse to show a picker if the element doesn't support target playback, it is up
            to script to decide which elements can display a picker.
        (WebCore::HTMLMediaSession::wirelessVideoPlaybackDisabled): Return true if there is no player.
        (WebCore::HTMLMediaSession::didChoosePlaybackTarget): Call startPlayingToPlaybackTarget or 
            stopPlayingToPlaybackTarget because setWirelessPlaybackTarget doesn't apply the target.
        (WebCore::HTMLMediaSession::externalOutputDeviceAvailableDidChange): Add logging.
        (WebCore::HTMLMediaSession::showingPlaybackTargetPickerPermitted): Deleted.
        * html/HTMLMediaSession.h:

        * page/Page.cpp:
        (WebCore::Page::Page): Initialize m_playbackTarget.
        (WebCore::Page::showPlaybackTargetPicker): Don't set m_documentRequestingPlaybackTargetPicker.
        (WebCore::Page::didChoosePlaybackTarget): Notify Pages in vector-order, lower level code
            now tracks which one requested the picker.
        (WebCore::Page::configurePlaybackTargetMonitoring): Don't track m_requiresPlaybackTargetMonitoring, it
            is too easy for it to get out of sync with the UI process state.
        * page/Page.h:

        * platform/audio/MediaSession.cpp:
        (WebCore::MediaSession::canPlayToWirelessPlaybackTarget): New, client passthrough.
        (WebCore::MediaSession::startPlayingToPlaybackTarget): Ditto.
        (WebCore::MediaSession::stopPlayingToPlaybackTarget): Ditto.
        * platform/audio/MediaSession.h:
        (WebCore::MediaSessionClient::canPlayToWirelessPlaybackTarget):
        (WebCore::MediaSessionClient::startPlayingToPlaybackTarget):
        (WebCore::MediaSessionClient::stopPlayingToPlaybackTarget):

        * platform/audio/MediaSessionManager.cpp:
        (WebCore::MediaSessionManager::sessionWillBeginPlayback): Call startPlayingToPlaybackTarget &
            stopPlayingToPlaybackTarget as necessary.
        * platform/audio/MediaSessionManager.h:

        * platform/graphics/MediaPlaybackTarget.h:
        (WebCore::MediaPlaybackTarget::hasActiveRoute): New.
        * platform/graphics/MediaPlaybackTargetPickerClient.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::isCurrentPlaybackTargetSupported): New, engine passthrough.
        (WebCore::MediaPlayer::canPlayToWirelessPlaybackTarget): Ditto.
        (WebCore::MediaPlayer::startPlayingToPlaybackTarget): Ditto.
        (WebCore::MediaPlayer::stopPlayingToPlaybackTarget): Ditto.
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::isCurrentPlaybackTargetSupported):
        (WebCore::MediaPlayerPrivateInterface::wirelessVideoPlaybackDisabled):
        (WebCore::MediaPlayerPrivateInterface::canPlayToWirelessPlaybackTarget):
        (WebCore::MediaPlayerPrivateInterface::startPlayingToPlaybackTarget):
        (WebCore::MediaPlayerPrivateInterface::stopPlayingToPlaybackTarget):

        * platform/graphics/avfoundation/MediaPlaybackTargetMac.mm:
        (WebCore::MediaPlaybackTarget::hasActiveRoute): New.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::canPlayToWirelessPlaybackTarget):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::cancelLoad): Use playerKVOProperties. Drive-by
            code cleanup.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer): Use playerKVOProperties.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::wirelessPlaybackTargetName): Implement for Mac.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setWirelessVideoPlaybackDisabled): Delay callbacks
            while setting AVPlayer property.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setWirelessPlaybackTarget): Add logging. Don't set
            the AVPlayer outputContext immediately.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::startPlayingToPlaybackTarget): New.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::stopPlayingToPlaybackTarget): New.
        (WebCore::playerKVOProperties): New.
        (-[WebCoreAVFMovieObserver observeValueForKeyPath:ofObject:change:context:]): Notify when
            allowsExternalPlayback changes.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::isCurrentPlaybackTargetSupported): New.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setWirelessPlaybackTarget): Ditto.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::togglePlayingToPlaybackTarget): Ditto.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::startPlayingToPlaybackTarget): Ditto.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::stopPlayingToPlaybackTarget): Ditto.

        * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::isCurrentPlaybackTargetSupported): Ditto.
        (WebCore::MediaPlayerPrivateQTKit::setWirelessPlaybackTarget): Ditto.
        (WebCore::MediaPlayerPrivateQTKit::togglePlayingToPlaybackTarget): Ditto.
        (WebCore::MediaPlayerPrivateQTKit::startPlayingToPlaybackTarget): Ditto.
        (WebCore::MediaPlayerPrivateQTKit::stopPlayingToPlaybackTarget): Ditto.

2015-04-01  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Properly handle regexes that match everything.
        https://bugs.webkit.org/show_bug.cgi?id=143281

        Reviewed by Benjamin Poulain.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        Make sure we always have at least one NFA for rule lists with triggers that all match everything.
        * contentextensions/DFABytecodeInterpreter.cpp:
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretAppendAction):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpretTestFlagsAndAppendAction):
        Add helper functions to reduce duplicate code.
        (WebCore::ContentExtensions::DFABytecodeInterpreter::actionsFromDFARoot):
        Get all actions without flags from the DFA root.
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
        Remove branches when interpreting.
        * contentextensions/DFABytecodeInterpreter.h:
        Add helper functions to reduce duplicate code.

2015-04-01  Myles C. Maxfield  <mmaxfield@apple.com>

        Addressing post-review comments.
        https://bugs.webkit.org/show_bug.cgi?id=143292

        Unreviewed.

        * platform/graphics/FontCascade.cpp:
        (WebCore::FontCascade::leadingExpansionOpportunity):
        (WebCore::FontCascade::trailingExpansionOpportunity):

2015-04-01  Per Arne Vollan  <peavo@outlook.com>

        [WinCairo] Link errors, unresolved texture mapper methods.
        https://bugs.webkit.org/show_bug.cgi?id=143308

        Reviewed by Alex Christensen.

        New texture mapper files should be included in the project.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:

2015-04-01  Myles C. Maxfield  <mmaxfield@apple.com>

        Support forcing expansion opportunities at the beginning and ending of a run
        https://bugs.webkit.org/show_bug.cgi?id=143292

        Reviewed by David Hyatt.

        Migrate ExpansionBehavior to an enum comprised of two values: one for leading behavior
        and one for trailing behavior. Each of these two values can take on a value of
        "force," "forbid," and neither. All calls that interact with justification are
        migrated to use this new structure.

        Note that in this terminology, "leading" and "trailing" are with respect to the order
        that elements get laid out in a line. Therefore, leading is always on the left, since
        lines get laid out that way regardless of their bidi attributes.

        This is getting ready for https://bugs.webkit.org/show_bug.cgi?id=142608

        No new tests because there is no behavior change.

        * platform/graphics/FontCascade.cpp:
        (WebCore::FontCascade::expansionOpportunityCountInternal): Migrate to these new
        values.
        (WebCore::FontCascade::expansionOpportunityCount): Ditto.
        (WebCore::FontCascade::leadingExpansionOpportunity): Returns whether one is present
        or not.
        (WebCore::FontCascade::trailingExpansionOpportunity): Ditto.
        * platform/graphics/FontCascade.h:
        * platform/graphics/GlyphBuffer.h: New leading expansion field.
        (WebCore::GlyphBuffer::setLeadingExpansion):
        (WebCore::GlyphBuffer::leadingExpansion):
        * platform/graphics/TextRun.h: m_expansionBehavior needs more bits.
        (WebCore::TextRun::expansionBehavior):
        (WebCore::TextRun::allowsLeadingExpansion): Deleted.
        (WebCore::TextRun::allowsTrailingExpansion): Deleted.
        * platform/graphics/WidthIterator.cpp: Update to support new type.
        (WebCore::WidthIterator::WidthIterator):
        (WebCore::expansionLocation): Where should we insert expansions?
        (WebCore::WidthIterator::advanceInternal): Use expansionLocation()
        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::FontCascade::adjustSelectionRectForComplexText):
        (WebCore::FontCascade::getGlyphsAndAdvancesForComplexText):
        * platform/graphics/mac/ComplexTextController.cpp: Same as WidthIterator
        (WebCore::ComplexTextController::ComplexTextController):
        (WebCore::ComplexTextController::advance):
        (WebCore::expansionLocation):
        (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
        * platform/graphics/mac/ComplexTextController.h:
        (WebCore::ComplexTextController::leadingExpansion):
        * platform/text/TextFlags.h: Add new enum values
        * rendering/InlineBox.h: Update to include new values.
        (WebCore::InlineBox::InlineBoxBitfields::InlineBoxBitfields):
        (WebCore::InlineBox::canHaveTrailingExpansion):
        (WebCore::InlineBox::setCanHaveTrailingExpansion):
        (WebCore::InlineBox::setForceTrailingExpansion):
        (WebCore::InlineBox::forceTrailingExpansion):
        (WebCore::InlineBox::setForceLeadingExpansion):
        (WebCore::InlineBox::forceLeadingExpansion):
        * rendering/InlineTextBox.h:
        * rendering/RenderBlockLineLayout.cpp: Update to use new FontCascade signatures.
        (WebCore::expansionBehaviorForInlineTextBox):
        (WebCore::applyExpansionBehavior):
        (WebCore::RenderBlockFlow::computeInlineDirectionPositionsForSegment):

2015-04-01  Zalan Bujtas  <zalan@apple.com>

        Lots of time spent querying table cell borders, when there are none.
        https://bugs.webkit.org/show_bug.cgi?id=143277

        Reviewed by Simon Fraser.

        This patch speeds up collapsed border queries by using existing collapsed border
        cache to calculate repaint rects and by introducing a fast path for zero width collapsed borders.

        It reduces the number of calls to recompute collapsed borders from 36 000 to 1 600, while loading a page with a table of 400 rows (1 cell per row).
        When scrolling the same page all the way down to the bottom, the number of calls to recompute collapsed borders falls from 290 000 to 0.

        Covered by existing tests.

        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::styleDidChange): This moves invalidation time from RenderTable::layout() to styleDidChange(). 
        (WebCore::RenderTable::invalidateCollapsedBorders):
        (WebCore::RenderTable::recalcCollapsedBorders):
        * rendering/RenderTable.h:
        (WebCore::RenderTable::collapsedBordersAreValid):
        (WebCore::RenderTable::invalidateCollapsedBorders): Deleted.
        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::RenderTableCell):
        (WebCore::RenderTableCell::willBeRemovedFromTree): Invalidate caches so that when repaint rect is calculated, we don't end up using stale values.
        (WebCore::RenderTableCell::styleDidChange): Same as willBeRemovedFromTree.
        (WebCore::RenderTableCell::collapsedStartBorder): Check if collapsed border is zero -also query cache. 
        (WebCore::RenderTableCell::collapsedEndBorder):
        (WebCore::RenderTableCell::collapsedBeforeBorder):
        (WebCore::RenderTableCell::collapsedAfterBorder):
        (WebCore::RenderTableCell::cachedCollapsedLeftBorder):
        (WebCore::RenderTableCell::cachedCollapsedRightBorder):
        (WebCore::RenderTableCell::cachedCollapsedTopBorder):
        (WebCore::RenderTableCell::cachedCollapsedBottomBorder):
        (WebCore::RenderTableCell::paintCollapsedBorders):
        (WebCore::RenderTableCell::cellAtLeft): Deleted.
        (WebCore::RenderTableCell::cellAtRight): Deleted.
        (WebCore::RenderTableCell::cellAtTop): Deleted.
        (WebCore::RenderTableCell::cellAtBottom): Deleted.
        * rendering/RenderTableCell.h:
        (WebCore::RenderTableCell::invalidateHasEmptyCollapsedBorders):
        * rendering/RenderTableCol.cpp:
        (WebCore::RenderTableCol::styleDidChange):
        * rendering/RenderTableRow.cpp:
        (WebCore::RenderTableRow::styleDidChange):
        (WebCore::RenderTableRow::addChild):
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::styleDidChange):
        (WebCore::RenderTableSection::clearCachedCollapsedBorders): This is just an extra safety to invalidate collapsed border cache. This is always
        called together with RenderTable::invalidateCollapsedBorders() -and that should prevent the RenderCells to use the cache.  
        (WebCore::RenderTableSection::removeCachedCollapsedBorders):
        (WebCore::RenderTableSection::setCachedCollapsedBorder):
        (WebCore::RenderTableSection::cachedCollapsedBorder):
        * rendering/RenderTableSection.h:

2015-04-01  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        [CMake][GTK] Use the right variable to include the Wayland headers.
        https://bugs.webkit.org/show_bug.cgi?id=143304

        Reviewed by Carlos Garcia Campos.

        No new tests, no behavior changes.

        * PlatformGTK.cmake: Use the right variable WAYLAND_INCLUDE_DIRS.

2015-03-30  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] Move synchronous message handler to MediaPlayerPrivateGStreamerBase
        https://bugs.webkit.org/show_bug.cgi?id=143218

        Reviewed by Carlos Garcia Campos.

        Moved the pipeline pointer to the base class, sub-classes should
        now invoke setPipeline() when loading a resource. The base class
        now takes care of configuring the GL shared context, this is more
        logical because video rendering is also managed by this class.

        No new tests, this is only a code refactoring.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer):
        (WebCore::MediaPlayerPrivateGStreamer::load):
        (WebCore::MediaPlayerPrivateGStreamer::playbackPosition):
        (WebCore::MediaPlayerPrivateGStreamer::changePipelineState):
        (WebCore::MediaPlayerPrivateGStreamer::pause):
        (WebCore::MediaPlayerPrivateGStreamer::duration):
        (WebCore::MediaPlayerPrivateGStreamer::currentTime):
        (WebCore::MediaPlayerPrivateGStreamer::seek):
        (WebCore::MediaPlayerPrivateGStreamer::doSeek):
        (WebCore::MediaPlayerPrivateGStreamer::updatePlaybackRate):
        (WebCore::MediaPlayerPrivateGStreamer::paused):
        (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfVideo):
        (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfAudio):
        (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfText):
        (WebCore::MediaPlayerPrivateGStreamer::setRate):
        (WebCore::MediaPlayerPrivateGStreamer::buffered):
        (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
        (WebCore::MediaPlayerPrivateGStreamer::fillTimerFired):
        (WebCore::MediaPlayerPrivateGStreamer::didLoadingProgress):
        (WebCore::MediaPlayerPrivateGStreamer::sourceChanged):
        (WebCore::MediaPlayerPrivateGStreamer::cancelLoad):
        (WebCore::MediaPlayerPrivateGStreamer::asyncStateChangeDone):
        (WebCore::MediaPlayerPrivateGStreamer::updateStates):
        (WebCore::MediaPlayerPrivateGStreamer::loadNextLocation):
        (WebCore::MediaPlayerPrivateGStreamer::cacheDuration):
        (WebCore::MediaPlayerPrivateGStreamer::setDownloadBuffering):
        (WebCore::MediaPlayerPrivateGStreamer::audioSink):
        (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
        (WebCore::MediaPlayerPrivateGStreamer::simulateAudioInterruption):
        (WebCore::mediaPlayerPrivateSyncMessageCallback): Deleted.
        (WebCore::MediaPlayerPrivateGStreamer::handleSyncMessage): Deleted.
        (WebCore::MediaPlayerPrivateGStreamer::ensureGstGLContext): Deleted.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::mediaPlayerPrivateNeedContextMessageCallback):
        (WebCore::MediaPlayerPrivateGStreamerBase::~MediaPlayerPrivateGStreamerBase):
        (WebCore::MediaPlayerPrivateGStreamerBase::setPipeline):
        (WebCore::MediaPlayerPrivateGStreamerBase::handleNeedContextMessage):
        (WebCore::MediaPlayerPrivateGStreamerBase::ensureGstGLContext):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:

2015-03-24  Philippe Normand  <philn@igalia.com>

        [GStreamer] GstGL support in the video sink
        https://bugs.webkit.org/show_bug.cgi?id=138562

        Use GStreamer's glimagesink for video rendering instead of our
        custom video sink if a recent-enough version of GstGL is found
        during the build. When glimagesink is used it passes a texture to
        the media player which then wraps it inside a TextureMapper
        texture later used for actual rendering.

        Using this new code path will allow us to remove our custom sink
        entirely in the long term.

        Reviewed by Carlos Garcia Campos.

        No new test, existing media tests cover video rendering already.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::mediaPlayerPrivateDrawCallback): client-draw signal callback.
        (WebCore::MediaPlayerPrivateGStreamerBase::MediaPlayerPrivateGStreamerBase):
        (WebCore::MediaPlayerPrivateGStreamerBase::~MediaPlayerPrivateGStreamerBase):
        (WebCore::MediaPlayerPrivateGStreamerBase::naturalSize): Better
        check for sample validity.
        (WebCore::MediaPlayerPrivateGStreamerBase::updateTexture): Ditto.
        (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint): Trigger a
        repaint and wait its completion.
        (WebCore::MediaPlayerPrivateGStreamerBase::paintToTextureMapper):
        Extract texture ID and video dimensions from the sample and do actual paint.
        (WebCore::MediaPlayerPrivateGStreamerBase::createVideoSink): Use
        glimagesink if GstGL is available.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:

2015-04-01  Joonghun Park  <jh718.park@samsung.com>

        nullptr cleanup in StyleResolver
        https://bugs.webkit.org/show_bug.cgi?id=143260

        Reviewed by Ryosuke Niwa.

        No new tests, no behavior changes

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::State::initForStyleResolve):
        (WebCore::StyleResolver::locateCousinList):
        (WebCore::StyleResolver::locateSharedStyle):
        (WebCore::StyleResolver::keyframeStylesForAnimation):
        (WebCore::StyleResolver::pseudoStyleForElement):
        (WebCore::StyleResolver::pseudoStyleRulesForElement):
        (WebCore::StyleResolver::findFromMatchedPropertiesCache):
        (WebCore::StyleResolver::applyMatchedProperties):
        (WebCore::StyleResolver::applyPropertyToStyle):
        (WebCore::StyleResolver::MatchedProperties::MatchedProperties):
        * css/StyleResolver.h:
        (WebCore::PseudoStyleRequest::PseudoStyleRequest):
        (WebCore::StyleResolverParentPusher::StyleResolverParentPusher):

2015-03-31  Simon Fraser  <simon.fraser@apple.com>

        Make it possible to compute a region for elements on the page that have wheel event handlers
        https://bugs.webkit.org/show_bug.cgi?id=142807

        Reviewed by David Hyatt.
        
        Make it possible to compute a region that covers the elements on the page that have
        a wheel event handler. This region may overestimate, but must not underestimate the area.
        
        Elements with wheel handlers are registered on the document, and when a document gains
        its first wheel handler, it registers the ownerElement in the parent document. Thus, on 
        the main frame, the region encompasses elements with handlers, and iframes whose subdocuments
        have handlers.
        
        Element gains some functions that allow it to return a rect which is the bounds of the element's
        renderer, and renders for its descendant elements, which is the size or larger than the event
        handling region for that element. Some configurations (e.g. position:fixed) require special
        treatment.
        
        Document::absoluteRegionForEventTargets() can then iterate over all elements in the given set,
        and build a Region for those (short-circuiting if the document itself has a handler).
        
        The new code is exercised for the debug MouseWheelRegionOverlay, and also added to the
        non-fast scrollable region, used by threaded scrolling.

        Tests: platform/mac-wk2/tiled-drawing/scrolling/non-fast-region/handlers-in-iframes.html
               platform/mac-wk2/tiled-drawing/scrolling/non-fast-region/wheel-handler-fixed-child.html
               platform/mac-wk2/tiled-drawing/scrolling/non-fast-region/wheel-handler-in-columns.html
               platform/mac-wk2/tiled-drawing/scrolling/non-fast-region/wheel-handler-in-region.html
               platform/mac-wk2/tiled-drawing/scrolling/non-fast-region/wheel-handler-inside-fixed.html
               platform/mac-wk2/tiled-drawing/scrolling/non-fast-region/wheel-handler-on-document.html
               platform/mac-wk2/tiled-drawing/scrolling/non-fast-region/wheel-handler-on-fixed.html
               platform/mac-wk2/tiled-drawing/scrolling/non-fast-region/wheel-handler-region-basic.html

        * dom/ContainerNode.h:
        (WebCore::ContainerNode::absoluteEventHandlerBounds): Base class implementation; returns empty rect.
        * dom/Document.cpp:
        (WebCore::Document::prepareForDestruction): Unregister from the parent document.
        (WebCore::Document::didAddWheelEventHandler): Add to the wheel handler set. Tell the parent
        document if we are adding wheel handlers for the first time. Eventually the wheelEventHandlerCountChanged()
        code will be removed, now we have the set. Tell debug overlays that we changed.
        (WebCore::Document::didRemoveWheelEventHandler): Remove from the set, and unregister with the parent
        document if necessary. Tell debug overlays that we changed.
        (WebCore::Document::didAddTouchEventHandler): Minor cleanup.
        (WebCore::Document::didRemoveTouchEventHandler): Ditto.
        (WebCore::Document::didRemoveEventTargetNode): Remove from wheel targets.
        (WebCore::Document::absoluteEventHandlerBounds): Implementation of the ContainerNode
        function, just return the document bounds.
        (WebCore::Document::absoluteRegionForEventTargets): Iterate over the given event targets,
        and call absoluteEventHandlerBounds() on each.
        * dom/Document.h:
        (WebCore::Document::wheelEventTargets):
        * dom/Element.cpp:
        (WebCore::layoutOverflowRectContainsAllDescendants): Return true if we can determine that the
        layoutOverflow bounds of the given renderer contains the renderers of all descendant elements.
        (WebCore::Element::eventBounds): Get the "event handling" bounds of this element (excluding
        descendants), and while doing so, compute whether any descendants are position:fixed, and whether
        these bounds are known to include descendants.
        (WebCore::Element::eventBoundsOfElementAndDescendants): Recursive function that short-circuits
        if it can determine that descendants are enclosed by the bounds.
        (WebCore::Element::absoluteEventHandlerBounds):
        * dom/Element.h:
        * page/DebugPageOverlays.cpp:
        (WebCore::MouseWheelRegionOverlay::updateRegion): Ask the document for the region of wheel
        event handlers.
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::computeNonFastScrollableRegion): Add the wheel handler region
        to the non-fast scrollable region.
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::scrollTo): Overflow scrolling needs to dirty event regions.
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::absoluteBoundingBoxRect): Need to pass the "wasFixed" flag out
        of this function.
        (WebCore::RenderObject::localToAbsolute): Ditto.
        * rendering/RenderObject.h:

2015-03-31  Alexey Proskuryakov  <ap@apple.com>

        Fix bindings tests results after <http://trac.webkit.org/changeset/182205>.

        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::setJSTestObjTestSubObjEnabledBySettingConstructor):
        (WebCore::setJSTestObjConditionalAttr4Constructor):
        (WebCore::setJSTestObjConditionalAttr5Constructor):
        (WebCore::setJSTestObjConditionalAttr6Constructor):
        (WebCore::setJSTestObjReplaceableAttribute):

2015-03-31  Benjamin Poulain  <bpoulain@apple.com>

        Content Extensions: split the state machines to minimize prefix states
        https://bugs.webkit.org/show_bug.cgi?id=143253

        Reviewed by Alex Christensen.

        With this patch, we refine how the URLs are partitioned to make
        multiple small machines instead of a big one.

        Here, considering each pattern as a language, I took the simplest
        partitioning: take the union minimizing the states
        that differentiate languages.

        The idea is the following: every time a subgraph can be skipped
        or repeated, it is an opportunity for a merged language to start
        with a distinguishable state.
        To avoid accumulating those differences, we only merge languages
        that share the exact same "variable" subgraph as a prefix.

        A side effect is that we could create as many machines as we have patterns.
        We'll have to address that in a follow-up by merging small machines
        until they reach a certain size.
        In the common cases, patterns look very much alike so that is not a problem
        at the moment.

        * WebCore.xcodeproj/project.pbxproj:
        * contentextensions/CombinedURLFilters.cpp: Added.
        I moved the prefix tree and graph construction out of URLFilterParser for clarity.

        CombinedURLFilters maintain the term prefix tree. Instead of generating on the fly
        as we build the prefix tree, we first generate the entire tree of terms, then generate
        NFAs for each branch without a variable prefix.

        (WebCore::ContentExtensions::CombinedURLFilters::CombinedURLFilters):
        (WebCore::ContentExtensions::CombinedURLFilters::~CombinedURLFilters):

        (WebCore::ContentExtensions::CombinedURLFilters::addPattern):
        Note here that we keep track of which subtree contains a any variable length term.
        Instead of anotating the edges, the destination vertex is anotated with the information
        from the edge.

        The flag "inVariableLengthPrefix" is there to simplify traversal.

        (WebCore::ContentExtensions::generateNFAForSubtree):
        (WebCore::ContentExtensions::CombinedURLFilters::createNFAs):
        Since we are traversing a tree generated by string, using the stack for recursion
        is out of the question.

        Fortunately, the entire state is very simple when going depth first: we only need
        the active vertex and edge, and traverse the edges in order.

        To do keep track of the edges, I used the HashTable iterator on the current term.
        Since no vertex is modified for generation, storing the iterators is safe.

        * contentextensions/CombinedURLFilters.h:
        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        * contentextensions/NFA.cpp:
        (WebCore::ContentExtensions::NFA::setActions):
        (WebCore::ContentExtensions::NFA::debugPrintDot):
        (WebCore::ContentExtensions::NFA::setFinal): Deleted.
        (WebCore::ContentExtensions::NFA::addRuleId): Deleted.
        * contentextensions/NFA.h:
        * contentextensions/NFAGraphBuilder.cpp: Added.
        * contentextensions/NFAGraphBuilder.h: Added.
        * contentextensions/NFANode.h:
        * contentextensions/Term.h: Added.
        Move the Term to its own file since it is now shared between the parser
        and the CombinedURLFilters.

        (WebCore::ContentExtensions::Term::CharacterSet::operator==):
        (WebCore::ContentExtensions::Term::CharacterSet::hash):
        (WebCore::ContentExtensions::Term::Group::operator==):
        (WebCore::ContentExtensions::Term::Group::hash):
        (WebCore::ContentExtensions::TermHash::hash):
        (WebCore::ContentExtensions::TermHash::equal):
        (WebCore::ContentExtensions::Term::Term):
        (WebCore::ContentExtensions::Term::~Term):
        (WebCore::ContentExtensions::Term::isValid):
        (WebCore::ContentExtensions::Term::addCharacter):
        (WebCore::ContentExtensions::Term::extendGroupSubpattern):
        (WebCore::ContentExtensions::Term::quantify):
        (WebCore::ContentExtensions::Term::Term::generateGraph):
        (WebCore::ContentExtensions::Term::isEndOfLineAssertion):
        (WebCore::ContentExtensions::Term::matchesAtLeastOneCharacter):
        (WebCore::ContentExtensions::Term::isKnownToMatchAnyString):
        (WebCore::ContentExtensions::Term::hasFixedLength):
        (WebCore::ContentExtensions::Term::operator=):
        (WebCore::ContentExtensions::Term::operator==):
        (WebCore::ContentExtensions::Term::hash):
        (WebCore::ContentExtensions::Term::isEmptyValue):
        (WebCore::ContentExtensions::Term::isDeletedValue):
        (WebCore::ContentExtensions::Term::isUniversalTransition):
        (WebCore::ContentExtensions::Term::generateSubgraphForAtom):
        (WebCore::ContentExtensions::Term::destroy):
        * contentextensions/URLFilterParser.cpp:
        (WebCore::ContentExtensions::PatternParser::PatternParser):
        (WebCore::ContentExtensions::PatternParser::finalize):
        (WebCore::ContentExtensions::PatternParser::assertionBOL):
        (WebCore::ContentExtensions::URLFilterParser::URLFilterParser):
        (WebCore::ContentExtensions::URLFilterParser::addPattern):
        (WebCore::ContentExtensions::Term::Term): Deleted.
        (WebCore::ContentExtensions::Term::~Term): Deleted.
        (WebCore::ContentExtensions::Term::isValid): Deleted.
        (WebCore::ContentExtensions::Term::addCharacter): Deleted.
        (WebCore::ContentExtensions::Term::extendGroupSubpattern): Deleted.
        (WebCore::ContentExtensions::Term::quantify): Deleted.
        (WebCore::ContentExtensions::Term::generateGraph): Deleted.
        (WebCore::ContentExtensions::Term::isEndOfLineAssertion): Deleted.
        (WebCore::ContentExtensions::Term::matchesAtLeastOneCharacter): Deleted.
        (WebCore::ContentExtensions::Term::isKnownToMatchAnyString): Deleted.
        (WebCore::ContentExtensions::Term::operator=): Deleted.
        (WebCore::ContentExtensions::Term::operator==): Deleted.
        (WebCore::ContentExtensions::Term::hash): Deleted.
        (WebCore::ContentExtensions::Term::isEmptyValue): Deleted.
        (WebCore::ContentExtensions::Term::isDeletedValue): Deleted.
        (WebCore::ContentExtensions::Term::isUniversalTransition): Deleted.
        (WebCore::ContentExtensions::Term::generateSubgraphForAtom): Deleted.
        (WebCore::ContentExtensions::Term::destroy): Deleted.
        (WebCore::ContentExtensions::Term::CharacterSet::operator==): Deleted.
        (WebCore::ContentExtensions::Term::CharacterSet::hash): Deleted.
        (WebCore::ContentExtensions::Term::Group::operator==): Deleted.
        (WebCore::ContentExtensions::Term::Group::hash): Deleted.
        (WebCore::ContentExtensions::TermHash::hash): Deleted.
        (WebCore::ContentExtensions::TermHash::equal): Deleted.
        (WebCore::ContentExtensions::GraphBuilder::GraphBuilder): Deleted.
        (WebCore::ContentExtensions::GraphBuilder::finalize): Deleted.
        (WebCore::ContentExtensions::GraphBuilder::assertionBOL): Deleted.
        * contentextensions/URLFilterParser.h:

2015-03-31  Myles C. Maxfield  <mmaxfield@apple.com>

        Move ExpansionBehaviorFlags and TextDirection to their own file
        https://bugs.webkit.org/show_bug.cgi?id=143273

        Reviewed by Simon Fraser.

        This is a mechanical change. It just moves code around.

        This is getting ready for https://bugs.webkit.org/show_bug.cgi?id=142608

        No new tests because there is no behavior change.

        * Modules/notifications/Notification.h:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSPrimitiveValueMappings.h:
        * css/CSSProperty.h:
        * dom/Position.h:
        * editing/VisiblePosition.h:
        * editing/VisibleUnits.h:
        * editing/htmlediting.h:
        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::drawTextInternal):
        * html/canvas/CanvasRenderingContext2D.h:
        * platform/LengthBox.h:
        * platform/PopupMenuStyle.h:
        * platform/graphics/FontCascade.h:
        * platform/graphics/LayoutBoxExtent.h:
        * platform/graphics/TextRun.h:
        * platform/ios/SelectionRect.h:
        * platform/text/BidiResolver.h:
        * platform/text/StringWithDirection.h:
        * platform/text/TextHelpers.h: Renamed from Source/WebCore/platform/text/TextDirection.h.
        (WebCore::isLeftToRightDirection):
        * platform/win/PopupMenuWin.cpp:
        (WebCore::PopupMenuWin::paint):
        * rendering/EllipsisBox.cpp:
        (WebCore::EllipsisBox::paint):
        (WebCore::EllipsisBox::selectionRect):
        (WebCore::EllipsisBox::paintSelection):
        * rendering/HitTestLocation.h:
        * rendering/HitTestResult.h:
        * rendering/InlineBox.h:
        * rendering/InlineTextBox.h:
        (WebCore::InlineTextBox::expansionBehavior):
        * rendering/RenderBlock.cpp:
        (WebCore::constructTextRunInternal):
        (WebCore::RenderBlock::constructTextRun):
        * rendering/RenderBlock.h:
        * rendering/RenderFileUploadControl.cpp:
        (WebCore::RenderFileUploadControl::paintObject):
        (WebCore::RenderFileUploadControl::computeIntrinsicLogicalWidths):
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::updateFromElement):
        (WebCore::RenderListBox::paintItemForeground):
        * rendering/RenderListMarker.cpp:
        (WebCore::RenderListMarker::computePreferredLogicalWidths):
        (WebCore::RenderListMarker::getRelativeMarkerRect):
        * rendering/RenderMenuList.cpp:
        (RenderMenuList::updateOptionsWidth):
        * rendering/RenderTextControl.cpp:
        (WebCore::RenderTextControl::getAverageCharWidth):
        * rendering/RenderThemeIOS.mm:
        * rendering/style/RenderStyle.h:
        * rendering/svg/SVGInlineTextBox.cpp:
        (WebCore::SVGInlineTextBox::constructTextRun):
        * rendering/svg/SVGTextMetrics.cpp:
        (WebCore::SVGTextMetrics::constructTextRun):

2015-03-31  Yusuke Suzuki  <utatane.tea@gmail.com>

        Clean up Identifier factories to clarify the meaning of StringImpl*
        https://bugs.webkit.org/show_bug.cgi?id=143146

        Reviewed by Filip Pizlo.

        Just change Identifier creations.

        1. If the code creates Identifier from StringImpl*
        which is treated as symbol or string(unique id), use Identifier::fromUid.
        2. If the code creates Identifier from string, use Identifier::fromString.

        * Modules/plugins/QuickTimePluginReplacement.mm:
        (WebCore::QuickTimePluginReplacement::ensureReplacementScriptInjected):
        (WebCore::QuickTimePluginReplacement::installReplacement):
        * bindings/js/IDBBindingUtilities.cpp:
        (WebCore::get):
        (WebCore::set):
        * bindings/js/JSCSSStyleDeclarationCustom.cpp:
        (WebCore::JSCSSStyleDeclaration::getOwnPropertyNames):
        * bindings/js/JSCallbackData.cpp:
        (WebCore::JSCallbackData::invokeCallback):
        * bindings/js/JSCommandLineAPIHostCustom.cpp:
        (WebCore::getJSListenerFunctions):
        (WebCore::JSCommandLineAPIHost::getEventListeners):
        * bindings/js/JSCryptoAlgorithmBuilder.cpp:
        (WebCore::JSCryptoAlgorithmBuilder::add):
        * bindings/js/JSCryptoAlgorithmDictionary.cpp:
        (WebCore::getProperty):
        (WebCore::getHashAlgorithm):
        * bindings/js/JSCryptoKeySerializationJWK.cpp:
        (WebCore::getJSArrayFromJSON):
        (WebCore::getStringFromJSON):
        (WebCore::getBooleanFromJSON):
        (WebCore::addToJSON):
        (WebCore::buildJSONForRSAComponents):
        (WebCore::addBoolToJSON):
        (WebCore::addUsagesToJSON):
        * bindings/js/JSCustomXPathNSResolver.cpp:
        (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI):
        * bindings/js/JSDOMStringMapCustom.cpp:
        (WebCore::JSDOMStringMap::getOwnPropertyNames):
        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::defineOwnProperty):
        (WebCore::JSDOMWindow::setLocation):
        (WebCore::DialogHandler::dialogCreated):
        (WebCore::DialogHandler::returnValue):
        * bindings/js/JSDeviceMotionEventCustom.cpp:
        (WebCore::readAccelerationArgument):
        (WebCore::readRotationRateArgument):
        (WebCore::createAccelerationObject):
        (WebCore::createRotationRateObject):
        * bindings/js/JSDictionary.cpp:
        (WebCore::JSDictionary::tryGetProperty):
        * bindings/js/JSEventListener.cpp:
        (WebCore::JSEventListener::handleEvent):
        * bindings/js/JSHTMLAllCollectionCustom.cpp:
        (WebCore::callHTMLAllCollection):
        (WebCore::JSHTMLAllCollection::item):
        (WebCore::JSHTMLAllCollection::namedItem):
        * bindings/js/JSHTMLDocumentCustom.cpp:
        (WebCore::JSHTMLDocument::all):
        (WebCore::JSHTMLDocument::setAll):
        (WebCore::JSHTMLDocument::open):
        * bindings/js/JSHTMLFormControlsCollectionCustom.cpp:
        (WebCore::JSHTMLFormControlsCollection::namedItem):
        * bindings/js/JSIDBDatabaseCustom.cpp:
        (WebCore::JSIDBDatabase::createObjectStore):
        * bindings/js/JSIDBObjectStoreCustom.cpp:
        (WebCore::JSIDBObjectStore::createIndex):
        * bindings/js/JSImageDataCustom.cpp:
        (WebCore::toJS):
        * bindings/js/JSInspectorFrontendHostCustom.cpp:
        (WebCore::populateContextMenuItems):
        * bindings/js/JSLazyEventListener.cpp:
        (WebCore::JSLazyEventListener::initializeJSFunction):
        * bindings/js/JSNodeFilterCondition.cpp:
        (WebCore::JSNodeFilterCondition::acceptNode):
        * bindings/js/JSSQLResultSetRowListCustom.cpp:
        (WebCore::JSSQLResultSetRowList::item):
        * bindings/js/JSStorageCustom.cpp:
        (WebCore::JSStorage::getOwnPropertyNames):
        * bindings/js/ReadableStreamJSSource.cpp:
        (WebCore::setInternalSlotToObject):
        (WebCore::getInternalSlotFromObject):
        * bindings/js/ScriptGlobalObject.cpp:
        (WebCore::ScriptGlobalObject::set):
        (WebCore::ScriptGlobalObject::get):
        (WebCore::ScriptGlobalObject::remove):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::CloneSerializer):
        (WebCore::CloneSerializer::write):
        (WebCore::CloneDeserializer::deserialize):
        * bindings/objc/WebScriptObject.mm:
        (-[WebScriptObject callWebScriptMethod:withArguments:]):
        (-[WebScriptObject setValue:forKey:]):
        (-[WebScriptObject valueForKey:]):
        (-[WebScriptObject removeWebScriptKey:]):
        (-[WebScriptObject hasWebScriptKey:]):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSFloat64Array.cpp:
        (WebCore::JSFloat64Array::getOwnPropertyNames):
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::JSTestEventTarget::getOwnPropertyNames):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::setJSTestObjTestSubObjEnabledBySettingConstructor):
        (WebCore::setJSTestObjConditionalAttr4Constructor):
        (WebCore::setJSTestObjConditionalAttr5Constructor):
        (WebCore::setJSTestObjConditionalAttr6Constructor):
        (WebCore::setJSTestObjReplaceableAttribute):
        * bridge/c/c_utility.cpp:
        (JSC::Bindings::identifierFromNPIdentifier):
        * bridge/objc/objc_runtime.mm:
        (JSC::Bindings::ObjcFallbackObjectImp::defaultValue):
        * bridge/testbindings.cpp:
        (main):
        * bridge/testbindings.mm:
        (main):
        * contentextensions/ContentExtensionParser.cpp:
        (WebCore::ContentExtensions::loadTrigger):
        (WebCore::ContentExtensions::loadAction):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::didAddUserAgentShadowRoot):
        * testing/js/WebCoreTestSupport.cpp:
        (WebCoreTestSupport::injectInternalsObject):

2015-03-31  Jer Noble  <jer.noble@apple.com>

        [Mac] Songza.com fails to play; QTKit path reports it is always "seeking".
        https://bugs.webkit.org/show_bug.cgi?id=143274

        Rubber-stamped by Eric Carlson.

        MediaTime::invalidTime() is always greater than any valid time. So when
        checking to see if MediaPlayerPrivateQTKit is seeking, first check if the
        m_seekTo time is valid before checking whether it's > 0.

        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::seeking):

2015-03-31  Said Abou-Hallawa  <sabouhallawa@apple.com>

        border-image with 'fill' keyword does not fill the middle area unless the border width is greater than zero.
        https://bugs.webkit.org/show_bug.cgi?id=142650.

        Reviewed by Simon Fraser.

        The decoration of a RenderBox, a RenderTable or an InlineFlowBox should be
        drawn if its RenderStyle has a non-zero width border or the border-image
        has the keyword fill.

        Tests: fast/borders/border-image-fill-inline-no-border.html
               fast/borders/border-image-fill-no-border.html

        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::paintBoxDecorations):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::paintBoxDecorations):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::hasBoxDecorationStyle):
        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::paintBoxDecorations):
        * rendering/style/BorderData.h:
        (WebCore::BorderData::hasFill):
        * rendering/style/RenderStyle.h:

2015-03-31  Alex Christensen  <achristensen@webkit.org>

        [Win] Unreviewed build fix.

        * WebCore.vcxproj/WebCore.vcxproj:
        Don't include inspector files twice in debug builds.
        InspectorAllInOne.cpp is now used on debug builds.

2015-03-31  David Hyatt  <hyatt@apple.com>

        [New Block-Inside-Inline Model] Anonymous inline-blocks should size as though they are block-level.
        https://bugs.webkit.org/show_bug.cgi?id=143271

        Reviewed by Dean Jackson.

        Added fast/block/inside-inlines/block-width-check.html.

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::sizesLogicalWidthToFitContent):
        Return false when an anonymous inline-block is encountered, since we want to treat it like a regular
        block instead.

2015-03-31  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r182186.
        https://bugs.webkit.org/show_bug.cgi?id=143270

        it crashes all the WebGL tests on the Debug bots (Requested by
        dino on #webkit).

        Reverted changeset:

        "Web Inspector: add 2D/WebGL canvas instrumentation
        infrastructure"
        https://bugs.webkit.org/show_bug.cgi?id=137278
        http://trac.webkit.org/changeset/182186

2015-03-31  Myles C. Maxfield  <mmaxfield@apple.com>

        Crash in CGContextShowGlyphsWithAdvances when passing kCGFontIndexInvalid
        https://bugs.webkit.org/show_bug.cgi?id=143114

        This is a workaround for <rdar://problem/20230073>. Please remove when it is no longer necessary.

        Reviewed by Alexey Proskuryakov.

        Covered by:
        compositing/regions/floated-region-with-transformed-child.html
        compositing/regions/floated-region-with-transformed-child-expected.html
        fast/regions/counters/extract-ordered-lists-in-regions-explicit-counters-005.html
        fast/regions/counters/extract-ordered-lists-in-regions-explicit-counters-005-expected.html
        fast/regions/overflow/overflow-content-transform-rotate.html
        fast/regions/overflow/overflow-content-transform-rotate-expected.html

        * platform/graphics/GlyphBuffer.h:
        (WebCore::GlyphBuffer::shrink): Performing shaping may remove glyphs, so we need to shrink the GlyphBuffer.
        * platform/graphics/WidthIterator.cpp:
        (WebCore::applyFontTransforms): Filter out kCGFontIndexInvalid.
        (WebCore::WidthIterator::advanceInternal): Moved code into applyFontTransforms, and trigger the
        shrink of the GlyphBuffer.

2015-03-31  Beth Dakin  <bdakin@apple.com>

        REGRESSION (r173484): Reducing content of scrollable region does not reset scroll 
        position
        https://bugs.webkit.org/show_bug.cgi?id=138525
        -and corresponding-
        rdar://problem/18166043

        Reviewed by Simon Fraser.

        The change that caused this regression was correct. That change does not allow 
        RenderLayer to update scroll position after a layout if a rubber-band is currently 
        happening. The change caused this regression because all of the member variables 
        in ScrollController that attempt to keep track of the current state of the scroll 
        gesture (m_inScrollGesture, m_momentumScrollInProgress, and 
        m_snapRubberbandTimerIsActive) all indicated that a momentum scroll gesture was 
        still in action for this div even though it very much is not when the bug happens. 
        Those variables were never properly re-set because the 
        PlatformWheelEventPhaseEnded events never got dispatched to the ScrollController, 
        which brought the investigation back to Element.

        We must still dispatch events that have zero delta so that the default event 
        handlers can handle them, but we should stopPropagation() so that these events are 
        not sent to the DOM. Websites will break if they get wheel events with no delta.
        * dom/Element.cpp:
        (WebCore::Element::dispatchWheelEvent):

2015-03-31  Alex Christensen  <achristensen@webkit.org>

        [Win] Unreviewed debug build fix after r182186.

        * WebCore.vcxproj/WebCore.vcxproj:
        Include InspectorAllInOne.cpp in debug builds.

2015-03-30  David Hyatt  <hyatt@apple.com>

        [New Block-Inside-Inline Model] Make sure line breaks occur before and after the anonymous inline-block.
        https://bugs.webkit.org/show_bug.cgi?id=143238.

        Reviewed by Dean Jackson.

        Added fast/blocks/inside-inlines/breaking-behavior.html (and new-model equivalent).

        * rendering/InlineFlowBox.h:
        (WebCore::InlineFlowBox::InlineFlowBox):
        (WebCore::InlineFlowBox::hasAnonymousInlineBlock):
        (WebCore::InlineFlowBox::setHasAnonymousInlineBlock):
        Add a bit to root line boxes (stored in the InlineFlowBox since it has free bits) that indicates whether
        or not a line is an anonymous inline-block line.

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::computeInlinePreferredLogicalWidths):
        Patch the preferred logical width computation to break both before and after an anonymous inline-block.
        Also make sure to strip trailing spaces from the line before the anonymous inline-block.

        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlockFlow::constructLine):
        Patch line construction so that no intermediate boxes are constructed between the InlineBox for the anonymous
        inline-block and the root line box.

        * rendering/RootInlineBox.cpp:
        (WebCore::RootInlineBox::ascentAndDescentForBox):
        The height of a "line" that holds an anonymous inline-block should ignore line-box-contain and also make sure
        that the margins of the replaced element are "outside" the line, since those margins will collapse.

        * rendering/line/BreakingContext.h:
        (WebCore::BreakingContext::handleReplaced):
        Patch handleReplaced to make sure breaks occur both before and after an anonymous inline-block. In the case of
        a break after the block, we setPreviousLineBrokeCleanly to true so that <br>s that follow the anonymous inline-block
        are respected.

2015-03-31  Csaba Osztrogonác  <ossy@webkit.org>

        [EFL] Add nullptr check to GraphicsContext3D::makeContextCurrent()
        https://bugs.webkit.org/show_bug.cgi?id=143214

        Reviewed by Žan Doberšek.

        * platform/graphics/efl/GraphicsContext3DEfl.cpp:
        (WebCore::GraphicsContext3D::makeContextCurrent):

2015-03-31  Matt Baker  <mattbaker@apple.com>

        Web Inspector: add 2D/WebGL canvas instrumentation infrastructure
        https://bugs.webkit.org/show_bug.cgi?id=137278

        Reviewed by Timothy Hatcher.

        Added backend agent for canvas inspection. A canvas is instrumented once its CanvasRenderingContext has been
        created. WebGLRenderingContext is instrumented to track the lifetime of shader program objects.

        To instrument off-screen rendering contexts (CSS canvases and detached canvas elements), the canvas agent must
        track all CanvasRenderingContexts as they are created, even in the absense of the frontend. As far as I know,
        there is no practical way to identify rendering contexts belonging to a frame that are not in the DOM. In the
        absence of the inspector frontend the agent does only the minimum required to track the lifetime of rendering
        contexts and their resources, to avoid creating a negative performance impact.

        Tests: inspector/canvas/canvas-add-remove-events.html
               inspector/canvas/canvas-context-attributes.html
               inspector/canvas/canvas-css-name.html

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:

        * dom/Document.cpp:
        (WebCore::Document::getCSSCanvasElement):
        Instrumentation for CSS canvases.

        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::getContext):
        Instrumentation for context creation.

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::attachShader):
        (WebCore::WebGLRenderingContextBase::createProgram):
        (WebCore::WebGLRenderingContextBase::deleteProgram):
        (WebCore::WebGLRenderingContextBase::detachShader):
        Instrumentation for programs and shaders.

        * inspector/InspectorAllInOne.cpp:

        * inspector/InspectorCanvasAgent.cpp: Added.
        (WebCore::InspectorCanvasAgent::InspectorCanvasAgent):
        (WebCore::InspectorCanvasAgent::didCreateFrontendAndBackend):
        (WebCore::InspectorCanvasAgent::willDestroyFrontendAndBackend):
        (WebCore::InspectorCanvasAgent::frameNavigated):
        (WebCore::InspectorCanvasAgent::didCreateCSSCanvas):
        (WebCore::InspectorCanvasAgent::didCreateCanvasRenderingContext):
        (WebCore::InspectorCanvasAgent::didAttachShader):
        (WebCore::InspectorCanvasAgent::didDetachShader):
        (WebCore::InspectorCanvasAgent::didCreateProgram):
        (WebCore::InspectorCanvasAgent::didDeleteProgram):
        (WebCore::InspectorCanvasAgent::getCanvases):
        (WebCore::InspectorCanvasAgent::canvasDestroyed):
        (WebCore::InspectorCanvasAgent::canvasDestroyedTimerFired):
        (WebCore::InspectorCanvasAgent::reset):
        (WebCore::InspectorCanvasAgent::getCanvasEntry):
        (WebCore::InspectorCanvasAgent::getProgramEntry):
        (WebCore::InspectorCanvasAgent::removeShaderFromShaderMap):
        (WebCore::InspectorCanvasAgent::contextTypeJson):
        (WebCore::InspectorCanvasAgent::buildObjectForCanvas):
        * inspector/InspectorCanvasAgent.h: Added.
        New backend agent.

        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::InspectorController):
        Support for new backend agent.

        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::didCommitLoadImpl):
        (WebCore::InspectorInstrumentation::didCreateCSSCanvasImpl):
        (WebCore::InspectorInstrumentation::didCreateCanvasRenderingContextImpl):
        (WebCore::InspectorInstrumentation::didAttachShaderImpl):
        (WebCore::InspectorInstrumentation::didDetachShaderImpl):
        (WebCore::InspectorInstrumentation::didCreateProgramImpl):
        (WebCore::InspectorInstrumentation::didDeleteProgramImpl):
        (WebCore::InspectorInstrumentation::instrumentingAgentsForRenderingContext):
        Plumbing for canvas instrumentation.

        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::didCreateCSSCanvas):
        (WebCore::InspectorInstrumentation::didCreateCanvasRenderingContext):
        (WebCore::InspectorInstrumentation::didAttachShader):
        (WebCore::InspectorInstrumentation::didDetachShader):
        (WebCore::InspectorInstrumentation::didCreateProgram):
        (WebCore::InspectorInstrumentation::didDeleteProgram):

        * inspector/InstrumentingAgents.cpp:
        (WebCore::InstrumentingAgents::InstrumentingAgents):
        (WebCore::InstrumentingAgents::reset):
        * inspector/InstrumentingAgents.h:
        (WebCore::InstrumentingAgents::inspectorCanvasAgent):
        (WebCore::InstrumentingAgents::setInspectorCanvasAgent):
        Support for new backend agent.

2015-03-31  Xabier Rodriguez Calvar <calvaris@igalia.com> and Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] Implement a barebone ReadableStreamReader interface
        https://bugs.webkit.org/show_bug.cgi?id=142866

        Reviewed by Benjamin Poulain.

        This patch implements a barebone ReadableStreamReader as described in https://streams.spec.whatwg.org/#reader-class.
        It implements the IDL without implementing most of the functionality behind.
        It implements ReadableStreamReader JS constructor and the link with ReadableStream.getReader:
        - Raise an error if stream is already locked
        - Set the stream reader to the newly created ReadableStreamReader instance.

        Test: streams/readablestreamreader-constructor.html

        * CMakeLists.txt: Adding ReadableStreamReader files.
        * DerivedSources.cpp: Ditto.
        * DerivedSources.make: Ditto.
        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::createReader): Used by JS binding to get access to the reader.
        * Modules/streams/ReadableStream.h: Declaration of createReader, reader and lock.
        (WebCore::ReadableStream::reader):
        (WebCore::ReadableStream::lock):
        * Modules/streams/ReadableStream.idl: Cleaning-up the IDL.
        * Modules/streams/ReadableStreamReader.cpp: Added.
        (WebCore::ReadableStreamReader::create):
        (WebCore::ReadableStreamReader::ReadableStreamReader):
        (WebCore::ReadableStreamReader::~ReadableStreamReader):
        (WebCore::ReadableStreamReader::closed):
        (WebCore::ReadableStreamReader::activeDOMObjectName):
        (WebCore::ReadableStreamReader::canSuspend):
        * Modules/streams/ReadableStreamReader.h: Added.
        (WebCore::ReadableStreamReader::stream):
        * Modules/streams/ReadableStreamReader.idl: Added.
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JSReadableStreamCustom.cpp:
        (WebCore::JSReadableStream::getReader):
        * bindings/js/JSReadableStreamReaderCustom.cpp: Added.
        (WebCore::JSReadableStreamReader::read):
        (WebCore::getOrCreatePromiseDeferredFromObject):
        (WebCore::closedPromiseSlotName):
        (WebCore::JSReadableStreamReader::closed):
        (WebCore::JSReadableStreamReader::cancel):
        (WebCore::JSReadableStreamReader::releaseLock):
        (WebCore::constructJSReadableStreamReader):

2015-03-31  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] DnD icon/widget has odd background
        https://bugs.webkit.org/show_bug.cgi?id=143217

        Reviewed by Martin Robinson.

        Remove DragIcon class since it's no longer needed with GTK+3 and
        the GTK+2 code there is unused. GTK+ knows what to do with a cairo
        surface, I guess we migrated the GTK+2 code to GTK+3 without
        realizing that using the surface was enough.

        * PlatformGTK.cmake:
        * platform/gtk/DragIcon.cpp: Removed.
        * platform/gtk/DragIcon.h: Removed.

2015-03-30  Alex Christensen  <achristensen@webkit.org>

        Unreviewed build fix after r182168.

        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
        Explicitly cast to unsigned.

2015-03-30  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Correctly handle regular expressions matching everything
        https://bugs.webkit.org/show_bug.cgi?id=143235

        Reviewed by Benjamin Poulain.

        Test: http/tests/contentextensions/whitelist.html

        * contentextensions/CompiledContentExtension.cpp:
        (WebCore::ContentExtensions::CompiledContentExtension::globalDisplayNoneSelectors):
        Global actions can have non-css actions.  Only put the selectors into the list of selectors.
        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::serializeSelector):
        (WebCore::ContentExtensions::serializeActions):
        Merge sequential css selectors with identical triggers (usually .*) into one action to reduce the number of actions.
        (WebCore::ContentExtensions::compileRuleList):
        Fail if a regular expression matches everything after ignore-previous-rules.
        * contentextensions/ContentExtensionError.cpp:
        (WebCore::ContentExtensions::contentExtensionErrorCategory):
        * contentextensions/ContentExtensionError.h:
        Add more failure cases.
        * contentextensions/ContentExtensionRule.h:
        (WebCore::ContentExtensions::Trigger::operator==):
        Allow comparing of Triggers to determine if sequential triggers are equal.
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
        Put non-css actions that match everything into the list of actions if ignore-previous-rules was not hit.
        These actions will be out of order, but order only matters when determining if ignore-previous-rules, and this case is handled correctly.
        * contentextensions/DFABytecodeInterpreter.cpp:
        (WebCore::ContentExtensions::DFABytecodeInterpreter::actionsFromDFARoot):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
        Added an assertion that all actions that match everything should be in the first DFA root.
        We should catch them all with URLFilterParser::MatchesEverything.

2015-03-30  Myles C. Maxfield  <mmaxfield@apple.com>

        Allow building on Windows without Cygwin
        https://bugs.webkit.org/show_bug.cgi?id=143219

        Reviewed by Brent Fulgham.

        * AVFoundationSupport.py: Renamed from Source/WebCore/WebCore.vcxproj/MigrateScripts.
        Move logic from DerivedSources.make to its own script
        (lookFor):
        * DerivedSources.make: Paths like /usr/bin don't exist on Windows.
        Windows uses del instead of rm -f
        Windows doesn't have printf
        * WebCore.vcxproj/WebCoreGenerated.make: Pass the CC executable to
        build-generated-files.pl
        * WebCore.vcxproj/build-generated-files.pl: Export the CC executable as an environment
        variable. Don't use /usr/bin.
        * WebCore.vcxproj/migrate-scripts.pl: Deleted the MigrateScripts makefile. We don't
        need a whole Makefile just to copy 5 files. Moved this logic into migrate-scripts.pl.
        (copyFile):
        * bindings/scripts/preprocessor.pm:
        (applyPreprocessor): Support passing preprocessing flags to the Visual Studio
        compiler.
        * dom/make_names.pl: Ditto.

2015-03-30  Alexey Proskuryakov  <ap@apple.com>

        Build fix.

        * platform/spi/mac/AVFoundationSPI.h:

2015-03-30  Sam Weinig  <sam@webkit.org>

        [Content Extensions] Flesh out the UserContentExtensionStore
        https://bugs.webkit.org/show_bug.cgi?id=143123

        Reviewed by Benjamin Poulain.

        - Adds a variant of getFileSize() that takes a PlatformFileHandle.
        - Adds a new file system function, rename() which operates as the POSIX
          rename function does.

        * platform/FileSystem.h:
        Add new functions.

        * platform/posix/FileSystemPOSIX.cpp:
        (WebCore::renameFile):
        (WebCore::getFileSize):
        Add implementations.

        * platform/gtk/FileSystemGtk.cpp:
        (WebCore::renameFile):
        (WebCore::getFileSize):
        * platform/win/FileSystemWin.cpp:
        (WebCore::getFileSize):
        (WebCore::renameFile):
        Add stubs.

2015-03-30  Per Arne Vollan  <peavo@outlook.com>

        [WinCairo] Crash when closing window while video is loading
        https://bugs.webkit.org/show_bug.cgi?id=143088

        Reviewed by Mark Lam.

        When the media player is destroyed, we have to cancel possible calls on the
        main thread made by a worker thread. Otherwise the destroyed media player
        will be accessed when performing the call.

        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::~MediaPlayerPrivateMediaFoundation):
        (WebCore::MediaPlayerPrivateMediaFoundation::endCreatedMediaSource):
        (WebCore::MediaPlayerPrivateMediaFoundation::endGetEvent):
        (WebCore::MediaPlayerPrivateMediaFoundation::onTopologySet):
        (WebCore::MediaPlayerPrivateMediaFoundation::onCreatedMediaSourceCallback):
        (WebCore::MediaPlayerPrivateMediaFoundation::onTopologySetCallback):
        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.h:

2015-03-30  Gwang Yoon Hwang  <yoon@igalia.com>

        [Threaded Compositor] Crash when animation changes frequently.
        https://bugs.webkit.org/show_bug.cgi?id=143213

        Reviewed by Simon Fraser.

        CompositingCoordinator copies CoordinatedGraphicsLayerState when
        flushing GraphicsLayer changes, and ThreadedCoordinatedCompositor passes
        it to compositing thread.

        To ensure thread-safety, we need to provide copy constructor to copy
        Animation object in TextureMapperAnimation instead of referencing it.

        Since TimingFunction and TransformOperation used by KeyframeValueList are
        not ThreadSafeRefCounted, these should be cloned also.

        No new tests needed.

        * platform/graphics/GraphicsLayer.h:
        (WebCore::AnimationValue::AnimationValue):
        (WebCore::FloatAnimationValue::FloatAnimationValue):
        (WebCore::TransformAnimationValue::TransformAnimationValue):
        (WebCore::FilterAnimationValue::FilterAnimationValue):
        Adds deep copy constructor.

        * platform/graphics/texmap/TextureMapperAnimation.cpp:
        (WebCore::TextureMapperAnimation::TextureMapperAnimation):
        Because the name of the animation can be AtomicString, we need to create
        isolated version of string to ensure thread safty.

        * platform/graphics/texmap/TextureMapperAnimation.h:
        * platform/graphics/transforms/IdentityTransformOperation.h:
        * platform/graphics/transforms/Matrix3DTransformOperation.h:
        * platform/graphics/transforms/MatrixTransformOperation.h:
        * platform/graphics/transforms/PerspectiveTransformOperation.h:
        * platform/graphics/transforms/RotateTransformOperation.h:
        * platform/graphics/transforms/ScaleTransformOperation.h:
        * platform/graphics/transforms/SkewTransformOperation.h:
        * platform/graphics/transforms/TransformOperation.h:
        * platform/graphics/transforms/TranslateTransformOperation.h:
        Adds TransformOperation::clone() for threadsafety.

2015-03-30  Chris Dumez  <cdumez@apple.com>

        Cached "Expires" header is not updated upon successful resource revalidation
        https://bugs.webkit.org/show_bug.cgi?id=143228
        <rdar://problem/20348059>

        Reviewed by Antti Koivisto.

        Cached "Expires" header was not updated upon successful resource
        revalidation. This affected both our disk cache and our memory cache.
        This was caused by shouldUpdateHeaderAfterRevalidation() in
        CacheValidation.cpp returning false for the "Expires" header.

        There is a comment there stating that the list of ignored headers
        matches Chromium's net library but that's not the case, at least not
        anymore:
        http://osxr.org/android/source/external/chromium/net/http/http_response_headers.cc

        HTTP servers such as Apache return an "Expires" header in their 304
        responses and the "Expires" header is potentially a new one. However,
        our caches were ignoring the updated expiration date and kept using the
        old one, which meant that the cached resource expired sooner than it
        should have.

        See the following Apache bugs that explain the issue:
        https://bz.apache.org/bugzilla/show_bug.cgi?id=24884
        https://bz.apache.org/bugzilla/show_bug.cgi?id=25123

        Test: http/tests/cache/disk-cache/disk-cache-revalidation-new-expire-header.html

        * platform/network/CacheValidation.cpp:

2015-03-30  Antti Koivisto  <antti@apple.com>

        Don't cache resources that are very unlikely to be reused
        https://bugs.webkit.org/show_bug.cgi?id=143226
        <rdar://problem/20347160>

        Reviewed by Geoff Garen.

        Allow overriding resource load priorities via Internals for testing.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::addExtraFieldsToRequest):
        (WebCore::FrameLoader::clearTestingOverrides):
        * loader/FrameLoader.h:
        (WebCore::FrameLoader::setOverrideResourceLoadPriorityForTesting):
        (WebCore::FrameLoader::clearOverrideCachePolicyForTesting): Deleted.
        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::unlikelyToReuseKey):
        * page/DiagnosticLoggingKeys.h:

            Add a key.

        * testing/Internals.cpp:
        (WebCore::Internals::resetToConsistentState):
        (WebCore::stringToResourceLoadPriority):
        (WebCore::Internals::setOverrideResourceLoadPriority):
        * testing/Internals.h:
        * testing/Internals.idl:

2015-03-30  Javier Fernandez  <jfernandez@igalia.com>

        [CSS Grid Layout] Upgrade align-self and align-items parsing to CSS 3
        https://bugs.webkit.org/show_bug.cgi?id=133359

        Reviewed by David Hyatt.

        From Blink r164817 and r165264 by <jchaffraix@chromium.org>

        Broaden justify-self's parsing name

        This is in preparation of migrating align-self, align-items
        and justify-items to the CSS 3 Alignment syntax.

        The current naming was too tied to justify-self and needs to
        be broadened. This will reduce the follow-up implementations'
        patches.

        Upgrade align-self and align-items parsing to CSS 3

        This change migrates the 2 properties to the CSS 3 Alignment
        parsing. The new parsing is identical to how we parse
        'justify-self'. The 2 properties need to be migrated together
        as they are used in tandem in CSSComputedStyleDeclaration.

        This change also removes EAlignItems as it is now unused.

        Tests: css3/parse-align-items.html
               css3/parse-align-self.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::resolveAlignmentAuto): Added. Resolves the "auto" value for the alignment properties.
        (WebCore::valueForItemPositionWithOverflowAlignment): Added. Builds the CSSValue for the for the alignment properties.
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSParser.cpp:
         (WebCore::isValidKeywordPropertyAndValue): Removed align-self, align-items and justify-items.
        (WebCore::isKeywordPropertyID): Removed align-self, align-items and justify-items.
        (WebCore::isBaselinePositionKeyword): Added. Set of keywords related to baseline value.
        (WebCore::CSSParser::parseItemPositionOverflowPosition): Generic parsing fuction for the alignment properties.
        (WebCore::CSSParser::parseJustifySelf): Deleted.
        (WebCore::CSSParser::parseValue): Added align-items and align-self to the list and call to the generic parsing fuction for the alignment properties.
        * css/CSSParser.h:
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): Added.
        (WebCore::CSSPrimitiveValue::operator ItemPosition): Added. Replace the old EAlignItems enumeration.
        (WebCore::CSSPrimitiveValue::operator OverflowAlignment): Added.
        (WebCore::CSSPrimitiveValue::operator EAlignItems): Deleted.
        (WebCore::CSSPrimitiveValue::operator EJustifySelf): Deleted.
        (WebCore::CSSPrimitiveValue::operator EJustifySelfOverflowAlignment): Deleted.
        * css/CSSPropertyNames.in:
        * css/CSSValueKeywords.in:
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInheritAlignSelf): Added.
        (WebCore::StyleBuilderCustom::applyInitialAlignSelf): Added.
        (WebCore::StyleBuilderCustom::applyValueAlignSelf): Added.
        (WebCore::StyleBuilderCustom::applyInheritAlignItems): Added.
        (WebCore::StyleBuilderCustom::applyInitialAlignItems): Added.
        (WebCore::StyleBuilderCustom::applyValueAlignItems): Added.
        (WebCore::StyleBuilderCustom::applyInheritJustifySelf): Added.
        (WebCore::StyleBuilderCustom::applyInitialJustifySelf): Added.
        (WebCore::StyleBuilderCustom::applyValueJustifySelf): Added.
        (WebCore::StyleBuilderCustom::applyValueWebkitJustifySelf): Deleted.
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle): isDisplayFlexibleOrGridBox now a RenderStyle function.
        (WebCore::isDisplayFlexibleBox): Deleted. Moved to RenderStyle.
        (WebCore::isDisplayGridBox): Deleted. Moved to RenderStyle.
        (WebCore::isDisplayFlexibleOrGridBox): Deleted. Moved to RenderStyle.
        * rendering/RenderBox.cpp:
        (WebCore::flexItemHasStretchAlignment): Adapted to the new ItemPostition enum.
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::firstLineBaseline): Adapted to the new ItemPostition enum.
        (WebCore::RenderFlexibleBox::styleDidChange): Adapted to the new ItemPostition enum.
        (WebCore::RenderFlexibleBox::alignmentForChild): Adapted to the new ItemPostition enum.
        (WebCore::RenderFlexibleBox::needToStretchChild): Adapted to the new ItemPostition enum.
        (WebCore::RenderFlexibleBox::layoutAndPlaceChildren): Adapted to the new ItemPostition enum.
        (WebCore::RenderFlexibleBox::alignChildren): Adapted to the new ItemPostition enum.
        (WebCore::resolveAlignment): Deleted. Moved to RenderStyle.
        * rendering/RenderFlexibleBox.h:
        * rendering/RenderFullScreen.cpp:
        (WebCore::createFullScreenStyle): Adapted to the new ItemPostition enum.
        * rendering/RenderMenuList.cpp:
        (WebCore::RenderMenuList::adjustInnerStyle): Adapted to the new ItemPostition enum.
        * rendering/mathml/RenderMathMLRoot.cpp:
        (WebCore::RenderMathMLRoot::updateStyle): Adapted to the new ItemPostition enum.
        * rendering/mathml/RenderMathMLScripts.cpp:
        (WebCore::RenderMathMLScripts::fixAnonymousStyleForSubSupPair): Adapted to the new ItemPostition enum.
        (WebCore::RenderMathMLScripts::fixAnonymousStyles): Adapted to the new ItemPostition enum.
        * rendering/style/ContentData.h:
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::resolveAlignment): Added.
        * rendering/style/RenderStyle.h: Adapted to the new ItemPostition enum.
        * rendering/style/RenderStyleConstants.h: Adapted to the new ItemPostition enum.
        * rendering/style/StyleRareNonInheritedData.cpp: Adapted to the new ItemPostition enum.
        (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData): Adapted to the new ItemPostition enum.
        (WebCore::StyleRareNonInheritedData::operator==): Adapted to the new ItemPostition enum.
        * rendering/style/StyleRareNonInheritedData.h: Adapted to the new ItemPostition enum.
        * style/StyleResolveTree.cpp:
        (WebCore::Style::determineChange): Changes in the alignItems property cause a Detach.

2015-03-27  David Hyatt  <hyatt@apple.com>

        [New Block-Inside-Inline Model] Create anonymous inline blocks to hold blocks-inside-inlines.
        https://bugs.webkit.org/show_bug.cgi?id=143145

        Reviewed by Dean Jackson.

        Added fast/block/inside-inlines/ tests.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::renderName):
        Add support for labeling anonymous inline-blocks when dumped by the render tree.

        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::addChildIgnoringContinuation):
        When the pref is set to use the new block-inside-inline model, create an anonymous inline block to
        hold block children of RenderInlines instead of splitting flows or creating continuations.

        * rendering/RenderObject.h:
        (WebCore::RenderObject::isAnonymousInlineBlock):
        Add the definition of isAnonymousInlineBlock (note the exclusion of Ruby, since Ruby creates anonymous
        inline-blocks also).

2015-03-30  Chris Dumez  <cdumez@apple.com>

        [WK2][NetworkCache] Add support for "Cache-Control: max-stale" request header
        https://bugs.webkit.org/show_bug.cgi?id=143159
        <rdar://problem/20333296>

        Reviewed by Antti Koivisto.

        Add support for "Cache-Control: max-stale" request header:
        https://tools.ietf.org/html/rfc7234#section-5.2.1.2

        Test: http/tests/cache/disk-cache/disk-cache-request-max-stale.html

        * platform/network/CacheValidation.cpp:
        (WebCore::parseCacheControlDirectives):
        * platform/network/CacheValidation.h:

2015-03-30  Simon Fraser  <simon.fraser@apple.com>

        Fix iOS internal build after r182132.

        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::computeNonFastScrollableRegion):

2015-03-30  Jer Noble  <jer.noble@apple.com>

        [iOS] When Web Audio is interrupted by a phone call, it cannot be restarted.
        https://bugs.webkit.org/show_bug.cgi?id=143190

        Reviewed by Darin Adler.

        Tests: webaudio/audiocontext-state-interrupted.html
               webaudio/audiocontext-state.html

        Implement the following methods and properties from the Web Audio spec:
        close(), suspend(), resume(), onstatechange.

        AudioContext will take more responsibility for tracking state and interruptions (and
        AudioDestination will give up that responsibility). This means AudioContext must be a
        MediaSessionClient, and own its own MediaSession. In return, AudioDestinationIOS and 
        AudioDestinationMac relinquish both.

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::AudioContext): Set default values in header.
        (WebCore::AudioContext::uninitialize): Call setState() instead of setting m_state.
        (WebCore::AudioContext::addReaction): Added. Append the callback to the appropriate vector for the state.
        (WebCore::AudioContext::setState): Added. Fire events and resolve the appropriate reaction callbacks for the new state.
        (WebCore::AudioContext::state): Return a string representing the context's state.
        (WebCore::AudioContext::stop): Close the event queue.
        (WebCore::AudioContext::startRendering): Call setState().
        (WebCore::AudioContext::fireCompletionEvent): Call setState().
        (WebCore::AudioContext::suspendContext): Added. Add reaction callback and call suspend() on the destination node.
        (WebCore::AudioContext::resumeContext): Added. Add reaction callback and call resume() on the destination node.
        (WebCore::AudioContext::closeContext): Added. Add reaction callback and call close() on the destination node.
        (WebCore::AudioContext::suspendPlayback): Added. Suspend playback and set state to interrupted.
        (WebCore::AudioContext::mayResumePlayback): Added. Conditionally resume playback.
        * bindings/js/JSAudioContextCustom.cpp:
        (WebCore::JSAudioContext::suspend): Added. Create and return a new Promise object.
        (WebCore::JSAudioContext::resume): Ditto.
        (WebCore::JSAudioContext::close): Ditto.
        * Modules/webaudio/AudioContext.idl: Add new methods and properties.

        Extensive organizational changes were made to AudioContext.h to group instance
        variables together and add C++11 initializers in their declarations:

        * Modules/webaudio/AudioContext.h:
        (WebCore::AudioContext::mediaType): Moved from AudioDestinationNode.
        (WebCore::AudioContext::presentationType): Ditto.
        (WebCore::AudioContext::canReceiveRemoteControlCommands): Ditto.
        (WebCore::AudioContext::didReceiveRemoteControlCommand): Ditto.
        (WebCore::AudioContext::overrideBackgroundPlaybackRestriction): Ditto.
        
        Other changes to support the new AudioContext methods:

        * Modules/webaudio/AudioDestinationNode.h:
        (WebCore::AudioDestinationNode::resume): Add empty default virtual method.
        (WebCore::AudioDestinationNode::suspend): Ditto.
        (WebCore::AudioDestinationNode::close): Ditto.
        * Modules/webaudio/DefaultAudioDestinationNode.cpp:
        (WebCore::DefaultAudioDestinationNode::resume): Added. Pass to AudioDestination.
        (WebCore::DefaultAudioDestinationNode::suspend): Ditto.
        (WebCore::DefaultAudioDestinationNode::close): Ditto.
        * Modules/webaudio/DefaultAudioDestinationNode.h:
        * bindings/js/JSDOMPromise.h:
        (WebCore::DeferredWrapper::resolve): Add an overload for a nullptr resolve value.
        * dom/EventNames.h: Added 'statechange'.
        * dom/ScriptExecutionContext.h:
        (WebCore::ScriptExecutionContext::Task::Task): Add a constructor which takes a void() callback.

        Modify MediaSession, AudioSession, and MediaSessionManager to support the new
        interruption behavior.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::suspendPlayback): Renamed from pausePlayback().
        (WebCore::HTMLMediaElement::mayResumePlayback): Renamed from resumePlayback().
        * html/HTMLMediaElement.h:
        * platform/audio/AudioSession.cpp:
        (WebCore::AudioSession::tryToSetActive): Renamed from setActive. Return true by default.
        (WebCore::AudioSession::setActive): Deleted.
        * platform/audio/AudioSession.h:
        * platform/audio/MediaSession.cpp:
        (WebCore::MediaSession::beginInterruption): pausePlayback() was renamed to suspendPlayback().
        (WebCore::MediaSession::endInterruption): Always notify the client, telling it whether to resume.
        (WebCore::MediaSession::clientWillBeginPlayback): Bail early if reentrant.  Check the (new) 
            return value of sessionWillBeginPlayback() and remember to resume once the interruption ends.
        (WebCore::MediaSession::clientWillPausePlayback): Bail early if reentrant.
        (WebCore::MediaSession::pauseSession): pausePlayback() was renamed to suspendPlayback().
        * platform/audio/MediaSession.h:
        * platform/audio/MediaSessionManager.cpp:
        (WebCore::MediaSessionManager::sessionWillBeginPlayback): Return false if not allowed to break interruption or 
            if activating the audio session failed. Otherwise, end the interruption.
        * platform/audio/MediaSessionManager.h:
        * platform/audio/ios/AudioDestinationIOS.cpp:
        (WebCore::AudioDestinationIOS::AudioDestinationIOS): m_mediaSession was removed.
        (WebCore::AudioDestinationIOS::start): Ditto.
        * platform/audio/ios/AudioDestinationIOS.h:
        * platform/audio/ios/AudioSessionIOS.mm:
        (WebCore::AudioSession::tryToSetActive): Renamed from setActive. Return false if the AVAudioSession could not be activated.
        (WebCore::AudioSession::setActive): Deleted.
        * platform/audio/ios/MediaSessionManagerIOS.h:
        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (WebCore::MediaSessionManageriOS::sessionWillBeginPlayback): Do not update the now playing info if session playback was blocked.
        * platform/audio/mac/AudioDestinationMac.cpp:
        (WebCore::AudioDestinationMac::AudioDestinationMac): m_mediaSession was removed.
        * platform/audio/mac/AudioDestinationMac.h:
        * platform/audio/mac/AudioSessionMac.cpp:
        (WebCore::AudioSession::tryToSetActive): Renamed from setActive(). Return true by default.
        (WebCore::AudioSession::setActive): Deleted.
        * platform/audio/mac/MediaSessionManagerMac.cpp:
        (MediaSessionManager::updateSessionState): No longer attempt to activate the session, as this is done
            MediaSessionManager::sessionWillBeginPlayback().
        * testing/Internals.cpp:
        (WebCore::Internals::setMediaSessionRestrictions): Add "InterruptedPlaybackNotPermitted".

2015-03-25 Xabier Rodriguez Calvar <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] Error storage should be moved from source to stream/reader
        https://bugs.webkit.org/show_bug.cgi?id=143048

        Reviewed by Benjamin Poulain.

        This patch removes error storage from the source as it should be stored at the stream level as error access goes through the reader.
        It removes abstract ReadableStreamSource::isErrored and the storage of JavaScript errors from ReadableStreamJSSource.

        Existing tests cover most of the changes.
        Added test case for creating readable stream from empty JS object.

        * Modules/streams/ReadableStreamSource.h: Removing isErrored().
        * bindings/js/JSReadableStreamCustom.cpp:
        (WebCore::constructJSReadableStream): Added JS stream constructor parameters checking.
        * bindings/js/ReadableStreamJSSource.cpp:
        (WebCore::ReadableStreamJSSource::ReadableStreamJSSource): Removed JS stream constructor parameters checking.
        (WebCore::ReadableStreamJSSource::start): Changed prototype of start so that start can throw errors directly.
        (WebCore::ReadableStreamJSSource::setInternalError): Deleted.
        * bindings/js/ReadableStreamJSSource.h: Removed m_error, setInternalError and updated start declaration.

2015-03-30  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] More GL shared context fixes
        https://bugs.webkit.org/show_bug.cgi?id=143216

        Reviewed by Carlos Garcia Campos.

        Moved the GLX/EGL context tests to be done at runtime rather than
        using build-time macros because in the GTK port at least, both EGL
        and GLX support are mutually exclusive. Also fixed a couple wrong
        defines (USE(GLES2) doesn't exist).

        * platform/graphics/GLContext.h: Simple utility method to check if
        the platform context is compatible with EGL APIs or not.
        * platform/graphics/egl/GLContextEGL.h:
        (WebCore::GLContextEGL::isEGLContext):
        * platform/graphics/glx/GLContextGLX.h:
        (WebCore::GLContextGLX::isEGLContext):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::ensureGstGLContext): Do
        runtime checks and properly ensure GLES2/GL API usage.

2015-03-30  Marcos Chavarría Teijeiro  <chavarria1991@gmail.com>

        Add support for deleting emoji on GTK
        https://bugs.webkit.org/show_bug.cgi?id=141419

        Reviewed by Gustavo Noronha Silva.

        The code for deleting special group of characters was specific for
        COCOA and EFL platforms. The fix consists on add GTK to the #if
        preprocessor directive.

        * rendering/RenderText.cpp:
        (WebCore::RenderText::previousOffsetForBackwardDeletion):

2015-03-30  Benjamin Poulain  <benjamin@webkit.org>

        Start the features.json files
        https://bugs.webkit.org/show_bug.cgi?id=143207

        Reviewed by Darin Adler.

        * features.json: Added.

2015-03-29  Simon Fraser  <simon.fraser@apple.com>

        Convert arguments to ScrollingCoordinator functions to references
        https://bugs.webkit.org/show_bug.cgi?id=143198

        Reviewed by Darin Adler.

        Convert all the FrameView* and ScrollableArea* arguments to ScrollingCoordinator functions to
        references, and use references in a few other places.

        * dom/Document.cpp:
        (WebCore::wheelEventHandlerCountChanged):
        * loader/HistoryController.cpp:
        (WebCore::HistoryController::restoreScrollPositionAndViewState):
        * page/DebugPageOverlays.cpp:
        (WebCore::NonFastScrollableRegionOverlay::updateRegion):
        * page/Frame.cpp:
        (WebCore::Frame::willDetachPage):
        * page/FrameView.cpp:
        (WebCore::FrameView::prepareForDetach):
        (WebCore::FrameView::addSlowRepaintObject):
        (WebCore::FrameView::removeSlowRepaintObject):
        (WebCore::FrameView::addViewportConstrainedObject):
        (WebCore::FrameView::removeViewportConstrainedObject):
        (WebCore::FrameView::requestScrollPositionUpdate):
        (WebCore::FrameView::performPostLayoutTasks):
        (WebCore::FrameView::scrollableAreaSetChanged):
        (WebCore::FrameView::wheelEvent):
        * page/Page.cpp:
        (WebCore::Page::nonFastScrollableRects):
        * page/Page.h:
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated):
        (WebCore::AsyncScrollingCoordinator::frameViewNonFastScrollableRegionChanged):
        (WebCore::AsyncScrollingCoordinator::frameViewRootLayerDidChange):
        (WebCore::AsyncScrollingCoordinator::requestScrollPositionUpdate):
        (WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScroll):
        (WebCore::AsyncScrollingCoordinator::scrollableAreaScrollbarLayerDidChange):
        (WebCore::AsyncScrollingCoordinator::ensureRootStateNodeForFrameView):
        (WebCore::AsyncScrollingCoordinator::updateMainFrameScrollLayerPosition):
        (WebCore::AsyncScrollingCoordinator::recomputeWheelEventHandlerCountForFrameView):
        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::pageDestroyed):
        (WebCore::ScrollingCoordinator::coordinatesScrollingForFrameView):
        (WebCore::ScrollingCoordinator::computeNonFastScrollableRegion):
        (WebCore::ScrollingCoordinator::frameViewWheelEventHandlerCountChanged):
        (WebCore::ScrollingCoordinator::frameViewHasSlowRepaintObjectsDidChange):
        (WebCore::ScrollingCoordinator::frameViewFixedObjectsDidChange):
        (WebCore::ScrollingCoordinator::scrollLayerForScrollableArea):
        (WebCore::ScrollingCoordinator::scrollLayerForFrameView):
        (WebCore::ScrollingCoordinator::headerLayerForFrameView):
        (WebCore::ScrollingCoordinator::footerLayerForFrameView):
        (WebCore::ScrollingCoordinator::counterScrollingLayerForFrameView):
        (WebCore::ScrollingCoordinator::insetClipLayerForFrameView):
        (WebCore::ScrollingCoordinator::contentShadowLayerForFrameView):
        (WebCore::ScrollingCoordinator::rootContentLayerForFrameView):
        (WebCore::ScrollingCoordinator::frameViewRootLayerDidChange):
        (WebCore::ScrollingCoordinator::hasVisibleSlowRepaintViewportConstrainedObjects):
        (WebCore::ScrollingCoordinator::synchronousScrollingReasons):
        (WebCore::ScrollingCoordinator::updateSynchronousScrollingReasons):
        (WebCore::ScrollingCoordinator::setForceSynchronousScrollLayerPositionUpdates):
        (WebCore::ScrollingCoordinator::shouldUpdateScrollLayerPositionSynchronously):
        (WebCore::ScrollingCoordinator::replaySessionStateDidChange):
        (WebCore::ScrollingCoordinator::synchronousScrollingReasonsAsText):
        * page/scrolling/ScrollingCoordinator.h: Align the bitmask enums to make mistakes easier to spot.
        (WebCore::ScrollingCoordinator::frameViewLayoutUpdated):
        (WebCore::ScrollingCoordinator::frameViewNonFastScrollableRegionChanged):
        (WebCore::ScrollingCoordinator::requestScrollPositionUpdate):
        (WebCore::ScrollingCoordinator::handleWheelEvent):
        (WebCore::ScrollingCoordinator::willDestroyScrollableArea):
        (WebCore::ScrollingCoordinator::scrollableAreaScrollLayerDidChange):
        (WebCore::ScrollingCoordinator::scrollableAreaScrollbarLayerDidChange):
        (WebCore::ScrollingCoordinator::recomputeWheelEventHandlerCountForFrameView):
        * page/scrolling/coordinatedgraphics/ScrollingCoordinatorCoordinatedGraphics.cpp:
        (WebCore::ScrollingCoordinatorCoordinatedGraphics::scrollableAreaScrollLayerDidChange):
        (WebCore::ScrollingCoordinatorCoordinatedGraphics::willDestroyScrollableArea):
        (WebCore::ScrollingCoordinatorCoordinatedGraphics::requestScrollPositionUpdate):
        * page/scrolling/coordinatedgraphics/ScrollingCoordinatorCoordinatedGraphics.h:
        * page/scrolling/ios/ScrollingCoordinatorIOS.h:
        * page/scrolling/mac/ScrollingCoordinatorMac.h:
        * page/scrolling/mac/ScrollingCoordinatorMac.mm:
        (WebCore::ScrollingCoordinatorMac::handleWheelEvent):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::~RenderLayer):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateOverflowControlsLayers):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateBacking):
        (WebCore::RenderLayerCompositor::hasCoordinatedScrolling):
        (WebCore::RenderLayerCompositor::scrollingLayerDidChange):
        (WebCore::RenderLayerCompositor::updateLayerForHeader):
        (WebCore::RenderLayerCompositor::updateLayerForFooter):
        (WebCore::RenderLayerCompositor::updateOverflowControlsLayers):
        (WebCore::RenderLayerCompositor::destroyRootLayer):
        (WebCore::RenderLayerCompositor::updateScrollCoordinationForThisFrame):
        (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayer):
        (WebCore::RenderLayerCompositor::willRemoveScrollingLayerWithBacking):
        (WebCore::RenderLayerCompositor::didAddScrollingLayer):
        * testing/Internals.cpp:
        (WebCore::Internals::nonFastScrollableRects):

2015-03-29  Benjamin Poulain  <benjamin@webkit.org>

        Use :matches() instead of :-webkit-any() for the sections and headings default style
        https://bugs.webkit.org/show_bug.cgi?id=143197

        Reviewed by Darin Adler.

        We no longer need to use the :-webkit-any() hack in the default stylesheet.

        The pseudo class :matches() also support correct specificity. This is not observable
        since those selector do not conflict with any other rule in the default stylesheet.

        * css/CSSSelector.h:
        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::determineLinkMatchType):
        * css/html.css:
        (:matches(article, aside, nav, section) h1):
        (:matches(article, aside, nav, section) :matches(article, aside, nav, section) h1):
        (:matches(article, aside, nav, section) :matches(article, aside, nav, section) :matches(article, aside, nav, section) h1):
        (:matches(article, aside, nav, section) :matches(article, aside, nav, section) :matches(article, aside, nav, section) :matches(article, aside, nav, section) h1):
        (:matches(article, aside, nav, section) :matches(article, aside, nav, section) :matches(article, aside, nav, section) :matches(article, aside, nav, section) :matches(article, aside, nav, section) h1):
        (:-webkit-any(article,aside,nav,section) h1): Deleted.
        (:-webkit-any(article,aside,nav,section) :-webkit-any(article,aside,nav,section) h1): Deleted.
        (:-webkit-any(article,aside,nav,section) :-webkit-any(article,aside,nav,section) :-webkit-any(article,aside,nav,section) h1): Deleted.
        (:-webkit-any(article,aside,nav,section) :-webkit-any(article,aside,nav,section) :-webkit-any(article,aside,nav,section) :-webkit-any(article,aside,nav,section) h1): Deleted.
        (:-webkit-any(article,aside,nav,section) :-webkit-any(article,aside,nav,section) :-webkit-any(article,aside,nav,section) :-webkit-any(article,aside,nav,section) :-webkit-any(article,aside,nav,section) h1): Deleted.

2015-03-29  Benjamin Poulain  <benjamin@webkit.org>

        `currentColor` computes to the same colour on all elements, even if 'color' is inherited differently
        https://bugs.webkit.org/show_bug.cgi?id=133420

        Reviewed by Darin Adler.

        When resolving a style with the help of the property cache, we were
        completely ignoring currentColor.

        Since you can set currentColor on properties that are not inherited,
        those properties would just be copied from the cached style, which
        may have a completely different inherited color.

        This pacth fixes the issue by preventing any MatchResult from hitting
        the cache if it contains any non-inherited property that would require
        resolution by the cache:
        -Using the inherit value.
        -Using the currentColor value.

        Tests: fast/css/currentColor-on-before-after-pseudo-elements.html
               fast/css/currentColor-style-update-reftest.html
               fast/css/currentColor-value-style-update.html

        * css/ElementRuleCollector.cpp:
        (WebCore::ElementRuleCollector::addElementStyleProperties):
        (WebCore::ElementRuleCollector::matchAuthorRules):
        (WebCore::ElementRuleCollector::matchUserRules):
        (WebCore::ElementRuleCollector::matchUARules):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::MatchResult::addMatchedProperties):
        (WebCore::StyleResolver::styleForKeyframe):
        (WebCore::StyleResolver::pseudoStyleForElement):
        (WebCore::StyleResolver::styleForPage):
        (WebCore::StyleResolver::findFromMatchedPropertiesCache):
        (WebCore::StyleResolver::addToMatchedPropertiesCache):
        (WebCore::extractDirectionAndWritingMode):
        (WebCore::StyleResolver::applyMatchedProperties):
        (WebCore::StyleResolver::CascadedProperties::addStyleProperties):
        (WebCore::StyleResolver::CascadedProperties::addMatches):
        * css/StyleResolver.h:
        (WebCore::StyleResolver::MatchResult::matchedProperties):

2015-03-29  Benjamin Poulain  <benjamin@webkit.org>

        Enable :any-link by default
        https://bugs.webkit.org/show_bug.cgi?id=143201

        Reviewed by Sam Weinig.

        The pseudo class :any-link has been stable for a while. This patch enables
        it by default and remove the -webkit- prefix on the default style.

        * css/CSSDefaultStyleSheets.cpp:
        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::selectorText):
        * css/CSSSelector.h:
        * css/RuleSet.cpp:
        (WebCore::RuleSet::addRule):
        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        * css/SelectorChecker.h:
        (WebCore::SelectorChecker::isCommonPseudoClassSelector):
        * css/SelectorPseudoClassAndCompatibilityElementMap.in:
        * css/html.css:
        (a:any-link):
        (a:any-link:active):
        (:any-link img):
        (a:-webkit-any-link): Deleted.
        (a:-webkit-any-link:active): Deleted.
        (:-webkit-any-link img): Deleted.
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addPseudoClassType):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementLinkMatching):

2015-03-29  Joonghun Park  <jh718.park@samsung.com>

        nullptr cleanup in RenderFooBox classes
        https://bugs.webkit.org/show_bug.cgi?id=143182

        Reviewed by Ryosuke Niwa.

        No new tests, no behavior changes

        Replace 0 with nullptr in RenderFooBox classes.

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::RenderBox):
        (WebCore::RenderBox::paintFillLayer):
        (WebCore::RenderBox::shrinkLogicalWidthToAvoidFloats):
        (WebCore::RenderBox::containingBlockAvailableLineWidthInRegion):
        (WebCore::RenderBox::renderBoxRegionInfo):
        (WebCore::RenderBox::computePositionedLogicalWidthUsing):
        (WebCore::RenderBox::computePositionedLogicalHeightUsing):
        (WebCore::RenderBox::computePositionedLogicalWidthReplaced):
        (WebCore::RenderBox::positionForPoint):
        (WebCore::RenderBox::layoutOverflowRectForPropagation):
        * rendering/RenderBox.h:
        (WebCore::RenderBox::setMarginBefore):
        (WebCore::RenderBox::setMarginAfter):
        (WebCore::RenderBox::setMarginStart):
        (WebCore::RenderBox::setMarginEnd):
        (WebCore::RenderBox::createAnonymousBoxWithSameTypeAs):
        (WebCore::RenderBox::setInlineBoxWrapper):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::willBeDestroyed):
        (WebCore::RenderBoxModelObject::paintMaskForTextFillBox):
        (WebCore::RenderBoxModelObject::paintBorderSides):
        (WebCore::RenderBoxModelObject::firstLetterRemainingText):
        * rendering/RenderBoxModelObject.h:
        (WebCore::RenderBoxModelObject::moveChildTo):
        (WebCore::RenderBoxModelObject::moveAllChildrenTo):
        (WebCore::RenderBoxModelObject::moveChildrenTo):
        * rendering/RenderDeprecatedFlexibleBox.cpp:
        (WebCore::FlexBoxIterator::reset):
        (WebCore::FlexBoxIterator::next):
        * rendering/RenderDeprecatedFlexibleBox.h:
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::firstLineBaseline):
        (WebCore::RenderFlexibleBox::computeMainAxisExtentForChild):
        * rendering/RenderLineBoxList.cpp:
        (WebCore::RenderLineBoxList::deleteLineBoxTree):
        (WebCore::RenderLineBoxList::extractLineBox):
        (WebCore::RenderLineBoxList::deleteLineBoxes):
        (WebCore::RenderLineBoxList::checkConsistency):
        * rendering/RenderLineBoxList.h:
        (WebCore::RenderLineBoxList::RenderLineBoxList):
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::enclosingScrollableArea):
        (WebCore::RenderListBox::setHasVerticalScrollbar):
        * rendering/RenderListBox.h:

2015-03-29  Darin Adler  <darin@apple.com>

        HTMLCollection caches incorrect length if item(0) is called before length on an empty collection
        https://bugs.webkit.org/show_bug.cgi?id=143203
        rdar://problem/18460462

        Reviewed by Antti Koivisto.

        Test: fast/dom/htmlcollection-length-after-item-2.html

        * dom/CollectionIndexCache.h:
        (CollectionIndexCache::nodeAt): If we hit the end looking for index 0, cache a length
        of 0, not a length of 1.

2015-03-29  Darin Adler  <darin@apple.com>

        Remove unneeded SVG code, including most isSupportedAttribute functions
        https://bugs.webkit.org/show_bug.cgi?id=143194

        Reviewed by Antti Koivisto.

        - Removed most implementations of isSupportedAttribute. Others can be removed in
          future patches. The ones left behind are now all private static member functions.
          It's dangerous for them to be public because they tend to indicate which attributes
          are supported at a particular level in the class hierarchy and they are not virtual
          functions; might want to rethink the function name if we keep any of these long term.

        - Removed unneeded includes, especially of Attr.h and Attribute.h.

        - Changed most parseAttribute and svgAttributeChanged functions so they no longer
          rely on checking attribute names against a set. Also removed lots of unneeded calls
          to SVGLangSpace::parseAttribute, which is called by SVGElement::parseAttribute and
          need not be called by derived classes.

        - Removed return values from parseAttribute functions. Skipping other parseAttribute
          logic is not an important optimization and makes functions needlessly complex.

        - Moved use of InstanceInvalidationGuard closer to where they are needed. Eventually
          we may be able to remove many of these.

        - Used auto in a few places where the same type is repeated twice on the same line of
          code, and auto makes it a bit smaller.

        - Got rid of protected sections in some final classes; doesn't make sense to combine
          these two. Also moved a few functions from protected to private in other classes.

        - Made a number of functions into static member functions in the base classes such
          as SVGLangSpace; they were not making any use of the object, and so it was wasteful
          to compile them as non-static member functions.

        * rendering/svg/RenderSVGImage.cpp: Removed unneeded includes.
        * svg/SVGAElement.cpp: Removed unneeded includes.
        (WebCore::SVGAElement::isSupportedAttribute): Deleted.
        (WebCore::SVGAElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGAElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGAElement.h: Removed isSupportedAttribute.
        * svg/SVGAnimateMotionElement.cpp: Removed unneeded includes.
        (WebCore::SVGAnimateMotionElement::isSupportedAttribute): Deleted.
        (WebCore::SVGAnimateMotionElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGAnimateMotionElement.h: Removed isSupportedAttribute.
        * svg/SVGAnimateTransformElement.cpp:
        (WebCore::SVGAnimateTransformElement::isSupportedAttribute): Deleted.
        (WebCore::SVGAnimateTransformElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGAnimateTransformElement.h: Removed isSupportedAttribute.
        * svg/SVGAnimationElement.cpp:
        (WebCore::SVGAnimationElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGCircleElement.cpp:
        (WebCore::SVGCircleElement::isSupportedAttribute): Deleted.
        (WebCore::SVGCircleElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGCircleElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGCircleElement.h: Removed isSupportedAttribute.
        * svg/SVGClipPathElement.cpp: Removed unneeded includes.
        (WebCore::SVGClipPathElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGComponentTransferFunctionElement.cpp:
        (WebCore::SVGComponentTransferFunctionElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGCursorElement.cpp: Removed unneeded includes.
        (WebCore::SVGCursorElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGCursorElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGElement.cpp: Removed unneeded includes.
        * svg/SVGEllipseElement.cpp: Removed unneeded includes.
        (WebCore::SVGEllipseElement::isSupportedAttribute): Deleted.
        (WebCore::SVGEllipseElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGEllipseElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGEllipseElement.h: Removed isSupportedAttribute.
        * svg/SVGExternalResourcesRequired.cpp: Removed unneeded includes.
        (WebCore::SVGExternalResourcesRequired::parseAttribute): Don't return a boolean.
        * svg/SVGExternalResourcesRequired.h: Don't return a boolean.
        * svg/SVGFEBlendElement.cpp: Removed unneeded includes.
        (WebCore::SVGFEBlendElement::isSupportedAttribute): Deleted.
        (WebCore::SVGFEBlendElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGFEBlendElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGFEBlendElement.h: Removed isSupportedAttribute.
        * svg/SVGFEColorMatrixElement.cpp: Removed unneeded includes.
        (WebCore::SVGFEColorMatrixElement::isSupportedAttribute): Deleted.
        (WebCore::SVGFEColorMatrixElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGFEColorMatrixElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGFEColorMatrixElement.h: Removed isSupportedAttribute.
        * svg/SVGFEComponentTransferElement.cpp: Removed unneeded includes.
        (WebCore::SVGFEComponentTransferElement::isSupportedAttribute): Deleted.
        (WebCore::SVGFEComponentTransferElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGFEComponentTransferElement.h: Removed unneeded includes.
        * svg/SVGFECompositeElement.cpp: Removed unneeded includes.
        (WebCore::SVGFECompositeElement::isSupportedAttribute): Deleted.
        (WebCore::SVGFECompositeElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGFECompositeElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGFECompositeElement.h:
        * svg/SVGFEConvolveMatrixElement.cpp: Removed unneeded includes.
        (WebCore::SVGFEConvolveMatrixElement::isSupportedAttribute): Deleted.
        (WebCore::SVGFEConvolveMatrixElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGFEConvolveMatrixElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGFEConvolveMatrixElement.h:
        * svg/SVGFEDiffuseLightingElement.cpp: Removed unneeded includes.
        (WebCore::SVGFEDiffuseLightingElement::isSupportedAttribute): Deleted.
        (WebCore::SVGFEDiffuseLightingElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGFEDiffuseLightingElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGFEDiffuseLightingElement.h:
        * svg/SVGFEDisplacementMapElement.cpp: Removed unneeded includes.
        (WebCore::SVGFEDisplacementMapElement::isSupportedAttribute): Deleted.
        (WebCore::SVGFEDisplacementMapElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGFEDisplacementMapElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGFEDisplacementMapElement.h:
        * svg/SVGFEDropShadowElement.cpp: Removed unneeded includes.
        (WebCore::SVGFEDropShadowElement::isSupportedAttribute): Deleted.
        (WebCore::SVGFEDropShadowElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGFEDropShadowElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGFEDropShadowElement.h:
        * svg/SVGFEFloodElement.cpp: Removed unneeded includes.
        * svg/SVGFEGaussianBlurElement.cpp: Removed unneeded includes.
        (WebCore::SVGFEGaussianBlurElement::isSupportedAttribute): Deleted.
        (WebCore::SVGFEGaussianBlurElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGFEGaussianBlurElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGFEGaussianBlurElement.h:
        * svg/SVGFEImageElement.cpp: Removed unneeded includes.
        (WebCore::SVGFEImageElement::isSupportedAttribute): Deleted.
        (WebCore::SVGFEImageElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGFEImageElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGFEImageElement.h:
        * svg/SVGFELightElement.cpp: Removed unneeded includes.
        (WebCore::SVGFELightElement::isSupportedAttribute): Deleted.
        (WebCore::SVGFELightElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGFELightElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGFELightElement.h:
        * svg/SVGFEMergeNodeElement.cpp: Removed unneeded includes.
        (WebCore::SVGFEMergeNodeElement::isSupportedAttribute): Deleted.
        (WebCore::SVGFEMergeNodeElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGFEMergeNodeElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGFEMergeNodeElement.h:
        * svg/SVGFEMorphologyElement.cpp: Removed unneeded includes.
        (WebCore::SVGFEMorphologyElement::isSupportedAttribute): Deleted.
        (WebCore::SVGFEMorphologyElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGFEMorphologyElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGFEMorphologyElement.h:
        * svg/SVGFEOffsetElement.cpp: Removed unneeded includes.
        (WebCore::SVGFEOffsetElement::isSupportedAttribute): Deleted.
        (WebCore::SVGFEOffsetElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGFEOffsetElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGFEOffsetElement.h:
        * svg/SVGFESpecularLightingElement.cpp: Removed unneeded includes.
        (WebCore::SVGFESpecularLightingElement::isSupportedAttribute): Deleted.
        (WebCore::SVGFESpecularLightingElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGFESpecularLightingElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGFESpecularLightingElement.h:
        * svg/SVGFETileElement.cpp: Removed unneeded includes.
        (WebCore::SVGFETileElement::isSupportedAttribute): Deleted.
        (WebCore::SVGFETileElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGFETileElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGFETileElement.h:
        * svg/SVGFETurbulenceElement.cpp: Removed unneeded includes.
        (WebCore::SVGFETurbulenceElement::isSupportedAttribute): Deleted.
        (WebCore::SVGFETurbulenceElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGFETurbulenceElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGFETurbulenceElement.h:
        * svg/SVGFilterElement.cpp: Removed unneeded includes.
        (WebCore::SVGFilterElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGFilterPrimitiveStandardAttributes.cpp: Removed unneeded includes.
        (WebCore::SVGFilterPrimitiveStandardAttributes::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGFilterPrimitiveStandardAttributes.h: Removed isSupportedAttribute and also moved a
        couple functions out of the class definition.
        * svg/SVGFitToViewBox.cpp: Removed unneeded includes.
        * svg/SVGFontFaceElement.cpp: Removed unneeded includes.
        * svg/SVGFontFaceUriElement.cpp: Removed unneeded includes.
        * svg/SVGForeignObjectElement.cpp: Removed unneeded includes.
        (WebCore::SVGForeignObjectElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGGElement.cpp: Removed unneeded includes.
        (WebCore::SVGGElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGGlyphElement.cpp: Removed unneeded includes.
        * svg/SVGGlyphRefElement.cpp: Removed unneeded includes.
        (WebCore::SVGGlyphRefElement::hasValidGlyphElement): Rewrote to use is<> instead of hasTagName.
        (WebCore::SVGGlyphRefElement::parseAttribute): Don't use return value from SVGURIReference::parseAttribute.
        * svg/SVGGradientElement.cpp: Removed unneeded includes.
        (WebCore::SVGGradientElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGGraphicsElement.cpp: Removed unneeded includes.
        (WebCore::SVGGraphicsElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGImageElement.cpp: Removed unneeded includes.
        (WebCore::SVGImageElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGLangSpace.cpp: Removed unneeded includes.
        (WebCore::SVGLangSpace::parseAttribute): Removed the return value.
        * svg/SVGLangSpace.h: Converted functions to static member functions and removed the
        return value from parseAttribute.
        * svg/SVGLineElement.cpp: Removed unneeded includes.
        (WebCore::SVGLineElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGLinearGradientElement.cpp: Removed unneeded includes.
        (WebCore::SVGLinearGradientElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGMPathElement.cpp: Removed unneeded includes.
        (WebCore::SVGMPathElement::isSupportedAttribute): Deleted.
        (WebCore::SVGMPathElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGMPathElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGMPathElement.h: Removed isSupportedAttribute and made didNotifySubtreeInsertions
        private instead of protected.
        * svg/SVGMarkerElement.cpp: Removed unneeded includes.
        (WebCore::SVGMarkerElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGMaskElement.cpp: Removed unneeded includes.
        (WebCore::SVGMaskElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGPathElement.cpp: Removed unneeded includes.
        (WebCore::SVGPathElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGPatternElement.cpp: Removed unneeded includes.
        (WebCore::SVGPatternElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGPolyElement.cpp: Removed unneeded includes.
        (WebCore::SVGPolyElement::isSupportedAttribute): Deleted.
        (WebCore::SVGPolyElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGPolyElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGPolyElement.h:
        * svg/SVGRadialGradientElement.cpp: Removed unneeded includes.
        (WebCore::SVGRadialGradientElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGRectElement.cpp: Removed unneeded includes.
        (WebCore::SVGRectElement::isSupportedAttribute): Deleted.
        (WebCore::SVGRectElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGRectElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGRectElement.h:
        * svg/SVGSVGElement.cpp: Removed unneeded includes.
        (WebCore::SVGSVGElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGScriptElement.cpp: Removed unneeded includes.
        * svg/SVGStopElement.cpp: Removed unneeded includes.
        (WebCore::SVGStopElement::isSupportedAttribute): Deleted.
        (WebCore::SVGStopElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGStopElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGStopElement.h: Removed isSupportedAttribute.
        * svg/SVGStyleElement.cpp: Removed unneeded includes.
        (WebCore::SVGStyleElement::isSupportedAttribute): Deleted.
        (WebCore::SVGStyleElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGStyleElement.h: Removed isSupportedAttribute.
        * svg/SVGSymbolElement.cpp: Removed unneeded includes.
        (WebCore::SVGSymbolElement::isSupportedAttribute): Deleted.
        (WebCore::SVGSymbolElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGSymbolElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGSymbolElement.h: Removed isSupportedAttribute.
        * svg/SVGTRefElement.cpp: Removed unneeded includes.
        (WebCore::SVGTRefElement::isSupportedAttribute): Deleted.
        (WebCore::SVGTRefElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGTRefElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGTRefElement.h: Removed isSupportedAttribute and made didNotifySubtreeInsertions
        private instead of protected.
        * svg/SVGTests.cpp: Removed unneeded includes.
        (WebCore::SVGTests::parseAttribute): Removed return value.
        * svg/SVGTests.h: Removed return value of parseAttribute.
        * svg/SVGTextContentElement.cpp: Removed unneeded includes.
        (WebCore::SVGTextContentElement::collectStyleForPresentationAttribute): Don't use
        isSupportedAttribute. Also removed global to optimize comparing attribute value against
        the string "preserve".
        (WebCore::SVGTextContentElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGTextContentElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGTextContentElement.h: Made isSupportedAttribute private instead of protected.
        * svg/SVGTextElement.cpp: Removed unneeded includes.
        * svg/SVGTextPathElement.cpp: Removed unneeded includes.
        (WebCore::SVGTextPathElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGTextPositioningElement.cpp: Removed unneeded includes.
        (WebCore::SVGTextPositioningElement::isSupportedAttribute): Deleted.
        (WebCore::SVGTextPositioningElement::parseAttribute): Don't use isSupportedAttribute.
        (WebCore::SVGTextPositioningElement::svgAttributeChanged): Don't use isSupportedAttribute.
        * svg/SVGTextPositioningElement.h: Removed isSupportedAttribute and made some functions
        private insetad of protected.
        * svg/SVGURIReference.cpp: Removed unneeded includes.
        (WebCore::SVGURIReference::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGURIReference.h:
        (WebCore::SVGURIReference::isExternalURIReference):
        * svg/SVGUseElement.cpp: Removed unneeded includes.
        (WebCore::SVGUseElement::parseAttribute): Don't use isSupportedAttribute.
        * svg/SVGViewElement.h: Removed isSupportedAttribute.
        * svg/animation/SVGSMILElement.cpp: Removed unneeded includes.

2015-03-29  Darin Adler  <darin@apple.com>

        Remove unneeded includes of "Attribute.h"
        https://bugs.webkit.org/show_bug.cgi?id=143195

        Reviewed by Antti Koivisto.

        * css/StyleResolver.cpp:
        * html/HTMLAnchorElement.cpp:
        * html/HTMLAreaElement.cpp:
        * html/HTMLBRElement.cpp:
        * html/HTMLBaseElement.cpp:
        * html/HTMLBodyElement.cpp:
        * html/HTMLButtonElement.cpp:
        * html/HTMLCanvasElement.cpp:
        * html/HTMLDivElement.cpp:
        * html/HTMLElement.cpp:
        * html/HTMLEmbedElement.cpp:
        * html/HTMLFontElement.cpp:
        * html/HTMLFormControlElement.cpp:
        * html/HTMLFormElement.cpp:
        * html/HTMLFrameElement.cpp:
        * html/HTMLFrameElementBase.cpp:
        * html/HTMLFrameSetElement.cpp:
        * html/HTMLHRElement.cpp:
        * html/HTMLIFrameElement.cpp:
        * html/HTMLImageElement.cpp:
        * html/HTMLOListElement.cpp:
        * html/HTMLOptionElement.cpp:
        * html/HTMLParagraphElement.cpp:
        * html/HTMLParamElement.cpp:
        * html/HTMLPlugInElement.cpp:
        * html/HTMLPreElement.cpp:
        * html/HTMLProgressElement.cpp:
        * html/HTMLScriptElement.cpp:
        * html/HTMLSelectElement.cpp:
        * html/HTMLStyleElement.cpp:
        * html/HTMLTableCaptionElement.cpp:
        * html/HTMLTableCellElement.cpp:
        * html/HTMLTableColElement.cpp:
        * html/HTMLTableElement.cpp:
        * html/HTMLTablePartElement.cpp:
        * html/HTMLTextAreaElement.cpp:
        * html/HTMLTextFormControlElement.cpp:
        * html/HTMLUListElement.cpp:
        * html/HTMLVideoElement.cpp:
        * html/parser/HTMLScriptRunner.cpp:
        * inspector/InspectorNodeFinder.cpp:
        Removed includes of "Attribute.h".

2015-03-28  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Update for output device API change
        https://bugs.webkit.org/show_bug.cgi?id=143187

        Reviewed by Zalan Bujtas.

        The API used for output device is being deprecated, update to the replacement.

        * WebCore.xcodeproj/project.pbxproj: Add SPI headers.

        * platform/graphics/MediaPlaybackTarget.h:
        (WebCore::MediaPlaybackTarget::MediaPlaybackTarget): Update for API change.
        (WebCore::MediaPlaybackTarget::setDevicePickerContext):
        (WebCore::MediaPlaybackTarget::devicePickerContext):

        * platform/graphics/avfoundation/MediaPlaybackTargetMac.mm:
        (WebCore::MediaPlaybackTarget::encode):
        (WebCore::MediaPlaybackTarget::decode):

        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.h:
        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
        (WebCore::MediaPlaybackTargetPickerMac::MediaPlaybackTargetPickerMac):
        (WebCore::MediaPlaybackTargetPickerMac::~MediaPlaybackTargetPickerMac):
        (WebCore::MediaPlaybackTargetPickerMac::outputeDeviceAvailabilityChangedTimerFired):
        (WebCore::MediaPlaybackTargetPickerMac::devicePicker):
        (WebCore::MediaPlaybackTargetPickerMac::currentDeviceDidChange):
        (WebCore::MediaPlaybackTargetPickerMac::stopMonitoringPlaybackTargets):
        (-[WebAVOutputDeviceMenuControllerHelper observeValueForKeyPath:ofObject:change:context:]):
        (-[WebAVOutputDevicePickerMenuControllerHelper observeValueForKeyPath:ofObject:change:context:]): Deleted.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::cancelLoad):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setWirelessPlaybackTarget):
        (-[WebCoreAVFMovieObserver observeValueForKeyPath:ofObject:change:context:]):

        * platform/spi/cocoa/AVKitSPI.h: Copied from Source/WebCore/platform/spi/ios/AVKitSPI.h. Moved
            from ios directory, added Mac includes and prototypes.
        * platform/spi/ios/AVKitSPI.h: Removed.

        * platform/spi/mac/AVFoundationSPI.h: Added.

2015-03-28  Simon Fraser  <simon.fraser@apple.com>

        Optimize RenderLayer::intersectsDamageRect() slightly
        https://bugs.webkit.org/show_bug.cgi?id=143186

        Reviewed by Zalan Bujtas.

        We can early return from RenderLayer::intersectsDamageRect() if the
        damageRect is empty, since nothing will intersect with the empty rect.
        
        Slight performance gain when scrolling overflow-scroll with lots of nested,
        clipping layers.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateClipRects):

2015-03-28  Anders Carlsson  <andersca@apple.com>

        Remove an unused SPI method from WebKitLegacy
        https://bugs.webkit.org/show_bug.cgi?id=143185

        Reviewed by Sam Weinig.

        * loader/appcache/ApplicationCacheStorage.cpp:
        (WebCore::ApplicationCacheStorage::storeCopyOfCache): Deleted.
        * loader/appcache/ApplicationCacheStorage.h:

2015-03-28  Joonghun Park  <jh718.park@samsung.com>

        nullptr cleanup in InlineFooBox classes
        https://bugs.webkit.org/show_bug.cgi?id=143178

        Reviewed by Csaba Osztrogonác.

        No new tests, no behavior changes

        Replace 0 with nullptr in InlineFooBox classes.

        * rendering/InlineBox.cpp:
        (WebCore::InlineBox::prevLeafChildIgnoringLineBreak):
        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::removeChild):
        (WebCore::InlineFlowBox::deleteLine):
        (WebCore::InlineFlowBox::placeBoxesInInlineDirection):
        (WebCore::InlineFlowBox::addTextBoxVisualOverflow):
        * rendering/InlineFlowBox.h:
        (WebCore::InlineFlowBox::InlineFlowBox):
        * rendering/InlineTextBox.h:
        (WebCore::InlineTextBox::InlineTextBox):
        * rendering/RootInlineBox.cpp:
        (WebCore::RootInlineBox::getLogicalStartBoxWithNode):
        (WebCore::RootInlineBox::getLogicalEndBoxWithNode):
        * rendering/RootInlineBox.h:
        * rendering/svg/SVGInlineTextBox.cpp:
        (WebCore::SVGInlineTextBox::SVGInlineTextBox):
        (WebCore::SVGInlineTextBox::releasePaintingResource):
        (WebCore::SVGInlineTextBox::restoreGraphicsContextAfterTextPainting):
        * rendering/svg/SVGRootInlineBox.cpp:
        (WebCore::SVGRootInlineBox::closestLeafChildForPosition):
        (WebCore::findFirstAndLastAttributesInVector):
        * rendering/svg/SVGRootInlineBox.h:

2015-03-27  Simon Fraser  <simon.fraser@apple.com>

        More modern loops in RenderLayer.cpp
        https://bugs.webkit.org/show_bug.cgi?id=143175

        Reviewed by Ryosuke Niwa.

        Use modern loops in more places in RenderLayer.app.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::update3DTransformedDescendantStatus):
        (WebCore::RenderLayer::paint):
        (WebCore::performOverlapTests):
        (WebCore::RenderLayer::paintFixedLayersInNamedFlows):
        (WebCore::RenderLayer::paintList):
        (WebCore::RenderLayer::collectFragments):
        (WebCore::RenderLayer::updatePaintingInfoForFragments):
        (WebCore::RenderLayer::paintTransformedLayerIntoFragments):
        (WebCore::RenderLayer::calculateClipRects):

2015-03-27  Simon Fraser  <simon.fraser@apple.com>

        nullptr cleanup in RenderLayer
        https://bugs.webkit.org/show_bug.cgi?id=143174

        Reviewed by Ryosuke Niwa.

        Replace 0 with nullptr in RenderLayer.cpp.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::filterRenderer):
        (WebCore::RenderLayer::updateLayerPositionsAfterLayout):
        (WebCore::RenderLayer::updateLayerPositionsAfterOverflowScroll):
        (WebCore::RenderLayer::positionNewlyCreatedOverflowControls):
        (WebCore::RenderLayer::enclosingOverflowClipLayer):
        (WebCore::RenderLayer::enclosingCompositingLayer):
        (WebCore::RenderLayer::enclosingCompositingLayerForRepaint):
        (WebCore::RenderLayer::enclosingFilterLayer):
        (WebCore::RenderLayer::enclosingFilterRepaintLayer):
        (WebCore::RenderLayer::clippingRootForPainting):
        (WebCore::RenderLayer::transparentPaintingAncestor):
        (WebCore::transparencyClipBox):
        (WebCore::RenderLayer::removeChild):
        (WebCore::RenderLayer::removeOnlyThisLayer):
        (WebCore::RenderLayer::insertOnlyThisLayer):
        (WebCore::accumulateOffsetTowardsAncestor):
        (WebCore::RenderLayer::enclosingScrollableArea):
        (WebCore::RenderLayer::enclosingPaginationLayerInSubtree):
        (WebCore::RenderLayer::enclosingElement):
        (WebCore::RenderLayer::enclosingFlowThreadAncestor):
        (WebCore::RenderLayer::hitTestFixedLayersInNamedFlows):
        (WebCore::RenderLayer::hitTestLayer):
        (WebCore::RenderLayer::hitTestTransformedLayerInFragments):
        (WebCore::RenderLayer::hitTestLayerByApplyingTransform):
        (WebCore::RenderLayer::hitTestList):
        (WebCore::RenderLayer::updateClipRects):
        (WebCore::RenderLayer::clipRects):
        (WebCore::RenderLayer::calculateClipRects):

2015-03-27  Gwang Yoon Hwang  <yoon@igalia.com>

        [TexMap] Seperate BitmapTexture related classes implementations from TextureMapper
        https://bugs.webkit.org/show_bug.cgi?id=142386

        Reviewed by Žan Doberšek.

        TextureMapper and TextureMapperGL are bloated and tightly coupled with
        BitmapTexture. We should move these classes to seperated file of their own.
        Also, this patch removes friend relationship from TextureMapperGL and  its
        subsidiary classes.

        The main purpose of this refactoring is to expose BitmapTexturePool to
        renderers of platformlayers like Video and Canvas. By doing this, each
        renderer can acquire textures from the global texture pool to paint
        their contents directly.

        No new tests needed.

        * PlatformEfl.cmake:
        * PlatformGTK.cmake:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        Include BitmapTextureGL and BitmapTexturePool explicitly

        * platform/graphics/texmap/BitmapTexture.cpp: Added.
        * platform/graphics/texmap/BitmapTexture.h: Added.
        (WebCore::BitmapTexture::updateContents):
        Exclude BitmapTexture class from TextureMapper

        * platform/graphics/texmap/BitmapTextureGL.cpp: Added.
        * platform/graphics/texmap/BitmapTextureGL.h: Added.
        Exclude BitmapTextureGL class from TextureMapperGL
        (WebCore::BitmapTextureGL::clipStack): Added.
        Add the getter for clipStack for TextureMapperGL
        (WebCore::BitmapTextureGL::Bind): Deleted.
        (WebCore::BitmapTextureGL::BindAsSurface): Added.
        Bind used TextureMapperGL's internal data directly to compute projection matrix as a friend class,
        However, TextureMapperGL can compute projection matrix itself after binding job, so this
        friend ship is not needed. Also, this patch renames Bind to BindAsSurface to remove ambiguity.

        * platform/graphics/texmap/BitmapTextureImageBuffer.cpp: Added.
        * platform/graphics/texmap/BitmapTextureImageBuffer.h: Added.
        Exclude BitmapTextureImageBuffer class from TextureMapperImageBuffer

        * platform/graphics/texmap/BitmapTexturePool.cpp: Added.
        * platform/graphics/texmap/BitmapTexturePool.h: Added.
        Exclude BitmapTexturePool class from TextureMapperGL
        (WebCore::BitmapTexturePool::acquireTexture):
        Modified to use passed GraphicsContext3D instead of TextureMapperGL to remove redundant coupling

        * platform/graphics/texmap/TextureMapper.cpp:
        * platform/graphics/texmap/TextureMapper.h:
        Remove BitmapTexturePool and BitmapTexture from its implementation.

        * platform/graphics/texmap/TextureMapperGL.cpp:
        * platform/graphics/texmap/TextureMapperGL.h:
        Remove BitmapTextureGL from its implementation.
        (WebCore::TextureMapperGL::TextureMapperGL):
        (WebCore::TextureMapperGL::clipStack):
        (WebCore::TextureMapperGL::bindSurface):
        (WebCore::TextureMapperGL::currentSurface):
        Add a getter of the current surface for filtering operation in BitmapTextureGL.
        It would be clear to move filtering operation from BitmapTextureGL to TextureMapperGL later.

        (WebCore::TextureMapperGL::ClipStack):
        Move inner class declaration to public.

        * platform/graphics/texmap/TextureMapperImageBuffer.cpp:
        * platform/graphics/texmap/TextureMapperImageBuffer.h:
        Remove BitmapTextureImageBuffer from its implementation.

2015-03-27  Tim Horton  <timothy_horton@apple.com>

        WebProcess started by editable WKWebView spends 15% of its initialization time loading DataDetectors
        https://bugs.webkit.org/show_bug.cgi?id=143142
        <rdar://problem/20324495>

        Reviewed by Anders Carlsson.

        Calling DataDetectorsLibrary() is expensive; we should avoid doing it
        until actually necessary. When loading a page that makes a caret selection,
        ServicesOverlayController was calling DataDetectorsLibrary() (ignoring the fact
        that a caret selection can't have any services associated with it) to avoid
        crashing on systems where DataDetectors is not available. Instead, we should
        first check if there's anything to do, and then check for the existence
        of DataDetectors.

        * page/mac/ServicesOverlayController.mm:
        (WebCore::ServicesOverlayController::buildPhoneNumberHighlights):
        Build the list of phone number ranges, and bail (clearing the potential highlights)
        if it is empty, before calling DataDetectorsLibrary().

        (WebCore::ServicesOverlayController::buildSelectionHighlight):
        Check the list of selection rects, and bail (clearing the potential highlights)
        if it is empty, before calling DataDetectorsLibrary().

2015-03-27  Jer Noble  <jer.noble@apple.com>

        [Mac] Safari fails to fire page "load" event with video[preload=none]
        https://bugs.webkit.org/show_bug.cgi?id=143147

        Reviewed by Simon Fraser.

        Test: media/video-page-load-preload-none.html

        When told to load() when preload == None, set the networkState to Idle.
        This causes HTMLMediaElement to set the shouldDelayLoadEvent flag to
        false, and allows the page's 'load' event to fire.

        Drive-by fix: add setNetworkState() and setReadyState() methods to
        MediaPlayerPrivateAVFoundation, reducing a bunch of code duplication.

        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::load):
        (WebCore::MediaPlayerPrivateAVFoundation::setNetworkState):
        (WebCore::MediaPlayerPrivateAVFoundation::setReadyState):
        (WebCore::MediaPlayerPrivateAVFoundation::updateStates):
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:

2015-03-27  Alexey Proskuryakov  <ap@apple.com>

        Calling crypto.webkitSubtle.generateKey causes page memory to never be released
        https://bugs.webkit.org/show_bug.cgi?id=143151
        rdar://problem/18940687

        Reviewed by Tim Horton.

        * crypto/mac/CryptoKeyRSAMac.cpp: (WebCore::CryptoKeyRSA::generatePair): Don't.

2015-03-27  Brent Fulgham  <bfulgham@apple.com>

        Null dereference in InbandMetadataTextTrack handling
        https://bugs.webkit.org/show_bug.cgi?id=143144
        <rdar://problem/18983250>

        Reviewed by Eric Carlson.

        * platform/graphics/avfoundation/InbandMetadataTextTrackPrivateAVF.cpp:
        (WebCore::InbandMetadataTextTrackPrivateAVF::updatePendingCueEndTimes): Check for null return value from
        'client()', just like we do in all other methods.

2015-03-27  Oliver Hunt  <oliver@apple.com>

        Forward additional CFNetwork ATS information to child processes
        https://bugs.webkit.org/show_bug.cgi?id=143136

        Reviewed by Anders Carlsson.

        Declare SPI.

        * platform/spi/cf/CFNetworkSPI.h:

2015-03-27  Chris Dumez  <cdumez@apple.com>

        [WK2][NetworkCache] We only cache responses with status codes that are cacheable by default
        https://bugs.webkit.org/show_bug.cgi?id=143125
        <rdar://problem/20321172>

        Reviewed by Antti Koivisto.

        Export a couple of extra symbols.

        * platform/network/ResourceResponseBase.h:

2015-03-27  Jer Noble  <jer.noble@apple.com>

        HTMLMediaElement will fire 'seeked' before seek completes, leading to currentTime discontinuities.
        https://bugs.webkit.org/show_bug.cgi?id=143132

        Reviewed by Eric Carlson.

        When seeking, if the ready state rises to >= HAVE_CURRENT_DATA, we will fire the 'seeked'
        event and continue playback. However, if a media engine updates the ready state before its
        seek operation actually completes, the currentTime it returns may still be the time before
        the seek.

        Wait until both the ready state rises to HAVE_CURRENT_DATA and m_player->seeking() returns
        false before firing the 'seeked' event.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):

2015-03-26  Geoffrey Garen  <ggaren@apple.com>

        Make some more objects use FastMalloc
        https://bugs.webkit.org/show_bug.cgi?id=143122

        Reviewed by Csaba Osztrogonác.

        * Modules/geolocation/GeolocationController.h:
        * Modules/geolocation/NavigatorGeolocation.h:
        * Modules/indexeddb/DOMWindowIndexedDatabase.h:
        * Modules/notifications/NotificationController.h:
        * Modules/webdatabase/DatabaseServer.h:
        * css/CSSFontFaceSource.h:
        * html/HTMLMediaSession.h:
        * inspector/InspectorIndexedDBAgent.h:
        * inspector/InspectorReplayAgent.h:
        * page/CaptionUserPreferencesMediaAF.h:
        * page/PageConsoleClient.h:
        * page/PageDebuggable.h:
        * page/animation/CSSPropertyAnimation.cpp:
        * page/mac/ServicesOverlayController.h:
        * platform/RemoteCommandListener.h:
        * platform/Timer.h:
        * platform/audio/MediaSessionManager.h:
        * platform/mac/SystemSleepListenerMac.h:
        * platform/mac/ThemeMac.h:
        * rendering/svg/RenderSVGResourceSolidColor.h:
        * replay/ReplayController.h:

2015-03-27  Said Abou-Hallawa  <sabouhallawa@apple.com>

        FEMorphology::platformApplyGeneric() should bail out if the radius is less than or equal to zero.
        https://bugs.webkit.org/show_bug.cgi?id=142885.

        Reviewed by Dean Jackson.

        FEMorphology class implementation code clean up.
        
        Tests: svg/filters/feMorphology-radius-cases.svg

        * platform/graphics/filters/FEMorphology.cpp:
        (WebCore::shouldSupersedeExtremum): Reuse code instead of repeating it and
        use < and > instead of =< and >=.
        
        (WebCore::pixelArrayIndex): Returns the array index of a pixel in an image
        buffer, given: position(x, y), image width and the color channel.
        
        (WebCore::columnExtremum): Returns the extremum of a column of pixels.
        
        (WebCore::kernelExtremum): Returns the extremum of a filter kernel.
        
        (WebCore::FEMorphology::platformApplyGeneric): Apply some code clean-up.
        The kernel size should be equal to radius of the filter. The extra pixel
        was causing the resulted image to be asymmetric in some cases.
        
        (WebCore::FEMorphology::platformApplyDegenerate):
        (WebCore::FEMorphology::platformApplySoftware): After applying scaling, we
        still need to check the resulted radius is negative (overflow case) or less
        than one (zero radius case) and treat these cases differently.
        
        (WebCore::FEMorphology::morphologyOperator): Deleted.
        (WebCore::FEMorphology::radiusX): Deleted.
        (WebCore::FEMorphology::radiusY): Deleted.
        * platform/graphics/filters/FEMorphology.h:
        (WebCore::FEMorphology::morphologyOperator):
        (WebCore::FEMorphology::radiusX):
        (WebCore::FEMorphology::radiusY):
        Move a single line functions from the source file to the header file.

2015-03-27  Antti Koivisto  <antti@apple.com>

        Move CacheValidation to platform
        https://bugs.webkit.org/show_bug.cgi?id=143133

        Reviewed by Chris Dumez.

        It deals with platform types only and is currently violating layering.

        * WebCore.xcodeproj/project.pbxproj:
        * loader/cache/CacheValidation.cpp: Removed.
        * loader/cache/CacheValidation.h: Removed.
        * platform/network/CacheValidation.cpp: Copied from Source/WebCore/loader/cache/CacheValidation.cpp.
        * platform/network/CacheValidation.h: Copied from Source/WebCore/loader/cache/CacheValidation.h.

2015-03-27  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r177896.
        https://bugs.webkit.org/show_bug.cgi?id=142978

        Loading libgstclutter.so in-process hangs web process
        (Requested by mcatanzaro on #webkit).

        Reverted changeset:

        "[GStreamer] Disable gst-plugin-scanner if seccomp filters are
        enabled"
        https://bugs.webkit.org/show_bug.cgi?id=140069
        http://trac.webkit.org/changeset/177896

2015-03-26  Antti Koivisto  <antti@apple.com>

        Respect cache-control directives in request
        https://bugs.webkit.org/show_bug.cgi?id=143121
        rdar://problem/19714040

        Reviewed by Chris Dumez.

        Test: http/tests/cache/disk-cache/disk-cache-request-headers.html

        * loader/cache/CacheValidation.cpp:
        (WebCore::isCacheHeaderSeparator):
        (WebCore::isControlCharacter):
        (WebCore::trimToNextSeparator):
        (WebCore::parseCacheHeader):
        (WebCore::parseCacheControlDirectives):

            Factor Cache-control parsing here so it can be used for both requests and responses.

        * loader/cache/CacheValidation.h:
        * platform/network/ResourceRequestBase.h:
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::ResourceResponseBase::ResourceResponseBase):
        (WebCore::ResourceResponseBase::parseCacheControlDirectives):
        (WebCore::ResourceResponseBase::cacheControlContainsNoCache):
        (WebCore::ResourceResponseBase::cacheControlContainsNoStore):
        (WebCore::ResourceResponseBase::cacheControlContainsMustRevalidate):
        (WebCore::ResourceResponseBase::cacheControlMaxAge):
        (WebCore::isCacheHeaderSeparator): Deleted.
        (WebCore::isControlCharacter): Deleted.
        (WebCore::trimToNextSeparator): Deleted.
        (WebCore::parseCacheHeader): Deleted.
        * platform/network/ResourceResponseBase.h:

2015-03-27  Víctor Manuel Jáquez Leal  <vjaquez@igalia.com>

        [GStreamer] share GL context in pipeline, part 2
        https://bugs.webkit.org/show_bug.cgi?id=143049

        Reviewed by Carlos Garcia Campos.

        This patch, instead of cluttering the GstGL attributes creation in
        ::handleSyncMessage(), creates a new method ::ensureGstGLContext(),
        where those attributes are defined. This method is guarded by
        USE(GSTREAMER_GL)

        ::handlSyncMessage() shall return nothing, according to GStreamer
        documentation, not a boolean.

        The GstGL attributes are now GRefPtr<> to avoid memory leaks.

        The GstGLAPI and GstGLPlatform are now set given by the pre-processor
        directives, and the code in ::ensureGstGLContext() is simpler.

        No new tests because this is platform specific and it depends in the
        run-time availability and configurations of GstGL elements.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::MediaPlayerPrivateGStreamer):
        Don't initialise the GstGL attributes since are GRefPtr<>
        (WebCore::MediaPlayerPrivateGStreamer::handleSyncMessage): Changed the
        signature to use void instead of gboolean.
        (WebCore::MediaPlayerPrivateGStreamer::ensureGstGLContext): New method.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:

2015-03-26  Jeremy Jones  <jeremyj@apple.com>

        Optimized Fullscreen fails to cleanup because of no longer necessary release of m_playerController in exitFullscreen()
        https://bugs.webkit.org/show_bug.cgi?id=143120

        Reviewed by Eric Carlson.

        We used to release m_playerController in WebVideoFullscreenInterfaceAVKit::exitFullscreen() in order to make sure 
        media state was reset. This is no longer necessary as we now have a way the model can explicitly request resetting the
        media state via resetMediaState(). m_playerController is already released in 
        WebVideoFullscreenInterfaceAVKit::cleanupFullscreenInternal(). Releasing it prematurely can actually prevent the exit
        fullscreen process from completing successfully.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::exitFullscreen):

2015-03-26  Zalan Bujtas  <zalan@apple.com>

        Inline continuation code should not take anonymous containing wrapper granted.
        https://bugs.webkit.org/show_bug.cgi?id=133312

        Reviewed by Dave Hyatt.

        It's wrong to assume that when RenderInline is part of an inline continuation, its containing block
        is an anonymous wrapper and its sibling might be a block level renderer.
        When the inline continuation is no longer needed, for example when the block level renderer that initiated the continuation
        is detached from the render tree, the inline renderes still continue to form continuation.(however they no longer require
        anonymous wrappers)

        Test: fast/inline/crash-when-position-property-is-changed-and-no-longer-in-continuation.html

        * rendering/RenderInline.cpp:
        (WebCore::updateStyleOfAnonymousBlockContinuations):
        (WebCore::RenderInline::styleDidChange):

2015-03-26  Tim Horton  <timothy_horton@apple.com>

        REGRESSION (r181358 and r181507): Lots of sites think that we support touch events on OS X
        https://bugs.webkit.org/show_bug.cgi?id=142888
        <rdar://problem/20227304>

        Reviewed by Beth Dakin.

        * dom/Document.idl:
        * dom/Element.idl:
        * html/HTMLBodyElement.idl:
        * html/HTMLFrameSetElement.idl:
        * page/DOMWindow.idl:
        Re-conditionalize a lot of event listeners; sites test ("ontouchstart" in window), which
        is not covered by NotEnumerable, and so r181358 and r181507 broke a bunch of sites
        (apple.com, blaze.com, anything using nicescroll.js, etc.) by causing them to think
        that (Mac) Safari was touch-enabled.

2015-03-26  Geoffrey Garen  <ggaren@apple.com>

        "lineNo" does not match WebKit coding style guidelines
        https://bugs.webkit.org/show_bug.cgi?id=143119

        Reviewed by Michael Saboff.

        We can afford to use whole words.

        * bindings/js/JSLazyEventListener.cpp:
        (WebCore::JSLazyEventListener::initializeJSFunction):
        * bindings/js/JSMainThreadExecStateInstrumentation.h:
        (WebCore::JSMainThreadExecState::instrumentFunctionCall):
        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::buildObjectForEventListener):
        * testing/Internals.cpp:
        (WebCore::Internals::parserMetaData):

2015-03-26  Roger Fong  <roger_fong@apple.com>

        Apply blur effect to media control background.
        https://bugs.webkit.org/show_bug.cgi?id=143116.
        <rdar://problem/20316964>.

        Reviewed by Brent Fulgham.

        There are still a few issues, like the borders of the controls being blurred with black,
        and the volume slider background not showing the blur effect. Will fix those separately.

        Add CSS for new divs to create blur effect using back drop filters and blend modes.
        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-panel):
        (audio::-webkit-media-controls-panel-tint):
        (audio::-webkit-media-controls-panel-background):
        (audio::-webkit-media-controls-panel .volume-box):
        (audio::-webkit-media-controls-volume-slider-container-background):
        (audio::-webkit-media-controls-volume-slider-container-tint):
        (audio::-webkit-media-controls-toggle-closed-captions-button): Adjust fill.
        (audio::-webkit-media-controls-fullscreen-button): Adjust fill.
        (audio::-webkit-media-controls-fullscreen-button.exit): Adjust fill.
        (video:-webkit-full-screen::-webkit-media-controls-panel):
        (audio:-webkit-full-screen::-webkit-media-controls-panel-tint):
        (audio:-webkit-full-screen::-webkit-media-controls-panel-background):
        (video:-webkit-full-screen::-webkit-media-controls-panel .volume-box):
        (video:-webkit-full-screen::-webkit-media-controls-play-button):
        (video:-webkit-full-screen::-webkit-media-controls-seek-back-button):
        (video:-webkit-full-screen::-webkit-media-controls-seek-forward-button):
        (video:-webkit-full-screen::-webkit-media-controls-timeline-container):
        (video:-webkit-full-screen::-webkit-media-controls-status-display):
        (audio::-webkit-media-controls-panel .volume-box:active): Deleted.
        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.createControls):
        (Controller.prototype.configureInlineControls): Add new divs for blurred background effect.
        (Controller.prototype.configureFullScreenControls): Ditto.
        (Controller.prototype.handlePanelMouseDown): The tint div is now in front.
        (Controller.prototype.drawTimelineBackground): Adjust colors to make border look better with new background.
        (Controller.prototype.drawVolumeBackground): Ditto.

2015-03-26  Geoffrey Garen  <ggaren@apple.com>

        Assertion firing in JavaScriptCore/parser/parser.h for statesman.com site
        https://bugs.webkit.org/show_bug.cgi?id=142974

        Reviewed by Joseph Pecoraro.

        * bindings/js/JSLazyEventListener.cpp:
        (WebCore::JSLazyEventListener::initializeJSFunction): Use the new override
        line number API to guarantee that errors will map to the .html file locations
        that we like.

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::eventHandlerPosition): Added a FIXME to cover
        some cases where our line and column numbers are still nonsense.

2015-03-26  Beth Dakin  <bdakin@apple.com>

        Relevant repainted objects callback is inaccurate and inconsistent for PDF 
        documents
        https://bugs.webkit.org/show_bug.cgi?id=143118
        -and corresponding-
        rdar://problem/13371582

        Reviewed by Tim Horton.

        Investigating this bug resulted in finding two things that should change for the 
        relevant repainted objects heuristic. First, we should not count any objects 
        painted while updating control tints. And secondly, we should not use it at all 
        for plugin documents. In other documents, we count the plugin area as “painted” 
        when we get to paint whether or not the plugin has actually loaded. This is 
        intentional because it allows us to account for chunks of the page that will be 
        filled in by possibly slow-loading ads. However, if the plugin is the whole 
        document, then the heuristic just doesn’t make any sense and it leads to 
        inconsistent behavior at different window sizes. So we’ll only count plugins when 
        the document is not a plugin document. 

        Don’t count objects during this paint!
        * page/FrameView.cpp:
        (WebCore::FrameView::updateControlTints):
        * page/Page.h:
        (WebCore::Page::setIsCountingRelevantRepaintedObjects):

        Make sure the document is not a plugin document.
        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::RenderEmbeddedObject::paint):

2015-03-26  Alex Christensen  <achristensen@webkit.org>

        Progress towards CMake on Mac.
        https://bugs.webkit.org/show_bug.cgi?id=143112

        Reviewed by Chris Dumez.

        * CMakeLists.txt:
        * PlatformEfl.cmake:
        * PlatformGTK.cmake:
        * PlatformMac.cmake:
        * platform/graphics/mac/IconMac.mm:

2015-03-26  Jer Noble  <jer.noble@apple.com>

        [iOS] Accessibility crashing because MediaPlayer is laying out UI off the main thread
        https://bugs.webkit.org/show_bug.cgi?id=142970

        Reviewed by Eric Carlson.

        isMainThread() will (ironically) return true if called from the web thread. Rather than dispatch
        synchronously to the main thread to allocate the _volumeView, dispatch asynchronously and handle
        the case where the MPVolumeView has not yet been created.

        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (-[WebMediaSessionHelper allocateVolumeView]): Dispatch to the main thread to allocate. Move notification
            registration to -setVolumeView:.
        (-[WebMediaSessionHelper setVolumeView:]): Added. Register/Unregister for route availablitiy notifications.
        (-[WebMediaSessionHelper hasWirelessTargetsAvailable]): Handle the possibility of a nil _volumeView.

2015-03-26  Benjamin Poulain  <bpoulain@apple.com>

        Fix state maching debugging after r181964
        https://bugs.webkit.org/show_bug.cgi?id=143082

        Reviewed by Alex Christensen.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):

2015-03-25  David Hyatt  <hyatt@apple.com>

        Improve the offsetWidth/Height layout optimization
        https://bugs.webkit.org/show_bug.cgi?id=143008

        Reviewed by Zalan Bujtas.

        * dom/Document.cpp:
        (WebCore::Document::updateLayoutIfDimensionsOutOfDate):
        * dom/Document.h:
        Change Element* to Element&. Clean up the dimension bits to use shifting. Remove both the inline and
        the positioning restrictions on the optimization check.

        * dom/Element.cpp:
        (WebCore::Element::offsetWidth):
        (WebCore::Element::offsetHeight):
        Change to use Element& instead of Element*.

        (WebCore::Element::clientWidth):
        (WebCore::Element::clientHeight):
        (WebCore::Element::scrollWidth):
        (WebCore::Element::scrollHeight):
        Turn on the optimization for clientWidth/Height and scrollWidth/Height.

2015-03-26  Brady Eidson  <beidson@apple.com>

        Apply ContentExtension actions after redirects.
        <rdar://problem/20062613> and https://bugs.webkit.org/show_bug.cgi?id=143055

        Reviewed by Alex Christensen.

        Tests: http/tests/contentextensions/loading/main-resource-redirect-blocked.php
               http/tests/contentextensions/subresource-redirect-blocked.html

        This patch moves the "run a URL against the content extension" code from CachedResourceLoader to
        the ContentExtensionsBackend.

        That allows it to be shared between the CachedResourceLoader where loads are initiated and 
        ResourceLoader where redirects are handled.

        * contentextensions/ContentExtension.cpp:
        (WebCore::ContentExtensions::ContentExtension::globalDisplayNoneStyleSheet):

        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::processContentExtensionRulesForLoad):
        (WebCore::ContentExtensions::ContentExtensionsBackend::displayNoneCSSRule):
        * contentextensions/ContentExtensionsBackend.h:

        * loader/NetscapePlugInStreamLoader.cpp:
        (WebCore::NetscapePlugInStreamLoader::NetscapePlugInStreamLoader):

        * loader/ResourceLoadInfo.h:

        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::ResourceLoader):
        (WebCore::ResourceLoader::willSendRequest):
        * loader/ResourceLoader.h:

        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::SubresourceLoader):

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):

        * page/UserContentController.cpp:
        (WebCore::UserContentController::processContentExtensionRulesForLoad):
        (WebCore::UserContentController::actionsForResourceLoad): Deleted.
        (WebCore::UserContentController::globalDisplayNoneStyleSheet): Deleted.
        (WebCore::UserContentController::displayNoneCSSRule): Deleted.
        * page/UserContentController.h:

2015-03-26  Myles C. Maxfield  <mmaxfield@apple.com>

        Crash when laying out (char)0
        https://bugs.webkit.org/show_bug.cgi?id=143103

        Reviewed by Dean Jackson.

        We currently cache a character -> Font mapping in a HashMap.
        However, keys in Hashmaps can't be 0. This patch simply skips
        the cache in this case.

        No new tests, for now. I'm having trouble creating a test because
        the site that causes this bug generates their page using script,
        and the script is all minified, and difficult to understand. I
        will contact the owner of the site and ask for and unminified
        version of their sources. However, I don't want to that to block
        this tiny fix from going in.

        * platform/graphics/Font.cpp:
        (WebCore::Font::systemFallbackFontForCharacter):

2015-03-26  Jer Noble  <jer.noble@apple.com>

        [Mac][EME] Crash at com.apple.WebCore: WebCore::CDMSessionMediaSourceAVFObjC::releaseKeys + 177
        https://bugs.webkit.org/show_bug.cgi?id=143080

        Reviewed by Eric Carlson.

        Null-check m_certificate before dereferencing.

        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
        (WebCore::CDMSessionMediaSourceAVFObjC::releaseKeys):

2015-03-26  Chris Fleizach  <cfleizach@apple.com>

        AX: [role="button"][aria-pressed] should be exposed as AXCheckbox:AXToggleButton, with role description of "toggle button"
        https://bugs.webkit.org/show_bug.cgi?id=115298

        Reviewed by Mario Sanchez Prada.

        A role=button + aria-pressed object should be exposed as AXCheckbox on Mac now. It should also convert the
        aria-pressed state into a 0, 1, 2 number value for the Mac.

        Test: platform/mac/accessibility/aria-pressed-button-attributes.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::checkboxOrRadioValue):
        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::isToggleButton):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper additionalAccessibilityAttributeNames]):
        (createAccessibilityRoleMap):
        (-[WebAccessibilityObjectWrapper subrole]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

2015-03-25  Dean Jackson  <dino@apple.com>

        CSS blend modes do not parse when in the shadow tree
        https://bugs.webkit.org/show_bug.cgi?id=143067
        <rdar://problem/20302662>

        Reviewed by Anders Carlson.

        The media controls style sheets are injected as UA stylesheets
        when we come across a <video> or <audio> element. These stylesheets
        have a different parsing context than the document stylesheets -
        one that uses the default constructor, which initializes some
        features like cssCompositingEnabled to false without checking
        the runtime state.

        The easy fix is to use the global state to initialize the context.

        Unfortunately we can't test this since it only occurs in the shadow
        tree.

        * css/CSSParser.cpp:
        (WebCore::CSSParserContext::CSSParserContext): Check the state
        of RuntimeEnabledFeatures to initialize CSS Regions and
        CSS Compositing (Blending).

2015-03-25  Chris Fleizach  <cfleizach@apple.com>

        AX: table cells that use display:block render the table inaccessible to VoiceOver
        https://bugs.webkit.org/show_bug.cgi?id=143007

        Reviewed by Mario Sanchez Prada.

        When display:block is used on a table cell, it was being ignored because it was anonymous.
        This is still a valid scenario however if it's still inside of a valid table.

        Test: accessibility/table-cell-display-block.html

        * accessibility/AccessibilityTableCell.cpp:
        (WebCore::AccessibilityTableCell::computeAccessibilityIsIgnored):

2015-03-25  Tim Horton  <timothy_horton@apple.com>

        Add a preference to prevent "user-scalable=no" from having any effect
        https://bugs.webkit.org/show_bug.cgi?id=143032

        Reviewed by Sam Weinig.

        * page/ViewportConfiguration.cpp:
        (WebCore::ViewportConfiguration::ViewportConfiguration):
        (WebCore::ViewportConfiguration::allowsUserScaling):
        * page/ViewportConfiguration.h:
        (WebCore::ViewportConfiguration::setForceAlwaysUserScalable):
        If forceAlwaysUserScalable is set to true, force "user-scalable=yes".

2015-03-25  Dan Bernstein  <mitz@apple.com>

        Another attempt to get the iOS EWS building again.

        * WebCore.xcodeproj/project.pbxproj:

2015-03-25  Alex Christensen  <achristensen@webkit.org>

        Add case-insensitive checks to DFA bytecode.
        https://bugs.webkit.org/show_bug.cgi?id=142977

        Reviewed by Benjamin Poulain.

        * contentextensions/DFABytecode.h:
        (WebCore::ContentExtensions::instructionSizeWithArguments):
        * contentextensions/DFABytecodeCompiler.cpp:
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitCheckValue):
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitCheckValueRange):
        Add case-insensitive bytecode.
        (WebCore::ContentExtensions::DFABytecodeCompiler::compileNodeTransitions):
        Check to see if case-insensitive bytecodes can be used.
        (WebCore::ContentExtensions::DFABytecodeCompiler::compileCheckForRange):
        * contentextensions/DFABytecodeCompiler.h:
        (WebCore::ContentExtensions::DFABytecodeCompiler::Range::Range):
        Added Range structure to be able to count the ranges in a future patch deciding if we want to use jump tables.
        * contentextensions/DFABytecodeInterpreter.cpp:
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
        Interpret case-insensitive bytecodes.

2015-03-25  Sam Weinig  <sam@webkit.org>

        Address additional review feedback from https://bugs.webkit.org/show_bug.cgi?id=143059.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        * contentextensions/ContentExtensionCompiler.h:
        * contentextensions/ContentExtensionParser.cpp:
        (WebCore::ContentExtensions::getTypeFlags):

2015-03-25  Sam Weinig  <sam@webkit.org>

        [Content Extensions] Convert content extension compiling to return error codes and write its output using a client
        https://bugs.webkit.org/show_bug.cgi?id=143059

        Reviewed by Alex Christensen.

        * WebCore.xcodeproj/project.pbxproj:
        Add ContentExtensionError.h/cpp.

        * contentextensions/ContentExtensionError.cpp: Added.
        (WebCore::ContentExtensions::contentExtensionErrorCategory):
        * contentextensions/ContentExtensionError.h: Added.
        (WebCore::ContentExtensions::make_error_code):
        Add ContentExtensionError enum and std::error_code adaptor.

        * contentextensions/ContentExtensionCompiler.h:
        Instead of returning CompiledContentExtensionData, use a client interface
        to pass data. Eventually, this should be turned into a direct streaming 
        interface so we can write directly to a file.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        * contentextensions/ContentExtensionParser.cpp:
        (WebCore::ContentExtensions::getTypeFlags):
        (WebCore::ContentExtensions::loadTrigger):
        (WebCore::ContentExtensions::loadAction):
        (WebCore::ContentExtensions::loadRule):
        (WebCore::ContentExtensions::loadEncodedRules):
        (WebCore::ContentExtensions::parseRuleList):
        * contentextensions/ContentExtensionParser.h:
        Convert to return an error.

2015-03-25  Beth Dakin  <bdakin@apple.com>

        REGRESSION (r181660): Safari navigates to link after a starting and canceling a 
        force preview
        https://bugs.webkit.org/show_bug.cgi?id=143057
        -and corresponding-
        rdar://problem/20251436

        Reviewed by Tim Horton.

        This patch adds a value for ActionUpdated to the ImmediateActionStage enum. Now if 
        m_immediateActionStage indicates that an immediate action has either begun or 
        completed then we can have the same behavior.
        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleMouseReleaseEvent):
        * page/EventHandler.h:

2015-03-25  Dean Jackson  <dino@apple.com>

        MediaControls: Use font with fixed number width
        https://bugs.webkit.org/show_bug.cgi?id=143018
        <rdar://problem/20245415>

        Reviewed by Eric Carlson.

        Add a new font-family, specific to Apple platforms,
        called -apple-system-font-monospaced-numbers. This is
        a special variant of the system font which uses monospaced
        forms for the number glyphs - allowing a time reading that
        doesn't bounce around as the time changes.

        * Modules/mediacontrols/mediaControlsApple.css: Media controls should
        use the new font.
        (audio::-webkit-media-controls-time-remaining-display):
        * Modules/mediacontrols/mediaControlsiOS.css:
        (audio::-webkit-media-controls-time-remaining-display):

        * platform/graphics/ios/FontCacheIOS.mm: Request a new CTFontRef with
        the appropriate attributes.
        (WebCore::createCTFontWithFamilyNameAndWeight):
        * platform/graphics/mac/FontCacheMac.mm: Ditto, but NSFont.
        (WebCore::fontWithFamily):
        * platform/spi/cocoa/CoreTextSPI.h: Expose the constants for
        the new form so that the public SDK can build.

2015-03-25  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Add multi-DFA compiling and interpreting.
        https://bugs.webkit.org/show_bug.cgi?id=143010

        Reviewed by Benjamin Poulain.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        Compile multiple NFAs to DFAs.
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
        Fixed a bug when there are no non-universal actions.
        We still need to report that no ignore-previous-rules was hit to apply the
        universal actions which are now accessed through DFABytecodeInterpreter::actionsFromDFARoot
        and skipped in DFABytecodeInterpreter::interpret.
        * contentextensions/DFABytecodeCompiler.cpp:
        (WebCore::ContentExtensions::DFABytecodeCompiler::compile):
        Add a header for each DFA.
        * contentextensions/DFABytecodeInterpreter.cpp:
        (WebCore::ContentExtensions::DFABytecodeInterpreter::actionsFromDFARoot):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
        Interpret as many DFAs as there are in the bytecode.

2015-03-25  Per Arne Vollan  <peavo@outlook.com>

        [Win] Illegal character in project file.
        https://bugs.webkit.org/show_bug.cgi?id=143051

        Reviewed by Brent Fulgham.

        There is an illegal character in the WebCore project filter.
        WebCore files are shown unfiltered.

        * WebCore.vcxproj/WebCore.vcxproj.filters:

2015-03-25  David Hyatt  <hyatt@apple.com>

        Add a pref to enable the new block-inside-inline model
        https://bugs.webkit.org/show_bug.cgi?id=143050

        Reviewed by Sam Weinig.

        * page/Settings.in:

2015-03-25  Dan Bernstein  <mitz@apple.com>

        iOS Simulator build fix.

        * platform/spi/cocoa/IOSurfaceSPI.h:

2015-03-25  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r181932.
        https://bugs.webkit.org/show_bug.cgi?id=143041

        The test fails most of the time on bots (Requested by ap on
        #webkit).

        Reverted changeset:

        "[Content Extensions] Add multi-DFA compiling and
        interpreting."
        https://bugs.webkit.org/show_bug.cgi?id=143010
        http://trac.webkit.org/changeset/181932

2015-03-24  Dean Jackson  <dino@apple.com>

        Source/WebCore/rendering/RenderThemeMac.mm:2181:118: error: null passed to a callee that requires a non-null argument [-Werror,-Wnonnull]
        https://bugs.webkit.org/show_bug.cgi?id=143039

        Unreviewed build fix for newer versions of OS X.

        * rendering/RenderThemeMac.mm: Define a null language parameter. This
        seemed better than turning the clang warning off for just that
        function.
        (WebCore::AttachmentLayout::layOutTitle):
        (WebCore::AttachmentLayout::layOutSubtitle):

2015-03-24  Dan Bernstein  <mitz@apple.com>

        Another attempt to fix the build.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/spi/cocoa/QuartzCoreSPI.h:

2015-03-24  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Add multi-DFA compiling and interpreting.
        https://bugs.webkit.org/show_bug.cgi?id=143010

        Reviewed by Benjamin Poulain.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        Compile multiple NFAs to DFAs.
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
        Fixed a bug when there are no non-universal actions.
        We still need to report that no ignore-previous-rules was hit to apply the
        universal actions which are now accessed through DFABytecodeInterpreter::actionsFromDFARoot
        and skipped in DFABytecodeInterpreter::interpret.
        * contentextensions/DFABytecodeCompiler.cpp:
        (WebCore::ContentExtensions::DFABytecodeCompiler::compile):
        Add a header for each DFA.
        * contentextensions/DFABytecodeInterpreter.cpp:
        (WebCore::ContentExtensions::DFABytecodeInterpreter::actionsFromDFARoot):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
        Interpret as many DFAs as there are in the bytecode.

2015-03-24  Dan Bernstein  <mitz@apple.com>

        Tried to fix the EWS build.

        * platform/spi/cocoa/QuartzCoreSPI.h:

2015-03-24  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r181898 and r181909.
        https://bugs.webkit.org/show_bug.cgi?id=143034

        Broke fast/regions/auto-size/autoheight-two-pass-layout-
        complex-002.html (Requested by ap on #webkit).

        Reverted changesets:

        "Improve the offsetWidth/Height layout optimization"
        https://bugs.webkit.org/show_bug.cgi?id=143008
        http://trac.webkit.org/changeset/181898

        "Disable layout dimensions optimization for RenderRegions"
        https://bugs.webkit.org/show_bug.cgi?id=143017
        http://trac.webkit.org/changeset/181909

2015-03-24  Zhuo Li  <zachli@apple.com>

        Scripts running in isolated world should not subject to a page's CSP about 'eval'.
        https://bugs.webkit.org/show_bug.cgi?id=141316.

        Reviewed by Geoffrey Garen.

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::initScript):
        We should not impose the main world Content Security Policy onto the isolated world.

2015-03-24  Chris Dumez  <cdumez@apple.com>

        [Mac] Use .cpp file extension instead of .mm for SharedTimerCF and PowerObserverMac
        https://bugs.webkit.org/show_bug.cgi?id=143026

        Reviewed by Andy Estes.

        Use .cpp file extension instead of .mm for SharedTimerCF and
        PowerObserverMac.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/cf/SharedTimerCF.cpp: Renamed from Source/WebCore/platform/cf/SharedTimerCF.mm.
        (WebCore::timerFired):
        Use WTF::AutodrainedPool instead of @autoreleasepool {}.

        * platform/mac/PowerObserverMac.cpp: Renamed from Source/WebCore/platform/mac/PowerObserverMac.mm.

2015-03-24  Yusuke Suzuki  <utatane.tea@gmail.com>

        REGRESSION (r181458): Heap use-after-free in JSSetIterator destructor
        https://bugs.webkit.org/show_bug.cgi?id=142696

        Reviewed and tweaked by Geoffrey Garen.

        Use JSSetIterator/JSMapIterator to iterate over JSSet and JSMap.

        * ForwardingHeaders/runtime/JSMapIterator.h: Added.
        * ForwardingHeaders/runtime/JSSetIterator.h: Added.
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::serialize):

2015-03-24  Dan Bernstein  <mitz@apple.com>

        Tried to fix the iOS Simulator build.

        * platform/spi/cocoa/QuartzCoreSPI.h:

2015-03-24  Benjamin Poulain  <bpoulain@apple.com>

        Make URL filter patterns matching consistent and add a simple canonicalization step
        https://bugs.webkit.org/show_bug.cgi?id=142998

        Reviewed by Alex Christensen.

        This patch makes two changes to the url filter input:
        -Make the matching "Search" by default, the pattern can now appear anywhere
         in the URL by default.
        -Make the input a little less fragile: do not explode on valid input
         that is not formatted in a certain way.

        To implement the search behavior, I simply add an implict ".*" in front of the patterns
        when that make sense.

        To make the input more solid, we do some little modification on the input:
        -Remove duplicated ".*".
        -Remove matching suffixes that do not bring new information.
        -Unify all the ".*" in the same format.

        Why do that here? That should be done through a graph analysis on the machine.

        The reason is this is incredibly cheap compared to the graph analysis. Any state
        removed upfront will save the handling of several hundred nodes in the deterministic
        graph.

        * contentextensions/URLFilterParser.cpp:
        (WebCore::ContentExtensions::Term::isKnownToMatchAnyString):
        (WebCore::ContentExtensions::Term::isUniversalTransition):
        (WebCore::ContentExtensions::GraphBuilder::finalize):
        (WebCore::ContentExtensions::GraphBuilder::assertionBOL):
        (WebCore::ContentExtensions::GraphBuilder::fail):
        (WebCore::ContentExtensions::GraphBuilder::simplifySunkTerms):

2015-03-24  Chris Dumez  <cdumez@apple.com>

        Regression(r181671): Caused Timer-related crashes on iOS / WK1
        https://bugs.webkit.org/show_bug.cgi?id=143025

        Reviewed by Andy Estes.

        Call CFRunLoopAddTimer() on WebThreadRunLoop() instead of
        CFRunLoopGetCurrent() for iOS, as we did before r181671.

        I inadvertently changed this in r181671 when merging the Mac
        and iOS implementations.

        No new tests, already covered by existing tests.

        * platform/cf/SharedTimerCF.mm:
        (WebCore::setSharedTimerFireInterval):

2015-03-24  Dan Bernstein  <mitz@apple.com>

        WebCore part of <rdar://problem/20282863> Transforms are flattened in snapshots of on-screen WKWebViews
        https://bugs.webkit.org/show_bug.cgi?id=143023

        Reviewed by Tim Horton.

        * platform/spi/cocoa/QuartzCoreSPI.h: Added the declaration of
        CARenderServerRenderLayerWithTransform.

2015-03-24  David Hyatt  <hyatt@apple.com>

        Disable layout dimensions optimization for RenderRegions
        https://bugs.webkit.org/show_bug.cgi?id=143017

        Reviewed by Dean Jackson.

        * dom/Document.cpp:
        (WebCore::Document::updateLayoutIfDimensionsOutOfDate):
        Turn off the optimization for regions, since auto height regions can change size
        without needing a layout.

2015-03-24  Beth Dakin  <bdakin@apple.com>

        Add events related to force click gesture
        https://bugs.webkit.org/show_bug.cgi?id=142836
        -and corresponding-
        rdar://problem/20210239

        Reviewed by Dean Jackson.

        This patch adds six new events for the force click gesture:

        webkitmouseforcewillbegin -> Event is sent just before mousedown to indicate that 
        force can be perceived if the user presses any harder. The author should prevent 
        default on this event to both prevent the user agent’s default force click 
        features and to receive the other 5 events.

        webkitmouseforcechanged -> This event fires whenever force changes between the 
        mousedown and mouseup. It is a new type of mouse event that includes a force 
        variable which is a normalized number between 0 (corresponds to click) and 1 
        (corresponds to force click). In this patch, I have only added code to send this 
        event between mousedown and mouseforcedown, but as a followup patch, we plan to 
        send it through mouseup.

        webkitmouseforcecancelled -> If the user releases their finger from the trackpad 
        after pressing hard enough to send webkitmouseforcewillbegin events but not hard 
        enough to force click, this event will be sent to indicate that the user bailed 
        out on the gesture.

        webkitmouseforcedown -> The down part of the force click.

        webkitmouseforceup -> The up part of the force click. This event is added in this 
        patch, but does not yet fire. That is work for a follow-up patch.

        webkitmouseforceclick -> The equivalent of the click event for the force click. 
        Should fire just after webkitmouseforceup. This event is added in this patch, but 
        does not yet fire. That is work for a follow-up patch.

        Add new files for WebKitMouseForceEvent to build systems.
        * DerivedSources.cpp:
        * DerivedSources.make:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * WebCore.xcodeproj/project.pbxproj:

        Plumbing for new events.
        * dom/Document.idl:

        Code to dispatch the new events. Currently the code that calls these functions is 
        in WebKit2.
        * dom/Element.cpp:
        (WebCore::Element::dispatchMouseForceWillBegin):
        (WebCore::Element::dispatchMouseForceChanged):
        (WebCore::Element::dispatchMouseForceDown):
        (WebCore::Element::dispatchMouseForceUp):
        (WebCore::Element::dispatchMouseForceClick):
        (WebCore::Element::dispatchMouseForceCancelled):
        * dom/Element.h:

        More plumbing.
        * dom/Element.idl:
        * dom/EventNames.h:
        * dom/EventNames.in:

        Our new type of mouse event that includes force.
        * dom/WebKitMouseForceEvent.cpp: Added.
        (WebCore::WebKitMouseForceEventInit::WebKitMouseForceEventInit):
        (WebCore::WebKitMouseForceEvent::WebKitMouseForceEvent):
        (WebCore::WebKitMouseForceEvent::~WebKitMouseForceEvent):
        (WebCore::WebKitMouseForceEvent::eventInterface):
        * dom/WebKitMouseForceEvent.h: Added.
        * dom/WebKitMouseForceEvent.idl: Added.

        More plumbing.
        * html/HTMLAttributeNames.in:
        * html/HTMLBodyElement.cpp:
        (WebCore::HTMLBodyElement::createWindowEventHandlerNameMap):
        * html/HTMLBodyElement.idl:
        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::createEventHandlerNameMap):
        * page/DOMWindow.idl:
        * page/EventHandler.h:
        (WebCore::EventHandler::lastMouseDownEvent):

2015-03-24  Anders Carlsson  <andersca@apple.com>

        Fix designated initializer violations
        https://bugs.webkit.org/show_bug.cgi?id=143016
        rdar://problem/20268858

        Reviewed by Dan Bernstein.

        Mark -[DOMObject init] as unavailable.

        * bindings/objc/DOMObject.h:
        * bindings/objc/DOMObject.mm:
        (-[DOMObject init]):

2015-03-24  Benjamin Poulain  <benjamin@webkit.org>

        CSS Selectors Level 4: enable case-insensitive attribute matching by default
        https://bugs.webkit.org/show_bug.cgi?id=142960

        Reviewed by Andreas Kling.

        All open issues have been resolved, enable the feature by default.

        Test: fast/css/attribute-selector-case-insensitive.html

        * css/CSSGrammar.y.in:

2015-03-24  Dean Jackson  <dino@apple.com>

        MediaControls: Scrubber and Time displays have the incorrect blending
        https://bugs.webkit.org/show_bug.cgi?id=143011
        <rdar://problem/20245251>

        Reviewed by Eric Carlson.

        The scrubber in media controls should use plus-darker blending. Then
        the scrubber itself should use a slightly transparent black (55% opacity)
        when drawing.

        * Modules/mediacontrols/mediaControlsiOS.css:
        (audio::-webkit-media-controls-timeline): Add the blend mode.
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.drawTimelineBackground): Start drawing with
        transparency. I changed the order of rendering to make it
        more clear we draw the three parts in left to right order.

2015-03-24  David Hyatt  <hyatt@apple.com>

        Improve the offsetWidth/Height layout optimization
        https://bugs.webkit.org/show_bug.cgi?id=143008

        Reviewed by Dean Jackson.

        * dom/Document.cpp:
        (WebCore::Document::updateLayoutIfDimensionsOutOfDate):
        * dom/Document.h:
        Change Element* to Element&. Clean up the dimension bits to use shifting. Remove both the inline and
        the positioning restrictions on the optimization check.

        * dom/Element.cpp:
        (WebCore::Element::offsetWidth):
        (WebCore::Element::offsetHeight):
        Change to use Element& instead of Element*.

        (WebCore::Element::clientWidth):
        (WebCore::Element::clientHeight):
        (WebCore::Element::scrollWidth):
        (WebCore::Element::scrollHeight):
        Turn on the optimization for clientWidth/Height and scrollWidth/Height.

2015-03-24  Yoav Weiss  <yoav@yoav.ws>

        Stop image from displaying when src attribute is removed or emptied
        https://bugs.webkit.org/show_bug.cgi?id=142677

        Reviewed by Chris Dumez.

        Previously, we ignored empty attribute as failed URL, and didn't update the
        renderer when an image was removed. This patch fixes that.

        Tests: fast/dom/HTMLImageElement/image-empty-src.html
               fast/dom/HTMLImageElement/image-remove-src.html

        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::updateFromElement):

2015-03-17  Philippe Normand  <pnormand@igalia.com>

        [OpenWebRTC] RealtimeMediaSourceCenter implementation
        https://bugs.webkit.org/show_bug.cgi?id=142476

        Reviewed by Eric Carlson.

        The old GStreamer MediaStreamCenter is replaced by the OpenWebRTC
        RealtimeMediaSourceCenter. It is not yet able to correctly assess
        MediaConstraints so it selects the first audio/video sources
        available through OpenWebRTC.

        * PlatformEfl.cmake: Add new files to the build.
        * PlatformGTK.cmake: Ditto.
        * platform/mediastream/gstreamer/MediaStreamCenterGStreamer.cpp: Removed.
        * platform/mediastream/openwebrtc/OpenWebRTCUtilities.cpp: Added.
        (WebCore::initializeOpenWebRTC): Simple function to initialize the
        framework, it is going to be used by the PeerConnection backend as well.
        * platform/mediastream/openwebrtc/OpenWebRTCUtilities.h: Added.
        * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.cpp: Added.
        (WebCore::mediaSourcesAvailableCallback): Function invoked once
        the media sources discovery succeeded within OpenWebRTC.
        (WebCore::RealtimeMediaSourceCenter::platformCenter): Instantiate
        the OpenWebRTC RealtimeMediaSourceCenter.
        (WebCore::RealtimeMediaSourceCenterOwr::RealtimeMediaSourceCenterOwr):
        (WebCore::RealtimeMediaSourceCenterOwr::~RealtimeMediaSourceCenterOwr):
        (WebCore::RealtimeMediaSourceCenterOwr::validateRequestConstraints):
        Schedule a discovery process for the capture sources.
        (WebCore::RealtimeMediaSourceCenterOwr::createMediaStream): Pick
        the first audio/video sources and create a MediaStream accordingly.
        (WebCore::RealtimeMediaSourceCenterOwr::getMediaStreamTrackSources):
        Not yet implemented.
        (WebCore::RealtimeMediaSourceCenterOwr::mediaSourcesAvailable):
        Method invoked once the capture sources process succeeded. Parse
        them and create an internal cache of RealtimeMediaSources accordingly.
        (WebCore::RealtimeMediaSourceCenterOwr::firstSource): Utility
        function to fetch the first source of the given type from the
        RealtimeMediaSources cache.
        * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.h: Renamed from Source/WebCore/platform/mediastream/gstreamer/MediaStreamCenterGStreamer.h.
        * platform/mediastream/openwebrtc/RealtimeMediaSourceOwr.h: Added.

2015-03-24  Csaba Osztrogonác  <ossy@webkit.org>

        [EFL] Add OpenWebRTC in jhbuild
        https://bugs.webkit.org/show_bug.cgi?id=142778

        Reviewed by Gyuyoung Kim.

        Original patch by Philippe Normand <pnormand@igalia.com>

        * PlatformEfl.cmake: Add OpenWebRTC CFLAGS and LDFLAGS.

2015-03-23 Yoav Weiss  <yoav@yoav.ws>

        Update empty image canvas tests and fix a related bug
        https://bugs.webkit.org/show_bug.cgi?id=142694

        Reviewed by Chris Dumez.

        During the work on https://bugs.webkit.org/show_bug.cgi?id=142677
        we encountered an issue with canvas tests related to empty image handling
        when drawn or used as a pattern. After updating these tests, an issue with
        pattern handling was encountered.

        The spec, as well as Chrome's implementation, say that when an empty image
        is used as a pattern, createPattern should return null. See
        https://html.spec.whatwg.org/multipage/scripting.html#fill-and-stroke-styles:check-the-usability-of-the-image-argument
        Instead, createPattern returned an exception in this case.
        This patch fixes that and makes sure that it returns a null when image loading hasn't started.

        Tests: canvas/philip/tests/2d.drawImage.incomplete.emptysrc.html
               canvas/philip/tests/2d.drawImage.incomplete.nosrc.html
               canvas/philip/tests/2d.drawImage.incomplete.removedsrc.html
               canvas/philip/tests/2d.pattern.image.incomplete.emptysrc.html
               canvas/philip/tests/2d.pattern.image.incomplete.removedsrc.html

        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::createPattern): Return "null" if image is not fully decodeable.

2015-03-23  Alex Christensen  <achristensen@webkit.org>

        Fix api tests after r181876.

        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
        Always append a CSSDisplayNoneStyleSheet action if no ignore-previous-rules is seen.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):
        Changed an assertion to a null check.

2015-03-23  Dean Jackson  <dino@apple.com>

        Timelines are sharing the same canvas background
        https://bugs.webkit.org/show_bug.cgi?id=142994
        <rdar://problem/20209466>

        Reviewed by Brent Fulgham.

        Since each MediaControl lives in an isolated world, we
        can't rely on a global variable to provide a unique
        identifier for a named canvas. The fix is to expose
        WebCore's UUID generator, and have each canvas use
        that for a name.

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::generateUUID): New method on the
        MediaControlsHost that generates a UUID.
        * Modules/mediacontrols/MediaControlsHost.h:
        * Modules/mediacontrols/MediaControlsHost.idl:

        * Modules/mediacontrols/mediaControlsApple.js: Remove the global
        variable unique ID that wasn't working, and instead get
        an ID from the MediaControlsHost.
        (Controller.prototype.createControls):
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS):

2015-03-23  Brent Fulgham  <bfulgham@apple.com>

        Scroll latching logic can get stuck in 'scrollable="no"' iframes
        https://bugs.webkit.org/show_bug.cgi?id=142789
        <rdar://problem/20129494>

        Reviewed by Dean Jackson.

        Clean up the EventHandler and latching code as follows:
        (1) Do not handle iframe elements as part of the normal latching logic. Instead, iframes should
            be evaluated during the 'platformCompleteWheelEvent' phase of processing as top-level scrolling
            frames.
        (2) Get rid of the ill-conceived notation that we should process non-mainframe and main-frame frames
            different.
        (3) Modify code to reflect that the scroll latching code really deals with overflow scrolling. Consequently,
            the 'findEnclosingScrollableContainer' was renamed to 'findEnclosingOverflowScroll' and does not
            treat iframe as a suitable target.
        (4) Do not create a latching state object when the container being evaluated is already scrolled to the
            extreme position in the direction of the mouse gesture. In this case, we want the enclosing frame
            to be the latching target.
        (5) Do not treat the state where the mouse wheel gesture has ended manual scrolling, but has not ended
            momentum scrolling, as an appropriate time to select a latching target.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::platformCompleteWheelEvent): Modify signature to remove unneeded argument.
        (WebCore::EventHandler::handleWheelEvent): Modify call to 'platformCompleteWheelEvent' to remove unused argument.
        * page/EventHandler.h:
        * page/mac/EventHandlerMac.mm:
        (WebCore::findEnclosingOverflowScroll): Renamed from 'findEnclosingScrollableContainer' and revised per the
        notes above.
        (WebCore::EventHandler::platformPrepareForWheelEvents): Remove mainFrame vs. non-mainFrame code paths and
        consolidate logic.
        (WebCore::EventHandler::platformCompleteWheelEvent): Remove unused argument. The wheel event target is no
        longer needed here, now that iframes are not processed by this code.
        (WebCore::findEnclosingScrollableContainer): Deleted.
        * page/scrolling/ScrollLatchingState.cpp:
        (WebCore::ScrollLatchingState::setPreviousWheelScrolledElement:) Switch to move operator for passing
        a temporary RefPtr to the the function.
        * page/scrolling/ScrollLatchingState.h:
        * platform/PlatformWheelEvent.h:
        (WebCore::PlatformWheelEvent::useLatchedEventElement): Recognize 'phase=ended, momentum=none' as a state
        that should not cause latching state to be revised.

2015-03-23  Anders Carlsson  <andersca@apple.com>

        Try to fix the iOS build.

        * platform/network/mac/CookieJarMac.mm:

2015-03-23  Brady Eidson  <beidson@apple.com>

        Content extensions should apply css selectors
        https://bugs.webkit.org/show_bug.cgi?id=142604

        Reviewed by Alex Christensen.

        Tests: http/tests/contentextensions/css-display-none.html

        * WebCore.xcodeproj/project.pbxproj:

        * contentextensions/ContentExtension.cpp:
        (WebCore::ContentExtensions::ContentExtension::create):
        (WebCore::ContentExtensions::ContentExtension::ContentExtension):
        (WebCore::ContentExtensions::ContentExtension::globalDisplayNoneStyleSheet):
        * contentextensions/ContentExtension.h:
        (WebCore::ContentExtensions::ContentExtension::identifier):
        (WebCore::ContentExtensions::ContentExtension::compiledExtension):

        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::addContentExtension):
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
        (WebCore::ContentExtensions::ContentExtensionsBackend::globalDisplayNoneStyleSheet):
        * contentextensions/ContentExtensionsBackend.h:

        * contentextensions/DFABytecodeInterpreter.cpp:
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):

        * dom/DocumentStyleSheetCollection.cpp:
        (WebCore::DocumentStyleSheetCollection::maybeAddContentExtensionSheet):
        * dom/DocumentStyleSheetCollection.h:

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::commitData):
        (WebCore::DocumentLoader::startLoadingMainResource):
        (WebCore::DocumentLoader::addPendingContentExtensionSheet):
        * loader/DocumentLoader.h:

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):

        * loader/cache/CachedResourceRequest.cpp:
        (WebCore::CachedResourceRequest::setInitiator):
        * loader/cache/CachedResourceRequest.h:
        (WebCore::CachedResourceRequest::initiatingDocumentLoader):

        * page/UserContentController.cpp:
        (WebCore::UserContentController::globalDisplayNoneStyleSheet):
        (WebCore::UserContentController::displayNoneCSSRule):
        * page/UserContentController.h:

2015-03-23  Anders Carlsson  <andersca@apple.com>

        -[_WKWebsiteDataStore removeDataOfTypes:modifiedSince:completionHandler:] doesn't remove cookies
        https://bugs.webkit.org/show_bug.cgi?id=142990
        rdar://problem/20241645

        Reviewed by Andreas Kling.

        Use the Mac version of deleteAllCookiesModifiedSince on iOS as well.

        * platform/network/cf/CookieJarCFNet.cpp:
        * platform/network/mac/CookieJarMac.mm:

2015-03-23  Conrad Shultz  <conrad_shultz@apple.com>

        Replace uses of kCTFontSystemFontType
        https://bugs.webkit.org/show_bug.cgi?id=142984

        Reviewed by Tim Horton.

        * rendering/RenderThemeMac.mm:
        (WebCore::AttachmentLayout::layOutTitle):
        (WebCore::AttachmentLayout::layOutSubtitle):

2015-03-23  Dean Jackson  <dino@apple.com>

        kCTFontSystemFontType is deprecated in CoreText
        https://bugs.webkit.org/show_bug.cgi?id=142981
        <rdar://problem/20261171>

        Reviewed by Beth Dakin.

        Update to the non-deprecated version.

        * rendering/RenderThemeIOS.mm: kCTFontSystemFontType -> kCTFontUIFontSystem
        (WebCore::RenderThemeIOS::updateCachedSystemFontDescription):

2015-03-23  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Enable fullscreen for MSE-based videos
        https://bugs.webkit.org/show_bug.cgi?id=142971

        Reviewed by Jer Noble.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::supportsFullscreen): Return true;

2015-03-23  Alex Christensen  <achristensen@webkit.org>

        [MediaFoundation] Implement seek.
        https://bugs.webkit.org/show_bug.cgi?id=142594

        Reviewed by Darin Adler.

        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::seeking):
        (WebCore::MediaPlayerPrivateMediaFoundation::seekDouble):
        (WebCore::MediaPlayerPrivateMediaFoundation::durationDouble):
        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.h:

2015-03-23  Dan Bernstein  <mitz@apple.com>

        Fixed the build.

        * platform/graphics/cocoa/FontCocoa.mm:
        (WebCore::Font::platformBoundsForGlyph): Switched to non-deprecated CTFontOrientation values.
        (WebCore::Font::platformWidthForGlyph): Ditto.

2015-03-23  Jer Noble  <jer.noble@apple.com>

        [iOS] Accessibility crashing because MediaPlayer is laying out UI off the main thread
        https://bugs.webkit.org/show_bug.cgi?id=142970

        Reviewed by Eric Carlson.

        Return early after synchronously calling to the main thread to allocate the volume
        view, to avoid re-allocating the volume view again on the web thread.

        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (-[WebMediaSessionHelper allocateVolumeView]):

2015-03-23  Tim Horton  <timothy_horton@apple.com>

        Add a share item to the link action menu
        https://bugs.webkit.org/show_bug.cgi?id=142961
        <rdar://problem/19198374>

        Reviewed by Beth Dakin.

        * English.lproj/Localizable.strings:
        Remove some now-unused strings.

        * platform/spi/mac/NSMenuSPI.h:
        Add some SPI.

2015-03-23  David Kilzer  <ddkilzer@apple.com>

        [iOS] Build fix: CoreText deprecated kCTFontSystemFontType

        Fix tracked by:  <rdar://problem/20261171>

        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::updateCachedSystemFontDescription):
        Add clang pragmas.

2015-03-23  Brent Fulgham  <bfulgham@apple.com>

        Unreviewed test fix.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseScrollSnapDestination): Remove new assertion.

2015-03-23  Brent Fulgham  <bfulgham@apple.com>

        scroll-snap-destination and scroll-snap-coordinate do not seem to work together properly
        https://bugs.webkit.org/show_bug.cgi?id=142552
        <rdar://problem/20114743>

        Reviewed by Dean Jackson.

        Revise the snap point logic as follows:
        (1) Put the snap point destination handling in a helper function to make the rest of the code
            easier to read.
        (2) Make sure we always have a left-hand snap point (i.e., position 0), but don't add multiple
            left-hand snap points.
        (3) Create a helper function to determine if we should be working with the scroll snap 'elements'
            behavior. We want to use this for scroll-snap-destination/scroll-snap-coordinate markup.
        (4) Create per-element snap point offsets when using scroll-snap-destination/scroll-snap-coordinate.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseScrollSnapDestination): Add assertion to try to catch bad parser state.
        * page/scrolling/AxisScrollSnapOffsets.cpp:
        (WebCore::destinationOffsetForViewSize): Added helper function to consolidate logic for handling
        destination coordinates.
        (WebCore::updateFromStyle): Make sure a left-hand snap point is always provided.
        (WebCore::styleUsesElements): Added helper function.
        (WebCore::updateSnapOffsetsForScrollableArea): Revise logic to generate 'per-element' snap point
        offsets.

2015-03-23  Yoav Weiss  <yoav@yoav.ws>

        Refactor ImageLoader's setting of CachedImage
        https://bugs.webkit.org/show_bug.cgi?id=142825

        Reviewed by Chris Dumez.

        No new tests, since there's no functional change.

        setImage and setImageWithoutConsideringPendingLoadEvent were not called with new
        CachedImages and were not used as originally intended. That resulted in some dead code,
        and confusion when going over the code.
        This patch renames these methods into equivalent clearImage* methods, and deletes resulting dead code.

        * html/HTMLObjectElement.cpp:
        (WebCore::HTMLObjectElement::renderFallbackContent): Changed setImage call to clearImage.
        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::clearImage):
        (WebCore::ImageLoader::clearImageWithoutConsideringPendingLoadEvent):
        (WebCore::ImageLoader::notifyFinished):
        (WebCore::ImageLoader::elementDidMoveToNewDocument):
        (WebCore::ImageLoader::setImage): Deleted.
        (WebCore::ImageLoader::setImageWithoutConsideringPendingLoadEvent): Deleted.
        * loader/ImageLoader.h:

2015-03-22  Benjamin Poulain  <benjamin@webkit.org>

        CSS Selectors: fix attribute case-insensitive matching of Contain and List
        https://bugs.webkit.org/show_bug.cgi?id=142932

        Reviewed by Darin Adler.

        Fix the last two attribute selectors that were using full case-insensitive
        match:
            -Contain ([foo*=bar]).
            -List (foo~=bar]).

        Tests: fast/selectors/attribute-contains-value-matching-is-ascii-case-insensitive.html
               fast/selectors/attribute-list-value-matching-is-ascii-case-insensitive.html

        * css/SelectorChecker.cpp:
        (WebCore::attributeValueMatches):
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::attributeValueContains):
        (WebCore::SelectorCompiler::attributeValueSpaceSeparetedListContains):

2015-03-22  Benjamin Poulain  <bpoulain@apple.com>

        Detect when url filter pattern with groups match the empty string
        https://bugs.webkit.org/show_bug.cgi?id=142930

        Reviewed by Sam Weinig.

        The previous test was only accounting for simple atoms. This patch extends
        it to groups.

        * contentextensions/URLFilterParser.cpp:
        (WebCore::ContentExtensions::Term::quantify):
        (WebCore::ContentExtensions::Term::matchesAtLeastOneCharacter):
        (WebCore::ContentExtensions::GraphBuilder::finalize):
        (WebCore::ContentExtensions::Term::quantifier): Deleted.

2015-03-22  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Enable WIRELESS_PLAYBACK_TARGET for WK1
        https://bugs.webkit.org/show_bug.cgi?id=142940

        Reviewed by Sam Weinig.

        * dom/Document.cpp:
        (WebCore::Document::didChoosePlaybackTarget): const-ify the didChoosePlaybackTarget argument.
        * dom/Document.h:

        * html/HTMLMediaSession.cpp:
        (WebCore::HTMLMediaSession::didChoosePlaybackTarget): Ditto.
        * html/HTMLMediaSession.h:

        * page/Page.cpp:
        (WebCore::Page::didChoosePlaybackTarget):  Ditto.
        * page/Page.h:

        * platform/audio/MediaSession.h:
        * platform/graphics/MediaPlaybackTargetPickerClient.h:
        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm: 
        (WebCore::MediaPlaybackTargetPickerMac::devicePicker):  Ditto.

2015-03-22  Anders Carlsson  <andersca@apple.com>

        _WKWebsiteDataStore should clear WebSQL databases
        https://bugs.webkit.org/show_bug.cgi?id=142947

        Reviewed by Sam Weinig.

        * Modules/webdatabase/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::trackerWithDatabasePath):
        Add a hack so we can get at a tracker from the UI process.

        (WebCore::DatabaseTracker::deleteDatabasesModifiedSince):
        New function that deletes all databases modified after a given time.

        * Modules/webdatabase/DatabaseTracker.h:
        Add new members and export the ones we want to call from WebKit2.

        * Modules/webdatabase/OriginLock.h:
        Export the destructor.

2015-03-21  Dean Jackson  <dino@apple.com>

        Remove the prefix for CSS Transforms
        https://bugs.webkit.org/show_bug.cgi?id=142927
        <rdar://problem/11568151>

        Reviewed by Simon Fraser.

        Support the bare form of:
        - transform
        - transform-style
        - transform-origin
        - perspective
        - perspective-origin

        For transform-style, we also still differentiate the prefixed property
        because we may want to use that as an indicator of legacy content.

        This is mostly a find and replace, but with some related naming
        changes. The DOM interface for WebKitCSSTransformValue remains
        unchanged.

        Tests: transforms/2d/transform-2d-prefixed.html
               transforms/3d/general/prefixed-3dtransform-values.html

        * bindings/js/JSCSSStyleDeclarationCustom.cpp:
        (WebCore::propertyChangeMayRepaintNonDescendants):
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::isLayoutDependent):
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSParser.cpp:
        (WebCore::isValidKeywordPropertyAndValue):
        (WebCore::isKeywordPropertyID):
        (WebCore::parseTranslateTransformValue):
        (WebCore::CSSParser::parseValue):
        (WebCore::CSSParser::parseTransformOrigin):
        (WebCore::CSSParser::parsePerspectiveOrigin):
        * css/CSSPropertyNames.in:
        * css/StyleProperties.cpp:
        (WebCore::StyleProperties::getPropertyValue):
        (WebCore::StyleProperties::asText):
        * css/WebKitCSSMatrix.cpp:
        (WebCore::WebKitCSSMatrix::setMatrixValue):
        * html/track/VTTCue.cpp:
        (WebCore::VTTCueBox::applyCSSProperties):
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::computeExtentOfAnimation):
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::PropertyWrapperAcceleratedTransform::PropertyWrapperAcceleratedTransform):
        (WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):
        * page/animation/CompositeAnimation.cpp:
        (WebCore::CompositeAnimation::computeExtentOfTransformAnimation):
        * page/animation/ImplicitAnimation.cpp:
        (WebCore::ImplicitAnimation::computeExtentOfTransformAnimation):
        * page/animation/KeyframeAnimation.cpp:
        (WebCore::KeyframeAnimation::computeExtentOfTransformAnimation):
        (WebCore::KeyframeAnimation::validateTransformFunctionList):
        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::validateTransformOperations):
        * platform/graphics/GraphicsLayerClient.h:
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::propertyIdToString):
        (WebCore::GraphicsLayerCA::moveOrCopyAnimations):
        (WebCore::GraphicsLayerCA::addAnimation):
        (WebCore::GraphicsLayerCA::isRunningTransformAnimation):
        (WebCore::GraphicsLayerCA::createAnimationFromKeyframes):
        (WebCore::GraphicsLayerCA::createTransformAnimationsFromKeyframes):
        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::addAnimation):
        * platform/graphics/texmap/TextureMapperAnimation.cpp:
        (WebCore::TextureMapperAnimation::applyInternal):
        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::syncAnimations):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::selfOrAncestorHasActiveTransformAnimation):
        (WebCore::CoordinatedGraphicsLayer::selfOrAncestorHaveNonAffineTransforms):
        (WebCore::CoordinatedGraphicsLayer::addAnimation):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateGeometry):
        (WebCore::RenderLayerBacking::startAnimation):
        (WebCore::RenderLayerBacking::startTransition):
        (WebCore::RenderLayerBacking::graphicsLayerToCSSProperty):
        (WebCore::RenderLayerBacking::cssToGraphicsLayerProperty):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::requiresCompositingForAnimation):
        (WebCore::RenderLayerCompositor::isRunningTransformAnimation):
        * svg/SVGElement.cpp:
        (WebCore::populateAttributeNameToCSSPropertyIDMap):

2015-03-21  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r181824.
        https://bugs.webkit.org/show_bug.cgi?id=142935

        Broke Windows build (Requested by ap on #webkit).

        Reverted changeset:

        "Remove the prefix for CSS Transforms"
        https://bugs.webkit.org/show_bug.cgi?id=142927
        http://trac.webkit.org/changeset/181824

2015-03-20  Dean Jackson  <dino@apple.com>

        Remove the prefix for CSS Transforms
        https://bugs.webkit.org/show_bug.cgi?id=142927
        <rdar://problem/11568151>

        Reviewed by Simon Fraser.

        Support the bare form of:
        - transform
        - transform-style
        - transform-origin
        - perspective
        - perspective-origin

        For transform-style, we also still differentiate the prefixed property
        because we may want to use that as an indicator of legacy content.

        This is mostly a find and replace, but with some related naming
        changes. The DOM interface for WebKitCSSTransformValue remains
        unchanged.

        Tests: transforms/2d/transform-2d-prefixed.html
               transforms/3d/general/prefixed-3dtransform-values.html

        * bindings/js/JSCSSStyleDeclarationCustom.cpp:
        (WebCore::propertyChangeMayRepaintNonDescendants):
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::isLayoutDependent):
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSParser.cpp:
        (WebCore::isValidKeywordPropertyAndValue):
        (WebCore::isKeywordPropertyID):
        (WebCore::parseTranslateTransformValue):
        (WebCore::CSSParser::parseValue):
        (WebCore::CSSParser::parseTransformOrigin):
        (WebCore::CSSParser::parsePerspectiveOrigin):
        * css/CSSPropertyNames.in:
        * css/StyleProperties.cpp:
        (WebCore::StyleProperties::getPropertyValue):
        (WebCore::StyleProperties::asText):
        * css/WebKitCSSMatrix.cpp:
        (WebCore::WebKitCSSMatrix::setMatrixValue):
        * html/track/VTTCue.cpp:
        (WebCore::VTTCueBox::applyCSSProperties):
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::computeExtentOfAnimation):
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::PropertyWrapperAcceleratedTransform::PropertyWrapperAcceleratedTransform):
        (WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):
        * page/animation/CompositeAnimation.cpp:
        (WebCore::CompositeAnimation::computeExtentOfTransformAnimation):
        * page/animation/ImplicitAnimation.cpp:
        (WebCore::ImplicitAnimation::computeExtentOfTransformAnimation):
        * page/animation/KeyframeAnimation.cpp:
        (WebCore::KeyframeAnimation::computeExtentOfTransformAnimation):
        (WebCore::KeyframeAnimation::validateTransformFunctionList):
        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::validateTransformOperations):
        * platform/graphics/GraphicsLayerClient.h:
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::propertyIdToString):
        (WebCore::GraphicsLayerCA::moveOrCopyAnimations):
        (WebCore::GraphicsLayerCA::addAnimation):
        (WebCore::GraphicsLayerCA::isRunningTransformAnimation):
        (WebCore::GraphicsLayerCA::createAnimationFromKeyframes):
        (WebCore::GraphicsLayerCA::createTransformAnimationsFromKeyframes):
        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::addAnimation):
        * platform/graphics/texmap/TextureMapperAnimation.cpp:
        (WebCore::TextureMapperAnimation::applyInternal):
        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::syncAnimations):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::selfOrAncestorHasActiveTransformAnimation):
        (WebCore::CoordinatedGraphicsLayer::selfOrAncestorHaveNonAffineTransforms):
        (WebCore::CoordinatedGraphicsLayer::addAnimation):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateGeometry):
        (WebCore::RenderLayerBacking::startAnimation):
        (WebCore::RenderLayerBacking::startTransition):
        (WebCore::RenderLayerBacking::graphicsLayerToCSSProperty):
        (WebCore::RenderLayerBacking::cssToGraphicsLayerProperty):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::requiresCompositingForAnimation):
        (WebCore::RenderLayerCompositor::isRunningTransformAnimation):
        * svg/SVGElement.cpp:
        (WebCore::populateAttributeNameToCSSPropertyIDMap):

2015-03-20  Yusuke Suzuki  <utatane.tea@gmail.com>

        REGRESSION (r179429): Potential Use after free in JavaScriptCore`WTF::StringImpl::ref + 83
        https://bugs.webkit.org/show_bug.cgi?id=142410

        Reviewed by Geoffrey Garen.

        The same issues are found in the existing code; PropertyName does not have ownership.
        This patch rewrite the point that should have ownership to Identifier.

        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::getOwnPropertySlotByIndex):
        (WebCore::JSDOMWindow::putByIndex):
        * bindings/js/ReadableStreamJSSource.cpp:
        (WebCore::getInternalSlotFromObject):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
        (WebCore::JSTestCustomNamedGetter::getOwnPropertySlotByIndex):
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::JSTestEventTarget::getOwnPropertySlotByIndex):
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        (WebCore::JSTestInterface::putByIndex):

2015-03-20  Simon Fraser  <simon.fraser@apple.com>

        Log the slow-scrolling reasons (if any) on first commit of a ScrollingTreeFrameScrollingNodeMac
        https://bugs.webkit.org/show_bug.cgi?id=142917

        Reviewed by Beth Dakin.
        
        The scrollperf test would fail to detect transitions between slow and fast scrolling
        for new pages, because there was no logging when slow-scrolling scrolling tree was
        torn down, and a new fast-scrolling tree constructed.
        
        Fix by always logging the slow-scrolling reasons in the first update of the
        ScrollingTreeFrameScrollingNodeMac, even when the slow-scrolling reasons haven't
        changed.

        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::ScrollingTreeFrameScrollingNodeMac):
        (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren):

2015-03-19  Geoffrey Garen  <ggaren@apple.com>

        Function.prototype.toString should not decompile the AST
        https://bugs.webkit.org/show_bug.cgi?id=142853

        Reviewed by Sam Weinig.

        * bindings/js/JSLazyEventListener.cpp:
        (WebCore::JSLazyEventListener::initializeJSFunction): Adjust the line
        number of attribute event listeners to account for the leading newline
        now added by JavaScriptCore.

        This solution is not perfect, but there are a lot of pre-existing problems
        with line and column reporting for attribute event listeners, and this
        preserves existing behavior with reasonable reliability.

2015-03-20  Alex Christensen  <achristensen@webkit.org>

        Progress towards CMake on Mac.
        https://bugs.webkit.org/show_bug.cgi?id=136003

        Reviewed by Chris Dumez.

        * PlatformMac.cmake:
        Added some directories to create forwarding headers from.
        Generate ObjC bindings.

2015-03-20  Per Arne Vollan  <peavo@outlook.com>

        [WinCairo] Crash when leaving page while video is playing.
        https://bugs.webkit.org/show_bug.cgi?id=142578

        Reviewed by Alex Christensen.

        This can happen when there is an asynchronous event invoked from a video worker
        thread, accessing the media player object after it has been deleted.
        This is solved by resetting the media player pointer in the event object,
        when the media player is deleted.

        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::~MediaPlayerPrivateMediaFoundation):
        (WebCore::MediaPlayerPrivateMediaFoundation::addListener):
        (WebCore::MediaPlayerPrivateMediaFoundation::removeListener):
        (WebCore::MediaPlayerPrivateMediaFoundation::notifyDeleted):
        (WebCore::MediaPlayerPrivateMediaFoundation::AsyncCallback::AsyncCallback):
        (WebCore::MediaPlayerPrivateMediaFoundation::AsyncCallback::~AsyncCallback):
        (WebCore::MediaPlayerPrivateMediaFoundation::AsyncCallback::Invoke):
        (WebCore::MediaPlayerPrivateMediaFoundation::AsyncCallback::onMediaPlayerDeleted):
        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.h:
        (WebCore::MediaPlayerPrivateMediaFoundation::MediaPlayerListener::MediaPlayerListener):
        (WebCore::MediaPlayerPrivateMediaFoundation::MediaPlayerListener::~MediaPlayerListener):
        (WebCore::MediaPlayerPrivateMediaFoundation::MediaPlayerListener::onMediaPlayerDeleted):

2015-03-20  Chris Dumez  <cdumez@apple.com>

        Regression(r181782): Caused WebKit2.RestoreSessionStateContainingFormData API test to crash
        https://bugs.webkit.org/show_bug.cgi?id=142911

        Reviewed by Antti Koivisto.

        Drop the isBackForwardLoadType(m_loadType) assertion in
        FrameLoader::retryAfterFailedCacheOnlyMainResourceLoad(). This assertion
        used to hold true when goToBackForwardItem() was only called with
        history navigation load types. However, after r181782, we use a Standard
        load in the cases where we do not wish to display stale content (e.g.
        restoring session state).

        The assertion comment says "We only use cache-only loads to avoid
        resubmitting forms". However, we then call loadDifferentDocumentItem()
        which already takes care of using the ReturnCacheDataElseLoad cache
        policy as the HistoryItem has form data and we pass
        MayNotAttemptCacheOnlyLoadForFormSubmissionItem as parameter.

        No new tests, covered by WebKit2.RestoreSessionStateContainingFormData
        API test.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::retryAfterFailedCacheOnlyMainResourceLoad):

2015-03-20  Andy Estes  <aestes@apple.com>

        [Content Filtering] Adopt NEFilterSource unblock handling
        https://bugs.webkit.org/show_bug.cgi?id=142904

        Reviewed by Andreas Kling.

        * platform/cocoa/NetworkExtensionContentFilter.mm:
        (WebCore::NetworkExtensionContentFilter::unblockHandler):
        Returned an unblock handler that calls -[NEFilterSource remediateWithDecisionHandler:].
        * platform/cocoa/ParentalControlsContentFilter.mm:
        (WebCore::ParentalControlsContentFilter::unblockHandler): Used ASCIILiteral.

2015-03-19  Andy Estes  <aestes@apple.com>

        [Content Filtering] Add tests for unblock requests
        https://bugs.webkit.org/show_bug.cgi?id=142900

        Reviewed by Andreas Kling.

        Currently the iOS Parental Controls content filter has a mechanism for requesting that a page be unblocked.
        WebKit implements this by listening for navigations originating from the filter's error page to a special URL,
        and requesting the page be unblocked via platform API, which might cause UI to be displayed. If the unblock is
        successful then we schedule a reload of the frame in order to display the unblocked document.

        NetworkExtension also supports unblock requests, so in preparation for adopting its API, this patch allows
        content filters to specify their own unblock request method, teaches MockContentFilter to provide such a method,
        and writes tests to cover both allowed and denied unblock requests.

        The content filter that blocks a load creates a ContentFilterUnblockHandler, passing it a lambda that is executed
        when a navigation matches the filter's special unblock URL. Filters can also specify that a script be executed in
        the context of its error page if the unblock is denied.

        All platform content filters can handle unblock requests like this with the exception of iOS Parental Controls in WebKit2.
        Since UI can be displayed by the system in this case, the request must be made from within the UI process. Therefore the
        existing method is retained of serializing a WebFilterEvaluator and intercepting navigation policy calls in the UI process.

        Tests: contentfiltering/allow-after-unblock-request.html
               contentfiltering/block-after-unblock-request.html

        * bindings/js/JSMockContentFilterSettingsCustom.cpp:
        (WebCore::JSMockContentFilterSettings::decisionPoint): Added some using statements for clarity.
        (WebCore::JSMockContentFilterSettings::setDecisionPoint): Ditto.
        (WebCore::toJSValue): Returns a JSValue from a Decision.
        (WebCore::toDecision): Returns a Decision from a JSValue.
        (WebCore::JSMockContentFilterSettings::decision): Used toJSValue.
        (WebCore::JSMockContentFilterSettings::setDecision): Used toDecision.
        (WebCore::JSMockContentFilterSettings::unblockRequestDecision): Used toJSValue.
        (WebCore::JSMockContentFilterSettings::setUnblockRequestDecision): Used toDecision.
        * loader/ContentFilter.cpp:
        (WebCore::ContentFilter::createIfNeeded): Passed a reference to the owning DocumentLoader.
        (WebCore::ContentFilter::ContentFilter): Ditto.
        (WebCore::ContentFilter::unblockHandler): If the unblockHandler requests that a script be executed when an
        unblock request is denied, create a wrapper unblockHandler that executes that script in m_documentLoader's frame.
        * loader/ContentFilter.h:
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::responseReceived): Passed this to ContentFilter::createIfNeeded.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::prepareForLoadStart): Called PolicyChecker::prepareForLoadStart.
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::prepareForLoadStart): Reset m_contentFilterUnblockHandler.
        (WebCore::PolicyChecker::checkNavigationPolicy): Moved logic to here from WebKit1's WebFrameLoaderClient.
        Placing it here allows it to be shared between WebKit1 and WebKit2 (when the unblock handler does not need to
        be called in the UI process).
        * loader/PolicyChecker.h:
        (WebCore::PolicyChecker::setContentFilterUnblockHandler): Added.
        * page/Frame.h: Made Frame ThreadSafeRefCounted, since RefPtr<Frames> are captured in lambdas that can be
        copied by background threads managed by the underlying platform.
        * platform/ContentFilterUnblockHandler.h:
        (WebCore::ContentFilterUnblockHandler::unblockURLScheme): Returned the Apple content filter scheme.
        (WebCore::ContentFilterUnblockHandler::unblockURLHost): Returned the unblock URL host.
        (WebCore::ContentFilterUnblockHandler::clear): Deleted.
        * platform/PlatformContentFilter.h:
        (WebCore::PlatformContentFilter::unblockRequestDeniedScript): Returned the unblock request denied script.
        * platform/cocoa/ContentFilterUnblockHandlerCocoa.mm:
        (WebCore::ContentFilterUnblockHandler::ContentFilterUnblockHandler): Added a constructor that takes an
        unblockURLHost and a UnblockRequesterFunction. Added an alternate constructor for iOS Parental Controls on
        WebKit2 that takes an unblockURLHost and a WebFilterEvaluator.
        (WebCore::ContentFilterUnblockHandler::needsUIProcess): Returned true if m_webFilterEvaluator is non-null.
        (WebCore::ContentFilterUnblockHandler::encode): Encoded m_unblockURLHost in addition to m_webFilterEvaluator.
        (WebCore::ContentFilterUnblockHandler::decode): Decoded m_unblockURLHost in addition to m_webFilterEvaluator.
        (WebCore::ContentFilterUnblockHandler::canHandleRequest): Returned true if there is a either a m_unblockRequester
        or a m_webFilterEvaluator and the request's host and scheme match those of the unblock request URL.
        (WebCore::dispatchToMainThread): Added a helper to dispatch a block to the main thread. Then if the web thread
        is enabled on iOS, dispatch it there.
        (WebCore::ContentFilterUnblockHandler::requestUnblockAsync): Renamed from handleUnblockRequestAndDispatchIfSuccessful.
        Requested an unblock using either m_unblockRequester or m_webFilterEvaluator, then called decisionHandler with the response.
        (WebCore::scheme): Moved to ContentFilterUnblockHandler::unblockURLScheme.
        (WebCore::ContentFilterUnblockHandler::handleUnblockRequestAndDispatchIfSuccessful): Renamed to requestUnblockAsync.
        * platform/cocoa/ParentalControlsContentFilter.mm:
        (WebCore::ParentalControlsContentFilter::unblockHandler): Returned an unblock handler using the WebFilterEvaluator constructor.
        * testing/MockContentFilter.cpp: Added using statments for clarity.
        (WebCore::settings): Added a helper to get MockContentFilterSettings::singleton().
        (WebCore::MockContentFilter::canHandleResponse): Used the helper.
        (WebCore::MockContentFilter::MockContentFilter): Took advantage of the using statements.
        (WebCore::MockContentFilter::addData): Ditto.
        (WebCore::MockContentFilter::finishedAddingData): Ditto.
        (WebCore::MockContentFilter::unblockHandler): Returned a ContentFilterUnblockHandler that checks settings() for its decision.
        (WebCore::MockContentFilter::unblockRequestDeniedScript): Returned the script to execute in MockContentFilter's
        error page when an unblock request is denied.
        (WebCore::MockContentFilter::maybeDetermineStatus): Took advantage of settings() and using statements.
        * testing/MockContentFilterSettings.cpp:
        (WebCore::MockContentFilterSettings::unblockRequestURL): Constructed a static unblock URL and returned it.
        * testing/MockContentFilterSettings.h:
        (WebCore::MockContentFilterSettings::unblockURLHost): Returned the filter's unblock URL host.
        (WebCore::MockContentFilterSettings::unblockRequestDecision): Returns the decision to make for an unblock request.
        (WebCore::MockContentFilterSettings::setUnblockRequestDecision): Sets the decision to make for an unblock request.
        * testing/MockContentFilterSettings.idl: Added the unblockRequestDecision and unblockRequestURL attributes.

2015-03-20  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Crash due to empty drag image during drag-and-drop
        https://bugs.webkit.org/show_bug.cgi?id=142671

        Reviewed by Philippe Normand.

        Return early from ImageBuffer constructor if an empty size is
        given. This is a speculative fix for a crash while starting a drag
        and drop operation, that I haven't been able to reproduce.

        * platform/graphics/cairo/ImageBufferCairo.cpp:
        (WebCore::ImageBuffer::ImageBuffer):

2015-03-19  Chris Dumez  <cdumez@apple.com>

        [WK2] We should allow stale content when restoring a killed / crashed WebProcess
        https://bugs.webkit.org/show_bug.cgi?id=142893
        <rdar://problem/19633737>
        <rdar://problem/19869257>

        Reviewed by Antti Koivisto.

        Always use ReturnCacheDataElseLoad cache policy for history navigations.
        Previously, we would use the default protocol cache policy for history
        navigations if m_stateMachine.committedFirstRealDocumentLoad() returned
        false so that we do not display stale content when restoring the session
        state of Safari statup (rdar://problem/8131355). This is now handled
        before reaching this method by no longer using "IndexedBackForward"
        FrameLoadType when restoring session tabs, and using "Standard" load
        type instead.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadDifferentDocumentItem):

2015-03-19  Andy Estes  <aestes@apple.com>

        [Content Filtering] Move ContentFilter to from platform/ to loader/
        https://bugs.webkit.org/show_bug.cgi?id=142897

        Reviewed by Dan Bernstein.

        ContentFilterCollection never contained any platform code, so it doesn't make sense for it to be in platform.
        Move it to loader/, since ContentFilters are owned by DocumentLoaders, and just call it ContentFilter. Extract
        the abstract part of ContentFilter into a new base class called PlatformContentFilter that each of the
        individual filters inherit from.

        * WebCore.xcodeproj/project.pbxproj:
        * loader/ContentFilter.cpp: Renamed from Source/WebCore/platform/ContentFilter.cpp.
        (WebCore::ContentFilter::types): Moved from ContentFilterCollection.
        (WebCore::ContentFilter::createIfNeeded): Ditto.
        (WebCore::ContentFilter::ContentFilter): Ditto.
        (WebCore::ContentFilter::addData): Ditto.
        (WebCore::ContentFilter::finishedAddingData): Ditto.
        (WebCore::ContentFilter::needsMoreData): Ditto.
        (WebCore::ContentFilter::didBlockData): Ditto.
        (WebCore::ContentFilter::getReplacementData): Ditto.
        (WebCore::ContentFilter::unblockHandler): Ditto.
        * loader/ContentFilter.h: Copied from Source/WebCore/platform/ContentFilter.h.
        (WebCore::ContentFilter::type): Replaced a use of ContentFilterCollection.
        * platform/PlatformContentFilter.h: Renamed from Source/WebCore/platform/ContentFilter.h.
        * platform/cocoa/NetworkExtensionContentFilter.h: Inherited from PlatformContentFilter.
        * platform/cocoa/ParentalControlsContentFilter.h: Ditto.
        * testing/MockContentFilter.h: Ditto.

2015-03-19  Dean Jackson  <dino@apple.com>

        CSS Animations with triggers should map scroll position to duration
        https://bugs.webkit.org/show_bug.cgi?id=142870
        <rdar://problem/20227244>

        Reviewed by Simon Fraser.

        Expose a prototype implementation of what will eventually be called
        animation-timebase, mapping the scroll location to the duration of an
        animation. This only applies if the animation has a start and end
        trigger.

        Test: animations/trigger-container-scroll-boundaries.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::createAnimationTriggerValue): Change to downcast.

        * css/CSSToStyleMap.cpp:
        (WebCore::CSSToStyleMap::mapAnimationTrigger): Fix a bug where I wasn't
        telling the ScrollAnimationTrigger object whether or not it had
        an end value. This wasn't visible before because we were not using
        the end value.

        * page/animation/AnimationBase.cpp:
        (WebCore::AnimationBase::fireAnimationEventsIfNeeded): Add a comment and
        change to using a downcast.
        (WebCore::AnimationBase::timeToNextService): Change to downcast.
        (WebCore::AnimationBase::freezeAtTime): Whitespace cleanup.
        (WebCore::AnimationBase::getElapsedTime): Calculate the elapsedTime based
        on the scroll position relative to the start and end trigger spots.

        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::updateAnimations): Since this
        can potentially call into beginAnimationUpdateTime, it should have
        an update blocker. This fixes the assert we were seeing in tests.
        (WebCore::AnimationControllerPrivate::scrollWasUpdated): Keep track of the scroll
        position so we don't need to ask for it all the time.
        * page/animation/AnimationControllerPrivate.h:
        (WebCore::AnimationControllerPrivate::scrollPosition): New accessor.

        * platform/animation/AnimationTrigger.h: Add downcast macros.
        (WebCore::ScrollAnimationTrigger::create): Calculate hasEndValue from the passed
        parameters rather than a separate value.
        (WebCore::ScrollAnimationTrigger::hasEndValue):
        (WebCore::ScrollAnimationTrigger::ScrollAnimationTrigger):
        (WebCore::ScrollAnimationTrigger::setHasEndValue): Deleted.

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::animationCanBeAccelerated): If we have an
        animation of this sort, we can't use a CAAnimation.

2015-03-19  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Move MediaPlaybackTargetPicker
        https://bugs.webkit.org/show_bug.cgi?id=142889

        Move WebMediaPlaybackTargetPickerProxy from WK2 and rename as MediaPlaybackTargetPicker so it
        can be used by both WK2 and WK1.

        Reviewed by Tim Horton.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/MediaPlaybackTargetPicker.cpp: Copied from Source/WebKit2/UIProcess/WebMediaPlaybackTargetPickerProxy.cpp.
        * platform/graphics/MediaPlaybackTargetPicker.h: Copied from Source/WebKit2/UIProcess/WebMediaPlaybackTargetPickerProxy.h.
        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.h: Copied from Source/WebKit2/UIProcess/mac/WebMediaPlaybackTargetPickerProxyMac.h.
        * platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm: Copied from Source/WebKit2/UIProcess/mac/WebMediaPlaybackTargetPickerProxyMac.mm.

2015-03-19  Enrica Casucci  <enrica@apple.com>

        REGRESSION (r109593): Clicking after last inline element could cause a crash.
        https://bugs.webkit.org/show_bug.cgi?id=142880
        rdar://problem/17222294

        Reviewed by Ryosuke Niwa.

        Test: editing/selection/click-after-last-inline-crash.html

        * rendering/RootInlineBox.cpp:
        (WebCore::RootInlineBox::closestLeafChildForLogicalLeftPosition):

2015-03-19  Enrica Casucci  <enrica@apple.com>

        One more build fix after r181760.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleDrag):

2015-03-19  Jessie Berlin  <jberlin@webkit.org>

        Build fix after r181760.

        * rendering/RenderAttachment.h:

2015-03-19  Jer Noble  <jer.noble@apple.com>

        [WK2][Mac] Fullscreen animations with mismatched aspect ratios are "squished".
        https://bugs.webkit.org/show_bug.cgi?id=142132

        Reviewed by Tim Horton.

        Add a new utility method to calculate a rect with a specific aspect ratio wrapping a smaller one.

        * platform/graphics/GeometryUtilities.cpp:
        (WebCore::smallestRectWithAspectRatioAroundRect):
        * platform/graphics/GeometryUtilities.h:

2015-03-19  Chris Dumez  <cdumez@apple.com>

        Get rid of "CachePolicyCache" cache policy
        https://bugs.webkit.org/show_bug.cgi?id=142881

        Reviewed by Antti Koivisto.

        Get rid of "CachePolicyCache" cache policy as it is unused.

        * loader/cache/CachePolicy.h:
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::mustRevalidateDueToCacheHeaders):
        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::mustRevalidateIsExpiredKey): Deleted.
        * page/DiagnosticLoggingKeys.h:

2015-03-19  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Test regular expression parse failures.
        https://bugs.webkit.org/show_bug.cgi?id=142872

        Reviewed by Benjamin Poulain.

        * contentextensions/URLFilterParser.cpp:
        (WebCore::ContentExtensions::GraphBuilder::finalize):
        (WebCore::ContentExtensions::GraphBuilder::quantifyAtom):
        (WebCore::ContentExtensions::URLFilterParser::addPattern):
        (WebCore::ContentExtensions::URLFilterParser::statusString):
        * contentextensions/URLFilterParser.h:
        Changed failures that can never happen to assertions.

2015-03-19  Enrica Casucci  <enrica@apple.com>

        Release build fix after https://trac.webkit.org/r181760.

        Unreviewed.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleDrag):

2015-03-19  Enrica Casucci  <enrica@apple.com>

        <attachment> should put URLs on the pasteboard so that Finder can accept drops.
        https://bugs.webkit.org/show_bug.cgi?id=142801
        rdar://problem/19982527

        Reviewed by Tim Horton.

        Test: editing/pasteboard/drag-and-drop-attachment-contenteditable.html

        This patch adds all the necessary support to write attachment elements into
        the pasteboard, including the promised type.

        * WebCore.xcodeproj/project.pbxproj:
        * page/DragActions.h:
        * page/DragClient.h:
        (WebCore::DragClient::declareAndWriteAttachment):
        * page/DragController.cpp:
        (WebCore::DragController::draggableElement):
        (WebCore::DragController::startDrag):
        * page/DragController.h:
        (WebCore::DragController::draggingAttachmentURL):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::dragHysteresisExceeded):
        (WebCore::EventHandler::handleDrag):
        * page/mac/DragControllerMac.mm:
        (WebCore::DragController::declareAndWriteAttachment):
        * page/win/DragControllerWin.cpp:
        (WebCore::DragController::declareAndWriteAttachment):
        * platform/URL.cpp:
        (WebCore::URL::fileURLWithFileSystemPath):
        * platform/URL.h:
        * rendering/HitTestResult.cpp:
        (WebCore::HitTestResult::absoluteAttachmentURL):
        * rendering/HitTestResult.h:

2015-03-19  Chris Dumez  <cdumez@apple.com>

        Unreviewed, fix linking error after r181753.

        Drop WEBCORE_EXPORT for Settings::minimumDOMTimerInterval() as it is
        now inlined.

        * page/Settings.h:
        (WebCore::Settings::minimumDOMTimerInterval):

2015-03-19  Brady Eidson  <beidson@apple.com>

        Part of content extensions should apply css selectors
        https://bugs.webkit.org/show_bug.cgi?id=142604

        Reviewed by Alex Christensen.

        Add a new action for applying the cached global stylesheet.

        * contentextensions/CompiledContentExtension.cpp:
        (WebCore::ContentExtensions::CompiledContentExtension::globalDisplayNoneSelectors):

        * contentextensions/ContentExtensionActions.h:

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::serializeActions):

        * contentextensions/ContentExtensionParser.cpp:
        (WebCore::ContentExtensions::loadAction):

        * contentextensions/ContentExtensionRule.cpp:
        (WebCore::ContentExtensions::Action::deserialize):
        * contentextensions/ContentExtensionRule.h:
        (WebCore::ContentExtensions::Action::Action):
        (WebCore::ContentExtensions::Action::operator==):
        (WebCore::ContentExtensions::Action::stringArgument):
        (WebCore::ContentExtensions::Action::cssSelector): Deleted.

        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):

2015-03-19  Chris Dumez  <cdumez@apple.com>

        Clean up DOMTimer related settings
        https://bugs.webkit.org/show_bug.cgi?id=142837

        Reviewed by Darin Adler.

        Clean up DOMTimer related settings:
        - Make default minimum timer interval 4ms instead of 10ms as all ports
          were setting it to 4ms and the specifications says 4ms.
        - Get rid of setters for default DOMTimer interval values as they are
          not set anymore.
        - Move default DOMTimer interval values from Settings to DOMTimer as
          those are global (not per-page) and not really settings.
        - Stop using abbreviations in the names (e.g. min -> minimum).
        - Move DOMTimer settings members from Page to Settings. There is no
          reason for those to be stored on the Page. The getters were private
          so call-sites had to go via Settings anyway. Also, call-sites already
          had to do a null check on the page to get the settings. It seems
          unfortunate for the settings to do another null-check on the page for
          retrieving the setting value from the page.
        - Inline the DOMTimer settings getters as these are trivial.

        * dom/Document.cpp:
        (WebCore::Document::minimumTimerInterval):
        (WebCore::Document::timerAlignmentInterval):
        * dom/ScriptExecutionContext.cpp:
        (WebCore::ScriptExecutionContext::minimumTimerInterval):
        (WebCore::ScriptExecutionContext::timerAlignmentInterval):
        * page/DOMTimer.h:
        * page/Page.cpp:
        (WebCore::Page::Page):
        (WebCore::Page::setTimerThrottlingEnabled):
        (WebCore::Page::setMinimumTimerInterval): Deleted.
        (WebCore::Page::minimumTimerInterval): Deleted.
        * page/Page.h:
        (WebCore::Page::timerAlignmentInterval): Deleted.
        * page/Settings.cpp:
        (WebCore::Settings::Settings):
        (WebCore::Settings::setMinimumDOMTimerInterval):
        (WebCore::Settings::setDOMTimerAlignmentInterval):
        (WebCore::Settings::setHiddenPageDOMTimerAlignmentInterval): Deleted.
        (WebCore::Settings::hiddenPageDOMTimerAlignmentInterval): Deleted.
        (WebCore::Settings::setDefaultMinDOMTimerInterval): Deleted.
        (WebCore::Settings::defaultMinDOMTimerInterval): Deleted.
        (WebCore::Settings::setMinDOMTimerInterval): Deleted.
        (WebCore::Settings::minDOMTimerInterval): Deleted.
        (WebCore::Settings::setDefaultDOMTimerAlignmentInterval): Deleted.
        (WebCore::Settings::defaultDOMTimerAlignmentInterval): Deleted.
        (WebCore::Settings::domTimerAlignmentInterval): Deleted.
        * page/Settings.h:
        (WebCore::Settings::minimumDOMTimerInterval):
        (WebCore::Settings::domTimerAlignmentInterval):
        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::Backup::Backup):
        (WebCore::InternalSettings::Backup::restoreTo):
        (WebCore::InternalSettings::setMinimumTimerInterval):

2015-03-19  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Scrollbars look bad with GTK+ 3.16
        https://bugs.webkit.org/show_bug.cgi?id=140800

        Reviewed by Sergio Villar Senin.

        Take margin into account when rendering scrollbars. This fixes the
        huge scrollbars rendered with GTK+ 3.16. We don't need to check
        the GTK+ version because in previous versions the marging were 0,
        so the same code just works.

        * platform/gtk/ScrollbarThemeGtk.cpp:
        (WebCore::adjustRectAccordingToMargin):
        (WebCore::ScrollbarThemeGtk::paintTrackBackground):
        (WebCore::ScrollbarThemeGtk::paintThumb):

2015-03-19  Xabier Rodriguez Calvar <calvaris@igalia.com> and Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] Update ReadableStream API according new version of the specification
        https://bugs.webkit.org/show_bug.cgi?id=142822

        Reviewed by Benjamin Poulain.

        This patch updates the IDL of ReadableStream according the new version of the spec, which splits functionality between ReadableStream and ReadableStreamReader.
        In particular, this patch removes read(), ready, closed and state from ReadableStream and it adds the getReader method.

        Covered by updated readablestream-constructor.html test.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::ReadableStream):
        (WebCore::ReadableStream::state): Deleted.
        (WebCore::ReadableStream::closed): Deleted.
        (WebCore::ReadableStream::ready): Deleted.
        * Modules/streams/ReadableStream.h:
        (WebCore::ReadableStream::internalState): Added to make mac build system happy, to be used by ReadableStreamReader.
        * Modules/streams/ReadableStream.idl:
        * bindings/js/JSReadableStreamCustom.cpp:
        (WebCore::JSReadableStream::cancel):
        (WebCore::JSReadableStream::getReader):
        (WebCore::JSReadableStream::read): Deleted.
        (WebCore::getOrCreatePromiseDeferredFromObject): Deleted.
        (WebCore::readyPromiseSlotName): Deleted.
        (WebCore::JSReadableStream::ready): Deleted.
        (WebCore::closedPromiseSlotName): Deleted.
        (WebCore::JSReadableStream::closed): Deleted.

2015-03-18  Manuel Rego Casasnovas  <rego@igalia.com>

        Unreviewed. GTK build fix after r181720.

        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::styleDidChange):

2015-03-18  Antti Koivisto  <antti@apple.com>

        Test disk cache behavior when using back navigation cache policy
        https://bugs.webkit.org/show_bug.cgi?id=142848

        Reviewed by Chris Dumez.

        Add a way to override the normal cache policy so we can test reload behavior of cache without actually reloading.

        Test: http/tests/cache/disk-cache-validation-back-navigation-policy.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::addExtraFieldsToRequest):
        * loader/FrameLoader.h:
        (WebCore::FrameLoader::setOverrideCachePolicyForTesting):
        * testing/Internals.cpp:
        (WebCore::Internals::setOverrideCachePolicy):
        * testing/Internals.h:
        * testing/Internals.idl:

2015-03-18  Yusuke Suzuki  <utatane.tea@gmail.com>

        TextFragment#start() is always >= 0 since its type is unsigned
        https://bugs.webkit.org/show_bug.cgi?id=142860

        Reviewed by Andreas Kling.

        Since TextFragment::m_start is unsigned, the result of
        TextFragment::start() is always >= 0 and assertion is not effective.
        This patch removes this assertion to suppress warnings.

        * rendering/SimpleLineLayoutTextFragmentIterator.cpp:
        (WebCore::SimpleLineLayout::TextFragmentIterator::revertToFragment):

2015-03-18  Alex Christensen  <achristensen@webkit.org>

        [ContentExtensions] Prepare for compiling stylesheets of selectors to be used on every page.
        https://bugs.webkit.org/show_bug.cgi?id=142799

        Reviewed by Brady Eidson.

        * WebCore.xcodeproj/project.pbxproj:
        Make private headers to use with API tests.
        * contentextensions/CompiledContentExtension.cpp:
        (WebCore::ContentExtensions::CompiledContentExtension::globalDisplayNoneSelectors):
        * contentextensions/CompiledContentExtension.h:
        Added method to get only the selectors from the root of the DFA, which apply to all URLs.
        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        Added checking if the trigger will match everything.
        These actions can be put directly on the root of the DFA without adding extra epsilon transitions to the NFA.
        * contentextensions/DFA.h:
        (WebCore::ContentExtensions::DFA::nodeAt):
        * contentextensions/DFABytecodeInterpreter.cpp:
        (WebCore::ContentExtensions::DFABytecodeInterpreter::actionsFromDFARoot):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
        * contentextensions/DFABytecodeInterpreter.h:
        * contentextensions/NFA.h:
        * contentextensions/URLFilterParser.cpp:
        (WebCore::ContentExtensions::Term::quantifier):
        Sink terms to a vector then add nodes to NFA when finalizing after checking for regexes that match everything.
        (WebCore::ContentExtensions::GraphBuilder::GraphBuilder):
        (WebCore::ContentExtensions::GraphBuilder::finalize):
        (WebCore::ContentExtensions::GraphBuilder::parseStatus):
        (WebCore::ContentExtensions::GraphBuilder::atomPatternCharacter):
        (WebCore::ContentExtensions::GraphBuilder::atomBuiltInCharacterClass):
        (WebCore::ContentExtensions::GraphBuilder::quantifyAtom):
        (WebCore::ContentExtensions::GraphBuilder::atomBackReference):
        (WebCore::ContentExtensions::GraphBuilder::assertionBOL):
        (WebCore::ContentExtensions::GraphBuilder::assertionWordBoundary):
        (WebCore::ContentExtensions::GraphBuilder::atomCharacterClassAtom):
        (WebCore::ContentExtensions::GraphBuilder::atomCharacterClassRange):
        (WebCore::ContentExtensions::GraphBuilder::atomCharacterClassBuiltIn):
        (WebCore::ContentExtensions::GraphBuilder::atomParentheticalAssertionBegin):
        (WebCore::ContentExtensions::GraphBuilder::disjunction):
        (WebCore::ContentExtensions::GraphBuilder::hasError):
        (WebCore::ContentExtensions::GraphBuilder::fail):
        (WebCore::ContentExtensions::GraphBuilder::sinkFloatingTermIfNecessary):
        (WebCore::ContentExtensions::URLFilterParser::addPattern):
        (WebCore::ContentExtensions::URLFilterParser::statusString):
        (WebCore::ContentExtensions::GraphBuilder::errorMessage): Deleted.
        * contentextensions/URLFilterParser.h:
        Use an enum instead of strings for the status to avoid checking strings when we have a regex that matches everything.

2015-03-18  Yusuke Suzuki  <utatane.tea@gmail.com>

        Fix build failure due to FALLTHROUGH in unreachable code
        https://bugs.webkit.org/show_bug.cgi?id=142703

        Reviewed by Benjamin Poulain.

        FALLTHROUGH should not exist in unreachable code marked by
        ASSERT_NOT_REACHABLE.

        When !ENABLE(CSS_SELECTOR_JIT) and Debug mode is enabled,
        both ASSERT_NOT_REACHED and FALLTHROUGH are instantiated
        and it cause build failure.

        Here, since CompiledSingle/CompiledSingleWithRootFilter are
        not set when !ENABLE(CSS_SELECTOR_JIT). So dropping FALLTHROUGH
        and leave ASSERT_NOT_REACHED.
        And since ASSERT_NOT_ReACHED is stripped when Release build,
        I've inserted FALLTHROUGH() if ASSERT_DISABLED.
        This fix is the same to r162906.

        * dom/SelectorQuery.cpp:
        (WebCore::SelectorDataList::execute):

2015-03-18  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Switching between two SVG images with no intrinsic sizes causes them to get the default SVG size instead of the container size.
        https://bugs.webkit.org/show_bug.cgi?id=142805.

        Reviewed by Darin Adler.
        
        The bug happens due to wrong logic in RenderImage::imageDimensionsChanged().
        This function decides to setNeedsLayout() if the intrinsic size of the image
        changes. If the size does not change, it only repaints the image rectangle.
        When switching the src of the an image between two SVG images and both of
        them have no intrinsic size, we do not updateInnerContentRect() and this
        means an SVGImageForContainer is not going to be created for this image.
        When the image is drawn, it is drawn directly from the SVGImage. And this
        means the drawing has to be scaled by container_size / SVG_default_intrinsic_size
        
        After figuring out that I need to updateInnerContentRect() to fix this bug,
        I found out Blink has already changed this code to do the same thing. But 
        they also did more clean-up in this function. Here is the link
        https://codereview.chromium.org/114323004. I think their change seems correct
        although they did not say what exactly they were trying to fix.
        
        The plan for repaintOrMarkForLayout(), which is the new name of this function,
        is the following:
            -- setNeedLayout() if the intrinsic size changes and it affects the size
               of the image.
            -- updateInnerContentRect() if the intrinsic size did not change but the
               image has exiting layout.
            -- repaint the image rectangle if layout is not needed.
            
        This change also removes the call to computeLogicalWidthInRegion(), which is
        almost running a layout for the image. This call figures out whether the image
        needs to setNeedsLayout(). This call is unnecessary; the image needs to run a
        layout if the intrinsic size has changed and it affects the size of the image.
                    
        Test: svg/as-image/svg-no-intrinsic-size-switching.html

        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::styleDidChange): Change the function call.
        (WebCore::RenderImage::imageChanged): Rename local variable and change the
        function call.
        
        (WebCore::RenderImage::updateIntrinsicSizeIfNeeded): Simplify this function.
        Call setIntrinsicSize() with the new size unless the image is in error state.
        
        (WebCore::RenderImage::repaintOrMarkForLayout): This a better name for this
        function since it is called even if the intrinsic size was not changed.
        (WebCore::RenderImage::imageDimensionsChanged): Deleted.
        
        * rendering/RenderImage.h: Rename imageDimensionsChanged() and change the 
        updateIntrinsicSizeIfNeeded() to return void.
        
        * rendering/svg/RenderSVGForeignObject.cpp:
        (WebCore::RenderSVGForeignObject::paint): Code cleanup. This function can
        only handle the paint phases PaintPhaseForeground and PaintPhaseSelection.
        Use this information to simplify the logic and order of painting there.

2015-03-18  Jeremy Jones  <jeremyj@apple.com>

        Fix typo in playerViewControllerWillCancelOptimizedFullscree.
        https://bugs.webkit.org/show_bug.cgi?id=142745

        Reviewed by Darin Adler.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebAVPlayerController playerViewControllerWillCancelOptimizedFullscreen:]):
        (-[WebAVPlayerController playerViewControllerWillCancelOptimizedFullscree:]): Deleted.

2015-03-18  Simon Fraser  <simon.fraser@apple.com>

        Avoid repaints when changing transform on an element with multiple background images
        https://bugs.webkit.org/show_bug.cgi?id=142841

        Reviewed by Zalan Bujtas.
        
        Replace the cheap test for changed images in RenderElement::updateFillImages()
        with an exhaustive test that walks the entire list of background images,
        since any ensuing repaint is way more expensive than a slightly more expensive check here.
        
        Test: fast/repaint/multiple-backgrounds-style-change.html

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::updateFillImages):
        * rendering/style/FillLayer.cpp:
        (WebCore::layerImagesIdentical): See if both images are the same (either none
        or both mask images, and same image pointer).
        (WebCore::FillLayer::imagesIdentical): Walk the two FillLayer lists, checking the images
        on each one. Returns false if we reach the end of one list before the other, or the images
        are different.
        * rendering/style/FillLayer.h: New static function; static because
        it compares two FillLayer lists, and I think that makes more sense than
        a member function.

2015-03-18  Anders Carlsson  <andersca@apple.com>

        Pass cookies by reference in CookieHash functions
        https://bugs.webkit.org/show_bug.cgi?id=142839

        Reviewed by Sam Weinig.

        * platform/Cookie.h:
        (WebCore::CookieHash::hash):
        (WebCore::CookieHash::equal):

2015-03-18  Tim Horton  <timothy_horton@apple.com>

        Temporarily fix the !ENABLE(CSS_SELECTOR_JIT) and assertions-enabled build

        * dom/SelectorQuery.cpp:
        (WebCore::SelectorDataList::execute):

2015-03-18  Myles C. Maxfield  <mmaxfield@apple.com>

        Call CTFontSetRenderingParameters before rendering text
        https://bugs.webkit.org/show_bug.cgi?id=142816

        Reviewed by Darin Adler.

        No new tests.

        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::showGlyphsWithAdvances):
        * platform/spi/cocoa/CoreTextSPI.h:

2015-03-18  Chris Dumez  <cdumez@apple.com>

        [WK2] Log the number of network cache requests that we have never seen before
        https://bugs.webkit.org/show_bug.cgi?id=142828
        <rdar://problem/19632130>

        Reviewed by Antti Koivisto.

        Add diagnostic logging key for network cache efficacy logging.

        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::neverSeenBeforeKey):
        (WebCore::DiagnosticLoggingKeys::requestKey):
        * page/DiagnosticLoggingKeys.h:

2015-03-18  Yusuke Suzuki  <utatane.tea@gmail.com>

        Use filterRootId in SelectorQuery even if CSS JIT is not enabled
        https://bugs.webkit.org/show_bug.cgi?id=142703

        Reviewed by Benjamin Poulain.

        filterRootId pruning path is not inherently related to CSS JIT.
        This patch enables filterRootId even in the environment
        where CSS JIT is not enabled.

        * dom/SelectorQuery.cpp:
        (WebCore::filterRootById):
        (WebCore::SelectorDataList::executeSingleSelectorData):
        (WebCore::SelectorDataList::execute):
        * dom/SelectorQuery.h:

2015-03-18  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Use Vector<>::const_iterator instead of custom FlowContents::Iterator.
        https://bugs.webkit.org/show_bug.cgi?id=142809

        Reviewed by Antti Koivisto.

        FlowContents::Iterator simply iterates on a vector<>. No need to custom implement it.

        No change in functionality.

        * rendering/SimpleLineLayoutFlowContents.h:
        (WebCore::SimpleLineLayout::FlowContents::begin):
        (WebCore::SimpleLineLayout::FlowContents::end):
        (WebCore::SimpleLineLayout::FlowContents::Iterator::Iterator): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator++): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator--): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator==): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator!=): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator*): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator->): Deleted.
        * rendering/SimpleLineLayoutTextFragmentIterator.cpp:
        (WebCore::SimpleLineLayout::TextFragmentIterator::skipToNextPosition):

2015-03-18  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Change FlowContents::segmentForPosition() to segmentForRun().
        https://bugs.webkit.org/show_bug.cgi?id=142785

        Reviewed by Antti Koivisto.

        This is in transition to support <br>. A particular position could point to multiple
        segments when <br> is directly followed by text.

        No change in functionality.

        * rendering/SimpleLineLayoutFlowContents.cpp:
        (WebCore::SimpleLineLayout::FlowContents::segmentIndexForRunSlow):
        (WebCore::SimpleLineLayout::FlowContents::segmentIndexForPositionSlow): Deleted.
        * rendering/SimpleLineLayoutFlowContents.h:
        (WebCore::SimpleLineLayout::FlowContents::segmentForRun):
        (WebCore::SimpleLineLayout::FlowContents::segmentIndexForPosition): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::segmentForPosition): Deleted.
        * rendering/SimpleLineLayoutResolver.cpp:
        (WebCore::SimpleLineLayout::RunResolver::Run::text):

2015-03-17  Simon Fraser  <simon.fraser@apple.com>

        Skip trying to paint overlay scrollbars when there are none or they are clipped out
        https://bugs.webkit.org/show_bug.cgi?id=142811
        rdar://problem/20200725

        Reviewed by Darin Adler.

        In some content with lots of layers and overflow:scroll, we could spend 20% of
        the time under paintOverflowControlsForFragments() setting up an (empty) clip,
        and then trying to draw scrollbars that we don't have.
        
        Avoid calling paintOverflowControlsForFragments() if there are no scrollbars,
        and don't both setting up an empty clip just to paint nothing.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paintLayerContents):
        (WebCore::RenderLayer::paintOverflowControlsForFragments):

2015-03-18  Per Arne Vollan  <peavo@outlook.com>

        [WinCairo] Unreviewed build fix after r181665.

        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::setSize):

2015-03-18  Joseph Pecoraro  <pecoraro@apple.com>

        Remove unused "preprocessor" parameter to sub-CodeGenerators
        https://bugs.webkit.org/show_bug.cgi?id=142793

        Reviewed by Darin Adler.

        * bindings/scripts/CodeGenerator.pm:
        (ProcessDocument):
        (FileNamePrefix):
        * bindings/scripts/CodeGeneratorObjC.pm:

2015-03-18  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Split fragments on renderer boundary on the fly.
        https://bugs.webkit.org/show_bug.cgi?id=142579

        Reviewed by Antti Koivisto.

        Fragment splitting at renderers' boundary at the end of the line is no longer needed.
        This patch ensures that TextFragmentIterator::nextTextFragment() does not concatenate
        fragments across renderer boundary.

        Test: fast/text/simple-line-with-multiple-renderers.html

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::revertRuns):
        (WebCore::SimpleLineLayout::LineState::isEmpty):
        (WebCore::SimpleLineLayout::LineState::appendFragmentAndCreateRunIfNeeded): Check if fragments need a new run and
        whether neighboring fragments need collapsing.
        (WebCore::SimpleLineLayout::LineState::revertUncommitted): Revert fragments over multiple renderers if they form
        a fragment continuation.
        (WebCore::SimpleLineLayout::LineState::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::forceFragmentToLine): Ensure that if a fragment has continuation across multiple renderers,
        they all get added to the current line.
        (WebCore::SimpleLineLayout::createLineRuns):
        (WebCore::SimpleLineLayout::LineState::appendFragment): Deleted.
        (WebCore::SimpleLineLayout::FragmentForwardIterator::FragmentForwardIterator): Deleted.
        (WebCore::SimpleLineLayout::FragmentForwardIterator::operator++): Deleted.
        (WebCore::SimpleLineLayout::FragmentForwardIterator::operator!=): Deleted.
        (WebCore::SimpleLineLayout::FragmentForwardIterator::operator*): Deleted.
        (WebCore::SimpleLineLayout::begin): Deleted.
        (WebCore::SimpleLineLayout::end): Deleted.
        (WebCore::SimpleLineLayout::preWrap): Deleted.
        (WebCore::SimpleLineLayout::removeTrailingWhitespace): Deleted.
        (WebCore::SimpleLineLayout::updateLineConstrains): Deleted.
        (WebCore::SimpleLineLayout::splitRunsAtRendererBoundary): Deleted.
        (WebCore::SimpleLineLayout::createTextRuns): Deleted.
        (WebCore::SimpleLineLayout::create): Deleted.
        (WebCore::SimpleLineLayout::Layout::create): Deleted.
        * rendering/SimpleLineLayoutFlowContents.h:
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator+):
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator*):
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator->):
        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::paintFlow): Unrelated fix on non-collapsed tab position.
        * rendering/SimpleLineLayoutTextFragmentIterator.cpp:
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragmentIterator):
        (WebCore::SimpleLineLayout::TextFragmentIterator::nextTextFragment):
        (WebCore::SimpleLineLayout::TextFragmentIterator::revertToFragment):
        (WebCore::SimpleLineLayout::TextFragmentIterator::textWidth):
        (WebCore::SimpleLineLayout::TextFragmentIterator::skipToNextPosition):
        * rendering/SimpleLineLayoutTextFragmentIterator.h:
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::TextFragment):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::overlapsToNextRenderer):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::isCollapsible):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::operator==):
        (WebCore::SimpleLineLayout::TextFragmentIterator::isLineBreak):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::split): Deleted.

2015-03-18  Manuel Rego Casasnovas  <rego@igalia.com>

        Flex and grid items should be painted as inline-blocks
        https://bugs.webkit.org/show_bug.cgi?id=142266

        Reviewed by Darin Adler.

        Based on Blink r157004 by <cbiesinger@chromium.org>.
        https://src.chromium.org/viewvc/blink?revision=157004&view=revision

        Both flexbox and grid specs define that the painting order of flex/grid
        items is the same as inline blocks. See
        http://dev.w3.org/csswg/css-flexbox/#painting and
        http://dev.w3.org/csswg/css-grid/#z-order.

        Extracted inline blocks painting code from InlineElementBox and moved to
        a helper method that will be reused for flexboxes and grids.

        Tests: css3/flexbox/flex-item-text-background-not-interleaved.html
               fast/css-grid-layout/grid-item-text-background-not-interleaved.html

        * rendering/InlineElementBox.cpp:
        (WebCore::InlineElementBox::paint): Move code to
        RenderElement::paintAsInlineBlock().
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::paintChild): Add new argument to paint children
        as inline blocks.
        * rendering/RenderBlock.h: Define PaintType enmu and modify paintChild()
        signature to add the new argument.
        * rendering/RenderElement.cpp:
        (WebCore::paintPhase): Paint element in a phase.
        (WebCore::RenderElement::paintAsInlineBlock): Code extracted from
        InlineElementBox::paint().
        * rendering/RenderElement.h: Add new method signature.
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::paintChildren): Call
        RenderBlock::paintChild() with the new argument.
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::paintChildren): Ditto.

2015-03-18  Chris Dumez  <cdumez@apple.com>

        [WK2] Log total number of network cache queries using diagnostic logging
        https://bugs.webkit.org/show_bug.cgi?id=142803
        <rdar://problem/19632130>

        Reviewed by Antti Koivisto.

        Add diagnostic logging key needed for network efficacy logging.

        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::retrievalRequestKey):
        * page/DiagnosticLoggingKeys.h:

2015-03-18  Tim Horton  <timothy_horton@apple.com>

        Fix the build after r181660

        * page/EventHandler.cpp:
        (WebCore::EventHandler::setImmediateActionStage):
        * page/EventHandler.h:
        (WebCore::EventHandler::setImmediateActionStage):
        Un-inline setImmediateActionStage, because it is exported to WebCore, and
        exporting inline thing causes random weak symbol errors on some platforms.

2015-03-17  Conrad Shultz  <conrad_shultz@apple.com>

        Ignore some deprecation warnings
        https://bugs.webkit.org/show_bug.cgi?id=142813

        Reviewed by Mark Rowe.

        Fixing the deprecations is tracked by: <rdar://problem/20201450>

        * editing/cocoa/HTMLConverter.mm:
        (HTMLConverter::_processElement):

2015-03-17  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r181667, r181682, and r181683.
        https://bugs.webkit.org/show_bug.cgi?id=142812

        Broke multiple tests with ASan, plus dependent commits
        (Requested by ap on #webkit).

        Reverted changesets:

        "Simple line layout: Split fragments on renderer boundary on
        the fly."
        https://bugs.webkit.org/show_bug.cgi?id=142579
        http://trac.webkit.org/changeset/181667

        "Simple line layout: Change FlowContents::segmentForPosition()
        to segmentForRun()."
        https://bugs.webkit.org/show_bug.cgi?id=142785
        http://trac.webkit.org/changeset/181682

        "Simple line layout: Use Vector<>::const_iterator instead of
        custom FlowContents::Iterator."
        https://bugs.webkit.org/show_bug.cgi?id=142809
        http://trac.webkit.org/changeset/181683

2015-03-17  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Use Vector<>::const_iterator instead of custom FlowContents::Iterator.
        https://bugs.webkit.org/show_bug.cgi?id=142809

        Reviewed by Antti Koivisto.

        FlowContents::Iterator simply iterates on a vector<>. No need to custom implement it.

        No change in functionality.

        * rendering/SimpleLineLayoutFlowContents.h:
        (WebCore::SimpleLineLayout::FlowContents::begin):
        (WebCore::SimpleLineLayout::FlowContents::end):
        (WebCore::SimpleLineLayout::FlowContents::Iterator::Iterator): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator++): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator--): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator==): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator!=): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator*): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator->): Deleted.
        * rendering/SimpleLineLayoutTextFragmentIterator.cpp:
        (WebCore::SimpleLineLayout::TextFragmentIterator::skipToNextPosition):

2015-03-17  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Change FlowContents::segmentForPosition() to segmentForRun().
        https://bugs.webkit.org/show_bug.cgi?id=142785

        Reviewed by Antti Koivisto.

        This is in transition to support <br>. A particular position could point to multiple
        segments when <br> is directly followed by text.

        No change in functionality.

        * rendering/SimpleLineLayoutFlowContents.cpp:
        (WebCore::SimpleLineLayout::FlowContents::segmentIndexForRunSlow):
        (WebCore::SimpleLineLayout::FlowContents::segmentIndexForPositionSlow): Deleted.
        * rendering/SimpleLineLayoutFlowContents.h:
        (WebCore::SimpleLineLayout::FlowContents::segmentForRun):
        (WebCore::SimpleLineLayout::FlowContents::segmentIndexForPosition): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::segmentForPosition): Deleted.
        * rendering/SimpleLineLayoutResolver.cpp:
        (WebCore::SimpleLineLayout::RunResolver::Run::text):

2015-03-17  Chris Dumez  <cdumez@apple.com>

        [Mac][iOS] setSharedTimerFireInterval() / stopSharedTimer() are expensive
        https://bugs.webkit.org/show_bug.cgi?id=142752
        <rdar://problem/20176731>

        Reviewed by Antti Koivisto.

        setSharedTimerFireInterval() / stopSharedTimer() are expensive on Mac
        and iOS on pages using a lot of timers.

        For example, on bing.com / iOS, ~15.4% of the CPU time is spent in
        setSharedTimerFireInterval() and ~14.7% of the CPU time is spent in
        stopSharedTimer(). The expensive calls are CFRunLoopAddTimer (11.4%),
        CFRunLoopTimerInvalidate (14.1%), CFRunLoopTimerCreate (3.3%).

        The issue is that we keep creating, adding to run loop modes, and then
        destroying the sharedTimer for each firing event. This is very
        expensive. In such case, the CFRunLoopTimerRef documentation advises to
        """
        ... create a repeating timer with an initial firing time in the distant
        future (or the initial firing time) and a very large repeat interval—on
        the order of decades or more—and add it to all the necessary run loop
        modes. Then, when you know when the timer should fire next, you reset
        the firing time with CFRunLoopTimerSetNextFireDate, perhaps from the
        timer’s own callback function. This technique effectively produces a
        reusable, asynchronous timer.
        """ [1].

        Doing so greatly decreases CPU time spend in:
        - setSharedTimerFireInterval(): 15.4% -> 4.6%
        - stopSharedTimer(): 14.6% -> 8.6%

        Overall CPU time spent on bing.com in timerFired() goes down from
        ~61.2% to ~49.5%.

        This patch also refactors the SharedTimer code to share as much as
        possible between Mac and iOS.

        This patch is based in part on the following patch:
        http://trac.webkit.org/changeset/143210

        [1] https://developer.apple.com/library/prerelease/ios/documentation/CoreFoundation/Reference/CFRunLoopTimerRef/index.html#//apple_ref/c/func/CFRunLoopTimerSetNextFireDate

        * WebCore.xcodeproj/project.pbxproj:
        * platform/SharedTimer.h:
        (WebCore::SharedTimer::invalidate):
        (WebCore::MainThreadSharedTimer::setFiredFunction): Deleted.
        (WebCore::MainThreadSharedTimer::setFireInterval): Deleted.
        (WebCore::MainThreadSharedTimer::stop): Deleted.
        * platform/ThreadTimers.cpp:
        (WebCore::ThreadTimers::fireTimersInNestedEventLoop):
        * platform/cf/SharedTimerCF.mm: Added.
        (WebCore::applicationDidBecomeActive):
        (WebCore::setupPowerObserver):
        (WebCore::setSharedTimerFiredFunction):
        (WebCore::timerFired):
        (WebCore::restartSharedTimer):
        (WebCore::invalidateSharedTimer):
        (WebCore::setSharedTimerFireInterval):
        (WebCore::stopSharedTimer):
        * platform/efl/SharedTimerEfl.cpp:
        (WebCore::invalidateSharedTimer):
        * platform/gtk/SharedTimerGtk.cpp:
        (WebCore::invalidateSharedTimer):
        * platform/ios/SharedTimerIOS.mm: Removed.
        * platform/mac/PowerObserverMac.h: Copied from Source/WebCore/platform/efl/SharedTimerEfl.cpp.
        * platform/mac/PowerObserverMac.mm: Renamed from Source/WebCore/platform/mac/SharedTimerMac.mm.
        (WebCore::PowerObserver::PowerObserver):
        (WebCore::PowerObserver::~PowerObserver):
        (WebCore::PowerObserver::didReceiveSystemPowerNotification):
        * platform/win/SharedTimerWin.cpp:
        (WebCore::removeSharedTimer):

2015-03-17  Tim Horton  <timothy_horton@apple.com>

        Cannot invoke action menus anymore
        https://bugs.webkit.org/show_bug.cgi?id=142797
        <rdar://problem/20032670>

        Reviewed by Beth Dakin.

        * platform/spi/mac/NSMenuSPI.h:
        Add additional NSMenu SPI.

2015-03-17  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Split fragments on renderer boundary on the fly.
        https://bugs.webkit.org/show_bug.cgi?id=142579

        Reviewed by Antti Koivisto.

        Fragment splitting at renderers' boundary at the end of the line is no longer needed.
        This patch ensures that TextFragmentIterator::nextTextFragment() does not concatenate
        fragments across renderer boundary.

        Test: fast/text/simple-line-with-multiple-renderers.html

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::revertRuns):
        (WebCore::SimpleLineLayout::LineState::isEmpty):
        (WebCore::SimpleLineLayout::LineState::appendFragmentAndCreateRunIfNeeded): Check if fragments need a new run and
        whether neighboring fragments need collapsing.
        (WebCore::SimpleLineLayout::LineState::revertUncommitted): Revert fragments over multiple renderers if they form
        a fragment continuation.
        (WebCore::SimpleLineLayout::LineState::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::forceFragmentToLine): Ensure that if a fragment has continuation across multiple renderers,
        they all get added to the current line.
        (WebCore::SimpleLineLayout::createLineRuns):
        (WebCore::SimpleLineLayout::LineState::appendFragment): Deleted.
        (WebCore::SimpleLineLayout::FragmentForwardIterator::FragmentForwardIterator): Deleted.
        (WebCore::SimpleLineLayout::FragmentForwardIterator::operator++): Deleted.
        (WebCore::SimpleLineLayout::FragmentForwardIterator::operator!=): Deleted.
        (WebCore::SimpleLineLayout::FragmentForwardIterator::operator*): Deleted.
        (WebCore::SimpleLineLayout::begin): Deleted.
        (WebCore::SimpleLineLayout::end): Deleted.
        (WebCore::SimpleLineLayout::preWrap): Deleted.
        (WebCore::SimpleLineLayout::removeTrailingWhitespace): Deleted.
        (WebCore::SimpleLineLayout::updateLineConstrains): Deleted.
        (WebCore::SimpleLineLayout::splitRunsAtRendererBoundary): Deleted.
        (WebCore::SimpleLineLayout::createTextRuns): Deleted.
        (WebCore::SimpleLineLayout::create): Deleted.
        (WebCore::SimpleLineLayout::Layout::create): Deleted.
        * rendering/SimpleLineLayoutFlowContents.h:
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator+):
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator*):
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator->):
        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::paintFlow): Unrelated fix on non-collapsed tab position.
        * rendering/SimpleLineLayoutTextFragmentIterator.cpp:
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragmentIterator):
        (WebCore::SimpleLineLayout::TextFragmentIterator::nextTextFragment):
        (WebCore::SimpleLineLayout::TextFragmentIterator::revertToFragment):
        (WebCore::SimpleLineLayout::TextFragmentIterator::textWidth):
        (WebCore::SimpleLineLayout::TextFragmentIterator::skipToNextPosition):
        * rendering/SimpleLineLayoutTextFragmentIterator.h:
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::TextFragment):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::overlapsToNextRenderer):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::isCollapsible):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::operator==):
        (WebCore::SimpleLineLayout::TextFragmentIterator::isLineBreak):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::split): Deleted.

2015-03-17  Jeremy Jones  <jeremyj@apple.com>

        When tab hides, pause fullscreen and exit normally.
        https://bugs.webkit.org/show_bug.cgi?id=142685

        Reviewed by Eric Carlson.

        Pause fullscreen playback when switching tabs. Exit fullscreen is not necessary and even prevents
        the normal flow of teardown. This allows the normal exit fullscreen call to succeed and call its callback.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::requestHideAndExitFullscreen):

2015-03-17  Per Arne Vollan  <peavo@outlook.com>

        [WinCairo] Video position is incorrect when located inside a frame.
        https://bugs.webkit.org/show_bug.cgi?id=142784

        Reviewed by Brent Fulgham.

        We need to take the enclosing frame's position into account, when finding the video position.

        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::setSize):

2015-03-17  Benjamin Poulain  <bpoulain@apple.com>

        Compile character ranges targeting the same state as range check in the bytecode
        https://bugs.webkit.org/show_bug.cgi?id=142759

        Reviewed by Alex Christensen.

        Previously, character ranges would be compiled as many individual character checks.
        For example, a transition on "[a-z]" would do 26 character checks + jump, which leads
        to enormous matchines.

        With this patch, we find the ranges at lowering time and generate a single instruction
        for them: "CheckValueRange". This helps making the machine denser when the input
        use character sets.

        The second part of this patch goes further in the case where the transitions out of
        a state cover the entire alphabet. In that case, we create a fallback transition
        on the fly and remove all the ranges made useless.
        That case is common when ranges are used with inverse character set (e.g. [^a]+a).

        * contentextensions/DFABytecode.h:
        (WebCore::ContentExtensions::instructionSizeWithArguments):
        * contentextensions/DFABytecodeCompiler.cpp:
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitCheckValueRange):
        (WebCore::ContentExtensions::DFABytecodeCompiler::compileNode):
        (WebCore::ContentExtensions::DFABytecodeCompiler::compileNodeTransitions):
        (WebCore::ContentExtensions::DFABytecodeCompiler::compileCheckForRange):
        * contentextensions/DFABytecodeCompiler.h:
        Extend the compiler to detect ranges and lower them as CheckValueRange.

        * contentextensions/DFABytecodeInterpreter.cpp:
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
        Range checks in the interpreter.

        * contentextensions/NFA.cpp:
        (WebCore::ContentExtensions::NFA::setFinal):
        This assertion does not make sense with the current codebase. Actions are "compressed",
        it is possible to have two patterns with the same action.

        * contentextensions/NFAToDFA.cpp:
        (WebCore::ContentExtensions::simplifyTransitions):
        A very simple DFA optimization function: it only reduce the strength of ranges.

        (WebCore::ContentExtensions::NFAToDFA::convert):

2015-03-17  Jer Noble  <jer.noble@apple.com>

        REGRESSION (r181423): Crash @ generatedcontent.org at com.apple.WebCore: WebCore::MediaPlayer::maximumDurationToCacheMediaTime const + 4
        https://bugs.webkit.org/show_bug.cgi?id=142787

        Reviewed by Eric Carlson.

        Null check m_player before derefencing.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):

2015-03-17  Beth Dakin  <bdakin@apple.com>

        DOM mouse events have weird timing for force clickable elements in Safari 8.0.3 on 
        10.10.2
        https://bugs.webkit.org/show_bug.cgi?id=142700
        -and corresponding-
        rdar://problem/20165168

        Reviewed by Tim Horton.

        This patch adds a new enum and member variable so that EventHandler can keep track 
        of the current immediate action state.
        * page/EventHandler.cpp:
        (WebCore::EventHandler::EventHandler):

        A new mouse press even is starting. We can re-set m_immediateActionStage to none 
        unless a Hit Test has already been performed.
        (WebCore::EventHandler::handleMousePressEvent):

        If an immediate action was completed, then send mouse to the DOM and return early. 
        This will prevent us from doing our own normal mouseup behaviors such as 
        navigating to a link that was clicked — we only want to do that if the click was 
        not used to perform an immediate action.
        (WebCore::EventHandler::handleMouseReleaseEvent):
        * page/EventHandler.h:
        (WebCore::EventHandler::setImmediateActionStage):

2015-03-17  Joseph Pecoraro  <pecoraro@apple.com>

        Use a better parameter name for Document.getElementsByClassName
        https://bugs.webkit.org/show_bug.cgi?id=142771

        Reviewed by Chris Dumez.

        * bindings/objc/PublicDOMInterfaces.h:
        * dom/Document.idl:

2015-03-17  Timothy Horton  <timothy_horton@apple.com>

        Reproducible null deref under ScriptedAnimationController::createDisplayRefreshMonitor
        https://bugs.webkit.org/show_bug.cgi?id=142776
        <rdar://problem/18921338>

        Reviewed by Alexey Proskuryakov.

        Test: fast/animation/request-animation-frame-unparented-iframe-crash.html

        In some cases (like the new test), we can end up trying to start
        requestAnimationFrame on a Document that has no Page. Most paths null-checked
        the Page and did the right thing, but one failed to do so. In addition,
        the current fallback (when Page is null) can result in us constructing
        the wrong kind of DisplayRefreshMonitor, which could lead to trouble
        down the road when it's reused. Instead, just completely avoid making a
        DisplayRefreshMonitor in the null-page case.

        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::createDisplayRefreshMonitor):
        If the page is null, bail.

        * dom/ScriptedAnimationController.h:
        * platform/graphics/DisplayRefreshMonitor.cpp:
        (WebCore::DisplayRefreshMonitor::create):
        Use Optional<> to make it easy to distinguish between ChromeClient
        being unreachable (because we don't have a Page for some reason) and
        ChromeClient declaring that it doesn't want to override the type of
        DisplayRefreshMonitor that is created.

        If ChromeClient was unreachable for some reason, we'll get back an engaged
        nullptr and return it (instead of creating a DisplayRefreshMonitor based
        on the platform). This avoids creating the wrong type of DisplayRefreshMonitor
        in the rare case where we can't reach the ChromeClient (e.g. a freshly unparented
        IFrame).

        If instead the client returns a disengaged Nullopt, we'll interpret that as
        "construct the default type", which falls back on the platform #ifdefs to
        decide what to make.

        * platform/graphics/DisplayRefreshMonitorManager.cpp:
        (WebCore::DisplayRefreshMonitorManager::ensureMonitorForClient):
        (WebCore::DisplayRefreshMonitorManager::scheduleAnimation):
        Silently handle the case where we failed to make a DisplayRefreshMonitor.

        * platform/graphics/DisplayRefreshMonitor.h:
        * platform/graphics/DisplayRefreshMonitorClient.h:
        * platform/graphics/GraphicsLayerUpdater.cpp:
        (WebCore::GraphicsLayerUpdater::createDisplayRefreshMonitor):
        * platform/graphics/GraphicsLayerUpdater.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::createDisplayRefreshMonitor):
        * rendering/RenderLayerCompositor.h:
        Adjust to the new signature of createDisplayRefreshMonitor, and return
        an engaged (nullptr) Optional if we can't get to ChromeClient for any reason.

        * page/ChromeClient.h:
        Return Nullopt (indicating a lack of override) by default.

2015-03-17  Dean Jackson  <dino@apple.com>

        Implement Scroll Container Animation Triggers
        https://bugs.webkit.org/show_bug.cgi?id=142732

        Attempt to fix the build.

        * css/CSSComputedStyleDeclaration.cpp: Add an #if ENABLE guard.

2015-03-17  Dean Jackson  <dino@apple.com>

        Implement Scroll Container Animation Triggers
        https://bugs.webkit.org/show_bug.cgi?id=142732

        Reviewed by Simon Fraser.

        Test: animations/trigger-container-scroll-simple.html

        Basic implementation of container-scroll. It only checks
        the page scroll position for trigger values (not the scrolling
        container in an overflow).

        * css/CSSComputedStyleDeclaration.cpp: Add CSSPropertyWebkitAnimationTrigger
        so that this property will appear in the inspector.

        * page/FrameView.cpp:
        (WebCore::FrameView::sendScrollEvent): If the page has scrolled, let the animation
        controller know about it.

        * page/animation/AnimationBase.cpp:
        (WebCore::AnimationBase::updateStateMachine): Whitespace fix.
        (WebCore::AnimationBase::fireAnimationEventsIfNeeded): If there is a trigger,
        and the scroll position is past it, then tell the state machine that
        we should start.
        (WebCore::AnimationBase::timeToNextService): Use the scroll position as
        an input to the update timer if a trigger is involved.

        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::ensureCompositeAnimation): Add whitespace.
        (WebCore::AnimationControllerPrivate::scrollWasUpdated): Call updateAnimations.
        (WebCore::AnimationController::scrollWasUpdated): Call into AnimationControllerPrivate.
        * page/animation/AnimationController.h:
        * page/animation/AnimationControllerPrivate.h:

        * page/animation/CompositeAnimation.cpp: Keep a record of whether we have a scroll
        triggered animation.
        (WebCore::CompositeAnimation::CompositeAnimation):
        (WebCore::CompositeAnimation::updateKeyframeAnimations):
        * page/animation/CompositeAnimation.h:
        (WebCore::CompositeAnimation::hasScrollTriggeredAnimation):
        * platform/animation/Animation.cpp:
        (WebCore::Animation::operator=):

2015-03-17  Simon Fraser  <simon.fraser@apple.com>

        Move some code from LogicalSelectionOffsetCaches into RenderElement
        https://bugs.webkit.org/show_bug.cgi?id=142758

        Reviewed by Myles C. Maxfield.

        LogicalSelectionOffsetCaches had some useful code regarding containing blocks etc
        that should be used in more places, so move it into RenderElement.
        
        No behavior change.

        * rendering/LogicalSelectionOffsetCaches.h:
        (WebCore::LogicalSelectionOffsetCaches::LogicalSelectionOffsetCaches):
        (WebCore::isContainingBlockCandidateForAbsolutelyPositionedObject): Deleted.
        (WebCore::isNonRenderBlockInline): Deleted.
        (WebCore::containingBlockForFixedPosition): Deleted.
        (WebCore::containingBlockForAbsolutePosition): Deleted.
        (WebCore::containingBlockForObjectInFlow): Deleted.
        * rendering/RenderBlock.cpp: No need to initialize static data.
        (WebCore::RenderBlock::positionedObjects): nullptr
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::containingBlockForFixedPosition):
        (WebCore::RenderElement::containingBlockForAbsolutePosition):
        (WebCore::isNonRenderBlockInline):
        (WebCore::RenderElement::containingBlockForObjectInFlow):
        * rendering/RenderElement.h:
        (WebCore::RenderElement::canContainAbsolutelyPositionedObjects):
        * rendering/RenderLayer.cpp:
        (WebCore::isContainerForPositioned):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::containingBlock):

2015-03-17  Alex Christensen  <achristensen@webkit.org>

        [WinCairo] Unreviewed build fix after r181640.

        * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
        Tell Windows how to find ShaderLang.h.

2015-03-17  Chris Dumez  <cdumez@apple.com>

        'pageLoaded' diagnostic logging is too verbose
        https://bugs.webkit.org/show_bug.cgi?id=142727
        <rdar://problem/18937048>

        Reviewed by Eric Carlson.

        Make 'pageLoaded' diagnostic logging less verbose:
        - Log once per main frame instead of once for subframe
        - Apply sampling

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::checkLoadCompleteForThisFrame):

2015-03-17  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Wrong transfer annotations used in GObject DOM bindings
        https://bugs.webkit.org/show_bug.cgi?id=142780

        Reviewed by Gustavo Noronha Silva.

        We are using transfer none for all methods returning a GObject DOM
        Object. That's not true. Only objects derived from Node are
        automatically released by the DOM object cache and can be transfer
        none. All other objects are added to the cache only to avoid
        creating the same wrapper twice for the same core object, but
        caller should release the returned reference.

        * bindings/gobject/WebKitDOMCustomUnstable.h:
        * bindings/scripts/CodeGeneratorGObject.pm:
        (GetTransferTypeForReturnType):
        (GenerateFunction):

2015-03-17  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] WebKitDOM objects leaking
        https://bugs.webkit.org/show_bug.cgi?id=118788

        Reviewed by Darin Adler and Sergio Villar Senin.

        Use a DOMwindowObserver class, derived from DOMWindowProperty to
        be notified when the window object is detached from the frame to
        clear the DOM objects associated to that frame in that case too.

        * bindings/gobject/DOMObjectCache.cpp:

2015-03-17  Zan Dobersek  <zdobersek@igalia.com>

        [CMake] Use a forwarding header for ANGLE's ShaderLang.h to avoid picking up ANGLE's EGL headers
        https://bugs.webkit.org/show_bug.cgi?id=142530

        Reviewed by Darin Adler.

        Include the ANGLE's ShaderLang.h through the new forwarding header. This allows
        us to not list Source/ThirdParty/ANGLE/include in the list of inclusion directories
        and thus avoid ANGLE's EGL and GLES2/GLES3 headers, defaulting to the system-provided
        headers instead.

        Source/ThirdParty/ANGLE/include/KHR is still used because ANGLE's khrplatform.h is
        required by the ShaderLang.h header. Source/ThirdParty/ANGLE/src is not used for the
        whole WebCore library anymore, only the ANGLESupport library.

        * CMakeLists.txt:
        * platform/graphics/ANGLEWebKitBridge.h:
        * platform/graphics/cairo/GraphicsContext3DCairo.cpp:

2015-03-17  Matt Baker  <mattbaker@apple.com>

        Web Inspector: Show rendering frames (and FPS) in Layout and Rendering timeline
        https://bugs.webkit.org/show_bug.cgi?id=142029

        Reviewed by Timothy Hatcher.

        Add new functionality to the Inspector timelines backend to add runloop data to timeline recordings.

        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::currentRunLoop):
        (WebCore::InspectorTimelineAgent::internalStart):
        (WebCore::InspectorTimelineAgent::internalStop):
        (WebCore::toProtocol):
        (WebCore::InspectorTimelineAgent::InspectorTimelineAgent):
        Install observers for the begining and end of the runloop when recording begins. All other
        instrumented timeline events get added as children of the current runloop record, which is
        sent to the frontend once the runloop completes.

        * inspector/InspectorTimelineAgent.h:

        * platform/cf/RunLoopObserver.cpp:
        (WebCore::RunLoopObserver::schedule):
        Wrapper changed to allow observing arbitrary runloop activities.

        * platform/cf/RunLoopObserver.h:

2015-03-17  Philippe Normand  <pnormand@igalia.com>

        [GTK] basic OpenWebRTC build support
        https://bugs.webkit.org/show_bug.cgi?id=142393

        Reviewed by Carlos Garcia Campos.

        * PlatformGTK.cmake: Add OpenWebRTC CFLAGS and LDFLAGS.

2015-03-17  Joseph Pecoraro  <pecoraro@apple.com>

        Remove never used "useLayerOnTop" bindings generator argument
        https://bugs.webkit.org/show_bug.cgi?id=142773

        Reviewed by Darin Adler.

        * bindings/scripts/CodeGenerator.pm:
        * bindings/scripts/CodeGeneratorJS.pm:
        * bindings/scripts/CodeGeneratorObjC.pm:
        * bindings/scripts/generate-bindings.pl:

2015-03-16  Ryosuke Niwa  <rniwa@webkit.org>

        Enable ES6 classes by default
        https://bugs.webkit.org/show_bug.cgi?id=142774

        Reviewed by Gavin Barraclough.

        * Configurations/FeatureDefines.xcconfig:

2015-03-16  Simon Fraser  <simon.fraser@apple.com>

        Update the debug overlays after layout
        https://bugs.webkit.org/show_bug.cgi?id=142768

        Reviewed by Zalan Bujtas.

        The debug overlays need to be updated after layout, in case elements with wheel event handlers
        moved around.
        
        DebugPageOverlays::didLayout() is cheap if there are no overlays.
        
        Call DebugPageOverlays::didLayout() for all frames, not just the main frame, since subframes can contribute
        to the main frame's event handler region.

        * page/DebugPageOverlays.cpp:
        (WebCore::DebugPageOverlays::regionChanged):
        * page/DebugPageOverlays.h:
        (WebCore::DebugPageOverlays::didLayout):
        (WebCore::DebugPageOverlays::didChangeEventHandlers):
        * page/FrameView.cpp:
        (WebCore::FrameView::layout):

2015-03-16  Jon Lee  <jonlee@apple.com>

        Unreviewed fix for crash after r181608.

        * WebCore.xcodeproj/project.pbxproj: Include it in the WebCore framework.

2015-03-16  Simon Fraser  <simon.fraser@apple.com>

        Generalize the Document code that maintains a set of nodes with event handlers
        https://bugs.webkit.org/show_bug.cgi?id=142762

        Reviewed by Zalan Bujtas, Darin Adler.

        Document.h defines a TouchEventTargetSet type, which will in future be used for
        other event types too (wheel events), so rename it to EventTargetSet.
        
        Take didRemoveEventTargetNode() outside the TOUCH_EVENTS #ifdef, and change it
        to take a reference.

        * dom/Document.cpp:
        (WebCore::Document::prepareForDestruction): References
        (WebCore::Document::didAddTouchEventHandler): Ditto.
        (WebCore::Document::didRemoveEventTargetNode): Ditto.
        * dom/Document.h:
        (WebCore::Document::touchEventTargets): No-one calls this; just remove the non
        #ideffed one.
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::~HTMLInputElement): Pass a ref.
        (WebCore::HTMLInputElement::didMoveToNewDocument): Pass a ref.
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::removeAllEventListeners): Pass a ref.

2015-03-16  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Object Previews in Indexed DB tables
        https://bugs.webkit.org/show_bug.cgi?id=140813

        Reviewed by Timothy Hatcher.

        * inspector/InspectorIndexedDBAgent.cpp:
        Include previews with object store objects.

2015-03-16  Jer Noble  <jer.noble@apple.com>

        [Mac] Update missing image UI
        https://bugs.webkit.org/show_bug.cgi?id=142592

        Reviewed by Darin Adler.

        Update the broken image glyphs with new art (including a 3x image).

        Test: fast/hidpi/broken-image-icon-very-hidpi.html

        * Resources/missingImage.png:
        * Resources/missingImage@2x.png:
        * Resources/missingImage@3x.png: Added.
        * WebCore.xcodeproj/project.pbxproj:
        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::brokenImage):

2015-03-16  Dean Jackson  <dino@apple.com>

        Parsing and Style Resolution of Container-based Animation Triggers
        https://bugs.webkit.org/show_bug.cgi?id=142687
        <rdar://problem/20170007>

        Reviewed by Simon Fraser.

        Take 2 after the previous patch was rolled out.

        This is the beginning of a prototype implementation of
        CSS Animation Triggers, as described by
        https://lists.w3.org/Archives/Public/www-style/2014Sep/0135.html

        In this patch we parse and resolve the value of a new
        CSS property "-webkit-animation-trigger". At the moment it
        only accepts one function value "container-scroll", which
        will trigger the animation at an absolute position within
        an element's scrolling container. We expect the syntax to
        change in the near future, as the spec is written.

        Tests: animations/trigger-computed-style.html
               animations/trigger-parsing.html

        * WebCore.xcodeproj/project.pbxproj: Add the new files.

        * css/CSSAnimationTriggerScrollValue.cpp: Added.
        (WebCore::CSSAnimationTriggerScrollValue::customCSSText): Output text for computed style.
        (WebCore::CSSAnimationTriggerScrollValue::equals): Compare two values.
        * css/CSSAnimationTriggerScrollValue.h: Added. This holds the CSS side of the
        scroll trigger. This name may change in the future to better represent the
        type of trigger, but it is good enough for now.
        (WebCore::CSSAnimationTriggerScrollValue::create):
        (WebCore::CSSAnimationTriggerScrollValue::startValue):
        (WebCore::CSSAnimationTriggerScrollValue::endValue):
        (WebCore::CSSAnimationTriggerScrollValue::CSSAnimationTriggerScrollValue):

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::createAnimationTriggerValue): Maps an AnimationTrigger into a CSSValue.
        (WebCore::getAnimationTriggerValue): Gets the current computed style.
        (WebCore::ComputedStyleExtractor::propertyValue):

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue):
        (WebCore::CSSParser::parseAnimationTrigger): Parse the "container-scroll" function
        and record the value as a CSSAnimationTriggerScrollValue.
        (WebCore::CSSParser::parseAnimationProperty): Handle the new property.
        * css/CSSParser.h:

        * css/CSSPropertyNames.in: Add "-webkit-animation-trigger".

        * css/CSSToStyleMap.cpp:
        (WebCore::CSSToStyleMap::mapAnimationTrigger): Map a CSSValue into a trigger value on
        an Animation object.
        * css/CSSToStyleMap.h:

        * css/CSSValue.cpp: Handle the new CSSValue type.
        (WebCore::CSSValue::equals):
        (WebCore::CSSValue::cssText):
        (WebCore::CSSValue::destroy):
        * css/CSSValue.h:
        (WebCore::CSSValue::isAnimationTriggerScrollValue):

        * platform/animation/Animation.cpp: Make sure to initialise m_trigger and m_triggerSet,
        and use them in the operator==.
        * platform/animation/Animation.h: Add AnimationTrigger as a new field.
        (WebCore::Animation::isTriggerSet):
        (WebCore::Animation::isEmpty):

        * platform/animation/AnimationTrigger.h: Added. New base class and subclasses for
        "auto" and the scrolling trigger.
        (WebCore::AnimationTrigger::~AnimationTrigger):
        (WebCore::AnimationTrigger::type):
        (WebCore::AnimationTrigger::isAutoAnimationTrigger):
        (WebCore::AnimationTrigger::isScrollAnimationTrigger):
        (WebCore::AnimationTrigger::AnimationTrigger):
        (WebCore::AutoAnimationTrigger::create):
        (WebCore::AutoAnimationTrigger::~AutoAnimationTrigger):
        (WebCore::AutoAnimationTrigger::AutoAnimationTrigger):
        (WebCore::ScrollAnimationTrigger::create):
        (WebCore::ScrollAnimationTrigger::~ScrollAnimationTrigger):
        (WebCore::ScrollAnimationTrigger::startValue):
        (WebCore::ScrollAnimationTrigger::setStartValue):
        (WebCore::ScrollAnimationTrigger::endValue):
        (WebCore::ScrollAnimationTrigger::setEndValue):
        (WebCore::ScrollAnimationTrigger::hasEndValue):
        (WebCore::ScrollAnimationTrigger::setHasEndValue):
        (WebCore::ScrollAnimationTrigger::ScrollAnimationTrigger):

2015-03-16  Alex Christensen  <achristensen@webkit.org>

        Progress towards CMake on Mac
        https://bugs.webkit.org/show_bug.cgi?id=142747

        Reviewed by Chris Dumez.

        * CMakeLists.txt:
        * PlatformMac.cmake:
        Added more directories, interfaces, and forwarding headers.
        Temporarily disabled the generating of ObjC bindings in CMake builds.
        * platform/mac/PasteboardMac.mm:
        Removed unused include.

2015-03-16  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: Crash viewing http://www.last.fm/
        https://bugs.webkit.org/show_bug.cgi?id=142309

        Reviewed by Chris Fleizach.

        The crash occurs when a not-yet-rendered object emits a children-changed
        signal. If an assistive technology is listening, AT-SPI2 will attempt to
        create and cache the state set for the child being added and the creation
        of the state set assumes a rendered object.

        Test: platform/gtk/accessibility/no-notification-for-unrendered-iframe-children.html

        * accessibility/atk/AXObjectCacheAtk.cpp:
        (WebCore::AXObjectCache::attachWrapper):

2015-03-16  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r181492.
        https://bugs.webkit.org/show_bug.cgi?id=142756

        May have regressed PLT (Requested by anttik on #webkit).

        Reverted changeset:

        "Cache glyph widths to GlyphPages"
        https://bugs.webkit.org/show_bug.cgi?id=142028
        http://trac.webkit.org/changeset/181492

2015-03-16  Roger Fong  <roger_fong@apple.com>

        [WebGL2] Instancing draw calls.
        https://bugs.webkit.org/show_bug.cgi?id=126939.
        <rdar://problem/15002379>

        Reviewed by Dean Jackson.

        Tested by a modified version of the 1.0.3 conformance tests:
        conformance/extensions/angle-instanced-arrays.html
        conformance/extensions/angle-instanced-arrays-out-of-bounds.html

        These tests will be landed along with other modified extension conformance tests
        once approval from Khronos is received.

        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::clear): Generate error if clearing an integer color buffer.
        (WebCore::WebGL2RenderingContext::vertexAttribDivisor): Call method from base class.
        (WebCore::WebGL2RenderingContext::drawArraysInstanced): Ditto.
        (WebCore::WebGL2RenderingContext::drawElementsInstanced): Ditto.
        (WebCore::WebGL2RenderingContext::isIntegerFormat): Ditto.
        (WebCore::WebGL2RenderingContext::validateDrawElements): Deleted. Move back to base class.
        * html/canvas/WebGL2RenderingContext.h:
        * html/canvas/WebGL2RenderingContext.idl: Add a missing enum.
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::clear): Copied from WebGLRenderingContextBase.
        (WebCore::WebGLRenderingContext::validateDrawElements): Deleted. Move back to base class.
        * html/canvas/WebGLRenderingContext.h:
        * html/canvas/WebGLRenderingContextBase.cpp: 
        (WebCore::WebGLRenderingContextBase::clear): Deleted. Moved to WebGLRenderingContext.
        (WebCore::WebGLRenderingContextBase::getVertexAttrib): Check for WebGL2 context.
        (WebCore::WebGLRenderingContext::validateDrawElements): Ditto.
        * html/canvas/WebGLRenderingContextBase.h:

2015-03-16  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r181572.
        https://bugs.webkit.org/show_bug.cgi?id=142755

        Caused weird test failures in transitions and animations
        (Requested by dino on #webkit).

        Reverted changeset:

        "Parsing and Style Resolution of Container-based Animation
        Triggers"
        https://bugs.webkit.org/show_bug.cgi?id=142687
        http://trac.webkit.org/changeset/181572

2015-03-16  Yoav Weiss  <yoav@yoav.ws>

        Remove setCachedImage from HTMLImageElement since it is not used
        https://bugs.webkit.org/show_bug.cgi?id=142740

        Reviewed by Chris Dumez.

        No new tests since this patch is just removing dead code.

        HTMLImageElement::setCachedImage is not being called by anyone.
        This patch removes it, since it's dead code.

        * html/HTMLImageElement.h:
        (WebCore::HTMLImageElement::setCachedImage): Deleted.

2015-03-16  Brent Fulgham  <bfulgham@apple.com>

        WebKit1 Clients Are Not Reliably Repainted
        https://bugs.webkit.org/show_bug.cgi?id=142750
        <rdar://problem/20042453>

        Reviewed by Simon Fraser.

        * page/FrameView.cpp:
        (WebCore::FrameView::paintContents): Move "Red Rect" debug painting before
        the early return so we can see when this happening in debug builds.
        * page/FrameView.h:
        (WebCore::FrameView::inPaintableState): Added.

2015-03-16  Chris Dumez  <cdumez@apple.com>

        Make DatabaseContext suspendable if there is no pending database activity
        https://bugs.webkit.org/show_bug.cgi?id=142716
        <rdar://problem/19923085>

        Reviewed by Andreas Kling.

        Make DatabaseContext suspendable if there is no pending database
        activity, i.e:
        - No pending Database creation JS callback
        - No pending transaction(s)

        Suspending is safe in this case because we are not going to interrupt
        any database activity, nor fire any JS event.

        This greatly increases the likelihood of pages using websql to enter
        the PageCache.

        Tests: fast/history/page-cache-webdatabase-no-transaction-db.html
               fast/history/page-cache-webdatabase-pending-transaction.html

        * Modules/webdatabase/Database.cpp:
        (WebCore::Database::hasPendingTransaction):
        * Modules/webdatabase/Database.h:
        * Modules/webdatabase/DatabaseContext.cpp:
        (WebCore::DatabaseContext::canSuspend):
        * Modules/webdatabase/DatabaseManager.cpp:
        (WebCore::DatabaseManager::openDatabase):
        * Modules/webdatabase/DatabaseThread.cpp:
        (WebCore::DatabaseThread::hasPendingDatabaseActivity):
        * Modules/webdatabase/DatabaseThread.h:

2015-03-16  Brady Eidson  <beidson@apple.com>

        Addressing additional review feedback after http://trac.webkit.org/changeset/181565
        https://bugs.webkit.org/show_bug.cgi?id=142733

        Reviewed by Darin Adler.

        * loader/icon/IconController.cpp:
        (WebCore::IconController::startLoader): Null check page()

2015-03-16  Roger Fong  <roger_fong@apple.com>

        [Win] Unreviewed build fix attempt after r181571.

        * WebCore.vcxproj/WebCore.vcxproj:

2015-03-16  Roger Fong  <roger_fong@apple.com>

        [WebGL2] Multiple Render Targets.
        https://bugs.webkit.org/show_bug.cgi?id=126994.
        <rdar://problem/15815766>

        Reviewed by Dean Jackson.

        Tested by a modified version of the 1.0.3 conformance test:
        conformance/extensions/webgl-draw-buffers.html
        This test will be landed along with other modified extension conformance tests
        once approval from Khronos is received.

        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::drawBuffers): Mostly the same as WebGLDrawBuffers::drawBuffersWEBGL.
        Returns different error messages, uses non EXT enums.
        (WebCore::WebGL2RenderingContext::clearBufferiv): This actually does nothing for now but the validation has been implemented.
        (WebCore::WebGL2RenderingContext::clearBufferuiv): Ditto.
        (WebCore::WebGL2RenderingContext::clearBufferfv): Ditto.
        (WebCore::WebGL2RenderingContext::clearBufferfi): Ditto.
        (WebCore::WebGL2RenderingContext::validateFramebufferFuncParameters): Removes the extension object check.
        (WebCore::WebGL2RenderingContext::getMaxDrawBuffers):
        (WebCore::WebGL2RenderingContext::getMaxColorAttachments): Must return the same thing as getMaxDrawBuffers.
        (WebCore::WebGL2RenderingContext::getParameter): Remove extension object checks.
        * html/canvas/WebGL2RenderingContext.h:
        * html/canvas/WebGLFramebuffer.cpp:
        (WebCore::WebGLFramebuffer::drawBuffersIfNecessary):
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::validateFramebufferFuncParameters): Copied from WebGLRenderingContextBase.
        (WebCore::WebGLRenderingContext::getMaxDrawBuffers): Ditto.
        (WebCore::WebGLRenderingContext::getMaxColorAttachments): Ditto.
        * html/canvas/WebGLRenderingContext.h:
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::validateFramebufferFuncParameters): Deleted.
        * html/canvas/WebGLRenderingContextBase.h:

2015-03-16  Dean Jackson  <dino@apple.com>

        Parsing and Style Resolution of Container-based Animation Triggers
        https://bugs.webkit.org/show_bug.cgi?id=142687
        <rdar://problem/20170007>

        Reviewed by Simon Fraser.

        This is the beginning of a prototype implementation of
        CSS Animation Triggers, as described by
        https://lists.w3.org/Archives/Public/www-style/2014Sep/0135.html

        In this patch we parse and resolve the value of a new
        CSS property "-webkit-animation-trigger". At the moment it
        only accepts one function value "container-scroll", which
        will trigger the animation at an absolute position within
        an element's scrolling container. We expect the syntax to
        change in the near future, as the spec is written.

        Tests: animations/trigger-computed-style.html
               animations/trigger-parsing.html

        * WebCore.xcodeproj/project.pbxproj: Add the new files.

        * css/CSSAnimationTriggerScrollValue.cpp: Added.
        (WebCore::CSSAnimationTriggerScrollValue::customCSSText): Output text for computed style.
        (WebCore::CSSAnimationTriggerScrollValue::equals): Compare two values.
        * css/CSSAnimationTriggerScrollValue.h: Added. This holds the CSS side of the
        scroll trigger. This name may change in the future to better represent the
        type of trigger, but it is good enough for now.
        (WebCore::CSSAnimationTriggerScrollValue::create):
        (WebCore::CSSAnimationTriggerScrollValue::startValue):
        (WebCore::CSSAnimationTriggerScrollValue::endValue):
        (WebCore::CSSAnimationTriggerScrollValue::CSSAnimationTriggerScrollValue):

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::createAnimationTriggerValue): Maps an AnimationTrigger into a CSSValue.
        (WebCore::getAnimationTriggerValue): Gets the current computed style.
        (WebCore::ComputedStyleExtractor::propertyValue):

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue):
        (WebCore::CSSParser::parseAnimationTrigger): Parse the "container-scroll" function
        and record the value as a CSSAnimationTriggerScrollValue.
        (WebCore::CSSParser::parseAnimationProperty): Handle the new property.
        * css/CSSParser.h:

        * css/CSSPropertyNames.in: Add "-webkit-animation-trigger".

        * css/CSSToStyleMap.cpp:
        (WebCore::CSSToStyleMap::mapAnimationTrigger): Map a CSSValue into a trigger value on
        an Animation object.
        * css/CSSToStyleMap.h:

        * css/CSSValue.cpp: Handle the new CSSValue type.
        (WebCore::CSSValue::equals):
        (WebCore::CSSValue::cssText):
        (WebCore::CSSValue::destroy):
        * css/CSSValue.h:
        (WebCore::CSSValue::isAnimationTriggerScrollValue):

        * platform/animation/Animation.h: Add AnimationTrigger as a new field.
        (WebCore::Animation::isTriggerSet):
        (WebCore::Animation::isEmpty):

        * platform/animation/AnimationTrigger.h: Added. New base class and subclasses for
        "auto" and the scrolling trigger.
        (WebCore::AnimationTrigger::~AnimationTrigger):
        (WebCore::AnimationTrigger::type):
        (WebCore::AnimationTrigger::isAutoAnimationTrigger):
        (WebCore::AnimationTrigger::isScrollAnimationTrigger):
        (WebCore::AnimationTrigger::AnimationTrigger):
        (WebCore::AutoAnimationTrigger::create):
        (WebCore::AutoAnimationTrigger::~AutoAnimationTrigger):
        (WebCore::AutoAnimationTrigger::AutoAnimationTrigger):
        (WebCore::ScrollAnimationTrigger::create):
        (WebCore::ScrollAnimationTrigger::~ScrollAnimationTrigger):
        (WebCore::ScrollAnimationTrigger::startValue):
        (WebCore::ScrollAnimationTrigger::setStartValue):
        (WebCore::ScrollAnimationTrigger::endValue):
        (WebCore::ScrollAnimationTrigger::setEndValue):
        (WebCore::ScrollAnimationTrigger::hasEndValue):
        (WebCore::ScrollAnimationTrigger::setHasEndValue):
        (WebCore::ScrollAnimationTrigger::ScrollAnimationTrigger):

2015-03-15  Roger Fong  <roger_fong@apple.com>

        [WebGL2] Vertex Array Objects.
        https://bugs.webkit.org/show_bug.cgi?id=126944.
        <rdar://problem/15002455>

        Reviewed by Dean Jackson.

        Tested by a modified version of the 1.0.3 conformance test:
        conformance/extensions/oes-vertex-array-object.html
        This test will be landed along with other modified extension conformance tests
        once approval from Khronos is received.

        * html/canvas/OESVertexArrayObject.cpp: Associate extension calls only with WebGLRenderingContext.
        (WebCore::OESVertexArrayObject::deleteVertexArrayOES):
        (WebCore::OESVertexArrayObject::bindVertexArrayOES):
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::initializeVertexArrayObjects):
        (WebCore::WebGLRenderingContext::getParameter):
        * html/canvas/WebGL2RenderingContext.cpp: Implement vertex array object calls as part WebGL2 context.
        (WebCore::WebGL2RenderingContext::createVertexArray):
        (WebCore::WebGL2RenderingContext::deleteVertexArray):
        (WebCore::WebGL2RenderingContext::isVertexArray):
        (WebCore::WebGL2RenderingContext::bindVertexArray):
        (WebCore::WebGL2RenderingContext::initializeVertexArrayObjects):
        (WebCore::WebGL2RenderingContext::getParameter):

        Duplicate extension object vertex array object extension methods in GraphicsContext3D.
        Implementation may change after we upgrade to newer GL headers and profile.
        * platform/graphics/GraphicsContext3D.h:
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::createVertexArray):
        (WebCore::GraphicsContext3D::deleteVertexArray):
        (WebCore::GraphicsContext3D::isVertexArray):
        (WebCore::GraphicsContext3D::bindVertexArray):

        Have WebGLVertexArrayObjectOES and WebGLVertexArrayObject inherit from WebGLRenderingContextBase.
        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * html/canvas/WebGLVertexArrayObject.cpp:
        (WebCore::WebGLVertexArrayObject::create):
        (WebCore::WebGLVertexArrayObject::WebGLVertexArrayObject): Use GraphicsContext3D implementation of createVertexArray.
        (WebCore::WebGLVertexArrayObject::deleteObjectImpl):
        * html/canvas/WebGLVertexArrayObject.h:
        * html/canvas/WebGLVertexArrayObjectBase.cpp: Added.
        (WebCore::WebGLVertexArrayObjectBase::WebGLVertexArrayObjectBase):
        (WebCore::WebGLVertexArrayObjectBase::setElementArrayBuffer):
        (WebCore::WebGLVertexArrayObjectBase::setVertexAttribState):
        (WebCore::WebGLVertexArrayObjectBase::unbindBuffer):
        (WebCore::WebGLVertexArrayObjectBase::setVertexAttribDivisor):
        * html/canvas/WebGLVertexArrayObjectBase.h: Added.
        (WebCore::WebGLVertexArrayObjectBase::~WebGLVertexArrayObjectBase):
        (WebCore::WebGLVertexArrayObjectBase::VertexAttribState::VertexAttribState):
        (WebCore::WebGLVertexArrayObjectBase::VertexAttribState::isBound):
        (WebCore::WebGLVertexArrayObjectBase::VertexAttribState::validateBinding):
        (WebCore::WebGLVertexArrayObjectBase::isDefaultObject):
        (WebCore::WebGLVertexArrayObjectBase::hasEverBeenBound):
        (WebCore::WebGLVertexArrayObjectBase::setHasEverBeenBound):
        (WebCore::WebGLVertexArrayObjectBase::getElementArrayBuffer):
        (WebCore::WebGLVertexArrayObjectBase::getVertexAttribState):
        * html/canvas/WebGLVertexArrayObjectOES.cpp:
        (WebCore::WebGLVertexArrayObjectOES::WebGLVertexArrayObjectOES):
        (WebCore::WebGLVertexArrayObjectOES::deleteObjectImpl):
        (WebCore::WebGLVertexArrayObjectOES::setElementArrayBuffer): Deleted.
        (WebCore::WebGLVertexArrayObjectOES::setVertexAttribState): Deleted.
        (WebCore::WebGLVertexArrayObjectOES::unbindBuffer): Deleted.
        (WebCore::WebGLVertexArrayObjectOES::setVertexAttribDivisor): Deleted.
        * html/canvas/WebGLVertexArrayObjectOES.h:

        * html/canvas/WebGLRenderingContextBase.cpp: Use WebGLVertexArrayObjectBase class.
        (WebCore::WebGLRenderingContextBase::initializeNewContext):
        (WebCore::WebGLRenderingContextBase::disableVertexAttribArray):
        (WebCore::WebGLRenderingContextBase::validateVertexAttributes):
        (WebCore::WebGLRenderingContextBase::enableVertexAttribArray):
        (WebCore::WebGLRenderingContextBase::getVertexAttrib):
        (WebCore::WebGLRenderingContextBase::initVertexAttrib0):
        (WebCore::WebGLRenderingContextBase::simulateVertexAttrib0):
        (WebCore::WebGLRenderingContextBase::restoreStatesAfterVertexAttrib0Simulation):
        * html/canvas/WebGLRenderingContextBase.h:
        (WebCore::WebGLRenderingContextBase::setBoundVertexArrayObject):

        Handle construction of WebGLGetInfo using WebGLVertexArrayObject.
        * bindings/js/JSWebGLRenderingContextBaseCustom.cpp:
        (WebCore::toJS):
        * html/canvas/WebGLGetInfo.cpp:
        (WebCore::WebGLGetInfo::WebGLGetInfo):
        (WebCore::WebGLGetInfo::getWebGLVertexArrayObjectOES):
        (WebCore::WebGLGetInfo::getWebGLVertexArrayObject):
        * html/canvas/WebGLGetInfo.h:

2015-03-16  Brent Fulgham  <bfulgham@apple.com>

        Potentially uninitialized Inspector values
        https://bugs.webkit.org/show_bug.cgi?id=142730

        Reviewed by Joseph Pecoraro.

        * inspector/InspectorDOMAgent.cpp:
        (WebCore::parseColor): Make sure color values are given an initial value.

2015-03-16  Brady Eidson  <beidson@apple.com>

        URLs visited during private browsing show up in WebpageIcons.db
        rdar://problem/11254910 and https://bugs.webkit.org/show_bug.cgi?id=142733

        Patch by Sam Weinig. Reviewed by Brady Eidson.

        * loader/icon/IconController.cpp:
        (WebCore::IconController::startLoader): Bail early here if the page is using an ephemeral session.
        (WebCore::IconController::continueLoadWithDecision): Instead of here.

2015-03-16  Conrad Shultz  <conrad_shultz@apple.com>

        Allow clients to selectively disable plug-ins
        https://bugs.webkit.org/show_bug.cgi?id=142506

        Reviewed by Anders Carlsson.

        Add new functionality allow clients to declaratively disable individual plug-ins (in a manner that conceals them
        from the page). As part of this:

        1) Introduce the concept of web-visible plug-ins and related concepts, as distinct from the real underlying
           set of plug-ins.

        2) Where applicable, plumb additional information about plug-ins (specifically, bundle identification) deeper
           down the stack.

        3) Add generic functionality to PluginStrategy to support filtering plug-ins for visibility and introduce
           a concrete implementation thereof in WebPlatformStrategies in WebKit2.

        4) Add messaging infrastructure to allow clients to set and clear plug-in policies.

        While currently only used in a very limited manner, the new declarative plug-in policies are written generically
        so that they could be easily used in the future to reduce synchronous messaging to the client when loading plug-ins.

        * dom/DOMImplementation.cpp:
        (WebCore::DOMImplementation::createDocument):
        Update to reflect function rename.

        * loader/SubframeLoader.cpp:
        (WebCore::findPluginMIMETypeFromURL):
        Adopt getWebVisibleMimesAndPluginIndices().
        (WebCore::logPluginRequest):
        Update to reflect function rename.
        (WebCore::SubframeLoader::shouldUsePlugin):
        Ditto.

        * platform/PlatformStrategies.h:
        Export platformStrategies(), since it is now used in WebProcess.cpp.

        * plugins/DOMMimeType.cpp:
        (WebCore::DOMMimeType::type):
        (WebCore::DOMMimeType::description):
        (WebCore::DOMMimeType::mimeClassInfo):
        Adopt getWebVisibleMimesAndPluginIndices().
        (WebCore::DOMMimeType::enabledPlugin):
        Ditto.

        * plugins/DOMMimeType.h:
        Don't return references in a few places where it is no longer safe to do so.
        (WebCore::DOMMimeType::mimeClassInfo): Deleted.

        * plugins/DOMMimeTypeArray.cpp:
        (WebCore::DOMMimeTypeArray::length):
        Adopt getWebVisibleMimesAndPluginIndices().
        (WebCore::DOMMimeTypeArray::item):
        Ditto.
        (WebCore::DOMMimeTypeArray::canGetItemsForName):
        Ditto.
        (WebCore::DOMMimeTypeArray::namedItem):
        Ditto.

        * plugins/DOMPlugin.cpp:
        (WebCore::DOMPlugin::pluginInfo):
        Adopt getWebVisiblePlugins().
        (WebCore::DOMPlugin::item):
        Adopt getWebVisibleMimesAndPluginIndices().
        (WebCore::DOMPlugin::canGetItemsForName):
        Ditto.
        (WebCore::DOMPlugin::namedItem):
        Ditto.

        * plugins/DOMPlugin.h:
        (WebCore::DOMPlugin::pluginInfo): Deleted.

        * plugins/DOMPluginArray.cpp:
        (WebCore::DOMPluginArray::length):
        Adopt getWebVisiblePlugins().
        (WebCore::DOMPluginArray::item):
        Ditto.
        (WebCore::DOMPluginArray::canGetItemsForName):
        Ditto.
        (WebCore::DOMPluginArray::namedItem):
        Ditto.

        * plugins/PluginData.cpp:
        (WebCore::PluginData::PluginData):
        Stash the passed-in Page and call initPlugins().
        (WebCore::PluginData::getWebVisiblePlugins):
        New member function; call through to PluginStrategy::getWebVisiblePluginInfo().
        (WebCore::PluginData::getWebVisibleMimesAndPluginIndices):
        New member function; build up the mimes and mimePluginIndices vectors in the same manner as before, but
        limited to the web-visible plug-ins.
        (WebCore::PluginData::supportsWebVisibleMimeType):
        Renamed from supportsMimeType(); update to work in terms of web-visible plug-ins.
        (WebCore::PluginData::pluginInfoForWebVisibleMimeType):
        Renamed from pluginInfoForMimeType(); ditto.
        (WebCore::PluginData::pluginNameForWebVisibleMimeType):
        Renamed from pluginNameForMimeType(); ditto.
        (WebCore::PluginData::pluginFileForWebVisibleMimeType):
        Renamed from pluginFileForMimeType(); ditto.
        (WebCore::PluginData::initPlugins):
        (WebCore::PluginData::supportsMimeType): Deleted.
        (WebCore::PluginData::pluginInfoForMimeType): Deleted.
        (WebCore::PluginData::pluginNameForMimeType): Deleted.
        (WebCore::PluginData::pluginFileForMimeType): Deleted.

        * plugins/PluginData.h:
        Add a member variable for the associate Page; declare the PluginLoadClientPolicy enumeration; add
        new members to PluginInfo for the clientLoadPolicy and bundle information.
        (WebCore::PluginData::PluginData):
        Replace some member functions with new ones that will hide plug-ins upon request from the client;
        (WebCore::PluginData::mimes): Deleted.
        (WebCore::PluginData::mimePluginIndices): Deleted.

        * plugins/PluginStrategy.h:
        Declare new member functions for retrieving web-visible plug-ins and setting/clearing plug-in policies.

        * replay/SerializationMethods.cpp:
        (JSC::EncodingTraits<PluginData>::encodeValue):
        Remove now-obsolete code for handling MIME types and add a FIXME.
        (JSC::DeserializedPluginData::DeserializedPluginData):
        (JSC::EncodingTraits<PluginData>::decodeValue):
        Ditto.
        (JSC::EncodingTraits<PluginInfo>::encodeValue):
        Handle the new members in PluginInfo.
        (JSC::EncodingTraits<PluginInfo>::decodeValue):
        Ditto.

        * replay/WebInputs.json:
        Teach Replay about PluginLoadClientPolicy.

2015-03-16  Max Stepin  <maxstepin@gmail.com>

        Add APNG support
        https://bugs.webkit.org/show_bug.cgi?id=17022

        Reviewed by Carlos Garcia Campos.

        Test: fast/images/animated-png.html

        * platform/image-decoders/ImageDecoder.h:
        (WebCore::ImageFrame::divide255):
        (WebCore::ImageFrame::overRGBA):
        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::frameHeader):
        (WebCore::readChunks):
        (WebCore::PNGImageReader::PNGImageReader):
        (WebCore::PNGImageDecoder::PNGImageDecoder):
        (WebCore::PNGImageDecoder::frameBufferAtIndex):
        (WebCore::PNGImageDecoder::headerAvailable):
        (WebCore::PNGImageDecoder::rowAvailable):
        (WebCore::PNGImageDecoder::pngComplete):
        (WebCore::PNGImageDecoder::readChunks):
        (WebCore::PNGImageDecoder::frameHeader):
        (WebCore::PNGImageDecoder::init):
        (WebCore::PNGImageDecoder::clearFrameBufferCache):
        (WebCore::PNGImageDecoder::initFrameBuffer):
        (WebCore::PNGImageDecoder::frameComplete):
        (WebCore::PNGImageDecoder::processingStart):
        (WebCore::PNGImageDecoder::processingFinish):
        (WebCore::PNGImageDecoder::fallbackNotAnimated):
        * platform/image-decoders/png/PNGImageDecoder.h:
        (WebCore::PNGImageDecoder::frameCount):
        (WebCore::PNGImageDecoder::repetitionCount):
        (WebCore::PNGImageDecoder::isComplete):

2015-03-15  Benjamin Poulain  <benjamin@webkit.org>

        CSS: fix the case-insensitive matching of the attribute selectors Begin, End and Hyphen
        https://bugs.webkit.org/show_bug.cgi?id=142715

        Reviewed by Brent Fulgham.

        Fix attribute matching with:
        -Begin: [a^=b].
        -End: [a$=b].
        -Hyphen: [a|=b].

        Tests: fast/selectors/attribute-endswith-value-matching-is-ascii-case-insensitive.html
               fast/selectors/attribute-hyphen-value-matching-is-ascii-case-insensitive.html
               fast/selectors/attribute-startswith-value-matching-is-ascii-case-insensitive.html

        * css/SelectorChecker.cpp:
        (WebCore::attributeValueMatches):
        I forgot to change CSSSelector::Exact in my last patch.
        The tests could not catch that since we use the CSS JIT almost everywhere.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::attributeValueBeginsWith):
        (WebCore::SelectorCompiler::attributeValueEndsWith):
        (WebCore::SelectorCompiler::attributeValueMatchHyphenRule):

2015-03-15  Dan Bernstein  <mitz@apple.com>

        Fixed the iOS build after r181522.

        * page/FrameView.cpp:
        (WebCore::FrameView::performPostLayoutTasks):

2015-03-15  Andy Estes  <aestes@apple.com>

        [Content Filtering] Adopt new NEFilterSource SPI
        https://bugs.webkit.org/show_bug.cgi?id=142710
        rdar://problem/19023855

        Reviewed by Dan Bernstein.

        Teach NetworkExtensionContentFilter to use a new, alternate NEFilterSource SPI on platforms where it is available.

        * platform/ContentFilter.cpp:
        (WebCore::ContentFilter::types): Renamed HAVE(NE_FILTER_SOURCE) to HAVE(NETWORK_EXTENSION).
        * platform/cocoa/NetworkExtensionContentFilter.h: Renamed member variables to remove redundancy, forward-declared NEFilterSourceStatus,
        added a dispatch_semaphore member variable to avoid creating and destroying multiple semaphores, and made m_originalData a SharedBuffer.
        * platform/cocoa/NetworkExtensionContentFilter.mm:
        (decisionInfoReplacementData): Returned the replacement data from a decision handler info dictionary.
        (WebCore::createNEFilterSource): Created either an old-style or new-style NEFilterSource object.
        (WebCore::NetworkExtensionContentFilter::NetworkExtensionContentFilter): Called receivedResponse:decisionHandler: when using the new SPI.
        (WebCore::NetworkExtensionContentFilter::~NetworkExtensionContentFilter): Released the dispatch_semaphore.
        (WebCore::NetworkExtensionContentFilter::addData): Appended the copied NSData to m_originalData, avoiding an additional copy previously
        being made by NSMutableData. Used the new receivedData:decisionHandler: SPI when appropriate.
        (WebCore::NetworkExtensionContentFilter::finishedAddingData): Used the new finishedLoadingWithDecisionHandler: SPI when appropriate.
        (WebCore::NetworkExtensionContentFilter::needsMoreData): Changed m_neFilterSourceStatus to m_status.
        (WebCore::NetworkExtensionContentFilter::didBlockData): Ditto.
        (WebCore::NetworkExtensionContentFilter::getReplacementData): Returned the replacement data from NEFilterSource if the load was blocked.
        Otherwise, returned the original data.
        (WebCore::NetworkExtensionContentFilter::handleDecision): Added a helper to set m_status and m_replacementData, and to signal m_semaphore.
        * platform/spi/cocoa/NEFilterSourceSPI.h: Declared the new NEFilterSource SPI on platforms that support it.

2015-03-15  Brent Fulgham  <bfulgham@apple.com>

        Scroll snap points are not supported on iframe content
        https://bugs.webkit.org/show_bug.cgi?id=142582
        <rdar://problem/20121319>

        Tested by css3/scroll-snap/scroll-snap-iframe.html

        Reviewed by Simon Fraser.

        The scroll snap points were not being applied to the iframe contents because the code
        that sets up the scroll snap point content is not called for iframes.

        To correct this, we need to make sure the snap offsets are set during post-frame layout
        for iframes. We also need to make sure (on Mac) that the scroll animator and timers are updated.

        * page/FrameView.cpp:
        (WebCore::FrameView::performPostLayoutTasks): Call 'updateSnapOffsets' if the frame is not a
        MainFrame. Also notify scroll animators they need to update their snap point settings.

2015-03-15  Simon Fraser  <simon.fraser@apple.com>

        Add the same is<RenderBox> test to KeyframeAnimation::computeExtentOfTransformAnimation()
        that ImplicitAnimation::computeExtentOfTransformAnimation() has, and change the latter
        to the more canonical is<RenderBox>() form.
        
        Fixes an assertion in animations/animation-on-inline-crash.html

        * page/animation/ImplicitAnimation.cpp:
        (WebCore::ImplicitAnimation::computeExtentOfTransformAnimation):
        * page/animation/KeyframeAnimation.cpp:
        (WebCore::KeyframeAnimation::computeExtentOfTransformAnimation):

2015-03-15  Simon Fraser  <simon.fraser@apple.com>

        And another fix. Thanks to Hunseop Jeong for the fix.

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::runPostTypeUpdateTasks):
        (WebCore::HTMLInputElement::didMoveToNewDocument):

2015-03-15  Simon Fraser  <simon.fraser@apple.com>

        Fix the touch-event build.

        * dom/Document.cpp:
        (WebCore::Document::didAddTouchEventHandler):
        (WebCore::Document::didRemoveTouchEventHandler):

2015-03-15  Simon Fraser  <simon.fraser@apple.com>

        Reduce the side-effects of animations turning off overlap testing
        https://bugs.webkit.org/show_bug.cgi?id=92791

        Reviewed by Dean Jackson.
        
        When a layer is running a transition or animation of the transform property,
        we would simply disable overlap testing for later layers, which had the side-effect
        of promoting lots of unrelated elements into layers temporarily.
        
        Fix by maintaining overlap, but computing an overlap extent that takes the animation
        into account.
        
        Rotations are currently treated as full rotations. If an extent for the overlap is
        hard to compute (e.g. 3d transforms, or matrix animations with a rotation component),
        then we fall back to the current behavior.

        Tests: compositing/layer-creation/mismatched-rotated-transform-animation-overlap.html
               compositing/layer-creation/mismatched-rotated-transform-transition-overlap.html
               compositing/layer-creation/mismatched-transform-transition-overlap.html
               compositing/layer-creation/multiple-keyframes-animation-overlap.html
               compositing/layer-creation/scale-rotation-animation-overlap.html
               compositing/layer-creation/scale-rotation-transition-overlap.html
               compositing/layer-creation/translate-animation-overlap.html
               compositing/layer-creation/translate-scale-animation-overlap.html
               compositing/layer-creation/translate-scale-transition-overlap.html
               compositing/layer-creation/translate-transition-overlap.html

        * page/animation/AnimationBase.cpp:
        (WebCore::containsRotation):
        (WebCore::AnimationBase::computeTransformedExtentViaTransformList): When we have matched
        transform lists, we can map a rectangle through the various operations. Transform-origin
        is used to shift the origin of the box first, and then unshift after. If we encounter
        a rotation, for now assume it's a full rotation (a future patch could tighten this up).
        (WebCore::AnimationBase::computeTransformedExtentViaMatrix): If we're using matrix
        interpolation, we have to decompose the matrix to see if there's any rotation component,
        and, if there is, fall back to current behavior.
        * page/animation/AnimationBase.h:
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::computeExtentOfAnimation):
        (WebCore::AnimationController::computeExtentOfAnimation):
        * page/animation/AnimationController.h:
        * page/animation/AnimationControllerPrivate.h:
        * page/animation/CompositeAnimation.cpp:
        (WebCore::CompositeAnimation::computeExtentOfTransformAnimation): Ask active keyframe
        animations and transitions to compute the bounds extent.
        * page/animation/CompositeAnimation.h:
        * page/animation/ImplicitAnimation.cpp:
        (WebCore::ImplicitAnimation::computeExtentOfTransformAnimation): Compute the extent
        of the start and end transforms, and union them.
        * page/animation/ImplicitAnimation.h:
        * page/animation/KeyframeAnimation.cpp:
        (WebCore::KeyframeAnimation::animate):
        (WebCore::KeyframeAnimation::getAnimatedStyle): Some nullptr goodness.
        (WebCore::KeyframeAnimation::computeExtentOfTransformAnimation): Compute an extent
        for each keyframe, and take their union.
        * page/animation/KeyframeAnimation.h:
        * platform/graphics/GeometryUtilities.cpp:
        (WebCore::euclidianDistance): Use Pythagoras to compute a distance.
        (WebCore::boundsOfRotatingRect): Given a rect whose location is relative
        to the rotation origin, compute a bounds for the rotated rect by computing
        the furthest corner from the origin, and sweeping out a circle.
        * platform/graphics/GeometryUtilities.h:
        * platform/graphics/transforms/Matrix3DTransformOperation.h:
        * platform/graphics/transforms/MatrixTransformOperation.h:
        * platform/graphics/transforms/PerspectiveTransformOperation.h:
        * platform/graphics/transforms/RotateTransformOperation.h:
        * platform/graphics/transforms/ScaleTransformOperation.h:
        * platform/graphics/transforms/SkewTransformOperation.h:
        * platform/graphics/transforms/TransformOperation.h:
        (WebCore::TransformOperation::isAffectedByTransformOrigin):
        * platform/graphics/transforms/TransformOperations.cpp:
        (WebCore::TransformOperations::affectedByTransformOrigin): Ask all the operations if
        they are affected by transform-origin.
        (WebCore::TransformOperations::blendByMatchingOperations): nullptr.
        * platform/graphics/transforms/TransformOperations.h:
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::pushMappingToContainer): Comment fix. Only take transforms into account
        if the geometry map says so (which is most of the time).
        * rendering/RenderGeometryMap.cpp:
        (WebCore::RenderGeometryMap::mapToContainer): RenderLayerCompositor is now using the
        geometry map in a way that is incompatible with this assertion; it deliberately ignores
        transforms sometimes, so we can't easily verify that the mapping matches mapping through
        renderers.
        (WebCore::RenderGeometryMap::pushMappingsToAncestor): Save and restore the UseTransforms
        bit.
        * rendering/RenderGeometryMap.h:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::boundingBox): Whitespace.
        (WebCore::RenderLayer::getOverlapBoundsIncludingChildrenAccountingForTransformAnimations): Helper
        function to get the bounds of a layer, including descendants, when a transform animation is running.
        * rendering/RenderLayer.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::CompositingState::CompositingState): Add a ancestorHasTransformAnimation
        flag to detect nested animated transforms.
        (WebCore::RenderLayerCompositor::OverlapExtent::knownToBeHaveExtentUncertainty): This returns true when
        the layer is animating transform, and the transition/animation is such that we can't easily compute the
        bounds of the animation.
        (WebCore::RenderLayerCompositor::computeExtent): const RenderLayer&.
        Compute the animated bounds if there's a transform animation running.
        (WebCore::RenderLayerCompositor::addToOverlapMap): const RenderLayer&
        (WebCore::RenderLayerCompositor::addToOverlapMapRecursive): const RenderLayer&
        (WebCore::RenderLayerCompositor::computeCompositingRequirements):
        Delay the call to pushMappingsToAncestor() until knowing if there's a transform animation running, and
        if there is, push the mapping while ignoring transforms (since the transform is implicitly taken into account
        for overlap via the computed animated bounds).
        If this layer is running a transform animation, set the childState.ancestorHasTransformAnimation flag so
        that descendants will know (nested transform animations fall back to current behavior).
        The if (.... && isRunningAcceleratedTransformAnimation()) is what previously caused us to turn off overlap
        testing in the face of animations. That now only happens if we were unable to easily compute the animation bounds.
        (WebCore::RenderLayerCompositor::isRunningTransformAnimation): This previously tested whether an accelerated animation
        was running, but that's timing sensitive; AnimationController can start the transform animation, but it's not yet
        considered accelerated until we get an async callback from GraphicsLayer, yet this code needed to know if the
        animation was running.
        Since transform animations are always accelerated, we can just test for a running transform animation.
        (WebCore::RenderLayerCompositor::isRunningAcceleratedTransformAnimation): Deleted.
        * rendering/RenderLayerCompositor.h:
        * rendering/style/RenderStyle.cpp:
        (WebCore::requireTransformOrigin): Some FIXME comments.

2015-03-15  Simon Fraser  <simon.fraser@apple.com>

        Clean up related to wheelEvent names
        https://bugs.webkit.org/show_bug.cgi?id=142713

        Reviewed by Anders Carlsson.

        Add EventNames::isWheelEventType() and use it in places that test for the
        two wheel event names.

        * dom/Document.cpp:
        (WebCore::Document::didAddWheelEventHandler):
        (WebCore::Document::didRemoveWheelEventHandler):
        * dom/Document.h: No need for exports (I grepped). Pass the Node*, which
        will be used in a later patch.
        * dom/EventNames.h:
        (WebCore::EventNames::isWheelEventType):
        * dom/Node.cpp:
        (WebCore::Node::didMoveToNewDocument):
        (WebCore::tryAddEventListener):
        (WebCore::tryRemoveEventListener):
        (WebCore::Node::defaultEventHandler):
        * html/shadow/MediaControlsApple.cpp:
        (WebCore::MediaControlsAppleEventListener::handleEvent):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::addEventListener):
        (WebCore::DOMWindow::removeEventListener):
        * page/ios/FrameIOS.mm:
        (WebCore::ancestorRespondingToScrollWheelEvents): Remove dead code.

2015-03-15  Simon Fraser  <simon.fraser@apple.com>

        Remove a redundant repaint when a layer becomes composited
        https://bugs.webkit.org/show_bug.cgi?id=142711

        Reviewed by Anders Carlsson.

        RenderLayerCompositor::computeCompositingRequirements() doesn't need to call
        repaintOnCompositingChange() when a layer is going to become composited,
        because updateBacking() does exactly the same thing. I used an assertion
        and ran the tests to ensure this wasn't a behavior change.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::computeCompositingRequirements):

2015-03-15  Benjamin Poulain  <bpoulain@apple.com>

        Change the exact attribute matching to be ASCII case-insensitive
        https://bugs.webkit.org/show_bug.cgi?id=142609

        Reviewed by Darin Adler.

        In CSS, testing attribute values should be ASCII case-insensitive,
        previously we were using full unicode case conversion.

        Test: fast/selectors/attribute-exact-value-match-is-ascii-case-insensitive.html

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseKeyframeSelector):
        The CSS parser has its own fast version for ASCII case insensitive.
        This code was using the general equalIgnoringASCIICase() which was causing name conflicts,
        change that to the normal CSS parser version.

        * css/SelectorCheckerTestFunctions.h:
        (WebCore::equalIgnoringASCIICase): Deleted.
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementAttributeValueExactMatching):

2015-03-15  Brent Fulgham  <bfulgham@apple.com>

        scroll snap points do not properly account for zoomed pages
        https://bugs.webkit.org/show_bug.cgi?id=142706
        <rdar://problem/20165771>

        Reviewed by Anders Carlsson.

        When a WebView is zoomed (such that it has a non-unity pageScaleFactor), we need to account for this
        scaling value when selecting our correct scroll snap point target, as well as when specifying the
        pixel location for our animation to target.

        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::pageScaleFactor): Added new delegate method.
        * platform/cocoa/ScrollController.h:
        (WebCore::ScrollControllerClient::pageScaleFactor): Added new default delegate.
        * platform/cocoa/ScrollController.mm:
        (WebCore::ScrollController::beginScrollSnapAnimation): Calculate the correct scroll target
        based on the page scale factor.

2015-03-15  Csaba Osztrogonác  <ossy@webkit.org>

        Fix run-bindings-tests on the WinCairo bot
        https://bugs.webkit.org/show_bug.cgi?id=142588

        Reviewed by Alex Christensen.

        * bindings/scripts/test/JS/JSFloat64Array.cpp: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSFloat64Array.h: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestActiveDOMObject.h: Modified property svn:eol-style.
        * bindings/scripts/test/JS/JSTestCallback.cpp: Modified property svn:eol-style.
        * bindings/scripts/test/JS/JSTestCallback.h: Modified property svn:eol-style.
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.h: Modified property svn:eol-style.
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestEventConstructor.h: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestEventTarget.cpp: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestEventTarget.h: Modified property svn:eol-style.
        * bindings/scripts/test/JS/JSTestException.cpp: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestException.h: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.h: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestImplements.cpp: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestImplements.h: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestInterface.cpp: Modified property svn:eol-style.
        * bindings/scripts/test/JS/JSTestInterface.h: Modified property svn:eol-style.
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp: Modified property svn:eol-style.
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.h: Modified property svn:eol-style.
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestNamedConstructor.h: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestNondeterministic.cpp: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestNondeterministic.h: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestObj.cpp: Modified property svn:eol-style.
        * bindings/scripts/test/JS/JSTestObj.h: Modified property svn:eol-style.
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.h: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp: Modified property svn:eol-style.
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h: Modified property svn:eol-style.
        * bindings/scripts/test/JS/JSTestSupplemental.cpp: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestSupplemental.h: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestTypedefs.cpp: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSTestTypedefs.h: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSattribute.cpp: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSattribute.h: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSreadonly.cpp: Added property svn:eol-style.
        * bindings/scripts/test/JS/JSreadonly.h: Added property svn:eol-style.

2015-03-14  Darin Adler  <darin@apple.com>

        More event handler improvements
        https://bugs.webkit.org/show_bug.cgi?id=142701

        Reviewed by Anders Carlsson.

        These are the improvements:

        - Use EventHandler rather than EventListener as the the type for event handler
          attributes. This matches the HTML specification, and also makes sense, since
          EventListener means something else (and we use it to mean that!). Also renamed
          JSWindowEventListener to WindowEventHandler. Even though this only affects the
          JavaScript code generated, it's not really a JavaScript-specific flag.

        - Tweak formatting on addEventListener/removeEventListener/dispatchEvent in
          all the IDL files where the appear. This includes changing the spelling from
          "evt" to "event". Some day we should fix this so these functions only need to
          appear in EventTarget.idl.

        - Tweak formatting a bit on the IDL files we had to modify anyway.

        - Use [Conditional] more often and #if less often in IDL files.

        - Added a new [DocumentEventHandler] attribute for the selectionchange event.
          This involved adding new event handler attribute functions to JSEventListener.h
          for use by the JavaScript bindings.

        - Removed a little unused code from the JavaScript code bindings generator.

        - Improved the mechanism used by HTMLElement and SVGElement to share the list of
          content attributes that are event handlers so there is only one map rather than
          two. Made a similar mechanism so that HTMLBodyElement and HTMLFrameSetElement
          can share the list of window event handlers.

        - Followed the HTML specification by putting all the event handler support in
          the HTMLElement class rather than having event handlers apply only a the
          particular element that uses those events. We already did this for most of
          our event handlers, but we are now doing it for all of them.

        * Modules/battery/BatteryManager.idl: Use EventHandler instead of EventListener
        as appropriate. Also reformatted addEventListener/removeEventListener/dispatchEvent.
        * Modules/encryptedmedia/MediaKeySession.idl: Ditto.
        * Modules/indexeddb/IDBDatabase.idl: Ditto.
        * Modules/indexeddb/IDBOpenDBRequest.idl: Ditto.
        * Modules/indexeddb/IDBRequest.idl: Ditto.
        * Modules/indexeddb/IDBTransaction.idl: Ditto.
        * Modules/mediastream/MediaStream.idl: Ditto.
        * Modules/mediastream/MediaStreamTrack.idl: Ditto.
        * Modules/mediastream/RTCDTMFSender.idl: Ditto.
        * Modules/mediastream/RTCDataChannel.idl: Ditto.
        * Modules/mediastream/RTCPeerConnection.idl: Ditto.
        * Modules/speech/SpeechSynthesisUtterance.idl: Ditto.
        * Modules/webaudio/AudioBufferSourceNode.idl: Ditto.
        * Modules/webaudio/AudioContext.idl: Ditto.
        * Modules/webaudio/OscillatorNode.idl: Ditto.
        * Modules/webaudio/ScriptProcessorNode.idl: Ditto.
        * Modules/websockets/WebSocket.idl: Ditto.
        * css/FontLoader.idl: Ditto.
        * dom/EventListener.idl: Ditto.
        * dom/EventTarget.idl: Ditto.
        * dom/MessagePort.idl: Ditto.
        * dom/Node.idl: Ditto.
        * dom/WebKitNamedFlow.idl: Ditto.
        * fileapi/FileReader.idl: Ditto.
        * html/MediaController.idl: Ditto.
        * html/track/AudioTrackList.idl: Ditto.
        * html/track/TextTrackCue.idl: Ditto.
        * html/track/TextTrackList.idl: Ditto.
        * html/track/VideoTrackList.idl: Ditto.
        * loader/appcache/DOMApplicationCache.idl: Ditto.
        * page/EventSource.idl: Ditto.
        * page/Performance.idl: Ditto.
        * workers/AbstractWorker.idl: Ditto.
        * workers/DedicatedWorkerGlobalScope.idl: Ditto.
        * workers/Worker.idl: Ditto.
        * workers/WorkerGlobalScope.idl: Ditto.
        * xml/XMLHttpRequest.idl: Ditto.
        * xml/XMLHttpRequestUpload.idl: Ditto.

        * Modules/notifications/Notification.idl: Did the above, but also used
        [Conditional] instead of #if throughout.
        * html/track/TextTrack.idl: Ditto.

        * Modules/webaudio/AudioNode.idl: Tweaked paragraphing of this file.

        * bindings/js/JSEventListener.cpp:
        (WebCore::windowEventHandlerAttribute): Renamed to take the word "forwarded"
        out of this. More closely matches the terminology used in IDL files and the
        HTML specification.
        (WebCore::setWindowEventHandlerAttribute): Ditto.
        (WebCore::documentEventHandlerAttribute): Added.
        (WebCore::setDocumentEventHandlerAttribute): Added.
        * bindings/js/JSEventListener.h: Updated for above changes.

        * bindings/objc/PublicDOMInterfaces.h: Renamed argument from "evt" to "event".

        * bindings/scripts/CodeGeneratorGObject.pm:
        (SkipAttribute): Skip attributes of type "EventHandler" rather than attributes
        of type "EventListener".
        * bindings/scripts/CodeGeneratorObjC.pm:
        (SkipAttribute): Ditto.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation): Look for the type EventHandler instead of the type
        EventListener for event handler attributes. Also added code to handle the new
        DocumentEventHandler, and use the name WindowEventHandler instead of the name
        JSWindowEventListener. Removed unneeded preflight check to see if we have
        writable attributes; it was not doing us any good. (That caused a lot of code
        to be un-indented and makes the diff hard to read.)

        * bindings/scripts/IDLAttributes.txt: Removed JSWindowEventListener, and added
        WindowEventHandler and DocumentEventHandler.

        * bindings/scripts/test/TestObj.idl: Use the type EventHandler instead of the
        type EventListener. The test output is unchanged, though.

        * dom/Document.idl: Got rid of the conditionals and merged all the event handler
        attributes into a single sorted, unconditional list. Added some that were missing,
        as detected by the event-handler-attributes.html test.

        * dom/Element.idl: Ditto. This includes moving attributes here that were formerly
        only in certain element classes. Note that the script event handler attribute
        support is still here, even though it should be in HTMLElement and SVGElement
        instead. There's a FIXME about that, but no real urgency in fixing it.

        * html/HTMLAttributeNames.in: Added onmessage. Previously, the support for this
        was from the script attribute only, not the content attribute.

        * html/HTMLBodyElement.cpp:
        (WebCore::HTMLBodyElement::createWindowEventHandlerNameMap): Added. This
        contains the list of all the window event handlers that can be set on a body
        or frameset element and which are triggered by events on the window.
        (WebCore::HTMLBodyElement::eventNameForWindowEventHandlerAttribute): Added.
        This is the function to call to use the map above. Given an attribute, it
        returns either null if it is not a window event handler attribute, or the
        event type if it is one.
        (WebCore::HTMLBodyElement::parseAttribute): Updated to use the new
        functions above. Handling of these attributes is now unconditional, but
        also we don't have to keep the nested if statements here up to date, just
        the list of event handler attributes names in the map create function above.

        * html/HTMLBodyElement.h: Added public eventNameForWindowEventHandlerAttribute
        and private createWindowEventHandlerNameMap functions.

        * html/HTMLBodyElement.idl: Updated to use WindowEventHandler, DocumentEventHandler,
        and EventHandler. Also made everything unconditional. Also filled out the list here
        to match the list handled as content attributes. All covered by the test.

        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::createEventHandlerNameMap): Added. Replaces the old
        populate function. Changed the list of event handler attributes to be a bit more
        complete, and to be entirely unconditional. Also refactored this function to use
        a new populateEventHandlerNameMap helper, shared with HTMLBodyElement.
        (WebCore::HTMLElement::populateEventHandlerNameMap): Added. Factors out the code
        that both this class and HTMLBodyElement use to build event handler name maps.
        (WebCore::HTMLElement::eventNameForEventHandlerAttribute): Added. This is the
        function that call to use the map above. Given an attribute it returns either
        null if it is not an event handler attribute, or the event type if it is one.
        This is actually two functions. One is a protected function for use by both this
        class and HTMLBodyElement so they can share things like the optimization to look
        for the "on" prefix. The other is the public function that we actually use in
        HTMLElement and SVGElement.
        (WebCore::HTMLElement::editabilityFromContentEditableAttr): Tweaked and refactored
        to use lineageOfType. Would have been even simpler if this took an element instead
        of a node. Unrelated to the event handler changes.
        (WebCore::HTMLElement::parseAttribute): Removed long-obsolete code that decided
        whether to call through to the base class. The base class function is empty and
        never needs to be called, and in any case there is no value in doing work to
        decide whether to call through to an empty function. Changed the style of the
        function to use early return instead of else. Worth considering whether we want
        to return early or call through to base class in this family of functions. It's
        more efficient to return early, but doesn't work well if both the derived class
        and base class want to respond to changes to the same attribute. The new logic
        for event handler attributes is more straightforward than the old, since the
        eventNameForEventHandlerAttribute has the logic.
        (WebCore::HTMLElement::textToFragment): Tweaked and refactored a bit, and also
        changed to return a Ref since this never fails and needs to return null.

        * html/HTMLElement.h: Updated for above changes. This includes a template version
        of populateEventHandlerNameMap that extracts the array size at compile time and
        passes it to the non-template function that does the work.

        * html/HTMLFrameElementBase.cpp:
        (WebCore::HTMLFrameElementBase::parseAttribute): Removed unneeded code to handle
        event handler attributes handled by HTMLElement.
        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::parseAttribute): Ditto.
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::parseAttribute): Ditto.
        * html/HTMLObjectElement.cpp:
        (WebCore::HTMLObjectElement::parseAttribute): Ditto.
        * html/HTMLScriptElement.cpp:
        (WebCore::HTMLScriptElement::parseAttribute): Ditto.

        * html/HTMLFrameSetElement.cpp:
        (WebCore::HTMLFrameSetElement::parseAttribute): Changed function to early return
        style, and added FIXMEs about the many problems in the attribute handling code.
        Replaced all the code to handle window event handlers with a new bit of code that
        calls HTMLBodyElement::eventNameForWindowEventHandlerAttribute.

        * html/HTMLFrameSetElement.idl: Changed to match the list of window event handlers
        in HTMLBodyElement.idl, although I did not add the document event handler here.
        As in the various other cases, having some extra event handlers does not seem to
        do harm and this is covered by the event-handler-attributes.html test.

        * html/HTMLMarqueeElement.idl: Renamed EventListener to EventHandler in comment.

        * page/DOMWindow.idl: As with Element and Document, removed conditionals, and
        filled out the list of event handlers so all the tests in
        event-handler-attributes.html will pass.

        * svg/SVGElement.cpp:
        (WebCore::SVGElement::parseAttribute): Changed code to the early return style,
        and replaced the event handler attribute code with new much simpler code that
        uses the new HTMLElement::eventNameForEventHandlerAttribute. Also changed the
        way we call through to base classes. Just call through to the
        SVGLangSpace::parseAttribute function unconditionally, and don't try to use
        early return style to arbitrate among base classes. We should make this
        simplification throughout the SVG code; there's no need for the complexity
        that was there before just to cut down slightly on calls through to base
        class parseAttribute functions.

        * svg/SVGSVGElement.cpp:
        (WebCore::SVGSVGElement::parseAttribute): Changed some of this code to the
        early return style and corrected some comments about the window event handler
        attributes here. These could use some further testing and might later need to be
        properly supported when the attributes are set in script, not just in content.

        * svg/SVGScriptElement.cpp:
        (WebCore::SVGScriptElement::isSupportedAttribute): Deleted.
        (WebCore::SVGScriptElement::parseAttribute): Changed this function to use the
        early return style and also to call through to all three base classes. This is
        a pattern we should follow elsewhere in SVG to simplify the code. There is no
        need for the supportedAttributes sets like the one in this calass, and the code
        is unnecessarily complex, perhaps in an attempt to optimize performance. I'm
        pretty sure the old code was slower than this new code will be. No need for the
        extra hash table lookup every time. Also removed handling of event handler
        attribute which is taken care of by SVGElement now.
        (WebCore::SVGScriptElement::svgAttributeChanged): Made similar changes for
        the same reason as in parseAttribute. This function really needs a new name:
        It's the same as parseAttribute, except it's also used when implementing
        changes due to SVG animation.

        * svg/SVGScriptElement.h: Removed isSupportedAttribute.

2015-03-14  Simon Fraser  <simon.fraser@apple.com>

        Clean up use of flags in localToContainer-type functions
        https://bugs.webkit.org/show_bug.cgi?id=142704

        Reviewed by Alexey Proskuryakov.
        
        RenderObject::localToContainerQuad() had the questionable behavior of always
        enforcing UseTransforms in the flags. However, a future patch will need to call
        localToContainerQuad() without this flag.
        
        Fix by requiring callers of localToAbsoluteQuad(), localToContainerQuad(), localToContainerPoint(),
        and absoluteToLocalQuad() to pass the UseTransforms flag in, providing it as a default argument.
        
        The default value of the MapCoordinatesFlags parameter to mapLocalToContainer(),
        a lower-level function, is removed.
        
        Sprinkle a few more nullptrs around.
        
        No behavior change.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::selectionGapRectsForRepaint): call the higher-level localToContainerPoint()
        instead of mapLocalToContainer().
        (WebCore::RenderBlock::absoluteQuads): Pass UseTransforms.
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::absoluteQuads): Ditto.
        * rendering/RenderBox.h:
        * rendering/RenderFlowThread.h:
        * rendering/RenderGeometryMap.h:
        (WebCore::RenderGeometryMap::absolutePoint):
        (WebCore::RenderGeometryMap::absoluteRect):
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::collectSelectionRects): This function was erroneously passing
        'false' as flags. Pass UseTransforms instead (but no behavior change since
        UseTransforms was forced on lower down).
        * rendering/RenderInline.h:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::scrollRectToVisible): UseTransforms is the parameter default, remove it.
        * rendering/RenderLineBreak.cpp:
        (WebCore::RenderLineBreak::absoluteQuads):
        (WebCore::RenderLineBreak::collectSelectionRects): Another erroneous 'false'.
        * rendering/RenderNamedFlowFragment.cpp:
        (WebCore::RenderNamedFlowFragment::absoluteQuadsForBoxInRegion):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::localToContainerQuad): Here's where we no longer force
        the UseTransforms bit.
        (WebCore::RenderObject::localToContainerPoint): Also here.
        * rendering/RenderObject.h: I prefer bit flags lined up. Makes it easier to spot errors.
        (WebCore::RenderObject::localToAbsoluteQuad):
        * rendering/RenderText.cpp:
        (WebCore::RenderText::collectSelectionRects): Another bad 'false'.
        * rendering/RenderTextLineBoxes.cpp:
        (WebCore::RenderTextLineBoxes::absoluteRectsForRange):
        (WebCore::RenderTextLineBoxes::absoluteQuads):
        (WebCore::RenderTextLineBoxes::absoluteQuadsForRange):
        * rendering/RenderView.h:
        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::collectAbsoluteQuads):
        * rendering/svg/RenderSVGForeignObject.h:
        * rendering/svg/RenderSVGInline.cpp:
        (WebCore::RenderSVGInline::absoluteQuads): Another bad 'false'.
        * rendering/svg/RenderSVGInline.h:
        * rendering/svg/RenderSVGModelObject.cpp:
        (WebCore::RenderSVGModelObject::absoluteQuads):
        * rendering/svg/RenderSVGModelObject.h:
        * rendering/svg/RenderSVGRoot.h:
        * rendering/svg/RenderSVGText.cpp:
        (WebCore::RenderSVGText::absoluteQuads):
        * rendering/svg/RenderSVGText.h:
        * rendering/svg/SVGRenderSupport.h:

2015-03-14  Brent Fulgham  <bfulgham@apple.com>

        [iOS] scroll snap points are animating to the wrong positions...
        https://bugs.webkit.org/show_bug.cgi?id=142705
        <rdar://problem/20136946>

        Reviewed by Simon Fraser.

        Avoid adding an extra '0' snap point to our set. We always start with one zero; this
        extra append just forces us to do more steps in our search for nearest snap point.

        * page/scrolling/AxisScrollSnapOffsets.cpp:
        (WebCore::updateFromStyle): Remove extra '0' appended to offsets.

2015-03-14  Dean Jackson  <dino@apple.com>

        Feature flag for Animations Level 2
        https://bugs.webkit.org/show_bug.cgi?id=142699
        <rdar://problem/20165097>

        Reviewed by Brent Fulgham.

        Add ENABLE_CSS_ANIMATIONS_LEVEL_2 and a runtime flag animationTriggersEnabled.

        * Configurations/FeatureDefines.xcconfig:
        * bindings/generic/RuntimeEnabledFeatures.cpp:
        (WebCore::RuntimeEnabledFeatures::RuntimeEnabledFeatures):
        * bindings/generic/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setAnimationTriggersEnabled):
        (WebCore::RuntimeEnabledFeatures::animationTriggersEnabled):

2015-03-14  Adenilson Cavalcanti  <cavalcantii@gmail.com>

        RenderBlock::imageChange() calling const methods on exit
        https://bugs.webkit.org/show_bug.cgi?id=142648

        Reviewed by Brent Fulgham.

        No new tests, no change on behavior.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::imageChanged): Deleted.
        * rendering/RenderBlock.h:

2015-03-14  Víctor Manuel Jáquez Leal  <vjaquez@igalia.com>

        [GStreamer] share GL context in pipeline
        https://bugs.webkit.org/show_bug.cgi?id=142693

        Reviewed by Philippe Normand.

        GstGL elements in a pipeline need to be aware of the application's
        display and its GL context. This information is shared through context
        messages between the pipeline and the browser.

        This patch shares this context through a GStreamer's synchronous
        message, using the GL information held in the web process.

        This patch is based on the work of Philippe Normand for Bug 138562.

        No new tests because this is platform specific and it depends in the
        run-time availability and configurations of GstGL elements.

        * PlatformGTK.cmake: appends the GstGL header files in the include
        directories. Also its library directory is appended.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::mediaPlayerPrivateSyncMessageCallback): New callback function.
        (WebCore::MediaPlayerPrivateGStreamer::MediaPlayerPrivateGStreamer):
        Initialize the new class attributes.
        (WebCore::MediaPlayerPrivateGStreamer::handleSyncMessage): New method
        for handling synchronous messages from the pipeline. This method
        currently only handles the GL context sharing.
        (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin): Configures
        the pipeline's bus to handle the synchronous messages.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h: Add new
        class methods and attributes.

2015-03-13  Alex Christensen  <achristensen@webkit.org>

        Progress towards CMake on Mac.
        https://bugs.webkit.org/show_bug.cgi?id=142680

        Reviewed by Gyuyoung Kim.

        * PlatformMac.cmake:
        Added new include directories and removed old source files.

2015-03-13  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r181483.
        https://bugs.webkit.org/show_bug.cgi?id=142688

        Caused use-after-free on many tests (Requested by ap on
        #webkit).

        Reverted changeset:

        "Allow clients to selectively disable plug-ins"
        https://bugs.webkit.org/show_bug.cgi?id=142506
        http://trac.webkit.org/changeset/181483

2015-03-13  Antti Koivisto  <antti@apple.com>

        Cache glyph widths to GlyphPages
        https://bugs.webkit.org/show_bug.cgi?id=142028

        Reviewed by Andreas Kling.

        Currently we have a separate cache in Font for glyph widths. In practice we always need
        the widths so we can just cache them in GlyphPages. This simplifies the code and removes
        a per-character hash lookup from WidthIterator.

        * platform/graphics/Font.cpp:
        (WebCore::Font::Font):
        (WebCore::Font::initCharWidths):
        (WebCore::Font::platformGlyphInit):
        (WebCore::createAndFillGlyphPage):
        (WebCore::Font::computeWidthForGlyph):

            Rename to make it clear this doesn't cache.

        (WebCore::GlyphPage::setGlyphDataForIndex):

            Initialize the width.
            This could go to GlyphPage.cpp if we had one.

        * platform/graphics/Font.h:
        (WebCore::Font::glyphZeroWidth):
        (WebCore::Font::isZeroWidthSpaceGlyph):
        (WebCore::Font::zeroGlyph): Deleted.
        (WebCore::Font::setZeroGlyph): Deleted.
        (WebCore::Font::widthForGlyph): Deleted.
        * platform/graphics/FontCascade.cpp:
        (WebCore::offsetToMiddleOfGlyph):
        * platform/graphics/FontCascadeFonts.cpp:
        (WebCore::FontCascadeFonts::glyphDataForCharacter):
        * platform/graphics/GlyphPage.h:
        (WebCore::GlyphData::GlyphData):

            Return width too as part of GlyphData.

        (WebCore::GlyphPage::glyphDataForIndex):
        (WebCore::GlyphPage::setGlyphDataForCharacter):
        (WebCore::GlyphPage::setGlyphDataForIndex):
        (WebCore::GlyphPage::GlyphPage):
        * platform/graphics/WidthIterator.cpp:
        (WebCore::WidthIterator::advanceInternal):

            No need to lookup width separately now.

        * platform/graphics/mac/ComplexTextController.cpp:
        (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
        * platform/graphics/mac/ComplexTextControllerCoreText.mm:
        (WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun):
        * rendering/mathml/RenderMathMLOperator.cpp:
        (WebCore::RenderMathMLOperator::advanceForGlyph):
        * rendering/svg/SVGTextRunRenderingContext.cpp:
        (WebCore::missingGlyphForFont):
        * svg/SVGFontData.cpp:
        (WebCore::SVGFontData::initializeFont):

2015-03-13  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Enable WIRELESS_PLAYBACK_TARGET
        https://bugs.webkit.org/show_bug.cgi?id=142635

        Reviewed by Darin Adler.

        * Configurations/FeatureDefines.xcconfig:

2015-03-13  Jeremy Jones  <jeremyj@apple.com>

        Fix typo restoreUserInterfaceForOptimizedFullscreeStopWithCompletionHandler.
        https://bugs.webkit.org/show_bug.cgi?id=142678

        Reviewed by Eric Carlson.

        Add the missing 'n' in "fullscreen".

        * platform/spi/ios/AVKitSPI.h:

2015-03-13  Timothy Horton  <timothy_horton@apple.com>

        Sites that use a device-width viewport but don't have enough height to fill the view are scaled up
        https://bugs.webkit.org/show_bug.cgi?id=142664
        <rdar://problem/18859470>

        Reviewed by Benjamin Poulain.

        * page/ViewportConfiguration.cpp:
        (WebCore::ViewportConfiguration::shouldIgnoreHorizontalScalingConstraints):
        (WebCore::ViewportConfiguration::shouldIgnoreVerticalScalingConstraints):
        (WebCore::ViewportConfiguration::shouldIgnoreScalingConstraints):
        Split shouldIgnoreScalingConstraints into one for each dimension.

        (WebCore::ViewportConfiguration::initialScale):
        (WebCore::ViewportConfiguration::minimumScale):
        Don't force the initial and minimum scales to cover the whole view if the
        page claims to want to lay out to device width but then lays out too big.
        This will allow pages that misbehave in this way to scale down further
        than they previously could, but will result in a region of empty background
        color being exposed at the initial/minimum scale.

        (WebCore::ViewportConfiguration::description):
        Update the logging to show each dimension separately.

        * page/ViewportConfiguration.h:

2015-03-13  Mark Lam  <mark.lam@apple.com>

        Replace TCSpinLock with a new WTF::SpinLock based on WTF::Atomic.
        <https://webkit.org/b/142674>

        Reviewed by Filip Pizlo.

        No new tests because there is no new functionality. This is a refactoring effort.

        * bindings/objc/WebScriptObject.mm:
        * platform/ios/wak/WAKWindow.mm:
        (-[WAKWindow initWithLayer:]):
        (-[WAKWindow initWithFrame:]):

2015-03-13  Doug Russell  <d_russell@apple.com>

        AX: Provide API for assistive tech to ignore DOM key event handlers
        https://bugs.webkit.org/show_bug.cgi?id=142059

        Reviewed by Beth Dakin.

        Assistive technology applications on the desktop are heavily dependent on keyboard navigation being reliable. This is greatly hindered by sites that handle key events without updating keyboard selection and then consume the event. It is important for assistive technology apps to allow users to decide to ignore these handlers that are incorrect for their purposes.

        This can be fixed by exposing, via a new accessibility attribute, a way to decide, for a given WebCore::Frame, to pre-empt DOM dispatch and instead let accessibility caret browsing take place.

        Test: platform/mac/accessibility/prevent-keyboard-event-dispatch.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::preventKeyboardDOMEventDispatch):
        (WebCore::AccessibilityObject::setPreventKeyboardDOMEventDispatch):
        * accessibility/AccessibilityObject.h:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeNames]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
        (-[WebAccessibilityObjectWrapper accessibilityIsAttributeSettable:]):
        (-[WebAccessibilityObjectWrapper _accessibilitySetValue:forAttribute:]):
        * dom/Element.cpp:
        (WebCore::Element::dispatchKeyEvent):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::keyEvent):
        (WebCore::handleKeyboardSelectionMovement):
        (WebCore::EventHandler::handleKeyboardSelectionMovementForAccessibility):
        * page/EventHandler.h:
        * page/Settings.in:

2015-03-09  Conrad Shultz  <conrad_shultz@apple.com>

        Allow clients to selectively disable plug-ins
        https://bugs.webkit.org/show_bug.cgi?id=142506

        Reviewed by Anders Carlsson.

        Add new functionality allow clients to declaratively disable individual plug-ins (in a manner that conceals them
        from the page). As part of this:

        1) Introduce the concept of web-visible plug-ins and related concepts, as distinct from the real underlying
           set of plug-ins.

        2) Where applicable, plumb additional information about plug-ins (specifically, bundle identification) deeper
           down the stack.

        3) Add generic functionality to PluginStrategy to support filtering plug-ins for visibility and introduce
           a concrete implementation thereof in WebPlatformStrategies in WebKit2.

        4) Add messaging infrastructure to allow clients to set and clear plug-in policies.

        While currently only used in a very limited manner, the new declarative plug-in policies are written generically
        so that they could be easily used in the future to reduce synchronous messaging to the client when loading plug-ins.

        * dom/DOMImplementation.cpp:
        (WebCore::DOMImplementation::createDocument):
        Update to reflect function rename.

        * loader/SubframeLoader.cpp:
        (WebCore::findPluginMIMETypeFromURL):
        Adopt getWebVisibleMimesAndPluginIndices().
        (WebCore::logPluginRequest):
        Update to reflect function rename.
        (WebCore::SubframeLoader::shouldUsePlugin):
        Ditto.

        * platform/PlatformStrategies.h:
        Export platformStrategies(), since it is now used in WebProcess.cpp.

        * plugins/DOMMimeType.cpp:
        (WebCore::DOMMimeType::type):
        (WebCore::DOMMimeType::description):
        (WebCore::DOMMimeType::mimeClassInfo):
        Adopt getWebVisibleMimesAndPluginIndices().
        (WebCore::DOMMimeType::enabledPlugin):
        Ditto.

        * plugins/DOMMimeType.h:
        Don't return references in a few places where it is no longer safe to do so.
        (WebCore::DOMMimeType::mimeClassInfo): Deleted.

        * plugins/DOMMimeTypeArray.cpp:
        (WebCore::DOMMimeTypeArray::length):
        Adopt getWebVisibleMimesAndPluginIndices().
        (WebCore::DOMMimeTypeArray::item):
        Ditto.
        (WebCore::DOMMimeTypeArray::canGetItemsForName):
        Ditto.
        (WebCore::DOMMimeTypeArray::namedItem):
        Ditto.

        * plugins/DOMPlugin.cpp:
        (WebCore::DOMPlugin::pluginInfo):
        Adopt getWebVisiblePlugins().
        (WebCore::DOMPlugin::item):
        Adopt getWebVisibleMimesAndPluginIndices().
        (WebCore::DOMPlugin::canGetItemsForName):
        Ditto.
        (WebCore::DOMPlugin::namedItem):
        Ditto.

        * plugins/DOMPlugin.h:
        (WebCore::DOMPlugin::pluginInfo): Deleted.

        * plugins/DOMPluginArray.cpp:
        (WebCore::DOMPluginArray::length):
        Adopt getWebVisiblePlugins().
        (WebCore::DOMPluginArray::item):
        Ditto.
        (WebCore::DOMPluginArray::canGetItemsForName):
        Ditto.
        (WebCore::DOMPluginArray::namedItem):
        Ditto.

        * plugins/PluginData.cpp:
        (WebCore::PluginData::PluginData):
        Stash the passed-in Page and call initPlugins().
        (WebCore::PluginData::getWebVisiblePlugins):
        New member function; call through to PluginStrategy::getWebVisiblePluginInfo().
        (WebCore::PluginData::getWebVisibleMimesAndPluginIndices):
        New member function; build up the mimes and mimePluginIndices vectors in the same manner as before, but
        limited to the web-visible plug-ins.
        (WebCore::PluginData::supportsWebVisibleMimeType):
        Renamed from supportsMimeType(); update to work in terms of web-visible plug-ins.
        (WebCore::PluginData::pluginInfoForWebVisibleMimeType):
        Renamed from pluginInfoForMimeType(); ditto.
        (WebCore::PluginData::pluginNameForWebVisibleMimeType):
        Renamed from pluginNameForMimeType(); ditto.
        (WebCore::PluginData::pluginFileForWebVisibleMimeType):
        Renamed from pluginFileForMimeType(); ditto.
        (WebCore::PluginData::initPlugins):
        (WebCore::PluginData::supportsMimeType): Deleted.
        (WebCore::PluginData::pluginInfoForMimeType): Deleted.
        (WebCore::PluginData::pluginNameForMimeType): Deleted.
        (WebCore::PluginData::pluginFileForMimeType): Deleted.

        * plugins/PluginData.h:
        Add a member variable for the associate Page; declare the PluginLoadClientPolicy enumeration; add
        new members to PluginInfo for the clientLoadPolicy and bundle information.
        (WebCore::PluginData::PluginData):
        Replace some member functions with new ones that will hide plug-ins upon request from the client;
        (WebCore::PluginData::mimes): Deleted.
        (WebCore::PluginData::mimePluginIndices): Deleted.

        * plugins/PluginStrategy.h:
        Declare new member functions for retrieving web-visible plug-ins and setting/clearing plug-in policies.

        * replay/SerializationMethods.cpp:
        (JSC::EncodingTraits<PluginData>::encodeValue):
        Remove now-obsolete code for handling MIME types and add a FIXME.
        (JSC::DeserializedPluginData::DeserializedPluginData):
        (JSC::EncodingTraits<PluginData>::decodeValue):
        Ditto.
        (JSC::EncodingTraits<PluginInfo>::encodeValue):
        Handle the new members in PluginInfo.
        (JSC::EncodingTraits<PluginInfo>::decodeValue):
        Ditto.

        * replay/WebInputs.json:
        Teach Replay about PluginLoadClientPolicy.

2015-03-13  Chris Dumez  <cdumez@apple.com>

        XMLHttpRequests should not prevent a page from entering PageCache
        https://bugs.webkit.org/show_bug.cgi?id=142612
        <rdar://problem/19923085>

        Reviewed by Alexey Proskuryakov.

        Make XMLHttpRequest ActiveDOMObjects suspendable in most cases to
        drastically improve the likelihood of pages using them to enter
        PageCache. XMLHttpRequest used to be only suspendable when not
        loading. After this patch, if the XMLHttpRequest is loading when
        navigating away from the page, it will be aborted and the page
        will enter the PageCache. Upon restoring the page from PageCache,
        the XMLHttpRequests' error handlers will be executed to give them
        a chance to reload if they want to.

        Test: http/tests/navigation/page-cache-xhr.html

        * history/PageCache.cpp:
        (WebCore::logCanCacheFrameDecision):
        (WebCore::PageCache::canCachePageContainingThisFrame):
        Do not prevent a page to enter the page cache ff the main document has
        an error that is a cancellation and all remaining subresource loaders
        are for XHR. We extend the pre-existing mechanism used on iOS, which
        allowed PageCaching if the remaining resource loads are for images.

        * loader/DocumentLoader.cpp:
        (WebCore::areAllLoadersPageCacheAcceptable):
        Mark XHR loaders as PageCache acceptable.

        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::isXMLHttpRequest):
        * loader/DocumentThreadableLoader.h:
        * loader/ThreadableLoader.h:
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::areAllClientsXMLHttpRequests):
        * loader/cache/CachedResource.h:
        * loader/cache/CachedResourceClient.h:
        (WebCore::CachedResourceClient::isXMLHttpRequest):
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::XMLHttpRequest):
        (WebCore::XMLHttpRequest::createRequest):
        (WebCore::XMLHttpRequest::canSuspend):
        Report that we can suspend XMLHttpRequests as long as the window load
        event has already fired. If the window load event has not fired yet,
        it would be unsafe to cancel the load in suspend() as it would
        potentially cause arbitrary JS execution while suspending.

        (WebCore::XMLHttpRequest::suspend):
        If suspending for PageCache and the request is currently loading, abort
        the load and mark that we should fire the error event upon restoring
        from PageCache.

        (WebCore::XMLHttpRequest::resume):
        (WebCore::XMLHttpRequest::resumeTimerFired):
        Upon resuming, fire the error event in a timer if the load was aborted
        for suspending. We need to do this in a timer because we are not allowed
        to execute arbitrary JS inside resume().

        (WebCore::XMLHttpRequest::stop):
        Add a assertion to make sure we are not firing event inside stop() as
        this would potentially cause arbitrary JS execution and it would be
        unsafe. It seems to me that our code is currently unsafe but the
        assertion does not seem to be hit by our current layout tests. I am
        adding the assertion as it would make it clear we have a bug and we
        need to fix it.

        * xml/XMLHttpRequest.h:

2015-03-13  Joonghun Park  <jh718.park@samsung.com>

        Fix Debug build error 'comparison is always true due to limited range of data type [-Werror=type-limits]'
        https://bugs.webkit.org/show_bug.cgi?id=142652

        Reviewed by Csaba Osztrogonác.

        No new tests, no behavior changes.

        Now CSSPropertyID type is uint16_t, so propertyID >= 0 check is needed no more.

        * css/CSSPrimitiveValue.cpp:
        (WebCore::propertyName):
        * css/makeprop.pl:

2015-03-12  Zan Dobersek  <zdobersek@igalia.com>

        Remove DrawingBuffer
        https://bugs.webkit.org/show_bug.cgi?id=142641

        Reviewed by Darin Adler.

        Remove the DrawingBuffer class. Objects of this type were only held in the
        WebGLRenderingContext (later renamed to WebGLRenderingContextBase) on the
        Chromium port, with the relevant code removed in r147888. Since then, the
        m_drawingBuffer member variable has always been null.

        * CMakeLists.txt:
        * PlatformEfl.cmake:
        * PlatformGTK.cmake:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::copyTexImage2D):
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::copyTexImage2D):
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::WebGLRenderingContextBase):
        (WebCore::WebGLRenderingContextBase::initializeNewContext):
        (WebCore::WebGLRenderingContextBase::destroyGraphicsContext3D):
        (WebCore::WebGLRenderingContextBase::markContextChanged):
        (WebCore::WebGLRenderingContextBase::clearIfComposited):
        (WebCore::WebGLRenderingContextBase::paintRenderingResultsToCanvas):
        (WebCore::WebGLRenderingContextBase::paintRenderingResultsToImageData):
        (WebCore::WebGLRenderingContextBase::reshape):
        (WebCore::WebGLRenderingContextBase::drawingBufferWidth):
        (WebCore::WebGLRenderingContextBase::drawingBufferHeight):
        (WebCore::WebGLRenderingContextBase::activeTexture):
        (WebCore::WebGLRenderingContextBase::bindFramebuffer):
        (WebCore::WebGLRenderingContextBase::bindTexture):
        (WebCore::WebGLRenderingContextBase::copyTexSubImage2D):
        (WebCore::WebGLRenderingContextBase::deleteFramebuffer):
        (WebCore::WebGLRenderingContextBase::disable):
        (WebCore::WebGLRenderingContextBase::enable):
        (WebCore::WebGLRenderingContextBase::getContextAttributes):
        (WebCore::WebGLRenderingContextBase::readPixels):
        (WebCore::WebGLRenderingContextBase::loseContextImpl):
        (WebCore::WebGLRenderingContextBase::getBoundFramebufferWidth):
        (WebCore::WebGLRenderingContextBase::getBoundFramebufferHeight):
        (WebCore::WebGLRenderingContextBase::maybeRestoreContext):
        * html/canvas/WebGLRenderingContextBase.h:
        (WebCore::ScopedDrawingBufferBinder::ScopedDrawingBufferBinder): Deleted.
        (WebCore::ScopedDrawingBufferBinder::~ScopedDrawingBufferBinder): Deleted.
        * platform/graphics/GraphicsContext.h:
        * platform/graphics/GraphicsContext3D.h:
        * platform/graphics/cairo/DrawingBufferCairo.cpp: Removed.
        * platform/graphics/gpu/DrawingBuffer.cpp: Removed.
        * platform/graphics/gpu/DrawingBuffer.h: Removed.
        * platform/graphics/gpu/mac/DrawingBufferMac.mm: Removed.
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::paintRenderingResultsToCanvas):
        (WebCore::GraphicsContext3D::paintRenderingResultsToImageData):

2015-03-12  Ryosuke Niwa  <rniwa@webkit.org>

        REGRESSION(r180726): Removing an empty line at the end of textarea clears the entire texture
        https://bugs.webkit.org/show_bug.cgi?id=142646

        Reviewed by Darin Adler.

        The bug was caused by TypingCommand::deleteKeyPressed erroneously determining the editable root to be empty because
        Position::atStartOfTree returns true when it's anchored at a BR that is immediately below the root editable element.

        Fixed the bug by replacing the use of the deprecated atFirstEditingPositionForNode by a code that understands modern
        position types such as PositionIsBeforeAnchor in atStartOfTree and atEndOfTree. These two functions will no longer
        return true when anchored before or after BR after this patch.

        Test: editing/deleting/delete-empty-line-breaks-at-end-of-textarea.html

        * dom/Position.cpp:
        (WebCore::Position::atStartOfTree):
        (WebCore::Position::atEndOfTree):

2015-03-12  Yusuke Suzuki  <utatane.tea@gmail.com>

        Integrate MapData into JSMap and JSSet
        https://bugs.webkit.org/show_bug.cgi?id=142556

        Reviewed by Filip Pizlo.

        Now Set has SetData and it's different from MapData.
        And MapData/SetData are completely integrated into JSSet and JSMap.
        Structured-cloning algorithm need to be aware of these changes.
        And in the case of JSSet, since JSSet doesn't need dummy value for construction,
        Structured-cloning only serialize the keys in JSSet.

        * ForwardingHeaders/runtime/MapDataInlines.h: Added.
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::serialize):
        (WebCore::CloneDeserializer::consumeCollectionDataTerminationIfPossible):
        (WebCore::CloneDeserializer::deserialize):
        (WebCore::CloneDeserializer::consumeMapDataTerminationIfPossible): Deleted.

2015-03-12  Dan Bernstein  <mitz@apple.com>

        Finish up <rdar://problem/20086546> [Cocoa] Add an option to treat certificate chains with SHA1-signed certificates as insecure

        Added back OS X bits that I couldn’t land initially in r181317 or had to remove in r181327.

        * platform/network/mac/CertificateInfoMac.mm:
        (WebCore::CertificateInfo::containsNonRootSHA1SignedCertificate):
        * platform/spi/cocoa/SecuritySPI.h:

2015-03-12  Geoffrey Garen  <ggaren@apple.com>

        REGRESSION: Crash under Heap::reportExtraMemoryAllocatedSlowCase for media element
        https://bugs.webkit.org/show_bug.cgi?id=142636

        Reviewed by Mark Hahnenberg.

        This was a pre-existing bug that I made a lot worse in
        <https://trac.webkit.org/changeset/181411>.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute): Compare size before
        subtracting rather than subtracting and then comparing to zero. The
        latter technique is not valid for unsigned integers, which will happily
        underflow into giant numbers.

        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::reportExtraMemoryAllocated): This code was
         technically correct, but I took the opportunity to clean it up a bit.
         There's no need to do two checks here, and it smells bad to check for
         a negative unsigned integer.

2015-03-12  Sebastian Dröge  <sebastian@centricular.com>

        Stop using single-include headers that are only available since GStreamer >= 1.2.

        https://bugs.webkit.org/show_bug.cgi?id=142537

        Reviewed by Philippe Normand.

        * platform/audio/gstreamer/AudioDestinationGStreamer.cpp:
        * platform/audio/gstreamer/AudioFileReaderGStreamer.cpp:
        * platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp:
        * platform/audio/gstreamer/WebKitWebAudioSourceGStreamer.cpp:
        * platform/graphics/gstreamer/GStreamerUtilities.cpp:
        * platform/graphics/gstreamer/GStreamerUtilities.h:
        * platform/graphics/gstreamer/ImageGStreamer.h:
        Instead of using single-include headers for the GStreamer libraries,
        directly include the headers we need. The single-include headers were
        only added in 1.2, and this would be the only reason why we would
        depend on 1.2.

2015-03-12  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Update AirPlay handling
        https://bugs.webkit.org/show_bug.cgi?id=142541

        Unreviewed, respond to post-review comments.

        * dom/Document.cpp:
        (WebCore::Document::didChoosePlaybackTarget):
        * page/ChromeClient.h:
        * page/Page.cpp:
        (WebCore::Page::showPlaybackTargetPicker):
        (WebCore::Page::didChoosePlaybackTarget):
        (WebCore::Page::configurePlaybackTargetMonitoring):

2015-03-12  Csaba Osztrogonác  <ossy@webkit.org>

        Fix the !ENABLE(PICTURE_SIZES) build
        https://bugs.webkit.org/show_bug.cgi?id=142617

        Reviewed by Darin Adler.

        * html/parser/HTMLPreloadScanner.cpp:
        (WebCore::TokenPreloadScanner::StartTagScanner::processAttributes):

2015-03-11  Joseph Pecoraro  <pecoraro@apple.com>

        Unreviewed follow-up fix to r181426. Initialize TextPosition with zeros in case it gets used.

        Address ASSERT in LayoutTests/printing/page-format-data.html.

        * dom/InlineStyleSheetOwner.cpp:
        (WebCore::InlineStyleSheetOwner::InlineStyleSheetOwner):
        In case the TextPosition gets used because it wasn't created by a parser,
        zeros are more realistic values then beforeFirst.

2015-03-11  Roger Fong  <roger_fong@apple.com>

        Media element time no longer updates while scrubbing following r181279.
        https://bugs.webkit.org/show_bug.cgi?id=142606.
        <rdar://problem/20131014>

        Reviewed by Eric Carlson.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.handleWrapperMouseMove):
        Update time as a result of a mouse move if we are scrubbing.

2015-03-11  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: CSS parser errors in the console should include column numbers
        https://bugs.webkit.org/show_bug.cgi?id=114313

        Reviewed by Darin Adler.

        Test: inspector-protocol/console/warnings-errors.html

        * css/CSSParser.h:
        (WebCore::CSSParser::currentCharacterOffset):
        Get the current character offset depending on the source type.
        Add instance variables to track column position and start
        line / column for inline stylesheets.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::CSSParser):
        (WebCore::CSSParser::parseSheet):
        Initialize new instance variables.

        (WebCore::CSSParser::currentLocation):
        Update to include column information for the token. Also, if we are on the
        first line we may need to take into account a start column offset as well.

        (WebCore::CSSParser::realLex):
        Set the token's start column.
        When bumping the line number, reset the column offset for the next
        line with the next character.

        (WebCore::CSSParser::syntaxError):
        (WebCore::CSSParser::logError):
        Include column information.

        * css/StyleSheetContents.cpp:
        (WebCore::StyleSheetContents::parseAuthorStyleSheet):
        (WebCore::StyleSheetContents::parseString):
        (WebCore::StyleSheetContents::parseStringAtPosition):
        Include column information.

        * css/StyleSheetContents.h:
        * dom/InlineStyleSheetOwner.cpp:
        (WebCore::InlineStyleSheetOwner::InlineStyleSheetOwner):
        (WebCore::InlineStyleSheetOwner::createSheet):
        Save and use column information later on.

        * dom/InlineStyleSheetOwner.h:
        * inspector/InspectorStyleSheet.cpp:
        (WebCore::InspectorStyleSheet::ensureSourceData):
        Updated parser signature needs starting column and no longer has optional parameters.

2015-03-11  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Update AirPlay handling
        https://bugs.webkit.org/show_bug.cgi?id=142541

        Reviewed by Sam Weinig.

        * WebCore.xcodeproj/project.pbxproj:
        * dom/Document.cpp:
        (WebCore::Document::showPlaybackTargetPicker):
        (WebCore::Document::addPlaybackTargetPickerClient):
        (WebCore::Document::removePlaybackTargetPickerClient):
        (WebCore::Document::configurePlaybackTargetMonitoring):
        (WebCore::Document::requiresPlaybackTargetRouteMonitoring):
        (WebCore::Document::playbackTargetAvailabilityDidChange):
        (WebCore::Document::didChoosePlaybackTarget):
        * dom/Document.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::registerWithDocument):
        (WebCore::HTMLMediaElement::unregisterWithDocument):
        (WebCore::HTMLMediaElement::parseAttribute):
        * html/HTMLMediaElement.h:
        * html/HTMLMediaSession.cpp:
        (WebCore::HTMLMediaSession::HTMLMediaSession):
        (WebCore::HTMLMediaSession::registerWithDocument):
        (WebCore::HTMLMediaSession::unregisterWithDocument):
        (WebCore::HTMLMediaSession::showPlaybackTargetPicker):
        (WebCore::HTMLMediaSession::hasWirelessPlaybackTargets):
        (WebCore::HTMLMediaSession::setHasPlaybackTargetAvailabilityListeners):
        (WebCore::HTMLMediaSession::didChoosePlaybackTarget):
        (WebCore::HTMLMediaSession::externalOutputDeviceAvailableDidChange):
        (WebCore::HTMLMediaSession::requiresPlaybackTargetRouteMonitoring):
        * html/HTMLMediaSession.h:
        * page/ChromeClient.h:
        * page/Page.cpp:
        (WebCore::Page::didChoosePlaybackTarget):
        (WebCore::Page::playbackTargetAvailabilityDidChange):
        (WebCore::Page::configurePlaybackTargetMonitoring):
        * page/Page.h:
        (WebCore::Page::hasWirelessPlaybackTarget):
        (WebCore::Page::playbackTarget):
        * platform/audio/MediaSession.cpp:
        (WebCore::MediaSession::clientDataBufferingTimerFired):
        (WebCore::MediaSession::wirelessRoutesAvailableDidChange): Deleted.
        * platform/audio/MediaSession.h:
        (WebCore::MediaSession::didChoosePlaybackTarget):
        (WebCore::MediaSession::externalOutputDeviceAvailableDidChange):
        (WebCore::MediaSession::requiresPlaybackTargetRouteMonitoring):
        (WebCore::MediaSessionClient::setWirelessPlaybackTarget):
        * platform/audio/MediaSessionManager.cpp:
        (WebCore::MediaSessionManager::wirelessRoutesAvailableChanged): Deleted.
        * platform/audio/MediaSessionManager.h:
        (WebCore::MediaSessionManager::configureWireLessTargetMonitoring):
        * platform/audio/ios/MediaSessionManagerIOS.h:
        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (WebCore::MediaSessionManageriOS::externalOutputDeviceAvailableDidChange):
        (-[WebMediaSessionHelper wirelessRoutesAvailableDidChange:]):
        * platform/graphics/AVPlaybackTarget.h: Added.
        (WebCore::AVPlaybackTarget::~AVPlaybackTarget):
        (WebCore::AVPlaybackTarget::AVPlaybackTarget):
        (WebCore::AVPlaybackTarget::setDevicePickerContext):
        (WebCore::AVPlaybackTarget::devicePickerContext):
        * platform/graphics/AVPlaybackTargetPickerClient.h: Added.
        (WebCore::AVPlaybackTargetPickerClient::~AVPlaybackTargetPickerClient):
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::setWirelessPlaybackTarget):
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::setWirelessPlaybackTarget):
        * platform/graphics/avfoundation/AVPlaybackTargetMac.mm: Added.
        (WebCore::AVPlaybackTarget::encode):
        (WebCore::AVPlaybackTarget::decode):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::cancelLoad):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenLayer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::isCurrentPlaybackTargetWireless):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::wirelessPlaybackTargetType):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::wirelessVideoPlaybackDisabled):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setWirelessVideoPlaybackDisabled):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setWirelessPlaybackTarget):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::updateDisableExternalPlayback):
        (-[WebCoreAVFMovieObserver observeValueForKeyPath:ofObject:change:context:]):

2015-03-11  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Add resource type and load type triggers.
        https://bugs.webkit.org/show_bug.cgi?id=142422

        Reviewed by Benjamin Poulain.

        New API tests.

        * WebCore.xcodeproj/project.pbxproj:
        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        * contentextensions/ContentExtensionParser.cpp:
        (WebCore::ContentExtensions::getTypeFlags):
        (WebCore::ContentExtensions::loadTrigger):
        * contentextensions/ContentExtensionRule.h:
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForResourceLoad):
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForURL): Deleted.
        * contentextensions/ContentExtensionsBackend.h:
        * contentextensions/DFABytecode.h:
        (WebCore::ContentExtensions::instructionSizeWithArguments):
        * contentextensions/DFABytecodeCompiler.cpp:
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitAppendConditionalAction):
        (WebCore::ContentExtensions::DFABytecodeCompiler::compileNode):
        * contentextensions/DFABytecodeCompiler.h:
        * contentextensions/DFABytecodeInterpreter.cpp:
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
        * contentextensions/DFABytecodeInterpreter.h:
        * loader/ResourceLoadInfo.cpp: Added.
        (WebCore::toResourceType):
        (WebCore::readResourceType):
        (WebCore::readLoadType):
        (WebCore::ResourceLoadInfo::isThirdParty):
        (WebCore::ResourceLoadInfo::getResourceFlags):
        * loader/ResourceLoadInfo.h: Added.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):
        * page/UserContentController.cpp:
        (WebCore::UserContentController::actionsForResourceLoad):
        (WebCore::UserContentController::actionsForURL): Deleted.
        * page/UserContentController.h:

2015-03-11  Tim Horton  <timothy_horton@apple.com>

        Fix the build.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::selectClosestWordFromHitTestResult):
        (WebCore::EventHandler::selectClosestWordOrLinkFromMouseEvent):
        (WebCore::EventHandler::handleMousePressEventTripleClick):
        (WebCore::EventHandler::handleMousePressEventSingleClick):

2015-03-11  Timothy Horton  <timothy_horton@apple.com>

        <attachment> shouldn't use "user-select: all"
        https://bugs.webkit.org/show_bug.cgi?id=142453

        Reviewed by Darin Adler.

        It turns out that "user-select: all" is rife with bugs; in lieu of fixing them
        all (at least for now), let's not use "user-select: all" in the default stylesheet
        for <attachment>. It's really overkill anyway, since <attachment> can't have children.
        The only "user-select: all" behavior we actually want is select-on-click.
        So, we'll implement that in a slightly different way.

        Tests: fast/attachment/attachment-select-on-click-inside-user-select-all.html
               fast/attachment/attachment-select-on-click.html

        * css/html.css:
        (attachment):
        No more "user-select: all".

        (attachment:focus): Deleted.
        We stopped using attachment focus a while back and forgot to remove this.

        * dom/Node.h:
        (WebCore::Node::shouldSelectOnMouseDown):
        Add a virtual function that Node subclasses can override to indicate they
        should be selected on mouse down.

        * html/HTMLAttachmentElement.h:
        Override the aforementioned virtual function; <attachment> should always
        be selected on mouse down.

        * page/EventHandler.cpp:
        (WebCore::nodeToSelectOnMouseDownForNode):
        Determine which node should be selected when a mousedown hits the given node.
        If there's any "user-select: all", we go with the outermost "user-select: all".
        Otherwise, we give the node a chance to say that it wants to be selected itself.

        (WebCore::expandSelectionToRespectSelectOnMouseDown):
        Rename this function, it's not just about "user-select: all" anymore.
        Make use of nodeToSelectOnMouseDownForNode.

        (WebCore::EventHandler::selectClosestWordFromHitTestResult):
        (WebCore::EventHandler::selectClosestWordOrLinkFromMouseEvent):
        (WebCore::EventHandler::handleMousePressEventTripleClick):
        (WebCore::EventHandler::handleMousePressEventSingleClick):
        (WebCore::expandSelectionToRespectUserSelectAll): Deleted.
        Adjust to the new names.

2015-03-11  Geoffrey Garen  <ggaren@apple.com>

        Users of Heap::deprecatedReportExtraMemory should switch to reportExtraMemoryAllocated+reportExtraMemoryVisited
        https://bugs.webkit.org/show_bug.cgi?id=142595

        Reviewed by Andreas Kling.

        Fixed this bug for canvas.

        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::memoryCost): Factored out the helper function
        required by our IDL generator.

        (WebCore::HTMLCanvasElement::createImageBuffer): Use
        reportExtraMemoryAllocated.

        * html/HTMLCanvasElement.h:

        * html/HTMLCanvasElement.idl: Adopt the IDL for reporting cost in the
        right way during GC. This will match our reportExtraMemoryAllocated
        with a reportExtraMemoryVisited during GC.

2015-03-11  Roger Fong  <roger_fong@apple.com>

        A number of minor edits to the media controls on OSX.
        https://bugs.webkit.org/show_bug.cgi?id=142551.
        <rdar://problem/20114707>

        Reviewed by Darin Adler.

        This covers a slew of minor edits to the new media controls. They are as follows.
        Small vertical placements adjustments to inline control elements.
        Make sure buttons have no focus outlines.
        Expand height of mute box that triggers the volume panel appearing.
        Turn all button colors into an slightly transparent white.
        Center status display text in fullscreen mode.
        Lower position of captions container in fullscreen mode.
        Show the controls on when done loading of the video an status display is hidden.

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-panel):
        (audio::-webkit-media-controls-panel button:focus):
        (audio::-webkit-media-controls-rewind-button):
        (audio::-webkit-media-controls-play-button):
        (audio::-webkit-media-controls-play-button.paused):
        (audio::-webkit-media-controls-panel .mute-box):
        (video::-webkit-media-controls-volume-max-button):
        (audio::-webkit-media-controls-panel .volume-box):
        (video::-webkit-media-controls-volume-min-button):
        (audio::-webkit-media-controls-wireless-playback-picker-button):
        (audio::-webkit-media-controls-toggle-closed-captions-button):
        (audio::-webkit-media-controls-closed-captions-container li.selected:hover::before):
        (audio::-webkit-media-controls-fullscreen-button):
        (audio::-webkit-media-controls-fullscreen-button.exit):
        (audio::-webkit-media-controls-status-display):
        (audio::-webkit-media-controls-time-remaining-display):
        (video:-webkit-full-screen::-webkit-media-controls-panel .volume-box):
        (video:-webkit-full-screen::-webkit-media-controls-volume-max-button):
        (video:-webkit-full-screen::-webkit-media-controls-volume-min-button):
        (video:-webkit-full-screen::-webkit-media-controls-play-button):
        (video:-webkit-full-screen::-webkit-media-controls-play-button.paused):
        (video:-webkit-full-screen::-webkit-media-controls-seek-back-button):
        (video:-webkit-full-screen::-webkit-media-controls-seek-forward-button):
        (video:-webkit-full-screen::-webkit-media-controls-status-display):
        (video:-webkit-full-screen::-webkit-media-controls-closed-captions-container):
        (audio::-webkit-media-controls-panel button:active): Deleted.
        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.setStatusHidden):

2015-03-11  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r179340 and r179344.
        https://bugs.webkit.org/show_bug.cgi?id=142598

        Caused images to stay alive forever when navigating away from
        the page before they finish loading. (Requested by kling on
        #webkit).

        Reverted changesets:

        "CachedImage: ensure clients overrides imageChanged instead of
        notifyFinished"
        https://bugs.webkit.org/show_bug.cgi?id=140722
        http://trac.webkit.org/changeset/179340

        "HTMLImageLoader: fix build failure on assert condition after
        r179340"
        https://bugs.webkit.org/show_bug.cgi?id=140722
        http://trac.webkit.org/changeset/179344

2015-03-11  Geoffrey Garen  <ggaren@apple.com>

        Many users of Heap::reportExtraMemory* are wrong, causing lots of memory growth
        https://bugs.webkit.org/show_bug.cgi?id=142593

        Reviewed by Andreas Kling.

        Adopt deprecatedReportExtraMemory as a short-term fix for runaway
        memory growth in these cases where we have not adopted
        reportExtraMemoryVisited.

        Long-term, we should use reportExtraMemoryAllocated+reportExtraMemoryVisited.
        That's tracked by https://bugs.webkit.org/show_bug.cgi?id=142595.

        Using IOSDebug, I can see that the canvas stress test @ http://jsfiddle.net/fvyw4ba0/,
        which used to keep > 1000 1MB NonVolatile GPU allocations live, now keeps about 10 live.

        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::reportExtraMemoryAllocated):
        * bindings/js/JSDocumentCustom.cpp:
        (WebCore::toJS):
        * bindings/js/JSImageDataCustom.cpp:
        (WebCore::toJS):
        * bindings/js/JSNodeListCustom.cpp:
        (WebCore::createWrapper):
        * dom/CollectionIndexCache.cpp:
        (WebCore::reportExtraMemoryAllocatedForCollectionIndexCache):
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::createImageBuffer):
        * html/HTMLImageLoader.cpp:
        (WebCore::HTMLImageLoader::imageChanged):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::dropProtection):

2015-03-10  Andy Estes  <aestes@apple.com>

        REGRESSION (r180985): contentfiltering/block-after-add-data.html crashes with GuardMalloc
        https://bugs.webkit.org/show_bug.cgi?id=142526

        Reviewed by Darin Adler.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::dataReceived): Don't delete m_contentFilter until after we're done using its replacement data.

2015-03-10  Sam Weinig  <sam@webkit.org>

        Allow adding a button in input elements for auto fill related functionality
        <rdar://problem/19782066>
        https://bugs.webkit.org/show_bug.cgi?id=142564

        Reviewed by Anders Carlsson.

        Test: fast/forms/input-auto-fill-button.html

        - Adds a new button that can be shown in <input> elements - AutoFillButtonElement.
        - Makes the spelling of AutoFill consistent throughout WebCore and WebKit (except
          where not feasible due to exported API/SPI).

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        Add new files.

        * css/html.css:
        (input::-webkit-auto-fill-button):
        (input::-webkit-auto-fill-button:hover):
        (input::-webkit-auto-fill-button:active):
        Add default style rules for the AutoFill button based on the ones
        used for caps lock indicator.

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::HTMLInputElement):
        (WebCore::HTMLInputElement::autoFillButtonElement):
        (WebCore::HTMLInputElement::reset):
        (WebCore::HTMLInputElement::setValueFromRenderer):
        (WebCore::HTMLInputElement::setAutoFilled):
        (WebCore::HTMLInputElement::setShowAutoFillButton):
        (WebCore::HTMLInputElement::setAutofilled): Deleted.
        * html/HTMLInputElement.h:
        (WebCore::HTMLInputElement::isAutoFilled):
        (WebCore::HTMLInputElement::showAutoFillButton):
        (WebCore::HTMLInputElement::isAutofilled): Deleted.
        Add new bit to represent whether the AutoFill button should be shown
        or not. By default it is not shown, and the client must enable it.

        * html/InputType.cpp:
        (WebCore::InputType::updateAutoFillButton):
        * html/InputType.h:
        (WebCore::InputType::autoFillButtonElement):
        Add new virtual methods for updating and accessing the AutoFill button.

        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::createShadowSubtree):
        (WebCore::TextFieldInputType::autoFillButtonElement):
        (WebCore::TextFieldInputType::destroyShadowSubtree):
        (WebCore::TextFieldInputType::updatePlaceholderText):
        (WebCore::TextFieldInputType::shouldDrawAutoFillButton):
        (WebCore::TextFieldInputType::autoFillButtonElementWasClicked):
        (WebCore::TextFieldInputType::createContainer):
        (WebCore::TextFieldInputType::createAutoFillButton):
        (WebCore::TextFieldInputType::updateAutoFillButton):
        * html/TextFieldInputType.h:
        Add support for adding the AutoFill to the shadow DOM of textfields. The implementation
        is slightly different than for the caps lock indicator, because I didn't want to force
        the creation of a container for all <input> elements just in case an AutoFill button was
        added. Instead, if an AutoFill button is added, the container is created on the fly and
        the existing DOM is updated to move into it. Once a container is created, it is never
        removed.

