Cap the number of SourceBuffers that may be added to a MediaSource.
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2012-08-13  Anna Cavender  <annacc@chromium.org>
2
3         Cap the number of SourceBuffers that may be added to a MediaSource.
4         https://bugs.webkit.org/show_bug.cgi?id=93406
5
6         Reviewed by Eric Carlson.
7
8         Make sure that no more SourceBuffer objects are added to a MediaSource
9         than can fit into the sourceBuffers SourceBufferList (internally stored
10         as a Vector). Also, make sure that new SourceBuffers are added with a
11         unique id even if the variable we are using to generate id wraps around.
12
13         No new tests.  It would not be realistic to add so many SourceBuffers to
14         test the id variable wrapping.  Existing tests should not be affected.
15
16         * Modules/mediasource/MediaSource.cpp:
17         (WebCore::MediaSource::MediaSource):
18         (WebCore::MediaSource::addSourceBuffer): Obtain a unique id before creating
19             a new SourceBuffer.
20         * Modules/mediasource/MediaSource.h:
21         * Modules/mediasource/SourceBufferList.cpp:
22         (WebCore::SourceBufferList::SourceBufferList):
23         (WebCore::SourceBufferList::generateUniqueId): Search for and generate a
24             unique id.
25         (WebCore):
26         (WebCore::SourceBufferList::contains): Check if a SourceBuffer with a
27             given id already exists in this SourceBufferList.
28         * Modules/mediasource/SourceBufferList.h:
29         (SourceBufferList):
30
31 2012-08-13  Andrey Kosyakov  <caseq@chromium.org>
32
33         Web Inspector: when status bar is too narrow, cut panel status bar, not main status bar items
34         https://bugs.webkit.org/show_bug.cgi?id=93814
35
36         Reviewed by Pavel Feldman.
37
38         - set shrink factor of bottom-status-bar-container to 1;
39         - set bottom-status-bar-container's width to 0 to workaround for flex-basis being ignored;
40
41         * inspector/front-end/inspector.css:
42         (#bottom-status-bar-container):
43
44 2012-08-13  Yury Semikhatsky  <yurys@chromium.org>
45
46         Web Inspector: add memory instrumentation for Attribute
47         https://bugs.webkit.org/show_bug.cgi?id=93827
48
49         Reviewed by Pavel Feldman.
50
51         Attribute's name and value footprint is counted as part of the DOM
52         component.
53
54         * dom/Attribute.h:
55         (WebCore::Attribute::reportMemoryUsage):
56         (Attribute):
57         * dom/ElementAttributeData.cpp:
58         (WebCore::ElementAttributeData::reportMemoryUsage):
59
60 2012-08-13  Vsevolod Vlasov  <vsevik@chromium.org>
61
62         Web Inspector: Polish search/replace toolbar buttons style.
63         https://bugs.webkit.org/show_bug.cgi?id=93826
64
65         Reviewed by Pavel Feldman.
66
67         * inspector/front-end/inspector.css:
68         (.toolbar-search button):
69
70 2012-08-13  Kwang Yul Seo  <skyul@company100.net>
71
72         [Qt] Add gprof.prf to build WebKit with gprof enabled
73         https://bugs.webkit.org/show_bug.cgi?id=90283
74
75         Reviewed by Eric Seidel.
76
77         No behavior change, so no new tests.
78
79         * WebCore.pri:
80         -ffunction-sections conflicts with -pg option, so don't use
81         -ffunction-sections option when gprof is enabled.
82
83 2012-08-13  Zan Dobersek  <zandobersek@gmail.com>
84
85         Unreviewed build fix after r125408, removing another usage of SVG_FEATURES.
86
87         * GNUmakefile.am:
88
89 2012-08-13  Zan Dobersek  <zandobersek@gmail.com>
90
91         [Gtk] Remove SVG_FEATURES and HTML_FEATURES from Source/WebCore/GNUmakefile.am
92         https://bugs.webkit.org/show_bug.cgi?id=90693
93
94         Reviewed by Philippe Normand.
95
96         Remove SVG_FEATURES and HTML_FEATURES variables. They can be replaced by the
97         FEATURE_DEFINES variable wherever they are used.
98
99         No new tests - no new functionality.
100
101         * GNUmakefile.am:
102
103 2012-08-13  Mario Sanchez Prada  <msanchez@igalia.com>
104
105         [GTK] Implementation of atk_editable_text_insert_text ignores 'length' parameter
106         https://bugs.webkit.org/show_bug.cgi?id=93804
107
108         Reviewed by Carlos Garcia Campos.
109
110         Use the 'length' parameter to insert a substring of the full
111         string passed to this method from AtkEditableText interface.
112
113         * accessibility/gtk/WebKitAccessibleInterfaceEditableText.cpp:
114         (webkitAccessibleEditableTextInsertText): Don't ignore 'length'.
115
116 2012-08-13  Sam D  <dsam2912@gmail.com>
117
118         Web Inspector: Feature Request - Adding mouse gesture for editing attribute values in elements/css panel
119         https://bugs.webkit.org/show_bug.cgi?id=93581
120
121         Reviewed by Alexander Pavlov.
122
123         Added functionality to modify valuesAdding support for updating number values in attributes in element
124         panel/ css panel using mouse gestures as well.
125
126         No new tests.
127
128         * inspector/front-end/StylesSidebarPane.js:
129         handling mousewheel event
130         * inspector/front-end/TextPrompt.js:
131         adding mouse event listener
132         (WebInspector.TextPrompt.prototype._attachInternal):
133         (WebInspector.TextPrompt.prototype.defaultKeyHandler):
134         (WebInspector.TextPrompt.prototype.onMouseWheel):
135         * inspector/front-end/UIUtils.js:
136         handling mouse event gesture and updating number based on mouse wheel
137         scroll direction as well.
138         (WebInspector._valueModificationDirection):
139         (WebInspector._modifiedHexValue):
140         (WebInspector._modifiedFloatNumber):
141         (WebInspector.handleElementValueModifications):
142
143 2012-08-13  Carlos Garcia Campos  <cgarcia@igalia.com>
144
145         Unreviewed. Fix make distcheck.
146
147         * GNUmakefile.list.am: Add missing header file.
148
149 2012-08-10  Alexander Pavlov  <apavlov@chromium.org>
150
151         Web Inspector: [Protocol] Force elements pseudo state via a separate InspectorCSSAgent method
152         https://bugs.webkit.org/show_bug.cgi?id=93721
153
154         Reviewed by Pavel Feldman.
155
156         Introduce InspectorCSSAgent::forcePseudoState() to modify the element's forced pseudo state.
157
158         * inspector/Inspector.json:
159         * inspector/InspectorCSSAgent.cpp:
160         (WebCore::InspectorCSSAgent::getMatchedStylesForNode):
161         (WebCore::InspectorCSSAgent::getComputedStyleForNode):
162         (WebCore::InspectorCSSAgent::forcePseudoState):
163         (WebCore):
164         * inspector/InspectorCSSAgent.h:
165         (InspectorCSSAgent):
166         * inspector/InspectorDOMAgent.h:
167         (InspectorDOMAgent):
168         * inspector/front-end/AuditRules.js:
169         (WebInspector.AuditRules.ImageDimensionsRule.prototype.doRun.getStyles):
170         * inspector/front-end/CSSStyleModel.js:
171         (WebInspector.CSSStyleModel.prototype.getMatchedStylesAsync):
172         (WebInspector.CSSStyleModel.prototype.getComputedStyleAsync):
173         (WebInspector.CSSStyleModel.prototype.forcePseudoState):
174         * inspector/front-end/ElementsPanel.js:
175         (WebInspector.ElementsPanel.prototype._setPseudoClassForNodeId):
176         * inspector/front-end/MetricsSidebarPane.js:
177         * inspector/front-end/StylesSidebarPane.js:
178         (WebInspector.StylesSidebarPane.prototype._refreshUpdate):
179         (WebInspector.StylesSidebarPane.prototype._rebuildUpdate):
180
181 2012-08-13  Shinya Kawanaka  <shinyak@chromium.org>
182
183         Cannot select the AuthorShadowDOM inner element of an img element
184         https://bugs.webkit.org/show_bug.cgi?id=91591
185
186         Reviewed by Dimitri Glazkov.
187
188         Since HTMLImageElement::canStartSelection always returns false, we cannot start selection
189         from any children (including shadow dom) of an img element. When the img element has a shadow dom,
190         we should be able to start selection.