        * html/shadow/AutoFillButtonElement.cpp: Added.
        (WebCore::AutoFillButtonElement::create):
        (WebCore::AutoFillButtonElement::AutoFillButtonElement):
        (WebCore::AutoFillButtonElement::defaultEventHandler):
        * html/shadow/AutoFillButtonElement.h: Added.
        Add div subclass that swallows the click event and forwards it to the ChromeClient.

        * page/ChromeClient.h:
        Add handleAutoFillButtonClick client function to inform WebKit that the AutoFill
        button was clicked.

        * testing/Internals.cpp:
        (WebCore::Internals::setAutofilled):
        (WebCore::Internals::setShowAutoFillButton):
        * testing/Internals.h:
        * testing/Internals.idl:
        Expose a new internals.setShowAutoFillButton() function to allow testing
        of the AutoFill button from layout tests.

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::isValueAutofilled):
        * css/SelectorCheckerTestFunctions.h:
        (WebCore::isAutofilled):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::canShareStyleWithControl):
        Update for new spelling of AutoFill.

2015-03-11  Geoffrey Garen  <ggaren@apple.com>

        Refactored the JSC::Heap extra cost API for clarity and to make some known bugs more obvious
        https://bugs.webkit.org/show_bug.cgi?id=142589

        Reviewed by Andreas Kling.

        Updated for renames to JSC extra cost APIs.

        Added FIXMEs to our 10 use cases that are currently wrong, including
        canvas, which is the cause of https://bugs.webkit.org/show_bug.cgi?id=142457.

        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::appendBufferInternal):
        (WebCore::SourceBuffer::sourceBufferPrivateAppendComplete):
        (WebCore::SourceBuffer::reportExtraMemoryAllocated):
        (WebCore::SourceBuffer::reportExtraMemoryCost): Deleted.
        * Modules/mediasource/SourceBuffer.h:
        * bindings/js/JSDocumentCustom.cpp:
        (WebCore::toJS):
        * bindings/js/JSImageDataCustom.cpp:
        (WebCore::toJS):
        * bindings/js/JSNodeListCustom.cpp:
        (WebCore::createWrapper):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        * dom/CollectionIndexCache.cpp:
        (WebCore::reportExtraMemoryAllocatedForCollectionIndexCache):
        (WebCore::reportExtraMemoryCostForCollectionIndexCache): Deleted.
        * dom/CollectionIndexCache.h:
        (WebCore::Iterator>::computeNodeCountUpdatingListCache):
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::createImageBuffer):
        * html/HTMLCollection.h:
        (WebCore::CollectionNamedElementCache::didPopulate):
        * html/HTMLImageLoader.cpp:
        (WebCore::HTMLImageLoader::imageChanged):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::dropProtection):

2015-03-11  Benjamin Poulain  <bpoulain@apple.com>

        Add basic support for BOL and EOL assertions to the URL Filter parser
        https://bugs.webkit.org/show_bug.cgi?id=142568

        Reviewed by Alex Christensen.

        This patch adds heavily restricted support for BOL and EOL to the URL filter parser.

        Both assertions must be the first/last term of their pattern. Any advanced combination
        results in a parsing error.

        The BOL assertion is easy to represent: currently, any pattern starts at the beginning
        of a line and the NFA are generated accordingly.

        I had two options to represent the EOL assertion:
        1) Add a new special transition on EOL.
        2) Add a new vector of actions to the states, conditional to the EOL input.

        I picked the first option to avoid growing every state by a vector
        that would be empty in the vast majority of cases.


        On the matching side, the interpreter was modified to support transitions on '\0'.
        DFABytecodeInstruction::CheckValue now stops when running on a character after
        the end of the string.

        DFABytecodeInstruction::Jump gets two fixes: First we now account for the index
        to avoid going past the end of the input. Second, stop on '\0' too... the reason
        is that the unconditional jump is only used for fallback edges of the DFA, fallback
        edge are not supposed to accept '\0'.

        * contentextensions/DFA.cpp:
        (WebCore::ContentExtensions::printTransitions):
        * contentextensions/DFABytecodeInterpreter.cpp:
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
        * contentextensions/DFANode.h:
        * contentextensions/NFA.cpp:
        (WebCore::ContentExtensions::NFA::addTransition):
        (WebCore::ContentExtensions::NFA::addEpsilonTransition):
        (WebCore::ContentExtensions::printTransitions):
        * contentextensions/NFANode.h:
        * contentextensions/NFAToDFA.cpp:
        (WebCore::ContentExtensions::populateTransitions):
        (WebCore::ContentExtensions::NFAToDFA::convert):
        * contentextensions/URLFilterParser.cpp:
        (WebCore::ContentExtensions::Term::Term):
        (WebCore::ContentExtensions::Term::isEndOfLineAssertion):
        (WebCore::ContentExtensions::GraphBuilder::assertionBOL):
        (WebCore::ContentExtensions::GraphBuilder::assertionEOL):
        (WebCore::ContentExtensions::GraphBuilder::sinkFloatingTermIfNecessary):

2015-03-11  Jer Noble  <jer.noble@apple.com>

        [Mac] Update fullscreen placeholder UI to use Vibrancy.
        https://bugs.webkit.org/show_bug.cgi?id=142586

        Reviewed by Eric Carlson.

        Update the fullscreen placeholder with a translucent vibrant appearance
        using NSVisualEffectView. Since NSVisuaEffectView is only available for
        OS X 10.10 and above, wrap the new implementation in a version check and
        retain the old implementation.

        Drive-by: Update the strings for the placeholder view with new HI guidance
        as well.

        * English.lproj/Localizable.strings:
        * platform/LocalizedStrings.cpp:
        (WebCore::clickToExitFullScreenText):
        * platform/mac/WebCoreFullScreenPlaceholderView.h:
        * platform/mac/WebCoreFullScreenPlaceholderView.mm:
        (-[WebCoreFullScreenPlaceholderView setExitWarningVisible:]):

2015-03-11  Timothy Horton  <timothy_horton@apple.com>

        Make it possible to zoom on pages that claim to lay out to device size and then fail to do so
        https://bugs.webkit.org/show_bug.cgi?id=142549

        Reviewed by Simon Fraser.

        * page/ViewportConfiguration.cpp:
        (WebCore::ViewportConfiguration::ViewportConfiguration):
        Rename m_ignoreScalingConstraints to m_canIgnoreScalingConstraints,
        because it being true does not guarantee that we will ignore scaling constraints,
        but it being false does guarantee that we won't.

        (WebCore::ViewportConfiguration::shouldIgnoreScalingConstraints):
        Ignore scaling constraints if the page:
            a) claimed to want to lay out to device-width and then laid out too wide
            b) claimed to want to lay out to device-height and then laid out too tall
            c) claimed to want to lay out with initialScale=1 and then laid out too wide

        (WebCore::ViewportConfiguration::initialScale):
        (WebCore::ViewportConfiguration::minimumScale):
        (WebCore::ViewportConfiguration::allowsUserScaling):
        Call shouldIgnoreScalingConstraints() instead of looking at the local, so we can
        have some more logic here (as above).

        (WebCore::ViewportConfiguration::description):
        Dump whether we're ignoring scaling constraints.

        (WebCore::ViewportConfiguration::dump):
        Use WTFLogAlways so that the output goes to various other logging mechanisms
        instead of just stderr.

        * page/ViewportConfiguration.h:
        (WebCore::ViewportConfiguration::setCanIgnoreScalingConstraints):
        (WebCore::ViewportConfiguration::setIgnoreScalingConstraints): Deleted.

2015-03-11  Myles C. Maxfield  <mmaxfield@apple.com>

        Use out-of-band messaging for RenderBox::firstLineBaseline() and RenderBox::inlineBlockBaseline()
        https://bugs.webkit.org/show_bug.cgi?id=142569

        Reviewed by David Hyatt.

        Currently, RenderBox::firstLineBaseline() and RenderBox::inlineBlockBaseline() return -1 to mean
        that its baseline should be skipped. Instead of using this sentinel value, this patch changes the
        return type from int to Optional<int>.

        No new tests because there is no behavior change.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::baselinePosition):
        (WebCore::RenderBlock::firstLineBaseline):
        (WebCore::RenderBlock::inlineBlockBaseline):
        * rendering/RenderBlock.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::firstLineBaseline):
        (WebCore::RenderBlockFlow::inlineBlockBaseline):
        * rendering/RenderBlockFlow.h:
        * rendering/RenderBox.h:
        (WebCore::RenderBox::firstLineBaseline):
        (WebCore::RenderBox::inlineBlockBaseline):
        * rendering/RenderDeprecatedFlexibleBox.cpp:
        (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::baselinePosition):
        (WebCore::RenderFlexibleBox::firstLineBaseline):
        (WebCore::RenderFlexibleBox::inlineBlockBaseline):
        (WebCore::RenderFlexibleBox::marginBoxAscentForChild):
        * rendering/RenderFlexibleBox.h:
        * rendering/RenderMenuList.h:
        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::cellAbove):
        (WebCore::RenderTable::cellBelow):
        (WebCore::RenderTable::cellBefore):
        (WebCore::RenderTable::cellAfter):
        (WebCore::RenderTable::firstLineBlock):
        (WebCore::RenderTable::baselinePosition):
        (WebCore::RenderTable::inlineBlockBaseline):
        (WebCore::RenderTable::firstLineBaseline):
        * rendering/RenderTable.h:
        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::cellBaselinePosition):
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::firstLineBaseline):
        * rendering/RenderTableSection.h:
        * rendering/RenderTextControl.h:
        * rendering/mathml/RenderMathMLBlock.cpp:
        (WebCore::RenderMathMLBlock::baselinePosition):
        (WebCore::RenderMathMLTable::firstLineBaseline):
        * rendering/mathml/RenderMathMLBlock.h:
        * rendering/mathml/RenderMathMLFraction.cpp:
        (WebCore::RenderMathMLFraction::firstLineBaseline):
        * rendering/mathml/RenderMathMLFraction.h:
        * rendering/mathml/RenderMathMLOperator.cpp:
        (WebCore::RenderMathMLOperator::firstLineBaseline):
        * rendering/mathml/RenderMathMLOperator.h:
        * rendering/mathml/RenderMathMLRoot.cpp:
        (WebCore::RenderMathMLRoot::firstLineBaseline):
        (WebCore::RenderMathMLRoot::layout):
        * rendering/mathml/RenderMathMLRoot.h:
        * rendering/mathml/RenderMathMLRow.cpp:
        (WebCore::RenderMathMLRow::layout):
        * rendering/mathml/RenderMathMLScripts.cpp:
        (WebCore::RenderMathMLScripts::layout):
        (WebCore::RenderMathMLScripts::firstLineBaseline):
        * rendering/mathml/RenderMathMLScripts.h:
        * rendering/mathml/RenderMathMLSpace.cpp:
        (WebCore::RenderMathMLSpace::firstLineBaseline):
        * rendering/mathml/RenderMathMLSpace.h:
        * rendering/mathml/RenderMathMLUnderOver.cpp:
        (WebCore::RenderMathMLUnderOver::firstLineBaseline):
        * rendering/mathml/RenderMathMLUnderOver.h:

2015-03-11  Timothy Horton  <timothy_horton@apple.com>

        <attachment>s should be created when dropping files onto contentEditable areas
        https://bugs.webkit.org/show_bug.cgi?id=142494
        <rdar://problem/19982553>

        Reviewed by Anders Carlsson.

        Covered by existing tests.

        * editing/mac/EditorMac.mm:
        (WebCore::Editor::WebContentReader::readFilenames):
        Instead of inserting the dropped URLs as strings, make an <attachment>
        for each.

2015-03-11  David Hyatt  <hyatt@apple.com>

        Optimize offsetWidth and offsetHeight to avoid doing layouts.
        https://bugs.webkit.org/show_bug.cgi?id=142544

        Reviewed by Beth Dakin.

        * dom/Document.cpp:
        (WebCore::Document::updateLayoutIfDimensionsOutOfDate):
        * dom/Document.h:
        Added a new method that only updates layout if it determines that the desired dimensions are out
        of date.

        * dom/Element.cpp:
        (WebCore::Element::offsetWidth):
        (WebCore::Element::offsetHeight):
        Patch offsetWidth and offsetHeight to call the new method rather than updateLayoutIgnorePendingStylesheets.

2015-03-11  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r181367.
        https://bugs.webkit.org/show_bug.cgi?id=142581

        Caused crashes on the debug bots (Requested by cdumez on
        #webkit).

        Reverted changeset:

        "Web Inspector: CSS parser errors in the console should
        include column numbers"
        https://bugs.webkit.org/show_bug.cgi?id=114313
        http://trac.webkit.org/changeset/181367

2015-03-11  Myles C. Maxfield  <mmaxfield@apple.com>

        Inline block children do not have correct baselines if their children are also block elements
        https://bugs.webkit.org/show_bug.cgi?id=142559

        Reviewed by Darin Adler.

        Perform the same computation on child block elements as child inline elements.

        Test: fast/text/baseline-inline-block-block-children.html

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::inlineBlockBaseline):

2015-03-11  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        [CMake][GStreamer] Building EFL or GTK with ENABLE_VIDEO and without ENABLE_WEB_AUDIO is broken.
        https://bugs.webkit.org/show_bug.cgi?id=142577

        Reviewed by Carlos Garcia Campos.

        No new tests, this is a build fix.

        * PlatformEfl.cmake: Include GSTREAMER_AUDIO_LIBRARIES on the link step both for ENABLE_VIDEO and ENABLE_WEB_AUDIO.
        * PlatformGTK.cmake: Idem.

2015-03-10  Philippe Normand  <pnormand@igalia.com>

        Rename MediaStreamCenter to RealtimeMediaSourceCenter
        https://bugs.webkit.org/show_bug.cgi?id=142535

        Reviewed by Eric Carlson.

        As per bug title, rename MediaStreamCenter to
        RealtimeMediaSourceCenter, this class manages
        RealtimeMediaSources, not MediaStreams. Some un-needed includes of
        the header were also removed.

2015-03-11  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Remove unnecessary create() factory functions
        https://bugs.webkit.org/show_bug.cgi?id=142558

        Reviewed by Darin Adler.

        create() function which just returns new instance can be replaced with std::make_unique<>.

        No new tests, no behavior changes.

        * bindings/js/JSCryptoKeySerializationJWK.cpp:
        (WebCore::JSCryptoKeySerializationJWK::keyDataOctetSequence):
        * crypto/keys/CryptoKeyAES.cpp:
        (WebCore::CryptoKeyAES::exportData):
        * crypto/keys/CryptoKeyDataOctetSequence.h:
        * crypto/keys/CryptoKeyHMAC.cpp:
        (WebCore::CryptoKeyHMAC::exportData):
        * crypto/keys/CryptoKeySerializationRaw.cpp:
        (WebCore::CryptoKeySerializationRaw::keyData):
        * platform/audio/mac/CARingBuffer.cpp:
        (WebCore::CARingBuffer::create): Deleted.
        * platform/audio/mac/CARingBuffer.h:
        * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
        (WebCore::AudioSourceProviderAVFObjC::prepare):
        * testing/Internals.cpp:
        (WebCore::Internals::queueMicroTask):
        * testing/MicroTaskTest.cpp:
        (WebCore::MicroTaskTest::create): Deleted.
        * testing/MicroTaskTest.h:
        (WebCore::MicroTaskTest::MicroTaskTest):

2015-03-10  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: CSS parser errors in the console should include column numbers
        https://bugs.webkit.org/show_bug.cgi?id=114313

        Reviewed by Benjamin Poulain.

        Test: inspector-protocol/console/warnings-errors.html

        * css/CSSParser.h:
        (WebCore::CSSParser::currentCharacterOffset):
        Get the current character offset depending on the source type.
        Add instance variables to track column position and start
        line / column for inline stylesheets.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::CSSParser):
        (WebCore::CSSParser::parseSheet):
        Initialize new instance variables.

        (WebCore::CSSParser::currentLocation):
        Update to include column information. Also, if we are on the first line
        we may need to take into account a start column offset as well.

        (WebCore::CSSParser::realLex):
        When bumping the line number, reset the column offset for the next
        line with the next character.

        (WebCore::CSSParser::syntaxError):
        (WebCore::CSSParser::logError):
        Include column information.

        * css/StyleSheetContents.cpp:
        (WebCore::StyleSheetContents::parseAuthorStyleSheet):
        (WebCore::StyleSheetContents::parseString):
        (WebCore::StyleSheetContents::parseStringAtLineAndColumn):
        Include column information.

        * css/StyleSheetContents.h:
        * dom/InlineStyleSheetOwner.cpp:
        (WebCore::InlineStyleSheetOwner::InlineStyleSheetOwner):
        (WebCore::InlineStyleSheetOwner::createSheet):
        Save and use column information later on.

        * dom/InlineStyleSheetOwner.h:
        * inspector/InspectorStyleSheet.cpp:
        (WebCore::InspectorStyleSheet::ensureSourceData):
        Updated parser signature needs starting column and no longer has optional parameters.

2015-03-10  Darin Adler  <darin@apple.com>

        Try to fix the GTK build.

        * html/HTMLVideoElement.idl: Work around gobject bindings generator limitation
        by putting in a LANGUAGE_GOBJECT conditional.

2015-03-10  Darin Adler  <darin@apple.com>

        Some event handler fixes
        https://bugs.webkit.org/show_bug.cgi?id=142474

        Reviewed by Anders Carlsson.

        * bindings/scripts/CodeGenerator.pm:
        (GenerateConditionalStringFromAttributeValue): Improved the algorithm here to
        handle combinations of & and | in conditional expressions; that's coming up when
        combining conditionals for includes in NavigatorContentUtils.idl.

        * bindings/scripts/CodeGeneratorJS.pm:
        (AddToImplIncludes): Removed the rudimentary attempt to split and merge
        conditionals involving | here; instead we rely on the rules in the
        GenerateConditionalStringFromAttributeValue to handle this.
        (GenerateImplementation): Passed new "conditional" argument to JSValueToNative.
        (GenerateParametersCheck): Pass "conditional" argument to AddToImplIncludes and
        JSValueToNative.
        (JSValueToNative): Changed to take "conditional" as an argument, since getting
        it from the signature won't work for a method parameter.
        (WriteData): Merge duplicates based on the result of the
        GenerateConditionalStringFromAttributeValue function rather than on the values
        passed into that function, since that function converts conditionals into a
        canonical form and can make two strings equal that don't start out that way.

        * bindings/scripts/CodeGeneratorObjC.pm:
        (SkipAttribute): Added code to guarantee we won't make Objective-C bindings
        for event handlers. We will rename EventListener to EventHandler in a
        subsequent patch.

        * bindings/scripts/test/JS/JSTestInterface.cpp: Updated for a progression caused
        by the better logic for conditional includes.

        * bindings/scripts/test/JS/JSTestObj.cpp: Updated for change to the test below.
        * bindings/scripts/test/TestObj.idl: Added test of an event handler attribute.

        * dom/Document.idl: Removed unneeded language #if around event handler
        attributes. Removed all the commented out event handler attributes.
        Sorted event handler attributes into a single section rather than separating
        "standard" from "extensions". Sorted the conditional event handler attributes
        into paragraphs at the bottom. We will probably make them all unconditional
        in a subsequent patch.

        * dom/Element.idl: Removed unneeded language #if around event handler
        attributes. Removed all the commented out event handler attributes.
        Moved event handler attributes here from all derived element classes to
        match the approach from the HTML standard. Also resorted the attributes
        as in Document above.

        * html/HTMLBodyElement.idl: Removed unneeded language #if around event handler
        attributes. Removed all the commented out event handler attributes.
        Sorted event handler attributes into a single section rather than separating
        "standard" from "overrides".

        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::populateEventNameForAttributeLocalNameMap):
        Added a few missing attribute names, and re-sorted a bit. Moved any from
        element subclasses here.

        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::parseAttribute): Moved code to handle
        oncomplete and oncompleteerror to Element and HTMLElement.
        * html/HTMLFormElement.idl: Ditto.

        * html/HTMLFrameSetElement.idl: Removed #if and resorted as above.

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::parseAttribute): Moved code to handle
        onsearch to HTMLElement.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute): Moved code to handle
        all the event handler attributes to HTMLElement.
        (WebCore::HTMLMediaElement::updateCaptionContainer): Removed a redundant
        if statement I noticed while auditing all calls to JSC::call.
        (WebCore::HTMLMediaElement::didAddUserAgentShadowRoot): Added clearException.
        I noticed this was missing because a flawed earlier version of my patch was
        causing the script to fail, leaving an exception behind that caused an
        assertion later. So I audited all calls to JSC::call looking for this mistake.

        * html/HTMLMediaElement.idl: Moved all the event handlers from here to
        Element. Also changed everything possible to use Conditional instead of #if.

        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::didAddUserAgentShadowRoot): Added
        clearException. Noticed it was missing while auditing all calls to JSC::call.

        * html/HTMLVideoElement.cpp:
        (WebCore::HTMLVideoElement::parseAttribute): Moved event handler code to
        HTMLElement.

        * html/HTMLVideoElement.idl: Moved event handler to Element.idl and use
        Conditional instead of #if.

        * page/DOMWindow.idl: Use Conditional instead of #if and tidy up the event
        handlers section.

        * svg/svgattrs.in: Remove six unused attribute names. Presumably used in
        some older scheme to implement event handlers but no longer used at all.

2015-03-10  Brent Fulgham  <bfulgham@apple.com>

        CSS scroll-snap-destination and scroll-snap-coordinate are not honoring position values
        https://bugs.webkit.org/show_bug.cgi?id=142411

        Reviewed by Simon Fraser.

        Tested by css3/scroll-snap/scroll-snap-position-values.html.

        Revise the CSSParser to recognize that scroll-snap-coordinates and scroll-snap-destination
        may be specified as positions, therefore allowing 'top', 'bottom', and 'center' for the Y axis,
        and 'left', 'right', and 'center' for the X axis.

        Correct implementation to support calculated values for Scroll Snap Point markup. This required the
        Scroll Snap Point-specific LengthRepeat class to change its internal representation from a CSSPrimitiveValue
        to a regular CSSValue.

        Add tests that these position labels, as well as combinations with percentages and pixel offsets
        are parsed properly.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::scrollSnapDestination): Switch from 'percentageOrZoomAdjustedValue' to 'zoomAdjustedPixelValueForLength'
        when working with Length values. This is necessary to allow calculated results to be based on the proper default
        page dimensions.
        (WebCore::scrollSnapPoints): Ditto.
        (WebCore::scrollSnapCoordinates): Ditto.
        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseScrollSnapPositions): Consolidated code for dealing with snap point
        positions.
        (WebCore::CSSParser::parseScrollSnapDestination): Revise to call new helper function.
        (WebCore::CSSParser::parseScrollSnapCoordinate): Ditto.
        (WebCore::CSSParser::parseFillPositionX): Rename as parsePositionX.
        (WebCore::CSSParser::parseFillPositionY): Rename as parsePositionY.
        (WebCore::CSSParser::parseFillProperty): Update to call renamed parsePosition{X|Y} methods.
        (WebCore::CSSParser::parseTransformOrigin): Ditto.
        (WebCore::CSSParser::parsePerspectiveOrigin): Ditto.
        * css/CSSParser.h:
        * css/LengthRepeat.h: Revise class to use a CSSValue, rather than a CSSPrimitiveValue, so that we can represent
        repeat values as calculations.

2015-03-10  Enrica Casucci  <enrica@apple.com>

        Add support for more emoji with variation.
        https://bugs.webkit.org/show_bug.cgi?id=142548
        rdar://problem/20105008

        Reviewed by Tim Horton.

        Update ICU rules to support new emoji with variation.

        Test: editing/selection/extend-by-character-007.html

        * platform/text/TextBreakIterator.cpp:
        (WebCore::cursorMovementIterator):

2015-03-10  Alex Christensen  <achristensen@webkit.org>

        Use unsigned for HashSet size.
        https://bugs.webkit.org/show_bug.cgi?id=142518

        Reviewed by Benjamin Poulain.

        * Modules/websockets/WebSocketDeflateFramer.cpp:
        (WebCore::WebSocketExtensionDeflateFrame::processResponse):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::checkForDuplicate):
        (WebCore::CloneSerializer::writeConstantPoolIndex):
        * dom/ScriptRunner.cpp:
        (WebCore::ScriptRunner::~ScriptRunner):
        * loader/ResourceLoadScheduler.h:
        * platform/graphics/Font.cpp:
        (WebCore::Font::systemFallbackFontForCharacter):
        * platform/graphics/FontCache.cpp:
        (WebCore::FontCache::purgeInactiveFontDataIfNeeded):
        (WebCore::FontCache::purgeInactiveFontData):
        * platform/graphics/FontCache.h:
        * platform/graphics/freetype/FontCacheFreeType.cpp:
        (WebCore::FontCache::systemFallbackForCharacters):
        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::FontCache::getSystemFontFallbackForCharacters):
        (WebCore::FontCache::systemFallbackForCharacters):
        (WebCore::FontCache::similarFont):
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::shouldAutoActivateFontIfNeeded):
        (WebCore::FontCache::systemFallbackForCharacters):
        (WebCore::FontCache::similarFont):
        * platform/graphics/win/FontCacheWin.cpp:
        (WebCore::FontCache::systemFallbackForCharacters):
        * rendering/RenderDeprecatedFlexibleBox.cpp:
        (WebCore::FlexBoxIterator::next):
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::computeOverflowFromCells):

2015-03-10  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Refactor media controls code
        https://bugs.webkit.org/show_bug.cgi?id=142455

        Reviewed by Dean Jackson.

        No new tests, updated tests/media/hls/video-controls-live-stream-expected.txt.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller):
        (Controller.prototype.addVideoListeners):
        (Controller.prototype.removeVideoListeners):
        (Controller.prototype.createControls):
        (Controller.prototype.setControlsType):
        (Controller.prototype.configureInlineControls):
        (Controller.prototype.updateStatusDisplay):
        (Controller.prototype.handlePanelMouseDown):
        (Controller.prototype.showControls):
        (Controller.prototype.hideControls):
        (Controller.prototype.handleOptimizedFullscreenButtonClicked):
        (Controller.prototype.currentPlaybackTargetIsWireless):
        (Controller.prototype.updateShouldListenForPlaybackTargetAvailabilityEvent):
        (Controller.prototype.updateWirelessPlaybackStatus):
        (Controller.prototype.updateWirelessTargetAvailable):
        (Controller.prototype.handleWirelessPickerButtonClicked):
        (Controller.prototype.handleWirelessPlaybackChange):
        (Controller.prototype.handleWirelessTargetAvailableChange):
        (Controller.prototype.setShouldListenForPlaybackTargetAvailabilityEvent):
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS):
        (ControllerIOS.prototype.addVideoListeners):
        (ControllerIOS.prototype.removeVideoListeners):
        (ControllerIOS.prototype.createControls):
        (ControllerIOS.prototype.setControlsType):
        (ControllerIOS.prototype.configureInlineControls):
        (ControllerIOS.prototype.showControls):
        (ControllerIOS.prototype.handleWirelessPickerButtonTouchEnd):
        (ControllerIOS.prototype.updateShouldListenForPlaybackTargetAvailabilityEvent):
        (ControllerIOS.prototype.updateStatusDisplay):
        (ControllerIOS.prototype.setShouldListenForPlaybackTargetAvailabilityEvent):
        (ControllerIOS.prototype.currentPlaybackTargetIsWireless): Deleted.
        (ControllerIOS.prototype.updateWirelessPlaybackStatus): Deleted.
        (ControllerIOS.prototype.updateWirelessTargetAvailable): Deleted.
        (ControllerIOS.prototype.hideControls): Deleted.
        (ControllerIOS.prototype.handleWirelessPlaybackChange): Deleted.
        (ControllerIOS.prototype.handleWirelessTargetAvailableChange): Deleted.

2015-03-10  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Remove PassRefPtr from svg/properties classes.
        https://bugs.webkit.org/show_bug.cgi?id=142063.

        Reviewed by Darin Adler.
        
        Remove PassRefPtr from svg/properties classes. All the return types and
        the local variables should be RefPtr. If we are sure the pointer can't
        be null, we use Ref instead.

        * svg/SVGMarkerElement.cpp:
        (WebCore::SVGMarkerElement::lookupOrCreateOrientTypeWrapper):
        (WebCore::SVGMarkerElement::orientTypeAnimated):
        * svg/SVGMarkerElement.h:
        * svg/SVGPathElement.cpp:
        (WebCore::SVGPathElement::lookupOrCreateDWrapper):
        (WebCore::SVGPathElement::pathSegList):
        (WebCore::SVGPathElement::animatedPathSegList):
        * svg/SVGPathElement.h:
        * svg/SVGPolyElement.cpp:
        (WebCore::SVGPolyElement::lookupOrCreatePointsWrapper):
        (WebCore::SVGPolyElement::points):
        (WebCore::SVGPolyElement::animatedPoints):
        * svg/SVGPolyElement.h:
        * svg/SVGTextContentElement.cpp:
        (WebCore::SVGTextContentElement::lookupOrCreateTextLengthWrapper):
        (WebCore::SVGTextContentElement::textLengthAnimated):
        * svg/SVGTextContentElement.h:
        * svg/SVGViewSpec.cpp:
        (WebCore::SVGViewSpec::transform):
        (WebCore::SVGViewSpec::viewBoxAnimated):
        (WebCore::SVGViewSpec::preserveAspectRatioAnimated):
        (WebCore::SVGViewSpec::lookupOrCreateViewBoxWrapper):
        (WebCore::SVGViewSpec::lookupOrCreatePreserveAspectRatioWrapper):
        (WebCore::SVGViewSpec::lookupOrCreateTransformWrapper):
        * svg/SVGViewSpec.h:
        * svg/properties/SVGAnimatedEnumerationPropertyTearOff.h:
        (WebCore::SVGAnimatedEnumerationPropertyTearOff::create):
        * svg/properties/SVGAnimatedListPropertyTearOff.h:
        (WebCore::SVGAnimatedListPropertyTearOff::create):
        * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
        (WebCore::SVGAnimatedPathSegListPropertyTearOff::create):
        * svg/properties/SVGAnimatedProperty.h:
        (WebCore::SVGAnimatedProperty::lookupOrCreateWrapper):
        * svg/properties/SVGAnimatedPropertyMacros.h:
        * svg/properties/SVGAnimatedPropertyTearOff.h:
        (WebCore::SVGAnimatedPropertyTearOff::create):
        * svg/properties/SVGAnimatedStaticPropertyTearOff.h:
        (WebCore::SVGAnimatedStaticPropertyTearOff::create):
        * svg/properties/SVGAnimatedTransformListPropertyTearOff.h:
        (WebCore::SVGAnimatedTransformListPropertyTearOff::create):
        * svg/properties/SVGListProperty.h:
        (WebCore::SVGListProperty::initializeValuesAndWrappers):
        (WebCore::SVGListProperty::getItemValuesAndWrappers):
        (WebCore::SVGListProperty::insertItemBeforeValuesAndWrappers):
        (WebCore::SVGListProperty::replaceItemValuesAndWrappers):
        (WebCore::SVGListProperty::removeItemValuesAndWrappers):
        (WebCore::SVGListProperty::appendItemValuesAndWrappers):
        * svg/properties/SVGListPropertyTearOff.h:
        (WebCore::SVGListPropertyTearOff::create):
        (WebCore::SVGListPropertyTearOff::initialize):
        (WebCore::SVGListPropertyTearOff::getItem):
        (WebCore::SVGListPropertyTearOff::insertItemBefore):
        (WebCore::SVGListPropertyTearOff::replaceItem):
        (WebCore::SVGListPropertyTearOff::removeItem):
        (WebCore::SVGListPropertyTearOff::appendItem):
        * svg/properties/SVGPathSegListPropertyTearOff.cpp:
        (WebCore::SVGPathSegListPropertyTearOff::getItem):
        (WebCore::SVGPathSegListPropertyTearOff::replaceItem):
        (WebCore::SVGPathSegListPropertyTearOff::removeItem):
        * svg/properties/SVGPathSegListPropertyTearOff.h:
        (WebCore::SVGPathSegListPropertyTearOff::create):
        (WebCore::SVGPathSegListPropertyTearOff::initialize):
        (WebCore::SVGPathSegListPropertyTearOff::insertItemBefore):
        (WebCore::SVGPathSegListPropertyTearOff::appendItem):
        * svg/properties/SVGPropertyInfo.h:
        * svg/properties/SVGStaticListPropertyTearOff.h:
        (WebCore::SVGStaticListPropertyTearOff::create):
        * svg/properties/SVGStaticPropertyTearOff.h:
        (WebCore::SVGStaticPropertyTearOff::create):
        * svg/properties/SVGTransformListPropertyTearOff.h:
        (WebCore::SVGTransformListPropertyTearOff::create):
        (WebCore::SVGTransformListPropertyTearOff::createSVGTransformFromMatrix):
        (WebCore::SVGTransformListPropertyTearOff::consolidate):

2015-03-10  Timothy Horton  <timothy_horton@apple.com>

        Fix the build

        * platform/network/cf/ResourceHandleCFNet.cpp:
        (WebCore::ResourceHandle::createCFURLConnection):

2015-03-10  Benjamin Poulain  <bpoulain@apple.com>

        Extend URL filter's Term definition to support groups/subpatterns
        https://bugs.webkit.org/show_bug.cgi?id=142519

        Reviewed by Alex Christensen.

        Pretty simple extension: Term is extended to support holding
        a Vector of Term. The quantifier of the Term applies to its
        Vector of term as a whole.

        To avoid exposing too much internal in the API of Term, I moved
        graph generation from GraphBuilder to Term.

        Sinking a CharacterSet works as usual. Sinking a Group is done
        by sinking each of its Terms one by one and then apply the quantifier
        on the whole subgraph. This is done by recursively calling into
        Term::generateGraph().

        Since groups could be nested, the groups make a stack with the latest
        open group on top.
        When sinking a floating Term, it is sunk to the latest open group. If there is no open
        group, we use the prefix tree and sink the whole subpattern to the graph.

        * contentextensions/URLFilterParser.cpp:
        (WebCore::ContentExtensions::Term::Term):
        (WebCore::ContentExtensions::Term::extendGroupSubpattern):
        (WebCore::ContentExtensions::Term::generateGraph):
        (WebCore::ContentExtensions::Term::operator==):
        (WebCore::ContentExtensions::Term::hash):
        (WebCore::ContentExtensions::Term::isUniversalTransition):
        (WebCore::ContentExtensions::Term::generateSubgraphForAtom):
        (WebCore::ContentExtensions::Term::destroy):
        (WebCore::ContentExtensions::Term::Group::operator==):
        (WebCore::ContentExtensions::Term::Group::hash):
        (WebCore::ContentExtensions::GraphBuilder::finalize):
        (WebCore::ContentExtensions::GraphBuilder::atomParenthesesSubpatternBegin):
        (WebCore::ContentExtensions::GraphBuilder::atomParenthesesEnd):
        (WebCore::ContentExtensions::GraphBuilder::sinkFloatingTermIfNecessary):
        (WebCore::ContentExtensions::Term::quantifier): Deleted.
        (WebCore::ContentExtensions::Term::visitSimpleTransitions): Deleted.
        (WebCore::ContentExtensions::GraphBuilder::addTransitions): Deleted.
        (WebCore::ContentExtensions::GraphBuilder::sinkFloatingTerm): Deleted.

2015-03-10  Roger Fong  <roger_fong@apple.com>

        Adjustments to media control fonts.
        https://bugs.webkit.org/show_bug.cgi?id=142509.
        <rdar://problem/20085228>

        Reviewed by Darin Adler.

        Use system font for controls. Adjust surrounding divs accordingly.
        Apply subpixel antialiasing to all media control text.
        * Modules/mediacontrols/mediaControlsApple.css:
        (::-webkit-media-controls):
        (audio::-webkit-media-controls-closed-captions-container .list):
        (audio::-webkit-media-controls-status-display):
        (audio::-webkit-media-controls-time-remaining-display):
        (audio::-webkit-media-controls-current-time-display):
        (audio::-webkit-media-controls-time-remaining-display.five-digit-time):
        (audio::-webkit-media-controls-current-time-display.five-digit-time):
        (audio::-webkit-media-controls-time-remaining-display.six-digit-time):
        (audio::-webkit-media-controls-current-time-display.six-digit-time):

2015-03-10  Dan Bernstein  <mitz@apple.com>

        Fixed a crash in CertificateInfo::containsNonRootSHA1SignedCertificate when loading a non-HTTPS webapge.

        Reviewed by Anders Carlsson.

        * platform/network/mac/CertificateInfoMac.mm:
        (WebCore::CertificateInfo::containsNonRootSHA1SignedCertificate): Null-check the certificate chain.

2015-03-10  Dan Bernstein  <mitz@apple.com>

        Fixed the build.

        * platform/spi/cocoa/SecuritySPI.h:

2015-03-10  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Merge TextFragmentIterator::findNextBreakablePosition() and TextFragmentIterator::findNextNonWhitespacePosition().
        https://bugs.webkit.org/show_bug.cgi?id=142344

        Reviewed by Antti Koivisto.

        This patch merges findNextBreakablePosition() and findNextNonWhitespacePosition() so that
        the segment looping and position handling logic are no longer duplicated. It also unifies
        the static next*() functions' signature.

        No change in functionality.

        * rendering/SimpleLineLayoutTextFragmentIterator.cpp:
        (WebCore::SimpleLineLayout::TextFragmentIterator::nextTextFragment):
        (WebCore::SimpleLineLayout::nextBreakablePosition):
        (WebCore::SimpleLineLayout::nextNonWhitespacePosition):
        (WebCore::SimpleLineLayout::TextFragmentIterator::skipToNextPosition):
        (WebCore::SimpleLineLayout::TextFragmentIterator::findNextBreakablePosition): Deleted.
        (WebCore::SimpleLineLayout::findNextNonWhitespace): Deleted.
        (WebCore::SimpleLineLayout::TextFragmentIterator::findNextNonWhitespacePosition): Deleted.
        * rendering/SimpleLineLayoutTextFragmentIterator.h:

2015-03-10  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] GL_MAX_VARYING_FLOATS is not defined in OpenGL ES 2
        https://bugs.webkit.org/show_bug.cgi?id=142529

        Reviewed by Žan Doberšek.

        Do not use GL_MAX_VARYING_FLOATS when platform is GTK+ and using
        OpenGL ES 2.

        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::checkVaryingsPacking):

2015-03-10  José Dapena Paz  <jdapena@igalia.com>

        Unreviewed. Fix GTK+ build with OpenGL ES 2 enabled.

        Remove USE(OPENGL) ifdef from GLContext.cpp, since there's nothing
        specific to OpenGL in that file, and everything depending on
        configure options is already protected by USE(GLX) and USE(EGL)
        ifdefs. This is causing linking issues when building with OpenGL
        ES 2, because the header doesn't have the ifdef, and the cpp file
        is not compiled leaving all the interface undefined.

        Rubber-stamped by Carlos Garcia Campos.

        * platform/graphics/GLContext.cpp:

2015-03-10  Carlos Garcia Campos  <cgarcia@igalia.com> and José Dapena Paz  <jdapena@igalia.com>

        [GTK] Add a configure option to build with OpenGL ES 2
        https://bugs.webkit.org/show_bug.cgi?id=142498

        Reviewed by Martin Robinson.

        Build GLES or GL specific files depending on the build options.

        * PlatformGTK.cmake:

2015-03-10  Zan Dobersek  <zdobersek@igalia.com>

        Shrink the CSSPropertyID enum type
        https://bugs.webkit.org/show_bug.cgi?id=142456

        Reviewed by Sam Weinig.

        Specify uint16_t as the base type for the CSSPropertyID enum.
        This is enough to cover all of the CSS properties (429 at this moment,
        with static_assert covering future changes). It halves the enum type size,
        from 4 bytes to 2, reducing the size of various CSSPropertyID containers.

        No new tests -- no change in behavior.

        * css/CSSPrimitiveValue.cpp:
        (WebCore::propertyName): Remove the unnecessary propertyID < 0 check.
        * css/makeprop.pl:

2015-03-10  Dan Bernstein  <mitz@apple.com>

        WebCore part of <rdar://problem/20086546> [Cocoa] Add an option to treat certificate chains with SHA1-signed certificates as insecure
        https://bugs.webkit.org/show_bug.cgi?id=142461

        Reviewed by Sam Weinig.

        * WebCore.xcodeproj/project.pbxproj: Added reference to SecuritySPI.h and sorted the
        spi/cocoa group.

        * platform/network/cf/CertificateInfo.h: Declared new member function
        containsNonRootSHA1SignedCertificate.

        * platform/network/mac/CertificateInfoMac.mm:
        (WebCore::CertificateInfo::containsNonRootSHA1SignedCertificate): Added. Checks if any but
        the last certificate in the chain uses SHA-1 as its signature hash algorithm.

        * platform/network/curl/CertificateInfo.h:
        (WebCore::CertificateInfo::containsNonRootSHA1SignedCertificate): Added notImplemented
        implementation.

        * platform/network/soup/CertificateInfo.h:
        (WebCore::CertificateInfo::containsNonRootSHA1SignedCertificate): Ditto.

        * platform/spi/cocoa/SecuritySPI.h: Added.

2015-03-09  Chris Dumez  <cdumez@apple.com>

        [iOS] Sweep all collected objects on critical memory pressure
        https://bugs.webkit.org/show_bug.cgi?id=142457
        <rdar://problem/20044440>

        Reviewed by Geoffrey Garen.

        Do a full sweep of objects marked for destruction on critical memory
        pressure to free up memory.

        * platform/cocoa/MemoryPressureHandlerCocoa.mm:
        (WebCore::MemoryPressureHandler::platformReleaseMemory):

2015-03-09  Andy Estes  <aestes@apple.com>

        [Content Filtering] Give ContentFilter subclasses private constructors, and make them fast-allocated and non-copyable
        https://bugs.webkit.org/show_bug.cgi?id=142515

        Reviewed by Andreas Kling.

        * platform/cocoa/NetworkExtensionContentFilter.h:
        * platform/cocoa/ParentalControlsContentFilter.h:
        * testing/MockContentFilter.h:

2015-03-09  Chris Dumez  <cdumez@apple.com>

        [CG] Have Canvas use the IOSurfacePool
        https://bugs.webkit.org/show_bug.cgi?id=142417
        <rdar://problem/20044440>

        Reviewed by Darin Adler.

        Have ImageBufferDataCG use the IOSurfacePool so that Canvas can
        benefit from it. I see a ~75% progression on Canvas/reuse.html
        performance test on my Macbook Pro with 1000 different canvas
        sizes and ~110% progression with 100 different canvas sizes.

        I also see a ~65% cache hit rate on the mobile version of
        cnn.com.

        Note that ImageData calls CGContextClearRect() after calling
        IOSurface::create() so recycling IOSurfaces in this case should
        be safe.

        Performance test: Canvas/reuse.html

        * platform/graphics/ImageBuffer.h:
        (WebCore::ImageBuffer::baseTransform):
        * platform/graphics/cg/ImageBufferCG.cpp:
        (WebCore::ImageBuffer::ImageBuffer):
        (WebCore::ImageBuffer::context):
        (WebCore::ImageBuffer::copyImage):
        (WebCore::ImageBuffer::copyNativeImage):
        (WebCore::ImageBuffer::draw):
        (WebCore::ImageBuffer::clip):
        (WebCore::ImageBuffer::putByteArray):
        (WebCore::ImageBuffer::toDataURL):
        * platform/graphics/cg/ImageBufferDataCG.cpp:
        (WebCore::ImageBufferData::~ImageBufferData):
        (WebCore::ImageBufferData::getData):
        (WebCore::ImageBufferData::putData):
        (WebCore::ImageBufferData::ImageBufferData): Deleted.
        * platform/graphics/cg/ImageBufferDataCG.h:
        * platform/graphics/cocoa/IOSurface.h:
        * platform/graphics/cocoa/IOSurface.mm:
        (IOSurface::surfaceFromPool):
        (IOSurface::create):
        (IOSurface::createFromSendRight):
        (IOSurface::createFromImage):
        (IOSurface::setContextSize):

2015-03-09  Brent Fulgham  <bfulgham@apple.com>

        Assertion in ScrollController::processWheelEventForScrollSnapOnAxis when scrolling with mechanical wheel mouse
        https://bugs.webkit.org/show_bug.cgi?id=142517

        Reviewed by Simon Fraser.

        * platform/cocoa/ScrollController.mm:
        (WebCore::toWheelEventStatus): Recognize stateless mechanical wheel events.
        (WebCore::ScrollController::processWheelEventForScrollSnapOnAxis): If a mechanical wheel event is processed while
        considering scroll snap logic, end any snap animations and clean up.
        (WebCore::ScrollController::updateScrollSnapPoints): Don't begin tracking scroll snap state if there is not
        scroll snap point defined in the markup.

2015-03-09  Myles C. Maxfield  <mmaxfield@apple.com>

        REGRESSION(r176978): Inline-blocks with overflowing contents have ascents that are too large
        https://bugs.webkit.org/show_bug.cgi?id=141783

        Reviewed by David Hyatt.

        When we have an inline-block element, and we want to find its baseline (to lay out other
        elements on the same line) we loop through the element's children and ask them what their
        baselines are. The children use the location of the top of their last line to compute this
        value. However, if the child has overflow-y, this might not be the correct calculation.

        This behavior is in the spec: "The baseline of an 'inline-block' is the baseline of its last
        line box in the normal flow, unless it has either no in-flow line boxes or if its 'overflow'
        property has a computed value other than 'visible', in which case the baseline is the bottom
        margin edge."
            -- http://www.w3.org/TR/CSS21/visudet.html#leading

        However, we believe that a better policy is, when overflow is not "visible," to place the
        baseline at the bottom of the block if the contents overflowed in the Y direction, and to place
        it at the bottom of the last line if the contents did not overflow in the Y direction. This is
        partially consistent with previous behavior, and isn't too far from the spec to cause too many
        breakages.

        Test: fast/css/inline-block-tricky-baselines.html
              fast/text/baseline-inline-block.html

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::inlineBlockBaseline):

2015-03-09  Andy Estes  <aestes@apple.com>

        [Content Filtering] Add tests
        https://bugs.webkit.org/show_bug.cgi?id=142475

        Reviewed by Andreas Kling.

        Added a mock content filter that can be configured by window.internals. A test can control whether the filter
        is enabled, what to display when a page is blocked, at what point the allow/block decision is made, and what
        decision to make.

        Added tests to cover allowing and blocking content at each decision point.

        Tests: contentfiltering/allow-after-add-data.html
               contentfiltering/allow-after-finished-adding-data.html
               contentfiltering/allow-after-response.html
               contentfiltering/block-after-add-data.html
               contentfiltering/block-after-finished-adding-data.html
               contentfiltering/block-after-response.html

        * DerivedSources.make: Added MockContentFilterSettings.idl.
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSMockContentFilterSettingsCustom.cpp: Added.
        (WebCore::JSMockContentFilterSettings::decisionPoint): Returned the decision point's JSValue.
        (WebCore::JSMockContentFilterSettings::setDecisionPoint): Set the decision point; threw an exception for invalid values.
        (WebCore::JSMockContentFilterSettings::decision): Returned the decision's JSValue.
        (WebCore::JSMockContentFilterSettings::setDecision): Set the decision; threw an exception for invalid values.
        * platform/ContentFilter.cpp:
        (WebCore::ContentFilter::types): Renamed from contentFilterTypes.
        (WebCore::ContentFilter::createIfNeeded):
        (WebCore::contentFilterType): Deleted.
        (WebCore::contentFilterTypes): Deleted.
        * platform/ContentFilter.h:
        (WebCore::ContentFilter::addType): Used to register a new content filter type.
        (WebCore::ContentFilter::type): Renamed from contentFilterType.
        * platform/cocoa/NetworkExtensionContentFilter.h: Moved definition of HAVE_NE_FILTER_SOURCE to here.
        * testing/Internals.cpp:
        (WebCore::Internals::resetToConsistentState): Called MockContentFilterSettings::reset().
        (WebCore::Internals::Internals): Called MockContentFilter::ensureInstalled().
        (WebCore::Internals::mockContentFilterSettings): Returned a reference to MockContentFilterSettings::singleton().
        * testing/Internals.h:
        * testing/Internals.idl: Added attribute mockContentFilterSettings.
        * testing/MockContentFilter.cpp: Added.
        (WebCore::MockContentFilter::ensureInstalled): Called MockContentFilter::addType().
        (WebCore::MockContentFilter::canHandleResponse): Returned whether MockContentFilterSettings is enabled.
        (WebCore::MockContentFilter::create): Returned a new MockContentFilter.
        (WebCore::MockContentFilter::MockContentFilter): Called maybeDetermineStatus().
        (WebCore::MockContentFilter::addData): Copied data into m_replacementData and called maybeDetermineStatus().
        (WebCore::MockContentFilter::finishedAddingData): Called maybeDetermineStatus().
        (WebCore::MockContentFilter::needsMoreData): Returned whether m_status equals NeedsMoreData.
        (WebCore::MockContentFilter::didBlockData): Returned whether m_status equals Blocked.
        (WebCore::MockContentFilter::getReplacementData): Returned a pointer to the start of m_replacementData.
        (WebCore::MockContentFilter::unblockHandler): Returned an empty ContentFilterUnblockHandler.
        (WebCore::MockContentFilter::maybeDetermineStatus): If m_status is NeedsMoreData and the current decision point
        equals MockContentFilterSettings's decision point, set m_status according to MockContentFilterSettings's
        decision. If m_status becomes Blocked, clear the original page data from m_replacementData and copy
        MockContentFilterSettings's blocked string instead.
        * testing/MockContentFilter.h: Copied from Source/WebCore/platform/cocoa/NetworkExtensionContentFilter.h.
        * testing/MockContentFilterSettings.cpp: Copied from Source/WebCore/platform/ContentFilter.h.
        (WebCore::MockContentFilterSettings::singleton):
        (WebCore::MockContentFilterSettings::reset): Reset settings to their initial values.
        (WebCore::MockContentFilterSettings::MockContentFilterSettings):
        * testing/MockContentFilterSettings.h: Copied from Source/WebCore/platform/cocoa/NetworkExtensionContentFilter.h.
        (WebCore::MockContentFilterSettings::ref): Added an empty implementation to make the bindings think this is RefCounted.
        (WebCore::MockContentFilterSettings::deref): Ditto.
        (WebCore::MockContentFilterSettings::enabled):
        (WebCore::MockContentFilterSettings::setEnabled):
        (WebCore::MockContentFilterSettings::blockedString):
        (WebCore::MockContentFilterSettings::setBlockedString):
        (WebCore::MockContentFilterSettings::decisionPoint):
        (WebCore::MockContentFilterSettings::setDecisionPoint):
        (WebCore::MockContentFilterSettings::decision):
        (WebCore::MockContentFilterSettings::setDecision):
        * testing/MockContentFilterSettings.idl: Copied from Source/WebCore/platform/ContentFilter.h.

2015-03-09  Zalan Bujtas  <zalan@apple.com>

        Simple line layout should not be limited to RenderText.
        https://bugs.webkit.org/show_bug.cgi?id=142504

        Reviewed by Antti Koivisto.

        This is in transition to support br element.

        No change in functionality.

        * rendering/RenderText.cpp:
        (WebCore::RenderText::absoluteRects):
        (WebCore::RenderText::absoluteQuadsClippedToEllipsis):
        (WebCore::RenderText::absoluteQuads):
        (WebCore::RenderText::firstRunLocation):
        (WebCore::RenderText::linesBoundingBox):
        (WebCore::RenderText::caretMinOffset):
        (WebCore::RenderText::caretMaxOffset):
        (WebCore::RenderText::containsCaretOffset):
        * rendering/SimpleLineLayoutFlowContents.cpp:
        (WebCore::SimpleLineLayout::FlowContents::segmentForRenderer):
        * rendering/SimpleLineLayoutFlowContents.h:
        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::computeBoundingBox):
        (WebCore::SimpleLineLayout::computeFirstRunLocation):
        (WebCore::SimpleLineLayout::collectAbsoluteRects):
        (WebCore::SimpleLineLayout::collectAbsoluteQuads):
        (WebCore::SimpleLineLayout::computeTextBoundingBox): Deleted.
        (WebCore::SimpleLineLayout::computeTextFirstRunLocation): Deleted.
        (WebCore::SimpleLineLayout::collectTextAbsoluteRects): Deleted.
        (WebCore::SimpleLineLayout::collectTextAbsoluteQuads): Deleted.
        * rendering/SimpleLineLayoutFunctions.h:
        (WebCore::SimpleLineLayout::findCaretMinimumOffset):
        (WebCore::SimpleLineLayout::findCaretMaximumOffset):
        (WebCore::SimpleLineLayout::containsCaretOffset):
        (WebCore::SimpleLineLayout::findTextCaretMinimumOffset): Deleted.
        (WebCore::SimpleLineLayout::findTextCaretMaximumOffset): Deleted.
        (WebCore::SimpleLineLayout::containsTextCaretOffset): Deleted.
        * rendering/SimpleLineLayoutResolver.cpp:
        (WebCore::SimpleLineLayout::RunResolver::Run::text):
        (WebCore::SimpleLineLayout::RunResolver::rangeForRenderer):
        * rendering/SimpleLineLayoutResolver.h:
        * rendering/SimpleLineLayoutTextFragmentIterator.cpp:
        (WebCore::SimpleLineLayout::TextFragmentIterator::textWidth):

2015-03-09  Myles C. Maxfield  <mmaxfield@apple.com>

        svg/custom/svg-fonts-without-missing-glyph.xhtml fails after fonts/font-fallback-prefers-pictographs.html
        https://bugs.webkit.org/show_bug.cgi?id=142470

        Reviewed by Anders Carlsson.

        After each test, reset all internal settings.

        Covered by svg/custom/svg-fonts-without-missing-glyph.xhtml

        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::Backup::Backup):
        (WebCore::InternalSettings::Backup::restoreTo):
        * testing/InternalSettings.h:

2015-03-09  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r181268.
        https://bugs.webkit.org/show_bug.cgi?id=142508

        Broke tests (Requested by ap on #webkit).

        Reverted changeset:

        "Simple line layout: Merge
        TextFragmentIterator::findNextBreakablePosition() and
        TextFragmentIterator::findNextNonWhitespacePosition()."
        https://bugs.webkit.org/show_bug.cgi?id=142344
        http://trac.webkit.org/changeset/181268

2015-03-09  Benjamin Poulain  <benjamin@webkit.org>

        CSS JIT: add aliases between :nth-child()/:nth-last-child() and :first-child/:last-child
        https://bugs.webkit.org/show_bug.cgi?id=142472

        Reviewed by Andreas Kling.

        The pseudo class :first-child has weaker tree marking than :nth-child(1).
        This patch aliases :nth-child(1) to :first-child in the CSS JIT to take
        advantage of that.

        The strength of :last-child and :nth-last-child(1) are pretty much identical
        but :last-child is a bit simpler so I changed it too. It is also easier
        to handle both the same.

        Tests: fast/selectors/nth-child-matching-first-on-root.html
               fast/selectors/nth-child-matching-first.html
               fast/selectors/nth-last-child-matching-first-on-root.html
               fast/selectors/nth-last-child-matching-first.html

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addNthChildType):
        (WebCore::SelectorCompiler::addPseudoClassType):

2015-03-09  Benjamin Poulain  <bpoulain@apple.com>

        Merge TrivialAtom and CharacterSet into a Term abstraction, prepare Term for composition
        https://bugs.webkit.org/show_bug.cgi?id=142429

        Reviewed by Darin Adler.

        This patch merges CharacterSet and Trivial atom into a new class: Term. A Term is
        a combination of an Atom and one Quantifier.

        With term being the basic block, we can use the PrefixTree for any construct,
        greatly reducing the size of the NFA graph.

        Term is built on top of an union holding the Atom storage. This is done in preparation
        for more complicated Atoms like a disjunction.

        Everything else is pretty much the same. BuildMode is gone since we use the prefix
        tree for everything. FloatingAtomType is gone, a TrivialAtom is now represented
        by a single character CharacterSet (or two for case insensitive).

        * contentextensions/ContentExtensionParser.cpp:
        (WebCore::ContentExtensions::parseRuleList):
        * contentextensions/NFA.cpp:
        (WebCore::ContentExtensions::NFA::addRuleId):
        * contentextensions/URLFilterParser.cpp:
        (WebCore::ContentExtensions::Term::Term):
        (WebCore::ContentExtensions::Term::~Term):
        (WebCore::ContentExtensions::Term::isValid):
        (WebCore::ContentExtensions::Term::addCharacter):
        (WebCore::ContentExtensions::Term::quantify):
        (WebCore::ContentExtensions::Term::quantifier):
        (WebCore::ContentExtensions::Term::isUniversalTransition):
        (WebCore::ContentExtensions::Term::visitSimpleTransitions):
        (WebCore::ContentExtensions::Term::operator=):
        (WebCore::ContentExtensions::Term::operator==):
        (WebCore::ContentExtensions::Term::hash):
        (WebCore::ContentExtensions::Term::isEmptyValue):
        (WebCore::ContentExtensions::Term::isDeletedValue):
        (WebCore::ContentExtensions::Term::destroy):
        (WebCore::ContentExtensions::Term::CharacterSet::operator==):
        (WebCore::ContentExtensions::Term::CharacterSet::hash):
        (WebCore::ContentExtensions::TermHash::hash):
        (WebCore::ContentExtensions::TermHash::equal):
        (WebCore::ContentExtensions::GraphBuilder::GraphBuilder):
        (WebCore::ContentExtensions::GraphBuilder::finalize):
        (WebCore::ContentExtensions::GraphBuilder::atomPatternCharacter):
        (WebCore::ContentExtensions::GraphBuilder::atomBuiltInCharacterClass):
        (WebCore::ContentExtensions::GraphBuilder::quantifyAtom):
        (WebCore::ContentExtensions::GraphBuilder::atomCharacterClassBegin):
        (WebCore::ContentExtensions::GraphBuilder::atomCharacterClassAtom):
        (WebCore::ContentExtensions::GraphBuilder::atomCharacterClassRange):
        (WebCore::ContentExtensions::GraphBuilder::addTransitions):
        (WebCore::ContentExtensions::GraphBuilder::sinkFloatingTerm):
        (WebCore::ContentExtensions::GraphBuilder::sinkFloatingTermIfNecessary):
        (WebCore::ContentExtensions::URLFilterParser::URLFilterParser):
        (WebCore::ContentExtensions::URLFilterParser::~URLFilterParser):
        (WebCore::ContentExtensions::URLFilterParser::addPattern):
        (WebCore::ContentExtensions::trivialAtomFromASCIICharacter): Deleted.
        (WebCore::ContentExtensions::quantifyTrivialAtom): Deleted.
        (WebCore::ContentExtensions::trivialAtomQuantifier): Deleted.
        (WebCore::ContentExtensions::trivialAtomForNewlineClassIDBuiltin): Deleted.
        (WebCore::ContentExtensions::GraphBuilder::sinkAtom): Deleted.
        (WebCore::ContentExtensions::GraphBuilder::generateTransition): Deleted.
        (WebCore::ContentExtensions::GraphBuilder::sinkTrivialAtom): Deleted.
        (WebCore::ContentExtensions::GraphBuilder::sinkCharacterSet): Deleted.
        (WebCore::ContentExtensions::GraphBuilder::sinkPendingAtomIfNecessary): Deleted.
        * contentextensions/URLFilterParser.h:

2015-03-09  Csaba Osztrogonác  <ossy@webkit.org>

        Fix the !ENABLE(WEBGL) build after r180609
        https://bugs.webkit.org/show_bug.cgi?id=142057

        Reviewed by Darin Adler.

        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::forceContextLost):

2015-03-09  Myles C. Maxfield  <mmaxfield@apple.com>

        Work around a Cocoa font parsing bug
        https://bugs.webkit.org/show_bug.cgi?id=142446
        <rdar://problem/20086223>

        Reviewed by Simon Fraser.

        Work around a bug in Cocoa regarding font parsing.

        * svg/SVGToOTFFontConversion.cpp:

2015-03-09  Csaba Osztrogonác  <ossy@webkit.org>

        Fix the build after r181153
        https://bugs.webkit.org/show_bug.cgi?id=142497

        Reviewed by Philippe Normand.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::load):

2015-03-09  Roger Fong  <roger_fong@apple.com>

        Only call showControls if controls are hidden.
        https://bugs.webkit.org/show_bug.cgi?id=142496.
        <rdar://problem/20083732>

        Reviewed by Dean Jackson.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.handleWrapperMouseMove):
        (Controller.prototype.controlsAreHidden):
        Controls are hidden if the ‘show’ class name is not present,
        not if the ‘hidden’ class name is.

2015-03-09  Roger Fong  <roger_fong@apple.com>

        Unreviewed. Re-add CSS property that was unintentionally removed in r180893
        <rdar://problem/20083715>

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-panel):

2015-03-09  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Merge TextFragmentIterator::findNextBreakablePosition() and TextFragmentIterator::findNextNonWhitespacePosition().
        https://bugs.webkit.org/show_bug.cgi?id=142344

        Reviewed by Antti Koivisto.

        This patch merges findNextBreakablePosition() and findNextNonWhitespacePosition() so that
        the segment looping and position handling logic are no longer duplicated. It also unifies
        the static next*() functions' signature.

        No change in functionality.

        * rendering/SimpleLineLayoutTextFragmentIterator.cpp:
        (WebCore::SimpleLineLayout::TextFragmentIterator::nextTextFragment):
        (WebCore::SimpleLineLayout::nextBreakablePosition):
        (WebCore::SimpleLineLayout::nextNonWhitespacePosition):
        (WebCore::SimpleLineLayout::TextFragmentIterator::skipToNextPosition):
        (WebCore::SimpleLineLayout::TextFragmentIterator::findNextBreakablePosition): Deleted.
        (WebCore::SimpleLineLayout::findNextNonWhitespace): Deleted.
        (WebCore::SimpleLineLayout::TextFragmentIterator::findNextNonWhitespacePosition): Deleted.
        * rendering/SimpleLineLayoutTextFragmentIterator.h:

2015-03-09  Xabier Rodriguez Calvar <calvaris@igalia.com> and Youenn Fablet  <youenn.fablet@crf.canon.fr>

        ReadableStreamJSSource should use JSC::Strong UnspecifiedBoolType operator
        https://bugs.webkit.org/show_bug.cgi?id=142397

        Reviewed by Benjamin Poulain.

        No behavior change. Current tests cover the changes.

        * bindings/js/ReadableStreamJSSource.cpp:
        * bindings/js/ReadableStreamJSSource.h:

2015-03-09  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet  <youenn.fablet@crf.canon.fr>

        ReadableStream does not not need to pass itself as callback parameter
        https://bugs.webkit.org/show_bug.cgi?id=142399

        Reviewed by Darin Adler.

        No change in behavior.

        * Modules/streams/ReadableStream.h: Remove ReadableStream parameter from SuccessCallback definition.
        * bindings/js/JSReadableStreamCustom.cpp:
        (WebCore::JSReadableStream::ready): Capture JSReadableStream instance instead.
        (WebCore::JSReadableStream::closed): Capture JSReadableStream instance instead.

2015-03-08  Dean Jackson  <dino@apple.com>

        [iOS Media] Video buffer progress missing on iPhones
        https://bugs.webkit.org/show_bug.cgi?id=142462

        Reviewed by Eric Carlson.

        The fullscreen controller on the iPhone idiom was using
        the media duration as its maximum loaded time, meaning the
        download progress was missing (it looked like everything
        was already downloaded). The fix is to calculate
        what the maximum buffered time is from the HTMLMediaElement,
        and send that to the fullscreen controller.

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.drawTimelineBackground): While implementing
        the native function I noticed that the JS controls forgot that
        the buffered time ranges are ordered, and thus they don't need
        to search through the array. The last range will be the highest.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::maxBufferedTime): New helper function
        to calculate the highest buffered time in the media source.
        * html/HTMLMediaElement.h:

        * platform/ios/WebVideoFullscreenInterface.h: New setBufferedTime method.
        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::setDuration): No longer set
        the loadedTimeRanges.
        (WebVideoFullscreenInterfaceAVKit::setBufferedTime): Calculate a normalized
        value of the maximum loaded/buffered time, and tell the platform controller
        to show that range.

        * platform/ios/WebVideoFullscreenModelVideoElement.mm:
        (WebVideoFullscreenModelVideoElement::updateForEventName): Send the maximum
        buffered time.

2015-03-08  Chris Dumez  <cdumez@apple.com>

        Crash in WebCore::NotificationCenter::stop()
        https://bugs.webkit.org/show_bug.cgi?id=142444
        <rdar://problem/20082520>

        Reviewed by Darin Adler.

        Rework the patch in r181219 so that we do not need a Ref<NotificationCenter> protector
        in NotificationCenter::stop(). Instead, we put the client in a local variable and null
        out m_client *before* calling NotificationClient::clearNotifications().

        No new tests, already covered by:
        http/tests/notifications/event-listener-crash.html

        * Modules/notifications/NotificationCenter.cpp:
        (WebCore::NotificationCenter::stop):

2015-03-08  Simon Fraser  <simon.fraser@apple.com>

        Don't call RenderLayerCompositor::needsToBeComposited() so many times
        https://bugs.webkit.org/show_bug.cgi?id=142441

        Reviewed by Brent Fulgham.

        Save one call to needsToBeComposited() per RenderLayer while rebuilding compositing
        layers, and a call to isRunningAcceleratedTransformAnimation() in some cases.
        
        computeCompositingRequirements() already knows if the layer will be composited, so
        pass that to updateBacking() in the form of a "yes/no/don't" know enum. However,
        since updateBacking() no longer calls needsToBeComposited(), we need to call 
        requiresCompositingForPosition() to get the viewportConstrainedNotCompositedReason flags.
        
        isRunningAcceleratedTransformAnimation() will only be true for a layer which has a
        direct compositing reason, so only call isRunningAcceleratedTransformAnimation()
        in that case.
        
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::rendererForCompositingTests):
        (WebCore::RenderLayerCompositor::updateBacking):
        (WebCore::RenderLayerCompositor::computeCompositingRequirements):
        (WebCore::RenderLayerCompositor::requiresCompositingLayer): Use references.
        (WebCore::RenderLayerCompositor::reasonsForCompositing): Use references.
        * rendering/RenderLayerCompositor.h:

2015-03-08  Simon Fraser  <simon.fraser@apple.com>

        In RenderLayerCompositor, track layer bounds and the haveComputedBounds flag together in a struct
        https://bugs.webkit.org/show_bug.cgi?id=142449

        Reviewed by Brent Fulgham.
        
        Rather than tracking 'layerBounds' and 'haveComputedBounds' separately, group them together
        in an OverlapExtent struct and add a function to compute the bounds, which removes
        a copy of this code. OverlapExtent will be extended in a future patch.

        No behavior change.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::OverlapMap::geometryMap): Allow const access to
        the geometryMap, used by computeExtent().
        (WebCore::RenderLayerCompositor::computeExtent):
        (WebCore::RenderLayerCompositor::addToOverlapMap):
        (WebCore::RenderLayerCompositor::addToOverlapMapRecursive):
        (WebCore::RenderLayerCompositor::computeCompositingRequirements):
        * rendering/RenderLayerCompositor.h:

2015-03-07  Chris Dumez  <cdumez@apple.com>

        Crash in WebCore::NotificationCenter::stop()
        https://bugs.webkit.org/show_bug.cgi?id=142444
        <rdar://problem/20082520>

        Reviewed by Andreas Kling.

        A use-after-free would sometimes cause us to crash in NotificationCenter::stop().
        After investigation, it turns out that NotificationCenter::stop() calls
        NotificationClient::clearNotifications() which will destroy the Notification
        objects, all of which hold a strong reference to the NotificationCenter. If at
        this point, only Notifications are ref'ing the NotificationCenter, this means
        that the NotificationCenter will get destroyed right after the call to
        NotificationClient::clearNotifications(). However, we reset m_client to null
        after calling clearNotifications() and it causes us to crash in this case.

        The issue is addressed by adding a Ref<NotificationCenter> protector in
        NotificationCenter::stop() so that we make sure the NotificationCenter lives
        at least until the end of the method execution.

        I was able to consistently reproduce the crash by doing:
        Tools/Scripts/run-webkit-tests -1 --debug --repeat-each=30 -g http/tests/notifications/event-listener-crash.html

        No new tests, already covered by:
        http/tests/notifications/event-listener-crash.html

        * Modules/notifications/NotificationCenter.cpp:
        (WebCore::NotificationCenter::stop):

2015-03-07  Simon Fraser  <simon.fraser@apple.com>

        Tidy up RenderLayerCompositor's CompositingState
        https://bugs.webkit.org/show_bug.cgi?id=142445

        Reviewed by Dan Bernstein.
        
        Make CompositingState a private struct in RenderLayerCompositor.
        Since it's a struct, remove the m_ prefix from its data members.

        No behavior change.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::CompositingState::CompositingState):
        (WebCore::RenderLayerCompositor::computeCompositingRequirements):
        (WebCore::CompositingState::CompositingState): Deleted.
        * rendering/RenderLayerCompositor.h:

2015-03-07  Darin Adler  <darin@apple.com>

        Unindent EventTarget, EventListener, JSEventLister.h files
        https://bugs.webkit.org/show_bug.cgi?id=142440

        Reviewed by Alexey Proskuryakov.

        * bindings/js/JSEventListener.h:
        * dom/EventListener.h:
        * dom/EventTarget.h:
        Change indentation to match coding style rules.

2015-03-07  Geoffrey Garen  <ggaren@apple.com>

        Use FastMalloc (bmalloc) instead of BlockAllocator for GC pages
        https://bugs.webkit.org/show_bug.cgi?id=140900

        Reviewed by Mark Hahnenberg.

        Re-landing just the removal of BlockAllocator, which is now unused.

        * platform/cocoa/MemoryPressureHandlerCocoa.mm:
        (WebCore::MemoryPressureHandler::install):

2015-03-07  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r181010.
        https://bugs.webkit.org/show_bug.cgi?id=142442

        Broke media/video-src-invalid-poster.html (Requested by kling
        on #webkit).

        Reverted changeset:

        "Stale entries in WeakGCMaps are keeping tons of WeakBlocks
        alive unnecessarily."
        https://bugs.webkit.org/show_bug.cgi?id=142115
        http://trac.webkit.org/changeset/181010

2015-03-07  Darin Adler  <darin@apple.com>

        Do a bit of EventNames tidying
        https://bugs.webkit.org/show_bug.cgi?id=142438

        Reviewed by Anders Carlsson.

        * dom/EventNames.h: Sorted the event names into a single list instead of
        the rudimentary attempts at organizing the list that simply made it hard
        to see what is and is not in the list. Removed two unused event names.
        I'm sure there are more. Reorganized the EventName class, now a struct,
        into a more conventional "public first" order. Got the function bodies
        out of the struct so we can see more clearly what is in the struct.
        Made more things const.
        (WebCore::EventNames::touchEventNames): Changed the return value to a
        std::array of reference wrappers rather than a vector of atomic strings.
        This should eliminate unnecessary memory allocation and reference count churn.

        * dom/EventNames.cpp: Changed initialization based on the above.

        * dom/EventTarget.cpp:
        (WebCore::EventTarget::getEventListeners): Use NeverDestroyed instead of
        DEPRECATED_DEFINE_LOCAL and also just tightened up the function a bit.

        * dom/Node.cpp:
        (WebCore::Node::didMoveToNewDocument): Streamlined this function with
        modern for loops, auto, and also tried to make what it does a bit clearer,
        by making loops that are just based on numbers of event listeners look a
        bit less like code that actually iterates a vector of listeners. Also used
        the type unsigned instead of size_t.

        * platform/ThreadGlobalData.h: Updated since it's a struct instead of class now.
        (Why is this file in platform!?)

2015-03-07  Brent Fulgham  <bfulgham@apple.com>

        [Win] Increase TestWebKitAPI Test Coverage
        https://bugs.webkit.org/show_bug.cgi?id=142433

        Reviewed by Darin Adler.

        Correct some build deficiencies that prevent TestWebKitAPI
        from executing certain tests on Windows.

        * WebCore.vcxproj/copyForwardingHeaders.cmd: Copy the interpreter
        headers.
        * css/CSSParser.h: Export necessary symbols
        * css/CSSParserMode.h: Ditto.
        * css/StyleProperties.h: Ditto.

2015-03-07  David Kilzer  <ddkilzer@apple.com>

        Rename SOFT_LINK_FRAMEWORK_{HEADER,SOURCE} to SOFT_LINK_FRAMEWORK_FOR_{HEADER,SOURCE}
        <http://webkit.org/b/142434>

        Reviewed by Darin Adler.

        * platform/cf/CoreMediaSoftLink.cpp:
        * platform/cf/CoreMediaSoftLink.h:
        * platform/cf/MediaAccessibilitySoftLink.cpp:
        * platform/cf/MediaAccessibilitySoftLink.h:
        * platform/mac/SoftLinking.h:
        * platform/win/SoftLinking.h:
        - Do the rename.

2015-03-06  Sam Weinig  <sam@webkit.org>

        [Content Extensions] Move compiling of content extensions to the UIProcess
        https://bugs.webkit.org/show_bug.cgi?id=142402

        Reviewed by Benjamin Poulain.

        * contentextensions/CompiledContentExtension.cpp:
        (WebCore::ContentExtensions::CompiledContentExtension::~CompiledContentExtension):
        (WebCore::ContentExtensions::CompiledContentExtension::create): Deleted.
        (WebCore::ContentExtensions::CompiledContentExtension::CompiledContentExtension): Deleted.
        * contentextensions/CompiledContentExtension.h:
        (WebCore::ContentExtensions::CompiledContentExtension::bytecode): Deleted.
        (WebCore::ContentExtensions::CompiledContentExtension::actions): Deleted.
        Convert CompiledContentExtension to be an abstract base class so that we can back it however
        we like at the WebKit level. Since it doesn't necessarily use Vectors for its backing store
        any more, change the interface to use pointer/length.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        * contentextensions/ContentExtensionCompiler.h:
        Change compileRuleList to return compiled result as the raw Vectors rather than as
        a CompiledContentExtension, since that class is now abstract. It is up to the caller
        to copy the data into its final home.

        * contentextensions/ContentExtensionRule.cpp:
        (WebCore::ContentExtensions::Action::deserialize):
        * contentextensions/ContentExtensionRule.h:
        Switch Action::deserialize to take pointer/length rather than a Vector.

        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForURL):
        Pull getting the serialized actions from the compiled extension out of the loop
        to avoid calling the virtual function multiple times. Pass the bytecode and actions
        as pointer/length pairs rather than Vectors.

        * contentextensions/DFABytecodeInterpreter.cpp:
        (WebCore::ContentExtensions::getBits):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
        * contentextensions/DFABytecodeInterpreter.h:
        (WebCore::ContentExtensions::DFABytecodeInterpreter::DFABytecodeInterpreter):
        Switch the interpreter to take pointer/length rather than a Vector.

        * page/UserContentController.cpp:
        (WebCore::UserContentController::addUserContentExtension):
        (WebCore::UserContentController::removeUserContentExtension):
        (WebCore::UserContentController::removeAllUserContentExtensions):
        (WebCore::UserContentController::addUserContentFilter): Deleted.
        (WebCore::UserContentController::removeUserContentFilter): Deleted.
        (WebCore::UserContentController::removeAllUserContentFilters): Deleted.
        * page/UserContentController.h:
        Unify terminology to use the term UserContentExtension rather than UserContentFilter.

2015-03-06  Roger Fong  <roger_fong@apple.com>

        Create new buttons for media controls on OSX.
        https://bugs.webkit.org/show_bug.cgi?id=142415.
        <rdar://problem/20019441>

        Reviewed by Eric Carlson.

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-wireless-playback-picker-button):
        (audio::-webkit-media-controls-wireless-playback-picker-button.playing):
        (audio:-webkit-full-screen::-webkit-media-controls-wireless-playback-picker-button):

2015-03-06  Roger Fong  <roger_fong@apple.com>

        Redraw timeline background when updating media time.
        https://bugs.webkit.org/show_bug.cgi?id=142421.
        <rdar://problem/20065104>

        Reviewed by Brent Fulgham.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.handleTimeUpdate):

2015-03-06  Dhi Aurrahman  <diorahman@rockybars.com>

        Enable selectors level 4's :lang() by default
        https://bugs.webkit.org/show_bug.cgi?id=142302

        Reviewed by Benjamin Poulain.

        No behavior change.

        * css/CSSGrammar.y.in:
        * css/CSSParser.cpp:
        (WebCore::CSSParser::detectFunctionTypeToken):
        * css/CSSParserValues.cpp:
        (WebCore::CSSParserSelector::setLangArgumentList):
        * css/CSSParserValues.h:
        * css/CSSSelector.cpp:
        (WebCore::appendLangArgumentList):
        (WebCore::CSSSelector::selectorText):
        (WebCore::CSSSelector::setLangArgumentList):
        * css/CSSSelector.h:
        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        * css/SelectorCheckerTestFunctions.h:
        (WebCore::matchesLangPseudoClass):
        (WebCore::matchesLangPseudoClassDeprecated): Deleted.
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addPseudoClassType):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatching):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsInLanguage):

2015-03-06  Brent Fulgham  <bfulgham@apple.com>

        Setting scroll-snap-desination to (100% 100%) locks up WebKit
        https://bugs.webkit.org/show_bug.cgi?id=142414
        <rdar://problem/20077275>

        Reviewed by Dean Jackson.

        Tested by css3/scroll-snap/scroll-snap-desination-lock-up.html.

        Correct an infinite loop that is triggered when you combine a repeating (100%)
        scroll-snap-point-{x,y} along with a 100% scroll-snap-destination value.

        * page/scrolling/AxisScrollSnapOffsets.cpp:
        (WebCore::updateFromStyle): Make sure we break out of the loop properly when
        the scroll-snap-point-{x,y} step is the same as the scroll-snap-destination.

2015-03-06  Dean Jackson  <dino@apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=142416

        Unreviewed build fix.

        * platform/spi/cocoa/QuartzCoreSPI.h: Add kCAFilterPlusL.

2015-03-06  Dean Jackson  <dino@apple.com>

        Support "plus-lighter" in mix-blend mode
        https://bugs.webkit.org/show_bug.cgi?id=142416
        <rdar://problem/19993979>

        Reviewed by Darin Adler and Sam Weinig.

        Support the "plus-lighter" blending mode to CSS.
        See my reply to: https://lists.w3.org/Archives/Public/public-fx/2015JanMar/0021.html

        Test: css3/blending/svg-blend-plus-lighter.html

        * css/CSSParser.cpp:
        (WebCore::isValidKeywordPropertyAndValue): mix-blend-mode can now accept the
        new keyword.
        * css/CSSPrimitiveValueMappings.h: Add the mappings to/from the GraphicsType.
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        (WebCore::CSSPrimitiveValue::operator BlendMode):
        * css/CSSValueKeywords.in: Add comment to show plus-darker and plus-lighter
        are available.
        * platform/graphics/GraphicsTypes.cpp: New GraphicsType for PlusLighter.
        * platform/graphics/GraphicsTypes.h:
        * platform/graphics/ca/mac/PlatformCAFiltersMac.mm: Map to the CA filter.
        (PlatformCAFilters::setBlendingFiltersOnLayer):
        * platform/graphics/cg/GraphicsContextCG.cpp:
        (WebCore::GraphicsContext::setPlatformCompositeOperation): Map to the CG
        blending flag.

2015-03-06  Alex Christensen  <achristensen@webkit.org>

        Soft link MediaAccessibility using new macros.
        https://bugs.webkit.org/show_bug.cgi?id=142406

        Reviewed by David Kilzer.

        * Configurations/WebCore.unexp:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * page/CaptionUserPreferencesMediaAF.cpp:
        * platform/cf/MediaAccessibilitySoftLink.cpp: Added.
        * platform/cf/MediaAccessibilitySoftLink.h: Added.

2015-03-06  Brent Fulgham  <bfulgham@apple.com>

        Add 'initial' keyword support for scroll snap CSS properties
        https://bugs.webkit.org/show_bug.cgi?id=136345
        <rdar://problem/18162325>

        Reviewed by Dean Jackson.

        Tested by css3/scroll-snap/scroll-snap-initial.html

        The existing implementation already had 'initial' keyword support, but did not fully follow
        the CSS specification. In particular, the 'initial' state for the scroll-snap-points-x and
        scroll-snap-points-y properties was not handled correctly.

        Revise implementation to represent ScrollSnapPoints as a pointer, so that 'none' is a valid
        state.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::scrollSnapPoints): If 'points' is null, return CSSValueNone.
        * css/CSSPropertyNames.in: Provide custom initial/inherit handles for snap point x/y sets.
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertScrollSnapPoints): Update to represent ScrollSnapPoints
        as a pointer.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInitialWebkitScrollSnapPointsX): Provide custom pointer-based
        implementation for ScrollSnapPoints.
        (WebCore::StyleBuilderCustom::applyInheritWebkitScrollSnapPointsX): Ditto.
        (WebCore::StyleBuilderCustom::applyInitialWebkitScrollSnapPointsY): Ditto.
        (WebCore::StyleBuilderCustom::applyInheritWebkitScrollSnapPointsY): Ditto."
        * page/scrolling/AxisScrollSnapOffsets.cpp:
        (WebCore::updateFromStyle): Handle ScrollSnapPoints as pointers.
        (WebCore::updateSnapOffsetsForScrollableArea): Ditto.
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::scrollSnapPointsX): Update to use pointer-based representation of ScrollSnapPoints.
        (WebCore::RenderStyle::scrollSnapPointsY): Ditto.
        (WebCore::RenderStyle::setScrollSnapPointsX): Ditto.
        (WebCore::RenderStyle::setScrollSnapPointsY): Ditto.
        (WebCore::RenderStyle::initialScrollSnapPointsX): Deleted.
        (WebCore::RenderStyle::initialScrollSnapPointsY): Deleted.
        * rendering/style/RenderStyle.h:
        * rendering/style/StyleScrollSnapPoints.cpp:
        (WebCore::StyleScrollSnapPoints::StyleScrollSnapPoints): Revise constructor to handle pointer argument.
        * rendering/style/StyleScrollSnapPoints.h:

2015-03-05  Roger Fong  <roger_fong@apple.com>

        Reskin Captions button and container on OSX.
        https://bugs.webkit.org/show_bug.cgi?id=142383.
        <rdar://problem/20061466>

        Reviewed by Eric Carlson.

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-toggle-closed-captions-button): Create new captions button icon.
        Update caption container to match rest of media controls better.
        (audio::-webkit-media-controls-closed-captions-container):
        (audio::-webkit-media-controls-closed-captions-container .list):
        (audio::-webkit-media-controls-closed-captions-container h3):
        (audio::-webkit-media-controls-closed-captions-container ul):
        (audio::-webkit-media-controls-closed-captions-container li):
        (audio::-webkit-media-controls-closed-captions-container li:focus):
        (audio::-webkit-media-controls-closed-captions-container li:hover):
        Fix up some fonts to make fonts between captions, status display and time displays consistent.
        (audio::-webkit-media-controls-status-display):
        (audio::-webkit-media-controls-time-remaining-display):

2015-03-06  Jer Noble  <jer.noble@apple.com>

        [Web Audio] Decoding specific .m4a file crashes tab
        https://bugs.webkit.org/show_bug.cgi?id=139545

        Reviewed by Eric Carlson.

        Test: webaudio/decode-audio-data-too-short.html

        Bail out early if CoreAudio reports the number of frames in the file to be negative.

        * platform/audio/mac/AudioFileReaderMac.cpp:
        (WebCore::AudioFileReader::createBus):

2015-03-06  Jeremy Jones  <jeremyj@apple.com>

        Scroll to make the video element visible when exiting fullscreen.
        https://bugs.webkit.org/show_bug.cgi?id=141439

        Reviewed by Simon Fraser.

        This patch will scroll the element so it is visible when exiting fullscreen,
        but only if the element is completely scrolled off screen.
        Also update the element screen rect so exit animation goes to the correct location.

        * dom/Element.cpp:
        (WebCore::Element::scrollIntoViewIfNotVisible): Added.
        * dom/Element.h: Add declaration for scrollIntoViewIfNotVisible.
        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (-[WebVideoFullscreenController fullscreenMayReturnToInline]):
        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebAVPlayerController playerViewController:restoreUserInterfaceForOptimizedFullscreenStopWithCompletionHandler:]):
        (-[WebAVPlayerController playerViewControllerWillCancelOptimizedFullscree:]):
        (WebVideoFullscreenInterfaceAVKit::setupFullscreen):
        (WebVideoFullscreenInterfaceAVKit::setupFullscreenInternal):
        (WebVideoFullscreenInterfaceAVKit::exitFullscreen):
        (WebVideoFullscreenInterfaceAVKit::exitFullscreenInternal):
        (WebVideoFullscreenInterfaceAVKit::preparedToReturnToInline):
        (WebVideoFullscreenInterfaceAVKit::fullscreenMayReturnToInline):
        * rendering/ScrollBehavior.cpp:
        * rendering/ScrollBehavior.h:

2015-03-06  Myles C. Maxfield  <mmaxfield@apple.com>

        Crash in -[WebCascadeList objectAtIndex:] + 195
        https://bugs.webkit.org/show_bug.cgi?id=141274

        Reviewed by David Kilzer.

        CTFontDescriptorRefs can live forever in caches inside CoreText, which means our
        WebCascadeList can too.

        Test: platform/mac/fast/text/crash-complextextcontroller-custom-cascade-list.html

        * platform/graphics/FontCascade.cpp:
        (WebCore::FontCascade::FontCascade): Initialize WeakPtrFactory.
        * platform/graphics/FontCascade.h:
        (WebCore::FontCascade::createWeakPtr):
        * platform/graphics/mac/ComplexTextControllerCoreText.mm: Migrate the raw pointer
        to WeakPtr.
        (-[WebCascadeList initWithFont:character:]):
        (-[WebCascadeList count]):
        (-[WebCascadeList objectAtIndex:]):

2015-03-06  Myles C. Maxfield  <mmaxfield@apple.com>

        Rename BreakingContextInlineHeaders.h to BreakingContext.h
        https://bugs.webkit.org/show_bug.cgi?id=142404

        Reviewed by Simon Fraser.

        No point naming it "InlineHeaders" when there are no non-inline-headers files.

        No new tests because this is just a rename of a file.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/RenderBlockLineLayout.cpp:
        * rendering/line/BreakingContext.h: Renamed from Source/WebCore/rendering/line/BreakingContextInlineHeaders.h.
        (WebCore::WordMeasurement::WordMeasurement):
        (WebCore::BreakingContext::BreakingContext):
        (WebCore::BreakingContext::currentObject):
        (WebCore::BreakingContext::lineBreak):
        (WebCore::BreakingContext::lineWidth):
        (WebCore::BreakingContext::atEnd):
        (WebCore::BreakingContext::clearLineBreakIfFitsOnLine):
        (WebCore::BreakingContext::commitLineBreakAtCurrentWidth):
        (WebCore::BreakingContext::InlineIteratorHistory::InlineIteratorHistory):
        (WebCore::BreakingContext::InlineIteratorHistory::push):
        (WebCore::BreakingContext::InlineIteratorHistory::update):
        (WebCore::BreakingContext::InlineIteratorHistory::renderer):
        (WebCore::BreakingContext::InlineIteratorHistory::offset):
        (WebCore::BreakingContext::InlineIteratorHistory::atTextParagraphSeparator):
        (WebCore::BreakingContext::InlineIteratorHistory::previousInSameNode):
        (WebCore::BreakingContext::InlineIteratorHistory::get):
        (WebCore::BreakingContext::InlineIteratorHistory::current):
        (WebCore::BreakingContext::InlineIteratorHistory::historyLength):
        (WebCore::BreakingContext::InlineIteratorHistory::moveTo):
        (WebCore::BreakingContext::InlineIteratorHistory::increment):
        (WebCore::BreakingContext::InlineIteratorHistory::clear):
        (WebCore::BreakingContext::initializeForCurrentObject):
        (WebCore::BreakingContext::increment):
        (WebCore::BreakingContext::handleBR):
        (WebCore::borderPaddingMarginStart):
        (WebCore::borderPaddingMarginEnd):
        (WebCore::shouldAddBorderPaddingMargin):
        (WebCore::previousInFlowSibling):
        (WebCore::inlineLogicalWidth):
        (WebCore::BreakingContext::handleOutOfFlowPositioned):
        (WebCore::BreakingContext::handleFloat):
        (WebCore::shouldSkipWhitespaceAfterStartObject):
        (WebCore::BreakingContext::handleEmptyInline):
        (WebCore::BreakingContext::handleReplaced):
        (WebCore::firstPositiveWidth):
        (WebCore::iteratorIsBeyondEndOfRenderCombineText):
        (WebCore::nextCharacter):
        (WebCore::updateCounterIfNeeded):
        (WebCore::measureHyphenWidth):
        (WebCore::textWidth):
        (WebCore::ensureCharacterGetsLineBox):
        (WebCore::tryHyphenating):
        (WebCore::BreakingContext::handleText):
        (WebCore::textBeginsWithBreakablePosition):
        (WebCore::BreakingContext::canBreakAtThisPosition):
        (WebCore::BreakingContext::commitAndUpdateLineBreakIfNeeded):
        (WebCore::checkMidpoints):
        (WebCore::BreakingContext::handleEndOfLine):
        (WebCore::BreakingContext::optimalLineBreakLocationForTrailingWord):
        * rendering/line/LineBreaker.cpp:

2015-03-06  Dan Bernstein  <mitz@apple.com>

        Expose some of the functionality of extract-localizable-strings.pl as a module
        https://bugs.webkit.org/show_bug.cgi?id=142038

        Reviewed by Sam Weinig.

        * LocalizableStrings.pm: Copied from Source/WebCore/extract-localizable-strings.pl.
        (setTreatWarningsAsErrors): Added this setter for the variable moved here.
        (sawError): Added a getter.
        (emitError): Added. Emits the error message and sets $sawError.
        (unescapeHexSequence): Moved from extract-localizable-strings.pl and renamed to start with
        a lowercase letter.
        (keyCollisionCount): Added this getter.
        (localizedCount): Added this getter.
        (HandleUIString): Moved from extract-localizable-strings.pl and made it increment the
        localized string count.
        (writeStringsFile): Moved code from extract-localizable-strings.pl into this new subroutine.
        (verifyStringsFile): Ditto.

        * WebCore.xcodeproj/project.pbxproj: Added LocalizableStrings.pm to the Copy Scripts build
        phase.

        * extract-localizable-strings.pl:
        (emitWarning): Moved to the module.
        (UnescapeHexSequence): Ditto.
        (HandleUIString): Ditto.

2015-03-06  Darin Adler  <darin@apple.com>

        Remove unused C++ DOM event handler attribute functions
        https://bugs.webkit.org/show_bug.cgi?id=142398

        Reviewed by Anders Carlsson.

        * dom/EventTarget.h: Removed now-unneeded macros: DEFINE_ATTRIBUTE_EVENT_LISTENER,
        DECLARE_VIRTUAL_ATTRIBUTE_EVENT_LISTENER, DEFINE_VIRTUAL_ATTRIBUTE_EVENT_LISTENER,
        DEFINE_WINDOW_ATTRIBUTE_EVENT_LISTENER, DEFINE_MAPPED_ATTRIBUTE_EVENT_LISTENER,
        DECLARE_FORWARDING_ATTRIBUTE_EVENT_LISTENER, DEFINE_FORWARDING_ATTRIBUTE_EVENT_LISTENER.

        * Modules/webaudio/AudioScheduledSourceNode.cpp:
        (WebCore::AudioScheduledSourceNode::setOnended): Deleted.
        (WebCore::AudioScheduledSourceNode::finish): Rewrote this to use dispatchEvent
        instead of one-off event-sending code. Also use a lambda to avoid needing two
        additional member functions to implement this.
        (WebCore::AudioScheduledSourceNode::notifyEndedDispatch): Deleted.
        (WebCore::AudioScheduledSourceNode::notifyEnded): Deleted.
        * Modules/webaudio/AudioScheduledSourceNode.h: Updated for above.

        * Modules/battery/BatteryManager.h: Removed onxxx and setOnxxx functions,
        including ones created with macros from EventTarget.h.
        * Modules/encryptedmedia/MediaKeySession.h: Ditto.
        * Modules/indexeddb/IDBDatabase.h: Ditto.
        * Modules/indexeddb/IDBOpenDBRequest.h: Ditto.
        * Modules/indexeddb/IDBRequest.h: Ditto.
        * Modules/indexeddb/IDBTransaction.h: Ditto.
        * Modules/mediastream/MediaStream.h: Ditto.
        * Modules/mediastream/MediaStreamTrack.h: Ditto.
        * Modules/mediastream/RTCDTMFSender.h: Ditto.
        * Modules/mediastream/RTCDataChannel.h: Ditto.
        * Modules/mediastream/RTCPeerConnection.h: Ditto.
        * Modules/notifications/Notification.h: Ditto.
        * Modules/speech/SpeechSynthesisUtterance.h: Ditto.
        * Modules/webaudio/AudioContext.h: Ditto.
        * Modules/webaudio/ScriptProcessorNode.cpp: Ditto.
        * Modules/webaudio/ScriptProcessorNode.h: Ditto.
        * Modules/websockets/WebSocket.h: Ditto.
        * css/FontLoader.h: Ditto.
        * dom/Document.h: Ditto.
        * dom/Element.cpp: Ditto.
        * dom/Element.h: Ditto.
        * dom/MessagePort.h: Ditto.
        * fileapi/FileReader.h: Ditto.
        * html/HTMLBodyElement.h: Ditto.
        * html/HTMLFormElement.h: Ditto.
        * html/HTMLFrameSetElement.h: Ditto.
        * html/HTMLInputElement.h: Ditto.
        * html/HTMLMediaElement.h: Ditto.
        * html/HTMLVideoElement.h: Ditto.
        * html/track/TextTrack.h: Ditto.
        * html/track/TextTrackCue.h: Ditto.
        * html/track/TrackListBase.h: Ditto.
        * loader/appcache/DOMApplicationCache.h: Ditto.
        * page/DOMWindow.h: Ditto.
        * page/EventSource.h: Ditto.
        * page/Performance.h: Ditto.
        * workers/AbstractWorker.h: Ditto.
        * workers/DedicatedWorkerGlobalScope.h: Ditto.
        * workers/Worker.h: Ditto.
        * workers/WorkerGlobalScope.h: Ditto.
        * xml/XMLHttpRequest.h: Ditto.
        * xml/XMLHttpRequestUpload.h: Ditto.

2015-03-06  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Setting any of the <object> element plugin controlling attributes does not have any affect.
        https://bugs.webkit.org/show_bug.cgi?id=141936.

        Reviewed by Simon Fraser.
        
        When setting any of the <object> element plugin controlling attributes
        dynamically we need to mark the the element to be dirty by calling
        setNeedsStyleRecalc(), so it has to recreate its renderer when needed.

        Tests: fast/css/image-object-hover-inherit.html
               svg/as-object/svg-in-object-dynamic-attribute-change.html

        * dom/Element.h: Delete unimplemented function.
        
        * html/HTMLObjectElement.cpp:
        (WebCore::HTMLObjectElement::parseAttribute): Mark the element dirty by
        calling setNeedsStyleRecalc() when one of the plugin controlling attributes
        gets changed. We have to clear m_useFallbackContent because the attribute's
        new value might fix the object rendering.
        
        * html/HTMLObjectElement.h: Add a function to clear m_useFallbackContent.

2015-03-06  Myles C. Maxfield  <mmaxfield@apple.com>

        Test horiz-origin-x and horiz-origin-y in SVG fonts
        https://bugs.webkit.org/show_bug.cgi?id=142403

        Reviewed by Simon Fraser.

        Remove incorrect comment.

        Test: svg/fonts/svg-font-horiz-origin.html

        * svg/SVGToOTFFontConversion.cpp:
        (WebCore::CFFBuilder::CFFBuilder):

2015-03-06  Simon Fraser  <simon.fraser@apple.com>

        Allow tree dumping functions to be used in release builds by switching a flag
        https://bugs.webkit.org/show_bug.cgi?id=142379

        Reviewed by Zalan Bujtas.

        There are various tree dumping functions that are useful for debugging, and sometimes
        you want to be able to use them in release builds. Currently they are surrounded by
        #ifndef NDEBUG. Change this to #if ENABLE(TREE_DEBUGGING), which is defined to 0 or 1
        in wtf/Platform.h

        * dom/DocumentMarkerController.cpp:
        * dom/DocumentMarkerController.h:
        * dom/Element.cpp:
        * dom/Element.h:
        * dom/Node.cpp:
        * dom/Node.h:
        * dom/Position.cpp:
        * dom/Position.h:
        * dom/Range.cpp:
        * dom/Range.h:
        * dom/Text.cpp:
        * dom/Text.h:
        * editing/FrameSelection.cpp:
        * editing/FrameSelection.h:
        * editing/VisiblePosition.cpp:
        * editing/VisiblePosition.h:
        * editing/VisibleSelection.cpp:
        * editing/VisibleSelection.h:
        * html/parser/HTMLElementStack.cpp:
        * html/parser/HTMLFormattingElementList.cpp:
        * rendering/CounterNode.cpp:
        * rendering/CounterNode.h:
        * rendering/InlineBox.cpp:
        * rendering/InlineBox.h:
        * rendering/InlineFlowBox.cpp:
        * rendering/InlineFlowBox.h:
        * rendering/InlineTextBox.cpp:
        * rendering/InlineTextBox.h:
        * rendering/RenderBlockFlow.cpp:
        * rendering/RenderBlockFlow.h:
        * rendering/RenderCounter.cpp:
        * rendering/RenderCounter.h:
        * rendering/RenderLayer.cpp:
        * rendering/RenderLayer.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::createGraphicsLayer):
        (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer):
        (WebCore::RenderLayerBacking::updateForegroundLayer):
        (WebCore::RenderLayerBacking::updateBackgroundLayer):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::CompositingState::CompositingState):
        (WebCore::RenderLayerCompositor::updateLayerForTopOverhangArea):
        (WebCore::RenderLayerCompositor::updateLayerForBottomOverhangArea):
        (WebCore::RenderLayerCompositor::updateLayerForHeader):
        (WebCore::RenderLayerCompositor::updateLayerForFooter):
        (WebCore::RenderLayerCompositor::updateOverflowControlsLayers):
        (WebCore::RenderLayerCompositor::ensureRootLayer):
        * rendering/RenderObject.cpp:
        * rendering/RenderObject.h:
        * rendering/RootInlineBox.cpp:
        * rendering/RootInlineBox.h:
        * rendering/SimpleLineLayoutFunctions.cpp:
        * rendering/SimpleLineLayoutFunctions.h:
        * rendering/svg/SVGResources.cpp:
        * rendering/svg/SVGResources.h:

2015-03-06  Said Abou-Hallawa  <sabouhallawa@apple.com>

        An SVG element without intrinsic size inherits the container size as its viewport instead of inheriting the container viewport.
        https://bugs.webkit.org/show_bug.cgi?id=141725.

        Reviewed by Darin Adler.

        The current viewport of the <svg> element should be retrieved from its
        renderer if the renderer is available. If the renderer is not created yet,
        this means the viewport is needed to calculate the size of the renderer.
        In this case, we should return the element size if it is intrinsic size.
        
        Test: svg/css/svg-css-different-intrinsic-sizes.html

        * svg/SVGSVGElement.cpp:
        (WebCore::SVGSVGElement::currentViewportSize): Change the order for
        returning the viewport of the <svg> element. We should consider the case
        of a valid renderer before considering the case of an intrinsic size.

2015-03-06  Simon Fraser  <simon.fraser@apple.com>

        Allow composited clip-path to be updated without a layer repaint
        https://bugs.webkit.org/show_bug.cgi?id=142384

        Reviewed by Zalan Bujtas.
        
        When clip-path is mapped to a compositing shape layer mask, we can just
        push a new shape to the GraphicsLayer to update the clip path, without
        needing to repaint.
        
        Achieve this by adding ContextSensitivePropertyClipPath. When set, and the
        stars are aligned, issue a StyleDifferenceRecompositeLayer rather than
        a StyleDifferenceRepaint.
        
        We ask RenderLayerCompositor whether the clip path can be composited
        to hide platform differences related to whether GraphicsLayer supports
        shape masks.

        Test: compositing/masks/compositing-clip-path-change-no-repaint.html

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::adjustStyleDifference): Remove obvious comment
        about opacity. Handle ContextSensitivePropertyClipPath.
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::canCompositeClipPath): If we have a mask
        we have to paint the mask + clip path into the mask layer (mirrors code in
        RenderLayerBacking::updateMaskingLayer but isn't quite similar enough to share).
        * rendering/RenderLayerCompositor.h:
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::changeRequiresRepaint): Set ContextSensitivePropertyClipPath
        and don't return, as is normal for context-sensitive property handling.
        * rendering/style/RenderStyleConstants.h: Line things up to avoid future bit
        fumbles, and remove unnecessary braces.

2015-03-06  Alex Christensen  <achristensen@webkit.org>

        [Content Extensions] Process all actions when blocking a URL.
        https://bugs.webkit.org/show_bug.cgi?id=142363

        Reviewed by Darin Adler.

        This can only be tested once we implement css selectors.

        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForURL):
        Do not return early when adding a block action.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):
        Process all actions before returning.

2015-03-05  Darin Adler  <darin@apple.com>

        Make JavaScript binding get and set legacy event listener attributes directly
        https://bugs.webkit.org/show_bug.cgi?id=142282

        Reviewed by Antti Koivisto.

        Test: fast/dom/legacy-event-handler-attributes.html

        This patch changes the JavaScript getters and setters for these attributes
        to work directly without requiring any functions in the C++ DOM implementation.
        A subsequent patch will remove the now-unused C++ DOM implementation.

        * Modules/webaudio/AudioScheduledSourceNode.cpp:
        (WebCore::AudioScheduledSourceNode::setOnended): Remove code to set
        m_hasEndedListener; this was incorrect since it only detected event listeners
        set up with the event handler attribute, not with addEventListener.
        (WebCore::AudioScheduledSourceNode::addEventListener): Added code to update
        m_hasEndedListener after making changes to the event listeners.
        (WebCore::AudioScheduledSourceNode::removeEventListener): Ditto.
        (WebCore::AudioScheduledSourceNode::removeAllEventListeners): Ditto.
        * Modules/webaudio/AudioScheduledSourceNode.h: Added above overrides.

        * Modules/webaudio/ScriptProcessorNode.cpp:
        (WebCore::ScriptProcessorNode::setOnaudioprocess): Remove code to set
        m_hasAudioProcessListener; this was incorrect since it only detected event listeners
        set up with the event handler attribute, not with addEventListener.
        (WebCore::ScriptProcessorNode::addEventListener): Added code to update
        m_hasAudioProcessListener after making changes to the event listeners.
        (WebCore::ScriptProcessorNode::removeEventListener): Ditto.
        (WebCore::ScriptProcessorNode::removeAllEventListeners): Ditto.
        * Modules/webaudio/ScriptProcessorNode.h: Added above overrides.

        * bindings/js/JSEventListener.cpp:
        (WebCore::legacyEventListenerAttribute): Added.
        (WebCore::createEventListenerForLegacyAttribute): Added.
        (WebCore::setLegacyEventListenerAttribute): Added.
        (WebCore::legacyWindowEventListenerAttribute): Added.
        (WebCore::setLegacyWindowEventListenerAttribute): Added.

        * bindings/js/JSEventListener.h:
        (WebCore::createJSEventListenerForAttribute): Deleted.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateAttributeEventListenerCall): Deleted.
        (LegacyEventListenerAttributeEventName): Added.
        (LegacyEventListenerAttributePrefix): Added.
        (GenerateImplementation): Use "auto" in lots of places to simplify the code
        generation. Replaced the old inlined code to deal with legacy event listener
        attributes with code that simply calls the new functions from JSEventLister.h.
        (GenerateCallWith): Use "auto".
        (GenerateConstructorDefinition): Ditto.

        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp: Updated expected
        results since these now use auto.
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestEventTarget.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestException.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestInterface.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestNode.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestNondeterministic.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestObj.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestTypedefs.cpp: Ditto.
        * bindings/scripts/test/JS/JSattribute.cpp: Ditto.
        * bindings/scripts/test/JS/JSreadonly.cpp: Ditto.

        * dom/MessagePort.cpp:
        (WebCore::MessagePort::addEventListener): Moved logic that calls the start
        function in here from setOnmessage, since the latter will no longer be called.
        * dom/MessagePort.h: Ditto.

2015-03-06  Myles C. Maxfield  <mmaxfield@apple.com>

        [iOS] SVG fonts are garbled
        https://bugs.webkit.org/show_bug.cgi?id=142377

        Reviewed by Simon Fraser.

        The C++ spec says that casting a negative floating point number to
        an unsigned integer is undefined. Instead, use clamping.

        Covered by existing SVG font tests.

        * Configurations/FeatureDefines.xcconfig:
        * svg/SVGToOTFFontConversion.cpp:
        (WebCore::writeCFFEncodedNumber):

2015-03-06  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r181139.
        https://bugs.webkit.org/show_bug.cgi?id=142394

        "Caused many crashes in API tests and layout tests in Debug
        builds on bots." (Requested by ddkilzer on #webkit).

        Reverted changeset:

        "Allow tree dumping functions to be used in release builds by
        switching a flag"
        https://bugs.webkit.org/show_bug.cgi?id=142379
        http://trac.webkit.org/changeset/181139

2015-03-05  Philippe Normand  <pnormand@igalia.com>

        [MediaStream] new load method for MediaStreamPrivate objects
        https://bugs.webkit.org/show_bug.cgi?id=142346

        Reviewed by Eric Carlson.

        No new tests, existing mediastream tests cover this use-case.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::loadResource): Use new load method for MediaStreams.
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::NullMediaPlayerPrivate::load): New stub.
        (WebCore::MediaPlayer::load): New load method for
        MediaStreamPrivate.
        (WebCore::MediaPlayer::nextBestMediaEngine): Set a new boolean on
        the MediaEngineSupportParameters to differenciate with MSE and
        normal video resources.
        (WebCore::MediaPlayer::loadWithNextMediaEngine): Defer loading of
        the MediaStream to the MediaPlayerPrivate backend.
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaEngineSupportParameters::MediaEngineSupportParameters):
        * platform/graphics/MediaPlayerPrivate.h:
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
        (WebCore::MediaPlayerPrivateAVFoundation::load): New empty load
        method for MediaStreamPrivate objects.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::load): Ditto.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::load): Ditto.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
        (WebCore::MediaPlayerPrivateQTKit::load): Ditto.
        * platform/mock/mediasource/MockMediaPlayerMediaSource.h:

2015-03-05  Philippe Normand  <pnormand@igalia.com>

        Rename MediaStreamSource to RealtimeMediaSource
        https://bugs.webkit.org/show_bug.cgi?id=142330

        Reviewed by Eric Carlson.

        MediaStreamSource is a misleading name, it's not the source of a
        MediaStream.

        The chain from high level to low level is: MediaStream -
        MediaStreamTrack - MediaStreamTrackPrivate - RealTimeMediaSource
        and a MediaStream can contains several MediaStreamTrack objects of
        different types.

        MediaStreamSourceStates was also renamed to
        RealtimeMediaSourceStates, and MediaStreamSourceCapabilities to
        RealtimeMediaSourceCapabilities, for consistency.

2015-03-06  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Unreviewed WinCairo port build fix since r181136.

        * platform/network/curl/ResourceRequest.h:
        (WebCore::ResourceRequest::doPlatformAdopt): Missing ":" in std::unique_ptr.

2015-03-06  David Kilzer  <ddkilzer@apple.com>

        Rename SOFT_LINK_{CONSTANT,FUNCTION}_{HEADER,SOURCE} to SOFT_LINK_{CONSTANT,FUNCTION}_FOR_{HEADER,SOURCE}
        <http://webkit.org/b/142177>

        Reviewed by Alex Christensen.

        * platform/cf/CoreMediaSoftLink.cpp:
        - Rename SOFT_LINK_{CONSTANT,FUNCTION}_SOURCE() to
          SOFT_LINK_{CONSTANT,FUNCTION}_FOR_SOURCE().
        * platform/cf/CoreMediaSoftLink.h:
        - Rename SOFT_LINK_{CONSTANT,FUNCTION}_HEADER() to
          SOFT_LINK_{CONSTANT,FUNCTION}_FOR_HEADER().

        * platform/mac/SoftLinking.h:
        * platform/win/SoftLinking.h:
        - Rename SOFT_LINK_{CONSTANT,FUNCTION}_{HEADER,SOURCE}() to
          SOFT_LINK_{CONSTANT,FUNCTION}_FOR_{HEADER,SOURCE}().

2015-03-06  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] ASSERTION FAILED !track.growthLimitIsInfinite() in RenderGrid::computeUsedBreadthOfGridTracks
        https://bugs.webkit.org/show_bug.cgi?id=142265

        Reviewed by Darin Adler.

         The problem is that computeUsedBreadthOfGridTracks() could return
        -1 for rows because we're calling computeContentLogicalHeight()
        which can indeed return -1. In those cases we should clamp the
        value to 0 the same as Flexbox does otherwise we could end up with
        a negative value in the min track sizing function.

        Test: fast/css-grid-layout/grid-indefinite-calculated-height-crash.html

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::computeUsedBreadthOfSpecifiedLength):

2015-03-05  Simon Fraser  <simon.fraser@apple.com>

        Allow tree dumping functions to be used in release builds by switching a flag
        https://bugs.webkit.org/show_bug.cgi?id=142379

        Reviewed by Zalan Bujtas.

        There are various tree dumping functions that are useful for debugging, and sometimes
        you want to be able to use them in release builds. Currently they are surrounded by
        #ifndef NDEBUG. Change this to #if ENABLE(TREE_DEBUGGING), which is defined to 0 or 1
        in config.h

        * config.h:
        * dom/DocumentMarkerController.cpp:
        * dom/DocumentMarkerController.h:
        * dom/Element.cpp:
        * dom/Element.h:
        * dom/Node.cpp:
        * dom/Node.h:
        * dom/Position.cpp: Position::debugPosition(const char* msg) was available in release builds, but this changes
        is to respect ENABLE_TREE_DEBUGGING, which I think is correct.
        * dom/Position.h:
        * dom/Range.cpp:
        * dom/Range.h:
        * dom/Text.cpp:
        * dom/Text.h:
        * rendering/CounterNode.cpp:
        * rendering/CounterNode.h:
        * rendering/InlineBox.cpp:
        * rendering/InlineBox.h:
        * rendering/InlineFlowBox.cpp:
        * rendering/InlineFlowBox.h:
        * rendering/InlineTextBox.cpp:
        * rendering/InlineTextBox.h:
        * rendering/RenderBlockFlow.cpp:
        * rendering/RenderBlockFlow.h:
        * rendering/RenderCounter.cpp:
        * rendering/RenderCounter.h:
        * rendering/RenderLayer.cpp:
        * rendering/RenderLayer.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::createGraphicsLayer):
        (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer):
        (WebCore::RenderLayerBacking::updateForegroundLayer):
        (WebCore::RenderLayerBacking::updateBackgroundLayer):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::CompositingState::CompositingState):
        (WebCore::RenderLayerCompositor::updateLayerForTopOverhangArea):
        (WebCore::RenderLayerCompositor::updateLayerForBottomOverhangArea):
        (WebCore::RenderLayerCompositor::updateLayerForHeader):
        (WebCore::RenderLayerCompositor::updateLayerForFooter):
        (WebCore::RenderLayerCompositor::updateOverflowControlsLayers):
        (WebCore::RenderLayerCompositor::ensureRootLayer):
        * rendering/RenderObject.cpp:
        * rendering/RenderObject.h: showTreeCharacterOffset was unused.
        * rendering/RootInlineBox.cpp:
        * rendering/RootInlineBox.h:
        * rendering/SimpleLineLayoutFunctions.cpp:
        * rendering/SimpleLineLayoutFunctions.h:
        * rendering/svg/SVGResources.cpp:
        * rendering/svg/SVGResources.h:

2015-03-05  Brent Fulgham  <bfulgham@apple.com>

        [Mac] 'Gliding' phase of scroll snap points is incorrect on desktop
        https://bugs.webkit.org/show_bug.cgi?id=142351
        <rdar://problem/20058023>

        Reviewed by Dean Jackson.

        This problem was caused by incorrectly starting a new snapping animation timer when the
        "end momentum" phase event had been received. This caused WebKit to recalculate the
        animation curve for the remaining distance, resulting in the bad animation behavior.

        Removing this incorrect start animation command when entering the momentum ended state
        resolves the problem.

        * platform/cocoa/ScrollController.mm:
        (WebCore::ScrollController::processWheelEventForScrollSnapOnAxis): Remove the command to
        start a new snap animation when entering the "end momentum" state.

2015-03-05  Joonghun Park  <jh718.park@samsung.com>

        Use std::unique_ptr instead of PassOwnPtr|OwnPtr for ResourceRequest
        https://bugs.webkit.org/show_bug.cgi?id=142349

        Reviewed by Darin Adler.

        No new tests, no behavior changes.

        * loader/WorkerThreadableLoader.cpp:
        (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge):
        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::removeRequestFromSessionCaches):
        * platform/CrossThreadCopier.h:
        * platform/network/ResourceRequestBase.cpp:
        (WebCore::ResourceRequestBase::adopt):
        (WebCore::ResourceRequestBase::copyData):
        * platform/network/ResourceRequestBase.h:
        * platform/network/cf/ResourceRequest.h:
        * platform/network/cf/ResourceRequestCFNet.cpp:
        (WebCore::ResourceRequest::doPlatformCopyData):
        (WebCore::ResourceRequest::doPlatformAdopt):
        * platform/network/curl/ResourceRequest.h:
        (WebCore::ResourceRequest::doPlatformCopyData):
        (WebCore::ResourceRequest::doPlatformAdopt):
        * platform/network/soup/ResourceRequest.h:
        (WebCore::ResourceRequest::doPlatformCopyData):
        (WebCore::ResourceRequest::doPlatformAdopt):

2015-03-05  Oliver Hunt  <oliver@apple.com>

        Block mixed mode content
        https://bugs.webkit.org/show_bug.cgi?id=142378

        Reviewed by Darin Adler.

        Switched to blocking mixed mode content by default,
        and modify the blocking rules to allow us to match
        the behaviours of other browsers.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::willSendRequest):
        * loader/MixedContentChecker.cpp:
        (WebCore::MixedContentChecker::canDisplayInsecureContent):
        (WebCore::MixedContentChecker::canRunInsecureContent):
        (WebCore::MixedContentChecker::logWarning):
        * loader/MixedContentChecker.h:
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::contentTypeFromResourceType):
        (WebCore::CachedResourceLoader::checkInsecureContent):
        * page/Settings.in:

2015-03-05  Chris Dumez  <cdumez@apple.com>

        Document::recalcStyle() shouldn't call viewportContentsChanged() if there is a pending layout
        https://bugs.webkit.org/show_bug.cgi?id=142140

        Reviewed by Darin Adler.

        Stop calling FrameView::viewportContentsChanged() in Document::recalcStyle()
        if there is a layout pending to avoid doing unncessary work. If there is a
        layout pending, we don't need to do anything because viewportContentsChanged()
        will be called after layout.

        We only need to call FrameView::viewportContentsChanged() in
        Document::recalcStyle() if a style recalc does not cause a layout. For e.g.
        a '-webkit-transform' could make an animated GIF visible without causing a
        layout, in which case we need to resume the animated GIF after style recalc.

        No new tests, already covered by:
        fast/images/animated-gif-webkit-transform.html

        * dom/Document.cpp:
        (WebCore::Document::recalcStyle):

2015-03-05  Dean Jackson  <dino@apple.com>

        [iOS Media] Web video on iPad appears black and missing the AirPlay placard when connected to an AirPlay route
        https://bugs.webkit.org/show_bug.cgi?id=142373
        <rdar://problem/19866072>

        Reviewed by Brent Fulgham.

        There was no style for the placard, which meant it had
        zero height (and thus was invisible).

        * Modules/mediacontrols/mediaControlsiOS.css:
        (audio::-webkit-media-controls-wireless-playback-status): Added.
        (audio::-webkit-media-controls-wireless-playback-status.hidden):

2015-03-05  Roger Fong  <roger_fong@apple.com>

        Adjust volume box to not intersect with rest of inline media controls on OSX.
        https://bugs.webkit.org/show_bug.cgi?id=142372.
        <rdar://problem/20064327>

        Reviewed by Brent Fulgham.

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-panel .volume-box):
        (audio::-webkit-media-controls-panel .volume-box:active):

2015-03-05  Timothy Horton  <timothy_horton@apple.com>

        <attachment> should allow the title property to override its title
        https://bugs.webkit.org/show_bug.cgi?id=142369

        Reviewed by Anders Carlsson.

        Test: fast/attachment/attachment-title.html

        * html/HTMLAttachmentElement.cpp:
        (WebCore::HTMLAttachmentElement::parseAttribute):
        Invalidate the attachment if the title changes.

        (WebCore::HTMLAttachmentElement::attachmentTitle):
        Use the title attribute for the title, unless it's empty, in which
        case we'll use the file's name.

        * html/HTMLAttachmentElement.h:
        * rendering/RenderThemeMac.mm:
        (WebCore::AttachmentLayout::layOutTitle):
        Use attachmentTitle() instead of reaching into the file. Also rename
        some things from filename to title.

2015-03-05  Timothy Horton  <timothy_horton@apple.com>

        Two text carets result when dragging a file into a contentEditable area that preventDefault()s the "drop" event
        https://bugs.webkit.org/show_bug.cgi?id=142362
        <rdar://problem/20046434>

        Reviewed by Simon Fraser.

        * page/DragController.h:
        * page/DragController.cpp:
        (WebCore::DragController::clearDragCaret):
        Rename cancelDrag to clearDragCaret, since that's really what it does.

        (WebCore::DragController::tryDocumentDrag):
        When updating the drag position, if we're now over a <input type="file">,
        clear the drag caret. This avoids leaving a caret behind when dragging
        over a <input type="file"> inside a contentEditable area.

        (WebCore::DragController::performDragOperation):
        When the content preventDefault()s while finishing a drag, we should still
        clear the drag caret, because it's possible that the client did not
        preventDefault() on dragover/etc., so we would have set a cursor, and
        now need to clear it so that it doesn't get left behind.

        (WebCore::DragController::mouseMovedIntoDocument):
        (WebCore::DragController::dragEnteredOrUpdated):
        (WebCore::DragController::concludeEditDrag):
        Adjust to renamed clearDragCaret.

        (WebCore::DragController::dragEnded):
        Make use of clearDragCaret (which is equivalent to this line).

2015-03-05  Timothy Horton  <timothy_horton@apple.com>

        <attachment> should support indication of download progress
        https://bugs.webkit.org/show_bug.cgi?id=142336
        <rdar://problem/19982504>

        Reviewed by Anders Carlsson.

        * html/HTMLAttachmentElement.cpp:
        (WebCore::HTMLAttachmentElement::parseAttribute):
        Invalidate the attachment if the progress attribute changes.

        * platform/graphics/FloatRoundedRect.h:
        (WebCore::FloatRoundedRect::Radii::Radii):
        Add a Radii constructor that takes a single argument that is used
        as the radius for all corners, for convenience.

        * rendering/RenderThemeMac.mm:
        (WebCore::attachmentProgressBarBackgroundColor):
        (WebCore::attachmentProgressBarFillColor):
        (WebCore::attachmentProgressBarBorderColor):
        Add a bunch of constants for the progress bar.

        (WebCore::paintAttachmentIconBackground):
        Make use of fillRoundedRect instead of creating a path.

        (WebCore::paintAttachmentProgress):
        (WebCore::RenderThemeMac::paintAttachment):
        Paint a progress bar if the progress attribute exists and
        is a valid floating point number.

2015-03-05  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r180846.
        https://bugs.webkit.org/show_bug.cgi?id=142368

        Caused missing image banners in iTunes store pages (Requested
        by smfr on #webkit).

        Reverted changeset:

        "FrameView::layoutTimerFired() should update style if needed
        before doing layout"
        https://bugs.webkit.org/show_bug.cgi?id=141688
        http://trac.webkit.org/changeset/180846

2015-03-05  Sandy Perez  <sperez@indaba.es>

        Fix the build when NEON_INTRINSICS is enabled
        https://bugs.webkit.org/show_bug.cgi?id=142361

        Reviewed by Csaba Osztrogonác.

        * platform/graphics/cpu/arm/filters/FEBlendNEON.h:
        (WebCore::FEBlend::platformApplySoftware):
        * platform/graphics/filters/FEGaussianBlur.cpp:
        (WebCore::standardBoxBlur):

2015-03-05  Benjamin Poulain  <bpoulain@apple.com>

        Add basic support for character sets to the URL Filter parser
        https://bugs.webkit.org/show_bug.cgi?id=142257

        Reviewed by Alex Christensen.

        This patch is a first step toward making the URL filter parser a bit
        more powerful: it adds support for character set atom.

        I did not attempt to integrate that into the prefix tree in this patch,
        instead, the GraphBuilder gets a two modes of generating the NFA:
        PrefixTree and DirectGeneration.

        As long as we only see trivial atoms, we use the PrefixTree generation
        to minimize the number of nodes we need. As soon as we start a character
        class, we switch to DirectGeneration and we generate the NFA from the input
        without merging with previously seen patterns.

        To differentiate between Trivial atoms and CharacterSet, we also gain
        an AtomType state.

        The character set themself are very simple: each character is represented by
        a bit in a 16bytes bit vector.

        * contentextensions/URLFilterParser.cpp:
        (WebCore::ContentExtensions::quantifyTrivialAtom):
        (WebCore::ContentExtensions::GraphBuilder::atomPatternCharacter):
        (WebCore::ContentExtensions::GraphBuilder::atomBuiltInCharacterClass):
        (WebCore::ContentExtensions::GraphBuilder::quantifyAtom):
        (WebCore::ContentExtensions::GraphBuilder::atomBackReference):
        (WebCore::ContentExtensions::GraphBuilder::atomCharacterClassBegin):
        (WebCore::ContentExtensions::GraphBuilder::atomCharacterClassAtom):
        (WebCore::ContentExtensions::GraphBuilder::atomCharacterClassRange):
        (WebCore::ContentExtensions::GraphBuilder::atomCharacterClassEnd):
        (WebCore::ContentExtensions::GraphBuilder::atomCharacterClassBuiltIn):
        (WebCore::ContentExtensions::GraphBuilder::sinkAtom):
        (WebCore::ContentExtensions::GraphBuilder::generateTransition):
        (WebCore::ContentExtensions::GraphBuilder::sinkTrivialAtom):
        (WebCore::ContentExtensions::GraphBuilder::sinkCharacterSet):
        (WebCore::ContentExtensions::GraphBuilder::sinkPendingAtomIfNecessary):

2015-03-05  Roger Fong  <roger_fong@apple.com>

        Implement new fullscreen media controls on Mac.
        https://bugs.webkit.org/show_bug.cgi?id=142355.
        <rdar://problem/16175787>

        Reviewed by Dean Jackson.

        Adjust sizes and positioning of all fullscreen media control elements.
        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-fullscreen-button.exit): Update to match entering fullscreen button.
        (video:-webkit-full-screen::-webkit-media-controls-panel):
        (video:-webkit-full-screen::-webkit-media-controls-panel .volume-box):
        (video:-webkit-full-screen::-webkit-media-controls-volume-slider):
        (video:-webkit-full-screen::-webkit-media-controls-volume-max-button):
        (video:-webkit-full-screen::-webkit-media-controls-volume-min-button):
        (video:-webkit-full-screen::-webkit-media-controls-play-button):
        (video:-webkit-full-screen::-webkit-media-controls-play-button.paused):
        (video:-webkit-full-screen::-webkit-media-controls-seek-back-button):
        (video:-webkit-full-screen::-webkit-media-controls-seek-forward-button):
        (video:-webkit-full-screen::-webkit-media-controls-timeline-container):
        (video:-webkit-full-screen::-webkit-media-controls-current-time-display):
        (video:-webkit-full-screen::-webkit-media-controls-time-remaining-display):
        (audio:-webkit-full-screen::-webkit-media-controls-toggle-closed-captions-button):
        (video:-webkit-full-screen::-webkit-media-controls-volume-slider::-webkit-slider-thumb): Deleted.
        (video:-webkit-full-screen::-webkit-media-controls-rewind-button): Deleted. Not used in full screen.

2015-03-05  Roger Fong  <roger_fong@apple.com>

        Minor touchups to inline media control icons.
        https://bugs.webkit.org/show_bug.cgi?id=142354.
        <rdar://problem/20058854>.

        Reviewed by Brent Fulgham.

        Increase sizes of play/pause and fullscreen buttons slightly.
        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-play-button):
        (audio::-webkit-media-controls-play-button.paused):
        (audio::-webkit-media-controls-fullscreen-button):

2015-03-05  Roger Fong  <roger_fong@apple.com>

        Update inline media control icons for OSX.
        https://bugs.webkit.org/show_bug.cgi?id=142305.
        <rdar://problem/19997484>

        Reviewed by Dean Jackson.

        Changes include: new volume button, new full screen button, new play/pause button.
        Repositioning of 30 second and play buttons.
        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-panel button):
        (audio::-webkit-media-controls-rewind-button):
        (audio::-webkit-media-controls-play-button):
        (audio::-webkit-media-controls-play-button.paused):
        (audio::-webkit-media-controls-panel .mute-box):
        (video::-webkit-media-controls-volume-max-button):
        (video::-webkit-media-controls-volume-min-button):
        (audio::-webkit-media-controls-toggle-closed-captions-button):
        (audio::-webkit-media-controls-fullscreen-button):
        (audio::-webkit-media-controls-current-time-display):
        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.configureInlineControls): Swap positions of rewind and play buttons.
        (Controller.prototype.handleMuteButtonClicked): Remember to update volume slider when necessary.
        (Controller.prototype.updateVolume): Ditto

2015-03-05  David Hyatt  <hyatt@apple.com>

        Caps lock indicator in text fields is laying out in the wrong place.
        https://bugs.webkit.org/show_bug.cgi?id=142352

        Reviewed by Dean Jackson.

        * css/html.css:
        (input::-webkit-caps-lock-indicator):
        Change the CSS to give the SVG image an intrinsic size, and to use align-self:stretch so that
        the image always stretches to fill the height of the text box. Get rid of height:100%, as that
        just resolves to auto in strict mode and was not ever going to work there.

2015-03-04  Dean Jackson  <dino@apple.com>

        [iOS Media] Use a blurry background for media controls
        https://bugs.webkit.org/show_bug.cgi?id=142316
        <rdar://problem/14911098>

        Reviewed by Eric Carlson.

        Start using the -webkit-appearance media-controls-light-bar-background
        in order to get the blurry background of media controls.

        * Modules/mediacontrols/mediaControlsApple.js: Keep the panel and the
        panel background in sync when it comes to hiding and showing. It would
        be better if this could be done on a container element in the future.
        (Controller.prototype.handlePanelTransitionEnd):
        (Controller.prototype.setPlaying):
        (Controller.prototype.showControls):
        (Controller.prototype.hideControls):

        * Modules/mediacontrols/mediaControlsiOS.css: New background container
        with the special appearance. I also renamed "composited-parent" to
        "container", which makes more sense.
        (video::-webkit-media-controls-panel-container):
        (audio::-webkit-media-controls-panel-container):
        (video::-webkit-media-controls-panel-background):
        (audio::-webkit-media-controls-panel-background):
        (video::-webkit-media-controls-panel-background.paused):
        (video::-webkit-media-controls-panel):
        (audio::-webkit-media-controls-panel):
        (video::-webkit-media-controls-panel.paused):
        (audio::-webkit-media-controls-optimized-fullscreen-button):
        (audio::-webkit-media-controls-timeline):
        (audio::-webkit-media-controls-timeline::-webkit-slider-thumb):
        (video::-webkit-media-controls-panel-composited-parent): Deleted.
        (video::-webkit-media-controls-panel:hover): Deleted.

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.createControls): Create the new background element.
        (ControllerIOS.prototype.addControls):
        (ControllerIOS.prototype.set pageScaleFactor): Temporarily disable
        this because the background disappears when the zoom factor
        is too high - we start tiling the background. This will be addressed
        by https://bugs.webkit.org/show_bug.cgi?id=142317.

2015-03-05  Myles C. Maxfield  <mmaxfield@apple.com>

        Mechanical text-related cleanup
        https://bugs.webkit.org/show_bug.cgi?id=142326

        Reviewed by Andreas Kling.

        Use nullptr instead of 0.
        Use references instead of pointers.

        No new tests because there is no behavior change.

        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::FontCascade::adjustSelectionRectForComplexText):
        (WebCore::FontCascade::getGlyphsAndAdvancesForComplexText):
        (WebCore::FontCascade::floatWidthForComplexText):
        (WebCore::FontCascade::offsetForPositionForComplexText):
        * platform/graphics/mac/ComplexTextController.cpp:
        (WebCore::TextLayout::TextLayout):
        (WebCore::ComplexTextController::ComplexTextController):
        * platform/graphics/mac/ComplexTextController.h:
        * rendering/InlineIterator.h:
        (WebCore::InlineIterator::InlineIterator):
        (WebCore::InlineIterator::clear):
        (WebCore::bidiNextShared):
        (WebCore::bidiNextSkippingEmptyInlines):
        (WebCore::bidiNextIncludingEmptyInlines):
        (WebCore::InlineWalker::InlineWalker):
        (WebCore::InlineIterator::increment):
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::setLogicalWidthForTextRun):
        (WebCore::RenderBlockFlow::computeInlineDirectionPositionsForSegment):
        * rendering/line/BreakingContextInlineHeaders.h:
        (WebCore::measureHyphenWidth):
        (WebCore::textWidth):
        (WebCore::tryHyphenating):
        (WebCore::BreakingContext::handleText):
        (WebCore::BreakingContext::optimalLineBreakLocationForTrailingWord):

2015-03-05  Brent Fulgham  <bfulgham@apple.com>

        Move AxisScrollSnapAnimator logic to ScrollController
        https://bugs.webkit.org/show_bug.cgi?id=142293
        <rdar://problem/20039867>

        Reviewed by Dean Jackson.

        No change in function.

        Move the animation logic out of 'AxisScrollSnapAnimator' into 'ScrollController'. Rename the remaining
        bits of 'AxisScrollSnapAnimator' as 'ScrollSnapAnimatorState'. Remove a number of delegate methods required
        by 'AxisScrollSnapAnimatorClient' that are no longer needed.

        Also, break up some of the Scroll Snap Point math to be a little easier to understand.

        * WebCore.xcodeproj/project.pbxproj: Rename 'platform/mac/AxisScrollSnapAnimator.{h,mm}' -> 'platform/cocoa/ScrollSnapAnimatorState.h'
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h: Mark 'scrollOffsetOnAxis' as const.
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::scrollOffsetOnAxis): Make 'const'
        * platform/ScrollAnimator.cpp:
        (WebCore::ScrollAnimator::scrollOffsetOnAxis): Make 'const'
        * platform/ScrollAnimator.h:
        * platform/cocoa/ScrollController.h: No longer subclass from AxisScrollSnapAnimatorClient.
        * platform/cocoa/ScrollController.mm:
        (WebCore::ScrollController::scrollSnapPointState): Added accessors (const and non-const) for the individual
        Scroll Snap State of each axis.
        (WebCore::toWheelEventStatus): Moved from AxisScrollSnapAnimator.
        (WebCore::ScrollController::processWheelEventForScrollSnapOnAxis): Added helper function containing the snap wheel handler code
        from AxisScrollSnapAnimator.
        (WebCore::ScrollController::shouldOverrideWheelEvent): Moved from AxisScrollSnapAnimator.
        (WebCore::ScrollController::processWheelEventForScrollSnap): Update to use new methods moved from AxisScrollSnapAnimator.
        (WebCore::ScrollController::updateScrollAnimatorsAndTimers): Update for new ScrollSnapAnimatorState class.
        (WebCore::ScrollController::updateScrollSnapPoints): Ditto.
        (WebCore::ScrollController::startScrollSnapTimer): Call client (delegate) method.
        (WebCore::ScrollController::stopScrollSnapTimer): Ditto.
        (WebCore::ScrollController::horizontalScrollSnapTimerFired): Call new 'scrollSnapAnimationUpdate' method passing the
        correct axis to animate.
        (WebCore::ScrollController::verticalScrollSnapTimerFired): Ditto.
        (WebCore::ScrollController::scrollSnapAnimationUpdate): Moved from AxisScrollSnapAnimator.
        (WebCore::projectedInertialScrollDistance): Moved from AxisScrollSnapAnimator.
        (WebCore::ScrollController::initializeGlideParameters): Ditto.
        (WebCore::ScrollController::beginScrollSnapAnimation): Ditto.
        (WebCore::ScrollController::endScrollSnapAnimation): Ditto.
        (WebCore::snapProgress): Created a new function for this calculation to make reasoning about the 'computeSnapDelta' and
        'computeGlideDelta' easier.
        (WebCore::clampedSnapMagnitude): Ditto.
        (WebCore::ScrollController::computeSnapDelta): Moved from AxisScrollSnapAnimator.
        (WebCore::snapGlide): Created a new function for this calculation to make reasoning about the 'computeGlideDelta' easier.
        (WebCore::ScrollController::computeGlideDelta): Moved from AxisScrollSnapAnimator.
        (WebCore::ScrollController::scrollOffsetOnAxis): Deleted.
        (WebCore::ScrollController::immediateScrollOnAxis): Deleted.
        * platform/cocoa/ScrollSnapAnimatorState.h: Copied from platform/mac/AxisScrollSnapAnimator.h.
        (WebCore::AxisScrollSnapAnimatorClient::~AxisScrollSnapAnimatorClient): Deleted.
        * platform/cocoa/ScrollSnapAnimatorState.mm: Copied from platform/mac/AxisScrollSnapAnimator.mm.
        (WebCore::ScrollSnapAnimatorState::ScrollSnapAnimatorState):
        (WebCore::ScrollSnapAnimatorState::pushInitialWheelDelta):
        (WebCore::ScrollSnapAnimatorState::averageInitialWheelDelta):
        (WebCore::ScrollSnapAnimatorState::clearInitialWheelDeltaWindow):
        (WebCore::toWheelEventStatus): Deleted.
        (WebCore::projectedInertialScrollDistance): Deleted.
        (WebCore::AxisScrollSnapAnimator::AxisScrollSnapAnimator): Deleted.
        (WebCore::AxisScrollSnapAnimator::handleWheelEvent): Deleted.
        (WebCore::AxisScrollSnapAnimator::shouldOverrideWheelEvent): Deleted.
        (WebCore::AxisScrollSnapAnimator::scrollSnapAnimationUpdate): Deleted.
        (WebCore::AxisScrollSnapAnimator::beginScrollSnapAnimation): Deleted.
        (WebCore::AxisScrollSnapAnimator::endScrollSnapAnimation): Deleted.
        (WebCore::AxisScrollSnapAnimator::computeSnapDelta): Deleted.
        (WebCore::AxisScrollSnapAnimator::computeGlideDelta): Deleted.
        (WebCore::AxisScrollSnapAnimator::initializeGlideParameters): Deleted.
        (WebCore::AxisScrollSnapAnimator::pushInitialWheelDelta): Deleted.
        (WebCore::AxisScrollSnapAnimator::averageInitialWheelDelta): Deleted.
        (WebCore::AxisScrollSnapAnimator::clearInitialWheelDeltaWindow): Deleted.
        * platform/mac/AxisScrollSnapAnimator.h: Removed.
        * platform/mac/AxisScrollSnapAnimator.mm: Removed.
        * platform/mac/ScrollAnimatorMac.h:
        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::ScrollAnimatorMac::pinnedInDirection): Removed.

2015-03-04  Dean Jackson  <dino@apple.com>

        [iOS Media] Small inline controls can clip the time widgets
        https://bugs.webkit.org/show_bug.cgi?id=142319

        Reviewed by Eric Carlson.

        Start counting the number of digits in a duration so that
        we can assign classes to the time widgets that specify
        a minimum width.

        * Modules/mediacontrols/mediaControlsApple.css: Replace the hour-long and ten-hour-long
        classes with number of digits.
        (audio::-webkit-media-controls-time-remaining-display.five-digit-time):
        (audio::-webkit-media-controls-current-time-display.five-digit-time):
        (audio::-webkit-media-controls-time-remaining-display.six-digit-time):
        (audio::-webkit-media-controls-current-time-display.six-digit-time):
        (audio::-webkit-media-controls-time-remaining-display.hour-long-time): Deleted.
        (audio::-webkit-media-controls-current-time-display.hour-long-time): Deleted.
        (audio::-webkit-media-controls-time-remaining-display.ten-hour-long-time): Deleted.
        (audio::-webkit-media-controls-current-time-display.ten-hour-long-time): Deleted.

        * Modules/mediacontrols/mediaControlsApple.js: Add some new class names.
        (Controller.prototype.updateDuration): Set the class of the time
        widgets when we know how long the media runs.

        * Modules/mediacontrols/mediaControlsiOS.css: Values for iOS that
        are big enough to avoid clipping.
        (video::-webkit-media-controls-current-time-display):
        (video::-webkit-media-controls-time-remaining-display):
        (video::-webkit-media-controls-current-time-display.three-digit-time):
        (video::-webkit-media-controls-time-remaining-display.three-digit-time):
        (video::-webkit-media-controls-current-time-display.four-digit-time):
        (video::-webkit-media-controls-time-remaining-display.four-digit-time):
        (video::-webkit-media-controls-current-time-display.five-digit-time):
        (video::-webkit-media-controls-time-remaining-display.five-digit-time):
        (video::-webkit-media-controls-current-time-display.six-digit-time):
        (video::-webkit-media-controls-time-remaining-display.six-digit-time):
        (audio::-webkit-media-controls-timeline-container): Deleted.
        (video::-webkit-media-text-track-container): Deleted.

2015-03-05  Csaba Osztrogonác  <ossy@webkit.org>

        [cmake] Fix the web replay build
        https://bugs.webkit.org/show_bug.cgi?id=142331

        Reviewed by Gyuyoung Kim.

        * CMakeLists.txt:
        * inspector/InspectorReplayAgent.cpp:
        (WebCore::buildInspectorObjectForSessionState):
        (WebCore::buildInspectorObjectForSegmentState):

2015-03-05  Carlos Garcia Campos  <cgarcia@igalia.com>

        [SOUP] Check TLS errors as soon as they are set in the SoupMessage
        https://bugs.webkit.org/show_bug.cgi?id=142244

        Reviewed by Sergio Villar Senin.

        Connect to the notify::tls-errors signal of SoupMessage to cancel
        the load earlier in case of TLS failure, preventing any private
        data from being sent to the server before the TLS errors are checked.

        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::tlsErrorsChangedCallback):
        (WebCore::gotHeadersCallback):
        (WebCore::createSoupMessageForHandleAndRequest):

2015-03-05  Grzegorz Czajkowski  <g.czajkowski@samsung.com>

        TextCheckingParagraph::isEmpty() is sufficient to check whether paragraph is empty
        https://bugs.webkit.org/show_bug.cgi?id=142276

        Reviewed by Darin Adler.

        TextCheckingParagraph::isEmpty() already calls TextCheckingParagraph::isRangeEmpty().
        There is no need to call them both at the caller site.

        No new tests. No behavior change.

        * editing/Editor.cpp:
        (WebCore::Editor::markAllMisspellingsAndBadGrammarInRanges):
        Update caller site.

        * editing/TextCheckingHelper.cpp:
        (WebCore::TextCheckingParagraph::isEmpty):
        Avoid using helepers here to get rid of them as they are
        no longer needed outside TextCheckingParagraph.

        * editing/TextCheckingHelper.h:
        (WebCore::TextCheckingParagraph::isTextEmpty): Deleted.
        (WebCore::TextCheckingParagraph::isRangeEmpty): Deleted.
        Do not expose isTextEmpty() and isRangeEmpty().

2015-03-04  Simon Fraser  <simon.fraser@apple.com>

        Clarify RenderElement::adjustStyleDifference()
        https://bugs.webkit.org/show_bug.cgi?id=142256

        Reviewed by David Hyatt.

        Make RenderElement::adjustStyleDifference() clearer in two ways.
        
        First, replace lots of if (diff < X) diff = X with
        diff = std::max(diff, X). I did this even in cases where diff was
        being set unconditionally, because it's never correct to change the diff
        to a lesser value.
        
        Second the "set at least SimplifiedLayout, but if we have PositionedMovementOnly
        set it to SimplifiedLayoutAndPositionedMovement" was confusingly written.

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::adjustStyleDifference):

2015-03-04  David Kilzer  <ddkilzer@apple.com>

        Switch new soft-linking debug asserts to release asserts
        <http://webkit.org/b/142176>

        Reviewed by Alex Christensen.

        * platform/mac/SoftLinking.h:
        (SOFT_LINK_CONSTANT_SOURCE): Switch to release assert.
        (SOFT_LINK_FUNCTION_SOURCE): Ditto.
        * platform/win/SoftLinking.h:
        (SOFT_LINK_CONSTANT_SOURCE): Ditto.
        (SOFT_LINK_FUNCTION_SOURCE): Ditto.  Note that this method is
        effectively only called once because the function pointer is
        replaced after the first time it's called.

2015-03-04  Alex Christensen  <achristensen@webkit.org>

        Optimize content extensions.
        https://bugs.webkit.org/show_bug.cgi?id=142295

        Reviewed by Benjamin Poulain.

        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::serializeActions):
        There is no need to add duplicate sequential actions.
        * contentextensions/ContentExtensionRule.h:
        (WebCore::ContentExtensions::Action::operator==):
        Added to compare actions.
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForURL):
        Return early if a block action is found instead of moving to the next extension.

2015-03-04  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r181046.
        https://bugs.webkit.org/show_bug.cgi?id=142318

        Broke two layout tests (Requested by sundiamonde on #webkit).

        Reverted changeset:

        "Update inline media control icons for OSX."
        https://bugs.webkit.org/show_bug.cgi?id=142305
        http://trac.webkit.org/changeset/181046

2015-03-04  Timothy Horton  <timothy_horton@apple.com>

        <attachment> icons are low-resolution when transformed or under page scale
        https://bugs.webkit.org/show_bug.cgi?id=142262
        <rdar://problem/20035480>

        Reviewed by Dean Jackson.

        We should use Icon::createIconForFiles, just like <input type="file"> does,
        instead of directly talking to IconServices. This results both in less code
        and in NSImage's multiresolution magic making the icons sharp even under
        the influence of transforms and page scale.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/spi/mac/IconServicesSPI.h: Removed.
        * platform/spi/mac/LaunchServicesSPI.h: Removed.
        Get rid of IconServicesSPI.h and LaunchServicesSPI.h.

        * platform/graphics/Icon.h:
        Include RetainPtr just once.
        paint() should take a GraphicsContext reference (null is not an option)
        and a FloatRect (after all, it just turns around and converts to NSRect).

        * platform/graphics/ios/IconIOS.mm:
        (WebCore::Icon::paint):
        * platform/graphics/mac/IconMac.mm:
        (WebCore::Icon::createIconForFiles):
        (WebCore::Icon::paint):
        * platform/graphics/efl/IconEfl.cpp:
        (WebCore::Icon::paint):
        * platform/graphics/gtk/IconGtk.cpp:
        (WebCore::Icon::paint):
        * platform/graphics/win/IconWin.cpp:
        (WebCore::Icon::paint):
        Adapt to the paint() signature changes, fix some style, etc.

        * rendering/RenderFileUploadControl.cpp:
        (WebCore::RenderFileUploadControl::paintObject):
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::paintFileUploadIconDecorations):
        Adapt to the paint() signature changes.

        * rendering/RenderThemeMac.mm:
        (WebCore::paintAttachmentIcon):
        Use Icon::createIconForFiles instead of IconServices.

2015-03-04  Tim Horton  <timothy_horton@apple.com>

        <attachment> should not appear selected when the cursor is adjacent to it
        https://bugs.webkit.org/show_bug.cgi?id=142311
        <rdar://problem/20045862>

        Reviewed by Dean Jackson.

        * rendering/RenderAttachment.cpp:
        (WebCore::RenderAttachment::isSelected): Deleted.
        * rendering/RenderAttachment.h:
        * rendering/RenderThemeMac.mm:
        (WebCore::titleTextColorForAttachment):
        (WebCore::RenderThemeMac::paintAttachment):
        (WebCore::labelTextColorForAttachment): Deleted.
        We were using the wrong (and far too complicated) mechanism to determine
        if the attachment is selected (to decide which highlight color to use).
        Instead, just check selectionState().

2015-03-04  Timothy Horton  <timothy_horton@apple.com>

        <attachment> should show the file size as detail text below the icon
        https://bugs.webkit.org/show_bug.cgi?id=142261
        <rdar://problem/20009570>

        Reviewed by Dean Jackson.

        Test: fast/attachment/attachment-subtitle.html

        * html/HTMLAttachmentElement.cpp:
        (WebCore::HTMLAttachmentElement::setFile):
        (WebCore::HTMLAttachmentElement::parseAttribute):
        * html/HTMLAttachmentElement.h:
        Let RenderAttachment know when the subtitle attribute changes.

        * html/HTMLAttributeNames.in:
        Add a subtitle attribute.

        * rendering/RenderAttachment.cpp:
        (WebCore::RenderAttachment::invalidate):
        (WebCore::RenderAttachment::representedFileChanged): Deleted.
        * rendering/RenderAttachment.h:
        Rename representedFileChanged to invalidate; it will cause layout and
        repaint of the attachment. Mostly for use from HTMLAttachmentElement,
        when properties that affect the display and/or intrinsic size change.

        * rendering/RenderThemeMac.mm:
        (WebCore::attachmentTitleInactiveBackgroundColor):
        (WebCore::attachmentTitleInactiveTextColor):
        (WebCore::attachmentSubtitleTextColor):
        (WebCore::titleTextColorForAttachment):
        (WebCore::AttachmentLayout::addTitleLine):
        (WebCore::AttachmentLayout::layOutTitle):
        (WebCore::AttachmentLayout::layOutSubtitle):
        (WebCore::AttachmentLayout::AttachmentLayout):
        (WebCore::addAttachmentTitleBackgroundRightCorner):
        (WebCore::addAttachmentTitleBackgroundLeftCorner):
        (WebCore::paintAttachmentTitleBackground):
        (WebCore::paintAttachmentTitle):
        (WebCore::paintAttachmentSubtitle):
        (WebCore::RenderThemeMac::paintAttachment):
        (WebCore::attachmentLabelInactiveBackgroundColor): Deleted.
        (WebCore::attachmentLabelInactiveTextColor): Deleted.
        (WebCore::labelTextColorForAttachment): Deleted.
        (WebCore::AttachmentLayout::addLine): Deleted.
        (WebCore::AttachmentLayout::layOutLabel): Deleted.
        (WebCore::addAttachmentLabelBackgroundRightCorner): Deleted.
        (WebCore::addAttachmentLabelBackgroundLeftCorner): Deleted.
        (WebCore::paintAttachmentLabelBackground): Deleted.
        (WebCore::paintAttachmentLabel): Deleted.
        Rename everything "label" to "title" (except LabelLine, which is not
        specifically about the title). We're going to use "title" for the
        main text below the icon, and "subtitle" for the secondary text below that.

        Avoid keeping the CTFonts on the AttachmentLayout; there's no need for it.

        Add layOutSubtitle and paintAttachmentSubtitle, which orient and paint
        the subtitle (below the title, in blue, smaller than the label).

2015-03-04  David Kilzer  <ddkilzer@apple.com>

        [Windows] Build fix: Make sure to include <CoreMedia/CoreMedia.h> before redefining CMSampleBuffer

        More fallout from:

        Switch remaining CoreMedia soft-linking in WebCore over to CoreMediaSoftLink.{cpp,h}
        <http://webkit.org/b/141870>

        * platform/cf/CoreMediaSoftLink.cpp:
        * platform/cf/CoreMediaSoftLink.h:
        - Remove include of <CoreMedia/CoreMedia.h> here.  These already
          include CoreMediaSPI.h.
        * platform/spi/cf/CoreMediaSPI.h:
        - Add include of <CoreMedia/CoreMedia.h> here.
        - Remove redundant include of <CoreMedia/CMTime.h> for Windows.

2015-03-04  David Kilzer  <ddkilzer@apple.com>

        [iOS] Fix build with newer clang due to duplicate macro definition

        Fallout from:

        Switch remaining CoreMedia soft-linking in WebCore over to CoreMediaSoftLink.{cpp,h}
        <http://webkit.org/b/141870>

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        Remove duplicate kCMTimeIndefinite macro.

2015-03-04  Roger Fong  <roger_fong@apple.com>

        Update inline media control icons for OSX.
        https://bugs.webkit.org/show_bug.cgi?id=142305.
        <rdar://problem/19997484>

        Reviewed by Dean Jackson.

        Changes include: new volume button, new full screen button, new play/pause button.
        Repositioning of 30 second and play buttons.
        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-panel button):
        (audio::-webkit-media-controls-rewind-button):
        (audio::-webkit-media-controls-play-button):
        (audio::-webkit-media-controls-play-button.paused):
        (audio::-webkit-media-controls-panel .mute-box):
        (video::-webkit-media-controls-volume-max-button):
        (video::-webkit-media-controls-volume-min-button):
        (audio::-webkit-media-controls-toggle-closed-captions-button):
        (audio::-webkit-media-controls-fullscreen-button):
        (audio::-webkit-media-controls-current-time-display):
        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.configureInlineControls): Swap positions of rewind and play buttons.
        (Controller.prototype.handleMuteButtonClicked): Remember to update volume slider when necessary.
        (Controller.prototype.updateVolume): Ditto

2015-03-04  Andy Estes  <aestes@apple.com>

        [Content Filtering] Rename ContentFilterMac.mm to ContentFilter.cpp
        https://bugs.webkit.org/show_bug.cgi?id=142313

        Reviewed by Anders Carlsson.

        ContentFilterMac.mm no longer contains any Objective-C code, so rename it to ContentFilter.cpp. It is also no longer Mac-specific, so move it up to platform/.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/ContentFilter.cpp: Renamed from Source/WebCore/platform/mac/ContentFilterMac.mm.
        * platform/cocoa/NetworkExtensionContentFilter.h: Replaced NSInteger with long.

2015-03-04  Dean Jackson  <dino@apple.com>

        REGRESSION (r179597): Can't see power saver banner for plugins
        https://bugs.webkit.org/show_bug.cgi?id=142312
        <rdar://problem/20040517>

        Reviewed by Brent Fulgham.

        We were being a bit too restrictive when deciding a child
        should not create a renderer. All shadow root children
        of the snapshotted plugin need one.

        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::childShouldCreateRenderer):
        Test if we're part of the shadow tree.

2015-03-03  Andy Estes  <aestes@apple.com>

        [Content Filtering] Make it easier to add new content filters
        https://bugs.webkit.org/show_bug.cgi?id=142255

        Reviewed by Sam Weinig.

        ContentFilter was becoming a bit of a mess, with both the WebFilterEvaluator and NEFilterSource implementations
        awkwardly living side-by-side. This patch cleans things up by moving these implementations into two separate
        classes and turning ContentFilter itself into an abstract interface that each implements. A new class called
        ContentFilterCollection, which also inherits from ContentFilter, manages the collection of individual content
        filters and is vended to the rest of the system by ContentFilter::createIfNeeded().

        This refactoring will make it easier to add a third type of content filter in a follow-on patch, namely a mock
        content filter for testing purposes.

        * WebCore.xcodeproj/project.pbxproj:
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::responseReceived): Called ContentFilter::createIfNeeded() instead of instantiating a ContentFilter directly.
        * platform/ContentFilter.h:
        (WebCore::ContentFilter::~ContentFilter):
        * platform/cocoa/NetworkExtensionContentFilter.h: Copied from Source/WebCore/platform/ContentFilter.h.
        * platform/cocoa/NetworkExtensionContentFilter.mm: Added.
        (WebCore::NetworkExtensionContentFilter::canHandleResponse): Moved NEFilterSource code from ContentFilterMac.mm to here.
        (WebCore::NetworkExtensionContentFilter::create): Ditto.
        (WebCore::NetworkExtensionContentFilter::NetworkExtensionContentFilter): Ditto.
        (WebCore::NetworkExtensionContentFilter::~NetworkExtensionContentFilter): Ditto.
        (WebCore::NetworkExtensionContentFilter::addData): Ditto.
        (WebCore::NetworkExtensionContentFilter::finishedAddingData): Ditto.
        (WebCore::NetworkExtensionContentFilter::needsMoreData): Ditto.
        (WebCore::NetworkExtensionContentFilter::didBlockData): Ditto.
        (WebCore::NetworkExtensionContentFilter::getReplacementData): Ditto.
        (WebCore::NetworkExtensionContentFilter::unblockHandler): Ditto.
        * platform/cocoa/ParentalControlsContentFilter.h: Copied from Source/WebCore/platform/ContentFilter.h.
        * platform/cocoa/ParentalControlsContentFilter.mm: Added.
        (WebCore::ParentalControlsContentFilter::canHandleResponse): Moved WebFilterEvaluator code from ContentFilterMac.mm to here.
        (WebCore::ParentalControlsContentFilter::create): Ditto.
        (WebCore::ParentalControlsContentFilter::ParentalControlsContentFilter): Ditto.
        (WebCore::ParentalControlsContentFilter::addData): Ditto.
        (WebCore::ParentalControlsContentFilter::finishedAddingData): Ditto.
        (WebCore::ParentalControlsContentFilter::needsMoreData): Ditto.
        (WebCore::ParentalControlsContentFilter::didBlockData): Ditto.
        (WebCore::ParentalControlsContentFilter::getReplacementData): Ditto.
        (WebCore::ParentalControlsContentFilter::unblockHandler): Ditto.
        * platform/mac/ContentFilterMac.mm:
        (WebCore::contentFilterType): Added a helper function template that creates a new ContentFilterType.
        (WebCore::contentFilterTypes): Registered a ContentFilterType for each type of content filter.
        (WebCore::ContentFilter::createIfNeeded): Created a ContentFilterCollection containing each content filter that can handle the given response.
        (WebCore::ContentFilterCollection::ContentFilterCollection): Constructs a ContentFilterCollection given a Vector of content filters.
        (WebCore::ContentFilterCollection::addData): Forwarded the call to each content filter in m_contentFilters.
        (WebCore::ContentFilterCollection::finishedAddingData): Ditto.
        (WebCore::ContentFilterCollection::needsMoreData): Ditto.
        (WebCore::ContentFilterCollection::didBlockData): Ditto.
        (WebCore::ContentFilterCollection::getReplacementData): Returned replacement data for the first filter that blocked the load.
        If no filter blocked the load, returned the first filter's replacement data.
        (WebCore::ContentFilterCollection::unblockHandler): Returned the unblock handler for the first filter that blocked the load.
        (WebCore::ContentFilter::ContentFilter): Deleted.
        (WebCore::ContentFilter::~ContentFilter): Deleted.
        (WebCore::ContentFilter::canHandleResponse): Deleted.
        (WebCore::ContentFilter::addData): Deleted.
        (WebCore::ContentFilter::finishedAddingData): Deleted.
        (WebCore::ContentFilter::needsMoreData): Deleted.
        (WebCore::ContentFilter::didBlockData): Deleted.
        (WebCore::ContentFilter::getReplacementData): Deleted.
        (WebCore::ContentFilter::unblockHandler): Deleted.

2015-03-04  David Kilzer  <ddkilzer@apple.com>

        Switch remaining CoreMedia soft-linking in WebCore over to CoreMediaSoftLink.{cpp,h}
        <http://webkit.org/b/141870>

        Reviewed by Alex Christensen.

        * Configurations/WebCore.unexp:
        - Remove all weak symbols for CoreMedia.framework as they should
          no longer appear.

        * Modules/plugins/QuickTimePluginReplacement.mm:
        * platform/graphics/avfoundation/MediaTimeAVFoundation.cpp:
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        - Clean up headers.

        * platform/cf/CoreMediaSoftLink.cpp:
        * platform/cf/CoreMediaSoftLink.h:
        - Add soft-link functions and constants from remaining source
          files.

        * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
        * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::isAvailable):
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        * platform/mac/PlatformClockCM.mm:
        * platform/mediastream/mac/AVMediaCaptureSource.mm:
        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        - Switch to using CoreMediaSoftLink.h.

        * platform/mac/SoftLinking.h:
        * platform/win/SoftLinking.h:
        - Remove 'const' from SOFT_LINK_CONSTANT_{HEADER,SOURCE}()
          macros since it won't work with const structs.

        * platform/spi/cf/CoreMediaSPI.h:
        - Add SPI declarations for Windows originally from
          InbandTextTrackPrivateAVF.cpp.

2015-03-04  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r181001 and r181003.
        https://bugs.webkit.org/show_bug.cgi?id=142307

        Broke many tests (Requested by ap on #webkit).

        Reverted changesets:

        "Make JavaScript binding get and set legacy event listener
        attributes directly"
        https://bugs.webkit.org/show_bug.cgi?id=142282
        http://trac.webkit.org/changeset/181001

        "Update bindings tests after r181001."
        http://trac.webkit.org/changeset/181003

2015-03-04  Roger Fong  <roger_fong@apple.com>

        Update elapsed/remaining time displays on media inline controls on OSX.
        https://bugs.webkit.org/show_bug.cgi?id=142264.
        <rdar://problem/19997487>

        Reviewed by Dean Jackson.

        Div surrounding times are set widths. A larger width is used for times that are
        an hour or longer. Time elapsed is right justified. Time remaining is left justified.
        Times are displayed in 11pt Helvetica Neue.
        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-time-remaining-display):
        (audio::-webkit-media-controls-current-time-display):
        (audio::-webkit-media-controls-time-remaining-display.hour-long-time):
        (audio::-webkit-media-controls-current-time-display.hour-long-time):
        (audio::-webkit-media-controls-time-remaining-display.ten-hour-long-time):
        (audio::-webkit-media-controls-current-time-display.ten-hour-long-time):
        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.updateDuration):

2015-03-04  Myles C. Maxfield  <mmaxfield@apple.com>

        Implement -apple-trailing-word: -apple-partially-balanced
        https://bugs.webkit.org/show_bug.cgi?id=142253

        Reviewed by David Hyatt.

        This patch implements a history mechanism for line breaking. In particular, this patch partitions
        the updates to the current line breaking location into two kinds: conceptually new breaking locations,
        and fixups to existing locations. Then, this patch remembers all the fixed up breaking locations, up
        to a maximum number of remembered locations.

        The patch then uses this memory to change the line-breaking selection based on the rules of
        -apple-trailing-word.

        Test: fast/text/trailing-word.html

        * rendering/line/BreakingContextInlineHeaders.h:
        Use InlineIteratorHistory as a proxy for the current breaking location. Note that all these functions
        are inlined, so the overhead should be next to nothing when -apple-trailing-word is not in use.
        (WebCore::BreakingContext::BreakingContext): Use InlineIteratorHistory instead of InlineIterator
        (WebCore::BreakingContext::lineBreak): Ditto.
        (WebCore::BreakingContext::clearLineBreakIfFitsOnLine): Ditto
        (WebCore::BreakingContext::commitLineBreakAtCurrentWidth): Ditto
        (WebCore::BreakingContext::InlineIteratorHistory::InlineIteratorHistory): Keeps track of historical
        breaking locations
        (WebCore::BreakingContext::InlineIteratorHistory::push): Remember a new breaking location
        (WebCore::BreakingContext::InlineIteratorHistory::update): Update an existing breaking location
        (WebCore::BreakingContext::InlineIteratorHistory::renderer): Forwarded to the current breaking location
        (WebCore::BreakingContext::InlineIteratorHistory::offset): Ditto
        (WebCore::BreakingContext::InlineIteratorHistory::atTextParagraphSeparator):  Ditto
        (WebCore::BreakingContext::InlineIteratorHistory::previousInSameNode): Ditto
        (WebCore::BreakingContext::InlineIteratorHistory::get): Get one of the remembered breaking locations
        (WebCore::BreakingContext::InlineIteratorHistory::current): Get the current breaking location
        (WebCore::BreakingContext::InlineIteratorHistory::historyLength):
        (WebCore::BreakingContext::InlineIteratorHistory::moveTo): Forwarded to the current breaking location.
        (WebCore::BreakingContext::InlineIteratorHistory::increment): Ditto
        (WebCore::BreakingContext::InlineIteratorHistory::clear): Ditto
        (WebCore::BreakingContext::handleBR): Use InlineIteratorHistory instead of InlineIterator
        (WebCore::BreakingContext::handleFloat): Ditto
        (WebCore::BreakingContext::handleText): Use InlineIteratorHistory instead of InlineIterator
        (WebCore::BreakingContext::commitAndUpdateLineBreakIfNeeded): Style
        (WebCore::checkMidpoints): Use InlineIteratorHistory instead of InlineIterator
        (WebCore::BreakingContext::handleEndOfLine): If -apple-trailing-word is in effect, use
        optimalLineBreakLocationForTrailingWord().
        (WebCore::BreakingContext::optimalLineBreakLocationForTrailingWord): Use the remembered breaking
        locations and choose the optimal one.
        (WebCore::BreakingContext::lineBreakRef): Deleted.

2015-03-04  Timothy Horton  <timothy_horton@apple.com>

        <attachment> title text disappears when dragging
        https://bugs.webkit.org/show_bug.cgi?id=142263
        <rdar://problem/20035515>

        Reviewed by Sam Weinig.

        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::paintAttachment):
        We use NSColors with CoreText, which requires that Cocoa knows the current
        CGContext out-of-band (through the NSGraphicsContext currentContext mechanism).
        Otherwise, sometimes (especially when dragging), it will try to apply the
        text foreground color to a null context, complain to the system log, and fail
        to render the text.

2015-03-04  Jer Noble  <jer.noble@apple.com>

        [Mac] YouTube playback at 1.5x speed has audible distortion
        https://bugs.webkit.org/show_bug.cgi?id=142280

        Reviewed by Eric Carlson.

        Use the high-quality AVAudioTimePitchAlgorithmSpectral algorithm for the 
        AVSampleBufferAudioRenderer rather than its default value of 
        AVAudioTimePitchAlgorithmTimeDomain.

        Drive-by fix:

        Might as well add support for MediaPlayer::setPreservesPitch() while we're
        changing the audio pitch algorithm. If preservesPitch() is false use the
        AVAudioTimePitchAlgorithmVarispeed algorithm in both AVFObjC-based media players
        (MediaPlayerPrivateAVFoundationObjC & MediaPlayerPrivateMediaSourceAVFObjC).

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerItem):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setPreservesPitch):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setRateDouble): Deleted.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setPreservesPitch):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::addAudioRenderer):

2015-03-04  Jer Noble  <jer.noble@apple.com>

        [MSE][EME][Mac] Calling close on a MediaKeysSession will cause many decoding errors to be emitted
        https://bugs.webkit.org/show_bug.cgi?id=142285

        Reviewed by Eric Carlson.

        When a MediaKeySession (backed by CDMSessionMediaSourceAVFObjC) is closed and the
        underlying AVStreamSession is invalidated, the decryption context for in-flight
        CMSampleBuffers is also invalidated, and the AVSampleBufferDisplayLayer will issue
        one error for each enqueued and un-displayed sample in its image-queue. -flush-ing
        the AVSampleBufferDisplayLayer is not enough, as the flush only takes effect
        asynchronously the next time the layer needs new samples.

        Add a workaround until framework-level support lands to fully flush enqueued and
        encrypted frames.

        When the CDMSessionMediaSOurceAVFObjC object recieves an error from the layer,
        check to see if the session has been stopped. If so, and if the error in question is
        one that indicates that the samples decryption context has been invalidated, suppress
        the error and instruct the sender to suppress the error as well. This workaround will
        be removed once real support for synchronous flushing lands in <rdar://problem/20027434.>

        Still, we'll make our best effort to flush undisplayed frames when our CDM session is
        invalidated. Move away from std::map and instead use HashMap to store the set of 
        AVSampleBufferAudioRenderers. This allows us to use C++11 style loops against just
        the HashMap's set of values.

        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
        (WebCore::CDMSessionMediaSourceAVFObjC::releaseKeys): Flush and set m_stopped.
        (WebCore::CDMSessionMediaSourceAVFObjC::layerDidReceiveError): Check m_stopped and the
            error code and bail before issuing the error.
        (WebCore::CDMSessionMediaSourceAVFObjC::rendererDidReceiveError): Ditto.
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (-[WebAVSampleBufferErrorListener layerFailedToDecode:]): Drive-by fix. Check whether
            the layer is in the set of listened-to layers only back in the main thread; the
            listnener may have been unregistered by the time the main thread was called.
        (WebCore::SourceBufferPrivateAVFObjC::destroyRenderers): std::map -> HashMap.
        (WebCore::SourceBufferPrivateAVFObjC::trackDidChangeEnabled): Ditto.
        (WebCore::SourceBufferPrivateAVFObjC::flushAndEnqueueNonDisplayingSamples): Ditto.
        (WebCore::SourceBufferPrivateAVFObjC::enqueueSample): Ditto.
        (WebCore::SourceBufferPrivateAVFObjC::isReadyForMoreSamples): Ditto.
        (WebCore::SourceBufferPrivateAVFObjC::didBecomeReadyForMoreSamples): Ditto.
        (WebCore::SourceBufferPrivateAVFObjC::notifyClientWhenReadyForMoreSamples): Ditto.
        (WebCore::SourceBufferPrivateAVFObjC::flush): Added; call -flush on all the display
            layers and audio renderers.
        (WebCore::SourceBufferPrivateAVFObjC::layerDidReceiveError): Check if any clients
            asked to ignore the error, and if so, bail.
        (WebCore::SourceBufferPrivateAVFObjC::rendererDidReceiveError): Ditto.

2015-03-04  Alex Christensen  <achristensen@webkit.org>

        Update bindings tests after r181001.

        * bindings/scripts/test/JS/*.cpp:
        Class names changed to auto.

2015-03-04  Brent Fulgham  <bfulgham@apple.com>

        [Win] Missing dependency checking in DerivedSources.make for FeatureDefines.props
        https://bugs.webkit.org/show_bug.cgi?id=142284

        Reviewed by David Kilzer.

        Make DerivedSources.make understand its build dependency on FeatureDefines.props
        when building on Windows:
        1. Modify DerivedSources.make to declare a default dependency (on Windows)
           to $(WEBKIT_LIBRARIES)/tools/vsprops/FeatureDefines.props.
        2. Update the Windows script 'build-generated-files.pl' to specify the correct
           FeatureDefines{Cairo}.props value to use, depending on build environment.

        * DerivedSources.make:
        * WebCore.vcxproj/build-generated-files.pl:

2015-03-04  Darin Adler  <darin@apple.com>

        Make JavaScript binding get and set legacy event listener attributes directly
        https://bugs.webkit.org/show_bug.cgi?id=142282

        Reviewed by Sam Weinig.

        Test: fast/dom/legacy-event-handler-attributes.html

        This patch changes the JavaScript getters and setters for these attributes
        to work directly without requiring any functions in the C++ DOM implementation.
        A subsequent patch will remove the now-unused C++ DOM implementation.

        * bindings/js/JSEventListener.cpp:
        (WebCore::legacyEventListenerAttribute): Added.
        (WebCore::createEventListenerForLegacyAttribute): Added.
        (WebCore::setLegacyEventListenerAttribute): Added.
        (WebCore::legacyWindowEventListenerAttribute): Added.
        (WebCore::setLegacyWindowEventListenerAttribute): Added.

        * bindings/js/JSEventListener.h:
        (WebCore::createJSEventListenerForAttribute): Deleted.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateAttributeEventListenerCall): Deleted.
        (LegacyEventListenerAttributeEventName): Added.
        (LegacyEventListenerAttributePrefix): Added.
        (GenerateImplementation): Use "auto" in lots of places to simplify the code
        generation. Replaced the old inlined code to deal with legacy event listener
        attributes with code that simply calls the new functions from JSEventLister.h.
        (GenerateCallWith): Use "auto".
        (GenerateConstructorDefinition): Ditto.

2015-03-03  Sam Weinig  <sam@webkit.org>

        [Content Extensions] Split parsing and compiling of content extensions into their own files
        https://bugs.webkit.org/show_bug.cgi?id=142259

        Reviewed by Anders Carlsson.

        Added new unit test:
            ContentFilterTest.Basic

        * WebCore.xcodeproj/project.pbxproj:
        Add new files (CompiledContentExtension.h/cpp, ContentExtensionCompiler.h/cpp, and ContentExtensionParser.h/cpp)

        * contentextensions/CompiledContentExtension.cpp: Added.
        * contentextensions/CompiledContentExtension.h: Added.
        Add new class for holding onto the compiled content extension itself. Make it ThreadSafeRefCounted so it is easy
        to move between threads which will be important in a subsequent patch where we enable compilation on a background
        thread.

        * contentextensions/ContentExtensionCompiler.cpp: Added.
        (WebCore::ContentExtensions::serializeActions):
        (WebCore::ContentExtensions::compileRuleList):
        * contentextensions/ContentExtensionCompiler.h: Added.
        Moving compilation to its own file. Was previously in ContentExtensionsBackend. This is necessary because
        we will want to be able to compile without the need of a backend.

        * contentextensions/ContentExtensionParser.cpp: Copied from contentextensions/ContentExtensionsManager.cpp.
        * contentextensions/ContentExtensionParser.h: Copied from contentextensions/ContentExtensionsManager.h.
        Renamed ContentExtensionsManager to ContentExtensionParser, since that is all it is doing.

        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::addContentExtension):
        (WebCore::ContentExtensions::ContentExtensionsBackend::removeContentExtension):
        (WebCore::ContentExtensions::ContentExtensionsBackend::removeAllContentExtensions):
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForURL):
        (WebCore::ContentExtensions::ContentExtensionsBackend::serializeActions): Deleted.
        (WebCore::ContentExtensions::ContentExtensionsBackend::setRuleList): Deleted.
        (WebCore::ContentExtensions::ContentExtensionsBackend::removeRuleList): Deleted.
        (WebCore::ContentExtensions::ContentExtensionsBackend::removeAllRuleLists): Deleted.
        * contentextensions/ContentExtensionsBackend.h:
        Change the backend to use the new CompiledContentExtension and change the terminology to
        reference content extensions, rather than rule lists.

        * page/UserContentController.cpp:
        (WebCore::UserContentController::addUserContentFilter):
        (WebCore::UserContentController::removeUserContentFilter):
        (WebCore::UserContentController::removeAllUserContentFilters):
        Update for new names and change addUserContentFilter to explicitly compile the JSON
        rule list before handing it to the backend. In subsequent changes, addUserContentFilter
        should be changed to take the compiled content extension, and it should become the responsibility
        of the called (WebKit) to create them.

2015-03-04  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] the GST_SCHEDULING_FLAG_BANDWIDTH_LIMITED should be wrapped by a ifdef
        https://bugs.webkit.org/show_bug.cgi?id=142274

        Reviewed by Carlos Garcia Campos.

        Don't handle scheduling queries if building against versions of
        GStreamer older than 1.2.0.

        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (webKitWebSrcQueryWithParent):

2015-03-03  Yoav Weiss  <yoav@yoav.ws>

        Add a microtask abstraction
        https://bugs.webkit.org/show_bug.cgi?id=137496

        Reviewed by Sam Weinig.

        This patch adds a microtask abstraction: https://html.spec.whatwg.org/multipage/webappapis.html#microtask
        That abstraction is required in order to enable async loading of images,
        which is in turn required to enable support for the picture element, as well as
        to make sure that the order of properties set on HTMLImageElement has no implications.

        A similar patch was rolled back in r180914. This patch is an improved version.

        * WebCore.vcxproj/WebCore.vcxproj: Add MicroTask.{h,cpp} to the project.
        * WebCore.vcxproj/WebCoreTestSupport.vcxproj: Add MicroTaskTest.{h,cpp} to the project.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Add MicroTask.{h,cpp} to the project.
        * WebCore.vcxproj/WebCoreTestSupport.vcxproj.filters: Add MicroTaskTest.{h,cpp} to the project.
        * WebCore.xcodeproj/project.pbxproj: Add MicroTask{,Test}.{h,cpp} to the project.
        * dom/Document.h: Add WEBCORE_EXPORT to addConsoleMessage, so it can be used in MicroTaskTest that's in WebCoreTestSupport..
        * dom/MicroTask.h: Add a MicroTask interface class. Add a MicroTaskQueue singleton.
        (WebCore::MicroTask::~MicroTask):
        (WebCore::MicroTask::run): Run the microtask.
        * dom/MicroTask.cpp: Implement the MicroTaskQueue singleton.
        (WebCore::MicroTaskQueue::singleton): Get a singleton instance of MicroTaskQueue.
        (WebCore::MicroTaskQueue::queueMicroTask): Add a microtask to the queue.
        (WebCore::MicroTaskQueue::runMicroTasks): Run all the microtasks in the queue and clear it.
        * dom/ScriptRunner.cpp: Trigger running of all microtasks in queue.
        (WebCore::ScriptRunner::timerFired):
        * html/parser/HTMLScriptRunner.cpp: Trigger running of all microtasks in queue.
        (WebCore::HTMLScriptRunner::executePendingScriptAndDispatchEvent):
        (WebCore::HTMLScriptRunner::executeScriptsWaitingForParsing):
        (WebCore::HTMLScriptRunner::runScript):
        * testing/Internals.cpp: Add a method to queue a test microtask.
        (WebCore::Internals::queueMicroTask):
        * testing/Internals.h: Add a method to queue a test microtask.
        (WebCore::Internals::queueMicroTask):
        * testing/Internals.idl: Expose test microtask queueing to test JS.
        * testing/MicroTaskTest.cpp: Add a test class that implements a microtask and prints to the console when it runs.
        (WebCore::MicroTaskTest::run): Run the microtask
        (WebCore::MicroTaskTest::create): Create a test microtask.
        * testing/MicroTaskTest.h: Add a test class that implements a microtask.
        (WebCore::MicroTaskTest::run):
        (WebCore::MicroTaskTest::create):

2015-03-03  Brent Fulgham  <bfulgham@apple.com>

        Scroll snap points are not supported on the main frame
        https://bugs.webkit.org/show_bug.cgi?id=141973
        <rdar://problem/19938393>

        Reviewed by Simon Fraser.

        No new tests. Tests will be added when the animation behavior is finalized. Manual tests are attached to the bug.

        Update the ScrollingTreeFrameScrollingNodeMac class to implement the delegate interface needed by the
        ScrollController. This involves the following:
        1. Implement scrollOffsetOnAxis: Used by the AxisScrollAnimator to determine the current position of the ScrollableArea.
        2. Implement immediateScrollOnAxis: Used by the AxisScrollAnimator to scroll the ScrollableArea

        We also need to hold a copy of the snap points vector to send to the scrolling thread.

        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::convertToLayoutUnits): Added helper function to match Scroll Snap Points API.
        (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren): Recognize and react to changes to
        Scroll Snap Points on top-level frames.
        (WebCore::ScrollingTreeFrameScrollingNodeMac::scrollOffsetOnAxis): Implement delegate method needed by the ScrollController.
        (WebCore::ScrollingTreeFrameScrollingNodeMac::immediateScrollOnAxis): Ditto.
        * platform/cocoa/ScrollController.h:
        * platform/cocoa/ScrollController.mm:
        (WebCore::ScrollController::updateScrollAnimatorsAndTimers): Pass snap offsets to AxisScrollSnapAnimator constructor as references.
        (WebCore::ScrollController::updateScrollSnapPoints): Added. Used by ScrollingTreeFrameScrollingNodeMac to update scroll snap point
        settings in the scrolling thread.
        * platform/mac/AxisScrollSnapAnimator.h:
        * platform/mac/AxisScrollSnapAnimator.mm:
        (WebCore::toWheelEventStatus): Don't ignore the "MayBegin" or "Cancelled" event phases.
        (WebCore::AxisScrollSnapAnimator::AxisScrollSnapAnimator): Revise signature to take a reference to the layout units.
        (WebCore::AxisScrollSnapAnimator::scrollSnapAnimationUpdate): Handle the case where this method gets called from a thread
        when the scrollable area has already reached its final destination.
        (WebCore::AxisScrollSnapAnimator::beginScrollSnapAnimation): Handle the possibility that the snap offset point vector might be
        empty. Update method to account for m_snapOffsets being a value, instead of a pointer.

2015-03-03  Andy Estes  <aestes@apple.com>

        [Content Filtering] Separate unblock handling into its own class
        https://bugs.webkit.org/show_bug.cgi?id=142251

        Reviewed by Andreas Kling.

        Unblock handling is currently supported only for one type of content filter (WebFilterEvaluator) on one
        platform (iOS). Having its implementation in ContentFilter is making it difficult to support other filters and
        platforms, so let's separate unblock handling into its own class called ContentFilterUnblockHandler.

        * WebCore.xcodeproj/project.pbxproj:
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::finishedLoading): Passed a ContentFilterUnblockHandler to FrameLoaderClient::contentFilterDidBlockLoad.
        (WebCore::DocumentLoader::dataReceived): Ditto.
        * loader/FrameLoaderClient.h:
        * platform/ContentFilter.h:
        * platform/ContentFilterUnblockHandler.h: Copied from Source/WebCore/platform/ios/ContentFilterIOS.mm.
        (WebCore::ContentFilterUnblockHandler::clear):
        * platform/cocoa/ContentFilterUnblockHandlerCocoa.mm: Renamed from Source/WebCore/platform/ios/ContentFilterIOS.mm.
        (WebCore::ContentFilterUnblockHandler::ContentFilterUnblockHandler):
        (WebCore::ContentFilterUnblockHandler::encode):
        (WebCore::ContentFilterUnblockHandler::decode):
        (WebCore::scheme):
        (WebCore::ContentFilterUnblockHandler::handleUnblockRequestAndDispatchIfSuccessful):
        * platform/mac/ContentFilterMac.mm:
        (WebCore::ContentFilter::unblockHandler):
        (WebCore::ContentFilter::ContentFilter): Deleted.
        (WebCore::ContentFilter::encode): Deleted.
        (WebCore::ContentFilter::decode): Deleted.

2015-03-03  Alexey Proskuryakov  <ap@apple.com>

        [Mac] Track localized name follows locale instead of primary language
        https://bugs.webkit.org/show_bug.cgi?id=142242
        rdar://problem/20000365

        Reviewed by Eric Carlson.

        * page/CaptionUserPreferencesMediaAF.cpp: (WebCore::trackDisplayName): Use the
        language for localization, as CFBundle does.

2015-03-03  Alex Christensen  <achristensen@webkit.org>

        [Win] Unreviewed build fix.

        * WebCore.vcxproj/WebCoreIncludeCommon.props:
        Include contentextensions subdirectory.

2015-03-03  Alex Christensen  <achristensen@webkit.org>

        Prepare to use CSS selectors in content extensions.
        https://bugs.webkit.org/show_bug.cgi?id=142227

        Reviewed by Benjamin Poulain.

        Test: http/tests/usercontentfilter/css-display-none.html

        * CMakeLists.txt:
        * WebCore.xcodeproj/project.pbxproj:
        * contentextensions/ContentExtensionActions.h: Added.
        * contentextensions/ContentExtensionRule.cpp:
        (WebCore::ContentExtensions::Action::deserialize):
        * contentextensions/ContentExtensionRule.h:
        (WebCore::ContentExtensions::Action::Action):
        (WebCore::ContentExtensions::Action::type):
        (WebCore::ContentExtensions::Action::cssSelector):
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::serializeActions):
        Put action descriptions into a compact format in a Vector 
        to be able to be put into one block of shared read-only memory.
        (WebCore::ContentExtensions::ContentExtensionsBackend::setRuleList):
        Put an index of the beginning of the description into the NFA instead of the index of the rule
        because we will be sharing the descriptions of the actions and not the rules.
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionsForURL):
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionForURL): Deleted.
        Return a vector of actions to be able to do multiple actions for one URL.
        * contentextensions/ContentExtensionsBackend.h:
        * contentextensions/ContentExtensionsManager.cpp:
        (WebCore::ContentExtensions::ExtensionsManager::loadTrigger):
        (WebCore::ContentExtensions::ExtensionsManager::loadAction):
        Added the css-display-none action type, which requires a selector.
        (WebCore::ContentExtensions::ExtensionsManager::loadRule):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):
        * page/UserContentController.cpp:
        (WebCore::UserContentController::actionsForURL):
        (WebCore::UserContentController::actionForURL): Deleted.
        * page/UserContentController.h:

2015-03-03  Brent Fulgham  <bfulgham@apple.com>

        Move scroll animating functions from ScrollAnimator to ScrollController
        https://bugs.webkit.org/show_bug.cgi?id=142102
        <rdar://problem/20007161>

        Reviewed by Simon Fraser.

        Tested by platform/mac-wk2/tiled-drawing/scrolling/fast-scroll-mainframe-zoom.html.

        Do some refactoring of the various scrolling classes:
        1. Consolidate animation times to RunLoop::Timer instead of a combination of WebCore::Timer
           and CFRunLoopTimers. Do this for Scroll Snap Point and Rubberband animations.
        2. Move ScrollController from platform/mac to platform/cocoa to enable sharing with iOS.
        3. Move code from ScrollAnimator{Mac} -> ScrollController.
        4. Rename scrollOffsetInAxis -> scrollOffsetOnAxis
        5. Rename immediateScrollInAxis -> immediateScrollOnAxis

        * WebCore.xcodeproj/project.pbxproj: Move ScrollController to 'platform/cocoa'
        * page/mac/EventHandlerMac.mm: Make sure the scroll controller is notified of end-of-scroll
        events, just as is done for the "event not handled" case in EventHandler.cpp. 
        (WebCore::EventHandler::platformCompleteWheelEvent):
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h: Remove timer and some delegate
        methods, now that ScrollController is controlling this state.
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac): We no longer
        need to clean up the CFRunLoopTimer.
        (WebCore::ScrollingTreeFrameScrollingNodeMac::stopSnapRubberbandTimer): Make sure scroll
        state is updated after rubber band snap.
        (WebCore::ScrollingTreeFrameScrollingNodeMac::scrollOffsetOnAxis): Add temporary stub needed
        until Bug1973 is completed.).
        (WebCore::ScrollingTreeFrameScrollingNodeMac::immediateScrollOnAxis): Ditto.
        (WebCore::ScrollingTreeFrameScrollingNodeMac::startSnapRubberbandTimer): Deleted.
        * platform/ScrollAnimator.cpp:
        (WebCore::ScrollAnimator::ScrollAnimator):
        (WebCore::ScrollAnimator::processWheelEventForScrollSnap): Just call the ScrollController method.
        (WebCore::ScrollAnimator::handleWheelEvent): Ditto.
        (WebCore::ScrollAnimator::updateScrollAnimatorsAndTimers): Ditto.
        (WebCore::ScrollAnimator::scrollOffsetOnAxis): Renamed from scrollOffsetInAxis.
        (WebCore::ScrollAnimator::immediateScrollOnAxis): Renamed from immediateScrollInAxis.
        (WebCore::ScrollAnimator::scrollOffsetInAxis): Deleted.
        (WebCore::ScrollAnimator::immediateScrollInAxis): Deleted.
        (WebCore::ScrollAnimator::startScrollSnapTimer): Deleted.
        (WebCore::ScrollAnimator::stopScrollSnapTimer): Deleted.
        (WebCore::ScrollAnimator::horizontalScrollSnapTimerFired): Deleted.
        (WebCore::ScrollAnimator::verticalScrollSnapTimerFired): Deleted.
        * platform/ScrollAnimator.h:
        * platform/cocoa/ScrollController.h: Copied from platform/mac/ScrollController.h.
        (WebCore::ScrollControllerClient::startSnapRubberbandTimer):
        (WebCore::ScrollControllerClient::stopSnapRubberbandTimer):
        (WebCore::ScrollControllerClient::startScrollSnapTimer):
        (WebCore::ScrollControllerClient::stopScrollSnapTimer):
        * platform/cocoa/ScrollController.mm: Copied from platform/mac/ScrollController.mm.
        (WebCore::ScrollController::ScrollController): Update to initialize new timers.
        (WebCore::ScrollController::handleWheelEvent): Update to handle Scroll Snap Point events.
        (WebCore::ScrollController::startSnapRubberbandTimer): Added.
        (WebCore::ScrollController::stopSnapRubberbandTimer): Manage animation timers locally, do not
        require client to maintain timers.
        (WebCore::ScrollController::snapRubberBand): Ditto.
        (WebCore::ScrollController::processWheelEventForScrollSnap): Added. (Moved from ScrollAnimatorMac)
        (WebCore::ScrollController::updateScrollAnimatorsAndTimers): Ditto. Also updated to use RunLoop::Timer.
        (WebCore::ScrollController::startScrollSnapTimer): Ditto. Also updated to use RunLoop::Timer.
        (WebCore::ScrollController::stopScrollSnapTimer): Ditto. Also updated to use RunLoop::Timer.
        (WebCore::ScrollController::horizontalScrollSnapTimerFired): Ditto.
        (WebCore::ScrollController::verticalScrollSnapTimerFired): Ditto.
        (WebCore::ScrollController::scrollOffsetOnAxis): Moved from ScrollAnimatorMac.
        (WebCore::ScrollController::immediateScrollOnAxis): Ditto.
        * platform/mac/AxisScrollSnapAnimator.h: Rename methods from 'InAxis' to 'OnAxis'
        * platform/mac/AxisScrollSnapAnimator.mm:
        (WebCore::AxisScrollSnapAnimator::handleWheelEvent): Update for 'InAxis' to 'OnAxis' renaming.
        (WebCore::AxisScrollSnapAnimator::scrollSnapAnimationUpdate): Ditto.
        (WebCore::AxisScrollSnapAnimator::beginScrollSnapAnimation): Ditto.
        (WebCore::AxisScrollSnapAnimator::computeSnapDelta): Ditto.
        (WebCore::AxisScrollSnapAnimator::computeGlideDelta): Ditto.
        * platform/mac/ScrollAnimatorMac.h:
        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::ScrollAnimatorMac::ScrollAnimatorMac): Remove unused Rubberband timers (now that this is
        controlled in the ScrollController)
        (WebCore::ScrollAnimatorMac::startSnapRubberbandTimer): Deleted.
        (WebCore::ScrollAnimatorMac::stopSnapRubberbandTimer): Deleted.
        (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired): Deleted.
        * platform/mac/ScrollController.h: Removed.
        * platform/mac/ScrollController.mm: Removed.

2015-03-03  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r180683.
        https://bugs.webkit.org/show_bug.cgi?id=142249

        Broke fast/css/acid2-pixel.html (Requested by ap on #webkit).

        Reverted changeset:

        "Setting any of the <object> element plugin controlling
        attributes does not have any affect."
        https://bugs.webkit.org/show_bug.cgi?id=141936
        http://trac.webkit.org/changeset/180683

2015-03-03  Dean Jackson  <dino@apple.com>

        Controls panel should have system blurry background
        https://bugs.webkit.org/show_bug.cgi?id=142154
        <rdar://problem/20000964>

        Reviewed by Simon Fraser.

        In order to replicate the system style of media controls
        on OS X and iOS, we need to expose a special -webkit-appearance.
        This patch adds the new property value, and implements
        the iOS part of the appearance, which is a blurry shaded
        background.

        Test: compositing/media-controls-bar-appearance.html

        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): Map the new
        keywords from ControlParts.

        * css/CSSValueKeywords.in: Add media-controls-light-bar-background
        and media-controls-dark-bar-background. Darin suggested they
        be sorted, so I did this at the same time.
        * platform/ThemeTypes.h: New ControlParts for the values, and
        sort the values since they need to be in sync with
        CSSValueKeywords.in.

        * platform/graphics/GraphicsLayer.h: Expose two new custom appearance
        values.
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::GraphicsLayerCA):
        (WebCore::layerTypeForCustomBackdropAppearance): Helper function.
        (WebCore::isCustomBackdropLayerType): Ditto.
        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers): Merge setting
        a system backdrop layer in with the code that swaps to/from tiled layers.
        (WebCore::GraphicsLayerCA::changeLayerTypeTo): New method that does what
        swapFromOrToTiledLayer implemented, but also allows us to change to a
        system backdrop layer.
        (WebCore::GraphicsLayerCA::swapFromOrToTiledLayer): Deleted.
        * platform/graphics/ca/GraphicsLayerCA.h:

        * platform/graphics/ca/PlatformCALayer.h: New layer types.
        * platform/graphics/ca/mac/PlatformCALayerMac.mm: For now expose these
        as regular backdrop layers.
        (PlatformCALayerMac::PlatformCALayerMac):
        (PlatformCALayerMac::updateCustomAppearance):

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): Make sure to update
        custom appearance,
        (WebCore::RenderLayerBacking::updateCustomAppearance): New method.
        * rendering/RenderLayerBacking.h:

2015-03-03  Chris Dumez  <cdumez@apple.com>

        Access ApplicationCacheStorage global instance via singleton() static member function
        https://bugs.webkit.org/show_bug.cgi?id=142239

        Reviewed by Anders Carlsson.

        Access ApplicationCacheStorage global instance via singleton() static
        member function as per WebKit coding style.

2015-03-03  Anders Carlsson  <andersca@apple.com>

        Try to fix the build.

        * platform/spi/cf/CFNetworkSPI.h:

2015-03-03  Timothy Horton  <timothy_horton@apple.com>

        <attachment> label can get very wide, doesn't wrap/truncate
        https://bugs.webkit.org/show_bug.cgi?id=142214
        <rdar://problem/19982499>

        Reviewed by Simon Fraser.

        Test: fast/attachment/attachment-label-highlight.html

        * rendering/RenderThemeMac.h:
        * rendering/RenderThemeMac.mm:
        (WebCore::labelTextColorForAttachment):
        (WebCore::AttachmentLayout::addLine):
        (WebCore::AttachmentLayout::layOutText):
        (WebCore::AttachmentLayout::AttachmentLayout):
        Make it possible to lay out multiple lines of label text.
        We lay out the whole string normally, but then only draw N (where N=1 for now,
        but is adjustable) of the lines. The remainder of the string is then
        merged into a single line, which is middle-truncated with an ellipsis
        and drawn in place of the N+1 line.

        (WebCore::addAttachmentLabelBackgroundRightCorner):
        (WebCore::addAttachmentLabelBackgroundLeftCorner):
        (WebCore::paintAttachmentLabelBackground):
        Wrap the label background around the multiple lines of text with curved edges.
        We run first down the right side of the label, determining whether to use
        concave or convex arcs based on the relative widths of adjacent lines.
        Then, we run back up the left side of the label doing the same thing.

        If the background rects of two lines are very similar (within the rounded rect radius),
        they will be expanded to the larger of the two, because otherwise the arcs
        look quite wrong.

        (WebCore::paintAttachmentLabel):
        Draw the label with CoreText directly instead of bothering with WebCore
        text layout primitives. There's no need, and it makes wrapping much more complicated.

        (WebCore::RenderThemeMac::paintAttachment):
        (WebCore::RenderThemeMac::paintAttachmentLabelBackground): Deleted.
        (WebCore::RenderThemeMac::paintAttachmentLabel): Deleted.

2015-03-03  Simon Fraser  <simon.fraser@apple.com>

        Avoid applying the clip-path when painting, if a layer also has a shape layer mask
        https://bugs.webkit.org/show_bug.cgi?id=142212

        Reviewed by Zalan Bujtas.

        After r180882 we translate clip-path into a composited shape mask when the layer
        is composited. However, we were also still applying the clip-path when painting
        the layer contents.
        
        Now, we set the GraphicsLayer bits GraphicsLayerPaintClipPath and GraphicsLayerPaintMask
        only for the m_maskLayer's painting. This translate into setting PaintLayerPaintingCompositingMaskPhase
        and PaintLayerPaintingCompositingClipPathPhase only when painting that same mask layer,
        rather than always. To ensure that masks and clip-path get applied for software paints,
        add shouldPaintMask() and shouldApplyClipPath() that return true for non-composited layers,
        and when doing a flattening paint.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paintLayerContents): Use shouldApplyClipPath().
        Pull three chunks of code under a single "if (shouldPaintContent && !selectionOnly)" condition.
        The condition for paintChildClippingMaskForFragments() is changed slightly; we need to call this
        only when painting the clip-path/mask layer contents, but also only when there is no mask to fill
        the clipped area for us.
        (WebCore::RenderLayer::calculateClipRects):
        (WebCore::RenderLayer::paintsWithClipPath): Deleted.
        * rendering/RenderLayer.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateMaskingLayer): Be sure to set the GraphicsLayerPaintClipPath bit
        when having a mask forces us onto the painting path.

2015-03-03  Anders Carlsson  <andersca@apple.com>

        Use the correct display name for website data for local files
        https://bugs.webkit.org/show_bug.cgi?id=142228

        Reviewed by Dan Bernstein.

        * English.lproj/Localizable.strings:
        Add local file display name.

        * platform/spi/cf/CFNetworkSPI.h:
        Add kCFHTTPCookieLocalFileDomain declaration.

2015-03-03  Myles C. Maxfield  <mmaxfield@apple.com>

        BreakingContext cleanup
        https://bugs.webkit.org/show_bug.cgi?id=142146

        Reviewed by Dean Jackson.

        1. Use commitLineBreakAtCurrentWidth() instead of directly
        updating m_width and m_lineBreak, because the name makes the
        intent clearer.
        2. Remove duplicate function LineBreaker::nextSegmentBreak().
        3. lineStyle() takes care of inspecting RenderText's parent's
        style.
        4. Add FIXME to BreakingContext::initializeForCurrentObject()
        because it seems like we are ignoring first-line style for
        some properties.

        No new tests because there is no behavior change.

        * rendering/line/BreakingContextInlineHeaders.h:
        (WebCore::BreakingContext::BreakingContext):
        (WebCore::BreakingContext::initializeForCurrentObject):
        (WebCore::BreakingContext::handleReplaced):
        (WebCore::BreakingContext::handleText):
        (WebCore::BreakingContext::commitAndUpdateLineBreakIfNeeded):
        (WebCore::BreakingContext::handleEndOfLine):
        * rendering/line/LineBreaker.cpp:
        (WebCore::LineBreaker::nextLineBreak): Deleted.
        (WebCore::LineBreaker::nextSegmentBreak): Deleted.
        * rendering/line/LineBreaker.h:
        * rendering/line/LineInlineHeaders.h:
        (WebCore::lineStyle):

2015-03-03  Chris Dumez  <cdumez@apple.com>

        Make AudioContext suspendable when it is not rendering
        https://bugs.webkit.org/show_bug.cgi?id=142210
        <rdar://problem/19923085>

        Reviewed by Eric Carlson.

        Make AudioContext suspendable when it is not rendering to increase the
        likelihood of entering the PageCache for pages using WebAudio.

        This patch adds a state member to AudioContext with 3 possible states:
        Suspended / Running / Closed, as defined in the specification:
        http://webaudio.github.io/web-audio-api/#widl-AudioContext-state

        This state is used to decide if we can suspend the page or not. We
        can safely suspend if the AudioContext's state is suspended (did not
        start rendering) or closed (Stopped rendering).

        Note that this patch does not expose the AudioContext's state to the
        Web yet, even though it is exposed in the latest specification.

        Tests: fast/history/page-cache-closed-audiocontext.html
               fast/history/page-cache-running-audiocontext.html
               fast/history/page-cache-suspended-audiocontext.html

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::AudioContext):
        (WebCore::AudioContext::uninitialize):
        (WebCore::AudioContext::canSuspend):
        (WebCore::AudioContext::startRendering):
        (WebCore::AudioContext::fireCompletionEvent):
        * Modules/webaudio/AudioContext.h:

2015-03-02  Carlos Garcia Campos  <cgarcia@igalia.com>

        [SOUP] Use SoupMessage::starting instead of SoupSession::request-started
        https://bugs.webkit.org/show_bug.cgi?id=142164

        Reviewed by Sergio Villar Senin.

        SoupSession::request-started is deprecated in libsoup 2.50. Both
        signals are equivalent, but SoupMessage::starting is also emitted
        for resources loaded from the disk cache. This fixes web timing
        calculations for cached resources, since we were not initializing
        m_requestStart.

        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::startingCallback):
        (WebCore::createSoupMessageForHandleAndRequest):
        * platform/network/soup/SoupNetworkSession.cpp:
        (WebCore::SoupNetworkSession::SoupNetworkSession):

2015-03-03  Carlos Garcia Campos  <cgarcia@igalia.com>

        [SOUP] Synchronous XMLHttpRequests can time out when we reach the max connections limit
        https://bugs.webkit.org/show_bug.cgi?id=141508

        Reviewed by Sergio Villar Senin.

        Use SOUP_MESSAGE_IGNORE_CONNECTION_LIMITS flag when loading a
        synchronous message instead of increasing the maximum number of
        connections allowed if the soup version is recent enough.
        The current solution of increasing/decreasing the limits doesn't
        always work, because connections are not marked as IDLE in libsoup
        until the message is unqueued, but we don't wait for the message
        to be unqueued to finish our loads in WebKit, we finish them as
        soon as we have finished reading the stream. This causes that
        synchronous loads keep blocked in the nested main loop until the
        timeout of 10 seconds is fired and the load fails.
        Also marked WebCoreSynchronousLoader class as final, the virtual
        methods as override and removed the unsused method isSynchronousClient.

        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::createSoupMessageForHandleAndRequest):
        (WebCore::WebCoreSynchronousLoader::WebCoreSynchronousLoader):
        (WebCore::WebCoreSynchronousLoader::isSynchronousClient): Deleted.
        (WebCore::WebCoreSynchronousLoader::didReceiveResponse):
        (WebCore::WebCoreSynchronousLoader::didReceiveData):
        (WebCore::WebCoreSynchronousLoader::didReceiveBuffer):
        (WebCore::WebCoreSynchronousLoader::didFinishLoading):
        (WebCore::WebCoreSynchronousLoader::didFail):
        (WebCore::WebCoreSynchronousLoader::didReceiveAuthenticationChallenge):
        (WebCore::WebCoreSynchronousLoader::shouldUseCredentialStorage):

2015-03-02  David Kilzer  <ddkilzer@apple.com>

        [iOS] Disable -Wdeprecated-declaration warnings in WebVideoFullscreenInterfaceAVKit.mm

        Fixing the deprecations is tracked by: <rdar://problem/20018692>

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::enterFullscreenOptimized):
        Ignore -Wdeprecated-declaration warnings via clang pragmas.

2015-03-02  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r180902.
        https://bugs.webkit.org/show_bug.cgi?id=142205

        It broke scrolling in some cases. See bug 142202 for details.
        (Requested by bdash on #webkit).

        Reverted changeset:

        "Move scroll animating functions from ScrollAnimator to
        ScrollController"
        https://bugs.webkit.org/show_bug.cgi?id=142102
        http://trac.webkit.org/changeset/180902

2015-03-02  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r180911.
        https://bugs.webkit.org/show_bug.cgi?id=142204

        The tests it added are crashing (Requested by bdash on
        #webkit).

        Reverted changeset:

        "Add a microtask abstraction"
        https://bugs.webkit.org/show_bug.cgi?id=137496
        http://trac.webkit.org/changeset/180911

2015-03-02  Yoav Weiss  <yoav@yoav.ws>

        Add a microtask abstraction
        https://bugs.webkit.org/show_bug.cgi?id=137496

        Reviewed by Sam Weinig.

        This patch adds a microtask abstraction: https://html.spec.whatwg.org/multipage/webappapis.html#microtask
        That abstraction is required in order to enable async loading of images,
        which is in turn required to enable support for the picture element, as well as
        to make sure that the order of properties set on HTMLImageElement has no implications.

        * WebCore.vcxproj/WebCore.vcxproj: Add MicroTask.{h,cpp} to the project.
        * WebCore.vcxproj/WebCoreTestSupport.vcxproj: Add MicroTaskTest.{h,cpp} to the project.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Add MicroTask.{h,cpp} to the project.
        * WebCore.vcxproj/WebCoreTestSupport.vcxproj.filters: Add MicroTaskTest.{h,cpp} to the project.
        * WebCore.xcodeproj/project.pbxproj: Add MicroTask{,Test}.{h,cpp} to the project.
        * dom/Document.h: Add WEBCORE_EXPORT to addConsoleMessage, so it can be used in MicroTaskTest that's in WebCoreTestSupport..
        * dom/MicroTask.h: Add a MicroTask interface class. Add a MicroTaskQueue singleton.
        (WebCore::MicroTask::~MicroTask):
        (WebCore::MicroTask::run): Run the microtask.
        * dom/MicroTask.cpp: Implement the MicroTaskQueue singleton.
        (WebCore::MicroTaskQueue::singleton): Get a singleton instance of MicroTaskQueue.
        (WebCore::MicroTaskQueue::queueMicroTask): Add a microtask to the queue.
        (WebCore::MicroTaskQueue::runMicroTasks): Run all the microtasks in the queue and clear it.
        * dom/ScriptRunner.cpp: Trigger running of all microtasks in queue.
        (WebCore::ScriptRunner::timerFired):
        * html/parser/HTMLScriptRunner.cpp: Trigger running of all microtasks in queue.
        (WebCore::HTMLScriptRunner::executePendingScriptAndDispatchEvent):
        (WebCore::HTMLScriptRunner::executeScriptsWaitingForParsing):
        (WebCore::HTMLScriptRunner::runScript):
        * testing/Internals.cpp: Add a method to queue a test microtask.
        (WebCore::Internals::queueMicroTask):
        * testing/Internals.h: Add a method to queue a test microtask.
        (WebCore::Internals::queueMicroTask):
        * testing/Internals.idl: Expose test microtask queueing to test JS.
        * testing/MicroTaskTest.cpp: Add a test class that implements a microtask and prints to the console when it runs.
        (WebCore::MicroTaskTest::run): Run the microtask
        (WebCore::MicroTaskTest::create): Create a test microtask.
        * testing/MicroTaskTest.h: Add a test class that implements a microtask.
        (WebCore::MicroTaskTest::run):
        (WebCore::MicroTaskTest::create):

2015-03-02  Jeremy Jones  <jeremyj@apple.com>

        RenderVideo should not paint the video frame when video is fullscreen.
        https://bugs.webkit.org/show_bug.cgi?id=142097

        Reviewed by Eric Carlson.

        For performance and correctness, RenderVideo should not paint the current video frame
        inline when video is fullscreen. This happens when snapshots are taken and can have a
        negative performance impact.

        * rendering/RenderVideo.cpp:
        (WebCore::RenderVideo::paintReplaced):

2015-03-02  Dean Jackson  <dino@apple.com>

        [iOS Media] Airplay button should be blue when active
        https://bugs.webkit.org/show_bug.cgi?id=142193

        Reviewed by Brent Fulgham.

        Add a blue form of the Airplay button that is used
        when we are actively displaying on another screen.

        * Modules/mediacontrols/mediaControlsiOS.css:
        (video::-webkit-media-controls-wireless-playback-picker-button):
        (video::-webkit-media-controls-wireless-playback-picker-button:active):
        (video::-webkit-media-controls-wireless-playback-picker-button.playing):
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.updateWirelessPlaybackStatus):

2015-03-02  Brent Fulgham  <bfulgham@apple.com>

        Move scroll animating functions from ScrollAnimator to ScrollController
        https://bugs.webkit.org/show_bug.cgi?id=142102
        <rdar://problem/20007161>

        Reviewed by Simon Fraser.

        No change in functionality.
        
        Do some refactoring of the various scrolling classes:
        1. Consolidate animation times to RunLoop::Timer instead of a combination of WebCore::Timer
           and CFRunLoopTimers. Do this for Scroll Snap Point and Rubberband animations.
        2. Move ScrollController from platform/mac to platform/cocoa to enable sharing with iOS.
        3. Move code from ScrollAnimator{Mac} -> ScrollController.
        4. Rename scrollOffsetInAxis -> scrollOffsetOnAxis
        5. Rename immediateScrollInAxis -> immediateScrollOnAxis

        * WebCore.xcodeproj/project.pbxproj: Move ScrollController to 'platform/cocoa'
        * page/mac/EventHandlerMac.mm: Make sure the scroll controller is notified of end-of-scroll
        events, just as is done for the "event not handled" case in EventHandler.cpp. 
        (WebCore::EventHandler::platformCompleteWheelEvent):
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h: Remove timer and some delegate
        methods, now that ScrollController is controlling this state.
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::~ScrollingTreeFrameScrollingNodeMac): We no longer
        need to clean up the CFRunLoopTimer.
        (WebCore::ScrollingTreeFrameScrollingNodeMac::scrollOffsetOnAxis): Add temporary stub needed
        until Bug 141973 is completed.).
        (WebCore::ScrollingTreeFrameScrollingNodeMac::immediateScrollOnAxis): Ditto.
        (WebCore::ScrollingTreeFrameScrollingNodeMac::startSnapRubberbandTimer): Deleted.
        (WebCore::ScrollingTreeFrameScrollingNodeMac::stopSnapRubberbandTimer): Deleted.
        * platform/ScrollAnimator.cpp:
        (WebCore::ScrollAnimator::ScrollAnimator):
        (WebCore::ScrollAnimator::processWheelEventForScrollSnap): Just call the ScrollController method.
        (WebCore::ScrollAnimator::handleWheelEvent): Ditto.
        (WebCore::ScrollAnimator::updateScrollAnimatorsAndTimers): Ditto.
        (WebCore::ScrollAnimator::scrollOffsetOnAxis): Renamed from scrollOffsetInAxis.
        (WebCore::ScrollAnimator::scrollOffsetInAxis): Deleted.
        (WebCore::ScrollAnimator::immediateScrollOnAxis): Renamed from immediateScrollInAxis.
        (WebCore::ScrollAnimator::immediateScrollInAxis): Deleted.
        (WebCore::ScrollAnimator::startScrollSnapTimer): Deleted.
        (WebCore::ScrollAnimator::stopScrollSnapTimer): Deleted.
        (WebCore::ScrollAnimator::horizontalScrollSnapTimerFired): Deleted.
        (WebCore::ScrollAnimator::verticalScrollSnapTimerFired): Deleted.
        * platform/ScrollAnimator.h:
        * platform/cocoa/ScrollController.h: Copied from platform/mac/ScrollController.h.
        * platform/cocoa/ScrollController.mm: Copied from platform/mac/ScrollController.mm.
        (WebCore::ScrollController::ScrollController): Update to initialize new timers.
        (WebCore::ScrollController::handleWheelEvent): Update to handle Scroll Snap Point events.
        (WebCore::ScrollController::startSnapRubberbandTimer): Added.
        (WebCore::ScrollController::stopSnapRubberbandTimer): Manage animation timers locally, do not
        require client to maintain timers.
        (WebCore::ScrollController::snapRubberBand): Ditto.
        (WebCore::ScrollController::processWheelEventForScrollSnap): Added. (Moved from ScrollAnimatorMac)
        (WebCore::ScrollController::updateScrollAnimatorsAndTimers): Ditto. Also updated to use RunLoop::Timer.
        (WebCore::ScrollController::startScrollSnapTimer): Ditto. Also updated to use RunLoop::Timer.
        (WebCore::ScrollController::stopScrollSnapTimer):  Ditto. Also updated to use RunLoop::Timer.
        (WebCore::ScrollController::horizontalScrollSnapTimerFired): Ditto.
        (WebCore::ScrollController::verticalScrollSnapTimerFired): Ditto.
        (WebCore::ScrollController::scrollOffsetOnAxis): Moved from ScrollAnimatorMac.
        (WebCore::ScrollController::immediateScrollOnAxis): Ditto.
        * platform/mac/AxisScrollSnapAnimator.h: Rename methods from 'InAxis' to 'OnAxis'
        * platform/mac/AxisScrollSnapAnimator.mm: Ditto.
        * platform/mac/ScrollAnimatorMac.h:
        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::ScrollAnimatorMac::ScrollAnimatorMac): Remove unused Rubberband timers (now that this is
        controlled in the ScrollController)
        (WebCore::ScrollAnimatorMac::startSnapRubberbandTimer): Deleted.
        (WebCore::ScrollAnimatorMac::stopSnapRubberbandTimer): Deleted.
        (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired): Deleted.
        * platform/mac/ScrollController.h: Removed.
        * platform/mac/ScrollController.mm: Removed.

2015-03-02  Mark Lam  <mark.lam@apple.com>

        The InspectorTimelineAgent should gracefully handle attempts to start more than once.
        <https://webkit.org/b/142189>

        Reviewed by Joseph Pecoraro.

        No new tests.  Unskipped an existing test that already asserts this.

        InspectorTimelineAgent::internalStop() already checks for redundant calls to it in
        case the InspectorTimelineAgent is already disabled. Similarly,
        InspectorTimelineAgent::internalStart() should check if the InspectorTimelineAgent
        is already enabled before proceeding to do work to enable it. Though wasteful,
        it is legal for clients of the InspectorTimelineAgent to invoke start on it more
        than once. Hence, this check is needed.

        This check fixes the debug assertion failure when running the
        inspector/timeline/debugger-paused-while-recording.html test. The test can now
        be unskipped.

        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::internalStart):

2015-03-02  Roger Fong  <roger_fong@apple.com>

        Update backgrounds of sliders for inline media controls on OS X.
        https://bugs.webkit.org/show_bug.cgi?id=142188.
        <rdar://problem/20012413>

        Reviewed by Dean Jackson.

        Don’t use CSS to draw volume and timeline slider backgrounds.
        * Modules/mediacontrols/mediaControlsApple.css:
        (video::-webkit-media-controls-volume-slider):
        (audio::-webkit-media-controls-volume-slider::-webkit-slider-thumb):
        (audio::-webkit-media-controls-timeline):
        (audio::-webkit-media-controls-timeline::-webkit-slider-thumb):
        (audio::-webkit-media-controls-panel .thumbnail-track):
        (audio::-webkit-media-controls-volume-slider::-webkit-slider-thumb:active::-webkit-slider-thumb): Deleted.
        (audio::-webkit-media-controls-timeline:active::-webkit-slider-thumb,): Deleted.

        Draw volume and timeline slider backgrounds using 2d canvases.
        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.createControls):
        (Controller.prototype.handleVolumeSliderInput):
        (Controller.prototype.addRoundedRect):
        (Controller.prototype.drawTimelineBackground):
        (Controller.prototype.drawVolumeBackground):
        (Controller.prototype.showControls):
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.addRoundedRect): Deleted.

2015-03-01  Roger Fong  <roger_fong@apple.com>

        Update inline media element controls appearance Part 1.
        https://bugs.webkit.org/show_bug.cgi?id=142138.
        <rdar://problem/19997384>

        Reviewed by Dean Jackson.

        Update positioning, sizes, and background colors media control elements.
        Volume and timeline sliders will be drawn in a separate patch via 2d canvases.

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-panel):
        (video::-webkit-media-controls-panel):
        (audio::-webkit-media-controls-rewind-button):
        (audio::-webkit-media-controls-play-button):
        (audio::-webkit-media-controls-panel .mute-box):
        (video::-webkit-media-controls-volume-max-button):
        (audio::-webkit-media-controls-panel .volume-box):
        (audio::-webkit-media-controls-panel .volume-box:active):
        (video::-webkit-media-controls-volume-slider):
        (audio::-webkit-media-controls-toggle-closed-captions-button):
        (audio::-webkit-media-controls-fullscreen-button):
        (audio::-webkit-media-controls-current-time-display):
        (audio::-webkit-media-controls-time-remaining-display):
        (audio::-webkit-media-controls-timeline-container .hour-long-time): Deleted.

2015-03-02  David Kilzer  <ddkilzer@apple.com>

        REGRESSION (r180882): Build failure: Methods not marked override in GraphicsLayerCA.h
        <http://webkit.org/b/138684>

        Fixes the following build failures:

            In file included from WebKit2/WebProcess/WebPage/DrawingArea.cpp:39:
            In file included from WebKit2/WebProcess/WebPage/mac/RemoteLayerTreeDrawingArea.h:30:
            In file included from WebKit2/WebProcess/WebPage/mac/GraphicsLayerCARemote.h:29:
            WebCore.framework/PrivateHeaders/GraphicsLayerCA.h:123:33: error: 'setShapeLayerPath' overrides a member function but is not marked 'override' [-Werror,-Winconsistent-missing-override]
                WEBCORE_EXPORT virtual void setShapeLayerPath(const Path&);
                                            ^
            In file included from WebKit2/WebProcess/WebPage/DrawingArea.cpp:30:
            In file included from WebKit2/WebProcess/WebPage/WebPage.h:46:
            In file included from WebKit2/WebProcess/Plugins/Plugin.h:31:
            WebCore.framework/PrivateHeaders/GraphicsLayer.h:390:18: note: overridden virtual function is here
                virtual void setShapeLayerPath(const Path&);
                             ^
            In file included from WebKit2/WebProcess/WebPage/DrawingArea.cpp:39:
            In file included from WebKit2/WebProcess/WebPage/mac/RemoteLayerTreeDrawingArea.h:30:
            In file included from WebKit2/WebProcess/WebPage/mac/GraphicsLayerCARemote.h:29:
            WebCore.framework/PrivateHeaders/GraphicsLayerCA.h:124:33: error: 'setShapeLayerWindRule' overrides a member function but is not marked 'override' [-Werror,-Winconsistent-missing-override]
                WEBCORE_EXPORT virtual void setShapeLayerWindRule(WindRule);
                                            ^
            In file included from WebKit2/WebProcess/WebPage/DrawingArea.cpp:30:
            In file included from WebKit2/WebProcess/WebPage/WebPage.h:46:
            In file included from WebKit2/WebProcess/Plugins/Plugin.h:31:
            WebCore.framework/PrivateHeaders/GraphicsLayer.h:393:18: note: overridden virtual function is here
                virtual void setShapeLayerWindRule(WindRule);
                             ^
            2 errors generated.

        * platform/graphics/ca/GraphicsLayerCA.h:
        (WebCore::GraphicsLayer::setShapeLayerPath): Mark as override.
        (WebCore::GraphicsLayer::setShapeLayerWindRule): Ditto.

2015-03-01  Simon Fraser  <simon.fraser@apple.com>

        Make clip-path work on <video>, <canvas> etc.
        https://bugs.webkit.org/show_bug.cgi?id=138684

        Reviewed by Darin Adler.
        
        clip-path only worked in compositing layers on the painted contents of the layer,
        and failed to clip children. Fix this by translating the clip path into a Path
        which is set on a CA shape layer (for Mac and iOS), or painted into the
        RenderLayerBacking's mask layer. There are two code paths:

        1. clip-path which is a <basic-shape> or <geometry-box>, and no mask.
            Here we can use the optimal code path of converting the clip into a path
            that is put onto a CAShapeLayer, which is then used as a mask. There is no
            additional backing store.
        2. clip-path with an SVG reference, or clip-path combined with -webkit-mask:
            Here we have to allocate backing store for the mask layer, and paint the
            clip path (possibly with the mask).
        
        We add GraphicsLayer::Type::Shape, and add a getter for the layer type.

        Tests: compositing/masks/compositing-clip-path-and-mask.html
               compositing/masks/compositing-clip-path-mask-change.html
               compositing/masks/compositing-clip-path.html
               compositing/masks/reference-clip-path-on-composited.html

        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::GraphicsLayer): Store the type in the layer so the getter can return it.
        (WebCore::GraphicsLayer::shapeLayerPath): Get and set the shape layer path.
        (WebCore::GraphicsLayer::setShapeLayerPath): Ditto.
        (WebCore::GraphicsLayer::shapeLayerWindRule): Get and set the shape layer wind rule.
        (WebCore::GraphicsLayer::setShapeLayerWindRule): Ditto.
        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::type): Expose the type.
        (WebCore::GraphicsLayer::supportsLayerType): Allow the cross-platform code to use
        shape layers when it knows they are available.
        (WebCore::GraphicsLayer::needsClippingMaskLayer): Deleted. This was never used.
        * platform/graphics/GraphicsLayerClient.h: Align the bits (helps avoid typos). Add a
        GraphicsLayerPaintClipPath phase.
        * platform/graphics/Path.h: Some exports since WK2 needs to encode Paths now.
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::initialize): Make shape layers.
        (WebCore::GraphicsLayerCA::setShapeLayerPath): Setter for the shape path. Sadly we
        can't early return on unchanged paths yet.
        (WebCore::GraphicsLayerCA::setShapeLayerWindRule):
        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers): Updates for shape path
        and wind rule.
        (WebCore::GraphicsLayerCA::updateShape):
        (WebCore::GraphicsLayerCA::updateWindRule):
        * platform/graphics/ca/GraphicsLayerCA.h: Some new dirty bits for shape path and wind rule.
        * platform/graphics/ca/PlatformCALayer.h:
        * platform/graphics/ca/mac/PlatformCALayerMac.h:
        * platform/graphics/ca/mac/PlatformCALayerMac.mm: Got rid of lots of m_layer.get().
        (PlatformCALayerMac::~PlatformCALayerMac):
        (PlatformCALayerMac::setNeedsDisplay):
        (PlatformCALayerMac::setNeedsDisplayInRect):
        (PlatformCALayerMac::removeFromSuperlayer):
        (PlatformCALayerMac::setSublayers):
        (PlatformCALayerMac::removeAllSublayers):
        (PlatformCALayerMac::appendSublayer):
        (PlatformCALayerMac::insertSublayer):
        (PlatformCALayerMac::replaceSublayer):
        (PlatformCALayerMac::adoptSublayers):
        (PlatformCALayerMac::addAnimationForKey):
        (PlatformCALayerMac::removeAnimationForKey):
        (PlatformCALayerMac::animationForKey):
        (PlatformCALayerMac::setMask):
        (PlatformCALayerMac::isOpaque):
        (PlatformCALayerMac::setOpaque):
        (PlatformCALayerMac::bounds):
        (PlatformCALayerMac::setBounds):
        (PlatformCALayerMac::position):
        (PlatformCALayerMac::setPosition):
        (PlatformCALayerMac::anchorPoint):
        (PlatformCALayerMac::setAnchorPoint):
        (PlatformCALayerMac::transform):
        (PlatformCALayerMac::setTransform):
        (PlatformCALayerMac::sublayerTransform):
        (PlatformCALayerMac::setSublayerTransform):
        (PlatformCALayerMac::setHidden):
        (PlatformCALayerMac::setGeometryFlipped):
        (PlatformCALayerMac::isDoubleSided):
        (PlatformCALayerMac::setDoubleSided):
        (PlatformCALayerMac::masksToBounds):
        (PlatformCALayerMac::setMasksToBounds):
        (PlatformCALayerMac::acceleratesDrawing):
        (PlatformCALayerMac::setAcceleratesDrawing):
        (PlatformCALayerMac::contents):
        (PlatformCALayerMac::setContents):
        (PlatformCALayerMac::setContentsRect):
        (PlatformCALayerMac::setMinificationFilter):
        (PlatformCALayerMac::setMagnificationFilter):
        (PlatformCALayerMac::backgroundColor):
        (PlatformCALayerMac::setBackgroundColor):
        (PlatformCALayerMac::setBorderWidth):
        (PlatformCALayerMac::setBorderColor):
        (PlatformCALayerMac::opacity):
        (PlatformCALayerMac::setOpacity):
        (PlatformCALayerMac::copyFiltersFrom):
        (PlatformCALayerMac::setName):
        (PlatformCALayerMac::setSpeed):
        (PlatformCALayerMac::setTimeOffset):
        (PlatformCALayerMac::contentsScale):
        (PlatformCALayerMac::setContentsScale):
        (PlatformCALayerMac::cornerRadius):
        (PlatformCALayerMac::setCornerRadius):
        (PlatformCALayerMac::setEdgeAntialiasingMask):
        (PlatformCALayerMac::shapeWindRule): New function.
        (PlatformCALayerMac::setShapeWindRule): Ditto.
        (PlatformCALayerMac::shapePath): Ditto.
        (PlatformCALayerMac::setShapePath): Ditto.
        (PlatformCALayer::isWebLayer):
        * platform/graphics/cg/PathCG.cpp:
        (WebCore::Path::Path): nullptr.
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paintsWithClipPath): Return true if the clip path is painted.
        (WebCore::RenderLayer::computeClipPath): Factor code that computes the clip path into this
        function, so we can call it from RenderLayerBacking too.
        (WebCore::RenderLayer::setupClipPath):
        (WebCore::RenderLayer::paintLayerContents): We only want to apply the clip path
        for painting when we're either painting a non-composited layer, or we're painting the
        mask layer of a composited layer. We in the latter case, we just want to fill the clip
        path with black, so re-use the paintChildClippingMaskForFragments() which does this.
        * rendering/RenderLayer.h: Align the bits, add PaintLayerPaintingCompositingClipPathPhase.
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::~RenderLayerBacking):
        (WebCore::RenderLayerBacking::updateConfiguration):
        (WebCore::RenderLayerBacking::updateGeometry): Move mask updating into its own function.
        (WebCore::RenderLayerBacking::updateMaskingLayerGeometry): If we're using the shape layer
        code path, compute the Path and set it and the wind rule on the mask layer.
        (WebCore::RenderLayerBacking::updateMaskingLayer): This is now more complex, as it has
        to deal with combinations of clip-path and mask, some of which allow for the shape layer
        mask, and we handle dynamic changes between these and painted masks.
        (WebCore::RenderLayerBacking::paintingPhaseForPrimaryLayer): Include the GraphicsLayerPaintClipPath phase.
        (WebCore::RenderLayerBacking::paintIntoLayer): Map GraphicsLayerPaintClipPath to PaintLayerPaintingCompositingClipPathPhase.
        (WebCore::RenderLayerBacking::updateMaskLayer): Deleted.
        * rendering/RenderLayerBacking.h:

2015-03-01  Hunseop Jeong  <hs85.jeong@samsung.com>

        [Cairo] Implement Path::addEllipse 
        https://bugs.webkit.org/show_bug.cgi?id=142144

        Reviewed by Gyuyoung Kim.

        Add support for addEllipse method for platforms using cairo.

        * platform/graphics/cairo/PathCairo.cpp:
        (WebCore::Path::addEllipse):

2015-03-01  Joonghun Park  <jh718.park@samsung.com>

        Use std::unique_ptr instead of PassOwnPtr|OwnPtr for ScrollAnimator
        https://bugs.webkit.org/show_bug.cgi?id=142143

        Reviewed by Darin Adler.

        No new tests, no behavior changes.

        * platform/ScrollAnimator.cpp:
        (WebCore::ScrollAnimator::create):
        * platform/ScrollAnimator.h:
        * platform/ScrollAnimatorNone.cpp:
        (WebCore::ScrollAnimator::create):
        * platform/ScrollableArea.h:
        * platform/ios/ScrollAnimatorIOS.mm:
        (WebCore::ScrollAnimator::create):
        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::ScrollAnimator::create):

2015-02-26  Andy Estes  <aestes@apple.com>

        [Content Filtering] Move another declaration to WebFilterEvaluatorSPI.h
        https://bugs.webkit.org/show_bug.cgi?id=142066

        Reviewed by Andreas Kling.

        * platform/ios/ContentFilterIOS.mm:
        * platform/spi/cocoa/WebFilterEvaluatorSPI.h:

2015-03-01  Chris Dumez  <cdumez@apple.com>

        Make NotificationCenter / Notification suspendable
        https://bugs.webkit.org/show_bug.cgi?id=142117
        <rdar://problem/19923085>

        Reviewed by Andreas Kling.

        Make NotificationCenter / Notification suspendable so that pages using
        them can enter the PageCache.

        NotificationCenter can safely be suspended if there are no pending
        permission requests. This required adding an
        "hasPendingPermissionRequests()" callback to the NotificationClient.

        Notification can safely be suspended if it is either idle (not showing
        yet) or closed.

        Tests: fast/history/page-cache-notification-non-suspendable.html
               fast/history/page-cache-notification-suspendable.html

        * Modules/notifications/Notification.cpp:
        (WebCore::Notification::canSuspend):
        * Modules/notifications/NotificationCenter.cpp:
        (WebCore::NotificationCenter::canSuspend):
        * Modules/notifications/NotificationClient.h:

2015-03-01  Ryosuke Niwa  <rniwa@webkit.org>

        isContentEditable shouldn't trigger synchronous style recalc in most cases
        https://bugs.webkit.org/show_bug.cgi?id=129034

        Reviewed by Antti Koivisto.

        Avoid style recalc inside isContentEditable when the document doesn't contain -webkit-user-modify or
        -webkit-user-select: all. Instead, compute the value from contenteditable attributes in ancestors.
        However, still compute the editability from the style tree when it's up-to-date in order to avoid
        repeatedly walking up the DOM tree in a hot code path inside editing.

        Test: fast/dom/HTMLElement/dynamic-editability-change.html

        * css/CSSGrammar.y.in: No need to pass in "true" as we never call this function with false.
        * css/CSSParser.cpp:
        (WebCore::isValidKeywordPropertyAndValue): Calls parserSetUsesStyleBasedEditability as needed.
        (WebCore::parseKeywordValue): Passes around StyleSheetContents*.
        (WebCore::CSSParser::parseValue): Ditto.
        (WebCore::CSSParser::parseFont): Ditto.

        * css/StyleSheetContents.cpp:
        (WebCore::StyleSheetContents::StyleSheetContents): Initializes and copies m_usesStyleBasedEditability.

        * css/StyleSheetContents.h:
        (WebCore::StyleSheetContents::parserSetUsesRemUnits): Removed the argument since it was always true.
        (WebCore::StyleSheetContents::parserSetUsesStyleBasedEditability): Added.
        (WebCore::StyleSheetContents::usesStyleBasedEditability): Added.

        * dom/Document.cpp:
        (WebCore::Document::recalcStyle): Added a FIXME as well as a comment explaining why we don't call
        setUsesStyleBasedEditability. Since Node::computeEditability triggers style recalc only when the flag
        is set to true, it's too late to update the flag here.
        (WebCore::Document::updateStyleIfNeeded): Uses a newly extracted needsStyleRecalc.
        (WebCore::Document::updateBaseURL): Preserves m_usesStyleBasedEditability as well as m_usesRemUnit.
        (WebCore::Document::usesStyleBasedEditability): Added. Returns true when inline style declarations or
        any active stylesheet uses -webkit-user-modify or -webkit-user-select: all. Flushing pending stylesheet
        changes here is fine because the alternative is to trigger a full blown style recalc.

        * dom/Document.h:
        (WebCore::Document::needsStyleRecalc): Added. Extracted from updateStyleIfNeeded.

        * dom/DocumentStyleSheetCollection.cpp:
        (WebCore::DocumentStyleSheetCollection::DocumentStyleSheetCollection):
        (WebCore::styleSheetsUseRemUnits): Deleted.
        (WebCore::DocumentStyleSheetCollection::updateActiveStyleSheets): Updates m_usesStyleBasedEditability
        as well as m_usesRemUnit.

        * dom/DocumentStyleSheetCollection.h:
        (WebCore::DocumentStyleSheetCollection::usesStyleBasedEditability): Added.
        (WebCore::DocumentStyleSheetCollection::setUsesStyleBasedEditability): Added.

        * dom/Node.cpp:
        (WebCore::computeEditabilityFromComputedStyle): Extracted from computeEditability.
        (WebCore::Node::computeEditability): When the style recalc is requested and the render tree is dirty,
        check if the document uses any CSS property that can affect the editability of elements. If it doesn't,
        compute the editability from contenteditable attributes in the anchors via matchesReadWritePseudoClass.
        Continue to use the style-based computation when the render tree isn't dirty to avoid the tree walk.

        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::editabilityFromContentEditableAttr): Extracted from matchesReadWritePseudoClass
        to be called in Node::computeEditability. Also made it return Editability instead of boolean.
        (WebCore::HTMLElement::matchesReadWritePseudoClass):
        * html/HTMLElement.h:

2015-03-01  Brent Fulgham  <bfulgham@apple.com>

        [Win] Unreviewed build fix.

        * WebCorePrefix.h: Provide some default definitions to help build on Windows
        machines with different application support libraries.

2015-02-28  Simon Fraser  <simon.fraser@apple.com>

        Viewport units should not dirty style just before we do layout
        https://bugs.webkit.org/show_bug.cgi?id=141682

        Reviewed by Zalan Bujtas.
        
        In documents using viewport units, we dirtied style every time layout changed
        the size of the document. This is nonsensical, because viewport units depend on the
        viewport size, not the document size.
        
        Move the style dirtying from layout() into availableContentSizeChanged(). Hook
        this up for WebKit1 by calling from -[WebFrameView _frameSizeChanged], and,
        since that causes availableContentSizeChanged() to be called for WK1 for the first
        time, protect the call to updateScrollbars() with a !platformWidget check.

        Covered by existing viewport unit tests.

        * page/FrameView.cpp:
        (WebCore::FrameView::layout):
        (WebCore::FrameView::availableContentSizeChanged):
        (WebCore::FrameView::viewportSizeForCSSViewportUnits): Add a FIXME comment. Whether
        scrollbars are ignored depends on the value of the overflow property on the root element.
        * page/FrameView.h:
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::availableContentSizeChanged):

2015-02-28  Andreas Kling  <akling@apple.com>

        [Cocoa] Purge SQLite page cache when under memory pressure.
        <https://webkit.org/b/142139>
        <rdar://problem/19997739>

        Reviewed by Pratik Solanki.

        Call out to sqlite3 cache purging SPI on Cocoa platforms when
        we need to free up some extra memory.

        * platform/cocoa/MemoryPressureHandlerCocoa.mm:
        (WebCore::MemoryPressureHandler::platformReleaseMemory):

2015-02-28  Simon Fraser  <simon.fraser@apple.com>

        FrameView::layoutTimerFired() should update style if needed before doing layout
        https://bugs.webkit.org/show_bug.cgi?id=141688

        Reviewed by Andreas Kling.

        If the style recalc timer has been scheduled to fire after the layout timer,
        when the layout timer fires, we might as well just do the style recalc
        too. The call to updateStyleIfNeeded() will cancel the pending style
        recalc timer.
        
        This doesn't have much impact on the number of layouts (measured via PLT)
        but seems like a reasonable thing to do.

        * page/FrameView.cpp:
        (WebCore::FrameView::layoutTimerFired):

2015-02-28  Simon Fraser  <simon.fraser@apple.com>

        Fullscreen video layers are off by one sometimes
        https://bugs.webkit.org/show_bug.cgi?id=142122
        rdar://problem/19878821

        Reviewed by Eric Carlson.

        Convert MediaPlayer::naturalSize() to return a FloatSize, since the natural size
        isn't always integral (because of preserving pixel aspect ratio etc). Fix all the media
        backends to use FloatSizes for natural size. Convert the video image drawing code
        paths to FloatSize, since naturalSize is used on the destination rect computation,
        and painting should be floating point anyway.
        
        Give the layer created by SourceBufferPrivateAVFObjC a name in debug builds.

        * html/HTMLVideoElement.cpp:
        (WebCore::HTMLVideoElement::videoWidth):
        (WebCore::HTMLVideoElement::videoHeight):
        (WebCore::HTMLVideoElement::paintCurrentFrameInContext):
        * html/HTMLVideoElement.h:
        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::size):
        (WebCore::CanvasRenderingContext2D::drawImage):
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::videoFrameToImage):
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::NullMediaPlayerPrivate::naturalSize):
        (WebCore::MediaPlayer::naturalSize):
        (WebCore::MediaPlayer::paint):
        (WebCore::MediaPlayer::paintCurrentFrameInContext):
        (WebCore::NullMediaPlayerPrivate::paint): Deleted.
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::paintCurrentFrameInContext):
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::naturalSize):
        (WebCore::MediaPlayerPrivateAVFoundation::setNaturalSize):
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::paintCurrentFrameInContext):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::paint):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::paintWithImageGenerator):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createImageForTimeInRect):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::tracksChanged):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::sizeChanged):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::paintWithVideoOutput):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::naturalSize):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::paint):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::paintCurrentFrameInContext):
        * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.mm:
        (WebCore::MediaSourcePrivateAVFObjC::naturalSize):
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::trackDidChangeEnabled):
        (WebCore::SourceBufferPrivateAVFObjC::naturalSize):
        * platform/graphics/avfoundation/objc/VideoTrackPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/VideoTrackPrivateMediaSourceAVFObjC.mm:
        (WebCore::VideoTrackPrivateMediaSourceAVFObjC::naturalSize):
        * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::naturalSize):
        (WebCore::MediaPlayerPrivateQTKit::paintCurrentFrameInContext):
        (WebCore::MediaPlayerPrivateQTKit::paint):
        * platform/mock/mediasource/MockMediaPlayerMediaSource.cpp:
        (WebCore::MockMediaPlayerMediaSource::naturalSize):
        (WebCore::MockMediaPlayerMediaSource::paint):
        * platform/mock/mediasource/MockMediaPlayerMediaSource.h:
        * rendering/RenderVideo.cpp:
        (WebCore::RenderVideo::calculateIntrinsicSize):
        (WebCore::RenderVideo::paintReplaced):

2015-02-27  Hunseop Jeong  <hs85.jeong@samsung.com>

        [EFL][GTK] Fix build break after r180790,180798
        https://bugs.webkit.org/show_bug.cgi?id=142127

        Reviewed by Gyuyoung Kim.

        * platform/graphics/cairo/PathCairo.cpp:
        (WebCore::Path::addEllipse):

2015-02-27  Zalan Bujtas  <zalan@apple.com>

        Subpixel-layout: width: max-content; property might cause unnecessary scrollbar.
        https://bugs.webkit.org/show_bug.cgi?id=142065

        Reviewed by Simon Fraser.

        We should not pixelsnap (ceil in this case) logical coordinates during layout.
        Should this cause content to be partially cut off, we need to
        find the broken piece in the computation logic.

        Covered by the unskipped test.

        * rendering/RootInlineBox.cpp:
        (WebCore::RootInlineBox::paddedLayoutOverflowRect):

2015-02-27  Ryosuke Niwa  <rniwa@webkit.org>

        Node::hasEditableStyle and isEditablePosition have too many options
        https://bugs.webkit.org/show_bug.cgi?id=142078

        Reviewed by Andreas Kling.

        Moved the code that dealt with accessibility to htmlediting.cpp from Node. This patch introduces
        new editing helper functions hasEditableStyle and isEditableNode for this purpose.

        Also removed UserSelectAllTreatment from isContentEditable's arguments in the favor of using
        newly extracted computeEditability in call sites that specify this option since isContentEditable
        is a public DOM API.

        No new tests since there should be no observable behavior changes.

        * accessibility/AXObjectCache.h: Removed the declaration of an undefined function.

        * dom/Element.cpp:
        (WebCore::Element::shouldUseInputMethod): Uses newly added computeEditability.

        * dom/Node.cpp:
        (WebCore::Node::isContentEditable): Ditto. No longer takes UserSelectAllTreatment as an argument.
        (WebCore::Node::isContentRichlyEditable): Ditto.
        (WebCore::Node::computeEditability): Renamed from hasEditableStyle to avoid the confusion with
        a helper function of the same name. Added ShouldUpdateStyle as an argument to optionally update
        style tree. Also returns tri-state Editability enum instead of returning a boolean based on
        the value of EditableLevel argument.
        (WebCore::Node::isEditableToAccessibility): Moved to htmlediting.cpp.
        (WebCore::Node::willRespondToMouseClickEvents): Uses newly added computeEditability.
        (WebCore::Node::rootEditableElement): Moved to htmlediting.cpp.

        * dom/Node.h: No longer includes EditingBoundary.h.
        (WebCore::Node::isContentEditable):
        (WebCore::Node::hasEditableStyle): No longer takes EditableType as an argument.
        (WebCore::Node::hasRichlyEditableStyle): Ditto.

        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::removeInlineStyleFromElement): Uses newly added isEditableNode.
        (WebCore::ApplyStyleCommand::surroundNodeRangeWithElement): Ditto.
        * editing/DeleteFromTextNodeCommand.cpp:
        (WebCore::DeleteFromTextNodeCommand::doApply): Ditto.
        * editing/FrameSelection.cpp:
        (WebCore::CaretBase::invalidateCaretRect): Ditto.
        * editing/InsertNodeBeforeCommand.cpp:
        (WebCore::InsertNodeBeforeCommand::doApply): Ditto.
        (WebCore::InsertNodeBeforeCommand::doUnapply): Ditto.
        * editing/RemoveNodeCommand.cpp:
        (WebCore::RemoveNodeCommand::doApply): Ditto.

        * editing/VisibleSelection.cpp:
        (WebCore::VisibleSelection::hasEditableStyle): Since this is the only caller of isEditablePosition
        which sets DoNotUpdateStyle, directly call hasEditableStyle on the container node instead. This was
        not possible prior to r180726 because isEditablePosition had to move out of tables.

        * editing/VisibleUnits.cpp:
        (WebCore::previousLeafWithSameEditability): Uses newly added hasEditableStyle.
        (WebCore::nextLeafWithSameEditability): Ditto.
        (WebCore::rootEditableOrDocumentElement): Extracted from previousLinePosition. Use helper functions
        in htmlediting.cpp instead of member functions of Node since they no longer support EditableType.
        (WebCore::previousLinePosition):
        (WebCore::nextLinePosition):

        * editing/htmlediting.cpp:
        (WebCore::highestEditableRoot): Uses newly added hasEditableStyle.
        (WebCore::isEditableToAccessibility): Moved from Node.
        (WebCore::computeEditability): Extracted from isEditablePosition.
        (WebCore::hasEditableStyle): Added.
        (WebCore::isEditableNode): Added.
        (WebCore::isEditablePosition): Now calls computeEditability.
        (WebCore::isRichlyEditablePosition): No longer takes EditableType since that variant was never used.
        (WebCore::editableRootForPosition): Moved the code from Node::rootEditableElement.

        * editing/htmlediting.h:

2015-02-27  Chris Dumez  <cdumez@apple.com>

        Make ActiveDOMObject::canSuspend() pure virtual
        https://bugs.webkit.org/show_bug.cgi?id=142096
        <rdar://problem/19923085>

        Reviewed by Andreas Kling.

        Make ActiveDOMObject::canSuspend() pure virtual so that people at least
        try to provide an implementation for it. The default implementation was
        returning false unconditionally and thus was preventing pages from
        entering the PageCache.

2015-02-27  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r180203 and r180210.
        https://bugs.webkit.org/show_bug.cgi?id=142116

        broke process suspension and tile map (Requested by thorton on
        #webkit).

        Reverted changesets:

        "Adopt CAMachPort-as-layer-contents"
        https://bugs.webkit.org/show_bug.cgi?id=141687
        http://trac.webkit.org/changeset/180203

        "Fix the !USE(IOSURFACE) build"
        http://trac.webkit.org/changeset/180210

2015-02-27  Sam Weinig  <sam@webkit.org>

        Add WebKit2 SPI to create a DOM File object
        https://bugs.webkit.org/show_bug.cgi?id=142109

        Reviewed by Tim Horton.

        * WebCore.xcodeproj/project.pbxproj:
        Make <WebCore/File.h> (and associated files) available to WebKit2.

2015-02-27  Myles C. Maxfield  <mmaxfield@apple.com>

        [Subpixel] Subpixelize RenderListMarker
        https://bugs.webkit.org/show_bug.cgi?id=142093

        Reviewed by Zalan Bujtas.

        Use floats instead of ints.

        Test: fast/lists/rtl-marker.html

        * rendering/RenderListMarker.cpp:
        (WebCore::RenderListMarker::paint):
        (WebCore::RenderListMarker::updateContent):
        (WebCore::RenderListMarker::getRelativeMarkerRect):
        * rendering/RenderListMarker.h:

2015-02-27  Timothy Horton  <timothy_horton@apple.com>

        <attachment> should be selected immediately upon click, and be drag/copyable upon click
        https://bugs.webkit.org/show_bug.cgi?id=142114
        <rdar://problem/19982520>

        Reviewed by Enrica Casucci.

        * css/html.css:
        (attachment):
        Make attachment use 'user-select: all' to act as a single click-to-select unit.

        * html/HTMLAttachmentElement.cpp:
        (WebCore::HTMLAttachmentElement::setFocus): Deleted.
        * html/HTMLAttachmentElement.h:
        * rendering/RenderAttachment.cpp:
        (WebCore::RenderAttachment::isFocused): Deleted.
        (WebCore::RenderAttachment::focusChanged): Deleted.
        * rendering/RenderAttachment.h:
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::paintAttachment):
        Remove focus-related code; instead of focusing the element upon click,
        we get a selection including just the <attachment>, and everything
        behaves much more consistently (copy works, drag works, etc.).

2015-02-27  Myles C. Maxfield  <mmaxfield@apple.com>

        [iOS] Some MathML tests crash in RenderMathMLOperator::advanceForGlyph() or boundsForGlyph()
        https://bugs.webkit.org/show_bug.cgi?id=141371

        Reviewed by David Kilzer.

        Null checks.

        Covered by existing mathml tests.

        * rendering/mathml/RenderMathMLOperator.cpp:
        (WebCore::RenderMathMLOperator::boundsForGlyph):
        (WebCore::RenderMathMLOperator::advanceForGlyph):
        (WebCore::RenderMathMLOperator::getDisplayStyleLargeOperator):

2015-02-27  Chris Dumez  <cdumez@apple.com>

        Make SourceBuffer ActiveDOMObject suspendable
        https://bugs.webkit.org/show_bug.cgi?id=142108
        <rdar://problem/19923085>

        Reviewed by Jer Noble.

        Make SourceBuffer ActiveDOMObject suspendable if it is removed from its
        MediaSource and does not have any pending events. This makes it more
        likely for pages using SourceBuffer objects to go into the PageCache.

        Test: fast/history/page-cache-removed-source-buffer.html

        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::canSuspend):
        * Modules/mediasource/SourceBuffer.h:

2015-02-26  Sam Weinig  <sam@webkit.org>

        Add support for canvas ellipse method
        https://bugs.webkit.org/show_bug.cgi?id=82791
        <rdar://problem/11159172>

        Reviewed by Dirk Schulze.

        Tests: fast/canvas/canvas-ellipse-360-winding.html
               fast/canvas/canvas-ellipse-circumference-fill.html
               fast/canvas/canvas-ellipse-circumference.html
               fast/canvas/canvas-ellipse-connecting-line.html
               fast/canvas/canvas-ellipse-negative-radius.html
               fast/canvas/canvas-ellipse-zero-lineto.html
               fast/canvas/canvas-ellipse.html

        * html/canvas/CanvasPathMethods.h:
        * html/canvas/CanvasPathMethods.cpp:
        (WebCore::CanvasPathMethods::lineTo):
        Convenience for passing a FloatPoint instead of two floats.

        (WebCore::normalizeAngles):
        Normalizes the angles as described in the HTML spec. Ensuring the startAngle
        is greater than 0 and less than 2pi, and the the endAngle is at most 2pi
        from the start angle.

        (WebCore::CanvasPathMethods::arc):
        - Renames some of the parameters to be clearer.
        - Normalizes the angles for consistency with ellipse.
        - Moves hasInvertibleTransform() higher in the function for consistency.

        (WebCore::CanvasPathMethods::ellipse): Added.

        * html/canvas/CanvasRenderingContext2D.idl:
        * html/canvas/DOMPath.idl:
        Add ellipse(...).

        * platform/graphics/Path.h:
        * platform/graphics/cg/PathCG.cpp:
        (WebCore::Path::addArc):
        Rename parameters for clarity and use a nullptr.

        (WebCore::Path::addEllipse):
        Added. Constructs an ellipse via a transformed arc.

2015-02-27  Enrica Casucci  <enrica@apple.com>

        Adding support for serializing HTMLAttachment elements.
        https://bugs.webkit.org/show_bug.cgi?id=142026

        Reviewed by Tim Horton.

        Test: editing/pasteboard/copy-paste-attachment.html

        Adding support to serialize the attachment element
        and properly handle it when converting a DOM range
        to NSAttributedString.

        * editing/cocoa/HTMLConverter.mm:
        (HTMLConverter::_processElement):
        * editing/markup.cpp:
        (WebCore::StyledMarkupAccumulator::appendCustomAttributes): Create new attribute
        for attachment element when serializating.
        (WebCore::StyledMarkupAccumulator::appendElement):
        (WebCore::createFragmentFromMarkup): Remove the attribute from the attachment element
        when creating the fragment.
        * html/HTMLAttachmentElement.cpp:
        (WebCore::HTMLAttachmentElement::file): Added const to file() to
        use it in appendCustonAttributes where the element is a const reference.
        * html/HTMLAttachmentElement.h:
        * html/HTMLAttributeNames.in:

2015-02-27  Timothy Horton  <timothy_horton@apple.com>

        <attachment> should have an inactive style (gray in background)
        https://bugs.webkit.org/show_bug.cgi?id=142103
        <rdar://problem/19982486>

        Reviewed by Dan Bernstein.

        * rendering/RenderThemeMac.mm:
        (WebCore::attachmentLabelInactiveBackgroundColor):
        (WebCore::attachmentLabelInactiveTextColor):
        (WebCore::RenderThemeMac::paintAttachmentLabelBackground):
        (WebCore::RenderThemeMac::paintAttachmentLabel):
        Use a gray background and gray text when the selection containing the
        attachment isn't focused and active.

2015-02-27  Brady Eidson  <beidson@apple.com>

        Add a "block-cookies" rule to the user content filter.
        https://bugs.webkit.org/show_bug.cgi?id=142105

        Reviewed by Alex Christensen.

        Tests: http/tests/usercontentfilter/block-cookies-basic.html
               http/tests/usercontentfilter/block-cookies-send.html

        * contentextensions/ContentExtensionRule.h:

        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::actionForURL):
        (WebCore::ContentExtensions::ContentExtensionsBackend::shouldBlockURL): Deleted.
        * contentextensions/ContentExtensionsBackend.h:

        * contentextensions/ContentExtensionsManager.cpp:
        (WebCore::ContentExtensions::ExtensionsManager::loadAction):

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):

        * page/UserContentController.cpp:
        (WebCore::UserContentController::actionForURL):
        (WebCore::UserContentController::contentFilterBlocksURL): Deleted.
        * page/UserContentController.h:

2015-02-27  Alex Christensen  <achristensen@webkit.org>

        [WinCairo] Unreviewed build fix.

        * platform/graphics/BitmapImage.h:
        * platform/win/BitmapInfo.h:
        Added WEBCORE_EXPORT.

2015-02-27  Timothy Horton  <timothy_horton@apple.com>

        <attachment>'s label baseline should match that of the surrounding text
        https://bugs.webkit.org/show_bug.cgi?id=142099
        rdar://problem/19982495

        Reviewed by Dan Bernstein.

        * rendering/RenderAttachment.cpp:
        (WebCore::RenderAttachment::baselinePosition):
        * rendering/RenderAttachment.h:
        Override baselinePosition and retrieve it from RenderTheme.

        * rendering/RenderTheme.h:
        (WebCore::RenderTheme::attachmentBaseline):
        * rendering/RenderThemeMac.h:
        * rendering/RenderThemeMac.mm:
        (WebCore::AttachmentLayout::AttachmentLayout):
        (WebCore::RenderThemeMac::attachmentBaseline):
        Plumb the label baseline from AttachmentLayout to RenderAttachment.

2015-02-27  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r180752.
        https://bugs.webkit.org/show_bug.cgi?id=142098

        Causes 10 SVG test failures on Windows. (Requested by
        bfulgham_ on #webkit).

        Reverted changeset:

        "Cache glyph widths to GlyphPages"
        https://bugs.webkit.org/show_bug.cgi?id=142028
        http://trac.webkit.org/changeset/180752

2015-02-27  David Kilzer  <ddkilzer@apple.com>

        [iOS] Fix build by defining EAGL_IOSURFACE macro before including <OpenGLES/EAGLPrivate.h>

        * platform/spi/ios/OpenGLESSPI.h:  Define EAGL_IOSURFACE macro
        until header refactoring is completed.

2015-02-27  Chris Dumez  <cdumez@apple.com>

        MediaSource should be suspendable when closed
        https://bugs.webkit.org/show_bug.cgi?id=142089
        <rdar://problem/19923085>

        Reviewed by Jer Noble.

        Make MediaSource ActiveDOMObject suspendable when it is in closed state
        and it has no pending events. This increases the likelihood of pages
        using MediaSource to enter the PageCache.

        Tests: fast/history/page-cache-media-source-closed-2.html
               fast/history/page-cache-media-source-closed.html
               fast/history/page-cache-media-source-opened.html

2015-02-27  Andreas Kling  <akling@apple.com>

        Use NeverDestroyed for JS wrapper owners.
        <https://webkit.org/b/142090>

        Reviewed by Chris Dumez.

        Using NeverDestroyed puts these objects in BSS which is preferable
        since that prevents them from pinning down entire malloc pages forever.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader): Use NeverDestroyed instead of DEPRECATED_DEFINE_STATIC_LOCAL.

        * bindings/scripts/test/JS/*: Rebaseline bindings tests for this change.

2015-02-27  Chris Dumez  <cdumez@apple.com>

        Make IDBDatabase / IDBRequest suspendable
        https://bugs.webkit.org/show_bug.cgi?id=142076
        <rdar://problem/19923085>

        Reviewed by Andreas Kling.

        Make IDBDatabase / IDBRequest suspendable under certain conditions to
        make it more likely for pages using indexeddb to enter the PageCache.

        IDBDatabase is safely suspendable if the database is closed. IDBRequest
        is safely suspendable if the request no longer has any pending activity
        (i.e. state is DONE and success / failure handler was called). We may
        be able to do better later but this is the bare minimum for now.

        Tests: fast/history/page-cache-indexed-closed-db.html
               fast/history/page-cache-indexed-opened-db.html

        * Modules/indexeddb/IDBDatabase.cpp:
        (WebCore::IDBDatabase::IDBDatabase):
        (WebCore::IDBDatabase::closeConnection):
        (WebCore::IDBDatabase::enqueueEvent):
        (WebCore::IDBDatabase::canSuspend):
        * Modules/indexeddb/IDBDatabase.h:
        * Modules/indexeddb/IDBRequest.cpp:
        (WebCore::IDBRequest::canSuspend):
        * Modules/indexeddb/IDBRequest.h:

2015-02-27  Chris Dumez  <cdumez@apple.com>

        Drop unnecessary DatabaseManager::hasOpenDatabases() in PageCache::canCachePageContainingThisFrame()
        https://bugs.webkit.org/show_bug.cgi?id=142052

        Reviewed by Andreas Kling.

        Drop WebDatabase special-handling from PageCache::canCachePageContainingThisFrame().
        DatabaseContext is already an ActiveDOMObject and DatabaseContext::canSuspend() was
        returning false so pages using WebDatabase would never enter the PageCache anyway.

        This patch also overrides ActiveDOMObject::canSuspend() in DatabaseContext to only
        return false when there are open databases. This check is now equivalent to the one
        that was in PageCache.

        An issue that remains is that DatabaseContext::m_hasOpenDatabases is never reset
        to false so once a page opened a database, it will never be page-cacheable. This
        will be taken care of separately though.

        Test: fast/history/page-cache-webdatabase-opened-db.html

        * Modules/webdatabase/DatabaseContext.cpp:
        (WebCore::DatabaseContext::canSuspend):
        * Modules/webdatabase/DatabaseContext.h:
        * history/PageCache.cpp:
        (WebCore::logCanCacheFrameDecision):
        (WebCore::PageCache::canCachePageContainingThisFrame):
        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::hasOpenDatabasesKey): Deleted.
        * page/DiagnosticLoggingKeys.h:

2015-02-27  Alex Christensen  <achristensen@webkit.org>

        Compile DFA to bytecode.
        https://bugs.webkit.org/show_bug.cgi?id=142031

        Reviewed by Benjamin Poulain.

        * WebCore.xcodeproj/project.pbxproj:
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::setRuleList):
        (WebCore::ContentExtensions::ContentExtensionsBackend::shouldBlockURL):
        * contentextensions/ContentExtensionsBackend.h:
        * contentextensions/DFA.cpp:
        (WebCore::ContentExtensions::DFA::nextState): Deleted.
        (WebCore::ContentExtensions::DFA::actions): Deleted.
        * contentextensions/DFA.h:
        (WebCore::ContentExtensions::DFA::size):
        (WebCore::ContentExtensions::DFA::nodeAt):
        * contentextensions/DFABytecode.h: Added.
        (WebCore::ContentExtensions::instructionSizeWithArguments):
        * contentextensions/DFABytecodeCompiler.cpp: Added.
        (WebCore::ContentExtensions::append):
        (WebCore::ContentExtensions::set32Bits):
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitAppendAction):
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitJump):
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitCheckValue):
        (WebCore::ContentExtensions::DFABytecodeCompiler::emitTerminate):
        (WebCore::ContentExtensions::DFABytecodeCompiler::reserveBufferCapacity):
        (WebCore::ContentExtensions::DFABytecodeCompiler::compileNode):
        (WebCore::ContentExtensions::DFABytecodeCompiler::compile):
        * contentextensions/DFABytecodeCompiler.h: Added.
        (WebCore::ContentExtensions::DFABytecodeCompiler::DFABytecodeCompiler):
        * contentextensions/DFABytecodeInterpreter.cpp: Added.
        (WebCore::ContentExtensions::getBits):
        (WebCore::ContentExtensions::DFABytecodeInterpreter::interpret):
        * contentextensions/DFABytecodeInterpreter.h: Added.
        (WebCore::ContentExtensions::DFABytecodeInterpreter::DFABytecodeInterpreter):

2015-02-27  Zalan Bujtas  <zalan@apple.com>

        Use after free in WebCore::RenderNamedFlowFragment::restoreRegionObjectsOriginalStyle
        https://bugs.webkit.org/show_bug.cgi?id=138366

        Reviewed by Dave Hyatt.

        This patch ensures that we clean up RenderNamedFlowFragment::m_renderObjectRegionStyle when embedded flow content is getting destroyed.

        In m_renderObjectRegionStyle hash map, we store style information about the named flow's descendant children.
        When a child is being detached from the tree, it removes itself from this hashmap.
        We do it by traversing up on the ancestor chain and call removeFlowChildInfo() on the parent flow.
        However in case of embedded flows (for example multicolumn content inside a region), we need to check whether the parent flow
        is inside a flow too and continue the cleanup accordingly.

        Test: fast/regions/region-with-multicolumn-embedded-crash.html

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::removeFromRenderFlowThreadIncludingDescendants):

2015-02-27  Brady Eidson  <beidson@apple.com>

        Add API to remove a single content filter.
        <rdar://problem/19977764> and https://bugs.webkit.org/show_bug.cgi?id=142088

        Reviewed by Sam Weinig.

        * page/UserContentController.cpp:
        (WebCore::UserContentController::removeUserContentFilter):
        * page/UserContentController.h:

2015-02-26  Brent Fulgham  <bfulgham@apple.com>

        [Win] Remove remaining SafariTheme cruft
        https://bugs.webkit.org/show_bug.cgi?id=142075

        Reviewed by Anders Carlsson.

        Remove reference to SafariTheme-switching preference.

        Tested by existing layout tests.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * config.h:
        * page/Settings.cpp:
        (WebCore::Settings::fontRenderingMode):
        (WebCore::Settings::setShouldPaintNativeControls): Deleted.
        * page/Settings.h:
        (WebCore::Settings::shouldPaintNativeControls): Deleted.
        * platform/win/ScrollbarThemeWin.cpp:
        (WebCore::ScrollbarTheme::nativeTheme):
        * rendering/RenderThemeWin.cpp:
        (WebCore::RenderTheme::themeForPage):

2015-02-27  Myles C. Maxfield  <mmaxfield@apple.com>

        Add comment about CSS value name mangling

        Unreviewed

        * css/CSSParser.cpp:
        (WebCore::cssValueKeywordID):

2015-02-27  Antti Koivisto  <antti@apple.com>

        Cache glyph widths to GlyphPages
        https://bugs.webkit.org/show_bug.cgi?id=142028

        Reviewed by Andreas Kling.

        Currently we have a separate cache in Font for glyph widths. In practice we always need
        the widths so we can just cache them in GlyphPages. This simplifies the code and removes
        a per-character hash lookup from WidthIterator.

        * platform/graphics/Font.cpp:
        (WebCore::Font::Font):
        (WebCore::Font::initCharWidths):
        (WebCore::Font::platformGlyphInit):
        (WebCore::createAndFillGlyphPage):
        (WebCore::Font::computeWidthForGlyph):

            Rename to make it clear this doesn't cache.

        (WebCore::GlyphPage::setGlyphDataForIndex):

            Initialize the width.
            This could go to GlyphPage.cpp if we had one.

        * platform/graphics/Font.h:
        (WebCore::Font::glyphZeroWidth):
        (WebCore::Font::isZeroWidthSpaceGlyph):
        (WebCore::Font::zeroGlyph): Deleted.
        (WebCore::Font::setZeroGlyph): Deleted.
        (WebCore::Font::widthForGlyph): Deleted.
        * platform/graphics/FontCascade.cpp:
        (WebCore::offsetToMiddleOfGlyph):
        * platform/graphics/FontCascadeFonts.cpp:
        (WebCore::FontCascadeFonts::glyphDataForCharacter):
        * platform/graphics/GlyphPage.h:
        (WebCore::GlyphData::GlyphData):

            Return width too as part of GlyphData.

        (WebCore::GlyphPage::glyphDataForIndex):
        (WebCore::GlyphPage::setGlyphDataForCharacter):
        (WebCore::GlyphPage::setGlyphDataForIndex):
        (WebCore::GlyphPage::GlyphPage):
        * platform/graphics/WidthIterator.cpp:
        (WebCore::WidthIterator::advanceInternal):

            No need to lookup width separately now.

        * platform/graphics/mac/ComplexTextController.cpp:
        (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
        * platform/graphics/mac/ComplexTextControllerCoreText.mm:
        (WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun):
        * rendering/mathml/RenderMathMLOperator.cpp:
        (WebCore::RenderMathMLOperator::advanceForGlyph):
        * rendering/svg/SVGTextRunRenderingContext.cpp:
        (WebCore::missingGlyphForFont):
        * svg/SVGFontData.cpp:
        (WebCore::SVGFontData::initializeFont):

2015-02-26  Alexey Proskuryakov  <ap@apple.com>

        iOS build fix after r180717.

        * Modules/webdatabase/DatabaseThread.cpp: (WebCore::DatabaseUnpauseTask::doPerformTask):

2015-02-26  Ryosuke Niwa  <rniwa@webkit.org>

        isEditablePosition and related functions shouldn't move position out of table
        https://bugs.webkit.org/show_bug.cgi?id=129200

        Reviewed by Darin Adler.

        This patch removes the legacy editing position for elements display: table in its computed style.
        Previously, we used (table, 0) and (table, !0) to denote positions immediately before and after
        such an element for historical reasons. This forced us to update the style tree before computing
        the editability of a position because we have to check the editability of the position outside
        the element with display: table if the position was using such a legacy editing position.
        e.g. if a table was not editable (contenteditable=false), the position before the table (table, 0)
        should still be considered editable if the parent node of the table was editable.

        This patch replaces such a legacy editing position by using modern position types:
        PositionIsBeforeAnchor and PositionIsAfterAnchor.

        No new tests since there should be no change in the user perceived editing operations.

        * dom/Position.cpp:
        (WebCore::Position::previous): Setup the node and the offset correctly when the original position's
        type is PositionIsBeforeAnchor. Also return a position before or after node when the node we found
        is "atomic" (e.g. input, img, br, etc...) or it's a table. This avoids creating a legacy editing
        position inside a table.
        (WebCore::Position::next): Ditto.
        (WebCore::Position::atStartOfTree): Use atFirstEditingPositionForNode, which takes care of all types
        of positions.
        (WebCore::Position::atEndOfTree): Ditto.
        (WebCore::Position::downstream): Return a position before a node instead of a legacy editing position
        for an atomic element or a table element as done in the equivalent code in Position::upstream.
        (WebCore::Position::isCandidate): Don't treat a position inside a table to be a candidate. e.g.
        (table, 1) when there are more than two children of the table.

        * dom/PositionIterator.cpp:
        (WebCore::PositionIterator::operator Position): PositionIterator internally uses legacy editing
        positions. So convert it to a modern position by returning a position before or after a table here.
        * editing/ApplyBlockElementCommand.cpp:
        (WebCore::ApplyBlockElementCommand::formatSelection): Check that the unsplittable element we found
        is actually empty before executing the simple code path for an empty unsplittable element. Without
        this check, block formatting a table element will fail.

        * editing/htmlediting.cpp:
        (WebCore::isEditablePosition): Use containerNode instead of deprecatedNode because the editability
        of a position before or after an element is determined by its parent, not the element itself.
        (WebCore::isAtUnsplittableElement): Ditto.
        (WebCore::isRichlyEditablePosition): Ditto. Removed the code that moved the starting node out of
        an element with display: table. This is the code removal for which this patch was made.
        (WebCore::editableRootForPosition): Ditto.

2015-02-26  Timothy Horton  <timothy_horton@apple.com>

        Implement <attachment> element appearance on Mac
        https://bugs.webkit.org/show_bug.cgi?id=142023

        Reviewed by Dean Jackson.

        * css/CSSParser.cpp:
        (WebCore::isValidKeywordPropertyAndValue):
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        * css/CSSValueKeywords.in:
        * css/html.css:
        (attachment):
        * platform/ThemeTypes.h:
        Add a new -webkit-appearance value, attachment.

        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLAttachmentElement.cpp:
        (WebCore::HTMLAttachmentElement::setFile):
        Let the renderer know when the file changes (so it can relayout and repaint).

        (WebCore::HTMLAttachmentElement::filePath):
        (WebCore::HTMLAttachmentElement::fileName):
        * html/HTMLAttachmentElement.h:
        Handy acccessors for the full path and the name of the file.

        * platform/spi/mac/IconServicesSPI.h: Added.
        * platform/spi/mac/LaunchServicesSPI.h: Added.
        Add some IconServices and LaunchServices SPI headers.

        * rendering/RenderAttachment.cpp:
        (WebCore::RenderAttachment::RenderAttachment):
        Don't have a default intrinsic size; we'll adjust in layout().

        (WebCore::RenderAttachment::isSelected):
        (WebCore::RenderAttachment::isFocused):
        (WebCore::RenderAttachment::isSelectedOrFocused):
        Factor out from paintReplaced().

        (WebCore::RenderAttachment::layout):
        Use RenderTheme to compute the intrinsic size of this attachment.

        (WebCore::RenderAttachment::paintReplaced):
        Use RenderTheme to paint the attachment.

        (WebCore::RenderAttachment::representedFileChanged):
        When the represented file changes, we need to recompute the intrinsic size and repaint.

        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::adjustStyle):
        (WebCore::RenderTheme::paint):
        (WebCore::RenderTheme::adjustAttachmentStyle):
        (WebCore::RenderTheme::paintAttachment):
        Plumb through the attachment appearance.

        * rendering/RenderAttachment.h:
        * rendering/RenderTheme.h:
        (WebCore::RenderTheme::paintAttachment):
        (WebCore::RenderTheme::attachmentIntrinsicSize):
        * rendering/RenderThemeMac.h:
        * rendering/RenderThemeMac.mm:
        (WebCore::attachmentIconBackgroundColor):
        (WebCore::attachmentIconBorderColor):
        (WebCore::AttachmentLayout):
        AttachmentLayout lays out the innards of the RenderThemeMac attachment
        presentation: an icon with an optional bordered background, with a label
        underneath it with an optional background.

        (WebCore::RenderThemeMac::attachmentIntrinsicSize):
        (WebCore::paintAttachmentIconBackground):
        (WebCore::paintAttachmentIcon):
        (WebCore::RenderThemeMac::paintAttachmentLabelBackground):
        (WebCore::RenderThemeMac::paintAttachmentLabel):
        (WebCore::RenderThemeMac::paintAttachment):
        Paint the attachment element. Paint the optional backgrounds (and swap
        out the text color) if the element is selected/focused.

2015-02-26  Doug Russell  <d_russell@apple.com>

        AX: Expose caret browsing preference to accessibility API
        https://bugs.webkit.org/show_bug.cgi?id=141862

        Reviewed by Chris Fleizach.

        Exposing the caret browsing setting on WebCore::Frame via the accessibility API would allow assistive tech apps to enable it contextually (for example, when the assistive tech app is running).
        Enabling caret browsing when assistive tech apps are running greatly improves the reliability of keyboard navigation on the web. Most especially in cases where selection would be disrupted by focus events.

        Tests: platform/mac/accessibility/caret-browsing-arrow-nav.html
               platform/mac/accessibility/caret-browsing-attribute.html
               platform/mac/accessibility/caret-browsing-tab-selection.html

        * accessibility/AccessibilityObject.h:
        * accessibility/mac/AccessibilityObjectMac.mm:
        (WebCore::AccessibilityObject::caretBrowsingEnabled):
        (WebCore::AccessibilityObject::setCaretBrowsingEnabled):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeNames]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
        (-[WebAccessibilityObjectWrapper accessibilityIsAttributeSettable:]):
        (-[WebAccessibilityObjectWrapper _accessibilitySetValue:forAttribute:]):
        (-[WebAccessibilityObjectWrapper _accessibilitySetTestValue:forAttribute:]):

2015-02-26  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Remove unnecessary create() factory functions
        https://bugs.webkit.org/show_bug.cgi?id=142039

        Reviewed by Chris Dumez.

        Clean up remaining JSCryptoKeySerializationJWK::create, HTMLMediaSession::create,
        and DatabaseUnpauseTask::create.

        * Modules/webdatabase/DatabaseThread.cpp:
        (WebCore::DatabaseUnpauseTask::DatabaseUnpauseTask):
        (WebCore::DatabaseThread::setPaused):
        (WebCore::DatabaseUnpauseTask::create): Deleted.
        * bindings/js/JSCryptoKeySerializationJWK.h:
        * bindings/js/JSSubtleCryptoCustom.cpp:
        (WebCore::importKey):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement):
        * html/HTMLMediaSession.cpp:
        (WebCore::HTMLMediaSession::create): Deleted.
        * html/HTMLMediaSession.h:

2015-02-26  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Save Console Evaluations into Command Line variables $1-$99 ($n)
        https://bugs.webkit.org/show_bug.cgi?id=142061

        Reviewed by Timothy Hatcher.

        * inspector/CommandLineAPIModuleSource.js:
        Replace $1-$4 "inspected objects" with $1-$99 "saved results".

        * bindings/js/JSCommandLineAPIHostCustom.cpp:
        (WebCore::JSCommandLineAPIHost::inspectedObject):
        * inspector/CommandLineAPIHost.cpp:
        (WebCore::CommandLineAPIHost::CommandLineAPIHost):
        (WebCore::CommandLineAPIHost::InspectableObject::get):
        (WebCore::CommandLineAPIHost::addInspectedObject):
        (WebCore::CommandLineAPIHost::inspectedObject):
        (WebCore::CommandLineAPIHost::clearInspectedObjects): Deleted.
        * inspector/CommandLineAPIHost.h:
        * inspector/CommandLineAPIHost.idl:
        Since we now just save the single $0 inspected object, eliminate
        keeping track of a list of 5 values.

2015-02-26  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Remove unnecessary create() factory functions in CDMFoo, NamedNodeMap
        https://bugs.webkit.org/show_bug.cgi?id=141902

        Reviewed by Darin Adler.

        Create instance using std::make_unique<> in CDMFactory directly. To do that,
        CDMFactory uses lambdas. Additionally this patch removes NamedNodeMap::create() as well.

        No new tests, no behavior changes.

        * Modules/encryptedmedia/CDM.cpp:
        (WebCore::installedCDMFactories):
        * Modules/encryptedmedia/CDM.h:
        * Modules/encryptedmedia/CDMPrivateClearKey.h:
        (WebCore::CDMPrivateClearKey::CDMPrivateClearKey):
        (WebCore::CDMPrivateClearKey::create): Deleted.
        * Modules/encryptedmedia/CDMPrivateMediaPlayer.h:
        (WebCore::CDMPrivateMediaPlayer::create): Deleted.
        * dom/Element.cpp:
        (WebCore::Element::attributes):
        * dom/NamedNodeMap.h:
        (WebCore::NamedNodeMap::NamedNodeMap):
        (WebCore::NamedNodeMap::create): Deleted.
        * platform/graphics/avfoundation/CDMPrivateMediaSourceAVFObjC.h:
        (WebCore::CDMPrivateMediaSourceAVFObjC::create): Deleted.

2015-02-26  Andy Estes  <aestes@apple.com>

        [Content Filtering] Move WebFilterEvaluator and NEFilterSource declarations to SPI headers
        https://bugs.webkit.org/show_bug.cgi?id=142062

        Reviewed by Daniel Bates.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/mac/ContentFilterMac.mm:
        * platform/spi/cocoa/NEFilterSourceSPI.h: Added.
        * platform/spi/cocoa/WebFilterEvaluatorSPI.h: Added.

2015-02-26  Anders Carlsson  <andersca@apple.com>

        Add API to remove all website data for the given data records
        https://bugs.webkit.org/show_bug.cgi?id=142060

        Reviewed by Beth Dakin.

        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::removeResourcesWithOrigins):
        New function that removes all resources that match the set of origins in a given session.

2015-02-26  Chris Dumez  <cdumez@apple.com>

        Rename DatabaseManager::manager() to DatabaseManager::singleton()
        https://bugs.webkit.org/show_bug.cgi?id=142054

        Reviewed by Ryosuke Niwa.

        Rename DatabaseManager::manager() to DatabaseManager::singleton() as
        per coding style and use WTF::NeverDestroyed.

        * Modules/webdatabase/DOMWindowWebDatabase.cpp:
        (WebCore::DOMWindowWebDatabase::openDatabase):
        * Modules/webdatabase/DatabaseBackendBase.cpp:
        (WebCore::DatabaseBackendBase::DatabaseBackendBase):
        * Modules/webdatabase/DatabaseContext.cpp:
        (WebCore::DatabaseContext::DatabaseContext):
        (WebCore::DatabaseContext::~DatabaseContext):
        (WebCore::DatabaseContext::stopDatabases):
        (WebCore::DatabaseContext::databaseExceededQuota):
        * Modules/webdatabase/DatabaseManager.cpp:
        (WebCore::DatabaseManager::singleton):
        (WebCore::DatabaseManager::manager): Deleted.
        * Modules/webdatabase/DatabaseManager.h:
        (WebCore::DatabaseManager::~DatabaseManager): Deleted.
        * Modules/webdatabase/SQLTransactionClient.cpp:
        (WebCore::SQLTransactionClient::didExceedQuota):
        * history/PageCache.cpp:
        (WebCore::logCanCacheFrameDecision):
        (WebCore::PageCache::canCachePageContainingThisFrame):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::stopLoading):

2015-02-26  Csaba Osztrogonác  <ossy@webkit.org>

        Fix the !ENABLE(GEOLOCATION) build after r180533
        https://bugs.webkit.org/show_bug.cgi?id=142053

        Reviewed by Chris Dumez.

        * Modules/geolocation/GeoNotifier.cpp:
        * Modules/geolocation/GeoNotifier.h:

2015-02-26  Dean Jackson  <dino@apple.com>

        [iOS Media] incorrect front padding on time values
        https://bugs.webkit.org/show_bug.cgi?id=142027
        <rdar://problem/19960790>

        Reviewed by Brent Fulgham.

        My last commit was updating the OS X file,
        not the iOS file.

        We don't want to prefix times with a "0".

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.formatTime):
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.formatTime):

2015-02-26  Mark Lam  <mark.lam@apple.com>

        Rolling out r180602, r180608, r180613, r180617, r180671.
        <https://webkit.org/b/141990>

        Not reviewed.

        The r180602 solution does result in more work for GC when worker
        threads are in use.  Filip is uncomfortable with that.
        The EFL and GTK ports also seem to be unhappy with this change.
        Rolling out while we investigate.

        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::commonVM):

2015-02-26  Myles C. Maxfield  <mmaxfield@apple.com>

        [Mac] [iOS] Parsing support for -apple-trailing-word
        https://bugs.webkit.org/show_bug.cgi?id=141939

        Reviewed by Andreas Kling.

        This patch implements initial parsing support for the -apple-trailing-word CSS property.
        This property has two possible (mutually exclusive) values: auto and
        -apple-partially-balanced. This property is inherited.

        The work for this property is behind the ENABLE(CSS_TRAILING_WORD) preprocessor define.

        This is an internal property that will allow us to control line breaking behavior for
        short paragraphs.

        Note that, because of the implementation of cssValueKeywordID() in CSSParser.cpp,
        the new value must be implemented as -webkit-partially-balanced. Using the -apple-
        prefix will work, but if you getComputedStyle(), it will return the -webkit- prefixed
        version.

        Test: platform/mac/fast/text/trailing-word-parse.html

        * Configurations/FeatureDefines.xcconfig:
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue): Turn internal representation into a
        CSS value.
        * css/CSSParser.cpp:
        (WebCore::isValidKeywordPropertyAndValue): Updated for new keyword property / value
        pair.
        (WebCore::isKeywordPropertyID): New property is a keyword property.
        (WebCore::CSSParser::parseValue): Use the keyword property codepath.
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): Convert to and from the internal
        representation and CSS values.
        (WebCore::CSSPrimitiveValue::operator TrailingWord):
        * css/CSSPropertyNames.in: New property.
        * css/CSSValueKeywords.in: New value.
        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseFor): Can't use SimpleLineLayout for this.
        * rendering/style/RenderStyle.h: Getter, setter and initial value.
        * rendering/style/RenderStyleConstants.h: Internal data type.
        * rendering/style/StyleRareInheritedData.h: One bit to control this style property.
        * rendering/style/StyleRareInheritedData.cpp: Update constructors and operators.

2015-02-26  Roger Fong  <roger_fong@apple.com>

        Unreviewed. Fix a accidental deletion from r178674.

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::create):
        Return the fake WebGL context.

2015-02-26  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Cleanup RenderSVGResourceClipper class.
        https://bugs.webkit.org/show_bug.cgi?id=142032.

        Reviewed by Darin Adler.
        
        This is a follow up for r180643: <http://trac.webkit.org/changeset/180643>.
        It includes cleanup for RenderSVGResourceClipper class.

        * rendering/svg/RenderSVGResourceClipper.cpp:
        (WebCore::RenderSVGResourceClipper::applyClippingToContext):
        (WebCore::RenderSVGResourceClipper::drawContentIntoMaskImage):
        * rendering/svg/RenderSVGResourceClipper.h: Change ClipperData to be a
        typedef instead of a class and rename it to ClipperMaskImage. The purpose
        of having it a class even though it includes only one member was because
        we wanted it to be WTF_MAKE_FAST_ALLOCATED. We do not need to allocate it
        as a separate object on the heap anymore.
        
        (WebCore::RenderSVGResourceClipper::addRendererToClipper): Instead of doing
        double hash table lookups by calling HashMap::contains() and then HashMap::get(),
        we can use HashMap::add() instead.

2015-02-26  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Setting any of the <object> element plugin controlling attributes does not have any affect.
        https://bugs.webkit.org/show_bug.cgi?id=141936.

        Reviewed by Zalan Bujtas.

        When setting any of the <object> element plugin controlling attributes
        dynamically we need to mark the the element to be dirty by calling
        setNeedsStyleRecalc(), so it has to recreate its renderer when needed.
        
        Test: svg/as-object/svg-in-object-dynamic-attribute-change.html

        * dom/Element.h: Delete unimplemented function.
        
        * html/HTMLObjectElement.cpp:
        (WebCore::HTMLObjectElement::parseAttribute): Dirty the element by calling
        setNeedsStyleRecalc() when one of the plugin controlling attributes gets
        changed. We have to clear the m_useFallbackContent because the attribute's
        new value might fix the object rendering.
        
        * html/HTMLObjectElement.h: Add a function to clear m_useFallbackContent.
        
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::willRecalcStyle): We might need to 
        reconstruct the object renderer in the image case. This can happen if the
        image was rendering fallback content and the attribute's new value fixes
        the object rendering.

2015-02-26  Brent Fulgham  <bfulgham@apple.com>

        [Win] Make build logs more legible by reducing noise
        https://bugs.webkit.org/show_bug.cgi?id=142034

        Reviewed by Alexey Proskuryakov.

        Modify batch files, makefiles, and DOS commands to remove
        uninteresting/unhelpful output.

        * WebCore.vcxproj/WebCoreGenerated.make:
        * WebCore.vcxproj/WebCorePreBuild.cmd:
        * WebCore.vcxproj/copyForwardingHeaders.cmd:
        * WebCore.vcxproj/copyWebCoreResourceFiles.cmd:

2015-02-26  Michael Catanzaro  <mcatanzaro@igalia.com>

        [FreeType] REGRESSION(r180563): Introduced crashes
        https://bugs.webkit.org/show_bug.cgi?id=142044

        Reviewed by Martin Robinson.

        No new tests, should be caught by any woff font test.

        Use optionsPattern, not m_pattern, when m_pattern may be null.

        * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
        (WebCore::FontPlatformData::initializeWithFontFace):

2015-02-26  Sergio Villar Senin  <svillar@igalia.com>

        ASSERTION FAILED: !length.isUndefined() in WebCore::GridLength::GridLength
        https://bugs.webkit.org/show_bug.cgi?id=141645

        Reviewed by Chris Dumez.

        This bug has been here since r110484 but was uncovered by
        r180140. The problem r110484 was trying to fix was that
        CSSPrimitiveValue::convertToLength<Length> ended up calling
        CSSPrimitiveValue::computeLengthDouble() which was apparently
        dereferencing conversionData.style() and
        conversionData.rootStyle() pointers without checking them. That's
        why that fix added this condition to convertToLength():

        isFontRelativeLength() && (!conversionData.style() || !conversionData.rootStyle())

        which is not correct, because for the 4 possible font relative
        length types, 3 of them just use the style() pointer and the other
        one just uses rootStyle() which BTW could be NULL. This erroneous
        condition makes that function to return Length(Undefined) more
        often than it should.

        From now on it only returns Length(Undefined) if the style()
        pointer is NULL and the font relative length type is one in the
        set (CSS_EMS, CSS_EXS, CSS_CHS);

        Test: fast/css-grid-layout/grid-with-relative-font-length-crash.html

        * css/CSSPrimitiveValue.h:
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::convertingToLengthRequiresNonNullStyle):
        (WebCore::CSSPrimitiveValue::convertToLength):


2015-02-26  Andreas Kling  <akling@apple.com>

        [Cocoa] Prod libcache to drop caches in memory pressure relief handler.
        <https://webkit.org/b/142024>
        <rdar://problem/19966096>

        Reviewed by Antti Koivisto.

        libcache already listens to the OS memory pressure notifications, but we still
        need to manually request a cleanup when doing an iOS process suspension, or when
        simulating memory pressure.

        * platform/cocoa/MemoryPressureHandlerCocoa.mm:
        (WebCore::MemoryPressureHandler::platformReleaseMemory): Call out to libcache's
        cache_simulate_memory_warning_event() to make sure that nonessential objects
        being kept alive by NSCaches get dropped when we need the memory.

2015-02-25  Zalan Bujtas  <zalan@apple.com>

        Black line across screen on Adobe Illustrator detail page (non-retina only)
        https://bugs.webkit.org/show_bug.cgi?id=141866

        Reviewed by Simon Fraser.

        Phase is relative to the destination origin. We need to take location information into account
        while snapping so that the result is inline with the snapped destination rect.
        (location affects the snapped size.)

        Test: fast/backgrounds/gradient-background-on-subpixel-position.html

        * rendering/RenderBoxModelObject.cpp:
        (WebCore::pixelSnapBackgroundImageGeometryForPainting):
        (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry):

2015-02-25  Brent Fulgham  <bfulgham@apple.com>

        [Win] Use WEBCORE_EXPORT instead of Definition file
        https://bugs.webkit.org/show_bug.cgi?id=141734

        Reviewed by Alex Christensen.

        No change in functionality.

        * WebCore.vcxproj/WebCore.vcxproj: Correct bad Precompiled header
        settings on certain files.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Automatically updated
        by Visual Studio.
        * WebCore.vcxproj/WebCoreTestSupport.vcxproj: Ditto.
        * WebCore.vcxproj/WebCoreTestSupport.vcxproj.filters: Ditto.
        * WebCore.vcxproj/WebCoreTestSupportCommon.props: Added.
        * WebCore.vcxproj/WebCoreTestSupportDebug.props: Added.
        * WebCore.vcxproj/WebCoreTestSupportDebugWinCairo.props: Added.
        * WebCore.vcxproj/WebCoreTestSupportProduction.props: Added.
        * WebCore.vcxproj/WebCoreTestSupportRelease.props: Added.
        * WebCore.vcxproj/WebCoreTestSupportReleaseWinCairo.props: Added.
        * WebCorePrefix.h: Provide proper export definitions for Windows.
        * bindings/js/JSCustomXPathNSResolver.cpp: Add missing #include
        needed by the new export style.
        * bindings/js/JSDOMWindowBase.h: Export class since DRT needs
        access to parts of it.
        * bindings/js/ScriptCachedFrameData.cpp: Add missing #include
        needed by the new export style.
        * bindings/scripts/CodeGeneratorJS.pm: Use different export macro
        when generating WebCoreTestSupport files, so that we don't confuse
        the linker when WebCore.lib and WebCoreTestSupport.lib try to
        both export WEBCORE_EXPORT symbols.
        (ExportLabelForClass):
        (GenerateHeader):
        * bridge/jsc/BridgeJSC.cpp: Add missing #include needed by the new
        export style.
        * css/CSSParser.cpp: Ditto.
        * dom/Document.cpp: Ditto.
        * html/HTMLImageLoader.cpp: Ditto.
        * inspector/CommandLineAPIModule.cpp: Ditto.
        * inspector/PageDebuggerAgent.cpp: Ditto.
        * inspector/PageRuntimeAgent.cpp: Ditto.
        * inspector/WorkerRuntimeAgent.cpp: Ditto.
        * page/DOMWindow.cpp: Ditto.
        * page/DOMWindow.h: Export the destructor, as it is needed by
        DumpRenderTree (on Windows).
        * page/Page.cpp: Add missing #include needed by the new export style.
        * platform/Logging.h: Remove conflicting export declaration.
        * platform/PlatformExportMacros.h: Update for Windows use.
        * testing/Internals.cpp: Add missing #include needed by the new export style.
        * testing/Internals.h: Use WEBCORE_TESTSUPPORT_EXPORT for things that
        are supposed to be exported by WebCoreTestSupport, not WebCore.
        * testing/js/WebCoreTestSupport.cpp: Add missing #include needed by
        new export style.
        * testing/js/WebCoreTestSupportPrefix.cpp: Added.
        * testing/js/WebCoreTestSupportPrefix.h: Added.
        * xml/XMLHttpRequest.h: Export the destructor.
        * xml/XSLStyleSheetLibxslt.cpp: Add missing #include needed by the new
        export style.
        * xml/XSLTProcessorLibxslt.cpp: Ditto.

2015-02-25  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Remove unnecessary DatabaseFooTask::create
        https://bugs.webkit.org/show_bug.cgi?id=142002

        Reviewed by Darin Adler.

        DatabaseFooTask::create can be replaced with std::make_unique<>.

        No new tests, no behavior changes.

        * Modules/webdatabase/Database.cpp:
        (WebCore::Database::scheduleTransaction):
        (WebCore::Database::scheduleTransactionStep):
        (WebCore::Database::markAsDeletedAndClose):
        (WebCore::Database::closeImmediately):
        (WebCore::Database::tableNames):
        * Modules/webdatabase/DatabaseTask.h:
        (WebCore::DatabaseBackend::DatabaseCloseTask::create): Deleted.
        (WebCore::DatabaseBackend::DatabaseTransactionTask::create): Deleted.
        (WebCore::DatabaseBackend::DatabaseTableNamesTask::create): Deleted.

2015-02-25  Dean Jackson  <dino@apple.com>

        [iOS Media] incorrect front padding on time values
        https://bugs.webkit.org/show_bug.cgi?id=142027
        <rdar://problem/19960790>

        Reviewed by Brent Fulgham.

        We don't want to prefix times with a "0".

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.formatTime):

2015-02-25  Chris Dumez  <cdumez@apple.com>

        Make PublicURLManager suspendable
        https://bugs.webkit.org/show_bug.cgi?id=141977
        <rdar://problem/19923085>

        Reviewed by Andreas Kling.

        Make PublicURLManager suspendable by overriding ActiveDOMObject::canSuspend()
        and returning true. Nothing prevents suspending the PublicURLManager as its
        implementation never causes JS to be executed. No implementation for
        suspend() / resume() needs to be provided for the same reason.

        The fact that PublicURLManager wasn't suspendable was preventing pages using
        URL.createObjectURL() from entering the PageCache. Baidu.com search results
        pages are using the API for example.

        Test: fast/history/page-cache-createObjectURL.html

        * html/PublicURLManager.cpp:
        (WebCore::PublicURLManager::canSuspend):
        * html/PublicURLManager.h:

2015-02-25  Zalan Bujtas  <zalan@apple.com>

        Cleanup BackgroundImageGeometry class.
        https://bugs.webkit.org/show_bug.cgi?id=141997

        Reviewed by Simon Fraser.

        This patch attempts to improve RenderBoxModelObject::calculateBackgroundImageGeometry() readability by
        removing redundant code and making image geometry operations explicit. BackgroundImageGeometry
        becomes a read only class (with the exception of the clip() method).

        No change in functionality.

        * rendering/RenderBoxModelObject.cpp:
        (WebCore::BackgroundImageGeometry::BackgroundImageGeometry):
        (WebCore::BackgroundImageGeometry::pixelSnapBackgroundImageGeometryForPainting):
        (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry):
        (WebCore::BackgroundImageGeometry::setNoRepeatX): Deleted.
        (WebCore::BackgroundImageGeometry::setNoRepeatY): Deleted.
        (WebCore::BackgroundImageGeometry::useFixedAttachment): Deleted.
        (WebCore::BackgroundImageGeometry::clip): Deleted.
        (WebCore::RenderBoxModelObject::pixelSnapBackgroundImageGeometryForPainting): Deleted.
        * rendering/RenderBoxModelObject.h:
        (WebCore::BackgroundImageGeometry::clip):
        (WebCore::BackgroundImageGeometry::BackgroundImageGeometry): Deleted.
        (WebCore::BackgroundImageGeometry::setDestRect): Deleted.
        (WebCore::BackgroundImageGeometry::setPhase): Deleted.
        (WebCore::BackgroundImageGeometry::setPhaseX): Deleted.
        (WebCore::BackgroundImageGeometry::setPhaseY): Deleted.
        (WebCore::BackgroundImageGeometry::setTileSize): Deleted.
        (WebCore::BackgroundImageGeometry::setSpaceSize): Deleted.
        (WebCore::BackgroundImageGeometry::setHasNonLocalGeometry): Deleted.

2015-02-25  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Horizontal and vertical lines are clipped completely if clip-path is included in the tag but the referenced element is defined later.
        https://bugs.webkit.org/show_bug.cgi?id=141776.

        Reviewed by Dean Jackson.

        Tests: svg/clip-path/clip-path-line-use-before-defined-expected.svg
               svg/clip-path/clip-path-line-use-before-defined.svg

        * rendering/svg/RenderSVGResourceClipper.cpp:
        (WebCore::RenderSVGResourceClipper::applyClippingToContext): Ensure the renderer
        is added to m_clipper if it does not exist. The same renderer might have been 
        added to m_clipper in resourceBoundingBox().
        
        (WebCore::RenderSVGResourceClipper::addRendererToClipper): Add the renderer to
        m_clipper if it does not exist. Return the associated ClipperData.
        
        (WebCore::RenderSVGResourceClipper::resourceBoundingBox): If the clipper is
        referenced before it is defined, add the renderer to m_clipper. While doing the
        layout() for the clipper, we can check if m_clipper has values or not. If it does
        have, we are going to mark the clipper for client invalidation which is done by
        the SVG root.
        
        * rendering/svg/RenderSVGResourceClipper.h:
        * rendering/svg/RenderSVGResourceContainer.h:
        (WebCore::RenderSVGResourceContainer::selfNeedsClientInvalidation): Define a 
        new function selfNeedsClientInvalidation() which controls marking the clipper 
        for client invalidation. In RenderSVGResourceClipper, override it so it checks
        m_clipper to force clients validation even if it the first time we do layout
        for this clipper.

        * rendering/svg/RenderSVGResourceContainer.cpp:
        (WebCore::RenderSVGResourceContainer::layout): Call the virtual function
        selfNeedsClientInvalidation() to check whether we need to mark the clipper for
        client invalidation.
        
        * svg/SVGElement.cpp: Delete unneeded header file.

2015-02-25  peavo@outlook.com  <peavo@outlook.com>

        [WinCairo] WinLauncher is not starting on Vista.
        https://bugs.webkit.org/show_bug.cgi?id=141905

        Reviewed by Alex Christensen.

        We have to soft link with Media Foundation functions to be able
        to start on Vista and WinXP.

        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::createSession):
        (WebCore::MediaPlayerPrivateMediaFoundation::endSession):
        (WebCore::MediaPlayerPrivateMediaFoundation::startCreateMediaSource):
        (WebCore::MediaPlayerPrivateMediaFoundation::endGetEvent):
        (WebCore::MediaPlayerPrivateMediaFoundation::createTopologyFromSource):
        (WebCore::MediaPlayerPrivateMediaFoundation::createOutputNode):
        (WebCore::MediaPlayerPrivateMediaFoundation::createSourceStreamNode):
        (WebCore::MediaPlayerPrivateMediaFoundation::onTopologySet):

2015-02-25  Beth Dakin  <bdakin@apple.com>

        REGRESSION (r180018 ): Holding a rubber-band in place can get stuck
        https://bugs.webkit.org/show_bug.cgi?id=142020
        -and corresponding-
        rdar://problem/19945216

        Reviewed by Tom Horton.

        It was a mistaken assumption that it was necessary to return false in the zero-
        delta case. That is clearly conceptually wrong since false represents the DOM 
        doing something special with the event, which is clearly not the case if we never 
        even send the event to the DOM. Returning true will allow the rest of the 
        scrolling machinery the ability to handle the event.
        * dom/Element.cpp:
        (WebCore::Element::dispatchWheelEvent):

2015-02-25  Ryosuke Niwa  <rniwa@webkit.org>

        HTMLElement::collectStyleForPresentationAttribute duplicates a lot of code for contentEditableAttr
        https://bugs.webkit.org/show_bug.cgi?id=142003

        Reviewed by Sam Weinig.

        Utilized contentEditableType to reduce the code duplication.

        * html/HTMLElement.cpp:
        (WebCore::contentEditableType): Moved and added a version that takes AtomicString.
        (WebCore::HTMLElement::collectStyleForPresentationAttribute):

2015-02-25  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] Tracks growing beyond limits when they should not
        https://bugs.webkit.org/show_bug.cgi?id=140883

        Reviewed by Darin Adler.

        Our track sizing algorithm implementation incorrectly grew some
        tracks beyond limits when handling min-content and max-content
        base sizes. In those cases we should only grow "any affected track
        that happens to also have an intrinsic max track sizing function"
        or all of them if there are none.

        The problem was that we're using a vector of indexes pointing to
        the vector with the list of affected tracks. Those indexes become
        easily incorrect because the first thing we do in
        distributeSpaceToTracks() is to sort the vector with the affected
        tracks by growth potential.

        Instead of that we now pass a vector with pointers to the list of
        tracks allowed to grow over the limits. The size changes are now
        directly stored in the GridTracks (it's called plannedSize)
        instead of in a separate vector, so we don't need to worry about
        tracks being rearranged (and we also get rid of the ugly vector of
        indexes pointing to another vector).

        * rendering/RenderGrid.cpp:
        (WebCore::GridTrack::plannedSize): New member with getter/setter.
        (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions):
        Pass a setXXX() function instead of a growXXX() one to ForItems().
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
        Renamed additionalBreadthSpace to extraSpace which is the term
        used by specs.
        (WebCore::RenderGrid::distributeSpaceToTracks): Use GridTrack's
        plannedSize instead of the old distribution vector.
        (WebCore::GridTrack::growBaseSize): Deleted.
        (WebCore::GridTrack::growGrowthLimit): Deleted.
        * rendering/RenderGrid.h:

2015-02-25  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: Implement support for ARIA 1.1 'searchbox' role
        https://bugs.webkit.org/show_bug.cgi?id=142004

        Reviewed by Chris Fleizach.

        Add a new accessible SearchFieldRole to handle both the ARIA role
        and the "search" input type.

        No new tests. Instead, added a new test case to roles-exposed.html
        for the mapping, and updated roles-computedRoleString.html because
        there is now a one-to-one mapping between the "search" input type
        and an ARIA role.

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::determineAccessibilityRole):
        (WebCore::AccessibilityNodeObject::isSearchField):
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::isARIATextControl):
        (WebCore::AccessibilityObject::isARIAInput):
        (WebCore::initializeRoleMap):
        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper accessibilityCanFuzzyHitTest]):
        (-[WebAccessibilityObjectWrapper accessibilityTraits]):
        (-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (createAccessibilityRoleMap):

2015-02-24  Simon Fraser  <simon.fraser@apple.com>

        Clarify some resizing terminology in ScrollView/FrameView
        https://bugs.webkit.org/show_bug.cgi?id=141996

        Reviewed by Zalan Bujtas.

        ScrollableArea/ScrollView/FrameView had some confusing terminology around
        contentsResized/visibleContentsResized/fixedLayoutSizeChanged.
        
        Clarify this by distinguishing between:
        1. Available size changes because of
            i) non-overlay scrollbar presence
           ii) ScrollableArea frame change
        2. Removing fixedLayoutSizeChanged() and just treating it like an
           available size change.
           
        contentsResized() is relegated to simply being a hook that allows Mac to
        flash overlay scrollbars.
        
        The confusingly named visibleContentsResized() is now updateContentsSize(),
        and is the way that a ScrollableArea tells its subclasss that it should recompute
        the size of the contents (i.e. do a layout).

        * page/FrameView.cpp:
        (WebCore::FrameView::setContentsSize): No longer mysteriously skip the
        FrameView implementation of contentsResized(), which used to do a setNeedsLayout()
        which we didn't want to do from setContentsSize(), which itself happens as a result of layout.
        (WebCore::FrameView::adjustViewSize): Whitespace.
        (WebCore::FrameView::layout): Ditto.
        (WebCore::FrameView::availableContentSizeChanged): Called on frame size change, or scrollbar
        change.
        (WebCore::FrameView::updateContentsSize): This actually does the layout.
        (WebCore::FrameView::scrollbarStyleChanged): Always call the base class;  ScrollView::scrollbarStyleChanged
        will bail if not a forced update.
        (WebCore::FrameView::setCustomFixedPositionLayoutRect): Forces a layout via updateContentsSize() now.
        (WebCore::FrameView::contentsResized): Deleted.
        (WebCore::FrameView::fixedLayoutSizeChanged): Deleted.
        (WebCore::FrameView::visibleContentsResized): Deleted.
        * page/FrameView.h:
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::setFixedLayoutSize): Calls availableContentSizeChanged() now.
        (WebCore::ScrollView::setUseFixedLayout): Ditto.
        (WebCore::ScrollView::availableContentSizeChanged): Update scrollbars if that's not
        the reason we are being called.
        (WebCore::ScrollView::updateScrollbars): contentsResized() was the thing that caused setNeedsLayout();
        replace it with availableContentSizeChanged(). visibleContentsResized() did the layout, and
        replace with updateContentsSize().
        (WebCore::ScrollView::setFrameRect): Call availableContentSizeChanged() now. This takes care of
        updating scrollbars, so no need to explicitly do that.
        (WebCore::ScrollView::scrollbarStyleChanged): Call the base class.
        (WebCore::ScrollView::fixedLayoutSizeChanged): Deleted.
        * platform/ScrollView.h:
        * platform/ScrollableArea.cpp:
        (WebCore::ScrollableArea::availableContentSizeChanged): Call scrollAnimator->contentsResized()
        to flash the scrollbars.
        (WebCore::ScrollableArea::scrolledToRight):
        (WebCore::ScrollableArea::scrollbarStyleChanged): Call availableContentSizeChanged() since
        scrollbar style affects available space.
        * platform/ScrollableArea.h:
        (WebCore::ScrollableArea::updateContentsSize):
        (WebCore::ScrollableArea::scrollbarStyleChanged): Deleted.

2015-02-24  Ryosuke Niwa  <rniwa@webkit.org>

        Unreviewed Mavericks build attempt fix after r180609.

        * platform/graphics/mac/GraphicsContext3DMac.mm:
        (WebCore::GraphicsContext3D::GraphicsContext3D):
        (WebCore::GraphicsContext3D::checkGPUStatusIfNecessary):

2015-02-19  Roger Fong  <roger_fong@apple.com>

        WebGL: Destroy the GLContext if a GPU restart has been detected.
        https://bugs.webkit.org/show_bug.cgi?id=141567.
        <rdar://problem/18507496>

        Reviewed by Dean Jackson.

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::WebGLRenderingContextBase):
        * platform/graphics/GraphicsContext3D.h:
        (WebCore::GraphicsContext3D::setWebGLContext): 
        Keep track of which WebGLRenderingContext is associated with the current GraphicsContext3D.
        * platform/graphics/mac/GraphicsContext3DMac.mm:
        (WebCore::GraphicsContext3D::checkGPUStatusIfNecessary): Helper method to check GPU status.
        (WebCore::GraphicsContext3D::GraphicsContext3D): 
        Don’t immediately abort the GPU process when the restart status is kCGLCPGPURestartStatusBlacklisted.
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::forceContextLost): 
        Force the WebGLRenderingContext to be lost.
        (WebCore::GraphicsContext3D::drawArrays): Check GPU status after calling drawArrays.
        (WebCore::GraphicsContext3D::drawElements): Check GPU status after calling drawElements.
        * WebCore.xcodeproj/project.pbxproj: Add SPI header for iOS.
        * platform/spi/ios/OpenGLESSPI.h: Added.

2015-02-24  Stephanie Lewis  <slewis@apple.com>

        Unreviewed ios build fix after http://trac.webkit.org/changeset/180602.

        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::commonVM):

2015-02-24  Simon Fraser  <simon.fraser@apple.com>

        Use an enum for scrollbar style
        https://bugs.webkit.org/show_bug.cgi?id=141985

        Reviewed by Beth Dakin.

        Switch to an enum class for the scrollbar style (normal or overlay).

        * page/ChromeClient.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::scrollbarStyleChanged):
        * page/FrameView.h:
        * platform/ScrollTypes.h:
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::scrollbarStyleChanged):
        * platform/ScrollView.h:
        * platform/ScrollableArea.h:
        (WebCore::ScrollableArea::scrollbarStyleChanged):
        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::ScrollAnimatorMac::updateScrollerStyle):

2015-02-24  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r180599.
        https://bugs.webkit.org/show_bug.cgi?id=141998

        Lots of new test failures (Requested by smfr on #webkit).

        Reverted changeset:

        "Parsing support for -webkit-trailing-word"
        https://bugs.webkit.org/show_bug.cgi?id=141939
        http://trac.webkit.org/changeset/180599

2015-02-24  Sam Weinig  <sam@webkit.org>

        [Attachment] Give <attachment> elements an underlying File
        https://bugs.webkit.org/show_bug.cgi?id=141993

        Reviewed by Tim Horton.

        - Add a JS subclass for attachments so that <attachment>s are
          instances of HTMLAttachmentElement rather than HTMLElement.
        - Give HTMLAttachmentElements an underlying File that they
          are the representation of. Expose it via a new 'file' property.
        - Expose a new Internals function called window.internals.createFile(url)
          that allows creating File objects for testing.

        * CMakeLists.txt:
        * DerivedSources.cpp:
        * DerivedSources.make:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * fileapi/File.h:
        * html/HTMLAttachmentElement.cpp:
        (WebCore::HTMLAttachmentElement::~HTMLAttachmentElement):
        (WebCore::HTMLAttachmentElement::file):
        (WebCore::HTMLAttachmentElement::setFile):
        * html/HTMLAttachmentElement.h:
        * html/HTMLAttachmentElement.idl: Added.
        * html/HTMLTagNames.in:
        * testing/Internals.cpp:
        (WebCore::Internals::createFile):
        * testing/Internals.h:
        * testing/Internals.idl:

2015-02-24  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: Implement support for ARIA 1.1 'switch' role
        https://bugs.webkit.org/show_bug.cgi?id=141986

        Reviewed by Chris Fleizach.

        Map the role to ATK_ROLE_TOGGLE_BUTTON for Gtk and Efl; on the Mac, to
        AXCheckBox with a subrole of AXSwitch. Ensure it looks and acts like a
        widget to accessibility APIs (supports and emits notifications when
        toggled, doesn't have children, exposes a name and description when
        provided).

        Tests: accessibility/aria-switch-checked.html
               accessibility/aria-switch-sends-notification.html
               accessibility/aria-switch-text.html

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::canHaveChildren):
        (WebCore::AccessibilityNodeObject::isChecked):
        (WebCore::AccessibilityNodeObject::visibleText):
        (WebCore::AccessibilityNodeObject::title):
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::isARIAInput):
        (WebCore::AccessibilityObject::actionVerb):
        (WebCore::initializeRoleMap):
        (WebCore::AccessibilityObject::supportsChecked):
        (WebCore::AccessibilityObject::checkboxOrRadioValue):
        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::isSwitch):
        * accessibility/atk/AXObjectCacheAtk.cpp:
        (WebCore::AXObjectCache::postPlatformNotification):
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper accessibilityCanFuzzyHitTest]):
        (-[WebAccessibilityObjectWrapper accessibilityTraits]):
        (-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (createAccessibilityRoleMap):
        (-[WebAccessibilityObjectWrapper subrole]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

2015-02-24  Myles C. Maxfield  <mmaxfield@apple.com>

        [Mac] [iOS] Parsing support for -apple-trailing-word
        https://bugs.webkit.org/show_bug.cgi?id=141939

        Reviewed by Andreas Kling.

        This patch implements initial parsing support for the -apple-trailing-word CSS property.
        This property has two possible (mutually exclusive) values: auto and
        -apple-partially-balanced. This property is inherited.

        The work for this property is behind the ENABLE(CSS_TRAILING_WORD) preprocessor define.

        This is an internal property that will allow us to control line breaking behavior for
        short paragraphs.

        Note that, because of the implementation of cssValueKeywordID() in CSSParser.cpp,
        the new value must be implemented as -webkit-partially-balanced. Using the -apple-
        prefix will work, but if you getComputedStyle(), it will return the -webkit- prefixed
        version.

        Test: platform/mac/fast/text/trailing-word-parse.html

        * Configurations/FeatureDefines.xcconfig:
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue): Turn internal representation into a
        CSS value.
        * css/CSSParser.cpp:
        (WebCore::isValidKeywordPropertyAndValue): Updated for new keyword property / value
        pair.
        (WebCore::isKeywordPropertyID): New property is a keyword property.
        (WebCore::CSSParser::parseValue): Use the keyword property codepath.
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): Convert to and from the internal
        representation and CSS values.
        (WebCore::CSSPrimitiveValue::operator TrailingWord):
        * css/CSSPropertyNames.in: New property.
        * css/CSSValueKeywords.in: New value.
        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseFor): Can't use SimpleLineLayout for this.
        * rendering/style/RenderStyle.h: Getter, setter and initial value.
        * rendering/style/RenderStyleConstants.h: Internal data type.
        * rendering/style/StyleRareInheritedData.h: One bit to control this style property.

2015-02-24  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Remove DecodingTask::create and DatabaseOpenTask::create
        https://bugs.webkit.org/show_bug.cgi?id=141966

        Reviewed by Anders Carlsson.

        These create() factory functions are redundant. We can use std::make_unique<> directly.

        No new tests, no behavior changes.

        * Modules/webaudio/AsyncAudioDecoder.cpp:
        (WebCore::AsyncAudioDecoder::decodeAsync):
        (WebCore::AsyncAudioDecoder::DecodingTask::create): Deleted.
        * Modules/webaudio/AsyncAudioDecoder.h:
        * Modules/webdatabase/Database.cpp:
        (WebCore::Database::openAndVerifyVersion):
        * Modules/webdatabase/DatabaseTask.h:
        (WebCore::DatabaseBackend::DatabaseOpenTask::create): Deleted.

2015-02-24  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r180578.
        https://bugs.webkit.org/show_bug.cgi?id=141992

        Broke scrolling in Inspector Console. (Requested by JoePeck on
        #webkit).

        Reverted changeset:

        "[Mac] WebKit abandons overlay scrollbar CALayers."
        https://bugs.webkit.org/show_bug.cgi?id=141943
        http://trac.webkit.org/changeset/180578

2015-02-24  Dean Jackson  <dino@apple.com>

        [ios Media] the inline controls are visible after pressing Done on iPhone
        https://bugs.webkit.org/show_bug.cgi?id=141987
        <rdar://problem/19944110>

        Reviewed by Beth Dakin.

        When exiting out of a playing video, we should show the
        start playback button if we don't allow inline media
        (such as on iPhone).

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.shouldHaveStartPlaybackButton): Test for
        allowsInline as well.

2015-02-24  Zalan Bujtas  <zalan@apple.com>

        Pass FillLayer reference instead of pointer to RenderBoxModelObject::calculateBackgroundImageGeometry.
        https://bugs.webkit.org/show_bug.cgi?id=141982

        Reviewed by Simon Fraser.

        There should always be a valid FillLayer.

        No change in functionality.

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::getBackgroundPaintedExtent):
        (WebCore::RenderBox::maskClipRect):
        (WebCore::RenderBox::repaintLayerRectsForImage):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        (WebCore::RenderBoxModelObject::calculateFillTileSize):
        (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry):
        (WebCore::RenderBoxModelObject::getGeometryForBackgroundImage):
        * rendering/RenderBoxModelObject.h:

2015-02-24  Dean Jackson  <dino@apple.com>

        [iOS Media] Be specific about which document to use for the timeline background canvas
        https://bugs.webkit.org/show_bug.cgi?id=141981

        Reviewed by Eric Carlson.

        In some cases, especially with nested iframes, the document
        reference for the shadow DOM might not be the one used
        to create a -webkit-canvas context for rendering via CSS.
        Explicitly get the context from the video's owner
        document.

        There is still a bug here:
        https://bugs.webkit.org/show_bug.cgi?id=141983

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.drawTimelineBackground):

2015-02-24  Zalan Bujtas  <zalan@apple.com>

        Remove unused BackgroundImageGeometry::m_destOrigin
        https://bugs.webkit.org/show_bug.cgi?id=141980

        Reviewed by Simon Fraser.

        Remove BackgroundImageGeometry::m_destOrigin and its dependencies.
        They are not used at all.

        No change in functionality.

        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        (WebCore::RenderBoxModelObject::pixelSnapBackgroundImageGeometryForPainting):
        (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry):
        (WebCore::BackgroundImageGeometry::relativePhase): Deleted.
        * rendering/RenderBoxModelObject.h:
        (WebCore::BackgroundImageGeometry::destOrigin): Deleted.
        (WebCore::BackgroundImageGeometry::setDestOrigin): Deleted.
        * rendering/svg/RenderSVGResourceMasker.cpp:
        (WebCore::RenderSVGResourceMasker::drawMaskForRenderer):

2015-02-24  Zalan Bujtas  <zalan@apple.com>

        RenderBoxModelObject::calculateBackgroundImageGeometry should return BackgroundImageGeometry.
        https://bugs.webkit.org/show_bug.cgi?id=141979

        Reviewed by Simon Fraser.

        No change in functionality.

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::getBackgroundPaintedExtent):
        (WebCore::RenderBox::maskClipRect):
        (WebCore::RenderBox::repaintLayerRectsForImage):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry):
        (WebCore::RenderBoxModelObject::getGeometryForBackgroundImage):
        * rendering/RenderBoxModelObject.h:

2015-02-24  Zalan Bujtas  <zalan@apple.com>

        Switch BackgroundImageGeometry's m_phase from LayoutPoint to LayoutSize.
        https://bugs.webkit.org/show_bug.cgi?id=141972

        Reviewed by Simon Fraser.

        Image geometry's phase represents distance.

        No change in functionality.

        * WebCore.order:
        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::setContentsTilePhase):
        (WebCore::GraphicsLayer::contentsTilePhase):
        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::computePatternTransformIfNeeded):
        (WebCore::TextureMapperLayer::setContentsTilePhase):
        * platform/graphics/texmap/TextureMapperLayer.h:
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::setContentsTilePhase):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        (WebCore::BackgroundImageGeometry::setNoRepeatX):
        (WebCore::BackgroundImageGeometry::setNoRepeatY):
        (WebCore::BackgroundImageGeometry::useFixedAttachment):
        (WebCore::BackgroundImageGeometry::relativePhase):
        (WebCore::RenderBoxModelObject::pixelSnapBackgroundImageGeometryForPainting):
        (WebCore::RenderBoxModelObject::getGeometryForBackgroundImage):
        * rendering/RenderBoxModelObject.h:
        (WebCore::BackgroundImageGeometry::phase):
        (WebCore::BackgroundImageGeometry::setPhase):
        (WebCore::BackgroundImageGeometry::setPhaseX):
        (WebCore::BackgroundImageGeometry::setPhaseY):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::resetContentsRect):
        (WebCore::RenderLayerBacking::updateDirectlyCompositedBackgroundImage):
        * rendering/svg/RenderSVGResourceMasker.cpp:
        (WebCore::RenderSVGResourceMasker::drawMaskForRenderer):

2015-02-24  Andreas Kling  <akling@apple.com>

        [Mac] WebKit abandons overlay scrollbar CALayers.
        <https://webkit.org/b/141943>
        <rdar://problem/19932199>

        Reviewed by Beth Dakin.

        * platform/mac/ScrollAnimatorMac.mm:
        (-[WebScrollbarPartAnimation initWithScrollbar:featureToAnimate:animateFrom:animateTo:duration:]):
        Use NSAnimationNonblockingThreaded to ensure that NSAnimations get cleaned up after they finish.
        The animation was indirectly retaining the overlay scrollbar's CALayer, causing significant
        amounts of abandoned memory to accumulate over time.

2015-02-24  Anders Carlsson  <andersca@apple.com>

        Implement more of the data fetching API
        https://bugs.webkit.org/show_bug.cgi?id=141975

        Reviewed by Andreas Kling.

        Add API for getting origins in a given session that has cached data.

        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::originsWithCache):

2015-02-24  Simon Fraser  <simon.fraser@apple.com>

        Use nullptr in more places in FrameView, RenderView, RenderObject
        https://bugs.webkit.org/show_bug.cgi?id=141974

        Reviewed by Zalan Bujtas.

        0 -> nullptr in FrameView.h/cpp, RenderView.h/cpp, RenderObject.h/cpp.
        
        Rename FrameView::m_deferSetNeedsLayouts to FrameView::m_deferSetNeedsLayoutCount
        to make it more clear that it's a count.

        * page/FrameView.cpp:
        (WebCore::FrameView::FrameView):
        (WebCore::FrameView::reset):
        (WebCore::FrameView::setContentsSize):
        (WebCore::FrameView::calculateScrollbarModesForLayout):
        (WebCore::FrameView::layerForScrolling):
        (WebCore::FrameView::layerForHorizontalScrollbar):
        (WebCore::FrameView::layerForVerticalScrollbar):
        (WebCore::FrameView::layerForScrollCorner):
        (WebCore::FrameView::tiledBacking):
        (WebCore::FrameView::scrollLayerID):
        (WebCore::FrameView::layerForOverhangAreas):
        (WebCore::FrameView::setWantsLayerForTopOverHangArea):
        (WebCore::FrameView::setWantsLayerForBottomOverHangArea):
        (WebCore::FrameView::hasCompositedContentIncludingDescendants):
        (WebCore::FrameView::layoutRoot):
        (WebCore::FrameView::forceLayoutParentViewIfNeeded):
        (WebCore::FrameView::layout):
        (WebCore::FrameView::hostWindow):
        (WebCore::FrameView::scheduleRelayout):
        (WebCore::FrameView::scheduleRelayoutOfSubtree):
        (WebCore::FrameView::needsLayout):
        (WebCore::FrameView::setNeedsLayout):
        (WebCore::FrameView::enclosingScrollableArea):
        (WebCore::FrameView::parentFrameView):
        (WebCore::FrameView::paintControlTints):
        (WebCore::FrameView::adjustPageHeightDeprecated):
        (WebCore::FrameView::axObjectCache):
        * page/FrameView.h:
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::RenderObject):
        (WebCore::RenderObject::nextInPreOrderAfterChildren):
        (WebCore::RenderObject::previousInPreOrder):
        (WebCore::RenderObject::firstLeafChild):
        (WebCore::RenderObject::lastLeafChild):
        (WebCore::RenderObject::traverseNext):
        (WebCore::RenderObject::firstLineBlock):
        (WebCore::RenderObject::containerForRepaint):
        (WebCore::RenderObject::showRenderSubTreeAndMark):
        (WebCore::RenderObject::localToAbsolute):
        (WebCore::RenderObject::container):
        * rendering/RenderObject.h:
        (WebCore::RenderObject::virtualContinuation):
        (WebCore::RenderObject::node):
        (WebCore::RenderObject::nonPseudoNode):
        (WebCore::RenderObject::localToAbsoluteQuad):
        (WebCore::RenderObject::absoluteQuads):
        (WebCore::RenderObject::absoluteClippedOverflowRect):
        (WebCore::RenderObject::outlineBoundsForRepaint):
        (WebCore::RenderObject::computeAbsoluteRepaintRect):
        (WebCore::RenderObject::selectionRect):
        (WebCore::RenderObject::imageChanged):
        (WebCore::RenderObject::addFocusRingRects):
        (WebCore::RenderObject::absoluteOutlineBounds):
        * rendering/RenderView.cpp:
        (WebCore::SelectionIterator::next):
        (WebCore::RenderView::RenderView):
        (WebCore::RenderView::mapLocalToContainer):
        (WebCore::RenderView::pushMappingToContainer):
        (WebCore::RenderView::computeRectForRepaint):
        (WebCore::rendererAfterPosition):
        (WebCore::RenderView::splitSelectionBetweenSubtrees):
        (WebCore::RenderView::rootBackgroundIsEntirelyFixed):
        * rendering/RenderView.h:

2015-02-24  Yusuke Suzuki  <utatane.tea@gmail.com>

        REGRESSION(r179429): Can't type comments in Facebook
        https://bugs.webkit.org/show_bug.cgi?id=141859

        Reviewed by Brent Fulgham.

        Enable SymbolEnabled runtime flag in inspector context.

        * ForwardingHeaders/runtime/RuntimeFlags.h: Added.
        * WebCore.order:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::javaScriptRuntimeFlags):
        (WebCore::JSDOMWindowBase::javaScriptExperimentsEnabled): Deleted.
        * bindings/js/JSDOMWindowBase.h:
        * bindings/js/JSWorkerGlobalScopeBase.cpp:
        (WebCore::JSWorkerGlobalScopeBase::javaScriptRuntimeFlags):
        (WebCore::JSWorkerGlobalScopeBase::javaScriptExperimentsEnabled): Deleted.
        * bindings/js/JSWorkerGlobalScopeBase.h:
        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorFrontendClientLocal::InspectorFrontendClientLocal):
        * page/Settings.h:
        * page/Settings.in:

2015-02-24  Manuel Rego Casasnovas  <rego@igalia.com>

        [CSS Grid Layout] Support "sparse" in auto-placed items locked to a row/column
        https://bugs.webkit.org/show_bug.cgi?id=141748

        Reviewed by Sergio Villar Senin.

        The first step of grid item placement algorithm has been updated in
        order to support both "sparse" and "dense" modes. Current code is always
        doing a "dense" packing in this case.

        See: http://dev.w3.org/csswg/css-grid/#auto-placement-algo

        Test: fast/css-grid-layout/grid-item-auto-placement-fixed-row-column.html

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid): Add a cursor
        for each row/column and use it to place items in the right position.

2015-02-24  Joanmarie Diggs  <jdiggs@igalia.com>

        [GTK] Layout Test accessibility/roles-exposed.html is failing
        https://bugs.webkit.org/show_bug.cgi?id=141960

        Reviewed by Martin Robinson.

        The test was failing because Gtk now uses GtkColorChooserDialog for the
        color input, making the input field a button which results in the color
        chooser dialog appearing. As a side effect of this change, the input now
        has an accessible role of ColorWell, which is currently mapped to
        ATK_ROLE_COLOR_CHOOSER (which is by definition the dialog which results
        upon activating the button input field). Changed the Gtk platform mapping
        to ATK_ROLE_BUTTON, leaving the Efl mapping as-is.

        No new tests. Instead, updated and unskipped failing test.

        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):

2015-02-24  Michael Catanzaro  <mcatanzaro@igalia.com>

        [GTK] Fonts loaded via @font-face look bad
        https://bugs.webkit.org/show_bug.cgi?id=140994

        Reviewed by Martin Robinson.

        We've had several complaints that woff fonts look bad on some websites. This seems to be a
        combination of multiple issues. For one, we don't look at Fontconfig settings at all when
        creating a web font. This commit changes FontPlatformData::initializeWithFontFace to instead
        use sane default settings from Fontconfig when loading a web font, rather than accepting the
        default settings from GTK+, which are normally overridden by Fontconfig when loading system
        fonts. However, we will hardcode the hinting setting for web fonts to always force use of
        the light autohinter, so that we do not use a font's native hints. This avoids compatibility
        issues when fonts with poor native hinting are only tested in browsers that do not use the
        native hints. It also allows us to sidestep future security vulnerabilities in FreeType's
        bytecode interpreter.

        The net result of this is that there should be little noticable difference if you have GTK+
        set to use slight hinting (which forces use of the autohinter) unless you have customized
        Fontconfig configuration, but a dramatic improvement with particular fonts if you use medium
        or full hinting. This should reduce complaints about our font rendering on "fancy sites."

        No new tests, since the affected fonts we've found are not freely redistributable.

        * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
        (WebCore::FontCustomPlatformData::FontCustomPlatformData): Force web fonts to be autohinted.
        * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
        (WebCore::getDefaultCairoFontOptions): Renamed to disambiguate.
        (WebCore::getDefaultFontconfigOptions): Added.
        (WebCore::FontPlatformData::initializeWithFontFace): Always call
        FontPlatformData::setCairoOptionsFromFontConfigPattern. If the FontPlatformData was not
        created with an FcPattern (e.g. because this is a web font), call
        getDefaultFontconfigOptions to get a sane default FcPattern.
        (WebCore::FontPlatformData::setOrientation): Renamed call to getDefaultCairoFontOptions.
        (WebCore::getDefaultFontOptions): Deleted.

2015-02-24  Andreas Kling  <akling@apple.com>

        [Cocoa] Break internal reference cycle in WebCore::Font.
        <https://webkit.org/b/141941>
        <rdar://problem/19650570>

        Reviewed by Antti Koivisto.

        The Cocoa implementation of Font::platformCreateScaledFont() tried to be smart and use the FontCache.
        This didn't work out well when scaling a 0pt Font, since scaling 0pt by any factor will return 0pt.

        We'd have a 0pt font, scale it by 0.7 to get a small-caps variant, and then cache that small-caps
        variant (really "this") in Font::m_derivedData->smallCaps.

        Fix this by having Cocoa Font scaling do exactly what other platforms do: create a new Font every time.
        This stops us from accumulating tons of abandoned Font objects over time.

        * platform/graphics/Font.cpp:
        (WebCore::Font::verticalRightOrientationFont):
        (WebCore::Font::uprightOrientationFont):
        (WebCore::Font::smallCapsFont):
        (WebCore::Font::emphasisMarkFont):
        (WebCore::Font::brokenIdeographFont):
        (WebCore::Font::nonSyntheticItalicFont): Add assertions to guard against reference cycles inside a Font.

        * platform/graphics/cocoa/FontCocoa.mm:
        (WebCore::Font::platformCreateScaledFont): Always create a new Font when scaling an existing Font to a different size.

2015-02-24  Xabier Rodriguez Calvar <calvaris@igalia.com> and Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Streams API] Reading ReadableStream ready and closed attributes should not always create a new promise
        https://bugs.webkit.org/show_bug.cgi?id=141650

        Reviewed by Benjamin Poulain.

        The JSPromiseDeferred objects returned by JSReadableStream::ready and JSReadableStream::closed should be stored somewhere.
        This patch stores them as private slots in JSReadableStream.
        This is close to the description in https://streams.spec.whatwg.org/#rs-internal-slots.

        An alternative would be to have these objects as JSReadableStream class members, thus modifying the binding generator.
        That may be the cleanest solution, especially if other APIs express the same need.
        Another alternative is to store DeferredWrapper in ReadableStream objects.
        But it is currently preferred to keep DeferredWrapper in bindings/js code.

        Added new constructor for DeferredWrapper to use these stored values.
        Updated ready and closed methods to use that new constructor.
        Changes are covered by new test in streams/readablestream-constructor.html.

        * bindings/js/JSDOMPromise.cpp:
        (WebCore::DeferredWrapper::DeferredWrapper):
        * bindings/js/JSDOMPromise.h:
        * bindings/js/JSReadableStreamCustom.cpp:
        (WebCore::closedPromiseSlotName):
        (WebCore::getOrCreatePromiseDeferredFromObject):
        (WebCore::readyPromiseSlotName):
        (WebCore::JSReadableStream::ready):
        (WebCore::JSReadableStream::closed):
        * bindings/js/ReadableStreamJSSource.cpp:
        (WebCore::setInternalSlotToObject):
        (WebCore::getInternalSlotFromObject):
        * bindings/js/ReadableStreamJSSource.h:

2015-02-24  Dhi Aurrahman  <diorahman@rockybars.com>

        Always serialize :lang()'s arguments to strings
        https://bugs.webkit.org/show_bug.cgi?id=141944

        Reviewed by Benjamin Poulain.

        As specified in [1] :lang()'s arguments are always serialized to strings.

        [1] http://dev.w3.org/csswg/cssom/#serializing-selectors

        Related tests are updated.

        * css/CSSGrammar.y.in:
        * css/CSSParserValues.cpp:
        (WebCore::CSSParserSelector::setLangArgumentList):
        * css/CSSParserValues.h:
        (WebCore::CSSParserString::init):
        (WebCore::CSSParserString::clear):
        (WebCore::CSSParserString::tokenType): Deleted.
        (WebCore::CSSParserString::setTokenType): Deleted.
        * css/CSSSelector.cpp:
        (WebCore::appendLangArgumentList):
        (WebCore::CSSSelector::setLangArgumentList):
        * css/CSSSelector.h:
        (WebCore::CSSSelector::langArgumentList):
        * css/SelectorCheckerTestFunctions.h:
        (WebCore::matchesLangPseudoClass):
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addPseudoClassType):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsInLanguage):

2015-02-24  Antti Koivisto  <antti@apple.com>

       Give TemporaryChange for m_inLoadPendingImages assertion a name so it actually does something.

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::loadPendingImages):

2015-02-23  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r180547 and r180550.
        https://bugs.webkit.org/show_bug.cgi?id=141957

        Broke 10 Windows tests. (Requested by bfulgham_ on #webkit).

        Reverted changesets:

        "REGRESSION(r179429): Can't type comments in Facebook"
        https://bugs.webkit.org/show_bug.cgi?id=141859
        http://trac.webkit.org/changeset/180547

        "Constructor returning null should construct an object instead
        of null"
        https://bugs.webkit.org/show_bug.cgi?id=141640
        http://trac.webkit.org/changeset/180550

2015-02-23  Ryosuke Niwa  <rniwa@webkit.org>

        Disable font loading events until our implementation gets updated to match the latest spec
        https://bugs.webkit.org/show_bug.cgi?id=141938

        Reviewed by Andreas Kling.

        Revert r173531 for now since our implementation is outdated.

        * Configurations/FeatureDefines.xcconfig:

2015-02-23  Brent Fulgham  <bfulgham@apple.com>

        EventHandler references deleted Scrollbar
        https://bugs.webkit.org/show_bug.cgi?id=141931
        <rdar://problem/19915210>

        Reviewed by Tim Horton.

        Tested by scrollbars/overflow-custom-scrollbar-crash.html

        Update the EventHandler class to use a WeakPtr to reference the
        last used Scrollbar, rather than retaining the Scrollbar and
        artificially extending its life. This keeps the EventHandler
        state in proper sync with the state of the render tree, and
        avoids cases where we have destroyed a ScrollableArea (and
        Scrollbar) but are still sending messages to a fake zombie
        version of the element.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::clear):
        (WebCore::EventHandler::handleMousePressEvent):
        (WebCore::EventHandler::updateMouseEventTargetNode):
        (WebCore::EventHandler::updateLastScrollbarUnderMouse):
        * page/EventHandler.h:
        * platform/Scrollbar.cpp:
        (WebCore::Scrollbar::Scrollbar): Initialize WeakPtrFactory.
        * platform/Scrollbar.h:
        (WebCore::Scrollbar::createWeakPtr): Added,

2015-02-23  Yusuke Suzuki  <utatane.tea@gmail.com>

        REGRESSION(r179429): Can't type comments in Facebook
        https://bugs.webkit.org/show_bug.cgi?id=141859

        Reviewed by Geoffrey Garen.

        Enable SymbolEnabled runtime flag in inspector context.

        * ForwardingHeaders/runtime/RuntimeFlags.h: Added.
        * WebCore.order:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::javaScriptRuntimeFlags):
        (WebCore::JSDOMWindowBase::javaScriptExperimentsEnabled): Deleted.
        * bindings/js/JSDOMWindowBase.h:
        * bindings/js/JSWorkerGlobalScopeBase.cpp:
        (WebCore::JSWorkerGlobalScopeBase::javaScriptRuntimeFlags):
        (WebCore::JSWorkerGlobalScopeBase::javaScriptExperimentsEnabled): Deleted.
        * bindings/js/JSWorkerGlobalScopeBase.h:
        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorFrontendClientLocal::InspectorFrontendClientLocal):
        * page/Settings.h:
        * page/Settings.in:

2015-02-23  Benjamin Poulain  <benjamin@webkit.org>

        CSS JIT: add support for case-insensitive attribute matching
        https://bugs.webkit.org/show_bug.cgi?id=141880

        Reviewed by Andreas Kling.

        The value matching now has 3 cases:
        1) Case-sensitive.
        2) Case-insensitive.
        3) Legacy HTML Case-insensitive.

        The information to determine the case is split over 2 source:
        -To know if explicit case-insensitive is needed, we need to ask the selector
         for attributeValueMatchingIsCaseInsensitive().
        -To know if the legacy HTML behavior is needed, we need to test the attribute
         name filter with HTMLDocument::isCaseSensitiveAttribute().

        I decided to perform all those checks at the fragment creation step.
        This makes the register requirements and code generation more explicit.

        From there, everything is easy: switch() on the type of matching needed,
        and generate the code. The new case-insensitive case is a simplified version
        of the legacy HTML behavior without runtime check for the element type.

        Tests: fast/css/implicitly-case-insensitive-attribute-with-svg.html
               fast/selectors/case-insensitive-attribute-register-requirement-1.html
               fast/selectors/case-insensitive-attribute-register-requirement-2.html
               fast/selectors/querySelector-explicit-case-insensitive-attribute-match-with-svg.html

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::attributeSelectorCaseSensitivity):
        (WebCore::SelectorCompiler::AttributeMatchingInfo::AttributeMatchingInfo):
        (WebCore::SelectorCompiler::AttributeMatchingInfo::attributeCaseSensitivity):
        (WebCore::SelectorCompiler::AttributeMatchingInfo::canDefaultToCaseSensitiveValueMatch): Deleted.
        (WebCore::SelectorCompiler::constructFragmentsInternal):
        Compute the type of value matching and store it on the AttributeMatchingInfo
        when creating the fragment.

        (WebCore::SelectorCompiler::minimumRegisterRequirements):
        (WebCore::SelectorCompiler::attributeValueTestingRequiresExtraRegister):
        (WebCore::SelectorCompiler::attributeValueTestingRequiresCaseFoldingRegister): Deleted.
        In general, AttributeCaseSensitivity::CaseInsensitive does not require an extra
        register. I have made an exception for generateElementAttributeValueExactMatching()
        for simplicity. I use that register to load the StringImpl of the attribute
        being tested, that way I can use WTF::equalIgnoringCaseNonNull() directly.

        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementAttributeValueMatching):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementAttributeValueExactMatching):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementAttributeFunctionCallValueMatching):
        Matching itself is just function calls. Unlike AttributeCaseSensitivity::HTMLLegacyCaseInsensitive,
        the behavior is consistent between XML and HTML.

2015-02-23  Alex Christensen  <achristensen@webkit.org>

        [WinCairo] Unreviewed build fix after r180532

        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::buffered):
        Fixed typo.

2015-02-23  Chris Dumez  <cdumez@apple.com>

        Log using diagnostic logging which ActiveDOMObjects prevent using the PageCache
        https://bugs.webkit.org/show_bug.cgi?id=141922
        <rdar://problem/19923085>

        Reviewed by Andreas Kling.

        Log using diagnostic logging which ActiveDOMObjects prevent using the
        PageCache.

        * history/PageCache.cpp:
        (WebCore::logCanCacheFrameDecision):
        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::unsuspendableDOMObjectKey):
        * page/DiagnosticLoggingKeys.h:

2015-02-23  Chris Dumez  <cdumez@apple.com>

        Move GeoNotifier class to its own file
        https://bugs.webkit.org/show_bug.cgi?id=141918

        Reviewed by Andreas Kling.

        Move GeoNotifier class to its own file to make Geolocation class less
        crowded.

2015-02-23  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Remove unnecessary PlatformTimeRanges::create()
        https://bugs.webkit.org/show_bug.cgi?id=141901

        Reviewed by Filip Pizlo.

        PlatformTimeRanges::create() functions have just created an instance of PlatformTimeRanges.
        This functionality can be replaced with std::make_unique<> use directly.

        No new tests, no behavior changes.

        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::buffered):
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::bufferedAccountingForEndOfStream):
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::NullMediaPlayerPrivate::buffered):
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::seekable):
        * platform/graphics/PlatformTimeRanges.cpp:
        (WebCore::PlatformTimeRanges::create): Deleted.
        * platform/graphics/PlatformTimeRanges.h:
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::buffered):
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        (WebCore::MediaPlayerPrivateAVFoundationCF::platformBufferedTimeRanges):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::platformBufferedTimeRanges):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seekable):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::buffered):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::buffered):
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::buffered):
        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::buffered):
        * platform/mock/mediasource/MockMediaPlayerMediaSource.cpp:
        (WebCore::MockMediaPlayerMediaSource::buffered):

2015-02-23  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Partial clean up OwnPtr and PassOwnPtr in WebCore/platform
        https://bugs.webkit.org/show_bug.cgi?id=141888

        Reviewed by Filip Pizlo.

        Use std::unique_ptr<> and std::make_unique<>. Besides this patch removes
        unnecessary OwnPtr.h|PasSOwnPtr.h includes.

        No new tests, no behavior changes.

        * platform/SharedBuffer.h:
        * platform/Supplementable.h:
        * platform/audio/gstreamer/AudioSourceProviderGStreamer.h:
        (WebCore::AudioSourceProviderGStreamer::create): Deleted.
        * platform/graphics/ImageBuffer.h:
        * platform/graphics/TiledBackingStoreBackend.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::MediaPlayerPrivateGStreamer):
        (WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        * platform/graphics/gstreamer/VideoSinkGStreamer.cpp:
        * platform/gtk/GamepadsGtk.cpp:

2015-02-23  Shivakumar JM  <shiva.jm@samsung.com>

        Default value of HTMLSelectElement size IDL attribute should be 0.
        https://bugs.webkit.org/show_bug.cgi?id=141795

        Reviewed by Andreas Kling.

        Default value of HTMLSelectElement size IDL attribute should be 0. 
        As in spec: http://www.w3.org/html/wg/drafts/html/master/forms.html#the-select-element, also this matches the behavior of Chrome, IE and
        Gecko.

        Test: fast/dom/select-size.html

        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::parseAttribute):

2015-02-23  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Drawing an SVG image into a canvas using drawImage() ignores globalAlpha.
        https://bugs.webkit.org/show_bug.cgi?id=141729.

        Reviewed by Daniel Bates.

        Fix a build break which is caused by http://trac.webkit.org/changeset/180511/trunk.
        Two functions of GraphicsContext were made inline but they were kept WEBCORE_EXPORT.

        * platform/graphics/GraphicsContext.h:
        (WebCore::GraphicsContext::paintingDisabled):
        (WebCore::GraphicsContext::updatingControlTints):

2015-02-22  Dean Jackson  <dino@apple.com>

        [iOS] Max canvas size is lower than expected
        https://bugs.webkit.org/show_bug.cgi?id=141886
        <rdar://problem/19729246>

        Reviewed by Tim Horton.

        Use the same maximum canvas area for all ports,
        which bumps the iOS limit up from 4580 * 1145
        to 16k * 16k.

        * html/HTMLCanvasElement.cpp: Update MaxCanvasArea.

2015-02-23  Chris Dumez  <cdumez@apple.com>

        Add support for diagnostic logging messages sampling
        https://bugs.webkit.org/show_bug.cgi?id=141823
        <rdar://problem/19899030>

        Reviewed by Andreas Kling.

        Add support for diagnostic logging messages sampling to decrease the
        impact of diagnostic logging on CPU usage, while still getting useful
        overall results. This patch adds a ShouldSample argument to
        logDiagnosticMessage*() functions and logs 5% of the messages when
        sampling. Sampling is turned on for keys that are known to be verbose
        (e.g. per resource load logging).

        On the page load test I am tracking, CPU usage caused by diagnostic
        logging went down to 0.3% of UIProcess from 2.8% with this change.

        * history/PageCache.cpp:
        (WebCore::logPageCacheFailureDiagnosticMessage):
        (WebCore::logCanCachePageDecision):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):
        * loader/EmptyClients.h:
        * loader/FrameLoader.cpp:
        (WebCore::logNavigation):
        (WebCore::FrameLoader::checkLoadCompleteForThisFrame):
        * loader/ResourceLoader.cpp:
        (WebCore::logResourceResponseSource):
        * loader/SubframeLoader.cpp:
        (WebCore::logPluginRequest):
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::willSendRequest):
        (WebCore::SubresourceLoader::didReceiveResponse):
        (WebCore::logResourceLoaded):
        * loader/cache/CachedResource.cpp:
        (WebCore::logResourceRevalidationReason):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::logMemoryCacheResourceRequest):
        * page/DiagnosticLoggingClient.h:

2015-02-23  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Drawing an SVG image into a canvas using drawImage() ignores globalAlpha.
        https://bugs.webkit.org/show_bug.cgi?id=141729.

        Reviewed by Simon Fraser.

        When drawing an SVG image and the drawing context is set to be transparent,
        make sure this transparency is applied to the compositing layer.

        Test: svg/canvas/canvas-global-alpha-svg.html

        * platform/graphics/GraphicsContext.cpp:
        (WebCore::GraphicsContext::setAlpha): Make setAlpha() calls the platform
        function and sets 'm_state.alpha' to the input value.

        (WebCore::GraphicsContext::alpha): Add a new function 'alpha()' which
        returns the value of the global alpha.
        
        * platform/graphics/GraphicsContext.h:
        (WebCore::GraphicsContextState::GraphicsContextState): Add a new member
        'alpha' to the context state since the getter function CGContextGetAlpha
        is defined only in a private header file. Also move single line functions
        from the source file to the header file.
    
        * platform/graphics/cairo/GraphicsContextCairo.cpp:
        (WebCore::GraphicsContext::setPlatformAlpha):
        (WebCore::GraphicsContext::setAlpha): Deleted.
        * platform/graphics/cg/GraphicsContextCG.cpp:
        (WebCore::GraphicsContext::setPlatformAlpha):
        (WebCore::GraphicsContext::setAlpha): Deleted.
        Rename setAlpha() to setPlatformAlpha() in the platform files. Add setAlpha()
        to the core file. setAlpha() will set the value of 'm_state.alpha' and call
        setPlatformAlpha().
    
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::draw): If the drawing context is transparent, apply its
        global alpha value to the compositing layer.
        
2015-02-23  Eric Carlson  <eric.carlson@apple.com>

        Occasional crash in MediaPlayer::setPrivateBrowsingMode
        https://bugs.webkit.org/show_bug.cgi?id=141910

        Reviewed by Jer Noble.

        No new tests, I was unable to reproduce the crash.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::stopPeriodicTimers): Use EveryDelayedAction instead of -1.
        (WebCore::HTMLMediaElement::stop): Call clearMediaPlayer instead of just setting m_player
            to NULL.
        * html/HTMLMediaElement.h: Define EveryDelayedAction.

2015-02-23  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] Redundant track language notifications
        https://bugs.webkit.org/show_bug.cgi?id=141908

        Reviewed by Žan Doberšek.

        Invoke languageChanged only if the language code actually
        changed.

        * platform/graphics/gstreamer/TrackPrivateBaseGStreamer.cpp:
        (WebCore::TrackPrivateBaseGStreamer::notifyTrackOfTagsChanged):

2015-02-23  peavo@outlook.com  <peavo@outlook.com>

        [WinCairo] Crash when media player is destroyed.
        https://bugs.webkit.org/show_bug.cgi?id=141248

        Reviewed by Darin Adler.

        A COM smart pointer is both released, and set to null.
        This means that the COM Release method is called twice, causing a crash.

        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::endSession):

2015-02-23  Manuel Rego Casasnovas  <rego@igalia.com>

        [CSS Grid Layout] Remove old FIXME in RenderGrid::placeItemsOnGrid()
        https://bugs.webkit.org/show_bug.cgi?id=141899

        Reviewed by Sergio Villar Senin.

        There was a FIXME about not re-resolving positions if the grid is grown during
        auto-placement. But as the spec has changed [1] and you can only refer to the
        explicit grid (even if you use for example grid-column: 1 / -1). It seems that
        we can get rid of this FIXME as it's not a causing a problem anymore.

        [1] http://dev.w3.org/csswg/css-grid/#grid-placement-int

        No new tests (no change in behavior).

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::placeItemsOnGrid): Remove FIXME.

2015-02-22  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Move std::unique_ptr<>|make_unique<> to WebCore/page/scrolling
        https://bugs.webkit.org/show_bug.cgi?id=137877

        Reviewed by Sam Weinig.

        Clean up unnecessary OwnPtr.h|PassOwnPtr.h includes as well as
        change OwnPtr with std::unique_ptr<>|make_unique<>.

        No new tests, no behavior changes.

        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ScrollingStateFixedNode.cpp:
        * page/scrolling/ScrollingStateFrameScrollingNode.cpp:
        * page/scrolling/ScrollingStateNode.cpp:
        (WebCore::ScrollingStateNode::appendChild):
        * page/scrolling/ScrollingStateNode.h:
        * page/scrolling/ScrollingStateOverflowScrollingNode.cpp:
        * page/scrolling/ScrollingStateScrollingNode.cpp:
        * page/scrolling/ScrollingStateStickyNode.cpp:
        * page/scrolling/ScrollingTree.h:
        * page/scrolling/ScrollingTreeNode.cpp:
        (WebCore::ScrollingTreeNode::appendChild):
        * page/scrolling/ScrollingTreeNode.h:
        * page/scrolling/ScrollingTreeScrollingNode.h:

2015-02-22  Dean Jackson  <dino@apple.com>

        Print a console warning when HTMLCanvasElement exceeds the maximum size
        https://bugs.webkit.org/show_bug.cgi?id=141861
        <rdar://problem/19729145>

        Reviewed by Simon Fraser.

        Add a warning if we ever try to create a canvas that is
        too big.

        No test because:
        1. We can't ref-test against console messages.
        2. The output is platform specific.

        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::createImageBuffer):

2015-02-21  Sam Weinig  <sam@webkit.org>

        Convert the caps lock indicator to be implemented using the shadow DOM
        https://bugs.webkit.org/show_bug.cgi?id=141868

        Reviewed by Dan Bernstein.

        - Re-adds 'caps-lock-indicator' as a valid -webkit-appearance value. It was removed
          in r74099 to work around a site bug, that should not be a problem anymore.
        - Converts the caps lock indicator to be implemented as part of the shadow DOM rather
          than a paint time effect. This gives the proper overflow behavior (it now clips) and
          behaves correctly in RTL.

        * css/CSSParser.cpp:
        (WebCore::isValidKeywordPropertyAndValue):
        Make 'caps-lock-indicator' a valid -webkit-appearance value.

        * css/CSSValueKeywords.in:
        Remove comment that indicated that caps-lock-indicator was not a valid
        -webkit-appearance value.

        * css/html.css:
        (input::-webkit-caps-lock-indicator):
        Add new default style for the new -webkit-caps-lock-indicator pseudo-element. The
        trick employed here is to use a content: image to both implement the painting of
        the caps lock indicator, and to get the sizing right (shrink-to-fit, height: 100%).

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::capsLockIndicatorElement):
        (WebCore::HTMLInputElement::capsLockStateMayHaveChanged):
        * html/HTMLInputElement.h:
        * html/InputType.cpp:
        (WebCore::InputType::capsLockStateMayHaveChanged):
        * html/InputType.h:
        (WebCore::InputType::capsLockIndicatorElement):
        Pipe notification of changes in the caps locks state to the <input> element
        rather than the RenderTextControlSingleLine. Also add an accessor for the caps
        lock indicator element in the shadow DOM.

        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::forwardEvent):
        (WebCore::TextFieldInputType::shouldHaveCapsLockIndicator):
        (WebCore::TextFieldInputType::createShadowSubtree):
        (WebCore::TextFieldInputType::capsLockIndicatorElement):
        (WebCore::TextFieldInputType::destroyShadowSubtree):
        (WebCore::TextFieldInputType::shouldDrawCapsLockIndicator):
        (WebCore::TextFieldInputType::capsLockStateMayHaveChanged):
        * html/TextFieldInputType.h:
        Add a new element to the text field shadow DOM to act as the caps lock indicator.
        Give it a pseudo-element ID of -webkit-caps-lock-indicator so it can be referenced
        from CSS. The element is always in the DOM for a password field. It toggles between
        display: none and display: block depending on the state of the caps lock key.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::capsLockStateMayHaveChanged):
        Pipe notification of changes in the caps locks state to the <input> element
        rather than the RenderTextControlSingleLine.

        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::RenderTextControlSingleLine):
        (WebCore::RenderTextControlSingleLine::paint): Deleted.
        (WebCore::RenderTextControlSingleLine::capsLockStateMayHaveChanged): Deleted.
        * rendering/RenderTextControlSingleLine.h:
        Remove logic for drawing the caps lock indicator.

        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::adjustStyle):
        (WebCore::RenderTheme::paint):
        (WebCore::RenderTheme::paintMeter):
        (WebCore::RenderTheme::adjustCapsLockIndicatorStyle):
        (WebCore::RenderTheme::paintCapsLockIndicator):
        (WebCore::RenderTheme::shouldHaveCapsLockIndicator):
        * rendering/RenderTheme.h:
        (WebCore::RenderTheme::paintCapsLockIndicator): Deleted.
        * rendering/RenderThemeIOS.h:
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::shouldHaveCapsLockIndicator):
        * rendering/RenderThemeMac.h:
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::shouldHaveCapsLockIndicator):
        (WebCore::RenderThemeMac::paintCapsLockIndicator): Deleted.
        Now that the caps lock indicator is implemented like other aspects of form controls,
        the theme code can be converted to be similar as well.

2015-02-21  David Kilzer  <ddkilzer@apple.com>

        [iOS] Fix build failure after including CoreMediaSoftLink.h in WebVideoFullscreenInterfaceAVKit.mm
        <http://webkit.org/b/141816>

        Attempt to fix the following build failure:

            WebCore/platform/ios/WebVideoFullscreenInterfaceAVKit.mm:68:1: error: call to 'CoreMediaLibrary' is ambiguous
            SOFT_LINK(CoreMedia, CMTimeRangeContainsTime, Boolean, (CMTimeRange range, CMTime time), (range, time))
            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
            In file included from WebCore/platform/ios/WebVideoFullscreenInterfaceAVKit.mm:34:
            In file included from WebCore/platform/cf/CoreMediaSoftLink.h:32:
            WebCore/platform/mac/SoftLinking.h:107:79: note: expanded from macro 'SOFT_LINK'
            <scratch space>:58:1: note: expanded from here
            CoreMediaLibrary
            ^~~~~~~~~~~~~~~~
            In file included from WebCore/platform/ios/WebVideoFullscreenInterfaceAVKit.mm:34:
            WebCore/platform/cf/CoreMediaSoftLink.h:35:1: note: candidate function
            SOFT_LINK_FRAMEWORK_HEADER(WebCore, CoreMedia)
            ^
            In file included from WebCore/platform/ios/WebVideoFullscreenInterfaceAVKit.mm:34:
            In file included from WebCore/platform/cf/CoreMediaSoftLink.h:32:
            WebCore/platform/mac/SoftLinking.h:298:18: note: expanded from macro 'SOFT_LINK_FRAMEWORK_HEADER'
            <scratch space>:42:1: note: expanded from here
            CoreMediaLibrary
            ^
            WebCore/platform/ios/WebVideoFullscreenInterfaceAVKit.mm:67:1: note: candidate function
            SOFT_LINK_FRAMEWORK(CoreMedia)
            ^
            In file included from WebCore/platform/ios/WebVideoFullscreenInterfaceAVKit.mm:34:
            In file included from WebCore/platform/cf/CoreMediaSoftLink.h:32:
            WebCore/platform/mac/SoftLinking.h:46:18: note: expanded from macro 'SOFT_LINK_FRAMEWORK'
            <scratch space>:51:1: note: expanded from here
            CoreMediaLibrary
            ^

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: Remove the
        SOFT_LINK_FRAMEWORK(CoreMedia) macro since the remaining
        SOFT_LINK() and SOFT_LINK_CONSTANT() macros can use the
        CoreMediaLibrary() method exposed by CoreMediaSoftLink.h.

2015-02-21  David Kilzer  <ddkilzer@apple.com>

        Add SOFT_LINK_CONSTANT_SOURCE() cross-platform macro and start using it
        <http://webkit.org/b/141816>

        Reviewed by Alexey Proskuryakov.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        - Remove CoreMediaSoftLinking.h.

        * platform/cf/CoreMediaSoftLink.cpp:
        - Add kCMTimeZero constant.
        * platform/cf/CoreMediaSoftLink.h:
        - Add SOFT_LINK_FRAMEWORK_HEADER() macro for CoreMedia.
        - Add kCMTimeZero constant.

        * platform/graphics/avfoundation/cf/CoreMediaSoftLinking.h: Remove.

        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        - Remove reference to CoreMediaSoftLinking.h and update comment.
        (WebCore::MediaPlayerPrivateAVFoundationCF::isAvailable):
        - Switch to using new method to check if a framework is
          available.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        - Remove all local soft-linking macros for CoreMedia.
          CoreMediaSoftLink.h handles everything now.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::isAvailable):
        - Switch to using new method to check if a framework is
          available.

        * platform/mac/SoftLinking.h:
        (SOFT_LINK_FRAMEWORK_HEADER): Add.  Defines
        is_Name_FrameworkAvailable() macro.
        (SOFT_LINK_FRAMEWORK_SOURCE): Update to make it work with
        optional framework checks without a separate macro.
        (SOFT_LINK_CONSTANT_HEADER): Add.
        (SOFT_LINK_CONSTANT_SOURCE): Add.
        - Support soft-links to constants.

        * platform/win/SoftLinking.h:
        (SOFT_LINK_FRAMEWORK_HELPER): Add.  Copied from
        SOFT_LINK_LIBRARY_HELPER, with addition of namespace and
        non-static function.
        (SOFT_LINK_FRAMEWORK): Add.  Copied from SOFT_LINK_LIBRARY.
        (SOFT_LINK_DEBUG_FRAMEWORK): Add.  Copied from
        SOFT_LINK_DEBUG_LIBRARY.
        (SOFT_LINK_FRAMEWORK_HEADER): Add.  Defines
        is_Name_FrameworkAvailable() macro.
        (SOFT_LINK_FRAMEWORK_SOURCE): Redefine in terms of
        SOFT_LINK_FRAMEWORK/SOFT_LINK_DEBUG_FRAMEWORK.
        (SOFT_LINK_CONSTANT_HEADER): Add.
        (SOFT_LINK_CONSTANT_SOURCE): Add.
        - Support soft-links to constants.

2015-02-20  David Kilzer  <ddkilzer@apple.com>

        Make namespace configurable for SOFT_LINK_*_{HEADER,SOURCE}() macros
        <http://webkit.org/b/141849>

        Reviewed by Brent Fulgham.

        This patch does the following:
        - Add namespace argument to the SOFT_LINK_*_{HEADER,SOURCE}()
          macros for reuse in other projects.
        - Adds SOFT_LINK_FRAMEWORK_SOURCE() macro in preparation for Bug
          141816.
        - Adds back framework argument to SOFT_LINK_FUNCTION_HEADER()
          and includes framework name in generated function names.  This
          adds more entropy to the names in case there are two functions
          with the same name in different frameworks.

        * platform/cf/CoreMediaSoftLink.cpp:
        - Add FIXME about USE(COREMEDIA).
        - Switch from SOFT_LINK_FRAMEWORK() to
          SOFT_LINK_FRAMEWORK_SOURCE().
        * platform/cf/CoreMediaSoftLink.h:
        - Add FIXME about USE(COREMEDIA).
        - Add back framework argument to SOFT_LINK_FUNCTION_HEADER()
          macros.

        * platform/mac/SoftLinking.h:
        - Add missing header guards.
        - Add pragmas for different macro groups.
        (SOFT_LINK_FRAMEWORK_SOURCE): Add.
        (SOFT_LINK_FUNCTION_HEADER): Move. Add back framework argument.
        (SOFT_LINK_FUNCTION_SOURCE): Move.
        - Add framework name to generated function names.
        - Incorporates namespace so that it doesn't have to be listed in
          the *SoftLink.{cpp,h} file.

        * platform/win/SoftLinking.h:
        - Add pragmas for different macro groups.
        (SOFT_LINK_FRAMEWORK_SOURCE): Add.
        (SOFT_LINK_FUNCTION_HEADER): Move. Add back framework argument.
        (SOFT_LINK_FUNCTION_SOURCE): Move.
        - Add framework name to generated function names.
        - Incorporates namespace so that it doesn't have to be listed in
          the *SoftLink.{cpp,h} file.

2015-02-20  Brent Fulgham  <bfulgham@apple.com>

        [Gtk] Unreviewed build fix.

        * platform/ScrollAnimatorNone.cpp:
        (WebCore::ScrollAnimatorNone::ScrollAnimatorNone): Forget to update two
        uses of ScrollableArea.

2015-02-20  Brent Fulgham  <bfulgham@apple.com>

        Scrollbars and ScrollAnimators must always have a ScrollableArea
        https://bugs.webkit.org/show_bug.cgi?id=141855

        Reviewed by Simon Fraser.

        No change in functionality.
        
        Change users of the scrollAnimator() method to expect a reference instead of a pointer. Also get rid of
        a number of unnecessary nullptr checks.

        * accessibility/AccessibilityScrollbar.cpp:
        (WebCore::AccessibilityScrollbar::setValue):
        * css/SelectorCheckerTestFunctions.h:
        (WebCore::scrollbarMatchesCornerPresentPseudoClass):
        * page/FrameView.cpp:
        (WebCore::FrameView::createScrollbar):
        (WebCore::FrameView::setFixedVisibleContentRect):
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::handleWheelEventPhase):
        * platform/PopupMenuClient.h:
        * platform/ScrollAnimator.cpp:
        (WebCore::ScrollAnimator::ScrollAnimator):
        (WebCore::ScrollAnimator::scroll):
        (WebCore::ScrollAnimator::handleWheelEvent):
        (WebCore::ScrollAnimator::notifyPositionChanged):
        (WebCore::ScrollAnimator::updateScrollAnimatorsAndTimers):
        * platform/ScrollAnimator.h:
        (WebCore::ScrollAnimator::ScrollAnimator::scrollableArea):
        * platform/ScrollAnimatorNone.cpp:
        * platform/ScrollAnimatorNone.h:
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::createScrollbar):
        * platform/ScrollableArea.cpp:
        (WebCore::ScrollableArea::scrollAnimator):
        (WebCore::ScrollableArea::scroll):
        (WebCore::ScrollableArea::scrollToOffsetWithoutAnimation):
        (WebCore::ScrollableArea::notifyScrollPositionChanged):
        (WebCore::ScrollableArea::scrollPositionChanged):
        (WebCore::ScrollableArea::handleWheelEvent):
        (WebCore::ScrollableArea::handleTouchEvent):
        (WebCore::ScrollableArea::mouseEnteredScrollbar):
        (WebCore::ScrollableArea::mouseExitedScrollbar):
        (WebCore::ScrollableArea::didAddScrollbar):
        (WebCore::ScrollableArea::willRemoveScrollbar):
        (WebCore::ScrollableArea::verticalScrollbarLayerDidChange):
        (WebCore::ScrollableArea::horizontalScrollbarLayerDidChange):
        * platform/ScrollableArea.h:
        * platform/Scrollbar.cpp:
        (WebCore::Scrollbar::createNativeScrollbar):
        (WebCore::Scrollbar::Scrollbar):
        (WebCore::Scrollbar::scrollbarOverlayStyle):
        (WebCore::Scrollbar::isScrollableAreaActive):
        (WebCore::Scrollbar::offsetDidChange):
        (WebCore::Scrollbar::autoscrollPressedPart):
        (WebCore::Scrollbar::moveThumb):
        (WebCore::Scrollbar::mouseMoved):
        (WebCore::Scrollbar::mouseEntered):
        (WebCore::Scrollbar::mouseExited):
        (WebCore::Scrollbar::mouseUp):
        (WebCore::Scrollbar::shouldParticipateInHitTesting):
        (WebCore::Scrollbar::isWindowActive):
        (WebCore::Scrollbar::invalidateRect):
        (WebCore::Scrollbar::convertToContainingView):
        (WebCore::Scrollbar::convertFromContainingView):
        (WebCore::Scrollbar::supportsUpdateOnSecondaryThread):
        * platform/Scrollbar.h:
        (WebCore::Scrollbar::scrollableArea):
        (WebCore::Scrollbar::disconnectFromScrollableArea): Deleted.
        * platform/ios/ScrollAnimatorIOS.mm:
        (WebCore::ScrollAnimatorIOS::handleTouchEvent):
        (WebCore::ScrollAnimatorIOS::determineScrollableAreaForTouchSequence):
        * platform/mac/ScrollAnimatorMac.h:
        * platform/mac/ScrollAnimatorMac.mm:
        (-[WebScrollbarPainterControllerDelegate scrollerImpPair:setContentAreaNeedsDisplayInRect:]):
        (-[WebScrollbarPainterControllerDelegate scrollerImpPair:updateScrollerStyleForNewRecommendedScrollerStyle:]):
        (-[WebScrollbarPainterDelegate scrollAnimator]):
        (-[WebScrollbarPainterDelegate layer]):
        (-[WebScrollbarPainterDelegate mouseLocationInScrollerForScrollerImp:]):
        (-[WebScrollbarPainterDelegate setUpAlphaAnimation:scrollerPainter:part:animateAlphaTo:duration:]):
        (WebCore::ScrollAnimator::create):
        (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
        (WebCore::ScrollAnimatorMac::scroll):
        (WebCore::ScrollAnimatorMac::adjustScrollPositionIfNecessary):
        (WebCore::ScrollAnimatorMac::adjustScrollPositionToBoundsIfNecessary):
        (WebCore::ScrollAnimatorMac::immediateScrollTo):
        (WebCore::ScrollAnimatorMac::didAddVerticalScrollbar):
        (WebCore::ScrollAnimatorMac::didAddHorizontalScrollbar):
        (WebCore::ScrollAnimatorMac::verticalScrollbarLayerDidChange):
        (WebCore::ScrollAnimatorMac::horizontalScrollbarLayerDidChange):
        (WebCore::ScrollAnimatorMac::notifyContentAreaScrolled):
        (WebCore::ScrollAnimatorMac::pinnedInDirection):
        (WebCore::ScrollAnimatorMac::isAlreadyPinnedInDirectionOfGesture):
        (WebCore::ScrollAnimatorMac::allowsVerticalStretching):
        (WebCore::ScrollAnimatorMac::allowsHorizontalStretching):
        (WebCore::ScrollAnimatorMac::stretchAmount):
        (WebCore::ScrollAnimatorMac::canScrollHorizontally):
        (WebCore::ScrollAnimatorMac::canScrollVertically):
        (WebCore::ScrollAnimatorMac::absoluteScrollPosition):
        (WebCore::ScrollAnimatorMac::immediateScrollByWithoutContentEdgeConstraints):
        (WebCore::ScrollAnimatorMac::updateScrollerStyle):
        (WebCore::ScrollAnimatorMac::setVisibleScrollerThumbRect):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::RenderLayer):
        (WebCore::RenderLayer::createScrollbar):
        (WebCore::RenderLayer::destroyScrollbar):
        (WebCore::RenderLayer::updateScrollInfoAfterLayout):
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::createScrollbar):
        (WebCore::RenderListBox::destroyScrollbar):
        * rendering/RenderMenuList.cpp:
        (RenderMenuList::createScrollbar):
        * rendering/RenderMenuList.h:
        * rendering/RenderScrollbar.cpp:
        (WebCore::RenderScrollbar::createCustomScrollbar):
        (WebCore::RenderScrollbar::RenderScrollbar):
        * rendering/RenderScrollbar.h:
        * rendering/RenderSearchField.cpp:
        (WebCore::RenderSearchField::createScrollbar):
        * rendering/RenderSearchField.h:

2015-02-20  Enrica Casucci  <enrica@apple.com>

        [WK2] Add support for font panel on OS X.
        https://bugs.webkit.org/show_bug.cgi?id=141777

        Reviewed by Tim Horton.

        This patch adds the necessary hooks to the Editor class to support
        the font panel.

        * editing/Editor.h:
        * editing/mac/EditorMac.mm:
        (WebCore::Editor::applyFontStyles):

2015-02-20  Zalan Bujtas  <zalan@apple.com>

        Invalid assert in CompositeEditCommand::insertNodeAfter/insertNodeBefore
        https://bugs.webkit.org/show_bug.cgi?id=141854

        Reviewed by Ryosuke Niwa.

        Inserting content before/after the body as the result of editing is a valid operation.
        This assert was originally introduced to cover cases where edited content would get moved
        out of body. However, asserting such operation properly is not possible atm.

        Test: editing/inserting/insert-as-body-sibling.html

        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::insertNodeBefore):
        (WebCore::CompositeEditCommand::insertNodeAfter):

2015-02-20  Chris Dumez  <cdumez@apple.com>

        [WK2] Add more detailed diagnostic logging for measuring network cache efficacy
        https://bugs.webkit.org/show_bug.cgi?id=141803
        <rdar://problem/19632080>

        Reviewed by Antti Koivisto.

        Add more diagnostic logging keys for the network cache.

        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::missingValidatorFieldsKey):
        (WebCore::DiagnosticLoggingKeys::noLongerInCacheKey):
        (WebCore::DiagnosticLoggingKeys::isReloadIgnoringCacheDataKey):
        (WebCore::DiagnosticLoggingKeys::isAttachmentKey):
        (WebCore::DiagnosticLoggingKeys::isConditionalRequestKey):
        (WebCore::DiagnosticLoggingKeys::cacheControlNoStoreKey):
        (WebCore::DiagnosticLoggingKeys::uncacheableStatusCodeKey):
        (WebCore::DiagnosticLoggingKeys::unsupportedHTTPMethodKey):
        (WebCore::DiagnosticLoggingKeys::unusableCachedEntryKey):
        (WebCore::DiagnosticLoggingKeys::varyingHeaderMismatchKey):
        (WebCore::WebCore::DiagnosticLoggingKeys::notHTTPFamilyKey):
        (WebCore::DiagnosticLoggingKeys::notInCacheKey):
        (WebCore::DiagnosticLoggingKeys::noLongerInCacheFailureKey): Deleted.
        (WebCore::DiagnosticLoggingKeys::unhandledRequestFailureKey): Deleted.
        (WebCore::DiagnosticLoggingKeys::unusableCachedEntryFailureKey): Deleted.
        * page/DiagnosticLoggingKeys.h:

2015-02-20  Tim Horton  <timothy_horton@apple.com>

        <attachment> turns the wrong blue when you highlight it
        https://bugs.webkit.org/show_bug.cgi?id=141853

        Reviewed by Simon Fraser.

        * rendering/RenderAttachment.h:
        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::shouldDrawSelectionTint):
        (WebCore::RenderReplaced::paint):
        * rendering/RenderReplaced.h:
        Don't draw the selection tint for RenderAttachment.

2015-02-20  Tim Horton  <timothy_horton@apple.com>

        Allow <attachment> elements to be focused
        https://bugs.webkit.org/show_bug.cgi?id=141847

        Reviewed by Enrica Casucci.

        * css/html.css:
        (attachment:focus):
        Disable focus rings for <attachment>.

        * html/HTMLAttachmentElement.cpp:
        (WebCore::HTMLAttachmentElement::setFocus):
        * html/HTMLAttachmentElement.h:
        Allow HTMLAttachmentElement to get editing focus.
        Let RenderAttachment know when focus changes.

        * rendering/RenderAttachment.cpp:
        (WebCore::RenderAttachment::paintReplaced):
        Paint the background in cyan when we are inside the selection or have focus.
        Otherwise, it will be gray.

        (WebCore::RenderAttachment::focusChanged):
        When focus changes, repaint.

        * rendering/RenderAttachment.h:

2015-02-20  Brent Fulgham  <bfulgham@apple.com>

        Rename ScrollElasticityController to ScrollController
        https://bugs.webkit.org/show_bug.cgi?id=141842

        Reviewed by Simon Fraser.

        No change in functionality.

        * PlatformMac.cmake:
        * WebCore.order:
        * WebCore.xcodeproj/project.pbxproj:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
        * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
        (WebCore::ScrollingTreeFrameScrollingNodeMac::ScrollingTreeFrameScrollingNodeMac):
        (WebCore::ScrollingTreeFrameScrollingNodeMac::handleWheelEvent):
        (WebCore::ScrollingTreeFrameScrollingNodeMac::startSnapRubberbandTimer):
        * platform/mac/ScrollAnimatorMac.h:
        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
        (WebCore::ScrollAnimatorMac::isRubberBandInProgress):
        (WebCore::ScrollAnimatorMac::handleWheelEvent):
        (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired):
        * platform/mac/ScrollController.h: Copied from WebCore/platform/mac/ScrollElasticityController.h.
        (WebCore::ScrollControllerClient::~ScrollControllerClient):
        (WebCore::ScrollElasticityControllerClient::~ScrollElasticityControllerClient): Deleted.
        * platform/mac/ScrollController.mm: Copied from WebCore/platform/mac/ScrollElasticityController.mm.
        (WebCore::ScrollController::ScrollController):
        (WebCore::ScrollController::handleWheelEvent):
        (WebCore::ScrollController::snapRubberBandTimerFired):
        (WebCore::ScrollController::isRubberBandInProgress):
        (WebCore::ScrollController::stopSnapRubberbandTimer):
        (WebCore::ScrollController::snapRubberBand):
        (WebCore::ScrollController::shouldRubberBandInHorizontalDirection):
        (WebCore::ScrollElasticityController::ScrollElasticityController): Deleted.
        (WebCore::ScrollElasticityController::handleWheelEvent): Deleted.
        (WebCore::ScrollElasticityController::snapRubberBandTimerFired): Deleted.
        (WebCore::ScrollElasticityController::isRubberBandInProgress): Deleted.
        (WebCore::ScrollElasticityController::stopSnapRubberbandTimer): Deleted.
        (WebCore::ScrollElasticityController::snapRubberBand): Deleted.
        (WebCore::ScrollElasticityController::shouldRubberBandInHorizontalDirection): Deleted.
        * platform/mac/ScrollElasticityController.h: Removed.
        * platform/mac/ScrollElasticityController.mm: Removed.

2015-02-20  Alexey Proskuryakov  <ap@apple.com>

        Remove svn:keywords property.

        As far as I can tell, the property had no effect on any of these files, but also,
        when it has effect it's likely harmful.

        * Modules/mediacontrols/assets-apple-iOS.svg: Removed property svn:keywords.
        * Modules/mediacontrols/mediaControlsBase.css: Removed property svn:keywords.
        * Modules/mediacontrols/mediaControlsBase.js: Removed property svn:keywords.
        * bindings/js/JSDeviceMotionEventCustom.cpp: Removed property svn:keywords.
        * css/CSSKeyframeRule.cpp: Removed property svn:keywords.
        * css/CSSKeyframeRule.h: Removed property svn:keywords.
        * css/CSSKeyframesRule.cpp: Removed property svn:keywords.
        * css/CSSKeyframesRule.h: Removed property svn:keywords.
        * css/WebKitCSSFilterValue.cpp: Removed property svn:keywords.
        * css/WebKitCSSFilterValue.h: Removed property svn:keywords.
        * css/plugIns.css: Removed property svn:keywords.
        * dom/AnimationEvent.cpp: Removed property svn:keywords.
        * dom/AnimationEvent.h: Removed property svn:keywords.
        * dom/DeviceMotionClient.h: Removed property svn:keywords.
        * dom/DeviceMotionController.cpp: Removed property svn:keywords.
        * dom/DeviceMotionController.h: Removed property svn:keywords.
        * dom/DeviceMotionData.cpp: Removed property svn:keywords.
        * dom/DeviceMotionData.h: Removed property svn:keywords.
        * dom/DeviceMotionEvent.cpp: Removed property svn:keywords.
        * dom/DeviceMotionEvent.h: Removed property svn:keywords.
        * html/canvas/ANGLEInstancedArrays.cpp: Removed property svn:keywords.
        * html/canvas/ANGLEInstancedArrays.h: Removed property svn:keywords.
        * html/canvas/OESTextureFloatLinear.cpp: Removed property svn:keywords.
        * html/canvas/OESTextureFloatLinear.h: Removed property svn:keywords.
        * html/canvas/OESTextureHalfFloatLinear.cpp: Removed property svn:keywords.
        * html/canvas/OESTextureHalfFloatLinear.h: Removed property svn:keywords.
        * html/shadow/MediaControlsApple.cpp: Removed property svn:keywords.
        * html/shadow/MediaControlsApple.h: Removed property svn:keywords.
        * page/Frame.h: Removed property svn:keywords.
        * page/scrolling/ScrollingConstraints.cpp: Removed property svn:keywords.
        * page/scrolling/ScrollingConstraints.h: Removed property svn:keywords.
        * page/scrolling/ScrollingStateStickyNode.cpp: Removed property svn:keywords.
        * page/scrolling/ios/ScrollingTreeIOS.cpp: Removed property svn:keywords.
        * page/scrolling/mac/ScrollingTreeStickyNode.h: Removed property svn:keywords.
        * platform/ControlStates.h: Removed property svn:keywords.
        * platform/ScrollbarTheme.cpp: Removed property svn:keywords.
        * platform/graphics/GraphicsLayerUpdater.cpp: Removed property svn:keywords.
        * platform/graphics/GraphicsLayerUpdater.h: Removed property svn:keywords.
        * platform/graphics/ca/TileController.h: Removed property svn:keywords.
        * platform/graphics/ca/mac/WebTiledBackingLayer.h: Removed property svn:keywords.
        * platform/graphics/filters/FilterOperation.cpp: Removed property svn:keywords.
        * platform/graphics/filters/FilterOperation.h: Removed property svn:keywords.
        * platform/graphics/filters/FilterOperations.h: Removed property svn:keywords.
        * platform/ios/SystemMemory.h: Removed property svn:keywords.
        * platform/mock/ScrollbarThemeMock.cpp: Removed property svn:keywords.
        * platform/mock/ScrollbarThemeMock.h: Removed property svn:keywords.
        * platform/spi/cocoa/ServersSPI.h: Removed property svn:keywords.
        * platform/text/mac/ios-encodings.txt: Removed property svn:keywords.
        * rendering/FilterEffectRenderer.cpp: Removed property svn:keywords.
        * rendering/FilterEffectRenderer.h: Removed property svn:keywords.
        * rendering/RenderGeometryMap.cpp: Removed property svn:keywords.
        * rendering/RenderGeometryMap.h: Removed property svn:keywords.
        * rendering/RenderMediaControlElements.h: Removed property svn:keywords.
        * rendering/TextAutoSizing.cpp: Removed property svn:keywords.
        * rendering/TextAutoSizing.h: Removed property svn:keywords.
        * rendering/style/StylePendingImage.h: Removed property svn:keywords.

2015-02-20  Brent Fulgham  <bfulgham@apple.com>

        [Mac] REGRESSION: Scroll snap points broken after r180018
        https://bugs.webkit.org/show_bug.cgi?id=141821
        <rdar://problem/19898333>

        Reviewed by Simon Fraser.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::platformNotifySnapIfNecessary): Added stub.
        (WebCore::EventHandler::handleWheelEvent): Call new 'platformNotifySnapIfNecessary' method
        to catch the 'ended wheel' gesture.
        * page/EventHandler.h:
        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::platformNotifySnapIfNecessary): Added. If the wheel event signifies
        the end of a wheel/swipe gesture, let the snap logic decide if it should do anything
        (i.e., trigger an animation)
        * platform/ScrollAnimator.cpp:
        (WebCore::ScrollAnimator::processWheelEventForScrollSnap): Added.
        * platform/ScrollAnimator.h:

2015-02-20  Eric Carlson  <eric.carlson@apple.com>

        [iOS] cleanup AirPlay code
        https://bugs.webkit.org/show_bug.cgi?id=141811

        Reviewed by Jer Noble.

        * Configurations/FeatureDefines.xcconfig: IOS_AIRPLAY -> WIRELESS_PLAYBACK_TARGET.

        * Modules/airplay/WebKitPlaybackTargetAvailabilityEvent.cpp: Ditto.
        * Modules/airplay/WebKitPlaybackTargetAvailabilityEvent.h:
        * Modules/airplay/WebKitPlaybackTargetAvailabilityEvent.idl:

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::externalDeviceDisplayName): Ditto.
        (WebCore::MediaControlsHost::externalDeviceType):

        * dom/EventNames.h: Ditto.
        * dom/EventNames.in:

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement): Ditto.
        (WebCore::HTMLMediaElement::~HTMLMediaElement): Ditto.
        (WebCore::HTMLMediaElement::parseAttribute):
        * html/HTMLMediaElement.h:
        * html/HTMLMediaElement.idl:

        * html/HTMLMediaSession.cpp:
        (WebCore::restrictionName): Ditto.
        (WebCore::HTMLMediaSession::applyMediaPlayerRestrictions): Ditto.
        * html/HTMLMediaSession.h:

        * html/HTMLVideoElement.cpp:
        (WebCore::HTMLVideoElement::parseAttribute): Ditto.
        * html/HTMLVideoElement.h:
        * html/HTMLVideoElement.idl:

        * page/Settings.in: Ditto.

        * platform/audio/MediaSessionManager.h:
        * platform/audio/ios/MediaSessionManagerIOS.h:
        * platform/audio/ios/MediaSessionManagerIOS.mm: Ditto.

        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::showPlaybackTargetPicker): Deleted.
        (WebCore::MediaPlayer::hasWirelessPlaybackTargets): Deleted.
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::showPlaybackTargetPicker): Deleted.
        (WebCore::MediaPlayerPrivateInterface::hasWirelessPlaybackTargets): Deleted.
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::rateChanged):
        (WebCore::MediaPlayerPrivateAVFoundation::dispatchNotification):

        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::MediaPlayerPrivateAVFoundationObjC): IOS_AIRPLAY -> WIRELESS_PLAYBACK_TARGET.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::cancelLoad): Ditto.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer): Ditto.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenLayer): Ditto.
        (-[WebCoreAVFMovieObserver observeValueForKeyPath:ofObject:change:context:]): Ditto.

2015-02-20  Dhi Aurrahman  <diorahman@rockybars.com>

        Language ranges containing asterisks must be quoted as strings
        https://bugs.webkit.org/show_bug.cgi?id=141659

        Reviewed by Benjamin Poulain.

        As specified in [1], the language ranges containing asterisks must be quoted as strings.

        [1] http://dev.w3.org/csswg/selectors-4/#the-lang-pseudo.

        * css/CSSGrammar.y.in:
        * css/CSSParser.cpp:
        (WebCore::CSSParser::realLex):

2015-02-20  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Use std::unique_ptr instead of PassOwnPtr|OwnPtr in MediaPlayerFoo classes
        https://bugs.webkit.org/show_bug.cgi?id=137765

        Reviewed by Ryosuke Niwa.

        As a step to use std::unique_ptr|std::make_unique<>, this patch changes use of OwnPtr|PassOwnPtr
        with std::unique_ptr<>|std::make_unique<>. To remove all create() factory function, lambdas is
        used in registerMediaEngine().

        No new tests, no behavior changes.

        * WebCore.exp.in:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):
        * html/HTMLMediaElement.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::NullMediaPlayerPrivate::NullMediaPlayerPrivate):
        (WebCore::MediaPlayer::MediaPlayer):
        (WebCore::MediaPlayer::loadWithNextMediaEngine):
        (WebCore::createNullMediaPlayer): Deleted.
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayer::create): Deleted.
        * platform/graphics/MediaPlayerPrivate.h:
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        (WebCore::MediaPlayerPrivateAVFoundationCF::registerMediaEngine):
        (WebCore::MediaPlayerPrivateAVFoundationCF::create): Deleted.
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::registerMediaEngine):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::create): Deleted.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::registerMediaEngine):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::create): Deleted.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::registerMediaEngine):
        (WebCore::MediaPlayerPrivateGStreamer::create): Deleted.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::registerMediaEngine):
        (WebCore::MediaPlayerPrivateQTKit::create): Deleted.
        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::registerMediaEngine):
        (WebCore::MediaPlayerPrivateMediaFoundation::create): Deleted.
        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.h:
        * platform/mock/mediasource/MockMediaPlayerMediaSource.cpp:
        (WebCore::MockMediaPlayerMediaSource::registerMediaEngine):
        (WebCore::MockMediaPlayerMediaSource::create): Deleted.
        * platform/mock/mediasource/MockMediaPlayerMediaSource.h:

2015-02-19  David Kilzer  <ddkilzer@apple.com>

        Rename SOFT_LINK_FUNCTION_{DECL,IMPL}() to SOFT_LINK_FUNCTION_{HEADER,SOURCE}()

        Rubber-stamped by Brent Fulgham.

        "HEADER" and "SOURCE" seem clearer than "DECL" and "IMPL", and
        Brent agreed when I talked to him in person.

        * platform/cf/CoreMediaSoftLink.cpp:
        * platform/cf/CoreMediaSoftLink.h:
        * platform/mac/SoftLinking.h:
        * platform/win/SoftLinking.h:
        - Do the rename.

2015-02-19  David Kilzer  <ddkilzer@apple.com>

        Move more CoreMedia soft-linked functions to CoreMediaSoftLink.{cpp,h}
        <http://webkit.org/b/141791>

        Reviewed by Alexey Proskuryakov.

        * Configurations/WebCore.unexp:
        - Remove five more symbols.

        * Modules/plugins/QuickTimePluginReplacement.mm:
        - Remove all local soft-links and include CoreMediaSoftLink.h.
          Note that SOFT_LINK_FRAMEWORK_OPTIONAL() should not have been
          used here since we didn't use the optional function soft-link
          method.

        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.vcxproj/WebCoreCFNetwork.props:
        * WebCore.xcodeproj/project.pbxproj:
        - Add CoreMediaSPI.h to the project.

        * platform/cf/CoreMediaSoftLink.cpp:
        * platform/cf/CoreMediaSoftLink.h:
        - Add three cross-platform symbols, five Cocoa-only symbols, and
          two Windows-only symbols (based on current usage, not
          availability on each platform).
        - Include CoreMediaSPI.h header.
        - Include <CoreMedia/CoreMedia.h> instead of just CMTime.h.

        * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
        - Remove all CoreMedia soft-linked functions.  Constants remain.

        * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
        - Remove one CoreMedia soft-linked method.

        * platform/graphics/avfoundation/MediaTimeAVFoundation.cpp:
        - Remove all CoreMedia soft-linked funtions.  With this change,
          we are already realizing space savings for duplicate
          SOFT_LINK_FRAMEWORK() calls.  (On Windows, there was code
          generated for many unused functions included by
          CoreMediaSoftLinking.h.)

        * platform/graphics/avfoundation/cf/CoreMediaSoftLinking.h:
        - Remove all CoreMedia soft-linked funtions.  Constants remain.

        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        - Remove duplicate header included by CoreMediaSoftLink.h.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        - Remove all CoreMedia soft-linked funtions.  Constants remain.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        - Remove three CoreMedia soft-linked methods.

        * platform/mac/PlatformClockCM.mm:
        - Remove two CoreMedia soft-linked methods.

        * platform/mac/SerializedPlatformRepresentationMac.mm:
        - Remove only CoreMedia soft-linked funtion.  It wasn't even
          used.

        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        - Remove two CoreMedia soft-linked method.

        * platform/spi/cf/CoreMediaSPI.h:
        - Add for SPI from CMNotificationCenter.h.

2015-02-19  David Hyatt  <hyatt@apple.com>

        Columns are splitting unsplittable content.
        https://bugs.webkit.org/show_bug.cgi?id=141807
        <rdar://problem/18387659>

        Reviewed by Dean Jackson.

        Added inline-table-dynamic-movement.html

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::pageLogicalTopForOffset):
        (WebCore::RenderBlockFlow::pageLogicalHeightForOffset):
        Patch these functions to always check the layout state for a zero
        pageLogicalHeight, since that is actually our indicator that we're
        doing column balancing and don't have a height set yet.

        * rendering/RenderMultiColumnFlowThread.cpp:
        (WebCore::RenderMultiColumnFlowThread::isPageLogicalHeightKnown):
        * rendering/RenderMultiColumnSet.cpp:
        (WebCore::RenderMultiColumnSet::RenderMultiColumnSet):
        (WebCore::RenderMultiColumnSet::setAndConstrainColumnHeight):
        (WebCore::RenderMultiColumnSet::prepareForLayout):
        * rendering/RenderMultiColumnSet.h:
        The function for deciding whether the logical height of the columns was
        known was checking for a zero computedColumnHeight. However, a column set
        can legitimately compute a zero column height, and with the fix to examine
        the layout state, this bug was exposed.

        The fix is to add a new variable that caches whether or not the column height
        has been computed, so that even if it computes to zero, we aren't fooled.

2015-02-19  Chris Dumez  <cdumez@apple.com>

        [iOS] Fix inefficiencies in ResourceResponse::platformLazyInit()
        https://bugs.webkit.org/show_bug.cgi?id=141744

        Reviewed by Alexey Proskuryakov.

        Fix inefficiencies in iOS's ResourceResponse::platformLazyInit()
        implementation, similarly to what was already done for Mac in:
        <http://trac.webkit.org/changeset/174717>

        The following changes were made:
        - Add missing "initLevel == AllFields" check before initializing
          uncommon fields. This bug was causing us to initialize uncommon
          fields even if called with 'CommonFieldsOnly' initLevel.
        - Bypass the first pass populating common HTTP headers in
          m_httpHeaderFields if the initLevel is AllFields. If called
          with AllFields initLevel, we will end up populating all HTTP
          headers later on so this first pass is redundant.
        - Use C++11 range loop to iterator over commonHeaderFields array
          for readability.
        - Use CFDictionaryApplyFunction() to populate m_httpHeaderFields
          for the CFDictionaryRef containing the headers instead of creating
          copies of keys and values using CFDictionaryGetKeysAndValues() and
          then iterating over those. This avoids allocating Vectors for keys /
          values and avoids unnecessary copying.


2015-02-18  Dean Jackson  <dino@apple.com>

        Sufficiently small media controls should remove toolbar elements
        https://bugs.webkit.org/show_bug.cgi?id=141780
        <rdar://problem/16548548>
        <rdar://problem/17598778>
        <rdar://problem/18351963>

        Reviewed by Eric Carlson.

        Implement some logic where elements on the media controls are
        hidden when there isn't enough room. We start by dropping
        the scrubber, then the various buttons on the right hand
        side.

        This solution isn't perfect. If we had perfection, it would
        be because we get resize events and respond accordingly. Instead
        we check the size when the user has pinch-zoomed, or when
        we start/stop playing.

        This is going to cause some extra layout, because we need
        to know the size of things before we can work out which
        bits to hide.

        * Modules/mediacontrols/mediaControlsiOS.css:
        (::-webkit-media-controls): Remove the minimum width. This can
        cause the controls to get clipped.
        (audio::-webkit-media-controls-spacer): Add this empty element to
        replace the scrubber when it is hidden.
        (audio::-webkit-media-controls-timeline-container):
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS): Remember our size so we don't churn.
        (ControllerIOS.prototype.createControls): Create a new spacer element.
        (ControllerIOS.prototype.configureInlineControls):
        (ControllerIOS.prototype.showControls): Check if we need to hide stuff.
        (ControllerIOS.prototype.updateControls):
        (ControllerIOS.prototype.setPlaying): Ditto.
        (ControllerIOS.prototype.set pageScaleFactor): Ditto.
        (ControllerIOS.prototype.scheduleUpdateLayoutForDisplayedWidth): Trigger an update
        asap. In this case it's probably ok to be in a bad state for a frame, or
        we are inside setup and we know that we'll layout soon.
        (ControllerIOS.prototype.updateLayoutForDisplayedWidth): The actual code
        that hides elements.

2015-02-19  Tim Horton  <timothy_horton@apple.com>

        Move the software-only ImageBuffer::m_context to ImageBufferData
        https://bugs.webkit.org/show_bug.cgi?id=141784

        Reviewed by Simon Fraser.

        * platform/graphics/ImageBuffer.h:
        * platform/graphics/cairo/ImageBufferCairo.cpp:
        (WebCore::ImageBuffer::ImageBuffer):
        (WebCore::ImageBuffer::context):
        * platform/graphics/cairo/ImageBufferDataCairo.h:
        * platform/graphics/cg/ImageBufferCG.cpp:
        (WebCore::ImageBuffer::ImageBuffer):
        (WebCore::ImageBuffer::context):
        * platform/graphics/cg/ImageBufferDataCG.h:
        Move m_context to ImageBufferData in the software-only section;
        for accelerated contexts, the GraphicsContext is owned by the IOSurface wrapper.
        This will make it harder for ImageBuffer to make the mistake of using
        m_context blindly without thinking when it will often be null.

2015-02-18  Andreas Kling  <akling@apple.com>

        REGRESSION(r179347): Clearing the PageCache no longer clears the PageCache.
        <https://webkit.org/b/141788>

        Reviewed by Anders Carlsson.

        Once again we've fallen into the TemporaryChange trap:

            TemporaryChange<unsigned>(m_member, temporaryValue);

        The code above doesn't actually do anything. Since the TemporaryChange local is not named,
        it immediately goes out of scope and restores the original value of m_member.

        Unless someone knows a C++ trick to prevent these, we'll need to add a style checker pass
        to catch bugs like this. Whatever we do will be done separately from this bug.

        Test: fast/history/page-cache-clearing.html

        * history/PageCache.cpp:
        (WebCore::PageCache::pruneToSizeNow): Name the local so it lives longer.

        * testing/Internals.cpp:
        (WebCore::Internals::clearPageCache):
        (WebCore::Internals::pageCacheSize):
        * testing/Internals.h:
        * testing/Internals.idl: Add a way to clear the page cache and query its size from
        window.internals to facilitate writing a simple test for this bug.

2015-02-18  Alexey Proskuryakov  <ap@apple.com>

        Roll out r180280.

        Crashes under IDBDatabase::closeConnection.
        https://bugs.webkit.org/show_bug.cgi?id=141745
        rdar://problem/19816412

        * Modules/indexeddb/IDBDatabase.cpp: (WebCore::IDBDatabase::closeConnection):

2015-02-18  Tim Horton  <timothy_horton@apple.com>

        Fix the iOS Simulator build after r180308.

        * platform/graphics/cg/ImageBufferDataCG.h:

2015-02-18  Zalan Bujtas  <zalan@apple.com>

        REGRESSION(r174761) Dangling spanner pointer in RenderMultiColumnSpannerPlaceholder.
        https://bugs.webkit.org/show_bug.cgi?id=138224

        Reviewed by Dave Hyatt.

        It's wrong to call flowThreadRelativeWillBeRemoved(child).
        RenderMultiColumnFlowThread::removeFlowChildInfo() does not mean that the child is actually about to be removed.
        Should this introduce any regressions, we need to deal with those separately.

        Test: fast/multicol/crash-when-spanner-gets-moved-around.html

        * rendering/RenderMultiColumnFlowThread.cpp:
        (WebCore::RenderMultiColumnFlowThread::removeFlowChildInfo): Deleted.
        * rendering/RenderMultiColumnFlowThread.h:

2015-02-18  Brent Fulgham  <bfulgham@apple.com>

        [Win] CFData leak in CDMSessionAVFoundationCF
        https://bugs.webkit.org/show_bug.cgi?id=141765
        <rdar://problem/141765>

        Reviewed by Joseph Pecoraro.

        * platform/graphics/avfoundation/cf/CDMSessionAVFoundationCF.cpp:
        (WebCore::CDMSessionAVFoundationCF::generateKeyRequest): use 'adoptCF'
        so we don't double-increment the retain count.

2015-02-18  Timothy Horton  <timothy_horton@apple.com>

        Adopt WebCore::IOSurface in ImageBuffer
        https://bugs.webkit.org/show_bug.cgi?id=141751

        Reviewed by Simon Fraser.

        * platform/graphics/cg/ImageBufferCG.cpp:
        (WebCore::createIOSurface): Deleted.
        (WebCore::ImageBuffer::ImageBuffer):
        Make use of cachedCGColorSpace.
        Make use of WebCore::IOSurface.
        Remove the unused size argument from ImageBufferDataCG.
        Clear the IOSurface once we've allocated it; WebCore::IOSurface doesn't
        do this for us, unlike wkIOSurfaceContextCreate.
        Apply the flipping and scale factor to whichever context we made.
        We don't need to setIsAcceleratedContext anymore because it's always
        false for software contexts, and WebCore::IOSurface will set it for
        any accelerated contexts.

        (WebCore::ImageBuffer::context):
        If we are IOSurface-backed, return WebCore::IOSurface's GraphicsContext.

        (WebCore::ImageBuffer::flushContext):
        Make use of context(); m_context is now null for accelerated ImageBuffers.

        (WebCore::ImageBuffer::copyNativeImage):
        Adopt in-line with the Create functions for clarity. Make use of
        IOSurface::createImage instead of wkIOSurfaceContextCreateImage.

        (WebCore::ImageBuffer::draw):
        (WebCore::ImageBuffer::drawPattern):
        (WebCore::ImageBuffer::getUnmultipliedImageData):
        (WebCore::ImageBuffer::getPremultipliedImageData):
        (WebCore::ImageBuffer::putByteArray):
        (WebCore::ImageBuffer::toDataURL):
        Make use of context(); m_context is now null for accelerated ImageBuffers.

        * platform/graphics/cg/ImageBufferDataCG.cpp:
        (WebCore::ImageBufferData::ImageBufferData):
        Indentation fix, and use nullptr.

        (WebCore::convertScanline):
        Grammar fix (is -> are).

        (WebCore::ImageBufferData::getData):
        (WebCore::ImageBufferData::putData):
        Grab the IOSurfaceRef from the IOSurface wrapper. Eventually these things
        should be made more convenient by the wrapper.

        * platform/graphics/cg/ImageBufferDataCG.h:
        Drop the unused size argument from the constructor.
        Reorganize and label the various members which are only used
        for a particular type of ImageBufferDataCG.

        * platform/graphics/cocoa/IOSurface.mm:
        (IOSurface::ensureGraphicsContext):
        IOSurface-backed GraphicsContexts are always considered accelerated.

        (IOSurface::create):
        (IOSurface::IOSurface):
        Add a constructor that take an extra size to use when making the CGContext;
        it can only be less than the actual backing IOSurface size.
        This is needed for r160121.

        * platform/ios/WebCoreSystemInterfaceIOS.mm:
        * platform/mac/WebCoreSystemInterface.h:
        * platform/mac/WebCoreSystemInterface.mm:
        Remove old WKSI IOSurface-related functions.

2015-02-18  Alex Christensen  <achristensen@webkit.org>

        Prepare to use WEBCORE_EXPORT on Windows.
        https://bugs.webkit.org/show_bug.cgi?id=141735

        Reviewed by Brent Fulgham.

        * bindings/js/GCController.h:
        * bindings/js/JSDOMGlobalObject.h:
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        * bindings/scripts/test/JS/JSTestEventConstructor.h:
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        * bindings/scripts/test/JS/JSTestEventTarget.h:
        * bindings/scripts/test/JS/JSTestException.cpp:
        * bindings/scripts/test/JS/JSTestException.h:
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestInterface.h:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        * bindings/scripts/test/JS/JSTestNamedConstructor.h:
        * bindings/scripts/test/JS/JSTestNode.cpp:
        * bindings/scripts/test/JS/JSTestNode.h:
        * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
        * bindings/scripts/test/JS/JSTestNondeterministic.h:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        * bindings/scripts/test/JS/JSTestTypedefs.h:
        * bindings/scripts/test/JS/JSattribute.cpp:
        * bindings/scripts/test/JS/JSattribute.h:
        * bindings/scripts/test/JS/JSreadonly.cpp:
        * bindings/scripts/test/JS/JSreadonly.h:
        * bridge/runtime_method.h:
        * bridge/runtime_object.h:
        * dom/make_names.pl:
        (printNamesHeaderFile):
        * history/HistoryItem.h:
        * loader/FrameLoader.h:
        * loader/LoaderStrategy.h:
        * loader/ResourceLoadScheduler.h:
        * loader/icon/IconDatabase.h:
        * loader/icon/IconDatabaseBase.h:
        * page/DatabaseProvider.h:
        * page/Page.h:
        * page/PageConsoleClient.h:
        * page/PageOverlay.h:
        * platform/FileSystem.h:
        * platform/MemoryPressureHandler.h:
        * platform/ThreadGlobalData.h:
        * platform/URL.h:
        * platform/graphics/ca/PlatformCALayer.h:
        * platform/network/BlobDataFileReference.h:
        * platform/network/BlobRegistry.h:
        * platform/network/BlobRegistryImpl.h:
        * platform/sql/SQLiteDatabase.h:
        * rendering/ScrollBehavior.h:
        * rendering/break_lines.h:
        Add and move some WEBCORE_EXPORT macros.

2015-02-18  Anders Carlsson  <andersca@apple.com>

        Rename LocalizedStringsMac.cpp to LocalizedStringsCocoa.mm
        https://bugs.webkit.org/show_bug.cgi?id=141767

        Reviewed by Tim Horton.

        Also, move it to platform/cocoa instead of platform/mac.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/cocoa/LocalizedStringsCocoa.mm: Renamed from Source/WebCore/platform/mac/LocalizedStringsMac.cpp.

2015-02-18  Antti Koivisto  <antti@apple.com>

        Rename FontGlyphs to FontCascadeFonts
        https://bugs.webkit.org/show_bug.cgi?id=141754

        Reviewed by Andreas Kling.

        "It is better than Impl."

        The purpose of the class to own to create and own the realized Font instances and the associated caches
        for FontCascade instances.

2015-02-18  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r180286.
        https://bugs.webkit.org/show_bug.cgi?id=141766

        Caused >50 crashed LayoutTests (Requested by jernoble on
        #webkit).

        Reverted changeset:

        "Page::userContentController() should return a reference, not
        a pointer"
        https://bugs.webkit.org/show_bug.cgi?id=141764
        http://trac.webkit.org/changeset/180286

2015-02-18  David Kilzer  <ddkilzer@apple.com>

        Consolidate soft-linked CMTimeMakeWithSeconds() function
        <http://webkit.org/b/141655>

        Reviewed by Brent Fulgham.

        * Configurations/WebCore.unexp: Remove workaround for
        CMTimeMakeWithSeconds() weak external.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        - Add CoreMediaSoftLink.{cpp,h} to the project.

        * platform/cf/CoreMediaSoftLink.cpp: Add.
        * platform/cf/CoreMediaSoftLink.h: Add.
        - Implement new strategy where code for soft-linking is only
          in one place, and the header can simply be included wherever a
          soft-linked method is needed.

        * platform/graphics/avfoundation/MediaTimeAVFoundation.cpp:
        * platform/graphics/avfoundation/cf/CoreMediaSoftLinking.h:
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        * platform/mac/PlatformClockCM.mm:
        - Remove old soft-linking strategy and include
          CoreMediaSoftLink.h.

        * platform/mac/SoftLinking.h:
        (SOFT_LINK_FUNCTION_DECL): Add.  New macro function used for
        header declaration.  Split out from SOFT_LINK() macro.  Also
        stop violating C++ standards by redeclaring an inline function
        with the exact same signature as an extern "C" function.  This
        now matches what we do on Windows (where Visual C++ already
        prevented these shenanigans).
        (SOFT_LINK_FUNCTION_IMPL): Add.  New macro function used for
        source implementation.  Split out the from SOFT_LINK() macro.

        * platform/win/SoftLinking.h:
        (SOFT_LINK_FRAMEWORK): Map mac/SoftLinking.h macro name to
        Windows macros so we can simplify CoreMediaSoftLink.{cpp,h}.
        (SOFT_LINK_FUNCTION_DECL): Add.
        (SOFT_LINK_FUNCTION_IMPL): Add.
        - New macro functions split out from SOFT_LINK_DLL_IMPORT()
          macro for header declaration and source implementation.
        - We assume the __cdecl calling convention because that's what
          all Apple libraries use, and so we are able to use the exact
          same macro function on both Mac and Windows to simplify
          CoreMediaSoftLink.{cpp,h}.

2015-02-18  Brady Eidson  <beidson@apple.com>

        Page::userContentController() should return a reference, not a pointer
        https://bugs.webkit.org/show_bug.cgi?id=141764

        Reviewed by Jer Noble.

        No new tests (No behavior change)

        * dom/DocumentStyleSheetCollection.cpp:
        (WebCore::DocumentStyleSheetCollection::updateInjectedStyleSheetCache):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):
        * page/CaptionUserPreferences.cpp:
        (WebCore::CaptionUserPreferences::updateCaptionStyleSheetOveride):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::shouldHaveWebKitNamespaceForWorld):
        * page/Frame.cpp:
        (WebCore::Frame::injectUserScripts):
        * page/Page.cpp:
        (WebCore::Page::Page):
        (WebCore::Page::~Page):
        (WebCore::Page::setUserContentController):
        * page/Page.h:
        (WebCore::Page::userContentController):
        * page/UserMessageHandlersNamespace.cpp:
        (WebCore::UserMessageHandlersNamespace::handler):

2015-02-18  Roger Fong  <roger_fong@apple.com>

        WebGL2: Promote various WebGL1 extensions to core for WebGL2.
        https://bugs.webkit.org/show_bug.cgi?id=141446
        <rdar://problem/19633715>

        Reviewed by Brent Fulham.

        Tests covered by WebGL2 conformance tests.

        This patch promotes the following WebGL1 extensions to core in WebGL2:
        OES_element_index_uint 
        EXT_sRGB 
        EXT_blend_minmax 
        EXT_frag_depth 
        EXT_shader_texture_lod
        OES_standard_derivatives 
        
        The latter 3 are enabled by default now for GLSL1, though we will get these extensions 
        for free when GLSL3 becomes available.

        WebGL2 binding code should actually fall back to base implementation for getFramebufferAttachmentParameter.
        * bindings/js/JSWebGL2RenderingContextCustom.cpp: 
        (WebCore::JSWebGL2RenderingContext::getFramebufferAttachmentParameter): Deleted.
        * html/canvas/WebGL2RenderingContext.idl: Ditto.

        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::getExtension): Enable WEBGL_lose_context as an extension again.
        It was not promoted to core as I originally thought it had been.
        (WebCore::WebGL2RenderingContext::getSupportedExtensions): Ditto.
        (WebCore::WebGL2RenderingContext::WebGL2RenderingContext): Promote the 3 shader extensions for GLSL1 to core.
        (WebCore::WebGL2RenderingContext::initializeShaderExtensions): Ditto.
        (WebCore::WebGL2RenderingContext::getFramebufferAttachmentParameter): Promote SRGB extension to core.
        (WebCore::WebGL2RenderingContext::renderbufferStorage): Ditto.
        (WebCore::WebGL2RenderingContext::hint): Ditto.
        (WebCore::WebGL2RenderingContext::validateTexFuncFormatAndType): Ditto.
        (WebCore::WebGL2RenderingContext::validateIndexArrayConservative): Promote OES_element_index_uint extension to core.
        (WebCore::WebGL2RenderingContext::validateDrawElements): Ditto.
        (WebCore::WebGL2RenderingContext::validateBlendEquation): Promote EXT_blend_minmax extension to core.
        * html/canvas/WebGL2RenderingContext.h:

        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::getFramebufferAttachmentParameter): Copied form WebGLRenderingContextBase.
        (WebCore::WebGLRenderingContext::renderbufferStorage): Ditto.
        (WebCore::WebGLRenderingContext::hint): Ditto.
        (WebCore::WebGLRenderingContext::validateIndexArrayConservative): Ditto.
        (WebCore::WebGLRenderingContext::validateDrawElements): Ditto.
        (WebCore::WebGLRenderingContext::validateBlendEquation): Ditto.
        * html/canvas/WebGLRenderingContext.h:

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::validateIndexArrayConservative): Deleted.
        (WebCore::WebGLRenderingContextBase::validateDrawElements): Deleted.
        (WebCore::WebGLRenderingContextBase::getExtension): Deleted.
        (WebCore::WebGLRenderingContextBase::getFramebufferAttachmentParameter): Deleted.
        (WebCore::WebGLRenderingContextBase::hint): Deleted.
        (WebCore::WebGLRenderingContextBase::renderbufferStorage): Deleted.
        (WebCore::WebGLRenderingContextBase::validateBlendEquation): Deleted.
        * html/canvas/WebGLRenderingContextBase.h:

2015-02-18  Alexey Proskuryakov  <ap@apple.com>

        Streamline unexported function build fixes
        https://bugs.webkit.org/show_bug.cgi?id=141761

        Reviewed by Alex Christensen.

        * Configurations/WebCore.unexp: Added some functions for symbols only used on newer
        OS versions. Removed a special case for NodeList, to handle it uniformly with Node.

        * Configurations/WebCore.xcconfig: Made the unexported list unconditional, because
        it's not only Xcode 5 that is affected.

        * bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader): We already had a hack for
        Node, NodeList needs an exactly the same one. Also updated the comments.

2015-02-18  Chris Dumez  <cdumez@apple.com>

        Access FontCache global instance via singleton() static member function
        https://bugs.webkit.org/show_bug.cgi?id=141726

        Reviewed by Daniel Bates.

        Access FontCache global instance via singleton() static member function,
        as per coding style.

2015-02-18  Alexey Proskuryakov  <ap@apple.com>

        Crashes under IDBDatabase::closeConnection.
        https://bugs.webkit.org/show_bug.cgi?id=141745
        rdar://problem/19816412

        Reviewed by David Kilzer.

        * Modules/indexeddb/IDBDatabase.cpp: (WebCore::IDBDatabase::closeConnection):
        Add a missing protector.

2015-02-18  Myles C. Maxfield  <mmaxfield@apple.com>

        Justified ruby can cause lines to grow beyond their container
        https://bugs.webkit.org/show_bug.cgi?id=141732

        Reviewed by David Hyatt.

        After we re-layout RenderRubyRuns, this can change the environment upon which
        ruby's overhang calculation is sensitive to. Before this patch, we would recalculate
        the overhang after the RenderRubyRun gets relaid out. However, doing such causes the
        effective width of the RenderRubyRun to change, which causes out subsequent
        justification calculations to be off.

        Therefore, we have a cycle; the amount of ruby overhang can change the justification
        in a line, and the layout of the line affects the ruby overhang calculation. Instead
        of performing a layout in a loop until it converges, this patch simply observes that
        having a flush right edge is more valuable than having a perfectly correct overhang.
        It therefore simply removes the secondary overhang calculation.

        Test: fast/text/ruby-justification-flush.html

        * rendering/RenderBlockFlow.h:
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlockFlow::updateRubyForJustifiedText):
        (WebCore::RenderBlockFlow::computeExpansionForJustifiedText):
        (WebCore::RenderBlockFlow::computeInlineDirectionPositionsForSegment):

2015-02-18  Chris Dumez  <cdumez@apple.com>

        Evict dead resources in MemoryCache in MemoryPressureHandler::releaseNoncriticalMemory()
        https://bugs.webkit.org/show_bug.cgi?id=141723

        Reviewed by Andreas Kling.

        Evict dead resources from the MemoryCache on non-critical memory
        pressure. On critical memory pressure, we already evict ALL resources
        from the MemoryCache. It is a good idea to start by evicting resources
        we care less about on non-critical warning to decrease the chances of
        getting a critical warning and thus having to clear the whole
        MemoryCache.

        * loader/cache/MemoryCache.h:
        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::releaseNoncriticalMemory):
        (WebCore::MemoryPressureHandler::releaseCriticalMemory):
        (WebCore::MemoryPressureHandler::releaseMemory):
        Call releaseCriticalMemory() before releaseNoncriticalMemory()
        as releaseCriticalMemory() is more aggressive. Doing it the
        other way around would mean that on critical warning, we would
        first evict dead resources, then evict all resources. It is
        more efficient to evict all resources first, as it makes the
        non-critical operation (evict dead resources) a no-op.

2015-02-18  Eric Carlson  <eric.carlson@apple.com>

        [iOS] pause video when a tab moves to the background on some devices
        https://bugs.webkit.org/show_bug.cgi?id=141753
        <rdar://problem/19814562>

        Reviewed by Jer Noble.

        Test: media/video-background-tab-playback.html

        * platform/audio/MediaSession.cpp:
        (WebCore::MediaSession::clientDataBufferingTimerFired): Pause video when the element becomes
            hidden if the BackgroundTabPlaybackRestricted is set.

        * platform/audio/MediaSessionManager.cpp:
        (WebCore::MediaSessionManager::applicationWillEnterBackground): Rename BackgroundPlaybackNotPermitted
             to BackgroundProcessPlaybackRestricted.
        (WebCore::MediaSessionManager::applicationWillEnterForeground): Ditto.
        * platform/audio/MediaSessionManager.h:

        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (WebCore::MediaSessionManageriOS::resetRestrictions): Set BackgroundTabPlaybackRestricted on
            devices with restricted memory. BackgroundPlaybackNotPermitted -> BackgroundProcessPlaybackRestricted.

        * testing/Internals.cpp:
        (WebCore::Internals::setMediaSessionRestrictions): Add support for BackgroundTabPlaybackRestricted.
            BackgroundPlaybackNotPermitted -> BackgroundProcessPlaybackRestricted.

2015-02-16  David Hyatt  <hyatt@apple.com>

        Wrong element's style is used for text-decoration-style.
        https://bugs.webkit.org/show_bug.cgi?id=141673
        <rdar://problem/19876774>

        Reviewed by Dean Jackson.

        Added fast/text/text-underline-style.html

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (AXAttributeStringSetStyle):
        Add arguments for fetching styles.

        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::paint):
        (WebCore::InlineTextBox::paintDecoration):
        * rendering/InlineTextBox.h:
        Remove the passed in TextDecorationStyle and instead patch the code to fetch the styles in the same
        way it fetches the colors.

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::getTextDecorationColorsAndStyles):
        (WebCore::RenderObject::getTextDecorationColors): Deleted.
        * rendering/RenderObject.h:
        Add style fetching to the same function that fetches colors and rename it.

2015-02-18  David Kilzer  <ddkilzer@apple.com>

        REGRESSION (r180260): Try to fix incremental builds by changing UserContentController.cpp

        Attempt to fix this linker error by making a non-coding change:

            Undefined symbols for architecture i386:
              "__ZN7WebCore17ContentExtensions24ContentExtensionsBackendC1Ev", referenced from:
                  __ZN7WebCore21UserContentController20addUserContentFilterERKN3WTF6StringES4_ in UserContentController.o
            ld: symbol(s) not found for architecture i386

        This should have been fixed by r180266, but perhaps Xcode didn't
        recognize that it needed to rebuild this source file.

        * page/UserContentController.cpp: Update copyright.

2015-02-18  Andreas Kling  <akling@apple.com>

        Purge PassRefPtr from CanvasRenderingContext2D.
        <https://webkit.org/b/141749>

        Reviewed by Gyuyoung Kim.

        Switch from using PassRefPtr to RefPtr/Ref in CanvasRenderingContext2D.

        * html/TextMetrics.h:
        (WebCore::TextMetrics::create): Changed create() helper to return Ref.

        * html/canvas/CanvasRenderingContext2D.h:
        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::prepareGradientForDashboard): Changed to take a reference.

        (WebCore::CanvasRenderingContext2D::createLinearGradient):
        (WebCore::CanvasRenderingContext2D::createRadialGradient):
        (WebCore::CanvasRenderingContext2D::createPattern):
        (WebCore::createEmptyImageData):
        (WebCore::CanvasRenderingContext2D::createImageData):
        (WebCore::CanvasRenderingContext2D::getImageData):
        (WebCore::CanvasRenderingContext2D::webkitGetImageDataHD): Made these return RefPtr. Also did
        a bunch of 0 -> nullptr conversion, removed a bunch of unnecessary RefPtr::release() calls,
        and changed a PassRefPtr argument to RefPtr&&.

        (WebCore::CanvasRenderingContext2D::measureText): Made this return Ref.

2015-02-18  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r180260.
        https://bugs.webkit.org/show_bug.cgi?id=141757

        Broke the 32-bit builders (Requested by jessieberlin on
        #webkit).

        Reverted changeset:

        "Add a trivial code generator for the DFA"
        https://bugs.webkit.org/show_bug.cgi?id=141017
        http://trac.webkit.org/changeset/180260

2015-02-17  Anders Carlsson  <andersca@apple.com>

        Add API for clearing in-memory caches to WKWebsiteDataStore
        https://bugs.webkit.org/show_bug.cgi?id=141724

        Reviewed by Tim Horton.

        Add a version of evictResources that takes a session id.

        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::evictResources):

2015-02-18  Timothy Horton  <timothy_horton@apple.com>

        Remove more references to WebCore.exp.in
        https://bugs.webkit.org/show_bug.cgi?id=141747

        Reviewed by Alexey Proskuryakov.

        * WebCore.xcodeproj/project.pbxproj:

2015-02-17  Benjamin Poulain  <benjamin@webkit.org>

        Add a trivial code generator for the DFA
        https://bugs.webkit.org/show_bug.cgi?id=141017

        Reviewed by Andreas Kling.

        Nothing fancy yet, this is just doing a literal translation from the DFA
        to machine code. It is extremely inefficient at the moment.

        * WebCore.xcodeproj/project.pbxproj:
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::ContentExtensionsBackend):
        (WebCore::ContentExtensions::ContentExtensionsBackend::setRuleList):
        (WebCore::ContentExtensions::addActionToHashSet):
        (WebCore::ContentExtensions::ContentExtensionsBackend::shouldBlockURL):
        * contentextensions/ContentExtensionsBackend.h:
        * contentextensions/DFA.cpp:
        (WebCore::ContentExtensions::DFA::nextState): Deleted.
        (WebCore::ContentExtensions::DFA::actions): Deleted.
        * contentextensions/DFA.h:
        (WebCore::ContentExtensions::DFA::size):
        (WebCore::ContentExtensions::DFA::nodeAt):
        * contentextensions/DFACompiler.cpp: Added.
        (WebCore::ContentExtensions::compileDFA):
        (WebCore::ContentExtensions::DFACodeGenerator::DFACodeGenerator):
        (WebCore::ContentExtensions::DFACodeGenerator::compile):
        (WebCore::ContentExtensions::DFACodeGenerator::lowerStateMachine):
        (WebCore::ContentExtensions::DFACodeGenerator::lowerNode):
        (WebCore::ContentExtensions::DFACodeGenerator::getNextCharacter):
        (WebCore::ContentExtensions::DFACodeGenerator::callAddActionFunction):
        * contentextensions/DFACompiler.h: Copied from Source/WebCore/contentextensions/DFA.h.

2015-02-17  Chris Dumez  <cdumez@apple.com>

        Rename ScopedEventQueue::instance() to singleton()
        https://bugs.webkit.org/show_bug.cgi?id=141738

        Reviewed by Daniel Bates.

        Rename ScopedEventQueue::instance() to singleton(), as per coding
        style. Also modernize the code a little bit.

        * dom/EventDispatcher.cpp:
        (WebCore::EventDispatcher::dispatchScopedEvent):
        * dom/ScopedEventQueue.cpp:
        (WebCore::ScopedEventQueue::singleton):
        (WebCore::ScopedEventQueue::dispatchAllEvents):
        (WebCore::ScopedEventQueue::incrementScopingLevel):
        (WebCore::ScopedEventQueue::decrementScopingLevel):
        (WebCore::ScopedEventQueue::ScopedEventQueue): Deleted.
        (WebCore::ScopedEventQueue::~ScopedEventQueue): Deleted.
        (WebCore::ScopedEventQueue::instance): Deleted.
        * dom/ScopedEventQueue.h:
        (WebCore::EventQueueScope::EventQueueScope):
        (WebCore::EventQueueScope::~EventQueueScope):

2015-02-17  Chris Dumez  <cdumez@apple.com>

        Remove dead code from FontCache
        https://bugs.webkit.org/show_bug.cgi?id=141741

        Reviewed by Daniel Bates.

        Remove dead code from FontCache:
        - getFontFamilyForCharacters() has no implementation.
        - SimpleFontFamily is unused.

        * platform/graphics/FontCache.h:

2015-02-17  Chris Dumez  <cdumez@apple.com>

        Rename CSSPropertyAnimationWrapperMap::instance() to singleton()
        https://bugs.webkit.org/show_bug.cgi?id=141739

        Reviewed by Simon Fraser.

        Rename CSSPropertyAnimationWrapperMap::instance() to singleton(), as
        per coding style.

        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::CSSPropertyAnimationWrapperMap::singleton):
        (WebCore::CSSPropertyAnimation::blendProperties):
        (WebCore::CSSPropertyAnimation::animationOfPropertyIsAccelerated):
        (WebCore::CSSPropertyAnimation::animatableShorthandsAffectingProperty):
        (WebCore::CSSPropertyAnimation::propertiesEqual):
        (WebCore::CSSPropertyAnimation::getPropertyAtIndex):
        (WebCore::CSSPropertyAnimation::getNumProperties):
        (WebCore::CSSPropertyAnimationWrapperMap::instance): Deleted.

2015-02-17  David Kilzer  <ddkilzer@apple.com>

        REGRESSION (r180224): Remove unused generate-export-file script
        <http://webkit.org/b/141491>

        * generate-export-file: Removed.  This was the script used to
        create WebCore.exp files for iOS since we couldn't compile a
        host-side tool to run like we did on Mac OS X.  Dont't tell
        anyone, but this was an epic hack I created while merging open
        source changes to the internal iOS WebKit repository around the
        time that the WebCore.exp.in file was created.  End of an era.

2015-02-17  David Kilzer  <ddkilzer@apple.com>

        SoftLinking.h: Update copyright and license; clean up whitespace

        * platform/win/SoftLinking.h:

2015-02-17  Chris Dumez  <cdumez@apple.com>

        Slight CachedPage class clean up
        https://bugs.webkit.org/show_bug.cgi?id=141693

        Reviewed by Andreas Kling.

        Slight CachedPage class clean up:
        - Drop unnecessary m_timeStamp data member
        - Protect m_needsCaptionPreferencesChanged data member with
          #if ENABLE(VIDEO_TRACK)
        - Merge destroy() method into the destructor as this is the
          only caller
        - Update clear() to reset 2 data members that were missing

2015-02-17  Anders Carlsson  <andersca@apple.com>

        Silence two -Wcast-qual warnings.
        rdar://problem/19758266

        * platform/ios/wak/WKUtilities.c:
        (WKRetain):
        (WKRelease):

2015-02-17  Zalan Bujtas  <zalan@apple.com>

        Minor RenderTable* class cleanups.
        https://bugs.webkit.org/show_bug.cgi?id=141707

        Reviewed by Andreas Kling.

        Use in-class initializer where possible.
        Remove redundant code.
        Move multiline implementations out of class declaration.

        No change in functionality.

        * rendering/RenderTableCaption.cpp:
        (WebCore::RenderTableCaption::insertedIntoTree):
        (WebCore::RenderTableCaption::willBeRemovedFromTree):
        (WebCore::RenderTableCaption::containingBlockLogicalWidthForContent): Deleted.
        * rendering/RenderTableCaption.h:
        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::RenderTableCell):
        * rendering/RenderTableCell.h:
        (WebCore::RenderTableCell::colSpan):
        (WebCore::RenderTableCell::rowSpan):
        (WebCore::RenderTableCell::setCol):
        (WebCore::RenderTableCell::col):
        (WebCore::RenderTableCell::section):
        (WebCore::RenderTableCell::table):
        (WebCore::RenderTableCell::rowIndex):
        (WebCore::RenderTableCell::styleOrColLogicalWidth):
        (WebCore::RenderTableCell::logicalHeightForRowSizing):
        (WebCore::RenderTableCell::isBaselineAligned):
        (WebCore::RenderTableCell::borderAdjoiningTableStart):
        (WebCore::RenderTableCell::borderAdjoiningTableEnd):
        (WebCore::RenderTableCell::borderAdjoiningCellBefore):
        (WebCore::RenderTableCell::borderAdjoiningCellAfter):
        * rendering/RenderTableCol.cpp:
        (WebCore::RenderTableCol::RenderTableCol):
        * rendering/RenderTableCol.h:
        (WebCore::RenderTableCol::enclosingColumnGroupIfAdjacentBefore):
        (WebCore::RenderTableCol::enclosingColumnGroupIfAdjacentAfter):
        * rendering/RenderTableRow.h:
        (WebCore::RenderTableRow::setRowIndex):
        (WebCore::RenderTableRow::rowIndex):
        (WebCore::RenderTableRow::borderAdjoiningTableStart):
        (WebCore::RenderTableRow::borderAdjoiningTableEnd):
        (WebCore::RenderTableRow::table):
        (WebCore::RenderTableSection::firstRow):
        (WebCore::RenderTableSection::lastRow):
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::RenderTableSection):
        (WebCore::RenderTableSection::dirtiedRows):
        (WebCore::RenderTableSection::dirtiedColumns):
        (WebCore::RenderTableSection::paintObject):
        (WebCore::RenderTableSection::nodeAtPoint):
        * rendering/RenderTableSection.h:
        (WebCore::CellSpan::CellSpan):
        (WebCore::RenderTableSection::borderAdjoiningTableStart):
        (WebCore::RenderTableSection::borderAdjoiningTableEnd):
        (WebCore::RenderTableSection::cellAt):
        (WebCore::RenderTableSection::primaryCellAt):
        (WebCore::RenderTableSection::rowRendererAt):
        (WebCore::RenderTableSection::outerBorderLeft):
        (WebCore::RenderTableSection::outerBorderRight):
        (WebCore::RenderTableSection::outerBorderTop):
        (WebCore::RenderTableSection::outerBorderBottom):
        (WebCore::RenderTableSection::numRows):
        (WebCore::RenderTableSection::recalcCellsIfNeeded):
        (WebCore::RenderTableSection::rowBaseline):
        (WebCore::RenderTableSection::fullTableRowSpan):
        (WebCore::CellSpan::start): Deleted.
        (WebCore::CellSpan::end): Deleted.

2015-02-16  Dean Jackson  <dino@apple.com>

        REGRESSION: Video control fails to hide after playback begins in reflowable EPUB files
        https://bugs.webkit.org/show_bug.cgi?id=141689
        <rdar://problem/19689286>

        Reviewed by Eric Carlson.

        The iBooks app turns off the requirement for a user gesture
        before triggering playback. When we moved to script-based
        media controls there were a few regressions in this setup.
        This makes them behave a lot more like iOS 7.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.setPlaying): We don't want to hide the controls
        yet, just start a hiding timer.
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.shouldHaveStartPlaybackButton): If we've ever
        played before, we don't want to show the big start button. If we
        are in the middle of construction, we do want to show it. We no
        longer care about the case where you're not in setup and have
        the relaxed restrictions (we still want to show the start button
        in that case).
        (ControllerIOS.prototype.showControls): When we show the controls,
        make sure our timeline is up to date. This is necessary for the
        cases where we automatically show the controls, such as when we hit
        the end of a video.
        (ControllerIOS.prototype.updateTime): Make sure to pass the forceUpdate
        parameter on to the super-method.
        (ControllerIOS.prototype.setPlaying):
        (ControllerIOS.prototype.progressFillStyle): Deleted.

2015-02-17  Chris Dumez  <cdumez@apple.com>

        Access MemoryPressureHandler global instance via a singleton() static member function
        https://bugs.webkit.org/show_bug.cgi?id=141691

        Reviewed by Andreas Kling.

        Access MemoryPressureHandler global instance via a singleton() static
        member function as per coding style. Also make all other member
        functions non-static as callers can just use singleton() to get the
        instance and access methods. This avoid having to call
        MemoryPressureHandler::singleton() from member functions.

        * bindings/js/ScriptController.cpp:
        (WebCore::collectGarbageAfterWindowShellDestruction):
        * history/PageCache.cpp:
        (WebCore::PageCache::canCache):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::commitProvisionalLoad):
        * page/FrameView.cpp:
        (WebCore::FrameView::willPaintContents):
        (WebCore::FrameView::didPaintContents):
        (WebCore::FrameView::computeCoverageRect):
        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::singleton):
        (WebCore::MemoryPressureHandler::MemoryPressureHandler):
        (WebCore::MemoryPressureHandler::releaseCriticalMemory):
        (WebCore::memoryPressureHandler): Deleted.
        * platform/MemoryPressureHandler.h:
        (WebCore::MemoryPressureHandler::setLowMemoryHandler):
        * platform/cocoa/MemoryPressureHandlerCocoa.mm:
        (WebCore::MemoryPressureHandler::platformReleaseMemory):
        (WebCore::MemoryPressureHandler::install):
        (WebCore::MemoryPressureHandler::holdOff):
        (WebCore::respondToMemoryPressureCallback):
        * platform/graphics/FontCache.cpp:
        (WebCore::FontCache::purgeInactiveFontDataIfNeeded):
        * platform/ios/LegacyTileCache.mm:
        (WebCore::LegacyTileCache::createTilesInActiveGrid):
        * platform/ios/LegacyTileGrid.mm:
        (WebCore::LegacyTileGrid::shouldUseMinimalTileCoverage):
        * platform/ios/LegacyTileLayerPool.mm:
        (WebCore::LegacyTileLayerPool::addLayer):
        * platform/ios/TileControllerMemoryHandlerIOS.cpp:
        (WebCore::TileControllerMemoryHandler::tileControllerGainedUnparentedTiles):
        * platform/linux/MemoryPressureHandlerLinux.cpp:
        (WebCore::MemoryPressureHandler::waitForMemoryPressureEvent):

2015-02-17  Alex Christensen  <achristensen@webkit.org>

        Remove WebCore.exp.in and clean up.
        https://bugs.webkit.org/show_bug.cgi?id=141491

        Reviewed by Andreas Kling.

        * Configurations/WebCore.xcconfig:
        Don't use exported symbols files.
        * DerivedSources.make:
        Don't generate export files.
        * WebCore.exp.in: Removed.
        * WebCore.xcodeproj/project.pbxproj:
        Removed WebCoreExportFileGenerator targets.
        * make-export-file-generator: Removed.

2015-02-17  Carlos Garcia Campos  <cgarcia@igalia.com>

        Use HashMap::add instead of get/contains + set in DOMObjectCache
        https://bugs.webkit.org/show_bug.cgi?id=141558

        Rubber-stamped by Žan Doberšek.

        * bindings/gobject/DOMObjectCache.cpp:
        (WebKit::getOrCreateDOMObjectCacheFrameObserver):
        (WebKit::DOMObjectCache::put):

2015-02-17  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] GObject DOM bindings object are cached forever
        https://bugs.webkit.org/show_bug.cgi?id=141558

        Reviewed by Sergio Villar Senin.

        Rework the DOMObjectCache to avoid having to manually clear the
        objects when the frame is destroyed, using a FrameDestructionObserver
        instead. When a new object associated to a Frame is added to the
        cache, a FrameDestructionObserver is created for the frame if
        needed, and the DOM object is tracked by the observer too. When
        the frame is detached from the page all its objects are cleared,
        and if the aren't additional references, the object is finalized
        and removed from the cache normally.
        This patch also simplifies and modernizes the code to make it
        easier to read an maintain.

        * bindings/gobject/DOMObjectCache.cpp:
        (WebKit::DOMObjectCacheData::DOMObjectCacheData): Add constructor
        to initialize its members and simplify the callers.
        (WebKit::DOMObjectCacheData::clearObject): Remove the references
        added by the cache, ensuring the GObject is not finalized until
        the method returns.
        (WebKit::DOMObjectCacheData::refObject): Adds a reference owned by
        the cache.
        (WebKit::domObjectCacheFrameObservers): Map a frame to a FrameDestructionObserver.
        (WebKit::getOrCreateDOMObjectCacheFrameObserver): Create a new
        FrameDestructionObserver for the given Frame or return the
        existing one.
        (WebKit::domObjects): Map wrapped object to wrapper object.
        (WebKit::DOMObjectCache::forget): Remove the wrapped object from
        the cache.
        (WebKit::DOMObjectCache::get): Return the wrapped object if it is
        in the cache, increasing the cache references.
        (WebKit::DOMObjectCache::put): Add the wrapper object to the cache
        for the given wrapped object. If it's a Node and has a frame add
        the node to the FrameDestructionObserver corresponding to the frame.
        (WebKit::getFrameFromHandle): Deleted.
        (WebKit::weakRefNotify): Deleted.
        (WebKit::DOMObjectCache::clearByFrame): Deleted.
        (WebKit::DOMObjectCache::~DOMObjectCache): Deleted.
        * bindings/gobject/DOMObjectCache.h:

2015-02-17  ChangSeok Oh  <changseok.oh@collabora.com>

        REGRESSION(r180050): It broke the !ENABLE(CSS_GRID_LAYOUT) build
        https://bugs.webkit.org/show_bug.cgi?id=141647

        Reviewed by Csaba Osztrogonác.

        No new tests since this just fixes a build break.

        * dom/Position.cpp: Add a build guard ENABLE(CSS_GRID_LAYOUT) for RenderGrid.
        (WebCore::Position::isCandidate):

2015-02-16  Chris Dumez  <cdumez@apple.com>

        Keep all memory cache resources in ListHashSets
        https://bugs.webkit.org/show_bug.cgi?id=141667

        Reviewed by Andreas Kling.

        Keep all memory cache resources in ListHashSets instead of manual linked
        lists. This simplifies the code a lot and is also more efficient for
        retrieving / removing particular CachedResources.

        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::CachedResource):
        * loader/cache/CachedResource.h:
        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::pruneDeadResourcesToSize):
        (WebCore::MemoryCache::removeFromLRUList):
        (WebCore::MemoryCache::insertInLRUList):
        (WebCore::MemoryCache::dumpLRULists):
        (WebCore::MemoryCache::lruListFor): Deleted.
        * loader/cache/MemoryCache.h:

2015-02-16  Benjamin Poulain  <benjamin@webkit.org>

        CSS JIT: finish :nth-last-child()
        https://bugs.webkit.org/show_bug.cgi?id=141629

        Reviewed by Andreas Kling.

        This patch adds the matcher for :nth-child(An+B of selector list) and
        fix a small bug I discovered while working on it.

        The matcher is straightforward: count the next siblings matching the selector,
        nothing fancy.

        While working on it I noticed I forgot the test for IsParsingChildrenFinished
        on the simple version of :nth-last-child(). I add it in both matcher, write
        a couple of tests, the first part of the tests now succeed, but the second part
        fails...

        What happened is:
        1) We interupt the parsing to execute the JavaScript.
           From there, we force the style resolution to get the computed style.
        2) When resolving the style, the early check for isFinishedParsingChildren()
           quits the function early. This is done *before* we marked the parent
           for :nth-last-child() style resolution.
        3) After the script, parsing resume and the following elements are added.
        4) When resolving the style, only the new elements are marked dirty,
           the elements pending their :nth-last-child() style never get udpated.

        To fix the problem, I moved the test for FinishedParsingChildren after
        the parent marking.

        Honestly, those early return for FinishedParsingChildren need to be refined
        and they should be tested properly. We should not do this kind of things
        for Query for example.

        Tests: fast/selectors/nth-last-child-cannot-match-during-parsing-1.html
               fast/selectors/nth-last-child-cannot-match-during-parsing-2.html
               fast/selectors/nth-last-child-of-cannot-match-during-parsing-1.html
               fast/selectors/nth-last-child-of-cannot-match-during-parsing-2.html
               fast/selectors/nth-last-child-of-register-requirement.html

        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        Fix the tree marking.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addPseudoClassType):
        The fragment creation was already done, all I had to do was
        accept the compile.

        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatching):
        :nth-child() and :nth-last-child() with a selector list are heavier than :not()
        and :matches(), move them accordingly.

        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthLastChild):
        More the early return after the tree marking.

        (WebCore::SelectorCompiler::setParentAffectedByLastChildOf):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthLastChildOf):
        New matcher, nothing optimized yet.

2015-02-16  Tim Horton  <timothy_horton@apple.com>

        Adopt CAMachPort-as-layer-contents
        https://bugs.webkit.org/show_bug.cgi?id=141687
        <rdar://problem/19393233>

        Reviewed by Simon Fraser.

        No new tests, just a performance bump.

        * platform/cocoa/MachSendRight.h:
        (WebCore::MachSendRight::operator bool):
        Add an operator bool() that checks if the underlying port is nonnull.

        * platform/spi/cocoa/QuartzCoreSPI.h:
        Add some SPI.

2015-02-15  Sam Weinig  <sam@webkit.org>

        Add experimental <attachment> element support
        https://bugs.webkit.org/show_bug.cgi?id=141626

        Reviewed by Tim Horton.

        Adds scaffolding for an experimental implementation of an <attachment> element
        which can represent a file attachment (e.g. NSTextAttachment in NSAttributedString
        parlance).

        The implementation is guarded by both an #ifdef (ENABLE(ATTACHMENT_ELEMENT)) and 
        a setting (Settings::attachmentElementEnabled()).

        Tests: fast/attachment/attachment-disabled-dom.html
               fast/attachment/attachment-disabled-rendering.html
               fast/attachment/attachment-dom.html
               fast/attachment/attachment-rendering.html

        * Configurations/FeatureDefines.xcconfig:
        Add new ENABLE_ATTACHMENT_ELEMENT macro.

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.xcodeproj/project.pbxproj:
        Add new files.

        * dom/make_names.pl:
        Add support for checking a setting to determine if a particular tag should be exposed.

        * html/HTMLAttachmentElement.cpp: Added.
        * html/HTMLAttachmentElement.h: Added.
        Stub out the basics of the new element.

        * html/HTMLElementsAllInOne.cpp:
        Add HTMLAttachmentElement.cpp.

        * html/HTMLTagNames.in:
        Add 'attachment'.

        * page/Settings.in:
        Add attachmentElementEnabled setting.

        * rendering/RenderAttachment.cpp: Added.
        * rendering/RenderAttachment.h: Added.
        Stub out the basics of the new render. We will probably want to replace this with
        a non-replaced render, but this will do as a placeholder for now.

        * rendering/RenderObject.h:
        (WebCore::RenderObject::isAttachment):
        Add predicate for type casting.

        * rendering/RenderingAllInOne.cpp:
        Add RenderAttachment.cpp.

2015-02-16  Andreas Kling  <akling@apple.com>

        GC (almost) immediately when navigating under memory pressure.
        <https://webkit.org/b/141663>

        Reviewed by Geoffrey Garen.

        Since the PageCache is already disabled in memory pressure situations,
        we know that detaching the old window shell on navigation is basically
        guaranteed to generate a bunch of garbage, we can soften the memory
        peak a bit by doing a GC right away instead of scheduling one for soon(tm).

        * bindings/js/GCController.cpp:
        (WebCore::GCController::GCController):
        (WebCore::GCController::garbageCollectSoon):
        (WebCore::GCController::garbageCollectOnNextRunLoop):
        (WebCore::GCController::gcTimerFired):
        * bindings/js/GCController.h:

            Add a GCController::garbageCollectOnNextRunLoop() complement to the
            "soon" and "now" options. There was already a zero timer in here for
            non-CF builds, so I just used that same timer to implement this
            and have the non-CF code path call garbageCollectOnNextRunLoop().

        * bindings/js/ScriptController.cpp:
        (WebCore::collectGarbageAfterWindowShellDestruction):
        (WebCore::ScriptController::~ScriptController):
        (WebCore::ScriptController::clearWindowShell):

            Under system memory pressure conditions, schedule a full GC on next
            runloop iteration instead of just asking for it to happen soon.
            We do it on next runloop to ensure that there's no pointer to the
            window object on the stack.

2015-02-16  Enrica Casucci  <enrica@apple.com>

        Emoji sequences do not render properly.
        https://bugs.webkit.org/show_bug.cgi?id=141661
        rdar://problem/19820463

        Reviewed by Sam Weinig.

        Emoji sequences and emoji with variations should be rendered
        using the Complex code path and should be treated as graphemes.
        This change modifies advanceByCombiningCharacterSequence to add
        this logic.

        Test: fast/text/emoji.html

        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/FontCascade.cpp:
        (WebCore::FontCascade::characterRangeCodePath):
        * platform/graphics/mac/ComplexTextController.cpp:
        (WebCore::advanceByCombiningCharacterSequence): Implements a simple
        logic to treat emoji sequences and emoji with variations as graphemes.
        * platform/text/CharacterProperties.h: Added.
        (WebCore::isEmojiGroupCandidate):
        (WebCore::isEmojiModifier):
        (WebCore::isVariationSelector):
        * rendering/RenderText.cpp:
        (WebCore::isEmojiGroupCandidate): Deleted.
        (WebCore::isEmojiModifier): Deleted.

2015-02-16  Zalan Bujtas  <zalan@apple.com>

        RenderTableRow should check if it has access to its ancestor chain.
        https://bugs.webkit.org/show_bug.cgi?id=141668

        Reviewed by Andreas Kling.

        Preventive fix.

        * rendering/RenderTableRow.cpp:
        (WebCore::RenderTableRow::styleDidChange):
        (WebCore::RenderTableRow::addChild):
        * rendering/RenderTableRow.h:

2015-02-16  Jer Noble  <jer.noble@apple.com>

        [iOS] Build fix: declare undeclared identifier 'credential'.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::WebCoreNSURLAuthenticationChallengeClient::receivedCredential):

2015-02-16  Jer Noble  <jer.noble@apple.com>

        [iOS] Unable to play .mp4 file over http with basic http authentication
        https://bugs.webkit.org/show_bug.cgi?id=141503
        rdar://problem/15799844

        Reviewed by Alexey Proskuryakov.

        On iOS, CFNetwork is used for authentication, so the NSURLAuthenticationChallenge
        provided by AVAssetResourceLoader needs to be shoehorned into a AuthenticationChallenge
        object by way of CFURLAuthChallengeRef.

        Create a new class, WebCoreNSURLAuthenticationChallengeClient, whose sole purpose
        is to take AuthenticationChallengeClient callbacks and pass them along to a
        NSURLAuthenticationChallenge sender.

        Create a NSURLAuthenticationChallenge out of the CF version through an SPI, and add
        that SPI to a new header. Drive-by fix: take two of our existing SPI calls and move
        them into that same header.

        * WebCore.xcodeproj/project.pbxproj: Add CFNSURLConnectionSPI.h to project.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::WebCoreNSURLAuthenticationChallengeClient::create): Factory.
        (WebCore::WebCoreNSURLAuthenticationChallengeClient::WebCoreNSURLAuthenticationChallengeClient): Simple constructor.
        (WebCore::WebCoreNSURLAuthenticationChallengeClient::receivedCredential): Pass to m_challenge.
        (WebCore::WebCoreNSURLAuthenticationChallengeClient::receivedRequestToContinueWithoutCredential): Ditto.
        (WebCore::WebCoreNSURLAuthenticationChallengeClient::receivedCancellation): Ditto.
        (WebCore::WebCoreNSURLAuthenticationChallengeClient::receivedRequestToPerformDefaultHandling): Ditto.
        (WebCore::WebCoreNSURLAuthenticationChallengeClient::receivedChallengeRejection): Ditto.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::shouldWaitForResponseToAuthenticationChallenge):
            Create an AuthenticationChallenge out of the nsChallenge and client and pass it up
            to the HTMLMediaElement.
        * platform/network/mac/AuthenticationMac.mm:
        * platform/spi/cocoa/CFNSURLConnectionSPI.h: Added.

2015-02-16  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Revert a change in SVGRenderSupport::mapLocalToContainer committed for fixing <https://bugs.webkit.org/show_bug.cgi?id=119626>.
        https://bugs.webkit.org/show_bug.cgi?id=138439

        Reviewed by Darin Adler.

        The change http://trac.webkit.org/changeset/164861 was ported from Blink
        but it was was revert later because it broke Chrome SVG rendering. It also
        broke the WebKit SVG text search highlighting.
        
        Tests: svg/transforms/svg-geometry-crash.html: This test was added by the
        blamed change. A new but correct solution is required to fix the assertion.

        * rendering/svg/SVGRenderSupport.h:
        * rendering/svg/SVGRenderSupport.cpp:
        Notice that TransformState.applyTransform() does matrix-left-multiplication,
        i.e. state = transform * state. But operator*() of AffineTransform and
        MatrixTransform  does right multiply, i.e. this = this * transform.
        
        (WebCore::SVGRenderSupport::localToParentTransform): Have the calculation
        of the SVG localToParentTransform in one shared function.
        
        (WebCore::SVGRenderSupport::mapLocalToContainer): Revert the Blink change.
        If the parent is the SVG root, the transform state should be equal to
        transform = svg_to_css_mapping * local_to_parent_mapping * transform.
        
        (WebCore::SVGRenderSupport::pushMappingToContainer): Get the localToParent
        transform to be pushed in the geometryMap. If the parent is the SVG root,
        localToParent = svg_to_css_mapping * local_to_parent_mapping. The original
        code was doing the opposite and this is the cause of the assertion which 
        was fixed wrongly by reversing the correct multiplication order in 
        SVGRenderSupport::mapLocalToContainer().

2015-02-16  Zalan Bujtas  <zalan@apple.com>

        RenderTableCell can't access its parent while in detached state.
        https://bugs.webkit.org/show_bug.cgi?id=141639
        rdar://problem/19850760

        Reviewed by Simon Fraser.

        Null check against ancestor chain so that certain methods in RenderTableCell can
        be called even if the renderer is not yet attached.

        Test: fast/table/table-cell-crash-when-detached-state.html

        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::borderLeft):
        (WebCore::RenderTableCell::borderRight):
        (WebCore::RenderTableCell::borderTop):
        (WebCore::RenderTableCell::borderBottom):
        (WebCore::RenderTableCell::borderStart):
        (WebCore::RenderTableCell::borderEnd):
        (WebCore::RenderTableCell::borderBefore):
        (WebCore::RenderTableCell::borderAfter):
        * rendering/RenderTableCell.h:

2015-02-16  David Hyatt  <hyatt@apple.com>

        Add ifdefs to avoid adjusting Ruby selection rects to avoid overlap on iOS.
        https://bugs.webkit.org/show_bug.cgi?id=141651
        <rdar://problem/19182526>
        
        Reviewed by Simon Fraser.

        * rendering/RootInlineBox.cpp:
        (WebCore::RootInlineBox::selectionTop):
        (WebCore::RootInlineBox::selectionBottom):

2015-02-16  David Kilzer  <ddkilzer@apple.com>

        SoftLinking.h: Update copyright and license; clean up whitespace

        * platform/mac/SoftLinking.h:

2015-02-12  David Hyatt  <hyatt@apple.com>

        text-underline-position:under has multiple correctness issues
        https://bugs.webkit.org/show_bug.cgi?id=141528

        Reviewed by Dean Jackson.

        Added a bunch of new tests in fast/text

        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::maxLogicalBottomForTextDecorationLine):
        (WebCore::InlineFlowBox::minLogicalTopForTextDecorationLine):
        (WebCore::InlineFlowBox::computeMaxLogicalBottom): Deleted.
        * rendering/InlineFlowBox.h:
        These functions have been re-written to take an enclosing renderer that specified the
        decoration. This way they can properly limit the bottom/top computation to only line boxes
        that are contained inside the renderer.

        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::paintDecoration):
        Tweak the call to get the decoration colors now that quirks mode has been removed.

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::enclosingRendererWithTextDecoration):
        * rendering/RenderElement.h:
        New function that finds the enclosing renderer that specified a text decoration. For now
        this is only used in the "under" position computation, but soon we'll be using it
        everywhere.

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::getTextDecorationColors):
        * rendering/RenderObject.h:
        Remove the quirks mode argument, since we were always passing true anyway (making the argument dead).

        * rendering/RootInlineBox.cpp:
        (WebCore::RootInlineBox::maxLogicalBottom): Deleted.
        * rendering/RootInlineBox.h:
        Get rid of these functions and just have InlineTextBoxStyle's computeUnderLineOffset function call
        the InlineFlowBox functions directly.

        * style/InlineTextBoxStyle.cpp:
        (WebCore::computeUnderlineOffset):
        Re-written to fetch the enclosingRendererWithTextDecoration so that it can be passed to the logical top/bottom
        computation to limit which line boxes get included.

2015-02-16  Brent Fulgham  <bfulgham@apple.com>

        FEGaussianBlur::calculateUnscaledKernelSize does unspeakable things with signed and unsigned values
        https://bugs.webkit.org/show_bug.cgi?id=141596
        <rdar://problem/19837103>

        Reviewed by Zalan Bujtas.

        No new tests. Covered by css3/filters/huge-blur-value.html

        Avoid overflowing the signed integer values by not converting from unsigned
        until the maximum size has been clamped to the expected max.

        * platform/graphics/filters/FEGaussianBlur.cpp:
        (WebCore::FEGaussianBlur::calculateUnscaledKernelSize):

2015-02-13  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] Invalid initialization of track sizes with non spanning grid items
        https://bugs.webkit.org/show_bug.cgi?id=140763

        Reviewed by Antti Koivisto.

        Content sized tracks with non-spanning grid items were not
        properly sized because the growth limit was sometimes infinity
        (-1) after calling resolveContentBasedTrackSizingFunctions() when
        it should not. This patch adds an special initialization phase for
        non-spanning grid items as the new track sizing algorithm
        describes.

        Granted, that was handled in the old algorithm in
        distributeSpaceToTracks() as a special case. The problem is that
        it regressed after the optimization added in r173868 because that
        method is no longer called when the space to distribute is 0.

        That's why we could fix this by allowing calls to
        distributeSpaceToTracks() with spaceToDistribute>=0 but by fixing
        it with an explicit initialization our implementation becomes
        closer to the new algorithm and the initialization is now explicit
        in the code instead of a side effect of calling
        distributeSpaceToTracks() with no space to be distributed. It also
        brings a slight performance improvement as we save sorts and hash
        lookups.

        I also took the change to add caching to several GridTrackSize
        methods that were hot on the profiler (each one accounted for ~1%
        of the total time, now they account for ~0.3% each).

        Test: fast/css-grid-layout/grid-initialize-span-one-items.html

        * rendering/RenderGrid.cpp:
        (WebCore::GridItemWithSpan::span): New helper method for ASSERTs.
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions):
        Exclude non spanning grid items from the calls to
        resolveContentBasedTrackSizingFunctionsForItems().
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForNonSpanningItems):
        New method to resolve track sizes only using non-spanning grid
        items.
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
        Ensure that it isn't called for non-spanning grid items.
        * rendering/RenderGrid.h:
        * rendering/style/GridTrackSize.h:
        (WebCore::GridTrackSize::GridTrackSize): Cache return values.
        (WebCore::GridTrackSize::setLength): Ditto.
        (WebCore::GridTrackSize::setMinMax): Ditto.
        (WebCore::GridTrackSize::cacheMinMaxTrackBreadthTypes): New method
        that caches the return values for hasXXXTrackBreadth() methods.
        (WebCore::GridTrackSize::hasMinOrMaxContentMinTrackBreadth): Use
        the cached return value.
        (WebCore::GridTrackSize::hasMaxContentMaxTrackBreadth): Ditto.
        (WebCore::GridTrackSize::hasMinContentMaxTrackBreadth): Ditto.
        (WebCore::GridTrackSize::hasMinOrMaxContentMaxTrackBreadth): Ditto.
        (WebCore::GridTrackSize::hasMaxContentMinTrackBreadth): Ditto.
        (WebCore::GridTrackSize::hasMinContentMinTrackBreadth): Ditto.
        (WebCore::GridTrackSize::hasMinContentMinTrackBreadthAndMinOrMaxContentMaxTrackBreadth):
        Ditto.
        (WebCore::GridTrackSize::hasMaxContentMinTrackBreadthAndMaxContentMaxTrackBreadth):
        Ditto.

2015-02-16  Milan Crha  <mcrha@redhat.com>

        [GTK] Loading page into WebView shows g_closure_unref warning
        https://bugs.webkit.org/show_bug.cgi?id=127474

        Reviewed by Carlos Garcia Campos.

        * bindings/gobject/GObjectEventListener.cpp:
        (WebCore::GObjectEventListener::gobjectDestroyed):

2015-02-13  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] Remove the usage of Length(Undefined) in GridLength
        https://bugs.webkit.org/show_bug.cgi?id=141562

        Reviewed by Chris Dumez.

        From Blink r164154 by <timloh@chromium.org>

        The patch simplifies some of the logic in creating and applying
        GridLength and GridTrackSize values to RenderStyles by using the
        constructors for initialisation instead of deferring to setters.

        The rationale behind this change is that neither of
        createGridTrackSize() nor createGridTrackBreadth() should be able
        to fail, so these are changed to return objects directly instead
        of taking an out reference (note that in general failing in
        applying properties is incorrect and we should catch these in the
        parser).

        The quirk value across to the Lengths was also removed because it
        doesn't apply to Grid.

        * css/CSSPropertyNames.in:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::createGridTrackBreadth): Return a
        GridLength instead of a bool.
        (WebCore::StyleBuilderConverter::createGridTrackSize): Return a
        GridTrackSize instead of a bool.
        (WebCore::StyleBuilderConverter::createGridTrackList): Do not
        create temporary GridTrackSizes with undefined Lengths.
        (WebCore::StyleBuilderConverter::convertGridTrackSize): Ditto.
        * rendering/style/GridLength.h:
        (WebCore::GridLength::GridLength): It now requires a mandatory
        Length argument.
        (WebCore::GridLength::length): Deleted.
        (WebCore::GridLength::setFlex): Deleted.
        * rendering/style/GridTrackSize.h:
        (WebCore::GridTrackSize::GridTrackSize): It now requires a
        mandatory GridLength argument.
        (WebCore::GridTrackSize::length): Removed no longer valid ASSERTs.
        (WebCore::GridTrackSize::minTrackBreadth): Ditto.
        (WebCore::GridTrackSize::maxTrackBreadth): Ditto.
        (WebCore::GridTrackSize::setLength): Deleted.
        (WebCore::GridTrackSize::setMinMax): Deleted.
        * rendering/style/RenderStyle.h:

2015-02-13  Grzegorz Czajkowski  <g.czajkowski@samsung.com>

        Removing text node does not remove its associated markers
        https://bugs.webkit.org/show_bug.cgi?id=140999

        Reviewed by Ryosuke Niwa.

        Removing text node via script does not remove its markers.
        For example, running the following script:

        <script>
            var div = document.getElementById("testElement");
            div.focus();
            document.execCommand("InsertText", false, "welllcome ");

            // Give a time async spellchecker to show its markers and
            // remove the node.
            setTimeout(function() { div.removeChild(div.firstChild); }, 100);
        </script>

        will cause that DocumentMarkerController still stores the markers for
        detached node.

        The same issue occurs when the text gets cleared, for example,
        <script>
            input.value = ""; // for HTMLTextAreaElement, HTMLInputElement
            // or
            div.innerHTML = ""; // for content editable
        </script>

        No new tests. Internals marker APIs operate on text node attached
        to the element. To test it we could expose document().markers().hasMarkers()
        but there is no more useful cases where it could be used.
        Another obstacle is that we are in isInShadowTree() so that there is
        no possible to register on "DOMSubtreeModified" event.
        Test cases attached to the bug:
        1. input.value = ""  https://bug-140999-attachments.webkit.org/attachment.cgi?id=245704
        2. elem.removeChild(textNode) https://bug-140999-attachments.webkit.org/attachment.cgi?id=246515

        Remove markers when text nodes are about to remove.
        * dom/Document.cpp:
        (WebCore::Document::nodeChildrenWillBeRemoved):
        Fixes input.value = ""
        (WebCore::Document::nodeWillBeRemoved):
        Fixes elem.removeChild(textNode)

2015-02-15  David Kilzer  <ddkilzer@apple.com>

        REGRESSION (r180082): WebCore Debug builds fail on Mavericks due to weak export symbols
        <http://webkit.org/b/141607>

        This should fix the build, but leaves a FIXME list in
        WebCore.unexp.

        * Configurations/WebCore.unexp: Add weak externals with a FIXME
        statement so they can be removed later.  It's more important to
        fix the build first.

        * Configurations/WebCore.xcconfig: Change XCODE_VERSION_MINOR to
        XCODE_VERSION_MAJOR since the internal bots use version 5.1.1
        which still has the error.

2015-02-15  Brian J. Burg  <burg@cs.washington.edu>

        Web Inspector: remove unused XHR replay code
        https://bugs.webkit.org/show_bug.cgi?id=141622

        Reviewed by Timothy Hatcher.

        XHR Replay functionality became unused with the last frontend rewrite.
        Remove instrumentation and data storage classes only used by this feature.

        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::documentThreadableLoaderStartedLoadingForClientImpl): Deleted.
        (WebCore::InspectorInstrumentation::willLoadXHRImpl): Deleted.
        (WebCore::InspectorInstrumentation::didFailXHRLoadingImpl): Deleted.
        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::documentThreadableLoaderStartedLoadingForClient): Deleted.
        (WebCore::InspectorInstrumentation::willLoadXHR): Deleted.
        (WebCore::InspectorInstrumentation::didFailXHRLoading): Deleted.
        * inspector/InspectorResourceAgent.cpp:
        (WebCore::InspectorResourceAgent::didLoadResourceFromMemoryCache):
        (WebCore::InspectorResourceAgent::didFinishXHRLoading):
        (WebCore::InspectorResourceAgent::documentThreadableLoaderStartedLoadingForClient): Deleted.
        (WebCore::InspectorResourceAgent::willLoadXHR): Deleted.
        (WebCore::InspectorResourceAgent::didFailXHRLoading): Deleted.
        (WebCore::InspectorResourceAgent::replayXHR): Deleted.
        * inspector/InspectorResourceAgent.h:
        * inspector/NetworkResourcesData.cpp:
        (WebCore::NetworkResourcesData::clear):
        (WebCore::XHRReplayData::create): Deleted.
        (WebCore::XHRReplayData::XHRReplayData): Deleted.
        (WebCore::NetworkResourcesData::xhrReplayData): Deleted.
        (WebCore::NetworkResourcesData::setXHRReplayData): Deleted.
        (WebCore::NetworkResourcesData::reuseXHRReplayData): Deleted.
        * inspector/NetworkResourcesData.h:
        (WebCore::XHRReplayData::method): Deleted.
        (WebCore::XHRReplayData::url): Deleted.
        (WebCore::XHRReplayData::async): Deleted.
        (WebCore::XHRReplayData::formData): Deleted.
        (WebCore::XHRReplayData::headers): Deleted.
        (WebCore::XHRReplayData::includeCredentials): Deleted.
        (WebCore::NetworkResourcesData::ResourceData::xhrReplayData): Deleted.
        (WebCore::NetworkResourcesData::ResourceData::setXHRReplayData): Deleted.
        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::loadRequest):
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::createRequest):
        (WebCore::XMLHttpRequest::internalAbort):
        (WebCore::XMLHttpRequest::sendForInspectorXHRReplay): Deleted.
        * xml/XMLHttpRequest.h:

2015-02-15  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Crash when accessing an item in SVGTransformList and then removing a previous item from this list.
        https://bugs.webkit.org/show_bug.cgi?id=141550.

        Reviewed by David Kilzer.

        * svg/properties/SVGMatrixTearOff.h:
        (WebCore::SVGMatrixTearOff::create): Fix a compilation error on the release build.
        The ASSERT() here references a parameter which is not used anywhere else. We need 
        to change it to ASSERT_UNUSED(). 

2015-02-15  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Crash when accessing an item in SVGTransformList and then removing a previous item from this list.
        https://bugs.webkit.org/show_bug.cgi?id=141550.

        Reviewed by Darin Adler.

        Tests: LayoutTests/svg/dom/SVGTransformList-basics.xhtml: This test is modified to
        include a new test case.

        * svg/properties/SVGMatrixTearOff.h: m_value of SVGMatrixTearOff will be a null
        pointer. There is no point in having SVGMatrixTearOff points to the parent and
        the property of the parent at the same time.
        
        (WebCore::SVGMatrixTearOff::create): SVGMatrixTearOff will hold a pointer to
        the parent SVGPropertyTearOff<SVGTransform>. But it should overrides setValue()
        and propertyReference() so it can set and get the SVGMatrix from the SVGTransform
        parent.
        
        (WebCore::SVGMatrixTearOff::SVGMatrixTearOff): Pass a nullptr to the base class.
        SVGMatrixTearOff will act as a proxy of the parent. It does not hold any data by
        itself but it knows what property to set and get from the parent.
        
        * svg/properties/SVGPropertyTearOff.h:
        (WebCore::SVGPropertyTearOff::create): Add a create method which can take a pointer value.
        
        (WebCore::SVGPropertyTearOff::propertyReference):
        (WebCore::SVGPropertyTearOff::setValue): Make these functions virtual so concrete classes
        like SVGMatrixTearOff can override them.
        
        (WebCore::SVGPropertyTearOff::SVGPropertyTearOff): Add a new constructor.

2015-02-15  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Crash when accessing an item in SVGLengthList and then replacing it with a previous item in the list.
        https://bugs.webkit.org/show_bug.cgi?id=141552.

        Reviewed by Darin Adler.

        Tests: LayoutTests/svg/dom/SVGLengthList-basics.xhtml: This test is modified to
        include a new test case.

        * svg/properties/SVGListPropertyTearOff.h: Commit the removal of the replacing item
        before trying to detach the wrapper of the item which going to be replaced.

2015-02-15  David Kilzer  <ddkilzer@apple.com>

        CoreText only needs to be soft-linked on Windows

        More work towards the Maverick Debug build fix:

        REGRESSION (r180082): WebCore Debug builds fail on Mavericks due to weak export symbols
        <http://webkit.org/b/141607>

        * page/CaptionUserPreferencesMediaAF.cpp:

2015-02-15  Alexey Proskuryakov  <ap@apple.com>

        More build fixing.

        * platform/cocoa/TelephoneNumberDetectorCocoa.cpp:

2015-02-14  Alexey Proskuryakov  <ap@apple.com>

        More internal build fixing.

        DDDFACache.h is not an actual private header, so we were using open source
        redeclaration of DDDFACacheRef with an internal function prototype from DDDFAScanner.h.

        * platform/cocoa/TelephoneNumberDetectorCocoa.cpp:
        (WebCore::TelephoneNumberDetector::phoneNumbersScanner):

2015-02-14  Benjamin Poulain  <benjamin@webkit.org>

        Add the initial matching implementation for attribute selectors with case-insensitive value
        https://bugs.webkit.org/show_bug.cgi?id=141615

        Reviewed by Andreas Kling.

        Tests: fast/css/case-insensitive-attribute-selector-specificity.html
               fast/css/case-insensitive-attribute-selector-styling-html-1.html
               fast/css/case-insensitive-attribute-selector-styling-html-2.html
               fast/css/case-insensitive-attribute-selector-styling-html-3.html
               fast/css/case-insensitive-attribute-selector-styling-xhtml-1.xhtml
               fast/css/case-insensitive-attribute-selector-styling-xhtml-2.xhtml
               fast/css/case-insensitive-attribute-selector-styling-xhtml-3.xhtml
               fast/selectors/case-insensitive-attribute-bascis.html
               fast/selectors/case-insensitive-attribute-matching-style-attribute.html
               fast/selectors/case-insensitive-attribute-style-update.html
               fast/selectors/case-insensitive-attribute-with-case-sensitive-name.html

        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        We already had case-insensitive value matching due to some legacy HTML
        behaviors where some attribute values would be matched case-insensitively
        depending on the attribute name.

        For this patch, I just re-use the same mechanism. I used branches to try
        to convey the idea that matching is case sensitive by default unless
        the selector has a flag or we are in the weird HTML exception.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::constructFragmentsInternal):
        Disable that case in the CSS JIT for now, I'll implement it later.

2015-02-14  David Kilzer  <ddkilzer@apple.com>

        Declare soft-linked functions with extern "C" linkage

        More work towards the Maverick Debug build fix:

        REGRESSION (r180082): WebCore Debug builds fail on Mavericks due to weak export symbols
        <http://webkit.org/b/141607>

        * platform/mac/SoftLinking.h: Try declaring soft-linked
        functions with extern "C" linkage to see if they stop appearing
        as weak externals.  This has the added benefit that if the
        function signature changes, we'll get a build failure.

2015-02-14  Joseph Pecoraro  <pecoraro@apple.com>

        [Mac] RetainPtr member cleanup, possible leaks
        https://bugs.webkit.org/show_bug.cgi?id=141616

        Reviewed by Andreas Kling.

        * platform/mac/PlatformSpeechSynthesizerMac.mm:
        (-[WebSpeechSynthesisWrapper speakUtterance:]):
        Adopt the allocated object to avoid a possible leak.

        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
        Adopt to avoid unnecessary retain/autorelease.

2015-02-14  Joseph Pecoraro  <pecoraro@apple.com>

        IncompleteMetaDataCue leak seen on leaks bot
        https://bugs.webkit.org/show_bug.cgi?id=141611

        Reviewed by Eric Carlson.        

        * platform/graphics/avfoundation/InbandMetadataTextTrackPrivateAVF.h:
        (WebCore::IncompleteMetaDataCue::IncompleteMetaDataCue): Deleted.
        (WebCore::IncompleteMetaDataCue::~IncompleteMetaDataCue): Deleted.
        (WebCore::IncompleteMetaDataCue::cueData): Deleted.
        (WebCore::IncompleteMetaDataCue::startTime): Deleted.
        Convert to a struct and hold a list of structs instead of pointers.

        * platform/graphics/avfoundation/InbandMetadataTextTrackPrivateAVF.cpp:
        (WebCore::InbandMetadataTextTrackPrivateAVF::addDataCue):
        (WebCore::InbandMetadataTextTrackPrivateAVF::updatePendingCueEndTimes):
        (WebCore::InbandMetadataTextTrackPrivateAVF::flushPartialCues):
        Update use of IncompleteMetaDataCue and modernize related code.

2015-02-09  Brian J. Burg  <burg@cs.washington.edu>

        Web Inspector: remove some unnecessary Inspector prefixes from class names in Inspector namespace
        https://bugs.webkit.org/show_bug.cgi?id=141372

        Reviewed by Joseph Pecoraro.

        * WebCore.exp.in:
        * inspector/InspectorApplicationCacheAgent.cpp:
        (WebCore::InspectorApplicationCacheAgent::didCreateFrontendAndBackend):
        (WebCore::InspectorApplicationCacheAgent::willDestroyFrontendAndBackend):
        * inspector/InspectorApplicationCacheAgent.h:
        * inspector/InspectorCSSAgent.cpp:
        (WebCore::InspectorCSSAgent::didCreateFrontendAndBackend):
        (WebCore::InspectorCSSAgent::willDestroyFrontendAndBackend):
        * inspector/InspectorCSSAgent.h:
        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::InspectorController):
        (WebCore::InspectorController::inspectedPageDestroyed):
        (WebCore::InspectorController::connectFrontend):
        (WebCore::InspectorController::disconnectFrontend):
        (WebCore::InspectorController::show):
        (WebCore::InspectorController::close):
        (WebCore::InspectorController::dispatchMessageFromFrontend):
        * inspector/InspectorController.h:
        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::didCreateFrontendAndBackend):
        (WebCore::InspectorDOMAgent::willDestroyFrontendAndBackend):
        * inspector/InspectorDOMAgent.h:
        * inspector/InspectorDOMDebuggerAgent.cpp:
        (WebCore::InspectorDOMDebuggerAgent::didCreateFrontendAndBackend):
        (WebCore::InspectorDOMDebuggerAgent::willDestroyFrontendAndBackend):
        (WebCore::InspectorDOMDebuggerAgent::didInvalidateStyleAttr):
        (WebCore::InspectorDOMDebuggerAgent::willInsertDOMNode):
        (WebCore::InspectorDOMDebuggerAgent::willRemoveDOMNode):
        (WebCore::InspectorDOMDebuggerAgent::willModifyDOMAttr):
        (WebCore::InspectorDOMDebuggerAgent::pauseOnNativeEventIfNeeded):
        (WebCore::InspectorDOMDebuggerAgent::willSendXMLHttpRequest):
        * inspector/InspectorDOMDebuggerAgent.h:
        * inspector/InspectorDOMStorageAgent.cpp:
        (WebCore::InspectorDOMStorageAgent::didCreateFrontendAndBackend):
        (WebCore::InspectorDOMStorageAgent::willDestroyFrontendAndBackend):
        * inspector/InspectorDOMStorageAgent.h:
        * inspector/InspectorDatabaseAgent.cpp:
        (WebCore::InspectorDatabaseAgent::didCreateFrontendAndBackend):
        (WebCore::InspectorDatabaseAgent::willDestroyFrontendAndBackend):
        * inspector/InspectorDatabaseAgent.h:
        * inspector/InspectorDatabaseResource.cpp:
        (WebCore::InspectorDatabaseResource::bind):
        * inspector/InspectorDatabaseResource.h:
        * inspector/InspectorForwarding.h:
        * inspector/InspectorIndexedDBAgent.cpp:
        (WebCore::InspectorIndexedDBAgent::didCreateFrontendAndBackend):
        (WebCore::InspectorIndexedDBAgent::willDestroyFrontendAndBackend):
        * inspector/InspectorIndexedDBAgent.h:
        * inspector/InspectorLayerTreeAgent.cpp:
        (WebCore::InspectorLayerTreeAgent::didCreateFrontendAndBackend):
        (WebCore::InspectorLayerTreeAgent::willDestroyFrontendAndBackend):
        * inspector/InspectorLayerTreeAgent.h:
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::didCreateFrontendAndBackend):
        (WebCore::InspectorPageAgent::willDestroyFrontendAndBackend):
        (WebCore::InspectorPageAgent::getScriptExecutionStatus):
        * inspector/InspectorPageAgent.h:
        * inspector/InspectorReplayAgent.cpp:
        (WebCore::InspectorReplayAgent::didCreateFrontendAndBackend):
        (WebCore::InspectorReplayAgent::willDestroyFrontendAndBackend):
        * inspector/InspectorReplayAgent.h:
        * inspector/InspectorResourceAgent.cpp:
        (WebCore::InspectorResourceAgent::didCreateFrontendAndBackend):
        (WebCore::InspectorResourceAgent::willDestroyFrontendAndBackend):
        * inspector/InspectorResourceAgent.h:
        * inspector/InspectorStyleSheet.cpp:
        (WebCore::InspectorStyle::styleWithProperties):
        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::didCreateFrontendAndBackend):
        (WebCore::InspectorTimelineAgent::willDestroyFrontendAndBackend):
        * inspector/InspectorTimelineAgent.h:
        * inspector/InspectorWorkerAgent.cpp:
        (WebCore::InspectorWorkerAgent::WorkerFrontendChannel::WorkerFrontendChannel):
        (WebCore::InspectorWorkerAgent::didCreateFrontendAndBackend):
        (WebCore::InspectorWorkerAgent::willDestroyFrontendAndBackend):
        * inspector/InspectorWorkerAgent.h:
        * inspector/PageRuntimeAgent.cpp:
        (WebCore::PageRuntimeAgent::didCreateFrontendAndBackend):
        (WebCore::PageRuntimeAgent::willDestroyFrontendAndBackend):
        * inspector/PageRuntimeAgent.h:
        * inspector/WorkerInspectorController.cpp:
        (WebCore::WorkerInspectorController::~WorkerInspectorController):
        (WebCore::WorkerInspectorController::connectFrontend):
        (WebCore::WorkerInspectorController::disconnectFrontend):
        * inspector/WorkerInspectorController.h:
        * inspector/WorkerRuntimeAgent.cpp:
        (WebCore::WorkerRuntimeAgent::didCreateFrontendAndBackend):
        (WebCore::WorkerRuntimeAgent::willDestroyFrontendAndBackend):
        * inspector/WorkerRuntimeAgent.h:
        * loader/EmptyClients.h:
        * page/PageDebuggable.cpp:
        (WebCore::PageDebuggable::connect):
        (WebCore::PageDebuggable::disconnect):
        * page/PageDebuggable.h:
        * testing/Internals.cpp:
        (WebCore::Internals::closeDummyInspectorFrontend):
        * workers/WorkerMessagingProxy.cpp:
        (WebCore::WorkerMessagingProxy::disconnectFromInspector):

2015-02-14  David Kilzer  <ddkilzer@apple.com>

        REGRESSION (r180082): WebCore Debug builds fail on Mavericks due to weak export symbols
        <http://webkit.org/b/141607>

        Work towards fixing the Mavericks Debug build.

        * dom/Document.h:
        (WebCore::Document::setAnnotatedRegionsDirty):
        * dom/Event.h:
        (WebCore::Event::create):
        * dom/Node.h:
        (WebCore::Node::hasEditableStyle):
        * dom/Position.h:
        (WebCore::Position::Position):
        * editing/FrameSelection.h:
        (WebCore::DragCaretController::clear):
        * loader/ResourceLoader.h:
        (WebCore::ResourceLoader::originalRequest):
        - Do not mark inline methods for export.

2015-02-14  Alexey Proskuryakov  <ap@apple.com>

        rel="noreferrer" should make window.opener null
        https://bugs.webkit.org/show_bug.cgi?id=141579

        Reviewed by Darin Adler.

        Tests: http/tests/navigation/target-blank-opener-post.html
               http/tests/navigation/target-blank-opener.html

        We used to avoid passing window.opener policy by temporarily storing it in a FrameLoader
        member variable. This works for some clients - ones that invoke delegate callbacks
        synchronously - but not in the general case.

        So, changed to passing the policy explicitly.

        * WebCore.exp.in:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::FrameLoader):
        (WebCore::FrameLoader::urlSelected):
        (WebCore::FrameLoader::loadURLIntoChildFrame):
        (WebCore::FrameLoader::loadFrameRequest):
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::loadPostRequest):
        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
        * loader/FrameLoader.h:
        (WebCore::FrameLoader::suppressOpenerInNewFrame): Deleted.
        * loader/FrameLoaderTypes.h:
        * loader/NavigationScheduler.cpp:
        * page/ContextMenuController.cpp:
        (WebCore::openNewWindow):
        (WebCore::ContextMenuController::contextMenuItemSelected):

2015-02-14  David Kilzer  <ddkilzer@apple.com>

        REGRESSION (r180082): WebCore build on Mountain Lion fails due to weak export for i386
        <rdar://problem/19838127>

        * Configurations/WebCore.unexp: Add missing symbol.

2015-02-13  Chris Dumez  <cdumez@apple.com>

        RenderListItem resets its marker's style on style change even if the diff is StyleDifferenceEqual
        https://bugs.webkit.org/show_bug.cgi?id=141572
        <rdar://problem/19759818>

        Reviewed by Simon Fraser.

        Do not unnecessarily update the marker's style in RenderListItem::styleDidChange()
        if the RenderStyle diff is StyleDifferenceEqual. Doing so can cause unnecessary
        layouts.

        This was causing high cpu usage on
        http://www.nokogiri.org/tutorials/searching_a_xml_html_document.html because there
        is an animation that changes the style every second (but the diff is equal) and the
        RenderListItem keeps resetting its marker's margin, which triggers a layout and the
        RenderListMarker re-computes its margin during layout and updates its style again.

        With this change, CPU usage on the page goes from 150% to 20%. There is only a style
        recalc happening every second, no more relayouts and repaints.

        Test: fast/repaint/list-item-equal-style-change-no-repaint.html

        * rendering/RenderListItem.cpp:
        (WebCore::RenderListItem::styleDidChange):

2015-02-13  Timothy Horton  <timothy_horton@apple.com>

        Make WebCore::IOSurface have single ownership instead of refcounting
        https://bugs.webkit.org/show_bug.cgi?id=141578

        Reviewed by Anders Carlsson.

        In the interests of making it harder to misuse and to make it more like
        ImageBuffer, our IOSurface wrapper should have single ownership.

        This will also allow future changes which depend on temporarily
        consuming an IOSurface to more easily enforce correct usage.

        * WebCore.exp.in:
        * platform/graphics/cg/IOSurfacePool.cpp:
        (WebCore::IOSurfacePool::takeSurface):
        (WebCore::IOSurfacePool::addSurface):
        (WebCore::IOSurfacePool::insertSurfaceIntoPool):
        (WebCore::IOSurfacePool::tryEvictInUseSurface):
        (WebCore::IOSurfacePool::tryEvictOldestCachedSurface):
        (WebCore::IOSurfacePool::collectInUseSurfaces):
        * platform/graphics/cg/IOSurfacePool.h:
        * platform/graphics/cocoa/IOSurface.h:
        * platform/graphics/cocoa/IOSurface.mm:
        (IOSurface::create):
        (IOSurface::createFromSendRight):
        (IOSurface::createFromSurface):
        (IOSurface::createFromImage):
        Make IOSurface::create()s return a unique_ptr, and adjust everywhere.

2015-02-12  Enrica Casucci  <enrica@apple.com>

        Additional emoji group support.
        https://bugs.webkit.org/show_bug.cgi?id=141539
        rdar://problem/19727527

        Reviewed by Sam Weinig.

        Adding some new emoji ligatures.
        Updated existing test to include the new sequences.

        * platform/text/TextBreakIterator.cpp:
        (WebCore::cursorMovementIterator):
        * rendering/RenderText.cpp:
        (WebCore::isEmojiGroupCandidate):

2015-02-13  Alex Christensen  <achristensen@webkit.org>

        Really stop using export files.
        https://bugs.webkit.org/show_bug.cgi?id=141521

        Reviewed by Mark Rowe.

        * Configurations/WebCore.xcconfig:
        Don't use exported symbols files.
        * Configurations/WebCore.unexp:
        Added list of symbols not to export (needed by Xcode 5.0.2).

2015-02-13  Zalan Bujtas  <zalan@apple.com>

        Simplify ASSERT in lastRubyRun().
        https://bugs.webkit.org/show_bug.cgi?id=141574

        Reviewed by Daniel Bates.

        r180064 made some of the conditions in the ASSERT redundant.

        Covered by existing tests.

        * rendering/RenderRuby.cpp:
        (WebCore::lastRubyRun):

2015-02-13  Brent Fulgham  <bfulgham@apple.com>

        [Mac, iOS] Adjust pagination behavior for Mail.app printing use
        https://bugs.webkit.org/show_bug.cgi?id=141569
        <rdar://problem/14912763>

        Reviewed by Anders Carlsson.

        * page/Settings.in: Add new pagination setting flag.
        * rendering/RenderBlockFlow.cpp:
        (WebCore::messageContainerName): Added.
        (WebCore::needsPaginationQuirk): Added.
        (WebCore::RenderBlockFlow::adjustLinePositionForPagination): Don't move the message content
        div to a new page when using this special printing mode.

2015-02-13  Daniel Bates  <dabates@apple.com>

        [iOS] DumpRenderTree.app fails to link due to undefined classes
        <rdar://problem/19831228>

        Following r179945, DumpRenderTree.app fails to link due to undefined symbols:

        Undefined symbols for architecture x86_64:
          "_OBJC_CLASS_$_WebEvent", referenced from:
              objc-class-ref in libDumpRenderTree.a(EventSendingController.o)
          "_OBJC_CLASS_$_WebUndefined", referenced from:
              objc-class-ref in libDumpRenderTree.a(ObjCController.o)

        We need to export the classes WebScriptObject and WebEvent.

        * bindings/objc/WebScriptObject.h:
        * platform/ios/WebEvent.h:

2015-02-13  Andreas Kling  <akling@apple.com>

        CachedResource::clearLoader() should self-destruct if nothing else retains the CachedResource.
        <https://webkit.org/b/141568>
        <rdar://problem/19800310>

        Reviewed by Antti Koivisto.

        Anything that may cause CachedResource::canDelete() to return true must also make sure
        to call CachedResource::deleteIfPossible(), or we risk leaking the CachedResource.
        This is because CachedResource employs an extremely convoluted lifetime mechanism that
        depends on its presence in a number of collections, as well as internal counters and
        state.

        This is a speculative fix for a potential CachedResource leak that I'm not sure exists
        in practice, but let's be good citizens here.

        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::clearLoader):

2015-02-13  Jer Noble  <jer.noble@apple.com>

        [MSE][Mac] Crash at WebCore::SourceBufferPrivateAVFObjC::didParseStreamDataAsAsset + 2357
        https://bugs.webkit.org/show_bug.cgi?id=141566
        rdar://problem/19826075

        Reviewed by Andreas Kling.

        Null check m_mediaSource before dereferencing.

        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::didParseStreamDataAsAsset):

2015-02-13  Zalan Bujtas  <zalan@apple.com>

        REGRESSION (r174761): Invalid cast in WebCore::lastRubyRun / WebCore::RenderRubyAsBlock::addChild
        https://bugs.webkit.org/show_bug.cgi?id=137929
        rdar://problem/18723492

        Reviewed by Chris Dumez.

        Ensure that the child renderer is a RenderRubyRun.

        Test: fast/ruby/crash-with-before-after-on-ruby.html

        * rendering/RenderRuby.cpp:
        (WebCore::lastRubyRun):

2015-02-13  Simon Fraser  <simon.fraser@apple.com>

        Crashes under RenderLayer::hitTestLayer under determinePrimarySnapshottedPlugIn()
        https://bugs.webkit.org/show_bug.cgi?id=141551

        Reviewed by Zalan Bujtas.
        
        It's possible for a layout to dirty the parent frame's state, via the calls to
        ownerElement()->scheduleSetNeedsStyleRecalc() that RenderLayerCompositor does when
        iframes toggle their compositing mode.
        
        That could cause FrameView::updateLayoutAndStyleIfNeededRecursive() to fail to 
        leave all the frames in a clean state. Later on, we could enter hit testing,
        which calls document().updateLayout() on each frame's document. Document::updateLayout()
        does layout on all ancestor documents, so in the middle of hit testing, we could
        layout a subframe (dirtying an ancestor frame), then layout another frame, which
        would forcing that ancestor to be laid out while we're hit testing it, thus
        corrupting the RenderLayer tree while it's being iterated over.
        
        Fix by having FrameView::updateLayoutAndStyleIfNeededRecursive() do a second
        layout after laying out subframes, which most of the time will be a no-op.
        
        Also add a stronger assertion, that this frame and all subframes are clean
        at the end of FrameView::updateLayoutAndStyleIfNeededRecursive() for the
        main frame.

        Various existing frames tests hit the new assertion if the code change is removed,
        so this is covered by existing tests.

        * page/FrameView.cpp:
        (WebCore::FrameView::needsStyleRecalcOrLayout):
        (WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive):
        * page/FrameView.h:
        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::willBeDestroyed):

2015-02-12  Simon Fraser  <simon.fraser@apple.com>

        determinePrimarySnapshottedPlugIn() should only traverse visible Frames
        https://bugs.webkit.org/show_bug.cgi?id=141547
        Part of rdar://problem/18445733.

        Reviewed by Anders Carlsson.

        There's an expectation from clients that FrameView::updateLayoutAndStyleIfNeededRecursive()
        updates layout in all frames, but it uses the widget tree, so only hits frames
        that are parented via renderers (i.e. not display:none frames or their descendants).
        
        Moving towards a future where we remove Widgets, fix by adding a FrameTree 
        traversal function that only finds rendered frames (those with an ownerRenderer).
        
        Not testable.

        * page/FrameTree.cpp:
        (WebCore::FrameTree::firstRenderedChild):
        (WebCore::FrameTree::nextRenderedSibling):
        (WebCore::FrameTree::traverseNextRendered):
        (printFrames):
        * page/FrameTree.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive):

2015-02-13  Alexey Proskuryakov  <ap@apple.com>

        TimerBase::m_heapInsertionOrder calculation is racy
        https://bugs.webkit.org/show_bug.cgi?id=141554

        Reviewed by Anders Carlsson.

        Use an atomic increment.

        * platform/Timer.cpp: (WebCore::TimerBase::setNextFireTime):

2015-02-13  Andreas Kling  <akling@apple.com>

        [iOS] Refine GC behavior in response to process suspension and memory pressure.
        <https://webkit.org/b/141543>
        <rdar://problem/19738024>

        Reviewed by Geoffrey Garen.

        Do an immediate full garbage collection when the web process is about to
        be suspended (when another tab is moving to the foreground on iOS.)
        This ensures that we make a best effort to reduce the process footprint
        before we lose the ability to execute code.

        When receiving a memory pressure warning, tell the garbage collector to
        accelerate its next collection (by calling garbageCollectSoon().)
        This gives us some confidence that a collection will happen within a
        reasonable timeframe, but doesn't risk dooming us to a loop of endless
        garbage collections.

        * platform/cocoa/MemoryPressureHandlerCocoa.mm:
        (WebCore::MemoryPressureHandler::platformReleaseMemory):

2015-02-13  Antti Koivisto  <antti@apple.com>

        Add some RELEASE_ASSERTs to try to catch crashes in StyleResolver::loadPendingImages
        https://bugs.webkit.org/show_bug.cgi?id=141561

        Reviewed by Simon Fraser.

        One possibility is that loads triggered by loadPendingImages end up synchronously destroying or re-entering
        style resolver. Try to catch these in release builds.

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::~StyleResolver):
        (WebCore::StyleResolver::styleForElement):
        (WebCore::StyleResolver::styleForKeyframe):
        (WebCore::StyleResolver::styleForPage):
        (WebCore::StyleResolver::loadPendingImages):
        * css/StyleResolver.h:

2015-02-13  ChangSeok Oh  <changseok.oh@collabora.com>

        Div having contentEditable and display:grid cannot be edited if it is empty.
        https://bugs.webkit.org/show_bug.cgi?id=141465

        Reviewed by Ryosuke Niwa.

        This bug is quite similar to webkit.org/b/141218. RenderGrid should be also treated as a candidate
        for visible position as like RenderFlexibleBox. The only different situation between them is
        that RenderGrid has a bug setting "0px" for logicalHeight when it is empty. RenderGrid should also have
        a minimum height of a single line if it is editable as well as RenderFlexibleBox does.

        Test: fast/events/key-events-in-editable-gridbox.html

        * dom/Position.cpp:
        (WebCore::Position::isCandidate):
        (WebCore::Position::isRenderedCharacter):
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::layoutGridItems):

2015-02-12  Zalan Bujtas  <zalan@apple.com>

        REGRESSION (r176262): Invalid cast in WebCore`WebCore::RootInlineBox::selectionTop
        https://bugs.webkit.org/show_bug.cgi?id=138992

        Reviewed by Dave Hyatt.

        RenderRubyText requires the ancestor chain to be (RenderRubyAsInline | RenderRubyAsBlock) -> RenderRubyRun -> RenderRubyText.
        This patch ensures that we create RenderRubyText for an <rt> element only when
        the expected ancestor chain is guaranteed.

        Test: fast/ruby/crash-when-ruby-is-set-to-inline-block.html

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::createFor): treat inline-block <ruby> as block.
        * rendering/RenderObject.h:
        (WebCore::RenderObject::isRubyInline):
        (WebCore::RenderObject::isRubyBlock):
        (WebCore::RenderObject::isRuby): Deleted.
        * rendering/RenderRuby.cpp:
        (WebCore::isAnonymousRubyInlineBlock):
        * rendering/RenderRuby.h: add support for is<RenderRubyAsBlock>(renderer) and for is<RenderRubyAsInline>(renderer)
        The isRuby() method does not follow the is*() -> maps to one class pattern.
        (WebCore::isRuby):
        * rendering/RenderRubyRun.cpp:
        (WebCore::RenderRubyRun::addChild):
        (WebCore::RenderRubyRun::staticCreateRubyRun):

2015-02-13  Csaba Osztrogonac  <ossy@webkit.org>

        Fix the gperf related build issue on the WinCairo bot
        https://bugs.webkit.org/show_bug.cgi?id=141507

        Reviewed by Alex Christensen.

        * platform/ColorData.gperf: Modified property svn:eol-style.

2015-02-13  Csaba Osztrogonác  <ossy@webkit.org>

        Unreviewed, remove empty directories.

        * loader/icon/wince: Removed.
        * platform/graphics/wince: Removed.
        * storage/wince: Removed.

2015-02-12  Timothy Horton  <timothy_horton@apple.com>

        Crashes under detectItemAroundHitTestResult when DataDetectors is not available
        https://bugs.webkit.org/show_bug.cgi?id=141549
        <rdar://problem/19180955>

        Reviewed by Dan Bernstein.

        * editing/mac/DataDetection.mm:
        (WebCore::DataDetection::detectItemAroundHitTestResult):
        Bail out from data detection if either of the relevant frameworks aren't loaded.

2015-02-12  Dean Jackson  <dino@apple.com>

        [iOS Media] Audio should hide timeline scrubber until playback starts
        https://bugs.webkit.org/show_bug.cgi?id=141542
        <rdar://problem/19820685>

        Reviewed by Eric Carlson.

        We regressed from the system behaviour in iOS 7, where the timeline
        scrubber for an audio element is not shown until the user starts
        playback.

        * Modules/mediacontrols/mediaControlsiOS.css:
        (video::-webkit-media-controls-panel): Fix the alignment of the flexbox.
        (audio::-webkit-media-controls-status-display): Add the style for the status display.
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.configureInlineControls): Start hidden if we are an <audio>.
        (ControllerIOS.prototype.configureFullScreenControls): Drive by comment change.
        (ControllerIOS.prototype.setPlaying): Unhide the timeline.

2015-02-12  Chris Dumez  <cdumez@apple.com>

        Drop the quirks-mode exception for CSS MIME types
        https://bugs.webkit.org/show_bug.cgi?id=141501

        Reviewed by Alexey Proskuryakov.

        Drop the quirks-mode exception for CSS MIME types.
        This matches Firefox's behavior.

        This patch is based on the following Blink revision:
        http://src.chromium.org/viewvc/blink?view=revision&revision=189669

        Tests:
        - http/tests/misc/css-accept-any-type.html
        - http/tests/security/cross-origin-css.html

        * css/StyleSheetContents.cpp:
        (WebCore::StyleSheetContents::parseAuthorStyleSheet):
        * dom/ProcessingInstruction.cpp:
        (WebCore::ProcessingInstruction::setCSSStyleSheet):
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::cachedResourceContent):
        * loader/cache/CachedCSSStyleSheet.cpp:
        (WebCore::CachedCSSStyleSheet::sheetText):
        (WebCore::CachedCSSStyleSheet::canUseSheet):
        * loader/cache/CachedCSSStyleSheet.h:

2015-02-12  Beth Dakin  <bdakin@apple.com>

        REGRESSION: Should not send wheel events with a delta of 0
        https://bugs.webkit.org/show_bug.cgi?id=141537
        -and corresponding-
        rdar://problem/18903118

        Reviewed by Simon Fraser.

        This code should not have been removed entirely to accommodate rubber-banding, it 
        just needs to return false instead of true in order to allow the MayBegin and 
        Ended phases to be handled by the ElasticityController.
        * dom/Element.cpp:
        (WebCore::Element::dispatchWheelEvent):

2015-02-12  Dean Jackson  <dino@apple.com>

        [iOS Media] Implement 3-style media timeline (buffered, played, unavailable)
        https://bugs.webkit.org/show_bug.cgi?id=141526
        <rdar://problem/19603337>

        Reviewed by Eric Carlson and Antoine Quint.

        Implement a 3-style media scrubber for iOS. This draws white for
        the region that has been played (before the playhead), black
        for the region that is buffered, and is hollow for the rest.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.updateProgress): Update progress is now completely
        shared between OS X and iOS. This calls the implementation specific
        drawTimelineBackground.
        (Controller.prototype.drawTimelineBackground): Move the OS X code to here.
        * Modules/mediacontrols/mediaControlsiOS.css:
        (audio::-webkit-media-controls-timeline): New styles for the timeline. Updated thumb image, etc.
        (video::-webkit-media-controls-timeline::-webkit-slider-runnable-track):
        (audio::-webkit-media-controls-timeline::-webkit-slider-thumb):
        (audio::-webkit-media-controls-timeline::-webkit-slider-thumb:active):
        (video::-webkit-media-controls-time-remaining-display):
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS): Create a globally unique canvas context name in the constructor.
        (ControllerIOS.prototype.createControls): Set the background of the timeline to a canvas.
        (ControllerIOS.prototype.addRoundedRect): Helper function.
        (ControllerIOS.prototype.drawTimelineBackground): Draw the 3-style content.
        (ControllerIOS.prototype.updateProgress): Deleted.

2015-02-12  Daniel Bates  <dabates@apple.com>

        Fix some Mac linker warnings
        https://bugs.webkit.org/show_bug.cgi?id=141522

        Reviewed by Alex Christensen.

        Following <https://trac.webkit.org/changeset/179945>, the linker warns about the following hidden WebCore symbols:
        
        ld: warning: cannot export hidden symbol __ZN7WebCore20LogNotYetImplementedE from /.../OpenSource/WebKitBuild/WebCore.build/Debug/WebCore.build/Objects-normal/x86_64/Logging.o
        ld: warning: cannot export hidden symbol _wkCreateURLPasteboardFlavorTypeName from /.../OpenSource/WebKitBuild/WebCore.build/Debug/WebCore.build/Objects-normal/x86_64/WebCoreSystemInterface.o
        ld: warning: cannot export hidden symbol _wkCreateURLNPasteboardFlavorTypeName from /.../OpenSource/WebKitBuild/WebCore.build/Debug/WebCore.build/Objects-normal/x86_64/WebCoreSystemInterface.o

        * WebCore.exp.in: Remove symbols for functions wkCreateURLPasteboardFlavorTypeName and wkCreateURLNPasteboardFlavorTypeName.
        * platform/Logging.h: Export WTFLogChannel for LogNotYetImplemented, which is referenced from
        notImplementedLoggingChannel() in file NotImplemented.cpp. We make use of the associated
        header, NotImplemented.h, in both WebKit and WebKit2.
        * platform/mac/WebCoreSystemInterface.mm: Remove declarations for functions
        wkCreateURLPasteboardFlavorTypeName and wkCreateURLNPasteboardFlavorTypeName that
        were inadvertently not removed in r25494.

2015-02-12  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Crash inspecting styles of element with mutated stylesheet
        https://bugs.webkit.org/show_bug.cgi?id=141451

        Reviewed by Timothy Hatcher.

        Test: inspector/css/stylesheet-with-mutations.html

        * css/CSSStyleSheet.h:
        * css/CSSStyleSheet.cpp:
        (WebCore::CSSStyleSheet::CSSStyleSheet):
        (WebCore::CSSStyleSheet::didMutateRules):
        Keep a flag on the CSSStyleSheet to know when it has had a rule
        mutation from the contents.

        * inspector/InspectorStyleSheet.h:
        * inspector/InspectorStyleSheet.cpp:
        (WebCore::InspectorStyleSheet::reparseStyleSheet):
        When completely replacing the stylesheet's contents, we will have
        destroyed any previous rules, so clear the has mutations flag.

        (WebCore::selectorsFromSource):
        Previously there was a mismatch between the rules the parsed
        SourceData had, and the actual CSSSelectors we were iterating.
        We use the SourceData so we can get the exact user authored
        text instead of generated longhands from actualy selector objects.
        Add an ASSERT and bail to catch and more gracefully handle
        any possible mismatches in the future.

        (WebCore::InspectorStyleSheet::styleSheetMutated):
        (WebCore::InspectorStyleSheet::ensureParsedDataReady):
        When a CSSStyleSheet has been mutated beyond the inspector's
        knowledge right now, fall back to readonly generated selectors.
        We should better handle this in the future:
        <https://webkit.org/b/141450> Web Inspector: Better support for CSSOM StyleSheet mutations (insertRule/deleteRule)

2015-02-12  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r179987.
        https://bugs.webkit.org/show_bug.cgi?id=141525

        caused debug tests to fail (Requested by alexchristensen on
        #webkit).

        Reverted changeset:

        "[CSS Grid Layout] Invalid initialization of track sizes with
        non spanning grid items"
        https://bugs.webkit.org/show_bug.cgi?id=140763
        http://trac.webkit.org/changeset/179987

2015-02-12  Brian J. Burg  <burg@cs.washington.edu>

        REGRESSION(r178060): empty arguments are passed when logging to system console
        https://bugs.webkit.org/show_bug.cgi?id=141511

        Reviewed by Timothy Hatcher.

        * page/PageConsoleClient.cpp:
        (WebCore::PageConsoleClient::messageWithTypeAndLevel): Change premature move to copyRef.

2015-02-12  Alex Christensen  <achristensen@webkit.org>

        [Win] Unreviewed debug build fix after r179980.

        * svg/SVGSVGElement.cpp:
        (WebCore::SVGSVGElement::currentViewportSize):
        Explicitly call constructor.

2015-01-23  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] Invalid initialization of track sizes with non spanning grid items
        https://bugs.webkit.org/show_bug.cgi?id=140763

        Reviewed by Antti Koivisto.

        Content sized tracks with non-spanning grid items were not
        properly sized because the growth limit was sometimes infinity
        (-1) after calling resolveContentBasedTrackSizingFunctions() when
        it should not. This patch adds an special initialization phase for
        non-spanning grid items as the new track sizing algorithm
        describes.

        Granted, that was handled in the old algorithm in
        distributeSpaceToTracks() as a special case. The problem is that
        it regressed after the optimization added in r173868 because that
        method is no longer called when the space to distribute is 0.

        That's why we could fix this by allowing calls to
        distributeSpaceToTracks() with spaceToDistribute>=0 but by fixing
        it with an explicit initialization our implementation becomes
        closer to the new algorithm and the initialization is now explicit
        in the code instead of a side effect of calling
        distributeSpaceToTracks() with no space to be distributed. It also
        brings a slight performance improvement as we save sorts and hash
        lookups.

        I also took the change to add caching to several GridTrackSize
        methods that were hot on the profiler (each one accounted for ~1%
        of the total time, now they account for ~0.3% each).

        Test: fast/css-grid-layout/grid-initialize-span-one-items.html

        * rendering/RenderGrid.cpp:
        (WebCore::GridItemWithSpan::span): New helper method for ASSERTs.
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions):
        Exclude non spanning grid items from the calls to
        resolveContentBasedTrackSizingFunctionsForItems().
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForNonSpanningItems):
        New method to resolve track sizes only using non-spanning grid
        items.
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
        Ensure that it isn't called for non-spanning grid items.
        * rendering/RenderGrid.h:
        * rendering/style/GridTrackSize.h:
        (WebCore::GridTrackSize::GridTrackSize): Cache return values.
        (WebCore::GridTrackSize::setLength): Ditto.
        (WebCore::GridTrackSize::setMinMax): Ditto.
        (WebCore::GridTrackSize::cacheMinMaxTrackBreadthTypes): New method
        that caches the return values for hasXXXTrackBreadth() methods.
        (WebCore::GridTrackSize::hasMinOrMaxContentMinTrackBreadth): Use
        the cached return value.
        (WebCore::GridTrackSize::hasMaxContentMaxTrackBreadth): Ditto.
        (WebCore::GridTrackSize::hasMinContentMaxTrackBreadth): Ditto.
        (WebCore::GridTrackSize::hasMinOrMaxContentMaxTrackBreadth): Ditto.
        (WebCore::GridTrackSize::hasMaxContentMinTrackBreadth): Ditto.
        (WebCore::GridTrackSize::hasMinContentMinTrackBreadth): Ditto.
        (WebCore::GridTrackSize::hasMinContentMinTrackBreadthAndMinOrMaxContentMaxTrackBreadth):
        Ditto.
        (WebCore::GridTrackSize::hasMaxContentMinTrackBreadthAndMaxContentMaxTrackBreadth):
        Ditto.

2015-02-12  Zan Dobersek  <zdobersek@igalia.com>

        Remove the USE(ACCELERATED_COMPOSITING) guard from the
        MediaPlayerPrivateGStreamerBase destructor.

        The guard was removed in r163079. It was still defined through CMake
        for the EFL and GTK ports when the guarded code was introduced in
        r172828. In r171741 the macro was finally removed for the GTK and EFL
        ports as well, but the guards for the affected code weren't updated
        so TextureMapperPlatformLayer::Client::platformLayerWillBeDestroyed()
        wasn't being called anymore.

        Rubber-stamped by Philippe Normand.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::~MediaPlayerPrivateGStreamerBase):

2015-02-11  Darin Adler  <darin@apple.com>

        Streamline and simplify SVGSVGElement and related classes
        https://bugs.webkit.org/show_bug.cgi?id=141463

        Reviewed by Antti Koivisto.

        * dom/Document.cpp: Removed unneeded include of SVGSVGElement.h.
        * loader/FrameLoader.cpp: Ditto.
        * rendering/RenderBoxModelObject.cpp: Ditto.
        * rendering/svg/RenderSVGForeignObject.cpp: Ditto.
        * svg/SVGImageElement.cpp: Ditto.
        * svg/SVGMarkerElement.cpp: Ditto.
        * svg/SVGPathElement.cpp: Ditto.
        * svg/SVGPatternElement.cpp: Ditto.
        * svg/SVGTransform.cpp: Ditto.

        * page/FrameView.cpp:
        (WebCore::FrameView::scrollToAnchor): Updated to call the SVGSVGElement function
        named scrollToAnchor (was setupInitialView). Also refactored to avoid repeating
        the expression frame().document() so often.

        * platform/graphics/FloatSize.h: Added operator/.

        * svg/SVGDocument.cpp:
        (WebCore::SVGDocument::rootElement): Rearranged to use early return.
        (WebCore::SVGDocument::zoomAndPanEnabled): Ditto.
        (WebCore::SVGDocument::startPan): Ditto. Also used FloatPoint math instead
        of breaking things apart into x and y.
        (WebCore::SVGDocument::updatePan): Ditto.

        * svg/SVGDocument.h: Removed some unneeded includes and forward declarations.
        Moved function bodies out of the class to make it more readable. Renamed
        m_translate to m_panningOffset and made it a FloatSize instead of FloatPoint.

        * svg/SVGDocumentExtensions.cpp:
        (WebCore::SVGDocumentExtensions::startAnimations): Use a modern for loop
        and update since timeContainer() now returns a reference.

        * svg/SVGSVGElement.cpp: Removed many unneeded includes.
        (WebCore::SVGSVGElement::SVGSVGElement): Moved initialization of scalars to
        the class definition. Updated since m_timerContainer is a Ref (later should
        change it to be a std::unique_ptr or just directly contained in SVGSVGElement).
        (WebCore::SVGSVGElement::~SVGSVGElement): Removed comment that doesn't say much,
        but is worded in a confusing way.
        (WebCore::SVGSVGElement::contentScriptType): Use NeverDestroyed instead of
        DEPRECATED_DEFINE_STATIC_LOCAL.
        (WebCore::SVGSVGElement::contentStyleType): Ditto.
        (WebCore::SVGSVGElement::viewport): Streamlined a bit.
        (WebCore::SVGSVGElement::pixelUnitToMillimeterX): Ditto.
        (WebCore::SVGSVGElement::pixelUnitToMillimeterY): Ditto.
        (WebCore::SVGSVGElement::currentView): Changed to return a reference.
        (WebCore::SVGSVGElement::frameForCurrentScale): Added. Helper for the two
        functions below.
        (WebCore::SVGSVGElement::currentScale): Updated to use frameForCurrentScale.
        (WebCore::SVGSVGElement::setCurrentScale): Ditto.
        (WebCore::SVGSVGElement::setCurrentTranslate): Optimized the case where there
        is no change to the translation. Also changed the data member's name to
        m_currentTranslate to more directly match the DOM API naming.
        (WebCore::SVGSVGElement::parseAttribute): Simplified the parsing a bit, and
        changed to pass a reference to SVGZoomAndPan::parseAttribute.
        (WebCore::SVGSVGElement::svgAttributeChanged): Tweaked formatting and removed
        code that converts the renderer pointer to a RenderObject* unnecessarily.
        (WebCore::SVGSVGElement::suspendRedraw): Removed FIXME about implementing this,
        since we don't really plan to do that.
        (WebCore::SVGSVGElement::unsuspendRedraw): Ditto.
        (WebCore::SVGSVGElement::unsuspendRedrawAll): Ditto.
        (WebCore::SVGSVGElement::forceRedraw): Ditto.
        (WebCore::SVGSVGElement::collectIntersectionOrEnclosureList): Changed return
        type to Ref, and pass in a function instead of an enumeration value.
        (WebCore::SVGSVGElement::getIntersectionList): Updated for above.
        (WebCore::SVGSVGElement::getEnclosureList): Ditto.
        (WebCore::SVGSVGElement::checkIntersection): Use && instead of early return
        for the null check.
        (WebCore::SVGSVGElement::checkEnclosure): Ditto.
        (WebCore::SVGSVGElement::createSVGLength): Use initialization list syntax
        for greater brevity.
        (WebCore::SVGSVGElement::createSVGAngle): Ditto.
        (WebCore::SVGSVGElement::createSVGPoint): Ditto.
        (WebCore::SVGSVGElement::createSVGMatrix): Ditto.
        (WebCore::SVGSVGElement::createSVGRect): Ditto.
        (WebCore::SVGSVGElement::createSVGTransform): Removed unneeded explicit
        constructor invocation.
        (WebCore::SVGSVGElement::createSVGTransformFromMatrix): Removed unneeded cast.
        (WebCore::SVGSVGElement::insertedInto): Updated since timeContainer() now
        returns a reference.
        (WebCore::SVGSVGElement::setCurrentTime): Use isfinite instead of isnan, so
        we won't store infinity as the current time.
        (WebCore::SVGSVGElement::currentViewBoxRect): Renamed locals and changed
        to use initializer lists for brevity.
        (WebCore::SVGSVGElement::currentViewportSize): Streamlined code by using
        initializer lists, using local variables only for things used more than once,
        and using the / operator defined above.
        (WebCore::SVGSVGElement::viewBoxToViewTransform): Use the concatenate function
        in a way that is more straightforward, rather than doing it with a temporary.
        (WebCore::SVGSVGElement::scrollToAnchor): Renamed this from
        setupInitialView.
        (WebCore::SVGSVGElement::inheritViewAttributes): Changed this to work with
        references rather than pointers.
        (WebCore::SVGSVGElement::getElementById): Use getAllElementsById as the
        FIXME comment suggested for better efficiency when there are a lot of descendants
        of the <svg> element at the cost of making it less efficient if there are
        a lot of elements all with the desired ID, but not inside the <svg> element.
        (WebCore::SVGSVGElement::isValid): Moved here from the header.

        * svg/SVGSVGElement.h: Removed unneeded forward declarations. Moved the
        animated properties to the top of the file, then other DOM, the other
        public members. Changed return types to references and Ref. Moved
        function bodies out of the class definition. Made createSVGNumber inline.

        * svg/SVGViewElement.cpp: Removed unneeded includes.
        (WebCore::SVGViewElement::isSupportedAttribute): Deleted.
        (WebCore::SVGViewElement::parseAttribute): Changed to not rely on
        isSupportedAttribute. Eventually I will do this in all the SVG classes.

        * svg/SVGViewSpec.cpp: Removed unneeded include of SVGSVGElement.h.
        (WebCore::SVGViewSpec::parseViewSpec): Updated for change in the name
        of the parse function in the SVGZoomAndPan class.

        * svg/SVGZoomAndPan.cpp:
        (WebCore::SVGZoomAndPan::isKnownAttribute): Deleted.
        (WebCore::SVGZoomAndPan::addSupportedAttributes): Deleted.
        (WebCore::SVGZoomAndPan::parse): Renamed from parseZoomAndPan since
        this is a member of the SVGZoomAndPan class and also has an argument
        of SVGZoomAndPanType.
        (WebCore::SVGZoomAndPan::parseAttributeValue): Added. Helper so the
        template function is not so big. Also write it in a simpler way.
        (WebCore::SVGZoomAndPan::ref): Deleted.
        (WebCore::SVGZoomAndPan::deref): Deleted.
        (WebCore::SVGZoomAndPan::setZoomAndPan): Deleted.

        * svg/SVGZoomAndPan.h: Removed unneeded includes. Reformatted the enum.
        Moved function bodies out of the class definition. Removed many unneeded
        functions.

        * svg/animation/SVGSMILElement.cpp:
        (WebCore::SVGSMILElement::insertedInto): Updated since timeContainer
        now returns a reference rather than a pointer.

2015-02-11  Darin Adler  <darin@apple.com>

        SVGUseElement follow-up improvements
        https://bugs.webkit.org/show_bug.cgi?id=141382

        Reviewed by Antti Koivisto.

        * loader/cache/CachedSVGDocumentClient.h: Removed unneeded forward declaration.

        * page/EventHandler.cpp: Removed unneeded include of SVGUseElement.h.
        * rendering/svg/RenderSVGViewportContainer.cpp: Ditto.

        * svg/SVGDocumentExtensions.cpp:
        (WebCore::SVGDocumentExtensions::clearTargetDependencies): Removed too-specific
        check that assumed that SVG elements in shadow trees are always for <use> elements.
        This amounted to an unneeded optimization that could be removed with no bad effect.

        * svg/SVGElement.cpp:
        (WebCore::SVGElement::correspondingElement): Removed the assertions so this could
        be used more freely outside of cases where the shadow tree state is fully consistent.
        It's fine to have this just be a mechanical getter; there's nothing super-tricky
        here that needs to be caught by the assertion.
        (WebCore::SVGElement::title): Removed unneeded special handling for titles inside
        the shadow tree.

        * svg/SVGGElement.cpp:
        (WebCore::SVGGElement::create): Added an overload that doesn't require explicitly
        passing in the tag name.
        * svg/SVGGElement.h: Ditto.
        * svg/SVGSVGElement.cpp:
        (WebCore::SVGSVGElement::create): Ditto.
        * svg/SVGSVGElement.h: Ditto.

        * svg/SVGUseElement.cpp: Removed a lot of unneeded includes.
        (WebCore::SVGUseElement::SVGUseElement): Removed code to initialize some booleans.
        We do that in the class definition now.
        (WebCore::SVGUseElement::create): Removed the code that calls the
        ensureUserAgentShadowRoot function unconditionally. That's properly done when
        needed; no need to do it here.
        (WebCore::SVGUseElement::~SVGUseElement): Removed unneeded code to destroy the
        shadow tree (that happens automatically) and simplified the code to stop loading
        the external document.
        (WebCore::SVGUseElement::isSupportedAttribute): Deleted.
        (WebCore::SVGUseElement::parseAttribute): Simplified this. Removed assumptions
        about the intersection of various sets of attributes, and also removed the
        isSupportedAttribute function. This seems to serve no purpose here, or in any
        other SVG element class. I plan to remove it everywhere over time.
        (WebCore::isWellFormedDocument): Deleted.
        (WebCore::SVGUseElement::insertedInto): Simplified code by removing all the
        special cases during initial parsing, and did the invalidation here rather than
        deferring it to didNotifySubtreeInsertions. Added a call to the new function,
        updateExternalDocument, since that won't do anything when the element is not
        in a document.
        (WebCore::SVGUseElement::didNotifySubtreeInsertions): Deleted.
        (WebCore::SVGUseElement::removedFrom): Added code to call clearShadowTree and
        updateExternalDocument. Both are efficient when doing nothing, and both are
        appropriate since the element is no longer in a document.
        (WebCore::SVGUseElement::referencedDocument): Deleted. No longer needed.
        (WebCore::SVGUseElement::externalDocument): Streamlined the logic here, removing
        multiple unneeded checks.
        (WebCore::SVGUseElement::transferSizeAttributesToTargetClone): Renamed since
        "target clone" is clear enough within this class, without explicitly stating
        "shadow tree". All the clones are in the shadow tree.
        (WebCore::SVGUseElement::svgAttributeChanged): Removed unneeded code calling
        isSupportedAttribute. Changed the code that detects changes in href to just
        call updateExternalDocument (for the document URL) and invalidateShadowTree
        (for the fragment). Also updated the transferSizeAttributesToTargetClone logic
        to only trigger on width and height and updated names.
        (WebCore::SVGUseElement::willAttachRenderers): Updated for the new name of
        m_shouldRebuildShadowTree and added a call through to the base class.
        (WebCore::createAllowedElementSet): Added. A more efficient way to implement
        the initialization of the set for isDisallowedElement.
        (WebCore::isDisallowedElement): Simplified this by using the function above,
        and also overloaded for both SVGElement and Element for a tiny efficiency boost.
        (WebCore::SVGUseElement::clearShadowTree): Renamed form clearResourceReferences.
        This is a much more straightforward name. Also deleted the code that sets the
        m_needsShadowTreeRecreation flag to false. That should be done by the build
        function, not here.
        (WebCore::SVGUseElement::buildPendingResource): Made this just invalidate the
        shadow tree now instead of explicitly building it.
        (WebCore::SVGUseElement::updateShadowTree): Moved the code to create a shadow
        tree here from buildPendingResource. ALso changed the logic so that we
        always blow away the old shadow tree. Moved the comment about rebuilding things
        every time here. Updated the code to use the findTarget and cloneTarget functions,
        eliminating the buildShadowTree function entirely. Moved the call to
        transferSizeAttributesToShadowTreeTargetClone inside cloneTarget. Also updated
        for the name change for m_shouldRebuildShadowTree.
        (WebCore::SVGUseElement::targetClone): Renamed from shadowTreeTargetClone.
        No need to emphasize "shadow tree" since that's where all clones are.
        (WebCore::isDirectReference): Streamlined a bit using "using namespace".
        (WebCore::SVGUseElement::toClipPath): Rewrote to use early return and updated
        for name changes. Also used ASCIILiteral.
        (WebCore::SVGUseElement::rendererClipChild): Changed local variable names.
        (WebCore::removeDisallowedElementsFromSubtree): Wrote the iteration in a
        slightly more idiomatic style.
        (WebCore::SVGUseElement::findTarget): Added. This new function implements
        the rule for finding a valid target for a use element. This replaces logic
        that was duplicated in two different places and it also includes all the
        rules that were formerly in the isValidTarget function. Also, this implements
        a correct check for a cycle that handles cases the code in isValidTarget did not.
        (WebCore::SVGUseElement::isValidTarget): Deleted.
        (WebCore::SVGUseElement::cloneTarget): Added. Helper function used both when
        cloning the target of the top level <use> elements and for other <use> elements
        inside the shadow tree.
        (WebCore::cloneDataAndChildren): Added. Helper function that allows both the
        <use> and <symbol> element expanding functions to be shorter and share more code.
        (WebCore::SVGUseElement::expandUseElementsInShadowTree): Removed unneeded checks
        of cachedDocumentIsStillLoading. Used the new findTarget function, which handles
        finding the target cross-document correctly. Removed the incorrect use of
        referencedDocument when creating new elements and finding targets. Refactored
        to use the new cloneDataAndChildren function and also moved the code that removes
        the special attributes here, replacing the transferAttributesToShadowTreeReplacement
        function. Made a few other simplifications.
        (WebCore::SVGUseElement::expandSymbolElementsInShadowTree): Ditto, just like the
        <use> changes only simpler.
        (WebCore::SVGUseElement::transferEventListenersToShadowTree): Made this const.
        Removed unneeded assertions.
        (WebCore::SVGUseElement::invalidateShadowTree): Updated for name change.
        (WebCore::SVGUseElement::invalidateDependentShadowTrees): Removed assertion.
        (WebCore::SVGUseElement::transferAttributesToShadowTreeReplacement): Deleted.
        (WebCore::SVGUseElement::selfHasRelativeLengths): Tweaked names.
        (WebCore::SVGUseElement::notifyFinished): Removed the inDocument check, since
        this function will only be called for elements that are in a document.
        (WebCore::SVGUseElement::cachedDocumentIsStillLoading): Deleted.
        (WebCore::SVGUseElement::finishParsingChildren): Removed the code that calls
        buildPendingResource here. Shadow tree updating is driven solely by renderer
        generation now.
        (WebCore::SVGUseElement::updateExternalDocument): Replaced setCachedDocument
        with this. This function knows how to load a different document if the URL
        has changed, or leave it alone if not, and also stop the load if it should.
        (WebCore::SVGUseElement::isValid): Moved this here from the header, since it's
        always being called virtually.
        (WebCore::SVGUseElement::haveLoadedRequiredResources): Ditto.
        (WebCore::SVGUseElement::setHaveFiredLoadEvent): Ditto.
        (WebCore::SVGUseElement::haveFiredLoadEvent): Ditto.
        (WebCore::SVGUseElement::svgLoadEventTimer): Ditto.

        * svg/SVGUseElement.h: Removed unneeded include. Moved the animated properties
        to the top of the class because they are public DOM API and so are logical to
        list first. I'd like to do that for other classes too over time. Changed to
        derive privately from CachedSVGDocumentClient. Made the function
        invalidateDependentShadowTrees private. Removed didNotifySubtreeInsertions,
        isSupportedAttribute, clearResourceReferences, buildShadowTree,
        transferAttributesToShadowTreeReplacement, isParserInserted, and
        m_wasInsertedByParser. Added updateExternalDocument, cloneTarget, targetClone,
        updateShadowTree, and clearShadowTree. Also did a couple other renames,
        including renaming m_cachedDocument to m_externalDocument.

        * svg/svgtags.in: Removed constructorNeedsCreatedByParser from the <use>
        element since we don't have to handle constructing by the parser specially.

2015-02-11  Dhi Aurrahman  <diorahman@rockybars.com>

        CSS selector JIT compilation support for :lang()
        https://bugs.webkit.org/show_bug.cgi?id=140818

        Reviewed by Benjamin Poulain.

        Add the JIT support for :lang(), to ensure :lang() no longer force the engine to
        the slow path.

        Test: fast/selectors/lang-chained-multiple.html

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addPseudoClassType):
        Get rid of the FunctionType::CannotCompile
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatching):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsInLanguage):

2015-02-11  Alex Christensen  <achristensen@webkit.org>

        Fix more weak external symbol errors.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        * page/make_settings.pl:
        (printGetterAndSetter):
        Remove some WEBCORE_EXPORT macros.

2015-02-11  Alex Christensen  <achristensen@webkit.org>

        Do not export functions defined in headers.
        This prevents weak external symbol errors in some configurations.

        * dom/Range.h:
        (WebCore::Range::startContainer):
        (WebCore::Range::startOffset):
        (WebCore::Range::endContainer):
        (WebCore::Range::endOffset):
        * inspector/InspectorController.h:
        * page/Settings.h:
        (WebCore::Settings::setMediaKeysStorageDirectory):
        * page/make_settings.pl:
        (printGetterAndSetter):
        * platform/network/cocoa/ProtectionSpaceCocoa.h:
        (WebCore::ProtectionSpace::encodingRequiresPlatformData):
        * platform/text/TextEncoding.h:
        (WebCore::TextEncoding::decode):
        Removed WEBCORE_EXPORT macros.

2015-02-11  Chris Dumez  <cdumez@apple.com>

        [WK2] Add logging to validate the network cache efficacy (Part 2)
        https://bugs.webkit.org/show_bug.cgi?id=141345
        <rdar://problem/19632080>

        Reviewed by Sam Weinig.

        Add a few more diagnostic logging keys for the network cache efficacy
        logging.

2015-02-11  Sam Weinig  <sam@webkit.org>

        REGRESSION(r179166): Crash when accessing document.dir on a document with no elements
        <rdar://problem/19804351>
        https://bugs.webkit.org/show_bug.cgi?id=141480

        Reviewed by Chris Dumez.

        Test: fast/dom/document-dir-empty-document-crash.html

        * html/HTMLDocument.cpp:
        (WebCore::HTMLDocument::dir):
        Don't unnecessarily dereference the documentElement. is<HTMLHtmlElement>() will handle null just fine.

2015-02-11  Mark Rowe  <mrowe@apple.com>

        <https://webkit.org/b/141492> extract-localizable-strings.pl shouldn't update the target file if the contents haven't changed

        Avoid updating the target file if the contents haven't changed. This prevents Xcode from copying the identical
        file into the framework and resigning it, which avoids the resulting relinking of all targets that depend on
        the framework.

        Reviewed by Dan Bernstein.

        * extract-localizable-strings.pl: Write our output to a temporary file. If the output differs from the
        existing contents of the target file, move the temporary file over the target file. Otherwise, delete
        the temporary file.

2015-02-11  Chris Dumez  <cdumez@apple.com>

        Turn recent assertions into release assertions to help track down crash in DocumentLoader::stopLoadingForPolicyChange()
        https://bugs.webkit.org/show_bug.cgi?id=141484
        <rdar://problem/13811738>

        Reviewed by Andy Estes.

        Turn recent assertions into release assertions to help track down crash in
        DocumentLoader::stopLoadingForPolicyChange(). This should increase the
        likelyhood of tripping them so that we better understand why this happens.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::~DocumentLoader):
        (WebCore::DocumentLoader::detachFromFrame):

2015-02-11  Jer Noble  <jer.noble@apple.com>

        [MSE] SampleMap::addRange() returns an inverted iterator_range, possibly causing a crash when that iterator_range is traversed.
        https://bugs.webkit.org/show_bug.cgi?id=141479
        rdar://problem/19067597

        Reviewed by Chris Dumez.

        When looking backwards through a presentationOrder map to find samples, we then reverse our iterators
        and put them in an iterator_range to return to the caller. But in addition to reversing the iterators
        themselves, we also need to put them in the iterator_range in reverse order, so that when the caller
        iterates from iterator_range.first -> iterator_range.second, they don't end up off the end of the
        the underlying storage.

        * Modules/mediasource/SampleMap.cpp:
        (WebCore::PresentationOrderSampleMap::findSamplesWithinPresentationRangeFromEnd):

2015-02-11  Simon Fraser  <simon.fraser@apple.com>

        Improve the showFrameTree() output slightly
        https://bugs.webkit.org/show_bug.cgi?id=141482

        Reviewed by Zalan Bujtas.

        Have showFrameTree() show the Frame's RenderView so it can be correlated with
        layer dumps, and show styleRecalc and needsLayout state.

        * page/FrameTree.cpp:
        (printFrames):
        * page/FrameView.cpp:
        (WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive): Add an explanatory
        comment about why we don't walk the Frame tree.

2015-02-11  Alex Christensen  <achristensen@webkit.org>

        Stop using WebCore.exp.in on Mac and iOS.
        https://bugs.webkit.org/show_bug.cgi?id=141413

        Reviewed by Dan Bates.

        * Configurations/Base.xcconfig:
        Make symbols hidden by default unless exported by WEBCORE_EXPORT macros.
        * platform/PlatformExportMacros.h:
        Start using WEBCORE_EXPORT on Mac and iOS (but not Windows yet).

2015-02-11  ChangSeok Oh  <changseok.oh@collabora.com>

        Div having contentEditable and display:flex cannot be edited if it is empty.
        https://bugs.webkit.org/show_bug.cgi?id=141218

        Reviewed by Ryosuke Niwa.

        RenderFlexibleBox should be treated as a candidate for visible position. Visible selection
        in an editable area is recalculated whenever an inner value of div is changed. If the inner value
        is empty, the visible selection recalculated with DeleteSelectionCommand::m_endingPostion
        is not correct. Because RenderBlockFlow is only considered but not RenderFlexibleBox
        in Position::isCandidate so that a calculated ending VisiblePosition for an editable div
        having "display : flex" goes weird and VisibleSelection is empty accordingly.

        Test: fast/events/key-events-in-editable-flexbox.html

        * dom/Position.cpp:
        (WebCore::Position::isCandidate):

2015-02-11  ChangSeok Oh  <changseok.oh@collabora.com>

        Activate ReliefLogger of a memory pressure handler for linux system.
        https://bugs.webkit.org/show_bug.cgi?id=123611

        Reviewed by Anders Carlsson.

        Put more logs for the time when a system goes under memory pressure or viceversa.

        No new tests since no engine behavior changed.

        * platform/linux/MemoryPressureHandlerLinux.cpp:
        (WebCore::MemoryPressureHandler::waitForMemoryPressureEvent): Wait a memory pressure event
        from cgroup in a seperated thread. Once a pressure event happens, respondToMemoryPressure()
        would be called to get back some resources.
        (WebCore::MemoryPressureHandler::install): Install memoryPressureHandler module
        to make it work.

2015-02-11  Alex Christensen  <achristensen@webkit.org>

        Final preparations to switch to WEBCORE_EXPORT.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        Export the vtable and a function.

2015-02-11  Sam Weinig  <sam@webkit.org>

        performance.now can crash if accessed from a window that has navigated
        <rdar://problem/16892506>
        https://bugs.webkit.org/show_bug.cgi?id=141478

        Reviewed by Alexey Proskuryakov.

        Test: fast/performance/performance-now-crash-on-navigated-window.html

        * page/Performance.cpp:
        (WebCore::Performance::now):
        Check for a null frame, which can happen when the window has been navigated.

2015-02-10  Alexey Proskuryakov  <ap@apple.com>

        URL::setUser and URL::setPass don't percent encode
        https://bugs.webkit.org/show_bug.cgi?id=141453
        rdar://problem/14844503&16551802&19623145

        Reviewed by Darin Adler.

        Tests: fast/url/url-credentials-escaping.html
               http/tests/xmlhttprequest/basic-auth-credentials-escaping.html

        Start adding some code that performs escaping in a way that matches the URL Standard.
        Right now, it's only used where we failed to do any escaping at all, and over time,
        we'll be moving towards a new implementation.

        * html/URLUtils.h:
        (WebCore::URLUtils<T>::username):
        (WebCore::URLUtils<T>::password):
        * platform/URL.cpp:
        (WebCore::isSchemeFirstChar):
        (WebCore::URL::user):
        (WebCore::URL::pass):
        (WebCore::URL::encodedUser):
        (WebCore::URL::encodedPass):
        (WebCore::URL::setUser):
        (WebCore::URL::setPass):
        (WebCore::encodeWithURLEscapeSequences):
        * platform/URL.h:

2015-02-11  Alex Christensen  <achristensen@webkit.org>

        Add a few more WEBCORE_EXPORT macros for debug and iOS builds.

        * page/EventHandler.h:
        * page/ios/WebEventRegion.h:
        * platform/sql/SQLiteDatabaseTracker.h:

2015-02-11  Darin Adler  <darin@apple.com>

        REGRESSION(r179476): It broke the !ENABLE(PICTURE_SIZES) build
        https://bugs.webkit.org/show_bug.cgi?id=141327

        Reviewed by Csaba Osztrogonác.

        * html/parser/HTMLPreloadScanner.cpp:
        (WebCore::TokenPreloadScanner::StartTagScanner::processAttributes):
        Put #if around use of m_sizesAttribute.

2015-02-11  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r179921.
        https://bugs.webkit.org/show_bug.cgi?id=141473

        caused about 30 test failures on yosemite and mavericks
        (Requested by alexchristensen on #webkit).

        Reverted changeset:

        "Div having contentEditable and display:flex cannot be edited
        if it is empty."
        https://bugs.webkit.org/show_bug.cgi?id=141218
        http://trac.webkit.org/changeset/179921

2015-02-11  ChangSeok Oh  <changseok.oh@collabora.com>

        Div having contentEditable and display:flex cannot be edited if it is empty.
        https://bugs.webkit.org/show_bug.cgi?id=141218

        Reviewed by Ryosuke Niwa.

        RenderFlexibleBox should be treated as a candidate for visible position. Visible selection
        in an editable area is recalculated whenever an inner value of div is changed. If the inner value
        is empty, the visible selection recalculated with DeleteSelectionCommand::m_endingPostion
        is not correct. Because RenderBlockFlow is only considered but not RenderFlexibleBox
        in Position::isCandidate so that a calculated ending VisiblePosition for an editable div
        having "display : flex" goes weird and VisibleSelection is empty accordingly.

        Test: fast/events/key-events-in-editable-flexbox.html

        * dom/Position.cpp:
        (WebCore::Position::isCandidate):

2015-02-11  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r179910.
        https://bugs.webkit.org/show_bug.cgi?id=141464

        Caused assertions on debug bots (Requested by ap on #webkit).

        Reverted changeset:

        "[WK2] Add logging to validate the network cache efficacy
        (Part 2)"
        https://bugs.webkit.org/show_bug.cgi?id=141345
        http://trac.webkit.org/changeset/179910

2015-02-10  Chris Dumez  <cdumez@apple.com>

        Optimize MutableStyleProperties::removePropertiesInSet()
        https://bugs.webkit.org/show_bug.cgi?id=141460

        Reviewed by Andreas Kling.

        Optimize MutableStyleProperties::removePropertiesInSet() by doing an
        in-place removal of the vector properties, using the new and efficient
        Vector::removalAllMatching().

        I see a ~11% speed-up on CSS/CSSPropertySetterGetter.html performance
        test.

        This change was inspired by the following Blink revision:
        https://src.chromium.org/viewvc/blink?view=rev&revision=189387

        Test: PerformanceTests/CSS/CSSPropertySetterGetter.html

        * css/StyleProperties.cpp:
        (WebCore::MutableStyleProperties::removePropertiesInSet):

2015-02-10  Alex Christensen  <achristensen@webkit.org>

        [Win] Fix debug build after r179807.
        https://bugs.webkit.org/show_bug.cgi?id=141461

        Reviewed by Benjamin Poulain.

        * dom/TypedElementDescendantIterator.h:
        Explicitly call Iterator constructor to reduce complexity when iterating descendantsOfType.

2015-02-10  Chris Dumez  <cdumez@apple.com>

        [WK2] Add logging to validate the network cache efficacy (Part 2)
        https://bugs.webkit.org/show_bug.cgi?id=141345

        Reviewed by Antti Koivisto.

        Add a few more diagnostic logging keys for the network cache efficacy
        logging.

2015-02-10  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r179896.
        https://bugs.webkit.org/show_bug.cgi?id=141452

        broke linking debug builds (Requested by thorton on #webkit).

        Reverted changeset:

        "Stop using WebCore.exp.in on Mac and iOS."
        https://bugs.webkit.org/show_bug.cgi?id=141413
        http://trac.webkit.org/changeset/179896

2015-02-10  Alex Christensen  <achristensen@webkit.org>

        Fix bindings tests after r179886.

        * bindings/scripts/test/ObjC/DOMFloat64Array.h:
        * bindings/scripts/test/ObjC/DOMTestActiveDOMObject.h:
        * bindings/scripts/test/ObjC/DOMTestCallback.h:
        * bindings/scripts/test/ObjC/DOMTestCustomNamedGetter.h:
        * bindings/scripts/test/ObjC/DOMTestEventConstructor.h:
        * bindings/scripts/test/ObjC/DOMTestEventTarget.h:
        * bindings/scripts/test/ObjC/DOMTestException.h:
        * bindings/scripts/test/ObjC/DOMTestGenerateIsReachable.h:
        * bindings/scripts/test/ObjC/DOMTestInterface.h:
        * bindings/scripts/test/ObjC/DOMTestMediaQueryListListener.h:
        * bindings/scripts/test/ObjC/DOMTestNamedConstructor.h:
        * bindings/scripts/test/ObjC/DOMTestNode.h:
        * bindings/scripts/test/ObjC/DOMTestNondeterministic.h:
        * bindings/scripts/test/ObjC/DOMTestObj.h:
        * bindings/scripts/test/ObjC/DOMTestOverloadedConstructors.h:
        * bindings/scripts/test/ObjC/DOMTestSerializedScriptValueInterface.h:
        * bindings/scripts/test/ObjC/DOMTestTypedefs.h:
        * bindings/scripts/test/ObjC/DOMattribute.h:
        * bindings/scripts/test/ObjC/DOMreadonly.h:

2015-02-10  Alex Christensen  <achristensen@webkit.org>

        Stop using WebCore.exp.in on Mac and iOS.
        https://bugs.webkit.org/show_bug.cgi?id=141413

        Reviewed by Dan Bates.

        * Configurations/Base.xcconfig:
        Make symbols hidden by default unless exported by WEBCORE_EXPORT macros.
        * platform/PlatformExportMacros.h:
        Start using WEBCORE_EXPORT on Mac and iOS (but not Windows yet).

2015-02-10  Chris Dumez  <cdumez@apple.com>

        Add another assertion to help track down crash in DocumentLoader::stopLoadingForPolicyChange()
        https://bugs.webkit.org/show_bug.cgi?id=141447
        <rdar://problem/13811738>

        Reviewed by Alexey Proskuryakov.

        Add another assertion to help track down crash in
        DocumentLoader::stopLoadingForPolicyChange().

        The trace seems to hint that frameLoader() returns null when
        stopLoadingForPolicyChange() is called. frameLoader() can only return
        null after DocumentLoader::detachFromFrame() has been called.
        Also, stopLoadingForPolicyChange() here is called from the
        DocumentLoader::continueAfterContentPolicy() policy callback which
        requires m_waitingForContentPolicy to be true. Therefore, we should
        assert that m_waitingForContentPolicy is false when m_frame is cleared
        in DocumentLoader::detachFromFrame().

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::detachFromFrame):

2015-02-10  Alex Christensen  <achristensen@webkit.org>

        Stop using WebCore.exp.in on Mac and iOS.
        https://bugs.webkit.org/show_bug.cgi?id=141413

        Reviewed by Dan Bates.

        * Configurations/Base.xcconfig:
        Make symbols hidden by default unless exported by WEBCORE_EXPORT macros.
        * platform/PlatformExportMacros.h:
        Start using WEBCORE_EXPORT on Mac and iOS (but not Windows yet).

2015-02-10  Alex Christensen  <achristensen@webkit.org>

        Add more WEBCORE_EXPORT macros for iOS.
        https://bugs.webkit.org/show_bug.cgi?id=141430

        Reviewed by Tim Horton.

        * bindings/objc/WebScriptObject.h:
        * bindings/scripts/CodeGeneratorObjC.pm:
        (GenerateHeader):
        * dom/Event.h:
        * dom/Node.h:
        * editing/FrameSelection.h:
        * html/HTMLFormControlElement.h:
        * html/HTMLMediaSession.h:
        * page/Frame.h:
        * page/FrameView.h:
        * platform/ScrollView.h:
        * platform/ios/PasteboardIOS.mm:
        * platform/ios/wak/WAKAppKitStubs.h:
        * platform/ios/wak/WAKClipView.h:
        * platform/ios/wak/WAKScrollView.h:
        * platform/ios/wak/WAKView.h:
        * platform/ios/wak/WAKWindow.h:
        * platform/ios/wak/WAKWindow.mm:
        * platform/ios/wak/WKContentObservation.h:
        * platform/ios/wak/WKGraphics.h:
        * platform/ios/wak/WebCoreThread.h:
        * platform/ios/wak/WebCoreThread.mm:
        * platform/ios/wak/WebCoreThreadRun.h:
        * platform/ios/wak/WebCoreThreadSystemInterface.h:
        * platform/network/ios/QuickLook.h:
        * platform/text/TextBreakIterator.h:

2015-02-09  David Hyatt  <hyatt@apple.com>

        text-underline-position: under is broken
        https://bugs.webkit.org/show_bug.cgi?id=141400
        <rdar://problem/18569583>

        Reviewed by Simon Fraser.

        Added fast/text/text-underline-position-under.html

        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::computeMaxLogicalBottom):
        (WebCore::InlineFlowBox::computeMaxLogicalTop): Deleted.
        * rendering/InlineFlowBox.h:
        Switch to using the bottom to compute the offset. Using the top is incorrect, since
        the heights of boxes can vary.

        Fix a bug where the y() of the box was being used instead of the logical value, making the result
        wrong for vertical text.

        * rendering/RootInlineBox.cpp:
        (WebCore::RootInlineBox::maxLogicalBottom):
        (WebCore::RootInlineBox::maxLogicalTop): Deleted.
        Switch to using the bottom instead of the top. Make sure the root box contributes its own bottom,
        since the old code just ignored the root's placement.

        * rendering/RootInlineBox.h:
        * style/InlineTextBoxStyle.cpp:
        (WebCore::computeUnderlineOffset):
        Call the bottom function now instead of the top.

2015-02-10  Chris Dumez  <cdumez@apple.com>

        Add assertion to help track down WebCore::DocumentLoader::stopLoadingForPolicyChange() crash
        https://bugs.webkit.org/show_bug.cgi?id=141441
        <rdar://problem/13811738>

        Reviewed by Alexey Proskuryakov.

        Add assertion to help track down a crash in
        WebCore::DocumentLoader::stopLoadingForPolicyChange().

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::~DocumentLoader):
        Make sure the DocumentLoader is not waiting for a content policy
        response when it is destroyed. If this were to happen, then the
        lambda function passed to PolicyChecker::checkContentPolicy()
        would outlive the DocumentLoader. This is an issue because
        that lambda function captures [this], which is the DocumentLoader.
        This would cause DocumentLoader::continueAfterContentPolicy() to
        be called after the DocumentLoader has been destroyed, which would
        explain the crash.

2015-02-07  Zalan Bujtas  <zalan@apple.com>

        REGRESSION (r168046): Crash in WebCore::InlineBox::renderer / WebCore::RenderFlowThread::checkLinesConsistency
        https://bugs.webkit.org/show_bug.cgi?id=133462

        Reviewed by David Hyatt.

        RenderFlowThread::m_lineToRegionMap stores pointers to the root inlineboxes in the block flow.
        Normally root inlineboxes remove themselves from this map in their dtors. However when collapsing an anonymous block,
        we detach the inline tree first and destroy them after. The detached root boxes can't access
        the flowthread containing block and we end up with dangling pointers in this map.
        Call removeFlowChildInfo() before detaching the subtree to ensure proper pointer removal.

        Test: fast/multicol/newmulticol/crash-when-switching-to-floating.html

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::collapseAnonymousBoxChild):

2015-02-10  Julien Isorce  <j.isorce@samsung.com>

        Render: properly update body's background image
        https://bugs.webkit.org/show_bug.cgi?id=140183

        When HTML and BODY renderers are both composited the
        skipBodyBackground condition should also take into account
        if the HTML's layer can draw its contents.

        Reviewed by Darin Adler.

        Test: animations/animation-background-image.html

        * rendering/RenderBox.cpp:
        (WebCore::skipBodyBackground): Do not skip
        if document's layer cannot draw its content.
        Previously both body and html did not paint the background
        when they are both composited.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::contentChanged): Also redisplay
        the content.

2015-02-10  Eric Carlson  <eric.carlson@apple.com>

        [iOS] don't get out of sync when interrupt/resume calls are not balanced
        https://bugs.webkit.org/show_bug.cgi?id=141310

        Reviewed by Jer Noble.

        No new tests, updated media/video-interruption-with-resume-allowing-play.html.

        * platform/audio/MediaSession.cpp:
        (WebCore::MediaSession::beginInterruption): Count interruptions.
        (WebCore::MediaSession::endInterruption): Ignore calls when m_interruptionCount is already zero.
        * platform/audio/MediaSession.h:

2015-02-10  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] GMutexLocker build issue
        https://bugs.webkit.org/show_bug.cgi?id=141381

        Reviewed by Žan Doberšek.

        Use always WTF::GMutexLocker because newer glib versions have a
        GMutexLocker in the public API.

        * platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp:
        (WebCore::AudioSourceProviderGStreamer::provideInput):
        (WebCore::AudioSourceProviderGStreamer::handleAudioBuffer):
        (WebCore::AudioSourceProviderGStreamer::clearAdapters):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::naturalSize):
        (WebCore::MediaPlayerPrivateGStreamerBase::updateTexture):
        (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
        (WebCore::MediaPlayerPrivateGStreamerBase::paint):
        * platform/graphics/gstreamer/VideoSinkGStreamer.cpp:
        (webkitVideoSinkTimeoutCallback):
        (webkitVideoSinkRender):
        (unlockSampleMutex):
        (webkitVideoSinkUnlockStop):
        (webkitVideoSinkStart):
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (webKitWebSrcGetProperty):
        (webKitWebSrcStop):
        (webKitWebSrcStart):
        (webKitWebSrcChangeState):
        (webKitWebSrcQueryWithParent):
        (webKitWebSrcGetUri):
        (webKitWebSrcSetUri):
        (webKitWebSrcNeedDataMainCb):
        (webKitWebSrcNeedDataCb):
        (webKitWebSrcEnoughDataMainCb):
        (webKitWebSrcEnoughDataCb):
        (webKitWebSrcSeekDataCb):
        (webKitWebSrcSetMediaPlayer):
        (StreamingClient::createReadBuffer):
        (StreamingClient::handleResponseReceived):
        (StreamingClient::handleDataReceived):
        (StreamingClient::handleNotifyFinished):
        (ResourceHandleStreamingClient::wasBlocked):
        (ResourceHandleStreamingClient::cannotShowURL):

2015-02-09  Alex Christensen  <achristensen@webkit.org>

        Update WEBCORE_EXPORT to prepare to start using it.
        https://bugs.webkit.org/show_bug.cgi?id=141409

        Reviewed by Tim Horton.

        * bindings/js/JSDOMGlobalObject.h:
        * bindings/objc/DOMInternal.h:
        * bindings/objc/ExceptionHandlers.mm:
        * bindings/objc/WebScriptObjectPrivate.h:
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
        * bindings/scripts/test/JS/JSTestEventConstructor.h:
        * bindings/scripts/test/JS/JSTestEventTarget.h:
        * bindings/scripts/test/JS/JSTestException.h:
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
        * bindings/scripts/test/JS/JSTestInterface.h:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
        * bindings/scripts/test/JS/JSTestNamedConstructor.h:
        * bindings/scripts/test/JS/JSTestNondeterministic.h:
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
        * bindings/scripts/test/JS/JSTestTypedefs.h:
        * bindings/scripts/test/JS/JSattribute.h:
        * bindings/scripts/test/JS/JSreadonly.h:
        * css/StyleProperties.h:
        * dom/DeviceMotionData.h:
        * dom/Node.h:
        * dom/Position.h:
        * dom/ScriptExecutionContext.h:
        * editing/Editor.h:
        * editing/htmlediting.h:
        * html/HTMLInputElement.h:
        * html/TimeRanges.h:
        * loader/FrameLoader.h:
        * loader/cache/CacheValidation.h:
        * loader/cache/MemoryCache.h:
        * loader/icon/IconDatabase.h:
        * page/DatabaseProvider.h:
        * page/DiagnosticLoggingKeys.h:
        * page/EventHandler.h:
        * page/FrameSnapshotting.h:
        * page/MainFrame.h:
        * page/PageConsoleClient.h:
        * page/PageOverlay.h:
        * platform/CrossThreadCopier.h:
        * platform/FileSystem.h:
        * platform/PlatformSpeechSynthesizer.h:
        * platform/RemoteCommandListener.h:
        * platform/RuntimeApplicationChecks.h:
        * platform/graphics/Font.h:
        * platform/graphics/FontCache.h:
        * platform/graphics/FontGlyphs.h:
        * platform/graphics/FontRanges.h:
        * platform/graphics/GeometryUtilities.h:
        * platform/graphics/GlyphPage.h:
        * platform/graphics/Region.h:
        * platform/graphics/ca/PlatformCALayer.h:
        * platform/graphics/ca/TileController.h:
        * platform/graphics/transforms/TransformationMatrix.h:
        * platform/mac/WebCoreFullScreenWarningView.h:
        * platform/network/BlobDataFileReference.h:
        * platform/network/ResourceRequestBase.h:
        * platform/network/ResourceResponseBase.h:
        * platform/network/create-http-header-name-table:
        * platform/network/mac/WebCoreURLResponse.h:
        * platform/sql/SQLiteDatabaseTracker.h:
        * platform/sql/SQLiteStatement.h:
        * rendering/HitTestLocation.h:
        * rendering/HitTestResult.h:
        * storage/StorageEventDispatcher.h:
        Added WEBCORE_EXPORT macros.

2015-02-09  Chris Dumez  <cdumez@apple.com>

        Check for self-assignment in Length::operator=(const Length&)
        https://bugs.webkit.org/show_bug.cgi?id=141402

        Reviewed by Andreas Kling.

        Check for self-assignment in Length::operator=(const Length&) as
        calling memcpy() with the same source and destination addresses has
        undefined behavior.

        * platform/Length.h:
        (WebCore::Length::operator=):

2015-02-09  Roger Fong  <roger_fong@apple.com>

        WebGL: Update 1.0.2 conformance layout tests and address new failure.
        https://bugs.webkit.org/show_bug.cgi?id=141408.
        <rdar://problem/19773236>

        Reviewed by Dean Jackson.

        Tests covered by updated 1.0.2 conformance tests.

        * html/canvas/WebGLRenderingContextBase.cpp: 
        Return null string instead of empty string if parameter validation fails.
        (WebCore::WebGLRenderingContextBase::getProgramInfoLog):
        (WebCore::WebGLRenderingContextBase::getShaderInfoLog):
        (WebCore::WebGLRenderingContextBase::getShaderSource):

2015-02-09  Timothy Horton  <timothy_horton@apple.com>

        Avoid using a HashMap for DisplayRefreshMonitorManager, which rarely has more than one item
        https://bugs.webkit.org/show_bug.cgi?id=141353

        Reviewed by Anders Carlsson.

        No new tests, because there's no behavior change.

        * platform/graphics/DisplayRefreshMonitorManager.cpp:
        (WebCore::DisplayRefreshMonitorManager::ensureMonitorForClient):
        (WebCore::DisplayRefreshMonitorManager::unregisterClient):
        (WebCore::DisplayRefreshMonitorManager::displayDidRefresh):
        * platform/graphics/DisplayRefreshMonitorManager.h:
        Use a Vector of RefPtr<DisplayRefreshMonitor> instead of a HashMap
        from uint64_t to RefPtr<DisplayRefreshMonitor>. There's usually only one
        display, so there's usually only one DisplayRefreshMonitor. Linear search
        on the Vector will be faster than the hash lookup in all conceivable cases.
        This also avoids the situation mentioned in the comments in DisplayRefreshMonitorManager.h
        where we don't know enough about PlatformDisplayID to safely hash it.

2015-02-09  Jer Noble  <jer.noble@apple.com>

        [Mac] Disable the currentTime estimation code in HTMLMediaElement for Yosemite+
        https://bugs.webkit.org/show_bug.cgi?id=141399

        Reviewed by Eric Carlson.

        Apparenty -[AVPlayer rate] means different things for HLS and progressive content; for progressive,
        the -rate is the actual rate of playback. For HLS, the -rate is the requested rate, and will return
        the requested value even if time is not progressing.

        We added the currentTime estimation engine because asking AVFoundation for its -currentTime used to
        be expensive, but we've been assured that in recent iOS and OS X releases, -currentTime should be
        very fast. That, in combination with the HLS behavior of -rate and how it breaks the currentTime
        estimation, means we should probably turn it off for iOS and Yosemite.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::maximumDurationToCacheMediaTime): Move implementation to .mm.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::maximumDurationToCacheMediaTime): Disable on iOS and >=10.10.

2015-02-07  Roger Fong  <roger_fong@apple.com>

        WebGL 2: Texture call format, internal format, and type validation.
        https://bugs.webkit.org/show_bug.cgi?id=141318.
        <rdar://problem/19733828>

        Reviewed by Brent Fulgham.

        Tests will be covered by WebGL2 conformance tests.

        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::getFramebufferAttachmentParameter): Add missing ExceptionCode argument.
        (WebCore::WebGL2RenderingContext::copyTexImage2D): Validate texture formats based on GLES3 spec.
        (WebCore::WebGL2RenderingContext::texSubImage2DBase): Validate using internal format from texture target.
        (WebCore::WebGL2RenderingContext::texSubImage2DImpl): Validate using internal format from texture target.
        (WebCore::WebGL2RenderingContext::texSubImage2D): Validate using internal format from texture target.
        (WebCore::WebGL2RenderingContext::validateTexFuncParameters): Do extra validation for copyTexImage2D.
        (WebCore::WebGL2RenderingContext::validateTexFuncFormatAndType): Validate internal format, format and type combination.
        (WebCore::WebGL2RenderingContext::validateTexFuncData): Validate new data types.
        This method now accepts an internal format argument.
        (WebCore::WebGL2RenderingContext::baseInternalFormatFromInternalFormat):
        Helper method to convert internal format to base internal format.
        * html/canvas/WebGL2RenderingContext.h:

        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::copyTexImage2D): Moved from WebGLRenderingContextBase.
        (WebCore::WebGLRenderingContext::texSubImage2DBase): Ditto.
        (WebCore::WebGLRenderingContext::texSubImage2DImpl): Ditto.
        (WebCore::WebGLRenderingContext::texSubImage2D): Ditto.
        (WebCore::WebGLRenderingContext::validateTexFuncParameters): Ditto.
        (WebCore::WebGLRenderingContext::validateTexFuncFormatAndType): Ditto.
        (WebCore::WebGLRenderingContext::validateTexFuncData): Ditto.
        * html/canvas/WebGLRenderingContext.h:

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::texImage2DBase):
        (WebCore::WebGLRenderingContextBase::validateTexFunc):
        (WebCore::WebGLRenderingContextBase::texImage2D):
        (WebCore::WebGLRenderingContextBase::copyTexImage2D): Deleted.
        (WebCore::WebGLRenderingContextBase::texSubImage2DBase): Deleted.
        (WebCore::WebGLRenderingContextBase::texSubImage2DImpl): Deleted.
        (WebCore::WebGLRenderingContextBase::texSubImage2D): Deleted.
        (WebCore::WebGLRenderingContextBase::validateTexFuncFormatAndType): Deleted.
        (WebCore::WebGLRenderingContextBase::validateTexFuncParameters): Deleted.
        (WebCore::WebGLRenderingContextBase::validateTexFuncData): Deleted.
        * html/canvas/WebGLRenderingContextBase.h: Modify validation type enums to differentiate between CopyImage, TexImage and TexSubImage calls.
        (WebCore::ScopedDrawingBufferBinder::ScopedDrawingBufferBinder):  Moved from WebGLRenderingContextBase.
        (WebCore::ScopedDrawingBufferBinder::~ScopedDrawingBufferBinder): Ditto.
        (WebCore::clip1D): Ditto.
        (WebCore::clip2D): Ditto.
        * platform/graphics/GraphicsContext3D.h: Rename a typo'ed enum.

2015-02-09  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r179494.
        https://bugs.webkit.org/show_bug.cgi?id=141395

        Caused slowdown in a WebKit client test scenario (Requested by
        kling on #webkit).

        Reverted changeset:

        "[Cocoa] Make decoded image data purgeable ASAP."
        https://bugs.webkit.org/show_bug.cgi?id=140298
        http://trac.webkit.org/changeset/179494

2015-02-09  Jer Noble  <jer.noble@apple.com>

        [WebAudio] AudioBufferSourceNodes should accurately play backwards if given a negative playbackRate.
        https://bugs.webkit.org/show_bug.cgi?id=140955

        Reviewed by Eric Carlson.

        Tests: webaudio/audiobuffersource-negative-playbackrate-interpolated.html
               webaudio/audiobuffersource-negative-playbackrate.html

        Add support for playing an AudioBufferSourceNode at a negative playbackRate. Change the meaning of
        start() to set the initial playback position at the end of the play range if the rate of playback
        is negtive.

        * Modules/webaudio/AudioBufferSourceNode.cpp:
        (WebCore::AudioBufferSourceNode::AudioBufferSourceNode): Allow the playbackRate AudioParam to range from [-32, 32].
        (WebCore::AudioBufferSourceNode::renderFromBuffer): Change variable names from "start" and "end" to "min" and "max"
            for clarity. Add a non-interpolated and interpolated render step for negative playback.
        (WebCore::AudioBufferSourceNode::start): Drive-by fix: default value of grainDuration is not 0.02.
        (WebCore::AudioBufferSourceNode::startPlaying): Start playing at the end of the buffer for negative playback.
        (WebCore::AudioBufferSourceNode::totalPitchRate): Allow the pitch to be negative.

2015-02-09  Darin Adler  <darin@apple.com>

        Try to fix build on platforms that use SVG "all in one" file (Windows).

        * svg/SVGAElement.cpp: Don't do "using namespace HTMLNames;" outside of
        function boundaries, because that will be inherited by other files.
        (WebCore::SVGAElement::isURLAttribute): Use XLinkNames directly here
        instead of using HTMLNames implicitly.

        * svg/SVGElement.cpp: Don't do "using namespace HTMLNames;" outside of
        function boundaries, because that will be inherited by other files.
        (WebCore::populateAttributeNameToCSSPropertyIDMap): Instead do it in here.
        (WebCore::populateAttributeNameToAnimatedPropertyTypeMap): And here.
        (WebCore::populateCSSPropertyWithSVGDOMNameToAnimatedPropertyTypeMap): And here.
        (WebCore::SVGElement::parseAttribute): And use HTMLNames directly here
        instead of implicitly.

2015-02-09  Eric Carlson  <eric.carlson@apple.com>

        [iOS] exit from fullscreen when player view controller calls delegate
        https://bugs.webkit.org/show_bug.cgi?id=141350

        Reviewed by Jer Noble.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebAVPlayerController playerViewControllerWillCancelOptimizedFullscree:]): New, ask delegate
            to exit from fullscreen.

2015-02-06  Sergio Villar Senin  <svillar@igalia.com>

        ASSERTION FAILED: resolvedInitialPosition <= resolvedFinalPosition in WebCore::GridSpan::GridSpan
        https://bugs.webkit.org/show_bug.cgi?id=141328

        Reviewed by Darin Adler.

        Whenever
        GridResolvedPosition::resolveGridPositionsFromAutoPlacementPosition()
        was trying to place an item with span, it was completely ignoring
        the resolvedInitialPosition returned by
        GridResolvedPosition::resolveGridPositionAgainstOppositePosition()
        and only using the finalResolvedPosition. This works with an
        unlimited grid which can indefinitely grow. But if the item spans
        over the grid track limits, then it might happen that the final
        resolved position is placed before the initial resolved position,
        something that is forbidden.

        The solution is to directly use the GridSpan returned by
        GridResolvedPosition::resolveGridPositionAgainstOppositePosition(), if the item
        does not surpass the track limits then the returned initialResolvedPosition
        is identical to the provided one, otherwise it's properly corrected to respect
        track boundaries.

        * rendering/style/GridResolvedPosition.cpp:
        (WebCore::GridResolvedPosition::resolveGridPositionsFromAutoPlacementPosition):

2015-01-22  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] Tracks' growth limits must be >= base sizes
        https://bugs.webkit.org/show_bug.cgi?id=140540

        Reviewed by Antti Koivisto.

        The track sizing algorithm is supposed to avoid those situations
        but they easily (specially when we mix absolute lengths and
        intrinsic lengths in min and max track sizing functions) and
        frequently appear. In those cases the outcome from the algorithm
        is wrong, tracks are not correctly sized.

        In order to fulfill the restriction, m_usedBreadth and
        m_maxBreadth are now private members of GridTrack and the class
        now provides a couple of methods to modify them respecting the
        growthLimit >= baseSize precondition.

        Apart from that, the members and methods of GridTrack were also
        renamed to match the ones used in the recent algorithm rewrite:
        usedBreadth became baseSize and maxBreadth is now growthLimit.

        Although the algorithm was not modified at all, this change
        detected and fixed several invalid results (tracks and/or grids
        bigger than expected).

        * rendering/RenderGrid.cpp:
        (WebCore::GridTrack::GridTrack): Renamed fields and methods. Added
        assertions.
        (WebCore::GridTrack::baseSize): Renamed from usedBreadth.
        (WebCore::GridTrack::growthLimit): Renamed from maxBreadth.
        (WebCore::GridTrack::setBaseSize):
        (WebCore::GridTrack::setGrowthLimit):
        (WebCore::GridTrack::growBaseSize): Renamed from growUsedBreadth.
        (WebCore::GridTrack::growGrowthLimit): Renamed from growMaxBreadth.
        (WebCore::GridTrack::growthLimitIsInfinite): New helper method.
        (WebCore::GridTrack::growthLimitIfNotInfinite): Renamed from
        maxBreadthIfNotInfinite.
        (WebCore::GridTrack::isGrowthLimitBiggerThanBaseSize): New helper
        method to verify ASSERTs are true.
        (WebCore::GridTrack::ensureGrowthLimitIsBiggerThanBaseSize): Ditto.
        (WebCore::GridTrackForNormalization::GridTrackForNormalization):
        (WebCore::RenderGrid::computeIntrinsicLogicalWidths):
        (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
        (WebCore::RenderGrid::computeNormalizedFractionBreadth):
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions):
        (WebCore::sortByGridTrackGrowthPotential):
        (WebCore::RenderGrid::distributeSpaceToTracks):
        (WebCore::RenderGrid::tracksAreWiderThanMinTrackBreadth):
        (WebCore::RenderGrid::layoutGridItems):
        (WebCore::RenderGrid::gridAreaBreadthForChild):
        (WebCore::RenderGrid::populateGridPositions):
        (WebCore::GridTrack::growUsedBreadth): Renamed to growBaseSize.
        (WebCore::GridTrack::usedBreadth): Renamed to baseSize.
        (WebCore::GridTrack::growMaxBreadth): Renamed to growGrowthLimit.
        (WebCore::GridTrack::maxBreadthIfNotInfinite): Renamed to
        growthLimitIfNotInfinite.
        * rendering/RenderGrid.h:

2015-02-08  Chris Fleizach  <cfleizach@apple.com>

        AX: VoiceOver appears unresponsive when JavaScript alerts are triggered via focus or blur events
        https://bugs.webkit.org/show_bug.cgi?id=140485

        Reviewed by Anders Carlsson.

        If setting an accessibility attribute results in a modal alert being displayed, it can cause VoiceOver
        to hang. A simple solution is perform the actual work after a short delay, which will ensure the call
        returns without hanging.

        Test: platform/mac/accessibility/setting-attributes-is-asynchronous.html

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilitySetValue:forAttribute:]):
        (-[WebAccessibilityObjectWrapper _accessibilitySetValue:forAttribute:]):

2015-02-08  Benjamin Poulain  <benjamin@webkit.org>

        Add parsing support for CSS Selector L4's case-insensitive attribute
        https://bugs.webkit.org/show_bug.cgi?id=141373

        Reviewed by Darin Adler.

        This patch adds parsing for the case-insensitive attribute value
        matching of CSS Selectors Level 4: http://dev.w3.org/csswg/selectors-4/#attribute-case
        Excuse of a grammar: http://dev.w3.org/csswg/selectors-4/#grammar

        This patch also covers serialization for CSSOM. The serialization
        is defined here: http://dev.w3.org/csswg/cssom/#serializing-selectors

        Matching is completely ignored in this patch. All the simple selectors
        are treated as regular attribute selectors.

        Tests: fast/css/parsing-css-attribute-case-insensitive-value-1.html
               fast/css/parsing-css-attribute-case-insensitive-value-2.html
               fast/css/parsing-css-attribute-case-insensitive-value-3.html
               fast/css/parsing-css-attribute-case-insensitive-value-4.html

        * css/CSSGrammar.y.in:
        * css/CSSParserValues.h:
        (WebCore::CSSParserSelector::setAttributeValueMatchingIsCaseInsensitive):
        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::CSSSelector):
        (WebCore::CSSSelector::selectorText):
        * css/CSSSelector.h:
        (WebCore::CSSSelector::CSSSelector):
        (WebCore::CSSSelector::setAttributeValueMatchingIsCaseInsensitive):
        (WebCore::CSSSelector::attributeValueMatchingIsCaseInsensitive):

2015-02-08  Darin Adler  <darin@apple.com>

        Fix CMake-based build.

        * CMakeLists.txt: Added a dependency on the CMakeLists.txt itself, analogous
        to the one I added in DerivedSources.make.

2015-02-08  Darin Adler  <darin@apple.com>

        Fix debug build.

        * bindings/js/JSEventListener.h: Removed a call to forwardEventListeners.

2015-02-08  Darin Adler  <darin@apple.com>

        Remove the SVG instance tree
        https://bugs.webkit.org/show_bug.cgi?id=140602

        Reviewed by Dean Jackson.

        * CMakeLists.txt: Removed SVGElementInstance source files.
        * DerivedSources.cpp: Ditto.
        * DerivedSources.make: Ditto.
        * WebCore.vcxproj/WebCore.vcxproj: Ditto.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * bindings/js/JSBindingsAllInOne.cpp: Ditto.

        * bindings/js/JSEventListener.cpp:
        (WebCore::forwardsEventListeners): Deleted. Only returned true for JSSVGElementInstance.
        (WebCore::correspondingElementWrapper): Deleted. Only used for JSSVGElementInstance.
        (WebCore::createJSEventListenerForAttribute): Deleted. Argument type was JSSVGElementInstance.
        (WebCore::createJSEventListenerForAdd): Removed most of the code; later we can delete this entirely.

        * bindings/js/JSEventListener.h: Removed the overload of createJSEventListenerForAttribute
        that takes a JSSVGElementInstance.

        * bindings/js/JSSVGElementInstanceCustom.cpp: Removed.

        * dom/ContainerNodeAlgorithms.h: Updated comment to reflect the fact that
        this code is really now only used for ContainerNode and no longer needs to
        exist in a generic form.

        * dom/EventTarget.h: Removed forward declaration of SVGElementInstance.
        * svg/SVGElement.h: Ditto.

        * dom/EventTargetFactory.in: Removed SVGElementInstance.

        * svg/SVGElementInstance.cpp: Removed.
        * svg/SVGElementInstance.h: Removed.
        * svg/SVGElementInstance.idl: Removed.

        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::insertedInto): Removed obsolete comment.
        (WebCore::SVGUseElement::instanceTreeIsLoading): Deleted. Unused
        function that I forgot to delete in my last patch. It also had a
        glaring mistake, a missing "return" before the recursive call to
        itself that would cause it to return false when it should return true.

        * svg/SVGUseElement.h: Removed instanceTreeIsLoading.

        * dom/EventDispatcher.cpp: Removed include of SVGElementInstance.h.
        * page/EventHandler.cpp: Ditto.
        * rendering/svg/RenderSVGViewportContainer.cpp: Ditto.
        * svg/SVGAElement.cpp: Ditto.
        * svg/SVGAllInOne.cpp: Ditto.
        * svg/SVGAnimateMotionElement.cpp: Ditto.
        * svg/SVGAnimatedTypeAnimator.h: Ditto.
        * svg/SVGAnimationElement.cpp: Ditto.
        * svg/SVGCircleElement.cpp: Ditto.
        * svg/SVGClipPathElement.cpp: Ditto.
        * svg/SVGComponentTransferFunctionElement.cpp: Ditto.
        * svg/SVGCursorElement.cpp: Ditto.
        * svg/SVGElement.cpp: Ditto.
        * svg/SVGEllipseElement.cpp: Ditto.
        * svg/SVGFEBlendElement.cpp: Ditto.
        * svg/SVGFEColorMatrixElement.cpp: Ditto.
        * svg/SVGFECompositeElement.cpp: Ditto.
        * svg/SVGFEConvolveMatrixElement.cpp: Ditto.
        * svg/SVGFEDiffuseLightingElement.cpp: Ditto.
        * svg/SVGFEDisplacementMapElement.cpp: Ditto.
        * svg/SVGFEDropShadowElement.cpp: Ditto.
        * svg/SVGFEGaussianBlurElement.cpp: Ditto.
        * svg/SVGFEImageElement.cpp: Ditto.
        * svg/SVGFELightElement.cpp: Ditto.
        * svg/SVGFEMergeNodeElement.cpp: Ditto.
        * svg/SVGFEMorphologyElement.cpp: Ditto.
        * svg/SVGFEOffsetElement.cpp: Ditto.
        * svg/SVGFESpecularLightingElement.cpp: Ditto.
        * svg/SVGFETileElement.cpp: Ditto.
        * svg/SVGFETurbulenceElement.cpp: Ditto.
        * svg/SVGFilterElement.cpp: Ditto.
        * svg/SVGFilterPrimitiveStandardAttributes.cpp: Ditto.
        * svg/SVGForeignObjectElement.cpp: Ditto.
        * svg/SVGGElement.cpp: Ditto.
        * svg/SVGGradientElement.cpp: Ditto.
        * svg/SVGGraphicsElement.cpp: Ditto.
        * svg/SVGImageElement.cpp: Ditto.
        * svg/SVGLineElement.cpp: Ditto.
        * svg/SVGLinearGradientElement.cpp: Ditto.
        * svg/SVGMarkerElement.cpp: Ditto.
        * svg/SVGMaskElement.cpp: Ditto.
        * svg/SVGPathElement.cpp: Ditto.
        * svg/SVGPatternElement.cpp: Ditto.
        * svg/SVGPolyElement.cpp: Ditto.
        * svg/SVGRadialGradientElement.cpp: Ditto.
        * svg/SVGRectElement.cpp: Ditto.
        * svg/SVGSVGElement.cpp: Ditto.
        * svg/SVGScriptElement.cpp: Ditto.
        * svg/SVGStopElement.cpp: Ditto.
        * svg/SVGSymbolElement.cpp: Ditto.
        * svg/SVGTRefElement.cpp: Ditto.
        * svg/SVGTextContentElement.cpp: Ditto.
        * svg/SVGTextElement.cpp: Ditto.
        * svg/SVGTextPathElement.cpp: Ditto.
        * svg/SVGTextPositioningElement.cpp: Ditto.

2015-02-07  Dean Jackson  <dino@apple.com>

        Tweak inline playback controls to match system spec
        https://bugs.webkit.org/show_bug.cgi?id=141375
        <rdar://problem/19760754>

        Reviewed by Sam Weinig.

        Rework the UI of the inline media controls on iOS, to
        better match the system specification. I've batched a
        few changes into one patch because many of them are
        inter-dependent, and not very aggressive. Changes are:

        - updated artwork for the buttons.
        - separate artwork for normal and active states.
        - background images are now explicitly sized and positioned
          in the middle of the element, allowing audio and video
          to use the same glyphs even though the elements are
          different sizes.
        - use plus-darker blend mode on the button glyphs.
        - rearranged some of the rules to group things in a
          logical order.
        - time should front-pad a "0" character, if less than 10.
        - no need for an "active" class on the Airplay button (although
          I won't be surprised if this changes back).

        * Modules/mediacontrols/mediaControlsiOS.css:
        (::-webkit-media-controls):
        (video::-webkit-media-controls-wireless-playback-picker-button.active): Deleted.
        (audio::-webkit-media-controls-wireless-playback-picker-button.active): Deleted.
        (audio::-webkit-media-controls-play-button:active): Deleted.
        (audio::-webkit-media-controls-play-button.paused): Deleted.
        (video::-webkit-media-controls-timeline): Deleted.
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.updateWirelessPlaybackStatus): No need
        for the "active" class.
        (ControllerIOS.prototype.formatTime): Pad with a leading zero.

2015-02-08  Darin Adler  <darin@apple.com>

        Make SVGUseElement work without creating any SVGElementInstance objects
        https://bugs.webkit.org/show_bug.cgi?id=141374

        Reviewed by Sam Weinig.

        * dom/ElementIterator.h: Changed the * and -> operators to be const.
        There is no need for the iterator itself to be modified just to dereference it.

        * dom/TypedElementDescendantIterator.h: Added DoubleTypedElementDescendantIterator.
        This allows callers to call descendantsOfType on two elements, as long as the caller
        can guarantee that both have the same number of descendants of that type. It's handy
        for walking a tree of cloned elements to set up something between each original and
        its clone. In the future we might instead change the cloning machinery so it can do
        this work as we clone, and if so, we could consider deleting this.

        * svg/SVGElement.cpp:
        (WebCore::SVGElement::correspondingElement): Made this const.
        (WebCore::SVGElement::invalidateInstances): Got rid of the rule that said "this can
        only be done for an element in a document", since it's useful to do this on an element
        that has just been removed from a document. Removed the "updateStyleIfNeeded" call
        here now that the other changes make it no longer needed. Removed an unimportant
        assertion that we only invalidate use elements that are in a document; that's not
        a necessary restriction. Streamlined the logic a bit.

        * svg/SVGElement.h: Made correspondingElement const.

        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::insertedInto): Removed an assertion about
        m_targetElementInstance since that's gone now.
        (WebCore::SVGUseElement::svgAttributeChanged): Changed code that transfers
        size attributes to the shadow tree to use shadowTreeTargetClone instead of
        m_targetElementInstance.
        (WebCore::SVGUseElement::clearResourceReferences): Removed code to detach
        m_targetElementInstance, and also the call to removeAllTargetReferencesForElement,
        because we no longer use those.
        (WebCore::SVGUseElement::buildPendingResource): Moved the code to build the
        shadow tree in here and deleted the buildShadowAndInstanceTree function.
        Also changed logic so that we use a pending resource any time the target is not
        a valid one. That helps us correctly handle cases where we initially have an
        invalid target, but later get a value one
        (WebCore::SVGUseElement::buildShadowAndInstanceTree): Deleted. The code here
        was greatly simplified and moved into buildPendingResource.
        (WebCore::SVGUseElement::buildInstanceTree): Deleted.
        (WebCore::SVGUseElement::hasCycleUseReferencing): Deleted. Cycles are now
        detected by the new isValidTarget function and so there's no need for a
        separate explicit check for a cycle.
        (WebCore::associateClonesWithOriginals): Added. Helper that makes
        functions that build the shadow tree simpler and easier to read.
        (WebCore::associateReplacementCloneWithOriginal): Added. Helper to
        make associateReplacementClonesWithOriginals simple.
        (WebCore::associateReplacementClonesWithOriginals): Added. Helper that
        makes functions that build the shadow tree simpler and easier to read.
        (WebCore::SVGUseElement::buildShadowTree): Call associateClonesWithOriginals
        since associateInstancesWithShadowTreeElements no longer does this.
        (WebCore::SVGUseElement::isValidTarget): Added. Covers all the different
        reasons a target might not be valid: type of element, reference cycles, and
        also "not in document" (refactored in here; not sure when that can happen
        in practice, might be possible to remove it later).
        (WebCore::SVGUseElement::expandUseElementsInShadowTree): Add checks for
        documents that are still loading; this used to be checked when building the
        instance tree. Added calls to associateReplacementClonesWithOriginals and
        associateClonesWithOriginals; that used to be done by later in the
        associateInstancesWithShadowTreeElements function. Use isValidTarget so
        we handle cycles as well as invalid target types.
        (WebCore::SVGUseElement::expandSymbolElementsInShadowTree): Added a call to
        associateReplacementClonesWithOriginals, since we can no longer do that in
        associateInstancesWithShadowTreeElements.
        (WebCore::SVGUseElement::associateInstancesWithShadowTreeElements): Deleted.
        (WebCore::SVGUseElement::instanceForShadowTreeElement): Deleted.
        (WebCore::SVGUseElement::invalidateDependentShadowTrees): Removed a comment
        that simply restated the name of the function.

        * svg/SVGUseElement.h: Removed instanceForShadowTreeElement,
        buildShadowAndInstanceTree, detachInstance, buildInstanceTree,
        hasCycleUseReferencing, associateInstancesWithShadowTreeElements,
        instanceForShadowTreeElement, and m_targetElementInstance. Added isValidTarget.

2015-02-08  Chris Dumez  <cdumez@apple.com>

        [WK2] Add logging to validate the network cache efficacy (Part 1)
        https://bugs.webkit.org/show_bug.cgi?id=141269
        <rdar://problem/19632080>

        Reviewed by Antti Koivisto.

        Export an extra symbol.

        * WebCore.exp.in:

2015-02-07  Chris Fleizach  <cfleizach@apple.com>

        AX: The input element with type="search" has no default focus outline
        https://bugs.webkit.org/show_bug.cgi?id=140326

        Reviewed by Darin Adler.

        The platform RenderTheme takes care of the search field, and that code
        was missing a check for whether the element was focused.

        Test: fast/css/focus-ring-exists-for-search-field.html

        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::paintSearchField):

2015-02-07  Tim Horton  <timothy_horton@apple.com>

        Add some dictionary lookup tests
        https://bugs.webkit.org/show_bug.cgi?id=141355

        Reviewed by Darin Adler.

        Tests: platform/mac/editing/dictionary-lookup/dictionary-lookup-input.html
               platform/mac/editing/dictionary-lookup/dictionary-lookup-inside-selection.html
               platform/mac/editing/dictionary-lookup/dictionary-lookup-outside-selection.html
               platform/mac/editing/dictionary-lookup/dictionary-lookup-rtl.html
               platform/mac/editing/dictionary-lookup/dictionary-lookup.html

        * WebCore.exp.in:
        Remove an unneeded export.

        * editing/mac/DictionaryLookup.h:
        Use OBJC_CLASS instead of @class so that this can be included in pure-C++ files.

        * testing/Internals.cpp:
        (WebCore::Internals::rangeForDictionaryLookupAtLocation):
        * testing/Internals.h:
        * testing/Internals.idl:
        Expose rangeForDictionaryLookupAtHitTestResult fairly directly to JavaScript.

2015-02-07  Chris Dumez  <cdumez@apple.com>

        Add Vector::removeFirstMatching() / removeAllMatching() methods taking lambda functions
        https://bugs.webkit.org/show_bug.cgi?id=141321

        Reviewed by Darin Adler.

        Use new Vector::removeFirstMatching() / removeAllMatching() methods.

2015-02-07  Darin Adler  <darin@apple.com>

        Stop dispatching events to with SVGElementInstance objects as their targets
        https://bugs.webkit.org/show_bug.cgi?id=141108

        Reviewed by Anders Carlsson.

        Test: svg/custom/use-event-retargeting.html

        * dom/EventDispatcher.cpp:
        (WebCore::eventTargetRespectingTargetRules): Replaced the code that retargeted
        events at SVGElementInstance objects with code that retargets them at the use
        element instead. Also wrote the code in a simpler way.

2015-02-07  Jer Noble  <jer.noble@apple.com>

        [Mac] Set -contentsScale on AVPlayerLayer to allow AVPlayer to select the appropriate HLS variant.
        https://bugs.webkit.org/show_bug.cgi?id=141354
        rdar://problem/19717591

        Reviewed by Darin Adler.

        AVPlayer will try to determine the correct HLS variant based on the bounds of an AVPlayerLayer.
        When not in a layer tree, AVFoundation is not able to determine the correct mapping from logical
        units to pixel values. To provide AVPlayer with that scaling value, set -contentsScale based on
        both the current device scale and the current page scale.

        Since this needs to be set at initialization time, before the AVPlayer is has any AVPlayerItems,
        add some plumbing up from MediaPlayer to as the HTMLMediaElement for the appropriate contents
        scale.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaPlayerContentsScale):
        * html/HTMLMediaElement.h:
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerClient::mediaPlayerContentsScale):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::updateContentsScale):

2015-02-07  Alexey Proskuryakov  <ap@apple.com>

        ASan complains about plugins/snapshotting/snapshot-plugin-not-quite-blocked-by-image.html
        https://bugs.webkit.org/show_bug.cgi?id=141352
        rdar://problem/19717490

        Reviewed by Anders Carlsson.

        * dom/Document.cpp: (WebCore::Document::ensurePlugInsInjectedScript): This string
        is not null terminated.

2015-02-06  Zalan Bujtas  <zalan@apple.com>

        ASSERT repaintContainer->hasLayer() in WebCore::RenderObject::repaintUsingContainer
        https://bugs.webkit.org/show_bug.cgi?id=140750

        Reviewed by Simon Fraser.

        There's a short period of time when RenderObject::layer() still returns a valid pointer
        even though we already cleared the hasLayer() flag.
        Do not use the layer as repaint container in such cases.

        Test: compositing/repaint-container-assertion-when-toggling-compositing.html

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::enclosingLayer):

2015-02-06  Chris Dumez  <cdumez@apple.com>

        Have SQLiteStatement::database() return a reference
        https://bugs.webkit.org/show_bug.cgi?id=141348

        Reviewed by Andreas Kling.

        Have SQLiteStatement::database() return a reference as it can never
        return null.

        * loader/icon/IconDatabase.cpp:
        (WebCore::readySQLiteStatement):
        * platform/sql/SQLiteStatement.h:
        (WebCore::SQLiteStatement::database):

2015-02-06  Brent Fulgham  <bfulgham@apple.com>

        Add youtube-nocookie URL to isYouTubeURL predicate 
        https://bugs.webkit.org/show_bug.cgi?id=141347
        <rdar://problem/19430657>

        Reviewed by Eric Carlson.

        * Modules/plugins/YouTubePluginReplacement.cpp:
        (WebCore::isYouTubeURL): Update for additional youtube-nocookie site.

2015-02-06  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Invalid cast in WebCore::SVGAnimateElement::calculateAnimatedValue.
        https://bugs.webkit.org/show_bug.cgi?id=135171.

        Reviewed by Dean Jackson.

        The bug happens when an SVG element is animated by <animateMotion> followed by an
        <animateColor> or an <animate> and the values of the "attributeName" in both elements
        are the same. The problem is <animateMotion> should not have an attribute to animate.
        If it does by fuzz or by mistake, then we assume the <animateMotion> and the <animate>
        animate the same attribute for the same element target. Therefore we schedule them in
        the same AnimationVector in SMILTimeContainer::schedule(). When we call
        SVGAnimateElementBase::calculateAnimatedValue() for an SVGAnimateColorElement and the
        resultElement is SVGAnimateMotionElement, we fail to cast it to SVGAnimateElementBase
        because SVGAnimateMotionElement is derived from SVGAnimationElement which is the base
        class of all animate elements including SVGAnimateElementBase.

        The fix is to nullify setting "attributeName" of an SVGAnimationElement. By doing so,
        "attributeName" and its value will be ignored from the <animateMotion> which is correct.
        
        Tests: svg/animations/animate-montion-invalid-attribute.svg.

        * svg/SVGAnimateElementBase.cpp:
        (WebCore::SVGAnimateElementBase::setAttributeName):
        Do not call SVGAnimationElement::setAttributeName() since SVGAnimationElement should
        not have an attribute to animate. We prevent this by bypassing the parent in the class 
        hierarchy: SVGAnimationElement and calling SVGSMILElement::setAttributeName() directly.
        
        * svg/SVGAnimationElement.cpp:
        (WebCore::SVGAnimationElement::setAttributeName): Deleted.
        * svg/SVGAnimationElement.h:
        SVGAnimationElement should not have an attribute to animate. So implement its
        setAttributeName() as a null function.

2015-02-06  Simon Fraser  <simon.fraser@apple.com>

        Convert the compositing overlap map to use LayoutRects
        https://bugs.webkit.org/show_bug.cgi?id=141346
        rdar://problem/18206365

        Reviewed by Zalan Bujtas.
        
        If two compositing layers were adjoining but not overlapping, but happened to
        have non-integral offsets, then using enclosing IntRects in the overlap map
        would cause us to think they are overlapping, and create unnecessary backing store.
        
        Fix by converting the overlap map to use LayoutRects.

        Test: compositing/layer-creation/subpixel-adjacent-layers-overlap.html

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::OverlapMapContainer::add):
        (WebCore::OverlapMapContainer::overlapsLayers):
        (WebCore::RenderLayerCompositor::OverlapMap::add):
        (WebCore::RenderLayerCompositor::OverlapMap::overlapsLayers):
        (WebCore::RenderLayerCompositor::OverlapMap::RectList::append):
        (WebCore::RenderLayerCompositor::OverlapMap::RectList::intersects):
        (WebCore::RenderLayerCompositor::logLayerInfo):
        (WebCore::RenderLayerCompositor::addToOverlapMap):
        (WebCore::RenderLayerCompositor::addToOverlapMapRecursive):
        (WebCore::RenderLayerCompositor::computeCompositingRequirements):
        * rendering/RenderLayerCompositor.h:

2015-02-06  Andreas Kling  <akling@apple.com>

        Ref-ify various getters that return HTMLCollection.
        <https://webkit.org/b/141336>

        Reviewed by Anders Carlsson.

        Make all the getters that return HTMLCollection objects (and never return nullptr)
        return Ref instead of RefPtr.

        Removed a couple of useless null checks that were exposed by this change.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::getDocumentLinks):
        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::namedItemGetter):
        * bindings/js/JSHTMLDocumentCustom.cpp:
        (WebCore::JSHTMLDocument::nameGetter):
        * dom/Document.cpp:
        (WebCore::Document::ensureCachedCollection):
        (WebCore::Document::images):
        (WebCore::Document::applets):
        (WebCore::Document::embeds):
        (WebCore::Document::plugins):
        (WebCore::Document::scripts):
        (WebCore::Document::links):
        (WebCore::Document::forms):
        (WebCore::Document::anchors):
        (WebCore::Document::all):
        (WebCore::Document::windowNamedItems):
        (WebCore::Document::documentNamedItems):
        (WebCore::Document::iconURLs):
        * dom/Document.h:
        * dom/Element.cpp:
        (WebCore::Element::ensureCachedHTMLCollection):
        * dom/Element.h:
        * html/ColorInputType.cpp:
        (WebCore::ColorInputType::suggestions):
        * html/HTMLDataListElement.cpp:
        (WebCore::HTMLDataListElement::options):
        * html/HTMLDataListElement.h:
        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::children):
        * html/HTMLElement.h:
        * html/HTMLFieldSetElement.cpp:
        (WebCore::HTMLFieldSetElement::elements):
        * html/HTMLFieldSetElement.h:
        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::elements):
        * html/HTMLFormElement.h:
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::setupDateTimeChooserParameters):
        * html/HTMLMapElement.cpp:
        (WebCore::HTMLMapElement::areas):
        * html/HTMLMapElement.h:
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::selectedOptions):
        (WebCore::HTMLSelectElement::options):
        * html/HTMLSelectElement.h:
        * html/HTMLTableElement.cpp:
        (WebCore::HTMLTableElement::rows):
        (WebCore::HTMLTableElement::tBodies):
        * html/HTMLTableElement.h:
        * html/HTMLTableRowElement.cpp:
        (WebCore::HTMLTableRowElement::insertCell):
        (WebCore::HTMLTableRowElement::deleteCell):
        (WebCore::HTMLTableRowElement::cells):
        * html/HTMLTableRowElement.h:
        * html/HTMLTableSectionElement.cpp:
        (WebCore::HTMLTableSectionElement::insertRow):
        (WebCore::HTMLTableSectionElement::deleteRow):
        (WebCore::HTMLTableSectionElement::rows):
        * html/HTMLTableSectionElement.h:
        * html/RangeInputType.cpp:
        (WebCore::RangeInputType::updateTickMarkValues):
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::paintSliderTicks):

2015-02-06  Brent Fulgham  <bfulgham@apple.com>

        [iOS] Implement audio track selection in fullscreen.
        https://bugs.webkit.org/show_bug.cgi?id=131236
        <rdar://problem/16552632>

        Reviewed by Eric Carlson.

        * platform/ios/WebVideoFullscreenModelVideoElement.h:
        * platform/ios/WebVideoFullscreenModelVideoElement.mm:
        (WebVideoFullscreenModelVideoElement::selectAudioMediaOption): Provide implementation.
        (WebVideoFullscreenModelVideoElement::updateLegibleOptions): Add audio track information
        to menu displayed to user.

2015-02-06  Bartlomiej Gajda  <b.gajda@samsung.com>

        [MSE] Implement Append Error algorithm.
        https://bugs.webkit.org/show_bug.cgi?id=139439

        Reviewed by Jer Noble.

        If Source Buffer has not received first init segment, then it shall call endOfStream after receiving
        Media Segment, as per Media Source spec. (from 17 July 2014) in paragraph 3.5.1 point 6.1.

        Based this change on Editor's Draft 12 December 2014, as it clarifies order of events.

        Test: media/media-source/media-source-append-media-segment-without-init.html

        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::streamEndedWithError):
        * Modules/mediasource/MediaSource.h:
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::sourceBufferPrivateAppendComplete):
        (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveInitializationSegment):
        (WebCore::SourceBuffer::validateInitializationSegment):
        (WebCore::SourceBuffer::appendError):
        * Modules/mediasource/SourceBuffer.h:

2015-02-06  Timothy Horton  <timothy_horton@apple.com>

        REGRESSION: Lookup doesn't work in RTL
        https://bugs.webkit.org/show_bug.cgi?id=141338
        <rdar://problem/19738407>

        Reviewed by Dan Bernstein.

        * editing/Editor.cpp:
        (WebCore::Editor::scanSelectionForTelephoneNumbers):
        * editing/mac/DictionaryLookup.mm:
        (WebCore::rangeExpandedAroundPositionByCharacters):
        Positions are independent of writing direction, so we don't
        need to (and shouldn't) do anything special for RTL here.

2015-02-06  Maciej Stachowiak  <mjs@apple.com>

        REGRESSION(r179706): Caused memory corruption on some tests (Requested by _ap_ on #webkit).
        https://bugs.webkit.org/show_bug.cgi?id=141324

        Reviewed by Alexey Proskuryakov.

        No new tests. This is caught by existing tests under ASAN, and I don't know how to reproduce
        it without ASAN.

        * rendering/RenderLineBoxList.cpp:
        (WebCore::RenderLineBoxList::dirtyLinesFromChangedChild): Give up
        and just always invalidate the next line. It's too hard to come up
        with the condition that catches all needed cases, doesn't itself
        cause a crash, and isn't overzealous. And we do this for the
        previous line anyway.  Also clean up the code a bit since it
        confusingly reuses a variable, and declares it uninitialized, for
        no good reason.

2015-02-05  Dhi Aurrahman  <diorahman@rockybars.com>

        Remove duplicate loop after r179532
        https://bugs.webkit.org/show_bug.cgi?id=141300

        Reviewed by Benjamin Poulain.

        No new tests, no behavior changed.

        * css/SelectorCheckerTestFunctions.h:
        (WebCore::matchesLangPseudoClass):

2015-02-05  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r179725.
        https://bugs.webkit.org/show_bug.cgi?id=141320

        caused 2 layout tests to fail (Requested by zalan on #webkit).

        Reverted changeset:

        "[MSE] Implement Append Error algorithm."
        https://bugs.webkit.org/show_bug.cgi?id=139439
        http://trac.webkit.org/changeset/179725

2015-02-05  Andreas Kling  <akling@apple.com>

        [iOS] Run a full garbage collection on memory warning.
        <https://webkit.org/b/141313>
        <rdar://problem/19738024>

        Reviewed by Chris Dumez.

        Make sure that we run a full GC when trying to free up memory, as this might
        be our last chance to execute before the kernel suspends this process.

        This aligns WebKit2 with the old WebKit1 behavior.

        * platform/cocoa/MemoryPressureHandlerCocoa.mm:
        (WebCore::MemoryPressureHandler::platformReleaseMemory):


2015-02-05  Hyungwook Lee  <hyungwook.lee@navercorp.com>

        Fix ASSERTION FAILED: !root->needsLayout() in FrameView::layout()
        https://bugs.webkit.org/show_bug.cgi?id=141032

        Reviewed by Darin Adler.

        This patch moves the !root->needsLayout() assert statement above
        updateLayerPositionsAfterLayout() that can modify dirty bit system
        when we have RenderMarquee.

        * page/FrameView.cpp:
        (WebCore::FrameView::layout):

2015-02-05  Bartlomiej Gajda  <b.gajda@samsung.com>

        [MSE] Implement Append Error algorithm.
        https://bugs.webkit.org/show_bug.cgi?id=139439

        Reviewed by Jer Noble.

        If Source Buffer has not received first init segment, then it shall call endOfStream after receiving
        Media Segment, as per Media Source spec. (from 17 July 2014) in paragraph 3.5.1 point 6.1.

        Based this change on Editor's Draft 12 December 2014, as it clarifies order of events.

        Test: media/media-source/media-source-append-media-segment-without-init.html

        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::streamEndedWithError):
        * Modules/mediasource/MediaSource.h:
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::sourceBufferPrivateAppendComplete):
        (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveInitializationSegment):
        (WebCore::SourceBuffer::validateInitializationSegment):
        (WebCore::SourceBuffer::appendError):
        * Modules/mediasource/SourceBuffer.h:

2015-02-05  Maciej Stachowiak  <mjs@apple.com>

        Crash due to failing to dirty a removed text node's line box
        https://bugs.webkit.org/show_bug.cgi?id=136544

        Reviewed by David Hyatt.
        
        Test: fast/text/remove-text-node-linebox-not-dirty-crash.html

        * rendering/RenderLineBoxList.cpp:
        (WebCore::RenderLineBoxList::dirtyLinesFromChangedChild): Make the check for dirtying the next
        line box a bit more inclusive to avoid a case of a line box for a destroyed render object not
        being dirtied. In particular, when the text node's parent has no line boxes but contains BRs.

2015-02-05  Chris Dumez  <cdumez@apple.com>

        Free memory read under MemoryCache::pruneLiveResourcesToSize()
        https://bugs.webkit.org/show_bug.cgi?id=141292
        <rdar://problem/19725522>

        Reviewed by Antti Koivisto.

        In MemoryCache::pruneLiveResourcesToSize(), we were iterating over the
        m_liveDecodedResources ListHashSet and possibly calling
        CachedResource::destroyDecodedData() on the current value. Doing so
        would cause a call to ListHashSet::remove() to remove the value pointed
        by the current iterator, thus invalidating our iterator.

        In this patch, we increment the ListHashSet iterator *before* calling
        CachedResource::destroyDecodedData(), while the current iterator is
        still valid. Note that this is safe because unlike iteration of most
        WTF Hash data structures, iteration is guaranteed safe against mutation
        of the ListHashSet, except for removal of the item currently pointed to
        by a given iterator.

        Test: http/tests/cache/memory-cache-pruning.html

        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::pruneLiveResourcesToSize):

2015-02-05  Jer Noble  <jer.noble@apple.com>

        [Mac] HLS <video> will not fire 'progress' events, only 'stalled'.
        https://bugs.webkit.org/show_bug.cgi?id=141284

        Reviewed by Brent Fulgham.

        Test: http/tests/media/hls/hls-progress.html

        totalBytes() will always return 0 for HLS streams, which will cause didLoadingProgress() to always
        return false. Skip this optimization. 

        Drive-by fix: duration() will always return 0 for this class as well. Use durationMediaTime() instead.

        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::didLoadingProgress):

2015-02-05  Darin Adler  <darin@apple.com>

        Move InstanceInvalidationGuard/UpdateBlocker to SVGElement from SVGElementInstance
        https://bugs.webkit.org/show_bug.cgi?id=141148

        Reviewed by Brent Fulgham and Anders Carlsson.

        Inspired by this change Rob Buis made in Blink:

            http://src.chromium.org/viewvc/blink?view=revision&revision=173343

        I actually wrote the whole thing and then discovered we did it almost identically.

        * svg/SVGAnimatedTypeAnimator.cpp:
        (WebCore::SVGElementAnimatedPropertyList::setInstanceUpdatesBlocked): Added this
        helper function to get around a circular header dependency.
        * svg/SVGAnimatedTypeAnimator.h:
        (WebCore::SVGAnimatedTypeAnimator::executeAction): Use setInstanceUpdatesBlocked.

        * svg/SVGElement.cpp:
        (WebCore::SVGElement::removedFrom): Use invalidateInstances.
        (WebCore::SVGElement::finishParsingChildren): Ditto.
        (WebCore::SVGElement::svgAttributeChanged): Ditto.
        (WebCore::SVGElement::childrenChanged): Ditto.
        (WebCore::SVGElement::setInstanceUpdatesBlocked): Added an assertion that will
        catch anyone who nests InstanceUpdateBlocker by accident.
        (WebCore::SVGElement::invalidateInstances): Moved this here from
        SVGElementInstance::invalidateAllInstancesOfElement. I had already modified this
        so it had nothing to do with SVGElementInstance, so it was a simple matter of
        converting this into a member function. Added a FIXME about the mysterious
        updateStyleIfNeeded that makes multiple tests fail if it's removed.

        * svg/SVGElement.h: Added public InstanceUpdateBlocker class, protected
        InstanceInvalidationGuard class, and private invalidateInstances function.
        Unlike the ones in SVGElementInstance these use references so they are then
        not copyable without using the WTF_MAKE_NONCOPYABLE macro.

        * svg/SVGElementInstance.cpp:
        (WebCore::SVGElementInstance::invalidateAllInstancesOfElement): Deleted.
        (WebCore::SVGElementInstance::InstanceUpdateBlocker::InstanceUpdateBlocker): Deleted.
        (WebCore::SVGElementInstance::InstanceUpdateBlocker::~InstanceUpdateBlocker): Deleted.
        * svg/SVGElementInstance.h: Removed InvalidationGuard, InstanceUpdateBlocker, and
        invalidateAllInstancesOfElement. Didn't do any further cleanup since we soon will
        delete this entire file.

        * svg/SVGAElement.cpp:
        (WebCore::SVGAElement::svgAttributeChanged): Updated to use new name and reference
        instead of pointer.
        * svg/SVGAnimateElementBase.cpp:
        (WebCore::applyCSSPropertyToTargetAndInstances): Ditto.
        (WebCore::removeCSSPropertyFromTargetAndInstances): Ditto.
        (WebCore::notifyTargetAndInstancesAboutAnimValChange): Ditto.
        * svg/SVGAnimatedPath.cpp:
        (WebCore::SVGAnimatedPathAnimator::startAnimValAnimation): Ditto.
        * svg/SVGCircleElement.cpp:
        (WebCore::SVGCircleElement::svgAttributeChanged): Ditto.
        * svg/SVGClipPathElement.cpp:
        (WebCore::SVGClipPathElement::svgAttributeChanged): Ditto.
        * svg/SVGComponentTransferFunctionElement.cpp:
        (WebCore::SVGComponentTransferFunctionElement::svgAttributeChanged): Ditto.
        * svg/SVGCursorElement.cpp:
        (WebCore::SVGCursorElement::svgAttributeChanged): Ditto.
        * svg/SVGEllipseElement.cpp:
        (WebCore::SVGEllipseElement::svgAttributeChanged): Ditto.
        * svg/SVGFEBlendElement.cpp:
        (WebCore::SVGFEBlendElement::svgAttributeChanged): Ditto.
        * svg/SVGFEColorMatrixElement.cpp:
        (WebCore::SVGFEColorMatrixElement::svgAttributeChanged): Ditto.
        * svg/SVGFECompositeElement.cpp:
        (WebCore::SVGFECompositeElement::svgAttributeChanged): Ditto.
        * svg/SVGFEConvolveMatrixElement.cpp:
        (WebCore::SVGFEConvolveMatrixElement::svgAttributeChanged): Ditto.
        * svg/SVGFEDiffuseLightingElement.cpp:
        (WebCore::SVGFEDiffuseLightingElement::svgAttributeChanged): Ditto.
        * svg/SVGFEDisplacementMapElement.cpp:
        (WebCore::SVGFEDisplacementMapElement::svgAttributeChanged): Ditto.
        * svg/SVGFEDropShadowElement.cpp:
        (WebCore::SVGFEDropShadowElement::svgAttributeChanged): Ditto.
        * svg/SVGFEGaussianBlurElement.cpp:
        (WebCore::SVGFEGaussianBlurElement::svgAttributeChanged): Ditto.
        * svg/SVGFEImageElement.cpp:
        (WebCore::SVGFEImageElement::svgAttributeChanged): Ditto.
        * svg/SVGFELightElement.cpp:
        (WebCore::SVGFELightElement::svgAttributeChanged): Ditto.
        * svg/SVGFEMergeNodeElement.cpp:
        (WebCore::SVGFEMergeNodeElement::svgAttributeChanged): Ditto.
        * svg/SVGFEMorphologyElement.cpp:
        (WebCore::SVGFEMorphologyElement::svgAttributeChanged): Ditto.
        * svg/SVGFEOffsetElement.cpp:
        (WebCore::SVGFEOffsetElement::svgAttributeChanged): Ditto.
        * svg/SVGFESpecularLightingElement.cpp:
        (WebCore::SVGFESpecularLightingElement::svgAttributeChanged): Ditto.
        * svg/SVGFETileElement.cpp:
        (WebCore::SVGFETileElement::svgAttributeChanged): Ditto.
        * svg/SVGFETurbulenceElement.cpp:
        (WebCore::SVGFETurbulenceElement::svgAttributeChanged): Ditto.
        * svg/SVGFilterElement.cpp:
        (WebCore::SVGFilterElement::svgAttributeChanged): Ditto.
        * svg/SVGFilterPrimitiveStandardAttributes.cpp:
        (WebCore::SVGFilterPrimitiveStandardAttributes::svgAttributeChanged): Ditto.
        * svg/SVGForeignObjectElement.cpp:
        (WebCore::SVGForeignObjectElement::svgAttributeChanged): Ditto.
        * svg/SVGGElement.cpp:
        (WebCore::SVGGElement::svgAttributeChanged): Ditto.
        * svg/SVGGradientElement.cpp:
        (WebCore::SVGGradientElement::svgAttributeChanged): Ditto.
        * svg/SVGGraphicsElement.cpp:
        (WebCore::SVGGraphicsElement::svgAttributeChanged): Ditto.
        * svg/SVGImageElement.cpp:
        (WebCore::SVGImageElement::svgAttributeChanged): Ditto.
        * svg/SVGLineElement.cpp:
        (WebCore::SVGLineElement::svgAttributeChanged): Ditto.
        * svg/SVGLinearGradientElement.cpp:
        (WebCore::SVGLinearGradientElement::svgAttributeChanged): Ditto.
        * svg/SVGMPathElement.cpp:
        (WebCore::SVGMPathElement::svgAttributeChanged): Ditto.
        * svg/SVGMarkerElement.cpp:
        (WebCore::SVGMarkerElement::svgAttributeChanged): Ditto.
        * svg/SVGMaskElement.cpp:
        (WebCore::SVGMaskElement::svgAttributeChanged): Ditto.
        * svg/SVGPathElement.cpp:
        (WebCore::SVGPathElement::svgAttributeChanged): Ditto.
        * svg/SVGPatternElement.cpp:
        (WebCore::SVGPatternElement::svgAttributeChanged): Ditto.
        * svg/SVGPolyElement.cpp:
        (WebCore::SVGPolyElement::svgAttributeChanged): Ditto.
        * svg/SVGRadialGradientElement.cpp:
        (WebCore::SVGRadialGradientElement::svgAttributeChanged): Ditto.
        * svg/SVGRectElement.cpp:
        (WebCore::SVGRectElement::svgAttributeChanged): Ditto.
        * svg/SVGSVGElement.cpp:
        (WebCore::SVGSVGElement::svgAttributeChanged): Ditto.
        * svg/SVGScriptElement.cpp:
        (WebCore::SVGScriptElement::svgAttributeChanged): Ditto.
        * svg/SVGStopElement.cpp:
        (WebCore::SVGStopElement::svgAttributeChanged): Ditto.
        * svg/SVGSymbolElement.cpp:
        (WebCore::SVGSymbolElement::svgAttributeChanged): Ditto.
        * svg/SVGTRefElement.cpp:
        (WebCore::SVGTRefElement::svgAttributeChanged): Ditto.
        * svg/SVGTextContentElement.cpp:
        (WebCore::SVGTextContentElement::svgAttributeChanged): Ditto.
        * svg/SVGTextPathElement.cpp:
        (WebCore::SVGTextPathElement::svgAttributeChanged): Ditto.
        * svg/SVGTextPositioningElement.cpp:
        (WebCore::SVGTextPositioningElement::svgAttributeChanged): Ditto.
        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::svgAttributeChanged): Ditto.
        * svg/animation/SVGSMILElement.cpp:
        (WebCore::SVGSMILElement::svgAttributeChanged): Ditto.

2015-02-05  Brent Fulgham  <bfulgham@apple.com>

        Remind ourselves to remove work-around code
        https://bugs.webkit.org/show_bug.cgi?id=141289

        Unreviewed gardening: Add a reminder FIXME to CSSParser
        so we can remove the MSVC-specific hack in the future.

        * css/CSSParser.cpp:

2015-02-05  Zalan Bujtas  <zalan@apple.com>

        Do not destroy RenderQuote's text fragment child when quotation mark string is changing.
        https://bugs.webkit.org/show_bug.cgi?id=141271
        rdar://problem/18169375

        Reviewed by Antti Koivisto.

        Similar approach as https://codereview.chromium.org/679593004/

        This patch ensures that laying out a RenderQuote does not force a sibling RenderQuote's
        child renderer(RenderText) to be destroyed.
        BreakingContext holds a pointer to the next renderer on the line (BreakingContext::m_nextObject).
        While laying out the line, initiated by BreakingContext, placing the current renderer could end up destroying the "next" renderer.
        This happens when the pseudo after quotation mark(RenderQuote) becomes floated, the sibling <q>'s pseudo
        before text needs to be changed (from " to ') so that we don't end up with 2 sets of the same opening
        strings.
        The fix is to reuse the RenderTextFragment object instead of destroy/recreate it.

        Test: fast/css/content/quote-crash-when-floating.html

        * rendering/RenderQuote.cpp:
        (WebCore::RenderQuote::RenderQuote):
        (WebCore::fragmentChild):
        (WebCore::RenderQuote::updateText):
        * rendering/RenderQuote.h:
        * rendering/RenderTextFragment.cpp:
        (WebCore::RenderTextFragment::setText):
        (WebCore::RenderTextFragment::setContentString):
        * rendering/RenderTextFragment.h:

2015-02-04  Dean Jackson  <dino@apple.com>

        [Media iOS] Add a debug setting to always show the optimized fullscreen button
        https://bugs.webkit.org/show_bug.cgi?id=141277
        <rdar://problem/19724471>

        Reviewed by Eric Carlson.

        Add a debug option so that we can test the optimized fullscreen
        control on media that doesn't support it.

        * Modules/mediacontrols/mediaControlsiOS.js: Add gSimulateOptimizedFullscreenAvailable.
        (ControllerIOS.prototype.createControls): Check the setting.
        (ControllerIOS.prototype.configureInlineControls): Ditto.
        (ControllerIOS.prototype.formatTime): Drive-by whitespace cleanup.
        (ControllerIOS.prototype.handleBaseGestureChange):
        (ControllerIOS.prototype.handleWrapperTouchStart):
        (ControllerIOS.prototype.handleOptimizedFullscreenTouchEnd):
        (ControllerIOS.prototype.handlePresentationModeChange): Drive-by variable renaming.

2015-02-05  Youenn Fablet  <youenn.fablet@crf.canon.fr> and Xabier Rodriguez Calvar <calvaris@igalia.com>

        [Streams API] Implement a barebone ReadableStream interface
        https://bugs.webkit.org/show_bug.cgi?id=141045

        Reviewed by Benjamin Poulain.

        This patch implements the ReadableStream IDL (https://streams.spec.whatwg.org/#rs-model).
        No functionality is yet added.
        ReadableStreamSource is expected to be implemented for native sources (such as HTTP sources)
        as well as JavaScript source through ReadableStreamJSSource.

        Test: streams/readablestream-constructor.html

        * CMakeLists.txt:
        * Configurations/FeatureDefines.xcconfig:
        * DerivedSources.cpp:
        * DerivedSources.make:
        * Modules/streams/ReadableStream.cpp: Added.
        (WebCore::ReadableStream::create):
        (WebCore::ReadableStream::ReadableStream):
        (WebCore::ReadableStream::~ReadableStream):
        (WebCore::ReadableStream::state):
        (WebCore::ReadableStream::closed):
        (WebCore::ReadableStream::ready):
        * Modules/streams/ReadableStream.h: Added.
        * Modules/streams/ReadableStream.idl: Added.
        * Modules/streams/ReadableStreamSource.h: Added.
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.vcxproj/WebCoreCommon.props:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JSReadableStreamCustom.cpp: Added.
        (WebCore::JSReadableStream::read):
        (WebCore::JSReadableStream::ready):
        (WebCore::JSReadableStream::closed):
        (WebCore::JSReadableStream::cancel):
        (WebCore::JSReadableStream::pipeTo):
        (WebCore::JSReadableStream::pipeThrough):
        (WebCore::constructJSReadableStream):
        * bindings/js/ReadableStreamJSSource.cpp: Added.
        (WebCore::ReadableStreamJSSource::create):
        (WebCore::ReadableStreamJSSource::ReadableStreamJSSource):
        (WebCore::ReadableStreamJSSource::setInternalError):
        * bindings/JSReadableStreamJSSource.h: Added.

2015-02-04  Brent Fulgham  <bfulgham@apple.com>

        [Win] Unreviewed project file corrections.

        Correct some parsing errors caused by recent manual editing of
        the project files.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:

2015-02-04  Eric Carlson  <eric.carlson@apple.com>

        [iOS] add method to toggle playback when in the background
        https://bugs.webkit.org/show_bug.cgi?id=141270

        Reviewed by Dean Jackson.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebAVPlayerController togglePlaybackEvenWhenInBackground:]): Added.

2015-02-04  Jer Noble  <jer.noble@apple.com>

        [Mac][EME] Support ClearKey encryption with AES128-encrypted HLS
        https://bugs.webkit.org/show_bug.cgi?id=140825

        Reviewed by Eric Carlson.

        Test: http/tests/media/clearkey/clear-key-hls-aes128.html

        Add support for ClearKey encryption when used with an AES-128 encrypted HLS stream.

        * Modules/encryptedmedia/CDM.cpp:
        (WebCore::installedCDMFactories): Add the CDMPrivateClearKey factory.
        * Modules/encryptedmedia/CDMPrivateClearKey.cpp:
        (WebCore::CDMPrivateClearKey::supportsKeySystem): Support the "org.w3c.clearkey" key system.
        (WebCore::CDMPrivateClearKey::supportsKeySystemAndMimeType): Ditto.
        (WebCore::CDMPrivateClearKey::supportsMIMEType): Ditto.
        (WebCore::CDMPrivateClearKey::createSession): Create a CDMSessionClearKey.
        * Modules/encryptedmedia/CDMPrivateClearKey.h:
        (WebCore::CDMPrivateClearKey::create): Simple factory.
        (WebCore::CDMPrivateClearKey::~CDMPrivateClearKey): Virtual destructor.
        (WebCore::CDMPrivateClearKey::CDMPrivateClearKey): Simple destructor.
        * Modules/encryptedmedia/CDMSessionClearKey.cpp: Added.
        (WebCore::clearKeyVM): Static method returning the VM to be used by JSON parsing.
        (WebCore::CDMSessionClearKey::CDMSessionClearKey): Simple constructor.
        (WebCore::CDMSessionClearKey::~CDMSessionClearKey): Simple destructor.
        (WebCore::CDMSessionClearKey::generateKeyRequest): Store the initData, ensure that it consists of a UTF8-encoded key
            URI, and return same.
        (WebCore::CDMSessionClearKey::releaseKeys): Purged all cached keys.
        (WebCore::CDMSessionClearKey::update): Parse raw JSON-encoded JWK keys, rejecting non-AES, non-oct keys.
        (WebCore::CDMSessionClearKey::cachedKeyForKeyID): Return cached keys.
        * Modules/encryptedmedia/CDMSessionClearKey.h:

        Add support for the "org.w3c.clearkey" CDM to MediaPlayerPrivateAVFoundationObjC, and do so in a platform-agnostic
        way by simply asking for raw key data from MediaPlayerClient when notified that a key has been added.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::keySystemIsSupported):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::supportsType):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::supportsKeySystem):
        (WebCore::fulfillRequestWithKeyData): Added utility method.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::shouldWaitForLoadingOfResource):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::keyAdded):

        Pipe a keyAdded() notification down to MediaPlayer and a cachedKeyForKeyId() request up to CDMSessionClearKey:

        * Modules/encryptedmedia/MediaKeySession.cpp:
        (WebCore::MediaKeySession::cachedKeyForKeyId):
        (WebCore::MediaKeySession::addKeyTimerFired):
        * Modules/encryptedmedia/MediaKeySession.h:
        * Modules/encryptedmedia/MediaKeys.cpp:
        (WebCore::MediaKeys::keyAdded):
        (WebCore::MediaKeys::cachedKeyForKeyId):
        * Modules/encryptedmedia/MediaKeys.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::keyAdded):
        * html/HTMLMediaElement.h:
        * platform/graphics/CDMSession.h:
        (WebCore::CDMSession::cachedKeyForKeyID):
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::keyAdded):
        (WebCore::MediaPlayer::cachedKeyForKeyId):
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerClient::mediaPlayerCachedKeyForKeyId):
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::keyAdded):

        Add new files to project:

        * WebCore.xcodeproj/project.pbxproj:
        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:

2015-02-04  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r179618.
        https://bugs.webkit.org/show_bug.cgi?id=141263

        Off-by-one error causing flaky behavior in webaudio
        /audiobuffersource-negative-playbackrate.html (Requested by
        jernoble_ on #webkit).

        Reverted changeset:

        "[WebAudio] AudioBufferSourceNodes should accurately play
        backwards if given a negative playbackRate."
        https://bugs.webkit.org/show_bug.cgi?id=140955
        http://trac.webkit.org/changeset/179618

2015-02-03  David Hyatt  <hyatt@apple.com>

        Tables don't repaginate properly when the pagination height changes or the pagination offset changes.
        https://bugs.webkit.org/show_bug.cgi?id=141207
        <rdar://problem/18387659>

        Reviewed by Dean Jackson.

        Added fast/multicol/table-dynamic-movement.html

        Change markForPaginationRelayoutIfNeeded to be called always and to check needsLayout inside it.

        Make RenderTable override markForPaginationRelayoutIfNeeded and also dirty the sections if the table
        ended up getting marked for relayout.

        Make sure rows do the right thing as well.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::layoutPositionedObjects):
        (WebCore::RenderBlock::markForPaginationRelayoutIfNeeded):
        * rendering/RenderBlock.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::layoutBlockChild):
        (WebCore::RenderBlockFlow::adjustBlockChildForPagination):
        (WebCore::RenderBlockFlow::positionNewFloats):
        * rendering/RenderDeprecatedFlexibleBox.cpp:
        (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
        (WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox):
        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::markForPaginationRelayoutIfNeeded):
        * rendering/RenderTable.h:
        * rendering/RenderTableRow.cpp:
        (WebCore::RenderTableRow::layout):
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::layout):

2015-02-04  Said Abou-Hallawa  <sabouhallawa@apple.com>

        When using SVG as an image, we should load datauri images when these images are not in the image cache.
        https://bugs.webkit.org/show_bug.cgi?id=99677.

        Reviewed by Darin Adler.
        
        Data URI sub-resources are not loaded because the networking context of FrameLoader
        attached to the SubResourceLoader is set to null. This is done intentionally to
        disallow any resource from loading external sub-resources. For example if an <img>
        tag has its 'src' attribute points to an svg file, this svg is not allowed to load
        an external image through the 'xlink' attribute of an <image> element. This restriction
        is not valid if the value of the 'xlink' attribute is a data URI. In this case the image 
        should be loaded into memory since there is no network traffic involved. All we need
        to do is to decode the data part of the URI.
        
        The fix is to pass the root FrameLoader, which has a valid NetworkingContext, through
        the FrameLoaderClient, to the ResourceHandle::create() which uses the NetworkingContext
        to decode the data and fire the load events of the data URI resources.

        Tests:  svg/as-image/svg-image-with-data-uri-background.html
                svg/as-image/svg-image-with-data-uri-from-canvas.html
                svg/as-image/svg-image-with-data-uri-images-disabled.html
                svg/as-image/svg-image-with-data-uri-reloading.html
                svg/as-image/svg-image-with-data-uri-use-data-uri.svg
                svg/as-image/svg-image-with-svg-data-uri.html

        * accessibility/AccessibilityRenderObject.cpp:
        Remove unreferenced header file.

        * loader/FrameLoaderClient.h:
        Define the null virtual function dataProtocolLoader() which should return the FrameLoader
        for loading data URI resources.

        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::start):
        (WebCore::ResourceLoader::dataProtocolFrameLoader):
        * loader/ResourceLoader.h:
        Add ResourceLoader::dataProtocolFrameLoader() which returns the root FrameLoader. The
        root FrameLoader is used to get a valid NetworkingContext which can be passed to
        ResourceHandle::create() when url().protocolIsData().

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::load):
        (WebCore::CachedImage::finishLoading):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::shouldPerformImageLoad):
        (WebCore::CachedResourceLoader::shouldDeferImageLoad):
        * loader/cache/CachedResourceLoader.h:
        Allow loading data URI sub-resources as long as loading images is not disabled. Also we
        need to call setDataProtocolLoader() before calling setData() for the isSVGImage case, 
        setData() will create a page by calling Page::createPageFromBuffer() via SVGImage::dataChanged(),
        and we need to pass the correct FrameLoaderClient to the created FrameLoader of the main
         frame of this page.

        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::SVGImage):
        (WebCore::SVGImage::dataChanged):
        * svg/graphics/SVGImage.h:
        Create a new FrameLoaderClient of type SVGFrameLoaderClient and set it in pageConfiguration
        which is used when creating the page from the SVG data URI.

        * WebCore.xcodeproj/project.pbxproj:
        * svg/graphics/SVGImageChromeClient.h: Removed.
        * svg/graphics/SVGImageClients.h: Added.
        Add a new class SVGImageChromeClient which overrides the function dataProtocolLoader().
        Rename the header file SVGImageChromeClient.h to be SVGImageClients.h since it now 
        includes the classes SVGImageChromeClient and SVGFrameLoaderClient.

2015-02-04  Timothy Horton  <timothy_horton@apple.com>

        Fix a misplaced include in CaptionUserPreferencesMediaAF
        https://bugs.webkit.org/show_bug.cgi?id=141239

        Reviewed by Jer Noble.

        * page/CaptionUserPreferencesMediaAF.cpp:
        CoreText is a system header, and there's already a good spot for it!

2015-02-04  Jer Noble  <jer.noble@apple.com>

        [WebAudio] AudioBufferSourceNodes should accurately play backwards if given a negative playbackRate.
        https://bugs.webkit.org/show_bug.cgi?id=140955

        Reviewed by Eric Carlson.

        Tests: webaudio/audiobuffersource-negative-playbackrate-interpolated.html
               webaudio/audiobuffersource-negative-playbackrate.html

        Add support for playing an AudioBufferSourceNode at a negative playbackRate. Change the meaning of
        start() to set the initial playback position at the end of the play range if the rate of playback
        is negtive.

        * Modules/webaudio/AudioBufferSourceNode.cpp:
        (WebCore::AudioBufferSourceNode::AudioBufferSourceNode): Allow the playbackRate AudioParam to range from [-32, 32].
        (WebCore::AudioBufferSourceNode::renderFromBuffer): Change variable names from "start" and "end" to "min" and "max"
            for clarity. Add a non-interpolated and interpolated render step for negative playback.
        (WebCore::AudioBufferSourceNode::start): Drive-by fix: default value of grainDuration is not 0.02.
        (WebCore::AudioBufferSourceNode::startPlaying): Start playing at the end of the buffer for negative playback.
        (WebCore::AudioBufferSourceNode::totalPitchRate): Allow the pitch to be negative.

2015-02-04  Eric Carlson  <eric.carlson@apple.com>

        video.attribute should not return true just because of fullscreen
        https://bugs.webkit.org/show_bug.cgi?id=141219

        Reviewed by Dean Jackson.

        No new tests, updated media/video-fullscreeen-only-controls.html

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.shouldHaveControls):
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.isFullScreen):

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::controls): Don't consider fullscreen status.
        (WebCore::HTMLMediaElement::configureMediaControls): Create controls if a video element
            isn't allowed to play inline, or if it is in fullscreen.

2015-02-04  Mark Lam  <mark.lam@apple.com>

        Remove concept of makeUsableFromMultipleThreads().
        <https://webkit.org/b/141221>

        Reviewed by Mark Hahnenberg.

        No new tests.

        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::commonVM):

2015-02-04  Simon Fraser  <simon.fraser@apple.com>

        [iOS WK2] Assert in ScrollingTreeOverflowScrollingNodeIOS::updateAfterChildren() on tab switching
        https://bugs.webkit.org/show_bug.cgi?id=141223
        rdar://problem/18458993

        Reviewed by Tim Horton.
        
        It's possible to submit a RemoteLayerTree transaction that contains data
        about a created layer, but doesn't have any properties for that layer. This
        happens when the newly created layer isn't reached during the traversal that
        gathers layer properties (i.e. it's not rooted). However, whether we create
        a scrolling layer or not requires having properties; they are missing, so we
        create a normal layer, but then the scrolling tree commit asserts that we
        should have a scrolling layer.
        
        Fix by making scrolling layers have a corresponding layer type, which is
        stored in layer creation properties. This required exposing layer types
        up through GraphicsLayer, but that allows for some nice cleanup:
        
        1. No need to have the hokey shouldUseTiledBacking() GraphicsLayerClient hack
           for creating the page tiled layer.
        2. The notion of "custom behaviors" can be removed from GraphicsLayer entirely.

        Not testable because it requires tab switching.

        * WebCore.exp.in:
        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::GraphicsLayer):
        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::initialize):
        (WebCore::GraphicsLayer::setCustomBehavior): Deleted.
        (WebCore::GraphicsLayer::customBehavior): Deleted.
        * platform/graphics/GraphicsLayerClient.h:
        (WebCore::GraphicsLayerClient::shouldUseTiledBacking): Deleted.
        * platform/graphics/GraphicsLayerFactory.h:
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayer::create):
        (WebCore::GraphicsLayerCA::GraphicsLayerCA):
        (WebCore::GraphicsLayerCA::initialize):
        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
        (WebCore::GraphicsLayerCA::ensureStructuralLayer):
        (WebCore::GraphicsLayerCA::swapFromOrToTiledLayer):
        (WebCore::GraphicsLayerCA::updateCustomBehavior): Deleted.
        (WebCore::GraphicsLayerCA::setCustomBehavior): Deleted.
        * platform/graphics/ca/GraphicsLayerCA.h:
        (WebCore::GraphicsLayerCA::moveAnimations):
        (WebCore::GraphicsLayerCA::copyAnimations):
        * platform/graphics/ca/PlatformCALayer.h:
        * platform/graphics/ca/mac/PlatformCALayerMac.h:
        * platform/graphics/ca/mac/PlatformCALayerMac.mm:
        (PlatformCALayerMac::PlatformCALayerMac):
        (PlatformCALayerMac::commonInit):
        (PlatformCALayerMac::updateCustomBehavior): Deleted.
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::createGraphicsLayer):
        (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer):
        (WebCore::RenderLayerBacking::updateScrollingLayers):
        (WebCore::RenderLayerBacking::shouldUseTiledBacking): Deleted.
        * rendering/RenderLayerBacking.h:

2015-02-04  Dean Jackson  <dino@apple.com>

        [Media] Fullscreen button should always come last in inline controls (141245)
        https://bugs.webkit.org/show_bug.cgi?id=141245
        <rdar://problem/19714622>

        Reviewed by Eric Carlson.

        Make sure the optimizedFullscreen button is inserted before the
        normal fullscreen button.

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.configureInlineControls):

2015-02-04  Dean Jackson  <dino@apple.com>

        REGRESSION: AirPlay button not visible but present in inline toolbar
        https://bugs.webkit.org/show_bug.cgi?id=141244
        <rdar://problem/19328322>

        Reviewed by Eric Carlson.

        Replace the use of mask-image with a background-image (which matches
        what the other buttons are doing).

        * Modules/mediacontrols/mediaControlsiOS.css:
        (::-webkit-media-controls):
        (video::-webkit-media-controls-wireless-playback-picker-button):
        (audio::-webkit-media-controls-wireless-playback-picker-button):
        (video::-webkit-media-controls-wireless-playback-picker-button.active):
        (audio::-webkit-media-controls-wireless-playback-picker-button.active):

2015-02-04  Chris Dumez  <cdumez@apple.com>

        Add removeFirst(value) / removeAll(value) methods to WTF::Vector
        https://bugs.webkit.org/show_bug.cgi?id=141192

        Reviewed by Benjamin Poulain.

        Use new Vector::removeFirst(value) / removeAll(value) API to simplify the
        code a bit.

        * css/StyleSheetContents.cpp:
        (WebCore::StyleSheetContents::unregisterClient):
        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::removeFormElement):
        (WebCore::HTMLFormElement::removeImgElement):
        (WebCore::removeFromVector): Deleted.
        * page/Chrome.cpp:
        (WebCore::Chrome::unregisterPopupOpeningObserver):
        * page/PageOverlayController.cpp:
        (WebCore::PageOverlayController::uninstallPageOverlay):
        * page/SecurityPolicy.cpp:
        (WebCore::SecurityPolicy::removeOriginAccessWhitelistEntry):
        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::removeFromParent):
        * platform/graphics/texmap/TextureMapperAnimation.cpp:
        (WebCore::TextureMapperAnimations::remove):
        * rendering/RenderSearchField.cpp:
        (WebCore::RenderSearchField::addSearchResult):
        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::removeCaption):
        * rendering/svg/RenderSVGText.cpp:
        (WebCore::RenderSVGText::subtreeChildWillBeRemoved):
        * svg/SVGDocumentExtensions.cpp:
        (WebCore::SVGDocumentExtensions::removeAllElementReferencesForTarget):
        * svg/animation/SMILTimeContainer.cpp:
        (WebCore::SMILTimeContainer::unschedule):

2015-02-03  Maciej Stachowiak  <mjs@apple.com>

        Crash when printing snapshotted plugins
        https://bugs.webkit.org/show_bug.cgi?id=141212

        Reviewed by Simon Fraser.

        Test: plugins/snapshotting/print-snapshotted-plugin.html

        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::childShouldCreateRenderer): New
        method. If the current renderer is a snapshotted plugin, only
        allow children to create renderers if they are part of the
        snapshot shadow dom. Otherwise RenderEmbeddedObject invariants
        will be violated. This DOM class can have many other renderers, but they
        can just follow their own rules.
        (WebCore::HTMLPlugInImageElement::partOfSnapshotOverlay): Make this
        const-correct, and don't create UA shadow DOM as a side effect if it doesn't
        already exist.
        * html/HTMLPlugInImageElement.h:

2015-02-03  Chris Dumez  <cdumez@apple.com>

        Regression(r179584): Assertion hit in toResourceLoadPriority() on Yosemite
        https://bugs.webkit.org/show_bug.cgi?id=141230

        Reviewed by Alexey Proskuryakov.

        Handle -1 priority value again in toResourceLoadPriority() as it seems to
        be returned by CFNetwork on some configurations.

        No new tests, already covered by existing tests.

        * platform/network/cf/ResourceRequestCFNet.h:
        (WebCore::toResourceLoadPriority):

2015-02-03  Chris Dumez  <cdumez@apple.com>

        Drop ResourceLoadPriorityUnresolved resource load priority and use Optional<> instead
        https://bugs.webkit.org/show_bug.cgi?id=141186

        Reviewed by Antti Koivisto.

        Drop ResourceLoadPriorityUnresolved resource load priority value and use
        Optional<ResourceLoadPriority> when needed instead. If the Optional
        doesn't have a value, then it means it is unresolved. Having
        ResourceLoadPriorityUnresolved in ResourceLoadPriority was confusing
        because this value is only valid in CachedResourceRequest, it is not
        a valid value in CachedResource or in ResourceRequest. After this
        refactoring, it now becomes more obvious.

2015-02-03  Chris Dumez  <cdumez@apple.com>

        REGRESSION(176609): Very high memory usage in Canvas/reuse.html performance test
        https://bugs.webkit.org/show_bug.cgi?id=139812

        Reviewed by Geoffrey Garen.

        Update DOMTimerFireState.elementsChangedOutsideViewport to keep only
        weak pointers to the Elements, instead of ref'ing them, so as to not
        extend their life unnecessarily (by preventing garbage-collection).
        The same approach was already adopted in r176496 for
        DOMTimer.m_elementsCausingThrottling to address the same issue.

        No new tests, already covered by Canvas/reuse.html performance test.

        * page/DOMTimer.cpp:
        (WebCore::DOMTimerFireState::setScriptMadeNonUserObservableChangesToElement):
        (WebCore::DOMTimerFireState::elementsChangedOutsideViewport):

2015-02-03  Jer Noble  <jer.noble@apple.com>

        [MSE] Setting timestampOffset does not change the timestamps in the actual sample, leading to visual and audible errors.
        https://bugs.webkit.org/show_bug.cgi?id=140929

        Reviewed by Alexey Proskuryakov.

        Fixes http/tests/media/media-source/mediasource-config-change-mp4-v-framerate.html.

        Only apply the timestamp offset to the actual sample after step 1.6, where we may loop back to
        the top, to avoid double-offsetting the same sample.

        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):

2015-02-03  Jeremy Jones  <jeremyj@apple.com>

        Restore interface before exiting optimized fullscreen mode.
        https://bugs.webkit.org/show_bug.cgi?id=141167

        Reviewed by Simon Fraser.

        This change allows the user interface to be restored before exiting optimized fullscreen mode.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.h: Add declaration.
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: 
        (-[WebAVPlayerController playerViewController:restoreUserInterfaceForOptimizedFullscreenStopWithCompletionHandler:]): Added.
        (WebVideoFullscreenInterfaceAVKit::fullscreenMayReturnToInline): Added.
        * platform/spi/ios/AVKitSPI.h: Add new SPI.

2015-02-03  Jeremy Jones  <jeremyj@apple.com>

        Prevent flicker when exiting fullscreen by synchronizing transactions.
        https://bugs.webkit.org/show_bug.cgi?id=140897

        Reviewed by Tim Horton.

        Synchronize across CAContexts when moving the video layer between layer hierarchies.
        Normally transactions involving multiple CAContexts are not synchronized.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setVideoFullscreenLayer):
        * platform/spi/cocoa/QuartzCoreSPI.h: add additional CAContext SPI declarations.

2015-02-03  Ryosuke Niwa  <rniwa@webkit.org>

        Smart quoting could move the caret backwards in some configurations
        https://bugs.webkit.org/show_bug.cgi?id=141203
        <rdar://problem/17452543>

        Reviewed by Enrica Casucci.

        The bug was caused by markAndReplaceFor not running the code to preserve the selection after
        text replacement only when smart quote is enabled. Furthermore, when smart link was disabled,
        we never applied smart quote due to the following condition at line 2502:

        if (!(shouldPerformReplacement || shouldCheckForCorrection || shouldMarkLink) || !doReplacement)
            continue;

        This condition prevented the code to apply smart quote from running when both continuous
        spellchecking, smart link, and text replacement are disabled.

        Fixed the bug by treating smart quotes and smart dashes like any other text replacement and set
        shouldPerformReplacement to true whenever either one of those text checking options are present.

        Smart link didn't have this issue due to the explicit check for shouldMarkLink.

        Smart dashes didn't suffer this problem either because dashes replacement happens only once
        the caret has moved past the dashes but his patch makes go through the same code path to preserve
        the selection as well for consistency.

        Test: editing/inserting/smart-quote-with-all-configurations.html

        * editing/Editor.cpp:
        (WebCore::Editor::markAndReplaceFor):

2015-02-02  Enrica Casucci  <enrica@apple.com>

        Additional emoji support.
        https://bugs.webkit.org/show_bug.cgi?id=141047
        rdar://problem/19045135

        Reviewed by Darin Adler.

        Adds support for emoji modifiers and group emoji.

        Test: editing/deleting/delete-emoji.html

        * platform/graphics/FontCascade.cpp:
        (WebCore::FontCascade::characterRangeCodePath):
        * platform/text/TextBreakIterator.cpp:
        (WebCore::cursorMovementIterator):
        * rendering/RenderText.cpp:
        (WebCore::isEmojiGroupCandidate):
        (WebCore::isEmojiModifier):
        (WebCore::RenderText::previousOffsetForBackwardDeletion):

2015-02-03  Jer Noble  <jer.noble@apple.com>

        Passing invalid values to OfflineAudioContext's constructor should not crash.
        https://bugs.webkit.org/show_bug.cgi?id=141197

        Reviewed by Darin Adler.

        Test: webaudio/offlineaudiocontext-constructor.html

        Throw a SYNTAX_ERR exception if passed in a zero for channelCount or numberOfSamples. This avoids
        a crash where OfflineAudioDestinationNode is passed a null renderTarget.

        * Modules/webaudio/OfflineAudioContext.cpp:
        (WebCore::OfflineAudioContext::create):

2015-02-03  Jer Noble  <jer.noble@apple.com>

        [MSE] Setting timestampOffset does not change the timestamps in the actual sample, leading to visual and audible errors.
        https://bugs.webkit.org/show_bug.cgi?id=140929

        Reviewed by Darin Adler.

        Test: media/media-source/media-source-timeoffset.html

        Changing timestampOffset will correctly offset the presentation and decode times within SourceBuffer and
        will correctly modify things like buffered ranges. But those changes need to be reflected in the underlying
        MediaSample for decoders to decode and display the samples at the correct times.

        Add a method to MediaSample which allows the caller to offset timestamps of the underlying PlatformMediaSample.

        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample): Call offsetTimestampsBy() on the sample.
        * platform/MediaSample.h:
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::MediaSampleAVFObjC::offsetTimestampsBy): Create a new sample with the same underlying data
            but with a new timing info array, each timing info offset by the requested amount.
        * platform/mock/mediasource/MockBox.h:
        (WebCore::MockBox::offsetTimestampsBy): Offset m_presentationTimestamp and m_decodeTimestamp;
        * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
        (WebCore::MockMediaSample::offsetTimestampsBy): Pass to MockBox.

2015-02-03  Jer Noble  <jer.noble@apple.com>

        [Mac][EME] Crash in CDMSessionMediaSourceAVFObjC::layerDidReceiveError() - NSError not KVO compliant for key NSUnderlyingError.
        https://bugs.webkit.org/show_bug.cgi?id=140529

        Reviewed by Darin Adler.

        The underlying error should be fetched from the userInfo dictionary, not the error itself.

        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
        (WebCore::systemCodeForError):

2015-02-03  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r179548.
        https://bugs.webkit.org/show_bug.cgi?id=141201

        Hits debug assertions in 50+ SVG tests (Requested by brrian on
        #webkit).

        Reverted changeset:

        "Move InstanceInvalidationGuard/UpdateBlocker to SVGElement
        from SVGElementInstance"
        https://bugs.webkit.org/show_bug.cgi?id=141148
        http://trac.webkit.org/changeset/179548

2015-02-03  Jer Noble  <jer.noble@apple.com>

        [Mac] HLS audio is not correctly selected according to system language
        https://bugs.webkit.org/show_bug.cgi?id=140398
        rdar://problem/19218487

        Reviewed by Darin Adler.

        Test: http/tests/media/hls/hls-audio-tracks-locale-selection.html

        When AVMediaSelectionOptions come and go and no explicit track selection choice has
        been made, automatically pick the most appropriate track according to the user's
        current preferred locale settings.

        * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.h:
        * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.mm:
        (WebCore::MediaSelectionGroupAVFObjC::MediaSelectionGroupAVFObjC): Set m_shouldSelectOptionAutomatically
            to true by default.
        (WebCore::MediaSelectionGroupAVFObjC::updateOptions): If m_shouldSelectOptionAutomatically is set
            pick the most appropriate media selection option.
        (WebCore::MediaSelectionGroupAVFObjC::setSelectedOption): Set m_shouldSelectOptionAutomatically to false.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerItem): Remove these automatic selection
            requests as they are ineffective when -appliesMediaSelectionCriteriaAutomatically is NO.

2015-02-03  Darin Adler  <darin@apple.com>

        Move InstanceInvalidationGuard/UpdateBlocker to SVGElement from SVGElementInstance
        https://bugs.webkit.org/show_bug.cgi?id=141148

        Reviewed by Brent Fulgham.

        Inspired by this change Rob Buis made in Blink:

            http://src.chromium.org/viewvc/blink?view=revision&revision=173343

        I actually wrote the whole thing and then discovered we did it almost identically.

        * svg/SVGAnimatedTypeAnimator.cpp:
        (WebCore::SVGElementAnimatedPropertyList::setInstanceUpdatesBlocked): Added this
        helper function to get around a circular header dependency.
        * svg/SVGAnimatedTypeAnimator.h:
        (WebCore::SVGAnimatedTypeAnimator::executeAction): Use setInstanceUpdatesBlocked.

        * svg/SVGElement.cpp:
        (WebCore::SVGElement::removedFrom): Use invalidateInstances.
        (WebCore::SVGElement::finishParsingChildren): Ditto.
        (WebCore::SVGElement::svgAttributeChanged): Ditto.
        (WebCore::SVGElement::childrenChanged): Ditto.
        (WebCore::SVGElement::setInstanceUpdatesBlocked): Added an assertion that will
        catch anyone who nests InstanceUpdateBlocker by accident.
        (WebCore::SVGElement::invalidateInstances): Moved this here from
        SVGElementInstance::invalidateAllInstancesOfElement. I had already modified this
        so it had nothing to do with SVGElementInstance, so it was a simple matter of
        converting this into a member function. Added a FIXME about the mysterious
        updateStyleIfNeeded that makes multiple tests fail if it's removed.

        * svg/SVGElement.h: Added public InstanceUpdateBlocker class, protected
        InstanceInvalidationGuard class, and private invalidateInstances function.
        Unlike the ones in SVGElementInstance these use references so they are then
        not copyable without using the WTF_MAKE_NONCOPYABLE macro.

        * svg/SVGElementInstance.cpp:
        (WebCore::SVGElementInstance::invalidateAllInstancesOfElement): Deleted.
        (WebCore::SVGElementInstance::InstanceUpdateBlocker::InstanceUpdateBlocker): Deleted.
        (WebCore::SVGElementInstance::InstanceUpdateBlocker::~InstanceUpdateBlocker): Deleted.
        * svg/SVGElementInstance.h: Removed InvalidationGuard, InstanceUpdateBlocker, and
        invalidateAllInstancesOfElement. Didn't do any further cleanup since we soon will
        delete this entire file.

        * svg/SVGAElement.cpp:
        (WebCore::SVGAElement::svgAttributeChanged): Updated to use new name and reference
        instead of pointer.
        * svg/SVGAnimateElementBase.cpp:
        (WebCore::applyCSSPropertyToTargetAndInstances): Ditto.
        (WebCore::removeCSSPropertyFromTargetAndInstances): Ditto.
        (WebCore::notifyTargetAndInstancesAboutAnimValChange): Ditto.
        * svg/SVGAnimatedPath.cpp:
        (WebCore::SVGAnimatedPathAnimator::startAnimValAnimation): Ditto.
        * svg/SVGCircleElement.cpp:
        (WebCore::SVGCircleElement::svgAttributeChanged): Ditto.
        * svg/SVGClipPathElement.cpp:
        (WebCore::SVGClipPathElement::svgAttributeChanged): Ditto.
        * svg/SVGComponentTransferFunctionElement.cpp:
        (WebCore::SVGComponentTransferFunctionElement::svgAttributeChanged): Ditto.
        * svg/SVGCursorElement.cpp:
        (WebCore::SVGCursorElement::svgAttributeChanged): Ditto.
        * svg/SVGEllipseElement.cpp:
        (WebCore::SVGEllipseElement::svgAttributeChanged): Ditto.
        * svg/SVGFEBlendElement.cpp:
        (WebCore::SVGFEBlendElement::svgAttributeChanged): Ditto.
        * svg/SVGFEColorMatrixElement.cpp:
        (WebCore::SVGFEColorMatrixElement::svgAttributeChanged): Ditto.
        * svg/SVGFECompositeElement.cpp:
        (WebCore::SVGFECompositeElement::svgAttributeChanged): Ditto.
        * svg/SVGFEConvolveMatrixElement.cpp:
        (WebCore::SVGFEConvolveMatrixElement::svgAttributeChanged): Ditto.
        * svg/SVGFEDiffuseLightingElement.cpp:
        (WebCore::SVGFEDiffuseLightingElement::svgAttributeChanged): Ditto.
        * svg/SVGFEDisplacementMapElement.cpp:
        (WebCore::SVGFEDisplacementMapElement::svgAttributeChanged): Ditto.
        * svg/SVGFEDropShadowElement.cpp:
        (WebCore::SVGFEDropShadowElement::svgAttributeChanged): Ditto.
        * svg/SVGFEGaussianBlurElement.cpp:
        (WebCore::SVGFEGaussianBlurElement::svgAttributeChanged): Ditto.
        * svg/SVGFEImageElement.cpp:
        (WebCore::SVGFEImageElement::svgAttributeChanged): Ditto.
        * svg/SVGFELightElement.cpp:
        (WebCore::SVGFELightElement::svgAttributeChanged): Ditto.
        * svg/SVGFEMergeNodeElement.cpp:
        (WebCore::SVGFEMergeNodeElement::svgAttributeChanged): Ditto.
        * svg/SVGFEMorphologyElement.cpp:
        (WebCore::SVGFEMorphologyElement::svgAttributeChanged): Ditto.
        * svg/SVGFEOffsetElement.cpp:
        (WebCore::SVGFEOffsetElement::svgAttributeChanged): Ditto.
        * svg/SVGFESpecularLightingElement.cpp:
        (WebCore::SVGFESpecularLightingElement::svgAttributeChanged): Ditto.
        * svg/SVGFETileElement.cpp:
        (WebCore::SVGFETileElement::svgAttributeChanged): Ditto.
        * svg/SVGFETurbulenceElement.cpp:
        (WebCore::SVGFETurbulenceElement::svgAttributeChanged): Ditto.
        * svg/SVGFilterElement.cpp:
        (WebCore::SVGFilterElement::svgAttributeChanged): Ditto.
        * svg/SVGFilterPrimitiveStandardAttributes.cpp:
        (WebCore::SVGFilterPrimitiveStandardAttributes::svgAttributeChanged): Ditto.
        * svg/SVGForeignObjectElement.cpp:
        (WebCore::SVGForeignObjectElement::svgAttributeChanged): Ditto.
        * svg/SVGGElement.cpp:
        (WebCore::SVGGElement::svgAttributeChanged): Ditto.
        * svg/SVGGradientElement.cpp:
        (WebCore::SVGGradientElement::svgAttributeChanged): Ditto.
        * svg/SVGGraphicsElement.cpp:
        (WebCore::SVGGraphicsElement::svgAttributeChanged): Ditto.
        * svg/SVGImageElement.cpp:
        (WebCore::SVGImageElement::svgAttributeChanged): Ditto.
        * svg/SVGLineElement.cpp:
        (WebCore::SVGLineElement::svgAttributeChanged): Ditto.
        * svg/SVGLinearGradientElement.cpp:
        (WebCore::SVGLinearGradientElement::svgAttributeChanged): Ditto.
        * svg/SVGMPathElement.cpp:
        (WebCore::SVGMPathElement::svgAttributeChanged): Ditto.
        * svg/SVGMarkerElement.cpp:
        (WebCore::SVGMarkerElement::svgAttributeChanged): Ditto.
        * svg/SVGMaskElement.cpp:
        (WebCore::SVGMaskElement::svgAttributeChanged): Ditto.
        * svg/SVGPathElement.cpp:
        (WebCore::SVGPathElement::svgAttributeChanged): Ditto.
        * svg/SVGPatternElement.cpp:
        (WebCore::SVGPatternElement::svgAttributeChanged): Ditto.
        * svg/SVGPolyElement.cpp:
        (WebCore::SVGPolyElement::svgAttributeChanged): Ditto.
        * svg/SVGRadialGradientElement.cpp:
        (WebCore::SVGRadialGradientElement::svgAttributeChanged): Ditto.
        * svg/SVGRectElement.cpp:
        (WebCore::SVGRectElement::svgAttributeChanged): Ditto.
        * svg/SVGSVGElement.cpp:
        (WebCore::SVGSVGElement::svgAttributeChanged): Ditto.
        * svg/SVGScriptElement.cpp:
        (WebCore::SVGScriptElement::svgAttributeChanged): Ditto.
        * svg/SVGStopElement.cpp:
        (WebCore::SVGStopElement::svgAttributeChanged): Ditto.
        * svg/SVGSymbolElement.cpp:
        (WebCore::SVGSymbolElement::svgAttributeChanged): Ditto.
        * svg/SVGTRefElement.cpp:
        (WebCore::SVGTRefElement::svgAttributeChanged): Ditto.
        * svg/SVGTextContentElement.cpp:
        (WebCore::SVGTextContentElement::svgAttributeChanged): Ditto.
        * svg/SVGTextPathElement.cpp:
        (WebCore::SVGTextPathElement::svgAttributeChanged): Ditto.
        * svg/SVGTextPositioningElement.cpp:
        (WebCore::SVGTextPositioningElement::svgAttributeChanged): Ditto.
        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::svgAttributeChanged): Ditto.
        * svg/animation/SVGSMILElement.cpp:
        (WebCore::SVGSMILElement::svgAttributeChanged): Ditto.

2015-02-02  Darin Adler  <darin@apple.com>

        REGRESSION (r170576): Storage leaks in parsing of CSS image sizes
        https://bugs.webkit.org/show_bug.cgi?id=141026

        Reviewed by Brent Fulgham.

        Forgot to actually fix the leak in the successful parse case!

        * css/CSSParser.cpp:
        (WebCore::CSSParser::sourceSize): Added a call to destroy.

2015-02-02  Benjamin Poulain  <benjamin@webkit.org>

        JIT Compile simple cases of :nth-last-child()
        https://bugs.webkit.org/show_bug.cgi?id=141053

        Reviewed by Andreas Kling.

        This patch adds the code generator for :nth-last-child(), skipping
        any :nth-last-child(An+B of selector list).

        The code generator is boring here, nothing fancy.
        There is no optimization opportunity here so it is basically the same
        speed as the code generated by Clang when the simple selector is alone.

        The only reason to JIT compile this is to avoid going to slow-path
        for every selector that contain :nth-last-child().

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addNthChildType):
        The code creating the intermediate representation of :nth-child() is exactly
        the same as what we need for :nth-last-child(). I extracted the code from addPseudoClassType()
        and share it for both simple selectors.

        (WebCore::SelectorCompiler::addPseudoClassType):
        I fail :nth-last-child(An+B of selector list). Let's add it later.

        (WebCore::SelectorCompiler::minimumRegisterRequirements):
        Oops, there was a bug with nthChildOfFilters.

        (WebCore::SelectorCompiler::hasAnyCombinators):
        (WebCore::SelectorCompiler::computeBacktrackingMemoryRequirements):
        (WebCore::SelectorCompiler::computeBacktrackingInformation):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatching):
        (WebCore::SelectorCompiler::setChildrenAffectedByBackwardPositionalRules):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthLastChild):

2015-02-02  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Rename FlowContentsIterator to TextFragmentIterator.
        https://bugs.webkit.org/show_bug.cgi?id=141177

        Rubber-stamped by Antti Koivisto

        FlowContentsIterator is easy to confuse with FlowContents::Iterator.
        TextFragmentIterator reflects the functionality better.

        No change in functionality.

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::LineState::setOverflowedFragment):
        (WebCore::SimpleLineLayout::LineState::overflowedFragment):
        (WebCore::SimpleLineLayout::LineState::appendFragment):
        (WebCore::SimpleLineLayout::begin):
        (WebCore::SimpleLineLayout::end):
        (WebCore::SimpleLineLayout::preWrap):
        (WebCore::SimpleLineLayout::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::splitFragmentToFitLine):
        (WebCore::SimpleLineLayout::firstFragment):
        (WebCore::SimpleLineLayout::createLineRuns):
        (WebCore::SimpleLineLayout::closeLineEndingAndAdjustRuns):
        (WebCore::SimpleLineLayout::splitRunsAtRendererBoundary):
        (WebCore::SimpleLineLayout::createTextRuns):
        * rendering/SimpleLineLayoutTextFragmentIterator.cpp: Renamed from Source/WebCore/rendering/SimpleLineLayoutFlowContentsIterator.cpp.
        (WebCore::SimpleLineLayout::TextFragmentIterator::Style::Style):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragmentIterator):
        (WebCore::SimpleLineLayout::TextFragmentIterator::nextTextFragment):
        (WebCore::SimpleLineLayout::TextFragmentIterator::textWidth):
        (WebCore::SimpleLineLayout::nextBreakablePosition):
        (WebCore::SimpleLineLayout::TextFragmentIterator::findNextBreakablePosition):
        (WebCore::SimpleLineLayout::findNextNonWhitespace):
        (WebCore::SimpleLineLayout::TextFragmentIterator::findNextNonWhitespacePosition):
        (WebCore::SimpleLineLayout::TextFragmentIterator::runWidth):
        * rendering/SimpleLineLayoutTextFragmentIterator.h: Renamed from Source/WebCore/rendering/SimpleLineLayoutFlowContentsIterator.h.
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::TextFragment):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::start):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::end):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::width):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::type):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::isCollapsed):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::isBreakable):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::isEmpty):
        (WebCore::SimpleLineLayout::TextFragmentIterator::style):
        (WebCore::SimpleLineLayout::TextFragmentIterator::segmentForPosition):
        (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::split):
        (WebCore::SimpleLineLayout::TextFragmentIterator::characterAt):
        (WebCore::SimpleLineLayout::TextFragmentIterator::isLineBreak):
        (WebCore::SimpleLineLayout::TextFragmentIterator::isEnd):

2015-02-02  Chris Dumez  <cdumez@apple.com>

        Add diagnostic logging for ResourceResponse's source
        https://bugs.webkit.org/show_bug.cgi?id=141170
        <rdar://problem/19632080>

        Reviewed by Antti Koivisto.

        Add diagnostic logging for ResourceResponse's source (network, disk
        cache, disk cache after validation) to give us an idea of our network
        cache efficacy.

        * loader/ResourceLoader.cpp:
        (WebCore::logResourceResponseSource):
        (WebCore::ResourceLoader::didReceiveResponse):
        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::networkKey):
        (WebCore::DiagnosticLoggingKeys::diskCacheKey):
        (WebCore::DiagnosticLoggingKeys::diskCacheAfterValidationKey):
        (WebCore::DiagnosticLoggingKeys::resourceResponseKey):
        (WebCore::DiagnosticLoggingKeys::scriptKey):
        (WebCore::DiagnosticLoggingKeys::sourceKey):
        * page/DiagnosticLoggingKeys.h:

2015-02-02  Dhi Aurrahman  <diorahman@rockybars.com>

        Optimize matchesLangPseudoClass() of :lang()
        https://bugs.webkit.org/show_bug.cgi?id=140873

        Reviewed by Darin Adler.

        Avoid unnecessary memory allocation.

        No new tests, no behavior changed.

        * css/SelectorCheckerTestFunctions.h:
        (WebCore::equalIgnoringASCIICase):
        (WebCore::containslanguageSubtagMatchingRange):
        (WebCore::matchesLangPseudoClass):

2015-02-02  Roger Fong  <roger_fong@apple.com>

        WebGL2: Implement spec section 3.7.1 Setting and getting state (Part 2).
        https://bugs.webkit.org/show_bug.cgi?id=141096
        <rdar://problem/15002469>

        Reviewed by Brent Fulgham.

        This patch handles some of the valid arguments that could be passed into getParameter.
        The unhandled cases will be implemented as the associated WebGL2 features are implemented.
        In addition, getParameter queries that return 64 bit integer currently just return 0 as 
        we need to use ::glGetInteger64v which is only available in GLES 3.0 headers.
        I will be adding these headers in a future patch.

        * bindings/js/JSWebGL2RenderingContextCustom.cpp:
        (WebCore::toJS): Accept a 64 bit integer type.
        * html/canvas/WebGL2RenderingContext.cpp: Handle various parameter inputs.
        (WebCore::WebGL2RenderingContext::getParameter):
        * html/canvas/WebGLGetInfo.cpp: Add a 64 bit integer type.
        (WebCore::WebGLGetInfo::WebGLGetInfo):
        (WebCore::WebGLGetInfo::getInt64):
        * html/canvas/WebGLGetInfo.h:
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::getInt64Parameter):
        * html/canvas/WebGLRenderingContextBase.h:
        * platform/graphics/GraphicsContext3D.h:
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::getInteger64v):

2015-02-02  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: use std::upper_bound in splitFragmentToFitLine()
        https://bugs.webkit.org/show_bug.cgi?id=141146

        Reviewed by Antti Koivisto.

        Replace the custom binary search implementation with std::upper_bound and
        move splitting functionality to TextFragment.

        No change in functionality.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::FragmentForwardIterator::FragmentForwardIterator):
        (WebCore::SimpleLineLayout::FragmentForwardIterator::operator++):
        (WebCore::SimpleLineLayout::FragmentForwardIterator::operator!=):
        (WebCore::SimpleLineLayout::FragmentForwardIterator::operator*):
        (WebCore::SimpleLineLayout::begin):
        (WebCore::SimpleLineLayout::end):
        (WebCore::SimpleLineLayout::splitFragmentToFitLine):
        * rendering/SimpleLineLayoutFlowContentsIterator.cpp:
        (WebCore::SimpleLineLayout::FlowContentsIterator::runWidth):
        * rendering/SimpleLineLayoutFlowContentsIterator.h:
        (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::split):

2015-02-02  Geoffrey Garen  <ggaren@apple.com>

        Use FastMalloc (bmalloc) instead of BlockAllocator for GC pages
        https://bugs.webkit.org/show_bug.cgi?id=140900

        Reviewed by Mark Hahnenberg.

        Re-landing just the HandleBlock piece of this patch.

        * platform/cocoa/MemoryPressureHandlerCocoa.mm:
        (WebCore::MemoryPressureHandler::install):

2015-02-02  Brent Fulgham  <bfulgham@apple.com>

        [Win] 64-bit build fix after r179492.

        * WebCore.vcxproj/WebCore.vcxproj: Forgot to build these files
        as standalone under 64-bit target.

2015-02-02  Benjamin Poulain  <bpoulain@apple.com>

        Clean up attribute handling: part 2 - attributeNode
        https://bugs.webkit.org/show_bug.cgi?id=141109

        Reviewed by Andreas Kling.

        Our implementation was covering some old legacy behaviors of Firefox,
        even copying bugs in some cases.

        The spec (https://dom.spec.whatwg.org) now defines the behavior precisely,
        let's move a bit closer to that.

        Tests: fast/dom/Element/attribute-ascii-case-insensitive-3.html
               fast/dom/Element/attribute-setAttributeNode-multiple-times.html
               fast/dom/Element/attribute-setAttributeNodeNS-multiple-times.html
               fast/dom/Element/mozilla-dom-base-tests/test_bug1075702.html
               fast/dom/Element/mozilla-dom-base-tests/test_bug339494.html
               fast/dom/Element/mozilla-dom-base-tests/test_bug364092.xhtml
               fast/dom/Element/setAttributeNode-overriding-lowercase-values.html

        * dom/Element.cpp:
        (WebCore::findAttrNodeInList):
        New getter for the name-without-namespace case.

        (WebCore::Element::setAttributeNode):
        This one is the tricky one: https://dom.spec.whatwg.org/#dom-element-setattributenode

        When setAttributeNode() is used with an AttributeNode without namespace,
        getting the old value behaves like getAttribute(), with ASCII lowercase name matching.
        When used with a namespace, getting the old value behaves like getAttributeNS().

        Setting the value is a whole different story, the name used always keeps
        the original case.

        Now that's a bit tricky for us because AttributeNodes are just legacy stuff we don't
        used internally.

        We have 4 cases to handle:
        1) The name being set is lowercase, there was no conflicting name on the element.
           That's easy, we just override any node that would exist, set the name otherwise.
        2) The name is lowercase but there was an existing attribute for it.
           -We create a new AttributeNode for the name to represent the old name.
           -We check the names are the same with attribute.name().matches(attrNode->qualifiedName())
            and override the value.
        3) The name has uppercase characters, there is no conflicting name.
           We would not find an element to remove, we just use setAttributeInternal() as usual
           to add the attribute;
        4) The name has uppercase characters, there is a lowercase conflicing name.
           This is the weird behavior: we need to nuke the old attribute, then add the new attribute
           with a different case.

           First we remove the attribute with a lowercase name with removeAttributeInternal().
           That becomes the old node.

           There might still be an element of the same name as what we are trying to add. We don't want
           to add another version of the same attribute. We need to use findAttributeIndexByName() again
           to find if there is a conflicting attribute. Then we call setAttributeInternal() which handle
           the both the cases where there was an element or not.

        (WebCore::Element::setAttributeNodeNS):
        This should work like any "NS" method.

        (WebCore::Element::removeAttributeNode):
        The method removeAttributeNode() is supposed to be exact.

        (WebCore::Element::getAttributeNode):
        (WebCore::Element::hasAttribute):
        (WebCore::Element::attrIfExists):
        * dom/Element.h:
        * dom/ElementData.cpp:
        (WebCore::ElementData::findAttributeIndexByNameSlowCase): Deleted.
        (WebCore::ElementData::findAttributeIndexByNameForAttributeNode): Deleted.
        Kill the slow case, every caller has been updated now.
        * dom/ElementData.h:
        (WebCore::ElementData::findAttributeIndexByName):
        * dom/QualifiedName.h:
        (WebCore::QualifiedName::matchesIgnoringCaseForLocalName): Deleted.

2015-02-02  peavo@outlook.com  <peavo@outlook.com>

        Memory is written to after deallocated, in GraphicsLayer::setMaskLayer.
        https://bugs.webkit.org/show_bug.cgi?id=141168

        Reviewed by Brent Fulgham.

        Visual Studio detected that a deallocated heap block had been modified in GraphicsLayer::setMaskLayer,
        when called from RenderLayerBacking::updateChildClippingStrategy.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateChildClippingStrategy):

2015-02-02  Andreas Kling  <akling@apple.com>

        [Cocoa] Make decoded image data purgeable ASAP.
        <https://webkit.org/b/140298>
        <rdar://problem/19623377>

        Reviewed by Antti Koivisto.

        Re-landing this patch since it turned out to not be the cause of
        the memory regression we saw around that revision.

        Mark decoded images as "transient" which makes CoreGraphics mark
        the backing stores as purgeable shortly after they're used.

        The decoded representation will remain in CoreGraphics's caches
        indefinitely unless the kernel gets starved and needs the pages.

        Most resources will now reach a state where the encoded data is
        mmap'ed from disk cache (once the entire resource is downloaded)
        and the decoded data is purgeable.

        This also has the side effect of making the MemoryCache more
        palatial since the decoded data cost can be deducted for images,
        allowing us to cache more resources.

        Note that the worst case for this new behavior would be something
        like hovering below 100% memory utilization and constantly having
        to drop and re-decode images. While churny, it still beats
        crashing the process, plus there's tiling to remove many of the
        reasons we'd need the decoded data.

        * platform/graphics/cg/ImageSourceCG.cpp:
        (WebCore::ImageSource::createFrameAtIndex):

2015-02-02  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Support console.table
        https://bugs.webkit.org/show_bug.cgi?id=141058

        Reviewed by Timothy Hatcher.

        * inspector/CommandLineAPIModuleSource.js:
        Include "table(foo)" as an alias of "console.table(foo)" on
        the command line.

2015-02-02  Roger Fong  <roger_fong@apple.com>

        [Win] Build fix following r179482.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * bindings/js/JSBindingsAllInOne.cpp:
        * platform/graphics/GraphicsContext3D.h:

2015-02-02  Chris Dumez  <cdumez@apple.com>

        Access MemoryCache singleton using MemoryCache::singleton()
        https://bugs.webkit.org/show_bug.cgi?id=141104

        Reviewed by Andreas Kling.

        Access MemoryCache singleton using MemoryCache::singleton() static
        member function, instead of a free function, as per the recent
        coding style discussion on WebKit-dev.

2015-02-02  Zalan Bujtas  <zalan@apple.com>

        Ambiguous naming: Do not call replacedContentRect()'s return value paint rect.
        https://bugs.webkit.org/show_bug.cgi?id=141125

        Reviewed by Simon Fraser.

        It's the content box rect with the object-fit adjustment.

        No change in functionality.

        * rendering/RenderHTMLCanvas.cpp:
        (WebCore::RenderHTMLCanvas::paintReplaced):
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::updateInnerContentRect):
        (WebCore::RenderImage::paintReplaced):
        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::replacedContentRect):
        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::splitFragmentToFitLine):

2015-02-02  Brent Fulgham  <bfulgham@apple.com>

        [Win] Build fix after r179476.
        https://bugs.webkit.org/show_bug.cgi?id=141026

        Reviewed by Anders Carlsson.

        MSVC has a compiler bug that forces us to make some explicit statements about how
        the passed pointer values are handled.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::SourceSize::SourceSize):
        (WebCore::CSSParser::sourceSize):
        * css/CSSParser.h:

2015-02-02  Benjamin Poulain  <benjamin@webkit.org>

        Get rid of invalidSelectorVector, use Bison's error recovery instead
        https://bugs.webkit.org/show_bug.cgi?id=141147

        Reviewed by Darin Adler.

        * css/CSSGrammar.y.in:
        Instead of reducing a null selector, we can use a real parsing error
        to get out of invalid selector endings.

        When that happens, Bison will pop the stack until it can reduce any
        valid error recovery rules.

        The problem is to make sure there is no floating values because
        none of the reduce block between the error and the recovery would
        be executed.

        In this case, "nth_selector_ending" is a non-recursive production of
        the NTHCHILDFUNCTIONS. In turn, NTHCHILDFUNCTIONS are productions
        of the non-recursive "pseudo". "pseudo" is only used as a trivial
        production of "specifier". "specifier" is only used by "specifier_list".

        "specifier_list" has error recovery code -> no production could have
        generated a floating values between "specifier_list" and "nth_selector_ending".

2015-01-30  Roger Fong  <roger_fong@apple.com>

        WebGL2: Implement spec section 3.7.1 Setting and getting state (Part 1).
        https://bugs.webkit.org/show_bug.cgi?id=141096
        <rdar://problem/15002469>

        Reviewed by Brent Fulgham.

        This patch implements the WebGL2 versions of getParameter, getIndexedParameter and isEnabled.
        It also removes the WebGL1 implementations from WebGLRenderingContextBase and moves it to WebGLRenderingContext.
        I’ve stubbed out most of the parameters for now, some of which will be implemented in Part 2, 
        and the rest as the our WebGL2 implementation progresses.        

        * bindings/js/JSWebGL2RenderingContextCustom.cpp:
        (WebCore::toJS):
        (WebCore::JSWebGL2RenderingContext::getIndexedParameter):
        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::getIndexedParameter):
        (WebCore::WebGL2RenderingContext::getParameter):
        (WebCore::WebGL2RenderingContext::validateCapability):
        * html/canvas/WebGL2RenderingContext.h:
        * html/canvas/WebGL2RenderingContext.idl:
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::getParameter):
        (WebCore::WebGLRenderingContext::validateCapability):
        * html/canvas/WebGLRenderingContext.h:
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::getParameter): Deleted.
        (WebCore::WebGLRenderingContextBase::validateCapability): Deleted.
        * html/canvas/WebGLRenderingContextBase.h:
        * html/canvas/WebGLRenderingContextBase.idl:
        * platform/graphics/GraphicsContext3D.h:

2015-02-02  Daniel Bates  <dabates@apple.com>

        [iOS] ASSERTION FAILED: m_scriptExecutionContext->isContextThread() in ContextDestructionObserver::observeContext
        https://bugs.webkit.org/show_bug.cgi?id=141057
        <rdar://problem/19068790>

        Reviewed by Alexey Proskuryakov.

        Fixes an issue where we would create-/delete- the RSA crypto keys and dispatch callbacks on the wrong
        thread in WebKit1 for iOS. In iOS WebKit1 we should perform such operations on thread WebThread.

        This change is covered by existing layout tests.

        * crypto/mac/CryptoKeyRSAMac.cpp:
        (WebCore::CryptoKeyRSA::generatePair):

2015-02-02  Jeremy Jones  <jeremyj@apple.com>

        Prevent crash when accessing WebAVPlayerController.delegate.
        https://bugs.webkit.org/show_bug.cgi?id=140893

        Reviewed by Darin Adler.

        This patch aims to prevent a null delegate access during invalidation by adding null checks before accessing the delegate, by making explicit the recreation of m_playerController, and by consolidating and correcting the teardown sequence.

        * WebCore.exp.in:
        * platform/ios/WebVideoFullscreenInterface.h: add resetMediaState()
        * platform/ios/WebVideoFullscreenInterfaceAVKit.h: ditto.
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebAVPlayerController playerViewController:shouldExitFullScreenWithReason:]): Check for null before accessing delegate.
        (-[WebAVPlayerController play:]): ditto.
        (-[WebAVPlayerController pause:]): ditto.
        (-[WebAVPlayerController togglePlayback:]): ditto.
        (-[WebAVPlayerController setPlaying:]): ditto.
        (-[WebAVPlayerController beginScrubbing:]): ditto.
        (-[WebAVPlayerController endScrubbing:]): ditto.
        (-[WebAVPlayerController seekToTime:]): ditto.
        (-[WebAVPlayerController beginScanningForward:]): ditto.
        (-[WebAVPlayerController endScanningForward:]): ditto.
        (-[WebAVPlayerController beginScanningBackward:]): ditto.
        (-[WebAVPlayerController endScanningBackward:]): ditto.
        (-[WebAVPlayerController seekToBeginning:]): ditto.
        (-[WebAVPlayerController seekToEnd:]): ditto.
        (-[WebAVPlayerController setCurrentAudioMediaSelectionOption:]): ditto.
        (-[WebAVPlayerController setCurrentLegibleMediaSelectionOption:]): ditto.
        (-[WebAVPlayerController layoutSublayersOfLayer:]): ditto.
        (WebVideoFullscreenInterfaceAVKit::WebVideoFullscreenInterfaceAVKit): initialize m_playerController
        (WebVideoFullscreenInterfaceAVKit::resetMediaState): Added.
        (WebVideoFullscreenInterfaceAVKit::setDuration): remove playerController()
        (WebVideoFullscreenInterfaceAVKit::setCurrentTime): ditto.
        (WebVideoFullscreenInterfaceAVKit::setRate): ditto.
        (WebVideoFullscreenInterfaceAVKit::setVideoDimensions): ditto.
        (WebVideoFullscreenInterfaceAVKit::setSeekableRanges): ditto.
        (WebVideoFullscreenInterfaceAVKit::setCanPlayFastReverse): ditto.
        (WebVideoFullscreenInterfaceAVKit::setAudioMediaSelectionOptions): ditto.
        (WebVideoFullscreenInterfaceAVKit::setLegibleMediaSelectionOptions): ditto.
        (WebVideoFullscreenInterfaceAVKit::setExternalPlayback): ditto.
        (WebVideoFullscreenInterfaceAVKit::setupFullscreenInternal): ditto.
        (WebVideoFullscreenInterfaceAVKit::enterFullscreenStandard): ditto.
        (WebVideoFullscreenInterfaceAVKit::cleanupFullscreenInternal): consolidated cleanup code from invalidate()
        (WebVideoFullscreenInterfaceAVKit::invalidate): consolidate cleanup code.
        (WebVideoFullscreenInterfaceAVKit::playerController): Deleted.
        * platform/ios/WebVideoFullscreenModelVideoElement.mm:
        (WebVideoFullscreenModelVideoElement::setVideoElement): call resetMediaState()

2015-02-02  Darin Adler  <darin@apple.com>

        REGRESSION (r170576): Storage leaks in parsing of CSS image sizes
        https://bugs.webkit.org/show_bug.cgi?id=141026

        Reviewed by Anders Carlsson.

        * css/CSSGrammar.y.in: Fixed all the shift/reduce conflicts caused
        by the ENABLE_PICTURE_SIZES code by removing all the redundant
        maybe_space which caused them. Rearranged the productions for
        ENABLE_PICTURE_SIZES to tighten up the code quite a bit. Changed
        the code to build up the source size vector as a Vector instead of
        a special class, and use the SourceSize struct from inside the
        CSSParser class.'

        * css/CSSParser.cpp:
        (WebCore::CSSParser::setupParser): Changed this to take a StringView.
        In the future we can change all the parsing functions to take StringView,
        since they don't work with the String in place.
        (WebCore::CSSParser::parseSizesAttribute): Changed to return a vector
        of SourceSize instead of a SourceSizeList. This is better because it's
        a real CSS data structure that does not contain a CSSParserValue.
        (WebCore::CSSParser::sourceSize): Added. Helper that creates a
        SourceSize, mapping parser data structures into real CSS ones.

        * css/CSSParser.h: Updated for changes above.

        * css/MediaQuery.cpp:
        (WebCore::MediaQuery::MediaQuery): Use std::make_unique and the copy
        constructor directly instead of using a MediaQuery::copy function.

        * css/MediaQueryExp.cpp: Streamlined the class a little bit.
        * css/MediaQueryExp.h: Removed unneeded includes. Moved functions out
        of the class body so the class is easier to read. Removed the unneeded
        copy function.

        * css/SourceSizeList.cpp:
        (WebCore::SourceSize::match): Changed to use WTF::move instead
        of releasing and then re-creating the unique_ptr.
        (WebCore::computeLength): Added a comment to explain this function
        is using an incorrect strategy. Also added some type checking code
        to handle cases where a null or non-primitive CSS value might be
        returned. Probably dead code, but we don't want to risk a bad cast.
        Worthe cleaning up when we fix the strategy.
        (WebCore::SourceSizeList::getEffectiveSize): Updated since the
        vector now contains actual SourceSize objects rather than pointers
        to SourceSize objects on the heap.

        * css/SourceSizeList.h: Changed the CSSParserValue argument to be
        an rvalue reference to make it clearer that we take ownership of it
        when it's moved in. Added a move constructor and a destructor. Added
        comments explaining that it's not correct design to use a
        CSSParserValue here, outside the parser. Changed SourceSizeList's
        append function to move a SourceSize in rather than a unique_ptr.
        Made getEffectiveSize private. Moved the various inline functions to
        the bottom of the file to make the class definitions easier to read.


        * css/SourceSizeList.cpp: Made almost everything about this private
        to this source file instead of public in the header.
        (WebCore::match): Made this a free function instead of a member function
        and made it take the media query expression as an argument.
        (WebCore::computeLength): Changed the argument type to CSSValue*,
        rather than using CSSParserValue here outside the parser.
        (WebCore::parseSizesAttribute): Streamlined and simplified this.
        Now that the parser builds the list in the correct order, there was
        no need to iterate backwards any more so we could use a modern for
        loop.

        * css/SourceSizeList.h: Removed almost everything in this header.

        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::parseAttribute): Call the
        parseSizesAttribute function as free function since it's no longer
        a member of a SourceSizeList class.

        * html/parser/HTMLPreloadScanner.cpp:
        (WebCore::TokenPreloadScanner::StartTagScanner::processAttributes):
        Ditto.

2015-02-02  Darin Adler  <darin@apple.com>

        Fix some leaks found by the leak bot
        https://bugs.webkit.org/show_bug.cgi?id=141149

        Reviewed by Alexey Proskuryakov.

        * bindings/js/JSSubtleCryptoCustom.cpp:
        (WebCore::importKey): Changed argument types to std::unique_ptr for better code clarity.
        (WebCore::JSSubtleCrypto::importKey): Use WTF::move instead of release.
        (WebCore::JSSubtleCrypto::wrapKey): Fixed leaks by adding missing delete calls to the
        case where we get a DOM exception.
        (WebCore::JSSubtleCrypto::unwrapKey): Ditto.

        * dom/SelectorQuery.cpp:
        (WebCore::SelectorQuery::SelectorQuery): Use WTF::move here. Not clear how this could
        have caused the storage leak, but it does seem obviously missing. The leak is pretty big,
        implying that we leak almost all CSSSelectorList objects we parse; not sure this fixes it.

        * loader/WorkerThreadableLoader.cpp:
        (WebCore::WorkerThreadableLoader::MainThreadBridge::didReceiveResponse): Added code to
        deleted the unguarded pointer if postTaskForModeToWorkerGlobalScope fails.
        (WebCore::WorkerThreadableLoader::MainThreadBridge::didReceiveData): Ditto.
        (WebCore::WorkerThreadableLoader::MainThreadBridge::didFail): Ditto.
        (WebCore::WorkerThreadableLoader::MainThreadBridge::didFailAccessControlCheck): Ditto.

        * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.mm:
        (WebCore::MediaSelectionGroupAVFObjC::updateOptions): Added missing adoptNS.

        * platform/graphics/mac/GraphicsContextMac.mm:
        (WebCore::GraphicsContext::updateDocumentMarkerResources): Added missing release.

2015-02-01  Chris Dumez  <cdumez@apple.com>

        Use more references in HistoryItem
        https://bugs.webkit.org/show_bug.cgi?id=141133

        Reviewed by Andreas Kling.

        Use more references in HistoryItem instead of pointers.

2015-02-01  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r179467 and r179470.
        https://bugs.webkit.org/show_bug.cgi?id=141144

        Broke svg/custom/use-events-crash.svg (Requested by ap on
        #webkit).

        Reverted changesets:

        "Stop dispatching events with SVGElementInstance objects as
        their targets"
        https://bugs.webkit.org/show_bug.cgi?id=141108
        http://trac.webkit.org/changeset/179467

        "REGRESSION(r179467): svg/custom/use-events-crash.svg times
        out"
        http://trac.webkit.org/changeset/179470

2015-01-31  Darin Adler  <darin@apple.com>

        Stop dispatching events to with SVGElementInstance objects as their targets
        https://bugs.webkit.org/show_bug.cgi?id=141108

        Reviewed by Anders Carlsson.

        Test: svg/custom/use-event-retargeting.html

        * dom/EventDispatcher.cpp:
        (WebCore::eventTargetRespectingTargetRules): Replaced the code that retargeted
        events at SVGElementInstance objects with code that retargets them at the use
        element instead. Also wrote the code in a simpler way.

2015-02-01  Zan Dobersek  <zdobersek@igalia.com>

        [TexMap] Optimize TextureMapperLayer::removeAllChildren()
        https://bugs.webkit.org/show_bug.cgi?id=140734

        Reviewed by Chris Dumez.

        Instead of removing the children from the Vector member one by one,
        move the Vector out and iterate through the ex-children, clearing
        out the pointer to the parent.

        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::removeAllChildren):

2015-02-01  Zan Dobersek  <zdobersek@igalia.com>

        [TexMap] Avoid unnecessary TransformationMatrix copies in GraphicsLayerTransform
        https://bugs.webkit.org/show_bug.cgi?id=140735

        Reviewed by Chris Dumez.

        * platform/graphics/GraphicsLayerTransform.cpp:
        (WebCore::GraphicsLayerTransform::combined): Return a const reference to the matrix.
        (WebCore::GraphicsLayerTransform::combinedForChildren): Ditto.
        (WebCore::GraphicsLayerTransform::combineTransforms): First copy the parent transform,
        then apply the translation and multiplication. Previously this copied the parent
        transform into a temporary object, performed the translation and multiplication, and
        copied that temporary object again when assigning to the member variable.
        (WebCore::GraphicsLayerTransform::combineTransformsForChildren): Mark const. m_childrenDirty
        and m_combinedForChildren members are marked mutable.
        * platform/graphics/GraphicsLayerTransform.h:

2015-01-31  Myles C. Maxfield  <litherum@gmail.com>

        REGRESSION (r177689): Emoji variation sequences rendered incorrectly (as characters from other non-emoji font)
        https://bugs.webkit.org/show_bug.cgi?id=141112

        Reviewed by Sam Weinig.

        Typo in r177689.

        Test: platform/mac/fast/text/combining-mark-paint.html

        * platform/graphics/mac/ComplexTextControllerCoreText.mm:
        (WebCore::ComplexTextController::collectComplexTextRunsForCharacters):

2015-01-31  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r178183.
        https://bugs.webkit.org/show_bug.cgi?id=141132

        Caused more mallocing than the volatility saved. (Requested by
        kling on #webkit).

        Reverted changeset:

        "[Cocoa] Make decoded image data purgeable ASAP."
        https://bugs.webkit.org/show_bug.cgi?id=140298
        http://trac.webkit.org/changeset/178183

2015-01-31  Chris Dumez  <cdumez@apple.com>

        Use simpler CachedResourceMap structure in MemoryCache with CACHE_PARTITIONING enabled
        https://bugs.webkit.org/show_bug.cgi?id=141110

        Reviewed by Antti Koivisto.

        Use simpler CachedResourceMap structure in MemoryCache with CACHE_PARTITIONING
        enabled. Previously, we would be using a HashMap of HashMap to store
        CachedResources. The outer HashMap would use the URL as key and the inner
        HashMap would use the partition name as key. This would make traversing the
        structure overly complicated, especially considering that the code needs to
        traverse a simple HashMap if CACHE_PARTITIONING is disabled.

        This patch updates the CachedResourceMap structure to be a simple HashMap,
        whose key is an std::pair<URL, String /* partitionName */>. Having a flat
        structure simplifies the traversal code a lot and enables more code sharing
        between CACHE_PARTITIONING and !CACHE_PARTITIONING. This shouldn't regress
        performance because we always have both a URL and a partition name when we
        need to look up a resource. We never need to retrieve all resources with
        a particular URL.

        This patch also switches to using a URL as key instead of a String as we
        always have a URL has input.

        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::add):
        (WebCore::MemoryCache::revalidationSucceeded):
        (WebCore::MemoryCache::resourceForRequestImpl):
        (WebCore::MemoryCache::removeImageFromCache):
        (WebCore::MemoryCache::remove):
        After removing the resource from the CachedResourceMap, remove the
        sessionID from m_sessionResources if the CachedResourceMap is now
        empty. Previously, no code was removing sessionIDs from
        m_sessionResources.

        (WebCore::MemoryCache::removeResourcesWithOrigin):
        (WebCore::MemoryCache::getOriginsWithCache):
        (WebCore::MemoryCache::getStatistics):
        (WebCore::MemoryCache::setDisabled):
        * loader/cache/MemoryCache.h:

2015-01-31  Sam Weinig  <sam@webkit.org>

        Merge the iOS implementations of GraphicsContext::drawText and GraphicsContext::drawBidiText with the platform independent ones
        https://bugs.webkit.org/show_bug.cgi?id=141131

        Reviewed by Antti Koivisto.

        * platform/graphics/GraphicsContext.cpp:
        (WebCore::GraphicsContext::drawText):
        The only difference between the two implementation here was the iOS one returns the length of
        the text that was drawn. As all platforms now support that, we can merge by keeping the iOS one.

        (WebCore::GraphicsContext::drawBidiText):
        This function had a few differences:
            - iOS returns the length of the text that was drawn.
                Since this is not used anywhere, I dropped this ability.
            - iOS took additional inputs of initial bidi status and run length (and returned the
              the final bidi status as an out parameter)
                Since this was also unused, I dropped it.
            - iOS used the fact that font.drawText() returns the length that was drawn, to avoid
              measuring the text twice.
                I kept this, since all platforms now support this.

        * platform/graphics/GraphicsContext.h:
        Update signatures. Remove WEBCORE_EXPORT for function that is not used outside of WebCore.

2015-01-31  Andreas Kling  <akling@apple.com>

        Shrink RenderBlock.
        <https://webkit.org/b/141129>

        Reviewed by Antti Koivisto.

        Get rid of the bitfield in RenderBlock by moving the essential bits to
        RenderElement (plenty of space in the bitfield there.)

        RenderBlock also had a cache of its line-height, but it doesn't appear
        to help any of the benchmarks that we're tracking so I'd say it's okay
        to lose this optimization.

        This knocks 8 bytes off of RenderBlock (and all of its subclasses.)

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::RenderBlock):
        (WebCore::RenderBlock::styleDidChange):
        (WebCore::RenderBlock::recomputeLogicalWidth):
        (WebCore::RenderBlock::lineHeight):
        * rendering/RenderBlock.h:
        (WebCore::RenderBlock::setHasMarginBeforeQuirk):
        (WebCore::RenderBlock::setHasMarginAfterQuirk):
        (WebCore::RenderBlock::setHasBorderOrPaddingLogicalWidthChanged):
        (WebCore::RenderBlock::hasMarginBeforeQuirk):
        (WebCore::RenderBlock::hasMarginAfterQuirk):
        (WebCore::RenderBlock::hasBorderOrPaddingLogicalWidthChanged):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::layoutInlineChildren):
        (WebCore::RenderBlockFlow::invalidateLineLayoutPath):
        (WebCore::RenderBlockFlow::deleteLineBoxesBeforeSimpleLineLayout):
        (WebCore::RenderBlockFlow::ensureLineBoxes):
        * rendering/RenderBlockFlow.h:
        (WebCore::RenderBlockFlow::lineLayoutPath):
        (WebCore::RenderBlockFlow::setLineLayoutPath):
        (WebCore::RenderBlockFlow::setHasMarkupTruncation):
        (WebCore::RenderBlockFlow::hasMarkupTruncation):
        (WebCore::RenderBlockFlow::simpleLineLayout):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::RenderElement):
        * rendering/RenderElement.h:
        (WebCore::RenderElement::setRenderBlockHasMarginBeforeQuirk):
        (WebCore::RenderElement::setRenderBlockHasMarginAfterQuirk):
        (WebCore::RenderElement::setRenderBlockHasBorderOrPaddingLogicalWidthChanged):
        (WebCore::RenderElement::renderBlockHasMarginBeforeQuirk):
        (WebCore::RenderElement::renderBlockHasMarginAfterQuirk):
        (WebCore::RenderElement::renderBlockHasBorderOrPaddingLogicalWidthChanged):
        (WebCore::RenderElement::setRenderBlockFlowLineLayoutPath):
        (WebCore::RenderElement::setRenderBlockFlowHasMarkupTruncation):
        (WebCore::RenderElement::renderBlockFlowLineLayoutPath):
        (WebCore::RenderElement::renderBlockFlowHasMarkupTruncation):
        * rendering/RenderFlowThread.cpp:
        (WebCore::RenderFlowThread::removeLineRegionInfo):

2015-01-31  Chris Dumez  <cdumez@apple.com>

        Remove useless PageCache::singleton() call from PageCache member function
        https://bugs.webkit.org/show_bug.cgi?id=141127

        Reviewed by Andreas Kling.

        * history/PageCache.cpp:
        (WebCore::PageCache::get):

2015-01-31  Sam Weinig  <sam@webkit.org>

        Remove empty #if/#endif

        Rubber-stamped by Antti Koivisto.

        * platform/graphics/FontPlatformData.h:

2015-01-31  Sam Weinig  <sam@webkit.org>

        Remove support for disabling drawing of emoji
        https://bugs.webkit.org/show_bug.cgi?id=141126

        Reviewed by Antti Koivisto.

        Remove unused support for disabling the drawing of emoji.

        * WebCore.exp.in:
        * platform/graphics/GraphicsContext.cpp:
        (WebCore::GraphicsContext::emojiDrawingEnabled): Deleted.
        (WebCore::GraphicsContext::setEmojiDrawingEnabled): Deleted.
        * platform/graphics/GraphicsContext.h:
        (WebCore::GraphicsContextState::GraphicsContextState):
        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::FontCascade::drawGlyphs):

2015-01-31  Sam Weinig  <sam@webkit.org>

        Remove even more Mountain Lion support
        https://bugs.webkit.org/show_bug.cgi?id=141124

        Reviewed by Alexey Proskuryakov.

        * Configurations/Base.xcconfig:
        * Configurations/DebugRelease.xcconfig:
        * Configurations/FeatureDefines.xcconfig:
        * Configurations/Version.xcconfig:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityActionNames]):
        (-[WebAccessibilityObjectWrapper subrole]):
        * platform/graphics/ca/mac/PlatformCALayerMac.mm:
        (PlatformCALayer::drawLayerContents):
        * platform/mac/ThemeMac.mm:
        (-[WebCoreThemeView _focusRingVisibleRect]):

2015-01-30  Sam Weinig  <sam@webkit.org>

        Merge SimpleFontDataIOS.mm and SimpleFontDataMac.mm into FontCocoa.mm
        https://bugs.webkit.org/show_bug.cgi?id=141101

        Rubber-stamped by Dan Bernstein.

        * WebCore.xcodeproj/project.pbxproj:
        Remove SimpleFontDataIOS.mm and SimpleFontDataMac.mm. Add FontCocoa.mm.

        * platform/graphics/Font.h:
        Remove a few CG only functions from the header that can be implemented as static functions
        in the implementation file.

        * platform/graphics/cocoa/FontCocoa.mm: Copied from Source/WebCore/platform/graphics/mac/SimpleFontDataMac.mm.
        (WebCore::fontFamilyShouldNotBeUsedForArabic):
        (WebCore::Font::platformInit):
        (WebCore::Font::platformCharWidthInit):
        (WebCore::Font::platformCreateScaledFont):
        (WebCore::Font::determinePitch):
        (WebCore::renderingStyle):
        (WebCore::advanceForColorBitmapFont):
        (WebCore::hasCustomTracking):
        (WebCore::canUseFastGlyphAdvanceGetter):
        (WebCore::Font::platformWidthForGlyph):
        (WebCore::Font::compositeFontReferenceFont):
        (WebCore::copyFontTableForTag): Deleted.
        (WebCore::Font::renderingStyle): Deleted.
        Merge in the iOS specific parts.

        * platform/graphics/ios/SimpleFontDataIOS.mm: Removed.
        * platform/graphics/mac/SimpleFontDataMac.mm: Removed.

2015-01-31  Zalan Bujtas  <zalan@apple.com>

        Regression(r179438) Simple line layout: ASSERTION at SimpleLineLayout::FlowContentsIterator::runWidth().
        https://bugs.webkit.org/show_bug.cgi?id=141121

        Reviewed by Antti Koivisto.

        When a breakable text fragment does not fit the current line, we split it.
        The first part stays on the current line, while the second part gets pushed to the next line.
        In certain cases, the first part could end up being empty.
        This patch ensures that we don't measure empty fragments.

        Covered by existing tests.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::splitFragmentToFitLine):

2015-01-31  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r179426.
        https://bugs.webkit.org/show_bug.cgi?id=141119

        "caused a memory use regression" (Requested by Guest45 on
        #webkit).

        Reverted changeset:

        "Use FastMalloc (bmalloc) instead of BlockAllocator for GC
        pages"
        https://bugs.webkit.org/show_bug.cgi?id=140900
        http://trac.webkit.org/changeset/179426

2015-01-30  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Improve FlowContentsIterator::TextFragment's encapsulation.
        https://bugs.webkit.org/show_bug.cgi?id=141090

        Reviewed by Andreas Kling.

        Make members private to avoid accidental change in TextFragment.

        No change in functionality.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::LineState::addFragment):
        (WebCore::SimpleLineLayout::LineState::addWhitespace):
        (WebCore::SimpleLineLayout::splitFragmentToFitLine):
        (WebCore::SimpleLineLayout::firstFragment):
        (WebCore::SimpleLineLayout::createLineRuns):
        * rendering/SimpleLineLayoutFlowContentsIterator.cpp:
        (WebCore::SimpleLineLayout::FlowContentsIterator::nextTextFragment):
        * rendering/SimpleLineLayoutFlowContentsIterator.h:
        (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::TextFragment):
        (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::start):
        (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::end):
        (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::width):
        (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::type):
        (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::isCollapsed):
        (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::isBreakable):
        (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::isEmpty):

2015-01-30  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Make LineState fragment handling simpler.
        https://bugs.webkit.org/show_bug.cgi?id=141100

        Reviewed by Andreas Kling.

        New fragments are appeneded to the Run's last entry
        instead of accumulating them until after a new run is required. 
        (whitespace collapse or line end)
        LineState::appendFragment manages whitespace collapsing now.
        This makes createLineRuns() logic lighter and no need to "flush"
        the LineState when the line ends.

        No change in functionality.

        * rendering/SimpleLineLayout.cpp: Make LineState members private and introduce getters.
        (WebCore::SimpleLineLayout::LineState::setAvailableWidth):
        (WebCore::SimpleLineLayout::LineState::setLogicalLeftOffset):
        (WebCore::SimpleLineLayout::LineState::setOverflowedFragment):
        (WebCore::SimpleLineLayout::LineState::availableWidth):
        (WebCore::SimpleLineLayout::LineState::logicalLeftOffset):
        (WebCore::SimpleLineLayout::LineState::overflowedFragment):
        (WebCore::SimpleLineLayout::LineState::hasTrailingWhitespace):
        (WebCore::SimpleLineLayout::LineState::isWhitespaceOnly):
        (WebCore::SimpleLineLayout::LineState::fits):
        (WebCore::SimpleLineLayout::LineState::firstCharacterFits):
        (WebCore::SimpleLineLayout::LineState::width):
        (WebCore::SimpleLineLayout::LineState::appendFragment): Append each fragment to the Run 
        by either creating a new run or expanding the last one.
        (WebCore::SimpleLineLayout::LineState::removeTrailingWhitespace): Remove trailing whitespace from
        the Run's and reset the trailing whitespace variables.
        (WebCore::SimpleLineLayout::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::updateLineConstrains):
        (WebCore::SimpleLineLayout::firstFragment):
        (WebCore::SimpleLineLayout::createLineRuns):
        (WebCore::SimpleLineLayout::closeLineEndingAndAdjustRuns):
        (WebCore::SimpleLineLayout::createTextRuns):
        (WebCore::SimpleLineLayout::LineState::createRun): Deleted.
        (WebCore::SimpleLineLayout::LineState::addFragment): Deleted.
        (WebCore::SimpleLineLayout::LineState::addWhitespace): Deleted.
        (WebCore::SimpleLineLayout::LineState::hasWhitespaceOnly): Deleted.

2015-01-30  Chris Dumez  <cdumez@apple.com>

        Drop HistoryItem's m_prev / m_next
        https://bugs.webkit.org/show_bug.cgi?id=141105

        Reviewed by Zalan Bujtas.

        Drop HistoryItem's m_prev / m_next. Those are no longer needed after
        the PageCache refactoring in <http://trac.webkit.org/r179347>.

        * history/HistoryItem.cpp:
        (WebCore::HistoryItem::HistoryItem):
        * history/HistoryItem.h:

2015-01-30  Jeongmin Kim  <jm86.kim@lge.com>

        Update the comment in RenderLayer for clarity as related code location is changed
        https://bugs.webkit.org/show_bug.cgi?id=141103

        Reviewed by Simon Fraser.

        Update the comment in RenderLayer for clarity as related code location is changed
        The repainting in implicitClose() that is now called in setVisualUpdatesAllowed(bool) is removed

        * rendering/RenderLayer.cpp:
        (WebCore::shouldSuppressPaintingLayer):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateCompositingLayers):

2015-01-30  Chris Dumez  <cdumez@apple.com>

        Optimize MemoryCache::getSessionMap() a bit
        https://bugs.webkit.org/show_bug.cgi?id=141069

        Reviewed by Anders Carlsson.

        Optimize MemoryCache::getSessionMap() a bit by doing 1 HashMap lookup
        instead of previously 3. Also rename the method to
        ensureSessionResourceMap() as we usually don't use "get" prefix for
        getters and the implementation will also create the HashMap value if
        the key is not found.

        Also add a alternative sessionResourceMap() method which returns
        the HashMap value if the key exists but doesn't try to create it if
        missing. This is actually what we really want for some call sites.

        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::add):
        (WebCore::MemoryCache::revalidationSucceeded):
        (WebCore::MemoryCache::resourceForRequest):
        (WebCore::MemoryCache::removeImageFromCache):
        (WebCore::MemoryCache::remove):
        (WebCore::MemoryCache::getSessionMap): Deleted.
        * loader/cache/MemoryCache.h:

2015-01-30  Chris Dumez  <cdumez@apple.com>

        Unreviewed. Remove outdated comment.

        * loader/cache/MemoryCache.cpp:

2015-01-30  Eric Carlson  <eric.carlson@apple.com>

        Remove MediaPlayerProxy.h
        https://bugs.webkit.org/show_bug.cgi?id=141087

        Reviewed by Sam Weinig.

        * WebCore.xcodeproj/project.pbxproj: Remove reference to MediaPlayerProxy.h.
        * platform/graphics/mac/MediaPlayerProxy.h: Removed.

2015-01-30  Geoffrey Garen  <ggaren@apple.com>

        Use FastMalloc (bmalloc) instead of BlockAllocator for GC pages
        https://bugs.webkit.org/show_bug.cgi?id=140900

        Reviewed by Mark Hahnenberg.

        Re-landing just the HandleBlock piece of this patch.

        * platform/cocoa/MemoryPressureHandlerCocoa.mm:
        (WebCore::MemoryPressureHandler::install):

2015-01-30  Chris Dumez  <cdumez@apple.com>

        Update MemoryCache code to use more references instead of pointers
        https://bugs.webkit.org/show_bug.cgi?id=141099

        Reviewed by Andreas Kling.

2015-01-30  Brian J. Burg  <burg@cs.washington.edu>

        Web Inspector: ASSERT in InspectorTimelineAgent::internalStop
        https://bugs.webkit.org/show_bug.cgi?id=141039

        Reviewed by Timothy Hatcher.

        Don't unconditionally stop the environment stopwatch, since it could have
        already stopped due to the debugger pausing.

        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::internalStop):

2015-01-30  Chris Dumez  <cdumez@apple.com>

        When no background-size is specified on the 2nd background layer, it takes the first instead of the initial value
        https://bugs.webkit.org/show_bug.cgi?id=141059

        Reviewed by Antti Koivisto.

        This patch fixes fill size support for 'initial' value.

        Test: fast/css/background-layers-initial-size.html

        * css/CSSToStyleMap.cpp:
        - Add check for initial values and set fill size to initialFillSize()
          in this case (which is 'auto'). Previously, we were handling all
          non CSSPrimitiveValues the same way and setting the fill size type
          to SizeNone, which means no size (not 'auto').
        - Clean up the rest of the function (no behavior change).

        * rendering/style/FillLayer.cpp:
        (WebCore::FillLayer::FillLayer):
        - Initialize m_sizeLength to SizeNone instead of calling
          initialFillSizeType(). There is no behavior change here. However,
          initialFillSizeType() was not supposed to return SizeNone.
        - Stop explicitly initializing m_sizeLength to LengthSize() as this
          is already what happens implicitly.

        * rendering/style/FillLayer.h:
        (WebCore::FillLayer::initialFillSize):
        Return FillSize() instead of FillSize(SizeNone, LengthSize()).
        FillSize() is equivalent to FillSize(SizeLength, LengthSize())
        which is resolved to 'auto'. SizeNone means no size which isn't
        what we want as an initial value.

        (WebCore::FillLayer::initialFillSizeType): Deleted.
        (WebCore::FillLayer::initialFillSizeLength): Deleted.
        Remove Individual initialFillSizeType() / initialFillSizeLength()
        functions now that all caller use initialFillSize() instead.

2015-01-30  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r179403.
        https://bugs.webkit.org/show_bug.cgi?id=141091

        Broke fast/files/workers/worker-apply-blob-url-to-xhr.html
        (Requested by ap_ on #webkit).

        Reverted changeset:

        "Optimize MemoryCache::getSessionMap() a bit"
        https://bugs.webkit.org/show_bug.cgi?id=141069
        http://trac.webkit.org/changeset/179403

2015-01-30  Chris Dumez  <cdumez@apple.com>

        Rename shared() static member functions to singleton() for singleton classes.
        https://bugs.webkit.org/show_bug.cgi?id=141088

        Reviewed by Ryosuke Niwa and Benjamin Poulain.

        Rename shared() static member functions to singleton() for singleton
        classes as per the recent coding style change.

2015-01-30  Matthew Mirman  <mmirman@apple.com>

        Added ClientRect as an interface that requires attributes 
        on instance for compatibility.
        https://bugs.webkit.org/show_bug.cgi?id=141063
        <rdar://problem/18437653>

        Reviewed by Oliver Hunt.

        Added a new test to LayoutTests/js/resources/JSON-stringify.js

        * bindings/scripts/CodeGeneratorJS.pm:
        (InterfaceRequiresAttributesOnInstanceForCompatibility):

2015-01-30  Chris Dumez  <cdumez@apple.com>

        Optimize MemoryCache::getSessionMap() a bit
        https://bugs.webkit.org/show_bug.cgi?id=141069

        Reviewed by Anders Carlsson.

        Optimize MemoryCache::getSessionMap() a bit by doing 1 HashMap lookup
        instead of previously 3. Also rename the method to sessionResources()
        as we usually don't use "get" prefix for getters.

        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::sessionResources):
        (WebCore::MemoryCache::add):
        (WebCore::MemoryCache::revalidationSucceeded):
        (WebCore::MemoryCache::resourceForRequest):
        (WebCore::MemoryCache::removeImageFromCache):
        (WebCore::MemoryCache::remove):
        (WebCore::MemoryCache::getSessionMap): Deleted.
        * loader/cache/MemoryCache.h:

2015-01-30  Chris Dumez  <cdumez@apple.com>

        Store MemoryCache's live decoded resources in a ListHashSet
        https://bugs.webkit.org/show_bug.cgi?id=141051

        Reviewed by Antti Koivisto.

        Store MemoryCache's live decoded resources in a ListHashSet instead of
        a linked list. The frequent operations are:
        1. Add items to one end
        2. Remove items from the other end or anywhere in the container by value

        Using a ListHashSet instead of a manual linked list results in *much*
        simpler / shorter code and is fast for all operations (faster than
        linked list even for removing an given element from the container given
        its value). The previous implementation required us to keep a lot of
        pointers up-to-date, which was error prone.

        This is a first step towards simplifying the MemoryCache implementation.

        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::CachedResource):
        (WebCore::CachedResource::setDecodedSize):
        (WebCore::CachedResource::didAccessDecodedData):
        * loader/cache/CachedResource.h:
        (WebCore::CachedResource::inLiveDecodedResourcesList): Deleted.
        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::pruneLiveResourcesToSize):
        (WebCore::MemoryCache::removeFromLiveDecodedResourcesList):
        (WebCore::MemoryCache::insertInLiveDecodedResourcesList):
        * loader/cache/MemoryCache.h:
        (WebCore::MemoryCache::inLiveDecodedResourcesList):

2015-01-30  Csaba Osztrogonác  <ossy@webkit.org>

        [cairo] Fix #if guards in platform/graphics/cairo directory
        https://bugs.webkit.org/show_bug.cgi?id=141076

        Reviewed by Sergio Villar Senin.

        * platform/graphics/cairo/BackingStoreBackendCairo.h:
        * platform/graphics/cairo/BitmapImageCairo.cpp:
        * platform/graphics/cairo/CairoUtilities.cpp:
        * platform/graphics/cairo/CairoUtilities.h:
        * platform/graphics/cairo/DrawErrorUnderline.h:
        * platform/graphics/cairo/DrawingBufferCairo.cpp:
        * platform/graphics/cairo/FloatRectCairo.cpp:
        * platform/graphics/cairo/FontCairo.cpp:
        * platform/graphics/cairo/FontCairoHarfbuzzNG.cpp:
        * platform/graphics/cairo/FontCustomPlatformData.h:
        * platform/graphics/cairo/GradientCairo.cpp:
        * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
        * platform/graphics/cairo/GraphicsContextCairo.cpp:
        * platform/graphics/cairo/GraphicsContextPlatformPrivateCairo.h:
        * platform/graphics/cairo/ImageBufferCairo.cpp:
        * platform/graphics/cairo/ImageBufferDataCairo.h:
        * platform/graphics/cairo/ImageCairo.cpp:
        * platform/graphics/cairo/IntRectCairo.cpp:
        * platform/graphics/cairo/OwnPtrCairo.cpp:
        * platform/graphics/cairo/OwnPtrCairo.h:
        * platform/graphics/cairo/PathCairo.cpp:
        * platform/graphics/cairo/PatternCairo.cpp:
        * platform/graphics/cairo/PlatformContextCairo.cpp:
        * platform/graphics/cairo/PlatformContextCairo.h:
        * platform/graphics/cairo/PlatformPathCairo.cpp:
        * platform/graphics/cairo/PlatformPathCairo.h:
        * platform/graphics/cairo/RefPtrCairo.cpp:
        * platform/graphics/cairo/RefPtrCairo.h:
        * platform/graphics/cairo/TileCairo.h:
        * platform/graphics/cairo/TransformationMatrixCairo.cpp:

2015-01-29  Darin Adler  <darin@apple.com>

        Remove SVGUseElement.instanceRoot and all tests that depend on it
        https://bugs.webkit.org/show_bug.cgi?id=141025

        Reviewed by Anders Carlsson.

        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::instanceRoot): Deleted.
        * svg/SVGUseElement.h: Removed instanceRoot.
        * svg/SVGUseElement.idl: Ditto.

2015-01-29  Tim Horton  <timothy_horton@apple.com>

        Fix the build with newer Clang.

        * platform/graphics/ca/GraphicsLayerCA.h:

2015-01-29  Sam Weinig  <sam@webkit.org>

        Try to fix the iOS build.

        * WebCore.exp.in:

2015-01-29  Brent Fulgham  <bfulgham@apple.com>

        [Win] Build fix after r179368.

        * platform/graphics/win/UniscribeController.cpp:
        (WebCore::UniscribeController::shapeAndPlaceItem): Don't use the no longer
        valid isPrinterFont method.

2015-01-29  Tim Horton  <timothy_horton@apple.com>

        Fix the build after r179368

        * platform/graphics/FontDescription.h:
        (WebCore::FontDescription::equalForTextAutoSizing):

2015-01-29  Simon Fraser  <simon.fraser@apple.com>

        Border-radius clipping on a stacking context causes descendants to not render
        https://bugs.webkit.org/show_bug.cgi?id=140536

        Reviewed by Zalan Bujtas.
        
        Fix one of the issues introduced in r178029. The changes in GraphicsLayerCA
        failed to adhere to the "set a bit and flush later" pattern that this class uses,
        instead poking the platform layers directly. This caused an issue where the bounds
        of the clipping layer would later be set to 0x0, causing content to disappear.
        
        Fix by changing the "applyClippingBorder" function to "setMasksToBoundsRect"
        and have it update via a new MasksToBoundsRectChanged dirty bit.

        In order to avoid clobbering the mask layer used to clip contents, we need another
        shape mask layer, so rename m_shapeMaskLayer to m_contentsShapeMaskLayer, then
        introduce a new m_shapeMaskLayer which is used for masks-to-bounds clipping. Update
        the reflection cloning code to correctly clone this layer.

        Test: compositing/clipping/border-radius-stacking-context-clip.html

        * WebCore.exp.in:
        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::maskToBoundsRect):
        (WebCore::GraphicsLayer::setMasksToBoundsRect):
        (WebCore::GraphicsLayer::applyClippingBorder): Deleted.
        (WebCore::GraphicsLayer::clearClippingBorder): Deleted.
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::willBeDestroyed):
        (WebCore::GraphicsLayerCA::setMasksToBoundsRect):
        (WebCore::GraphicsLayerCA::setContentsToSolidColor):
        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
        (WebCore::GraphicsLayerCA::updateContentsImage):
        (WebCore::GraphicsLayerCA::updateContentsRects):
        (WebCore::GraphicsLayerCA::updateMasksToBoundsRect):
        (WebCore::GraphicsLayerCA::dumpAdditionalProperties):
        (WebCore::GraphicsLayerCA::applyClippingBorder): Deleted.
        (WebCore::GraphicsLayerCA::clearClippingBorder): Deleted.
        * platform/graphics/ca/GraphicsLayerCA.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateChildClippingStrategy): Add a FIXME since
        this code is trying to access geometry and we may not have done layout yet.
        Also, to clear the rounded rect, just set a non-rounded rect the size of the layer.

2015-01-29  Sam Weinig  <sam@webkit.org>

        Remove support for screen font substitution
        https://bugs.webkit.org/show_bug.cgi?id=141038

        Reviewed by Tim Horton.

        - Removes the screen font substitution setting (which was only on in Mountain Lion)
        - Remove the concept of a printer font, from the family of Font related classes.

        * WebCore.exp.in:
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::initializeFontStyle):
        * page/Settings.cpp:
        (WebCore::Settings::Settings):
        (WebCore::Settings::shouldEnableScreenFontSubstitutionByDefault): Deleted.
        (WebCore::Settings::setScreenFontSubstitutionEnabled): Deleted.
        * page/Settings.h:
        (WebCore::Settings::screenFontSubstitutionEnabled): Deleted.
        * page/mac/SettingsMac.mm:
        (WebCore::Settings::shouldEnableScreenFontSubstitutionByDefault): Deleted.
        * platform/graphics/FontCache.h:
        (WebCore::FontDescriptionFontDataCacheKey::makeFlagKey):
        * platform/graphics/FontCascade.cpp:
        (WebCore::FontCascade::FontCascade):
        * platform/graphics/FontCascade.h:
        (WebCore::FontCascade::isPrinterFont): Deleted.
        * platform/graphics/FontDescription.h:
        (WebCore::FontDescription::FontDescription):
        (WebCore::FontDescription::setWeight):
        (WebCore::FontDescription::equalForTextAutoSizing):
        (WebCore::FontDescription::operator==):
        (WebCore::FontDescription::usePrinterFont): Deleted.
        (WebCore::FontDescription::setUsePrinterFont): Deleted.
        * platform/graphics/FontPlatformData.h:
        (WebCore::FontPlatformData::isCompositeFontReference):
        (WebCore::FontPlatformData::hash):
        (WebCore::FontPlatformData::operator==):
        (WebCore::FontPlatformData::isPrinterFont): Deleted.
        * platform/graphics/WidthIterator.h:
        (WebCore::WidthIterator::supportsTypesettingFeatures):
        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::FontCascade::drawGlyphs):
        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::FontPlatformData):
        (WebCore::FontPlatformData::platformDataInit):
        (WebCore::FontPlatformData::platformDataAssign):
        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::FontCache::getSystemFontFallbackForCharacters):
        (WebCore::FontCache::createFontPlatformData):
        * platform/graphics/ios/SimpleFontDataIOS.mm:
        (WebCore::Font::platformCreateScaledFont):
        * platform/graphics/mac/ComplexTextController.cpp:
        (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
        * platform/graphics/mac/ComplexTextControllerCoreText.mm:
        (WebCore::ComplexTextController::collectComplexTextRunsForCharacters):
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::FontCache::systemFallbackForCharacters):
        (WebCore::FontCache::createFontPlatformData):
        * platform/graphics/mac/SimpleFontDataMac.mm:
        (WebCore::Font::compositeFontReferenceFont):
        (WebCore::Font::platformCreateScaledFont):
        * platform/mac/DragImageMac.mm:
        (WebCore::fontFromNSFont):
        (WebCore::widthWithFont):
        (WebCore::drawAtPoint):
        * style/StyleResolveForDocument.cpp:
        (WebCore::Style::resolveForDocument):

2015-01-20  David Hyatt  <hyatt@apple.com>

        Japanese line breaking rules need to be respected before and after Ruby.
        https://bugs.webkit.org/show_bug.cgi?id=91588
        <rdar://problem/17306535>

        Reviewed by Dean Jackson.

        Added fast/ruby/ruby-punctuation-avoid-breaking.html.

        This patch has to add support for following line breaking rules at both
        sides of a Ruby boundary. For breaking before a Ruby, unfortunately we
        just hard-code the rules (and apply this hard-coding only to Ruby and not
        to other inline replaced elements).

        For breaking after a Ruby we do better. The Ruby run caches its prior characters
        and line layout is able to obtain them and use them when deciding whether or not
        to break. This means for the "after" side of a Ruby, we're able to behave the same
        as if no Ruby was used.

        * rendering/RenderBlockFlow.h:
        (WebCore::RenderBlockFlow::cachePriorCharactersIfNeeded):
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlockFlow::layoutRunsAndFloatsInRange):
        * rendering/RenderRubyBase.cpp:
        (WebCore::RenderRubyBase::cachePriorCharactersIfNeeded):
        * rendering/RenderRubyBase.h:
        * rendering/RenderRubyRun.cpp:
        (WebCore::RenderRubyRun::RenderRubyRun):
        (WebCore::RenderRubyRun::updatePriorContextFromCachedBreakIterator):
        (WebCore::RenderRubyRun::canBreakBefore):
        * rendering/RenderRubyRun.h:
        * rendering/RenderRubyText.cpp:
        (WebCore::RenderRubyText::canBreakBefore):
        * rendering/RenderRubyText.h:
        * rendering/line/BreakingContextInlineHeaders.h:
        (WebCore::BreakingContext::handleReplaced):
        (WebCore::BreakingContext::canBreakAtThisPosition):
        (WebCore::BreakingContext::commitAndUpdateLineBreakIfNeeded):

2015-01-28  Beth Dakin  <bdakin@apple.com>

        Remove more Mountain Lion code from WebCore
        https://bugs.webkit.org/show_bug.cgi?id=141014

        Reviewed by Anders Carlsson.

        * WebCore.exp.in:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (AXAttributeStringSetSpelling):
        (AXAttributedStringAppendText):
        * crypto/CommonCryptoUtilities.h:
        * crypto/mac/CryptoAlgorithmAES_CBCMac.cpp:
        (WebCore::transformAES_CBC):
        * editing/cocoa/HTMLConverter.mm:
        (_dateForString):
        * html/canvas/ANGLEInstancedArrays.cpp:
        (WebCore::ANGLEInstancedArrays::supported):
        * loader/cocoa/DiskCacheMonitorCocoa.mm:
        * page/mac/SettingsMac.mm:
        (WebCore::Settings::shouldEnableScreenFontSubstitutionByDefault):
        (WebCore::Settings::initializeDefaultFontFamilies):
        * platform/audio/mac/MediaSessionManagerMac.cpp:
        (MediaSessionManager::updateSessionState):
        * platform/cocoa/MemoryPressureHandlerCocoa.mm:
        (WebCore::MemoryPressureHandler::install):
        (WebCore::MemoryPressureHandler::ReliefLogger::platformLog):
        (WebCore::MemoryPressureHandler::ReliefLogger::platformMemoryUsage): Deleted.
        * platform/graphics/avfoundation/AVTrackPrivateAVFObjCImpl.mm:
        (WebCore::AVTrackPrivateAVFObjCImpl::languageForAVMediaSelectionOption):
        * platform/graphics/avfoundation/objc/CDMSessionAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/CDMSessionAVFoundationObjC.mm:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoLayer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoOutput):
        * platform/graphics/cocoa/IOSurface.mm:
        (IOSurface::state):
        (IOSurface::isVolatile):
        (IOSurface::setIsVolatile):
        * platform/graphics/mac/SimpleFontDataMac.mm:
        (WebCore::Font::platformInit):
        * platform/graphics/opengl/Extensions3DOpenGL.cpp:
        (WebCore::Extensions3DOpenGL::drawArraysInstanced):
        (WebCore::Extensions3DOpenGL::drawElementsInstanced):
        (WebCore::Extensions3DOpenGL::vertexAttribDivisor):
        * platform/mac/WebCoreSystemInterface.h:
        * platform/mac/WebCoreSystemInterface.mm:
        * platform/network/cf/ResourceHandleCFNet.cpp:
        (WebCore::ResourceHandle::createCFURLConnection):
        * platform/network/cocoa/ProtectionSpaceCocoa.h:
        (WebCore::ProtectionSpace::encodingRequiresPlatformData):
        * platform/network/cocoa/ProtectionSpaceCocoa.mm:
        (WebCore::ProtectionSpace::encodingRequiresPlatformData):
        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::ResourceHandle::createNSURLConnection):
        * platform/network/mac/WebCoreURLResponse.mm:
        (WebCore::synthesizeRedirectResponseIfNecessary):
        * platform/spi/cf/CFNetworkSPI.h:
        * platform/text/mac/LocaleMac.mm:
        (WebCore::LocaleMac::LocaleMac):

2015-01-29  Benjamin Poulain  <bpoulain@apple.com>

        Remove an extraneous check from the parser of :not()
        https://bugs.webkit.org/show_bug.cgi?id=141021

        Reviewed by Darin Adler.

        * css/CSSGrammar.y.in:
        :not() takes a selector list, it can be null if there selector list is invalid,
        but there cannot be a invalid pointer.

2015-01-29  Tim Horton  <timothy_horton@apple.com>

        Fix the iOS build after r179347

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::commitProvisionalLoad):

2015-01-29  Andreas Kling  <akling@apple.com>

        JavaScript bindings constructors should take Ref<ImplType>&&.
        <https://webkit.org/b/140952>

        Reviewed by Darin Adler.

        When constructing a JS wrapper object, there is always going to be a
        corresponding DOM object.

        Tweak the JavaScript DOM bindings generator to spit out constructors
        that take the DOM object by Ref&& rather than PassRefPtr.

        This avoids generating unnecessary null checks around every instance
        of wrapper construction.

        * bindings/js/JSDOMBinding.h:
        (WebCore::createWrapper):
        * bindings/js/JSDOMWindowShell.cpp:
        (WebCore::JSDOMWindowShell::setWindow):
        * bindings/js/JSDocumentCustom.cpp:
        (WebCore::JSDocument::location):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        (GenerateImplementation):

2015-01-29  Chris Dumez  <cdumez@apple.com>

        Clean up / modernize PageCache class
        https://bugs.webkit.org/show_bug.cgi?id=141009

        Reviewed by Darin Adler.

        Clean up / modernize PageCache class:
        - Use more references instead of pointers
        - Use a ListHashSet<Ref<HistoryItem>> internally instead of a linked
          list of HistoryItem*. This avoids having the ref/unref HistoryItems
          manually and maintaining the list size separately. It also simplifies
          the code dealing with the container and makes looking up HistoryItems
          faster as a bonus. Similarly to the previous implementation, we are
          adding elements to one end and removing from the opposite end when
          pruning to drop old history items first. Note that even though the
          previous implementation was called LRUList, it did not move items to
          the front when accessed. The new implementation doesn't either.
         - Rename "capacity" to "maxSize" to avoid confusing with containers'
           capacity (which doesn't limit the size of the container).
         - Use unsigned instead of int for all values that are supposed to be
           positive.
         - Do not explicitely define the default constructor and let the
           compiler generate it for us (and use in-class initialization for
           members)
         - Fix indentation in the header.

2015-01-29  Julien Isorce  <j.isorce@samsung.com>

        HTMLImageLoader: fix build failure on assert condition after r179340
        https://bugs.webkit.org/show_bug.cgi?id=140722

        Reviewed by Csaba Osztrogonác.

        * html/HTMLImageLoader.cpp:
        (WebCore::HTMLImageLoader::imageChanged): image() directly
        returns a CachedImage*.

2015-01-29  Julien Isorce  <j.isorce@samsung.com>

        CachedImage: ensure clients overrides imageChanged instead of notifyFinished
        https://bugs.webkit.org/show_bug.cgi?id=140722

        Reviewed by Tim Horton.

        imageChanged is called whenever a frame of an image changes
        because we got more data from the network.

        notifyFinished was called when the image was entirely loaded.

        The problem was that some clients were implementing only
        imageChanged (ex: RenderBox), some only notifyFinished and
        some both (ex: RenderImage) which made the situation difficult
        to understand and to maintain.

        For example when the image finished loading, both imageChanged
        and notifyFinished were called with the difference that for the
        first one isLoaded() returned false.
        It could result in functions being called twice in a row,
        ex: contentChanged(ImageChanged).

        So this patch tries to simplify the situation by marking
        CachedImageClient::notifyFinished final in order to prevent
        clients from implementing it.
        Indeed this patch ensure that CachedImage clients implement
        and only implement imageChanged function.

        Also Clients can now differentiate intermediate and end
        calls by checking isLoaded() in imageChanged.

        * html/HTMLImageLoader.cpp:
        (WebCore::HTMLImageLoader::imageChanged): Added instead
        of notifyFinished.
        (WebCore::HTMLImageLoader::notifyFinished): Deleted.
        * html/HTMLImageLoader.h:

        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::imageChanged): Added instead
        of notifyFinished.
        (WebCore::ImageLoader::notifyFinished): Deleted.
        * loader/ImageLoader.h:

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::finishLoading): Explicilty mark image as
        loaded and before notifying observers. So that it avoids to call
        notifyFinished (from CachedResource::finishLoading).

        * loader/cache/CachedImageClient.h:
        Make CachedImageClient::notifyFinished final to make sure
        sub classes implement imageChanged instead.

        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::notifyFinished): Deleted.
        ImageChanged already exists and is more clever than notifyFinished.
        Indeed invalidateBackgroundObscurationStatus() will be called by
        RenderReplaced::layout() upon call to setNeedsLayout() in
        RenderImage::imageDimensionsChanged.
        Also contentChanged(ImageChanged) is now called only when necessary.
        * rendering/RenderImage.h:

        * svg/SVGFEImageElement.cpp:
        (WebCore::SVGFEImageElement::imageChanged): Added instead
        of notifyFinished.
        (WebCore::SVGFEImageElement::notifyFinished): Deleted.
        * svg/SVGFEImageElement.h:

2015-01-28  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Poor performance on IE's Chalkboard benchmark.
        https://bugs.webkit.org/show_bug.cgi?id=140753.

        Reviewed by Zalan Bujtas.

        Test: PerformanceTests/SVG/UnderTheSeeBenchmark.html
              PerformanceTests/SVG/WorldcupBenchmark.html
              
        The SVG rendering code was not skipping the SVG elements which are outside the
        clipping rectangle. We were drawing all the SVG elements even if some of them
        are completely outside the clipping rectangle. The fix is to pass the correct
        dirty rectangle to the ScrollView which then gets propagated to the SVG renderers.

        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::draw):
        SVGImage::draw() needs to pass the intersection of 'srcRect' and context->clipBounds(),
        to ScrollView::paint(). This will ensure RenderSVGShape::paint() gets the correct
        clipping rectangle. If there is no intersection between the boundingBox of the
        RenderSVGShape and the clipping rectangle, the RenderSVGShape will not be drawn.

2015-01-28  Brent Fulgham  <bfulgham@apple.com>

        Scroll snap points do not work in the vertical direction
        https://bugs.webkit.org/show_bug.cgi?id=141001
        <rdar://problem/19632089>

        Reviewed by Beth Dakin.

        New scroll snap tests are being prepared separately. A manual test case is attached to the issue.

        * page/EventHandler.cpp:
        (WebCore::handleWheelEventInAppropriateEnclosingBoxForSingleAxis): We want to consider momentum end phase
        when dealing with Scroll Snap Points.
        * platform/mac/AxisScrollSnapAnimator.mm:
        (WebCore::AxisScrollSnapAnimator::handleWheelEvent): We do NOT want to bail out early here. In fact, it's strange
        that this code was like this at all, since it meant a large number of cases were not being used. We also want to
        trigger the scroll snap animation (when applicable) upon an inertia scroll end.
        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::gestureShouldBeginSnap): Added.
        (WebCore::ScrollAnimatorMac::allowsVerticalStretching): If we have automatic elasticity, and we have active scroll
        snap points, we want to let the scroll snap animator deal with the gesture.
        (WebCore::ScrollAnimatorMac::allowsHorizontalStretching): Ditto.

2015-01-28  Benjamin Poulain  <bpoulain@apple.com>

        Start fixing the handling of Element's attributes when they contain non-ASCII characters
        https://bugs.webkit.org/show_bug.cgi?id=141016

        Reviewed by Ryosuke Niwa.

        Attribute handling does not work properly when the attribute name contains non-ASCII character.

        The HTML parser tokenize those names as ASCII lowercase. Some of the code is CSS and Element use
        unicode lowercase for the names. This breaks all the APIs as soon as a name contains a character
        that is non-ASCII and uppercase since some APIs change it, other don't.

        This patch is a first step toward fixing this mess, it only address the simple cases.
        The HTML spec says the names should be compared ASCII case-insensitive, to I spread that behavior
        to places that were using unicode.

        Tests: fast/css/attribute-ascii-case-insensitive-html.html
               fast/css/attribute-ascii-case-insensitive-xhtml-expected.xhtml
               fast/css/attribute-ascii-case-insensitive-xhtml.xhtml
               fast/css/attribute-ascii-case-insensitive-xml-in-html.html
               fast/dom/Element/attribute-ascii-case-insensitive-1.html
               fast/dom/Element/attribute-ascii-case-insensitive-2.html
               fast/selectors/attribute-ascii-case-insensitive-style-update.html
               fast/selectors/element-matches-attribute-ascii-case-insensitive-html.html
               fast/selectors/querySelector-attribute-ascii-case-insensitive-html.html

        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::setAttribute):
        * dom/Element.cpp:
        (WebCore::Element::synchronizeAttribute):
        (WebCore::Element::setAttribute):
        (WebCore::Element::removeAttribute):
        (WebCore::Element::hasAttribute):
        * dom/ElementData.cpp:
        (WebCore::ElementData::findAttributeIndexByNameSlowCase):
        * dom/ElementData.h:
        (WebCore::ElementData::findAttributeIndexByName):

2015-01-28  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Drop uncommitted/committed terms from LineState.
        https://bugs.webkit.org/show_bug.cgi?id=141005

        Reviewed by Antti Koivisto.

        Fragments form segments and segments turn into runs on the lines.
        We add fragments only when they fit so they should not be in 'uncommitted' state at all.

        No change in functionality.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::LineState::createRun):
        (WebCore::SimpleLineLayout::LineState::addFragment):
        (WebCore::SimpleLineLayout::LineState::addWhitespace):
        (WebCore::SimpleLineLayout::LineState::hasWhitespaceOnly):
        (WebCore::SimpleLineLayout::LineState::width):
        (WebCore::SimpleLineLayout::LineState::firstCharacterFits):
        (WebCore::SimpleLineLayout::LineState::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::firstFragment):
        (WebCore::SimpleLineLayout::createLineRuns):
        (WebCore::SimpleLineLayout::closeLineEndingAndAdjustRuns):
        (WebCore::SimpleLineLayout::createTextRuns): Unnecessary assert.
        (WebCore::SimpleLineLayout::LineState::commitAndCreateRun): Deleted.
        (WebCore::SimpleLineLayout::LineState::addUncommitted): Deleted.
        (WebCore::SimpleLineLayout::LineState::addUncommittedWhitespace): Deleted.

2015-01-28  Chris Dumez  <cdumez@apple.com>

        Regression(r177494): Bad cast to WebKitCSSResourceValue in StyleBuilderConverter::convertMaskImageOperations()
        https://bugs.webkit.org/show_bug.cgi?id=140991
        <rdar://problem/19625305>

        Reviewed by Antti Koivisto.

        convertMaskImageOperations() was assuming that the CSSValueList's values
        were always WebKitCSSResourceValue values. However, they can be
        CSSInitialValues as well so we should check before casting.

        Test: css3/masking/mask-image-initial-value-crash.html

        * css/StyleBuilderConverter.h:
        (WebCore::maskImageValueFromIterator):
        (WebCore::StyleBuilderConverter::convertMaskImageOperations):

2015-01-28  Chris Dumez  <cdumez@apple.com>

        Remove dead code from MemoryCache
        https://bugs.webkit.org/show_bug.cgi?id=140964

        Reviewed by Andreas Kling.

        Remove dead code from MemoryCache, make more things private and
        clean up a little bit.

        * WebCore.exp.in:
        * inspector/InspectorResourceAgent.cpp:
        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::MemoryCache):
        (WebCore::MemoryCache::revalidationSucceeded):
        (WebCore::MemoryCache::removeImageFromCache):
        (WebCore::MemoryCache::pruneLiveResources):
        (WebCore::MemoryCache::pruneDeadResources):
        (WebCore::MemoryCache::pruneDeadResourcesToSize):
        (WebCore::MemoryCache::remove):
        (WebCore::MemoryCache::removeRequestFromSessionCaches):
        (WebCore::MemoryCache::setDisabled):
        (WebCore::MemoryCache::resourceForURL): Deleted.
        (WebCore::MemoryCache::pruneLiveResourcesToPercentage): Deleted.
        (WebCore::MemoryCache::pruneDeadResourcesToPercentage): Deleted.
        (WebCore::MemoryCache::evict): Deleted.
        (WebCore::MemoryCache::removeUrlFromCache): Deleted.
        (WebCore::MemoryCache::removeRequestFromCache): Deleted.
        (WebCore::MemoryCache::pruneToPercentage): Deleted.
        * loader/cache/MemoryCache.h:
        (WebCore::MemoryCache::LRUList::LRUList): Deleted.
        (WebCore::MemoryCache::remove): Deleted.
        (WebCore::MemoryCache::setPruneEnabled): Deleted.
        (WebCore::MemoryCache::minDeadCapacity): Deleted.
        (WebCore::MemoryCache::maxDeadCapacity): Deleted.
        (WebCore::MemoryCache::capacity): Deleted.
        (WebCore::MemoryCache::liveSize): Deleted.
        (WebCore::MemoryCache::deadSize): Deleted.
        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::releaseCriticalMemory):

2015-01-28  Brian J. Burg  <burg@cs.washington.edu>

        Web Inspector: remove CSS.setPropertyText, CSS.toggleProperty and related dead code
        https://bugs.webkit.org/show_bug.cgi?id=140961

        Reviewed by Timothy Hatcher.

        No new tests, no behavior changed.

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * inspector/InspectorAllInOne.cpp:
        * inspector/InspectorCSSAgent.cpp:
        (WebCore::InspectorCSSAgent::setPropertyText): Deleted.
        (WebCore::InspectorCSSAgent::toggleProperty): Deleted.
        * inspector/InspectorCSSAgent.h:
        * inspector/InspectorStyleSheet.cpp:
        (WebCore::InspectorStyle::InspectorStyle):
        (WebCore::InspectorStyle::populateAllProperties):
        (WebCore::InspectorStyleSheet::InspectorStyleSheet):
        (WebCore::InspectorStyleSheet::reparseStyleSheet):
        (WebCore::InspectorStyleSheet::inspectorStyleForId):
        (WebCore::InspectorStyle::setPropertyText): Deleted.
        (WebCore::InspectorStyle::toggleProperty): Deleted.
        (WebCore::InspectorStyle::newLineAndWhitespaceDelimiters): Deleted.
        (WebCore::InspectorStyleSheet::setPropertyText): Deleted.
        (WebCore::InspectorStyleSheet::toggleProperty): Deleted.
        (WebCore::InspectorStyleSheet::rememberInspectorStyle): Deleted.
        (WebCore::InspectorStyleSheet::forgetInspectorStyle): Deleted.
        (WebCore::InspectorStyleSheet::revalidateStyle): Deleted.
        * inspector/InspectorStyleSheet.h:
        * inspector/InspectorStyleTextEditor.cpp: Removed.
        * inspector/InspectorStyleTextEditor.h: Removed.

2015-01-28  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Move FlowContents iterator interface to FlowContentsIterator.
        https://bugs.webkit.org/show_bug.cgi?id=140944

        Reviewed by Antti Koivisto.

        This patch cleans up FlowContents's interface by moving the iterator functionality
        to this new FlowContentsIterator class.

        No change in functionality.

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::LineState::addUncommitted):
        (WebCore::SimpleLineLayout::LineState::addUncommittedWhitespace):
        (WebCore::SimpleLineLayout::preWrap):
        (WebCore::SimpleLineLayout::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::splitFragmentToFitLine):
        (WebCore::SimpleLineLayout::firstFragment):
        (WebCore::SimpleLineLayout::createLineRuns):
        (WebCore::SimpleLineLayout::closeLineEndingAndAdjustRuns):
        (WebCore::SimpleLineLayout::splitRunsAtRendererBoundary):
        (WebCore::SimpleLineLayout::createTextRuns):
        * rendering/SimpleLineLayoutFlowContents.cpp:
        (WebCore::SimpleLineLayout::FlowContents::FlowContents):
        (WebCore::SimpleLineLayout::FlowContents::Style::Style): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::nextTextFragment): Deleted.
        (WebCore::SimpleLineLayout::nextBreakablePosition): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::findNextBreakablePosition): Deleted.
        (WebCore::SimpleLineLayout::findNextNonWhitespace): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::findNextNonWhitespacePosition): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::textWidth): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::runWidth): Deleted.
        * rendering/SimpleLineLayoutFlowContents.h:
        (WebCore::SimpleLineLayout::FlowContents::Iterator::Iterator):
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator*):
        (WebCore::SimpleLineLayout::FlowContents::begin):
        (WebCore::SimpleLineLayout::FlowContents::end):
        (WebCore::SimpleLineLayout::FlowContents::length):
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator++):
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator==):
        (WebCore::SimpleLineLayout::FlowContents::Iterator::operator!=):
        (WebCore::SimpleLineLayout::FlowContents::segmentIndexForPosition):
        (WebCore::SimpleLineLayout::FlowContents::TextFragment::TextFragment): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::TextFragment::isEmpty): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::hasOneSegment): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::style): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::characterAt): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::isLineBreak): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::isEnd): Deleted.
        * rendering/SimpleLineLayoutFlowContentsIterator.cpp: Copied from Source/WebCore/rendering/SimpleLineLayoutFlowContents.cpp.
        (WebCore::SimpleLineLayout::FlowContentsIterator::Style::Style):
        (WebCore::SimpleLineLayout::FlowContentsIterator::FlowContentsIterator):
        (WebCore::SimpleLineLayout::FlowContentsIterator::nextTextFragment):
        (WebCore::SimpleLineLayout::FlowContentsIterator::textWidth):
        (WebCore::SimpleLineLayout::nextBreakablePosition):
        (WebCore::SimpleLineLayout::FlowContentsIterator::findNextBreakablePosition):
        (WebCore::SimpleLineLayout::findNextNonWhitespace):
        (WebCore::SimpleLineLayout::FlowContentsIterator::findNextNonWhitespacePosition):
        (WebCore::SimpleLineLayout::FlowContentsIterator::runWidth):
        * rendering/SimpleLineLayoutFlowContentsIterator.h: Copied from Source/WebCore/rendering/SimpleLineLayoutFlowContents.h.
        (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::TextFragment):
        (WebCore::SimpleLineLayout::FlowContentsIterator::TextFragment::isEmpty):
        (WebCore::SimpleLineLayout::FlowContentsIterator::style):
        (WebCore::SimpleLineLayout::FlowContentsIterator::segmentForPosition):
        (WebCore::SimpleLineLayout::FlowContentsIterator::characterAt):
        (WebCore::SimpleLineLayout::FlowContentsIterator::isLineBreak):
        (WebCore::SimpleLineLayout::FlowContentsIterator::isEnd):

2015-01-28  Beth Dakin  <bdakin@apple.com>

        Remove Mountain Lion code from WebCore
        https://bugs.webkit.org/show_bug.cgi?id=141007

        Reviewed by Sam Weinig.

        * WebCore.exp.in:
        * page/AlternativeTextClient.h:
        * page/mac/SettingsMac.mm:
        (WebCore::Settings::initializeDefaultFontFamilies):
        * platform/cocoa/SystemVersion.mm:
        (WebCore::callGestalt): Deleted.
        (WebCore::createSystemMarketingVersion): Deleted.
        * platform/graphics/Font.cpp:
        (WebCore::Font::applyTransforms):
        * platform/graphics/WidthIterator.h:
        (WebCore::WidthIterator::supportsTypesettingFeatures):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::platformMaxTimeLoaded):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::supportsAcceleratedFilterAnimations):
        * platform/graphics/ca/PlatformCAFilters.h:
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::FontCache::platformInit):
        * platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:
        (WebCore::Extensions3DOpenGLCommon::Extensions3DOpenGLCommon):
        * platform/mac/PlatformEventFactoryMac.mm:
        (WebCore::phaseForEvent):
        * platform/mac/WebCoreSystemInterface.h:
        * platform/mac/WebCoreSystemInterface.mm:
        * platform/network/cf/SocketStreamHandleCFNet.cpp:
        (WebCore::SocketStreamHandle::createStreams):
        * platform/network/cocoa/CredentialCocoa.mm:
        (WebCore::toCredentialPersistence):
        * platform/spi/cocoa/CoreTextSPI.h:

2015-01-28  peavo@outlook.com  <peavo@outlook.com>

        [WinCairo] Compile error in media player implementation.
        https://bugs.webkit.org/show_bug.cgi?id=141004

        Reviewed by Brent Fulgham.

        MediaPlayer::cachedResourceLoader() returns a pointer to the resource loader, not a reference.

        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::setSize):
        (WebCore::MediaPlayerPrivateMediaFoundation::createVideoWindow):

2015-01-28  Jeremy Jones  <jeremyj@apple.com>

        Prevent implicit animation when setting fullscreen background to clear.
        https://bugs.webkit.org/show_bug.cgi?id=140888

        Reviewed by Eric Carlson.

        This patch decreases flicker when exiting fullscreen by preventing
        an implicit animation when changing the background to clear.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::exitFullscreenInternal):

2015-01-28  Dana Burkart  <dburkart@apple.com>

        Move ASan flag settings from DebugRelease.xcconfig to Base.xcconfig
        https://bugs.webkit.org/show_bug.cgi?id=136765

        Reviewed by Alexey Proskuryakov.

        * Configurations/Base.xcconfig:
        * Configurations/DebugRelease.xcconfig:
        * WebCore.xcodeproj/project.pbxproj:

2015-01-28  Chris Dumez  <cdumez@apple.com>

        Use an enum class for createFontFamilyValue()'s fromSystemFontID argument
        https://bugs.webkit.org/show_bug.cgi?id=140981

        Reviewed by Darin Adler.

        Use an enum class for createFontFamilyValue()'s fromSystemFontID argument
        instead of a simple enum, as suggested by Sam. This is a bit nicer.

        Also, use a boolean type for CSSFontFamily.fromSystemFontID instead of
        the enum type to facilitate handling. Using a enum (class) for
        CSSFontFamily's fromSystemFontID member is not useful as it is always
        accessed by name.

        * css/CSSFontFamily.h:
        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseSystemFont):
        * css/CSSValuePool.cpp:
        (WebCore::CSSValuePool::createFontFamilyValue):
        * css/CSSValuePool.h:

2015-01-28  Chris Dumez  <cdumez@apple.com>

        Fix typo in markPagesForVistedLinkStyleRecalc()
        https://bugs.webkit.org/show_bug.cgi?id=140977

        Reviewed by Darin Adler.

        * WebCore.exp.in:
        * history/CachedPage.h:
        (WebCore::CachedPage::markForVisitedLinkStyleRecalc):
        (WebCore::CachedPage::markForVistedLinkStyleRecalc): Deleted.
        * history/PageCache.cpp:
        (WebCore::PageCache::markPagesForVisitedLinkStyleRecalc):
        (WebCore::PageCache::markPagesForVistedLinkStyleRecalc): Deleted.
        * history/PageCache.h:

2015-01-28  Chris Dumez  <cdumez@apple.com>

        Unreviewed. Remove duplicate friend class statement after r179255.

        * history/PageCache.h:

2015-01-28  Darin Adler  <darin@apple.com>

        Make SVGElement::instancesForElement point to elements in the shadow tree, not SVGElementInstance objects
        https://bugs.webkit.org/show_bug.cgi?id=140984

        Reviewed by Anders Carlsson.

        Refactoring of code that is pretty well covered by existing tests, so
        not adding new tests.

        Inspired by work Rob Buis did in Blink:

            http://src.chromium.org/viewvc/blink?view=revision&revision=173275

        * page/EventHandler.cpp:
        (WebCore::EventHandler::clear): Removed code to zero m_lastInstanceUnderMouse.
        (WebCore::instanceAssociatedWithShadowTreeElement): Deleted.
        (WebCore::EventHandler::updateMouseEventTargetNode): Removed code that used
        m_lastInstanceUnderMouse to track events on an object after recloning.
        This behavior doesn't seem to be needed to pass any existing tests, and Rob
        removed it from Blink, so I'll take it out and we can bring if back, based
        on the original element rather than on the SVGElementInstance, if we find we
        need to restore the behavior in the future.

        * page/EventHandler.h: Removed m_lastInstanceUnderMouse.

        * svg/SVGAnimateElementBase.cpp:
        (WebCore::SVGAnimateElementBase::determineAnimatedPropertyType):
        Changed this function to take a reference and to call the updated version
        of the targetElement.animatedPropertyTypesForAttribute function.
        (WebCore::SVGAnimateElementBase::calculateAnimatedValue): Updated to pass
        a reference rather than a pointer.
        (WebCore::SVGAnimateElementBase::resetAnimatedType): Updated to pass
        references rather than pointers.
        (WebCore::applyCSSPropertyToTarget): Updated to take a reference.
        (WebCore::removeCSSPropertyFromTarget): Ditto.
        (WebCore::applyCSSPropertyToTargetAndInstances): Ditto. Also use a modern
        for loop, and iterate over shadow tree instances, not over SVGElementInstance.
        (WebCore::removeCSSPropertyFromTargetAndInstances): Ditto.
        (WebCore::notifyTargetAboutAnimValChange): Ditto.
        (WebCore::notifyTargetAndInstancesAboutAnimValChange): Ditto.
        (WebCore::SVGAnimateElementBase::clearAnimatedType): More of the same.
        (WebCore::SVGAnimateElementBase::applyResultsToTarget): Ditto.
        (WebCore::SVGAnimateElementBase::resetAnimatedPropertyType): Ditto.

        * svg/SVGAnimateElementBase.h: Changed determineAnimatedPropertyType to take
        a reference rahter than a pointer.

        * svg/SVGAnimateMotionElement.cpp:
        (WebCore::SVGAnimateMotionElement::applyResultsToTarget): Updated to use the
        new instances instead of SVGElementInstance. Also added code to skip work if
        the transform is not changing, and use the assignment operator instead of
        breaking one matrix down and calling setMatrix on the other.

        * svg/SVGAnimatedTypeAnimator.cpp:
        (WebCore::SVGAnimatedTypeAnimator::findAnimatedPropertiesForAttributeName):
        Changed to take a reference rather than a pointer, and rewrote to streamline,
        using modern for loops and using the new instances set.

        * svg/SVGAnimatedTypeAnimator.h: Removed the constructors from the
        SVGElementAnimatedProperties struct since we can build them just fine without
        them. Changed findAnimatedPropertiesForAttributeName to take a reference.

        * svg/SVGAnimationElement.cpp:
        (WebCore::SVGAnimationElement::currentValuesForValuesAnimation): Pass a
        reference rather than a pointer. Also streamlined the code a bit and removed
        a comment that tried to say exactly what the code was doing, but was outdated.

        * svg/SVGElement.cpp:
        (WebCore::SVGElement::~SVGElement): Disconnect all instances from this element
        and also disconnect the corresponding element from this element if it itself
        is an instance. This guarantees we have no dangling pointers.
        (WebCore::SVGElement::mapInstanceToElement): Deleted.
        (WebCore::SVGElement::removeInstanceMapping): Deleted.
        (WebCore::SVGElement::instances): Renamed from instancesForElement and changed
        to be a set of SVG element instances in the shadow tree, rather than
        SVGElementInstance objects.
        (WebCore::SVGElement::correspondingElement): Tweaked assertion a little and use
        nullptr instead of 0.
        (WebCore::SVGElement::correspondingUseElement): Added. Finds the use element
        that owns the shadow tree this element is in by following the host element
        pointer from the shadow root.
        (WebCore::SVGElement::setCorrespondingElement): Added code to insert or remove
        this element from the instances set of the corresponding element.
        (WebCore::SVGElement::animatedPropertyTypesForAttribute): Renamed from
        animatedPropertyTypeForAttribute and switched to use a return value instead of
        an out argument.
        (WebCore::SVGElement::addEventListener): Updated to use instances rather than
        the old instancesForElement.
        (WebCore::SVGElement::removeEventListener): Ditto.
        (WebCore::SVGElement::synchronizeAllAnimatedSVGAttribute): Pass a reference.
        (WebCore::SVGElement::synchronizeAnimatedSVGAttribute): Ditto.
        (WebCore::SVGElement::isPresentationAttributeWithSVGDOM): Updated to use the
        new function from AttributeToPropertyMap.

        * svg/SVGElement.h: Changed animatedPropertyTypesForAttribute name to be plural
        since it returns a vector of types, and made it use a return value instead of
        an out argument. Added the correspondingUseElement function, and removed the
        mapInstanceToElement and removeInstanceMapping functions.

        * svg/SVGElementInstance.cpp:
        (WebCore::SVGElementInstance::SVGElementInstance): Removed now-unneeded call to
        mapInstanceToElement. This is now handled entirely by the SVGElement itself.
        (WebCore::SVGElementInstance::detach): Removed now-unneeded call to
        removeInstanceMapping. This is now handled entirely by the SVGElement itself.
        (WebCore::SVGElementInstance::invalidateAllInstancesOfElement): Rewrote to be
        based on the instances set; logic is different now because we remove each
        element from that set as we go.

        * svg/SVGElementRareData.h:
        (WebCore::SVGElementRareData::SVGElementRareData): Removed initialization of
        pointers since we can do that where they are defined instead.
        (WebCore::SVGElementRareData::instances): Renamed from elementInstances and
        changed the type.
        (WebCore::SVGElementRareData::destroyAnimatedSMILStyleProperties): Deleted.
        Unneeded since it was already called just before deleting the rare data.

        * svg/SVGTests.cpp:
        (WebCore::SVGTests::SVGTests): Took advantage of using namespace.
        (WebCore::createSVGTestPropertyInfo): Added. Helper for function below.
        (WebCore::createSVGTextAttributeToPropertyMap): Ditto.
        (WebCore::SVGTests::attributeToPropertyMap): Changed to use the create function
        above. No longer allocates objects on the heap.
        (WebCore::SVGTests::hasExtension): Reworked #if code to make the MathML part
        independent rather than repeating the return statement.
        (WebCore::SVGTests::synchronizeAttribute): Added. Helper for functions below.
        (WebCore::SVGTests::synchronizeRequiredFeatures): Call synchronizeAttribute.
        (WebCore::SVGTests::synchronizeRequiredExtensions): Ditto.
        (WebCore::SVGTests::synchronizeSystemLanguage): Ditto.

        * svg/SVGTests.h: Removed unneeded forward declarations. Mark the many functions
        that do not depend on object state as static so the call sites don't wastefully
        pass a this pointer. Removed the unneeded requiredFeaturesPropertyInfo,
        requiredExtensionsPropertyInfo, and systemLanguagePropertyInfo functions.
        Added synchronizeAttribute helper function.

        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::invalidateDependentShadowTrees): Updated to use the
        new instances set and a modern for loop.

        * svg/properties/SVGAnimatedPropertyMacros.h: Pass reference to addProperty and
        made a few other small refinements.

        * svg/properties/SVGAttributeToPropertyMap.cpp:
        (WebCore::SVGAttributeToPropertyMap::addProperties): Fixed problems mentioned
        in FIXME where we did too much hashing and vector resizing.
        (WebCore::SVGAttributeToPropertyMap::addProperty): Streamlined to use a single
        hash table lookup.
        (WebCore::SVGAttributeToPropertyMap::properties): Renamed from
        animatedPropertiesForAttribute and changed to return a vector rather than using
        an out argument. Also had to change some since the vectors are in the hash table
        now rather than allocated on the heap.
        (WebCore::SVGAttributeToPropertyMap::types): Renamed from
        animatedPropertyTypeForAttribute and made changes just like the ones above.
        (WebCore::SVGAttributeToPropertyMap::synchronizeProperties): Use modern for
        loops, take a reference rather than a pointer, and use the function pointer
        directly instead of calling through a helper with various assertions.
        (WebCore::SVGAttributeToPropertyMap::synchronizeProperty): Ditto.

        * svg/properties/SVGAttributeToPropertyMap.h: Updated to match the changes
        above. Also changed the map to contain vectors instead of pointers to vectors.

2015-01-28  Darin Adler  <darin@apple.com>

        REGRESSION (r173698): Leaks of selector lists in CSS parsing
        https://bugs.webkit.org/show_bug.cgi?id=140993

        Reviewed by Anders Carlsson.

        * css/CSSGrammar.y.in: Fixed logic in rules that were not moving a parser-
        owned pointer into a unique_ptr in all code paths. The magic value
        invalidSelectorVector makes this really messy. We might want to find a
        different seolution in the future.

2015-01-28  Brent Fulgham  <bfulgham@apple.com>

        [Win] Unreviewed build fix after r179247.

        * history/PageCache.h: Need to declare NeverDestroyed specialization as
        a friend.

2015-01-28  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] Implement support for new AtkRole types for MathML
        https://bugs.webkit.org/show_bug.cgi?id=140916

        Reviewed by Chris Fleizach.

        Expose mfrac as ATK_ROLE_MATH_FRACTION, and both mroot and msqrt as
        ATK_ROLE_MATH_ROOT. In the case of script elements, expose the container
        (msub, msup, msubsup, and mmultiscripts) using the generic text block role
        ATK_ROLE_SECTION. Then expose the actual script child elements using role
        ATK_ROLE_SUBSCRIPT/ATK_ROLE_SUPERSCRIPT. In the case of mmultiscripts,
        expose whether it is a prescript or postscript via AtkObject attribute.

        Test: accessibility/math-multiscript-attributes.html
        Also added additional test cases to accessibility/roles-exposed.html

        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::isMathScriptObject): Added.
        (WebCore::AccessibilityObject::isMathMultiscriptObject): Added.
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::isMathScriptObject): Added.
        (WebCore::AccessibilityRenderObject::isMathMultiscriptObject): Added.
        * accessibility/AccessibilityRenderObject.h:
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (webkitAccessibleGetAttributes): Expose whether a multiscript object is a prescript or postscript.
        (atkRole): Map WebCore Accessibility objects to the new ATK roles.

2015-01-28  Chris Dumez  <cdumez@apple.com>

        Rename pageCache() to PageCache::shared() and return a reference
        https://bugs.webkit.org/show_bug.cgi?id=140983

        Reviewed by Andreas Kling.

        Rename pageCache() to PageCache::shared() as this is a singleton class
        and have it return a reference instead of a pointer.

        * history/BackForwardList.cpp:
        (WebCore::BackForwardList::addItem):
        (WebCore::BackForwardList::setCapacity):
        (WebCore::BackForwardList::clearAllPageCaches):
        (WebCore::BackForwardList::close):
        * history/CachedFrame.cpp:
        (WebCore::CachedFrame::CachedFrame):
        * history/HistoryItem.cpp:
        (WebCore::HistoryItem::setURL):
        * history/PageCache.cpp:
        (WebCore::PageCache::shared):
        (WebCore::PageCache::get):
        (WebCore::pageCache): Deleted.
        * history/PageCache.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::commitProvisionalLoad):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        * loader/HistoryController.cpp:
        (WebCore::HistoryController::invalidateCurrentItemCachedPage):
        (WebCore::HistoryController::updateForReload):
        * page/Frame.cpp:
        (WebCore::Frame::setPageAndTextZoomFactors):
        * page/Page.cpp:
        (WebCore::Page::setDeviceScaleFactor):
        (WebCore::Page::setPagination):
        (WebCore::Page::setVisitedLinkStore):
        * page/PageGroup.cpp:
        (WebCore::PageGroup::captionPreferencesChanged):
        * page/Settings.cpp:
        (WebCore::Settings::setUsesPageCache):
        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::releaseCriticalMemory):

2015-01-28  Darin Adler  <darin@apple.com>

        Fix MediaPlayerEngine leaks
        https://bugs.webkit.org/show_bug.cgi?id=140992

        Reviewed by Jer Noble.

        * platform/graphics/MediaPlayer.cpp:
        (WebCore::mutableInstalledMediaEnginesVector): Added.
        (WebCore::buildMediaEnginesVector): Added.
        (WebCore::installedMediaEngines): Changed this to be a vector of factories
        instead of a vector of heap-allocated factories. The old code would leak
        all the factories when this was called with the ResetEngines option.
        (WebCore::addMediaEngine): Updated for above change.
        (WebCore::bestMediaEngineForSupportParameters): Ditto.
        (WebCore::nextMediaEngine): Ditto.
        (WebCore::MediaPlayer::nextBestMediaEngine): Ditto.
        (WebCore::MediaPlayer::loadWithNextMediaEngine): Ditto.
        (WebCore::MediaPlayer::supportsType): Ditto.
        (WebCore::MediaPlayer::getSupportedTypes): Ditto.
        (WebCore::MediaPlayer::getSitesInMediaCache): Ditto.
        (WebCore::MediaPlayer::clearMediaCache): Ditto.
        (WebCore::MediaPlayer::clearMediaCacheForSite): Ditto.
        (WebCore::MediaPlayer::supportsKeySystem): Ditto.
        (WebCore::MediaPlayer::resetMediaEngines): Ditto.
        * platform/graphics/MediaPlayer.h: Ditto.

2015-01-28  Jeongmin Kim  <jm86.kim@lge.com>

        Rename descendentxxx to descendantxxxx in RenderLayerBacking
        https://bugs.webkit.org/show_bug.cgi?id=140979

        Reviewed by Martin Robinson.

        Rename descendentxxx to descendantxxxx in RenderLayerBacking
        for matching other variables and function names.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateConfiguration):
        (WebCore::RenderLayerBacking::updateAfterDescendants):
        (WebCore::RenderLayerBacking::updateChildClippingStrategy):
        (WebCore::RenderLayerBacking::paintsChildren):
        (WebCore::descendantLayerPaintsIntoAncestor):
        (WebCore::RenderLayerBacking::isPaintDestinationForDescendantLayers):
        (WebCore::descendentLayerPaintsIntoAncestor): Deleted.
        (WebCore::RenderLayerBacking::isPaintDestinationForDescendentLayers): Deleted.

2015-01-27  Chris Dumez  <cdumez@apple.com>

        Use a Ref<CachedResourceLoader> in Document instead of a RefPtr
        https://bugs.webkit.org/show_bug.cgi?id=140971

        Reviewed by Andreas Kling.

        Use a Ref<CachedResourceLoader> in Document instead of a RefPtr as it
        can never be null. Also have Document::cachedResourceLoader() return a
        reference instead of a pointer. This gets rid of a lot of unnecessary
        null-checks.

2015-01-27  Alexey Proskuryakov  <ap@apple.com>

        More build fixes for newer clang.

        Rubber-stamped by Anders Carlsson.

        * loader/icon/IconDatabase.h: Added missing override keywords.

2015-01-27  Roger Fong  <roger_fong@apple.com>

        WebGL2: Disable various extensions on WebGL2 context that have been promoted to core.
        https://bugs.webkit.org/show_bug.cgi?id=140907.
        <rdar://problem/19545857>

        Reviewed by Brent Fulgham.

        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::getExtension):
        (WebCore::WebGL2RenderingContext::getSupportedExtensions):
        * html/canvas/WebGL2RenderingContext.h:
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::getExtension):
        (WebCore::WebGLRenderingContext::getSupportedExtensions):
        * html/canvas/WebGLRenderingContext.h:
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::getSupportedExtensions): Deleted.
        * html/canvas/WebGLRenderingContextBase.h:
        * html/canvas/WebGLRenderingContextBase.idl: 
        Remove some extra extension enums that shouldn't have been declared on the context idl.

2015-01-27  Chris Dumez  <cdumez@apple.com>

        Remove unnecessary m_cachedPage null-checks in PageCache
        https://bugs.webkit.org/show_bug.cgi?id=140965

        Reviewed by Andreas Kling.

        Remove unnecessary m_cachedPage null-checks in PageCache. We initialize
        m_cachedPage when inserting the HistoryItem in the page cache and clear
        it when removing it from the page cache. Therefore, it is guaranteed
        that HistoryItems currently in the page cache have m_cachedPage
        initialized and there is no need to null-check it.

        * history/PageCache.cpp:
        (WebCore::PageCache::frameCount):
        (WebCore::PageCache::markPagesForVistedLinkStyleRecalc):
        (WebCore::PageCache::markPagesForFullStyleRecalc):
        (WebCore::PageCache::markPagesForDeviceScaleChanged):
        (WebCore::PageCache::markPagesForCaptionPreferencesChanged):

2015-01-27  Alexey Proskuryakov  <ap@apple.com>

        Some NSAccessibility methods we use are deprecated on 10.10
        https://bugs.webkit.org/show_bug.cgi?id=140966

        Reviewed by Anders Carlsson.

        * accessibility/mac/AccessibilityObjectMac.mm:
        (WebCore::AccessibilityObject::overrideAttachmentParent):
        (WebCore::AccessibilityObject::accessibilityIgnoreAttachment):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper role]):
        (-[WebAccessibilityObjectWrapper roleDescription]):
        Silence the warnings for now.

2015-01-27  Chris Dumez  <cdumez@apple.com>

        Rename isExpandedShorthand() to isShorthandCSSProperty() for clarity
        https://bugs.webkit.org/show_bug.cgi?id=140954

        Reviewed by Andreas Kling.

        Rename isExpandedShorthand() to isShorthandCSSProperty() for clarity as
        all CSS shorthand properties are now expanded during parsing (even
        'font').

        * css/StylePropertyShorthand.cpp:
        (WebCore::isShorthandCSSProperty):
        (WebCore::isExpandedShorthand): Deleted.
        * css/StylePropertyShorthand.h:
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):
        * css/makeprop.pl:

2015-01-27  Eric Carlson  <eric.carlson@apple.com>

        Simplify http/tests/media/video-play-stall.html
        https://bugs.webkit.org/show_bug.cgi?id=140630

        Reviewed by Brent Fulgham.

        Test: http/tests/media/video-play-waiting.html

        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::play): Add more logging.
        (WebCore::MediaPlayerPrivateAVFoundation::updateStates): MediaPlayerAVPlayerItemStatusPlaybackBufferEmpty
            always maps to HaveCurrentData.
        (WebCore::MediaPlayerPrivateAVFoundation::scheduleMainThreadNotification): Don't log FunctionType,
            doing so it needlessly verbose.
        (WebCore::MediaPlayerPrivateAVFoundation::dispatchNotification): Ditto.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (-[WebCoreAVFMovieObserver observeValueForKeyPath:ofObject:change:context:]): Log KVO property 
            values and notification state.

2015-01-27  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r179192.
        https://bugs.webkit.org/show_bug.cgi?id=140953

        Caused numerous layout test failures (Requested by mattbaker_
        on #webkit).

        Reverted changeset:

        "Use FastMalloc (bmalloc) instead of BlockAllocator for GC
        pages"
        https://bugs.webkit.org/show_bug.cgi?id=140900
        http://trac.webkit.org/changeset/179192

2015-01-27  Benjamin Poulain  <bpoulain@apple.com>

        Modernize some constructors of the CSS JIT
        https://bugs.webkit.org/show_bug.cgi?id=140903

        Reviewed by Darin Adler.

        Two constructors were still using the old style.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::SelectorFragment::SelectorFragment): Deleted.
        (WebCore::SelectorCompiler::TagNamePattern::TagNamePattern): Deleted.

2015-01-27  Brent Fulgham  <bfulgham@apple.com>

        [Win] Unreviewed build fix.

        Lack of include guards in WebVTTElement.h caused a build failure once we started including
        this header file from more than one implementation file.

        * html/track/WebVTTElement.h:

2015-01-26  Sylvain Galineau  <galineau@adobe.com>

        CSSKeyframesRule::findRule() and deleteRule() should delete the last matching rule, not the first
        https://bugs.webkit.org/show_bug.cgi?id=139732

        Reviewed by Dean Jackson and Darin Adler.

        No new tests because existing tests have been updated to verify this behavior.

        * css/CSSKeyframeRule.h:
        (WebCore::StyleKeyframe::getKeys): Deleted.
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::keyframeStylesForAnimation): use StyleKeyframe::keys().
        * css/CSSKeyframeRule.cpp:
        (WebCore::StyleKeyframe::parseKeyString): Deleted. Moved to CSSParser.
        (WebCore::StyleKeyframe::keyText): Build keyframe selector from Vector<double> representation.
        * css/CSSKeyframeRule.h:
        (WebCore::StyleKeyframe::setKeyText): parse keyframe selector into Vector<double>.
        (WebCore::StyleKeyframe::keys): Added. Returns vector representation of selector keys.
        (WebCore::StyleKeyframe::getKeys): Deleted. Now keys().
        * css/CSSKeyframesRule.cpp:
        (WebCore::StyleRuleKeyframes::findKeyframeIndex): Return last matching rule.
        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseKeyframeSelector): Added. Moved from StyleKeyframe.
        * css/CSSParser.h:
        (WebCore::CSSParser::parseKeyframeSelector): Added. Moved from StyleKeyframe.

2015-01-26  Geoffrey Garen  <ggaren@apple.com>

        Use FastMalloc (bmalloc) instead of BlockAllocator for GC pages
        https://bugs.webkit.org/show_bug.cgi?id=140900

        Reviewed by Mark Hahnenberg.

        * platform/cocoa/MemoryPressureHandlerCocoa.mm:
        (WebCore::MemoryPressureHandler::install): Be sure to release other
        memory after GC and not before, since GC might contribute to free
        malloc pages now.

2015-01-27  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Make FlowContents an iterator class.
        https://bugs.webkit.org/show_bug.cgi?id=140909

        Reviewed by Antti Koivisto.

        This patch transfers content position handling from createLineRuns()/LineState to
        FlowContents. FlowContents becomes a real iterator class.
        It tightens content and position information so that we can start supporting
        no textual content such as <br>.

        No change in functionality.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::LineState::commitAndCreateRun): Remove redundant committedLogicalRight.
        (WebCore::SimpleLineLayout::LineState::addUncommitted): Now that we don't have current
        positon in LineState, we need to be able to figure out where we start the uncommitted content.
        This is mainly relevant after collapsed whitespace, when we start a new uncommitted segment.
        It was previously achieved through LineState::jumpTo().
        (WebCore::SimpleLineLayout::LineState::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::firstFragment): Return the first fragment for this line.
        (WebCore::SimpleLineLayout::createLineRuns): Renaming and removing position handling.
        (WebCore::SimpleLineLayout::closeLineEndingAndAdjustRuns): Renaming.
        (WebCore::SimpleLineLayout::createTextRuns):
        (WebCore::SimpleLineLayout::LineState::jumpTo): Deleted.
        (WebCore::SimpleLineLayout::initializeNewLine): Deleted. : Move overflow fragment functionality
        to firstFragment().
        * rendering/SimpleLineLayoutFlowContents.cpp:
        (WebCore::SimpleLineLayout::FlowContents::nextTextFragment):
        * rendering/SimpleLineLayoutFlowContents.h:

2015-01-27  Chris Dumez  <cdumez@apple.com>

        HTMLElement.dir should only return known values
        https://bugs.webkit.org/show_bug.cgi?id=140925

        Reviewed by Darin Adler.

        HTMLElement.dir should only return known values according to the HTML
        specification:
        https://html.spec.whatwg.org/multipage/dom.html#dom-document-dir

        Chrome and Firefox 28 match the specification. IE11's behavior is
        slightly different:
        - When setting an unknown 'dir' value, an exception will be thrown.
        - Setting a known 'dir' value in a non-canonical case (e.g. "RTL"),
          the value will be directly converted to its canonical form (e.g.
          "rtl") before updating the DOM tree. (close to the spec but changing
          the case upon setting).

        This patch is based on the following Blink revision by me:
        https://src.chromium.org/viewvc/blink?view=rev&revision=171861

        Test: fast/dom/document-dir-property.html

        * html/HTMLDocument.cpp:
        (WebCore::HTMLDocument::dir):
        (WebCore::HTMLDocument::setDir):
        * html/HTMLDocument.h:
        * html/HTMLElement.cpp:
        (WebCore::toValidDirValue):
        (WebCore::HTMLElement::dir):
        (WebCore::HTMLElement::setDir):
        * html/HTMLElement.h:
        * html/HTMLElement.idl:

2015-01-26  Chris Dumez  <cdumez@apple.com>

        Introduce Document::body() for call sites interested in the <body> element
        https://bugs.webkit.org/show_bug.cgi?id=140920

        Reviewed by Darin Adler.

        Introduce Document::body() method for call sites interested only in the
        document's <body> element (not the <frameset>). Also clean up the call
        sites of Document::bodyOrFrameset() to cache the return value when
        suitable as this method does a tree traversal.

        This patch does not change behavior, it merely ports calls sites that
        were calling Document::bodyOrFrameset() then checking if the tag was
        <body>, to call Document::body() instead. Doing so is more efficient
        and clearer.

2015-01-26  Brent Fulgham  <bfulgham@apple.com>

        [Win] ASSERTION FAILED !m_ptr under AccessibilityController::winAddNotificationListener
        https://bugs.webkit.org/show_bug.cgi?id=87426
        <rdar://problem/11527899>

        Reviewed by Darin Adler.

        Revise COMPtr to work better with our HashMap implementation:
        (1) Add a specialization for IsSmartPtr.
        (2) Remove PtrHash specialization.
        (3) Refresh HashTrails specialization for COMPtr to match what we
        do for RefPtr.

        * platform/win/COMPtr.h:

2015-01-26  Sylvain Galineau  <galineau@adobe.com>

        The computed value of line-height:normal is incorrect
        https://bugs.webkit.org/show_bug.cgi?id=133744

        Reviewed by Dean Jackson.

        Use font's line spacing as computed line-height value when specified value is 'normal'.
        This behavior is compatible with all other engines.

        No new tests; all existing tests are updated to reflect the new computed value.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::lineHeightFromStyle): If line-height wasn't set, use the font's line spacing (same as Blink).

2015-01-26  Chris Dumez  <cdumez@apple.com>

        Document.dir should reflect the 'dir' attribute of the root html element
        https://bugs.webkit.org/show_bug.cgi?id=140922

        Reviewed by Darin Adler.

        Document.dir should reflect the 'dir' content attribute of the root
        <html> element as per the specification:
        https://html.spec.whatwg.org/multipage/dom.html#dom-document-dir

        Previously, WebKit was reflecting the 'dir' content attribute of the
        body element. This patch aligns WebKit with the specification and the
        behavior of other browsers (tested Firefox 28, IE11 and Chrome).

        This patch is based on the following Blink revision by me:
        https://src.chromium.org/viewvc/blink?revision=171734&view=revision

        Test: fast/dom/document-dir-property.html

        * html/HTMLDocument.cpp:
        (WebCore::HTMLDocument::dir):
        (WebCore::HTMLDocument::setDir):
        * html/HTMLDocument.h:

2015-01-26  Darin Adler  <darin@apple.com>

        REGRESSION (r179101): SVGUseElement::expandUseElementsInShadowTree has an object lifetime mistake
        https://bugs.webkit.org/show_bug.cgi?id=140921

        Reviewed by Alexey Proskuryakov.

        Bug found by running regression tests with Address Sanitizer.

        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::expandUseElementsInShadowTree): Use a Ref to protect
        the original use element after it's been replaced in the tree; we use it for
        one more thing after that.

2015-01-26  Roger Fong  <roger_fong@apple.com>

        WebGL 2.0: Actually allow for experimental-webgl2 context creation.
        https://bugs.webkit.org/show_bug.cgi?id=140906
        <rdar://problem/19606875>.

        Reviewed by Brent Fulgham.

        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::is3dType): Include "experimental-webgl2" in the list of acceptable 3d context types.

2015-01-26  Chris Dumez  <cdumez@apple.com>

        Rename Document::body() to Document::bodyOrFrameset() for clarity
        https://bugs.webkit.org/show_bug.cgi?id=140902

        Reviewed by Andreas Kling.

        Rename Document::body() to Document::bodyOrFrameset() for clarity. This
        method does not necessarily return an HTMLBodyElement, it can also
        return a frameset as per the specification:
        http://www.w3.org/TR/html5/dom.html#dom-tree-accessors

        This method is often misused internally (the caller is only interested
        in the <body> element). I will fix these instances in a follow-up patch,
        this patch is only renaming mechanically.

2015-01-26  Byungseon Shin  <sun.shin@lge.com>

        Fix Border-radius clipping issue on a composited descendants
        https://bugs.webkit.org/show_bug.cgi?id=138551 

        Reviewed by Simon Fraser.

        Fix assertion in RenderLayerBacking::paintIntoLayer
        by not checking out of sync with the GraphicsLayer heirarchy
        in GraphicsLayerPaintChildClippingMask phase.

        Test: compositing/clipping/border-radius-overflow-hidden-stacking-context.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::paintIntoLayer):

2015-01-26  Chris Dumez  <cdumez@apple.com>

        Simplify RenderElement's shouldRepaintForImageAnimation()
        https://bugs.webkit.org/show_bug.cgi?id=140890

        Reviewed by Darin Adler.

        Simplify RenderElement's shouldRepaintForImageAnimation() by
        not calling rendererForRootBackground(). The previous code was
        doing a null-check on Document::documentElement() but failing
        to do a null-check on the renderer just after, which lead me
        to refactor this code.

        Instead of calling document().documentElement.renderer(), we
        now call renderer.parent(). This is equivalent because we already
        know that renderer.isBody() returns true. The parent of the <body>
        has to be the <html> element, which has to be the documentElement.
        There is also no need to do a null-check on renderer.parent(). We
        already know that the <body> has a renderer (because |renderer| is
        its renderer), thus its parent <html> element has to have a renderer
        as well.

        Finally, simply call !rootElement.hasBackground() instead of
        rootElement.rendererForRootBackground() == &bodyRenderer to determine
        if the background painted by the root. This is equivalent but more
        efficient because:
        - We already know that the root renderer's is an <html> element. We
          can thus avoid the check in rendererForRootBackground().
        - We already have the <body>'s renderer so we don't need to do the
          DOM tree traversal in rendererForRootBackground() to get it.

        No new tests, already covered by:
        fast/images/animated-gif-body-delegated-background-image.html
        fast/images/animated-gif-html-background-image.html

        * rendering/RenderElement.cpp:
        (WebCore::shouldRepaintForImageAnimation):

2015-01-26  Chris Dumez  <cdumez@apple.com>

        First argument to DOM traversal functions should be a reference
        https://bugs.webkit.org/show_bug.cgi?id=140895

        Reviewed by Antti Koivisto.

        First argument to DOM traversal functions should be a reference instead
        of a pointer as it is dereferenced without null-check.

2015-01-26  Roger Fong  <roger_fong@apple.com>

        [WebGL2] Update IDL for WebGL2.
        https://bugs.webkit.org/show_bug.cgi?id=126406
        <rdar://problem/15002268>.

        Reviewed by Brent Fulgham.

        Update WebGL2RenderingContext idl to match spec. Create method stubs as necessary.