191
192         Test: fast/dom/shadow/select-image-with-shadow.html
193
194         * html/HTMLImageElement.cpp:
195         (WebCore::HTMLImageElement::canStartSelection):
196         (WebCore):
197         * html/HTMLImageElement.h:
198         (HTMLImageElement):
199         * html/shadow/ImageInnerElement.h:
200         (WebCore::ImageInnerElement::canStartSelection): Since ImageInnerElement is really an image,
201         this should return always false to obey the exising behavior.
202         (ImageInnerElement):
203
204 2012-08-13  Peter Wang  <peter.wang@torchmobile.com.cn>
205
206         REGRESSION (r124723-r124741): 5 inspector/debugger tests failing on Apple Lion Debug WK1 (Tests)
207         https://bugs.webkit.org/show_bug.cgi?id=93387
208
209         Reviewed by Pavel Feldman.
210
211         Now the front-end has problem when setting the positon of breakpoint, so remove the comparing
212         of "column" to make the behavior back to the time as JSC cannot provide "column" info.
213         Refer to https://bugs.webkit.org/show_bug.cgi?id=93473.  
214
215         No new test case for this bug.
216
217         * bindings/js/ScriptDebugServer.cpp:
218         (WebCore::ScriptDebugServer::hasBreakpoint):
219
220 2012-08-10  Kinuko Yasuda  <kinuko@chromium.org>
221
222         Support creating File object from FileSystem URL for files in FileSystem API
223         https://bugs.webkit.org/show_bug.cgi?id=93706
224
225         Reviewed by Darin Fisher.
226
227         Current File code assumes the existence of local file (i.e. requires a platform local file path) but for FileSystem
228         files it may not be always the case. For example some implementation may want to use in-memory filesystem to realize
229         sandboxed filesystem, or others may have the filesystem in remote servers.
230
231         This patch adds basic support for making File object constructible not only from a file path but from a FileSystem URL.
232         Since File can be appended to FormData or included in another Blob this patch also extends BlobData and FormData to support URL.
233
234         FileChooser and Drag-and-drop changes are not included in this patch.
235
236         No new tests: will add tests when we implement the platform side changes to wire this change.
237
238         * Modules/filesystem/DOMFileSystem.cpp:
239         (WebCore::DOMFileSystem::createFile):
240         * Modules/filesystem/DOMFileSystemSync.cpp:
241         (WebCore::DOMFileSystemSync::createFile):
242         * fileapi/Blob.cpp:
243         (WebCore::Blob::sliceInternal):
244         * fileapi/File.cpp:
245         (WebCore::createBlobDataForFileSystemURL): Added.
246         (WebCore::File::File):
247         * fileapi/File.h:
248         (WebCore::File::createForFileSystemFile):
249         (WebCore::File::fileSystemURL): Added.
250         * fileapi/WebKitBlobBuilder.cpp:
251         (WebCore::WebKitBlobBuilder::append):
252         * platform/chromium/support/WebHTTPBody.cpp:
253         (WebKit::WebHTTPBody::elementAt):
254         (WebKit::WebHTTPBody::appendURL): Added.
255         (WebKit::WebHTTPBody::appendURLRange): Added.
256         (WebKit::WebHTTPBody::appendBlob):
257         * platform/network/BlobData.cpp:
258         (WebCore::BlobData::appendURL):
259         * platform/network/BlobData.h:
260         (BlobDataItem):
261         (WebCore::BlobDataItem::BlobDataItem):
262         * platform/network/BlobRegistryImpl.cpp:
263         (WebCore::BlobRegistryImpl::appendStorageItems):
264         (WebCore::BlobRegistryImpl::registerBlobURL):
265         * platform/network/FormData.cpp:
266         (WebCore::FormData::deepCopy):
267         (WebCore::FormData::appendURL): Added.
268         (WebCore::FormData::appendURLRange): Added.
269         (WebCore::FormData::appendKeyValuePairItems):
270         * platform/network/FormData.h:
271         (WebCore::FormDataElement::FormDataElement):
272         (FormDataElement):
273         (WebCore::operator==):
274
275 2012-08-12  Dan Bernstein  <mitz@apple.com>
276
277         <rdar://problem/11442485> off-screen or inactive pages can change the mouse pointer
278
279         Reviewed by Adele Peterson.
280
281         * page/EventHandler.cpp:
282         (WebCore::EventHandler::fakeMouseMoveEventTimerFired): Added a check that the page is
283         on-screen and active before dispatching the fake mouse event.
284
285 2012-08-12  Jonathan Dong  <jonathan.dong@torchmobile.com.cn>
286
287         [BlackBerry] use MediaPlayer::userAgent() in MediaPlayerPrivateBlackBerry to avoid layering violation
288         https://bugs.webkit.org/show_bug.cgi?id=93588
289
290         Reviewed by Antonio Gomes.
291
292         Removed helper function MediaPlayerPrivate::userAgent() which has
293         introduced abstraction layering violation and replaced with
294         MediaPlayer::userAgent().
295
296         No new tests since there's no functional change.
297
298         * platform/graphics/blackberry/MediaPlayerPrivateBlackBerry.cpp:
299         (WebCore::MediaPlayerPrivate::load):
300
301 2012-07-04  Kinuko Yasuda  <kinuko@chromium.org>
302
303         Record metrics to measure the usage of WebKitBlobBuilder to eventually deprecate it
304         https://bugs.webkit.org/show_bug.cgi?id=90535
305
306         Reviewed by Eric Seidel.
307
308         No new tests as this has no functional changes.
309
310         * bindings/js/JSBlobCustom.cpp:
311         (WebCore::JSBlobConstructor::constructJSBlob):
312         * bindings/v8/custom/V8BlobCustom.cpp:
313         (WebCore::V8Blob::constructorCallback):
314         * fileapi/WebKitBlobBuilder.cpp:
315         (WebCore::WebKitBlobBuilder::getBlob):
316         * fileapi/WebKitBlobBuilder.h:
317         (WebKitBlobBuilder):
318
319 2012-08-12  Ojan Vafai  <ojan@chromium.org>
320
321         Remove unnecessary null checks from pseudoStyleForElement and adjustRenderStyle
322         https://bugs.webkit.org/show_bug.cgi?id=93730
323
324         Reviewed by Tony Chang.
325
326         All the callers of both methods make sure to pass in a non-null parentStyle.
327
328         No change in behavior.
329
330         * css/StyleResolver.cpp:
331         * css/StyleResolver.h:
332
333 2012-08-12  Pravin D  <pravind.2k4@gmail.com>
334
335         table cell.cellIndex should return -1 if there is no parent table
336         https://bugs.webkit.org/show_bug.cgi?id=93738
337
338         Reviewed by Eric Seidel.
339
340         According to the HTML5 spec the cellIndex of a table cell(td/th) whose parent is not a table row
341         must be -1. Currently we are returning zero. This patch fixes this behavior. 
342
343         Test: fast/table/cellIndex-of-cell-with-different-parents.html
344
345         * html/HTMLTableCellElement.cpp:
346         (WebCore::HTMLTableCellElement::cellIndex):
347           If the parent of the cell is not a table row, -1 is returned. Otherwise a value greater
348           than or equal to zero is return.