        * bindings/js/JSWebGL2RenderingContextCustom.cpp:
        (WebCore::JSWebGL2RenderingContext::getFramebufferAttachmentParameter):
        (WebCore::JSWebGL2RenderingContext::getInternalformatParameter):
        (WebCore::JSWebGL2RenderingContext::getQueryParameter):
        (WebCore::JSWebGL2RenderingContext::getSamplerParameter):
        (WebCore::JSWebGL2RenderingContext::getSyncParameter):
        (WebCore::JSWebGL2RenderingContext::getIndexedParameter):
        (WebCore::JSWebGL2RenderingContext::getActiveUniformBlockParameter):
        (WebCore::JSWebGL2RenderingContext::getActiveUniformBlockName):
        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::copyBufferSubData):
        (WebCore::WebGL2RenderingContext::getBufferSubData):
        (WebCore::WebGL2RenderingContext::getFramebufferAttachmentParameter):
        (WebCore::WebGL2RenderingContext::blitFramebuffer):
        (WebCore::WebGL2RenderingContext::framebufferTextureLayer):
        (WebCore::WebGL2RenderingContext::getInternalformatParameter):
        (WebCore::WebGL2RenderingContext::invalidateFramebuffer):
        (WebCore::WebGL2RenderingContext::invalidateSubFramebuffer):
        (WebCore::WebGL2RenderingContext::readBuffer):
        (WebCore::WebGL2RenderingContext::renderbufferStorageMultisample):
        (WebCore::WebGL2RenderingContext::texStorage2D):
        (WebCore::WebGL2RenderingContext::texStorage3D):
        (WebCore::WebGL2RenderingContext::texImage3D):
        (WebCore::WebGL2RenderingContext::texSubImage3D):
        (WebCore::WebGL2RenderingContext::copyTexSubImage3D):
        (WebCore::WebGL2RenderingContext::compressedTexImage3D):
        (WebCore::WebGL2RenderingContext::compressedTexSubImage3D):
        (WebCore::WebGL2RenderingContext::getFragDataLocation):
        (WebCore::WebGL2RenderingContext::uniform1ui):
        (WebCore::WebGL2RenderingContext::uniform2ui):
        (WebCore::WebGL2RenderingContext::uniform3ui):
        (WebCore::WebGL2RenderingContext::uniform4ui):
        (WebCore::WebGL2RenderingContext::uniform1uiv):
        (WebCore::WebGL2RenderingContext::uniform2uiv):
        (WebCore::WebGL2RenderingContext::uniform3uiv):
        (WebCore::WebGL2RenderingContext::uniform4uiv):
        (WebCore::WebGL2RenderingContext::uniformMatrix2x3fv):
        (WebCore::WebGL2RenderingContext::uniformMatrix3x2fv):
        (WebCore::WebGL2RenderingContext::uniformMatrix2x4fv):
        (WebCore::WebGL2RenderingContext::uniformMatrix4x2fv):
        (WebCore::WebGL2RenderingContext::uniformMatrix3x4fv):
        (WebCore::WebGL2RenderingContext::uniformMatrix4x3fv):
        (WebCore::WebGL2RenderingContext::vertexAttribI4i):
        (WebCore::WebGL2RenderingContext::vertexAttribI4iv):
        (WebCore::WebGL2RenderingContext::vertexAttribI4ui):
        (WebCore::WebGL2RenderingContext::vertexAttribI4uiv):
        (WebCore::WebGL2RenderingContext::vertexAttribIPointer):
        (WebCore::WebGL2RenderingContext::vertexAttribDivisor):
        (WebCore::WebGL2RenderingContext::drawArraysInstanced):
        (WebCore::WebGL2RenderingContext::drawElementsInstanced):
        (WebCore::WebGL2RenderingContext::drawRangeElements):
        (WebCore::WebGL2RenderingContext::drawBuffers):
        (WebCore::WebGL2RenderingContext::clearBufferiv):
        (WebCore::WebGL2RenderingContext::clearBufferuiv):
        (WebCore::WebGL2RenderingContext::clearBufferfv):
        (WebCore::WebGL2RenderingContext::clearBufferfi):
        (WebCore::WebGL2RenderingContext::createQuery):
        (WebCore::WebGL2RenderingContext::deleteQuery):
        (WebCore::WebGL2RenderingContext::isQuery):
        (WebCore::WebGL2RenderingContext::beginQuery):
        (WebCore::WebGL2RenderingContext::endQuery):
        (WebCore::WebGL2RenderingContext::getQuery):
        (WebCore::WebGL2RenderingContext::getQueryParameter):
        (WebCore::WebGL2RenderingContext::createSampler):
        (WebCore::WebGL2RenderingContext::deleteSampler):
        (WebCore::WebGL2RenderingContext::isSampler):
        (WebCore::WebGL2RenderingContext::bindSampler):
        (WebCore::WebGL2RenderingContext::samplerParameteri):
        (WebCore::WebGL2RenderingContext::samplerParameterf):
        (WebCore::WebGL2RenderingContext::getSamplerParameter):
        (WebCore::WebGL2RenderingContext::fenceSync):
        (WebCore::WebGL2RenderingContext::isSync):
        (WebCore::WebGL2RenderingContext::deleteSync):
        (WebCore::WebGL2RenderingContext::clientWaitSync):
        (WebCore::WebGL2RenderingContext::waitSync):
        (WebCore::WebGL2RenderingContext::getSyncParameter):
        (WebCore::WebGL2RenderingContext::createTransformFeedback):
        (WebCore::WebGL2RenderingContext::deleteTransformFeedback):
        (WebCore::WebGL2RenderingContext::isTransformFeedback):
        (WebCore::WebGL2RenderingContext::bindTransformFeedback):
        (WebCore::WebGL2RenderingContext::beginTransformFeedback):
        (WebCore::WebGL2RenderingContext::endTransformFeedback):
        (WebCore::WebGL2RenderingContext::transformFeedbackVaryings):
        (WebCore::WebGL2RenderingContext::getTransformFeedbackVarying):
        (WebCore::WebGL2RenderingContext::pauseTransformFeedback):
        (WebCore::WebGL2RenderingContext::resumeTransformFeedback):
        (WebCore::WebGL2RenderingContext::bindBufferBase):
        (WebCore::WebGL2RenderingContext::bindBufferRange):
        (WebCore::WebGL2RenderingContext::getIndexedParameter):
        (WebCore::WebGL2RenderingContext::getUniformIndices):
        (WebCore::WebGL2RenderingContext::getActiveUniforms):
        (WebCore::WebGL2RenderingContext::getUniformBlockIndex):
        (WebCore::WebGL2RenderingContext::getActiveUniformBlockParameter):
        (WebCore::WebGL2RenderingContext::getActiveUniformBlockName):
        (WebCore::WebGL2RenderingContext::uniformBlockBinding):
        (WebCore::WebGL2RenderingContext::createVertexArray):
        (WebCore::WebGL2RenderingContext::deleteVertexArray):
        (WebCore::WebGL2RenderingContext::isVertexArray):
        (WebCore::WebGL2RenderingContext::bindVertexArray):
        * html/canvas/WebGL2RenderingContext.h:
        * html/canvas/WebGL2RenderingContext.idl:
        * platform/graphics/GraphicsTypes3D.h:

2015-01-26  Andreas Kling  <akling@apple.com>

        Don't let the CSSValuePool's font family cache grow unbounded.
        <https://webkit.org/b/140894>

        Reviewed by Chris Dumez.

        Darin pointed out to Chris who pointed out to me that the font family cache
        in CSSValuePool can grow unbounded until we get a system memory pressure
        notification. Put a limit on it like we did with the font face cache.

        * css/CSSValuePool.cpp:
        (WebCore::CSSValuePool::createFontFamilyValue):

2015-01-26  Andreas Kling  <akling@apple.com>

        Plug leak in jsValueWithDictionaryInContext().
        <https://webkit.org/b/140889>

        Reviewed by Alexey Proskuryakov.

        Add a missing JSStringRelease to plug leak that was showing up on leaks bot.

        * platform/mac/SerializedPlatformRepresentationMac.mm:
        (WebCore::jsValueWithDictionaryInContext):

2015-01-26  Benjamin Poulain  <benjamin@webkit.org>

        Fix CSS Selector's tag name matching when mixing HTML and XML
        https://bugs.webkit.org/show_bug.cgi?id=140878

        Reviewed by Darin Adler.

        Previsouly, WebKit was unable to match any XML element that had
        any uppercase character if the stylesheet was in a HTML document.
        This problem was most often reported due to the inability to style
        SVG-in-HTML.

        The reason was that the tag local name was incorrectly transformed
        to lowercase at parsing time. Instead, we are supposed to only
        do case-insensitive match for HTML elements in a HTML document.

        This fix is very similar with how we handle attributes:
        -Keep both the original and the lowercase versions of the name.
        -When matching, chose which version to use depending on the element being matched.

        There is one major difference in the way the names are stored.
        Unlike attribute selectors, tag name selectors are common, and the uppercase
        version is not that uncommon. I wanted to preserve the dense representation
        so I specialized CSSSelector specifically for tag names.

        To store the data, if the name is already lowercase, just use the m_data pointer
        as usual.
        If the name is not lowercase, allocate a new small structure in the union to store
        both names.

        Tests: fast/css/tagname-and-namespace-case-sensitivity-xml-in-html.html
               fast/css/tagname-and-namespace-case-sensitivity-xml-in-xhtml-expected.xhtml
               fast/css/tagname-and-namespace-case-sensitivity-xml-in-xhtml.xhtml
               fast/css/tagname-case-sensitivity-svg-in-html.html
               fast/css/tagname-case-sensitivity-svg-in-xhtml-expected.xhtml
               fast/css/tagname-case-sensitivity-svg-in-xhtml.xhtml
               fast/css/tagname-case-sensitivity-xml-in-html.html
               fast/css/tagname-case-sensitivity-xml-in-xhtml-expected.xhtml
               fast/css/tagname-case-sensitivity-xml-in-xhtml.xhtml
               fast/selectors/element-closest-tagname-case-sensitivity-svg-in-html.html
               fast/selectors/element-closest-tagname-case-sensitivity-svg-in-xhtml.xhtml
               fast/selectors/element-matches-tagname-case-sensitivity-svg-in-html.html
               fast/selectors/element-matches-tagname-case-sensitivity-svg-in-xhtml.xhtml
               fast/selectors/querySelector-tagname-case-sensitivity-svg-in-html.html
               fast/selectors/querySelector-tagname-case-sensitivity-svg-in-xhtml.xhtml
               fast/selectors/querySelector-tagname-case-sensitivity-xml-in-html.html
               fast/selectors/querySelector-tagname-case-sensitivity-xml-in-xhtml.xhtml
               fast/selectors/tagname-adjacent-backtracking-case-sensitivity-html.html
               fast/selectors/tagname-descendant-backtracking-case-sensitivity-html.html

        * css/CSSGrammar.y.in:
        The parser is unaware of anything case related. CSSSelector takes care of that.

        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::CSSSelector):
        (WebCore::CSSSelector::createRareData):
        * css/CSSSelector.h:
        (WebCore::CSSSelector::NameWithCase::NameWithCase):
        (WebCore::CSSSelector::CSSSelector):
        (WebCore::CSSSelector::~CSSSelector):
        (WebCore::CSSSelector::tagQName):
        (WebCore::CSSSelector::tagLowercaseLocalName):
        The new representation stores both the original form and the lower case
        form.

        * css/RuleSet.cpp:
        (WebCore::RuleSet::addRule):
        (WebCore::RuleSet::shrinkToFit):
        * css/RuleSet.h:
        (WebCore::RuleSet::tagRules):
        * css/ElementRuleCollector.cpp:
        (WebCore::ElementRuleCollector::collectMatchingRules):
        The tag name partition is now split in two: lowercase and original case.
        If the matched element is HTML, the lowercase partition is used. 

        * css/SelectorFilter.cpp:
        (WebCore::collectElementIdentifierHashes):
        (WebCore::collectDescendantSelectorIdentifierHashes):
        This is the most annoying part of the patch performance wise:
        the bloom filter knows the case of the real elements but it cannot know
        how selectors will match them.

        To make it work, all names are now converted to lowercase.
        That implies that we can filter less on XML and we may have to pay for
        converting the tag name to lowercase.

        I expect the performance hit to be small because:
        -Having two XML elements with the same name but different case is uncommon.
        -Most elements use lowercase names.

        Still sad...that's the price to pay for correctness.

        * css/SelectorChecker.cpp:
        (WebCore::tagMatches):
        (WebCore::SelectorChecker::checkOne):
        * css/SelectorChecker.h:
        (WebCore::SelectorChecker::tagMatches): Deleted.
        Update the legacy matcher, nothing special.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::SelectorFragment::SelectorFragment):
        (WebCore::SelectorCompiler::TagNamePattern::TagNamePattern):
        (WebCore::SelectorCompiler::constructFragmentsInternal):
        (WebCore::SelectorCompiler::equalTagNames):
        (WebCore::SelectorCompiler::equalTagNamePatterns):
        (WebCore::SelectorCompiler::computeBacktrackingStartOffsetInChain):
        (WebCore::SelectorCompiler::computeBacktrackingHeightFromDescendant):
        (WebCore::SelectorCompiler::computeBacktrackingWidthFromIndirectAdjacent):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatching):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementHasTagName):
        Tag names are used to optimize backtracking; this is quite common for descendant
        (e.g. div > ul > li).
        We have to differenciate one new case there: if two tag names are equal
        when compared case-insensitively but strictly different, they may still
        be equal if they don't match the same kind of elements or both matches
        and HTML element.

        * dom/SelectorQuery.cpp:
        (WebCore::localNameMatches):
        (WebCore::elementsForLocalName):
        (WebCore::SelectorDataList::executeSingleTagNameSelectorData):
        Update the inline versions of SelectorQuery.

2015-01-26  Chris Dumez  <cdumez@apple.com>

        Use std::forward() instead of WTF::move() in CSSPrimitiveValue::create(T&& value)
        https://bugs.webkit.org/show_bug.cgi?id=140891

        Reviewed by Anders Carlsson.

        Use std::forward() instead of WTF::move() in CSSPrimitiveValue::create(T&& value)
        to make sure the argument is not unexpectedly moved when it shouldn't (like I
        experienced yesterday in Bug 140577):
        <http://trac.webkit.org/changeset/179105>

        * css/CSSPrimitiveValue.h:
        (WebCore::CSSPrimitiveValue::create):
        * css/CSSValuePool.h:
        (WebCore::CSSValuePool::createValue):

2015-01-26  Beth Dakin  <bdakin@apple.com>

        Blacklist iBooks for WebKit's default immediate actions
        https://bugs.webkit.org/show_bug.cgi?id=140854
        -and corresponding-
        rdar://problem/19489518

        Reviewed by Tim Horton.

        Add a runtime check for iBooks.
        * WebCore.exp.in:
        * platform/RuntimeApplicationChecks.cpp:
        (WebCore::applicationIsIBooks):
        * platform/RuntimeApplicationChecks.h:

2015-01-26  Myles C. Maxfield  <mmaxfield@apple.com>

        [iOS] [SVG -> OTF Converter] Flip the switch off on iOS
        https://bugs.webkit.org/show_bug.cgi?id=140860

        Reviewed by Darin Adler.

        No new tests because this simply reverts broken code.

        The fonts it makes are grotesque. (See what I did there? Typographic
        humor is the best humor.)

        * Configurations/FeatureDefines.xcconfig:

2015-01-26  Chris Dumez  <cdumez@apple.com>

        Demote 'line-height' to a low priority property.
        https://bugs.webkit.org/show_bug.cgi?id=140817

        Reviewed by Andreas Kling.

        Our special handling of the 'line-height' property is no longer
        required, since the 'font' shorthand is now expanded in the parser
        in all cases (also for system fonts).

        This patch is based on the following Blink revision:
        https://src.chromium.org/viewvc/blink?revision=184629&view=revision

        No new tests, already covered by:
        fast/css/font-shorthand-line-height.html
        fast/css/line-height-font-order.html

        * css/CSSPropertyNames.in:
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::styleForKeyframe):
        (WebCore::StyleResolver::styleForPage):
        (WebCore::StyleResolver::applyMatchedProperties):
        (WebCore::StyleResolver::initializeFontStyle):
        (WebCore::StyleResolver::CascadedProperties::Property::apply):
        * css/StyleResolver.h:
        (WebCore::StyleResolver::State::State):
        (WebCore::StyleResolver::State::setLineHeightValue): Deleted.
        (WebCore::StyleResolver::State::lineHeightValue): Deleted.

2015-01-26  Michael Catanzaro  <mcatanzaro@igalia.com>

        [GTK] gtkdoc does not appear in DevHelp
        https://bugs.webkit.org/show_bug.cgi?id=139369

        Reviewed by Philippe Normand.

        * PlatformGTK.cmake: Include the API version in the gtkdoc filenames.

2015-01-25  Chris Dumez  <cdumez@apple.com>

        Remove 'font' shorthand property special casing
        https://bugs.webkit.org/show_bug.cgi?id=140577

        Reviewed by Darin Adler.

        Mark CSSPrimitiveValue::m_value.fontFamily as const as it is not
        supposed to change. This also makes sure that m_value.fontFamily
        gets copied instead of moved when constructing a clone in
        CSSPrimitiveValue::cloneForCSSOM(). This was causing several tests
        to fail on the bots.

        * css/CSSPrimitiveValue.h:

2015-01-25  Alexey Proskuryakov  <ap@apple.com>

        Setting HTMLMarqueeElement.trueSpeed doesn't work
        https://bugs.webkit.org/show_bug.cgi?id=140863

        Reviewed by Darin Adler.

        Test: fast/html/marquee-set-truespeed.html

        * html/HTMLMarqueeElement.cpp: (WebCore::HTMLMarqueeElement::minimumDelay):
        Check the boolean attribute properly - an empty value is true.

2015-01-25  Darin Adler  <darin@apple.com>

        Streamline SVGUseElement shadow tree handling and make it use SVGElementInstance less
        https://bugs.webkit.org/show_bug.cgi?id=140875

        Reviewed by Anders Carlsson.

        Refactoring of code that is pretty well covered by existing tests, so
        not adding new tests.

        Inspired by work Rob Buis did in Blink:

            http://src.chromium.org/viewvc/blink?view=revision&revision=173273

        Althgouh that is less than half of what ended up in this patch.

        * dom/ContainerNode.h: Fixed NoEventDispatchAssertion so it can be
        copied without causing an underflow of NoEventDispatchAssertion::s_count.
        Made the copy constructor call the default constructor. Also changed it
        to be based on ASSERT_DISABLED rather than NDEBUG and tweaked it a bit.

        * dom/ElementIteratorAssertions.h: Removed an unnecessary include and
        an unnecessary default constructor. Changed to use WTF::Optional instead
        of WTF::OwnPtr to handle NoEventDispatchAssertion, which makes this class
        copyable and assignable, which in turn makes the iterators based on this
        copyable and assignable, which is what I needed in SVGUseElement code.
        Also simplified code in a couple places.

        * dom/TypedElementDescendantIterator.h:
        (WebCore::TypedElementDescendantIteratorAdapter<ElementType>::from):
        Fixed an error where the arguments to Traversal::next were passed backwards.
        This led to incomplete iteration in SVGUseElement code, and an immediate
        assertion failure. Probably could use some unit test coverage, too.
        (WebCore::TypedElementDescendantConstIteratorAdapter<ElementType>::from):
        Ditto.

        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::animatedInstanceRoot): Deleted.
        (WebCore::SVGUseElement::transferSizeAttributesToShadowTreeTargetClone):
        Removed the originalElement argument, since we can use the correspondingElement
        to get back to it. Removed the useElement argument and changed this into a
        member function.
        (WebCore::SVGUseElement::svgAttributeChanged): Updated for above changes.
        (WebCore::subtreeContainsDisallowedElement): Deleted this function, because
        it was only used to optimize by not calling removeDisallowedElementsFromSubtree,
        but that function is already similarly efficient when called to do nothing, so
        the preflight was not useful.
        (WebCore::SVGUseElement::clearResourceReferences): Call userAgentShadowRoot
        instead of shadowRoot for clarity.
        (WebCore::SVGUseElement::buildPendingResource): Pass a reference instead of
        a pointer to buildShadowAndInstanceTree, since it's guaranteed to not be null.
        (WebCore::SVGUseElement::shadowTreeTargetClone): Added. Returns the SVG element
        inside the shadow tree that corresponds to the use element's target.
        (WebCore::SVGUseElement::buildShadowAndInstanceTree): Changed argument type
        to a reference instead of a pointer. Removed comments explaining why we have
        an instance tree, since soon we will not have one. Removed many comments that
        simply state the names of the functions they are commenting on and perhaps a tiny
        bit more. Changed to not use m_targetElementInstance as much, dealing with the
        shadow tree directly instead of through the instance tree.
        (WebCore::SVGUseElement::toClipPath): Use shadowTreeTargetClone instead of
        getting at the element through m_targetElementInstance.
        (WebCore::SVGUseElement::rendererClipChild): Ditto.
        (WebCore::removeDisallowedElementsFromSubtree): Removed the inline keyword,
        since there's no good reason to inline thif function's body. Improved local
        variable names and used a modern for loop. Also moved the comment about why
        this function is used here inside the function instead of repeating it at
        each call site.
        (WebCore::SVGUseElement::buildShadowTree): Changed to take a reference
        instead of a pointer. Moved the check to see if the target is disallowed
        out of this function and into buildShadowAndInstanceTree, which needs to
        handle that failure explicitly. Tightened up the code a bit, using Ref instead
        of RefPtr, putting the comment about removeDisallowedElementsFromSubtree into
        that function itself, and removing the unneeded subtreeContainsDisallowedElement
        check entirely.
        (WebCore::SVGUseElement::expandUseElementsInShadowTree): Removed the argument,
        getting the shadow tree from the shadowTree function instead. Walk the tree
        iteratively instead of recursively, using the descendantsOfType function.
        Rearranged and streamlined the logic.
        (WebCore::SVGUseElement::expandSymbolElementsInShadowTree): Ditto.
        (WebCore::SVGUseElement::transferEventListenersToShadowTree): Ditto.
        (WebCore::SVGUseElement::transferAttributesToShadowTreeReplacement): Renamed
        this to avoid the term "replaced element", which is not a reasonable way to
        refer to the <g> element in the shadow tree that replaces the <use> element.
        Changed the argument type to SVGGElement to make it harder to misuse this
        function by accident, and made the use element be "this" instead of passing
        it as an argument.
        (WebCore::SVGUseElement::selfHasRelativeLengths): Call hasRelativeLengths
        on the target inside the shadow tree rather than the original target, which
        makes more sense anyway, and is straightforward now that we have the
        shadowTreeTargetClone function. Removes use of m_targetElementInstance here.

        * svg/SVGUseElement.h: Updated for above changes.

        * svg/SVGUseElement.idl: Removed animatedInstanceRoot and tweaked formatting.

2015-01-25  Chris Dumez  <cdumez@apple.com>

        Remove 'font' shorthand property special casing
        https://bugs.webkit.org/show_bug.cgi?id=140577

        Reviewed by Darin Adler.

        Expand system font values during 'font' property parsing. The 'font'
        CSS property was the only shorthand that wasn't always expanded in
        the CSS parser, so it needed a lot of special handling that we can
        now get rid of.

        This patch is inspired from the following Blink revision:
        https://src.chromium.org/viewvc/blink?view=rev&revision=184449

        Tests:
        - fast/css/css2-system-fonts.html (existing)
        - fast/css/CSSPrimitiveValue-font-family-primitiveType.html (new)
        - fast/css/font-systemFontID-parsing.html (new)
        - fast/css/font-shorthand-line-height.html (rebased)

        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSCalculationValue.cpp:
        (WebCore::hasDoubleValue):
        Handle CSS_FONT_FAMILY similarly to CSS_STRING in the switch.

        * css/CSSFontFamily.h: Added.
        Introduce new CSSFontFamily class to store font families inside
        CSSPrimitive, instead of using a simple String as previously. We need
        an additional 'fromSystemFontID' flag in addition to the font family
        name now that system font ID are expanded during parsing. This
        information is needed later on by the StyleBuilder (see comment below).

        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::addFontFaceRule):
        Update code dealing with font family CSSPrimitiveValues now that they
        hold a CSSFontFamily internally instead of a String.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue):
        (WebCore::CSSParser::parseSystemFont):
        Expand system font values for the 'font' property by asking the
        RenderTheme for the system font and using it to set the 'font'
        longhand properties.

        * css/CSSParserValues.cpp:
        (WebCore::CSSParserValue::createCSSValue):
        Handle CSS_FONT_FAMILY value in the switch.

        * css/CSSPrimitiveValue.cpp:
        (WebCore::CSSPrimitiveValue::primitiveType):
        Make sure we still expose font family CSSPrimitiveValues to the Web as
        CSS_STRING, even though we are using a slightly different representation
        internally. This is so that we don't change web-exposed behavior and I
        added a new layout test to cover this.

        (WebCore::isValidCSSUnitTypeForDoubleConversion):
        (WebCore::CSSPrimitiveValue::cleanup):
        (WebCore::CSSPrimitiveValue::getStringValue):
        (WebCore::CSSPrimitiveValue::formatNumberForCustomCSSText):
        (WebCore::CSSPrimitiveValue::cloneForCSSOM):
        (WebCore::CSSPrimitiveValue::equals):
        Handle CSS_FONT_FAMILY type in switches.

        * css/CSSPrimitiveValue.h:
        (WebCore::CSSPrimitiveValue::isFontFamily):
        Add method to test if a CSSPrimitiveValue holds a CSSFontFamily
        internally.

        (WebCore::CSSPrimitiveValue::fontFamily):
        Add a getter to retrieve the internal CSSFontFamily object if the
        primitive type is CSS_FONT_FAMILY.

        * css/CSSPropertyNames.in:
        Treat 'font' as a regular shorthand property. Specify its longhand
        properties so that makeprop.pl can generate the shorthand code for
        us. Also demote 'font' to being a low-priority property as it is
        now always expanded during parsing.

        * css/CSSValuePool.cpp:
        (WebCore::CSSValuePool::createFontFamilyValue):
        * css/CSSValuePool.h:
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyValueFontFamily):
        - Update the 'font-family' value setter in the StyleBuilder to reflect
        the changes in the CSS parser. The CSSPrimitiveValues in the list now
        have CSS_FONT_FAMILY type instead of CSS_STRING.
        - We also set the 'isGenericFamily' flag if the font-family was expanded
          from a system font ID (e.g. caption). The 'isGenericFamily' flag is
          used later on to property set the 'isSpecifiedFont' flag on the
          FontDescription object. If we don't do this, system font values will
          be treated as specified fonts, which means that we will no longer use
          the 'use backslash as Yen sign' hack for those. This is covered by the
          following layout tests:
          - fast/text/backslash-to-yen-sign-euc.html
          - editing/selection/find-yensign-and-backslash.html

        (WebCore::StyleBuilderCustom::applyInitialFont): Deleted.
        (WebCore::StyleBuilderCustom::applyInheritFont): Deleted.
        (WebCore::StyleBuilderCustom::applyValueFont): Deleted.
        Remove StyleBuilder code dealing with the 'font' property. Now that
        the 'font' property is always expanded during parsing, this code can
        never be reached.

        * css/StylePropertyShorthand.cpp:
        (WebCore::isExpandedShorthand):
        Stop returning false for 'font' as it is now expanded during parsing
        as well. We should probably consider renaming this method to something
        else now that all shorthands are expanded, maybe isCSSShorthand() or
        isShorthandProperty().

        (WebCore::fontShorthand): Deleted.
        * css/StylePropertyShorthand.h:
        (WebCore::matchingCustomShorthandsForLonghand): Deleted.
        Remove custom shorthand code for the 'font' property as it is now
        generated by makeprop.pl, like other shorthands.

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyFont): Deleted.
        This is unused now that the StyleBuilder code for 'font' has been
        removed.

        * css/makeprop.pl:
        Remove custom shorthand code for 'font' as it no longer requires any
        special handling.

2015-01-25  Timothy Horton  <timothy_horton@apple.com>

        Long spins under Frame::rangeForPoint when doing Lookup on feedly.com
        https://bugs.webkit.org/show_bug.cgi?id=140862
        <rdar://problem/19566089>

        Reviewed by Dan Bernstein.

        * page/Frame.cpp:
        (WebCore::Frame::rangeForPoint):
        If there isn't a selectable text node at the given point, rangeForPoint
        will eventually return null. However, we can make it fail much faster
        by checking the initial position's text-ness and selectability.

2015-01-24  Darin Adler  <darin@apple.com>

        Move height/width implementation for use element from RenderSVGViewportContainer to SVGUseElement
        https://bugs.webkit.org/show_bug.cgi?id=140826

        Reviewed by Anders Carlsson.

        Tests: svg/animations/use-animate-width-and-height.html
               svg/custom/use-attribute-invalidations.html
               svg/custom/use-dynamic-attribute-setting.html

        This is an adaptation of work Rob Buis did in Blink:

            http://src.chromium.org/viewvc/blink?view=revision&revision=173258

        The goal here is to reduce use of SVGElementInstance since we are going to
        remove it. The tests Rob added to Blink (which I believe I improved a bit here)
        meant we had to fix quite a few bugs in the implementation of the width/height
        logic rather than just moving it. Even so, this could use even more test coverage
        since there is separate logic for <symbol> and <svg>, three different code paths
        (animation/attribute setting, initial creation, and one other), and also
        distinct issues for attributes not set at all, attributes set to values that
        can't be parsed, and attributes set with different units.

        * rendering/svg/RenderSVGViewportContainer.cpp:
        (WebCore::RenderSVGViewportContainer::calcViewport): Removed the old logic.

        * svg/SVGSVGElement.cpp:
        (WebCore::SVGSVGElement::SVGSVGElement): Use ASCIILiteral to more efficiently
        create strings from ASCII literals here.
        (WebCore::SVGSVGElement::parseAttribute): Default to 100%, not 0, when the
        width or height property are either not set or not successfully parsed. Without
        this change, one of the SVG tests starts failing.

        * svg/SVGUseElement.cpp:
        (WebCore::updateWidthAndHeight): Added. The tricky part here is that we have
        to copy width and height attributes only if they were successfully parsed, and
        also we need to copy the current animating values, not the original attribute
        strings. Kind of messy, but I wanted to adapt Rob's solution for the time being,
        rather than inventing something new.
        (WebCore::SVGUseElement::svgAttributeChanged): Call updateWidthAndHeight.
        This is used both when actual attribute changes occur and also when animation
        changes the current value.
        (WebCore::SVGUseElement::buildShadowAndInstanceTree): Call updateWidthAndHeight.
        This is used when the shadow elements are first created.
        (WebCore::SVGUseElement::expandUseElementsInShadowTree): Call updateWidthAndHeight.
        This was in Rob's patch, but I am not sure we have sufficient test coverage.

2015-01-24  Chris Dumez  <cdumez@apple.com>

        Provide implementation for WTF::DefaultHash<bool>
        https://bugs.webkit.org/show_bug.cgi?id=140848

        Reviewed by Anders Carlsson.

        Use HashMap<std::pair<UChar32, bool>> type in Font.cpp for
        CharacterFallbackMap instead of HashMap<std::pair<UChar32, unsigned>>.
        It builds now that WTF::DefaultHash<bool> is defined in WTF.

        * platform/graphics/Font.cpp:
        (WebCore::Font::removeFromSystemFallbackCache):

2015-01-23  Brent Fulgham  <bfulgham@apple.com>

        [Win] Cursor assignment operator is skipping scale factor
        https://bugs.webkit.org/show_bug.cgi?id=140852

        Reviewed by Chris Dumez.

        Found by fast/events/mouse-cursor-image-set.html

        * platform/win/CursorWin.cpp:
        (WebCore::Cursor::operator=): Make sure to also assign the
        scale factor.

2015-01-23  David Kilzer  <ddkilzer@apple.com>

        [iOS] Attempt to fix the build after AVValueTiming.h moved

        * platform/spi/ios/AVKitSPI.h: The AVValueTiming.h header moved
        to an unexpected location, so work around it by using local SPI
        declarations.

2015-01-23  Alexey Proskuryakov  <ap@apple.com>

        Try to fix the build after r179056.

        * platform/Cursor.h: (WebCore::Cursor::Cursor): Initialize dadat members in correct order.

2015-01-23  Brent Fulgham  <bfulgham@apple.com>

        [Win] Cursor copy constructor does not initialize scale factor
        https://bugs.webkit.org/show_bug.cgi?id=140849

        Reviewed by Antti Koivisto.

        Found by fast/events/mouse-cursor-image-set.html

        Make sure the scale factor is captured during copy construction. Also make sure
        it is properly initialized in the default constructor, since it it used in the
        Windows port for some default cursors.

        * platform/CursorWin.h:
        * platform/win/CursorWin.cpp:
        (WebCore::Cursor::Cursor): Make sure copy constructor captures
        the scale factor.

2015-01-23  Benjamin Poulain  <bpoulain@apple.com>

        Add pointer/hover media queries
        https://bugs.webkit.org/show_bug.cgi?id=134822

        Reviewed by Antti Koivisto.

        Media Queries Level 4 introduces two types of Interaction Media Features:
        "pointer" and "hover". Those media features are useful for adapting the design
        to the type of input:
            http://dev.w3.org/csswg/mediaqueries-4/#mf-interaction

        This implementation is trivial: just #ifdef the return value depending on
        the support for touch events.
        In the future we should move that to a client interface but let's start easy
        for now.

        Tests: fast/media/mq-any-hover-cssom.html
               fast/media/mq-any-hover-invalid.html
               fast/media/mq-any-hover-matchMedia.html
               fast/media/mq-any-hover-styling.html
               fast/media/mq-any-pointer-cssom.html
               fast/media/mq-any-pointer-invalid.html
               fast/media/mq-any-pointer-matchMedia.html
               fast/media/mq-any-pointer-styling.html
               fast/media/mq-hover-cssom.html
               fast/media/mq-hover-invalid.html
               fast/media/mq-hover-matchMedia.html
               fast/media/mq-hover-styling.html
               fast/media/mq-pointer-cssom.html
               fast/media/mq-pointer-invalid.html
               fast/media/mq-pointer-matchMedia.html
               fast/media/mq-pointer-styling.html

        * css/CSSValueKeywords.in:
        * css/MediaFeatureNames.h:
        * css/MediaQueryEvaluator.cpp:
        (WebCore::hoverMediaFeatureEval):
        (WebCore::any_hoverMediaFeatureEval):
        (WebCore::pointerMediaFeatureEval):
        (WebCore::any_pointerMediaFeatureEval):
        (WebCore::leastCapablePrimaryPointerDeviceType): Deleted.
        * css/MediaQueryExp.cpp:
        (WebCore::featureWithCSSValueID):
        (WebCore::featureWithZeroOrOne):
        (WebCore::featureWithoutValue):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::dispatchFakeMouseMoveEventSoon):
        (WebCore::EventHandler::fakeMouseMoveEventTimerFired):
        * page/Settings.in:

2015-01-23  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r179051.
        https://bugs.webkit.org/show_bug.cgi?id=140850

        broke the 32-bit build (Requested by thorton on #webkit).

        Reverted changeset:

        "[Mac][EME] Support ClearKey encryption with AES128-encrypted
        HLS"
        https://bugs.webkit.org/show_bug.cgi?id=140825
        http://trac.webkit.org/changeset/179051

2015-01-23  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Rename InjectedScriptHost::type to subtype
        https://bugs.webkit.org/show_bug.cgi?id=140841

        Reviewed by Timothy Hatcher.

        * inspector/WebInjectedScriptHost.cpp:
        (WebCore::WebInjectedScriptHost::subtype):
        (WebCore::WebInjectedScriptHost::type): Deleted.
        * inspector/WebInjectedScriptHost.h:

2015-01-23  Jer Noble  <jer.noble@apple.com>

        [Mac][EME] Support ClearKey encryption with AES128-encrypted HLS
        https://bugs.webkit.org/show_bug.cgi?id=140825

        Reviewed by Eric Carlson.

        Test: http/tests/media/clearkey/clear-key-hls-aes128.html

        Add support for ClearKey encryption when used with an AES-128 encrypted HLS stream.

        * Modules/encryptedmedia/CDM.cpp:
        (WebCore::installedCDMFactories): Add the CDMPrivateClearKey factory.
        * Modules/encryptedmedia/CDMPrivateClearKey.cpp:
        (WebCore::CDMPrivateClearKey::supportsKeySystem): Support the "org.w3c.clearkey" key system.
        (WebCore::CDMPrivateClearKey::supportsKeySystemAndMimeType): Ditto.
        (WebCore::CDMPrivateClearKey::supportsMIMEType): Ditto.
        (WebCore::CDMPrivateClearKey::createSession): Create a CDMSessionClearKey.
        * Modules/encryptedmedia/CDMPrivateClearKey.h:
        (WebCore::CDMPrivateClearKey::create): Simple factory.
        (WebCore::CDMPrivateClearKey::~CDMPrivateClearKey): Virtual destructor.
        (WebCore::CDMPrivateClearKey::CDMPrivateClearKey): Simple destructor.
        * Modules/encryptedmedia/CDMSessionClearKey.cpp: Added.
        (WebCore::clearKeyVM): Static method returning the VM to be used by JSON parsing.
        (WebCore::CDMSessionClearKey::CDMSessionClearKey): Simple constructor.
        (WebCore::CDMSessionClearKey::~CDMSessionClearKey): Simple destructor.
        (WebCore::CDMSessionClearKey::generateKeyRequest): Store the initData, ensure that it consists of a UTF8-encoded key
            URI, and return same.
        (WebCore::CDMSessionClearKey::releaseKeys): Purged all cached keys.
        (WebCore::CDMSessionClearKey::update): Parse raw JSON-encoded JWK keys, rejecting non-AES, non-oct keys.
        (WebCore::CDMSessionClearKey::cachedKeyForKeyID): Return cached keys.
        * Modules/encryptedmedia/CDMSessionClearKey.h:

        Add support for the "org.w3c.clearkey" CDM to MediaPlayerPrivateAVFoundationObjC, and do so in a platform-agnostic
        way by simply asking for raw key data from MediaPlayerClient when notified that a key has been added.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::keySystemIsSupported):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::supportsType):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::supportsKeySystem):
        (WebCore::fulfillRequestWithKeyData): Added utility method.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::shouldWaitForLoadingOfResource):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::keyAdded):

        Pipe a keyAdded() notification down to MediaPlayer and a cachedKeyForKeyId() request up to CDMSessionClearKey:

        * Modules/encryptedmedia/MediaKeySession.cpp:
        (WebCore::MediaKeySession::cachedKeyForKeyId):
        (WebCore::MediaKeySession::addKeyTimerFired):
        * Modules/encryptedmedia/MediaKeySession.h:
        * Modules/encryptedmedia/MediaKeys.cpp:
        (WebCore::MediaKeys::keyAdded):
        (WebCore::MediaKeys::cachedKeyForKeyId):
        * Modules/encryptedmedia/MediaKeys.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::keyAdded):
        * html/HTMLMediaElement.h:
        * platform/graphics/CDMSession.h:
        (WebCore::CDMSession::cachedKeyForKeyID):
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::keyAdded):
        (WebCore::MediaPlayer::cachedKeyForKeyId):
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerClient::mediaPlayerCachedKeyForKeyId):
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::keyAdded):

        Add new files to project:

        * WebCore.xcodeproj/project.pbxproj:
        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:

2015-01-23  Chris Dumez  <cdumez@apple.com>

        Implement system fonts FontDescription caching at RenderTheme level
        https://bugs.webkit.org/show_bug.cgi?id=140840

        Reviewed by Andreas Kling.

        Implement system fonts FontDescription caching at RenderTheme level
        instead of duplicating the logic in its subclasses for each platform.
        This reduces code / logic duplication and reduces the amount of
        platform-specific code. This will also make the refactoring at
        Bug 140577 a lot easier.

        The caching logic remains in RenderThemeIOS class for iOS because:
        - It supports different system font values than all other platforms
        - It requires cache invalidation in some cases while other platforms
          do not.

        This patch is inspired by the following Blink revision:
        https://src.chromium.org/viewvc/blink?view=rev&revision=184449

        Test: fast/css/css2-system-fonts.html

2015-01-23  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Refactor line wrapping logic.
        https://bugs.webkit.org/show_bug.cgi?id=140834

        Reviewed by Antti Koivisto.

        Use a more readable structure to deal with wrapping logic. 

        No change in functionality.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::createLineRuns):

2015-01-23  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Use only FlowContents::nextTextFragment() to read fragments from the text flow.
        https://bugs.webkit.org/show_bug.cgi?id=140842

        Reviewed by Antti Koivisto.

        This is in preparation to make FlowContents a content iterator class.

        No change in functionality.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::initializeNewLine):
        * rendering/SimpleLineLayoutFlowContents.h:

2015-01-23  Bartlomiej Gajda  <b.gajda@samsung.com>

        [MSE] Implement Range Removal algorithm.
        https://bugs.webkit.org/show_bug.cgi?id=140622.

        Reviewed by Jer Noble.

        This extract Range Removal algorithm (Editor's Draft version, bug:26316) from remove(),
        to separate function to deal with old FIXME since bug in spec was resolved.
        This should both guarantee good order of events, and prevent from switching to 'open' state
        during end of stream.

        Test: media/media-source/media-source-end-of-stream-readyState.html

        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::setDurationInternal): update to use rangeRemoval(), not remove()
        (WebCore::MediaSource::streamEndedWithError): remove FIXME, brigning back correct order of events.
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::remove): comments up to spec, extract rangeRemoval algorithm.
        (WebCore::SourceBuffer::rangeRemoval):
        (WebCore::SourceBuffer::removeTimerFired): comments up to spec.
        * Modules/mediasource/SourceBuffer.h:

2015-01-23  Enrica Casucci  <enrica@apple.com>

        Hit test returns incorrect results when performed in paginated content over the page gaps.
        https://bugs.webkit.org/show_bug.cgi?id=140837
        rdar://problem/17494390

        Reviewed by Dave Hyatt.

        Tests: fast/multicol/pagination/LeftToRight-tb-hittest.html
               fast/multicol/pagination/RightToLeft-rl-hittest.html

        When hittesting reaches the RenderView we need to check if we are
        in paginated content and use the correct class to compute hittest results.

        * rendering/RenderView.cpp:
        (WebCore::RenderView::updateHitTestResult):

2015-01-23  Andreas Kling  <akling@apple.com>

        Document should be a FontSelectorClient.
        <https://webkit.org/b/140833>

        Reviewed by Antti Koivisto.

        Make Document a FontSelectorClient so it can listen to the invalidation
        callbacks from FontSelector instead of having code in FontSelector that
        calls out to Document on invalidation.

        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::dispatchInvalidationCallbacks):
        * dom/Document.cpp:
        (WebCore::Document::fontsNeedUpdate):
        (WebCore::Document::fontSelector):
        (WebCore::Document::clearStyleResolver):
        * dom/Document.h:

2015-01-23  Chris Dumez  <cdumez@apple.com>

        Leverage CSSValuePool's font family cache in CSSComputedStyleDeclaration
        https://bugs.webkit.org/show_bug.cgi?id=140829

        Reviewed by Andreas Kling.

        Leverage CSSValuePool's font family cache in CSSComputedStyleDeclaration
        by calling CSSValuePool::createFontFamilyValue() to create the font
        family CSSPrimitiveValue instead of cssValuePool().createValue().

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::valueForFamily):

2015-01-23  Timothy Horton  <timothy_horton@apple.com>

        QLPreviewMenuItem popovers don't close when the page scrolls
        https://bugs.webkit.org/show_bug.cgi?id=140806
        <rdar://problem/19555618>

        Reviewed by Beth Dakin.

        * platform/spi/mac/QuickLookMacSPI.h:
        Add some SPI.

2015-01-23  Andreas Kling  <akling@apple.com>

        Hang CSSFontSelector off Document instead of StyleResolver.
        <https://webkit.org/b/140820>

        Reviewed by Antti Koivisto.

        Move the CSSFontSelector from StyleResolver to Document. This is the first
        step towards making the CSSFontSelector be able to survive full style recalc.

        Clearing a Document's StyleResolver will still nuke the CSSFontSelector,
        though that is done in Document::clearStyleResolver() now.

        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::CSSFontSelector):
        * css/CSSFontSelector.h:

            Modernize CSSFontSelector construction a bit by having create() return
            a Ref and the constructor take a Document& instead of a Document*.
            Also made the constructor explicit.

        (WebCore::StyleResolver::~StyleResolver):
        * dom/Document.cpp:
        (WebCore::Document::clearStyleResolver):

            Nuke the current CSSFontSelector in clearStyleResolver() instead of
            in ~StyleResolver. It's a minor change, but shows the way forward.
            Added a FIXME about how CSSFontSelector should eventually survive
            this operation.

        (WebCore::Document::fontSelector):
        * css/FontLoader.cpp:
        (WebCore::FontLoader::loadFont):
        (WebCore::FontLoader::checkFont):
        (WebCore::FontLoader::resolveFontStyle):
        * css/RuleSet.cpp:
        (WebCore::RuleSet::addChildRules):
        * css/StyleResolver.h:
        (WebCore::StyleResolver::fontSelector): Deleted.
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::StyleResolver):
        (WebCore::StyleResolver::appendAuthorStyleSheets):
        (WebCore::StyleResolver::styleForElement):
        (WebCore::StyleResolver::defaultStyleForElement):
        (WebCore::StyleResolver::updateFont):
        * dom/Document.h:
        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::setFont):
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::updateFromElement):
        (WebCore::RenderListBox::paintItemForeground):
        * rendering/RenderMenuList.cpp:
        (RenderMenuList::fontSelector):
        * rendering/RenderSearchField.cpp:
        (WebCore::RenderSearchField::fontSelector):
        * rendering/TextAutoSizing.cpp:
        (WebCore::TextAutoSizingValue::adjustNodeSizes):
        (WebCore::TextAutoSizingValue::reset):
        * rendering/svg/RenderSVGInlineText.cpp:
        (WebCore::RenderSVGInlineText::computeNewScaledFontForStyle):
        * style/StyleResolveForDocument.cpp:
        (WebCore::Style::resolveForDocument):
        * style/StyleResolveTree.cpp:
        (WebCore::Style::resolveTree):

            Move CSSFontSelector ownership from StyleResolver to Document.

2015-01-23  Jer Noble  <jer.noble@apple.com>

        Layout Test http/tests/media/track-in-band-hls-metadata.html is flaky
        https://bugs.webkit.org/show_bug.cgi?id=140827

        Reviewed by Eric Carlson.

        Create the m_metadataTrack by calling prepareMetadataTrack() before deref-ing it.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::metadataDidArrive):

2015-01-23  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Add initial database process support
        https://bugs.webkit.org/show_bug.cgi?id=139491

        Reviewed by Sergio Villar Senin.

        * platform/sql/SQLiteFileSystem.cpp:
        (WebCore::SQLiteFileSystem::openDatabase): Use
        WebCore::fileSystemRepresentation() for the database filename,
        otherwise sqlite3_open() fails when the filename contains "%2E".

2015-01-23  Byeongha Cho  <byeongha.cho@samsung.com>

        Initialization for some member variable of FontPlatformData
        https://bugs.webkit.org/show_bug.cgi?id=136327

        Reviewed by Myles C. Maxfield.

        No new tests. There's no functional change.

        * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
        (WebCore::FontPlatformData::FontPlatformData):
        (WebCore::FontPlatformData::operator=):
        (WebCore::FontPlatformData::~FontPlatformData):

2015-01-23  Grzegorz Czajkowski  <g.czajkowski@samsung.com>

        Rename ChildNodeRemovalNotifier::m_insertionPoint to m_removalPoint
        https://bugs.webkit.org/show_bug.cgi?id=140766

        Reviewed by Andreas Kling.

        ChildNodeRemovalNotifier::ChildNodeRemovalNotifier(...) should take
        a node as removal point.
        It's probably Copy/Paste from ChildNodeInsertionNotifier::m_insertionPoint.

        No new tests. No behavior change.

        * dom/ContainerNodeAlgorithms.h:
        (WebCore::ChildNodeRemovalNotifier::ChildNodeRemovalNotifier):
        (WebCore::ChildNodeRemovalNotifier::notifyNodeRemovedFromDocument):
        (WebCore::ChildNodeRemovalNotifier::notifyNodeRemovedFromTree):

2015-01-23  Hunseop Jeong  <hs85.jeong@samsung.com>

        [GTK] Fix debug build after r178940
        https://bugs.webkit.org/show_bug.cgi?id=140814

        Reviewed by Carlos Garcia Campos.

        * platform/graphics/opentype/OpenTypeVerticalData.cpp:
        (WebCore::OpenTypeVerticalData::substituteWithVerticalGlyphs):

2015-01-22  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Move leading whitespace handling from removeTrailingWhitespace() to initializeNewLine().
        https://bugs.webkit.org/show_bug.cgi?id=140757

        Reviewed by Antti Koivisto.

        Checking if overflowed pre-wrap whitespace needs to be ignored should not be part of the trailing whitespace handling.
        Move it to initializeNewLine(). 

        No change in functionality.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::preWrap):
        (WebCore::SimpleLineLayout::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::initializeNewLine):
        * rendering/SimpleLineLayoutFlowContents.h:
        (WebCore::SimpleLineLayout::FlowContents::isLineBreak):

2015-01-22  Jer Noble  <jer.noble@apple.com>

        [iOS] Media controls disappear when loading a HLS live stream
        https://bugs.webkit.org/show_bug.cgi?id=140792
        rdar://problem/19491658

        Reviewed by Dean Jackson.

        Overload reconnectControls to reconnect the "start playback" button
        if the control type has been set to "StartPlaybackButton".

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.reconnectControls):

2015-01-22  peavo@outlook.com  <peavo@outlook.com>

        [Win] No plugin content on some sites.
        https://bugs.webkit.org/show_bug.cgi?id=140780

        Reviewed by Anders Carlsson.

        Return script instance from ScriptController::createScriptInstanceForWidget(),
        instead of always returning null.

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::createScriptInstanceForWidget):
        * plugins/PluginViewBase.h:
        (WebCore::PluginViewBase::bindingInstance):

2015-01-22  Jer Noble  <jer.noble@apple.com>

        [Mac][EME] Adopt changes to AVStreamSession class methods
        https://bugs.webkit.org/show_bug.cgi?id=140778
        rdar://problem/19458200

        Reviewed by Eric Carlson.

        AVStreamSession class methods have added a "storageDirectoryAtURL:" parameter so as to be able to
        read and modify records stored at non-default storage locations.

        * Modules/encryptedmedia/MediaKeySession.cpp:
        (WebCore::MediaKeySession::mediaKeysStorageDirectory): Implement client method by querying document and settings.
        * Modules/encryptedmedia/MediaKeySession.h:
        * platform/graphics/CDMSession.h:
        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
        (WebCore::CDMSessionMediaSourceAVFObjC::releaseKeys): Check whether the AVStreamSession class responds to new selector before calling.
        (WebCore::CDMSessionMediaSourceAVFObjC::update): Ditto.
        (WebCore::CDMSessionMediaSourceAVFObjC::generateKeyReleaseMessage): Ditto.
        (WebCore::CDMSessionMediaSourceAVFObjC::storagePath): Fetch the storage path from the client.

2015-01-22  Michael Saboff  <msaboff@apple.com>

        REGRESSION (174847): can't view NHK(Japan's national public broadcasting organization)’s news pages
        https://bugs.webkit.org/show_bug.cgi?id=140794

        Reviewed by Anders Carlsson.

        If a document.open has been set, return it instead of always returning a new,
        non-cached instance of jsHTMLDocumentPrototypeFunctionOpen.

        Test: js/dom/document-overwrite-open.html

        * bindings/js/JSHTMLDocumentCustom.cpp:
        (WebCore::JSHTMLDocument::getOwnPropertySlot):

2015-01-22  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Reset LineState when starting a new line.
        https://bugs.webkit.org/show_bug.cgi?id=140789

        Reviewed by Antti Koivisto.

        Reset LineState when starting a new line to ensure we always
        start with a clean state.

        No change in functionality.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::updateLineConstrains):
        (WebCore::SimpleLineLayout::initializeNewLine):
        (WebCore::SimpleLineLayout::splitFragmentToFitLine):
        (WebCore::SimpleLineLayout::createTextRuns):

2015-01-22  Roger Fong  <roger_fong@apple.com>

        [WebGL2] Create empty interface files for new WebGL2 objects.
        https://bugs.webkit.org/show_bug.cgi?id=140779.
        <rdar://problem/15002288>

        Reviewed by Dean Jackson.

        * CMakeLists.txt:
        * DerivedSources.cpp:
        * DerivedSources.make:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * html/canvas/WebGLQuery.cpp: Added.
        (WebCore::WebGLQuery::create):
        (WebCore::WebGLQuery::~WebGLQuery):
        (WebCore::WebGLQuery::WebGLQuery):
        (WebCore::WebGLQuery::deleteObjectImpl):
        * html/canvas/WebGLQuery.h: Added.
        * html/canvas/WebGLQuery.idl: Added.
        * html/canvas/WebGLSampler.cpp: Added.
        (WebCore::WebGLSampler::create):
        (WebCore::WebGLSampler::~WebGLSampler):
        (WebCore::WebGLSampler::WebGLSampler):
        (WebCore::WebGLSampler::deleteObjectImpl):
        * html/canvas/WebGLSampler.h: Added.
        * html/canvas/WebGLSampler.idl: Added.
        * html/canvas/WebGLSharedObject.h:
        (WebCore::WebGLSharedObject::isQuery):
        (WebCore::WebGLSharedObject::isSampler):
        (WebCore::WebGLSharedObject::isSync):
        (WebCore::WebGLSharedObject::isTransformFeedback):
        (WebCore::WebGLSharedObject::isVertexArrayObject):
        * html/canvas/WebGLSync.cpp: Added.
        (WebCore::WebGLSync::create):
        (WebCore::WebGLSync::~WebGLSync):
        (WebCore::WebGLSync::WebGLSync):
        (WebCore::WebGLSync::deleteObjectImpl):
        * html/canvas/WebGLSync.h: Added.
        * html/canvas/WebGLSync.idl: Added.
        * html/canvas/WebGLTransformFeedback.cpp: Added.
        (WebCore::WebGLTransformFeedback::create):
        (WebCore::WebGLTransformFeedback::~WebGLTransformFeedback):
        (WebCore::WebGLTransformFeedback::WebGLTransformFeedback):
        (WebCore::WebGLTransformFeedback::deleteObjectImpl):
        * html/canvas/WebGLTransformFeedback.h: Added.
        * html/canvas/WebGLTransformFeedback.idl: Added.
        * html/canvas/WebGLVertexArrayObject.cpp: Added.
        (WebCore::WebGLVertexArrayObject::create):
        (WebCore::WebGLVertexArrayObject::~WebGLVertexArrayObject):
        (WebCore::WebGLVertexArrayObject::WebGLVertexArrayObject):
        (WebCore::WebGLVertexArrayObject::deleteObjectImpl):
        * html/canvas/WebGLVertexArrayObject.h: Added.
        * html/canvas/WebGLVertexArrayObject.idl: Added.

2015-01-22  Chris Dumez  <cdumez@apple.com>

        Fix remaining multiple targets per rule issues in DerivedSources.make
        https://bugs.webkit.org/show_bug.cgi?id=140790

        Reviewed by David Kilzer.

        Fix remaining multiple target per rule issues in DerivedSources.make,
        similarly to Bug 140784 and Bug 140756.

        This was causing us to run scripts several times to generate the same
        files and may lead to malformed files in case of concurrency.

        * DerivedSources.make:

2015-01-22  Ryosuke Niwa  <rniwa@webkit.org>

        Add a build flag for ES6 class syntax
        https://bugs.webkit.org/show_bug.cgi?id=140760

        Reviewed by Michael Saboff.

        * Configurations/FeatureDefines.xcconfig:

2015-01-22  Chris Dumez  <cdumez@apple.com>

        SVGNames.cpp and HTMLNames.cpp are sometimes malformed
        https://bugs.webkit.org/show_bug.cgi?id=140784
        <rdar://problem/17701233>

        Reviewed by David Kilzer.

        Due to bad rules in DerivedSources.make, make_names.pl was called
        several times with the same arguments during build. This is because
        SVG/HTML/MathML each had several targets associated to the same
        command. This would cause the command (make_names.pl) to be called
        once per target. However, make_names.pl only needs to be executed
        once to generate all of the files currently marked as target.

        Calling make_names.pl several times for the same files is not only
        wasteful, but it can also lead to malformed generated files if the
        scripts instances are executed in parallel as they will read / write
        from / to the same files.

        This patch uses INTERMEDIATE targets instead so that we can still
        indicate which files are generated by make_names.pl but only run
        the script once.

        This is a similar fix as for Bug 140756. There may several other
        similar issues in DerivedSources.make but this patch focuses on
        make_names.pl. I will take care of other in follow-ups if needed.

        * DerivedSources.make:

2015-01-22  Chris Dumez  <cdumez@apple.com>

        Have Counter::create() return a Ref<Counter>
        https://bugs.webkit.org/show_bug.cgi?id=140777

        Reviewed by Andreas Kling.

        Have Counter::create() return a Ref<Counter> instead of a PassRefPtr.

        The CSSPrimitiveValue class needed some updates as well to support
        constructing a CSSPrimitiveValue object from a Ref<>.

        * css/CSSPrimitiveValue.cpp:
        (WebCore::CSSPrimitiveValue::init):
        * css/CSSPrimitiveValue.h:
        (WebCore::CSSPrimitiveValue::create):
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        * css/Counter.h:
        (WebCore::Counter::create):
        (WebCore::Counter::cloneForCSSOM):

2015-01-22  Chris Dumez  <cdumez@apple.com>

        Drop the legacy FeatureCounter class
        https://bugs.webkit.org/show_bug.cgi?id=140749

        Reviewed by Andreas Kling.

        Drop the legacy FeatureCounter class and use DiagnosticLoggingClient
        instead.

        * CMakeLists.txt:
        * Configurations/WebCore.xcconfig:
        * WebCore.exp.in:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::willSendRequest):
        (WebCore::SubresourceLoader::didReceiveResponse):
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::mustRevalidateDueToCacheHeaders):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::logMemoryCacheResourceRequest):
        (WebCore::CachedResourceLoader::requestResource):
        (WebCore::CachedResourceLoader::determineRevalidationPolicy):
        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::mustRevalidateIsExpiredKey):
        (WebCore::DiagnosticLoggingKeys::playedKey):
        (WebCore::DiagnosticLoggingKeys::noCacheKey):
        (WebCore::DiagnosticLoggingKeys::noStoreKey):
        (WebCore::DiagnosticLoggingKeys::notInMemoryCacheKey):
        (WebCore::DiagnosticLoggingKeys::mediaKey):
        (WebCore::DiagnosticLoggingKeys::isExpiredKey):
        (WebCore::DiagnosticLoggingKeys::loadingKey):
        (WebCore::DiagnosticLoggingKeys::inMemoryCacheKey):
        (WebCore::DiagnosticLoggingKeys::reasonKey):
        (WebCore::DiagnosticLoggingKeys::audioKey):
        (WebCore::DiagnosticLoggingKeys::cachedResourceRevalidationKey):
        (WebCore::DiagnosticLoggingKeys::resourceRequestKey):
        (WebCore::DiagnosticLoggingKeys::revalidatingKey):
        (WebCore::DiagnosticLoggingKeys::unusedKey):
        (WebCore::DiagnosticLoggingKeys::unusedReasonCredentialSettingsKey):
        (WebCore::DiagnosticLoggingKeys::unusedReasonErrorKey):
        (WebCore::DiagnosticLoggingKeys::unusedReasonMustRevalidateNoValidatorKey):
        (WebCore::DiagnosticLoggingKeys::unusedReasonNoStoreKey):
        (WebCore::DiagnosticLoggingKeys::unusedReasonRedirectChainKey):
        (WebCore::DiagnosticLoggingKeys::unusedReasonReloadKey):
        (WebCore::DiagnosticLoggingKeys::unusedReasonTypeMismatchKey):
        (WebCore::DiagnosticLoggingKeys::usedKey):
        (WebCore::DiagnosticLoggingKeys::userKey):
        (WebCore::DiagnosticLoggingKeys::videoKey):
        (WebCore::DiagnosticLoggingKeys::webViewKey):
        (WebCore::DiagnosticLoggingKeys::zoomedKey):
        * page/DiagnosticLoggingKeys.h:
        * page/Settings.in:
        * platform/FeatureCounter.cpp: Removed.
        * platform/FeatureCounter.h: Removed.
        * platform/FeatureCounterKeys.h: Removed.
        * platform/ios/FeatureCounter.mm: Removed.

2015-01-22  Benjamin Poulain  <benjamin@webkit.org>

        When extending the fallback transitions with their closure, we are modifying the Set while iterating it
        https://bugs.webkit.org/show_bug.cgi?id=140785

        Reviewed by Andreas Kling.

        * contentextensions/NFAToDFA.cpp:
        (WebCore::ContentExtensions::populateTransitions):
        Make that in two steps: accumulate the fallback transitions then add the closure
        of every element.

2015-01-21  Antti Koivisto  <antti@apple.com>

        Rename SimpleFontData to Font
        https://bugs.webkit.org/show_bug.cgi?id=140496

        Reviewed by Zalan Bujtas.

        The fallback supporting Font type was renamed FontCascade.
        We can now rename SimpleFontData to Font matching the usual definition.

2015-01-22  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Make trailing whitespace handling more explicit.
        https://bugs.webkit.org/show_bug.cgi?id=140776

        Reviewed by Antti Koivisto.

        Differentiate between committed and uncommitted trailing whitespace.
        This enables further cleanup in removeTrailingWhitespace().

        No change in functionality.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::LineState::commitAndCreateRun):
        (WebCore::SimpleLineLayout::LineState::addUncommitted):
        (WebCore::SimpleLineLayout::LineState::hasWhitespaceOnly):
        (WebCore::SimpleLineLayout::LineState::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::LineState::LineState): Deleted.
        (WebCore::SimpleLineLayout::LineState::removeCommittedTrailingWhitespace): Deleted.
        (WebCore::SimpleLineLayout::LineState::resetTrailingWhitespace): Deleted.

2015-01-22  Alexey Proskuryakov  <ap@apple.com>

        Crash in URL::protocol() after appcache load fails
        https://bugs.webkit.org/show_bug.cgi?id=140755
        rdar://problem/7881290

        Reviewed by Dan Bates.

        Test: http/tests/appcache/404-resource-with-slow-main-resource.php

        Not every cache that isn't being updated is complete. It could also be in a zombie
        state after failing to load. We get rid of the cache once the main resource finishes
        loading, but while it's being loaded, the zombie still looks like a regular
        candidate application cache.

        * loader/appcache/ApplicationCache.cpp: (WebCore::ApplicationCache::isComplete):
        * loader/appcache/ApplicationCache.h:
        Removed const from isComplete(), because otherwise we couldn't use ApplicationCacheGroup::m_caches.contains().
        Constness doesn't make a lot of sense for these objects anyway.

        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::failedLoadingMainResource): Toned down an assertion.
        We can fail a main resource load when the document has a zombie appcache, too.

        * loader/appcache/ApplicationCacheGroup.h:
        (WebCore::ApplicationCacheGroup::cacheIsComplete):
        (WebCore::ApplicationCacheGroup::cacheIsBeingUpdated): Deleted.
        These functions are only used in ApplicationCache::isComplete().

2015-01-22  Grzegorz Czajkowski  <g.czajkowski@samsung.com>

        Avoid defining always empty Vector<TextCheckingResult>
        https://bugs.webkit.org/show_bug.cgi?id=140765

        Reviewed by Alexey Proskuryakov.

        Pass an empty vector direclty instead.

        No new tests. No behavior change.

        * editing/SpellChecker.cpp:
        (WebCore::SpellChecker::didCheckCancel):

2015-01-22  Chris Dumez  <cdumez@apple.com>

        makeprop.pl script is called too many times during build
        https://bugs.webkit.org/show_bug.cgi?id=140756
        <rdar://problem/19467942>

        Reviewed by David Kilzer.

        The makeprop.pl script was called 4 times (instead of once) during
        build due to a bad Makefile rule in DerivedSources.make. makeprop.pl
        had 4 associated targets and thus was called 4 times (with the same
        parameter). Calling it once is sufficient to generate all 4 files
        that were marked as target. This patch uses an INTERMEDIATE target
        instead so that we can indicate that several files are generated
        by the same command.

        I believe this may be the reason for the sporatic build failures
        that look like:
        """
        CSSPropertyNames.gperf: No keywords in input file!
        calling gperf failed: 256 at WebCore/css/makeprop.pl line 1036.
        """
        The makeprop.pl script is generating gperf's input file and calling the
        gperf executable on this file. If the script is executed several times
        in parallel, it would explain the build failures as several instances
        of makeprop.pl may be writing / reading from the same
        CSSPropertyNames.gperf file.

        * DerivedSources.make:

2015-01-22  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r178894.
        https://bugs.webkit.org/show_bug.cgi?id=140775

        Broke JSC and bindings tests (Requested by ap_ on #webkit).

        Reverted changeset:

        "put_by_val_direct need to check the property is index or not
        for using putDirect / putDirectIndex"
        https://bugs.webkit.org/show_bug.cgi?id=140426
        http://trac.webkit.org/changeset/178894

2015-01-22  David Kilzer  <ddkilzer@apple.com>

        [iOS] Fix iphoneos SDK builds for ios-ews queue
        <http://webkit.org/b/140748>

        Reviewed by Daniel Bates.

        * WebCore.xcodeproj/project.pbxproj: Add new SPI headers.
        * platform/graphics/cg/ImageBufferCG.cpp: Switch to using
        "IOSurfaceSPI.h" from <IOSurface/IOSurface.h>.
        * platform/graphics/cg/ImageBufferDataCG.cpp: Ditto.
        * platform/graphics/cocoa/IOSurface.mm: Ditto.  Move definitions
        in <IOSurface/IOSurfacePrivate.h> into "IOSurfaceSPI.h".
        * platform/spi/cg/CoreGraphicsSPI.h: Switch to
        WTF_EXTERN_C_{BEGIN,END}.  Add
        CGContextGetFontAntialiasingStyle() and
        CGContextSetFontAntialiasingStyle().
        * platform/spi/cocoa/IOPMLibSPI.h: Switch to use IOReturnSPI.h.
        * platform/spi/cocoa/IOReturnSPI.h: Add.
        * platform/spi/cocoa/IOSurfaceSPI.h: Add.
        * platform/spi/cocoa/IOTypesSPI.h: Add.

2015-01-21  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] Skip items spanning flex tracks when sizing content based tracks
        https://bugs.webkit.org/show_bug.cgi?id=140720

        Reviewed by David Hyatt.

        Section "11.5. Resolve Intrinsic Track Sizes" of the specs forces
        us to ignore items spanning tracks with flex sizing functions when
        resolving the content-based track sizing functions. Items with
        span < 2 are not affected by this rule (as they will belong to a
        single track). This way the algorithm ensures that min-content and
        max-content restrictions are fulfilled before distributing the
        extra space.

        Test: fast/css-grid-layout/flex-and-content-sized-resolution-columns.html

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::spanningItemCrossesFlexibleSizedTracks):
        (WebCore::integerSpanForDirection):
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions):
        * rendering/RenderGrid.h:

2015-01-22  Yusuke Suzuki  <utatane.tea@gmail.com>

        put_by_val_direct need to check the property is index or not for using putDirect / putDirectIndex
        https://bugs.webkit.org/show_bug.cgi?id=140426

        Reviewed by Geoffrey Garen.

        Test: js/dfg-put-by-val-direct-with-edge-numbers.html

        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::getOwnPropertySlot):
        * bindings/js/JSHTMLAllCollectionCustom.cpp:
        (WebCore::callHTMLAllCollection):
        (WebCore::JSHTMLAllCollection::item):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateGetOwnPropertySlotBody):
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSFloat64Array.cpp:
        (WebCore::JSFloat64Array::getOwnPropertySlot):
        (WebCore::JSFloat64Array::getOwnPropertyDescriptor):
        (WebCore::JSFloat64Array::put):
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::JSTestEventTarget::getOwnPropertySlot):
        * bridge/runtime_array.cpp:
        (JSC::RuntimeArray::getOwnPropertySlot):
        (JSC::RuntimeArray::put):

2015-01-19  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] Size tracks using a list of all items sorted by span
        https://bugs.webkit.org/show_bug.cgi?id=140615

        Reviewed by Andreas Kling.

        In r173620 we fixed
        RenderGrid::resolveContentBasedTrackSizingFunctions() so that it
        now collects all items spanning content-sized tracks and process
        them one by one after sorting them by ascending span.

        The problem is that it was incorrectly implemented, it has two
        important bugs. First one is that the hash table that collects
        items is regenerated after processing each track, so it's actually
        doing nothing. Secondly we're only sorting the items on each
        track, instead of all the items in the grid.

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions):

2015-01-21  Daniel Bates  <dabates@apple.com>

        Fix the iOS release build after <http://trac.webkit.org/changeset/178868>
        (https://bugs.webkit.org/show_bug.cgi?id=140742)

        Substitute ASSERT_UNUSED() for ASSERT() since the parameter layer is used only in the assertion expression.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::needsIOSDumpRenderTreeMainFrameRenderViewLayerIsAlwaysOpaqueHack):

2015-01-21  Daniel Bates  <dabates@apple.com>

        [iOS] Many compositing tests fail in DumpRenderTree due to contentsOpaque difference
        https://bugs.webkit.org/show_bug.cgi?id=140742

        Reviewed by Simon Fraser.

        Make RenderLayerBacking::layerTreeAsText() (including internals.layerTreeAsText()) always
        report that the main frame's RenderView layer is opaque when running iOS DumpRenderTree to
        avoid test failures and the need to maintain for iOS WebKit1 an almost identical copy of the
        platform-independent compositing test results.

        The main frame's RenderView layer is always transparent in iOS WebKit1 since it does
        not make use of a tiled cache layer and defers to UIKit to handle the final compositing
        of the web view, including applying the page scale factor.

        * platform/RuntimeApplicationChecksIOS.mm:
        (WebCore::applicationIsDumpRenderTree): The app bundle identifier of DumpRenderTree has
        the form org.webkit.DumpRenderTreeX where X is some non-negative integer.
        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::dumpProperties): Modified to report that a layer is opaque when
        GraphicsLayerClient::needsIOSDumpRenderTreeMainFrameRenderViewLayerIsAlwaysOpaqueHack() returns true.
        * platform/graphics/GraphicsLayerClient.h:
        (WebCore::GraphicsLayerClient::needsIOSDumpRenderTreeMainFrameRenderViewLayerIsAlwaysOpaqueHack): Added
        default implementation (returns false).
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::needsIOSDumpRenderTreeMainFrameRenderViewLayerIsAlwaysOpaqueHack): Added;
        returns true when running in DumpRenderTree and the passed GraphicsLayer corresponds to the main frame's
        RenderView layer.
        * rendering/RenderLayerBacking.h:

2015-01-21  Roger Fong  <roger_fong@apple.com>

        WebGL2 (spec section 3.1): Add new types to WebGL2 API.
        https://bugs.webkit.org/show_bug.cgi?id=140741.
        <rdar://problem/19552962>

        Reviewed by Dean Jackson.

        * html/canvas/WebGL2RenderingContext.idl:

2015-01-21  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Move nextTextFragment() to FlowContents class.
        https://bugs.webkit.org/show_bug.cgi?id=140738

        Reviewed by Antti Koivisto.

        This is in preparation to make FlowContents an iterator class.
        
        No change in functionality.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::LineState::addUncommitted):
        (WebCore::SimpleLineLayout::LineState::addUncommittedWhitespace):
        (WebCore::SimpleLineLayout::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::initializeNewLine):
        (WebCore::SimpleLineLayout::splitFragmentToFitLine):
        (WebCore::SimpleLineLayout::createLineRuns):
        (WebCore::SimpleLineLayout::TextFragment::TextFragment): Deleted.
        (WebCore::SimpleLineLayout::TextFragment::isEmpty): Deleted.
        (WebCore::SimpleLineLayout::nextFragment): Deleted.
        * rendering/SimpleLineLayoutFlowContents.cpp:
        (WebCore::SimpleLineLayout::FlowContents::nextTextFragment):
        * rendering/SimpleLineLayoutFlowContents.h:
        (WebCore::SimpleLineLayout::FlowContents::TextFragment::TextFragment):
        (WebCore::SimpleLineLayout::FlowContents::TextFragment::isEmpty):

2015-01-21  Andreas Kling  <akling@apple.com>

        DocumentLoader::timing() should return a reference.
        <https://webkit.org/b/128272>

        Reviewed by Antti Koivisto.

        There is always a DocumentLoadTiming object, so return it by
        reference since it can never be null.

        * Modules/gamepad/NavigatorGamepad.cpp:
        (WebCore::NavigatorGamepad::from):
        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::serviceScriptedAnimations):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):
        * inspector/InspectorResourceAgent.cpp:
        (WebCore::buildObjectForTiming):
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::finishedLoading):
        (WebCore::DocumentLoader::willSendRequest):
        (WebCore::DocumentLoader::continueAfterNavigationPolicy):
        (WebCore::DocumentLoader::startLoadingMainResource):
        * loader/DocumentLoader.h:
        (WebCore::DocumentLoader::timing):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::stopLoading):
        (WebCore::FrameLoader::commitProvisionalLoad):
        (WebCore::FrameLoader::loadProvisionalItemFromCachedPage):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::dispatchLoadEvent):
        * page/Performance.cpp:
        (WebCore::Performance::now):
        * page/PerformanceNavigation.cpp:
        (WebCore::PerformanceNavigation::redirectCount):
        * page/PerformanceResourceTiming.cpp:
        (WebCore::monotonicTimeToDocumentMilliseconds):
        (WebCore::PerformanceResourceTiming::resourceTimeToDocumentMilliseconds):
        * page/PerformanceTiming.cpp:
        (WebCore::PerformanceTiming::documentLoadTiming):

2015-01-21  Benjamin Poulain  <benjamin@webkit.org>

        Handle the transition on any character as a separate type of transition
        https://bugs.webkit.org/show_bug.cgi?id=140711

        Reviewed by Andreas Kling.

        Instead of considering the universal transition as 127 transitions, it is now
        handled as a separate type of transition.

        The goal is to reduce the number of exit edge to consider for each node. Instead
        of having 127 for any partition containing one universal transition, we have
        as few exit edges as necessary + one universal transition.

        In the NFA, the universal transition is stored directly on NFANode in a new
        HashSet (transitionsOnAnyCharacter).
        The target nodes are made exclusive between "transitionsOnAnyCharacter" and "transitions"
        by construction. That is not strictly needed but it simplify debugging at the moment.

        When converting a NFA to a DFA, we first find all the node that transition on any character.
        Then, when we iterate over "real" transition, we also augment that set with the set on
        any character.

        When creating the DFA node, we first consider each "real" transition, then we have a single
        "fallback" transition for any character that has not been handled yet.

        When matching, we first search for any real transition. If there is none but a fallback exists,
        we take the fallback.

        * contentextensions/DFA.cpp:
        (WebCore::ContentExtensions::DFA::nextState):
        (WebCore::ContentExtensions::printTransitions):
        (WebCore::ContentExtensions::DFA::debugPrintDot):
        (WebCore::ContentExtensions::printTransition): Deleted.
        * contentextensions/DFANode.h:
        * contentextensions/NFA.cpp:
        (WebCore::ContentExtensions::NFA::addTransition):
        (WebCore::ContentExtensions::NFA::addTransitionsOnAnyCharacter):
        (WebCore::ContentExtensions::printTransitions):
        (WebCore::ContentExtensions::NFA::debugPrintDot):
        (WebCore::ContentExtensions::printTransition): Deleted.
        * contentextensions/NFA.h:
        * contentextensions/NFANode.h:
        * contentextensions/NFAToDFA.cpp:
        (WebCore::ContentExtensions::populateTransitions):
        (WebCore::ContentExtensions::getOrCreateDFANode):
        (WebCore::ContentExtensions::NFAToDFA::convert):
        * contentextensions/URLFilterParser.cpp:
        (WebCore::ContentExtensions::GraphBuilder::generateTransition):

2015-01-20  Antti Koivisto  <antti@apple.com>

        REGRESSION(r178180): Membuster regressed ~4%
        https://bugs.webkit.org/show_bug.cgi?id=140495

        Reviewed by Andreas Kling.

        After r178180 we keep system fallback fonts that are used on glyph pages alive.
        Previously we would traverse the glyph pages and remove entries referencing system fallbacks.

        * platform/graphics/FontCache.cpp:
        (WebCore::FontCache::purgeInactiveFontData):
        * platform/graphics/FontCascade.cpp:
        (WebCore::pruneUnreferencedEntriesFromFontGlyphsCache):
        (WebCore::pruneSystemFallbackFonts):
        * platform/graphics/FontCascade.h:
        * platform/graphics/FontGlyphs.cpp:
        (WebCore::FontGlyphs::pruneSystemFallbacks):

            When clearing the font cache also remove the cached glyph pages that may contain system fallback fonts
            and release the fallbacks.

        * platform/graphics/FontGlyphs.h:

2015-01-21  Manuel Rego Casasnovas  <rego@igalia.com>

        first-letter pseudo-element from ancestors is not being ignored in grids and flexboxes
        https://bugs.webkit.org/show_bug.cgi?id=138424

        Reviewed by Benjamin Poulain.

        Source/WebCore:

        According to the grid and flexbox specs:
        "::first-letter pseudo-element do not apply to grid/flex containers".
        http://dev.w3.org/csswg/css-grid/#grid-containers
        http://dev.w3.org/csswg/css-flexbox/#flex-containers

        Check also the CSS WG mailing list discussion:
        http://lists.w3.org/Archives/Public/www-style/2014Dec/0305.html

        This was almost working right, except in the case that an ancestor was
        setting the ::first-letter pseudo-element.

        Added a few more cases to the current tests in order to check this
        behavior.
        Also created some new tests to increase coverage

        Tests: fast/css/first-letter-from-ancestors-not-apply-inline-elements.html
               fast/css/first-letter-ignores-display-property.html

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::getFirstLetter): Go to the next sibling when
        looking for the first text child if you reach a grid or flexbox.

2015-01-21  Csaba Osztrogonác  <ossy@webkit.org>

        Fix cast-align warning in Source/WebCore/platform/efl/EflScreenUtilities.cpp
        https://bugs.webkit.org/show_bug.cgi?id=140670

        Reviewed by Darin Adler.

        * platform/efl/EflScreenUtilities.cpp:
        (WebCore::createCustomCursor):

2015-01-21  Csaba Osztrogonác  <ossy@webkit.org>

        Remove ENABLE(INSPECTOR) ifdef guards
        https://bugs.webkit.org/show_bug.cgi?id=140668

        Reviewed by Darin Adler.

        * Configurations/FeatureDefines.xcconfig:
        * WebCore.exp.in:
        * bindings/js/JSCommandLineAPIHostCustom.cpp:
        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::supportsProfiling):
        (WebCore::JSDOMWindowBase::supportsRichSourceInfo):
        * bindings/js/JSInspectorFrontendHostCustom.cpp:
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::collectIsolatedContexts):
        * bindings/js/ScriptController.h:
        * bindings/js/ScriptGlobalObject.cpp:
        (WebCore::ScriptGlobalObject::set):
        * bindings/js/ScriptGlobalObject.h:
        * bindings/js/WorkerScriptDebugServer.cpp:
        * bindings/js/WorkerScriptDebugServer.h:
        * dom/Node.cpp:
        (WebCore::Node::inspect):
        * inspector/CommandLineAPIHost.cpp:
        * inspector/CommandLineAPIHost.idl:
        * inspector/CommandLineAPIModule.cpp:
        * inspector/CommandLineAPIModule.h:
        * inspector/DOMEditor.cpp:
        * inspector/DOMEditor.h:
        * inspector/DOMPatchSupport.cpp:
        * inspector/DOMPatchSupport.h:
        * inspector/InspectorApplicationCacheAgent.cpp:
        * inspector/InspectorApplicationCacheAgent.h:
        * inspector/InspectorCSSAgent.cpp:
        * inspector/InspectorCSSAgent.h:
        * inspector/InspectorClient.cpp:
        * inspector/InspectorConsoleInstrumentation.h:
        (WebCore::InspectorInstrumentation::addMessageToConsole):
        (WebCore::InspectorInstrumentation::consoleCount):
        (WebCore::InspectorInstrumentation::startConsoleTiming):
        (WebCore::InspectorInstrumentation::stopConsoleTiming):
        (WebCore::InspectorInstrumentation::consoleTimeStamp):
        (WebCore::InspectorInstrumentation::startProfiling):
        (WebCore::InspectorInstrumentation::stopProfiling):
        * inspector/InspectorController.cpp:
        * inspector/InspectorController.h:
        * inspector/InspectorDOMAgent.cpp:
        * inspector/InspectorDOMAgent.h:
        * inspector/InspectorDOMDebuggerAgent.cpp:
        * inspector/InspectorDOMDebuggerAgent.h:
        * inspector/InspectorDOMStorageAgent.cpp:
        * inspector/InspectorDatabaseAgent.cpp:
        * inspector/InspectorDatabaseAgent.h:
        * inspector/InspectorDatabaseInstrumentation.h:
        (WebCore::InspectorInstrumentation::didOpenDatabase):
        * inspector/InspectorDatabaseResource.cpp:
        * inspector/InspectorDatabaseResource.h:
        * inspector/InspectorFrontendClientLocal.cpp:
        * inspector/InspectorFrontendHost.cpp:
        * inspector/InspectorFrontendHost.idl:
        * inspector/InspectorHistory.cpp:
        * inspector/InspectorHistory.h:
        * inspector/InspectorIndexedDBAgent.cpp:
        * inspector/InspectorIndexedDBAgent.h:
        * inspector/InspectorInstrumentation.cpp:
        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::didClearWindowObjectInWorld):
        (WebCore::InspectorInstrumentation::isDebuggerPaused):
        (WebCore::InspectorInstrumentation::willInsertDOMNode):
        (WebCore::InspectorInstrumentation::didInsertDOMNode):
        (WebCore::InspectorInstrumentation::willRemoveDOMNode):
        (WebCore::InspectorInstrumentation::didRemoveDOMNode):
        (WebCore::InspectorInstrumentation::willModifyDOMAttr):
        (WebCore::InspectorInstrumentation::didModifyDOMAttr):
        (WebCore::InspectorInstrumentation::didRemoveDOMAttr):
        (WebCore::InspectorInstrumentation::didInvalidateStyleAttr):
        (WebCore::InspectorInstrumentation::frameWindowDiscarded):
        (WebCore::InspectorInstrumentation::mediaQueryResultChanged):
        (WebCore::InspectorInstrumentation::didPushShadowRoot):
        (WebCore::InspectorInstrumentation::willPopShadowRoot):
        (WebCore::InspectorInstrumentation::didCreateNamedFlow):
        (WebCore::InspectorInstrumentation::willRemoveNamedFlow):
        (WebCore::InspectorInstrumentation::didChangeRegionOverset):
        (WebCore::InspectorInstrumentation::didRegisterNamedFlowContentElement):
        (WebCore::InspectorInstrumentation::didUnregisterNamedFlowContentElement):
        (WebCore::InspectorInstrumentation::mouseDidMoveOverElement):
        (WebCore::InspectorInstrumentation::handleTouchEvent):
        (WebCore::InspectorInstrumentation::handleMousePress):
        (WebCore::InspectorInstrumentation::forcePseudoState):
        (WebCore::InspectorInstrumentation::characterDataModified):
        (WebCore::InspectorInstrumentation::willSendXMLHttpRequest):
        (WebCore::InspectorInstrumentation::didInstallTimer):
        (WebCore::InspectorInstrumentation::didRemoveTimer):
        (WebCore::InspectorInstrumentation::willCallFunction):
        (WebCore::InspectorInstrumentation::didCallFunction):
        (WebCore::InspectorInstrumentation::willDispatchXHRReadyStateChangeEvent):
        (WebCore::InspectorInstrumentation::didDispatchXHRReadyStateChangeEvent):
        (WebCore::InspectorInstrumentation::willDispatchEvent):
        (WebCore::InspectorInstrumentation::didDispatchEvent):
        (WebCore::InspectorInstrumentation::willHandleEvent):
        (WebCore::InspectorInstrumentation::didHandleEvent):
        (WebCore::InspectorInstrumentation::willDispatchEventOnWindow):
        (WebCore::InspectorInstrumentation::didDispatchEventOnWindow):
        (WebCore::InspectorInstrumentation::willEvaluateScript):
        (WebCore::InspectorInstrumentation::didEvaluateScript):
        (WebCore::InspectorInstrumentation::scriptsEnabled):
        (WebCore::InspectorInstrumentation::willFireTimer):
        (WebCore::InspectorInstrumentation::didFireTimer):
        (WebCore::InspectorInstrumentation::didInvalidateLayout):
        (WebCore::InspectorInstrumentation::willLayout):
        (WebCore::InspectorInstrumentation::didLayout):
        (WebCore::InspectorInstrumentation::didScroll):
        (WebCore::InspectorInstrumentation::willDispatchXHRLoadEvent):
        (WebCore::InspectorInstrumentation::didDispatchXHRLoadEvent):
        (WebCore::InspectorInstrumentation::willPaint):
        (WebCore::InspectorInstrumentation::didPaint):
        (WebCore::InspectorInstrumentation::willScrollLayer):
        (WebCore::InspectorInstrumentation::didScrollLayer):
        (WebCore::InspectorInstrumentation::willRecalculateStyle):
        (WebCore::InspectorInstrumentation::didRecalculateStyle):
        (WebCore::InspectorInstrumentation::didScheduleStyleRecalculation):
        (WebCore::InspectorInstrumentation::applyEmulatedMedia):
        (WebCore::InspectorInstrumentation::willSendRequest):
        (WebCore::InspectorInstrumentation::continueAfterPingLoader):
        (WebCore::InspectorInstrumentation::markResourceAsCached):
        (WebCore::InspectorInstrumentation::didLoadResourceFromMemoryCache):
        (WebCore::InspectorInstrumentation::willReceiveResourceResponse):
        (WebCore::InspectorInstrumentation::didReceiveResourceResponse):
        (WebCore::InspectorInstrumentation::continueAfterXFrameOptionsDenied):
        (WebCore::InspectorInstrumentation::continueWithPolicyDownload):
        (WebCore::InspectorInstrumentation::continueWithPolicyIgnore):
        (WebCore::InspectorInstrumentation::didReceiveData):
        (WebCore::InspectorInstrumentation::didFinishLoading):
        (WebCore::InspectorInstrumentation::didFailLoading):
        (WebCore::InspectorInstrumentation::documentThreadableLoaderStartedLoadingForClient):
        (WebCore::InspectorInstrumentation::willLoadXHR):
        (WebCore::InspectorInstrumentation::didFailXHRLoading):
        (WebCore::InspectorInstrumentation::didFinishXHRLoading):
        (WebCore::InspectorInstrumentation::didReceiveXHRResponse):
        (WebCore::InspectorInstrumentation::willLoadXHRSynchronously):
        (WebCore::InspectorInstrumentation::didLoadXHRSynchronously):
        (WebCore::InspectorInstrumentation::scriptImported):
        (WebCore::InspectorInstrumentation::scriptExecutionBlockedByCSP):
        (WebCore::InspectorInstrumentation::didReceiveScriptResponse):
        (WebCore::InspectorInstrumentation::domContentLoadedEventFired):
        (WebCore::InspectorInstrumentation::loadEventFired):
        (WebCore::InspectorInstrumentation::frameDetachedFromParent):
        (WebCore::InspectorInstrumentation::didCommitLoad):
        (WebCore::InspectorInstrumentation::frameDocumentUpdated):
        (WebCore::InspectorInstrumentation::loaderDetachedFromFrame):
        (WebCore::InspectorInstrumentation::frameStartedLoading):
        (WebCore::InspectorInstrumentation::frameStoppedLoading):
        (WebCore::InspectorInstrumentation::frameScheduledNavigation):
        (WebCore::InspectorInstrumentation::frameClearedScheduledNavigation):
        (WebCore::InspectorInstrumentation::willRunJavaScriptDialog):
        (WebCore::InspectorInstrumentation::didRunJavaScriptDialog):
        (WebCore::InspectorInstrumentation::willDestroyCachedResource):
        (WebCore::InspectorInstrumentation::willWriteHTML):
        (WebCore::InspectorInstrumentation::didWriteHTML):
        (WebCore::InspectorInstrumentation::didDispatchDOMStorageEvent):
        (WebCore::InspectorInstrumentation::shouldPauseDedicatedWorkerOnStart):
        (WebCore::InspectorInstrumentation::didStartWorkerGlobalScope):
        (WebCore::InspectorInstrumentation::workerGlobalScopeTerminated):
        (WebCore::InspectorInstrumentation::didCreateWebSocket):
        (WebCore::InspectorInstrumentation::willSendWebSocketHandshakeRequest):
        (WebCore::InspectorInstrumentation::didReceiveWebSocketHandshakeResponse):
        (WebCore::InspectorInstrumentation::didCloseWebSocket):
        (WebCore::InspectorInstrumentation::didReceiveWebSocketFrame):
        (WebCore::InspectorInstrumentation::didReceiveWebSocketFrameError):
        (WebCore::InspectorInstrumentation::didSendWebSocketFrame):
        (WebCore::InspectorInstrumentation::sessionCreated):
        (WebCore::InspectorInstrumentation::sessionLoaded):
        (WebCore::InspectorInstrumentation::sessionModified):
        (WebCore::InspectorInstrumentation::segmentCreated):
        (WebCore::InspectorInstrumentation::segmentCompleted):
        (WebCore::InspectorInstrumentation::segmentLoaded):
        (WebCore::InspectorInstrumentation::segmentUnloaded):
        (WebCore::InspectorInstrumentation::captureStarted):
        (WebCore::InspectorInstrumentation::captureStopped):
        (WebCore::InspectorInstrumentation::playbackStarted):
        (WebCore::InspectorInstrumentation::playbackPaused):
        (WebCore::InspectorInstrumentation::playbackFinished):
        (WebCore::InspectorInstrumentation::playbackHitPosition):
        (WebCore::InspectorInstrumentation::networkStateChanged):
        (WebCore::InspectorInstrumentation::updateApplicationCacheStatus):
        (WebCore::InspectorInstrumentation::didRequestAnimationFrame):
        (WebCore::InspectorInstrumentation::didCancelAnimationFrame):
        (WebCore::InspectorInstrumentation::willFireAnimationFrame):
        (WebCore::InspectorInstrumentation::didFireAnimationFrame):
        (WebCore::InspectorInstrumentation::layerTreeDidChange):
        (WebCore::InspectorInstrumentation::renderLayerDestroyed):
        (WebCore::InspectorInstrumentation::pseudoElementDestroyed):
        (WebCore::InspectorInstrumentation::instrumentingAgentsForDocument):
        (WebCore::InspectorInstrumentation::hasFrontends): Deleted.
        (WebCore::InspectorInstrumentation::consoleAgentEnabled): Deleted.
        (WebCore::InspectorInstrumentation::runtimeAgentEnabled): Deleted.
        (WebCore::InspectorInstrumentation::timelineAgentEnabled): Deleted.
        (WebCore::InspectorInstrumentation::replayAgentEnabled): Deleted.
        * inspector/InspectorLayerTreeAgent.cpp:
        * inspector/InspectorLayerTreeAgent.h:
        * inspector/InspectorOverlay.cpp:
        * inspector/InspectorPageAgent.cpp:
        * inspector/InspectorPageAgent.h:
        * inspector/InspectorReplayAgent.cpp:
        * inspector/InspectorReplayAgent.h:
        * inspector/InspectorResourceAgent.cpp:
        * inspector/InspectorResourceAgent.h:
        * inspector/InspectorStyleSheet.cpp:
        * inspector/InspectorStyleSheet.h:
        * inspector/InspectorStyleTextEditor.cpp:
        * inspector/InspectorStyleTextEditor.h:
        * inspector/InspectorTimelineAgent.cpp:
        * inspector/InspectorTimelineAgent.h:
        * inspector/InspectorWorkerAgent.cpp:
        * inspector/InspectorWorkerResource.h:
        * inspector/InstrumentingAgents.cpp:
        * inspector/NetworkResourcesData.cpp:
        * inspector/NetworkResourcesData.h:
        * inspector/PageConsoleAgent.cpp:
        * inspector/PageConsoleAgent.h:
        * inspector/PageDebuggerAgent.cpp:
        * inspector/PageDebuggerAgent.h:
        * inspector/PageRuntimeAgent.cpp:
        * inspector/PageRuntimeAgent.h:
        * inspector/PageScriptDebugServer.cpp:
        * inspector/PageScriptDebugServer.h:
        * inspector/TimelineRecordFactory.cpp:
        * inspector/WebConsoleAgent.cpp:
        * inspector/WebConsoleAgent.h:
        * inspector/WebDebuggerAgent.cpp:
        * inspector/WebDebuggerAgent.h:
        * inspector/WebInjectedScriptHost.cpp:
        * inspector/WebInjectedScriptHost.h:
        * inspector/WebInjectedScriptManager.cpp:
        * inspector/WebInjectedScriptManager.h:
        * inspector/WorkerConsoleAgent.cpp:
        * inspector/WorkerConsoleAgent.h:
        * inspector/WorkerDebuggerAgent.cpp:
        * inspector/WorkerDebuggerAgent.h:
        * inspector/WorkerInspectorController.cpp:
        * inspector/WorkerInspectorController.h:
        * inspector/WorkerRuntimeAgent.cpp:
        * inspector/WorkerRuntimeAgent.h:
        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::didReceiveResponse):
        (WebCore::DocumentThreadableLoader::loadRequest):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
        (WebCore::FrameLoader::dispatchDidClearWindowObjectInWorld):
        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::createResourceHandle):
        (WebCore::ApplicationCacheGroup::didReceiveResponse):
        * loader/appcache/ApplicationCacheHost.cpp:
        (WebCore::ApplicationCacheHost::applicationCacheInfo):
        * loader/appcache/ApplicationCacheHost.h:
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::shouldContinueAfterNotifyingLoadedFromMemoryCache):
        * page/ContextMenuController.cpp:
        (WebCore::ContextMenuController::showContextMenu):
        (WebCore::ContextMenuController::contextMenuItemSelected):
        (WebCore::ContextMenuController::populate):
        (WebCore::ContextMenuController::addInspectElementItem):
        (WebCore::ContextMenuController::checkOrEnableIfNeeded):
        * page/FrameView.cpp:
        (WebCore::FrameView::sendResizeEventIfNeeded):
        * page/Page.cpp:
        (WebCore::Page::Page):
        (WebCore::Page::~Page):
        * page/Page.h:
        * platform/ContextMenuItem.h:
        * platform/efl/EflInspectorUtilities.cpp:
        * platform/efl/EflInspectorUtilities.h:
        * platform/network/ResourceRequestBase.h:
        (WebCore::ResourceRequestBase::ResourceRequestBase):
        * platform/network/cf/ResourceRequestCFNet.cpp:
        (WebCore::ResourceRequest::updateFromDelegatePreservingOldProperties):
        * platform/network/cocoa/ResourceRequestCocoa.mm:
        (WebCore::ResourceRequest::updateFromDelegatePreservingOldProperties):
        * testing/Internals.cpp:
        (WebCore::InspectorFrontendChannelDummy::sendMessageToFrontend):
        (WebCore::Internals::resetToConsistentState):
        (WebCore::Internals::inspectorHighlightRects):
        (WebCore::Internals::inspectorHighlightObject):
        (WebCore::Internals::setInspectorIsUnderTest):
        * testing/Internals.h:
        * testing/Internals.idl:
        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::WorkerGlobalScope):
        * workers/WorkerGlobalScope.h:
        * workers/WorkerGlobalScopeProxy.h:
        * workers/WorkerMessagingProxy.cpp:
        (WebCore::WorkerMessagingProxy::WorkerMessagingProxy):
        (WebCore::WorkerMessagingProxy::sendMessageToInspector):
        (WebCore::WorkerMessagingProxy::postMessageToPageInspector):
        * workers/WorkerMessagingProxy.h:
        * workers/WorkerReportingProxy.h:
        * workers/WorkerThread.cpp:
        (WebCore::WorkerThread::workerThread):

2015-01-20  Chris Dumez  <cdumez@apple.com>

        Simplify DiagnosticLoggingClient call sites
        https://bugs.webkit.org/show_bug.cgi?id=140701

        Reviewed by Andreas Kling.

        Simplify DiagnosticLoggingClient call sites by:
        - Moving the Settings::diagnosticLoggingEnabled() check inside the
          MainFrame::diagnosticLoggingClient() getter.
        - Having MainFrame::diagnosticLoggingClient() return a reference
          instead of a pointer (returning a dummy client if necessary).

        Otherwise, each call site needs to both check the setting and do a
        null-check on the client which is a bit annoying.

        * history/PageCache.cpp:
        (WebCore::logPageCacheFailureDiagnosticMessage):
        (WebCore::logCanCacheFrameDecision):
        (WebCore::logCanCachePageDecision):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):
        * loader/EmptyClients.h:
        * loader/FrameLoader.cpp:
        (WebCore::logNavigation):
        (WebCore::FrameLoader::checkLoadCompleteForThisFrame):
        * loader/SubframeLoader.cpp:
        (WebCore::logPluginRequest):
        * loader/SubresourceLoader.cpp:
        (WebCore::logResourceLoaded):
        * page/DiagnosticLoggingClient.h:
        (WebCore::DiagnosticLoggingClient::logDiagnosticMessage): Deleted.
        (WebCore::DiagnosticLoggingClient::logDiagnosticMessageWithResult): Deleted.
        (WebCore::DiagnosticLoggingClient::logDiagnosticMessageWithValue): Deleted.
        * page/MainFrame.cpp:
        (WebCore::MainFrame::diagnosticLoggingClient):
        * page/MainFrame.h:

2015-01-20  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Should show dynamic specificity values
        https://bugs.webkit.org/show_bug.cgi?id=140647

        Reviewed by Benjamin Poulain.

        Test: inspector/css/selector-dynamic-specificity.html

        * inspector/InspectorCSSAgent.h:
        * inspector/InspectorCSSAgent.cpp:
        (WebCore::InspectorCSSAgent::setRuleSelector):
        (WebCore::InspectorCSSAgent::addRule):
        (WebCore::InspectorCSSAgent::buildObjectForRule):
        (WebCore::InspectorCSSAgent::buildArrayForMatchedRuleList):
        When building a response for a particular element, pass the element along.

        * inspector/InspectorStyleSheet.h:
        * inspector/InspectorStyleSheet.cpp:
        (WebCore::hasDynamicSpecificity):
        (WebCore::buildObjectForSelectorHelper):
        (WebCore::selectorsFromSource):
        (WebCore::InspectorStyleSheet::buildObjectForSelector):
        (WebCore::InspectorStyleSheet::buildObjectForSelectorList):
        (WebCore::InspectorStyleSheet::buildObjectForRule):
        (WebCore::InspectorStyleSheet::buildArrayForRuleList):
        (WebCore::InspectorStyleSheetForInlineStyle::InspectorStyleSheetForInlineStyle):
        When building a response for a Selector, include the specificity if we know
        the element in context.

2015-01-20  Brent Fulgham  <bfulgham@apple.com>

        [Win] Build fix after r178760.

        Windows will not accept a variable as the size declaration for an array.

        * svg/SVGToOTFFontConversion.cpp:
        (WebCore::SVGToOTFFontConverter::appendGSUBTable): Make size argument a const.

2015-01-20  Brent Fulgham  <bfulgham@apple.com>

        [Win] Unreviewed Windows project file gardening.

        * WebCore.vcxproj/WebCore.vcxproj: Add missing SVG files and put things in their proper
        folders.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.

2015-01-20  Benjamin Poulain  <benjamin@webkit.org>

        URLFilterParser dismisses the last atom when parsing a builtin character class
        https://bugs.webkit.org/show_bug.cgi?id=140695

        Reviewed by Andreas Kling.

        The pending atom was not sunk before creating the new atom.

        * contentextensions/URLFilterParser.cpp:
        (WebCore::ContentExtensions::GraphBuilder::atomBuiltInCharacterClass):

2015-01-20  Andreas Kling  <akling@apple.com>

        Fast path for casting JSValue to JSDocument*.
        <https://webkit.org/b/134655>

        Add a custom JSType bit for JSDocument so we can quickly cast to it
        from JSValue in the DocumentPrototype functions. This removes a bunch
        of grunt work and branches from common functions like getElementById.

        Also removed GetCastingHelperForBaseObject and replace it with
        simple jsCasts since we don't need dynamic type checks for the base.

        Reviewed by Darin Adler.

        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSDOMWrapper.h:
        * bindings/js/JSDocumentCustom.h:
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        (GetCastingHelperForThisObject):
        (GenerateImplementation):
        (GetCastingHelperForBaseObject): Deleted.
        * dom/Document.idl:

2015-01-20  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r178751.
        https://bugs.webkit.org/show_bug.cgi?id=140694

        Caused 32-bit JSC test failures (Requested by JoePeck on
        #webkit).

        Reverted changeset:

        "put_by_val_direct need to check the property is index or not
        for using putDirect / putDirectIndex"
        https://bugs.webkit.org/show_bug.cgi?id=140426
        http://trac.webkit.org/changeset/178751

2015-01-20  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Use FlowContents::Segment::text instead of renderer when possible.
        https://bugs.webkit.org/show_bug.cgi?id=140692

        Reviewed by Myles C. Maxfield.

        No change in functionality.

        * rendering/SimpleLineLayoutResolver.cpp:
        (WebCore::SimpleLineLayout::RunResolver::Run::text):

2015-01-20  David Kilzer  <ddkilzer@apple.com>

        Switch to comparing PLATFORM_NAME in terms of macosx
        <http://webkit.org/b/139516>

        Reviewed by Timothy Hatcher.

        * bindings/scripts/preprocessor.pm:
        (applyPreprocessor):
        * generate-export-file:
        (preprocessorMacros):

2015-01-20  Benjamin Poulain  <benjamin@webkit.org>

        Attempt to fix 32bits builds after r178743

        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::shouldBlockURL):

2015-01-20  Yusuke Suzuki  <utatane.tea@gmail.com>

        put_by_val_direct need to check the property is index or not for using putDirect / putDirectIndex
        https://bugs.webkit.org/show_bug.cgi?id=140426

        Reviewed by Geoffrey Garen.

        Test: js/dfg-put-by-val-direct-with-edge-numbers.html

        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::getOwnPropertySlot):
        * bindings/js/JSHTMLAllCollectionCustom.cpp:
        (WebCore::callHTMLAllCollection):
        (WebCore::JSHTMLAllCollection::item):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateGetOwnPropertySlotBody):
        (GenerateImplementation):
        * bindings/scripts/test/JS/JSFloat64Array.cpp:
        (WebCore::JSFloat64Array::getOwnPropertySlot):
        (WebCore::JSFloat64Array::getOwnPropertyDescriptor):
        (WebCore::JSFloat64Array::put):
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::JSTestEventTarget::getOwnPropertySlot):
        * bridge/runtime_array.cpp:
        (JSC::RuntimeArray::getOwnPropertySlot):
        (JSC::RuntimeArray::put):

2015-01-20  Chris Dumez  <cdumez@apple.com>

        Drop width / height shorthands code from StylePropertyShorthand.*
        https://bugs.webkit.org/show_bug.cgi?id=140686

        Reviewed by Andreas Kling.

        Drop width / height shorthands code from StylePropertyShorthand.*.
        width / height are not shorthands for min-width/max-width and
        min-height/max-height. Also, only matchingCustomShorthandsForLonghand()
        treats these as shorthands. For e.g, the reverse method
        (indexOfShorthandForLonghand()) does not.

        * css/StylePropertyShorthand.cpp:
        (WebCore::widthShorthand): Deleted.
        (WebCore::heightShorthand): Deleted.
        * css/StylePropertyShorthand.h:
        (WebCore::matchingCustomShorthandsForLonghand):

2015-01-20  Benjamin Poulain  <benjamin@webkit.org>

        Add a mechanism to ignore previous content extension rules
        https://bugs.webkit.org/show_bug.cgi?id=140663

        Reviewed by Andreas Kling.

        * contentextensions/ContentExtensionRule.h:
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::shouldBlockURL):
        * contentextensions/ContentExtensionsManager.cpp:
        (WebCore::ContentExtensions::ExtensionsManager::loadAction):

2015-01-20  Benjamin Poulain  <benjamin@webkit.org>

        Resolve the epsilon transitions for each state upfront instead of dynamically
        https://bugs.webkit.org/show_bug.cgi?id=140654

        Reviewed by Andreas Kling.

        Instead of recomputing the epsilon-closure for each set, we compute the closure
        of every element at the beginning of the transformation.

        We then remove the epsilon transitions from the NFA to simplify populateTransitions().
        The epsilon transitions are still there, but they are now in a separate graph we use
        in parallel.

        * contentextensions/NFAToDFA.cpp:
        (WebCore::ContentExtensions::epsilonClosureExcludingSelf):
        (WebCore::ContentExtensions::resolveEpsilonClosures):
        (WebCore::ContentExtensions::extendSetWithClosure):
        (WebCore::ContentExtensions::populateTransitions):
        (WebCore::ContentExtensions::NFAToDFA::convert):
        (WebCore::ContentExtensions::epsilonClosure): Deleted.
        (WebCore::ContentExtensions::populateTransitionsExcludingEpsilon): Deleted.
        * contentextensions/NFAToDFA.h:

2015-01-20  Chris Dumez  <cdumez@apple.com>

        Log types of resources being loaded using DiagnosticLoggingClient
        https://bugs.webkit.org/show_bug.cgi?id=140682

        Reviewed by Andreas Kling.

        Log types of resources being loaded using DiagnosticLoggingClient
        instead of the legacy FeatureCounter.

        * loader/SubresourceLoader.cpp:
        (WebCore::logResourceLoaded):
        (WebCore::SubresourceLoader::didFinishLoading):
        (WebCore::logResourceLoadedUsingFeatureCounter): Deleted.
        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::otherKey):
        (WebCore::DiagnosticLoggingKeys::mainResourceKey):
        (WebCore::DiagnosticLoggingKeys::loadedKey):
        (WebCore::DiagnosticLoggingKeys::imageKey):
        (WebCore::DiagnosticLoggingKeys::rawKey):
        (WebCore::DiagnosticLoggingKeys::resourceKey):
        (WebCore::DiagnosticLoggingKeys::scriptKey):
        (WebCore::DiagnosticLoggingKeys::styleSheetKey):
        (WebCore::DiagnosticLoggingKeys::svgDocumentKey):
        (WebCore::DiagnosticLoggingKeys::fontKey):
        * page/DiagnosticLoggingKeys.h:
        * platform/FeatureCounterKeys.h:

2015-01-20  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Remove redundant style.preserveNewline check when collapsing trailing whitespace.
        https://bugs.webkit.org/show_bug.cgi?id=140684

        Reviewed by Antti Koivisto.

        FlowContents::isLineBreak() checks whether we are at a hard newline.

        No change in functionality.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::removeTrailingWhitespace):

2015-01-19  Simon Fraser  <simon.fraser@apple.com>

        Add a way to collect scrolling performance data (viewport tile coverage) with UI-side compositing
        https://bugs.webkit.org/show_bug.cgi?id=140474

        Reviewed by Tim Horton.

        Add accessors for standard names for container CALayer for each of the tile grids,
        and when tile grids are swapped, update those names as appropriate.
        
        * WebCore.exp.in:
        * platform/graphics/ca/TileController.cpp:
        (WebCore::TileController::tileGridContainerLayerName):
        (WebCore::TileController::zoomedOutTileGridContainerLayerName):
        (WebCore::TileController::setContentsScale):
        * platform/graphics/ca/TileController.h:
        * platform/graphics/ca/TileGrid.cpp:
        (WebCore::TileGrid::TileGrid):
        (WebCore::TileGrid::setIsZoomedOutTileGrid):
        * platform/graphics/ca/TileGrid.h:

2015-01-20  Csaba Osztrogonác  <ossy@webkit.org>

        Fix unused-private-field warning in IconEfl.cpp
        https://bugs.webkit.org/show_bug.cgi?id=140676

        Reviewed by Darin Adler.

        * platform/graphics/Icon.h:
        * platform/graphics/efl/IconEfl.cpp:
        (WebCore::Icon::Icon): Deleted.

2015-01-20  Csaba Osztrogonác  <ossy@webkit.org>

        Fix unused-private-field warning in FontCustomPlatformDataFreeType.cpp
        https://bugs.webkit.org/show_bug.cgi?id=140677

        Reviewed by Martin Robinson.

        * platform/graphics/cairo/FontCustomPlatformData.h:
        * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:
        (WebCore::FontCustomPlatformData::FontCustomPlatformData):
        (WebCore::FontCustomPlatformData::~FontCustomPlatformData):

2015-01-20  peavo@outlook.com  <peavo@outlook.com>

        Plugin content not loaded.
        https://bugs.webkit.org/show_bug.cgi?id=140672

        Reviewed by Brent Fulgham.

        It seems this is caused by a std::unique_ptr in CClass::methodNamed being moved,
        resetting its raw pointer. The raw pointer, which now is null, is then returned
        from the method.

        * bridge/c/c_class.cpp:
        (JSC::Bindings::CClass::methodNamed):
        (JSC::Bindings::CClass::fieldNamed):

2015-01-20  Darin Adler  <darin@apple.com>

        Remove SVGElementInstanceList, m_instanceUnderMouse, DUMP_INSTANCE_TREE, DUMP_SHADOW_TREE
        https://bugs.webkit.org/show_bug.cgi?id=140679

        Reviewed by Anders Carlsson.

        First step in removing the SVG instance tree.
        All based on redoing the same excellent work Rob Buis did to remove this in Blink in crbug.com/313438.

        * CMakeLists.txt: Removed the source files.
        * DerivedSources.cpp: Ditto.
        * DerivedSources.make: Ditto.
        * WebCore.vcxproj/WebCore.vcxproj: Ditto.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::clear): Removed code to set unused m_instanceUnderMouse.
        (WebCore::EventHandler::updateMouseEventTargetNode): Ditto.
        * page/EventHandler.h: Removed m_instanceUnderMouse.

        * svg/SVGAllInOne.cpp: Removed the source files.
        * svg/SVGElementInstance.cpp:
        (WebCore::SVGElementInstance::childNodes): Deleted.
        * svg/SVGElementInstance.h: Removed childNodes.
        * svg/SVGElementInstance.idl: Ditto.
        * svg/SVGElementInstanceList.cpp: Removed.
        * svg/SVGElementInstanceList.h: Removed.
        * svg/SVGElementInstanceList.idl: Removed.
        * svg/SVGUseElement.cpp:
        (WebCore::dumpInstanceTree): Deleted.
        (WebCore::SVGUseElement::buildShadowAndInstanceTree): Removed DUMP_INSTANCE_TREE and
        DUMP_SHADOW_TREE code.

2015-01-19  Brian J. Burg  <burg@cs.washington.edu>

        Web Replay: code generator should take supplemental specifications and allow cross-framework references
        https://bugs.webkit.org/show_bug.cgi?id=136312

        Reviewed by Joseph Pecoraro.

        Changes covered by existing input generator tests.

        * DerivedSources.make: Add JSInputs.json as supplemental specification.
        * replay/WebInputs.json: Moved common types to JSInputs.json.

2015-01-20  Csaba Osztrogonác  <ossy@webkit.org>

        Fix unused-const-variable warning in RenderLayerCompositor.cpp
        https://bugs.webkit.org/show_bug.cgi?id=140678

        Reviewed by Simon Fraser.

        * rendering/RenderLayerCompositor.cpp:

2015-01-20  Csaba Osztrogonác  <ossy@webkit.org>

        [gstreamer] Fix expression result unused warning in GRefPtrGStreamer.cpp
        https://bugs.webkit.org/show_bug.cgi?id=140671

        Reviewed by Philippe Normand.

        * platform/graphics/gstreamer/GRefPtrGStreamer.cpp:
        (WTF::refGPtr<GstToc>):

2015-01-19  Dean Jackson  <dino@apple.com>

        Support "plus-darker" in mix-blend mode
        https://bugs.webkit.org/show_bug.cgi?id=140646
        <rdar://problem/19523370>

        Reviewed by Simon Fraser.

        Support the "plus-darker" blending mode to CSS.
        See: https://lists.w3.org/Archives/Public/public-fx/2015JanMar/0021.html

        Test: css3/blending/svg-blend-plus-darker.html

        * css/CSSParser.cpp:
        (WebCore::isValidKeywordPropertyAndValue): mix-blend-mode can now accept
        the new keyword.
        * css/CSSPrimitiveValueMappings.h: Add the mappings.
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        (WebCore::CSSPrimitiveValue::operator BlendMode):
        * platform/graphics/GraphicsTypes.cpp: Add the new GraphicsType.
        * platform/graphics/GraphicsTypes.h:
        * platform/graphics/ca/mac/PlatformCAFiltersMac.mm: Map to the CA compositing filter.
        (PlatformCAFilters::setBlendingFiltersOnLayer):
        * platform/graphics/cg/GraphicsContextCG.cpp:
        (WebCore::GraphicsContext::setPlatformCompositeOperation): Map to the CG blending flag.

2015-01-20  Csaba Osztrogonác  <ossy@webkit.org>

        Fix 'register' storage class specifier is deprecated warning
        https://bugs.webkit.org/show_bug.cgi?id=140669

        Reviewed by Carlos Garcia Campos.

        * platform/audio/gstreamer/WebKitWebAudioSourceGStreamer.cpp:
        (webKitWebAudioSrcLoop):

2015-01-20  Chris Dumez  <cdumez@apple.com>

        Use DiagnosticLoggingClient to log page cache failures
        https://bugs.webkit.org/show_bug.cgi?id=140650

        Reviewed by Andreas Kling.

        Use DiagnosticLoggingClient to log page cache failures instead of the
        legacy FeatureCounter.

        * history/PageCache.cpp:
        (WebCore::logPageCacheFailureDiagnosticMessage):
        (WebCore::logCanCacheFrameDecision):
        (WebCore::logCanCachePageDecision):
        (WebCore::PageCache::canCache):
        (WebCore::pruningReasonToDiagnosticLoggingKey):
        (WebCore::PageCache::take):
        (WebCore::PageCache::get):
        (WebCore::pruningReasonToFeatureCounterKey): Deleted.
        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::successKey):
        (WebCore::DiagnosticLoggingKeys::failureKey):
        (WebCore::DiagnosticLoggingKeys::pageLoadedKey):
        (WebCore::DiagnosticLoggingKeys::engineFailedToLoadKey):
        (WebCore::DiagnosticLoggingKeys::navigationKey):
        (WebCore::DiagnosticLoggingKeys::pageCacheKey):
        (WebCore::DiagnosticLoggingKeys::noDocumentLoaderKey):
        (WebCore::DiagnosticLoggingKeys::mainDocumentErrorKey):
        (WebCore::DiagnosticLoggingKeys::isErrorPageKey):
        (WebCore::DiagnosticLoggingKeys::hasPluginsKey):
        (WebCore::DiagnosticLoggingKeys::httpsNoStoreKey):
        (WebCore::DiagnosticLoggingKeys::hasOpenDatabasesKey):
        (WebCore::DiagnosticLoggingKeys::noCurrentHistoryItemKey):
        (WebCore::DiagnosticLoggingKeys::quirkRedirectComingKey):
        (WebCore::DiagnosticLoggingKeys::loadingAPISenseKey):
        (WebCore::DiagnosticLoggingKeys::documentLoaderStoppingKey):
        (WebCore::DiagnosticLoggingKeys::cannotSuspendActiveDOMObjectsKey):
        (WebCore::DiagnosticLoggingKeys::applicationCacheKey):
        (WebCore::DiagnosticLoggingKeys::deniedByClientKey):
        (WebCore::DiagnosticLoggingKeys::deviceMotionKey):
        (WebCore::DiagnosticLoggingKeys::deviceOrientationKey):
        (WebCore::DiagnosticLoggingKeys::deviceProximityKey):
        (WebCore::DiagnosticLoggingKeys::reloadKey):
        (WebCore::DiagnosticLoggingKeys::reloadFromOriginKey):
        (WebCore::DiagnosticLoggingKeys::sameLoadKey):
        (WebCore::DiagnosticLoggingKeys::expiredKey):
        (WebCore::DiagnosticLoggingKeys::prunedDueToMemoryPressureKey):
        (WebCore::DiagnosticLoggingKeys::prunedDueToCapacityReached):
        (WebCore::DiagnosticLoggingKeys::prunedDueToProcessSuspended):
        (WebCore::DiagnosticLoggingKeys::passKey): Deleted.
        (WebCore::DiagnosticLoggingKeys::failKey): Deleted.
        (WebCore::DiagnosticLoggingKeys::noopKey): Deleted.
        * page/DiagnosticLoggingKeys.h:
        * platform/FeatureCounterKeys.h:

2015-01-19  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] Wrong arguments passed to computeNormalizedFractionBreadth
        https://bugs.webkit.org/show_bug.cgi?id=139058

        Reviewed by Andreas Kling.

        The method RenderGrid::computeNormalizedFractionBreadth() is
        supposed to get as fourth argument either the grid element's
        content box size or the max-size of a particular grid item. For
        the former we were incorrectly passing the free space after
        distributing the available space to tracks.

        Apart from that, that method has a bug in its implementation. As
        we were using the free space instead of the grid element's content
        box size, we didn't have to subtract the usedBreadth of grid
        tracks from the passed in value. That did not work for the case of
        the caller passing the max-size of a particular item.

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
        (WebCore::RenderGrid::computeNormalizedFractionBreadth):

2015-01-19  Myles C. Maxfield  <mmaxfield@apple.com>

        [SVG -> OTF Converter] Flip the switch on
        https://bugs.webkit.org/show_bug.cgi?id=140592

        Reviewed by Antti Koivisto.

        * Configurations/FeatureDefines.xcconfig:

2015-01-19  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r178683.
        https://bugs.webkit.org/show_bug.cgi?id=140657

        Lots of asserts in tests. (Requested by JoePeck on #webkit).

        Reverted changeset:

        "LayoutState and subtree layout code should use
        RenderElement."
        https://bugs.webkit.org/show_bug.cgi?id=126878
        http://trac.webkit.org/changeset/178683

2015-01-19  Brent Fulgham  <bfulgham@apple.com>

        [Win] Unreviewed gardening.

        Avoid compiling files twice when they are included in an 'AllInOne.cpp' file.

        * WebCore.vcxproj/WebCore.vcxproj: Mark several files as 'not to be built', since
        they are also build as part of an 'AllInOne.cpp' file.

2015-01-19  Chris Dumez  <cdumez@apple.com>

        Stop using FeatureCounter to log navigation types
        https://bugs.webkit.org/show_bug.cgi?id=140642

        Reviewed by Andreas Kling.

        Stop using FeatureCounter to log navigation types now that
        DiagnosticLoggingClient is working on iOS.

        * loader/FrameLoader.cpp:
        (WebCore::logNavigation):
        * platform/FeatureCounterKeys.h:

2015-01-19  Andreas Kling  <akling@apple.com>

        LayoutState and subtree layout code should use RenderElement.
        <https://webkit.org/b/126878>

        Subtree layout will never begin at a RenderText, so tighten up
        the code to operate on RenderElements instead of RenderObjects.

        Reviewed by Antti Koivisto.

        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::willLayout):
        * page/FrameView.cpp:
        (WebCore::FrameView::layoutRoot):
        (WebCore::FrameView::layout):
        * page/FrameView.h:

            Make FrameView::layoutRoot() return RenderElement*.

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::willBeDestroyed):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::willBeDestroyed):
        * rendering/RenderObject.h:

            Move subtree layout root clearing logic in willBeDestroyed()
            from RenderObject to RenderElement.

        * rendering/LayoutState.cpp:
        (WebCore::LayoutState::LayoutState):
        * rendering/LayoutState.h:
        * rendering/RenderView.h:
        * rendering/RenderView.cpp:
        (WebCore::RenderView::pushLayoutState):
        (WebCore::RenderView::pushLayoutStateForCurrentFlowThread):

            Make all of these functions take RenderElement instead of
            RenderObject since layout never starts from a RenderText.

        (WebCore::RenderView::shouldDisableLayoutStateForSubtree):

            Tweak loop since it's never null on first iteration.

2015-01-19  Beth Dakin  <bdakin@apple.com>

        Speculative build fix.

        * platform/spi/mac/NSViewSPI.h:

2015-01-19  Timothy Horton  <timothy_horton@apple.com>

        Adjust naming of action menu SPI
        https://bugs.webkit.org/show_bug.cgi?id=140644
        <rdar://problem/19448129>

        Reviewed by Brian Weinstein.

        * platform/spi/mac/NSViewSPI.h:
        Add an underscore.

2015-01-19  Dhi Aurrahman  <diorahman@rockybars.com>

        Canonicalization of :lang() should preserve the :lang()'s arguments representations
        https://bugs.webkit.org/show_bug.cgi?id=139928

        Reviewed by Benjamin Poulain.

        Preserve the representation of IDENT and STRING when serializing the
        :lang(). For example, :lang(foo,"bar", baz) should be serialize as
        :lang(foo, "bar", baz) instead of :lang(foo, bar, baz).
    
        Rename CSSParserSelector::setArgumentList, CSSSelector::setArgumentList
        and CSSSelector::argumentList to CSSParserSelector::setLangArgumentList,
        CSSSelector::setLangArgumentList and CSSSelector::langArgumentList
        respectively, since those methods are being exclusively used in respect
        with :lang().

        Update the test of serializing :lang() with IDENT and STRING arguments.

        * css/CSSGrammar.y.in:
        * css/CSSParserValues.cpp:
        (WebCore::CSSParserSelector::setLangArgumentList):
        (WebCore::CSSParserSelector::setArgumentList): Deleted.
        * css/CSSParserValues.h:
        (WebCore::CSSParserString::tokenType):
        (WebCore::CSSParserString::setTokenType):
        * css/CSSSelector.cpp:
        (WebCore::appendLangArgumentList):
        (WebCore::CSSSelector::selectorText):
        (WebCore::CSSSelector::setLangArgumentList):
        (WebCore::appendArgumentList): Deleted.
        (WebCore::CSSSelector::setArgumentList): Deleted.
        * css/CSSSelector.h:
        (WebCore::CSSSelector::langArgumentList):
        (WebCore::CSSSelector::argumentList): Deleted.
        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        * css/SelectorCheckerTestFunctions.h:
        (WebCore::matchesLangPseudoClass):

2015-01-16  Roger Fong  <roger_fong@apple.com>

        WebGL2: Support webgl2 context creation.
        https://bugs.webkit.org/show_bug.cgi?id=126408
        <rdar://problem/15002170>

        Reviewed by Dean Jackson.

        Tests covered by existing Khronos tests for WebGL 1.0 conformance.

        Create a WebGLRenderingContextBase class that extends to a WebGLRenderingContext and WebGL2RenderingContext.
        Replace all previous instances of WebGLRenderingContext usages with WebGLRenderingContextBase usages for now.
        As the first step, the WebGL1 and WebGL2 contexts will have the exact same functionality.

        * CMakeLists.txt:
        * DerivedSources.cpp:
        * DerivedSources.make:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JSCanvasRenderingContextCustom.cpp:
        (WebCore::toJS):
        * bindings/js/JSDocumentCustom.cpp:
        * bindings/js/JSHTMLCanvasElementCustom.cpp:
        * bindings/js/JSWebGL2RenderingContextCustom.cpp: Added.
        (WebCore::JSWebGL2RenderingContext::visitAdditionalChildren):
        * bindings/js/JSWebGLRenderingContextBaseCustom.cpp: Added.
        * bindings/js/JSWebGLRenderingContextCustom.cpp: Move code to JSWebGLRenderingContextBaseCustom.cpp.
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::getContext):
        (WebCore::HTMLCanvasElement::reset):
        (WebCore::HTMLCanvasElement::paint):
        (WebCore::HTMLCanvasElement::getImageData):
        * html/canvas/ANGLEInstancedArrays.cpp:
        (WebCore::ANGLEInstancedArrays::ANGLEInstancedArrays):
        (WebCore::ANGLEInstancedArrays::supported):
        * html/canvas/ANGLEInstancedArrays.h:
        * html/canvas/CanvasRenderingContext.h:
        (WebCore::CanvasRenderingContext::isWebGL1):
        (WebCore::CanvasRenderingContext::isWebGL2):
        (WebCore::CanvasRenderingContext::is3d):
        * html/canvas/EXTBlendMinMax.cpp:
        (WebCore::EXTBlendMinMax::EXTBlendMinMax):
        * html/canvas/EXTBlendMinMax.h:
        * html/canvas/EXTFragDepth.cpp:
        (WebCore::EXTFragDepth::EXTFragDepth):
        * html/canvas/EXTFragDepth.h:
        * html/canvas/EXTShaderTextureLOD.cpp:
        (WebCore::EXTShaderTextureLOD::EXTShaderTextureLOD):
        * html/canvas/EXTShaderTextureLOD.h:
        * html/canvas/EXTTextureFilterAnisotropic.cpp:
        (WebCore::EXTTextureFilterAnisotropic::EXTTextureFilterAnisotropic):
        * html/canvas/EXTTextureFilterAnisotropic.h:
        * html/canvas/EXTsRGB.cpp:
        (WebCore::EXTsRGB::EXTsRGB):
        * html/canvas/EXTsRGB.h:
        * html/canvas/OESElementIndexUint.cpp:
        (WebCore::OESElementIndexUint::OESElementIndexUint):
        * html/canvas/OESElementIndexUint.h:
        * html/canvas/OESStandardDerivatives.cpp:
        (WebCore::OESStandardDerivatives::OESStandardDerivatives):
        * html/canvas/OESStandardDerivatives.h:
        * html/canvas/OESTextureFloat.cpp:
        (WebCore::OESTextureFloat::OESTextureFloat):
        * html/canvas/OESTextureFloat.h:
        * html/canvas/OESTextureFloatLinear.cpp:
        (WebCore::OESTextureFloatLinear::OESTextureFloatLinear):
        * html/canvas/OESTextureFloatLinear.h:
        * html/canvas/OESTextureHalfFloat.cpp:
        (WebCore::OESTextureHalfFloat::OESTextureHalfFloat):
        * html/canvas/OESTextureHalfFloat.h:
        * html/canvas/OESTextureHalfFloatLinear.cpp:
        (WebCore::OESTextureHalfFloatLinear::OESTextureHalfFloatLinear):
        * html/canvas/OESTextureHalfFloatLinear.h:
        * html/canvas/OESVertexArrayObject.cpp:
        (WebCore::OESVertexArrayObject::OESVertexArrayObject):
        * html/canvas/OESVertexArrayObject.h:
        * html/canvas/WebGL2RenderingContext.cpp: Added.
        (WebCore::WebGL2RenderingContext::WebGL2RenderingContext):
        * html/canvas/WebGL2RenderingContext.h: Added.
        * html/canvas/WebGL2RenderingContext.idl: Added.
        * html/canvas/WebGLBuffer.cpp:
        (WebCore::WebGLBuffer::create):
        (WebCore::WebGLBuffer::WebGLBuffer):
        * html/canvas/WebGLBuffer.h:
        * html/canvas/WebGLCompressedTextureATC.cpp:
        (WebCore::WebGLCompressedTextureATC::WebGLCompressedTextureATC):
        (WebCore::WebGLCompressedTextureATC::supported):
        * html/canvas/WebGLCompressedTextureATC.h:
        * html/canvas/WebGLCompressedTexturePVRTC.cpp:
        (WebCore::WebGLCompressedTexturePVRTC::WebGLCompressedTexturePVRTC):
        (WebCore::WebGLCompressedTexturePVRTC::supported):
        * html/canvas/WebGLCompressedTexturePVRTC.h:
        * html/canvas/WebGLCompressedTextureS3TC.cpp:
        (WebCore::WebGLCompressedTextureS3TC::WebGLCompressedTextureS3TC):
        (WebCore::WebGLCompressedTextureS3TC::supported):
        * html/canvas/WebGLCompressedTextureS3TC.h:
        * html/canvas/WebGLContextGroup.cpp:
        (WebCore::WebGLContextGroup::getAGraphicsContext3D):
        (WebCore::WebGLContextGroup::addContext):
        (WebCore::WebGLContextGroup::removeContext):
        (WebCore::WebGLContextGroup::loseContextGroup):
        * html/canvas/WebGLContextGroup.h:
        * html/canvas/WebGLContextObject.cpp:
        (WebCore::WebGLContextObject::WebGLContextObject):
        * html/canvas/WebGLContextObject.h:
        (WebCore::WebGLContextObject::context):
        * html/canvas/WebGLDebugRendererInfo.cpp:
        (WebCore::WebGLDebugRendererInfo::WebGLDebugRendererInfo):
        * html/canvas/WebGLDebugRendererInfo.h:
        * html/canvas/WebGLDebugShaders.cpp:
        (WebCore::WebGLDebugShaders::WebGLDebugShaders):
        * html/canvas/WebGLDebugShaders.h:
        * html/canvas/WebGLDepthTexture.cpp:
        (WebCore::WebGLDepthTexture::WebGLDepthTexture):
        * html/canvas/WebGLDepthTexture.h:
        * html/canvas/WebGLDrawBuffers.cpp:
        (WebCore::WebGLDrawBuffers::WebGLDrawBuffers):
        (WebCore::WebGLDrawBuffers::supported):
        (WebCore::WebGLDrawBuffers::satisfiesWebGLRequirements):
        * html/canvas/WebGLDrawBuffers.h:
        * html/canvas/WebGLExtension.cpp:
        (WebCore::WebGLExtension::WebGLExtension):
        * html/canvas/WebGLExtension.h:
        (WebCore::WebGLExtension::context):
        * html/canvas/WebGLFramebuffer.cpp:
        (WebCore::WebGLFramebuffer::create):
        (WebCore::WebGLFramebuffer::WebGLFramebuffer):
        * html/canvas/WebGLFramebuffer.h:
        * html/canvas/WebGLLoseContext.cpp:
        (WebCore::WebGLLoseContext::WebGLLoseContext):
        (WebCore::WebGLLoseContext::loseContext):
        * html/canvas/WebGLLoseContext.h:
        * html/canvas/WebGLObject.cpp:
        (WebCore::WebGLObject::WebGLObject):
        * html/canvas/WebGLObject.h:
        * html/canvas/WebGLProgram.cpp:
        (WebCore::WebGLProgram::create):
        (WebCore::WebGLProgram::WebGLProgram):
        * html/canvas/WebGLProgram.h:
        * html/canvas/WebGLRenderbuffer.cpp:
        (WebCore::WebGLRenderbuffer::create):
        (WebCore::WebGLRenderbuffer::WebGLRenderbuffer):
        * html/canvas/WebGLRenderbuffer.h:
        * html/canvas/WebGLRenderingContext.cpp: Move implementation to WebGLRenderingContextBase.cpp.
        * html/canvas/WebGLRenderingContext.h:  Move implementation to WebGLRenderingContextBase.h.
        * html/canvas/WebGLRenderingContext.idl:  Move implementation to WebGLRenderingContextBase.idl.
        * html/canvas/WebGLRenderingContextBase.cpp: Added.
        * html/canvas/WebGLRenderingContextBase.h: Added.
        * html/canvas/WebGLRenderingContextBase.idl: Added.
        * html/canvas/WebGLShader.cpp:
        (WebCore::WebGLShader::create):
        (WebCore::WebGLShader::WebGLShader):
        * html/canvas/WebGLShader.h:
        * html/canvas/WebGLSharedObject.cpp:
        (WebCore::WebGLSharedObject::WebGLSharedObject):
        * html/canvas/WebGLSharedObject.h:
        * html/canvas/WebGLTexture.cpp:
        (WebCore::WebGLTexture::create):
        (WebCore::WebGLTexture::WebGLTexture):
        * html/canvas/WebGLTexture.h:
        * html/canvas/WebGLVertexArrayObjectOES.cpp:
        (WebCore::WebGLVertexArrayObjectOES::create):
        (WebCore::WebGLVertexArrayObjectOES::WebGLVertexArrayObjectOES):
        * html/canvas/WebGLVertexArrayObjectOES.h:

2015-01-19  Antti Koivisto  <antti@apple.com>

        REGRESSION(r178250): ~2% PLT regression
        https://bugs.webkit.org/show_bug.cgi?id=140640

        Reviewed by Andreas Kling.

        * platform/graphics/FontCache.cpp:

        The patch accidentally contained a change to reduce the size of the cache (to verify that purgin works).
        Restore it back to the original value.

2015-01-19  peavo@outlook.com  <peavo@outlook.com>

        [WinCairo][Video] Windows Media Foundation implementation is not completed.
        https://bugs.webkit.org/show_bug.cgi?id=140337

        Reviewed by Alex Christensen.

        This patch aims to complete some of the methods which are not implemented.
        Currently, only MP4 is supported.
        Video is rendered in a child window of the main window.
        We should eventually render the video directly in the main window,
        by reading and painting individual video frames from the stream.

        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:
        (WebCore::MediaPlayerPrivateMediaFoundation::MediaPlayerPrivateMediaFoundation):
        (WebCore::MediaPlayerPrivateMediaFoundation::~MediaPlayerPrivateMediaFoundation):
        (WebCore::MediaPlayerPrivateMediaFoundation::getSupportedTypes):
        (WebCore::MediaPlayerPrivateMediaFoundation::supportsType):
        (WebCore::MediaPlayerPrivateMediaFoundation::load):
        (WebCore::MediaPlayerPrivateMediaFoundation::play):
        (WebCore::MediaPlayerPrivateMediaFoundation::pause):
        (WebCore::MediaPlayerPrivateMediaFoundation::naturalSize):
        (WebCore::MediaPlayerPrivateMediaFoundation::hasVideo):
        (WebCore::MediaPlayerPrivateMediaFoundation::hasAudio):
        (WebCore::MediaPlayerPrivateMediaFoundation::setVisible):
        (WebCore::MediaPlayerPrivateMediaFoundation::paused):
        (WebCore::MediaPlayerPrivateMediaFoundation::readyState):
        (WebCore::MediaPlayerPrivateMediaFoundation::didLoadingProgress):
        (WebCore::MediaPlayerPrivateMediaFoundation::setSize):
        (WebCore::MediaPlayerPrivateMediaFoundation::paint):
        (WebCore::MediaPlayerPrivateMediaFoundation::createSession):
        (WebCore::MediaPlayerPrivateMediaFoundation::endSession):
        (WebCore::MediaPlayerPrivateMediaFoundation::startCreateMediaSource):
        (WebCore::MediaPlayerPrivateMediaFoundation::endCreatedMediaSource):
        (WebCore::MediaPlayerPrivateMediaFoundation::endGetEvent):
        (WebCore::MediaPlayerPrivateMediaFoundation::createTopologyFromSource):
        (WebCore::MediaPlayerPrivateMediaFoundation::addBranchToPartialTopology):
        (WebCore::MediaPlayerPrivateMediaFoundation::VideoViewWndProc):
        (WebCore::MediaPlayerPrivateMediaFoundation::registerVideoWindowClass):
        (WebCore::MediaPlayerPrivateMediaFoundation::createVideoWindow):
        (WebCore::MediaPlayerPrivateMediaFoundation::destroyVideoWindow):
        (WebCore::MediaPlayerPrivateMediaFoundation::createOutputNode):
        (WebCore::MediaPlayerPrivateMediaFoundation::createSourceStreamNode):
        (WebCore::MediaPlayerPrivateMediaFoundation::onCreatedMediaSource):
        (WebCore::MediaPlayerPrivateMediaFoundation::onTopologySet):
        (WebCore::MediaPlayerPrivateMediaFoundation::AsyncCallback::AsyncCallback):
        (WebCore::MediaPlayerPrivateMediaFoundation::AsyncCallback::~AsyncCallback):
        (WebCore::MediaPlayerPrivateMediaFoundation::AsyncCallback::QueryInterface):
        (WebCore::MediaPlayerPrivateMediaFoundation::AsyncCallback::AddRef):
        (WebCore::MediaPlayerPrivateMediaFoundation::AsyncCallback::Release):
        (WebCore::MediaPlayerPrivateMediaFoundation::AsyncCallback::GetParameters):
        (WebCore::MediaPlayerPrivateMediaFoundation::AsyncCallback::Invoke):
        * platform/graphics/win/MediaPlayerPrivateMediaFoundation.h:

2015-01-19  Brian J. Burg  <burg@cs.washington.edu>

        Web Replay: convert to is<T> and downcast<T> for decoding replay inputs
        https://bugs.webkit.org/show_bug.cgi?id=140512

        Reviewed by Chris Dumez.

        No new tests, no behavior changed.

        * replay/EventLoopInput.h: Make overridden methods public.
        * replay/MemoizedDOMResult.h: Add type trait specialization here. It is
        special-cased because the input type parameter doesn't work with macros.
        * replay/SerializationMethods.cpp:
        (JSC::EncodingTraits<NondeterministicInputBase>::encodeValue):
        Use is() and downcast() when dispatching to encoders based on type.

2015-01-19  Zan Dobersek  <zdobersek@igalia.com>

        Replace use of WTF::bind() in MemoryPressureHandlerLinux.cpp with a C++ lambda
        https://bugs.webkit.org/show_bug.cgi?id=140614

        Reviewed by Carlos Garcia Campos.

        Use a C++ lambda instead of WTF::bind() in the MemoryPressureHandler
        implementation for Linux.

        * platform/linux/MemoryPressureHandlerLinux.cpp:
        (WebCore::MemoryPressureHandler::waitForMemoryPressureEvent):

2015-01-19  Zan Dobersek  <zdobersek@igalia.com>

        Replace uses of WTF::bind() in MockMediaPlayerMediaSource with C++ lambdas
        https://bugs.webkit.org/show_bug.cgi?id=140612

        Reviewed by Philippe Normand.

        Use C++ lambdas in place of WTF::bind() in the MockMediaPlayerMediaSource class.

        * platform/mock/mediasource/MockMediaPlayerMediaSource.cpp:
        (WebCore::MockMediaPlayerMediaSource::play):
        (WebCore::MockMediaPlayerMediaSource::seekWithTolerance):
        (WebCore::MockMediaPlayerMediaSource::seekCompleted):

2015-01-19  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r178653.
        https://bugs.webkit.org/show_bug.cgi?id=140634

        Broke multiple SVG tests on Mountain Lion (Requested by ap on
        #webkit).

        Reverted changeset:

        "[SVG -> OTF Converter] Flip the switch on"
        https://bugs.webkit.org/show_bug.cgi?id=140592
        http://trac.webkit.org/changeset/178653

2015-01-19  Brent Fulgham  <bfulgham@apple.com>

        Layers need to be already updated before we call adjustViewSize
        https://bugs.webkit.org/show_bug.cgi?id=135514

        Reviewed by Simon Fraser.

        Tested by 'fast/dynamic/layer-no-longer-paginated.html'

        Defer painting operations until we have finished layout. This
        has a couple of benefits:
        (1) We do not attempt to modify render layers during layout.
        (2) In WK1 we do not attempt to paint during layout.

        Add a new virtual predicate to ScrollView indicating when we are in
        layout so that calls to setContentsSize do not attempt
        to adjust scrollbars.

        Modify FrameView to set its ScrollView state to block paint
        operations during layout. Also add a post-layout handler to
        complete the scrollbar updates after layout is finished.

        * WebCore.exp.in: Move linker symbol to ScrollView (from FrameView).
        * page/FrameView.cpp:
        (WebCore::FrameView::layout):
        (WebCore::FrameView::shouldDeferScrollUpdateAfterContentSizeChange): Added.
        (WebCore::FrameView::scrollPositionChangedViaPlatformWidget): Removed (Renamed).
        (WebCore::FrameView::scrollPositionChangedViaPlatformWidgetImpl): Added (Renamed)
        (WebCore::FrameView::paintContents): Do not paint if we are inside view size adjustment.
        * page/FrameView.h:
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::scrollPositionChangedViaPlatformWidget): Added. Checks whether we need to defer
        painting, and calls virtual scrollPositionChangedViaPlatformWidgetImpl if we do not.
        (WebCore::FrameView::scrollPositionChangedViaPlatformWidgetImpl): Added.
        (WebCore::ScrollView::handleDeferredScrollUpdateAfterContentSizeChange): Added.
        (WebCore::ScrollView::scrollTo): If we should defer painting, cache the
        the scroll delta and apply it after the layout is complete.
        (WebCore::ScrollView::completeUpdatesAfterScrollTo): Split off part of 'scrollTo' into its own method
        so we can reuse it in handleDeferredScrollUpdateAfterContentSizeChange.
        * platform/ScrollView.h:
        (WebCore::ScrollView::shouldDeferScrollUpdateAfterContentSizeChange): Added.

2015-01-16  Ada Chan  <adachan@apple.com>

        HTMLMediaElement::isPlayingAudio() should return false if the element is explicitly muted by script.
        https://bugs.webkit.org/show_bug.cgi?id=140524

        Reviewed by Andreas Kling.

        Test: media/muted-video-is-playing-audio.html

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::setMuted):
        Call Document::updateIsPlayingAudio() to recalculate the overall audio playing state.
        (WebCore::HTMLMediaElement::isPlayingAudio):
        HTMLMediaElement::isPlayingAudio() should return false if the media element is explicitly muted.

2015-01-19  Myles C. Maxfield  <mmaxfield@apple.com>

        [SVG -> OTF Converter] Flip the switch on
        https://bugs.webkit.org/show_bug.cgi?id=140592

        Reviewed by Antti Koivisto.

        * Configurations/FeatureDefines.xcconfig:

2015-01-16  Alexey Proskuryakov  <ap@apple.com>

        Console log sometimes prefixed with line number
        https://bugs.webkit.org/show_bug.cgi?id=105280

        Reviewed by Darin Adler.

        Improve the logic for determining whether a console message should be associated
        with a source code location.

        * dom/ScriptableDocumentParser.h:
        * html/parser/HTMLDocumentParser.cpp:
        (WebCore::HTMLDocumentParser::shouldAssociateConsoleMessagesWithTextPosition):
        * html/parser/HTMLDocumentParser.h:
        * page/PageConsoleClient.cpp:
        (WebCore::getParserLocationForConsoleMessage):
        (WebCore::PageConsoleClient::addMessage):
        * xml/parser/XMLDocumentParser.cpp:
        (WebCore::XMLDocumentParser::pauseParsing):
        * xml/parser/XMLDocumentParser.h:
        * xml/parser/XMLDocumentParserLibxml2.cpp:
        (WebCore::XMLDocumentParser::shouldAssociateConsoleMessagesWithTextPosition):

2015-01-19  Myles C. Maxfield  <mmaxfield@apple.com>

        [SVG -> OTF Converter] Glyphs get clipped weirdly
        https://bugs.webkit.org/show_bug.cgi?id=137095

        Reviewed by Antti Koivisto.

        The Adobe CFF spec doesn't actually tell you how to serialize a
        "FontBBox." After trial and error, it seems to be (x, y, width,
        height).

        Test: svg/text/kerning.svg
              svg/W3C-SVG-1.1/fonts-kern-01-t.svg

        * svg/SVGToOTFFontConversion.cpp:
        (WebCore::SVGToOTFFontConverter::appendHEADTable):
        (WebCore::SVGToOTFFontConverter::appendCFFTable):
        (WebCore::SVGToOTFFontConverter::appendVHEATable):
        (WebCore::CFFBuilder::CFFBuilder):
        (WebCore::SVGToOTFFontConverter::transcodeGlyphPaths):
        (WebCore::SVGToOTFFontConverter::processGlyphElement):

2015-01-19  Csaba Osztrogonác  <ossy@webkit.org>

        REGRESSION(r178486): It broke the !ENABLE(VIDEO) build
        https://bugs.webkit.org/show_bug.cgi?id=140611

        Reviewed by Eric Carlson.

        * testing/Internals.cpp:
        (WebCore::Internals::elementIsBlockingDisplaySleep):
        * testing/Internals.h:

2015-01-19  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] Tracks shrink sometimes with indefinite remaining space
        https://bugs.webkit.org/show_bug.cgi?id=139059

        Reviewed by David Hyatt.

        Test: fast/css-grid-layout/grid-grow-tracks-to-their-max.html

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):

2015-01-18  Alexey Proskuryakov  <ap@apple.com>

        Update bindings generation test results after <https://trac.webkit.org/changeset/178633>.

        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        (WebCore::JSTestEventConstructorConstructor::constructJSTestEventConstructor):
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::jsTestEventTargetPrototypeFunctionAddEventListener):
        (WebCore::jsTestEventTargetPrototypeFunctionRemoveEventListener):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionAddEventListener):
        (WebCore::jsTestObjPrototypeFunctionRemoveEventListener):

2015-01-18  Chris Dumez  <cdumez@apple.com>

        Generate matchingShorthandsForLonghand() implementation from CSSPropertyNames.in
        https://bugs.webkit.org/show_bug.cgi?id=140599

        Reviewed by Antti Koivisto.

        Generate matchingShorthandsForLonghand() implementation from
        CSSPropertyNames.in. We already have all the information we need in
        CSSPropertyNames.in to generate the big switch() in
        matchingShorthandsForLonghand().

        A few shorthands still aren't generated. I will look into getting rid
        of the custom code in a follow-up patch.

        * css/StylePropertyShorthand.cpp:
        (WebCore::makeVector): Deleted.
        (WebCore::matchingShorthandsForLonghand): Deleted.
        * css/StylePropertyShorthand.h:
        (WebCore::matchingCustomShorthandsForLonghand):
        * css/makeprop.pl:
        (constructShorthandsVector):

2015-01-18  Dean Jackson  <dino@apple.com>

        Out of bounds write in canvas.toDataURL
        https://bugs.webkit.org/show_bug.cgi?id=140594
        <rdar://problem/19449135>

        Reviewed by Alexey Proskuryakov.

        In the case where we have a canvas object that does
        not have premultiplied alpha (an option you can select
        when using WebGL) we have to multiply out the alpha when
        converting to JPEG via toDataURL.

        For this we created a buffer, but were not accurately
        resizing it before flattening the alpha.

        Test: fast/canvas/webgl/toDataURL-unpremultipliedAlpha.html

        * platform/graphics/cg/ImageBufferCG.cpp:
        (WebCore::ImageDataToDataURL): Call resize once we've
        determined we have enough space.

2015-01-17  Sam Weinig  <sam@webkit.org>

        Add initial experimental user content filtering API
        https://bugs.webkit.org/show_bug.cgi?id=140584

        Reviewed by Benjamin Poulain.

        Change content extensions to be managed through the UserContentController.

        * WebCore.exp.in:
        Update exports.

        * WebCore.xcodeproj/project.pbxproj:
        Update for removed files.

        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::removeAllRuleLists):
        (WebCore::ContentExtensions::ContentExtensionsBackend::sharedInstance): Deleted.
        * contentextensions/ContentExtensionsBackend.h:
        Remove concept of a shared instance and add a removeAllRuleLists() function.
        
        * contentextensions/ContentExtensionsInterface.cpp: Removed.
        * contentextensions/ContentExtensionsInterface.h: Removed.
        Since there is no shared instance anymore, checking if a URL should be blocked
        now has to go directly to the backend.
        
        * contentextensions/ContentExtensionsManager.cpp:
        (WebCore::ContentExtensions::ExtensionsManager::createRuleList):
        (WebCore::ContentExtensions::ExtensionsManager::loadExtension): Deleted.
        * contentextensions/ContentExtensionsManager.h:
        Update interface to accommodate the lack of a shared instance. Now, all this
        file does is take a serialized rule list and outputs the Vector of ContentExtensionRules

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):
        Check with the UserContentController to see if the URL should be blocked.

        * page/UserContentController.cpp:
        (WebCore::UserContentController::addUserContentFilter):
        (WebCore::UserContentController::removeAllUserContentFilters):
        (WebCore::UserContentController::contentFilterBlocksURL):
        * page/UserContentController.h:
        Add single point of interaction for both the WebKit level to add and remove
        content filters and WebCore to check to see if URLs should be blocked.

2015-01-18  Darin Adler  <darin@apple.com>

        REGRESSION (r125251): wrapper lifetimes of SVGElementInstance are incorrect
        https://bugs.webkit.org/show_bug.cgi?id=132148

        Reviewed by Anders Carlsson.

        Test: svg/custom/use-instanceRoot-event-listeners.xhtml

        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::addEventListener): Updated for the new return type
        of JSListener::create. For the event type, use JSString::toAtomicString instead of
        calling JSString::value and then converting to an AtomicString.
        (WebCore::JSDOMWindow::removeEventListener): Same changes as for addEventListener.

        * bindings/js/JSEventListener.cpp:
        (WebCore::forwardsEventListeners): Added. Helper to detect the special case needed
        for SVGElementInstance. In the future, for better encapsulation, we could use virtual
        functions, but for now hard coding this single class seems fine.
        (WebCore::correspondingElementWrapper): Added. For use if forwardsEventListeners
        returns true, to find out where event listeners will be forwarded.
        (WebCore::createJSEventListenerForAttribute): Added. Replaces the old function
        createJSAttributeEventListener, for SVGElementInstance attributes only.
        (WebCore::createJSEventListenerForAdd): Added. Helper function to avoid repeated
        generated code in the addElementListener bindings other than the DOMWindow one.

        * bindings/js/JSEventListener.h:
        (WebCore::JSEventListener::create): Changed to return a Ref instead of a PassRefPtr.
        (WebCore::createJSEventListenerForAttribute): Renamed from createJSAttributeEventListener,
        changed to return a RefPtr instead of a PassRefPtr and to take references rather than
        pointers for non-null things.
        (WebCore::createJSEventListenerForRemove): Added. Small wrapper that calls
        createJSEventListenerForAdd since they are currently identical.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateAttributeEventListenerCall): Removed the special case for JSSVGElementInstance
        and updated to call the new createJSEventListenerForAttribute. The special case for
        SVGElementInstance is now in JSEventListener.h/cpp, which is nicer since we prefer to
        keep the generated code simpler if possible.
        (GenerateEventListenerCall): Removed the special case for JSSVGElementInstance. This
        has been dead code since the explicit definition of add/removeEventListener was removed
        from SVGElementInstance.idl, and was also a problem if someone were to use the
        addEventListener function from EventTarget on an SVGElementInstance object. The function
        needs to be generic at runtime. Use toAtomicString as in JSDOMWindow::addEventListener above.
        Call the two new functions, createJSEventListenerForAdd and createJSEventListenerForRemove.
        Those new functions properly handle SVGElementInstance.
        (GenerateImplementation): Don't pass the class name to GenerateAttributeEventListenerCall
        or GenerateEventListenerCall any more.
        (GenerateConstructorDefinition): Use JSString::toAtomicString instead of calling
        JSString::value and then converting to AtomicString.

2015-01-17  Brian J. Burg  <burg@cs.washington.edu>

        Web Inspector: highlight data for overlay should use protocol type builders
        https://bugs.webkit.org/show_bug.cgi?id=129441

        Reviewed by Timothy Hatcher.

        As a first step towards cleaning up the inspector overlay, convert highlight
        data construction to use protocol type builders. It's now really obvious what
        data is being sent to the inspector overlay page.

        This change paves the way towards using inspector protocol commands and events
        if we want to support more interactive functionality in the inspector overlay.

        This patch makes a few style cleanups, such as standardizing variable names,
        using default member initializers, passing by reference, and fixing casts.

        No new tests, no behavior changed.

        * WebCore.exp.in:
        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::getHighlight):
        (WebCore::InspectorController::buildObjectForHighlightedNode):
        (WebCore::InspectorController::inspect): Deleted.
        * inspector/InspectorController.h:
        * inspector/InspectorOverlay.cpp:
        (WebCore::buildRendererHighlight):
        (WebCore::buildNodeHighlight):
        (WebCore::buildQuadHighlight):
        (WebCore::InspectorOverlay::InspectorOverlay):
        (WebCore::InspectorOverlay::getHighlight):
        (WebCore::buildObjectForPoint):
        (WebCore::buildObjectForRect):
        (WebCore::buildArrayForQuad):
        (WebCore::buildObjectForHighlight):
        (WebCore::buildObjectForRegion):
        (WebCore::buildObjectForFlowRegions):
        (WebCore::buildObjectForSize):
        (WebCore::buildQuadObjectForCSSRegionContentClip):
        Simplify how the clipping area is encoded. It's now 'regionClippingArea'
        stored on a FragmentHighlightData instance.

        (WebCore::InspectorOverlay::updatePaintRectsTimerFired):
        (WebCore::InspectorOverlay::drawPaintRects):
        (WebCore::buildArrayForRendererFragments):
        (WebCore::appendPathCommandAndPoints):
        (WebCore::appendPathSegment):
        (WebCore::buildObjectForShapeOutside):
        (WebCore::buildObjectForElementData):
        (WebCore::InspectorOverlay::buildObjectForHighlightedNode):
        (WebCore::InspectorOverlay::drawNodeHighlight):
        (WebCore::InspectorOverlay::drawQuadHighlight):
        (WebCore::InspectorOverlay::reset):
        (WebCore::buildObjectForRegionHighlight): Deleted.
        (WebCore::buildObjectForCSSRegionsHighlight): Deleted.
        (WebCore::buildObjectForCSSRegionContentClip): Deleted.
        (WebCore::buildObjectForRendererFragments): Deleted.
        (WebCore::buildObjectForElementInfo): Deleted.
        * inspector/InspectorOverlay.h:
        (WebCore::Highlight::Highlight):
        * inspector/InspectorOverlayPage.js:
        (_createElementTitle):
        (_drawElementTitle):
        (_drawFragmentHighlight):
        (drawNodeHighlight):
        * testing/Internals.cpp:
        (WebCore::Internals::inspectorHighlightRects):
        (WebCore::Internals::inspectorHighlightObject):

2015-01-17  Myles C. Maxfield  <mmaxfield@apple.com>

        [SVG -> OTF Converter] Crashes when SVG font is invalid
        https://bugs.webkit.org/show_bug.cgi?id=140378

        Reviewed by Antti Koivisto.

        Because CachedSVGFonts are cached, they have to be able to be used
        in subsequent documents regardless how the first document left it.

        Tests: fast/css/font-face-svg-decoding-error.html
               svg/custom/svg-fonts-in-html.html
               svg/text/text-overflow-ellipsis-svgfont-kerning-ligatures.html

        * loader/cache/CachedFont.cpp:
        (WebCore::CachedFont::ensureCustomFontData):
        * loader/cache/CachedFont.h:
        * loader/cache/CachedSVGFont.cpp:
        (WebCore::CachedSVGFont::getFontData):
        (WebCore::CachedSVGFont::ensureCustomFontData):
        (WebCore::CachedSVGFont::maybeInitializeExternalSVGFontElement):
        * loader/cache/CachedSVGFont.h:

2015-01-17  Chris Dumez  <cdumez@apple.com>

        Converting time, angle and frequency units in CSS calc() function
        https://bugs.webkit.org/show_bug.cgi?id=138356

        Reviewed by Darin Adler.

        Update CSSPrimitiveValue::primitiveType() to actually query the
        primitiveType of the CSSCalcValue instead of assuming a given
        type based on its category (e.g. If category is CalcTime, then
        assume type is CSS_MS, even though it would be CSS_S as well).

        This would like to calculation errors such as:
        calc(4s + 1s) -> 5ms

        Because we would assume the unit is CSS_MS without actually
        checking.

        This patch is inspired by the following Blink revision
        by <rhodovan.u-szeged@partner.samsung.com> and initial WebKit
        patch from <tmeszaros.u-szeged@partner.samsung.com>:
        https://src.chromium.org/viewvc/blink?view=rev&revision=179101

        Test: fast/css/calc-with-angle-time-frequency.html

        * css/CSSCalculationValue.h:
        (WebCore::CSSCalcValue::primitiveType):
        * css/CSSPrimitiveValue.cpp:
        (WebCore::CSSPrimitiveValue::primitiveType):

2015-01-17  Chris Dumez  <cdumez@apple.com>

        Generate shorthandForProperty() implementation from CSSPropertyNames.in
        https://bugs.webkit.org/show_bug.cgi?id=140556

        Reviewed by Darin Adler.

        Generate shorthandForProperty() implementation from CSSPropertyNames.in.
        This is just a big switch() statement calling the right
        StylePropertyShorthand factory function for a given CSSPropertyID.

        * css/StylePropertyShorthand.cpp:
        (WebCore::shorthandForProperty): Deleted.
        * css/StylePropertyShorthand.h:
        * css/makeprop.pl:

2015-01-16  Brent Fulgham  <bfulgham@apple.com>

        [Mac] Correct infinite loop in Wheel Handler code in EventHandlerMac
        https://bugs.webkit.org/show_bug.cgi?id=140564
        <rdar://problem/19386426.

        Reviewed by Dean Jackson.

        * page/mac/EventHandlerMac.mm:
        (WebCore::latchingIsLockedToAncestorOfThisFrame): Put missing assignment
        back into the loop!

2015-01-16  Zalan Bujtas  <zalan@apple.com>

        When border-radius is present, inset/outset/groove/ridge border color changes.
        https://bugs.webkit.org/show_bug.cgi?id=140551

        Reviewed by Simon Fraser.

        This patch applies the same color lighten/darken adjustment on the radius borders
        that we use for non-radius border.

        Test: fast/borders/wrong-border-color-when-radius-is-present.html

        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::drawBoxSideFromPath):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::calculateBorderStyleColor):
        * rendering/RenderObject.h:

2015-01-16  Pratik Solanki  <psolanki@apple.com>

        Web pages fail to load using public iOS WebKit; ASSERT(!isMainThread()) in
        -[WebCoreResourceHandleAsOperationQueueDelegate connection:willSendRequest:redirectResponse:]
        https://bugs.webkit.org/show_bug.cgi?id=140470

        Reviewed by Alexey Proskuryakov.

        Fixes an issue where a web page would fail to load in iOS WebKit2 built with the public iOS SDK
        because NSURLConnection callbacks were always being scheduled on the main thread.

        Currently we always schedule NSURLConnection callbacks to occur on the WebThread or the main
        thread depending on whether the WebThread was started. In iOS WebKit2, the callbacks were
        always being scheduled on the main thread regardless of whether we were using the NetworkProcess
        (since the WebThread is only started when using WebKit1). This led to an assertion failure.
        Instead we want to schedule callbacks to an NSOperationsQueue queue when using WebKit2 with the
        NetworkProcess (i.e. ResourceHandleClient::usesAsyncCallbacks() is true), on the main thread when
        using WebKit2 without the NetworkProcess and on the WebThread when using WebKit1.

        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::operationQueueForAsyncClients): Remove PLATFORM(IOS)-guards as we want to make use
        of this code for iOS WebKit2 with the NetworkProcess.
        (WebCore::ResourceHandle::start): Modified to use the existing Mac code path to conditionally
        schedule NSURLConnection callbacks to an operation queue when ResourceHandleClient::usesAsyncCallbacks()
        is true. Otherwise, schedule the callbacks on the run loop returned by WebThreadNSRunLoop(),
        which is either the WebThread or the main thread run loop when using WebKit1 and WebKit2 without
        the NetworkProcess, respectively.

2015-01-16  Brian J. Burg  <burg@cs.washington.edu>

        Web Replay: purge remaining PassRefPtr uses and minor cleanup
        https://bugs.webkit.org/show_bug.cgi?id=140456

        Reviewed by Andreas Kling.

        Get rid of PassRefPtr. Introduce default initializers where it makes sense. Change
        uses of ASSERT to ASSERT_ARG when the assert is a precondition on an argument.

        Remove mistaken uses of AtomicString that were not removed as part of r174113.

        No new tests, no behavior changed.

        * inspector/InspectorReplayAgent.cpp:
        (WebCore::SerializeInputToJSONFunctor::operator()):
        (WebCore::SerializeInputToJSONFunctor::returnValue):
        (WebCore::InspectorReplayAgent::sessionCreated):
        (WebCore::InspectorReplayAgent::sessionModified):
        (WebCore::InspectorReplayAgent::sessionLoaded):
        (WebCore::InspectorReplayAgent::segmentCreated):
        (WebCore::InspectorReplayAgent::segmentCompleted):
        (WebCore::InspectorReplayAgent::segmentLoaded):
        (WebCore::InspectorReplayAgent::switchSession):
        (WebCore::InspectorReplayAgent::insertSessionSegment):
        (WebCore::InspectorReplayAgent::removeSessionSegment):
        (WebCore::InspectorReplayAgent::findSession):
        (WebCore::InspectorReplayAgent::findSegment):
        * inspector/InspectorReplayAgent.h:
        * replay/CapturingInputCursor.cpp:
        (WebCore::CapturingInputCursor::CapturingInputCursor):
        (WebCore::CapturingInputCursor::create):
        (WebCore::CapturingInputCursor::loadInput):
        * replay/CapturingInputCursor.h:
        * replay/EventLoopInputDispatcher.cpp:
        (WebCore::EventLoopInputDispatcher::EventLoopInputDispatcher):
        * replay/EventLoopInputDispatcher.h:
        * replay/FunctorInputCursor.h:
        (WebCore::FunctorInputCursor::FunctorInputCursor):
        (WebCore::FunctorInputCursor::loadInput):
        * replay/ReplayController.cpp:
        (WebCore::ReplayController::ReplayController):
        (WebCore::ReplayController::setForceDeterministicSettings):
        (WebCore::ReplayController::setSessionState):
        (WebCore::ReplayController::setSegmentState):
        (WebCore::ReplayController::switchSession):
        (WebCore::ReplayController::createSegment):
        (WebCore::ReplayController::completeSegment):
        (WebCore::ReplayController::loadSegmentAtIndex):
        (WebCore::ReplayController::unloadSegment):
        (WebCore::ReplayController::frameNavigated):
        (WebCore::ReplayController::loadedSession):
        (WebCore::ReplayController::loadedSegment):
        (WebCore::ReplayController::activeInputCursor):
        (WebCore::ReplayController::dispatcher):
        * replay/ReplayController.h:
        * replay/ReplaySession.cpp:
        (WebCore::ReplaySession::create):
        (WebCore::ReplaySession::at):
        (WebCore::ReplaySession::appendSegment):
        (WebCore::ReplaySession::insertSegment):
        (WebCore::ReplaySession::removeSegment):
        * replay/ReplaySession.h:
        * replay/ReplaySessionSegment.cpp:
        (WebCore::ReplaySessionSegment::create):
        (WebCore::ReplaySessionSegment::ReplaySessionSegment):
        * replay/ReplaySessionSegment.h:
        * replay/ReplayingInputCursor.cpp:
        (WebCore::ReplayingInputCursor::ReplayingInputCursor):
        (WebCore::ReplayingInputCursor::create):
        (WebCore::ReplayingInputCursor::loadInput):
        * replay/ReplayingInputCursor.h:
        * replay/SegmentedInputStorage.cpp:
        (WebCore::SegmentedInputStorage::store):
        (WebCore::SegmentedInputStorage::queue):
        (WebCore::SegmentedInputStorage::SegmentedInputStorage): Deleted.
        * replay/SegmentedInputStorage.h:

2015-01-16  Andreas Kling  <akling@apple.com>

        Remove assertion that Page::m_editorClient is non-null.

        Unreviewed debug build fix. (It's a reference, it won't be null.)

        * page/Page.cpp:
        (WebCore::Page::Page):

2015-01-16  Andreas Kling  <akling@apple.com>

        Page::editorClient() should return a reference.
        <https://webkit.org/b/140552>

        Reviewed by Chris Dumez.

        Page always has an EditorClient, so make editorClient() return a reference.

        * editing/AlternativeTextController.cpp:
        (WebCore::AlternativeTextController::editorClient):
        (WebCore::AlternativeTextController::textChecker):
        * editing/Editor.cpp:
        (WebCore::Editor::client):
        * editing/SpellChecker.cpp:
        (WebCore::SpellChecker::client):
        * page/FocusController.cpp:
        (WebCore::FocusController::setFocusedElement):
        * page/Page.cpp:
        (WebCore::Page::Page):
        (WebCore::Page::~Page):
        (WebCore::Page::clearUndoRedoOperations):
        * page/Page.h:
        (WebCore::Page::editorClient):
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScroll):

2015-01-16  Benjamin Poulain  <benjamin@webkit.org>

        Make URL filters case-insensitive by default
        https://bugs.webkit.org/show_bug.cgi?id=140531

        Reviewed by Andreas Kling.

        Safari's filters were case-insensitive. Adopt that convention in the engine,
        and add a flag in case someone ever need a case-sensitive filter.

        * contentextensions/ContentExtensionRule.h:
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::setRuleList):
        * contentextensions/ContentExtensionsManager.cpp:
        (WebCore::ContentExtensions::ExtensionsManager::loadTrigger):
        * contentextensions/URLFilterParser.cpp:
        (WebCore::ContentExtensions::trivialAtomFromASCIICharacter):
        (WebCore::ContentExtensions::GraphBuilder::GraphBuilder):
        (WebCore::ContentExtensions::GraphBuilder::atomPatternCharacter):
        (WebCore::ContentExtensions::GraphBuilder::generateTransition):
        (WebCore::ContentExtensions::URLFilterParser::addPattern):
        * contentextensions/URLFilterParser.h:

2015-01-16  Benjamin Poulain  <bpoulain@apple.com>

        Add the alternative syntax for CSS Selector's descendant combinator (">>")
        https://bugs.webkit.org/show_bug.cgi?id=140525

        Reviewed by Antti Koivisto.

        The latest Selector spec introduces the combinator ">>" as an alias for the descendant
        relation: http://dev.w3.org/csswg/selectors-4/#descendant-combinators

        This patch implements that combinator as an alias of the existing one. For CSSOM's selector
        serialization, I use one bit of CSSSelector to store if that alternative syntax was used.

        Tests: fast/css/descendant-combinator-doubled-child-syntax-styling.html
               fast/css/parsing-css-descendant-combinator-doubled-child-syntax.html
               fast/selectors/element-closest-descendant-combinator-doubled-child-syntax.html
               fast/selectors/element-matches-descendant-combinator-doubled-child-syntax.html
               fast/selectors/querySelector-descendant-combinator-doubled-child-syntax.html

        * css/CSSGrammar.y.in:
        * css/CSSParserValues.cpp:
        (WebCore::CSSParserSelector::appendTagHistory):
        * css/CSSParserValues.h:
        (WebCore::CSSParserSelector::setDescendantUseDoubleChildSyntax):
        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::selectorText):
        * css/CSSSelector.h:
        (WebCore::CSSSelector::setDescendantUseDoubleChildSyntax):
        (WebCore::CSSSelector::CSSSelector):

2015-01-16  Chris Dumez  <cdumez@apple.com>

        Generate StylePropertyShorthand.* from CSSPropertyNames.in
        https://bugs.webkit.org/show_bug.cgi?id=140501

        Reviewed by Darin Adler.

        Add initial support for having makeprop.pl generate most of
        StylePropertyShorthand.* from CSSPropertyNames.in.

        This patch replaces [Shorthand] parameter in CSSPropertyNames.in by a
        more descriptive [Longhands=property1|property2|...] parameter. With
        this information, makeprop.pl is now able to generate the
        StylePropertyShorthand factories for all CSS shorthand properties
        in a new StylePropertyShorthandFunctions.h header.

        The switches in StylePropertyShorthand.cpp could also be generated
        but this will be taken care of in follow-up patches to reduce patch
        size.

        * CMakeLists.txt:
        * DerivedSources.make:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue):
        * css/CSSPropertyNames.in:
        * css/StyleProperties.cpp:
        (WebCore::StyleProperties::getPropertyValue):
        * css/StylePropertyShorthand.cpp:
        (WebCore::shorthandForProperty):
        (WebCore::matchingShorthandsForLonghand):
        (WebCore::backgroundShorthand): Deleted.
        (WebCore::backgroundPositionShorthand): Deleted.
        (WebCore::backgroundRepeatShorthand): Deleted.
        (WebCore::borderShorthand): Deleted.
        (WebCore::borderBottomShorthand): Deleted.
        (WebCore::borderColorShorthand): Deleted.
        (WebCore::borderImageShorthand): Deleted.
        (WebCore::borderLeftShorthand): Deleted.
        (WebCore::borderRadiusShorthand): Deleted.
        (WebCore::webkitBorderRadiusShorthand): Deleted.
        (WebCore::borderRightShorthand): Deleted.
        (WebCore::borderSpacingShorthand): Deleted.
        (WebCore::borderStyleShorthand): Deleted.
        (WebCore::borderTopShorthand): Deleted.
        (WebCore::borderWidthShorthand): Deleted.
        (WebCore::listStyleShorthand): Deleted.
        (WebCore::marginShorthand): Deleted.
        (WebCore::markerShorthand): Deleted.
        (WebCore::outlineShorthand): Deleted.
        (WebCore::overflowShorthand): Deleted.
        (WebCore::paddingShorthand): Deleted.
        (WebCore::transitionShorthand): Deleted.
        (WebCore::animationShorthand): Deleted.
        (WebCore::webkitAnimationShorthand): Deleted.
        (WebCore::webkitBorderAfterShorthand): Deleted.
        (WebCore::webkitBorderBeforeShorthand): Deleted.
        (WebCore::webkitBorderEndShorthand): Deleted.
        (WebCore::webkitBorderStartShorthand): Deleted.
        (WebCore::webkitColumnsShorthand): Deleted.
        (WebCore::webkitColumnRuleShorthand): Deleted.
        (WebCore::flexFlowShorthand): Deleted.
        (WebCore::flexShorthand): Deleted.
        (WebCore::webkitMarginCollapseShorthand): Deleted.
        (WebCore::webkitGridShorthand): Deleted.
        (WebCore::webkitGridTemplateShorthand): Deleted.
        (WebCore::webkitGridAreaShorthand): Deleted.
        (WebCore::webkitGridColumnShorthand): Deleted.
        (WebCore::webkitGridRowShorthand): Deleted.
        (WebCore::webkitMarqueeShorthand): Deleted.
        (WebCore::webkitMaskShorthand): Deleted.
        (WebCore::webkitMaskPositionShorthand): Deleted.
        (WebCore::webkitMaskRepeatShorthand): Deleted.
        (WebCore::webkitTextDecorationShorthand): Deleted.
        (WebCore::webkitTextEmphasisShorthand): Deleted.
        (WebCore::webkitTextStrokeShorthand): Deleted.
        (WebCore::webkitTransitionShorthand): Deleted.
        (WebCore::webkitPerspectiveOriginShorthand): Deleted.
        (WebCore::webkitTransformOriginShorthand): Deleted.
        * css/StylePropertyShorthand.h:
        * css/makeprop.pl:

2015-01-16  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r178532.
        https://bugs.webkit.org/show_bug.cgi?id=140548

        Broke fast/css/parsing-css-lang.html on some bots (Requested
        by ap on #webkit).

        Reverted changeset:

        "Canonicalization of :lang() should preserve the :lang()'s
        arguments representations"
        https://bugs.webkit.org/show_bug.cgi?id=139928
        http://trac.webkit.org/changeset/178532

2015-01-16  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r178577.
        https://bugs.webkit.org/show_bug.cgi?id=140546

        Broke fast/css-grid-layout/grid-content-sized-columns-
        resolution.html (Requested by ap on #webkit).

        Reverted changeset:

        "[CSS Grid Layout] Tracks shrink sometimes with indefinite
        remaining space"
        https://bugs.webkit.org/show_bug.cgi?id=139059
        http://trac.webkit.org/changeset/178577

2015-01-16  Andreas Kling  <akling@apple.com>

        Some improvements to RuleSet shrinking.
        <https://webkit.org/b/140534>

        Reviewed by Antti Koivisto.

        Give an inline capacity (1) to the RuleData Vectors in RuleSet.
        The vast majority of Vectors have only a single entry, and this
        avoids having to allocate a separate Vector backing store for them.

        Also make sure to shrink some Vectors that we weren't already,
        like those in RuleFeatureSet.

        * css/ElementRuleCollector.cpp:
        (WebCore::ElementRuleCollector::collectMatchingRulesForList):
        * css/ElementRuleCollector.h:
        * css/RuleFeature.cpp:
        (WebCore::RuleFeatureSet::shrinkToFit):
        * css/RuleFeature.h:
        * css/RuleSet.cpp:
        (WebCore::RuleSet::addToRuleSet):
        (WebCore::rulesCountForName):
        (WebCore::shrinkMapVectorsToFit):
        (WebCore::RuleSet::shrinkToFit):
        * css/RuleSet.h:
        (WebCore::RuleSet::idRules):
        (WebCore::RuleSet::classRules):
        (WebCore::RuleSet::tagRules):
        (WebCore::RuleSet::shadowPseudoElementRules):
        (WebCore::RuleSet::linkPseudoClassRules):
        (WebCore::RuleSet::cuePseudoRules):
        (WebCore::RuleSet::focusPseudoClassRules):
        (WebCore::RuleSet::universalRules):

2015-01-16  Antti Koivisto  <antti@apple.com>

        Correct naming for FontCascade implementation files
        https://bugs.webkit.org/show_bug.cgi?id=140544

        Reviewed by Zalan Bujtas.

        Also reduce their number.

        Merge FontFastPath.cpp into FontCascade.cpp
        Merge FontMac.mm and FontComplexTextMac.cpp into FontCascadeCocoa.mm

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/FontCascade.cpp:
        (WebCore::FontCascade::getEmphasisMarkGlyphData):
        (WebCore::FontCascade::emphasisMarkAscent):
        (WebCore::FontCascade::emphasisMarkDescent):
        (WebCore::FontCascade::emphasisMarkHeight):
        (WebCore::FontCascade::getGlyphsAndAdvancesForSimpleText):
        (WebCore::FontCascade::drawSimpleText):
        (WebCore::FontCascade::drawEmphasisMarksForSimpleText):
        (WebCore::FontCascade::drawGlyphBuffer):
        (WebCore::offsetToMiddleOfGlyph):
        (WebCore::offsetToMiddleOfGlyphAtIndex):
        (WebCore::FontCascade::drawEmphasisMarks):
        (WebCore::FontCascade::floatWidthForSimpleText):
        (WebCore::FontCascade::adjustSelectionRectForSimpleText):
        (WebCore::FontCascade::offsetForPositionForSimpleText):
        * platform/graphics/FontFastPath.cpp: Removed.
        * platform/graphics/cocoa/FontCascadeCocoa.mm: Copied from Source/WebCore/platform/graphics/mac/FontMac.mm.
        (WebCore::FontCascade::drawGlyphs):
        (WebCore::FontCascade::adjustSelectionRectForComplexText):
        (WebCore::FontCascade::getGlyphsAndAdvancesForComplexText):
        (WebCore::FontCascade::drawComplexText):
        (WebCore::FontCascade::drawEmphasisMarksForComplexText):
        (WebCore::FontCascade::floatWidthForComplexText):
        (WebCore::FontCascade::offsetForPositionForComplexText):
        (WebCore::FontCascade::fontDataForCombiningCharacterSequence):
        * platform/graphics/mac/FontComplexTextMac.cpp: Removed.
        * platform/graphics/mac/FontMac.mm: Removed.

2014-11-26  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] Tracks shrink sometimes with indefinite remaining space
        https://bugs.webkit.org/show_bug.cgi?id=139059

        Reviewed by David Hyatt.

        Test: fast/css-grid-layout/grid-grow-tracks-to-their-max.html

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):

2015-01-15  Csaba Osztrogonác  <ossy@webkit.org>

        Remove ENABLE(SQL_DATABASE) guards
        https://bugs.webkit.org/show_bug.cgi?id=140434

        Reviewed by Darin Adler.

        * Configurations/FeatureDefines.xcconfig:
        * Modules/webdatabase/AbstractDatabaseServer.h:
        * Modules/webdatabase/ChangeVersionData.h:
        * Modules/webdatabase/ChangeVersionWrapper.cpp:
        * Modules/webdatabase/ChangeVersionWrapper.h:
        * Modules/webdatabase/DOMWindowWebDatabase.cpp:
        * Modules/webdatabase/DOMWindowWebDatabase.h:
        * Modules/webdatabase/DOMWindowWebDatabase.idl:
        * Modules/webdatabase/Database.cpp:
        * Modules/webdatabase/Database.h:
        * Modules/webdatabase/Database.idl:
        * Modules/webdatabase/DatabaseBackend.cpp:
        * Modules/webdatabase/DatabaseBackend.h:
        * Modules/webdatabase/DatabaseBackendBase.cpp:
        * Modules/webdatabase/DatabaseBackendBase.h:
        * Modules/webdatabase/DatabaseBasicTypes.h:
        * Modules/webdatabase/DatabaseCallback.h:
        * Modules/webdatabase/DatabaseCallback.idl:
        * Modules/webdatabase/DatabaseContext.cpp:
        * Modules/webdatabase/DatabaseContext.h:
        * Modules/webdatabase/DatabaseDetails.h:
        * Modules/webdatabase/DatabaseError.h:
        * Modules/webdatabase/DatabaseManager.cpp:
        * Modules/webdatabase/DatabaseManager.h:
        * Modules/webdatabase/DatabaseManagerClient.h:
        * Modules/webdatabase/DatabaseServer.cpp:
        * Modules/webdatabase/DatabaseServer.h:
        * Modules/webdatabase/DatabaseTask.cpp:
        * Modules/webdatabase/DatabaseTask.h:
        * Modules/webdatabase/DatabaseThread.cpp:
        * Modules/webdatabase/DatabaseThread.h:
        * Modules/webdatabase/DatabaseTracker.cpp:
        * Modules/webdatabase/DatabaseTracker.h:
        * Modules/webdatabase/OriginLock.cpp:
        * Modules/webdatabase/OriginLock.h:
        * Modules/webdatabase/SQLCallbackWrapper.h:
        * Modules/webdatabase/SQLError.h:
        * Modules/webdatabase/SQLError.idl:
        * Modules/webdatabase/SQLException.cpp:
        * Modules/webdatabase/SQLException.h:
        * Modules/webdatabase/SQLException.idl:
        * Modules/webdatabase/SQLResultSet.cpp:
        * Modules/webdatabase/SQLResultSet.h:
        * Modules/webdatabase/SQLResultSet.idl:
        * Modules/webdatabase/SQLResultSetRowList.cpp:
        * Modules/webdatabase/SQLResultSetRowList.h:
        * Modules/webdatabase/SQLResultSetRowList.idl:
        * Modules/webdatabase/SQLStatement.cpp:
        * Modules/webdatabase/SQLStatement.h:
        * Modules/webdatabase/SQLStatementBackend.cpp:
        * Modules/webdatabase/SQLStatementBackend.h:
        * Modules/webdatabase/SQLStatementCallback.h:
        * Modules/webdatabase/SQLStatementCallback.idl:
        * Modules/webdatabase/SQLStatementErrorCallback.h:
        * Modules/webdatabase/SQLStatementErrorCallback.idl:
        * Modules/webdatabase/SQLTransaction.cpp:
        * Modules/webdatabase/SQLTransaction.h:
        * Modules/webdatabase/SQLTransaction.idl:
        * Modules/webdatabase/SQLTransactionBackend.cpp:
        * Modules/webdatabase/SQLTransactionBackend.h:
        * Modules/webdatabase/SQLTransactionCallback.h:
        * Modules/webdatabase/SQLTransactionCallback.idl:
        * Modules/webdatabase/SQLTransactionClient.cpp:
        * Modules/webdatabase/SQLTransactionClient.h:
        * Modules/webdatabase/SQLTransactionCoordinator.cpp:
        * Modules/webdatabase/SQLTransactionCoordinator.h:
        * Modules/webdatabase/SQLTransactionErrorCallback.h:
        * Modules/webdatabase/SQLTransactionErrorCallback.idl:
        * Modules/webdatabase/SQLTransactionState.h:
        * Modules/webdatabase/SQLTransactionStateMachine.cpp:
        * Modules/webdatabase/SQLTransactionStateMachine.h:
        * bindings/js/JSCommandLineAPIHostCustom.cpp:
        (WebCore::JSCommandLineAPIHost::databaseId):
        * bindings/js/JSCustomSQLStatementErrorCallback.cpp:
        * bindings/js/JSExceptionBase.cpp:
        (WebCore::toExceptionBase):
        * bindings/js/JSSQLResultSetRowListCustom.cpp:
        * bindings/js/JSSQLTransactionCustom.cpp:
        * bindings/scripts/test/GObject/WebKitDOMTestCallback.cpp:
        (webkit_dom_test_callback_finalize):
        (webkit_dom_test_callback_constructor):
        (webkit_dom_test_callback_callback_with_no_param):
        (webkit_dom_test_callback_callback_with_array_param):
        (webkit_dom_test_callback_callback_with_serialized_script_value_param):
        (webkit_dom_test_callback_callback_with_non_bool_return_type):
        (webkit_dom_test_callback_callback_with_string_list):
        (webkit_dom_test_callback_callback_with_boolean):
        (webkit_dom_test_callback_callback_requires_this_to_pass):
        * bindings/scripts/test/GObject/WebKitDOMTestCallbackPrivate.h:
        * bindings/scripts/test/JS/JSTestCallback.cpp:
        * bindings/scripts/test/JS/JSTestCallback.h:
        * bindings/scripts/test/ObjC/DOMTestCallback.mm:
        * bindings/scripts/test/TestCallback.idl:
        * dom/DOMExceptions.in:
        * dom/ScriptExecutionContext.cpp:
        (WebCore::ScriptExecutionContext::setDatabaseContext):
        * dom/ScriptExecutionContext.h:
        * history/PageCache.cpp:
        (WebCore::logCanCacheFrameDecision):
        (WebCore::PageCache::canCachePageContainingThisFrame):
        * inspector/CommandLineAPIHost.cpp:
        (WebCore::CommandLineAPIHost::CommandLineAPIHost):
        (WebCore::CommandLineAPIHost::disconnect):
        (WebCore::CommandLineAPIHost::databaseIdImpl):
        * inspector/CommandLineAPIHost.h:
        (WebCore::CommandLineAPIHost::init):
        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::InspectorController):
        * inspector/InspectorDatabaseAgent.cpp:
        * inspector/InspectorDatabaseAgent.h:
        * inspector/InspectorDatabaseInstrumentation.h:
        (WebCore::InspectorInstrumentation::didOpenDatabase):
        * inspector/InspectorDatabaseResource.cpp:
        * inspector/InspectorDatabaseResource.h:
        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::didCommitLoadImpl):
        (WebCore::InspectorInstrumentation::didOpenDatabaseImpl):
        * inspector/InspectorInstrumentation.h:
        * inspector/InstrumentingAgents.cpp:
        (WebCore::InstrumentingAgents::InstrumentingAgents):
        (WebCore::InstrumentingAgents::reset):
        * inspector/InstrumentingAgents.h:
        * inspector/WorkerInspectorController.cpp:
        (WebCore::WorkerInspectorController::WorkerInspectorController):
        * loader/EmptyClients.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::stopLoading):
        * page/ChromeClient.h:
        * platform/FeatureCounterKeys.h:

2015-01-15  Zalan Bujtas  <zalan@apple.com>

        Element appears correctly but does not receive event with a large translation.
        https://bugs.webkit.org/show_bug.cgi?id=139815

        Reviewed by Simon Fraser.

        When the hit point gets translated beyond the min/max value of LayoutRect (infiniteRect()),
        we fail to find the corresponding layer.
        When there's no clipping on a layer, we use min/max values to represent infiniteness.
        However it does not work well across types. With IntPoint(hittest) we can address a point that's outside
        of LayoutRect's boundary(clipping).
        This patch addresses the immediate issue of not being able to hittest transformed layers properly. 
        Fixing the representation of infiniteness is tracked here: webkit.org/b/140533

        Test: transforms/hittest-translated-content-off-to-infinity-and-back.html

        * rendering/ClipRect.cpp:
        (WebCore::ClipRect::intersects):

2015-01-15  Myles C. Maxfield  <mmaxfield@apple.com>

        tables/mozilla/bugs/bug10633.html is flakey on Yosemite
        https://bugs.webkit.org/show_bug.cgi?id=140487

        Reviewed by Simon Fraser.

        The workaround in https://bugs.webkit.org/show_bug.cgi?id=140253 works
        on both OSes.

        * platform/graphics/mac/SimpleFontDataMac.mm:
        (WebCore::SimpleFontData::platformInit):

2015-01-15  Ryosuke Niwa  <rniwa@webkit.org>

        Removing an HTML element spends a lot of time in adjustDirectionalityIfNeededAfterChildrenChanged
        https://bugs.webkit.org/show_bug.cgi?id=140523
        <rdar://problem/19464329>

        Reviewed by Chris Dumez.

        The bug was caused by adjustDirectionalityIfNeededAfterChildrenChanged always traversing children to
        unset selfOrAncestorHasDirAutoAttribute flag while removing a child element.

        Fixed the bug by removing this code. This code was no-op prior to being refactored in r154957 since
        we only entered a for loop with the invariant "counter < childCountDelta" when "childCountDelta < 0".

        See http://trac.webkit.org/changeset/154957/trunk/Source/WebCore/html/HTMLElement.cpp.

        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::adjustDirectionalityIfNeededAfterChildrenChanged):

2015-01-15  Brent Fulgham  <bfulgham@apple.com>

        RenderLayerCompositor: Strange comparison of opacity (float) to boolean.
        https://bugs.webkit.org/show_bug.cgi?id=140477.

        Reviewed by Simon Fraser.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::styleChangeRequiresLayerRebuild): Add a cast to make the meaning of this
        code clearer.

2015-01-15  Joseph Pecoraro  <pecoraro@apple.com>

        Unreviewed, rolling out r178531.

        Caused LayoutTest ASSERTs/CRASHs on Debug Yosemite build-bot.

        Reverted changeset:

        "Layers need to be already updated before we call adjustViewSize."
        https://bugs.webkit.org/show_bug.cgi?id=135514
        http://trac.webkit.org/changeset/178531

        * page/FrameView.cpp:
        (WebCore::FrameView::layout):
        (WebCore::FrameView::updateCompositingLayersAfterScrolling):
        (WebCore::FrameView::paintContents):
        (WebCore::FrameView::shouldDeferScrollUpdateAfterContentSizeChange): Deleted.
        * page/FrameView.h:
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::scrollTo):
        (WebCore::ScrollView::handleDeferredScrollUpdateAfterContentSizeChange): Deleted.
        * platform/ScrollView.h:
        (WebCore::ScrollView::shouldDeferScrollUpdateAfterContentSizeChange): Deleted.

2015-01-15  Chris Dumez  <cdumez@apple.com>

        [WK2] Wire diagnostic logging messages through the UIProcess
        https://bugs.webkit.org/show_bug.cgi?id=140486

        Reviewed by Sam Weinig.

        Wire diagnostic logging messages through the UIProcess.
        Eventually, the corresponding bundle API should go away.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        Add page/DiagnosticLoggingResultType.h to Windows project.

        * WebCore.xcodeproj/project.pbxproj:
        Add page/DiagnosticLoggingResultType.h to XCode project.

        * html/HTMLMediaElement.cpp:
        * loader/EmptyClients.h:
        * loader/FrameLoader.cpp:
        * page/DiagnosticLoggingClient.h:
        * page/DiagnosticLoggingResultType.h: Copied from Source/WebCore/page/DiagnosticLoggingClient.h.
        Use new DiagnosticLoggingResultType enum instead of old
        DiagnosticLoggingClient::LogType one.

2015-01-15  Zalan Bujtas  <zalan@apple.com>

        Reduce LayoutRect::infiniteRect() usage.
        https://bugs.webkit.org/show_bug.cgi?id=140511

        Reviewed by Simon Fraser.

        This is in preparation to get rid of LayoutRect/FloatRect::infiniteRect().

        No change in functionality.

        * platform/graphics/LayoutRect.h:
        (WebCore::LayoutRect::isInfinite):
        * rendering/ClipRect.h:
        (WebCore::ClipRect::reset):
        (WebCore::ClipRect::isEmpty):
        (WebCore::ClipRect::isInfinite):
        (WebCore::ClipRect::setRect): Deleted.
        * rendering/PaintInfo.h:
        (WebCore::PaintInfo::applyTransform):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLayer.h:
        (WebCore::ClipRects::reset):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateGeometry):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::clippedByAncestor):

2015-01-15  Chris Dumez  <cdumez@apple.com>

        Intermittent WebCore build failures - CSSPropertyNames.gperf: No keywords in input file! calling gperf failed: 256 at WebCore/css/makeprop.pl line 901
        https://bugs.webkit.org/show_bug.cgi?id=140521

        Reviewed by Alexey Proskuryakov.

        Close the CSSPropertyNames.gperf file before calling gperf on it
        to make sure the content we wrote was flushed. This was causing
        intermittent build failures.

        * css/makeprop.pl:

2015-01-15  Zalan Bujtas  <zalan@apple.com>

        LayerFragment should be able to intersect with ClipRect.
        https://bugs.webkit.org/show_bug.cgi?id=140498

        Reviewed by Simon Fraser.

        No change in functionality.

        * rendering/LayerFragment.h:
        (WebCore::LayerFragment::intersect):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::collectFragments):

2015-01-15  Zalan Bujtas  <zalan@apple.com>

        Move ClipRects and ClipRectsCache classes to RenderLayer.cpp.
        https://bugs.webkit.org/show_bug.cgi?id=140461

        Reviewed by Simon Fraser.

        Move classes only used by RenderLayer to RenderLayer.cpp.

        No change in functionality.

        * rendering/RenderLayer.cpp:
        (WebCore::ClipRects::create):
        (WebCore::ClipRects::reset):
        (WebCore::ClipRects::overflowClipRect):
        (WebCore::ClipRects::setOverflowClipRect):
        (WebCore::ClipRects::fixedClipRect):
        (WebCore::ClipRects::setFixedClipRect):
        (WebCore::ClipRects::posClipRect):
        (WebCore::ClipRects::setPosClipRect):
        (WebCore::ClipRects::fixed):
        (WebCore::ClipRects::setFixed):
        (WebCore::ClipRects::ref):
        (WebCore::ClipRects::deref):
        (WebCore::ClipRects::operator==):
        (WebCore::ClipRects::operator=):
        (WebCore::ClipRects::ClipRects):
        (WebCore::ClipRectsCache::ClipRectsCache):
        (WebCore::ClipRectsCache::getClipRects):
        (WebCore::ClipRectsCache::setClipRects):
        (WebCore::ClipRectsCache::getIndex):
        (WebCore::RenderLayer::clipRects):
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLayer.h:
        (WebCore::ClipRects::create): Deleted.
        (WebCore::ClipRects::ClipRects): Deleted.
        (WebCore::ClipRects::reset): Deleted.
        (WebCore::ClipRects::overflowClipRect): Deleted.
        (WebCore::ClipRects::setOverflowClipRect): Deleted.
        (WebCore::ClipRects::fixedClipRect): Deleted.
        (WebCore::ClipRects::setFixedClipRect): Deleted.
        (WebCore::ClipRects::posClipRect): Deleted.
        (WebCore::ClipRects::setPosClipRect): Deleted.
        (WebCore::ClipRects::fixed): Deleted.
        (WebCore::ClipRects::setFixed): Deleted.
        (WebCore::ClipRects::ref): Deleted.
        (WebCore::ClipRects::deref): Deleted.
        (WebCore::ClipRects::operator==): Deleted.
        (WebCore::ClipRects::operator=): Deleted.
        (WebCore::ClipRectsCache::ClipRectsCache): Deleted.
        (WebCore::ClipRectsCache::getClipRects): Deleted.
        (WebCore::ClipRectsCache::setClipRects): Deleted.
        (WebCore::ClipRectsCache::getIndex): Deleted.

2015-01-15  Dhi Aurrahman  <diorahman@rockybars.com>

        Canonicalization of :lang() should preserve the :lang()'s arguments representations
        https://bugs.webkit.org/show_bug.cgi?id=139928

        Reviewed by Benjamin Poulain.

        Preserve the representation of IDENT and STRING when serializing the 
        :lang(). For example, :lang(foo,"bar"   ,baz) should be serialized as 
        :lang(foo, "bar", baz) instead of :lang(foo, bar, baz).

        Rename CSSParserSelector::setArgumentList, CSSSelector::setArgumentList
        and CSSSelector::argumentList to CSSParserSelector::setLangArgumentList,
        CSSSelector::setLangArgumentList and CSSSelector::langArgumentList 
        respectively, since those methods are being exclusively used in respect
        with :lang().

        Update the test of serializing :lang() with IDENT and STRING arguments.

        * css/CSSGrammar.y.in:
        * css/CSSParserValues.cpp:
        (WebCore::CSSParserSelector::setLangArgumentList):
        (WebCore::CSSParserSelector::setArgumentList): Deleted.
        * css/CSSParserValues.h:
        (WebCore::CSSParserString::init):
        (WebCore::CSSParserString::clear):
        (WebCore::CSSParserString::isParsedFromString):
        (WebCore::CSSParserString::setParsedFromString):
        * css/CSSSelector.cpp:
        (WebCore::appendLangArgumentList):
        (WebCore::CSSSelector::selectorText):
        (WebCore::CSSSelector::setLangArgumentList):
        (WebCore::appendArgumentList): Deleted.
        (WebCore::CSSSelector::setArgumentList): Deleted.
        * css/CSSSelector.h:
        (WebCore::CSSSelector::langArgumentList):
        (WebCore::CSSSelector::langArgumentParsedFromStringFlagList):
        (WebCore::CSSSelector::argumentList): Deleted.
        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):

2015-01-15  Brent Fulgham  <bfulgham@apple.com>

        Layers need to be already updated before we call adjustViewSize
        https://bugs.webkit.org/show_bug.cgi?id=135514

        Reviewed by Simon Fraser.

        Tested by 'fast/dynamic/layer-no-longer-paginated.html'

        Defer updating scrollbars until we have finished layout. This
        has a couple of benefits:
        (1) We do not attempt to modify render layers during layout.
        (2) In WK1 we do not attempt to paint during layout.

        Add a new virtual predicate to ScrollView indicating when we are in
        layout so that calls to setContentsSize do not attempt
        to adjust scrollbars.

        Modify FrameView to set its ScrollView state to block drawing
        scrollbar updates during layout. Also add a post-layout
        handler to complete the scrollbar updates after layout is
        finished.

        * page/FrameView.cpp:
        (WebCore::FrameView::layout):
        (WebCore::FrameView::shouldDeferScrollUpdateAfterContentSizeChange): Added.
        * page/FrameView.h:
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::handleDeferredScrollUpdateAfterContentSizeChange): Added.
        (WebCore::ScrollView::scrollTo): If we should defer painting, cache the
        the scroll delta and apply it after the layout is complete.
        * platform/ScrollView.h:
        (WebCore::ScrollView::shouldDeferScrollUpdateAfterContentSizeChange): Added.

2015-01-15  Benjamin Poulain  <benjamin@webkit.org>

        When building the NFA of the global disjunction, share the prefix subgraph of existing subpatterns
        https://bugs.webkit.org/show_bug.cgi?id=140465

        Reviewed by Andreas Kling.

        This patch updates the parser to produce smaller graphs when multiple patterns
        of the rule list share a common prefix.

        Previously, GraphBuilder would generate subgraph in place of each parsed
        atom. We now only create subgraph if an atom does not appear in the prefix tree.

        We accumulate the parsing information into small uint16_t named TrivialAtom.
        When generating the subgraph for an new atom, we first check if the prefix tree already
        has a corresponding subgraph for that atom. If it does, we do not generate anything and we extend the existing
        graph. If there is no existing prefix, we create the subgraph and extend the prefix tree.

        Sharing prefix subtrees slows down the subtree generation a bit but the resulting graph is much
        simpler for many kind of inputs.

        * WebCore.xcodeproj/project.pbxproj:
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::setRuleList):
        The URLFilterParser now maintains states (the prefix tree) between patterns.

        * contentextensions/DFA.cpp:
        (WebCore::ContentExtensions::DFA::debugPrintDot):
        * contentextensions/DFANode.h:
        Fix a typo :)

        * contentextensions/NFA.cpp:
        (WebCore::ContentExtensions::NFA::createNode):
        (WebCore::ContentExtensions::NFA::setFinal):
        (WebCore::ContentExtensions::NFA::restoreToGraphSize):
        (WebCore::ContentExtensions::NFA::addRuleId):
        (WebCore::ContentExtensions::NFA::debugPrintDot):
        * contentextensions/NFA.h:
        (WebCore::ContentExtensions::NFA::addRuleId):
        * contentextensions/NFANode.cpp: Removed.
        * contentextensions/NFANode.h:
        NFA nodes from two patterns are now "merged" by construction, thus we need
        to keep track of multiple rules per node.

        * contentextensions/NFAToDFA.cpp:
        (WebCore::ContentExtensions::NodeIdSetToUniqueNodeIdSetTranslator::translate):
        * contentextensions/URLFilterParser.cpp:
        (WebCore::ContentExtensions::trivialAtomFromAsciiCharacter):
        (WebCore::ContentExtensions::quantifyTrivialAtom):
        (WebCore::ContentExtensions::trivialAtomForNewlineClassIDBuiltin):
        (WebCore::ContentExtensions::GraphBuilder::GraphBuilder):
        (WebCore::ContentExtensions::GraphBuilder::m_LastPrefixTreeEntry):
        (WebCore::ContentExtensions::GraphBuilder::finalize):
        (WebCore::ContentExtensions::GraphBuilder::atomPatternCharacter):
        (WebCore::ContentExtensions::GraphBuilder::atomBuiltInCharacterClass):
        (WebCore::ContentExtensions::GraphBuilder::quantifyAtom):
        (WebCore::ContentExtensions::GraphBuilder::fail):
        (WebCore::ContentExtensions::GraphBuilder::generateTransition):
        (WebCore::ContentExtensions::GraphBuilder::sinkTrivialAtom):
        (WebCore::ContentExtensions::GraphBuilder::sinkPendingAtomIfNecessary):
        (WebCore::ContentExtensions::URLFilterParser::URLFilterParser):
        (WebCore::ContentExtensions::URLFilterParser::addPattern):
        (WebCore::ContentExtensions::GraphBuilder::m_lastAtom): Deleted.
        (WebCore::ContentExtensions::URLFilterParser::parse): Deleted.
        * contentextensions/URLFilterParser.h:
        (WebCore::ContentExtensions::URLFilterParser::hasError): Deleted.
        (WebCore::ContentExtensions::URLFilterParser::errorMessage): Deleted.

2015-01-14  Alexey Proskuryakov  <ap@apple.com>

        Web Inspector and regular console use different source code locations for messages
        https://bugs.webkit.org/show_bug.cgi?id=140478

        Reviewed by Brian Burg.

        We now create a ConsoleMessage object in a place where we can look at it and use
        the source location it computed in a client call.

        * inspector/InspectorConsoleInstrumentation.h:
        (WebCore::InspectorInstrumentation::addMessageToConsole):
        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::addMessageToConsoleImpl):
        * inspector/InspectorInstrumentation.h:
        * inspector/WebConsoleAgent.cpp:
        (WebCore::WebConsoleAgent::didFinishXHRLoading):
        (WebCore::WebConsoleAgent::didReceiveResponse):
        (WebCore::WebConsoleAgent::didFailLoading):
        * page/PageConsoleClient.cpp:
        (WebCore::PageConsoleClient::addMessage):
        (WebCore::PageConsoleClient::messageWithTypeAndLevel):
        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::addMessageToWorkerConsole):

2015-01-15  Brent Fulgham  <bfulgham@apple.com>

        [Win] Unreviewed Windows build fix.

        More missing Font->FontCascade changes.

        * platform/win/WebCoreTextRenderer.cpp:
        (WebCore::WebCoreSetAlwaysUsesComplexTextCodePath):
        (WebCore::WebCoreAlwaysUsesComplexTextCodePath):

2015-01-15  Antti Koivisto  <antti@apple.com>

        REGRESSION(r178133): Membuster regressed ~4%
        https://bugs.webkit.org/show_bug.cgi?id=140495

        Reviewed by Andreas Kling.

        * platform/graphics/FontCache.cpp:
        (WebCore::FontCache::purgeInactiveFontData):

            Fonts may ref other fonts. Keep clearing until there are no changes.

2015-01-15  Brent Fulgham  <bfulgham@apple.com>

        [Win] Unreviewed build fix.

        * platform/graphics/win/FontCacheWin.cpp:
        * platform/win/DragImageWin.cpp:
        * platform/win/WebCoreTextRenderer.h:

2015-01-15  Antti Koivisto  <antti@apple.com>

        Try to fix windows build.

        * platform/graphics/ca/win/PlatformCALayerWin.cpp:
        * platform/graphics/ca/win/PlatformCALayerWinInternal.cpp:
        (PlatformCALayerWinInternal::displayCallback):
        * platform/win/DragImageWin.cpp:
        (WebCore::dragLabelFont):
        (WebCore::createDragImageForLink):
        * platform/win/PopupMenuWin.cpp:
        (WebCore::PopupMenuWin::calculatePositionAndSize):
        (WebCore::PopupMenuWin::paint):
        * platform/win/WebCoreTextRenderer.cpp:
        (WebCore::doDrawTextAtPoint):
        (WebCore::WebCoreDrawDoubledTextAtPoint):
        (WebCore::WebCoreTextFloatWidth):
        (WebCore::WebCoreSetAlwaysUsesComplexTextCodePath):
        (WebCore::WebCoreAlwaysUsesComplexTextCodePath):
        * rendering/RenderThemeSafari.cpp:
        (WebCore::RenderThemeSafari::setFontFromControlSize):

2015-01-15  Antti Koivisto  <antti@apple.com>

        Unreviewed, rolling out r178518.

        Didn't mean to commit some of this

        Reverted changeset:

        "Try to fix windows build."
        http://trac.webkit.org/changeset/178518

2015-01-15  Antti Koivisto  <antti@apple.com>

        Try to fix windows build.

        * platform/graphics/Font.cpp: Copied from Source/WebCore/platform/graphics/SimpleFontData.cpp.
        * platform/graphics/Font.h: Copied from Source/WebCore/platform/graphics/SimpleFontData.h.
        * platform/graphics/FontCascadeFastPath.cpp: Copied from Source/WebCore/platform/graphics/FontFastPath.cpp.
        * platform/graphics/ca/win/PlatformCALayerWin.cpp:
        * platform/graphics/ca/win/PlatformCALayerWinInternal.cpp:
        (PlatformCALayerWinInternal::displayCallback):
        * platform/graphics/ios/FontIOS.mm: Copied from Source/WebCore/platform/graphics/ios/SimpleFontDataIOS.mm.
        * platform/graphics/mac/FontCascadeComplexTextMac.cpp: Copied from Source/WebCore/platform/graphics/mac/FontComplexTextMac.cpp.
        * platform/graphics/mac/FontCascadeMac.mm: Copied from Source/WebCore/platform/graphics/mac/FontMac.mm.
        * platform/graphics/mac/FontCoreText.cpp: Copied from Source/WebCore/platform/graphics/mac/SimpleFontDataCoreText.cpp.
        * platform/graphics/mac/FontMac.mm: Replaced with Source/WebCore/platform/graphics/mac/SimpleFontDataMac.mm.
        * platform/win/DragImageWin.cpp:
        (WebCore::dragLabelFont):
        (WebCore::createDragImageForLink):
        * platform/win/PopupMenuWin.cpp:
        (WebCore::PopupMenuWin::calculatePositionAndSize):
        (WebCore::PopupMenuWin::paint):
        * platform/win/WebCoreTextRenderer.cpp:
        (WebCore::doDrawTextAtPoint):
        (WebCore::WebCoreDrawDoubledTextAtPoint):
        (WebCore::WebCoreTextFloatWidth):
        (WebCore::WebCoreSetAlwaysUsesComplexTextCodePath):
        (WebCore::WebCoreAlwaysUsesComplexTextCodePath):
        * rendering/RenderThemeSafari.cpp:
        (WebCore::RenderThemeSafari::setFontFromControlSize):

2015-01-15  Myles C. Maxfield  <mmaxfield@apple.com>

        http/tests/misc/acid3.html is flakey on Mavericks
        https://bugs.webkit.org/show_bug.cgi?id=140253

        Reviewed by Alexey Proskuryakov.

        CoreText has a bug <rdar://problem/19433490> in which kerning is not applied for a font
        if a CTTypesetter is created using that font before a call to CTFontTransformGlyphs. We
        often create typesetters in the complex code path, so it's not obvious when this bug
        might present itself. This patch simply makes a dummy invocation of
        CTFontTransformGlyphs() when creating a SimpleFontData.

        No new tests because this is covered by http/tests/misc/acid3.html.

        * platform/graphics/mac/SimpleFontDataMac.mm:
        (WebCore::SimpleFontData::platformInit):

2015-01-15  Chris Dumez  <cdumez@apple.com>

        Get rid of custom StyleBuilder code for 'line-height' CSS property
        https://bugs.webkit.org/show_bug.cgi?id=140462

        Reviewed by Antti Koivisto.

        Get rid of custom StyleBuilder code for 'line-height' CSS property by
        using a conditional converter.

        * css/CSSPropertyNames.in:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertLineHeight):
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyValueLineHeight):
        (WebCore::StyleBuilderCustom::convertLineHeight): Deleted.

2015-01-15  Antti Koivisto  <antti@apple.com>

        Rename Font to FontCascade
        https://bugs.webkit.org/show_bug.cgi?id=140442

        Reviewed by Darin Adler.

        We can then rename SimpleFontData to Font. This will match the usual definition of a "font".

2015-01-15  Mihnea Ovidenie  <mihnea@adobe.com>

        [CSSRegions] Assert failure in RenderBlock::locateFlowThreadContainingBlock when showing the render tree debug info
        https://bugs.webkit.org/show_bug.cgi?id=140441

        Reviewed by Andrei Bucur.

        When showing the render tree debug information for an element inside a flow thread,
        we will display the region range information for all the render boxes. To avoid
        computation of flow thread containing block in these situations, we will use
        only the cached flow thread containing block information.

        No new tests as this code path is only touched when using showRenderTree* methods.

        * rendering/RenderObject.cpp:
        (WebCore::flowThreadContainingBlockFromRenderer):
        (WebCore::RenderObject::showRegionsInformation):

2015-01-14  Simon Fraser  <simon.fraser@apple.com>

        Graphics corruption after Find on some pages
        https://bugs.webkit.org/show_bug.cgi?id=140489

        Reviewed by Zalan Bujtas.
        
        After doing a Find on http://shop.outlier.cc/shop/retail/chino.html,
        garbage could appear on some parts of the page. This is caused by creating
        a compositing layer which is marked as opaque, yet failing to paint the entire
        layer contents.
        
        This was caused by a bug in RenderBox::computeBackgroundIsKnownToBeObscured()
        logic. On the page in question, doing a Find could cause overflow:hidden sections
        to get scrolled (since Find can reveal the selection by scrolling overflow).
        However, the render tree walking under RenderBox::foregroundIsKnownToBeOpaqueInRect()
        fails to take overflow scrolling into account, so gives the wrong answer
        in some content configurations. As a result, we'd think that the background
        is obscured, and never paint it.
        
        Conservative fix is to have isCandidateForOpaquenessTest() return false
        when the content has any non-zero scroll offset.

        Tests: compositing/contents-opaque/opaque-with-scrolled.html
               fast/backgrounds/opaque-scrolled-paint-background.html

        * rendering/RenderBox.cpp:
        (WebCore::isCandidateForOpaquenessTest):

2015-01-14  Jer Noble  <jer.noble@apple.com>

        [Mac][MSE] Stalled YouTube playback does not allow display to sleep.
        https://bugs.webkit.org/show_bug.cgi?id=140468
        rdar://problem/19171162

        Reviewed by Eric Carlson.

        Test: media/media-source/media-source-stalled-holds-sleep-assertion.html

        The unstated convention of MediaPlayerPrivate::paused() is that implementations should 
        return 'true' if the playback rate is 0. However, MediaPlayerPrivateMediaSourceAVFObjC
        was returning 'false' if it was supposed to be playing, regardless of the actual rate.
        This caused a check in HTMLMediaElement of whether to release the sleep assertion token
        to fail, thinking the media engine was still playing.

        Add some testing infrastructure to allow us to test whether the media element is disabling
        display sleep from within layout tests.

        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::isDisablingSleep):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::paused):
        * testing/Internals.cpp:
        (WebCore::Internals::elementIsBlockingDisplaySleep):
        * testing/Internals.h:
        * testing/Internals.idl:

2015-01-14  Zalan Bujtas  <zalan@apple.com>

        Move LayoutFragment and ClipRect to their own files.
        https://bugs.webkit.org/show_bug.cgi?id=140457

        Reviewed by Simon Fraser.

        Move these classes to their own files to to make RenderLayer.h less heavy.

        No change in functionality.

        * WebCore.xcodeproj/project.pbxproj:
        * rendering/ClipRect.cpp: Added.
        (WebCore::ClipRect::intersects):
        * rendering/ClipRect.h: Added.
        (WebCore::ClipRect::ClipRect):
        (WebCore::ClipRect::rect):
        (WebCore::ClipRect::setRect):
        (WebCore::ClipRect::affectedByRadius):
        (WebCore::ClipRect::setAffectedByRadius):
        (WebCore::ClipRect::operator==):
        (WebCore::ClipRect::operator!=):
        (WebCore::ClipRect::intersect):
        (WebCore::ClipRect::move):
        (WebCore::ClipRect::moveBy):
        (WebCore::ClipRect::isEmpty):
        (WebCore::ClipRect::intersects):
        (WebCore::ClipRect::inflateX):
        (WebCore::ClipRect::inflateY):
        (WebCore::ClipRect::inflate):
        (WebCore::intersection):
        * rendering/LayerFragment.h: Added.
        (WebCore::LayerFragment::setRects):
        (WebCore::LayerFragment::moveBy):
        (WebCore::LayerFragment::intersect):
        * rendering/RenderFlowThread.h:
        * rendering/RenderLayer.cpp:
        (WebCore::ClipRect::intersects): Deleted.
        * rendering/RenderLayer.h:
        (WebCore::ClipRect::ClipRect): Deleted.
        (WebCore::ClipRect::rect): Deleted.
        (WebCore::ClipRect::setRect): Deleted.
        (WebCore::ClipRect::affectedByRadius): Deleted.
        (WebCore::ClipRect::setAffectedByRadius): Deleted.
        (WebCore::ClipRect::operator==): Deleted.
        (WebCore::ClipRect::operator!=): Deleted.
        (WebCore::ClipRect::intersect): Deleted.
        (WebCore::ClipRect::move): Deleted.
        (WebCore::ClipRect::moveBy): Deleted.
        (WebCore::ClipRect::isEmpty): Deleted.
        (WebCore::ClipRect::intersects): Deleted.
        (WebCore::ClipRect::inflateX): Deleted.
        (WebCore::ClipRect::inflateY): Deleted.
        (WebCore::ClipRect::inflate): Deleted.
        (WebCore::intersection): Deleted.
        (WebCore::LayerFragment::LayerFragment): Deleted.
        (WebCore::LayerFragment::setRects): Deleted.
        (WebCore::LayerFragment::moveBy): Deleted.
        (WebCore::LayerFragment::intersect): Deleted.
        * rendering/RenderMultiColumnSet.h:
        * rendering/RenderRegion.h:
        * rendering/RenderTreeAsText.cpp:

2015-01-14  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r178438.
        https://bugs.webkit.org/show_bug.cgi?id=140484

        Broke a few MediaSource tests (Requested by JoePeck on
        #webkit).

        Reverted changeset:

        "[MSE] Implement per TrackBuffer buffered."
        https://bugs.webkit.org/show_bug.cgi?id=139813
        http://trac.webkit.org/changeset/178438

2015-01-14  Enrica Casucci  <enrica@apple.com>

        REGRESSION (r165385): Crash when applying autocorrection exceeds maximum text area length.
        https://bugs.webkit.org/show_bug.cgi?id=137902
        rdar://problem/18568864

        Reviewed by Darin Adler.

        Test: editing/text-iterator/invalid-subrange.html

        characterSubrange should check the iterator position after each advance.
        This changed adds a new method to the Internals object to be able to test this.

        * editing/TextIterator.cpp:
        (WebCore::characterSubrange):
        (WebCore::TextIterator::subrange):
        (WebCore::findPlainText):
        * testing/Internals.cpp:
        (WebCore::Internals::subrange):
        * testing/Internals.h:
        * testing/Internals.idl:

2015-01-14  Said Abou-Hallawa  <sabouhallawa@apple.com>

        REGRESSION (r154769): Wrong <title> taken as a tooltip for SVG element.
        https://bugs.webkit.org/show_bug.cgi?id=139690.

        Reviewed by Daniel Bates.

        Before r154769, we were calling Traversal<SVGTitleElement>::firstWithin(), which returns
        the first immediate SVGTitleElement child. In r154769, Traversal<SVGTitleElement>::firstWithin()
        was replaced by descendantsOfType<SVGTitleElement> which returns all descendants SVGTitleElements.
        Then we were returning the first element of these descendants, which may not be an immediate
        child of the element, as the title of the SVGElement. This was the reason of this bug. The
        fix is to use childrenOfType<SVGTitleElement>() instead, which returns the immediate SVGTitleElement
        children of an SVGElement.

        Also we were not following exactly the specs for the rootmost SVG element's title value.
        According to the W3C specs, for stand-alone SVG documents only, the rootmost SVG element
        should not return a title. But we were not returning a title for the rootmost SVG element
        always. The fix is to return a empty title for the rootmost SVG element only if topDocument()
        of the element isSVGDocument().
        
        NOTE: The main SVG specs http://www.w3.org/TR/SVG/interact.html#hit-testing (W3C Recommendation
        16 August 2011) and http://www.w3.org/TR/SVG/struct.html#DescriptionAndTitleElements (W3C
        Recommendation 16 August 2011) do not say how the tooltip of an SVG element is calculated. But
        the SVG tiny specs http://www.w3.org/TR/SVGTiny12/struct.html#uiTitleDescBehavior (W3C
        Recommendation 22 December 2008) however explains well the tooltip calculation for the embedded
        and the stand-alone SVG cases. And it seems this what we should rely on.

        Test: svg/hittest/svg-standalone-tooltip.svg
              svg/hittest/svg-embedded-tooltip.html

        * WebCore.exp.in:
        * rendering/HitTestResult.h:
        Make HitTestResult::setInnerNode be WEBCORE_EXPORT
        
        * svg/SVGElement.cpp:
        (WebCore::SVGElement::title):
        Replace descendantsOfType<SVGTitleElement>() by childrenOfType<SVGTitleElement>().
        Fix the title value of the rootmost SVG element.
        
        * testing/Internals.cpp:
        (WebCore::Internals::toolTipFromElement):
        * testing/Internals.h:
        * testing/Internals.idl:
        Add a new internal function toolTipFromElement() which returns the tooltip text for a
        given element.

2015-01-14  Csaba Osztrogonác  <ossy@webkit.org>

        Buildfix after r178434
        https://bugs.webkit.org/show_bug.cgi?id=140467

        Reviewed by Chris Dumez.

        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertPerspective):

2015-01-14  Benjamin Poulain  <bpoulain@apple.com>

        Build fix for NFAToDFA on ARM

        * contentextensions/NFAToDFA.cpp:
        (WebCore::ContentExtensions::UniqueNodeIdSet::UniqueNodeIdSet):
        (WebCore::ContentExtensions::UniqueNodeIdSet::isDeletedValue):

2015-01-14  Bartlomiej Gajda  <b.gajda@samsung.com>

        [MSE] Implement per TrackBuffer buffered.
        https://bugs.webkit.org/show_bug.cgi?id=139813.

        Reviewed by Jer Noble.

        Added implementation of SourceBuffer buffered() algorithm as per specification,
        and caching mechanism called when samples are added, removed, or MediaSource
        readyState is changed.

        Tests: media/media-source/media-source-multiple-trackBuffers-buffered-in-ended-state.html
               media/media-source/media-source-multiple-trackBuffers-buffered.html

        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::setReadyState):
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::TrackBuffer::TrackBuffer):
        (WebCore::SourceBuffer::SourceBuffer):
        (WebCore::SourceBuffer::buffered):
        (WebCore::SourceBuffer::invalidateBuffered):
        (WebCore::SourceBuffer::recalculateBuffered):
        (WebCore::SourceBuffer::sourceBufferPrivateAppendComplete):
        (WebCore::SourceBuffer::removeCodedFrames):
        (WebCore::SourceBuffer::evictCodedFrames):
        (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):
        (WebCore::SourceBuffer::bufferedAccountingForEndOfStream):
        (WebCore::SourceBuffer::hasCurrentTime):
        * Modules/mediasource/SourceBuffer.h:

2015-01-14  Benjamin Poulain  <benjamin@webkit.org>

        Do not create new set for every sub-operation when converting a NFA to DFA
        https://bugs.webkit.org/show_bug.cgi?id=140380

        Reviewed by Andreas Kling.

        This is the first step toward making the NFA-to-DFA conversion more scalable: instead
        of creating new sets for each step of the algorithm, we use two kinds of sets
        and never do any copy.

        The first new tool to do that is UniqueNodeIdSetImpl. It represents a set of NFA state corresponding to a DFA
        state. It is unique per DFA state.

        HashableNodeIdSet is a helper tool storing a UniqueNodeIdSetImpl.

        The creation of new sets now goes like this:
        1) Get a NodeIdSet for each possible transition.
        2) For each transition:
           2a) Extend the NodeIdSet in place with its epsilon closure.
           2b) Get the UniqueNodeIdSetImpl corresponding to the new set we discovered.
           2c) If the UniqueNodeIdSetImpl is new, queue it for processing.

        * WebCore.xcodeproj/project.pbxproj:
        * contentextensions/ContentExtensionsDebugging.h: Copied from Source/WebCore/contentextensions/DFANode.h.
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::setRuleList):
        * contentextensions/ContentExtensionsManager.cpp:
        (WebCore::ContentExtensions::ExtensionsManager::loadExtension):
        Added some logging to inspect more easily what the clients are sending.

        * contentextensions/DFA.cpp:
        * contentextensions/DFA.h:
        * contentextensions/DFANode.h:
        * contentextensions/NFA.cpp:
        * contentextensions/NFA.h:
        * contentextensions/NFAToDFA.cpp:

        (WebCore::ContentExtensions::epsilonClosure):
        Instead of returning a new HashSet, extend the input HashSet.

        (WebCore::ContentExtensions::UniqueNodeIdSetImpl::buffer):
        (WebCore::ContentExtensions::UniqueNodeIdSet::UniqueNodeIdSet):
        (WebCore::ContentExtensions::UniqueNodeIdSet::operator=):
        (WebCore::ContentExtensions::UniqueNodeIdSet::~UniqueNodeIdSet):
        (WebCore::ContentExtensions::UniqueNodeIdSet::operator==):
        (WebCore::ContentExtensions::UniqueNodeIdSet::impl):
        (WebCore::ContentExtensions::UniqueNodeIdSet::hash):
        (WebCore::ContentExtensions::UniqueNodeIdSet::isEmptyValue):
        (WebCore::ContentExtensions::UniqueNodeIdSet::isDeletedValue):
        (WebCore::ContentExtensions::UniqueNodeIdSetHash::hash):
        (WebCore::ContentExtensions::UniqueNodeIdSetHash::equal):
        UniqueNodeIdSetImpl is a compact representation of a NodeIdSet corresponding to a DFA node.

        It is never built directly, it is only built on demand through NodeIdSetToUniqueNodeIdSetTranslator
        from a NodeIdSet.

        (WebCore::ContentExtensions::NodeIdSetToUniqueNodeIdSetSource::NodeIdSetToUniqueNodeIdSetSource):
        (WebCore::ContentExtensions::NodeIdSetToUniqueNodeIdSetTranslator::hash):
        (WebCore::ContentExtensions::NodeIdSetToUniqueNodeIdSetTranslator::equal):
        (WebCore::ContentExtensions::NodeIdSetToUniqueNodeIdSetTranslator::translate):
        (WebCore::ContentExtensions::SetTransitionsExcludingEpsilon::operator[]):
        (WebCore::ContentExtensions::SetTransitionsExcludingEpsilon::size):
        (WebCore::ContentExtensions::SetTransitionsExcludingEpsilon::begin):
        (WebCore::ContentExtensions::SetTransitionsExcludingEpsilon::end):
        (WebCore::ContentExtensions::populateTransitionsExcludingEpsilon):
        (WebCore::ContentExtensions::NFAToDFA::convert):
        (WebCore::ContentExtensions::setTransitionsExcludingEpsilon): Deleted.
        (WebCore::ContentExtensions::HashableNodeIdSet::HashableNodeIdSet): Deleted.
        (WebCore::ContentExtensions::HashableNodeIdSet::operator=): Deleted.
        (WebCore::ContentExtensions::HashableNodeIdSet::isEmptyValue): Deleted.
        (WebCore::ContentExtensions::HashableNodeIdSet::isDeletedValue): Deleted.
        (WebCore::ContentExtensions::HashableNodeIdSet::nodeIdSet): Deleted.
        (WebCore::ContentExtensions::HashableNodeIdSetHash::hash): Deleted.
        (WebCore::ContentExtensions::HashableNodeIdSetHash::equal): Deleted.
        (WebCore::ContentExtensions::addDFAState): Deleted.

2015-01-14  Chris Dumez  <cdumez@apple.com>

        Make 'TypeName' parameter unnecessary in CSSPropertyNames.in
        https://bugs.webkit.org/show_bug.cgi?id=140347

        Reviewed by Darin Adler.

        Make 'TypeName' parameter unnecessary in CSSPropertyNames.in by:
        - Removing the static_cast to the destination type in the generated
          StyleBuilder code and let compiler implicitly convert the
          CSSPrimitiveValue to the setter's argument type.
        - Updating conditional converters to return a WTF::Optional<>
          instead of returning a boolean and having an output argument
          passed by reference. This way, we can use "auto" in the generated
          StyleBuilder code to deduce the return type.

        * css/CSSPropertyNames.in:
        Drop TypeName parameter from all properties as it is no longer needed.

        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertGridTrackSize):
        (WebCore::StyleBuilderConverter::convertGridPosition):
        (WebCore::StyleBuilderConverter::convertWordSpacing):
        (WebCore::StyleBuilderConverter::convertPerspective):
        (WebCore::StyleBuilderConverter::convertMarqueeIncrement):
        (WebCore::StyleBuilderConverter::convertFilterOperations):
        (WebCore::StyleBuilderConverter::convertMaskImageOperations):
        Update conditional converters to return an Optional<>.

        * css/makeprop.pl:
        (generateValueSetter):
        Drop support for TypeName, stop using static_cast to destination
        type and update the generated code now that the conditional
        converters return an Optional.

        * platform/efl/RenderThemeEfl.cpp:
        (WebCore::RenderThemeEfl::systemFont):
        * platform/graphics/Font.cpp:
        (WebCore::Font::Font):
        * platform/graphics/FontDescription.h:
        (WebCore::FontDescription::setIsItalic):
        (WebCore::FontDescription::setIsSmallCaps):
        (WebCore::FontDescription::setItalic): Deleted.
        (WebCore::FontDescription::setSmallCaps): Deleted.
        * rendering/RenderThemeGtk.cpp:
        (WebCore::RenderThemeGtk::systemFont):
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::systemFont):
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::systemFont):
        * rendering/RenderThemeSafari.cpp:
        (WebCore::RenderThemeSafari::systemFont):
        * rendering/RenderThemeWin.cpp:
        (WebCore::fillFontDescription):
        * rendering/mathml/RenderMathMLToken.cpp:
        (WebCore::RenderMathMLToken::updateStyle):
        Now that we call the RenderStyle setters with a CSSPrimitiveValue
        and let it be implicitly converted to the right type, instead of
        doing an explicit static_cast, two setters on FontDescription
        were ambiguous: setItalic() / setSmallCaps(). Rename the overloads
        taking a boolean in argument to setIsItalic() / setIsSmallCaps()
        to resolve the ambiguity.

2015-01-14  Jer Noble  <jer.noble@apple.com>

        Null-deref crash when seeking immediately before looping.
        https://bugs.webkit.org/show_bug.cgi?id=140394

        Reviewed by Eric Carlson.

        It is possible for finishSeek() to be called when a seek() has caused a pending seek task
        to be scheduled, but before that pending seek task is run. In this case, if a seek request
        is issued, the existing pending seek task will not be cancelled, which will cause a crash
        when the pending seek task is run.

        When checking whether an existing seek task needs to be cancelled, check the actual timer,
        rather than the m_seeking boolean, so that this case is covered.

        Test: media/video-ended-seek-crash.html

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::seekWithTolerance):

2015-01-14  Brent Fulgham  <bfulgham@apple.com>

        [Win] Layout Test fast/css/crash-on-custom-cursor-when-loading.html is failing
        https://bugs.webkit.org/show_bug.cgi?id=140425

        Reviewed by Anders Carlsson.

        * platform/win/CursorWin.cpp:
        (WebCore::createSharedCursor): Return nullptr when operating system
        cannot support the requested icon specification.
        (WebCore::Cursor::ensurePlatformCursor): Check for 'createSharedCursor'
        returning nullptr, and fall back to the default icon construction.

2015-01-14  Carlos Garcia Campos  <cgarcia@igalia.com>

        REGRESSION(r178367): [GStreamer] Several media tests time out after r178367
        https://bugs.webkit.org/show_bug.cgi?id=140437

        Reviewed by Philippe Normand.

        Add implementation for MediaPlayerPrivate::rate() to GStreamer
        media backend.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::rate):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:

2015-01-13  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r178390, r178392, r178398, r178400,
        r178402, and r178410.
        https://bugs.webkit.org/show_bug.cgi?id=140431

        Way too many failures to skip (Requested by ap_ on #webkit).

        Reverted changesets:

        "WebGL2: Support webgl2 context creation."
        https://bugs.webkit.org/show_bug.cgi?id=126408
        http://trac.webkit.org/changeset/178390

        "Unreviewed iOS build fix after r178390."
        http://trac.webkit.org/changeset/178392

        "[Unreviewed] Windows build fix after r178390."
        http://trac.webkit.org/changeset/178398

        "[Unreviewed] Speculative test fix after r178390."
        http://trac.webkit.org/changeset/178400

        "[Unreviewed] Skip webgl tests for temporarily."
        https://bugs.webkit.org/show_bug.cgi?id=140423
        http://trac.webkit.org/changeset/178402

        "[EFL] Fix build after r178390"
        https://bugs.webkit.org/show_bug.cgi?id=140424
        http://trac.webkit.org/changeset/178410

2015-01-13  Hunseop Jeong  <hs85.jeong@samsung.com>

        [EFL] Fix build after r178390 
        https://bugs.webkit.org/show_bug.cgi?id=140424

        Reviewed by Csaba Osztrogonác.

        * CMakeLists.txt: 

2015-01-13  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Refactor TextFragment class.
        https://bugs.webkit.org/show_bug.cgi?id=140417

        Reviewed by Andreas Kling.

        Introduce text fragment type and use class member initializers.

        No change in functionality.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::TextFragment::TextFragment):
        (WebCore::SimpleLineLayout::LineState::addUncommitted):
        (WebCore::SimpleLineLayout::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::nextFragment):
        (WebCore::SimpleLineLayout::createLineRuns):

2015-01-13  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r178400.
        https://bugs.webkit.org/show_bug.cgi?id=140422

        Test fix breaks build (Requested by rfong on #webkit).

        Reverted changeset:

        "[Unreviewed] Speculative test fix after r178390."
        http://trac.webkit.org/changeset/178400

2015-01-13  Roger Fong  <roger_fong@apple.com>

        [Unreviewed] Speculative test fix after r178390.

        * html/canvas/WebGL1RenderingContext.idl:

2015-01-13  Roger Fong  <roger_fong@apple.com>

        [Unreviewed] Windows build fix after r178390.

        * DerivedSources.cpp:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * bindings/js/JSBindingsAllInOne.cpp:
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::create):

2015-01-13  Joseph Pecoraro  <pecoraro@apple.com>

        NSButtonCell leak allocated under WebCore::paintToggleButton
        https://bugs.webkit.org/show_bug.cgi?id=137014

        Reviewed by Alexey Proskuryakov.

        * platform/mac/ThemeMac.mm:
        (WebCore::createToggleButtonCell):
        Immediately adopt the NSButtonCell allocation.

        (WebCore::sharedRadioCell):
        (WebCore::sharedCheckboxCell):
        Move from the RetainPtr into the static variable.

        (WebCore::paintToggleButton):
        Use RetainPtr logic to better manage lifetimes.

2015-01-13  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Refactor SimpleLineLayout::nextFragment().
        https://bugs.webkit.org/show_bug.cgi?id=140407

        Reviewed by Andreas Kling.

        Simplify the code by using content specific branches with early returns.

        No change in functionality.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::nextFragment):

2015-01-13  Chris Dumez  <cdumez@apple.com>

        Unreviewed iOS build fix after r178390.

        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::CanvasRenderingContext2D):
        m_type is undeclared.

        * html/canvas/WebGLContextGroup.h:
        Fix bad include.

2015-01-13  Roger Fong  <roger_fong@apple.com>

        WebGL2: Support webgl2 context creation.
        https://bugs.webkit.org/show_bug.cgi?id=126408
        <rdar://problem/15002170>

        Reviewed by Dean Jackson.

        Tests covered by existing Khronos tests for WebGL 1.0 conformance.

        Create a WebGLRenderingContextBase class that extends to a WebGL1RenderingContext and WebGL2RenderingContext.
        Replace all previous instances of WebGLRenderingContext usages with WebGLRenderingContextBase usages for now.
        As the first step, the WebGL1 and WebGL2 contexts will have the exact same functionality.

        * CMakeLists.txt:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSCanvasRenderingContextCustom.cpp:
        (WebCore::toJS):
        * bindings/js/JSDocumentCustom.cpp:
        * bindings/js/JSHTMLCanvasElementCustom.cpp:
        * bindings/js/JSWebGL1RenderingContextCustom.cpp: Copied from Source/WebCore/bindings/js/JSWebGLRenderingContextCustom.cpp.
        * bindings/js/JSWebGL2RenderingContextCustom.cpp: Added.
        (WebCore::JSWebGL2RenderingContext::visitAdditionalChildren):
        * bindings/js/JSWebGLRenderingContextBaseCustom.cpp: Added.
        * bindings/js/JSWebGLRenderingContextCustom.cpp: Removed.
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::getContext):
        (WebCore::HTMLCanvasElement::is3dType):
        (WebCore::HTMLCanvasElement::reset):
        (WebCore::HTMLCanvasElement::paint):
        (WebCore::HTMLCanvasElement::getImageData):
        * html/canvas/ANGLEInstancedArrays.cpp:
        (WebCore::ANGLEInstancedArrays::ANGLEInstancedArrays):
        (WebCore::ANGLEInstancedArrays::supported):
        * html/canvas/ANGLEInstancedArrays.h:
        * html/canvas/CanvasRenderingContext.h:
        (WebCore::CanvasRenderingContext::type):
        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::CanvasRenderingContext2D):
        * html/canvas/EXTBlendMinMax.cpp:
        (WebCore::EXTBlendMinMax::EXTBlendMinMax):
        * html/canvas/EXTBlendMinMax.h:
        * html/canvas/EXTFragDepth.cpp:
        (WebCore::EXTFragDepth::EXTFragDepth):
        * html/canvas/EXTFragDepth.h:
        * html/canvas/EXTShaderTextureLOD.cpp:
        (WebCore::EXTShaderTextureLOD::EXTShaderTextureLOD):
        * html/canvas/EXTShaderTextureLOD.h:
        * html/canvas/EXTTextureFilterAnisotropic.cpp:
        (WebCore::EXTTextureFilterAnisotropic::EXTTextureFilterAnisotropic):
        * html/canvas/EXTTextureFilterAnisotropic.h:
        * html/canvas/EXTsRGB.cpp:
        (WebCore::EXTsRGB::EXTsRGB):
        * html/canvas/EXTsRGB.h:
        * html/canvas/OESElementIndexUint.cpp:
        (WebCore::OESElementIndexUint::OESElementIndexUint):
        * html/canvas/OESElementIndexUint.h:
        * html/canvas/OESStandardDerivatives.cpp:
        (WebCore::OESStandardDerivatives::OESStandardDerivatives):
        * html/canvas/OESStandardDerivatives.h:
        * html/canvas/OESTextureFloat.cpp:
        (WebCore::OESTextureFloat::OESTextureFloat):
        * html/canvas/OESTextureFloat.h:
        * html/canvas/OESTextureFloatLinear.cpp:
        (WebCore::OESTextureFloatLinear::OESTextureFloatLinear):
        * html/canvas/OESTextureFloatLinear.h:
        * html/canvas/OESTextureHalfFloat.cpp:
        (WebCore::OESTextureHalfFloat::OESTextureHalfFloat):
        * html/canvas/OESTextureHalfFloat.h:
        * html/canvas/OESTextureHalfFloatLinear.cpp:
        (WebCore::OESTextureHalfFloatLinear::OESTextureHalfFloatLinear):
        * html/canvas/OESTextureHalfFloatLinear.h:
        * html/canvas/OESVertexArrayObject.cpp:
        (WebCore::OESVertexArrayObject::OESVertexArrayObject):
        * html/canvas/OESVertexArrayObject.h:
        * html/canvas/WebGL1RenderingContext.cpp: Copied from Source/WebCore/html/canvas/WebGLRenderingContext.cpp.
        * html/canvas/WebGL1RenderingContext.h: Copied from Source/WebCore/html/canvas/WebGLRenderingContext.h.
        * html/canvas/WebGL1RenderingContext.idl: Copied from Source/WebCore/html/canvas/WebGLRenderingContext.idl.
        * html/canvas/WebGL2RenderingContext.cpp: Added.
        (WebCore::WebGL2RenderingContext::WebGL2RenderingContext):
        * html/canvas/WebGL2RenderingContext.h: Added.
        * html/canvas/WebGL2RenderingContext.idl: Added.
        * html/canvas/WebGLBuffer.cpp:
        (WebCore::WebGLBuffer::create):
        (WebCore::WebGLBuffer::WebGLBuffer):
        * html/canvas/WebGLBuffer.h:
        * html/canvas/WebGLCompressedTextureATC.cpp:
        (WebCore::WebGLCompressedTextureATC::WebGLCompressedTextureATC):
        (WebCore::WebGLCompressedTextureATC::supported):
        * html/canvas/WebGLCompressedTextureATC.h:
        * html/canvas/WebGLCompressedTexturePVRTC.cpp:
        (WebCore::WebGLCompressedTexturePVRTC::WebGLCompressedTexturePVRTC):
        (WebCore::WebGLCompressedTexturePVRTC::supported):
        * html/canvas/WebGLCompressedTexturePVRTC.h:
        * html/canvas/WebGLCompressedTextureS3TC.cpp:
        (WebCore::WebGLCompressedTextureS3TC::WebGLCompressedTextureS3TC):
        (WebCore::WebGLCompressedTextureS3TC::supported):
        * html/canvas/WebGLCompressedTextureS3TC.h:
        * html/canvas/WebGLContextGroup.cpp:
        (WebCore::WebGLContextGroup::getAGraphicsContext3D):
        (WebCore::WebGLContextGroup::addContext):
        (WebCore::WebGLContextGroup::removeContext):
        (WebCore::WebGLContextGroup::loseContextGroup):
        * html/canvas/WebGLContextGroup.h:
        * html/canvas/WebGLContextObject.cpp:
        (WebCore::WebGLContextObject::WebGLContextObject):
        * html/canvas/WebGLContextObject.h:
        (WebCore::WebGLContextObject::context):
        * html/canvas/WebGLDebugRendererInfo.cpp:
        (WebCore::WebGLDebugRendererInfo::WebGLDebugRendererInfo):
        * html/canvas/WebGLDebugRendererInfo.h:
        * html/canvas/WebGLDebugShaders.cpp:
        (WebCore::WebGLDebugShaders::WebGLDebugShaders):
        * html/canvas/WebGLDebugShaders.h:
        * html/canvas/WebGLDepthTexture.cpp:
        (WebCore::WebGLDepthTexture::WebGLDepthTexture):
        * html/canvas/WebGLDepthTexture.h:
        * html/canvas/WebGLDrawBuffers.cpp:
        (WebCore::WebGLDrawBuffers::WebGLDrawBuffers):
        (WebCore::WebGLDrawBuffers::supported):
        (WebCore::WebGLDrawBuffers::satisfiesWebGLRequirements):
        * html/canvas/WebGLDrawBuffers.h:
        * html/canvas/WebGLExtension.cpp:
        (WebCore::WebGLExtension::WebGLExtension):
        * html/canvas/WebGLExtension.h:
        (WebCore::WebGLExtension::context):
        * html/canvas/WebGLFramebuffer.cpp:
        (WebCore::WebGLFramebuffer::create):
        (WebCore::WebGLFramebuffer::WebGLFramebuffer):
        * html/canvas/WebGLFramebuffer.h:
        * html/canvas/WebGLLoseContext.cpp:
        (WebCore::WebGLLoseContext::WebGLLoseContext):
        (WebCore::WebGLLoseContext::loseContext):
        * html/canvas/WebGLLoseContext.h:
        * html/canvas/WebGLObject.cpp:
        (WebCore::WebGLObject::WebGLObject):
        * html/canvas/WebGLObject.h:
        * html/canvas/WebGLProgram.cpp:
        (WebCore::WebGLProgram::create):
        (WebCore::WebGLProgram::WebGLProgram):
        * html/canvas/WebGLProgram.h:
        * html/canvas/WebGLRenderbuffer.cpp:
        (WebCore::WebGLRenderbuffer::create):
        (WebCore::WebGLRenderbuffer::WebGLRenderbuffer):
        * html/canvas/WebGLRenderbuffer.h:
        * html/canvas/WebGLRenderingContext.cpp: Removed.
        * html/canvas/WebGLRenderingContext.h: Removed.
        * html/canvas/WebGLRenderingContext.idl: Removed.
        * html/canvas/WebGLRenderingContextBase.cpp: Added.
        * html/canvas/WebGLRenderingContextBase.h: Added.
        * html/canvas/WebGLRenderingContextBase.idl: Added.
        * html/canvas/WebGLShader.cpp:
        (WebCore::WebGLShader::create):
        (WebCore::WebGLShader::WebGLShader):
        * html/canvas/WebGLShader.h:
        * html/canvas/WebGLSharedObject.cpp:
        (WebCore::WebGLSharedObject::WebGLSharedObject):
        * html/canvas/WebGLSharedObject.h:
        * html/canvas/WebGLTexture.cpp:
        (WebCore::WebGLTexture::create):
        (WebCore::WebGLTexture::WebGLTexture):
        * html/canvas/WebGLTexture.h:
        * html/canvas/WebGLVertexArrayObjectOES.cpp:
        (WebCore::WebGLVertexArrayObjectOES::create):
        (WebCore::WebGLVertexArrayObjectOES::WebGLVertexArrayObjectOES):
        * html/canvas/WebGLVertexArrayObjectOES.h:

2015-01-13  Chris Dumez  <cdumez@apple.com>

        Unreviewed, fix Mac build after r178388

        FontRanges::isEmpty() -> FontRanges::isNull().

        * platform/graphics/mac/FontComplexTextMac.cpp:
        (WebCore::Font::fontDataForCombiningCharacterSequence):

2015-01-13  Antti Koivisto  <antti@apple.com>

        Devirtualize FontData
        https://bugs.webkit.org/show_bug.cgi?id=140390

        Reviewed by Andreas Kling.

        This patch removes the FontData base class and turns SegmentedFontData into a non-virtual FontRanges type.

        SimpleFontData remains as is (without the base) and it can be renamed later to something more sensible.

        * WebCore.exp.in:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::fontRangesForFamily):
        (WebCore::CSSFontSelector::fallbackFontDataAt):
        (WebCore::CSSFontSelector::getFontData): Deleted.
        (WebCore::CSSFontSelector::getFallbackFontData): Deleted.
        * css/CSSFontSelector.h:
        * css/CSSSegmentedFontFace.cpp:
        (WebCore::CSSSegmentedFontFace::pruneTable):
        (WebCore::appendFontDataWithInvalidUnicodeRangeIfLoading):
        (WebCore::CSSSegmentedFontFace::fontRanges):
        (WebCore::CSSSegmentedFontFace::loadFont):
        (WebCore::CSSSegmentedFontFace::getFontData): Deleted.
        * css/CSSSegmentedFontFace.h:
        * platform/graphics/Font.h:
        (WebCore::Font::fallbackRangesAt):
        (WebCore::Font::fontDataAt): Deleted.
        * platform/graphics/FontData.cpp: Removed.
        * platform/graphics/FontData.h: Removed.
        * platform/graphics/FontGlyphs.cpp:
        (WebCore::FontGlyphs::FontGlyphs):
        (WebCore::FontGlyphs::determinePitch):
        (WebCore::FontGlyphs::isLoadingCustomFonts):
        (WebCore::realizeNextFallback):
        (WebCore::FontGlyphs::realizeFallbackRangesAt):
        (WebCore::FontGlyphs::glyphDataForSystemFallback):
        (WebCore::FontGlyphs::glyphDataForVariant):
        (WebCore::FontGlyphs::glyphDataForNormalVariant):
        (WebCore::glyphPageFromFontRanges):
        (WebCore::FontGlyphs::glyphDataForCharacter):
        (WebCore::realizeNextFamily): Deleted.
        (WebCore::FontGlyphs::realizeFontDataAt): Deleted.
        (WebCore::glyphPageFromFontData): Deleted.
        * platform/graphics/FontGlyphs.h:
        (WebCore::FontGlyphs::primarySimpleFontData):
        * platform/graphics/FontRanges.cpp: Copied from Source/WebCore/platform/graphics/SegmentedFontData.cpp.
        (WebCore::FontRanges::FontRanges):
        (WebCore::FontRanges::~FontRanges):
        (WebCore::FontRanges::fontDataForCharacter):
        (WebCore::FontRanges::fontDataForFirstRange):
        (WebCore::FontRanges::isLoading):
        (WebCore::SegmentedFontData::SegmentedFontData): Deleted.
        (WebCore::SegmentedFontData::~SegmentedFontData): Deleted.
        (WebCore::SegmentedFontData::simpleFontDataForCharacter): Deleted.
        (WebCore::SegmentedFontData::simpleFontDataForFirstRange): Deleted.
        (WebCore::SegmentedFontData::isCustomFont): Deleted.
        (WebCore::SegmentedFontData::isLoading): Deleted.
        (WebCore::SegmentedFontData::isSegmented): Deleted.
        (WebCore::SegmentedFontData::description): Deleted.
        * platform/graphics/FontRanges.h: Copied from Source/WebCore/platform/graphics/SegmentedFontData.h.
        (WebCore::FontRanges::Range::Range):
        (WebCore::FontRanges::Range::from):
        (WebCore::FontRanges::Range::to):
        (WebCore::FontRanges::Range::fontData):
        (WebCore::FontRanges::isEmpty):
        (WebCore::FontRanges::appendRange):
        (WebCore::FontRanges::size):
        (WebCore::FontRanges::rangeAt):
        (WebCore::FontDataRange::FontDataRange): Deleted.
        (WebCore::FontDataRange::from): Deleted.
        (WebCore::FontDataRange::to): Deleted.
        (WebCore::FontDataRange::fontData): Deleted.
        (WebCore::SegmentedFontData::create): Deleted.
        (WebCore::SegmentedFontData::appendRange): Deleted.
        (WebCore::SegmentedFontData::numRanges): Deleted.
        (WebCore::SegmentedFontData::rangeAt): Deleted.
        (isType): Deleted.
        * platform/graphics/FontSelector.h:
        * platform/graphics/SegmentedFontData.cpp: Removed.
        * platform/graphics/SegmentedFontData.h: Removed.
        * platform/graphics/SimpleFontData.cpp:
        (WebCore::SimpleFontData::simpleFontDataForCharacter): Deleted.
        (WebCore::SimpleFontData::simpleFontDataForFirstRange): Deleted.
        (WebCore::SimpleFontData::isSegmented): Deleted.
        * platform/graphics/SimpleFontData.h:
        (WebCore::SimpleFontData::isCustomFont):
        (WebCore::SimpleFontData::isLoading):
        (isType): Deleted.
        * platform/graphics/mac/ComplexTextControllerCoreText.mm:
        (-[WebCascadeList initWithFont:character:]):
        (-[WebCascadeList objectAtIndex:]):
        (WebCore::ComplexTextController::collectComplexTextRunsForCharacters):
        * platform/graphics/mac/FontComplexTextMac.cpp:
        (WebCore::Font::fontDataForCombiningCharacterSequence):

2015-01-13  Dean Jackson  <dino@apple.com>

        Filters aren't applied to elements in columns after the first
        https://bugs.webkit.org/show_bug.cgi?id=140331

        Reviewed by Simon Fraser.

        The important bits of this change came from Simon.

        Filters and clipping were not taking columns into
        account when using their offset rectangles. The fix
        is to recalculate the rects if you're in such a
        situation.

        Tests: fast/multicol/clip-in-columns.html
               fast/multicol/filter-in-columns.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::hasFilterThatIsPainting): New method used
        to check if we're about to paint a filter.
        (WebCore::RenderLayer::setupFilters): Use the new helper if possible.
        (WebCore::RenderLayer::paintLayerContents): If we're in columns,
        and we either have a clip or a filter, recalculate the offset rectangles.
        * rendering/RenderLayer.h:

2015-01-13  Beth Dakin  <bdakin@apple.com>

        Should disable immediate actions for iTunes
        https://bugs.webkit.org/show_bug.cgi?id=140405
        -and corresponding-
        rdar://problem/19461358

        Reviewed by Tim Horton.

        * WebCore.exp.in:

2015-01-13  Anders Carlsson  <andersca@apple.com>

        Remove pure virtual functions from DatabaseBackendBase
        https://bugs.webkit.org/show_bug.cgi?id=140402

        Reviewed by Sam Weinig.

        Also change DatabaseBackendBase to Database in a couple of places.

        * Modules/webdatabase/DatabaseBackendBase.cpp:
        (WebCore::DatabaseBackendBase::closeDatabase):
        (WebCore::DoneCreatingDatabaseOnExitCaller::~DoneCreatingDatabaseOnExitCaller):
        (WebCore::DatabaseBackendBase::performOpenAndVerify):
        (WebCore::DatabaseBackendBase::maximumSize):
        * Modules/webdatabase/DatabaseBackendBase.h:
        * Modules/webdatabase/DatabaseServer.cpp:
        (WebCore::DatabaseServer::createDatabase):
        * Modules/webdatabase/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::getMaxSizeForDatabase):
        (WebCore::DatabaseTracker::doneCreatingDatabase):
        (WebCore::DatabaseTracker::addOpenDatabase):
        (WebCore::DatabaseTracker::removeOpenDatabase):
        (WebCore::DatabaseTracker::getOpenDatabases):
        (WebCore::DatabaseTracker::deleteDatabaseFile):
        * Modules/webdatabase/DatabaseTracker.h:

2015-01-13  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Remove unused ResizeImage and DecodeImageData timeline events
        https://bugs.webkit.org/show_bug.cgi?id=140404

        Reviewed by Timothy Hatcher.

        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::toProtocol):
        * inspector/InspectorTimelineAgent.h:
        * inspector/TimelineRecordFactory.cpp:
        (WebCore::TimelineRecordFactory::createDecodeImageData): Deleted.
        (WebCore::TimelineRecordFactory::createResizeImageData): Deleted.
        * inspector/TimelineRecordFactory.h:

2015-01-13  Jer Noble  <jer.noble@apple.com>

        defaultPlaybackRate not respected when set before source is loaded
        https://bugs.webkit.org/show_bug.cgi?id=140282

        Reviewed by Eric Carlson.

        Test: media/video-defaultplaybackrate-before-load.html

        When the HTMLMediaElement is notified that the media player's rate has changed, it asks
        for the rate from MediaPlayer. However, MediaPlayer never requests the playback rate
        from the underlying MediaPlayerPrivate; it just returns the last rate which was set, or
        1 if no rate was set. HTMLMediaElement then sets its playbackRate to the returned
        value. So the end result is that the value from defaultPlaybackRate is overwritten by
        the default value of 1 in MediaPlayer.

        Rather than caching the requested rate in MediaPlayer, cache the value reported by
        MediaPlayer inside HTMLMediaElement. And instead of returning the reported playback
        rate from HTMLMediaElement.playbackRate, just return the last value set. The reported
        value is still used for estimating the current time during playback.

        Add MediaPlayerPrivate interface method to return the current playback rate.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement): Initialize m_reportedPlaybackRate.
        (WebCore::HTMLMediaElement::effectivePlaybackRate): Return m_reportedPlaybackRate.
        (WebCore::HTMLMediaElement::requestedPlaybackRate): Return m_playbackRate.
        (WebCore::HTMLMediaElement::updatePlaybackRate): Use requestedPlaybackRate() instead
            of effectivePlaybackRate();
        (WebCore::HTMLMediaElement::ended): Ditto.
        (WebCore::HTMLMediaElement::playbackProgressTimerFired): Ditto.
        (WebCore::HTMLMediaElement::endedPlayback): Ditto.
        (WebCore::HTMLMediaElement::updatePlayState): Ditto.
        (WebCore::HTMLMediaElement::mediaPlayerTimeChanged): Ditto.
        (WebCore::HTMLMediaElement::mediaPlayerRateChanged): Set m_reportedPlaybackRate.
        (WebCore::HTMLMediaElement::mediaPlayerRequestedPlaybackRate): Return
            requestedPlaybackRate() if playing and 0 if not.
        * html/HTMLMediaElement.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::MediaPlayer): Removed m_rate.
        (WebCore::MediaPlayer::rate): Pass to MediaPlayerPrivate.
        (WebCore::MediaPlayer::setRate): Do not cache the rate.
        (WebCore::MediaPlayer::requestedRate): Added; ask HTMLMediaElement.
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerClient::mediaPlayerRequestedPlaybackRate): Added.
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::rate): Added.
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::MediaPlayerPrivateAVFoundation):
            Do not cache the requested rate.
        (WebCore::MediaPlayerPrivateAVFoundation::requestedRate): Pass to MediaPlayer.
        (WebCore::MediaPlayerPrivateAVFoundation::setRate): Deleted.
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
        (WebCore::MediaPlayerPrivateAVFoundation::requestedRate): Deleted.
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        (WebCore::MediaPlayerPrivateAVFoundationCF::setRate): Renamed from updateRate.
        (WebCore::MediaPlayerPrivateAVFoundationCF::rate): Fetch the rate from the player.
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setRateDouble): Renamed from updateRate.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::rate): Fetch the rate from the player.
        * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::rate): Fetch the rate from the QTMovie.

2015-01-13  Andreas Kling  <akling@apple.com>

        Element::normalizeAttributes() needs to handle arbitrary JS executing between loop iterations.
        <https://webkit.org/b/140379>
        <rdar://problem/19446901>

        Reviewed by Benjamin Poulain.

        Since DOM mutation events may arise below the call to Node::normalize(),
        have the loop in Element::normalizeAttributes() make a copy of the Attr nodes
        beforehand, to guard against mutations.

        Based on a patch by Chris "Chris Dumez" Dumez.

        Test: fast/dom/Element/normalize-crash2.html

        * dom/Element.cpp:
        (WebCore::Element::normalizeAttributes):

2015-01-13  Shivakumar JM  <shiva.jm@samsung.com>

        Fix Debug Build Error in Webcore module.
        https://bugs.webkit.org/show_bug.cgi?id=140383

        Reviewed by Csaba Osztrogonác.

        No new tests because there is no visible behavior change.

        * platform/linux/MemoryPressureHandlerLinux.cpp:
        (WebCore::MemoryPressureHandler::ReliefLogger::platformLog):

2015-01-12  Benjamin Poulain  <benjamin@webkit.org>

        Fix a typo in r178313

        * contentextensions/URLFilterParser.cpp:
        (WebCore::ContentExtensions::GraphBuilder::atomPatternCharacter):

2015-01-12  Benjamin Poulain  <benjamin@webkit.org>

        Add basic pattern matching support to the url filters
        https://bugs.webkit.org/show_bug.cgi?id=140283

        Reviewed by Andreas Kling.

        This patch adds some basic generic pattern support for the url filters
        of ContentExtensions.

        Instead of writting a new parser, I re-used Gavin's parser for JavaScript
        RegExp.

        This patch only implements the very basic stuffs: transition on any character
        and repetition.

        * WebCore.xcodeproj/project.pbxproj:
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::setRuleList):
        Use the new parser.

        * contentextensions/DFA.cpp:
        (WebCore::ContentExtensions::DFA::DFA):
        (WebCore::ContentExtensions::printRange):
        (WebCore::ContentExtensions::printTransition):
        (WebCore::ContentExtensions::DFA::debugPrintDot):
        * contentextensions/NFA.cpp:
        (WebCore::ContentExtensions::printRange):
        (WebCore::ContentExtensions::printTransition):
        (WebCore::ContentExtensions::NFA::debugPrintDot):
        The graphs generated with the extended patterns are vastly more complicated
        than the old prefix matcher.
        I changed the debug output to have a single link between any two nodes
        instead of one per transition. This makes the graph a little more manageable.

        * contentextensions/NFA.cpp:
        (WebCore::ContentExtensions::NFA::addTransition):
        (WebCore::ContentExtensions::NFA::addEpsilonTransition):
        (WebCore::ContentExtensions::NFA::graphSize):
        (WebCore::ContentExtensions::NFA::restoreToGraphSize):
        * contentextensions/NFA.h:
        * contentextensions/NFANode.h:
        (WebCore::ContentExtensions::epsilonClosure):
        The new parser can generate transitions back to the root node of index zero.
        All the hash structures had to be updated to support this kind of key.

        * contentextensions/NFAToDFA.cpp:
        (WebCore::ContentExtensions::HashableNodeIdSetHash::hash):
        Two tiny improvements:
        -Don't hash zero to zero, it causes more conflicts that needed.
        -The hash operation must use a commutative operation, otherwise the order
         of elements can affect the hash, which is undesired for a set.
        I'll improve this further later.

        (WebCore::ContentExtensions::NFAToDFA::convert):

        * contentextensions/URLFilterParser.cpp: Added.
        (WebCore::ContentExtensions::GraphBuilder::GraphBuilder):
        (WebCore::ContentExtensions::GraphBuilder::m_lastAtom):
        (WebCore::ContentExtensions::GraphBuilder::finalize):
        (WebCore::ContentExtensions::GraphBuilder::errorMessage):
        (WebCore::ContentExtensions::GraphBuilder::atomPatternCharacter):
        (WebCore::ContentExtensions::GraphBuilder::atomBuiltInCharacterClass):
        (WebCore::ContentExtensions::GraphBuilder::quantifyAtom):
        (WebCore::ContentExtensions::GraphBuilder::atomBackReference):
        (WebCore::ContentExtensions::GraphBuilder::atomCharacterClassAtom):
        (WebCore::ContentExtensions::GraphBuilder::assertionBOL):
        (WebCore::ContentExtensions::GraphBuilder::assertionEOL):
        (WebCore::ContentExtensions::GraphBuilder::assertionWordBoundary):
        (WebCore::ContentExtensions::GraphBuilder::atomCharacterClassBegin):
        (WebCore::ContentExtensions::GraphBuilder::atomCharacterClassRange):
        (WebCore::ContentExtensions::GraphBuilder::atomCharacterClassBuiltIn):
        (WebCore::ContentExtensions::GraphBuilder::atomCharacterClassEnd):
        (WebCore::ContentExtensions::GraphBuilder::atomParenthesesSubpatternBegin):
        (WebCore::ContentExtensions::GraphBuilder::atomParentheticalAssertionBegin):
        (WebCore::ContentExtensions::GraphBuilder::atomParenthesesEnd):
        (WebCore::ContentExtensions::GraphBuilder::disjunction):
        (WebCore::ContentExtensions::GraphBuilder::hasError):
        (WebCore::ContentExtensions::GraphBuilder::fail):
        (WebCore::ContentExtensions::URLFilterParser::parse):
        * contentextensions/URLFilterParser.h:
        (WebCore::ContentExtensions::URLFilterParser::hasError):
        (WebCore::ContentExtensions::URLFilterParser::errorMessage):

2015-01-11  Sam Weinig  <sam@webkit.org>

        Remove support for SharedWorkers
        https://bugs.webkit.org/show_bug.cgi?id=140344

        Reviewed by Anders Carlsson.

        * CMakeLists.txt:
        * Configurations/FeatureDefines.xcconfig:
        * DerivedSources.cpp:
        * DerivedSources.make:
        * PlatformGTK.cmake:
        * PlatformMac.cmake:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/generic/RuntimeEnabledFeatures.cpp:
        (WebCore::RuntimeEnabledFeatures::sharedWorkerEnabled): Deleted.
        * bindings/generic/RuntimeEnabledFeatures.h:
        * bindings/js/JSBindingsAllInOne.cpp:
        * bindings/js/JSDOMWindowCustom.cpp:
        * bindings/js/JSSharedWorkerCustom.cpp: Removed.
        * bindings/js/JSWorkerGlobalScopeBase.cpp:
        (WebCore::toJSWorkerGlobalScope):
        (WebCore::toJSSharedWorkerGlobalScope): Deleted.
        * bindings/js/JSWorkerGlobalScopeBase.h:
        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::initScript):
        * bindings/scripts/IDLAttributes.txt:
        * bindings/scripts/preprocess-idls.pl:
        * dom/Document.cpp:
        (WebCore::Document::prepareForDestruction):
        * dom/EventTarget.h:
        * dom/EventTargetFactory.in:
        * history/PageCache.cpp:
        (WebCore::logCanCacheFrameDecision):
        (WebCore::PageCache::canCachePageContainingThisFrame):
        * loader/FrameLoader.cpp:
        * page/SecurityOrigin.h:
        (WebCore::SecurityOrigin::canAccessLocalStorage):
        (WebCore::SecurityOrigin::canAccessSharedWorkers): Deleted.
        * platform/FeatureCounterKeys.h:
        * platform/PlatformStrategies.h:
        (WebCore::PlatformStrategies::PlatformStrategies):
        (WebCore::PlatformStrategies::sharedWorkerStrategy): Deleted.
        * workers/DefaultSharedWorkerRepository.cpp: Removed.
        * workers/DefaultSharedWorkerRepository.h: Removed.
        * workers/SharedWorker.cpp: Removed.
        * workers/SharedWorker.h: Removed.
        * workers/SharedWorker.idl: Removed.
        * workers/SharedWorkerGlobalScope.cpp: Removed.
        * workers/SharedWorkerGlobalScope.h: Removed.
        * workers/SharedWorkerGlobalScope.idl: Removed.
        * workers/SharedWorkerRepository.cpp: Removed.
        * workers/SharedWorkerRepository.h: Removed.
        * workers/SharedWorkerStrategy.h: Removed.
        * workers/SharedWorkerThread.cpp: Removed.
        * workers/SharedWorkerThread.h: Removed.
        * workers/WorkerGlobalScope.h:
        (WebCore::WorkerGlobalScope::isSharedWorkerGlobalScope): Deleted.

2015-01-12  Byungseon Shin  <sun.shin@lge.com>

        REGRESSION(r178029): [GTK][EFL] Caused no-backing-for-clip-overlap test failures
        https://bugs.webkit.org/show_bug.cgi?id=140336

        Reviewed by Simon Fraser.

        Avoid creating childClippingMaskLayer when renderer has not border radius nor clip path.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateChildClippingStrategy):

2015-01-12  Myles C. Maxfield  <mmaxfield@apple.com>

        [Apple] Squelch stderr log regarding negative stroke thickness
        https://bugs.webkit.org/show_bug.cgi?id=140372
        <rdar://problem/19426485>

        Reviewed by Eric Carlson.

        No new tests because there is no visible behavior change.

        * platform/graphics/cg/GraphicsContextCG.cpp:
        (WebCore::GraphicsContext::setPlatformStrokeThickness):

2015-01-12  Timothy Horton  <timothy_horton@apple.com>

        Get rid of unnecessary reimplementations of CGFloor/Ceiling
        https://bugs.webkit.org/show_bug.cgi?id=140375

        Reviewed by Simon Fraser.

        * platform/mac/DragImageMac.mm:
        (WebCore::widthWithFont):
        (WebCore::drawAtPoint):
        (WebCore::webkit_CGCeiling): Deleted.
        * platform/mac/WebVideoFullscreenHUDWindowController.mm:
        (-[WebVideoFullscreenHUDWindowController windowDidLoad]):
        (webkit_CGFloor): Deleted.
        Delete unnecessary code, use the real CGFloor/Ceiling instead.

2015-01-12  Timothy Horton  <timothy_horton@apple.com>

        REGRESSION (r177656): Text in find-in-page yellow bouncy rectangle is not crisp
        https://bugs.webkit.org/show_bug.cgi?id=140373
        <rdar://problem/19447156>

        Reviewed by Simon Fraser.

        * page/mac/TextIndicatorWindow.mm:
        (WebCore::TextIndicatorWindow::setTextIndicator):
        Expand the window margin to the nearest integer.
        The window was already being pixel-snapped, but then we'd translate by
        the non-integral margin when building up the layer tree.
        It's OK to do this on 2x because it's fine to have the margin be bigger
        than needed.

        * platform/spi/cg/CoreGraphicsSPI.h:
        Add a CGCeiling to match CGFloor.

2015-01-12  Andreas Kling  <akling@apple.com>

        Guard web thread stuff with USE(WEB_THREAD) instead of PLATFORM(IOS).

        Dan pointed out that we should guard WebThreadIsLockedOrDisabled() with
        USE(WEB_THREAD) to communicate our ambitions to someday have an iOS
        build of WebKit that doesn't need any of that.

        * Modules/geolocation/Geolocation.cpp:
        (WebCore::Geolocation::resume):

2015-01-12  Andreas Kling  <akling@apple.com>

        Fix build for non-iOS platforms. :|

        * Modules/geolocation/Geolocation.cpp:
        (WebCore::Geolocation::resume):

2015-01-12  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        [Freetype] Don't use non-scalable fonts.
        https://bugs.webkit.org/show_bug.cgi?id=31931

        Reviewed by Martin Robinson.

        No new tests needed.

        * platform/graphics/freetype/FontCacheFreeType.cpp:
        (WebCore::FontCache::createFontPlatformData): Prefer scalable fonts.

2015-01-12  Andreas Kling  <akling@apple.com>

        Geolocation objects shouldn't prevent page caching.
        <https://webkit.org/b/140369>

        Reviewed by Joseph Pecoraro.

        Enable the code for suspend/resume of Geolocation objects on all platforms
        instead of just iOS. This allows pages using geolocation to use page cache
        instead of reloading on back/forward navigation.

        Test: fast/history/page-cache-geolocation.html

        * Modules/geolocation/Geolocation.cpp:
        (WebCore::Geolocation::Geolocation):
        (WebCore::Geolocation::resetAllGeolocationPermission):
        (WebCore::Geolocation::stop):
        (WebCore::Geolocation::setIsAllowed):
        (WebCore::Geolocation::positionChanged):
        (WebCore::Geolocation::setError):
        * Modules/geolocation/Geolocation.h:

2015-01-12  Chris Dumez  <cdumez@apple.com>

        Log navigation types using DiagnosticLoggingClient
        https://bugs.webkit.org/show_bug.cgi?id=140323

        Reviewed by Darin Adler.

        Log navigation types using DiagnosticLoggingClient to help us understand
        what types of navigations are common and give us an estimate on the
        total number of navigations.

        * loader/FrameLoader.cpp:
        (WebCore::logNavigation):
        (WebCore::FrameLoader::loadWithDocumentLoader):
        (WebCore::logNavigationWithFeatureCounter): Deleted.
        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::navigationKey):
        * page/DiagnosticLoggingKeys.h:

2015-01-12  Brian J. Burg  <burg@cs.washington.edu>

        Web Inspector: ASSERT under WebCore::InspectorResourceAgent::loadResource
        https://bugs.webkit.org/show_bug.cgi?id=140367

        Reviewed by Andreas Kling.

        * inspector/InspectorResourceAgent.cpp:
        (WebCore::InspectorResourceAgent::loadResource): use copyRef() instead of move(),
        since we check the callback after giving it to the loader client.

2015-01-12  Anders Carlsson  <andersca@apple.com>

        Move DatabaseBackend functions back to Database
        https://bugs.webkit.org/show_bug.cgi?id=140368

        Reviewed by Sam Weinig.

        * Modules/webdatabase/Database.cpp:
        (WebCore::Database::openAndVerifyVersion):
        (WebCore::Database::close):
        (WebCore::Database::performOpenAndVerify):
        (WebCore::Database::scheduleTransaction):
        (WebCore::Database::runTransaction):
        (WebCore::Database::scheduleTransactionStep):
        (WebCore::Database::inProgressTransactionCompleted):
        (WebCore::Database::transactionClient):
        (WebCore::Database::transactionCoordinator):
        * Modules/webdatabase/Database.h:
        * Modules/webdatabase/DatabaseBackend.cpp:
        (WebCore::DatabaseBackend::openAndVerifyVersion): Deleted.
        (WebCore::DatabaseBackend::performOpenAndVerify): Deleted.
        (WebCore::DatabaseBackend::close): Deleted.
        (WebCore::DatabaseBackend::runTransaction): Deleted.
        (WebCore::DatabaseBackend::inProgressTransactionCompleted): Deleted.
        (WebCore::DatabaseBackend::scheduleTransaction): Deleted.
        (WebCore::DatabaseBackend::scheduleTransactionStep): Deleted.
        (WebCore::DatabaseBackend::transactionClient): Deleted.
        (WebCore::DatabaseBackend::transactionCoordinator): Deleted.
        * Modules/webdatabase/DatabaseBackend.h:
        * Modules/webdatabase/DatabaseThread.cpp:
        (WebCore::DatabaseThread::recordDatabaseOpen):
        (WebCore::DatabaseThread::recordDatabaseClosed):
        (WebCore::SameDatabasePredicate::SameDatabasePredicate):
        (WebCore::DatabaseThread::unscheduleDatabaseTasks):
        * Modules/webdatabase/DatabaseThread.h:
        * Modules/webdatabase/SQLTransactionBackend.cpp:
        (WebCore::SQLTransactionBackend::create):
        (WebCore::SQLTransactionBackend::SQLTransactionBackend):
        * Modules/webdatabase/SQLTransactionBackend.h:
        (WebCore::SQLTransactionBackend::database):

2015-01-12  Myles C. Maxfield  <mmaxfield@apple.com>

        Addressing post-review comment after r178292
        https://bugs.webkit.org/show_bug.cgi?id=136769

        Unreviewed.

        * loader/cache/CachedFont.cpp:
        (WebCore::CachedFont::ensureCustomFontData):

2015-01-12  Myles C. Maxfield  <mmaxfield@apple.com>

        Allow targetting the SVG->OTF font converter with ENABLE(SVG_OTF_CONVERTER)
        https://bugs.webkit.org/show_bug.cgi?id=136769

        Reviewed by Antti Koivisto.

        If ENABLE(SVG_OTF_CONVERTER) is defined, use the converter. It can be defined at the same
        time as ENABLE(SVG_FONTS) but, if so, the SVG font code will be dead code.

        No new tests because the define is off by default. Tests will come soon, I promise.

        * Configurations/FeatureDefines.xcconfig:
        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::getFontData): When creating a font, if the ENABLE is on,
        do the transcode and take the non-SVG path.
        (WebCore::CSSFontFaceSource::ensureFontData): Pass extra arguments to
        CachedFont::ensureCustomFontData()
        * css/CSSFontFaceSource.h: For the case of in-document SVG fonts, keep the transcoded
        bytes around.
        * loader/cache/CachedFont.cpp:
        (WebCore::CachedFont::ensureCustomFontData): For out-of-document SVG fonts, do the
        transcode if the ENABLE is on, then treat as if the font is any old webfont.
        (WebCore::CachedFont::getSVGFontById): This function looks up the relevant <font>
        element. Modify it to take a pointer to a (possibly external) document within which
        to search.
        * loader/cache/CachedFont.h: Extra arguments to CachedFont::ensureCustomFontData()
        and CachedFont::getSVGFontById()

2015-01-12  Zan Dobersek  <zdobersek@igalia.com>

        Clean up FrameTree::traverseNext() traversals of main frames
        https://bugs.webkit.org/show_bug.cgi?id=140338

        Reviewed by Andreas Kling.

        There's no reason to pass the main frame as the stayWithin parameter
        to FrameTree::traverseNext() when traversing over that same main frame.

        * inspector/InspectorApplicationCacheAgent.cpp:
        (WebCore::InspectorApplicationCacheAgent::getFramesWithManifests):
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::getCookies):
        (WebCore::InspectorPageAgent::deleteCookie):
        (WebCore::InspectorPageAgent::searchInResources):
        * replay/SerializationMethods.cpp:
        (WebCore::frameIndexFromFrame):
        (WebCore::frameFromFrameIndex):

2015-01-12  Timothy Horton  <timothy_horton@apple.com>

        Multi-rect TextIndicators are vertically flipped in WebKit1
        https://bugs.webkit.org/show_bug.cgi?id=140350
        <rdar://problem/19441243>

        Reviewed by Beth Dakin.

        * page/TextIndicator.cpp:
        (WebCore::TextIndicator::createWithSelectionInFrame):
        (WebCore::TextIndicator::TextIndicator):
        * page/TextIndicator.h:
        (WebCore::TextIndicator::selectionRectInRootViewCoordinates):
        (WebCore::TextIndicator::textBoundingRectInRootViewCoordinates):
        (WebCore::TextIndicator::selectionRectInWindowCoordinates): Deleted.
        (WebCore::TextIndicator::textBoundingRectInWindowCoordinates): Deleted.
        * page/mac/TextIndicatorWindow.mm:
        (-[WebTextIndicatorView initWithFrame:textIndicator:margin:]):
        (WebCore::TextIndicatorWindow::setTextIndicator):
        Compute, store, and use TextIndicator's selectionRect and textBoundingRect
        in root view coordinates instead of window coordinates; this way, each
        WebKit can do the conversion itself, and the rootView vs. window flipping
        isn't wrongly factored into textRectsInBoundingRectCoordinates.

2015-01-12  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r178281.
        https://bugs.webkit.org/show_bug.cgi?id=140366

        Broke many media tests (Requested by ap on #webkit).

        Reverted changeset:

        "defaultPlaybackRate not respected when set before source is
        loaded"
        https://bugs.webkit.org/show_bug.cgi?id=140282
        http://trac.webkit.org/changeset/178281

2015-01-12  Anders Carlsson  <andersca@apple.com>

        Merge DatabaseBackendContext into DatabaseContext
        https://bugs.webkit.org/show_bug.cgi?id=140365

        Reviewed by Antti Koivisto.

        * CMakeLists.txt:
        * Modules/webdatabase/AbstractDatabaseServer.h:
        * Modules/webdatabase/Database.cpp:
        (WebCore::Database::Database):
        * Modules/webdatabase/Database.h:
        * Modules/webdatabase/DatabaseBackend.cpp:
        (WebCore::DatabaseBackend::DatabaseBackend):
        * Modules/webdatabase/DatabaseBackend.h:
        * Modules/webdatabase/DatabaseBackendBase.cpp:
        (WebCore::DatabaseBackendBase::DatabaseBackendBase):
        * Modules/webdatabase/DatabaseBackendBase.h:
        (WebCore::DatabaseBackendBase::databaseContext):
        * Modules/webdatabase/DatabaseBackendContext.cpp: Removed.
        * Modules/webdatabase/DatabaseBackendContext.h: Removed.
        * Modules/webdatabase/DatabaseContext.cpp:
        (WebCore::DatabaseContext::securityOrigin):
        (WebCore::DatabaseContext::isContextThread):
        (WebCore::DatabaseContext::backend): Deleted.
        * Modules/webdatabase/DatabaseContext.h:
        * Modules/webdatabase/DatabaseManager.cpp:
        (WebCore::DatabaseManager::openDatabaseBackend):
        (WebCore::DatabaseManager::interruptAllDatabasesForContext):
        * Modules/webdatabase/DatabaseServer.cpp:
        (WebCore::DatabaseServer::interruptAllDatabasesForContext):
        (WebCore::DatabaseServer::openDatabase):
        (WebCore::DatabaseServer::createDatabase):
        * Modules/webdatabase/DatabaseServer.h:
        * Modules/webdatabase/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::canEstablishDatabase):
        (WebCore::DatabaseTracker::retryCanEstablishDatabase):
        (WebCore::DatabaseTracker::interruptAllDatabasesForContext):
        * Modules/webdatabase/DatabaseTracker.h:
        * Modules/webdatabase/SQLTransactionBackend.cpp:
        * Modules/webdatabase/SQLTransactionClient.cpp:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:

2015-01-12  Jer Noble  <jer.noble@apple.com>

        defaultPlaybackRate not respected when set before source is loaded
        https://bugs.webkit.org/show_bug.cgi?id=140282

        Reviewed by Eric Carlson.

        Test: media/video-defaultplaybackrate-before-load.html

        When the HTMLMediaElement is notified that the media player's rate has changed, it asks
        for the rate from MediaPlayer. However, MediaPlayer never requests the playback rate
        from the underlying MediaPlayerPrivate; it just returns the last rate which was set, or
        1 if no rate was set. HTMLMediaElement then sets its playbackRate to the returned
        value. So the end result is that the value from defaultPlaybackRate is overwritten by
        the default value of 1 in MediaPlayer.

        Rather than caching the requested rate in MediaPlayer, cache the value reported by
        MediaPlayer inside HTMLMediaElement. And instead of returning the reported playback
        rate from HTMLMediaElement.playbackRate, just return the last value set. The reported
        value is still used for estimating the current time during playback.

        Add MediaPlayerPrivate interface method to return the current playback rate.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement): Initialize m_reportedPlaybackRate.
        (WebCore::HTMLMediaElement::effectivePlaybackRate): Return m_reportedPlaybackRate.
        (WebCore::HTMLMediaElement::requestedPlaybackRate): Return m_playbackRate.
        (WebCore::HTMLMediaElement::updatePlaybackRate): Use requestedPlaybackRate() instead
            of effectivePlaybackRate();
        (WebCore::HTMLMediaElement::ended): Ditto.
        (WebCore::HTMLMediaElement::playbackProgressTimerFired): Ditto.
        (WebCore::HTMLMediaElement::endedPlayback): Ditto.
        (WebCore::HTMLMediaElement::updatePlayState): Ditto.
        (WebCore::HTMLMediaElement::mediaPlayerRateChanged): Set m_reportedPlaybackRate.
        (WebCore::HTMLMediaElement::mediaPlayerRequestedPlaybackRate): Return
            requestedPlaybackRate() if playing and 0 if not.
        * html/HTMLMediaElement.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::MediaPlayer): Removed m_rate.
        (WebCore::MediaPlayer::rate): Pass to MediaPlayerPrivate.
        (WebCore::MediaPlayer::setRate): Do not cache the rate.
        (WebCore::MediaPlayer::requestedRate): Added; ask HTMLMediaElement.
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerClient::mediaPlayerRequestedPlaybackRate): Added.
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::rate): Added.
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::MediaPlayerPrivateAVFoundation):
            Do not cache the requested rate.
        (WebCore::MediaPlayerPrivateAVFoundation::requestedRate): Pass to MediaPlayer.
        (WebCore::MediaPlayerPrivateAVFoundation::setRate): Deleted.
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
        (WebCore::MediaPlayerPrivateAVFoundation::requestedRate): Deleted.
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        (WebCore::MediaPlayerPrivateAVFoundationCF::setRate): Renamed from updateRate.
        (WebCore::MediaPlayerPrivateAVFoundationCF::rate): Fetch the rate from the player.
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::setRateDouble): Renamed from updateRate.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::rate): Fetch the rate from the player.
        * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::rate): Fetch the rate from the QTMovie.

2015-01-11  Anders Carlsson  <andersca@apple.com>

        Merge DatabaseBase into Database
        https://bugs.webkit.org/show_bug.cgi?id=140345

        Reviewed by Antti Koivisto.

        * CMakeLists.txt:
        * Modules/webdatabase/Database.cpp:
        (WebCore::Database::Database):
        (WebCore::Database::runTransaction):
        (WebCore::Database::logErrorMessage):
        * Modules/webdatabase/Database.h:
        (WebCore::Database::scriptExecutionContext):
        * Modules/webdatabase/DatabaseBackendBase.cpp:
        * Modules/webdatabase/DatabaseBackendBase.h:
        (WebCore::DatabaseBackendBase::setFrontend):
        * Modules/webdatabase/DatabaseBase.cpp: Removed.
        * Modules/webdatabase/DatabaseBase.h: Removed.
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:

2015-01-12  Darin Adler  <darin@apple.com>

        Modernize and streamline HTMLTokenizer
        https://bugs.webkit.org/show_bug.cgi?id=140166

        Reviewed by Sam Weinig.

        * html/parser/AtomicHTMLToken.h:
        (WebCore::AtomicHTMLToken::initializeAttributes): Removed unneeded assertions
        based on fields I removed.

        * html/parser/HTMLDocumentParser.cpp:
        (WebCore::HTMLDocumentParser::HTMLDocumentParser): Change to use updateStateFor
        to set the initial state when parsing a fragment, since it implements the same
        rule taht the tokenizerStateForContextElement function did.
        (WebCore::HTMLDocumentParser::pumpTokenizer): Updated to use the revised
        interfaces for HTMLSourceTracker and HTMLTokenizer.
        (WebCore::HTMLDocumentParser::constructTreeFromHTMLToken): Changed to take a
        TokenPtr instead of an HTMLToken, so we can clear out the TokenPtr earlier
        for non-character tokens, and let them get cleared later for character tokens.
        (WebCore::HTMLDocumentParser::insert): Pass references.
        (WebCore::HTMLDocumentParser::append): Ditto.
        (WebCore::HTMLDocumentParser::appendCurrentInputStreamToPreloadScannerAndScan): Ditto.

        * html/parser/HTMLDocumentParser.h: Updated argument type for constructTreeFromHTMLToken
        and removed now-unneeded m_token data members.

        * html/parser/HTMLEntityParser.cpp: Removed unneeded uses of the inline keyword.
        (WebCore::HTMLEntityParser::consumeNamedEntity): Replaced two uses of
        advanceAndASSERT with just plain advance; there's really no need to assert the
        character is the one we just got out of the string.

        * html/parser/HTMLInputStream.h: Moved the include of TextPosition.h here from
        its old location since this class has two data members that are OrdinalNumber.

        * html/parser/HTMLMetaCharsetParser.cpp:
        (WebCore::HTMLMetaCharsetParser::HTMLMetaCharsetParser): Removed most of the
        initialization, since it's now done by defaults.
        (WebCore::extractCharset): Rewrote this to be a non-member function, and to
        use a for loop, and to handle quote marks in a simpler way. Also changed it
        to return a StringView so we don't have to allocate a new string.
        (WebCore::HTMLMetaCharsetParser::processMeta): Use a modern for loop, and
        also take a token argument since it's no longer a data member.
        (WebCore::HTMLMetaCharsetParser::encodingFromMetaAttributes): Use a modern for
        loop, StringView instead of string, and don't bother naming the local enum.
        (WebCore::HTMLMetaCharsetParser::checkForMetaCharset): Updated for the new
        way of getting tokens from the tokenizer.

        * html/parser/HTMLMetaCharsetParser.h: Got rid of some data members and
        tightened up the formatting a little. Don't bother allocating the tokenizer
        on the heap.

        * html/parser/HTMLPreloadScanner.cpp:
        (WebCore::TokenPreloadScanner::TokenPreloadScanner): Removed unneeded
        initialization.
        (WebCore::HTMLPreloadScanner::HTMLPreloadScanner): Ditto.
        (WebCore::HTMLPreloadScanner::scan): Changed to take a reference.

        * html/parser/HTMLPreloadScanner.h: Removed unneeded includes, typedefs,
        and forward declarations. Removed explicit declaration of the destructor,
        since the default one works. Removed unused createCheckpoint and rewindTo
        functions. Gave initial values for various data members. Marked the device
        scale factor const beacuse it's set in the constructor and never changed.
        Also removed the unneeded isSafeToSendToAnotherThread.

        * html/parser/HTMLResourcePreloader.cpp:
        (WebCore::PreloadRequest::isSafeToSendToAnotherThread): Deleted.

        * html/parser/HTMLResourcePreloader.h:
        (WebCore::PreloadRequest::PreloadRequest): Removed unneeded calls to
        isolatedCopy. Also removed isSafeToSendToAnotherThread.

        * html/parser/HTMLSourceTracker.cpp:
        (WebCore::HTMLSourceTracker::startToken): Renamed. Changed to keep state
         in the source tracker itself, not the token.
        (WebCore::HTMLSourceTracker::endToken): Ditto.
        (WebCore::HTMLSourceTracker::source): Renamed. Changed to use the state
        from the source tracker.

        * html/parser/HTMLSourceTracker.h: Removed unneeded include of HTMLToken.h.
        Renamed functions, removed now-unneeded comment.

        * html/parser/HTMLToken.h: Cut down on the fields used by the source tracker.
        It only needs to know the start and end of each attribute, not each part of
        each attribute. Removed setBaseOffset, setEndOffset, length, addNewAttribute,
        beginAttributeName, endAttributeName, beginAttributeValue, endAttributeValue,
        m_baseOffset and m_length. Added beginAttribute and endAttribute.
        (WebCore::HTMLToken::clear): No need to zero m_length or m_baseOffset any more.
        (WebCore::HTMLToken::length): Deleted.
        (WebCore::HTMLToken::setBaseOffset): Deleted.
        (WebCore::HTMLToken::setEndOffset): Deleted.
        (WebCore::HTMLToken::beginStartTag): Only null out m_currentAttribute if we
        are compiling in assertions.
        (WebCore::HTMLToken::beginEndTag): Ditto.
        (WebCore::HTMLToken::addNewAttribute): Deleted.
        (WebCore::HTMLToken::beginAttribute): Moved the code from addNewAttribute in
        here and set the start offset.
        (WebCore::HTMLToken::beginAttributeName): Deleted.
        (WebCore::HTMLToken::endAttributeName): Deleted.
        (WebCore::HTMLToken::beginAttributeValue): Deleted.
        (WebCore::HTMLToken::endAttributeValue): Deleted.

        * html/parser/HTMLTokenizer.cpp:
        (WebCore::HTMLToken::endAttribute): Added. Sets the end offset.
        (WebCore::HTMLToken::appendToAttributeName): Updated assertion.
        (WebCore::HTMLToken::appendToAttributeValue): Ditto.
        (WebCore::convertASCIIAlphaToLower): Renamed from toLowerCase and changed
        so it's legal to call on lower case letters too.
        (WebCore::vectorEqualsString): Changed to take a string literal rather than
        a WTF::String.
        (WebCore::HTMLTokenizer::inEndTagBufferingState): Made this a member function.
        (WebCore::HTMLTokenizer::HTMLTokenizer): Updated for data member changes.
        (WebCore::HTMLTokenizer::bufferASCIICharacter): Added. Optimized version of
        bufferCharacter for the common case where we know the character is ASCII.
        (WebCore::HTMLTokenizer::bufferCharacter): Moved this function here from the
        header since it's only used inside the class.
        (WebCore::HTMLTokenizer::emitAndResumeInDataState): Moved this here, renamed
        it and removed the state argument.
        (WebCore::HTMLTokenizer::emitAndReconsumeInDataState): Ditto.
        (WebCore::HTMLTokenizer::emitEndOfFile): More of the same.
        (WebCore::HTMLTokenizer::saveEndTagNameIfNeeded): Ditto.
        (WebCore::HTMLTokenizer::haveBufferedCharacterToken): Ditto.
        (WebCore::HTMLTokenizer::flushBufferedEndTag): Updated since m_token is now
        the actual token, not just a pointer.
        (WebCore::HTMLTokenizer::flushEmitAndResumeInDataState): Renamed this and
        removed the state argument.
        (WebCore::HTMLTokenizer::processToken): This function, formerly nextToken,
        is now the internal function used by nextToken. Updated its contents to use
        simpler macros, changed code to set m_state when returning, rather than
        constantly setting it when cycling through states, switched style to use
        early return/goto rather than lots of else statements, took out unneeded
        braces now that BEGIN/END_STATE handles the braces, collapsed upper and
        lower case letter handling in many states, changed lookAhead call sites to
        use the new advancePast function instead.
        (WebCore::HTMLTokenizer::updateStateFor): Set m_state directly instead of
        calling a setstate function.
        (WebCore::HTMLTokenizer::appendToTemporaryBuffer): Moved here from header.
        (WebCore::HTMLTokenizer::temporaryBufferIs): Changed argument type to
        a literal instead of a WTF::String.
        (WebCore::HTMLTokenizer::appendToPossibleEndTag): Renamed and changed type
        to be a UChar instead of LChar, although all characters will be ASCII.
        (WebCore::HTMLTokenizer::isAppropriateEndTag): Marked const, and changed
        type from size_t to unsigned.

        * html/parser/HTMLTokenizer.h: Changed interface of nextToken so it returns
        a TokenPtr so code doesn't have to understand special rules about when to
        work with an HTMLToken and when to clear it. Made most functions private,
        and made the State enum private as well. Replaced the state and setState
        functions with more specific functions for the few states we need to deal
        with outside the class. Moved function bodies outside the class definition
        so it's easier to read the class definition.

        * html/parser/HTMLTreeBuilder.cpp:
        (WebCore::HTMLTreeBuilder::processStartTagForInBody): Updated to use the
        new set state functions instead of setState.
        (WebCore::HTMLTreeBuilder::processEndTag): Ditto.
        (WebCore::HTMLTreeBuilder::processGenericRCDATAStartTag): Ditto.
        (WebCore::HTMLTreeBuilder::processGenericRawTextStartTag): Ditto.
        (WebCore::HTMLTreeBuilder::processScriptStartTag): Ditto.

        * html/parser/InputStreamPreprocessor.h: Marked the constructor explicit,
        and mde it take a reference rather than a pointer.

        * html/parser/TextDocumentParser.cpp:
        (WebCore::TextDocumentParser::insertFakePreElement): Updated to use the
        new set state functions instead of setState.

        * html/parser/XSSAuditor.cpp:
        (WebCore::XSSAuditor::decodedSnippetForName): Updated for name change.
        (WebCore::XSSAuditor::decodedSnippetForAttribute): Updated for changes to
        attribute range tracking.
        (WebCore::XSSAuditor::decodedSnippetForJavaScript): Updated for name change.
        (WebCore::XSSAuditor::isSafeToSendToAnotherThread): Deleted.

        * html/parser/XSSAuditor.h: Deleted isSafeToSendToAnotherThread.

        * html/track/WebVTTTokenizer.cpp: Removed the local state variable from
        WEBVTT_ADVANCE_TO; there is no need for it.
        (WebCore::WebVTTTokenizer::WebVTTTokenizer): Use a reference instead of a
        pointer for the preprocessor.
        (WebCore::WebVTTTokenizer::nextToken): Ditto. Also removed the state local
        variable and the switch statement, replacing with labels instead since we
        go between states with goto.

        * platform/text/SegmentedString.cpp:
        (WebCore::SegmentedString::operator=): Changed the return type to be non-const
        to match normal C++ design rules.
        (WebCore::SegmentedString::pushBack): Renamed from prepend since this is not a
        general purpose prepend function. Also fixed assertions to not use the strangely
        named "escaped" function, since we are deleting it.
        (WebCore::SegmentedString::append): Ditto.
        (WebCore::SegmentedString::advancePastNonNewlines): Renamed from advance, since
        the function only works for non-newlines.
        (WebCore::SegmentedString::currentColumn): Got rid of unneeded local variable.
        (WebCore::SegmentedString::advancePastSlowCase): Moved here from header and
        renamed. This function now consumes the characters if they match.

        * platform/text/SegmentedString.h: Made the changes mentioned above.
        (WebCore::SegmentedString::excludeLineNumbers): Deleted.
        (WebCore::SegmentedString::advancePast): Renamed from lookAhead. Also changed
        behavior so the characters are consumed.
        (WebCore::SegmentedString::advancePastIgnoringCase): Ditto.
        (WebCore::SegmentedString::advanceAndASSERT): Deleted.
        (WebCore::SegmentedString::advanceAndASSERTIgnoringCase): Deleted.
        (WebCore::SegmentedString::escaped): Deleted.

        * xml/parser/CharacterReferenceParserInlines.h:
        (WebCore::isHexDigit): Deleted.
        (WebCore::unconsumeCharacters): Updated for name change.
        (WebCore::consumeCharacterReference): Removed unneeded name for local enum,
        renamed local variable "cc" to character. Changed code to use helpers like
        isASCIIAlpha and toASCIIHexValue. Removed unneeded use of advanceAndASSERT,
        since we don't really need to assert the character we just extracted.

        * xml/parser/MarkupTokenizerInlines.h:
        (WebCore::isTokenizerWhitespace): Renamed argument to character.
        (WebCore::advanceStringAndASSERTIgnoringCase): Deleted.
        (WebCore::advanceStringAndASSERT): Deleted.
        Changed all the macro implementations so they set m_state only when
        returning from the function and just use goto inside the state machine.

2015-01-11  Andreas Kling  <akling@apple.com>

        Enable Vector bounds checking for ElementDescendantIterator.
        <https://webkit.org/b/140346>

        Reviewed by Sam Weinig.

        I had originally disabled Vector bounds checking for
        ElementDescendantIterator's internal ancestor stack, but upon
        re-running performance benchmarks, it appears to have little-to-no
        measurable benefit.

        This change adds back the bounds checking.

        * dom/ElementDescendantIterator.h:

2015-01-11  Chris Dumez  <cdumez@apple.com>

        Drop legacy SVGCSSStyleSelector.cpp
        https://bugs.webkit.org/show_bug.cgi?id=140342

        Reviewed by Antti Koivisto.

        Drop legacy SVGCSSStyleSelector.cpp by porting the remaining SVG CSS
        properties to the generated StyleBuilder. This patch also removes
        support for the "LegacyStyleBuilder" option in CSSPropertyNames.in
        as all properties have now been ported over.

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        Drop SVGCSSStyleSelector.cpp file as it was removed.

        * css/CSSPropertyNames.in:
        * css/SVGCSSStyleSelector.cpp: Removed.
        * css/StyleBuilder.h:
        StyleBuilder::applyProperty() no longer need to return a boolean as
        it now handles ALL CSS properties.

        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyValueBaselineShift):
        (WebCore::StyleBuilderCustom::applyInitialFill):
        (WebCore::StyleBuilderCustom::applyInheritFill):
        (WebCore::StyleBuilderCustom::applyValueFill):
        (WebCore::StyleBuilderCustom::applyInitialStroke):
        (WebCore::StyleBuilderCustom::applyInheritStroke):
        (WebCore::StyleBuilderCustom::applyValueStroke):
        (WebCore::StyleBuilderCustom::applyInitialWebkitSvgShadow):
        (WebCore::StyleBuilderCustom::applyInheritWebkitSvgShadow):
        (WebCore::StyleBuilderCustom::applyValueWebkitSvgShadow):
        Move 'fill', 'stroke' and '-webkit-svg-shadow' to the new
        StyleBuilder.

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):
        * css/makeprop.pl:

2015-01-11  Antti Koivisto  <antti@apple.com>

        Remove FontCachePurgePreventer
        https://bugs.webkit.org/show_bug.cgi?id=139628

        Reviewed by Anders Carlsson.

        This stack type is bug prone and invasive. A missing FontCachePurgePreventer in a code that touches fonts is always
        a hard-to-detect bug and there are many places that need it. Instead purge the font cache on top of the runloop.

        The purge timer could in principle fire in a nested runloop. However we should never have unreferenced
        SimpleFontData objects in the stack in such case (GlyphData objects don't currently ref the font) because those
        only occur during layout and painting. Layout and painting can't trigger a nested runloops as there would be
        bigger problems.

        Purging may also be triggered synchronously by a memory notification. That case won't have any GlyphDatas in the stack either.

        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::measureText):
        (WebCore::CanvasRenderingContext2D::drawTextInternal):
        * page/FrameView.cpp:
        (WebCore::FrameView::layout):
        (WebCore::FrameView::paintContents):
        * platform/graphics/FontCache.cpp:
        (WebCore::FontCache::FontCache):
        (WebCore::FontCache::fontForFamily):
        (WebCore::FontCache::purgeTimerFired):
        (WebCore::FontCache::purgeInactiveFontData):
        * platform/graphics/FontCache.h:
        (WebCore::FontCache::disablePurging): Deleted.
        (WebCore::FontCache::enablePurging): Deleted.
        (WebCore::FontCachePurgePreventer::FontCachePurgePreventer): Deleted.
        (WebCore::FontCachePurgePreventer::~FontCachePurgePreventer): Deleted.
        * platform/graphics/FontFastPath.cpp:
        (WebCore::Font::emphasisMarkAscent):
        (WebCore::Font::emphasisMarkDescent):
        (WebCore::Font::emphasisMarkHeight):
        (WebCore::Font::drawEmphasisMarks):
        * platform/graphics/ca/win/PlatformCALayerWinInternal.cpp:
        (PlatformCALayerWinInternal::displayCallback):
        * platform/mac/DragImageMac.mm:
        (WebCore::widthWithFont):
        (WebCore::drawAtPoint):
        (WebCore::createDragImageForLink):
        * platform/win/DragImageWin.cpp:
        (WebCore::createDragImageForLink):
        * platform/win/WebCoreTextRenderer.cpp:
        (WebCore::doDrawTextAtPoint):
        (WebCore::WebCoreTextFloatWidth):
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::localSelectionRect):
        (WebCore::InlineTextBox::offsetForPosition):
        (WebCore::InlineTextBox::positionForOffset):
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::setImageSizeForAltText):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::paintIntoLayer):
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::updateFromElement):
        (WebCore::RenderListBox::paintItemForeground):
        * rendering/RenderMenuList.cpp:
        (RenderMenuList::updateOptionsWidth):
        * rendering/RenderThemeIOS.mm:
        (WebCore::adjustInputElementButtonStyle):
        * rendering/mathml/RenderMathMLOperator.cpp:
        (WebCore::RenderMathMLOperator::updateStyle):
        * rendering/svg/RenderSVGText.cpp:
        (WebCore::RenderSVGText::subtreeChildWasAdded):
        (WebCore::RenderSVGText::subtreeStyleDidChange):
        (WebCore::RenderSVGText::subtreeTextDidChange):
        (WebCore::RenderSVGText::removeChild):
        * rendering/svg/SVGInlineTextBox.cpp:
        (WebCore::SVGInlineTextBox::selectionRectForTextFragment):

2015-01-11  Myles C. Maxfield  <mmaxfield@apple.com>

        [SVG -> OTF Converter] Implement ligatures
        https://bugs.webkit.org/show_bug.cgi?id=137094

        Reviewed by Dan Bernstein.

        Use the "liga" OpenType feature to implement ligatures inside the GSUB table.

        Tests: svg/W3C-SVG-1.1/fonts-glyph-04-t.svg
               svg/W3C-SVG-1.1/text-text-06-t.svg
               svg/text/kerning.svg
               svg/text/multichar-glyph.svg

        * svg/SVGToOTFFontConversion.cpp:
        (WebCore::SVGToOTFFontConverter::grow):
        (WebCore::SVGToOTFFontConverter::appendCMAPTable): Use StringView::codePoints().
        (WebCore::SVGToOTFFontConverter::firstGlyph): Returns the first element of the input
        vector, along with some ASSERTs.
        (WebCore::SVGToOTFFontConverter::appendLigatureSubtable):
        (WebCore::SVGToOTFFontConverter::appendScriptSubtable): Used inside appendGSUBTable.
        (WebCore::SVGToOTFFontConverter::appendGSUBTable): Updating for ligatures.
        (WebCore::codepointToString): Wrapper around U16_APPEND().
        (WebCore::SVGToOTFFontConverter::glyphsForCodepoint): Call codepointToString and look
        in internal map.
        (WebCore::SVGToOTFFontConverter::addCodepointRanges): Use glyphsForCodepoint().
        (WebCore::SVGToOTFFontConverter::appendLigatureGlyphs): Ligatures are implemented as
        mapping a sequence of glyphs to another glyph inside OpenType. However, SVG models
        ligatures as mapping a sequence of codepoints to a glyph. This function makes dummy
        glyphs for all the codepoints that we don't have glyphs for and appends them to
        m_glyphs.
        (WebCore::SVGToOTFFontConverter::compareCodepointsLexicographically):
        (WebCore::SVGToOTFFontConverter::SVGToOTFFontConverter): Use appendEmptyGlyph() and
        call appendLigatureGlyphs().

2015-01-11  Chris Dumez  <cdumez@apple.com>

        Move more SVG CSS properties to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=140340

        Reviewed by Antti Koivisto.

        Move more SVG CSS properties to the new StyleBuilder by introducing
        the necessary converters in StyleBuilderConverter.

        * css/CSSPropertyNames.in:
        * css/SVGCSSStyleSelector.cpp:
        (WebCore::StyleResolver::applySVGProperty):
        (WebCore::roundToNearestGlyphOrientationAngle): Deleted.
        (WebCore::angleToGlyphOrientation): Deleted.
        (WebCore::colorFromSVGColorCSSValue): Deleted.
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertNumber):
        (WebCore::StyleBuilderConverter::convertNumberOrAuto):
        (WebCore::StyleBuilderConverter::convertOpacity):
        (WebCore::StyleBuilderConverter::convertSVGURIReference):
        (WebCore::StyleBuilderConverter::convertSVGColor):
        (WebCore::StyleBuilderConverter::convertGlyphOrientation):
        (WebCore::StyleBuilderConverter::convertGlyphOrientationOrAuto):
        * rendering/style/RenderStyle.h:

2015-01-10  Csaba Osztrogonác  <ossy@webkit.org>

        Unreviewed buildfix for !ENABLE(INSPECTOR) builds after r178201.

        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::willReceiveResourceResponse):

2015-01-10  Chris Dumez  <cdumez@apple.com>

        Move 'kerning' / 'paint-order' / 'stroke-dasharray' SVG CSS properties to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=140327

        Reviewed by Sam Weinig.

        Move 'kerning' / 'paint-order' / 'stroke-dasharray' SVG CSS properties
        to the new StyleBuilder by introducing the necessary converters in
        StyleBuilderConverter.

        * css/CSSPropertyNames.in:
        * css/SVGCSSStyleSelector.cpp:
        (WebCore::StyleResolver::applySVGProperty):
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertSVGLength):
        (WebCore::StyleBuilderConverter::convertSVGLengthVector):
        (WebCore::StyleBuilderConverter::convertStrokeDashArray):
        (WebCore::StyleBuilderConverter::convertPaintOrder):
        * svg/SVGLength.cpp:
        (WebCore::SVGLength::fromCSSPrimitiveValue):
        * svg/SVGLength.h:

2015-01-09  Andreas Kling  <akling@apple.com>

        CTTE: GeolocationController always has a client.
        <https://webkit.org/b/140330>

        Reviewed by Anders Carlsson.

        Change GeolocationController::m_client to be a reference and remove
        a whole bunch of unnecessary null checks.

        * Modules/geolocation/GeolocationController.cpp:
        (WebCore::GeolocationController::GeolocationController):
        (WebCore::GeolocationController::~GeolocationController):
        (WebCore::GeolocationController::addObserver):
        (WebCore::GeolocationController::removeObserver):
        (WebCore::GeolocationController::requestPermission):
        (WebCore::GeolocationController::cancelPermissionRequest):
        (WebCore::GeolocationController::lastPosition):
        (WebCore::GeolocationController::viewStateDidChange):
        (WebCore::provideGeolocationTo):
        * Modules/geolocation/GeolocationController.h:
        (WebCore::GeolocationController::client):

2015-01-09  Zalan Bujtas  <zalan@apple.com>

        Calling clearSelection on a detached RenderObject leads to segfault.
        https://bugs.webkit.org/show_bug.cgi?id=140275

        Reviewed by Simon Fraser.

        We collect selection rects and compute selection gaps in order to
        paint/clear selection. With certain content, we need to be able
        to walk the tree up to a particular container to compute the selection rect.
        However this container might not be available when the selection is part of a detached tree.
        This is a null-check fix to ensure we don't crash in such cases, but in the long run
        selection gaps and rect should be cached between two layouts so that we don't need to
        keep collecting/recomputing them. Tracked here: webkit.org/b/140321

        Test: editing/selection/clearselection-on-detached-subtree-crash.html

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::containingBlockLogicalWidthForContent):
        (WebCore::RenderBox::containingBlockLogicalHeightForContent):
        * rendering/RenderView.cpp:
        (WebCore::RenderView::clearSelection):

2015-01-09  Anders Carlsson  <andersca@apple.com>

        Remove more sync database code
        https://bugs.webkit.org/show_bug.cgi?id=140328

        Reviewed by Sam Weinig.

        * Modules/webdatabase/AbstractDatabaseServer.h:
        * Modules/webdatabase/DatabaseBackend.cpp:
        (WebCore::DatabaseBackend::DatabaseBackend):
        * Modules/webdatabase/DatabaseBackendBase.cpp:
        (WebCore::DatabaseBackendBase::DatabaseBackendBase):
        * Modules/webdatabase/DatabaseBackendBase.h:
        (WebCore::DatabaseBackendBase::isSyncDatabase): Deleted.
        * Modules/webdatabase/DatabaseBasicTypes.h:
        * Modules/webdatabase/DatabaseManager.cpp:
        (WebCore::DatabaseManager::openDatabaseBackend):
        (WebCore::DatabaseManager::openDatabase):
        * Modules/webdatabase/DatabaseManager.h:
        * Modules/webdatabase/DatabaseServer.cpp:
        (WebCore::DatabaseServer::openDatabase):
        (WebCore::DatabaseServer::createDatabase):
        * Modules/webdatabase/DatabaseServer.h:

2015-01-09  Daniel Bates  <dabates@apple.com>

        Fix the iOS build after <http://trac.webkit.org/changeset/178213>
        (https://bugs.webkit.org/show_bug.cgi?id=140310)

        * platform/spi/cocoa/CoreTextSPI.h:
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::systemFont):

2015-01-09  Chris Dumez  <cdumez@apple.com>

        Get rid of legacy StyleBuilder switch in StyleResolver.cpp
        https://bugs.webkit.org/show_bug.cgi?id=140315

        Reviewed by Sam Weinig.

        Get rid of legacy StyleBuilder switch in StyleResolver.cpp now that most
        properties have been ported to the new generated StyleBuilder in previous
        patches. The properties that remained in this switch were shorthand
        properties or other properties that do not require any handling in the
        StyleBuilder.

        To achieve this, this patch introduces 2 parameters in
        CSSPropertyNames.in:
        - SkipBuilder: Indicates that no StyleBuilder code should be generated
          for this property.
        - Shorthand: Indicates that this is a shorthand property, which therefore
          does not use the StyleBuilder. makeprop.pl will merely generate
          assertions for such properties, to validate that this is a shorthand
          property and that the StyleBuilder code is never reached.

        * css/CSSPropertyNames.in:
        * css/SVGCSSStyleSelector.cpp:
        (WebCore::StyleResolver::applySVGProperty):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):
        * css/makeprop.pl:

2015-01-09  Brent Fulgham  <bfulgham@apple.com>

        [Win] Build fix after r178219.

        * WebCore.vcxproj/WebCore.vcxproj: Remove PaintHooks.asm references in project file.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.

2015-01-09  Andreas Kling  <akling@apple.com>

        Log which ActiveDOMObject(s) can't be suspended for PageCache.
        <https://webkit.org/b/139697>

        Reviewed by Chris Dumez.

        Give ActiveDOMObject a pure virtual activeDOMObjectName() so we can
        find their names.

        Dump the names of all the ActiveDOMObjects that fail to suspend when
        we're trying to put a page into PageCache.

        * Modules/encryptedmedia/MediaKeySession.h:
        * Modules/geolocation/Geolocation.h:
        * Modules/indexeddb/IDBDatabase.h:
        * Modules/indexeddb/IDBRequest.h:
        * Modules/indexeddb/IDBTransaction.h:
        * Modules/mediasource/MediaSource.h:
        * Modules/mediasource/SourceBuffer.h:
        * Modules/mediastream/MediaStreamTrack.h:
        * Modules/mediastream/RTCDTMFSender.h:
        * Modules/mediastream/RTCPeerConnection.h:
        * Modules/mediastream/RTCSessionDescriptionRequestImpl.h:
        * Modules/mediastream/RTCStatsRequestImpl.h:
        * Modules/mediastream/RTCVoidRequestImpl.h:
        * Modules/notifications/Notification.h:
        * Modules/notifications/NotificationCenter.h:
        * Modules/webaudio/AudioContext.h:
        * Modules/webdatabase/DatabaseContext.h:
        * Modules/websockets/WebSocket.h:
        * WebCore.exp.in:
        * css/FontLoader.h:
        * dom/ActiveDOMObject.h:
        * dom/ScriptExecutionContext.cpp:
        (WebCore::ScriptExecutionContext::canSuspendActiveDOMObjects):
        * dom/ScriptExecutionContext.h:
        * fileapi/FileReader.h:
        * history/PageCache.cpp:
        (WebCore::logCanCacheFrameDecision):
        * html/HTMLMarqueeElement.h:
        * html/HTMLMediaElement.h:
        * html/PublicURLManager.h:
        * html/canvas/WebGLRenderingContext.h:
        * page/EventSource.h:
        * page/SuspendableTimer.h:
        * workers/AbstractWorker.h:
        * xml/XMLHttpRequest.h:

2015-01-09  Anders Carlsson  <andersca@apple.com>

        Get rid of the database strategy
        https://bugs.webkit.org/show_bug.cgi?id=140322

        Reviewed by Sam Weinig.

        * CMakeLists.txt:
        * Modules/webdatabase/DatabaseManager.cpp:
        (WebCore::DatabaseManager::ProposedDatabase::ProposedDatabase):
        (WebCore::DatabaseManager::DatabaseManager):
        * WebCore.exp.in:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/DatabaseStrategy.cpp: Removed.
        * platform/DatabaseStrategy.h: Removed.
        * platform/PlatformStrategies.h:
        (WebCore::PlatformStrategies::PlatformStrategies):
        (WebCore::PlatformStrategies::databaseStrategy): Deleted.

2015-01-06  Anders Carlsson  <andersca@apple.com>

        Move the Windows only plug-in code to WebKit/win
        https://bugs.webkit.org/show_bug.cgi?id=140133

        Reviewed by Darin Adler.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:

2015-01-09  Anders Carlsson  <andersca@apple.com>

        Another Windows build fix.

        * DerivedSources.cpp:

2015-01-09  Enrica Casucci  <enrica@apple.com>

        [iOS] Support additional text styles.
        https://bugs.webkit.org/show_bug.cgi?id=140310
        rdar://problem/18568864

        Reviewed by Joseph Pecoraro.

        Add support for three new text styles.

        * css/CSSValueKeywords.in:
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::systemFont):

2015-01-09  Anders Carlsson  <andersca@apple.com>

        Fix Windows build.

        * bindings/js/JSBindingsAllInOne.cpp:

2015-01-09  Anders Carlsson  <andersca@apple.com>

        Remove more worker database code
        https://bugs.webkit.org/show_bug.cgi?id=140320

        Reviewed by Tim Horton.

        * workers/WorkerThread.cpp:
        (WebCore::WorkerThread::stop):

2015-01-09  Anders Carlsson  <andersca@apple.com>

        Remove more sync database code
        https://bugs.webkit.org/show_bug.cgi?id=140318

        Reviewed by Sam Weinig.

        * CMakeLists.txt:
        * DerivedSources.make:
        * Modules/webdatabase/DatabaseBackendSync.cpp: Removed.
        * Modules/webdatabase/DatabaseBackendSync.h: Removed.
        * Modules/webdatabase/DatabaseCallback.h:
        * Modules/webdatabase/DatabaseCallback.idl:
        * Modules/webdatabase/DatabaseManager.cpp:
        (WebCore::DatabaseManager::openDatabaseSync): Deleted.
        * Modules/webdatabase/DatabaseManager.h:
        * Modules/webdatabase/DatabaseServer.cpp:
        (WebCore::DatabaseServer::createDatabase):
        * Modules/webdatabase/DatabaseSync.cpp: Removed.
        * Modules/webdatabase/DatabaseSync.h: Removed.
        * Modules/webdatabase/DatabaseSync.idl: Removed.
        * Modules/webdatabase/SQLStatementSync.cpp: Removed.
        * Modules/webdatabase/SQLStatementSync.h: Removed.
        * Modules/webdatabase/SQLTransactionBackendSync.cpp: Removed.
        * Modules/webdatabase/SQLTransactionBackendSync.h: Removed.
        * Modules/webdatabase/SQLTransactionSync.cpp: Removed.
        * Modules/webdatabase/SQLTransactionSync.h: Removed.
        * Modules/webdatabase/SQLTransactionSync.idl: Removed.
        * Modules/webdatabase/SQLTransactionSyncCallback.h: Removed.
        * Modules/webdatabase/SQLTransactionSyncCallback.idl: Removed.
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSSQLTransactionSyncCustom.cpp: Removed.

2015-01-09  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Remove or use TimelineAgent Resource related event types
        https://bugs.webkit.org/show_bug.cgi?id=140155

        Reviewed by Timothy Hatcher.

        Remove unused timeline events. The frontend was ignoring these events
        and was often already getting nearly identical data from the Network domain.

        * WebCore.exp.in:
        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::willSendRequestImpl):
        (WebCore::InspectorInstrumentation::willReceiveResourceResponseImpl):
        (WebCore::InspectorInstrumentation::didReceiveResourceResponseImpl):
        (WebCore::InspectorInstrumentation::didReceiveResourceResponseButCanceledImpl):
        (WebCore::InspectorInstrumentation::didFinishLoadingImpl):
        (WebCore::InspectorInstrumentation::didFailLoadingImpl):
        (WebCore::InspectorInstrumentation::didScheduleResourceRequestImpl): Deleted.
        (WebCore::InspectorInstrumentation::willReceiveResourceDataImpl): Deleted.
        (WebCore::InspectorInstrumentation::didReceiveResourceDataImpl): Deleted.
        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::willReceiveResourceResponse):
        (WebCore::InspectorInstrumentation::didScheduleResourceRequest): Deleted.
        (WebCore::InspectorInstrumentation::willReceiveResourceData): Deleted.
        (WebCore::InspectorInstrumentation::didReceiveResourceData): Deleted.
        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::toProtocol):
        (WebCore::InspectorTimelineAgent::didScheduleResourceRequest): Deleted.
        (WebCore::InspectorTimelineAgent::willSendResourceRequest): Deleted.
        (WebCore::InspectorTimelineAgent::willReceiveResourceData): Deleted.
        (WebCore::InspectorTimelineAgent::didReceiveResourceData): Deleted.
        (WebCore::InspectorTimelineAgent::willReceiveResourceResponse): Deleted.
        (WebCore::InspectorTimelineAgent::didReceiveResourceResponse): Deleted.
        (WebCore::InspectorTimelineAgent::didFinishLoadingResource): Deleted.
        * inspector/InspectorTimelineAgent.h:
        * inspector/TimelineRecordFactory.cpp:
        (WebCore::TimelineRecordFactory::createScheduleResourceRequestData): Deleted.
        (WebCore::TimelineRecordFactory::createResourceSendRequestData): Deleted.
        (WebCore::TimelineRecordFactory::createResourceReceiveResponseData): Deleted.
        (WebCore::TimelineRecordFactory::createResourceFinishData): Deleted.
        (WebCore::TimelineRecordFactory::createReceiveResourceData): Deleted.
        * inspector/TimelineRecordFactory.h:
        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::didReceiveResponse):
        * loader/ResourceLoadNotifier.cpp:
        (WebCore::ResourceLoadNotifier::dispatchDidReceiveResponse):
        * loader/ResourceLoadScheduler.cpp:
        (WebCore::ResourceLoadScheduler::scheduleLoad):
        (WebCore::ResourceLoadScheduler::notifyDidScheduleResourceRequest): Deleted.
        * loader/ResourceLoadScheduler.h:
        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::didReceiveData):
        (WebCore::ResourceLoader::didReceiveBuffer):
        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::didReceiveResponse):
        * loader/mac/ResourceLoaderMac.mm:
        (WebCore::ResourceLoader::didReceiveDataArray):

2015-01-09  Benjamin Poulain  <bpoulain@apple.com>

        Update r177745, one of the review comments was not integrated

        * css/SelectorCheckerTestFunctions.h:
        (WebCore::matchesLangPseudoClass):
        I cq+ before Dhi could make an update and this was left out.

2015-01-09  Benjamin Poulain  <benjamin@webkit.org>

        Fix error handling of ContentExtensionsManager when the top level input is unusable
        https://bugs.webkit.org/show_bug.cgi?id=140284

        Reviewed by Andreas Kling.

        There are a couple of ways the WebProcess would crash if the input
        is really really bad:
        -If the JSON is unreadable, we can have an exception or decodedRules can be null.
        -On any of the error, we cannot return immediately or we will skip vm.clear().

        This patch adds a branch to fix the first issue.

        For the second issue, a new function, loadEncodedRules(), encapsulate all the early
        returns to make sure we execute the end of loadExtension().

        * contentextensions/ContentExtensionsManager.cpp:
        (WebCore::ContentExtensions::ExtensionsManager::loadEncodedRules):
        (WebCore::ContentExtensions::ExtensionsManager::loadExtension):

2015-01-09  Bem Jones-Bey  <bjonesbe@adobe.com>

        Simplify LineWidth::wrapNextToShapeOutside()
        https://bugs.webkit.org/show_bug.cgi?id=140304

        Reviewed by Zoltan Horvath.

        This function used to manually check to see if the entire height of
        the line would have enough space next to the float. However, the code
        to compute the offsets will do this automatically (and probably a lot
        faster), if the line height is passed in. This patch does just that.

        No new tests, no behavior change.

        * rendering/line/LineWidth.cpp:
        (WebCore::availableWidthAtOffset): Remove now unused override, allow
            passing in lineHeight.
        (WebCore::LineWidth::wrapNextToShapeOutside): Pass the lineHeight
            when computing the available width, so we don't need to check
            isWholeLineFit anymore.
        (WebCore::isWholeLineFit): Deleted.

2015-01-09  Bem Jones-Bey  <bjonesbe@adobe.com>

        [CSS Shapes] content inside second shape area when two floats interact
        https://bugs.webkit.org/show_bug.cgi?id=137702

        Reviewed by Zalan Bujtas.

        If a float has a shape-outside, we cannot assume that it has a uniform
        width for the height of the float, so we cannot use simple line
        layout.

        Test: fast/shapes/shape-outside-floats/shape-outside-text-overlap-float.html

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseFor): Don't use simple line layout
            if we have shape-outside. Also, rename floatRenderer to
            floatingObject, since the variable doesn't contain a renderer.

2015-01-09  Chris Dumez  <cdumez@apple.com>

        Allow HTTPS + 'Cache-control: no-store' sub-frames into the page cache
        https://bugs.webkit.org/show_bug.cgi?id=140302

        Reviewed by Andreas Kling.

        Allow HTTPS + 'Cache-control: no-store' sub-frames into the page cache.
        We already restore 'no-store' sub-resources on history navigation from
        the memory cache so there is no reason for our page cache policy to be
        more restrictive.

        We should align our memory cache / history navigation policy with our
        page cache policy.

        For now, 'no-store' main resources are not restored from either cache
        (memory cache / page cache) on history navigation though. This behavior
        does not change.

        Test: http/tests/navigation/https-no-store-subframe-in-page-cache.html

        * history/PageCache.cpp:
        (WebCore::logCanCacheFrameDecision):
        (WebCore::PageCache::canCachePageContainingThisFrame):

2015-01-09  Anders Carlsson  <andersca@apple.com>

        Try to trigger a rebuild of generated JS bindings.

        * bindings/scripts/CodeGeneratorJS.pm:

2015-01-09  Chris Dumez  <cdumez@apple.com>

        Add support for SVG CSS Properties to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=140277

        Reviewed by Andreas Kling.

        Update the new StyleBuilder generator to add support for SVG CSS
        Properties whose methods are on SVGRenderStyle instead of RenderStyle.

        A new "SVG" parameter is now supported by makeprop.pl to correctly
        generate such properties.

        * CMakeLists.txt:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSPropertyNames.in:
        * css/SVGCSSPropertyNames.in: Removed.
        Merged SVG CSS properties into CSSPropertyNames.in. I personally don't
        think having a separate file for SVG CSS properties is really helpful.

        * css/SVGCSSStyleSelector.cpp:
        (WebCore::StyleResolver::applySVGProperty):
        Drop legacy StyleBuilder code for several SVG properties and generate
        them instead. Those are trivial and do not require any custom code or
        converter.

        * css/StyleResolver.cpp:
        Update the id of the first low-priority property.

        * css/makeprop.pl:
        Add support for SVG CSS Properties whose methods are on SVGRenderStyle
        instead of RenderStyle.

2015-01-08  Anders Carlsson  <andersca@apple.com>

        Start removing Web Database support from workers
        https://bugs.webkit.org/show_bug.cgi?id=140271

        Reviewed by Sam Weinig.

        Remove WorkerGlobalScopeWebDatabase which is the entry point for web database in workers.

        * CMakeLists.txt:
        * DerivedSources.make:
        * Modules/webdatabase/WorkerGlobalScopeWebDatabase.cpp: Removed.
        * Modules/webdatabase/WorkerGlobalScopeWebDatabase.h: Removed.
        * Modules/webdatabase/WorkerGlobalScopeWebDatabase.idl: Removed.
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:

2015-01-09  Brent Fulgham  <bfulgham@apple.com>

        [Win] Layout Test fast/canvas/canvas-path-addPath.html is failing
        https://bugs.webkit.org/show_bug.cgi?id=140303
        <rdar://problem/19428865>

        Reviewed by Simon Fraser.

        Although the code clearly states that CG doesn't allow adding a path to itself,
        and branches to handle this case, it simply uses the branch to try adding the
        path to itself (ignoring the copy it just made)!

        Fix this copy/paste bug so that we use the copy and avoid violating the CG 
        API contract.

        * platform/graphics/cg/PathCG.cpp:
        (WebCore::Path::addPath): Fix path used.

2015-01-09  Andreas Kling  <akling@apple.com>

        [Cocoa] Make decoded image data purgeable ASAP.
        <https://webkit.org/b/140298>

        Reviewed by Antti Koivisto.

        Mark decoded images as "transient" which makes CoreGraphics mark
        the backing stores as purgeable shortly after they're used.

        The decoded representation will remain in CoreGraphics's caches
        indefinitely unless the kernel gets starved and needs the pages.

        Most resources will now reach a state where the encoded data is
        mmap'ed from disk cache (once the entire resource is downloaded)
        and the decoded data is purgeable.

        This also has the side effect of making the MemoryCache more
        palatial since the decoded data cost can be deducted for images,
        allowing us to cache more resources.

        Note that the worst case for this new behavior would be something
        like hovering below 100% memory utilization and constantly having
        to drop and re-decode images. While churny, it still beats
        crashing the process, plus there's tiling to remove many of the
        reasons we'd need the decoded data.

        * platform/graphics/cg/ImageSourceCG.cpp:
        (WebCore::ImageSource::createFrameAtIndex):

2015-01-09  Gwang Yoon Hwang  <yoon@igalia.com>

        Rename GraphicsLayerAnimation to TextureMapperAnimation
        https://bugs.webkit.org/show_bug.cgi?id=140296

        Reviewed by Martin Robinson.

        GraphicsLayerAnimation is only used by TextureMapper and CoordinatedGraphics.
        This should be placed in the platform/graphics/texmap.
        And this patch also changes its name to TextureMapperAnimation to remove ambiguity.

        No new tests because this is a simply refactoring.

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::addAnimation):
        (WebCore::GraphicsLayerTextureMapper::setAnimations):
        * platform/graphics/texmap/GraphicsLayerTextureMapper.h:
        * platform/graphics/texmap/TextureMapperAnimation.cpp: Renamed from Source/WebCore/platform/graphics/GraphicsLayerAnimation.cpp.
        * platform/graphics/texmap/TextureMapperAnimation.h: Renamed from Source/WebCore/platform/graphics/GraphicsLayerAnimation.h.
        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::setAnimations):
        * platform/graphics/texmap/TextureMapperLayer.h:
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::addAnimation):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsState.h:

2015-01-09  Antti Koivisto  <antti@apple.com>

        FontCache should only deal with SimpleFontData
        https://bugs.webkit.org/show_bug.cgi?id=140293

        Reviewed by Andreas Kling.

        FontCache::fontForFamilyAtIndex hands out FontData objects and calls to FontSelector. That sort
        of code does not belong to the cache layer. Move the functionality up to FontGlyphs.

        * platform/graphics/Font.cpp:
        (WebCore::Font::operator==):
        (WebCore::Font::drawText):
        (WebCore::Font::drawEmphasisMarks):
        (WebCore::Font::isLoadingCustomFonts):
        * platform/graphics/Font.h:
        (WebCore::Font::loadingCustomFonts): Deleted.
        * platform/graphics/FontCache.cpp:
        (WebCore::FontCache::similarFontPlatformData):

            Generic null implementation to reduce #ifs.

        (WebCore::FontCache::fontForFamilyAtIndex): Deleted.
        * platform/graphics/FontCache.h:

            Unfriend FontGlyphs.

        * platform/graphics/FontGlyphs.cpp:
        (WebCore::FontGlyphs::FontGlyphs):
        (WebCore::FontGlyphs::isLoadingCustomFonts):

            We can figure thus out cheaply without caching a bit.

        (WebCore::realizeNextFamily):
        (WebCore::FontGlyphs::realizeFontDataAt):

            Reorganize a bit to make the logic clearer.
            Get rid of the strange cAllFamiliesScanned constant.

        (WebCore::FontGlyphs::glyphDataForVariant):
        (WebCore::FontGlyphs::glyphDataForNormalVariant):

            Loop until null, that always works.

        * platform/graphics/FontGlyphs.h:
        (WebCore::FontGlyphs::loadingCustomFonts): Deleted.
        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::FontCache::similarFontPlatformData):
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::FontCache::similarFontPlatformData):
        * platform/graphics/mac/FontMac.mm:
        (WebCore::Font::dashesForIntersectionsWithRect):

2015-01-09  Csaba Osztrogonác  <ossy@webkit.org>

        REGRESSION(r177925): It broke the !ENABLE(INSPECTOR) build
        https://bugs.webkit.org/show_bug.cgi?id=140098

        Reviewed by Brian Burg.

        * inspector/InspectorInstrumentationCookie.cpp: Removed ENABLE(INSPECTOR) guard,
        becaue InspectorInstrumentationCookie is used everywhere unconditionally.
        * inspector/InspectorInstrumentationCookie.h: Removed ENABLE(INSPECTOR) guard.
        * loader/appcache/ApplicationCacheGroup.h: Removed ENABLE(INSPECTOR) guard around
        m_currentResourceIdentifier, because it is used unconditionally in the cpp.

2015-01-09  Byungseon Shin  <sun.shin@lge.com>

        [EFL] Fix crash introduced in r178029
        https://bugs.webkit.org/show_bug.cgi?id=140289

        Reviewed by Martin Robinson.

        Clearing childClippingMaskLayer of CoordinatedGraphics should be called
        before clearing childClippingLayer.

        No new tests, covered by existing tests.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::~RenderLayerBacking):

2015-01-08  Enrica Casucci  <enrica@apple.com>

        [iOS] Cannot paste an image URL in a plain text field in a page.
        https://bugs.webkit.org/show_bug.cgi?id=140274
        rdar://problem/18590809

        Reviewed by Alexey Proskuryakov.

        When we want to get plain text from the pasteboard, we
        should also try kUTTypeURL if there is no kUTTypeText available.

        * WebCore.exp.in:
        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::read):
        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::readString):

2015-01-09  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r178154, r178163, and r178164.
        https://bugs.webkit.org/show_bug.cgi?id=140292

        Still multiple assertion failures on tests (Requested by ap on
        #webkit).

        Reverted changesets:

        "Modernize and streamline HTMLTokenizer"
        https://bugs.webkit.org/show_bug.cgi?id=140166
        http://trac.webkit.org/changeset/178154

        "Unreviewed speculative buildfix after r178154."
        http://trac.webkit.org/changeset/178163

        "One more unreviewed speculative buildfix after r178154."
        http://trac.webkit.org/changeset/178164

2015-01-09  Bartlomiej Gajda  <b.gajda@samsung.com>

        [MSE] Implement Append Window support.
        https://bugs.webkit.org/show_bug.cgi?id=139861

        Reviewed by Jer Noble.

        Implement Append Windows support for SourceBuffer as per spec.
        Also change order in idl to match spec order.

        Test: media/media-source/media-source-append-buffer-with-append-window.html

        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::SourceBuffer):
        (WebCore::SourceBuffer::appendWindowStart):
        (WebCore::SourceBuffer::setAppendWindowStart):
        (WebCore::SourceBuffer::appendWindowEnd):
        (WebCore::SourceBuffer::setAppendWindowEnd):
        (WebCore::SourceBuffer::abort):
        (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):
        * Modules/mediasource/SourceBuffer.h:
        * Modules/mediasource/SourceBuffer.idl:

2015-01-09  Chris Fleizach  <cfleizach@apple.com>

        AX: Crash at -[WebAccessibilityObjectWrapperBase accessibilityTitle] + 31
        https://bugs.webkit.org/show_bug.cgi?id=140286

        Reviewed by Mario Sanchez Prada.

        This is crashing because AppKit is checking if certain method names like "accessibilityTitle" exist,
        and then it bypasses accessibilityAttributeValue: to call directly into those methods.

        That bypasses are safety checks. I think a safe way to avoid this is rename our methods.

        No new tests, problem only occurs when triggered through AppKit.

        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper accessibilityLabel]):
        (-[WebAccessibilityObjectWrapper accessibilityHint]):
        * accessibility/mac/WebAccessibilityObjectWrapperBase.h:
        * accessibility/mac/WebAccessibilityObjectWrapperBase.mm:
        (-[WebAccessibilityObjectWrapperBase baseAccessibilityTitle]):
        (-[WebAccessibilityObjectWrapperBase baseAccessibilityDescription]):
        (-[WebAccessibilityObjectWrapperBase baseAccessibilityHelpText]):
        (-[WebAccessibilityObjectWrapperBase accessibilityTitle]): Deleted.
        (-[WebAccessibilityObjectWrapperBase accessibilityDescription]): Deleted.
        (-[WebAccessibilityObjectWrapperBase accessibilityHelpText]): Deleted.
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

2015-01-06  Philippe Normand  <pnormand@igalia.com>

        [GStreamer][MSE] ASSERT in MediaSourceClientGStreamer::addSourceBuffer
        https://bugs.webkit.org/show_bug.cgi?id=140119

        Reviewed by Carlos Garcia Campos.

        * platform/graphics/gstreamer/WebKitMediaSourceGStreamer.cpp:
        (WebCore::MediaSourceClientGStreamer::addSourceBuffer): Use a raw
        pointer for the ghost pad, its reference is then taken once attached
        to the parent element.

2015-01-09  Zan Dobersek  <zdobersek@igalia.com>

        After r178166, ANGLE's EGL/GLES/GLES2 headers are included before the
        system-default headers because the Source/ThirdParty/ANGLE/include
        directory is searched through. This shouldn't be the case for ports
        which want to use system-default headers and are searching for them
        explicitly. To avoid that, OPENGL_INCLUDE_DIR or OPENGLES2_INCLUDE_DIR
        should be added to WebCore_INCLUDE_DIRECTORIES before ANGLE directories.

        Rubber-stamped by Carlos Garcia Campos.

        * CMakeLists.txt:

2015-01-09  Carlos Garcia Campos  <cgarcia@igalia.com>

        Use angle-bracket form to include external headers in WebCore
        https://bugs.webkit.org/show_bug.cgi?id=140288

        Reviewed by Žan Doberšek.

        * CMakeLists.txt:
        * platform/graphics/GraphicsContext.cpp:
        * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
        * platform/graphics/harfbuzz/HarfBuzzFace.cpp:
        * platform/graphics/harfbuzz/HarfBuzzFaceCoreText.cpp:
        * platform/graphics/harfbuzz/HarfBuzzShaper.cpp:
        * platform/graphics/mac/GraphicsContext3DMac.mm:
        * platform/graphics/opengl/Extensions3DOpenGL.cpp:
        * platform/graphics/win/GraphicsContext3DWin.cpp:
        * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
        * platform/image-decoders/png/PNGImageDecoder.cpp:
        * platform/image-decoders/webp/WEBPImageDecoder.cpp:
        * platform/image-encoders/JPEGImageEncoder.cpp:
        * platform/image-encoders/PNGImageEncoder.cpp:
        * platform/text/TextEncodingDetectorICU.cpp:

2015-01-09  Csaba Osztrogonác  <ossy@webkit.org>

        One more unreviewed speculative buildfix after r178154.

        * xml/parser/CharacterReferenceParserInlines.h:
        (WebCore::consumeCharacterReference): Remove highestValidCharacter too, it became unused after r178163.

2015-01-08  Csaba Osztrogonác  <ossy@webkit.org>

        Unreviewed speculative buildfix after r178154.

        * xml/parser/CharacterReferenceParserInlines.h:
        (WebCore::consumeCharacterReference): Remove unused overflow variable.

2015-01-08  Darin Adler  <darin@apple.com>

        Remove strange CharacterData::dataImpl function
        https://bugs.webkit.org/show_bug.cgi?id=140115

        Reviewed by Anders Carlsson.

        Every call site could just use the data function instead.

        * dom/CharacterData.h:
        (WebCore::CharacterData::dataImpl): Deleted.

        * dom/Text.cpp:
        (WebCore::Text::splitText): Use data instead of dataImpl.
        (WebCore::Text::createTextRenderer): Ditto.

        * rendering/RenderCombineText.cpp:
        (WebCore::RenderCombineText::RenderCombineText): Updated to take
        const String&. We missed this class when RenderText changed.
        * rendering/RenderCombineText.h: Ditto.

        * style/StyleResolveTree.cpp:
        (WebCore::Style::updateTextRendererAfterContentChange): Use data.

2015-01-08  Chris Dumez  <cdumez@apple.com>

        ASSERTION FAILED: !valueWithCalculation.calculation() in WebCore::CSSParser::validateCalculationUnit
        https://bugs.webkit.org/show_bug.cgi?id=140251

        Reviewed by Darin Adler.

        Using a calculated value for text-shadow's blur-radius was hitting an
        assertion in CSSParser::validateCalculationUnit() because validUnit()
        is called twice, first with 'FLength' unit, then more stricly with
        'FLength|FNonNeg' if parsing the blur-radius as it cannot be negative
        as per the specification:
        - http://dev.w3.org/csswg/css-text-decor-3/#text-shadow-property
        - http://dev.w3.org/csswg/css-backgrounds-3/#shadow

        On the second call, the ValueWithCalculation's m_calculation member
        was already initialized and the code did not handle this. This patch
        updates validateCalculationUnit() to teach it to reuse the previously
        parsed calculation in this case. All it needs to do is to update the
        existing CSSCalcValue's range to allow negative values or not.

        When writing the layout test for this, I also noticed that the CSS
        parser was not rejecting negative calculated values for blur-radius
        (only negative non-calculated ones). This is because
        validateCalculationUnit() was ignoring FNonNeg if the calculated
        value is a Length. This patch also addresses the issue.

        Test: fast/css/text-shadow-calc-value.html

        * css/CSSCalculationValue.h:
        (WebCore::CSSCalcValue::setPermittedValueRange):
        Add a setter to update the CSSCalculationValue's permitted value range
        so that the CSS parser does not need to fully reparse the calculation
        only to update the permitted value range.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::validateCalculationUnit):
        - Teach the code to reuse the previously parsed calculation value.
        - Do the FNonNeg check for Length calculations as well.

2015-01-08  Darin Adler  <darin@apple.com>

        Modernize and streamline HTMLTokenizer
        https://bugs.webkit.org/show_bug.cgi?id=140166

        Reviewed by Sam Weinig.

        * html/parser/AtomicHTMLToken.h:
        (WebCore::AtomicHTMLToken::initializeAttributes): Removed unneeded assertions
        based on fields I removed.

        * html/parser/HTMLDocumentParser.cpp:
        (WebCore::HTMLDocumentParser::HTMLDocumentParser): Change to use updateStateFor
        to set the initial state when parsing a fragment, since it implements the same
        rule taht the tokenizerStateForContextElement function did.
        (WebCore::HTMLDocumentParser::pumpTokenizer): Updated to use the revised
        interfaces for HTMLSourceTracker and HTMLTokenizer.
        (WebCore::HTMLDocumentParser::constructTreeFromHTMLToken): Changed to take a
        TokenPtr instead of an HTMLToken, so we can clear out the TokenPtr earlier
        for non-character tokens, and let them get cleared later for character tokens.
        (WebCore::HTMLDocumentParser::insert): Pass references.
        (WebCore::HTMLDocumentParser::append): Ditto.
        (WebCore::HTMLDocumentParser::appendCurrentInputStreamToPreloadScannerAndScan): Ditto.

        * html/parser/HTMLDocumentParser.h: Updated argument type for constructTreeFromHTMLToken
        and removed now-unneeded m_token data members.

        * html/parser/HTMLEntityParser.cpp: Removed unneeded uses of the inline keyword.
        (WebCore::HTMLEntityParser::consumeNamedEntity): Replaced two uses of
        advanceAndASSERT with just plain advance; there's really no need to assert the
        character is the one we just got out of the string.

        * html/parser/HTMLInputStream.h: Moved the include of TextPosition.h here from
        its old location since this class has two data members that are OrdinalNumber.

        * html/parser/HTMLMetaCharsetParser.cpp:
        (WebCore::HTMLMetaCharsetParser::HTMLMetaCharsetParser): Removed most of the
        initialization, since it's now done by defaults.
        (WebCore::extractCharset): Rewrote this to be a non-member function, and to
        use a for loop, and to handle quote marks in a simpler way. Also changed it
        to return a StringView so we don't have to allocate a new string.
        (WebCore::HTMLMetaCharsetParser::processMeta): Use a modern for loop, and
        also take a token argument since it's no longer a data member.
        (WebCore::HTMLMetaCharsetParser::encodingFromMetaAttributes): Use a modern for
        loop, StringView instead of string, and don't bother naming the local enum.
        (WebCore::HTMLMetaCharsetParser::checkForMetaCharset): Updated for the new
        way of getting tokens from the tokenizer.

        * html/parser/HTMLMetaCharsetParser.h: Got rid of some data members and
        tightened up the formatting a little. Don't bother allocating the tokenizer
        on the heap.

        * html/parser/HTMLPreloadScanner.cpp:
        (WebCore::TokenPreloadScanner::TokenPreloadScanner): Removed unneeded
        initialization.
        (WebCore::HTMLPreloadScanner::HTMLPreloadScanner): Ditto.
        (WebCore::HTMLPreloadScanner::scan): Changed to take a reference.

        * html/parser/HTMLPreloadScanner.h: Removed unneeded includes, typedefs,
        and forward declarations. Removed explicit declaration of the destructor,
        since the default one works. Removed unused createCheckpoint and rewindTo
        functions. Gave initial values for various data members. Marked the device
        scale factor const beacuse it's set in the constructor and never changed.
        Also removed the unneeded isSafeToSendToAnotherThread.

        * html/parser/HTMLResourcePreloader.cpp:
        (WebCore::PreloadRequest::isSafeToSendToAnotherThread): Deleted.

        * html/parser/HTMLResourcePreloader.h:
        (WebCore::PreloadRequest::PreloadRequest): Removed unneeded calls to
        isolatedCopy. Also removed isSafeToSendToAnotherThread.

        * html/parser/HTMLSourceTracker.cpp:
        (WebCore::HTMLSourceTracker::startToken): Renamed. Changed to keep state
         in the source tracker itself, not the token.
        (WebCore::HTMLSourceTracker::endToken): Ditto.
        (WebCore::HTMLSourceTracker::source): Renamed. Changed to use the state
        from the source tracker.

        * html/parser/HTMLSourceTracker.h: Removed unneeded include of HTMLToken.h.
        Renamed functions, removed now-unneeded comment.

        * html/parser/HTMLToken.h: Cut down on the fields used by the source tracker.
        It only needs to know the start and end of each attribute, not each part of
        each attribute. Removed setBaseOffset, setEndOffset, length, addNewAttribute,
        beginAttributeName, endAttributeName, beginAttributeValue, endAttributeValue,
        m_baseOffset and m_length. Added beginAttribute and endAttribute.
        (WebCore::HTMLToken::clear): No need to zero m_length or m_baseOffset any more.
        (WebCore::HTMLToken::length): Deleted.
        (WebCore::HTMLToken::setBaseOffset): Deleted.
        (WebCore::HTMLToken::setEndOffset): Deleted.
        (WebCore::HTMLToken::beginStartTag): Only null out m_currentAttribute if we
        are compiling in assertions.
        (WebCore::HTMLToken::beginEndTag): Ditto.
        (WebCore::HTMLToken::addNewAttribute): Deleted.
        (WebCore::HTMLToken::beginAttribute): Moved the code from addNewAttribute in
        here and set the start offset.
        (WebCore::HTMLToken::beginAttributeName): Deleted.
        (WebCore::HTMLToken::endAttributeName): Deleted.
        (WebCore::HTMLToken::beginAttributeValue): Deleted.
        (WebCore::HTMLToken::endAttributeValue): Deleted.

        * html/parser/HTMLTokenizer.cpp:
        (WebCore::HTMLToken::endAttribute): Added. Sets the end offset.
        (WebCore::HTMLToken::appendToAttributeName): Updated assertion.
        (WebCore::HTMLToken::appendToAttributeValue): Ditto.
        (WebCore::convertASCIIAlphaToLower): Renamed from toLowerCase and changed
        so it's legal to call on lower case letters too.
        (WebCore::vectorEqualsString): Changed to take a string literal rather than
        a WTF::String.
        (WebCore::HTMLTokenizer::inEndTagBufferingState): Made this a member function.
        (WebCore::HTMLTokenizer::HTMLTokenizer): Updated for data member changes.
        (WebCore::HTMLTokenizer::bufferASCIICharacter): Added. Optimized version of
        bufferCharacter for the common case where we know the character is ASCII.
        (WebCore::HTMLTokenizer::bufferCharacter): Moved this function here from the
        header since it's only used inside the class.
        (WebCore::HTMLTokenizer::emitAndResumeInDataState): Moved this here, renamed
        it and removed the state argument.
        (WebCore::HTMLTokenizer::emitAndReconsumeInDataState): Ditto.
        (WebCore::HTMLTokenizer::emitEndOfFile): More of the same.
        (WebCore::HTMLTokenizer::saveEndTagNameIfNeeded): Ditto.
        (WebCore::HTMLTokenizer::haveBufferedCharacterToken): Ditto.
        (WebCore::HTMLTokenizer::flushBufferedEndTag): Updated since m_token is now
        the actual token, not just a pointer.
        (WebCore::HTMLTokenizer::flushEmitAndResumeInDataState): Renamed this and
        removed the state argument.
        (WebCore::HTMLTokenizer::processToken): This function, formerly nextToken,
        is now the internal function used by nextToken. Updated its contents to use
        simpler macros, changed code to set m_state when returning, rather than
        constantly setting it when cycling through states, switched style to use
        early return/goto rather than lots of else statements, took out unneeded
        braces now that BEGIN/END_STATE handles the braces, collapsed upper and
        lower case letter handling in many states, changed lookAhead call sites to
        use the new advancePast function instead.
        (WebCore::HTMLTokenizer::updateStateFor): Set m_state directly instead of
        calling a setstate function.
        (WebCore::HTMLTokenizer::appendToTemporaryBuffer): Moved here from header.
        (WebCore::HTMLTokenizer::temporaryBufferIs): Changed argument type to
        a literal instead of a WTF::String.
        (WebCore::HTMLTokenizer::appendToPossibleEndTag): Renamed and changed type
        to be a UChar instead of LChar, although all characters will be ASCII.
        (WebCore::HTMLTokenizer::isAppropriateEndTag): Marked const, and changed
        type from size_t to unsigned.

        * html/parser/HTMLTokenizer.h: Changed interface of nextToken so it returns
        a TokenPtr so code doesn't have to understand special rules about when to
        work with an HTMLToken and when to clear it. Made most functions private,
        and made the State enum private as well. Replaced the state and setState
        functions with more specific functions for the few states we need to deal
        with outside the class. Moved function bodies outside the class definition
        so it's easier to read the class definition.

        * html/parser/HTMLTreeBuilder.cpp:
        (WebCore::HTMLTreeBuilder::processStartTagForInBody): Updated to use the
        new set state functions instead of setState.
        (WebCore::HTMLTreeBuilder::processEndTag): Ditto.
        (WebCore::HTMLTreeBuilder::processGenericRCDATAStartTag): Ditto.
        (WebCore::HTMLTreeBuilder::processGenericRawTextStartTag): Ditto.
        (WebCore::HTMLTreeBuilder::processScriptStartTag): Ditto.

        * html/parser/InputStreamPreprocessor.h: Marked the constructor explicit,
        and mde it take a reference rather than a pointer.

        * html/parser/TextDocumentParser.cpp:
        (WebCore::TextDocumentParser::insertFakePreElement): Updated to use the
        new set state functions instead of setState.

        * html/parser/XSSAuditor.cpp:
        (WebCore::XSSAuditor::decodedSnippetForName): Updated for name change.
        (WebCore::XSSAuditor::decodedSnippetForAttribute): Updated for changes to
        attribute range tracking.
        (WebCore::XSSAuditor::decodedSnippetForJavaScript): Updated for name change.
        (WebCore::XSSAuditor::isSafeToSendToAnotherThread): Deleted.

        * html/parser/XSSAuditor.h: Deleted isSafeToSendToAnotherThread.

        * html/track/WebVTTTokenizer.cpp: Removed the local state variable from
        WEBVTT_ADVANCE_TO; there is no need for it.
        (WebCore::WebVTTTokenizer::WebVTTTokenizer): Use a reference instead of a
        pointer for the preprocessor.
        (WebCore::WebVTTTokenizer::nextToken): Ditto. Also removed the state local
        variable and the switch statement, replacing with labels instead since we
        go between states with goto.

        * platform/text/SegmentedString.cpp:
        (WebCore::SegmentedString::operator=): Changed the return type to be non-const
        to match normal C++ design rules.
        (WebCore::SegmentedString::pushBack): Renamed from prepend since this is not a
        general purpose prepend function. Also fixed assertions to not use the strangely
        named "escaped" function, since we are deleting it.
        (WebCore::SegmentedString::append): Ditto.
        (WebCore::SegmentedString::advancePastNonNewlines): Renamed from advance, since
        the function only works for non-newlines.
        (WebCore::SegmentedString::currentColumn): Got rid of unneeded local variable.
        (WebCore::SegmentedString::advancePastSlowCase): Moved here from header and
        renamed. This function now consumes the characters if they match.

        * platform/text/SegmentedString.h: Made the changes mentioned above.
        (WebCore::SegmentedString::excludeLineNumbers): Deleted.
        (WebCore::SegmentedString::advancePast): Renamed from lookAhead. Also changed
        behavior so the characters are consumed.
        (WebCore::SegmentedString::advancePastIgnoringCase): Ditto.
        (WebCore::SegmentedString::advanceAndASSERT): Deleted.
        (WebCore::SegmentedString::advanceAndASSERTIgnoringCase): Deleted.
        (WebCore::SegmentedString::escaped): Deleted.

        * xml/parser/CharacterReferenceParserInlines.h:
        (WebCore::isHexDigit): Deleted.
        (WebCore::unconsumeCharacters): Updated for name change.
        (WebCore::consumeCharacterReference): Removed unneeded name for local enum,
        renamed local variable "cc" to character. Changed code to use helpers like
        isASCIIAlpha and toASCIIHexValue. Removed unneeded use of advanceAndASSERT,
        since we don't really need to assert the character we just extracted.

        * xml/parser/MarkupTokenizerInlines.h:
        (WebCore::isTokenizerWhitespace): Renamed argument to character.
        (WebCore::advanceStringAndASSERTIgnoringCase): Deleted.
        (WebCore::advanceStringAndASSERT): Deleted.
        Changed all the macro implementations so they set m_state only when
        returning from the function and just use goto inside the state machine.

2015-01-08  Benjamin Poulain  <benjamin@webkit.org>

        Build fix after r178151

        * contentextensions/DFA.cpp:
        (WebCore::ContentExtensions::DFA::actions):

2015-01-08  Benjamin Poulain  <benjamin@webkit.org>

        [WK2] Start a prototype for declarative site specific extensions
        https://bugs.webkit.org/show_bug.cgi?id=140160

        Reviewed by Andreas Kling.

        Currently, clients have various ways to execute custom code for certain URLs.
        Each of those mechanism implies messaging the UIProcess, executing some code
        calling back to the WebProcess, then actually load the resource.
        All this back and forth introduces delays before we actually load resources.

        Since the set of actions is done per site is actually simple and limited,
        it may be possible to do everything in WebCore and shortcut the defered loading.

        This patch provides the starting point for this idea. The "rules" (currently just blocking)
        are be passed to WebCore in a JSON format. In WebCore, we create a state
        machine to match the rules and we execute the action when the state machine tells
        us to.

        * WebCore.exp.in:
        * WebCore.xcodeproj/project.pbxproj:
        * contentextensions/ContentExtensionRule.cpp: Copied from Source/WebKit2/UIProcess/API/Cocoa/WKProcessPoolPrivate.h.
        (WebCore::ContentExtensions::ContentExtensionRule::ContentExtensionRule):
        * contentextensions/ContentExtensionRule.h: Copied from Source/WebKit2/UIProcess/API/Cocoa/WKProcessPoolPrivate.h.
        (WebCore::ContentExtensions::ContentExtensionRule::trigger):
        (WebCore::ContentExtensions::ContentExtensionRule::action):
        * contentextensions/ContentExtensionsBackend.cpp: Added.
        (WebCore::ContentExtensions::ContentExtensionsBackend::sharedInstance):
        (WebCore::ContentExtensions::ContentExtensionsBackend::setRuleList):
        (WebCore::ContentExtensions::ContentExtensionsBackend::removeRuleList):
        (WebCore::ContentExtensions::ContentExtensionsBackend::shouldBlockURL):
        * contentextensions/ContentExtensionsBackend.h: Added.
        * contentextensions/ContentExtensionsInterface.cpp: Copied from Source/WebKit2/UIProcess/API/Cocoa/WKProcessPoolPrivate.h.
        (WebCore::ContentExtensions::shouldBlockURL):
        * contentextensions/ContentExtensionsInterface.h: Copied from Source/WebKit2/UIProcess/API/Cocoa/WKProcessPoolPrivate.h.
        * contentextensions/ContentExtensionsManager.cpp: Added.
        (WebCore::ContentExtensions::ExtensionsManager::loadTrigger):
        (WebCore::ContentExtensions::ExtensionsManager::loadAction):
        (WebCore::ContentExtensions::ExtensionsManager::loadRule):
        (WebCore::ContentExtensions::ExtensionsManager::loadExtension):
        * contentextensions/ContentExtensionsManager.h: Copied from Source/WebKit2/UIProcess/API/Cocoa/WKProcessPoolPrivate.h.
        * contentextensions/DFA.cpp: Added.
        (WebCore::ContentExtensions::DFA::DFA):
        (WebCore::ContentExtensions::DFA::operator=):
        (WebCore::ContentExtensions::DFA::nextState):
        (WebCore::ContentExtensions::DFA::actions):
        (WebCore::ContentExtensions::DFA::debugPrintDot):
        * contentextensions/DFA.h: Copied from Source/WebKit2/UIProcess/API/Cocoa/WKProcessPoolPrivate.h.
        (WebCore::ContentExtensions::DFA::root):
        * contentextensions/DFANode.h: Copied from Source/WebKit2/UIProcess/API/Cocoa/WKProcessPoolPrivate.h.
        * contentextensions/NFA.cpp: Added.
        (WebCore::ContentExtensions::NFA::NFA):
        (WebCore::ContentExtensions::NFA::createNode):
        (WebCore::ContentExtensions::NFA::addTransition):
        (WebCore::ContentExtensions::NFA::addEpsilonTransition):
        (WebCore::ContentExtensions::NFA::setFinal):
        (WebCore::ContentExtensions::NFA::debugPrintDot):
        * contentextensions/NFA.h: Copied from Source/WebKit2/UIProcess/API/Cocoa/WKProcessPoolPrivate.h.
        (WebCore::ContentExtensions::NFA::root):
        * contentextensions/NFANode.cpp: Copied from Source/WebKit2/UIProcess/API/Cocoa/WKProcessPoolPrivate.h.
        (WebCore::ContentExtensions::NFANode::NFANode):
        * contentextensions/NFANode.h: Copied from Source/WebKit2/UIProcess/API/Cocoa/WKProcessPoolPrivate.h.
        * contentextensions/NFAToDFA.cpp: Added.
        (WebCore::ContentExtensions::epsilonClosure):
        (WebCore::ContentExtensions::setTransitionsExcludingEpsilon):
        (WebCore::ContentExtensions::HashableNodeIdSet::HashableNodeIdSet):
        (WebCore::ContentExtensions::HashableNodeIdSet::operator=):
        (WebCore::ContentExtensions::HashableNodeIdSet::isEmptyValue):
        (WebCore::ContentExtensions::HashableNodeIdSet::isDeletedValue):
        (WebCore::ContentExtensions::HashableNodeIdSet::nodeIdSet):
        (WebCore::ContentExtensions::HashableNodeIdSetHash::hash):
        (WebCore::ContentExtensions::HashableNodeIdSetHash::equal):
        (WebCore::ContentExtensions::addDFAState):
        (WebCore::ContentExtensions::NFAToDFA::convert):
        * contentextensions/NFAToDFA.h: Copied from Source/WebKit2/UIProcess/API/Cocoa/WKProcessPoolPrivate.h.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):

2015-01-08  Benjamin Poulain  <bpoulain@apple.com>

        Make better use of the stack when compiling selectors
        https://bugs.webkit.org/show_bug.cgi?id=139615
        rdar://problem/19226482

        Reviewed by Andreas Kling.

        Selectors used to be only on one level. To avoid memory allocations, we were allocating
        a lot of stack upfront and we were using that to create all the intermediary objects
        used by the code generator.

        Then, selectors became multilevel. We now support arbitrary nesting of selector lists.

        We did not adapt any of the structures and the creation of the intermediary object is recursive.
        This resulted in over 1k of stack allocation at every level, quickly accumulating to unreasonable
        numbers.

        This patch fixes this problem by making each stack frame of the recursion much lighter.
        We no longer allocate the big objects (SelectorFragment and SelectorFragmentList) on the stack.

        In each case where we would have used a Stack allocated SelectorFragment or SelectorFragmentList,
        we now allocate the memory directly into the target vector.

        In the cases where the object should not be on the vector, we simply remove it. Those are uncommon
        cases so that should not be too bad.

        Tests: fast/selectors/matches-selector-list-ending-with-never-matching-selectors.html
               fast/selectors/not-selector-list-ending-with-never-matching-selectors.html
               fast/selectors/nth-child-of-selector-list-ending-with-never-matching-selectors.html
               fast/selectors/nth-last-child-of-selector-list-ending-with-never-matching-selectors.html

        * cssjit/SelectorCompiler.cpp:
        SelectorFragmentList is also used for nested lists. Keeping 32 SelectorFragment preallocated
        for each nested list is way too big.

        (WebCore::SelectorCompiler::addPseudoClassType):
        There are three cases of nested selector lists supported by the compiler: :matches(), :not()
        and :nth-child(). For those 3 cases, use the target vector memory instead of the stack.

        (WebCore::SelectorCompiler::constructFragmentsInternal):
        (WebCore::SelectorCompiler::constructFragments):
        Make sure we do not modify the input list on failure since it may be reused.

        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatchesSelectorList):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatchesMatchesPseudoClass):
        I changed the handling of :nth-child(An+B of selectorList) to not generate empty filters.
        With that we can generalize the assertion to generateElementMatchesSelectorList() and simplify
        the flow of selector lists a bit.

2015-01-08  Chris Dumez  <cdumez@apple.com>

        Move '-webkit-font-feature-settings' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=140267

        Reviewed by Andreas Kling.

        Move '-webkit-font-feature-settings' CSS property to the new
        StyleBuilder.

        * css/CSSPropertyNames.in:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertFontFeatureSettings):
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInitialWebkitFontFeatureSettings):
        (WebCore::StyleBuilderCustom::applyInheritWebkitFontFeatureSettings):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):
        * platform/graphics/FontDescription.cpp:
        (WebCore::FontDescription::makeNormalFeatureSettings): Deleted.
        * platform/graphics/FontDescription.h:

2015-01-08  Brent Fulgham  <bfulgham@apple.com>

        [Win] Build fix after r178133.

        * platform/graphics/FontCache.h: Correct declaration of fontDataFromDescriptionAndLogFont
        * platform/graphics/SimpleFontData.h: We still need 'platformDestroy'
        * platform/graphics/mac/SimpleFontDataMac.mm:
        (WebCore::SimpleFontData::platformDestroy): Add stub back to prevent build break.
        * platform/graphics/win/FontCacheWin.cpp:
        (WebCore::FontCache::fontDataFromDescriptionAndLogFont): Correct signature.
        (WebCore::FontCache::lastResortFallbackFont): Correct '::' syntax.
        (WebCore::FontCache:lastResortFallbackFont): Deleted.

2015-01-08  Antti Koivisto  <antti@apple.com>

        Remove the concept of "retained" font
        https://bugs.webkit.org/show_bug.cgi?id=140246

        Reviewed by Darin Adler.

        FontCache currently maintains a secondary refcount for SimpleFontDatas. This is used to decide whether
        a font is considered inactive and is eligible for purging. This is confusing and complex.

        The new scheme in this patch considers fonts in font cache inactive if their refcount is 1 (they are
        owned by the cache only). This simplifies the code and gives similar behavior. Types that "retained" the
        font this way always also ref it.

        We also avoid unnecessarily removing fonts that wouldn't get deleted from the cache.

        Also modernized some names and code.

        * WebCore.exp.in:
        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::getFontData):
        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::getFontData):
        (WebCore::CSSFontSelector::getFallbackFontData):
        * platform/graphics/FontCache.cpp:
        (WebCore::fontPlatformDataCache):
        (WebCore::FontCache::getCachedFontPlatformData):
        (WebCore::cachedFonts):
        (WebCore::FontCache::fontForFamily):
        (WebCore::FontCache::fontDataForPlatformData):
        (WebCore::FontCache::purgeInactiveFontDataIfNeeded):
        (WebCore::FontCache::purgeInactiveFontData):
        (WebCore::FontCache::fontDataCount):
        (WebCore::FontCache::inactiveFontDataCount):
        (WebCore::FontCache::fontForFamilyAtIndex):
        (WebCore::FontCache::invalidate):
        (WebCore::FontCache::getCachedFontData): Deleted.
        (WebCore::FontCache::getNonRetainedLastResortFallbackFont): Deleted.
        (WebCore::FontCache::releaseFontData): Deleted.
        (WebCore::FontCache::getFontData): Deleted.
        * platform/graphics/FontCache.h:
        * platform/graphics/FontGlyphs.cpp:
        (WebCore::FontGlyphs::FontGlyphs):
        (WebCore::FontGlyphs::~FontGlyphs):
        (WebCore::FontGlyphs::realizeFontDataAt):
        (WebCore::FontGlyphs::releaseFontData): Deleted.
        * platform/graphics/FontGlyphs.h:
        (WebCore::FontGlyphs::~FontGlyphs): Deleted.
        * platform/graphics/SimpleFontData.cpp:
        (WebCore::SimpleFontData::~SimpleFontData):
        * platform/graphics/SimpleFontData.h:
        * platform/graphics/freetype/SimpleFontDataFreeType.cpp:
        (WebCore::SimpleFontData::platformDestroy): Deleted.
        * platform/graphics/mac/ComplexTextControllerCoreText.mm:
        (WebCore::ComplexTextController::collectComplexTextRunsForCharacters):
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::FontCache::systemFallbackForCharacters):
        (WebCore::FontCache::similarFontPlatformData):
        (WebCore::FontCache::lastResortFallbackFont):
        (WebCore::FontCache::getLastResortFallbackFont): Deleted.
        * platform/graphics/mac/SimpleFontDataMac.mm:
        (WebCore::SimpleFontData::platformCreateScaledFontData):
        (WebCore::SimpleFontData::platformDestroy): Deleted.

2015-01-08  Anders Carlsson  <andersca@apple.com>

        Remove AbstractSQLTransaction
        https://bugs.webkit.org/show_bug.cgi?id=140265

        Reviewed by Tim Horton.

        * Modules/webdatabase/AbstractSQLTransaction.h: Removed.
        * Modules/webdatabase/DatabaseBackend.cpp:
        * Modules/webdatabase/SQLTransaction.cpp:
        (WebCore::SQLTransaction::~SQLTransaction):
        * Modules/webdatabase/SQLTransaction.h:
        * Modules/webdatabase/SQLTransactionBackend.cpp:
        (WebCore::SQLTransactionBackend::create):
        (WebCore::SQLTransactionBackend::SQLTransactionBackend):
        * Modules/webdatabase/SQLTransactionBackend.h:
        * WebCore.xcodeproj/project.pbxproj:

2015-01-08  Brent Fulgham  <bfulgham@apple.com>

        [Win] Unreviewed build fix after r178124.

        Remove uses of the removed applicationChromeMode method.

        * rendering/RenderThemeWin.cpp:
        (WebCore::RenderThemeWin::getThemeData):
        (WebCore::RenderThemeWin::paintMenuList):

2015-01-08  Anders Carlsson  <andersca@apple.com>

        Remove AbstractSQLTransactionBackend
        https://bugs.webkit.org/show_bug.cgi?id=140227

        Reviewed by Darin Adler.

        * Modules/webdatabase/AbstractSQLTransaction.h:
        * Modules/webdatabase/AbstractSQLTransactionBackend.h: Removed.
        * Modules/webdatabase/SQLStatementBackend.cpp:
        * Modules/webdatabase/SQLTransaction.cpp:
        (WebCore::SQLTransaction::setBackend):
        * Modules/webdatabase/SQLTransaction.h:
        * Modules/webdatabase/SQLTransactionBackend.h:
        * WebCore.xcodeproj/project.pbxproj:

2015-01-08  Darin Adler  <darin@apple.com>

        ASSERTION FAILED: character != kEndOfFileMarker in WebCore::HTMLTokenizer::bufferCharacter
        https://bugs.webkit.org/show_bug.cgi?id=140179

        Reviewed by Anders Carlsson.

        Test: fast/parser/numeric-entities.html

        * html/parser/HTMLEntityParser.cpp:
        (WebCore::HTMLEntityParser::legalEntityFor): Merged adjustEntity logic in here.
        Since the type UChar32 is a signed integer, need to check for <= 0, not just 0.
        This <= change alone would have fixed the bug.

        * xml/parser/CharacterReferenceParserInlines.h:
        (WebCore::consumeCharacterReference): Added overflow checking when parsing hex
        and decimal character references. This change alone would also have fixed the
        bug, but in addition it makes overflow cases reliably generate replacement
        characters rather than ignoring the overflow and producing seemingly random
        characters. Test cases cover the original reported bug and other overflow cases.

2015-01-08  Dean Jackson  <dino@apple.com>

        Text not drawn or white-on-white for "Close Page"/"Go Back" button on safe browsing warning page
        https://bugs.webkit.org/show_bug.cgi?id=140232
        <rdar://problem/19371010>

        Reviewed by Anders Carlsson.

        We need to support default button styling even when application chrome
        mode is not enabled (it was a bit weird that this was exposed as a Setting
        anyway). We should render as a default button whenever content sets
        the proprietary -webkit-appearance. This means we don't need the
        applicationChromeMode setting.

        For normal Web content there should be no change in behavior.

        * page/Settings.in: Remove applicationChromeMode
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::isDefault): Don't test for the setting.

2015-01-08  Chris Dumez  <cdumez@apple.com>

        Unfriend StyleResolver and StyleBuilderCustom
        https://bugs.webkit.org/show_bug.cgi?id=140247

        Reviewed by Darin Adler.

        Stop marking StyleBuilderCustom as a friend of StyleResolver by
        refactoring the code a bit.

        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyValueFont):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyFont):
        * css/StyleResolver.h:
        (WebCore::StyleResolver::documentSettings):

2015-01-08  Gwang Yoon Hwang  <yoon@igalia.com>

        [CoordinatedGraphics] Update fixedVisibleContentRect only it is actually changed
        https://bugs.webkit.org/show_bug.cgi?id=140244

        Reviewed by Martin Robinson.

        CompositingCoordinator::setVisibleContentsRect already knows whether the
        rect has been changed. Therefore, there is no need to call
        FrameView::setFixedVisibleContentRect every time.

        No new tests, covered by existing tests.

        * platform/graphics/texmap/coordinated/CompositingCoordinator.cpp:
        (WebCore::CompositingCoordinator::setVisibleContentsRect):

2015-01-08  Carlos Garcia Campos  <cgarcia@igalia.com>

        REGRESSION(r177637) [HarfBuzz][GTK][EFL] It made 3 performance tests crash and +24 layout tests crashes/failures
        https://bugs.webkit.org/show_bug.cgi?id=139905

        Reviewed by Antti Koivisto.

        * platform/graphics/harfbuzz/HarfBuzzShaper.cpp:
        (WebCore::HarfBuzzShaper::collectHarfBuzzRuns): Fallback to
        primary font data for missing glyphs.

2015-01-08  Myles C. Maxfield  <mmaxfield@apple.com>

        Borders inside box-decoration-break: clone after a br do not contribute to line breaking
        https://bugs.webkit.org/show_bug.cgi?id=140238

        Reviewed by Darin Adler.

        When we iterate through renderers for line breaking, we determine which of the renderers
        is responsible for inserting its parent's border width. However, this determination didn't
        take a <br> and box-decoration-break: clone into account.

        Test: fast/box-decoration-break/box-decoration-break-clone-line-break.html

        * rendering/line/BreakingContextInlineHeaders.h:
        (WebCore::shouldAddBorderPaddingMargin):
        (WebCore::previousInFlowSibling): Clean up to use a do / while block.

2015-01-08  Gwang Yoon Hwang  <yoon@igalia.com>

        [GTK] Seperate updateBackingStore from flushCompositingState.
        https://bugs.webkit.org/show_bug.cgi?id=136887

        Reviewed by Žan Doberšek.

        When LayerTreeHostGtk flushes pending layer changes, it updates backing
        stores using same loop. This makes requesting layer flush during
        flushing in certain condition which causes a assertion failure.

        Animated GIF's animations are drived by the painting cycle,
        GraphicsLayerTextureMapper::updateBackingStoreIfNeeded would request
        scheduleLayerFlush during flushing layers, if animated GIF needs to
        advance its frame immediately. It doesn't mean the advanced frame should
        be painted in this painting phase. This frame advancing happens after
        painting a current frame to the backing store. It means the advanced
        frame should be painted ASAP without using its frame timer.

        This patch seperates updateBackingStore from flushCompositingState
        to avoid above behavior.

        No new tests. The bug is timing-dependent.

        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::flushCompositingStateForThisLayerOnly):
        (WebCore::toGraphicsLayerTextureMapper):
        (WebCore::GraphicsLayerTextureMapper::updateBackingStoreIncludingSubLayers):
        * platform/graphics/texmap/GraphicsLayerTextureMapper.h:

2015-01-07  Chris Dumez  <cdumez@apple.com>

        Move -webkit-tap-highlight-color / -webkit-overflow-scrolling / -webkit-touch-callout to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=140219

        Reviewed by Darin Adler.

        Move -webkit-tap-highlight-color / -webkit-overflow-scrolling /
        -webkit-touch-callout to the new StyleBuilder.

        * css/CSSGradientValue.cpp:
        (WebCore::CSSGradientValue::gradientWithStylesResolved):
        * css/CSSPropertyNames.in:
        * css/SVGCSSStyleSelector.cpp:
        (WebCore::StyleResolver::applySVGProperty):
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertTouchCallout):
        (WebCore::StyleBuilderConverter::convertTapHighlightColor):
        (WebCore::StyleBuilderConverter::convertOverflowScrolling):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):
        (WebCore::StyleResolver::colorFromPrimitiveValueIsDerivedFromElement):
        (WebCore::StyleResolver::colorFromPrimitiveValue):
        (WebCore::StyleResolver::createFilterOperations):
        * css/StyleResolver.h:

2015-01-07  Brian J. Burg  <burg@cs.washington.edu>

        Web Inspector: Editing Inline Styles Not Working
        https://bugs.webkit.org/show_bug.cgi?id=140239

        Reviewed by Joseph Pecoraro.

        Fix a regression introduced in r178060, where we no longer set
        m_ordinal in InspectorCSSId. The original refactoring should have
        passed m_ordinal. Fix this and introduce a sensible default value.

        * inspector/InspectorStyleSheet.h:
        (WebCore::InspectorCSSId::InspectorCSSId):

2015-01-07  Chris Dumez  <cdumez@apple.com>

        Assert should never be reached hit in WebCore::CSSCalcPrimitiveValue::doubleValue
        https://bugs.webkit.org/show_bug.cgi?id=140180

        Reviewed by Darin Adler.

        Add support for using floating-point angles with 'turn' unit, as per the
        specification:
        http://dev.w3.org/csswg/css-values-3/#angles

        Previously, we only supported integer values for the 'turn' unit even
        though other angle units (e.g. 'deg') handle floating-point values just
        fine. Trying to use a floating-point value with 'turn' unit would cause
        us to hit an assertion in CSSCalcPrimitiveValue::doubleValue().

        Also fix the support for angles in calc().
        CSSPrimitiveValue::computeDegrees() was accessing m_primitiveUnitType
        member directly, which would be incorrect in the case of calculated
        values. This patch switches to calling CSSPrimitiveValue::primitiveType()
        which handles calculated values.

        Test: fast/css/turn-angle-double.html

        * css/CSSCalculationValue.cpp:
        (WebCore::hasDoubleValue):
        * css/CSSPrimitiveValue.cpp:
        (WebCore::CSSPrimitiveValue::computeDegrees):

2015-01-07  Chris Dumez  <cdumez@apple.com>

        Move 'font' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=140181

        Reviewed by Darin Adler.

        Move 'font' CSS property to the new StyleBuilder.

2015-01-07  Chris Dumez  <cdumez@apple.com>

        Move '-webkit-dashboard-region' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=140204

        Reviewed by Darin Adler.

        Move '-webkit-dashboard-region' CSS property to the new StyleBuilder.

        * css/CSSPropertyNames.in:
        * css/StyleBuilderCustom.h:
        (WebCore::convertToIntLength):
        (WebCore::StyleBuilderCustom::applyValueWebkitDashboardRegion):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):
        (WebCore::convertToIntLength): Deleted.

2015-01-07  Said Abou-Hallawa  <sabouhallawa@apple.com>

        The ASCII decoding for non ASCII character is incorrect if this character comes after going through the fast decoding code path and before the end of the text by less than a machine word size of characters.
        https://bugs.webkit.org/show_bug.cgi?id=140173.

        Reviewed by Darin Adler.

        Tests: fast/encoding/char-after-fast-path-ascii-decoding.html.

        * platform/text/TextCodecLatin1.cpp:
        (WebCore::TextCodecLatin1::decode):
        This function has a bug when it goes through the fast decoding code path. After copying
        one or more all ASCII MachineWords from source to the destination, the following byte
        is copied as is from the source to the destination even if it is non ASCII byte. This
        causes the decoded bytes to be incorrect. The fix is to ensure that the current byte
        is still ASCII after exiting the fast decoding code path.
 
2015-01-07  Shivakumar JM  <shiva.jm@samsung.com>

        HTMLSelectElement and HTMLOptionsCollection add() method should support index as second argument.
        https://bugs.webkit.org/show_bug.cgi?id=139179

        Reviewed by Darin Adler.

        HTMLSelectElement and HTMLOptionsCollection add() method should support index as second argument as per specification
        http://www.w3.org/html/wg/drafts/html/master/forms.html#the-select-element.
        Also this matches the behavior of Chrome and FireFox.

        Tests: fast/dom/HTMLSelectElement/add.html
               fast/dom/HTMLSelectElement/options-collection-add.html

        * bindings/js/JSHTMLOptionsCollectionCustom.cpp:
        (WebCore::JSHTMLOptionsCollection::add): Deleted.
        * html/HTMLOptionsCollection.cpp:
        (WebCore::HTMLOptionsCollection::add):
        * html/HTMLOptionsCollection.h:
        * html/HTMLOptionsCollection.idl:
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::add):
        * html/HTMLSelectElement.h:
        * html/HTMLSelectElement.idl:

2015-01-07  Gwang Yoon Hwang  <yoon@igalia.com>

        [GTK][ThreadedCompositor] Add support for threaded compositor.
        https://bugs.webkit.org/show_bug.cgi?id=118265

        Reviewed by Martin Robinson.

        * PlatformGTK.cmake:
        Adds CoodinatedGraphics and threaded compositor related classes to
        support threaded compositor

        * platform/graphics/texmap/coordinated/CoordinatedTile.cpp:
        * platform/graphics/texmap/coordinated/CoordinatedTile.h:
        This class should be guarded by COORDINATED_GRAPHICS instead of
        TILED_BACKING_STORE

2015-01-07  Daniel Bates  <dabates@apple.com>

        [iOS] Make WebKit2 build with public iOS SDK and more build fixes for DRT
        https://bugs.webkit.org/show_bug.cgi?id=137371

        Reviewed by David Kilzer.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/spi/GraphicsServicesSPI.h: Added.
        * platform/spi/cocoa/QuartzCoreSPI.h: Add CALayer SPI property hitTestsAsOpaque.
        * platform/spi/cocoa/ServersSPI.h: Added.
2015-01-07  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r178068.
        https://bugs.webkit.org/show_bug.cgi?id=140235

        Breaks the iOS build (Requested by enrica on #webkit).

        Reverted changeset:

        "[iOS] Make WebKit2 build with public iOS SDK and more build
        fixes for DRT"
        https://bugs.webkit.org/show_bug.cgi?id=137371
        http://trac.webkit.org/changeset/178068

2015-01-07  Enrica Casucci  <enrica@apple.com>

        Can't copy URL for images and paste it into plain text fields.
        https://bugs.webkit.org/show_bug.cgi?id=140230
        rdar://problem/18736680

        Reviewed by Dan Bernstein.

        The incorrect objective C type was being written to the pasteboard.

        * platform/ios/PlatformPasteboardIOS.mm:
        (WebCore::PlatformPasteboard::write):

2015-01-07  Anders Carlsson  <andersca@apple.com>

        Fix build.

        * Modules/webdatabase/SQLStatementBackend.cpp:

2015-01-07  Daniel Bates  <dabates@apple.com>

        [iOS] Make WebKit2 build with public iOS SDK and more build fixes for DRT
        https://bugs.webkit.org/show_bug.cgi?id=137371

        Reviewed by David Kilzer.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/spi/GraphicsServicesSPI.h: Added.
        * platform/spi/cocoa/QuartzCoreSPI.h: Add CALayer SPI property hitTestsAsOpaque.
        * platform/spi/cocoa/ServersSPI.h: Added.
2015-01-07  Jaehun Lim  <ljaehun.lim@samsung.com>

        ASSERTION FAILED: !lengthOrPercentageValue.isUndefined() in WebCore::ApplyPropertyTextIndent::applyValue
        https://bugs.webkit.org/show_bug.cgi?id=130341

        Reviewed by Chris Dumez.

        Replace ASSERT() with 'if' statement because 'ex' unit length in <title> is not defined.

        Test: fast/css3-text/css3-text-indent/text-indent-crash-in-title.html

        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyValueTextIndent): Change ASSERT() to 'if' statement.

2015-01-07  Anders Carlsson  <andersca@apple.com>

        Remove AbstractSQLStatement
        https://bugs.webkit.org/show_bug.cgi?id=140223

        Reviewed by Sam Weinig.

        * Modules/webdatabase/AbstractSQLStatement.h: Removed.
        * Modules/webdatabase/AbstractSQLTransactionBackend.h:
        * Modules/webdatabase/SQLStatement.h:
        * Modules/webdatabase/SQLStatementBackend.cpp:
        (WebCore::SQLStatementBackend::create):
        (WebCore::SQLStatementBackend::SQLStatementBackend):
        (WebCore::SQLStatementBackend::frontend):
        * Modules/webdatabase/SQLStatementBackend.h:
        * Modules/webdatabase/SQLTransaction.cpp:
        (WebCore::SQLTransaction::deliverStatementCallback):
        * Modules/webdatabase/SQLTransactionBackend.cpp:
        (WebCore::SQLTransactionBackend::currentStatement):
        (WebCore::SQLTransactionBackend::executeSQL):
        * Modules/webdatabase/SQLTransactionBackend.h:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:

2015-01-07  Timothy Horton  <timothy_horton@apple.com>

        Manually-animated TextIndicator fades out blue selection if you click inside it
        https://bugs.webkit.org/show_bug.cgi?id=140224
        <rdar://problem/19317526>

        Reviewed by Beth Dakin.

        * page/mac/TextIndicatorWindow.mm:
        (-[WebTextIndicatorView hasCompletedAnimation]):
        (WebCore::TextIndicatorWindow::~TextIndicatorWindow):
        Avoid fading out the TextIndicator if the animation hadn't completed.
        Also, use wantsManualAnimation instead of duplicating the switch here.

2015-01-07  Anders Carlsson  <andersca@apple.com>

        Remove AbstractSQLStatementBackend
        https://bugs.webkit.org/show_bug.cgi?id=140222

        Reviewed by Sam Weinig.

        We're unlikely to fully take advantage of the SQL implementation being abstract anyway, so let's just simplify the code instead.

        * Modules/webdatabase/AbstractSQLStatement.h:
        * Modules/webdatabase/AbstractSQLStatementBackend.h: Removed.
        * Modules/webdatabase/SQLStatement.cpp:
        (WebCore::SQLStatement::setBackend):
        * Modules/webdatabase/SQLStatement.h:
        * Modules/webdatabase/SQLStatementBackend.cpp:
        (WebCore::SQLStatementBackend::~SQLStatementBackend):
        * Modules/webdatabase/SQLStatementBackend.h:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:

2015-01-07  Brian J. Burg  <burg@cs.washington.edu>

        Web Inspector: purge PassRefPtr from Inspector code and use Ref for typed and untyped protocol objects
        https://bugs.webkit.org/show_bug.cgi?id=140053

        Reviewed by Andreas Kling.

        This patch replaces uses of PassRefPtr with uses of RefPtr&& and WTF::move() in code
        related to Web Inspector. It also converts many uses of RefPtr to Ref where
        references are always non-null. These two refactorings have been combined since
        they tend to require similar changes to the code.

        No new tests, no behavior changed.

        * Modules/webdatabase/DatabaseManager.cpp:
        (WebCore::DatabaseManager::openDatabase):
        * dom/Document.cpp:
        (WebCore::Document::logExceptionToConsole):
        (WebCore::Document::addMessage):
        * dom/Document.h:
        * dom/ScriptExecutionContext.cpp:
        (WebCore::ScriptExecutionContext::reportException):
        * dom/ScriptExecutionContext.h:
        * html/parser/XSSAuditorDelegate.cpp:
        (WebCore::XSSAuditorDelegate::generateViolationReport):
        * inspector/CommandLineAPIHost.cpp:
        (WebCore::CommandLineAPIHost::inspectImpl):
        * inspector/CommandLineAPIHost.h:
        * inspector/InspectorApplicationCacheAgent.cpp:
        (WebCore::InspectorApplicationCacheAgent::getFramesWithManifests):
        (WebCore::InspectorApplicationCacheAgent::buildObjectForApplicationCache):
        (WebCore::InspectorApplicationCacheAgent::buildArrayForApplicationCacheResources):
        (WebCore::InspectorApplicationCacheAgent::buildObjectForApplicationCacheResource):
        * inspector/InspectorApplicationCacheAgent.h:
        * inspector/InspectorCSSAgent.cpp:
        (WebCore::InspectorCSSAgent::getMatchedStylesForNode):
        (WebCore::InspectorCSSAgent::getComputedStyleForNode):
        (WebCore::InspectorCSSAgent::setStyleText):
        (WebCore::InspectorCSSAgent::setPropertyText):
        (WebCore::InspectorCSSAgent::toggleProperty):
        (WebCore::InspectorCSSAgent::setRuleSelector):
        (WebCore::InspectorCSSAgent::getSupportedCSSProperties):
        (WebCore::InspectorCSSAgent::forcePseudoState):
        (WebCore::InspectorCSSAgent::getNamedFlowCollection):
        (WebCore::InspectorCSSAgent::detectOrigin):
        (WebCore::InspectorCSSAgent::buildObjectForRule):
        (WebCore::InspectorCSSAgent::buildArrayForMatchedRuleList):
        (WebCore::InspectorCSSAgent::buildObjectForAttributesStyle):
        (WebCore::InspectorCSSAgent::buildArrayForRegions):
        (WebCore::InspectorCSSAgent::buildObjectForNamedFlow):
        * inspector/InspectorCSSAgent.h:
        * inspector/InspectorConsoleInstrumentation.h:
        (WebCore::InspectorInstrumentation::addMessageToConsole):
        (WebCore::InspectorInstrumentation::consoleCount):
        (WebCore::InspectorInstrumentation::stopConsoleTiming):
        (WebCore::InspectorInstrumentation::consoleTimeStamp):
        (WebCore::InspectorInstrumentation::stopProfiling):
        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::buildObjectForHighlightedNode):
        (WebCore::InspectorController::executionStopwatch):
        * inspector/InspectorController.h:
        * inspector/InspectorDOMAgent.cpp:
        (WebCore::parseColor):
        (WebCore::parseConfigColor):
        (WebCore::InspectorDOMAgent::pushNodePathToFrontend):
        (WebCore::InspectorDOMAgent::performSearch):
        (WebCore::InspectorDOMAgent::setInspectModeEnabled):
        (WebCore::InspectorDOMAgent::highlightRect):
        (WebCore::InspectorDOMAgent::highlightQuad):
        (WebCore::InspectorDOMAgent::innerHighlightQuad):
        (WebCore::InspectorDOMAgent::highlightNode):
        (WebCore::InspectorDOMAgent::highlightFrame):
        (WebCore::InspectorDOMAgent::buildObjectForNode):
        (WebCore::InspectorDOMAgent::buildArrayForElementAttributes):
        (WebCore::InspectorDOMAgent::buildArrayForContainerChildren):
        (WebCore::InspectorDOMAgent::buildObjectForEventListener):
        (WebCore::InspectorDOMAgent::processAccessibilityChildren):
        (WebCore::InspectorDOMAgent::buildObjectForAccessibilityProperties):
        (WebCore::InspectorDOMAgent::didCommitLoad):
        (WebCore::InspectorDOMAgent::didInsertDOMNode):
        (WebCore::InspectorDOMAgent::styleAttributeInvalidated):
        (WebCore::InspectorDOMAgent::resolveNode):
        * inspector/InspectorDOMAgent.h:
        * inspector/InspectorDOMDebuggerAgent.cpp:
        (WebCore::InspectorDOMDebuggerAgent::didInvalidateStyleAttr):
        (WebCore::InspectorDOMDebuggerAgent::willInsertDOMNode):
        (WebCore::InspectorDOMDebuggerAgent::willRemoveDOMNode):
        (WebCore::InspectorDOMDebuggerAgent::willModifyDOMAttr):
        (WebCore::InspectorDOMDebuggerAgent::descriptionForDOMEvent):
        (WebCore::InspectorDOMDebuggerAgent::pauseOnNativeEventIfNeeded):
        (WebCore::InspectorDOMDebuggerAgent::willSendXMLHttpRequest):
        * inspector/InspectorDOMDebuggerAgent.h:
        * inspector/InspectorDOMStorageAgent.cpp:
        (WebCore::InspectorDOMStorageAgent::getDOMStorageItems):
        (WebCore::InspectorDOMStorageAgent::setDOMStorageItem):
        (WebCore::InspectorDOMStorageAgent::removeDOMStorageItem):
        (WebCore::InspectorDOMStorageAgent::storageId):
        (WebCore::InspectorDOMStorageAgent::findStorageArea):
        * inspector/InspectorDOMStorageAgent.h:
        * inspector/InspectorDatabaseAgent.cpp: Use Ref for all callbacks since they are
        not nullable.
        (WebCore::InspectorDatabaseAgent::executeSQL):
        * inspector/InspectorDatabaseAgent.h:
        * inspector/InspectorDatabaseInstrumentation.h:
        (WebCore::InspectorInstrumentation::didOpenDatabase):
        * inspector/InspectorDatabaseResource.cpp:
        (WebCore::InspectorDatabaseResource::create):
        (WebCore::InspectorDatabaseResource::InspectorDatabaseResource):
        (WebCore::InspectorDatabaseResource::bind):
        * inspector/InspectorDatabaseResource.h:
        (WebCore::InspectorDatabaseResource::setDatabase):
        * inspector/InspectorFrontendHost.h:
        (WebCore::InspectorFrontendHost::create):
        * inspector/InspectorIndexedDBAgent.cpp: Use Ref for all callbacks since they are
        not nullable.
        (WebCore::InspectorIndexedDBAgent::requestDatabaseNames):
        (WebCore::InspectorIndexedDBAgent::requestDatabase):
        (WebCore::InspectorIndexedDBAgent::requestData):
        (WebCore::ClearObjectStoreListener::create):
        (WebCore::ClearObjectStoreListener::ClearObjectStoreListener):
        (WebCore::ClearObjectStore::create):
        (WebCore::ClearObjectStore::ClearObjectStore):
        (WebCore::InspectorIndexedDBAgent::clearObjectStore):
        * inspector/InspectorIndexedDBAgent.h:
        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::willLoadXHRImpl):
        (WebCore::InspectorInstrumentation::addMessageToConsoleImpl):
        (WebCore::InspectorInstrumentation::consoleCountImpl):
        (WebCore::InspectorInstrumentation::stopConsoleTimingImpl):
        (WebCore::InspectorInstrumentation::consoleTimeStampImpl):
        (WebCore::InspectorInstrumentation::stopProfilingImpl):
        (WebCore::InspectorInstrumentation::didOpenDatabaseImpl):
        (WebCore::InspectorInstrumentation::sessionCreatedImpl):
        (WebCore::InspectorInstrumentation::sessionLoadedImpl):
        (WebCore::InspectorInstrumentation::sessionModifiedImpl):
        (WebCore::InspectorInstrumentation::segmentCreatedImpl):
        (WebCore::InspectorInstrumentation::segmentCompletedImpl):
        (WebCore::InspectorInstrumentation::segmentLoadedImpl):
        (WebCore::InspectorInstrumentation::willLoadXHRSynchronouslyImpl): Deleted.
        (WebCore::InspectorInstrumentation::didLoadXHRSynchronouslyImpl): Deleted.
        (WebCore::InspectorInstrumentation::startProfilingImpl): Deleted.
        (WebCore::InspectorInstrumentation::didDispatchDOMStorageEventImpl): Deleted.
        (WebCore::InspectorInstrumentation::willEvaluateWorkerScript): Deleted.
        (WebCore::InspectorInstrumentation::captureStoppedImpl): Deleted.
        (WebCore::InspectorInstrumentation::playbackStartedImpl): Deleted.
        (WebCore::InspectorInstrumentation::playbackPausedImpl): Deleted.
        (WebCore::InspectorInstrumentation::playbackHitPositionImpl): Deleted.
        (WebCore::InspectorInstrumentation::playbackFinishedImpl): Deleted.
        (WebCore::InspectorInstrumentation::networkStateChangedImpl): Deleted.
        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::willLoadXHR):
        (WebCore::InspectorInstrumentation::sessionCreated):
        (WebCore::InspectorInstrumentation::sessionLoaded):
        (WebCore::InspectorInstrumentation::sessionModified):
        (WebCore::InspectorInstrumentation::segmentCreated):
        (WebCore::InspectorInstrumentation::segmentCompleted):
        (WebCore::InspectorInstrumentation::segmentLoaded):
        (WebCore::InspectorInstrumentation::documentThreadableLoaderStartedLoadingForClient): Deleted.
        (WebCore::InspectorInstrumentation::didSendWebSocketFrame): Deleted.
        * inspector/InspectorLayerTreeAgent.cpp:
        (WebCore::InspectorLayerTreeAgent::buildObjectForLayer):
        (WebCore::InspectorLayerTreeAgent::buildObjectForIntRect):
        (WebCore::InspectorLayerTreeAgent::reasonsForCompositingLayer):
        * inspector/InspectorLayerTreeAgent.h:
        * inspector/InspectorOverlay.cpp:
        (WebCore::buildObjectForPoint):
        (WebCore::buildObjectForRect):
        (WebCore::buildArrayForQuad):
        (WebCore::buildObjectForHighlight):
        (WebCore::buildObjectForRegionHighlight):
        (WebCore::buildObjectForCSSRegionsHighlight):
        (WebCore::buildObjectForSize):
        (WebCore::buildObjectForCSSRegionContentClip):
        (WebCore::InspectorOverlay::drawPaintRects):
        (WebCore::buildObjectForRendererFragments):
        (WebCore::buildObjectForShapeOutside):
        (WebCore::buildObjectForElementInfo):
        (WebCore::InspectorOverlay::buildObjectForHighlightedNode):
        (WebCore::InspectorOverlay::reset):
        (WebCore::InspectorOverlay::evaluateInOverlay):
        * inspector/InspectorOverlay.h:
        * inspector/InspectorPageAgent.cpp:
        (WebCore::createXHRTextDecoder):
        (WebCore::buildObjectForCookie):
        (WebCore::buildArrayForCookies):
        (WebCore::buildObjectForSearchResult):
        (WebCore::InspectorPageAgent::buildObjectForFrame):
        (WebCore::InspectorPageAgent::buildObjectForFrameTree):
        * inspector/InspectorPageAgent.h:
        * inspector/InspectorReplayAgent.cpp:
        (WebCore::buildInspectorObjectForPosition):
        (WebCore::buildInspectorObjectForInput):
        (WebCore::buildInspectorObjectForSession):
        (WebCore::buildInspectorObjectForSegment):
        (WebCore::InspectorReplayAgent::replayToPosition):
        (WebCore::InspectorReplayAgent::getSessionData):
        (WebCore::InspectorReplayAgent::getSegmentData):
        * inspector/InspectorReplayAgent.h:
        * inspector/InspectorResourceAgent.cpp:
        (WebCore::buildObjectForHeaders):
        (WebCore::buildObjectForTiming):
        (WebCore::buildObjectForResourceRequest):
        (WebCore::buildObjectForResourceResponse):
        (WebCore::buildObjectForCachedResource):
        (WebCore::InspectorResourceAgent::willLoadXHR):
        (WebCore::InspectorResourceAgent::buildInitiatorObject):
        (WebCore::InspectorResourceAgent::willSendWebSocketHandshakeRequest):
        (WebCore::InspectorResourceAgent::didReceiveWebSocketHandshakeResponse):
        (WebCore::InspectorResourceAgent::didReceiveWebSocketFrame):
        (WebCore::InspectorResourceAgent::didSendWebSocketFrame):
        (WebCore::InspectorResourceAgent::setExtraHTTPHeaders):
        (WebCore::InspectorResourceAgent::loadResource):
        (WebCore::InspectorResourceAgent::documentThreadableLoaderStartedLoadingForClient): Deleted.
        (WebCore::InspectorResourceAgent::didScheduleStyleRecalculation): Deleted.
        (WebCore::InspectorResourceAgent::disable): Deleted.
        (WebCore::InspectorResourceAgent::setCacheDisabled): Deleted.
        * inspector/InspectorResourceAgent.h:
        * inspector/InspectorStyleSheet.cpp:
        (ParsedStyleSheet::ruleSourceDataAt):
        (WebCore::buildSourceRangeObject):
        (WebCore::buildMediaObject):
        (WebCore::asCSSRuleList):
        (WebCore::fillMediaListChain):
        (WebCore::InspectorStyle::create):
        (WebCore::InspectorStyle::InspectorStyle):
        (WebCore::InspectorStyle::buildObjectForStyle):
        (WebCore::InspectorStyle::buildArrayForComputedStyle):
        (WebCore::InspectorStyle::styleWithProperties):
        (WebCore::InspectorStyle::extractSourceData):
        (WebCore::InspectorStyleSheet::create):
        (WebCore::InspectorStyleSheet::InspectorStyleSheet):
        (WebCore::InspectorStyleSheet::buildObjectForStyleSheet):
        (WebCore::InspectorStyleSheet::buildObjectForStyleSheetInfo):
        (WebCore::buildObjectForSelectorHelper):
        (WebCore::selectorsFromSource):
        (WebCore::InspectorStyleSheet::buildObjectForSelector):
        (WebCore::InspectorStyleSheet::buildObjectForSelectorList):
        (WebCore::InspectorStyleSheet::buildObjectForRule):
        (WebCore::InspectorStyleSheet::buildObjectForStyle):
        (WebCore::InspectorStyleSheet::toggleProperty):
        (WebCore::InspectorStyleSheet::inspectorStyleForId):
        (WebCore::InspectorStyleSheet::rememberInspectorStyle):
        (WebCore::InspectorStyleSheet::buildArrayForRuleList):
        (WebCore::InspectorStyleSheet::collectFlatRules):
        (WebCore::InspectorStyleSheetForInlineStyle::create):
        (WebCore::InspectorStyleSheetForInlineStyle::InspectorStyleSheetForInlineStyle):
        (WebCore::InspectorStyleSheetForInlineStyle::inspectorStyleForId):
        * inspector/InspectorStyleSheet.h:
        (WebCore::InspectorCSSId::InspectorCSSId):
        (WebCore::InspectorCSSId::asProtocolValue):
        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::startFromConsole):
        (WebCore::InspectorTimelineAgent::stopFromConsole):
        (WebCore::InspectorTimelineAgent::addRecordToTimeline):
        (WebCore::InspectorTimelineAgent::didCompleteRecordEntry):
        (WebCore::InspectorTimelineAgent::appendRecord):
        (WebCore::InspectorTimelineAgent::sendEvent):
        (WebCore::InspectorTimelineAgent::createRecordEntry):
        (WebCore::InspectorTimelineAgent::pushCurrentRecord):
        * inspector/InspectorTimelineAgent.h:
        * inspector/InspectorWorkerAgent.cpp:
        (WebCore::InspectorWorkerAgent::sendMessageToWorker):
        * inspector/InspectorWorkerAgent.h:
        * inspector/NetworkResourcesData.cpp:
        (WebCore::XHRReplayData::create):
        (WebCore::XHRReplayData::XHRReplayData):
        * inspector/NetworkResourcesData.h:
        (WebCore::NetworkResourcesData::ResourceData::decoder):
        (WebCore::NetworkResourcesData::ResourceData::setDecoder):
        (WebCore::NetworkResourcesData::ResourceData::buffer):
        (WebCore::NetworkResourcesData::ResourceData::setBuffer):
        * inspector/TimelineRecordFactory.cpp:
        (WebCore::TimelineRecordFactory::createGenericRecord):
        (WebCore::TimelineRecordFactory::createBackgroundRecord):
        (WebCore::TimelineRecordFactory::createGCEventData):
        (WebCore::TimelineRecordFactory::createFunctionCallData):
        (WebCore::TimelineRecordFactory::createConsoleProfileData):
        (WebCore::TimelineRecordFactory::createProbeSampleData):
        (WebCore::TimelineRecordFactory::createEventDispatchData):
        (WebCore::TimelineRecordFactory::createGenericTimerData):
        (WebCore::TimelineRecordFactory::createTimerInstallData):
        (WebCore::TimelineRecordFactory::createXHRReadyStateChangeData):
        (WebCore::TimelineRecordFactory::createXHRLoadData):
        (WebCore::TimelineRecordFactory::createEvaluateScriptData):
        (WebCore::TimelineRecordFactory::createTimeStampData):
        (WebCore::TimelineRecordFactory::createScheduleResourceRequestData):
        (WebCore::TimelineRecordFactory::createResourceSendRequestData):
        (WebCore::TimelineRecordFactory::createResourceReceiveResponseData):
        (WebCore::TimelineRecordFactory::createResourceFinishData):
        (WebCore::TimelineRecordFactory::createReceiveResourceData):
        (WebCore::TimelineRecordFactory::createLayoutData):
        (WebCore::TimelineRecordFactory::createDecodeImageData):
        (WebCore::TimelineRecordFactory::createResizeImageData):
        (WebCore::TimelineRecordFactory::createMarkData):
        (WebCore::TimelineRecordFactory::createParseHTMLData):
        (WebCore::TimelineRecordFactory::createAnimationFrameData):
        (WebCore::createQuad):
        (WebCore::TimelineRecordFactory::createPaintData):
        (WebCore::buildInspectorObject):
        (WebCore::buildProfileInspectorObject):
        (WebCore::TimelineRecordFactory::appendProfile):
        * inspector/TimelineRecordFactory.h:
        (WebCore::TimelineRecordFactory::createWebSocketCreateData):
        (WebCore::TimelineRecordFactory::createGenericWebSocketData):
        * inspector/WorkerInspectorController.cpp:
        (WebCore::WorkerInspectorController::executionStopwatch):
        * inspector/WorkerInspectorController.h:
        * page/PageConsoleClient.cpp:
        (WebCore::PageConsoleClient::addMessage):
        (WebCore::PageConsoleClient::messageWithTypeAndLevel):
        (WebCore::PageConsoleClient::count):
        (WebCore::PageConsoleClient::profileEnd):
        (WebCore::PageConsoleClient::timeEnd):
        (WebCore::PageConsoleClient::timeStamp):
        * page/PageConsoleClient.h:
        * replay/ReplayController.cpp:
        (WebCore::ReplayController::switchSession):
        (WebCore::ReplayController::createSegment):
        (WebCore::ReplayController::completeSegment):
        (WebCore::ReplayController::loadSegmentAtIndex):
        * replay/ReplayInputCreationMethods.cpp:
        (WebCore::InitialNavigation::createFromPage):
        * workers/SharedWorkerGlobalScope.cpp:
        (WebCore::SharedWorkerGlobalScope::logExceptionToConsole):
        * workers/SharedWorkerGlobalScope.h:
        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::logExceptionToConsole):
        (WebCore::WorkerGlobalScope::addMessage):
        (WebCore::WorkerGlobalScope::addMessageToWorkerConsole):
        * workers/WorkerGlobalScope.h:

2015-01-07  Anders Carlsson  <andersca@apple.com>

        Annotate properties that start with "new" so they'll work under ARC
        https://bugs.webkit.org/show_bug.cgi?id=140215
        rdar://problem/19399153

        Reviewed by Geoffrey Garen.

        When encountering attributes that start with "new", also generate an additional getter method declaration that
        has an NS_RETURNS_NOT_RETAINED annotation so ARC will know not to overrelease the property value.

        * bindings/scripts/CodeGeneratorObjC.pm:
        (GenerateHeader):

2015-01-07  Beth Dakin  <bdakin@apple.com>

        Adopt delegate callbacks so that standardQuickLookMenuItem does not obscure the 
        link
        https://bugs.webkit.org/show_bug.cgi?id=140206
        -and corresponding-
        rdar://problem/19300492

        Reviewed by Tim Horton.

        More delegate methods.
        * platform/spi/mac/QuickLookMacSPI.h:

2015-01-07  Bem Jones-Bey  <bjonesbe@adobe.com>

        [CSS Shapes] Negative raster shape height leads to crash
        https://bugs.webkit.org/show_bug.cgi?id=136087

        Reviewed by Zoltan Horvath.

        This patch clamps the size of the margin box rect used to compute the
        raster shape on a float so the width and height cannot be negative.
        This makes it safe to use that rect to determine the size of the shape
        intervals data structure.

        Test: fast/shapes/shape-outside-floats/shape-outside-negative-height-crash.html

        * rendering/shapes/Shape.cpp:
        (WebCore::Shape::createRasterShape): Add an assert to be explict about
            the precondition.
        * rendering/shapes/ShapeOutsideInfo.cpp:
        (WebCore::getShapeImageMarginRect): Clamp the marginRect's size.

2015-01-06  Sam Weinig  <sam@webkit.org>

        Modernize the SVGElement and MathMLElement factories
        https://bugs.webkit.org/show_bug.cgi?id=140163

        Reviewed by Dan Bernstein.

        * dom/Element.cpp:
        (WebCore::Element::create):
        * dom/Element.h:
        Change to return a Ref rather than a RefPtr.

        * dom/make_names.pl:
        (printConstructorSignature):
        (printFactoryCppFile):
        (printFactoryHeaderFile):
        Change to unconditionally use Ref as the return type for element factories
        now that HTML is not special cased.

        * SVG and MathML element files elided *
        Changed all SVG and MathML element's create functions to return a Ref.

2015-01-07  David Kilzer  <ddkilzer@apple.com>

        REGRESSION (r178028): iOS build broken due to unused parameters in GlyphPage::mayUseMixedFontDataWhenFilling()

        Fixes the following build errors:

            WebCore/platform/graphics/mac/GlyphPageMac.cpp:58:61: error: unused parameter 'buffer' [-Werror,-Wunused-parameter]
            bool GlyphPage::mayUseMixedFontDataWhenFilling(const UChar* buffer, unsigned bufferLength, const SimpleFontData* fontData)
                                                                        ^
            WebCore/platform/graphics/mac/GlyphPageMac.cpp:58:78: error: unused parameter 'bufferLength' [-Werror,-Wunused-parameter]
            bool GlyphPage::mayUseMixedFontDataWhenFilling(const UChar* buffer, unsigned bufferLength, const SimpleFontData* fontData)
                                                                                         ^
            WebCore/platform/graphics/mac/GlyphPageMac.cpp:58:114: error: unused parameter 'fontData' [-Werror,-Wunused-parameter]
            bool GlyphPage::mayUseMixedFontDataWhenFilling(const UChar* buffer, unsigned bufferLength, const SimpleFontData* fontData)
                                                                                                                             ^
            3 errors generated.

        * platform/graphics/mac/GlyphPageMac.cpp:
        (WebCore::GlyphPage::mayUseMixedFontDataWhenFilling): Add
        UNUSED_PARAM() as needed.

2015-01-07  Bem Jones-Bey  <bjonesbe@adobe.com>

        [CSS Shapes] Content does not wrap with overflow: hidden and reference box different from margin-box
        https://bugs.webkit.org/show_bug.cgi?id=138139

        Reviewed by David Hyatt.

        To determine how much an box needs to shink to avoid a float, the code
        was only taking into account the first line of the box. This doesn't
        work when the float has a shape, as it can make it seem like there is
        more space on the line than there actually is. This patch changes the
        calculations to take into account the entire height of the box that
        needs to be shrunk, and thus computes the correct amount of space
        available.

        Test: fast/shapes/shape-outside-floats/shape-overflow-hidden-left-margin.html
              fast/shapes/shape-outside-floats/shape-overflow-hidden-right-margin.html
              fast/shapes/shape-outside-floats/shape-overflow-hidden.html

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::shrinkLogicalWidthToAvoidFloats):

2015-01-07  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r178039.
        https://bugs.webkit.org/show_bug.cgi?id=140187

        Breaks ObjC Inspector Protocol (Requested by JoePeck on
        #webkit).

        Reverted changeset:

        "Web Inspector: purge PassRefPtr from Inspector code and use
        Ref for typed and untyped protocol objects"
        https://bugs.webkit.org/show_bug.cgi?id=140053
        http://trac.webkit.org/changeset/178039

2015-01-06  Brian J. Burg  <burg@cs.washington.edu>

        Web Inspector: purge PassRefPtr from Inspector code and use Ref for typed and untyped protocol objects
        https://bugs.webkit.org/show_bug.cgi?id=140053

        Reviewed by Andreas Kling.

        This patch replaces uses of PassRefPtr with uses of RefPtr&& and WTF::move() in code
        related to Web Inspector. It also converts many uses of RefPtr to Ref where
        references are always non-null. These two refactorings have been combined since
        they tend to require similar changes to the code.

        No new tests, no behavior changed.

        * Modules/webdatabase/DatabaseManager.cpp:
        (WebCore::DatabaseManager::openDatabase):
        * dom/Document.cpp:
        (WebCore::Document::logExceptionToConsole):
        (WebCore::Document::addMessage):
        * dom/Document.h:
        * dom/ScriptExecutionContext.cpp:
        (WebCore::ScriptExecutionContext::reportException):
        * dom/ScriptExecutionContext.h:
        * html/parser/XSSAuditorDelegate.cpp:
        (WebCore::XSSAuditorDelegate::generateViolationReport):
        * inspector/CommandLineAPIHost.cpp:
        (WebCore::CommandLineAPIHost::inspectImpl):
        * inspector/CommandLineAPIHost.h:
        * inspector/InspectorApplicationCacheAgent.cpp:
        (WebCore::InspectorApplicationCacheAgent::getFramesWithManifests):
        (WebCore::InspectorApplicationCacheAgent::buildObjectForApplicationCache):
        (WebCore::InspectorApplicationCacheAgent::buildArrayForApplicationCacheResources):
        (WebCore::InspectorApplicationCacheAgent::buildObjectForApplicationCacheResource):
        * inspector/InspectorApplicationCacheAgent.h:
        * inspector/InspectorCSSAgent.cpp:
        (WebCore::InspectorCSSAgent::getMatchedStylesForNode):
        (WebCore::InspectorCSSAgent::getComputedStyleForNode):
        (WebCore::InspectorCSSAgent::setStyleText):
        (WebCore::InspectorCSSAgent::setPropertyText):
        (WebCore::InspectorCSSAgent::toggleProperty):
        (WebCore::InspectorCSSAgent::setRuleSelector):
        (WebCore::InspectorCSSAgent::getSupportedCSSProperties):
        (WebCore::InspectorCSSAgent::forcePseudoState):
        (WebCore::InspectorCSSAgent::getNamedFlowCollection):
        (WebCore::InspectorCSSAgent::detectOrigin):
        (WebCore::InspectorCSSAgent::buildObjectForRule):
        (WebCore::InspectorCSSAgent::buildArrayForMatchedRuleList):
        (WebCore::InspectorCSSAgent::buildObjectForAttributesStyle):
        (WebCore::InspectorCSSAgent::buildArrayForRegions):
        (WebCore::InspectorCSSAgent::buildObjectForNamedFlow):
        * inspector/InspectorCSSAgent.h:
        * inspector/InspectorConsoleInstrumentation.h:
        (WebCore::InspectorInstrumentation::addMessageToConsole):
        (WebCore::InspectorInstrumentation::consoleCount):
        (WebCore::InspectorInstrumentation::stopConsoleTiming):
        (WebCore::InspectorInstrumentation::consoleTimeStamp):
        (WebCore::InspectorInstrumentation::stopProfiling):
        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::buildObjectForHighlightedNode):
        (WebCore::InspectorController::executionStopwatch):
        * inspector/InspectorController.h:
        * inspector/InspectorDOMAgent.cpp:
        (WebCore::parseColor):
        (WebCore::parseConfigColor):
        (WebCore::InspectorDOMAgent::pushNodePathToFrontend):
        (WebCore::InspectorDOMAgent::performSearch):
        (WebCore::InspectorDOMAgent::setInspectModeEnabled):
        (WebCore::InspectorDOMAgent::highlightRect):
        (WebCore::InspectorDOMAgent::highlightQuad):
        (WebCore::InspectorDOMAgent::innerHighlightQuad):
        (WebCore::InspectorDOMAgent::highlightNode):
        (WebCore::InspectorDOMAgent::highlightFrame):
        (WebCore::InspectorDOMAgent::buildObjectForNode):
        (WebCore::InspectorDOMAgent::buildArrayForElementAttributes):
        (WebCore::InspectorDOMAgent::buildArrayForContainerChildren):
        (WebCore::InspectorDOMAgent::buildObjectForEventListener):
        (WebCore::InspectorDOMAgent::processAccessibilityChildren):
        (WebCore::InspectorDOMAgent::buildObjectForAccessibilityProperties):
        (WebCore::InspectorDOMAgent::didCommitLoad):
        (WebCore::InspectorDOMAgent::didInsertDOMNode):
        (WebCore::InspectorDOMAgent::styleAttributeInvalidated):
        (WebCore::InspectorDOMAgent::resolveNode):
        * inspector/InspectorDOMAgent.h:
        * inspector/InspectorDOMDebuggerAgent.cpp:
        (WebCore::InspectorDOMDebuggerAgent::didInvalidateStyleAttr):
        (WebCore::InspectorDOMDebuggerAgent::willInsertDOMNode):
        (WebCore::InspectorDOMDebuggerAgent::willRemoveDOMNode):
        (WebCore::InspectorDOMDebuggerAgent::willModifyDOMAttr):
        (WebCore::InspectorDOMDebuggerAgent::descriptionForDOMEvent):
        (WebCore::InspectorDOMDebuggerAgent::pauseOnNativeEventIfNeeded):
        (WebCore::InspectorDOMDebuggerAgent::willSendXMLHttpRequest):
        * inspector/InspectorDOMDebuggerAgent.h:
        * inspector/InspectorDOMStorageAgent.cpp:
        (WebCore::InspectorDOMStorageAgent::getDOMStorageItems):
        (WebCore::InspectorDOMStorageAgent::setDOMStorageItem):
        (WebCore::InspectorDOMStorageAgent::removeDOMStorageItem):
        (WebCore::InspectorDOMStorageAgent::storageId):
        (WebCore::InspectorDOMStorageAgent::findStorageArea):
        * inspector/InspectorDOMStorageAgent.h:
        * inspector/InspectorDatabaseAgent.cpp: Use Ref for all callbacks since they are
        not nullable.
        (WebCore::InspectorDatabaseAgent::executeSQL):
        * inspector/InspectorDatabaseAgent.h:
        * inspector/InspectorDatabaseInstrumentation.h:
        (WebCore::InspectorInstrumentation::didOpenDatabase):
        * inspector/InspectorDatabaseResource.cpp:
        (WebCore::InspectorDatabaseResource::create):
        (WebCore::InspectorDatabaseResource::InspectorDatabaseResource):
        (WebCore::InspectorDatabaseResource::bind):
        * inspector/InspectorDatabaseResource.h:
        (WebCore::InspectorDatabaseResource::setDatabase):
        * inspector/InspectorFrontendHost.h:
        (WebCore::InspectorFrontendHost::create):
        * inspector/InspectorIndexedDBAgent.cpp: Use Ref for all callbacks since they are
        not nullable.
        (WebCore::InspectorIndexedDBAgent::requestDatabaseNames):
        (WebCore::InspectorIndexedDBAgent::requestDatabase):
        (WebCore::InspectorIndexedDBAgent::requestData):
        (WebCore::ClearObjectStoreListener::create):
        (WebCore::ClearObjectStoreListener::ClearObjectStoreListener):
        (WebCore::ClearObjectStore::create):
        (WebCore::ClearObjectStore::ClearObjectStore):
        (WebCore::InspectorIndexedDBAgent::clearObjectStore):
        * inspector/InspectorIndexedDBAgent.h:
        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::willLoadXHRImpl):
        (WebCore::InspectorInstrumentation::addMessageToConsoleImpl):
        (WebCore::InspectorInstrumentation::consoleCountImpl):
        (WebCore::InspectorInstrumentation::stopConsoleTimingImpl):
        (WebCore::InspectorInstrumentation::consoleTimeStampImpl):
        (WebCore::InspectorInstrumentation::stopProfilingImpl):
        (WebCore::InspectorInstrumentation::didOpenDatabaseImpl):
        (WebCore::InspectorInstrumentation::sessionCreatedImpl):
        (WebCore::InspectorInstrumentation::sessionLoadedImpl):
        (WebCore::InspectorInstrumentation::sessionModifiedImpl):
        (WebCore::InspectorInstrumentation::segmentCreatedImpl):
        (WebCore::InspectorInstrumentation::segmentCompletedImpl):
        (WebCore::InspectorInstrumentation::segmentLoadedImpl):
        (WebCore::InspectorInstrumentation::willLoadXHRSynchronouslyImpl): Deleted.
        (WebCore::InspectorInstrumentation::didLoadXHRSynchronouslyImpl): Deleted.
        (WebCore::InspectorInstrumentation::startProfilingImpl): Deleted.
        (WebCore::InspectorInstrumentation::didDispatchDOMStorageEventImpl): Deleted.
        (WebCore::InspectorInstrumentation::willEvaluateWorkerScript): Deleted.
        (WebCore::InspectorInstrumentation::captureStoppedImpl): Deleted.
        (WebCore::InspectorInstrumentation::playbackStartedImpl): Deleted.
        (WebCore::InspectorInstrumentation::playbackPausedImpl): Deleted.
        (WebCore::InspectorInstrumentation::playbackHitPositionImpl): Deleted.
        (WebCore::InspectorInstrumentation::playbackFinishedImpl): Deleted.
        (WebCore::InspectorInstrumentation::networkStateChangedImpl): Deleted.
        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::willLoadXHR):
        (WebCore::InspectorInstrumentation::sessionCreated):
        (WebCore::InspectorInstrumentation::sessionLoaded):
        (WebCore::InspectorInstrumentation::sessionModified):
        (WebCore::InspectorInstrumentation::segmentCreated):
        (WebCore::InspectorInstrumentation::segmentCompleted):
        (WebCore::InspectorInstrumentation::segmentLoaded):
        (WebCore::InspectorInstrumentation::documentThreadableLoaderStartedLoadingForClient): Deleted.
        (WebCore::InspectorInstrumentation::didSendWebSocketFrame): Deleted.
        * inspector/InspectorLayerTreeAgent.cpp:
        (WebCore::InspectorLayerTreeAgent::buildObjectForLayer):
        (WebCore::InspectorLayerTreeAgent::buildObjectForIntRect):
        (WebCore::InspectorLayerTreeAgent::reasonsForCompositingLayer):
        * inspector/InspectorLayerTreeAgent.h:
        * inspector/InspectorOverlay.cpp:
        (WebCore::buildObjectForPoint):
        (WebCore::buildObjectForRect):
        (WebCore::buildArrayForQuad):
        (WebCore::buildObjectForHighlight):
        (WebCore::buildObjectForRegionHighlight):
        (WebCore::buildObjectForCSSRegionsHighlight):
        (WebCore::buildObjectForSize):
        (WebCore::buildObjectForCSSRegionContentClip):
        (WebCore::InspectorOverlay::drawPaintRects):
        (WebCore::buildObjectForRendererFragments):
        (WebCore::buildObjectForShapeOutside):
        (WebCore::buildObjectForElementInfo):
        (WebCore::InspectorOverlay::buildObjectForHighlightedNode):
        (WebCore::InspectorOverlay::reset):
        (WebCore::InspectorOverlay::evaluateInOverlay):
        * inspector/InspectorOverlay.h:
        * inspector/InspectorPageAgent.cpp:
        (WebCore::createXHRTextDecoder):
        (WebCore::buildObjectForCookie):
        (WebCore::buildArrayForCookies):
        (WebCore::buildObjectForSearchResult):
        (WebCore::InspectorPageAgent::buildObjectForFrame):
        (WebCore::InspectorPageAgent::buildObjectForFrameTree):
        * inspector/InspectorPageAgent.h:
        * inspector/InspectorReplayAgent.cpp:
        (WebCore::buildInspectorObjectForPosition):
        (WebCore::buildInspectorObjectForInput):
        (WebCore::buildInspectorObjectForSession):
        (WebCore::buildInspectorObjectForSegment):
        (WebCore::InspectorReplayAgent::replayToPosition):
        (WebCore::InspectorReplayAgent::getSessionData):
        (WebCore::InspectorReplayAgent::getSegmentData):
        * inspector/InspectorReplayAgent.h:
        * inspector/InspectorResourceAgent.cpp:
        (WebCore::buildObjectForHeaders):
        (WebCore::buildObjectForTiming):
        (WebCore::buildObjectForResourceRequest):
        (WebCore::buildObjectForResourceResponse):
        (WebCore::buildObjectForCachedResource):
        (WebCore::InspectorResourceAgent::willLoadXHR):
        (WebCore::InspectorResourceAgent::buildInitiatorObject):
        (WebCore::InspectorResourceAgent::willSendWebSocketHandshakeRequest):
        (WebCore::InspectorResourceAgent::didReceiveWebSocketHandshakeResponse):
        (WebCore::InspectorResourceAgent::didReceiveWebSocketFrame):
        (WebCore::InspectorResourceAgent::didSendWebSocketFrame):
        (WebCore::InspectorResourceAgent::setExtraHTTPHeaders):
        (WebCore::InspectorResourceAgent::loadResource):
        (WebCore::InspectorResourceAgent::documentThreadableLoaderStartedLoadingForClient): Deleted.
        (WebCore::InspectorResourceAgent::didScheduleStyleRecalculation): Deleted.
        (WebCore::InspectorResourceAgent::disable): Deleted.
        (WebCore::InspectorResourceAgent::setCacheDisabled): Deleted.
        * inspector/InspectorResourceAgent.h:
        * inspector/InspectorStyleSheet.cpp:
        (ParsedStyleSheet::ruleSourceDataAt):
        (WebCore::buildSourceRangeObject):
        (WebCore::buildMediaObject):
        (WebCore::asCSSRuleList):
        (WebCore::fillMediaListChain):
        (WebCore::InspectorStyle::create):
        (WebCore::InspectorStyle::InspectorStyle):
        (WebCore::InspectorStyle::buildObjectForStyle):
        (WebCore::InspectorStyle::buildArrayForComputedStyle):
        (WebCore::InspectorStyle::styleWithProperties):
        (WebCore::InspectorStyle::extractSourceData):
        (WebCore::InspectorStyleSheet::create):
        (WebCore::InspectorStyleSheet::InspectorStyleSheet):
        (WebCore::InspectorStyleSheet::buildObjectForStyleSheet):
        (WebCore::InspectorStyleSheet::buildObjectForStyleSheetInfo):
        (WebCore::buildObjectForSelectorHelper):
        (WebCore::selectorsFromSource):
        (WebCore::InspectorStyleSheet::buildObjectForSelector):
        (WebCore::InspectorStyleSheet::buildObjectForSelectorList):
        (WebCore::InspectorStyleSheet::buildObjectForRule):
        (WebCore::InspectorStyleSheet::buildObjectForStyle):
        (WebCore::InspectorStyleSheet::toggleProperty):
        (WebCore::InspectorStyleSheet::inspectorStyleForId):
        (WebCore::InspectorStyleSheet::rememberInspectorStyle):
        (WebCore::InspectorStyleSheet::buildArrayForRuleList):
        (WebCore::InspectorStyleSheet::collectFlatRules):
        (WebCore::InspectorStyleSheetForInlineStyle::create):
        (WebCore::InspectorStyleSheetForInlineStyle::InspectorStyleSheetForInlineStyle):
        (WebCore::InspectorStyleSheetForInlineStyle::inspectorStyleForId):
        * inspector/InspectorStyleSheet.h:
        (WebCore::InspectorCSSId::InspectorCSSId):
        (WebCore::InspectorCSSId::asProtocolValue):
        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::startFromConsole):
        (WebCore::InspectorTimelineAgent::stopFromConsole):
        (WebCore::InspectorTimelineAgent::addRecordToTimeline):
        (WebCore::InspectorTimelineAgent::didCompleteRecordEntry):
        (WebCore::InspectorTimelineAgent::appendRecord):
        (WebCore::InspectorTimelineAgent::sendEvent):
        (WebCore::InspectorTimelineAgent::createRecordEntry):
        (WebCore::InspectorTimelineAgent::pushCurrentRecord):
        * inspector/InspectorTimelineAgent.h:
        * inspector/InspectorWorkerAgent.cpp:
        (WebCore::InspectorWorkerAgent::sendMessageToWorker):
        * inspector/InspectorWorkerAgent.h:
        * inspector/NetworkResourcesData.cpp:
        (WebCore::XHRReplayData::create):
        (WebCore::XHRReplayData::XHRReplayData):
        * inspector/NetworkResourcesData.h:
        (WebCore::NetworkResourcesData::ResourceData::decoder):
        (WebCore::NetworkResourcesData::ResourceData::setDecoder):
        (WebCore::NetworkResourcesData::ResourceData::buffer):
        (WebCore::NetworkResourcesData::ResourceData::setBuffer):
        * inspector/TimelineRecordFactory.cpp:
        (WebCore::TimelineRecordFactory::createGenericRecord):
        (WebCore::TimelineRecordFactory::createBackgroundRecord):
        (WebCore::TimelineRecordFactory::createGCEventData):
        (WebCore::TimelineRecordFactory::createFunctionCallData):
        (WebCore::TimelineRecordFactory::createConsoleProfileData):
        (WebCore::TimelineRecordFactory::createProbeSampleData):
        (WebCore::TimelineRecordFactory::createEventDispatchData):
        (WebCore::TimelineRecordFactory::createGenericTimerData):
        (WebCore::TimelineRecordFactory::createTimerInstallData):
        (WebCore::TimelineRecordFactory::createXHRReadyStateChangeData):
        (WebCore::TimelineRecordFactory::createXHRLoadData):
        (WebCore::TimelineRecordFactory::createEvaluateScriptData):
        (WebCore::TimelineRecordFactory::createTimeStampData):
        (WebCore::TimelineRecordFactory::createScheduleResourceRequestData):
        (WebCore::TimelineRecordFactory::createResourceSendRequestData):
        (WebCore::TimelineRecordFactory::createResourceReceiveResponseData):
        (WebCore::TimelineRecordFactory::createResourceFinishData):
        (WebCore::TimelineRecordFactory::createReceiveResourceData):
        (WebCore::TimelineRecordFactory::createLayoutData):
        (WebCore::TimelineRecordFactory::createDecodeImageData):
        (WebCore::TimelineRecordFactory::createResizeImageData):
        (WebCore::TimelineRecordFactory::createMarkData):
        (WebCore::TimelineRecordFactory::createParseHTMLData):
        (WebCore::TimelineRecordFactory::createAnimationFrameData):
        (WebCore::createQuad):
        (WebCore::TimelineRecordFactory::createPaintData):
        (WebCore::buildInspectorObject):
        (WebCore::buildProfileInspectorObject):
        (WebCore::TimelineRecordFactory::appendProfile):
        * inspector/TimelineRecordFactory.h:
        (WebCore::TimelineRecordFactory::createWebSocketCreateData):
        (WebCore::TimelineRecordFactory::createGenericWebSocketData):
        * inspector/WorkerInspectorController.cpp:
        (WebCore::WorkerInspectorController::executionStopwatch):
        * inspector/WorkerInspectorController.h:
        * page/PageConsoleClient.cpp:
        (WebCore::PageConsoleClient::addMessage):
        (WebCore::PageConsoleClient::messageWithTypeAndLevel):
        (WebCore::PageConsoleClient::count):
        (WebCore::PageConsoleClient::profileEnd):
        (WebCore::PageConsoleClient::timeEnd):
        (WebCore::PageConsoleClient::timeStamp):
        * page/PageConsoleClient.h:
        * replay/ReplayController.cpp:
        (WebCore::ReplayController::switchSession):
        (WebCore::ReplayController::createSegment):
        (WebCore::ReplayController::completeSegment):
        (WebCore::ReplayController::loadSegmentAtIndex):
        * replay/ReplayInputCreationMethods.cpp:
        (WebCore::InitialNavigation::createFromPage):
        * workers/SharedWorkerGlobalScope.cpp:
        (WebCore::SharedWorkerGlobalScope::logExceptionToConsole):
        * workers/SharedWorkerGlobalScope.h:
        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::logExceptionToConsole):
        (WebCore::WorkerGlobalScope::addMessage):
        (WebCore::WorkerGlobalScope::addMessageToWorkerConsole):
        * workers/WorkerGlobalScope.h:

2015-01-07  Chris Fleizach  <cfleizach@apple.com>

        AX: Crash: com.apple.WebKit.WebContent at com.apple.WebCore: WebCore::AXObjectCache::clearTextMarkerNodesInUse + 149
        https://bugs.webkit.org/show_bug.cgi?id=139929

        Reviewed by Darin Adler.

        When a frame is replaced, there were instances when it was not clearing its associated nodes in the accessibility text marker -> Node cache.
        This caused dead Nodes to be left in the cache which would eventually be accessed when the cache was cleaned out at a later time.

        To fix this we should be clearing out the cache in Document::prepareForDestruction, instead of Frame::disconnectOwnerElement.

        While working on this, it also exposed a problem where when a frame goes away, it doesn't inform its parent to update its children,
        which causes an ASSERT to be hit with this test as well.

        Tests: accessibility/frame-disconnect-textmarker-cache-crash.html

        * dom/Document.cpp:
        (WebCore::Document::prepareForDestruction):
        * page/Frame.cpp:
        (WebCore::Frame::disconnectOwnerElement):
            Remove cache management from here since it is superceded by code in Document::prepareForDestruction
        * page/FrameView.cpp:
        (WebCore::FrameView::removeFromAXObjectCache):

2015-01-07  Zan Dobersek  <zdobersek@igalia.com>

        Unreviewed fix for the CoordinatedGraphics builds after r178034.

        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::setChildren): Add back the setChildren()
        variant that receives a reference to the Vector of TextureMapperLayer
        objects. This is still used by the CoordinatedGraphics code that still
        constructs a separate Vector object each time the layer's children change.
        * platform/graphics/texmap/TextureMapperLayer.h:

2015-01-07  Zan Dobersek  <zdobersek@igalia.com>

        [TexMap] Use std::sort instead of qsort in TextureMapperLayer::sortByZOrder()
        https://bugs.webkit.org/show_bug.cgi?id=136212

        Reviewed by Darin Adler.

        Use std::sort() instead of qsort() to sort the TextureMapperLayer objects
        by their z-order. A lambda expression can be used to compare the m_centerZ 
        member variables of any two TextureMapperLayers.

        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::sortByZOrder):
        (WebCore::TextureMapperLayer::compareGraphicsLayersZValue): Deleted.
        * platform/graphics/texmap/TextureMapperLayer.h:

2015-01-06  Zan Dobersek  <zdobersek@igalia.com>

        [TexMap] Avoid constructing Vector when setting new children of TextureMapperLayer
        https://bugs.webkit.org/show_bug.cgi?id=137265

        Reviewed by Brent Fulgham.

        Instead of constructing a vector object and populating it with TextureMapperLayers
        every time the children of a GraphicsLayer change, the children vector is now passed
        directly to TextureMapperLayer::setChildren(), which properly downcasts GraphicsLayers
        and adds the new TextureMapperLayer children.

        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::commitLayerChanges):
        (WebCore::toTextureMapperLayerVector): Deleted.
        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::setChildren):
        * platform/graphics/texmap/TextureMapperLayer.h:

2015-01-07  Zan Dobersek  <zdobersek@igalia.com>

        [TexMap] m_layer member in GraphicsLayerTextureMapper is always non-null
        https://bugs.webkit.org/show_bug.cgi?id=140135

        Reviewed by Darin Adler.

        Since the TextureMapperLayer member in the GraphicsLayerTextureMapper class
        is always non-null, we don't need to keep it in a std::unique_ptr<>.

        GraphicsLayerTextureMapper::layer() now returns a reference to the m_layer member.

        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::GraphicsLayerTextureMapper):
        (WebCore::GraphicsLayerTextureMapper::flushCompositingStateForThisLayerOnly):
        (WebCore::toTextureMapperLayerVector):
        (WebCore::GraphicsLayerTextureMapper::commitLayerChanges):
        (WebCore::GraphicsLayerTextureMapper::flushCompositingState):
        (WebCore::GraphicsLayerTextureMapper::updateBackingStoreIfNeeded):
        (WebCore::GraphicsLayerTextureMapper::setFilters):
        * platform/graphics/texmap/GraphicsLayerTextureMapper.h:

2015-01-07  Byungseon Shin  <sun.shin@lge.com>

        Fix Border-radius clipping issue on a composited descendants
        https://bugs.webkit.org/show_bug.cgi?id=138551

        Reviewed by Simon Fraser.

        Fix clipping compositing descendants of an accelerated layer having
        border radius and clip overflow issue by using layer corner-radius
        or a CAShapeLayer mask on Mac, and setting up a separate mask layer
        on the childContainmentLayer on other platforms.

        This patch is extracted from following Blink revisions:
        <http://src.chromium.org/viewvc/blink?view=revision&revision=162463>
        <http://src.chromium.org/viewvc/blink?view=revision&revision=158258>
        by <rosca@adobe.com>

        Clip accelerated descendants of an accelerated layer having border radius and clip overflow.
        Large canvas does not honor containing div's border radius.

        and <http://src.chromium.org/viewvc/blink?view=revision&revision=160578>
        by <junov@chromium.org>

        Fix for CSS clip-path with accelerated 2D canvas.

        * WebCore.exp.in:
        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::dumpProperties):
        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::applyClippingBorder):
        (WebCore::GraphicsLayer::clearClippingBorder):
        (WebCore::GraphicsLayer::needsClippingMaskLayer):
        * platform/graphics/GraphicsLayerClient.h:
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::applyClippingBorder):
        (WebCore::GraphicsLayerCA::clearClippingBorder):
        * platform/graphics/ca/GraphicsLayerCA.h:
        * rendering/PaintPhase.h:
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::paintObject):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::paintClippingMask):
        * rendering/RenderBox.h:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paintLayerContents):
        (WebCore::RenderLayer::paintChildClippingMaskForFragments):
        * rendering/RenderLayer.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::~RenderLayerBacking):
        (WebCore::RenderLayerBacking::destroyGraphicsLayers):
        (WebCore::RenderLayerBacking::updateConfiguration):
        (WebCore::RenderLayerBacking::updateGeometry):
        (WebCore::RenderLayerBacking::updateChildClippingStrategy):
        (WebCore::RenderLayerBacking::setContentsNeedDisplay):
        (WebCore::RenderLayerBacking::setContentsNeedDisplayInRect):
        (WebCore::RenderLayerBacking::paintIntoLayer):
        (WebCore::RenderLayerBacking::paintContents):
        (WebCore::RenderLayerBacking::backingStoreMemoryEstimate):
        * rendering/RenderLayerBacking.h:

2015-01-06  Antti Koivisto  <antti@apple.com>

        Use HashMap instead of CFDictionary for composite font reference map
        https://bugs.webkit.org/show_bug.cgi?id=140150

        Reviewed by Geoff Garen.

        Use WebKit types. Also use USE(APPKIT) consistently for this feature.

        * platform/graphics/SimpleFontData.cpp:
        (WebCore::SimpleFontData::DerivedFontData::~DerivedFontData):

            The whole desctructor gets handled implicitly.

        * platform/graphics/SimpleFontData.h:
        * platform/graphics/mac/GlyphPageMac.cpp:
        (WebCore::GlyphPage::mayUseMixedFontDataWhenFilling):
        (WebCore::GlyphPage::fill):
        * platform/graphics/mac/SimpleFontDataMac.mm:
        (WebCore::SimpleFontData::compositeFontReferenceFontData):
        (WebCore::SimpleFontData::getCompositeFontReferenceFontData): Deleted.

2015-01-07  Mihnea Ovidenie  <mihnea@adobe.com>

        ASSERTION FAILED: rareData->m_flowThreadContainingBlock.value() == RenderBox::locateFlowThreadContainingBlock() in WebCore::RenderBlock::locateFlowThreadContainingBlock
        https://bugs.webkit.org/show_bug.cgi?id=139390

        Reviewed by Andrei Bucur.

        When a block level element is inserted into an inline element, the inline element is split
        in order to make sure that all the inline element children are properly wrapped inside
        anonymous block elements. If the inline element is inside a pagination context, we have
        to invalidate the cached flow thread containing block for the split inline element and its descendants.

        Test: fast/multicol/newmulticol/block-split-inline-in-multicol.html

        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::splitInlines):

2015-01-06  Chris Dumez  <cdumez@apple.com>

        Move 'content' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=140169

        Reviewed by Sam Weinig.

        Move 'content' CSS property to the new StyleBuilder.

        * css/CSSPropertyNames.in:
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInitialContent):
        (WebCore::StyleBuilderCustom::applyInheritContent):
        (WebCore::StyleBuilderCustom::applyValueContent):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):

2015-01-06  Chris Dumez  <cdumez@apple.com>

        Move 'webkit-mask-image' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=140168

        Reviewed by Sam Weinig.

        Move 'webkit-mask-image' CSS property to the new StyleBuilder.

        * css/CSSPropertyNames.in:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertMaskImageOperations):
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInitialWebkitMaskImage):
        (WebCore::StyleBuilderCustom::applyInheritWebkitMaskImage):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):
        (WebCore::StyleResolver::createMaskImageOperations): Deleted.
        * css/StyleResolver.h:

2015-01-06  Chris Dumez  <cdumez@apple.com>

        Drop ResourceResponseBase::connectionID and connectionReused members
        https://bugs.webkit.org/show_bug.cgi?id=140158

        Reviewed by Sam Weinig.

        Drop ResourceResponseBase::connectionID and connectionReused members.
        Those were needed by the Chromium port but are no longer used.

        * inspector/InspectorResourceAgent.cpp:
        (WebCore::buildObjectForResourceResponse):
        * page/PerformanceResourceTiming.cpp:
        (WebCore::PerformanceResourceTiming::PerformanceResourceTiming):
        (WebCore::PerformanceResourceTiming::connectStart):
        (WebCore::PerformanceResourceTiming::connectEnd):
        * page/PerformanceResourceTiming.h:
        * page/PerformanceTiming.cpp:
        (WebCore::PerformanceTiming::connectStart):
        (WebCore::PerformanceTiming::connectEnd):
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::ResourceResponseBase::ResourceResponseBase):
        (WebCore::ResourceResponseBase::connectionReused): Deleted.
        (WebCore::ResourceResponseBase::setConnectionReused): Deleted.
        (WebCore::ResourceResponseBase::connectionID): Deleted.
        (WebCore::ResourceResponseBase::setConnectionID): Deleted.
        * platform/network/ResourceResponseBase.h:
        (WebCore::ResourceResponseBase::encode):
        (WebCore::ResourceResponseBase::decode):

2015-01-06  Chris Dumez  <cdumez@apple.com>

        Move the 'alt' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=140129

        Reviewed by Darin Adler.

        Move the 'alt' CSS property to the new StyleBuilder.

        * css/CSSPropertyNames.in:
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyValueAlt):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):
        * rendering/style/RenderStyle.h:

2015-01-06  Chris Dumez  <cdumez@apple.com>

        Move '-webkit-text-size-adjust' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=140157

        Reviewed by Darin Adler.

        Move '-webkit-text-size-adjust' CSS property to the new StyleBuilder.

        * css/CSSPropertyNames.in:
        * css/StyleBuilderCustom.h:
        (WebCore::applyValueWebkitTextSizeAdjust):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):

2015-01-06  Bem Jones-Bey  <bjonesbe@adobe.com>

        [CSS Masking][CSS Shapes] Large corner radii use with inset() clip-path are not properly constrained
        https://bugs.webkit.org/show_bug.cgi?id=140127

        Reviewed by Darin Adler.

        Constrain large corner radii for inset() clip-path in the same way
        that border-radii are constrained.

        Test: fast/masking/clip-path-inset-large-radii.html

        * rendering/style/BasicShapes.cpp:
        (WebCore::BasicShapeInset::path): Add radii constraint. Also reformat
            code a little to shut the style bot up.

2015-01-06  Chris Dumez  <cdumez@apple.com>

        Only throttle DOM timers if they change CSS properties that cannot cause non-descendant elements to become visible
        https://bugs.webkit.org/show_bug.cgi?id=140142

        Reviewed by Darin Adler.

        Only throttle DOM timers if they change CSS properties that cannot cause
        non-descendant elements to become visible. For example, a DOM timer may
        change the height of an element that is outside the viewport. However,
        changing its height may causes elements inside the viewport to move. As
        such, we should NOT throttle such DOM timer.

        With this patch, we only mark a repeating timer as candidate for
        throttling if it is updating one of the following CSS properties:
        left, right, top, bottom, webkit-transform, opacity.

        Test: fast/dom/timer-height-change-no-throttling.html

        * bindings/js/JSCSSStyleDeclarationCustom.cpp:
        (WebCore::propertyChangeMayRepaintNonDescendants):
        (WebCore::JSCSSStyleDeclaration::putDelegate):
        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::scriptDidCauseElementRepaint):
        * page/DOMTimer.h:

2015-01-06  Chris Dumez  <cdumez@apple.com>

        Add utility method on FrameView that resumes animated images and unthrottles DOM timers
        https://bugs.webkit.org/show_bug.cgi?id=140151

        Reviewed by Darin Adler.

        Add utility method on FrameView that resumes animated images and
        unthrottles DOM timers.

        * dom/Document.cpp:
        (WebCore::Document::recalcStyle):
        * page/FrameView.cpp:
        (WebCore::FrameView::setFrameRect):
        (WebCore::FrameView::viewportContentsChanged):
        (WebCore::FrameView::scrollPositionChanged):
        (WebCore::FrameView::performPostLayoutTasks):
        * page/FrameView.h:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::scrollTo):

2015-01-06  Chris Dumez  <cdumez@apple.com>

        Do not attempt to revalidate cached main resource on back/forward navigation
        https://bugs.webkit.org/show_bug.cgi?id=139263

        Reviewed by Darin Adler.

        Do not attempt to revalidate cached main resource on back/forward
        navigation, as allowed by RFC2616 & newer RFC7234 which distinguish
        history mechanisms and caches, stating:

           The freshness model (Section 4.2) does not necessarily apply to
           history mechanisms.  That is, a history mechanism can display a
           previous representation even if it has expired.

        Previously, we would bypass revalidation on back/forward navigation
        only for sub-resources. This patch extends this policy to the main
        resource as well.

        This behavior is also consistent with IE10+ and Chrome. It makes it more
        likely we return cached content to the user on back/forward navigation
        and avoids making network requests in this case.

        Test: http/tests/cache/history-navigation-no-resource-revalidation.html

        * loader/cache/CacheValidation.cpp:
        (WebCore::redirectChainAllowsReuse):
        * loader/cache/CacheValidation.h:
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::redirectChainAllowsReuse):
        Add a "ReuseExpiredRedirectionOrNot" flag argument because in the case
        of an HistoryBuffer navigation, we don't mind reuse an expired
        redirection. However, we still need to make sure that the redirection
        is actually cached before reusing it.

        * loader/cache/CachedResource.h:
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::determineRevalidationPolicy):
        - Do the redirectChainAllowsReuse() check *before* checking if the cache
          policy is CachePolicyHistoryBuffer. This is needed because
          redirectChainAllowsReuse() will return false if the redirection is not
          cached. Loading from the cache in this case will cause us to load the
          wrong resource (the one before the redirection). This case is covered
          by http/tests/navigation/redirect-on-reload-updates-history-item.html.
        - Do not use the cached main resource if it has "cache-control: no-store",
          even if it is a history navigation (cachePolicy is
          CachePolicyHistoryBuffer). This maintains the previous behavior, and
          some layout tests rely on this. We now have to be explicit about it
          because cachePolicy() can now return CachePolicyHistoryBuffer for the
          main resource (not just sub-resources). This difference in behavior
          on history navigation for the main resource and sub-resources is not
          great. However, I chose to maintain this pre-existing behavior in this
          patch to do one behavior change at a time. We can harmonize this later.

        Previously, the order was not an issue because the main resource was
        always revalidated on back/forward navigation.

        (WebCore::CachedResourceLoader::cachePolicy):
        Return CachePolicyHistoryBuffer for the main resource in case of
        history navigation, instead of CachePolicyVerify so that we don't
        attempt to revalidate.

2015-01-06  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r177988.
        https://bugs.webkit.org/show_bug.cgi?id=140159

        mysteriously broke 2 tests (Requested by kling on #webkit).

        Reverted changeset:

        "Pack WebCore::RuleData better."
        https://bugs.webkit.org/show_bug.cgi?id=140109
        http://trac.webkit.org/changeset/177988

2015-01-06  Chris Dumez  <cdumez@apple.com>

        Setting '-webkit-filter' to 'brightness(calc(10% * 2))' does not work
        https://bugs.webkit.org/show_bug.cgi?id=140149

        Reviewed by Darin Adler.

        Setting '-webkit-filter' to 'brightness(calc(10% * 2))' was not working
        because the CSS parser did not handle calculated values inside
        brightness(). This patch addresses the issue.

        Test: fast/css/webkit-filter-calc.html

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseBuiltinFilterArguments):

2015-01-06  Zalan Bujtas  <zalan@apple.com>

        Assertion in RenderGeometryMap::mapToContainer with LayoutUnit overflow.
        https://bugs.webkit.org/show_bug.cgi?id=108619
        rdar://problem/19391214

        Use only FloatQuad in RenderGeometryMap::mapToContainer.

        Due to the difference in the internal representation of FloatRect and FloatQuad,
        with certain float values, converting FloatRect to FloatQuad and back
        to FloatRect could produce a slightly different rect.

        Reviewed by Simon Fraser.

        Test: fast/block/geometry-map-assertion-with-tall-content.html

        * rendering/RenderGeometryMap.cpp:
        (WebCore::RenderGeometryMap::mapToContainer):

2015-01-06  Sam Weinig  <sam@webkit.org>

        Allow MathML in dashboard compatibility mode
        https://bugs.webkit.org/show_bug.cgi?id=140153

        Reviewed by Alexey Proskuryakov.

        In what seems like an accident due to the way we used to disable SVG in 
        dashboard, MathML has been disable in dashboard compatibility mode. There
        does not seem to be any reason to keep this accidental quirk.

        Test: mathml/mathml-in-dashboard.html

        * dom/make_names.pl:
        (printFactoryCppFile):

2015-01-06  Simon Fraser  <simon.fraser@apple.com>

        Some composting reflections tests are broken
        https://bugs.webkit.org/show_bug.cgi?id=139889

        Reviewed by Tim Horton.
        
        When creating layer clones for reflections, we'd clobber the layer background
        color via resetting the custom appearance on the clone. Fix by having
        PlatformCALayerMac::updateCustomAppearance() only do work when the appearance changes.
        
        Some other drive-by nullptr changes, and include layer IDs in debug layer names.

        Covered by existing pixel tests.

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::setName):
        (WebCore::GraphicsLayerCA::swapFromOrToTiledLayer):
        * platform/graphics/ca/mac/PlatformCALayerMac.mm:
        (PlatformCALayerMac::updateCustomAppearance):
        (PlatformCALayerMac::tiledBacking):

2015-01-04  Sam Weinig  <sam@webkit.org>

        Modernize the HTMLElement factory
        https://bugs.webkit.org/show_bug.cgi?id=140063

        Reviewed by Darin Adler.

        Make the HTMLElement (and derived classes) create functions 
        and HTMLElementFactory return Refs rather than RefPtr/PassRefPtr.

        * Files elided *

2015-01-06  Alexey Proskuryakov  <ap@apple.com>

        ADDRESS_SANITIZER macro is overloaded
        https://bugs.webkit.org/show_bug.cgi?id=140130

        Reviewed by Anders Carlsson.

        * platform/RefCountedSupplement.h:
        * platform/Supplementable.h:
        Change the conditional to ENABLE(SECURITY_ASSERTIONS). These checks will be used
        in debug builds, and also when one explicitly passes -DENABLE_SECURITY_ASSERTIONS.

2015-01-06  Brian J. Burg  <burg@cs.washington.edu>

        Web Inspector: pass parameters to inspector agents by reference where possible
        https://bugs.webkit.org/show_bug.cgi?id=140002

        Reviewed by Andreas Kling.

        Pass parameters by-reference from inspector instrumentation entry
        points to inspector agents. If the event doesn't make sense with null
        arguments, perform null checks before calling agent methods.

        No new tests, no behavior changed.

        * inspector/InspectorCSSAgent.cpp:
        (WebCore::InspectorCSSAgent::didCreateNamedFlow):
        (WebCore::InspectorCSSAgent::willRemoveNamedFlow):
        (WebCore::InspectorCSSAgent::didChangeRegionOverset):
        (WebCore::InspectorCSSAgent::didRegisterNamedFlowContentElement):
        (WebCore::InspectorCSSAgent::didUnregisterNamedFlowContentElement):
        (WebCore::InspectorCSSAgent::forcePseudoState):
        * inspector/InspectorCSSAgent.h: Reorder methods to match instrumentation.
        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::handleTouchEvent):
        (WebCore::InspectorDOMAgent::didInsertDOMNode):
        (WebCore::InspectorDOMAgent::didRemoveDOMNode):
        (WebCore::InspectorDOMAgent::willModifyDOMAttr):
        (WebCore::InspectorDOMAgent::didModifyDOMAttr):
        (WebCore::InspectorDOMAgent::didRemoveDOMAttr):
        (WebCore::InspectorDOMAgent::characterDataModified):
        (WebCore::InspectorDOMAgent::didInvalidateStyleAttr):
        (WebCore::InspectorDOMAgent::didPushShadowRoot):
        (WebCore::InspectorDOMAgent::willPopShadowRoot):
        * inspector/InspectorDOMAgent.h: Reorder methods to match instrumentation.
        * inspector/InspectorDOMDebuggerAgent.cpp:
        (WebCore::InspectorDOMDebuggerAgent::didInvalidateStyleAttr):
        (WebCore::InspectorDOMDebuggerAgent::didInsertDOMNode):
        (WebCore::InspectorDOMDebuggerAgent::didRemoveDOMNode):
        (WebCore::InspectorDOMDebuggerAgent::willInsertDOMNode):
        (WebCore::InspectorDOMDebuggerAgent::willRemoveDOMNode):
        (WebCore::InspectorDOMDebuggerAgent::willModifyDOMAttr):
        * inspector/InspectorDOMDebuggerAgent.h:
        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::didClearWindowObjectInWorldImpl):
        (WebCore::InspectorInstrumentation::willInsertDOMNodeImpl):
        (WebCore::InspectorInstrumentation::didInsertDOMNodeImpl):
        (WebCore::InspectorInstrumentation::willRemoveDOMNodeImpl):
        (WebCore::InspectorInstrumentation::didRemoveDOMNodeImpl):
        (WebCore::InspectorInstrumentation::willModifyDOMAttrImpl):
        (WebCore::InspectorInstrumentation::didModifyDOMAttrImpl):
        (WebCore::InspectorInstrumentation::didRemoveDOMAttrImpl):
        (WebCore::InspectorInstrumentation::didInvalidateStyleAttrImpl):
        (WebCore::InspectorInstrumentation::didPushShadowRootImpl):
        (WebCore::InspectorInstrumentation::willPopShadowRootImpl):
        (WebCore::InspectorInstrumentation::didCreateNamedFlowImpl): Add null check.
        (WebCore::InspectorInstrumentation::willRemoveNamedFlowImpl): Add null check.
        (WebCore::InspectorInstrumentation::didChangeRegionOversetImpl):
        (WebCore::InspectorInstrumentation::didRegisterNamedFlowContentElementImpl):
        (WebCore::InspectorInstrumentation::didUnregisterNamedFlowContentElementImpl):
        (WebCore::InspectorInstrumentation::handleTouchEventImpl):
        (WebCore::InspectorInstrumentation::forcePseudoStateImpl):
        (WebCore::InspectorInstrumentation::characterDataModifiedImpl):
        (WebCore::InspectorInstrumentation::willEvaluateScriptImpl):
        (WebCore::InspectorInstrumentation::didEvaluateScriptImpl):
        (WebCore::InspectorInstrumentation::didInvalidateLayoutImpl):
        (WebCore::InspectorInstrumentation::willLayoutImpl):
        (WebCore::InspectorInstrumentation::willPaintImpl):
        (WebCore::InspectorInstrumentation::willScrollLayerImpl):
        (WebCore::InspectorInstrumentation::didScheduleStyleRecalculationImpl):
        (WebCore::InspectorInstrumentation::applyEmulatedMediaImpl):
        (WebCore::InspectorInstrumentation::willSendRequestImpl): Add null check.
        (WebCore::InspectorInstrumentation::didLoadResourceFromMemoryCacheImpl): Add null checks.
        (WebCore::InspectorInstrumentation::willReceiveResourceResponseImpl):  Add null check.
        (WebCore::InspectorInstrumentation::didReceiveResourceResponseImpl):
        (WebCore::InspectorInstrumentation::didReceiveResourceResponseButCanceledImpl): Add null check.
        (WebCore::InspectorInstrumentation::didFinishLoadingImpl): Add null check.
        (WebCore::InspectorInstrumentation::didFailLoadingImpl): Add null check.
        (WebCore::InspectorInstrumentation::domContentLoadedEventFiredImpl):
        (WebCore::InspectorInstrumentation::loadEventFiredImpl): Add null check.
        (WebCore::InspectorInstrumentation::frameDetachedFromParentImpl):
        (WebCore::InspectorInstrumentation::didCommitLoadImpl): Add null checks.
        (WebCore::InspectorInstrumentation::loaderDetachedFromFrameImpl):
        (WebCore::InspectorInstrumentation::willDestroyCachedResourceImpl):
        (WebCore::InspectorInstrumentation::startConsoleTimingImpl):
        (WebCore::InspectorInstrumentation::stopConsoleTimingImpl):
        (WebCore::InspectorInstrumentation::consoleTimeStampImpl):
        (WebCore::InspectorInstrumentation::didCreateWebSocketImpl): Add null check.
        (WebCore::InspectorInstrumentation::willSendWebSocketHandshakeRequestImpl): Add null check.
        (WebCore::InspectorInstrumentation::didReceiveWebSocketHandshakeResponseImpl): Add null check.
        (WebCore::InspectorInstrumentation::didCloseWebSocketImpl): Add null check.
        (WebCore::InspectorInstrumentation::renderLayerDestroyedImpl):
        (WebCore::InspectorInstrumentation::pseudoElementDestroyedImpl):
        (WebCore::InspectorInstrumentation::scriptsEnabledImpl): Deleted.
        (WebCore::InspectorInstrumentation::documentThreadableLoaderStartedLoadingForClientImpl): Deleted.
        (WebCore::InspectorInstrumentation::frameStartedLoadingImpl): Deleted.
        (WebCore::InspectorInstrumentation::willWriteHTMLImpl): Deleted.
        (WebCore::InspectorInstrumentation::startProfilingImpl): Deleted.
        * inspector/InspectorLayerTreeAgent.cpp:
        (WebCore::InspectorLayerTreeAgent::renderLayerDestroyed):
        (WebCore::InspectorLayerTreeAgent::pseudoElementDestroyed):
        * inspector/InspectorLayerTreeAgent.h:
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::frameDetached):
        (WebCore::InspectorPageAgent::loaderDetachedFromFrame):
        (WebCore::InspectorPageAgent::applyEmulatedMedia):
        * inspector/InspectorPageAgent.h:
        * inspector/InspectorReplayAgent.cpp:
        (WebCore::InspectorReplayAgent::frameDetached):
        * inspector/InspectorReplayAgent.h:
        * inspector/InspectorResourceAgent.cpp:
        (WebCore::InspectorResourceAgent::willSendRequest):
        (WebCore::InspectorResourceAgent::didReceiveResponse):
        (WebCore::InspectorResourceAgent::didFinishLoading):
        (WebCore::InspectorResourceAgent::didFailLoading):
        (WebCore::InspectorResourceAgent::didLoadResourceFromMemoryCache):
        (WebCore::InspectorResourceAgent::willDestroyCachedResource):
        (WebCore::InspectorResourceAgent::didScheduleStyleRecalculation):
        (WebCore::InspectorResourceAgent::mainFrameNavigated):
        * inspector/InspectorResourceAgent.h: Reorder methods to match instrumentation.
        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::didInvalidateLayout):
        (WebCore::InspectorTimelineAgent::willLayout):
        (WebCore::InspectorTimelineAgent::willPaint):
        (WebCore::InspectorTimelineAgent::willScroll):
        (WebCore::InspectorTimelineAgent::willEvaluateScript):
        (WebCore::InspectorTimelineAgent::didEvaluateScript):
        (WebCore::InspectorTimelineAgent::didTimeStamp):
        (WebCore::InspectorTimelineAgent::time):
        (WebCore::InspectorTimelineAgent::timeEnd):
        (WebCore::InspectorTimelineAgent::didMarkDOMContentEvent):
        (WebCore::InspectorTimelineAgent::didMarkLoadEvent):
        * inspector/InspectorTimelineAgent.h: Reorder methods to match instrumentation.
        * inspector/PageRuntimeAgent.cpp:
        (WebCore::PageRuntimeAgent::didCreateMainWorldContext):
        (WebCore::PageRuntimeAgent::didCreateIsolatedContext): Deleted. It has no callers.
        * inspector/PageRuntimeAgent.h:
        * replay/ReplayController.cpp:
        (WebCore::ReplayController::frameDetached):
        * replay/ReplayController.h:

2015-01-06  Anders Carlsson  <andersca@apple.com>

        Remove an old workaround for an old unsupported plug-in
        https://bugs.webkit.org/show_bug.cgi?id=140141

        Reviewed by Brent Fulgham.

        The old, pre-Vista(!) plug-in is no longer available so we don't need to have this workaround in place.
        (If for some bizarre reason we'd ever want to bring it back it should be a flag that the plug-in code sets on the timer,
        the shared timer code shouldn't know about plug-ins at all).

        * platform/win/SharedTimerWin.cpp:
        (WebCore::TimerWindowWndProc):

2015-01-06  Andreas Kling  <akling@apple.com>

        Pack WebCore::RuleData better.
        <https://webkit.org/b/140109>

        Reviewed by Benjamin Poulain.

        Shrink RuleData by 8 bytes per instance by reordering members so that
        the CSS JIT compilation status fits into the bitfield.

        * css/RuleSet.h:
        (WebCore::RuleData::compilationStatus):
        * cssjit/SelectorCompiler.h:
        (WebCore::SelectorCompilationStatus::SelectorCompilationStatus):

2015-01-06  Anders Carlsson  <andersca@apple.com>

        Add a WebKit1 database provider
        https://bugs.webkit.org/show_bug.cgi?id=140126

        Reviewed by Sam Weinig.

        Use a Ref instead of a RefPtr since the database provider can never be null now.

        * Modules/indexeddb/DOMWindowIndexedDatabase.cpp:
        (WebCore::DOMWindowIndexedDatabase::indexedDB):
        * page/Page.cpp:
        (WebCore::Page::Page):
        * page/Page.h:
        (WebCore::Page::databaseProvider):

2015-01-06  Antti Koivisto  <antti@apple.com>

        REGRESSION (r177876): 35% regression in Parser/html5-full-render
        https://bugs.webkit.org/show_bug.cgi?id=140123

        Followup fix.

        * platform/graphics/SimpleFontData.cpp:
        (WebCore::SimpleFontData::systemFallbackFontDataForCharacter):

            The code failed to pass isForPlatformFont boolean.

2015-01-06  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r177963.
        https://bugs.webkit.org/show_bug.cgi?id=140136

        Caused lots of crashes (Requested by smfr on #webkit).

        Reverted changeset:

        "Add a WebKit1 database provider"
        https://bugs.webkit.org/show_bug.cgi?id=140126
        http://trac.webkit.org/changeset/177963

2015-01-06  Antti Koivisto  <antti@apple.com>

        REGRESSION (r177876): 35% regression in Parser/html5-full-render
        https://bugs.webkit.org/show_bug.cgi?id=140123

        Reviewed by Darin Adler.

        Resolving system fallbacks is extremely slow. GlyphPageTree used to cache them globally.

        This patch brings back a simple global cache for system fallbacks.

        * platform/graphics/SimpleFontData.cpp:
        (WebCore::SimpleFontData::~SimpleFontData):
        (WebCore::systemFallbackCache):
        (WebCore::SimpleFontData::systemFallbackFontDataForCharacter):
        (WebCore::SimpleFontData::removeFromSystemFallbackCache):
        * platform/graphics/SimpleFontData.h:

2015-01-06  Antti Koivisto  <antti@apple.com>

        Rename SimpleFontData::AdditionalFontData to SimpleFontData::SVGData
        https://bugs.webkit.org/show_bug.cgi?id=140124

        Reviewed by Anders Carlsson.

        The current name is vague and confusing (as AdditionalFontData is not a FontData).

        * platform/graphics/FontGlyphs.cpp:
        (WebCore::FontGlyphs::glyphDataForCharacter):
        * platform/graphics/SimpleFontData.cpp:
        (WebCore::SimpleFontData::SimpleFontData):
        (WebCore::SimpleFontData::~SimpleFontData):
        (WebCore::fillGlyphPage):
        (WebCore::SimpleFontData::createScaledFontData):
        * platform/graphics/SimpleFontData.h:
        (WebCore::SimpleFontData::widthForGlyph):
        * rendering/svg/SVGTextLayoutEngineSpacing.cpp:
        (WebCore::SVGTextLayoutEngineSpacing::calculateSVGKerning):
        * rendering/svg/SVGTextRunRenderingContext.cpp:
        (WebCore::svgFontAndFontFaceElementForFontData):
        * svg/SVGFontData.h:

2015-01-06  Timothy Horton  <timothy_horton@apple.com>

        Make explicit which TextIndicator animations are driven manually, and which run automatically
        https://bugs.webkit.org/show_bug.cgi?id=140113
        <rdar://problem/19383425>

        Reviewed by Darin Adler.

        * page/TextIndicator.cpp:
        (WebCore::TextIndicator::wantsManualAnimation):
        Add wantsManualAnimation(). The old transitions (Bounce and BounceAndCrossfade)
        run automatically, and the new ones (FadeIn and Crossfade) are driven manually.

        * page/TextIndicator.h:
        Add a comment explaining which animations are manual and which are not.

        * page/mac/TextIndicatorWindow.mm:
        (-[WebTextIndicatorView present]):
        Make use of wantsManualAnimation(). The previous (wantsFadeIn || wantsCrossfade)
        was wrong, because it was true for BounceAndCrossfade, and would cause
        BounceAndCrossfade animations (which aren't driven manually) to stall at progress=0.

2015-01-06  Anders Carlsson  <andersca@apple.com>

        Give empty pages a valid database provider.

        * loader/EmptyClients.cpp:
        (WebCore::fillWithEmptyClients):

2015-01-06  Myles C. Maxfield  <mmaxfield@apple.com>

        Fix iOS build after r177955 and r177952.

        Unreviewed.

        * html/parser/HTMLTreeBuilder.cpp:
        (WebCore::HTMLTreeBuilder::insertPhoneNumberLink):
        * platform/graphics/mac/ComplexTextController.cpp:
        (WebCore::ComplexTextController::adjustGlyphsAndAdvances):

2015-01-06  Anders Carlsson  <andersca@apple.com>

        Remove now unused IndexedDB code
        https://bugs.webkit.org/show_bug.cgi?id=140128

        Reviewed by Darin Adler.

        * CMakeLists.txt:
        Remove files.

        * Modules/indexeddb/DOMWindowIndexedDatabase.cpp:
        Don't include PageGroupIndexedDatabase.h.

        * Modules/indexeddb/IDBFactoryBackendInterface.cpp: Removed.
        Remove this file, it just had one function calling through to the database strategy.

        * Modules/indexeddb/IDBFactoryBackendInterface.h:
        Remove the create function.

        * Modules/indexeddb/PageGroupIndexedDatabase.cpp: Removed.
        * Modules/indexeddb/PageGroupIndexedDatabase.h: Removed.
        The backend is now per page, not per page group.

        * WebCore.exp.in:
        Remove an exported symbol.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        Remove files.

        * page/PageGroup.h:
        PageGroup is no longer supplementable.

        * platform/DatabaseStrategy.cpp:
        (WebCore::DatabaseStrategy::createIDBFactoryBackend): Deleted.
        * platform/DatabaseStrategy.h:
        Remove a header.

2015-01-06  Anders Carlsson  <andersca@apple.com>

        Try to fix the Windows build.

        * WebCore.vcxproj/copyForwardingHeaders.cmd:

2015-01-06  Chris Dumez  <cdumez@apple.com>

        Regression(r176212): Carousel on mbusa.com is choppy
        https://bugs.webkit.org/show_bug.cgi?id=139543
        <rdar://problem/19209406>

        Reviewed by Antti Koivisto.

        A repeating DOM timer changing the style of an element that has
        overflowing content that is visible would get throttled in the
        case where the overflowing content has its own layer. This is
        because the repaint rect returned by
        RenderObject::absoluteClippedOverflowRect() does not take into
        consideration descendants with their own self-painting layer when
        accounting for the overflow.

        Until I can find a relatively cheap way of computing the overflow
        in this case, this patch takes the conservative approach and
        assumes we may repaint inside the viewport if the element does not
        have a layer or if any of its descendants has its own layer.

        This patch also renames isInsideViewport() function to
        mayCauseRepaintInsideViewport() for clarity.

        Tests: fast/dom/repeating-timer-element-overflow-hidden-throttling.html
               fast/dom/repeating-timer-element-overflowing-child-own-layer-throttling.html

        * dom/Element.cpp:
        (WebCore::Element::mayCauseRepaintInsideViewport):
        (WebCore::Element::isInsideViewport): Deleted.
        * dom/Element.h:
        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::scriptDidCauseElementRepaint):
        (WebCore::DOMTimer::updateThrottlingStateAfterViewportChange):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::mayCauseRepaintInsideViewport):
        (WebCore::RenderElement::isInsideViewport): Deleted.
        * rendering/RenderElement.h:

2015-01-06  Anders Carlsson  <andersca@apple.com>

        Add a WebKit1 database provider
        https://bugs.webkit.org/show_bug.cgi?id=140126

        Reviewed by Sam Weinig.

        Use a Ref instead of a RefPtr since the database provider can never be null now.

        * Modules/indexeddb/DOMWindowIndexedDatabase.cpp:
        (WebCore::DOMWindowIndexedDatabase::indexedDB):
        * page/Page.cpp:
        (WebCore::Page::Page):
        * page/Page.h:
        (WebCore::Page::databaseProvider):

2015-01-06  Brent Fulgham  <bfulgham@apple.com>

        [Win] Unreviewed build fix after r177952.

        Remove double class namespace in appendToAttributeValue.

        * html/parser/HTMLToken.h:
        (WebCore::HTMLToken::appendToAttributeValue): Added,
        (WebCore::HTMLToken::HTMLToken::appendToAttributeValue): Deleted.

2015-01-05  Anders Carlsson  <andersca@apple.com>

        Add a DatabaseProvider subclass in WebKit2 and use it for IndexedDB
        https://bugs.webkit.org/show_bug.cgi?id=140108

        Reviewed by Darin Adler.

        * Modules/indexeddb/DOMWindowIndexedDatabase.cpp:
        (WebCore::DOMWindowIndexedDatabase::indexedDB):
        Get the IDBFactoryBackendInterface from the database provider.

        * page/DatabaseProvider.cpp:
        (WebCore::DatabaseProvider::idbFactoryBackend):
        Change this to return a pointer.

        * page/Page.h:
        (WebCore::Page::databaseProvider):
        Add a getter.

2015-01-06  Brent Fulgham  <bfulgham@apple.com>

        [Win] Another build fix attempt.

        Reorder function declarations to avoid confusing compiler. Add explicit namespace for
        out copied functions to avoid attempting to link against bindings version of these files.

        * plugins/PluginPackage.cpp:
        (WebCore::makeSource):
        (WebCore::NPN_Evaluate):
        (WebCore::NPN_Invoke):
        (WebCore::PluginPackage::initializeBrowserFuncs):

2015-01-06  Chris Dumez  <cdumez@apple.com>

        Move '-webkit-scroll-snap-*' CSS properties to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=140112

        Reviewed by Darin Adler.

        Move '-webkit-scroll-snap-*' CSS properties to the new StyleBuilder.

        * css/CSSPropertyNames.in:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::parseSnapCoordinate):
        (WebCore::StyleBuilderConverter::convertScrollSnapPoints):
        (WebCore::StyleBuilderConverter::convertSnapCoordinatePair):
        (WebCore::StyleBuilderConverter::convertScrollSnapCoordinates):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):
        (WebCore::StyleResolver::parseSnapCoordinate): Deleted.
        (WebCore::StyleResolver::parseSnapCoordinatePair): Deleted.
        (WebCore::StyleResolver::parseSnapPoints): Deleted.
        * css/StyleResolver.h:

2015-01-06  Antti Koivisto  <antti@apple.com>

        Resolve mirroring and variant in Font instead of FontGlyphs
        https://bugs.webkit.org/show_bug.cgi?id=140079

        Reviewed by Darin Adler.

        Make FontGlyphs more focused. It doesn't need to know about resolving variants and mirroring.

        * platform/graphics/Font.cpp:
        (WebCore::Font::glyphDataForCharacter):
        * platform/graphics/Font.h:
        (WebCore::Font::glyphDataForCharacter): Deleted.
        * platform/graphics/FontGlyphs.cpp:
        (WebCore::FontGlyphs::glyphDataForCharacter):
        * platform/graphics/FontGlyphs.h:

2015-01-06  Shivakumar JM  <shiva.jm@samsung.com>

        Fix Unused parameter warning in Webcore bindings.
        https://bugs.webkit.org/show_bug.cgi?id=140118

        Reviewed by Gyuyoung Kim.

        remove the Unused parameter from createScriptInstanceForWidget() function

        No new tests, no behavior changed.

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::createScriptInstanceForWidget):

2015-01-05  Antti Koivisto  <antti@apple.com>

        Font::primaryFontData() should return a reference
        https://bugs.webkit.org/show_bug.cgi?id=140081

        Reviewed by Darin Adler.

        It is not null.

        Also rename primaryFont() -> primaryFontData().

        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (AXAttributeStringSetStyle):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (AXAttributeStringSetStyle):
        * bindings/objc/DOM.mm:
        (-[DOMElement _font]):
        * editing/cocoa/HTMLConverter.mm:
        (_font):
        (WebCore::editingAttributedStringFromRange):
        * editing/ios/EditorIOS.mm:
        (WebCore::Editor::fontForSelection):
        (WebCore::Editor::fontAttributesForSelectionStart):
        * editing/mac/EditorMac.mm:
        (WebCore::Editor::fontForSelection):
        (WebCore::Editor::fontAttributesForSelectionStart):
        * platform/graphics/Font.cpp:
        (WebCore::Font::fastAverageCharWidthIfAvailable):
        * platform/graphics/Font.h:
        (WebCore::Font::fontMetrics):
        (WebCore::Font::spaceWidth):
        (WebCore::Font::tabWidth):
        (WebCore::Font::primaryFontData):
        (WebCore::Font::primaryFont): Deleted.
        * platform/graphics/FontFastPath.cpp:
        (WebCore::Font::primaryFontHasGlyphForCharacter):
        * platform/graphics/FontGlyphs.cpp:
        (WebCore::FontGlyphs::determinePitch):
        (WebCore::FontGlyphs::glyphDataForSystemFallback):
        (WebCore::FontGlyphs::glyphDataForCharacter):
        * platform/graphics/FontGlyphs.h:
        (WebCore::FontGlyphs::primaryFontData):
        (WebCore::FontGlyphs::primarySimpleFontData):
        * platform/graphics/WidthIterator.cpp:
        (WebCore::WidthIterator::advanceInternal):
        * platform/graphics/mac/ComplexTextController.cpp:
        (WebCore::ComplexTextController::advance):
        (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
        * platform/graphics/mac/ComplexTextController.h:
        (WebCore::ComplexTextController::ComplexTextRun::create):
        (WebCore::ComplexTextController::ComplexTextRun::fontData):
        * platform/graphics/mac/ComplexTextControllerCoreText.mm:
        (WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun):
        (WebCore::ComplexTextController::collectComplexTextRunsForCharacters):
        * platform/graphics/mac/FontMac.mm:
        (WebCore::Font::primaryFontDataIsSystemFont):
        * platform/graphics/opentype/OpenTypeMathData.cpp:
        * platform/graphics/opentype/OpenTypeMathData.h:
        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::requiresIdeographicBaseline):
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::constructTextRun):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::adjustLogicalLeftOffsetForLine):
        (WebCore::RenderBlock::adjustLogicalRightOffsetForLine):
        (WebCore::constructTextRunInternal):
        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::preferredContentLogicalWidth):
        * rendering/RenderThemeIOS.mm:
        (WebCore::adjustInputElementButtonStyle):
        * rendering/RootInlineBox.cpp:
        (WebCore::RootInlineBox::ascentAndDescentForBox):
        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseFor):
        * rendering/mathml/RenderMathMLOperator.cpp:
        (WebCore::RenderMathMLOperator::getGlyphAssemblyFallBack):
        (WebCore::RenderMathMLOperator::getDisplayStyleLargeOperator):
        (WebCore::RenderMathMLOperator::findStretchyData):
        (WebCore::RenderMathMLOperator::trailingSpaceError):
        * rendering/mathml/RenderMathMLRadicalOperator.cpp:
        (WebCore::RenderMathMLRadicalOperator::stretchTo):
        (WebCore::RenderMathMLRadicalOperator::computePreferredLogicalWidths):
        (WebCore::RenderMathMLRadicalOperator::computeLogicalHeight):
        (WebCore::RenderMathMLRadicalOperator::paint):
        * rendering/mathml/RenderMathMLRoot.cpp:
        (WebCore::RenderMathMLRoot::updateStyle):
        * rendering/svg/SVGInlineTextBox.cpp:
        (WebCore::SVGInlineTextBox::constructTextRun):
        * rendering/svg/SVGTextLayoutEngineSpacing.cpp:
        (WebCore::SVGTextLayoutEngineSpacing::calculateSVGKerning):
        * rendering/svg/SVGTextMetrics.cpp:
        (WebCore::SVGTextMetrics::constructTextRun):
        (WebCore::SVGTextMetrics::SVGTextMetrics):
        * rendering/svg/SVGTextRunRenderingContext.cpp:
        (WebCore::missingGlyphForFont):
        (WebCore::SVGTextRunRenderingContext::glyphDataForCharacter):

2015-01-06  Chris Dumez  <cdumez@apple.com>

        Move '-webkit-filter' / '-webkit-backdrop-filter' to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=140111

        Reviewed by Darin Adler.

        Move '-webkit-filter' / '-webkit-backdrop-filter' to the new
        StyleBuilder.

        * css/CSSFilterImageValue.cpp:
        (WebCore::CSSFilterImageValue::createFilterOperations):
        * css/CSSPropertyNames.in:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertFilterOperations):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):
        (WebCore::StyleResolver::createFilterOperations):
        * css/StyleResolver.h:

2015-01-05  Darin Adler  <darin@apple.com>

        Modernize and streamline HTMLToken and AtomicHTMLToken
        https://bugs.webkit.org/show_bug.cgi?id=140046

        Reviewed by Andreas Kling.

        * editing/MarkupAccumulator.cpp:
        (WebCore::MarkupAccumulator::appendDocumentType): Added code to properly
        handle empty strings for systemId and publicId, rather than treating them
        the same as missing systemId and publicId.

        * html/parser/AtomicHTMLToken.h: Removed unneeded includes.
        Moved function bodies out of the class so it's easier to see the contents of
        the class. Renamed the isAll8BitData function to charactersIsAll8BitData
        to make it clear that it is correct only for AtomicHTMLToken::characters.
        Made more things private. Moved the findAttributeInVector function here
        and renamed it to just findAttribute. Use unsigned instead of int and
        size_t as appropriate. Changed the constructor that makes a fake one of
        these to move the Vector of attributes in rather than copying it.

        * html/parser/HTMLConstructionSite.cpp:
        (WebCore::HTMLConstructionSite::insertDoctype): Moved the code to create
        a string from here into AtomicHTMLToken.
        (WebCore::HTMLConstructionSite::createElementFromSavedToken): Updated
        to construct the Vector explicitly because all other call sites pass
        ownership of the Vector in to the AtomicHTMLToken.

        * html/parser/HTMLDocumentParser.cpp:
        (WebCore::HTMLDocumentParser::pumpTokenizer): Check for an uninitialized
        token without using a special function just for this purpose.
        (WebCore::HTMLDocumentParser::constructTreeFromHTMLToken): Ditto.

        * html/parser/HTMLParserIdioms.h: Removed the version of
        stripLeadingAndTrailingHTMLSpaces that takes a character vector. Instead
        the caller can make a string. Later we might want this to work with
        a StringView, or a StringView/String combination.

        * html/parser/HTMLPreloadScanner.cpp:
        (WebCore::TokenPreloadScanner::scan): Updated to not use HTMLToken::data.
        (WebCore::TokenPreloadScanner::updatePredictedBaseURL): Updated to not use
        HTMLToken::getAttributeItem and to not require a special overload of the
        stripLeadingAndTrailingHTMLSpaces function.

        * html/parser/HTMLSourceTracker.cpp:
        (WebCore::HTMLSourceTracker::end): Updated to call the token-ending
        function by its new name, setEndOffset.
        (WebCore::HTMLSourceTracker::sourceForToken): Updated since we no
        longer have a startIndex function that already returns 0. Instead just
        call length. Also use unsigned instead of size_t.

        * html/parser/HTMLStackItem.h:
        (WebCore::HTMLStackItem::getAttributeItem): Updated for name change.

        * html/parser/HTMLToken.h: Removed the many unneeded includes,
        including the self-include! Turned DoctypeData into a normal struct
        without m_ prefixes on its member names. Turned HTMLToken::Attribute and
        HTMLToken::Attribute::Range into normal structs. Moved function
        bodies out of the class so it's easier to see the contents of
        the class. Removed a few now-unneeded functions.

        * html/parser/HTMLTokenizer.cpp: Removed the AtomicHTMLToken function
        members that used to be here. None are needed any more; they are now all
        just inlined at the call site. If we need any non-inline functions, then
        we sould probably create an AtomicHTMLToken.cpp file instead.
        (WebCore::HTMLTokenizer::processEntity): Use the new bufferASCIICharacter
        function in all the cases where we know a character is ASCII to cut down
        on the amount of 8-bit checking we have to do.
        (WebCore::HTMLTokenizer::nextToken): Ditto.

        * html/parser/HTMLTokenizer.h: Added a new bufferASCIICharacter function
        so we don't have to do 8-bit checks on so many characters as we buffer
        them. Also removed the call to ensureIsCharacterToken, since appendToCharacter
        now does that. Also deleted overloads of bufferCharacter so we remember to
        call bufferASCIICharacter instead.

        * html/parser/HTMLTreeBuilder.cpp:
        (WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::ExternalCharacterTokenBuffer):
        Updated for change in AtomicHTMLToken function names.
        (WebCore::HTMLTreeBuilder::processIsindexStartTagForInBody): Ditto.
        (WebCore::HTMLTreeBuilder::processStartTagForInBody): Ditto.
        (WebCore::HTMLTreeBuilder::processStartTagForInTable): Ditto.
        (WebCore::hasAttribute): Added.
        (WebCore::HTMLTreeBuilder::processTokenInForeignContent): Use hasAtttribute.

        * html/parser/TextDocumentParser.cpp:
        (WebCore::TextDocumentParser::insertFakePreElement): Move the attributes in
        rather than copying them in.

        * html/parser/XSSAuditor.cpp:
        (WebCore::XSSAuditor::filterCharacterToken): Use clear so we don't have to
        have an eraseCharacters function. Use a local variable to avoid overloading
        ambiguity.
        (WebCore::XSSAuditor::decodedSnippetForAttribute): Fixed a typo and the types
        of some local variables.

2015-01-05  Darin Adler  <darin@apple.com>

        Revert mistake in yesterday's HTMLDocumentParser refactor.
        https://bugs.webkit.org/show_bug.cgi?id=140041

        * html/parser/HTMLDocumentParser.cpp:
        (WebCore::HTMLDocumentParser::HTMLDocumentParser): Pass the parser content policy
        from the parserContentPolicy function, not the raw policy that was passed in. This
        restores the behavior from before r177883.

2015-01-05  Chris Dumez  <cdumez@apple.com>

        Using calc() for -webkit-filter does not work
        https://bugs.webkit.org/show_bug.cgi?id=140106

        Reviewed by Darin Adler.

        Using calc() for -webkit-filter did not work because the CSS parser did
        not handle it properly. This patch addresses the issue.

        Test: fast/css/webkit-filter-calc.html

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseBuiltinFilterArguments):

2015-01-05  Chris Dumez  <cdumez@apple.com>

        Allow HTTPS + 'Cache-control: no-cache' pages into the page cache
        https://bugs.webkit.org/show_bug.cgi?id=139251

        Reviewed by Darin Adler.

        Allow HTTPS + 'Cache-control: no-cache' pages into the page cache as
        IE10+ and Google Chrome do, and as allowed by RFC2616 & newer RFC7234
        (both RFCs distinguish history mechanisms and caches).

        Pages over HTTPs using 'Cache-control: no-store' still don't go into
        the page cache for now.

        Test: http/tests/navigation/https-in-page-cache.html

        * history/PageCache.cpp:
        (WebCore::logCanCacheFrameDecision):
        (WebCore::PageCache::canCachePageContainingThisFrame):
        * platform/FeatureCounterKeys.h:

2015-01-05  Chris Dumez  <cdumez@apple.com>

        Using calc() in repeat() for -webkit-grid-template-rows does not work
        https://bugs.webkit.org/show_bug.cgi?id=140094

        Reviewed by Darin Adler.

        Using calc() in repeat() for -webkit-grid-template-rows was not working
        because the CSS parser was not handling this case properly. This patch
        addresses the issue.

        Test: fast/css-grid-layout/grid-repeat-calc.html

        * css/CSSCalculationValue.h:
        (WebCore::CSSCalcValue::isPositive):
        Add isPositive() method as it is needed by
        CSSParser::validateCalculationUnit().

        * css/CSSParser.cpp:
        (WebCore::CSSParser::validateCalculationUnit):
        Add support for FPositiveInteger, similarly to what was done in
        validateUnit(). This would cause us to consider calc(1 + 1) as invalid
        if a FPositiveInteger was requested.

        (WebCore::CSSParser::parseGridTrackRepeatFunction):
        Do not access fValue directly and call parsedDouble() instead as it
        correctly handles calculation values.

2015-01-05  Chris Dumez  <cdumez@apple.com>

        calc() cannot be used in steps() for -webkit-animation-timing-function
        https://bugs.webkit.org/show_bug.cgi?id=140091

        Reviewed by Darin Adler.

        calc() could not be used in steps() for -webkit-animation-timing-function
        CSS property because the CSS parser did not handle this case properly.
        This patch addresses the issue.

        Test: fast/css/animation-steps-calculated-value.html

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseAnimationTimingFunction):

2015-01-05  Brent Fulgham  <bfulgham@apple.com>

        [Win] One more build fix for r177937.

        * plugins/PluginPackage.cpp: Provide forward declaration for local NPN_Evaluate
        implementation to avoid linker error.

2015-01-05  Brent Fulgham  <bfulgham@apple.com>

        [Win] Unreviewed build fix after r177937.

        Add the missing #include and namespace declarations to get a clean build.

        * bindings/js/JSWebGLRenderingContextCustom.cpp:
        (WebCore::JSWebGLRenderingContext::getAttachedShaders):
        * plugins/PluginPackage.cpp:
        (WebCore::getListFromVariantArgs):
        (WebCore::NPN_Invoke):
        (WebCore::makeSource):
        (WebCore::NPN_Evaluate):

2015-01-05  Anders Carlsson  <andersca@apple.com>

        Remove PluginViewNone.cpp
        https://bugs.webkit.org/show_bug.cgi?id=140107

        Reviewed by Andreas Kling.

        * CMakeLists.txt:
        * PlatformEfl.cmake:
        * PlatformGTK.cmake:
        * PlatformWin.cmake:
        * WebCore.xcodeproj/project.pbxproj:
        * plugins/PluginViewNone.cpp: Removed.

2015-01-05  Anders Carlsson  <andersca@apple.com>

        Stop including PluginView.h from cross platform WebCore code
        https://bugs.webkit.org/show_bug.cgi?id=140105

        Reviewed by Andreas Kling.

        Instead, include PluginViewBase.h. This will allow us to move the old plug-in implementation to WebKit.

        * bindings/js/ScriptController.cpp:
        * bridge/NP_jsobject.cpp:
        (_NPN_Evaluate):
        * inspector/PageScriptDebugServer.cpp:
        (WebCore::PageScriptDebugServer::setJavaScriptPaused):
        * loader/FrameLoaderClient.h:
        * page/Page.cpp:
        * plugins/PluginViewBase.h:
        (WebCore::PluginViewBase::setJavaScriptPaused):

2015-01-05  Anders Carlsson  <andersca@apple.com>

        Introduce a per-page database provider class
        https://bugs.webkit.org/show_bug.cgi?id=140102

        Reviewed by Sam Weinig.

        This class will replace DatabaseStrategy and allow for different providers per page.

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * page/DatabaseProvider.cpp: Added.
        (WebCore::DatabaseProvider::~DatabaseProvider):
        (WebCore::DatabaseProvider::idbFactoryBackend):
        * page/DatabaseProvider.h: Added.
        * page/Page.cpp:
        (WebCore::Page::Page):
        * page/Page.h:
        * page/PageConfiguration.cpp:
        * page/PageConfiguration.h:

2015-01-05  Anders Carlsson  <andersca@apple.com>

        Add copies of NPN_Evaluate and NPN_Invoke on Windows
        https://bugs.webkit.org/show_bug.cgi?id=140103

        Reviewed by Andreas Kling.

        While this is unfortunate, it will allow us to get rid of PluginView.h and PluginViewNone.cpp
        from the cross platform WebCore code and then move the plug-in code to WebKit/win (which is the only client of this plug-in implementation).

        * plugins/PluginPackage.cpp:
        (WebCore::NPN_Invoke):
        (WebCore::NPN_Evaluate):
        (WebCore::PluginPackage::initializeBrowserFuncs):

2015-01-05  Andreas Kling  <akling@apple.com>

        Purge PassRefPtr from Page.
        <https://webkit.org/b/140089>

        Reviewed by Anders Carlsson.

        Use Ref or RefPtr instead of PassRefPtr as appropriate in WebCore::Page.

        * page/Page.cpp:
        (WebCore::Page::rangeOfString):
        (WebCore::Page::setSessionStorage):
        * page/Page.h:
        * page/mac/PageMac.cpp:
        (WebCore::Page::addSchedulePair):
        (WebCore::Page::removeSchedulePair):

2015-01-05  Chris Dumez  <cdumez@apple.com>

        Regression(r163928): Animated images are not resumed on window resizing
        https://bugs.webkit.org/show_bug.cgi?id=139714
        <rdar://problem/18855285>

        Reviewed by Darin Adler.

        After r163928, animated images were not resumed if they became visible
        after resizing the window. This patch calls resumes animated images if
        necessary in FrameView::setFrameRect() to handle this case properly.

        Tests: fast/images/animated-gif-window-resizing.html
               fast/images/animated-gif-zooming.html

        * page/FrameView.cpp:
        (WebCore::FrameView::setFrameRect):

2015-01-01  Brian J. Burg  <burg@cs.washington.edu>

        Web Inspector: pass parameters to inspector instrumentation by reference where possible
        https://bugs.webkit.org/show_bug.cgi?id=139981

        Reviewed by Andreas Kling.

        Clean up inspector instrumentation entry points throughout WebCore. In particular, make
        parameters pass-by-reference if they are not nullable. Also standardize quirky parameter
        orders and do other small cleanups in InspectorInstrumentation and at callsites.

        Inspector agents still take the pertinent parameters by pointer even when they could be
        passed by reference. This will be addressed in a follow-up change.

        No new tests, no behavior changed.

        * WebCore.exp.in:
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::evaluateInWorld):
        * css/PropertySetCSSStyleDeclaration.cpp:
        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        (WebCore::SelectorChecker::matchesFocusPseudoClass):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::styleForElement):
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::elementIsActive):
        (WebCore::SelectorCompiler::elementIsActiveForStyleResolution):
        (WebCore::SelectorCompiler::elementIsHovered):
        (WebCore::SelectorCompiler::elementIsHoveredForStyleResolution):
        * dom/CharacterData.cpp:
        (WebCore::CharacterData::dispatchModifiedEvent): Remove unnecessary ENABLE guard.
        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::insertBefore):
        (WebCore::ContainerNode::replaceChild):
        (WebCore::ContainerNode::removeBetween):
        (WebCore::ContainerNode::appendChild):
        (WebCore::dispatchChildRemovalEvents):
        * dom/ContainerNodeAlgorithms.h:
        (WebCore::ChildNodeInsertionNotifier::notify): Remove unnecessary ENABLE guard.
        * dom/Document.cpp:
        (WebCore::Document::scheduleStyleRecalc):
        (WebCore::Document::recalcStyle):
        (WebCore::Document::finishedParsing): This is safe because we checked the argument.
        * dom/Element.cpp:
        (WebCore::Element::addShadowRoot):
        (WebCore::Element::removeShadowRoot): This is safe because we checked the argument.
        (WebCore::Element::willModifyAttribute): Remove unnecessary ENABLE guard.
        (WebCore::Element::didAddAttribute):
        (WebCore::Element::didModifyAttribute):
        (WebCore::Element::didRemoveAttribute):
        * dom/EventTarget.cpp:
        (WebCore::EventTarget::fireEventListeners): This is safe because the type test would fail if null.
        * dom/NamedFlowCollection.cpp: Pass by reference since code already assumes non-null.
        (WebCore::NamedFlowCollection::ensureFlowWithName):
        (WebCore::NamedFlowCollection::discardNamedFlow):
        * dom/PseudoElement.cpp:
        (WebCore::PseudoElement::~PseudoElement):
        * dom/StyledElement.cpp:
        (WebCore::StyledElement::styleAttributeChanged):
        (WebCore::StyledElement::inlineStyleChanged):
        * inspector/InspectorConsoleInstrumentation.h:
        (WebCore::InspectorInstrumentation::addMessageToConsole):
        (WebCore::InspectorInstrumentation::consoleCount):
        (WebCore::InspectorInstrumentation::startConsoleTiming):
        (WebCore::InspectorInstrumentation::stopConsoleTiming):
        (WebCore::InspectorInstrumentation::consoleTimeStamp):
        (WebCore::InspectorInstrumentation::startProfiling):
        (WebCore::InspectorInstrumentation::stopProfiling):
        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::didClearWindowObjectInWorld):
        (WebCore::InspectorController::connectFrontend):
        (WebCore::InspectorController::disconnectFrontend):
        * inspector/InspectorController.h: Remove instrumentationForPage() in favor of using instrumentingAgentsForPage() directly.
        * inspector/InspectorDatabaseInstrumentation.h:
        (WebCore::InspectorInstrumentation::didOpenDatabase):
        * inspector/InspectorInstrumentation.cpp: Add missing s_ prefix for global s_instrumentingAgentSets. Pass the instrumenting
        agent by reference since it was already null-checked if we reached a slow path for instrumentation.
        (WebCore::InspectorInstrumentation::didClearWindowObjectInWorldImpl):
        (WebCore::InspectorInstrumentation::isDebuggerPausedImpl):
        (WebCore::InspectorInstrumentation::willInsertDOMNodeImpl):
        (WebCore::InspectorInstrumentation::didInsertDOMNodeImpl):
        (WebCore::InspectorInstrumentation::willRemoveDOMNodeImpl):
        (WebCore::InspectorInstrumentation::didRemoveDOMNodeImpl):
        (WebCore::InspectorInstrumentation::willModifyDOMAttrImpl):
        (WebCore::InspectorInstrumentation::didModifyDOMAttrImpl):
        (WebCore::InspectorInstrumentation::didRemoveDOMAttrImpl):
        (WebCore::InspectorInstrumentation::didInvalidateStyleAttrImpl):
        (WebCore::InspectorInstrumentation::frameWindowDiscardedImpl):
        (WebCore::InspectorInstrumentation::mediaQueryResultChangedImpl):
        (WebCore::InspectorInstrumentation::didPushShadowRootImpl):
        (WebCore::InspectorInstrumentation::willPopShadowRootImpl):
        (WebCore::InspectorInstrumentation::didCreateNamedFlowImpl):
        (WebCore::InspectorInstrumentation::willRemoveNamedFlowImpl):
        (WebCore::InspectorInstrumentation::didChangeRegionOversetImpl):
        (WebCore::InspectorInstrumentation::didRegisterNamedFlowContentElementImpl):
        (WebCore::InspectorInstrumentation::didUnregisterNamedFlowContentElementImpl):
        (WebCore::InspectorInstrumentation::mouseDidMoveOverElementImpl):
        (WebCore::InspectorInstrumentation::didScrollImpl):
        (WebCore::InspectorInstrumentation::handleTouchEventImpl):
        (WebCore::InspectorInstrumentation::handleMousePressImpl):
        (WebCore::InspectorInstrumentation::forcePseudoStateImpl):
        (WebCore::InspectorInstrumentation::characterDataModifiedImpl):
        (WebCore::InspectorInstrumentation::willSendXMLHttpRequestImpl):
        (WebCore::InspectorInstrumentation::didScheduleResourceRequestImpl):
        (WebCore::InspectorInstrumentation::didInstallTimerImpl):
        (WebCore::InspectorInstrumentation::didRemoveTimerImpl):
        (WebCore::InspectorInstrumentation::willCallFunctionImpl):
        (WebCore::InspectorInstrumentation::willDispatchXHRReadyStateChangeEventImpl):
        (WebCore::InspectorInstrumentation::willDispatchEventImpl):
        (WebCore::InspectorInstrumentation::willHandleEventImpl):
        (WebCore::InspectorInstrumentation::didHandleEventImpl): Add proper cookie guard and pass by reference.
        (WebCore::InspectorInstrumentation::willDispatchEventOnWindowImpl):
        (WebCore::InspectorInstrumentation::willEvaluateScriptImpl):
        (WebCore::InspectorInstrumentation::didEvaluateScriptImpl):
        (WebCore::InspectorInstrumentation::scriptsEnabledImpl):
        (WebCore::InspectorInstrumentation::didCreateIsolatedContextImpl): Removed, as there are no callers from WebCore. Possible V8 artifact.
        (WebCore::InspectorInstrumentation::willFireTimerImpl):
        (WebCore::InspectorInstrumentation::didFireTimerImpl): Add proper cookie guard and pass by reference.
        (WebCore::InspectorInstrumentation::didInvalidateLayoutImpl):
        (WebCore::InspectorInstrumentation::willLayoutImpl):
        (WebCore::InspectorInstrumentation::willDispatchXHRLoadEventImpl):
        (WebCore::InspectorInstrumentation::willPaintImpl):
        (WebCore::InspectorInstrumentation::didPaintImpl):
        (WebCore::InspectorInstrumentation::willScrollLayerImpl):
        (WebCore::InspectorInstrumentation::didScrollLayerImpl):
        (WebCore::InspectorInstrumentation::willRecalculateStyleImpl):
        (WebCore::InspectorInstrumentation::didRecalculateStyleImpl): Add proper cookie guard and pass by reference.
        (WebCore::InspectorInstrumentation::didScheduleStyleRecalculationImpl):
        (WebCore::InspectorInstrumentation::applyEmulatedMediaImpl): Pass string by reference.
        (WebCore::InspectorInstrumentation::willSendRequestImpl):
        (WebCore::InspectorInstrumentation::continueAfterPingLoaderImpl):
        (WebCore::InspectorInstrumentation::markResourceAsCachedImpl):
        (WebCore::InspectorInstrumentation::didLoadResourceFromMemoryCacheImpl):
        (WebCore::InspectorInstrumentation::willReceiveResourceDataImpl):
        (WebCore::InspectorInstrumentation::willReceiveResourceResponseImpl):
        (WebCore::InspectorInstrumentation::didReceiveResourceResponseImpl): Add proper cookie guard and pass by reference.
        (WebCore::InspectorInstrumentation::didReceiveResourceResponseButCanceledImpl):
        (WebCore::InspectorInstrumentation::continueAfterXFrameOptionsDeniedImpl):
        (WebCore::InspectorInstrumentation::continueWithPolicyDownloadImpl):
        (WebCore::InspectorInstrumentation::continueWithPolicyIgnoreImpl):
        (WebCore::InspectorInstrumentation::didReceiveDataImpl):
        (WebCore::InspectorInstrumentation::didFinishLoadingImpl):
        (WebCore::InspectorInstrumentation::didFailLoadingImpl):
        (WebCore::InspectorInstrumentation::documentThreadableLoaderStartedLoadingForClientImpl):
        (WebCore::InspectorInstrumentation::willLoadXHRImpl):
        (WebCore::InspectorInstrumentation::didFailXHRLoadingImpl):
        (WebCore::InspectorInstrumentation::didFinishXHRLoadingImpl):
        (WebCore::InspectorInstrumentation::didReceiveXHRResponseImpl):
        (WebCore::InspectorInstrumentation::willLoadXHRSynchronouslyImpl):
        (WebCore::InspectorInstrumentation::didLoadXHRSynchronouslyImpl):
        (WebCore::InspectorInstrumentation::scriptImportedImpl):
        (WebCore::InspectorInstrumentation::scriptExecutionBlockedByCSPImpl):
        (WebCore::InspectorInstrumentation::didReceiveScriptResponseImpl):
        (WebCore::InspectorInstrumentation::domContentLoadedEventFiredImpl): Use Frame::isMainFrame().
        (WebCore::InspectorInstrumentation::loadEventFiredImpl): Use Frame::isMainFrame().
        (WebCore::InspectorInstrumentation::frameDetachedFromParentImpl):
        (WebCore::InspectorInstrumentation::didCommitLoadImpl):
        (WebCore::InspectorInstrumentation::frameDocumentUpdatedImpl):
        (WebCore::InspectorInstrumentation::loaderDetachedFromFrameImpl):
        (WebCore::InspectorInstrumentation::willRunJavaScriptDialogImpl):
        (WebCore::InspectorInstrumentation::willDestroyCachedResourceImpl): Use a range-based iterator.
        (WebCore::InspectorInstrumentation::willWriteHTMLImpl):
        (WebCore::InspectorInstrumentation::addMessageToConsoleImpl):
        (WebCore::InspectorInstrumentation::consoleCountImpl):
        (WebCore::InspectorInstrumentation::startConsoleTimingImpl):
        (WebCore::InspectorInstrumentation::stopConsoleTimingImpl):
        (WebCore::InspectorInstrumentation::consoleTimeStampImpl):
        (WebCore::InspectorInstrumentation::startProfilingImpl):
        (WebCore::InspectorInstrumentation::stopProfilingImpl):
        (WebCore::InspectorInstrumentation::didOpenDatabaseImpl):
        (WebCore::InspectorInstrumentation::didDispatchDOMStorageEventImpl):
        (WebCore::InspectorInstrumentation::shouldPauseDedicatedWorkerOnStartImpl):
        (WebCore::InspectorInstrumentation::didStartWorkerGlobalScopeImpl):
        (WebCore::InspectorInstrumentation::willEvaluateWorkerScript):
        (WebCore::InspectorInstrumentation::workerGlobalScopeTerminatedImpl):
        (WebCore::InspectorInstrumentation::didCreateWebSocketImpl):
        (WebCore::InspectorInstrumentation::willSendWebSocketHandshakeRequestImpl):
        (WebCore::InspectorInstrumentation::didReceiveWebSocketHandshakeResponseImpl):
        (WebCore::InspectorInstrumentation::didCloseWebSocketImpl):
        (WebCore::InspectorInstrumentation::didReceiveWebSocketFrameImpl):
        (WebCore::InspectorInstrumentation::didReceiveWebSocketFrameErrorImpl):
        (WebCore::InspectorInstrumentation::didSendWebSocketFrameImpl):
        (WebCore::InspectorInstrumentation::sessionCreatedImpl):
        (WebCore::InspectorInstrumentation::sessionLoadedImpl):
        (WebCore::InspectorInstrumentation::sessionModifiedImpl):
        (WebCore::InspectorInstrumentation::segmentCreatedImpl):
        (WebCore::InspectorInstrumentation::segmentCompletedImpl):
        (WebCore::InspectorInstrumentation::segmentLoadedImpl):
        (WebCore::InspectorInstrumentation::segmentUnloadedImpl):
        (WebCore::InspectorInstrumentation::captureStartedImpl):
        (WebCore::InspectorInstrumentation::captureStoppedImpl):
        (WebCore::InspectorInstrumentation::playbackStartedImpl):
        (WebCore::InspectorInstrumentation::playbackPausedImpl):
        (WebCore::InspectorInstrumentation::playbackHitPositionImpl):
        (WebCore::InspectorInstrumentation::playbackFinishedImpl):
        (WebCore::InspectorInstrumentation::networkStateChangedImpl):
        (WebCore::InspectorInstrumentation::updateApplicationCacheStatusImpl):
        (WebCore::InspectorInstrumentation::pauseOnNativeEventIfNeeded):
        (WebCore::InspectorInstrumentation::cancelPauseOnNativeEvent):
        (WebCore::InspectorInstrumentation::didRequestAnimationFrameImpl):
        (WebCore::InspectorInstrumentation::didCancelAnimationFrameImpl):
        (WebCore::InspectorInstrumentation::willFireAnimationFrameImpl):
        (WebCore::InspectorInstrumentation::registerInstrumentingAgents):
        (WebCore::InspectorInstrumentation::unregisterInstrumentingAgents):
        (WebCore::InspectorInstrumentation::retrieveTimelineAgent):
        (WebCore::InspectorInstrumentation::instrumentingAgentsForPage): Add by-reference version which contains the logic from instrumentationForPage().
        (WebCore::InspectorInstrumentation::instrumentingAgentsForRenderer):
        (WebCore::InspectorInstrumentation::instrumentingAgentsForWorkerGlobalScope):
        (WebCore::InspectorInstrumentation::instrumentingAgentsForNonDocumentContext):
        (WebCore::InspectorInstrumentation::layerTreeDidChangeImpl):
        (WebCore::InspectorInstrumentation::renderLayerDestroyedImpl):
        (WebCore::InspectorInstrumentation::pseudoElementDestroyedImpl):
        (WebCore::InspectorInstrumentation::didCreateIsolatedContextImpl): Deleted.
        * inspector/InspectorInstrumentation.h:
        (WebCore::InspectorInstrumentation::didClearWindowObjectInWorld):
        (WebCore::InspectorInstrumentation::isDebuggerPaused):
        (WebCore::InspectorInstrumentation::willInsertDOMNode):
        (WebCore::InspectorInstrumentation::didInsertDOMNode):
        (WebCore::InspectorInstrumentation::willRemoveDOMNode):
        (WebCore::InspectorInstrumentation::didRemoveDOMNode):
        (WebCore::InspectorInstrumentation::willModifyDOMAttr):
        (WebCore::InspectorInstrumentation::didModifyDOMAttr):
        (WebCore::InspectorInstrumentation::didRemoveDOMAttr):
        (WebCore::InspectorInstrumentation::didInvalidateStyleAttr):
        (WebCore::InspectorInstrumentation::frameWindowDiscarded):
        (WebCore::InspectorInstrumentation::mediaQueryResultChanged):
        (WebCore::InspectorInstrumentation::didPushShadowRoot):
        (WebCore::InspectorInstrumentation::willPopShadowRoot):
        (WebCore::InspectorInstrumentation::didCreateNamedFlow):
        (WebCore::InspectorInstrumentation::willRemoveNamedFlow):
        (WebCore::InspectorInstrumentation::didChangeRegionOverset):
        (WebCore::InspectorInstrumentation::didRegisterNamedFlowContentElement):
        (WebCore::InspectorInstrumentation::didUnregisterNamedFlowContentElement):
        (WebCore::InspectorInstrumentation::mouseDidMoveOverElement):
        (WebCore::InspectorInstrumentation::handleTouchEvent):
        (WebCore::InspectorInstrumentation::handleMousePress): Take Frame by reference instead of Page by pointer.
        (WebCore::InspectorInstrumentation::forcePseudoState):
        (WebCore::InspectorInstrumentation::characterDataModified):
        (WebCore::InspectorInstrumentation::willSendXMLHttpRequest):
        (WebCore::InspectorInstrumentation::didScheduleResourceRequest):
        (WebCore::InspectorInstrumentation::didInstallTimer):
        (WebCore::InspectorInstrumentation::didRemoveTimer):
        (WebCore::InspectorInstrumentation::willCallFunction):
        (WebCore::InspectorInstrumentation::willDispatchXHRReadyStateChangeEvent):
        (WebCore::InspectorInstrumentation::willDispatchEvent):
        (WebCore::InspectorInstrumentation::willHandleEvent): Pass a const event reference.
        (WebCore::InspectorInstrumentation::willDispatchEventOnWindow):
        (WebCore::InspectorInstrumentation::willEvaluateScript):
        (WebCore::InspectorInstrumentation::didEvaluateScript):
        (WebCore::InspectorInstrumentation::scriptsEnabled):
        (WebCore::InspectorInstrumentation::willFireTimer):
        (WebCore::InspectorInstrumentation::didInvalidateLayout):
        (WebCore::InspectorInstrumentation::willLayout):
        (WebCore::InspectorInstrumentation::didScroll):
        (WebCore::InspectorInstrumentation::willDispatchXHRLoadEvent):
        (WebCore::InspectorInstrumentation::willPaint):
        (WebCore::InspectorInstrumentation::didPaint):
        (WebCore::InspectorInstrumentation::willScrollLayer):
        (WebCore::InspectorInstrumentation::didScrollLayer):
        (WebCore::InspectorInstrumentation::willRecalculateStyle):
        (WebCore::InspectorInstrumentation::didScheduleStyleRecalculation):
        (WebCore::InspectorInstrumentation::applyEmulatedMedia): Pass string by reference.
        (WebCore::InspectorInstrumentation::willSendRequest):
        (WebCore::InspectorInstrumentation::continueAfterPingLoader):
        (WebCore::InspectorInstrumentation::markResourceAsCached):
        (WebCore::InspectorInstrumentation::didLoadResourceFromMemoryCache):
        (WebCore::InspectorInstrumentation::willReceiveResourceData):
        (WebCore::InspectorInstrumentation::willReceiveResourceResponse):
        (WebCore::InspectorInstrumentation::continueAfterXFrameOptionsDenied):
        (WebCore::InspectorInstrumentation::continueWithPolicyDownload):
        (WebCore::InspectorInstrumentation::continueWithPolicyIgnore):
        (WebCore::InspectorInstrumentation::didReceiveData):
        (WebCore::InspectorInstrumentation::didFinishLoading):
        (WebCore::InspectorInstrumentation::didFailLoading):
        (WebCore::InspectorInstrumentation::documentThreadableLoaderStartedLoadingForClient): No need to go through
        ScriptExecutionContext interface, as it's always a Document.
        (WebCore::InspectorInstrumentation::willLoadXHR):
        (WebCore::InspectorInstrumentation::didFailXHRLoading):
        (WebCore::InspectorInstrumentation::didFinishXHRLoading):
        (WebCore::InspectorInstrumentation::didReceiveXHRResponse):
        (WebCore::InspectorInstrumentation::willLoadXHRSynchronously):
        (WebCore::InspectorInstrumentation::didLoadXHRSynchronously):
        (WebCore::InspectorInstrumentation::scriptImported):
        (WebCore::InspectorInstrumentation::scriptExecutionBlockedByCSP):
        (WebCore::InspectorInstrumentation::didReceiveScriptResponse):
        (WebCore::InspectorInstrumentation::domContentLoadedEventFired):
        (WebCore::InspectorInstrumentation::loadEventFired):
        (WebCore::InspectorInstrumentation::frameDetachedFromParent):
        (WebCore::InspectorInstrumentation::didCommitLoad):
        (WebCore::InspectorInstrumentation::frameDocumentUpdated):
        (WebCore::InspectorInstrumentation::loaderDetachedFromFrame):
        (WebCore::InspectorInstrumentation::willRunJavaScriptDialog):
        (WebCore::InspectorInstrumentation::willDestroyCachedResource):
        (WebCore::InspectorInstrumentation::willWriteHTML):
        (WebCore::InspectorInstrumentation::didDispatchDOMStorageEvent):
        (WebCore::InspectorInstrumentation::shouldPauseDedicatedWorkerOnStart):
        (WebCore::InspectorInstrumentation::didStartWorkerGlobalScope):
        (WebCore::InspectorInstrumentation::workerGlobalScopeTerminated):
        (WebCore::InspectorInstrumentation::didCreateWebSocket):
        (WebCore::InspectorInstrumentation::willSendWebSocketHandshakeRequest):
        (WebCore::InspectorInstrumentation::didReceiveWebSocketHandshakeResponse):
        (WebCore::InspectorInstrumentation::didCloseWebSocket):
        (WebCore::InspectorInstrumentation::didReceiveWebSocketFrame):
        (WebCore::InspectorInstrumentation::didReceiveWebSocketFrameError):
        (WebCore::InspectorInstrumentation::didSendWebSocketFrame):
        (WebCore::InspectorInstrumentation::sessionCreated):
        (WebCore::InspectorInstrumentation::sessionLoaded):
        (WebCore::InspectorInstrumentation::sessionModified):
        (WebCore::InspectorInstrumentation::segmentCreated):
        (WebCore::InspectorInstrumentation::segmentCompleted):
        (WebCore::InspectorInstrumentation::segmentLoaded):
        (WebCore::InspectorInstrumentation::segmentUnloaded):
        (WebCore::InspectorInstrumentation::captureStarted):
        (WebCore::InspectorInstrumentation::captureStopped):
        (WebCore::InspectorInstrumentation::playbackStarted):
        (WebCore::InspectorInstrumentation::playbackPaused):
        (WebCore::InspectorInstrumentation::playbackFinished):
        (WebCore::InspectorInstrumentation::playbackHitPosition):
        (WebCore::InspectorInstrumentation::networkStateChanged):
        (WebCore::InspectorInstrumentation::updateApplicationCacheStatus):
        (WebCore::InspectorInstrumentation::didRequestAnimationFrame):
        (WebCore::InspectorInstrumentation::didCancelAnimationFrame):
        (WebCore::InspectorInstrumentation::willFireAnimationFrame):
        (WebCore::InspectorInstrumentation::layerTreeDidChange):
        (WebCore::InspectorInstrumentation::renderLayerDestroyed):
        (WebCore::InspectorInstrumentation::pseudoElementDestroyed):
        (WebCore::InspectorInstrumentation::instrumentingAgentsForFrame):
        (WebCore::InspectorInstrumentation::instrumentingAgentsForDocument):
        (WebCore::InspectorInstrumentation::didCreateIsolatedContext): Deleted.
        * inspector/InspectorInstrumentationCookie.cpp: Take a reference, use default RefPtr constructor.
        (WebCore::InspectorInstrumentationCookie::InspectorInstrumentationCookie):
        * inspector/InspectorInstrumentationCookie.h: Fix misplaced ENABLE guard.
        * inspector/InstrumentingAgents.cpp:
        (WebCore::instrumentationForPage): Deleted.
        (WebCore::instrumentationForWorkerGlobalScope): Deleted.
        * inspector/InstrumentingAgents.h:
        * inspector/WorkerInspectorController.h:
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::responseReceived):
        (WebCore::DocumentLoader::continueAfterContentPolicy):
        (WebCore::DocumentLoader::detachFromFrame):
        * loader/DocumentThreadableLoader.cpp: Remove unnecessary ENABLE(INSPECTOR) guards, as these inlined calls
        are boiled away by the compiler if !ENABLE(INSPECTOR).
        (WebCore::DocumentThreadableLoader::didReceiveData):
        (WebCore::DocumentThreadableLoader::didFinishLoading):
        (WebCore::DocumentThreadableLoader::didFail):
        (WebCore::DocumentThreadableLoader::preflightFailure):
        (WebCore::DocumentThreadableLoader::loadRequest):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::detachFromParent):
        (WebCore::FrameLoader::loadedResourceFromMemoryCache):
        (WebCore::FrameLoader::dispatchDidClearWindowObjectInWorld):
        (WebCore::FrameLoader::dispatchDidCommitLoad):
        * loader/ResourceLoadScheduler.cpp:
        (WebCore::ResourceLoadScheduler::notifyDidScheduleResourceRequest):
        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::willSendRequest): Remove unnecessary ENABLE guard.
        * loader/appcache/ApplicationCacheGroup.cpp: Remove several unnecessary ENABLE guards.
        (WebCore::ApplicationCacheGroup::didReceiveResponse):
        (WebCore::ApplicationCacheGroup::didReceiveData):
        (WebCore::ApplicationCacheGroup::didFinishLoading):
        (WebCore::ApplicationCacheGroup::didFail):
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::deleteIfPossible):
        * page/Chrome.cpp:
        (WebCore::Chrome::scroll):
        (WebCore::Chrome::runBeforeUnloadConfirmPanel):
        (WebCore::Chrome::runJavaScriptAlert):
        (WebCore::Chrome::runJavaScriptConfirm):
        (WebCore::Chrome::runJavaScriptPrompt):
        (WebCore::Chrome::mouseDidMoveOverElement):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::dispatchLoadEvent):
        (WebCore::DOMWindow::dispatchEvent):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleMousePressEvent):
        (WebCore::EventHandler::handleTouchEvent): Add a guard to make it safe to pass event target by-reference.
        * page/FrameView.cpp:
        (WebCore::FrameView::layout):
        (WebCore::FrameView::mediaType):
        (WebCore::FrameView::scheduleRelayout):
        (WebCore::FrameView::scheduleRelayoutOfSubtree):
        * page/PageConsoleClient.cpp:
        (WebCore::PageConsoleClient::addMessage):
        (WebCore::PageConsoleClient::messageWithTypeAndLevel):
        (WebCore::PageConsoleClient::count):
        (WebCore::PageConsoleClient::profile):
        (WebCore::PageConsoleClient::profileEnd):
        (WebCore::PageConsoleClient::time):
        (WebCore::PageConsoleClient::timeEnd):
        (WebCore::PageConsoleClient::timeStamp):
        * page/Settings.cpp:
        (WebCore::Settings::setScriptEnabled):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::scrollTo):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::layerBecameNonComposited):
        * rendering/RenderNamedFlowThread.cpp:
        (WebCore::RenderNamedFlowThread::registerNamedFlowContentElement):
        (WebCore::RenderNamedFlowThread::unregisterNamedFlowContentElement):
        (WebCore::RenderNamedFlowThread::dispatchRegionOversetChangeEventIfNeeded):
        * replay/ReplayController.cpp:
        (WebCore::ReplayController::switchSession):
        (WebCore::ReplayController::createSegment):
        (WebCore::ReplayController::completeSegment):
        (WebCore::ReplayController::loadSegmentAtIndex):
        (WebCore::ReplayController::unloadSegment):
        (WebCore::ReplayController::startCapturing):
        (WebCore::ReplayController::stopCapturing):
        (WebCore::ReplayController::startPlayback):
        (WebCore::ReplayController::pausePlayback):
        (WebCore::ReplayController::cancelPlayback):
        (WebCore::ReplayController::willDispatchInput):
        * testing/Internals.cpp:
        (WebCore::Internals::consoleMessageArgumentCounts):
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::callReadyStateChangeListener):

2015-01-05  Dan Bernstein  <mitz@apple.com>

        Tried to fix the iOS build.

        * html/parser/HTMLTreeBuilder.cpp:
        (WebCore::HTMLTreeBuilder::processCharacterBufferForInBody):

2015-01-05  Chris Dumez  <cdumez@apple.com>

        Get rid of some unnecessary custom StyleBuilder code
        https://bugs.webkit.org/show_bug.cgi?id=140058

        Reviewed by Darin Adler.

        Get rid of some unnecessary custom StyleBuilder code. The generator is
        now able to generate this code just fine.

        * css/CSSPropertyNames.in:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::csstoLengthConversionDataWithTextZoomFactor):
        (WebCore::StyleBuilderConverter::convertWordSpacing):
        (WebCore::StyleBuilderConverter::convertPerspective):
        (WebCore::StyleBuilderConverter::convertMarqueeIncrement):
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::convertLineHeight):
        (WebCore::StyleBuilderCustom::applyValueWebkitMarqueeIncrement): Deleted.
        (WebCore::StyleBuilderCustom::csstoLengthConversionDataWithTextZoomFactor): Deleted.
        (WebCore::StyleBuilderCustom::applyValueWordSpacing): Deleted.
        (WebCore::StyleBuilderCustom::applyValueWebkitPerspective): Deleted.

2014-12-23  Brent Fulgham  <bfulgham@apple.com>

        [Mac] Cannot scroll when a non-scrollable iframe is contained inside a scrollable iframe
        https://bugs.webkit.org/show_bug.cgi?id=139914
        <rdar://problem/18750910>

        Reviewed by Darin Adler.

        Tests: platform/mac/fast/scrolling/scroll-nested-iframe.html

        The latching logic was breaking down when a non-scrollable iframe was the closest target of
        a wheel event. EventHandler would latch to the enclosing scrollable region (in this case, the
        non-scrollable iframe) and would eat scroll events, preventing anything from working.
        
        The fix is as follows:
        1. Modify the logic to understand a stack of latched states, so that we can discared 'invalid'
           latched states as we discover them.
        2. Revise the latching logic so that it understands the case where the 'latched' node for wheel
           events is in a parent frame of the current wheel event target. For example, when the mouse is over
           an element in an unscrollable iframe that is contained within a scrollable iframe. We should
           be latched to the scrollable iframe so events go to the right place.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleWheelEvent): Update to call new 'stack' versions of latch
        state methods.
        (WebCore::EventHandler::clearLatchedState): Ditto.
        (WebCore::EventHandler::defaultWheelEventHandler): Ditto.
        * page/MainFrame.cpp: Update to store a stack of latched states. Provide methods to control
        the lifetime of the stack and its elements.
        (WebCore::MainFrame::MainFrame):
        (WebCore::MainFrame::latchingState):
        (WebCore::MainFrame::pushNewLatchingState):
        (WebCore::MainFrame::resetLatchingState):
        (WebCore::MainFrame::popLatchingState):
        * page/MainFrame.h:
        * page/mac/EventHandlerMac.mm:
        (WebCore::latchingIsLockedToParentOfThisFrame): Added helper function.
        (WebCore::EventHandler::platformPrepareForWheelEvents): Update to use new 'stack' style latch
        methods. Also, if we are latched to a frame that contains the frame we are currently evaluating,
        don't replace the current event target with the latched targets because (1) they will be processed
        in the enclosing scope when we leave this routine, and (2) if we do change targets to the latched
        elements we create an infinite loop.
        (WebCore::EventHandler::platformCompleteWheelEvent): We want to mark the element as having started
        at the scroll limit regardless of what the wheel event handler returns as its success state.
        (WebCore::EventHandler::platformCompletePlatformWidgetWheelEvent): Revise to handle the new
        stack-based latching methods.

2015-01-05  Darin Adler  <darin@apple.com>

        Quick follow-up to last check-in, addressing review comments.

        * html/parser/HTMLStackItem.h:
        (WebCore::HTMLStackItem::HTMLStackItem): Use rvalue reference for incoming Ref.
        (WebCore::HTMLStackItem::create): Ditto.

2015-01-05  Darin Adler  <darin@apple.com>

        Modernize and streamline HTMLStackItem
        https://bugs.webkit.org/show_bug.cgi?id=140056

        Reviewed by Anders Carlsson.

        * html/HTMLHtmlElement.cpp:
        (WebCore::HTMLHtmlElement::create): Changed to return Ref.
        * html/HTMLHtmlElement.h: Ditto.

        * html/parser/HTMLConstructionSite.cpp:
        (WebCore::hasImpliedEndTag): Update to use reference instead of pointer.
        (WebCore::causesFosterParenting): Moved here from HTMLStackItem.h.
        (WebCore::HTMLConstructionSite::insertHTMLHtmlStartTagBeforeHTML): Update
        for references instead of pointers.
        (WebCore::HTMLConstructionSite::insertHTMLHtmlStartTagInBody): Ditto.
        (WebCore::HTMLConstructionSite::insertHTMLBodyStartTagInBody): Ditto.
        (WebCore::HTMLConstructionSite::insertComment): Ditto.
        (WebCore::HTMLConstructionSite::insertCommentOnHTMLHtmlElement): Ditto.
        (WebCore::HTMLConstructionSite::insertHTMLHeadElement): Ditto.
        (WebCore::HTMLConstructionSite::insertHTMLBodyElement): Ditto.
        (WebCore::HTMLConstructionSite::insertHTMLFormElement): Ditto.
        (WebCore::HTMLConstructionSite::insertHTMLElement): Ditto.
        (WebCore::HTMLConstructionSite::insertSelfClosingHTMLElement): Ditto.
        (WebCore::HTMLConstructionSite::insertFormattingElement): Ditto.
        (WebCore::HTMLConstructionSite::insertScriptElement): Ditto.
        (WebCore::HTMLConstructionSite::insertForeignElement): Ditto.
        (WebCore::HTMLConstructionSite::insertTextNode): Ditto.
        (WebCore::HTMLConstructionSite::reparent): Ditto.
        (WebCore::HTMLConstructionSite::insertAlreadyParsedChild): Ditto.
        (WebCore::HTMLConstructionSite::takeAllChildren): Ditto.
        (WebCore::HTMLConstructionSite::ownerDocumentForCurrentNode): Ditto.
        (WebCore::HTMLConstructionSite::createElementFromSavedToken): Ditto.
        (WebCore::HTMLConstructionSite::indexOfFirstUnopenFormattingElement): Ditto.
        (WebCore::HTMLConstructionSite::reconstructTheActiveFormattingElements): Ditto.
        (WebCore::HTMLConstructionSite::generateImpliedEndTagsWithExclusion): Ditto.
        (WebCore::HTMLConstructionSite::findFosterSite): Ditto.
        (WebCore::HTMLConstructionSite::shouldFosterParent): Removed unneeded
        isElementNode check, since causesFosterParenting will return false for a
        document fragment node.

        * html/parser/HTMLConstructionSite.h: Updated to use references instead of
        pointers. Also removed the unneeded currentElementRecord function.

        * html/parser/HTMLElementStack.cpp:
        (WebCore::HTMLNames::isRootNode): Updated to use references instead of pointers.
        (WebCore::HTMLNames::isScopeMarker): Ditto.
        (WebCore::HTMLNames::isListItemScopeMarker): Ditto.
        (WebCore::HTMLNames::isTableScopeMarker): Ditto.
        (WebCore::HTMLNames::isTableBodyScopeMarker): Ditto.
        (WebCore::HTMLNames::isTableRowScopeMarker): Ditto.
        (WebCore::HTMLNames::isForeignContentScopeMarker): Ditto.
        (WebCore::HTMLNames::isButtonScopeMarker): Ditto.
        (WebCore::HTMLNames::isSelectScopeMarker): Ditto.
        (WebCore::HTMLElementStack::ElementRecord::replaceElement): Ditto.
        (WebCore::HTMLElementStack::hasOnlyOneElement): Ditto.
        (WebCore::HTMLElementStack::popHTMLHeadElement): Ditto.
        (WebCore::HTMLElementStack::popHTMLBodyElement): Ditto.
        (WebCore::HTMLElementStack::popAll): Ditto.
        (WebCore::HTMLElementStack::pop): Ditto.
        (WebCore::HTMLElementStack::popUntil): Ditto.
        (WebCore::HTMLElementStack::popUntilNumberedHeaderElementPopped): Ditto.
        (WebCore::HTMLElementStack::isMathMLTextIntegrationPoint): Ditto. Also removed
        unneeded isElementNode check.
        (WebCore::HTMLElementStack::isHTMLIntegrationPoint): Ditto.
        (WebCore::HTMLElementStack::pushRootNode): Ditto.
        (WebCore::HTMLElementStack::pushRootNodeCommon): Ditto.
        (WebCore::HTMLElementStack::pushHTMLHeadElement): Ditto.
        (WebCore::HTMLElementStack::pushHTMLBodyElement): Ditto.
        (WebCore::HTMLElementStack::insertAbove): Ditto.
        (WebCore::HTMLElementStack::topRecord): Ditto.
        (WebCore::HTMLElementStack::oneBelowTop): Ditto.
        (WebCore::HTMLElementStack::removeHTMLHeadElement): Ditto.
        (WebCore::HTMLElementStack::remove): Ditto.
        (WebCore::HTMLElementStack::find): Ditto.
        (WebCore::HTMLElementStack::topmost): Ditto.
        (WebCore::inScopeCommon): Ditto.
        (WebCore::HTMLElementStack::hasNumberedHeaderElementInScope): Ditto.
        (WebCore::HTMLElementStack::inScope): Ditto.
        (WebCore::HTMLElementStack::htmlElement): Ditto.
        (WebCore::HTMLElementStack::headElement): Ditto.
        (WebCore::HTMLElementStack::bodyElement): Ditto.
        (WebCore::HTMLElementStack::rootNode): Ditto.
        (WebCore::HTMLElementStack::popCommon): Ditto.
        (WebCore::HTMLElementStack::removeNonTopCommon): Ditto.
        (WebCore::HTMLElementStack::furthestBlockForFormattingElement): Ditto.
        (WebCore::HTMLElementStack::show): Ditto.

        * html/parser/HTMLElementStack.h: Use reference instead of pointer.

        * html/parser/HTMLFormattingElementList.cpp:
        (WebCore::HTMLFormattingElementList::closestElementInScopeWithName): Update
        to use references instead of pointer.
        (WebCore::HTMLFormattingElementList::swapTo): Ditto.
        (WebCore::HTMLFormattingElementList::tryToEnsureNoahsArkConditionQuickly): Ditto.
        (WebCore::HTMLFormattingElementList::ensureNoahsArkCondition): Ditto.
        (WebCore::HTMLFormattingElementList::show): Ditto.

        * html/parser/HTMLFormattingElementList.h: Use reference instead of pointer
        and a raw pointer instead of a RefPtr.

        * html/parser/HTMLStackItem.h: Removed unneeded includes. Got rid of "type"
        concept and simply overload the create functions and constructors for both
        Element and DOcumentFragment. Renamed isElementNode and isDocumentFragmentNode
        to remove the "Node" suffix. Removed unused getAttributeItem, hasLocalName, and
        one of the overloads of matchesHTMLTag. Moved all the policy functions such as
        causesFosterParenting out of this class into free functions or into other
        source files. Got rid of m_isDocumentFragmentNode boolean. Moved function
        bodies out of the class definition. Marked all data members const since they
        are all initialized in the constructor and never touched again. Restructured
        the isSpecialNode function to avoid the repeated checks of the namespace.

        * html/parser/HTMLTreeBuilder.cpp:
        (WebCore::HTMLTreeBuilder::isParsingTemplateContents): Use reference instead of
        pointer and free functions instead of member functions.
        (WebCore::HTMLTreeBuilder::HTMLTreeBuilder): Ditto.
        (WebCore::HTMLTreeBuilder::FragmentParsingContext::FragmentParsingContext): Ditto.
        (WebCore::HTMLTreeBuilder::FragmentParsingContext::contextElement): Ditto.
        (WebCore::HTMLTreeBuilder::constructTree): Ditto.
        (WebCore::HTMLTreeBuilder::processFakePEndTagIfPInButtonScope): Ditto.
        (WebCore::HTMLTreeBuilder::processCloseWhenNestedTag): Ditto.
        (WebCore::HTMLTreeBuilder::processStartTagForInBody): Ditto.
        (WebCore::HTMLTreeBuilder::processTemplateStartTag): Ditto.
        (WebCore::HTMLTreeBuilder::processTemplateEndTag): Ditto.
        (WebCore::HTMLTreeBuilder::processColgroupEndTagForInColumnGroup): Ditto.
        (WebCore::HTMLTreeBuilder::closeTheCell): Ditto.
        (WebCore::HTMLTreeBuilder::processStartTagForInTable): Ditto.
        (WebCore::HTMLTreeBuilder::processStartTag): Ditto.
        (WebCore::HTMLTreeBuilder::processHtmlStartTagForInBody): Ditto.
        (WebCore::HTMLTreeBuilder::processBodyEndTagForInBody): Ditto.
        (WebCore::HTMLTreeBuilder::processAnyOtherEndTagForInBody): Ditto.
        (WebCore::HTMLTreeBuilder::callTheAdoptionAgency): Ditto.
        (WebCore::HTMLTreeBuilder::resetInsertionModeAppropriately): Ditto.
        (WebCore::HTMLTreeBuilder::processEndTagForInTableBody): Ditto.
        (WebCore::HTMLTreeBuilder::processEndTagForInRow): Ditto.
        (WebCore::HTMLTreeBuilder::processEndTagForInCell): Ditto.
        (WebCore::HTMLTreeBuilder::processEndTagForInBody): Ditto.
        (WebCore::HTMLTreeBuilder::processCaptionEndTagForInCaption): Ditto.
        (WebCore::HTMLTreeBuilder::processTrEndTagForInRow): Ditto.
        (WebCore::HTMLTreeBuilder::processTableEndTagForInTable): Ditto.
        (WebCore::HTMLTreeBuilder::processEndTag): Ditto.
        (WebCore::HTMLTreeBuilder::processCharacterBuffer): Ditto.
        (WebCore::HTMLTreeBuilder::processEndOfFile): Ditto.
        (WebCore::HTMLTreeBuilder::adjustedCurrentStackItem): Ditto.
        (WebCore::HTMLTreeBuilder::shouldProcessTokenInForeignContent): Ditto.
        (WebCore::HTMLTreeBuilder::processTokenInForeignContent): Ditto.

2015-01-05  peavo@outlook.com  <peavo@outlook.com>

        [WinCairo] Crash when font data pointer is null.
        https://bugs.webkit.org/show_bug.cgi?id=139969

        Reviewed by Darin Adler.

        Added null pointer check.

        Test: fonts/unicode-character-font-crash.html

        * platform/graphics/win/UniscribeController.cpp:
        (WebCore::UniscribeController::advance):
        (WebCore::UniscribeController::shape):

2015-01-05  Michael Catanzaro  <mcatanzaro@igalia.com>

        [GStreamer] Disable gst-plugin-scanner if seccomp filters are enabled
        https://bugs.webkit.org/show_bug.cgi?id=140069

        Reviewed by Philippe Normand.

        If seccomp filters are enabled, any child processes we create are doomed
        if they try to use a trapped syscall: the child will receive SIGSYS and
        dump core. There appears to be no way around this.

        Fortunately, the gstreamer developers had mad prescience and provided
        us with a way to move plugin scanning in-process, so we don't need the
        helper binary at all.

        No new tests because this is covered by existing tests when seccomp
        filters are enabled.

        * platform/graphics/gstreamer/GStreamerUtilities.cpp:
        (WebCore::initializeGStreamer):

2015-01-04  Darin Adler  <darin@apple.com>

        * dom/DocumentFragment.cpp:
        (WebCore::DocumentFragment::parseXML):
        Removed an incorrect assertion my last check-in added.

2015-01-04  Darin Adler  <darin@apple.com>

        Modernize and tighten up HTMLDocumentParser
        https://bugs.webkit.org/show_bug.cgi?id=140041

        Reviewed by Sam Weinig.

        * dom/DocumentFragment.cpp:
        (WebCore::DocumentFragment::parseHTML): Pass a reference instead of
        a pointer for the context element.

        * html/FTPDirectoryDocument.cpp: Removed unneeded includes, made more
        things in FTPDirectoryDocumentParser private. Use Ref instead of RefPtr
        in a could places. Initialize in class instead of in constructor.
        (WebCore::FTPDirectoryDocumentParser::FTPDirectoryDocumentParser):
        Less initialization here.
        (WebCore::FTPDirectoryDocumentParser::createTDForFilename): More Ref here.
        (WebCore::createTemplateDocumentData): Removed unneeded initialization
        of RefPtr, which is initialized without explicitly asking for it.
        (WebCore::FTPDirectoryDocumentParser::loadDocumentTemplate): Reworded
        comment slightly.

        * html/parser/HTMLDocumentParser.cpp: Cut down on includes.
        (WebCore::tokenizerStateForContextElement): Fixed URL. Changed argument
        to be a reference rather than a pointer.
        (WebCore::HTMLDocumentParser::inPumpSession):
        (WebCore::HTMLDocumentParser::shouldDelayEnd):
        (WebCore::HTMLDocumentParser::HTMLDocumentParser): Marked constructors
        inline. Updated for data members that are now objects instead of pointers.
        Removed explicit initialization for scalars that are now initialized in
        the class definition.
        (WebCore::HTMLDocumentParser::create): Moved the private creation
        functions in here, out of the header file.
        (WebCore::HTMLDocumentParser::~HTMLDocumentParser): Removed unused
        m_haveBackgroundParser.
        (WebCore::HTMLDocumentParser::prepareToStopParsing): Updated URL and
        removed m_haveBackgroundParser reference.
        (WebCore::HTMLDocumentParser::processingData): Removed a check of
        m_haveBackgroundParser.
        (WebCore::HTMLDocumentParser::resumeParsingAfterYield): Tweak comment.
        (WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder): Added
        a null check of the result of takeScriptToProcess, since there really
        is no guarantee it's non-null.
        (WebCore::HTMLDocumentParser::canTakeNextToken): Removed assertion
        that was for m_haveBackgroundParser cases only. Rewrapped comment.
        (WebCore::HTMLDocumentParser::contextForParsingSession): Use nullptr.
        (WebCore::HTMLDocumentParser::pumpTokenizer): Rework comments,
        remove assertions that no longer make sense, use auto instead of
        repeating a long type name, update to use m_token and m_tokenizer.
        (WebCore::HTMLDocumentParser::hasInsertionPoint): Rewrapped comment.
        (WebCore::HTMLDocumentParser::insert): Got rid of braces around a
        single-line if body.
        (WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd):
        Removed comment about incorrect m_haveBackgroundParser assertion.
        (WebCore::HTMLDocumentParser::isExecutingScript): Use && style instead
        of early exit for a null check.
        (WebCore::HTMLDocumentParser::textPosition): Tightened up code a little.
        (WebCore::HTMLDocumentParser::resumeParsingAfterScriptExecution): Added
        a Ref to protect the parser, as is already done in every other function
        that calls pumpTokenizerIfPossible.
        (WebCore::HTMLDocumentParser::parseDocumentFragment): Take a reference
        instead of a pointer. Also use auto so we get a Ref instead of a RefPtr.

        * html/parser/HTMLDocumentParser.h: Removed unneeded includes.
        Made private inheritance explicit instead of just omitting public.
        Moved function bodies out of the class, and in some cases, out of the
        header entirely. Return a reference from tokenizer(). Marked most
        virtual functions final. Made DocumentFragment version of the
        constructor private rather than protected. Made the functions
        suspendScheduledTasks() and resumeScheduledTasks() private, since
        they are always called through a base class. Removed the private
        token function since it is better to get at m_token directly.
        Removed m_haveBackgroundParser, since we don't have that any more
        and it's always false. Also removed forcePlaintextForTextDocument
        since the tokenizer is exposed and can be used directly to do that.

        * html/parser/HTMLTreeBuilder.cpp:
        (WebCore::HTMLTreeBuilder::HTMLTreeBuilder): Made the parser non-const.
        It could only be const before because HTMLDocumentParser::tokenizer
        took a const parser and returned a non-const tokenizer, but that doesn't
        really make sense.
        (WebCore::HTMLTreeBuilder::constructTree): Removed null check for
        tokenizer, which was never null. Updated since tokenizer is a reference.
        (WebCore::HTMLTreeBuilder::processStartTagForInBody): Ditto.
        (WebCore::HTMLTreeBuilder::processStartTagForInTable): Ditto.
        (WebCore::HTMLTreeBuilder::processEndTag): Ditto. Also fixed and removed
        some assertions like the ones I did recently in the rest of this file.
        (WebCore::HTMLTreeBuilder::processGenericRCDATAStartTag): Ditto.
        (WebCore::HTMLTreeBuilder::processGenericRawTextStartTag): Ditto.
        (WebCore::HTMLTreeBuilder::processScriptStartTag): Ditto.

        * html/parser/HTMLTreeBuilder.h: Made HTMLDocumentParser& non-const.

        * html/parser/TextDocumentParser.cpp: Removed unneeded include and
        unneeded explicit destructor.
        (WebCore::TextDocumentParser::TextDocumentParser): Updated since
        treeBuilder() returns a reference now, and set the tokenizer state
        directly since tokenizer() is exposed.

        * html/parser/TextDocumentParser.h: Moved initialization of the
        data member here instead of the constructor. Also removed unneeded
        explicitly defined destructor.

2015-01-04  Antti Koivisto  <antti@apple.com>

        Remove GlyphPageTree
        https://bugs.webkit.org/show_bug.cgi?id=140015

        Follow-up to follow-up, fonts/font-fallback-prefers-pictographs.html is now failing.

        * platform/graphics/FontGlyphs.cpp:
        (WebCore::FontGlyphs::glyphDataForVariant):
        (WebCore::FontGlyphs::glyphDataForNormalVariant):

            Make the loop again go one past the last fallback index, the pictograph special case depends on it.

2015-01-04  Antti Koivisto  <antti@apple.com>

        Remove GlyphPageTree
        https://bugs.webkit.org/show_bug.cgi?id=140015

        Follow-up to r177876 to fix mathml/opentype/munderover-layout-resize.html which is asserting.

        * platform/graphics/FontGlyphs.cpp:
        (WebCore::FontGlyphs::glyphDataForVariant):
        (WebCore::FontGlyphs::glyphDataForNormalVariant):

        Always return system fallback if no glyph is found.

2015-01-04  Dan Bernstein  <mitz@apple.com>

        iOS build fix.

        * platform/graphics/SimpleFontData.cpp:
        (WebCore::createAndFillGlyphPage):

2015-01-02  Antti Koivisto  <antti@apple.com>

        Remove GlyphPageTree
        https://bugs.webkit.org/show_bug.cgi?id=140015

        Reviewed by Darin Adler.

        GlyphPageTree is a global cache consisting of a tree of nodes that match SimpleFontData instances.
        The tree levels correspond to font fallback lists so that higher levels fill holes (missing glyphs)
        in the lower levels. This patch replaces it with a simpler and easier to understand caching scheme.
        In particular the goal is to have clearer ownership relations and better control over mutability.

        The new scheme looks like this:

        SimpleFontData instances cache GlyphPages for themselves. These pages are immutable after construction
        and may contain holes. This is a global cache (since SimpleFontDatas are cached globally) with the same
        lifetime as the GlyphPageTree used to have.

        FontGlyphs instances cache resolved GlyphPages for the normal font variant. These are build by traversing
        the fallback list as necessary and collecting glyphs from SimpleFontDatas. As a common case case optimization
        the page from the primary font is cached directly as long as it has the requested glyphs.
        FontGlyphs are shared between sufficiently similar Font instances so this is a shared cache as well.

        * CMakeLists.txt:
        * WebCore.exp.in:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/FontCache.h:
        (WebCore::FontDescriptionFontDataCacheKey::makeFlagKey):

            nonCJKGlyphOrientation matters for glyph selection too and needs to be part of the FontDescription cache key.

        * platform/graphics/FontData.h:
        (WebCore::FontData::FontData):
        (WebCore::FontData::setMaxGlyphPageTreeLevel): Deleted.
        (WebCore::FontData::maxGlyphPageTreeLevel): Deleted.
        * platform/graphics/FontFastPath.cpp:
        (WebCore::Font::primaryFontHasGlyphForCharacter):
        * platform/graphics/FontGlyphs.cpp:
        (WebCore::FontGlyphs::FontGlyphs):
        (WebCore::glyphDataForCJKCharacterWithoutSyntheticItalic):
        (WebCore::glyphDataForNonCJKCharacterWithGlyphOrientation):
        (WebCore::FontGlyphs::glyphDataForSystemFallback):
        (WebCore::FontGlyphs::glyphDataForVariant):
        (WebCore::FontGlyphs::glyphDataForNormalCharacter):

            Traverse the fallback list by using simple index instead of indirectly via GlyphPageTreeNode traversal.

        (WebCore::pageFromFontData):

            Fetch a page from the primary font and see if we can use it as-is.
            Vertical fonts have special glyph selection and can't use this path.

        (WebCore::FontGlyphs::createFlattenedGlyphPage):

            Build a hole-free glyph page by pulling characters from the fallback list.

        (WebCore::FontGlyphs::glyphDataForCharacter):
        * platform/graphics/FontGlyphs.h:
        (WebCore::FontGlyphs::primarySimpleFontData):
        * platform/graphics/GlyphPage.h:
        (WebCore::GlyphPage::createForMixedFontData):
        (WebCore::GlyphPage::createCopyForMixedFontData):

            Add copy version.

        (WebCore::GlyphPage::createForSingleFontData):

            Remove owner node field.

        (WebCore::GlyphPage::~GlyphPage):
        (WebCore::GlyphPage::count):
        (WebCore::GlyphPage::GlyphPage):
        (WebCore::GlyphPage::createCopiedSystemFallbackPage): Deleted.
        (WebCore::GlyphPage::owner): Deleted.
        * platform/graphics/GlyphPageTreeNode.cpp: Removed.
        * platform/graphics/GlyphPageTreeNode.h: Removed.
        * platform/graphics/SegmentedFontData.cpp:
        (WebCore::SegmentedFontData::SegmentedFontData):
        (WebCore::SegmentedFontData::~SegmentedFontData):
        (WebCore::SegmentedFontData::simpleFontDataForCharacter):

            Return null when there is no usable range so the client can tell the difference.
            Rename for clarity.

        (WebCore::SegmentedFontData::simpleFontDataForFirstRange):

            Add a way to get the fallback font separately. This is always available.

        (WebCore::SegmentedFontData::isLoading):
        (WebCore::SegmentedFontData::fontDataForCharacter): Deleted.
        * platform/graphics/SegmentedFontData.h:
        (WebCore::SegmentedFontData::SegmentedFontData): Deleted.
        * platform/graphics/SimpleFontData.cpp:
        (WebCore::SimpleFontData::initCharWidths):
        (WebCore::SimpleFontData::platformGlyphInit):
        (WebCore::SimpleFontData::~SimpleFontData):
        (WebCore::SimpleFontData::simpleFontDataForCharacter):
        (WebCore::fillGlyphPage):
        (WebCore::createAndFillGlyphPage):

            Move code for initializing glyph pages here. The code is from GlyphPageTreeNode.

        (WebCore::SimpleFontData::glyphPage):

            Cache glyphs for this font. These pages may have holes.

        (WebCore::SimpleFontData::glyphForCharacter):
        (WebCore::SimpleFontData::glyphDataForCharacter):
        (WebCore::SimpleFontData::DerivedFontData::~DerivedFontData):

            Since the cache is now owned by the SimpleFontData all the custom pruning can go away.
            The glyph page cache dies along with it owner.

        (WebCore::SimpleFontData::fontDataForCharacter): Deleted.
        * platform/graphics/SimpleFontData.h:
        * platform/graphics/mac/ComplexTextControllerCoreText.mm:
        (-[WebCascadeList objectAtIndex:]):
        (WebCore::ComplexTextController::collectComplexTextRunsForCharacters):
        * platform/graphics/mac/FontComplexTextMac.cpp:
        (WebCore::Font::fontDataForCombiningCharacterSequence):
        * platform/graphics/mac/GlyphPageMac.cpp: Copied from Source/WebCore/platform/graphics/mac/GlyphPageTreeNodeMac.cpp.

            This was already misnamed.

        (WebCore::GlyphPage::fill):
        * platform/graphics/mac/GlyphPageTreeNodeMac.cpp: Removed.
        * platform/graphics/mac/SimpleFontDataMac.mm:
        (WebCore::SimpleFontData::platformInit):
        * platform/graphics/win/GlyphPageTreeNodeCGWin.cpp:
        * platform/graphics/win/GlyphPageTreeNodeCairoWin.cpp:
        * platform/graphics/win/SimpleFontDataCGWin.cpp:
        (WebCore::SimpleFontData::platformInit):
        * platform/mac/DragImageMac.mm:

            Add missing FontCachePurgePreventer.

        (WebCore::createDragImageForLink):
        * svg/SVGFontData.cpp:
        (WebCore::SVGFontData::initializeFontData):
        * svg/SVGFontElement.cpp:

2015-01-04  Anders Carlsson  <andersca@apple.com>

        Remove an unused function
        https://bugs.webkit.org/show_bug.cgi?id=140055

        Reviewed by Sam Weinig.

        * Modules/webdatabase/DatabaseAuthorizer.cpp:
        (WebCore::DatabaseAuthorizer::setReadOnly): Deleted.
        * Modules/webdatabase/DatabaseAuthorizer.h:
        * Modules/webdatabase/DatabaseBackendBase.cpp:
        (WebCore::DatabaseBackendBase::setAuthorizerReadOnly): Deleted.
        * Modules/webdatabase/DatabaseBackendBase.h:

2015-01-04  Anders Carlsson  <andersca@apple.com>

        Modernize parts of the database code
        https://bugs.webkit.org/show_bug.cgi?id=140054

        Reviewed by Antti Koivisto.

        * Modules/webdatabase/Database.cpp:
        (WebCore::Database::runTransaction):
        * Modules/webdatabase/Database.h:
        * Modules/webdatabase/SQLStatement.cpp:
        (WebCore::SQLStatement::SQLStatement):
        * Modules/webdatabase/SQLStatement.h:
        * Modules/webdatabase/SQLTransaction.cpp:
        (WebCore::SQLTransaction::create):
        (WebCore::SQLTransaction::SQLTransaction):
        (WebCore::SQLTransaction::deliverQuotaIncreaseCallback):
        (WebCore::SQLTransaction::executeSQL):
        * Modules/webdatabase/SQLTransaction.h:
        (WebCore::SQLTransaction::database):

2015-01-03  Chris Dumez  <cdumez@apple.com>

        Move the CSS Grid properties to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=140051

        Reviewed by Sam Weinig.

        Move the CSS Grid properties from StyleResolver to the new
        StyleBuilder.

        This patch adds support for "ConditionalConverter" parameter in
        CSSPropertyNames.in to support cases where we only want to call the
        property setter conditionally. The converter function is then expected
        to return a boolean to indicate if the setter should be called by the
        StyleBuilder or not.

2015-01-02  Chris Dumez  <cdumez@apple.com>

        Kill the DeprecatedStyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=140034

        Reviewed by Darin Adler.

        Move FillLayer properties to the new StyleBuilder and get rid of the
        DeprecatedStyleBuilder now that all its CSS properties have been ported
        to the new StyleBuilder.

2015-01-02  Chris Dumez  <cdumez@apple.com>

        Move 'font-size' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=140010

        Reviewed by Darin Adler.

        Move 'font-size' CSS property to the new StyleBuilder by using custom
        code.

2015-01-02  Darin Adler  <darin@apple.com>

        Pass Document instead of ScriptExecutionContext to non-worker constructors
        https://bugs.webkit.org/show_bug.cgi?id=140040

        Reviewed by Sam Weinig.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateConstructorDefinition):
        Generate code passing the document when ConstructorCallWith=Document is used.
        Later, we could base this on whether the constructor is exposed to workers
        or not, instead, but for now this seems a clean way to do it.

        * bindings/scripts/IDLAttributes.txt: Allow ConstructorCallWith=Document.

        * Modules/notifications/Notification.cpp:
        (WebCore::Notification::create):
        * Modules/notifications/Notification.h:
        * Modules/notifications/Notification.idl:
        * dom/Comment.cpp:
        * dom/Comment.h:
        * dom/Comment.idl:
        * dom/DocumentFragment.cpp:
        (WebCore::DocumentFragment::nodeName): Use ASCIILiteral (just something
        I noticed in passing).
        * dom/DocumentFragment.h:
        * dom/DocumentFragment.idl:
        * dom/Range.cpp:
        * dom/Range.h:
        * dom/Range.idl:
        * dom/Text.cpp:
        * dom/Text.h:
        * dom/Text.idl:
        Change from ScriptExecutionContext to Document, and remove unneeded
        overloads that were just casting. It's better to have the bindings
        layer, which knows these are not ScriptExecutionContext, do the cast
        than to have create functions that cast that are not in any position
        to know the cast is safe.

2015-01-02  Darin Adler  <darin@apple.com>

        Re-land the HTMLTreeBuilder change with the assertion fixed.
        https://bugs.webkit.org/show_bug.cgi?id=140032

        Reviewed by Andreas Kling.

2015-01-02  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r177859 and r177861.
        https://bugs.webkit.org/show_bug.cgi?id=140042

        Caused many assertion failures (Requested by ap on #webkit).

        Reverted changesets:

        "Modernize coding style of HTMLTreeBuilder"
        https://bugs.webkit.org/show_bug.cgi?id=140032
        http://trac.webkit.org/changeset/177859

        "Tried to fix the iOS build."
        http://trac.webkit.org/changeset/177861

2015-01-02  Dan Bernstein  <mitz@apple.com>

        Tried to fix the iOS build.

        * html/parser/HTMLTreeBuilder.cpp:

2015-01-01  Darin Adler  <darin@apple.com>

        Rework code that hides characters in password fields to streamline a little
        https://bugs.webkit.org/show_bug.cgi?id=140035

        Reviewed by Sam Weinig.

        * editing/InsertIntoTextNodeCommand.cpp:
        (WebCore::InsertIntoTextNodeCommand::doApply): Pass the offset after the character
        we want to reveal instead of the offset before. This is more future proof if we
        ever want to handling surrogate pairs or combining marks, rather than hard
        coding the likely incorrect rule of "go back by one code unit". Also got rid of
        the isSecure check here, since RenderText can do that check inside the
        momentarilyRevealLastTypedCharacter instead.

        * rendering/RenderText.cpp: Tweaked the SecureTextTimer class: Marked it final
        and made it derive from TimerBase privately. Made the constructor explicit and
        made it take a reference rather than a pointer. Use initialization in the class
        to set up the variable, and use 0 as the special value instead of -1 since we
        now store the offset *after* the character to be revealed.
        (WebCore::secureTextTimers): Use this function and NeverDestroyed rather than
        a global variable gSecureTextTimers. Also use unique_ptr for the map so we
        don't have to delete explicitly any more.
        (WebCore::SecureTextTimer::SecureTextTimer): Moved out of the class definition
        so the class ia a little easier to read.
        (WebCore::SecureTextTimer::restart): Renamed since the function name doesn't
        have to describe its argument; the function is only called in one place.
        (WebCore::SecureTextTimer::takeOffsetAfterLastTypedCharacter): Changed name
        and made this a one-shot that always zeroes the offset.
        (WebCore::SecureTextTimer::fired): Moved out of line and tweaked as above.
        (WebCore::RenderText::willBeDestroyed): Simplified now that the function
        secureTextTimers() always returns a map and we can just remove since the
        values in the map are unique_ptr, so take care of deletion.
        (WebCore::RenderText::setRenderedText): Tweaked the code that calls secureText
        to make the iOS case clearer.
        (WebCore::RenderText::secureText): Rewrote the function. New version no
        longer relies on a special String::fill function; it's kind of strange that
        String had a built in concept of replacing a string with one that has the
        same length but all with a masking character. This new approach is cleaner.
        I had written a version that handles surrogate pairs and combining marks,
        but then instead wrote a comment explaining why that's not needed/helpful.
        (WebCore::RenderText::momentarilyRevealLastTypedCharacter): Added a check so
        this does nothing if we are not securing the text. Also updated logic so that
        this doesn't double hash any more and updated for other changes like using
        a reference instead of a pointer.

        * rendering/RenderText.h: Removed the unneeded isSecure function and updated
        the argument name in momentarilyRevealLastTypedCharacter since it's now the
        offset after the character, not before the character.

2015-01-01  Darin Adler  <darin@apple.com>

        Modernize coding style of HTMLTreeBuilder
        https://bugs.webkit.org/show_bug.cgi?id=140032

        Reviewed by Andreas Kling.

        Changes include:
        - Use references rather than pointers.
        - Mark data members const that are fully set up in the constructor.
        - Remove many unneeded includes and forward declarations.
        - Fix conditionals to be consistent and correct.
        - Merge some multi-line constructs into a single line.
        - Update whatwg.org URLs; not sure we should keep these, though.
        - Cut down on use of WTF_MAKE_NONCOPYABLE since for many classes it's
          impossible to copy anyway due to references, or harmless to copy.
        - Made more things private.
        - Initialize scalars in the class definition rather than each constructor.
        - Use Ref/RefPtr instead of PassRefPtr.

        * html/parser/HTMLDocumentParser.cpp:
        (WebCore::HTMLDocumentParser::HTMLDocumentParser): Pass reference rather than pointer to
        the context element.
        (WebCore::HTMLDocumentParser::detach): Removed call to HTMLTreeBuilder::detach. This work
        is instead done when the tree builder is destroyed.
        (WebCore::HTMLDocumentParser::constructTreeFromHTMLToken): Pass reference rather than pointer.

        * html/parser/HTMLTreeBuilder.cpp:
        (WebCore::uninitializedPositionValue1): Marked this inline because it's trivial. It was
        probably getting inlined already.
        (WebCore::isCaptionColOrColgroupTag): Format on a single line.
        (WebCore::isTableBodyContextTag): Ditto.
        (WebCore::isNonAnchorFormattingTag): Ditto.
        (WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::ExternalCharacterTokenBuffer):
        Take reference instead of pointer.
        (WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::takeRemaining): Use makeString helper.
        (WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::skipLeading): Tweak formatting.
        (WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::takeLeading): Both of the above.
        (WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::makeString): Added.
        (WebCore::HTMLTreeBuilder::isParsingTemplateContents): Moved the body of this function here,
        since it's only used inside the class.
        (WebCore::HTMLTreeBuilder::isParsingFragmentOrTemplateContents): Ditto.
        (WebCore::HTMLTreeBuilder::HTMLTreeBuilder): Get rid of dead code that handles a null context
        element. The FIXME mentions a bug that is obsolete. Also reorder the data members to be a bit
        more logical and set the new m_destructionProhibited to false at the end of the constructor,
        to check if we accidentally destroy the tree builder while constructing it.
        (WebCore::HTMLTreeBuilder::FragmentParsingContext::FragmentParsingContext): Updated to take
        a reference and to let m_fragment get initialized in the class definition.
        (WebCore::HTMLTreeBuilder::FragmentParsingContext::fragment): Moved this here since it's only
        used inside the class.
        (WebCore::HTMLTreeBuilder::FragmentParsingContext::contextElement): Ditto.
        (WebCore::HTMLTreeBuilder::FragmentParsingContext::contextElementStackItem): Ditto.
        (WebCore::HTMLTreeBuilder::takeScriptToProcess): Changed return type to RefPtr instead of
        PassRefPtr. Added code to handle m_scriptToProcess of null, since reading the code at the
        single call site makes it clear that it's not guaranteed to be non-null! Added destruction-
        related assertions since this is a public function.
        (WebCore::HTMLTreeBuilder::constructTree): Updated for reference rather than pointer. Also
        added destruction-related assertions since this is a public function.
        (WebCore::HTMLTreeBuilder::processToken): Updated to take a reference.
        (WebCore::HTMLTreeBuilder::processDoctypeToken): Ditto.
        (WebCore::HTMLTreeBuilder::processFakeStartTag): Ditto. Also take an rvalue reference for
        the vector of attributes that we will put into the token.
        (WebCore::HTMLTreeBuilder::processFakeEndTag): Ditto.
        (WebCore::HTMLTreeBuilder::processFakePEndTagIfPInButtonScope): Ditto.
        (WebCore::HTMLTreeBuilder::attributesForIsindexInput): Ditto.
        (WebCore::HTMLTreeBuilder::processIsindexStartTagForInBody): Ditto.
        (WebCore::isLi): Ditto.
        (WebCore::isDdOrDt): Ditto.
        (WebCore::HTMLTreeBuilder::processCloseWhenNestedTag): Changed loop to use reference
        rather than pointer for never-null stackItem. Also use auto and a for loop to make the
        loop easier to read.
        (WebCore::createCaseMap): Tweaked formatting.
        (WebCore::adjustAttributes): Ditto.
        (WebCore::HTMLTreeBuilder::processStartTagForInBody): Use reference instead of pointer.
        Set insertion mode directly instead of using a setInsertionMode function.
        (WebCore::HTMLTreeBuilder::processTemplateStartTag): Ditto.
        (WebCore::HTMLTreeBuilder::processTemplateEndTag): Ditto.
        (WebCore::HTMLTreeBuilder::processEndOfFileForInTemplateContents): Ditto.
        (WebCore::HTMLTreeBuilder::processColgroupEndTagForInColumnGroup): Ditto.
        (WebCore::HTMLTreeBuilder::closeTheCell): Ditto.
        (WebCore::HTMLTreeBuilder::processStartTagForInTable): Ditto.
        (WebCore::HTMLTreeBuilder::processStartTag): Ditto. Tweaked assertions, so that we
        assert what state we are in before we fall through to each case, rather than asserting
        inside each case. The per-case assertions were sort of excessive and repetitive and
        even a bit hard to understand.
        (WebCore::HTMLTreeBuilder::processHtmlStartTagForInBody): Ditto.
        (WebCore::HTMLTreeBuilder::processBodyEndTagForInBody): Ditto.
        (WebCore::HTMLTreeBuilder::processAnyOtherEndTagForInBody): Ditto.
        (WebCore::HTMLTreeBuilder::callTheAdoptionAgency): Ditto.
        (WebCore::HTMLTreeBuilder::resetInsertionModeAppropriately): Ditto.
        (WebCore::HTMLTreeBuilder::processEndTagForInTableBody): Ditto.
        (WebCore::HTMLTreeBuilder::processEndTagForInRow): Ditto.
        (WebCore::HTMLTreeBuilder::processEndTagForInCell): Ditto.
        (WebCore::HTMLTreeBuilder::processEndTagForInBody): Ditto.
        (WebCore::HTMLTreeBuilder::processCaptionEndTagForInCaption): Ditto.
        (WebCore::HTMLTreeBuilder::processTrEndTagForInRow): Ditto.
        (WebCore::HTMLTreeBuilder::processTableEndTagForInTable): Ditto.
        (WebCore::HTMLTreeBuilder::processEndTagForInTable): Ditto.
        (WebCore::HTMLTreeBuilder::processEndTag): Ditto.
        (WebCore::HTMLTreeBuilder::processComment): Ditto.
        (WebCore::HTMLTreeBuilder::processCharacter): Ditto.
        (WebCore::HTMLTreeBuilder::insertPhoneNumberLink): Ditto.
        (WebCore::HTMLTreeBuilder::processCharacterBuffer): Ditto.
        (WebCore::HTMLTreeBuilder::processCharacterBufferForInBody): Ditto.
        (WebCore::HTMLTreeBuilder::processEndOfFile): Ditto.
        (WebCore::HTMLTreeBuilder::defaultForInitial): Ditto.
        (WebCore::HTMLTreeBuilder::defaultForBeforeHTML): Ditto.
        (WebCore::HTMLTreeBuilder::defaultForBeforeHead): Ditto.
        (WebCore::HTMLTreeBuilder::defaultForInHead): Ditto.
        (WebCore::HTMLTreeBuilder::defaultForInHeadNoscript): Ditto.
        (WebCore::HTMLTreeBuilder::defaultForAfterHead): Ditto.
        (WebCore::HTMLTreeBuilder::defaultForInTableText): Ditto.
        (WebCore::HTMLTreeBuilder::processStartTagForInHead): Ditto.
        (WebCore::HTMLTreeBuilder::processGenericRCDATAStartTag): Ditto.
        (WebCore::HTMLTreeBuilder::processGenericRawTextStartTag): Ditto.
        (WebCore::HTMLTreeBuilder::processScriptStartTag): Ditto.
        (WebCore::HTMLTreeBuilder::adjustedCurrentStackItem): Made this return a reference.
        (WebCore::HTMLTreeBuilder::shouldProcessTokenInForeignContent): More of the same.
        (WebCore::HTMLTreeBuilder::processTokenInForeignContent): Ditto.
        (WebCore::HTMLTreeBuilder::finished): Changed m_isAttached assertion to !m_destroyed.
        Also updated the comment.
        (WebCore::HTMLTreeBuilder::parseError): Marked this empty function inline.

        * html/parser/HTMLTreeBuilder.h: Removed most includes and forward declarations.
        Changed the phone number functions conditional to be correct. Removed a non-helpful
        FIXME about assertions we really don't need. Removed unneeded use of the inline keyword,
        changed types to references rather than pointer. Removed unneeded public insertionMode
        and setInsertionMode functions. Both are things that are only done inside this class and
        m_insertionMode can be accessed directly instead. Added a destructor that implements
        the destruction assertions. Asserted !m_destroyed at the start of all the public functions.

        * html/parser/TextDocumentParser.cpp:
        (WebCore::TextDocumentParser::insertFakePreElement): Use reference rather than pointer.

2015-01-02  Manuel Rego Casasnovas  <rego@igalia.com>

        [CSS Grid Layout] Remove stack from grid-auto-flow syntax
        https://bugs.webkit.org/show_bug.cgi?id=134842

        Reviewed by Sergio Villar Senin.

        "stack" mode for grid-auto-flow property has been removed from the grid
        layout spec. New syntax is:
          [ row | column ] || dense

        Modified parsing in order to adapt it to the new syntax.

        Also the current behavior relying on "stack" has been updated following
        the spec. Now it won't be possible to mimic the old "none" (or "stack")
        unless you specify manually the grid-placement properties.

        No new tests needed, updated current tests to adapt them to the new
        behavior.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue): Adapt to new syntax.
        * css/CSSParser.cpp:
        (WebCore::isValidGridAutoFlowId): Remove "stack" from valid ids.
        (WebCore::CSSParser::parseGridAutoFlow): Adapt to new syntax.
        * css/CSSValueKeywords.in: Remove "stack".
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty): Adapt to new syntax.
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::placeItemsOnGrid): Remove old "stack" code.
        * rendering/style/GridResolvedPosition.cpp:
        (WebCore::GridResolvedPosition::resolveGridPositionsFromStyle): If we
        cannot resolve positions, we have to run the auto-placement algorithm.
        * rendering/style/RenderStyle.h: Remove "stack".
        * rendering/style/RenderStyleConstants.h: Ditto.

2015-01-01  Sam Weinig  <sam@webkit.org>

        Remove GroupSettings
        https://bugs.webkit.org/show_bug.cgi?id=140037

        Reviewed by Dan Bernstein.

        Nothing sets the values in GroupSettings and nothing uses them.
        - The indexedDBDatabasePath is accessed and sent to the IndexedDB backend,
          but the backend then proceeds to not use it.

        * CMakeLists.txt:
        * Modules/indexeddb/IDBFactory.cpp:
        (WebCore::IDBFactory::getDatabaseNames):
        (WebCore::IDBFactory::deleteDatabase):
        * Modules/indexeddb/IDBFactoryBackendInterface.cpp:
        (WebCore::IDBFactoryBackendInterface::create):
        * Modules/indexeddb/IDBFactoryBackendInterface.h:
        * Modules/indexeddb/PageGroupIndexedDatabase.cpp:
        (WebCore::PageGroupIndexedDatabase::PageGroupIndexedDatabase):
        (WebCore::PageGroupIndexedDatabase::from):
        (WebCore::PageGroupIndexedDatabase::factoryBackend):
        * Modules/indexeddb/PageGroupIndexedDatabase.h:
        * Modules/indexeddb/WorkerGlobalScopeIndexedDatabase.cpp:
        (WebCore::WorkerGlobalScopeIndexedDatabase::WorkerGlobalScopeIndexedDatabase):
        (WebCore::WorkerGlobalScopeIndexedDatabase::from):
        (WebCore::WorkerGlobalScopeIndexedDatabase::indexedDB):
        * Modules/indexeddb/WorkerGlobalScopeIndexedDatabase.h:
        * WebCore.exp.in:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/DocumentStyleSheetCollection.cpp:
        * page/CaptionUserPreferences.cpp:
        * page/Frame.cpp:
        * page/GroupSettings.cpp: Removed.
        * page/GroupSettings.h: Removed.
        * page/PageGroup.cpp:
        (WebCore::PageGroup::PageGroup):
        * page/PageGroup.h:
        (WebCore::PageGroup::groupSettings): Deleted.
        * platform/DatabaseStrategy.cpp:
        (WebCore::DatabaseStrategy::createIDBFactoryBackend):
        * platform/DatabaseStrategy.h:
        * workers/DedicatedWorkerGlobalScope.cpp:
        (WebCore::DedicatedWorkerGlobalScope::create):
        (WebCore::DedicatedWorkerGlobalScope::DedicatedWorkerGlobalScope):
        * workers/DedicatedWorkerGlobalScope.h:
        * workers/DedicatedWorkerThread.cpp:
        (WebCore::DedicatedWorkerThread::create):
        (WebCore::DedicatedWorkerThread::DedicatedWorkerThread):
        (WebCore::DedicatedWorkerThread::createWorkerGlobalScope):
        * workers/DedicatedWorkerThread.h:
        * workers/DefaultSharedWorkerRepository.cpp:
        (WebCore::DefaultSharedWorkerRepository::workerScriptLoaded):
        (WebCore::SharedWorkerProxy::groupSettings): Deleted.
        * workers/SharedWorkerGlobalScope.cpp:
        (WebCore::SharedWorkerGlobalScope::create):
        (WebCore::SharedWorkerGlobalScope::SharedWorkerGlobalScope):
        * workers/SharedWorkerGlobalScope.h:
        * workers/SharedWorkerThread.cpp:
        (WebCore::SharedWorkerThread::create):
        (WebCore::SharedWorkerThread::SharedWorkerThread):
        (WebCore::SharedWorkerThread::createWorkerGlobalScope):
        * workers/SharedWorkerThread.h:
        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::WorkerGlobalScope):
        * workers/WorkerGlobalScope.h:
        (WebCore::WorkerGlobalScope::groupSettings): Deleted.
        * workers/WorkerMessagingProxy.cpp:
        (WebCore::WorkerMessagingProxy::startWorkerGlobalScope):
        * workers/WorkerThread.cpp:
        (WebCore::WorkerThreadStartupData::WorkerThreadStartupData):
        (WebCore::WorkerThread::WorkerThread):
        (WebCore::WorkerThread::workerThread):
        * workers/WorkerThread.h:

2015-01-01  Dan Bernstein  <mitz@apple.com>

        Tried to fix the iOS build.

        * page/scrolling/ios/ScrollingTreeIOS.cpp:
        (WebCore::ScrollingTreeIOS::scrollingTreeNodeDidScroll):

2015-01-01  Darin Adler  <darin@apple.com>

        Fix itearator typo
        https://bugs.webkit.org/show_bug.cgi?id=140027

        Reviewed by Csaba Osztrogonác.

        * rendering/SimpleLineLayoutFlowContents.cpp:
        (WebCore::SimpleLineLayout::nextBreakablePosition): Spelling mistake.

2015-01-01  Alexey Proskuryakov  <ap@apple.com>

        Don't dereference end() in SimpleLineLayout::RunResolver::rangeForRenderer
        https://bugs.webkit.org/show_bug.cgi?id=139951
        rdar://problem/19339881

        Reviewed by Darin Adler.

        * rendering/SimpleLineLayoutResolver.cpp:
        (WebCore::SimpleLineLayout::RunResolver::rangeForRenderer):

2015-01-01  Chris Dumez  <cdumez@apple.com>

        ASSERT that a null key is never used with FeatureCounter
        https://bugs.webkit.org/show_bug.cgi?id=140030

        Reviewed by Darin Adler.

        * platform/FeatureCounter.cpp:
        (WebCore::FeatureCounter::incrementKey):
        (WebCore::FeatureCounter::setKey):
        * platform/ios/FeatureCounter.mm:
        (WebCore::FeatureCounter::incrementKey):
        (WebCore::FeatureCounter::setKey):

2015-01-01  Chris Dumez  <cdumez@apple.com>

        [iOS] Fix memory leak in FeatureCounter
        https://bugs.webkit.org/show_bug.cgi?id=140029
        <rdar://problem/19255690>

        Reviewed by Darin Adler.

        Fix memory leak in FeatureCounter. The NSString for the counter key
        was allocated but never released. The patch switches to using a
        RetainPtr instead of a raw pointer to avoid the issue.

        * platform/ios/FeatureCounter.mm:
        (WebCore::FeatureCounter::incrementKey):
        (WebCore::FeatureCounter::setKey):

2015-01-01  Jeff Miller  <jeffm@apple.com>

        Update user-visible copyright strings to include 2015
        https://bugs.webkit.org/show_bug.cgi?id=139880

        Reviewed by Darin Adler.

        * Info.plist:

2014-12-31  Sam Weinig  <sam@webkit.org>

        Move scrolling code off of WTF::bind
        https://bugs.webkit.org/show_bug.cgi?id=140019

        Reviewed by Darin Adler.

        * page/scrolling/ThreadedScrollingTree.cpp:
        (WebCore::ThreadedScrollingTree::tryToHandleWheelEvent):
        (WebCore::ThreadedScrollingTree::invalidate):
        (WebCore::ThreadedScrollingTree::scrollingTreeNodeDidScroll):
        (WebCore::ThreadedScrollingTree::handleWheelEventPhase):
        (WebCore::derefScrollingCoordinator): Deleted.
        * page/scrolling/ios/ScrollingTreeIOS.cpp:
        (WebCore::ScrollingTreeIOS::invalidate):
        (WebCore::ScrollingTreeIOS::scrollingTreeNodeDidScroll):
        (WebCore::derefScrollingCoordinator): Deleted.
        * page/scrolling/mac/ScrollingCoordinatorMac.mm:
        (WebCore::ScrollingCoordinatorMac::pageDestroyed):
        (WebCore::ScrollingCoordinatorMac::handleWheelEvent):
        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::releaseMemory):
        * workers/WorkerThread.cpp:
        (WebCore::WorkerThread::releaseFastMallocFreeMemoryInAllThreads):

2015-01-01  Antti Koivisto  <antti@apple.com>

        Remove FontData::containsCharacters
        https://bugs.webkit.org/show_bug.cgi?id=140026

        Reviewed by Dan Bernstein.

        This virtual function has no clients.

        * platform/graphics/FontData.h:
        * platform/graphics/SegmentedFontData.cpp:
        (WebCore::SegmentedFontData::containsCharacter): Deleted.
        (WebCore::SegmentedFontData::containsCharacters): Deleted.
        * platform/graphics/SegmentedFontData.h:
        * platform/graphics/SimpleFontData.h:
        * platform/graphics/freetype/SimpleFontDataFreeType.cpp:
        (WebCore::SimpleFontData::containsCharacters): Deleted.
        * platform/graphics/ios/SimpleFontDataIOS.mm:
        (WebCore::SimpleFontData::containsCharacters): Deleted.
        * platform/graphics/mac/SimpleFontDataMac.mm:
        (WebCore::SimpleFontData::containsCharacters): Deleted.
        * platform/graphics/win/SimpleFontDataWin.cpp:
        (WebCore::SimpleFontData::containsCharacters): Deleted.

2015-01-01  Darin Adler  <darin@apple.com>

        We often misspell identifier as "identifer"
        https://bugs.webkit.org/show_bug.cgi?id=140025

        Reviewed by Michael Saboff.

        * html/MediaFragmentURIParser.cpp:
        (WebCore::MediaFragmentURIParser::parseNPTFragment):
        * html/parser/AtomicHTMLToken.h:
        * html/parser/HTMLToken.h:
        * html/shadow/SliderThumbElement.h:
        * platform/graphics/ISOVTTCue.cpp:
        (WebCore::ISOWebVTTCue::ISOWebVTTCue):
        * platform/graphics/ISOVTTCue.h:
        (WebCore::ISOWebVTTCue::id):
        Fix mispellings.

2015-01-01  Zalan Bujtas  <zalan@apple.com>

        Saturated arithmetics: Incorrect float/double clamping.
        https://bugs.webkit.org/show_bug.cgi?id=139888
        rdar://problem/19330885

        Reviewed by Simon Fraser.

        Clamp float and double values correctly when applying saturated arithmetics.

        Test: LayoutUnit test for float overflow.

        * platform/LayoutUnit.h:
        (WebCore::LayoutUnit::LayoutUnit):

2014-12-31  Dan Bernstein  <mitz@apple.com>

        Fixed the iOS build.

        * page/scrolling/ios/ScrollingCoordinatorIOS.mm:
        (WebCore::ScrollingCoordinatorIOS::commitTreeState):

2014-12-31  Csaba Osztrogonác  <ossy@webkit.org>

        URTBF after r177835.

        * page/scrolling/coordinatedgraphics/ScrollingCoordinatorCoordinatedGraphics.cpp:
        (WebCore::ScrollingCoordinatorCoordinatedGraphics::ScrollingCoordinatorCoordinatedGraphics):
        * page/scrolling/coordinatedgraphics/ScrollingCoordinatorCoordinatedGraphics.h:

2014-12-31  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r176476.
        https://bugs.webkit.org/show_bug.cgi?id=140021

        Sadly, this didn't reduce media test crashiness (Requested by
        ap on #webkit).

        Reverted changeset:

        "[Mac] Random crashes inside media libraries when creating
        then destroying media quickly."
        https://bugs.webkit.org/show_bug.cgi?id=138980
        http://trac.webkit.org/changeset/176476

2014-12-31  Sam Weinig  <sam@webkit.org>

        Remove the remaining uses of OwnPtr from WebKit2
        https://bugs.webkit.org/show_bug.cgi?id=140017

        Reviewed by Dan Bernstein.

        * WebCore.exp.in:
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::AsyncScrollingCoordinator):
        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ScrollingStateTree.cpp:
        (WebCore::ScrollingStateTree::commit):
        (WebCore::ScrollingStateTree::create): Deleted.
        * page/scrolling/ScrollingStateTree.h:
        * page/scrolling/ScrollingTree.cpp:
        (WebCore::ScrollingTree::commitNewTreeState):
        * page/scrolling/ScrollingTree.h:
        * page/scrolling/ThreadedScrollingTree.cpp:
        (WebCore::ThreadedScrollingTree::commitNewTreeState):
        * page/scrolling/ThreadedScrollingTree.h:
        * page/scrolling/ios/ScrollingTreeIOS.cpp:
        (WebCore::ScrollingTreeIOS::commitNewTreeState):
        * page/scrolling/ios/ScrollingTreeIOS.h:
        * page/scrolling/mac/ScrollingCoordinatorMac.mm:
        (WebCore::ScrollingCoordinatorMac::commitTreeState):

2014-12-31  Dan Bernstein  <mitz@apple.com>

        Don’t use AccessibilityAllInOne when building with Xcode
        https://bugs.webkit.org/show_bug.cgi?id=139974

        Reviewed by Darin Adler.

        * WebCore.xcodeproj/project.pbxproj: Added all files included by AccessibilityAllInOne.cpp
        to the WebCore target, and removed AccessibilityAllInOne.cpp from the project.

2014-12-30  Chris Dumez  <cdumez@apple.com>

        Move font-related CSS properties to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=140008

        Reviewed by Darin Adler.

        Move font-related CSS properties to the new StyleBuilder
        by teaching makeprop.pl how to generate them.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyFont::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyFont::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyFont::applyValue): Deleted.
        (WebCore::ApplyPropertyFont::createHandler): Deleted.
        * css/makeprop.pl:
        (generateInitialValueSetter):
        (generateInheritValueSetter):
        (generateValueSetter):
        * platform/graphics/FontDescription.h:
        (WebCore::FontDescription::initialItalic):
        (WebCore::FontDescription::initialSmallCaps):
        (WebCore::FontDescription::initialKerning):
        (WebCore::FontDescription::initialFontSmoothing):
        (WebCore::FontDescription::initialTextRenderingMode):

2014-12-30  Chris Dumez  <cdumez@apple.com>

        Move '-webkit-font-variant-ligature' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=140007

        Reviewed by Darin Adler.

        Move '-webkit-font-variant-ligature' CSS property to the new StyleBuilder
        by using custom code.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyFontVariantLigatures::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyFontVariantLigatures::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyFontVariantLigatures::applyValue): Deleted.
        (WebCore::ApplyPropertyFontVariantLigatures::createHandler): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInitialWebkitFontVariantLigatures):
        (WebCore::StyleBuilderCustom::applyInheritWebkitFontVariantLigatures):
        (WebCore::StyleBuilderCustom::applyValueWebkitFontVariantLigatures):

2014-12-29  Chris Dumez  <cdumez@apple.com>

        Move animation / transition CSS properties to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=139999

        Reviewed by Darin Adler.

        Move animation / transition CSS properties to the new StyleBuilder by
        teaching makeprop.pl how to generate them.

2014-12-29  Anders Carlsson  <andersca@apple.com>

        Remove more dead code
        https://bugs.webkit.org/show_bug.cgi?id=139998

        Reviewed by Oliver Hunt.

        * page/PageGroup.cpp:
        (WebCore::PageGroup::localStorage): Deleted.
        (WebCore::PageGroup::transientLocalStorage): Deleted.
        * page/PageGroup.h:
        (WebCore::PageGroup::hasLocalStorage): Deleted.

2014-12-29  Anders Carlsson  <andersca@apple.com>

        Remove unneeded StorageNamespace functions
        https://bugs.webkit.org/show_bug.cgi?id=139997

        Reviewed by Sam Weinig.

        * loader/EmptyClients.cpp:
        * storage/StorageNamespace.h:
        (WebCore::StorageNamespace::closeIdleLocalStorageDatabases): Deleted.

2014-12-29  Anders Carlsson  <andersca@apple.com>

        Get rid of some PageGroup storage functions
        https://bugs.webkit.org/show_bug.cgi?id=139996

        Reviewed by Sam Weinig.

        * WebCore.exp.in:
        * page/PageGroup.cpp:
        (WebCore::PageGroup::closeLocalStorage): Deleted.
        (WebCore::PageGroup::clearLocalStorageForAllOrigins): Deleted.
        (WebCore::PageGroup::clearLocalStorageForOrigin): Deleted.
        (WebCore::PageGroup::closeIdleLocalStorageDatabases): Deleted.
        (WebCore::PageGroup::syncLocalStorage): Deleted.
        * page/PageGroup.h:

2014-12-29  Anders Carlsson  <andersca@apple.com>

        Move storage code from WebCore to WebKit
        https://bugs.webkit.org/show_bug.cgi?id=139558

        Reviewed by Darin Adler.

        * WebCore.exp.in:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/MemoryPressureHandler.cpp:

2014-12-29  Sebastian Dröge  <sebastian@centricular.com>

        [GStreamer] Rewrite MediaSource implementation
        https://bugs.webkit.org/show_bug.cgi?id=139441

        Reviewed by Philippe Normand.

        This now is a clean reimplementation around appsrc that works good
        enough for YouTube (except for seeking), but it still does not
        implement the complete API correctly. Further work is required on
        top of this and the Bugzilla ticket linked above contains some
        further work in the right direction.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::doSeek):
        (WebCore::MediaPlayerPrivateGStreamer::didLoadingProgress):
        (WebCore::MediaPlayerPrivateGStreamer::sourceChanged):
        (WebCore::MediaPlayerPrivateGStreamer::canSaveMediaData):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        (WebCore::MediaPlayerPrivateGStreamer::totalVideoFrames):
        (WebCore::MediaPlayerPrivateGStreamer::droppedVideoFrames):
        (WebCore::MediaPlayerPrivateGStreamer::corruptedVideoFrames):
        (WebCore::MediaPlayerPrivateGStreamer::totalFrameDelay):
        (WebCore::MediaPlayerPrivateGStreamer::isMediaSource):
        * platform/graphics/gstreamer/MediaSourceGStreamer.cpp:
        (WebCore::MediaSourceGStreamer::MediaSourceGStreamer):
        (WebCore::MediaSourceGStreamer::addSourceBuffer):
        (WebCore::MediaSourceGStreamer::durationChanged):
        (WebCore::MediaSourceGStreamer::markEndOfStream):
        (WebCore::MediaSourceGStreamer::unmarkEndOfStream):
        (WebCore::MediaSourceGStreamer::readyState):
        (WebCore::MediaSourceGStreamer::setReadyState):
        (WebCore::MediaSourceGStreamer::waitForSeekCompleted):
        (WebCore::MediaSourceGStreamer::seekCompleted):
        * platform/graphics/gstreamer/MediaSourceGStreamer.h:
        * platform/graphics/gstreamer/SourceBufferPrivateGStreamer.cpp:
        (WebCore::SourceBufferPrivateGStreamer::SourceBufferPrivateGStreamer):
        (WebCore::SourceBufferPrivateGStreamer::~SourceBufferPrivateGStreamer):
        (WebCore::SourceBufferPrivateGStreamer::setClient):
        (WebCore::SourceBufferPrivateGStreamer::append):
        (WebCore::SourceBufferPrivateGStreamer::removedFromMediaSource):
        (WebCore::SourceBufferPrivateGStreamer::readyState):
        (WebCore::SourceBufferPrivateGStreamer::setReadyState):
        (WebCore::SourceBufferPrivateGStreamer::flushAndEnqueueNonDisplayingSamples):
        (WebCore::SourceBufferPrivateGStreamer::enqueueSample):
        (WebCore::SourceBufferPrivateGStreamer::isReadyForMoreSamples):
        (WebCore::SourceBufferPrivateGStreamer::setActive):
        (WebCore::SourceBufferPrivateGStreamer::stopAskingForMoreSamples):
        (WebCore::SourceBufferPrivateGStreamer::notifyClientWhenReadyForMoreSamples):
        * platform/graphics/gstreamer/SourceBufferPrivateGStreamer.h:
        * platform/graphics/gstreamer/WebKitMediaSourceGStreamer.cpp:
        (webkit_media_src_class_init):
        (webkit_media_src_init):
        (webKitMediaSrcFinalize):
        (webKitMediaSrcSetProperty):
        (webKitMediaSrcGetProperty):
        (webKitMediaSrcDoAsyncStart):
        (webKitMediaSrcDoAsyncDone):
        (webKitMediaSrcChangeState):
        (webKitMediaSrcQueryWithParent):
        (webKitMediaSrcGetUri):
        (webKitMediaSrcSetUri):
        (WebCore::MediaSourceClientGStreamer::MediaSourceClientGStreamer):
        (WebCore::MediaSourceClientGStreamer::~MediaSourceClientGStreamer):
        (WebCore::MediaSourceClientGStreamer::addSourceBuffer):
        (WebCore::MediaSourceClientGStreamer::durationChanged):
        (WebCore::MediaSourceClientGStreamer::append):
        (WebCore::MediaSourceClientGStreamer::markEndOfStream):
        (WebCore::MediaSourceClientGStreamer::removedFromMediaSource):
        (WTF::adoptGRef):
        (WTF::refGPtr<WebKitMediaSrc>):
        (WTF::derefGPtr<WebKitMediaSrc>):
        (webKitMediaSrcAddSrc): Deleted.
        (webKitMediaVideoSrcStop): Deleted.
        (webKitMediaAudioSrcStop): Deleted.
        (webKitMediaVideoSrcStart): Deleted.
        (webKitMediaAudioSrcStart): Deleted.
        (webKitMediaVideoSrcNeedDataMainCb): Deleted.
        (webKitMediaAudioSrcNeedDataMainCb): Deleted.
        (webKitMediaVideoSrcNeedDataCb): Deleted.
        (webKitMediaAudioSrcNeedDataCb): Deleted.
        (webKitMediaVideoSrcEnoughDataMainCb): Deleted.
        (webKitMediaAudioSrcEnoughDataMainCb): Deleted.
        (webKitMediaVideoSrcEnoughDataCb): Deleted.
        (webKitMediaAudioSrcEnoughDataCb): Deleted.
        (webKitMediaVideoSrcSeekMainCb): Deleted.
        (webKitMediaAudioSrcSeekMainCb): Deleted.
        (webKitMediaVideoSrcSeekDataCb): Deleted.
        (webKitMediaAudioSrcSeekDataCb): Deleted.
        (webKitMediaSrcSetMediaPlayer): Deleted.
        (webKitMediaSrcSetPlayBin): Deleted.
        (MediaSourceClientGstreamer::MediaSourceClientGstreamer): Deleted.
        (MediaSourceClientGstreamer::~MediaSourceClientGstreamer): Deleted.
        (MediaSourceClientGstreamer::didReceiveDuration): Deleted.
        (MediaSourceClientGstreamer::didReceiveData): Deleted.
        (MediaSourceClientGstreamer::didFinishLoading): Deleted.
        (MediaSourceClientGstreamer::didFail): Deleted.
        * platform/graphics/gstreamer/WebKitMediaSourceGStreamer.h:
        Rewrite MediaSource implementation for GStreamer. The old code was
        overly complicated and did not work at all for anything I've tested
        it with.

2014-12-28  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Unreviewed, additional build fix on win port since r177786.

        * platform/graphics/opengl/Extensions3DOpenGLES.h: Change a constructor from *protected* to *public*.

2014-12-28  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Unreviewed, speculative build fix on win port since r177786.

        Apply std::unique_ptr<> and std::make_unique<> to win files as well.

        * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
        (WebCore::GraphicsContext3D::getExtensions):
        * platform/graphics/win/GraphicsContextWin.cpp:
        (WebCore::GraphicsContext::createWindowsBitmap):

2014-12-28  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Convert OwnPtr to std::unique_ptr in WebCore/graphics/
        https://bugs.webkit.org/show_bug.cgi?id=139971

        Reviewed by Darin Adler.

        Use std::unique_ptr<> and std::make_unique<> instead of OwnPtr.

        * platform/graphics/GlyphMetricsMap.h:
        (WebCore::GlyphMetricsMap<T>::locatePageSlowCase):
        * platform/graphics/GlyphPageTreeNode.cpp:
        (WebCore::GlyphPageTreeNode::getChild):
        (WebCore::GlyphPageTreeNode::pruneCustomFontData):
        (WebCore::GlyphPageTreeNode::pruneFontData):
        * platform/graphics/GlyphPageTreeNode.h:
        * platform/graphics/GraphicsContext.h:
        * platform/graphics/GraphicsContext3D.h:
        * platform/graphics/GraphicsContext3DPrivate.h:
        * platform/graphics/GraphicsLayer.h:
        * platform/graphics/MaskImageOperation.h:
        * platform/graphics/ca/LayerPool.h:
        * platform/graphics/ca/TileController.h:
        * platform/graphics/ca/TileCoverageMap.h:
        * platform/graphics/ca/mac/WebTiledBackingLayer.h:
        * platform/graphics/gpu/DrawingBuffer.h:
        * platform/graphics/gpu/Texture.cpp:
        (WebCore::Texture::Texture):
        (WebCore::Texture::create):
        * platform/graphics/gpu/Texture.h:
        * platform/graphics/opengl/Extensions3DOpenGL.h:
        * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
        (WebCore::GraphicsContext3D::getExtensions):
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::compileShader):
        (WebCore::GraphicsContext3D::mappedSymbolName):
        * platform/graphics/wayland/WaylandDisplay.cpp:
        (WebCore::WaylandDisplay::createSharingGLContext):
        * platform/graphics/wayland/WaylandDisplay.h:
        * platform/graphics/wayland/WaylandSurface.cpp:
        (WebCore::WaylandSurface::createGLContext):
        * platform/graphics/wayland/WaylandSurface.h:

2014-12-28  Dan Bernstein  <mitz@apple.com>

        iOS build fix.

        Reverted r177781, because it appears to trigger <http://webkit.org/b/139609> on iOS.

        * WebCore.xcodeproj/project.pbxproj:

2014-12-28  Roland Takacs  <rtakacs.u-szeged@partner.samsung.com>

        Set relayoutChildren to 'true' only if size change happens in Table
        https://bugs.webkit.org/show_bug.cgi?id=139676

        Reviewed by Darin Adler.

        Pass 'true' value for layoutPositionedObjects() in case of size change.
        It helps to avoid unneccessary setChildNeedsLayout() and
        setPreferredLogicalWidthsDirty() calls.

        This is a backport of my fix in Blink: https://codereview.chromium.org/714933002/

        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::layout):

2014-12-28  Dan Bernstein  <mitz@apple.com>

        Don’t use AccessibilityAllInOne when building with Xcode
        https://bugs.webkit.org/show_bug.cgi?id=139974

        Reviewed by Darin Adler.

        * WebCore.xcodeproj/project.pbxproj: Added all files included by AccessibilityAllInOne.cpp
        to the WebCore target, and removed AccessibilityAllInOne.cpp from the project.

2014-12-26  Andreas Kling  <akling@apple.com>

        Purge PassRefPtr from Element and ElementRareData.
        <https://webkit.org/b/139949>

        Reviewed by Anders Carlsson.

        Make functions that used to take PassRefPtr now take Ref&& or RefPtr&&
        instead depending on possible nullity of incoming values.

        * dom/Element.cpp:
        (WebCore::Element::addShadowRoot):
        (WebCore::Element::setBeforePseudoElement):
        (WebCore::Element::setAfterPseudoElement):
        * dom/Element.h:
        * dom/ElementRareData.h:
        (WebCore::ElementRareData::setShadowRoot):
        (WebCore::ElementRareData::setBeforePseudoElement):
        (WebCore::ElementRareData::setAfterPseudoElement):
        * dom/PseudoElement.h:
        * dom/ShadowRoot.h:
        * style/StyleResolveTree.cpp:
        (WebCore::Style::setBeforeOrAfterPseudoElement):
        (WebCore::Style::attachBeforeOrAfterPseudoElementIfNeeded):

2014-12-26  Dan Bernstein  <mitz@apple.com>

        <rdar://problem/19348208> REGRESSION (r177027): iOS builds use the wrong toolchain
        https://bugs.webkit.org/show_bug.cgi?id=139950

        Reviewed by David Kilzer.

        * Configurations/Base.xcconfig: Only define TOOLCHAINS when building for OS X, doing so
        in a manner that works with Xcode 5.1.1.

2014-12-25  Dhi Aurrahman  <diorahman@rockybars.com>

        Allow strings as argument to :lang()
        https://bugs.webkit.org/show_bug.cgi?id=139678

        Reviewed by Benjamin Poulain.

        Allow strings as argument to :lang()[1]. The selector with empty string argument (e.g. :lang(""))
        is handled as never matching.

        [1] http://www.w3.org/blog/CSS/2014/12/11/minutes-telecon-231/

        Test: fast/css/css-lang-selector-with-string-arguments-text.html
              fast/selectors/lang-extended-filtering-with-string-arguments.html

        * css/CSSGrammar.y.in:
        * css/SelectorCheckerTestFunctions.h:
        (WebCore::matchesLangPseudoClass):

2014-12-25  Andreas Kling  <akling@apple.com>

        DOM exception creator functions should return Ref.
        <https://webkit.org/b/139947>

        Reviewed by Chris Dumez.

        Tweak all the FooException::create() to return Ref instead of
        PassRefPtr since construction always succeeds.

        Also add a toJS() overload for ImplType& to keep bindings building.

        * Modules/indexeddb/IDBDatabaseException.h:
        (WebCore::IDBDatabaseException::create):
        * Modules/webdatabase/SQLException.h:
        (WebCore::SQLException::create):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        * dom/DOMCoreException.h:
        (WebCore::DOMCoreException::create):
        * dom/EventException.h:
        (WebCore::EventException::create):
        * dom/RangeException.h:
        (WebCore::RangeException::create):
        * fileapi/FileException.h:
        (WebCore::FileException::create):
        * svg/SVGException.h:
        (WebCore::SVGException::create):
        * xml/XMLHttpRequestException.h:
        (WebCore::XMLHttpRequestException::create):
        * xml/XPathException.h:
        (WebCore::XPathException::create):

2014-12-25  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Unreviewed, fix build break on win debug build since r177737.

        Partial revert some code in r177737 because it causes build error on win debug buildbot.

        * dom/ElementIteratorAssertions.h:
        (WebCore::ElementIteratorAssertions::ElementIteratorAssertions):

2014-12-25  Dan Bernstein  <mitz@apple.com>

        Give extract-localizable-strings an option to treat warnings as errors
        https://bugs.webkit.org/show_bug.cgi?id=139943

        Reviewed by Darin Adler.

        Add a --treat-warnings-as-errors option, which makes the script emit its warnings as errors
        and exit with a non-0 return code if it emitted any warnings.

        * extract-localizable-strings.pl:
        Added $treatWarningsAsErrors variable, set to true if the option is passed in.

        (emitWarning): Added. If $treatWarningsAsErrors is true, omits the "warning: " token from
        the message, which makes it appear as an error in Xcode, and sets $sawError to 1.

        Replaced all print statements that printed warnings with calls to emitWarning.

2014-12-25  Dan Bernstein  <mitz@apple.com>

        Bring the state of WEBCORE_EXPORT annotations closer to what the exports file specifies.
        https://bugs.webkit.org/show_bug.cgi?id=136172

        Reviewed by Darin Adler.

        * bridge/NP_jsobject.cpp: Give functions from npruntime_impl.h defined in this file default
        using a compiler pragma, in lieu of introducing WebCore-specific macros into that header.
        * bridge/npruntime.cpp: Ditto.

        * platform/mac/WebCoreSystemInterface.mm: Similarly for WebCoreSystemInterface.h.

        Added or removed WEBCORE_EXPORT in these files as necessary to match what is currently in
        the exports file:

        * Modules/mediasource/SourceBuffer.h:
        * bindings/js/JSDOMBinding.h:
        * css/CSSComputedStyleDeclaration.h:
        * dom/ContainerNode.h:
        * dom/Document.h:
        * dom/MouseEvent.h:
        * dom/Range.h:
        * dom/SecurityContext.h:
        * editing/Editor.h:
        * editing/mac/DictionaryLookup.h:
        * loader/FrameLoaderClient.h:
        * loader/LoaderStrategy.h:
        * loader/icon/IconDatabaseBase.h:
        * page/ChromeClient.h:
        * page/EventHandler.h:
        * page/FrameSnapshotting.h:
        * page/Page.h:
        * page/PageOverlay.h:
        * page/PageOverlayController.h:
        * page/TextIndicator.h:
        * page/UserContentController.h:
        * page/WheelEventDeltaTracker.h:
        * page/mac/TextIndicatorWindow.h:
        * platform/DatabaseStrategy.h:
        * platform/ScrollableArea.h:
        * platform/SuddenTermination.h:
        * platform/URL.h:
        * platform/animation/Animation.h:
        * platform/cocoa/MachSendRight.h:
        * platform/graphics/FloatRoundedRect.h:
        * platform/graphics/GraphicsContext.h:
        * platform/graphics/GraphicsLayer.h:
        * platform/graphics/Path.h:
        * platform/graphics/TextRun.h:
        * platform/graphics/ca/TileController.h:
        * platform/graphics/cocoa/IOSurface.h:
        * platform/graphics/mac/ColorMac.h:
        * platform/mac/SoftLinking.h:
        * platform/mac/WebCoreNSStringExtras.h:
        * platform/mock/mediasource/MockMediaPlayerMediaSource.h:
        * platform/network/BlobRegistry.h:
        * platform/network/ResourceRequestBase.h:
        * platform/network/ResourceResponseBase.h:
        * rendering/HitTestResult.h:
        * rendering/RenderInline.h:
        * rendering/RenderLayerBacking.h:
        * rendering/RenderLayerCompositor.cpp:
        * rendering/RenderView.h:
        * storage/StorageNamespaceImpl.h:
        * storage/StorageNamespaceProvider.h:
        * testing/Internals.h:

2014-12-25  Chris Dumez  <cdumez@apple.com>

        [iOS] Log better using FeatureCounter why PageCache is failing due to pruned resources
        https://bugs.webkit.org/show_bug.cgi?id=139921

        Reviewed by Gavin Barraclough and Alexey Proskuryakov.

        Log better using FeatureCounter why PageCache is failing due to pruned
        resources. In particular, we now distinguish if the resource was pruned
        due to:
        - Memory pressure
        - Page cache capacity reached
        - WebProcess suspended (WK2)

        * WebCore.exp.in:
        * history/HistoryItem.cpp:
        (WebCore::HistoryItem::HistoryItem):
        * history/HistoryItem.h:
        * history/PageCache.cpp:
        (WebCore::PageCache::pruneToCapacityNow):
        (WebCore::PageCache::setCapacity):
        (WebCore::pruningReasonToFeatureCounterKey):
        (WebCore::PageCache::add):
        (WebCore::PageCache::take):
        (WebCore::PageCache::get):
        (WebCore::PageCache::prune):
        * history/PageCache.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::commitProvisionalLoad):
        * platform/FeatureCounterKeys.h:
        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::releaseCriticalMemory):

2014-12-25  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Use std::unique_ptr<> in WebCore/dom, plugin, and graphics
        https://bugs.webkit.org/show_bug.cgi?id=139938
        
        Reviewed by Darin Adler.

        Replace OwnPtr with std::unique_ptr<> and std::make_unique<>.

        * dom/ElementIteratorAssertions.h:
        (WebCore::ElementIteratorAssertions::ElementIteratorAssertions):
        * dom/MutationObserverRegistration.cpp:
        (WebCore::MutationObserverRegistration::observedSubtreeNodeWillDetach):
        (WebCore::MutationObserverRegistration::clearTransientRegistrations):
        * dom/MutationObserverRegistration.h:
        * dom/StyledElement.cpp:
        (WebCore::StyledElement::rebuildPresentationAttributeStyle):
        * platform/graphics/SimpleFontData.h:
        (WebCore::SimpleFontData::boundsForGlyph):
        * platform/graphics/freetype/SimpleFontDataFreeType.cpp:
        (WebCore::SimpleFontData::canRenderCombiningCharacterSequence):
        * platform/graphics/mac/SimpleFontDataMac.mm:
        (WebCore::SimpleFontData::canRenderCombiningCharacterSequence):
        * plugins/PluginStream.cpp:
        (WebCore::PluginStream::didReceiveData):
        * plugins/PluginStream.h:

2014-12-25  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r177712 and r177717.
        https://bugs.webkit.org/show_bug.cgi?id=139944

        Caused flaky assertion failures (Requested by ap on #webkit).

        Reverted changesets:

        "[iOS] Log better using FeatureCounter why PageCache is
        failing due to pruned resources"
        https://bugs.webkit.org/show_bug.cgi?id=139921
        http://trac.webkit.org/changeset/177712

        "Unreviewed, fix build warning after r177712"
        http://trac.webkit.org/changeset/177717

2014-12-25  Andreas Kling  <akling@apple.com>

        Rebaseline bindings tests after r177733.

        * bindings/scripts/test/JS/JSTestCallback.h:
        (WebCore::JSTestCallback::create):

2014-12-24  Andreas Kling  <akling@apple.com>

        Convert more creator functions to return Ref instead of PassRefPtr.
        <https://webkit.org/b/139939>

        Reviewed by Darin Adler.

        Convert a slew of functions to return Ref<T> instead of PassRefPtr<T>
        where the result is guaranteed to never be null.

        * Modules/geolocation/Coordinates.h:
        (WebCore::Coordinates::create):
        (WebCore::Coordinates::isolatedCopy):
        * Modules/plugins/QuickTimePluginReplacement.mm:
        (WebCore::QuickTimePluginReplacement::isolatedWorld):
        * Modules/webaudio/AnalyserNode.h:
        (WebCore::AnalyserNode::create):
        * Modules/webaudio/AudioBuffer.cpp:
        (WebCore::AudioBuffer::create):
        (WebCore::AudioBuffer::createFromAudioFileData):
        * Modules/webaudio/AudioBuffer.h:
        * Modules/webaudio/AudioBufferSourceNode.cpp:
        (WebCore::AudioBufferSourceNode::create):
        * Modules/webaudio/AudioBufferSourceNode.h:
        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::create):
        * Modules/webaudio/AudioContext.h:
        * Modules/webaudio/AudioListener.h:
        (WebCore::AudioListener::create):
        * Modules/webaudio/AudioParam.h:
        (WebCore::AudioParam::create):
        * Modules/webaudio/BiquadFilterNode.h:
        (WebCore::BiquadFilterNode::create):
        * Modules/webaudio/ConvolverNode.h:
        (WebCore::ConvolverNode::create):
        * Modules/webaudio/DelayNode.h:
        (WebCore::DelayNode::create):
        * Modules/webaudio/DynamicsCompressorNode.h:
        (WebCore::DynamicsCompressorNode::create):
        * Modules/webdatabase/ChangeVersionWrapper.h:
        (WebCore::ChangeVersionWrapper::create):
        * Modules/webdatabase/DatabaseAuthorizer.cpp:
        (WebCore::DatabaseAuthorizer::create):
        * Modules/webdatabase/DatabaseAuthorizer.h:
        * Modules/webdatabase/DatabaseThread.h:
        (WebCore::DatabaseThread::create):
        * Modules/websockets/WorkerThreadableWebSocketChannel.cpp:
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::send):
        * accessibility/AXObjectCache.cpp:
        (WebCore::createFromRenderer):
        (WebCore::createFromNode):
        * accessibility/AccessibilityARIAGrid.cpp:
        (WebCore::AccessibilityARIAGrid::create):
        * accessibility/AccessibilityARIAGrid.h:
        * accessibility/AccessibilityARIAGridCell.cpp:
        (WebCore::AccessibilityARIAGridCell::create):
        * accessibility/AccessibilityARIAGridCell.h:
        * accessibility/AccessibilityARIAGridRow.cpp:
        (WebCore::AccessibilityARIAGridRow::create):
        * accessibility/AccessibilityARIAGridRow.h:
        * accessibility/AccessibilityImageMapLink.cpp:
        (WebCore::AccessibilityImageMapLink::create):
        * accessibility/AccessibilityImageMapLink.h:
        * accessibility/AccessibilityList.cpp:
        (WebCore::AccessibilityList::create):
        * accessibility/AccessibilityList.h:
        * accessibility/AccessibilityListBox.cpp:
        (WebCore::AccessibilityListBox::create):
        * accessibility/AccessibilityListBox.h:
        * accessibility/AccessibilityListBoxOption.cpp:
        (WebCore::AccessibilityListBoxOption::create):
        * accessibility/AccessibilityListBoxOption.h:
        * accessibility/AccessibilityMediaControls.cpp:
        (WebCore::AccessibilityMediaControl::create):
        (WebCore::AccessibilityMediaControlsContainer::create):
        (WebCore::AccessibilityMediaTimeline::create):
        (WebCore::AccessibilityMediaTimeDisplay::create):
        * accessibility/AccessibilityMediaControls.h:
        * accessibility/AccessibilityMenuList.cpp:
        (WebCore::AccessibilityMenuList::create):
        * accessibility/AccessibilityMenuList.h:
        * accessibility/AccessibilityMenuListOption.h:
        * accessibility/AccessibilityMenuListPopup.h:
        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::create):
        * accessibility/AccessibilityNodeObject.h:
        * accessibility/AccessibilityProgressIndicator.cpp:
        (WebCore::AccessibilityProgressIndicator::create):
        * accessibility/AccessibilityProgressIndicator.h:
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::create):
        * accessibility/AccessibilityRenderObject.h:
        * accessibility/AccessibilitySVGRoot.cpp:
        (WebCore::AccessibilitySVGRoot::create):
        * accessibility/AccessibilitySVGRoot.h:
        * accessibility/AccessibilityScrollView.cpp:
        (WebCore::AccessibilityScrollView::create):
        * accessibility/AccessibilityScrollView.h:
        * accessibility/AccessibilityScrollbar.cpp:
        (WebCore::AccessibilityScrollbar::create):
        * accessibility/AccessibilityScrollbar.h:
        * accessibility/AccessibilitySearchFieldButtons.cpp:
        (WebCore::AccessibilitySearchFieldCancelButton::create):
        * accessibility/AccessibilitySearchFieldButtons.h:
        * accessibility/AccessibilitySlider.cpp:
        (WebCore::AccessibilitySlider::create):
        (WebCore::AccessibilitySliderThumb::create):
        * accessibility/AccessibilitySlider.h:
        * accessibility/AccessibilitySpinButton.cpp:
        (WebCore::AccessibilitySpinButton::create):
        (WebCore::AccessibilitySpinButtonPart::create):
        * accessibility/AccessibilitySpinButton.h:
        * accessibility/AccessibilityTable.cpp:
        (WebCore::AccessibilityTable::create):
        * accessibility/AccessibilityTable.h:
        * accessibility/AccessibilityTableCell.cpp:
        (WebCore::AccessibilityTableCell::create):
        * accessibility/AccessibilityTableCell.h:
        * accessibility/AccessibilityTableColumn.cpp:
        (WebCore::AccessibilityTableColumn::create):
        * accessibility/AccessibilityTableColumn.h:
        * accessibility/AccessibilityTableHeaderContainer.cpp:
        (WebCore::AccessibilityTableHeaderContainer::create):
        * accessibility/AccessibilityTableHeaderContainer.h:
        * accessibility/AccessibilityTableRow.cpp:
        (WebCore::AccessibilityTableRow::create):
        * accessibility/AccessibilityTableRow.h:
        * bindings/js/CachedScriptSourceProvider.h:
        (WebCore::CachedScriptSourceProvider::create):
        * bindings/js/DOMWrapperWorld.h:
        (WebCore::DOMWrapperWorld::create):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneDeserializer::getJSValue):
        * bindings/objc/DOMCustomXPathNSResolver.h:
        (WebCore::DOMCustomXPathNSResolver::create):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateCallbackHeader):
        * bridge/c/c_instance.h:
        (JSC::Bindings::CInstance::create):
        * crypto/CryptoKeyPair.h:
        (WebCore::CryptoKeyPair::create):
        * crypto/keys/CryptoKeyAES.h:
        * crypto/keys/CryptoKeyHMAC.h:
        * crypto/keys/CryptoKeyRSA.h:
        * crypto/mac/CryptoKeyRSAMac.cpp:
        (WebCore::CryptoKeyRSA::generatePair):
        * css/DOMWindowCSS.cpp:
        (WebCore::DOMWindowCSS::create):
        * css/DOMWindowCSS.h:
        * css/DashboardRegion.h:
        (WebCore::DashboardRegion::create):
        * css/FontLoader.h:
        * dom/DOMError.h:
        (WebCore::DOMError::create):
        * dom/DOMStringList.h:
        (WebCore::DOMStringList::create):
        * dom/DataTransfer.cpp:
        (WebCore::DataTransfer::createForCopyAndPaste):
        (WebCore::DataTransfer::createForDragAndDrop):
        * dom/DataTransfer.h:
        * dom/DeviceMotionData.cpp:
        (WebCore::DeviceMotionData::Acceleration::create):
        (WebCore::DeviceMotionData::RotationRate::create):
        (WebCore::DeviceMotionData::create):
        * dom/DeviceMotionData.h:
        * dom/DeviceOrientationData.cpp:
        (WebCore::DeviceOrientationData::create):
        * dom/DeviceOrientationData.h:
        * dom/DocumentMarker.cpp:
        (WebCore::DocumentMarkerDescription::create):
        * editing/AlternativeTextController.cpp:
        (WebCore::AutocorrectionAlternativeDetails::create):
        (WebCore::DictationAlternativeDetails::create):
        * editing/AlternativeTextController.h:
        (WebCore::DictationMarkerDetails::create):
        * editing/AppendNodeCommand.h:
        (WebCore::AppendNodeCommand::create):
        * editing/ApplyStyleCommand.h:
        (WebCore::ApplyStyleCommand::create):
        * editing/BreakBlockquoteCommand.h:
        (WebCore::BreakBlockquoteCommand::create):
        * editing/CompositeEditCommand.cpp:
        (WebCore::EditCommandComposition::create):
        * editing/CompositeEditCommand.h:
        * editing/CreateLinkCommand.h:
        (WebCore::CreateLinkCommand::create):
        * editing/DeleteFromTextNodeCommand.h:
        (WebCore::DeleteFromTextNodeCommand::create):
        * editing/DeleteSelectionCommand.h:
        (WebCore::DeleteSelectionCommand::create):
        * editing/DictationCommand.cpp:
        (WebCore::DictationMarkerSupplier::create):
        * editing/DictationCommand.h:
        (WebCore::DictationCommand::create):
        * editing/EditingStyle.h:
        (WebCore::EditingStyle::create):
        * editing/Editor.cpp:
        (WebCore::Editor::applyStyle):
        (WebCore::Editor::applyParagraphStyle):
        * editing/FormatBlockCommand.h:
        (WebCore::FormatBlockCommand::create):
        * editing/IndentOutdentCommand.h:
        (WebCore::IndentOutdentCommand::create):
        * editing/InsertIntoTextNodeCommand.h:
        (WebCore::InsertIntoTextNodeCommand::create):
        * editing/InsertLineBreakCommand.h:
        (WebCore::InsertLineBreakCommand::create):
        * editing/InsertNodeBeforeCommand.h:
        (WebCore::InsertNodeBeforeCommand::create):
        * editing/InsertParagraphSeparatorCommand.h:
        (WebCore::InsertParagraphSeparatorCommand::create):
        * editing/InsertTextCommand.h:
        (WebCore::InsertTextCommand::create):
        (WebCore::InsertTextCommand::createWithMarkerSupplier):
        * editing/MergeIdenticalElementsCommand.h:
        (WebCore::MergeIdenticalElementsCommand::create):
        * editing/ModifySelectionListLevel.h:
        (WebCore::IncreaseSelectionListLevelCommand::create):
        (WebCore::DecreaseSelectionListLevelCommand::create):
        * editing/MoveSelectionCommand.h:
        (WebCore::MoveSelectionCommand::create):
        * editing/RemoveCSSPropertyCommand.h:
        (WebCore::RemoveCSSPropertyCommand::create):
        * editing/RemoveFormatCommand.h:
        (WebCore::RemoveFormatCommand::create):
        * editing/RemoveNodeCommand.h:
        (WebCore::RemoveNodeCommand::create):
        * editing/RemoveNodePreservingChildrenCommand.h:
        (WebCore::RemoveNodePreservingChildrenCommand::create):
        * editing/ReplaceNodeWithSpanCommand.h:
        (WebCore::ReplaceNodeWithSpanCommand::create):
        * editing/ReplaceSelectionCommand.h:
        (WebCore::ReplaceSelectionCommand::create):
        * editing/SetNodeAttributeCommand.h:
        (WebCore::SetNodeAttributeCommand::create):
        * editing/SetSelectionCommand.h:
        (WebCore::SetSelectionCommand::create):
        * editing/SimplifyMarkupCommand.h:
        (WebCore::SimplifyMarkupCommand::create):
        * editing/SpellChecker.cpp:
        (WebCore::SpellCheckRequest::create):
        * editing/SpellChecker.h:
        * editing/SpellingCorrectionCommand.cpp:
        (WebCore::SpellingCorrectionRecordUndoCommand::create):
        * editing/SpellingCorrectionCommand.h:
        (WebCore::SpellingCorrectionCommand::create):
        * editing/SplitElementCommand.h:
        (WebCore::SplitElementCommand::create):
        * editing/SplitTextNodeCommand.h:
        (WebCore::SplitTextNodeCommand::create):
        * editing/SplitTextNodeContainingElementCommand.h:
        (WebCore::SplitTextNodeContainingElementCommand::create):
        * editing/TypingCommand.h:
        (WebCore::TypingCommand::create):
        * editing/UnlinkCommand.h:
        (WebCore::UnlinkCommand::create):
        * editing/WrapContentsInDummySpanCommand.h:
        (WebCore::WrapContentsInDummySpanCommand::create):
        * editing/ios/DictationCommandIOS.h:
        (WebCore::DictationCommandIOS::create):
        * fileapi/Blob.h:
        (WebCore::Blob::create):
        (WebCore::Blob::deserialize):
        (WebCore::Blob::slice):
        * fileapi/File.h:
        * fileapi/FileList.h:
        (WebCore::FileList::create):
        * fileapi/FileReader.cpp:
        (WebCore::FileReader::create):
        * fileapi/FileReader.h:
        * fileapi/FileReaderSync.h:
        (WebCore::FileReaderSync::create):
        * history/BackForwardList.h:
        (WebCore::BackForwardList::create):
        * history/HistoryItem.h:
        (WebCore::HistoryItem::create):
        * html/DOMURL.cpp:
        (WebCore::DOMURL::create):
        * html/DOMURL.h:
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::plugInImageElementIsolatedWorld):
        * html/canvas/CanvasGradient.h:
        (WebCore::CanvasGradient::create):
        * html/canvas/CanvasPattern.cpp:
        (WebCore::CanvasPattern::create):
        * html/canvas/CanvasPattern.h:
        * html/canvas/DOMPath.h:
        * html/shadow/DetailsMarkerControl.cpp:
        (WebCore::DetailsMarkerControl::create):
        * html/shadow/DetailsMarkerControl.h:
        * html/track/AudioTrack.h:
        * html/track/AudioTrackList.h:
        * html/track/DataCue.h:
        * inspector/CommandLineAPIHost.cpp:
        (WebCore::CommandLineAPIHost::create):
        * inspector/CommandLineAPIHost.h:
        * loader/DocumentLoader.h:
        (WebCore::DocumentLoader::create):
        * loader/FormState.cpp:
        (WebCore::FormState::create):
        * loader/FormState.h:
        * loader/FormSubmission.cpp:
        (WebCore::FormSubmission::create):
        * loader/FormSubmission.h:
        * loader/TextResourceDecoder.h:
        (WebCore::TextResourceDecoder::create):
        * loader/ThreadableLoaderClientWrapper.h:
        (WebCore::ThreadableLoaderClientWrapper::create):
        * loader/WorkerThreadableLoader.h:
        (WebCore::WorkerThreadableLoader::create):
        * loader/appcache/ApplicationCache.h:
        (WebCore::ApplicationCache::create):
        * loader/appcache/ApplicationCacheResource.h:
        (WebCore::ApplicationCacheResource::create):
        * loader/appcache/DOMApplicationCache.h:
        * loader/archive/ArchiveResource.cpp:
        (WebCore::ArchiveResource::create):
        * loader/archive/ArchiveResource.h:
        * loader/icon/IconDatabaseBase.h:
        (WebCore::EnumCallback::create):
        (WebCore::ObjectCallback::create):
        * loader/icon/IconRecord.h:
        (WebCore::IconRecord::create):
        * mathml/MathMLInlineContainerElement.cpp:
        (WebCore::MathMLInlineContainerElement::create):
        * mathml/MathMLInlineContainerElement.h:
        * mathml/MathMLMathElement.cpp:
        (WebCore::MathMLMathElement::create):
        * mathml/MathMLMathElement.h:
        * mathml/MathMLMencloseElement.cpp:
        (WebCore::MathMLMencloseElement::create):
        * mathml/MathMLMencloseElement.h:
        * mathml/MathMLSelectElement.cpp:
        (WebCore::MathMLSelectElement::create):
        * mathml/MathMLSelectElement.h:
        * mathml/MathMLTextElement.cpp:
        (WebCore::MathMLTextElement::create):
        * mathml/MathMLTextElement.h:
        * page/BarProp.h:
        (WebCore::BarProp::create):
        * page/Crypto.h:
        (WebCore::Crypto::create):
        * page/DOMSecurityPolicy.h:
        (WebCore::DOMSecurityPolicy::create):
        * page/DOMSelection.h:
        (WebCore::DOMSelection::create):
        * page/DOMWindow.h:
        * page/DOMWindowExtension.h:
        (WebCore::DOMWindowExtension::create):
        * page/FrameView.cpp:
        (WebCore::FrameView::create):
        * page/FrameView.h:
        * page/animation/CompositeAnimation.h:
        (WebCore::CompositeAnimation::create):
        * page/scrolling/AsyncScrollingCoordinator.h:
        * platform/Cursor.h:
        (WebCore::SharedCursor::create):
        * platform/FileChooser.cpp:
        (WebCore::FileChooser::create):
        * platform/FileChooser.h:
        * platform/animation/Animation.h:
        (WebCore::Animation::create):
        * platform/audio/AudioBus.cpp:
        (WebCore::AudioBus::create):
        (WebCore::AudioBus::createBufferFromRange):
        (WebCore::AudioBus::createBySampleRateConverting):
        (WebCore::AudioBus::createByMixingToMono):
        * platform/audio/AudioBus.h:
        * platform/audio/AudioHardwareListener.cpp:
        (WebCore::AudioHardwareListener::create):
        * platform/audio/AudioHardwareListener.h:
        * platform/audio/mac/AudioHardwareListenerMac.cpp:
        (WebCore::AudioHardwareListener::create):
        (WebCore::AudioHardwareListenerMac::create):
        * platform/audio/mac/AudioHardwareListenerMac.h:
        * platform/graphics/AudioTrackPrivate.h:
        (WebCore::AudioTrackPrivate::create):
        * platform/graphics/BitmapImage.h:
        * platform/graphics/CrossfadeGeneratedImage.h:
        * platform/graphics/FontFeatureSettings.h:
        (WebCore::FontFeatureSettings::create):
        * platform/graphics/Image.cpp:
        (WebCore::Image::nullImage):
        * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.h:
        * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
        (WebCore::AudioSourceProviderAVFObjC::create):
        * platform/graphics/filters/DistantLightSource.h:
        (WebCore::DistantLightSource::create):
        * platform/graphics/filters/FEBlend.cpp:
        (WebCore::FEBlend::create):
        * platform/graphics/filters/FEBlend.h:
        * platform/graphics/filters/FEColorMatrix.cpp:
        (WebCore::FEColorMatrix::create):
        * platform/graphics/filters/FEColorMatrix.h:
        * platform/graphics/filters/FEComponentTransfer.cpp:
        (WebCore::FEComponentTransfer::create):
        * platform/graphics/filters/FEComponentTransfer.h:
        * platform/graphics/filters/FEComposite.cpp:
        (WebCore::FEComposite::create):
        * platform/graphics/filters/FEComposite.h:
        * platform/graphics/filters/FEConvolveMatrix.cpp:
        (WebCore::FEConvolveMatrix::create):
        * platform/graphics/filters/FEConvolveMatrix.h:
        * platform/graphics/filters/FEDiffuseLighting.cpp:
        (WebCore::FEDiffuseLighting::create):
        * platform/graphics/filters/FEDiffuseLighting.h:
        * platform/graphics/filters/FEDisplacementMap.cpp:
        (WebCore::FEDisplacementMap::create):
        * platform/graphics/filters/FEDisplacementMap.h:
        * platform/graphics/filters/FEDropShadow.cpp:
        (WebCore::FEDropShadow::create):
        * platform/graphics/filters/FEDropShadow.h:
        * platform/graphics/filters/FEFlood.cpp:
        (WebCore::FEFlood::create):
        * platform/graphics/filters/FEFlood.h:
        * platform/graphics/filters/FEGaussianBlur.cpp:
        (WebCore::FEGaussianBlur::create):
        * platform/graphics/filters/FEGaussianBlur.h:
        * platform/graphics/filters/FEMerge.cpp:
        (WebCore::FEMerge::create):
        * platform/graphics/filters/FEMerge.h:
        * platform/graphics/filters/FEMorphology.cpp:
        (WebCore::FEMorphology::create):
        * platform/graphics/filters/FEMorphology.h:
        * platform/graphics/filters/FEOffset.cpp:
        (WebCore::FEOffset::create):
        * platform/graphics/filters/FEOffset.h:
        * platform/graphics/filters/FESpecularLighting.cpp:
        (WebCore::FESpecularLighting::create):
        * platform/graphics/filters/FESpecularLighting.h:
        * platform/graphics/filters/FETile.cpp:
        (WebCore::FETile::create):
        * platform/graphics/filters/FETile.h:
        * platform/graphics/filters/FETurbulence.cpp:
        (WebCore::FETurbulence::create):
        * platform/graphics/filters/FETurbulence.h:
        * platform/graphics/ios/DisplayRefreshMonitorIOS.h:
        (WebCore::DisplayRefreshMonitorIOS::create):
        * platform/graphics/mac/ComplexTextController.h:
        (WebCore::ComplexTextController::ComplexTextRun::create):
        * platform/network/BlobData.h:
        (WebCore::RawData::create):
        (WebCore::BlobData::create):
        * platform/network/BlobDataFileReference.h:
        (WebCore::BlobDataFileReference::create):
        * platform/network/cf/FormDataStreamCFNet.cpp:
        * platform/text/BidiContext.cpp:
        (WebCore::BidiContext::createUncached):
        (WebCore::BidiContext::create):
        * platform/text/BidiContext.h:
        * plugins/DOMMimeType.h:
        (WebCore::DOMMimeType::create):
        * plugins/DOMMimeTypeArray.cpp:
        (WebCore::DOMMimeTypeArray::item):
        (WebCore::DOMMimeTypeArray::namedItem):
        * plugins/DOMMimeTypeArray.h:
        (WebCore::DOMMimeTypeArray::create):
        * plugins/DOMPlugin.cpp:
        (WebCore::DOMPlugin::item):
        (WebCore::DOMPlugin::namedItem):
        * plugins/DOMPlugin.h:
        (WebCore::DOMPlugin::create):
        * plugins/DOMPluginArray.cpp:
        (WebCore::DOMPluginArray::item):
        (WebCore::DOMPluginArray::namedItem):
        * plugins/DOMPluginArray.h:
        (WebCore::DOMPluginArray::create):
        * plugins/PluginData.h:
        (WebCore::PluginData::create):
        * rendering/ClipPathOperation.h:
        * rendering/CounterNode.cpp:
        (WebCore::CounterNode::create):
        * rendering/CounterNode.h:
        * rendering/style/BasicShapes.h:
        * rendering/style/CursorList.h:
        (WebCore::CursorList::create):
        * replay/CapturingInputCursor.cpp:
        (WebCore::CapturingInputCursor::create):
        * replay/CapturingInputCursor.h:
        * storage/Storage.cpp:
        (WebCore::Storage::create):
        * storage/Storage.h:
        * storage/StorageAreaImpl.cpp:
        (WebCore::StorageAreaImpl::create):
        * storage/StorageAreaImpl.h:
        * storage/StorageAreaSync.cpp:
        (WebCore::StorageAreaSync::create):
        * storage/StorageAreaSync.h:
        * storage/StorageMap.cpp:
        (WebCore::StorageMap::create):
        * storage/StorageMap.h:
        * storage/StorageSyncManager.cpp:
        (WebCore::StorageSyncManager::create):
        * storage/StorageSyncManager.h:
        * workers/DedicatedWorkerGlobalScope.cpp:
        (WebCore::DedicatedWorkerGlobalScope::create):
        * workers/DedicatedWorkerGlobalScope.h:
        * workers/DedicatedWorkerThread.cpp:
        (WebCore::DedicatedWorkerThread::create):
        (WebCore::DedicatedWorkerThread::createWorkerGlobalScope):
        * workers/DedicatedWorkerThread.h:
        * workers/DefaultSharedWorkerRepository.cpp:
        * workers/SharedWorkerGlobalScope.cpp:
        (WebCore::SharedWorkerGlobalScope::create):
        * workers/SharedWorkerGlobalScope.h:
        * workers/SharedWorkerThread.cpp:
        (WebCore::SharedWorkerThread::create):
        (WebCore::SharedWorkerThread::createWorkerGlobalScope):
        * workers/SharedWorkerThread.h:
        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::importScripts):
        * workers/WorkerLocation.h:
        (WebCore::WorkerLocation::create):
        * workers/WorkerScriptLoader.h:
        (WebCore::WorkerScriptLoader::create):
        * workers/WorkerThread.h:
        * xml/DOMParser.h:
        (WebCore::DOMParser::create):
        * xml/NativeXPathNSResolver.h:
        (WebCore::NativeXPathNSResolver::create):
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::create):
        * xml/XMLHttpRequest.h:
        * xml/XMLHttpRequestProgressEventThrottle.cpp:
        (WebCore::XMLHttpRequestProgressEventThrottle::flushProgressEvent):
        * xml/XMLSerializer.h:
        (WebCore::XMLSerializer::create):
        * xml/XPathEvaluator.h:
        (WebCore::XPathEvaluator::create):
        * xml/XPathResult.h:
        (WebCore::XPathResult::create):
        * xml/XSLStyleSheet.h:
        * xml/XSLTProcessor.h:
        (WebCore::XSLTProcessor::create):

2014-12-24  Benjamin Poulain  <bpoulain@apple.com>

        Small cleanup of RenderBlock::paint()
        https://bugs.webkit.org/show_bug.cgi?id=139849

        Reviewed by Daniel Bates.

        Remove a couple of instructions by putting variable in the right scope.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::paint):

2014-12-24  Dan Bernstein  <mitz@apple.com>

        [Cocoa] WebCoreSystemInterface.h declares two unused symbols
        https://bugs.webkit.org/show_bug.cgi?id=139937

        Reviewed by Tim Horton.

        * platform/graphics/FontPlatformData.h: Removed unused typedefs.

        * platform/graphics/mac/FontCustomPlatformData.cpp:
        (WebCore::createFontCustomPlatformData): Stop passing always-zero containerRef parameter to
        FontCustomPlatformData constructor.

        * platform/graphics/mac/FontCustomPlatformData.h: Removed unused typedefs.
        (WebCore::FontCustomPlatformData::FontCustomPlatformData): Removed unused container
        parameter and m_atsContainer member variable.

        * platform/mac/WebCoreSystemInterface.h: Removed unused typedefs and symbols.

2014-12-23  Chris Dumez  <cdumez@apple.com>

        Simplify RenderStyle::invalidColor() function
        https://bugs.webkit.org/show_bug.cgi?id=139898

        Reviewed by Andreas Kling.

        Simplify RenderStyle::invalidColor() function by getting rid of the
        static variable. The default constructor for Color is very cheap
        anyway.

        * rendering/style/RenderStyle.h:

2014-12-23  Jaehun Lim  <ljaehun.lim@samsung.com>

        Unreviewed, fix build warning after r177712

        ../../Source/WebCore/history/PageCache.cpp: In function ‘const char* WebCore::pruningReasonToFeatureCounterKey(WebCore::PruningReason)’:
        ../../Source/WebCore/history/PageCache.cpp:449:1: error: control reaches end of non-void function [-Werror=return-type]

        No new tests, no behavior changes.

        * history/PageCache.cpp:
        (WebCore::pruningReasonToFeatureCounterKey):

2014-12-23  Chris Dumez  <cdumez@apple.com>

        [iOS] Log better using FeatureCounter why PageCache is failing due to pruned resources
        https://bugs.webkit.org/show_bug.cgi?id=139921
        <rdar://problem/19255690>

        Reviewed by Gavin Barraclough.

        Log better using FeatureCounter why PageCache is failing due to pruned
        resources. In particular, we now distinguish if the resource was pruned
        due to:
        - Memory pressure
        - Page cache capacity reached
        - WebProcess suspended (WK2)

        * WebCore.exp.in:
        * history/HistoryItem.cpp:
        (WebCore::HistoryItem::HistoryItem):
        * history/HistoryItem.h:
        * history/PageCache.cpp:
        (WebCore::PageCache::pruneToCapacityNow):
        (WebCore::PageCache::setCapacity):
        (WebCore::pruningReasonToFeatureCounterKey):
        (WebCore::PageCache::add):
        (WebCore::PageCache::take):
        (WebCore::PageCache::get):
        (WebCore::PageCache::prune):
        * history/PageCache.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::commitProvisionalLoad):
        * platform/FeatureCounterKeys.h:
        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::releaseCriticalMemory):

2014-12-23  Andreas Kling  <akling@apple.com>

        [Mac] Fix nullptr dereference in EventHandler::platformPrepareForWheelEvents().
        <https://webkit.org/b/139923>
        <rdar://problem/19182531>

        Reviewed by Chris Dumez.

        Don't dereference 'wheelEventTarget' until we know it's non-null.
        This manifested as a crash in Node::renderBox() with some versions of LLVM.

        The compiler was free to assume that the ContainerNode* 'candidate' in
        findEnclosingScrollableContainer() would always be non-null on the first
        iteration of the loop.

        I suspect that we can get here with a null 'wheelEventTarget' during the
        rubberbanding phase of a wheel scroll; if the cursor is sitting over the
        exposed "gutter" area.

        * page/mac/EventHandlerMac.mm:
        (WebCore::findEnclosingScrollableContainer):
        (WebCore::EventHandler::platformPrepareForWheelEvents):

2014-12-23  Timothy Horton  <timothy_horton@apple.com>

        Install a TextIndicator for link immediate actions
        https://bugs.webkit.org/show_bug.cgi?id=139897
        <rdar://problem/19333076>

        Reviewed by Anders Carlsson.

        * platform/spi/mac/QuickLookMacSPI.h:
        Add a new piece of SPI.

2014-12-23  Sam Weinig  <sam@webkit.org>

        Rename WebContext to WebProcessPool
        https://bugs.webkit.org/show_bug.cgi?id=139909

        Rubber-stamped by Anders Carlsson.

        Merge SessionID and SessionIDHash into one file to make auto-generation of
        HashMaps with SessionIDs easier.

        * WebCore.xcodeproj/project.pbxproj:
        * loader/cache/MemoryCache.h:
        * page/SessionID.h:
        (WTF::SessionIDHash::hash):
        (WTF::SessionIDHash::equal):
        (WTF::HashTraits<WebCore::SessionID>::emptyValue):
        (WTF::HashTraits<WebCore::SessionID>::constructDeletedValue):
        (WTF::HashTraits<WebCore::SessionID>::isDeletedValue):
        * page/SessionIDHash.h: Removed.

2014-12-23  Myles C. Maxfield  <mmaxfield@apple.com>

        platform/mac/editing/input/devanagari-ligature.html is flaky on Yosemite, ligature fails to form
        https://bugs.webkit.org/show_bug.cgi?id=138683

        Reviewed by Darin Adler.

        This patch changes how we check fonts for equality. In particular, this patch adds a
        objectForEqualityCheck() to Cocoa's FontPlatformData, and callers should pass this object
        to CFEqual() to determine if two platform fonts are equal. This patch also migrates all
        call sites to using this function.

        I don't want to implement operator==() because there are many cases where the same font
        is compared against many others, and this solution is cleaner than caching a comparison
        object inside the font object itself.

        No new tests because this is covered by platform/mac/editing/input/devanagari-ligature.html.

        * platform/graphics/FontPlatformData.h:
        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::objectForEqualityCheck):
        * platform/graphics/mac/ComplexTextControllerCoreText.mm:
        (WebCore::ComplexTextController::collectComplexTextRunsForCharacters):
        * platform/graphics/mac/GlyphPageTreeNodeMac.cpp:
        (WebCore::GlyphPage::fill):
        * platform/graphics/mac/SimpleFontDataMac.mm:
        (WebCore::SimpleFontData::canRenderCombiningCharacterSequence):
        * platform/spi/cocoa/CoreTextSPI.h:

2014-12-23  Myles C. Maxfield  <mmaxfield@apple.com>

        [SVG -> OTF Converter] Make Placeholder a move-only type
        https://bugs.webkit.org/show_bug.cgi?id=139870

        Reviewed by Anders Carlsson.

        No new tests because there is no behavior change.

        * svg/SVGToOTFFontConversion.cpp:
        (WebCore::SVGToOTFFontConverter::Placeholder::Placeholder):
        (WebCore::SVGToOTFFontConverter::Placeholder::populate):
        (WebCore::SVGToOTFFontConverter::Placeholder::~Placeholder):

2014-12-23  Chris Dumez  <cdumez@apple.com>

        Move color CSS properties to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=139898

        Reviewed by Antti Koivisto.

        Move color CSS properties to the new StyleBuilder by teaching the
        StyleBuilder generator how to handle them.

        * css/CSSPropertyNames.in:
        - Move color properties to the new StyleBuilder.

        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::defaultInitialColor): Deleted.
        (WebCore::ApplyPropertyColor::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyColor::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyColor::applyValue): Deleted.
        (WebCore::ApplyPropertyColor::applyColorValue): Deleted.
        (WebCore::ApplyPropertyColor::createHandler): Deleted.
        - Drop color properties support from the DeprecatedStyleBuilder.

        * css/makeprop.pl:
        - Teach the StyleBuilder generator how to handle color properties.
        - Use a class for StyleBuilderFunctions instead of a namespace so
          that it can be made a friend of RenderStyle class.

        * rendering/style/RenderStyle.h:
        - Mark StyleBuilderFunctions class as friend as its functions
          can set RenderStyle members directly. This is similar to what
          is already done for StyleBuilderCustom class. The new color
          properties handling calls private methods on RenderStyle.
        - Mark invalidColor() method as static as it does not require
          an instance.

2014-12-23  Zalan Bujtas  <zalan@apple.com>

        Incorrect dashed and dotted border painting.
        https://bugs.webkit.org/show_bug.cgi?id=139872
        rdar://problem/18024205

        Reviewed by Simon Fraser.

        This patch makes dashed/dotted border painting symmetric and consistent.
        It also works with subpixel positioning.

        Tests: fast/borders/border-painting-correctness-dashed.html
               fast/borders/border-painting-correctness-dotted.html

        * platform/graphics/cg/GraphicsContextCG.cpp:
        (WebCore::GraphicsContext::drawLine):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::drawLineForBoxSide):

2014-12-22  Chris Dumez  <cdumez@apple.com>

        [iOS] Log which type of resources are commonly loaded using FeatureCounter
        https://bugs.webkit.org/show_bug.cgi?id=139890

        Reviewed by Darin Adler.

        Log which type of resources are commonly loaded using FeatureCounter
        (e.g. stylesheets, scripts, fonts, images, ...).

        * loader/SubresourceLoader.cpp:
        (WebCore::logResourceLoadedUsingFeatureCounter):
        (WebCore::SubresourceLoader::didFinishLoading):
        * platform/FeatureCounterKeys.h:

2014-12-22  Chris Dumez  <cdumez@apple.com>

        [iOS] Log using FeatureCounter when a PacheCache fails due to memory pressure
        https://bugs.webkit.org/show_bug.cgi?id=139874
        <rdar://problem/19255690>

        Reviewed by Darin Adler.

        Log using FeatureCounter when a PacheCache fails due to memory
        pressure. To detect this, a flag is added to HistoryItem to mark
        items that are no longer in the page becaused they were pruned
        (either because of a low memory handling or because the page cache
        reached its maximum capacity).

        * history/HistoryItem.cpp:
        (WebCore::HistoryItem::HistoryItem):
        * history/HistoryItem.h:
        * history/PageCache.cpp:
        (WebCore::PageCache::add):
        (WebCore::PageCache::take):
        (WebCore::PageCache::get):
        (WebCore::PageCache::prune):
        * platform/FeatureCounterKeys.h:

2014-12-22  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r177658.
        https://bugs.webkit.org/show_bug.cgi?id=139900

        Caused many assertion failures (Requested by ap on #webkit).

        Reverted changeset:

        "Incorrect dashed and dotted border painting."
        https://bugs.webkit.org/show_bug.cgi?id=139872
        http://trac.webkit.org/changeset/177658

2014-12-22  Jaehun Lim  <ljaehun.lim@samsung.com>

        Unreviewed build fix after r177661 and r177662

        * dom/SecurityOriginPolicy.cpp: Modify #include path.

2014-12-22  Mark Rowe  <mrowe@apple.com>

        [Mac] Engineering builds of WebCore on OS X 10.8 and 10.9 shouldn't build with -gline-tables-only
        <https://webkit.org/b/139883> / <rdar://problem/19297261>

        Reviewed by Alexey Proskuryakov.

        * Configurations/DebugRelease.xcconfig: Override the setting using conditional settings
        so that they take precedence over the conditional settings in Base.xcconfig.

2014-12-22  Alexey Proskuryakov  <ap@apple.com>

        Unreviewed build fix.

        * WebCore.exp.in: Move SQLiteDatabaseTracker::setClient export out of PLATFORM(IOS) section.

2014-12-22  Anders Carlsson  <andersca@apple.com>

        Remove two functions from SecurityOrigin
        https://bugs.webkit.org/show_bug.cgi?id=139885

        Reviewed by Andreas Kling.

        * page/SecurityOrigin.h:
        (WebCore::SecurityOrigin::canAccessPasswordManager): Deleted.
        (WebCore::SecurityOrigin::canAccessFileSystem): Deleted.

2014-12-22  Chris Dumez  <cdumez@apple.com>

        [iOS] Log using FeatureCounter user-triggered zooming
        https://bugs.webkit.org/show_bug.cgi?id=139879
        <rdar://problem/19329130>

        Reviewed by Benjamin Poulain.

        Log using FeatureCounter user-triggered zooming on iOS.

        * WebCore.exp.in:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/FeatureCounter.h:
        * platform/FeatureCounterKeys.h:

2014-12-22  Benjamin Poulain  <bpoulain@apple.com>

        Form elements should match :valid and :invalid based on their associated elements
        https://bugs.webkit.org/show_bug.cgi?id=139850

        Reviewed by Darin Adler.

        In the latest HTML spec, form elements can match :valid or :invalid based
        on their associated element.

        The tricky part is that object lifetime is a mess. When elements are associated
        with forms by the parser, the form is set by the constructor of HTMLFormControlElement.
        At that point, the real object has not been initialized yet which
        makes it impossible to find its validity.

        To work around the lifetime problem, the code of HTMLFormControlElement::didChangeForm()
        uses m_willValidateInitialized and m_willValidate direclty instead
        of invoking willValidate(). That way we don't try to validate an incomplete object.

        When the object really validates, HTMLFormControlElement::setNeedsWillValidateCheck()
        takes care of updating the form.

        Tests: fast/css/pseudo-invalid-form-and-fieldset-basics.html
               fast/css/pseudo-invalid-form-basics.html
               fast/css/pseudo-invalid-form-dynamically-created-basics.html
               fast/css/pseudo-invalid-form-invalidation-optimization.html
               fast/css/pseudo-valid-form-and-fieldset-basics.html
               fast/css/pseudo-valid-form-basics.html
               fast/css/pseudo-valid-form-dynamically-created-basics.html
               fast/css/pseudo-valid-form-invalidation-optimization.html
               fast/selectors/invalid-form-style-update-1.html
               fast/selectors/invalid-form-style-update-2.html
               fast/selectors/invalid-form-style-update-3.html
               fast/selectors/valid-form-style-update-1.html
               fast/selectors/valid-form-style-update-2.html
               fast/selectors/valid-form-style-update-3.html

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::canShareStyleWithControl):
        (WebCore::StyleResolver::canShareStyleWithElement):
        HTMLFormElement is not a FormControl, we have to generalize the test
        for :valid/:invalid with style sharing.

        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::~HTMLFormControlElement):
        Since we now have willChangeForm(), didChangeForm(), we have to null
        the form ourself, as documented by FormAssociatedElement.

        (WebCore::HTMLFormControlElement::setNeedsWillValidateCheck):
        (WebCore::HTMLFormControlElement::willChangeForm):
        (WebCore::HTMLFormControlElement::didChangeForm):
        (WebCore::HTMLFormControlElement::updateValidity):
        Update the owner form when any of the associated form element changes
        to invalid.

        * html/HTMLFormControlElement.h:
        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::registerInvalidAssociatedFormControl):
        (WebCore::HTMLFormElement::removeInvalidAssociatedFormControlIfNeeded):
        (WebCore::HTMLFormElement::matchesValidPseudoClass):
        (WebCore::HTMLFormElement::matchesInvalidPseudoClass):
        This is very similar to the code of fieldset, but we have much weaker
        invariants due to the insane way FormAssociatedElement initializes.

        * html/HTMLFormElement.h:
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::initializeInputType):
        For completeness, we should always validate when changing the type.
        The code was only doing that when the element was inserted into the tree,
        that was too fragile.

2014-12-22  Anders Carlsson  <andersca@apple.com>

        Try to fix the Windows build.

        * dom/DOMAllInOne.cpp:

2014-12-22  Anders Carlsson  <andersca@apple.com>

        Add a SecurityOriginPolicy class
        https://bugs.webkit.org/show_bug.cgi?id=139875

        Reviewed by Sam Weinig.

        This is the first step towards making SecurityOrigin immutable. SecurityOriginPolicy will hold a
        SecurityOrigin and will handle things that would otherwise mutate SecurityOrigin.

        * CMakeLists.txt:
        * WebCore.exp.in:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/DOMImplementation.cpp:
        (WebCore::DOMImplementation::createDocument):
        (WebCore::DOMImplementation::createHTMLDocument):
        * dom/Document.cpp:
        (WebCore::Document::create):
        (WebCore::Document::open):
        (WebCore::Document::cloneDataFromDocument):
        (WebCore::Document::initSecurityContext):
        * dom/ScriptExecutionContext.h:
        * dom/SecurityContext.cpp:
        (WebCore::SecurityContext::setSecurityOriginPolicy):
        (WebCore::SecurityContext::securityOrigin):
        (WebCore::SecurityContext::isSecureTransitionTo):
        (WebCore::SecurityContext::enforceSandboxFlags):
        (WebCore::SecurityContext::setSecurityOrigin): Deleted.
        * dom/SecurityContext.h:
        (WebCore::SecurityContext::securityOriginPolicy):
        (WebCore::SecurityContext::securityOrigin): Deleted.
        * dom/SecurityOriginPolicy.cpp: Added.
        (WebCore::SecurityOriginPolicy::create):
        (WebCore::SecurityOriginPolicy::SecurityOriginPolicy):
        (WebCore::SecurityOriginPolicy::~SecurityOriginPolicy):
        * dom/SecurityOriginPolicy.h: Added.
        (WebCore::SecurityOriginPolicy::origin):
        * loader/DocumentWriter.cpp:
        (WebCore::DocumentWriter::begin):
        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::WorkerGlobalScope):
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::responseXML):
        * xml/XMLTreeViewer.cpp:
        (WebCore::XMLTreeViewer::transformDocumentToTreeView):
        * xml/XSLTProcessor.cpp:
        (WebCore::XSLTProcessor::createDocumentFromSource):

2014-12-22  Zalan Bujtas  <zalan@apple.com>

        Incorrect dashed and dotted border painting.
        https://bugs.webkit.org/show_bug.cgi?id=139872
        rdar://problem/18024205

        Reviewed by Simon Fraser.

        This patch makes dashed/dotted border painting symmetric and consistent.
        It also works with subpixel positioning.

        Tests: fast/borders/border-painting-correctness-dashed.html
               fast/borders/border-painting-correctness-dotted.html

        * platform/graphics/cg/GraphicsContextCG.cpp:
        (WebCore::GraphicsContext::drawLine):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::drawLineForBoxSide):

2014-12-22  Timothy Horton  <timothy_horton@apple.com>

        TextIndicatorWindow is larger than it needs to be, especially when not bouncing
        https://bugs.webkit.org/show_bug.cgi?id=139876
        <rdar://problem/19311017>

        Reviewed by Sam Weinig.

        * page/TextIndicator.cpp:
        (WebCore::TextIndicator::wantsBounce):
        (WebCore::TextIndicator::wantsContentCrossfade):
        (WebCore::TextIndicator::wantsFadeIn):
        * page/TextIndicator.h:
        * page/mac/TextIndicatorWindow.mm:
        (-[WebTextIndicatorView initWithFrame:textIndicator:margin:]):
        (-[WebTextIndicatorView _animationDuration]):
        (-[WebTextIndicatorView present]):
        (WebCore::TextIndicatorWindow::setTextIndicator):
        (-[WebTextIndicatorView _textIndicatorWantsBounce]): Deleted.
        (-[WebTextIndicatorView _textIndicatorWantsContentCrossfade]): Deleted.
        (-[WebTextIndicatorView _textIndicatorWantsFadeIn]): Deleted.
        Move the various switches over TextIndicatorPresentationTransition into TextIndicator.
        Adjust the margin; only inflate by the shadow if we're not bouncing.
        If we are bouncing, fix the math to more tightly fit the bounce.
        Previously we were inflating by way too much, and even when we didn't need to.

2014-12-22  Chris Dumez  <cdumez@apple.com>

        [iOS] Log using FeatureCounter when a PacheCache entry is not reused because it expired
        https://bugs.webkit.org/show_bug.cgi?id=139869
        <rdar://problem/19255690>

        Reviewed by Darin Adler.

        Log using FeatureCounter when a PacheCache entry is not reused because
        it expired.

        * history/PageCache.cpp:
        (WebCore::PageCache::take):
        (WebCore::PageCache::get):
        * history/PageCache.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::commitProvisionalLoad):
        (WebCore::FrameLoader::loadDifferentDocumentItem):
        * loader/HistoryController.cpp:
        (WebCore::HistoryController::invalidateCurrentItemCachedPage):
        * platform/FeatureCounterKeys.h:

2014-12-22  Antti Koivisto  <antti@apple.com>

        Try to fix the windows build.

        * platform/graphics/win/SimpleFontDataCGWin.cpp:

2014-12-22  Timothy Horton  <timothy_horton@apple.com>

        Adjust TextIndicator shadow parameters
        https://bugs.webkit.org/show_bug.cgi?id=139871
        <rdar://problem/19283300>

        Reviewed by Sam Weinig.

        * page/mac/TextIndicatorWindow.mm:
        (-[WebTextIndicatorView initWithFrame:textIndicator:margin:]):
        Slightly adjust the shadow and bounce size.

2014-12-22  Chris Dumez  <cdumez@apple.com>

        Consistently use "FeatureCounter*Key" naming for FeatureCounter keys
        https://bugs.webkit.org/show_bug.cgi?id=139867

        Reviewed by Darin Adler.

        Consistently use "FeatureCounter*Key" naming for FeatureCounter keys.

        * loader/FrameLoader.cpp:
        (WebCore::logNavigationWithFeatureCounter):
        * platform/FeatureCounterKeys.h:

2014-12-22  Antti Koivisto  <antti@apple.com>

        Generic font code should not know about SVG font missing glyph
        https://bugs.webkit.org/show_bug.cgi?id=139864

        Reviewed by Andreas Kling and Myles Maxfield.

        The defined missing glyph is an SVG font concept and should be handled in SVG code.

        * platform/graphics/FontGlyphs.cpp:
        (WebCore::FontGlyphs::glyphDataForSystemFallback):
        (WebCore::FontGlyphs::glyphDataForVariant):

            Return null glyph instead of the missing glyph (the missing glyph was already a null glyph in all non-svg-font cases).
            Use early return style.

        * platform/graphics/FontGlyphs.h:
        * platform/graphics/SegmentedFontData.cpp:
        * platform/graphics/SimpleFontData.cpp:
        (WebCore::SimpleFontData::platformGlyphInit):
        * platform/graphics/SimpleFontData.h:

            Remove the missingGlyph member.

        * platform/graphics/WidthIterator.cpp:
        (WebCore::WidthIterator::advanceInternal):

            Explicitly skip over null glyphs. Before they had non-null fontData and would get skipped implicitly.

        * platform/graphics/mac/SimpleFontDataMac.mm:
        * rendering/svg/SVGTextRunRenderingContext.cpp:
        (WebCore::missingGlyphForFont):

            Get the missing glyph from the SVG font element.

        (WebCore::SVGTextRunRenderingContext::glyphDataForCharacter):

            Return the missing glyph if the normal lookup didn't produce results.

        * svg/SVGFontData.cpp:
        (WebCore::SVGFontData::initializeFontData):

2014-12-22  Chris Dumez  <cdumez@apple.com>

        Move "Auto" CSS properties to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=139858

        Reviewed by Antti Koivisto.

        Move "Auto" CSS properties from DeprecatedStyleBuilder to the new
        StyleBuilder, by adding support in the generator for using hasAutoXXX()
        / setHasAutoXXX() methods on RenderStyle.

        No new tests, no web-exposed behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyAuto::setValue): Deleted.
        (WebCore::ApplyPropertyAuto::value): Deleted.
        (WebCore::ApplyPropertyAuto::hasAuto): Deleted.
        (WebCore::ApplyPropertyAuto::setAuto): Deleted.
        (WebCore::ApplyPropertyAuto::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyAuto::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyAuto::applyValue): Deleted.
        (WebCore::ApplyPropertyAuto::createHandler): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInitialColumnGap):
        (WebCore::StyleBuilderCustom::applyInheritColumnGap):
        (WebCore::StyleBuilderCustom::applyValueColumnGap):
        * css/makeprop.pl:
        (getNameForMethods):
        (getAutoGetter):
        (getAutoSetter):
        (generateInitialValueSetter):
        (generateInheritValueSetter):
        (generateValueSetter):

2014-12-21  Shivakumar JM  <shiva.jm@samsung.com>

        HTMLSelectElement add() should support adding group of options element (HTMLOptGroupElement).
        https://bugs.webkit.org/show_bug.cgi?id=139806

        Reviewed by Darin Adler.

        HTMLSelectElement add() should support adding group of options (optgroup) element.

        Test: fast/dom/HTMLSelectElement/select-add-optgroup.html

        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::add):

2014-12-21  Chris Dumez  <cdumez@apple.com>

        Fix missing assertion in r177623.
        https://bugs.webkit.org/show_bug.cgi?id=139334

        Reviewed by Darin Adler.

        ValueWithCalculation::setCalculation() was meant to include an
        "isCalculation()" assertion but I inadvertently omitted the
        ASSERT() around the statement.

        * css/CSSParser.h:
        (WebCore::CSSParser::ValueWithCalculation::setCalculation):

2014-12-21  Gabor Rapcsanyi  <rgabor@webkit.org>

        AX: Hidden aria table crash
        https://bugs.webkit.org/show_bug.cgi?id=139856

        Reviewed by Chris Fleizach.

        Change axCaption to pointer and check it's value because
        AXObjectCache::getOrCreate() can return with nullptr.

        Test: accessibility/aria-hidden-crash.html

        * accessibility/AccessibilityTable.cpp:
        (WebCore::AccessibilityTable::addChildren):

2014-12-20  Chris Dumez  <cdumez@apple.com>

        Get rid of error-prone ReleaseParsedCalcValueCondition argument in CSSParser
        https://bugs.webkit.org/show_bug.cgi?id=139334

        Reviewed by Darin Adler.

        Get rid of error-prone ReleaseParsedCalcValueCondition argument in
        CSSParser that determines the the m_parsedCalculation member should
        be released.

        Instead, introduce a new ValueWithCalculation type which wraps a
        CSSParserValue and an optional parsed calculation value. This way,
        the parsed calculation value is now associated with its CSSParserValue.
        This makes it very difficult to use a parsed calculation value for the
        wrong CSSParserValue. The API is also easier to use as developers no
        longer need to explicitly indicate if the calculation value should be
        released or not.

        No new tests, no web-behavior change.

2014-12-20  Eric Carlson  <eric.carlson@apple.com>

        [iOS] add optimized fullscreen API
        https://bugs.webkit.org/show_bug.cgi?id=139833
        <rdar://problem/18844486>

        Reviewed by Simon Fraser.

        * Configurations/FeatureDefines.xcconfig: Add ENABLE_VIDEO_PRESENTATION_MODE.

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::optimizedFullscreenSupported): Deleted.
        (WebCore::MediaControlsHost::fullscreenMode): Deleted.
        * Modules/mediacontrols/MediaControlsHost.h:
        * Modules/mediacontrols/MediaControlsHost.idl:

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.addVideoListeners): Listen for 'webkitpresentationmodechanged'.
        (ControllerIOS.prototype.removeVideoListeners): Stop listening for 'webkitpresentationmodechanged'.
        (ControllerIOS.prototype.configureInlineControls): Call video element instead of using the now 
            removed host property.
        (ControllerIOS.prototype.updateControls): Ditto.
        (ControllerIOS.prototype.presentationMode): New, return webkitPresentationMode when possible.
        (ControllerIOS.prototype.handleFullscreenButtonClicked): Use webkitSetPresentationMode when possible.
        (ControllerIOS.prototype.handleOptimizedFullscreenButtonClicked): Use video element instead of 
            using the now removed host method.
        (ControllerIOS.prototype.handlePresentationModeChange): New, react to presentation mode changes.
        (ControllerIOS.prototype.handleFullscreenChange): Call handlePresentationModeChange.

        * dom/EventNames.h: Add webkitpresentationmodechanged.

        * html/HTMLAttributeNames.in: Add onwebkitpresentationmodechanged.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::enterFullscreen): Early return when asked to change to the current 
            mode. Call fullscreenModeChanged() instead of whacking the instance variable directly.
        (WebCore::HTMLMediaElement::exitFullscreen): Ditto.
        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::fullscreenModeChanged): Make virtual.

        * html/HTMLVideoElement.cpp:
        (WebCore::HTMLVideoElement::parseAttribute): Deal with onwebkitpresentationmodechange.
        (WebCore::presentationModeFullscreen): New.
        (WebCore::presentationModeOptimized): Ditto.
        (WebCore::presentationModeInline): Ditto.
        (WebCore::HTMLVideoElement::webkitSupportsPresentationMode): Ditto.
        (WebCore::HTMLVideoElement::webkitSetPresentationMode): Ditto.
        (WebCore::HTMLVideoElement::webkitPresentationMode): Ditto.
        (WebCore::HTMLVideoElement::fullscreenModeChanged): Ditto.
        * html/HTMLVideoElement.h:
        * html/HTMLVideoElement.idl:

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::setIsOptimized): Simplify the logic a bit. Don't report
            a mode change when 

2014-12-20  David Kilzer  <ddkilzer@apple.com>

        Switch from using PLATFORM_NAME to SDK selectors in WebCore, WebInspectorUI, WebKit, WebKit2
        <http://webkit.org/b/139463>

        Reviewed by Mark Rowe.

        Also remove all uses of SQLITE3_HEADER_SEARCH_PATHS and
        WEBCORE_SQLITE3_HEADER_SEARCH_PATHS which were phased out in
        r132859 and needed for Leopard.

        * Configurations/Base.xcconfig:
        - Only set GCC_ENABLE_OBJC_GC, GCC_MODEL_TUNING and TOOLCHAINS
          on OS X.
        - Set GCC_OPTIMIZATION_LEVEL_normal based on SDK.
        - Simplify SQLITE3_HEADER_SEARCH_PATHS.
        * Configurations/DebugRelease.xcconfig:
        - Only set MACOSX_DEPLOYMENT_TARGET and SDKROOT on OS X.
        * Configurations/Version.xcconfig:
        - Set SYSTEM_VERSION_PREFIX separately for iOS and OS X.
        * Configurations/WebCore.xcconfig:
        - Set EXPORTED_SYMBOLS_FILE_i386, EXPORTED_SYMBOLS_FILE_x86_64,
          FRAMEWORK_SEARCH_PATHS, INSTALL_PATH, DYLIB_INSTALL_NAME_BASE,
          OTHER_LDFLAGS, SECTORDER_FLAGS, NORMAL_WEBCORE_FRAMEWORKS_DIR,
          WEBCORE_FRAMEWORKS_DIR, NORMAL_PRODUCTION_FRAMEWORKS_DIR,
          PRODUCTION_FRAMEWORKS_DIR,
          JAVASCRIPTCORE_PRIVATE_HEADERS_DIR_Production and
          EXCLUDED_SOURCE_FILE_NAMES based on SDK.
        - Make sure DYLIB_INSTALL_NAME_BASE and OTHER_LDFLAGS are
          overrideable by WebCoreTestSupport.xcconfig.
        * Configurations/WebCoreTestSupport.xcconfig:
        - Set PRIVATE_HEADERS_FOLDER_PATH_Production and
          INSTALL_PATH_Production based on SDK.
        - Override SECT_ORDER_FLAGS from WebCore.xcconfig.

2014-12-19  Myles C. Maxfield  <mmaxfield@apple.com>

        [SVG -> OTF Converter] Make placeholders more robust
        https://bugs.webkit.org/show_bug.cgi?id=139836

        Reviewed by Dan Bernstein.

        This patch creates a Placeholder object which hides the complexity of
        populating offsets to subtables.

        No new tests because there is no behavior change.

        * svg/SVGToOTFFontConversion.cpp:
        (WebCore::SVGToOTFFontConverter::Placeholder::Placeholder):
        (WebCore::SVGToOTFFontConverter::Placeholder::populate):
        (WebCore::SVGToOTFFontConverter::Placeholder::~Placeholder):
        (WebCore::SVGToOTFFontConverter::appendArabicReplacementSubtable):
        (WebCore::SVGToOTFFontConverter::appendGSUBTable):

2014-12-19  Chris Dumez  <cdumez@apple.com>

        Fix initial / inherit support for '-webkit-perspective-origin' CSS property
        https://bugs.webkit.org/show_bug.cgi?id=139843

        Reviewed by Simon Fraser.

        Fix initial / inherit support for '-webkit-perspective-origin' CSS
        property. These previously had no effect.

        This patch updates the code to be consistent with
        '-webkit-transform-origin' and gets rid of the code in
        DeprecatedStyleBuilder as it isn't used.

        Test: fast/css/perspective-origin-initial-inherit.html

        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyPerspectiveOrigin::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyPerspectiveOrigin::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyPerspectiveOrigin::applyValue): Deleted.
        (WebCore::ApplyPropertyPerspectiveOrigin::createHandler): Deleted.
        * css/StyleProperties.cpp:
        (WebCore::StyleProperties::getPropertyValue):
        (WebCore::StyleProperties::asText):
        * css/StylePropertyShorthand.cpp:
        (WebCore::webkitPerspectiveOriginShorthand):
        (WebCore::shorthandForProperty):
        (WebCore::matchingShorthandsForLonghand):
        * css/StylePropertyShorthand.h:
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):

2014-12-19  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r177599.
        https://bugs.webkit.org/show_bug.cgi?id=139846

        this breaks so many things (Requested by thorton_ on #webkit).

        Reverted changeset:

        "TextIndicator's window can be pushed down if it intersects
        the menu bar"
        https://bugs.webkit.org/show_bug.cgi?id=139841
        http://trac.webkit.org/changeset/177599

2014-12-19  Timothy Horton  <timothy_horton@apple.com>

        TextIndicator's window can be pushed down if it intersects the menu bar
        https://bugs.webkit.org/show_bug.cgi?id=139841
        <rdar://problem/19311017>

        Reviewed by Anders Carlsson.

        * page/mac/TextIndicatorWindow.mm:
        (WebCore::TextIndicatorWindow::setTextIndicator):
        Ensure that the textIndicatorWindow sits above the menubar, and re-set
        its frame so that it moves under the menubar if required.

2014-12-19  Anders Carlsson  <andersca@apple.com>

        Use WebCore::MachSendRights for the compositing render server port
        https://bugs.webkit.org/show_bug.cgi?id=139834

        Reviewed by Tim Horton.

        * WebCore.exp.in:

2014-12-19  Chris Dumez  <cdumez@apple.com>

        [iOS] Log how often media element playback happens using FeatureCounter
        https://bugs.webkit.org/show_bug.cgi?id=139819
        <rdar://problem/19309988>

        Reviewed by Eric Carlson.

        Log using FeatureCounter how often we start loading for audio / video
        elements, and how often they end up being played.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement):
        Add flag to identify when a media element starts playing for the first
        time.

        (WebCore::HTMLMediaElement::loadResource):
        Log when a media element starts loading.

        (WebCore::HTMLMediaElement::updatePlayState):
        Log when a media element starts playing for the first time.

        * html/HTMLMediaElement.h:
        Add flag to identify when a media element starts playing for the first
        time.

        * platform/FeatureCounterKeys.h:
        Add FeatureCounter keys for HTMLMediaElement loading / playback.

2014-12-19  Andreas Kling  <akling@apple.com>

        Ref-ify TextIterator API.
        <https://webkit.org/b/139823>

        Reviewed by Antti Koivisto.

        Change TextIterator functions that always return Range objects to return
        Ref<Range> instead of PassRefPtr<Range>.

        One API (rangeFromLocationAndLength) may return nullptr, so its return type
        is now RefPtr<Range>.

        * editing/TextIterator.cpp:
        (WebCore::TextIterator::range):
        (WebCore::TextIterator::node):
        (WebCore::SimplifiedBackwardsTextIterator::range):
        (WebCore::CharacterIterator::range):
        (WebCore::characterSubrange):
        (WebCore::BackwardsCharacterIterator::range):
        (WebCore::TextIterator::subrange):
        (WebCore::TextIterator::rangeFromLocationAndLength):
        (WebCore::TextIterator::getLocationAndLengthFromRange):
        (WebCore::collapsedToBoundary):
        (WebCore::findPlainText):
        * editing/TextIterator.h:

2014-12-19  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: CRASH in inspector-protocol/debugger/terminate-dedicated-worker-while-paused.html
        https://bugs.webkit.org/show_bug.cgi?id=139792

        Reviewed by Timothy Hatcher.

        * bindings/js/WorkerScriptDebugServer.cpp:
        (WebCore::WorkerScriptDebugServer::removeListener):
        When removing listeners, we could be during WorkerGlobalObject shutdown
        and WorkerGlobalObject::script may be null.

        * workers/WorkerMessagingProxy.cpp:
        (WebCore::WorkerMessagingProxy::WorkerMessagingProxy):
        (WebCore::WorkerMessagingProxy::postMessageToPageInspector):
        This postTask may happen after m_pageInspector has been cleared, so
        only execute it if m_pageInspector is still valid.

2014-12-19  Chris Dumez  <cdumez@apple.com>

        Drop useless HTMLMediaElement::m_previousProgress member
        https://bugs.webkit.org/show_bug.cgi?id=139822

        Reviewed by Eric Carlson.

        Drop HTMLMediaElement::m_previousProgress member and it is not used or
        even initialized.

        * html/HTMLMediaElement.h:

2014-12-19  Chris Dumez  <cdumez@apple.com>

        [iOS] Log how successful the memory cache is using FeatureCounter
        https://bugs.webkit.org/show_bug.cgi?id=139802

        Reviewed by Andreas Kling.

        Log how successful the memory cache is using FeatureCounter and why we
        choose not to use the resource in the memory cache when it is present.

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):
        (WebCore::CachedResourceLoader::determineRevalidationPolicy):
        * platform/FeatureCounterKeys.h:

2014-12-19  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r177574.
        https://bugs.webkit.org/show_bug.cgi?id=139821

        "Broke Production builds by installing
        libWebCoreTestSupport.dylib in the wrong directory" (Requested
        by ddkilzer on #webkit).

        Reverted changeset:

        "Switch from using PLATFORM_NAME to SDK selectors in WebCore,
        WebInspectorUI, WebKit, WebKit2"
        https://bugs.webkit.org/show_bug.cgi?id=139463
        http://trac.webkit.org/changeset/177574

2014-12-19  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Only when the SVG is inline and only when a shape is referenced before it is defined, this shape will not be drawn.
        https://bugs.webkit.org/show_bug.cgi?id=139451.

        Reviewed by Antti Koivisto.

        Tests: svg/in-html/defs-after-use.html.

        When parsing the children of an SVG element is finished, we need to notify the
        other SVG elements which have incomplete shadow trees because of early referencing
        to this element. The referencing elements need to rebuild their shadow trees and
        make new copies of the this element and its sub-tree.
        
        This is the case where a <use> tag references target elements before these target
        elements are defined. Updating the shadow DOM tree of a <use> element should update
        the corresponding shadow render tree as well.

        * svg/SVGElement.cpp:
        (WebCore::SVGElement::finishParsingChildren):
        Invalidate all the referencing elements of a target element whose sub-tree has
        just finished parsing.

2014-12-19  David Kilzer  <ddkilzer@apple.com>

        Switch from using PLATFORM_NAME to SDK selectors in WebCore, WebInspectorUI, WebKit, WebKit2
        <http://webkit.org/b/139463>

        Reviewed by Mark Rowe.

        Also remove all uses of SQLITE3_HEADER_SEARCH_PATHS and
        WEBCORE_SQLITE3_HEADER_SEARCH_PATHS which were phased out in
        r132859 and needed for Leopard.

        * Configurations/Base.xcconfig:
        - Only set GCC_ENABLE_OBJC_GC, GCC_MODEL_TUNING and TOOLCHAINS
          on OS X.
        - Set GCC_OPTIMIZATION_LEVEL_normal based on SDK.
        - Simplify SQLITE3_HEADER_SEARCH_PATHS.
        * Configurations/DebugRelease.xcconfig:
        - Only set MACOSX_DEPLOYMENT_TARGET and SDKROOT on OS X.
        * Configurations/Version.xcconfig:
        - Set SYSTEM_VERSION_PREFIX separately for iOS and OS X.
        * Configurations/WebCore.xcconfig:
        - Set EXPORTED_SYMBOLS_FILE_i386, EXPORTED_SYMBOLS_FILE_x86_64,
          FRAMEWORK_SEARCH_PATHS, INSTALL_PATH, DYLIB_INSTALL_NAME_BASE,
          OTHER_LDFLAGS, SECTORDER_FLAGS, NORMAL_WEBCORE_FRAMEWORKS_DIR,
          WEBCORE_FRAMEWORKS_DIR, NORMAL_PRODUCTION_FRAMEWORKS_DIR,
          PRODUCTION_FRAMEWORKS_DIR,
          JAVASCRIPTCORE_PRIVATE_HEADERS_DIR_Production and
          EXCLUDED_SOURCE_FILE_NAMES based on SDK.
        - Make sure DYLIB_INSTALL_NAME_BASE and OTHER_LDFLAGS are
          overrideable by WebCoreTestSupport.xcconfig.
        * Configurations/WebCoreTestSupport.xcconfig:
        - Set PRIVATE_HEADERS_FOLDER_PATH_Production and
          INSTALL_PATH_Production based on SDK.
        - Override SECT_ORDER_FLAGS from WebCore.xcconfig.

2014-12-19  Chris Dumez  <cdumez@apple.com>

        Clean up StyleBuilderCustom and DeprecatedStyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=139807

        Reviewed by Antti Koivisto.

        Clean up StyleBuilderCustom and DeprecatedStyleBuilder.

        * css/DeprecatedStyleBuilder.cpp:

        - Remove unnecessary header includes.

        (WebCore::ApplyPropertyPerspectiveOrigin::applyInheritValue):
        (WebCore::ApplyPropertyPerspectiveOrigin::applyInitialValue):
        (WebCore::ApplyPropertyPerspectiveOrigin::applyValue):
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyExpanding::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyExpanding::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyExpanding::applyValue): Deleted.
        (WebCore::ApplyPropertyExpanding::createHandler): Deleted.

        - Rename ApplyPropertyExpanding to ApplyPropertyPerspectiveOrigin as
          PerspectiveOrigin is the only remaining user of this class. This also
          allows us to simplify the implementation a lot.

        (WebCore::ApplyPropertyDefaultBase::setValue): Deleted.
        (WebCore::ApplyPropertyDefaultBase::value): Deleted.
        (WebCore::ApplyPropertyDefaultBase::initial): Deleted.
        (WebCore::ApplyPropertyDefaultBase::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyDefaultBase::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyDefaultBase::applyValue): Deleted.

        - There is no longer any user of this templated class.

        * css/StyleBuilderCustom.h:

        - Introduce a macro that declares all 3 handlers (inherit, initial and
          value) in the StyleBuilderCustom class. This greatly reduces the
          number of lines in this class.
        - Also alphabetize the handlers.

2014-12-18  Jeremy Jones  <jeremyj@apple.com>

        dispatch to main thread before accessing playerController() in WebVideoFullscreenInterfaceAVKit::setCanPlayFastReverse
        https://bugs.webkit.org/show_bug.cgi?id=139809

        Reviewed by Dan Bernstein.

        This prevents a race in playerController().

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::setCanPlayFastReverse):

2014-12-18  Jessie Berlin  <jberlin@webkit.org>

        More speculative build fixing.

        * WebCore.exp.in:

2014-12-18  Andreas Kling  <akling@apple.com>

        Ref-ify various Document-related things.
        <https://webkit.org/b/139796>

        Reviewed by Anders Carlsson.

        * bindings/objc/DOMHTML.mm:
        (-[DOMHTMLDocument createDocumentFragmentWithText:]):
        * dom/CDATASection.cpp:
        (WebCore::CDATASection::create):
        (WebCore::CDATASection::virtualCreate):
        * dom/CDATASection.h:
        * dom/Comment.cpp:
        (WebCore::Comment::create):
        * dom/Comment.h:
        * dom/Document.cpp:
        (WebCore::Document::create):
        (WebCore::Document::createDocumentFragment):
        (WebCore::Document::createTextNode):
        (WebCore::Document::createComment):
        (WebCore::Document::createEditingTextNode):
        (WebCore::Document::createCSSStyleDeclaration):
        (WebCore::Document::createElement):
        (WebCore::Document::createRange):
        (WebCore::Document::createParser):
        (WebCore::Document::cloneNodeInternal):
        (WebCore::Document::cloneDocumentWithoutChildren):
        * dom/Document.h:
        (WebCore::Document::create):
        (WebCore::Document::createXHTML):
        (WebCore::Document::createNonRenderedPlaceholder):
        * dom/DocumentFragment.cpp:
        (WebCore::DocumentFragment::create):
        * dom/DocumentFragment.h:
        * dom/DocumentType.h:
        * dom/EntityReference.cpp:
        (WebCore::EntityReference::create):
        * dom/EntityReference.h:
        * dom/Text.cpp:
        (WebCore::Text::create):
        (WebCore::Text::createEditingText):
        (WebCore::Text::splitText):
        (WebCore::Text::virtualCreate):
        (WebCore::Text::createWithLengthLimit):
        * dom/Text.h:
        * editing/markup.cpp:
        (WebCore::replaceChildrenWithText):
        * html/FTPDirectoryDocument.cpp:
        (WebCore::FTPDirectoryDocument::createParser):
        * html/FTPDirectoryDocument.h:
        * html/HTMLDocument.cpp:
        (WebCore::HTMLDocument::createParser):
        (WebCore::HTMLDocument::cloneDocumentWithoutChildren):
        * html/HTMLDocument.h:
        (WebCore::HTMLDocument::create):
        (WebCore::HTMLDocument::createSynthesizedDocument):
        * html/ImageDocument.cpp:
        (WebCore::ImageDocument::createParser):
        * html/ImageDocument.h:
        * html/MediaDocument.cpp:
        (WebCore::MediaDocument::createParser):
        * html/MediaDocument.h:
        * html/PluginDocument.cpp:
        (WebCore::PluginDocument::createParser):
        * html/PluginDocument.h:
        * html/TextDocument.cpp:
        (WebCore::TextDocument::createParser):
        * html/TextDocument.h:
        * html/parser/HTMLConstructionSite.cpp:
        (WebCore::HTMLConstructionSite::insertTextNode):
        * html/parser/HTMLDocumentParser.h:
        (WebCore::HTMLDocumentParser::create):
        * loader/SinkDocument.cpp:
        (WebCore::SinkDocument::createParser):
        * loader/SinkDocument.h:
        * svg/SVGDocument.cpp:
        (WebCore::SVGDocument::cloneDocumentWithoutChildren):
        * svg/SVGDocument.h:
        * xml/parser/XMLDocumentParser.h:
        (WebCore::XMLDocumentParser::create):
        * xml/parser/XMLDocumentParserLibxml2.cpp:
        (WebCore::XMLParserContext::createStringParser):
        (WebCore::XMLParserContext::createMemoryParser):

2014-12-18  Anders Carlsson  <andersca@apple.com>

        Use MachSendRight in WebKit2
        https://bugs.webkit.org/show_bug.cgi?id=139800

        Reviewed by Tim Horton.

        * WebCore.exp.in:
        * platform/cocoa/MachSendRight.h:
        (WebCore::MachSendRight::MachSendRight):
        (WebCore::MachSendRight::sendRight):
        * platform/graphics/cocoa/IOSurface.h:
        * platform/graphics/cocoa/IOSurface.mm:
        (IOSurface::createFromSendRight):
        (IOSurface::createFromMachPort): Deleted.

2014-12-18  Gavin Barraclough  <barraclough@apple.com>

        Add strong typing to RefCounter interface, return value as a bool.
        https://bugs.webkit.org/show_bug.cgi?id=139776

        Reviewed by Geoff Garen.

        Currently all token vended by a RefCounter have the same type - Ref<RefCounter::Count>.
        This means there is no compile time type checking to prevent mistakes. Update the count()
        method to token<>(), templated on type used to identify the token being returned.
        Calls to token<T>() will return a result of type RefCounter::Token<T>.

        There are a few problems with the fact the counter will return you an exact count of the
        number of outstanding tokens:
          - It is desirable to only fire the callback on zero-edge changes; it is more consistent
            to do so if the value is only readable as a boolean.
          - It is desirable to provide the value as an argument to the callback, however to make
            this useful for integer values it is also necessary to indicate the direction of change
            (0->1 is often interesting where 2->1 is not).
          - There is a mismatch between the precision of returning a count, and the inherent
            imprecision of a token based mechanism, where it may be difficult to guarantee
            absolutely no unnecessary refcount churn, and thus unintentional counter values.

        * page/PageThrottler.cpp:
        (WebCore::m_mediaActivityCounter):
        (WebCore::m_pageLoadActivityCounter):
            - lambdas now passed the value.
        (WebCore::PageThrottler::mediaActivityToken):
        (WebCore::PageThrottler::pageLoadActivityToken):
            - count() -> token<>().
        * page/PageThrottler.h:
            - specify tpoken type for PageActivityAssertionToken.

2014-12-18  Benjamin Poulain  <bpoulain@apple.com>

        HTMLFormControlElement and HTMLObjectElement need not to look for an ancestor on construction
        https://bugs.webkit.org/show_bug.cgi?id=139791

        Reviewed by Alexey Proskuryakov.

        The objects are being constructed, they have not been inserted into the tree yet.
        There is not chance of finding the owner form at this point,
        that is done when inserting the node into the tree.

        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::HTMLFormControlElement):
        * html/HTMLObjectElement.cpp:
        (WebCore::HTMLObjectElement::HTMLObjectElement):

2014-12-18  Chris Fleizach  <cfleizach@apple.com>

        AX: Recursive crash at WebCore::accessibleNameForNode
        https://bugs.webkit.org/show_bug.cgi?id=139616

        Reviewed by Mario Sanchez Prada.

        An image that uses aria-labelledby to reference its own parent can lead to a recursion crash.
        There needs to be some information we can pass through these methods to ensure we don't hit this case.

        Test: accessibility/accessibility-description-crash.html

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::alternativeText):
        (WebCore::AccessibilityNodeObject::textUnderElement):
        (WebCore::accessibleNameForNode):
        (WebCore::AccessibilityNodeObject::accessibilityDescriptionForElements):
        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityTextUnderElementMode::AccessibilityTextUnderElementMode):

2014-12-18  Chris Fleizach  <cfleizach@apple.com>

        AX: Heuristic: Avoid exposing an element as clickable if mouse event delegation is handled on an element with any explicit ARIA role, including presentation.
        https://bugs.webkit.org/show_bug.cgi?id=133613

        Reviewed by Mario Sanchez Prada.

        This adds a heuristic to avoid a problem we have where too many objects that say they respond to press actions for accessibility.
        It results from people installing click handlers on container nodes and then lots of static text objects are "clickable" in the eyes of VoiceOver.

        What we can do is avoid this determination if the element is presentational.

        Test: platform/mac/accessibility/press-action-for-presentational-descendants.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::nodeHasPresentationRole):
        (WebCore::AccessibilityObject::supportsPressAction):
        * accessibility/AccessibilityObject.h:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityActionNames]):

2014-12-18  Chris Fleizach  <cfleizach@apple.com>

        AX: event.target should sometimes be a descendant element on AXPress-triggered mouse clicks
        https://bugs.webkit.org/show_bug.cgi?id=135689

        Reviewed by Mario Sanchez Prada.

        When trying to find the right sub-node to target, we need to go back up the parent chain to find 
        an Element, in case we land on a Text node for example.

        Test: accessibility/press-target-uses-text-descendant-node.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::press):

2014-12-16  Sam Weinig  <sam@webkit.org>

        Unify the Mac and iOS implementations of FontPlatformData a bit
        https://bugs.webkit.org/show_bug.cgi?id=139721

        Reviewed by Anders Carlsson.

        This is a first pass of unifying the Mac and iOS implementations of FontPlatformData.
        Notable changes:
        - Change the storage of the platform font to be CTFontRef across the board. Adds NSFont
          setter/getter/constructor as a temporary measures during the transition away from NSFont.
        - Removes duplicate code that only differed by whether the type was NSFont or CTFontRef.
        - Reduces the number of #ifdefs.

        * platform/graphics/FontPlatformData.cpp:
        (WebCore::FontPlatformData::FontPlatformData):
        (WebCore::FontPlatformData::operator=):
        (WebCore::FontPlatformData::openTypeTable): Deleted.
        * platform/graphics/FontPlatformData.h:
        (WebCore::FontPlatformData::nsFont):
        (WebCore::FontPlatformData::setNSFont):
        (WebCore::FontPlatformData::hash):
        (WebCore::FontPlatformData::operator==):
        (WebCore::FontPlatformData::isHashTableDeletedValue):
        (WebCore::toCTFontRef): Deleted.
        (WebCore::FontPlatformData::font): Deleted.
        (WebCore::FontPlatformData::roundsGlyphAdvances): Deleted.
        (WebCore::FontPlatformData::cgFont): Deleted.
        (WebCore::FontPlatformData::hashTableDeletedFontValue): Deleted.
        * platform/graphics/SimpleFontData.h:
        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::FontPlatformData):
        (WebCore::FontPlatformData::~FontPlatformData):
        (WebCore::FontPlatformData::platformDataInit):
        (WebCore::FontPlatformData::platformDataAssign):
        (WebCore::FontPlatformData::setFont):
        (WebCore::FontPlatformData::roundsGlyphAdvances):
        (WebCore::FontPlatformData::allowsLigatures):
        (WebCore::FontPlatformData::ctFont):
        (WebCore::FontPlatformData::openTypeTable):
        (WebCore::FontPlatformData::loadFont): Deleted.
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::FontCache::systemFallbackForCharacters):
        * platform/graphics/mac/FontMac.mm:
        (WebCore::Font::drawGlyphs):
        * platform/graphics/mac/SimpleFontDataMac.mm:
        (WebCore::SimpleFontData::getCompositeFontReferenceFontData):
        (WebCore::SimpleFontData::platformInit):
        (WebCore::SimpleFontData::platformCreateScaledFontData):
        (WebCore::SimpleFontData::containsCharacters):
        (WebCore::SimpleFontData::determinePitch):
        (WebCore::SimpleFontData::renderingStyle):
        (WebCore::SimpleFontData::advanceForColorBitmapFont):

2014-12-18  Anders Carlsson  <andersca@apple.com>

        Build fix.

        * platform/cocoa/MachSendRight.cpp:

2014-12-18  Timothy Horton  <timothy_horton@apple.com>

        Change page preview loading order, and add a TextIndicator
        https://bugs.webkit.org/show_bug.cgi?id=139793
        <rdar://problem/19288547>

        Reviewed by Beth Dakin.

        * WebCore.exp.in:
        * platform/spi/mac/NSPopoverSPI.h:
        Add an export and some SPI.

2014-12-18  Anders Carlsson  <andersca@apple.com>

        Clean up MachSendRight and add a copySendRight member function
        https://bugs.webkit.org/show_bug.cgi?id=139788

        Reviewed by Tim Horton.

        * platform/cocoa/MachSendRight.cpp:
        (WebCore::retainSendRight):
        (WebCore::releaseSendRight):
        Use mach_error_string.

        (WebCore::MachSendRight::copySendRight):
        Create a new send right with the given mach port.

        (WebCore::MachSendRight::leakSendRight):
        Use std::exchange.

        * platform/cocoa/MachSendRight.h:

2014-12-18  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: ASSERT seen closing/opening multiple inspectors
        https://bugs.webkit.org/show_bug.cgi?id=139783

        Reviewed by Timothy Hatcher.

        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::nodeForObjectId):

2014-12-18  Anders Carlsson  <andersca@apple.com>

        Add a MachSendRight class to WebCore and use it in IOSurface
        https://bugs.webkit.org/show_bug.cgi?id=139787

        Reviewed by Tim Horton.

        * WebCore.exp.in:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/cocoa/MachSendRight.cpp: Added.
        (WebCore::retainSendRight):
        (WebCore::releaseSendRight):
        (WebCore::MachSendRight::adopt):
        (WebCore::MachSendRight::create):
        (WebCore::MachSendRight::MachSendRight):
        (WebCore::MachSendRight::~MachSendRight):
        (WebCore::MachSendRight::operator=):
        (WebCore::MachSendRight::leakSendRight):
        * platform/cocoa/MachSendRight.h: Added.
        * platform/graphics/cocoa/IOSurface.h:
        * platform/graphics/cocoa/IOSurface.mm:
        (IOSurface::createSendRight):
        (IOSurface::createMachPort): Deleted.

2014-12-18  Andreas Kling  <akling@apple.com>

        Ref-ify DOMSettableTokenList.
        <https://webkit.org/b/139785>

        Reviewed by Chris Dumez.

        Make DOMSettableTokenList::create() return a Ref, and have its two client
        elements store it in a Ref instead of a RefPtr (and fix their getter API
        to return references.)

        * html/DOMSettableTokenList.cpp:
        (WebCore::DOMSettableTokenList::create): Deleted.
        * html/DOMSettableTokenList.h:
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::sizes): Deleted.
        * html/HTMLLinkElement.h:
        * html/HTMLOutputElement.cpp:
        (WebCore::HTMLOutputElement::htmlFor): Deleted.
        * html/HTMLOutputElement.h:

2014-12-18  Andreas Kling  <akling@apple.com>

        Ref-ify ClientRectList.
        <https://webkit.org/b/139780>

        Reviewed by Anders Carlsson.

        Make the ClientRectList::create() helpers return Ref, along with a bunch
        of other functions that always return non-null ClientRectLists.

        Also make ClientRectList store a Vector<Ref<ClientRect>> internally since
        entries in the Vector are never null.

        * dom/ClientRectList.cpp:
        (WebCore::ClientRectList::item):
        * dom/ClientRectList.h:
        (WebCore::ClientRectList::create):
        * dom/Element.cpp:
        (WebCore::Element::getClientRects):
        * dom/Element.h:
        * dom/Range.cpp:
        (WebCore::Range::getClientRects):
        * dom/Range.h:
        * page/Page.cpp:
        (WebCore::Page::nonFastScrollableRects):
        * page/Page.h:
        * testing/Internals.cpp:
        (WebCore::Internals::inspectorHighlightRects):
        (WebCore::Internals::nonFastScrollableRects):
        * testing/Internals.h:

2014-12-18  Andreas Kling  <akling@apple.com>

        Ref-ify ClientRect.
        <https://webkit.org/b/139777>

        Reviewed by Anders Carlsson.

        Make the ClientRect::create() helpers return Ref, along with a bunch
        of other functions that always return non-null ClientRects.

        * dom/ClientRect.h:
        (WebCore::ClientRect::create):
        * dom/Element.cpp:
        (WebCore::Element::getBoundingClientRect):
        * dom/Element.h:
        * dom/Range.cpp:
        (WebCore::Range::getBoundingClientRect):
        * dom/Range.h:
        * html/track/VTTRegion.cpp:
        (WebCore::VTTRegion::displayLastTextTrackCueBox):
        * testing/Internals.cpp:
        (WebCore::Internals::absoluteCaretBounds):
        (WebCore::Internals::boundingBox):
        (WebCore::Internals::selectionBounds):
        * testing/Internals.h:

2014-12-18  Chris Dumez  <cdumez@apple.com>

        [iOS] Log navigation types using FeatureCounter API
        https://bugs.webkit.org/show_bug.cgi?id=139753

        Reviewed by Darin Adler.

        Log navigation types using FeatureCounter API.

        No new tests, no behavior change other than additional feature
        counting.

        * loader/FrameLoader.cpp:
        (WebCore::logNavigationWithFeatureCounter):
        (WebCore::FrameLoader::loadWithDocumentLoader):
        * platform/FeatureCounterKeys.h:

2014-12-18  Chris Dumez  <cdumez@apple.com>

        Move 'font-weight' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=139765

        Reviewed by Antti Koivisto.

        Move 'font-weight' CSS property to the new StyleBuilder by using
        custom code.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyFontWeight::applyValue): Deleted.
        (WebCore::ApplyPropertyFontWeight::createHandler): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInitialFontWeight):
        (WebCore::StyleBuilderCustom::applyInheritFontWeight):
        (WebCore::StyleBuilderCustom::applyValueFontWeight):

2014-12-18  Grzegorz Czajkowski  <g.czajkowski@samsung.com>

        Internals methods return 0 instead of false when they fail
        https://bugs.webkit.org/show_bug.cgi?id=139766

        Reviewed by Darin Adler.

        Some Internals method explicitly return 0 although
        they expect boolean value.

        No new tests, no behavior change.

        * testing/Internals.cpp:
        (WebCore::Internals::hasSpellingMarker):
        (WebCore::Internals::hasAutocorrectedMarker):
        (WebCore::Internals::isOverwriteModeEnabled):
        (WebCore::Internals::hasGrammarMarker):
        Return false instead of 0.

2014-12-18  Chris Dumez  <cdumez@apple.com>

        [iOS] Log why cached resources are being revalidated using FeatureCounter API
        https://bugs.webkit.org/show_bug.cgi?id=139759
        <rdar://problem/19288177>

        Reviewed by Antti Koivisto.

        Log why cached resources are being revalidated using FeatureCounter API.
        Also log if revalidation is successful or not.

        No new tests, no behavior change.

        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::willSendRequest):
        (WebCore::SubresourceLoader::didReceiveResponse):
        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::mustRevalidateDueToCacheHeaders):
        * loader/cache/CachedImage.h:
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::failBeforeStarting):
        (WebCore::CachedResource::mustRevalidateDueToCacheHeaders):
        * loader/cache/CachedResource.h:
        (WebCore::CachedResource::loader):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::determineRevalidationPolicy):
        * platform/FeatureCounterKeys.h:

2014-12-18  Antti Koivisto  <antti@apple.com>

        Remove alwaysUseBaselineOfPrimaryFont setting
        https://bugs.webkit.org/show_bug.cgi?id=139770

        Reviewed by Anders Carlsson.

        "FIXME: This is unneeded and should be removed."

        This iOS-only setting has no clients anymore.

        * page/Settings.in:
        * rendering/RootInlineBox.cpp:
        (WebCore::RootInlineBox::ascentAndDescentForBox):

2014-12-18  Radu Stavila  <stavila@adobe.com>

        [SVG Masking] Enable the use of <mask> elements for -webkit-mask-image
        https://bugs.webkit.org/show_bug.cgi?id=139294

        Reviewed by Simon Fraser.

        This patch links together all parts required for the functionality which improves 
        the -webkit-mask-image property by allowing it to reference a <mask> element defined 
        in an inline or external SVG document.
        Support for this new functionality has been added in a previous patch, under issue
        https://bugs.webkit.org/show_bug.cgi?id=139092. A more detailed description of how
        the new functionality works can be found in the ChangeLog for that commit.
        The containsSVGDocument in ScrollView has been removed because it was added in the
        previous patch but is no longer required.

        Tests: css3/masking/mask-base64.html
               css3/masking/mask-multiple-values.html
               css3/masking/mask-svg-clipped-fragmentId.html
               css3/masking/mask-svg-fragmentId.html
               css3/masking/mask-svg-inline-fragmentId.html
               css3/masking/mask-svg-inline-invalid-fragmentId.html
               css3/masking/mask-svg-invalid-fragmentId.html
               css3/masking/mask-svg-no-fragmentId-tiled.html
               css3/masking/mask-svg-no-fragmentId.html
               css3/masking/mask-svg-script-entire-svg-to-mask.html
               css3/masking/mask-svg-script-mask-to-entire-svg.html
               css3/masking/mask-svg-script-mask-to-none.html
               css3/masking/mask-svg-script-mask-to-png.html
               css3/masking/mask-svg-script-none-to-mask.html
               css3/masking/mask-svg-script-none-to-png.html
               css3/masking/mask-svg-script-png-to-mask.html
               css3/masking/mask-svg-script-png-to-none.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseFillShorthand):
        (WebCore::CSSParser::parseFillProperty):
        (WebCore::CSSParser::parseMaskImage):
        * css/CSSParser.h:
        * css/CSSValue.h:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustStyleForMaskImages):
        (WebCore::StyleResolver::applyMatchedProperties):
        (WebCore::StyleResolver::applyProperty):
        (WebCore::StyleResolver::loadPendingSVGDocuments):
        (WebCore::StyleResolver::createMaskImageOperations):
        (WebCore::StyleResolver::loadPendingImages):
        * css/StyleResolver.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::containsSVGDocument): Deleted.
        * page/FrameView.h:
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::blendFunc):
        (WebCore::MaskImagePropertyWrapper::MaskImagePropertyWrapper):
        (WebCore::MaskImagePropertyWrapper::equals):
        (WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):
        * platform/ScrollView.h:
        (WebCore::ScrollView::containsSVGDocument): Deleted.
        * platform/graphics/MaskImageOperation.cpp:
        (WebCore::MaskImageOperation::~MaskImageOperation):
        (WebCore::MaskImageOperation::operator==):
        * platform/graphics/MaskImageOperation.h:
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::maskClipRect):
        * rendering/RenderBox.h:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        (WebCore::RenderBoxModelObject::calculateFillTileSize):
        (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::~RenderElement):
        (WebCore::RenderElement::updateFillImages):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLayer.h:
        * rendering/RenderLayerMaskImageInfo.cpp:
        (WebCore::RenderLayer::MaskImageInfo::~MaskImageInfo):
        (WebCore::RenderLayer::MaskImageInfo::updateMaskImageClients):
        (WebCore::RenderLayer::MaskImageInfo::removeMaskImageClients):
        * rendering/RenderLayerMaskImageInfo.h:
        * rendering/style/FillLayer.cpp:
        (WebCore::FillLayer::hasImage):
        * rendering/style/FillLayer.h:
        (WebCore::FillLayer::image):
        (WebCore::FillLayer::imageOrMaskImage): Deleted.
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::setMaskImage):
        * rendering/style/RenderStyle.h:

2014-12-18  Antti Koivisto  <antti@apple.com>

        Stop returning GlyphPage from various Font functions
        https://bugs.webkit.org/show_bug.cgi?id=139627

        Reviewed by Darin Adler.

        Make all

            std::pair<GlyphData, GlyphPage*> glyphDataAndPage*(...)

        style functions to just return GlyphData only. The GlyphPage value was only used for an obscure SVG fallback case.

        * platform/graphics/Font.h:
        (WebCore::Font::glyphDataForCharacter):
        (WebCore::Font::glyphDataAndPageForCharacter): Deleted.
        * platform/graphics/FontGlyphs.cpp:
        (WebCore::glyphDataForCJKCharacterWithoutSyntheticItalic):
        (WebCore::glyphDataForNonCJKCharacterWithGlyphOrientation):
        (WebCore::FontGlyphs::glyphDataForSystemFallback):
        (WebCore::FontGlyphs::glyphDataForVariant):
        (WebCore::FontGlyphs::glyphDataForCharacter):
        (WebCore::glyphDataAndPageForCJKCharacterWithoutSyntheticItalic): Deleted.
        (WebCore::glyphDataAndPageForNonCJKCharacterWithGlyphOrientation): Deleted.
        (WebCore::FontGlyphs::glyphDataAndPageForSystemFallback): Deleted.
        (WebCore::FontGlyphs::glyphDataAndPageForVariant): Deleted.
        (WebCore::FontGlyphs::glyphDataAndPageForCharacter): Deleted.
        * platform/graphics/FontGlyphs.h:
        (WebCore::FontGlyphs::GlyphPagesStateSaver::GlyphPagesStateSaver): Deleted.
        (WebCore::FontGlyphs::GlyphPagesStateSaver::~GlyphPagesStateSaver): Deleted.

            No longer needed.

        * rendering/svg/SVGTextRunRenderingContext.cpp:
        (WebCore::SVGTextRunRenderingContext::glyphDataForCharacter):

            Simplify by not trying to resolve fallbacks in case context sensitive (based on lang attribute etc)
            glyph selection fails. Instead just fall back to a default font. This behavior is not specified
            anywhere as far as I can see. (normal non-context sensitive fallbacks will still work fine).
            This removes the need to hackishly mutate glyph pages.

            Also fix a bug where we didn't use the specified missing glyph when context sensitive selection failed.

2014-12-18  Chris Dumez  <cdumez@apple.com>

        Move 'list-style-image' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=139763

        Reviewed by Antti Koivisto.

        Move 'list-style-image' CSS property to the new StyleBuilder
        by reusing an existing Converter helper and renaming it for
        clarity.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyStyleImage::applyValue): Deleted.
        (WebCore::ApplyPropertyStyleImage::createHandler): Deleted.
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertStyleImage):
        (WebCore::StyleBuilderConverter::convertBorderImageSource): Deleted.

2014-12-17  Csaba Osztrogonác  <ossy@webkit.org>

        URTBF after r177452.
        https://bugs.webkit.org/show_bug.cgi?id=139752

        * CMakeLists.txt:

2014-12-17  Andreas Kling  <akling@apple.com>

        Ref-ify Range::create().
        <https://webkit.org/b/139755>

        Reviewed by Anders Carlsson.

        * dom/Document.cpp:
        (WebCore::acceptsEditingFocus):
        * dom/Element.cpp:
        (WebCore::Element::innerText):
        * dom/Range.cpp:
        (WebCore::Range::create):
        (WebCore::Range::cloneRange):
        (WebCore::rangeOfContents):
        * dom/Range.h:
        * editing/AlternativeTextController.cpp:
        (WebCore::AlternativeTextController::applyAlternativeTextToRange):
        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::replaceTextInNodePreservingMarkers):
        * editing/VisibleUnits.cpp:
        (WebCore::charactersAroundPosition):
        * editing/markup.cpp:
        (WebCore::StyledMarkupAccumulator::renderedText):
        * page/FocusController.cpp:
        (WebCore::relinquishesEditingFocus):

2014-12-17  Dan Bernstein  <mitz@apple.com>

        <rdar://problem/19282508> WebKitLegacy is unusable due to bad dylib identifier
        https://bugs.webkit.org/show_bug.cgi?id=139760

        Reviewed by Anders Carlsson.

        * Configurations/WebCore.xcconfig:

2014-12-17  Anders Carlsson  <andersca@apple.com>

        Get rid of FrameLoader::defaultObjectContentType
        https://bugs.webkit.org/show_bug.cgi?id=139758

        Reviewed by Geoffrey Garen.

        Move the FrameLoader::defaultObjectContentType implementation to its only caller in WebKit/win.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::defaultObjectContentType): Deleted.
        * loader/FrameLoader.h:

2014-12-17  peavo@outlook.com  <peavo@outlook.com>

        [Curl] Compile error, setWasCached method has been removed.
        https://bugs.webkit.org/show_bug.cgi?id=139737

        Reviewed by Alex Christensen.

        The ResourceResponseBase::setWasCached() method has been replaced
        with ResourceResponseBase::setSource().

        * platform/network/curl/CurlCacheEntry.cpp:
        (WebCore::CurlCacheEntry::setResponseFromCachedHeaders):

2014-12-17  Chris Dumez  <cdumez@apple.com>

        [iOS] Make it possible to toggle FeatureCounter support at runtime
        https://bugs.webkit.org/show_bug.cgi?id=139688
        <rdar://problem/19266254>

        Reviewed by Andreas Kling.

        Make it possible to toggle FeatureCounter support at runtime by adding
        a setting (disabled by default) and moving the API to a new
        FeatureCounter class under WebCore/plattorm which only logs if the
        setting is enabled. For privacy reasons, FeatureCounter logging is also
        disabled for private / ephemeral sessions.

        No new tests, no behavior change.

        * CMakeLists.txt:
        * Configurations/WebCore.xcconfig:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * history/PageCache.cpp:
        (WebCore::logCanCacheFrameDecision):
        (WebCore::logCanCachePageDecision):
        * page/Settings.in:
        * platform/FeatureCounter.cpp: Renamed from Source/WTF/wtf/FeatureCounter.cpp.
        (WebCore::FeatureCounter::shouldUseForPage):
        (WebCore::FeatureCounter::incrementKey):
        (WebCore::FeatureCounter::setKey):
        * platform/FeatureCounter.h: Renamed from Source/WTF/wtf/FeatureCounter.h.
        * platform/FeatureCounterKeys.h:
        * platform/ios/FeatureCounter.mm: Renamed from Source/WTF/wtf/ios/FeatureCounter.mm.
        (WebCore::FeatureCounter::incrementKey):
        (WebCore::FeatureCounter::setKey):

2014-12-17  Anders Carlsson  <andersca@apple.com>

        Get rid of PluginPackageNone.cpp
        https://bugs.webkit.org/show_bug.cgi?id=139735

        Reviewed by Andreas Kling.

        * CMakeLists.txt:
        * PlatformEfl.cmake:
        * PlatformGTK.cmake:
        * PlatformWin.cmake:
        * plugins/PluginPackageNone.cpp: Removed.

2014-12-17  Andreas Kling  <akling@apple.com>

        Purge PassRefPtr from Frame.
        <https://webkit.org/b/139731>

        Reviewed by Anders Carlsson.

        Remove all use of PassRefPtr from the Frame class, instead using
        Ref or RefPtr as appropriate.

        * WebCore.exp.in:
        * loader/DocumentWriter.cpp:
        (WebCore::DocumentWriter::begin):
        * page/Frame.cpp:
        (WebCore::Frame::create):
        (WebCore::Frame::setView):
        (WebCore::Frame::setDocument):
        (WebCore::Frame::rangeForPoint):
        (WebCore::Frame::createView):
        * page/Frame.h:
        * xml/XSLTProcessor.cpp:
        (WebCore::XSLTProcessor::createDocumentFromSource):

2014-12-17  Myles C. Maxfield  <mmaxfield@apple.com>

        Test fix after r177444.

        Unreviewed.

        * accessibility/AccessibilitySlider.cpp:
        (WebCore::AccessibilitySliderThumb::elementRect):

2014-12-16  Myles C. Maxfield  <mmaxfield@apple.com>

        Addressing more post-review comments in r177035

        * accessibility/AccessibilitySlider.cpp:
        (WebCore::AccessibilitySliderThumb::elementRect):
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::setupDateTimeChooserParameters):

2014-12-17  Zan Dobersek  <zdobersek@igalia.com>

        [TexMap] Sprinkle range-based for-loops where still possible
        https://bugs.webkit.org/show_bug.cgi?id=138752

        Reviewed by Chris Dumez.

        Apply range-based for-loops where possible in the TextureMapper,
        TextureMapperGL and TextureMapperTiledBackingStore classes.

        Also prettify the loop in SharedGLData destructor and return
        nullptr instead of explicitly constructing the empty PassRefPtr
        object in TextureMapperTiledBackingStore::texture().

        * platform/graphics/texmap/TextureMapper.cpp:
        (WebCore::BitmapTexturePool::acquireTexture):
        * platform/graphics/texmap/TextureMapperGL.cpp:
        (WebCore::TextureMapperGLData::SharedGLData::~SharedGLData):
        (WebCore::TextureMapperGLData::~TextureMapperGLData):
        * platform/graphics/texmap/TextureMapperTiledBackingStore.cpp:
        (WebCore::TextureMapperTiledBackingStore::paintToTextureMapper):
        (WebCore::TextureMapperTiledBackingStore::drawBorder):
        (WebCore::TextureMapperTiledBackingStore::drawRepaintCounter):
        (WebCore::TextureMapperTiledBackingStore::createOrDestroyTilesIfNeeded):
        (WebCore::TextureMapperTiledBackingStore::updateContents):
        (WebCore::TextureMapperTiledBackingStore::texture):

2014-12-17  Radu Stavila  <stavila@adobe.com>

        The SVGDocument of an SVGImage should not perform any additional actions when the SVGImage is being destroyed
        https://bugs.webkit.org/show_bug.cgi?id=139644

        Reviewed by Antti Koivisto.

        When an SVGImage is destroyed, having its SVGDocument perform style recalc and dispatching events is not only
        useless but can also cause problems, such as re-entrancy in StyleResolver::loadPendingResources.

        No new tests required, existing tests cover this change.

        * dom/Document.cpp:
        (WebCore::Document::Document):
        * dom/Document.h:
        (WebCore::Document::isBeingDestroyed):
        (WebCore::Document::setIsBeingDestroyed):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::closeURL):
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::~SVGImage):

2014-12-17  Chris Dumez  <cdumez@apple.com>

        Drop useless 'clipToContents' argument for windowClipRect()
        https://bugs.webkit.org/show_bug.cgi?id=139722

        Reviewed by Darin Adler.

        Drop useless 'clipToContents' argument for windowClipRect(). This
        argument is never used.

        No new tests, no behavior change.

        * page/FrameView.cpp:
        (WebCore::FrameView::windowClipRect):
        * page/FrameView.h:
        * platform/ScrollView.h:

2014-12-16  Shivakumar JM  <shiva.jm@samsung.com>

        text node should not be created, On setting document.title to the empty string.
        https://bugs.webkit.org/show_bug.cgi?id=139121

        Reviewed by Darin Adler.

        Do not create text node, On setting document.title to the empty string as in spec.
        I have confirmed this matches the behavior of Firefox and Chrome.

        Test: fast/dom/Document/document-set-title-no-child.html

        * html/HTMLTitleElement.cpp:
        (WebCore::HTMLTitleElement::setText):

2014-12-16  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Move WebCore/platform/graphics/surfaces to std::unique_ptr
        https://bugs.webkit.org/show_bug.cgi?id=139641

        Reviewed by Andreas Kling.

        Replace OwnPtr|PassOwnPtr with std::make_unique<>|std::unique_ptr<>.

        * platform/graphics/GLContext.cpp:
        (WebCore::GLContext::sharingContext):
        (WebCore::GLContext::createContextForWindow):
        (WebCore::GLContext::createOffscreenContext):
        * platform/graphics/GLContext.h:
        * platform/graphics/GraphicsContext3DPrivate.cpp:
        (WebCore::GraphicsContext3DPrivate::paintToTextureMapper):
        * platform/graphics/GraphicsContext3DPrivate.h:
        * platform/graphics/egl/GLContextEGL.cpp:
        (WebCore::GLContextEGL::createWindowContext):
        (WebCore::GLContextEGL::createPbufferContext):
        (WebCore::GLContextEGL::createPixmapContext):
        (WebCore::GLContextEGL::createContext):
        * platform/graphics/egl/GLContextEGL.h:
        * platform/graphics/glx/GLContextGLX.cpp:
        (WebCore::GLContextGLX::createWindowContext):
        (WebCore::GLContextGLX::createPbufferContext):
        (WebCore::GLContextGLX::createPixmapContext):
        (WebCore::GLContextGLX::createContext):
        * platform/graphics/glx/GLContextGLX.h:
        * platform/graphics/surfaces/GLTransportSurface.cpp:
        (WebCore::GLTransportSurface::createTransportSurface):
        (WebCore::GLTransportSurfaceClient::createTransportSurfaceClient):
        * platform/graphics/surfaces/GLTransportSurface.h:
        * platform/graphics/surfaces/GraphicsSurface.h:
        * platform/graphics/surfaces/GraphicsSurfaceToken.h:
        * platform/graphics/surfaces/efl/GraphicsSurfaceCommon.cpp:
        * platform/graphics/surfaces/egl/EGLSurface.cpp:
        (WebCore::EGLTransportSurface::createTransportSurface):
        (WebCore::EGLTransportSurface::createTransportSurfaceClient):
        (WebCore::EGLTransportSurface::EGLTransportSurface):
        * platform/graphics/surfaces/egl/EGLSurface.h:
        * platform/graphics/surfaces/egl/EGLXSurface.cpp:
        (WebCore::EGLXTransportSurfaceClient::EGLXTransportSurfaceClient):
        * platform/graphics/surfaces/egl/EGLXSurface.h:
        * platform/graphics/surfaces/glx/GLXSurface.cpp:
        (WebCore::GLXTransportSurface::GLXTransportSurface):
        (WebCore::GLXOffScreenSurface::initialize):
        * platform/graphics/surfaces/glx/GLXSurface.h:

2014-12-16  Timothy Horton  <timothy_horton@apple.com>

        Implement and adopt two new TextIndicator presentation animations
        https://bugs.webkit.org/show_bug.cgi?id=139715
        <rdar://problem/19237945>

        Reviewed by Anders Carlsson.

        * WebCore.exp.in:
        Adjust one symbol and export another.

        * page/TextIndicator.cpp:
        (WebCore::TextIndicator::createWithSelectionInFrame):
        Take a blue-highlight snapshot if we're doing a crossfade without a bounce.

        * page/TextIndicator.h:
        (WebCore::TextIndicator::presentationTransition):
        Add FadeIn and Crossfade transition types.

        * page/mac/TextIndicatorWindow.h:
        * page/mac/TextIndicatorWindow.mm:
        (-[WebTextIndicatorView initWithFrame:textIndicator:margin:]):
        (createBounceAnimation):
        (createContentCrossfadeAnimation):
        (createShadowFadeAnimation):
        (createFadeInAnimation):
        (-[WebTextIndicatorView _textIndicatorWantsBounce]):
        (-[WebTextIndicatorView _textIndicatorWantsContentCrossfade]):
        (-[WebTextIndicatorView _textIndicatorWantsFadeIn]):
        Factor out the animation construction.

        (-[WebTextIndicatorView _animationDuration]):
        Factor out the duration computation.

        (-[WebTextIndicatorView present]):
        (-[WebTextIndicatorView setAnimationProgress:]):
        Implement FadeIn and Crossfade transitions.
        They can be driven externally and then continue from where they
        left off when the progress reaches 100%.
        FadeIn changes the opacity of the whole bubble, Crossfade
        crossfades the content (from blue to yellow).

        (WebCore::TextIndicatorWindow::TextIndicatorWindow):
        (WebCore::TextIndicatorWindow::~TextIndicatorWindow):
        Don't immediately destroy the window if it is crossfades or fades in.
        Fade it out, instead.

        (WebCore::TextIndicatorWindow::setAnimationProgress):
        Drive the paused animation manually. If progress hits 100%,
        start running it automatically from where it last left off.

        (WebCore::TextIndicatorWindow::setTextIndicator):
        (WebCore::TextIndicatorWindow::startFadeOut):
        (-[WebTextIndicatorView presentWithCompletionHandler:]): Deleted.
        (WebCore::TextIndicatorWindow::startFadeOutTimerFired): Deleted.
        Remove the completion block from -present.

        * platform/spi/mac/NSImmediateActionGestureRecognizerSPI.h:
        Add some SPI.

2014-12-16  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Move WebCore/platform/image-decoders to std::unique_ptr<>
        https://bugs.webkit.org/show_bug.cgi?id=139668

        Reviewed by Andreas Kling.

        As a step to use std::unique_ptr<>, this patch replaces OwnPtr|PassOwnPtr with
        std::unique_ptr<> | std::make_unique<>.

        * platform/image-decoders/bmp/BMPImageDecoder.cpp:
        (WebCore::BMPImageDecoder::setFailed):
        (WebCore::BMPImageDecoder::decode):
        (WebCore::BMPImageDecoder::decodeHelper):
        * platform/image-decoders/bmp/BMPImageDecoder.h:
        * platform/image-decoders/gif/GIFImageDecoder.cpp:
        (WebCore::GIFImageDecoder::setFailed):
        (WebCore::GIFImageDecoder::gifComplete):
        (WebCore::GIFImageDecoder::decode):
        * platform/image-decoders/gif/GIFImageDecoder.h:
        * platform/image-decoders/gif/GIFImageReader.cpp:
        (GIFFrameContext::decode):
        (GIFImageReader::addFrameIfNecessary):
        * platform/image-decoders/gif/GIFImageReader.h:
        * platform/image-decoders/ico/ICOImageDecoder.cpp:
        (WebCore::ICOImageDecoder::decode):
        (WebCore::ICOImageDecoder::decodeAtIndex):
        * platform/image-decoders/ico/ICOImageDecoder.h:
        * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
        (WebCore::JPEGImageDecoder::setFailed):
        (WebCore::JPEGImageDecoder::decode):
        * platform/image-decoders/jpeg/JPEGImageDecoder.h:
        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageDecoder::setFailed):
        (WebCore::PNGImageDecoder::decode):
        * platform/image-decoders/png/PNGImageDecoder.h:

2014-12-16  Andreas Kling  <akling@apple.com>

        Use Ref for SecurityOrigin.
        <https://webkit.org/b/139710>

        Reviewed by Anders Carlsson.

        Make SecurityOrigin::create*() return Ref<SecurityOrigin>.

        * html/HTMLAnchorElement.cpp:
        (WebCore::HTMLAnchorElement::origin):
        * loader/DocumentLoadTiming.cpp:
        (WebCore::DocumentLoadTiming::addRedirect):
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::willSendRequest):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::commitProvisionalLoad):
        * loader/PingLoader.cpp:
        (WebCore::PingLoader::sendPing):
        * loader/appcache/ApplicationCacheHost.cpp:
        (WebCore::ApplicationCacheHost::isApplicationCacheBlockedForRequest):
        * loader/appcache/ApplicationCacheStorage.cpp:
        (WebCore::ApplicationCacheStorage::getOriginsWithCache):
        * page/ContentSecurityPolicy.cpp:
        (WebCore::stripURLForUseInReport):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::crossDomainAccessErrorMessage):
        * page/SecurityOrigin.cpp:
        (WebCore::getCachedOrigin):
        (WebCore::SecurityOrigin::create):
        (WebCore::SecurityOrigin::createUnique):
        (WebCore::SecurityOrigin::isolatedCopy):
        (WebCore::SecurityOrigin::canRequest):
        (WebCore::SecurityOrigin::createFromString):
        (WebCore::SecurityOrigin::maybeCreateFromDatabaseIdentifier):
        (WebCore::SecurityOrigin::createFromDatabaseIdentifier):
        * page/SecurityOrigin.h:
        * page/SecurityPolicy.cpp:
        (WebCore::SecurityPolicy::isAccessToURLWhiteListed):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::hasSingleSecurityOrigin):
        * storage/StorageTracker.cpp:
        (WebCore::StorageTracker::deleteOriginWithIdentifier):
        * workers/DefaultSharedWorkerRepository.cpp:
        (WebCore::DefaultSharedWorkerRepository::connectToWorker):
        * workers/WorkerThread.cpp:
        (WebCore::WorkerThreadStartupData::WorkerThreadStartupData):

2014-12-16  Chris Dumez  <cdumez@apple.com>

        Move 'cursor' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=139660

        Reviewed by Benjamin Poulain.

        Move 'cursor' CSS property to the new StyleBuilder by using
        custom code.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyCursor::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyCursor::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyCursor::applyValue): Deleted.
        (WebCore::ApplyPropertyCursor::createHandler): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInitialCursor):
        (WebCore::StyleBuilderCustom::applyInheritCursor):
        (WebCore::StyleBuilderCustom::applyValueCursor):

2014-12-16  Zalan Bujtas  <zalan@apple.com>

        Subpixel rendering: Animating HTML elements leaves trails when embedded to a subpxiel positioned iframe.
        https://bugs.webkit.org/show_bug.cgi?id=139691
        rdar://problem/19078958

        Reviewed by Simon Fraser.

        This patch ensures that repaint rect and actual paint coordinate calculations are in sync.

        RenderWidget painting still snaps final coordinates to integral positions. We need to
        mimic the same snapping behaviour when the repaint rects are being calculated so that
        they are in sync with the final repaint rects. This is a workaround until after
        widgets get pushed to device pixel positions.

        Test: fast/repaint/hidpi-content-inside-iframe-leaves-trails.html

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::computeRectForRepaint):
        * rendering/RenderView.cpp:
        (WebCore::RenderView::repaintViewRectangle):
        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::paintContents):

2014-12-16  Beth Dakin  <bdakin@apple.com>

        REGRESSION: Preview popovers obscure the link, look wrong
        https://bugs.webkit.org/show_bug.cgi?id=139711
        -and corresponding-
        rdar://problem/19271854

        Reviewed by Tim Horton.

        New SPI.
        * WebCore.xcodeproj/project.pbxproj:
        * platform/spi/mac/NSPopoverSPI.h: Added.

2014-12-16  Myles C. Maxfield  <mmaxfield@apple.com>

        [iOS] Cherokee language is drawn as boxes
        https://bugs.webkit.org/show_bug.cgi?id=139706

        Reviewed by Simon Fraser.

        Test: platform/ios-simulator/fast/text/cherokee.html

        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::languageSpecificFallbackFont):

2014-12-16  Enrica Casucci  <enrica@apple.com>

        Fix iOS builders for 8.0
        https://bugs.webkit.org/show_bug.cgi?id=139495

        Reviewed by Jer Noble

        * WebCore.exp.in:
        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (-[WebVideoFullscreenController enterFullscreen:mode:]):
        (-[WebVideoFullscreenController requestHideAndExitFullscreen]):
        (-[WebVideoFullscreenController enterFullscreen:]): Deleted.
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:

2014-12-16  Myles C. Maxfield  <mmaxfield@apple.com>

        Ruby overhang uses ints instead of floats
        https://bugs.webkit.org/show_bug.cgi?id=139624

        Reviewed by Dave Hyatt.

        Simply change the type.

        Updated existing tests.

        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlockFlow::setMarginsForRubyRun):
        * rendering/RenderRubyRun.cpp:
        (WebCore::RenderRubyRun::getOverhang):
        * rendering/RenderRubyRun.h:
        * rendering/line/LineWidth.cpp:
        (WebCore::LineWidth::applyOverhang):

2014-12-16  Gavin Barraclough  <barraclough@apple.com>

        Move Mac process suppression from WebCore to WebKit2
        https://bugs.webkit.org/show_bug.cgi?id=139705

        Reviewed by Geoff Garen.

        Currently PageThrottler constructs the PageActivityState, holds a copy of the ViewState,
        and an optional UserActivity.

        Instead, still construct the PageActivityState but just pass this out via the Page to WebPage.
        Logic From PageThrottler::updateUserActivity merged into WebPage::updateUserActivity.

        * WebCore.exp.in:
            - removed createUserActivity.
        * page/ChromeClient.h:
        (WebCore::ChromeClient::setPageActivityState):
            - added to propagate PageActivityState to WebPage.
        * page/Page.cpp:
        (WebCore::Page::Page):
            - PageThrottler constructor now takes a Page&.
        (WebCore::Page::setViewState):
            - no longer necessary to pass this to PageThrottler.
        (WebCore::Page::setPageActivityState):
            - added to propagate PageActivityState to WebPage.
        (WebCore::Page::enablePageThrottler): Deleted.
            - PageThrottler no longer has a UserActivity.
        * page/Page.h:
        (WebCore::Page::pageThrottler):
            - added setPageActivityState, removed enablePageThrottler.
        * page/PageThrottler.cpp:
        (WebCore::PageThrottler::PageThrottler):
            - removed m_viewState, added m_page.
        (WebCore::PageThrottler::setActivityFlag):
            - propagate PageActivityState via Page to WebPage.
        (WebCore::PageThrottler::createUserActivity): Deleted.
        (WebCore::PageThrottler::updateUserActivity): Deleted.
        (WebCore::PageThrottler::setViewState): Deleted.
            - removed; PageThrottler no longer has a PageThrottler or UserActivity.
        * page/PageThrottler.h:
            - removed createUserActivity, setViewState, m_viewState, m_activity; added m_page.

2014-12-16  Jer Noble  <jer.noble@apple.com>

        Unreviewed build fix after r177375; explicitly cast to NSUInteger.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::setAudioMediaSelectionOptions):
        (WebVideoFullscreenInterfaceAVKit::setLegibleMediaSelectionOptions):

2014-12-16  peavo@outlook.com  <peavo@outlook.com>

        [Win] Compiling WebCore fails because of invalid project file.
        https://bugs.webkit.org/show_bug.cgi?id=139686

        Reviewed by Alex Christensen.

        A WebCore project file contains illegal characters.

        * WebCore.vcxproj/WebCore.vcxproj.filters:

2014-12-16  Gavin Barraclough  <barraclough@apple.com>

        Introduce PageActivityState
        https://bugs.webkit.org/show_bug.cgi?id=139687

        Reviewed by Anders Carlsson.

        Add a bitfield to track each of the activities on the page separately.
        Split the hysteresis & counters so we can track these separately.

        * page/PageThrottler.cpp:
        (WebCore::PageThrottler::PageThrottler):
            - initialze new hysteresis, counters; closures call setActivityFlag.
        (WebCore::PageThrottler::mediaActivityToken):
        (WebCore::PageThrottler::pageLoadActivityToken):
            - split m_pageActivityCounter -> m_mediaActivityCounter, m_pageLoadActivityCounter.
        (WebCore::PageThrottler::updateUserActivity):
            - use m_activityState to check for activity.
        (WebCore::PageThrottler::setActivityFlag):
            - helper to clear/set a bit in m_activityState, and call updateUserActivity as necessary.
        * page/PageThrottler.h:
        (WebCore::PageThrottler::didReceiveUserInput):
        (WebCore::PageThrottler::pluginDidEvaluateWhileAudioIsPlaying):
            - split m_hysteresis -> m_userInputHysteresis, m_audiblePluginHysteresis

2014-12-16  Myles C. Maxfield  <litherum@gmail.com>

        Ruby does not preserve expansion opportunities from enclosing context
        https://bugs.webkit.org/show_bug.cgi?id=139618

        Reviewed by David Hyatt.

        There is currently no sharing of expansion opportunity information between
        ruby bases and the text surrounding the ruby. This patch adds a bit on
        RenderText, m_contentIsKnownToFollow, which affects how expansion
        opportunities are handled at paint-time, as well as a bit on RenderRubyBase,
        m_isAfterExpansion, which affects how expansions are calculated when laying
        out a line. This patch also adds a field to RenderRubyBase which represents
        the base's starting position within a ruby. This field is necessary because
        an expansion from a line might occur at the very beginning of a ruby base,
        so we have to remember some state from expansion time to RenderRubyBase
        layout time.

        Added more tests to fast/ruby/ruby-justification.html.

        * rendering/InlineBox.h:
        (WebCore::InlineBox::setExpansionWithoutGrowing):
        (WebCore::InlineBox::expansion):
        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::removeChild): Keep the bit on InlineTextBox up to
        date.
        (WebCore::InlineFlowBox::placeBoxRangeInInlineDirection): Set expansion
        information in InlineFlowBoxes so the total expansion for a whole line
        is held in the RootInlineBox's expansion.
        * rendering/InlineTextBox.h:
        (WebCore::InlineTextBox::expansionBehavior):
        * rendering/RenderBlockFlow.h:
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlockFlow::updateRubyForJustifiedText):
        updateRubyForJustifiedText() had a bunch of problems with it. First of all,
        it didn't actually set the InlineBoxes as dirty, so the second layout pass
        sometimes wouldn't perform any updates. Secondarily, it didn't take
        overhangs into account. Thirdly, it didn't mark the ruby base and text as
        needing layout so that subsequent layouts would actually traverse into them.
        (WebCore::RenderBlockFlow::computeExpansionForJustifiedText):
        (WebCore::RenderBlockFlow::computeInlineDirectionPositionsForSegment):
        This nested if triangle is super nasty, but I'm not sure of a better way to
        write it.
        (WebCore::updateRubyForJustifiedText): Deleted.
        (WebCore::computeExpansionForJustifiedText): Deleted.
        * rendering/RenderRubyBase.cpp:
        (WebCore::RenderRubyBase::RenderRubyBase):
        (WebCore::RenderRubyBase::adjustInlineDirectionLineBounds):
        * rendering/RenderRubyBase.h:
        * rendering/RenderRubyRun.cpp:
        (WebCore::RenderRubyRun::layout):
        * rendering/RenderText.cpp:
        (WebCore::RenderText::RenderText):
        * rendering/RenderText.h:
        (WebCore::RenderText::contentIsKnownToFollow):
        (WebCore::RenderText::setContentIsKnownToFollow):

2014-12-16  Jer Noble  <jer.noble@apple.com>

        [iOS] Crash in WebKit::WebPageProxy::dispatchViewStateChange() tapping a link from another app while playing a video
        https://bugs.webkit.org/show_bug.cgi?id=139550

        Reviewed by Anders Carlsson.

        The existing "dispatch to WebThread, then release" model is insufficient and still
        can result in RefPtr race conditions between the main thread and the web thread.
        Make WebVideoFullscreenInterfaceAVKit a thread-safe ref-counted class, which
        eliminates the necessity of disptaching back to the web thread before releasing.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::setDuration): Use a strongThis model.
        (WebVideoFullscreenInterfaceAVKit::setCurrentTime): Ditto.
        (WebVideoFullscreenInterfaceAVKit::setRate): Ditto.
        (WebVideoFullscreenInterfaceAVKit::setVideoDimensions): Ditto.
        (WebVideoFullscreenInterfaceAVKit::setSeekableRanges): Ditto.
        (mediaSelectionOptions): Return a RetainPtr object.
        (WebVideoFullscreenInterfaceAVKit::setAudioMediaSelectionOptions): Use a strongThis model.
        (WebVideoFullscreenInterfaceAVKit::setLegibleMediaSelectionOptions): Ditto.
        (WebVideoFullscreenInterfaceAVKit::setExternalPlayback): Ditto.
        (WebVideoFullscreenInterfaceAVKit::setupFullscreen): Ditto.
        (WebVideoFullscreenInterfaceAVKit::enterFullscreen): Ditto.
        (WebVideoFullscreenInterfaceAVKit::exitFullscreen): Ditto.
        (WebVideoFullscreenInterfaceAVKit::cleanupFullscreen): Ditto.
        (WebVideoFullscreenInterfaceAVKit::setupFullscreenInternal): Added utility
            function. Lets us use the implied this pointer rather than an explicit
            strongThis.
        (WebVideoFullscreenInterfaceAVKit::enterFullscreenOptimized): Ditto.
        (WebVideoFullscreenInterfaceAVKit::enterFullscreenStandard): Ditto.
        (WebVideoFullscreenInterfaceAVKit::exitFullscreenInternal): Ditto.
        (WebVideoFullscreenInterfaceAVKit::cleanupFullscreenInternal): Ditto.
        (WebVideoFullscreenInterfaceAVKit::requestHideAndExitFullscreen): Use a strongThis model.

2014-12-16  Ryosuke Niwa  <rniwa@webkit.org>

        Nested template contents are not cloned by document.importNode
        https://bugs.webkit.org/show_bug.cgi?id=137619

        Reviewed by Andreas Kling.

        The bug was caused by Document.importNode not cloning HTMLTemplateElement's content.

        Fixed the bug by sharing code between Document::importNode and Node::cloneNode by
        generalizing Node::cloneNodeInternal, added in r177314, by taking the owner document
        as an argument. The most of code changes are the result of adding this argument.

        Document::importNode is the only function in which the actual logic changes.
        Note that the code to import TEXT_NODE, CDATA_SECTION_NODE, ENTITY_REFERENCE_NODE,
        PROCESSING_INSTRUCTION_NODE and COMMENT_NODE nodes are identical to that of cloneNode.

        This patch removes the call to hasValidNamespaceForElements in ELEMENT_NODE but this
        should not introduce an observable behavior change since all instantiated elements
        should have a valid namespace in the first place.

        Because DOCUMENT_NODE and DOCUMENT_TYPE_NODE cannot be imported and DOCUMENT_TYPE_NODE
        can only appear as a direct child of DOCUMENT_NODE, neither nodes nor unimplemented
        XPATH_NAMESPACE_NODE and XPATH_NAMESPACE_NODE can appear inside the recursive calls
        for ELEMENT_NODE and DOCUMENT_FRAGMENT_NODE nodes.

        While importNode behaves differently from cloneNode for ATTRIBUTE_NODE, namely that
        it merges all of its child nodes, this behavior isn't present when recursing inside
        ELEMENT_NODE and DOCUMENT_FRAGMENT_NODE since we are using cloneDataFromElement.

        Thus there should be no observable behavior changes for DOCUMENT_FRAGMENT_NODE and
        ELEMENT_NODE nodes either.

        Test: fast/dom/HTMLTemplateElement/importNode-nested-templates.html

        * dom/Attr.cpp:
        (WebCore::Attr::cloneNodeInternal):
        * dom/Attr.h:
        * dom/CDATASection.cpp:
        (WebCore::CDATASection::cloneNodeInternal):
        * dom/CDATASection.h:
        * dom/Comment.cpp:
        (WebCore::Comment::cloneNodeInternal):
        * dom/Comment.h:
        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::cloneChildNodes):
        * dom/Document.cpp:
        (WebCore::Document::importNode):
        (WebCore::Document::cloneNodeInternal):
        * dom/Document.h:
        * dom/DocumentFragment.cpp:
        (WebCore::DocumentFragment::cloneNodeInternal):
        * dom/DocumentFragment.h:
        * dom/DocumentType.cpp:
        (WebCore::DocumentType::cloneNodeInternal):
        * dom/DocumentType.h:
        * dom/Element.cpp:
        (WebCore::Element::cloneNodeInternal):
        (WebCore::Element::cloneElementWithChildren):
        (WebCore::Element::cloneElementWithoutChildren):
        (WebCore::Element::cloneElementWithoutAttributesAndChildren):
        * dom/Element.h:
        * dom/EntityReference.cpp:
        (WebCore::EntityReference::cloneNodeInternal):
        * dom/EntityReference.h:
        * dom/Node.h:
        (WebCore::Node::cloneNode):
        * dom/ProcessingInstruction.cpp:
        (WebCore::ProcessingInstruction::cloneNodeInternal):
        * dom/ProcessingInstruction.h:
        * dom/ShadowRoot.cpp:
        (WebCore::ShadowRoot::cloneNodeInternal):
        * dom/ShadowRoot.h:
        * dom/Text.cpp:
        (WebCore::Text::cloneNodeInternal):
        * dom/Text.h:
        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::pushDownInlineStyleAroundNode):
        (WebCore::ApplyStyleCommand::applyInlineStyleChange):
        * editing/BreakBlockquoteCommand.cpp:
        (WebCore::BreakBlockquoteCommand::doApply):
        * editing/InsertParagraphSeparatorCommand.cpp:
        (WebCore::InsertParagraphSeparatorCommand::cloneHierarchyUnderNewBlock):
        (WebCore::InsertParagraphSeparatorCommand::doApply):
        * editing/ModifySelectionListLevel.cpp:
        (WebCore::IncreaseSelectionListLevelCommand::doApply):
        * editing/SplitElementCommand.cpp:
        (WebCore::SplitElementCommand::doApply):
        * editing/markup.cpp:
        (WebCore::createFragmentFromText):
        * html/HTMLKeygenElement.cpp:
        * html/HTMLScriptElement.cpp:
        (WebCore::HTMLScriptElement::cloneElementWithoutAttributesAndChildren):
        * html/HTMLScriptElement.h:
        * html/HTMLTemplateElement.cpp:
        (WebCore::HTMLTemplateElement::cloneNodeInternal):
        * html/HTMLTemplateElement.h:
        * html/shadow/SliderThumbElement.cpp:
        (WebCore::SliderThumbElement::cloneElementWithoutAttributesAndChildren):
        * html/shadow/SliderThumbElement.h:
        * html/track/WebVTTElement.cpp:
        (WebCore::WebVTTElement::cloneElementWithoutAttributesAndChildren):
        * html/track/WebVTTElement.h:
        * svg/SVGScriptElement.cpp:
        (WebCore::SVGScriptElement::cloneElementWithoutAttributesAndChildren):
        * svg/SVGScriptElement.h:
        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::buildShadowTree):
        (WebCore::SVGUseElement::expandUseElementsInShadowTree):

2014-12-16  Tibor Meszaros  <tmeszaros.u-szeged@partner.samsung.com>

        Document.contentType implementation
        https://bugs.webkit.org/show_bug.cgi?id=132269

        Reviewed by Darin Adler.

        Chromium merge from https://codereview.chromium.org/151653004

        Tests: fast/dom/document-contentType-DOMParser.html
               fast/dom/document-contentType-createDocument.html
               fast/dom/document-contentType-data-uri.html
               fast/xsl/xslt-contentType.html
               http/tests/dom/document-contentType-meta.html
               http/tests/dom/document-contentType-xhr.html
               http/tests/dom/document-contentType.html

        * dom/Document.cpp:
        (WebCore::Document::overrideMIMEType):
        (WebCore::Document::contentType):
        (WebCore::Document::cloneDataFromDocument):
        * dom/Document.h:
        * dom/Document.idl:
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::currentContentType):
        * loader/DocumentLoader.h:
        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::responseXML):
        * xml/XSLTProcessor.cpp:
        (WebCore::XSLTProcessor::createDocumentFromSource):

2014-12-16  Anders Carlsson  <andersca@apple.com>

        Put some common code in StorageNamespaceProvider
        https://bugs.webkit.org/show_bug.cgi?id=139682

        Reviewed by Tim Horton.

        We have code in two places that gets the local storage area from a given document,
        choosing either the local storage namespace or the transient local storage namespace.
        Move it to StorageNamespaceProvider::localStorageArea.

        * bindings/js/ScriptController.cpp:
        * inspector/InspectorDOMStorageAgent.cpp:
        (WebCore::InspectorDOMStorageAgent::findStorageArea):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::localStorage):
        * page/Navigator.cpp:
        * storage/StorageNamespaceProvider.cpp:
        (WebCore::StorageNamespaceProvider::localStorageArea):
        (WebCore::StorageNamespaceProvider::localStorageNamespace):
        * storage/StorageNamespaceProvider.h:

2014-12-16  Anders Carlsson  <andersca@apple.com>

        Add FeatureCounterKeys.h to the Xcode project.

        * WebCore.xcodeproj/project.pbxproj:

2014-12-16  Chris Dumez  <cdumez@apple.com>

        REGRESSION (r163928): Animated GIFs are not resumed when translated into view using -webkit-transform
        https://bugs.webkit.org/show_bug.cgi?id=139672
        <rdar://problem/19260797>

        Reviewed by Antti Koivisto.

        After r163928, animated GIFs were not resumed when translated into view
        using '-webkit-transform' CSS property.

        This broke animated gifs on the mobile version of weibo.com (which is
        one of the most popular blogging sites in China) on iPhone. e.g.
        http://m.weibo.cn/page/tpl?containerid=1005052150182731_-_WEIBO_SECOND_PROFILE_WEIBO&itemid=&title=全部微博

        This patch calls FrameView::resumeVisibleImageAnimationsIncludingSubframes()
        after style recalc so that we resume animated images if they become visible
        after the style has changed. Doing so after layout wouldn't work because
        no layout happens in this case.

        Test: fast/images/animated-gif-webkit-transform.html

        * dom/Document.cpp:
        (WebCore::Document::recalcStyle):

2014-12-16  Sebastian Dröge  <sebastian@centricular.com>

        [GStreamer] Fix deadlock when shutting down AudioDestination
        https://bugs.webkit.org/show_bug.cgi?id=139496

        Reviewed by Philippe Normand.

        * platform/audio/gstreamer/WebKitWebAudioSourceGStreamer.cpp:
        (webKitWebAudioSrcLoop):
        (webKitWebAudioSrcChangeState):
        Sometimes we would wait forever for the task to shut down. This
        was happening because of a bug in GStreamer that caused joining
        a paused task to deadlock.

2014-12-15  Dhi Aurrahman  <diorahman@rockybars.com>

        Extend :lang()'s selector checker to handle ranges with '*' properly and perform matching within the ASCII range
        https://bugs.webkit.org/show_bug.cgi?id=139340

        Reviewed by Benjamin Poulain.

        Asterisk is considered as a valid subtag of a language range to express wildcard matching 
        in :lang()'s extended filtering procedure. The matching rules introduced by language 
        range with '*' is outlined in [1].

        The matching of subtags is performed case-insensitively within the ASCII range[2].

        [1] www.ietf.org/rfc/rfc4647.txt
        [2] http://dev.w3.org/csswg/selectors4/#the-lang-pseudo

        Test: fast/selectors/lang-equal-ignoring-case.html
              fast/selectors/lang-valid-extended-filtering.html

        * css/SelectorCheckerTestFunctions.h:
        (WebCore::equalIgnoringCaseWithinASCIIRange): Handle matching case-insensitively within the ASCII range.
        (WebCore::containslanguageSubtagMatchingRange):
        (WebCore::matchesLangPseudoClass):

2014-12-15  Chris Dumez  <cdumez@apple.com>

        [iOS] Add feature counting support
        https://bugs.webkit.org/show_bug.cgi?id=139652
        <rdar://problem/19255690>

        Reviewed by Gavin Barraclough.

        Use FeatureCounter API to log PageCache failure reasons
        as well as its success rate.

        No new tests, no behavior change.

        * history/PageCache.cpp:
        (WebCore::logCanCacheFrameDecision):
        (WebCore::logCanCachePageDecision):
        (WebCore::PageCache::canCache):
        * platform/FeatureCounterKeys.h: Added.

2014-12-15  Beth Dakin  <bdakin@apple.com>

        Speculative build fix.

        * platform/spi/mac/LookupSPI.h:

2014-12-15  Beth Dakin  <bdakin@apple.com>

        Speculative build fix.

        * platform/spi/mac/LookupSPI.h:

2014-12-15  Jer Noble  <jer.noble@apple.com>

        Switching src of <video> with clipping layer results in empty black square.
        https://bugs.webkit.org/show_bug.cgi?id=139650

        Reviewed by Simon Fraser.

        Test: compositing/video-clip-change-src.html

        When the contentsLayer changes after a contentsClippingLayer has already been created, make sure to parent the
        new contentsLayer, as updateRects() will only reparent when first creating a contentsClippingLayer.

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::setContentsToPlatformLayer):

2014-12-15  Beth Dakin  <bdakin@apple.com>

        Make lookup an immediate action instead of an action menu item
        https://bugs.webkit.org/show_bug.cgi?id=139661
        -and corresponding-
        rdar://problem/19198414

        Reviewed by Tim Horton.

        New SPI.
        * platform/spi/mac/LookupSPI.h:

2014-12-12  Anders Carlsson  <andersca@apple.com>

        Get rid of the DONT_FINALIZE_ON_MAIN_THREAD #define
        https://bugs.webkit.org/show_bug.cgi?id=139613

        Reviewed by Sam Weinig.

        * WebCore.exp.in:
        Update symbols.

        * WebCore.xcodeproj/project.pbxproj:
        Remove -Wno-deprecated-declarations from the WebCoreObjCExtras.mm build flags.

        * platform/mac/WebCoreObjCExtras.h:
        If OBJC_NO_GC is defined to 1, just make WebCoreObjCFinalizeOnMainThread a no-op inline function.

        * platform/mac/WebCoreObjCExtras.mm:
        (WebCoreObjCFinalizeOnMainThread):
        Move this to the .h file for easier inlining.

        (WebCoreObjCScheduleDeallocateOnMainThread):
        Use a lambda.

2014-12-15  Gavin Barraclough  <barraclough@apple.com>

        Separate counted and hysteresis activities in PageThrottler
        https://bugs.webkit.org/show_bug.cgi?id=139657

        Reviewed by Sam Weinig.

        Currently all activities funnel into a common hysteresis mechanism, the result of
        which is combined with the visually idle state, the result of which in turn drives
        a UserActivity::Impl.

        This is a first refactoring towards moving the UserActivity out to WebKit2. Use
        m_hysteresis only of the impulse activities (plugin evaluation, user input), and
        flatten the three types of activities (impulse, counted, ViewState) to all directly
        control a UserActivity. Switch from a UserActivity::Impl to a UserActivity since
        this will provide hysteresis for media activity.

        * page/PageThrottler.cpp:
        (WebCore::m_pageActivityCounter):
            - when the RefCounter changes just call updateUserActivity directly, removeed redundant call to updateUserActivity.
        (WebCore::PageThrottler::createUserActivity):
            - m_activity is now a UserActivity.
        (WebCore::PageThrottler::updateUserActivity):
            - previously just checked m_hysteresis for activity; now check m_pageActivityCounter too.
        (WebCore::PageThrottler::pageActivityCounterValueDidChange): Deleted.
            - no longer needed; when the RefCounter changes just call updateUserActivity directly.
        * page/PageThrottler.h:
            - removed pageActivityCounterValueDidChange, m_activity is now a UserActivity.

2014-12-15  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r177284.
        https://bugs.webkit.org/show_bug.cgi?id=139658

        "Breaks API tests and LayoutTests on Yosemite Debug"
        (Requested by msaboff on #webkit).

        Reverted changeset:

        "Make sure range based iteration of Vector<> still receives
        bounds checking"
        https://bugs.webkit.org/show_bug.cgi?id=138821
        http://trac.webkit.org/changeset/177284

2014-12-15  Ryosuke Niwa  <rniwa@webkit.org>

        cloneNode(true) does not clone nested template elements' contents
        https://bugs.webkit.org/show_bug.cgi?id=137755

        Reviewed by Darin Adler.

        The bug was caused by cloneChildNodes not copying template element's content.

        Fixed the bug by adding the third behavior (CloneContent) to the polymorphic
        cloneNodeInternal, which copies template element's content but not its children,
        in addition to the existing CloneSelf (deep=false) and CloneChildren (deep=true).

        Test: fast/dom/HTMLTemplateElement/cloneNode-nested-templates.html

        * dom/Attr.cpp:
        (WebCore::Attr::cloneNodeInternal): Renamed from cloneNode.
        * dom/Attr.h:
        * dom/CDATASection.cpp:
        (WebCore::CDATASection::cloneNodeInternal): Renamed from cloneNode.
        * dom/CDATASection.h:
        * dom/Comment.cpp:
        (WebCore::Comment::cloneNodeInternal): Renamed from cloneNode.
        * dom/Comment.h:
        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::cloneChildNodes): Calls cloneNode with CloneContent.
        * dom/Document.cpp:
        (WebCore::Document::cloneNodeInternal): Renamed from cloneNode.
        * dom/Document.h:
        * dom/DocumentFragment.cpp:
        (WebCore::DocumentFragment::cloneNodeInternal): Renamed from cloneNode.
        * dom/DocumentFragment.h:
        * dom/DocumentType.cpp:
        (WebCore::DocumentType::cloneNodeInternal): Renamed from cloneNode.
        * dom/DocumentType.h:
        * dom/Element.cpp:
        (WebCore::Element::cloneNodeInternal): Renamed from cloneNode.
        * dom/Element.h:
        * dom/EntityReference.cpp:
        (WebCore::EntityReference::cloneNodeInternal): Renamed from cloneNode.
        * dom/EntityReference.h:
        * dom/Node.h:
        (WebCore::Node::cloneNode): Added. It calls cloneNodeInternal with CloneSelf or CloneChildren.
        * dom/ProcessingInstruction.cpp:
        (WebCore::ProcessingInstruction::cloneNodeInternal): Renamed from cloneNode.
        * dom/ProcessingInstruction.h:
        * dom/ShadowRoot.cpp:
        (WebCore::ShadowRoot::cloneNodeInternal): Renamed from cloneNode. Also moved from ShadowRoot.h.
        * dom/ShadowRoot.h:
        * dom/Text.cpp:
        (WebCore::Text::cloneNodeInternal): Renamed from cloneNode.
        * dom/Text.h:
        * html/HTMLTemplateElement.cpp:
        (WebCore::HTMLTemplateElement::cloneNodeInternal): Renamed from cloneNode. This is the only
        function in which CloneContent results in a different behavior from CloneSelf.
        * html/HTMLTemplateElement.h:

2014-12-15  Benjamin Poulain  <bpoulain@apple.com>

        Unify the various serialization of selector list
        https://bugs.webkit.org/show_bug.cgi?id=139606

        Reviewed by Andreas Kling.

        There were code in various place to build a string from the selectors contained
        in a selecor list.

        This patch adds a single function to do that: buildSelectorsText(). All the call sites
        were modified to use it.

        The serialization of :-webkit-any() gets fixed as a result.

        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::selectorText):
        (WebCore::appendSelectorList): Deleted.
        * css/CSSSelectorList.cpp:
        (WebCore::CSSSelectorList::selectorsText):
        (WebCore::CSSSelectorList::buildSelectorsText):
        * css/CSSSelectorList.h:
        * css/CSSStyleRule.cpp:
        (WebCore::CSSStyleRule::generateSelectorText):
        * css/WebKitCSSRegionRule.cpp:
        (WebCore::WebKitCSSRegionRule::cssText):

2014-12-15  Antti Koivisto  <antti@apple.com>

        Try to fix iOS build.

        * WebCore.exp.in:

2014-12-15  Javier Fernandez  <jfernandez@igalia.com>

        Floats Don't Overhang Their Block Formatting Contex
        https://bugs.webkit.org/show_bug.cgi?id=139476

        Reviewed by David Hyatt.

        From Blink r172530 by <robhogan@gmail.com>

        Floats Don't Overhang Their Block Formatting Context Per
        http://www.w3.org/TR/CSS2/visuren.html#float-position: "References
        to [the elements] in the [rules that govern the behaviour of
        floats] refer only to other elements in the same block formatting
        context as the float."

        This means we don't need to look for intruding or overhanging
        floats in boxes that establish a new block formatting
        context. Even that we don't have a test breaking this rule it
        seems we are doing unnecessary work in
        rebuildFloatsFromIntruding() so make sure we avoid adding floats
        from different block formatting contexts.

        Test:
        fast/block/float/floats-do-not-overhang-from-block-formatting-context.html

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::addIntrudingFloats):

2014-12-15  Myles C. Maxfield  <mmaxfield@apple.com>

        Unreviewed build fix after r177301

        * html/ColorInputType.cpp:
        (WebCore::ColorInputType::elementRectRelativeToRootView):

2014-12-15  Timothy Horton  <timothy_horton@apple.com>

        Implement Data Detectors immediate actions for WebKit2
        https://bugs.webkit.org/show_bug.cgi?id=139617
        <rdar://problem/19198539>

        Reviewed by Beth Dakin.

        * platform/spi/mac/DataDetectorsSPI.h:
        Add some new SPI.

2014-12-12  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r168217): Images are cropped out during animation at jetblue.com
        https://bugs.webkit.org/show_bug.cgi?id=136410
        rdar://problem/18188533

        Reviewed by Dean Jackson.
        
        During GraphicsLayer flushing, for tiled layers we can compute a visible rect using
        the current state of an animation, which is obtained via the AnimationController.
        If that animation was running in a subframe, AnimationController could use a stale
        beginAnimationUpdateTime since no-one called its beginAnimationUpdate(). That
        resulted in an incorrect computation of the visible rect, resulting in missing tiles.
        
        There are two parts to this fix. First, add an assertion that beginAnimationUpdateTime()
        is being called inside an animation update block. This required moving m_beginAnimationUpdateCount
        into AnimationControllerPrivate, and changes to endAnimationUpdate().
        
        The second is adding a AnimationUpdateBlock to getAnimatedStyleForRenderer(), which
        can be called outside of style resolution. We also need some in other API functions.
        
        Testing revealed that layout can call via layoutOverflowRectForPropagation(), suggesting
        that we should have an animation batch inside FrameView::layout(). In addition, a single
        resolveStyle/layout should use the same animationBeginTime, so we add a batch to 
        updateLayoutAndStyleIfNeededRecursive().
        
        Identical to the patch that was rolled out in r177269 with the addition of a 
        Ref<Frame> protector(m_frame) in AnimationControllerPrivate::animationTimerFired()
        that ensures that the AnimationControllerPrivate is kept alive for the scope of
        the AnimationPrivateUpdateBlock, when a transitionEnd event destroys an iframe.
        
        No test because it's timing-dependent. Existing tests exercise the new assertion.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::computeRenderStyleForProperty):
        * page/FrameView.cpp:
        (WebCore::FrameView::layout):
        (WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive):
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationPrivateUpdateBlock::AnimationPrivateUpdateBlock):
        (WebCore::AnimationPrivateUpdateBlock::~AnimationPrivateUpdateBlock):
        (WebCore::AnimationControllerPrivate::AnimationControllerPrivate):
        (WebCore::AnimationControllerPrivate::animationTimerFired):
        (WebCore::AnimationControllerPrivate::suspendAnimationsForDocument):
        (WebCore::AnimationControllerPrivate::resumeAnimationsForDocument):
        (WebCore::AnimationControllerPrivate::beginAnimationUpdateTime):
        (WebCore::AnimationControllerPrivate::beginAnimationUpdate):
        (WebCore::AnimationControllerPrivate::endAnimationUpdate):
        (WebCore::AnimationControllerPrivate::getAnimatedStyleForRenderer):
        (WebCore::AnimationController::AnimationController):
        (WebCore::AnimationController::notifyAnimationStarted):
        (WebCore::AnimationController::pauseAnimationAtTime):
        (WebCore::AnimationController::pauseTransitionAtTime):
        (WebCore::AnimationController::resumeAnimationsForDocument):
        (WebCore::AnimationController::startAnimationsIfNotSuspended):
        (WebCore::AnimationController::beginAnimationUpdate):
        (WebCore::AnimationController::endAnimationUpdate):
        * page/animation/AnimationController.h:
        * page/animation/AnimationControllerPrivate.h:

2014-12-12  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r168217): Images are cropped out during animation at jetblue.com
        https://bugs.webkit.org/show_bug.cgi?id=136410

        Reviewed by Dean Jackson.

        We were hitting the new assertion under Page::setPageScaleFactor(), which
        calls recalcStyle(), so move the AnimationUpdateBlock from updateStyleIfNeeded()
        to recalcStyle().

        * dom/Document.cpp:
        (WebCore::Document::recalcStyle):
        (WebCore::Document::updateStyleIfNeeded):

2014-12-15  Myles C. Maxfield  <mmaxfield@apple.com>

        Addressing post-review comments in r177035
        https://bugs.webkit.org/show_bug.cgi?id=139557

        Reviewed by Darin Adler.

        This patch deletes the helper functions rendererBoundingBox() and rendererAnchorRect() and
        migrates callers to using renderers directly.

        It also improves the comment in RenderElement.h regarding RenderElement::anchorRect().

        No new tests because this is simply refactoring.

        * WebCore.exp.in: Delete exported symbol for rendererBoundingBox()
        * accessibility/AccessibilitySlider.cpp:
        (WebCore::AccessibilitySliderThumb::elementRect): Migrate off rendererBoundingBox()
        * dom/ContainerNode.cpp:
        (WebCore::rendererAnchorRect): Deleted.
        * dom/ContainerNode.h:
        * dom/Node.cpp:
        (WebCore::rendererBoundingBox): Deleted.
        * dom/Node.h:
        * html/ColorInputType.cpp:
        (WebCore::ColorInputType::elementRectRelativeToRootView): Migrate off rendererBoundingBox().
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::setupDateTimeChooserParameters): Ditto.
        * html/ValidationMessage.cpp:
        (WebCore::ValidationMessage::buildBubbleTree): Ditto.
        * page/FrameView.cpp:
        (WebCore::FrameView::scrollElementToRect): Migrate off rendererAnchorRect().
        (WebCore::FrameView::scrollToAnchor): Ditto.
        * page/SpatialNavigation.cpp:
        (WebCore::nodeRectInAbsoluteCoordinates): Migrate off rendererBoundingBox().
        * rendering/RenderElement.h:

2014-12-15  Myles C. Maxfield  <mmaxfield@apple.com>

        Delete Notation because we don't use it
        https://bugs.webkit.org/show_bug.cgi?id=139171

        Reviewed by Kent Tamura.

        No tests because this is un-exposing something that never gets instantiated.

        * CMakeLists.txt:
        * DerivedSources.cpp:
        * DerivedSources.make:
        * WebCore.exp.in:
        * WebCore.order:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/gobject/WebKitDOMNodeFilter.h:
        * bindings/gobject/WebKitDOMNodeFilter.symbols:
        * bindings/gobject/WebKitDOMPrivate.cpp:
        (WebKit::wrap):
        * bindings/gobject/webkitdom.symbols:
        * bindings/js/JSNodeCustom.cpp:
        (WebCore::createWrapperInline):
        * bindings/objc/DOM.mm:
        (kitClass):
        * bindings/objc/DOMCore.h:
        * bindings/objc/PublicDOMInterfaces.h:
        * dom/DOMAllInOne.cpp:
        * dom/Document.cpp:
        (WebCore::Document::importNode):
        (WebCore::Document::adoptNode):
        (WebCore::Document::childTypeAllowed):
        (WebCore::Document::canReplaceChild):
        * dom/Node.cpp:
        (WebCore::Node::dumpStatistics):
        (WebCore::Node::isDefaultNamespace):
        (WebCore::Node::lookupPrefix):
        (WebCore::Node::lookupNamespaceURI):
        (WebCore::appendTextContent):
        (WebCore::Node::setTextContent):
        * dom/Node.h:
        * dom/Node.idl:
        * dom/NodeFilter.h:
        * dom/NodeFilter.idl:
        * dom/Notation.cpp: Removed.
        * dom/Notation.h: Removed.
        * dom/Notation.idl: Removed.
        * dom/Range.cpp:
        (WebCore::lengthOfContentsInNode):
        (WebCore::Range::processContentsBetweenOffsets):
        (WebCore::Range::insertNode):
        (WebCore::Range::checkNodeWOffset):
        (WebCore::Range::checkNodeBA):
        (WebCore::Range::selectNode):
        (WebCore::Range::selectNodeContents):
        (WebCore::Range::surroundContents):
        * editing/MarkupAccumulator.cpp:
        (WebCore::MarkupAccumulator::appendStartMarkup):
        * xml/XPathUtil.cpp:
        (WebCore::XPath::isValidContextNode):

2014-12-15  Gavin Barraclough  <barraclough@apple.com>

        Change HysteresisActivity to use a lambda
        https://bugs.webkit.org/show_bug.cgi?id=139636

        Reviewed by Darin Adler.

        The current implementation provides notifications via callbacks to a delegate. Using a delegate
        with callbacks is limiting a number of ways. The callback names are very ambiguous, the callbacks
        must either be on a separate object (more boilerplate), or the callback must be public for
        HysteresisActivity to call them, or friends get involved. Without the boilerplate of extra
        delegate objects it's hard to scale use of these objects - a single object can't serve as a
        delegate for multiple HysteresisActivity members.

        Instead, make HysteresisActivity take a lambda to callback on state change. To simplify, changed
        HysteresisState to only track Started/Stopped states (removed WillStopPendingTimeout).

        * WebCore.exp.in:
            - removed exports of deleted functions.
        * page/PageThrottler.cpp:
        (WebCore::PageThrottler::PageThrottler):
            - m_hysteresis lambda calls updateUserActivity.
        (WebCore::PageThrottler::pageActivityCounterValueDidChange):
            - ASSERT updated due to removal of WillStopPendingTimeout state.
        (WebCore::PageThrottler::started): Deleted.
        (WebCore::PageThrottler::stopped): Deleted.
            - functionality replaced by lambda.
        * page/PageThrottler.h:
            - HysteresisActivity is no longer templated on delegate type, removed function declarations & friend.
        * platform/HysteresisActivity.h:
        (WebCore::HysteresisActivity::HysteresisActivity):
            - HysteresisActivity takes a lambda, not a delegate.
        (WebCore::HysteresisActivity::start):
            - delegate call -> callback.
        (WebCore::HysteresisActivity::state):
            - simplified to remove WillStopPendingTimeout.
        (WebCore::HysteresisActivity::hysteresisTimerFired):
            - delegate call -> callback.
        * platform/UserActivity.cpp:
        (WebCore::UserActivity::UserActivity):
            - HysteresisActivity lambda calls hysteresisUpdated.
        (WebCore::UserActivity::hysteresisUpdated):
        (WebCore::UserActivity::started): Deleted.
        (WebCore::UserActivity::stopped): Deleted.
            - started/stopped -> hysteresisUpdated.
        * platform/UserActivity.h:
            - started/stopped -> hysteresisUpdated, removed friend.

2014-12-15  Antti Koivisto  <antti@apple.com>

        WebKit level persistent caching
        https://bugs.webkit.org/show_bug.cgi?id=30322

        Reviewed by Sam Weinig.

        Test: http/tests/cache/disk-cache-validation.html

        * WebCore.exp.in:
        * inspector/InspectorResourceAgent.cpp:
        (WebCore::buildObjectForResourceResponse):
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::ResourceResponseBase::ResourceResponseBase):
        (WebCore::ResourceResponseBase::source):
        (WebCore::ResourceResponseBase::setSource):
        (WebCore::ResourceResponseBase::wasCached): Deleted.
        (WebCore::ResourceResponseBase::setWasCached): Deleted.

            Replace wasCached bit with Source enum.
            This is useful for testing.

        * platform/network/ResourceResponseBase.h:
        (WebCore::ResourceResponseBase::containsCertificateInfo):
        (WebCore::ResourceResponseBase::encode):
        (WebCore::ResourceResponseBase::decode):
        * testing/Internals.cpp:
        (WebCore::Internals::xhrResponseSource):
        (WebCore::Internals::clearMemoryCache):
        * testing/Internals.h:
        * testing/Internals.idl:

            Testing support.

        * xml/XMLHttpRequest.h:

2014-12-15  Andreas Kling  <akling@apple.com>

        Purge PassRefPtr from FocusEvent code.
        <https://webkit.org/b/139647>

        Reviewed by Anders Carlsson.

        Convert FocusEvent-related code from using PassRefPtr to using RefPtr&& instead.

        * dom/Document.cpp:
        (WebCore::Document::setFocusedElement):
        * dom/Element.cpp:
        (WebCore::Element::dispatchFocusInEvent):
        (WebCore::Element::dispatchFocusOutEvent):
        (WebCore::Element::dispatchFocusEvent):
        (WebCore::Element::dispatchBlurEvent):
        * dom/Element.h:
        * dom/FocusEvent.cpp:
        (WebCore::FocusEvent::FocusEvent):
        * dom/FocusEvent.h:
        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::dispatchBlurEvent):
        * html/HTMLFormControlElement.h:
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::dispatchFocusEvent):
        (WebCore::HTMLSelectElement::dispatchBlurEvent):
        * html/HTMLSelectElement.h:
        * html/HTMLTextFormControlElement.cpp:
        (WebCore::HTMLTextFormControlElement::dispatchFocusEvent):
        (WebCore::HTMLTextFormControlElement::dispatchBlurEvent):
        * html/HTMLTextFormControlElement.h:
        * page/FocusController.cpp:
        (WebCore::dispatchEventsOnWindowAndFocusedElement):

2014-12-15  Myles C. Maxfield  <mmaxfield@apple.com>

        [iOS] Codepoints not associated with languages are drawn as boxes
        https://bugs.webkit.org/show_bug.cgi?id=138906

        Reviewed by Darin Adler.

        Use SPI CTFontCreateForCharacters(), but only if we don't already know what to do
        with the characters.

        Test: platform/ios-simulator/fast/text/non-language-font-fallback.html

        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::FontCache::systemFallbackForCharacters):
        * platform/spi/cocoa/CoreTextSPI.h:

2014-12-15  Bem Jones-Bey  <bjonesbe@adobe.com>

        [CSS Shapes] Fix StyleBuilder code to use CSSValueNone to match spec and other code
        https://bugs.webkit.org/show_bug.cgi?id=139601

        Reviewed by Chris Dumez.

        Change the code to properly use CSSValueNone instead of CSSValueAuto.
        Asserts have been added to catch similar errors in the future.
        In doing this change, it became apparent that there is nothing
        special about the shape-outside property that requires custom code, so
        it was changed to use a standard converter function. 

        No change observable via LayoutTests.

        * css/CSSPropertyNames.in: Use a converter instead of custom code.
        * css/StyleBuilderConverter.h:
        (WebCore::isImageShape): Helper function so that isImageSetValue can
            be properly guarded.
        (WebCore::StyleBuilderConverter::convertShapeValue): Format as a
            converter instead of custom code.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyValueWebkitShapeOutside): Deleted.

2014-12-15  Oliver Hunt  <oliver@apple.com>

        Make sure range based iteration of Vector<> still receives bounds checking
        https://bugs.webkit.org/show_bug.cgi?id=138821

        Reviewed by Mark Lam.

        Update to deal with different iterator type.

        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneDeserializer::deserializeString):
        * editing/TextIterator.cpp:
        (WebCore::SearchBuffer::isBadMatch):
        * page/mac/ServicesOverlayController.mm:
        (WebCore::ServicesOverlayController::buildSelectionHighlight):
        * platform/graphics/SegmentedFontData.cpp:
        (WebCore::SegmentedFontData::fontDataForCharacter):
        (WebCore::SegmentedFontData::containsCharacter):
        (WebCore::SegmentedFontData::isLoading):
        * platform/graphics/WOFFFileFormat.cpp:
        (WebCore::convertWOFFToSfnt):
        * platform/graphics/cairo/GradientCairo.cpp:
        (WebCore::Gradient::platformGradient):
        * platform/image-decoders/gif/GIFImageDecoder.cpp:
        (WebCore::GIFImageDecoder::clearFrameBufferCache):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::paintFillLayers):
        * rendering/style/GridResolvedPosition.cpp:
        (WebCore::firstNamedGridLineBeforePosition):
        (WebCore::GridResolvedPosition::resolveRowEndColumnEndNamedGridLinePositionAgainstOppositePosition):
        * svg/SVGFontElement.cpp:
        (WebCore::kerningForPairOfStringsAndGlyphs):
        * svg/SVGPathByteStream.h:
        (WebCore::SVGPathByteStream::append):
        * xml/XPathNodeSet.h:
        (WebCore::XPath::NodeSet::begin):
        (WebCore::XPath::NodeSet::end):

2014-12-15  Chris Dumez  <cdumez@apple.com>

        Move '-webkit-text-decoration-skip' to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=139633

        Reviewed by Darin Adler.

        Move '-webkit-text-decoration-skip' to the new StyleBuilder by
        introducing a new TextDecorationSkip converter.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::valueToDecorationSkip): Deleted.
        (WebCore::ApplyPropertyTextDecorationSkip::applyValue): Deleted.
        (WebCore::ApplyPropertyTextDecorationSkip::createHandler): Deleted.
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::valueToDecorationSkip):
        (WebCore::StyleBuilderConverter::convertTextDecorationSkip):

2014-12-15  Bartlomiej Gajda  <b.gajda@samsung.com>

        [MSE] Prevent SourceBuffer monitoring algorithm from triggering a HAVE_NOTHING to HAVE_METADATA transition.
        https://bugs.webkit.org/show_bug.cgi?id=139444

        Reviewed by Jer Noble.

        In case of 2 SourceBuffers, there can be transition to HaveMetadata from monitorSourceBuffers,
        even though second SourceBuffer did not receive init segment - we can't query for it's metadata
        such as width/height (if second one was video), so we shouldn't fire the event.
        W3 Bug reference : https://www.w3.org/Bugs/Public/show_bug.cgi?id=27542

        Test: media/media-source/media-source-loadedmetada-with-two-sourcebuffers.html

        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::monitorSourceBuffers):
        * Modules/mediasource/SourceBuffer.h:
        * platform/mock/mediasource/MockMediaPlayerMediaSource.cpp:
        (WebCore::mimeTypeCache):

2014-12-15  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Move WebCore/platform/text to std::unique_ptr 
        https://bugs.webkit.org/show_bug.cgi?id=139395

        Reviewed by Darin Adler.

        As a step to use std::unique_ptr<>, this patch replaces OwnPtr|PassOwnPtr with
        std::unique_ptr<> | std::make_unique<>.