349
350         * rendering/RenderTableCell.h:
351         (RenderTableCell):
352          Removed dead code and made minor webkit style related fix.
353
354 2012-08-12  Leandro Gracia Gil  <leandrogracia@chromium.org>
355
356         [Chromium] Implement the find-in-page match rects API
357         https://bugs.webkit.org/show_bug.cgi?id=93111
358
359         Reviewed by Adam Barth.
360
361         Introduce the find-in-page coordinate system. This system tries to solve
362         the unintuitive tickmark results presented in pages with multiple frames
363         and scrolled contents where the find results might not be in the visible
364         area of a frame, which might lead to tickmarks below the container frame.
365
366         To achieve this, this coordinate system goes up the render tree
367         normalizing the coordinates by the actual contents size of its container.
368         This leads to tickmarks scaled to the visible size of their frame
369         independently of its scroll. This coordinate system supports also CSS
370         scroll:overflow, transforms and the different positions.
371
372         Also add an auxiliary method to Range in order to provide a transform
373         friendly way to retrieve the absolute coordinates of the enclosing
374         bounding box without the adjustment operations that the existing
375         enclosingRect method does.
376
377         Tested by WebFrameTest WebKit unit test.
378
379         * dom/Range.cpp:
380         (WebCore::Range::transformFriendlyBoundingBox): add a transform-friendly equivalent of boundingBox.
381         (WebCore):
382         * dom/Range.h: move boundingBox to the group of non-transform-friendly methods.
383         (Range):
384
385 2012-08-12  Ami Fischman  <fischman@chromium.org>
386
387         Stop Y-flipping CROS/ARM video textures
388         https://bugs.webkit.org/show_bug.cgi?id=93769
389
390         Reviewed by Eric Seidel.
391
392         No new tests; there's no cros/arm bot yet, sadly.
393
394         * platform/graphics/chromium/cc/CCVideoLayerImpl.cpp:
395         (WebCore::CCVideoLayerImpl::appendQuads): drop the single-platform Y-flipping in prep for the platform doing the flip natively.
396
397 2012-08-12  Mihnea Ovidenie  <mihnea@adobe.com>
398
399         CSSRegions: Crash when using style in region for removed element.
400         https://bugs.webkit.org/show_bug.cgi?id=93276
401
402         Reviewed by Abhishek Arya.
403
404         When a RenderInline object from within a render flow thread is split, the cloned
405         hierarchy built during the split process does not have the inRenderFlowThread bit
406         set properly. If the cloned hierarchy is flowed into a region with region style rules,
407         we compute the style in region also for objects that do not have inRenderFlowThread bit
408         set and we store the computed style in region for caching purposes. But we only remove
409         an object style in region information if that object has the inRenderFlowThread bit set.
410         Under these circumstances, it is possible to remove a object with cached style in region
411         and without inRenderFlowThread bit set from the render tree and leave the associated cached
412         information un-removed. Such information will be accesses during the next paint phase of
413         the region, thus resulting a crash.
414
415         The fix is to modify RenderBlock::clone() and RenderInline::clone() functions to also copy the inRenderFlowThread bit
416         from the source into the clone, therefore the cloned hierarchies will have the inRenderFlowThread
417         bit set properly.
418
419         Test: fast/regions/removed-element-style-in-region-crash.html
420
421         * rendering/RenderBlock.cpp:
422         (WebCore::RenderBlock::clone):
423         * rendering/RenderInline.cpp:
424         (WebCore::RenderInline::clone): Replace former static RenderInline::cloneInline with member RenderInline::clone.
425         (WebCore::RenderInline::splitInlines):
426         * rendering/RenderInline.h:
427         (RenderInline):
428         * rendering/RenderRegion.cpp:
429         (WebCore::RenderRegion::setObjectStyleInRegion):
430         Added an assert to make sure that when we are computing style in region, we are doing for objects
431         with inRenderFlowThread set. Also, bail out early in this case to prevent further crashes.
432
433 2012-08-12  Huang Dongsung  <luxtella@company100.net>
434
435         Set the access qualifier of two methods to query frame specific info of BitmapImage to protected.
436         https://bugs.webkit.org/show_bug.cgi?id=90505
437
438         Reviewed by Eric Seidel.
439
440         Following 4 methods are protected.
441           size_t frameCount();
442           NativeImagePtr frameAtIndex(size_t);
443           bool frameIsCompleteAtIndex(size_t);
444           float frameDurationAtIndex(size_t);
445
446         So, 2 methds also should be protected because the frame info is only specific of
447         BitmapImage.
448           bool frameHasAlphaAtIndex(size_t);
449           ImageOrientation frameOrientationAtIndex(size_t);
450
451         On the other hand, this patch amended GraphicsContext3DCG.
452         - static_cast<BitmapImage*>(image)->frameHasAlphaAtIndex(0)
453         + image->currentFrameHasAlpha()
454
455         This patch does not affect PNG, JPEG, BMP, and WEBP because those images
456         have only 0 indexed frame.
457         Thus, GIF, and ICO are affected. However, an above query to get Alpha
458         is for the image that is created by image->nativeImageForCurrentFrame(), so it
459         is proper to use image->currentFrameHasAlpha() instead of
460         image->frameHasAlphaAtIndex(0).
461
462         No new tests, because it is hard to test. We need an animated GIF that
463         one frame has alpha and another frame does not have alpha. However, I
464         cannot find the animated GIF file that suffices the requirement.
465
466         * platform/graphics/BitmapImage.h:
467         (BitmapImage):
468         * platform/graphics/cg/GraphicsContext3DCG.cpp:
469         (WebCore::GraphicsContext3D::getImageData):
470
471 2012-08-12  Takashi Sakamoto  <tasak@google.com>
472
473         webkit fails IETC namespaces/prefix-007.xml
474         https://bugs.webkit.org/show_bug.cgi?id=86137
475
476         Reviewed by Eric Seidel.
477
478         If a namespace prefix or default namespace is declared more than once
479         only the last declaration shall be used.
480
481         parseAddNamespace doesn't check return value of WTF::HashMap<>::add.
482         If the return value's isNewEntry is true, the new entry is added with
483         the specified value. However, if isNewEntry is false, it is required
484         to update the store value.
485
486         No new tests. ietestcenter/css3/namespaces/prefix-007.xml and
487         ietestcenter/css3/namespaces/prefix-010.xml covers this change.
488
489         * css/StyleSheetContents.cpp:
490         (WebCore::StyleSheetContents::parserAddNamespace):
491         Modified to check m_namespaces.add's return value.
492         If the result says not a new entry, updated the value stored in
493         m_namespaces by using iterator in the result.
494
495 2012-08-12  Benjamin Poulain  <benjamin@webkit.org>
496
497         Move CSS's propertyNameStrings[] to from the header to the cpp file
498         https://bugs.webkit.org/show_bug.cgi?id=93771
499
500         Reviewed by Eric Seidel.
501
502         The names of propertyNameStrings[] should never be accessed directly. The function getPropertyName()
503         return the correct string of propertyNameStrings.
504
505         To ensure the values are not accessed by mistake, move them from the header to the implementation.
506
507         * css/makeprop.pl:
508
509 2012-08-12  Benjamin Poulain  <benjamin@webkit.org>
510
511         CSSComputedStyleDeclaration::cssText() should use StringBuilder
512         https://bugs.webkit.org/show_bug.cgi?id=93776
513
514         Reviewed by Eric Seidel.
515
516         String::append() is fairly inefficient when used to create a long string by appending a lot of small
517         pieces. StringBuilder is more approriate for the kind of operations done by CSSComputedStyleDeclaration::cssText().