        * dom/Document.h:
        * platform/text/LineBreakIteratorPoolICU.h:
        (WebCore::LineBreakIteratorPool::LineBreakIteratorPool):
        (WebCore::LineBreakIteratorPool::create): Deleted.
        * platform/text/LocaleICU.cpp:
        (WebCore::Locale::create):
        (WebCore::LocaleICU::createLabelVector):
        (WebCore::createFallbackMonthLabels):
        (WebCore::createFallbackAMPMLabels):
        (WebCore::LocaleICU::initializeDateTimeFormat):
        (WebCore::LocaleICU::shortMonthLabels):
        (WebCore::LocaleICU::create): Deleted.
        (WebCore::LocaleICU::standAloneMonthLabels): Deleted.
        (WebCore::LocaleICU::shortStandAloneMonthLabels): Deleted.
        * platform/text/LocaleICU.h:
        * platform/text/LocaleNone.cpp:
        (WebCore::Locale::create):
        * platform/text/PlatformLocale.h:
        (WebCore::Locale::createDefault):
        * platform/text/TextCodecLatin1.cpp:
        * platform/text/TextCodecUTF16.cpp:
        * platform/text/TextEncoding.cpp:
        * platform/text/mac/LocaleMac.h:
        * platform/text/mac/LocaleMac.mm:
        (WebCore::Locale::create):
        (WebCore::LocaleMac::create):
        * platform/text/mac/TextCodecMac.cpp:
        * platform/text/win/LocaleWin.cpp:
        (WebCore::Locale::create):
        (WebCore::LocaleWin::create):
        * platform/text/win/LocaleWin.h:
        * platform/text/win/TextCodecWin.cpp:
        (WebCore::newTextCodecWin):

2014-12-15  Xavier Claessens  <xavier.claessens@collabora.com>

        [GStreamer] the webkitwebsrc element can stale
        https://bugs.webkit.org/show_bug.cgi?id=138425

        Reviewed by Philippe Normand.

        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (removeTimeoutSources):
        (webKitWebSrcStart):
        (webKitWebSrcChangeState):

2014-12-15  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        [GTK] Remove GamepadDeviceGtk::create()
        https://bugs.webkit.org/show_bug.cgi?id=139637

        Reviewed by Carlos Garcia Campos.

        std::make_unique<> can replace GamepadDeviceGtk::create() factory function.

        * platform/gtk/GamepadsGtk.cpp: Add "explicit" to GamepadsGtk constructor.
        (WebCore::GamepadsGtk::registerDevice):
        (WebCore::GamepadDeviceGtk::create): Deleted.

2014-12-15  Chris Dumez  <cdumez@apple.com>

        Move 'counter-increment' / 'counter-reset' to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=139635

        Reviewed by Antti Koivisto.

        Move 'counter-increment' / 'counter-reset' to the new StyleBuilder by
        using custom code.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyCounter::emptyFunction): Deleted.
        (WebCore::ApplyPropertyCounter::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyCounter::applyValue): Deleted.
        (WebCore::ApplyPropertyCounter::createHandler): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInitialCounterIncrement):
        (WebCore::StyleBuilderCustom::applyInitialCounterReset):
        (WebCore::StyleBuilderCustom::applyInheritCounter):
        (WebCore::StyleBuilderCustom::applyValueCounter):
        (WebCore::StyleBuilderCustom::applyInheritCounterIncrement):
        (WebCore::StyleBuilderCustom::applyValueCounterIncrement):
        (WebCore::StyleBuilderCustom::applyInheritCounterReset):
        (WebCore::StyleBuilderCustom::applyValueCounterReset):

2014-12-14  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r177238 and r177244.
        https://bugs.webkit.org/show_bug.cgi?id=139632

        Introduced memory corruption (Requested by ap on #webkit).

        Reverted changesets:

        "REGRESSION (r168217): Images are cropped out during animation
        at jetblue.com"
        https://bugs.webkit.org/show_bug.cgi?id=136410
        http://trac.webkit.org/changeset/177238

        https://bugs.webkit.org/show_bug.cgi?id=139596
        http://trac.webkit.org/changeset/177244

2014-12-14  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r177223 and r177226.
        https://bugs.webkit.org/show_bug.cgi?id=139631

        Multiple tests are flakily asserting in
        StyleResolver::loadPendingResources (Requested by ap_ on
        #webkit).

        Reverted changesets:

        "[SVG Masking] Enable the use of <mask> elements for -webkit-
        mask-image"
        https://bugs.webkit.org/show_bug.cgi?id=139294
        http://trac.webkit.org/changeset/177223

        "animations/cross-fade-webkit-mask-image.html is flaky"
        https://bugs.webkit.org/show_bug.cgi?id=139590
        http://trac.webkit.org/changeset/177226

2014-12-14  Andreas Kling  <akling@apple.com>

        Event construction helpers should return Ref instead of PassRefPtr.
        <https://webkit.org/b/139625>

        Reviewed by Antti Koivisto.

        Change all the FooEvent::create() construction helpers to return Ref<FooEvent>
        instead of PassRefPtr<FooEvent>.

        This allows the compiler to omit null checks at each call site, since we know
        that these functions always return valid objects.

        * Modules/airplay/WebKitPlaybackTargetAvailabilityEvent.h:
        (WebCore::WebKitPlaybackTargetAvailabilityEvent::create):
        * Modules/encryptedmedia/MediaKeyMessageEvent.h:
        (WebCore::MediaKeyMessageEvent::create):
        * Modules/encryptedmedia/MediaKeyNeededEvent.h:
        (WebCore::MediaKeyNeededEvent::create):
        * Modules/gamepad/GamepadEvent.h:
        (WebCore::GamepadEvent::create):
        * Modules/indexeddb/IDBVersionChangeEvent.h:
        (WebCore::IDBVersionChangeEvent::create):
        * Modules/indieui/UIRequestEvent.cpp:
        (WebCore::UIRequestEvent::create):
        * Modules/indieui/UIRequestEvent.h:
        * Modules/mediastream/MediaStreamEvent.cpp:
        (WebCore::MediaStreamEvent::create):
        * Modules/mediastream/MediaStreamEvent.h:
        * Modules/mediastream/MediaStreamTrackEvent.cpp:
        (WebCore::MediaStreamTrackEvent::create):
        * Modules/mediastream/MediaStreamTrackEvent.h:
        * Modules/mediastream/RTCDTMFToneChangeEvent.cpp:
        (WebCore::RTCDTMFToneChangeEvent::create):
        * Modules/mediastream/RTCDTMFToneChangeEvent.h:
        * Modules/mediastream/RTCDataChannelEvent.cpp:
        (WebCore::RTCDataChannelEvent::create):
        * Modules/mediastream/RTCDataChannelEvent.h:
        * Modules/mediastream/RTCIceCandidateEvent.cpp:
        (WebCore::RTCIceCandidateEvent::create):
        * Modules/mediastream/RTCIceCandidateEvent.h:
        * Modules/speech/SpeechSynthesisEvent.cpp:
        (WebCore::SpeechSynthesisEvent::create):
        * Modules/speech/SpeechSynthesisEvent.h:
        * Modules/webaudio/AudioProcessingEvent.cpp:
        (WebCore::AudioProcessingEvent::create):
        * Modules/webaudio/AudioProcessingEvent.h:
        * Modules/webaudio/OfflineAudioCompletionEvent.cpp:
        (WebCore::OfflineAudioCompletionEvent::create):
        * Modules/webaudio/OfflineAudioCompletionEvent.h:
        * Modules/websockets/CloseEvent.h:
        (WebCore::CloseEvent::create):
        * dom/AnimationEvent.h:
        * dom/AutocompleteErrorEvent.h:
        * dom/BeforeLoadEvent.h:
        * dom/BeforeTextInsertedEvent.h:
        * dom/BeforeUnloadEvent.h:
        * dom/ClipboardEvent.h:
        * dom/CompositionEvent.h:
        * dom/CustomEvent.h:
        * dom/DeviceMotionEvent.h:
        * dom/DeviceOrientationEvent.h:
        * dom/ErrorEvent.h:
        * dom/Event.h:
        (WebCore::Event::create):
        * dom/FocusEvent.h:
        * dom/HashChangeEvent.h:
        * dom/KeyboardEvent.h:
        * dom/MessageEvent.h:
        * dom/MouseEvent.cpp:
        (WebCore::MouseEvent::create):
        (WebCore::SimulatedMouseEvent::create):
        * dom/MouseEvent.h:
        (WebCore::MouseEvent::create):
        * dom/MutationEvent.h:
        * dom/OverflowEvent.h:
        * dom/PageTransitionEvent.h:
        * dom/PopStateEvent.cpp:
        (WebCore::PopStateEvent::create):
        * dom/PopStateEvent.h:
        * dom/ProgressEvent.h:
        (WebCore::ProgressEvent::create):
        * dom/TextEvent.cpp:
        (WebCore::TextEvent::create):
        (WebCore::TextEvent::createForPlainTextPaste):
        (WebCore::TextEvent::createForFragmentPaste):
        (WebCore::TextEvent::createForDrop):
        (WebCore::TextEvent::createForDictation):
        * dom/TextEvent.h:
        * dom/TouchEvent.h:
        * dom/TransitionEvent.h:
        * dom/UIEvent.h:
        (WebCore::UIEvent::create):
        * dom/WebKitAnimationEvent.h:
        * dom/WebKitTransitionEvent.h:
        * dom/WheelEvent.h:
        * html/MediaKeyEvent.h:
        * html/canvas/WebGLContextEvent.h:
        * html/track/TrackEvent.h:
        * storage/StorageEvent.cpp:
        (WebCore::StorageEvent::create):
        * storage/StorageEvent.h:
        * svg/SVGZoomEvent.h:
        (WebCore::SVGZoomEvent::create):
        * xml/XMLHttpRequestProgressEvent.h:
        (WebCore::XMLHttpRequestProgressEvent::create):

2014-12-14  Ryosuke Niwa  <rniwa@webkit.org>

        REGRESSION(r160182): Fragment parser doesn't close a form element with a close tag
        https://bugs.webkit.org/show_bug.cgi?id=139561

        Reviewed by Darin Adler.

        The bug was caused by us not setting the form pointer in insertHTMLFormElement.
        Since we already avoid associating a form inside HTMLConstructionSite::createHTMLElement,
        we didn't need this code at all.

        Fixed the bug by partially reverting r160182.

        Test: fast/dom/dom-parse-close-form.html

        * html/parser/HTMLConstructionSite.cpp:
        (WebCore::HTMLConstructionSite::insertHTMLFormElement):
        (WebCore::HTMLConstructionSite::insideTemplateElement): Deleted.
        * html/parser/HTMLConstructionSite.h:

2014-12-14  Andreas Kling  <akling@apple.com>

        Fix build even more. Not a strong performance here.

        * platform/graphics/Font.cpp:
        (WebCore::FontGlyphsCacheEntry::FontGlyphsCacheEntry):
        (WebCore::retrieveOrAddCachedFontGlyphs):

2014-12-14  Andreas Kling  <akling@apple.com>

        Fix build. :-|

        * css/CSSFunctionValue.cpp:
        (WebCore::CSSFunctionValue::CSSFunctionValue):
        * css/CSSFunctionValue.h:

2014-12-14  Andreas Kling  <akling@apple.com>

        Minor follow-up tweaks suggested by Darin on bug 139587.

        * css/CSSFunctionValue.h:
        (WebCore::CSSFunctionValue::create):
        * platform/graphics/Font.cpp:
        (WebCore::retrieveOrAddCachedFontGlyphs):
        (WebCore::FontGlyphsCacheEntry::FontGlyphsCacheEntry): Deleted.
        * rendering/RenderScrollbarPart.h:

2014-12-14  Andreas Kling  <akling@apple.com>

        Replace PassRef with Ref/Ref&& across the board.
        <https://webkit.org/b/139587>

        Reviewed by Darin Adler.

        * Modules/battery/BatteryManager.cpp:
        (WebCore::BatteryManager::create):
        * Modules/battery/BatteryManager.h:
        * Modules/battery/BatteryStatus.cpp:
        (WebCore::BatteryStatus::create):
        * Modules/battery/BatteryStatus.h:
        * Modules/gamepad/GamepadButton.h:
        (WebCore::GamepadButton::create):
        * Modules/gamepad/NavigatorGamepad.cpp:
        (WebCore::NavigatorGamepad::gamepadFromPlatformGamepad):
        * Modules/gamepad/NavigatorGamepad.h:
        * Modules/gamepad/deprecated/GamepadList.h:
        (WebCore::GamepadList::create):
        * Modules/geolocation/Geolocation.cpp:
        (WebCore::Geolocation::create):
        * Modules/geolocation/Geolocation.h:
        (WebCore::Geolocation::GeoNotifier::create):
        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::setPrivateAndOpen):
        * Modules/mediasource/MediaSource.h:
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::create):
        (WebCore::SourceBuffer::SourceBuffer):
        * Modules/mediasource/SourceBuffer.h:
        * Modules/mediastream/UserMediaClient.h:
        * Modules/mediastream/UserMediaController.h:
        (WebCore::UserMediaController::requestPermission):
        * Modules/notifications/Notification.cpp:
        (WebCore::Notification::create):
        * Modules/notifications/Notification.h:
        * Modules/notifications/NotificationCenter.cpp:
        (WebCore::NotificationCenter::create):
        * Modules/notifications/NotificationCenter.h:
        * Modules/plugins/PluginReplacement.h:
        * Modules/plugins/QuickTimePluginReplacement.h:
        * Modules/plugins/QuickTimePluginReplacement.mm:
        (WebCore::QuickTimePluginReplacement::createElementRenderer):
        * Modules/plugins/YouTubePluginReplacement.cpp:
        (WebCore::YouTubePluginReplacement::createElementRenderer):
        * Modules/plugins/YouTubePluginReplacement.h:
        * Modules/proximity/DeviceProximityEvent.h:
        (WebCore::DeviceProximityEvent::create):
        * WebCore.exp.in:
        * css/BasicShapeFunctions.cpp:
        (WebCore::valueForBasicShape):
        (WebCore::basicShapeForValue):
        * css/BasicShapeFunctions.h:
        * css/CSSAspectRatioValue.h:
        (WebCore::CSSAspectRatioValue::create):
        * css/CSSBorderImage.cpp:
        (WebCore::createBorderImageValue):
        * css/CSSBorderImage.h:
        * css/CSSBorderImageSliceValue.h:
        (WebCore::CSSBorderImageSliceValue::create):
        * css/CSSCalculationValue.cpp:
        (WebCore::determineCategory):
        * css/CSSCalculationValue.h:
        (WebCore::CSSCalcValue::CSSCalcValue):
        (WebCore::CSSCalcValue::createCalculationValue):
        * css/CSSCanvasValue.h:
        (WebCore::CSSCanvasValue::create):
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::valueForImageSliceSide):
        (WebCore::valueForNinePieceImageSlice):
        (WebCore::valueForNinePieceImageQuad):
        (WebCore::valueForNinePieceImageRepeat):
        (WebCore::valueForNinePieceImage):
        (WebCore::zoomAdjustedPixelValue):
        (WebCore::zoomAdjustedNumberValue):
        (WebCore::zoomAdjustedPixelValueForLength):
        (WebCore::valueForReflection):
        (WebCore::createPositionListForLayer):
        (WebCore::percentageOrZoomAdjustedValue):
        (WebCore::autoOrZoomAdjustedValue):
        (WebCore::getBorderRadiusCornerValues):
        (WebCore::getBorderRadiusCornerValue):
        (WebCore::getBorderRadiusShorthandValue):
        (WebCore::matrixTransformValue):
        (WebCore::computedTransform):
        (WebCore::adjustLengthForZoom):
        (WebCore::ComputedStyleExtractor::valueForShadow):
        (WebCore::ComputedStyleExtractor::valueForFilter):
        (WebCore::specifiedValueForGridTrackBreadth):
        (WebCore::specifiedValueForGridTrackSize):
        (WebCore::valueForGridTrackList):
        (WebCore::valueForGridPosition):
        (WebCore::createTransitionPropertyValue):
        (WebCore::getTransitionPropertyValue):
        (WebCore::scrollSnapDestination):
        (WebCore::scrollSnapPoints):
        (WebCore::scrollSnapCoordinates):
        (WebCore::getDelayValue):
        (WebCore::getDurationValue):
        (WebCore::createTimingFunctionValue):
        (WebCore::getTimingFunctionValue):
        (WebCore::createLineBoxContainValue):
        (WebCore::valueForFamily):
        (WebCore::renderTextDecorationFlagsToCSSValue):
        (WebCore::renderTextDecorationStyleFlagsToCSSValue):
        (WebCore::renderTextDecorationSkipFlagsToCSSValue):
        (WebCore::renderEmphasisPositionFlagsToCSSValue):
        (WebCore::fillRepeatToCSSValue):
        (WebCore::fillSourceTypeToCSSValue):
        (WebCore::fillSizeToCSSValue):
        (WebCore::altTextToCSSValue):
        (WebCore::contentToCSSValue):
        (WebCore::fontFamilyFromStyle):
        (WebCore::lineHeightFromStyle):
        (WebCore::fontSizeFromStyle):
        (WebCore::fontStyleFromStyle):
        (WebCore::fontVariantFromStyle):
        (WebCore::fontWeightFromStyle):
        (WebCore::CSSComputedStyleDeclaration::copyProperties):
        (WebCore::shapePropertyValue):
        (WebCore::ComputedStyleExtractor::copyProperties):
        (WebCore::ComputedStyleExtractor::copyPropertiesInSet):
        * css/CSSComputedStyleDeclaration.h:
        * css/CSSCrossfadeValue.h:
        (WebCore::CSSCrossfadeValue::create):
        * css/CSSCursorImageValue.cpp:
        (WebCore::CSSCursorImageValue::CSSCursorImageValue):
        * css/CSSCursorImageValue.h:
        (WebCore::CSSCursorImageValue::create):
        * css/CSSFilterImageValue.h:
        (WebCore::CSSFilterImageValue::create):
        * css/CSSFontFaceSrcValue.h:
        (WebCore::CSSFontFaceSrcValue::create):
        (WebCore::CSSFontFaceSrcValue::createLocal):
        * css/CSSFontFeatureValue.h:
        (WebCore::CSSFontFeatureValue::create):
        * css/CSSFontValue.h:
        (WebCore::CSSFontValue::create):
        * css/CSSFunctionValue.h:
        (WebCore::CSSFunctionValue::create):
        * css/CSSGradientValue.h:
        (WebCore::CSSLinearGradientValue::create):
        (WebCore::CSSLinearGradientValue::clone):
        (WebCore::CSSRadialGradientValue::create):
        (WebCore::CSSRadialGradientValue::clone):
        * css/CSSGridTemplateAreasValue.h:
        (WebCore::CSSGridTemplateAreasValue::create):
        * css/CSSImageSetValue.h:
        (WebCore::CSSImageSetValue::create):
        * css/CSSImageValue.h:
        (WebCore::CSSImageValue::create):
        * css/CSSInheritedValue.h:
        (WebCore::CSSInheritedValue::create):
        * css/CSSInitialValue.h:
        (WebCore::CSSInitialValue::createExplicit):
        (WebCore::CSSInitialValue::createImplicit):
        * css/CSSKeyframeRule.cpp:
        (WebCore::StyleKeyframe::StyleKeyframe):
        * css/CSSKeyframeRule.h:
        (WebCore::StyleKeyframe::create):
        * css/CSSKeyframesRule.h:
        (WebCore::StyleRuleKeyframes::create):
        (WebCore::StyleRuleKeyframes::copy):
        * css/CSSLineBoxContainValue.h:
        (WebCore::CSSLineBoxContainValue::create):
        * css/CSSParser.cpp:
        (WebCore::createPrimitiveValuePair):
        (WebCore::CSSParser::parseInlineStyleDeclaration):
        (WebCore::CSSParser::parseDeclaration):
        (WebCore::CSSParser::createStyleProperties):
        (WebCore::CSSParser::createPrimitiveNumericValue):
        (WebCore::CSSParser::createPrimitiveStringValue):
        (WebCore::CSSParser::addFillValue):
        (WebCore::CSSParser::addAnimationValue):
        * css/CSSParser.h:
        * css/CSSPrimitiveValue.cpp:
        (WebCore::CSSPrimitiveValue::formatNumberValue):
        * css/CSSPrimitiveValue.h:
        (WebCore::CSSPrimitiveValue::createIdentifier):
        (WebCore::CSSPrimitiveValue::createParserOperator):
        (WebCore::CSSPrimitiveValue::createColor):
        (WebCore::CSSPrimitiveValue::create):
        (WebCore::CSSPrimitiveValue::createAllowingMarginQuirk):
        * css/CSSReflectValue.h:
        (WebCore::CSSReflectValue::create):
        * css/CSSShadowValue.h:
        (WebCore::CSSShadowValue::create):
        * css/CSSStyleDeclaration.h:
        * css/CSSStyleSheet.cpp:
        (WebCore::CSSStyleSheet::create):
        (WebCore::CSSStyleSheet::createInline):
        (WebCore::CSSStyleSheet::CSSStyleSheet):
        * css/CSSStyleSheet.h:
        * css/CSSTimingFunctionValue.h:
        (WebCore::CSSCubicBezierTimingFunctionValue::create):
        (WebCore::CSSStepsTimingFunctionValue::create):
        * css/CSSUnicodeRangeValue.h:
        (WebCore::CSSUnicodeRangeValue::create):
        * css/CSSValue.cpp:
        (WebCore::TextCloneCSSValue::create):
        * css/CSSValueList.h:
        (WebCore::CSSValueList::createCommaSeparated):
        (WebCore::CSSValueList::createSpaceSeparated):
        (WebCore::CSSValueList::createSlashSeparated):
        (WebCore::CSSValueList::createFromParserValueList):
        (WebCore::CSSValueList::append):
        (WebCore::CSSValueList::prepend):
        * css/CSSValuePool.cpp:
        (WebCore::CSSValuePool::createIdentifierValue):
        (WebCore::CSSValuePool::createColorValue):
        (WebCore::CSSValuePool::createValue):
        (WebCore::CSSValuePool::createFontFamilyValue):
        * css/CSSValuePool.h:
        (WebCore::CSSValuePool::createInheritedValue):
        (WebCore::CSSValuePool::createImplicitInitialValue):
        (WebCore::CSSValuePool::createExplicitInitialValue):
        (WebCore::CSSValuePool::createValue):
        * css/PropertySetCSSStyleDeclaration.cpp:
        (WebCore::PropertySetCSSStyleDeclaration::copyProperties):
        * css/PropertySetCSSStyleDeclaration.h:
        * css/StyleProperties.cpp:
        (WebCore::ImmutableStyleProperties::create):
        (WebCore::StyleProperties::immutableCopyIfNeeded):
        (WebCore::StyleProperties::copyBlockProperties):
        (WebCore::StyleProperties::mutableCopy):
        (WebCore::StyleProperties::copyPropertiesInSet):
        (WebCore::MutableStyleProperties::create):
        * css/StyleProperties.h:
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::State::setStyle):
        (WebCore::StyleResolver::styleForElement):
        (WebCore::StyleResolver::styleForKeyframe):
        (WebCore::StyleResolver::styleForPage):
        (WebCore::StyleResolver::defaultStyleForElement):
        * css/StyleResolver.h:
        (WebCore::StyleResolver::State::takeStyle):
        (WebCore::StyleResolver::State::setParentStyle):
        * css/StyleRule.cpp:
        (WebCore::StyleRuleBase::copy):
        (WebCore::StyleRule::StyleRule):
        (WebCore::StyleRule::create):
        (WebCore::StyleRulePage::StyleRulePage):
        (WebCore::StyleRuleFontFace::StyleRuleFontFace):
        (WebCore::StyleRuleGroup::wrapperInsertRule):
        (WebCore::StyleRuleViewport::StyleRuleViewport):
        * css/StyleRule.h:
        (WebCore::StyleRule::create):
        (WebCore::StyleRule::copy):
        (WebCore::StyleRuleFontFace::create):
        (WebCore::StyleRuleFontFace::copy):
        (WebCore::StyleRulePage::create):
        (WebCore::StyleRulePage::copy):
        (WebCore::StyleRuleMedia::create):
        (WebCore::StyleRuleMedia::copy):
        (WebCore::StyleRuleSupports::create):
        (WebCore::StyleRuleSupports::copy):
        (WebCore::StyleRuleRegion::create):
        (WebCore::StyleRuleRegion::copy):
        (WebCore::StyleRuleViewport::create):
        (WebCore::StyleRuleViewport::copy):
        * css/StyleRuleImport.cpp:
        (WebCore::StyleRuleImport::create):
        * css/StyleRuleImport.h:
        * css/StyleSheetContents.h:
        (WebCore::StyleSheetContents::create):
        (WebCore::StyleSheetContents::copy):
        * css/WebKitCSSFilterValue.h:
        (WebCore::WebKitCSSFilterValue::create):
        * css/WebKitCSSResourceValue.h:
        (WebCore::WebKitCSSResourceValue::create):
        * css/WebKitCSSTransformValue.h:
        (WebCore::WebKitCSSTransformValue::create):
        * dom/ChildNodeList.h:
        * dom/ClassNodeList.cpp:
        (WebCore::ClassNodeList::create):
        * dom/ClassNodeList.h:
        * dom/Document.cpp:
        (WebCore::Document::styleForElementIgnoringPendingStylesheets):
        * dom/Document.h:
        * dom/DocumentSharedObjectPool.cpp:
        (WebCore::DocumentSharedObjectPool::cachedShareableElementDataWithAttributes):
        * dom/DocumentSharedObjectPool.h:
        * dom/DocumentStyleSheetCollection.cpp:
        (WebCore::DocumentStyleSheetCollection::addAuthorSheet):
        (WebCore::DocumentStyleSheetCollection::addUserSheet):
        * dom/DocumentStyleSheetCollection.h:
        * dom/Element.cpp:
        (WebCore::Element::createElementRenderer):
        * dom/Element.h:
        * dom/ElementData.cpp:
        (WebCore::ShareableElementData::createWithAttributes):
        (WebCore::UniqueElementData::create):
        (WebCore::ElementData::makeUniqueCopy):
        (WebCore::UniqueElementData::makeShareableCopy):
        * dom/ElementData.h:
        * dom/ElementRareData.h:
        (WebCore::ElementRareData::setComputedStyle):
        * dom/NameNodeList.h:
        * dom/NamedFlowCollection.cpp:
        (WebCore::NamedFlowCollection::ensureFlowWithName):
        * dom/NamedFlowCollection.h:
        * dom/NodeRareData.h:
        (WebCore::NodeListsNodeData::ensureChildNodeList):
        (WebCore::NodeListsNodeData::ensureEmptyChildNodeList):
        (WebCore::NodeListsNodeData::addCacheWithAtomicName):
        (WebCore::NodeListsNodeData::addCacheWithQualifiedName):
        (WebCore::NodeListsNodeData::addCachedCollection):
        * dom/PseudoElement.cpp:
        (WebCore::PseudoElement::didRecalcStyle):
        * dom/QualifiedName.h:
        (WebCore::QualifiedName::QualifiedNameImpl::create):
        * dom/TagNodeList.h:
        * html/BaseButtonInputType.cpp:
        (WebCore::BaseButtonInputType::createInputRenderer):
        * html/BaseButtonInputType.h:
        * html/FileInputType.cpp:
        (WebCore::FileInputType::createInputRenderer):
        * html/FileInputType.h:
        * html/HTMLAllCollection.cpp:
        (WebCore::HTMLAllCollection::create):
        * html/HTMLAllCollection.h:
        * html/HTMLAppletElement.cpp:
        (WebCore::HTMLAppletElement::createElementRenderer):
        * html/HTMLAppletElement.h:
        * html/HTMLBRElement.cpp:
        (WebCore::HTMLBRElement::createElementRenderer):
        * html/HTMLBRElement.h:
        * html/HTMLButtonElement.cpp:
        (WebCore::HTMLButtonElement::createElementRenderer):
        * html/HTMLButtonElement.h:
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::createElementRenderer):
        * html/HTMLCanvasElement.h:
        * html/HTMLCollection.cpp:
        (WebCore::HTMLCollection::create):
        * html/HTMLCollection.h:
        * html/HTMLDetailsElement.cpp:
        (WebCore::HTMLDetailsElement::createElementRenderer):
        * html/HTMLDetailsElement.h:
        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::createElementRenderer):
        * html/HTMLElement.h:
        * html/HTMLFieldSetElement.cpp:
        (WebCore::HTMLFieldSetElement::createElementRenderer):
        * html/HTMLFieldSetElement.h:
        * html/HTMLFormControlsCollection.cpp:
        (WebCore::HTMLFormControlsCollection::create):
        * html/HTMLFormControlsCollection.h:
        * html/HTMLFrameElement.cpp:
        (WebCore::HTMLFrameElement::createElementRenderer):
        * html/HTMLFrameElement.h:
        * html/HTMLFrameSetElement.cpp:
        (WebCore::HTMLFrameSetElement::createElementRenderer):
        * html/HTMLFrameSetElement.h:
        * html/HTMLIFrameElement.cpp:
        (WebCore::HTMLIFrameElement::createElementRenderer):
        * html/HTMLIFrameElement.h:
        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::createElementRenderer):
        * html/HTMLImageElement.h:
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::createElementRenderer):
        * html/HTMLInputElement.h:
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::setCSSStyleSheet):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):
        * html/HTMLMediaElement.h:
        * html/HTMLMeterElement.cpp:
        (WebCore::HTMLMeterElement::createElementRenderer):
        * html/HTMLMeterElement.h:
        * html/HTMLNameCollection.h:
        * html/HTMLOptionsCollection.cpp:
        (WebCore::HTMLOptionsCollection::create):
        * html/HTMLOptionsCollection.h:
        * html/HTMLPlugInElement.cpp:
        (WebCore::HTMLPlugInElement::createElementRenderer):
        * html/HTMLPlugInElement.h:
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::createElementRenderer):
        * html/HTMLPlugInImageElement.h:
        * html/HTMLProgressElement.cpp:
        (WebCore::HTMLProgressElement::createElementRenderer):
        * html/HTMLProgressElement.h:
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::createElementRenderer):
        * html/HTMLSelectElement.h:
        * html/HTMLSummaryElement.cpp:
        (WebCore::HTMLSummaryElement::createElementRenderer):
        * html/HTMLSummaryElement.h:
        * html/HTMLTableRowsCollection.cpp:
        (WebCore::HTMLTableRowsCollection::create):
        * html/HTMLTableRowsCollection.h:
        * html/HTMLTextAreaElement.cpp:
        (WebCore::HTMLTextAreaElement::createElementRenderer):
        * html/HTMLTextAreaElement.h:
        * html/HTMLVideoElement.cpp:
        (WebCore::HTMLVideoElement::createElementRenderer):
        * html/HTMLVideoElement.h:
        * html/HTMLWBRElement.cpp:
        (WebCore::HTMLWBRElement::createElementRenderer):
        * html/HTMLWBRElement.h:
        * html/HiddenInputType.cpp:
        (WebCore::HiddenInputType::createInputRenderer):
        * html/HiddenInputType.h:
        * html/ImageInputType.cpp:
        (WebCore::ImageInputType::createInputRenderer):
        * html/ImageInputType.h:
        * html/InputType.cpp:
        (WebCore::InputType::createInputRenderer):
        * html/InputType.h:
        * html/LabelsNodeList.h:
        * html/RadioNodeList.h:
        * html/RangeInputType.cpp:
        (WebCore::RangeInputType::createInputRenderer):
        * html/RangeInputType.h:
        * html/SearchInputType.cpp:
        (WebCore::SearchInputType::createInputRenderer):
        * html/SearchInputType.h:
        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::createInputRenderer):
        * html/TextFieldInputType.h:
        * html/shadow/DetailsMarkerControl.cpp:
        (WebCore::DetailsMarkerControl::createElementRenderer):
        * html/shadow/DetailsMarkerControl.h:
        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlTimelineContainerElement::createElementRenderer):
        (WebCore::MediaControlVolumeSliderContainerElement::createElementRenderer):
        (WebCore::MediaControlTextTrackContainerElement::createElementRenderer):
        * html/shadow/MediaControlElements.h:
        * html/shadow/MeterShadowElement.cpp:
        (WebCore::MeterInnerElement::createElementRenderer):
        * html/shadow/MeterShadowElement.h:
        * html/shadow/ProgressShadowElement.cpp:
        (WebCore::ProgressInnerElement::createElementRenderer):
        * html/shadow/ProgressShadowElement.h:
        * html/shadow/SliderThumbElement.cpp:
        (WebCore::RenderSliderThumb::RenderSliderThumb):
        (WebCore::SliderThumbElement::createElementRenderer):
        (WebCore::SliderContainerElement::createElementRenderer):
        * html/shadow/SliderThumbElement.h:
        * html/shadow/TextControlInnerElements.cpp:
        (WebCore::TextControlInnerContainer::createElementRenderer):
        (WebCore::TextControlInnerTextElement::createElementRenderer):
        * html/shadow/TextControlInnerElements.h:
        * html/shadow/mac/ImageControlsButtonElementMac.cpp:
        (WebCore::RenderImageControlsButton::RenderImageControlsButton):
        (WebCore::ImageControlsButtonElementMac::createElementRenderer):
        * html/shadow/mac/ImageControlsButtonElementMac.h:
        * html/shadow/mac/ImageControlsRootElementMac.cpp:
        (WebCore::RenderImageControls::RenderImageControls):
        (WebCore::ImageControlsRootElementMac::createElementRenderer):
        * html/shadow/mac/ImageControlsRootElementMac.h:
        * html/track/VTTCue.cpp:
        (WebCore::VTTCueBox::createElementRenderer):
        * html/track/VTTCue.h:
        * loader/cache/CachedCSSStyleSheet.cpp:
        (WebCore::CachedCSSStyleSheet::saveParsedStyleSheet):
        * loader/cache/CachedCSSStyleSheet.h:
        * loader/cache/CachedResourceLoader.h:
        (WebCore::CachedResourceLoader::create):
        * mathml/MathMLInlineContainerElement.cpp:
        (WebCore::MathMLInlineContainerElement::createElementRenderer):
        * mathml/MathMLInlineContainerElement.h:
        * mathml/MathMLMathElement.cpp:
        (WebCore::MathMLMathElement::createElementRenderer):
        * mathml/MathMLMathElement.h:
        * mathml/MathMLMencloseElement.cpp:
        (WebCore::MathMLMencloseElement::createElementRenderer):
        * mathml/MathMLMencloseElement.h:
        * mathml/MathMLSelectElement.cpp:
        (WebCore::MathMLSelectElement::createElementRenderer):
        * mathml/MathMLSelectElement.h:
        * mathml/MathMLTextElement.cpp:
        (WebCore::MathMLTextElement::createElementRenderer):
        * mathml/MathMLTextElement.h:
        * page/Page.cpp:
        (WebCore::Page::setStorageNamespaceProvider):
        (WebCore::Page::setVisitedLinkStore):
        * page/Page.h:
        * page/UserMessageHandler.h:
        (WebCore::UserMessageHandler::create):
        * page/UserMessageHandlersNamespace.h:
        (WebCore::UserMessageHandlersNamespace::create):
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::addElementChangeToDispatch):
        (WebCore::AnimationController::updateAnimations):
        * page/animation/AnimationController.h:
        * page/animation/AnimationControllerPrivate.h:
        * page/animation/CompositeAnimation.cpp:
        (WebCore::CompositeAnimation::animate):
        * page/animation/CompositeAnimation.h:
        * platform/CalculationValue.cpp:
        (WebCore::CalculationValue::create):
        * platform/CalculationValue.h:
        * platform/Length.cpp:
        (WebCore::CalculationValueMap::insert):
        (WebCore::Length::Length):
        * platform/Length.h:
        * platform/graphics/Font.cpp:
        (WebCore::FontGlyphsCacheEntry::FontGlyphsCacheEntry):
        (WebCore::retrieveOrAddCachedFontGlyphs):
        * platform/graphics/FontGlyphs.h:
        (WebCore::FontGlyphs::create):
        (WebCore::FontGlyphs::createForPlatformFont):
        * platform/graphics/Gradient.h:
        (WebCore::Gradient::create):
        * platform/graphics/GraphicsContext.cpp:
        (WebCore::GraphicsContext::setStrokePattern):
        (WebCore::GraphicsContext::setFillPattern):
        (WebCore::GraphicsContext::setStrokeGradient):
        (WebCore::GraphicsContext::setFillGradient):
        * platform/graphics/GraphicsContext.h:
        * platform/graphics/MediaSourcePrivateClient.h:
        * platform/graphics/Pattern.cpp:
        (WebCore::Pattern::create):
        * platform/graphics/Pattern.h:
        * platform/mac/SerializedPlatformRepresentationMac.h:
        * platform/mac/SerializedPlatformRepresentationMac.mm:
        (WebCore::SerializedPlatformRepresentationMac::create):
        * platform/mock/UserMediaClientMock.h:
        (WebCore::UserMediaClientRequestNotifier::UserMediaClientRequestNotifier):
        * rendering/ClipPathOperation.h:
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::RenderBlock):
        * rendering/RenderBlock.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::RenderBlockFlow):
        * rendering/RenderBlockFlow.h:
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::RenderBox):
        * rendering/RenderBox.h:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::RenderBoxModelObject):
        * rendering/RenderBoxModelObject.h:
        * rendering/RenderButton.cpp:
        (WebCore::RenderButton::RenderButton):
        * rendering/RenderButton.h:
        * rendering/RenderDeprecatedFlexibleBox.cpp:
        (WebCore::RenderDeprecatedFlexibleBox::RenderDeprecatedFlexibleBox):
        * rendering/RenderDeprecatedFlexibleBox.h:
        * rendering/RenderDetailsMarker.cpp:
        (WebCore::RenderDetailsMarker::RenderDetailsMarker):
        * rendering/RenderDetailsMarker.h:
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::RenderElement):
        (WebCore::RenderElement::createFor):
        (WebCore::RenderElement::setStyle):
        * rendering/RenderElement.h:
        (WebCore::RenderElement::setStyleInternal):
        (WebCore::RenderElement::setAnimatableStyle):
        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::RenderEmbeddedObject::RenderEmbeddedObject):
        (WebCore::RenderEmbeddedObject::createForApplet):
        * rendering/RenderEmbeddedObject.h:
        * rendering/RenderFieldset.cpp:
        (WebCore::RenderFieldset::RenderFieldset):
        * rendering/RenderFieldset.h:
        * rendering/RenderFileUploadControl.cpp:
        (WebCore::RenderFileUploadControl::RenderFileUploadControl):
        * rendering/RenderFileUploadControl.h:
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::RenderFlexibleBox):
        * rendering/RenderFlexibleBox.h:
        * rendering/RenderFlowThread.cpp:
        (WebCore::RenderFlowThread::RenderFlowThread):
        (WebCore::RenderFlowThread::createFlowThreadStyle):
        * rendering/RenderFlowThread.h:
        * rendering/RenderFrame.cpp:
        (WebCore::RenderFrame::RenderFrame):
        * rendering/RenderFrame.h:
        * rendering/RenderFrameBase.cpp:
        (WebCore::RenderFrameBase::RenderFrameBase):
        * rendering/RenderFrameBase.h:
        * rendering/RenderFrameSet.cpp:
        (WebCore::RenderFrameSet::RenderFrameSet):
        * rendering/RenderFrameSet.h:
        * rendering/RenderFullScreen.cpp:
        (WebCore::RenderFullScreen::RenderFullScreen):
        (WebCore::createFullScreenStyle):
        (WebCore::RenderFullScreen::createPlaceholder):
        * rendering/RenderFullScreen.h:
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::RenderGrid):
        * rendering/RenderGrid.h:
        * rendering/RenderHTMLCanvas.cpp:
        (WebCore::RenderHTMLCanvas::RenderHTMLCanvas):
        * rendering/RenderHTMLCanvas.h:
        * rendering/RenderIFrame.cpp:
        (WebCore::RenderIFrame::RenderIFrame):
        * rendering/RenderIFrame.h:
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::RenderImage):
        * rendering/RenderImage.h:
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::RenderInline):
        * rendering/RenderInline.h:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLayer.h:
        * rendering/RenderLayerModelObject.cpp:
        (WebCore::RenderLayerModelObject::RenderLayerModelObject):
        * rendering/RenderLayerModelObject.h:
        * rendering/RenderLineBreak.cpp:
        (WebCore::RenderLineBreak::RenderLineBreak):
        * rendering/RenderLineBreak.h:
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::RenderListBox):
        * rendering/RenderListBox.h:
        * rendering/RenderListItem.cpp:
        (WebCore::RenderListItem::RenderListItem):
        * rendering/RenderListItem.h:
        * rendering/RenderListMarker.cpp:
        (WebCore::RenderListMarker::RenderListMarker):
        * rendering/RenderListMarker.h:
        * rendering/RenderMedia.cpp:
        (WebCore::RenderMedia::RenderMedia):
        * rendering/RenderMedia.h:
        * rendering/RenderMediaControlElements.cpp:
        (WebCore::RenderMediaVolumeSliderContainer::RenderMediaVolumeSliderContainer):
        (WebCore::RenderMediaControlTimelineContainer::RenderMediaControlTimelineContainer):
        (WebCore::RenderTextTrackContainerElement::RenderTextTrackContainerElement):
        * rendering/RenderMediaControlElements.h:
        * rendering/RenderMenuList.cpp:
        (WebCore::RenderMenuList::RenderMenuList):
        * rendering/RenderMenuList.h:
        * rendering/RenderMeter.cpp:
        (WebCore::RenderMeter::RenderMeter):
        * rendering/RenderMeter.h:
        * rendering/RenderMultiColumnFlowThread.cpp:
        (WebCore::RenderMultiColumnFlowThread::RenderMultiColumnFlowThread):
        * rendering/RenderMultiColumnFlowThread.h:
        * rendering/RenderMultiColumnSet.cpp:
        (WebCore::RenderMultiColumnSet::RenderMultiColumnSet):
        * rendering/RenderMultiColumnSet.h:
        * rendering/RenderMultiColumnSpannerPlaceholder.cpp:
        (WebCore::RenderMultiColumnSpannerPlaceholder::RenderMultiColumnSpannerPlaceholder):
        * rendering/RenderMultiColumnSpannerPlaceholder.h:
        * rendering/RenderNamedFlowFragment.cpp:
        (WebCore::RenderNamedFlowFragment::RenderNamedFlowFragment):
        (WebCore::RenderNamedFlowFragment::createStyle):
        * rendering/RenderNamedFlowFragment.h:
        * rendering/RenderNamedFlowThread.cpp:
        (WebCore::RenderNamedFlowThread::RenderNamedFlowThread):
        * rendering/RenderNamedFlowThread.h:
        * rendering/RenderProgress.cpp:
        (WebCore::RenderProgress::RenderProgress):
        * rendering/RenderProgress.h:
        * rendering/RenderQuote.cpp:
        (WebCore::RenderQuote::RenderQuote):
        * rendering/RenderQuote.h:
        * rendering/RenderRegion.cpp:
        (WebCore::RenderRegion::RenderRegion):
        * rendering/RenderRegion.h:
        * rendering/RenderRegionSet.cpp:
        (WebCore::RenderRegionSet::RenderRegionSet):
        * rendering/RenderRegionSet.h:
        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::RenderReplaced):
        * rendering/RenderReplaced.h:
        * rendering/RenderReplica.cpp:
        (WebCore::RenderReplica::RenderReplica):
        * rendering/RenderReplica.h:
        * rendering/RenderRuby.cpp:
        (WebCore::RenderRubyAsInline::RenderRubyAsInline):
        (WebCore::RenderRubyAsBlock::RenderRubyAsBlock):
        * rendering/RenderRuby.h:
        * rendering/RenderRubyBase.cpp:
        (WebCore::RenderRubyBase::RenderRubyBase):
        * rendering/RenderRubyBase.h:
        * rendering/RenderRubyRun.cpp:
        (WebCore::RenderRubyRun::RenderRubyRun):
        * rendering/RenderRubyRun.h:
        * rendering/RenderRubyText.cpp:
        (WebCore::RenderRubyText::RenderRubyText):
        * rendering/RenderRubyText.h:
        * rendering/RenderScrollbarPart.cpp:
        (WebCore::RenderScrollbarPart::RenderScrollbarPart):
        * rendering/RenderScrollbarPart.h:
        * rendering/RenderSearchField.cpp:
        (WebCore::RenderSearchField::RenderSearchField):
        * rendering/RenderSearchField.h:
        * rendering/RenderSlider.cpp:
        (WebCore::RenderSlider::RenderSlider):
        * rendering/RenderSlider.h:
        * rendering/RenderSnapshottedPlugIn.cpp:
        (WebCore::RenderSnapshottedPlugIn::RenderSnapshottedPlugIn):
        * rendering/RenderSnapshottedPlugIn.h:
        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::RenderTable):
        * rendering/RenderTable.h:
        * rendering/RenderTableCaption.cpp:
        (WebCore::RenderTableCaption::RenderTableCaption):
        * rendering/RenderTableCaption.h:
        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::RenderTableCell):
        * rendering/RenderTableCell.h:
        * rendering/RenderTableCol.cpp:
        (WebCore::RenderTableCol::RenderTableCol):
        * rendering/RenderTableCol.h:
        * rendering/RenderTableRow.cpp:
        (WebCore::RenderTableRow::RenderTableRow):
        * rendering/RenderTableRow.h:
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::RenderTableSection):
        * rendering/RenderTableSection.h:
        * rendering/RenderTextControl.cpp:
        (WebCore::RenderTextControl::RenderTextControl):
        * rendering/RenderTextControl.h:
        * rendering/RenderTextControlMultiLine.cpp:
        (WebCore::RenderTextControlMultiLine::RenderTextControlMultiLine):
        (WebCore::RenderTextControlMultiLine::createInnerTextStyle):
        * rendering/RenderTextControlMultiLine.h:
        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::RenderTextControlSingleLine):
        (WebCore::RenderTextControlSingleLine::createInnerTextStyle):
        (WebCore::RenderTextControlSingleLine::createInnerBlockStyle):
        * rendering/RenderTextControlSingleLine.h:
        * rendering/RenderVTTCue.cpp:
        (WebCore::RenderVTTCue::RenderVTTCue):
        * rendering/RenderVTTCue.h:
        * rendering/RenderVideo.cpp:
        (WebCore::RenderVideo::RenderVideo):
        * rendering/RenderVideo.h:
        * rendering/RenderView.cpp:
        (WebCore::RenderView::RenderView):
        * rendering/RenderView.h:
        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::RenderWidget):
        * rendering/RenderWidget.h:
        * rendering/mathml/RenderMathMLBlock.cpp:
        (WebCore::RenderMathMLBlock::RenderMathMLBlock):
        * rendering/mathml/RenderMathMLBlock.h:
        * rendering/mathml/RenderMathMLFenced.cpp:
        (WebCore::RenderMathMLFenced::RenderMathMLFenced):
        * rendering/mathml/RenderMathMLFenced.h:
        * rendering/mathml/RenderMathMLFraction.cpp:
        (WebCore::RenderMathMLFraction::RenderMathMLFraction):
        * rendering/mathml/RenderMathMLFraction.h:
        * rendering/mathml/RenderMathMLMath.cpp:
        (WebCore::RenderMathMLMath::RenderMathMLMath):
        * rendering/mathml/RenderMathMLMath.h:
        * rendering/mathml/RenderMathMLMenclose.cpp:
        (WebCore::RenderMathMLMenclose::RenderMathMLMenclose):
        * rendering/mathml/RenderMathMLMenclose.h:
        * rendering/mathml/RenderMathMLOperator.cpp:
        (WebCore::RenderMathMLOperator::RenderMathMLOperator):
        * rendering/mathml/RenderMathMLOperator.h:
        * rendering/mathml/RenderMathMLRadicalOperator.cpp:
        (WebCore::RenderMathMLRadicalOperator::RenderMathMLRadicalOperator):
        * rendering/mathml/RenderMathMLRadicalOperator.h:
        * rendering/mathml/RenderMathMLRoot.cpp:
        (WebCore::RenderMathMLRoot::RenderMathMLRoot):
        * rendering/mathml/RenderMathMLRoot.h:
        * rendering/mathml/RenderMathMLRow.cpp:
        (WebCore::RenderMathMLRow::RenderMathMLRow):
        * rendering/mathml/RenderMathMLRow.h:
        * rendering/mathml/RenderMathMLScripts.cpp:
        (WebCore::RenderMathMLScripts::RenderMathMLScripts):
        * rendering/mathml/RenderMathMLScripts.h:
        * rendering/mathml/RenderMathMLSpace.cpp:
        (WebCore::RenderMathMLSpace::RenderMathMLSpace):
        * rendering/mathml/RenderMathMLSpace.h:
        * rendering/mathml/RenderMathMLSquareRoot.cpp:
        (WebCore::RenderMathMLSquareRoot::RenderMathMLSquareRoot):
        * rendering/mathml/RenderMathMLSquareRoot.h:
        * rendering/mathml/RenderMathMLToken.cpp:
        (WebCore::RenderMathMLToken::RenderMathMLToken):
        * rendering/mathml/RenderMathMLToken.h:
        * rendering/mathml/RenderMathMLUnderOver.cpp:
        (WebCore::RenderMathMLUnderOver::RenderMathMLUnderOver):
        * rendering/mathml/RenderMathMLUnderOver.h:
        * rendering/style/BasicShapes.cpp:
        (WebCore::BasicShapeCircle::blend):
        (WebCore::BasicShapeEllipse::blend):
        (WebCore::BasicShapePolygon::blend):
        (WebCore::BasicShapeInset::blend):
        * rendering/style/BasicShapes.h:
        * rendering/style/DataRef.h:
        (WebCore::DataRef::DataRef):
        * rendering/style/NinePieceImage.cpp:
        (WebCore::NinePieceImageData::copy):
        * rendering/style/NinePieceImage.h:
        (WebCore::NinePieceImageData::create):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::create):
        (WebCore::RenderStyle::createDefaultStyle):
        (WebCore::RenderStyle::createAnonymousStyleWithDisplay):
        (WebCore::RenderStyle::clone):
        (WebCore::RenderStyle::createStyleInheritingFromPseudoStyle):
        * rendering/style/RenderStyle.h:
        * rendering/style/SVGRenderStyle.cpp:
        (WebCore::SVGRenderStyle::createDefaultStyle):
        (WebCore::SVGRenderStyle::copy):
        * rendering/style/SVGRenderStyle.h:
        (WebCore::SVGRenderStyle::create):
        * rendering/style/SVGRenderStyleDefs.cpp:
        (WebCore::StyleFillData::copy):
        (WebCore::StyleStrokeData::copy):
        (WebCore::StyleStopData::copy):
        (WebCore::StyleTextData::copy):
        (WebCore::StyleMiscData::copy):
        (WebCore::StyleShadowSVGData::copy):
        (WebCore::StyleResourceData::copy):
        (WebCore::StyleInheritedResourceData::copy):
        (WebCore::StyleLayoutData::copy):
        * rendering/style/SVGRenderStyleDefs.h:
        (WebCore::StyleFillData::create):
        (WebCore::StyleStrokeData::create):
        (WebCore::StyleStopData::create):
        (WebCore::StyleTextData::create):
        (WebCore::StyleMiscData::create):
        (WebCore::StyleShadowSVGData::create):
        (WebCore::StyleResourceData::create):
        (WebCore::StyleInheritedResourceData::create):
        (WebCore::StyleLayoutData::create):
        * rendering/style/StyleBackgroundData.cpp:
        (WebCore::StyleBackgroundData::copy):
        * rendering/style/StyleBackgroundData.h:
        (WebCore::StyleBackgroundData::create):
        * rendering/style/StyleBoxData.cpp:
        (WebCore::StyleBoxData::copy):
        * rendering/style/StyleBoxData.h:
        (WebCore::StyleBoxData::create):
        * rendering/style/StyleDeprecatedFlexibleBoxData.cpp:
        (WebCore::StyleDeprecatedFlexibleBoxData::copy):
        * rendering/style/StyleDeprecatedFlexibleBoxData.h:
        (WebCore::StyleDeprecatedFlexibleBoxData::create):
        * rendering/style/StyleFilterData.cpp:
        (WebCore::StyleFilterData::copy):
        * rendering/style/StyleFilterData.h:
        (WebCore::StyleFilterData::create):
        * rendering/style/StyleFlexibleBoxData.cpp:
        (WebCore::StyleFlexibleBoxData::copy):
        * rendering/style/StyleFlexibleBoxData.h:
        (WebCore::StyleFlexibleBoxData::create):
        * rendering/style/StyleGeneratedImage.cpp:
        (WebCore::StyleGeneratedImage::StyleGeneratedImage):
        * rendering/style/StyleGeneratedImage.h:
        * rendering/style/StyleGridData.cpp:
        (WebCore::StyleGridData::copy):
        * rendering/style/StyleGridData.h:
        (WebCore::StyleGridData::create):
        * rendering/style/StyleGridItemData.cpp:
        (WebCore::StyleGridItemData::copy):
        * rendering/style/StyleGridItemData.h:
        (WebCore::StyleGridItemData::create):
        * rendering/style/StyleInheritedData.cpp:
        (WebCore::StyleInheritedData::copy):
        * rendering/style/StyleInheritedData.h:
        (WebCore::StyleInheritedData::create):
        * rendering/style/StyleMarqueeData.cpp:
        (WebCore::StyleMarqueeData::copy):
        * rendering/style/StyleMarqueeData.h:
        (WebCore::StyleMarqueeData::create):
        * rendering/style/StyleMultiColData.cpp:
        (WebCore::StyleMultiColData::copy):
        * rendering/style/StyleMultiColData.h:
        (WebCore::StyleMultiColData::create):
        * rendering/style/StyleRareInheritedData.cpp:
        (WebCore::StyleRareInheritedData::copy):
        * rendering/style/StyleRareInheritedData.h:
        (WebCore::StyleRareInheritedData::create):
        * rendering/style/StyleRareNonInheritedData.cpp:
        (WebCore::StyleRareNonInheritedData::copy):
        * rendering/style/StyleRareNonInheritedData.h:
        (WebCore::StyleRareNonInheritedData::create):
        * rendering/style/StyleScrollSnapPoints.cpp:
        (WebCore::StyleScrollSnapPoints::copy):
        * rendering/style/StyleScrollSnapPoints.h:
        (WebCore::StyleScrollSnapPoints::create):
        * rendering/style/StyleSurroundData.cpp:
        (WebCore::StyleSurroundData::copy):
        * rendering/style/StyleSurroundData.h:
        (WebCore::StyleSurroundData::create):
        * rendering/style/StyleTransformData.cpp:
        (WebCore::StyleTransformData::copy):
        * rendering/style/StyleTransformData.h:
        (WebCore::StyleTransformData::create):
        * rendering/style/StyleVisualData.cpp:
        (WebCore::StyleVisualData::copy):
        * rendering/style/StyleVisualData.h:
        (WebCore::StyleVisualData::create):
        * rendering/svg/RenderSVGBlock.cpp:
        (WebCore::RenderSVGBlock::RenderSVGBlock):
        * rendering/svg/RenderSVGBlock.h:
        * rendering/svg/RenderSVGContainer.cpp:
        (WebCore::RenderSVGContainer::RenderSVGContainer):
        * rendering/svg/RenderSVGContainer.h:
        * rendering/svg/RenderSVGEllipse.cpp:
        (WebCore::RenderSVGEllipse::RenderSVGEllipse):
        * rendering/svg/RenderSVGEllipse.h:
        * rendering/svg/RenderSVGForeignObject.cpp:
        (WebCore::RenderSVGForeignObject::RenderSVGForeignObject):
        * rendering/svg/RenderSVGForeignObject.h:
        * rendering/svg/RenderSVGGradientStop.cpp:
        (WebCore::RenderSVGGradientStop::RenderSVGGradientStop):
        * rendering/svg/RenderSVGGradientStop.h:
        * rendering/svg/RenderSVGHiddenContainer.cpp:
        (WebCore::RenderSVGHiddenContainer::RenderSVGHiddenContainer):
        * rendering/svg/RenderSVGHiddenContainer.h:
        * rendering/svg/RenderSVGImage.cpp:
        (WebCore::RenderSVGImage::RenderSVGImage):
        * rendering/svg/RenderSVGImage.h:
        * rendering/svg/RenderSVGInline.cpp:
        (WebCore::RenderSVGInline::RenderSVGInline):
        * rendering/svg/RenderSVGInline.h:
        * rendering/svg/RenderSVGModelObject.cpp:
        (WebCore::RenderSVGModelObject::RenderSVGModelObject):
        * rendering/svg/RenderSVGModelObject.h:
        * rendering/svg/RenderSVGPath.cpp:
        (WebCore::RenderSVGPath::RenderSVGPath):
        * rendering/svg/RenderSVGPath.h:
        * rendering/svg/RenderSVGRect.cpp:
        (WebCore::RenderSVGRect::RenderSVGRect):
        * rendering/svg/RenderSVGRect.h:
        * rendering/svg/RenderSVGResourceClipper.cpp:
        (WebCore::RenderSVGResourceClipper::RenderSVGResourceClipper):
        * rendering/svg/RenderSVGResourceClipper.h:
        * rendering/svg/RenderSVGResourceContainer.cpp:
        (WebCore::RenderSVGResourceContainer::RenderSVGResourceContainer):
        * rendering/svg/RenderSVGResourceContainer.h:
        * rendering/svg/RenderSVGResourceFilter.cpp:
        (WebCore::RenderSVGResourceFilter::RenderSVGResourceFilter):
        * rendering/svg/RenderSVGResourceFilter.h:
        * rendering/svg/RenderSVGResourceFilterPrimitive.cpp:
        (WebCore::RenderSVGResourceFilterPrimitive::RenderSVGResourceFilterPrimitive):
        * rendering/svg/RenderSVGResourceFilterPrimitive.h:
        * rendering/svg/RenderSVGResourceGradient.cpp:
        (WebCore::RenderSVGResourceGradient::RenderSVGResourceGradient):
        * rendering/svg/RenderSVGResourceGradient.h:
        * rendering/svg/RenderSVGResourceLinearGradient.cpp:
        (WebCore::RenderSVGResourceLinearGradient::RenderSVGResourceLinearGradient):
        * rendering/svg/RenderSVGResourceLinearGradient.h:
        * rendering/svg/RenderSVGResourceMarker.cpp:
        (WebCore::RenderSVGResourceMarker::RenderSVGResourceMarker):
        * rendering/svg/RenderSVGResourceMarker.h:
        * rendering/svg/RenderSVGResourceMasker.cpp:
        (WebCore::RenderSVGResourceMasker::RenderSVGResourceMasker):
        * rendering/svg/RenderSVGResourceMasker.h:
        * rendering/svg/RenderSVGResourcePattern.cpp:
        (WebCore::RenderSVGResourcePattern::RenderSVGResourcePattern):
        * rendering/svg/RenderSVGResourcePattern.h:
        * rendering/svg/RenderSVGResourceRadialGradient.cpp:
        (WebCore::RenderSVGResourceRadialGradient::RenderSVGResourceRadialGradient):
        * rendering/svg/RenderSVGResourceRadialGradient.h:
        * rendering/svg/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::RenderSVGRoot):
        * rendering/svg/RenderSVGRoot.h:
        * rendering/svg/RenderSVGShape.cpp:
        (WebCore::RenderSVGShape::RenderSVGShape):
        * rendering/svg/RenderSVGShape.h:
        * rendering/svg/RenderSVGTSpan.h:
        * rendering/svg/RenderSVGText.cpp:
        (WebCore::RenderSVGText::RenderSVGText):
        * rendering/svg/RenderSVGText.h:
        * rendering/svg/RenderSVGTextPath.cpp:
        (WebCore::RenderSVGTextPath::RenderSVGTextPath):
        * rendering/svg/RenderSVGTextPath.h:
        * rendering/svg/RenderSVGTransformableContainer.cpp:
        (WebCore::RenderSVGTransformableContainer::RenderSVGTransformableContainer):
        * rendering/svg/RenderSVGTransformableContainer.h:
        * rendering/svg/RenderSVGViewportContainer.cpp:
        (WebCore::RenderSVGViewportContainer::RenderSVGViewportContainer):
        * rendering/svg/RenderSVGViewportContainer.h:
        * rendering/svg/SVGTextRunRenderingContext.h:
        * style/StyleResolveForDocument.cpp:
        (WebCore::Style::resolveForDocument):
        * style/StyleResolveForDocument.h:
        * style/StyleResolveTree.cpp:
        (WebCore::Style::styleForElement):
        * svg/SVGAElement.cpp:
        (WebCore::SVGAElement::createElementRenderer):
        * svg/SVGAElement.h:
        * svg/SVGAltGlyphElement.cpp:
        (WebCore::SVGAltGlyphElement::createElementRenderer):
        * svg/SVGAltGlyphElement.h:
        * svg/SVGCircleElement.cpp:
        (WebCore::SVGCircleElement::createElementRenderer):
        * svg/SVGCircleElement.h:
        * svg/SVGClipPathElement.cpp:
        (WebCore::SVGClipPathElement::createElementRenderer):
        * svg/SVGClipPathElement.h:
        * svg/SVGColor.h:
        (WebCore::SVGColor::createFromString):
        (WebCore::SVGColor::createFromColor):
        (WebCore::SVGColor::createCurrentColor):
        * svg/SVGDefsElement.cpp:
        (WebCore::SVGDefsElement::createElementRenderer):
        * svg/SVGDefsElement.h:
        * svg/SVGEllipseElement.cpp:
        (WebCore::SVGEllipseElement::createElementRenderer):
        * svg/SVGEllipseElement.h:
        * svg/SVGFilterElement.cpp:
        (WebCore::SVGFilterElement::createElementRenderer):
        * svg/SVGFilterElement.h:
        * svg/SVGFilterPrimitiveStandardAttributes.cpp:
        (WebCore::SVGFilterPrimitiveStandardAttributes::createElementRenderer):
        * svg/SVGFilterPrimitiveStandardAttributes.h:
        * svg/SVGFontFaceNameElement.cpp:
        (WebCore::SVGFontFaceNameElement::srcValue):
        * svg/SVGFontFaceNameElement.h:
        * svg/SVGFontFaceUriElement.cpp:
        (WebCore::SVGFontFaceUriElement::srcValue):
        * svg/SVGFontFaceUriElement.h:
        * svg/SVGForeignObjectElement.cpp:
        (WebCore::SVGForeignObjectElement::createElementRenderer):
        * svg/SVGForeignObjectElement.h:
        * svg/SVGGElement.cpp:
        (WebCore::SVGGElement::createElementRenderer):
        * svg/SVGGElement.h:
        * svg/SVGGraphicsElement.cpp:
        (WebCore::SVGGraphicsElement::createElementRenderer):
        * svg/SVGGraphicsElement.h:
        * svg/SVGImageElement.cpp:
        (WebCore::SVGImageElement::createElementRenderer):
        * svg/SVGImageElement.h:
        * svg/SVGLength.cpp:
        (WebCore::SVGLength::toCSSPrimitiveValue):
        * svg/SVGLength.h:
        * svg/SVGLinearGradientElement.cpp:
        (WebCore::SVGLinearGradientElement::createElementRenderer):
        * svg/SVGLinearGradientElement.h:
        * svg/SVGMarkerElement.cpp:
        (WebCore::SVGMarkerElement::createElementRenderer):
        * svg/SVGMarkerElement.h:
        * svg/SVGMaskElement.cpp:
        (WebCore::SVGMaskElement::createElementRenderer):
        * svg/SVGMaskElement.h:
        * svg/SVGPaint.h:
        (WebCore::SVGPaint::createUnknown):
        (WebCore::SVGPaint::createNone):
        (WebCore::SVGPaint::createCurrentColor):
        (WebCore::SVGPaint::createColor):
        (WebCore::SVGPaint::createURI):
        (WebCore::SVGPaint::createURIAndColor):
        (WebCore::SVGPaint::createURIAndNone):
        (WebCore::SVGPaint::create):
        * svg/SVGPathElement.cpp:
        (WebCore::SVGPathElement::createElementRenderer):
        * svg/SVGPathElement.h:
        * svg/SVGPatternElement.cpp:
        (WebCore::SVGPatternElement::createElementRenderer):
        * svg/SVGPatternElement.h:
        * svg/SVGRadialGradientElement.cpp:
        (WebCore::SVGRadialGradientElement::createElementRenderer):
        * svg/SVGRadialGradientElement.h:
        * svg/SVGRectElement.cpp:
        (WebCore::SVGRectElement::createElementRenderer):
        * svg/SVGRectElement.h:
        * svg/SVGSVGElement.cpp:
        (WebCore::SVGSVGElement::createElementRenderer):
        * svg/SVGSVGElement.h:
        * svg/SVGStopElement.cpp:
        (WebCore::SVGStopElement::createElementRenderer):
        * svg/SVGStopElement.h:
        * svg/SVGSwitchElement.cpp:
        (WebCore::SVGSwitchElement::createElementRenderer):
        * svg/SVGSwitchElement.h:
        * svg/SVGSymbolElement.cpp:
        (WebCore::SVGSymbolElement::createElementRenderer):
        * svg/SVGSymbolElement.h:
        * svg/SVGTRefElement.cpp:
        (WebCore::SVGTRefTargetEventListener::create):
        (WebCore::SVGTRefElement::createElementRenderer):
        * svg/SVGTRefElement.h:
        * svg/SVGTSpanElement.cpp:
        (WebCore::SVGTSpanElement::createElementRenderer):
        * svg/SVGTSpanElement.h:
        * svg/SVGTextElement.cpp:
        (WebCore::SVGTextElement::createElementRenderer):
        * svg/SVGTextElement.h:
        * svg/SVGTextPathElement.cpp:
        (WebCore::SVGTextPathElement::createElementRenderer):
        * svg/SVGTextPathElement.h:
        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::createElementRenderer):
        * svg/SVGUseElement.h:

2014-12-13  Zalan Bujtas  <zalan@apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=139597
        rdar://problem/19237334
        Fixed positioned pseudo content does not get composited.

        Reviewed by Simon Fraser.

        This patch ensures that adjustRenderStyle() can access to settings even when Element* is null. 

        Test: compositing/fixed-positioned-pseudo-content-no-compositing.html

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle):

2014-12-12  Mark Rowe  <mrowe@apple.com>

        [Mac] Work around a bug in dsymutil on older OS versions
        <https://webkit.org/b/139609> / <rdar://problem/16045763>

        Older versions of dsymutil are unable to write out more than 2GB of symbols per architecture.
        WebCore has recently passed that threshold. To work around this we will reduce the level of
        symbols included in the dSYM bundles on the affected OS versions.

        Reviewed by Geoff Garen.

        * Configurations/Base.xcconfig: Include line tables only in the debug symbols for production
        builds on OS X 10.8 and 10.9.
        * Configurations/DebugRelease.xcconfig: Include full symbols in debug and release builds since they
        do not make use of dSYMs.

2014-12-12  Beth Dakin  <bdakin@apple.com>

        Need a fake mouse move after hiding data detectors UI
        https://bugs.webkit.org/show_bug.cgi?id=139608
        -and corresponding-
        rdar://problem/19221935

        Reviewed by Tim Horton.

        * WebCore.exp.in:

2014-12-12  Dean Jackson  <dino@apple.com>

        [Media iOS] Inline video controls have an outlined scrubber
        https://bugs.webkit.org/show_bug.cgi?id=139602
        <rdar://problem/19184212>

        Reviewed by Eric Carlson.

        This is another change similar to https://bugs.webkit.org/show_bug.cgi?id=138378
        where the specificity of pseduo elements had changed, and thus iOS
        was inheriting some of the UA styles.

        The fix is to add some more style rules to ensure that the timeline track
        is drawn in white.

        * Modules/mediacontrols/mediaControlsiOS.css:
        (audio::-webkit-media-controls-timeline): Border rules not needed here.
        (video::-webkit-media-controls-timeline::-webkit-slider-runnable-track): But are needed
        here, along with some other things.
        (audio::-webkit-media-controls-timeline::-webkit-slider-thumb): Now that the runnable
        track has some style, we need to account for the change.

2014-12-12  Anders Carlsson  <andersca@apple.com>

        Remove a workaround for a bug that was fixed in Mountain Lion
        https://bugs.webkit.org/show_bug.cgi?id=139605

        Reviewed by Sam Weinig.

        * WebCorePrefix.h:
        (move): Deleted.

2014-12-12  Zalan Bujtas  <zalan@apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=139596
        Subpixel rendering: REGRESSION (r163272): Fixed positioned pseudo content leaves trails while scrolling.
        rdar://problem/18697851

        Reviewed by Simon Fraser.

        Final repaint rect at FrameView::scrollContentsFastPath needs to be pixel aligned (as opposed to snap to int).
        However we can't pixelsnap it until after ScrollView finished transitioning to Float/LayoutRect.
        Use enclosing int rect for now to ensure scrolling does not leave trails.

        Unable to test. Apparently scrolling clears trails in dumprendertree. (repaint rects are not useful either with scrolling)

        * page/FrameView.cpp:
        (WebCore::FrameView::scrollContentsFastPath):

2014-12-12  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r168217): Images are cropped out during animation at jetblue.com
        https://bugs.webkit.org/show_bug.cgi?id=136410

        Reviewed by Dean Jackson.

        We were hitting the new assertion under Page::setPageScaleFactor(), which
        calls recalcStyle(), so move the AnimationUpdateBlock from updateStyleIfNeeded()
        to recalcStyle().

        * dom/Document.cpp:
        (WebCore::Document::recalcStyle):
        (WebCore::Document::updateStyleIfNeeded):

2014-12-12  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r168217): Images are cropped out during animation at jetblue.com
        https://bugs.webkit.org/show_bug.cgi?id=136410
        rdar://problem/18188533

        Reviewed by Dean Jackson.
        
        During GraphicsLayer flushing, for tiled layers we can compute a visible rect using
        the current state of an animation, which is obtained via the AnimationController.
        If that animation was running in a subframe, AnimationController could use a stale
        beginAnimationUpdateTime since no-one called its beginAnimationUpdate(). That
        resulted in an incorrect computation of the visible rect, resulting in missing tiles.
        
        There are two parts to this fix. First, add an assertion that beginAnimationUpdateTime()
        is being called inside an animation update block. This required moving m_beginAnimationUpdateCount
        into AnimationControllerPrivate, and changes to endAnimationUpdate().
        
        The second is adding a AnimationUpdateBlock to getAnimatedStyleForRenderer(), which
        can be called outside of style resolution. We also need some in other API functions.
        
        Testing revealed that layout can call via layoutOverflowRectForPropagation(), suggesting
        that we should have an animation batch inside FrameView::layout(). In addition, a single
        resolveStyle/layout should use the same animationBeginTime, so we add a batch to 
        updateLayoutAndStyleIfNeededRecursive().
        
        No test because it's timing-dependent. Existing tests exercise the new assertion.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::computeRenderStyleForProperty):
        * page/FrameView.cpp:
        (WebCore::FrameView::layout):
        (WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive):
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationPrivateUpdateBlock::AnimationPrivateUpdateBlock):
        (WebCore::AnimationPrivateUpdateBlock::~AnimationPrivateUpdateBlock):
        (WebCore::AnimationControllerPrivate::AnimationControllerPrivate):
        (WebCore::AnimationControllerPrivate::animationTimerFired):
        (WebCore::AnimationControllerPrivate::suspendAnimationsForDocument):
        (WebCore::AnimationControllerPrivate::resumeAnimationsForDocument):
        (WebCore::AnimationControllerPrivate::beginAnimationUpdateTime):
        (WebCore::AnimationControllerPrivate::beginAnimationUpdate):
        (WebCore::AnimationControllerPrivate::endAnimationUpdate):
        (WebCore::AnimationControllerPrivate::getAnimatedStyleForRenderer):
        (WebCore::AnimationController::AnimationController):
        (WebCore::AnimationController::notifyAnimationStarted):
        (WebCore::AnimationController::pauseAnimationAtTime):
        (WebCore::AnimationController::pauseTransitionAtTime):
        (WebCore::AnimationController::resumeAnimationsForDocument):
        (WebCore::AnimationController::startAnimationsIfNotSuspended):
        (WebCore::AnimationController::beginAnimationUpdate):
        (WebCore::AnimationController::endAnimationUpdate):
        * page/animation/AnimationController.h:
        * page/animation/AnimationControllerPrivate.h:

2014-12-12  Roger Fong  <roger_fong@apple.com>

        [Win] Unreviewed build fix following r177235.

        * WebCore.vcxproj/WebCore.vcxproj:

2014-12-12  Roger Fong  <roger_fong@apple.com>

        Implement EXT_blend_minmax as a WebGL 1 extension.
        https://bugs.webkit.org/show_bug.cgi?id=128974.
        <rdar://problem/19195535>

        Reviewed by Dean Jackson.

        Tested by:
        webgl/1.0.3/conformance/extensions/ext-blend-minmax.html
        fast/canvas/webgl/constants.html

        Specifications for this extension:
        https://www.khronos.org/registry/webgl/extensions/EXT_blend_minmax/

        * CMakeLists.txt:
        * DerivedSources.cpp:
        * DerivedSources.make:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSWebGLRenderingContextCustom.cpp:
        (WebCore::toJS):
        * html/canvas/EXTBlendMinMax.cpp: Added.
        (WebCore::EXTBlendMinMax::EXTBlendMinMax):
        (WebCore::EXTBlendMinMax::~EXTBlendMinMax):
        (WebCore::EXTBlendMinMax::getName):
        * html/canvas/EXTBlendMinMax.h: Added.
        * html/canvas/EXTBlendMinMax.idl: Added.
        * html/canvas/WebGLExtension.h:
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::getExtension):
        (WebCore::WebGLRenderingContext::getSupportedExtensions):
        (WebCore::WebGLRenderingContext::validateBlendEquation):
        * html/canvas/WebGLRenderingContext.h:
        * html/canvas/WebGLRenderingContext.idl:
        * platform/graphics/Extensions3D.h:

2014-12-12  Benjamin Poulain  <bpoulain@apple.com>

        Remove the concept of simple selector from the parser
        https://bugs.webkit.org/show_bug.cgi?id=139575

        Reviewed by Mark Lam.

        We have complete support for nested selector list, we no longer
        need the old concept of simple selector.

        * css/CSSParserValues.cpp:
        (WebCore::CSSParserSelector::isSimple): Deleted.
        * css/CSSParserValues.h:

2014-12-12  Antti Koivisto  <antti@apple.com>

        FontGlyphs::glyphDataAndPageForCharacter cleanups
        https://bugs.webkit.org/show_bug.cgi?id=139584

        Reviewed by Andreas Kling.

        Split it up and use helper functions.

        * WebCore.exp.in:
        * platform/graphics/FontGlyphs.cpp:
        (WebCore::FontGlyphs::determinePitch):
        (WebCore::FontGlyphs::realizeFontDataAt):
        (WebCore::FontGlyphs::glyphDataAndPageForSystemFallback):
        (WebCore::FontGlyphs::glyphDataAndPageForVariant):

            Add private helpers.

        (WebCore::FontGlyphs::glyphDataAndPageForCharacter):

            Do the m_pages cache lookup only once and use the pointer reference afterwards.

        * platform/graphics/FontGlyphs.h:
        (WebCore::FontGlyphs::fontSelector):
        (WebCore::FontGlyphs::widthCache):
        (WebCore::FontGlyphs::primaryFontData):
        (WebCore::FontGlyphs::isFixedPitch):
        (WebCore::FontGlyphs::primarySimpleFontData):

            Also removed the mutable attribute from the fields (almost everything was marked mutable) and made the inteface
            non-const. The FontGlyphs member of Font is already mutable so this is not needed.

2014-12-12  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for StyleRuleBase subclasses
        https://bugs.webkit.org/show_bug.cgi?id=139571

        Reviewed by Andreas Kling.

        Use is<>() / downcast<>() for StyleRuleBase subclasses for safety and
        consistency.

        No new tests, no behavior change.

        * css/CSSFontFaceRule.cpp:
        (WebCore::CSSFontFaceRule::reattach):
        * css/CSSKeyframesRule.h:
        (isType):
        * css/CSSPageRule.cpp:
        (WebCore::CSSPageRule::reattach):
        * css/CSSStyleRule.cpp:
        (WebCore::CSSStyleRule::reattach):
        * css/CSSStyleSheet.cpp:
        (WebCore::CSSStyleSheet::insertRule):
        * css/RuleSet.cpp:
        (WebCore::RuleSet::addRegionRule):
        (WebCore::RuleSet::addChildRules):
        * css/StyleInvalidationAnalysis.cpp:
        (WebCore::shouldDirtyAllStyle):
        * css/StyleRule.cpp:
        (WebCore::StyleRuleBase::destroy):
        (WebCore::StyleRuleBase::copy):
        (WebCore::StyleRuleBase::createCSSOMWrapper):
        * css/StyleRule.h:
        (isType):
        (WebCore::toStyleRule): Deleted.
        * css/StyleRuleImport.h:
        (isType):
        * css/StyleSheetContents.cpp:
        (WebCore::StyleSheetContents::parserAppendRule):
        (WebCore::StyleSheetContents::wrapperInsertRule):
        (WebCore::StyleSheetContents::addSubresourceStyleURLs):
        (WebCore::childRulesHaveFailedOrCanceledSubresources):
        * css/WebKitCSSViewportRule.cpp:
        (WebCore::WebKitCSSViewportRule::reattach):
        * inspector/InspectorCSSAgent.cpp:
        (WebCore::InspectorCSSAgent::buildArrayForMatchedRuleList):

2014-12-12  Jer Noble  <jer.noble@apple.com>

        [MSE] Add support for SourceBuffer.mode.
        https://bugs.webkit.org/show_bug.cgi?id=139265

        Reviewed by Eric Carlson.

        Support setting SourceBuffer's mode property, and add support for "sequence" mode. Prior
        to this change, "segments" mode was implied.

        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::addSourceBuffer):
        (WebCore::MediaSource::regenerateActiveSourceBuffers):
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::segmentsKeyword):
        (WebCore::SourceBuffer::sequenceKeyword):
        (WebCore::SourceBuffer::SourceBuffer):
        (WebCore::SourceBuffer::setTimestampOffset):
        (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):
        (WebCore::SourceBuffer::setMode):
        * Modules/mediasource/SourceBuffer.h:
        * Modules/mediasource/SourceBuffer.idl:

2014-12-12  Radu Stavila  <stavila@adobe.com>

        [SVG Masking] Enable the use of <mask> elements for -webkit-mask-image
        https://bugs.webkit.org/show_bug.cgi?id=139294

        Reviewed by Simon Fraser.

        This patch links together all parts required for the functionality which improves 
        the -webkit-mask-image property by allowing it to reference a <mask> element defined 
        in an inline or external SVG document.
        Support for this new functionality has been added in a previous patch, under issue
        https://bugs.webkit.org/show_bug.cgi?id=139092. A more detailed description of how
        the new functionality works can be found in the ChangeLog for that commit.
        The containsSVGDocument in ScrollView has been removed because it was added in the
        previous patch but is no longer required.

        Tests: css3/masking/mask-base64.html
               css3/masking/mask-multiple-values.html
               css3/masking/mask-svg-clipped-fragmentId.html
               css3/masking/mask-svg-fragmentId.html
               css3/masking/mask-svg-inline-fragmentId.html
               css3/masking/mask-svg-inline-invalid-fragmentId.html
               css3/masking/mask-svg-invalid-fragmentId.html
               css3/masking/mask-svg-no-fragmentId-tiled.html
               css3/masking/mask-svg-no-fragmentId.html
               css3/masking/mask-svg-script-entire-svg-to-mask.html
               css3/masking/mask-svg-script-mask-to-entire-svg.html
               css3/masking/mask-svg-script-mask-to-none.html
               css3/masking/mask-svg-script-mask-to-png.html
               css3/masking/mask-svg-script-none-to-mask.html
               css3/masking/mask-svg-script-none-to-png.html
               css3/masking/mask-svg-script-png-to-mask.html
               css3/masking/mask-svg-script-png-to-none.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseFillShorthand):
        (WebCore::CSSParser::parseFillProperty):
        (WebCore::CSSParser::parseMaskImage):
        * css/CSSParser.h:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustStyleForMaskImages):
        (WebCore::StyleResolver::applyProperty):
        (WebCore::StyleResolver::loadPendingSVGDocuments):
        (WebCore::StyleResolver::createMaskImageOperations):
        (WebCore::StyleResolver::loadPendingImages):
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::blendFunc):
        (WebCore::MaskImagePropertyWrapper::MaskImagePropertyWrapper):
        (WebCore::MaskImagePropertyWrapper::equals):
        (WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):
        * platform/graphics/MaskImageOperation.cpp:
        (WebCore::MaskImageOperation::~MaskImageOperation):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::maskClipRect):
        * rendering/RenderBox.h:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        (WebCore::RenderBoxModelObject::calculateFillTileSize):
        (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::~RenderElement):
        (WebCore::RenderElement::updateFillImages):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLayer.h:
        * rendering/style/FillLayer.h:
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::setMaskImage):
        * rendering/style/RenderStyle.h:

2014-12-12  Csaba Osztrogonác  <ossy@webkit.org>

        Fix the !ENABLE(SVG_FONTS) build after r177078
        https://bugs.webkit.org/show_bug.cgi?id=139578

        Reviewed by Martin Robinson.

        * platform/graphics/cairo/FontCairo.cpp:
        (WebCore::Font::dashesForIntersectionsWithRect):

2014-12-12  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Add 16bit support.
        https://bugs.webkit.org/show_bug.cgi?id=139469

        Reviewed by Antti Koivisto.

        This patch adds the 16bit support to simple line layout.

        Test: fast/inline/simple-line-layout-16bit-content.html

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseFor):
        * rendering/SimpleLineLayoutFlowContents.cpp:
        (WebCore::SimpleLineLayout::nextBreakablePosition):
        (WebCore::SimpleLineLayout::FlowContents::findNextBreakablePosition):
        (WebCore::SimpleLineLayout::findNextNonWhitespace):
        (WebCore::SimpleLineLayout::FlowContents::findNextNonWhitespacePosition):
        (WebCore::SimpleLineLayout::FlowContents::textWidth):
        (WebCore::SimpleLineLayout::FlowContents::runWidth):
        * rendering/SimpleLineLayoutFlowContents.h:
        * rendering/SimpleLineLayoutResolver.cpp:
        (WebCore::SimpleLineLayout::RunResolver::Run::text):

2014-12-12  ChangSeok Oh  <changseok.oh@collabora.com>

        Implement MemoryPressureHandler for Linux system
        https://bugs.webkit.org/show_bug.cgi?id=123532

        Reviewed by Sergio Villar Senin.

        This is an initial implementation to support MemoryPressureHandler for linux system.
        The patch is based on Tomeu's last patch and improved on top of it.
        Most of current linux distributions support cgroup, so that we use the memory.pressure_level
        mechanism of cgroup to get notifications when an application reaches the 'low' memory
        pressure level.

        No new tests since no engine behavior changed.

        * PlatformEfl.cmake:
        * PlatformGTK.cmake:
        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::MemoryPressureHandler):
        * platform/MemoryPressureHandler.h:
        * platform/linux/MemoryPressureHandlerLinux.cpp: Added.
        (WebCore::nextToken):
        (WebCore::MemoryPressureHandler::~MemoryPressureHandler):
        (WebCore::MemoryPressureHandler::waitForMemoryPressureEvent): run in a seperated thread
        to listen 'low' level event.
        (WebCore::MemoryPressureHandler::logErrorAndCloseFDs):
        (WebCore::MemoryPressureHandler::install):
        (WebCore::MemoryPressureHandler::uninstall):
        (WebCore::MemoryPressureHandler::holdOffTimerFired):
        (WebCore::MemoryPressureHandler::holdOff):
        (WebCore::MemoryPressureHandler::respondToMemoryPressure):
        (WebCore::MemoryPressureHandler::platformReleaseMemory):
        (WebCore::MemoryPressureHandler::ReliefLogger::platformLog):
        (WebCore::MemoryPressureHandler::ReliefLogger::platformMemoryUsage): read /proc/self/status
        to get VM amount used by current process.

2014-12-12  Simon Fraser  <simon.fraser@apple.com>

        Layer borders on contentsLayers don't correctly toggle with the rest of the borders
        https://bugs.webkit.org/show_bug.cgi?id=139570
        rdar://problem/18007746

        Reviewed by Tim Horton.
        
        The "Show Debug Borders" toggle didn't cleanly remove layer borders from
        content layers (image, video), nor did it deal with cloned layers (reflections).
        
        Fix by making updateDebugBorder() update the layer borders on the contents
        layer and cloned layers, moving some code around to avoid having colors
        in more than one place. If the borders are hidden, send an invalid color
        to PlatformCALayer::setBorderColor(), which now knows to remove the color
        property on the layer (to avoid leaving transparent border color properties
        on CALayers).

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::setLayerDebugBorder):
        (WebCore::contentsLayerDebugBorderColor):
        (WebCore::cloneLayerDebugBorderColor):
        (WebCore::GraphicsLayerCA::updateDebugBorder):
        (WebCore::GraphicsLayerCA::setDebugBorder):
        * platform/graphics/ca/mac/PlatformCALayerMac.mm:
        (PlatformCALayerMac::setBorderColor):

2014-12-11  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Crash when trying to inspect LocalStorage
        https://bugs.webkit.org/show_bug.cgi?id=139573

        Reviewed by Anders Carlsson.

        Move away from PageGroup::localStorage and instead to StorageNamespaceProvider.
        This matches what DOMWindow::localStorage does to get the StorageArea for a document.

        * inspector/InspectorDOMStorageAgent.cpp:
        (WebCore::InspectorDOMStorageAgent::findStorageArea):

2014-12-11  Simon Fraser  <simon.fraser@apple.com>

        Transform-style should not kill position:fixed
        https://bugs.webkit.org/show_bug.cgi?id=138122

        Reviewed by Dean Jackson.
        
        Various bits of rendering code checked RenderObject::hasTransform() for various
        reasons. Confusingly, this meant "has transform, or preserve-3d, or perspective".
        
        This patch teases those behaviors apart to produce the following behavior:
        
        1. "transform" acts as containing block for fixed position (no behavior change).
        2. "transform" acts as containing block for absolute/relative position (no behavior change).
        3. "perspective" does not act as containing block for fixed position (no behavior change).
        4. "perspective" acts as containing block for absolute/relative position (no behavior change).
        5. "preserve-3d" does not act as containing block for fixed position (behavior change).
        6. "preserve-3d" acts as containing block for absolute/relative position. This is not a
        behavior change, but seems like incorrect behavior (https://www.w3.org/Bugs/Public/show_bug.cgi?id=27566).
        However, we may be forced to keep it for compatibility.
        
        The gist of the change is to rename RenderObject::hasTransform() to RenderObject::hasTransformRelatedProperty(),
        and add hasTransform() with the more restrictive meaning. All call sites of hasTransform() were examined
        and fixed to produce the desired behaviors.

        Tests: transforms/2d/perspective-not-fixed-container.html
               transforms/2d/preserve3d-not-fixed-container.html
               transforms/perspective-is-containing-block-for-absolute.html
               transforms/preserve3d-is-containing-block-for-absolute.html
               transforms/transform-is-containing-block-for-absolute.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::computedTransform): Now we can just test hasTransform().
        * rendering/LogicalSelectionOffsetCaches.h:
        (WebCore::isContainingBlockCandidateForAbsolutelyPositionedObject): For now, this
        can just use hasTransformRelatedProperty(), but if we change [6] above this will have
        to change (as documented in the comment). Also FIXME comments about sharing code.
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::updateFromStyle):
        (WebCore::RenderBox::mapLocalToContainer): Can just use hasTransform() now.
        (WebCore::RenderBox::pushMappingToContainer): Ditto.
        (WebCore::RenderBox::mapAbsoluteToLocalPoint): Ditto.
        (WebCore::RenderBox::layoutOverflowRectForPropagation): Ditto.
        * rendering/RenderBox.h: All transform-related properties create RenderLayers.
        * rendering/RenderBoxModelObject.h: Ditto.
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::styleWillChange):
        * rendering/RenderGeometryMap.cpp:
        (WebCore::canMapBetweenRenderersViaLayers): Rename to clarify. We need to not map via
        layers if we have a perspective (since we need to generate a perspective matrix). It's
        OK with preserve-3d though.
        (WebCore::RenderGeometryMap::pushMappingsToAncestor):
        (WebCore::canMapBetweenRenderers): Deleted.
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::updateFromStyle):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::updateTransform): Can just check hasTransform().
        (WebCore::RenderLayer::updateLayerPosition): Avoid calling parent() and enclosingPositionedAncestor() twice.
        (WebCore::RenderLayer::perspectiveTransform): Do the fast bit check hasTransformRelatedProperty() first.
        (WebCore::RenderLayer::perspectiveOrigin): Ditto.
        (WebCore::isContainerForPositioned): This code has to now have different behavior for absolute and fixed
        position. Changed it to call existing functions, rather than having a 3rd place that has to know about
        containing block rules.
        (WebCore::RenderLayer::enclosingAncestorForPosition): Call isContainerForPositioned() now.
        (WebCore::accumulateOffsetTowardsAncestor): Call enclosingAncestorForPosition().
        (WebCore::RenderLayer::createLocalTransformState):
        (WebCore::RenderLayer::calculateClipRects):
        (WebCore::isPositionedContainer): Deleted.
        (WebCore::isFixedPositionedContainer): Deleted.
        (WebCore::RenderLayer::enclosingPositionedAncestor): Deleted.
        * rendering/RenderLayer.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateGeometry):
        * rendering/RenderLayerModelObject.cpp:
        (WebCore::RenderLayerModelObject::styleDidChange):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::shouldUseTransformFromContainer): Can just check hasTransform() now.
        (WebCore::RenderObject::container):
        * rendering/RenderObject.h:
        (WebCore::RenderObject::hasTransformRelatedProperty):
        (WebCore::RenderObject::hasTransform):
        (WebCore::RenderObject::setHasTransformRelatedProperty):
        (WebCore::RenderObject::RenderObjectBitfields::RenderObjectBitfields):
        (WebCore::RenderObject::setHasTransform): Deleted.
        * rendering/RenderTableRow.h:
        * rendering/RenderView.cpp:
        (WebCore::RenderView::mapLocalToContainer): nullptr goodness.
        (WebCore::RenderView::pushMappingToContainer): Ditto.
        (WebCore::RenderView::mapAbsoluteToLocalPoint): Ditto.

2014-12-11  Rich Tibbett <rich.tibbett@gmail.com>

        [iOS] Normalize iOS DeviceOrientation beta/gamma per spec.
        https://bugs.webkit.org/show_bug.cgi?id=137134
        <radr://problem/9414459>

        Reviewed by Benjamin Poulain.

        Normalize DeviceOrientation beta and gamma on iOS to match the
        conventions defined in the W3C DeviceOrientation Events specification.

        beta values are returned in the range [-180, 180). gamma values are
        returned in the range [-90, 90).

        * platform/ios/WebCoreMotionManager.mm:

2014-12-11  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r177081.
        https://bugs.webkit.org/show_bug.cgi?id=139569

        broke iOS video playback (Requested by eric_carlson on
        #webkit).

        Reverted changeset:

        "Fix iOS builders for 8.0"
        https://bugs.webkit.org/show_bug.cgi?id=139495
        http://trac.webkit.org/changeset/177081

2014-12-11  Roger Fong  <roger_fong@apple.com>

        Unreviewed. Fix to build fix in r177134.

        * html/canvas/WebGLDrawBuffers.cpp: iOS should query the system for GL extension availability.

2014-12-10  Roger Fong  <roger_fong@apple.com>

        Implement frag depth as a WebGL 1 extension.
        https://bugs.webkit.org/show_bug.cgi?id=133635.
        <rdar://problem/19195381>

        Reviewed by Dean Jackson.

        Test:
        webgl/1.0.3/conformance/extensions/ext-frag-depth.html

        Spec for this extension outlined here:
        http://www.khronos.org/registry/webgl/extensions/EXT_frag_depth/

        * CMakeLists.txt:
        * DerivedSources.cpp:
        * DerivedSources.make:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSWebGLRenderingContextCustom.cpp:
        (WebCore::toJS):
        * html/canvas/EXTFragDepth.cpp: Added.
        (WebCore::EXTFragDepth::EXTFragDepth):
        (WebCore::EXTFragDepth::~EXTFragDepth):
        (WebCore::EXTFragDepth::getName):
        * html/canvas/EXTFragDepth.h: Added.
        * html/canvas/EXTFragDepth.idl: Added.
        * html/canvas/WebGLExtension.h:
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::getExtension):
        (WebCore::WebGLRenderingContext::getSupportedExtensions):
        * html/canvas/WebGLRenderingContext.h:
        * platform/graphics/opengl/Extensions3DOpenGL.cpp:
        (WebCore::Extensions3DOpenGL::supportsExtension):
        * platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:
        (WebCore::Extensions3DOpenGLCommon::ensureEnabled):

2014-12-11  Chris Dumez  <cdumez@apple.com>

        Optimize RenderElement::rendererForRootBackground() a bit
        https://bugs.webkit.org/show_bug.cgi?id=139527

        Reviewed by Andreas Kling.

        Optimize RenderElement::rendererForRootBackground() a bit by not
        calling Document::body(). We are only interested in the child element
        with a <body> tag. However, Document::body() first checks if a
        <frameset> child is present.

        No new tests, no behavior change.

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::rendererForRootBackground):

2014-12-11  Brendan Long  <b.long@cablelabs.com>

        Remove DataCue "text" attribute
        https://bugs.webkit.org/show_bug.cgi?id=139461

        Reviewed by Eric Carlson.

        * html/track/DataCue.cpp:
        * html/track/DataCue.h:
        * html/track/DataCue.idl:

2014-12-11  Alexey Proskuryakov  <ap@apple.com>

        Initialize m_ownsGeneratedFile when decoding a FormDataElement
        https://bugs.webkit.org/show_bug.cgi?id=139566

        Reviewed by Tim Horton.

        No tests, because it's random, and I couldn't reproduce an assertion failure in
        controlled circumstances.

        * platform/network/FormData.h: (WebCore::FormDataElement::decode): A newly created
        FormDataElement by definition doesn't own the file.

2014-12-11  Anders Carlsson  <andersca@apple.com>

        Fix Windows build.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:

2014-12-11  Timothy Horton  <timothy_horton@apple.com>

        Fix the build.

        * platform/spi/mac/NSImmediateActionGestureRecognizerSPI.h:

2014-12-11  Timothy Horton  <timothy_horton@apple.com>

        Fix the build.

        * platform/spi/mac/NSImmediateActionGestureRecognizerSPI.h:

2014-12-11  Timothy Horton  <timothy_horton@apple.com>

        Move the preview popover to WKImmediateActionController
        https://bugs.webkit.org/show_bug.cgi?id=139560
        <rdar://problem/19208291>

        Reviewed by Beth Dakin.

        * platform/spi/mac/NSImmediateActionGestureRecognizerSPI.h:
        Add some requisite SPI.

2014-12-11  Jer Noble  <jer.noble@apple.com>

        [Mac] Crash in -[WebVideoFullscreenHUDWindowController playing] in WK1 clients without FULLSCREEN_API enabled.
        https://bugs.webkit.org/show_bug.cgi?id=139546

        Reviewed by Eric Carlson.

        Finish the work started by r173230 and rename mediaElement -> videoElement in WebVideoFullscreenHUDWindowController.

        * platform/mac/WebVideoFullscreenHUDWindowController.h:
        * platform/mac/WebVideoFullscreenHUDWindowController.mm:
        (-[WebVideoFullscreenHUDWindowController endScrubbing]):
        (-[WebVideoFullscreenHUDWindowController timelinePositionChanged:]):
        (-[WebVideoFullscreenHUDWindowController currentTime]):
        (-[WebVideoFullscreenHUDWindowController setCurrentTime:]):
        (-[WebVideoFullscreenHUDWindowController duration]):
        (-[WebVideoFullscreenHUDWindowController decrementVolume]):
        (-[WebVideoFullscreenHUDWindowController incrementVolume]):
        (-[WebVideoFullscreenHUDWindowController volume]):
        (-[WebVideoFullscreenHUDWindowController setVolume:]):
        (-[WebVideoFullscreenHUDWindowController playing]):
        (-[WebVideoFullscreenHUDWindowController setPlaying:]):
        (-[WebVideoFullscreenHUDWindowController remainingTimeText]):
        (-[WebVideoFullscreenHUDWindowController elapsedTimeText]):
        (-[WebVideoFullscreenHUDWindowController rewind:]):
        (-[WebVideoFullscreenHUDWindowController fastForward:]):

2014-12-11  Anders Carlsson  <andersca@apple.com>

        Fix iOS build.

        * storage/StorageTracker.cpp:
        (WebCore::StorageTracker::syncDeleteAllOrigins):

2014-12-11  Anders Carlsson  <andersca@apple.com>

        Stop using SQLiteFileSystem in the storage code
        https://bugs.webkit.org/show_bug.cgi?id=139549

        Reviewed by Sam Weinig.

        Just inline the SQLiteFileSystem calls into their respective call sites.
        This is more preparation for moving the old storage code into WebKit proper.

        * storage/StorageAreaSync.cpp:
        (WebCore::StorageAreaSync::deleteEmptyDatabase):
        * storage/StorageTracker.cpp:
        (WebCore::StorageTracker::trackerDatabasePath):
        (WebCore::ensureDatabaseFileExists):
        (WebCore::StorageTracker::openTrackerDatabase):
        (WebCore::truncateDatabaseFile):
        (WebCore::StorageTracker::syncDeleteAllOrigins):
        (WebCore::StorageTracker::syncDeleteOrigin):
        (WebCore::StorageTracker::diskUsageForOrigin):

2014-12-11  Alexey Proskuryakov  <ap@apple.com>

        Unreviewed, rolling out r177155.

        Caused crashes on webarchive tests.

        Reverted changeset:

        "[SVG Masking] Enable the use of <mask> elements for -webkit-
        mask-image"
        https://bugs.webkit.org/show_bug.cgi?id=139294
        http://trac.webkit.org/changeset/177155

2014-12-11  Anders Carlsson  <andersca@apple.com>

        Call StorageThread::releaseFastMallocFreeMemoryInAllThreads from WebKit
        https://bugs.webkit.org/show_bug.cgi?id=139547

        Reviewed by Sam Weinig.

        This is another step towards moving StorageThread (and friends) to WebKit.

        * WebCore.exp.in:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::releaseMemory):

2014-12-11  Said Abou-Hallawa  <sabouhallawa@apple.com>

        ASSERTION FAILED: animatedTypes[0].properties.size() == 1 in WebCore::SVGAnimatedTypeAnimator::constructFromBaseValue.
        https://bugs.webkit.org/show_bug.cgi?id=139046.

        Reviewed by Dirk Schulze.

        Test: svg/animations/unsupported-animate-element-attributes.svg.
        
        The SVG base animator element should not animate an attribute if it is not
        supported by the target SVG element. Besides the CSS presentation attributes, 
        every SVG element defines which attributes can be animated by including them
        between BEGIN_DECLARE_ANIMATED_PROPERTIES and END_DECLARE_ANIMATED_PROPERTIES
        in the definition of the class. This definition builds attribute-properties map.
        When restarting the animation, the animator looks for all the attributes that
        match the animated attribute name. If the supported attribute-properties map
        does not include the animated attribute name, an empty element-properties list
        should be returned. When getting an empty element-properties list, the animator
        should not start any animation for the unsupported attribute.

        Do not start the animation if the animated attribute is not supported by 
        the target SVG element.
        * svg/SVGAnimateElementBase.cpp:
        (WebCore::SVGAnimateElementBase::resetAnimatedType):
        
        Return an empty element-properties list if the animated attribute is not
        supported by the target SVG element.
        * svg/SVGAnimatedTypeAnimator.cpp:
        (WebCore::SVGAnimatedTypeAnimator::findAnimatedPropertiesForAttributeName):

2014-12-10  Dean Jackson  <dino@apple.com>

        InstancedArray crashes attempting to draw out of bounds
        https://bugs.webkit.org/show_bug.cgi?id=139521

        Reviewed by Simon Fraser.

        We were not doing index validation correctly for instancing.

        Test: fast/canvas/webgl/angle-instanced-arrays-out-of-bounds.html

        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::validateVertexAttributes): We need to check
        the number of instances drawn against the amount of instance data that has
        been provided, taking into account the number of repeats (the divisor).
        (WebCore::WebGLRenderingContext::drawArrays): Added some whitespace to make it more clear.
        (WebCore::WebGLRenderingContext::validateDrawElements): This needs to take a primcount
        parameter so that it can correctly validate the call (when used from drawElementsInstanced).
        (WebCore::WebGLRenderingContext::drawElements): New signature to validate.
        (WebCore::WebGLRenderingContext::drawArraysInstanced): Rearrange this a bit. The
        primcount validation is already being done by the validateDrawArrays call. Also, there
        was a bogus UNUSED_PARAM hanging around.
        (WebCore::WebGLRenderingContext::drawElementsInstanced): Similar rearrangement. Use
        the primcount parameter.
        * html/canvas/WebGLRenderingContext.h:

2014-12-11  Radu Stavila  <stavila@adobe.com>

        [SVG Masking] Enable the use of <mask> elements for -webkit-mask-image
        https://bugs.webkit.org/show_bug.cgi?id=139294

        Reviewed by Simon Fraser.

        This patch links together all parts required for the functionality which improves 
        the -webkit-mask-image property by allowing it to reference a <mask> element defined 
        in an inline or external SVG document.
        Support for this new functionality has been added in a previous patch, under issue
        https://bugs.webkit.org/show_bug.cgi?id=139092. A more detailed description of how
        the new functionality works can be found in the ChangeLog for that commit.
        The containsSVGDocument in ScrollView has been removed because it was added in the
        previous patch but is no longer required.

        Tests: css3/masking/mask-base64.html
               css3/masking/mask-multiple-values.html
               css3/masking/mask-svg-clipped-fragmentId.html
               css3/masking/mask-svg-fragmentId.html
               css3/masking/mask-svg-inline-fragmentId.html
               css3/masking/mask-svg-inline-invalid-fragmentId.html
               css3/masking/mask-svg-invalid-fragmentId.html
               css3/masking/mask-svg-no-fragmentId-tiled.html
               css3/masking/mask-svg-no-fragmentId.html
               css3/masking/mask-svg-script-entire-svg-to-mask.html
               css3/masking/mask-svg-script-mask-to-entire-svg.html
               css3/masking/mask-svg-script-mask-to-none.html
               css3/masking/mask-svg-script-mask-to-png.html
               css3/masking/mask-svg-script-none-to-mask.html
               css3/masking/mask-svg-script-none-to-png.html
               css3/masking/mask-svg-script-png-to-mask.html
               css3/masking/mask-svg-script-png-to-none.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseFillShorthand):
        (WebCore::CSSParser::parseFillProperty):
        (WebCore::CSSParser::parseMaskImage):
        * css/CSSParser.h:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustStyleForMaskImages):
        (WebCore::StyleResolver::applyProperty):
        (WebCore::StyleResolver::loadPendingSVGDocuments):
        (WebCore::StyleResolver::createMaskImageOperations):
        (WebCore::StyleResolver::loadPendingImages):
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::blendFunc):
        (WebCore::MaskImagePropertyWrapper::MaskImagePropertyWrapper):
        (WebCore::MaskImagePropertyWrapper::equals):
        (WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):
        * platform/graphics/MaskImageOperation.cpp:
        (WebCore::MaskImageOperation::~MaskImageOperation):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::maskClipRect):
        * rendering/RenderBox.h:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        (WebCore::RenderBoxModelObject::calculateFillTileSize):
        (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::~RenderElement):
        (WebCore::RenderElement::updateFillImages):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLayer.h:
        * rendering/style/FillLayer.h:
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::setMaskImage):
        * rendering/style/RenderStyle.h:

2014-12-09  Jeremy Jones  <jeremyj@apple.com>

        Restore interface state when stopping optimized fullscreen.
        https://bugs.webkit.org/show_bug.cgi?id=139465

        Reviewed by Simon Fraser.

        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (-[WebVideoFullscreenController fullscreenMayReturnToInline:]): add empty implementation.
        * platform/ios/WebVideoFullscreenInterfaceAVKit.h: add declaration
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::enterFullscreen): restore interface context when optimized mode ends.
        (WebVideoFullscreenInterfaceAVKit::setIsOptimized): restore interface context when optimized mode ends.

2014-12-11  Anders Carlsson  <andersca@apple.com>

        Remove unused storage header includes
        https://bugs.webkit.org/show_bug.cgi?id=139540

        Reviewed by Antti Koivisto.

        * storage/StorageAreaImpl.cpp:
        * storage/StorageAreaSync.cpp:
        * storage/StorageNamespaceImpl.cpp:
        (WebCore::StorageNamespaceImpl::localStorageNamespace): Deleted.
        (WebCore::StorageNamespaceImpl::sessionStorageNamespace): Deleted.
        (WebCore::StorageNamespaceImpl::transientLocalStorageNamespace): Deleted.
        * storage/StorageNamespaceImpl.h:
        * storage/StorageSyncManager.cpp:
        * storage/StorageThread.cpp:
        * storage/StorageTracker.cpp:

2014-12-11  Alexey Proskuryakov  <ap@apple.com>

        REGRESSION (Async Text Input): Text input method state is not reset when reloading a page
        https://bugs.webkit.org/show_bug.cgi?id=139504
        rdar://problem/19034674

        Reviewed by Enrica Casucci.

        Explicitly notify EditorClient when a composition is voluntarily canceled by WebCore.
        These are almost certainly not all the places where this happens, but this fixes the bug,
        and lays the groundwork for using this new client call instead of didChangeSelection
        hacks.

        * editing/Editor.cpp:
        (WebCore::Editor::clear):
        (WebCore::Editor::cancelComposition):
        * loader/EmptyClients.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::willTransitionToCommitted):
        * page/EditorClient.h:

2014-12-10  Anders Carlsson  <andersca@apple.com>

        Get rid of the storage strategy
        https://bugs.webkit.org/show_bug.cgi?id=139519

        Reviewed by Antti Koivisto.

        * CMakeLists.txt:
        * WebCore.exp.in:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::localStorage):
        * page/Page.cpp:
        (WebCore::Page::Page):
        (WebCore::Page::~Page):
        (WebCore::Page::sessionStorage):
        (WebCore::Page::setStorageNamespaceProvider):
        * page/Page.h:
        (WebCore::Page::storageNamespaceProvider):
        * page/PageGroup.cpp:
        (WebCore::PageGroup::localStorage):
        (WebCore::PageGroup::transientLocalStorage):
        * platform/PlatformStrategies.h:
        (WebCore::PlatformStrategies::PlatformStrategies):
        (WebCore::PlatformStrategies::storageStrategy): Deleted.
        * storage/StorageNamespace.cpp: Removed.
        * storage/StorageNamespace.h:
        * storage/StorageStrategy.cpp: Removed.
        * storage/StorageStrategy.h: Removed.

2014-12-11  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Move click counter logic back to WebKitWebViewBase
        https://bugs.webkit.org/show_bug.cgi?id=137685

        Reviewed by Martin Robinson.

        Remove GtkClickCounter.

        * PlatformGTK.cmake:
        * platform/gtk/GtkClickCounter.cpp: Removed.
        * platform/gtk/GtkClickCounter.h: Removed.

2014-12-11  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Implement sizes attribute for link tag
        https://bugs.webkit.org/show_bug.cgi?id=125775

        Reviewed by Martin Robinson.

        * bindings/gobject/WebKitDOMCustom.cpp:
        (webkit_dom_html_link_element_set_sizes): Add custom setter implementation.
        * bindings/gobject/WebKitDOMCustomUnstable.h:
        * bindings/js/JSHTMLLinkElementCustom.cpp:
        (WebCore::JSHTMLLinkElement::sizes): Remove custom getter implementation.
        * bindings/scripts/CodeGeneratorGObject.pm:
        (HasUnstableCustomAPI): Mark WebKitDOMHTMLLinkElement as having custom unstable API.
        * html/HTMLLinkElement.idl: Mark sizes attribute as CustomSetter
        instead of Custom, since the getter can be autogenerated, and make
        it available to the GObject DOM bindings too.

2014-12-10  Chris Dumez  <cdumez@apple.com>

        http://omfgdogs.info/ only animates when you resize the window
        https://bugs.webkit.org/show_bug.cgi?id=139435
        <rdar://problem/19190493>

        Reviewed by Simon Fraser.

        After r163928, we would fail to animate a gif if:
        - it is used as a background image of a 0-height html element
        - it is used as a background image of a 0-height body element whose
          background is delegated to the root (because the root has no
          background).

        This is because in such cases, shouldRepaintForImageAnimation()
        should use the background rect instead of the renderer's overflow
        rect to determine if the image is inside the viewport. Both cases
        are addressed in this patch.

        Tests: fast/images/animated-gif-body-delegated-background-image.html
               fast/images/animated-gif-body-outside-viewport.html
               fast/images/animated-gif-html-background-image.html

        * rendering/RenderElement.cpp:
        (WebCore::shouldRepaintForImageAnimation):
        * testing/Internals.cpp:
        (WebCore::Internals::hasPausedImageAnimations):
        * testing/Internals.h:
        * testing/Internals.idl:

2014-12-10  Timothy Horton  <timothy_horton@apple.com>

        Fix the build.

        * html/canvas/WebGLDrawBuffers.cpp:
        Yosemite is 101000, not 10100.
        Also, __MAC_OS_X_VERSION_MIN_REQUIRED is only defined for PLATFORM(MAC).

2014-12-10  Zalan Bujtas  <zalan@apple.com>

        Continuously repainting large parts of Huffington Post.
        https://bugs.webkit.org/show_bug.cgi?id=139468

        Reviewed by Antti Koivisto.

        This patch eliminates redundant repaint requests for inlines when neither the parent
        block flow nor any of the inline children are dirty.
        Previously,
        1. simple line layout always recalculated inline content positions regardless of whether
        the content needed relayout at all; as a result, it always triggered full repaint.
        2. inline tree layout ignored the needslayout flag on the last line and treated it dirty
        (unless it broke cleanly (<div>foo<br></div>)).
        This was an ancient workaround for an editing/insert use case, but it seems not to be the case anymore.

        Tests: fast/repaint/implicitly-positioned-block-repaint-complex-line-layout.html
               fast/repaint/implicitly-positioned-block-repaint-simple-line-layout.html

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::layoutInlineChildren):
        (WebCore::RenderBlockFlow::layoutSimpleLines): Check if we need to trigger layout at all.
        * rendering/RenderBlockFlow.h:
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlockFlow::determineStartPosition): Remove the last line dirty hack. If it
        happens to introduce regression, we should fix it at the caller site to make the line dirty.

2014-12-10  Anders Carlsson  <andersca@apple.com>

        Add an empty storage namespace provider
        https://bugs.webkit.org/show_bug.cgi?id=139520

        Reviewed by Tim Horton.

        * loader/EmptyClients.cpp:
        (WebCore::fillWithEmptyClients):

2014-12-10  Beth Dakin  <bdakin@apple.com>

        Speculative build fix.

        * platform/spi/mac/NSImmediateActionGestureRecognizerSPI.h:

2014-12-10  Beth Dakin  <bdakin@apple.com>

        WK2: Add initial support for immediate actions
        https://bugs.webkit.org/show_bug.cgi?id=139511

        Reviewed by Tim Horton.

        SPI needed for immediate actions.
        * WebCore.xcodeproj/project.pbxproj:
        * platform/spi/mac/NSImmediateActionGestureRecognizerSPI.h: Added.

2014-12-10  Martin Hock  <mhock@apple.com>

        [iOS] Add setting to ignore viewport scaling constraints
        https://bugs.webkit.org/show_bug.cgi?id=139466
        <rdar://problem/19200328>

        Reviewed by Benjamin Poulain.

        * WebCore.exp.in:
        * page/Settings.in: Add setting to ignore viewport scaling constraints.
        * page/ViewportConfiguration.cpp: Ignore viewport scaling constraints based on preference.
        (WebCore::ViewportConfiguration::initialScale):
        (WebCore::ViewportConfiguration::minimumScale):
        (WebCore::ViewportConfiguration::allowsUserScaling):
        * page/ViewportConfiguration.h:
        (WebCore::ViewportConfiguration::setIgnoreScalingConstraints):
        (WebCore::ViewportConfiguration::allowsUserScaling): Moved to cpp.

2014-12-10  Andreas Kling  <akling@apple.com>

        Speculative fix for assertion "frame().view() == this"
        <rdar://problem/18419449>

        Rubber-stamped by Anders Carlsson.

        I have not reproduced this issue, but we can safely ignore animation
        notifications for cached pages.

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::newImageAnimationFrameAvailable):

2014-12-10  Anders Carlsson  <andersca@apple.com>

        Add session storage handling to StorageNamespaceProvider
        https://bugs.webkit.org/show_bug.cgi?id=139507

        Reviewed by Tim Horton.

        * page/Page.cpp:
        (WebCore::Page::sessionStorage):
        * storage/StorageNamespaceProvider.h:

2014-12-10  Roger Fong  <roger_fong@apple.com>

        Unreviewed. Follow-up patch to r177099.
        https://bugs.webkit.org/show_bug.cgi?id=133634
        <rdar://problem/15949588>

        Enable GL_EXT_draw_buffers on iOS as well.
        * platform/graphics/opengl/Extensions3DOpenGL.cpp:
        (WebCore::Extensions3DOpenGL::supportsExtension):

2014-12-10  Roger Fong  <roger_fong@apple.com>

        Implement Multiple Render Targets as WebGL 1 extension.
        https://bugs.webkit.org/show_bug.cgi?id=133634.
        <rdar://problem/15949588>

        Reviewed by Brent Fulgham.

        Tested by:
        webgl/1.0.3/conformance/extensions/webgl-draw-buffers.html

        Enable the implementation now that an underlying driver bug has been resolved.
        Do not enable for desktop platforms older that OS X 10.10.
        * html/canvas/WebGLDrawBuffers.cpp:
        (WebCore::WebGLDrawBuffers::supported):

2014-12-10  Ryosuke Niwa  <rniwa@webkit.org>

        REGRESSION(r164329): Input fields are not honoring the maxlength attribute
        https://bugs.webkit.org/show_bug.cgi?id=139447

        Reviewed by Benjamin Poulain.

        The bug was caused by String::substring being called with the selection's end offset
        in the second argument instead of the selection's length in handleBeforeTextInsertedEvent.

        Fixed the bug by passing the right second argument to String::substring.

        Test: fast/forms/input-maxlength-inserting-in-middle.html

        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::handleBeforeTextInsertedEvent):

2014-12-10  Anders Carlsson  <andersca@apple.com>

        Add a missing null check.

        * page/Page.cpp:
        (WebCore::Page::~Page):

2014-12-10  Antti Koivisto  <antti@apple.com>

        Crash when creating CSSCalcBinaryOperation
        https://bugs.webkit.org/show_bug.cgi?id=134886
        rdar://problem/17663561

        Reviewed by Chris Dumez.

        Test: fast/css/calc-binary-operation-crash.html

        * css/CSSCalculationValue.cpp:
        (WebCore::determineCategory):

        Ensure that both axis are within the addSubtractResult table.
        Remove unneeded CalcOther test. The call site guarantees it doesn't happen and the normal cases would handle it anyway.
        Also strengthen some asserts.

2014-12-10  Anders Carlsson  <andersca@apple.com>

        Add WebStorageNamespaceProvider::closeLocalStorage
        https://bugs.webkit.org/show_bug.cgi?id=139502

        Reviewed by Tim Horton.

        * page/Page.cpp:
        (WebCore::Page::~Page):
        Call StorageNamespaceProvider::removePage.

        * storage/StorageNamespaceProvider.h:
        (WebCore::StorageNamespaceProvider::optionalLocalStorageNamespace):
        Helper function that returns the local storage namespace if one exists.

2014-12-10  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] MathML tokens with text fail to expose their text content via AtkText
        https://bugs.webkit.org/show_bug.cgi?id=139454

        Reviewed by Chris Fleizach.

        Expose the text content of the element for non-anonymous RenderMathMLOperators.
        This is needed because for ATK we expose the rendered element itself; not the
        descendant text renderers. Also include MathML tokens as objects which should
        implement AtkText.

        Test: accessibility/math-text.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::textUnderElement):
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (getInterfaceMaskFromObject):

2014-12-10  Sebastian Dröge  <sebastian@centricular.com>

        [GStreamer] Use appsrcs instead of unconnected queues
        https://bugs.webkit.org/show_bug.cgi?id=139490

        Reviewed by Philippe Normand.

        * platform/audio/gstreamer/WebKitWebAudioSourceGStreamer.cpp:
        (webkit_web_audio_src_init):
        (webKitWebAudioSrcConstructed):
        (webKitWebAudioSrcFinalize):
        (webKitWebAudioSrcSetProperty):
        (webKitWebAudioSrcLoop):
        (webKitWebAudioSrcChangeState):
        Previously we directly chained buffers into unconnected queues,
        which confused some code inside GStreamer and caused some harmless
        warnings. Now we use appsrcs instead, which also allows us to remove
        quite some code.

2014-12-10  Enrica Casucci  <enrica@apple.com>

        Fix iOS builders for 8.0
        https://bugs.webkit.org/show_bug.cgi?id=139495

        Reviewed by Eric Carlson.

        * WebCore.exp.in:
        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (-[WebVideoFullscreenController enterFullscreen:mode:]):
        (-[WebVideoFullscreenController requestHideAndExitFullscreen]):
        (-[WebVideoFullscreenController enterFullscreen:]): Deleted.
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:


2014-12-10  peavo@outlook.com  <peavo@outlook.com>

        [Curl] Cache entry is sometimes deleted when request receives a not modified response.
        https://bugs.webkit.org/show_bug.cgi?id=139339

        Reviewed by Alex Christensen.

        Sometimes it happens that a request receives a not modified response,
        but the cache entry has already been deleted by another request.
        This can be avoided by locking a cache entry while there are pending
        requests for the cache entry's url.

        * platform/network/curl/CurlCacheEntry.h:
        (WebCore::CurlCacheEntry::addClient):
        (WebCore::CurlCacheEntry::removeClient):
        (WebCore::CurlCacheEntry::hasClients):
        * platform/network/curl/CurlCacheManager.cpp:
        (WebCore::CurlCacheManager::didReceiveResponse):
        (WebCore::CurlCacheManager::didFail):
        (WebCore::CurlCacheManager::addCacheEntryClient):
        (WebCore::CurlCacheManager::removeCacheEntryClient):
        * platform/network/curl/CurlCacheManager.h:
        * platform/network/curl/ResourceHandleManager.cpp:
        (WebCore::isHttpNotModified):
        (WebCore::headerCallback):
        (WebCore::ResourceHandleManager::initializeHandle):

2014-12-10  Sebastian Dröge  <sebastian@centricular.com>

        [GStreamer] Use a buffer pool for allocations in the AudioDestination
        https://bugs.webkit.org/show_bug.cgi?id=139487

        Reviewed by Philippe Normand.

        * platform/audio/gstreamer/WebKitWebAudioSourceGStreamer.cpp:
        (webKitWebAudioSrcLoop):
        (webKitWebAudioSrcChangeState):
        Use a buffer pool for the allocations instead of allocating a
        new small buffer for every 128 samples we produce.

2014-12-10  Martin Robinson  <mrobinson@igalia.com>

        [GTK] Add support for text-decoration-skip
        https://bugs.webkit.org/show_bug.cgi?id=131540

        Reviewed by Gustavo Noronha Silva.

        No new tests. This is covered by existing layout tests.

        * platform/graphics/cairo/FontCairo.cpp:
        (WebCore::GlyphIterationState): Added this class, a modified version of the Mac
        port's implementation.
        (WebCore::Font::dashesForIntersectionsWithRect): Ditto.
        * platform/graphics/cairo/FontCairoHarfbuzzNG.cpp:
        (WebCore::Font::getGlyphsAndAdvancesForComplexText): Added an implementation for
        HarfBuzz that just fills out the GlyphBuffer, but does not render it.
        (WebCore::Font::drawComplexText): Use the new getGlyphsAndAdvancesForComplexText
        in a similar way to the Mac port.
        * platform/graphics/harfbuzz/HarfBuzzShaper.cpp:
        (WebCore::HarfBuzzShaper::fillGlyphBufferFromHarfBuzzRun): We need to pass the current
        character index to GlyphBuffer:add since it's used by dashesForIntersectionsWithRect
        and otherwise it will be uninitialized when we try to access it.

2014-12-10  Andreas Kling  <akling@apple.com>

        REGRESSION(r177048) 11 failures on layout tests fast/selectors.
        <https://webkit.org/b/139483>

        Unreviewed fix for bots.

        When rolling out the broken change, I accidentally also rolled out
        a bug fix that Benjamin had made to sibling invalidation.
        Restore his implementation of nodeOrItsAncestorNeedsStyleRecalc().

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::nodeOrItsAncestorNeedsStyleRecalc):
        (WebCore::updateStyleIfNeededForNode):
        (WebCore::ComputedStyleExtractor::propertyValue):

2014-12-08  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] AudioSourceProvider support in the MediaPlayer
        https://bugs.webkit.org/show_bug.cgi?id=78883

        Reviewed by Gustavo Noronha Silva.

        GStreamer-based audio source provider for the GTK and EFL
        ports. This new component gathers decoded raw audio data from the
        MediaPlayer and pipes it to an AudioBus when required by the
        User Agent.

        * PlatformEfl.cmake: New files in the build.
        * PlatformGTK.cmake: Ditto.
        * platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp: Added.
        (WebCore::onAppsinkNewBufferCallback): Function called when a new
        buffer can be pulled from appsink.
        (WebCore::onGStreamerDeinterleavePadAddedCallback): Function
        called when a new source pad has been added to deinterleave.
        (WebCore::onGStreamerDeinterleaveReadyCallback): Function called
        when the deinterleave element completed the configuration of all
        its source pads.
        (WebCore::copyGstreamerBuffersToAudioChannel): Called for each
        channel of the AudioBus that needs data as input.
        (WebCore::AudioSourceProviderGStreamer::AudioSourceProviderGStreamer):
        Create an audio bin that by default routes buffers only to
        autoaudiosink. A new route is added if the provider has a client.
        (WebCore::AudioSourceProviderGStreamer::~AudioSourceProviderGStreamer):
        Clean buffer adapters and audio bin.
        (WebCore::AudioSourceProviderGStreamer::configureAudioBin):
        (WebCore::AudioSourceProviderGStreamer::provideInput): Transfer
        data from the buffer adapters to the bus channels.
        (WebCore::AudioSourceProviderGStreamer::handleAudioBuffer): Pull a
        buffer from appsink and queue it to the buffer adapter.
        (WebCore::AudioSourceProviderGStreamer::setClient): Complete the
        construction of the audio bin by adding a new chain to the tee
        element. This new chain will deinterleave the buffer stream to
        planar audio channels and route them to an appsink per channel for
        data extraction.
        (WebCore::AudioSourceProviderGStreamer::handleNewDeinterleavePad):
        A new appsink after a new source pad has been added to deinterleave.
        (WebCore::AudioSourceProviderGStreamer::deinterleavePadsConfigured):
        Configure the client Node format (number of channels and sample
        rate) once the provider knows how many audio channels are managed
        by the pipeline.
        (WebCore::cleanUpElementsAfterDeinterleaveSourcePadCallback):
        (WebCore::AudioSourceProviderGStreamer::cleanUpElementsAfterDeinterleaveSourcePad):
        Remove the elements after the given deinterleave source pad.
        (WebCore::AudioSourceProviderGStreamer::reset): Cleanup the
        deinterleave source pads. This is especially needed before the
        whole pipeline goes to NULL and later on prerolls again.
        * platform/audio/gstreamer/AudioSourceProviderGStreamer.h: Added.
        (WebCore::AudioSourceProviderGStreamer::create): Use this to
        create the provider and get an OwnPtr of it.
        (WebCore::AudioSourceProviderGStreamer::client): Provider client getter.
        (WebCore::AudioSourceProviderGStreamer::getAudioBin): Audio bin
        getter, used by the media player to configure its
        playbin::audio-sink property.
        * platform/graphics/gstreamer/GRefPtrGStreamer.cpp:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::MediaPlayerPrivateGStreamer):
        Provider life cycle management and reset the audio provider before
        going to NULL.
        (WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer): Ditto.
        (WebCore::MediaPlayerPrivateGStreamer::handlePluginInstallerResult): Ditto.
        (WebCore::MediaPlayerPrivateGStreamer::cancelLoad): Ditto.
        (WebCore::MediaPlayerPrivateGStreamer::didEnd): Ditto.
        (WebCore::MediaPlayerPrivateGStreamer::createAudioSink): Configure
        the audio source provider if needed.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        (WebCore::MediaPlayerPrivateGStreamer::audioSourceProvider):
        Provider getter, used by MediaPlayer and MediaElement.

2014-12-09  Myles C. Maxfield  <mmaxfield@apple.com>

        Scrolling to anchor tags does nothing in vertical-rl writing mode
        https://bugs.webkit.org/show_bug.cgi?id=137838

        Reviewed by David Hyatt.

        Scroll to a particular tag, and make sure the viewport is rendered as expected.

        Tests: fast/events/scroll-to-anchor-vertical-lr-writing-mode.html
               fast/events/scroll-to-anchor-vertical-writing-mode-contained-2.html
               fast/events/scroll-to-anchor-vertical-writing-mode-contained.html
               fast/events/scroll-to-anchor-vertical-writing-mode.html

        * page/FrameView.cpp:
        (WebCore::FrameView::scrollToAnchor):
        * rendering/ScrollBehavior.cpp:
        * rendering/ScrollBehavior.h:

2014-12-09  Bem Jones-Bey  <bjonesbe@adobe.com>

        REGRESSION(r155906): Page content disappears on Tuaw article after loading
        https://bugs.webkit.org/show_bug.cgi?id=138100

        Reviewed by Simon Fraser.

        Test: ManualTests/float-layer-not-painting.html

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::insertFloatingObject): If a layout happens,
        it can change whether the float's renderer has a self painting layer.
        So in that case, we need to update the flag on the FloatingObject
        instance for that float.

2014-12-09  Andreas Kling  <akling@apple.com>

        Roll out r165076.
        <rdar://problem/18490587>

        This change broke selection when editing Confluence wiki pages.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::nodeOrItsAncestorNeedsStyleRecalc):
        (WebCore::ComputedStyleExtractor::propertyValue):
        * dom/Document.cpp:
        (WebCore::nodeOrItsAncestorNeedsStyleRecalc): Deleted.
        (WebCore::Document::updateStyleIfNeededForNode): Deleted.
        * dom/Document.h:
        * editing/htmlediting.cpp:
        (WebCore::isEditablePosition):
        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::forwardEvent):

2014-12-09  Myles C. Maxfield  <mmaxfield@apple.com>

        Fix iOS build after r177035.

        Unreviewed.

        I accidentally added my line to WebCore.exp.in inside an
        #IF PLATFORM(MAC) block.

        * WebCore.exp.in:

2014-12-09  Jeremy Jones  <jeremyj@apple.com>

        Enable automatic optimized fullscreen mode.
        https://bugs.webkit.org/show_bug.cgi?id=139437

        Reviewed by Eric Carlson.

        Anticipate transition to optimized video fullscreen mode when entering background.

        * WebCore.exp.in:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::overrideBackgroundPlaybackRestriction): Add logic for automatic transition detection.
        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::mayAutomaticallyShowVideoOptimized): Add logic for automatic transition detection.

2014-12-09  Myles C. Maxfield  <mmaxfield@apple.com>

        Delete Node::boundingBox()
        https://bugs.webkit.org/show_bug.cgi?id=139333

        Conceptually, boundingBox() should be on RenderInline. In addition,
        Node::boundingBox() is completely broken for inline elements: it
        makes a rect from the top left of the first inline child to the
        bottom right of the last inline child, disregarding the intermediate
        inline children. This breaks with vertical text and with line
        breaks.

        What makes this problem worse is that some functions actually rely
        on this bad behavior. These functions are functions that use the
        Node's so-called "bounding box" to scroll to an anchor tag.

        This patch goes through all the call sites of Node::boundingBox(),
        and segregates them into calls that expect the true bounding box
        and calls that need this false bounding box. This patch then moves
        this false bounding box into RenderElement, using the name
        anchorRect(). Callers what want the correct bounding box have been
        updated to use RenderElement::absoluteBoundingBoxRect().

        Reviewed by Zalan Bujtas.

        No new tests because there should be no behavior change.

        * accessibility/AccessibilitySlider.cpp:
        (WebCore::AccessibilitySliderThumb::elementRect): Use
        RenderObject::absoluteBoundingBoxRect()
        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::getUpperLeftCorner): Deleted.
        (WebCore::ContainerNode::getLowerRightCorner): Deleted.
        (WebCore::ContainerNode::boundingBox): Deleted.
        * dom/ContainerNode.h:
        * dom/Element.cpp:
        (WebCore::Element::scrollIntoView): Use RenderElement::anchorRect().
        (WebCore::Element::scrollIntoViewIfNeeded): Ditto.
        (WebCore::Element::updateFocusAppearance): Ditto.
        * dom/Node.cpp:
        (WebCore::Node::boundingBox): Deleted.
        * dom/Node.h:
        (WebCore::Node::pixelSnappedBoundingBox): Deleted.
        * html/ColorInputType.cpp:
        (WebCore::ColorInputType::elementRectRelativeToRootView): Use
        RenderObject::absoluteBoundingBoxRect()
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::setupDateTimeChooserParameters): Ditto.
        * html/ValidationMessage.cpp:
        (WebCore::ValidationMessage::buildBubbleTree): Ditto.
        * page/FrameView.cpp:
        (WebCore::FrameView::scrollElementToRect): Use
        RenderElement::anchorRect().
        (WebCore::FrameView::scrollToAnchor): Ditto.
        * page/SpatialNavigation.cpp:
        (WebCore::nodeRectInAbsoluteCoordinates): Use
        RenderObject::absoluteBoundingBoxRect()
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::getUpperLeftCorner): Moved from ContainerNode.
        (WebCore::RenderElement::getLowerRightCorner): Moved from
        ContainerNode.
        (WebCore::RenderElement::anchorRect): Moved from ContainerNode.
        * rendering/RenderObject.h:
        * rendering/RenderText.cpp:
        (WebCore::RenderText::topOfFirstText): Helper for
        RenderElement::anchorRect()
        * rendering/RenderText.h:

2014-12-09  Antti Koivisto  <antti@apple.com>

        REGRESSION (r173272): When open PDF from Safari in iBooks, title is replaced to “QuickLookPDF-s72DbgAU-1”
        https://bugs.webkit.org/show_bug.cgi?id=139453
        rdar://problem/19052192

        Reviewed by Pratik Solanki.

        Pulling the suggested filename from the platform response returned null string on USE(CFNETWORK) code path
        if it was the first thing needed from it.

        * platform/network/cf/ResourceResponseCFNet.cpp:
        (WebCore::ResourceResponse::platformSuggestedFilename): Use the lazy accessor.

2014-12-09  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] MathML tokens, tables, and row-like elements are exposed with ATK_ROLE_UNKNOWN
        https://bugs.webkit.org/show_bug.cgi?id=139402

        Reviewed by Chris Fleizach.

        Expose tables and their children using existing table AtkRole types,
        token elements using the new ATK_ROLE_STATIC, and row-like elements
        using ATK_ROLE_PANEL. Also expose <mlabeledtr> as a math table row
        and <ms> as math text.

        No new tests; instead, added MathML elements to roles-exposed.html.

        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::isMathToken):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::isMathToken):
        (WebCore::AccessibilityRenderObject::isMathText):
        (WebCore::AccessibilityRenderObject::isMathTableRow):
        * accessibility/AccessibilityRenderObject.h:
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):
        * css/mathml.css:
        (ms, mi, mo, mrow, mfenced, mfrac, msub, msup, msubsup, mmultiscripts, mprescripts, none, munder, mover, munderover, msqrt, mroot, merror, mphantom, mstyle, menclose):
        (mi, mo, mrow, mfenced, mfrac, msub, msup, msubsup, mmultiscripts, mprescripts, none, munder, mover, munderover, msqrt, mroot, merror, mphantom, mstyle, menclose): Deleted.
        * mathml/mathtags.in:

2014-12-09  Dean Jackson  <dino@apple.com>

        [Apple] Use Accelerate framework to speed-up FEGaussianBlur
        https://bugs.webkit.org/show_bug.cgi?id=139310

        Unreviewed followup, after comments by Andreas Kling.

        It was pointed out that we already have a USE(ACCELERATE), so
        we don't need a HAVE(ACCELERATE) :)

        * platform/graphics/filters/FEGaussianBlur.cpp:
        (WebCore::FEGaussianBlur::platformApplyGeneric):
        (WebCore::FEGaussianBlur::platformApply):

2014-12-09  Alberto Garcia  <berto@igalia.com>

        Unreviewed. Style fix following r177019.

        Use nullptr instead of 0.

        * bindings/gobject/ConvertToUTF8String.cpp:
        (convertToUTF8String):

2014-12-09  Javier Fernandez  <jfernandez@igalia.com>

        Refactor of rebuildFloatingObjectSetFromIntrudingFloats function after r176957.
        https://bugs.webkit.org/show_bug.cgi?id=139445

        Reviewed by Darin Adler.

        The function rebuildFloatingObjectSetFromIntrudingFloats would be clearer if
        we use a helper function to locate the previous sibling with overhanging floats.

        These changes has been suggested as part of the patch review for bug #139150, which
        landed in r176957.

        No new tests, no behavior change.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::avoidsFloats):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::previousSiblingWithOverhangingFloats):
        (WebCore::RenderBlockFlow::rebuildFloatingObjectSetFromIntrudingFloats):
        * rendering/RenderBlockFlow.h:
        * rendering/RenderBox.h:
        (WebCore::RenderBox::isGridItem):

2014-12-09  Alberto Garcia  <berto@igalia.com>

        convertToUTF8String converts null string to empty string
        https://bugs.webkit.org/show_bug.cgi?id=133904

        Reviewed by Carlos Garcia Campos.

        Test added to Tools/TestWebKitAPI/Tests/WebKit2Gtk/DOMNodeTest.cpp

        Return 0 if the string is null.

        * bindings/gobject/ConvertToUTF8String.cpp:
        (convertToUTF8String):

2014-12-09  Jeremy Jones  <jeremyj@apple.com>

        When invalidating fullscreen, cancel instead of stop optimizedFullscfreen.
        https://bugs.webkit.org/show_bug.cgi?id=139145

        Reviewed by Eric Carlson.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::invalidate): call cancel instead of stop
        * platform/spi/ios/AVKitSPI.h: add -cancelOptimizedFullscreen.

2014-12-09  Alberto Garcia  <berto@igalia.com>

        [Media][GTK][EFL] Reduce style updates (painting) in controls
        https://bugs.webkit.org/show_bug.cgi?id=137773

        Reviewed by Carlos Garcia Campos.

        Don't update media controls if they are not visible, and
        initialize slider to a zero value.

        * Modules/mediacontrols/mediaControlsBase.js:
        (Controller.prototype.createControls):
        (Controller.prototype.handleDurationChange):
        (Controller.prototype.updateProgress):
        (Controller.prototype.updateTime):
        * Modules/mediacontrols/mediaControlsGtk.js:
        (ControllerGtk.prototype.updateTime):

2014-12-09  Sebastian Dröge  <sebastian@centricular.com>

        [GStreamer] Add video/mp2t as alternative mimetype for MPEG TS
        https://bugs.webkit.org/show_bug.cgi?id=139433

        Reviewed by Philippe Normand.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::mimeTypeCache):
        It's used e.g. on http://www.jwplayer.com/html5/mediasource/ .

2014-12-09  Jeremy Jones  <jeremyj@apple.com>

        Enable activating optimized fullscreen mode from standard fulscreen mode.
        https://bugs.webkit.org/show_bug.cgi?id=139137

        Reviewed by Jer Noble.

        Going from standard fullscreen mode to optimized fullscreen mode requires the ability to
        update the fullscreen mode in HTMLMediaElement and a new standard-and-optimized-fullscreen mode.

        This change KVO observes AVKit's optimizedFullscreenActive and forwards the change down to HTMLMediaElement so it can adjust behavior appropriately.
        It also hides the standard fullscreen window when going into this mode.
        When exiting fullscreen from standard-and-optimized, first exit fullscreen immediately, then stopOptimizedFullscreen, and notify of completion when
        optimizedFullscreen goes inactive.

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::fullscreenMode):
            Treat VideoFullscreenModeStandardAndOptimized as a kind of optimized mode.
        * WebCore.exp.in: New export for WebVideoFullscreenModelVideoElement::fullscreenModeChanged
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::displayType):
            Treat VideoFullscreenModeStandardAndOptimized as a kind of optimized mode.
        * html/HTMLMediaElement.h: Add new fullscreen mode.
        (WebCore::HTMLMediaElement::fullscreenModeChanged): Update fullscreen mode so it does optimized fullscreen mode behaviors when applicable.
        * platform/ios/WebVideoFullscreenInterfaceAVKit.h: Declare setOptimizedActive
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebAVVideoLayer setPlayerViewController:]): observe optimizedFullscreenActive
        (-[WebAVVideoLayer observeValueForKeyPath:ofObject:change:context:]): respond to changes to optimizedFullscreenActive
        (WebVideoFullscreenInterfaceAVKit::WebVideoFullscreenInterfaceAVKit): Init members.
        (WebVideoFullscreenInterfaceAVKit::playerController): 
            Give player controller a reference to the WebVideoFullscreenInterface so it can pass along mode change state.
        (WebVideoFullscreenInterfaceAVKit::enterFullscreen): Handle new fullscreen modes.
        (WebVideoFullscreenInterfaceAVKit::exitFullscreen): ditto
        (WebVideoFullscreenInterfaceAVKit::invalidate): ditto
        (WebVideoFullscreenInterfaceAVKit::requestHideAndExitFullscreen): ditto
        (WebVideoFullscreenInterfaceAVKit::setOptimizedActive): Handle changes to fullscreen mode.
            Also handle the case that exiting fullscreen happend when optimized mode ends.
        * platform/ios/WebVideoFullscreenModel.h: declare fullscreenModeChanged()
        * platform/ios/WebVideoFullscreenModelVideoElement.h: declare fullscreenModeChanged()
        * platform/ios/WebVideoFullscreenModelVideoElement.mm: add fullscreenModeChanged()
        (WebVideoFullscreenModelVideoElement::WebVideoFullscreenModelVideoElement): Init members.
        (WebVideoFullscreenModelVideoElement::fullscreenModeChanged): Added. Update video element fullscreen mode.

2014-12-08  Benjamin Poulain  <bpoulain@apple.com>

        Fix the iOS build after r177002

        * platform/graphics/opengl/Extensions3DOpenGL.cpp:
        (WebCore::Extensions3DOpenGL::supportsExtension):

2014-12-07  Roger Fong  <roger_fong@apple.com>

        Implementation EXT_sRGB as a WebGL1 extension.
        https://bugs.webkit.org/show_bug.cgi?id=109332.
        <rdar://problem/17363470>

        Reviewed by Dean Jackson.

        Tested by:
        webgl/1.0.3/conformance/webgl/ext-sRGB.html
        fast/canvas/webgl/constants.html

        This patch implements the SRGB extension for WebGL1.
        Details of the extension specification are outlined here: 
        https://www.khronos.org/registry/webgl/extensions/EXT_sRGB/

        * CMakeLists.txt:
        * DerivedSources.cpp:
        * DerivedSources.make:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSWebGLRenderingContextCustom.cpp:
        (WebCore::toJS):
        * html/canvas/EXTsRGB.cpp: Added.
        (WebCore::EXTsRGB::EXTsRGB):
        (WebCore::EXTsRGB::~EXTsRGB):
        (WebCore::EXTsRGB::getName):
        * html/canvas/EXTsRGB.h: Added.
        * html/canvas/EXTsRGB.idl: Added.
        * html/canvas/WebGLExtension.h:
        * html/canvas/WebGLFramebuffer.cpp:
        (WebCore::WebGLFramebuffer::checkStatus):
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::getExtension):
        (WebCore::WebGLRenderingContext::getFramebufferAttachmentParameter):
        (WebCore::WebGLRenderingContext::getSupportedExtensions):
        (WebCore::WebGLRenderingContext::renderbufferStorage):
        (WebCore::WebGLRenderingContext::validateTexFuncFormatAndType):
        * html/canvas/WebGLRenderingContext.h:
        * html/canvas/WebGLRenderingContext.idl:
        * platform/graphics/Extensions3D.h:
        * platform/graphics/GraphicsContext3D.cpp:
        (WebCore::GraphicsContext3D::computeFormatAndTypeParameters):
        (WebCore::GraphicsContext3D::getClearBitsByFormat):
        (WebCore::GraphicsContext3D::getChannelBitsByFormat):
        * platform/graphics/opengl/Extensions3DOpenGL.cpp:
        (WebCore::Extensions3DOpenGL::supportsExtension):
        * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
        (WebCore::GraphicsContext3D::texImage2D):

2014-12-08  Dean Jackson  <dino@apple.com>

        [Apple] Use Accelerate framework to speed-up FEGaussianBlur
        https://bugs.webkit.org/show_bug.cgi?id=139310
        <rdar://problem/18434594>

        Reviewed by Simon Fraser.

        Using Apple's Accelerate framework provides faster blurs
        than the parallel jobs approach, especially since r168577
        which started performing retina-accurate filters.

        Using Accelerate.framework to replace the existing box blur (what
        we use to approximate Gaussian blurs) gets about a 20% speedup on
        desktop class machines, but between a 2x-6x speedup on iOS hardware.
        Obviously this depends on the size of the content being blurred,
        but it is still good.

        The change is to intercept the platformApply function on
        FEGaussianBlur and send it off to Accelerate.

        There is an interactive performance test: PerformanceTests/Interactive/blur-filter-timing.html

        * platform/graphics/filters/FEGaussianBlur.cpp:
        (WebCore::kernelPosition): Move this to a file static function from the .h.
        (WebCore::accelerateBoxBlur): The Accelerate implementation.
        (WebCore::standardBoxBlur): The default generic/standard implementation.
        (WebCore::FEGaussianBlur::platformApplyGeneric): Use accelerate or the default form.
        (WebCore::FEGaussianBlur::platformApply): Don't try the parallelJobs approach if Accelerate is available.
        * platform/graphics/filters/FEGaussianBlur.h:
        (WebCore::FEGaussianBlur::kernelPosition): Deleted. Move into the .cpp.

2014-12-08  Beth Dakin  <bdakin@apple.com>

        Copy and Lookup menu items should be disabled when something is not copyable
        https://bugs.webkit.org/show_bug.cgi?id=139423

        Reviewed by Tim Horton.

        New function allowCopy() indicates whether the HitTestResult would allow itself to 
        be copied onto the pasteboard.
        * WebCore.exp.in:
        * rendering/HitTestResult.cpp:
        (WebCore::HitTestResult::allowsCopy):
        * rendering/HitTestResult.h:

2014-12-08  Chris Dumez  <cdumez@apple.com>

        Move 'text-shadow' check from RenderStyle::changeRequiresLayout() to changeAffectsVisualOverflow()
        https://bugs.webkit.org/show_bug.cgi?id=139420

        Reviewed by Simon Fraser.

        Move 'text-shadow' check from RenderStyle::changeRequiresLayout() to
        changeAffectsVisualOverflow(). This has no behavior change as
        changeRequiresLayout() calls changeAffectsVisualOverflow(). However,
        this is clearer as text-shadow affects the visual overflow (similarly
        to box-shadow).

        No new tests, no behavior change.

        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::changeAffectsVisualOverflow):
        (WebCore::RenderStyle::changeRequiresLayout):

2014-12-08  Anders Carlsson  <andersca@apple.com>

        Fix typo.

        * storage/StorageNamespaceImpl.cpp:
        (WebCore::localStorageNamespaceMap):

2014-12-08  Anders Carlsson  <andersca@apple.com>

        WebStorageNamespaceProvider should create StorageNamespaceImpls
        https://bugs.webkit.org/show_bug.cgi?id=139419

        Reviewed by Andreas Kling.

        * WebCore.exp.in:
        Export new symbols.

        * WebCore.xcodeproj/project.pbxproj:
        Make StorageNamespaceImpl.h a private header.

        * storage/StorageNamespaceImpl.cpp:
        (WebCore::localStorageNamespaceMap):
        Use NeverDestroyed.

        (WebCore::StorageNamespaceImpl::createSessionStorageNamespace):
        (WebCore::StorageNamespaceImpl::getOrCreateLocalStorageNamespace):
        Add new functions for creating namespaces.

        (WebCore::StorageNamespaceImpl::localStorageNamespace):
        (WebCore::StorageNamespaceImpl::sessionStorageNamespace):
        Call the new functions.

        * storage/StorageNamespaceImpl.h:
        Add new members, make sure to deprecate the ones we don't want anyone calling.

        * storage/StorageNamespaceProvider.cpp:
        (WebCore::StorageNamespaceProvider::localStorageNamespace):
        (WebCore::StorageNamespaceProvider::transientLocalStorageNamespace):
        * storage/StorageNamespaceProvider.h:
        Pass the quota when creating storage namespaces.

2014-12-08  Benjamin Poulain  <benjamin@webkit.org>

        Move the new :nth-child() and :nth-last-child() out of experimental
        https://bugs.webkit.org/show_bug.cgi?id=139329

        Reviewed by Andreas Kling.

        The code is stable.
        Feedback has only been positive.
        All the known issues have been reported to the CSS WG.

        The #ifdef don't really work anymore anyway for :nth-child() and :nth-last-child().

        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::selectorText):
        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):

2014-12-08  Benjamin Poulain  <bpoulain@apple.com>

        A selector should not match anything if there is a subselector after a non-scrollbar pseudo element
        https://bugs.webkit.org/show_bug.cgi?id=139336
        rdar://problem/19051623

        Reviewed by Andreas Kling.

        Tests: fast/css/duplicated-after-pseudo-element.html
               fast/css/duplicated-before-pseudo-element.html
               fast/css/simple-selector-after-pseudo-element.html

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::constructFragments):
        The code filtering out simple selectors was only considering
        the relation CSSSelector::SubSelector. That comes from SelectorChecker where
        the relation considered is the one from the previous selector.

        In this case, the relation is the extracted from the current simple selector,
        which is the relation with the following selector.

        When a single simple selector was following a pseudo element, the relation evaluated
        to descendant/adjacent/direct-adjacent and we were skipping the early return.
        That simple selector was evaluated as a regular filter on the element.

        In the CSS JIT, we can just remove that test altogether. Fragments are built one after
        the other. By definition, the evaluated simple selector belong to the current fragment.

2014-12-08  Benjamin Poulain  <benjamin@webkit.org>

        Fix the parsing of advanced :lang() after r176902
        https://bugs.webkit.org/show_bug.cgi?id=139379

        Reviewed by Andreas Kling.

        There were two mistakes that were only caught in debug:

        The lexer was not calling isIdentifierStart() before parseIdentifier().
        Some identifier we were parsing should have been invalid.
        This was caught with an assertion in parseIdentifier().

        The other issue is that we were accumulating pointer to freed memory.
        The tokenizer for LANGRANGE was creating a new string with a StringBuilder.
        The problem is that CSSParserString does not keep the source string alive.
        Consequently, the list of language range was accumulating pointers to dead
        StringImpls.

        The fix there is to simply extend the token to take the original asterisk character
        from the input. That is not elegant but that's efficient and we know
        the buffer lifetime.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::realLex):
        * css/CSSGrammar.y.in: Fix the indentation of a language range rule.

2014-12-08  Anders Carlsson  <andersca@apple.com>

        Try to fix the 32-bit build.

        * WebCore.exp.in:

2014-12-08  Myles C. Maxfield  <mmaxfield@apple.com>

        Inline elements whose parents have small line-height are laid out too low
        https://bugs.webkit.org/show_bug.cgi?id=139375

        Reviewed by Dave Hyatt.

        This is a port of the Blink patch at
        https://src.chromium.org/viewvc/blink?revision=155253&view=revision.

        When laying out inline elements, we try to align leaf children's parents'
        baselines across the entire line. However, if you set line-height: 0px on a
        span, the entire InlineBox which represents that span will have a height of
        0, and therefore be laid out entirely on the baseline. In addition, we will
        try to vertically center the leaf text in the span's InlineBox, which means
        the leaf text will be vertically centered on the baseline. All the other
        major browsers do not have this behavior; instead, they line up the boxes
        as you would expect.

        This bug led to a rendering problem on the front page of the New York Times.

        Here is the ChangeLog from the Blink patch:

        Fix baseline position when it is outside the element's box

        Specifically, we shouldn't force the baseline to be inside the element. IE
        and FF don't do this, and it's incompatible with the CSS spec:
        
        "The baseline of an 'inline-block' is the baseline of its last line box in
        the normal flow, unless it has either no in-flow line boxes or if its
        'overflow' property has a computed value other than 'visible', in which case
        the baseline is the bottom margin edge."
        -- http://www.w3.org/TR/CSS21/visudet.html#leading
        
        It doesn't have a special case for "baseline is outside of the element's
        margin box".
        
        Test: fast/text/small-line-height.html

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::baselinePosition):

2014-12-08  Eric Carlson  <eric.carlson@apple.com>

        [iOS] YouTube plug-in replacement should support partial urls
        https://bugs.webkit.org/show_bug.cgi?id=139400

        Reviewed by Alexey Proskuryakov.

        * Modules/plugins/YouTubePluginReplacement.cpp:
        (WebCore::YouTubePluginReplacement::youTubeURL): Call Document::completeURL.

2014-12-08  Anders Carlsson  <andersca@apple.com>

        Build fix.

        * platform/network/soup/CookieJarSoup.cpp:
        (WebCore::deleteAllCookiesModifiedSince):

2014-12-08  Andreas Kling  <akling@apple.com>

        Roll out r175352.
        <https://webkit.org/b/139146>

        This change caused some unexpected assertions in line box teardown.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::willBeDestroyed):
        * rendering/RenderBlock.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::willBeDestroyed):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::willBeRemovedFromTree):
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::willBeDestroyed):
        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::willBeDestroyed):
        * rendering/RenderReplaced.h:

2014-12-08  Myles C. Maxfield  <mmaxfield@apple.com>

        [iOS] Narrow non-breaking space does not fall back to a correct font
        https://bugs.webkit.org/show_bug.cgi?id=139335

        Reviewed by Enrica Casucci.

        Test: fast/text/narrow-non-breaking-space.html

        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::requiresCustomFallbackFont):
        (WebCore::FontCache::getCustomFallbackFont):

2014-12-08  Daniel Bates  <dabates@apple.com>

        [iOS] Fix the WebKit build with the public SDK

        Include header UIKit.h.

        * platform/spi/ios/MediaPlayerSPI.h:

2014-12-08  Chris Dumez  <cdumez@apple.com>

        Revert r176293 & r176275

        Unreviewed, revert r176293 & r176275 changing the Vector API to use unsigned type
        instead of size_t. There is some disagreement regarding the long-term direction
        of the API and we shouldn’t leave the API partly transitioned to unsigned type
        while making a decision.

        * WebCore.exp.in:
        * bindings/js/JSDOMBinding.h:
        (WebCore::jsArray):
        * bindings/js/JSWebGLRenderingContextCustom.cpp:
        * cssjit/SelectorCompiler.cpp:
        * editing/TextIterator.cpp:
        (WebCore::SearchBuffer::append):
        (WebCore::SearchBuffer::prependContext):
        (WebCore::SearchBuffer::search):
        (WebCore::SearchBuffer::length):
        * html/HTMLFormElement.cpp:
        (WebCore::removeFromVector):
        * html/parser/HTMLParserIdioms.h:
        * html/parser/XSSAuditor.cpp:
        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::duplicateDataBufferIfNecessary):

2014-12-08  Anders Carlsson  <andersca@apple.com>

        Make deleting all cookies after a given date a little more sane
        https://bugs.webkit.org/show_bug.cgi?id=139409

        Reviewed by Antti Koivisto.

        * WebCore.exp.in:
        Update exports.

        * platform/network/PlatformCookieJar.h:
        * platform/network/cf/CookieJarCFNet.cpp:
        * platform/network/curl/CookieJarCurl.cpp:
        * platform/network/soup/CookieJarSoup.cpp:
        Rename deleteAllCookiesModifiedAfterDate to deleteAllCookiesModifiedSince and change it
        to take an std::chrono::system_clock::time_point instead.

        * platform/network/mac/CookieJarMac.mm:
        (WebCore::cookieStorage):
        Helper function that returns an NSHTTPCookieStorage given a network session.

        (WebCore::deleteAllCookiesModifiedSince):
        Get the cookie storage from the network storage instead of just getting the global one.

2014-12-08  Csaba Osztrogonác  <ossy@webkit.org>

        URTBF after r176953, add an unreachable return to make GCC happy.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::subresourceCachePolicy):

2014-12-08  Javier Fernandez  <jfernandez@igalia.com>

        [CSS Grid Layout] Grid items must set a new formatting context.
        https://bugs.webkit.org/show_bug.cgi?id=139150

        Reviewed by David Hyatt.

        Grid item's margins must not collapse even when they may be adjoining to
        its content's margins. Also, setting a new formatting context prevents any
        'float' protruding content on the adjoining grid items.

        This patch also renames the expandsToEncloseOverhangingFloats to be more generic now,
        determining whether a new formatting context is set or not. This affects not only to
        how floats behave, but whether margins should collapse or not.

        Tests: fast/css-grid-layout/float-not-protruding-into-next-grid-item.html
               fast/css-grid-layout/grid-item-margins-not-collapse.html

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::avoidsFloats): Using the new createsNewFormattingContext function.
        (WebCore::RenderBlock::expandsToEncloseOverhangingFloats): Deleted.
        * rendering/RenderBlock.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::MarginInfo::MarginInfo): Using the new createsNewFormattingContext function.
        (WebCore::RenderBlockFlow::rebuildFloatingObjectSetFromIntrudingFloats): Using the new createsNewFormattingContext function.
        (WebCore::RenderBlockFlow::layoutBlock): Using the new createsNewFormattingContext function.
        (WebCore::RenderBlockFlow::computeOverflow): Using the new createsNewFormattingContext function.
        (WebCore::RenderBlockFlow::addOverhangingFloats): Using the new createsNewFormattingContext function.
        (WebCore::RenderBlockFlow::needsLayoutAfterRegionRangeChange): Using the new createsNewFormattingContext function.
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::createsNewFormattingContext): Added.
        (WebCore::RenderBox::avoidsFloats): Removed checks already defined in the new createsNewFormattingContext function.
        * rendering/RenderBox.h:
        (WebCore::RenderBox::isGridItem): Added.

2014-12-08  Daniel Bates  <dabates@apple.com>

        [iOS] Attempt to fix the public SDK build after <https://trac.webkit.org/r176841>
        (https://bugs.webkit.org/show_bug.cgi?id=139227)

        * platform/spi/ios/AVKitSPI.h:

2014-12-08  Chris Dumez  <cdumez@apple.com>

        Stop using ResourceRequest::cachePolicy() in FrameLoader::subresourceCachePolicy()
        https://bugs.webkit.org/show_bug.cgi?id=139350

        Reviewed by Antti Koivisto.

        Stop using ResourceRequest::cachePolicy() in FrameLoader::subresourceCachePolicy()
        and use m_loadType instead. ResourceRequest::cachePolicy() is meant to be passed
        to the network stack, and isn't supposed to be used as input inside WebCore.

        No new tests, no behavior change.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::subresourceCachePolicy):

2014-12-08  Philippe Normand  <pnormand@igalia.com>

        [GTK] UserMedia Permission Request API
        https://bugs.webkit.org/show_bug.cgi?id=136449

        Reviewed by Carlos Garcia Campos.

        Very basic constraints validation support in the GStreamer
        MediaStreamCenter. This is needed so the GTK C API tests using the
        getUserMedia() API would not time out.

        * platform/mediastream/gstreamer/MediaStreamCenterGStreamer.cpp:
        (WebCore::MediaStreamCenterGStreamer::~MediaStreamCenterGStreamer):
        (WebCore::MediaStreamCenterGStreamer::validateRequestConstraints):
        (WebCore::MediaStreamCenterGStreamer::createMediaStream):

2014-12-08  Anders Carlsson  <andersca@apple.com>

        Remove ResourceHandle::loadsBlocked()
        https://bugs.webkit.org/show_bug.cgi?id=139401

        Reviewed by Daniel Bates.

        This hasn't returned true since Leopard, so get rid of it.

        * page/Chrome.cpp:
        (WebCore::Chrome::canRunModalNow):
        * platform/network/ResourceHandle.h:
        * platform/network/cf/ResourceHandleCFNet.cpp:
        (WebCore::ResourceHandle::loadsBlocked): Deleted.
        * platform/network/curl/ResourceHandleCurl.cpp:
        (WebCore::ResourceHandle::loadsBlocked): Deleted.
        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::ResourceHandle::loadsBlocked): Deleted.
        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::ResourceHandle::loadsBlocked): Deleted.

2014-12-08  Chris Fleizach  <cfleizach@apple.com>

        AX: iOS: VoiceOver gets hung on some websites consistently.
        https://bugs.webkit.org/show_bug.cgi?id=139331

        Reviewed by Mario Sanchez Prada.

        iFrames are attachments on iOS, but they do not have attachment views. As a result, 
        WebCore would return incorrect information for the element count and index of children elements.

        No tests. Bug only manifests itself when iOS accessibility frameworks call into WebCore.

        * accessibility/AccessibilityMockObject.h:
        (WebCore::AccessibilityMockObject::isDetachedFromParent):
        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::isDetachedFromParent):
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper accessibilityElementCount]):
        (-[WebAccessibilityObjectWrapper accessibilityElementAtIndex:]):
        (-[WebAccessibilityObjectWrapper indexOfAccessibilityElement:]):
        (-[WebAccessibilityObjectWrapper accessibilityContainer]):

2014-12-08  Doron Wloschowsky  <doron_wloschowsky@scee.net>

        Webkit using Harfbuzz does not display Arabic script correctly
        https://bugs.webkit.org/show_bug.cgi?id=136337

        Reviewed by Carlos Garcia Campos.

        Using reinterpret_cast to convert hb_codepoint_t* into UChar*
        doesn't work on big endian systems.

        * platform/graphics/harfbuzz/HarfBuzzFaceCairo.cpp:
        (WebCore::harfBuzzGetGlyph):

2014-12-08  Sebastian Dröge  <sebastian@centricular.com>

        [GStreamer] Major cleanup of AudioDestination implementation
        https://bugs.webkit.org/show_bug.cgi?id=139370

        Reviewed by Philippe Normand.

        * platform/audio/gstreamer/AudioDestinationGStreamer.cpp:
        (WebCore::AudioDestinationGStreamer::AudioDestinationGStreamer):
        Add an audioresample element before the audio sink. The audio sink
        might not be able to handle our sampling rate.

        (WebCore::AudioDestinationGStreamer::AudioDestinationGStreamer):
        (WebCore::AudioDestinationGStreamer::~AudioDestinationGStreamer):
        (WebCore::AudioDestinationGStreamer::stop):
        (WebCore::AudioDestinationGStreamer::finishBuildingPipelineAfterWavParserPadReady): Deleted.
        Don't use a wavparse element but directly link the raw audio from
        the source to the audio sink.

        (WebCore::AudioDestinationGStreamer::start):
        Catch errors when going to PLAYING early, we might not get an error
        message.

        * platform/audio/gstreamer/AudioDestinationGStreamer.h:
        * platform/audio/gstreamer/WebKitWebAudioSourceGStreamer.cpp:
        (getGStreamerMonoAudioCaps):
        (webKitWebAudioSrcConstructed):
        (webKitWebAudioSrcChangeState):
        Don't use a WAV encoder but directly output raw audio. Also don't
        include a unneeded audioconvert element before the interleave.

        (webKitWebAudioSrcLoop):
        Add timestamps and durations to the output buffers, map them in
        READWRITE mode and actually keep them mapped until we're sure
        nothing is actually writing into them.

        (webKitWebAudioSrcLoop):
        Pause the task on errors instead of continuously calling it again
        immediately.

2014-12-08  Sebastian Dröge  <sebastian@centricular.com>

        [GStreamer] Use gst_message_parse_buffering()
        https://bugs.webkit.org/show_bug.cgi?id=139365

        Reviewed by Philippe Normand.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::processBufferingStats):
        Use gst_message_parse_buffering() instead of manually getting
        the percentage from the message's structure. While the latter
        is supposed to work and part of the ABI stability guarantee,
        it's just not nice and overly complicated.

2014-12-08  Sebastian Dröge  <sebastian@centricular.com>

        [GStreamer] Minor cleanup of the AudioFileReader implementation
        https://bugs.webkit.org/show_bug.cgi?id=139367

        Reviewed by Philippe Normand.

        * platform/audio/gstreamer/AudioFileReaderGStreamer.cpp:
        (WebCore::AudioFileReader::~AudioFileReader):
        Don't call gst_bus_remove_signal_watch(), the source was already
        destroyed together with the main context and doing it again here
        will give a g_critical().

        (WebCore::AudioFileReader::handleSample):
        Calculate the number of samples from the actual buffer size
        and the bytes-per-frame instead of the buffer duration. Using
        the buffer duration can lead to rounding errors and might cause
        too few samples to be copied over later.

        (WebCore::AudioFileReader::handleMessage):
        Set the pipeline to GST_STATE_NULL immediately when receiving
        errors to prevent other follow-up error messages from propagating
        through the bus and spamming the user's terminal with g_warnings().

        (WebCore::AudioFileReader::handleNewDeinterleavePad):
        Sync the state of the queue and sink after deinterleave with
        the parent state instead of just setting them to READY. That
        way we potentially go to PAUSED state a bit earlier already
        and prevent a potential race condition that could cause buffers
        to arrive in the new elements in READY state already (which would
        fail).

        (WebCore::AudioFileReader::plugDeinterleave):
        Handle multiple decodebin source pads by ignoring all following
        ones just in case there are multiple for whatever reason.

        (WebCore::AudioFileReader::decodeAudioForBusCreation):
        Catch errors from going to PAUSED state early. We might not
        get a error message at all if we're unlucky.

        (WebCore::AudioFileReader::plugDeinterleave):
        (WebCore::AudioFileReader::createBus):
        (WebCore::AudioFileReader::handleSample):
        Downmix to mono if required instead of just using the front
        left channel and claiming it is mono. Downmixing from stereo
        to mono will mix both channels instead of just taking the left.

2014-12-08  Sebastian Dröge  <sebastian@centricular.com>

        [GStreamer] Handle CLOCK_LOST and LATENCY messages
        https://bugs.webkit.org/show_bug.cgi?id=139341

        Reviewed by Philippe Normand.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
        Handle CLOCK_LOST message by shortly going back to PAUSED state
        and then to PLAYING again to let the pipeline select a new clock
        for us.
        This can happen if the stream that ends in a sink that provides
        the current clock disappears, for example if the audio sink
        provides the clock and the audio stream is disabled. It also
        happens relatively often with HTTP adaptive streams when switching
        between different variants of a stream.

        Also handle the LATENCY message by triggering the default GStreamer
        mechanism to update the latency. This can happen if the latency of
        live elements changes, or for one reason or another a new live element
        is added or removed from the pipeline.

2014-12-08  Sebastian Dröge  <sebastian@centricular.com>

        [GStreamer] Use audio-filter property on GStreamer >= 1.4.2
        https://bugs.webkit.org/show_bug.cgi?id=139360

        Reviewed by Philippe Normand.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::createAudioSink):
        (WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
        Since 1.4.0 there is an audio-filter property we can use to place
        the pitch-preserving filter at a more canonical position inside
        the pipeline. Since 1.4.2 this property also handles all necessary
        conversions for us.
        This simplifies our sink code a bit because we don't have to create
        a custom sink bin anymore.

2014-12-08  Sebastian Dröge  <sebastian@centricular.com>

        [GStreamer] Add video/flv to the list of supported mimetypes
        https://bugs.webkit.org/show_bug.cgi?id=139344

        Reviewed by Gustavo Noronha Silva.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::mimeTypeCache):
        Add video/flv additional to video/x-flv to the list of supported
        mimetypes. It's used on some websites, e.g.
        http://www.jwplayer.com/html5/formats/

2014-12-08  Sebastian Dröge  <sebastian@centricular.com>

        [GStreamer] Remove GStreamer 0.10 #ifdefs.
        https://bugs.webkit.org/show_bug.cgi?id=138921

        Reviewed by Philippe Normand.

        * platform/graphics/gstreamer/GStreamerUtilities.cpp:
        (WebCore::initializeGStreamer):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::buffered):
        Remove GStreamer 0.10 #ifdefs, we depend on >= 1.0.3 at least.

2014-12-08  Sebastian Dröge  <sebastian@centricular.com>

        [GStreamer] Add application/x-mpegurl to the list of supported mimetypes.
        https://bugs.webkit.org/show_bug.cgi?id=139343

        Reviewed by Gustavo Noronha Silva.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::mimeTypeCache):
        It's an alternative mimetype for the already supported
        application/vnd.apple.mpegurl (aka HLS) and adding it
        allows all streams on http://www.jwplayer.com/html5/hls/
        to be played.

2014-12-07  Gwang Yoon Hwang  <yoon@igalia.com>

        [TextureMapper] Normalize pattern transform for pattern compositing
        https://bugs.webkit.org/show_bug.cgi?id=139374

        Reviewed by Martin Robinson.

        In CoordGfx/TexMapGL, pattern compositing (for background image) uses
        the patternTransform shader uniform. However, current implementation
        miscalculates its transform matrix. It uses simple rectToRect
        transformationMatrix which produces unnormalized garbage term.
        This causes unexpected behavior at the fragmentation stage in some
        mobile GPUs.

        It should calculate its scale based on tileSize and contentSize,
        and its position based on tilePhase and contentSize.

        No new tests because the bug only occurs on some mobile GPUs.

        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::computePatternTransformIfNeeded):

2014-12-07  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        [Soup][Curl] HTTP header values should be treated as latin1, not UTF-8
        https://bugs.webkit.org/show_bug.cgi?id=128739

        Reviewed by Martin Robinson.

        Removed UTF-8 conversion of HTTP header values (SOUP and CURL).
        Removed unnecessary UTF-8 conversion of HTTP header names (SOUP).
        Changed conversion of HTTP method from UTF-8 to ASCII (SOUP and CURL).
        Added explicit UTF-8 conversion of Content-Disposition header to compute download suggested filename. 

        Test: http/tests/xmlhttprequest/response-special-characters.html

        * platform/network/curl/CurlDownload.cpp:
        (WebCore::CurlDownload::headerCallback): Removed header conversion.
        * platform/network/curl/ResourceHandleManager.cpp:
        (WebCore::headerCallback): Ditto.
        (WebCore::ResourceHandleManager::initializeHandle): Changed HTTP method conversion to ASCI.
        * platform/network/soup/ResourceRequestSoup.cpp:
        (WebCore::ResourceRequest::updateFromSoupMessageHeaders): Removed header conversion.
        (WebCore::ResourceRequest::updateSoupMessage): Changed HTTP method conversion to ASCII.
        (WebCore::ResourceRequest::toSoupMessage): Ditto.
        (WebCore::ResourceRequest::updateFromSoupMessage):
        * platform/network/soup/ResourceResponseSoup.cpp:
        (WebCore::ResourceResponse::updateFromSoupMessageHeaders): Rmoved header conversion.
        (WebCore::ResourceResponse::platformSuggestedFilename): Added explicit conversion of contentDisposition to UTF-8.

2014-12-07  Dan Bernstein  <mitz@apple.com>

        Introduce and deploy a function that allocates and returns an instance of a soft-linked class
        https://bugs.webkit.org/show_bug.cgi?id=139348

        Reviewed by Anders Carlsson.

        In [[getFooClass() alloc] init*], the type of the result of +alloc is id, so the compiler
        picks an arbitrary declaration of init*, not necessarily the Foo one. This can then lead
        to warnings or errors if the types or attributes don’t match, or to runtime errors if Foo
        doesn’t even have the expected initializer. The new allocFooInstance() returns a Foo *, thus
        avoiding the ambiguity.

        * editing/mac/DataDetection.mm:
        (WebCore::DataDetection::detectItemAroundHitTestResult):
        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (-[WebMediaSessionHelper allocateVolumeView]):
        (-[WebMediaSessionHelper startMonitoringAirPlayRoutes]):
        * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
        (WebCore::AudioSourceProviderAVFObjC::createMix):
        * platform/graphics/avfoundation/objc/CDMSessionAVFoundationObjC.mm:
        * platform/graphics/avfoundation/objc/InbandTextTrackPrivateAVFObjC.mm:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerItem):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoOutput):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::MediaPlayerPrivateMediaSourceAVFObjC):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureLayer):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::streamSession):
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::SourceBufferPrivateAVFObjC):
        (WebCore::SourceBufferPrivateAVFObjC::abort):
        (WebCore::SourceBufferPrivateAVFObjC::trackDidChangeEnabled):

        * platform/graphics/ca/mac/PlatformCALayerMac.mm:
        (PlatformCALayerMac::PlatformCALayerMac): Cast the result of +alloc to an instance of the
        expected class.

        * platform/graphics/mac/FontMac.mm:
        (WebCore::showLetterpressedGlyphsWithAdvances):
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::createQTMovie):
        (WebCore::MediaPlayerPrivateQTKit::createQTMovieLayer):
        * platform/graphics/mac/PDFDocumentImageMac.mm:
        (WebCore::PDFDocumentImage::createPDFDocument):
        * platform/ios/PlatformSpeechSynthesizerIOS.mm:
        (SOFT_LINK_CONSTANT):
        (-[WebSpeechSynthesisWrapper speakUtterance:]):
        * platform/ios/WebCoreMotionManager.mm:
        (-[WebCoreMotionManager initializeOnMainThread]):
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebAVPlayerController init]):
        (WebVideoFullscreenInterfaceAVKit::setupFullscreen):
        * platform/mac/ContentFilterMac.mm:
        (WebCore::ContentFilter::ContentFilter):

        * platform/mac/SoftLinking.h: Added alloc##className##instance().

        * platform/mac/WebVideoFullscreenController.mm:
        (-[WebVideoFullscreenController setVideoElement:]):
        * platform/mediastream/mac/AVAudioCaptureSource.mm:
        (WebCore::AVAudioCaptureSource::setupCaptureSession):
        * platform/mediastream/mac/AVCaptureDeviceManager.mm:
        (WebCore::AVCaptureDeviceManager::verifyConstraintsForMediaType):
        * platform/mediastream/mac/AVMediaCaptureSource.mm:
        (WebCore::AVMediaCaptureSource::setupSession):
        * platform/mediastream/mac/AVVideoCaptureSource.mm:
        (WebCore::AVVideoCaptureSource::setupCaptureSession):
        * platform/network/ios/QuickLook.mm:
        (WebCore::registerQLPreviewConverterIfNeeded):
        (WebCore::QuickLookHandle::QuickLookHandle):

2014-12-07  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Add Since tags to GObject DOM bindings documentation
        https://bugs.webkit.org/show_bug.cgi?id=139356

        Reviewed by Gustavo Noronha Silva.

        Now that we have a small stable API, and new symbols are added
        manually, we can also add the version to the symbols file, that
        the code generator can ue to add Since tags to the gtk-doc.

        * bindings/gobject/webkitdom.symbols: Add @2.8 to the new symbols
        added for 2.8.
        * bindings/scripts/CodeGeneratorGObject.pm:
        (GenerateConstants): Add Since tag to gtk-doc if there's a version
        number for the symbol in the .symbols file.
        (GenerateFunction): Ditto.
        (ReadStableSymbols):

2014-12-07  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Missing API detected in GObject DOM bindings after r176630
        https://bugs.webkit.org/show_bug.cgi?id=139201

        Reviewed by Gustavo Noronha Silva.

        Bring back WebKitDOMDeprecated and add custom versions of the
        removed symbols as deprecated in favor of the new ones. Also add
        the new ones as stable API.

        * CMakeLists.txt: Pass a list of additional dependencies to GENERATE_BINDINGS.
        * PlatformGTK.cmake: Ditto.
        * PlatformMac.cmake: Ditto.
        * bindings/gobject/WebKitDOMDeprecated.cpp: Added.
        (webkit_dom_html_element_get_inner_html):
        (webkit_dom_html_element_set_inner_html):
        (webkit_dom_html_element_get_outer_html):
        (webkit_dom_html_element_set_outer_html):
        * bindings/gobject/WebKitDOMDeprecated.h: Added.
        * bindings/gobject/WebKitDOMDeprecated.symbols: Added.
        * bindings/gobject/webkitdom.symbols:

2014-12-06  Csaba Osztrogonác  <ossy@webkit.org>

        URTBF after r176915.

        DisplayRefreshMonitorClient is the parent class of GraphicsLayerUpdater
        only if USE(REQUEST_ANIMATION_FRAME_DISPLAY_MONITOR) is true, so override
        is incorrect if USE(REQUEST_ANIMATION_FRAME_DISPLAY_MONITOR) is false.

        That's why r176915 broke the build on non PLATFORM(COCOA) platforms,
        such as GTK, EFL, Apple Windows.

        Additionally displayRefreshFired is only used inside USE(REQUEST_ANIMATION_FRAME_DISPLAY_MONITOR)
        guard, so there is no reason to define it for non COCOA platforms.

        * platform/graphics/GraphicsLayerUpdater.cpp:
        * platform/graphics/GraphicsLayerUpdater.h:

2014-12-06  Anders Carlsson  <andersca@apple.com>

        Fix build with newer versions of clang.
        rdar://problem/18978733

        Add a bunch of overrides since we're not disabling the "inconsistent missing override" warning in WebKit.

        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ScrollingStateFixedNode.h:
        * page/scrolling/ScrollingStateFrameScrollingNode.h:
        * page/scrolling/ScrollingStateOverflowScrollingNode.h:
        * page/scrolling/ScrollingStateStickyNode.h:
        * page/scrolling/ScrollingTreeFrameScrollingNode.h:
        (WebCore::ScrollingTreeFrameScrollingNode::updateLayersAfterDelegatedScroll): Deleted.
        * page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.h:
        * platform/graphics/GraphicsLayerUpdater.h:
        * platform/mac/ScrollbarThemeMac.h:
        (WebCore::ScrollbarThemeMac::supportsControlTints): Deleted.
        (WebCore::ScrollbarThemeMac::maxOverlapBetweenPages): Deleted.
        * rendering/RenderLayerCompositor.h:
        * rendering/RenderSnapshottedPlugIn.h:

2014-12-06  Anders Carlsson  <andersca@apple.com>

        Fix build with newer versions of clang.
        rdar://problem/18978687

        Add a bunch of overrides since we're not disabling the "inconsistent missing override" warning in WebKit.

        * html/HTMLElement.h:
        * html/HTMLMediaElement.h:
        * html/track/VTTCue.h:
        * loader/FrameNetworkingContext.h:
        (WebCore::FrameNetworkingContext::shouldClearReferrerOnHTTPSToHTTPRedirect): Deleted.
        * loader/cache/CachedImage.h:
        * page/SuspendableTimer.h:
        * platform/Scrollbar.h:
        * platform/graphics/InbandTextTrackPrivate.h:
        * rendering/RenderBlockFlow.h:

2014-12-06  Anders Carlsson  <andersca@apple.com>

        Follow-up build fix.

        * Configurations/Base.xcconfig:

2014-12-06  Anders Carlsson  <andersca@apple.com>

        Fix build with newer versions of clang.
        rdar://problem/18978689

        Disable the "inconsistent missing override" warning due to our use of macros in SVG where it's hard to
        know whether we can add an override or not.

        Also, cast return values of +alloc to the right type, and add some casts for vector iterator arithmetic.

        * Configurations/Base.xcconfig:
        * Modules/webdatabase/DatabaseBackendBase.cpp:
        (WebCore::guidForOriginAndName):
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper _stringForRange:attributed:]):
        * editing/cocoa/HTMLConverter.mm:
        (_shadowForShadowStyle):
        (HTMLConverter::_addTableForElement):
        * platform/graphics/SVGGlyph.cpp:
        (WebCore::isCompatibleArabicForm):
        * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
        (WebCore::AudioSourceProviderAVFObjC::createMix):
        * platform/graphics/mac/FontMac.mm:
        (WebCore::showLetterpressedGlyphsWithAdvances):
        * platform/ios/PlatformSpeechSynthesizerIOS.mm:
        (-[WebSpeechSynthesisWrapper speakUtterance:]):
        * platform/ios/WebCoreMotionManager.mm:
        (-[WebCoreMotionManager initializeOnMainThread]):
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::spannedRows):
        (WebCore::RenderTableSection::spannedColumns):

2014-12-06  peavo@outlook.com  <peavo@outlook.com>

        [WinCairo] Compile error, missing guard.
        https://bugs.webkit.org/show_bug.cgi?id=139338

        Reviewed by Alex Christensen.

        There is missing a ENABLE(CSS_SELECTORS_LEVEL4) guard in CSSParser.cpp.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::realLex):

2014-12-05  Chris Fleizach  <cfleizach@apple.com>

        AX: I cannot activate links on the mobile version of news.google.com
        https://bugs.webkit.org/show_bug.cgi?id=139330

        Reviewed by Simon Fraser.

        This website only listens for touch events. VoiceOver normally dispatches click and mouse events,
        so on iOS this falls and VoiceOver is not able to activate anything.

        The solution here is to dispatch simulated touch down/up events.

        Test: platform/ios-simulator/ios-accessibility/press-fires-touch-events.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::press):
        (WebCore::AccessibilityObject::dispatchTouchEvent):
        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::isDetachedFromParent):
        * page/EventHandler.h:
        * page/ios/EventHandlerIOS.mm:
        (WebCore::EventHandler::dispatchSimulatedTouchEvent):
        * platform/ios/PlatformEventFactoryIOS.h:
        * platform/ios/PlatformEventFactoryIOS.mm:
        (WebCore::PlatformTouchEventBuilder::PlatformTouchEventBuilder):
        (WebCore::PlatformEventFactory::createPlatformSimulatedTouchEvent):

2014-12-05  Myles C. Maxfield  <mmaxfield@apple.com>

        Directional single quotation marks are not rotated in vertical text
        https://bugs.webkit.org/show_bug.cgi?id=138526

        Reviewed by Darin Adler.

        In vertical text, directional single quotation marks are not rotated along with
        the rest of the letters.

        Test: fast/text/vertical-quotation-marks.html

        * platform/graphics/FontGlyphs.cpp:
        (WebCore::shouldIgnoreRotation):

2014-12-05  Dhi Aurrahman  <diorahman@rockybars.com>

        Implement parser for :lang pseudo class selector arguments that contain wildcard '*' subtags
        https://bugs.webkit.org/show_bug.cgi?id=139014

        Reviewed by Benjamin Poulain.

        Consider each language range in :lang() that consists of an asterisk 
        immediately followed by an identifier beginning with an ASCII hyphen 
        as a valid input for the selector as specified in [1].

        [1] http://dev.w3.org/csswg/selectors4/#the-lang-pseudo 

        Test: fast/css/parsing-css-lang.html

        * css/CSSGrammar.y.in:
        * css/CSSParser.cpp:
        (WebCore::CSSParser::realLex):

2014-12-05  Simon Fraser  <simon.fraser@apple.com>

        Programmatic scrolling and content changes are not always synchronized
        https://bugs.webkit.org/show_bug.cgi?id=139245
        rdar://problem/18833612

        Reviewed by Anders Carlsson.
        
        For programmatic scrolls, AsyncScrollingCoordinator::requestScrollPositionUpdate()
        calls updateScrollPositionAfterAsyncScroll(), then dispatches the requested
        scroll position to the scrolling thread.
        
        Once the scrolling thread commits, it calls back to the main thread via
        scheduleUpdateScrollPositionAfterAsyncScroll(), which schedules a second
        call to updateScrollPositionAfterAsyncScroll() on a timer. That's a problem,
        because some other scroll may have happened in the meantime; when the timer
        fires, it can sometimes restore a stale scroll position.
        
        Fix by bailing early from scheduleUpdateScrollPositionAfterAsyncScroll()
        for programmatic scrolls, since we know that requestScrollPositionUpdate()
        already did the updateScrollPositionAfterAsyncScroll().

        Test:
            ManualTests/programmatic-scroll-flicker.html

        * page/FrameView.cpp:
        (WebCore::FrameView::reset): nullptr.
        (WebCore::FrameView::setScrollPosition): Ditto.
        (WebCore::FrameView::setWasScrolledByUser): Ditto.
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::requestScrollPositionUpdate): Use a local variable for
        isProgrammaticScroll just to make sure we use the same value for the duration of this function.
        (WebCore::AsyncScrollingCoordinator::scheduleUpdateScrollPositionAfterAsyncScroll): Do nothing
        if this is a programmatic scroll.

2014-12-05  Timothy Horton  <timothy_horton@apple.com>

        Build fix.

        * platform/spi/mac/TUCallSPI.h:

2014-12-05  Roger Fong  <roger_fong@apple.com>

        [Win] proj files copying over too many resources..
        https://bugs.webkit.org/show_bug.cgi?id=139315.
        <rdar://problem/19148278>

        Reviewed by Brent Fulgham.

        * WebCore.vcxproj/WebCore.proj: Don't copy over bin32 build output.

2014-12-05  Timothy Horton  <timothy_horton@apple.com>

        Use the system string for telephone number menu
        https://bugs.webkit.org/show_bug.cgi?id=139324
        <rdar://problem/18726471>

        * platform/spi/mac/TUCallSPI.h: Added.
        Actually add the SPI header from the last commit.

2014-12-05  Tim Horton  <timothy_horton@apple.com>

        Use the system string for telephone number menu
        https://bugs.webkit.org/show_bug.cgi?id=139324
        <rdar://problem/18726471>

        Reviewed by Anders Carlsson.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/spi/mac/TUCallSPI.h: Added.
        Add an SPI header.

2014-12-05  Jer Noble  <jer.noble@apple.com>

        [MSE][Mac] Return absolute value of error code from CDMSessionMediaSourceAVFObjC::update().
        https://bugs.webkit.org/show_bug.cgi?id=139316

        Reviewed by Eric Carlson.

        Similarly to our asynchronous error reporting, return the absolute value of the error code.

        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
        (WebCore::systemCodeForError):
        (WebCore::CDMSessionMediaSourceAVFObjC::update):

2014-12-05  Anders Carlsson  <andersca@apple.com>

        Fix build on Windows.

        * page/SessionIDHash.h:

2014-12-05  Zalan Bujtas  <zalan@apple.com>

        Issue repaint at setUnavailablePluginIndicatorIsHidden() only when embedded object's indicator status changes.
        https://bugs.webkit.org/show_bug.cgi?id=139311

        Reviewed by Tim Horton.

        Not testable.

        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::RenderEmbeddedObject::setUnavailablePluginIndicatorIsHidden):

2014-12-05  Andreas Kling  <akling@apple.com>

        PassRef should deref on destruction if pointee was not moved.
        <https://webkit.org/b/139309>

        Reviewed by Antti Koivisto.

        Remove calls to PassRef::dropRef() since it's no longer necessary to manually
        notify PassRef that you didn't move the pointee.

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::createFor):
        (WebCore::RenderElement::setStyle):
        * style/StyleResolveTree.cpp:
        (WebCore::Style::resolveTree):

2014-12-05  Benjamin Poulain  <bpoulain@apple.com>

        Fix style sharing with the "type" and "readonly" attributes
        https://bugs.webkit.org/show_bug.cgi?id=139283

        Reviewed by Antti Koivisto.

        There are two bugs adressed with this patch:
        1) The attributes "type" and "readonly" where only handled correctly
           for input elements. For everything else, they could incorrectly
           be ignored for style sharing.
        2) The handling of attributes was incorrect for selector lists, leading
           to various bugs (incorrect style sharing in some cases, disabling
           style sharing on valid cases).

        For [1], the problem was that attribute checking had been limited to
        StyleResolver::canShareStyleWithControl(). That function is for handling
        the special states of input element. For any other element, the attributes
        were simply ignored.

        For [2], there were a bunch of small problems. First, containsUncommonAttributeSelector()
        was not recursive, which caused it to ignored any nested selector list. This used to be
        correct but since we have advanced selectors we can no longer assumed selectors are not nested.

        A second issue was that any attribute in a selector list was causing us to fall back
        to the slow case. Now that we have the fast :matches(), we really don't want that.

        The function containsUncommonAttributeSelector() was transformed into a recursive function
        tracking where we are in the selector.

        At the entry point, we start with the flag "startsOnRightmostElement" set to true. The flag is then
        updated on the stack of each recursive call.

        For example, "webkit > is:matches(freaking > awesome)". We evalute "is" with the flag to true, then recurse
        into evaluating "freaking > awesome" with the flag still set to true. When we evalute ">", the flag
        is set to false to evaluate any following selectors.
        After evaluating "freaking > awesome", we go back to our previous stack frame, and the flag
        is back to true and we can continue evaluating with the curren top level state.

        From some logging, I discovered that the attribute handling is way too aggressive.
        This is not a regression and I cannot fix that easily so I left a fixme.

        Tests: fast/css/data-attribute-style-sharing-1.html
               fast/css/data-attribute-style-sharing-2.html
               fast/css/data-attribute-style-sharing-3.html
               fast/css/data-attribute-style-sharing-4.html
               fast/css/data-attribute-style-sharing-5.html
               fast/css/data-attribute-style-sharing-6.html
               fast/css/data-attribute-style-sharing-7.html
               fast/css/readonly-attribute-style-sharing-1.html
               fast/css/readonly-attribute-style-sharing-2.html
               fast/css/readonly-attribute-style-sharing-3.html
               fast/css/readonly-attribute-style-sharing-4.html
               fast/css/readonly-attribute-style-sharing-5.html
               fast/css/readonly-attribute-style-sharing-6.html
               fast/css/readonly-attribute-style-sharing-7.html
               fast/css/type-attribute-style-sharing-1.html
               fast/css/type-attribute-style-sharing-2.html
               fast/css/type-attribute-style-sharing-3.html
               fast/css/type-attribute-style-sharing-4.html
               fast/css/type-attribute-style-sharing-5.html
               fast/css/type-attribute-style-sharing-6.html
               fast/css/type-attribute-style-sharing-7.html

        * css/RuleSet.cpp:
        (WebCore::containsUncommonAttributeSelector):
        (WebCore::RuleData::RuleData):
        (WebCore::selectorListContainsAttributeSelector): Deleted.
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::canShareStyleWithControl):
        (WebCore::StyleResolver::canShareStyleWithElement):

2014-12-05  Jer Noble  <jer.noble@apple.com>

        [WTF] MediaTime should support round-tripping from and to doubles.
        https://bugs.webkit.org/show_bug.cgi?id=139248

        Reviewed by Eric Carlson.

        Check whether the MediaTime's underlying data is floating point before converting
        to a CMTime or QTTime.

        * platform/graphics/avfoundation/MediaTimeAVFoundation.cpp:
        (WebCore::toCMTime):
        * platform/graphics/mac/MediaTimeQTKit.mm:
        (WebCore::toQTTime):

2014-12-05  Anders Carlsson  <andersca@apple.com>

        Add a private browsing mode to MiniBrowser
        https://bugs.webkit.org/show_bug.cgi?id=139308

        Reviewed by Sam Weinig.

        Use -1 instead of -2 for the deleted value.

        * page/SessionIDHash.h:

2014-12-05  Chris Dumez  <cdumez@apple.com>

        Move 'text-emphasis-style' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=139285

        Reviewed by Sam Weinig.

        Move 'text-emphasis-style' CSS property to the new StyleBuilder by
        using custom code.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyTextEmphasisStyle::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyTextEmphasisStyle::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyTextEmphasisStyle::applyValue): Deleted.
        (WebCore::ApplyPropertyTextEmphasisStyle::createHandler): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInitialWebkitTextEmphasisStyle):
        (WebCore::StyleBuilderCustom::applyInheritWebkitTextEmphasisStyle):
        (WebCore::StyleBuilderCustom::applyValueWebkitTextEmphasisStyle):

2014-12-05  Eric Carlson  <eric.carlson@apple.com>

        [iOS] remove "enter optimized fullscreen" gesture
        https://bugs.webkit.org/show_bug.cgi?id=139301

        Reviewed by Jer Noble.

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.handleWrapperTouchStart): Remove gesture recognizer.

2014-12-05  Beth Dakin  <bdakin@apple.com>

        rdar://problem/19156353 Additional build-fixes needed.

        Rubber-stamped by Tim Horton.

        This is a bit unfortunate, but we need to always forward-declare this for now.
        * platform/spi/mac/QuickLookMacSPI.h:

2014-12-05  David Kilzer  <ddkilzer@apple.com>

        FeatureDefines.xcconfig: Workaround bug in Xcode 5.1.1 when defining ENABLE_WEB_REPLAY
        <http://webkit.org/b/139286>

        Reviewed by Daniel Bates.

        * Configurations/FeatureDefines.xcconfig: Switch back to using
        PLATFORM_NAME to workaround a bug in Xcode 5.1.1 on 10.8.

2014-12-05  Eric Carlson  <eric.carlson@apple.com>

        [iOS] allow host application to opt-out of alternate fullscreen pt. 2
        https://bugs.webkit.org/show_bug.cgi?id=139227

        Reviewed by Jer Noble and Anders Carlsson

        * WebCore.exp.in: Export HTMLMediaSession::allowsAlternateFullscreen, change the signature of 
            WebVideoFullscreenInterfaceAVKit::setupFullscreen.

        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (-[WebVideoFullscreenController enterFullscreen:mode:]): Update for
            WebVideoFullscreenInterfaceAVKit::setupFullscreen change.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.h: Add argument to setupFullscreen.
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::setupFullscreen): Ditto.

2014-12-05  Shivakumar JM  <shiva.jm@samsung.com>

        Fix build warning in WebCore/platform/graphics module
        https://bugs.webkit.org/show_bug.cgi?id=139290

        Reviewed by Carlos Garcia Campos.

        Fix a build warning by removing parameter name from function.

        No new tests, no behavior change.

        * platform/graphics/freetype/FontCacheFreeType.cpp:
        (WebCore::getFamilyNameStringFromFontDescriptionAndFamily):

2014-12-05  sungmin cho  <sungmin17.cho@lge.com>

        GraphicsLayerTextureMapper: Rename parameter to be more clear
        https://bugs.webkit.org/show_bug.cgi?id=139288

        Reviewed by Martin Robinson.

        Rename 'media' to 'platformLayer'.

        No new tests, no change in functionality.

        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::setContentsToPlatformLayer):

2014-12-04  Mark Rowe  <mrowe@apple.com>

        Fix pre-Yosemite builds.

        The #ifs in two SPI wrapper headers were incorrect, resulting in code being included
        prior to Yosemite that required Yosemite to compile.

        * platform/spi/mac/NSSharingServicePickerSPI.h:
        * platform/spi/mac/NSSharingServiceSPI.h:

2014-12-02  Brian J. Burg  <burg@cs.washington.edu>

        Web Inspector: timeline probe records have inaccurate per-probe hit counts
        https://bugs.webkit.org/show_bug.cgi?id=138976

        Reviewed by Joseph Pecoraro.

        Update the signature for breakpointActionProbe to take batchId and sampleId.
        Covered by existing test inspector-protocol/debugger/didSampleProbe-multiple-probes.html.

        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::breakpointActionProbe):
        * inspector/InspectorTimelineAgent.h:
        * inspector/TimelineRecordFactory.cpp:
        (WebCore::TimelineRecordFactory::createProbeSampleData):
        * inspector/TimelineRecordFactory.h:

2014-12-04  Adenilson Cavalcanti  <cavalcantii@gmail.com>

        Groove/inset/outset borders show solid if the color is black
        https://bugs.webkit.org/show_bug.cgi?id=58608

        Reviewed by Simon Fraser.

        Test: fast/borders/mixed-border-style2.html

        This patch will lighten/darken the border side colors, handling
        border decoration in a similar way as Firefox does.

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::drawLineForBoxSide):
        (WebCore::RenderObject::calculateBorderStyleColor):
        * rendering/RenderObject.h:

2014-12-04  Chris Dumez  <cdumez@apple.com>

        Move 'webkit-aspect-ratio' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=139250

        Reviewed by Sam Weinig.

        Move 'aspect-ratio' CSS property to the new StyleBuilder by
        using custom code.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyAspectRatio::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyAspectRatio::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyAspectRatio::applyValue): Deleted.
        (WebCore::ApplyPropertyAspectRatio::createHandler): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInitialWebkitAspectRatio):
        (WebCore::StyleBuilderCustom::applyInheritWebkitAspectRatio):
        (WebCore::StyleBuilderCustom::applyValueWebkitAspectRatio):

2014-12-04  Timothy Horton  <timothy_horton@apple.com>

        Further fix the 32-bit build.

        * page/mac/TextIndicatorWindow.mm:
        (WebCore::TextIndicatorWindow::setTextIndicator):

2014-12-04  Timothy Horton  <timothy_horton@apple.com>

        Fix the 32-bit build.

        * page/mac/TextIndicatorWindow.h:
        * page/mac/TextIndicatorWindow.mm:
        (WebCore::TextIndicatorWindow::setTextIndicator):

2014-12-04  Tim Horton  <timothy_horton@apple.com>

        TextIndicator::createWithSelectionInFrame does synchronous IPC in WebKit2
        https://bugs.webkit.org/show_bug.cgi?id=139252
        <rdar://problem/19140827>

        Reviewed by Anders Carlsson.

        * WebCore.exp.in:
        * page/TextIndicator.cpp:
        (WebCore::TextIndicator::createWithSelectionInFrame):
        (WebCore::TextIndicator::TextIndicator):
        * page/TextIndicator.h:
        (WebCore::TextIndicator::selectionRectInWindowCoordinates):
        (WebCore::TextIndicator::textBoundingRectInWindowCoordinates):
        (WebCore::TextIndicator::selectionRectInScreenCoordinates): Deleted.
        (WebCore::TextIndicator::textBoundingRectInScreenCoordinates): Deleted.
        Go back to keeping the rects in "window" coordinates.

        * page/mac/TextIndicatorWindow.h:
        * page/mac/TextIndicatorWindow.mm:
        (-[WebTextIndicatorView initWithFrame:textIndicator:margin:]):
        (WebCore::TextIndicatorWindow::setTextIndicator):
        Let callers pass in the contentRect instead of trying to share the code
        to compute it, since it needs to be different for legacy and modern WebKit.

2014-12-04  Oliver Hunt  <oliver@apple.com>

        Serialization of MapData object provides unsafe access to internal types
        https://bugs.webkit.org/show_bug.cgi?id=138653

        Reviewed by Geoffrey Garen.

        We now keep the value portion of the key/value pair in MapData as a
        separate stack. This allows us to maintain the spec semantic of
        "atomic" serialisation of the key/value pair without retaining the
        use of a potentially invalid iterator.

        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::serialize):

2014-12-04  Radu Stavila  <stavila@adobe.com>

        [SVG Masking] Add support for referencing <mask> elements from -webkit-mask-image
        https://bugs.webkit.org/show_bug.cgi?id=139092

        Reviewed by Simon Fraser.

        This patch improves the -webkit-mask-image property by allowing it to reference
        a <mask> element defined in an inline or external SVG document.
        Up until now, each image to be used as a mask consisted of a FillLayer object 
        whose m_image member represented the mask. Now, in order to accomodate
        <mask> elements referenced by a fragment identifier (e.g. file.svg#mask1)
        a new class was created (MaskImageOperation) and added as a member of the 
        FillLayer. As such, from now on, all FillLayer objects used for masking will
        store the masking information in this new member.
        When parsing the -webkit-mask-image property (or the -webkit-mask shorthand)
        a new MaskImageOperation object is created for each image. If the value represents
        an external URL, a pending SVG document will be created which will be loaded 
        during the phase that loads the pending resources. When the download is complete,
        the MaskImageOperation is notified by the CachedSVGDocument class and checks if
        the received download is a valid SVG and the requested fragment identifier
        actually exists and identifies a <mask> element. If it does, that element's
        renderer (of type RenderSVGResourceMasker) will be used when painting the mask layers.
        Otherwise, the MaskImageOperation class will use the already downloaded data 
        buffer to create a CachedImage from it and use that instead, basically emulating
        the previous behavior, when only images were accepted. This ensures that all existing
        behavior, like painting entire SVGs, painting normal images (e.g. PNG/JPG), painting
        generated images (e.g. linear-gradient) works as it did before.

        No new tests required, this patch doesn't change any current functionality. 
        It only adds support for referencing <mask> elements for the -webkit-mask-image 
        property. This is sub-part 1 of the bigger patch https://bugs.webkit.org/show_bug.cgi?id=129682.

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSValue.cpp:
        (WebCore::CSSValue::cssText):
        (WebCore::CSSValue::destroy):
        * css/CSSValue.h:
        (WebCore::CSSValue::isWebKitCSSResourceValue):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::State::clear):
        (WebCore::StyleResolver::createMaskImageOperations):
        * css/StyleResolver.h:
        (WebCore::StyleResolver::State::maskImagesWithPendingSVGDocuments):
        * css/WebKitCSSResourceValue.cpp: Added.
        (WebCore::WebKitCSSResourceValue::WebKitCSSResourceValue):
        (WebCore::WebKitCSSResourceValue::customCSSText):
        (WebCore::WebKitCSSResourceValue::isCSSValueNone):
        * css/WebKitCSSResourceValue.h: Added.
        (WebCore::WebKitCSSResourceValue::create):
        (WebCore::WebKitCSSResourceValue::innerValue):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::addCachedResource):
        * loader/cache/CachedResourceLoader.h:
        * loader/cache/CachedSVGDocument.cpp:
        (WebCore::CachedSVGDocument::CachedSVGDocument):
        (WebCore::CachedSVGDocument::finishLoading):
        * loader/cache/CachedSVGDocument.h:
        * loader/cache/CachedSVGDocumentReference.cpp:
        (WebCore::CachedSVGDocumentReference::CachedSVGDocumentReference):
        (WebCore::CachedSVGDocumentReference::~CachedSVGDocumentReference):
        (WebCore::CachedSVGDocumentReference::load):
        * loader/cache/CachedSVGDocumentReference.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::isSVGDocument):
        * page/FrameView.h:
        * page/Page.cpp:
        (WebCore::Page::createPageFromBuffer):
        * page/Page.h:
        * platform/ScrollView.h:
        (WebCore::ScrollView::isSVGDocument):
        * platform/graphics/MaskImageOperation.cpp: Added.
        (WebCore::MaskImageOperation::create):
        (WebCore::MaskImageOperation::MaskImageOperation):
        (WebCore::MaskImageOperation::~MaskImageOperation):
        (WebCore::MaskImageOperation::isCSSValueNone):
        (WebCore::MaskImageOperation::cssValue):
        (WebCore::MaskImageOperation::isMaskLoaded):
        (WebCore::MaskImageOperation::setRenderLayerImageClient):
        (WebCore::MaskImageOperation::addRendererImageClient):
        (WebCore::MaskImageOperation::removeRendererImageClient):
        (WebCore::MaskImageOperation::getOrCreateCachedSVGDocumentReference):
        (WebCore::MaskImageOperation::notifyFinished): This is the method that gets called when the document has finished 
        downloading and checks if it can find a valid <mask> element.
        (WebCore::MaskImageOperation::drawMask):
        (WebCore::MaskImageOperation::getSVGMasker):
        * platform/graphics/MaskImageOperation.h: Added.
        * rendering/RenderBoxModelObject.cpp: The BackgroundImageGeometry class was moved out of RenderBoxModelObject in 
        order to be used as a parameter for other methods. This was necessary to avoid having methods with very many parameters.
        (WebCore::BackgroundImageGeometry::setNoRepeatX):
        (WebCore::BackgroundImageGeometry::setNoRepeatY):
        (WebCore::BackgroundImageGeometry::useFixedAttachment):
        (WebCore::BackgroundImageGeometry::clip):
        (WebCore::BackgroundImageGeometry::relativePhase):
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::setNoRepeatX): Deleted.
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::setNoRepeatY): Deleted.
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::useFixedAttachment): Deleted.
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::clip): Deleted.
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::relativePhase): Deleted.
        * rendering/RenderBoxModelObject.h:
        (WebCore::BackgroundImageGeometry::BackgroundImageGeometry):
        (WebCore::BackgroundImageGeometry::destOrigin):
        (WebCore::BackgroundImageGeometry::setDestOrigin):
        (WebCore::BackgroundImageGeometry::destRect):
        (WebCore::BackgroundImageGeometry::setDestRect):
        (WebCore::BackgroundImageGeometry::phase):
        (WebCore::BackgroundImageGeometry::setPhase):
        (WebCore::BackgroundImageGeometry::tileSize):
        (WebCore::BackgroundImageGeometry::setTileSize):
        (WebCore::BackgroundImageGeometry::spaceSize):
        (WebCore::BackgroundImageGeometry::setSpaceSize):
        (WebCore::BackgroundImageGeometry::setPhaseX):
        (WebCore::BackgroundImageGeometry::setPhaseY):
        (WebCore::BackgroundImageGeometry::setHasNonLocalGeometry):
        (WebCore::BackgroundImageGeometry::hasNonLocalGeometry):
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::BackgroundImageGeometry): Deleted.
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::destOrigin): Deleted.
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::setDestOrigin): Deleted.
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::destRect): Deleted.
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::setDestRect): Deleted.
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::phase): Deleted.
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::setPhase): Deleted.
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::tileSize): Deleted.
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::setTileSize): Deleted.
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::spaceSize): Deleted.
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::setSpaceSize): Deleted.
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::setPhaseX): Deleted.
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::setPhaseY): Deleted.
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::setHasNonLocalGeometry): Deleted.
        (WebCore::RenderBoxModelObject::BackgroundImageGeometry::hasNonLocalGeometry): Deleted.
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::RenderLayer):
        (WebCore::RenderLayer::~RenderLayer):
        * rendering/RenderLayer.h:
        * rendering/RenderLayerMaskImageInfo.cpp: Added.
        (WebCore::RenderLayer::MaskImageInfo::layerToMaskMap): Returns a static map that links MaskImageInfo objects to RenderLayers.
        (WebCore::RenderLayer::MaskImageInfo::getIfExists): Returns the MaskImageInfo associated with a specific RenderLayer.
        (WebCore::RenderLayer::MaskImageInfo::get): Returns the MaskImageInfo associated with a specific RenderLayer (creates it if necessary).
        (WebCore::RenderLayer::MaskImageInfo::remove): Removes the MaskImageInfo associated with a specific RenderLayer.
        (WebCore::RenderLayer::MaskImageInfo::MaskImageInfo):
        (WebCore::RenderLayer::MaskImageInfo::~MaskImageInfo):
        (WebCore::RenderLayer::MaskImageInfo::notifyFinished): Gets called when the SVG document finished loading, triggers repaint.
        (WebCore::RenderLayer::MaskImageInfo::imageChanged): Gets called when the image object changed, triggers repaint.
        (WebCore::RenderLayer::MaskImageInfo::updateMaskImageClients): Goes through all mask layers and sets image/SVG clients. 
        Updates list of internal and external SVG references.
        (WebCore::RenderLayer::MaskImageInfo::removeMaskImageClients): Removes all image/SVG clients and clears lists of internal and external SVG references.
        * rendering/RenderLayerMaskImageInfo.h: Added.
        * rendering/RenderObject.h:
        (WebCore::RenderObject::isRenderSVGResourceMasker):
        * rendering/style/FillLayer.cpp:
        (WebCore::FillLayer::FillLayer):
        (WebCore::FillLayer::operator=):
        (WebCore::FillLayer::operator==):
        (WebCore::FillLayer::cullEmptyLayers):
        (WebCore::FillLayer::hasNonEmptyMaskImage):
        (WebCore::FillLayer::imagesAreLoaded):
        * rendering/style/FillLayer.h:
        (WebCore::FillLayer::maskImage):
        (WebCore::FillLayer::imageOrMaskImage):
        (WebCore::FillLayer::setMaskImage):
        (WebCore::FillLayer::clearMaskImage):
        (WebCore::FillLayer::hasMaskImage):
        * rendering/svg/RenderSVGResourceMasker.cpp:
        (WebCore::RenderSVGResourceMasker::applySVGMask):
        (WebCore::RenderSVGResourceMasker::applyResource):
        (WebCore::RenderSVGResourceMasker::drawMaskForRenderer):
        * rendering/svg/RenderSVGResourceMasker.h:
        * svg/SVGMaskElement.cpp:
        (WebCore::SVGMaskElement::createElementRenderer):
        (WebCore::SVGMaskElement::addClientRenderLayer):
        (WebCore::SVGMaskElement::removeClientRenderLayer):
        * svg/SVGMaskElement.h:
        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::setCachedDocument):
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::dataChanged):

2014-12-04  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r176789.
        https://bugs.webkit.org/show_bug.cgi?id=139255

        Broke the non Mac-WK2 builds (Requested by stavila on
        #webkit).

        Reverted changeset:

        "Remove isSpecifiedFont boolean from FontDescription"
        https://bugs.webkit.org/show_bug.cgi?id=139233
        http://trac.webkit.org/changeset/176789

2014-12-03  Antti Koivisto  <antti@apple.com>

        Remove isSpecifiedFont boolean from FontDescription
        https://bugs.webkit.org/show_bug.cgi?id=139233

        Reviewed by Andreas Kling.

        It is barely used.

        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInheritFontFamily):
        (WebCore::StyleBuilderCustom::applyValueFontFamily):
        * platform/graphics/FontDescription.cpp:
        (WebCore::genericFamiliesSet):
        (WebCore::FontDescription::hasGenericFirstFamily):

            Add a function to test for generic families.

        * platform/graphics/FontDescription.h:
        (WebCore::FontDescription::FontDescription):
        (WebCore::FontDescription::setTextRenderingMode):
        (WebCore::FontDescription::operator==):
        (WebCore::FontDescription::isSpecifiedFont): Deleted.
        (WebCore::FontDescription::setIsSpecifiedFont): Deleted.
        * rendering/RenderText.cpp:
        (WebCore::RenderText::computeUseBackslashAsYenSymbol):

            This is the only client.
            Figure out the equivalent information dynamically if needed.

2014-12-03  Joonghun Park  <jh718.park@samsung.com>

        Use std::unique_ptr instead of PassOwnPtr|OwnPtr for Pasteboard
        https://bugs.webkit.org/show_bug.cgi?id=139019

        Reviewed by Darin Adler.

        No new tests, no behavior changes.

        * dom/DataTransfer.cpp:
        (WebCore::DataTransfer::DataTransfer):
        * dom/DataTransfer.h:
        * editing/Editor.cpp:
        (WebCore::Editor::dispatchCPPEvent):
        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::createDraggingDataTransfer):
        * platform/Pasteboard.h:
        * platform/efl/PasteboardEfl.cpp:
        (WebCore::Pasteboard::createForCopyAndPaste):
        (WebCore::Pasteboard::createPrivate):
        (WebCore::Pasteboard::createForDragAndDrop):
        * platform/gtk/PasteboardGtk.cpp:
        (WebCore::Pasteboard::createForCopyAndPaste):
        (WebCore::Pasteboard::createForGlobalSelection):
        (WebCore::Pasteboard::createPrivate):
        (WebCore::Pasteboard::createForDragAndDrop):
        (WebCore::Pasteboard::create): Deleted.
        * platform/ios/PasteboardIOS.mm:
        (WebCore::Pasteboard::createForCopyAndPaste):
        (WebCore::Pasteboard::createPrivate):
        * platform/mac/PasteboardMac.mm:
        (WebCore::Pasteboard::createForCopyAndPaste):
        (WebCore::Pasteboard::createPrivate):
        (WebCore::Pasteboard::createForDragAndDrop):
        (WebCore::Pasteboard::create): Deleted.
        * platform/win/PasteboardWin.cpp:
        (WebCore::Pasteboard::createForCopyAndPaste):
        (WebCore::Pasteboard::createPrivate):
        (WebCore::Pasteboard::createForDragAndDrop):

2014-12-03  Benjamin Poulain  <bpoulain@apple.com>

        Get rid of FrameLoaderClient::dispatchWillRequestResource
        https://bugs.webkit.org/show_bug.cgi?id=139235

        Reviewed by Alexey Proskuryakov.

        It is useless.

        * loader/FrameLoaderClient.h:
        (WebCore::FrameLoaderClient::dispatchWillRequestResource): Deleted.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestResource):

2014-12-03  Myles C. Maxfield  <mmaxfield@apple.com>

        List markers in RTL languages do not draw the first character.
        https://bugs.webkit.org/show_bug.cgi?id=139244

        Reviewed by Simon Fraser.

        Off-by-one error when reversing the string (from LTR to RTL)

        Test: fast/lists/rtl-marker.html

        * rendering/RenderListMarker.cpp:
        (WebCore::RenderListMarker::paint):

2014-12-03  Beth Dakin  <bdakin@apple.com>

        <input> elements get whitespace action menu instead of editable text menu
        https://bugs.webkit.org/show_bug.cgi?id=139241
        -and corresponding-
        rdar://problem/19072083

        Reviewed by Sam Weinig.

        Since we will hit test form controls as form controls, we need a new function to 
        determine if the hit point is over text inside that form control or not.
        * WebCore.exp.in:
        * rendering/HitTestResult.cpp:
        (WebCore::HitTestResult::isOverTextInsideFormControlElement):
        * rendering/HitTestResult.h:

2014-12-03  Tim Horton  <timothy_horton@apple.com>

        Keyboard input should be disabled in the preview popover
        https://bugs.webkit.org/show_bug.cgi?id=139219
        <rdar://problem/19052381>

        Reviewed by Anders Carlsson.

        * page/ChromeClient.h:
        (WebCore::ChromeClient::shouldDispatchFakeMouseMoveEvents):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::dispatchFakeMouseMoveEventSoon):
        Allow ChromeClient to disable the dispatch of "fake" mouseMove events
        that happens during scrolling.

2014-12-03  Antti Koivisto  <antti@apple.com>

        Remove genericFamily enum from FontDescription
        https://bugs.webkit.org/show_bug.cgi?id=139207

        Reviewed by Andreas Kling.

        We use predefined AtomicStrings for generic families. The side enum adds no information.

        * css/CSSFontSelector.cpp:
        (WebCore::resolveGenericFamily):
        (WebCore::CSSFontSelector::getFontData):

            Match the existing quirk where the default font can be replaced by @font-face rule but user generic families can't.

        (WebCore::CSSFontSelector::resolvesFamilyFor):
        (WebCore::fontDataForGenericFamily): Deleted.
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::ApplyPropertyFontFamily::applyInheritValue):
        (WebCore::ApplyPropertyFontFamily::applyInitialValue):
        (WebCore::ApplyPropertyFontFamily::applyValue):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::checkForGenericFamilyChange):

            Remove the explicit monospace check, earlier useFixedDefaultSize check is equivalent.

        (WebCore::StyleResolver::initializeFontStyle):
        * platform/graphics/FontDescription.h:
        (WebCore::FontDescription::FontDescription):
        (WebCore::FontDescription::useFixedDefaultSize):
        (WebCore::FontDescription::setWeight):
        (WebCore::FontDescription::equalForTextAutoSizing):
        (WebCore::FontDescription::operator==):
        (WebCore::FontDescription::genericFamily): Deleted.
        (WebCore::FontDescription::setGenericFamily): Deleted.
        * platform/mac/ThemeMac.mm:
        (WebCore::ThemeMac::controlFont):
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::adjustStyle):

            Reset the lineheight unconditionally for buttons.
            This always happened before because the explicitly set generic family made the font compare false.

        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::systemFont):
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::systemFont):
        (WebCore::RenderThemeMac::setFontFromControlSize):
        * style/StyleResolveForDocument.cpp:
        (WebCore::Style::resolveForDocument):

            Resolve document style for final value immediately as it can't be affected by @font-face rules.

2014-12-03  Zalan Bujtas  <zalan@apple.com>

        ASSERTION: RenderMultiColumnFlowThread::processPossibleSpannerDescendant() when column spanner's parent is not a RenderBlockFlow.
        https://bugs.webkit.org/show_bug.cgi?id=139188
        rdar://problem/18502182

        Reviewed by David Hyatt.

        This patch ensures that the validation check for spanner in isValidColumnSpanner() is in synch
        with the expectation in RenderMultiColumnFlowThread::processPossibleSpannerDescendant().
        (descendant's parent is expected to be a RenderBlockFlow)

        Test: fast/multicol/svg-content-as-column-spanner-crash.html

        * rendering/RenderMultiColumnFlowThread.cpp:
        (WebCore::isValidColumnSpanner):

2014-12-03  peavo@outlook.com  <peavo@outlook.com>

        [TexMap] Redundant method in GraphicsLayerTextureMapper.
        https://bugs.webkit.org/show_bug.cgi?id=138005

        Reviewed by Alex Christensen.

        The TextureMapperLayer method descendantsOrSelfHaveRunningAnimations() can be used
        instead of the GraphicsLayerTextureMapper method startedAnimation().

        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::GraphicsLayerTextureMapper):
        (WebCore::GraphicsLayerTextureMapper::addAnimation):
        * platform/graphics/texmap/GraphicsLayerTextureMapper.h:

2014-12-03  Jeremy Jones  <jeremyj@apple.com>

        Subtitle menu should only appear when useful.
        https://bugs.webkit.org/show_bug.cgi?id=139133

        Reviewed by Eric Carlson.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebAVPlayerController hasLegibleMediaSelectionOptions]): only enable when there are non default options.
        (-[WebAVPlayerController hasAudioMediaSelectionOptions]): only enable when there is more than one option.

2014-12-03  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] Inline text elements with accessible object attributes and/or event handlers are not exposed
        https://bugs.webkit.org/show_bug.cgi?id=139071

        Reviewed by Chris Fleizach.

        Adds a new InlineRole accessibility role type for non-focusable inline
        elements which have an event handler or attribute suggesting possible
        inclusion by the platform. This is mapped to ATK_ROLE_STATIC for GTK and
        EFL. On the Mac, it is currently ignored to preserve existing behavior.

        Added new test cases to the existing roles-exposed.html test.

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::supportsDatetimeAttribute): Added.
        * accessibility/AccessibilityObject.h: Added InlineRole.
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::determineAccessibilityRole): Handle InlineRole.
        * accessibility/atk/AccessibilityObjectAtk.cpp:
        (WebCore::AccessibilityObject::accessibilityPlatformIncludesObject): Include InlineRole objects.
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):
        * accessibility/mac/AccessibilityObjectMac.mm:
        (WebCore::AccessibilityObject::accessibilityPlatformIncludesObject): Ignore InlineRole objects.
        * html/HTMLTagNames.in: Added 'time'.

2014-12-03  Jer Noble  <jer.noble@apple.com>

        [Mac] Hang when calling -[AVAsset resolvedURL].
        https://bugs.webkit.org/show_bug.cgi?id=139223

        Reviewed by Eric Carlson.

        On a particularly slow-loading site, a call to -[AVAsset resolvedURL] can take an arbitrarily long
        time. Treat this AVAsset property similar to other "metadata" properties, and check the load status
        of the property before requesting it.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::hasSingleSecurityOrigin): Check the load state of -resolvedURL.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::resolvedURL): Ditto.
        (WebCore::assetMetadataKeyNames): Add @"resolvedURL".

2014-12-03  Csaba Osztrogonác  <ossy@webkit.org>

        URTBF after r176721 to fix ENABLE(CSS_DEVICE_ADAPTATION) build.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseViewportProperty):

2014-12-03  Chris Dumez  <cdumez@apple.com>

        Move 'display' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=139218

        Reviewed by Antti Koivisto.

        Move 'display' CSS property to the new StyleBuilder.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyDisplay::isValidDisplayValue): Deleted.
        (WebCore::ApplyPropertyDisplay::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyDisplay::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyDisplay::applyValue): Deleted.
        (WebCore::ApplyPropertyDisplay::createHandler): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::isValidDisplayValue):
        (WebCore::StyleBuilderCustom::applyInheritDisplay):
        (WebCore::StyleBuilderCustom::applyValueDisplay):
        * css/makeprop.pl:
        Add support for passing multiple values for Custom option, e.g.:
        'Custom=Inherit|Value'. This was useful as we did not need custom
        code for display's initial value.

2014-12-03  Chris Dumez  <cdumez@apple.com>

        Modernize the CSSParser code
        https://bugs.webkit.org/show_bug.cgi?id=139209

        Reviewed by Antti Koivisto.

        Modernize the CSSParser code by:
        - Using more references instead of pointers
        - Using nullptr instead of 0

        No new tests, no behavior change.

2014-12-03  David Kilzer  <ddkilzer@apple.com>

        [iOS] REGRESSION (r176622): WebCore fails to link

        Speculative fix for the following build failure:

            Ld WebCore
            Undefined symbols for architecture armv7s:
              "__ZN3JSC10IdentifierC1EPNS_9ExecStateERKN3WTF12AtomicStringE", referenced from:
                  __ZN7WebCoreL24createAccelerationObjectEPKNS_16DeviceMotionData12AccelerationEPN3JSC9ExecStateE in JSDeviceMotionEventCustom.o

        * bindings/js/JSDeviceMotionEventCustom.cpp: Include
        <runtime/IdentifierInlines.h> to define missing symbol.

2014-12-02  Dean Jackson  <dino@apple.com>

        [Media] Audio content shouldn't have fullscreen buttons, even if in a video element
        https://bugs.webkit.org/show_bug.cgi?id=139200
        <rdar://problem/18914506>

        Reviewed by Eric Carlson.

        An audio-only resource, even if loaded into a <video> element, should not
        present the fullscreen or optimised fullscreen controls. This includes a
        MediaDocument, which is always a <video> element. We can detect this by
        examining the length of the videoTracks property as our content loads.

        Test: media/audio-as-video-fullscreen.html

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller): Initialize a hasVisualMedia to false.
        (Controller.prototype.handleReadyStateChange): If we see a videoTrack, hasVisualMedia is now true.
        (Controller.prototype.updateFullscreenButtons): Merge the updateFullscreenButton and
        updateOptimizedFullscreenButton methods into this single spot, and check for
        hasVisualMedia.
        (Controller.prototype.updateFullscreenButton): Deleted.
        (Controller.prototype.updateOptimizedFullscreenButton): Deleted.

        * Modules/mediacontrols/mediaControlsBase.js: Do the same for the other ports.

2014-12-02  Dean Jackson  <dino@apple.com>

        Missing support for innerHTML on SVGElement
        https://bugs.webkit.org/show_bug.cgi?id=136903

        Unreviewed followup from r176630. Minor style nits that I missed in my review.

        * dom/Element.h: Remove unnecessary parameter name.
        * html/parser/HTMLTreeBuilder.cpp: Whitespace cleanup.
        (WebCore::HTMLTreeBuilder::adjustedCurrentStackItem):

2014-12-03  Eva Balazsfalvi  <evab.u-szeged@partner.samsung.com>

        [EFL] Add subtle crypto to the build system
        https://bugs.webkit.org/show_bug.cgi?id=138612

        Reviewed by Csaba Osztrogonác.

        It is obvious to make Efl use GnuTLS as well,
        and since there seems no reason why to separate
        Efl and Gtk implementations from each other, I
        also propose renaming the gtk directory and file
        suffixes to gnutls.

        No new tests needed.

        * PlatformEfl.cmake:
        * PlatformGTK.cmake:
        * crypto/gnutls/CryptoAlgorithmAES_CBCGnuTLS.cpp: Renamed from Source/WebCore/crypto/gtk/CryptoAlgorithmAES_CBCGtk.cpp.
        (WebCore::CryptoAlgorithmAES_CBC::platformEncrypt):
        (WebCore::CryptoAlgorithmAES_CBC::platformDecrypt):
        * crypto/gnutls/CryptoAlgorithmAES_KWGnuTLS.cpp: Renamed from Source/WebCore/crypto/gtk/CryptoAlgorithmAES_KWGtk.cpp.
        (WebCore::CryptoAlgorithmAES_KW::platformEncrypt):
        (WebCore::CryptoAlgorithmAES_KW::platformDecrypt):
        * crypto/gnutls/CryptoAlgorithmHMACGnuTLS.cpp: Renamed from Source/WebCore/crypto/gtk/CryptoAlgorithmHMACGtk.cpp.
        (WebCore::getGnutlsDigestAlgorithm):
        (WebCore::calculateSignature):
        (WebCore::CryptoAlgorithmHMAC::platformSign):
        (WebCore::CryptoAlgorithmHMAC::platformVerify):
        * crypto/gnutls/CryptoAlgorithmRSAES_PKCS1_v1_5GnuTLS.cpp: Renamed from Source/WebCore/crypto/gtk/CryptoAlgorithmRSAES_PKCS1_v1_5Gtk.cpp.
        (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::platformEncrypt):
        (WebCore::CryptoAlgorithmRSAES_PKCS1_v1_5::platformDecrypt):
        * crypto/gnutls/CryptoAlgorithmRSASSA_PKCS1_v1_5GnuTLS.cpp: Renamed from Source/WebCore/crypto/gtk/CryptoAlgorithmRSASSA_PKCS1_v1_5Gtk.cpp.
        (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::platformSign):
        (WebCore::CryptoAlgorithmRSASSA_PKCS1_v1_5::platformVerify):
        * crypto/gnutls/CryptoAlgorithmRSA_OAEPGnuTLS.cpp: Renamed from Source/WebCore/crypto/gtk/CryptoAlgorithmRSA_OAEPGtk.cpp.
        (WebCore::CryptoAlgorithmRSA_OAEP::platformEncrypt):
        (WebCore::CryptoAlgorithmRSA_OAEP::platformDecrypt):
        * crypto/gnutls/CryptoAlgorithmRegistryGnuTLS.cpp: Renamed from Source/WebCore/crypto/gtk/CryptoAlgorithmRegistryGtk.cpp.
        (WebCore::CryptoAlgorithmRegistry::platformRegisterAlgorithms):
        * crypto/gnutls/CryptoDigestGnuTLS.cpp: Renamed from Source/WebCore/crypto/gtk/CryptoDigestGtk.cpp.
        (WebCore::CryptoDigest::CryptoDigest):
        (WebCore::CryptoDigest::~CryptoDigest):
        (WebCore::CryptoDigest::create):
        (WebCore::CryptoDigest::addBytes):
        (WebCore::CryptoDigest::computeHash):
        * crypto/gnutls/CryptoKeyRSAGnuTLS.cpp: Renamed from Source/WebCore/crypto/gtk/CryptoKeyRSAGtk.cpp.
        (WebCore::CryptoKeyRSA::CryptoKeyRSA):
        (WebCore::CryptoKeyRSA::create):
        (WebCore::CryptoKeyRSA::~CryptoKeyRSA):
        (WebCore::CryptoKeyRSA::restrictToHash):
        (WebCore::CryptoKeyRSA::isRestrictedToHash):
        (WebCore::CryptoKeyRSA::keySizeInBits):
        (WebCore::CryptoKeyRSA::buildAlgorithmDescription):
        (WebCore::CryptoKeyRSA::exportData):
        (WebCore::CryptoKeyRSA::generatePair):
        * crypto/gnutls/SerializedCryptoKeyWrapGnuTLS.cpp: Renamed from Source/WebCore/crypto/gtk/SerializedCryptoKeyWrapGtk.cpp.
        (WebCore::getDefaultWebCryptoMasterKey):
        (WebCore::wrapSerializedCryptoKey):
        (WebCore::unwrapSerializedCryptoKey):
        * crypto/keys/CryptoKeyRSA.h:

2014-12-02  Benjamin Poulain  <benjamin@webkit.org>

        Little cleanup of the default stylesheet
        https://bugs.webkit.org/show_bug.cgi?id=139168

        Reviewed by Antti Koivisto.

        The default stylesheet has a lot of historical junk that need cleaning. This patch addresses
        only the bits that do not change behaviors and have positive perf and readability impact.

        I have limited :matches() to attributes for now. The idea is to only target
        simple selectors that are not used for filtering by the collectors.
        We should eventually clean up more cases, one thing at a time.

        Tests: fast/css/map-tag-default-display.html
               fast/selectors/map-tag-default-display.html

        * css/html.css:
        (map): Deleted.
        map was explicitely setting its display to inline. Remove that since it is the default.

        (head): Deleted.
        (meta): Deleted.
        (title): Deleted.
        (link): Deleted.
        (style): Deleted.
        (script): Deleted.
        (div): Deleted.
        (layer): Deleted.
        (article, aside, footer, header, hgroup, main, nav, section): Deleted.
        (address): Deleted.
        (head, link, meta, script, style, title):
        (address, article, aside, div, footer, header, hgroup, layer, main, nav, section):
        Group the standard blocks in a single rule.

        (input:matches([type="hidden"], [type="image"], [type="file"])):
        (input:matches([type="radio"], [type="checkbox"])):
        (input:matches([type="button"], [type="submit"], [type="reset"])):
        (input:matches([type="button"], [type="submit"], [type="reset"]), input[type="file"]::-webkit-file-upload-button, button):
        (input:matches([type="button"], [type="submit"], [type="reset"]):active, input[type="file"]::-webkit-file-upload-button:active, button:active):
        (input:matches([type="button"], [type="submit"], [type="reset"]):active, input[type="file"]:active::-webkit-file-upload-button, button:active):
        (input[type="file"]:active:disabled::-webkit-file-upload-button, button:active:disabled):
        (input:matches([type="checkbox"], [type="radio"]):checked):
        (input:matches([type="checkbox"], [type="radio"]):checked:disabled):
        (select:matches([size], [multiple], [size][multiple])):
        (select:matches([size="0"], [size="1"])):
        (input[type="hidden"], input[type="image"], input[type="file"]): Deleted.
        (input[type="radio"], input[type="checkbox"]): Deleted.
        (input[type="button"], input[type="submit"], input[type="reset"]): Deleted.
        (input[type="button"], input[type="submit"], input[type="reset"], input[type="file"]::-webkit-file-upload-button, button): Deleted.
        (input[type="button"]:active, input[type="submit"]:active, input[type="reset"]:active, input[type="file"]::-webkit-file-upload-button:active, button:active): Deleted.
        (input[type="button"]:active, input[type="submit"]:active, input[type="reset"]:active, input[type="file"]:active::-webkit-file-upload-button, button:active): Deleted.
        (input[type="button"]:active:disabled, input[type="submit"]:active:disabled, input[type="reset"]:active:disabled, input[type="file"]:active:disabled::-webkit-file-upload-button, button:active:disabled): Deleted.
        (input[type="checkbox"]:checked, input[type="radio"]:checked): Deleted.
        (input[type="checkbox"]:checked:disabled, input[type="radio"]:checked:disabled): Deleted.
        (select[size][multiple]): Deleted.
        (select[size="1"]): Deleted.
        Group every selector lists that only differentiates complex selectors through attributes
        into a simple complex selector with :matches().

2014-12-02  Mark Lam  <mark.lam@apple.com>

        Rolling out r176592, r176603, r176616, and r176705 until build and perf issues are resolved.
        https://bugs.webkit.org/show_bug.cgi?id=138821

        Not reviewed.

        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneDeserializer::deserializeString):
        * editing/TextIterator.cpp:
        (WebCore::SearchBuffer::isBadMatch):
        * page/mac/ServicesOverlayController.mm:
        (WebCore::ServicesOverlayController::buildSelectionHighlight):
        * platform/graphics/SegmentedFontData.cpp:
        (WebCore::SegmentedFontData::fontDataForCharacter):
        (WebCore::SegmentedFontData::containsCharacter):
        (WebCore::SegmentedFontData::isLoading):
        * platform/graphics/WOFFFileFormat.cpp:
        (WebCore::convertWOFFToSfnt):
        * platform/graphics/cairo/GradientCairo.cpp:
        (WebCore::Gradient::platformGradient):
        * platform/image-decoders/gif/GIFImageDecoder.cpp:
        (WebCore::GIFImageDecoder::clearFrameBufferCache):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::paintFillLayers):
        * rendering/style/GridResolvedPosition.cpp:
        (WebCore::firstNamedGridLineBeforePosition):
        (WebCore::GridResolvedPosition::resolveRowEndColumnEndNamedGridLinePositionAgainstOppositePosition):
        * svg/SVGFontElement.cpp:
        (WebCore::kerningForPairOfStringsAndGlyphs):
        * svg/SVGPathByteStream.h:
        (WebCore::SVGPathByteStream::append):
        * xml/XPathNodeSet.h:
        (WebCore::XPath::NodeSet::begin):
        (WebCore::XPath::NodeSet::end):

2014-12-02  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Fix build break EFL port since r176696
        https://bugs.webkit.org/show_bug.cgi?id=139215

        Unreviewed, build fix for EFL port.

        * storage/StorageNamespaceProvider.h: Include SecurityOriginHash.h from WebCore/page directory.

2014-12-02  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] Table captions and table rows are missing from the accessible hierarchy
        https://bugs.webkit.org/show_bug.cgi?id=139005

        Reviewed by Chris Fleizach.

        Expose table captions and rows via ATK. Accomplishing the former is done
        by role mapping and inclusion of the object as a child of the table for
        ATK. Accomplishing the latter was mostly a matter of deleting all the ATK
        platform code that had been forcing rows to be ignored. Because captions
        are not being exposed on the Mac, they are now explicitly being ignored
        for that platform.

        Tests: accessibility/aria-table-hierarchy.html
               accessibility/table-hierarchy.html

        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::determineAccessibilityRole): Added CaptionRole.
        * accessibility/AccessibilityTable.cpp:
        (WebCore::AccessibilityTable::addChildren): Include non-ignored captions as table children.
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (webkitAccessibleGetNChildren): Removed special handling for tables.
        (webkitAccessibleRefChild): Removed special handling for tables.
        (webkitAccessibleGetIndexInParent): Removed special handling for table cells.
        (atkRole): Corrected broken mapping for RowRole.
        (getNChildrenForTable): Deleted.
        (getChildForTable): Deleted.
        (getIndexInParentForCellInRow): Deleted.
        * accessibility/mac/AccessibilityObjectMac.mm:
        (WebCore::AccessibilityObject::accessibilityPlatformIncludesObject): Ignore captions as table children.

2014-12-02  Alexey Proskuryakov  <ap@apple.com>

        http/tests/appcache/main-resource-fallback-for-network-error-crash.html can break subsequent tests
        https://bugs.webkit.org/show_bug.cgi?id=139149

        Reviewed by Anders Carlsson.

        * WebCore.exp.in: Added ApplicationCache::deleteAllCaches.

        * loader/appcache/ApplicationCache.h:
        * loader/appcache/ApplicationCache.cpp:
        (WebCore::ApplicationCache::deleteAllCaches): Added.

        * loader/appcache/ApplicationCacheStorage.cpp:
        (WebCore::ApplicationCacheStorage::getManifestURLs): Removed logging. It is OK to
        have this function called when there is no database file.

        * loader/appcache/ApplicationCacheStorage.h: Renamed manifestURLs to getManifestURLs,
        because WebKit style.

2014-12-02  Tim Horton  <timothy_horton@apple.com>

        Remove a SnowLeopard-era quirk for QuickLook
        https://bugs.webkit.org/show_bug.cgi?id=139208
        <rdar://problem/19121822>

        Reviewed by Alexey Proskuryakov.

        * WebCore.exp.in:
        * WebCore.xcodeproj/project.pbxproj:
        * loader/EmptyClients.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::subresourceCachePolicy):
        * loader/FrameLoaderClient.h:
        * platform/mac/QuickLookMac.h: Removed.
        * platform/mac/QuickLookMac.mm: Removed.

2014-12-02  Anders Carlsson  <andersca@apple.com>

        Begin stubbing out a StorageNamespaceProvider class
        https://bugs.webkit.org/show_bug.cgi?id=139203

        Reviewed by Tim Horton.

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        Add new files.

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::localStorage):
        If the page has a storage namespace provider, get the local storage from it.

        * page/Page.cpp:
        (WebCore::Page::Page):
        Move the storage namespace provider from the configuration.

        (WebCore::Page::setStorageNamespaceProvider):
        Add a setter. This will be used by setGroupName.

        * page/Page.h:
        (WebCore::Page::storageNamespaceProvider):
        Add a getter.

        * page/PageConfiguration.cpp:
        * page/PageConfiguration.h:
        Add a storage namespace provider member.

        * storage/StorageNamespaceProvider.cpp:
        (WebCore::StorageNamespaceProvider::StorageNamespaceProvider):
        (WebCore::StorageNamespaceProvider::~StorageNamespaceProvider):
        (WebCore::StorageNamespaceProvider::addPage):
        (WebCore::StorageNamespaceProvider::removePage):
        (WebCore::StorageNamespaceProvider::localStorageNamespace):
        (WebCore::StorageNamespaceProvider::transientLocalStorageNamespace):
        * storage/StorageNamespaceProvider.h:
        Stub out a storage namespace provider class.

2014-12-02  Beth Dakin  <bdakin@apple.com>

        More build fixing.

        * platform/spi/mac/QuickLookMacSPI.h:

2014-12-02  Beth Dakin  <bdakin@apple.com>

        Another build fix.

        * platform/spi/mac/NSMenuSPI.h:

2014-12-02  Beth Dakin  <bdakin@apple.com>

        Speculative build fix.

        * platform/spi/mac/QuickLookMacSPI.h:

2014-12-02  Beth Dakin  <bdakin@apple.com>

        Speculative build fix.

        * platform/spi/mac/QuickLookMacSPI.h:

2014-12-02  Eric Carlson  <eric.carlson@apple.com>

        Unreviewed, fix typo introduced in r176673.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::platformDuration):

2014-12-02  Beth Dakin  <bdakin@apple.com>

        Should use standardQuickLookMenuItem for apps that don't implement customizations
        https://bugs.webkit.org/show_bug.cgi?id=139193
        -and corresponding-
        rdar://problem/18944696

        Reviewed by Anders Carlsson.

        New SPI headers.
        * WebCore.xcodeproj/project.pbxproj:
        * platform/spi/mac/NSMenuSPI.h: Added.
        * platform/spi/mac/QuickLookMacSPI.h: Added.

2014-12-02  Gavin Barraclough  <barraclough@apple.com>

        Generalize PageActivityAssertionToken
        https://bugs.webkit.org/show_bug.cgi?id=139106

        Reviewed by Sam Weinig.

        PageActivityAssertionToken is a RAII mechanism implementing a counter, used by PageThrottler
        to count user visible activity in progress on the page (currently page load and media playback).
        Use of an RAII type is prevents a number of possible errors, including double counting a single
        media element, or failing to decrement the count after a media element has been deallocated.

        The current implementation has a number of drawbacks that have been addressed by this refactoring:
         - specific to single use in PageThrottler class - not reusable.
         - incomplete encapsulation - the counter and WeakPtrFactory that comprise the current implementation
           are not encapsulated (are in the client type, PageThrottler).
         - tokens are not shared - PageActivityAssertionToken instances are managed by std::unique, every
           increment requires an object allocation.
         - redundancy - the current implementation uses a WeakPtr to safely reference the PageThrottler, this
           is internally implemented using a reference counted type, resulting in two counters being
           incremented (one in the PageActivityAssertionToken, one in the PageThrottler).

        In the reimplementation:
         - a callback is provided via a lambda function, which allows for easy reuse without a lot of
           boilerplate code.
         - the counter, callback and ownership of the otherwise weakly-owned token is encapsulated within the
           RefCounter type.
         - a single count within RefCounter::Count stores the counter value, and also manage the lifetime
           of this object.
         - standard RefPtrs are used to manage references to the RefCounter::Count.

        * WebCore.xcodeproj/project.pbxproj:
            - removed PageActivityAssertionToken.cpp/.h
        * html/HTMLMediaElement.cpp:
            - removed PageActivityAssertionToken.h
        * html/HTMLMediaElement.h:
            - std::unique_ptr<PageActivityAssertionToken> -> RefPtr<RefCounter::Count>
        * loader/FrameLoader.cpp:
            - removed PageActivityAssertionToken.h
        * loader/FrameLoader.h:
            - std::unique_ptr<PageActivityAssertionToken> -> RefPtr<RefCounter::Count>
        * loader/SubresourceLoader.cpp:
            - removed PageActivityAssertionToken.h
        * loader/SubresourceLoader.h:
            - removed class PageActivityAssertionToken
        * page/Page.cpp:
            - removed PageActivityAssertionToken.h
        (WebCore::Page::Page):
            - removed Page* parameter to PageThrottler
        * page/Page.h:
            - removed class PageActivityAssertionToken
        * page/PageActivityAssertionToken.cpp: Removed.
        * page/PageActivityAssertionToken.h: Removed.
            - removed PageActivityAssertionToken.cpp/.h
        * page/PageThrottler.cpp:
        (WebCore::PageThrottler::PageThrottler):
            - removed m_page, m_weakPtrFactory, m_activityCount; added m_pageActivityCounter.
        (WebCore::PageThrottler::mediaActivityToken):
            - std::unique_ptr<PageActivityAssertionToken> -> PassRefPtr<RefCounter::Count>
        (WebCore::PageThrottler::pageLoadActivityToken):
            - std::unique_ptr<PageActivityAssertionToken> -> PassRefPtr<RefCounter::Count>
        (WebCore::PageThrottler::pageActivityCounterValueDidChange):
            - merged functionality of incrementActivityCount/decrementActivityCount
        (WebCore::PageThrottler::incrementActivityCount): Deleted.
            - see pageActivityCounterValueDidChange
        (WebCore::PageThrottler::decrementActivityCount): Deleted.
            - see pageActivityCounterValueDidChange
        * page/PageThrottler.h:
        (WebCore::PageThrottler::weakPtr): Deleted.
            - no longer required; this functionality is now encapsulated within RefCounter.

2014-12-02  Tim Horton  <timothy_horton@apple.com>

        Always show the arrow for text selection services
        https://bugs.webkit.org/show_bug.cgi?id=139191
        <rdar://problem/18903995>

        Reviewed by Anders Carlsson.

        * platform/spi/mac/DataDetectorsSPI.h:
        * page/mac/ServicesOverlayController.mm:
        Move a few things to DataDetectorsSPI.h.

        (WebCore::ServicesOverlayController::buildPhoneNumberHighlights):
        (WebCore::ServicesOverlayController::buildSelectionHighlight):
        Make use of the real DDHighlightStyle names.
        Add DDHighlightStyleButtonShowAlways for selection services.

2014-12-02  Anders Carlsson  <andersca@apple.com>

        Fix iOS build.

        * WebCore.exp.in:

2014-12-02  Chris Dumez  <cdumez@apple.com>

        Crash when setting 'flex' CSS property to 'calc(2 * 3) calc(2 * 3)'
        https://bugs.webkit.org/show_bug.cgi?id=139162

        Reviewed by Darin Adler.

        Add support for calculated values in 'flex' CSS property.
        Previously, those did not work in release builds, and were hitting
        an assertion in debug builds.

        Test: fast/css/flex-calculated-value.html

        * css/CSSParser.cpp:
        (WebCore::CSSParser::validCalculationUnit):
        Do not call RefPtr::release() as we are not interested in the return
        value. Assign nullptr to the member instead.

        (WebCore::CSSParser::parseValue):
        (WebCore::CSSParser::parseFillPositionComponent):
        (WebCore::CSSParser::parseCubicBezierTimingFunctionValue):
        (WebCore::CSSParser::parseFontWeight):
        (WebCore::CSSParser::parsedDouble):
        (WebCore::CSSParser::colorIntFromValue):
        (WebCore::CSSParser::parseColorParameters):
        (WebCore::CSSParser::parseHSLParameters):
        (WebCore::CSSParser::parseFlex):
        * css/CSSParser.h:

2014-12-02  Eric Carlson  <eric.carlson@apple.com>

        Fix logging typo
        https://bugs.webkit.org/show_bug.cgi?id=139182

        Reviewed by Alexey Proskuryakov.

        No new tests, only logging code is changed.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::platformDuration): Don't use %f to log a string.

2014-12-02  Anders Carlsson  <andersca@apple.com>

        Get rid of the WinINet based network implementation
        https://bugs.webkit.org/show_bug.cgi?id=139187

        Reviewed by Andreas Kling.

        This code was only used by the Windows CE port. Now it's unused.

        * platform/network/ResourceHandle.h:
        * platform/network/ResourceHandleInternal.h:
        (WebCore::ResourceHandleInternal::ResourceHandleInternal):
        * platform/network/win/AuthenticationChallenge.h: Removed.
        * platform/network/win/CookieJarWin.cpp: Removed.
        * platform/network/win/CredentialStorageWin.cpp: Removed.
        * platform/network/win/ProxyServerWin.cpp: Removed.
        * platform/network/win/ResourceError.h: Removed.
        * platform/network/win/ResourceHandleWin.cpp: Removed.
        * platform/network/win/ResourceRequest.h: Removed.
        * platform/network/win/ResourceResponse.h: Removed.
        * platform/network/win/SocketStreamError.h: Removed.
        * platform/network/win/SocketStreamHandle.h: Removed.
        * platform/network/win/SocketStreamHandleWin.cpp: Removed.

2014-12-02  Chris Dumez  <cdumez@apple.com>

        Crash when setting 'column-span' CSS property to 'calc(2 * 3)'
        https://bugs.webkit.org/show_bug.cgi?id=139170

        Reviewed by Darin Adler.

        Add support for calculated values for 'column-span' and 'column-width'
        CSS properties. Previously, these were not working in release builds
        and hitting assertions in debug builds.

        Tests: fast/css/column-width-calculated-value.html
               fast/css/webkit-column-span-calculated-value.html

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue):

2014-12-02  Anders Carlsson  <andersca@apple.com>

        Remove visited link handling from PageGroup
        https://bugs.webkit.org/show_bug.cgi?id=139185

        Reviewed by Sam Weinig.

        * CMakeLists.txt:
        * WebCore.exp.in:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * loader/HistoryController.cpp:
        * page/Chrome.cpp:
        (WebCore::ChromeClient::populateVisitedLinks): Deleted.
        * page/ChromeClient.h:
        * page/DefaultVisitedLinkStore.cpp: Removed.
        * page/DefaultVisitedLinkStore.h: Removed.
        * page/Page.cpp:
        (WebCore::Page::Page):
        (WebCore::Page::~Page):
        (WebCore::Page::visitedLinkStore):
        (WebCore::Page::setVisitedLinkStore):
        (WebCore::Page::removeAllVisitedLinks): Deleted.
        * page/Page.h:
        * page/PageGroup.cpp:
        (WebCore::PageGroup::PageGroup):
        (WebCore::PageGroup::visitedLinkStore): Deleted.
        (WebCore::PageGroup::isLinkVisited): Deleted.
        (WebCore::PageGroup::addVisitedLinkHash): Deleted.
        (WebCore::PageGroup::addVisitedLink): Deleted.
        (WebCore::PageGroup::removeVisitedLink): Deleted.
        (WebCore::PageGroup::removeVisitedLinks): Deleted.
        (WebCore::PageGroup::removeAllVisitedLinks): Deleted.
        (WebCore::PageGroup::setShouldTrackVisitedLinks): Deleted.
        * page/PageGroup.h:

2014-12-02  Tibor Meszaros  <tmeszaros.u-szeged@partner.samsung.com>

        Use references instead of pointers in EditingStyle
        https://bugs.webkit.org/show_bug.cgi?id=137918

        Reviewed by Darin Adler.

        * editing/EditingStyle.cpp:
        (WebCore::extractPropertyValue):
        (WebCore::identifierForStyleProperty):
        (WebCore::textColorFromStyle):
        (WebCore::backgroundColorFromStyle):
        (WebCore::textAlignResolvingStartAndEnd):
        (WebCore::EditingStyle::triStateOfStyle):
        (WebCore::EditingStyle::styleIsPresentInComputedStyleOfNode):
        (WebCore::EditingStyle::prepareToApplyAt):
        (WebCore::EditingStyle::removeStyleFromRulesAndContext):
        (WebCore::StyleChange::StyleChange):
        (WebCore::setTextDecorationProperty):
        (WebCore::StyleChange::extractTextStyles):
        (WebCore::diffTextDecorations):
        (WebCore::fontWeightIsBold):
        (WebCore::extractPropertiesNotIn):
        (WebCore::getPropertiesNotIn):
        * editing/EditingStyle.h:

2014-12-02  Bartlomiej Gajda  <b.gajda@samsung.com>

        [GStreamer] Media Source sending seek event fails.
        https://bugs.webkit.org/show_bug.cgi?id=139181

        Reviewed by Philippe Normand.

        There were callbacks connected to app_src on 'seek', but if stream type is not seekable, they would never launch,
        and seeking (as in MediaPlayerPrivateGStreamer::doSeek) fails.

        No new tests needed.

        * platform/graphics/gstreamer/WebKitMediaSourceGStreamer.cpp:
        (webkit_media_src_init):

2014-12-02  Chris Dumez  <cdumez@apple.com>

        Move 'font-family' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=139172

        Reviewed by Antti Koivisto.

        Move 'font-family' CSS property to the new StyleBuilder by using
        custom code.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyFontFamily::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyFontFamily::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyFontFamily::applyValue): Deleted.
        (WebCore::ApplyPropertyFontFamily::createHandler): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyInitialFontFamily):
        (WebCore::StyleBuilderCustom::applyInheritFontFamily):
        (WebCore::StyleBuilderCustom::applyValueFontFamily):

2014-12-02  Eva Balazsfalvi  <evab.u-szeged@partner.samsung.com>

        Fix class was previously declared as a struct warnings
        https://bugs.webkit.org/show_bug.cgi?id=139131

        Reviewed by Csaba Osztrogonác.

        No new tests needed.

        * platform/graphics/texmap/TextureMapperGL.h:

2014-12-02  Sylvain Galineau  <galineau@adobe.com>

        Missing support for innerHTML on SVGElement
        https://bugs.webkit.org/show_bug.cgi?id=136903

        Reviewed by Dean Jackson.

        Two parts to this patch:
        1. Move innerHTML/outerHTML to Element so SVG elements can inherit them, per https://dvcs.w3.org/hg/innerhtml/raw-file/tip/index.html#innerhtml
        2. Make sure fragment insertion is processed relative to the proper node, per http://www.whatwg.org/specs/web-apps/current-work/#adjusted-current-node

        The latter part was ported over from Blink. 

        Test: svg/in-html/svg-inner-html.html

        * bindings/objc/PublicDOMInterfaces.h: Move innerHTML/outerHTML to Element.
        * dom/Element.cpp:
        (WebCore::Element::mergeWithNextTextNode): Helper used by Element::innerHTML/outerHTML as well as HTMLElement::innerText/outerText; moved to Element as protected static.
        (WebCore::Element::innerHTML): Moved from HTMLElement.
        (WebCore::Element::outerHTML): Moved from HTMLElement.
        (WebCore::Element::setOuterHTML): Moved from HTMLElement.
        (WebCore::Element::setInnerHTML): Moved from HTMLElement.
        * dom/Element.h: 
        * dom/Element.idl:
        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::innerHTML): Deleted.
        (WebCore::HTMLElement::outerHTML): Deleted.
        (WebCore::HTMLElement::setInnerHTML): Deleted.
        (WebCore::mergeWithNextTextNode): Deleted.
        (WebCore::HTMLElement::setOuterHTML): Deleted.
        * html/HTMLElement.h:
        * html/HTMLElement.idl:
        * html/parser/HTMLTreeBuilder.cpp:
        (WebCore::HTMLTreeBuilder::FragmentParsingContext::FragmentParsingContext): no more m_contextElement.
        (WebCore::HTMLTreeBuilder::constructTree): read namespace from adjusted current node.
        (WebCore::HTMLTreeBuilder::resetInsertionModeAppropriately): use contextElementStackItem for insertion.
        (WebCore::HTMLTreeBuilder::adjustedCurrentStackItem): compute adjusted current node.
        (WebCore::HTMLTreeBuilder::shouldProcessTokenInForeignContent): use adjusted current node for context.
        (WebCore::HTMLTreeBuilder::processTokenInForeignContent): use adjusted current node to read namespace.
        * html/parser/HTMLTreeBuilder.h:
        (WebCore::HTMLTreeBuilder::FragmentParsingContext::contextElement): Deleted. Read from contextElementStackItem.
        (WebCore::HTMLTreeBuilder::FragmentParsingContext::contextElementStackItem): Added.

2014-11-20  Jeffrey Pfau  <jpfau@apple.com>

        Add cancelable version of willSendRequest
        https://bugs.webkit.org/show_bug.cgi?id=138987

        Reviewed by Anders Carlsson.

        Covered by existing tests.

        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::willSendRequest):
        * loader/ResourceLoader.h:

2014-12-01  Benjamin Poulain  <benjamin@webkit.org>

        Add the dynamic specificity of the selector list argument when matching :nth-child() and :nth-last-child()
        https://bugs.webkit.org/show_bug.cgi?id=139001

        Reviewed by Andreas Kling.

        When matching :nth-child(An+B of selector list) or :nth-last-child(An+B of selector list),
        we were previously ignoring the arguments.

        That behavior seems to be confusing for users. We made the proposal to include the selector list
        like when using :matches():
            http://lists.w3.org/Archives/Public/www-style/2014Oct/0533.html
        David Baron also agrees with this behavior:
            http://lists.w3.org/Archives/Public/www-style/2014Oct/0534.html

        This patch adds the specificity computation.

        Tests: fast/css/nth-child-specificity-1.html
               fast/css/nth-child-specificity-2.html
               fast/css/nth-last-child-specificity-1.html
               fast/css/nth-last-child-specificity-2.html

        * css/CSSSelector.cpp:
        (WebCore::simpleSelectorFunctionalPseudoClassStaticSpecificity):
        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        (WebCore::SelectorChecker::matchSelectorList):
        * css/SelectorChecker.h:
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addPseudoClassType):

2014-12-01  Chris Dumez  <cdumez@apple.com>

        Move 'text-shadow' / 'box-shadow' / '-webkit-box-shadow' to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138938

        Reviewed by Sam Weinig.

        Move 'text-shadow' / 'box-shadow' / '-webkit-box-shadow' CSS properties
        from StyleResolver to the new StyleBuilder by using custom code.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyTextOrBoxShadowValue):
        (WebCore::StyleBuilderCustom::applyInitialTextShadow):
        (WebCore::StyleBuilderCustom::applyInheritTextShadow):
        (WebCore::StyleBuilderCustom::applyValueTextShadow):
        (WebCore::StyleBuilderCustom::applyInitialBoxShadow):
        (WebCore::StyleBuilderCustom::applyInheritBoxShadow):
        (WebCore::StyleBuilderCustom::applyValueBoxShadow):
        (WebCore::StyleBuilderCustom::applyInitialWebkitBoxShadow):
        (WebCore::StyleBuilderCustom::applyInheritWebkitBoxShadow):
        (WebCore::StyleBuilderCustom::applyValueWebkitBoxShadow):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):

2014-12-01  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        [EFL] Add a ENABLE_CSS_SCROLL_SNAP macro to CMake build system
        https://bugs.webkit.org/show_bug.cgi?id=139085

        Reviewed by Andreas Kling.

        * PlatformEfl.cmake: 
            Include page/scrolling/AxisScrollSnapOffsets.cpp to EFL build files to fix build break.

2014-12-01  Zalan Bujtas  <zalan@apple.com>

        Twitter avatar moves when hovering/unhovering the "follow" button.
        https://bugs.webkit.org/show_bug.cgi?id=139147
        rdar://problem/19096508

        Reviewed by Simon Fraser.

        This patch ensures that the out of flow positioned render boxes (RenderReplaced) do not
        get repositioned when their inline box wrappers move.
        Ideally, out of flow positioned renderers do not have inline wrappers by the time we start
        placing inline boxes, but in certain case (optimized code path for descendantsHaveSameLineHeightAndBaseline()),
        they are still part of the inline box tree.
        This patch prevents those renderer boxes from getting positioned as part of the inline box placement.
        They will get removed later at RenderBlockFlow::computeBlockDirectionPositionsForLine().

        Test: fast/inline/out-of-flow-positioned-render-replaced-box-moves.html

        * rendering/InlineBox.cpp:
        (WebCore::InlineBox::adjustPosition):

2014-12-01  Tim Horton  <timothy_horton@apple.com>

        Null deref under TextIndicator::createWithSelectionInFrame using find-in-page on bugzilla
        https://bugs.webkit.org/show_bug.cgi?id=139164
        <rdar://problem/19107247>

        Reviewed by Beth Dakin.

        * page/TextIndicator.cpp:
        (WebCore::TextIndicator::createWithSelectionInFrame):
        Null-check the ImageBuffer in addition to the Image.

2014-12-01  Anders Carlsson  <andersca@apple.com>

        Remove IWebCookieManager on Windows
        https://bugs.webkit.org/show_bug.cgi?id=139144

        Reviewed by Sam Weinig.

        Remove code that handles overriding the cookie storage.

        * platform/network/NetworkStorageSession.h:
        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::cookieStorageOverride): Deleted.
        (WebCore::overrideCookieStorage): Deleted.
        (WebCore::overridenCookieStorage): Deleted.
        * platform/network/cf/ResourceHandleCFNet.cpp:
        (WebCore::ResourceHandle::createCFURLConnection):

2014-12-01  Dean Jackson  <dino@apple.com>

        [iOS Media] Slider knob should not have a border
        https://bugs.webkit.org/show_bug.cgi?id=139160
        <rdar://problem/19075185>

        Reviewed by Jer Noble.

        The change in r175715 required adding !important to a bunch
        of rules for pseudo elements. The border width of slider knobs
        for media controls should be zero, so add an !important there.

        * Modules/mediacontrols/mediaControlsiOS.css:
        (audio::-webkit-media-controls-timeline::-webkit-slider-thumb): Change
        border to border-width and force it to zero.

2014-12-01  Chris Dumez  <cdumez@apple.com>

        Take into consideration canvas drawing for throttling DOM timers
        https://bugs.webkit.org/show_bug.cgi?id=139140
        <rdar://problem/19102218>

        Reviewed by Andreas Kling.

        Take into consideration canvas drawing for throttling DOM timers so
        that:
        - Timers drawing on a visible canvas can no longer get throttled.
          This fixes the following sites:
          - http://hint.fm/wind/
          - http://radar.weather.gov/Conus/full_loop.php
        - Timers that are drawing on a canvas that is not user observable
          now get throttled, thus using less CPU. As an example, on
          http://hint.fm/wind/, CPU usage is at 110% when the canvas is
          inside the viewport on my machine. CPU usage would remain at
          110% when scrolling the canvas outside the viewport before this
          patch. After this patch, the CPU usage goes down to 5% when
          the canvas is outside the viewport.

        Tests: fast/canvas/canvas-inside-viewport-timer-throttling.html
               fast/canvas/canvas-outside-viewport-timer-throttling.html

        * bindings/js/JSCSSStyleDeclarationCustom.cpp:
        (WebCore::JSCSSStyleDeclaration::putDelegate):
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::notifyObserversCanvasChanged):
        * page/DOMTimer.cpp:
        (WebCore::DOMTimerFireState::setScriptMadeNonUserObservableChangesToElement):
        (WebCore::DOMTimer::scriptDidCauseElementRepaint):
        (WebCore::DOMTimerFireState::setScriptMadeNonUserObservableChangesToElementStyle): Deleted.
        (WebCore::DOMTimer::scriptDidUpdateStyleOfElement): Deleted.
        * page/DOMTimer.h:

2014-12-01  Myles C. Maxfield  <mmaxfield@apple.com>

        Crash in Font::dashesForIntersectionsWithRect() due to underlining SVG fonts
        https://bugs.webkit.org/show_bug.cgi?id=139158

        Reviewed by Simon Fraser.

        RenderingContexts are only created if the primary SimpleFontData is an SVG font,
        but dashesForIntersectionWithRect() uses the first character's SimpleFontData.
        One might be an SVG font but the other might not be.

        Note that this brittle design will be fixed with the SVG -> OTF translator.

        Test: fast/css3-text/css3-text-decoration/text-decoration-skip/decoration-skip-crash-fallback-svg.html

        * platform/graphics/mac/FontMac.mm:
        (WebCore::Font::dashesForIntersectionsWithRect):

2014-12-01  Bartlomiej Gajda  <b.gajda@samsung.com>

        [MSE] Fix not always calling mediaPlayer seek.
        https://bugs.webkit.org/show_bug.cgi?id=139139

        Reviewed by Jer Noble.

        Original comment states that media source shall always be notified of seek if it's not closed.

        No new tests needed.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::seekTimerFired):

2014-12-01  Tim Horton  <timothy_horton@apple.com>

        Implement yellow highlight for WebKit1 data detectors
        https://bugs.webkit.org/show_bug.cgi?id=138956
        <rdar://problem/18992185>

        Reviewed by Beth Dakin.

        * page/TextIndicator.cpp:
        (WebCore::TextIndicator::createWithSelectionInFrame):
        (WebCore::TextIndicator::TextIndicator):
        * page/TextIndicator.h:
        (WebCore::TextIndicator::selectionRectInScreenCoordinates):
        (WebCore::TextIndicator::textBoundingRectInScreenCoordinates):
        (WebCore::TextIndicator::selectionRectInWindowCoordinates): Deleted.
        (WebCore::TextIndicator::textBoundingRectInWindowCoordinates): Deleted.
        Store TextIndicator rects in screen coordinates, since that's what we
        want anyway, and this makes it easier to share this code between the WebKits.

        * page/mac/TextIndicatorWindow.mm:
        (-[WebTextIndicatorView initWithFrame:textIndicator:margin:]):
        (WebCore::TextIndicatorWindow::setTextIndicator):
        Avoid some rect conversion because the TextIndicator rects are already in screen coordinates.

2014-12-01  Anders Carlsson  <andersca@apple.com>

        Remove old site specific quirks code that was added in 2009
        https://bugs.webkit.org/show_bug.cgi?id=139141

        Reviewed by Antti Koivisto.

        * platform/network/NetworkingContext.h:
        * platform/network/ResourceHandleInternal.h:
        (WebCore::ResourceHandleInternal::ResourceHandleInternal):
        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::ResourceHandle::start):

2014-12-01  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: DOMExceptions do not show the error message string in Pause Reason section
        https://bugs.webkit.org/show_bug.cgi?id=138988

        Reviewed by Timothy Hatcher.

        * inspector/WebInjectedScriptHost.cpp:
        (WebCore::WebInjectedScriptHost::type):
        Give all DOM Exception types the "error" RemoteObject subtype.

2014-12-01  Bartlomiej Gajda  <b.gajda@samsung.com>

        [MSE] Unset timestamps of trackbuffers during Reset Parser State algorithm.
        https://bugs.webkit.org/show_bug.cgi?id=139075.

        Reviewed by Jer Noble.

        Specification requires from us to unset timestamps for trackBuffers
        during abort() method.

        Test: media/media-source/media-source-append-nonsync-sample-after-abort.html

        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::resetParserState):
        (WebCore::SourceBuffer::abort):
        * Modules/mediasource/SourceBuffer.h:

2014-12-01  Chris Dumez  <cdumez@apple.com>

        Transform StyleBuilderCustom into a class and mark it as a friend of RenderStyle
        https://bugs.webkit.org/show_bug.cgi?id=138999

        Reviewed by Sam Weinig.

        Transform StyleBuilderCustom into a class and mark it as a friend of
        RenderStyle. This is needed because some of the StyleBuilderCustom
        functions need to access RenderStyle's private API.

        No new tests, no behavior change.

        * css/StyleBuilderCustom.h:
          Move functions from StyleBuilderFunctions namespace to
          StyleBuilderCustom class.

        * css/makeprop.pl:
          Use StyleBuilderCustom scope instead of StyleBuilderFunctions for
          custom implementation.

        * rendering/style/RenderStyle.h:
          Mark StyleBuilderCustom class as a friend, similarly to what was
          already done for DeprecatedStyleBuilder and StyleResolver.

2014-11-17  Oliver Hunt  <oliver@apple.com>

        Make sure range based iteration of Vector<> still receives bounds checking
        https://bugs.webkit.org/show_bug.cgi?id=138821

        Reviewed by Mark Lam.

        There are a few uses of begin()/end() that explicitly require pointers,
        so we use getPtr() to extract the underlying pointer generically.

        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneDeserializer::deserializeString):
        * editing/TextIterator.cpp:
        (WebCore::SearchBuffer::isBadMatch):
        * page/mac/ServicesOverlayController.mm:
        (WebCore::ServicesOverlayController::buildSelectionHighlight):
        * platform/graphics/SegmentedFontData.cpp:
        (WebCore::SegmentedFontData::fontDataForCharacter):
        (WebCore::SegmentedFontData::containsCharacter):
        (WebCore::SegmentedFontData::isLoading):
        * platform/graphics/WOFFFileFormat.cpp:
        (WebCore::convertWOFFToSfnt):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::paintFillLayers):
        * rendering/style/GridResolvedPosition.cpp:
        (WebCore::firstNamedGridLineBeforePosition):
        (WebCore::GridResolvedPosition::resolveRowEndColumnEndNamedGridLinePositionAgainstOppositePosition):
        * svg/SVGFontElement.cpp:
        (WebCore::kerningForPairOfStringsAndGlyphs):
        * svg/SVGPathByteStream.h:
        (WebCore::SVGPathByteStream::append):
        * xml/XPathNodeSet.h:
        (WebCore::XPath::NodeSet::begin):
        (WebCore::XPath::NodeSet::end):

2014-11-29  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Fix a build warning when CSS_SCROLL_SNAP is enabled
        https://bugs.webkit.org/show_bug.cgi?id=139084

        Reviewed by Andrei Bucur.

        Fix a build warning. Copy constructor of StyleScrollSnapPoints should initialize its base class.

        * rendering/style/StyleScrollSnapPoints.cpp:
        (WebCore::StyleScrollSnapPoints::StyleScrollSnapPoints): Call RefCounted().

2014-11-29  Sam Weinig  <sam@webkit.org>

        Move the '-webkit-locale', '-webkit-text-orientation', '-webkit-writing-mode', '-webkit-justify-self' and '-webkit-perspective' CSS properties to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=139104

        Reviewed by Anders Carlsson.

        * css/CSSPropertyNames.in:
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderFunctions::applyValueWebkitLocale):
        (WebCore::StyleBuilderFunctions::applyValueWebkitWritingMode):
        (WebCore::StyleBuilderFunctions::applyValueWebkitTextOrientation):
        (WebCore::StyleBuilderFunctions::applyValueWebkitJustifySelf):
        (WebCore::StyleBuilderFunctions::applyValueWebkitPerspective):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):

2014-11-29  Anders Carlsson  <andersca@apple.com>

        Add an EmptyVisitedLinkStore implementation
        https://bugs.webkit.org/show_bug.cgi?id=139102

        Reviewed by Sam Weinig.

        * loader/EmptyClients.cpp:
        (WebCore::fillWithEmptyClients):
        * loader/EmptyClients.h:

2014-11-28  Sam Weinig  <sam@webkit.org>

        Move the '-webkit-initial-letter', '-webkit-line-box-contain' and '-webkit-text-stroke-width' CSS properties to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=139053

        Reviewed by Andreas Kling.

        * css/CSSPropertyNames.in:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertInitialLetter):
        (WebCore::StyleBuilderConverter::convertTextStrokeWidth):
        (WebCore::StyleBuilderConverter::convertLineBoxContain):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):

2014-11-26  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] HTTP source element lacks SCHEDULING query support
        https://bugs.webkit.org/show_bug.cgi?id=139064

        Reviewed by Carlos Garcia Campos.

        No new tests, covered by http/tests/media/hls.

        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (webKitWebSrcQueryWithParent): Make the element handle SCHEDULING
        queries with the BANDWIDTH_LIMITED flag. This helps uridecodebin
        to configure itself for adaptive streaming playback scenarios.

2014-11-27  Ryuan Choi  <ryuan.choi@navercorp.com>

        [EFL] Remove E_Dbus dependency
        https://bugs.webkit.org/show_bug.cgi?id=136355

        Reviewed by Gyuyoung Kim.

        E_Dbus is the simple wrapper of Dbus but it has not been maintained since EFL 1.8.
        Instead, EFL introduced Eldbus, which is almost similar with E_Dbus but provides more dbus like interface.
        This patch replaces E_Dbus implementation to Eldbus.

        * PlatformEfl.cmake:
        * platform/efl/BatteryProviderEfl.cpp:
        (WebCore::BatteryProviderEfl::BatteryProviderEfl):
        (WebCore::BatteryProviderEfl::~BatteryProviderEfl):
        (WebCore::BatteryProviderEfl::stopUpdating):
        (WebCore::batteryProperties):
        (WebCore::batteryPropertiesChanged):
        (WebCore::BatteryProviderEfl::deviceTypeCallback):
        (WebCore::BatteryProviderEfl::enumerateDevices):
        (WebCore::BatteryProviderEfl::startUpdating):
        (WebCore::BatteryProviderEfl::setBatteryStatus):
        (WebCore::BatteryProviderEfl::timerFired): Deleted.
        (WebCore::BatteryProviderEfl::getBatteryStatus): Deleted.
        (WebCore::BatteryProviderEfl::setBatteryClient): Deleted.
        * platform/efl/BatteryProviderEfl.h:
        (WebCore::BatteryProviderEfl::connection):
        (WebCore::BatteryProviderEfl::setSignalHandler):
        (WebCore::BatteryProviderEfl::~BatteryProviderEfl): Deleted.

2014-11-27  Antti Koivisto  <antti@apple.com>

        CrashTracer: com.apple.WebKit.WebContent at com.apple.WebCore: WebCore::HTMLPlugInImageElement::updateSnapshot + 108
        https://bugs.webkit.org/show_bug.cgi?id=139057

        Reviewed by Anders Carlsson.

        No test, don't know how to repro.

        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::updateSnapshot): Null check the renderer.

2014-11-27  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] Meter and Option elements do not expose their id attribute
        https://bugs.webkit.org/show_bug.cgi?id=139017

        Reviewed by Mario Sanchez Prada.

        The options in a collapsed select element lack a node, so get the id
        attribute from the associated action element. In the case of a meter,
        the meter element itself is not exposed; its RenderMeter is instead.
        So associate the meter element's id with the exposed RenderMeter.

        No new tests. Instead, updated existing expectations to reflect the fix.

        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityProgressIndicator.cpp:
        (WebCore::AccessibilityProgressIndicator::element):
        * accessibility/AccessibilityProgressIndicator.h:
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (webkitAccessibleGetAttributes):

2014-11-27  Anders Carlsson  <andersca@apple.com>

        Add a Page::setVisitedLinkStore member function
        https://bugs.webkit.org/show_bug.cgi?id=139065

        Reviewed by Antti Koivisto.

        This will be used in a subsequent commit.

        * WebCore.exp.in:
        * page/Page.cpp:
        (WebCore::Page::setVisitedLinkStore):
        * page/Page.h:

2014-11-25  Sukolsak Sakshuwong  <sukolsak@gmail.com>

        Add parsing for :dir()
        https://bugs.webkit.org/show_bug.cgi?id=138932

        Reviewed by Benjamin Poulain.

        Add support for parsing :dir() pseudo class. The implementation of selector
        matching will be in a follow-up patch.

        * css/CSSGrammar.y.in:
        * css/CSSParser.cpp:
        (WebCore::CSSParser::detectFunctionTypeToken):
        * css/CSSSelector.cpp:
        (WebCore::appendPseudoClassFunctionTail):
        (WebCore::CSSSelector::selectorText):
        * css/CSSSelector.h:
        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        * css/SelectorPseudoClassAndCompatibilityElementMap.in:
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addPseudoClassType):

2014-11-25  Anders Carlsson  <andersca@apple.com>

        Remove user content handling from PageGroup
        https://bugs.webkit.org/show_bug.cgi?id=139051

        Reviewed by Antti Koivisto.

        Remove m_userContentController from PageGroup and the related functions and symbol exports.

        * WebCore.exp.in:
        * page/PageGroup.cpp:
        (WebCore::PageGroup::PageGroup):
        (WebCore::PageGroup::~PageGroup):
        (WebCore::PageGroup::addPage):
        (WebCore::PageGroup::removePage):
        (WebCore::PageGroup::addUserScriptToWorld): Deleted.
        (WebCore::PageGroup::addUserStyleSheetToWorld): Deleted.
        (WebCore::PageGroup::removeUserScriptFromWorld): Deleted.
        (WebCore::PageGroup::removeUserStyleSheetFromWorld): Deleted.
        (WebCore::PageGroup::removeUserScriptsFromWorld): Deleted.
        (WebCore::PageGroup::removeUserStyleSheetsFromWorld): Deleted.
        (WebCore::PageGroup::removeAllUserContent): Deleted.
        * page/PageGroup.h:

2014-11-25  Anders Carlsson  <andersca@apple.com>

        Add a user content controller to WebViewGroup and use it for user content
        https://bugs.webkit.org/show_bug.cgi?id=139043

        Reviewed by Antti Koivisto.

        * WebCore.exp.in:
        Export symbols.

        * page/Page.cpp:
        (WebCore::Page::setUserContentController):
        Invalidate the injected style cache when setting a new user content controller.

2014-11-25  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] gstmpegts is not initialized
        https://bugs.webkit.org/show_bug.cgi?id=139039

        Reviewed by Carlos Garcia Campos.

        * platform/graphics/gstreamer/GStreamerUtilities.cpp:
        (WebCore::initializeGStreamer): Initialize the gstmpegts library.

2014-11-24  Eva Balazsfalvi  <evab.u-szeged@partner.samsung.com>

        Fix unused variable warning in Biquad.cpp
        https://bugs.webkit.org/show_bug.cgi?id=139031

        Reviewed by Andreas Kling.

        No new tests needed.

        * platform/audio/Biquad.cpp:

2014-11-24  Eva Balazsfalvi  <evab.u-szeged@partner.samsung.com>

        Remove Qt cruft related to tap higlighting
        https://bugs.webkit.org/show_bug.cgi?id=139030

        Reviewed by Andreas Kling.

        No new tests needed.

        * CMakeLists.txt:
        * page/GestureTapHighlighter.cpp: Removed.
        * page/GestureTapHighlighter.h: Removed.

2014-11-24  Dhi Aurrahman  <diorahman@rockybars.com>

        Fix the parsing and re-serialization of :lang pseudo class selector when it has multiple arguments with same value
        https://bugs.webkit.org/show_bug.cgi?id=139013

        Reviewed by Benjamin Poulain.

        Fix the parsing and re-serialization of :lang pseudo class selector when 
        it has multiple arguments with same value e.g. :lang(en, en, en). Previously, 
        given :lang(en, en, en) selector, it was parsed and reserialized 
        as :lang(enenen) instead of :lang(en, en, en)

        Related test on parsing and re-serialization of css selectors is updated.

        * css/CSSSelector.cpp:
        (WebCore::appendArgumentList):

2014-11-24  Zalan Bujtas  <zalan@apple.com>

        Fix r176527. Iterate through the text renderers.
        https://bugs.webkit.org/show_bug.cgi?id=139007

        Reviewed by Antti Koivisto.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseFor):

2014-11-24  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Rename TextFragment::mustBreak to TextFragment::isLineBreak
        https://bugs.webkit.org/show_bug.cgi?id=139035

        Reviewed by Antti Koivisto.

        Move new line logic to FlowContents class.
        This is in preparation to support <br>.

        No change in functionality.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::TextFragment::TextFragment):
        (WebCore::SimpleLineLayout::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::nextFragment):
        (WebCore::SimpleLineLayout::createLineRuns):
        * rendering/SimpleLineLayoutFlowContents.h:
        (WebCore::SimpleLineLayout::FlowContents::isNewline):
        (WebCore::SimpleLineLayout::FlowContents::isNewlineCharacter): Deleted.

2014-11-24  Benjamin Poulain  <benjamin@webkit.org>

        Move :placeholder-shown out of experimental
        https://bugs.webkit.org/show_bug.cgi?id=138998

        Reviewed by Andreas Kling.

        The pseudo class :placeholder-shown is used by the inspector, disabling it breaks
        the sidebar.

        The implementation has been stable for a while, we can move it to stable.

        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::selectorText):
        * css/CSSSelector.h:
        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        * css/SelectorPseudoClassAndCompatibilityElementMap.in:
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addPseudoClassType):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatching):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementHasPlaceholderShown):

2014-11-24  Antti Koivisto  <antti@apple.com>

        Avoid String concatenation with line break iterator
        https://bugs.webkit.org/show_bug.cgi?id=139034

        Reviewed by Zalan Bujtas.

        Test: fast/text/simple-lines-multiple-renderers-break.html

        * rendering/SimpleLineLayoutFlowContents.cpp:
        (WebCore::SimpleLineLayout::initializeSegments):

            Include String too so it doesn't need to be fetched from the renderer.

        (WebCore::SimpleLineLayout::FlowContents::FlowContents):
        (WebCore::SimpleLineLayout::FlowContents::findNextBreakablePosition):

            Make this iterative instead of recursive.
            Uset setPriorContext to provide previous characters instead of concatenating
            the string from all the previous segments.

        (WebCore::SimpleLineLayout::findNextNonWhitespace):
        (WebCore::SimpleLineLayout::FlowContents::findNextNonWhitespacePosition):

            Search using segments instead of the concatenated string.

        (WebCore::SimpleLineLayout::FlowContents::textWidth):
        (WebCore::SimpleLineLayout::FlowContents::segmentIndexForPositionSlow):
        (WebCore::SimpleLineLayout::FlowContents::runWidth):
        (WebCore::SimpleLineLayout::FlowContents::segmentForPositionSlow): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::appendNextRendererContentIfNeeded): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::nextNonWhitespacePosition): Deleted.
        * rendering/SimpleLineLayoutFlowContents.h:
        (WebCore::SimpleLineLayout::FlowContents::characterAt):
        (WebCore::SimpleLineLayout::FlowContents::isNewlineCharacter):
        (WebCore::SimpleLineLayout::FlowContents::segmentIndexForPosition):
        (WebCore::SimpleLineLayout::FlowContents::segmentForPosition):

2014-11-24  Zalan Bujtas  <zalan@apple.com>

        SimpleLineLayout::canUseFor() should iterate through RenderTexts to check if their content is eligible for simple line layout.
        https://bugs.webkit.org/show_bug.cgi?id=139007

        Reviewed by Antti Koivisto.

        Tests: fast/text/simple-line-layout-multiple-renderers-non-breaking-space.html
               fast/text/simple-line-layout-multiple-renderers-with-float.html

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseFor):

2014-11-22  Sam Weinig  <sam@webkit.org>

        Move the '-webkit-box-reflext' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=139008

        Reviewed by Anders Carlsson.

        * css/CSSPropertyNames.in:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertReflection):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):

2014-11-24  Antti Koivisto  <antti@apple.com>

        Remove unused Style struct from SimpleLineLayout.cpp
        https://bugs.webkit.org/show_bug.cgi?id=139027

        Reviewed by Sam Weinig.

        It was moved to FlowContents.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::Style::Style): Deleted.

2014-11-24  peavo@outlook.com  <peavo@outlook.com>

        [Curl] Compile error in ResourceHandleManager.cpp.
        https://bugs.webkit.org/show_bug.cgi?id=139026

        Reviewed by Brent Fulgham.

        The parameter types of the constructor of the Timer class has changed.

        * platform/network/curl/ResourceHandleManager.cpp:
        (WebCore::ResourceHandleManager::ResourceHandleManager):
        (WebCore::ResourceHandleManager::downloadTimerCallback):
        * platform/network/curl/ResourceHandleManager.h:

2014-11-24  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] Unskip the skipped ATK tests in roles-exposed.html
        https://bugs.webkit.org/show_bug.cgi?id=139016

        Reviewed by Chris Fleizach.

        There was one test that could not be unskipped without making a change
        for that one to pass: mapping DocumentRegionRole to ATK_ROLE_PANEL. The
        rest of the "fix" is just unskipping tests for ATK and updating the test
        expectations.

        No new tests needed.

        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):

2014-11-23  Antti Koivisto  <antti@apple.com>

        Use segment vector for FlowContents
        https://bugs.webkit.org/show_bug.cgi?id=139015

        Reviewed by Zalan Bujtas.

        And FlowContents::Segment struct and use it.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::createLineRuns):
        (WebCore::SimpleLineLayout::splitRunsAtRendererBoundary):

            Use segments.
            If there is only one segment there is nothing to do. Bail out.

        * rendering/SimpleLineLayoutFlowContents.cpp:
        (WebCore::SimpleLineLayout::initializeSegments):

            Move initialization to a function so m_segments can be const.
            Don't add empty end segment, handle the end case in code.

        (WebCore::SimpleLineLayout::FlowContents::FlowContents):
        (WebCore::SimpleLineLayout::FlowContents::textWidth):

            Simplify and use segments.

        (WebCore::SimpleLineLayout::FlowContents::segmentForPositionSlow):

            Replace hand-rolled binary search with std::lower_bounds.

        (WebCore::SimpleLineLayout::FlowContents::segmentForRenderer):
        (WebCore::SimpleLineLayout::FlowContents::appendNextRendererContentIfNeeded):
        (WebCore::SimpleLineLayout::FlowContents::renderer): Deleted.
        (WebCore::SimpleLineLayout::FlowContents::resolveRendererPositions): Deleted.
        * rendering/SimpleLineLayoutFlowContents.h:
        (WebCore::SimpleLineLayout::FlowContents::hasOneSegment):
        (WebCore::SimpleLineLayout::FlowContents::length):
        (WebCore::SimpleLineLayout::FlowContents::isEnd):
        (WebCore::SimpleLineLayout::FlowContents::isEndOfContent): Deleted.

            Renamed.

        (WebCore::SimpleLineLayout::FlowContents::segmentForPosition):

            Inline the fast path.

        * rendering/SimpleLineLayoutResolver.cpp:
        (WebCore::SimpleLineLayout::RunResolver::Run::text):
        (WebCore::SimpleLineLayout::RunResolver::rangeForRenderer):

2014-11-22  Simon Fraser  <simon.fraser@apple.com>

        Extend WKRenderObject and WKRenderLayer with some more useful data
        https://bugs.webkit.org/show_bug.cgi?id=139006

        Reviewed by Sam Weinig.

        Export WebCore::RenderLayerBacking::backingStoreMemoryEstimate() const.

        * WebCore.exp.in:

2014-11-22  Antti Koivisto  <antti@apple.com>

        Make locale part of the SimpleLineLayout::FlowContent::Style
        https://bugs.webkit.org/show_bug.cgi?id=139004

        Reviewed by Zalan Bujtas.

        That's the only part of style not extracted out of RenderStyle in the constructor.

        * rendering/SimpleLineLayoutFlowContents.cpp:
        (WebCore::SimpleLineLayout::FlowContents::Style::Style):
        (WebCore::SimpleLineLayout::FlowContents::FlowContents):
        (WebCore::SimpleLineLayout::FlowContents::appendNextRendererContentIfNeeded):
        * rendering/SimpleLineLayoutFlowContents.h:

            Also remove RenderBlockFlow member since it is now unused.

        (WebCore::SimpleLineLayout::FlowContents::Style::Style): Deleted.

            Move to cpp.

2014-11-22  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] Accessible names missing for imagemap images and links
        https://bugs.webkit.org/show_bug.cgi?id=127288

        Reviewed by Chris Fleizach.

        Return the alt text, if present, for the accessible name for image maps
        and image map links for ATK. Also expose the accessible element with
        ATK_ROLE_IMAGE_MAP instead of ATK_ROLE_IMAGE.

        Test: accessibility/image-with-alt-and-map.html

        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::isImageMap):
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (webkitAccessibleGetName):
        (atkRole):

2014-11-22  Andreas Kling  <akling@apple.com>

        Remove unused Document::ignoreAutofocus().
        <https://webkit.org/b/139002>

        Reviewed by Antti Koivisto.

        No one ever actually changes this flag, so let's remove it.

        * dom/Document.cpp:
        (WebCore::Document::Document):
        * dom/Document.h:
        (WebCore::Document::ignoreAutofocus): Deleted.
        (WebCore::Document::setIgnoreAutofocus): Deleted.
        * html/HTMLFormControlElement.cpp:
        (WebCore::shouldAutofocus):

2014-11-22  Csaba Osztrogonác  <ossy@webkit.org>

        URTBF after r176459 to fix GTK build.

        * platform/ScrollAnimatorNone.cpp:
        (WebCore::ScrollAnimatorNone::ScrollAnimatorNone):
        (WebCore::ScrollAnimatorNone::requestAnimationTimerFired):
        * platform/ScrollAnimatorNone.h:

2014-11-22  Andreas Kling  <akling@apple.com>

        Convert PassRefPtr return types to RefPtr.
        <https://webkit.org/b/138995>

        Reviewed by Anders Carlsson.

        Convert an assortment of DOM and HTML related functions
        to return RefPtr instead of PassRefPtr.

2014-11-21  Jer Noble  <jer.noble@apple.com>

        Unreviewed iOS build fix; move new symbols out of Mac-only exports.

        * WebCore.exp.in:

2014-11-21  Timothy Horton  <timothy_horton@apple.com>

        Remove a file that r176499 presumably did not mean to add.

        * WebCore.exp.in.orig: Removed.

2014-11-21  Jer Noble  <jer.noble@apple.com>

        Support multiple signatures of diagnostic logging.
        https://bugs.webkit.org/show_bug.cgi?id=138690

        Reviewed by Anders Carlsson.

        Pull logDiagnosticMessage() out of ChromeClient and make a new client interface,
        DiagnosticLoggingClient, which supports multiple kinds of diagnostic logging,
        namely: simple logging without a parameter, logging with a success parameter, and
        logging with a generic string value parameter.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute): Use DiagnosticLoggingClient.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::checkLoadCompleteForThisFrame): Ditto.
        * loader/SubframeLoader.cpp:
        (WebCore::logPluginRequest): Ditto.
        * page/ChromeClient.h:
        (WebCore::ChromeClient::logDiagnosticMessage): Deleted.
        * page/DiagnosticLoggingClient.h: 
        (WebCore::DiagnosticLoggingClient::logDiagnosticMessage): Added.
        (WebCore::DiagnosticLoggingClient::logDiagnosticMessageWithResult): Added.
        (WebCore::DiagnosticLoggingClient::logDiagnosticMessageWithValue): Added.
        (WebCore::DiagnosticLoggingClient::~DiagnosticLoggingClient): Empty destructor.

        Rename Page::PageClient to PageConfiguration, and pass that configuration from
        Page into MainFrame upon construction.

        * inspector/InspectorOverlay.cpp:
        (WebCore::InspectorOverlay::overlayPage): Use PageConfiguration instead of PageClients.
        * loader/EmptyClients.cpp:
        (WebCore::fillWithEmptyClients): Ditto.
        * loader/EmptyClients.h:
        * page/MainFrame.cpp:
        (WebCore::MainFrame::MainFrame): Pass loaderClientForMainFrame through to the
            Frame constructor.
        (WebCore::MainFrame::create): Takes a PageConfiguration.
        * page/MainFrame.h:
        (WebCore::MainFrame::diagnosticLoggingClient): Simple accessor.
        * page/Page.cpp:
        (WebCore::Page::Page):
        (WebCore::Page::PageClients::PageClients): Deleted.
        (WebCore::Page::PageClients::~PageClients): Deleted.
        * page/Page.h:
        * page/PageConfiguration.cpp: Added.
        (WebCore::PageConfiguration::PageConfiguration): Renamed from PageClients().
        (WebCore::PageConfiguration::~PageConfiguration): Renamed from ~PageClients().
        * page/PageConfiguration.h: Added.
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::dataChanged): Use PageConfiguration instead of PageClients.

        Add new files and symbols to the project.

        * CMakeLists.txt:
        * WebCore.exp.in:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.xcodeproj/project.pbxproj:

2014-11-21  Chris Dumez  <cdumez@apple.com>

        Throttled DOMTimers can prevent their document from being garbage collected
        https://bugs.webkit.org/show_bug.cgi?id=138915

        Reviewed by Andreas Kling.

        Throttled DOMTimers whose interval depend on viewport changes would
        keep a Vector of elements outside viewport causing them to be throttled
        so that we could check later on (upon scroll or layout) if those
        elements are still outside viewport. The issue is that these elements
        could potentially be removed from the document (and destroyed) after
        the timer has fired. To handle this, DOMTimer was ref'ing the
        elements. Unfortunately, this was causing us to leak the document
        as the elements in the Vector would keep the document alive.

        To handle this issue, this patch updates the DOMTimer Vector to use
        weak pointers. The WeakPtrFactory is stored in ElementRareData to
        avoid wasting memory for all kinds of Elements (it is a fair assumption
        that the number of elements whose style is animated via timers is low).

        Test: fast/dom/throttled-timer-running-on-document-destruction.html

        * dom/Element.cpp:
        (WebCore::Element::createWeakPtr):
        * dom/Element.h:
        * dom/ElementRareData.cpp:
        * dom/ElementRareData.h:
        (WebCore::ElementRareData::weakPtrFactory):
        * page/DOMTimer.cpp:
        (WebCore::DOMTimerFireState::elementsChangedOutsideViewport):
        (WebCore::DOMTimer::updateThrottlingStateAfterViewportChange):
        * page/DOMTimer.h:

2014-11-21  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Unreviewed, EFL build fix since r176459.

        r176459 removed Timer parameter in timer callbacks only for Mac port.
        So this patch applies it to remaining classes for EFL port.

        No new tests, fix build break.

        * Modules/mediastream/RTCDTMFSender.cpp:
        (WebCore::RTCDTMFSender::RTCDTMFSender):
        * Modules/mediastream/RTCDataChannel.cpp:
        (WebCore::RTCDataChannel::RTCDataChannel):
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::RTCPeerConnection):
        * Modules/vibration/Vibration.cpp:
        (WebCore::Vibration::Vibration):
        (WebCore::Vibration::timerFired):
        * Modules/vibration/Vibration.h:
        * bindings/js/GCController.cpp:
        (WebCore::GCController::GCController):
        * platform/efl/BatteryProviderEfl.cpp:
        (WebCore::BatteryProviderEfl::BatteryProviderEfl):
        (WebCore::BatteryProviderEfl::timerFired):
        * platform/efl/BatteryProviderEfl.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::MediaPlayerPrivateGStreamer):
        (WebCore::MediaPlayerPrivateGStreamer::fillTimerFired):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        * platform/graphics/texmap/TextureMapper.cpp:
        (WebCore::BitmapTexturePool::BitmapTexturePool):
        (WebCore::BitmapTexturePool::releaseUnusedTexturesTimerFired):
        * platform/graphics/texmap/coordinated/CompositingCoordinator.cpp:
        (WebCore::CompositingCoordinator::CompositingCoordinator):
        (WebCore::CompositingCoordinator::releaseInactiveAtlasesTimerFired):
        * platform/graphics/texmap/coordinated/CompositingCoordinator.h:
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::CoordinatedGraphicsLayer):
        (WebCore::CoordinatedGraphicsLayer::animationStartedTimerFired):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
        * platform/graphics/texmap/coordinated/CoordinatedImageBacking.cpp:
        (WebCore::CoordinatedImageBacking::CoordinatedImageBacking):
        (WebCore::CoordinatedImageBacking::clearContentsTimerFired):
        * platform/graphics/texmap/coordinated/CoordinatedImageBacking.h:
        * platform/mock/DeviceMotionClientMock.cpp:
        (WebCore::DeviceMotionClientMock::DeviceMotionClientMock):
        (WebCore::DeviceMotionClientMock::timerFired):
        * platform/mock/DeviceMotionClientMock.h:
        * platform/mock/TimerEventBasedMock.h:
        (WebCore::TimerEvent::TimerEvent):
        (WebCore::TimerEvent::timerFired):

2014-11-21  Benjamin Poulain  <bpoulain@apple.com>

        Start using the new :not() and :matches() in the Web Inspector
        https://bugs.webkit.org/show_bug.cgi?id=138978

        Reviewed by Joseph Pecoraro.

        There are only minor pending issues on :not() and :matches(). The feedback
        has only been positive so far. It is time to move them out the experimental
        flag.

        * css/CSSGrammar.y.in:
        * css/CSSParser.cpp:
        (WebCore::CSSParser::detectFunctionTypeToken):
        * css/CSSSelector.cpp:
        (WebCore::simpleSelectorSpecificityInternal):
        (WebCore::simpleSelectorFunctionalPseudoClassStaticSpecificity):
        (WebCore::appendSelectorList):
        (WebCore::CSSSelector::selectorText):
        * css/CSSSelector.h:
        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        (WebCore::SelectorChecker::determineLinkMatchType):
        * css/SelectorPseudoClassAndCompatibilityElementMap.in:
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addPseudoClassType):

2014-11-21  Chris Dumez  <cdumez@apple.com>

        Unreviewed, iOS build fix after r176462.

        Export a few extra symbols.

        * WebCore.exp.in:

2014-11-21  Chris Dumez  <cdumez@apple.com>

        Properties in CSSPropertyNames.in should use the new StyleBuilder by default
        https://bugs.webkit.org/show_bug.cgi?id=138983

        Reviewed by Andreas Kling.

        This patch makes using the new StyleBuilder the default and drops the
        [NewStyleBuilder] option as a result. A new [LegacyStyleBuilder] option
        is introduced for CSS properties that are not generated in the new
        StyleBuilder yet.

        * css/CSSPropertyNames.in:
        * css/SVGCSSPropertyNames.in:
        * css/makeprop.pl:

2014-11-21  Chris Dumez  <cdumez@apple.com>

        [iOS] Regression(r176202): line-height is wrong on marco.org
        https://bugs.webkit.org/show_bug.cgi?id=138970

        Reviewed by Simon Fraser.

        After r176202, on iOS with IOS_TEXT_AUTOSIZING enabled, we would
        multiply the lineHeight by RenderStyle::textSizeAdjust()::multiplier()
        unconditionally. However, we're only supposed to do so if
        RenderStyle::textSizeAdjust()::isPercentage() returns true. This
        patch reintroduces the textSizeAdjust().isPercentage() check that was
        inadvertently dropped when refactoring the code to be shared between
        iOS and OS X.

        Additionally, the multiplier is only supposed the be applied if the
        input CSSPrimitiveValue is a Length or a Number. However, after
        r176202, we would apply the multiplier if the CSSPrimitiveValue is
        a Percentage or a Number. This patch updates the code to match the
        behavior prior to r176202.

        Test: fast/css/line-height-text-autosizing.html

        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderFunctions::convertLineHeight):
        (WebCore::StyleBuilderFunctions::applyValueLineHeight):

2014-11-21  Chris Fleizach  <cfleizach@apple.com>

        AX: com.apple.WebKit.WebContent crashed at WebCore: WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored const
        https://bugs.webkit.org/show_bug.cgi?id=138905

        Reviewed by Mario Sanchez Prada.

        The crash log indicates that m_renderer is null at the time we ask ancestorsOfType(). 
        This is more of a speculative fix, since I am not entirely sure m_renderer is null when we enter the method.

        Unable to determine cause of crash or how to reproduce on demand.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored):

2014-11-21  Jer Noble  <jer.noble@apple.com>

        [EME][Mac] Check the underlying error if the one returned by AVFoundation is AVErrorUnknown.
        https://bugs.webkit.org/show_bug.cgi?id=138986

        Reviewed by Eric Carlson.

        When we recieve an error with the code AVErrorUnknown, look for an underlying error from CoreMedia (or another
        lower-level framework) with a (presumably) more informative error code, and return that code instead.

        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
        (WebCore::systemCodeForError):
        (WebCore::CDMSessionMediaSourceAVFObjC::layerDidReceiveError):
        (WebCore::CDMSessionMediaSourceAVFObjC::rendererDidReceiveError):

2014-11-21  Chris Fleizach  <cfleizach@apple.com>

        AX: Unclear that user and password are autofilled, no VoiceOver version of the yellow outline.
        https://bugs.webkit.org/show_bug.cgi?id=138904

        Reviewed by Mario Sanchez Prada.

        Add an attribute that marks when a text field is auto-filled.

        Test: accessibility/auto-filled-value.html

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::isValueAutofilled):
        * accessibility/AccessibilityObject.h:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeNames]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

2014-11-21  Andreas Kling  <akling@apple.com>

        RenderElement::removeChild() doesn't need a return value.
        <https://webkit.org/b/138985>

        Reviewed by Pantti Koivisto.

        Nobody uses the return value from RenderElement::removeChild().
        Change it to return void and remove all the unnecessary plumbing.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::removeChild):
        * rendering/RenderBlock.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::removeChild):
        * rendering/RenderBlockFlow.h:
        * rendering/RenderButton.cpp:
        (WebCore::RenderButton::removeChild):
        * rendering/RenderButton.h:
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::removeChild):
        (WebCore::RenderElement::removeChildInternal):
        * rendering/RenderElement.h:
        * rendering/RenderMenuList.cpp:
        (RenderMenuList::removeChild):
        * rendering/RenderMenuList.h:
        * rendering/RenderRuby.cpp:
        (WebCore::RenderRubyAsInline::removeChild):
        (WebCore::RenderRubyAsBlock::removeChild):
        * rendering/RenderRuby.h:
        * rendering/RenderRubyRun.cpp:
        (WebCore::RenderRubyRun::removeChild):
        * rendering/RenderRubyRun.h:
        * rendering/mathml/RenderMathMLRoot.cpp:
        (WebCore::RenderMathMLRootWrapper::removeChildWithoutRestructuring):
        (WebCore::RenderMathMLRootWrapper::removeChild):
        * rendering/mathml/RenderMathMLRoot.h:
        * rendering/mathml/RenderMathMLScripts.cpp:
        (WebCore::RenderMathMLScripts::removeChildInternal):
        (WebCore::RenderMathMLScripts::removeChild):
        (WebCore::RenderMathMLScriptsWrapper::removeChildInternal):
        (WebCore::RenderMathMLScriptsWrapper::removeChild):
        * rendering/mathml/RenderMathMLScripts.h:
        * rendering/svg/RenderSVGContainer.cpp:
        (WebCore::RenderSVGContainer::removeChild):
        * rendering/svg/RenderSVGContainer.h:
        * rendering/svg/RenderSVGInline.cpp:
        (WebCore::RenderSVGInline::removeChild):
        * rendering/svg/RenderSVGInline.h:
        * rendering/svg/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::removeChild):
        * rendering/svg/RenderSVGRoot.h:
        * rendering/svg/RenderSVGText.cpp:
        (WebCore::RenderSVGText::removeChild):
        * rendering/svg/RenderSVGText.h:

2014-11-21  Tim Horton  <timothy_horton@apple.com>

        REGRESSION (r176351): Parts of apple.com/contact aren't Lookup-able
        ​https://bugs.webkit.org/show_bug.cgi?id=138960
        <rdar://problem/19056715>

        Reviewed by Anders Carlsson.

        * platform/spi/mac/DataDetectorsSPI.h:
        Add some DataDetectors SPI.

2014-11-21  Jer Noble  <jer.noble@apple.com>

        [Mac] Random crashes inside media libraries when creating then destroying media quickly.
        https://bugs.webkit.org/show_bug.cgi?id=138980

        Reviewed by Eric Carlson.

        Speculative fix for random crashes in the layout tests which occur randomly but regularly. The theory is
        that creating-then-destroying our media objects too quickly triggers crashes deep within the media frameworks
        when their initialization threads don't have a chance to complete before the main player object is destroyed.
        Test out this theory by delaying the destruction of the AVPlayer object for 1s after its owner is destroyed.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::cancelLoad):

2014-11-21  Jer Noble  <jer.noble@apple.com>

        [Mac] Delay of 1-2s after the first paint of a video frame.
        https://bugs.webkit.org/show_bug.cgi?id=138979

        Reviewed by Eric Carlson.

        Only bother waiting for a signal that a new image is ready when the image isn't ready in the first place.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::paintWithVideoOutput):

2014-11-21  Glenn Adams  <glenn@skynav.com> and Myles C. Maxfield  <mmaxfield@apple.com>

        Add support to -webkit-line-break property for CSS3 Text line-break property values and semantics.
        https://bugs.webkit.org/show_bug.cgi?id=89235

        Reviewed by Eric Seidel and Dave Hyatt.

        This patch adds semantic support for the CSS3 line-break property (qua -webkit-line-break),
        and enables testing on (apple) mac ports. Follow on patches will enable these tests on
        other ports as they are incrementally verified.

        See also wiki documentation at:
        [1] http://trac.webkit.org/wiki/LineBreaking
        [2] http://trac.webkit.org/wiki/LineBreakingCSS3Mapping

        Tests: css3/line-break/line-break-auto-centered.html
               css3/line-break/line-break-auto-half-kana.html
               css3/line-break/line-break-auto-hyphens.html
               css3/line-break/line-break-auto-inseparables.html
               css3/line-break/line-break-auto-iteration-marks.html
               css3/line-break/line-break-auto-postfixes.html
               css3/line-break/line-break-auto-prefixes.html
               css3/line-break/line-break-auto-sound-marks.html
               css3/line-break/line-break-loose-centered.html
               css3/line-break/line-break-loose-half-kana.html
               css3/line-break/line-break-loose-hyphens.html
               css3/line-break/line-break-loose-inseparables.html
               css3/line-break/line-break-loose-iteration-marks.html
               css3/line-break/line-break-loose-postfixes.html
               css3/line-break/line-break-loose-prefixes.html
               css3/line-break/line-break-loose-sound-marks.html
               css3/line-break/line-break-normal-centered.html
               css3/line-break/line-break-normal-half-kana.html
               css3/line-break/line-break-normal-hyphens.html
               css3/line-break/line-break-normal-inseparables.html
               css3/line-break/line-break-normal-iteration-marks.html
               css3/line-break/line-break-normal-postfixes.html
               css3/line-break/line-break-normal-prefixes.html
               css3/line-break/line-break-normal-sound-marks.html
               css3/line-break/line-break-strict-centered.html
               css3/line-break/line-break-strict-half-kana.html
               css3/line-break/line-break-strict-hyphens.html
               css3/line-break/line-break-strict-inseparables.html
               css3/line-break/line-break-strict-iteration-marks.html
               css3/line-break/line-break-strict-postfixes.html
               css3/line-break/line-break-strict-prefixes.html
               css3/line-break/line-break-strict-sound-marks.html

        These tests were previously added in http://trac.webkit.org/changeset/143378, but skipped
        in generic TestExpectations. In this patch, they are marked as Pass for the (apple) mac ports.

        * platform/text/LineBreakIteratorPoolICU.h:
        (WebCore::LineBreakIteratorPool::makeLocaleWithBreakKeyword):
        Add static function to construct ICU locale argument (also used as pool key) with additional
        break keyword.
        (LineBreakIteratorPool):
        (WebCore::LineBreakIteratorPool::take):
        (WebCore::LineBreakIteratorPool::put):
        Remove direct dependency from ICU library (and types), moving that dependency into
        new {open,close}LineBreakIterator() functions (defined in TextBreakIteratorICU.cpp).
        Update to take line break mode into account.
        Create (and cache) different break iterators depending on line break mode (in addition to locale),
        which entails expanding pool entry key format to optionally append "@break=" +
        "loose"|"normal"|"strict" keyword to locale string.

        * platform/text/TextBreakIterator.h:
        (WebCore::LazyLineBreakIterator::LazyLineBreakIterator):
        (WebCore::LazyLineBreakIterator::isLooseCJKMode):
        (WebCore::LazyLineBreakIterator::get):
        (WebCore::LazyLineBreakIterator::reset):
        (LazyLineBreakIterator):
        Define LineBreakIteratorMode enumeration for use in TextBreakIterator et al.
        Add state member to indicate line break mode.

        * platform/text/TextBreakIteratorICU.cpp:
        (WebCore::acquireLineBreakIterator):
        Use new line break mode when making iterator from pool.
        Handle change of return type of LineBreakIteratorPool::take() to non-ICU type,
        i.e., TextBreakIterator* instead of ICU's UBreakIterator*.
        (WebCore::releaseLineBreakIterator):
        Handle change of parameter type of LineBreakIteratorPool::put() to non-ICU type,
        i.e., TextBreakIterator* instead of ICU's UBreakIterator*.
        (WebCore):
        (WebCore::isCJKLocale):
        New functions for determining if CJK rules apply.
        (WebCore::openLineBreakIterator):
        New function for abstracting opening of ICU style line break iterator. This is now
        used in LineBreakIteratorPoolICU.h rather than having direct ICU API dependency there.
        This function also takes into account the line break mode.

        Note that this function only calls ubrk_openRules() when the author has opted-in via
        using the -webkit-line-break CSS property. Eventually, we would like to be able to
        customize the rules that ICU's line breaking algorithm uses (especially for CJK text);
        however, ubrk_openRules() currently parses its input string to create a DFA and is
        therefore very slow. In fact, it's so slow that increasing our cache size in
        LineBreakIteratorPool doesn't actually help enough. Also note that the default value
        for the line-break CSS property is 'auto'.
        (WebCore::closeLineBreakIterator):
        (WebCore::mapLineIteratorModeToRules):
        New function for abstracting closing of ICU style line break iterator. This is now
        used in LineBreakIteratorPoolICU.h rather than having direct ICU API dependency there.

        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlock::LineBreaker::nextSegmentBreak):
        Pass line break iterator mode flag when reseting LazyLineBreakIterator.
        Add looseMode local variable to prevent need for computing under isBreakable().

        * rendering/RenderText.cpp:
        (WebCore::mapLineBreakToIteratorMode):
        Add implementation for mapLineBreakToIteratorMode(), used by both RenderText::computePreferredLogicalWidths
        and RenderBlock::LineBreaker::nextLineBreak.
        (WebCore):
        (WebCore::RenderText::computePreferredLogicalWidths):
        Ensure (lazy line) breakIterator is initialized for line break mode.
        Ensure isBreakable() is passed loose mode flag to match behavior in RenderBlock::LineBreaker::nextLineBreak.

        * rendering/RenderText.h:
        (WebCore):
        Add declaration for mapLineBreakToIteratorMode(), used by both RenderText::computePreferredLogicalWidths
        and RenderBlock::LineBreaker::nextLineBreak.

        * rendering/break_lines.cpp:
        (WebCore):
        Introduce (local) enum NBSPBehavior for expanding template on nextBreakablePosition.
        (WebCore::isBreakableSpace):
        Add externally specified loose mode parameter to prevent need to invoke line break iterator
        accessor method on each invocation. Use new loose mode flavors off NBP functions.
        (WebCore::needsLineBreakIterator):
        Use enum NBSP behavior template parameter rather than boolean.
        (WebCore::nextBreakablePositionNonLoosely):
        Extend name to distinguish from loose flavor of this function.
        (WebCore::nextBreakablePositionLoosely):
        Add loose flavor of NBP invoked only when loose mode applies, in which case ASCII shortcut
        table cannot be used.
        (WebCore::nextBreakablePosition):
        (WebCore::nextBreakablePositionIgnoringNBSP):
        Use (renamed) non-loose flavor of NBP.
        (WebCore::nextBreakablePositionLoose):
        (WebCore::nextBreakablePositionIgnoringNBSPLoose):
        Introduce loose flavor of NBP template expansions.

        * rendering/break_lines.h:
        (WebCore):
        (WebCore::isBreakable):
        Add externally specified loose mode parameter to prevent need to invoke line break iterator
        accessor method on each invocation.

2014-11-21  Anders Carlsson  <andersca@apple.com>

        More build fixes.

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::MediaStream):

2014-11-21  Eric Carlson  <eric.carlson@apple.com>

        [iOS] allocate volume view on the main thread
        https://bugs.webkit.org/show_bug.cgi?id=138971
        rdar://problem/18016958

        Reviewed by Jer Noble.

        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (-[WebMediaSessionHelper allocateVolumeView]): New, dispatch to the main thread if necessary before allocating
            the volume view.
        (-[WebMediaSessionHelper initWithCallback:]): Call allocateVolumeView.

2014-11-21  Zalan Bujtas  <zalan@apple.com>

        REGRESSION(r175259) Simple line layout text measuring behavior changed.
        https://bugs.webkit.org/show_bug.cgi?id=138947
        rdar://problem/19050653

        Reviewed by Antti Koivisto.

        In certain cases, when block flow needs to compute the preferred width of a particular text
        renderer, we use the non-simple line layout text measuring.
        However, the same text renderer might end up at simple line layout later.
        Complex line layout measures text including the trailing space and it subtracts
        (the constant value of) space width afterwards, while simple line layout measures
        runs without the extra space.
        In such cases, this may result different word widths and produce unexpected line breaking. (preferred width != final width)
        In long term, any text renderer qualified for simple line layout should go through the simple
        text measuring code path. (https://bugs.webkit.org/show_bug.cgi?id=138973)
        For now, just copy complex line layout behaviour. This also matches the previous simple line layout line breaking implementation.

        Test: fast/text/simple-line-text-measuring-with-trailing-space.html

        * rendering/SimpleLineLayoutFlowContents.cpp:
        (WebCore::SimpleLineLayout::FlowContents::textWidth):

2014-11-21  Anders Carlsson  <andersca@apple.com>

        More Windows build fixes.

        * platform/graphics/ca/win/LegacyCACFLayerTreeHost.cpp:
        (WebCore::LegacyCACFLayerTreeHost::LegacyCACFLayerTreeHost):
        (WebCore::LegacyCACFLayerTreeHost::renderTimerFired):
        * platform/graphics/ca/win/LegacyCACFLayerTreeHost.h:
        * platform/mock/GeolocationClientMock.cpp:
        (WebCore::GeolocationClientMock::GeolocationClientMock):
        (WebCore::GeolocationClientMock::permissionTimerFired):
        (WebCore::GeolocationClientMock::controllerTimerFired):
        * platform/mock/GeolocationClientMock.h:

2014-11-21  Andreas Kling  <akling@apple.com>

        RenderMathMLScripts isPrescript() helper should take a reference.
        <https://webkit.org/b/138975>

        Reviewed by Antti Koivisto.

        Tidy this up a bit, since it's never called with a null pointer.

        * rendering/mathml/RenderMathMLScripts.cpp:
        (WebCore::isPrescript):
        (WebCore::RenderMathMLScripts::fixAnonymousStyles):
        (WebCore::RenderMathMLScripts::addChildInternal):
        (WebCore::RenderMathMLScripts::removeChildInternal):
        (WebCore::RenderMathMLScripts::layout):
        (WebCore::RenderMathMLScriptsWrapper::addChildInternal):
        (WebCore::RenderMathMLScriptsWrapper::removeChildInternal):

2014-11-21  Anders Carlsson  <andersca@apple.com>

        Windows build fixes.

        * plugins/PluginPackage.cpp:
        (WebCore::PluginPackage::freeLibraryTimerFired):
        (WebCore::PluginPackage::PluginPackage):
        * plugins/PluginPackage.h:
        * plugins/PluginStream.cpp:
        (WebCore::PluginStream::PluginStream):
        (WebCore::PluginStream::delayDeliveryTimerFired):
        (WebCore::PluginStream::deliverData): Deleted.
        * plugins/PluginStream.h:
        * plugins/PluginView.cpp:
        (WebCore::PluginView::popPopupsStateTimerFired):
        (WebCore::PluginView::requestTimerFired):
        (WebCore::PluginView::invalidateTimerFired):
        (WebCore::PluginView::PluginView):
        (WebCore::PluginView::lifeSupportTimerFired):
        (WebCore::PluginView::performRequest): Deleted.
        (WebCore::PluginView::setValue): Deleted.
        (WebCore::PluginView::setParameters): Deleted.
        (WebCore::PluginView::userAgent): Deleted.
        * plugins/PluginView.h:
        * plugins/win/PluginMessageThrottlerWin.cpp:
        (WebCore::PluginMessageThrottlerWin::PluginMessageThrottlerWin):
        (WebCore::PluginMessageThrottlerWin::messageThrottleTimerFired):
        * plugins/win/PluginMessageThrottlerWin.h:

2014-11-21  Tim Horton  <timothy_horton@apple.com>

        REGRESSION (r176351): Parts of apple.com/contact aren't Lookup-able
        https://bugs.webkit.org/show_bug.cgi?id=138960
        <rdar://problem/19056715>

        Reviewed by Beth Dakin.

        * platform/spi/mac/DataDetectorsSPI.h:
        Softlink some SPI.

2014-11-21  Tim Horton  <timothy_horton@apple.com>

        Move TextIndicator{Window} to WebCore
        https://bugs.webkit.org/show_bug.cgi?id=138954
        <rdar://problem/18992185>

        Some adjustments by Csaba Osztrogonác.
        Reviewed by Anders Carlsson.

        Move TextIndicator and TextIndicatorWindow to WebCore so that both
        WebKits can share the implementation.

        * CMakeLists.txt:
        Build TextIndicator.

        * WebCore.exp.in:
        Export TextIndicator{Window} symbols for the WebKits.

        * WebCore.xcodeproj/project.pbxproj:
        * page/TextIndicator.cpp: Renamed from Source/WebKit2/Shared/TextIndicator.cpp.
        * page/TextIndicator.h: Renamed from Source/WebKit2/Shared/TextIndicator.h.
        Straighforward move of TextIndicator from WebKit2, except:

        Move TextIndicator::Data and TextIndicator::PresentationTransition out directly
        into the WebCore namespace to allow for implementation of WebKit2 argument coders.

        Use Image instead of ShareableBitmap internally.

        Move the TextIndicatorData encode/decode to WebCoreArgumentCoders.
        
        * page/mac/TextIndicatorWindow.h: Renamed from Source/WebKit2/UIProcess/mac/TextIndicatorWindow.h.
        * page/mac/TextIndicatorWindow.mm: Renamed from Source/WebKit2/UIProcess/mac/TextIndicatorWindow.mm.
        Straighforward move of TextIndicatorWindow from WebKit2.

2014-11-21  Anders Carlsson  <andersca@apple.com>

        Remove the Timer parameters from timer callbacks
        https://bugs.webkit.org/show_bug.cgi?id=138974

        Reviewed by Antti Koivisto.

        * Modules/encryptedmedia/MediaKeySession.cpp:
        (WebCore::MediaKeySession::MediaKeySession):
        (WebCore::MediaKeySession::keyRequestTimerFired):
        (WebCore::MediaKeySession::addKeyTimerFired):
        * Modules/encryptedmedia/MediaKeySession.h:
        * Modules/geolocation/Geolocation.cpp:
        (WebCore::Geolocation::GeoNotifier::GeoNotifier):
        (WebCore::Geolocation::GeoNotifier::timerFired):
        (WebCore::Geolocation::Geolocation):
        (WebCore::Geolocation::resumeTimerFired):
        * Modules/geolocation/Geolocation.h:
        * Modules/indexeddb/IDBTransactionBackend.cpp:
        (WebCore::IDBTransactionBackend::IDBTransactionBackend):
        (WebCore::IDBTransactionBackend::taskTimerFired):
        * Modules/indexeddb/IDBTransactionBackend.h:
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::SourceBuffer):
        (WebCore::SourceBuffer::appendBufferTimerFired):
        (WebCore::SourceBuffer::removeTimerFired):
        * Modules/mediasource/SourceBuffer.h:
        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::MediaStream):
        (WebCore::MediaStream::scheduledEventTimerFired):
        * Modules/mediastream/MediaStream.h:
        * Modules/mediastream/RTCDTMFSender.cpp:
        (WebCore::RTCDTMFSender::RTCDTMFSender):
        (WebCore::RTCDTMFSender::scheduledEventTimerFired):
        * Modules/mediastream/RTCDTMFSender.h:
        * Modules/mediastream/RTCDataChannel.cpp:
        (WebCore::RTCDataChannel::RTCDataChannel):
        (WebCore::RTCDataChannel::scheduledEventTimerFired):
        * Modules/mediastream/RTCDataChannel.h:
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::RTCPeerConnection):
        (WebCore::RTCPeerConnection::scheduledEventTimerFired):
        * Modules/mediastream/RTCPeerConnection.h:
        * Modules/notifications/Notification.cpp:
        (WebCore::Notification::Notification):
        (WebCore::Notification::taskTimerFired):
        * Modules/notifications/Notification.h:
        * Modules/notifications/NotificationCenter.cpp:
        (WebCore::NotificationCenter::NotificationRequestCallback::NotificationRequestCallback):
        (WebCore::NotificationCenter::NotificationRequestCallback::timerFired):
        * Modules/notifications/NotificationCenter.h:
        * Modules/websockets/WebSocketChannel.cpp:
        (WebCore::WebSocketChannel::WebSocketChannel):
        (WebCore::WebSocketChannel::resumeTimerFired):
        (WebCore::WebSocketChannel::closingTimerFired):
        * Modules/websockets/WebSocketChannel.h:
        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::AXObjectCache):
        (WebCore::AXObjectCache::notificationPostTimerFired):
        * accessibility/AXObjectCache.h:
        * bindings/js/GCController.cpp:
        (WebCore::GCController::GCController):
        (WebCore::GCController::gcTimerFired):
        * bindings/js/GCController.h:
        * css/CSSFontFaceSource.h:
        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::CSSFontSelector):
        (WebCore::CSSFontSelector::beginLoadTimerFired):
        * css/CSSFontSelector.h:
        * css/CSSImageGeneratorValue.cpp:
        (WebCore::CSSImageGeneratorValue::CachedGeneratedImage::CachedGeneratedImage):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::StyleResolver):
        (WebCore::StyleResolver::sweepMatchedPropertiesCache):
        * css/StyleResolver.h:
        * dom/Document.cpp:
        (WebCore::Document::Document):
        (WebCore::Document::visualUpdatesSuppressionTimerFired):
        (WebCore::Document::styleRecalcTimerFired):
        (WebCore::Document::optimizedStyleSheetUpdateTimerFired):
        (WebCore::Document::sharedObjectPoolClearTimerFired):
        (WebCore::Document::updateFocusAppearanceTimerFired):
        (WebCore::Document::pendingTasksTimerFired):
        (WebCore::Document::webkitWillEnterFullScreenForElement):
        (WebCore::Document::webkitDidExitFullScreenForElement):
        (WebCore::Document::fullScreenChangeDelayTimerFired):
        (WebCore::Document::loadEventDelayTimerFired):
        (WebCore::Document::didAssociateFormControlsTimerFired):
        (WebCore::Document::domCookieCacheExpiryTimerFired):
        * dom/Document.h:
        * dom/EventSender.h:
        (WebCore::EventSender::timerFired):
        (WebCore::EventSender<T>::EventSender):
        * dom/ScriptRunner.cpp:
        (WebCore::ScriptRunner::ScriptRunner):
        (WebCore::ScriptRunner::timerFired):
        * dom/ScriptRunner.h:
        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::ScriptedAnimationController):
        (WebCore::ScriptedAnimationController::animationTimerFired):
        * dom/ScriptedAnimationController.h:
        * dom/StyledElement.cpp:
        (WebCore::PresentationAttributeCacheCleaner::PresentationAttributeCacheCleaner):
        (WebCore::PresentationAttributeCacheCleaner::cleanCache):
        * editing/AlternativeTextController.cpp:
        (WebCore::AlternativeTextController::AlternativeTextController):
        (WebCore::AlternativeTextController::timerFired):
        * editing/AlternativeTextController.h:
        * editing/Editor.cpp:
        (WebCore::Editor::Editor):
        (WebCore::Editor::updateEditorUINowIfScheduled):
        (WebCore::Editor::editorUIUpdateTimerFired):
        (WebCore::Editor::scanSelectionForTelephoneNumbers): Deleted.
        * editing/Editor.h:
        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::FrameSelection):
        (WebCore::FrameSelection::caretBlinkTimerFired):
        * editing/FrameSelection.h:
        * editing/SpellChecker.cpp:
        (WebCore::SpellChecker::SpellChecker):
        (WebCore::SpellChecker::timerFiredToProcessQueuedRequest):
        * editing/SpellChecker.h:
        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::HTMLFormElement):
        (WebCore::HTMLFormElement::requestAutocompleteTimerFired):
        * html/HTMLFormElement.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::HTMLMediaElement):
        (WebCore::HTMLMediaElement::parseAttribute):
        * html/HTMLMediaElement.h:
        * html/HTMLPlugInElement.cpp:
        (WebCore::HTMLPlugInElement::HTMLPlugInElement):
        (WebCore::HTMLPlugInElement::swapRendererTimerFired):
        * html/HTMLPlugInElement.h:
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::HTMLPlugInImageElement):
        (WebCore::HTMLPlugInImageElement::removeSnapshotTimerFired):
        * html/HTMLPlugInImageElement.h:
        * html/HTMLSourceElement.cpp:
        (WebCore::HTMLSourceElement::HTMLSourceElement):
        (WebCore::HTMLSourceElement::errorEventTimerFired):
        * html/HTMLSourceElement.h:
        * html/HTMLTrackElement.cpp:
        (WebCore::HTMLTrackElement::HTMLTrackElement):
        (WebCore::HTMLTrackElement::loadTimerFired):
        * html/HTMLTrackElement.h:
        * html/MediaController.cpp:
        (MediaController::MediaController):
        (MediaController::asyncEventTimerFired):
        (MediaController::clearPositionTimerFired):
        (MediaController::timeupdateTimerFired):
        * html/MediaController.h:
        * html/MediaDocument.cpp:
        (WebCore::MediaDocument::MediaDocument):
        (WebCore::MediaDocument::replaceMediaElementTimerFired):
        * html/MediaDocument.h:
        * html/SearchInputType.cpp:
        (WebCore::SearchInputType::SearchInputType):
        (WebCore::SearchInputType::searchEventTimerFired):
        * html/SearchInputType.h:
        * html/ValidationMessage.cpp:
        (WebCore::ValidationMessage::setMessage):
        (WebCore::ValidationMessage::setMessageDOMAndStartTimer):
        (WebCore::ValidationMessage::buildBubbleTree):
        (WebCore::ValidationMessage::requestToHideMessage):
        (WebCore::ValidationMessage::deleteBubbleTree):
        * html/ValidationMessage.h:
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::WebGLRenderingContext):
        (WebCore::WebGLRenderingContext::dispatchContextLostEvent):
        (WebCore::WebGLRenderingContext::maybeRestoreContext):
        * html/canvas/WebGLRenderingContext.h:
        * html/parser/HTMLParserScheduler.cpp:
        (WebCore::HTMLParserScheduler::HTMLParserScheduler):
        (WebCore::HTMLParserScheduler::continueNextChunkTimerFired):
        * html/parser/HTMLParserScheduler.h:
        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlPanelElement::MediaControlPanelElement):
        (WebCore::MediaControlPanelElement::transitionTimerFired):
        (WebCore::MediaControlTextTrackContainerElement::MediaControlTextTrackContainerElement):
        (WebCore::MediaControlTextTrackContainerElement::updateTimerFired):
        * html/shadow/MediaControlElements.h:
        * html/shadow/MediaControls.cpp:
        (WebCore::MediaControls::MediaControls):
        (WebCore::MediaControls::hideFullscreenControlsTimerFired):
        * html/shadow/MediaControls.h:
        * html/shadow/SpinButtonElement.cpp:
        (WebCore::SpinButtonElement::SpinButtonElement):
        (WebCore::SpinButtonElement::repeatingTimerFired):
        * html/shadow/SpinButtonElement.h:
        * html/track/LoadableTextTrack.cpp:
        (WebCore::LoadableTextTrack::LoadableTextTrack):
        (WebCore::LoadableTextTrack::loadTimerFired):
        * html/track/LoadableTextTrack.h:
        * html/track/VTTRegion.cpp:
        (WebCore::VTTRegion::VTTRegion):
        (WebCore::VTTRegion::scrollTimerFired):
        * html/track/VTTRegion.h:
        * inspector/InspectorCSSAgent.cpp:
        (WebCore::ChangeRegionOversetTask::ChangeRegionOversetTask):
        (WebCore::ChangeRegionOversetTask::timerFired):
        * inspector/InspectorDOMAgent.cpp:
        (WebCore::RevalidateStyleAttributeTask::RevalidateStyleAttributeTask):
        (WebCore::RevalidateStyleAttributeTask::timerFired):
        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorBackendDispatchTask::InspectorBackendDispatchTask):
        (WebCore::InspectorBackendDispatchTask::timerFired):
        * inspector/InspectorOverlay.cpp:
        (WebCore::InspectorOverlay::InspectorOverlay):
        (WebCore::InspectorOverlay::updatePaintRectsTimerFired):
        * inspector/InspectorOverlay.h:
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::DocumentLoader):
        (WebCore::DocumentLoader::handleSubstituteDataLoadNow):
        (WebCore::DocumentLoader::handleSubstituteDataLoadSoon):
        (WebCore::DocumentLoader::substituteResourceDeliveryTimerFired):
        * loader/DocumentLoader.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::FrameLoader):
        (WebCore::FrameLoader::checkTimerFired):
        * loader/FrameLoader.h:
        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::ImageLoader):
        (WebCore::ImageLoader::timerFired):
        * loader/ImageLoader.h:
        * loader/LinkLoader.cpp:
        (WebCore::LinkLoader::LinkLoader):
        (WebCore::LinkLoader::linkLoadTimerFired):
        (WebCore::LinkLoader::linkLoadingErrorTimerFired):
        * loader/LinkLoader.h:
        * loader/NavigationScheduler.cpp:
        (WebCore::NavigationScheduler::NavigationScheduler):
        (WebCore::NavigationScheduler::timerFired):
        * loader/NavigationScheduler.h:
        * loader/PingLoader.cpp:
        (WebCore::PingLoader::PingLoader):
        * loader/PingLoader.h:
        (WebCore::PingLoader::timeoutTimerFired):
        * loader/ProgressTracker.cpp:
        (WebCore::ProgressTracker::ProgressTracker):
        (WebCore::ProgressTracker::progressHeartbeatTimerFired):
        * loader/ProgressTracker.h:
        * loader/ResourceLoadScheduler.cpp:
        (WebCore::ResourceLoadScheduler::ResourceLoadScheduler):
        (WebCore::ResourceLoadScheduler::requestTimerFired):
        * loader/ResourceLoadScheduler.h:
        * loader/TextTrackLoader.cpp:
        (WebCore::TextTrackLoader::TextTrackLoader):
        (WebCore::TextTrackLoader::cueLoadTimerFired):
        * loader/TextTrackLoader.h:
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::CachedResource):
        (WebCore::CachedResource::Callback::Callback):
        (WebCore::CachedResource::Callback::timerFired):
        * loader/cache/CachedResource.h:
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::CachedResourceLoader):
        (WebCore::CachedResourceLoader::garbageCollectDocumentResourcesTimerFired):
        * loader/cache/CachedResourceLoader.h:
        * loader/icon/IconDatabase.cpp:
        (WebCore::IconDatabase::IconDatabase):
        (WebCore::IconDatabase::syncTimerFired):
        * loader/icon/IconDatabase.h:
        * page/AutoscrollController.cpp:
        (WebCore::AutoscrollController::AutoscrollController):
        (WebCore::AutoscrollController::autoscrollTimerFired):
        * page/AutoscrollController.h:
        * page/CaptionUserPreferences.cpp:
        (WebCore::CaptionUserPreferences::CaptionUserPreferences):
        (WebCore::CaptionUserPreferences::timerFired):
        * page/CaptionUserPreferences.h:
        * page/CaptionUserPreferencesMediaAF.cpp:
        (WebCore::CaptionUserPreferencesMediaAF::CaptionUserPreferencesMediaAF):
        (WebCore::CaptionUserPreferencesMediaAF::updateTimerFired):
        * page/CaptionUserPreferencesMediaAF.h:
        * page/DeviceController.cpp:
        (WebCore::DeviceController::DeviceController):
        (WebCore::DeviceController::fireDeviceEvent):
        * page/DeviceController.h:
        * page/EventHandler.cpp:
        (WebCore::EventHandler::EventHandler):
        (WebCore::EventHandler::cursorUpdateTimerFired):
        (WebCore::EventHandler::autoHideCursorTimerFired):
        (WebCore::EventHandler::recognizeLongMousePress):
        (WebCore::EventHandler::fakeMouseMoveEventTimerFired):
        (WebCore::EventHandler::hoverTimerFired):
        * page/EventHandler.h:
        * page/EventSource.cpp:
        (WebCore::EventSource::EventSource):
        (WebCore::EventSource::connectTimerFired):
        * page/EventSource.h:
        * page/FocusController.cpp:
        (WebCore::FocusController::FocusController):
        (WebCore::FocusController::focusRepaintTimerFired):
        * page/FocusController.h:
        * page/Frame.cpp:
        (WebCore::Frame::Frame):
        (WebCore::Frame::overflowAutoScrollTimerFired):
        * page/Frame.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::FrameView):
        (WebCore::FrameView::delayedScrollEventTimerFired):
        (WebCore::FrameView::speculativeTilingEnableTimerFired):
        (WebCore::FrameView::layoutTimerFired):
        (WebCore::FrameView::updateEmbeddedObjectsTimerFired):
        (WebCore::FrameView::flushAnyPendingPostLayoutTasks):
        (WebCore::FrameView::postLayoutTimerFired):
        * page/FrameView.h:
        * page/PageOverlay.cpp:
        (WebCore::PageOverlay::PageOverlay):
        (WebCore::PageOverlay::fadeAnimationTimerFired):
        * page/PageOverlay.h:
        * page/Settings.cpp:
        (WebCore::Settings::Settings):
        (WebCore::Settings::imageLoadingSettingsTimerFired):
        * page/Settings.h:
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::AnimationControllerPrivate):
        (WebCore::AnimationControllerPrivate::updateStyleIfNeededDispatcherFired):
        (WebCore::AnimationControllerPrivate::animationTimerFired):
        * page/animation/AnimationControllerPrivate.h:
        * page/mac/ServicesOverlayController.h:
        * page/mac/ServicesOverlayController.mm:
        (WebCore::ServicesOverlayController::ServicesOverlayController):
        (WebCore::ServicesOverlayController::determineActiveHighlightTimerFired):
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::AsyncScrollingCoordinator):
        (WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScrollTimerFired):
        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ios/ScrollingCoordinatorIOS.h:
        * page/scrolling/ios/ScrollingCoordinatorIOS.mm:
        (WebCore::ScrollingCoordinatorIOS::ScrollingCoordinatorIOS):
        (WebCore::ScrollingCoordinatorIOS::scrollingStateTreeCommitterTimerFired):
        * page/scrolling/mac/ScrollingCoordinatorMac.h:
        * page/scrolling/mac/ScrollingCoordinatorMac.mm:
        (WebCore::ScrollingCoordinatorMac::ScrollingCoordinatorMac):
        (WebCore::ScrollingCoordinatorMac::scrollingStateTreeCommitterTimerFired):
        * platform/HysteresisActivity.h:
        (WebCore::HysteresisActivity::HysteresisActivity):
        (WebCore::HysteresisActivity::hysteresisTimerFired):
        * platform/ScrollAnimator.cpp:
        (WebCore::ScrollAnimator::updateScrollAnimatorsAndTimers):
        (WebCore::ScrollAnimator::horizontalScrollSnapTimerFired):
        (WebCore::ScrollAnimator::verticalScrollSnapTimerFired):
        * platform/ScrollAnimator.h:
        * platform/Scrollbar.cpp:
        (WebCore::Scrollbar::Scrollbar):
        (WebCore::Scrollbar::autoscrollTimerFired):
        * platform/Scrollbar.h:
        * platform/Timer.h:
        (WebCore::DeferrableOneShotTimer::DeferrableOneShotTimer):
        (WebCore::Timer::Timer): Deleted.
        * platform/audio/MediaSession.cpp:
        (WebCore::MediaSession::MediaSession):
        (WebCore::MediaSession::clientDataBufferingTimerFired):
        * platform/audio/MediaSession.h:
        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::startAnimation):
        (WebCore::BitmapImage::advanceAnimation):
        * platform/graphics/BitmapImage.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::MediaPlayer):
        (WebCore::MediaPlayer::reloadTimerFired):
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/ShadowBlur.cpp:
        (WebCore::ScratchBuffer::ScratchBuffer):
        (WebCore::ScratchBuffer::timerFired):
        * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.h:
        * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.mm:
        (WebCore::MediaSelectionGroupAVFObjC::MediaSelectionGroupAVFObjC):
        (WebCore::MediaSelectionGroupAVFObjC::selectionTimerFired):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::MediaPlayerPrivateMediaSourceAVFObjC):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seekTimerFired):
        * platform/graphics/ca/LayerPool.cpp:
        (WebCore::LayerPool::LayerPool):
        (WebCore::LayerPool::pruneTimerFired):
        * platform/graphics/ca/LayerPool.h:
        * platform/graphics/ca/TileController.cpp:
        (WebCore::TileController::TileController):
        (WebCore::TileController::tileRevalidationTimerFired):
        * platform/graphics/ca/TileController.h:
        * platform/graphics/ca/TileGrid.cpp:
        (WebCore::TileGrid::TileGrid):
        (WebCore::TileGrid::cohortRemovalTimerFired):
        * platform/graphics/ca/TileGrid.h:
        * platform/graphics/cg/IOSurfacePool.cpp:
        (WebCore::IOSurfacePool::IOSurfacePool):
        (WebCore::IOSurfacePool::collectionTimerFired):
        * platform/graphics/cg/IOSurfacePool.h:
        * platform/graphics/cg/SubimageCacheWithTimer.cpp:
        (WebCore::SubimageCacheWithTimer::SubimageCacheWithTimer):
        * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::MediaPlayerPrivateQTKit):
        (WebCore::MediaPlayerPrivateQTKit::seekTimerFired):
        * platform/ios/LegacyTileCache.h:
        * platform/ios/LegacyTileCache.mm:
        (WebCore::LegacyTileCache::LegacyTileCache):
        (WebCore::LegacyTileCache::tileCreationTimerFired):
        * platform/mac/HIDGamepadProvider.cpp:
        (WebCore::HIDGamepadProvider::HIDGamepadProvider):
        (WebCore::HIDGamepadProvider::connectionDelayTimerFired):
        (WebCore::HIDGamepadProvider::inputNotificationTimerFired):
        * platform/mac/HIDGamepadProvider.h:
        * platform/mac/ScrollAnimatorMac.h:
        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::ScrollAnimatorMac::ScrollAnimatorMac):
        (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired):
        (WebCore::ScrollAnimatorMac::initialScrollbarPaintTimerFired):
        (WebCore::ScrollAnimatorMac::sendContentAreaScrolledTimerFired):
        * platform/mock/DeviceOrientationClientMock.cpp:
        (WebCore::DeviceOrientationClientMock::DeviceOrientationClientMock):
        (WebCore::DeviceOrientationClientMock::timerFired):
        * platform/mock/DeviceOrientationClientMock.h:
        * platform/mock/PlatformSpeechSynthesizerMock.cpp:
        (WebCore::PlatformSpeechSynthesizerMock::PlatformSpeechSynthesizerMock):
        (WebCore::PlatformSpeechSynthesizerMock::speakingFinished):
        * platform/mock/PlatformSpeechSynthesizerMock.h:
        * platform/network/DNSResolveQueue.cpp:
        (WebCore::DNSResolveQueue::DNSResolveQueue):
        (WebCore::DNSResolveQueue::timerFired):
        * platform/network/DNSResolveQueue.h:
        * platform/network/NetworkStateNotifier.h:
        * platform/network/ResourceHandle.cpp:
        (WebCore::ResourceHandle::failureTimerFired):
        * platform/network/ResourceHandle.h:
        * platform/network/ResourceHandleInternal.h:
        (WebCore::ResourceHandleInternal::ResourceHandleInternal):
        * platform/network/mac/NetworkStateNotifierMac.cpp:
        (WebCore::NetworkStateNotifier::networkStateChangeTimerFired):
        (WebCore::NetworkStateNotifier::NetworkStateNotifier):
        * rendering/ImageQualityController.cpp:
        (WebCore::ImageQualityController::ImageQualityController):
        (WebCore::ImageQualityController::highQualityRepaintTimerFired):
        * rendering/ImageQualityController.h:
        * rendering/RenderButton.cpp:
        (WebCore::RenderButton::styleDidChange):
        (WebCore::RenderButton::timerFired):
        * rendering/RenderButton.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::RenderLayerCompositor):
        (WebCore::RenderLayerCompositor::updateCompositingLayersTimerFired):
        (WebCore::RenderLayerCompositor::layerFlushTimerFired):
        (WebCore::RenderLayerCompositor::paintRelatedMilestonesTimerFired):
        * rendering/RenderLayerCompositor.h:
        * rendering/RenderMarquee.cpp:
        (WebCore::RenderMarquee::RenderMarquee):
        (WebCore::RenderMarquee::timerFired):
        * rendering/RenderMarquee.h:
        * rendering/RenderNamedFlowThread.cpp:
        (WebCore::RenderNamedFlowThread::RenderNamedFlowThread):
        (WebCore::RenderNamedFlowThread::regionOversetChangeEventTimerFired):
        * rendering/RenderNamedFlowThread.h:
        * rendering/RenderProgress.cpp:
        (WebCore::RenderProgress::RenderProgress):
        (WebCore::RenderProgress::animationTimerFired):
        * rendering/RenderProgress.h:
        * rendering/RenderView.cpp:
        (WebCore::RenderView::RenderView):
        (WebCore::RenderView::lazyRepaintTimerFired):
        * rendering/RenderView.h:
        * replay/EventLoopInputDispatcher.cpp:
        (WebCore::EventLoopInputDispatcher::EventLoopInputDispatcher):
        (WebCore::EventLoopInputDispatcher::timerFired):
        * replay/EventLoopInputDispatcher.h:
        * storage/StorageAreaImpl.cpp:
        (WebCore::StorageAreaImpl::StorageAreaImpl):
        (WebCore::StorageAreaImpl::closeDatabaseTimerFired):
        (WebCore::StorageAreaImpl::closeDatabaseIfIdle):
        * storage/StorageAreaImpl.h:
        * storage/StorageAreaSync.cpp:
        (WebCore::StorageAreaSync::StorageAreaSync):
        (WebCore::StorageAreaSync::scheduleFinalSync):
        (WebCore::StorageAreaSync::syncTimerFired):
        (WebCore::StorageAreaSync::scheduleSync):
        * storage/StorageAreaSync.h:
        * svg/SVGElement.cpp:
        (WebCore::SVGElement::svgLoadEventTimerFired):
        * svg/SVGElement.h:
        * svg/SVGScriptElement.cpp:
        (WebCore::SVGScriptElement::SVGScriptElement):
        * svg/SVGStyleElement.cpp:
        (WebCore::SVGStyleElement::SVGStyleElement):
        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::SVGUseElement):
        * svg/animation/SMILTimeContainer.cpp:
        (WebCore::SMILTimeContainer::SMILTimeContainer):
        (WebCore::SMILTimeContainer::timerFired):
        * svg/animation/SMILTimeContainer.h:
        * xml/XMLHttpRequestProgressEventThrottle.cpp:
        (WebCore::XMLHttpRequestProgressEventThrottle::XMLHttpRequestProgressEventThrottle):
        (WebCore::XMLHttpRequestProgressEventThrottle::dispatchDeferredEvents):
        * xml/XMLHttpRequestProgressEventThrottle.h:

2014-11-21  Chris Dumez  <cdumez@apple.com>

        Crash when setting 'transition-delay' CSS property to a calculated value
        https://bugs.webkit.org/show_bug.cgi?id=138784

        Reviewed by Sam Weinig.

        Update CSSPrimitiveValue::computeTime() to use primitiveType() instead
        of m_primitiveUnitType so that it properly handles calculated values.
        Without this, we would hit the ASSERT_NOT_REACHED() assertion in
        computeTime() for calculated values.

        Test: fast/css/transition-delay-calculated-value.html

        * css/CSSPrimitiveValue.h:
        (WebCore::CSSPrimitiveValue::computeTime):

2014-11-21  Chris Dumez  <cdumez@apple.com>

        Regression(r175381): -webkit-mask-box-image is broken
        https://bugs.webkit.org/show_bug.cgi?id=138969
        <rdar://problem/19054471>

        Reviewed by Simon Fraser.

        After r175381, the StyleBuilder would call NinePieceImage::setMaskDefaults()
        *after* calling CSSToStyleMap::mapNinePieceImage(), instead of *before*, for
        -webkit-mask-box-image CSS property. This was causing the mask defaults to
        overwrite what was set by mapNinePieceImage().

        Test: fast/css/webkit-mask-box-image.html

        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertBorderMask):

2014-11-21  Chris Dumez  <cdumez@apple.com>

        Crash when setting 'font' CSS property to 'calc(2 * 3)'
        https://bugs.webkit.org/show_bug.cgi?id=138933

        Reviewed by Darin Adler.

        The CSS Parser was not handling calculated values when parsing the font
        weight. This would lead us to hit an assertion when parsing a font
        property whose weight is set to a calculated value.

        This patch updates parseFontWeight() to properly handle calculated
        values.

        Test: fast/css/font-calculated-value.html

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseFontWeight):

2014-11-21  Bear Travis  <betravis@gmail.com>

        [CSS Font Loading] Switch to dispatching events asynchronously
        https://bugs.webkit.org/show_bug.cgi?id=138755

        Reviewed by Simon Fraser.

        Moving FontLoader to dispatch events and notify callbacks similarly
        to EventSender or the GenericEventQueue. Several bugs have popped
        up in the past because FontLoader has been sending events during
        layout, and there is no need for that to be the case.

        Covered by existing font loader event tests. Added an additional
        test for the svg case, fontloader-svg-select.

        * css/FontLoader.cpp:
        (WebCore::FontLoader::didLayout):
        (WebCore::FontLoader::timerFired): Adding asynchronous callback.
        (WebCore::FontLoader::scheduleEvent): Add an event to the dispatch
        queue.
        (WebCore::FontLoader::firePendingEvents): Modified to handle the
        loading done event and callbacks.
        (WebCore::FontLoader::loadingDone): Modified to spin up the timer
        rather than immediately dispatching events.
        * css/FontLoader.h:

2014-11-21  Daniel Bates  <dabates@apple.com>

        Attempt to fix the internal Apple Mavericks build after <https://trac.webkit.org/changeset/176448>
        (https://bugs.webkit.org/show_bug.cgi?id=138930)

        Declare NSCachedURLResponse SPI when building without the Apple Internal SDK and with the Apple
        Internal SDK when building for OS X Mavericks or earlier.

        * platform/spi/cf/CFNetworkSPI.h:

2014-11-21  Anders Carlsson  <andersca@apple.com>

        Make memoryCache() return a reference
        https://bugs.webkit.org/show_bug.cgi?id=138939

        Reviewed by Antti Koivisto.

        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::cachedResource):
        * inspector/InspectorResourceAgent.cpp:
        (WebCore::InspectorResourceAgent::replayXHR):
        (WebCore::InspectorResourceAgent::setCacheDisabled):
        (WebCore::InspectorResourceAgent::mainFrameNavigated):
        * loader/DocumentLoader.cpp:
        (WebCore::areAllLoadersPageCacheAcceptable):
        (WebCore::DocumentLoader::finishedLoading):
        (WebCore::DocumentLoader::responseReceived):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::tellClientAboutPastMemoryCacheLoads):
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::willSendRequest):
        (WebCore::SubresourceLoader::didReceiveResponse):
        (WebCore::SubresourceLoader::didFail):
        (WebCore::SubresourceLoader::willCancel):
        * loader/archive/cf/LegacyWebArchive.cpp:
        (WebCore::LegacyWebArchive::create):
        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::addIncrementalDataBuffer):
        (WebCore::CachedImage::finishLoading):
        * loader/cache/CachedResource.cpp:
        (WebCore::deadDecodedDataDeletionIntervalForResourceType):
        (WebCore::CachedResource::~CachedResource):
        (WebCore::CachedResource::failBeforeStarting):
        (WebCore::CachedResource::addClientToSet):
        (WebCore::CachedResource::removeClient):
        (WebCore::CachedResource::destroyDecodedDataIfNeeded):
        (WebCore::CachedResource::setDecodedSize):
        (WebCore::CachedResource::setEncodedSize):
        (WebCore::CachedResource::didAccessDecodedData):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestUserCSSStyleSheet):
        (WebCore::CachedResourceLoader::requestResource):
        (WebCore::CachedResourceLoader::revalidateResource):
        (WebCore::CachedResourceLoader::loadResource):
        (WebCore::CachedResourceLoader::clearPreloads):
        (WebCore::CachedResourceLoader::printPreloadStats):
        * loader/cache/MemoryCache.cpp:
        (WebCore::memoryCache):
        (WebCore::MemoryCache::removeRequestFromCache):
        (WebCore::MemoryCache::removeRequestFromSessionCaches):
        * loader/cache/MemoryCache.h:
        * loader/cocoa/DiskCacheMonitorCocoa.mm:
        (WebCore::DiskCacheMonitor::resourceBecameFileBacked):
        * page/FrameView.cpp:
        (WebCore::FrameView::willPaintContents):
        (WebCore::FrameView::didPaintContents):
        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::releaseCriticalMemory):
        * testing/Internals.cpp:
        (WebCore::Internals::isLoadingFromMemoryCache):

2014-11-21  Daniel Bates  <dabates@apple.com>

        [iOS] WebKit2 fails to build with public SDK due to missing SPI from CFNetwork, QuartzCore, MediaPlayer, XPC
        https://bugs.webkit.org/show_bug.cgi?id=138930

        Reviewed by Anders Carlsson.

        * WebCore.xcodeproj/project.pbxproj: Rename header MPAVRoutingControllerSPI.h to MediaPlayerSPI.h.
        * loader/cocoa/SubresourceLoaderCocoa.mm: Move NSCachedURLResponse forward declarations to file
        CFNetworkSPI.h and include header CFNetworkSPI.h.
        * loader/mac/ResourceLoaderMac.mm: Ditto.
        * platform/audio/ios/MediaSessionManagerIOS.mm: Substitute MediaPlayerSPI.h for MPAVRoutingControllerSPI.h.
        * platform/spi/cf/CFNetworkSPI.h: Add more SPI.
        * platform/spi/cg/CoreGraphicsSPI.h: Ditto.
        * platform/spi/cocoa/QuartzCoreSPI.h: Ditto.
        * platform/spi/ios/MediaPlayerSPI.h: Renamed from Source/WebCore/platform/spi/ios/MPAVRoutingControllerSPI.h.

2014-11-21  Chris Fleizach  <cfleizach@apple.com>

        AX: MathML expressions are misread by VoiceOver
        https://bugs.webkit.org/show_bug.cgi?id=138948

        Reviewed by Mario Sanchez Prada.

        The logic for deciding what's the radicand and an index was too tied to children placement.
        We should instead pull directly from the source.

        Test: platform/mac/accessibility/mathml-root.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::mathRadicandObject):
        (WebCore::AccessibilityRenderObject::mathRootIndexObject):
        * rendering/mathml/RenderMathMLRoot.h:

2014-11-20  Benjamin Poulain  <bpoulain@apple.com>

        Remove the remaining vestiges of minimal-ui
        https://bugs.webkit.org/show_bug.cgi?id=138890

        Reviewed by Sam Weinig.

        In ViewportArguments' setViewportFeature(), I skip the warning for now.

        * WebCore.exp.in:
        * dom/ViewportArguments.cpp:
        (WebCore::setViewportFeature):
        * dom/ViewportArguments.h:
        (WebCore::ViewportArguments::ViewportArguments):
        (WebCore::ViewportArguments::operator==):
        * page/ViewportConfiguration.cpp:
        (WebCore::ViewportConfiguration::ViewportConfiguration):
        (WebCore::ViewportConfiguration::initialScale):
        (WebCore::ViewportConfiguration::minimumScale):
        (WebCore::ViewportConfiguration::updateConfiguration):
        (WebCore::ViewportConfiguration::viewportArgumentsLength):
        (WebCore::ViewportConfiguration::layoutWidth):
        (WebCore::ViewportConfiguration::layoutHeight):
        (WebCore::ViewportConfigurationTextStream::operator<<):
        (WebCore::ViewportConfiguration::description):
        (WebCore::ViewportConfiguration::setMinimumLayoutSizeForMinimalUI): Deleted.
        (WebCore::ViewportConfiguration::activeMinimumLayoutSizeInScrollViewCoordinates): Deleted.
        (WebCore::ViewportConfiguration::resetMinimalUI): Deleted.
        (WebCore::ViewportConfiguration::didFinishDocumentLoad): Deleted.
        * page/ViewportConfiguration.h:
        (WebCore::ViewportConfiguration::minimumLayoutSizeForMinimalUI): Deleted.
        (WebCore::ViewportConfiguration::usesMinimalUI): Deleted.

2014-11-20  Benjamin Poulain  <benjamin@webkit.org>

        Web Inspector: do not show invalid specificity for dynamic cases of :matches()
        https://bugs.webkit.org/show_bug.cgi?id=138911

        Reviewed by Joseph Pecoraro.

        * css/CSSSelector.cpp:
        (WebCore::simpleSelectorFunctionalPseudoClassStaticSpecificity):
        (WebCore::functionalPseudoClassStaticSpecificity):
        (WebCore::staticSpecificityInternal):
        (WebCore::CSSSelector::staticSpecificity):
        (WebCore::CSSSelector::specificity): Deleted.
        * css/CSSSelector.h:
        Add an additional computation path for the inspector.

        The regular path ignores everything inside function pseudo classes.
        This new path takes the static specificity of the regular path, then evaluate
        recursively all the selector lists inside any level of :matches().

        If two complex selector of selector list do not have the same specificity,
        we bail out and refuse to compute a static specificity representing the selector.

        * inspector/InspectorStyleSheet.cpp:
        (WebCore::buildObjectForSelectorHelper):
        (WebCore::selectorsFromSource):
        (WebCore::InspectorStyleSheet::buildObjectForSelector):
        Do not add the complexity to the inspector's CSSSelector structure whenever
        it is dynamic.

2014-11-20  Benjamin Poulain  <bpoulain@apple.com>

        Remove InspectorCSSAgent::buildArrayForRuleList()
        https://bugs.webkit.org/show_bug.cgi?id=138907

        Reviewed by Andreas Kling.

        * inspector/InspectorCSSAgent.cpp:
        (WebCore::InspectorCSSAgent::buildArrayForRuleList): Deleted.
        * inspector/InspectorCSSAgent.h:

2014-11-20  Zalan Bujtas  <zalan@apple.com>

        REGRESSION (174986): CSS clip property is ignored when border-radius is present.
        https://bugs.webkit.org/show_bug.cgi?id=138935
        rdar://problem/18965984

        Reviewed by Simon Fraser.

        Revert back to r163382 and fix bug 127729 properly. Save the graphics context when paint and clip rects are
        the same, but the clip rect has radius.
        Each iteration on ::clipRect() from r163382 onwards just introduced yet another regression.

        Test: fast/clip/css-clip-does-not-work-when-border-radius-is-present.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::clipToRect):

2014-11-20  Geoffrey Garen  <ggaren@apple.com>

        Removed the custom allocator for PODRedBlackTree
        https://bugs.webkit.org/show_bug.cgi?id=138942

        Reviewed by Sam Weinig.

        bmalloc is fast enough.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/PODArena.h: Removed.
        * platform/PODFreeListArena.h: Removed. This is the point of the patch.

        * platform/PODIntervalTree.h:
        (WebCore::PODIntervalTree::PODIntervalTree): Deleted. As a side effect
        of removing our custom allocator, we can no longer have a special
        "I'm not initialized yet" state. Instead, the tree either exists or not,
        like an idiomatic C++ object.

        * platform/PODRedBlackTree.h:
        (WebCore::PODRedBlackTree::PODRedBlackTree): Ditto.

        (WebCore::PODRedBlackTree::~PODRedBlackTree): We need to clear in our
        destructor because we can no longer rely on the arena destructor
        implicitly freeing our tree nodes.

        Side note: This change basically removes the whole reason for having
        a purpose-built tree for POD data. We should probably remove this whole
        data structure in a follow-up patch, and just use a standard tree.

        (WebCore::PODRedBlackTree::clear):
        (WebCore::PODRedBlackTree::add):
        (WebCore::PODRedBlackTree::remove):
        (WebCore::PODRedBlackTree::contains):
        (WebCore::PODRedBlackTree::visitInorder):
        (WebCore::PODRedBlackTree::size):
        (WebCore::PODRedBlackTree::checkInvariants):
        (WebCore::PODRedBlackTree::dump):
        (WebCore::PODRedBlackTree::deleteNode):
        (WebCore::PODRedBlackTree::markFree): Use normal new/delete, and mark
        ourselves as fast allocated so we get the bmalloc goodness.

        (WebCore::PODRedBlackTree::isInitialized): Deleted.
        (WebCore::PODRedBlackTree::initIfNeeded): Deleted.

        * rendering/FloatingObjects.cpp:
        (WebCore::FloatingObjects::findNextFloatLogicalBottomBelow):
        (WebCore::FloatingObjects::findNextFloatLogicalBottomBelowForBlock):
        (WebCore::FloatingObjects::FloatingObjects):
        (WebCore::FloatingObjects::clear):
        (WebCore::FloatingObjects::addPlacedObject):
        (WebCore::FloatingObjects::removePlacedObject):
        (WebCore::FloatingObjects::computePlacedFloatsTree):
        (WebCore::FloatingObjects::placedFloatsTree):
        (WebCore::FloatingObjects::logicalLeftOffsetForPositioningFloat):
        (WebCore::FloatingObjects::logicalRightOffsetForPositioningFloat):
        (WebCore::FloatingObjects::logicalLeftOffset):
        (WebCore::FloatingObjects::logicalRightOffset): POD tree had a slightly
        weird behavior in which it was valid to use some of its APIs without
        first initializing it, but not others. It's not really possible to model
        that behavior with normal C++ objects that use new/delete, so instead
        I added some explicit NULL checks.

        * rendering/FloatingObjects.h:
        * rendering/RenderFlowThread.cpp:
        (WebCore::RenderFlowThread::updateRegionsFlowThreadPortionRect):
        * rendering/RenderView.cpp:
        (WebCore::RenderView::intervalArena): Deleted.
        * rendering/RenderView.h: Removed custom-allocator-related cruft.

2014-11-20  Dean Jackson  <dino@apple.com>

        Support unprefixed animation event types
        https://bugs.webkit.org/show_bug.cgi?id=138931
        <rdar://problem/18943167>

        Reviewed by Simon Fraser.

        Tests: animations/unprefixed-events-mixed-with-prefixed.html
               animations/unprefixed-events.html

        Support the unprefixed animation event names:
        - animationstart (was webkitAnimationStart)
        - animationiteration (was webkitAnimationIteration)
        - animationend (was webkitAnimationEnd)

        (Yes, event types are case sensitive and yes, this will
        likely cause some head-scratching as people change content)

        The approach here is to follow what transitions does:
        - listener only for old event name -> fire old event name
        - listener for both old and new event name -> fire new event name
        - listener only for new event name -> fire new event name

        That way pages that were trying to anticipate the new event name
        won't get duplicate events.

        * CMakeLists.txt: Add new AnimationEvent* stuff.
        * DerivedSources.make: Ditto.
        * WebCore.vcxproj/WebCore.vcxproj: Ditto.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.

        * bindings/js/JSBindingsAllInOne.cpp: New files for all in one builds.
        * dom/DOMAllInOne.cpp:

        * dom/AnimationEvent.cpp: Added. Copied from WebKitAnimationEvent.cpp.
        (WebCore::AnimationEventInit::AnimationEventInit):
        (WebCore::AnimationEvent::AnimationEvent):
        (WebCore::AnimationEvent::~AnimationEvent):
        (WebCore::AnimationEvent::animationName):
        (WebCore::AnimationEvent::elapsedTime):
        (WebCore::AnimationEvent::eventInterface):
        * dom/AnimationEvent.h: Added. Copied from WebKitAnimationEvent.h.
        * dom/AnimationEvent.idl: Added. Copied from WebKitAnimationEvent.idl.

        * dom/Document.cpp:
        (WebCore::Document::addListenerTypeIfNeeded): Handle new event types.

        * dom/EventNames.h: New names.
        * dom/EventNames.in:

        * dom/EventTarget.cpp:
        (WebCore::legacyType): Provide a mapping from the new names to the older
        prefixed forms.

        * html/HTMLAttributeNames.in: Support the on* attributes, even though I
        hate them and wish this approach would die.
        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::populateEventNameForAttributeLocalNameMap):

        * page/DOMWindow.h: New names, and constructors.
        * page/DOMWindow.idl:

        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::fireEventsAndUpdateStyle): Fire new type.

        * page/animation/KeyframeAnimation.cpp: Fire the new types of events.
        (WebCore::KeyframeAnimation::onAnimationStart):
        (WebCore::KeyframeAnimation::onAnimationIteration):
        (WebCore::KeyframeAnimation::onAnimationEnd):
        (WebCore::KeyframeAnimation::sendAnimationEvent):

2014-11-20  Tim Horton  <timothy_horton@apple.com>

        Remove a piece of DataDetectors SPI that we aren't using anymore
        https://bugs.webkit.org/show_bug.cgi?id=138917

        Reviewed by Beth Dakin.

        * platform/spi/mac/DataDetectorsSPI.h:

2014-11-20  Beth Dakin  <bdakin@apple.com>

        Invalid message WebPageProxy.DidPerformDictionaryLookup on Google stocks result
        https://bugs.webkit.org/show_bug.cgi?id=138568
        -and corresponding-
        rdar://problem/18904600

        Reviewed by Tim Horton.

        Add an optional parameter indicating whether or not to include images.
        * WebCore.exp.in:
        * editing/cocoa/HTMLConverter.h:
        * editing/cocoa/HTMLConverter.mm:
        (WebCore::editingAttributedStringFromRange):

2014-11-20  Myles C. Maxfield  <mmaxfield@apple.com>

        Fix the !ENABLE(SVG_FONTS) build after r176276
        https://bugs.webkit.org/show_bug.cgi?id=138924

        Reviewed by Csaba Osztrogonác.

        No new tests because there is no behavior change.

        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::getFontData):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestFont):

2014-11-19  Ada Chan  <adachan@apple.com>

        Add a way to mute an AudioContext.
        https://bugs.webkit.org/show_bug.cgi?id=138104

        Reviewed by Eric Carlson.

        Keep a muted state in AudioDestinationNode. If m_muted is true,
        zero out the audio buffers.

        No new tests, since it's difficult to test whether the audio is indeed muted.

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::AudioContext):
        Call pageMutedStateDidChange() so it'll initialize the destination audio node's muted state accordingly.
        (WebCore::AudioContext::pageMutedStateDidChange):
        Set the destination audio node's muted state to match the page's muted state.

        * Modules/webaudio/AudioDestinationNode.cpp:
        (WebCore::AudioDestinationNode::AudioDestinationNode):
        Initialize m_muted.
        (WebCore::AudioDestinationNode::render):
        If m_muted is true, call AudioBus::zero() to zero out the buffers.
        * Modules/webaudio/AudioDestinationNode.h:
        (WebCore::AudioDestinationNode::setMuted):
        Set m_muted.

2014-11-20  Chris Dumez  <cdumez@apple.com>

        Crash when destroying a Document that has a throttled timer still running
        https://bugs.webkit.org/show_bug.cgi?id=138914

        Reviewed by Benjamin Poulain.

        Upon destruction, a throttled DOMTimer whose interval depends on
        viewport changes will try to unregister itself from the view. It gets
        the view pointer from its Document. However, scriptExecutionContext()
        can return null if the Document is being destroyed (i.e. ~DOMTimer()
        is called from ~ScriptExecutionContext(), as the ScriptExecutionContext
        owns the DOMTimer).

        This patch adds a null check for scriptExecutionContext() in the
        DOMTimer destructor to avoid this issue.

        Test: fast/dom/throttled-timer-running-on-document-destruction.html

        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::~DOMTimer):

        (WebCore::DOMTimer::unregisterForViewportChanges):
        Add assertion to make sure scriptExecutionContext() does not return
        null.

        (WebCore::DOMTimerFireState::setChangedStyleOfElementOutsideViewport): Deleted.
        Killed this function as this was dead code.

2014-11-20  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Introduce text fragment continuation.
        https://bugs.webkit.org/show_bug.cgi?id=138274

        This patch extends simple line layout coverage to multiple text renderers.
        When a particular render flow has multiple text renderers (but not any other type)
        then we use simple line layout to process and paint the content. -other, existing requirements still apply
        so that for example if the content requires decoration, we bail out of simple line layout.

        FlowContent now supports multiple renderes. It continuously reads content from sibling renderers
        so that the simple line layout parser sees it as one monolithic block of content. Run positions
        are all relative to the block and they get resolved to renderer's positions on demand.
        (painting, computing bounding rects etc)

        Reviewed by Antti Koivisto.

        Performance test already been added for the multiple rendere use case,
        correctness is covered by existing test cases.
        Test: fast/text/simple-lines-mutliple-renderers.html

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseFor): Check if children are all 8bit RenderTexts.
        (WebCore::SimpleLineLayout::removeTrailingWhitespace): Move the endofline check right before where we might overflow using end position.
        (WebCore::SimpleLineLayout::initializeNewLine):
        (WebCore::SimpleLineLayout::closeLineEndingAndAdjustRuns):
        (WebCore::SimpleLineLayout::splitRunsAtRendererBoundary): Split runs at renderers' boundary to be in sync with inline text renderering.
        (WebCore::SimpleLineLayout::createTextRuns):
        (WebCore::SimpleLineLayout::create):
        * rendering/SimpleLineLayoutFlowContents.cpp:
        (WebCore::SimpleLineLayout::FlowContents::FlowContents):
        (WebCore::SimpleLineLayout::FlowContents::findNextBreakablePosition):
        (WebCore::SimpleLineLayout::FlowContents::findNextNonWhitespacePosition):
        (WebCore::SimpleLineLayout::FlowContents::textWidth): Do not measure text across renderers. It could produce different width value due to
        ligature which later can produce unexpected line breaks and out sync rendering in general.
        (WebCore::SimpleLineLayout::FlowContents::renderer): 
        (WebCore::SimpleLineLayout::FlowContents::resolveRendererPositions):
        (WebCore::SimpleLineLayout::FlowContents::appendNextRendererContentIfNeeded): Read the next renderer content if needed.
        (WebCore::SimpleLineLayout::FlowContents::nextNonWhitespacePosition):
        (WebCore::SimpleLineLayout::FlowContents::runWidth):
        * rendering/SimpleLineLayoutFlowContents.h:
        (WebCore::SimpleLineLayout::FlowContents::isNewlineCharacter):
        (WebCore::SimpleLineLayout::FlowContents::isEndOfContent):
        * rendering/SimpleLineLayoutResolver.cpp:
        (WebCore::SimpleLineLayout::RunResolver::Run::text):

2014-11-20  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r176396.
        https://bugs.webkit.org/show_bug.cgi?id=138926

        revealed some WebCore::BidiResolver issue. rollout this for
        now. (Requested by zalan on #webkit).

        Reverted changeset:

        "Simple line layout: Introduce text fragment continuation."
        https://bugs.webkit.org/show_bug.cgi?id=138274
        http://trac.webkit.org/changeset/176396

2014-11-20  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Introduce text fragment continuation.
        https://bugs.webkit.org/show_bug.cgi?id=138274

        This patch extends simple line layout coverage to multiple text renderers.
        When a particular render flow has multiple text renderers (but not any other type)
        then we use simple line layout to process and paint the content. -other, existing requirements still apply
        so that for example if the content requires decoration, we bail out of simple line layout.

        FlowContent now supports multiple renderes. It continuously reads content from sibling renderers
        so that the simple line layout parser sees it as one monolithic block of content. Run positions
        are all relative to the block and they get resolved to renderer's positions on demand.
        (painting, computing bounding rects etc)

        Reviewed by Antti Koivisto.

        Performance test already been added for the multiple rendere use case,
        correctness is covered by existing test cases.
        Test: fast/text/simple-lines-mutliple-renderers.html

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseFor): Check if children are all 8bit RenderTexts.
        (WebCore::SimpleLineLayout::removeTrailingWhitespace): Move the endofline check right before where we might overflow using end position.
        (WebCore::SimpleLineLayout::initializeNewLine):
        (WebCore::SimpleLineLayout::closeLineEndingAndAdjustRuns):
        (WebCore::SimpleLineLayout::splitRunsAtRendererBoundary): Split runs at renderers' boundary to be in sync with inline text renderering.
        (WebCore::SimpleLineLayout::createTextRuns):
        (WebCore::SimpleLineLayout::create):
        * rendering/SimpleLineLayoutFlowContents.cpp:
        (WebCore::SimpleLineLayout::FlowContents::FlowContents):
        (WebCore::SimpleLineLayout::FlowContents::findNextBreakablePosition):
        (WebCore::SimpleLineLayout::FlowContents::findNextNonWhitespacePosition):
        (WebCore::SimpleLineLayout::FlowContents::textWidth): Do not measure text across renderers. It could produce different width value due to
        ligature which later can produce unexpected line breaks and out sync renderering in general.
        (WebCore::SimpleLineLayout::FlowContents::renderer): 
        (WebCore::SimpleLineLayout::FlowContents::resolveRendererPositions):
        (WebCore::SimpleLineLayout::FlowContents::appendNextRendererContentIfNeeded): Read the next renderer content if needed.
        (WebCore::SimpleLineLayout::FlowContents::nextNonWhitespacePosition):
        (WebCore::SimpleLineLayout::FlowContents::runWidth):
        * rendering/SimpleLineLayoutFlowContents.h:
        (WebCore::SimpleLineLayout::FlowContents::isNewlineCharacter):
        (WebCore::SimpleLineLayout::FlowContents::isEndOfContent):
        * rendering/SimpleLineLayoutResolver.cpp:
        (WebCore::SimpleLineLayout::RunResolver::Run::text):

2014-11-20  peavo@outlook.com  <peavo@outlook.com>

        [WinCairo] Compile error when GStreamer is enabled.
        https://bugs.webkit.org/show_bug.cgi?id=138925

        Reviewed by Philippe Normand.

        A guard is missing for an overridden method.

        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

2014-11-20  Adrian Perez de Castro  <aperez@igalia.com>

        [GTK] Provide convenience API in DOM bindings to post messages to user message handlers
        https://bugs.webkit.org/show_bug.cgi?id=138871

        Reviewed by Carlos Garcia Campos.

        Adds a convenience function in the WebKitGTK+ DOM bindings to post
        messages to user message handlers in a way convenient way more
        convenient than using the autogenerated bindings.

        * bindings/gobject/WebKitDOMCustom.cpp:
        (webkit_dom_dom_window_webkit_message_handlers_post_message):
        Added new convenience API function to post messages to user message
        handlers.
        * bindings/gobject/WebKitDOMCustom.h: Ditto.
        * bindings/gobject/WebKitDOMCustom.symbols: Ditto.

2014-11-12  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] Replace the usage of size_t by unsigned
        https://bugs.webkit.org/show_bug.cgi?id=136218

        Reviewed by Benjamin Poulain.

        In general, size_t should be used for sizes of objects in
        memory. We're using it to represent indexes and spans in the
        grid. Now that the maximum number of tracks is 1 million, it
        should be safe to replace them by unsigned integers.

        No new tests as there is no change in functionality.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseGridTrackRepeatFunction):
        * css/StyleResolver.cpp:
        (WebCore::createImplicitNamedGridLinesFromGridArea):
        (WebCore::createGridTrackList):
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::GridIterator::GridIterator):
        (WebCore::RenderGrid::GridIterator::nextGridItem):
        (WebCore::RenderGrid::GridIterator::isEmptyAreaEnough):
        (WebCore::RenderGrid::GridIterator::nextEmptyGridArea):
        (WebCore::RenderGrid::GridSizingData::GridSizingData):
        (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
        (WebCore::RenderGrid::gridTrackSize):
        (WebCore::RenderGrid::distributeSpaceToTracks):
        (WebCore::RenderGrid::tracksAreWiderThanMinTrackBreadth):
        (WebCore::RenderGrid::ensureGridSize):
        (WebCore::RenderGrid::populateExplicitGridAndOrderIterator):
        (WebCore::RenderGrid::createEmptyGridAreaAtSpecifiedPositionsOutsideGrid):
        (WebCore::RenderGrid::placeAutoMajorAxisItemOnGrid):
        (WebCore::RenderGrid::populateGridPositions):
        * rendering/RenderGrid.h:
        * rendering/style/GridCoordinate.h:
        (WebCore::GridSpan::integerSpan):
        * rendering/style/GridResolvedPosition.cpp:
        (WebCore::GridResolvedPosition::explicitGridColumnCount):
        (WebCore::GridResolvedPosition::explicitGridRowCount):
        (WebCore::explicitGridSizeForSide):
        (WebCore::GridResolvedPosition::resolveNamedGridLinePositionFromStyle):
        (WebCore::GridResolvedPosition::resolveGridPositionFromStyle):
        (WebCore::GridResolvedPosition::resolveGridPositionAgainstOppositePosition):
        (WebCore::firstNamedGridLineBeforePosition):
        (WebCore::GridResolvedPosition::resolveRowStartColumnStartNamedGridLinePositionAgainstOppositePosition):
        (WebCore::GridResolvedPosition::resolveRowEndColumnEndNamedGridLinePositionAgainstOppositePosition):
        * rendering/style/GridResolvedPosition.h:
        (WebCore::GridResolvedPosition::adjustGridPositionForRowEndColumnEndSide):
        (WebCore::GridResolvedPosition::adjustGridPositionForSide):
        (WebCore::GridResolvedPosition::GridResolvedPosition):
        (WebCore::GridResolvedPosition::toInt):
        * rendering/style/StyleGridData.h:

2014-11-20  Andreas Kling  <akling@apple.com>

        Remove "document has no sibling rules" optimization.
        <https://webkit.org/b/138902>

        Reviewed by Antti Koivisto.

        We were keeping a document-level flag to track whether there are any
        sibling rules in any active style sheets.

        This information was used to do.. nothing.

        * css/StyleResolver.h:
        (WebCore::StyleResolver::usesSiblingRules): Deleted.
        * dom/DocumentStyleSheetCollection.cpp:
        (WebCore::DocumentStyleSheetCollection::DocumentStyleSheetCollection):
        (WebCore::DocumentStyleSheetCollection::combineCSSFeatureFlags):
        (WebCore::DocumentStyleSheetCollection::resetCSSFeatureFlags):
        * dom/DocumentStyleSheetCollection.h:
        (WebCore::DocumentStyleSheetCollection::usesSiblingRules): Deleted.
        (WebCore::DocumentStyleSheetCollection::setUsesSiblingRulesOverride): Deleted.
        * mathml/MathMLMathElement.cpp:
        (WebCore::MathMLMathElement::insertedInto): Deleted.
        * mathml/MathMLMathElement.h:

2014-11-20  Andreas Kling  <akling@apple.com>

        Caret renderer is always a RenderBlock.
        <https://webkit.org/b/138912>

        Reviewed by Chris Dumez.

        Tighten typing in the code that finds and deals with the renderer
        used to paint the caret (it's always a RenderBlock.)

        * editing/FrameSelection.cpp:
        (WebCore::CaretBase::updateCaretRect):
        (WebCore::FrameSelection::caretRendererWithoutUpdatingLayout):
        (WebCore::DragCaretController::caretRenderer):
        (WebCore::repaintCaretForLocalRect):
        (WebCore::CaretBase::paintCaret):
        * editing/FrameSelection.h:
        * editing/VisiblePosition.cpp:
        (WebCore::VisiblePosition::absoluteCaretBounds):
        * editing/htmlediting.cpp:
        (WebCore::rendererForCaretPainting):
        (WebCore::localCaretRectInRendererForCaretPainting):
        (WebCore::absoluteBoundsForLocalCaretRect):
        * editing/htmlediting.h:
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::paintCaret):

2014-11-20  Antti Koivisto  <antti@apple.com>

        REGRESSION (r172854): Web Viewer in FileMaker does not render a Base64 encoded animated-GIF
        https://bugs.webkit.org/show_bug.cgi?id=138807
        <rdar://problem/18829540>

        Reviewed by Simon Fraser.

        Animation gets paused because WebKit thinks the GIF is outside of the view.

        * page/FrameView.cpp:
        (WebCore::FrameView::windowClipRect):

        We need to convert to window coordinates in paintsEntireContents mode too so these functions are consistent.
        This matters with some WK1 API clients.

2014-11-19  Chris Dumez  <cdumez@apple.com>

        Move 'clip' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138909

        Reviewed by Andreas Kling.

        Move 'clip' CSS property from DeprecatedStyleBuilder to the new
        StyleBuilder by using custom code.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyClip::convertToLength): Deleted.
        (WebCore::ApplyPropertyClip::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyClip::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyClip::applyValue): Deleted.
        (WebCore::ApplyPropertyClip::createHandler): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderFunctions::applyInitialClip):
        (WebCore::StyleBuilderFunctions::applyInheritClip):
        (WebCore::StyleBuilderFunctions::applyValueClip):

2014-11-19  Ryuan Choi  <ryuan.choi@navercorp.com>

        Remove dead code from TiledBackingStore
        https://bugs.webkit.org/show_bug.cgi?id=138864

        Reviewed by Andreas Kling.

        Since r168151, paint() method, m_commitTileUpdatesOnIdleEventLoop and related code are not used.

        No new tests, no behavior change.

        * platform/graphics/TiledBackingStore.cpp:
        (WebCore::TiledBackingStore::TiledBackingStore):
        (WebCore::TiledBackingStore::setTileSize):
        (WebCore::TiledBackingStore::invalidate):
        (WebCore::TiledBackingStore::createTiles):
        (WebCore::TiledBackingStore::paint): Deleted.
        (WebCore::TiledBackingStore::startTileBufferUpdateTimer): Deleted.
        (WebCore::TiledBackingStore::tileBufferUpdateTimerFired): Deleted.
        (WebCore::TiledBackingStore::startBackingStoreUpdateTimer): Deleted.
        (WebCore::TiledBackingStore::backingStoreUpdateTimerFired): Deleted.
        * platform/graphics/TiledBackingStore.h:
        (WebCore::TiledBackingStore::setCommitTileUpdatesOnIdleEventLoop): Deleted.

2014-11-19  Andreas Kling  <akling@apple.com>

        Remove "document has no ::before and/or ::after rules" optimization.
        <https://webkit.org/b/138897>

        Reviewed by Antti Koivisto.

        This optimization has been dead for a long time, since the default UA
        style contains both ::before and ::after rules.

        * css/RuleFeature.cpp:
        (WebCore::recursivelyCollectFeaturesFromSelector):
        (WebCore::RuleFeatureSet::add):
        (WebCore::RuleFeatureSet::clear):
        * css/RuleFeature.h:
        (WebCore::RuleFeatureSet::RuleFeatureSet):
        * css/StyleResolver.h:
        (WebCore::StyleResolver::usesBeforeAfterRules): Deleted.
        * dom/DocumentStyleSheetCollection.cpp:
        (WebCore::DocumentStyleSheetCollection::DocumentStyleSheetCollection):
        (WebCore::DocumentStyleSheetCollection::combineCSSFeatureFlags):
        (WebCore::DocumentStyleSheetCollection::resetCSSFeatureFlags):
        * dom/DocumentStyleSheetCollection.h:
        (WebCore::DocumentStyleSheetCollection::usesBeforeAfterRules): Deleted.
        (WebCore::DocumentStyleSheetCollection::setUsesBeforeAfterRulesOverride): Deleted.
        * html/HTMLQuoteElement.cpp:
        (WebCore::HTMLQuoteElement::insertedInto): Deleted.
        * html/HTMLQuoteElement.h:
        * style/StyleResolveTree.cpp:
        (WebCore::Style::needsPseudoElement):

2014-11-19  Myles C. Maxfield  <mmaxfield@apple.com>

        [OS X] Upright vertical text is completely broken for multi-code-unit codepoints
        https://bugs.webkit.org/show_bug.cgi?id=138891

        Reviewed by Dan Bernstein.

        We were assuming that we can use the string index (in UTF-16) as the glyph
        index. This falls down when a single codepoint (and glyph) contians
        multiple code units.

        Test: platform/mac/fast/text/multiple-codeunit-vertical-upright.html

        * platform/graphics/GlyphPage.h:
        * platform/graphics/mac/GlyphPageTreeNodeMac.cpp:
        (WebCore::GlyphPage::fill):

2014-11-19  Daniel Bates  <dabates@apple.com>

        Attempt to fix the Apple Internal Mavericks build after <https://trac.webkit.org/changeset/176347>
        (https://bugs.webkit.org/show_bug.cgi?id=136863)

        Define enumerator NSHTTPCookieAcceptPolicyExclusivelyFromMainDocumentDomain when building without
        the Apple Internal SDK or with the Apple Internal SDK on OS X Mavericks or earlier.

        * platform/spi/cf/CFNetworkSPI.h:

2014-11-16  Sam Weinig  <sam@webkit.org>

        Move the 'quotes' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138788

        Reviewed by Chris Dumez.

        Test: fast/css/content/content-quotes-07.html

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue):
        Fix the parser to only accept none as a valid primitive identifier. Tested in 
        the newly added content-quotes-07.html.

        * css/CSSPropertyNames.in:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertQuotes):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):
        Move "quotes" to the new style builder.

        * rendering/style/RenderStyle.h:
        Add an initialQuotes() function for use in the auto-generated style builder.

2014-11-19  Dean Jackson  <dino@apple.com>

        Handle unprefixed @keyframes rule
        https://bugs.webkit.org/show_bug.cgi?id=138899
        <rdar://problem/18943117>

        Reviewed by Simon Fraser.

        Support the parsing of unprefixed @keyframes. In
        CSSParser, assign the same token identifier to
        the prefixed and unprefixed forms. This will
        keep compatibility with older content. If a page
        has both forms, then whatever comes last will
        win (as it does if you had duplicate names of the same
        form).

        Tests: animations/unprefixed-keyframes-rule.html
               animations/unprefixed-keyframes.html

        * css/CSSGrammar.y.in: Rename the WEBKIT_KEYFRAME_RULE_SYM symbol to
        be KEYFRAME_RULE_SYM. Same with KEYFRAMES_SYM.
        * css/CSSParser.cpp:
        (WebCore::CSSParser::detectAtToken): Look for the @keyframes style
        strings and assign the new token values.

2014-11-19  Andreas Kling  <akling@apple.com>

        Move pseudo-style code from RenderObject to RenderElement.
        <https://webkit.org/b/138880>

        Reviewed by Antti Koivisto.

        Migrate get*PseudoStyle() to RenderElement, and the selection color
        functions along with them. This gets rid of a DOM ancestor walk in
        pseudo style lookup.

        Narrow down some argument types to keep things building.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::logicalLeftSelectionGap):
        (WebCore::RenderBlock::logicalRightSelectionGap):
        (WebCore::styleForFirstLetter):
        (WebCore::RenderBlock::updateFirstLetterStyle):
        (WebCore::RenderBlock::createFirstLetterRenderer):
        * rendering/RenderBlock.h:
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::getCachedPseudoStyle):
        (WebCore::RenderElement::getUncachedPseudoStyle):
        (WebCore::RenderElement::selectionColor):
        (WebCore::RenderElement::selectionPseudoStyle):
        (WebCore::RenderElement::selectionForegroundColor):
        (WebCore::RenderElement::selectionEmphasisMarkColor):
        (WebCore::RenderElement::selectionBackgroundColor):
        * rendering/RenderElement.h:
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::selectionBackgroundColor): Deleted.
        (WebCore::RenderObject::selectionColor): Deleted.
        (WebCore::RenderObject::selectionPseudoStyle): Deleted.
        (WebCore::RenderObject::selectionForegroundColor): Deleted.
        (WebCore::RenderObject::selectionEmphasisMarkColor): Deleted.
        (WebCore::RenderObject::getCachedPseudoStyle): Deleted.
        (WebCore::RenderObject::getUncachedPseudoStyle): Deleted.
        * rendering/RenderObject.h:
        * rendering/RenderText.h:
        (WebCore::RenderText::getCachedPseudoStyle):
        (WebCore::RenderText::selectionBackgroundColor):
        (WebCore::RenderText::selectionForegroundColor):
        (WebCore::RenderText::selectionEmphasisMarkColor):
        * rendering/svg/SVGInlineTextBox.cpp:
        (WebCore::SVGInlineTextBox::paintSelectionBackground):
        (WebCore::SVGInlineTextBox::paint):

2014-11-19  Tim Horton  <timothy_horton@apple.com>

        Add an optional entry transition (from selection highlight) to TextIndicator
        https://bugs.webkit.org/show_bug.cgi?id=138856
        <rdar://problem/18840128>

        Reviewed by Anders Carlsson.