518
519         This changes makes CSSComputedStyleDeclaration::cssText() about 6 times faster.
520
521         * css/CSSComputedStyleDeclaration.cpp:
522         (WebCore::CSSComputedStyleDeclaration::cssText):
523
524 2012-08-11  Benjamin Poulain  <bpoulain@apple.com>
525
526         Do the DecimalNumber to String conversion on 8 bits
527         https://bugs.webkit.org/show_bug.cgi?id=93683
528
529         Reviewed by Andreas Kling.
530
531         Numbers converted to string for CSS are unlikely to ever be concatenated with a 16bits string.
532         This patch change the conversion to be done to 8bits string in order to reduce memory allocations.
533
534         * css/CSSPrimitiveValue.cpp:
535         (WebCore::formatNumber):
536         * inspector/InspectorValues.cpp:
537         (WebCore::InspectorBasicValue::writeJSON):
538         * platform/graphics/Color.cpp:
539         (WebCore::Color::serialized): Instead of allocating a static WTF::String, we can simply append the
540         string literal to the output vector.
541
542 2012-08-11  Benjamin Poulain  <benjamin@webkit.org>
543
544         WebCore::findAtomicString(PropertyName) always convert the name to 16bits
545         https://bugs.webkit.org/show_bug.cgi?id=93685
546
547         Reviewed by Geoffrey Garen.
548
549         * bindings/js/JSDOMBinding.cpp:
550         (WebCore::findAtomicString):
551         Use the new AtomicString::find() to avoid calling StringImpl::characters().
552
553 2012-08-11  Caio Marcelo de Oliveira Filho  <caio.oliveira@openbossa.org>
554
555         [Qt] Remove QtSenderStack now we do not support __qt_sender__ anymore in Qt bridge
556         https://bugs.webkit.org/show_bug.cgi?id=93767
557
558         Reviewed by Kenneth Rohde Christiansen.
559
560         Dead code after patch of bug 93649.
561
562         * bridge/qt/qt_instance.h:
563         (QtInstance):
564
565 2012-08-11  Abhishek Arya  <inferno@chromium.org>
566
567         Unreviewed. 
568
569         Removing newly added assert in r125351 since it is exposing
570         legitimate layout bugs in few tests. We will re-add the assert
571         after fixing those bugs. Failures are tracked in webkit bug 93766. 
572
573         * rendering/RenderBlock.cpp:
574         (WebCore::RenderBlock::removeFromTrackedRendererMaps):
575
576 2012-08-11  Levi Weintraub  <leviw@chromium.org>
577
578         Track block's positioned objects like percent-height descendants
579         https://bugs.webkit.org/show_bug.cgi?id=89848
580
581         Reviewed by Abhishek Arya.
582
583         The previous method for tracking a RenderBlock's out-of-flow positioned descendants was error prone,
584         subject to becoming inconsistent, and in the case of removePositionedObjects, inefficient. This patch 
585         extracts the algorithm used for percent height descendants and re-uses it for positioned objects. This same
586         method could further be re-used for floats.
587
588         This change removes the m_positionedObjects pointer, which brings RenderBlock's size down (yay!).
589
590         Test: fast/block/positioning/relayout-nested-positioned-elements-crash-2.html
591
592         * rendering/RenderBlock.cpp:
593         (SameSizeAsRenderBlock):
594         (WebCore):
595         (WebCore::removeBlockFromDescendantAndContainerMaps):
596         (WebCore::RenderBlock::~RenderBlock):
597         (WebCore::RenderBlock::addOverflowFromPositionedObjects):
598         (WebCore::RenderBlock::layoutBlockChildren):
599         (WebCore::RenderBlock::layoutPositionedObjects):
600         (WebCore::RenderBlock::markPositionedObjectsForLayout):
601         (WebCore::clipOutPositionedObjects):
602         (WebCore::RenderBlock::selectionGaps):
603         (WebCore::RenderBlock::insertIntoTrackedRendererMaps):
604         (WebCore::RenderBlock::removeFromTrackedRendererMaps):
605         (WebCore::RenderBlock::positionedObjects):
606         (WebCore::RenderBlock::insertPositionedObject):
607         (WebCore::RenderBlock::removePositionedObject):
608         (WebCore::RenderBlock::removePositionedObjects):
609         (WebCore::RenderBlock::addPercentHeightDescendant):
610         (WebCore::RenderBlock::removePercentHeightDescendant):
611         (WebCore::RenderBlock::percentHeightDescendants):
612         (WebCore::RenderBlock::checkPositionedObjectsNeedLayout):
613         * rendering/RenderBlock.h:
614         (WebCore):
615         (RenderBlock):
616         (WebCore::RenderBlock::hasPositionedObjects):
617         * rendering/RenderBox.cpp:
618         (WebCore::RenderBox::removeFloatingOrPositionedChildFromBlockLists):
619         * rendering/RenderBoxModelObject.cpp:
620         (WebCore::RenderBoxModelObject::moveChildTo): Changing the fixme to reflect the assumption that the caller
621         has taken care of updating the positioned renderer maps is a decision not a bug. The ASSERT should help
622         assure this.
623         * rendering/RenderTableSection.cpp:
624         (WebCore::RenderTableSection::layoutRows):
625         * rendering/RenderView.cpp:
626         (WebCore::RenderView::setFixedPositionedObjectsNeedLayout):
627
628 2012-08-10  Joshua Netterfield  <jnetterfield@rim.com>
629
630         [WebGL] Add support for EXT_robustness
631         https://bugs.webkit.org/show_bug.cgi?id=93379
632
633         Reviewed by George Staikos.
634
635         Take advantage of EXT robustness in WebKit.
636
637         This commit makes WebKit use readnPixelsEXT, getnUniformfvEXT and
638         getnUniformivEXT instead of readPixels, getUniformfv and getUniformiv
639         when possible, and sets up the reset notification behaviour for
640         GLES platforms.
641
642         The reset behaviour has not yet been implemented in the BlackBerry
643         compositing thread, so for now on BlackBerry we just abort when
644         the context has been reset. This prevents undefined behaviour, but
645         can be improved in the future.
646
647         No new tests are needed because no new functionality is introduced.
648         Support for ARB robustness reset notification behaviour is already
649         in WebKit, and EXT robustness' reset notifcation behaviour is the
650         same. readnPixelsEXT replaces WebKit's existing mechanisms of
651         preventing buffer overflows.
652
653         RIM PR# 147510
654         Internally reviewed by Arvid Nilsson.
655
656         * html/canvas/WebGLRenderingContext.cpp:
657         (WebCore):
658         (WebCore::WebGLRenderingContext::setupFlags):
659         (WebCore::WebGLRenderingContext::getUniform):
660         (WebCore::WebGLRenderingContext::readPixels):
661         * html/canvas/WebGLRenderingContext.h:
662         (WebGLRenderingContext):
663         * platform/chromium/support/Extensions3DChromium.cpp:
664         (WebCore::Extensions3DChromium::readnPixelsEXT):
665         (WebCore):
666         (WebCore::Extensions3DChromium::getnUniformfvEXT):
667         (WebCore::Extensions3DChromium::getnUniformivEXT):
668         * platform/graphics/Extensions3D.h:
669         * platform/graphics/blackberry/GraphicsContext3DBlackBerry.cpp:
670         (WebCore::GraphicsContext3D::setContextLostCallback):
671         * platform/graphics/blackberry/LayerRenderer.cpp:
672         (WebCore::LayerRenderer::LayerRenderer):
673         (WebCore::LayerRenderer::makeContextCurrent):
674         * platform/graphics/blackberry/LayerRenderer.h:
675         (LayerRenderer):
676         * platform/graphics/chromium/Extensions3DChromium.h:
677         * platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:
678         (WebCore::Extensions3DOpenGLCommon::readnPixelsEXT):
679         (WebCore):
680         (WebCore::Extensions3DOpenGLCommon::getnUniformfvEXT):
681         (WebCore::Extensions3DOpenGLCommon::getnUniformivEXT):
682         * platform/graphics/opengl/Extensions3DOpenGLCommon.h:
683         (Extensions3DOpenGLCommon):
684         * platform/graphics/opengl/Extensions3DOpenGLES.cpp:
685         (WebCore::Extensions3DOpenGLES::Extensions3DOpenGLES):
686         (WebCore::Extensions3DOpenGLES::getGraphicsResetStatusARB):
687         (WebCore):
688         (WebCore::Extensions3DOpenGLES::setEXTContextLostCallback):
689         (WebCore::Extensions3DOpenGLES::readnPixelsEXT):
690         (WebCore::Extensions3DOpenGLES::getnUniformfvEXT):
691         (WebCore::Extensions3DOpenGLES::getnUniformivEXT):
692         (WebCore::Extensions3DOpenGLES::supportsExtension):
693         * platform/graphics/opengl/Extensions3DOpenGLES.h:
694         (Extensions3DOpenGLES):
695
696 2012-08-10  Arko Saha  <arko@motorola.com>
697
698         Microdata: item with itemprop attribute should not include the item itself in the HTMLPropertiesCollection.
699         https://bugs.webkit.org/show_bug.cgi?id=93717
700
701         Reviewed by Ryosuke Niwa.
702
703         Tests: fast/dom/MicroData/item-with-itemprop-attr.html
704                fast/dom/MicroData/item-with-itemref-pointing-to-itself.html
705
706         * dom/PropertyNodeList.cpp:
707         (WebCore::PropertyNodeList::nodeMatches): Do not process the testElement if it is the owner node.
708         * html/HTMLPropertiesCollection.cpp:
709         (WebCore::nextNodeWithProperty): Traverse the next node only if previous node is microdata item
710         i.e, ownerNode or previous element does not have itemscope attribute specified.
711         (WebCore::HTMLPropertiesCollection::virtualItemAfter): Try to find the next property if current
712         is ownerNode.
713
714 2012-08-10  Ryuan Choi  <ryuan.choi@samsung.com>
715
716         [BlackBerry][EFL][GTK][WIN][WX] Remove ScriptControllerXXX.cpp to reduce duplication
717         https://bugs.webkit.org/show_bug.cgi?id=61424
718
719         Reviewed by Rob Buis.
720
721         ScriptControllerBlackBerry, ScriptControllerEfl, ScriptControllerGtk,
722         ScriptControllerWin and ScriptControllerWx are almost same.
723         In order to reduce duplication, this patch moves codes to ScriptController
724         and removes them.
725
726         No behavior change. Just a refactoring.
727
728         * GNUmakefile.list.am:
729         * PlatformBlackBerry.cmake:
730         * PlatformEfl.cmake:
731         * PlatformWinCE.cmake:
732         * WebCore.gypi:
733         * bindings/js/JSBindingsAllInOne.cpp:
734         * bindings/js/ScriptController.cpp:
735         (WebCore):
736         (WebCore::ScriptController::createScriptInstanceForWidget):
737         Moved from ScriptControllerXXX.cpp
738         * bindings/js/ScriptControllerBlackBerry.cpp: Removed.
739         * bindings/js/ScriptControllerEfl.cpp: Removed.
740         * bindings/js/ScriptControllerGtk.cpp: Removed.
741         * bindings/js/ScriptControllerWin.cpp: Removed.
742         * bindings/js/ScriptControllerWx.cpp: Removed.
743
744 2012-08-10  Elliott Sprehn  <esprehn@gmail.com>
745
746         RenderQuote corrupts doubly linked list on insertion before head of list
747         https://bugs.webkit.org/show_bug.cgi?id=93750
748
749         Reviewed by Abhishek Arya.
750
751         Fix bug where moving a RenderQuote instance before the first one in
752         the document would not update the m_previous pointer of the original
753         first RenderQuote to point back at the new one.
754
755         Test: fast/css-generated-content/quote-crash-93750.html
756
757         * rendering/RenderQuote.cpp:
758         (WebCore::RenderQuote::attachQuote):
759
760 2012-08-09  James Robinson  <jamesr@chromium.org>
761
762         [chromium] Remove forwarding headers for compositor-related WebKit API and update includes
763         https://bugs.webkit.org/show_bug.cgi?id=93669
764
765         Reviewed by Adam Barth.
766
767         Updates all includes for compositor-related headers to refer consistently to the Platform API location.
768
769         * platform/chromium/support/WebCompositorImpl.h:
770
771 2012-08-10  James Robinson  <jamesr@chromium.org>
772
773         Unreviewed build fix.
774
775         r125337 added a call to WTF::currentTime() in MediaController.cpp, but that file didn't #include
776         <wtf/CurrentTime.h>. This file is indirectly picked up on the include paths for some ports, but not all.
777
778         * html/MediaController.cpp:
779
780 2012-08-10  Jer Noble  <jer.noble@apple.com>
781
782         no timeupdate events emitted for media controller
783         https://bugs.webkit.org/show_bug.cgi?id=93745
784
785         Reviewed by Eric Carlson.
786
787         Generate timeupdate events while the current position is changing.
788
789         Test: media/media-controller-timeupdate.html
790
791         Enforce the spec requirement that the timeupdate event is fired no more often
792         than every 250ms.
793         * html/MediaController.cpp:
794         (MediaController::scheduleTimeupdateEvent):
795
796         Add a periodic firing timer to generate timeupdate events during playback.
797         * html/MediaController.cpp:
798         (MediaController::startTimeupdateTimer):
799         (MediaController::timeupdateTimerFired):
800
801         * html/MediaController.cpp:
802         (MediaController::MediaController): Initialize m_previousTimeupdateTime.
803         (MediaController::setCurrentTime): Call scheduleTimeUpdateEvent.
804         (MediaController::updatePlaybackState): Start and stop the timeupdate timer.
805         * html/MediaController.h:
806         
807 2012-08-09  Jeffrey Pfau  <jpfau@apple.com>
808
809         Allow blocking of third-party localStorage and sessionStorage
810         https://bugs.webkit.org/show_bug.cgi?id=93390
811
812         Reviewed by Adam Barth.
813
814         Add checks for if a page is third-party and third-party storage blocking is enabled while accessing storage.
815
816         Tests: http/tests/security/cross-origin-local-storage-allowed.html
817                http/tests/security/cross-origin-local-storage.html
818                http/tests/security/cross-origin-session-storage-allowed.html
819                http/tests/security/cross-origin-session-storage.html
820                http/tests/security/same-origin-document-domain-storage-allowed.html
821
822         * dom/Document.cpp:
823         (WebCore::Document::initSecurityContext): Initialize securityOrigin with knowledge of if we should block third-party storage.
824         * page/DOMWindow.cpp: Check if the origin trying to access storage is third-party relative to the top document.
825         (WebCore::DOMWindow::sessionStorage):
826         (WebCore::DOMWindow::localStorage):
827         * page/SecurityOrigin.cpp: Add a call in Security origin to see if another origin counts as a third-party.
828         (WebCore::SecurityOrigin::SecurityOrigin):
829         (WebCore::SecurityOrigin::canAccessLocalStorage):
830         (WebCore):
831         (WebCore::SecurityOrigin::isThirdParty):
832         * page/SecurityOrigin.h:
833         (WebCore::SecurityOrigin::blockThirdPartyStorage):
834         (SecurityOrigin):
835         * testing/InternalSettings.cpp: Add an internals.settings hook for setting third-party storage blocking enabled.
836         (WebCore::InternalSettings::setThirdPartyStorageBlockingEnabled):
837         (WebCore):
838         * testing/InternalSettings.h:
839         (InternalSettings):
840         * testing/InternalSettings.idl:
841
842 2012-08-10  Arko Saha  <arko@motorola.com>
843
844         REGRESSION(r125159): ASSERTION FAILED: m_listsInvalidatedAtDocument.contains(list) in Document::unregisterNodeListCache.