        * WebCore.exp.in:
        Add an export.

        * platform/spi/cocoa/QuartzCoreSPI.h:
        Add some SPI.

2014-11-19  Chris Dumez  <cdumez@apple.com>

        Move 'outline-style' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138882

        Reviewed by Sam Weinig.

        Move 'outline-style' CSS property from DeprecatedStyleBuilder to the
        new StyleBuilder by using custom code.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyDefault::setValue): Deleted.
        (WebCore::ApplyPropertyDefault::applyValue): Deleted.
        (WebCore::ApplyPropertyDefault::createHandler): Deleted.
        (WebCore::ApplyPropertyOutlineStyle::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyOutlineStyle::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyOutlineStyle::applyValue): Deleted.
        (WebCore::ApplyPropertyOutlineStyle::createHandler): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderFunctions::applyInheritOutlineStyle):
        (WebCore::StyleBuilderFunctions::applyInitialOutlineStyle):
        (WebCore::StyleBuilderFunctions::applyValueOutlineStyle):

2014-11-19  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: JSContext inspection Resource search does not work
        https://bugs.webkit.org/show_bug.cgi?id=131252

        Reviewed by Timothy Hatcher.

        Test: inspector/debugger/search-scripts.html

        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::searchInResources):
        A little cleanup.

2014-11-19  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Provide $exception in the console for the thrown exception value
        https://bugs.webkit.org/show_bug.cgi?id=138726

        Reviewed by Timothy Hatcher.

        Tests: inspector/debugger/command-line-api-exception-nested-catch.html
               inspector/debugger/command-line-api-exception.html

        * inspector/CommandLineAPIModuleSource.js:
        Expose $exception in the more complete command line API.

2014-11-19  David Hyatt  <hyatt@apple.com>

        Images/replaced elements that are as tall as a page should be on their own page
        https://bugs.webkit.org/show_bug.cgi?id=138886 - <rdar://problem/18296371>

        Reviewed by Dean Jackson.

        Added fast/multicol/tall-image-behavior.html (and RL/LR variants)

        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::computeReplacedAndTextLineTopAndBottom):
        * rendering/InlineFlowBox.h:
        Add a new method that computes the line top and line bottom ignoring all margins,
        overflow and line-height. This allows us to see if a line that is taller than a page
        can be made to fit if we ignored margins and unused descent.

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::adjustLinePositionForPagination):
        Call the new helper function, computeReplacedAndTextLineTopAndBottom and push
        to a new page if we see that we can fit on a page by ourselves without blank space
        included.

2014-11-18  Ada Chan  <adachan@apple.com>

        Take Web Audio into account for the Page::isPlayingAudio() API.
        https://bugs.webkit.org/show_bug.cgi?id=137464

        Reviewed by Jer Noble.

        Make AudioContext a subclass of AudioProducer. It figures out whether there's
        audio playing by checking whether its AudioDestinationNode is playing (and not
        silent). It calls Document::updateIsPlayingAudio() whenever its audio playing
        state has changed.

        Test: webaudio/web-audio-is-playing.html

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::lazyInitialize):
        Add itself to the Document's list of AudioProducers if it's not an offline
        audio context.
        (WebCore::AudioContext::uninitialize):
        Remove itself from the Document's list of AudioProducers if it's not an offline
        audio context.
        (WebCore::AudioContext::stop):
        Tell the document to update its audio playing state.
        (WebCore::AudioContext::isPlayingAudio):
        Return true if the audio context hasn't been stopped and its destination node is
        playing audio.
        (WebCore::AudioContext::pageMutedStateDidChange):
        Add a FIXME for now.
        (WebCore::AudioContext::isPlayingAudioDidChange):
        Call Document::updateIsPlayingAudio().
        * Modules/webaudio/AudioContext.h:

        * Modules/webaudio/AudioDestinationNode.cpp:
        (WebCore::AudioDestinationNode::AudioDestinationNode):
        Initialize m_isSilent and m_isEffectivelyPlayingAudio.
        (WebCore::AudioDestinationNode::render):
        Call setIsSilent() with the appropriate value after rendering.
        (WebCore::AudioDestinationNode::isPlayingDidChange):
        Call updateIsEffectivelyPlayingAudio().
        (WebCore::AudioDestinationNode::setIsSilent):
        If m_isSilent has changed, call updateIsEffectivelyPlayingAudio().
        (WebCore::AudioDestinationNode::updateIsEffectivelyPlayingAudio):
        If m_isEffectivelyPlayingAudio has changed, call AudioContext::isPlayingAudioDidChange().
        * Modules/webaudio/AudioDestinationNode.h:
        (WebCore::AudioDestinationNode::isPlaying):
        (WebCore::AudioDestinationNode::isPlayingAudio):

        * Modules/webaudio/DefaultAudioDestinationNode.cpp:
        (WebCore::DefaultAudioDestinationNode::isPlaying):
        Return whether the AudioDestination is playing.
        * Modules/webaudio/DefaultAudioDestinationNode.h:

        * platform/audio/AudioIOCallback.h:
        * platform/audio/ios/AudioDestinationIOS.cpp:
        (WebCore::AudioDestinationIOS::start):
        Call setIsPlaying() instead.
        (WebCore::AudioDestinationIOS::stop):
        Ditto.
        (WebCore::AudioDestinationIOS::setIsPlaying):
        If m_isPlaying has changed, call AudioIOCallback::isPlayingDidChange().
        * platform/audio/ios/AudioDestinationIOS.h:

        * platform/audio/mac/AudioDestinationMac.cpp:
        (WebCore::AudioDestinationMac::start):
        Call setIsPlaying() instead.
        (WebCore::AudioDestinationMac::stop):
        Ditto.
        (WebCore::AudioDestinationMac::setIsPlaying):
        If m_isPlaying has changed, call AudioIOCallback::isPlayingDidChange().
        * platform/audio/mac/AudioDestinationMac.h:

        * testing/Internals.cpp:
        (WebCore::Internals::isPagePlayingAudio):
        * testing/Internals.h:
        * testing/Internals.idl:
        Add internals.isPagePlayingAudio() for testing.

2014-11-19  Daniel Bates  <dabates@apple.com>

        Attempt to fix the Apple Internal Mountain Lion build after <https://trac.webkit.org/changeset/176347>
        (https://bugs.webkit.org/show_bug.cgi?id=136863)

        Only import header CFNSURLConnection.h when building for iOS or OS X Yosemite.

        * platform/spi/cf/CFNetworkSPI.h:

2014-11-19  Antti Koivisto  <antti@apple.com>

        Fix TilesAdded bitmask
        https://bugs.webkit.org/show_bug.cgi?id=138883

        Reviewed by Simon Fraser.

        Simon spotted this.

        * platform/graphics/ca/GraphicsLayerCA.h:

            Use 1LLU << 29 instead of 1LLU < 29
            This worked before by pure luck as bit 0 is unused.

2014-11-19  Daniel Bates  <dabates@apple.com>

        [iOS] Make WebKit build with public iOS SDK
        https://bugs.webkit.org/show_bug.cgi?id=136863

        Reviewed by David Kilzer.

        * WebCore.xcodeproj/project.pbxproj: Add private headers CFNetworkSPI.h and
        NS{CalendarDate, String, URLDownload}SPI.h.
        * loader/cocoa/DiskCacheMonitorCocoa.mm: Move forward declaration of
        CFNetwork data types and functions from here to file CFNetworkSPI.h and
        include header CFNetworkSPI.h.
        * platform/network/mac/ResourceHandleMac.mm: Substitute CFNetworkSPI.h for
        CFURLRequestSPI.h as the content of the latter was incorporated into the former.
        * platform/spi/cf/CFNetworkSPI.h: Added.
        * platform/spi/cf/CFURLRequestSPI.h: Removed; incorporated its functionality
        into CFNetworkSPI.h
        * platform/spi/cocoa/NSCalendarDateSPI.h: Added.
        * platform/spi/cocoa/NSStringSPI.h: Added.
        * platform/spi/cocoa/NSURLDownloadSPI.h: Added.

2014-11-19  Benjamin Poulain  <bpoulain@apple.com>

        Get rid of AccessibilityObject::setRoleValue()
        https://bugs.webkit.org/show_bug.cgi?id=138861

        Reviewed by Chris Fleizach.

        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::setRoleValue): Deleted.

2014-11-19  Philippe Normand  <pnormand@igalia.com>

        Missing NULL-check in VideoTrack::setLanguage
        https://bugs.webkit.org/show_bug.cgi?id=138867

        Reviewed by Jer Noble.

        * html/track/VideoTrack.cpp:
        (WebCore::VideoTrack::setLanguage): Prevent change event creation
        on an empty video track list.

2014-11-19  Chris Fleizach  <cfleizach@apple.com>

        AX: Safari fails to load a web page with VoiceOver
        https://bugs.webkit.org/show_bug.cgi?id=138849

        Reviewed by Mario Sanchez Prada.

        Sometimes an inlineElementContinuation will continue to an inline RenderBlock, so we case this incorrectly and bad things happen.

        Test: accessibility/inline-block-assertion.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::startOfContinuations):

2014-11-19  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: RenderTreeAsText should use rangeForRenderer() when dumping simple line text.
        https://bugs.webkit.org/show_bug.cgi?id=138847

        Reviewed by Antti Koivisto.

        This is in preparation to support multiple renderers for simple line layout.
        Use rangeForRenderer() to get runs for a particular renderer as opposed to for the entire flow.

        Not testable.

        * rendering/RenderTreeAsText.cpp:
        (WebCore::write):

2014-11-19  peavo@outlook.com  <peavo@outlook.com>

        [WinCairo] Compile error when CSS_SELECTORS_LEVEL4 is not enabled.
        https://bugs.webkit.org/show_bug.cgi?id=138870

        Reviewed by Alex Christensen.

        * css/CSSSelector.cpp:
        (WebCore::simpleSelectorSpecificityInternal):

2014-11-19  Chris Fleizach  <cfleizach@apple.com>

        AX: Screen braille input doesn't work on forms.
        https://bugs.webkit.org/show_bug.cgi?id=138804

        Reviewed by Mario Sanchez Prada.

        Allow iOS to set values of text fields through the API.

        Test: platform/ios-sim/accessibility/set-value.html

        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper _accessibilitySetValue:]):

2014-11-19  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Add renderer based rect collecting to RunResolver.
        https://bugs.webkit.org/show_bug.cgi?id=138818

        Reviewed by Antti Koivisto.

        This is in preparation to multiple renderers support.
        RunResolver should be able to collect rects for a particular renderer
        that might overlap multiple runs. (or might just be a subset of a Run)

        Covered by existing tests.

        * rendering/SimpleLineLayoutFlowContents.cpp:
        (WebCore::SimpleLineLayout::FlowContents::renderer): It operates on a single renderer currently.
        (WebCore::SimpleLineLayout::FlowContents::resolveRendererPositions): It operates on a single renderer currently.
        * rendering/SimpleLineLayoutFlowContents.h:
        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::computeTextBoundingBox):
        (WebCore::SimpleLineLayout::computeTextFirstRunLocation):
        (WebCore::SimpleLineLayout::collectTextAbsoluteRects):
        (WebCore::SimpleLineLayout::collectTextAbsoluteQuads):
        (WebCore::SimpleLineLayout::showLineLayoutForFlow):
        * rendering/SimpleLineLayoutResolver.cpp:
        (WebCore::SimpleLineLayout::baselinePosition):
        (WebCore::SimpleLineLayout::linePosition):
        (WebCore::SimpleLineLayout::lineSize):
        (WebCore::SimpleLineLayout::RunResolver::Run::rect):
        (WebCore::SimpleLineLayout::RunResolver::Run::rectForTextRenderer):
        (WebCore::SimpleLineLayout::RunResolver::Run::baseline):
        (WebCore::SimpleLineLayout::RunResolver::Run::text):
        (WebCore::SimpleLineLayout::RunResolver::Run::computeRect):
        (WebCore::SimpleLineLayout::RunResolver::RunResolver):
        * rendering/SimpleLineLayoutResolver.h:

2014-11-19  Dhi Aurrahman  <diorahman@rockybars.com>

        Add selector checker for :lang pseudo class in Selectors level 4
        https://bugs.webkit.org/show_bug.cgi?id=138281

        Reviewed by Benjamin Poulain.

        Add selector checker for :lang pseudo class in Selectors level 4.

        The language tags matching is specified in [1,2].

        [1] http://www.ietf.org/rfc/rfc4647.txt
        [2] http://dev.w3.org/csswg/selectors4/#the-lang-pseudo

        Tests: fast/selectors/lang-extended-filtering.html
               fast/selectors/lang-multiple.html

        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        * css/SelectorCheckerTestFunctions.h:
        (WebCore::containslanguageSubtagMatchingRange):
        (WebCore::matchesLangPseudoClass):
        (WebCore::matchesLangPseudoClassDeprecated):
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addPseudoClassType):

2014-11-18  Philippe Normand  <pnormand@igalia.com>

        start/stop method for AudioBufferSourceNodes and OscillatorNodes can take no args
        https://bugs.webkit.org/show_bug.cgi?id=138739

        Reviewed by Darin Adler.

        The patch is inspired by the following Blink revision by
        <rtoy@google.com>:
        <https://src.chromium.org/viewvc/blink?view=rev&revision=160845>

        Test: webaudio/dom-exceptions.html

        * Modules/webaudio/AudioBufferSourceNode.cpp:
        (WebCore::AudioBufferSourceNode::start):
        (WebCore::AudioBufferSourceNode::startPlaying):
        (WebCore::AudioBufferSourceNode::noteGrainOn):
        (WebCore::AudioBufferSourceNode::startGrain): Deleted.
        * Modules/webaudio/AudioBufferSourceNode.h:
        * Modules/webaudio/AudioBufferSourceNode.idl:
        * Modules/webaudio/AudioScheduledSourceNode.cpp:
        (WebCore::AudioScheduledSourceNode::start):
        (WebCore::AudioScheduledSourceNode::stop):
        * Modules/webaudio/AudioScheduledSourceNode.h:
        * Modules/webaudio/OscillatorNode.idl:

2014-11-18  Benjamin Poulain  <benjamin@webkit.org>

        Add the initial implementation of dynamic specificity for :matches()
        https://bugs.webkit.org/show_bug.cgi?id=138822

        Reviewed by Andreas Kling.

        Previously we completely ignored the selector list of :matches() when computing
        the specificity of the selector.

        The spec (http://dev.w3.org/csswg/selectors4/#specificity) says:
        "The specificity of a :matches() pseudo-class, however, is the specificity
         of the most specific complex selector that matched the given element."

        This patch does just that.

        In the CSS JIT, we only consider specificities that can be computed statically
        for now, this should be extended later.
        When the specificity is dynamic, we fall back to SelectorChecker. In that case,
        we execute every selector of the selector list and we keep the maximum value
        as the specificity for the whole :matches().

        Tests: fast/css/matches-specificity-1.html
               fast/css/matches-specificity-2.html
               fast/css/matches-specificity-3.html
               fast/css/matches-specificity-4.html
               fast/css/matches-specificity-5.html
               fast/css/matches-specificity-6.html
               fast/css/matches-specificity-7.html
               fast/css/matches-specificity-8.html
               fast/css/matches-specificity-9.html
               fast/css/matches-specificity-10.html

        * css/CSSSelector.cpp:
        (WebCore::selectorSpecificity):
        (WebCore::maxSpecificity):
        (WebCore::CSSSelector::specificity):
        (WebCore::simpleSelectorSpecificityInternal):
        (WebCore::CSSSelector::simpleSelectorSpecificity):
        :matches() itself should not have any specificity. The specificity of its components
        is computed in SelectorChecker.

        Since :matches() is no longer accounted as a class B specificity, I had to finish
        the specificity of :not() or some test breaks.

        * css/CSSSelector.h:
        * css/PageRuleCollector.cpp:
        (WebCore::comparePageRules):
        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        We can no longer shortcut the execution when context.pseudoElementEffective is false.
        There is no guarantee that a following selector wouldn't match with a higher specificity.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addPseudoClassType):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::SelectorCodeGenerator):
        (WebCore::SelectorCompiler::constructFragments):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateSelectorChecker):

2014-11-18  David Kilzer  <ddkilzer@apple.com>

        FeatureDefines.xcconfig: Switch from using PLATFORM_NAME to SDK selectors
        <http://webkit.org/b/138813>

        Reviewed by Mark Rowe.

        * Configurations/FeatureDefines.xcconfig: Switch to using SDK
        selectors.

2014-11-18  Chris Dumez  <cdumez@apple.com>

        Crash when setting 'z-index' / 'flex-shrink' CSS properties to a calculated value
        https://bugs.webkit.org/show_bug.cgi?id=138783

        Reviewed by Andreas Kling.

        Update operators converting CSSPrimitiveValue to integer / floating
        point types to properly handle calculated values (e.g. 'calc(2 * 3)').
        Previously, this was not working in release builds and we would hit an
        ASSERT_NOT_REACHED() in debug builds.

        Tests: fast/css/flex-shrink-calculated-value.html
               fast/css/z-index-calculated-value.html

        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::operator unsigned short):
        (WebCore::CSSPrimitiveValue::operator int):
        (WebCore::CSSPrimitiveValue::operator unsigned):
        (WebCore::CSSPrimitiveValue::operator float):

2014-11-18  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r176263 and r176273.
        https://bugs.webkit.org/show_bug.cgi?id=138854

        Underlines are hideous. (Requested by litherum on #webkit).

        Reverted changesets:

        "Use underlining metrics from the font file"
        https://bugs.webkit.org/show_bug.cgi?id=138762
        http://trac.webkit.org/changeset/176263

        "iOS build fix."
        http://trac.webkit.org/changeset/176273

2014-11-18  Chris Dumez  <cdumez@apple.com>

        Add a setting to toggle DOMTimer throttling support
        https://bugs.webkit.org/show_bug.cgi?id=138844
        <rdar://problem/19020874>

        Reviewed by Andreas Kling.

        Add a setting to disable DOM timers throttling, in order to help
        developers determine if a specific issue is caused by timer
        throttling.

        * page/DOMTimer.cpp:
        (WebCore::DOMTimerFireState::contextDocument):
        (WebCore::DOMTimerFireState::scriptMadeUserObservableChanges):
        (WebCore::DOMTimer::isDOMTimersThrottlingEnabled):
        (WebCore::DOMTimer::updateThrottlingStateIfNecessary):
        * page/DOMTimer.h:
        * page/Settings.in:

2014-11-18  Beth Dakin  <bdakin@apple.com>

        REGRESSION: Invoking dictionary lookup on text in some search fields searches for 
        incorrect item
        https://bugs.webkit.org/show_bug.cgi?id=138853
        -and corresponding-
        rdar://problem/18912505

        Reviewed by Tim Horton.

        Get the visible position based on the frame, not just the renderer.
        * editing/mac/DictionaryLookup.mm:
        (WebCore::rangeForDictionaryLookupAtHitTestResult):

2014-11-18  David Hyatt  <hyatt@apple.com>

        REGRESSION (r167210): Invalid cast in WebCore::RenderBlock::blockSelectionGaps
        https://bugs.webkit.org/show_bug.cgi?id=137590

        Reviewed by Dean Jackson.

        Added fast/block/selection-block-gaps-crash.html

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::blockSelectionGaps):
        Check that we really are a RenderBlock before recurring.

2014-11-18  Andreas Kling  <akling@apple.com>

        Avoid synchronous style recalc in Document.activeElement
        <https://webkit.org/b/138850>

        Reviewed by Ryosuke Niwa.

        This subtly changes the behavior of <input autofocus>, which was caught by
        a layout test. Auto-focus doesn't happen until the render tree is attached,
        although it was possible to force it by accessing document.activeElement.

        Now auto-focus is always lazy. This is consistent with other browser engines.

        ~1% progression on Speedometer locally.

        * dom/Document.cpp:
        (WebCore::Document::activeElement):

2014-11-18  Chris Dumez  <cdumez@apple.com>

        Have Vector::capacity() return an unsigned instead of a size_t
        https://bugs.webkit.org/show_bug.cgi?id=138842

        Reviewed by Andreas Kling.

        Update the code base now that Vector::capacity() returns an unsigned
        type instead of a size_t.

        No new tests, no behavior change.

        * editing/TextIterator.cpp:
        (WebCore::SearchBuffer::append):
        (WebCore::SearchBuffer::prependContext):
        (WebCore::SearchBuffer::search):
        (WebCore::SearchBuffer::length):
        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::duplicateDataBufferIfNecessary):

2014-11-18  Geoffrey Garen  <ggaren@apple.com>

        Removed the custom allocator for ListHashSet nodes
        https://bugs.webkit.org/show_bug.cgi?id=138841

        Reviewed by Andreas Kling.

        Uses of ListHashSet no longer need to declare an inline capacity,
        since that was only used to specify the capacity of the custom allocator.

        * dom/DOMNamedFlowCollection.h:
        * dom/DocumentEventQueue.h:
        * dom/DocumentStyleSheetCollection.h:
        * dom/NamedFlowCollection.h:
        * html/FormController.h:
        * rendering/FloatingObjects.h:
        * rendering/RenderBlock.h:

2014-11-18  David Hyatt  <hyatt@apple.com>

        REGRESSION(r152313): Inline-block element doesn't wrap properly
        https://bugs.webkit.org/show_bug.cgi?id=138846 - <rdar://problem/18838703>

        Reviewed by Simon Fraser.

        Added fast/inline-block/inline-block-empty-spans.html

        * rendering/line/BreakingContextInlineHeaders.h:
        (WebCore::BreakingContext::canBreakAtThisPosition):

2014-11-18  Myles C. Maxfield  <mmaxfield@apple.com>

        Multicolumn layout with negative line spacing and orphans causes pieces of letters to be shown at the bottom of columns
        https://bugs.webkit.org/show_bug.cgi?id=138204

        Reviewed by Dave Hyatt.

        This code is responsible for pushing block elements to the next column if
        the "orphans" CSS property is triggered. The mechanism by which this is
        achieved is to push the block down such that the origin of the block is
        at the origin of the next column. However, if there is negative line
        spacing, the top portion of the text might actually be on top of the
        origin of the block. Therefore, the block wasn't being pushed down enough
        to entirely contain its text, so the top pieces were being drawn on the
        previous column.

        Test: fast/multicol/orphans-negative-line-spacing.html

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::adjustLinePositionForPagination):

2014-11-18  Chris Dumez  <cdumez@apple.com>

        DOMTimers sometimes don't get unthrottled on scrolling
        https://bugs.webkit.org/show_bug.cgi?id=138838

        Reviewed by Antti Koivisto.

        DOMTimers sometimes didn't get unthrottled on scrolling. This is
        because we stopped listening for viewport changes every time the
        timer fires, but we didn't listen for those changes again if we
        decided the timer should stay throttled after the timer's action
        was executed.

        We should listen for viewport changes again after executing the
        timer's action, if there are elements outside the viewport causing
        the DOMTimer to be throttled, even if the throttleState hasn't
        changed (i.e the timer stays throttled).

        Test: fast/dom/timer-unthrottle-on-scroll.html

        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::updateThrottlingStateIfNecessary):
        (WebCore::DOMTimer::updateTimerIntervalIfNecessary):
        (WebCore::DOMTimer::updateThrottlingStateAfterViewportChange):

2014-11-18  Daniel Bates  <dbates@webkit.org>

        [iOS] Make WebCore build and link with public SDK
        https://bugs.webkit.org/show_bug.cgi?id=136487

        Reviewed by David Kilzer.

        * bindings/objc/DOMInternal.mm: Include header NSMapTableSPI.h.
        * bindings/objc/WebScriptObject.mm: Ditto; Also fix style nit, substitute
        #import for #include when importing header WTFString.h.
        * bridge/objc/objc_instance.mm: Include header NSMapTableSPI.h and remove
        #import NSMapTable.h as the former will import the latter.
        * platform/ios/PlatformEventFactoryIOS.mm: Include header wtf/CurrentTime.h
        for the declaration of WTF::currentTime().
        * platform/ios/wak/WebCoreThread.mm: Remove unnecessary include of header CoreFoundation/CFPriv.h.
        * platform/spi/ios/AVKitSPI.h: Add more SPI.
        * platform/spi/ios/MPAVRoutingControllerSPI.h: Ditto.

2014-11-18  Myles C. Maxfield  <mmaxfield@apple.com>

        Subclass CachedFont for SVG fonts
        https://bugs.webkit.org/show_bug.cgi?id=138686

        Reviewed by Simon Fraser.

        Re-landing due to flakey bots.

        CachedFont had many #if ENABLE(SVG_FONTS) scattered throughout it.
        Splitting out this SVG-specific code into a subclass of CachedFont
        cleans up the design.

        No new tests because there is no behavior change.

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::getFontData): There are two sections
        in this function; one for SVG fonts and one for regular fonts.
        I've moved these two sections into CachedFont and SVGCachedFont,
        thereby simplifying this function.
        (WebCore::CSSFontFaceSource::ensureFontData): Ditto.
        (WebCore::CSSFontFaceSource::svgFontFaceElement): Moved to header.
        (WebCore::CSSFontFaceSource::setSVGFontFaceElement): Ditto.
        (WebCore::CSSFontFaceSource::isSVGFontFaceSource): Ditto.
        * css/CSSFontFaceSource.h: Put functions that are simple enough to
        be inlined here.
        * css/CSSFontFaceSrcValue.cpp:
        (WebCore::CSSFontFaceSrcValue::isSVGFontTarget): Convenience
        function.
        (WebCore::CSSFontFaceSrcValue::cachedFont): Pass through a boolean
        from CSSFontSelector to CachedResourceHandle regarding if we should
        be using SVGCachedFont instead of CachedFont.
        * css/CSSFontFaceSrcValue.h: New convenience function.
        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::addFontFaceRule): Pass through a boolean
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::cachedResourceType): Update for new
        CachedResource type
        (WebCore::cachedResourcesForFrame): Ditto.
        * loader/cache/CachedFont.cpp:
        (WebCore::CachedFont::CachedFont):
        (WebCore::CachedFont::ensureCustomFontData): Taken from
        CSSFontFaceSource::getFontData()
        (WebCore::CachedFont::getFontData): Ditto.
        (WebCore::CachedFont::platformDataFromCustomData): Ditto.
        (WebCore::CachedFont::ensureSVGFontData): Moved to SVGCachedFont.
        (WebCore::CachedFont::getSVGFontById): Ditto.
        * loader/cache/CachedFont.h:
        * loader/cache/CachedResource.cpp:
        (WebCore::defaultPriorityForResourceType): Update for new enum
        type.
        * loader/cache/CachedResource.h:
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::createResource): Takes new boolean.
        (WebCore::CachedResourceLoader::requestFont): Ditto.
        (WebCore::CachedResourceLoader::checkInsecureContent): Update for
        new enum type
        (WebCore::CachedResourceLoader::canRequest): Ditto.
        * loader/cache/CachedResourceLoader.h:
        * loader/cache/CachedSVGFont.cpp: Added.
        (WebCore::CachedSVGFont::CachedSVGFont): Moved from
        CSSFontFaceSource::getFontData() and CachedFont
        (WebCore::CachedSVGFont::getFontData): Ditto.
        (WebCore::CachedSVGFont::platformDataFromCustomData): Ditto.
        (WebCore::CachedSVGFont::ensureCustomFontData): Ditto.
        (WebCore::CachedSVGFont::getSVGFontById): Ditto.
        (WebCore::CachedSVGFont::firstFontFace): Ditto.
        * loader/cache/CachedSVGFont.h: Subclass CachedFont.
        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::getStatistics): Update for new enum.
        * svg/SVGFontFaceUriElement.cpp:
        (WebCore::isSVGFontTarget): Convenience function.
        (WebCore::SVGFontFaceUriElement::loadFont): Update for new
        boolean.

2014-11-18  Chris Dumez  <cdumez@apple.com>

        Update the Vector API to deal with unsigned types instead of size_t
        https://bugs.webkit.org/show_bug.cgi?id=138824

        Reviewed by Andreas Kling.

        Update code base to fix build errors related to the typing changes
        in the Vector API (size_t -> unsigned).

        No new tests, no behavior change.

        * WebCore.exp.in:
        * bindings/js/JSDOMBinding.h:
        (WebCore::jsArray):
        * bindings/js/JSWebGLRenderingContextCustom.cpp:
        * cssjit/SelectorCompiler.cpp:
        * html/HTMLFormElement.cpp:
        (WebCore::removeFromVector):
        * html/parser/HTMLParserIdioms.h:
        * html/parser/XSSAuditor.cpp:

2014-11-18  Myles C. Maxfield  <mmaxfield@apple.com>

        Unreviewed iOS build fix

        * platform/graphics/ios/SimpleFontDataIOS.mm:
        (WebCore::SimpleFontData::platformInit):

2014-11-18  Dan Bernstein  <mitz@apple.com>

        iOS build fix.

        * platform/graphics/ios/SimpleFontDataIOS.mm:
        (WebCore::SimpleFontData::platformInit):

2014-11-18  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r176264.
        https://bugs.webkit.org/show_bug.cgi?id=138837

        caused many test failures (Requested by litherum on #webkit).

        Reverted changeset:

        "Subclass CachedFont for SVG fonts"
        https://bugs.webkit.org/show_bug.cgi?id=138686
        http://trac.webkit.org/changeset/176264

2014-11-18  Daniel Bates  <dabates@apple.com>

        [iOS] Libdispatch, Dyld, IOKit, Mach, NSPointerFunctions, MobileGestalt
        SPI are not available in public SDK
        https://bugs.webkit.org/show_bug.cgi?id=138802

        Reviewed by David Kilzer.

        Add SPI wrapper headers {Dispatch, DynamicLinker, IOPMLib, MachVM, NSPointerFunctions, MobileGestalt}SPI.h
        that forward declare applicable libdispatch, dyld, IOKit, mach, Foundation, MobileGestalt SPI
        and use these headers instead of the including private headers corresponding to these libraries/frameworks.

        * WebCore.xcodeproj/project.pbxproj: Add private headers MobileGestaltSPI.h and
        MachVMSPI.h, and project headers DynamicLinkerSPI.h, NSPointerFunctionsSPI.h,
        DispatchSPI.h and IOPMLibSPI.h. Also, sort files in Xcode project.
        * bindings/objc/DOMInternal.mm: Include header NSPointerFunctionsSPI.h.
        * bridge/objc/objc_instance.mm: Ditto; Also, sort #import directives.
        * platform/cocoa/DisplaySleepDisablerCocoa.cpp: Substitute header IOPMLibSPI.h
        for private header IOKit/pwr_mgt/IOPMLib.h.
        * platform/cocoa/MemoryPressureHandlerCocoa.mm: Substitute header DispatchSPI.h
        for private header dispatch/private.h.
        * platform/graphics/ios/FontServicesIOS.mm: Substitute header DynamicLinkerSPI.h
        for private header mach-o/dyld_priv.h.
        * platform/ios/PlatformScreenIOS.mm: Substitute header MobileGestaltSPI.h for
        private header MobileGestalt.h.
        * platform/spi/cocoa/DispatchSPI.h: Added.
        * platform/spi/cocoa/DynamicLinkerSPI.h: Added.
        * platform/spi/cocoa/IOPMLibSPI.h: Added.
        * platform/spi/cocoa/MachVMSPI.h: Added.
        * platform/spi/cocoa/NSPointerFunctionsSPI.h: Added.
        * platform/spi/ios/MobileGestaltSPI.h: Added.

2014-11-18  Myles C. Maxfield  <mmaxfield@apple.com>

        Subclass CachedFont for SVG fonts
        https://bugs.webkit.org/show_bug.cgi?id=138686

        Reviewed by Simon Fraser.

        CachedFont had many #if ENABLE(SVG_FONTS) scattered throughout it.
        Splitting out this SVG-specific code into a subclass of CachedFont
        cleans up the design.

        No new tests because there is no behavior change.

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::getFontData): There are two sections
        in this function; one for SVG fonts and one for regular fonts.
        I've moved these two sections into CachedFont and SVGCachedFont,
        thereby simplifying this function.
        (WebCore::CSSFontFaceSource::ensureFontData): Ditto.
        (WebCore::CSSFontFaceSource::svgFontFaceElement): Moved to header.
        (WebCore::CSSFontFaceSource::setSVGFontFaceElement): Ditto.
        (WebCore::CSSFontFaceSource::isSVGFontFaceSource): Ditto.
        * css/CSSFontFaceSource.h: Put functions that are simple enough to
        be inlined here.
        * css/CSSFontFaceSrcValue.cpp:
        (WebCore::CSSFontFaceSrcValue::isSVGFontTarget): Convenience
        function.
        (WebCore::CSSFontFaceSrcValue::cachedFont): Pass through a boolean
        from CSSFontSelector to CachedResourceHandle regarding if we should
        be using SVGCachedFont instead of CachedFont.
        * css/CSSFontFaceSrcValue.h: New convenience function.
        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::addFontFaceRule): Pass through a boolean
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::cachedResourceType): Update for new
        CachedResource type
        (WebCore::cachedResourcesForFrame): Ditto.
        * loader/cache/CachedFont.cpp:
        (WebCore::CachedFont::CachedFont):
        (WebCore::CachedFont::ensureCustomFontData): Taken from
        CSSFontFaceSource::getFontData()
        (WebCore::CachedFont::getFontData): Ditto.
        (WebCore::CachedFont::platformDataFromCustomData): Ditto.
        (WebCore::CachedFont::ensureSVGFontData): Moved to SVGCachedFont.
        (WebCore::CachedFont::getSVGFontById): Ditto.
        * loader/cache/CachedFont.h:
        * loader/cache/CachedResource.cpp:
        (WebCore::defaultPriorityForResourceType): Update for new enum
        type.
        * loader/cache/CachedResource.h:
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::createResource): Takes new boolean.
        (WebCore::CachedResourceLoader::requestFont): Ditto.
        (WebCore::CachedResourceLoader::checkInsecureContent): Update for
        new enum type
        (WebCore::CachedResourceLoader::canRequest): Ditto.
        * loader/cache/CachedResourceLoader.h:
        * loader/cache/CachedSVGFont.cpp: Added.
        (WebCore::CachedSVGFont::CachedSVGFont): Moved from
        CSSFontFaceSource::getFontData() and CachedFont
        (WebCore::CachedSVGFont::getFontData): Ditto.
        (WebCore::CachedSVGFont::platformDataFromCustomData): Ditto.
        (WebCore::CachedSVGFont::ensureCustomFontData): Ditto.
        (WebCore::CachedSVGFont::getSVGFontById): Ditto.
        (WebCore::CachedSVGFont::firstFontFace): Ditto.
        * loader/cache/CachedSVGFont.h: Subclass CachedFont.
        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::getStatistics): Update for new enum.
        * svg/SVGFontFaceUriElement.cpp:
        (WebCore::isSVGFontTarget): Convenience function.
        (WebCore::SVGFontFaceUriElement::loadFont): Update for new
        boolean.

2014-11-18  Myles C. Maxfield  <litherum@gmail.com>

        Use underlining metrics from the font file
        https://bugs.webkit.org/show_bug.cgi?id=138762

        Reviewed by Dave Hyatt.

        Test: platform/mac/fast/css3-text/css3-text-decoration/text-decoration-thickness.html

        * platform/graphics/FontMetrics.h: Adding variables for text decoration thickness and
        underline position.
        (WebCore::FontMetrics::FontMetrics):
        (WebCore::FontMetrics::decorationThickness):
        (WebCore::FontMetrics::setDecorationThickness):
        (WebCore::FontMetrics::underlinePosition):
        (WebCore::FontMetrics::setUnderlinePosition):
        * platform/graphics/freetype/SimpleFontDataFreeType.cpp:
        (WebCore::SimpleFontData::platformInit): Initialize new FontMetrics members.
        * platform/graphics/ios/SimpleFontDataIOS.mm:
        (WebCore::SimpleFontData::platformInit): Ditto.
        * platform/graphics/mac/SimpleFontDataMac.mm:
        (WebCore::SimpleFontData::platformInit): Ditto.
        * platform/graphics/win/SimpleFontDataCGWin.cpp:
        (WebCore::SimpleFontData::platformInit): Ditto.
        * platform/graphics/win/SimpleFontDataCairoWin.cpp:
        (WebCore::SimpleFontData::platformInit): Ditto.
        * platform/graphics/win/SimpleFontDataWin.cpp:
        (WebCore::SimpleFontData::initGDIFont): Ditto.
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::paintDecoration): Use FontMetrics data.
        * style/InlineTextBoxStyle.cpp:
        (WebCore::computeUnderlineOffset): Ditto.
        (WebCore::visualOverflowForDecorations): Ditto.
        * style/InlineTextBoxStyle.h:
        (WebCore::textDecorationStrokeThickness): Deleted.
        * svg/SVGFontData.cpp:
        (WebCore::SVGFontData::initializeFontData): Initialize new FontMetrics members.

2014-11-17  David Hyatt  <hyatt@apple.com>

        Improve Ruby selection (getting rid of overlap and improving gap filling)
        https://bugs.webkit.org/show_bug.cgi?id=138250

        Reviewed by Dean Jackson.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::selectionGaps):
        (WebCore::RenderBlock::blockSelectionGaps):
        Add Ruby text in along with the Ruby base.

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::inlineSelectionGaps):
        Don't let block gaps get filled in here.

        * rendering/RenderRubyBase.h:
        Expose accessor to the ruby run.

        * rendering/RenderRubyText.cpp:
        (WebCore::RenderRubyText::rubyRun):
        * rendering/RenderRubyText.h:
        Add accessor to the ruby run.

        * rendering/RootInlineBox.cpp:
        (WebCore::RootInlineBox::selectionTop):
        (WebCore::RootInlineBox::selectionBottom):
        Improve selectionTop and selectionBottom of ruby bases to avoid the
        ruby text. Improve the selectionTop and selectionBottom of ruby texts
        to fill the gap up to the previous/next line as appropriate.

2014-11-18  Shivakumar JM  <shiva.jm@samsung.com>

        crypto: Use sequence<> instead of KeyUsage[] in IDL.
        https://bugs.webkit.org/show_bug.cgi?id=138823

        Reviewed by Darin Adler.

        Use sequence<KeyUsage> instead of KeyUsage[] in crypto IDL as per spec: https://dvcs.w3.org/hg/webcrypto-api/raw-file/tip/spec/
        Overview.html#SubtleCrypto-method-generateKey

        No new tests, no behavior change.

        * crypto/SubtleCrypto.idl:

2014-11-18  Philippe Normand  <pnormand@igalia.com>

        HRTFDatabaseLoader is not an absolute condition to run audioContext
        https://bugs.webkit.org/show_bug.cgi?id=138829

        Reviewed by Jer Noble.

        This patch is a port of the following Blink revision by
        <keonho07.kim@samsung.com>:
        <https://src.chromium.org/viewvc/blink?revision=167887&view=revision>

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::AudioContext):
        (WebCore::AudioContext::isRunnable): Deleted.
        * Modules/webaudio/AudioContext.h:
        (WebCore::AudioContext::hrtfDatabaseLoader): Deleted.
        * Modules/webaudio/AudioDestinationNode.cpp:
        (WebCore::AudioDestinationNode::render):
        * Modules/webaudio/OfflineAudioDestinationNode.cpp:
        (WebCore::OfflineAudioDestinationNode::offlineRender):
        * Modules/webaudio/PannerNode.cpp:
        (WebCore::PannerNode::PannerNode):
        (WebCore::PannerNode::process):
        (WebCore::PannerNode::initialize):
        (WebCore::PannerNode::setPanningModel):
        * Modules/webaudio/PannerNode.h:
        * Modules/webaudio/RealtimeAnalyser.cpp:
        * Modules/webaudio/RealtimeAnalyser.h:
        * platform/audio/HRTFDatabaseLoader.cpp:
        (WebCore::HRTFDatabaseLoader::createAndLoadAsynchronouslyIfNecessary):

2014-11-18  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r176218.
        https://bugs.webkit.org/show_bug.cgi?id=138827

        seems to have caused regressions on the perf bots (Requested
        by lajava on #webkit).

        Reverted changeset:

        "[CSS Grid Layout] Upgrade align-self and align-items parsing
        to CSS 3"
        https://bugs.webkit.org/show_bug.cgi?id=133359
        http://trac.webkit.org/changeset/176218

2014-11-18  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] Crash getting the orientation of a MenuListOption after the MenuList was removed from the document
        https://bugs.webkit.org/show_bug.cgi?id=138727

        Reviewed by Chris Fleizach.

        AccessibilityMenuListOption::elementRect() returns the value of the
        grandparent MenuList, asserting that the grandparent exists with that
        role. But it is possible to have an existing MenuListOption and remove
        the element which had been backing that MenuList from the document.
        Adding null checks prior to the assertions prevents our crashing if the
        parent or grandparent was removed.

        Test: platform/gtk/accessibility/combobox-descendants-orientation-crash.html

        * accessibility/AccessibilityMenuListOption.cpp:
        (WebCore::AccessibilityMenuListOption::elementRect):

2014-11-17  Benjamin Poulain  <bpoulain@apple.com>

        Fix a small indentation mistake in SelectorCodeGenerator::generateNthFilterTest

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateNthFilterTest):

2014-11-17  Benjamin Poulain  <benjamin@webkit.org>

        Fix two bad function names of HTMLFormControlElement
        https://bugs.webkit.org/show_bug.cgi?id=138790

        Reviewed by Andreas Kling.

        Darin suggested some name improvements in https://bugs.webkit.org/show_bug.cgi?id=138769

        * dom/CheckedRadioButtons.cpp:
        (WebCore::RadioButtonGroup::add):
        (WebCore::RadioButtonGroup::updateCheckedState):
        (WebCore::RadioButtonGroup::requiredAttributeChanged):
        (WebCore::RadioButtonGroup::remove):
        (WebCore::RadioButtonGroup::updateValidityForAllButtons):
        (WebCore::RadioButtonGroup::setNeedsValidityCheckForAllButtons): Deleted.
        * html/FileInputType.cpp:
        (WebCore::FileInputType::setFiles):
        * html/HTMLButtonElement.cpp:
        (WebCore::HTMLButtonElement::computeWillValidate):
        (WebCore::HTMLButtonElement::recalcWillValidate): Deleted.
        * html/HTMLButtonElement.h:
        * html/HTMLFieldSetElement.h:
        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::requiredAttributeChanged):
        (WebCore::HTMLFormControlElement::computeWillValidate):
        (WebCore::HTMLFormControlElement::willValidate):
        (WebCore::HTMLFormControlElement::setNeedsWillValidateCheck):
        (WebCore::HTMLFormControlElement::isValidFormControlElement):
        (WebCore::HTMLFormControlElement::updateValidity):
        (WebCore::HTMLFormControlElement::setCustomValidity):
        (WebCore::HTMLFormControlElement::recalcWillValidate): Deleted.
        (WebCore::HTMLFormControlElement::setNeedsValidityCheck): Deleted.
        * html/HTMLFormControlElement.h:
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::runPostTypeUpdateTasks):
        (WebCore::HTMLInputElement::parseAttribute):
        (WebCore::HTMLInputElement::setChecked):
        (WebCore::HTMLInputElement::setValueInternal):
        (WebCore::HTMLInputElement::setValueFromRenderer):
        (WebCore::HTMLInputElement::computeWillValidate):
        (WebCore::HTMLInputElement::parseMaxLengthAttribute):
        (WebCore::HTMLInputElement::recalcWillValidate): Deleted.
        * html/HTMLInputElement.h:
        * html/HTMLKeygenElement.h:
        * html/HTMLOutputElement.h:
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::deselectItems):
        (WebCore::HTMLSelectElement::optionSelectedByUser):
        (WebCore::HTMLSelectElement::listBoxSelectItem):
        (WebCore::HTMLSelectElement::add):
        (WebCore::HTMLSelectElement::parseAttribute):
        (WebCore::HTMLSelectElement::childrenChanged):
        (WebCore::HTMLSelectElement::optionElementChildrenChanged):
        (WebCore::HTMLSelectElement::setLength):
        (WebCore::HTMLSelectElement::selectAll):
        (WebCore::HTMLSelectElement::updateListBoxSelection):
        (WebCore::HTMLSelectElement::selectOption):
        (WebCore::HTMLSelectElement::restoreFormControlState):
        (WebCore::HTMLSelectElement::parseMultipleAttribute):
        (WebCore::HTMLSelectElement::reset):
        * html/HTMLTextAreaElement.cpp:
        (WebCore::HTMLTextAreaElement::parseAttribute):
        (WebCore::HTMLTextAreaElement::subtreeHasChanged):
        (WebCore::HTMLTextAreaElement::setValue):
        (WebCore::HTMLTextAreaElement::setNonDirtyValue):

2014-11-17  Sukolsak Sakshuwong  <sukolsak@gmail.com>

        Add parsing for :role()
        https://bugs.webkit.org/show_bug.cgi?id=138310

        Reviewed by Benjamin Poulain.

        Add support for parsing :role() pseudo class. The implementation of selector
        matching will be in a follow-up patch.

        * css/CSSGrammar.y.in:
        * css/CSSParser.cpp:
        (WebCore::CSSParser::detectFunctionTypeToken):
        * css/CSSSelector.cpp:
        (WebCore::appendPseudoClassFunctionTail):
        (WebCore::CSSSelector::selectorText):
        * css/CSSSelector.h:
        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        * css/SelectorPseudoClassAndCompatibilityElementMap.in:
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addPseudoClassType):

2014-11-17  Simon Fraser  <simon.fraser@apple.com>

        [iOS WK1] Sometimes, missing tiles in -webkit-overflow-scrolling: touch in UIWebViews
        https://bugs.webkit.org/show_bug.cgi?id=138815
        rdar://problem/18746203

        Reviewed by Tim Horton.

        The scroll-velocity-related data members on FrameView, added in r168233, were uninitialized in UIWebViews,
        so FrameView::computeCoverageRect() could return garbage results, leading to too much or too little tile coverage.
        
        We still add additional coverage from the new inclusion of a margin area, but, for simplicity, leave that the same
        between WK1 and WK2 for now.
        
        * page/FrameView.cpp:
        (WebCore::FrameView::FrameView):

2014-11-17  Chris Dumez  <cdumez@apple.com>

        Add initial layout testing coverage for timer throttling
        https://bugs.webkit.org/show_bug.cgi?id=138809

        Reviewed by Simon Fraser.

        Add isTimerThrottled() API to Internals so that we can add layout test
        coverage for timer throttling.

        Tests: fast/dom/nested-timer-invisible-element-throttling.html
               fast/dom/nested-timer-visible-element-throttling.html
               fast/dom/repeating-timer-invisible-element-throttling.html
               fast/dom/repeating-timer-visible-element-throttling.html

        * page/DOMTimer.h:
        * testing/Internals.cpp:
        (WebCore::Internals::isTimerThrottled):
        * testing/Internals.h:
        * testing/Internals.idl:

2014-11-17  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Rename FlowContentIterator and move implementation to SimpleLineLayoutFlowContents.cpp
        https://bugs.webkit.org/show_bug.cgi?id=138799

        Reviewed by Antti Koivisto.

        This is in preparation to support multiple renderers.
        The FlowContents class will be used not just when we create runs, but also when we resolve them at painting time.

        No change in functionality.

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::initializeNewLine):
        (WebCore::SimpleLineLayout::splitFragmentToFitLine):
        (WebCore::SimpleLineLayout::nextFragment):
        (WebCore::SimpleLineLayout::createLineRuns):
        (WebCore::SimpleLineLayout::closeLineEndingAndAdjustRuns):
        (WebCore::SimpleLineLayout::createTextRuns):
        (WebCore::SimpleLineLayout::FlowContentIterator::FlowContentIterator): Deleted.
        (WebCore::SimpleLineLayout::FlowContentIterator::findNextBreakablePosition): Deleted.
        (WebCore::SimpleLineLayout::FlowContentIterator::findNextNonWhitespacePosition): Deleted.
        (WebCore::SimpleLineLayout::FlowContentIterator::textWidth): Deleted.
        (WebCore::SimpleLineLayout::FlowContentIterator::isNewlineCharacter): Deleted.
        (WebCore::SimpleLineLayout::FlowContentIterator::isEndOfContent): Deleted.
        (WebCore::SimpleLineLayout::FlowContentIterator::style): Deleted.
        (WebCore::SimpleLineLayout::computeLineLeft): Deleted.
        * rendering/SimpleLineLayoutFlowContents.cpp: Added.
        (WebCore::SimpleLineLayout::FlowContents::FlowContents):
        (WebCore::SimpleLineLayout::FlowContents::findNextBreakablePosition):
        (WebCore::SimpleLineLayout::FlowContents::findNextNonWhitespacePosition):
        (WebCore::SimpleLineLayout::FlowContents::textWidth):
        * rendering/SimpleLineLayoutFlowContents.h: Added.
        (WebCore::SimpleLineLayout::FlowContents::Style::Style):
        (WebCore::SimpleLineLayout::FlowContents::style):
        (WebCore::SimpleLineLayout::FlowContents::isNewlineCharacter):
        (WebCore::SimpleLineLayout::FlowContents::isEndOfContent):

2014-11-17  Daniel Bates  <dabates@apple.com>

        Unreviewed, rolling out r176232.

        Broke the Mac build. Will investigate offline.

        Reverted changeset:

        "[iOS] Libdispatch, Dyld, IOKit, Mach, NSPointerFunctions,
        MobileGestalt"
        https://bugs.webkit.org/show_bug.cgi?id=138802
        http://trac.webkit.org/changeset/176232

2014-11-17  Daniel Bates  <dabates@apple.com>

        [iOS] Libdispatch, Dyld, IOKit, Mach, NSPointerFunctions, MobileGestalt
        SPI are not available in public SDK
        https://bugs.webkit.org/show_bug.cgi?id=138802

        Reviewed by David Kilzer.

        Add SPI wrapper headers {Dispatch, DynamicLinker, IOPMLib, MachVM, NSPointerFunctions, MobileGestalt}SPI.h
        that forward declare applicable libdispatch, dyld, IOKit, mach, Foundation, MobileGestalt SPI
        and use these headers instead of the including private headers corresponding to these libraries/frameworks.

        * WebCore.xcodeproj/project.pbxproj: Add private headers MobileGestaltSPI.h and
        MachVMSPI.h, and project headers DynamicLinkerSPI.h, NSPointerFunctionsSPI.h,
        DispatchSPI.h and IOPMLibSPI.h. Also, sort files in Xcode project.
        * bindings/objc/DOMInternal.mm: Include header NSPointerFunctionsSPI.h.
        * bridge/objc/objc_instance.mm: Ditto; Also, sort #import directives.
        * platform/cocoa/DisplaySleepDisablerCocoa.cpp: Substitute header IOPMLibSPI.h
        for private header IOKit/pwr_mgt/IOPMLib.h.
        * platform/cocoa/MemoryPressureHandlerCocoa.mm: Substitute header DispatchSPI.h
        for private header dispatch/private.h.
        * platform/graphics/ios/FontServicesIOS.mm: Substitute header DynamicLinkerSPI.h
        for private header mach-o/dyld_priv.h.
        * platform/ios/PlatformScreenIOS.mm: Substitute header MobileGestaltSPI.h for
        private header MobileGestalt.h.
        * platform/spi/cocoa/DispatchSPI.h: Added.
        * platform/spi/cocoa/DynamicLinkerSPI.h: Added.
        * platform/spi/cocoa/IOPMLibSPI.h: Added.
        * platform/spi/cocoa/MachVMSPI.h: Added.
        * platform/spi/cocoa/NSPointerFunctionsSPI.h: Added.
        * platform/spi/ios/MobileGestaltSPI.h: Added.

2014-11-17  Daniel Bates  <dabates@apple.com>

        [iOS] CoreText and CoreUI SPI are not available in public SDK
        https://bugs.webkit.org/show_bug.cgi?id=138760

        Reviewed by David Kilzer.

        Add a SPI wrapper header CoreUISPI.h that forward declares CoreUI SPI
        and use this header instead of including private headers of CoreUI directly.

        Additionally, add more forward declarations for CoreText SPI.

        * WebCore.xcodeproj/project.pbxproj: Add project header CoreUISPI.h.
        * platform/graphics/ios/FontCacheIOS.mm: Include header CoreTextSPI.h instead
        of including CoreText headers directly.
        * platform/graphics/mac/FontMac.mm: Include header CoreUISPI.h instead
        of including CoreUI headers directly.
        * platform/graphics/mac/GlyphPageTreeNodeMac.cpp: Remove unnecessary
        include of CoreText headers. These headers will be included by header
        CoreTextSPI.h (at the top of the file).
        * platform/graphics/mac/SimpleFontDataMac.mm: Remove forward declaration
        of CTFontDescriptorIsSystemUIFont() and include of header CTFontDescriptorPriv.h
        as this duplicates the logic in CoreTextSPI.h, which is included in this file.
        * platform/spi/cocoa/CoreTextSPI.h: Added more forward declarations. Simplified
        #include directives.
        * platform/spi/ios/CoreUISPI.h: Added.
        * rendering/RenderThemeIOS.mm: Move CoreUI externs from this file to file
        CoreUISPI.h and include header CoreUISPI.h.

2014-11-17  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Drop 16bit support temporarily.
        https://bugs.webkit.org/show_bug.cgi?id=138796

        Reviewed by Antti Koivisto.

        This is in preparation to multiple renderers support.
        It requires code refactoring on top of the coming multiple renderers codebase.
        (Not expecting any significant coverage shrinking.)

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseFor):
        (WebCore::SimpleLineLayout::FlowContentIterator::findNextBreakablePosition):
        (WebCore::SimpleLineLayout::FlowContentIterator::findNextNonWhitespacePosition):
        (WebCore::SimpleLineLayout::FlowContentIterator::textWidth):
        (WebCore::SimpleLineLayout::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::initializeNewLine):
        (WebCore::SimpleLineLayout::splitFragmentToFitLine):
        (WebCore::SimpleLineLayout::nextFragment):
        (WebCore::SimpleLineLayout::createLineRuns):
        (WebCore::SimpleLineLayout::closeLineEndingAndAdjustRuns):
        (WebCore::SimpleLineLayout::createTextRuns):
        (WebCore::SimpleLineLayout::create):

2014-11-17  Tim Horton  <timothy_horton@apple.com>

        DataDetectors PageOverlay callbacks can come in to the wrong overlay
        https://bugs.webkit.org/show_bug.cgi?id=138801
        <rdar://problem/18991369>

        Reviewed by Anders Carlsson.

        * page/PageOverlay.cpp:
        (WebCore::generatePageOverlayID):
        (WebCore::PageOverlay::PageOverlay):
        * page/PageOverlay.h:
        Give each PageOverlay a unique ID.

2014-11-17  Javier Fernandez  <jfernandez@igalia.com>

        [CSS Grid Layout] Upgrade align-self and align-items parsing to CSS 3
        https://bugs.webkit.org/show_bug.cgi?id=133359

        Reviewed by David Hyatt.

        Broaden justify-self's parsing name as a preparation of migrating
        align-self, align-items and justify-items to the CSS 3 Alignment syntax.

        The current naming was too tied to justify-self and needs to
        be broadened. This will reduce the follow-up implementations'
        patches.

        Upgrade align-self and align-items parsing to CSS 3

        This change migrates the 2 properties to the CSS 3 Alignment
        parsing. The new parsing is identical to how we parse
        'justify-self'. The 2 properties need to be migrated together
        as they are used in tandem in CSSComputedStyleDeclaration.

        This change also removes EAlignItems as it is now unused.

        Tests: css3/parse-align-items.html
               css3/parse-align-self.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::valueForItemPositionWithOverflowAlignment): Added. Builds the CSSValue for the for the alignment properties.
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSParser.cpp:
        (WebCore::isKeywordPropertyID): Removed align-items and align-self from the list.
        (WebCore::isValidKeywordPropertyAndValue): Removed align-items and align-self from the list.
        (WebCore::CSSParser::parseValue): Added align-items and align-self to the list and call to the generic parsing fuction for the alignment properties.
        (WebCore::isBaselinePositionKeyword): Utility function added to identify Baseline keyword values.
        (WebCore::CSSParser::parseItemPositionOverflowPosition): Generic parsing fuction for the alignment properties.
        (WebCore::CSSParser::parseJustifySelf): Deleted.
        * css/CSSParser.h:
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): Refactoring some mapping functions.
       (WebCore::CSSPrimitiveValue::operator ItemPosition): Added. Replace the old EAlignItems enumeration.
        (WebCore::CSSPrimitiveValue::operator OverflowAlignment): Added.
        (WebCore::CSSPrimitiveValue::operator EAlignItems): Deleted.
        (WebCore::CSSPrimitiveValue::operator EJustifySelf): Deleted.
        (WebCore::CSSPrimitiveValue::operator EJustifySelfOverflowAlignment): Deleted.
        * css/CSSPropertyNames.in:
        * css/CSSValueKeywords.in:
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle): Added a new adjustment to resolve the "auto" vale on the alignment properties.
        (WebCore::StyleResolver::adjustStyleForAlignment): Added. Function to resolve the "auto" vale on the alignment properties. 
        (WebCore::StyleResolver::applyProperty):
        (WebCore::isDisplayFlexibleBox): Deleted. Moved to the RenderStyle.
        (WebCore::isDisplayGridBox): Deleted. Moved to the RenderStyle.
        (WebCore::isDisplayFlexibleOrGridBox): Deleted. Moved to the RenderStyle.
        * css/StyleResolver.h:
        * rendering/RenderBox.cpp:
        (WebCore::flexItemHasStretchAlignment): Adapted to the new ItemPosition enum.
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::firstLineBaseline): Adapted to the new ItemPosition enum.
        (WebCore::resolveAlignment): Consider also that align-items could be "auto", since it's the default now.
        (WebCore::RenderFlexibleBox::styleDidChange): Adapted to the new ItemPosition enum.
        (WebCore::RenderFlexibleBox::alignmentForChild): Adapted to the new ItemPosition enum.
        (WebCore::RenderFlexibleBox::needToStretchChild): Adapted to the new ItemPosition enum.
        (WebCore::RenderFlexibleBox::layoutAndPlaceChildren): Adapted to the new ItemPosition enum.
        (WebCore::RenderFlexibleBox::alignChildren): Adapted to the new ItemPosition enum.
        * rendering/RenderFlexibleBox.h:
        * rendering/RenderFullScreen.cpp:
        (WebCore::createFullScreenStyle): Adapted to the new ItemPosition enum.
        * rendering/RenderMenuList.cpp:
        (WebCore::RenderMenuList::adjustInnerStyle): Adapted to the new ItemPosition enum.
        * rendering/mathml/RenderMathMLRoot.cpp:
        (WebCore::RenderMathMLRoot::updateStyle): Adapted to the new ItemPosition enum.
        * rendering/mathml/RenderMathMLScripts.cpp:
        (WebCore::RenderMathMLScripts::fixAnonymousStyleForSubSupPair): Adapted to the new ItemPosition enum.
        (WebCore::RenderMathMLScripts::fixAnonymousStyles): Adapted to the new ItemPosition enum.
        * rendering/style/RenderStyle.h: Adapted to the new ItemPosition enum.
        * rendering/style/RenderStyleConstants.h: Adapted to the new ItemPosition enum.
        * rendering/style/StyleRareNonInheritedData.cpp: Adapted to the new ItemPosition enum.
        (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData): Adapted to the new ItemPosition enum.
        (WebCore::StyleRareNonInheritedData::operator==): Adapted to the new ItemPosition enum.
        * rendering/style/StyleRareNonInheritedData.h: Adapted to the new ItemPosition enum.
        * style/StyleResolveTree.cpp:
        (WebCore::Style::determineChange): Changes in the alignItems property will cause a Detach.

2014-11-17  Shivakumar JM  <shiva.jm@samsung.com>

        Attribute text in HTMLAnchorElement should behave as per specification.
        https://bugs.webkit.org/show_bug.cgi?id=138557

        Reviewed by Darin Adler.

        attribute text in HTMLAnchorElement should not be readonly as per specification
        http://www.w3.org/TR/html/text-level-semantics.html#dom-a-text. It should behave as textContent attribute. 
        Also This matches the behavior of Chrome 38 and FireFox.

        Test: fast/dom/HTMLAnchorElement/anchor-text-attribute.html

        * html/HTMLAnchorElement.cpp:
        (WebCore::HTMLAnchorElement::text):
        (WebCore::HTMLAnchorElement::setText):
        * html/HTMLAnchorElement.h:
        * html/HTMLAnchorElement.idl:

2014-11-17  Chris Dumez  <cdumez@apple.com>

        Throttle timers that change the style of elements outside the viewport
        https://bugs.webkit.org/show_bug.cgi?id=138292

        Reviewed by Antti Koivisto.

        Throttle timers that change the style of elements outside the viewport
        to 1 second, similarly to what was already done for timers interacting
        with non user observable plugins. To be conservative, we don't throttle
        timers that also cause DOM Tree modifications (e.g. adding/removing
        nodes, modify element attributes).

        On huffingtonpost.com, the CPU usage is at ~17% when the top scrolling
        banner is inside the viewport on my machine. Without this patch, CPU
        usage would stay ~17% when the banner is outside the viewport. Thanks
        to timer throttling, CPU usage now goes down to ~1.5%, without user
        observable side effects. The timers get unthrottled when they are
        inside the viewport again (i.e. due to scrolling or layout).

        On espn.com, the CPU usage goes down from ~7% at the top of the page
        to ~1% when scrolling to the bottom of the page. On ebay.com, CPU
        usage goes down from ~25% at the top of the page to less than 1% when
        scrolling to the bottom of the page.

2014-11-17  peavo@outlook.com  <peavo@outlook.com>

        [WinCairo] Compile error, CoreGraphics header file included.
        https://bugs.webkit.org/show_bug.cgi?id=138795

        Reviewed by Brent Fulgham.

        CoreGraphics is not available on WinCairo.

        * platform/graphics/win/FontCacheWin.cpp:

2014-11-17  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r176169.
        https://bugs.webkit.org/show_bug.cgi?id=138797

        Appears to have broken svg/custom/anchor-on-use.svg (Requested
        by ap on #webkit).

        Reverted changeset:

        "Attribute text in HTMLAnchorElement should behave as per
        specification."
        https://bugs.webkit.org/show_bug.cgi?id=138557
        http://trac.webkit.org/changeset/176169

2014-11-17  Daniel Bates  <dabates@apple.com>

        [iOS] AVKit and MediaPlayer SPI are not available in public SDK
        https://bugs.webkit.org/show_bug.cgi?id=138756

        Reviewed by Eric Carlson.

        Add a SPI wrapper headers {AVKit, MPAVRoutingController}SPI.h that forward declares
        AVKit and MPAVRoutingController SPI, respectively, and use these header instead of
        including private headers of AVKit and MediaPlayer directly.

        * WebCore.xcodeproj/project.pbxproj: Add project and private header AVKitSPI.h
        and MPAVRoutingControllerSPI.h, respectively.
        * platform/audio/ios/MediaSessionManagerIOS.mm: Include header MPAVRoutingControllerSPI.h
        instead of including the private header MPAVRoutingController.h.
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm: Include header AVKitSPI.h
        instead of including AVKit headers directly.

2014-11-17  Daniel Bates  <dabates@apple.com>

        Attempt to fix the Mac build after <https://trac.webkit.org/changeset/176204>
        (https://bugs.webkit.org/show_bug.cgi?id=138751)

        Move declaration of CAContext to be before the declaration of CALayer since
        the latter depends on the former.

        * platform/spi/cocoa/QuartzCoreSPI.h:

2014-11-17  Daniel Bates  <dabates@apple.com>

        [iOS] QuartzCore SPI not available in public SDK
        https://bugs.webkit.org/show_bug.cgi?id=138751

        Reviewed by David Kilzer.

        Add a SPI wrapper header called QuartzCoreSPI.h that forward declares
        QuartzCore SPI and use this header instead of including private headers
        of QuartzCore directly.

        * WebCore.xcodeproj/project.pbxproj: Added private header QuartzCoreSPI.h.
        * platform/graphics/ca/mac/PlatformCAFiltersMac.h: Removed; incorporated its
        functionality into QuartzCoreSPI.h.
        * platform/graphics/ca/mac/PlatformCAFiltersMac.mm: Substitute header
        QuartzCoreSPI.h for PlatformCAFiltersMac.h as the content of the latter
        was incorporated into the former.
        * platform/graphics/ca/mac/PlatformCALayerMac.mm: Move CALayer and CATiledLayer
        forward declarations from this file to file QuartzCoreSPI.h and include
        header QuartzCoreSPI.h instead of including CATiledLayerPrivate.h directly. Also
        remove header PlatformCAFiltersMac.h as its content is incorporated into QuartzCoreSPI.h
        * platform/ios/LegacyTileCache.mm: Include headers CoreGraphicsSPI.h and QuartzCoreSPI.h
        instead of including QuartzCore headers directly.
        * platform/ios/LegacyTileGrid.mm: Include header QuartzCoreSPI.h instead
        of including QuartzCore headers directly. Also sort the list of #include directives.
        * platform/ios/LegacyTileGridTile.mm: Include header QuartzCoreSPI.h
        instead of including QuartzCore headers directly.
        * platform/spi/cocoa/QuartzCoreSPI.h: Added.

2014-11-17  Chris Dumez  <cdumez@apple.com>

        Move more CSS properties to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138766

        Reviewed by Darin Adler.

        Move more CSS properties from DeprecatedStyleBuilder to the new
        StyleBuilder:
        line-height
        word-spacing
        -webkit-marquee-repetition
        -webkit-text-underline-position

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::csstoLengthConversionDataWithTextZoomFactor): Deleted.
        (WebCore::ApplyPropertyMarqueeRepetition::applyValue): Deleted.
        (WebCore::ApplyPropertyMarqueeRepetition::createHandler): Deleted.
        (WebCore::ApplyPropertyTextUnderlinePosition::applyValue): Deleted.
        (WebCore::ApplyPropertyTextUnderlinePosition::createHandler): Deleted.
        (WebCore::ApplyPropertyLineHeight::applyValue): Deleted.
        (WebCore::ApplyPropertyLineHeight::createHandler): Deleted.
        (WebCore::ApplyPropertyLineHeightForIOSTextAutosizing::applyValue): Deleted.
        (WebCore::ApplyPropertyLineHeightForIOSTextAutosizing::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyLineHeightForIOSTextAutosizing::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyLineHeightForIOSTextAutosizing::createHandler): Deleted.
        (WebCore::ApplyPropertyWordSpacing::applyValue): Deleted.
        (WebCore::ApplyPropertyWordSpacing::createHandler): Deleted.
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertMarqueeRepetition):
        (WebCore::StyleBuilderConverter::convertTextUnderlinePosition):
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderFunctions::csstoLengthConversionDataWithTextZoomFactor):
        (WebCore::StyleBuilderFunctions::convertLineHeight):
        (WebCore::StyleBuilderFunctions::applyValueWordSpacing):
        (WebCore::StyleBuilderFunctions::applyInheritLineHeight):
        (WebCore::StyleBuilderFunctions::applyInitialLineHeight):
        (WebCore::StyleBuilderFunctions::applyValueLineHeight):

2014-11-16  Andreas Kling  <akling@apple.com>

        Avoid synchronous style recalc when mutating a Node inside FrameSelection.
        <https://webkit.org/b/138791>

        Reviewed by Antti Koivisto.

        We can safely clear the RenderView's selection without doing a synchronous
        style recalc first.

        This is a small progression on Speedometer locally.

        * editing/FrameSelection.cpp:
        (WebCore::DragCaretController::nodeWillBeRemoved):
        (WebCore::FrameSelection::respondToNodeModification):
        (WebCore::clearRenderViewSelection): Deleted.

            Merged clearRenderViewSelection() into the call sites and removed
            the now-unnecessary protection of the Document.

2014-11-17  Eric Carlson  <eric.carlson@apple.com>

        [iOS] allow host application to opt-out of alternate fullscreen
        https://bugs.webkit.org/show_bug.cgi?id=138787

        Reviewed by Darin Adler.

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::optimizedFullscreenSupported): Check mediaSession().allowsAlternateFullscreen.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::enterFullscreenOptimized): Do nothing if
            mediaSession().allowsAlternateFullscreen says it isn't allowed.

        * html/HTMLMediaSession.cpp:
        (WebCore::HTMLMediaSession::allowsAlternateFullscreen): New, check settings.
        * html/HTMLMediaSession.h:

        * page/Settings.cpp: Add allowsAlternateFullscreen.
        * page/Settings.in: Ditto.

2014-11-16  Zan Dobersek  <zdobersek@igalia.com>

        Replace RenderSVGResource::cast<T>() with downcast<T>()
        https://bugs.webkit.org/show_bug.cgi?id=138290

        Reviewed by Chris Dumez.

        Add type traits for the RenderSVGResource hierarchy. This enables
        using the typecasting framework in getRenderSVGResourceById() that
        in return renders the RenderSVGResource::cast<>() template and all
        the static s_resourceType member variables in the hierarchy removable.

        * WebCore.order:
        * rendering/svg/RenderSVGResource.h:
        (WebCore::RenderSVGResource::cast): Deleted.
        * rendering/svg/RenderSVGResourceClipper.h:
        * rendering/svg/RenderSVGResourceContainer.h:
        (WebCore::getRenderSVGResourceById):
        * rendering/svg/RenderSVGResourceFilter.h:
        (isType):
        * rendering/svg/RenderSVGResourceLinearGradient.h:
        * rendering/svg/RenderSVGResourceMarker.h:
        * rendering/svg/RenderSVGResourceMasker.h:
        * rendering/svg/RenderSVGResourcePattern.h:
        * rendering/svg/RenderSVGResourceRadialGradient.h:
        * rendering/svg/RenderSVGResourceSolidColor.h:

2014-11-16  Benjamin Poulain  <benjamin@webkit.org>

        Implement :valid and :invalid matching for the fieldset element
        https://bugs.webkit.org/show_bug.cgi?id=138769

        Reviewed by Darin Adler.

        In the latest HTML spec, the pseudo classes :valid and :invalid match
        a fieldset element based on its descendants:
            https://html.spec.whatwg.org/#selector-valid
            https://html.spec.whatwg.org/#selector-invalid

        This patch adds that behavior.

        There are two key problems to solve with these pseudo classes on fieldset:
        -Efficient matching.
        -Style invalidation when any of the descendant changes.

        To implement the style invalidation, I have modified HTMLFormControlElement
        to notify its ancestor when its state changes.

        The first change is making the state fully internal to HTMLFormControlElement,
        we do not want subclass to be able to change the behavior and forget to update
        the ancestors.

        To achieve that encapsulation, the interface was changed a bit:
        -Neither willValidate() nor isValidFormControlElement() inherit from Element.
         Instead, willValidate() is the implementation of FormAssociatedElement's interface
         and it is final. The method isValidFormControlElement() becomes completely internal
         to HTMLFormControlElement.
        -Since willValidate() should no longer be re-implemented by subclass, the elements
         that were depending on it have been migrated to recalcWillValidate() to set
         the initial state as needed.

        With the validity state fully encapsulated in HTMLFormControlElement, all I need
        is a way to communicate that information to HTMLFieldSetElement ancestors.
        This is done in two cases:
        -The validity state changes.
        -The tree changes in a way that would make the input element not a descendant
         of a HTMLFieldSetElement.

        The invalidation is simply done by walking up the ancestors and adding the current
        element to a "validity dependency list" on each HTMLFieldSetElement.

        Tests: fast/css/pseudo-invalid-fieldset-invalidation-optimization.html
               fast/css/pseudo-invalid-fieldset-style-sharing.html
               fast/css/pseudo-invalid-fieldset.html
               fast/css/pseudo-valid-fieldset-invalidation-optimization.html
               fast/css/pseudo-valid-fieldset-style-sharing.html
               fast/css/pseudo-valid-fieldset.html
               fast/selectors/invalid-fieldset-style-update-1.html
               fast/selectors/invalid-fieldset-style-update-2.html
               fast/selectors/invalid-fieldset-style-update-3.html
               fast/selectors/invalid-fieldset-style-update-4.html
               fast/selectors/invalid-fieldset-style-update-5.html
               fast/selectors/valid-fieldset-style-update-1.html
               fast/selectors/valid-fieldset-style-update-2.html
               fast/selectors/valid-fieldset-style-update-3.html
               fast/selectors/valid-fieldset-style-update-4.html
               fast/selectors/valid-fieldset-style-update-5.html

        * css/SelectorCheckerTestFunctions.h:
        (WebCore::isInRange):
        (WebCore::isOutOfRange):
        (WebCore::isInvalid):
        (WebCore::isValid):
        The hack "ContainsValidityStyleRules" is in the way of correct styling
        of FieldSet and Form.
        It is not the right way to get stylesheet properties anyway.

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::canShareStyleWithControl):
        Make sure style sharing does not incorrectly share style for fieldset elements.

        * dom/Document.cpp:
        (WebCore::Document::Document):
        * dom/Document.h:
        (WebCore::Document::containsValidityStyleRules): Deleted.
        (WebCore::Document::setContainsValidityStyleRules): Deleted.
        * dom/Element.h:
        (WebCore::Element::matchesValidPseudoClass):
        (WebCore::Element::matchesInvalidPseudoClass):
        (WebCore::Element::willValidate): Deleted.
        (WebCore::Element::isValidFormControlElement): Deleted.
        * html/FormAssociatedElement.cpp:
        (WebCore::FormAssociatedElement::customError):
        * html/FormAssociatedElement.h:

        * html/HTMLFieldSetElement.cpp:
        (WebCore::HTMLFieldSetElement::matchesValidPseudoClass):
        (WebCore::HTMLFieldSetElement::matchesInvalidPseudoClass):
        (WebCore::HTMLFieldSetElement::addInvalidDescendant):
        (WebCore::HTMLFieldSetElement::removeInvalidDescendant):
        Each HTMLFormControlElement that has constraint validation adds or removes
        itself from its HTMLFieldSetElement ancestors.

        It should be possible to just keep track of a count instead of a HashSet.
        I decided to got with the HashSet to make the code more robust and easier
        to debug. A few assertions ensure that the HashSet is actually used as a counter.

        * html/HTMLFieldSetElement.h:
        * html/HTMLFormControlElement.cpp:
        (WebCore::addInvalidElementToAncestorFromInsertionPoint):
        (WebCore::removeInvalidElementToAncestorFromInsertionPoint):

        (WebCore::HTMLFormControlElement::insertedInto):
        (WebCore::HTMLFormControlElement::removedFrom):
        One tricky part of those two functions is that we cannot use
        matchesValidPseudoClass() or matchesInvalidPseudoClass().

        The reason is that HTMLFieldSetElement is a subclass of HTMLFormControlElement
        and it has its own definition of what Valid and Invalid mean when matching selectors.

        In HTMLFormControlElement, we must use the internal state,
        willValidate() and isValidFormControlElement() must be used directly.

        (WebCore::HTMLFormControlElement::matchesValidPseudoClass):
        (WebCore::HTMLFormControlElement::matchesInvalidPseudoClass):
        (WebCore::HTMLFormControlElement::willValidate):
        (WebCore::addInvalidElementToAncestors):
        (WebCore::removeInvalidElementFromAncestors):
        (WebCore::HTMLFormControlElement::setNeedsWillValidateCheck):
        (WebCore::HTMLFormControlElement::setNeedsValidityCheck):
        (WebCore::HTMLFormControlElement::isValidFormControlElement): Deleted.
        * html/HTMLFormControlElement.h:
        (WebCore::HTMLFormControlElement::isValidFormControlElement):
        * html/HTMLKeygenElement.h:
        * html/HTMLObjectElement.h:
        * html/HTMLOutputElement.h:

2014-11-16  Zan Dobersek  <zdobersek@igalia.com>

        [TexMap] Add typecasting support for GraphicsLayerTextureMapper
        https://bugs.webkit.org/show_bug.cgi?id=138741

        Reviewed by Martin Robinson.

        Add type traits for the GraphicsLayerTextureMapper class.
        This enables using typecasting functions instead of
        toGraphicsLayerTextureMapper().

        Remove toTextureMapperLayer() casting function which actually
        returned the TextureMapperLayer object that belonged to the
        passed-in GraphicsLayerTextureMapper. Instead, the GraphicsLayer
        object is now downcasted and the TextureMapperLayer is accessed
        by calling the GraphicsLayerTextureMapper::layer() method.

        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::isGraphicsLayerTextureMapper):
        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::toTextureMapperLayerVector):
        (WebCore::GraphicsLayerTextureMapper::commitLayerChanges):
        (WebCore::toTextureMapperLayer): Deleted.
        * platform/graphics/texmap/GraphicsLayerTextureMapper.h:
        (WebCore::toGraphicsLayerTextureMapper): Deleted.

2014-11-16  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Move WebCore/loader to std::unique_ptr
        https://bugs.webkit.org/show_bug.cgi?id=138646

        Reviewed by Chris Dumez.

        Replace OwnPtr with std::unique_ptr<> and std::make_unique<>.
        However this patch leaves ResourceRequest::adopt() because this need
        to be handled by different patch.

        No new tests, no behavior changes.

        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):
        (WebCore::DocumentThreadableLoader::preflightSuccess):
        * loader/DocumentThreadableLoader.h:
        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::SubresourceLoader):
        (WebCore::SubresourceLoader::didReceiveResponse):
        (WebCore::SubresourceLoader::notifyDone):
        * loader/SubresourceLoader.h:
        * loader/TextTrackLoader.h:
        * loader/appcache/ApplicationCacheHost.h:
        * loader/appcache/ApplicationCacheStorage.cpp:
        (WebCore::ApplicationCacheStorage::storeCopyOfCache):
        * loader/archive/cf/LegacyWebArchive.cpp:
        (WebCore::LegacyWebArchive::create):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestPreload):
        (WebCore::CachedResourceLoader::clearPreloads):
        (WebCore::CachedResourceLoader::printPreloadStats):
        * loader/cache/CachedResourceLoader.h:
        * loader/icon/IconDatabase.cpp:
        (WebCore::IconDatabase::deleteAllPreparedStatements):
        (WebCore::readySQLiteStatement):
        * loader/icon/IconDatabase.h:
        * loader/icon/IconRecord.h:

2014-11-16  Chris Dumez  <cdumez@apple.com>

        Crash when setting 'order' CSS property to a calculated value
        https://bugs.webkit.org/show_bug.cgi?id=138780

        Reviewed by Darin Adler.

        CSS Calculated values were not handled by the CSS parser for 'order'
        CSS property. As a result, using calculated values wouldn't work in
        release builds and would hit an assertion in debug builds.

        This patch updates the CSS parser to directly convert the
        CSS Calculated value into a simple integer CSSPrimitiveValue for
        'order' property. We could have marked CSS Calculated values as
        valid in the CSS Parser instead but this would have brought issues:
        - The calculated value needs to be adjusted to INT_MIN + 2 if it is less
          than that. This would force us to calculate the expression anyway.
        - The StyleBuilder would need updating to properly handle CSS Calculated
          values for 'order'.

        Test: fast/css/order-calculated-value.html

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue):

2014-11-16  Chris Dumez  <cdumez@apple.com>

        Assertion hit when setting a very large value to 'border-width' / 'font-size' CSS properties
        https://bugs.webkit.org/show_bug.cgi?id=138770

        Reviewed by Darin Adler.

        When setting a very large value to a CSS property, it is represented internally as
        infinity. r166114 already tried to deal with this by adding an std::isinf() check
        in CSSValuePool::createValue() and returning an identifier CSSPrimitiveValue with
        CSSValueInvalid value in such case. The issue is that doing leads to the
        StyleBuilder getting a CSSValueInvalid CSSPrimitive value as input, which is not
        handled and leads to assertions.

        This patch updates the CSSParser to detect cases where the double value is
        infinity earlier (in CSSParser::validUnit() and parseSimpleLengthValue()), so
        that we mark the value as invalid and actually drop it. As a result,
        CSSPrimitiveValues with CSSValueInvalid value no longer make their way to the
        StyleBuilder.

        Test: fast/css/style-builder-infinite-value.html
              fast/css/infinite-floating-value.html

        * css/CSSParser.cpp:
        (WebCore::parseSimpleLengthValue):
        (WebCore::CSSParser::validUnit):
        * css/CSSValuePool.cpp:
        (WebCore::CSSValuePool::createValue):

2014-11-16  Shivakumar JM  <shiva.jm@samsung.com>

        Attribute text in HTMLAnchorElement should behave as per specification.
        https://bugs.webkit.org/show_bug.cgi?id=138557

        Reviewed by Darin Adler.

        attribute text in HTMLAnchorElement should not be readonly as per specification
        http://www.w3.org/TR/html/text-level-semantics.html#dom-a-text. It should behave as textContent attribute. 
        Also This matches the behavior of Chrome 38 and FireFox.

        Test: fast/dom/HTMLAnchorElement/anchor-text-attribute.html

        * html/HTMLAnchorElement.cpp:
        (WebCore::HTMLAnchorElement::text):
        (WebCore::HTMLAnchorElement::setText):
        * html/HTMLAnchorElement.h:
        * html/HTMLAnchorElement.idl:

2014-11-16  Chris Dumez  <cdumez@apple.com>

        Move 'vertical-align' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138764

        Reviewed by Darin Adler.

        Move 'vertical-align' CSS property from DeprecatedStyleBuilder to the
        new StyleBuilder by using custom code.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyVerticalAlign::applyValue): Deleted.
        (WebCore::ApplyPropertyVerticalAlign::createHandler): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderFunctions::applyValueVerticalAlign):

2014-11-16  Tim Horton  <timothy_horton@apple.com>

        Use TextIndicator instead of the built in Lookup highlight
        https://bugs.webkit.org/show_bug.cgi?id=138775
        <rdar://problem/18953982>

        Follow-up to r176164.

        * platform/spi/mac/LookupSPI.h:
        (WebCore::canDisableLookupIndicator): Deleted.
        Remove canDisableLookupIndicator.

2014-11-16  Chris Dumez  <cdumez@apple.com>

        Crash when setting '-webkit-line-clamp' CSS property to a calculated value
        https://bugs.webkit.org/show_bug.cgi?id=138777

        Reviewed by Benjamin Poulain.

        CSS Calculated values were not handled when converting a CSSPrimitiveValue
        to a LineClampValue. As a result, we would hit an ASSERT_NOT_REACHED()
        assertion. To address this issue, this patch updates the code to use
        primitiveType() / getValue<>() instead of m_primitiveUnitType /
        m_value.num, as those getter function properly handle CSS Calculated
        values.

        Test: fast/css/webkit-line-clamp-calculated-value.html

        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::operator LineClampValue):

2014-11-16  Tim Horton  <timothy_horton@apple.com>

        Use TextIndicator instead of the built in Lookup highlight
        https://bugs.webkit.org/show_bug.cgi?id=138775
        <rdar://problem/18953982>

        Reviewed by Anders Carlsson.

        * WebCore.exp.in:
        * platform/mac/WebCoreSystemInterface.h:
        * platform/mac/WebCoreSystemInterface.mm:
        Remove a WKSI import/export that we don't need anymore.
        
        * platform/spi/mac/LookupSPI.h: Added.
        (WebCore::canDisableLookupIndicator):
        Add Lookup SPI header.
        Add a 'canDisableLookupIndicator', which must be called in any translation
        unit that wants to use either of the soft-linked constants related to
        that functionality, before calling the get* function.

        * WebCore.xcodeproj/project.pbxproj:
        * editing/mac/DictionaryLookup.mm:
        (WebCore::rangeForDictionaryLookupForSelection):
        (WebCore::rangeForDictionaryLookupAtHitTestResult):
        Adopt the Lookup SPI header.

2014-11-16  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] REGRESSION(r166288): Accessible values are no longer accessible via AT-SPI2
        https://bugs.webkit.org/show_bug.cgi?id=138776

        Reviewed by Chris Fleizach.

        r166288 used #if...#else instead of #if...#endif, thus disabling the old
        AtkValue support. Unfortunately AT-SPI2 doesn't yet have support for the
        new AtkValue API. Thus r166288 broke access to value-holding elements for
        AT-SPI2 assistive technologies. Replacing #else with #endif fixes things.

        No new tests because catching this regression would require AT-SPI2.

        * accessibility/atk/WebKitAccessibleInterfaceValue.cpp:
        (webkitAccessibleValueGetMinimumIncrement):
        (webkitAccessibleValueInterfaceInit):

2014-11-16  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] Expose the blockquote element using ATK_ROLE_BLOCK_QUOTE
        https://bugs.webkit.org/show_bug.cgi?id=138771

        Reviewed by Chris Fleizach.

        Add BlockquoteRole and assigns it to blockquote elements. Make
        corresponding changes to platform role mappings: ATK_ROLE_BLOCK_QUOTE
        for GTK and EFL; AXGroup (which was being used already) for the Mac.

        No new tests are required. Instead, updated the existing expectations
        to reflect the new mapping.

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::determineAccessibilityRole):
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::isBlockquote):
        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (createAccessibilityRoleMap):

2014-11-16  Chris Dumez  <cdumez@apple.com>

        Crash when setting 'alt' CSS property to inherit or initial
        https://bugs.webkit.org/show_bug.cgi?id=138774
        <rdar://problem/18995409>

        Reviewed by Chris Fleizach.

        The StyleResolver was not handling 'inherit' or 'initial' values for
        'alt' CSS property. As a result, the code was assuming the CSSValue
        was a CSSPrimitiveValue (although it could be a CSSInitialValue or
        a CSSInheritValue). In such case, the code would dereference a null
        pointer because primitiveValue is initialized using:
        CSSPrimitiveValue* primitiveValue = is<CSSPrimitiveValue>(*value)
            ? downcast<CSSPrimitiveValue>(value)
            : nullptr;

        Test: fast/css/alt-inherit-initial.html

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):

2014-11-15  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] Lists with selectable children should have ATK_ROLE_LIST_BOX
        https://bugs.webkit.org/show_bug.cgi?id=127060

        Reviewed by Chris Fleizach.

        Corrected the mapping from ATK_ROLE_LIST to ATK_ROLE_LIST_BOX.

        No new tests. Instead, updated the expectations of roles-exposed.html to
        reflect the corrected mapping.

        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):

2014-11-15  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] Video and audio elements should be exposed using ATK's video and audio roles.
        https://bugs.webkit.org/show_bug.cgi?id=138767

        Reviewed by Chris Fleizach.

        Map AudioRole and VideoRole to ATK_ROLE_AUDIO and ATK_ROLE_VIDEO
        respectively, falling back on the existing mapping to ATK_ROLE_EMBEDDED
        in environments which have an older version of ATK.

        No new tests are required. Instead, existing expectations were updated
        to reflect the new mapping.

        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):

2014-11-15  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] Expose the footer element as ATK_ROLE_FOOTER
        https://bugs.webkit.org/show_bug.cgi?id=138773

        Reviewed by Chris Fleizach.

        Map FooterRole to ATK_ROLE_FOOTER.

        No new tests. Unskipped a test that verifies this mapping.

        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):

2014-11-14  Dean Jackson  <dino@apple.com>

        Rename WebKitCSSKeyframe(s)Rule into CSSKeyframe(s)Rule
        https://bugs.webkit.org/show_bug.cgi?id=138763
        <rdar://problem/18991569>

        Reviewed by Simon Fraser.

        Globally rename WebKitCSSKeyframeRule and WebKitCSSKeyframesRule to
        CSSKeyframeRule and CSSKeyframesRule respectively.

        This *may* break some existing content, but is compatible with
        what Blink and Firefox are doing. To minimize breakage, I kept an
        alias for the old constant values on CSSRule: WEBKIT_KEYFRAMES_RULE
        and WEBKIT_KEYFRAME_RULE.

        Covered by existing tests.

        * CMakeLists.txt:
        * DerivedSources.cpp:
        * DerivedSources.make:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSCSSRuleCustom.cpp:
        (WebCore::toJS):
        * bindings/objc/DOMCSS.mm:
        (kitClass):
        * css/CSSGrammar.y.includes:
        * css/CSSKeyframeRule.cpp: Renamed from Source/WebCore/css/WebKitCSSKeyframeRule.cpp.
        (WebCore::StyleKeyframe::StyleKeyframe):
        (WebCore::StyleKeyframe::~StyleKeyframe):
        (WebCore::StyleKeyframe::mutableProperties):
        (WebCore::StyleKeyframe::parseKeyString):
        (WebCore::StyleKeyframe::cssText):
        (WebCore::CSSKeyframeRule::CSSKeyframeRule):
        (WebCore::CSSKeyframeRule::~CSSKeyframeRule):
        (WebCore::CSSKeyframeRule::style):
        (WebCore::CSSKeyframeRule::reattach):
        * css/CSSKeyframeRule.h: Renamed from Source/WebCore/css/WebKitCSSKeyframeRule.h.
        (WebCore::StyleKeyframe::create):
        (WebCore::StyleKeyframe::keyText):
        (WebCore::StyleKeyframe::setKeyText):
        (WebCore::StyleKeyframe::getKeys):
        (WebCore::StyleKeyframe::properties):
        * css/CSSKeyframeRule.idl: Renamed from Source/WebCore/css/WebKitCSSKeyframeRule.idl.
        * css/CSSKeyframesRule.cpp: Renamed from Source/WebCore/css/WebKitCSSKeyframesRule.cpp.
        (WebCore::StyleRuleKeyframes::StyleRuleKeyframes):
        (WebCore::StyleRuleKeyframes::~StyleRuleKeyframes):
        (WebCore::StyleRuleKeyframes::parserAppendKeyframe):
        (WebCore::StyleRuleKeyframes::wrapperAppendKeyframe):
        (WebCore::StyleRuleKeyframes::wrapperRemoveKeyframe):
        (WebCore::StyleRuleKeyframes::findKeyframeIndex):
        (WebCore::CSSKeyframesRule::CSSKeyframesRule):
        (WebCore::CSSKeyframesRule::~CSSKeyframesRule):
        (WebCore::CSSKeyframesRule::setName):
        (WebCore::CSSKeyframesRule::appendRule):
        (WebCore::CSSKeyframesRule::insertRule):
        (WebCore::CSSKeyframesRule::deleteRule):
        (WebCore::CSSKeyframesRule::findRule):
        (WebCore::CSSKeyframesRule::cssText):
        (WebCore::CSSKeyframesRule::length):
        (WebCore::CSSKeyframesRule::item):
        (WebCore::CSSKeyframesRule::cssRules):
        (WebCore::CSSKeyframesRule::reattach):
        * css/CSSKeyframesRule.h: Renamed from Source/WebCore/css/WebKitCSSKeyframesRule.h.
        (WebCore::StyleRuleKeyframes::create):
        (WebCore::StyleRuleKeyframes::keyframes):
        (WebCore::StyleRuleKeyframes::name):
        (WebCore::StyleRuleKeyframes::setName):
        (WebCore::StyleRuleKeyframes::copy):
        * css/CSSKeyframesRule.idl: Renamed from Source/WebCore/css/WebKitCSSKeyframesRule.idl.
        * css/CSSParser.cpp:
        * css/CSSRule.h:
        * css/CSSRule.idl:
        * css/CSSStyleSheet.cpp:
        * css/RuleSet.cpp:
        * css/StyleResolver.cpp:
        * css/StyleRule.cpp:
        (WebCore::StyleRuleBase::createCSSOMWrapper):
        * inspector/InspectorStyleSheet.cpp:
        (WebCore::asCSSRuleList):

2014-11-15  David Kilzer  <ddkilzer@apple.com>

        REGRESSION (r176137): iOS build broke after moving DataDetectors scanning code to WebCore

        This regressed with the following commit:

            Move DataDetectors scanning code to WebCore
            https://bugs.webkit.org/show_bug.cgi?id=138731
            <rdar://problem/18877535>

        This fixes the following build failures:

            In file included from WebCore/editing/mac/DataDetection.mm:29:
            WebCore/platform/spi/mac/DataDetectorsSPI.h:66:11: error: unknown type name 'NSRect'
            @property NSRect highlightFrame;
                      ^
            WebCore/editing/mac/DataDetection.mm:42:28: error: use of undeclared identifier 'DataDetection'
            RetainPtr<DDActionContext> DataDetection::detectItemAroundHitTestResult(const HitTestResult& hitTestResult, FloatRect& detectedDataBoundingBox, RefPtr<Range>& detectedDataRange)
                                       ^
            2 errors generated.

        * WebCore.exp.in:
        (DataDetection::detectItemAroundHitTestResult): Move symbol from
        shared section to Mac-only section.
        * editing/mac/DataDetection.mm: Add PLATFORM(MAC) check around
        the entire implementation since it it unused on iOS.
        * platform/spi/mac/DataDetectorsSPI.h: Expand PLATFORM(MAC)
        check around DDActionContext class declarations.

2014-11-14  Benjamin Poulain  <benjamin@webkit.org>

        Compute the selector specificity as we match simple selectors
        https://bugs.webkit.org/show_bug.cgi?id=138718

        Reviewed by Andreas Kling.

        This is an other tiny step toward dynamic specificity. Instead of computing
        the entire specificity at the end, compute it dynamically as we are matching
        each individual simple selector.

        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::specificity):
        (WebCore::CSSSelector::simpleSelectorSpecificity):
        (WebCore::CSSSelector::addSpecificities):
        (WebCore::CSSSelector::specificityForPage):
        (WebCore::CSSSelector::specificityForOneSelector): Deleted.
        * css/CSSSelector.h:
        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::match):
        (WebCore::SelectorChecker::matchRecursively):
        (WebCore::SelectorChecker::checkOne):
        (WebCore::SelectorChecker::matchSelectorList):
        * css/SelectorChecker.h:

2014-11-14  Andreas Kling  <akling@apple.com>

        [mac] Only images that are actually purgeable should be advertised as such.
        <https://webkit.org/b/138759>
        <rdar://problem/13205438>

        Reviewed by Tim Horton.

        Instead of saying that all images on >=Yosemite are purgeable, have BitmapImage
        forward the question to CGImage for the correct answer.

        The memory may be marked non-volatile by frameworks underneath WebKit at any
        given time, but that's not something we need to worry about.

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::decodedDataIsPurgeable):
        * platform/graphics/BitmapImage.h:
        * platform/graphics/cg/BitmapImageCG.cpp:
        (WebCore::BitmapImage::decodedDataIsPurgeable):
        * platform/graphics/cg/ImageSourceCG.cpp:
        (WebCore::ImageSource::createFrameAtIndex):
        * platform/spi/cg/CoreGraphicsSPI.h:

2014-11-14  Zalan Bujtas  <zalan@apple.com>

        Remove computeTextPaintStyle's RenderText dependency.
        https://bugs.webkit.org/show_bug.cgi?id=138754

        Reviewed by Simon Fraser.

        So that we can compute text paint style across renderers in simple line layout.

        No change in functionality.

        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::paint):
        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::paintFlow):
        * rendering/TextPaintStyle.cpp:
        (WebCore::computeTextPaintStyle):
        * rendering/TextPaintStyle.h:

2014-11-14  Myles C. Maxfield  <mmaxfield@apple.com>

        Get rid of WebFontCache
        https://bugs.webkit.org/show_bug.cgi?id=134752

        Reviewed by Dave Hyatt.

        No new tests because there is no behavior change.

        * Configurations/WebCore.xcconfig:
        * PlatformMac.cmake:
        * WebCore.exp.in:
        * WebCore.order:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::acceptableChoice):
        (WebCore::betterChoice):
        (WebCore::toTraitsMask):
        (WebCore::desiredFamilyToAvailableFamilyDictionary):
        (WebCore::rememberDesiredFamilyToAvailableFamilyMapping):
        (WebCore::fontWithFamily):
        (WebCore::invalidateFontCache):
        (WebCore::FontCache::getTraitsInFamily):
        (WebCore::FontCache::createFontPlatformData):
        * platform/mac/WebFontCache.h: Removed.
        * platform/mac/WebFontCache.mm: Removed.

2014-11-14  Daniel Bates  <dabates@apple.com>

        [iOS] NSFileManager and QuickLook SPI not available in public SDK
        https://bugs.webkit.org/show_bug.cgi?id=138742

        Reviewed by Pratik Solanki.

        Add a SPI wrapper headers {NSFileManager, QuickLook}SPI.h that forward declares
        NSFileManager and QuickLook SPI, respectively, and use these header instead of
        including private headers of Foundation and QuickLook directly.

        * WebCore.xcodeproj/project.pbxproj: Add project and private header QuickLookSPI.h
        and NSFileManagerSPI.h, respectively.
        * platform/network/ios/QuickLook.mm: Include headers QuickLookSPI.h and NSFileManagerSPI.h
        instead of including headers of QuickLook and Foundation directly. 
        * platform/spi/cocoa/NSFileManagerSPI.h: Added.
        * platform/spi/ios/QuickLookSPI.h: Added.

2014-11-14  Daniel Bates  <dabates@apple.com>

        [iOS] CoreGraphics SPI not available in public SDK
        https://bugs.webkit.org/show_bug.cgi?id=138709

        Reviewed by David Kilzer.

        Add a SPI wrapper header called CoreGraphicsSPI.h that forward declares
        CoreGraphics SPI and use this header instead of including private headers
        of CoreGraphics directly.

        * WebCore.xcodeproj/project.pbxproj: Add WebCore private header CoreGraphicsSPI.h. Also remove header
        CGFontUnicodeSupportSPI.h as its functionality has been incorporated into header CoreGraphicsSPI.h.
        * WebCore.vcxproj/WebCore.vcxproj: Add WebCore private header CoreGraphicsSPI.h.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Add directories platform/spi and platform/spi/cg.
        * WebCore.vcxproj/WebCoreCG.props: Add include directory platform/spi/cg.
        * WebCore.vcxproj/copyForwardingHeaders.cmd: Copy WebCore headers from directory platform/spi/cg. This
        is necessary because WebCore/platform/graphics/SimpleFontData.h includes CoreGraphicsSPI.h. And
        WebCore/platform/graphics/SimpleFontData.h is compiled for the Apple Windows port.
        * platform/graphics/SimpleFontData.h: Move CGFontRenderingStyle declaration and associated enum
        from this file to file CoreGraphicsSPI.h and include header CoreGraphicsSPI.h. 
        * platform/graphics/cg/BitmapImageCG.cpp: Remove unnecessary #include of header CGContextPrivate.h.
        * platform/graphics/cg/ColorCG.cpp: Include header CoreGraphicsSPI.h instead of including headers
        of CoreGraphics directly.
        * platform/graphics/cg/GraphicsContextCG.cpp: Move forward declarations of CoreGraphics functions
        from this file to file CoreGraphicsSPI.h and include header CoreGraphicsSPI.h. Also sort the list
        of #include directives.
        * platform/graphics/cg/ImageSourceCG.cpp: Include header CoreGraphicsSPI.h instead of including
        headers of CoreGraphics directly.
        * platform/graphics/cg/PDFDocumentImage.cpp: Ditto.
        * platform/graphics/cocoa/FontPlatformDataCocoa.mm: Ditto.
        * platform/graphics/ios/FontCacheIOS.mm: Include header CoreGraphicsSPI.h instead of including
        header <CoreGraphics/CGFontUnicodeSupport.h> directly.
        * platform/graphics/ios/FontServicesIOS.mm: Include header CoreGraphicsSPI.h instead of including
        headers of CoreGraphics directly.
        * platform/graphics/ios/SimpleFontDataIOS.mm: Ditto.
        * platform/graphics/mac/FontMac.mm: Move forward declarations of CoreGraphics functions from this
        file to file CoreGraphicsSPI.h and include header CoreGraphicsSPI.h.
        * platform/graphics/mac/GlyphPageTreeNodeMac.cpp: Substitute header CoreGraphicsSPI.h for CGFontUnicodeSupportSPI.h
        and remove #include of headers CGFontUnicodeSupport.h (it will be included by CoreGraphicsSPI.h).
        * platform/graphics/mac/SimpleFontDataMac.mm: Move forward declarations of CoreGraphics functions
        from this file to file CoreGraphicsSPI.h and include header CoreGraphicsSPI.h.
        * platform/ios/LegacyTileGrid.mm: Include header CoreGraphicsSPI.h instead of including headers of
        CoreGraphics directly.
        * platform/ios/wak/WKGraphics.h: Remove #include of header CoreGraphicsPrivate.h and forward declare
        CGFontAntialiasingStyle Additionally, declare WKCompositeOperation as an alias of int and use this
        data type instead of CGCompositeOperation (SPI). This approach lets us keep the definition of
        CGCompositeOperation in file CoreGraphicsSPI.h, where all the other definitions/forward declarations
        of CoreGraphics data types reside, as opposed to defining it in this file.
        * platform/ios/wak/WKGraphics.mm:
        (WKRectFillUsingOperation): Cast data type WKCompositeOperation to CGCompositeOperation and added
        compile-time assert to ensure that the size of WKCompositeOperation is identical to the size of CGCompositeOperation.
        * platform/graphics/cg/ImageSourceCG.cpp: Move CGImageCachingFlags declaration, associated enum, and
        forward declaration of CGImageSetCachingFlags() from this file to file CoreGraphicsSPI.h and include
        header CoreGraphicsSPI.h.
        (WebCore::ImageSource::createFrameAtIndex): Fix incorrect comment.
        * platform/spi/cocoa/CGFontUnicodeSupportSPI.h: Removed; moved its functionality into header CoreGraphicsSPI.h.
        * platform/spi/cg/CoreGraphicsSPI.h: Added.
        (CGFloatMin):
        * rendering/RenderThemeIOS.mm: Substitute header CoreGraphics.h for CGPathPrivate.h as we no longer
        make use of any functionality from CGPathPrivate.h in this file. The functionality we used from
        CGPathPrivate.h, including CGPathAddRoundedRect(), has been moved to the public API header, CGPath.h,
        which is included from header CoreGraphics.h.

2014-11-14  Dean Jackson  <dino@apple.com>

        [Media] Timeline scrubber not updating as the video plays
        https://bugs.webkit.org/show_bug.cgi?id=138717
        <rdar://problem/18957509>

        Reviewed by Jer Noble.

        There is some confusing logic that determines
        whether or not the controls are hidden, and a
        slight error caused timelines to not advance unless
        they were explicitly showing.

        The fix was to be a bit more liberal in deciding
        when the controls are showing, but still cautious
        enough to stop up causing repaints when things
        are hidden.

        Test: media/media-controls-timeline-updates.html

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.controlsAreHidden): We only need
        to check if we're an audio element or explicitly
        hidden.
        (Controller.prototype.showControls): Explicitly call
        updateTime.

2014-11-14  Tim Horton  <timothy_horton@apple.com>

        Move DataDetectors scanning code to WebCore
        https://bugs.webkit.org/show_bug.cgi?id=138731
        <rdar://problem/18877535>

        Reviewed by Anders Carlsson.

        * WebCore.exp.in:
        Export our new function.

        * WebCore.xcodeproj/project.pbxproj:
        Add DataDetection.{mm, h}
        Adjust the project so that editing/mac actually points to editing/mac instead of editing/

        * editing/mac/DictionaryLookup.h:
        * editing/mac/DictionaryLookup.mm:
        Swap to PLATFORM(MAC) instead of !PLATFORM(IOS).
        Move DictionaryLookup.{mm, h} to editing/mac, where they were in the project but not on disk.

        * editing/mac/DataDetection.h: Added.
        * editing/mac/DataDetection.mm: Added.
        (WebCore::DataDetection::detectItemAroundHitTestResult):
        Moved from WebKit2.

2014-11-14  Dan Bernstein  <mitz@apple.com>

        <rdar://problem/18978497> Wrong (off-by-1) navigation snapshots shown after a mix of gesture and button back/forward navigation
        https://bugs.webkit.org/show_bug.cgi?id=138753

        Reviewed by Tim Horton.

        Removed a FrameLoaderClient function that no one overrides anymore.

        * loader/FrameLoaderClient.h:
        (WebCore::FrameLoaderClient::willChangeCurrentHistoryItem): Deleted.
        * loader/HistoryController.cpp:
        (WebCore::HistoryController::setCurrentItem): Removed call to willChangeCurrentHistoryItem.
        (WebCore::HistoryController::replaceCurrentItem): Ditto.

2014-11-14  Jeremy Jones  <jeremyj@apple.com>

        Do proper teardown for optimized fullscreen
        https://bugs.webkit.org/show_bug.cgi?id=138648

        Reviewed by Eric Carlson.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::invalidate): must do corresponding teardown based on mode.

2014-11-11  David Hyatt  <hyatt@apple.com>

        Table rows repaint entire table when their background color changes.
        https://bugs.webkit.org/show_bug.cgi?id=26662

        Reviewed by Simon Fraser.

        Added fast/repaint/table-row-repaint.html

        * rendering/RenderTableCell.h:
        * rendering/RenderTableRow.cpp:
        (WebCore::RenderTableRow::clippedOverflowRectForRepaint):
        Improve table row's function to unite with the cell rects that can possibly
        have the the row's background color painted behind them.

2014-11-14  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Move simple line layout RunResolver and LineResolver implementation to SimpleLineLayoutResolver.cpp
        https://bugs.webkit.org/show_bug.cgi?id=138704

        Reviewed by Antti Koivisto.

        No change in functionality.

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/SimpleLineLayoutResolver.cpp: Added.
        (WebCore::SimpleLineLayout::RunResolver::Run::Run):
        (WebCore::SimpleLineLayout::RunResolver::Run::rect):
        (WebCore::SimpleLineLayout::RunResolver::Run::baseline):
        (WebCore::SimpleLineLayout::RunResolver::Run::text):
        (WebCore::SimpleLineLayout::RunResolver::Iterator::Iterator):
        (WebCore::SimpleLineLayout::RunResolver::Iterator::advance):
        (WebCore::SimpleLineLayout::RunResolver::Iterator::advanceLines):
        (WebCore::SimpleLineLayout::RunResolver::RunResolver):
        (WebCore::SimpleLineLayout::RunResolver::lineIndexForHeight):
        (WebCore::SimpleLineLayout::RunResolver::rangeForRect):
        (WebCore::SimpleLineLayout::LineResolver::Iterator::Iterator):
        (WebCore::SimpleLineLayout::LineResolver::Iterator::operator*):
        (WebCore::SimpleLineLayout::LineResolver::LineResolver):
        * rendering/SimpleLineLayoutResolver.h:
        (WebCore::SimpleLineLayout::RunResolver::Run::Run): Deleted.
        (WebCore::SimpleLineLayout::RunResolver::Run::rect): Deleted.
        (WebCore::SimpleLineLayout::RunResolver::Run::baseline): Deleted.
        (WebCore::SimpleLineLayout::RunResolver::Run::text): Deleted.
        (WebCore::SimpleLineLayout::RunResolver::Iterator::Iterator): Deleted.
        (WebCore::SimpleLineLayout::RunResolver::Iterator::advance): Deleted.
        (WebCore::SimpleLineLayout::RunResolver::Iterator::advanceLines): Deleted.
        (WebCore::SimpleLineLayout::RunResolver::RunResolver): Deleted.
        (WebCore::SimpleLineLayout::RunResolver::lineIndexForHeight): Deleted.
        (WebCore::SimpleLineLayout::RunResolver::rangeForRect): Deleted.
        (WebCore::SimpleLineLayout::LineResolver::Iterator::Iterator): Deleted.
        (WebCore::SimpleLineLayout::LineResolver::Iterator::operator*): Deleted.
        (WebCore::SimpleLineLayout::LineResolver::LineResolver): Deleted.

2014-11-14  Andrzej Badowski  <a.badowski@samsung.com>

        AX: Improve AccessibilityTableCell isColumnHeaderCell function.
        https://bugs.webkit.org/show_bug.cgi?id=138423

        Reviewed by Chris Fleizach.

        <th> cell in the zero row should be column header.

        New tests are not necessary.

        * accessibility/AccessibilityTableCell.cpp:
        (WebCore::AccessibilityTableCell::isColumnHeaderCell):

2014-11-14  Carlos Garcia Campos  <cgarcia@igalia.com>

        [SOUP] Use GMainLoopSource for request timeout in ResourceHandle
        https://bugs.webkit.org/show_bug.cgi?id=138695

        Reviewed by Sergio Villar Senin.

        We are currently using soup_timeout_add() that simply creates a
        GSource and attaches it to the given context. Using
        GMainLoopSource we simplify the code and fix any potential problem
        of converting the double value into milliseconds.

        * platform/network/ResourceHandleInternal.h:
        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::cleanupSoupRequestOperation):
        (WebCore::ResourceHandle::sendPendingRequest):
        (WebCore::ResourceHandle::platformSetDefersLoading):
        (WebCore::requestTimeoutCallback): Deleted.

2014-11-13  Tim Horton  <timothy_horton@apple.com>

        [mac] Keep around more decoded image data, since it's purgeable
        https://bugs.webkit.org/show_bug.cgi?id=125273
        <rdar://problem/13205438>

        Reviewed by Simon Fraser.

        No new tests, just an optimization.

        Instead of throwing away decoded image data eagerly, allow the operating
        system to manage the memory via the standard purgeability mechanism,
        where it can.

        This improves the performance on some pathological cases (extremely large
        animated GIFs) by up to 8x.

        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::pruneLiveResourcesToSize):
        Don't prune live resources' decoded data if it is purgeable.

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::destroyDecodedDataIfNecessary):
        Don't eagerly throw away decoded image data if it's purgeable.

        * loader/cache/CachedImage.h:
        * loader/cache/CachedResource.h:
        (WebCore::CachedResource::decodedDataIsPurgeable):
        * platform/graphics/BitmapImage.h:
        * platform/graphics/Image.h:
        (WebCore::Image::decodedDataIsPurgeable):

2014-11-13  Myles C. Maxfield  <litherum@gmail.com>

        Addressing post-review comment
        https://bugs.webkit.org/show_bug.cgi?id=138633

        * platform/spi/cg/CoreGraphicsSPI.h:

2014-11-13  Myles C. Maxfield  <mmaxfield@apple.com>

        Move FontMac and FontCacheMac off of WKSI
        https://bugs.webkit.org/show_bug.cgi?id=138633

        Reviewed by Simon Fraser.

        No new tests because there is no behavior change.

        * WebCore.exp.in:
        * WebCore.order:
        * WebCore.vcxproj/WebCoreCG.props:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::FontCache::platformInit):
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::FontCache::platformInit):
        (WebCore::FontCache::systemFallbackForCharacters):
        * platform/graphics/mac/FontMac.mm:
        (WebCore::isIntegral):
        (WebCore::setCGFontRenderingMode):
        (WebCore::Font::drawGlyphs):
        * platform/graphics/mac/GlyphPageTreeNodeMac.cpp:
        * platform/graphics/win/FontCacheWin.cpp:
        (WebCore::FontCache::platformInit):
        * platform/ios/WebCoreSystemInterfaceIOS.mm:
        * platform/mac/WebCoreSystemInterface.h:
        * platform/mac/WebCoreSystemInterface.mm:
        * platform/spi/cocoa/CoreGraphicsSPI.h: Copied from Source/WebCore/platform/spi/cocoa/CGFontUnicodeSupportSPI.h.
        * platform/spi/cocoa/CoreTextSPI.h:
        * platform/spi/mac/NSFontSPI.h: Renamed from Source/WebCore/platform/spi/cocoa/CGFontUnicodeSupportSPI.h.

2014-11-13  Chris Dumez  <cdumez@apple.com>

        Move 'image-resolution' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138715

        Reviewed by Andreas Kling.

        Move 'image-resolution' CSS property from DeprecatedStyleBuilder to
        the new StyleBuilder by using custom code.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyImageResolution::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyImageResolution::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyImageResolution::applyValue): Deleted.
        (WebCore::ApplyPropertyImageResolution::createHandler): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderFunctions::applyInheritImageResolution):
        (WebCore::StyleBuilderFunctions::applyInitialImageResolution):
        (WebCore::StyleBuilderFunctions::applyValueImageResolution):

2014-11-13  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r176106.
        https://bugs.webkit.org/show_bug.cgi?id=138719

        needs build love (Requested by kling on #webkit).

        Reverted changeset:

        "[mac] Keep around more decoded image data, since it's
        purgeable"
        https://bugs.webkit.org/show_bug.cgi?id=125273
        http://trac.webkit.org/changeset/176106

2014-11-13  Eric Carlson  <eric.carlson@apple.com>

        Context menus should not offer the "Download video" option for videos that cannot 
        be downloaded
        https://bugs.webkit.org/show_bug.cgi?id=138530
        -and corresponding-
        rdar://problem/18919130

        Reviewed by Tim Horton.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):
        * html/HTMLMediaElement.h:
        * page/ContextMenuController.cpp:
        (WebCore::ContextMenuController::populate):
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::canSaveMediaData):
        (WebCore::MediaPlayer::supportsSave): Deleted.
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::supportsFullscreen):
        (WebCore::MediaPlayerPrivateInterface::canSaveMediaData):
        (WebCore::MediaPlayerPrivateInterface::supportsSave): Deleted.
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::resolvedURL):
        (WebCore::MediaPlayerPrivateAVFoundation::canSaveMediaData):
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::resolvedURL):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::canSaveMediaData):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::canSaveMediaData):
        * rendering/HitTestResult.cpp:
        (WebCore::HitTestResult::isDownloadableMedia):

2014-11-02  Tim Horton  <timothy_horton@apple.com>

        [mac] Keep around more decoded image data, since it's purgeable
        <https://webkit.org/b/125273>
        <rdar://problem/13205438>

        Reviewed by Simon Fraser and Andreas Kling.

        No new tests, just an optimization.

        Instead of throwing away decoded image data eagerly, allow the operating
        system to manage the memory via the standard purgeability mechanism,
        where it can.

        This improves the performance on some pathological cases (extremely large
        animated GIFs) by up to 8x.

        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::pruneLiveResourcesToSize):
        Don't prune live resources' decoded data if it is purgeable.

        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::destroyDecodedDataIfNecessary):
        Don't eagerly throw away decoded image data if it's purgeable.

        * loader/cache/CachedImage.h:
        * loader/cache/CachedResource.h:
        (WebCore::CachedResource::decodedDataIsPurgeable):
        * platform/graphics/BitmapImage.h:
        * platform/graphics/Image.h:
        (WebCore::Image::decodedDataIsPurgeable):

2014-11-13  Daniel Bates  <dabates@apple.com>

        [iOS] NSGeometry data types are not available in the public SDK
        https://bugs.webkit.org/show_bug.cgi?id=137536

        Reviewed by David Kilzer.

        Towards building iOS WebKit with the public iOS SDK, define NSGeometry
        data types and functions in terms of CGGeometry data types and functions
        because the former is SPI on iOS.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: Include
        header WAKAppKitStubs.h when building for iOS. Otherwise, include header NSGeometry.h.
        * platform/graphics/ca/mac/PlatformCALayerMac.mm: Remove import of private header NSGeometry.h.
        We will use the NSGeometry data types defined in WAKAppKitStubs.h, which is implicitly imported
        by header WAKWindow.h.
        * platform/graphics/mac/MediaPlayerProxy.h: Substitute WAKAppKitStubs.h for NSGeometry.h.
        * platform/ios/PlatformEventFactoryIOS.mm: Ditto. Also fix up style issues with #import directives.
        * platform/ios/WebEvent.mm: Ditto.
        * platform/ios/wak/WAKAppKitStubs.h: Define typedefs and macros that map NSGeometry data types
        and functions to the analogous CGGeometry data types and functions. Also, remove #ifdef __OBJC__-
        guard as the existing content in WAKAppKitStubs.h assumes that this file will only be included
        in an Objective-C/Objective-C++ file.
        * platform/ios/wak/WAKView.h: Import header WAKAppKitStubs.h instead of defining macros for some
        NSGeometry data types.

2014-11-13  Simon Fraser  <simon.fraser@apple.com>

        [WK2] Fire a layout milestone on session restore based on render tree size
        https://bugs.webkit.org/show_bug.cgi?id=138711
        rdar://problem/16033854

        Reviewed by Anders Carlsson.

        New layout milestone for session restore based on render tree size. Only used
        in WK2 at present.

        * page/LayoutMilestones.h:

2014-11-13  Dan Bernstein  <mitz@apple.com>

        Policy client not called for navigations through the page cache
        https://bugs.webkit.org/show_bug.cgi?id=138703

        Reviewed by Alexey Proskuryakov.

        Test added to TestWebKitAPI/Tests/WebKit2Cocoa/Navigation.mm.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadDifferentDocumentItem): When using a cached page, which already
        has a document loader, set the document loader’s triggering action (so that the policy
        client sees that this is a back/forward navigation) and clear its last checked request (so
        that the policy client gets called).

2014-11-13  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] Do not return ATK_ROLE_UNKNOWN for null or otherwise invalid accessible objects
        https://bugs.webkit.org/show_bug.cgi?id=137867

        Reviewed by Chris Fleizach.

        Return ATK_ROLE_INVALID for null or otherwise invalid accessible objects.

        Test: platform/gtk/accessibility/detached-object-role.html

        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (webkitAccessibleGetRole):

2014-11-13  Eric Carlson  <eric.carlson@apple.com>

        [iOS] update optimized fullscreen media controls artwork
        https://bugs.webkit.org/show_bug.cgi?id=138705

        Reviewed by Dean Jackson.

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::mediaUIImageData): Remove one button.
        * Modules/mediacontrols/MediaControlsHost.idl:

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.controlsAreHidden): Add parentheses to fix the logic.

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.shouldHaveStartPlaybackButton): The big play button should not be
            visible during playback.
        (ControllerIOS.prototype.createControls): No longer necessary to insert style dynamically,
        (ControllerIOS.prototype.setPlaying): Call the base class first so "isPlaying" is set before
            calling updateControls, which calls shouldHaveStartPlaybackButton.

        * platform/ios/WebCoreSystemInterfaceIOS.h: Update constants.

        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::mediaControlsStyleSheet): Add button style to the media controls sheet.

2014-11-13  Benjamin Poulain  <bpoulain@apple.com>

        Implement the matching for :nth-last-child(An+B of selector-list)
        https://bugs.webkit.org/show_bug.cgi?id=138650

        Reviewed by Andreas Kling.

        Matching is trivial based on the existing CSS4 infrastructure.

        The tricky part is style invalidation. In the cases of the old :nth-last-child()
        and :nth-last-of-type(), we were using the flag ChildrenAffectedByBackwardPositionalRules.

        The problem with ChildrenAffectedByBackwardPositionalRules is that it only invalidate
        subtrees when nodes are being added or removed. It is a valuable optimization by itself
        since tree updates are less common than property updates.

        For the case of property updates, I have added the new flag "ChildrenAffectedByPropertyBasedBackwardPositionalRules".
        It pretty much work the same way but invalidates subtree on style recalc.

        Tests: fast/css/nth-child-and-nth-last-child.html
               fast/css/nth-last-child-of-classname.html
               fast/css/nth-last-child-of-complex-selector.html
               fast/css/nth-last-child-of-compound-selector.html
               fast/css/nth-last-child-of-style-sharing-1.html
               fast/css/nth-last-child-of-style-sharing-2.html
               fast/css/nth-last-child-of-style-update-optimization.html
               fast/css/nth-last-child-of-tagname.html
               fast/selectors/nth-last-child-of-class-style-update.html

        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        * dom/Element.cpp:
        (WebCore::Element::setChildrenAffectedByPropertyBasedBackwardPositionalRules):
        (WebCore::Element::hasFlagsSetDuringStylingOfChildren):
        (WebCore::Element::rareDataChildrenAffectedByPropertyBasedBackwardPositionalRules):
        * dom/Element.h:
        (WebCore::Element::childrenAffectedByPropertyBasedBackwardPositionalRules):
        * dom/ElementRareData.h:
        (WebCore::ElementRareData::childrenAffectedByPropertyBasedBackwardPositionalRules):
        (WebCore::ElementRareData::setChildrenAffectedByPropertyBasedBackwardPositionalRules):
        (WebCore::ElementRareData::ElementRareData):
        (WebCore::ElementRareData::resetDynamicRestyleObservations):
        * dom/Node.cpp:
        (WebCore::Node::updateAncestorsForStyleRecalc):
        (WebCore::Node::setNeedsStyleRecalc):
        (WebCore::markAncestorsWithChildNeedsStyleRecalc): Deleted.
        * dom/Node.h:
        Unlike the other marking steps, ChildrenAffectedByPropertyBasedBackwardPositionalRules can only really
        affect one level (because we don't have a parent-selectors). It is quite easy to mark large
        trees with ChildrenAffectedByPropertyBasedBackwardPositionalRules by using a selector list that is a bit
        too generic. When that happen, we must be careful not invalidating everything, just the affected subtree.

2014-11-12  Jon Honeycutt  <jhoneycutt@apple.com>

        REGRESSION (r172826): Password field placeholder text is missing if
        placeholder attribute precedes type attribute

        <https://bugs.webkit.org/show_bug.cgi?id=138682>
        <rdar://problem/18574213> 

        When the placeholder attribute is encountered, a shadow tree is created
        to include the placeholder element. When the type attribute is
        encountered, the previous shadow tree is destroyed, and a new shadow
        tree is created. TextFieldInputType::createShadowSubtree() did not
        handle creating the placeholder element. 

        This regressed in r172826 because prior to r172826, the placeholder
        element would be recreated when
        HTMLTextFormControlElement::updatePlaceholderVisibility() was called.
        In r172826, updatePlaceholderVisibility() was changed to only show or
        hide the placeholder element if it exists.

        Reviewed by Benjamin Poulain.

        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::createShadowSubtree):
        Call updatePlaceholderVisibility() to insert the placeholder element
        (after the inner text element has been inserted, as it appears before
        it in the shadow DOM).

2014-11-13  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] Accessible focus events are emitted when the selection is changed in non-focused combo boxes
        https://bugs.webkit.org/show_bug.cgi?id=137866

        Reviewed by Mario Sanchez Prada.

        Check that the AccessibilityMenuList is really focused before notifying
        the platform that it is focused. Likewise, only notify the platform of
        an AccessibilityMenuListOption focus gain if the AccessibilityMenuList
        containing that option is expanded.

        Test: platform/gtk/accessibility/menu-list-unfocused-notifications.html

        * accessibility/atk/AXObjectCacheAtk.cpp:
        (WebCore::notifyChildrenSelectionChange):
        (WebCore::AXObjectCache::postPlatformNotification):

2014-11-13  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        [EFL] Unexpected crashes in layout test after r175953
        https://bugs.webkit.org/show_bug.cgi?id=138652

        Reviewed by Csaba Osztrogonác.

        In r175953, it set reusableNodeIndex value with m_partCache's size(). It causes
        out of bound index crash because the reusableNodeIndex is Vector object.

        No new test. This patch is to fix broken tests related to widgets on EFL port.

        * platform/efl/RenderThemeEfl.cpp:
        (WebCore::RenderThemeEfl::getThemePartFromCache): Need to set reusableNodeIndex with "size() - 1".

2014-11-13  Chris Dumez  <cdumez@apple.com>

        Lazily create HTMLInputElement's inputType and shadow subtree
        https://bugs.webkit.org/show_bug.cgi?id=138524

        Reviewed by Ryosuke Niwa.

        When an HTMLInputElement was created by the parser, we would first call
        HTMLInputElement::create(), then call Element::parserSetAttributes() on
        the constructed input. With the previous implementation, this was a bit
        inefficient because HTMLInputElement::create() would construct a
        TextInputType inputType (as this is the default) as well as its
        corresponding shadow subtree. Then, parserSetAttributes() would often
        set the |type| attribute and would need to destroy this input type as
        well as its subtree if the new |type| is not 'text', to create a new
        inputType / shadow subtree of the right type. The profiler showed that
        this was fairly expensive.

        To improve this, this patch delays the inputType / shadow subtree
        creation when the HTMLInputElement is constructed by the parser, until
        the attributes are actually set by the parser. This way, we directly
        create an inputType / shadow subtree of the right type.

        I see a 1.4% speed up on speedometer (73.95 -> 75.0).

        Test: fast/dom/HTMLInputElement/border-attribute-crash.html

        * dom/Element.cpp:
        (WebCore::Element::parserSetAttributes):
        (WebCore::Element::parserDidSetAttributes):
        * dom/Element.h:
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::HTMLInputElement):
        (WebCore::HTMLInputElement::create):
        (WebCore::HTMLInputElement::updateType):
        (WebCore::HTMLInputElement::runPostTypeUpdateTasks):
        (WebCore::HTMLInputElement::initializeInputType):
        (WebCore::HTMLInputElement::parseAttribute):
        (WebCore::HTMLInputElement::parserDidSetAttributes):
        (WebCore::HTMLInputElement::finishParsingChildren):
        * html/HTMLInputElement.h:

2014-11-12  Chris Dumez  <cdumez@apple.com>

        Have DOMTimer deal with more ScriptExecutionContext references
        https://bugs.webkit.org/show_bug.cgi?id=138679

        Reviewed by Andreas Kling.

        Have DOMTimer deal with more ScriptExecutionContext references instead
        of pointers, to make it clear the script execution context cannot be
        null.

        No new tests, no behavior change.

        * bindings/js/ScheduledAction.cpp:
        (WebCore::ScheduledAction::execute):
        (WebCore::ScheduledAction::executeFunctionInContext):
        * bindings/js/ScheduledAction.h:
        * dom/DocumentEventQueue.cpp:
        * page/DOMTimer.cpp:
        (WebCore::DOMTimerFireState::DOMTimerFireState):
        (WebCore::NestedTimersMap::instanceForContext):
        (WebCore::DOMTimer::DOMTimer):
        (WebCore::DOMTimer::install):
        (WebCore::DOMTimer::removeById):
        (WebCore::DOMTimer::fired):
        * page/DOMTimer.h:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::setTimeout):
        (WebCore::DOMWindow::clearTimeout):
        (WebCore::DOMWindow::setInterval):
        (WebCore::DOMWindow::clearInterval):
        * page/SuspendableTimer.cpp:
        (WebCore::SuspendableTimer::SuspendableTimer):
        * page/SuspendableTimer.h:
        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::setTimeout):
        (WebCore::WorkerGlobalScope::clearTimeout):
        (WebCore::WorkerGlobalScope::setInterval):
        (WebCore::WorkerGlobalScope::clearInterval):

2014-11-12  Dean Jackson  <dino@apple.com>

        Support unprefixed animation property names
        https://bugs.webkit.org/show_bug.cgi?id=138678
        <rdar://problem/18943059>

        Reviewed by Simon Fraser.

        Step 1 of 3 in unprefixing CSS animations: handling the
        property names and values.

        Unlike other unprefixing, where we use an alias that
        effectively removes the prefixed values from the code,
        for animations we need to keep the old values around so that
        existing content will not break (e.g. computed style).

        During testing I noticed that we didn't handle the
        (relatively) new animation-direction values of
        "reverse" and "alternate-reverse" when querying
        computed style.

        Tests: animations/unprefixed-properties.html
               animations/unprefixed-shorthand.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue): Handle the unprefixed
        values, but also get animation direction to produce the correct
        results when "reverse" and "alternate-reverse" is specified.

        * css/CSSParser.cpp: Handle the new values. If necessary, pass a flag
        around indicating whether it is prefixed or unprefixed.
        (WebCore::CSSParser::parseValue):
        (WebCore::CSSParser::parseAnimationShorthand): Use the flag to decide
        which of the forms we're going to check.
        (WebCore::CSSParser::parseAnimationProperty):
        * css/CSSParser.h:

        * css/CSSProperty.h:
        (WebCore::prefixingVariantForPropertyId): Add prefixing/unprefixing variants for
        all the animation values, and clean up the code a bit.

        * css/CSSPropertyNames.in: Add new properties.

        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder): We need handlers for the
        unprefixed forms. This should move to the new StyleBuilder soon.

        * css/StyleProperties.cpp: Handle new values.
        (WebCore::StyleProperties::getPropertyValue):
        (WebCore::StyleProperties::asText):

        * css/StylePropertyShorthand.cpp:
        (WebCore::animationShorthand):
        (WebCore::animationShorthandForParsing): Decide which list of properties to use.
        (WebCore::shorthandForProperty):
        (WebCore::matchingShorthandsForLonghand):
        (WebCore::webkitAnimationShorthandForParsing): Deleted.
        * css/StylePropertyShorthand.h:

        * css/StyleResolver.cpp: Since the new properties come before "background" in
        alphabetical order, they are earlier in the CSSPropertyNames.in file, and thus
        we need to update the call sites that think CSSPropertyBackground is the first
        property.
        (WebCore::StyleResolver::styleForKeyframe): Replace CSSPropertyBackground with CSSPropertyAnimation.
        (WebCore::StyleResolver::styleForPage):
        (WebCore::StyleResolver::applyMatchedProperties):
        (WebCore::StyleResolver::applyProperty):

2014-11-12  Beth Dakin  <bdakin@apple.com>

        Speculative build fix.

        * WebCore.exp.in:

2014-11-12  Timothy Horton  <timothy_horton@apple.com>

        Fix the iOS build.

        * platform/spi/mac/DataDetectorsSPI.h:
        It's likely that more of this file should be compiled out on iOS,
        but this is all we need to build.

2014-11-12  Beth Dakin  <bdakin@apple.com>

        WK1: Support default actions for images
        https://bugs.webkit.org/show_bug.cgi?id=138668
        -and corresponding-
        rdar://problem/18785434

        Reviewed by Tim Horton.

        Symbol needed for copying image.
        * WebCore.exp.in:

2014-11-05  Ada Chan  <adachan@apple.com>

        Implement new plug-in API for muting plug-ins
        https://bugs.webkit.org/show_bug.cgi?id=138105

        Reviewed by Anders Carlsson.

        Add the new NPNVmuteAudioBool NPNVariable.

        Test: platform/mac-wk2/plugins/muted-state.html

        * plugins/npapi.h:

2014-11-12  Tim Horton  <timothy_horton@apple.com>

        Need to show the text indicator when Data Detectors shows a popover
        https://bugs.webkit.org/show_bug.cgi?id=138664
        <rdar://problem/18869900>

        Reviewed by Beth Dakin.

        * platform/spi/mac/DataDetectorsSPI.h:
        Add new DataDetectors SPI.

2014-11-12  Chris Dumez  <cdumez@apple.com>

        Minor improvements to RenderListItem
        https://bugs.webkit.org/show_bug.cgi?id=138601

        Reviewed by Darin Adler.

        Make several minor improvements to RenderListItem and clean up the
        code a bit.

        No new tests, no behavior change.

        * rendering/RenderListItem.cpp:
        (WebCore::isHTMLListElement):
        - Rename isList to isHTMLListElement() for clarity as it checks
          for HTMLOListElement and HTMLUListElement types
        - Inline the function as it is short.
        - Use is<HTML*Element>() for type checking
        - Update the argument to take a Node& instead of an Element*. This
          is because the argument is expected to the non-null. Also using
          looser typing here allows us to use this utility function is one
          more place, without impacting performance as
          hasTagName(HTMLQualifiedName) is defined on Node.

        (WebCore::enclosingList):
        - Pass the argument as a reference instead of a pointer as it is
          expected to be non-null.
        - Initialize firstNode before the loop to avoid the if (!firstNode)
          check for every iteration.

        (WebCore::nextListItem):
        - Take an Element as second argument instead of a RenderListItem*
          and provide convenience overloads so that we don't need to do
          null checks just because some calls sites call this function
          with 2 arguments and others with 1 argument. This way, we avoid
          unnecessary null checks as most call sites already do such
          checks (or have references).
        - Transform the while loop into a for loop for clarity.
        - Don't traverse an Element's subtree if the Element does not have
          a renderer as it is impossible of any of its descendant to have
          a renderer (and we are looking for a specific type of renderer).

        (WebCore::previousListItem):
        - Pass the item argument as a reference instead of a pointer as it
          is expected to be non-null.
        - Reduce the scope of the |current| so that it is now declared
          inside the loop.

        (WebCore::RenderListItem::updateItemValuesForOrderedList):
        (WebCore::RenderListItem::itemCountForOrderedList):
        - Pass argument as a reference instead of a pointer as it was expected
          to be non-null (There was an assertion in place to make sure of it).

        (WebCore::RenderListItem::calcValue):
        - Use is<HTMLOListElement>() instead of hasTagName().

        (WebCore::getParentOfFirstLineBox):
        - Rename variables to stop using abbreviations.
        - Pass arguments as references instead of pointers as they are expected
          to be non-null.
        - Remove the firstChild null check before the loop as it does not
          change behavior. The loop will abort early if firstChild is null
          and we will end up returning nullptr as well.
        - Use is<>() more for type checking.
        - Reuse the isHTMLListElement() utility function instead of duplicating
          its code inside this function.

        (WebCore::firstNonMarkerChild):
        - Pass argument as a reference as it is expected to be non-null.
        - Rename variable from result to child for clarity, as we are traversing
          the children.

        (WebCore::RenderListItem::markerTextWithSuffix):
        - Use String appending instead of StringBuilder as it simplifies the
          code a lot and should not impact performance in this case.

        (WebCore::RenderListItem::explicitValueChanged):
        - Restructure the code a bit to do the |listNode| null check before the
          loop, now that nextListItem() takes a reference in argument. This is
          the only call site where we didn't already know that listNode is
          non-null.

        (WebCore::previousOrNextItem):
        - Mark this function as inline as it is short and called repeatedly.

2014-11-12  Chris Dumez  <cdumez@apple.com>

        Speed up HTMLTextFormControlElement::setInnerTextValue() a bit
        https://bugs.webkit.org/show_bug.cgi?id=138619

        Reviewed by Darin Adler.

        Speed up HTMLTextFormControlElement::setInnerTextValue() a bit by:
        - Not doing a virtual isTextFormControl() call. Relying on innerTextElement()
          not returning null is sufficient.
        - Caching the result of innerTextElement() instead of repeatedly calling that
          virtual function.
        - De-virtualizing setFormControlValueMatchesRenderer() /
          formControlValueMatchesRenderer() as these are never overridden.
        - Moving the code constructing the innerTextValue from a
          TextControlInnerTextElement from innerTextValue() to a new
          innerTextValueFrom(TextControlInnerTextElement&) function and call this new
          function from setInnerTextValue() to avoid calling innerTextElement() again
          and making sure it is non-null
        - Do the tree traversal from innerTextElement's firstChild instead of from
          innerTextElement. The innerTextElement is a TextControlInnerTextElement.
          Therefore, it cannot be an HTMLBRElement or a Text node.

        No new tests, no behavior change.

        * html/HTMLFormControlElement.h:
        (WebCore::HTMLFormControlElement::formControlValueMatchesRenderer):
        (WebCore::HTMLFormControlElement::setFormControlValueMatchesRenderer):
        * html/HTMLTextFormControlElement.cpp:
        (WebCore::stripTrailingNewline):
        (WebCore::innerTextValueFrom):
        (WebCore::HTMLTextFormControlElement::setInnerTextValue):
        (WebCore::HTMLTextFormControlElement::innerTextValue):
        (WebCore::HTMLTextFormControlElement::valueWithHardLineBreaks):
        (WebCore::finishText): Deleted.

2014-11-12  Jer Noble  <jer.noble@apple.com>

        [Mac] media/track/audio-track.html is flakey
        https://bugs.webkit.org/show_bug.cgi?id=138394

        Reviewed by Alexey Proskuryakov.

        The above test fails if the HTMLMediaElement's "canplaythrough" event fires before the AudioTrackList's
        "addtrack" event fires. This can happen because each object keeps its own GenericEventQueue, which
        empties when that individual queue's timer fires. So events can be enqueued in the following order:
        1, A, 2, B, 3, C; but fired in a different order: 1, 2, 3, A, B, C.

        Make events enqueued in GenericEventQueues globally ordered, so that events are fired in the order
        which they are enqueued, regardless of which object owns the queue. Use a static queue of
        GenericEventQueues to manage which GenericEventQueue fires and in what order.

        GenericEventQueues will use a WeakPtrFactory to cancel pending events. Revoking a GenericEventQueue's
        weak pointers means those queue's entries will be skipped the next time the meta-queue is processed.

        * dom/GenericEventQueue.cpp:
        (WebCore::GenericEventQueue::GenericEventQueue): Create a WeakPtrFactory instead of a Timer.
        (WebCore::GenericEventQueue::enqueueEvent): Enqueue this queue with the MetaQueue.
        (WebCore::GenericEventQueue::sharedTimer): Lazily-initializing accessor.
        (WebCore::GenericEventQueue::sharedTimerFired):  Ask each queue to dispatch one event.
        (WebCore::GenericEventQueue::pendingQueues): Lazily-initializing accessor.
        (WebCore::GenericEventQueue::dispatchOneEvent): Renamed from timerFired.
        (WebCore::GenericEventQueue::close): Revoke all WeakPtrs.
        (WebCore::GenericEventQueue::cancelAllEvents): Ditto.
        (WebCore::GenericEventQueue::hasPendingEvents): Use !isEmpty().
        (WebCore::GenericEventQueue::timerFired): Deleted.
        * dom/GenericEventQueue.h:

2014-11-12  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Expose user script messages to GObject DOM bindings
        https://bugs.webkit.org/show_bug.cgi?id=138411

        Reviewed by Philippe Normand.

        * PlatformGTK.cmake: Add WebKitDOMCustomUnstable.h to the list of
        installed headers and make a symlink for it in the DerivedSources dir.
        * bindings/gobject/WebKitDOMCustomUnstable.h: Added.
        * bindings/gobject/WebKitDOMCustom.cpp:
        (webkit_dom_dom_window_get_webkit_namespace):
        (webkit_dom_user_message_handlers_namespace_get_handler):
        * bindings/scripts/CodeGeneratorGObject.pm:
        (HasUnstableCustomAPI): Helper function to check if the given
        class has custom unstable API.
        (WriteData): Include WebKitDOMCustomUnstable.h header if the class
        has API defined there.

2014-11-12  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Fix how SerializedScriptValue is exposed to GObject DOM bindings
        https://bugs.webkit.org/show_bug.cgi?id=138409

        Reviewed by Philippe Normand.

        It's currently exposed as a WebKitDOMSerializedScriptValue class
        that doesn't really exist. It should be handled as a string, that
        is used to create a SerializedScriptValue when coming from the
        API, and converted to a string again when returned to the API.

        * bindings/scripts/CodeGeneratorGObject.pm:
        (GetGlibTypeName): Return gchar* as glib type of SerializedScriptValue.
        (IsGDOMClassType): Don't consider SerializedScriptValue as a GDOM class.
        (GenerateFunction): Handle SerializedScriptValue parameters and
        return values specially.
        * bindings/scripts/test/GObject/WebKitDOMTestCallback.cpp:
        (webkit_dom_test_callback_callback_with_serialized_script_value_param):
        * bindings/scripts/test/GObject/WebKitDOMTestCallback.h:
        * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
        (webkit_dom_test_obj_serialized_value):
        * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
        * bindings/scripts/test/GObject/WebKitDOMTestSerializedScriptValueInterface.cpp:
        (webkit_dom_test_serialized_script_value_interface_class_init):
        (webkit_dom_test_serialized_script_value_interface_get_value):
        (webkit_dom_test_serialized_script_value_interface_set_value):
        (webkit_dom_test_serialized_script_value_interface_get_readonly_value):
        (webkit_dom_test_serialized_script_value_interface_get_cached_value):
        (webkit_dom_test_serialized_script_value_interface_set_cached_value):
        (webkit_dom_test_serialized_script_value_interface_get_cached_readonly_value):
        * bindings/scripts/test/GObject/WebKitDOMTestSerializedScriptValueInterface.h:
        * bindings/scripts/test/GObject/WebKitDOMTestTypedefs.cpp:
        (webkit_dom_test_typedefs_class_init):
        (webkit_dom_test_typedefs_get_immutable_serialized_script_value):
        (webkit_dom_test_typedefs_set_immutable_serialized_script_value):
        * bindings/scripts/test/GObject/WebKitDOMTestTypedefs.h:

2014-11-12  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Move RedirectedXCompositeWindow from platform to WebKit2 layer
        https://bugs.webkit.org/show_bug.cgi?id=138093

        Reviewed by Martin Robinson.

        Remove RedirectedXCompositeWindow.

        * PlatformGTK.cmake:

2014-09-01  Philippe Normand  <pnormand@igalia.com>

        [WK2] UserMediaClient support
        https://bugs.webkit.org/show_bug.cgi?id=123158

        Reviewed by Benjamin Poulain.

        Added document and frame accessors, needed by the
        UserMediaRequestManager of the WebProcess. Also added two methods
        used by the permission request manager to know if access to audio
        or video devices is requested.

        Tests: fast/mediastream/error.html
               fast/mediastream/success.html
               fast/mediastream/delayed-permission-allowed.html
               fast/mediastream/delayed-permission-denied.html
               http/tests/media/media-stream/disconnected-frame-already.html
               http/tests/media/media-stream/disconnected-frame-permission-denied.html
               http/tests/media/media-stream/disconnected-frame.html

        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::document):
        (WebCore::UserMediaRequest::frame):
        * Modules/mediastream/UserMediaRequest.h:
        (WebCore::UserMediaRequest::requiresAudio):
        (WebCore::UserMediaRequest::requiresVideo):

2014-11-12  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        [EFL] Clean up OwnPtr in RenderThemeEfl
        https://bugs.webkit.org/show_bug.cgi?id=138642

        Reviewed by Zoltan Herczeg.

        No new tests, no behavior change.

        * platform/efl/RenderThemeEfl.cpp:
        (WebCore::RenderThemeEfl::applyEdjeRTLState): Clean up all remaining OwnPtr. 

2014-11-11  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Move Modules/websockets to std::unique_ptr
        https://bugs.webkit.org/show_bug.cgi?id=138649

        Reviewed by Chris Dumez.

        Remove create() factory function and use std::make_unique<>, std::unique_ptr<>
        instead of OwnPtr, PassOwnPtr.
        However didReceiveBinaryData() is still using PassOwnPtr. It should be replaced
        with std::unique_ptr<>

        No new tests, no behavior.

        * Modules/websockets/ThreadableWebSocketChannelClientWrapper.h:
        * Modules/websockets/WebSocket.cpp:
        * Modules/websockets/WebSocketChannel.cpp:
        (WebCore::WebSocketChannel::connect):
        (WebCore::WebSocketChannel::didFail):
        (WebCore::WebSocketChannel::processFrame):
        (WebCore::WebSocketChannel::enqueueTextFrame):
        (WebCore::WebSocketChannel::enqueueRawFrame):
        (WebCore::WebSocketChannel::enqueueBlobFrame):
        (WebCore::WebSocketChannel::processOutgoingFrameQueue):
        (WebCore::WebSocketChannel::sendFrame):
        * Modules/websockets/WebSocketChannel.h:
        * Modules/websockets/WebSocketDeflateFramer.cpp:
        (WebCore::WebSocketDeflateFramer::createExtensionProcessor):
        (WebCore::WebSocketDeflateFramer::enableDeflate):
        (WebCore::WebSocketDeflateFramer::deflate):
        (WebCore::WebSocketDeflateFramer::inflate):
        (WebCore::WebSocketExtensionDeflateFrame::create): Deleted.
        * Modules/websockets/WebSocketDeflateFramer.h:
        (WebCore::DeflateResultHolder::create): Deleted.
        (WebCore::InflateResultHolder::create): Deleted.
        * Modules/websockets/WebSocketDeflater.cpp:
        (WebCore::WebSocketDeflater::WebSocketDeflater):
        (WebCore::WebSocketInflater::WebSocketInflater):
        (WebCore::WebSocketDeflater::create): Deleted.
        (WebCore::WebSocketInflater::create): Deleted.
        * Modules/websockets/WebSocketDeflater.h:
        * Modules/websockets/WebSocketExtensionDispatcher.cpp:
        (WebCore::WebSocketExtensionDispatcher::addProcessor):
        * Modules/websockets/WebSocketExtensionDispatcher.h:
        * Modules/websockets/WebSocketHandshake.cpp:
        (WebCore::WebSocketHandshake::addExtensionProcessor):
        * Modules/websockets/WebSocketHandshake.h:

2014-11-11  Chris Dumez  <cdumez@apple.com>

        Unreviewed iOS build fix after r176001.

        Export an additional symbol.

        * WebCore.exp.in:

2014-11-11  Jer Noble  <jer.noble@apple.com>

        [Mac] Add diagnostic logging for per-media-engine load failures
        https://bugs.webkit.org/show_bug.cgi?id=138647

        Reviewed by Eric Carlson.

        Add diagnostic logging fired whenever a media engine fails to load media,
        even if another engine subsequentially succeeds. Add a mechanism for retrieving
        the platform-specific error code from a given engine.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):
        * html/HTMLMediaElement.h:
        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::engineFailedToLoadKey):
        * page/DiagnosticLoggingKeys.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::networkStateChanged):
        (WebCore::MediaPlayer::platformErrorCode):
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerClient::mediaPlayerEngineFailedToLoad):
        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::platformErrorCode):
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
        (WebCore::MediaPlayerPrivateAVFoundation::platformErrorCode):
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        (WebCore::MediaPlayerPrivateAVFoundationCF::assetErrorCode):
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::assetErrorCode):
        * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::platformErrorCode):

2014-11-11  Chris Dumez  <cdumez@apple.com>

        Mark more virtual functions in HTMLInputElement as final
        https://bugs.webkit.org/show_bug.cgi?id=138644

        Reviewed by Andreas Kling.

        Mark more virtual functions in HTMLInputElement as final to help the
        compiler optimize better.

        No new tests, no behavior change.

        * html/HTMLInputElement.h:

2014-11-11  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Remove IncrementalSweeper::create()
        https://bugs.webkit.org/show_bug.cgi?id=138243

        Reviewed by Filip Pizlo.

        As a step to use std::unique_ptr<> and std::make_unique<>, this patch removes
        IncrementalSweeper::create(), then set constructor of IncrementalSweeper to public.
        Now we begins to use std::make_unique<> to create IncrementalSweeper instance.

        No new tests, no behavior changes.

        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::commonVM):
        * platform/ios/WebSafeIncrementalSweeperIOS.h:

2014-11-11  Chris Dumez  <cdumez@apple.com>

        Move 'border-image-*' / '-webkit-mask-box-image-*' CSS properties to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138594

        Reviewed by Antti Koivisto.

        Move 'border-image-*' / '-webkit-mask-box-image-*' CSS properties from
        DeprecatedStyleBuilder to the new StyleBuilder using custom code.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyBorderImageModifier::getValue): Deleted.
        (WebCore::ApplyPropertyBorderImageModifier::setValue): Deleted.
        (WebCore::ApplyPropertyBorderImageModifier::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyBorderImageModifier::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyBorderImageModifier::applyValue): Deleted.
        (WebCore::ApplyPropertyBorderImageModifier::createHandler): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderFunctions::ApplyPropertyBorderImageModifier::applyInheritValue):
        (WebCore::StyleBuilderFunctions::ApplyPropertyBorderImageModifier::applyInitialValue):
        (WebCore::StyleBuilderFunctions::ApplyPropertyBorderImageModifier::applyValue):
        (WebCore::StyleBuilderFunctions::ApplyPropertyBorderImageModifier::getValue):
        (WebCore::StyleBuilderFunctions::ApplyPropertyBorderImageModifier::setValue):

2014-11-11  David Kilzer  <ddkilzer@apple.com>

        Modernize $buildingForIPhone in CodeGeneratorObjC.pm
        <http://webkit.org/b/138640>

        Reviewed by Daniel Bates.

        Mac OS X is the only platform that supports NSColor, so rename
        $buildingForIPhone to $shouldUseCGColor (which is actually what
        the variable represents) and define it in terms of the "macosx"
        platform name.

        * bindings/scripts/CodeGeneratorObjC.pm:
        ($buildingForIPhone): Rename to $shouldUseCGColor.
        ($shouldUseCGColor): False if PLATFORM_NAME is not defined,
        which is the case on older Xcodes when building for Mac OS X, or
        if PLATFORM_NAME is equal to "macosx".  True otherwise.
        (GetClassName): Switch to use new variable name.
        (AddIncludesForType): Ditto.
        (GenerateHeader): Remove dead code.  The
        $buildingForTigerOrEarlier variable was accidentally
        re-introduced in r161638, but was originally removed in r127032!
        (GenerateImplementation): Switch to use new variable name.

2014-11-11  Tim Horton  <timothy_horton@apple.com>

        Add support for mailto: link action menus
        https://bugs.webkit.org/show_bug.cgi?id=138641
        <rdar://problem/18741567>

        Reviewed by Beth Dakin.

        * WebCore.exp.in:
        Add an export.

        * platform/spi/mac/DataDetectorsSPI.h:
        Add some DataDetectors SPI.

2014-11-11  Eric Carlson  <eric.carlson@apple.com>

        [iOS] video is sometimes allowed to play from the background
        https://bugs.webkit.org/show_bug.cgi?id=138522

        Rubber-stamped by Jer Noble.

        * platform/audio/MediaSession.cpp:
        (WebCore::MediaSession::updateClientDataBuffering): Call MediaSessionManager::sessionCanLoadMedia.

2014-11-11  Eric Carlson  <eric.carlson@apple.com>

        [iOS] a page with video in optimized fullscreen is visible
        https://bugs.webkit.org/show_bug.cgi?id=138632

        Reviewed by Anders Carlsson.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        (WebCore::WebVideoFullscreenInterfaceAVKit::mode): Expose fullscreen mode.

2014-11-11  Myles C. Maxfield  <mmaxfield@apple.com>

        Mountain Lion build fix
        https://bugs.webkit.org/show_bug.cgi?id=138631

        Reviewed by Simon Fraser.

        * platform/spi/cocoa/CoreTextSPI.h:

2014-11-11  Eric Carlson  <eric.carlson@apple.com>

        [iOS] cleanup wireless route monitoring
        https://bugs.webkit.org/show_bug.cgi?id=138614

        Reviewed by Jer Noble.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::clearMediaPlayer): Add logging.
        (WebCore::HTMLMediaElement::removeEventListener): Ditto.
        (WebCore::HTMLMediaElement::createMediaPlayer): Ditto.

        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (WebCore::MediaSessionManageriOS::resetRestrictions): Add logging.
        (WebCore::MediaSessionManageriOS::configureWireLessTargetMonitoring): Ditto.
        (WebCore::MediaSessionManageriOS::updateNowPlayingInfo): Ditto.
        (-[WebMediaSessionHelper initWithCallback:]): Ditto.
        (-[WebMediaSessionHelper dealloc]): Always deallocate volume view and routing controller
            on the main thread.
        (-[WebMediaSessionHelper clearCallback]): Add logging.
        (-[WebMediaSessionHelper hasWirelessTargetsAvailable]): Ditto.
        (-[WebMediaSessionHelper startMonitoringAirPlayRoutes]): Always call routing controller on
            the main thread.
        (-[WebMediaSessionHelper stopMonitoringAirPlayRoutes]): Ditto.
        (-[WebMediaSessionHelper interruption:]): Add logging.
        (-[WebMediaSessionHelper applicationWillEnterForeground:]): Ditto.
        (-[WebMediaSessionHelper applicationDidBecomeActive:]): Ditto.
        (-[WebMediaSessionHelper applicationWillResignActive:]): Ditto.
        (-[WebMediaSessionHelper wirelessRoutesAvailableDidChange:]): Ditto.

2014-11-11  Myles C. Maxfield  <mmaxfield@apple.com>

        Unreviewd iOS build fix

        * platform/spi/cocoa/CoreTextSPI.h:

2014-11-11  David Kilzer  <ddkilzer@apple.com>

        Protect Document in ProcessingInstruction::setXSLStyleSheet()
        <http://webkit.org/b/138621>

        Reviewed by Andreas Kling.

        The patch is inspired by the following Blink revision by
        <tasak@google.com>:
        <https://src.chromium.org/viewvc/blink?view=rev&revision=182309>

        * dom/ProcessingInstruction.cpp:
        (WebCore::ProcessingInstruction::setXSLStyleSheet):

2014-11-11  Myles C. Maxfield  <mmaxfield@apple.com>

        Finish moving CTFontGetVerticalGlyphsForCharacters and CTLineCreateWithUniCharProvider out from WKSI
        https://bugs.webkit.org/show_bug.cgi?id=138623

        Reviewed by Geoff Garen.

        No new tests because there is no behavior change.

        * WebCore.exp.in:
        * WebCore.order:
        * platform/graphics/mac/GlyphPageTreeNodeMac.cpp:
        (WebCore::GlyphPage::fill):
        * platform/graphics/mac/SimpleFontDataMac.mm:
        (WebCore::SimpleFontData::canRenderCombiningCharacterSequence):
        * platform/ios/WebCoreSystemInterfaceIOS.mm:
        * platform/mac/WebCoreSystemInterface.h:
        * platform/mac/WebCoreSystemInterface.mm:
        * platform/spi/cocoa/CoreTextSPI.h:

2014-11-11  Myles C. Maxfield  <mmaxfield@apple.com>

        Unreviewed Mountain Lion build fix

        * platform/spi/cocoa/CoreTextSPI.h:

2014-11-11  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r175852.
        https://bugs.webkit.org/show_bug.cgi?id=138626

        Broke PLT by introducing a crash. (Requested by rniwa on
        #webkit).

        Reverted changeset:

        "Lazily create HTMLInputElement's inputType and shadow
        subtree"
        https://bugs.webkit.org/show_bug.cgi?id=138524
        http://trac.webkit.org/changeset/175852

2014-11-11  Chris Dumez  <cdumez@apple.com>

        Regression(r175947): Caused assertions in debug builds
        https://bugs.webkit.org/show_bug.cgi?id=138620

        Reviewed by Benjamin Poulain.

        In HTMLCollection::traverseForward(), traversedCount was incremented 1
        time too many when hitting the end of the collection (i.e. element
        becomes null). Doing a partial revert.

        No new tests, already covered by existing tests.

        * html/HTMLCollection.cpp:
        (WebCore::HTMLCollection::traverseForward):

2014-11-11  Tim Horton  <timothy_horton@apple.com>

        DataDetectors' menu items aren't presented in the telephone number menu
        https://bugs.webkit.org/show_bug.cgi?id=138602
        <rdar://problem/18866308>

        Reviewed by Beth Dakin.

        * English.lproj/Localizable.strings:
        Remove a now-unused localized string.

2014-11-11  Daniel Bates  <dabates@apple.com>

        [Frame Flattening] ASSERT(transaction->view == &view()) fails in RenderBlock::removeFromUpdateScrollInfoAfterLayoutTransaction()
        https://bugs.webkit.org/show_bug.cgi?id=138615
        <rdar://problem/18928487>

        Reviewed by David Hyatt.

        Fixes an issue where we always expected that the RenderView associated with the RenderBlock called in
        RenderBlock::removeFromUpdateScrollInfoAfterLayoutTransaction() is the same as the RenderView associated with
        the top transaction in the UpdateScrollInfoAfterLayoutTransaction stack regardless of frame flattening. This
        expectation is only true when frame flattening is disabled.

        Test: fast/frames/flattening/iframe-flattening-inside-flexbox-with-delayed-scroll-update.html

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::removeFromUpdateScrollInfoAfterLayoutTransaction):

2014-11-11  Tim Horton  <timothy_horton@apple.com>

        Adopt DDActionContext menu type SPI
        https://bugs.webkit.org/show_bug.cgi?id=138603
        <rdar://problem/18867627>

        Reviewed by Anders Carlsson.

        * platform/spi/mac/DataDetectorsSPI.h:
        Add the new SPI.

2014-11-11  Tim Horton  <timothy_horton@apple.com>

        Data Detectors popovers should be dismissed upon scrolling
        https://bugs.webkit.org/show_bug.cgi?id=138600
        <rdar://problem/18932770>

        Reviewed by Beth Dakin.

        * platform/spi/mac/DataDetectorsSPI.h:
        Adjust the SPI header.

2014-11-11  Tim Horton  <timothy_horton@apple.com>

        Localize strings for action menus
        https://bugs.webkit.org/show_bug.cgi?id=138591
        <rdar://problem/18815343>

        Reviewed by Dan Bates.

        * English.lproj/Localizable.strings:
        Add a bunch of localizable strings.

2014-11-11  Myles C. Maxfield  <mmaxfield@apple.com>

        Cleanup from r175379
        https://bugs.webkit.org/show_bug.cgi?id=138616

        Reviewed by Simon Fraser.

        No new tests because there is no behavior change.

        * WebCore.exp.in:
        * platform/ios/WebCoreSystemInterfaceIOS.mm:
        * platform/mac/WebCoreSystemInterface.h:
        * platform/mac/WebCoreSystemInterface.mm:

2014-11-11  Myles C. Maxfield  <mmaxfield@apple.com>

        Move CTFontTransformGlyphs out from WKSI
        https://bugs.webkit.org/show_bug.cgi?id=138599

        Reviewed by Simon Fraser.

        No new tests because there is no behavior change.

        * WebCore.exp.in:
        * WebCore.order:
        * platform/graphics/SimpleFontData.cpp:
        (WebCore::SimpleFontData::applyTransforms):
        * platform/graphics/SimpleFontData.h:
        * platform/ios/WebCoreSystemInterfaceIOS.mm:
        * platform/mac/WebCoreSystemInterface.h:
        * platform/mac/WebCoreSystemInterface.mm:
        * platform/spi/cocoa/CoreTextSPI.h:

2014-11-11  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Use std::unique_ptr<>|std::make_unique_ptr in RenderThemeEfl::ThemePartCacheEntry::create()
        https://bugs.webkit.org/show_bug.cgi?id=138558

        Reviewed by Anders Carlsson.

        This patch removes PassOwnPtr and OwnPtr in RenderThemeEfl::ThemePartCacheEntry::create().
        It would be good if we also remove create() factory function though, in this case, it is
        a little hard to remove it since the create() factory function does many works to create
        a ThemePartCacheEntry instance. Thus this patch just replaces PassOwnPtr|OwnPtr with
        std::unique_ptr<> and std::make_unique<> in RenderThemeEfl::ThemePartCacheEntry::create().

        Besides the theme entries have been maintained by Eina_List*. Unfortunately it doesn't support
        std::unique_ptr<> yet. Thus the Eina_List* should be replaced with Vector<std::unique_ptr<>>
        so that m_partCache has ownship of all EFL theme entries. This patch tries to keep original
        cache algorithm based on Vector class.

        No new tests, no behavior changes.

        * platform/efl/RenderThemeEfl.cpp:
        (WebCore::RenderThemeEfl::ThemePartCacheEntry::create):
        (WebCore::RenderThemeEfl::getThemePartFromCache):
        * platform/efl/RenderThemeEfl.h:

2014-11-09  Darin Adler  <darin@apple.com>

        Minor tweaks to HTMLCollection
        https://bugs.webkit.org/show_bug.cgi?id=138556

        Reviewed by Chris Dumez.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::addRadioButtonGroupMembers):
        Update for namedElements function that now returns a Vector; also use
        a new style for loop to iterate it.

        * bindings/js/JSHTMLAllCollectionCustom.cpp: Removed some unneeded includes.
        (WebCore::namedItems): Updated name to match WebKit coding style, and also
        updated to use the return value from namedItems, which now returns a Vector.
        (WebCore::callHTMLAllCollection): Updated for namedItems name change.
        Also removed explicit Node* type from result of namedItemWithIndex, since that
        function now returns a more specific type.
        (WebCore::JSHTMLAllCollection::nameGetter): Update for namedItems name change.
        (WebCore::JSHTMLAllCollection::item): Ditto.
        (WebCore::JSHTMLAllCollection::namedItem): Ditto.

        * bindings/js/JSHTMLFormControlsCollectionCustom.cpp: Removed some unneeded includes.
        (WebCore::namedItems): Updated name to match WebKit coding style, and also
        updated to use the return value from namedItems, which now returns a Vector.
        (WebCore::JSHTMLFormControlsCollection::nameGetter): Update for namedItems name change.
        (WebCore::JSHTMLFormControlsCollection::namedItem): Ditto.

        * bindings/js/JSHTMLFormElementCustom.cpp:
        (WebCore::JSHTMLFormElement::nameGetter): Updated to use the return value from
        namedItems, which now returns a Vector.

        * html/HTMLAllCollection.cpp:
        (WebCore::HTMLAllCollection::HTMLAllCollection): Marked the constructor inline,
        since it's only used in one place, the create function.
        (WebCore::HTMLAllCollection::~HTMLAllCollection): Deleted. No need to have an
        explicit destructor since there's nothing special to implement, and includers of
        the header file have everything they ened to compile the compiler-generated one.
        (WebCore::HTMLAllCollection::namedItemWithIndex): Changed return type to Element.

        * html/HTMLAllCollection.h: Removed unneeded explicit declaration of destructor.
        Chagned return type of namedItemWithIndex to Element.

        * html/HTMLCollection.cpp:
        (WebCore::HTMLCollection::rootTypeFromCollectionType): Marked this inline. Also
        changed this to be a static member function so it can use the RootType enum, which
        is now private to the class.
        (WebCore::isMatchingHTMLElement): Marked this function static so it will get
        internal linkage.
        (WebCore::isMatchingElement): Ditto.
        (WebCore::previousElement): Marked this function inline since it's called in only
        one place. Changed argument type to a reference since it can never be null.
        (WebCore::HTMLCollection::iterateForPreviousElement): Changed argument name and
        also updated for above changes.
        (WebCore::firstMatchingElement): Marked this function static so it will get
        internal linkage.
        (WebCore::nextMatchingElement): Ditto. Changed argument type to a reference
        since it can never be null.
        (WebCore::HTMLCollection::item): Changed return type to Element.
        (WebCore::nameShouldBeVisibleInDocumentAll): Added an overload that takes an
        Element. This streamlines the code below that calls it so it fits on one line.
        (WebCore::firstMatchingChildElement): Marked this function static so it will get
        internal linkage.
        (WebCore::nextMatchingSiblingElement): Ditto. Changed argument type to a reference
        since it can never be null.
        (WebCore::HTMLCollection::usesCustomForwardOnlyTraversal): Moved here from the
        header since, although it's marked inline, it's only used inside this file.
        (WebCore::HTMLCollection::traverseForward): Restructured the code a little bit
        to make the function smaller and possibly easier to read. This does add one
        redundant null check, but it seems OK to do that.
        (WebCore::HTMLCollection::collectionTraverseBackward): Tweaked foramtting a bit.
        (WebCore::HTMLCollection::namedItem): Changed return type to Element. Tightened
        the code that calls nameShouldBeVisibleInDocumentAll so it fits better on one line.
        Changed code that handles m_shouldOnlyIncludeDirectChildren to use a nested if
        instead of an && since it makes the code a little easier to read.
        (WebCore::HTMLCollection::updateNamedElementCache): Tweaked code a little bit,
        using shorter variable names, and using references instead of pointers. Also removed
        the call to didPopulate, since setNamedItemCache now takes care of that.
        (WebCore::HTMLCollection::namedItems): Changed to return a Vector instead of
        appending to an existing one. Also use reserveInitialCapacity and uncheckedAppend
        for better performance. Added a FIXME, because there seems to be something wrong
        here about this being non-virtual. Made other small tweaks to streamline the code.
        (WebCore::HTMLCollection::customElementAfter): Moved this here from the header.
        There is no reason to need to inline this.

        * html/HTMLCollection.h: Removed unneeded includes. Moved function bodies out
        of the class definitions so the class definitions are easier to read. Made some
        functions that were formerly public or protected be private instead. Added a call
        to didPopulate to setNamedItemCache so the callers don't have to do it.

        * html/HTMLFormControlsCollection.cpp:
        (WebCore::HTMLFormControlsCollection::namedItem): Changed return value to Element.
        Tweaked coding style a little bit.
        (WebCore::HTMLFormControlsCollection::updateNamedElementCache): Rearranged to
        simplify a bit. Don't build the foundInputElements set when the owner is not a
        form element, since we don't use the set in that case. Use shorter variable names,
        and modern for loops. Also removed the call to didPopulate, since setNamedItemCache
        now takes care of that.

        * html/HTMLFormControlsCollection.h: Removed some uneeded forward declarations.
        Updated return type for namedItem, and also made the override private.

        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::namedElements): Changed to return a Vector and updated
        function name accordingly.
        * html/HTMLFormElement.h: Ditto.

        * html/HTMLNameCollection.h: Removed a stray blank line.

        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::namedItem): Changed return value to Element.
        (WebCore::HTMLSelectElement::item): Ditto.
        * html/HTMLSelectElement.h: Ditto.

        * page/scrolling/AxisScrollSnapOffsets.cpp:
        (WebCore::appendChildSnapOffsets): Rewrote loop as a for loop rather than a while
        loop. Removed unwanted use of children()->collectionBegin() to get the first element
        child of an HTMLElement. This function uses a mix of DOM and rendering functions that
        is probably incorrect, but I did not tackle fixing that at this time.

2014-11-11  Dan Bernstein  <mitz@apple.com>

        [Mac] WebCore includes unused cursor image resources
        https://bugs.webkit.org/show_bug.cgi?id=138605

        Reviewed by Anders Carlsson.

        * Resources/aliasCursor.png: Removed.
        * Resources/cellCursor.png: Removed.
        * Resources/contextMenuCursor.png: Removed.
        * Resources/copyCursor.png: Removed.
        * Resources/eastResizeCursor.png: Removed.
        * Resources/eastWestResizeCursor.png: Removed.
        * Resources/helpCursor.png: Removed.
        * Resources/linkCursor.png: Removed.
        * Resources/moveCursor.png: Removed.
        * Resources/noDropCursor.png: Removed.
        * Resources/noneCursor.png: Removed.
        * Resources/northEastResizeCursor.png: Removed.
        * Resources/northEastSouthWestResizeCursor.png: Removed.
        * Resources/northResizeCursor.png: Removed.
        * Resources/northSouthResizeCursor.png: Removed.
        * Resources/northWestResizeCursor.png: Removed.
        * Resources/northWestSouthEastResizeCursor.png: Removed.
        * Resources/progressCursor.png: Removed.
        * Resources/southEastResizeCursor.png: Removed.
        * Resources/southResizeCursor.png: Removed.
        * Resources/southWestResizeCursor.png: Removed.
        * Resources/verticalTextCursor.png: Removed.
        * Resources/waitCursor.png: Removed.
        * Resources/westResizeCursor.png: Removed.
        * Resources/zoomInCursor.png: Removed.
        * Resources/zoomOutCursor.png: Removed.

        * WebCore.xcodeproj/project.pbxproj: Removed references to the above files.

        * platform/mac/CursorMac.mm:
        (WebCore::Cursor::ensurePlatformCursor): For Help, Cell, ZoomIn and ZoomOut, don’t check
        for a nil return value from wkCursor(), which can’t occur in any supported configuration.
        For None, create a cursor with an empty NSImage instead of loading a transparent image from
        the file system.
        (WebCore::createNamedCursor): Deleted.

2014-11-11  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Unreviewed, rolling out r175844.

        Win debug build has broken since r175844.

        Reverted changeset:

        "Use std::unique_ptr<> and std::make_unique<> in WebCore"
        https://bugs.webkit.org/show_bug.cgi?id=138560
        http://trac.webkit.org/changeset/175844

2014-11-11  Philippe Normand  <pnormand@igalia.com>

        Qt/Chromium remnants in MediaPlayer
        https://bugs.webkit.org/show_bug.cgi?id=138611

        Reviewed by Jer Noble.

        * platform/graphics/MediaPlayer.h: Remove unused Qt/Chromium stuff.

2014-11-11  Chris Dumez  <cdumez@apple.com>

        Move '-webkit-marquee-speed' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138595

        Reviewed by Antti Koivisto.

        Move '-webkit-marquee-speed' CSS property from DeprecatedStyleBuilder
        to the new StyleBuilder by adding a new MarqueeSpeed Converter.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyMarqueeSpeed::applyValue): Deleted.
        (WebCore::ApplyPropertyMarqueeSpeed::createHandler): Deleted.
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertMarqueeSpeed):

2014-10-07  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] Limit the size of explicit/implicit grid
        https://bugs.webkit.org/show_bug.cgi?id=136217

        Reviewed by Andreas Kling.

        A recent change in the specs allow us to set a limit (maximum
        size) for both the explicit and implicit grids so we can protect
        ourselves from absurdly huge grid specifications. It was decided
        to use the recommended limit which is 1 million.

        This means that we can remove the old limitation for the number of
        repetitions in repeat(). Instead we now clamp the number of
        repetitions to the maximum value that allow us to have the maximum
        number of whole repetitions without exceeding the track number
        limit.

        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseGridTrackRepeatFunction): Replaced the
        old limit by the new one.
        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::placeItemsOnGrid): Use the amount of tracks
        provided by GridResolvedPosition.
        (WebCore::RenderGrid::populateExplicitGridAndOrderIterator): Ditto.
        * rendering/style/GridCoordinate.h:
        (WebCore::GridSpan::GridSpan):
        * rendering/style/GridResolvedPosition.cpp:
        (WebCore::GridResolvedPosition::explicitGridColumnCount): Bring
        the static function back to life.
        (WebCore::GridResolvedPosition::explicitGridRowCount): Ditto.
        (WebCore::explicitGridSizeForSide):
        * rendering/style/GridResolvedPosition.h:

2014-11-11  Yusuke Suzuki  <utatane.tea@gmail.com>

        CSS4 Selectors: Add multiple pseudo elements support to :matches
        https://bugs.webkit.org/show_bug.cgi?id=138214

        Reviewed by Benjamin Poulain.

        In this patch, we implement (multiple) pseudo elements support to :matches.
        Currently, we implemented it in css/SelectorChecker and there's no CSS JIT implementation.

        And we change the semantics of pseudo element selector behavior.
        Previously when pseudo element selector appeared in the non-rightmost
        fragment, it was ignored. This patch changes it to unmatched.

        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::CheckingContextWithStatus::CheckingContextWithStatus):
        (WebCore::SelectorChecker::match):
        (WebCore::hasScrollbarPseudoElement):
        (WebCore::SelectorChecker::matchRecursively):
        (WebCore::SelectorChecker::checkOne):
        (WebCore::SelectorChecker::matchSelectorList):
        * css/SelectorChecker.h:
        (WebCore::SelectorChecker::MatchResult::matches):
        (WebCore::SelectorChecker::MatchResult::updateWithMatchType):
        (WebCore::SelectorChecker::MatchResult::fails):
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addPseudoClassType):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::SelectorCodeGenerator):
        (WebCore::SelectorCompiler::constructFragments):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementHasPseudoElement):
        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::setHasPseudoStyles):
        * rendering/style/RenderStyleConstants.h:
        (WebCore::PseudoIdSet::PseudoIdSet):
        (WebCore::PseudoIdSet::fromMask):
        (WebCore::PseudoIdSet::has):
        (WebCore::PseudoIdSet::add):
        (WebCore::PseudoIdSet::merge):
        (WebCore::PseudoIdSet::operator &):
        (WebCore::PseudoIdSet::operator |):
        (WebCore::PseudoIdSet::operator bool):
        (WebCore::PseudoIdSet::data):

2014-11-10  Chris Dumez  <cdumez@apple.com>

        Lazily create HTMLInputElement's inputType and shadow subtree
        https://bugs.webkit.org/show_bug.cgi?id=138524

        Reviewed by Ryosuke Niwa.

        When an HTMLInputElement was created by the parser, we would first call
        HTMLInputElement::create(), then call Element::parserSetAttributes() on
        the constructed input. With the previous implementation, this was a bit
        inefficient because HTMLInputElement::create() would construct a
        TextInputType inputType (as this is the default) as well as its
        corresponding shadow subtree. Then, parserSetAttributes() would often
        set the |type| attribute and would need to destroy this input type as
        well as its subtree if the new |type| is not 'text', to create a new
        inputType / shadow subtree of the right type. The profiler showed that
        this was fairly expensive.

        To improve this, this patch delays the inputType / shadow subtree
        creation when the HTMLInputElement is constructed by the parser, until
        the attributes are actually set by the parser. This way, we directly
        create an inputType / shadow subtree of the right type.

        I see a 1.4% speed up on speedometer (73.95 -> 75.0).

        No new tests, no behavior change.

        * dom/Element.cpp:
        (WebCore::Element::parserSetAttributes):
        (WebCore::Element::parserDidFinishParsingAttributes):
        * dom/Element.h:
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::HTMLInputElement):
        (WebCore::HTMLInputElement::create):
        (WebCore::HTMLInputElement::updateType):
        (WebCore::HTMLInputElement::runPostTypeUpdateTasks):
        (WebCore::HTMLInputElement::ensureInputType):
        (WebCore::HTMLInputElement::parseAttribute):
        (WebCore::HTMLInputElement::parserDidFinishParsingAttributes):
        * html/HTMLInputElement.h:

2014-11-10  Benjamin Poulain  <bpoulain@apple.com>

        Add parsing support for the extended :nth-last-child(An+B of selector-list) defined
        https://bugs.webkit.org/show_bug.cgi?id=138520

        Reviewed by Andreas Kling.

        Add parsing for :nth-last-child(An+B of selector-list). The selector is defined
        in CSS Selectors Level 4: http://dev.w3.org/csswg/selectors4/#the-nth-last-child-pseudo

        Tests: fast/css/parsing-css-nth-last-child-of-1.html
               fast/css/parsing-css-nth-last-child-of-2.html
               fast/css/parsing-css-nth-last-child-of-3.html
               fast/css/parsing-css-nth-last-child-of-4.html

        * css/CSSGrammar.y.in:
        * css/CSSParser.cpp:
        (WebCore::CSSParser::detectFunctionTypeToken):
        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::selectorText):

2014-11-10  Said Abou-Hallawa  <sabouhallawa@apple.com>

        SVG foreign objects do not inherit the container coordinates system if they are repainted.
        https://bugs.webkit.org/show_bug.cgi?id=138481.

        Reviewed by Simon Fraser.

        If a foreign object is included in an SVG, it should inherit the coordinates system
        of the container if it is repainted. The foreign object is actually redrawn in the
        CSS coordinates system regardless of the transformation that may be applied to the
        container.

        The bug is RenderSVG* classes use computeFloatRectForRepaint(), but the rest of the
        render classes use computeRectForRepaint(). RenderSVGForeignObject::computeRectForRepaint()
        was not defined, so we end up hitting RenderObject::computeRectForRepaint() for 
        a RenderSVGTransformableContainer and completely miss the transform.

        Tests: svg/transforms/svg-transform-foreign-object-repaint.html

        Implement RenderSVGForeignObject::computeRectForRepaint() so we can apply the
        container transformation on the SVG foreign object repaint rectangle.
        * rendering/svg/RenderSVGForeignObject.cpp:
        (WebCore::RenderSVGForeignObject::computeRectForRepaint):
        * rendering/svg/RenderSVGForeignObject.h:

2014-11-10  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Use std::unique_ptr<> and std::make_unique<> in WebCore
        https://bugs.webkit.org/show_bug.cgi?id=138560

        Reviewed by Chris Dumez.

        Clean up unused OwnPtr.h and PassOwnPtr.h and use std::unique_ptr.

        No new tests, no behavior changes.

        * Modules/encryptedmedia/CDMPrivateMediaPlayer.h:
        * dom/ContainerNode.h:
        * dom/ElementIteratorAssertions.h:
        (WebCore::ElementIteratorAssertions::ElementIteratorAssertions):
        * dom/ElementRareData.h:
        * page/DragController.h:
        * rendering/RenderView.h:

2014-11-10  Beth Dakin  <bdakin@apple.com>

        WK1: Support default actions for editable text with misspelled word
        https://bugs.webkit.org/show_bug.cgi?id=138590
        -and corresponding-
        rdar://problem/18877506

        Reviewed by Tim Horton.

        * WebCore.exp.in:

2014-11-10  Chris Dumez  <cdumez@apple.com>

        Remove unnecessary null check in FrameSelection::nodeWillBeRemoved()
        https://bugs.webkit.org/show_bug.cgi?id=138578

        Reviewed by Andreas Kling.

        Remove unnecessary null check in FrameSelection::nodeWillBeRemoved()
        and turn the argument into a reference to make it clear it cannot be
        null.

        No new tests, no behavior change.

        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::willRemoveChild):
        * dom/Document.cpp:
        (WebCore::Document::nodeChildrenWillBeRemoved):
        (WebCore::Document::nodeWillBeRemoved):
        * dom/Document.h:
        * dom/NodeIterator.cpp:
        (WebCore::NodeIterator::nodeWillBeRemoved):
        (WebCore::NodeIterator::updateForNodeRemoval):
        * dom/NodeIterator.h:
        * dom/Range.cpp:
        (WebCore::Range::insertNode):
        (WebCore::boundaryNodeWillBeRemoved):
        (WebCore::Range::nodeWillBeRemoved):
        * dom/Range.h:
        * dom/RangeBoundaryPoint.h:
        (WebCore::RangeBoundaryPoint::setToBeforeChild):
        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::updatePositionForNodeRemovalPreservingChildren):
        * editing/CompositeEditCommand.h:
        * editing/DeleteSelectionCommand.cpp:
        (WebCore::DeleteSelectionCommand::removeNode):
        (WebCore::DeleteSelectionCommand::handleGeneralDelete):
        (WebCore::DeleteSelectionCommand::removeRedundantBlocks):
        * editing/FrameSelection.cpp:
        (WebCore::removingNodeRemovesPosition):
        (WebCore::DragCaretController::nodeWillBeRemoved):
        (WebCore::FrameSelection::nodeWillBeRemoved):
        (WebCore::FrameSelection::respondToNodeModification):
        * editing/FrameSelection.h:
        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::ReplaceSelectionCommand::mergeTextNodesAroundPosition):
        * editing/htmlediting.cpp:
        (WebCore::updatePositionForNodeRemoval):
        * editing/htmlediting.h:
        * page/EventHandler.cpp:
        (WebCore::EventHandler::nodeWillBeRemoved):
        * page/EventHandler.h:

2014-11-10  Benjamin Poulain  <bpoulain@apple.com>

        Fix the build when CSS Selectors Level 4 is disabled
        https://bugs.webkit.org/show_bug.cgi?id=138533

        * css/CSSSelector.cpp:
        (WebCore::appendArgumentList):
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementLinkMatching):

2014-11-10  Chris Dumez  <cdumez@apple.com>

        Support throttling of DOMTimers using nested setTimeout() calls
        https://bugs.webkit.org/show_bug.cgi?id=138262

        Reviewed by Gavin Barraclough.

        Extend DOMTimers throttling support to timers that are using nested
        setTimeout() calls instead of a setInterval(). To achieve this, this
        patch introduces a NestedTimersMap singleton class where nested timers
        are added, and for which we potentially update the next firing time,
        after the parent timer is done executing.

        I have verified this helps on ebay.com for example, which has timers
        interacting with non-visible plugins that are scheduled using nested
        setTimeout() calls with a frequency of 150 / 200 ms.

        This is a second take on r175441, which caused intermittent crashes.
        This time, nested timers are removed from the NestedTimersMap when
        DOMTimer::removeById() is called. It would be unsafe to use the nested
        timer afterwards because we don't hold a strong reference to it and
        the ScriptExecutionContext is unref'ing the DOMTimer when
        ScriptExecutionContext::removeTimeout() is called from
        DOMTimer::removeById().

        * page/DOMTimer.cpp:
        (WebCore::NestedTimersMap::NestedTimersMap):
        (WebCore::NestedTimersMap::~NestedTimersMap):
        (WebCore::NestedTimersMap::add):
        (WebCore::NestedTimersMap::remove):
        (WebCore::NestedTimersMap::begin):
        (WebCore::NestedTimersMap::end):
        (WebCore::DOMTimer::install):
        (WebCore::DOMTimer::removeById):
        (WebCore::DOMTimer::fired):

2014-11-10  Jer Noble  <jer.noble@apple.com>

        [EME][Mac] Add a systemCode to distinguish when no expired sessions were found in response to a "keyrelease" message.
        https://bugs.webkit.org/show_bug.cgi?id=138199

        Reviewed by Eric Carlson.

        Clients may want to be able to distinguish between cases where expired session data is not supported, and when
        those data are supported, but none are found.

        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
        (WebCore::CDMSessionMediaSourceAVFObjC::generateKeyReleaseMessage):

2014-11-04  Jer Noble  <jer.noble@apple.com>

        REGRESSION(r174823): Several tests fail due to canplaythrough firing before tracks are available
        https://bugs.webkit.org/show_bug.cgi?id=137882

        Reviewed by Eric Carlson.

        For HLS streams with only one video, audio, or text track, there will be no media selection group
        for that media characteristic. When culling out AVPlayerItemTracks in tracksDidChange(), do not skip
        tracks for which there is no matching AVMediaSelectionGroup.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::hasLoadedMediaSelectionGroups): Refactored.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::safeMediaSelectionGroupForLegibleMedia): Call above.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::safeMediaSelectionGroupForAudibleMedia): Ditto.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::safeMediaSelectionGroupForVisualMedia): Ditto.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::tracksDidChange):

2014-11-10  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r175813.
        https://bugs.webkit.org/show_bug.cgi?id=138573

        Breaks complex text layout spacing (Requested by litherum on
        #webkit).

        Reverted changeset:

        "[OSX] Some words are placed on top of each other in complex
        text layout"
        https://bugs.webkit.org/show_bug.cgi?id=138348
        http://trac.webkit.org/changeset/175813

2014-11-10  Beth Dakin  <bdakin@apple.com>

        Rolling out failed build fix 
        http://trac.webkit.org/changeset/175819

        * WebCore.exp.in:

2014-11-10  Beth Dakin  <bdakin@apple.com>

        Speculative build fix.

        * WebCore.exp.in:

2014-11-10  Beth Dakin  <bdakin@apple.com>

        Speculative build fix.

        * WebCore.exp.in:

2014-11-10  Simon Fraser  <simon.fraser@apple.com>

        [iOS WK2] Layers with negative z position disapear behind the page tiles
        https://bugs.webkit.org/show_bug.cgi?id=138571
        rdar://problem/18873480

        Reviewed by Dean Jackson.

        Some crufty iOS-only code in RenderLayerBacking::parentForSublayers() caused us to fail
        to use the m_childContainmentLayer as the ancestor for descendants, so layers with
        negative z position would get depth-sorted behind the tiles.
        
        Fix by removing that code.
        
        This should have been detected by compositing/tile-cache-must-flatten.html, but
        testing infrastructure suck prevented us from doing so.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::parentForSublayers):
        * rendering/RenderLayerBacking.h: Just some nullptr cleanup.

2014-11-10  Chris Dumez  <cdumez@apple.com>

        Move 'resize' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138550

        Reviewed by Andreas Kling.

        No new tests, no behavior change.

        Move 'resize' CSS property from DeprecatedStyleBuilder to the new
        StyleBuilder by adding a new 'Resize' Converter function.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyResize::applyValue): Deleted.
        (WebCore::ApplyPropertyResize::createHandler): Deleted.
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertResize):

2014-11-10  Beth Dakin  <bdakin@apple.com>

        Speculative build fix.

        * editing/DictionaryLookup.h:
        * editing/DictionaryLookup.mm:

2014-11-10  Chris Dumez  <cdumez@apple.com>

        Move 'text-indent' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138547

        Reviewed by Andreas Kling.

        Move 'text-indent' CSS property from DeprecatedStyleBuilder to the new
        StyleBuilder, by using custom code.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyTextIndent::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyTextIndent::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyTextIndent::applyValue): Deleted.
        (WebCore::ApplyPropertyTextIndent::createHandler): Deleted.
        * css/StyleBuilderConverter.h:
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderFunctions::applyInheritTextIndent):
        (WebCore::StyleBuilderFunctions::applyInitialTextIndent):
        (WebCore::StyleBuilderFunctions::applyValueTextIndent):

2014-11-10  Beth Dakin  <bdakin@apple.com>

        WK1: Support default actions for read-only text
        https://bugs.webkit.org/show_bug.cgi?id=138552
        -and corresponding-
        rdar://problem/18877483

        Reviewed by Tim Horton.

        WK1 now needs to do a lot of dictionary lookup operations that it did not 
        previously have to handle. So this patch takes a lot of that functionality, which 
        was implemented as static functions in WebPageMac for WK2 and moves it into 
        WebCore.

        * WebCore.exp.in:
        * WebCore.xcodeproj/project.pbxproj:
        * editing/DictionaryLookup.h: Added.
        * editing/DictionaryLookup.mm: Added.
        (WebCore::isPositionInRange):
        (WebCore::shouldUseSelection):
        (WebCore::rangeExpandedAroundPositionByCharacters):
        (WebCore::rangeForDictionaryLookupForSelection):
        (WebCore::rangeForDictionaryLookupAtHitTestResult):
        * platform/mac/WebCoreSystemInterface.h:
        * platform/mac/WebCoreSystemInterface.mm:

2014-11-10  Myles C. Maxfield  <mmaxfield@apple.com>

        [OSX] Some words are placed on top of each other in complex text layout
        https://bugs.webkit.org/show_bug.cgi?id=138348

        Reviewed by Simon Fraser.

        Some complex text layouts have lots of diacritics being placed all over the place.
        CoreText sometimes compensates for this by adjusting the advances of the glyphs
        throughout the string to make glyphs appear in the correct place. This means that
        we can't naively cache the width of a space character; instead, we must obey
        CoreText when it gives us an advance for a space.

        Test: fast/text/large-space-width-complex.html

        * platform/graphics/mac/ComplexTextController.cpp:
        (WebCore::ComplexTextController::adjustGlyphsAndAdvances):

2014-11-10  Eric Carlson  <eric.carlson@apple.com>

        [iOS] wireless playback placeholder UI doesn't always draw
        https://bugs.webkit.org/show_bug.cgi?id=138548

        While it is important to only listen for the 'webkitplaybacktargetavailabilitychanged' event
        when we are displaying inline controls because listening for it increases power consumption,
        we should always listen for the 'webkitcurrentplaybacktargetiswirelesschanged' event because
        it controls whether or not we draw the placeholder UI which is always visible during wireless
        playback.

        Reviewed by Brent Fulgham.

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.addVideoListeners): Always listen for the
            'webkitcurrentplaybacktargetiswirelesschanged' event.
        (ControllerIOS.prototype.removeVideoListeners): Always stop listening for the 
            'webkitcurrentplaybacktargetiswirelesschanged' event.
        (ControllerIOS.prototype.handleStartPlaybackButtonTouchEnd): Call updateControls so we update 
            the type of controls rendered and start listening for wireless target changes immediately.
        (ControllerIOS.prototype.setShouldListenForPlaybackTargetAvailabilityEvent): Don't start and stop 
            listening for 'webkitcurrentplaybacktargetiswirelesschanged', we should always listen for it.

2014-11-10  Csaba Osztrogonác  <ossy@webkit.org>

        Crash in WebCore::Node::getFlag
        https://bugs.webkit.org/show_bug.cgi?id=137961

        Reviewed by Antti Koivisto.

        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::applyBlockStyle): Null pointer check added.

2014-11-10  Mihnea Ovidenie  <mihnea@adobe.com>

        ASSERTION FAILED: !object || !object->parent()->isRuby() || is<RenderRubyRun>(*object) || (object->isInline() && (object->isBeforeContent() || object->isAfterContent())) || (object->isAnonymous() && ... ) in WebCore::isAnonymousRubyInlineBlock
        https://bugs.webkit.org/show_bug.cgi?id=137958

        Reviewed by Chris Dumez.

        When a ruby element, with block behavior, dynamically changes its style
        from multicol to without multicol, we have to remove its special children,
        RenderMultiColumnFlowThread and RenderMultiColumnSet, the normal way using
        the method in RenderBlockFlow base class. This patch adds both
        RenderMultiColumnFlowThread and RenderMultiColumnSet to the list of RenderRuby
        children removed normally and adds a new function - isRubyChildForNormalRemove -
        to test the condition and use it in the assertion in RenderRuby*::removeChild
        method.

        Test: fast/multicol/newmulticol/ruby-from-multicol-to-auto.html

        * rendering/RenderRuby.cpp:
        (WebCore::isRubyChildForNormalRemove):
        (WebCore::RenderRubyAsInline::removeChild):
        (WebCore::RenderRubyAsBlock::removeChild):

2014-11-09  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        [EFL] Remove GamepadDeviceEfl::create()
        https://bugs.webkit.org/show_bug.cgi?id=138553

        Reviewed by Darin Adler.

        As a step to use std::unique_ptr<> and std::make_unique<>, this patch removes GamepadDeviceEfl::create().
        Instead we use std::make_unique<>.

        No new tests, no behavior changes.

        * platform/efl/GamepadsEfl.cpp:
        (WebCore::GamepadsEfl::registerDevice):
        (WebCore::GamepadDeviceEfl::create): Deleted.
        (WebCore::GamepadsEfl::unregisterDevice): Deleted.

2014-11-09  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Remove create() factory function in FooAnimationValue classes
        https://bugs.webkit.org/show_bug.cgi?id=138206

        Reviewed by Darin Adler.

        As a step to use std::unique_ptr and std::make_unique, this patch removes create()
        factory function in FooAnimationValue classes. As this changes, FooAnimationValue::create()
        are changed to std::make_unique<>.

        No new tests, no behavior changes.

        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::KeyframeValueList::insert):
        * platform/graphics/GraphicsLayer.h:
        (WebCore::FloatAnimationValue::FloatAnimationValue):
        (WebCore::TransformAnimationValue::TransformAnimationValue):
        (WebCore::FilterAnimationValue::FilterAnimationValue):
        (WebCore::FloatAnimationValue::create): Deleted.
        (WebCore::TransformAnimationValue::create): Deleted.
        (WebCore::FilterAnimationValue::create): Deleted.
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::startAnimation):
        (WebCore::RenderLayerBacking::startTransition):

2014-11-09  Chris Dumez  <cdumez@apple.com>

        Add a more correct way to compare floating point numbers and use it
        https://bugs.webkit.org/show_bug.cgi?id=138527

        Reviewed by Darin Adler.

        Use the new WTF::areEssentuallyEqual() utility function from MathExtras.h
        to compare floating-point numbers.

        No new tests, no behavior change.

        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::updateTimerIntervalIfNecessary):
        * platform/graphics/FloatQuad.cpp:
        (WebCore::FloatQuad::isRectilinear):
        * platform/graphics/FloatRoundedRect.cpp:
        (WebCore::FloatRoundedRect::Radii::isUniformCornerRadius):
        * platform/graphics/FloatSize.h:
        (WebCore::areEssentiallyEqual):
        (WebCore::withinEpsilon): Deleted.

2014-11-08  Simon Fraser  <simon.fraser@apple.com>

        Implement round-rect clipping on video elements
        https://bugs.webkit.org/show_bug.cgi?id=138537
        rdar://problem/9534399

        Reviewed by Darin Adler.
        
        Support border-radius on video and other layers with composited contents,
        by pushing a FloatRoundedRect onto the GraphicsLayer as the contentsClippingRect,
        and, on Mac, using layer corner-radius or a CAShapeLayer mask.

        Test: compositing/video/video-border-radius.html

        * WebCore.exp.in:
        * platform/graphics/FloatRoundedRect.cpp:
        (WebCore::FloatRoundedRect::Radii::isUniformCornerRadius): Returns true if all
        corner radii are the same, and have equal widths and heights.
        * platform/graphics/FloatRoundedRect.h: Allow construction without an explicit
        rect.
        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::GraphicsLayer): nullptr goodness.
        (showGraphicsLayerTree): Print contents layers when debugging.
        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::contentsClippingRect): Make this take a FloatRoundedRect.
        (WebCore::GraphicsLayer::setContentsClippingRect):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::setContentsClippingRect):
        (WebCore::GraphicsLayerCA::setContentsToSolidColor):
        (WebCore::GraphicsLayerCA::setContentsToImage):
        (WebCore::GraphicsLayerCA::setContentsToPlatformLayer):
        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
        (WebCore::GraphicsLayerCA::updateClippingStrategy): Determines whether we can simply
        use corner-radius on the existing contentsClippingLayer, or whether we have to
        create a shape layer to use as a mask.
        (WebCore::GraphicsLayerCA::updateContentsRects): We have to add/remove the shape layer
        based on the rounded rect radii. Calls updateClippingStrategy() on the clipping layer,
        and also updates clones accordingly.
        (WebCore::dumpInnerLayer):
        (WebCore::GraphicsLayerCA::dumpAdditionalProperties): Dump all the inner layers
        (requiring on test rebaseline), including the new shape and backdrop layers.
        * platform/graphics/ca/GraphicsLayerCA.h:
        * platform/graphics/ca/PlatformCALayer.h: Add a new shape layer type.
        * platform/graphics/ca/mac/PlatformCALayerMac.h: Support for corner radius and
        a rounded rect shape mask.
        * platform/graphics/ca/mac/PlatformCALayerMac.mm:
        (PlatformCALayerMac::PlatformCALayerMac):
        (PlatformCALayerMac::clone):
        (PlatformCALayerMac::setMask):
        (PlatformCALayerMac::cornerRadius):
        (PlatformCALayerMac::setCornerRadius):
        (PlatformCALayerMac::shapeRoundedRect):
        (PlatformCALayerMac::setShapeRoundedRect):
        * platform/graphics/ca/win/PlatformCALayerWin.cpp:
        (PlatformCALayerWin::cornerRadius):
        (PlatformCALayerWin::setCornerRadius):
        (PlatformCALayerWin::shapeRoundedRect):
        (PlatformCALayerWin::setShapeRoundedRect):
        * platform/graphics/ca/win/PlatformCALayerWin.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::resetContentsRect): Use getRoundedInnerBorderFor() to get
        the rounded rect used to clip contents.
        (WebCore::RenderLayerBacking::positionOverflowControlsLayers): Push a FloatRoundedRect for the contents clip,
        (WebCore::RenderLayerBacking::updateDirectlyCompositedBackgroundColor): Ditto.
        (WebCore::RenderLayerBacking::updateDirectlyCompositedBackgroundImage): Ditto.
        (WebCore::RenderLayerBacking::updateImageContents): Get the rounded rect clip.
        * rendering/RenderLayerBacking.h: nullptr.

2014-11-09  Darin Adler  <darin@apple.com>

        Fix various cases of incorrect cross-thread capture of non-thread-safe RefCounted
        https://bugs.webkit.org/show_bug.cgi?id=138539

        Reviewed by Alexey Proskuryakov.

        * Modules/websockets/WorkerThreadableWebSocketChannel.cpp:
        (WebCore::WorkerThreadableWebSocketChannel::Peer::didConnect): Use StringCapture
        instead of isolatedCopy, to avoid a problem where the original thread does its deref
        after passing the string to the other thread.
        (WebCore::WorkerThreadableWebSocketChannel::Peer::didReceiveMessage): Ditto.
        (WebCore::WorkerThreadableWebSocketChannel::Peer::didClose): Ditto.
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::initialize): Ditto.
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::connect): Ditto.
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::send): Ditto.
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::close): Ditto.
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::fail): Ditto.

        * dom/Document.cpp:
        (WebCore::Document::addConsoleMessage): Pass a StringCapture when creating
        AddConsoleMessageTask. Same reason as above, but in a different context.
        (WebCore::Document::addMessage): Ditto.

        * dom/ScriptExecutionContext.h: Changed AddConsoleMessageTask to take and
        capture a StringCapture rather than a String, for the same reason as above.

        * fileapi/AsyncFileStream.cpp:
        (WebCore::AsyncFileStream::write): Use URLCapture instead of trying to use
        StringCapture on a URL, since that doesn't preserve the validity flag.

        * loader/WorkerThreadableLoader.cpp:
        (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): Use StringCapture.
        (WebCore::WorkerThreadableLoader::MainThreadBridge::didFail): Ditto.
        (WebCore::WorkerThreadableLoader::MainThreadBridge::didFailAccessControlCheck): Ditto.

        * platform/URL.h: Added URLCapture.

        * platform/network/FormData.cpp:
        (WebCore::appendBlobResolved): Remove incorrect pointless code that creates a new URL
        from an existing URL with the ParsedURLString constructor.

        * workers/DefaultSharedWorkerRepository.cpp: Fixed code that was trying to copy a URL
        by copying a string to instead just use URL::copy. The comment claimed that URL::copy
        is not thread safe, but that claim is incorrect.
        (WebCore::SharedWorkerProxy::postExceptionToWorkerObject): Use StringCapture.
        (WebCore::SharedWorkerProxy::postConsoleMessageToWorkerObject): Ditto.
        (WebCore::DefaultSharedWorkerRepository::getProxy): Use URL::copy.

        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::addConsoleMessage): Use StringCapture.
        (WebCore::WorkerGlobalScope::addMessage): Ditto.
        * workers/WorkerMessagingProxy.cpp:
        (WebCore::WorkerMessagingProxy::postExceptionToWorkerObject): Ditto.
        (WebCore::WorkerMessagingProxy::postConsoleMessageToWorkerObject): Ditto.
        (WebCore::WorkerMessagingProxy::sendMessageToInspector): Ditto.
        (WebCore::WorkerMessagingProxy::postMessageToPageInspector): Ditto.

        * workers/WorkerRunLoop.cpp:
        (WebCore::WorkerRunLoop::postTaskAndTerminate): Make a Task with make_unique
        rather than with Task::create. Removed an extra isolatedCopy, unneeded because
        the Task constructor already does an isolatedCopy.
        (WebCore::WorkerRunLoop::postTaskForMode): Ditto.
        (WebCore::WorkerRunLoop::Task::create): Deleted.

        * workers/WorkerRunLoop.h: Removed unneeded create function and explicit
        public empty destructor.

2014-11-09  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for HTMLCollection subclasses
        https://bugs.webkit.org/show_bug.cgi?id=138541

        Reviewed by Sam Weinig.

        Use is<>() / downcast<>() for HTMLCollection subclasses for
        safety and consistency with the rest of the code base.

        No new tests, no behavior change.

        * bindings/gobject/WebKitDOMPrivate.cpp:
        (WebKit::wrap):
        * html/HTMLAllCollection.h:
        * html/HTMLCollection.cpp:
        (WebCore::isMatchingHTMLElement):
        (WebCore::isMatchingElement):
        * html/HTMLCollection.h:
        * html/HTMLFormControlsCollection.h:
        * html/HTMLNameCollection.h:
        * html/HTMLOptionsCollection.h:
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::options):
        * html/HTMLTableRowsCollection.h:

2014-11-08  Chris Dumez  <cdumez@apple.com>

        Call faster HTMLElement::hasTagName() in HTMLCollection
        https://bugs.webkit.org/show_bug.cgi?id=138529

        Reviewed by Darin Adler.

        Call faster HTMLElement::hasTagName() in HTMLCollection instead of
        slower Node::hasTagName() by restructuring the code a bit to
        distinguish collection that deal only with HTMLElements from others.

        No new tests, no behavior change.

        * html/HTMLCollection.cpp:
        (WebCore::isMatchingHTMLElement):
        (WebCore::isMatchingElement):

2014-11-08  Chris Dumez  <cdumez@apple.com>

        Move isEmptyValue() logic from HTMLInputElement to TextFieldInputType
        https://bugs.webkit.org/show_bug.cgi?id=138538

        Reviewed by Darin Adler.

        Move isEmptyValue() logic from HTMLInputElement to TextFieldInputType
        as this only makes sense for text field input types.

        No new tests, no behavior change.

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::isEmptyValue):
        * html/InputType.cpp:
        (WebCore::InputType::isEmptyValue):
        * html/InputType.h:
        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::isEmptyValue):
        * html/TextFieldInputType.h:

2014-11-08  Darin Adler  <darin@apple.com>

        Replace FileThread class with a single function
        https://bugs.webkit.org/show_bug.cgi?id=138282

        Reviewed by Alexey Proskuryakov.

        * CMakeLists.txt: Removed FileThread.cpp.

        * WebCore.vcxproj/WebCore.vcxproj: Removed FileThread.cpp/.h.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.

        * bindings/generic/ActiveDOMCallback.cpp: Removed unneeded includes.
        * dom/ActiveDOMObject.cpp: Ditto.

        * fileapi/AsyncFileStream.cpp:
        (WebCore::callOnFileThread): Added. Implements the file thread.
        (WebCore::AsyncFileStream::AsyncFileStream): Take a reference to the client.
        Make m_internals. Use the destroyed flag instead of trickier techniques to
        handle stopping. Once the stream is destroyed, there will be no further callbacks.
        (WebCore::AsyncFileStream::~AsyncFileStream): Added assertions and merged in the
        stop behavior here. This class no longer requires an explicit stop function.
        (WebCore::AsyncFileStream::perform): Added. Helper used for all the operations
        below. Takes a function that performs an operation and then returns a client
        callback function. Respects the m_stopped boolean on the file thread (so we
        don't do extra operations) and on the client thread (so we are guaranteed not
        to get any client callbacks even if the file thread was partway through an
        operation).
        (WebCore::AsyncFileStream::getSize): Changed to use the perform function.
        (WebCore::AsyncFileStream::openForRead): Ditto. Also fixed reference count
        thread safety issue by capturing a StringCapture rather than a String.
        (WebCore::AsyncFileStream::openForWrite): Ditto.
        (WebCore::AsyncFileStream::close): Changed to use callOnFileThread.
        (WebCore::AsyncFileStream::read): Changed to use the perform function.
        (WebCore::AsyncFileStream::write): Ditto. Also fixed reference count
        thread safety issue by capturing a StringCapture rather than a URL.
        (WebCore::AsyncFileStream::truncate): Ditto.

        * fileapi/AsyncFileStream.h: Removed use of RefCounted since we only need
        single ownership. Removed the stop function, since we can now stop when
        the stream is destroyed since we have single ownership. Made a new Internals
        object to handle destruction while operations are still going on the file thread.

        * fileapi/FileThread.cpp: Removed.
        * fileapi/FileThread.h: Removed.

        * loader/ResourceLoader.cpp: Removed unneeded include.

        * platform/FileStream.cpp:
        (WebCore::FileStream::~FileStream): Merged the stop function in here.

        * platform/FileStream.h: Removed use of RefCounted since we only need
        single ownership. Removed the empty start function. Removed the stop function,
        since we can now stop when the stream is destroyed since we have single ownership.

        * platform/FileStreamClient.h: Removed unneeded didStart and didStop.

        * platform/network/BlobResourceHandle.cpp:
        (WebCore::BlobResourceHandle::BlobResourceHandle): Use make_unique to make the
        stream objects instead of custom create functions.
        (WebCore::BlobResourceHandle::~BlobResourceHandle): Removed now-unneeded code
        to call stop functions. Destroying the objects now takes care of the this, and
        that's done by the unique_ptrs.
        (WebCore::BlobResourceHandle::cancel): Removed the rest of the code to stop the
        m_asyncStream, keeping only the code that sets it to null. That now stops the
        stream by destroying it.

        * platform/network/BlobResourceHandle.h: Use std::unique_ptr rather than
        RefPtr for the file stream objects.

        * storage/StorageThread.h: Tweaked formatting of std::function<void()> to
        match the format used elsewhere in WebKit.

2014-11-08  Simon Fraser  <simon.fraser@apple.com>

        Don't try to schedule a GraphicsLayer flush when propagating changes to replicas inside a flush
        https://bugs.webkit.org/show_bug.cgi?id=138532

        Reviewed by Dan Bernstein.

        When changing masks on replica layers with certain layer configurations, 
        it was possible to hit an assertion that a flush was being scheduled when already
        flushing, via propagateLayerChangeToReplicas(). Fix by passing the scheduleFlush
        flag along.
        
        Not testable with current GraphicsLayer configurations.

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        * platform/graphics/ca/GraphicsLayerCA.h:

2014-11-08  Beth Dakin  <bdakin@apple.com>

        Implement action menu support for videos
        https://bugs.webkit.org/show_bug.cgi?id=138534
        -and corresponding-
        rdar://problem/18742164

        Reviewed by Tim Horton.

        Export needed symbols and added not-yet-implemented 
        HitTestResult::isMediaThatCanBeDownloaded() so that action menus will work as 
        expected once it is implemented.
        * WebCore.exp.in:
        * rendering/HitTestResult.cpp:
        (WebCore::HitTestResult::isMediaThatCanBeDownloaded):
        * rendering/HitTestResult.h:

2014-11-08  Chris Dumez  <cdumez@apple.com>

        Speed up HTMLInputElement::isEmptyValue()
        https://bugs.webkit.org/show_bug.cgi?id=138515

        Reviewed by Geoffrey Garen.

        HTMLInputElement::isEmptyValue() was calling
        HTMLTextFormControlElement::innerTextValue() which causes a full
        subtree traversal to construct a string representation of that subtree
        using a StringBuilder. In the case of HTMLInputElement::isEmptyValue(),
        we don't have to do all this: We don't need to construct a String
        and we can return false as soon as we find a non-empty descendant.

        No new tests, no behavior change.

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::isEmptyValue):
        * html/HTMLInputElement.h:

2014-11-07  Eric Carlson  <eric.carlson@apple.com>

        [iOS] video is sometimes allowed to play from the background
        https://bugs.webkit.org/show_bug.cgi?id=138522

        Reviewed by Jer Noble.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::displayType): New.
        * html/HTMLMediaElement.h:

        * platform/audio/MediaSession.cpp:
        (WebCore::MediaSession::isHidden): New, client passthrough.
        (WebCore::MediaSession::displayType): Ditto.
        * platform/audio/MediaSession.h:
        (WebCore::MediaSessionClient::displayType):

        * platform/audio/MediaSessionManager.cpp:
        (WebCore::MediaSessionManager::sessionCanLoadMedia): New, default implementation returns
            true if client is visible or playing.
        * platform/audio/MediaSessionManager.h:

        * platform/audio/ios/MediaSessionManagerIOS.h:
        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (WebCore::MediaSessionManageriOS::sessionCanLoadMedia): iOS override, also allows buffering
            when displaying optimized fullscreen.

2014-11-07  Benjamin Poulain  <bpoulain@apple.com>

        Fix the build after r175772

        * inspector/InspectorCSSAgent.cpp:
        (WebCore::InspectorCSSAgent::buildArrayForMatchedRuleList):

2014-11-07  Benjamin Poulain  <benjamin@webkit.org>

        Make the Selector's specificity part of Selector matching
        https://bugs.webkit.org/show_bug.cgi?id=138486

        Reviewed by Andreas Kling.

        In CSS Selectors Level 4, the specificity of selectors is computed dynamically
        based on which element is being matched.

        For example, a selector:
            :matches(#foo, .bar, baz)
        has a specificity of
            (1, 0, 0) on <baz id=foo class=bar>
            (0, 1, 0) on <baz class=bar>
            (0, 0, 1) on <baz>

        Previously, the specificity of each selector was computed statically when populating
        RuleSet. With more recent CSS, this gives us the wrong specificity because we do not know
        how the selectors applies to the target.

        This patch moves one tiny step in the direction of dynamic specificity. The specificity
        is removed from RuleSet and is moved inside Selector Matching.

        There is one bit worth keeping static: matching based on rule hash. This path is important
        to avoid spending time compiling trivial selectors.
        In order to keep rule hash matching working, the RuleData store which specificity class
        the rule has in addition to the information about matching/not-matching. When going through
        the fast path in ElementCollector, we compute the right specificity based on the type
        of rule-hash matching.

        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::specificityForOneSelector):
        * css/CSSSelector.h:
        * css/ElementRuleCollector.cpp:
        (WebCore::ElementRuleCollector::addMatchedRule):
        (WebCore::ElementRuleCollector::sortAndTransferMatchedRules):
        (WebCore::ElementRuleCollector::ruleMatches):
        (WebCore::ElementRuleCollector::collectMatchingRulesForList):
        (WebCore::compareRules):
        * css/ElementRuleCollector.h:
        * css/RuleSet.cpp:
        (WebCore::computeMatchBasedOnRuleHash):
        (WebCore::RuleData::RuleData):
        (WebCore::isSelectorMatchingHTMLBasedOnRuleHash): Deleted.
        * css/RuleSet.h:
        (WebCore::RuleData::matchBasedOnRuleHash):
        (WebCore::RuleData::hasRightmostSelectorMatchingHTMLBasedOnRuleHash): Deleted.
        (WebCore::RuleData::specificity): Deleted.
        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::match):
        * css/SelectorChecker.h:
        * css/StyleResolver.h:
        (WebCore::checkRegionSelector):
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::SelectorCodeGenerator::SelectorCodeGenerator):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateSelectorChecker):
        * cssjit/SelectorCompiler.h:
        (WebCore::SelectorCompiler::ruleCollectorSimpleSelectorCheckerFunction):
        (WebCore::SelectorCompiler::querySelectorSimpleSelectorCheckerFunction):
        (WebCore::SelectorCompiler::ruleCollectorSelectorCheckerFunctionWithCheckingContext):
        (WebCore::SelectorCompiler::querySelectorSelectorCheckerFunctionWithCheckingContext):
        (WebCore::SelectorCompiler::simpleSelectorCheckerFunction): Deleted.
        (WebCore::SelectorCompiler::selectorCheckerFunctionWithCheckingContext): Deleted.
        * dom/SelectorQuery.cpp:
        (WebCore::SelectorDataList::selectorMatches):
        (WebCore::SelectorDataList::selectorClosest):
        (WebCore::SelectorDataList::executeCompiledSimpleSelectorChecker):
        (WebCore::SelectorDataList::executeCompiledSelectorCheckerWithCheckingContext):
        (WebCore::SelectorDataList::executeCompiledSingleMultiSelectorData):
        (WebCore::SelectorDataList::execute):
        * dom/SelectorQuery.h:

2014-11-07  Alexey Proskuryakov  <ap@apple.com>

        CSP is enforced for eval in report-only mode on first page load
        https://bugs.webkit.org/show_bug.cgi?id=138492
        rdar://problem/15782525

        Reviewed by Daniel Bates.

        This is covered by existing tests when running as one test per process invocation.

        * page/ContentSecurityPolicy.cpp:
        (WebCore::CSPDirectiveList::allowEval): Allow when in report only mode. The allowEval
        function itself needs to return false, because it's used in checkEvalAndReportViolation().
        (WebCore::CSPDirectiveList::allowJavaScriptURLs): Apply the same fix, although it's
        not changing the behavior - this function is never called with ContentSecurityPolicy::SuppressReport.
        (WebCore::CSPDirectiveList::allowInlineEventHandlers): Ditto.
        (WebCore::CSPDirectiveList::allowInlineScript): Ditto.
        (WebCore::CSPDirectiveList::allowInlineStyle): Ditto.
        (WebCore::CSPDirectiveList::allowPluginType): Ditto.
        (WebCore::CSPDirectiveList::allowScriptFromSource): Ditto.
        (WebCore::CSPDirectiveList::allowObjectFromSource): Ditto.
        (WebCore::CSPDirectiveList::allowChildFrameFromSource): Ditto.
        (WebCore::CSPDirectiveList::allowImageFromSource): Ditto.
        (WebCore::CSPDirectiveList::allowStyleFromSource): Ditto.
        (WebCore::CSPDirectiveList::allowFontFromSource): Ditto.
        (WebCore::CSPDirectiveList::allowMediaFromSource): Ditto.
        (WebCore::CSPDirectiveList::allowConnectToSource): Ditto.
        (WebCore::CSPDirectiveList::allowFormAction): Ditto.
        (WebCore::CSPDirectiveList::allowBaseURI): Ditto.
        (WebCore::ContentSecurityPolicy::didReceiveHeader): Remove isReportOnly() check,
        which is now inside allowEval().

2014-11-07  Andreas Kling  <akling@apple.com>

        [Mac] Avoid repainting scrollbar track when the scrollbar track is transparent.
        <https://webkit.org/b/138521>
        <rdar://problem/18892090>

        Reviewed by Simon Fraser.

        Don't bother invalidating the entire WebCore scrollbar when we've opted into
        AppKit's special mode to use individual layers for scrollbar components.
        NSScrollerImp will invalidate what's necessary below e.g setKnobAlpha.

        * platform/mac/ScrollAnimatorMac.mm:
        (-[WebScrollbarPartAnimation setCurrentProgress:]):

2014-11-07  Chris Dumez  <cdumez@apple.com>

        Rename HTMLInputElement::imageLoader() to ensureImageLoader()
        https://bugs.webkit.org/show_bug.cgi?id=138508

        Reviewed by Andreas Kling.

        Rename HTMLInputElement::imageLoader() to ensureImageLoader() and have
        it return a reference to make it clear that it constructs an
        ImageLoader if missing.
        Also introduce a lightweight imageLoader() getter which just returns
        the imageLoader or null if missing.

        No new tests, no behavior change.

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::ensureImageLoader):
        (WebCore::HTMLInputElement::didMoveToNewDocument):
        (WebCore::HTMLInputElement::imageLoader): Deleted.
        * html/HTMLInputElement.h:
        (WebCore::HTMLInputElement::imageLoader):
        (WebCore::HTMLInputElement::hasImageLoader): Deleted.
        * html/ImageInputType.cpp:
        (WebCore::ImageInputType::srcAttributeChanged):
        (WebCore::ImageInputType::attach):
        (WebCore::ImageInputType::height):
        (WebCore::ImageInputType::width):

2014-11-07  Chris Dumez  <cdumez@apple.com>

        Move 'webkit-clip-path' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138452

        Reviewed by Andreas Kling.

        Move 'webkit-clip-path' CSS property from DeprecatedStyleBuilder to the
        new StyleBuilder so that it is now generated from CSSPropertyNames.in.

        A ClipPath converter was added to support this. Custom code was avoided
        by replacing if checks by assertions, relying on the CSSParser to make
        sure the input is valid.

        Test: fast/masking/clip-path-bad-value.html

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyClipPath::setValue): Deleted.
        (WebCore::ApplyPropertyClipPath::applyValue): Deleted.
        (WebCore::ApplyPropertyClipPath::createHandler): Deleted.
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertClipPath):

2014-11-07  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Pseudo element matchedCSSRules do not include matching selector info
        https://bugs.webkit.org/show_bug.cgi?id=138438

        Reviewed by Benjamin Poulain.

        Test: inspector/css/psuedo-element-matches.html

        Element::matches is not the correct API to use to check selectors with pseudo-elements.
        Instead we should use the CSS Selector checking machinary which understands them.

        * inspector/InspectorCSSAgent.cpp:
        (WebCore::InspectorCSSAgent::getSupportedCSSProperties):
        (WebCore::InspectorCSSAgent::buildArrayForRuleList):
        (WebCore::InspectorCSSAgent::buildArrayForRegions):
        (WebCore::InspectorCSSAgent::buildObjectForNamedFlow):
        Some RefPtr release improvements.

        (WebCore::InspectorCSSAgent::buildArrayForMatchedRuleList):
        Use a SelectorChecker to check each Selector against the element.
        This matches the SelectorChecker used when we collected the rules
        for this element.

2014-11-07  Chris Dumez  <cdumez@apple.com>

        Drop useless HTMLElement::isURLAttribute() override
        https://bugs.webkit.org/show_bug.cgi?id=138479

        Reviewed by Mark Lam.

        Drop useless HTMLElement::isURLAttribute() override as it is doing
        nothing but calling the parent class' isURLAttribute().

        No new tests, no behavior change.

        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::isURLAttribute): Deleted.
        * html/HTMLElement.h:

2014-11-07  Eric Carlson  <eric.carlson@apple.com>

        [iOS] Update optimized fullscreen media controls
        https://bugs.webkit.org/show_bug.cgi?id=138493

        Reviewed by Brent Fulgham.

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::fullscreenMode): New.
        (WebCore::MediaControlsHost::mediaUIImageData): New.
        * Modules/mediacontrols/MediaControlsHost.h:
        * Modules/mediacontrols/MediaControlsHost.idl:

        * Modules/mediacontrols/mediaControlsiOS.css:
        Renamed -webkit-media-controls-wireless-playback-status to -webkit-media-controls-inline-playback-placeholder
            because it is now used for other inline playback status display. Add z-index:0 so the placeholder
            renders above captions. Remove the background-image, it is now set from script.
        (audio::-webkit-media-controls-inline-playback-placeholder): 
        (audio::-webkit-media-controls-inline-playback-placeholder.hidden):
        (video::-webkit-media-controls-optimized-fullscreen-button):
        (audio::-webkit-media-controls-wireless-playback-status): Deleted.
        (audio::-webkit-media-controls-wireless-playback-status.hidden): Deleted.
        (video::-webkit-media-controls-optimized-fullscreen-button:active): Deleted.

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS): Set doingSetup to true around setup so we don't draw the inline controls
            briefly when an element is created as a result of a user gesture.
        (ControllerIOS.prototype.shouldHaveStartPlaybackButton): Don't allow inline controls during 
            initial setup to prevent inline controls from begin drawn briefly when a media element
            is created and inserted by a script called from a user gesture.
        (ControllerIOS.prototype.updateWirelessPlaybackStatus): wirelessPlaybackStatus -> inlinePlaybackPlaceholder.
        (ControllerIOS.prototype.createControls): Ditto. Add style rules for optimized fullscreen button.
        (ControllerIOS.prototype.configureInlineControls): Add the inlinePlaybackPlaceholder as a peer of
            the inline controls compositing child instead of as a child so it renders correctly.
        (ControllerIOS.prototype.addControls):
        (ControllerIOS.prototype.updateControls): wirelessPlaybackStatus -> inlinePlaybackPlaceholder.
        (ControllerIOS.prototype.handleWrapperTouchStart):
        (ControllerIOS.prototype.get pageScaleFactor): Cleanup.
        (ControllerIOS.prototype.set pageScaleFactor): Ditto.
        (ControllerIOS.prototype.handleFullscreenChange): Show the placeholder.

        * WebCore.exp.in: Export _wkGetMediaUIImageData.

        * html/HTMLMediaElement.h:
        (WebCore::HTMLMediaElement::fullscreenMode): Expose fullscreen mode.

        * platform/ios/WebCoreSystemInterfaceIOS.h:
        * platform/ios/WebCoreSystemInterfaceIOS.mm:

2014-11-06  Carlos Garcia Campos  <cgarcia@igalia.com>

        Unreviewed. Try to fix GTK build after r175719.

        Rename the Timer fired function as requestAnimationTimerFired() to
        avoid ambiguity.

        * platform/ScrollAnimatorNone.cpp:
        (WebCore::ScrollAnimatorNone::ScrollAnimatorNone):
        (WebCore::ScrollAnimatorNone::requestAnimationTimerFired):
        (WebCore::ScrollAnimatorNone::animationTimerFired): Deleted.
        * platform/ScrollAnimatorNone.h:

2014-11-06  Chris Dumez  <cdumez@apple.com>

        Remove useless if check in HTMLInputElement::setValue()
        https://bugs.webkit.org/show_bug.cgi?id=138485

        Reviewed by Daniel Bates.

        Remove useless if check in HTMLInputElement::setValue(). It was
        inadvertently left in as part of r94836.

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::setValue):

2014-11-06  Simon Fraser  <simon.fraser@apple.com>

        Put names on a couple of video-related CALayers
        https://bugs.webkit.org/show_bug.cgi?id=138491

        Reviewed by Eric Carlson.

        In debug, set layer names on a couple of video-related layers to make
        debugging easier.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureLayer):

2014-11-06  Darin Adler  <darin@apple.com>

        REGRESSION (r175549): http/tests/multipart/stop-crash.html failing (assertion failure in CachedResource::setEncodedSize)
        https://bugs.webkit.org/show_bug.cgi?id=138358

        Reviewed by Alexey Proskuryakov.

        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::setEncodedSize): Removed the incorrect assertion here.
        The code asserts that resources only get bigger, never smaller. This is incorrect
        for a multipart/mixed-replace image, where a later image that is smaller can replace
        an earlier one. I don't fully understand why this assertion was not firing before,
        but the relevant websites are working fine and the test otherwise passes.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::subresourceLoaderFinishedLoadingOnePart): Fix another
        incorrect assertion that can fire for any parts after the first one. I ran into
        this while testing various websites that use multipart/mixed-replace.

2014-11-06  Jeremy Jones  <jeremyj@apple.com>

        Fix typo in optimized fullscreen activation.
        https://bugs.webkit.org/show_bug.cgi?id=138480

        Reviewed by Jer Noble.

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.handleWrapperTouchStart): fix typo doubleTouchIntervalThresholdms
        (ControllerIOS.prototype.handleOptimizedFullscreenButtonClicked): fix typo isFullScreen

2014-11-06  Chris Dumez  <cdumez@apple.com>

        Stop special-casing wbr elements in HTMLElement::createElementRenderer()
        https://bugs.webkit.org/show_bug.cgi?id=138474

        Reviewed by Ryosuke Niwa.

        Stop special-casing wbr elements in HTMLElement::createElementRenderer()
        and move the code to a HTMLWBRElement subclass instead, that is
        overriding createElementRenderer(). This function is already virtual.

        No new tests, no behavior change.

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::createElementRenderer):
        * html/HTMLElementsAllInOne.cpp:
        * html/HTMLTagNames.in:
        * html/HTMLWBRElement.cpp: Added.
        (WebCore::HTMLWBRElement::create):
        (WebCore::HTMLWBRElement::HTMLWBRElement):
        (WebCore::HTMLWBRElement::createElementRenderer):
        * html/HTMLWBRElement.h: Added.
        * rendering/RenderLineBreak.cpp:
        (WebCore::RenderLineBreak::RenderLineBreak):

2014-11-05  Jer Noble  <jer.noble@apple.com>

        De-templatize Timer
        https://bugs.webkit.org/show_bug.cgi?id=138450

        Reviewed by Anders Carlsson.

        Timer does not need to be a templated class; only it's constructors need to be templated.
        Remove the template specifier from Timer and add same to its two class method
        constructors. Replace the function pointer typedefs with using statements. Add a
        helper typedef which allows invalid combinations of TimerFiredClass and
        TimerFiredFunction to be caught early by the compiler, while still allowing
        valid combinations (such as when the caller specifies a function on a subclass of
        TimerFiredClass).

        * Modules/encryptedmedia/MediaKeySession.cpp:
        (WebCore::MediaKeySession::keyRequestTimerFired):
        (WebCore::MediaKeySession::addKeyTimerFired):
        * Modules/encryptedmedia/MediaKeySession.h:
        * Modules/geolocation/Geolocation.cpp:
        (WebCore::Geolocation::GeoNotifier::timerFired):
        (WebCore::Geolocation::resumeTimerFired):
        * Modules/geolocation/Geolocation.h:
        * Modules/indexeddb/IDBTransactionBackend.cpp:
        (WebCore::IDBTransactionBackend::taskTimerFired):
        * Modules/indexeddb/IDBTransactionBackend.h:
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::appendBufferTimerFired):
        (WebCore::SourceBuffer::removeTimerFired):
        * Modules/mediasource/SourceBuffer.h:
        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::scheduledEventTimerFired):
        * Modules/mediastream/MediaStream.h:
        * Modules/mediastream/RTCDTMFSender.cpp:
        (WebCore::RTCDTMFSender::scheduledEventTimerFired):
        * Modules/mediastream/RTCDTMFSender.h:
        * Modules/mediastream/RTCDataChannel.cpp:
        (WebCore::RTCDataChannel::scheduledEventTimerFired):
        * Modules/mediastream/RTCDataChannel.h:
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::RTCPeerConnection::scheduledEventTimerFired):
        * Modules/mediastream/RTCPeerConnection.h:
        * Modules/notifications/Notification.cpp:
        (WebCore::Notification::Notification):
        (WebCore::Notification::taskTimerFired):
        * Modules/notifications/Notification.h:
        * Modules/notifications/NotificationCenter.cpp:
        (WebCore::NotificationCenter::NotificationRequestCallback::timerFired):
        * Modules/notifications/NotificationCenter.h:
        * Modules/vibration/Vibration.cpp:
        (WebCore::Vibration::timerFired):
        * Modules/vibration/Vibration.h:
        * Modules/websockets/WebSocketChannel.cpp:
        (WebCore::WebSocketChannel::resumeTimerFired):
        (WebCore::WebSocketChannel::closingTimerFired):
        * Modules/websockets/WebSocketChannel.h:
        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::notificationPostTimerFired):
        * accessibility/AXObjectCache.h:
        (WebCore::AXObjectCache::AXObjectCache):
        * bindings/js/GCController.cpp:
        (WebCore::GCController::gcTimerFired):
        * bindings/js/GCController.h:
        * css/CSSFontFaceSource.h:
        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::beginLoadTimerFired):
        * css/CSSFontSelector.h:
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::sweepMatchedPropertiesCache):
        * css/StyleResolver.h:
        * dom/Document.cpp:
        (WebCore::Document::visualUpdatesSuppressionTimerFired):
        (WebCore::Document::styleRecalcTimerFired):
        (WebCore::Document::optimizedStyleSheetUpdateTimerFired):
        (WebCore::Document::sharedObjectPoolClearTimerFired):
        (WebCore::Document::updateFocusAppearanceTimerFired):
        (WebCore::Document::pendingTasksTimerFired):
        (WebCore::Document::fullScreenChangeDelayTimerFired):
        (WebCore::Document::loadEventDelayTimerFired):
        (WebCore::Document::didAssociateFormControlsTimerFired):
        (WebCore::Document::domCookieCacheExpiryTimerFired):
        * dom/Document.h:
        * dom/EventSender.h:
        (WebCore::EventSender::timerFired):
        * dom/GenericEventQueue.cpp:
        (WebCore::GenericEventQueue::timerFired):
        * dom/GenericEventQueue.h:
        * dom/ScriptRunner.cpp:
        (WebCore::ScriptRunner::timerFired):
        * dom/ScriptRunner.h:
        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::animationTimerFired):
        * dom/ScriptedAnimationController.h:
        * dom/StyledElement.cpp:
        (WebCore::PresentationAttributeCacheCleaner::cleanCache):
        * editing/AlternativeTextController.cpp:
        (WebCore::AlternativeTextController::timerFired):
        * editing/AlternativeTextController.h:
        * editing/Editor.cpp:
        (WebCore::Editor::scanSelectionForTelephoneNumbers):
        (WebCore::Editor::editorUIUpdateTimerFired):
        * editing/Editor.h:
        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::caretBlinkTimerFired):
        * editing/FrameSelection.h:
        * editing/SpellChecker.cpp:
        (WebCore::SpellChecker::timerFiredToProcessQueuedRequest):
        * editing/SpellChecker.h:
        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::requestAutocompleteTimerFired):
        * html/HTMLFormElement.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):
        * html/HTMLMediaElement.h:
        * html/HTMLPlugInElement.cpp:
        (WebCore::HTMLPlugInElement::swapRendererTimerFired):
        * html/HTMLPlugInElement.h:
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::removeSnapshotTimerFired):
        * html/HTMLPlugInImageElement.h:
        * html/HTMLSourceElement.cpp:
        (WebCore::HTMLSourceElement::errorEventTimerFired):
        * html/HTMLSourceElement.h:
        * html/HTMLTrackElement.cpp:
        (WebCore::HTMLTrackElement::loadTimerFired):
        * html/HTMLTrackElement.h:
        * html/MediaController.cpp:
        (MediaController::asyncEventTimerFired):
        (MediaController::clearPositionTimerFired):
        (MediaController::timeupdateTimerFired):
        * html/MediaController.h:
        * html/MediaDocument.cpp:
        (WebCore::MediaDocument::replaceMediaElementTimerFired):
        * html/MediaDocument.h:
        * html/SearchInputType.cpp:
        (WebCore::SearchInputType::searchEventTimerFired):
        * html/SearchInputType.h:
        * html/ValidationMessage.cpp:
        (WebCore::ValidationMessage::setMessage):
        (WebCore::ValidationMessage::setMessageDOMAndStartTimer):
        (WebCore::ValidationMessage::buildBubbleTree):
        (WebCore::ValidationMessage::requestToHideMessage):
        (WebCore::ValidationMessage::deleteBubbleTree):
        * html/ValidationMessage.h:
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::dispatchContextLostEvent):
        (WebCore::WebGLRenderingContext::maybeRestoreContext):
        * html/canvas/WebGLRenderingContext.h:
        * html/parser/HTMLParserScheduler.cpp:
        (WebCore::HTMLParserScheduler::continueNextChunkTimerFired):
        * html/parser/HTMLParserScheduler.h:
        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlPanelElement::transitionTimerFired):
        (WebCore::MediaControlTextTrackContainerElement::updateTimerFired):
        * html/shadow/MediaControlElements.h:
        * html/shadow/MediaControls.cpp:
        (WebCore::MediaControls::hideFullscreenControlsTimerFired):
        * html/shadow/MediaControls.h:
        * html/shadow/SpinButtonElement.cpp:
        (WebCore::SpinButtonElement::repeatingTimerFired):
        * html/shadow/SpinButtonElement.h:
        * html/track/LoadableTextTrack.cpp:
        (WebCore::LoadableTextTrack::loadTimerFired):
        * html/track/LoadableTextTrack.h:
        * html/track/VTTRegion.cpp:
        (WebCore::VTTRegion::scrollTimerFired):
        * html/track/VTTRegion.h:
        * inspector/InspectorCSSAgent.cpp:
        (WebCore::ChangeRegionOversetTask::timerFired):
        * inspector/InspectorDOMAgent.cpp:
        (WebCore::RevalidateStyleAttributeTask::timerFired):
        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorBackendDispatchTask::timerFired):
        * inspector/InspectorOverlay.cpp:
        (WebCore::InspectorOverlay::updatePaintRectsTimerFired):
        * inspector/InspectorOverlay.h:
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::substituteResourceDeliveryTimerFired):
        * loader/DocumentLoader.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::checkTimerFired):
        * loader/FrameLoader.h:
        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::timerFired):
        * loader/ImageLoader.h:
        * loader/LinkLoader.cpp:
        (WebCore::LinkLoader::linkLoadTimerFired):
        (WebCore::LinkLoader::linkLoadingErrorTimerFired):
        * loader/LinkLoader.h:
        * loader/NavigationScheduler.cpp:
        (WebCore::ScheduledNavigation::didStartTimer):
        (WebCore::NavigationScheduler::timerFired):
        * loader/NavigationScheduler.h:
        * loader/PingLoader.h:
        (WebCore::PingLoader::timeoutTimerFired):
        * loader/ProgressTracker.cpp:
        (WebCore::ProgressTracker::progressHeartbeatTimerFired):
        * loader/ProgressTracker.h:
        * loader/ResourceLoadScheduler.cpp:
        (WebCore::ResourceLoadScheduler::requestTimerFired):
        * loader/ResourceLoadScheduler.h:
        * loader/TextTrackLoader.cpp:
        (WebCore::TextTrackLoader::cueLoadTimerFired):
        * loader/TextTrackLoader.h:
        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::Callback::timerFired):
        * loader/cache/CachedResource.h:
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::garbageCollectDocumentResourcesTimerFired):
        * loader/cache/CachedResourceLoader.h:
        * loader/icon/IconDatabase.cpp:
        (WebCore::IconDatabase::syncTimerFired):
        * loader/icon/IconDatabase.h:
        * page/AutoscrollController.cpp:
        (WebCore::AutoscrollController::autoscrollTimerFired):
        * page/AutoscrollController.h:
        * page/CaptionUserPreferences.cpp:
        (WebCore::CaptionUserPreferences::timerFired):
        * page/CaptionUserPreferences.h:
        * page/CaptionUserPreferencesMediaAF.cpp:
        (WebCore::CaptionUserPreferencesMediaAF::updateTimerFired):
        * page/CaptionUserPreferencesMediaAF.h:
        * page/DeviceController.cpp:
        (WebCore::DeviceController::fireDeviceEvent):
        * page/DeviceController.h:
        * page/EventHandler.cpp:
        (WebCore::EventHandler::cursorUpdateTimerFired):
        (WebCore::EventHandler::autoHideCursorTimerFired):
        (WebCore::EventHandler::recognizeLongMousePress):
        (WebCore::EventHandler::fakeMouseMoveEventTimerFired):
        (WebCore::EventHandler::hoverTimerFired):
        * page/EventHandler.h:
        * page/EventSource.cpp:
        (WebCore::EventSource::connectTimerFired):
        * page/EventSource.h:
        * page/FocusController.cpp:
        (WebCore::FocusController::focusRepaintTimerFired):
        * page/FocusController.h:
        * page/Frame.cpp:
        (WebCore::Frame::overflowAutoScrollTimerFired):
        * page/Frame.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::delayedScrollEventTimerFired):
        (WebCore::FrameView::speculativeTilingEnableTimerFired):
        (WebCore::FrameView::layoutTimerFired):
        (WebCore::FrameView::updateEmbeddedObjectsTimerFired):
        (WebCore::FrameView::postLayoutTimerFired):
        * page/FrameView.h:
        * page/PageOverlay.cpp:
        (WebCore::PageOverlay::fadeAnimationTimerFired):
        * page/PageOverlay.h:
        * page/Settings.cpp:
        (WebCore::Settings::imageLoadingSettingsTimerFired):
        * page/Settings.h:
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::updateStyleIfNeededDispatcherFired):
        (WebCore::AnimationControllerPrivate::animationTimerFired):
        * page/animation/AnimationControllerPrivate.h:
        * page/mac/ServicesOverlayController.h:
        * page/mac/ServicesOverlayController.mm:
        (WebCore::ServicesOverlayController::determineActiveHighlightTimerFired):
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScrollTimerFired):
        * page/scrolling/AsyncScrollingCoordinator.h:
        * page/scrolling/ios/ScrollingCoordinatorIOS.h:
        * page/scrolling/ios/ScrollingCoordinatorIOS.mm:
        (WebCore::ScrollingCoordinatorIOS::scrollingStateTreeCommitterTimerFired):
        * page/scrolling/mac/ScrollingCoordinatorMac.h:
        * page/scrolling/mac/ScrollingCoordinatorMac.mm:
        (WebCore::ScrollingCoordinatorMac::scrollingStateTreeCommitterTimerFired):
        * platform/HysteresisActivity.h:
        (WebCore::HysteresisActivity::hysteresisTimerFired):
        * platform/ScrollAnimator.cpp:
        (WebCore::ScrollAnimator::updateScrollAnimatorsAndTimers):
        (WebCore::ScrollAnimator::startScrollSnapTimer):
        (WebCore::ScrollAnimator::stopScrollSnapTimer):
        (WebCore::ScrollAnimator::horizontalScrollSnapTimerFired):
        (WebCore::ScrollAnimator::verticalScrollSnapTimerFired):
        * platform/ScrollAnimator.h:
        * platform/ScrollAnimatorNone.cpp:
        (WebCore::ScrollAnimatorNone::animationTimerFired):
        * platform/ScrollAnimatorNone.h:
        * platform/Scrollbar.cpp:
        (WebCore::Scrollbar::autoscrollTimerFired):
        * platform/Scrollbar.h:
        * platform/Timer.h:
        (WebCore::Timer::Timer):
        * platform/audio/MediaSession.cpp:
        (WebCore::MediaSession::clientDataBufferingTimerFired):
        * platform/audio/MediaSession.h:
        * platform/efl/BatteryProviderEfl.cpp:
        (WebCore::BatteryProviderEfl::timerFired):
        * platform/efl/BatteryProviderEfl.h:
        * platform/graphics/BitmapImage.cpp:
        (WebCore::BitmapImage::startAnimation):
        (WebCore::BitmapImage::advanceAnimation):
        * platform/graphics/BitmapImage.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::reloadTimerFired):
        * platform/graphics/MediaPlayer.h:
        * platform/graphics/ShadowBlur.cpp:
        (WebCore::ScratchBuffer::timerFired):
        * platform/graphics/TiledBackingStore.cpp:
        (WebCore::TiledBackingStore::tileBufferUpdateTimerFired):
        (WebCore::TiledBackingStore::backingStoreUpdateTimerFired):
        * platform/graphics/TiledBackingStore.h:
        * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.h:
        * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.mm:
        (WebCore::MediaSelectionGroupAVFObjC::selectionTimerFired):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seekTimerFired):
        * platform/graphics/ca/LayerPool.cpp:
        (WebCore::LayerPool::pruneTimerFired):
        * platform/graphics/ca/LayerPool.h:
        * platform/graphics/ca/TileController.cpp:
        (WebCore::TileController::tileRevalidationTimerFired):
        * platform/graphics/ca/TileController.h:
        * platform/graphics/ca/TileGrid.cpp:
        (WebCore::TileGrid::cohortRemovalTimerFired):
        * platform/graphics/ca/TileGrid.h:
        * platform/graphics/ca/win/LegacyCACFLayerTreeHost.cpp:
        (WebCore::LegacyCACFLayerTreeHost::renderTimerFired):
        * platform/graphics/ca/win/LegacyCACFLayerTreeHost.h:
        * platform/graphics/cg/IOSurfacePool.cpp:
        (WebCore::IOSurfacePool::collectionTimerFired):
        * platform/graphics/cg/IOSurfacePool.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::fillTimerFired):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.h:
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::seekTimerFired):
        * platform/graphics/texmap/TextureMapper.cpp:
        (WebCore::BitmapTexturePool::releaseUnusedTexturesTimerFired):
        * platform/graphics/texmap/coordinated/CompositingCoordinator.cpp:
        (WebCore::CompositingCoordinator::releaseInactiveAtlasesTimerFired):
        * platform/graphics/texmap/coordinated/CompositingCoordinator.h:
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::animationStartedTimerFired):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
        * platform/graphics/texmap/coordinated/CoordinatedImageBacking.cpp:
        (WebCore::CoordinatedImageBacking::clearContentsTimerFired):
        * platform/graphics/texmap/coordinated/CoordinatedImageBacking.h:
        * platform/ios/LegacyTileCache.h:
        * platform/ios/LegacyTileCache.mm:
        (WebCore::LegacyTileCache::tileCreationTimerFired):
        * platform/mac/HIDGamepadProvider.cpp:
        (WebCore::HIDGamepadProvider::connectionDelayTimerFired):
        (WebCore::HIDGamepadProvider::inputNotificationTimerFired):
        * platform/mac/HIDGamepadProvider.h:
        * platform/mac/ScrollAnimatorMac.h:
        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::ScrollAnimatorMac::snapRubberBandTimerFired):
        (WebCore::ScrollAnimatorMac::initialScrollbarPaintTimerFired):
        (WebCore::ScrollAnimatorMac::sendContentAreaScrolledTimerFired):
        * platform/mock/DeviceMotionClientMock.cpp:
        (WebCore::DeviceMotionClientMock::timerFired):
        * platform/mock/DeviceMotionClientMock.h:
        * platform/mock/DeviceOrientationClientMock.cpp:
        (WebCore::DeviceOrientationClientMock::timerFired):
        * platform/mock/DeviceOrientationClientMock.h:
        * platform/mock/GeolocationClientMock.cpp:
        (WebCore::GeolocationClientMock::permissionTimerFired):
        (WebCore::GeolocationClientMock::controllerTimerFired):
        * platform/mock/GeolocationClientMock.h:
        * platform/mock/PlatformSpeechSynthesizerMock.cpp:
        (WebCore::PlatformSpeechSynthesizerMock::speakingFinished):
        * platform/mock/PlatformSpeechSynthesizerMock.h:
        * platform/mock/TimerEventBasedMock.h:
        (WebCore::TimerEvent::timerFired):
        * platform/network/DNSResolveQueue.cpp:
        (WebCore::DNSResolveQueue::timerFired):
        * platform/network/DNSResolveQueue.h:
        * platform/network/NetworkStateNotifier.h:
        * platform/network/ResourceHandle.cpp:
        (WebCore::ResourceHandle::failureTimerFired):
        * platform/network/ResourceHandle.h:
        * platform/network/ResourceHandleInternal.h:
        * platform/network/curl/ResourceHandleManager.cpp:
        (WebCore::ResourceHandleManager::downloadTimerCallback):
        * platform/network/curl/ResourceHandleManager.h:
        * platform/network/mac/NetworkStateNotifierMac.cpp:
        (WebCore::NetworkStateNotifier::networkStateChangeTimerFired):
        * platform/network/win/ResourceHandleWin.cpp:
        (WebCore::ResourceHandle::fileLoadTimer):
        * plugins/PluginPackage.cpp:
        (WebCore::PluginPackage::freeLibraryTimerFired):
        * plugins/PluginPackage.h:
        * plugins/PluginStream.cpp:
        (WebCore::PluginStream::delayDeliveryTimerFired):
        * plugins/PluginStream.h:
        * plugins/PluginView.cpp:
        (WebCore::PluginView::popPopupsStateTimerFired):
        (WebCore::PluginView::requestTimerFired):
        (WebCore::PluginView::invalidateTimerFired):
        (WebCore::PluginView::lifeSupportTimerFired):
        * plugins/PluginView.h:
        * plugins/win/PluginMessageThrottlerWin.cpp:
        (WebCore::PluginMessageThrottlerWin::messageThrottleTimerFired):
        * plugins/win/PluginMessageThrottlerWin.h:
        * rendering/ImageQualityController.cpp:
        (WebCore::ImageQualityController::highQualityRepaintTimerFired):
        * rendering/ImageQualityController.h:
        * rendering/RenderButton.cpp:
        (WebCore::RenderButton::styleDidChange):
        (WebCore::RenderButton::timerFired):
        * rendering/RenderButton.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateCompositingLayersTimerFired):
        (WebCore::RenderLayerCompositor::layerFlushTimerFired):
        (WebCore::RenderLayerCompositor::paintRelatedMilestonesTimerFired):
        * rendering/RenderLayerCompositor.h:
        * rendering/RenderMarquee.cpp:
        (WebCore::RenderMarquee::timerFired):
        * rendering/RenderMarquee.h:
        * rendering/RenderNamedFlowThread.cpp:
        (WebCore::RenderNamedFlowThread::regionOversetChangeEventTimerFired):
        * rendering/RenderNamedFlowThread.h:
        * rendering/RenderProgress.cpp:
        (WebCore::RenderProgress::animationTimerFired):
        * rendering/RenderProgress.h:
        * rendering/RenderView.cpp:
        (WebCore::RenderView::lazyRepaintTimerFired):
        * rendering/RenderView.h:
        * replay/EventLoopInputDispatcher.cpp:
        (WebCore::EventLoopInputDispatcher::timerFired):
        * replay/EventLoopInputDispatcher.h:
        * storage/StorageAreaImpl.cpp:
        (WebCore::StorageAreaImpl::closeDatabaseTimerFired):
        * storage/StorageAreaImpl.h:
        * storage/StorageAreaSync.cpp:
        (WebCore::StorageAreaSync::syncTimerFired):
        * storage/StorageAreaSync.h:
        * svg/SVGElement.cpp:
        (WebCore::SVGElement::svgLoadEventTimerFired):
        (WebCore::SVGElement::svgLoadEventTimer):
        * svg/SVGElement.h:
        * svg/SVGScriptElement.h:
        * svg/SVGStyleElement.h:
        * svg/SVGUseElement.h:
        * svg/animation/SMILTimeContainer.cpp:
        (WebCore::SMILTimeContainer::timerFired):
        * svg/animation/SMILTimeContainer.h:
        * xml/XMLHttpRequestProgressEventThrottle.cpp:
        (WebCore::XMLHttpRequestProgressEventThrottle::dispatchDeferredEvents):
        * xml/XMLHttpRequestProgressEventThrottle.h:

2014-11-06  Yongjun Zhang  <yongjun_zhang@apple.com>

        Don't send identifierForInitialRequest callback method for request with DoNotSendCallbacks option.
        https://bugs.webkit.org/show_bug.cgi?id=138473

        The iOS specific code that sets up a valid m_identifier is not needed any more, since this
        will be done later in ResourceLoader::willSendRequest. This also matches the behavior that
        we don't call assignIdentifierToInitialRequest callback method if the reqeust has
        DoNotSendCallbacks option.

        Reviewed by Pratik Solanki.

        * loader/ResourceLoader.cpp: 
        (WebCore::ResourceLoader::willSendRequest): Remove iOS specific block for setting up a valid
            m_identifier. In iOS, also make sure we still bail out if the resource loader was stopped
            in assignIdentifierToInitialRequest callback by a client.

2014-11-06  Dean Jackson  <dino@apple.com>

        [filters2] Support for backdrop-filter
        https://bugs.webkit.org/show_bug.cgi?id=138384
        <rdar://problem/18874494>

        Reviewed by Simon Fraser.

        Take 2!! Previous patch was rolled out.

        Add prototype support for backdrop-filter
        http://dev.w3.org/fxtf/filters-2/#BackdropFilterProperty

        This adds support for parsing the new CSS property, adding
        the value to RenderStyle, noticing that on the layer tree,
        and the platform code in GraphicsLayer to render a backdrop
        and apply an effect to the result.

        Some things are missing:
        - animation of the backdrop-filter is not yet supported
        - backdrops will not work in cloned layers yet (e.g. reflections)

        Tests: css3/filters/backdrop/backdropfilter-property-computed-style.html
               css3/filters/backdrop/backdropfilter-property-parsing-invalid.html
               css3/filters/backdrop/backdropfilter-property-parsing.html
               css3/filters/backdrop/backdropfilter-property.html
               css3/filters/backdrop/effect-hw.html

        * WebCore.exp.in: Export the setBackdropFilters method so it can
        be used from WebKit.

        * css/CSSComputedStyleDeclaration.cpp: New property name.
        (WebCore::isLayoutDependent):
        (WebCore::ComputedStyleExtractor::propertyValue): Use the existing valueForFilter method.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue): Piggyback on the filter parser.

        * css/CSSPropertyNames.in: Add -webkit-backdrop-filter.

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle): Add test for backdrop.
        (WebCore::StyleResolver::applyProperty): Support new property.

        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::needsBackdrop): New method to test for existence of values.
        (WebCore::GraphicsLayer::backdropFilters): Keeps the list of filters.
        (WebCore::GraphicsLayer::setBackdropFilters):
        (WebCore::GraphicsLayer::clearBackdropFilters):

        * platform/graphics/ca/GraphicsLayerCA.cpp: This adds a new m_backdropLayer CALayer
        that will sit behind the contents layer and provide the element's backdrop.
        (WebCore::GraphicsLayerCA::willBeDestroyed):
        (WebCore::GraphicsLayerCA::moveOrCopyAnimations):
        (WebCore::GraphicsLayerCA::setBackdropFilters): Set a custom appearance so
        remote layer hosts will notice the special layer. Also set the actual
        layer properties.
        (WebCore::GraphicsLayerCA::addAnimation): Remove whitespace.
        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers): Update backdrop if necessary.
        (WebCore::GraphicsLayerCA::updateLayerNames): Give the new layer a name.
        (WebCore::GraphicsLayerCA::updateSublayerList):
        (WebCore::GraphicsLayerCA::updateGeometry): Make the backdrop layer match the contents
        layer geometry.
        (WebCore::GraphicsLayerCA::updateBackdropFilters): Create the backdrop layer if necessary,
        and copy the filter values to any clones.
        (WebCore::GraphicsLayerCA::ensureStructuralLayer): We need a structural layer if we
        have backdrop filters.
        (WebCore::GraphicsLayerCA::structuralLayerPurpose):
        (WebCore::GraphicsLayerCA::createAnimationFromKeyframes):
        (WebCore::GraphicsLayerCA::swapFromOrToTiledLayer):
        * platform/graphics/ca/GraphicsLayerCA.h: New StructuralLayerPurpose, new LayerChangeFlag.

        * platform/graphics/ca/PlatformCALayer.h: New LayerType.

        * platform/graphics/ca/mac/PlatformCALayerMac.mm: Define CABackdropLayer.
        (PlatformCALayerMac::PlatformCALayerMac): Create the correct CALayer type.

        * rendering/RenderElement.h:
        (WebCore::RenderElement::createsGroup):
        (WebCore::RenderElement::hasBackdropFilter): This method is always around, but
        only can return true when FILTERS_LEVEL_2 is enabled.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paintsWithFilters): Remove an unnecessary comment.
        (WebCore::RenderLayer::calculateClipRects):

        * rendering/RenderLayer.h: Add hasBackdropFilter.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::RenderLayerBacking):
        (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): Update the backdrop filters.
        (WebCore::RenderLayerBacking::updateBackdropFilters): Set the filters on the GraphicsLayer.
        (WebCore::RenderLayerBacking::updateGeometry):
        * rendering/RenderLayerBacking.h:

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::requiresOwnBackingStore): Needs backingstore if it has a backdrop filter.
        (WebCore::RenderLayerCompositor::reasonsForCompositing):
        (WebCore::RenderLayerCompositor::requiresCompositingForFilters): Return early if we have
        a backdrop filter, because currently we absolutely require compositing.

        * rendering/RenderLayerModelObject.cpp:
        (WebCore::RenderLayerModelObject::styleWillChange): Add hasBackdropFilter().

        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::changeRequiresLayout): Check backdrops for change.

        * rendering/style/RenderStyle.h: Add the backdropFilter style stuff.
        * rendering/style/StyleRareNonInheritedData.cpp:
        (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
        (WebCore::StyleRareNonInheritedData::operator==):
        (WebCore::StyleRareNonInheritedData::hasBackdropFilters):
        * rendering/style/StyleRareNonInheritedData.h:

2014-11-06  Benjamin Poulain  <bpoulain@apple.com>

        Give pseudo elements the correct specificity
        https://bugs.webkit.org/show_bug.cgi?id=138378

        Reviewed by Dean Jackson.

        WebKit had an old silly bug where pseudo elements were given specificity in the class B
        instead of the class C.

        Now that the inspector shows the specificity, this bug is much more visible which is why
        I fix it now.

        Test: fast/css/pseudo-element-specificity.html

        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::specificityForOneSelector):
        Give pseudo-elements the right specificity.

        * Modules/mediacontrols/mediaControlsApple.css:
        (video::-webkit-media-controls-volume-slider):
        (audio::-webkit-media-controls-volume-slider::-webkit-slider-thumb):
        (audio::-webkit-media-controls-volume-slider::-webkit-slider-thumb:active::-webkit-slider-thumb):
        (audio::-webkit-media-controls-timeline):
        (audio::-webkit-media-controls-timeline::-webkit-slider-thumb):
        (audio::-webkit-media-controls-timeline:active::-webkit-slider-thumb,):
        (video:-webkit-full-screen::-webkit-media-controls-volume-slider):
        (video:-webkit-full-screen::-webkit-media-controls-volume-slider::-webkit-slider-thumb):
        * Modules/mediacontrols/mediaControlsBase.css:
        (video::-webkit-media-controls-volume-slider):
        (audio::-webkit-media-controls-volume-slider::-webkit-slider-thumb):
        (audio::-webkit-media-controls-volume-slider::-webkit-slider-thumb:active::-webkit-slider-thumb):
        (audio::-webkit-media-controls-timeline):
        (audio::-webkit-media-controls-timeline::-webkit-slider-thumb):
        (audio::-webkit-media-controls-timeline:active::-webkit-slider-thumb,):
        (video:-webkit-full-screen::-webkit-media-controls-volume-slider):
        (video:-webkit-full-screen::-webkit-media-controls-volume-slider::-webkit-slider-thumb):
        * css/mediaControls.css:
        (audio::-webkit-media-controls-volume-slider, video::-webkit-media-controls-volume-slider):
        (audio::-webkit-media-controls-volume-slider-mute-button, video::-webkit-media-controls-volume-slider-mute-button):
        * css/mediaControlsGtk.css:
        (audio::-webkit-media-controls-timeline, video::-webkit-media-controls-timeline):
        (audio::-webkit-media-controls-timeline[disabled], video::-webkit-media-controls-timeline[disabled]):
        (audio::-webkit-media-controls-volume-slider, video::-webkit-media-controls-volume-slider):
        The media controls were relying on the bug to override the style of input[type=range].

        Ideally we should either:
        -Implement some kind of high level style isolation (e.g. CSS Scoping).
        -Fix the media control tree to use regular CSS scoped by a shadow pseudo ID.

        Until we have one of those, I just fixed the styling by forcing the properties with lower
        specificity with !important. 

2014-11-06  Beth Dakin  <bdakin@apple.com>

        Preview views often misplaced inside popover
        https://bugs.webkit.org/show_bug.cgi?id=138472

        Reviewed by Tim Horton.

        * WebCore.exp.in:

2014-11-06  Michael Saboff  <msaboff@apple.com>

        REGRESSION (r174985-174986): Site display disappears 
        https://bugs.webkit.org/show_bug.cgi?id=138082

        Reviewed by Geoffrey Garen.

        This effectively reverts to the behavior before r174985 by using the 
        lexical global object of the caller's frame to find the active document.
        Before r174985, native functions are invoked with the ScopeShain of their
        caller.  The lexical global object is accessed from the ScopeChain.

        * bindings/js/JSHTMLDocumentCustom.cpp:
        (WebCore::JSHTMLDocument::getOwnPropertySlot):
        (WebCore::findOwningDocument):
        (WebCore::documentWrite):
        (WebCore::JSHTMLDocument::write):
        (WebCore::JSHTMLDocument::writeln):
        * html/HTMLDocument.idl:

2014-11-05  Sam Weinig  <sam@webkit.org>

        Use std::unique_ptr for TileController
        https://bugs.webkit.org/show_bug.cgi?id=138429

        Reviewed by Anders Carlsson.

        * WebCore.exp.in:
        * platform/graphics/ca/TileController.cpp:
        (WebCore::TileController::create): Deleted.
        * platform/graphics/ca/TileController.h:
        * platform/graphics/ca/mac/WebTiledBackingLayer.h:
        * platform/graphics/ca/mac/WebTiledBackingLayer.mm:
        (-[WebTiledBackingLayer createTileController:]):
        * platform/graphics/ca/win/PlatformCALayerWinInternal.cpp:
        (PlatformCALayerWinInternal::createTileController):
        * platform/graphics/ca/win/PlatformCALayerWinInternal.h:

2014-11-06  Chris Dumez  <cdumez@apple.com>

        Use lambda functions in DocumentOrderedMap
        https://bugs.webkit.org/show_bug.cgi?id=138376

        Reviewed by Darin Adler.

        Use lambda functions in DocumentOrderedMap instead of separate named
        functions.

        No new tests, no behavior change.

        * dom/DocumentOrderedMap.cpp:
        (WebCore::DocumentOrderedMap::get):
        (WebCore::DocumentOrderedMap::getElementById):
        (WebCore::DocumentOrderedMap::getElementByName):
        (WebCore::DocumentOrderedMap::getElementByMapName):
        (WebCore::DocumentOrderedMap::getElementByLowercasedMapName):
        (WebCore::DocumentOrderedMap::getElementByLowercasedUsemap):
        (WebCore::DocumentOrderedMap::getElementByLabelForAttribute):
        (WebCore::DocumentOrderedMap::getElementByWindowNamedItem):
        (WebCore::DocumentOrderedMap::getElementByDocumentNamedItem):
        (WebCore::DocumentOrderedMap::getAllElementsById):
        (WebCore::keyMatchesId): Deleted.
        (WebCore::keyMatchesName): Deleted.
        (WebCore::keyMatchesMapName): Deleted.
        (WebCore::keyMatchesLowercasedMapName): Deleted.
        (WebCore::keyMatchesLowercasedUsemap): Deleted.
        (WebCore::keyMatchesLabelForAttribute): Deleted.
        (WebCore::keyMatchesWindowNamedItem): Deleted.
        (WebCore::keyMatchesDocumentNamedItem): Deleted.
        * dom/DocumentOrderedMap.h:

2014-11-05  Shivakumar JM  <shiva.jm@samsung.com>

        splitText API does not match DOM specification.
        https://bugs.webkit.org/show_bug.cgi?id=138405

        Reviewed by Chris Dumez.
 
        Make the offset argument for splitText API as mandatory (and thus throw if it is omitted) and stop throwing if the offset argument is
        negative (and wraps to a valid index) as per specification: https://w3c.github.io/dom/#interface-text. Also This matches the behavior
        of both Firefox 33 and Chrome 38.

        Test: fast/dom/Text/splitText.html

        * dom/Text.idl:

2014-11-05  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r175672.
        https://bugs.webkit.org/show_bug.cgi?id=138455

        Tries to make backdrop layers on every layer, asserts on
        Mavericks (Requested by smfr on #webkit).

        Reverted changeset:

        "[filters2] Support for backdrop-filter"
        https://bugs.webkit.org/show_bug.cgi?id=138384
        http://trac.webkit.org/changeset/175672

2014-11-04  Ada Chan  <adachan@apple.com>

        Figure out whether a plug-in is playing audio.
        https://bugs.webkit.org/show_bug.cgi?id=137219

        Reviewed by Anders Carlsson.

        Add NPPVpluginIsPlayingAudio. Export some WebCore methods that will be used in WebKit2.

        No new tests, but manually tested with an example plugin.

        * WebCore.exp.in:
        * plugins/npapi.h:

2014-11-05  Simon Fraser  <simon.fraser@apple.com>

        Fix crash introduced in r175656
        https://bugs.webkit.org/show_bug.cgi?id=138453

        Reviewed by Dan Bernstein.

        repaintContainer can be null sometimes.
        
        Covered by existing tests.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::styleChangeRequiresLayerRebuild):

2014-11-05  Dan Bernstein  <mitz@apple.com>

        Tried to fix the Windows build after removing the deletion UI.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * editing/EditingAllInOne.cpp:

2014-11-04  Dean Jackson  <dino@apple.com>

        [filters2] Support for backdrop-filter
        https://bugs.webkit.org/show_bug.cgi?id=138384
        <rdar://problem/18874494>

        Reviewed by Simon Fraser.

        Add prototype support for backdrop-filter
        http://dev.w3.org/fxtf/filters-2/#BackdropFilterProperty

        This adds support for parsing the new CSS property, adding
        the value to RenderStyle, noticing that on the layer tree,
        and the platform code in GraphicsLayer to render a backdrop
        and apply an effect to the result.

        Some things are missing:
        - animation of the backdrop-filter is not yet supported
        - backdrops will not work in cloned layers yet (e.g. reflections)

        Tests: css3/filters/backdrop/backdropfilter-property-computed-style.html
               css3/filters/backdrop/backdropfilter-property-parsing-invalid.html
               css3/filters/backdrop/backdropfilter-property-parsing.html
               css3/filters/backdrop/backdropfilter-property.html
               css3/filters/backdrop/effect-hw.html

        * WebCore.exp.in: Export the setBackdropFilters method so it can
        be used from WebKit.

        * css/CSSComputedStyleDeclaration.cpp: New property name.
        (WebCore::isLayoutDependent):
        (WebCore::ComputedStyleExtractor::propertyValue): Use the existing valueForFilter method.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue): Piggyback on the filter parser.

        * css/CSSPropertyNames.in: Add -webkit-backdrop-filter.

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle): Add test for backdrop.
        (WebCore::StyleResolver::applyProperty): Support new property.

        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::needsBackdrop): New method to test for existence of values.
        (WebCore::GraphicsLayer::backdropFilters): Keeps the list of filters.
        (WebCore::GraphicsLayer::setBackdropFilters):
        (WebCore::GraphicsLayer::clearBackdropFilters):

        * platform/graphics/ca/GraphicsLayerCA.cpp: This adds a new m_backdropLayer CALayer
        that will sit behind the contents layer and provide the element's backdrop.
        (WebCore::GraphicsLayerCA::willBeDestroyed):
        (WebCore::GraphicsLayerCA::moveOrCopyAnimations):
        (WebCore::GraphicsLayerCA::setBackdropFilters): Set a custom appearance so
        remote layer hosts will notice the special layer. Also set the actual
        layer properties.
        (WebCore::GraphicsLayerCA::addAnimation): Remove whitespace.
        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers): Update backdrop if necessary.
        (WebCore::GraphicsLayerCA::updateLayerNames): Give the new layer a name.
        (WebCore::GraphicsLayerCA::updateSublayerList):
        (WebCore::GraphicsLayerCA::updateGeometry): Make the backdrop layer match the contents
        layer geometry.
        (WebCore::GraphicsLayerCA::updateBackdropFilters): Create the backdrop layer if necessary,
        and copy the filter values to any clones.
        (WebCore::GraphicsLayerCA::ensureStructuralLayer): We need a structural layer if we
        have backdrop filters.
        (WebCore::GraphicsLayerCA::structuralLayerPurpose):
        (WebCore::GraphicsLayerCA::createAnimationFromKeyframes):
        (WebCore::GraphicsLayerCA::swapFromOrToTiledLayer):
        * platform/graphics/ca/GraphicsLayerCA.h: New StructuralLayerPurpose, new LayerChangeFlag.

        * platform/graphics/ca/PlatformCALayer.h: New LayerType.

        * platform/graphics/ca/mac/PlatformCALayerMac.mm: Define CABackdropLayer.
        (PlatformCALayerMac::PlatformCALayerMac): Create the correct CALayer type.

        * rendering/RenderElement.h:
        (WebCore::RenderElement::createsGroup):
        (WebCore::RenderElement::hasBackdropFilter): This method is always around, but
        only can return true when FILTERS_LEVEL_2 is enabled.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paintsWithFilters): Remove an unnecessary comment.
        (WebCore::RenderLayer::calculateClipRects):

        * rendering/RenderLayer.h: Add hasBackdropFilter.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::RenderLayerBacking):
        (WebCore::RenderLayerBacking::createPrimaryGraphicsLayer): Update the backdrop filters.
        (WebCore::RenderLayerBacking::updateBackdropFilters): Set the filters on the GraphicsLayer.
        (WebCore::RenderLayerBacking::updateGeometry):
        * rendering/RenderLayerBacking.h:

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::requiresOwnBackingStore): Needs backingstore if it has a backdrop filter.
        (WebCore::RenderLayerCompositor::reasonsForCompositing):
        (WebCore::RenderLayerCompositor::requiresCompositingForFilters): Return early if we have
        a backdrop filter, because currently we absolutely require compositing.

        * rendering/RenderLayerModelObject.cpp:
        (WebCore::RenderLayerModelObject::styleWillChange): Add hasBackdropFilter().

        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::changeRequiresLayout): Check backdrops for change.

        * rendering/style/RenderStyle.h: Add the backdropFilter style stuff.
        * rendering/style/StyleRareNonInheritedData.cpp:
        (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
        (WebCore::StyleRareNonInheritedData::operator==):
        (WebCore::StyleRareNonInheritedData::hasBackdropFilters):
        * rendering/style/StyleRareNonInheritedData.h:

2014-11-05  Chris Dumez  <cdumez@apple.com>

        Move 'size' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138337

        Reviewed by Andreas Kling.

        Move 'size' CSS property from DeprecatedStyleBuilder to the new
        StyleBuilder by using custom code as it requires special handling.

        No new tests, new behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyPageSize::mmLength): Deleted.
        (WebCore::ApplyPropertyPageSize::inchLength): Deleted.
        (WebCore::ApplyPropertyPageSize::getPageSizeFromName): Deleted.
        (WebCore::ApplyPropertyPageSize::applyInheritValue): Deleted.
        (WebCore::ApplyPropertyPageSize::applyInitialValue): Deleted.
        (WebCore::ApplyPropertyPageSize::applyValue): Deleted.
        (WebCore::ApplyPropertyPageSize::createHandler): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderFunctions::mmLength):
        (WebCore::StyleBuilderFunctions::inchLength):
        (WebCore::StyleBuilderFunctions::getPageSizeFromName):
        (WebCore::StyleBuilderFunctions::applyInheritSize):
        (WebCore::StyleBuilderFunctions::applyInitialSize):
        (WebCore::StyleBuilderFunctions::applyValueSize):

2014-11-05  Chris Dumez  <cdumez@apple.com>

        Revert r175441 as it seems to be causing intermittent crashes in DOMTimer
        https://bugs.webkit.org/show_bug.cgi?id=138449

        Unreviewed roll out.

        Revert r175441 as it seems to be causing intermittent crashes in DOMTimer due
        to the scriptExecutionContext going away. See <rdar://problem/18883681>.

        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::install):
        (WebCore::DOMTimer::fired):
        (WebCore::NestedTimersVector::NestedTimersVector): Deleted.
        (WebCore::NestedTimersVector::~NestedTimersVector): Deleted.
        (WebCore::NestedTimersVector::registerTimer): Deleted.
        (WebCore::NestedTimersVector::begin): Deleted.
        (WebCore::NestedTimersVector::end): Deleted.

2014-11-05  Simon Fraser  <simon.fraser@apple.com>

        Avoid backing store for opacity:0 descendant layers
        https://bugs.webkit.org/show_bug.cgi?id=138448

        Reviewed by Dean Jackson.
        
        If a composited layer has no rendered content but a painting zero-opacity descendant
        layer, than we can avoid making backing store.
        
        When the opacity on such a child changes, we need to trigger a tree rebuild
        to force the backing store to come back (this could be optimized later).

        Tests: compositing/backing/no-backing-for-opacity-0-child.html
               compositing/backing/toggle-opacity-0-child.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::styleChangeRequiresLayerRebuild):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::containerForRepaint):

2014-11-05  Chris Dumez  <cdumez@apple.com>

        Assertion hit DOMTimer::updateTimerIntervalIfNecessary()
        https://bugs.webkit.org/show_bug.cgi?id=138440

        Reviewed by Geoffrey Garen.

        We sometimes hit the ASSERT(repeatInterval() == previousInterval)
        assertion in DOMTimer::updateTimerIntervalIfNecessary() when visiting
        the following pages:
        http://lifehacker.com/the-healthiest-foods-for-one-handed-snacking-while-gami-1654728164
        http://longform.org/posts/like-something-the-lord-made

        After debugging, the issue turned out to be that we are comparing
        floating point numbers using ==, and the check sometimes fails even
        though the values really close to each other. This patch updates the
        DOMTimer code to use WTF::withinEpsilon() instead of operator==()
        to compare the floating point intervals.

        I confirmed manually that the assertion is no longer hit.

        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::updateTimerIntervalIfNecessary):
        * platform/graphics/FloatQuad.cpp:
        (WebCore::FloatQuad::isRectilinear):
        (WebCore::withinEpsilon): Deleted.

2014-11-05  Chris Fleizach  <cfleizach@apple.com>

        AX: add "alt" as an overriding synonym of "-webkit-alt" (now in the CSS4 spec)
        https://bugs.webkit.org/show_bug.cgi?id=138393

        Reviewed by Dean Jackson.

        Add official "alt" CSS keyword and map -webkit-alt to that.

        Test: platform/mac/accessibility/alt-for-css-content.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue):
        * css/CSSPropertyNames.in:
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):

2014-11-05  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Unreviewed, EFL build fix since r175647

        * CMakeLists.txt: Remove DeleteButton.cpp and DeleteButtonController.cpp.

2014-11-05  Chris Dumez  <cdumez@apple.com>

        Allow constructing a PassRef from a Ref
        https://bugs.webkit.org/show_bug.cgi?id=138389

        Reviewed by Andreas Kling.

        Remove calls to Ref::get() now that a PassRef can be directly
        constructed from a Ref.

        No new tests, no behavior change.

        * css/CSSValuePool.cpp:
        (WebCore::CSSValuePool::createColorValue):
        * css/CSSValuePool.h:
        (WebCore::CSSValuePool::createInheritedValue):
        (WebCore::CSSValuePool::createImplicitInitialValue):
        (WebCore::CSSValuePool::createExplicitInitialValue):
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::setCSSStyleSheet):

2014-11-05  Dan Bernstein  <mitz@apple.com>

        Remove the unused deletion UI feature
        https://bugs.webkit.org/show_bug.cgi?id=138442

        Rubber-stamped by Alexey Proskuryakov.

        * Resources/deleteButton.png: Removed.
        * Resources/deleteButton@2x.png: Removed.
        * Resources/deleteButtonPressed.png: Removed.
        * Resources/deleteButtonPressed@2x.png: Removed.

        * WebCore.xcodeproj/project.pbxproj: Removed references to removed files.

        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::cloneChildNodes): Folded the below helper function into this member
        function, after removing the deleteButtonContainerElement parameter.
        (WebCore::cloneChildNodesAvoidingDeleteButton): Deleted.

        * editing/CompositeEditCommand.cpp:
        (WebCore::EditCommandComposition::unapply): Removed use of
        DeleteButtonControllerDisableScope.
        (WebCore::EditCommandComposition::reapply): Ditto.
        (WebCore::CompositeEditCommand::apply): Ditto.

        * editing/DeleteButton.cpp: Removed.
        * editing/DeleteButton.h: Removed.
        * editing/DeleteButtonController.cpp: Removed.
        * editing/DeleteButtonController.h: Removed.

        * editing/EditCommand.cpp:
        (WebCore::EditCommand::EditCommand): Removed use of
        Editor::avoidIntersectionWithDeleteButtonController.

        * editing/Editor.cpp:
        (WebCore::Editor::Editor): Removed initialization of m_deleteButtonController.
        (WebCore::Editor::rangeForPoint): Removed use of avoidIntersectionWithDeleteButtonController.
        (WebCore::Editor::editorUIUpdateTimerFired): Removed call to DeleteButtonController function.
        (WebCore::Editor::avoidIntersectionWithDeleteButtonController): Deleted.
        (WebCore::Editor::deviceScaleFactorChanged): Deleted.

        * editing/Editor.h:
        (WebCore::Editor::deleteButtonController): Deleted.
        (WebCore::Editor::avoidIntersectionWithDeleteButtonController): Deleted.

        * editing/MarkupAccumulator.cpp:
        (WebCore::MarkupAccumulator::serializeNodes): Removed nodeToSkip parameter.
        (WebCore::MarkupAccumulator::serializeNodesWithNamespaces): Ditto.

        * editing/MarkupAccumulator.h:

        * editing/markup.cpp:
        (WebCore::createMarkupInternal): Removed updateRange parameter, which had become identical
        to the range parameter, and changed to use the latter everywhere instead.
        (WebCore::createMarkup): Don’t compute and pass separate updateRanage parameter.

        * loader/EmptyClients.h: Removed shouldShowDeleteInterface override.
        * page/EditorClient.h: Removed shouldShowDeleteInterface.

        * page/Page.cpp:
        (WebCore::Page::setDeviceScaleFactor): Removed call to Editor::deviceScaleFactorChanged.

        * page/PageSerializer.cpp:
        (WebCore::PageSerializer::serializeFrame): Updated for MarkupAccumulator::serializeNodes change.

        * testing/Internals.cpp:
        (WebCore::Internals::findEditingDeleteButton): Deleted.
        * testing/Internals.h:
        * testing/Internals.idl:

2014-11-04  David Hyatt  <hyatt@apple.com>

        Descendant ends up in wrong flow thread with nested columns and spans.
        https://bugs.webkit.org/show_bug.cgi?id=137273

        Reviewed by Simon Fraser.

        Unskipped the two problematic span tests.

        * rendering/RenderMultiColumnFlowThread.cpp:
        (WebCore::isValidColumnSpanner):
        Remove the guard and comment and added the assertion back in.

        (WebCore::RenderMultiColumnFlowThread::flowThreadDescendantInserted):
        Changed to no longer use handleSpannerRemoval. Because the spanner was removed from the flow thread's map,
        handleSpannerRemoval was a no-op. So instead I just removed the placeholder by hand.

        The second fix was to stop destroying the placeholder. Since the placeholder can just have been inserted, you
        can't delete it, since otherwise code further up the stack will access the deleted object. For now, we just
        leak the placeholder.

        The third fix is to make sure the subtreeRoot is properly updated to be the new placeholder.

2014-11-05  Andreas Kling  <akling@apple.com>

        RenderBlock shouldn't need a pre-destructor hook.
        <https://webkit.org/b/138430>

        Reviewed by Antti Koivisto.

        All that was interesting in RenderBlock::willBeDestroyed() has migrated
        to RenderBlockFlow. removeFromUpdateScrollInfoAfterLayoutTransaction()
        can be called from the plain destructor, so just move it there.

        We don't have to worry about destroyLeftoverChildren(), since RenderElement
        will take care of that for us.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::~RenderBlock):
        (WebCore::RenderBlock::willBeDestroyed): Deleted.
        * rendering/RenderBlock.h:

2014-11-05  Chris Dumez  <cdumez@apple.com>

        Remove 2 unnecessary virtual functions on InputType
        https://bugs.webkit.org/show_bug.cgi?id=138433

        Reviewed by Andreas Kling.

        Remove 2 unused virtual functions on InputType:
        - valueAttributeChanged()
        - updateClearButtonVisibility()

        No new tests, no behavior change.

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::parseAttribute):
        (WebCore::HTMLInputElement::updateClearButtonVisibility): Deleted.
        * html/HTMLInputElement.h:
        * html/InputType.cpp:
        (WebCore::InputType::valueAttributeChanged): Deleted.
        (WebCore::InputType::updateClearButtonVisibility): Deleted.
        * html/InputType.h:

2014-11-05  Chris Dumez  <cdumez@apple.com>

        Re-evaluate if a repetitive timer should be throttled upon firing
        https://bugs.webkit.org/show_bug.cgi?id=138339

        Reviewed by Gavin Barraclough.

        Re-evaluate if a repetitive timer should be throttled upon firing in
        case the plugin observability state has changed:
        - It used to be visible but now isn't and thus the timer can be throttled
        - It used to play audio but now doesn't and thus the timer can be throttled

        We already stopped throttling if the plugin became observable. However,
        we didn't start throttling if the plugin became non-observable.

        * page/DOMTimer.cpp:
        (WebCore::DOMTimer::updateThrottlingStateIfNecessary):

2014-11-03  Dean Jackson  <dino@apple.com>

        Add ENABLE_FILTERS_LEVEL_2 feature guard.
        https://bugs.webkit.org/show_bug.cgi?id=138362

        Reviewed by Tim Horton.

        Add a new feature define for Level 2 of CSS Filters.
        http://dev.w3.org/fxtf/filters-2/

        * Configurations/FeatureDefines.xcconfig:

2014-11-05  Chris Dumez  <cdumez@apple.com>

        Move text-align CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138398

        Reviewed by Antti Koivisto.

        Move text-align CSS property from DeprecatedStyleBuilder to the new
        StyleBuilder so that it is now generated from CSSPropertyNames.in.
        This patch adds a TextAlign Converter to support this.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyTextAlign::applyValue): Deleted.
        (WebCore::ApplyPropertyTextAlign::createHandler): Deleted.
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertTextAlign):

2014-11-05  Sanghyup Lee  <sh53.lee@samsung.com>

        Fix build warning in SVGMarkerElement.cpp
        https://bugs.webkit.org/show_bug.cgi?id=138407

        Reviewed by Darin Adler.

        Build warning in debug cause 'comparison of unsigned expression >= 0 is always true [-Wtype-limits]'

        * svg/SVGMarkerElement.cpp:
        (WebCore::SVGMarkerElement::orientType): Removed useless condition in ASSERT.

2014-11-05  Chris Dumez  <cdumez@apple.com>

        Stop special-casing the empty string in HTMLInputElement.type setter
        https://bugs.webkit.org/show_bug.cgi?id=138403

        Reviewed by Ryosuke Niwa.

        Stop special-casing the empty string in HTMLInputElement.type setter.
        Previously, if input.type is set to "", we would remove the type
        attribute. This is inconsistent with the specification and the behavior
        of other browsers (tested Firefox 33 and Chrome 38). Instead, we should
        set the attribute to the empty string.

        Also stop treating null as a null string to align with the
        specification and other browsers (tested Firefox 33 and Chrome 38).

        Finally, update HTMLInputElement::setType() to take an AtomicString in
        argument instead of a String as it ends up calling setAttribute(), and
        thus needing an AtomicString.


        Test: fast/dom/HTMLInputElement/input-type-attribute.html

        * html/FileInputType.cpp:
        (WebCore::UploadButtonElement::UploadButtonElement):
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::setType):
        * html/HTMLInputElement.h:
        * html/HTMLInputElement.idl:

2014-11-05  peavo@outlook.com  <peavo@outlook.com>

        [WinCairo] Compile error, missing guard.
        https://bugs.webkit.org/show_bug.cgi?id=138421

        Reviewed by Brent Fulgham.

        There is missing a guard for CSS_SELECTORS_LEVEL4 in CSSParserValues.cpp.

        * css/CSSParserValues.cpp:

2014-11-05  Antti Koivisto  <antti@apple.com>

        REGRESSION(r175601): Assertion failures in SimpleLineLayout
        https://bugs.webkit.org/show_bug.cgi?id=138422

        Check for end.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::FlowContentIterator::isNewlineCharacter):
        (WebCore::SimpleLineLayout::removeTrailingWhitespace):

2014-11-05  Andreas Kling  <akling@apple.com>

        Simple line layout: support text-transform: lowercase|uppercase|capitalize
        <https://webkit.org/b/138406>

        Reviewed by Antti Koivisto.

        Expand the simple line layout coverage to include all text-transform values.
        Since the property works on the text string level, it's really only a matter
        of removing the short-circuit.

        Test: fast/text/simple-lines-text-transform.html

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseFor):

2014-11-05  Jer Noble  <jer.noble@apple.com>

        [EME][Mac] Allow the client to specify FPS protocol versions in the keySystem type field.
        https://bugs.webkit.org/show_bug.cgi?id=138380

        Reviewed by Eric Carlson.

        Parse out the requested FPS protocol version of the keySystem type string and pass it to
        AVStreamDataParser as an options dictionary.

        * platform/graphics/avfoundation/CDMPrivateMediaSourceAVFObjC.mm:
        (WebCore::validKeySystemRE): Added, match comma-separated version suffixes.
        (WebCore::CDMPrivateMediaSourceAVFObjC::supportsKeySystem): Call above.
        (WebCore::CDMPrivateMediaSourceAVFObjC::createSession): Parse out the version numbers
            and pass into the session as a vector.
        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
        (WebCore::CDMSessionMediaSourceAVFObjC::CDMSessionMediaSourceAVFObjC): Take a vector of
            protocol version numbers.
        (WebCore::CDMSessionMediaSourceAVFObjC::update): Create an NSArray and pass into
            the key request creation method in an options dictionary.

2014-11-05  Antti Koivisto  <antti@apple.com>

        Move HTTPHeaderMap encoding to the class
        https://bugs.webkit.org/show_bug.cgi?id=138412

        Reviewed by Andreas Kling.

        * platform/network/HTTPHeaderMap.h:
        (WebCore::HTTPHeaderMap::encode):
        (WebCore::HTTPHeaderMap::decode):

            Use generic encoding for the uncommon header map. Common headers still require custom code due to the enum class.

2014-11-04  Beth Dakin  <bdakin@apple.com>

        Un-anchor data detector popovers on scroll
        https://bugs.webkit.org/show_bug.cgi?id=138385
        -and corresponding-
        rdar://problem/18869345

        Reviewed by Tim Horton.

        * platform/spi/mac/DataDetectorsSPI.h:

2014-11-04  Chris Dumez  <cdumez@apple.com>

        Avoid double hash table lookup in SpaceSplitStringData::create()
        https://bugs.webkit.org/show_bug.cgi?id=138396

        Reviewed by Ryosuke Niwa.

        Avoid double hash table lookup in SpaceSplitStringData::create() by
        calling HashMap::add() and using the AddResult, instead of calling
        HashMap::get() then HashMap::add().

        No new tests, no behavior change.

        * dom/SpaceSplitString.cpp:
        (WebCore::SpaceSplitStringData::create):

2014-11-04  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Abstract out content iteration and text handling in general.
        https://bugs.webkit.org/show_bug.cgi?id=138346

        Reviewed by Antti Koivisto.

        Add a class that can act as the primary iterator/fragment handling interface to the line parser.
        This helps adding support multiple renderer elements without changing the parser logic.
        Currently it operates strictly on the first child of the RenderBlockFlow.  

        Covered by existing tests.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::FlowContentIterator::FlowContentIterator):
        (WebCore::SimpleLineLayout::FlowContentIterator::findNextBreakablePosition):
        (WebCore::SimpleLineLayout::FlowContentIterator::findNextNonWhitespacePosition):
        (WebCore::SimpleLineLayout::FlowContentIterator::textWidth):
        (WebCore::SimpleLineLayout::FlowContentIterator::isNewlineCharacter):
        (WebCore::SimpleLineLayout::FlowContentIterator::isEndOfContent):
        (WebCore::SimpleLineLayout::FlowContentIterator::style):
        (WebCore::SimpleLineLayout::computeLineLeft):
        (WebCore::SimpleLineLayout::TextFragment::TextFragment):
        (WebCore::SimpleLineLayout::removeTrailingWhitespace):
        (WebCore::SimpleLineLayout::initializeNewLine):
        (WebCore::SimpleLineLayout::splitFragmentToFitLine):
        (WebCore::SimpleLineLayout::nextFragment):
        (WebCore::SimpleLineLayout::createLineRuns):
        (WebCore::SimpleLineLayout::closeLineEndingAndAdjustRuns):
        (WebCore::SimpleLineLayout::createTextRuns):
        (WebCore::SimpleLineLayout::create):
        (WebCore::SimpleLineLayout::skipWhitespace): Deleted.
        (WebCore::SimpleLineLayout::textWidth): Deleted.
        * rendering/SimpleLineLayout.h:

2014-11-04  Jeremy Jones  <jeremyj@apple.com>

        Fix build after r138351
        https://bugs.webkit.org/show_bug.cgi?id=138401

        Ureviewed. Make return type match.

        * platform/ios/WebCoreSystemInterfaceIOS.mm:

2014-11-04  Tim Horton  <timothy_horton@apple.com>

        Add bundle SPI allowing PageOverlay to customize the action menu
        https://bugs.webkit.org/show_bug.cgi?id=138388
        <rdar://problem/18875579>

        Reviewed by Anders Carlsson.

        * page/PageOverlayController.h:
        Expose the list of all overlays.

2014-11-03  Jeremy Jones  <jeremyj@apple.com>

        Add button and enable optimized fullscreen.
        https://bugs.webkit.org/show_bug.cgi?id=138351

        Reviewed by Eric Carlson.

        Added optimizedFullscreenButton to js media element controls. Remove #if conditional 
        and use optimizedFullscreenSupported to enable feature at runtime

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::enterFullscreenOptimized): enable
        (WebCore::MediaControlsHost::optimizedFullscreenSupported): added
        * Modules/mediacontrols/MediaControlsHost.h: add optimizedFullscreenSupported
        * Modules/mediacontrols/MediaControlsHost.idl: ditto
        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-optimized-fullscreen-button): added
        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.createControls): add button
        (Controller.prototype.handleReadyStateChange): update button
        (Controller.prototype.updateOptimizedFullscreenButton): added
        * Modules/mediacontrols/mediaControlsiOS.css:
        (audio::-webkit-media-controls-optimized-fullscreen-button): added
        (video::-webkit-media-controls-optimized-fullscreen-button): added
        (video::-webkit-media-controls-optimized-fullscreen-button:active): added
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.createControls): listen for events from optimizedFullscreenButton
        (ControllerIOS.prototype.configureInlineControls): add button for non-audio when supported.
        (ControllerIOS.prototype.handleBaseGestureChange): 2-finger double-tap gesture for optimized fullscreen
        (ControllerIOS.prototype.handleWrapperTouchStart): ditto
        (ControllerIOS.prototype.handleOptimizedFullscreenButtonClicked): added
        (ControllerIOS.prototype.handleOptimizedFullscreenTouchStart): added 
        (ControllerIOS.prototype.handleOptimizedFullscreenTouchEnd): added
        (ControllerIOS.prototype.handleOptimizedFullscreenTouchCancel): added
        (ControllerIOS.prototype.handleStartPlaybackButtonTouchStart): fix typo
        (ControllerIOS.prototype.handleStartPlaybackButtonTouchEnd): fix typo
        (ControllerIOS.prototype.handleStartPlaybackButtonTouchCancel): fix typo
        * WebCore.exp.in:
        * platform/ios/WebCoreSystemInterfaceIOS.h: added wkIsOptimizedFullscreenSupported
        * platform/ios/WebCoreSystemInterfaceIOS.mm: added wkIsOptimizedFullscreenSupported
        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::enterFullscreen): enable feature
        (WebVideoFullscreenInterfaceAVKit::exitFullscreen): enable feature
        (WebVideoFullscreenInterfaceAVKit::cleanupFullscreen): only request exit when entered and not requested exit
        (WebVideoFullscreenInterfaceAVKit::requestHideAndExitFullscreen): ditto

2014-11-04  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Pause on exceptions should show the actual exception
        https://bugs.webkit.org/show_bug.cgi?id=63096

        Reviewed by Timothy Hatcher.

        * inspector/InspectorInstrumentation.cpp:
        (WebCore::InspectorInstrumentation::addMessageToConsoleImpl):
        Pass assertion message on.

2014-11-04  Reza Abbasian  <rabbasian@apple.com>

        [iOS] Fix incorrect interface orientation that can be caused by fullscreen video dismissal.
        https://bugs.webkit.org/show_bug.cgi?id=137930.

        Reviewed by Jer Noble.

        When a fullscreen video gets dismissed programmatically, for instance for removing
        a webview from the view hierarchy, it can put the device in an incorrect orientation.
        Make sure we retain the window of parentView when we attempt to go to fullscreen and use
        the retained window for putting the device in correct orientation after dismissal.

        * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (WebVideoFullscreenInterfaceAVKit::setupFullscreen):
        (WebVideoFullscreenInterfaceAVKit::cleanupFullscreen):
        (WebVideoFullscreenInterfaceAVKit::invalidate):

2014-11-04  Andreas Kling  <akling@apple.com>

        Remove two unused ScrollingCoordinator methods.
        <https://webkit.org/b/138377>

        Reviewed by Chris Dumez.

        These appear to be leftovers from the now-defunct chromium port.

        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::horizontalScrollbarLayerForScrollableArea): Deleted.
        (WebCore::ScrollingCoordinator::verticalScrollbarLayerForScrollableArea): Deleted.
        * page/scrolling/ScrollingCoordinator.h:

2014-11-04  Chris Dumez  <cdumez@apple.com>

        Add ptr() method to Ref class
        https://bugs.webkit.org/show_bug.cgi?id=138361

        Reviewed by Darin Adler.

        Use the new Ref::ptr() method.

        No new tests, no behavior change.

        * accessibility/AccessibilityMenuList.cpp:
        (WebCore::AccessibilityMenuList::didUpdateActiveOption):
        * bindings/js/JSHTMLAllCollectionCustom.cpp:
        (WebCore::getNamedItems):
        * bindings/js/JSHTMLFormControlsCollectionCustom.cpp:
        (WebCore::getNamedItems):
        * css/CSSStyleRule.h:
        * css/CSSStyleSheet.cpp:
        (WebCore::CSSStyleSheet::insertRule):
        * css/CSSValueList.h:
        (WebCore::CSSValueList::item):
        (WebCore::CSSValueList::itemWithoutBoundsCheck):
        * css/InspectorCSSOMWrappers.cpp:
        (WebCore::InspectorCSSOMWrappers::collect):
        * dom/ChildListMutationScope.cpp:
        (WebCore::ChildListMutationAccumulator::~ChildListMutationAccumulator):
        (WebCore::ChildListMutationAccumulator::childAdded):
        * dom/ChildNodeList.cpp:
        (WebCore::ChildNodeList::namedItem):
        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::removeChild):
        * dom/CurrentScriptIncrementer.h:
        (WebCore::CurrentScriptIncrementer::CurrentScriptIncrementer):
        (WebCore::CurrentScriptIncrementer::~CurrentScriptIncrementer):
        * dom/MutationRecord.cpp:
        * dom/NodeRareData.h:
        (WebCore::NodeListsNodeData::ensureChildNodeList):
        (WebCore::NodeListsNodeData::ensureEmptyChildNodeList):
        (WebCore::NodeListsNodeData::addCacheWithQualifiedName):
        * dom/Range.cpp:
        (WebCore::Range::setDocument):
        * dom/ScriptElement.cpp:
        (WebCore::ScriptElement::requestScript):
        (WebCore::ScriptElement::executeScript):
        * dom/StaticNodeList.cpp:
        (WebCore::StaticNodeList::item):
        (WebCore::StaticElementList::item):
        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::moveRemainingSiblingsToNewParent):
        * editing/DictationCommand.cpp:
        (WebCore::DictationCommand::insertText):
        * editing/DictationCommand.h:
        * editing/Editor.cpp:
        (WebCore::Editor::insertTextWithoutSendingTextEvent):
        * editing/ReplaceNodeWithSpanCommand.cpp:
        (WebCore::swapInNodePreservingAttributesAndChildren):
        * editing/SimplifyMarkupCommand.cpp:
        (WebCore::SimplifyMarkupCommand::doApply):
        * editing/markup.cpp:
        (WebCore::hasOneChild):
        (WebCore::hasOneTextChild):
        (WebCore::replaceChildrenWithFragment):
        (WebCore::replaceChildrenWithText):
        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::checkValidity):
        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::getNamedElements):
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::shouldLoadLink):
        * inspector/InspectorStyleSheet.cpp:
        (WebCore::InspectorStyleSheet::buildObjectForSelectorList):
        (WebCore::InspectorStyleSheet::buildObjectForRule):
        (WebCore::InspectorStyleSheet::revalidateStyle):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
        * page/FocusController.cpp:
        (WebCore::FocusController::setFocusedElement):
        * page/PageSerializer.cpp:
        (WebCore::PageSerializer::retrieveResourcesForRule):
        * page/PageSerializer.h:
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationController::updateAnimations):
        * platform/graphics/ca/TileCoverageMap.cpp:
        (WebCore::TileCoverageMap::platformCALayerPaintContents):
        * rendering/ClipPathOperation.h:
        * rendering/RenderBlock.cpp:
        (WebCore::styleForFirstLetter):
        (WebCore::RenderBlock::updateFirstLetterStyle):
        (WebCore::RenderBlock::createFirstLetterRenderer):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::updateColumnProgressionFromStyle):
        * rendering/RenderBlockFlow.h:
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::styleDidChange):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::setStyle):
        (WebCore::RenderElement::styleDidChange):
        * rendering/RenderNamedFlowFragment.cpp:
        (WebCore::RenderNamedFlowFragment::restoreRegionObjectsOriginalStyle):
        * rendering/RenderTextControl.cpp:
        (WebCore::RenderTextControl::adjustInnerTextStyle):
        * rendering/RenderTextControl.h:
        * rendering/RenderTextControlMultiLine.cpp:
        (WebCore::RenderTextControlMultiLine::createInnerTextStyle):
        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::createInnerTextStyle):
        * rendering/style/DataRef.h:
        (WebCore::DataRef::get):
        (WebCore::DataRef::access):
        (WebCore::DataRef::operator==):
        (WebCore::DataRef::operator!=):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::changeRequiresLayout):
        (WebCore::RenderStyle::changeRequiresPositionedLayoutOnly):
        (WebCore::RenderStyle::changeRequiresLayerRepaint):
        (WebCore::RenderStyle::changeRequiresRepaint):
        (WebCore::RenderStyle::changeRequiresRepaintIfTextOrBorderOrOutline):
        (WebCore::RenderStyle::changeRequiresRecompositeLayer):
        (WebCore::RenderStyle::diff):
        (WebCore::RenderStyle::diffRequiresLayerRepaint):
        * rendering/style/RenderStyle.h:
        * rendering/style/StyleGeneratedImage.cpp:
        (WebCore::StyleGeneratedImage::cssValue):
        * rendering/style/StyleGeneratedImage.h:
        * style/StyleResolveForDocument.cpp:
        (WebCore::Style::resolveForDocument):
        * style/StyleResolveTree.cpp:
        (WebCore::Style::determineChange):
        (WebCore::Style::resolveLocal):
        (WebCore::Style::resolveTree):
        * style/StyleResolveTree.h:

2014-11-04  Chris Dumez  <cdumez@apple.com>

        Move -webkit-text-emphasis-position to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138359

        Reviewed by Andreas Kling.

        Move -webkit-text-emphasis-position from DeprecatedStyleBilder to the
        new StyleBuilder so that it is now generated from CSSPropertyNames.in.
        A new TextEmphasisPosition Converter was added to support this.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::valueToEmphasisPosition): Deleted.
        (WebCore::ApplyPropertyTextEmphasisPosition::applyValue): Deleted.
        (WebCore::ApplyPropertyTextEmphasisPosition::createHandler): Deleted.
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::valueToEmphasisPosition):
        (WebCore::StyleBuilderConverter::convertTextEmphasisPosition):

2014-11-04  Andreas Kling  <akling@apple.com>

        RenderBox shouldn't need a pre-destructor hook.
        <https://webkit.org/b/138367>

        Reviewed by Antti Koivisto.

        Move teardown logic from willBeDestroyed() to the regular ~RenderBox()
        destructor since none of it depends on being in-tree or having a fully
        constructed vtable.

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::~RenderBox):
        (WebCore::RenderBox::willBeDestroyed): Deleted.
        * rendering/RenderBox.h:

2014-11-04  Myles C. Maxfield  <mmaxfield@apple.com>

        [OSX] CJK characters styled with font-family: cursive are italicized
        https://bugs.webkit.org/show_bug.cgi?id=138328
        rdar://problem/18801907

        Reviewed by Simon Fraser.

        FontCache::createFontPlatformData doesn’t set the oblique flag if
        the requested font isn’t oblique, but
        FontCache::systemFallbackForCharacters() does. This patch simply
        adopts this behavior in both places.

        Test: fast/text/font-cursive-italic-cjk.html

        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::FontCache::systemFallbackForCharacters):

2014-11-04  Benjamin Poulain  <bpoulain@apple.com>

        When computing the specificity of selectors, use saturated arithmetic per component
        https://bugs.webkit.org/show_bug.cgi?id=138336

        Reviewed by Andreas Kling.

        The code handling overflow in CSSSelector::specificity() was assuming that the value
        returned by specificityForOneSelector() can only overflow one field at a time.

        That assumption is no longer correct with the extended :not(). It is now possible to have
        a complex selector saturating multiple fields inside a single :not().

        This patch solves the problem by considering each field independently.

        Test: fast/selectors/specificity-overflow-2.html

        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::specificity):

2014-11-04  Zalan Bujtas  <zalan@apple.com>

        Windows build fix after r175565.

        MSVC requires default c'tor even if it's never called. -0 length array.

        * rendering/SimpleLineLayout.h:
        (WebCore::SimpleLineLayout::Run::Run):

2014-11-04  Zalan Bujtas  <zalan@apple.com>

        Simple line layout: Cleanup line initialization and line closing.
        https://bugs.webkit.org/show_bug.cgi?id=138273

        Reviewed by Antti Koivisto.

        This is in preparation to support multiple render elements.

        Move line start and line end activities to dedicated functions.

        Covered by existing tests.

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::LineState::LineState): Add lineStartRunIndex to be more explicit
        about whether a line advanced with new runs. Rename a few members. Introduce LineState::oveflowedFragment
        so that line closing can handled separately.
        (WebCore::SimpleLineLayout::LineState::commitAndCreateRun):
        (WebCore::SimpleLineLayout::LineState::addUncommitted):
        (WebCore::SimpleLineLayout::LineState::jumpTo):
        (WebCore::SimpleLineLayout::LineState::addUncommittedWhitespace): Deleted. : Remove redundant function.  
        (WebCore::SimpleLineLayout::LineState::removeCommittedTrailingWhitespace):
        (WebCore::SimpleLineLayout::LineState::resetTrailingWhitespace):
        (WebCore::SimpleLineLayout::removeTrailingWhitespace): Add resetTrailingWhitespace()
        so that all trailing whitespace handling is in one function.
        (WebCore::SimpleLineLayout::initializeNewLine): Separate line start and line end initialization/reset.
        (WebCore::SimpleLineLayout::createLineRuns):
        (WebCore::SimpleLineLayout::closeLineEndingAndAdjustRuns): This function manages all line ending activities.
        (WebCore::SimpleLineLayout::createTextRuns):
        (WebCore::SimpleLineLayout::create):
        (WebCore::SimpleLineLayout::initializeLine): Deleted.
        * rendering/SimpleLineLayout.h:
        (WebCore::SimpleLineLayout::Run::Run): Deleted.

2014-11-04  Tim Horton  <timothy_horton@apple.com>

        Implement yellow highlight over data detected items
        https://bugs.webkit.org/show_bug.cgi?id=138340
        <rdar://problem/18840102>

        Reviewed by Anders Carlsson.

        * platform/spi/mac/DataDetectorsSPI.h:
        Add completionHandler SPI.

2014-11-04  Darin Adler  <darin@apple.com>

        Eliminate ResourceBuffer and use SharedBuffer directly instead
        https://bugs.webkit.org/show_bug.cgi?id=138174

        Reviewed by Antti Koivisto.

        Refactoring, with test coverage across many existing tests.

        * CMakeLists.txt: Deleted ResourceBuffer.cpp.

        * WebCore.exp.in: Removed ResourceBuffer-related symbols, and updated symbol
        for one function that used to take a PassRefPtr but now takes a reference instead.

        * WebCore.vcxproj/WebCore.vcxproj: Deleted ResourceBuffer.cpp/.h.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Deleted ResourceBuffer.mm/.cpp/.h.

        * bindings/objc/DOMUIKitExtensions.mm:
        (-[DOMHTMLImageElement dataRepresentation:]): Use SharedBuffer directly.
        * editing/ios/EditorIOS.mm:
        (WebCore::Editor::writeImageToPasteboard): Ditto.
        * editing/mac/EditorMac.mm:
        (WebCore::Editor::writeImageToPasteboard): Ditto.

        * html/ImageDocument.cpp:
        (WebCore::ImageDocument::updateDuringParsing): Use SharedBuffer directly, and
        also pass a reference only if non-null rather than passing a pointer.
        (WebCore::ImageDocument::finishedParsing): Ditto. Added a missing null check.

        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::cachedResourceContent): Use SharedBuffer directly.
        (WebCore::InspectorPageAgent::mainResourceContent): Ditto.
        * inspector/InspectorResourceAgent.cpp:
        (WebCore::InspectorResourceAgent::didFinishLoading): Ditto.
        (WebCore::InspectorResourceAgent::didFailLoading): Ditto.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::mainResourceData): Use SharedBuffer directly,
        and use the copy function rather than a hand-written alternative.
        (WebCore::DocumentLoader::maybeCreateArchive): Ditto.
        (WebCore::DocumentLoader::mainResource): Ditto.
        (WebCore::DocumentLoader::subresource): Ditto.
        (WebCore::DocumentLoader::maybeFinishLoadingMultipartContent): Ditto.

        * loader/DocumentLoader.h: Changed mainResourceData to return a
        PassRefPtr<SharedBuffer>. Would be better if it returned a SharedBuffer&,
        but it currently returns a newly created buffer when there is substitute
        data and can also return null, even though many callers assume it will not!

        * loader/MediaResourceLoader.cpp:
        (WebCore::MediaResourceLoader::dataReceived): Removed call to unused client
        function bufferReceived.
        (WebCore::MediaResourceLoader::notifyFinished): Removed unused buffer
        argument to client function loadFinished.

        * loader/ResourceBuffer.cpp: Removed.
        * loader/ResourceBuffer.h: Removed.

        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::addDataOrBuffer): Use SharedBuffer directly.

        * loader/ResourceLoader.h:
        (WebCore::ResourceLoader::resourceData): Use SharedBuffer.

        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::didReceiveResponse): Use SharedBuffer.
        (WebCore::SubresourceLoader::didReceiveDataOrBuffer): Ditto.

        * loader/TextTrackLoader.cpp:
        (WebCore::TextTrackLoader::processNewCueData): Use SharedBuffer.
        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::finishedLoadingMainResource): Ditto.
        * loader/archive/cf/LegacyWebArchive.cpp:
        (WebCore::LegacyWebArchive::create): Ditto.

        * loader/cache/CachedCSSStyleSheet.cpp:
        (WebCore::CachedCSSStyleSheet::finishLoading): Use SharedBuffer.
        * loader/cache/CachedCSSStyleSheet.h: Ditto.
        * loader/cache/CachedFont.cpp:
        (WebCore::CachedFont::finishLoading): Ditto.
        (WebCore::CachedFont::ensureCustomFontData): Ditto.
        * loader/cache/CachedFont.h: Ditto.

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::didAddClient): Use SharedBuffer.
        (WebCore::CachedImage::didRemoveClient): Ditto.
        (WebCore::CachedImage::addIncrementalDataBuffer): Ditto. Changed to take
        a reference rather than a pointer.
        (WebCore::CachedImage::addDataBuffer): Ditto. Also added call through
        to base class and changed to take a reference rather than a pointer.
        (WebCore::CachedImage::addData): Ditto. Also added call through to base class.
        (WebCore::CachedImage::finishLoading): Ditto.
        * loader/cache/CachedImage.h: Ditto. Also changed the type of some bit fields
        to be unsigned instead of unsigend char.

        * loader/cache/CachedRawResource.cpp:
        (WebCore::CachedRawResource::calculateIncrementalDataChunk): Use SharedBuffer.
        (WebCore::CachedRawResource::addDataBuffer): Ditto. Changed to take
        a reference rather than a pointer.
        (WebCore::CachedRawResource::addData): Ditto.
        (WebCore::CachedRawResource::finishLoading): Ditto.
        (WebCore::CachedRawResource::canReuse): Ditto.
        * loader/cache/CachedRawResource.h: Ditto.

        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::CachedResource): Reordered data members due to change
        in header.
        (WebCore::CachedResource::addDataBuffer): Changed argument type.
        (WebCore::CachedResource::finishLoading): Ditto.
        (WebCore::CachedResource::didAddClient): Refactored to eliminate one extra hash
        table lookup by using the return value from the remove function.
        (WebCore::CachedResource::addClientToSet): Use std::make_unique directly instead
        of using a function named "schedule" to allocate the callback object.
        (WebCore::CachedResource::Callback::Callback): Changed function and data member
        name.
        (WebCore::CachedResource::Callback::cancel): Ditto.
        (WebCore::CachedResource::Callback::timerFired): Ditto.
        (WebCore::CachedResource::tryReplaceEncodedData): Changed to take a SharedBuffer&.

        * loader/cache/CachedResource.h: Changed types to use SharedBuffer. Also made most
        data members and one function member private instead of protected. Also renamed the
        CachedResource::CachedResourceCallback function CachedResource::Callback and moved
        its definition out of the CachedResource class definition.

        * loader/cache/CachedResourceClient.h: Removed unneeded include.

        * loader/cache/CachedSVGDocument.cpp:
        (WebCore::CachedSVGDocument::finishLoading): Use SharedBuffer.

        * loader/cache/CachedSVGDocument.h: Ditto. Made data members private.

        * loader/cache/CachedScript.cpp:
        (WebCore::CachedScript::finishLoading): Use SharedBuffer.
        * loader/cache/CachedScript.h: Ditto. Also fixed indenting and removed unneeded
        forward declaration.

        * loader/cache/CachedTextTrack.cpp:
        (WebCore::CachedTextTrack::updateData): Added, so that finishLoading does not
        call addDataBuffer.
        (WebCore::CachedTextTrack::addDataBuffer): Take SharedBuffer, call updateData.
        (WebCore::CachedTextTrack::finishLoading): Ditto.
        * loader/cache/CachedTextTrack.h: Take out unneeded explicit override of the
        destructor. Updated for above changes.

        * loader/cache/CachedXSLStyleSheet.cpp:
        (WebCore::CachedXSLStyleSheet::finishLoading): Updated to use SharedBuffer.
        * loader/cache/CachedXSLStyleSheet.h: Took out unneeded includes, made everything
        private rather than protected. Added an explicit virtual constructor so we can
        compile without knowing how to ref/deref TextResourceDecoder.

        * loader/cf/SubresourceLoaderCF.cpp:
        (WebCore::SubresourceLoader::didReceiveDataArray): Updated to use SharedBuffer
        and to call addDataBuffer only if there is a new data buffer.

        * loader/cocoa/DiskCacheMonitorCocoa.h: Use SharedBuffer& instead of PassRefPtr.
        * loader/cocoa/DiskCacheMonitorCocoa.mm:
        (WebCore::DiskCacheMonitor::DiskCacheMonitor): Ditto.
        (WebCore::DiskCacheMonitor::resourceBecameFileBacked): Ditto.

        * loader/icon/IconLoader.cpp:
        (WebCore::IconLoader::notifyFinished): Use SharedBuffer* instead of
        RefPtr<ResourceBuffer>.

        * loader/mac/ResourceBuffer.mm: Removed.

        * loader/mac/ResourceLoaderMac.mm:
        (WebCore::ResourceLoader::didReceiveDataArray): Use SharedBuffer.

        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::clear): Use a modern for loop.
        (WebCore::SharedBuffer::copy): Return a PassRef instead of a PassRefPtr, since
        this never returns null. Use modern for loops.
        (WebCore::SharedBuffer::copyBufferAndClear): Use a modern for loop.

        * platform/SharedBuffer.h: Changed copy to return PassRef instead of PassRefPtr.
        Changed tryReplaceContentsWithPlatformBuffer to take a reference rather than
        a pointer.

        * platform/cf/SharedBufferCF.cpp:
        (WebCore::SharedBuffer::tryReplaceContentsWithPlatformBuffer): Take a reference
        instead of a pointer.

        * platform/graphics/PlatformMediaResourceLoader.h: Removed unused function
        bufferReceived and unneeded buffer argument from loadFinished. Also marked the
        constructor explicit.

        * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
        Removed include of ResourceBuffer.h.
        * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
        (WebCore::WebCoreAVFResourceLoader::fulfillRequestWithResource): Use
        SharedBuffer directly.

        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (CachedResourceStreamingClient::loadFinished): Updated for change to
        PlatformMediaResourceLoaderClient.

        * platform/mac/PasteboardMac.mm: Removed include of ResourceBuffer.h.

        * platform/soup/SharedBufferSoup.cpp: Removed unused, unneeded
        tryReplaceContentsWithPlatformBuffer function.

2014-11-04  Chris Dumez  <cdumez@apple.com>

        Use SPECIALIZE_TYPE_TRAITS_*() macro for StyleRuleGroup subclasses
        https://bugs.webkit.org/show_bug.cgi?id=138345

        Reviewed by Andreas Kling.

        Use SPECIALIZE_TYPE_TRAITS_*() macro for StyleRuleGroup subclasses
        instead of old-fashion toXXX() functions.

        No new tests, no behavior change.

        * css/CSSMediaRule.cpp:
        (WebCore::CSSMediaRule::mediaQueries):
        * css/CSSSupportsRule.cpp:
        (WebCore::CSSSupportsRule::conditionText):
        * css/StyleRule.h:
        (isType):
        (WebCore::toStyleRuleMedia): Deleted.
        (WebCore::toStyleRuleSupports): Deleted.
        (WebCore::toStyleRuleRegion): Deleted.
        * css/WebKitCSSRegionRule.cpp:
        (WebCore::WebKitCSSRegionRule::cssText):

2014-11-04  Andreas Kling  <akling@apple.com>

        RenderQuote shouldn't need a pre-destructor hook.
        <https://webkit.org/b/138352>

        Reviewed by Antti Koivisto.

        The willBeDestroyed() hook in RenderQuote came from the time when it was
        potential unsafe to access the RenderView from a renderer destructor.

        Move the code to the plain ol' destructor instead.

        * rendering/RenderQuote.cpp:
        (WebCore::RenderQuote::~RenderQuote):
        (WebCore::RenderQuote::willBeDestroyed): Deleted.
        * rendering/RenderQuote.h:

2014-11-04  Csaba Osztrogonác  <ossy@webkit.org>

        Fix the !ENABLE(VIDEO) build after r175380
        https://bugs.webkit.org/show_bug.cgi?id=138322

        Reviewed by Benjamin Poulain.

        * html/HTMLImageLoader.cpp:
        (WebCore::HTMLImageLoader::dispatchLoadEvent):

2014-11-03  Philippe Normand  <pnormand@igalia.com>

        [LEAK] [GStreamer] Removing video element will not free assigned memory
        https://bugs.webkit.org/show_bug.cgi?id=46560

        Reviewed by Eric Carlson.

        Moved the ::extraMemoryCost() implementation to the
        MediaPlayerPivateInterface base class. This default implementation
        is now shared between the various MediaPlayerPrivate backends,
        excepted the AVF MediaSource player which still reports no extra
        memory cost.

        * platform/graphics/MediaPlayerPrivate.h:
        (WebCore::MediaPlayerPrivateInterface::totalBytes): Make
        totalBytes() part of the MediaPlayerPrivate interface.
        (WebCore::MediaPlayerPrivateInterface::extraMemoryCost): Default
        implementation.
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::extraMemoryCost): Deleted.
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:

2014-11-04  Nikos Andronikos  <nikos.andronikos-webkit@cisra.canon.com.au>

        Fix animation of orient attribute on marker element
        https://bugs.webkit.org/show_bug.cgi?id=137942

        Reviewed by Dirk Schulze.

        Fixed implementation of SVG animated angles and the SVG
        marker element orient attribute.
        SVG animated angle was missing the logic to support animation
        from auto to a numeric angle value - this is now added.
        The SVG marker element getter for orientType was not returning
        the animated value for orientType so in some cases (i.e. when
        the initial value and the animated values were of different types)
        the animation was not being rendered - although it was running.

        Tests: svg/animations/animate-marker-orienttype-1.html
               svg/animations/animate-marker-orienttype-2.html
               svg/animations/animate-marker-orienttype-3.html

        * svg/SVGAnimatedAngle.cpp:
        (WebCore::SVGAnimatedAngleAnimator::calculateAnimatedValue):
        Added logic to support auto to angle animation.
        * svg/SVGMarkerElement.cpp:
        (WebCore::SVGMarkerElement::orientType):
        This method now returns the animated value if an animation is
        running.
        * svg/SVGMarkerElement.h:

2014-11-03  Chris Dumez  <cdumez@apple.com>

        Allow implicit conversion from Ref<T> to T&
        https://bugs.webkit.org/show_bug.cgi?id=138331

        Reviewed by Andreas Kling.

        Remove unnecessary calls to Ref<T>::get() now that a Ref<T> can be
        converted implicitly to a T&.

        No new tests, no behavior change.

2014-11-03  Simon Fraser  <simon.fraser@apple.com>

        Non-fast scrollable region overlay offsets the overlay by topContentInset
        https://bugs.webkit.org/show_bug.cgi?id=138344

        Reviewed Tim Horton.
        
        Offset the region by topContentInset, and make it not green.

        * page/DebugPageOverlays.cpp:
        (WebCore::NonFastScrollableRegionOverlay::updateRegion):

2014-11-03  Andreas Kling  <akling@apple.com>

        Clarify RenderListMarker ownership model.
        <https://webkit.org/b/138329>

        Reviewed by Antti Koivisto.

        A RenderListMarker is either in-tree and owned by the tree, or out-of-tree
        and owned by a RenderListItem.

        This patch changes RenderListItem::m_marker to be a raw pointer, and removes
        the special handling of list markers in RenderElement child teardown.

        We also remove the willBeDestroyed() hook. It was used to clear out the
        m_marker pointer, but this is now done in the regular ~RenderListItem()
        destructor with an assertion for marker sanity. m_marker is automatically
        nulled out by a didDestroyListMarker() callback on RenderListItem.

        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::destroyLeftoverChildren):

            Removed special handling of list marker renderers when deleting a
            RenderElement's children.

        * rendering/RenderListItem.cpp:
        (WebCore::RenderListItem::RenderListItem):
        (WebCore::RenderListItem::~RenderListItem):
        (WebCore::RenderListItem::styleDidChange):
        (WebCore::RenderListItem::insertOrMoveMarkerRendererIfNeeded):
        (WebCore::RenderListItem::positionListMarker):

            Made m_marker a raw pointer instead of a RenderPtr since the ownership
            really switches between weak and strong reference.

        (WebCore::RenderListItem::willBeDestroyed):
        * rendering/RenderListMarker.cpp:
        (WebCore::RenderListMarker::~RenderListMarker):

            Added a regular destructor to replace the willBeDestroyed() hook.

        * rendering/RenderListItem.h:
        (WebCore::RenderListItem::didDestroyListMarker):

            Added. Called by ~RenderListMarker to null out RenderListItem::m_marker.

2014-11-03  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Move WebCore/bridge to std::unique_ptr
        https://bugs.webkit.org/show_bug.cgi?id=138280

        Reviewed by Anders Carlsson.

        Clean up OwnPtr in WebCore/bridge.

        No new tests, no behavior changes.

        * bridge/c/c_class.cpp:
        (JSC::Bindings::CClass::methodNamed):
        (JSC::Bindings::CClass::fieldNamed):
        * bridge/c/c_class.h: Use std::unique_ptr instead of OwnPtr.
        * bridge/objc/objc_class.h: ditto.
        * bridge/objc/objc_class.mm:
        (JSC::Bindings::ObjcClass::methodNamed):
        (JSC::Bindings::ObjcClass::fieldNamed):
        * bridge/objc/objc_runtime.mm:
        (JSC::Bindings::callObjCFallbackObject):
        * bridge/runtime_method.h:

2014-11-03  Dan Bernstein  <mitz@apple.com>

        Client certificate credentials with session persistence don’t work
        https://bugs.webkit.org/show_bug.cgi?id=138330

        Reviewed by Alexey Proskuryakov.

        I think this is not testable with our test HTTP server.

        * platform/network/CredentialStorage.cpp:
        (WebCore::CredentialStorage::set): Don’t require a valid URL for client certificate
        credentials, since they don’t apply to a specific path. Don’t save such credentials to
        CFNetwork’s persistent storage (we only do that as a workaround for sharing credentials
        with the media framework, and we don’t want to expand the scope of the workaround).
        * platform/network/cf/ResourceHandleCFNet.cpp:
        (WebCore::ResourceHandle::receivedCredential): Changed to use the Credential consturctor
        that takes a Credential and a new persistence, so that this code works not only with
        user+password credentials.

2014-11-03  Simon Fraser  <simon.fraser@apple.com>

        Add page overlays that show regions with mouseWheel event handlers, and the non-fast-scrollable region, and code to toggle them in MiniBrowser WK2
        https://bugs.webkit.org/show_bug.cgi?id=138257

        Reviewed by Tim Horton.

        Add code for debugging page overlays that show the non-fast scrollable region,
        and the region with wheel event handlers. The list of region types is intended
        to be easily extensible.
        
        A singleton DebugPageOverlays maintains a map of Frame -> vector of overlays.
        A purely inline code path is provided so that DebugPageOverlays::didLayout() is
        fast.
        
        For each region type, a PageOverlay::Client subclass knows how to generate
        the region, which is painted into a document-level page overlay.
        
        Add a set of bitflags to Settings to control region visibility.

        * WebCore.exp.in:
        * WebCore.xcodeproj/project.pbxproj:
        * page/DebugPageOverlays.cpp: Added.
        (WebCore::RegionOverlay::overlay):
        (WebCore::MouseWheelRegionOverlay::updateRegion):
        (WebCore::NonFastScrollableRegionOverlay::updateRegion):
        (WebCore::RegionOverlay::create):
        (WebCore::RegionOverlay::RegionOverlay):
        (WebCore::RegionOverlay::~RegionOverlay):
        (WebCore::RegionOverlay::pageOverlayDestroyed):
        (WebCore::RegionOverlay::willMoveToPage):
        (WebCore::RegionOverlay::didMoveToPage):
        (WebCore::RegionOverlay::drawRect):
        (WebCore::RegionOverlay::mouseEvent):
        (WebCore::RegionOverlay::didScrollFrame):
        (WebCore::RegionOverlay::recomputeRegion):
        (WebCore::DebugPageOverlays::shared):
        (WebCore::indexOf):
        (WebCore::DebugPageOverlays::ensureRegionOverlayForFrame):
        (WebCore::DebugPageOverlays::showRegionOverlay):
        (WebCore::DebugPageOverlays::hideRegionOverlay):
        (WebCore::DebugPageOverlays::regionChanged):
        (WebCore::DebugPageOverlays::regionOverlayForFrame):
        (WebCore::DebugPageOverlays::updateOverlayRegionVisibility):
        (WebCore::DebugPageOverlays::settingsChanged):
        * page/DebugPageOverlays.h: Added.
        (WebCore::DebugPageOverlays::hasOverlaysForFrame):
        (WebCore::DebugPageOverlays::hasOverlays):
        (WebCore::DebugPageOverlays::didLayout):
        * page/FrameView.cpp:
        (WebCore::FrameView::layout):
        * page/Settings.h:
        * page/Settings.in:

2014-11-03  Simon Fraser  <simon.fraser@apple.com>

        Video controls have lots of compositing layers
        https://bugs.webkit.org/show_bug.cgi?id=138294

        Reviewed by Eric Carlson.

        After r175268 we get lots of separate small layers in the video
        controls (but they pop into a single layer when opacity animates).
        
        Fix this by putting an explicit z-index on -webkit-media-controls-panel
        which is the element that animates opacity.

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-panel):

2014-11-03  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r175406, r175413, and r175423.
        https://bugs.webkit.org/show_bug.cgi?id=138327

        Multipart tests are still broken (Requested by ap on #webkit).

        Reverted changesets:

        "Eliminate ResourceBuffer and use SharedBuffer directly
        instead"
        https://bugs.webkit.org/show_bug.cgi?id=138174
        http://trac.webkit.org/changeset/175406

        "Unreviewed, iOS build fix since 175406."
        http://trac.webkit.org/changeset/175413

        "Fix assertion in CachedResource::addDataBuffer"
        http://trac.webkit.org/changeset/175423

2014-11-03  Chris Dumez  <cdumez@apple.com>

        Unreviewed, fix bad assertion in r175487.

        I mistakenly used it != values.end() instead of it == values.end()
        so the debug bots are crashing.

        * css/StyleResolver.cpp:
        (WebCore::createGridPosition):

2014-11-03  Csaba Osztrogonác  <ossy@webkit.org>

        Fix the !ENABLE(VIDEO) build after r175279
        https://bugs.webkit.org/show_bug.cgi?id=138320

        Reviewed by Jer Noble.

        * page/ChromeClient.h:

2014-11-03  Chris Dumez  <cdumez@apple.com>

        Support modern range loops over CSSValueList
        https://bugs.webkit.org/show_bug.cgi?id=138285

        Reviewed by Andreas Kling.

        Add support for modern range loops over CSSValueList objects.
        Port the code base to using range loops for CSSValueList objects and
        drop the CSSValueListInspector / CSSValueListIterator classes as they
        are no longer needed.

        No new tests, no behavior change.

2014-11-03  Andreas Kling  <akling@apple.com>

        RenderCounter shouldn't need a pre-destructor hook.
        <https://webkit.org/b/138316>

        Reviewed by Antti Koivisto.

        RenderCounter will automatically register/unregister itself with
        the RenderView when constructed/destroyed.

        It was using a willBeDestroyed() hook because it used to be that you
        couldn't get to the RenderView in the destructor. That's no longer
        an issue as Document promises that RenderView is the last render tree
        node to go away.

        * rendering/RenderCounter.cpp:
        (WebCore::RenderCounter::~RenderCounter):
        (WebCore::RenderCounter::willBeDestroyed): Deleted.
        * rendering/RenderCounter.h:

2014-11-03  Tim Horton  <timothy_horton@apple.com>

        Use FrameSnapshotting functions in FindController::getFindIndicatorBitmap
        https://bugs.webkit.org/show_bug.cgi?id=138300
        <rdar://problem/18855863>

        Reviewed by Simon Fraser.

        * WebCore.exp.in:
        * page/FrameSnapshotting.cpp:
        (WebCore::snapshotSelection):
        Move knowledge that selectionBounds can be empty down to WebCore.

2014-11-03  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Show Selector's Specificity
        https://bugs.webkit.org/show_bug.cgi?id=138189

        Reviewed by Timothy Hatcher.

        Test: inspector/css/selector-specificity.html

        * css/CSSSelector.h:
        Remove very stale comment. '*' is a starAtom now instead of a special -1 tag.
        Made the specificity masks public class constants.

        * inspector/InspectorStyleSheet.h:
        * inspector/InspectorStyleSheet.cpp:
        (WebCore::InspectorStyle::buildArrayForComputedStyle):
        (WebCore::InspectorStyle::styleWithProperties):
        (WebCore::InspectorStyleSheet::buildObjectForStyleSheetInfo):
        Drive by use release() in some cases to reduce ref count churn.

        (WebCore::buildObjectForSelectorHelper):
        (WebCore::selectorsFromSource):
        (WebCore::InspectorStyleSheet::buildObjectForSelector):
        (WebCore::InspectorStyleSheet::buildObjectForSelectorList):
        Build CSSSelector objects for SelectorLists.

2014-11-03  Chris Dumez  <cdumez@apple.com>

        Move -webkit-shape-outside to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138296

        Reviewed by Zoltan Horvath.

        Move -webkit-shape-outside to the new StyleBuilder, using custom
        code as it does not always call setShapeOutside().

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyShape::setValue): Deleted.
        (WebCore::ApplyPropertyShape::applyValue): Deleted.
        (WebCore::ApplyPropertyShape::createHandler): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderFunctions::applyValueWebkitShapeOutside):

2014-11-03  Alexey Proskuryakov  <ap@apple.com>

        REGRESSION: Using a media element changes window.name
        https://bugs.webkit.org/show_bug.cgi?id=138278
        rdar://problem/18704134

        Apply the same fix to mediaControlsBase.js. I do not know who uses this file, but
        there is no reason to have the bug there.

        * Modules/mediacontrols/mediaControlsBase.js:
        (Controller.prototype.addVideoListeners):
        (Controller.prototype.removeVideoListeners):
        (Controller.prototype.disconnectControls):

2014-11-03  Andreas Kling  <akling@apple.com>

        RenderLayerModelObject shouldn't need a pre-destructor hook.
        <https://webkit.org/b/138314>

        Reviewed by Antti Koivisto.

        Move code from the willBeDestroyed() pre-destructor hook to the regular
        ~RenderLayerModelObject() destructor.

        We just need to unregister the renderer from the FrameView's set of
        viewport-constrained objects. That doesn't require being able to walk
        the render tree or call virtuals, which is the main reason you'd use
        willBeDestroyed().

        * rendering/RenderLayerModelObject.cpp:
        (WebCore::RenderLayerModelObject::~RenderLayerModelObject):
        (WebCore::RenderLayerModelObject::willBeDestroyed): Deleted.
        * rendering/RenderLayerModelObject.h:

2014-11-03  Tibor Meszaros  <tmeszaros.u-szeged@partner.samsung.com>

        [EFL] Fix the build if LOG_DISABLED=0 in release mode
        https://bugs.webkit.org/show_bug.cgi?id=138309

        Reviewed by Chris Dumez.

        * platform/efl/LoggingEfl.cpp:

2014-11-03  Chris Dumez  <cdumez@apple.com>

        Move 'zoom' CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138297

        Reviewed by Antti Koivisto.

        Move 'zoom' CSS property from DeprecatedStyleBuilder to the new
        StyleBuilder by using custom code as it requires special handling.

        No new tests, no behavior change.

        * css/makeprop.pl:
        Add support for Custom=All StyleBuilder option to indicate
        that the property requires custom code to set the initial,
        inherit and current values.

2014-11-03  Sungmann Cho  <sungmann.cho@navercorp.com>

        AX: Fix some minor typos related to the word "accessibility".
        https://bugs.webkit.org/show_bug.cgi?id=138299

        Reviewed by Chris Fleizach.

        No new tests, no behavior change.

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::shouldUseAccessibilityObjectInnerText):
        (WebCore::AccessibilityNodeObject::textUnderElement):
        (WebCore::shouldUseAccessiblityObjectInnerText): Deleted.
        * accessibility/atk/WebKitAccessibleInterfaceText.cpp:
        (getRunAttributesFromAccessibilityObject):
        (webkitAccessibleTextGetRunAttributes):
        (getRunAttributesFromAccesibilityObject): Deleted.
        * page/CaptionUserPreferencesMediaAF.cpp:
        (WebCore::CaptionUserPreferencesMediaAF::textTrackSelectionScore):

2014-11-02  Chris Dumez  <cdumez@apple.com>

        Move string-typed properties to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138295

        Reviewed by Antti Koivisto.

        Move string-typed properties to the new StyleBuilder:
        -webkit-hyphenate-character
        -webkit-line-grid
        -webkit-flow-into
        -webkit-flow-from

        No new tests, no behavior change.

2014-11-02  Chris Dumez  <cdumez@apple.com>

        Unreviewed, rebaseline bindings tests after r175462.

        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        (WebCore::jsTestActiveDOMObjectPrototypeFunctionExcitingFunction):
        (WebCore::jsTestActiveDOMObjectPrototypeFunctionPostMessage):
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
        (WebCore::jsTestCustomNamedGetterPrototypeFunctionAnotherFunction):
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::jsTestEventTargetPrototypeFunctionItem):
        (WebCore::jsTestEventTargetPrototypeFunctionDispatchEvent):
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        (WebCore::JSTestInterfaceConstructor::constructJSTestInterface):
        (WebCore::jsTestInterfacePrototypeFunctionImplementsMethod2):
        (WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod2):
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        (WebCore::jsTestMediaQueryListListenerPrototypeFunctionMethod):
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        (WebCore::JSTestNamedConstructorNamedConstructor::constructJSTestNamedConstructor):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::JSTestObjConstructor::constructJSTestObj):
        (WebCore::jsTestObjPrototypeFunctionVoidMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionByteMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionOctetMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionLongMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionObjMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionMethodWithSequenceArg):
        (WebCore::jsTestObjPrototypeFunctionMethodReturningSequence):
        (WebCore::jsTestObjPrototypeFunctionMethodWithEnumArg):
        (WebCore::jsTestObjPrototypeFunctionMethodThatRequiresAllArgsAndThrows):
        (WebCore::jsTestObjPrototypeFunctionSerializedValue):
        (WebCore::jsTestObjPrototypeFunctionOptionsObject):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndOptionalArg):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndTwoOptionalArgs):
        (WebCore::jsTestObjPrototypeFunctionMethodWithCallbackArg):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNonCallbackArgAndCallbackArg):
        (WebCore::jsTestObjConstructorFunctionStaticMethodWithCallbackArg):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod1):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod2):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod3):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod4):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod5):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod6):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod7):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod8):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod9):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod10):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod11):
        (WebCore::jsTestObjConstructorFunctionClassMethod2):
        (WebCore::jsTestObjConstructorFunctionOverloadedMethod11):
        (WebCore::jsTestObjConstructorFunctionOverloadedMethod12):
        (WebCore::jsTestObjPrototypeFunctionClassMethodWithClamp):
        (WebCore::jsTestObjPrototypeFunctionMethodWithUnsignedLongSequence):
        (WebCore::jsTestObjPrototypeFunctionStringArrayFunction):
        (WebCore::jsTestObjPrototypeFunctionDomStringListFunction):
        (WebCore::jsTestObjPrototypeFunctionMethodWithAndWithoutNullableSequence):
        (WebCore::jsTestObjPrototypeFunctionMethodWithAndWithoutNullableSequence2):
        (WebCore::jsTestObjPrototypeFunctionConvert1):
        (WebCore::jsTestObjPrototypeFunctionConvert2):
        (WebCore::jsTestObjPrototypeFunctionConvert4):
        (WebCore::jsTestObjPrototypeFunctionConvert5):
        (WebCore::jsTestObjPrototypeFunctionStrictFunction):
        (WebCore::jsTestObjPrototypeFunctionStrictFunctionWithSequence):
        (WebCore::jsTestObjPrototypeFunctionStrictFunctionWithArray):
        (WebCore::jsTestObjPrototypeFunctionVariadicStringMethod):
        (WebCore::jsTestObjPrototypeFunctionVariadicDoubleMethod):
        (WebCore::jsTestObjPrototypeFunctionVariadicNodeMethod):
        (WebCore::jsTestObjPrototypeFunctionAny):
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
        (WebCore::JSTestOverloadedConstructorsConstructor::constructJSTestOverloadedConstructors1):
        (WebCore::JSTestOverloadedConstructorsConstructor::constructJSTestOverloadedConstructors2):
        (WebCore::JSTestOverloadedConstructorsConstructor::constructJSTestOverloadedConstructors3):
        (WebCore::JSTestOverloadedConstructorsConstructor::constructJSTestOverloadedConstructors4):
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        (WebCore::JSTestTypedefsConstructor::constructJSTestTypedefs):
        (WebCore::jsTestTypedefsPrototypeFunctionSetShadow):
        (WebCore::jsTestTypedefsPrototypeFunctionMethodWithSequenceArg):
        (WebCore::jsTestTypedefsPrototypeFunctionNullableArrayArg):
        (WebCore::jsTestTypedefsPrototypeFunctionFuncWithClamp):
        (WebCore::jsTestTypedefsPrototypeFunctionStringArrayFunction):
        (WebCore::jsTestTypedefsPrototypeFunctionStringArrayFunction2):
        (WebCore::jsTestTypedefsPrototypeFunctionCallWithSequenceThatRequiresInclude):

2014-11-02  Chris Dumez  <cdumez@apple.com>

        Reduce the cost of argumentCount checks in the JS bindings
        https://bugs.webkit.org/show_bug.cgi?id=138289

        Reviewed by Sam Weinig.

        Slightly reduce the cost of argumentCount checks in the JS bindings by
        hinting to the compiler that it is UNLIKELY that those methods are
        called with too few arguments.

        I see a 3% progression on PerformanceTests/DOM/DOMDivWalk.html
        performance test.

        No new tests, no behavior change.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateArgumentsCountCheck):

2014-11-01  Alexey Proskuryakov  <ap@apple.com>

        REGRESSION: Using a media element changes window.name
        https://bugs.webkit.org/show_bug.cgi?id=138278
        rdar://problem/18704134

        Reviewed by Jer Noble.

        Test: fast/media/window-name.html

        Use an actual variable for name (and while at it, for "item" as well).

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.addVideoListeners):
        (Controller.prototype.removeVideoListeners):
        (Controller.prototype.disconnectControls):

2014-11-01  Chris Dumez  <cdumez@apple.com>

        Move "direction" CSS property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138288

        Reviewed by Sam Weinig.

        Move "direction" CSS property to the new StyleBuilder by using custom
        code as it requires special handling to call
        Document::setDirectionSetOnDocumentElement() when necessary.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyDirection::applyValue): Deleted.
        (WebCore::ApplyPropertyDirection::createHandler): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderFunctions::applyValueDirection):

2014-11-01  Sam Weinig  <sam@webkit.org>

        Move the -webkit-transform property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138283

        Reviewed by Chris Dumez.

        Move the -webkit-transform property from StyleResolver to the new
        generated StyleBuilder. Adds a converter for TransformOperations.

        * css/CSSPropertyNames.in:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertTransform):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):
        * css/TransformFunctions.cpp:
        (WebCore::transformsForValue):
        * css/TransformFunctions.h:
        * css/WebKitCSSMatrix.cpp:
        (WebCore::WebKitCSSMatrix::setMatrixValue):

2014-11-01  Benjamin Poulain  <bpoulain@apple.com>

        Fix the specificity of the extended :not() selector
        https://bugs.webkit.org/show_bug.cgi?id=138275

        Reviewed by Andreas Kling.

        The current draft says "The specificity of a :not() pseudo-class
        is the specificity of the most specifc complex selector in its selector list."

        It is still unclear how :not() plays with other new selectors. Until that is clarified,
        this only handle the simple cases.

        Tests: fast/css/not-self-specificity.html
               fast/css/not-specificity-1.html
               fast/css/not-specificity-2.html
               fast/css/not-specificity-3.html
               fast/css/not-specificity-4.html
               fast/css/not-specificity-5.html
               fast/css/not-specificity-6.html

        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::specificityForOneSelector):

2014-10-31  Benjamin Poulain  <bpoulain@apple.com>

        Fix the Debug builds after r175446

        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::selectorText):

2014-10-31  Dhi Aurrahman  <diorahman@rockybars.com>

        Add initial parsing functionality of :lang pseudo class in Selectors Level 4.
        https://bugs.webkit.org/show_bug.cgi?id=138170

        Reviewed by Benjamin Poulain.

        Add initial parsing functionality of :lang pseudo class in Selectors Level 4,
        as specified in [1].

        It parses comma-separated list of string arguments. Currently, it throws error
        on arguments with "*" (e.g. :lang(zh, *-hant)).

        Add additional test file fast/selectors/lang-invalid.html along side the 
        fast/css/css-selector-text.html.

        [1] http://dev.w3.org/csswg/selectors4/#the-lang-pseudo

        Test: fast/selectors/lang-invalid.html

        * css/CSSGrammar.y.in:
        * css/CSSParser.cpp:
        (WebCore::CSSParser::detectFunctionTypeToken):
        * css/CSSParserValues.cpp:
        (WebCore::CSSParserSelector::setArgumentList):
        * css/CSSParserValues.h:
        * css/CSSSelector.cpp:
        (WebCore::appendArgumentList):
        (WebCore::CSSSelector::selectorText):
        (WebCore::CSSSelector::setArgumentList):
        * css/CSSSelector.h:
        (WebCore::CSSSelector::argumentList):
        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addPseudoClassType):

2014-10-31  Chris Dumez  <cdumez@apple.com>

        StyleBuilder: Stop using custom code for -webkit-hyphenate-limit-lines
        https://bugs.webkit.org/show_bug.cgi?id=138270

        Reviewed by Antti Koivisto.

        Stop using custom code for -webkit-hyphenate-limit-lines in the new
        StyleBuilder. We don't really need to, we can just have a Converter
        specific to this property.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertWebkitHyphenateLimitLines):
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderFunctions::applyValueWebkitHyphenateLimitLines): Deleted.

2014-10-31  Chris Dumez  <cdumez@apple.com>

        Support throttling of DOMTimers using nested setTimeout() calls
        https://bugs.webkit.org/show_bug.cgi?id=138262

        Reviewed by Gavin Barraclough.

        Extend DOMTimers throttling support to timers that are using nested
        setTimeout() calls instead of a setInterval(). To achieve this, this
        patch introduces a NestedTimersVector singleton class where nested
        timers are appended, and for which we potentially update the next
        firing time, after the parent timer is done executing.

        I have verified this helps on cnn.com for example, which has timers
        interacting with non-visible plugins that are scheduled using nested
        setTimeout() calls with a frequency of 150 / 200 ms.

        * page/DOMTimer.cpp:
        (WebCore::NestedTimersVector::NestedTimersVector):
        (WebCore::NestedTimersVector::~NestedTimersVector):
        (WebCore::NestedTimersVector::registerTimer):
        (WebCore::NestedTimersVector::begin):
        (WebCore::NestedTimersVector::end):
        (WebCore::DOMTimer::install):
        (WebCore::DOMTimer::updateThrottlingStateIfNecessary):
        (WebCore::DOMTimer::fired):
        * page/DOMTimer.h:

2014-10-31  Chris Dumez  <cdumez@apple.com>

        Move -webkit-marquee-increment property to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138208

        Reviewed by Andreas Kling.

        Move -webkit-marquee-increment property from DeprecatedStyleBuilder to
        the new StyleBuilder so that it is generated from CSSPropertyNames.in.
        Custom code is used to set the value due to the !length.isUndefined()
        check before calling setMarqueeIncrement().

        Test: fast/css/webkit-marquee-increment-bad-value.html

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyLength::setValue): Deleted.
        (WebCore::ApplyPropertyLength::applyValue): Deleted.
        (WebCore::ApplyPropertyLength::createHandler): Deleted.
        (WebCore::ApplyPropertyMarqueeIncrement::applyValue): Deleted.
        (WebCore::ApplyPropertyMarqueeIncrement::createHandler): Deleted.
        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderFunctions::applyValueWebkitMarqueeIncrement):

2014-10-31  Simon Fraser  <simon.fraser@apple.com>

        Brace cleanup in StyleResolver::adjustRenderStyle()
        https://bugs.webkit.org/show_bug.cgi?id=138267

        Reviewed by Chris Dumez.

        No braces for single-line clauses.

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle):

2014-10-31  Chris Dumez  <cdumez@apple.com>

        Fix several warnings reported by clang static analyzer in WebCore
        https://bugs.webkit.org/show_bug.cgi?id=138258

        Reviewed by Joseph Pecoraro.

        Fix several warnings reported by clang static analyzer in WebCore
        related to variable unnecessary assignments and scope.

        No new tests, no behavior change.

        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::getUpperLeftCorner):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):
        * inspector/InspectorStyleTextEditor.cpp:
        (WebCore::InspectorStyleTextEditor::replaceProperty):
        * page/ContextMenuController.cpp:
        (WebCore::openNewWindow):
        * page/DragController.cpp:
        (WebCore::createMouseEvent):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::computeInlinePreferredLogicalWidths):
        * rendering/svg/SVGInlineTextBox.cpp:
        (WebCore::SVGInlineTextBox::paintSelectionBackground):

2014-10-31  Simon Fraser  <simon.fraser@apple.com>

        Whitespace cleanup in Screen.h
        https://bugs.webkit.org/show_bug.cgi?id=138265

        Reviewed by Chris Dumez.

        No indent for namespaces. Mark 'final'. Fix * placement.

        * page/Screen.h:
        (WebCore::Screen::create):

2014-10-31  Simon Fraser  <simon.fraser@apple.com>

        Change the ScrollingThread code to use RunLoop::main().dispatch() rather than callOnMainThread(), which has Obj-C overhead
        https://bugs.webkit.org/show_bug.cgi?id=138263

        Reviewed by Geoffrey Garen.

        callOnMainThread() uses -performSelector:onMainThread:withObject:waitUntilDone:, so
        it's slightly more efficient to use RunLoop::main().dispatch().

        * page/scrolling/ThreadedScrollingTree.cpp:
        (WebCore::ThreadedScrollingTree::invalidate):
        (WebCore::ThreadedScrollingTree::scrollingTreeNodeDidScroll):
        (WebCore::ThreadedScrollingTree::handleWheelEventPhase):

2014-10-31  Benjamin Poulain  <bpoulain@apple.com>

        Pseudo classes with an escaped parenthesis generate invalid rules
        https://bugs.webkit.org/show_bug.cgi?id=138266

        Reviewed by Antti Koivisto.

        Since the functional pseudo classes are part of the list of PseudoClassAndCompatibilityElement,
        they could be created by the rule
             pseudo:
                 ':' IDENT
        if the parenthesis is escaped. For example, with ":not\\(", the IDENT would be
        "not(", CSSParserSelector::parsePseudoClassAndCompatibilityElementSelector would
        find a pseudo class type of PseudoClassNot, and the action would create an invalid
        CSSSelector for a :not() without nested selector.

        This patch fixes the issue by detecting the function case in
        CSSParserSelector::parsePseudoClassAndCompatibilityElementSelector().

        An other solution would be to split PseudoClassAndCompatibilityElement into simple pseudo class
        and functional pseudo classes. We may do that some day but at the moment it is a lot of work with
        a little benefit.

        Tests: fast/css/crash-on-incomplete-webkit-any.html
               fast/css/pseudo-escaped-parenthesis.html
               fast/selectors/invalid-functional-pseudo-class.html

        * css/CSSParserValues.cpp:
        (WebCore::CSSParserSelector::parsePseudoClassAndCompatibilityElementSelector):

2014-10-31  Chris Dumez  <cdumez@apple.com>

        Make CSSDefaultStyleSheets::ensureDefaultStyleSheetsForElement() faster
        https://bugs.webkit.org/show_bug.cgi?id=138227

        Reviewed by Benjamin Poulain.

        Restructure CSSDefaultStyleSheets::ensureDefaultStyleSheetsForElement()
        a bit to do less if checks. The previous implementation was doing 7 if
        checks no matter the input value. The new implementation does less
        if checks depending on the input type.

        Also, the isImageControlsRootElement() was showing in the profiles so
        I updated the condition to only do this virtual function call if the
        input is an HTMLDivElement (which we can check more efficiently).

        With the change, I see that we're spending about ~26% less time in
        this method when running speedometer. However, the impact on the
        overall score is within noise.

        No new tests, no behavior change.

        * css/CSSDefaultStyleSheets.cpp:
        (WebCore::CSSDefaultStyleSheets::ensureDefaultStyleSheetsForElement):

2014-10-31  Antti Koivisto  <antti@apple.com>

        Fix assertion in CachedResource::addDataBuffer

        * loader/cache/CachedRawResource.cpp:
        (WebCore::CachedRawResource::addDataBuffer):

            Don't call to base class if buffering mode changed (happens with some special top level document types).

2014-10-31  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Remove webkit prefix from CSS columns.
        https://bugs.webkit.org/show_bug.cgi?id=137132.

        Reviewed by Dean Jackson.

        CSS columns properties are ready for un-prefixing. There are still a couple
        that we haven't implemented, such as the ones starting with "break-", so we're
        just going to do the ones starting with "column-".  The list of column un-
        prefixed properties in this change set is:
            - column-count
            - column-fill
            - column-gap
            - column-progression
            - column-rule
            - column-rule-color
            - column-rule-style
            - column-rule-width
            - column-span
            - column-width
            - columns

        Tests: fast/multicol/column-box-alignment-rtl.html
               fast/multicol/multicol-aliases.html
               imported/w3c/css/multicol/multicol-basic-001.html
               imported/w3c/css/multicol/multicol-basic-002.html
               imported/w3c/css/multicol/multicol-basic-003.html
               imported/w3c/css/multicol/multicol-basic-004.html

        Add new un-prefixed column properties and make the -webkit* ones be aliases
        to the new ones.
        * css/CSSPropertyNames.in:

        Use the new enums CSSPropertyColumn* instead of the prefixed ones.
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSParser.cpp:
        (WebCore::isColorPropertyID):
        (WebCore::isValidKeywordPropertyAndValue):
        (WebCore::isKeywordPropertyID):
        (WebCore::CSSParser::parseValue):
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        * css/StyleProperties.cpp:
        (WebCore::StyleProperties::getPropertyValue):
        * css/StylePropertyShorthand.cpp:
        (WebCore::webkitColumnsShorthand):
        (WebCore::webkitColumnRuleShorthand):
        (WebCore::shorthandForProperty):
        (WebCore::matchingShorthandsForLonghand):
        * css/StyleResolver.cpp:
        (WebCore::isValidVisitedLinkProperty):
        (WebCore::StyleResolver::applyProperty):
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):
        * rendering/RenderMultiColumnSet.cpp:
        (WebCore::RenderMultiColumnSet::paintColumnRules):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::colorIncludingFallback):

2014-10-31  Tim Horton  <timothy_horton@apple.com>

        Remove "Add to iPhoto" from the action menu's sharing menu
        https://bugs.webkit.org/show_bug.cgi?id=138251
        <rdar://problem/18837197>

        Reviewed by Anders Carlsson.

        * platform/spi/mac/NSSharingServiceSPI.h:
        Add 'name' to the NSSharingService SPI header.

2014-10-31  Akos Kiss  <akiss@inf.u-szeged.hu>

        Fix type clash warning in supports_error rule of CSSGrammar.
        https://bugs.webkit.org/show_bug.cgi?id=138248

        Reviewed by Antti Koivisto.

        Added explicit actions to supports_error rule in CSSGrammar.y.in since
        the default actions caused bison to emit type clash warnings.

        No new tests because there is no behavior change.

        * css/CSSGrammar.y.in:

2014-10-31  Adrian Perez de Castro  <aperez@igalia.com>

        [GTK] Support script message handlers WebKitUserContentManager
        https://bugs.webkit.org/show_bug.cgi?id=133730

        Reviewed by Carlos Garcia Campos.

        Support user script message handlers in WebKitUserContentManager.
        This needs building with ENABLE_USER_MESSAGE_HANDLERS, for which
        an option is added to the CMake build files. The option is disabled
        globally by default, and the WebKitGTK port enables it. On the API
        level, two new methods to register and unregister names are provided
        in the "window.webkit" namespace, and on message reception the
        "WebKitUserContentManager::script-message-received" signal is
        emitted, using the registered names as signal detail.

        * CMakeLists.txt: Conditionally add the needed files to the build
        when the ENABLE_USER_MESSAGE_HANDLERS feature is enabled.

2014-10-31  Andrzej Badowski  <a.badowski@samsung.com>

        [ATK] Improve AccessibilityTableCell's determineAccessibilityRole function.
        https://bugs.webkit.org/show_bug.cgi?id=137737

        Reviewed by Chris Fleizach.

        Use of new functions isRowHeaderCell and isColumnHeaderCell (bug 136818)
        to more accurately determine accessibility role of the table cell.

        Test: accessibility/table-cells-roles.html

        * accessibility/AccessibilityARIAGridCell.cpp:
        (WebCore::AccessibilityARIAGridCell::rowIndexRange):
        Change to const.
        * accessibility/AccessibilityARIAGridCell.h:
        Change rowIndexRange function to const.
        * accessibility/AccessibilityTableCell.cpp:
        (WebCore::AccessibilityTableCell::determineAccessibilityRole):
        Use of isRowHeaderCell and isColumnHeaderCell to more accurately determine accessibility role (ATK).
        (WebCore::AccessibilityTableCell::isColumnHeaderCell):
        Add a case of direct placement a row in the table.
        (WebCore::AccessibilityTableCell::isRowHeaderCell):
        Add a case of direct placement a row in the table.
        (WebCore::AccessibilityTableCell::rowIndexRange):
        Change to const.
        * accessibility/AccessibilityTableCell.h:
        Change rowIndexRange function to const.

2014-10-30  Darin Adler  <darin@apple.com>

        Eliminate ResourceBuffer and use SharedBuffer directly instead
        https://bugs.webkit.org/show_bug.cgi?id=138174

        Reviewed by Antti Koivisto.

        Refactoring, with test coverage across many existing tests.

        * CMakeLists.txt: Deleted ResourceBuffer.cpp.

        * WebCore.exp.in: Removed ResourceBuffer-related symbols, and updated symbol
        for one function that used to take a PassRefPtr but now takes a reference instead.

        * WebCore.vcxproj/WebCore.vcxproj: Deleted ResourceBuffer.cpp/.h.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Deleted ResourceBuffer.mm/.cpp/.h.

        * bindings/objc/DOMUIKitExtensions.mm:
        (-[DOMHTMLImageElement dataRepresentation:]): Use SharedBuffer directly.
        * editing/ios/EditorIOS.mm:
        (WebCore::Editor::writeImageToPasteboard): Ditto.
        * editing/mac/EditorMac.mm:
        (WebCore::Editor::writeImageToPasteboard): Ditto.

        * html/ImageDocument.cpp:
        (WebCore::ImageDocument::updateDuringParsing): Use SharedBuffer directly, and
        also pass a reference only if non-null rather than passing a pointer.
        (WebCore::ImageDocument::finishedParsing): Ditto. Added a missing null check.

        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::cachedResourceContent): Use SharedBuffer directly.
        (WebCore::InspectorPageAgent::mainResourceContent): Ditto.
        * inspector/InspectorResourceAgent.cpp:
        (WebCore::InspectorResourceAgent::didFinishLoading): Ditto.
        (WebCore::InspectorResourceAgent::didFailLoading): Ditto.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::mainResourceData): Use SharedBuffer directly,
        and use the copy function rather than a hand-written alternative.
        (WebCore::DocumentLoader::maybeCreateArchive): Ditto.
        (WebCore::DocumentLoader::mainResource): Ditto.
        (WebCore::DocumentLoader::subresource): Ditto.
        (WebCore::DocumentLoader::maybeFinishLoadingMultipartContent): Ditto.

        * loader/DocumentLoader.h: Changed mainResourceData to return a
        PassRefPtr<SharedBuffer>. Would be better if it returned a SharedBuffer&,
        but it currently returns a newly created buffer when there is substitute
        data and can also return null, even though many callers assume it will not!

        * loader/MediaResourceLoader.cpp:
        (WebCore::MediaResourceLoader::dataReceived): Removed call to unused client
        function bufferReceived.
        (WebCore::MediaResourceLoader::notifyFinished): Removed unused buffer
        argument to client function loadFinished.

        * loader/ResourceBuffer.cpp: Removed.
        * loader/ResourceBuffer.h: Removed.

        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::addDataOrBuffer): Use SharedBuffer directly.

        * loader/ResourceLoader.h:
        (WebCore::ResourceLoader::resourceData): Use SharedBuffer.

        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::didReceiveResponse): Use SharedBuffer.
        (WebCore::SubresourceLoader::didReceiveDataOrBuffer): Ditto.

        * loader/TextTrackLoader.cpp:
        (WebCore::TextTrackLoader::processNewCueData): Use SharedBuffer.
        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::finishedLoadingMainResource): Ditto.
        * loader/archive/cf/LegacyWebArchive.cpp:
        (WebCore::LegacyWebArchive::create): Ditto.

        * loader/cache/CachedCSSStyleSheet.cpp:
        (WebCore::CachedCSSStyleSheet::finishLoading): Use SharedBuffer.
        * loader/cache/CachedCSSStyleSheet.h: Ditto.
        * loader/cache/CachedFont.cpp:
        (WebCore::CachedFont::finishLoading): Ditto.
        (WebCore::CachedFont::ensureCustomFontData): Ditto.
        * loader/cache/CachedFont.h: Ditto.

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::didAddClient): Use SharedBuffer.
        (WebCore::CachedImage::didRemoveClient): Ditto.
        (WebCore::CachedImage::addIncrementalDataBuffer): Ditto. Changed to take
        a reference rather than a pointer.
        (WebCore::CachedImage::addDataBuffer): Ditto. Also added call through
        to base class and changed to take a reference rather than a pointer.
        (WebCore::CachedImage::addData): Ditto. Also added call through to base class.
        (WebCore::CachedImage::finishLoading): Ditto.
        * loader/cache/CachedImage.h: Ditto. Also changed the type of some bit fields
        to be unsigned instead of unsigend char.

        * loader/cache/CachedRawResource.cpp:
        (WebCore::CachedRawResource::calculateIncrementalDataChunk): Use SharedBuffer.
        (WebCore::CachedRawResource::addDataBuffer): Ditto. Changed to take
        a reference rather than a pointer.
        (WebCore::CachedRawResource::addData): Ditto.
        (WebCore::CachedRawResource::finishLoading): Ditto.
        (WebCore::CachedRawResource::canReuse): Ditto.
        * loader/cache/CachedRawResource.h: Ditto.

        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::CachedResource): Reordered data members due to change
        in header.
        (WebCore::CachedResource::addDataBuffer): Changed argument type.
        (WebCore::CachedResource::finishLoading): Ditto.
        (WebCore::CachedResource::didAddClient): Refactored to eliminate one extra hash
        table lookup by using the return value from the remove function.
        (WebCore::CachedResource::addClientToSet): Use std::make_unique directly instead
        of using a function named "schedule" to allocate the callback object.
        (WebCore::CachedResource::Callback::Callback): Changed function and data member
        name.
        (WebCore::CachedResource::Callback::cancel): Ditto.
        (WebCore::CachedResource::Callback::timerFired): Ditto.
        (WebCore::CachedResource::tryReplaceEncodedData): Changed to take a SharedBuffer&.

        * loader/cache/CachedResource.h: Changed types to use SharedBuffer. Also made most
        data members and one function member private instead of protected. Also renamed the
        CachedResource::CachedResourceCallback function CachedResource::Callback and moved
        its definition out of the CachedResource class definition.

        * loader/cache/CachedResourceClient.h: Removed unneeded include.

        * loader/cache/CachedSVGDocument.cpp:
        (WebCore::CachedSVGDocument::finishLoading): Use SharedBuffer.

        * loader/cache/CachedSVGDocument.h: Ditto. Made data members private.

        * loader/cache/CachedScript.cpp:
        (WebCore::CachedScript::finishLoading): Use SharedBuffer.
        * loader/cache/CachedScript.h: Ditto. Also fixed indenting and removed unneeded
        forward declaration.

        * loader/cache/CachedTextTrack.cpp:
        (WebCore::CachedTextTrack::updateData): Added, so that finishLoading does not
        call addDataBuffer.
        (WebCore::CachedTextTrack::addDataBuffer): Take SharedBuffer, call updateData.
        (WebCore::CachedTextTrack::finishLoading): Ditto.
        * loader/cache/CachedTextTrack.h: Take out unneeded explicit override of the
        destructor. Updated for above changes.

        * loader/cache/CachedXSLStyleSheet.cpp:
        (WebCore::CachedXSLStyleSheet::finishLoading): Updated to use SharedBuffer.
        * loader/cache/CachedXSLStyleSheet.h: Took out unneeded includes, made everything
        private rather than protected. Added an explicit virtual constructor so we can
        compile without knowing how to ref/deref TextResourceDecoder.

        * loader/cf/SubresourceLoaderCF.cpp:
        (WebCore::SubresourceLoader::didReceiveDataArray): Updated to use SharedBuffer
        and to call addDataBuffer only if there is a new data buffer.

        * loader/cocoa/DiskCacheMonitorCocoa.h: Use SharedBuffer& instead of PassRefPtr.
        * loader/cocoa/DiskCacheMonitorCocoa.mm:
        (WebCore::DiskCacheMonitor::DiskCacheMonitor): Ditto.
        (WebCore::DiskCacheMonitor::resourceBecameFileBacked): Ditto.

        * loader/icon/IconLoader.cpp:
        (WebCore::IconLoader::notifyFinished): Use SharedBuffer* instead of
        RefPtr<ResourceBuffer>.

        * loader/mac/ResourceBuffer.mm: Removed.

        * loader/mac/ResourceLoaderMac.mm:
        (WebCore::ResourceLoader::didReceiveDataArray): Use SharedBuffer.

        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::clear): Use a modern for loop.
        (WebCore::SharedBuffer::copy): Return a PassRef instead of a PassRefPtr, since
        this never returns null. Use modern for loops.
        (WebCore::SharedBuffer::copyBufferAndClear): Use a modern for loop.

        * platform/SharedBuffer.h: Changed copy to return PassRef instead of PassRefPtr.
        Changed tryReplaceContentsWithPlatformBuffer to take a reference rather than
        a pointer.

        * platform/cf/SharedBufferCF.cpp:
        (WebCore::SharedBuffer::tryReplaceContentsWithPlatformBuffer): Take a reference
        instead of a pointer.

        * platform/graphics/PlatformMediaResourceLoader.h: Removed unused function
        bufferReceived and unneeded buffer argument from loadFinished. Also marked the
        constructor explicit.

        * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
        Removed include of ResourceBuffer.h.
        * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
        (WebCore::WebCoreAVFResourceLoader::fulfillRequestWithResource): Use
        SharedBuffer directly.

        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (CachedResourceStreamingClient::loadFinished): Updated for change to
        PlatformMediaResourceLoaderClient.

        * platform/mac/PasteboardMac.mm: Removed include of ResourceBuffer.h.

        * platform/soup/SharedBufferSoup.cpp: Removed unused, unneeded
        tryReplaceContentsWithPlatformBuffer function.

2014-10-30  Chris Dumez  <cdumez@apple.com>

        Move border-image-source / -webkit-mask-box-image-source to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138209

        Reviewed by Andreas Kling.

        Move border-image-source / -webkit-mask-box-image-source CSS properties
        from DeprecatedStyleBuilder to the new StyleBuilder so that they are
        now generated from CSSPropertyNames.in.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyBorderImageSource::applyValue): Deleted.
        (WebCore::ApplyPropertyBorderImageSource::createHandler): Deleted.
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertBorderImageSource):

2014-10-30  Jer Noble  <jer.noble@apple.com>

        [EME] Add Setting for accessing storage location for MediaKeys data
        https://bugs.webkit.org/show_bug.cgi?id=138147

        Reviewed by Brady Eidson.

        Allow MediaPlayerPrivateAVFoundationObjC to query for the MediaKeys storage directory
        by piping that request down from WebKit and WebKit2 into Settings.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaKeysStorageDirectory): Get the location from Settings and
            append the current origin.
        * html/HTMLMediaElement.h:
        * page/Settings.h:
        (WebCore::Settings::setMediaKeysStorageDirectory): Simple setter.
        (WebCore::Settings::mediaKeysStorageDirectory): Simple accessor.
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::mediaKeysStorageDirectory): Pass through to m_client.
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerClient::mediaPlayerMediaKeysStorageDirectory): Default implementation.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::streamSession): Fetch the location from MediaPlayer.
        (WebCore::sessionStorageDirectory): Deleted.

2014-10-30  Dana Burkart  <dburkart@apple.com>

        <rdar://problem/18821260> Prepare for the mysterious future

        Reviewed by Lucas Forschler.

        * Configurations/Base.xcconfig:
        * Configurations/DebugRelease.xcconfig:
        * Configurations/FeatureDefines.xcconfig:
        * Configurations/Version.xcconfig:

2014-10-30  Simon Fraser  <simon.fraser@apple.com>

        Short-circuit repaints with empty rects
        https://bugs.webkit.org/show_bug.cgi?id=138234

        Reviewed by Zalan Bujtas.
        
        Repaints with an empty rectangle are common enough that it's worth
        short-circuiting them.

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::repaintUsingContainer):

2014-10-30  Chris Dumez  <cdumez@apple.com>

        Clean up virtual functions in css/
        https://bugs.webkit.org/show_bug.cgi?id=138230

        Reviewed by Benjamin Poulain.

        Clean up virtual functions in css/ by:
        - Making virtual functions final when possible
        - Making classes final when possible
        - Using 'override' when appropriate
        - Explicitly marking functions / destructors as virtual when they are
          inherently virtual
        - Making isXXX() virtual functions private on XXX classes to avoid
          unnecessary type checks

        No new tests, no behavior change.

        * WebCore.exp.in:
        * css/CSSBasicShapes.h:
        * css/CSSCharsetRule.h:
        * css/CSSComputedStyleDeclaration.h:
        * css/CSSCrossfadeValue.h:
        * css/CSSFilterImageValue.h:
        * css/CSSFontFaceLoadEvent.h:
        * css/CSSFontFaceRule.h:
        * css/CSSFontFaceSource.h:
        * css/CSSImportRule.h:
        * css/CSSMediaRule.h:
        * css/CSSPageRule.h:
        * css/CSSRuleList.h:
        (WebCore::StaticCSSRuleList::ref): Deleted.
        (WebCore::StaticCSSRuleList::styleSheet): Deleted.
        (WebCore::StaticCSSRuleList::length): Deleted.
        (WebCore::StaticCSSRuleList::item): Deleted.
        (WebCore::LiveCSSRuleList::ref): Deleted.
        (WebCore::LiveCSSRuleList::deref): Deleted.
        (WebCore::LiveCSSRuleList::length): Deleted.
        (WebCore::LiveCSSRuleList::item): Deleted.
        (WebCore::LiveCSSRuleList::styleSheet): Deleted.
        * css/CSSStyleRule.h:
        * css/CSSSupportsRule.h:
        * css/CSSUnknownRule.h:
        * css/FontLoader.h:
        * css/PropertySetCSSStyleDeclaration.h:
        (WebCore::PropertySetCSSStyleDeclaration::parentElement):
        * css/WebKitCSSKeyframeRule.h:
        * css/WebKitCSSViewportRule.h:

2014-10-30  Tim Horton  <timothy_horton@apple.com>

        Long spins under rangeExpandedAroundPosition on Yahoo Mail
        https://bugs.webkit.org/show_bug.cgi?id=138223
        <rdar://problem/18819547>

        Reviewed by Enrica Casucci.

        * WebCore.exp.in:
        Export some things.

2014-10-30  Ada Chan  <adachan@apple.com>

        The Page's muted setting should not affect the HTMLMediaElement's 'muted' IDL attribute.
        https://bugs.webkit.org/show_bug.cgi?id=138215

        Reviewed by Eric Carlson.

        Add m_muted in Page to keep track of the Page's muted state. Change AudioProducer::setMuted()
        to pageMutedStateDidChange(). When that method is called, the AudioProducer is supposed to
        update its muted state again taking the Page's muted state into account.

        Add HTMLMediaElement::effectiveMuted(), which returns the effective muted state of the
        HTMLMediaElement, taking the Page's muted state into account.

        Test: media/video-muted-after-setting-page-muted-state.html

        * dom/Document.cpp:
        (WebCore::Document::pageMutedStateDidChange):
        (WebCore::Document::setMuted): Deleted.
        * dom/Document.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::setMuted):
        Set the MediaPlayer's muted state to the result of effectiveMuted() rather than m_muted.
        (WebCore::HTMLMediaElement::updateVolume):
        Ditto, and also make sure the MediaController's muted state does not override the Page's
        muted state.
        (WebCore::HTMLMediaElement::updatePlayState):
        Set the MediaPlayer's muted state to the result of effectiveMuted() rather than muted().
        (WebCore::HTMLMediaElement::pageMutedStateDidChange):
        Call updateVolume(), which will update the MediaPlayer's muted state.
        (WebCore::HTMLMediaElement::effectiveMuted):
        Figure out the muted value taking Page's muted state into account.
        * html/HTMLMediaElement.h:
        * page/AudioProducer.h:
        * page/Page.cpp:
        (WebCore::Page::Page):
        (WebCore::Page::setMuted):
        Update m_muted, and only iterate through the frames' documents to call pageMutedStateDidChange()
        if m_muted changes.
        * page/Page.h:
        (WebCore::Page::isMuted):
        * testing/Internals.cpp:
        (WebCore::Internals::setPageMuted):
        Expose a way to set the Page's muted state in Internals for testing.
        * testing/Internals.h:
        * testing/Internals.idl:

2014-10-30  Myles C. Maxfield  <mmaxfield@apple.com>

        Use references in calculateMinimumPageHeight() for non-optional arguments
        https://bugs.webkit.org/show_bug.cgi?id=138231

        Reviewed by Dean Jackson.

        No new tests because there is no behavior change.

        * rendering/RenderBlockFlow.cpp:
        (WebCore::calculateMinimumPageHeight):
        (WebCore::RenderBlockFlow::adjustLinePositionForPagination):

2014-10-30  Chris Dumez  <cdumez@apple.com>

        Move -webkit-border-image / -webkit-mask-box-image to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138207

        Reviewed by Andreas Kling.

        Move -webkit-border-image / -webkit-mask-box-image CSS properties to
        the new StyleBuilder so that they are now generated from
        CSSPropertyNames.in.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyBorderImage::applyValue): Deleted.
        (WebCore::ApplyPropertyBorderImage::createHandler): Deleted.
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertBorderImage):
        (WebCore::StyleBuilderConverter::convertBorderMask):

2014-10-30  Chris Dumez  <cdumez@apple.com>

        Optimize HTMLVideoElement / HTMLAudioElement type checks a bit
        https://bugs.webkit.org/show_bug.cgi?id=138202

        Reviewed by Benjamin Poulain.

        Optimize HTMLVideoElement / HTMLAudioElement type checks a bit by:
        1. Using is<HTMLMediaElement>() instead of
           (is<HTMLVideoElement>() || is<HTMLAudioElement>()) if the caller is
           interested in both video and audio elements. This is faster because
           it ends up doing:
               - virtual call to Element::isMediaElement()
           instead of
               - Node::isHTMLElement() +
                 virtual call to HTMLElement::isHTMLUnknownElement() +
                 2 * HTMLElement::hasTagName()
        2. Updating HTMLVideoElement / HTMLAudioElement type traits
           specializations to:
           - Avoid doing any virtual function call if the input type is an
             HTMLMediaElement (which is common in the code base).
           - Speed up check if the input is an Element by doing:
               - virtual call to Element::isMediaElement() +
                 HTMLElement::hasTagName()
             instead of
               - Node::isHTMLElement() +
                 virtual call to !HTMLElement::isHTMLUnknownElement() +
                 HTMLElement::hasTagName()
             The speed stays the same if the input is a Node or an HTMLElement.

        No new tests, no behavior change.

        * css/CSSDefaultStyleSheets.cpp:
        (WebCore::CSSDefaultStyleSheets::ensureDefaultStyleSheetsForElement):
        * dom/make_names.pl:
        (defaultTagPropertyHash):
        (printTypeHelpers):
        * html/HTMLAudioElement.h:
        (isType):
        * html/HTMLImageLoader.cpp:
        * html/HTMLTagNames.in:
        * html/HTMLVideoElement.h:
        (isType):
        * page/ChromeClient.h:

2014-10-30  Myles C. Maxfield  <mmaxfield@apple.com>

        Migrate ComplexTextControllerCoreText to use SPI instead of WKSI
        https://bugs.webkit.org/show_bug.cgi?id=138228

        Reviewed by Simon Fraser.

        No new tests because there is no behavior change.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/mac/ComplexTextControllerCoreText.mm:
        (WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun):
        (WebCore::ComplexTextController::collectComplexTextRunsForCharacters):
        * platform/spi/cocoa/CoreTextSPI.h: Added.

2014-10-30  Eric Carlson  <eric.carlson@apple.com>

        Add diagnostic logging to track page loads.
        https://bugs.webkit.org/show_bug.cgi?id=138205
        <rdar://problem/18173017>

        Reviewed by Jer Noble.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::checkLoadCompleteForThisFrame): Log page load success or failure.

        * page/DiagnosticLoggingKeys.cpp:
        (WebCore::DiagnosticLoggingKeys::pageLoadedKey): New.
        * page/DiagnosticLoggingKeys.h:

2014-10-24  Philippe Normand  <pnormand@igalia.com>

        [GStreamer] Video resolution changes trigger a crash in the TextureMapper
        https://bugs.webkit.org/show_bug.cgi?id=137065

        Reviewed by Gustavo Noronha Silva.

        Switch to GstSample for buffer+caps communication between the
        video sink and the player. Using a single object type for this
        avoid issues where the caps might not correctly describe the
        buffer contents anymore, for example when the video resolution is
        changed.

        * platform/graphics/gstreamer/ImageGStreamer.h: Use GstSample
        instead of GstBuffer+GstCaps.
        (WebCore::ImageGStreamer::createImage):
        * platform/graphics/gstreamer/ImageGStreamerCairo.cpp: Ditto.
        (ImageGStreamer::ImageGStreamer):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::mediaPlayerPrivateRepaintCallback): The repaint signal
        now uses a GstSample instead of a GstBuffer.
        (WebCore::MediaPlayerPrivateGStreamerBase::MediaPlayerPrivateGStreamerBase):
        Store the current sample instead of a buffer. Also renamed the
        mutex protecting access to the sample.
        (WebCore::MediaPlayerPrivateGStreamerBase::~MediaPlayerPrivateGStreamerBase): Ditto.
        (WebCore::MediaPlayerPrivateGStreamerBase::naturalSize): Return
        early if no sample is available. The caps used to get the video
        size are store in the sample.
        (WebCore::MediaPlayerPrivateGStreamerBase::updateTexture): Use
        GstSample instead of GstBuffer.
        (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint): Ditto.
        (WebCore::MediaPlayerPrivateGStreamerBase::paint): Ditto.
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
        * platform/graphics/gstreamer/VideoSinkGStreamer.cpp: Now store a
        GstSample internally. Also removed the now useless current-caps property.
        (_WebKitVideoSinkPrivate::_WebKitVideoSinkPrivate): Renamed the
        mutex protecting access to the sample.
        (_WebKitVideoSinkPrivate::~_WebKitVideoSinkPrivate): Ditto.
        (webkit_video_sink_init): Disable last-sample in basesink since we
        already store one in our sink anyway.
        (webkitVideoSinkTimeoutCallback): Switch to GstSample.
        (webkitVideoSinkRender): Ditto.
        (unlockSampleMutex): Ditto.
        (webkitVideoSinkUnlock): Ditto.
        (webkitVideoSinkUnlockStop): Ditto.
        (webkitVideoSinkStop): Ditto!
        (webkitVideoSinkStart): Ditto.
        (webkit_video_sink_class_init): Drop current-caps property.
        (webkitVideoSinkGetProperty): Deleted.
        (unlockBufferMutex): Deleted.

2014-10-30  Carlos Garcia Campos  <cgarcia@igalia.com>

        FormDataBuilder should not use Document
        https://bugs.webkit.org/show_bug.cgi?id=138172

        Reviewed by Alexey Proskuryakov.

        It's only used by encodingFromAcceptCharset() to fallback to
        document input encoding. That method is only used by
        FormSubmission::create(), so it could be moved as a static
        function to FormSubmission.cpp.

        * loader/FormSubmission.cpp:
        (WebCore::encodingFromAcceptCharset):
        (WebCore::FormSubmission::create):
        * platform/network/FormDataBuilder.cpp:
        (WebCore::FormDataBuilder::encodingFromAcceptCharset): Deleted.
        * platform/network/FormDataBuilder.h:

2014-10-29  Said Abou-Hallawa  <sabouhallawa@apple.com>

        ASSERTION NOT REACHED because RenderStyle::setWordSpacing() does not handle a Length value of type 'Calculated'.
        https://bugs.webkit.org/show_bug.cgi?id=138054.

        Reviewed by Zalan Bujtas.

        A Length of type 'Calculated' can be generated from blending two lengths of
        different types. Setting the wordSpacing of the render style should be handled
        correctly when the type of the new value is 'Calculated'.

        Tests: css3/calculated-word-spacing.html.

        Add a case for setting the render style wordSpacing to a <length> of type 'Calculated'.
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::setWordSpacing):

2014-10-29  Hunseop Jeong  <hs85.jeong@samsung.com>

        [CoordinatedGraphics] Use modern for-loops
        https://bugs.webkit.org/show_bug.cgi?id=138168

        Reviewed by Andreas Kling.

        No new tests as there is no change in functionality.

        * platform/graphics/texmap/coordinated/CompositingCoordinator.cpp: Use a modern for loop.
        (WebCore::CompositingCoordinator::renderNextFrame):
        (WebCore::CompositingCoordinator::paintToSurface):
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp: Use a modern for loop.
        (WebCore::CoordinatedGraphicsLayer::setShouldUpdateVisibleRect):
        (WebCore::CoordinatedGraphicsLayer::flushCompositingState):
        (WebCore::CoordinatedGraphicsLayer::syncChildren):
        (WebCore::CoordinatedGraphicsLayer::syncPendingStateChangesIncludingSubLayers):
        (WebCore::CoordinatedGraphicsLayer::findFirstDescendantWithContentsRecursively):
        (WebCore::CoordinatedGraphicsLayer::updateContentBuffersIncludingSubLayers):
        * platform/graphics/texmap/coordinated/CoordinatedImageBacking.cpp: Use a modern for loop.
        (WebCore::CoordinatedImageBacking::updateVisibilityIfNeeded):

2014-10-29  Chris Dumez  <cdumez@apple.com>

        Final-ize more of TextFieldInputType's virtual functions
        https://bugs.webkit.org/show_bug.cgi?id=138194

        Reviewed by Andreas Kling.

        Final-ize more of TextFieldInputType's virtual functions for
        performance.

        No new tests, no behavior change.

        * html/TextFieldInputType.h:

2014-10-29  Chris Dumez  <cdumez@apple.com>

        Clean up virtual functions in inspector/
        https://bugs.webkit.org/show_bug.cgi?id=138190

        Reviewed by Andreas Kling.

        Clean up virtual functions in inspector/ by:
        - Making virtual functions final when possible
        - Making classes final when possible
        - Explicitly marking functions / destructors as virtual when they are
          inherently virtual
        - Making isXXX() virtual functions private on XXX classes to avoid
          unnecessary type checks

        No new tests, no behavior change.

        * inspector/InspectorApplicationCacheAgent.h:
        (WebCore::InspectorApplicationCacheAgent::~InspectorApplicationCacheAgent): Deleted.
        * inspector/InspectorCSSAgent.h:
        * inspector/InspectorDOMAgent.h:
        * inspector/InspectorDOMDebuggerAgent.h:
        * inspector/InspectorDOMStorageAgent.h:
        * inspector/InspectorDatabaseAgent.h:
        * inspector/InspectorFrontendClientLocal.h:
        * inspector/InspectorIndexedDBAgent.h:
        * inspector/InspectorLayerTreeAgent.h:
        * inspector/InspectorPageAgent.h:
        * inspector/InspectorReplayAgent.h:
        * inspector/InspectorResourceAgent.h:
        * inspector/InspectorStyleSheet.h:
        * inspector/InspectorTimelineAgent.h:
        * inspector/InspectorWorkerAgent.h:
        * inspector/PageConsoleAgent.h:
        * inspector/WorkerInspectorController.h:

2014-10-29  Andreas Kling  <akling@apple.com>

        Generalize dirtying of parent's line boxes when taking a renderer out of tree.
        <https://webkit.org/b/138152>

        Reviewed by Antti Koivisto.

        Instead of calling dirtyLinesFromChangedChild() when certain types of renderers
        are about to be destroyed, always do this in RenderElement::willBeRemovedFromTree().

        This is part of an effort to make render tree teardown less incomprehensible.

        We still don't bother at all if we're in the process of tearing down the entire
        render tree, since that would be a waste of time.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::willBeDestroyed):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::willBeDestroyed):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::willBeRemovedFromTree):
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::willBeDestroyed):
        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::willBeDestroyed): Deleted.
        * rendering/RenderReplaced.h:

2014-10-28  Ada Chan  <adachan@apple.com>

        Implement WKPageSetMuted(bool).
        https://bugs.webkit.org/show_bug.cgi?id=138158

        Reviewed by Anders Carlsson.

        * WebCore.exp.in:
        * page/Page.h:

2014-10-29  Alexey Proskuryakov  <ap@apple.com>

        Notify Settings object when its Page object goes away.
        https://bugs.webkit.org/show_bug.cgi?id=138183
        rdar://problem/18786900

        Reviewed by Andreas Kling.

        I could not make a test for this issue.

        * page/Page.cpp:
        (WebCore::Page::~Page):
        * page/Settings.cpp:
        (WebCore::setImageLoadingSettings):
        (WebCore::Settings::Settings):
        (WebCore::Settings::setTextAutosizingEnabled):
        (WebCore::Settings::setTextAutosizingWindowSizeOverride):
        (WebCore::Settings::setTextAutosizingFontScaleFactor):
        (WebCore::Settings::setMediaTypeOverride):
        (WebCore::Settings::setScriptEnabled):
        (WebCore::Settings::setUserStyleSheetLocation):
        (WebCore::Settings::setMinDOMTimerInterval):
        (WebCore::Settings::minDOMTimerInterval):
        (WebCore::Settings::domTimerAlignmentInterval):
        (WebCore::Settings::setUsesPageCache):
        (WebCore::Settings::setScreenFontSubstitutionEnabled):
        (WebCore::Settings::setFontRenderingMode):
        (WebCore::Settings::setDNSPrefetchingEnabled):
        (WebCore::Settings::setStorageBlockingPolicy):
        (WebCore::Settings::setBackgroundShouldExtendBeyondPage):
        (WebCore::Settings::setScrollingPerformanceLoggingEnabled):
        (WebCore::Settings::setHiddenPageDOMTimerThrottlingEnabled):
        (WebCore::Settings::setHiddenPageCSSAnimationSuspensionEnabled):
        (WebCore::Settings::setFontFallbackPrefersPictographs):
        * page/Settings.h:
        (WebCore::Settings::pageDestroyed):

2014-10-29  Zalan Bujtas  <zalan@apple.com>

        Remove invalid float from RootInlineBox.
        https://bugs.webkit.org/show_bug.cgi?id=137707

        Reviewed by Antti Koivisto.

        In certain cases, floating boxes get attached to the last (root) inline box.
        When this particular floating box gets destroyed, it also needs to be detached
        from the last inline box.
        1. Introduce RootInlineBox::removeFloat() (vs. RootInlineBox::appendFloat())
        2. Ensure that it is called when the floating box is being destroyed.

        Test: fast/inline/crash-when-inline-box-has-invalid-float.html

        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::removeFloatingObject):
        (WebCore::RenderBlockFlow::markAllDescendantsWithFloatsForLayout): During style recalc, while
        tearing down the render tree, we can get to a state where a block element has both inline and block children.
        It happens when the style change on an element makes sibling anonymous block wrappers detached.
        In that case the markAllDescendantsWithFloatsForLayout() call does not get propagated down on the
        block child elements as we return early at the childrenInline() check.
        * rendering/RootInlineBox.h:
        (WebCore::RootInlineBox::removeFloat):

2014-10-29  Antti Koivisto  <antti@apple.com>

        Factor cache validity computation functions out of CachedResource
        https://bugs.webkit.org/show_bug.cgi?id=138156

        Reviewed by Andreas Kling.

        These can be used to implement cache logic on WebKit level.