845         https://bugs.webkit.org/show_bug.cgi?id=93729
846
847         Reviewed by Ryosuke Niwa.
848
849         In Document::registerNodeListCache() it was not adding PropertyNodeList
850         cache to m_listsInvalidatedAtDocument the as node list currently not rooted
851         at the document. Where in Document::unregisterNodeListCache() it was trying
852         to remove PropertyNodeList cache from m_listsInvalidatedAtDocument. Hence it
853         caused the assertion failure.
854
855         We need to check if m_rootType is NodeListIsRootedAtDocumentIfOwnerHasItemrefAttr,
856         not that it's currently rooted at the document.
857
858         Test: fast/dom/MicroData/propertynodelist-crash.html
859
860         * dom/DynamicNodeList.h:
861         (WebCore::DynamicNodeListCacheBase::isRootedAtDocument):
862
863 2012-08-10  Florin Malita  <fmalita@chromium.org>
864
865         Improved RuleData packing on some 32-bit platforms
866         https://bugs.webkit.org/show_bug.cgi?id=93737
867
868         Reviewed by Andreas Kling.
869
870         Certain 32-bit plarforms use an 8-byte alignment for uint64_t. We can save 4 bytes per
871         object on these platforms by using two naturally-aligning unsigned ints instead.
872
873         * css/StyleResolver.cpp:
874         (RuleData):
875         (SameSizeAsRuleData):
876
877 2012-08-10  Max Vujovic  <mvujovic@adobe.com>
878
879         [CSS Shaders] Add blend mode and composite op to compiled program cache key
880         https://bugs.webkit.org/show_bug.cgi?id=93623
881
882         Reviewed by Dirk Schulze.
883
884         Right now, only the vertex shader string and the fragment shader string are hashed
885         to create a key for the compiled program. However, in a future patch, WebKit will
886         rewrite the fragment shader based on the blend mode and composite op specified by
887         the author. This means that the unique key for a compiled program is (original
888         vertex shader string, original fragment shader string, blend mode, composite
889         operator). This patch adds blend mode and composite operator in the hash for the
890         key.
891
892         No new tests. The state of the compiled program cache is not exposed to a web
893         page. Existing tests should ensure this change doesn't break current
894         functionality. Additional tests will be added in a future patch that implements
895         shader rewriting based on blend mode and composite op.
896
897         * platform/graphics/filters/CustomFilterProgram.cpp:
898         (WebCore::CustomFilterProgram::programInfo):
899         * platform/graphics/filters/CustomFilterProgram.h:
900         (WebCore):
901         * platform/graphics/filters/CustomFilterProgramInfo.cpp:
902         (WebCore::CustomFilterProgramInfo::CustomFilterProgramInfo):
903         (WebCore::CustomFilterProgramInfo::hash):
904         (WebCore::CustomFilterProgramInfo::operator==):
905         * platform/graphics/filters/CustomFilterProgramInfo.h:
906         (WebCore::CustomFilterProgramMixSettings::CustomFilterProgramMixSettings):
907         (CustomFilterProgramMixSettings):
908         (WebCore::CustomFilterProgramMixSettings::operator==):
909         (WebCore):
910         (CustomFilterProgramInfo):
911
912 2012-08-10  Alice Cheng  <alice_cheng@apple.com>
913
914         Part 1 of: Extend -webkit-user-select with a new value "all"
915         <rdar://problem/10161404>
916         https://bugs.webkit.org/show_bug.cgi?id=93562
917
918         Reviewed by Dan Bernstein.
919
920         Parse the new "all" value for -webkit-user-select
921
922         Test: editing/selection/user-select-all-parsing.html
923
924         * css/CSSParser.cpp:
925         (WebCore::isValidKeywordPropertyAndValue): Add new value all
926         * css/CSSPrimitiveValueMappings.h:
927         (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): Add new value all
928         (WebCore::CSSPrimitiveValue::operator EUserSelect): Add one more bit to store the new property value
929         * rendering/style/RenderStyleConstants.h: Add new value all
930         * rendering/style/StyleRareInheritedData.h: Add new value all
931         (StyleRareInheritedData):
932
933 2012-08-10  Iain Merrick  <husky@google.com>
934
935         [chromium] Upstream Android changes to WebFrameImpl::selectRange
936         https://bugs.webkit.org/show_bug.cgi?id=92513
937
938         Reviewed by Ryosuke Niwa.
939
940         Make this function public we so can call it from the WebKit layer.
941
942         * page/EventHandler.h:
943         (EventHandler):
944
945 2012-08-10  Mario Sanchez Prada  <msanchez@igalia.com>
946
947         [GTK] Broken implementation of AtkText and AtkEditableText for password fields
948         https://bugs.webkit.org/show_bug.cgi?id=93621
949
950         Rubber-stamped by Ryosuke Niwa.
951
952         Fix Apple Win build, by avoiding to generate unreachable sections
953         of code in AccessibilityRenderObject::passwordFieldValue().
954
955         * accessibility/AccessibilityRenderObject.cpp:
956         (WebCore::AccessibilityRenderObject::passwordFieldValue):
957
958 2012-08-10  Dana Jansens  <danakj@chromium.org>
959
960         [chromium] Remove targetSurface pointer from CCRenderPass
961         https://bugs.webkit.org/show_bug.cgi?id=93734
962
963         Reviewed by Adrienne Walker.
964
965         This removes the CCRenderSurface pointer from the CCRenderPass
966         structure, allowing it to be serialized and used across processes
967         freely.
968
969         No new tests; no intended change in behaviour.
970
971         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
972         (WebCore::CCLayerTreeHostImpl::drawLayers):
973         * platform/graphics/chromium/cc/CCRenderPass.cpp:
974         (WebCore::CCRenderPass::CCRenderPass):
975         * platform/graphics/chromium/cc/CCRenderPass.h:
976         (CCRenderPass):
977
978 2012-08-10  Mario Sanchez Prada  <msanchez@igalia.com>
979
980         [GTK] Broken implementation of AtkText and AtkEditableText for password fields
981         https://bugs.webkit.org/show_bug.cgi?id=93621
982
983         Reviewed by Chris Fleizach.
984
985         Fix broken implementation of AtkText and AtkEditableText
986         interfaces in the GTK port for password input fields.
987
988         * accessibility/AccessibilityRenderObject.cpp:
989         (WebCore::AccessibilityRenderObject::stringValue): Call the new
990         function passwordFieldValue() for password input fields.
991         (WebCore::AccessibilityRenderObject::text): Ditto.
992         (WebCore::AccessibilityRenderObject::textLength): Return the
993         actual length of the password in the field for GTK, return -1
994         otherwise (not to break current behavior in other platforms).
995         (WebCore::AccessibilityRenderObject::doAXStringForRange): Don't
996         early return for password fields in GTK (will rely on text()).
997         (WebCore::AccessibilityRenderObject::passwordFieldValue): New, it
998         returns the text being actually rendered for a password input
999         field (normally a masked string) in GTK. It returns String() in
1000         the rest of platforms, to ensure we don't break anything there.
1001         (WebCore):
1002         * accessibility/AccessibilityRenderObject.h:
1003         (AccessibilityRenderObject):
1004         * accessibility/AccessibilityObject.h:
1005         (WebCore::AccessibilityObject::passwordFieldValue): Default
1006         implementation of this new method, returning an empty string.
1007         (AccessibilityObject):
1008
1009         Ensure the 'text-insert' and 'text-remove' signals for the AtkText
1010         interface are properly emitted for password input fields.
1011
1012         * accessibility/gtk/AXObjectCacheAtk.cpp:
1013         (WebCore::AXObjectCache::nodeTextChangePlatformNotification): Make
1014         sure we never emit the password value for an input field in plain
1015         text when inserting or removing text. Emit the masked text instead.
1016
1017 2012-08-09  Jer Noble  <jer.noble@apple.com>
1018
1019         Use the new AVPlayerItemVideoOutput API in MediaPlayerPrivateAVFoundation.
1020         https://bugs.webkit.org/show_bug.cgi?id=93591
1021
1022         Reviewed by Eric Carlson.
1023
1024         Support the new AVPlayerItemVideoOutput API from Mountain Lion, which has much increased performance over
1025         AVAssetImageGenerator.
1026
1027         No new tests; Performance change only, no net change in functionality.
1028
1029         AVPlayerItemVideoOutput requires an attached CALayer for rendering to occur.  Make the rendering modes non-exclusive, 
1030         so layer-rendering and context-rendering can exist simultaneously:
1031         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h: Make the MediaRenderingMode enum
1032             a bitfield.
1033         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
1034         (WebCore::MediaPlayerPrivateAVFoundation::currentRenderingModes): Renamed from currentRenderingMode().
1035         (WebCore::MediaPlayerPrivateAVFoundation::setUpVideoRendering): Check for the presence of the MediaRenderingToLayer bit.
1036         (WebCore::MediaPlayerPrivateAVFoundation::prepareForRendering): Ditto.
1037         (WebCore::MediaPlayerPrivateAVFoundation::updateStates): Ditto.
1038
1039         Pull out existing the AVAssetImageGenerator into its own functions:
1040         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1041         (WebCore::MediaPlayerPrivateAVFoundationObjC::createImageGenerator):
1042         (WebCore::MediaPlayerPrivateAVFoundationObjC::destroyImageGenerator):
1043         (WebCore::MediaPlayerPrivateAVFoundationObjC::paintWithImageGenerator):
1044
1045         Add new AVPlayerItemVideoOutput equivalent functions:
1046         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1047         (WebCore::MediaPlayerPrivateAVFoundationObjC::createVideoOutput):
1048         (WebCore::MediaPlayerPrivateAVFoundationObjC::destroyVideoOutput):
1049         (WebCore::MediaPlayerPrivateAVFoundationObjC::createPixelBuffer):
1050         (WebCore::MediaPlayerPrivateAVFoundationObjC::paintWithVideoOutput):
1051
1052         Switch between the AVAssetImageGenerator and AVPlayerItemVideoOutput functions from
1053         within the original functions:
1054         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1055         (WebCore::MediaPlayerPrivateAVFoundationObjC::createContextVideoRenderer):
1056         (WebCore::MediaPlayerPrivateAVFoundationObjC::destroyContextVideoRenderer):
1057         (WebCore::MediaPlayerPrivateAVFoundationObjC::hasContextRenderer):
1058         (WebCore::MediaPlayerPrivateAVFoundationObjC::paint):
1059
1060         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1061         (WebCore::MediaPlayerPrivateAVFoundationObjC::createImageForTimeInRect): Call the 
1062             AVAssetImageGenerator creation function directly.
1063
1064 2012-08-10  Abhishek Arya  <inferno@chromium.org>
1065
1066         Crash on accessing a removed layout root in FrameView::scheduleRelayout.
1067         https://bugs.webkit.org/show_bug.cgi?id=91368
1068
1069         Reviewed by Levi Weintraub.
1070
1071         We were calling setNeedsLayoutAndPrefWidthsRecalc() in RenderBlock::collapseAnonymousBoxChild
1072         even when documentBeingDestroyed() was true. This ends up accessing stale layout root and bypasses
1073         mitigation added in r109406. There is no need to waste time merging up anonymous blocks in
1074         RenderBlock::removeChild when documentBeingDestroyed() is true.
1075
1076         No new tests. The test is time sensitive, requires a bunch of reloads, and only reproduces on chromium linux.
1077
1078         * rendering/RenderBlock.cpp:
1079         (WebCore::RenderBlock::collapseAnonymousBoxChild):
1080         (WebCore::RenderBlock::removeChild):
1081
1082 2012-08-10  Dan Bernstein  <mitz@apple.com>
1083
1084         <rdar://problem/11855229> When in paginated mode, the layout timer fires continually
1085         https://bugs.webkit.org/show_bug.cgi?id=91038
1086
1087         Reviewed by Simon Fraser.
1088
1089         * page/Page.cpp:
1090         (WebCore::Page::pageCount): Changed to only trigger layout if needed.
1091
1092 2012-08-10  Gyuyoung Kim  <gyuyoung.kim@samsung.com>
1093
1094         [CMAKE] Fix wrong idl include path in CMakeList.txt
1095         https://bugs.webkit.org/show_bug.cgi?id=93715
1096
1097         Reviewed by Rob Buis.
1098
1099         No new tests. No change in behavior.
1100
1101         * CMakeLists.txt: Fix notifications path.
1102
1103 2012-08-10  Allan Sandfeld Jensen  <allan.jensen@nokia.com>
1104
1105         [Transforms] Hit test issue with large scale() transform
1106         https://bugs.webkit.org/show_bug.cgi?id=23170
1107
1108         Reviewed by Simon Fraser.
1109
1110         By using normal rounding to determine the top-left corner of the
1111         hit-tested rectangle, we end up offsetting the hit test by up to
1112         half a pixel, once scaled to x60, this creates a 30px error.
1113
1114         Normal rounding is replaced with floored rounding which means the
1115         hit-tested pixel will now always be the pixel containing the
1116         point.
1117
1118         Test: fast/transforms/hit-test-large-scale.html
1119
1120         * rendering/HitTestResult.cpp:
1121         (WebCore::HitTestPoint::HitTestPoint):
1122         (WebCore::HitTestPoint::intersectsRect):
1123         (WebCore::HitTestPoint::rectForPoint):
1124
1125 2012-08-10  Florin Malita  <fmalita@chromium.org>
1126
1127         Unreviewed gardening: build fix for 32bit platforms after 125294.
1128
1129         * css/StyleResolver.cpp:
1130         (RuleData):
1131
1132 2012-08-10  Takashi Sakamoto  <tasak@google.com>
1133
1134         box-shadow creates incorrect shadow when border-radius is too large
1135         https://bugs.webkit.org/show_bug.cgi?id=72103
1136
1137         Reviewed by Simon Fraser.
1138
1139         Added a code for adjusting a rounded rect before paintBoxShadow in
1140         a similar way to getRoundedRectFor.
1141
1142         Test: fast/borders/border-shadow-large-radius.html
1143
1144         * platform/graphics/RoundedRect.cpp:
1145         (WebCore::RoundedRect::adjustRadii):
1146         Added a new method to set radii's scale to fit into rect.
1147         * platform/graphics/RoundedRect.h:
1148         (RoundedRect):
1149         * rendering/RenderBoxModelObject.cpp:
1150         (WebCore::RenderBoxModelObject::paintBoxShadow):
1151         A rounded rect for box-shadow is not checked whether the raii matches
1152         the rect or not. Added the code to adjust radii's scale if the rounded
1153         rect is not renderable, the case: RoundedRect::isRenderable is false.
1154
1155 2012-08-10  Ojan Vafai  <ojan@chromium.org>
1156
1157         Wrap INLINE_FLEX in a #if ENABLE(CSS3_FLEXBOX).
1158         Unreviewed build fix.
1159
1160         * rendering/style/RenderStyle.h:
1161
1162 2012-08-10  Dan Bernstein  <mitz@apple.com>
1163
1164         Renamed the “Modules/webaudio” group in the Xcode project to “webaudio” and moved it into
1165         the Modules group.