        * CMakeLists.txt:
        * WebCore.exp.in:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.xcodeproj/project.pbxproj:
        * loader/CacheValidation.cpp: Added.
        (WebCore::computeCurrentAge):
        (WebCore::computeFreshnessLifetimeForHTTPFamily):
        (WebCore::updateRedirectChainStatus):
        (WebCore::redirectChainAllowsReuse):
        * loader/CacheValidation.h: Added.
        (WebCore::RedirectChainCacheStatus::RedirectChainCacheStatus):
        * loader/cache/CachedResource.cpp:
        (WebCore::updateResponseHeadersAfterRevalidation):
        (WebCore::CachedResource::CachedResource):
        (WebCore::CachedResource::isExpired):
        (WebCore::CachedResource::freshnessLifetime):
        (WebCore::CachedResource::willSendRequest):
        (WebCore::CachedResource::updateResponseAfterRevalidation):
        (WebCore::CachedResource::redirectChainAllowsReuse):
        (WebCore::currentAge): Deleted.
        * loader/cache/CachedResource.h:

2014-10-29  Antti Koivisto  <antti@apple.com>

        Unreviewed, rolling out r175342.

        a file ended up in a wrong directory

        Reverted changeset:

        "Factor cache validity computation functions out of
        CachedResource"
        https://bugs.webkit.org/show_bug.cgi?id=138156
        http://trac.webkit.org/changeset/175342

2014-10-29  Antti Koivisto  <antti@apple.com>

        Factor cache validity computation functions out of CachedResource
        https://bugs.webkit.org/show_bug.cgi?id=138156

        Reviewed by Andreas Kling.

        These can be used to implement cache logic on WebKit level.

        * CMakeLists.txt:
        * WebCore.exp.in:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.xcodeproj/project.pbxproj:
        * loader/CacheValidation.cpp: Added.
        (WebCore::computeCurrentAge):
        (WebCore::computeFreshnessLifetimeForHTTPFamily):
        (WebCore::updateRedirectChainStatus):
        (WebCore::redirectChainAllowsReuse):
        * loader/CacheValidation.h: Added.
        (WebCore::RedirectChainCacheStatus::RedirectChainCacheStatus):
        * loader/cache/CachedResource.cpp:
        (WebCore::updateResponseHeadersAfterRevalidation):
        (WebCore::CachedResource::CachedResource):
        (WebCore::CachedResource::isExpired):
        (WebCore::CachedResource::freshnessLifetime):
        (WebCore::CachedResource::willSendRequest):
        (WebCore::CachedResource::updateResponseAfterRevalidation):
        (WebCore::CachedResource::redirectChainAllowsReuse):
        (WebCore::currentAge): Deleted.
        * loader/cache/CachedResource.h:

2014-10-28  Ada Chan  <adachan@apple.com>

        Add API to mute/unmute a page.
        https://bugs.webkit.org/show_bug.cgi?id=138150

        Reviewed by Eric Carlson.

        No new tests, since it's difficult to test whether the Page has indeed been muted.

        * dom/Document.cpp:
        (WebCore::Document::setMuted):
        Go through each AudioProducer and call setMuted() on it.
        * dom/Document.h:
        * page/AudioProducer.h:
        Add setMuted(bool). HTMLMediaElement, the only derived class of AudioProducer so far,
        has already implemented setMuted().
        * page/Page.cpp:
        (WebCore::Page::setMuted):
        Go through all its frames and call setMuted() on each frame's Document.
        * page/Page.h:

2014-10-29  Tim Horton  <timothy_horton@apple.com>

        Implement action menus for data detected items
        https://bugs.webkit.org/show_bug.cgi?id=138178
        <rdar://problem/18709436>

        Reviewed by Anders Carlsson.

        * WebCore.exp.in:
        Export a symbol from Position that we need.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/spi/mac/DataDetectorsSPI.h:
        Add a combined SPI header for all of the random bits of DataDetectors that we use.

2014-10-29  Jer Noble  <jer.noble@apple.com>

        [EME] NULL-dereference crash in MediaKeys::setMediaElement().
        https://bugs.webkit.org/show_bug.cgi?id=138177

        Reviewed by Eric Carlson.

        NULL-check m_mediaElement->player() before using. It may have been cleared if the HTMLMediaElement
        has previously had stop() called.

        * Modules/encryptedmedia/MediaKeys.cpp:
        (WebCore::MediaKeys::setMediaElement):

2014-10-29  Jer Noble  <jer.noble@apple.com>

        [EME] MediaKeySession resources persist across page reloads
        https://bugs.webkit.org/show_bug.cgi?id=138176

        Reviewed by Eric Carlson.

        MediaKeySession is an ActiveDOMObject, so when told to stop() by our execution context,
        close() the session, releasing all our resources.

        * Modules/encryptedmedia/MediaKeySession.h:

2014-10-29  Jer Noble  <jer.noble@apple.com>

        [EME][Mac] MediaKeySession type "keyrelease" is ignored.
        https://bugs.webkit.org/show_bug.cgi?id=138175

        Reviewed by Eric Carlson.

        To indicate that they would like to recevie expired session confirmation messages, clients
        will create a MediaKeySession with a type parameter of "keyrelease". The code which validates
        this type needs to be updated to recognize "keyrelease" as a valid type.

        Also, the code which validates update() requests needs to allow updates containing the string
        "acknowledged", so that clients can request the confirmation messages be discarded.

        * platform/graphics/avfoundation/CDMPrivateMediaSourceAVFObjC.mm:
        (WebCore::CDMPrivateMediaSourceAVFObjC::supportsMIMEType):
        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
        (WebCore::CDMSessionMediaSourceAVFObjC::update):

2014-10-28  Ada Chan  <adachan@apple.com>

        Remove MediaSessionClient::hasMediaCharacteristics() and MediaSessionClient::mediaStateDidChange().
        https://bugs.webkit.org/show_bug.cgi?id=138153

        Reviewed by Jer Noble.

        After http://trac.webkit.org/changeset/175273, Document no longer keeps a set of MediaSessions
        and it doesn't need to query each MediaSession for its characteristics and play state.
        MediaSessionClient::hasMediaCharacteristics() is no longer needed and MediaSessionClient::mediaStateDidChange()
        can be removed if HTMLMediaElement calls Document::updateIsPlayingAudio() after m_playing has changed.

        No new tests, no behavior change.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::updatePlayState):
        Call setPlaying() rather than setting m_playing directly.
        (WebCore::HTMLMediaElement::setPlaying):
        Update m_playing. If it has changed, call Document::updateIsPlayingAudio().
        (WebCore::HTMLMediaElement::setPausedInternal):
        Call setPlaying() rather than setting m_playing directly.
        (WebCore::HTMLMediaElement::isPlayingAudio):
        Call isPlaying() directly rather than checking the MediaSession's state.
        * html/HTMLMediaElement.h:
        * platform/audio/MediaSession.cpp:
        (WebCore::MediaSession::setState):
        MediaSessionClient::mediaStateDidChange() has been removed.
        (WebCore::MediaSession::hasMediaCharacteristics): Deleted.
        * platform/audio/MediaSession.h:
        (WebCore::MediaSessionClient::mediaStateDidChange): Deleted.
        * platform/audio/ios/AudioDestinationIOS.h:
        * platform/audio/mac/AudioDestinationMac.h:

2014-10-29  Chris Dumez  <cdumez@apple.com>

        Clean up virtual functions in html/
        https://bugs.webkit.org/show_bug.cgi?id=138166

        Reviewed by Andreas Kling.

        Clean up virtual functions in html/ by:
        - Making virtual functions final when possible
        - Making classes final when possible
        - Using 'override' when appropriate
        - Explicitly marking functions / destructors as virtual when they are
          inherently virtual
        - Dropping virtual destructors when the class does not have subclasses
          and mark the class as final, to get rid of unnecessary vtables
        - Making isXXX() virtual functions private on XXX classes to avoid
          unnecessary type checks
        - De-virtualizing some functions that do not need to be virtual
        - Dropping final for virtual functions in classes already marked as
          final

        No new tests, no behavior change.

        * html/ButtonInputType.h:
        * html/CheckboxInputType.h:
        * html/ColorInputType.h:
        * html/DOMSettableTokenList.h:
        * html/DateInputType.h:
        * html/DateTimeInputType.h:
        * html/DateTimeLocalInputType.h:
        * html/EmailInputType.h:
        * html/FTPDirectoryDocument.h:
        * html/HTMLAnchorElement.h:
        * html/HTMLDetailsElement.cpp:
        * html/HTMLFormControlElement.h:
        * html/HTMLFormControlsCollection.h:
        * html/HTMLFrameElement.h:
        * html/HTMLFrameElementBase.h:
        * html/HTMLFrameOwnerElement.h:
        * html/HTMLInputElement.h:
        * html/HTMLMarqueeElement.h:
        * html/HTMLMediaElement.h:
        * html/HTMLMediaSession.h:
        (WebCore::HTMLMediaSession::requiresPlaybackTargetRouteMonitoring): Deleted.
        * html/HTMLMeterElement.h:
        * html/HTMLNameCollection.h:
        * html/HTMLObjectElement.h:
        * html/HTMLOptGroupElement.h:
        * html/HTMLOptionElement.h:
        * html/HTMLSpanElement.h:
        * html/HTMLStyleElement.h:
        * html/HTMLSummaryElement.cpp:
        * html/HTMLSummaryElement.h:
        * html/HTMLUnknownElement.h:
        * html/HTMLVideoElement.h:
        * html/HiddenInputType.h:
        * html/ImageInputType.h:
        * html/MediaKeyEvent.h:
        * html/MonthInputType.h:
        * html/NumberInputType.h:
        * html/PasswordInputType.h:
        * html/PublicURLManager.h:
        * html/RadioInputType.h:
        * html/ResetInputType.h:
        * html/SubmitInputType.h:
        * html/TelephoneInputType.h:
        * html/TextInputType.h:
        * html/TimeInputType.h:
        * html/URLInputType.h:
        * html/WeekInputType.h:
        * html/canvas/ANGLEInstancedArrays.h:
        * html/canvas/CanvasRenderingContext2D.h:
        * html/canvas/DOMPath.h:
        * html/canvas/EXTShaderTextureLOD.h:
        * html/canvas/EXTTextureFilterAnisotropic.h:
        * html/canvas/OESElementIndexUint.h:
        * html/canvas/OESStandardDerivatives.h:
        * html/canvas/OESTextureFloat.h:
        * html/canvas/OESTextureFloatLinear.h:
        * html/canvas/OESTextureHalfFloat.h:
        * html/canvas/OESTextureHalfFloatLinear.h:
        * html/canvas/OESVertexArrayObject.h:
        * html/canvas/WebGLBuffer.h:
        * html/canvas/WebGLCompressedTextureATC.h:
        * html/canvas/WebGLCompressedTexturePVRTC.h:
        * html/canvas/WebGLCompressedTextureS3TC.h:
        * html/canvas/WebGLContextAttributes.h:
        * html/canvas/WebGLContextEvent.h:
        * html/canvas/WebGLDebugRendererInfo.h:
        * html/canvas/WebGLDebugShaders.h:
        * html/canvas/WebGLDepthTexture.h:
        * html/canvas/WebGLDrawBuffers.h:
        * html/canvas/WebGLFramebuffer.h:
        (WebCore::WebGLFramebuffer::isFramebuffer): Deleted.
        * html/canvas/WebGLLoseContext.h:
        * html/canvas/WebGLProgram.h:
        * html/canvas/WebGLRenderbuffer.h:
        * html/canvas/WebGLRenderingContext.h:
        * html/canvas/WebGLShader.h:
        * html/canvas/WebGLSharedObject.h:
        (WebCore::WebGLSharedObject::isFramebuffer): Deleted.
        * html/canvas/WebGLTexture.h:
        * html/canvas/WebGLVertexArrayObjectOES.h:
        (WebCore::WebGLVertexArrayObjectOES::isVertexArray): Deleted.
        * html/shadow/ImageControlsRootElement.h:
        * html/shadow/InsertionPoint.h:
        * html/shadow/MediaControlElementTypes.h:
        * html/shadow/MediaControlElements.h:
        * html/shadow/MediaControls.h:
        * html/shadow/MediaControlsApple.h:
        * html/shadow/SpinButtonElement.h:
        * html/track/AudioTrack.h:
        * html/track/AudioTrackList.h:
        * html/track/DataCue.h:
        (WebCore::DataCue::cueType): Deleted.
        * html/track/InbandDataTextTrack.h:
        * html/track/InbandGenericTextTrack.h:
        * html/track/InbandTextTrack.h:
        * html/track/InbandWebVTTTextTrack.h:
        * html/track/LoadableTextTrack.h:
        * html/track/TextTrackList.h:
        * html/track/TrackEvent.h:
        * html/track/VTTCue.h:
        (WebCore::VTTCueBox::setFontSizeFromCaptionUserPrefs):
        * html/track/VTTRegion.h:
        * html/track/VideoTrack.h:
        * html/track/VideoTrackList.h:
        * html/track/WebVTTParser.h:
        (WebCore::WebVTTCueData::~WebVTTCueData): Deleted.

2014-10-17  Sergio Villar Senin  <svillar@igalia.com>

        ASSERTION FAILED: growthShare > 0 in WebCore::RenderGrid::distributeSpaceToTracks
        https://bugs.webkit.org/show_bug.cgi?id=137772

        Reviewed by Andreas Kling.

        We're hitting the ASSERTION because if the number of tracks an
        item spans does greatly exceed the available logical space, then
        the result of the division availableLogicalSpace/numberOfTracks is
        truncated to 0. So the ASSERTION was theoretically right because
        the result has to be always >0 (as the dividend > 0) but the fact
        that the result is a LayoutUnit forces us to accept 0 as a valid
        outcome of the operation.

        Test: fast/css-grid-layout/tracks-number-greatly-exceeding-available-size-crash.html

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::distributeSpaceToTracks):

2014-10-29  Chris Dumez  <cdumez@apple.com>

        Crash in CachedRawResource::canReuse() when reloading http://dnd.wizards.com/dungeons-and-dragons/story
        https://bugs.webkit.org/show_bug.cgi?id=138164

        Reviewed by Andreas Kling.

        This patch fixes a crash when reloading the following URL:
        http://dnd.wizards.com/dungeons-and-dragons/story

        We were crashing in CachedRawResource::canReuse() because header.key
        would sometimes be a null String and we would call
        HashMap::get(nullString).

        The real issue was that header.key was null in the first place, which
        means that even though the HTTPHeaderMap iterator is valid, it->key
        is a null String, which should never happen. There was a bug in the
        HTTPHeaderMapConstIterator() constructor that would cause the
        iterator key/value pair to not get initialized if the HTTPHeaderMap
        contained *only* uncommon HTTP headers. This patch updates the
        constructor so that we fall back to updating the key/value from the
        uncommon header map, if we failed to initialized from the common
        header map (because it was empty).

        Test: http/tests/cache/xhr-uncommon-header.html

        * platform/network/HTTPHeaderMap.h:
        (WebCore::HTTPHeaderMap::HTTPHeaderMapConstIterator::HTTPHeaderMapConstIterator):

2014-10-28  Benjamin Poulain  <benjamin@webkit.org>

        CSS4 Selectors: Add the pseudo class :any-link
        https://bugs.webkit.org/show_bug.cgi?id=138128

        Reviewed by Andreas Kling.

        Defined here: http://dev.w3.org/csswg/selectors4/#the-any-link-pseudo

        After :link and :-webkit-any-link were fixed, :any-link behaves
        exactly like :-webkit-any-link. All I had left to do here was
        make them synonyms when evaluating selectors.

        Defined here: http://dev.w3.org/csswg/selectors4/#the-any-link-pseudo

        After :link and :-webkit-any-link were fixed, :any-link behaves
        exactly like :-webkit-any-link. All I had left to do here was
        make them synonyms when evaluating selectors.

        Tests: fast/selectors/any-link-basics-2.html
               fast/selectors/any-link-basics.html
               fast/selectors/any-link-styling.html

        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::selectorText):
        * css/CSSSelector.h:
        * css/RuleSet.cpp:
        (WebCore::RuleSet::addRule):
        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        * css/SelectorChecker.h:
        (WebCore::SelectorChecker::isCommonPseudoClassSelector):
        * css/SelectorPseudoClassAndCompatibilityElementMap.in:
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addPseudoClassType):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementLinkMatching):

2014-10-28  Jer Noble  <jer.noble@apple.com>

        [EME][Mac] Adopt new AVStreamSession API: pass storageDirectoryAtURL at creation-time
        https://bugs.webkit.org/show_bug.cgi?id=138149

        Reviewed by Brent Fulgham.

        AVStreamSession now requires its storage location at creation-time, rather than post-creation. This requires
        us to move storage location code from CDMSessionMediaSourceAVFObjC to MediaPlayerPrivateMediaSourceAVFObjC.

        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
        (-[WebAVStreamDataParserListener streamDataParserWillProvideContentKeyRequestInitializationData:forTrackID:]): Renamed.
        (WebCore::CDMSessionMediaSourceAVFObjC::update):
        (WebCore::sessionStorageDirectory): Deleted.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::sessionStorageDirectory):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::streamSession):

2014-10-28  Geoffrey Garen  <ggaren@apple.com>

        All networking crashes on Mac 32bit
        https://bugs.webkit.org/show_bug.cgi?id=138157

        Reviewed by Andy Estes.

        NEFilterSource content filtering is not available on 32bit, so
        soft-linking fails at runtime. The simplest solution is just to disable
        it at compile time.

        * platform/ContentFilter.h:

2014-10-28  Jeremy Jones  <jeremyj@apple.com>

        Add optimized fullscreen mode.
        https://bugs.webkit.org/show_bug.cgi?id=138044

        Reviewed by Jer Noble.

        Enable different types of fullscreen video behavior.
        Add an enum parameter to enterVideoFullscreenForVideoElement for alternate types of fullscreen.
        Add gesture for alternate fullscreen.

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::enterFullscreenOptimized): added
        * Modules/mediacontrols/MediaControlsHost.h: added enterFullscreenOptimized
        * Modules/mediacontrols/MediaControlsHost.idl: added enterFullscreenOptimized
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.handleBaseGestureChange): recognize alternate gesture
        * WebCore.exp.in: added parameter to setupFullscreen
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::removedFrom) : replace m_isInVideoFullscreen with m_videoFullscreenType
        (WebCore::HTMLMediaElement::stop) : ditto
        (WebCore::HTMLMediaElement::isFullscreen) : ditto
        (WebCore::HTMLMediaElement::enterFullscreen): add parameter to enterVideoFullscreenForVideoElement
        (WebCore::HTMLMediaElement::exitFullscreen): replace m_isInVideoFullscreen with m_videoFullscreenType
        (WebCore::HTMLMediaElement::enterFullscreenOptimized): added
        * html/HTMLMediaElement.h: added enterFullscreenOptimized
        * page/ChromeClient.h:
        (WebCore::ChromeClient::enterVideoFullscreenForVideoElement): added parameter
        * platform/ios/WebVideoFullscreenControllerAVKit.h: add parameter
        * platform/ios/WebVideoFullscreenControllerAVKit.mm:
        (-[WebVideoFullscreenController enterFullscreen:type:]): add parameter
        (-[WebVideoFullscreenController enterFullscreen:]): Deleted.
        * platform/ios/WebVideoFullscreenInterfaceAVKit.h: reorder protected to after public
        * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
        (-[WebAVPlayerController player]): this stub is now required
        (-[WebAVPlayerController layoutSublayersOfLayer:]): this is a better way to update video frames
        (WebVideoFullscreenInterfaceAVKit::setupFullscreen): implement optimized fullscreen interface 
        (WebVideoFullscreenInterfaceAVKit::enterFullscreen): ditto
        (WebVideoFullscreenInterfaceAVKit::exitFullscreen): ditto
        (WebVideoFullscreenInterfaceAVKit::requestHideAndExitFullscreen): ditto

2014-10-28  Chris Dumez  <cdumez@apple.com>

        Clean up virtual functions in accessibility/
        https://bugs.webkit.org/show_bug.cgi?id=138148

        Reviewed by Chris Fleizach.

        Clean up virtual functions in accessibility/ by:
        - Marking classes as final when suitable
        - Marking virtual functions as final when suitable
        - Dropping final on virtual functions in classes that are already final
        - Make isXXX() virtual type checking functions in XXX classes to avoid
          useless type checks

        No new tests, no behavior change.

        * accessibility/AccessibilityARIAGrid.h:
        * accessibility/AccessibilityARIAGridCell.h:
        * accessibility/AccessibilityARIAGridRow.h:
        * accessibility/AccessibilityImageMapLink.h:
        * accessibility/AccessibilityList.h:
        * accessibility/AccessibilityListBox.h:
        * accessibility/AccessibilityListBoxOption.h:
        * accessibility/AccessibilityMediaControls.h:
        * accessibility/AccessibilityMenuList.h:
        * accessibility/AccessibilityMenuListOption.h:
        * accessibility/AccessibilityMenuListPopup.h:
        * accessibility/AccessibilityMockObject.h:
        (WebCore::AccessibilityMockObject::setParent):
        * accessibility/AccessibilityNodeObject.h:
        * accessibility/AccessibilityProgressIndicator.h:
        * accessibility/AccessibilityRenderObject.h:
        * accessibility/AccessibilitySVGRoot.h:
        * accessibility/AccessibilityScrollView.h:
        * accessibility/AccessibilityScrollbar.h:
        * accessibility/AccessibilitySearchFieldButtons.h:
        * accessibility/AccessibilitySlider.h:
        * accessibility/AccessibilitySpinButton.h:
        * accessibility/AccessibilityTable.h:
        * accessibility/AccessibilityTableCell.h:
        * accessibility/AccessibilityTableColumn.h:
        * accessibility/AccessibilityTableHeaderContainer.h:
        * accessibility/AccessibilityTableRow.h:

2014-10-24  Jeffrey Pfau  <jpfau@apple.com>

        FrameProgressTracker expects Page to not have detached
        https://bugs.webkit.org/show_bug.cgi?id=138061

        Reviewed by Alexey Proskuryakov.

        In some cases, a Page may be detached from a Frame before its
        FrameLoader is torn down, causing FrameProgressTracker's destructor
        to hit a null pointer.

        No new tests; it is impossible to reliably simulate the null pointer
        case without intrusive code changes.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::FrameProgressTracker::~FrameProgressTracker):

2014-10-27  Ada Chan  <adachan@apple.com>

        Introduce a new abstract class called AudioProducer and keep a set of AudioProducers
        rather than the active MediaSessions in Document
        https://bugs.webkit.org/show_bug.cgi?id=138107

        Reviewed by Eric Carlson.

        No new tests, no behavior change.

        * WebCore.xcodeproj/project.pbxproj:
        Add AudioProducer.h to the project.
        * dom/Document.cpp:
        (WebCore::Document::addAudioProducer):
        (WebCore::Document::removeAudioProducer):
        (WebCore::Document::updateIsPlayingAudio):
        Go through the set of AudioProducers and see if any is playing audio.
        Now that this method no longer refers to MediaSessions directly, this code
        does not need to be guarded by #if ENABLE(VIDEO).
        (WebCore::Document::registerMediaSession): Deleted.
        (WebCore::Document::unregisterMediaSession): Deleted.
        * dom/Document.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::registerWithDocument):
        (WebCore::HTMLMediaElement::unregisterWithDocument):
        (WebCore::HTMLMediaElement::isPlayingAudio):
        Return whether this element is playing audio.
        * html/HTMLMediaElement.h:
        * page/AudioProducer.h: Added.
        (WebCore::AudioProducer::~AudioProducer):
        * page/Page.cpp:
        (WebCore::Page::updateIsPlayingAudio):
        This is no longer guarded with #if ENABLE(VIDEO) since the Document methods it calls
        are no longer guarded.
        * page/Page.h:

2014-10-28  Chris Dumez  <cdumez@apple.com>

        Unreviewed comment fix from r175267.

        Fix namespace name in comment.

        * css/StyleBuilderCustom.h:

2014-10-28  Jer Noble  <jer.noble@apple.com>

        REGRESSION(r171593) [Mac] Media controls create a large (and unnecessary) backing store
        https://bugs.webkit.org/show_bug.cgi?id=137757

        Reviewed by Eric Carlson.

        In r171593, a <div> was added to the media controls which is only ever used on iOS. Instead
        of creating and adding this <div> in mediaControlsApple.js (which is used on OS X), this 
        <div> should be created and added in mediaControlsiOS.js, which requires overloading
        Controller.addControls.

        * Modules/mediacontrols/mediaControlsApple.css:
        (audio::-webkit-media-controls-panel.hidden): Drive-by fix: allow the panel itself to be hidden.
        (video::-webkit-media-controls-panel-composited-parent): Deleted.
        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.createControls): Remove the composited parent.
        (Controller.prototype.addControls): Ditto.
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.createControls): Create the composited parent.
        (ControllerIOS.prototype.addControls): Copied from (previous) apple.js.

2014-10-28  Chris Dumez  <cdumez@apple.com>

        Move "Number" CSS properties to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138125

        Reviewed by Antti Koivisto.

        Move "Number" CSS properties from DeprecatedStyleBuilder to the new
        StyleBuilder:
        -webkit-hyphenate-limit-after
        -webkit-hyphenate-limit-before
        -webkit-shape-image-threshold
        -webkit-hyphenate-limit-lines

        They are now generated from CSSPropertyNames.in

        For -webkit-hyphenate-limit-lines, I used custom code instead of
        the Number converter as it required special handling for the id
        value. This patch thus adds support for [Custom=Value] to
        CSSPropertyNames.in and the custom code goes into
        css/StyleBuilderCustom.h.

        No new tests, no behavior change.

        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyNumber::setValue): Deleted.
        (WebCore::ApplyPropertyNumber::applyValue): Deleted.
        (WebCore::ApplyPropertyNumber::createHandler): Deleted.
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertNumber):
        * css/StyleBuilderCustom.h: Added.
        (WebCore::StyleBuilderFunctions::applyValueWebkitHyphenateLimitLines):
        * css/makeprop.pl:

2014-10-28  Zan Dobersek  <zdobersek@igalia.com>

        [WebCore] Remove uses of WTF::bind() in the Media Stream module
        https://bugs.webkit.org/show_bug.cgi?id=138016

        Reviewed by Eric Carlson.

        Replace uses of WTF::bind() in the Media Stream module with C++11 lambdas.
        Internal helper methods are removed in favor of inlining the code directly
        into the lambdas. Range-based for-loops are deployed where appropriate.

        * Modules/mediastream/MediaStreamTrack.cpp:
        (WebCore::MediaStreamTrack::scheduleEventDispatch):
        (WebCore::MediaStreamTrack::dispatchQueuedEvents): Deleted.
        * Modules/mediastream/MediaStreamTrack.h:
        * Modules/mediastream/MediaStreamTrackSourcesRequest.cpp:
        (WebCore::MediaStreamTrackSourcesRequest::didCompleteRequest):
        (WebCore::MediaStreamTrackSourcesRequest::callCompletionHandler): Deleted.
        * Modules/mediastream/MediaStreamTrackSourcesRequest.h:
        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::constraintsValidated):
        (WebCore::UserMediaRequest::userMediaAccessGranted):
        (WebCore::UserMediaRequest::didCreateStream):
        (WebCore::UserMediaRequest::failedToCreateStreamWithConstraintsError):
        (WebCore::UserMediaRequest::failedToCreateStreamWithPermissionError):
        (WebCore::UserMediaRequest::requestPermission): Deleted.
        (WebCore::UserMediaRequest::createMediaStream): Deleted.
        (WebCore::UserMediaRequest::callSuccessHandler): Deleted.
        (WebCore::UserMediaRequest::callErrorHandler): Deleted.
        * Modules/mediastream/UserMediaRequest.h:

2014-10-28  Pascal Jacquemart  <p.jacquemart@samsung.com>

        Abandoned select option is reselected when shift selecting new options
        https://bugs.webkit.org/show_bug.cgi?id=137553

        Reviewed by Ryosuke Niwa.

        Previous active selection is wrongly recorded by HTMLSelectElement after selecting a new item using
        typeAhead. Fixed by clearing previously selected options before starting a new active selection.

        Test: fast/forms/listbox-selection-after-typeahead.html

        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::selectOption): Code re-ordering

2014-10-28  Milan Crha  <mcrha@redhat.com>

        Use constants from wtf/MathExtras.h
        https://bugs.webkit.org/show_bug.cgi?id=137967

        Reviewed by Darin Adler.

        * platform/graphics/freetype/FontPlatformDataFreeType.cpp:
        (WebCore::rotateCairoMatrixForVerticalOrientation):
        * rendering/mathml/RenderMathMLMenclose.cpp:
        (WebCore::RenderMathMLMenclose::computePreferredLogicalWidths):
        (WebCore::RenderMathMLMenclose::updateLogicalHeight):
        * rendering/mathml/RenderMathMLOperator.cpp:
        (WebCore::RenderMathMLOperator::getDisplayStyleLargeOperator):

2014-10-28  David Hyatt  <hyatt@apple.com>

        Selection gap painting is ugly for ruby bases.
        https://bugs.webkit.org/show_bug.cgi?id=138136

        Reviewed by Dean Jackson.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::selectionGaps):
        For ruby bases don't fill to the end of the block (in the block direction),
        since ideographic baselines push that end below the text baseline.

        (WebCore::RenderBlock::blockSelectionGaps):
        * rendering/RenderBlockFlow.cpp:
        Skip ruby bases for block selection gap filling.

2014-10-28  Zalan Bujtas  <zalan@apple.com>

        Speed up line parsing for simple line layout.
        https://bugs.webkit.org/show_bug.cgi?id=137275

        Reviewed by Antti Koivisto.
        
        This patch speeds up the line parsing for simple line layout by
        reducing the number of text measurement calls.
        The parsing logic hasn't changed. We simply walk over
        the whitespace/non-whitespace fragments and measure them to
        figure out whether they fit.
        The performance gain mainly comes from the more efficient line wrapping
        so that we don't re-measure the fragment when it is pushed to
        the next line.

        No change in behaviour. (except the empty line-break run removal.)

        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::skipWhitespace): 
        (WebCore::SimpleLineLayout::computeLineLeft):
        (WebCore::SimpleLineLayout::TextFragment::TextFragment):
        (WebCore::SimpleLineLayout::TextFragment::isEmpty):
        (WebCore::SimpleLineLayout::LineState::LineState):
        (WebCore::SimpleLineLayout::LineState::commitAndCreateRun): adds uncommitted text to the line and creates a run out of it. 
        (WebCore::SimpleLineLayout::LineState::addUncommitted): appends fragment to the uncommitted text. 
        (WebCore::SimpleLineLayout::LineState::addUncommittedWhitespace): appends whitespace to the uncommitted text.
        (WebCore::SimpleLineLayout::LineState::jumpTo): moves line's current position without committing text. 
        (WebCore::SimpleLineLayout::LineState::width): current width of the line including committed and uncommitted text.
        (WebCore::SimpleLineLayout::LineState::fits): checks if committed + uncommitted text fits the line. 
        (WebCore::SimpleLineLayout::LineState::removeCommittedTrailingWhitespace): 
        (WebCore::SimpleLineLayout::removeTrailingWhitespace): post processing the trailing whitespace.
        (WebCore::SimpleLineLayout::initializeLine):
        (WebCore::SimpleLineLayout::splitFragmentToFitLine): breaks the fragments into 2 so that the first (sub)fragment fits the line.
        (WebCore::SimpleLineLayout::nextFragment): returns the next valid fragment of the text.
        (WebCore::SimpleLineLayout::createLineRuns): creates runs for the current line and returns when we can't fit more text on the line.
        (WebCore::SimpleLineLayout::updateLineConstrains): updates left/right constrains for the current line.
        (WebCore::SimpleLineLayout::createTextRuns): creates runs for the whole text.
        (WebCore::SimpleLineLayout::isWhitespace): Deleted.
        (WebCore::SimpleLineLayout::skipWhitespaces): Deleted.
        (WebCore::SimpleLineLayout::measureWord): Deleted.
        (WebCore::SimpleLineLayout::adjustRunOffsets): Deleted.
        * rendering/SimpleLineLayout.h:
        (WebCore::SimpleLineLayout::Run::Run):

2014-10-28  Alexey Proskuryakov  <ap@apple.com>

        Windows build fix.

        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::switchToNewTestingSession): Use a WTF function
        for getting current process ID instead of getpid().

2014-10-28  Mihnea Ovidenie  <mihnea@adobe.com>

        Clean up subtrees selection code
        https://bugs.webkit.org/show_bug.cgi?id=137740

        Reviewed by David Hyatt.

        Clean up subtrees selection code. Add a new class SelectionSubtreeData
        that keeps only the selection data. Have SelectionSubtreeRoot class embed
        a SelectionSubtreeData member and keep the business logic methods.
        No functionality changed therefore no new layout tests.

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::selectionStartEnd):
        * rendering/RenderView.cpp:
        (WebCore::RenderView::subtreeSelectionBounds):
        (WebCore::RenderView::repaintSubtreeSelection):
        (WebCore::RenderView::setSelection):
        (WebCore::RenderView::splitSelectionBetweenSubtrees):
        (WebCore::RenderView::updateSelectionForSubtrees):
        (WebCore::RenderView::clearSubtreeSelection):
        (WebCore::RenderView::applySubtreeSelection):
        * rendering/RenderView.h:
        * rendering/SelectionSubtreeRoot.cpp:
        (WebCore::SelectionSubtreeRoot::SelectionSubtreeRoot):
        (WebCore::SelectionSubtreeRoot::adjustForVisibleSelection):
        * rendering/SelectionSubtreeRoot.h:
        (WebCore::SelectionSubtreeRoot::SelectionSubtreeData::SelectionSubtreeData):
        (WebCore::SelectionSubtreeRoot::SelectionSubtreeData::selectionStart):
        (WebCore::SelectionSubtreeRoot::SelectionSubtreeData::selectionStartPos):
        (WebCore::SelectionSubtreeRoot::SelectionSubtreeData::selectionEnd):
        (WebCore::SelectionSubtreeRoot::SelectionSubtreeData::selectionEndPos):
        (WebCore::SelectionSubtreeRoot::SelectionSubtreeData::selectionClear):
        (WebCore::SelectionSubtreeRoot::SelectionSubtreeData::selectionStartEndPositions):
        (WebCore::SelectionSubtreeRoot::SelectionSubtreeData::setSelectionStart):
        (WebCore::SelectionSubtreeRoot::SelectionSubtreeData::setSelectionStartPos):
        (WebCore::SelectionSubtreeRoot::SelectionSubtreeData::setSelectionEnd):
        (WebCore::SelectionSubtreeRoot::SelectionSubtreeData::setSelectionEndPos):
        (WebCore::SelectionSubtreeRoot::SelectionSubtreeData::clearSelection):
        (WebCore::SelectionSubtreeRoot::selectionData):
        (WebCore::SelectionSubtreeRoot::setSelectionData):
        (WebCore::SelectionSubtreeRoot::selectionStart): Deleted.
        (WebCore::SelectionSubtreeRoot::selectionStartPos): Deleted.
        (WebCore::SelectionSubtreeRoot::selectionEnd): Deleted.
        (WebCore::SelectionSubtreeRoot::selectionEndPos): Deleted.
        (WebCore::SelectionSubtreeRoot::selectionStartEndPositions): Deleted.
        (WebCore::SelectionSubtreeRoot::selectionClear): Deleted.
        (WebCore::SelectionSubtreeRoot::setSelectionStart): Deleted.
        (WebCore::SelectionSubtreeRoot::setSelectionStartPos): Deleted.
        (WebCore::SelectionSubtreeRoot::setSelectionEnd): Deleted.
        (WebCore::SelectionSubtreeRoot::setSelectionEndPos): Deleted.

2014-10-28  Jer Noble  <jer.noble@apple.com>

        [Mac] The first software paint of a <video> element takes up to 2.5s.
        https://bugs.webkit.org/show_bug.cgi?id=137754

        Reviewed by Brent Fulgham.

        It turns out that, if you pass nil to -[AVPlayerItemVideoOutput initWithPixelBufferAttributes:]
        the video output will not attempt to conform the resulting pixel buffers into a particular format.
        This means that adding such a video output to a AVPlayerItem should have almost no performance
        penalty, since the video output does not even copy the resulting buffers, but rather just retains
        and returns the ones from the AVPlayerLayer.

        Create and attach an AVPlayerItemVideoOutput after creating the AVPlayerItem, but before attaching
        the player item to the AVPlayer. This eliminates the reconfigure step which occurs after attaching
        a video output to an already attached AVPlayerItem.

        When creating the AVPlayerItemVideoOutput, pass in `nil` for the pixelBufferAttributes parameter.

        Instead of blocking waiting for output from the AVPlayerItemVideoOutput during creating, block and
        whait when asked to paint with the video output.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoLayer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoOutput):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::paintWithVideoOutput):

2014-10-28  Chris Dumez  <cdumez@apple.com>

        Move text decoration CSS properties to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138121

        Reviewed by Antti Koivisto.

        Move text decoration CSS properties from DeprecatedStyleBuilder to the
        new StyleBuilder so that they are generated from CSSPropertyNames.in.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyTextDecoration::applyValue): Deleted.
        (WebCore::ApplyPropertyTextDecoration::createHandler): Deleted.
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertTextDecoration):

2014-10-28  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Remove GDK dependency from SharedTimerGtk
        https://bugs.webkit.org/show_bug.cgi?id=138092

        Reviewed by Martin Robinson.

        It depends on GDK just to use GDK_PRIORITY_REDRAW constant, we can
        use its value directly instead.

        * PlatformGTK.cmake:
        * platform/gtk/SharedTimerGtk.cpp:
        (WebCore::setSharedTimerFireInterval):

2014-10-27  Andreas Kling  <akling@apple.com>

        Move RenderBlock::beingDestroyed() to RenderObject.
        <https://webkit.org/b/138116>

        Reviewed by Antti Koivisto.

        Make "is being destroyed" a RenderObject concept instead of restricting
        it to RenderBlocks. I'm guessing that this was specific to blocks due to
        lack of bitfield space in RenderObject, and that's no longer an issue.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::RenderBlock):
        (WebCore::RenderBlock::willBeDestroyed):
        * rendering/RenderBlock.h:
        (WebCore::RenderBlock::beingDestroyed): Deleted.
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::willBeDestroyed):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::destroy):
        * rendering/RenderObject.h:
        (WebCore::RenderObject::beingDestroyed):
        (WebCore::RenderObject::RenderObjectBitfields::RenderObjectBitfields):

2014-10-27  Chris Fleizach  <cfleizach@apple.com>

        AX: input type=hidden is being exposed when aria-hidden=false
        https://bugs.webkit.org/show_bug.cgi?id=138106

        Reviewed by Benjamin Poulain.

        If an input type=hidden was inside an aria-hidden=false, it would appear because
        the lack of a RenderObject behind that object was not blocking its adoption into the AX tree.
        We should explicity check for whether the type is hidden and then return an appropriate role. 

        Test: accessibility/input-type-hidden-in-aria-hidden-false.html

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::determineAccessibilityRole):
        (WebCore::AccessibilityNodeObject::computeAccessibilityIsIgnored):

2014-10-27  Alexey Proskuryakov  <ap@apple.com>

        https://trac.webkit.org/changeset/175233 broke many tests, fixing an incorrect '!'.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::determineAccessibilityRole):

2014-10-24  David Hyatt  <hyatt@apple.com>

        text-combine needs to center text within the vertical space using glyph bounds
        https://bugs.webkit.org/show_bug.cgi?id=138056
        <rdar://problem/15403667>

        Reviewed by Dean Jackson.

        Added fast/text/tatechuyoko.html

        * rendering/RenderCombineText.cpp:
        (WebCore::RenderCombineText::RenderCombineText):
        (WebCore::RenderCombineText::adjustTextOrigin):
        (WebCore::RenderCombineText::combineText):
        * rendering/RenderCombineText.h:

2014-10-27  Benjamin Poulain  <benjamin@webkit.org>

        Cleanup after r175213: fastGetAttribute().isNull() should be fastHasAttribute()

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
        Darin spotted this mistake.

2014-10-27  Alexey Proskuryakov  <ap@apple.com>

        http/tests/cookies/third-party-cookie-relaxing.html is flaky on bots
        https://bugs.webkit.org/show_bug.cgi?id=138098

        Reviewed by Anders Carlsson.

        * platform/network/cf/NetworkStorageSessionCFNet.cpp:
        (WebCore::NetworkStorageSession::switchToNewTestingSession):
        Create a separate session for each WKTR/DRT process when testing.

2014-10-27  Chris Dumez  <cdumez@apple.com>

        Use separate HashMaps for common and uncommon headers in HTTPHeaderMap
        https://bugs.webkit.org/show_bug.cgi?id=138079

        Reviewed by Anders Carlsson.

        Use separate HashMaps for common and uncommon headers in HTTPHeaderMap:
        - a (faster) HashMap<HTTPHeaderMap, String> for common HTTP headers
        - a HashMap<String, String, CaseFoldingHash> for uncommon ones

        This avoids having to construct Strings from HTTPHeaderMap values for
        storing. This also means we have less isolated String copies to do when
        creating cross-thread data. The common headers HashMap should also be
        a bit more efficient due to faster hashing and faster key comparison in
        case of collision.

        Some calls sites can also benefit from having direct access to common
        headers of the request in HTTPHeaderName type.

        This patch adds a new HTTPHeaderMapConstIterator iterator type for
        HTTPHeaderMap so that call sites that do not need / want to distinguish
        common / uncommon headers still do not need to. They can keep using
        modern C++ loops over HTTPHeaderMap objects and get <String, String>
        key/value pairs.

        No new tests, no behavior change.

        * loader/CrossOriginAccessControl.cpp:
        (WebCore::isOnAccessControlSimpleRequestHeaderWhitelist):
        Have isOnAccessControlSimpleRequestHeaderWhitelist() take a
        HTTPHeaderName in argument instead of a String as only common headers
        are in the whitelist.

        (WebCore::isSimpleCrossOriginAccessRequest):
        Call isOnAccessControlSimpleRequestHeaderWhitelist() only for common
        HTTP headers.

        * loader/CrossOriginAccessControl.h:
        Have isOnAccessControlSimpleRequestHeaderWhitelist() take a
        HTTPHeaderName in argument instead of a String as only common headers
        are in the whitelist.

        * loader/CrossOriginPreflightResultCache.cpp:
        (WebCore::CrossOriginPreflightResultCacheItem::allowsCrossOriginHeaders):
        Call isOnAccessControlSimpleRequestHeaderWhitelist() only for common
        HTTP headers.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::responseReceived):
        Call httpHeaderFields().commonHeaders().find() instead of
        httpHeaderFields().find() as we are looking for a common header.
        HTTPHeaderMap::find(HTTPHeaderName) was removed now that we have a
        HashMap dedicated to common headers.

        * loader/cache/CachedRawResource.cpp:
        (WebCore::shouldIgnoreHeaderForCacheReuse):
        Update argument type to be a HTTPHeaderName instead of a String as
        only common HTTP headers can be ignored for cache reuse. The
        implementation already dealt with HTTPHeaderName type and had to
        call findHTTPHeaderName(). This is no longer needed now that the
        call site now has direct access to common headers in HTTPHeaderName
        type.

        (WebCore::CachedRawResource::canReuse):
        - Only call shouldIgnoreHeaderForCacheReuse() for common HTTP headers.
        - Slightly optimize the second loop (the one over oldHeaderMap) to only
          check that the key is present in newHeaderMap, without actually
          comparing the String values. If the String values were different, the
          first loop would have seen it already and we would have returned
          early.

2014-10-27  Andreas Kling  <akling@apple.com>

        Devirtualize RenderDeprecatedFlexibleBox::isStretchingChildren().
        <https://webkit.org/b/138096>

        Reviewed by Chris Dumez.

        This function is only ever called on a renderer after we've checked
        that it's a RenderDeprecatedFlexibleBox, so make it non-virtual.

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::computeLogicalHeight):
        * rendering/RenderDeprecatedFlexibleBox.h:
        * rendering/RenderObject.h:

2014-10-27  Chris Dumez  <cdumez@apple.com>

        Reintroduce null check removed in r175222
        https://bugs.webkit.org/show_bug.cgi?id=138087

        Reviewed by Andreas Kling.

        Reintroduce null check removed in r175222 as several layout tests are
        crashing on the bots without them. At least the Pair pointer can be
        null according to the assertion hits on the bots.

        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertRadius):

2014-10-27  Chris Dumez  <cdumez@apple.com>

        Move radius CSS properties to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138087

        Reviewed by Andreas Kling.

        Move radius CSS properties from DeprecatedStyleBuilder to the new
        StyleBuilder so that they are now generated from CSSPropertyNames.in.

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyBorderRadius::setValue): Deleted.
        (WebCore::ApplyPropertyBorderRadius::applyValue): Deleted.
        (WebCore::ApplyPropertyBorderRadius::createHandler): Deleted.
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertRadius):

2014-10-27  Zan Dobersek  <zdobersek@igalia.com>

        Shrink MathMLOperatorDictionary::dictionary table
        https://bugs.webkit.org/show_bug.cgi?id=137914

        Reviewed by Darin Adler.

        Improve packing of the Entry structure that's used for elements
        of the MathMLOperatorDictionary::dictionary table. This drops the
        size of the struct from 16 bytes to just 4 bytes, and shrinks the
        size of the dictionary table from rougly 16 kB down to 4 kB.

        * rendering/mathml/RenderMathMLOperator.cpp:
        (WebCore::MathMLOperatorDictionary::ExtractKey):
        (WebCore::RenderMathMLOperator::setOperatorProperties):
        * rendering/mathml/RenderMathMLOperator.h:

2014-10-27  Andreas Kling  <akling@apple.com>

        Move canContainFixedPositionObjects() to RenderElement.
        <https://webkit.org/b/138088>

        Reviewed by Mihnea Ovidenie.

        Only RenderElement can contain other renderers, so it's not really
        natural to answer this question on RenderObject anyway.

        Moving it to RenderElement lets it access more efficient getters
        that don't have to handle the RenderText case.

        * rendering/RenderElement.h:
        (WebCore::RenderElement::canContainFixedPositionObjects):
        * rendering/RenderObject.h:
        (WebCore::RenderObject::canContainFixedPositionObjects): Deleted.

2014-10-26  Benjamin Poulain  <benjamin@webkit.org>

        Images with usemap should not have a link state
        https://bugs.webkit.org/show_bug.cgi?id=138071

        Reviewed by Andreas Kling.

        Image tags were incorrectly getting a link state if a usemap is defined.
        The <area> of the usemap is supposed to get the link state, but never the image.

        Unfortunately, the Accessibility code was relying on the wrong behavior
        to set the ImageMapRole, most of the patch is updating that code to get
        the correct role without the link state.

        Test: fast/selectors/images-with-usemap-should-not-match-link.html

        The accessibility code is covered by a few tests in accessibility/.
        The test accessibility/aria-used-on-image-maps.html ensure the <area>
        elements also get the correct role.

        * dom/Node.h:
        (WebCore::Node::setIsLink):
        (WebCore::Node::clearIsLink): Deleted.
        Unused code.

        (WebCore::Node::isLink):
        Move with its setter for clarity.

        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::parseAttribute):
        This is the bug.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
        Here the branches for the role ImageMap where behind isLink() which would
        never be valid after the fix.

        My fix here was to use the same definition previously set by HTMLImageElement::parseAttribute(),
        any usemap attribute qualifies the node for ImageMapRole.

        (WebCore::AccessibilityRenderObject::anchorElement):
        (WebCore::AccessibilityRenderObject::linkedUIElements):
        (WebCore::AccessibilityRenderObject::url):

        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::isAnchor): Deleted.
        Something funny I discovered is the Accessibility code worked around the bug
        by defining isAnchor() that exclude images from isLink().

        Since isLink() will no longer be true for images, the hack can be removed.

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::anchorElement):
        (WebCore::AccessibilityNodeObject::isAnchor): Deleted.
        * accessibility/AccessibilityNodeObject.h:
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper accessibilityAttributeNames]):

2014-10-26  Benjamin Poulain  <benjamin@webkit.org>

        Replace Element::didAffectSelector() by setNeedsStyleRecalc()
        https://bugs.webkit.org/show_bug.cgi?id=138080

        Reviewed by Andreas Kling.

        Element::didAffectSelector() was probably an optimization at some point,
        with the current code is does nothing more than setNeedsStyleRecalc().

        * dom/Document.cpp:
        (WebCore::Document::setCSSTarget):
        * dom/Element.cpp:
        (WebCore::Element::didAffectSelector): Deleted.
        * dom/Element.h:
        * html/HTMLAnchorElement.cpp:
        (WebCore::HTMLAnchorElement::parseAttribute):
        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::disabledStateChanged):
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::setChecked):
        (WebCore::HTMLInputElement::setIndeterminate):
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::parseAttribute):
        * html/HTMLOptGroupElement.cpp:
        (WebCore::HTMLOptGroupElement::parseAttribute):
        * html/HTMLOptionElement.cpp:
        (WebCore::HTMLOptionElement::parseAttribute):
        (WebCore::HTMLOptionElement::setSelectedState):
        * html/HTMLProgressElement.cpp:
        (WebCore::HTMLProgressElement::didElementStateChange):

2014-10-26  Andreas Kling  <akling@apple.com>

        Move some RenderObject member functions to RenderElement.
        <https://webkit.org/b/138085>

        Reviewed by Chris Dumez.

        Move these two functions to RenderElement:

            - handleDynamicFloatPositionChange()
            - removeAnonymousWrappersForInlinesIfNecessary()

        Also make childBecameNonInline() take a RenderElement& since
        that's all we ever pass to it.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::childBecameNonInline):
        * rendering/RenderBlock.h:
        * rendering/RenderBoxModelObject.h:
        (WebCore::RenderBoxModelObject::childBecameNonInline):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::handleDynamicFloatPositionChange):
        (WebCore::RenderElement::removeAnonymousWrappersForInlinesIfNecessary):
        * rendering/RenderElement.h:
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::childBecameNonInline):
        * rendering/RenderInline.h:
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::handleDynamicFloatPositionChange): Deleted.
        (WebCore::RenderObject::removeAnonymousWrappersForInlinesIfNecessary): Deleted.
        * rendering/RenderObject.h:

2014-10-26  Andreas Kling  <akling@apple.com>

        Move continuation teardown from subclasses to RenderBoxModelObject.
        <https://webkit.org/b/138081>

        Reviewed by Antti Koivisto.

        Let RenderBoxModelObject::willBeDestroyed() tear down any continuation
        instead of having every subclass do this themselves.

        Also added a RenderElement bit tracking whether the renderer has a
        continuation. This avoids a hash lookup every time we destroy a
        RenderBoxModelObject that didn't have a continuation.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::willBeDestroyed):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::willBeDestroyed):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::continuationMap):
        (WebCore::RenderBoxModelObject::willBeDestroyed):
        (WebCore::RenderBoxModelObject::continuation):
        (WebCore::RenderBoxModelObject::setContinuation):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::RenderElement):
        * rendering/RenderElement.h:
        (WebCore::RenderElement::setHasContinuation):
        (WebCore::RenderElement::hasContinuation):
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::willBeDestroyed):

2014-10-25  Benjamin Poulain  <benjamin@webkit.org>

        Remove a useless variable from SelectorCodeGenerator::generateElementMatchesSelectorList()
        https://bugs.webkit.org/show_bug.cgi?id=138076

        Reviewed by Alexey Proskuryakov.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatchesSelectorList):
        The variable elementAddressRegisterIndex was just needed for debugging, it is useless now.

2014-10-18  Brian J. Burg  <burg@cs.washington.edu>

        Web Inspector: timelines should not count time elapsed while paused in the debugger
        https://bugs.webkit.org/show_bug.cgi?id=136351

        Reviewed by Timothy Hatcher.

        To avoid counting time elapsed while the debugger is paused, timeline records should
        keep track of time elapsed since the start of timeline capturing, rather than wall clock
        timestamps. We can easily compute elapsed time by sharing a Stopwatch instance through the
        inspector environment. The stopwatch runs with timelines and is paused with the debugger,
        so subsequent time measurements will not include time elapsed while the debugger is paused.

        This refactoring is safe because start and end times are only used to graph records; the
        timestamp's actual value is irrelevant and is not displayed in the user interface. Date
        timestamps are still included with network-related records as part of their header data.

        No new tests, because we cannot reliably test timing changes induced by debugger pauses.
        It is possible for records to accrue time before the debugger pauses or after it resumes.

        * inspector/InspectorCSSAgent.cpp: Remove unnecessary include.
        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::InspectorController):
        (WebCore::InspectorController::executionStopwatch): Add a shared stopwatch.
        * inspector/InspectorController.h:
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::timestamp): Redirect to the shared stopwatch.
        (WebCore::InspectorPageAgent::domContentEventFired):
        (WebCore::InspectorPageAgent::loadEventFired):
        * inspector/InspectorPageAgent.h:
        * inspector/InspectorResourceAgent.cpp:
        (WebCore::InspectorResourceAgent::timestamp): Redirect to the shared stopwatch.
        (WebCore::InspectorResourceAgent::willSendRequest):
        (WebCore::InspectorResourceAgent::didReceiveResponse):
        (WebCore::InspectorResourceAgent::didReceiveData):
        (WebCore::InspectorResourceAgent::didFinishLoading):
        (WebCore::InspectorResourceAgent::didFailLoading):
        (WebCore::InspectorResourceAgent::didLoadResourceFromMemoryCache):
        (WebCore::InspectorResourceAgent::willSendWebSocketHandshakeRequest):
        (WebCore::InspectorResourceAgent::didReceiveWebSocketHandshakeResponse):
        (WebCore::InspectorResourceAgent::didCloseWebSocket):
        (WebCore::InspectorResourceAgent::didReceiveWebSocketFrame):
        (WebCore::InspectorResourceAgent::didSendWebSocketFrame):
        (WebCore::InspectorResourceAgent::didReceiveWebSocketFrameError):
        * inspector/InspectorResourceAgent.h:
        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::internalStart): Start and stop the stopwatch with timelines.
        (WebCore::InspectorTimelineAgent::internalStop):
        (WebCore::InspectorTimelineAgent::timestamp): Redirect to the shared stopwatch.
        (WebCore::startProfiling):
        (WebCore::InspectorTimelineAgent::startFromConsole):
        (WebCore::InspectorTimelineAgent::willCallFunction):
        (WebCore::InspectorTimelineAgent::willEvaluateScript):
        (WebCore::TimelineTimeConverter::reset): Deleted.
        * inspector/InspectorTimelineAgent.h:
        (WebCore::TimelineTimeConverter::TimelineTimeConverter): Deleted.
        (WebCore::TimelineTimeConverter::fromMonotonicallyIncreasingTime): Deleted.
        (WebCore::InspectorTimelineAgent::timeConverter): Deleted.
        * inspector/TimelineRecordFactory.cpp:
        * inspector/WorkerInspectorController.cpp:
        (WebCore::WorkerInspectorController::WorkerInspectorController):
        (WebCore::WorkerInspectorController::executionStopwatch): Add a shared stopwatch.
        * inspector/WorkerInspectorController.h:

2014-10-25  Dan Bernstein  <mitz@apple.com>

        Fix builds using the public SDK.

        * platform/spi/cocoa/NSExtensionSPI.h:

2014-10-24  Said Abou-Hallawa  <sabouhallawa@apple.com>

        Clamp wordSpacing percentage value.
        https://bugs.webkit.org/show_bug.cgi?id=129350.

        Reviewed by Zalan Bujtas.

        When the CSS wordSpacing property is percentage, its value has to be within the
        pre-defined min/max values for the CSS length type. This is done the same way
        the wordSpacing of type <length> is handled.

        Tests: css3/infinite-word-spacing.html.

        Move the definitions of minValueForCssLength and maxValueForCssLength from the
        .cpp file to the .h file.
        * css/CSSPrimitiveValue.cpp:
        * css/CSSPrimitiveValue.h:

        Clamp the wordSpacing value to minValueForCssLength and maxValueForCssLength when
        its type is percentage.
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::ApplyPropertyWordSpacing::applyValue):

2014-10-24  Chris Dumez  <cdumez@apple.com>

        [Mac] Use modern loops in ResourceRequestCocoa.mm
        https://bugs.webkit.org/show_bug.cgi?id=138052

        Reviewed by Darin Adler.

        Use modern loops in ResourceRequestCocoa.mm and leverage Objective-C's
        fast enumeration.

        No new tests, no behavior change.

        * platform/network/cocoa/ResourceRequestCocoa.mm:
        (WebCore::ResourceRequest::doUpdateResourceRequest):
        - Use NSDictionary's block-based enumeration as we enumerate both keys
          and values and this is faster than using fast enumeration of the keys
          then calling [NSDictionary objectForKey:]
        - Use Objective C's fast enumeration for
          contentDispositionEncodingFallbackArray as this is faster and shorter
          than index based access. Also use reserveCapacity() /
          uncheckedAppend() for m_responseContentDispositionEncodingFallbackArray
          as we know how many elements were are going to append in the common
          case.

        (WebCore::ResourceRequest::doUpdatePlatformRequest):
        - Use fast enumeration for [nsRequest allHTTPHeaderFields] dictionary
          keys instead of calling [NSDictionary allKeys] and then doing
          index-based iteration, to avoid copying the keys to a new array.
          Also do a forward enumeration instead of a reverse one. I don't see
          why a backward enumeration would be necessary here. We are not
          modifying the NSDictionary we are iterating over as
          [nsRequest allHTTPHeaderFields] makes a copy.
        - Use a modern C++ loop for
          m_responseContentDispositionEncodingFallbackArray.

2014-10-24  Zalan Bujtas  <zalan@apple.com>

        Replace INT_MIN/MAX / kFixedPointDenominator with intMin/MaxForLayoutUnit.
        https://bugs.webkit.org/show_bug.cgi?id=138047

        Reviewed by Andreas Kling.

        No change in functionality.

        * css/CSSPrimitiveValue.cpp:

2014-10-24  Alexey Proskuryakov  <ap@apple.com>

        REGRESSION(r174877): WebProcess sends an empty Cookies HTTP header
        https://bugs.webkit.org/show_bug.cgi?id=138053

        Reviewed by Chris Dumez.

        Fixes existing tests.

        * platform/network/mac/CookieJarMac.mm: (WebCore::cookiesForSession): Restore the 
        behavior of returning a null string when there are no cookies.

2014-10-24  Chris Dumez  <cdumez@apple.com>

        [Mac] Use NSString API in QuickLookMac::computeNeedsQuickLookResourceCachingQuirks()
        https://bugs.webkit.org/show_bug.cgi?id=138039

        Reviewed by Darin Adler.

        Use NSString API in QuickLookMac::computeNeedsQuickLookResourceCachingQuirks()
        for case-insensitive string comparison instead of converting to UTF-8 and then
        using strcasecmp().

        No new tests, no behavior change.

        * platform/mac/QuickLookMac.mm:
        (WebCore::QuickLookMac::computeNeedsQuickLookResourceCachingQuirks):

2014-10-24  Chris Dumez  <cdumez@apple.com>

        Avoid unnecessary NSURLRequest copies in ResourceRequest::doUpdatePlatformRequest() / doUpdatePlatformHTTPBody()
        https://bugs.webkit.org/show_bug.cgi?id=138049

        Reviewed by Alexey Proskuryakov.

        Avoid unnecessary NSURLRequest copies in ResourceRequest::doUpdatePlatformRequest()
        / doUpdatePlatformHTTPBody(). It turns out that about half the time, the
        m_nsRequest member is already mutable so it is unnecessary to call
        [NSURLRequest mutableCopy], we can just cast it to an NSMutableURLRequest* and
        avoid copying.

        This patch also moves the code to a new ensureMutableNSURLRequest() method to
        avoid duplicating the logic.

        I see that we spend ~21% less time in these 2 functions when loading
        http://flickr.com/explore/ (39.6ms -> 31.2ms).

        No new tests, no behavior change.

        * platform/network/cf/ResourceRequest.h:
        * platform/network/cocoa/ResourceRequestCocoa.mm:
        (WebCore::ResourceRequest::ensureMutableNSURLRequest):
        (WebCore::ResourceRequest::doUpdatePlatformRequest):
        (WebCore::ResourceRequest::doUpdatePlatformHTTPBody):

2014-10-24  Chris Dumez  <cdumez@apple.com>

        Move ComputeLength CSS properties to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138036

        Reviewed by Andreas Kling.

        Move ComputeLength CSS properties from DeprecatedStyleBuilder to the
        new StyleBuilder so that they are now generated. 3 Converters are
        provided for these properties: ComputedLength / LineWidth / Spacing.

        This is inspired by the following Blink revision by
        <timloh@chromium.org>:
        https://src.chromium.org/viewvc/blink?view=rev&revision=154012

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        (WebCore::ApplyPropertyComputeLength::setValue): Deleted.
        (WebCore::ApplyPropertyComputeLength::applyValue): Deleted.
        (WebCore::ApplyPropertyComputeLength::createHandler): Deleted.
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertComputedLength):
        (WebCore::StyleBuilderConverter::convertLineWidth):
        (WebCore::StyleBuilderConverter::convertSpacing):

2014-10-24  Chris Dumez  <cdumez@apple.com>

        Make ScriptWrappable's destructor protected instead of public
        https://bugs.webkit.org/show_bug.cgi?id=138037

        Reviewed by Andreas Kling.

        Make ScriptWrappable's destructor protected instead of public as it is
        not virtual and this class is subclassed a lot.

        No new tests, no behavior change.

        * bindings/js/ScriptWrappable.h:
        (WebCore::ScriptWrappable::~ScriptWrappable):

2014-10-23  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK][Cairo] Remove GTK dependency of WidgetBackingStoreGtkX11
        https://bugs.webkit.org/show_bug.cgi?id=138004

        Reviewed by Gustavo Noronha Silva.

        Rename all WidgetBackingStore* classes as
        BackingStoreBackendCairo* since all of them are actually
        BackingStore backends based on cairo, and move them from
        platform/cairo and platform/gtk to platform/graphics/cairo.
        BackingStoreBackendCairo is the base class that contains common
        members like the surface and size. BackingStoreBackendCairoImpl is
        the implementation using only cairo, and BackingStoreBackendCairoX11
        using xlib. BackingStoreBackendCairoX11 receives all the X11
        information it needs as constructor parameters, instead of using a
        GtkWidget and GTK+ X11 API. BackingStoreBackendCairoImpl receives
        the surface already created as constructor parameter, so that it
        doesn't have any platform specific code now.

        * PlatformEfl.cmake: Update compilation files.
        * PlatformGTK.cmake: Ditto.
        * platform/cairo/WidgetBackingStoreCairo.cpp: Removed.
        * platform/graphics/cairo/BackingStoreBackendCairo.h: Renamed from Source/WebCore/platform/cairo/WidgetBackingStore.h.
        (WebCore::BackingStoreBackendCairo::~BackingStoreBackendCairo):
        (WebCore::BackingStoreBackendCairo::surface):
        (WebCore::BackingStoreBackendCairo::size):
        (WebCore::BackingStoreBackendCairo::BackingStoreBackendCairo):
        * platform/graphics/cairo/BackingStoreBackendCairoImpl.cpp: Added.
        (WebCore::BackingStoreBackendCairoImpl::BackingStoreBackendCairoImpl):
        (WebCore::BackingStoreBackendCairoImpl::~BackingStoreBackendCairoImpl):
        (WebCore::BackingStoreBackendCairoImpl::scroll):
        * platform/graphics/cairo/BackingStoreBackendCairoImpl.h: Renamed from Source/WebCore/platform/cairo/WidgetBackingStoreCairo.h.
        * platform/graphics/cairo/BackingStoreBackendCairoX11.cpp: Renamed from Source/WebCore/platform/gtk/WidgetBackingStoreGtkX11.cpp.
        (WebCore::BackingStoreBackendCairoX11::BackingStoreBackendCairoX11):
        (WebCore::BackingStoreBackendCairoX11::~BackingStoreBackendCairoX11):
        (WebCore::BackingStoreBackendCairoX11::scroll):
        * platform/graphics/cairo/BackingStoreBackendCairoX11.h: Renamed from Source/WebCore/platform/gtk/WidgetBackingStoreGtkX11.h.
        * platform/graphics/cairo/CairoUtilities.cpp:
        (WebCore::cairoSurfaceGetDeviceScale):
        * platform/graphics/cairo/CairoUtilities.h:

2014-10-23  Zalan Bujtas  <zalan@apple.com>

        WebContent crash at WebCore::RenderTextControl::textFormControlElement const.
        https://bugs.webkit.org/show_bug.cgi?id=138035

        Reviewed by Antti Koivisto.

        NULL-check element().renderer() before using it.

        * html/SearchInputType.cpp:
        (WebCore::SearchInputType::didSetValueByUserEdit):

2014-10-23  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Remove HarfBuzzRun::create() factory function
        https://bugs.webkit.org/show_bug.cgi?id=137945

        Reviewed by Ryosuke Niwa.

        As a step to use std::unique_ptr<>, this patch applies std::unique_ptr<> and std::make_unique<>.
        Thus HarfBuzzRun::create() is needed no longer.

        No new tests, no behavior changes.

        * platform/graphics/harfbuzz/HarfBuzzShaper.cpp:
        (WebCore::HarfBuzzShaper::collectHarfBuzzRuns):
        * platform/graphics/harfbuzz/HarfBuzzShaper.h:
        (WebCore::HarfBuzzShaper::HarfBuzzRun::create): Deleted.

2014-10-23  Myles C. Maxfield  <mmaxfield@apple.com>

        Unreviewed iOS build fix

        * editing/FrameSelection.cpp:

2014-10-23  Chris Dumez  <cdumez@apple.com>

        [Mac] Optimize URL::createCFURL() for the common case
        https://bugs.webkit.org/show_bug.cgi?id=138030

        Reviewed by Alexey Proskuryakov.

        Optimize URL::createCFURL() for the common case by adding a fast path
        for when the URL String is already 8-bit (common case).
        When the string is 8-bit, we don't need to copy the bytes into a
        temporary buffer and we can construct the CFURLRef directly from it.

        This makes URL::createCFURL() ~34% faster on my machine.

        No new tests, no behavior change.

        * platform/mac/URLMac.mm:
        (WebCore::URL::createCFURL):

2014-10-23  Myles C. Maxfield  <mmaxfield@apple.com>

        Carets in GMail and iCloud compositions are the foreground text color
        https://bugs.webkit.org/show_bug.cgi?id=138029

        Reviewed by Simon Fraser.

        Previously, we were only checking whether the background colors of the foreground and background
        elements were the same, rather than taking validity and opacity into consideration.

        Test: editing/caret/color-span-inside-editable-background.html

        * editing/FrameSelection.cpp:
        (WebCore::disappearsIntoBackground):
        (WebCore::CaretBase::paintCaret):

2014-10-23  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Provide a way to have alternate inspector agents
        https://bugs.webkit.org/show_bug.cgi?id=137901

        Reviewed by Brian Burg.

        * Configurations/FeatureDefines.xcconfig:

2014-10-23  Simon Fraser  <simon.fraser@apple.com>

        Don't assume that style.overflowX() == style.overflowY()
        https://bugs.webkit.org/show_bug.cgi?id=138028

        Reviewed by Zalan Bujtas.

        WebKit doesn't support independent overflow scroll/hidden on different axes,
        but the RenderStyle does report the correct values. So check both overflowX()
        and overflowY() in a couple of places where we need to.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::styleHasTouchScrolling):
        (WebCore::styleChangeRequiresLayerRebuild):

2014-10-23  Chris Dumez  <cdumez@apple.com>

        Get rid of unnecessary vtables in WebKit
        https://bugs.webkit.org/show_bug.cgi?id=138024

        Reviewed by Benjamin Poulain.

        Get rid of unnecessary vtables in WebKit by de-virtualizing destructors
        when possible and marking the class as final to make sure people don't
        subclass it.

        No new tests, no behavior change.

        * WebCore.exp.in:
        * css/WebKitCSSMatrix.h:
        * css/WebKitCSSMatrix.idl:
        * html/canvas/WebGLContextGroup.h:
        * html/canvas/WebGLGetInfo.h:
        * html/canvas/WebGLUniformLocation.h:
        (WebCore::WebGLUniformLocation::~WebGLUniformLocation): Deleted.
        * html/canvas/WebGLUniformLocation.idl:
        * inspector/DOMPatchSupport.h:
        * inspector/InspectorHistory.h:
        * inspector/InspectorStyleSheet.h:
        * page/WheelEventDeltaTracker.h:
        * page/scrolling/ScrollLatchingState.h:
        * platform/audio/Biquad.h:
        * platform/graphics/Pattern.h:

2014-10-23  Chris Dumez  <cdumez@apple.com>

        Clean up virtual functions in dom/
        https://bugs.webkit.org/show_bug.cgi?id=138019

        Reviewed by Benjamin Poulain.

        Clean up virtual functions in dom/ by:
        - Making virtual functions final when possible
        - Making classes final when possible
        - Using 'override' when appropriate
        - Explicitly marking functions / destructors as virtual when they are
          inherently virtual
        - Making isXXX() virtual functions private on XXX classes to avoid
          unnecessary type checks
        - Dropping final for virtual functions in classes already marked as
          final

        No new tests, no behavior change.

        * WebCore.exp.in:
        * dom/AutocompleteErrorEvent.h:
        * dom/BeforeLoadEvent.h:
        (WebCore::BeforeLoadEventInit::BeforeLoadEventInit):
        * dom/BeforeTextInsertedEvent.h:
        * dom/ClipboardEvent.h:
        * dom/CompositionEvent.h:
        * dom/CustomEvent.h:
        * dom/DeviceMotionController.h:
        (WebCore::DeviceMotionController::~DeviceMotionController): Deleted.
        * dom/DeviceMotionEvent.h:
        * dom/DeviceOrientationController.h:
        (WebCore::DeviceOrientationController::~DeviceOrientationController): Deleted.
        * dom/DeviceOrientationEvent.h:
        * dom/Document.h:
        * dom/DocumentFragment.h:
        * dom/ErrorEvent.h:
        * dom/FocusEvent.h:
        * dom/HashChangeEvent.h:
        * dom/KeyboardEvent.h:
        * dom/LiveNodeList.h:
        * dom/MessageEvent.h:
        * dom/MessagePort.h:
        * dom/MouseEvent.h:
        * dom/MouseRelatedEvent.h:
        * dom/MutationEvent.h:
        * dom/NamedFlowCollection.h:
        * dom/OverflowEvent.h:
        * dom/PageTransitionEvent.h:
        * dom/PendingScript.h:
        * dom/PopStateEvent.h:
        * dom/RawDataDocumentParser.h:
        (WebCore::RawDataDocumentParser::finish): Deleted.
        (WebCore::RawDataDocumentParser::flush): Deleted.
        (WebCore::RawDataDocumentParser::insert): Deleted.
        (WebCore::RawDataDocumentParser::append): Deleted.
        * dom/ScriptableDocumentParser.h:
        * dom/SecurityPolicyViolationEvent.h:
        * dom/TextEvent.h:
        * dom/TouchEvent.h:
        * dom/TransitionEvent.h:
        * dom/UIEvent.h:
        * dom/WebKitAnimationEvent.h:
        * dom/WebKitTransitionEvent.h:
        * dom/WheelEvent.h:
        * page/DeviceController.h:
        (WebCore::DeviceController::~DeviceController):

2014-10-23  Tim Horton  <timothy_horton@apple.com>

        Add some SPI headers for NSExtension and NSSharingService{Picker}
        https://bugs.webkit.org/show_bug.cgi?id=138027

        Reviewed by Anders Carlsson.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/spi/cocoa/NSExtensionSPI.h: Added.
        * platform/spi/mac/NSSharingServicePickerSPI.h: Added.
        * platform/spi/mac/NSSharingServiceSPI.h: Added.
        Add modern SPI headers for NSExtension, and NSSharingService{Picker}.

        * rendering/RenderThemeMac.mm:
        Replace redefinitions with an SPI header #import.

2014-10-23  Eric Carlson  <eric.carlson@apple.com>

        [Mac] don't update caption user style sheet during parsing
        https://bugs.webkit.org/show_bug.cgi?id=137983
        rdar://problem/18735366

        Reviewed by Jer Noble.

        No new tests, existing tests cover the changes.

        * page/CaptionUserPreferencesMediaAF.cpp:
        (WebCore::CaptionUserPreferencesMediaAF::CaptionUserPreferencesMediaAF): Initialize m_updateStyleSheetTimer.
        (WebCore::CaptionUserPreferencesMediaAF::updateTimerFired): Call updateCaptionStyleSheetOveride.
        (WebCore::CaptionUserPreferencesMediaAF::setInterestedInCaptionPreferenceChanges): Prime a timer to update 
            the captions style sheet after a slight delay.

2014-10-23  Chris Dumez  <cdumez@apple.com>

        Move remaining Length-type properties to the new StyleBuilder
        https://bugs.webkit.org/show_bug.cgi?id=138012

        Reviewed by Antti Koivisto.

        Move remaining Length-type properties from DeprecatedStyleBuilder to
        the new StyleBuilder so that they are now generated from
        CSSPropertyNames.in as well. The patch introduces a couple of type
        converters for those: "LengthSizing / LengthMaxSizing".

        No new tests, no behavior change.

        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        * css/StyleBuilderConverter.h:
        (WebCore::StyleBuilderConverter::convertLengthSizing):
        (WebCore::StyleBuilderConverter::convertLengthMaxSizing):

2014-10-23  Jer Noble  <jer.noble@apple.com>

        [Mac] Safari cannot play 'audio/amr' content.
        https://bugs.webkit.org/show_bug.cgi?id=137894

        Reviewed by Eric Carlson.

        Test: media/media-can-play-case-insensitive.html

        Sites are returning 'video/amr' for AMR audio content, but the IANA spec says 'audio/AMR', which is also what
        AVFoundation claims to support.  However, MIME types are supposed to be case-insensitive. When creating our
        mime type cache, case-fold to lower all MIME types given to us by our media frameworks.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::mimeTypeCache):
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::addFileTypesToCache):

2014-10-23  Chris Dumez  <cdumez@apple.com>

        Move Length-type CSS properties from DeprecatedStyleBuilder to the new Style Builder
        https://bugs.webkit.org/show_bug.cgi?id=138000

        Reviewed by Andreas Kling.

        Move most Length-type CSS properties from DeprecatedStyleBuilder to the
        new Style Builder so that they are now generated. This patch adds
        support for a "Converter" option in CSSPropertyNames.in that can be
        used to specify a type converter function in
        css/StyleBuilderConverter.h. This patch adds support for Length and
        LengthOrAuto converters so that most Length-type properties can now be
        generated.

        Another converter (likely called "LengthSizing") will be needed to
        generate the remaining Length-type properties. This will be taken care
        of in a follow-up patch.

        This patch is inspired by the following Blink revision by
        <timloh@chromium.org>:
        https://src.chromium.org/viewvc/blink?view=rev&revision=150500

        No new tests, no behavior change.

        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        * css/SVGCSSPropertyNames.in:
        * css/StyleBuilder.h:
        * css/StyleBuilderConverter.h: Added.
        (WebCore::StyleBuilderConverter::convertLength):
        (WebCore::StyleBuilderConverter::convertLengthOrAuto):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::applyProperty):
        * css/makeprop.pl:

2014-10-23  Zan Dobersek  <zdobersek@igalia.com>

        Const-ify static s_resourceType members in RenderSVGResource* classes
        https://bugs.webkit.org/show_bug.cgi?id=137911

        Reviewed by Andreas Kling.

        Make s_resourceType static members in RenderSVGResource* classes const.
        Also update the resourceType() methods, where necessary, so that they
        return the s_resourceType constant.

        * rendering/svg/RenderSVGResourceClipper.cpp:
        * rendering/svg/RenderSVGResourceClipper.h:
        * rendering/svg/RenderSVGResourceFilter.cpp:
        * rendering/svg/RenderSVGResourceFilter.h:
        * rendering/svg/RenderSVGResourceLinearGradient.cpp:
        * rendering/svg/RenderSVGResourceLinearGradient.h:
        * rendering/svg/RenderSVGResourceMarker.cpp:
        * rendering/svg/RenderSVGResourceMarker.h:
        * rendering/svg/RenderSVGResourceMasker.cpp:
        * rendering/svg/RenderSVGResourceMasker.h:
        * rendering/svg/RenderSVGResourcePattern.cpp:
        * rendering/svg/RenderSVGResourcePattern.h:
        * rendering/svg/RenderSVGResourceRadialGradient.cpp:
        * rendering/svg/RenderSVGResourceRadialGradient.h:
        * rendering/svg/RenderSVGResourceSolidColor.cpp:
        * rendering/svg/RenderSVGResourceSolidColor.h:

2014-10-23  Zan Dobersek  <zdobersek@igalia.com>

        [TexMap] Clean up virtual method declarations in GraphicsLayerTextureMapper
        https://bugs.webkit.org/show_bug.cgi?id=137957

        Reviewed by Martin Robinson.

        Added override notation to the GraphicsLayerTextureMapper methods that are
        overriding the base methods from the GraphicsLayer class and don't have it yet.
        Also reordered these methods to follow the order of declaration in the
        GraphicsLayer class.

        Removed ::setName() and ::willBeDestroyed() methods since they just called
        the base class' methods.

        Also removed the ::solidColor() and ::changeMask() methods. The first one was
        only called in one place which can reference the m_solidColor member directly,
        and the second one wasn't used at all.

        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
        (WebCore::GraphicsLayerTextureMapper::commitLayerChanges):
        (WebCore::GraphicsLayerTextureMapper::setName): Deleted.
        (WebCore::GraphicsLayerTextureMapper::willBeDestroyed): Deleted.
        * platform/graphics/texmap/GraphicsLayerTextureMapper.h:
        (WebCore::GraphicsLayerTextureMapper::solidColor): Deleted.
        (WebCore::GraphicsLayerTextureMapper::usesContentsLayer): Deleted.
        (WebCore::GraphicsLayerTextureMapper::platformLayer): Deleted.
        (WebCore::GraphicsLayerTextureMapper::changeMask): Deleted.

2014-10-23  Krzysztof Czech  <k.czech@samsung.com>

        AX: Do the early return when role is different than UnknownRole
        https://bugs.webkit.org/show_bug.cgi?id=137880

        Reviewed by Chris Fleizach.

        We do not need to call ariaRoleAttribute() to check whether m_ariaRole is different than UnknownRole.
        Just check m_ariaRole instead.

        No new tests, no behavior change, just some cleanup

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::determineAccessibilityRole):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
        * accessibility/AccessibilityTableRow.cpp:
        (WebCore::AccessibilityTableRow::determineAccessibilityRole):

2014-10-23  Yusuke Suzuki  <utatane.tea@gmail.com>

        CSS JIT: Implement :matches
        https://bugs.webkit.org/show_bug.cgi?id=137947

        Reviewed by Benjamin Poulain.

        Initial patch for supporting :matches in CSS JIT.
        In this patch, we implement :matches
        by leveraging the generalized nested backtracking implementation.

        Tests: fast/selectors/matches-backtracking.html
               fast/selectors/matches-complex.html

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addPseudoClassType):
        (WebCore::SelectorCompiler::hasAnyCombinators):
        (WebCore::SelectorCompiler::computeBacktrackingMemoryRequirements):
        (WebCore::SelectorCompiler::computeBacktrackingInformation):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatching):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatchesMatchesPseudoClass):

2014-10-23  Milan Crha  <mcrha@redhat.com>

        RenderThemeGtk::mediaControlsScript() is not defined when VIDEO is disabled.
        <https://webkit.org/b/137970>.

        Reviewed by Carlos Garcia Campos.

        * rendering/RenderThemeGtk.cpp:

2014-10-22  Milan Crha  <mcrha@redhat.com>

        Do not include GraphicsContext3D.h when 3D_GRAPHICS is not used.
        <https://webkit.org/b/137969>.

        Reviewed by Carlos Garcia Campos.

        * platform/graphics/cairo/GraphicsContext3DCairo.cpp:

2014-10-22  Milan Crha  <mcrha@redhat.com>

        Do not build WidgetBackingStoreGtkX11 when not used.
        <https://webkit.org/b/137972>.

        Reviewed by Carlos Garcia Campos.

        * platform/gtk/WidgetBackingStoreGtkX11.cpp:
        * platform/gtk/WidgetBackingStoreGtkX11.h:

2014-10-22  Simon Fraser  <simon.fraser@apple.com>

        [iOS] Toggling overflow:scroll to hidden on element with -webkit-overflow-scrolling:touch can cause children to disappear
        https://bugs.webkit.org/show_bug.cgi?id=137999
        rdar://problem/18425550

        Reviewed by Zalan Bujtas.
        
        When toggling overflow from scroll to hidden on an element with -webkit-overflow-scrolling:touch,
        we'd fail to do a compositing layer rebuild, which caused various issues like unparented
        descendants, and misplaced and unrepainted content.
        
        This happened because we'd get to RenderLayerBacking::updateConfiguration() via styleChanged
        with the view needing layout, so never hit the updateScrollingLayers() code, and the subsequent
        updateCompositingLayers() would be a no-op.
        
        Fix by explicitly triggering a layer rebuild when style changes such that the touch-scrollability
        of an element changes, as we do for changes in clip.

        Test: compositing/scrolling/touch-scroll-to-clip.html

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::isScrollableOverflow):
        (WebCore::styleHasTouchScrolling):
        (WebCore::styleChangeRequiresLayerRebuild):

2014-10-22  Chris Dumez  <cdumez@apple.com>

        Clean up virtual functions in rendering/
        https://bugs.webkit.org/show_bug.cgi?id=137984

        Reviewed by Darin Adler.

        Clean up virtual functions in rendering/ by:
        - Making virtual functions final when possible
        - Making classes final when possible
        - Using 'override' when appropriate
        - Explicitly marking functions / destructors as virtual when they are
          inherently virtual
        - Dropping virtual destructors when the class does not have subclasses
          and mark the class as final, to get rid of unnecessary vtables
        - Making isXXX() virtual functions private on XXX classes to avoid
          unnecessary type checks
        - De-virtualizing some functions that do not need to be virtual
        - Dropping final for virtual functions in classes already marked as
          final

        No new tests, no behavior change.

        * html/shadow/SliderThumbElement.cpp:
        * rendering/AutoTableLayout.h:
        * rendering/ClipPathOperation.h:
        (WebCore::ClipPathOperation::type):
        (WebCore::ClipPathOperation::isSameType):
        * rendering/EllipsisBox.h:
        * rendering/FixedTableLayout.h:
        * rendering/InlineElementBox.h:
        * rendering/RenderBlockFlow.h:
        * rendering/RenderCombineText.h:
        * rendering/RenderCounter.h:
        * rendering/RenderDeprecatedFlexibleBox.h:
        * rendering/RenderFlexibleBox.h:
        * rendering/RenderFullScreen.h:
        * rendering/RenderGrid.h:
        * rendering/RenderLayer.h:
        * rendering/RenderLayerBacking.h:
        * rendering/RenderLayerCompositor.h:
        * rendering/RenderLayerFilterInfo.h:
        * rendering/RenderLineBreak.h:
        * rendering/RenderMarquee.h:
        * rendering/RenderMediaControlElements.h:
        * rendering/RenderMultiColumnFlowThread.h:
        * rendering/RenderMultiColumnSet.h:
        * rendering/RenderMultiColumnSpannerPlaceholder.h:
        * rendering/RenderNamedFlowFragment.h:
        * rendering/RenderNamedFlowThread.h:
        * rendering/RenderQuote.h:
        * rendering/RenderRegion.h:
        (WebCore::RenderRegion::renderName): Deleted.
        * rendering/RenderReplica.h:
        * rendering/RenderRubyBase.h:
        * rendering/RenderRubyRun.h:
        * rendering/RenderScrollbar.h:
        * rendering/RenderScrollbarPart.h:
        * rendering/RenderScrollbarTheme.h:
        (WebCore::RenderScrollbarTheme::~RenderScrollbarTheme): Deleted.
        (WebCore::RenderScrollbarTheme::scrollbarThickness): Deleted.
        (WebCore::RenderScrollbarTheme::buttonsPlacement): Deleted.
        (WebCore::RenderScrollbarTheme::supportsControlTints): Deleted.
        (WebCore::RenderScrollbarTheme::shouldCenterOnThumb): Deleted.
        (WebCore::RenderScrollbarTheme::initialAutoscrollTimerDelay): Deleted.
        (WebCore::RenderScrollbarTheme::autoscrollTimerDelay): Deleted.
        (WebCore::RenderScrollbarTheme::registerScrollbar): Deleted.
        (WebCore::RenderScrollbarTheme::unregisterScrollbar): Deleted.
        * rendering/RenderSnapshottedPlugIn.h:
        * rendering/RenderTextControlMultiLine.h:
        * rendering/RenderTextFragment.h:
        * rendering/RenderThemeGtk.h:
        * rendering/RenderThemeIOS.h:
        * rendering/RenderThemeWin.h:
        * rendering/RenderVideo.h:
        * rendering/TextAutosizer.h:
        * rendering/TrailingFloatsRootInlineBox.h:
        * rendering/mathml/RenderMathMLBlock.h:
        * rendering/mathml/RenderMathMLMenclose.h:
        * rendering/mathml/RenderMathMLOperator.h:
        * rendering/mathml/RenderMathMLRadicalOperator.h:
        * rendering/mathml/RenderMathMLRoot.h:
        * rendering/mathml/RenderMathMLRow.h:
        * rendering/mathml/RenderMathMLScripts.h:
        * rendering/mathml/RenderMathMLToken.h:
        * rendering/mathml/RenderMathMLUnderOver.h:
        * rendering/shapes/BoxShape.h:
        * rendering/shapes/PolygonShape.h:
        * rendering/shapes/RasterShape.h:
        * rendering/shapes/RectangleShape.h:
        * rendering/style/BasicShapes.h:
        * rendering/style/StylePendingImage.h:
        (WebCore::StylePendingImage::computeIntrinsicDimensions): Deleted.
        * rendering/svg/RenderSVGBlock.h:
        * rendering/svg/RenderSVGContainer.h:
        * rendering/svg/RenderSVGEllipse.h:
        * rendering/svg/RenderSVGForeignObject.h:
        * rendering/svg/RenderSVGImage.h:
        * rendering/svg/RenderSVGPath.h:
        * rendering/svg/RenderSVGRect.h:
        * rendering/svg/RenderSVGResourceClipper.h:
        * rendering/svg/RenderSVGResourceFilter.h:
        * rendering/svg/RenderSVGResourceFilterPrimitive.h:
        * rendering/svg/RenderSVGResourceLinearGradient.h:
        * rendering/svg/RenderSVGResourceMarker.h:
        * rendering/svg/RenderSVGResourceMasker.h:
        * rendering/svg/RenderSVGResourcePattern.h:
        * rendering/svg/RenderSVGResourceRadialGradient.h:
        * rendering/svg/RenderSVGRoot.h:
        * rendering/svg/RenderSVGTSpan.h:
        * rendering/svg/RenderSVGText.h:
        * rendering/svg/RenderSVGTransformableContainer.h:
        * rendering/svg/RenderSVGViewportContainer.h:
        * rendering/svg/SVGInlineTextBox.h:
        * rendering/svg/SVGRootInlineBox.h:

2014-10-22  Jer Noble  <jer.noble@apple.com>

        REGRESSION(r175000): Crash in SourceBufferPrivateAVFObjC::destroyParser()
        https://bugs.webkit.org/show_bug.cgi?id=137990

        Reviewed by Alexey Proskuryakov.

        NULL-check m_mediaSource before using.

        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::destroyParser):

2014-10-22  Said Abou-Hallawa  <sabouhallawa@apple.com>

        SVG loaded through html <img> can't request to load any external resources.
        https://bugs.webkit.org/show_bug.cgi?id=137762.

        Reviewed by Daniel Bates.

        SVG images have unique security rules that prevent them from loading any external
        resources. This patch enforces these rules in CachedResourceLoader::canRequest for
        all non-data-uri resources.

        The fix and the tests are ported but modified a little from the chromium fix:
        http://src.chromium.org/viewvc/blink?view=rev&rev=176084

        Test: http/tests/security/svg-image-with-cached-remote-image.html
              http/tests/security/svg-image-with-css-cross-domain.html

        For the SVG image, prevent loading any external sub-resource except for data urls.
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::canRequest):

2014-10-21  Ada Chan  <adachan@apple.com>

        MediaPlayerPrivateAVFoundation::hasAudio() returns false even when there is an audible AVMediaSelectionOption selected
        https://bugs.webkit.org/show_bug.cgi?id=137935

        Reviewed by Eric Carlson.

        Set hasAudio to true if there's a selected audible AVMediaSelectionOption
        after the call to updateAudioTracks(). Ditto for video.

        Test: http/tests/media/hls/hls-audio-tracks-has-audio.html

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::tracksChanged):

        * testing/Internals.cpp:
        (WebCore::Internals::mediaElementHasCharacteristic):
        * testing/Internals.h:
        * testing/Internals.idl:
        Add internals.mediaElementHasCharacteristic for the new test.

2014-10-22  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Remove WidgetBackingStoreCairo::create() factory function
        https://bugs.webkit.org/show_bug.cgi?id=137943

        Reviewed by Darin Adler.

        WidgetBackingStoreCairo::create() can be replaced by std::make_unique<>.
        Thus this patch removes it, then use std::make_unique<>|std::unique_ptr<>.

        No new tests, no behavior changes.

        * platform/cairo/WidgetBackingStoreCairo.cpp:
        (WebCore::WidgetBackingStoreCairo::create): Deleted.
        * platform/cairo/WidgetBackingStoreCairo.h:
        * platform/gtk/WidgetBackingStoreGtkX11.cpp:
        (WebCore::WidgetBackingStoreGtkX11::create): Deleted.
        * platform/gtk/WidgetBackingStoreGtkX11.h:

2014-10-22  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Remove TextCheckerEnchant::create() factory function
        https://bugs.webkit.org/show_bug.cgi?id=137944

        Reviewed by Darin Adler.

        TextCheckerEnchant::create() can be replaced by std::make_unique<> and std::unique_ptr<>.

        No new tests, no behavior change.

        * platform/text/enchant/TextCheckerEnchant.h:
        (WebCore::TextCheckerEnchant::create): Deleted.

2014-10-22  Chris Dumez  <cdumez@apple.com>

        Avoid confusion between AccessibilityObject::isTable() / isAccessibilityTable()
        https://bugs.webkit.org/show_bug.cgi?id=137899

        Reviewed by Darin Adler.

        Avoid confusion between AccessibilityObject::isTable() and
        isAccessibilityTable(). isTable() is equivalent to
        is<AccessibilityTable>(), while isAccessibilityTable() is an
        AccessibilityTable that is exposed as an AccessibilityTable to the
        platform.

        This patch is renaming isAccessibilityTable() to
        isExposableThroughAccessibility(), makes it non-virtual and defines it
        on AccessibilityTable only, for clarity.

        This patch also renames isTableExposableThroughAccessibility() to
        computeIisTableExposableThroughAccessibility() as it is called only
        once to initialize the m_isExposableThroughAccessibility data member.

        No new tests, no behavior change.

        * accessibility/AccessibilityARIAGrid.cpp:
        (WebCore::AccessibilityARIAGrid::addChildren):
        * accessibility/AccessibilityARIAGrid.h:
        * accessibility/AccessibilityARIAGridCell.cpp:
        (WebCore::AccessibilityARIAGridCell::parentTable):
        (WebCore::AccessibilityARIAGridCell::rowIndexRange):
        (WebCore::AccessibilityARIAGridCell::columnIndexRange):
        * accessibility/AccessibilityARIAGridRow.cpp:
        (WebCore::AccessibilityARIAGridRow::disclosedRows):
        (WebCore::AccessibilityARIAGridRow::disclosedByRow):
        (WebCore::AccessibilityARIAGridRow::parentTable):
        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::shouldUseAccessiblityObjectInnerText):
        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::isAccessibilityObjectSearchMatchAtIndex):
        (WebCore::appendChildrenToArray):
        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::isAccessibilityTable): Deleted.
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::ariaSelectedRows):
        * accessibility/AccessibilityTable.cpp:
        (WebCore::AccessibilityTable::AccessibilityTable):
        (WebCore::AccessibilityTable::init):
        (WebCore::AccessibilityTable::isExposableThroughAccessibility):
        (WebCore::AccessibilityTable::computeIsTableExposableThroughAccessibility):
        (WebCore::AccessibilityTable::addChildren):
        (WebCore::AccessibilityTable::tableLevel):
        (WebCore::AccessibilityTable::roleValue):
        (WebCore::AccessibilityTable::computeAccessibilityIsIgnored):
        (WebCore::AccessibilityTable::title):
        (WebCore::AccessibilityTable::isAccessibilityTable): Deleted.
        (WebCore::AccessibilityTable::isTableExposableThroughAccessibility): Deleted.
        * accessibility/AccessibilityTable.h:
        * accessibility/AccessibilityTableCell.cpp:
        (WebCore::AccessibilityTableCell::isTableCell):
        * accessibility/AccessibilityTableColumn.cpp:
        (WebCore::AccessibilityTableColumn::headerObject):
        (WebCore::AccessibilityTableColumn::addChildren):
        * accessibility/AccessibilityTableHeaderContainer.cpp:
        (WebCore::AccessibilityTableHeaderContainer::addChildren):
        * accessibility/AccessibilityTableRow.cpp:
        (WebCore::AccessibilityTableRow::isTableRow):
        (WebCore::AccessibilityTableRow::parentTable):
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (webkitAccessibleGetNChildren):
        (webkitAccessibleRefChild):
        (webkitAccessibleGetAttributes):
        * accessibility/mac/AXObjectCacheMac.mm:
        (WebCore::AXObjectCache::postPlatformNotification):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper additionalAccessibilityAttributeNames]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeNames]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
        (-[WebAccessibilityObjectWrapper accessibilityParameterizedAttributeNames]):
        (-[WebAccessibilityObjectWrapper accessibilitySetValue:forAttribute:]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):

2014-10-22  Chris Dumez  <cdumez@apple.com>

        Avoid repeated is<MutableStyleProperties>() checks in StyleProperties
        https://bugs.webkit.org/show_bug.cgi?id=137978

        Reviewed by Andreas Kling.

        Reduce the amount of is<MutableStyleProperties>() checks in
        StyleProperties by:
        - Removing the checks in each method of StyleProperties::PropertyReference,
          and replace them by a single check in StyleProperties::propertyAt().
        - Providing faster propertyCount() / propertyAt() / isEmpty() methods on
          MutableStyleProperties / ImmutableStyleProperties as a lot of callers use
          tight typing.
        - Using tighter typing at call sites whenever possible.

        Ideally, we could be able to use iterators instead of propertyCount() /
        propertyAt() but this is not trivial to do efficiently as the
        representation in memory is fundamentally different for MutableStyleProperties
        / ImmutableStyleProperties. We may be able to do better longer term, but
        this is already more efficient short term at least.

        No new tests, no behavior change.

        * css/StyleProperties.cpp:
        (WebCore::MutableStyleProperties::MutableStyleProperties):
        (WebCore::StyleProperties::PropertyReference::cssText):
        * css/StyleProperties.h:
        (WebCore::StyleProperties::PropertyReference::PropertyReference):
        (WebCore::StyleProperties::PropertyReference::id):
        (WebCore::StyleProperties::PropertyReference::shorthandID):
        (WebCore::StyleProperties::PropertyReference::isImportant):
        (WebCore::StyleProperties::PropertyReference::isInherited):
        (WebCore::StyleProperties::PropertyReference::isImplicit):
        (WebCore::StyleProperties::PropertyReference::value):
        (WebCore::StyleProperties::PropertyReference::toCSSProperty):
        (WebCore::StyleProperties::isEmpty):
        (WebCore::ImmutableStyleProperties::isEmpty):
        (WebCore::MutableStyleProperties::isEmpty):
        (WebCore::ImmutableStyleProperties::propertyAt):
        (WebCore::MutableStyleProperties::propertyAt):
        (WebCore::StyleProperties::propertyAt):
        (WebCore::StyleProperties::propertyCount):
        (WebCore::StyleProperties::PropertyReference::propertyMetadata): Deleted.
        (WebCore::StyleProperties::PropertyReference::propertyValue): Deleted.
        * editing/EditingStyle.cpp:
        (WebCore::removePropertiesInStyle):
        (WebCore::EditingStyle::removePropertiesInElementDefaultStyle):

2014-10-22  Eric Carlson  <eric.carlson@apple.com>

        [Mac][MediaStream] clean up bit rot
        https://bugs.webkit.org/show_bug.cgi?id=137976

        Reviewed by Jer Noble.

        No new tests, this just gets the Mac port compiling again.

        * Modules/mediastream/MediaStream.h: Add a virtual destructor to Observer since it has 
            a virtual method.

        * WebCore.exp.in: Export RTCPeerConnectionHandler::create and RTCPeerConnectionHandlerMock::create(WebCore::RTCPeerConnectionHandlerClient*),
            they are both use by Internals for testing.

        * WebCore.xcodeproj/project.pbxproj: Add RTC and MediaStream files.

        * html/HTMLMediaElement.h: Forward declare MediaStream instead of including MediaStream.h.

        * platform/mediastream/RTCPeerConnectionHandler.h: EXPORT the create method.

        * platform/mock/MediaConstraintsMock.cpp:
        (WebCore::isSupported): Make static.
        (WebCore::isValid): Ditto.

        * platform/mock/RTCPeerConnectionHandlerMock.h: EXPORT the create method.

2014-10-22  Chris Dumez  <cdumez@apple.com>

        [Mac][WK2] Fix applicationIsSafari() detection
        https://bugs.webkit.org/show_bug.cgi?id=137893

        Reviewed by Alexey Proskuryakov.

        I noticed when profiling Safari on Mac that we were exercising a code
        path we shouldn't because it is meant for other applications that
        Safari.

        The detection relies on the applicationIsSafari() function in
        RuntimeApplicationChecks.cpp. This was in some cases returning false on
        my machine even though I was running Safari so I investigated a bit and
        noticed that the check relies on the main bundle identifier string and
        is doing:
        isSafari = mainBundleIsEqualTo("com.apple.Safari")
            || mainBundleIsEqualTo("com.apple.WebProcess");

        This WebProcess detection is very unreliable because:
        - It matches other apps than Safari's WebProcesses
        - The bundle name for the WebProcess is sometimes
        "com.apple.WebKit.WebContent" or
        "com.apple.WebKit.WebContent.Development".

        The solution used in this patch is to move the applicationIsSafari()
        check to the UIProcess so that the check actually succeeds reliably.
        The call site for applicationIsSafari() was in
        ResourceRequest::useQuickLookResourceCachingQuirks(). This match
        removes that logic from ResourceRequest and move it to
        FrameLoaderClient as only the FrameLoader is interested in this
        information. The logic to determine if we should use QuickLook
        resource caching quirks is moved to a new QuickLook class under
        platform/ as the code needs to be shared between WebKit and WebKit2.
        On WebKit2, we make use that code on the UIProcess side and pass
        the flag as a parameter when constructing the WebProcess. The flag
        is then stored on the WebProcess and queried by WebFrameLoaderClient.

        Previously, we would spend ~1% of the WebProcess cpu time (when loading
        apple.com) trying to detect if we should use QuickLook resource caching
        quirks even though that check was supposed to be disabled and return
        early when running Safari.

        No new tests, not easily testable.

        * WebCore.exp.in:
        * WebCore.xcodeproj/project.pbxproj:
        * loader/EmptyClients.h:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::subresourceCachePolicy):
        * loader/FrameLoaderClient.h:
        * platform/RuntimeApplicationChecks.cpp:
        (WebCore::applicationIsSafari):
        Remove "com.apple.WebProcess" bundle name matching as this causes false
        positives (matches other applications than Safari's WebProcesses) and
        it is no longer needed now that applicationIsSafari() is always called
        from the UIProcess.

        * platform/mac/QuickLookMac.h: Added.
        * platform/mac/QuickLookMac.mm: Copied from Source/WebCore/platform/network/mac/ResourceRequestMac.mm.
        (WebCore::QuickLookMac::computeNeedsQuickLookResourceCachingQuirks):
        * platform/network/cf/ResourceRequest.h:
        * platform/network/ios/ResourceRequestIOS.mm:
        (WebCore::ResourceRequest::useQuickLookResourceCachingQuirks): Deleted.
        * platform/network/mac/ResourceRequestMac.mm:
        (WebCore::initQuickLookResourceCachingQuirks): Deleted.
        (WebCore::ResourceRequest::useQuickLookResourceCachingQuirks): Deleted.

2014-10-22  Shivakumar JM  <shiva.jm@samsung.com>

        XMLHttpRequest should support attribute responseURL as per latest XHR spec.
        https://bugs.webkit.org/show_bug.cgi?id=136938

        Reviewed by Alexey Proskuryakov.

        Tests: http/tests/xmlhttprequest/basic-auth-responseURL.html
               http/tests/xmlhttprequest/cross-origin-redirect-responseURL.html
               http/tests/xmlhttprequest/redirect-credentials-responseURL.html
               http/tests/xmlhttprequest/xmlhttprequest-responseURL.html

        XMLHttpRequest should support attribute responseURL

        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::responseURL):
        * xml/XMLHttpRequest.h:
        * xml/XMLHttpRequest.idl:

2014-10-22  Chris Dumez  <cdumez@apple.com>

        Add initial support for generating the StyleBuilder from CSSPropertyNames.in
        https://bugs.webkit.org/show_bug.cgi?id=137910

        Reviewed by Andreas Kling.

        Add initial support for generating the StyleBuilder from
        CSSPropertyNames.in. This is a first step towards getting rid of the
        legacy DeprecatedStyleBuilder class and having everything defined in one
        place (CSSPropertyNames.in).

        This patch updates makeprop.pl script to generate a StyleBuilder.cpp
        file that generate a the StyleBuilder::applyProperty() method
        implementation using a huge switch statement for all the CSS
        properties. With this patch, we are now generating the new StyleBuilder
        code for all the "simple" CSS properties (i.e. those that were using
        ApplyPropertyDefault<> in DeprecatedStyleBuilder.cpp). I am using a
        "NewStyleBuilder" option in CSSPropertyNames.in for properties that
        we generate to help with improving incrementally the generator. Once
        we are able to generate all properties, this transition option will
        do away and become the default.

        By default, the generator will make an educated guess for the type
        name, the getter, the setter and the initial function of each property.
        For example, for the border-collapse property, it will use:
        - TypeName: EBorderCollapse (i.e. 'E' + PropertyId)
        - Getter: borderCollapse() (i.e. PropertyId with first letter lowercased)
        - Setter: setBorderCollapse() (i.e. 'set' + PropertyId)
        - Initial: initialBorderCollapse() (i.e. 'initial' + PropertyId)

        This works for most properties. For properties that need
        special-casing, developers can use the following options in
        CSSPropertyNames.in:
        - TypeName: Overrides the type name
        - Getter: Overrides the getter name
        - Setter: Overrides the setter name
        - Initial: Overrides the initial function name
        - NameForMethods: Overrides the Getter / Setter / Initial function
          names. For e.g. "NameForMethods=OverflowWrap" will use
          "overflowWrap() / setOverflowWrap() / initialOverflowWrap()".

        The patch is inspired by the following Blink revision by
        <timloh@chromium.org>:
        https://src.chromium.org/viewvc/blink?view=rev&revision=150424

        No new tests, no behavior change.

        * CMakeLists.txt:
        * DerivedSources.make:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSPropertyNames.in:
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::ApplyPropertyVerticalAlign::createHandler):
        (WebCore::ApplyPropertyDisplay::applyInitialValue):
        (WebCore::DeprecatedStyleBuilder::DeprecatedStyleBuilder):
        * css/StyleBuilder.h: Added.
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::adjustRenderStyle):
        (WebCore::StyleResolver::applyProperty):
        * css/makeprop.pl:
        * rendering/style/RenderStyle.h:
        Move the initialXXX() methods that were in NonInheritedFlags to
        RenderStyle class, with the other initialXXX() methods to facilitate
        code generation.

        * rendering/style/StyleMultiColData.cpp:
        (WebCore::StyleMultiColData::StyleMultiColData):
        * rendering/style/StyleRareNonInheritedData.cpp:
        (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):

2014-10-22  Carlos Garcia Campos  <cgarcia@igalia.com>

        Unreviewed. Fix GStreamer debug build after r175050.

        Explicitly include wtf/MainThread.h.

        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

2014-10-22  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GStreamer] Do not use CachedResourceLoader, SecurityOrigin, ResourceBuffer and other WebCore types
        https://bugs.webkit.org/show_bug.cgi?id=137064

        Reviewed by Philippe Normand.

        Move the media resource loader to a new class in WebCore/loader
        that inherits from a PlatformMediaResourceLoader class defined in
        the platform layer. The platform specific behaviour is implemented
        using a client also defined in the platform layer, implemented by
        every media backend, and used by the WebCore MediaResourceLoader.

        * CMakeLists.txt: Add new files to compilation.
        * WebCore.vcxproj/WebCore.vcxproj: Ditto.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaPlayerCreateResourceLoader):
        Create a MediaResourceLoader.
        (WebCore::HTMLMediaElement::mediaPlayerCORSMode): Deleted. This is
        no longer used.
        * html/HTMLMediaElement.h:
        * loader/MediaResourceLoader.cpp: Added.
        (WebCore::MediaResourceLoader::MediaResourceLoader):
        (WebCore::MediaResourceLoader::~MediaResourceLoader):
        (WebCore::MediaResourceLoader::start): Start a new load for the
        given request and load options.
        (WebCore::MediaResourceLoader::stop): Stop the load if needed.
        (WebCore::MediaResourceLoader::setDefersLoading):
        (WebCore::MediaResourceLoader::responseReceived): Handle CORS
        access check and notify the client about the response.
        (WebCore::MediaResourceLoader::dataReceived): Notify the client.
        (WebCore::MediaResourceLoader::notifyFinished): Ditto.
        (WebCore::MediaResourceLoader::getOrCreateReadBuffer): Ask the
        client to create the read buffer.
        * loader/MediaResourceLoader.h: Added.
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::createResourceLoader): Call
        mediaPlayerCreateResourceLoader() if there's a client.
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerClient::mediaPlayerCreateResourceLoader):
        (WebCore::MediaPlayerClient::mediaPlayerCORSMode): Deleted.
        * platform/graphics/PlatformMediaResourceLoader.h: Added.
        (WebCore::PlatformMediaResourceLoaderClient::responseReceived):
        (WebCore::PlatformMediaResourceLoaderClient::dataReceived):
        (WebCore::PlatformMediaResourceLoaderClient::bufferReceived):
        (WebCore::PlatformMediaResourceLoaderClient::accessControlCheckFailed):
        (WebCore::PlatformMediaResourceLoaderClient::loadFailed):
        (WebCore::PlatformMediaResourceLoaderClient::loadFinished):
        (WebCore::PlatformMediaResourceLoaderClient::getOrCreateReadBuffer):
        (WebCore::PlatformMediaResourceLoader::~PlatformMediaResourceLoader):
        (WebCore::PlatformMediaResourceLoader::stop):
        (WebCore::PlatformMediaResourceLoader::setDefersLoading):
        (WebCore::PlatformMediaResourceLoader::didPassAccessControlCheck):
        (WebCore::PlatformMediaResourceLoader::PlatformMediaResourceLoader):
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (webKitWebSrcStop): Also delete the PlatformMediaResourceLoader.
        (webKitWebSrcStart): Create a new resource loader using
        MediaPlayer::createResourceLoader() with a new
        CachedResourceStreamingClient as client.
        (webKitWebSrcNeedDataMainCb): Call setDefersLoading() for the
        resource loader if there's one.
        (webKitWebSrcEnoughDataMainCb): Ditto.
        (webKitSrcPassedCORSAccessCheck): Return didPassAccessControlCheck.
        (StreamingClient::handleResponseReceived): Remove the CORS check
        result parameter since that's now handled by MediaResourceLoader.
        (CachedResourceStreamingClient::CachedResourceStreamingClient):
        (CachedResourceStreamingClient::~CachedResourceStreamingClient):
        (CachedResourceStreamingClient::getOrCreateReadBuffer):
        (CachedResourceStreamingClient::responseReceived): Update didPassAccessControlCheck.
        (CachedResourceStreamingClient::dataReceived):
        (CachedResourceStreamingClient::accessControlCheckFailed): Log the
        error and stop the load.
        (CachedResourceStreamingClient::loadFailed): Log the error if it
        was not a cancellation.
        (CachedResourceStreamingClient::loadFinished):
        (ResourceHandleStreamingClient::didReceiveResponse):
        (CachedResourceStreamingClient::setDefersLoading): Deleted.
        (CachedResourceStreamingClient::notifyFinished): Deleted.

2014-10-22  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Move GtkInputMethodFilter from Platform to WebKit2
        https://bugs.webkit.org/show_bug.cgi?id=137884

        Reviewed by Gustavo Noronha Silva.

        Remove GtkInputMethodFilter.

        * PlatformGTK.cmake:
        * platform/gtk/GtkInputMethodFilter.cpp: Removed.
        * platform/gtk/GtkInputMethodFilter.h: Removed.

2014-10-22  Tibor Meszaros  <tmeszaros.u-szeged@partner.samsung.com>

        Match spec for font-weight: bolder|lighter
        https://bugs.webkit.org/show_bug.cgi?id=137919

        Reviewed by Andreas Kling.

        This patch is a merge of Blink's
        https://chromiumcodereview.appspot.com/15994009
        
        Currently, bolder and lighter change font-weight in a non-compliant way.
        The spec (http://www.w3.org/TR/css3-fonts/#bolderlighter) defines
        exactly what the computed values should be given the inherited weight values,
        so we should match those.
        
        The removed FIXME's for selecting the next lightest/heaviest weight from
        the used font family seems to refer to behaviour from
        CSS1 (http://www.w3.org/TR/CSS1/#font-weight), while this is replaced
        with a simpler procedure for resolving bolder and lighter in font weights
        in CSS2 (http://www.w3.org/TR/CSS2/fonts.html#propdef-font-weight) and CSS3 (link above).
        
        and https://codereview.chromium.org/137813004
        
        According to http://dev.w3.org/csswg/css-fonts/#font-weight-prop, the computed
        weight of 'lighter' and 'bolder' are based on the inherited 'font-weight', so set
        that inherited weight before calculating 'lighter' and 'bolder'.

        Tests: css3/font-weight-multiple-selectors.html
               css3/font-weight.html

        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::ApplyPropertyFontWeight::applyValue):
        * platform/graphics/FontDescription.cpp:
        (WebCore::FontDescription::lighterWeight):
        (WebCore::FontDescription::bolderWeight):

2014-10-22  Rohit Kumar  <kumar.rohit@samsung.com>

        [GTK]: Fix unused parameter build warnings in WebCore/platform module
        https://bugs.webkit.org/show_bug.cgi?id=137921

        Reviewed by Carlos Garcia Campos.

        * platform/ScrollAnimatorNone.cpp:
        (WebCore::ScrollAnimatorNone::PerAxisData::PerAxisData):
        (WebCore::ScrollAnimatorNone::animationTimerFired):

2014-10-22  Dhi Aurrahman  <diorahman@rockybars.com>

        Add relList to the anchor, area and link elements
        https://bugs.webkit.org/show_bug.cgi?id=137860

        Reviewed by Darin Adler and Chris Dumez.

        Add relList to reflect the rel content attribute for anchor[1],
        area[2] and link[3] elements.

        [1] https://html.spec.whatwg.org/multipage/semantics.html#dom-a-rellist 
        [2] https://html.spec.whatwg.org/multipage/embedded-content.html#dom-area-rellist
        [3] https://html.spec.whatwg.org/multipage/semantics.html#dom-link-rellist

        Tests: fast/dom/rel-list-gc.html
               fast/dom/rel-list.html
               perf/rel-list-remove.html

        * CMakeLists.txt:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/SpaceSplitString.cpp:
        (WebCore::SpaceSplitString::set):
        * html/HTMLAnchorElement.cpp:
        (WebCore::HTMLAnchorElement::parseAttribute):
        (WebCore::HTMLAnchorElement::relList):
        (WebCore::HTMLAnchorElement::setRel): Deleted.
        * html/HTMLAnchorElement.h:
        * html/HTMLAnchorElement.idl:
        * html/HTMLAreaElement.idl:
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::parseAttribute):
        (WebCore::HTMLLinkElement::relList):
        * html/HTMLLinkElement.h:
        * html/HTMLLinkElement.idl:
        * html/RelList.cpp: Added.
        (WebCore::RelList::RelList):
        (WebCore::RelList::ref):
        (WebCore::RelList::deref):
        (WebCore::RelList::length):
        (WebCore::RelList::item):
        (WebCore::RelList::element):
        (WebCore::RelList::updateRelAttribute):
        (WebCore::RelList::containsInternal):
        (WebCore::RelList::value):
        (WebCore::RelList::setValue):
        * html/RelList.h: Added.

2014-10-21  Andy Estes  <aestes@apple.com>

        One more iOS build fix after r175013.

        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::FontCache::createFontPlatformData):

2014-10-21  Benjamin Poulain  <bpoulain@apple.com>

        CSS Rule features are ignored for nested CSS Selector lists
        https://bugs.webkit.org/show_bug.cgi?id=137908

        Reviewed by Andreas Kling.

        When Rule feature sets were collected, any selector list nested inside an other
        selector list was ignored when collecting properties of the CSS Selector.

        As a result, style was not invalidated properly when any property listed in
        the nested selectors.

        This patch fixes the issue by make RuleFeatureSet::collectFeaturesFromSelector()
        recursive, evaluating every chain of every selector lists.

        Tests: fast/css/class-style-invalidation-optimization.html
               fast/css/direct-adjacent-style-sharing-1.html
               fast/css/direct-adjacent-style-sharing-2.html
               fast/css/direct-adjacent-style-sharing-3.html
               fast/css/id-style-invalidation-optimization.html
               fast/selectors/class-style-update-with-not.html
               fast/selectors/class-style-update-with-nth-child-of.html
               fast/selectors/class-style-update.html

        * css/RuleFeature.cpp:
        (WebCore::recursivelyCollectFeaturesFromSelector):
        (WebCore::RuleFeatureSet::collectFeaturesFromSelector):
        * css/RuleFeature.h:
        * css/RuleSet.cpp:
        (WebCore::collectFeaturesFromRuleData):

2014-10-21  Tim Horton  <timothy_horton@apple.com>

        Try to fix the iOS build after r175013.

        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::FontCache::createFontPlatformData):

2014-10-21  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Use std::unique_ptr | std::make_unique in FontCacheFoo
        https://bugs.webkit.org/show_bug.cgi?id=137905

        Reviewed by Darin Adler.

        Clean up PassOwnPtr|OwnPtr using std::unique_ptr|std::make_unique.

        No new tests, no behavior changes.

        * platform/graphics/FontCache.cpp:
        (WebCore::FontCache::getCachedFontPlatformData):
        * platform/graphics/FontCache.h:
        * platform/graphics/freetype/FontCacheFreeType.cpp:
        (WebCore::FontCache::createFontPlatformData):
        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::FontCache::createFontPlatformData):
        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::FontCache::createFontPlatformData):
        * platform/graphics/win/FontCacheWin.cpp:
        (WebCore::FontCache::createFontPlatformData):

2014-10-21  Ada Chan  <adachan@apple.com>

        Calling WebCore::Page::setMediaVolume(0) does not mute videos as expected.
        https://bugs.webkit.org/show_bug.cgi?id=137305

        Reviewed by Darin Adler.

        This was broken in http://trac.webkit.org/changeset/154970. To fix this (but not break
        GStreamer), remove the "if (m_volumeInitialized)" check before updating the MediaPlayer's
        volume to the value multiplied with the Page's mediaVolume. This should not affect GStreamer's
        behavior because MediaPlayerPrivateGStreamerBase::setStreamVolumeElement does nothing unless
        m_volumeInitialized is true.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::updateVolume):

2014-10-21  Jer Noble  <jer.noble@apple.com>

        [EME][Mac] Update to match new AVStreamSession API and requirements.
        https://bugs.webkit.org/show_bug.cgi?id=137923

        Reviewed by Eric Carlson.

        The session identifier has moved from AVStreamDataParser to -[AVStreamSession contentProtectionSessionIdentifier]
        and the property is no longer KVObservable. A new notification key has been added in place of KVO.

        Additionally, the requirements for using AVStreamDataParser with AVStreamSession have changed. It is now
        required that AVStreamDataParsers be added to an AVStreamSession before the 
        -streamSession:didProvideContentKeyRequestInitializationData:forTrackID delegate method is called. A
        -streamParserWillProvideContentKeyRequestInitializationData:forTrackID delegate has been added, and
        an AVStreamSession must be created and the AVStreamDataParser added to it during the scope of that delegate
        method.

        To facilitate this, the MediaPlayerPrivateMediaSourceAVFObjC object will lazily create and own a AVStreamSession
        object when requested. The SourceBufferPrivateAVFObjC object will listen for the -willProvide delegate call
        and will add its AVStreamDataParser to that AVStreamSession when called.

        The CDMSessionMediaSourceAVFObjC object is no longer responsible for creating the AVStreamSession, and because
        the session identifier has moved from many AVStreamDataParsers to a single AVStreamSession, the
        CDMSessionMediaSourceAVFObjCObserver class can become much simpler, as it only has to observe a single object.

        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
        (-[CDMSessionMediaSourceAVFObjCObserver dealloc]): Deleted.
        (-[CDMSessionMediaSourceAVFObjCObserver beginObserving:]): Deleted.
        (-[CDMSessionMediaSourceAVFObjCObserver stopObserving:]): Deleted.
        (-[CDMSessionMediaSourceAVFObjCObserver invalidate]): Deleted.
        (-[CDMSessionMediaSourceAVFObjCObserver observeValueForKeyPath:ofObject:change:context:]): Deleted.
        (-[CDMSessionMediaSourceAVFObjCObserver contentProtectionSessionIdentifierChanged:]): Added.
        (WebCore::CDMSessionMediaSourceAVFObjC::~CDMSessionMediaSourceAVFObjC): Call setStreamSession(nullptr).
        (WebCore::CDMSessionMediaSourceAVFObjC::releaseKeys): The sessionId is now a value in the dictionary, not the key.
        (WebCore::CDMSessionMediaSourceAVFObjC::update): No longer create an AVStreamSession.
        (WebCore::CDMSessionMediaSourceAVFObjC::setStreamSession): Add and remove observers as appropriate.
        (WebCore::CDMSessionMediaSourceAVFObjC::addSourceBuffer): No longer add or remove parsers from AVStreamSessions.
        (WebCore::CDMSessionMediaSourceAVFObjC::removeSourceBuffer): Ditto.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::hasStreamSession): Simple getter.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::streamSession): Lazy initializing getter.
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setCDMSession): Call setStreamSession().
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (-[WebAVStreamDataParserListener streamParserWillProvideContentKeyRequestInitializationData:forTrackID:]): Synchronously pass to SourceBufferPrivateAVFObjC.
        (WebCore::SourceBufferPrivateAVFObjC::willProvideContentKeyRequestInitializationDataForTrackID): Add the parser to an AVStreamSession.
        (WebCore::SourceBufferPrivateAVFObjC::didProvideContentKeyRequestInitializationDataForTrackID): Check the trackId.
        * platform/mac/SoftLinking.h:

2014-10-21  Jaehun Lim  <ljaehun.lim@samsung.com>

        'true' isn't a valid value for justify-self
        https://bugs.webkit.org/show_bug.cgi?id=137913

        Reviewed by Andreas Kling.

        Merged from Blink (patch by dstockwell):
        <https://src.chromium.org/viewvc/blink?view=rev&revision=174638>

        CSS Box Alignment Module Level 3:
        http://dev.w3.org/csswg/css-align/#justify-self-property

        No new tests, modify existing test case.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseJustifySelf):

2014-10-21  Michael Saboff  <msaboff@apple.com>

        Add operator==(PropertyName, const char*)
        https://bugs.webkit.org/show_bug.cgi?id=137925

        Reviewed by Mark Lam.

        Use new == operator to compare a PropertyName with a string literal.

        * bindings/js/JSHTMLDocumentCustom.cpp:
        (WebCore::JSHTMLDocument::getOwnPropertySlot):

2014-10-21  Chris Dumez  <cdumez@apple.com>

        Unreviewed iOS build fix after r174921.

        Export new symbol after function rename.

        * WebCore.exp.in:
        * WebCore.order:

2014-10-21  Chris Dumez  <cdumez@apple.com>

        Unreviewed iOS build fix after r174921.

        Remove symbol from export files that no longer exists.

        * WebCore.exp.in:
        * WebCore.order:

2014-10-21  peavo@outlook.com  <peavo@outlook.com>

        [Curl] Optimization; avoid string reallocation.
        https://bugs.webkit.org/show_bug.cgi?id=137920

        Reviewed by Brent Fulgham.

        Profiling reveals that the cookiesForDOM function is spending time on removing a character from a string.

        * platform/network/curl/CookieJarCurl.cpp:
        (WebCore::domainMatch):
        (WebCore::addMatchingCurlCookie):

2014-10-21  Joanmarie Diggs  <jdiggs@igalia.com>

        AX: [ATK] CSS-generated text content not exposed to assistive technologies
        https://bugs.webkit.org/show_bug.cgi?id=137669

        Reviewed by Chris Fleizach.

        Do not use a text iterator to get the text for elements which include
        pseudo elements.

        Test: accessibility/css-content-attribute.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::textUnderElement):

2014-10-21  Chris Dumez  <cdumez@apple.com>

        REGRESSION(r174676): It broke the !ENABLE(VIDEO) build
        https://bugs.webkit.org/show_bug.cgi?id=137916

        Reviewed by Csaba Osztrogonác.

        Fix the !ENABLE(VIDEO) build by adding an #if ENABLE(VIDEO) where
        needed.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::isDirectlyCompositedImage):

2014-10-21  Zalan Bujtas  <zalan@apple.com>

        REGRESSION: Google Search (mobile) video thumbnails are too large.
        https://bugs.webkit.org/show_bug.cgi?id=137895

        Reviewed by Simon Fraser.

        This patch fixes layer clipping when an ancestor layer has border-radius clipping.

        In cases, where the current layer has non-radius cliprect, while an ancestor layer
        has border-radius clipping, we only use the border-radius rect to clip.

        Test: fast/clip/overflow-hidden-with-border-radius-overflow-clipping-parent.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::clipToRect):
        (WebCore::RenderLayer::restoreClip):
        (WebCore::RenderLayer::collectFragments):
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLayer.h:
        (WebCore::ClipRect::ClipRect):
        (WebCore::ClipRect::effectedByRadius):
        (WebCore::ClipRect::setEffectedByRadius):
        (WebCore::ClipRect::operator==):
        (WebCore::ClipRect::operator!=):
        (WebCore::ClipRect::intersect):
        (WebCore::ClipRect::hasRadius): Deleted.
        (WebCore::ClipRect::setHasRadius): Deleted.

2014-10-20  Michael Saboff  <msaboff@apple.com>

        Don't create cached functions for HTMLDocument.write*()
        https://bugs.webkit.org/show_bug.cgi?id=137906

        Reviewed by Darin Adler.

        Made it so that JSHTMLDocument::write() and ::writeln() are always created for every prototype.
        This is similar to the change in r174847.

        This change is alread covered by the tests:
        LayoutTests/http/tests/security/aboutBlank/security-context-grandchildren-write-lexical.html
        LayoutTests/http/tests/security/aboutBlank/security-context-grandchildren-writeln-lexical.html
        LayoutTests/http/tests/security/aboutBlank/security-context-write.html
        LayoutTests/http/tests/security/aboutBlank/security-context-writeln.html
        LayoutTests/http/tests/xmlhttprequest/request-from-popup.html
        LayoutTests/http/tests/navigation/new-window-redirect-history.html
        LayoutTests/http/tests/misc/window-open-then-write.html

        * bindings/js/JSHTMLDocumentCustom.cpp:
        (WebCore::JSHTMLDocument::getOwnPropertySlot):
        * html/HTMLDocument.idl:

2014-10-21  Chris Dumez  <cdumez@apple.com>

        REGRESSION(r174676): It broke the !ENABLE(VIDEO) build
        https://bugs.webkit.org/show_bug.cgi?id=137916

        Unreviewed build fix. Add missing header include.

        * rendering/RenderLayerBacking.cpp:

2014-10-21  Jer Noble  <jer.noble@apple.com>

        REGRESSION (r170808): Volume slider in built-in media controls only changes volume when thumb is released, not while dragging
        https://bugs.webkit.org/show_bug.cgi?id=137805

        Reviewed by Dan Bernstein.

        Test: media/video-volume-slider-drag.html

        Respond to the 'input' event rather than the 'change' event for the volume slider, so that
        volume changes are continuous during drag operations.

        Also listen for both 'input' and 'change' events for the timeline slider, doing fastSeek()
        during 'input' and setting an explicit currentTime during 'change'. This is the same behavior
        as current, but using 'change' instead of 'mouseup' to do the final currentTime change.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.createControls):
        (Controller.prototype.handleTimelineInput):
        (Controller.prototype.handleTimelineChange):
        (Controller.prototype.handleTimelineMouseUp):
        (Controller.prototype.handleVolumeSliderInput):
        (Controller.prototype.handlePlayButtonClicked): Deleted.
        (Controller.prototype.handleMaxButtonClicked): Deleted.

2014-10-21  Manuel Rego Casasnovas  <rego@igalia.com>

        ASSERTION FAILED: !gridWasPopulated() in WebCore::RenderGrid::placeItemsOnGrid
        https://bugs.webkit.org/show_bug.cgi?id=136939

        Reviewed by Darin Adler.

        In some particular situations computeIntrinsicLogicalWidths() is called
        in the middle of layoutGridItems(). In these cases we do not need to
        populate the grid again, so we should avoid calling placeItemsOnGrid().
        In addition, we do not need to clean the grid either, as that will be
        done later by layoutGridItems().

        Test: fast/css-grid-layout/grid-was-populated-assert.html

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::computeIntrinsicLogicalWidths): Avoid calls to
        placeItemsOnGrid() and clearGrid() if the grid was already populated.
        * rendering/RenderGrid.h: Move gridWasPopulated() header out of the
        debug ifdefs.

2014-10-21  Zan Dobersek  <zdobersek@igalia.com>

        [Cairo] Make dashPattern, dotPattern in GraphicsContext::setPlatformStrokeStyle() const
        https://bugs.webkit.org/show_bug.cgi?id=137912

        Reviewed by Carlos Garcia Campos.

        * platform/graphics/cairo/GraphicsContextCairo.cpp:
        (WebCore::GraphicsContext::setPlatformStrokeStyle): Make the two static variables
        constants since their value doesn't change after initialization.

2014-10-21  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Several labels are white instead of black
        https://bugs.webkit.org/show_bug.cgi?id=137803

        Reviewed by Martin Robinson.

        Recent GTK+ versions require to explicitly set the state before
        getting a color.

        * rendering/RenderThemeGtk.cpp:
        (WebCore::styleColor): Helper function to get a color from a
        GtkStylecontext that explicitly sets the state before getting the color.
        (WebCore::RenderThemeGtk::platformActiveSelectionBackgroundColor): Use styleColor().
        (WebCore::RenderThemeGtk::platformInactiveSelectionBackgroundColor): Ditto.
        (WebCore::RenderThemeGtk::platformActiveSelectionForegroundColor): Ditto.
        (WebCore::RenderThemeGtk::platformInactiveSelectionForegroundColor): Ditto.
        (WebCore::RenderThemeGtk::platformActiveListBoxSelectionBackgroundColor): Ditto.
        (WebCore::RenderThemeGtk::platformInactiveListBoxSelectionBackgroundColor): Ditto.
        (WebCore::RenderThemeGtk::platformActiveListBoxSelectionForegroundColor): Ditto.
        (WebCore::RenderThemeGtk::platformInactiveListBoxSelectionForegroundColor): Ditto.
        (WebCore::RenderThemeGtk::systemColor): Ditto.

2014-10-20  YongGeol Jung  <yg48.jung@samsung.com>

        [Coordinated Graphics] '-webkit-mask-image: -webkit-gradient' doesn't work for AC layer.
        https://bugs.webkit.org/show_bug.cgi?id=125326

        Reviewed by Gyuyoung Kim.

        Mask layer hasn't requested to synchronize with AC layer in CoordinatedGraphics so far.
        That's why the mask layer isn't shown under CoordinatedGraphics.
        Thus this patch lets the mask layer synchronize with the AC layer whenever AC layer is updated.

        Below layout test case is related to this issue when --pixel test is enabled.
        Unfortunately EFL WebKitTestRunner doesn't support AC mode yet.
        When EFL test framework supports AC mode, the test will be passed.

        Test: compositing/masks/mask-of-clipped-layer.html

        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::syncPendingStateChangesIncludingSubLayers):

2014-10-17  Jeffrey Pfau  <jpfau@apple.com>

        Ensure attached frame count doesn't exceed the maximum allowed frames
        https://bugs.webkit.org/show_bug.cgi?id=136457

        Reviewed by Alexey Proskuryakov.

        Test: fast/frames/exponential-frames.html

        * html/HTMLFrameElementBase.cpp:
        (WebCore::HTMLFrameElementBase::isURLAllowed):

2014-10-20  Chris Dumez  <cdumez@apple.com>

        ResourceRequest deserialization unnecessarily calls partitionName() on encoded cache partition
        https://bugs.webkit.org/show_bug.cgi?id=137797

        Reviewed by Darin Adler.

        ResourceRequest deserialization was unnecessarily calling partitionName()
        on the decoded cache partition. In the deserialization case, we already
        know the cache partition is a valid partition name so we can bypass the
        call to partitionName() (which is fairly expensive) for performance.

        This patch adds a setDomainForCachePartion() method to ResourceRequest
        that calls partitionName() on the domain argument, and moves all the
        callers of setCachedPartition() to this new setter, except
        ArgumentCoder<ResourceRequest>::decode().

        This patch updates the setCachedPartition() to merely set the
        m_cachePartition member, without calling partitionName() on the
        argument. There is also a new assertion in place to make sure the
        argument is a valid partition name.

        No new tests, no behavior change.

        * html/DOMURL.cpp:
        (WebCore::DOMURL::revokeObjectURL):
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::cachedResource):
        * inspector/InspectorResourceAgent.cpp:
        (WebCore::InspectorResourceAgent::replayXHR):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadURL):
        * loader/archive/cf/LegacyWebArchive.cpp:
        (WebCore::LegacyWebArchive::create):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestUserCSSStyleSheet):
        (WebCore::CachedResourceLoader::requestResource):
        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::addImageToCache):
        (WebCore::MemoryCache::removeImageFromCache):
        * loader/cache/MemoryCache.h:
        * page/SecurityOrigin.cpp:
        (WebCore::SecurityOrigin::domainForCachePartition):
        (WebCore::SecurityOrigin::cachePartition): Deleted.
        Rename cachePartition() getter to domainForCachePartition() to make it
        clear it returns a domain and not a partition name. As such, the caller
        should then use ResourceRequest::setDomainForCachePartition(), not
        setCachePartition().

        * page/SecurityOrigin.h:
        * platform/network/cf/ResourceRequest.h:
        (WebCore::ResourceRequest::setCachePartition):
        (WebCore::ResourceRequest::setDomainForCachePartition):

2014-10-20  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        Tighten XMLHttpRequest setRequestHeader value check
        https://bugs.webkit.org/show_bug.cgi?id=128593

        Reviewed by Darin Adler.

        Test: http/tests/xmlhttprequest/set-bad-headervalue.html

        * platform/network/HTTPParsers.cpp:
        (WebCore::isValidHTTPHeaderValue): Updated header values check according RFC 7230.
        (WebCore::isValidHTTPToken): Renamed variable name and updated RFC related comment.

2014-10-20  Michael Saboff  <msaboff@apple.com>

        Make post checkin suggested changes to r174847
        https://bugs.webkit.org/show_bug.cgi?id=137885

        Reviewed by Mark Lam.

        Eliminated the creation of a temporary Identifier when comparing propertyName to "open".
        Made the suggested post checkin change to put the declaration of "entry" into the if.

        * bindings/js/JSHTMLDocumentCustom.cpp:
        (WebCore::JSHTMLDocument::getOwnPropertySlot):

2014-10-20  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for SpinButtonElement
        https://bugs.webkit.org/show_bug.cgi?id=137896

        Reviewed by Gyuyoung Kim.

        Use is<>() / downcast<>() for SpinButtonElement instead of
        isSpinButtonElement() / static_cast for consistency with the rest of
        the code and for safety.

        No new tests, no behavior change.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::addTextFieldChildren):
        * html/shadow/SpinButtonElement.h:
        (isType):
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::isSpinUpButtonPartPressed):
        (WebCore::RenderTheme::isHovered):
        (WebCore::RenderTheme::isSpinUpButtonPartHovered):

2014-10-20  Roger Fong  <roger_fong@apple.com>

        Use glFlush instead of glFinish when drawing WebGL output to screen.
        https://bugs.webkit.org/show_bug.cgi?id=137897.
        <rdar://problem/15846550>

        Reviewed by Brent Fulgham.

        Passes all conformance tests.
        Performance tested by http://threejs.org/examples/#webgl_performance and Unity WebGL performance tests.

        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::prepareTexture):
        Use glFlush instead of glFinish. glFinish is a blocking operation pushed out queued up WebGL operations and then waits until 
        every operation has completed before returning and every pixel has been updated. This causes severe performance problems,
        about a 10 fps difference on http://threejs.org/examples/#webgl_performance. glFlush, like glFinish,
        forces all queued WebGL operations to take place, but returns immediately. Switching to glFlush does not seem
        make our rendering quality any worse for the handful of sites I've tested and makes our performance on WebGL much better.
        However, we should continue to be on the watch for any potential rendering issues after this lands.

2014-10-20  Benjamin Poulain  <bpoulain@apple.com>

        Generalize the compilation of :not() to support arbitrary selector lists
        https://bugs.webkit.org/show_bug.cgi?id=137843

        Reviewed by Andreas Kling.

        This builds :not() on top of the code created for :nth-child(An+B of selectorList)
        to support any selector list.

        The tests for the JIT were added previously:
        -not-boundaries.html
        -not-backtracking.html

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addPseudoClassType):
        Any :not() of a selector is handled through a simple selector list. Cases like
        :not(foo, bar) simply generate not([fragmentFoo, bragmentBar]).

        Old cases like :not(foo):not(bar) simply add those cases to the selector list,
        generating not([fragmentFoo, bragmentBar]).

        (WebCore::SelectorCompiler::minimumRegisterRequirements):
        Register pressure is now tracked through computeBacktrackingMemoryRequirements.

        (WebCore::SelectorCompiler::hasAnyCombinators):
        (WebCore::SelectorCompiler::computeBacktrackingMemoryRequirements):
        (WebCore::SelectorCompiler::computeBacktrackingInformation):
        Abstract the code creating Selector Lists from :nth-child(of). Use that for :not()
        and  :nth-child(of).

        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatchesNotPseudoClass):

2014-10-20  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Use std::unique_ptr<>|make_unique<> in PluginView::scheduleRequest()
        https://bugs.webkit.org/show_bug.cgi?id=137874

        Reviewed by Andreas Kling.

        No new tests, no behavior change.

        * plugins/PluginView.cpp:
        (WebCore::PluginView::requestTimerFired):
        (WebCore::PluginView::scheduleRequest): Replace PassOwnPtr with std::unique_ptr.
        (WebCore::PluginView::load): Create PluginRequest using std::make_unique.
        * plugins/PluginView.h:

2014-10-20  Beth Dakin  <bdakin@apple.com>

        Speculative build fix.

        * platform/spi/mac/NSViewSPI.h:

2014-10-20  Beth Dakin  <bdakin@apple.com>

        Add support for action menus
        https://bugs.webkit.org/show_bug.cgi?id=137891
        rdar://problem/18451638
        rdar://problem/18694470

        Reviewed by Anders Carlsson.

        New SPI that is needed for this.
        * WebCore.exp.in:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/spi/mac: Added.
        * platform/spi/mac/NSViewSPI.h: Added.

2014-10-20  Dean Jackson  <dino@apple.com>

        [Mac] Support "inverted-colors" and "monochrome" media feature.
        https://bugs.webkit.org/show_bug.cgi?id=137535
        <rdar://problem/18586398>

        Rolling out the Windows part of this to fix the build.

        * platform/win/PlatformScreenWin.cpp:
        (WebCore::screenHasInvertedColors): Revert to a stub function.

2014-10-20  Chris Dumez  <cdumez@apple.com>

        Unreviewed EFL / GTK build fix after r174898.

        Add missing header include.

        * accessibility/AccessibilityARIAGrid.cpp:

2014-10-20  Dean Jackson  <dino@apple.com>

        [Mac] Support "inverted-colors" and "monochrome" media feature.
        https://bugs.webkit.org/show_bug.cgi?id=137535
        <rdar://problem/18586398>

        Reviewed by Brent Fulgham.

        Add a new media query from CSS Level 4, "inverted-colors", and
        implement the Apple backends for the "monochrome" media query.

        The platform code went into PlatformScreenMac, which already
        had a screenIsMonochrome method. This now calls into Core
        Graphics via SPI. I added a screenHasInvertedColors
        method which tests for inversion. On iOS, there is public API
        for both queries. On Windows, we try to use CoreGraphics.

        At the moment neither of these media queries re-evaluate
        automatically if the user changes their mode. The page will
        need to be reloaded. It is possible to detect a change on iOS,
        but not OS X.
        https://bugs.webkit.org/show_bug.cgi?id=137868

        I decided to not add an ENABLE flag for this, mostly because it
        is such an isolated feature and seems very unlikely to be
        controversial. I don't expect the syntax to change. (I'm sure
        this comment will come back to haunt me.)

        Testing this automatically is slightly tricky. We'd need
        to expose SPI to invert the user's screen, but then we get
        inverted images from our testing which could interfere with concurrent
        operations. Instead I've included some tests that exercise
        the "false" parts of the media query, with explanations as
        to why they would fail if the display is inverted.

        Tests: fast/media/mq-inverted-colors.html
               fast/media/mq-monochrome.html

        * css/CSSValueKeywords.in: Add the "inverted" keyword for "inverted-colors".
        * css/MediaFeatureNames.h: Add the "inverted-colors" feature name.
        * css/MediaQueryEvaluator.cpp:
        (WebCore::inverted_colorsMediaFeatureEval): Implementation of the new media query.
        * css/MediaQueryExp.cpp:
        (WebCore::featureWithCSSValueID): The new query takes an id...
        (WebCore::featureWithoutValue): ... or no value.
        * platform/PlatformScreen.h: Add "screenHasInvertedColors".
        * platform/efl/PlatformScreenEfl.cpp:
        (WebCore::screenHasInvertedColors): Stub implementation.
        * platform/gtk/PlatformScreenGtk.cpp:
        (WebCore::screenHasInvertedColors): Ditto.
        * platform/ios/PlatformScreenIOS.mm:
        (WebCore::screenHasInvertedColors): Call into the platform accessibility API.
        (WebCore::screenIsMonochrome): Ditto.
        * platform/mac/PlatformScreenMac.mm:
        (WebCore::screenIsMonochrome): Call into the CoreGraphics SPI.
        (WebCore::screenHasInvertedColors): Call into the CoreGraphics SPI.
        * platform/win/PlatformScreenWin.cpp:
        (WebCore::screenHasInvertedColors): Call into CoreGraphics if we're using it.

2014-10-20  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for Accessibility objects
        https://bugs.webkit.org/show_bug.cgi?id=137286

        Reviewed by Darin Adler.

        Use is<>() / downcast<>() for Accessibility objects and clean up the
        surrounding code.

        No new tests, no behavior change.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::focusedImageMapUIElement):
        (WebCore::AXObjectCache::notificationPostTimerFired):
        * accessibility/AccessibilityARIAGrid.cpp:
        (WebCore::AccessibilityARIAGrid::addTableCellChild):
        (WebCore::AccessibilityARIAGrid::addChildren):
        * accessibility/AccessibilityARIAGridCell.cpp:
        (WebCore::AccessibilityARIAGridCell::parentTable):
        (WebCore::AccessibilityARIAGridCell::rowIndexRange):
        * accessibility/AccessibilityARIAGridRow.cpp:
        (WebCore::AccessibilityARIAGridRow::disclosedRows):
        (WebCore::AccessibilityARIAGridRow::disclosedByRow):
        (WebCore::AccessibilityARIAGridRow::parentTable):
        * accessibility/AccessibilityARIAGridRow.h:
        * accessibility/AccessibilityImageMapLink.cpp:
        (WebCore::AccessibilityImageMapLink::imageMapLinkRenderer):
        * accessibility/AccessibilityImageMapLink.h:
        * accessibility/AccessibilityList.h:
        * accessibility/AccessibilityListBox.cpp:
        (WebCore::AccessibilityListBox::setSelectedChildren):
        (WebCore::AccessibilityListBox::selectedChildren):
        (WebCore::AccessibilityListBox::listBoxOptionAccessibilityObject):
        * accessibility/AccessibilityListBox.h:
        * accessibility/AccessibilityListBoxOption.h:
        * accessibility/AccessibilityMenuList.cpp:
        (WebCore::AccessibilityMenuList::addChildren):
        (WebCore::AccessibilityMenuList::didUpdateActiveOption):
        * accessibility/AccessibilityMenuList.h:
        * accessibility/AccessibilityMenuListOption.h:
        * accessibility/AccessibilityMenuListPopup.cpp:
        (WebCore::AccessibilityMenuListPopup::menuListOptionAccessibilityObject):
        * accessibility/AccessibilityMenuListPopup.h:
        * accessibility/AccessibilityMockObject.h:
        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::textUnderElement):
        * accessibility/AccessibilityNodeObject.h:
        * accessibility/AccessibilityObject.cpp:
        (WebCore::appendChildrenToArray):
        (WebCore::AccessibilityObject::scrollViewAncestor):
        * accessibility/AccessibilityObject.h:
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::getDocumentLinks):
        (WebCore::AccessibilityRenderObject::handleActiveDescendantChanged):
        (WebCore::AccessibilityRenderObject::inheritsPresentationalRole):
        (WebCore::AccessibilityRenderObject::addImageMapChildren):
        (WebCore::AccessibilityRenderObject::addTextFieldChildren):
        (WebCore::AccessibilityRenderObject::remoteSVGRootElement):
        (WebCore::AccessibilityRenderObject::ariaSelectedRows):
        * accessibility/AccessibilityRenderObject.h:
        * accessibility/AccessibilitySVGRoot.h:
        * accessibility/AccessibilityScrollView.cpp:
        (WebCore::AccessibilityScrollView::addChildScrollbar):
        * accessibility/AccessibilityScrollView.h:
        * accessibility/AccessibilityScrollbar.h:
        * accessibility/AccessibilitySlider.cpp:
        (WebCore::AccessibilitySlider::addChildren):
        * accessibility/AccessibilitySlider.h:
        * accessibility/AccessibilitySpinButton.cpp:
        (WebCore::AccessibilitySpinButton::addChildren):
        (WebCore::AccessibilitySpinButtonPart::press):
        * accessibility/AccessibilitySpinButton.h:
        * accessibility/AccessibilityTable.cpp:
        (WebCore::AccessibilityTable::addChildren):
        (WebCore::AccessibilityTable::addChildrenFromSection):
        (WebCore::AccessibilityTable::headerContainer):
        (WebCore::AccessibilityTable::columnHeaders):
        (WebCore::AccessibilityTable::rowHeaders):
        (WebCore::AccessibilityTable::cellForColumnAndRow):
        * accessibility/AccessibilityTable.h:
        Make isAccessibilityTable() public and mark as final so that callers
        can benefit from tighter typing, as isAccessibilityTable() is
        stricter than isTable(). isTable() indicates that the object is an
        AccessibilityTable and is equivalent to is<AccessibilityTable>(object).
        isAccessibilityTable() is equivalent to "isTable() && renderer()".

        * accessibility/AccessibilityTableCell.cpp:
        (WebCore::AccessibilityTableCell::parentTable):
        * accessibility/AccessibilityTableCell.h:
        * accessibility/AccessibilityTableColumn.cpp:
        (WebCore::AccessibilityTableColumn::headerObject):
        (WebCore::AccessibilityTableColumn::addChildren):
        * accessibility/AccessibilityTableColumn.h:
        * accessibility/AccessibilityTableHeaderContainer.cpp:
        (WebCore::AccessibilityTableHeaderContainer::addChildren):
        * accessibility/AccessibilityTableRow.cpp:
        (WebCore::AccessibilityTableRow::parentTable):
        (WebCore::AccessibilityTableRow::headerObject):
        * accessibility/AccessibilityTableRow.h:
        * accessibility/atk/WebKitAccessibleInterfaceSelection.cpp:
        (webkitAccessibleSelectionClearSelection):
        (webkitAccessibleSelectionSelectAllSelection):
        * accessibility/atk/WebKitAccessibleInterfaceTable.cpp:
        (core):
        (cell):
        (cellAtIndex):
        (webkitAccessibleTableGetIndexAt):
        (webkitAccessibleTableGetNColumns):
        (webkitAccessibleTableGetNRows):
        (webkitAccessibleTableGetColumnHeader):
        (webkitAccessibleTableGetRowHeader):
        * accessibility/atk/WebKitAccessibleInterfaceTableCell.cpp:
        (webkitAccessibleTableCellGetColumnHeaderCells):
        (webkitAccessibleTableCellGetRowHeaderCells):
        (webkitAccessibleTableCellGetColumnSpan):
        (webkitAccessibleTableCellGetRowSpan):
        (webkitAccessibleTableCellGetPosition):
        * accessibility/ios/AccessibilityObjectIOS.mm:
        (WebCore::AccessibilityObject::accessibilityPasswordFieldLength):
        * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
        (-[WebAccessibilityObjectWrapper convertPointToScreenSpace:]):
        (-[WebAccessibilityObjectWrapper convertRectToScreenSpace:]):
        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (AXAttributeStringSetElement):
        (-[WebAccessibilityObjectWrapper additionalAccessibilityAttributeNames]):
        (-[WebAccessibilityObjectWrapper convertPointToScreenSpace:]):
        (-[WebAccessibilityObjectWrapper subrole]):
        (-[WebAccessibilityObjectWrapper roleDescription]):
        (-[WebAccessibilityObjectWrapper scrollViewParent]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
        (-[WebAccessibilityObjectWrapper accessibilityShowContextMenu]):
        (-[WebAccessibilityObjectWrapper accessibilitySetValue:forAttribute:]):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::buildObjectForAccessibilityProperties):
        * rendering/RenderMenuList.cpp:
        (RenderMenuList::didUpdateActiveOption):

2014-10-20  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Generate all Inspector domains together in JavaScriptCore
        https://bugs.webkit.org/show_bug.cgi?id=137748

        Reviewed by Brian Burg.

        After moving the json files into JavaScriptCore update the includes,
        and names of functions that were previously prefixed.

        * CMakeLists.txt:
        * DerivedSources.make:
        * ForwardingHeaders/inspector/InspectorBackendDispatchers.h: Added.
        * ForwardingHeaders/inspector/InspectorFrontendDispatchers.h: Added.
        * ForwardingHeaders/inspector/InspectorJSBackendDispatchers.h: Removed.
        * ForwardingHeaders/inspector/InspectorJSFrontendDispatchers.h: Removed.
        * ForwardingHeaders/inspector/InspectorJSProtocolTypes.h: Removed.
        * ForwardingHeaders/inspector/InspectorProtocolTypesBase.h: Added.
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.vcxproj/copyForwardingHeaders.cmd:
        * WebCore.xcodeproj/project.pbxproj:
        * inspector/CommandLineAPIHost.cpp:
        * inspector/InspectorApplicationCacheAgent.cpp:
        * inspector/InspectorApplicationCacheAgent.h:
        * inspector/InspectorCSSAgent.cpp:
        * inspector/InspectorCSSAgent.h:
        * inspector/InspectorController.cpp:
        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::buildObjectForAccessibilityProperties):
        * inspector/InspectorDOMAgent.h:
        * inspector/InspectorDOMDebuggerAgent.cpp:
        * inspector/InspectorDOMDebuggerAgent.h:
        * inspector/InspectorDOMStorageAgent.cpp:
        * inspector/InspectorDOMStorageAgent.h:
        * inspector/InspectorDatabaseAgent.cpp:
        * inspector/InspectorDatabaseAgent.h:
        * inspector/InspectorDatabaseResource.cpp:
        * inspector/InspectorDatabaseResource.h:
        * inspector/InspectorFrontendClientLocal.cpp:
        * inspector/InspectorIndexedDBAgent.cpp:
        * inspector/InspectorIndexedDBAgent.h:
        * inspector/InspectorLayerTreeAgent.cpp:
        * inspector/InspectorLayerTreeAgent.h:
        * inspector/InspectorPageAgent.cpp:
        * inspector/InspectorPageAgent.h:
        * inspector/InspectorReplayAgent.cpp:
        * inspector/InspectorReplayAgent.h:
        * inspector/InspectorResourceAgent.cpp:
        * inspector/InspectorResourceAgent.h:
        * inspector/InspectorStyleSheet.cpp:
        * inspector/InspectorStyleSheet.h:
        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::addRecordToTimeline):
        * inspector/InspectorTimelineAgent.h:
        * inspector/InspectorWorkerAgent.cpp:
        * inspector/InspectorWorkerAgent.h:
        * inspector/PageRuntimeAgent.h:
        * inspector/TimelineRecordFactory.cpp:
        * inspector/WorkerInspectorController.cpp:

2014-10-20  Andy Estes  <aestes@apple.com>

        Fix the GTK build.

        * dom/RenderedDocumentMarker.h:

2014-10-19  Antti Koivisto  <antti@apple.com>

        Avoid unnecessary NSURLResponse construction for QuickLook on iOS
        https://bugs.webkit.org/show_bug.cgi?id=137876

        Reviewed by Andy Estes.

        QuickLook specific code path creates NSURLResponse in the web process for every response.
        It is rarely needed so this is unnecessary work.

        * WebCore.exp.in:
        * platform/network/ios/QuickLook.h:
        * platform/network/ios/QuickLook.mm:
        (WebCore::isMainResourceLoader):
        (WebCore::QuickLookHandle::shouldCreateForMIMEType):

            Separate function for testing if QuickLookHandle is needed.

        (WebCore::QuickLookHandle::create):

            Switch the interface to take ResourceResponse.

2014-10-20  Andy Estes  <aestes@apple.com>

        Fix the iOS build.

        * WebCore.xcodeproj/project.pbxproj:
        * dom/RenderedDocumentMarker.h:
        * page/ios/FrameIOS.mm:
        (WebCore::Frame::interpretationsForCurrentRoot):

2014-10-20  Benjamin Poulain  <benjamin@webkit.org>

        Update the <link>'s link status
        https://bugs.webkit.org/show_bug.cgi?id=137861

        Reviewed by Chris Dumez.

        In the latest HTML spec, <link> has the link status
        if it has a 'href' attribute, exactly like <a> and <area>:
            https://html.spec.whatwg.org/multipage/scripting.html#selector-link

        This patch updates WebKit accordingly.

        Tests: fast/css/link-basics.html
               fast/selectors/link-basics-xhtml.xhtml
               fast/selectors/link-basics.html
               fast/selectors/webkit-any-link-basics.html

        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::parseAttribute):

2014-10-20  Chris Dumez  <cdumez@apple.com>

        [Mac] Optimize cookiesForDOM() by filtering and serializing cookies in a single pass
        https://bugs.webkit.org/show_bug.cgi?id=137869

        Reviewed by Darin Adler.

        Optimize cookiesForDOM() by filtering and serializing in 1 pass instead of 2.

        Previously, when accessing document.cookie, we ended up doing the following:
        1. Call wkHTTPCookiesForURL() to get an NSArray of NSHTTPCookies.
        2. Call filterCookies() to filter out cookies that are httpOnly or with an
           empty name, thus allocating a new NSMutableArray.
        3. Call NSHTTPCookie's requestHeaderFieldsWithCookies() to serialize the
           cookies
        4. Construct a WTF::String from the NSString*

        There were several inefficiencies here:
        1. We needed to pre-filter the cookies and allocate a new NSMutableArray
           before calling requestHeaderFieldsWithCookies()
        2. requestHeaderFieldsWithCookies() does more things that we actually need.
           It constructs a Dictionary of header fields, of which we query the
           "Cookie" field, even though we merely want a ';'-separated string
           representation of the cookies in "key=value" form.

        With this patch, we now take care of the string serialization ourselves,
        using a StringBuilder as it is trivial to do. This also allows us to filter
        out the httpOnly/invalid cookies as we do the serialization instead of
        having a first pass to do so.

        When scrolling the http://www.apple.com/iphone/ entire page down, then up,
        se were spending ~13.1% of the NetworkProcess time in cookiesForDOM()
        (~96ms) on my machine. With the patch, we spend ~23% less time in
        cookiesForDOM() (~74ms).

        No new tests, no behavior change.

        * platform/network/mac/CookieJarMac.mm:
        (WebCore::cookiesForSession):
        (WebCore::cookiesForDOM):
        (WebCore::cookieRequestHeaderFieldValue):

2014-10-19  Chris Dumez  <cdumez@apple.com>

        Kill toRenderedDocumentMarker() by using tighter typing
        https://bugs.webkit.org/show_bug.cgi?id=137858

        Reviewed by Darin Adler.

        Kill toRenderedDocumentMarker() by using tighter typing. This method
        was doing no type validation, just a static_cast<>().

        No new tests, no behavior change.

        * dom/DocumentMarkerController.cpp:
        (WebCore::DocumentMarkerController::addTextMatchMarker):
        (WebCore::DocumentMarkerController::markersFor):
        (WebCore::DocumentMarkerController::markersInRange):
        (DocumentMarkerController::hasMarkers):
        * dom/DocumentMarkerController.h:
        * dom/RenderedDocumentMarker.h:
        (WebCore::toRenderedDocumentMarker): Deleted.
        * editing/AlternativeTextController.cpp:
        (WebCore::markersHaveIdenticalDescription):
        (WebCore::AlternativeTextController::respondToChangedSelection):
        (WebCore::AlternativeTextController::recordSpellcheckerResponseForModifiedCorrection):
        (WebCore::AlternativeTextController::processMarkersOnTextToBeReplacedByResult):
        (WebCore::AlternativeTextController::applyDictationAlternative):
        * editing/CompositeEditCommand.cpp:
        (WebCore::copyMarkers):
        (WebCore::CompositeEditCommand::replaceTextInNodePreservingMarkers):
        * editing/DeleteSelectionCommand.cpp:
        (WebCore::DeleteSelectionCommand::originalStringForAutocorrectionAtBeginningOfSelection):
        * editing/Editor.cpp:
        (WebCore::Editor::updateMarkersForWordsAffectedByEditing):
        (WebCore::Editor::selectionStartHasMarkerFor):
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::paintDocumentMarker):
        (WebCore::InlineTextBox::paintTextMatchMarker):
        (WebCore::InlineTextBox::computeRectForReplacementMarker):
        (WebCore::InlineTextBox::paintDocumentMarkers):
        * rendering/InlineTextBox.h:
        * rendering/svg/SVGInlineFlowBox.cpp:
        (WebCore::SVGInlineFlowBox::computeTextMatchMarkerRectForRenderer):
        * testing/Internals.cpp:
        (WebCore::Internals::markerAt):
        (WebCore::Internals::markerRangeForNode):
        (WebCore::Internals::markerDescriptionForNode):
        * testing/Internals.h:

2014-10-19  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for all remaining RenderObject subclasses
        https://bugs.webkit.org/show_bug.cgi?id=137845

        Reviewed by Darin Adler.

        Use is<>() / downcast<>() for all remaining RenderObject subclasses and
        clean up the surrounding code.

        No new tests, no behavior change.

        * accessibility/AccessibilityProgressIndicator.cpp:
        (WebCore::AccessibilityProgressIndicator::progressElement):
        (WebCore::AccessibilityProgressIndicator::meterElement):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::layoutCount):
        (WebCore::AccessibilityRenderObject::widgetForAttachmentView):
        (WebCore::AccessibilityRenderObject::visiblePositionForPoint):
        * dom/Document.cpp:
        (WebCore::widgetForElement):
        * dom/Position.cpp:
        (WebCore::Position::getInlineBoxAndOffset):
        * dom/WebKitNamedFlow.cpp:
        (WebCore::WebKitNamedFlow::overset):
        (WebCore::WebKitNamedFlow::firstEmptyRegionIndex):
        (WebCore::WebKitNamedFlow::getRegionsByContent):
        (WebCore::WebKitNamedFlow::getRegions):
        * editing/FrameSelection.cpp:
        (WebCore::isFrameElement):
        * html/HTMLEmbedElement.cpp:
        (WebCore::findWidgetRenderer):
        * html/HTMLFrameOwnerElement.cpp:
        (WebCore::HTMLFrameOwnerElement::HTMLFrameOwnerElement):
        (WebCore::HTMLFrameOwnerElement::renderWidget):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::parseAttribute):
        * html/HTMLMeterElement.cpp:
        (WebCore::HTMLMeterElement::renderMeter):
        * html/HTMLPlugInElement.cpp:
        (WebCore::HTMLPlugInElement::supportsFocus):
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::renderEmbeddedObject):
        (WebCore::HTMLPlugInImageElement::subframeLoaderWillCreatePlugIn):
        * html/HTMLProgressElement.cpp:
        (WebCore::HTMLProgressElement::renderProgress):
        * html/PluginDocument.cpp:
        (WebCore::PluginDocument::pluginWidget):
        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlTimelineElement::defaultEventHandler):
        (WebCore::MediaControlTextTrackContainerElement::updateSizes):
        (WebCore::MediaControlTextTrackContainerElement::createTextTrackRepresentationImage):
        * inspector/InspectorLayerTreeAgent.cpp:
        (WebCore::InspectorLayerTreeAgent::gatherLayersUsingRenderObjectHierarchy):
        * inspector/InspectorOverlay.cpp:
        (WebCore::buildObjectForElementInfo):
        * loader/SubframeLoader.cpp:
        (WebCore::SubframeLoader::loadSubframe):
        * page/Frame.cpp:
        (WebCore::Frame::ownerRenderer):
        * page/FrameView.cpp:
        (WebCore::FrameView::layout):
        * page/gtk/EventHandlerGtk.cpp:
        (WebCore::EventHandler::passWidgetMouseDownEventToWidget):
        * page/ios/EventHandlerIOS.mm:
        (WebCore::EventHandler::passWidgetMouseDownEventToWidget):
        (WebCore::EventHandler::passSubframeEventToSubframe):
        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::passWidgetMouseDownEventToWidget):
        (WebCore::EventHandler::passSubframeEventToSubframe):
        (WebCore::widgetForEventTarget):
        * platform/efl/RenderThemeEfl.cpp:
        (WebCore::RenderThemeEfl::applyEdjeRTLState):
        * rendering/InlineTextBox.cpp:
        (WebCore::fontToUse):
        (WebCore::InlineTextBox::emphasisMarkExistsAndIsAbove):
        (WebCore::InlineTextBox::paint):
        * rendering/LayoutState.cpp:
        (WebCore::LayoutState::LayoutState):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::collapseAnonymousBoxChild):
        (WebCore::RenderBlock::simplifiedLayout):
        (WebCore::RenderBlock::paintObject):
        (WebCore::RenderBlock::selectionGaps):
        (WebCore::RenderBlock::nodeAtPoint):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::layoutBlock):
        (WebCore::RenderBlockFlow::hitTestFloats):
        (WebCore::RenderBlockFlow::checkForPaginationLogicalHeightChange):
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlockFlow::computeInlineDirectionPositionsForSegment):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::scroll):
        (WebCore::RenderBox::nodeAtPoint):
        (WebCore::RenderBox::repaintLayerRectsForImage):
        (WebCore::RenderBox::mapLocalToContainer):
        (WebCore::RenderBox::containingBlockLogicalWidthForPositioned):
        * rendering/RenderCombineText.h:
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::adjustStyleDifference):
        (WebCore::addLayers):
        (WebCore::RenderElement::removeLayers):
        (WebCore::RenderElement::moveLayers):
        (WebCore::RenderElement::setNeedsPositionedMovementLayout):
        (WebCore::RenderElement::renderNamedFlowThreadWrapper):
        * rendering/RenderEmbeddedObject.h:
        * rendering/RenderFlowThread.cpp:
        (WebCore::RenderFlowThread::validateRegions):
        (WebCore::RenderFlowThread::hasCompositingRegionDescendant):
        (WebCore::RenderFlowThread::regionForCompositedLayer):
        (WebCore::RenderFlowThread::clearRenderBoxRegionInfoAndCustomStyle):
        (WebCore::RenderFlowThread::initializeRegionsComputedAutoHeight):
        (WebCore::RenderFlowThread::updateRegionsFlowThreadPortionRect):
        (WebCore::RenderFlowThread::addForcedRegionBreak):
        (WebCore::RenderFlowThread::addRegionsOverflowFromChild):
        * rendering/RenderFlowThread.h:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::setFilterBackendNeedsRepaintingInRect):
        (WebCore::transparencyClipBox):
        (WebCore::accumulateOffsetTowardsAncestor):
        (WebCore::RenderLayer::collectFragments):
        (WebCore::RenderLayer::hitTest):
        (WebCore::RenderLayer::isFlowThreadCollectingGraphicsLayersUnderRegions):
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateAfterWidgetResize):
        (WebCore::RenderLayerBacking::updateConfiguration):
        (WebCore::isRestartedPlugin):
        (WebCore::isCompositedPlugin):
        (WebCore::RenderLayerBacking::isSimpleContainerCompositingLayer):
        (WebCore::RenderLayerBacking::containsPaintedContent):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateBacking):
        (WebCore::RenderLayerCompositor::computeCompositingRequirements):
        (WebCore::RenderLayerCompositor::rebuildCompositingLayerTree):
        (WebCore::RenderLayerCompositor::requiresCompositingLayer):
        (WebCore::RenderLayerCompositor::reasonsForCompositing):
        (WebCore::RenderLayerCompositor::requiresCompositingForVideo):
        (WebCore::RenderLayerCompositor::requiresCompositingForPlugin):
        (WebCore::RenderLayerCompositor::requiresCompositingForFrame):
        * rendering/RenderLayerModelObject.h:
        * rendering/RenderLineBreak.h:
        * rendering/RenderMeter.h:
        * rendering/RenderMultiColumnFlowThread.cpp:
        (WebCore::RenderMultiColumnFlowThread::firstMultiColumnSet):
        (WebCore::RenderMultiColumnFlowThread::lastMultiColumnSet):
        (WebCore::RenderMultiColumnFlowThread::layout):
        (WebCore::RenderMultiColumnFlowThread::addRegionToThread):
        (WebCore::RenderMultiColumnFlowThread::flowThreadDescendantInserted):
        (WebCore::RenderMultiColumnFlowThread::flowThreadRelativeWillBeRemoved):
        (WebCore::RenderMultiColumnFlowThread::flowThreadDescendantBoxLaidOut):
        (WebCore::RenderMultiColumnFlowThread::setPageBreak):
        (WebCore::RenderMultiColumnFlowThread::updateMinimumPageHeight):
        (WebCore::RenderMultiColumnFlowThread::setRegionRangeForBox):
        (WebCore::RenderMultiColumnFlowThread::addForcedRegionBreak):
        (WebCore::RenderMultiColumnFlowThread::physicalTranslationOffsetFromFlowToRegion):
        * rendering/RenderMultiColumnFlowThread.h:
        * rendering/RenderMultiColumnSet.cpp:
        (WebCore::RenderMultiColumnSet::nextSiblingMultiColumnSet):
        (WebCore::RenderMultiColumnSet::previousSiblingMultiColumnSet):
        * rendering/RenderMultiColumnSet.h:
        * rendering/RenderMultiColumnSpannerPlaceholder.h:
        * rendering/RenderNamedFlowFragment.cpp:
        (WebCore::RenderNamedFlowFragment::checkRegionStyle):
        (WebCore::RenderNamedFlowFragment::namedFlowThread):
        * rendering/RenderNamedFlowFragment.h:
        * rendering/RenderNamedFlowThread.cpp:
        (WebCore::RenderNamedFlowThread::updateWritingMode):
        (WebCore::addFragmentToList):
        (WebCore::RenderNamedFlowThread::addRegionToThread):
        (WebCore::RenderNamedFlowThread::removeRegionFromThread):
        (WebCore::RenderNamedFlowThread::fragmentFromRenderBoxAsRenderBlock):
        (WebCore::RenderNamedFlowThread::fragmentFromAbsolutePointAndBox):
        (WebCore::RenderNamedFlowThread::checkInvalidRegions):
        (WebCore::RenderNamedFlowThread::checkRegionsWithStyling):
        (WebCore::RenderNamedFlowThread::clearRenderObjectCustomStyle):
        * rendering/RenderNamedFlowThread.h:
        * rendering/RenderObject.cpp:
        (WebCore::scheduleRelayoutForSubtree):
        (WebCore::RenderObject::setLayerNeedsFullRepaint):
        (WebCore::RenderObject::setLayerNeedsFullRepaintForPositionedMovementLayout):
        (WebCore::RenderObject::repaintUsingContainer):
        (WebCore::RenderObject::selectionRoot):
        (WebCore::RenderObject::shouldUseTransformFromContainer):
        (WebCore::RenderObject::getTransformFromContainer):
        (WebCore::RenderObject::isRooted):
        (WebCore::RenderObject::willBeDestroyed):
        (WebCore::RenderObject::isComposited):
        (WebCore::RenderObject::currentRenderNamedFlowFragment):
        * rendering/RenderObject.h:
        * rendering/RenderProgress.h:
        * rendering/RenderRuby.cpp:
        (WebCore::lastRubyRun):
        * rendering/RenderRubyBase.cpp:
        (WebCore::RenderRubyBase::rubyRun):
        * rendering/RenderRubyRun.cpp:
        (WebCore::RenderRubyRun::removeChild):
        * rendering/RenderRubyRun.h:
        * rendering/RenderSlider.h:
        * rendering/RenderText.cpp:
        (WebCore::RenderText::widthFromCache):
        * rendering/RenderThemeGtk.cpp:
        (WebCore::RenderThemeGtk::calculateProgressRect):
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::paintProgressBar):
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::paintMeter):
        (WebCore::RenderThemeMac::paintProgressBar):
        * rendering/RenderThemeSafari.cpp:
        (WebCore::RenderThemeSafari::paintMeter):
        * rendering/RenderThemeWin.cpp:
        (WebCore::RenderThemeWin::paintMeter):
        * rendering/RenderTreeAsText.cpp:
        (WebCore::writeRenderRegionList):
        (WebCore::writeLayers):
        * rendering/RenderVideo.h:
        * rendering/RenderView.cpp:
        (WebCore::SelectionIterator::checkForSpanner):
        (WebCore::isComposited):
        * rendering/RenderView.h:
        * rendering/RenderWidget.h:
        * rendering/line/BreakingContextInlineHeaders.h:
        (WebCore::BreakingContext::handleText):
        * rendering/line/LineBreaker.cpp:
        (WebCore::LineBreaker::skipLeadingWhitespace):
        * testing/Internals.cpp:
        (WebCore::Internals::isPluginUnavailabilityIndicatorObscured):

2014-10-19  Chris Dumez  <cdumez@apple.com>

        Use SPECIALIZE_TYPE_TRAITS_*() macro for RenderScrollbar
        https://bugs.webkit.org/show_bug.cgi?id=137854

        Reviewed by Darin Adler.

        Use SPECIALIZE_TYPE_TRAITS_*() macro for RenderScrollbar instead of a
        custom toRenderScrollbar() function, for consistency.

        No new tests, no behavior change.

        * rendering/RenderScrollbar.h:
        (isType):
        (WebCore::toRenderScrollbar): Deleted.
        * rendering/RenderScrollbarTheme.cpp:
        (WebCore::RenderScrollbarTheme::minimumThumbLength):
        (WebCore::RenderScrollbarTheme::backButtonRect):
        (WebCore::RenderScrollbarTheme::forwardButtonRect):
        (WebCore::RenderScrollbarTheme::trackRect):
        (WebCore::RenderScrollbarTheme::constrainTrackRectToTrackPieces):
        (WebCore::RenderScrollbarTheme::willPaintScrollbar):
        (WebCore::RenderScrollbarTheme::didPaintScrollbar):
        (WebCore::RenderScrollbarTheme::paintScrollbarBackground):
        (WebCore::RenderScrollbarTheme::paintTrackBackground):
        (WebCore::RenderScrollbarTheme::paintTrackPiece):
        (WebCore::RenderScrollbarTheme::paintButton):
        (WebCore::RenderScrollbarTheme::paintThumb):

2014-10-19  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Move GtkDragAndDropHelper from Platform to WebKit2
        https://bugs.webkit.org/show_bug.cgi?id=137422

        Reviewed by Martin Robinson.

        Remove ClipboardUtilitiesGtk and GtkDragAndDropHelper.

        * PlatformGTK.cmake:
        * platform/gtk/ClipboardUtilitiesGtk.cpp: Removed.
        * platform/gtk/ClipboardUtilitiesGtk.h: Removed.
        * platform/gtk/GtkDragAndDropHelper.cpp: Removed.
        * platform/gtk/GtkDragAndDropHelper.h: Removed.

2014-10-19  Roger Fong  <roger_fong@apple.com>

        Unreviewed. Style fix following r174855.

        * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
        (WebCore::GraphicsContext3D::readPixelsAndConvertToBGRAIfNecessary):

2014-10-18  Antti Koivisto  <antti@apple.com>

        REGRESSION (r173356): Safari can't install a profile, gets 'Download Failed error
        https://bugs.webkit.org/show_bug.cgi?id=137855

        Reviewed by Dan Bernstein.

        We lose the sniffed MIME type for the response when synthesizing an NSURLResponse. Sniffing requires
        backchannel data that the synthesized response doesn't have.

        Test: http/tests/mime/mime-type-sniff.html

        * platform/network/mac/ResourceResponseMac.mm:
        (WebCore::ResourceResponse::initNSURLResponse):

            When synthesizing NSURLResponse explicitly set the Content-type header to the sniffed type.

2014-10-18  Chris Dumez  <cdumez@apple.com>

        [Mac] Use Fast enumeration consistently in WebFontCache.mm
        https://bugs.webkit.org/show_bug.cgi?id=137791

        Reviewed by Darin Adler.

        Use fast enumeration consistently in WebFontCache.mm as this results in
        more efficient, concise and safer code.

        No new tests, no behavior change.

        * platform/mac/WebFontCache.mm:
        (+[WebFontCache getTraits:inFamily:]):
        Reserve Vector capacity before the loop as we know how many traits we
        are going to append. Also use uncheckedAppend() for performance.

        (+[WebFontCache internalFontWithFamily:traits:weight:size:]):

2014-10-18  Chris Fleizach  <cfleizach@apple.com>

        AX: Tables with <colgroups> are not reporting table column headers
        https://bugs.webkit.org/show_bug.cgi?id=137846

        Reviewed by Mario Sanchez Prada.

        The code to search for header objects was getting stuck on anonymous RenderTableSections.
        We also need to check more rows for headers, in case the first row or more is not visible or is empty.

        Test: accessibility/table-column-headers-with-captions.html

        * accessibility/AccessibilityTableColumn.cpp:
        (WebCore::AccessibilityTableColumn::headerObject):
        (WebCore::AccessibilityTableColumn::headerObjectForSection):

2014-10-18  KwangHyuk Kim  <hyuki.kim@samsung.com>

        [EFL] build break occurs on webkit efl build.
        https://bugs.webkit.org/show_bug.cgi?id=137844

        Reviewed by Gyuyoung Kim.

        As local variable elementAddressRegisterIndex is assigned but not used, there is build break for the webkit efl.

        No new tests because it's just to fix build break.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatchesSelectorList):

2014-10-17  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Apply std::unique_ptr to FooFont classes
        https://bugs.webkit.org/show_bug.cgi?id=137769

        Reviewed by Andreas Kling.

        As a step to use std::unique_ptr, this patch applies std::unique_ptr to Font classes.

        No new tests, no behavior changes.

        * platform/graphics/Font.cpp:
        (WebCore::retrieveOrAddCachedFontGlyphs):
        (WebCore::Font::createLayout):
        * platform/graphics/SimpleFontData.cpp:
        (WebCore::SimpleFontData::DerivedFontData::create):
        * platform/graphics/SimpleFontData.h:
        Remove create() factory function because public ctor and std::make_unique<> can replace it.
        * platform/graphics/mac/ComplexTextController.cpp:
        (WebCore::Font::createLayout):

2014-10-17  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Use std::unique_ptr in WebCore/bindings
        https://bugs.webkit.org/show_bug.cgi?id=137808

        Reviewed by Andreas Kling.

        Clean up PassOwnPtr|OwnPtr in WebCore/bindings by using std::unique_ptr, std::make_unique
        and WTF::move.

        No new tests, no behavior changes.

        * bindings/generic/ActiveDOMCallback.h:
        * bindings/js/JSMessageEventCustom.cpp:
        (WebCore::handleInitMessageEvent):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::SerializedScriptValue::SerializedScriptValue):
        (WebCore::SerializedScriptValue::transferArrayBuffers):
        (WebCore::SerializedScriptValue::create):
        * bindings/js/SerializedScriptValue.h:
        * bindings/js/WorkerScriptDebugServer.cpp:
        (WebCore::WorkerScriptDebugServer::interruptAndRunTask):
        * bindings/js/WorkerScriptDebugServer.h:
        * inspector/WorkerDebuggerAgent.cpp:
        (WebCore::WorkerDebuggerAgent::interruptAndDispatchInspectorCommands):

2014-10-16  Roger Fong  <roger_fong@apple.com>

        Calling glReadPixels with BGRA format on an NVIDIA machine with an opaque context returns the wrong alpha values.
        https://bugs.webkit.org/show_bug.cgi?id=137793.
        <rdar://problem/15408133>

        Reviewed by Dean Jackson.

        This fixes conformance test context/context-attribute-preserve-drawing-buffer.html.

        * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
        (WebCore::GraphicsContext3D::readPixelsAndConvertToBGRAIfNecessary):
        On an NVIDIA machine, when the context has alpha turned off, call glReadPixels with RGBA format and then convert to RGBA.

2014-10-17  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for all SVG RenderObjects
        https://bugs.webkit.org/show_bug.cgi?id=137840

        Reviewed by Benjamin Poulain.

        Use is<>() / downcast<>() for all SVG RenderObjects and clean up the
        surrounding code.

        No new tests, no behaviro change.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::supportsPath):
        (WebCore::AccessibilityRenderObject::elementPath):
        * page/FrameView.cpp:
        (WebCore::FrameView::applyOverflowToViewport):
        (WebCore::FrameView::forceLayoutParentViewIfNeeded):
        * rendering/RenderLayerFilterInfo.cpp:
        (WebCore::RenderLayer::FilterInfo::removeReferenceFilterClients):
        * rendering/svg/RenderSVGGradientStop.cpp:
        (WebCore::RenderSVGGradientStop::styleDidChange):
        * rendering/svg/RenderSVGImage.h:
        * rendering/svg/RenderSVGInlineText.h:
        * rendering/svg/RenderSVGResourceContainer.cpp:
        (WebCore::RenderSVGResourceContainer::markAllClientsForInvalidation):
        * rendering/svg/RenderSVGResourceContainer.h:
        * rendering/svg/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::addResourceForClientInvalidation):
        * rendering/svg/RenderSVGRoot.h:
        * rendering/svg/RenderSVGShape.h:
        * rendering/svg/RenderSVGText.cpp:
        (WebCore::collectLayoutAttributes):
        (WebCore::RenderSVGText::subtreeChildWillBeRemoved):
        (WebCore::RenderSVGText::subtreeTextDidChange):
        (WebCore::updateFontInAllDescendants):
        * rendering/svg/RenderSVGText.h:
        * rendering/svg/SVGInlineTextBox.h:
        * rendering/svg/SVGRenderSupport.cpp:
        (WebCore::SVGRenderSupport::mapLocalToContainer):
        (WebCore::SVGRenderSupport::pushMappingToContainer):
        (WebCore::SVGRenderSupport::computeContainerBoundingBoxes):
        * rendering/svg/SVGRenderTreeAsText.cpp:
        (WebCore::writeStyle):
        * rendering/svg/SVGRenderingContext.cpp:
        (WebCore::SVGRenderingContext::bufferForeground):
        * rendering/svg/SVGResourcesCycleSolver.cpp:
        (WebCore::SVGResourcesCycleSolver::resolveCycles):
        * rendering/svg/SVGRootInlineBox.cpp:
        (WebCore::SVGRootInlineBox::renderSVGText):
        (WebCore::SVGRootInlineBox::computePerCharacterLayoutInformation):
        * svg/SVGCircleElement.cpp:
        (WebCore::SVGCircleElement::svgAttributeChanged):
        * svg/SVGElement.cpp:
        (WebCore::SVGElement::svgAttributeChanged):
        * svg/SVGEllipseElement.cpp:
        (WebCore::SVGEllipseElement::svgAttributeChanged):
        * svg/SVGImageElement.cpp:
        (WebCore::SVGImageElement::svgAttributeChanged):
        (WebCore::SVGImageElement::didAttachRenderers):
        * svg/SVGLineElement.cpp:
        (WebCore::SVGLineElement::svgAttributeChanged):
        * svg/SVGPolyElement.cpp:
        (WebCore::SVGPolyElement::svgAttributeChanged):
        * svg/SVGRectElement.cpp:
        (WebCore::SVGRectElement::svgAttributeChanged):
        * svg/SVGSVGElement.cpp:
        (WebCore::SVGSVGElement::localCoordinateSpaceTransform):
        (WebCore::SVGSVGElement::currentViewBoxRect):
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::setContainerSize):
        (WebCore::SVGImage::containerSize):

2014-10-17  Chris Dumez  <cdumez@apple.com>

        Avoid unnecessary isSVGFont() check in SimpleFontData::applyTransforms()
        https://bugs.webkit.org/show_bug.cgi?id=137836

        Reviewed by Andreas Kling.

        Avoid unnecessary isSVGFont() check in SimpleFontData::applyTransforms().
        This function is only called from WidthIterator::applyFontTransforms(),
        which already makes sure to call applyTransforms() if isSVGFont()
        returns false. This patch replaces the check with a simple assertion.

        No new tests, no behavior change.

        * platform/graphics/SimpleFontData.h:
        * svg/SVGFontData.h:

2014-10-17  Michael Saboff  <msaboff@apple.com>

        Don't create cached functions that access lexicalGlobalObject()
        https://bugs.webkit.org/show_bug.cgi?id=137839

        Reviewed by Geoffrey Garen.

        Made it so that all the JSDOMWindow special functions blur(), close(), focus() and postMessage()
        are always created as needed for every prototype.  Made it so that JSHTMLDocument does
        the same for open().  Updated test to account for these methods not being cached

        Updated tests accordingly.

        * bindings/js/JSDOMWindowCustom.cpp: 
        (WebCore::JSDOMWindow::getOwnPropertySlot): Updated to always create cached versions of the
        special functions.
        * bindings/js/JSHTMLDocumentCustom.cpp:
        (WebCore::JSHTMLDocument::getOwnPropertySlot): Added to create an uncached open() method when
        it is first accessed.
        * html/HTMLDocument.idl: Added CustomGetOwnPropertySlot and implemented it in JSHTMLDocumentCustom.cpp.

2014-10-17  Simon Fraser  <simon.fraser@apple.com>

        [iOS] Speculative fix for a crash under RenderLayerCompositor::updateScrollCoordinatedLayer()
        https://bugs.webkit.org/show_bug.cgi?id=137837
        rdar://problem/18545452

        Reviewed by Tim Horton.

        Crash logs suggest that an iframe's RenderView's RenderLayer's backing can be null
        in a call to updateScrollCoordinatedLayer(), so add an assertion (to help find a reproducible case)
        and a null check.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::attachScrollingNode):

2014-10-17  Andreas Kling  <akling@apple.com>

        Re-arrange parentheses for compilation purposes.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatchesSelectorList):

2014-10-17  Andreas Kling  <akling@apple.com>

        Unreviewed build fix after r174838.

        Use StackAllocator::addressOf() instead of the old way of grabbing at a stack reference.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatchesSelectorList):

2014-10-17  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for RenderBox
        https://bugs.webkit.org/show_bug.cgi?id=137804

        Reviewed by Andreas Kling.

        Use is<>() / downcast<>() for RenderBox and clean up the surrounding
        code.

        No new tests, no behavior change.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored):
        (WebCore::AccessibilityRenderObject::accessibilityHitTest):
        (WebCore::AccessibilityRenderObject::getScrollableAreaIfScrollable):
        (WebCore::AccessibilityRenderObject::scrollTo):
        * bindings/objc/DOMHTML.mm:
        (-[DOMHTMLElement scrollYOffset]):
        (-[DOMHTMLElement setScrollXOffset:scrollYOffset:adjustForIOSCaret:]):
        * bindings/objc/DOMUIKitExtensions.mm:
        (-[DOMNode borderRadii]):
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::sizingBox):
        (WebCore::computedTransform):
        (WebCore::zoomAdjustedPaddingOrMarginPixelValue):
        (WebCore::ComputedStyleExtractor::propertyValue):
        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::getLowerRightCorner):
        * dom/Document.cpp:
        (WebCore::Document::webkitWillEnterFullScreenForElement):
        * dom/Element.cpp:
        (WebCore::Element::scrollByUnits):
        * dom/Node.cpp:
        (WebCore::Node::defaultEventHandler):
        * dom/Position.cpp:
        (WebCore::endsOfNodeAreVisuallyDistinctPositions):
        * editing/DeleteButtonController.cpp:
        (WebCore::isDeletableElement):
        * editing/EditorCommand.cpp:
        (WebCore::verticalScrollDistance):
        * editing/FrameSelection.cpp:
        (WebCore::CaretBase::paintCaret):
        * editing/TextIterator.cpp:
        (WebCore::fullyClipsContents):
        (WebCore::shouldEmitExtraNewlineForNode):
        * editing/htmlediting.cpp:
        (WebCore::absoluteBoundsForLocalCaretRect):
        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::isFocusable):
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::checkSizeChangeForSnapshotting):
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::listBoxDefaultEventHandler):
        * html/shadow/SliderThumbElement.cpp:
        (WebCore::SliderThumbElement::setPositionFromPoint):
        * inspector/InspectorOverlay.cpp:
        (WebCore::buildObjectForElementInfo):
        * page/AutoscrollController.cpp:
        (WebCore::AutoscrollController::updateAutoscrollRenderer):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::startPanScrolling):
        * page/FrameView.cpp:
        (WebCore::FrameView::embeddedContentBox):
        * page/GestureTapHighlighter.cpp:
        * page/SpatialNavigation.cpp:
        (WebCore::isScrollableNode):
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::blendFunc):
        * platform/efl/RenderThemeEfl.cpp:
        (WebCore::RenderThemeEfl::baselinePosition):
        * plugins/PluginView.cpp:
        (WebCore::PluginView::invalidateWindowlessPluginRect):
        * rendering/InlineBox.cpp:
        (WebCore::InlineBox::logicalHeight):
        (WebCore::InlineBox::adjustPosition):
        * rendering/InlineElementBox.cpp:
        (WebCore::InlineElementBox::deleteLine):
        (WebCore::InlineElementBox::extractLine):
        (WebCore::InlineElementBox::attachLine):
        (WebCore::InlineElementBox::paint):
        (WebCore::InlineElementBox::nodeAtPoint):
        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::addToLine):
        (WebCore::InlineFlowBox::addReplacedChildOverflow):
        * rendering/LayoutState.cpp:
        (WebCore::LayoutState::LayoutState):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::simplifiedNormalFlowLayout):
        (WebCore::RenderBlock::markFixedPositionObjectForLayoutIfNeeded):
        (WebCore::RenderBlock::clearPercentHeightDescendantsFrom):
        (WebCore::RenderBlock::computeBlockPreferredLogicalWidths):
        (WebCore::RenderBlock::addFocusRingRects):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::rebuildFloatingObjectSetFromIntrudingFloats):
        (WebCore::RenderBlockFlow::positionForPointWithInlineChildren):
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlockFlow::computeInlineDirectionPositionsForLine):
        (WebCore::RenderBlockFlow::layoutLineBoxes):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::findAutoscrollable):
        (WebCore::computeBlockStaticDistance):
        (WebCore::RenderBox::positionForPoint):
        (WebCore::RenderBox::layoutOverflowRectForPropagation):
        * rendering/RenderBox.h:
        (WebCore::RenderBox::previousSiblingBox):
        (WebCore::RenderBox::nextSiblingBox):
        (WebCore::RenderBox::parentBox):
        (WebCore::RenderBox::firstChildBox):
        (WebCore::RenderBox::lastChildBox):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::adjustedPositionRelativeToOffsetParent):
        (WebCore::RenderBoxModelObject::computeStickyPositionConstraints):
        (WebCore::RenderBoxModelObject::constrainingRectForStickyPosition):
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::removeChildInternal):
        (WebCore::RenderElement::styleWillChange):
        (WebCore::RenderElement::repaintAfterLayoutIfNeeded):
        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::RenderEmbeddedObject::layout):
        * rendering/RenderFieldset.cpp:
        (WebCore::RenderFieldset::findLegend):
        * rendering/RenderFlowThread.cpp:
        (WebCore::RenderFlowThread::adjustedPositionRelativeToOffsetParent):
        (WebCore::RenderFlowThread::currentActiveRenderBox):
        * rendering/RenderFlowThread.h:
        * rendering/RenderFullScreen.cpp:
        (WebCore::RenderFullScreen::unwrapRenderer):
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::layoutShadowControls):
        (WebCore::RenderImage::computeIntrinsicRatioInformation):
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::absoluteRects):
        (WebCore::RenderInline::addFocusRingRects):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::updateLayerPosition):
        (WebCore::RenderLayer::perspectiveTransform):
        (WebCore::RenderLayer::perspectiveOrigin):
        (WebCore::parentLayerCrossFrame):
        (WebCore::RenderLayer::enclosingScrollableLayer):
        (WebCore::RenderLayer::resize):
        (WebCore::RenderLayer::scrollsOverflow):
        (WebCore::computeReferenceBox):
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLayer.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateTransform):
        (WebCore::RenderLayerBacking::updateGeometry):
        (WebCore::RenderLayerBacking::resetContentsRect):
        (WebCore::RenderLayerBacking::positionOverflowControlsLayers):
        (WebCore::RenderLayerBacking::updateDirectlyCompositedBackgroundImage):
        (WebCore::RenderLayerBacking::contentsBox):
        (WebCore::RenderLayerBacking::backgroundBoxForPainting):
        (WebCore::RenderLayerBacking::startAnimation):
        (WebCore::RenderLayerBacking::startTransition):
        * rendering/RenderLineBoxList.cpp:
        (WebCore::RenderLineBoxList::rangeIntersectsRect):
        * rendering/RenderMediaControlElements.cpp:
        (WebCore::RenderMediaVolumeSliderContainer::layout):
        * rendering/RenderMultiColumnFlowThread.cpp:
        (WebCore::RenderMultiColumnFlowThread::firstColumnSetOrSpanner):
        (WebCore::RenderMultiColumnFlowThread::nextColumnSetOrSpannerSiblingOf):
        (WebCore::RenderMultiColumnFlowThread::previousColumnSetOrSpannerSiblingOf):
        (WebCore::RenderMultiColumnFlowThread::resolveMovedChild):
        (WebCore::isValidColumnSpanner):
        (WebCore::RenderMultiColumnFlowThread::handleSpannerRemoval):
        * rendering/RenderNamedFlowThread.cpp:
        (WebCore::RenderNamedFlowThread::getRanges):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::computeRectForRepaint):
        (WebCore::RenderObject::showRegionsInformation):
        (WebCore::RenderObject::showRenderObject):
        (WebCore::RenderObject::mapLocalToContainer):
        (WebCore::RenderObject::pushMappingToContainer):
        (WebCore::RenderObject::mapAbsoluteToLocalPoint):
        (WebCore::RenderObject::addAnnotatedRegions):
        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::nodeAtPoint):
        * rendering/RenderTextControlMultiLine.cpp:
        (WebCore::RenderTextControlMultiLine::layoutSpecialExcludedChild):
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::baselinePosition):
        * rendering/RenderThemeGtk.cpp:
        (WebCore::RenderThemeGtk::baselinePosition):
        (WebCore::centerRectVerticallyInParentInputElement):
        * rendering/RenderThemeIOS.mm:
        (WebCore::RenderThemeIOS::baselinePosition):
        * rendering/RenderThemeSafari.cpp:
        (WebCore::RenderThemeSafari::baselinePosition):
        * rendering/RenderThemeWin.cpp:
        (WebCore::RenderThemeWin::paintSearchFieldCancelButton):
        (WebCore::RenderThemeWin::paintSearchFieldResultsDecorationPart):
        (WebCore::RenderThemeWin::paintSearchFieldResultsButton):
        * rendering/RenderTreeAsText.cpp:
        (WebCore::RenderTreeAsText::writeRenderObject):
        (WebCore::externalRepresentation):
        * rendering/RenderView.cpp:
        (WebCore::RenderView::paintBoxDecorations):
        * rendering/RootInlineBox.cpp:
        (WebCore::RootInlineBox::setLineBreakInfo):
        * rendering/line/BreakingContextInlineHeaders.h:
        (WebCore::BreakingContext::handleOutOfFlowPositioned):
        (WebCore::BreakingContext::handleFloat):
        (WebCore::BreakingContext::handleReplaced):
        * rendering/line/LineBreaker.cpp:
        (WebCore::LineBreaker::skipTrailingWhitespace):
        (WebCore::LineBreaker::skipLeadingWhitespace):
        * rendering/mathml/RenderMathMLUnderOver.cpp:
        (WebCore::RenderMathMLUnderOver::layout):
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::embeddedContentBox):

2014-10-17  Andreas Kling  <akling@apple.com>

        Get rid of wrapperContext() in DOM bindings.
        <https://webkit.org/b/137834>

        Reviewed by Chris Dumez.

        The "wrapper context" is always the DOMWrapperWorld, and since we're passing that around
        already, we don't need a separate mechanism to get at the context.

        The context is extra data stored in the DOM object's JSC::Weak (the wrapper GC object.)

        * bindings/js/JSDOMBinding.h:
        (WebCore::setInlineCachedWrapper):
        (WebCore::cacheWrapper):
        (WebCore::wrapperContext): Deleted.
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):

2014-10-17  Benjamin Poulain  <benjamin@webkit.org>

        Make a better use of the available registers when compiling nested selector lists
        https://bugs.webkit.org/show_bug.cgi?id=137802

        Reviewed by Andreas Kling.

        Previously, when compiling a nested selector list, the compiler would start by pushing all
        the allocated registers to the stack to free them for the compiled selector list.
        While neat to ensure register allocation is correct, this is very inefficient.

        This patch brings the first step for reducing the overhead. Instead of pushing everything
        to the stack, we just push as many registers as we need for compiling the selector list.

        In most cases, we have so many registers that we don't even need to push anything to the stack.

        Test: fast/selectors/nth-child-of-register-requirement.html

        * cssjit/SelectorCompiler.cpp:
        Add an explicit type for SelectorList to keep information aggregated from all
        SelectorFragmentList inside it.

        SelectorFragmentList is also extended to include its register and stack requirements.
        This information is then used to create a SelectorList and to compile the SelectorFragmentList.

        (WebCore::SelectorCompiler::hasAnyCombinators):
        We only change the elementAddressRegister when moving over combinators. This is used to detect
        if a selector list clobber the elementAddressRegister or leave it untouched.

        (WebCore::SelectorCompiler::computeBacktrackingMemoryRequirements):
        (WebCore::SelectorCompiler::computeBacktrackingInformation):
        Instead of returning a BacktrackingMemoryRequirements, update the SelectorFragmentList and SelectorList directly.

        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatchesSelectorList):
        This is where the fun happen.
        First step is keep the input untouched. For now it is simply pushed on the stack. This can be improved later.

        Then we find how many allocated registers we need to save to compile the input selector list. We push those registers
        to the stack and give them back to the register allocator.

        With enough registers we can now compile the nested selector list. The code has changed a bit for efficiency. Instead
        of creating a shortcut for success case, the code now exit on error and proceed on success. This is the general pattern
        of SelectorCompiler and it is quite a bit more efficient in the common cases.

        Finally, we reallocate the registers and get their values back from the stack. The "tail" is duplicated but that's fine
        because in the vast majority of cases it is 1 or 2 pop.

        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateSelectorChecker):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthChildOf):
        * cssjit/StackAllocator.h:
        (WebCore::StackAllocator::push):

2014-10-17  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for StyleImage
        https://bugs.webkit.org/show_bug.cgi?id=137824

        Reviewed by Andreas Kling.

        Use is<>() / downcast<>() for StyleImage and clean up the surrouding
        code.

        No new tests, no behavior change.

        * css/CSSCursorImageValue.cpp:
        (WebCore::CSSCursorImageValue::detachPendingImage):
        (WebCore::CSSCursorImageValue::cachedImage):
        (WebCore::CSSCursorImageValue::cachedImageURL):
        * css/CSSImageSetValue.cpp:
        (WebCore::CSSImageSetValue::detachPendingImage):
        (WebCore::CSSImageSetValue::~CSSImageSetValue):
        (WebCore::CSSImageSetValue::cachedImageSet):
        (WebCore::CSSImageSetValue::hasFailedOrCanceledSubresources):
        * css/CSSImageValue.cpp:
        (WebCore::CSSImageValue::detachPendingImage):
        (WebCore::CSSImageValue::cachedImage):
        (WebCore::CSSImageValue::hasFailedOrCanceledSubresources):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::loadPendingShapeImage):
        (WebCore::StyleResolver::loadPendingImages):
        * page/PageSerializer.cpp:
        (WebCore::PageSerializer::retrieveResourcesForProperties):
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::blendFunc):
        * rendering/style/StyleCachedImage.h:
        * rendering/style/StyleCachedImageSet.h:
        * rendering/style/StyleGeneratedImage.h:
        * rendering/style/StyleImage.h:
        * rendering/style/StylePendingImage.h:

2014-10-17  Dean Jackson  <dino@apple.com>

        [Media] Always update controls for <audio> since they are always visible
        https://bugs.webkit.org/show_bug.cgi?id=137829
        <rdar://problem/18693987>

        Reviewed by Brent Fulgham.

        Revision 174756 made a change to only update the display of the controls
        while they are visible. However, <audio> elements didn't detect visibility
        the same way, since their controls do not auto-hide.

        Change controlsAreHidden to check if we're an audio element.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.controlsAreHidden): Audio elements do not auto-hide their controls.

2014-10-17  peavo@outlook.com  <peavo@outlook.com>

        [WinCairo] Accelerated compositing is not implemented.
        https://bugs.webkit.org/show_bug.cgi?id=137345

        Reviewed by Brent Fulgham.

        This patch is based on GTK, and the texture mapper graphics layer type.

        * WebCore.vcxproj/copyForwardingHeaders.cmd: Copy texmap headers.
        * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp: Added method and flag indicating whether animation has started.
        (WebCore::GraphicsLayerTextureMapper::GraphicsLayerTextureMapper):
        (WebCore::GraphicsLayerTextureMapper::addAnimation):
        * platform/graphics/texmap/GraphicsLayerTextureMapper.h: Ditto.
        (WebCore::GraphicsLayerTextureMapper::startedAnimation):
        * platform/graphics/texmap/TextureMapperShaderProgram.cpp: Use same precision for uniform in vertex shader as in fragment shader.
        Otherwise glLinkProgram() will fail, and nothing will be rendered.

2014-10-17  Alexey Proskuryakov  <ap@apple.com>

        [iOS] Crash when load is canceled while waiting for the user to type HTTP authentication credentials
        https://bugs.webkit.org/show_bug.cgi?id=137826
        rdar://problem/17329599

        Reviewed by Brady Eidson.

        No new tests, as we don't have a way to simulate details of user interaction with
        an auth dialog.

        * platform/network/cf/ResourceHandleCFNet.cpp:
        (WebCore::ResourceHandle::receivedCredential):
        (WebCore::ResourceHandle::receivedRequestToContinueWithoutCredential):
        (WebCore::ResourceHandle::receivedRequestToPerformDefaultHandling):
        (WebCore::ResourceHandle::receivedChallengeRejection):
        Added null checks before passing m_connection for CFNetwork functions, making this
        match what Mac code does when sending a message to a nil receiver.

2014-10-17  Simon Fraser  <simon.fraser@apple.com>

        Fix the iOS build.

        * platform/graphics/avfoundation/AVTrackPrivateAVFObjCImpl.mm:
        (WebCore::AVTrackPrivateAVFObjCImpl::languageForAVMediaSelectionOption):

2014-10-16  Jer Noble  <jer.noble@apple.com>

        [Mac] Represent AVMediaSelectionOptions as AudioTracks
        https://bugs.webkit.org/show_bug.cgi?id=137474

        Reviewed by Brent Fulgham.

        Test: http/tests/media/hls/hls-audio-tracks.html

        Support selecting audio "tracks" in HLS streams by exposing AVMediaSelectionOptions
        as entries in the video's AudioTrackList.

        AVMediaSessionGroups and AVPlayerItems don't have KVO or notifications to track when options
        are selected and deselected, so wrap AVMediaSessionGroup and AVMediaSessionOption in C++
        wrappers. Each AVMediaSelectionGroup can have only one AVMediaSelectionOption selected at a
        time, so the wrapper will take care of answering which AVMediaSelectionOption is currently
        selected, as without KVO notifications, asking the AVMediaSelectionGroup directly is
        inconsistent. Because setting the selected option multiple times in the same run-loop can
        cause flakiness, coalesce calls to setSelectedOption() by setting a one-shot timer to do
        the actual selection in the next run-loop.

        * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.h: Added.
        (WebCore::MediaSelectionOptionAVFObjC::avMediaSelectionOption):
        (WebCore::MediaSelectionOptionAVFObjC::clearGroup): Clear backpointer to group from option.
        (WebCore::MediaSelectionGroupAVFObjC::selectedOption): Simple accessor.
        (WebCore::MediaSelectionGroupAVFObjC::options):  Simple accessor.
        (WebCore::MediaSelectionGroupAVFObjC::avMediaSelectionGroup): Simple accessor.
        * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.mm: Added.
        (WebCore::MediaSelectionOptionAVFObjC::create): Simple factory method.
        (WebCore::MediaSelectionOptionAVFObjC::MediaSelectionOptionAVFObjC): Simple constructor.
        (WebCore::MediaSelectionOptionAVFObjC::setSelected): Pass through to MediaSelectionGroupAVFObjC.
        (WebCore::MediaSelectionOptionAVFObjC::selected): Ditto.
        (WebCore::MediaSelectionOptionAVFObjC::index): Return index of this object in the group's object.
        (WebCore::MediaSelectionGroupAVFObjC::create):
        (WebCore::MediaSelectionGroupAVFObjC::MediaSelectionGroupAVFObjC):
        (WebCore::MediaSelectionGroupAVFObjC::~MediaSelectionGroupAVFObjC):
        (WebCore::MediaSelectionGroupAVFObjC::updateOptions): Discover added or removed options.
        (WebCore::MediaSelectionGroupAVFObjC::setSelectedOption): Set a one shot timer to coalesce multiple calls.
        (WebCore::MediaSelectionGroupAVFObjC::selectionTimerFired): Set the selected AVSelectionOption.

        Modify AVTrackPrivateAVFObjCImpl to support both AVPlayerItemTracks and these new
        MediaSelectionOptionAVFObjC objects.

        * platform/graphics/avfoundation/AVTrackPrivateAVFObjCImpl.h:
        (WebCore::AVTrackPrivateAVFObjCImpl::mediaSelectionOption): Simple accessor.
        * platform/graphics/avfoundation/AVTrackPrivateAVFObjCImpl.mm:
        (WebCore::AVTrackPrivateAVFObjCImpl::AVTrackPrivateAVFObjCImpl):  Simple constructor.
        (WebCore::AVTrackPrivateAVFObjCImpl::~AVTrackPrivateAVFObjCImpl): Simple destructor.
        (WebCore::AVTrackPrivateAVFObjCImpl::enabled): Use MediaSelectionOptionAVFObjC, if present.
        (WebCore::AVTrackPrivateAVFObjCImpl::setEnabled): Ditto.
        (WebCore::AVTrackPrivateAVFObjCImpl::audioKind): Ditto.
        (WebCore::AVTrackPrivateAVFObjCImpl::videoKind): Ditto.
        (WebCore::AVTrackPrivateAVFObjCImpl::index): Ditto.
        (WebCore::AVTrackPrivateAVFObjCImpl::id): Ditto.
        (WebCore::AVTrackPrivateAVFObjCImpl::label): Ditto.
        (WebCore::AVTrackPrivateAVFObjCImpl::language): Ditto.
        (WebCore::AVTrackPrivateAVFObjCImpl::languageForAVMediaSelectionOption): Ditto.
        (WebCore::AVTrackPrivateAVFObjCImpl::trackID): Ditto.

        Allow AudioTrackPrivateAVFObjC and VideoTrackPrivateAVFObjC to be created with
        a MediaSelectionOptionAVFObjC.

        * platform/graphics/avfoundation/objc/AudioTrackPrivateAVFObjC.h:
        (WebCore::AudioTrackPrivateAVFObjC::create): Takes a MediaSelectionOptionAVFObjC.
        * platform/graphics/avfoundation/objc/AudioTrackPrivateAVFObjC.mm:
        (WebCore::AudioTrackPrivateAVFObjC::AudioTrackPrivateAVFObjC): Simple constructor.
        (WebCore::AudioTrackPrivateAVFObjC::setMediaSelectionOption): Create a new AVTrackPrivateAVFObjCImpl.
        (WebCore::AudioTrackPrivateAVFObjC::mediaSelectionOption): Simple accessor.
        * platform/graphics/avfoundation/objc/VideoTrackPrivateAVFObjC.cpp:
        (WebCore::VideoTrackPrivateAVFObjC::VideoTrackPrivateAVFObjC): Simple constructor.
        (WebCore::VideoTrackPrivateAVFObjC::setMediaSelectonOption): Create a new AVTrackPrivateAVFObjCImpl.
        (WebCore::VideoTrackPrivateAVFObjC::mediaSelectionOption): Simple accessor.
        * platform/graphics/avfoundation/objc/VideoTrackPrivateAVFObjC.h:

        Because IDs are not necessarily unique across AVPlayerItemTracks and AVMediaSelectionOptions,
        use the index of the track or option instead of it's self-declared ID for ordering for the
        trackIndex.

        * platform/graphics/avfoundation/objc/AudioTrackPrivateAVFObjC.mm:
        (WebCore::AudioTrackPrivateAVFObjC::resetPropertiesFromTrack):
        * platform/graphics/avfoundation/objc/VideoTrackPrivateMediaSourceAVFObjC.mm:
        (WebCore::VideoTrackPrivateMediaSourceAVFObjC::resetPropertiesFromTrack):

        Rather than making allowing the AVPlayerItem to automatically select the "best"
        AVMediaSelectionOption, select the automatic options when creating the AVPlayerItem
        and thereafter allow the users manual selections "stick".

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::ensureAVPlayer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::ensureAVPlayerItem):

        Determine whether any MediaSelectionOptionsAVFObjC have been added or removed and send trackChange events accordingly.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::determineChangedTracksFromNewTracksAndOldItems): Added.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::updateAudioTracks): Search for updated selection options.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::updateVideoTracks): Ditto.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::safeMediaSelectionGroupForAudibleMedia): Return selection group, if available.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::safeMediaSelectionGroupForVisualMedia): Ditto.
        (WebCore::MediaPlayerPrivateAVFoundationObjC::tracksDidChange): Filter out AVPlayerItemTracks without
            AVAssetTracks, as these will be represented by MediaSelectionGroupObjCs instead.
        
        Add new files to project.
        * WebCore.xcodeproj/project.pbxproj:

2014-10-17  Grzegorz Czajkowski  <g.czajkowski@samsung.com>

        [EFL] window.screen.width returns wrong value if more displays are available
        https://bugs.webkit.org/show_bug.cgi?id=137778

        Reviewed by Gyuyoung Kim.

        ecore_x_screen_size_get() retrieves the size of Ecore_X_Screen, for example,
        having two displays of 1680x1050, it will return 3360x1050.

        Unlike EFL's MiniBrowser, Firefox and Chrome return screen of the current display.

        No new tests. Hardware specific bug including multiple displays.

        * platform/efl/PlatformScreenEfl.cpp:
        (WebCore::screenRect):
        Use ecore's xrandr to determine the screen on which browser window is displayed.

2014-10-17  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GLIB] Add API to GMainLoopSource to schedule sources after a delay in microseconds
        https://bugs.webkit.org/show_bug.cgi?id=137782

        Reviewed by Sergio Villar Senin.

        * platform/gtk/SharedTimerGtk.cpp:
        (WebCore::setSharedTimerFireInterval): Use microseconds instead of
        milliseconds.

2014-10-17  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Move touch events handling from Platform to WebKit2
        https://bugs.webkit.org/show_bug.cgi?id=137735

        Reviewed by Sergio Villar Senin.

        Remove GtkTouchContextHelper.

        * PlatformGTK.cmake:
        * platform/gtk/GtkTouchContextHelper.cpp: Removed.
        * platform/gtk/GtkTouchContextHelper.h: Removed.

2014-10-17  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Remove unused function in WorkerThreadableLoader.h 
        https://bugs.webkit.org/show_bug.cgi?id=137811

        Reviewed by Csaba Osztrogonác.

        mainThreadCreateLoader() isn't used anywhere. Even there is no implementation.

        * loader/WorkerThreadableLoader.h:

2014-10-15  Yusuke Suzuki  <utatane.tea@gmail.com>

        CSS Selectors Level 4: Implement :matches in SelectorChecker
        https://bugs.webkit.org/show_bug.cgi?id=137393

        Reviewed by Benjamin Poulain.

        In this patch, we introduce initial :matches implementation.
        In this current implementation, we don't consider pseudo elements.

        Test: fast/selectors/querySelector-matches.html

        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):

2014-10-16  Yusuke Suzuki  <utatane.tea@gmail.com>

        CSS JIT: Introduce StackAllocator::addressOf
        https://bugs.webkit.org/show_bug.cgi?id=137771

        Reviewed by Benjamin Poulain.

        Introduce StackAllocator::addressOf and drop offsetToStackReference, it's too primitive.

        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateSelectorChecker):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateParentElementTreeWalker):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateDirectAdjacentTreeWalker):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::loadCheckingContext):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateAdjacentBacktrackingTail):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateDescendantBacktrackingTail):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsFirstLink):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateStoreLastVisitedElement):
        * cssjit/StackAllocator.h:
        (WebCore::StackAllocator::addressOf):
        (WebCore::StackAllocator::offsetToStackReference):

2014-10-16  Alexey Proskuryakov  <ap@apple.com>

        REGRESSION (r169024): Undetermined text is not displayed in the search field of Adobe Help Website
        https://bugs.webkit.org/show_bug.cgi?id=137679
        rdar://problem/18450335

        Reviewed by Enrica Casucci.

        Test: platform/mac/editing/input/selected-composed-text-painting.html

        * rendering/InlineTextBox.cpp: (WebCore::InlineTextBox::paint): We do not paint
        selection beckground for unconfirmed text with underlines, so we should use a regular
        style for text painting, as well.

2014-10-16  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for BasicShape subclasses
        https://bugs.webkit.org/show_bug.cgi?id=137766

        Reviewed by Andreas Kling.

        Use is<>() / downcast<>() for BasicShape subclasses and clean up the
        surrounding code.

        No new tests, no behavior change.

        * css/BasicShapeFunctions.cpp:
        (WebCore::valueForBasicShape):
        (WebCore::basicShapeForValue):
        * css/BasicShapeFunctions.h:
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::shapePropertyValue):
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::blendFunc):
        * rendering/ClipPathOperation.h:
        (WebCore::ShapeClipPathOperation::create):
        Take a PassRef<BasicShape> in argument to make it obvious it is never
        null.

        (WebCore::ShapeClipPathOperation::basicShape):
        Return a reference instead of a pointer as it can never return null.

        (WebCore::ShapeClipPathOperation::windRule):
        (WebCore::ShapeClipPathOperation::pathForReferenceRect):
        Make it non-const due to the const-correctness of Ref::get().

        (WebCore::ShapeClipPathOperation::ShapeClipPathOperation):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::nodeAtPoint):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::setupClipPath):
        * rendering/shapes/Shape.cpp:
        (WebCore::Shape::createShape):
        * rendering/shapes/Shape.h:
        * rendering/shapes/ShapeOutsideInfo.cpp:
        (WebCore::ShapeOutsideInfo::computedShape):
        * rendering/style/BasicShapes.cpp:
        (WebCore::BasicShape::canBlend):
        (WebCore::BasicShapeCircle::blend):
        (WebCore::BasicShapeEllipse::blend):
        (WebCore::BasicShapePolygon::blend):
        (WebCore::BasicShapeInset::blend):
        * rendering/style/BasicShapes.h:
        * rendering/svg/SVGRenderingContext.cpp:
        (WebCore::SVGRenderingContext::prepareToRenderSVGContent):

2014-10-16  Chris Dumez  <cdumez@apple.com>

        Leverage the new RenderElement::m_isCSSAnimating flag in more places
        https://bugs.webkit.org/show_bug.cgi?id=137786

        Reviewed by Simon Fraser.

        Leverage the new RenderElement::m_isCSSAnimating flag that was introduced
        in r174703 in more places, for performance. This avoids doing extra work
        for renderers on which we are not running animations on. This patch also
        updates the API a bit to use more references instead of pointers, making
        it clear the RenderElement cannot be null and thus avoiding unnecessary
        null checks.

        No new tests, no behavior change.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::computeRenderStyleForProperty):
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::ensureCompositeAnimation):
        (WebCore::AnimationControllerPrivate::clear):
        (WebCore::AnimationControllerPrivate::updateAnimationTimerForRenderer):
        (WebCore::AnimationControllerPrivate::isRunningAnimationOnRenderer):
        (WebCore::AnimationControllerPrivate::isRunningAcceleratedAnimationOnRenderer):
        (WebCore::AnimationControllerPrivate::pauseAnimationAtTime):
        (WebCore::AnimationControllerPrivate::pauseTransitionAtTime):
        (WebCore::AnimationControllerPrivate::getAnimatedStyleForRenderer):
        (WebCore::AnimationController::cancelAnimations):
        (WebCore::AnimationController::updateAnimations):
        (WebCore::AnimationController::getAnimatedStyleForRenderer):
        (WebCore::AnimationController::notifyAnimationStarted):
        (WebCore::AnimationController::isRunningAnimationOnRenderer):
        (WebCore::AnimationController::isRunningAcceleratedAnimationOnRenderer):
        * page/animation/AnimationController.h:
        * page/animation/AnimationControllerPrivate.h:
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::willBeDestroyed):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::currentTransform):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateGeometry):
        (WebCore::RenderLayerBacking::notifyAnimationStarted):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::requiresCompositingForAnimation):
        (WebCore::RenderLayerCompositor::isRunningAcceleratedTransformAnimation):

2014-10-16  Adrien Destugues  <pulkomandy@gmail.com>

        Missing RefPtr.release() calls in TextureMapper
        https://bugs.webkit.org/show_bug.cgi?id=137777

        Reviewed by Chris Dumez.

        No new tests: no functional change, cleanup/optimization.

        Avoids useless ref/deref cycle when returning from functions.

        * platform/graphics/texmap/TextureMapper.cpp:
        (WebCore::TextureMapper::acquireTextureFromPool):
        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::paintIntoSurface):

2014-10-16  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for ContentData subclasses
        https://bugs.webkit.org/show_bug.cgi?id=137768

        Reviewed by Andreas Kling.

        Use is<>() / downcast<>() for ContentData subclasses.

        No new tests, no behavior change.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::contentToCSSValue):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::loadPendingImages):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::createFor):
        * rendering/style/ContentData.h:
        (WebCore::operator==):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::setContent):

2014-10-16  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r174744.
        https://bugs.webkit.org/show_bug.cgi?id=137790

        Caused another WebGL conformance test to fail (Requested by
        rfong on #webkit).

        Reverted changeset:

        "glReadPixels on NVIDIA cards returns the wrong values for the
        alpha channel when alpha is off."
        https://bugs.webkit.org/show_bug.cgi?id=137752
        http://trac.webkit.org/changeset/174744

2014-10-16  Tim Horton  <timothy_horton@apple.com>

        Implement selection services menu for Legacy WebKit
        https://bugs.webkit.org/show_bug.cgi?id=137582
        <rdar://problem/18604241>

        Reviewed by Brady Eidson.

        * WebCore.exp.in:
        * editing/Editor.h:
        * editing/ios/EditorIOS.mm:
        (WebCore::Editor::replaceSelectionWithAttributedString):
        * editing/mac/EditorMac.mm:
        (WebCore::Editor::replaceSelectionWithAttributedString):
        Add replaceSelectionWithAttributedString, which replaces the selection
        with the given attributed string (converting to plain text if the destination
        is not richly editable).

2014-10-16  Alexey Proskuryakov  <ap@apple.com>

        Crashes in ResourceHandleCFURLConnectionDelegateWithOperationQueue due to unimplemented retain/release
        https://bugs.webkit.org/show_bug.cgi?id=137779
        rdar://problem/18679320

        Reviewed by Brady Eidson.

        * platform/network/cf/ResourceHandleCFURLConnectionDelegate.cpp:
        (WebCore::ResourceHandleCFURLConnectionDelegate::retain):
        (WebCore::ResourceHandleCFURLConnectionDelegate::release):
        (WebCore::ResourceHandleCFURLConnectionDelegate::makeConnectionClient):
        * platform/network/cf/ResourceHandleCFURLConnectionDelegate.h:
        Implemented retain/release. They are necessary, as ResourceHandle goes away when
        it's canceled, and there is noone else to keep the client object alive but
        CFURLConnection itself.

        * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::willSendRequest):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveResponse):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveData):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didFinishLoading):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didFail):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::willCacheResponse):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveChallenge):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didSendBodyData):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::canRespondToProtectionSpace):
        (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveDataArray):
        Added a FIXME about potential improvements that I spotted while invsestigating this.

2014-10-15  Andrei Bucur  <abucur@adobe.com>

        ASSERTION  FAILED in WebCore::RenderFlowThread::getRegionRangeForBox
        https://bugs.webkit.org/show_bug.cgi?id=135563

        Reviewed by David Hyatt.

        The new multi-column code doesn't work correctly when the document contains nested fragmentation
        contexts. The problem is the current flow thread concept that can store only one RenderFlowThread
        at a time and use it during layout.

        The stored flow thread is always correct for regions because named flow threads are absolutley positioned
        so every child renderer is contained inside them (with the expcetion of fixed positioned elements which are
        treated separately).

        For multi-column elements this is no longer the case. An absolutely positioned element inside a static
        multi-column element will be contained by a block outside the fragmentation context. It can even be
        contained by a different multi-column element in the case of nested flow threads.

        The patch below explores a solution that's not based on a current flow thread stored globally. The proposed
        patch makes every block to store a pointer to its fragmentation context and a flag that states if this pointer
        needs to be updated or not. If the renderer is not a block it will get its flow thread from the containing
        block. Once the containing flow thread is requested for the block, the pointer is computed and cached until
        invalidated:
        - when a subtree is removed from a flow thread
        - when the position property of an element inside a flow thread changes

        The process is recursive and it doesn't affect elements that are not nested inside a flow thread. If a block
        changes position from relative to static, any element that was contained by it can only be contained by an
        ancestor of the block. This ancestor will still be outside of any flow thread. This ensures that non-fragmentation
        code is not affected from a performance perspective.

        The patch affects the results of the performance tests:
        - the regions layout tests have a decreased performance raging from 2% to 5-6%
        - the regions selection tests have an increased performance raging from 1-2% to 10%
        - the multicolumn layout tests (now pending review in b137687) have an increased performance
        raging from 1.8% to 5%

        Tests: fast/multicol/multicol-all-positioned-crash.html
               fast/multicol/multicol-transform-containing-block.html

        * rendering/FlowThreadController.cpp:
        (WebCore::FlowThreadController::FlowThreadController):
        * rendering/FlowThreadController.h:
        (WebCore::FlowThreadController::currentRenderFlowThread): Deleted.
        (WebCore::FlowThreadController::setCurrentRenderFlowThread): Deleted.
        * rendering/LayoutState.h:
        (WebCore::LayoutState::currentRenderFlowThread):
        (WebCore::LayoutState::setCurrentRenderFlowThread):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlockRareData::RenderBlockRareData):
        (WebCore::RenderBlock::styleWillChange):
        (WebCore::RenderBlock::styleDidChange):
        (WebCore::RenderBlock::collapseAnonymousBoxChild):
        (WebCore::RenderBlock::cachedFlowThreadContainingBlock):
        (WebCore::RenderBlock::cachedFlowThreadContainingBlockNeedsUpdate):
        (WebCore::RenderBlock::setCachedFlowThreadContainingBlockNeedsUpdate):
        (WebCore::RenderBlock::updateCachedFlowThreadContainingBlock):
        (WebCore::RenderBlock::locateFlowThreadContainingBlock):
        * rendering/RenderBlock.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::styleWillChange):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::borderBoxRectInRegion):
        * rendering/RenderFlowThread.cpp:
        (WebCore::RenderFlowThread::layout):
        (WebCore::RenderFlowThread::updateAllLayerToRegionMappings):
        (WebCore::RenderFlowThread::repaintRectangleInRegions):
        (WebCore::CurrentRenderFlowThreadMaintainer::CurrentRenderFlowThreadMaintainer): Deleted.
        (WebCore::CurrentRenderFlowThreadMaintainer::~CurrentRenderFlowThreadMaintainer): Deleted.
        (WebCore::CurrentRenderFlowThreadDisabler::CurrentRenderFlowThreadDisabler): Deleted.
        (WebCore::CurrentRenderFlowThreadDisabler::~CurrentRenderFlowThreadDisabler): Deleted.
        * rendering/RenderFlowThread.h:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paintLayer):
        (WebCore::RenderLayer::hitTestLayer):
        (WebCore::RenderLayer::mapLayerClipRectsToFragmentationLayer):
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::showRegionsInformation):
        (WebCore::RenderObject::insertedIntoTree):
        (WebCore::RenderObject::removeFromRenderFlowThread):
        (WebCore::RenderObject::removeFromRenderFlowThreadIncludingDescendants):
        (WebCore::RenderObject::invalidateFlowThreadContainingBlockIncludingDescendants):
        (WebCore::RenderObject::currentRenderNamedFlowFragment):
        (WebCore::RenderObject::locateFlowThreadContainingBlock):
        (WebCore::RenderObject::locateFlowThreadContainingBlockNoCache): Deleted.
        (WebCore::RenderObject::removeFromRenderFlowThreadRecursive): Deleted.
        * rendering/RenderObject.h:
        (WebCore::RenderObject::flowThreadContainingBlock):
        * rendering/RenderRegion.cpp:
        (WebCore::RenderRegion::computeOverflowFromFlowThread):
        * rendering/RenderView.cpp:
        (WebCore::RenderView::pushLayoutStateForCurrentFlowThread):
        (WebCore::RenderView::popLayoutStateForCurrentFlowThread):
        * rendering/RenderView.h:

2014-10-15  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for list-related render objects
        https://bugs.webkit.org/show_bug.cgi?id=137764

        Reviewed by Benjamin Poulain.

        Use is<>() / downcast<>() for list-related render objects and clean up
        the surrounding code.

        No new tests, no behavior change.

        * accessibility/AccessibilityListBox.cpp:
        (WebCore::AccessibilityListBox::visibleChildren):
        (WebCore::AccessibilityListBox::elementAccessibilityHitTest):
        * accessibility/AccessibilityListBoxOption.cpp:
        (WebCore::AccessibilityListBoxOption::elementRect):
        * accessibility/AccessibilityObject.cpp:
        (WebCore::renderListItemContainerForNode):
        * accessibility/atk/WebKitAccessibleHyperlink.cpp:
        (getRangeLengthForObject):
        * accessibility/atk/WebKitAccessibleInterfaceText.cpp:
        (accessibilityObjectLength):
        (offsetAdjustmentForListItem):
        (webkitAccessibleTextGetText):
        * editing/BreakBlockquoteCommand.cpp:
        (WebCore::BreakBlockquoteCommand::doApply):
        * html/HTMLLIElement.cpp:
        (WebCore::HTMLLIElement::didAttachRenderers):
        (WebCore::HTMLLIElement::parseValue):
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::nextSelectableListIndexPageAway):
        (WebCore::HTMLSelectElement::scrollToSelection):
        (WebCore::HTMLSelectElement::setOptionsChangedOnRenderer):
        (WebCore::HTMLSelectElement::selectOption):
        (WebCore::HTMLSelectElement::platformHandleKeydownEvent):
        (WebCore::HTMLSelectElement::menuListDefaultEventHandler):
        (WebCore::HTMLSelectElement::listBoxDefaultEventHandler):
        * html/HTMLSelectElementWin.cpp:
        (WebCore::HTMLSelectElement::platformHandleKeydownEvent):
        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::platformPrepareForWheelEvents):
        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::addToLine):
        (WebCore::InlineFlowBox::placeBoxRangeInInlineDirection):
        * rendering/RenderCounter.cpp:
        (WebCore::planCounter):
        * rendering/RenderListBox.h:
        * rendering/RenderListItem.cpp:
        (WebCore::nextListItem):
        (WebCore::previousListItem):
        * rendering/RenderListItem.h:
        * rendering/RenderListMarker.h:
        * rendering/RenderMenuList.h:
        * rendering/RenderTreeAsText.cpp:
        (WebCore::markerTextForListItem):
        * rendering/TextAutoSizing.cpp:
        (WebCore::TextAutoSizingValue::adjustNodeSizes):
        * rendering/line/BreakingContextInlineHeaders.h:
        (WebCore::BreakingContext::handleReplaced):
        (WebCore::BreakingContext::commitAndUpdateLineBreakIfNeeded):
        * testing/Internals.cpp:
        (WebCore::Internals::isSelectPopupVisible):

2014-10-15  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Use std::unique_ptr for CachedResource
        https://bugs.webkit.org/show_bug.cgi?id=137736

        Reviewed by Darin Adler.

        No new tests, no behavior change.

        * loader/cache/CachedResource.cpp: Use std::unique_ptr instead of PassOwnPtr|OwnPtr.
        (WebCore::CachedResource::removeClient):
        * loader/cache/CachedResource.h: Set ctor from private to public.
        (WebCore::CachedResource::CachedResourceCallback::schedule):

2014-10-15  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Move TextCodec classes to std::unique_ptr
        https://bugs.webkit.org/show_bug.cgi?id=137738

        Reviewed by Darin Adler.

        Replace uses of PassOwnPtr in code under TextCodecFoo class with std::unique_ptr.
        To do this, ctor of TextCodecFoo classes is changed from private to public. Besides
        related classes follow this change as well.

        No new tests, no behavior change.

        * html/parser/HTMLMetaCharsetParser.h:
        * loader/TextResourceDecoder.cpp:
        (WebCore::TextResourceDecoder::setEncoding):
        (WebCore::TextResourceDecoder::flush):
        * loader/TextResourceDecoder.h:
        * platform/text/TextCodec.h:
        * platform/text/TextCodecICU.cpp:
        (WebCore::TextCodecICU::create):
        * platform/text/TextCodecICU.h:
        * platform/text/TextCodecLatin1.cpp:
        (WebCore::newStreamingTextDecoderWindowsLatin1):
        * platform/text/TextCodecUTF16.cpp:
        (WebCore::newStreamingTextDecoderUTF16LE):
        (WebCore::newStreamingTextDecoderUTF16BE):
        * platform/text/TextCodecUTF8.cpp:
        (WebCore::TextCodecUTF8::create):
        * platform/text/TextCodecUTF8.h:
        * platform/text/TextCodecUserDefined.cpp:
        (WebCore::newStreamingTextDecoderUserDefined):
        * platform/text/TextEncodingRegistry.cpp:
        (WebCore::newTextCodec):
        * platform/text/TextEncodingRegistry.h:
        * platform/text/mac/TextCodecMac.cpp:
        (WebCore::newTextCodecMac):

2014-10-15  Dean Jackson  <dino@apple.com>

        [Media] Reduce style updates (painting) in controls
        https://bugs.webkit.org/show_bug.cgi?id=137763
        <rdar://problem/17833045>

        Reviewed by Simon Fraser.

        Media controls were causing a lot of repaints they were
        constantly updating the style of the widgets, the value
        of the forms, or the text in the display.

        This is necessary when the controls are visible, but not
        necessary when they are hidden. Return immediately in that case.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.createControls): Initialise the slider to a zero value.
        (Controller.prototype.handleDurationChange): Force an update even though we might be hidden.
        (Controller.prototype.updateProgress): Don't update if we're hidden.
        (Controller.prototype.updateTime): Ditto.
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.updateProgress): Ditto.

2014-10-15  Chris Dumez  <cdumez@apple.com>

        [Mac] Fix inefficiencies in ResourceResponse::platformLazyInit(InitLevel) - Part 2
        https://bugs.webkit.org/show_bug.cgi?id=137721

        Reviewed by Darin Adler.

        Follow-up patch to r174717 addressing review comments made after the patch landed:
        - Use modern C++ loop
        - Remove explicit calls to String(NSString*) constructor

        No new tests, no new tests.

        * platform/network/mac/ResourceResponseMac.mm:
        (WebCore::ResourceResponse::platformLazyInit):

2014-10-15  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for InlineBox subclasses
        https://bugs.webkit.org/show_bug.cgi?id=137749

        Reviewed by Darin Adler.

        Use is<>() / downcast<>() for InlineBox subclasses and clean up the
        surrounding code.

        No new tests, no behavior change.

        * dom/Position.cpp:
        (WebCore::Position::upstream):
        (WebCore::Position::downstream):
        * editing/VisibleUnits.cpp:
        (WebCore::wordBreakIteratorForMinOffsetBoundary):
        (WebCore::wordBreakIteratorForMaxOffsetBoundary):
        (WebCore::visualWordPosition):
        (WebCore::startPositionForLine):
        (WebCore::endPositionForLine):
        * rendering/InlineBox.cpp:
        (WebCore::InlineBox::root):
        (WebCore::InlineBox::nextLeafChild):
        (WebCore::InlineBox::prevLeafChild):
        (WebCore::InlineBox::nextLeafChildIgnoringLineBreak):
        * rendering/InlineBox.h:
        * rendering/InlineElementBox.h:
        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::getFlowSpacingLogicalWidth):
        (WebCore::InlineFlowBox::addToLine):
        (WebCore::InlineFlowBox::determineSpacingForFlowBoxes):
        (WebCore::InlineFlowBox::placeBoxRangeInInlineDirection):
        (WebCore::InlineFlowBox::requiresIdeographicBaseline):
        (WebCore::InlineFlowBox::adjustMaxAscentAndDescent):
        (WebCore::InlineFlowBox::computeLogicalBoxHeights):
        (WebCore::InlineFlowBox::placeBoxesInBlockDirection):
        (WebCore::InlineFlowBox::computeMaxLogicalTop):
        (WebCore::InlineFlowBox::flipLinesInBlockDirection):
        (WebCore::InlineFlowBox::computeOverflow):
        (WebCore::InlineFlowBox::firstLeafChild):
        (WebCore::InlineFlowBox::lastLeafChild):
        (WebCore::InlineFlowBox::computeOverAnnotationAdjustment):
        (WebCore::InlineFlowBox::computeUnderAnnotationAdjustment):
        * rendering/InlineFlowBox.h:
        * rendering/InlineTextBox.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::positionForBox):
        * rendering/RenderBlockFlow.h:
        (WebCore::RenderBlockFlow::firstRootBox):
        (WebCore::RenderBlockFlow::lastRootBox):
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlockFlow::createLineBoxes):
        (WebCore::RenderBlockFlow::constructLine):
        (WebCore::setLogicalWidthForTextRun):
        (WebCore::computeExpansionForJustifiedText):
        (WebCore::RenderBlockFlow::computeInlineDirectionPositionsForSegment):
        (WebCore::RenderBlockFlow::computeBlockDirectionPositionsForLine):
        (WebCore::RenderBlockFlow::createLineBoxesFromBidiRuns):
        * rendering/RenderText.cpp:
        (WebCore::RenderText::localCaretRect):
        * rendering/RootInlineBox.cpp:
        (WebCore::RootInlineBox::isHyphenated):
        (WebCore::RootInlineBox::ascentAndDescentForBox):
        * rendering/RootInlineBox.h:
        (WebCore::RootInlineBox::nextRootBox):
        (WebCore::RootInlineBox::prevRootBox):
        * rendering/svg/RenderSVGInlineText.cpp:
        (WebCore::RenderSVGInlineText::localCaretRect):
        (WebCore::RenderSVGInlineText::positionForPoint):
        * rendering/svg/RenderSVGText.cpp:
        (WebCore::RenderSVGText::positionForPoint):
        * rendering/svg/SVGInlineFlowBox.cpp:
        (WebCore::SVGInlineFlowBox::paintSelectionBackground):
        (WebCore::SVGInlineFlowBox::paint):
        (WebCore::SVGInlineFlowBox::computeTextMatchMarkerRectForRenderer):
        * rendering/svg/SVGInlineFlowBox.h:
        * rendering/svg/SVGInlineTextBox.h:
        * rendering/svg/SVGRenderTreeAsText.cpp:
        (WebCore::writeRenderSVGTextBox):
        (WebCore::writeSVGInlineTextBoxes):
        * rendering/svg/SVGRootInlineBox.cpp:
        (WebCore::SVGRootInlineBox::paint):
        (WebCore::SVGRootInlineBox::layoutCharactersInTextBoxes):
        (WebCore::SVGRootInlineBox::layoutChildBoxes):
        (WebCore::reverseInlineBoxRangeAndValueListsIfNeeded):
        * rendering/svg/SVGRootInlineBox.h:
        * rendering/svg/SVGTextQuery.cpp:
        (WebCore::SVGTextQuery::collectTextBoxesInFlowBox):

2014-10-15  Roger Fong  <roger_fong@apple.com>

        glReadPixels on NVIDIA cards returns the wrong values for the alpha channel when alpha is off.
        https://bugs.webkit.org/show_bug.cgi?id=137752.
        <rdar://problem/15408133>

        Reviewed by Brent Fulgham.

        This change fixed the 1.0.2 conformance test: context/context-attribute-preserve-drawing-buffer.html

        * platform/graphics/GraphicsContext3D.h:
        * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
        Manually set the alpha channel to 255 when alpha is off on the rendering context.

2014-10-13  Chris Fleizach  <cfleizach@apple.com>

        AX: Going back is broken for VoiceOver
        https://bugs.webkit.org/show_bug.cgi?id=137382

        Reviewed by Darin Adler.

        There were two issues preventing VoiceOver from navigating when using page history to go back/forward.
          1) Existing AXLoadComplete does not get fired when you just move through page history. 
               There were existing frameLoad notifications used by GTK. I think we should use those which seem more reliable.
          2) The AccessibilityScrollView cached its children, but on some history page loads, that cache was never cleared out.
               Rather than trying to find those places to clear out the cache, it's easier to just add the elements to the children
               array everytime it's asked for. Since there's only ever 3 elements (web area + 2 scroll bars) this should not be a performance hit.

        Tests are not possible since they require monitoring notifications across multiple page loads.

        * accessibility/AXObjectCache.h:
        * accessibility/AccessibilityScrollView.cpp:
        (WebCore::AccessibilityScrollView::updateChildrenIfNecessary):
        * accessibility/ios/AXObjectCacheIOS.mm:
        (WebCore::AXObjectCache::frameLoadingEventPlatformNotification):
        * accessibility/mac/AXObjectCacheMac.mm:
        (WebCore::AXObjectCache::frameLoadingEventPlatformNotification):
        * dom/Document.cpp:
        (WebCore::Document::implicitClose):

2014-10-15  Simon Fraser  <simon.fraser@apple.com>

        Sometimes can't scroll overflow:scroll areas in subframes
        https://bugs.webkit.org/show_bug.cgi?id=137746
        rdar://problem/18603560

        Reviewed by Tim Horton.
        
        r169733 introduced a regression which caused us to no longer update the non-fast
        scrollable region on every layout in subframes, by adding a bogus isMainFrame() check.
        Revert to the previous code.

        Test: platform/mac-wk2/tiled-drawing/scrolling/frames/scroll-region-after-frame-layout.html

        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated):

2014-10-15  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for TransformOperation subclasses
        https://bugs.webkit.org/show_bug.cgi?id=137731

        Reviewed by Darin Adler.

        Use is<>() / downcast<>() for TransformOperation subclasses and clean
        up the surrounding code.

        No new tests, no behavior change.

        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::validateTransformOperations):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::getTransformFunctionValue):
        * platform/graphics/transforms/IdentityTransformOperation.h:
        * platform/graphics/transforms/Matrix3DTransformOperation.cpp:
        (WebCore::Matrix3DTransformOperation::operator==):
        * platform/graphics/transforms/Matrix3DTransformOperation.h:
        * platform/graphics/transforms/MatrixTransformOperation.cpp:
        (WebCore::MatrixTransformOperation::operator==):
        (WebCore::MatrixTransformOperation::blend):
        * platform/graphics/transforms/MatrixTransformOperation.h:
        * platform/graphics/transforms/PerspectiveTransformOperation.cpp:
        (WebCore::PerspectiveTransformOperation::operator==):
        (WebCore::PerspectiveTransformOperation::blend):
        * platform/graphics/transforms/PerspectiveTransformOperation.h:
        * platform/graphics/transforms/RotateTransformOperation.cpp:
        (WebCore::RotateTransformOperation::operator==):
        (WebCore::RotateTransformOperation::blend):
        * platform/graphics/transforms/RotateTransformOperation.h:
        * platform/graphics/transforms/ScaleTransformOperation.cpp:
        (WebCore::ScaleTransformOperation::operator==):
        (WebCore::ScaleTransformOperation::blend):
        * platform/graphics/transforms/ScaleTransformOperation.h:
        * platform/graphics/transforms/SkewTransformOperation.cpp:
        (WebCore::SkewTransformOperation::operator==):
        (WebCore::SkewTransformOperation::blend):
        * platform/graphics/transforms/SkewTransformOperation.h:
        * platform/graphics/transforms/TransformOperation.h:
        * platform/graphics/transforms/TranslateTransformOperation.cpp:
        (WebCore::TranslateTransformOperation::operator==):
        (WebCore::TranslateTransformOperation::blend):
        * platform/graphics/transforms/TranslateTransformOperation.h:

2014-10-15  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for RenderTextControl / RenderTextControlSingleLine
        https://bugs.webkit.org/show_bug.cgi?id=137727

        Reviewed by Darin Adler.

        Use is<>() / downcast<>() for RenderTextControl / RenderTextControlSingleLine.

        No new tests, no behavior change.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::selectedText):
        (WebCore::AccessibilityRenderObject::selectedTextRange):
        (WebCore::AccessibilityRenderObject::setSelectedTextRange):
        (WebCore::AccessibilityRenderObject::visiblePositionForIndex):
        (WebCore::AccessibilityRenderObject::indexForVisiblePosition):
        * editing/TextIterator.cpp:
        (WebCore::TextIterator::handleReplacedElement):
        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::forwardEvent):
        * html/shadow/TextControlInnerElements.cpp:
        (WebCore::TextControlInnerElement::customStyleForRenderer):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::capsLockStateMayHaveChanged):
        * page/ios/FrameIOS.mm:
        (WebCore::ancestorRespondingToScrollWheelEvents):
        * rendering/RenderTextControl.h:
        * rendering/RenderTextControlSingleLine.h:
        * rendering/SimpleLineLayout.cpp:
        (WebCore::SimpleLineLayout::canUseFor):

2014-10-15  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for ClipPathOperation subclasses
        https://bugs.webkit.org/show_bug.cgi?id=137733

        Reviewed by Mihnea Ovidenie.

        Use is<>() / downcast<>() for ClipPathOperation subclasses.

        No new tests, no behavior change.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/DeprecatedStyleBuilder.cpp:
        (WebCore::ApplyPropertyClipPath::applyValue):
        * rendering/ClipPathOperation.h:
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::nodeAtPoint):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::setupClipPath):
        * rendering/svg/SVGRenderingContext.cpp:
        (WebCore::SVGRenderingContext::prepareToRenderSVGContent):

2014-10-15  Chris Dumez  <cdumez@apple.com>

        [Mac] Use CFDictionaryContainsKey() in ImageSource::isSizeAvailable()
        https://bugs.webkit.org/show_bug.cgi?id=137723

        Reviewed by Simon Fraser.

        Use CFDictionaryContainsKey() in ImageSource::isSizeAvailable() instead
        of CFDictionaryGetValue() as we are not actually interested in the
        value.

        No new tests, no behavior change.

        * platform/graphics/cg/ImageSourceCG.cpp:
        (WebCore::ImageSource::isSizeAvailable):

2014-10-15  Mihnea Ovidenie  <mihnea@adobe.com>

        Use modern loops in subtrees selection code
        https://bugs.webkit.org/show_bug.cgi?id=137688

        Reviewed by Andreas Kling.

        No new tests as no change in functionality.

        * rendering/RenderView.cpp:
        (WebCore::RenderView::splitSelectionBetweenSubtrees):
        (WebCore::RenderView::updateSelectionForSubtrees):
        (WebCore::RenderView::clearSubtreeSelection):
        (WebCore::RenderView::applySubtreeSelection):
        * rendering/RenderView.h:

2014-10-14  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Clean up unnecessary PassOwnPtr.h inclusion
        https://bugs.webkit.org/show_bug.cgi?id=137726

        Reviewed by Chris Dumez.

        No new tests, no behavior changes.

        * dom/Document.h: Remove PassOwnPtr.h inclusion.
        * loader/ResourceBuffer.h: ditto.
        * loader/cocoa/DiskCacheMonitorCocoa.mm: ditto.
        * page/scrolling/AxisScrollSnapOffsets.h: ditto.
        * page/scrolling/ScrollingStateScrollingNode.h: ditto.
        * platform/ColorChooserClient.h: ditto.
        * platform/ScrollableArea.cpp: ditto.
        * platform/ScrollbarThemeClient.h: ditto.
        * platform/SharedBuffer.cpp: ditto.
        * platform/Supplementable.h: ditto.
        * platform/graphics/surfaces/GraphicsSurface.h: ditto.
        * platform/graphics/surfaces/GraphicsSurfaceToken.h: ditto.
        * platform/graphics/win/WKCAImageQueue.cpp: ditto.
        * platform/win/CursorWin.cpp: ditto.

2014-10-14  Chris Dumez  <cdumez@apple.com>

        Have offsetFromContainer() / offsetFromAncestorContainer() take a RenderElement&
        https://bugs.webkit.org/show_bug.cgi?id=137728

        Reviewed by Benjamin Poulain.

        Have offsetFromContainer() / offsetFromAncestorContainer() take a RenderElement&
        instead of a RenderObject*. The argument passed is never null and the type
        should be a RenderElement as the argument is a container.

        No new tests, no behavior change.

        * editing/htmlediting.cpp:
        (WebCore::localCaretRectInRendererForCaretPainting):
        * page/GestureTapHighlighter.cpp:
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::mapLocalToContainer):
        (WebCore::RenderBox::pushMappingToContainer):
        (WebCore::RenderBox::offsetFromContainer):
        (WebCore::RenderBox::computeRectForRepaint):
        * rendering/RenderBox.h:
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::mapAbsoluteToLocalPoint):
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::computeRectForRepaint):
        (WebCore::RenderInline::offsetFromContainer):
        (WebCore::RenderInline::mapLocalToContainer):
        (WebCore::RenderInline::pushMappingToContainer):
        * rendering/RenderInline.h:
        * rendering/RenderMultiColumnFlowThread.cpp:
        (WebCore::RenderMultiColumnFlowThread::offsetFromContainer):
        * rendering/RenderMultiColumnFlowThread.h:
        * rendering/RenderNamedFlowFragment.cpp:
        (WebCore::RenderNamedFlowFragment::offsetFromContainer):
        * rendering/RenderNamedFlowFragment.h:
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::offsetFromContainer):
        (WebCore::RenderObject::offsetFromAncestorContainer):
        * rendering/RenderObject.h:
        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::offsetFromContainer):
        * rendering/RenderTableCell.h:
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::convertToPaintingRect):

2014-10-14  Jer Noble  <jer.noble@apple.com>

        REGRESSION (r159208): Crash when clicking scrubber after navigating away/back to video
        https://bugs.webkit.org/show_bug.cgi?id=137715

        Reviewed by Darin Adler.

        Simple null-check of m_player in refreshCachedTime.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::refreshCachedTime):

2014-10-14  Chris Dumez  <cdumez@apple.com>

        [Mac] Fix inefficiencies in ResourceResponse::platformLazyInit(InitLevel)
        https://bugs.webkit.org/show_bug.cgi?id=137721

        Reviewed by Geoffrey Garen.

        There were several inefficiencies with the Mac implementation of
        ResourceResponse::platformLazyInit(InitLevel):
        1. We end up initializing uncommon fields even if called with
           'CommonFieldsOnly' initLevel.
        2. If called with 'AllFields' initLevel (and if currently
           uninitialized), we end up populating m_httpHeaderFields twice, once
           with only the common headers, then a second time with ALL the
           headers. We can skip the common-header case in this case to avoid
           wasting CPU time.

        This patch addresses both inefficiencies and cleans up the code a
        little bit to reduce variable scope and to use fast enumeration of
        header names.

        As a result, we spend almost twice as little time in platformLazyInit()
        when loading msn.com (~30ms -> ~18ms).

        No new tests, no behavior change.

        * platform/network/mac/ResourceResponseMac.mm:
        (WebCore::ResourceResponse::platformLazyInit):

2014-10-14  Zalan Bujtas  <zalan@apple.com>

        REGRESSION (Safari 7.1/8.0): Border-radius and overflow hidden renders incorrectly.
        https://bugs.webkit.org/show_bug.cgi?id=137205

        Reviewed by Simon Fraser.

        Child layer should not reset radius clipping behaviour.

        Test: fast/layers/parent-clipping-overflow-is-overwritten-by-child-clipping.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateClipRects):

2014-10-14  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for PlatformCAAnimation subclasses
        https://bugs.webkit.org/show_bug.cgi?id=137722

        Reviewed by Simon Fraser.

        Use is<>() / downcast<>() for PlatformCAAnimation subclasses and clean
        up the surrounding code.

        No new tests, no behavior change.

        * page/mac/ServicesOverlayController.mm:
        (WebCore::ServicesOverlayController::Highlight::fadeIn):
        (WebCore::ServicesOverlayController::Highlight::fadeOut):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::moveOrCopyLayerAnimation):
        (WebCore::GraphicsLayerCA::updateAnimations):
        (WebCore::GraphicsLayerCA::setAnimationOnLayer):
        (WebCore::GraphicsLayerCA::pauseCAAnimationOnLayer):
        * platform/graphics/ca/GraphicsLayerCA.h:
        * platform/graphics/ca/PlatformCAAnimation.h:
        * platform/graphics/ca/PlatformCALayer.h:
        * platform/graphics/ca/mac/PlatformCAAnimationMac.h:
        * platform/graphics/ca/mac/PlatformCAAnimationMac.mm:
        (PlatformCAAnimationMac::copy):
        (PlatformCAAnimationMac::copyTimingFunctionFrom):
        (PlatformCAAnimationMac::copyFromValueFrom):
        (PlatformCAAnimationMac::copyToValueFrom):
        (PlatformCAAnimationMac::copyValuesFrom):
        (PlatformCAAnimationMac::copyKeyTimesFrom):
        (PlatformCAAnimationMac::copyTimingFunctionsFrom):
        * platform/graphics/ca/mac/PlatformCALayerMac.h:
        * platform/graphics/ca/mac/PlatformCALayerMac.mm:
        (PlatformCALayerMac::addAnimationForKey):
        * platform/graphics/ca/win/PlatformCAAnimationWin.cpp:
        (PlatformCAAnimationWin::copy):
        (PlatformCAAnimationWin::copyTimingFunctionFrom):
        (PlatformCAAnimationWin::copyFromValueFrom):
        (PlatformCAAnimationWin::copyToValueFrom):
        (PlatformCAAnimationWin::copyValuesFrom):
        (PlatformCAAnimationWin::copyKeyTimesFrom):
        (PlatformCAAnimationWin::copyTimingFunctionsFrom):
        * platform/graphics/ca/win/PlatformCAAnimationWin.h:
        * platform/graphics/ca/win/PlatformCALayerWin.cpp:
        (PlatformCALayerWin::addAnimationForKey):
        * platform/graphics/ca/win/PlatformCALayerWin.h:

2014-10-14  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for RenderInline
        https://bugs.webkit.org/show_bug.cgi?id=137704

        Reviewed by Darin Adler.

        Use is<>() / downcast<>() for RenderInline and clean up the surrounding
        code.

        No new tests, no behavior change.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::firstChildInContinuation):
        * editing/SimplifyMarkupCommand.cpp:
        (WebCore::SimplifyMarkupCommand::doApply):
        * inspector/InspectorOverlay.cpp:
        (WebCore::buildRendererHighlight):
        * page/FrameView.cpp:
        (WebCore::FrameView::paintContents):
        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::removeLineBoxFromRenderObject):
        (WebCore::InlineFlowBox::extractLineBoxFromRenderObject):
        (WebCore::InlineFlowBox::attachLineBoxToRenderObject):
        (WebCore::InlineFlowBox::determineSpacingForFlowBoxes):
        (WebCore::InlineFlowBox::nodeAtPoint):
        (WebCore::InlineFlowBox::paint):
        * rendering/InlineIterator.h:
        (WebCore::bidiFirstSkippingEmptyInlines):
        * rendering/LayoutState.cpp:
        (WebCore::LayoutState::LayoutState):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::willBeDestroyed):
        (WebCore::RenderBlock::paintObject):
        (WebCore::RenderBlock::inlineElementContinuation):
        (WebCore::RenderBlock::addFocusRingRects):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::willBeDestroyed):
        (WebCore::RenderBlockFlow::computeInlinePreferredLogicalWidths):
        * rendering/RenderBlockFlow.h:
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::constructBidiRunsForSegment):
        (WebCore::RenderBlockFlow::layoutLineBoxes):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::offsetFromContainer):
        (WebCore::RenderBox::computeRectForRepaint):
        (WebCore::RenderBox::containingBlockLogicalWidthForPositioned):
        (WebCore::RenderBox::containingBlockLogicalHeightForPositioned):
        (WebCore::RenderBox::computePositionedLogicalWidthUsing):
        (WebCore::RenderBox::computePositionedLogicalWidthReplaced):
        (WebCore::RenderBox::layoutOverflowRectForPropagation):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::accumulateInFlowPositionOffsets):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::willBeRemovedFromTree):
        * rendering/RenderElement.h:
        (WebCore::RenderElement::dirtyLinesFromChangedChild):
        * rendering/RenderFlowThread.cpp:
        (WebCore::RenderFlowThread::addRegionsOverflowFromChild):
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::willBeDestroyed):
        (WebCore::RenderInline::updateAlwaysCreateLineBoxes):
        (WebCore::RenderInline::clippedOverflowRectForRepaint):
        * rendering/RenderInline.h:
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::updateLayerPosition):
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLineBoxList.cpp:
        (WebCore::RenderLineBoxList::dirtyLinesFromChangedChild):
        * rendering/RenderLineBoxList.h:
        * rendering/RenderNamedFlowThread.cpp:
        (WebCore::RenderNamedFlowThread::decorationsClipRectForBoxInNamedFlowFragment):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::insertedIntoTree):
        * rendering/RenderRegion.cpp:
        (WebCore::RenderRegion::overflowRectForFlowThreadPortion):
        (WebCore::RenderRegion::visualOverflowRectForBox):
        (WebCore::RenderRegion::visualOverflowRectForBoxForPropagation):
        * rendering/RenderRegion.h:
        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::willBeDestroyed):
        * rendering/RenderTextLineBoxes.cpp:
        (WebCore::RenderTextLineBoxes::removeAllFromParent):
        (WebCore::RenderTextLineBoxes::dirtyRange):
        * rendering/line/BreakingContextInlineHeaders.h:
        (WebCore::inlineLogicalWidth):
        (WebCore::BreakingContext::handleEmptyInline):
        * rendering/line/LineInlineHeaders.h:
        (WebCore::requiresLineBox):
        (WebCore::setStaticPositions):
        * rendering/svg/SVGInlineTextBox.cpp:
        (WebCore::SVGInlineTextBox::paint):

2014-10-14  Brent Fulgham  <bfulgham@apple.com>

        [Win] Unreviewed build fix after r174710.

        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        (WebCore::MediaPlayerPrivateAVFoundationCF::createSession):

2014-10-14  Dan Bernstein  <mitz@apple.com>

        URLs that start with http:/// and https:/// lose two slashes when parsed, causing assertion failure and inconsistent behavior
        https://bugs.webkit.org/show_bug.cgi?id=137718

        Reviewed by Alexey Proskuryakov.

        Added cases to fast/loader/url-parse-1.html.

        * platform/URL.cpp:
        (WebCore::URL::parse): In hierarchical schemes other than file:, ignore any additional
        slashes after the ://, as prescribed by the authority-ignore-slashes state in the current
        URL spec.

2014-10-14  Brent Fulgham  <bfulgham@apple.com>

        [Win] Unreviewed build fix after r174698 and r174709.

        * platform/graphics/avfoundation/cf/CDMSessionAVFoundationCF.cpp:
        * platform/graphics/avfoundation/cf/CDMSessionAVFoundationCF.h:
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        (WebCore::MediaPlayerPrivateAVFoundationCF::supportsKeySystem):
        (WebCore::AVFWrapper::shouldWaitForLoadingOfResource):
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.h:

2014-10-14  Brent Fulgham  <bfulgham@apple.com>

        [Win] Unreviewed build fix after r174698

        * platform/graphics/avfoundation/cf/CDMSessionAVFoundationCF.cpp:
        * platform/graphics/avfoundation/cf/CDMSessionAVFoundationCF.h:
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        (WebCore::MediaPlayerPrivateAVFoundationCF::createSession):

2014-10-14  Myles C. Maxfield  <mmaxfield@apple.com>

        Improve debug description of WAKViews
        https://bugs.webkit.org/show_bug.cgi?id=137716

        Reviewed by Simon Fraser.

        No new tests because there is no behavior change.

        * platform/ios/wak/WAKView.mm:
        (-[WAKView description]):
        * platform/ios/wak/WKView.h:
        * platform/ios/wak/WKView.mm:
        (WKViewGetOrigin):

2014-10-14  Chris Dumez  <cdumez@apple.com>

        Introduce an isCSSAnimated flag on RenderElement for performance
        https://bugs.webkit.org/show_bug.cgi?id=137583

        Reviewed by Simon Fraser.

        I noticed when profiling the ebay.com page load that isRunningAnimationOnRenderer()
        and isRunningAcceleratedAnimationOnRenderer() were called frequently, causing
        ~4.7 millions m_compositeAnimations HashMap lookups.

        This patch introduces an isCSSAnimated flag on RenderElement to return early if
        there is no animation on the renderer, thus avoiding HashMap lookups. This reduces
        the number of HashMap lookups from ~4.7 millions to ~68k. On my machine, I see
        the following performance improvements:
        - isRunning*AnimationOnRenderer() / computeCompositingRequirements()
          - before: ~45ms  / ~90ms
          - after:  ~4ms / ~30ms

        No new tests, no behavior change.

        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::ensureCompositeAnimation):
        (WebCore::AnimationControllerPrivate::clear):
        (WebCore::AnimationControllerPrivate::isRunningAnimationOnRenderer):
        (WebCore::AnimationControllerPrivate::isRunningAcceleratedAnimationOnRenderer):
        (WebCore::AnimationController::isRunningAnimationOnRenderer):
        (WebCore::AnimationController::isRunningAcceleratedAnimationOnRenderer):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::RenderElement):
        * rendering/RenderElement.h:
        (WebCore::RenderElement::isCSSAnimating):
        (WebCore::RenderElement::setIsCSSAnimating):

2014-10-14  Dean Jackson  <dino@apple.com>

        Crash in WebCore::UserGestureIndicator::processingUserGesture with WebWorkers
        https://bugs.webkit.org/show_bug.cgi?id=137676
        <rdar://problem/15735049>

        Reviewed by Alexey Proskuryakov.

        Remove the code I added that tracks the timestamp of the most recent
        user gesture from the event handling dispatch, as it was both
        a silly place to do it and it originally crashed when events were fired from
        Worker threads (although this was fixed in r152238).

        It's now recorded by going through UserGestureIndicator, which is good because
        it knows when a user has triggered an event. Its constructor now takes
        a pointer to Document, and updates the timestamp there if necessary.

        Not all UserGestureIndicator instances needed to reset the timestamp; Those did
        not have to pass along the Document.

        This is untestable due to the fix mentioned above.

        * WebCore.exp.in: Change constructor signature.

        * accessibility/AccessibilityNodeObject.cpp: Pass a pointer to the Document into the UserGestureIndicator.
        (WebCore::AccessibilityNodeObject::increment):
        (WebCore::AccessibilityNodeObject::decrement):
        * accessibility/AccessibilityObject.cpp: Ditto.
        (WebCore::AccessibilityObject::press):

        * dom/Document.cpp:
        (WebCore::Document::updateLastHandledUserGestureTimestamp): Renamed.
        * dom/Document.h:

        * dom/EventTarget.cpp: Remove the code to update the timestamp.
        (WebCore::EventTarget::fireEventListeners):

        * dom/UserGestureIndicator.cpp:
        (WebCore::UserGestureIndicator::UserGestureIndicator): If there is a Document and
        this is a user gesture, then reset the timestamp.
        * dom/UserGestureIndicator.h:

        * page/EventHandler.cpp: Pass a pointer to the Document.
        (WebCore::EventHandler::handleMousePressEvent):
        (WebCore::EventHandler::handleMouseDoubleClickEvent):
        (WebCore::EventHandler::handleMouseReleaseEvent):
        (WebCore::EventHandler::keyEvent):
        (WebCore::EventHandler::handleTouchEvent):

        * rendering/HitTestResult.cpp: Ditto.
        (WebCore::HitTestResult::toggleMediaFullscreenState):
        (WebCore::HitTestResult::enterFullscreenForVideo):

2014-10-14  Brent Fulgham  <bfulgham@apple.com>

        [Win] Unreviewed gardening. Ignore Visual Studio *.sdf files.

        * WebCore.vcxproj: Modified property svn:ignore.

2014-10-14  Brent Fulgham  <bfulgham@apple.com>

        [Win] Enable Encrypted Media Support
        https://bugs.webkit.org/show_bug.cgi?id=137710
        <rdar://problem/18652699>

        Reviewed by Jer Noble.

        This feature is covered by existing media tests.

        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        (WebCore::destroyAVFWrapper): Remove redundant ASSERT.
        * platform/graphics/ca/win/PlatformCALayerWinInternal.cpp:
        (displayOnMainThreadContext::displayOnMainThreadContext): Added.
        (redispatchOnMainQueue): Added.
        (PlatformCALayerWinInternal::displayCallback): Check if a display
        call is happening on a background queue, and re-dispatch on the
        main thread if necessary.

2014-10-14  Chris Dumez  <cdumez@apple.com>

        [Mac] Avoid unnecessary dictionary lookup in ImageSource::isSizeAvailable()
        https://bugs.webkit.org/show_bug.cgi?id=137701

        Reviewed by Simon Fraser.

        The CG implementation of ImageSource::isSizeAvailable() was looking up
        both the width and the height keys in the dictionary before determining
        if the size is available. We can abort early and return false if the
        first key (the width) is missing, thus avoiding an extra dictionary
        lookup in this case.

        This is a small win but ImageSource::isSizeAvailable() is called quite
        frequently during page loads

        No new tests, no behavior change.

        * platform/graphics/cg/ImageSourceCG.cpp:
        (WebCore::ImageSource::isSizeAvailable):

2014-10-14  Myles C. Maxfield  <mmaxfield@apple.com>

        Remove unnecessary logging from SimpleFontData
        https://bugs.webkit.org/show_bug.cgi?id=137699

        Reviewed by Andreas Kling.

        Because of web fonts, fonts that don't have a glyph page 0 are common and expected. Printing out a
        message is not helpful, especially if you're not dealing with a font-related piece of WebKit.

        No new tests because there is no behavior change.

        * platform/graphics/SimpleFontData.cpp:
        (WebCore::SimpleFontData::platformGlyphInit):

2014-10-14  Martin Hock  <mhock@apple.com>

        Update ViewportConfiguration whenever its size attributes change
        https://bugs.webkit.org/show_bug.cgi?id=137682
        rdar://problem/18643655

        Reviewed by Benjamin Poulain.

        * page/ViewportConfiguration.cpp:
        (WebCore::ViewportConfiguration::setMinimumLayoutSize):
        (WebCore::ViewportConfiguration::setMinimumLayoutSizeForMinimalUI):

2014-10-14  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Processing Instruction Nodes appear poorly in DOM Tree
        https://bugs.webkit.org/show_bug.cgi?id=137681

        Reviewed by Timothy Hatcher.

        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::buildObjectForNode):
        Include the nodeName, localName, and nodeValue (string data)
        properties for processing instruction nodes.

2014-10-14  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for RenderFrame / RenderFrameSet
        https://bugs.webkit.org/show_bug.cgi?id=137696

        Reviewed by Darin Adler.

        Use is<>() / downcast<>() for RenderFrame / RenderFrameSet.

        No new tests, no behavior change.

        * html/HTMLFrameSetElement.cpp:
        (WebCore::HTMLFrameSetElement::defaultEventHandler):
        * rendering/RenderFrame.cpp:
        (WebCore::RenderFrame::updateFromElement):
        * rendering/RenderFrame.h:
        * rendering/RenderFrameSet.cpp:
        (WebCore::RenderFrameSet::computeEdgeInfo):
        (WebCore::RenderFrameSet::positionFramesWithFlattening):
        * rendering/RenderFrameSet.h:

2014-10-14  Youenn Fablet  <youennf@gmail.com>

        [XHR] Abort method execution when m_loader->cancel() in internalAbort() caused reentry
        https://bugs.webkit.org/show_bug.cgi?id=126975

        Reviewed by Alexey Proskuryakov.

        Merging https://chromium.googlesource.com/chromium/blink/+/0d75daf2053631518606ae15daaece701a25b2c4
        Ensuring new test from https://codereview.chromium.org/76133002/ is passing.

        Test: http/tests/xmlhttprequest/reentrant-cancel-abort.html

        * xml/XMLHttpRequest.cpp:
        (WebCore::XMLHttpRequest::open): exit early if internalAbort asks so
        (WebCore::XMLHttpRequest::abort): exit early if internalAbort asks so
        (WebCore::XMLHttpRequest::internalAbort): ask calling function to exit early if a new loader is created during the cancellation of the loader (potential reentrant case through window.onload callback)   
        (WebCore::XMLHttpRequest::didTimeout): exit early if internalAbort asks so
        * xml/XMLHttpRequest.h:

2014-10-14  Alejandro G. Castro  <alex@igalia.com>

        Multiple refactors in RenderMathMLOperator
        https://bugs.webkit.org/show_bug.cgi?id=137611

        Reviewed by Darin Adler.

        The changes include:
        - Rename m_operator to m_textContent.
        - Make most of the functions private, we needed to create some
        public member functions to be able to make the some funtions private
        and move trailingSpaceError to RenderMathMLOperator.
        - Fix incorrect capitalization of setOperatorProperties function.
        - Make all data members private and move them to the end of the
        class defition.

        No new tests as no change in functionality.

        * rendering/mathml/RenderMathMLOperator.cpp:
        (WebCore::RenderMathMLOperator::RenderMathMLOperator):
        (WebCore::RenderMathMLOperator::setOperatorProperties): Renamed,
        incorrect capitalization
        (WebCore::RenderMathMLOperator::stretchTo):
        (WebCore::RenderMathMLOperator::computePreferredLogicalWidths):
        (WebCore::RenderMathMLOperator::rebuildTokenContent):
        (WebCore::RenderMathMLOperator::updateFromElement):
        (WebCore::RenderMathMLOperator::updateOperatorProperties):
        (WebCore::RenderMathMLOperator::shouldAllowStretching):
        (WebCore::RenderMathMLOperator::updateStyle):
        (WebCore::RenderMathMLOperator::trailingSpaceError):
        (WebCore::RenderMathMLOperator::SetOperatorProperties): Deleted.
        (WebCore::RenderMathMLOperator::advanceForGlyph): Deleted.
        (WebCore::RenderMathMLOperator::updateTokenContent): Deleted.
        (WebCore::RenderMathMLOperator::getGlyphAssemblyFallBack): Deleted.
        * rendering/mathml/RenderMathMLOperator.h:
        (WebCore::RenderMathMLOperator::setLeadingSpace): Added.
        (WebCore::RenderMathMLOperator::setTrailingSpace):  Added.
        (WebCore::RenderMathMLOperator::textContent): Added.
        (WebCore::RenderMathMLOperator::isInvisibleOperator):
        * rendering/mathml/RenderMathMLRadicalOperator.cpp:
        (WebCore::RenderMathMLRadicalOperator::setOperatorProperties):
        Renamed, incorrect capitalization
        (WebCore::RenderMathMLRadicalOperator::SetOperatorProperties): Deleted.
        (WebCore::RenderMathMLRadicalOperator::trailingSpaceError): Deleted.
        * rendering/mathml/RenderMathMLRadicalOperator.h:

2014-10-14  Alejandro G. Castro  <alex@igalia.com>

        Changes in the stretchy attribute do not update rendering
        https://bugs.webkit.org/show_bug.cgi?id=136883

        Reviewed by Darin Adler.

        Test: mathml/presentation/mo-stretch-update.html

        We need to relayout when a change in the stretchy attribute
        happens.

        * mathml/MathMLTextElement.cpp:
        (WebCore::MathMLTextElement::parseAttribute): Parse the
        modifications of the stretchy attribute.
        * mathml/MathMLTextElement.h:
        * rendering/mathml/RenderMathMLOperator.cpp:
        (WebCore::RenderMathMLOperator::setOperatorFlagAndScheduleLayoutIfNeeded):
        Add function that receives the value instead of looking for it and
        checks if the change should schedule a layout.
        (WebCore::RenderMathMLOperator::setOperatorFlagFromAttribute):
        (WebCore::RenderMathMLOperator::setOperatorFlagFromAttributeValue):
        Add function that receives the value instead of looking for it.
        * rendering/mathml/RenderMathMLOperator.h:

2014-10-14  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for RenderImage
        https://bugs.webkit.org/show_bug.cgi?id=137683

        Reviewed by Mihnea Ovidenie.

        Use is<>() / downcast<>() for RenderImage.

        No new tests, no behavior change.

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::alternativeText):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::addImageMapChildren):
        (WebCore::AccessibilityRenderObject::remoteSVGRootElement):
        * bindings/objc/DOM.mm:
        (-[DOMElement image]):
        (-[DOMElement _imageTIFFRepresentation]):
        * editing/TextIterator.cpp:
        (WebCore::TextIterator::handleReplacedElement):
        * editing/cocoa/HTMLConverter.mm:
        (fileWrapperForElement):
        * editing/gtk/EditorGtk.cpp:
        (WebCore::getImageForElement):
        * editing/ios/EditorIOS.mm:
        (WebCore::getImage):
        * editing/mac/EditorMac.mm:
        (WebCore::getImage):
        * html/HTMLAnchorElement.cpp:
        (WebCore::appendServerMapMousePosition):
        * html/HTMLAreaElement.cpp:
        (WebCore::HTMLAreaElement::setFocus):
        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::setBestFitURLAndDPRFromImageCandidate):
        (WebCore::HTMLImageElement::parseAttribute):
        (WebCore::HTMLImageElement::didAttachRenderers):
        (WebCore::HTMLImageElement::createImageControls):
        (WebCore::HTMLImageElement::destroyImageControls):
        * html/HTMLVideoElement.cpp:
        (WebCore::HTMLVideoElement::didAttachRenderers):
        (WebCore::HTMLVideoElement::parseAttribute):
        * html/ImageInputType.cpp:
        (WebCore::ImageInputType::altAttributeChanged):
        (WebCore::ImageInputType::attach):
        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::size):
        * html/shadow/mac/ImageControlsRootElementMac.cpp:
        (WebCore::RenderImageControls::updateLogicalWidth):
        (WebCore::RenderImageControls::computeLogicalHeight):
        * loader/ImageLoader.cpp:
        (WebCore::ImageLoader::renderImageResource):
        * page/ContextMenuController.cpp:
        (WebCore::imageFromImageElementNode):
        * page/DragController.cpp:
        (WebCore::getCachedImage):
        (WebCore::getImage):
        * platform/win/PasteboardWin.cpp:
        (WebCore::Pasteboard::writeImage):
        (WebCore::getCachedImage):
        * rendering/HitTestResult.cpp:
        (WebCore::HitTestResult::image):
        * rendering/RenderImage.h:
        * rendering/RenderImageResource.cpp:
        (WebCore::RenderImageResource::getImageSize):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::isDirectlyCompositedImage):
        (WebCore::RenderLayerBacking::updateImageContents):
        * rendering/RenderReplaced.cpp:
        (WebCore::RenderReplaced::computeAspectRatioInformationForRenderBox):
        * rendering/shapes/ShapeOutsideInfo.cpp:
        (WebCore::ShapeOutsideInfo::createShapeForImage):

2014-10-14  Andrzej Badowski  <a.badowski@samsung.com>

        [AX] Improve AccessibilityTableCell columnHeaders and rowHeaders functions.
        https://bugs.webkit.org/show_bug.cgi?id=136818

        Reviewed by Chris Fleizach.

        Take into account that <th> elements can be both the column headers and row headers 
        improved the operation of two functions: columnHeaders and rowHeaders.

        Test: accessibility/table-headers.html

        * accessibility/AccessibilityTableCell.cpp:
        (WebCore::AccessibilityTableCell::isColumnHeaderCell):
        A new function that helps the main goal.
        (WebCore::AccessibilityTableCell::isRowHeaderCell):
        A new function that helps the main goal.
        (WebCore::AccessibilityTableCell::columnHeaders):
        Use isColumnHeaderCell instead of isTableHeaderCell.
        (WebCore::AccessibilityTableCell::rowHeaders):
        Use isRowHeaderCell also includes <th> row header element next to the scope attribute.
        * accessibility/AccessibilityTableCell.h:
        Adds new functions to the header file.

2014-10-14  Csaba Osztrogonác  <ossy@webkit.org>

        Fix the !ENABLE(VIDEO) build after r174353
        https://bugs.webkit.org/show_bug.cgi?id=137655

        Reviewed by Darin Adler.

        * dom/Document.cpp:
        * dom/Document.h:
        * page/Page.cpp:
        * page/Page.h:

2014-10-14  peavo@outlook.com  <peavo@outlook.com>

        [Curl] Compile error in CurlDownload.cpp.
        https://bugs.webkit.org/show_bug.cgi?id=137654

        Reviewed by Philippe Normand.

        A template specialization is not needed anymore.

        * platform/network/curl/CurlDownload.cpp:

2014-10-13  Joseph Pecoraro  <pecoraro@apple.com>

        Web Inspector: Remove unused stale Page protocol methods
        https://bugs.webkit.org/show_bug.cgi?id=137678

        Reviewed by Andreas Kling.

        * inspector/InspectorClient.h:
        (WebCore::InspectorClient::canShowDebugBorders): Deleted.
        (WebCore::InspectorClient::setShowDebugBorders): Deleted.
        (WebCore::InspectorClient::canShowFPSCounter): Deleted.
        (WebCore::InspectorClient::setShowFPSCounter): Deleted.
        (WebCore::InspectorClient::canContinuouslyPaint): Deleted.
        (WebCore::InspectorClient::setContinuousPaintingEnabled): Deleted.
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::disable):
        (WebCore::InspectorPageAgent::canShowDebugBorders): Deleted.
        (WebCore::InspectorPageAgent::setShowDebugBorders): Deleted.
        (WebCore::InspectorPageAgent::canShowFPSCounter): Deleted.
        (WebCore::InspectorPageAgent::setShowFPSCounter): Deleted.
        (WebCore::InspectorPageAgent::canContinuouslyPaint): Deleted.
        (WebCore::InspectorPageAgent::setContinuousPaintingEnabled): Deleted.
        * inspector/InspectorPageAgent.h:
        * inspector/protocol/Page.json:

2014-10-13  Eric Carlson  <eric.carlson@apple.com>

        [iOS] Refactor AirPlay monitoring code
        https://bugs.webkit.org/show_bug.cgi?id=137645
        <rdar://problem/18444817>

        Reviewed by Jer Noble.

        Refactor AirPlay route change monitoring code:
        + Have MediaSessionManager register/unregister for route changes depending on the state of
            all sessions so it does the right thing when there is more than one media element.
        + Make HTMLMediaElement unregister with MediaSession as soon as the media player is cleared
            because there can be no wireless playback without a player.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::~HTMLMediaElement): Call mediaSession->setHasPlaybackTargetAvailabilityListeners
            when there are target availability changed listeners.
        (WebCore::HTMLMediaElement::clearMediaPlayer): Ditto.
        (WebCore::HTMLMediaElement::wirelessRoutesAvailableDidChange): New, media session client method.
        * html/HTMLMediaElement.h:

        * html/HTMLMediaSession.cpp:
        (WebCore::HTMLMediaSession::HTMLMediaSession): Initialize m_hasPlaybackTargetAvailabilityListeners.
        (WebCore::HTMLMediaSession::setHasPlaybackTargetAvailabilityListeners): Remember whether or not
            the client has a target availability listener and tell the media session manager to reconfigure
            itself instead of telling it to start or stop listening for route changes so it does the 
            right thing when there is more than one media element.
        * html/HTMLMediaSession.h:
        (WebCore::HTMLMediaSession::requiresPlaybackTargetRouteMonitoring): Return true when the client 
            has a target availability listener, false otherwise.

        * platform/audio/MediaSession.cpp:
        (WebCore::MediaSession::wirelessRoutesAvailableDidChange): Inform the client that routes have changed.
        * platform/audio/MediaSession.h:
        (WebCore::MediaSession::requiresPlaybackTargetRouteMonitoring):
        (WebCore::MediaSessionClient::wirelessRoutesAvailableDidChange):

        * platform/audio/MediaSessionManager.cpp:
        (WebCore::MediaSessionManager::wirelessRoutesAvailableChanged): Implement it.
        * platform/audio/MediaSessionManager.h:
        (WebCore::MediaSessionManager::configureWireLessTargetMonitoring):
        (WebCore::MediaSessionManager::hasWirelessTargetsAvailable):
        (WebCore::MediaSessionManager::sessions):
        (WebCore::MediaSessionManager::startMonitoringAirPlayRoutes): Deleted.
        (WebCore::MediaSessionManager::stopMonitoringAirPlayRoutes): Deleted.

        * platform/audio/ios/MediaSessionManagerIOS.h:
        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (WebCore::MediaSessionManageriOS::configureWireLessTargetMonitoring): Start or stop monitoring
            for route changes depending on client state.
        (WebCore::MediaSessionManageriOS::startMonitoringAirPlayRoutes): Deleted.
        (WebCore::MediaSessionManageriOS::stopMonitoringAirPlayRoutes): Deleted.

2014-10-13  Chris Dumez  <cdumez@apple.com>

        [Mac] Return value of createImageSourceOptions() is leaked in ImageSourceCG
        https://bugs.webkit.org/show_bug.cgi?id=137677

        Reviewed by Simon Fraser.

        The return value of createImageSourceOptions() was leaked in
        ImageSourceCG.cpp. It was returning a CFDictionaryRef created using
        CFDictionaryCreate(). Therefore, the return value should have been
        released but wasn't.

        This patch makes createImageSourceOptions() return a
        RetainPtr<CFDictionaryRef> to make sure the CFDictionaryRef properly
        gets released after use.

        No new tests, no behavior change.

        * platform/graphics/cg/ImageSourceCG.cpp:
        (WebCore::createImageSourceOptions):
        (WebCore::imageSourceOptions):
        (WebCore::ImageSource::isSizeAvailable):
        (WebCore::ImageSource::allowSubsamplingOfFrameAtIndex):
        (WebCore::ImageSource::frameSizeAtIndex):
        (WebCore::ImageSource::orientationAtIndex):
        (WebCore::ImageSource::getHotSpot):
        (WebCore::ImageSource::repetitionCount):
        (WebCore::ImageSource::createFrameAtIndex):
        (WebCore::ImageSource::frameDurationAtIndex):

2014-10-13  Yusuke Suzuki  <utatane.tea@gmail.com>

        CSS JIT: Implement :visited pseudo class
        https://bugs.webkit.org/show_bug.cgi?id=135293

        Reviewed by Benjamin Poulain.

        This patch implements CSS JIT for :visited. And it makes :not(:link) JIT-ed.
        Following the design discussed at the other bug[1], implemented :visited JIT
        without tracking VisitedMatchEnabled state.

        In this patch, we change the semantics of :visited / :link
        inside functional pseudo classes for further CSS Selector Level 4 extensions.

        Edge cases are tested by the existing tests.
        :not(:link)
            fast/history/link-inside-not.html
        :not(:visited)
            fast/history/visited-inside-not.html
        :-webkit-any(:link)
            fast/history/link-inside-any.html
        :-webkit-any(:visited)
            fast/history/visited-inside-any.html

        [1]: https://bugs.webkit.org/show_bug.cgi?id=135639

        Test: fast/history/link-inside-not-inside-any.html
            To cover the :-webkit-any(:not(:link)), added new tests.

        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::addPseudoClassType):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::SelectorCodeGenerator):
        (WebCore::SelectorCompiler::constructFragments):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateSelectorChecker):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateSelectorCheckerExcludingPseudoElements):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateRightmostTreeWalker):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatching):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementLinkMatching):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsFirstLink):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateStoreLastVisitedElement):

2014-10-13  Chris Dumez  <cdumez@apple.com>

        Use modern loops in RenderLayerCompositor
        https://bugs.webkit.org/show_bug.cgi?id=137670

        Reviewed by Simon Fraser.

        Use modern range for-loops in RenderLayerCompositor.

        No new tests, no behavior change.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::OverlapMapContainer::overlapsLayers):
        (WebCore::RenderLayerCompositor::OverlapMap::RectList::intersects):
        (WebCore::RenderLayerCompositor::updateScrollCoordinatedLayersAfterFlush):
        (WebCore::RenderLayerCompositor::updateCustomLayersAfterFlush):
        (WebCore::RenderLayerCompositor::addToOverlapMapRecursive):
        (WebCore::RenderLayerCompositor::computeCompositingRequirementsForNamedFlowFixed):
        (WebCore::RenderLayerCompositor::computeCompositingRequirements):
        (WebCore::RenderLayerCompositor::computeRegionCompositingRequirements):
        (WebCore::RenderLayerCompositor::rebuildCompositingLayerTreeForNamedFlowFixed):
        (WebCore::RenderLayerCompositor::rebuildCompositingLayerTree):
        (WebCore::RenderLayerCompositor::rebuildRegionCompositingLayerTree):
        (WebCore::RenderLayerCompositor::updateLayerTreeGeometry):
        (WebCore::RenderLayerCompositor::updateCompositingDescendantGeometry):
        (WebCore::RenderLayerCompositor::recursiveRepaintLayer):
        (WebCore::resetTrackedRepaintRectsRecursive):
        (WebCore::RenderLayerCompositor::layerHas3DContent):
        (WebCore::RenderLayerCompositor::registerAllViewportConstrainedLayers):
        (WebCore::RenderLayerCompositor::registerAllScrollingLayers):
        (WebCore::RenderLayerCompositor::unregisterAllScrollingLayers):

2014-10-13  Chris Dumez  <cdumez@apple.com>

        Drop unnecessary overlapMap null checks in computeCompositingRequirements()
        https://bugs.webkit.org/show_bug.cgi?id=137668

        Reviewed by Andreas Kling.

        Drop unnecessary overlapMap null checks in computeCompositingRequirements().
        The function is never called with a null overlapMap so we can make the
        argument a reference and drop all the null checks.

        No new tests, no behavior change.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateCompositingLayers):
        (WebCore::RenderLayerCompositor::computeCompositingRequirementsForNamedFlowFixed):
        (WebCore::RenderLayerCompositor::computeCompositingRequirements):
        (WebCore::RenderLayerCompositor::computeRegionCompositingRequirements):
        * rendering/RenderLayerCompositor.h:

2014-10-13  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for PlatformCALayer subclasses
        https://bugs.webkit.org/show_bug.cgi?id=137661

        Reviewed by Simon Fraser.

        Use is<>() / downcast<>() for PlatformCALayer subclasses and clean up
        the surrounding code.

        No new tests, no behavior change.

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::ensureStructuralLayer):
        (WebCore::GraphicsLayerCA::updateContentsRects):
        (WebCore::GraphicsLayerCA::updateReplicatedLayers):
        (WebCore::GraphicsLayerCA::swapFromOrToTiledLayer):
        (WebCore::GraphicsLayerCA::fetchCloneLayers): Deleted.
        * platform/graphics/ca/PlatformCALayer.h:
        * platform/graphics/ca/TileCoverageMap.cpp:
        (WebCore::TileCoverageMap::TileCoverageMap):
        * platform/graphics/ca/TileGrid.cpp:
        (WebCore::TileGrid::ensureTilesForRect):
        * platform/graphics/ca/mac/PlatformCALayerMac.h:
        * platform/graphics/ca/mac/PlatformCALayerMac.mm:
        (PlatformCALayerMac::clone):
        (PlatformCALayerMac::appendSublayer):
        (PlatformCALayerMac::insertSublayer):
        (PlatformCALayerMac::replaceSublayer):
        (PlatformCALayerMac::adoptSublayers):
        (PlatformCALayerMac::copyFiltersFrom):
        * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
        (WebCore::CACFLayerTreeHost::setRootChildLayer):
        * platform/graphics/ca/win/PlatformCALayerWin.cpp:
        (PlatformCALayerWin::clone):
        (PlatformCALayerWin::rootLayer):
        (PlatformCALayerWin::appendSublayer):
        (PlatformCALayerWin::insertSublayer):
        (PlatformCALayerWin::replaceSublayer):
        (PlatformCALayerWin::adoptSublayers):
        (PlatformCALayerWin::copyFiltersFrom):
        * platform/graphics/ca/win/PlatformCALayerWin.h:
        * platform/graphics/ca/win/PlatformCALayerWinInternal.cpp:
        (PlatformCALayerWinInternal::insertSublayer):
        * platform/graphics/ca/win/PlatformCALayerWinInternal.h:

2014-10-13  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for Filter / FilterOperation subclasses
        https://bugs.webkit.org/show_bug.cgi?id=137644

        Reviewed by Darin Adler.

        Use is<>() / downcast<>() for Filter / FilterOperation subclasses.

        No new tests, no behavior change.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::valueForFilter):
        * platform/graphics/ca/mac/PlatformCAFiltersMac.mm:
        (PlatformCAFilters::filterValueForOperation):
        (PlatformCAFilters::colorMatrixValueForFilter):
        * platform/graphics/filters/Filter.h:
        * platform/graphics/filters/FilterOperation.cpp:
        (WebCore::DefaultFilterOperation::operator==):
        (WebCore::ReferenceFilterOperation::operator==):
        (WebCore::BasicColorMatrixFilterOperation::blend):
        (WebCore::BasicColorMatrixFilterOperation::operator==):
        (WebCore::BasicComponentTransferFilterOperation::blend):
        (WebCore::BasicComponentTransferFilterOperation::operator==):
        (WebCore::BlurFilterOperation::operator==):
        (WebCore::BlurFilterOperation::blend):
        (WebCore::DropShadowFilterOperation::operator==):
        (WebCore::DropShadowFilterOperation::blend):
        * platform/graphics/filters/FilterOperation.h:
        * platform/graphics/filters/FilterOperations.cpp:
        (WebCore::FilterOperations::outsets):
        * rendering/FilterEffectRenderer.cpp:
        (WebCore::FilterEffectRenderer::build):
        * rendering/RenderLayerFilterInfo.cpp:
        (WebCore::RenderLayer::FilterInfo::updateReferenceFilterClients):
        * rendering/svg/RenderSVGResourceFilterPrimitive.cpp:
        (WebCore::RenderSVGResourceFilterPrimitive::determineFilterPrimitiveSubregion):
        * svg/graphics/filters/SVGFilter.h:
        (isType):

2014-10-13  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for Table render objects
        https://bugs.webkit.org/show_bug.cgi?id=137641

        Reviewed by Mihnea Ovidenie.

        Use is<>() / downcast<>() for table-related render objects and clean
        up the surrounding code.

        No new tests, no behavior change.

        * accessibility/AccessibilityARIAGrid.cpp:
        (WebCore::AccessibilityARIAGrid::addChildren):
        * accessibility/AccessibilityTable.cpp:
        (WebCore::AccessibilityTable::tableElement):
        (WebCore::AccessibilityTable::isDataTable):
        (WebCore::AccessibilityTable::isTableExposableThroughAccessibility):
        (WebCore::AccessibilityTable::addChildren):
        * accessibility/AccessibilityTableCell.cpp:
        (WebCore::AccessibilityTableCell::parentTable):
        (WebCore::AccessibilityTableCell::rowIndexRange):
        (WebCore::AccessibilityTableCell::columnIndexRange):
        (WebCore::AccessibilityTableCell::titleUIElement):
        * accessibility/AccessibilityTableColumn.cpp:
        (WebCore::AccessibilityTableColumn::headerObject):
        * editing/DeleteSelectionCommand.cpp:
        (WebCore::DeleteSelectionCommand::removeNode):
        * editing/TextIterator.cpp:
        (WebCore::shouldEmitTabBeforeNode):
        (WebCore::shouldEmitNewlinesBeforeAndAfterNode):
        * html/HTMLTableCellElement.cpp:
        (WebCore::HTMLTableCellElement::parseAttribute):
        (WebCore::HTMLTableCellElement::cellAbove):
        * html/HTMLTableColElement.cpp:
        (WebCore::HTMLTableColElement::parseAttribute):
        * mathml/MathMLElement.cpp:
        (WebCore::MathMLElement::parseAttribute):
        * rendering/AutoTableLayout.cpp:
        (WebCore::AutoTableLayout::recalcColumn):
        (WebCore::shouldScaleColumns):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::computeIntrinsicLogicalWidths):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::computePercentageLogicalHeight):
        (WebCore::RenderBox::layoutOverflowRectForPropagation):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::addChild):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::addChild):
        (WebCore::RenderTable::layout):
        (WebCore::RenderTable::firstColumn):
        (WebCore::RenderTable::recalcSections):
        (WebCore::RenderTable::sectionAbove):
        (WebCore::RenderTable::sectionBelow):
        (WebCore::RenderTable::bottomSection):
        * rendering/RenderTable.h:
        * rendering/RenderTableCaption.cpp:
        (WebCore::RenderTableCaption::table):
        * rendering/RenderTableCell.h:
        (WebCore::RenderTableCell::nextCell):
        (WebCore::RenderTableCell::previousCell):
        (WebCore::RenderTableRow::firstCell):
        (WebCore::RenderTableRow::lastCell):
        * rendering/RenderTableCol.cpp:
        (WebCore::RenderTableCol::table):
        (WebCore::RenderTableCol::enclosingColumnGroup):
        (WebCore::RenderTableCol::nextColumn):
        * rendering/RenderTableCol.h:
        Make updateFromElement() public to allow the callers to use tighter
        typing and devitualize the call as the class is final.

        * rendering/RenderTableRow.cpp:
        (WebCore::RenderTableRow::addChild):
        * rendering/RenderTableRow.h:
        (WebCore::RenderTableSection::firstRow):
        (WebCore::RenderTableSection::lastRow):
        (WebCore::RenderTableRow::nextRow):
        (WebCore::RenderTableRow::previousRow):
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::addChild):
        (WebCore::RenderTableSection::layoutRows):
        (WebCore::RenderTableSection::paintCell):
        * rendering/RenderTableSection.h:
        * rendering/RenderTreeAsText.cpp:
        (WebCore::writeTextRun):
        (WebCore::writeSimpleLine):

2014-10-08  Jer Noble  <jer.noble@apple.com>

        MediaPlayer::characteristicChanged() is not called when new tracks are found in SourceBufferPrivateAVFObjC
        https://bugs.webkit.org/show_bug.cgi?id=137533

        Reviewed by Darin Adler.

        When a new AVAsset is returned out of the AVStreamDataParser, notify the HTMLMediaElement that
        characteristics of the player may have changed.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::characteristicsChanged):
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::didParseStreamDataAsAsset):

2014-10-13  Jer Noble  <jer.noble@apple.com>

        [iOS] Stop listening for wireless playback target availability when the default controls are hidden.
        https://bugs.webkit.org/show_bug.cgi?id=137633

        Reviewed by Dean Jackson.

        In order to minimize the excess bandwidth and power consumption required for actively listening
        for wireless playback target availablity, unregister for those notifications while the controls
        are hidden due to playback, or when the element's document is hidden.

        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.createBase): Register for document visiblity change notfications.
        (ControllerIOS.prototype.setControlsType): Call updateShouldListenForPlaybackTargetAvailabilityEvent()
            instead of setShouldListenForPlaybackTargetAvailabilityEvent()
        (ControllerIOS.prototype.hideControls): Ditto.
        (ControllerIOS.prototype.showControls): Ditto.
        (ControllerIOS.prototype.updateStatusDisplay): Ditto.
        (ControllerIOS.prototype.handleVisibilityChange): Ditto.
        (ControllerIOS.prototype.updateShouldListenForPlaybackTargetAvailabilityEvent): Added. Only listen
            for target availability when the video has no errors, is not in the initial "big play button"
            controls state, and when the controls are not hidden.
        * platform/audio/ios/MediaSessionManagerIOS.mm:
        (-[WebMediaSessionHelper stopMonitoringAirPlayRoutes]): Explicitly set the discoveryMode to "disabled"
            rather than waiting for the autoreleasepool to destroy our routing controller.

2014-10-13  Simon Fraser  <simon.fraser@apple.com>

        iOS DRT snapshots are limited to the page visible area
        https://bugs.webkit.org/show_bug.cgi?id=137650

        Reviewed by Daniel Bates.

        LegacyTileCache drawing was limited to the window's visible area, found by
        crawling up the layer hierarchy to the root layer. This caused test snapshots to
        be missing non-composited content outside the iPhone visible area, which hinders
        testing.
        
        Fix by adding a test-only mode where the window visible area is the entire window.

        * platform/ios/wak/WAKWindow.h:
        * platform/ios/wak/WAKWindow.mm:
        (-[WAKWindow setEntireWindowVisibleForTesting:]):
        (-[WAKWindow _visibleRectRespectingMasksToBounds:]):

2014-10-13  Mihnea Ovidenie  <mihnea@adobe.com>

        [CSSRegions] Make RenderNamedFlowFragment::computeStyleInRegion const
        https://bugs.webkit.org/show_bug.cgi?id=137604

        Reviewed by Andrei Bucur.

        The method computeStyleInRegion should be const as it does not modify
        the state of the RenderNamedFlowFragment instance. Make pointers to
        the region used for styling const along the way. No new tests as no
        change in functionality.

        * css/ElementRuleCollector.h:
        (WebCore::ElementRuleCollector::ElementRuleCollector):
        (WebCore::ElementRuleCollector::setRegionForStyling):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::State::initForStyleResolve):
        (WebCore::StyleResolver::styleForElement):
        * css/StyleResolver.h:
        * rendering/RenderNamedFlowFragment.cpp:
        (WebCore::RenderNamedFlowFragment::computeStyleInRegion):
        * rendering/RenderNamedFlowFragment.h:

2014-09-30  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] Pass the valid set of tracks to grow beyond growth limits
        https://bugs.webkit.org/show_bug.cgi?id=137253

        Reviewed by Darin Adler.

        Section 10.4 of the specs describe how to resolve content based
        track sizing functions. Among others it describes the "distribute
        extra space" algorithm. The 3rd bullet of that algorithm specifies
        how to distribute (and also the target tracks) the extra space
        once all the tracks have reached their growth limits.

        Our implementation had 2 problems. First we were not passing a
        valid subset of tracks (instead we were always using all of
        them). Now we use a function that filters the right tracks to be
        the target of the extra space distribution depending on whether
        we're computing the min track function or the max track function.

        Secondly the algorithm that was distributing the extra space was
        not using that list of passed in tracks (it iterated over all of
        them). From now on it will use the set of tracks selected using
        the filter function described above.

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctions):
        (WebCore::RenderGrid::resolveContentBasedTrackSizingFunctionsForItems):
        (WebCore::RenderGrid::distributeSpaceToTracks):
        * rendering/RenderGrid.h:
        * rendering/style/GridTrackSize.h:
        (WebCore::GridTrackSize::hasMinContentMinTrackBreadthAndMinOrMaxContentMaxTrackBreadth):
        (WebCore::GridTrackSize::hasMaxContentMinTrackBreadthAndMaxContentMaxTrackBreadth):

2014-10-12  Mike West  <mkwst@chromium.org>

        Referrer Policy: Update <meta name="referrer"> values to match the spec
        https://bugs.webkit.org/show_bug.cgi?id=137635

        Reviewed by Jochen Eisinger.

        The Referrer Policy specification ([Working Draft][WD], [Editor's
        draft[ED]) defines different keywords than we originally
        implemented. We should support them in the interests of clarity and
        interoperability with other browsers implementing the specification.

        [WD]: http://www.w3.org/TR/referrer-policy/#referrer-policy-delivery-meta
        [ED]: http://w3c.github.io/webappsec/specs/referrer-policy/#referrer-policy-delivery-meta

        This patch is a port of Blink's https://codereview.chromium.org/607433002/

        Tests: http/tests/security/referrer-policy-conflicting-policies.html
               http/tests/security/referrer-policy-https-no-referrer-when-downgrade.html
               http/tests/security/referrer-policy-https-no-referrer.html
               http/tests/security/referrer-policy-https-unsafe-url.html
               http/tests/security/referrer-policy-no-referrer-when-downgrade.html
               http/tests/security/referrer-policy-no-referrer.html

        * dom/Document.cpp:
        (WebCore::Document::processReferrerPolicy):

2014-10-12  Dhi Aurrahman  <diorahman@rockybars.com>

        Support activation behavior of link element
        https://bugs.webkit.org/show_bug.cgi?id=137597

        Reviewed by Benjamin Poulain.

        Support activation behavior of link elements as defined in [1],
        i.e. to follow the hyperlink created by the link element when it is fully active.

        [1] https://html.spec.whatwg.org/multipage/semantics.html#the-link-element

        Tests: fast/dom/html-link-element-activation-behavior-on-element-click.html
               fast/dom/html-link-element-activation-behavior-on-mouse-click.html
               fast/dom/html-link-element-activation-behavior-url-is-null.html

        * dom/MouseEvent.cpp:
        (WebCore::MouseEvent::triggerActivationBehavior):
        * dom/MouseEvent.h:
        * html/HTMLAnchorElement.cpp:
        (WebCore::HTMLAnchorElement::defaultEventHandler):
        (WebCore::isLinkClick): Deleted.
        * html/HTMLAnchorElement.h:
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::defaultEventHandler):
        (WebCore::HTMLLinkElement::handleClick):
        * html/HTMLLinkElement.h:
        * svg/SVGAElement.cpp:
        (WebCore::SVGAElement::defaultEventHandler):

2014-10-11  KwangHyuk Kim  <hyuki.kim@samsung.com>

        [EFL] Enable WebP support.
        https://bugs.webkit.org/show_bug.cgi?id=136156

        Reviewed by Gyuyoung Kim.

        Add WebP library and inlcude path to WebCore path for WK2 Efl.
        No new tests since existing feature is just enabled for WK2 Efl.

        * PlatformEfl.cmake:

2014-10-11  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GLIB] Split GMainLoopSource moving thread safe implementation to its own class GThreadSafeMainLoopSource
        https://bugs.webkit.org/show_bug.cgi?id=137485

        Reviewed by Sergio Villar Senin.

        Use GThreadSafeMainLoopSource for GStreamer sources, since they
        can be used from different threads. Also update GMutexLocker
        usages, since it's now a template.

        * platform/audio/gstreamer/AudioFileReaderGStreamer.cpp:
        (WebCore::AudioFileReader::createBus):
        * platform/graphics/gstreamer/InbandTextTrackPrivateGStreamer.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::updateTexture):
        (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
        (WebCore::MediaPlayerPrivateGStreamerBase::paint):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
        * platform/graphics/gstreamer/TrackPrivateBaseGStreamer.h:
        * platform/graphics/gstreamer/VideoSinkGStreamer.cpp:
        (webkitVideoSinkTimeoutCallback):
        (webkitVideoSinkRender):
        (unlockBufferMutex):
        (webkitVideoSinkUnlockStop):
        (webkitVideoSinkStart):
        * platform/graphics/gstreamer/WebKitMediaSourceGStreamer.cpp:
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (webKitWebSrcGetProperty):
        (webKitWebSrcStop):
        (webKitWebSrcStart):
        (webKitWebSrcChangeState):
        (webKitWebSrcQueryWithParent):
        (webKitWebSrcGetUri):
        (webKitWebSrcSetUri):
        (webKitWebSrcNeedDataMainCb):
        (webKitWebSrcNeedDataCb):
        (webKitWebSrcEnoughDataMainCb):
        (webKitWebSrcEnoughDataCb):
        (webKitWebSrcSeekDataCb):
        (webKitWebSrcSetMediaPlayer):
        (StreamingClient::createReadBuffer):
        (StreamingClient::handleResponseReceived):
        (StreamingClient::handleDataReceived):
        (StreamingClient::handleNotifyFinished):
        (ResourceHandleStreamingClient::wasBlocked):
        (ResourceHandleStreamingClient::cannotShowURL):

2014-10-10  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for Image subclasses
        https://bugs.webkit.org/show_bug.cgi?id=137625

        Reviewed by Andreas Kling.

        Use is<>() / downcast<>() for Image subclasses.

        No new tests, no behavior change.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::remoteSVGRootElement):
        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::imageSizeForRenderer):
        (WebCore::CachedImage::createImage):
        * platform/graphics/BitmapImage.h:
        * platform/graphics/Image.h:
        * platform/mac/DragImageMac.mm:
        (WebCore::createDragImageFromImage):
        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::embeddedContentBox):
        * svg/graphics/SVGImage.h:

2014-10-10  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for RenderElement
        https://bugs.webkit.org/show_bug.cgi?id=137622

        Reviewed by Benjamin Poulain.

        Use is<>() / downcast<>() for RenderElement and clean up the
        surrounding code.

        No new tests, no behavior change.

        * accessibility/AccessibilityImageMapLink.cpp:
        (WebCore::AccessibilityImageMapLink::imageMapLinkRenderer):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored):
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::computeRenderStyleForProperty):
        * dom/Node.cpp:
        (WebCore::Node::materializeRareData):
        * dom/Position.cpp:
        (WebCore::isNonTextLeafChild):
        (WebCore::searchAheadForBetterMatch):
        * dom/PseudoElement.cpp:
        (WebCore::PseudoElement::didRecalcStyle):
        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::moveParagraphContentsToNewBlockIfNecessary):
        * editing/htmlediting.cpp:
        (WebCore::isEmptyTableCell):
        * rendering/InlineIterator.h:
        (WebCore::bidiNextShared):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::getFirstLetter):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::layout):
        * rendering/RenderCounter.cpp:
        (WebCore::RenderCounter::rendererRemovedFromTree):
        (WebCore::RenderCounter::rendererSubtreeAttached):
        (showCounterRendererTree):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::insertChildInternal):
        (WebCore::RenderElement::removeChildInternal):
        (WebCore::RenderElement::findNextLayer):
        (WebCore::RenderElement::layout):
        * rendering/RenderElement.h:
        (WebCore::RenderObject::isRenderLayerModelObject):
        (WebCore::RenderObject::isBoxModelObject):
        (WebCore::RenderObject::isRenderBlock):
        (WebCore::RenderObject::isRenderBlockFlow):
        (WebCore::RenderObject::isRenderReplaced):
        (WebCore::RenderObject::isRenderInline):
        (WebCore::RenderObject::style):
        (WebCore::RenderObject::firstLineStyle):
        (WebCore::ContainerNode::renderer):
        * rendering/RenderFrameSet.cpp:
        (WebCore::RenderFrameSet::paint):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderNamedFlowFragment.cpp:
        (WebCore::RenderNamedFlowFragment::computeChildrenStyleInRegion):
        (WebCore::RenderNamedFlowFragment::setObjectStyleInRegion):
        (WebCore::RenderNamedFlowFragment::restoreRegionObjectsOriginalStyle):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::clearNeedsLayout):
        (WebCore::RenderObject::willBeDestroyed):
        (WebCore::RenderObject::collectAnnotatedRegions):
        * rendering/RenderVTTCue.cpp:
        (WebCore::RenderVTTCue::initializeLayoutParameters):
        (WebCore::RenderVTTCue::repositionGenericCue):
        * rendering/mathml/RenderMathMLFraction.cpp:
        (WebCore::RenderMathMLFraction::addChild):
        * rendering/mathml/RenderMathMLMenclose.cpp:
        (WebCore::RenderMathMLMenclose::addChild):
        * rendering/mathml/RenderMathMLOperator.cpp:
        (WebCore::RenderMathMLOperator::rebuildTokenContent):
        (WebCore::RenderMathMLOperator::updateStyle):
        * rendering/mathml/RenderMathMLRoot.cpp:
        (WebCore::RenderMathMLRoot::addChild):
        (WebCore::RenderMathMLRoot::layout):
        * rendering/mathml/RenderMathMLToken.cpp:
        (WebCore::RenderMathMLToken::addChild):
        (WebCore::RenderMathMLToken::updateTokenContent):
        (WebCore::RenderMathMLToken::updateStyle):
        * rendering/mathml/RenderMathMLUnderOver.cpp:
        (WebCore::RenderMathMLUnderOver::layout):
        * rendering/svg/RenderSVGResource.cpp:
        (WebCore::RenderSVGResource::markForLayoutAndParentResourceInvalidation):
        * rendering/svg/RenderSVGText.cpp:
        (WebCore::findPreviousAndNextAttributes):
        (WebCore::RenderSVGText::subtreeStyleDidChange):
        (WebCore::updateFontInAllDescendants):
        * rendering/svg/SVGRenderSupport.cpp:
        (WebCore::SVGRenderSupport::layoutChildren):
        * rendering/svg/SVGResourcesCache.cpp:
        (WebCore::SVGResourcesCache::clientWasAddedToTree):
        (WebCore::SVGResourcesCache::clientWillBeRemovedFromTree):
        * rendering/svg/SVGTextLayoutAttributesBuilder.cpp:
        (WebCore::SVGTextLayoutAttributesBuilder::buildLayoutAttributesForTextRenderer):
        (WebCore::SVGTextLayoutAttributesBuilder::buildLayoutAttributesForForSubtree):
        (WebCore::SVGTextLayoutAttributesBuilder::rebuildMetricsForTextRenderer):
        * rendering/svg/SVGTextLayoutAttributesBuilder.h:
        * rendering/svg/SVGTextMetricsBuilder.cpp:
        (WebCore::SVGTextMetricsBuilder::initializeMeasurementWithTextRenderer):
        (WebCore::SVGTextMetricsBuilder::measureTextRenderer):
        (WebCore::SVGTextMetricsBuilder::walkTree):
        (WebCore::SVGTextMetricsBuilder::buildMetricsAndLayoutAttributes):
        * rendering/svg/SVGTextMetricsBuilder.h:
        * rendering/svg/SVGTextRunRenderingContext.cpp:
        (WebCore::SVGTextRunRenderingContext::createGlyphToPathTranslator):
        (WebCore::SVGTextRunRenderingContext::drawSVGGlyphs):
        (WebCore::SVGTextRunRenderingContext::glyphDataForCharacter):
        * svg/SVGFontData.cpp:
        (WebCore::SVGFontData::applySVGGlyphSelection):

2014-10-10  Benjamin Poulain  <benjamin@webkit.org>

        Update :nth-child(An+B of selector-list) to the latest specification
        https://bugs.webkit.org/show_bug.cgi?id=137593

        Reviewed by Andreas Kling.

        Following my implementation feedback on :nth-child(An+B of selector-list),
        the CSS WG decided to change the definition such that the current element on which
        the selector is matched must also match the selector list in :nth-child().

        This patch updates the implementation accordingly.

        Test: fast/selectors/nth-child-of-chained-3.html

        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        (WebCore::SelectorChecker::matchSelectorList):
        * css/SelectorChecker.h:
        * cssjit/SelectorCompiler.cpp:
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatchesSelectorList):
        (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthChildOf):

2014-10-10  Chris Dumez  <cdumez@apple.com>

        Drop RENDER_OBJECT_TYPE_CASTS() for a lot of RenderObject subclasses
        https://bugs.webkit.org/show_bug.cgi?id=137594

        Reviewed by Darin Adler.

        Drop RENDER_OBJECT_TYPE_CASTS() for RenderObject subclasses that no
        longer needed it or that required very few changes to do so. This will
        make sure developers start using is<>() / downcast<>() for those
        classes.

        No new tests, no behavior change.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::textUnderElement):
        (WebCore::AccessibilityRenderObject::stringValue):
        (WebCore::AccessibilityRenderObject::titleUIElement):
        * dom/PseudoElement.cpp:
        (WebCore::PseudoElement::didAttachRenderers):
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::reset):
        * html/HTMLPlugInElement.cpp:
        (WebCore::HTMLPlugInElement::defaultEventHandler):
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::updateSnapshot):
        (WebCore::HTMLPlugInImageElement::checkSnapshotStatus):
        * html/SearchInputType.cpp:
        (WebCore::SearchInputType::addSearchResult):
        (WebCore::SearchInputType::didSetValueByUserEdit):
        * html/shadow/TextControlInnerElements.cpp:
        (WebCore::TextControlInnerTextElement::renderer):
        (WebCore::TextControlInnerTextElement::customStyleForRenderer):
        (WebCore::SearchFieldResultsButtonElement::defaultEventHandler):
        * page/FrameView.cpp:
        (WebCore::FrameView::isInChildFrameWithFrameFlattening):
        * rendering/RenderButton.h:
        * rendering/RenderCounter.h:
        * rendering/RenderDetailsMarker.h:
        * rendering/RenderFieldset.h:
        * rendering/RenderFileUploadControl.cpp:
        (WebCore::RenderFileUploadControl::paintObject):
        * rendering/RenderFileUploadControl.h:
        * rendering/RenderFlexibleBox.h:
        * rendering/RenderFullScreen.h:
        * rendering/RenderGrid.h:
        * rendering/RenderHTMLCanvas.h:
        * rendering/RenderIFrame.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::contentsBox):
        * rendering/RenderMedia.h:
        * rendering/RenderQuote.cpp:
        (WebCore::RenderQuote::attachQuote):
        * rendering/RenderQuote.h:
        * rendering/RenderReplaced.h:
        * rendering/RenderScrollbarPart.h:
        * rendering/RenderSearchField.h:
        * rendering/RenderSnapshottedPlugIn.h:
        * rendering/RenderTableCaption.h:
        * rendering/RenderTextControlMultiLine.h:
        * rendering/RenderTextControlSingleLine.h:
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::paintSnapshottedPluginOverlay):
        * rendering/RenderTreeAsText.cpp:
        (WebCore::RenderTreeAsText::writeRenderObject):
        * rendering/RenderVideo.cpp:
        (WebCore::rendererPlaceholder):
        * rendering/line/BreakingContextInlineHeaders.h:
        (WebCore::updateCounterIfNeeded):
        * rendering/svg/RenderSVGContainer.h:
        * rendering/svg/RenderSVGGradientStop.h:
        * rendering/svg/RenderSVGModelObject.h:
        * rendering/svg/RenderSVGPath.h:
        * rendering/svg/RenderSVGResourceFilter.h:
        * rendering/svg/RenderSVGResourceFilterPrimitive.cpp:
        (WebCore::RenderSVGResourceFilterPrimitive::styleDidChange):
        * rendering/svg/RenderSVGTextPath.h:
        * rendering/svg/RenderSVGTransformableContainer.h:
        * rendering/svg/RenderSVGViewportContainer.h:
        * rendering/svg/SVGRenderSupport.cpp:
        (WebCore::SVGRenderSupport::repaintRectForRendererInLocalCoordinatesExcludingSVGShadow):
        (WebCore::SVGRenderSupport::checkForSVGRepaintDuringLayout):
        (WebCore::updateObjectBoundingBox):
        (WebCore::layoutSizeOfNearestViewportChanged):
        (WebCore::SVGRenderSupport::transformToRootChanged):
        (WebCore::SVGRenderSupport::rendererHasSVGShadow):
        (WebCore::SVGRenderSupport::setRendererHasSVGShadow):
        * rendering/svg/SVGTextLayoutEngine.cpp:
        (WebCore::SVGTextLayoutEngine::beginTextPathLayout):
        * svg/SVGPathElement.cpp:
        (WebCore::SVGPathElement::svgAttributeChanged):
        (WebCore::SVGPathElement::pathSegListChanged):
        (WebCore::SVGPathElement::getBBox):
        * svg/SVGSVGElement.cpp:
        (WebCore::SVGSVGElement::currentViewportSize):

2014-10-10  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for GraphicsLayer subclasses
        https://bugs.webkit.org/show_bug.cgi?id=137595

        Reviewed by Darin Adler.

        Use is<>() / downcast<>() for GraphicsLayer subclasses and clean up the
        surrounding code.

        No new tests, no behavior change.

        * page/mac/ServicesOverlayController.mm:
        (WebCore::ServicesOverlayController::Highlight::Highlight):
        (WebCore::ServicesOverlayController::Highlight::fadeIn):
        (WebCore::ServicesOverlayController::Highlight::fadeOut):
        * platform/graphics/GraphicsLayer.h:
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::removeFromParent):
        (WebCore::GraphicsLayerCA::setMaskLayer):
        (WebCore::GraphicsLayerCA::recursiveVisibleRectChangeRequiresFlush):
        (WebCore::GraphicsLayerCA::recursiveCommitChanges):
        (WebCore::GraphicsLayerCA::updateSublayerList):
        (WebCore::GraphicsLayerCA::ensureStructuralLayer):
        (WebCore::GraphicsLayerCA::updateMaskLayer):
        (WebCore::GraphicsLayerCA::replicatedLayerRoot):
        (WebCore::GraphicsLayerCA::swapFromOrToTiledLayer):
        (WebCore::GraphicsLayerCA::propagateLayerChangeToReplicas):
        (WebCore::GraphicsLayerCA::fetchCloneLayers):
        * platform/graphics/ca/GraphicsLayerCA.h:

2014-10-10  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for RenderBoxModelObject
        https://bugs.webkit.org/show_bug.cgi?id=137587

        Reviewed by Mihnea Ovidenie.

        Use is<>() / downcast<>() for RenderBoxModelObject and clean up the
        surrounding code.

        No new tests, no behavior change.

        * accessibility/AXObjectCache.cpp:
        (WebCore::createFromRenderer):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::renderBoxModelObject):
        (WebCore::isInlineWithContinuation):
        (WebCore::firstChildConsideringContinuation):
        (WebCore::lastChildHasContinuation):
        (WebCore::AccessibilityRenderObject::nextSibling):
        (WebCore::AccessibilityRenderObject::widget):
        (WebCore::AccessibilityRenderObject::renderObjectIsObservable):
        (WebCore::AccessibilityRenderObject::observableObject):
        (WebCore::msaaRoleForRenderer):
        * accessibility/AccessibilityRenderObject.h:
        * accessibility/AccessibilityTable.cpp:
        (WebCore::AccessibilityTable::isDataTable):
        * dom/Node.cpp:
        (WebCore::Node::renderBox):
        (WebCore::Node::renderBoxModelObject):
        * inspector/InspectorOverlay.cpp:
        (WebCore::buildObjectForElementInfo):
        * page/FrameView.cpp:
        (WebCore::FrameView::scrollContentsFastPath):
        * page/PrintContext.cpp:
        (WebCore::enclosingBoxModelObject):
        * page/animation/AnimationBase.cpp:
        (WebCore::AnimationBase::freezeAtTime):
        * page/animation/ImplicitAnimation.cpp:
        (WebCore::ImplicitAnimation::startAnimation):
        (WebCore::ImplicitAnimation::pauseAnimation):
        (WebCore::ImplicitAnimation::endAnimation):
        * page/animation/KeyframeAnimation.cpp:
        (WebCore::KeyframeAnimation::startAnimation):
        (WebCore::KeyframeAnimation::pauseAnimation):
        (WebCore::KeyframeAnimation::endAnimation):
        * page/ios/FrameIOS.mm:
        (WebCore::Frame::overflowScrollPositionChangedForNode):
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::hasVisibleSlowRepaintViewportConstrainedObjects):
        * rendering/InlineBox.h:
        (WebCore::InlineBox::boxModelObject):
        * rendering/InlineElementBox.h:
        (WebCore::InlineElementBox::renderer):
        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::placeBoxesInBlockDirection):
        * rendering/InlineFlowBox.h:
        (WebCore::InlineFlowBox::renderer):
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::baselinePosition):
        (WebCore::InlineTextBox::lineHeight):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::addChildToContinuation):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::computeReplacedLogicalWidthUsing):
        (WebCore::RenderBox::computeReplacedLogicalHeightUsing):
        (WebCore::RenderBox::computePositionedLogicalWidth):
        (WebCore::RenderBox::computePositionedLogicalHeight):
        (WebCore::RenderBox::computePositionedLogicalWidthReplaced):
        (WebCore::RenderBox::computePositionedLogicalHeightReplaced):
        * rendering/RenderBoxModelObject.h:
        * rendering/RenderFlowThread.cpp:
        (WebCore::RenderFlowThread::adjustedPositionRelativeToOffsetParent):
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::splitInlines):
        (WebCore::RenderInline::addChildToContinuation):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::updateLayerPosition):
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::adjustAncestorCompositingBoundsForFlowThread):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::requiresCompositingForIndirectReason):
        (WebCore::RenderLayerCompositor::computeStickyViewportConstraints):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::destroy):
        (WebCore::RenderObject::offsetParent):
        * rendering/mathml/RenderMathMLScripts.cpp:
        (WebCore::RenderMathMLScripts::base):

2014-10-10  Zan Dobersek  <zdobersek@igalia.com>

        Remove CrossThreadTask
        https://bugs.webkit.org/show_bug.cgi?id=137570

        Reviewed by Darin Adler.

        Replace uses of CrossThreadTask with C++11 lambdas. The initializations
        of cross-thread copies are rather verbose at the moment, but should look
        better once we can switch to using C++14 init capture for lambdas.

        * Modules/websockets/WorkerThreadableWebSocketChannel.cpp:
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::initialize):
        * WebCore.order:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/CrossThreadTask.h: Removed.
        * loader/WorkerThreadableLoader.cpp:
        (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge):
        (WebCore::WorkerThreadableLoader::MainThreadBridge::destroy):
        (WebCore::WorkerThreadableLoader::MainThreadBridge::cancel):
        (WebCore::WorkerThreadableLoader::MainThreadBridge::didSendData):
        (WebCore::WorkerThreadableLoader::MainThreadBridge::didReceiveResponse):
        (WebCore::WorkerThreadableLoader::MainThreadBridge::didReceiveData):
        (WebCore::WorkerThreadableLoader::MainThreadBridge::didFinishLoading):
        (WebCore::WorkerThreadableLoader::MainThreadBridge::didFail):
        (WebCore::WorkerThreadableLoader::MainThreadBridge::didFailAccessControlCheck):
        (WebCore::WorkerThreadableLoader::MainThreadBridge::didFailRedirectCheck):
        (WebCore::WorkerThreadableLoader::MainThreadBridge::~MainThreadBridge): Deleted.
        (WebCore::WorkerThreadableLoader::MainThreadBridge::mainThreadCreateLoader): Deleted.
        (WebCore::WorkerThreadableLoader::MainThreadBridge::mainThreadDestroy): Deleted.
        (WebCore::WorkerThreadableLoader::MainThreadBridge::mainThreadCancel): Deleted.
        (WebCore::workerGlobalScopeDidSendData): Deleted.
        (WebCore::workerGlobalScopeDidReceiveResponse): Deleted.
        (WebCore::workerGlobalScopeDidReceiveData): Deleted.
        (WebCore::workerGlobalScopeDidFinishLoading): Deleted.
        (WebCore::workerGlobalScopeDidFail): Deleted.
        (WebCore::workerGlobalScopeDidFailAccessControlCheck): Deleted.
        (WebCore::workerGlobalScopeDidFailRedirectCheck): Deleted.
        * loader/WorkerThreadableLoader.h:
        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::removeRequestFromCache):
        (WebCore::MemoryCache::removeRequestFromSessionCaches):
        (WebCore::MemoryCache::removeRequestFromCacheImpl): Deleted.
        (WebCore::MemoryCache::removeRequestFromSessionCachesImpl): Deleted.
        (WebCore::MemoryCache::crossThreadRemoveRequestFromCache): Deleted.
        (WebCore::MemoryCache::crossThreadRemoveRequestFromSessionCaches): Deleted.
        * loader/cache/MemoryCache.h:

2014-10-10  Zan Dobersek  <zdobersek@igalia.com>

        Avoid defaulting to capture-by-value for C++11 lambdas in WebCore
        https://bugs.webkit.org/show_bug.cgi?id=137565

        Reviewed by Darin Adler.

        C++11 lambas should avoid defaulting to capturing used variables by value as that
        can lead to unintended captures that, in worst cases, result in lambdas that are
        not self-contained and end up operating on dangling pointers.

        Explicitly stating the variables that are to be copied by value can also serve as
        a checklist of variables that are actually intented for use in the lambda body. 

        * Modules/quota/StorageErrorCallback.cpp:
        (WebCore::StorageErrorCallback::CallbackTask::CallbackTask):
        * Modules/webdatabase/Database.cpp:
        (WebCore::Database::~Database):
        (WebCore::Database::runTransaction):
        (WebCore::Database::scheduleTransactionCallback):
        * Modules/webdatabase/DatabaseManager.cpp:
        (WebCore::DatabaseManager::openDatabase):
        * Modules/webdatabase/SQLCallbackWrapper.h:
        (WebCore::SQLCallbackWrapper::clear):
        * Modules/websockets/ThreadableWebSocketChannelClientWrapper.cpp:
        (WebCore::ThreadableWebSocketChannelClientWrapper::didConnect):
        (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveMessage):
        (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveBinaryData):
        (WebCore::ThreadableWebSocketChannelClientWrapper::didUpdateBufferedAmount):
        (WebCore::ThreadableWebSocketChannelClientWrapper::didStartClosingHandshake):
        (WebCore::ThreadableWebSocketChannelClientWrapper::didClose):
        (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveMessageError):
        (WebCore::ThreadableWebSocketChannelClientWrapper::processPendingTasks):
        * Modules/websockets/WorkerThreadableWebSocketChannel.cpp:
        (WebCore::WorkerThreadableWebSocketChannel::Peer::send):
        (WebCore::WorkerThreadableWebSocketChannel::Peer::bufferedAmount):
        (WebCore::WorkerThreadableWebSocketChannel::Peer::didConnect):
        (WebCore::WorkerThreadableWebSocketChannel::Peer::didReceiveMessage):
        (WebCore::WorkerThreadableWebSocketChannel::Peer::didReceiveBinaryData):
        (WebCore::WorkerThreadableWebSocketChannel::Peer::didUpdateBufferedAmount):
        (WebCore::WorkerThreadableWebSocketChannel::Peer::didStartClosingHandshake):
        (WebCore::WorkerThreadableWebSocketChannel::Peer::didClose):
        (WebCore::WorkerThreadableWebSocketChannel::Peer::didReceiveMessageError):
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::mainThreadInitialize):
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::connect):
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::send):
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::bufferedAmount):
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::close):
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::fail):
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::disconnect):
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::suspend):
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::resume):
        * bindings/js/JSCallbackData.h:
        (WebCore::DeleteCallbackDataTask::DeleteCallbackDataTask):
        * bindings/js/JSDOMGlobalObjectTask.cpp:
        (WebCore::JSGlobalObjectTask::JSGlobalObjectTask):
        * dom/ScriptExecutionContext.h:
        (WebCore::ScriptExecutionContext::AddConsoleMessageTask::AddConsoleMessageTask):
        * dom/StringCallback.cpp:
        (WebCore::StringCallback::scheduleCallback):
        * fileapi/FileReader.cpp:
        (WebCore::FileReader::abort):
        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::postListenerTask):
        * workers/DefaultSharedWorkerRepository.cpp:
        (WebCore::SharedWorkerProxy::postExceptionToWorkerObject):
        (WebCore::SharedWorkerProxy::postConsoleMessageToWorkerObject):
        (WebCore::SharedWorkerConnectTask::SharedWorkerConnectTask):
        * workers/WorkerEventQueue.cpp:
        (WebCore::WorkerEventQueue::enqueueEvent):
        * workers/WorkerMessagingProxy.cpp:
        (WebCore::WorkerMessagingProxy::postMessageToWorkerObject):
        (WebCore::WorkerMessagingProxy::postMessageToWorkerGlobalScope):
        (WebCore::WorkerMessagingProxy::postExceptionToWorkerObject):
        (WebCore::WorkerMessagingProxy::postConsoleMessageToWorkerObject):
        (WebCore::WorkerMessagingProxy::notifyNetworkStateChange):
        (WebCore::WorkerMessagingProxy::postMessageToPageInspector):
        (WebCore::WorkerMessagingProxy::confirmMessageFromWorkerObject):
        (WebCore::WorkerMessagingProxy::reportPendingActivity):

2014-10-10  Zan Dobersek  <zdobersek@igalia.com>

        Remove MainThreadTask
        https://bugs.webkit.org/show_bug.cgi?id=137563

        Reviewed by Darin Adler.

        Replace the remaining uses of MainThreadTask with C++11 lambdas.
        Remove the MainThreadTask header from the build.

        * WebCore.order:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/MainThreadTask.h: Removed.
        * platform/network/curl/CurlDownload.cpp:
        (WebCore::CurlDownloadManager::downloadThread):
        (WebCore::CurlDownload::didReceiveHeader):
        (WebCore::CurlDownload::didReceiveData):

2014-10-10  Andrzej Badowski  <a.badowski@samsung.com>

        [ATK] Changing the mapping of ARIA rowheader and columnheader into respective ATK roles.
        https://bugs.webkit.org/show_bug.cgi?id=136150

        Reviewed by Chris Fleizach.

        Expose ColumnHeaderRole and RowHeaderRole objects into ATK.

        Test: accessibility/table-roles-hierarchy.html

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
        Platforms based on ATK: added distinction of roles for the <th> elements.
        * accessibility/AccessibilityTableCell.cpp:
        (WebCore::AccessibilityTableCell::determineAccessibilityRole):
        Platforms based on ATK: the return value is determined in the ancestor.
        * accessibility/atk/AccessibilityObjectAtk.cpp:
        (WebCore::AccessibilityObject::accessibilityPlatformIncludesObject):
        In addition to CellRole also included ColumnHeaderRole and RowHeaderRole.
        * accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
        (atkRole):
        Changing the mapping of ARIA rowheader and columnheader into respective ATK roles.
        (getInterfaceMaskFromObject):
        In addition to CellRole also included ColumnHeaderRole and RowHeaderRole.

2014-10-09  Carlos Garcia Campos  <cgarcia@igalia.com>

        MediaPlayer should use a reference for the MediaPlayerClient
        https://bugs.webkit.org/show_bug.cgi?id=137552

        Reviewed by Darin Adler.

        The MediaPlayer client is set on constructor by HTMLMediaElement
        and cleared on HTMLMediaElement destructor that also frees the
        MediaPlayer object. Since the client will never be null while the
        MediaPlayer player is alive, we can use a reference and remove all
        the unneeded null checks. The member has also been renamed to m_client.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::~HTMLMediaElement):
        (WebCore::HTMLMediaElement::parseAttribute):
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::MediaPlayer):
        (WebCore::MediaPlayer::~MediaPlayer):
        (WebCore::MediaPlayer::loadWithNextMediaEngine):
        (WebCore::MediaPlayer::inMediaDocument):
        (WebCore::MediaPlayer::currentPlaybackTargetIsWirelessChanged):
        (WebCore::MediaPlayer::networkStateChanged):
        (WebCore::MediaPlayer::readyStateChanged):
        (WebCore::MediaPlayer::volumeChanged):
        (WebCore::MediaPlayer::muteChanged):
        (WebCore::MediaPlayer::timeChanged):
        (WebCore::MediaPlayer::sizeChanged):
        (WebCore::MediaPlayer::repaint):
        (WebCore::MediaPlayer::durationChanged):
        (WebCore::MediaPlayer::rateChanged):
        (WebCore::MediaPlayer::playbackStateChanged):
        (WebCore::MediaPlayer::firstVideoFrameAvailable):
        (WebCore::MediaPlayer::characteristicChanged):
        (WebCore::MediaPlayer::keyAdded):
        (WebCore::MediaPlayer::keyError):
        (WebCore::MediaPlayer::keyMessage):
        (WebCore::MediaPlayer::keyNeeded):
        (WebCore::MediaPlayer::referrer):
        (WebCore::MediaPlayer::userAgent):
        (WebCore::MediaPlayer::graphicsDeviceAdapter):
        (WebCore::MediaPlayer::cachedResourceLoader):
        (WebCore::MediaPlayer::addAudioTrack):
        (WebCore::MediaPlayer::removeAudioTrack):
        (WebCore::MediaPlayer::addTextTrack):
        (WebCore::MediaPlayer::removeTextTrack):
        (WebCore::MediaPlayer::addVideoTrack):
        (WebCore::MediaPlayer::removeVideoTrack):
        (WebCore::MediaPlayer::outOfBandTrackSources):
        (WebCore::MediaPlayer::shouldWaitForResponseToAuthenticationChallenge):
        (WebCore::MediaPlayer::handlePlaybackCommand):
        (WebCore::MediaPlayer::sourceApplicationIdentifier):
        (WebCore::MediaPlayer::doesHaveAttribute):
        (WebCore::MediaPlayer::mediaPlayerNetworkInterfaceName):
        (WebCore::MediaPlayer::getRawCookies):
        (WebCore::MediaPlayer::setWirelessVideoPlaybackDisabled): Deleted.
        (WebCore::MediaPlayer::audioSourceProvider): Deleted.
        (WebCore::MediaPlayer::engineDescription): Deleted.
        (WebCore::MediaPlayer::notifyTrackModeChanged): Deleted.
        (WebCore::MediaPlayer::totalFrameDelay): Deleted.
        (WebCore::MediaPlayerFactorySupport::callRegisterMediaEngine): Deleted.
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayer::create):
        (WebCore::MediaPlayer::platformVolumeConfigurationRequired):
        (WebCore::MediaPlayer::client):
        (WebCore::MediaPlayer::mediaPlayerClient): Deleted.
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::preferredRenderingMode):
        (WebCore::MediaPlayerPrivateAVFoundation::setUpVideoRendering):
        (WebCore::MediaPlayerPrivateAVFoundation::prepareForRendering):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoLayer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerLayer):
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::acceleratedRenderingStateChanged):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::addDisplayLayer):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::removeDisplayLayer):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::addAudioRenderer):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::removeAudioRenderer):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::MediaPlayerPrivateGStreamer::setAudioStreamProperties):
        (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfVideo):
        (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfVideoCaps):
        (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfAudio):
        (WebCore::MediaPlayerPrivateGStreamer::didEnd):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
        * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
        (webKitWebSrcStart):
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
        (WebCore::MediaPlayerPrivateQTKit::preferredRenderingMode):
        (WebCore::MediaPlayerPrivateQTKit::setUpVideoRendering):
        (WebCore::MediaPlayerPrivateQTKit::prepareForRendering):
        (WebCore::MediaPlayerPrivateQTKit::sawUnsupportedTracks):

2014-10-09  Mihnea Ovidenie  <mihnea@adobe.com>

        [CSSRegions] Make RenderFlowThread::regionAtBlockOffset const
        https://bugs.webkit.org/show_bug.cgi?id=137555

        Reviewed by David Hyatt.

        Make the method const and remove autoGenerateRegionsToBlockOffset method as it
        is not used by region-based multicolumn code. Also removed the RegionAutoGenerationPolicy
        parameter in the process and the call sites. Make const some of the methods that call
        regionAtBlockOffset.

        * rendering/RenderFlowThread.cpp:
        (WebCore::RenderFlowThread::regionForCompositedLayer):
        (WebCore::RenderFlowThread::regionAtBlockOffset):
        (WebCore::RenderFlowThread::adjustedPositionRelativeToOffsetParent):
        (WebCore::RenderFlowThread::pageLogicalTopForOffset):
        (WebCore::RenderFlowThread::pageLogicalWidthForOffset):
        (WebCore::RenderFlowThread::pageLogicalHeightForOffset):
        (WebCore::RenderFlowThread::pageRemainingLogicalHeightForOffset):
        (WebCore::RenderFlowThread::mapFromFlowToRegion):
        (WebCore::RenderFlowThread::computedRegionRangeForBox):
        * rendering/RenderFlowThread.h:
        * rendering/RenderMultiColumnFlowThread.cpp:
        (WebCore::RenderMultiColumnFlowThread::regionAtBlockOffset):
        (WebCore::RenderMultiColumnFlowThread::mapFromFlowToRegion):
        (WebCore::RenderMultiColumnFlowThread::physicalTranslationFromFlowToRegion):
        (WebCore::RenderMultiColumnFlowThread::autoGenerateRegionsToBlockOffset): Deleted.
        * rendering/RenderMultiColumnFlowThread.h:

2014-10-09  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for FontData subclasses
        https://bugs.webkit.org/show_bug.cgi?id=137591

        Reviewed by Andreas Kling.

        Use is<>() / downcast<>() for FontData subclasses.

        No new tests, no behavior change.

        * platform/graphics/FontData.h:
        * platform/graphics/FontGlyphs.cpp:
        (WebCore::FontGlyphs::releaseFontData):
        (WebCore::FontGlyphs::determinePitch):
        * platform/graphics/GlyphPageTreeNode.cpp:
        (WebCore::GlyphPageTreeNode::initializePage):
        * platform/graphics/SegmentedFontData.h:
        (isType):
        * platform/graphics/SimpleFontData.h:
        (isType):

2014-10-09  Simon Fraser  <simon.fraser@apple.com>

        Revert part of r174543 that broke grid layout tests.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::specifiedValueForGridTrackBreadth):

2014-10-09  Dean Jackson  <dino@apple.com>

        Computed style for clip is wrong with respect to auto
        https://bugs.webkit.org/show_bug.cgi?id=137567

        Reviewed by Simon Fraser.

        Make sure that the computed style of clip returns the
        correct value when the input is "auto", or in this
        case "rect(auto, auto, auto, auto)". Before this
        patch it returned "rect(0px, 0px, 0px, 0px)" which
        was completely wrong.

        Test: fast/css/computed-clip-with-auto-rect.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::autoOrZoomAdjustedValue): Helper function to make the correct keyword or length.
        (WebCore::specifiedValueForGridTrackBreadth): It can use the helper too.
        (WebCore::ComputedStyleExtractor::propertyValue): If the
        top/right/bottom/left is "auto", add that identifier
        to the output rectangle.

2014-10-09  Chris Dumez  <cdumez@apple.com>

        Use RenderObject::firstChildSlow() / lastChildSlow() less
        https://bugs.webkit.org/show_bug.cgi?id=137573

        Reviewed by Andreas Kling.

        Use RenderObject::firstChildSlow() / lastChildSlow() less by using
        tighter typing at call sites whenever possible to be able to call the
        faster RenderElement::firstChild() / lastChild() instead.

        This patch also uses more references instead of pointers when possible.

        No new tests, no behavior change.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::firstChildIsInlineContinuation):
        (WebCore::AccessibilityRenderObject::previousSibling):
        (WebCore::lastChildHasContinuation):
        (WebCore::AccessibilityRenderObject::nextSibling):
        * page/FrameView.cpp:
        (WebCore::countRenderedCharactersInRenderObjectWithThreshold):
        (WebCore::FrameView::renderedCharactersExceed):
        * rendering/RenderElement.h:
        * rendering/RenderRuby.cpp:
        (WebCore::isAnonymousRubyInlineBlock):
        (WebCore::isRubyBeforeBlock):
        (WebCore::isRubyAfterBlock):
        * rendering/svg/RenderSVGInline.h:
        * rendering/svg/RenderSVGText.cpp:
        (WebCore::RenderSVGText::layout):
        * rendering/svg/SVGTextLayoutAttributesBuilder.cpp:
        (WebCore::SVGTextLayoutAttributesBuilder::buildLayoutAttributesForTextRenderer):
        (WebCore::SVGTextLayoutAttributesBuilder::buildLayoutAttributesForForSubtree):
        (WebCore::SVGTextLayoutAttributesBuilder::collectTextPositioningElements):
        (WebCore::SVGTextLayoutAttributesBuilder::buildCharacterDataMap):
        * rendering/svg/SVGTextLayoutAttributesBuilder.h:
        * svg/SVGTextPositioningElement.cpp:
        (WebCore::SVGTextPositioningElement::elementFromRenderer):
        * svg/SVGTextPositioningElement.h:

2014-10-09  Roger Fong  <roger_fong@apple.com>

        Build fix for Win EWS bots.

        * testing/Internals.idl: Move enum declaration to the top of the file.

2014-10-09  Said Abou-Hallawa  <sabouhallawa@apple.com>

        RenderMathMLUnderOver adds spacing to the child operator indefinitely when resizing the window.
        https://bugs.webkit.org/show_bug.cgi?id=137330

        Reviewed by Darin Adler.

        The layout for the <mundercover> math object happens in two separate passes. The first pass runs
        the layout for the two children and then calculates the maximum child width.  It then sets the 
        stretch size for the math operator child.  And finally it runs the second layout pass by calling
        the base class layout() function. The base class function then runs the layout for the children
        rendering blocks.  In the operator child function computePreferredLogicalWidths(), the stretch 
        size is used to adjust the width (or the height) of the operator. Then it adds the leading and
        trailing spaces and the total will be the operator child width.

        When resizing or zooming the window, the render objects are just invalidated but marked as 'needs-
        Layout'.  The problem is happening because the stretch size of the math operator is not reset
        before running the layout.  The old logical width (or height) of the the math operator child which
        is equal to the stretch size plus the leading and trailing spaces for is compared with the glyph
        size if the old logical width ( or height) is larger, it is set to be the stretch size.  When it
        is used again because of invalidation, new leading and trailing spaces are included in the new
        logical width.  So with every zooming-in or out or window resizing, new leading and trailing 
        spaces are added to the logical width of the math operator child or the math <munderober> object.
        
        Ensure the stretch size of the math operator render object is reset before running its layout.
        Running the layout means either the page is just loaded or it's invalidated which means, no 
        layout stall data should be used.

        Test: mathml/opentype/munderover-window-resize.html

        * rendering/mathml/RenderMathMLOperator.cpp:
        (WebCore::RenderMathMLOperator::resetStretchSize):
        * rendering/mathml/RenderMathMLOperator.h:
        resetStretchSize() sets the stretch size to its original value when the class is created.
        * rendering/mathml/RenderMathMLUnderOver.cpp:
        (WebCore::RenderMathMLUnderOver::layout):
        Make sure the operator stretch size is reset before calling its layout. Also make sure the new 
        maximum stretch size to the operator objects that were invalid and needsLayout.

2014-10-09  Dean Jackson  <dino@apple.com>

        Remove ENABLE_CSS3_CONDITIONAL_RULES
        https://bugs.webkit.org/show_bug.cgi?id=137571

        Reviewed by Simon Fraser.

        We have good enough support for @supports that
        it should be a consistent part of the platform. Remove
        the compile-time guard.

        * Configurations/FeatureDefines.xcconfig:
        * WebCore.exp.in:
        * bindings/js/JSCSSRuleCustom.cpp:
        (WebCore::toJS):
        * bindings/objc/DOMCSS.mm:
        (kitClass):
        * css/CSSGrammar.y.in:
        * css/CSSParser.cpp:
        (WebCore::CSSParser::CSSParser):
        (WebCore::CSSParser::parseSupportsCondition):
        (WebCore::CSSParser::detectAtToken):
        (WebCore::CSSParser::detectSupportsToken):
        (WebCore::CSSParser::realLex):
        * css/CSSParser.h:
        * css/CSSRule.h:
        * css/CSSRule.idl:
        * css/CSSSupportsRule.cpp:
        * css/CSSSupportsRule.h:
        * css/CSSSupportsRule.idl:
        * css/DOMWindowCSS.cpp:
        * css/DOMWindowCSS.h:
        * css/DOMWindowCSS.idl:
        * css/InspectorCSSOMWrappers.cpp:
        (WebCore::InspectorCSSOMWrappers::collect):
        * css/RuleSet.cpp:
        (WebCore::RuleSet::addChildRules):
        * css/StyleRule.cpp:
        (WebCore::StyleRuleBase::destroy):
        (WebCore::StyleRuleBase::copy):
        (WebCore::StyleRuleBase::createCSSOMWrapper):
        (WebCore::StyleRuleSupports::StyleRuleSupports):
        * css/StyleRule.h:
        (WebCore::toStyleRuleSupports):
        * css/StyleSheetContents.cpp:
        (WebCore::childRulesHaveFailedOrCanceledSubresources):
        * inspector/InspectorStyleSheet.cpp:
        (flattenSourceData):
        (WebCore::asCSSRuleList):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::css):
        * page/DOMWindow.h:
        * page/DOMWindow.idl:

2014-10-09  Benjamin Poulain  <benjamin@webkit.org>

        Add the baseline implementation of :not(selectorList)
        https://bugs.webkit.org/show_bug.cgi?id=137548

        Reviewed by Andreas Kling.

        This patch extend the pseudo class :not() to support the new definition
        in CSS Selectors level 4.

        Instead of supporting a single simple selector, :not() now support
        an arbitrary selector list, excepted pseudo elements.

        One side effect of this change is :visited and :link are no longer supported
        inside :not(). The reason has to do with complexity and performance.
        Since :not() and :matches() can have arbitrary selector list, keeping track of
        :visited and :link can have many combination superposing, some valid, some invalid.

        Supporting :visited and :link should be possible by chaning the way we handle
        them for style resolution, but given the limited use cases for such features
        I'll wait to see if there is any interest before changing everything.

        This patch only covers SelectorChecker to keep things simple. The CSS JIT
        will come later.

        Tests: fast/css/not-basics.html
               fast/css/parsing-css-not-1.html
               fast/css/parsing-css-not-2.html
               fast/css/parsing-css-not-3.html
               fast/css/parsing-css-not-4.html
               fast/css/parsing-css-not-5.html
               fast/css/parsing-css-not-6.html
               fast/css/parsing-css-not-7.html
               fast/css/parsing-css-not-8.html
               fast/css/parsing-css-not-9.html
               fast/css/parsing-css-nth-child-of-4.html
               fast/selectors/not-basics.html
               fast/selectors/not-nested.html
               fast/selectors/not-selector-list.html

        * css/CSSGrammar.y.in:
        Rename selectorListDoesNotMatchAnyPseudoElement() to selectorListDoesNotMatchAnyPseudoElement()
        since both :not() and :nth-child(An+B of selectorList) have the same requirements at the moment. 

        * css/CSSParserValues.cpp:
        (WebCore::selectorListMatchesPseudoElement):
        The patch adding :matches() introduced the possibility of putting pseudo element
        arbitrary deep in a sequence of nested :matches(). Since this case is forbidded
        by :not() and :nth-child(An+B of selectorList), selectorListMatchesPseudoElement()
        now becomes recursive to find those pseudo elements.

        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::selectorText):
        CSSOM for the extended :not().

        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::checkOne):
        (WebCore::SelectorChecker::determineLinkMatchType):
        * cssjit/SelectorCompiler.cpp:

        (WebCore::SelectorCompiler::addPseudoClassType):
        Disable the new capabilities from the JIT for now.

2014-10-09  Tim Horton  <timothy_horton@apple.com>

        Move ServicesOverlayController to WebCore
        https://bugs.webkit.org/show_bug.cgi?id=137416
        <rdar://problem/18546283>

        Reviewed by Anders Carlsson.

        Move ServicesOverlayController from WebKit2 to WebCore, as it can be used by both Legacy WebKit and WebKit2.

        * WebCore.xcodeproj/project.pbxproj:
        * editing/Editor.cpp:
        (WebCore::Editor::scanSelectionForTelephoneNumbers):
        * editing/SelectionRectGatherer.cpp:
        (WebCore::SelectionRectGatherer::Notifier::~Notifier):
        Notify ServicesOverlayController of changes via Page instead of EditorClient.

        * page/ChromeClient.h:
        (WebCore::ChromeClient::handleTelephoneNumberClick):
        (WebCore::ChromeClient::handleSelectionServiceClick):
        (WebCore::ChromeClient::hasRelevantSelectionServices):
        Add ChromeClient functions for services actions.

        * page/EditorClient.h:
        (WebCore::EditorClient::selectedTelephoneNumberRangesChanged): Deleted.
        (WebCore::EditorClient::selectionRectsDidChange): Deleted.
        Remove EditorClient functions for notifying ServicesOverlayController of changes,
        because it lives in WebCore proper now.

        * page/Page.cpp:
        (WebCore::Page::Page):
        * page/Page.h:
        (WebCore::Page::servicesOverlayController):
        Keep a ServicesOverlayController on Page.

        * page/PageOverlay.cpp:
        (WebCore::PageOverlay::mouseEvent):
        Use windowToContents instead of rootViewToContents; events come in in window coordinates.

        * page/PageOverlayController.cpp:
        (WebCore::PageOverlayController::updateSettingsForLayer):
        Get Settings from MainFrame, not Page.

        * page/Settings.in:
        Add servicesControlsEnabled setting.

        * page/mac/ServicesOverlayController.h: Renamed from Source/WebKit2/WebProcess/WebPage/ServicesOverlayController.h.
        * page/mac/ServicesOverlayController.mm: Renamed from Source/WebKit2/WebProcess/WebPage/mac/ServicesOverlayController.mm.
        Moved from WebKit2. Mostly mechanical changes, plus:
            - Use windowToContents instead of rootViewToContents; events come in in window coordinates.
            - Cut off rebuild* if serviceControlsEnabled setting is false
            - Don't create the overlay if serviceControlsEnabled setting is false
            - Send click events via ChromeClient.
            - Tie our lifetime to MainFrame instead of Page, and get lots of things from MainFrame instead.

        * platform/Logging.h:
        Add Services logging channel (moved from WebKit2).

2014-10-09  Brent Fulgham  <bfulgham@apple.com>

        [Win] Unreviewed build fix: Revert r174378

        Roll back this change, as it didn't fix the EWS builders, and has only
        served to make Windows builds take forever.

        * WebCore.vcxproj/WebCoreGenerated.make: Don't delete all generated content
        every time we build.

2014-10-09  Chris Dumez  <cdumez@apple.com>

        Unreviewed GTK build fix after r174504.

        Missing header include.

        * rendering/svg/SVGTextQuery.cpp:

2014-10-09  Myles C. Maxfield  <mmaxfield@apple.com>

        Remove second-to-last client of WebFontCache
        https://bugs.webkit.org/show_bug.cgi?id=137550

        Reviewed by Darin Adler.

        No new tests because no behavior change.

        * WebCore.exp.in:
        * platform/graphics/FontCache.h: Allow migration of client to getCachedFontData()

2014-10-09  Chris Dumez  <cdumez@apple.com>

        [Mac] Spending too much time mapping desired font families to available ones
        https://bugs.webkit.org/show_bug.cgi?id=137539

        Reviewed by Darin Adler.

        While profiling the load of weather.com, I noticed that we are spending
        quite a bit of time trying to map the font family requested to a font
        that is available on the system. The process involves:
        1. Doing a linear search of all the installed font families and do a
           case-insensitive string comparison for each of them until we find a
           match,
        2. Then, if we don't find a match, do another linear search of the
           fonts' postscript names this time and do again a case-insensitive
           string comparison for each of them.

        This process is costly and the fonts requested by weather.com are not
        available, causing us to do 2 linear searches and a lot of string
        comparisons (accounting for ~2% of the WebProcess CPU time for the page
        load). As a result, we end up spending ~90ms in
        internalFontWithFamily() when loading weather.com.

        This patch introduces a cache for the mapping between desired font
        families and available font families. This cuts the time spent in
        internalFontWithFamily() in half (~45ms). The cache gets invalidated
        when fonts are installed / uninstalled on the system so we don't break
        that scenario. The cache is also limited in size to avoid using too
        much memory.

        No new tests, but manual testing making sure the cache gets invalidated
        when installing a font on the system.

        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::invalidateFontCache):
        * platform/mac/WebFontCache.h:
        * platform/mac/WebFontCache.mm:
        (desiredFamilyToAvailableFamilyDictionary):
        (rememberDesiredFamilyToAvailableFamilyMapping):
        (+[WebFontCache internalFontWithFamily:traits:weight:size:]):
        (+[WebFontCache invalidate]):

2014-10-09  Bear Travis  <betravis@adobe.com>

        [CSS Font Loading] Decrement the font loading count before notifying callbacks
        https://bugs.webkit.org/show_bug.cgi?id=137401

        Reviewed by Alexey Proskuryakov.

        In the callbacks, it should appear that font load has completed. This is
        accessed through loading(), which relies on the current number of
        fonts loading via JS and CSS.

        Unskipping the failing test http/tests/webfont/fontloader-loading-attribute.html
        test which tests this.

        * css/FontLoader.cpp:
        (WebCore::LoadFontCallback::notifyLoaded):

2014-10-09  Chris Dumez  <cdumez@apple.com>

        Unreviewed Windows build fix after r174506.

        We no longer needed to dereference as it is a reference instead of a
        pointer now.

        * page/win/EventHandlerWin.cpp:
        (WebCore::EventHandler::passWheelEventToWidget):

2014-10-09  Chris Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for Widget subclasses
        https://bugs.webkit.org/show_bug.cgi?id=137549

        Reviewed by Darin Adler.

        Use is<>() / downcast<>() for Widget subclasses and clean up the
        surrounding code.

        No new tests, no behavior change.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::getOrCreate):
        * accessibility/AccessibilityObject.cpp:
        (WebCore::appendAccessibilityObject):
        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::visiblePositionForPoint):
        * accessibility/AccessibilityScrollView.cpp:
        (WebCore::AccessibilityScrollView::webAreaObject):
        (WebCore::AccessibilityScrollView::documentFrameView):
        (WebCore::AccessibilityScrollView::parentObject):
        (WebCore::AccessibilityScrollView::parentObjectIfExists):
        * bindings/js/JSPluginElementFunctions.cpp:
        (WebCore::pluginScriptObjectFromPluginViewBase):
        * html/HTMLObjectElement.cpp:
        (WebCore::HTMLObjectElement::appendFormData):
        * html/HTMLPlugInElement.cpp:
        (WebCore::HTMLPlugInElement::canProcessDrag):
        (WebCore::HTMLPlugInElement::isKeyboardFocusable):
        (WebCore::HTMLPlugInElement::isUserObservable):
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::checkSizeChangeForSnapshotting):
        (WebCore::HTMLPlugInImageElement::subframeLoaderDidCreatePlugIn):
        * html/HTMLPlugInImageElement.h:
        * loader/SubframeLoader.cpp:
        (WebCore::SubframeLoader::loadPlugin):
        * page/DragController.cpp:
        (WebCore::DragController::operationForLoad):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::subframeForTargetNode):
        (WebCore::EventHandler::handleWheelEvent):
        * page/EventHandler.h:
        * page/Frame.cpp:
        (WebCore::Frame::frameForWidget):
        * page/FrameView.cpp:
        (WebCore::FrameView::hasCustomScrollbars):
        (WebCore::FrameView::updateLayoutAndStyleIfNeededRecursive):
        (WebCore::FrameView::convertToContainingView):
        (WebCore::FrameView::convertFromContainingView):
        (WebCore::FrameView::removeChild):
        * page/FrameView.h:
        * page/Page.cpp:
        (WebCore::Page::pluginViews):
        * page/efl/EventHandlerEfl.cpp:
        (WebCore::EventHandler::passWheelEventToWidget):
        * page/gtk/EventHandlerGtk.cpp:
        (WebCore::EventHandler::passWheelEventToWidget):
        * page/ios/EventHandlerIOS.mm:
        (WebCore::EventHandler::passWheelEventToWidget):
        * page/mac/EventHandlerMac.mm:
        (WebCore::EventHandler::passWheelEventToWidget):
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::computeNonFastScrollableRegion):
        * page/win/EventHandlerWin.cpp:
        (WebCore::EventHandler::passWheelEventToWidget):
        * platform/ScrollView.cpp:
        (WebCore::ScrollView::removeChild):
        (WebCore::ScrollView::setHasHorizontalScrollbar):
        (WebCore::ScrollView::setHasVerticalScrollbar):
        * platform/ScrollView.h:
        * platform/Scrollbar.cpp:
        (WebCore::Scrollbar::root):
        Uninline as root() because Widget::root() returns a FrameView now and
        it is impossible to include FrameView.h in Scrollbar.h without causing
        a cycle.

        * platform/Scrollbar.h:
        * platform/Widget.cpp:
        (WebCore::Widget::root):
        Use tighter typing and return a FrameView instead of a ScrollView.

        (WebCore::Widget::removeFromParent):
        * platform/Widget.h:
        * platform/efl/WidgetEfl.cpp:
        (WebCore::Widget::setCursor):
        * platform/gtk/PlatformScreenGtk.cpp:
        * platform/gtk/WidgetGtk.cpp:
        (WebCore::Widget::setCursor):
        * platform/mac/PlatformScreenMac.mm:
        (WebCore::displayFromWidget):
        * platform/mac/WidgetMac.mm:
        (WebCore::Widget::setCursor):
        * platform/win/WidgetWin.cpp:
        (WebCore::Widget::setCursor):
        * plugins/PluginViewBase.h:
        * plugins/win/PluginViewWin.cpp:
        (WebCore::PluginView::updatePluginWidget):
        (WebCore::PluginView::paintIntoTransformedContext):
        (WebCore::PluginView::paintWindowedPluginIntoContext):
        (WebCore::PluginView::paint):
        (WebCore::PluginView::handleMouseEvent):
        (WebCore::PluginView::setNPWindowRect):
        (WebCore::PluginView::snapshot):
        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::RenderEmbeddedObject::allowsAcceleratedCompositing):
        (WebCore::RenderEmbeddedObject::nodeAtPoint):
        (WebCore::RenderEmbeddedObject::scroll):
        * rendering/RenderFrameBase.h:
        (WebCore::RenderFrameBase::childView):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::layerWillBeDestroyed):
        (WebCore::RenderLayerBacking::updateConfiguration):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::shouldPropagateCompositingToEnclosingFrame):
        * rendering/RenderTreeAsText.cpp:
        (WebCore::write):
        * rendering/RenderWidget.cpp:
        (WebCore::WidgetHierarchyUpdatesSuspensionScope::moveWidgets):
        (WebCore::RenderWidget::paintContents):
        (WebCore::RenderWidget::setOverlapTestResult):
        (WebCore::RenderWidget::updateWidgetPosition):
        (WebCore::RenderWidget::nodeAtPoint):
        (WebCore::RenderWidget::embeddedContentBox):

2014-10-09  Carlos Garcia Campos  <cgarcia@igalia.com>

        Layering violation: MediaPlayer should not reference/use FrameView
        https://bugs.webkit.org/show_bug.cgi?id=21562

        Reviewed by Darin Adler.

        Remove FrameView dependency from MediaPlayer.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaPlayerIsInMediaDocument): Check if
        the element document is a media document.
        * html/HTMLMediaElement.h:
        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::MediaPlayer): Remove m_frameView initialization.
        (WebCore::MediaPlayer::inMediaDocument): Use the MediaPlayerClient
        to check if the media player is in a media document.
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerClient::mediaPlayerIsInMediaDocument):
        (WebCore::MediaPlayer::setFrameView): Deleted.
        (WebCore::MediaPlayer::frameView): Deleted.
        * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
        (WebCore::MediaPlayerPrivateAVFoundation::preferredRenderingMode):
        Do not check if the media player has a frame view, checking whether it's visible
        is enough.
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        Remove unneeded header include.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: Ditto.
        * platform/graphics/mac/MediaPlayerPrivateQTKit.mm: Ditto.
        * rendering/RenderVideo.cpp:
        (WebCore::RenderVideo::~RenderVideo): Do not call MediaPlayer::setFrameView().
        (WebCore::RenderVideo::updatePlayer): Ditto.

2014-10-09  Christophe Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for RenderBlockFlow
        https://bugs.webkit.org/show_bug.cgi?id=137545

        Reviewed by Darin Adler.

        Use is<>() / downcast<>() for RenderBlockFlow and clean up the
        surrounding code.

        No new tests, no behavior change.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::AccessibilityRenderObject::computeAccessibilityIsIgnored):
        * dom/Element.cpp:
        (WebCore::Element::renderNamedFlowFragment):
        (WebCore::Element::webkitGetRegionFlowRanges):
        * editing/Editor.cpp:
        (WebCore::Editor::hasBidiSelection):
        * inspector/InspectorOverlay.cpp:
        (WebCore::buildObjectForRegionHighlight):
        (WebCore::buildObjectForElementInfo):
        * rendering/EllipsisBox.h:
        * rendering/HitTestResult.cpp:
        (WebCore::HitTestResult::innerTextIfTruncated):
        * rendering/LayoutState.cpp:
        (WebCore::LayoutState::LayoutState):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::removeChild):
        * rendering/RenderBlock.h:
        (WebCore::RenderBlock::moveAllChildrenIncludingFloatsTo):
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::rebuildFloatingObjectSetFromIntrudingFloats):
        (WebCore::RenderBlockFlow::layoutBlockChild):
        (WebCore::RenderBlockFlow::marginOffsetForSelfCollapsingBlock):
        (WebCore::RenderBlockFlow::marginValuesForChild):
        (WebCore::RenderBlockFlow::collapseMargins):
        (WebCore::RenderBlockFlow::marginBeforeEstimateForChild):
        (WebCore::RenderBlockFlow::handleAfterSideOfBlock):
        (WebCore::RenderBlockFlow::mustDiscardMarginBeforeForChild):
        (WebCore::RenderBlockFlow::mustDiscardMarginAfterForChild):
        (WebCore::RenderBlockFlow::adjustBlockChildForPagination):
        (WebCore::RenderBlockFlow::moveAllChildrenIncludingFloatsTo):
        (WebCore::RenderBlockFlow::markAllDescendantsWithFloatsForLayout):
        (WebCore::RenderBlockFlow::adjustForBorderFit):
        (WebCore::getHeightForLineCount):
        * rendering/RenderBlockFlow.h:
        (WebCore::RenderElement::isRenderNamedFlowFragmentContainer):
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlockFlow::createLineBoxes):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::styleDidChange):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintMaskForTextFillBox):
        * rendering/RenderDeprecatedFlexibleBox.cpp:
        (WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):
        (WebCore::RenderDeprecatedFlexibleBox::clearLineClamp):
        * rendering/RenderFlowThread.cpp:
        (WebCore::RenderFlowThread::removeFlowChildInfo):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::updateLayerPositions):
        (WebCore::expandClipRectForRegionAndReflection):
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::computeCompositingRequirements):
        (WebCore::RenderLayerCompositor::rebuildCompositingLayerTree):
        * rendering/RenderMultiColumnFlowThread.cpp:
        (WebCore::RenderMultiColumnFlowThread::evacuateAndDestroy):
        (WebCore::RenderMultiColumnFlowThread::processPossibleSpannerDescendant):
        (WebCore::RenderMultiColumnFlowThread::flowThreadDescendantInserted):
        * rendering/RenderMultiColumnFlowThread.h:
        * rendering/RenderMultiColumnSet.cpp:
        (WebCore::RenderMultiColumnSet::heightAdjustedForSetOffset):
        (WebCore::RenderMultiColumnSet::columnGap):
        * rendering/RenderMultiColumnSet.h:
        * rendering/RenderNamedFlowFragment.cpp:
        (WebCore::RenderNamedFlowFragment::fragmentContainer):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::adjustComputedFontSizesOnBlocks):
        (WebCore::RenderObject::resetTextAutosizing):
        (WebCore::RenderObject::showLineTreeForThis):
        (WebCore::RenderObject::showRenderSubTreeAndMark):
        * rendering/RenderText.cpp:
        (WebCore::RenderText::setText):
        (WebCore::RenderText::ensureLineBoxes):
        (WebCore::RenderText::simpleLineLayout):
        * rendering/RenderTreeAsText.cpp:
        (WebCore::write):
        * rendering/RootInlineBox.cpp:
        (WebCore::RootInlineBox::selectionTopAdjustedForPrecedingBlock):
        (WebCore::RootInlineBox::blockFlow):
        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::computeTextBoundingBox):
        (WebCore::SimpleLineLayout::computeTextFirstRunLocation):
        (WebCore::SimpleLineLayout::collectTextAbsoluteRects):
        (WebCore::SimpleLineLayout::collectTextAbsoluteQuads):
        * rendering/svg/SVGTextQuery.cpp:
        (WebCore::flowBoxForRenderer):

2014-10-09  Philip Chimento  <philip.chimento@gmail.com>

        [GTK] Netscape plugin API symbol used outside feature guards
        https://bugs.webkit.org/show_bug.cgi?id=137385

        Reviewed by Philippe Normand.

        * plugins/PluginPackage.cpp:
        (WebCore::PluginPackage::unload): Add guards for Netscape Plugin
        API around symbol, so that it compiles OK when the API is not
        available.

2014-10-08  Mihnea Ovidenie  <mihnea@adobe.com>

        [CSSRegions]Remove unused parameter in adjustRegionBoundsFromFlowThreadPortionRect
        https://bugs.webkit.org/show_bug.cgi?id=137518

        Reviewed by Andrei Bucur.

        This method is used only by region code in accelerated compositing.
        The first parameter for the method was introduced with the intent to be used for multicolumn,
        but without being actually used in multicolumn code. Also make the method const.
        No new tests as no change in functionality.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::adjustAncestorCompositingBoundsForFlowThread):
        * rendering/RenderMultiColumnSet.cpp:
        (WebCore::RenderMultiColumnSet::adjustRegionBoundsFromFlowThreadPortionRect):
        * rendering/RenderMultiColumnSet.h:
        * rendering/RenderRegion.cpp:
        (WebCore::RenderRegion::adjustRegionBoundsFromFlowThreadPortionRect):
        * rendering/RenderRegion.h:

2014-10-08  Andreas Kling  <akling@apple.com>

        [Mac] Show repaint counters in tile coverage map.
        <https://webkit.org/b/137544>

        Reviewed by Simon Fraser.

        Add repaint counters to the tile layers in the "tiled scrolling
        indicator" display. This will be helpful for diagnosing issues with
        excessive tile repaints outside the visible viewport.

        * platform/graphics/ca/TileController.cpp:
        (WebCore::TileController::setNeedsDisplayInRect):
        * platform/graphics/ca/TileGrid.cpp:
        (WebCore::TileGrid::drawTileMapContents):

2014-10-08  Myles C. Maxfield  <mmaxfield@apple.com>

        Unreviewed build fix after r174480. Broke iOS build.

        * rendering/RenderObject.cpp:
        (WebCore::includeNonFixedHeight):

2014-10-08  Myles C. Maxfield  <litherum@gmail.com>

        Inline ruby does not get justified correctly
        https://bugs.webkit.org/show_bug.cgi?id=137421

        Reviewed by Dave Hyatt.

        We justify text in two passes: one counts expansion opportunities within a line,
        and the other doles out widths and expansion amounts to constituent inline boxes.
        This patch simply modifies both passes to descend into ruby bases. Once it has
        done so, we then re-layout the ruby run with the newly found width.

        Tests: fast/ruby/ruby-justification-hittest.html
               fast/ruby/ruby-justification.html

        * rendering/InlineBox.h:
        (WebCore::InlineBox::setExpansion): updateRubyForJustifiedText() has to set the
        expansion for an inline box, so make setExpansion() public.
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::updateRubyForJustifiedText): Given values that have already been
        computed in computeInlineDirectionPositionsForSegment(), adjust the widths and
        expansion values for all the various pieces of ruby.
        (WebCore::computeExpansionForJustifiedText): Call updateRubyForJustifiedText() if
        necessary.
        (WebCore::RenderBlockFlow::computeInlineDirectionPositionsForSegment): When
        counting expansion opportunities in a line, include ruby bases.
        * rendering/RenderRubyRun.h: Fix grammar in comment.
        * rendering/RenderText.cpp:
        (WebCore::RenderText::stringView): Give default arguments to function.
        * rendering/RenderText.h: Ditto.

2014-10-08  Dean Jackson  <dino@apple.com>

        PopupMenus should indicate if they are using a custom rendering
        https://bugs.webkit.org/show_bug.cgi?id=137543
        <rdar://problem/18544212>

        Reviewed by Beth Dakin.

        On Yosemite there is an animation as a popup menu closes. We can't use
        this when there is a custom rendering, since the animation doesn't match
        the final result. Implement this by hooking into the existing code
        for hiding the arrows during animation - a WebKitSystemInterface update
        will implement the other side.

        * platform/mac/WebCoreSystemInterface.h: Rename parameter to be more clear.
        * platform/mac/WebCoreSystemInterface.mm:
        * rendering/RenderMenuList.cpp:
        (RenderMenuList::menuStyle): We need to check that we are a native-looking
        button, not just something with appearance.

2014-10-08  Christophe Dumez  <cdumez@apple.com>

        Use is<>() / downcast<>() for RenderBlock objects
        https://bugs.webkit.org/show_bug.cgi?id=137512

        Reviewed by Darin Adler.

        Use is<>() / downcast<>() for RenderBlock objects and clean up the
        surrounding code.

        No new tests, no behavior change.

        * accessibility/AccessibilityRenderObject.cpp:
        (WebCore::firstChildConsideringContinuation):
        (WebCore::lastChildConsideringContinuation):
        (WebCore::AccessibilityRenderObject::firstChild):
        (WebCore::startOfContinuations):
        (WebCore::endOfContinuations):
        (WebCore::childBeforeConsideringContinuations):
        (WebCore::AccessibilityRenderObject::previousSibling):
        (WebCore::AccessibilityRenderObject::nextSibling):
        (WebCore::nextContinuation):
        (WebCore::AccessibilityRenderObject::renderParentObject):
        (WebCore::AccessibilityRenderObject::anchorElement):
        (WebCore::AccessibilityRenderObject::setValue):
        * bindings/objc/DOMUIKitExtensions.mm:
        (-[DOMNode containsOnlyInlineObjects]):
        (-[DOMNode isSelectableBlock]):
        (-[DOMHTMLElement structuralComplexityContribution]):
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::valueForGridTrackList):
        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::addBlockPlaceholderIfNeeded):
        * editing/TextIterator.cpp:
        (WebCore::TextIterator::shouldRepresentNodeOffsetZero):
        * page/ios/FrameIOS.mm:
        (WebCore::Frame::preferredHeight):
        * rendering/LogicalSelectionOffsetCaches.h:
        (WebCore::containingBlockForFixedPosition):
        (WebCore::containingBlockForAbsolutePosition):
        (WebCore::containingBlockForObjectInFlow):
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::styleWillChange):
        (WebCore::RenderBlock::continuationBefore):
        (WebCore::RenderBlock::splitBlocks):
        (WebCore::RenderBlock::addChildIgnoringContinuation):
        (WebCore::canMergeAnonymousBlock):
        (WebCore::canMergeContiguousAnonymousBlocks):
        (WebCore::RenderBlock::collapseAnonymousBoxChild):
        (WebCore::RenderBlock::removeChild):
        (WebCore::RenderBlock::blockElementContinuation):
        (WebCore::RenderBlock::blockSelectionGaps):
        (WebCore::RenderBlock::blockBeforeWithinSelectionRoot):
        (WebCore::isChildHitTestCandidate):
        (WebCore::RenderBlock::firstLineBlock):
        (WebCore::findFirstLetterBlock):
        (WebCore::RenderBlock::childBecameNonInline):
        (WebCore::RenderBlock::hasMarginBeforeQuirk):
        (WebCore::RenderBlock::hasMarginAfterQuirk):
        * rendering/RenderBlock.h:
        * rendering/RenderBlockFlow.cpp:
        (WebCore::RenderBlockFlow::marginBeforeEstimateForChild):
        (WebCore::RenderBlockFlow::estimateLogicalTopPosition):
        (WebCore::RenderBlockFlow::adjustBlockChildForPagination):
        (WebCore::RenderBlockFlow::positionNewFloats):
        (WebCore::RenderBlockFlow::markSiblingsWithFloatsForLayout):
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlockFlow::positionNewFloatOnLine):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::computeReplacedLogicalHeightUsing):
        (WebCore::RenderBox::availableLogicalHeightUsing):
        (WebCore::RenderBox::containingBlockLogicalWidthForPositioned):
        (WebCore::RenderBox::containingBlockLogicalHeightForPositioned):
        (WebCore::computeInlineStaticDistance):
        (WebCore::RenderBox::computePositionedLogicalWidth):
        (WebCore::RenderBox::computePositionedLogicalHeight):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::accumulateInFlowPositionOffsets):
        (WebCore::RenderBoxModelObject::moveChildTo):
        (WebCore::RenderBoxModelObject::moveChildrenTo):
        * rendering/RenderElement.cpp:
        (WebCore::RenderElement::propagateStyleToAnonymousChildren):
        * rendering/RenderFlowThread.cpp:
        (WebCore::RenderFlowThread::adjustedPositionRelativeToOffsetParent):
        * rendering/RenderFullScreen.cpp:
        (WebCore::RenderFullScreen::unwrapRenderer):
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::inlineElementContinuation):
        (WebCore::updateStyleOfAnonymousBlockContinuations):
        (WebCore::RenderInline::styleDidChange):
        (WebCore::nextContinuation):
        (WebCore::RenderInline::splitFlow):
        (WebCore::RenderInline::positionForPoint):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::updateScrollbarsAfterLayout):
        (WebCore::RenderLayer::calculateClipRects):
        * rendering/RenderListItem.cpp:
        (WebCore::getParentOfFirstLineBox):
        (WebCore::RenderListItem::insertOrMoveMarkerRendererIfNeeded):
        (WebCore::RenderListItem::positionListMarker):
        * rendering/RenderNamedFlowFragment.cpp:
        (WebCore::RenderNamedFlowFragment::maxPageLogicalHeight):
        * rendering/RenderObject.cpp:
        (WebCore::includeNonFixedHeight):
        (WebCore::RenderObject::checkBlockPositionedObjectsNeedLayout):
        (WebCore::RenderObject::containingBlock):
        (WebCore::RenderObject::handleDynamicFloatPositionChange):
        (WebCore::RenderObject::removeAnonymousWrappersForInlinesIfNecessary):
        (WebCore::RenderObject::getTextDecorationColors):
        * rendering/RenderRuby.cpp:
        (WebCore::rubyBeforeBlock):
        (WebCore::rubyAfterBlock):
        * rendering/RenderRubyBase.cpp:
        (WebCore::RenderRubyBase::moveInlineChildren):
        (WebCore::RenderRubyBase::moveBlockChildren):
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::paintSnapshottedPluginOverlay):
        * rendering/TextAutosizer.cpp:
        (WebCore::TextAutosizer::processSubtree):
        (WebCore::TextAutosizer::processContainer):
        (WebCore::TextAutosizer::measureDescendantTextWidth):
        (WebCore::TextAutosizer::findDeepestBlockContainingAllText):
        (WebCore::TextAutosizer::findFirstTextLeafNotInCluster):
        * rendering/mathml/RenderMathMLRoot.cpp:
        (WebCore::RenderMathMLRoot::layout):

2014-10-08  Jer Noble  <jer.noble@apple.com>

        Unreviewed follow-up fix for r174460. Do not register for KVOs if the object does not respond to the requested property.

        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
        (-[CDMSessionMediaSourceAVFObjCObserver beginObserving:]):
        (-[CDMSessionMediaSourceAVFObjCObserver stopObserving:]):
        (-[CDMSessionMediaSourceAVFObjCObserver invalidate]):

2014-10-08  Dean Jackson  <dino@apple.com>

        Add deprecation warning for CSSKeyframesRule::appendRule
        https://bugs.webkit.org/show_bug.cgi?id=137532
        <rdar://problem/18585745>

        Reviewed by Brent Fulgham.

        In r173982 (webkit.org/b/57910) we added insertRule to match
        the spec. We should print a warning to the JS console suggesting
        users move to insertRule.

        * css/WebKitCSSKeyframesRule.cpp:
        (WebCore::WebKitCSSKeyframesRule::appendRule): Add a message to the system
        console.
        * css/WebKitCSSKeyframesRule.h:

2014-10-08  Myles C. Maxfield  <mmaxfield@apple.com>

        Text drawn with an SVG font has no spaces when word-rounding hacks are enabled
        https://bugs.webkit.org/show_bug.cgi?id=137463

        Reviewed by Darin Adler.

        When rounding hacks are enabled, we use the "adjusted space width" instead of the
        regular space width. However, the SVG-font-specific implementation of the
        SimpleFontData constructor doesn't initialize this value, so it was getting set
        to an undefined value (which happened to be close to 0 in my tests).

        Test: svg/text/svg-font-word-rounding-hacks-spaces.html

        * css/CSSFontFaceSource.cpp:
        (WebCore::CSSFontFaceSource::getFontData):
        (WebCore::CSSFontFaceSource::ensureFontData):
        * loader/cache/CachedFont.cpp:
        (WebCore::CachedFont::ensureCustomFontData):
        (WebCore::CachedFont::getSVGFontById):
        * platform/graphics/SimpleFontData.h:
        * svg/SVGFontData.cpp:
        (WebCore::SVGFontData::initializeFontData):

2014-10-08  Brent Fulgham  <bfulgham@apple.com>

        [Win] Resolve various static analyzer warnings in WebCore.
        https://bugs.webkit.org/show_bug.cgi?id=137526

        Reviewed by Dean Jackson.

        A series of small changes to resolve various issues found by the MSVC static analyzer.

        * inspector/NetworkResourcesData.cpp:
        (WebCore::NetworkResourcesData::clear): Add assertion that it->value should never be null.
        * page/SessionIDHash.h:
        (WTF::HashTraits<WebCore::SessionID>::constructDeletedValue): Add explicit cast to avoid
        compiler warning.
        (WTF::HashTraits<WebCore::SessionID>::isDeletedValue): Ditto.
        * page/win/FrameCGWin.cpp:
        (WebCore::imageFromRect): Resolve static analyzer warnings by initializing bits, and
        checking the return value of ::CreateDIBSection, which return nullptr on error.
        * platform/graphics/ca/win/PlatformCALayerWin.cpp:
        (printLayer): Use correct MSVC format specifier for size_t.
        * platform/graphics/win/FontCacheWin.cpp:
        (WebCore::getLinkedFonts): Handle possibility that a font link key does not exist.
        (WebCore::FontCache::systemFallbackForCharacters): Handle error case when a valid code page
        does not exist for a given character.
        * platform/graphics/win/SimpleFontDataWin.cpp:
        (WebCore::SimpleFontData::containsCharacters): Handle error cases for mapping to the CP_ACP code page,
        and related failures when attempting to access the contents of a given code page.
        * platform/graphics/win/UniscribeController.cpp:
        (WebCore::UniscribeController::itemizeShapeAndPlace): Handle possible failure in the
        ScriptItemize API call.
        (WebCore::UniscribeController::shapeAndPlaceItem): Ditto for ScriptXtoCP API call.
        * platform/win/BString.h: Use consistent SAL annotations for our typedeof of BSTR as in
        the system header.
        * platform/win/COMPtr.h: Ditto for HRESULT.
        * platform/win/DragImageCGWin.cpp:
        (WebCore::allocImage): Handle case of failing CreateDIBSection API call.
        * platform/win/PopupMenuWin.cpp:
        (WebCore::PopupMenuWin::show): Handle case of failing SystemParamtersInfo API call.
        (WebCore::PopupMenuWin::wndProc): Ditto.

2014-10-07  Jer Noble  <jer.noble@apple.com>

        [EME][Mac] Update CDMSessionMediaSourceAVFObjC to match new API provided by AVStreamSession
        https://bugs.webkit.org/show_bug.cgi?id=137469

        Reviewed by Brent Fulgham.

        Update our forward declaration to match the API provided by AVStreamSession.
        AVStreamSession now takes an error: parameter in its initialiazer. It also provides the
        sessionIdentifier used by the CDM, which CDMSessionMediaSourceAVFObjC will use as the
        value of sessionId. Having this identifier allows us to fire a
        secure-proof-of-key-release message after the client calls MediaKeySession.close().
        Because this call will now generate messages, which have to be responded to in order
        to remove those proofs from storage, do not clear the CDMSession from MediaKeySession
        after calling close().

        * Modules/encryptedmedia/MediaKeySession.cpp:
        (WebCore::MediaKeySession::~MediaKeySession):
        (WebCore::MediaKeySession::close):
        (WebCore::MediaKeySession::setError): Deleted.
        (WebCore::MediaKeySession::sessionId): Deleted.
        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.h:
        (WebCore::CDMSessionMediaSourceAVFObjC::setSessionId):
        * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
        (-[CDMSessionMediaSourceAVFObjCListener initWithParent:]):
        (-[CDMSessionMediaSourceAVFObjCObserver dealloc]):
        (-[CDMSessionMediaSourceAVFObjCObserver beginObserving:]):
        (-[CDMSessionMediaSourceAVFObjCObserver stopObserving:]):
        (-[CDMSessionMediaSourceAVFObjCObserver invalidate]):
        (-[CDMSessionMediaSourceAVFObjCListener observeValueForKeyPath:ofObject:change:context:]):
        (WebCore::CDMSessionMediaSourceAVFObjC::CDMSessionMediaSourceAVFObjC):
        (WebCore::CDMSessionMediaSourceAVFObjC::~CDMSessionMediaSourceAVFObjC):
        (WebCore::CDMSessionMediaSourceAVFObjC::releaseKeys):
        (WebCore::CDMSessionMediaSourceAVFObjC::update):
        (WebCore::CDMSessionMediaSourceAVFObjC::addSourceBuffer):
        (WebCore::CDMSessionMediaSourceAVFObjC::removeSourceBuffer):

2014-10-08  Chris Dumez  <cdumez@apple.com>

        Unreviewed build fix after r174456.

        I was comparing a signed int to an unsigned one.

        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::shouldAutoActivateFontIfNeeded):

2014-10-08  Christophe Dumez  <cdumez@apple.com>

        [Mac] We are spending a lot of time loading fonts when loading weather.com
        https://bugs.webkit.org/show_bug.cgi?id=137454

        Reviewed by Darin Adler.

        We are spending a lot of time loading fonts when loading weather.com:
        ~4.2% of WebProcess's cpu time in FontCache::getCachedFrontData().
        In particular, we are spending a lot of time doing font auto-activation
        because we don't have the Open Sans fonts installed and weather.com is
        trying to load those.

        Before this patch, we were doing font auto-activation ~250 times when
        loading weather.com, even though the site is loading ~10 distinct font
        families.

        This patch adds a cache of font families we already tried to
        auto-activate so that we don't try again. This results in ~10 font
        auto-activations when loading weather.com instead of 250. It reduces
        the amount of time spent in getCachedFrontData() to 62.6ms from 276ms
        (4.4x less) when loading weather.com.

        No new tests, no behavior change.

        * platform/graphics/mac/FontCacheMac.mm:
        (WebCore::shouldAutoActivateFontIfNeeded):
        (WebCore::FontCache::createFontPlatformData):
        * platform/mac/WebFontCache.h:
        * platform/mac/WebFontCache.mm:
        (+[WebFontCache fontWithFamily:traits:weight:size:shouldAutoActivateIfNeeded:]):
        (+[WebFontCache fontWithFamily:traits:weight:size:]):
        (+[WebFontCache fontWithFamily:traits:size:]):

2014-10-08  Darin Adler  <darin@apple.com>

        ASSERTION FAILED: underlyingStringIsValid()
        https://bugs.webkit.org/show_bug.cgi?id=137502

        Reviewed by Anders Carlsson.

        * rendering/RenderTreeAsText.cpp:
        (WebCore::quoteAndEscapeNonPrintables): Take a StringView instead of a String.
        (WebCore::writeTextRun): Ditto.
        (WebCore::writeSimpleLine): Ditto.

        * rendering/RenderTreeAsText.h: Removed unneeded include, tweaked formatting,
        changed quoteAndEscapeNonPrintables to take a StringView.

        * rendering/SimpleLineLayoutFunctions.cpp:
        (WebCore::SimpleLineLayout::paintFlow): Tighten code using a modern for loop.
        (WebCore::SimpleLineLayout::showLineLayoutForFlow): Update to work with a
        StringView result for SimpleLineLayout::RunResolver::Run::text.

        * rendering/SimpleLineLayoutResolver.h:
        (WebCore::SimpleLineLayout::RunResolver::Run::text): Changed return type to
        StringView to fix the lifetime bug and also to improve performance by getting
        rid of the need to allocate and destroy a StringImpl object.

2014-10-07  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        [EFL] Call requestScrollPositionUpdate() instead of delegatedScrollRequested() in ScrollView::scrollTo()
        https://bugs.webkit.org/show_bug.cgi?id=137478

        Reviewed by Benjamin Poulain.

        As r174380 did, ScrollView::scrollTo() also calls requestScrollPositionUpdate() instead of delegatedScrollRequested().
        delegatedScrollRequested() will be only called by requestScrollPositionUpdate(), and it needs to be merged by existing
        other scroll request function.

        No new tests, no behavior changes.

        * platform/ScrollView.cpp:
        (WebCore::ScrollView::scrollTo):

2014-10-08  Dean Jackson  <dino@apple.com>

        Safari 8 on OSX 10.10 does not run WebGL in Retina HiDPI mode.
        https://bugs.webkit.org/show_bug.cgi?id=134854
        <rdar://problem/18465263>

        Reviewed by Tim Horton.

        The NSOpenGLLayer has to have its contentScale property
        set accordingly when on a retina display. Do this by
        adding another value to the GraphicsContext3D creation
        attribute dictionary, representing the device pixel ratio.
        Then, when we come to draw into the layer, make sure
        we set our GL viewport to the correct value.

        This is currently untestable because:
        - we can't just read from the GL buffer as it is always correct
        - WebGL isn't working in reftests
        - a layer dump doesn't show the change since it was done in a CALayer subclass.

        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::create): Pass the devicePixelRatio into the attribute dictionary.
        * platform/graphics/GraphicsContext3D.h:
        (WebCore::GraphicsContext3D::Attributes::Attributes): Add a devicePixelRatio attribute.
        * platform/graphics/mac/WebGLLayer.h: New property to save us looking up the attributes
        each frame.
        * platform/graphics/mac/WebGLLayer.mm:
        (-[WebGLLayer initWithGraphicsContext3D:]): Store the devicePixelRatio, and set our
        contents scale appropriately.
        (-[WebGLLayer drawInCGLContext:pixelFormat:forLayerTime:displayTime:]): Draw into
        a correctly sized backbuffer.
        (-[WebGLLayer copyImageSnapshotWithColorSpace:]): Generate an image of the correct size.

2014-10-07  Simon Fraser  <simon.fraser@apple.com>

        Roll-over Changelogs.

        * ChangeLog-2014-10-07: Copied from Source/WebCore/ChangeLog.

== Rolled over to ChangeLog-2014-10-07 ==