1166
1167         Rubber-stamped by Simon Fraser.
1168
1169         * WebCore.xcodeproj/project.pbxproj:
1170
1171 2012-08-10  Erik Arvidsson  <arv@chromium.org>
1172
1173         [V8] Enable es5_readonly
1174         https://bugs.webkit.org/show_bug.cgi?id=91031
1175
1176         Reviewed by Adam Barth.
1177
1178         This turns on the es5_readonly flag for V8. This makes V8 match the ES5 spec regarding
1179         non writable properties on the prototype chain. JSC already behaves the right so this
1180         just makes V8 behave the same.
1181
1182         Updated test expectations.
1183
1184         * bindings/v8/V8DOMWindowShell.cpp:
1185         (WebCore::V8DOMWindowShell::initContextIfNeeded):
1186         * bindings/v8/WorkerContextExecutionProxy.cpp:
1187         (WebCore::WorkerContextExecutionProxy::initIsolate):
1188
1189 2012-08-10  Kentaro Hara  <haraken@chromium.org>
1190
1191         [V8] Introduce V8DOMConfiguration class and make batchConfigureXXX() methods static
1192         https://bugs.webkit.org/show_bug.cgi?id=93615
1193
1194         Reviewed by Adam Barth.
1195
1196         Per the discussion in bug 93239,
1197
1198         (1) Rename V8ConfigureDOMAttributesAndMethods to V8DOMConfiguration.
1199         (2) Introduce V8DOMConfiguration class and make batchConfigureXXX() methods static.
1200
1201         No tests. No change in behavior.
1202
1203         * UseV8.cmake:
1204         * WebCore.gypi:
1205         * bindings/scripts/CodeGeneratorV8.pm:
1206         (GenerateImplementation):
1207         * bindings/scripts/test/V8/V8Float64Array.cpp:
1208         (WebCore):
1209         (WebCore::ConfigureV8Float64ArrayTemplate):
1210         * bindings/scripts/test/V8/V8TestActiveDOMObject.cpp:
1211         (WebCore):
1212         (WebCore::ConfigureV8TestActiveDOMObjectTemplate):
1213         * bindings/scripts/test/V8/V8TestCustomNamedGetter.cpp:
1214         (WebCore):
1215         (WebCore::ConfigureV8TestCustomNamedGetterTemplate):
1216         * bindings/scripts/test/V8/V8TestEventConstructor.cpp:
1217         (WebCore):
1218         (WebCore::ConfigureV8TestEventConstructorTemplate):
1219         * bindings/scripts/test/V8/V8TestEventTarget.cpp:
1220         (WebCore):
1221         (WebCore::ConfigureV8TestEventTargetTemplate):
1222         * bindings/scripts/test/V8/V8TestException.cpp:
1223         (WebCore):
1224         (WebCore::ConfigureV8TestExceptionTemplate):
1225         * bindings/scripts/test/V8/V8TestInterface.cpp:
1226         (WebCore):
1227         (WebCore::ConfigureV8TestInterfaceTemplate):
1228         * bindings/scripts/test/V8/V8TestMediaQueryListListener.cpp:
1229         (WebCore):
1230         (WebCore::ConfigureV8TestMediaQueryListListenerTemplate):
1231         * bindings/scripts/test/V8/V8TestNamedConstructor.cpp:
1232         (WebCore::ConfigureV8TestNamedConstructorTemplate):
1233         * bindings/scripts/test/V8/V8TestNode.cpp:
1234         (WebCore::ConfigureV8TestNodeTemplate):
1235         * bindings/scripts/test/V8/V8TestObj.cpp:
1236         (WebCore):
1237         (WebCore::ConfigureV8TestObjTemplate):
1238         (WebCore::V8TestObj::installPerContextProperties):
1239         * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.cpp:
1240         (WebCore):
1241         (WebCore::ConfigureV8TestSerializedScriptValueInterfaceTemplate):
1242         * bindings/v8/V8Binding.h:
1243         * bindings/v8/V8ConfigureDOMAttributesAndMethods.h: Removed.
1244         * bindings/v8/V8DOMConfiguration.cpp: Renamed from Source/WebCore/bindings/v8/V8ConfigureDOMAttributesAndMethods.cpp.
1245         (WebCore):
1246         (WebCore::V8DOMConfiguration::batchConfigureAttributes):
1247         (WebCore::V8DOMConfiguration::batchConfigureConstants):
1248         (WebCore::V8DOMConfiguration::batchConfigureCallbacks):
1249         (WebCore::V8DOMConfiguration::configureTemplate):
1250         * bindings/v8/V8DOMConfiguration.h: Added.
1251         (WebCore):
1252         (V8DOMConfiguration):
1253         (BatchedAttribute):
1254         (WebCore::V8DOMConfiguration::configureAttribute):
1255         (BatchedConstant):
1256         (BatchedCallback):
1257
1258 2012-08-10  Andreas Kling  <kling@webkit.org>
1259
1260         CSS: Shrink RuleData by storing selector as index rather than pointer.
1261         <http://webkit.org/b/93712>
1262
1263         Reviewed by Antti Koivisto.
1264
1265         Pack the selector's index in the rule in the RuleData bitfield, effectively
1266         shrinking each RuleData by 8 bytes.
1267
1268         * css/CSSSelectorList.h:
1269         (WebCore::CSSSelectorList::selectorAt):
1270         (WebCore::CSSSelectorList::indexOfNextSelectorAfter):
1271
1272             Add helpers to CSSSelectorList to iterate by index.
1273
1274         * css/StyleResolver.cpp:
1275         (RuleData):
1276         (WebCore::RuleData::selector):
1277         (WebCore::RuleData::selectorIndex):
1278         (SameSizeAsRuleData):
1279         (RuleSet):
1280         (WebCore::makeRuleSet):
1281         (WebCore::StyleResolver::collectMatchingRulesForList):
1282         * css/StyleResolver.h:
1283         (WebCore::StyleResolver::RuleFeature::RuleFeature):
1284         (RuleFeature):
1285
1286             Store selector indices instead of CSSSelector* pointers.
1287
1288 2012-08-10  Vineet Chaudhary  <rgf748@motorola.com>
1289
1290         Remove custom bindings from WaveShaperNode.
1291         https://bugs.webkit.org/show_bug.cgi?id=93613
1292
1293         Reviewed by Kentaro Hara.
1294
1295         We should remove custom bindings as CodeGenerator uses UNUSED_PARAM macro.
1296
1297         TestObj.idl
1298         No behavioural changes.
1299         All tests under webaudio/* should behave same.
1300
1301         * GNUmakefile.list.am: Removed JSWaveShaperNodeCustom.cpp from builds.
1302         * Modules/webaudio/WaveShaperNode.idl: Removed [JSCustomSetter].
1303         * UseJSC.cmake: Removed JSWaveShaperNodeCustom.cpp from builds.
1304         * WebCore.xcodeproj/project.pbxproj: Ditto.
1305         * bindings/js/JSWaveShaperNodeCustom.cpp: Removed.
1306         * bindings/scripts/CodeGeneratorCPP.pm:
1307         (SkipAttribute): Skip TypedArray attribute.
1308         * bindings/scripts/CodeGeneratorGObject.pm:
1309         (SkipAttribute): Skip TypedArray attribute.
1310         * bindings/scripts/CodeGeneratorObjC.pm:
1311         (SkipAttribute): Skip TypedArray attribute.
1312         * bindings/scripts/test/JS/JSTestObj.cpp: Bindings tests.
1313         (WebCore::jsTestObjTypedArrayAttr):
1314         (WebCore::setJSTestObjReflectedCustomURLAttr):
1315         (WebCore::setJSTestObjTypedArrayAttr):
1316         * bindings/scripts/test/JS/JSTestObj.h:
1317         * bindings/scripts/test/TestObj.idl: Test.
1318         * bindings/scripts/test/V8/V8TestObj.cpp: Bindings tests.
1319         (WebCore::TestObjV8Internal::typedArrayAttrAttrGetter):
1320         (TestObjV8Internal):
1321         (WebCore::TestObjV8Internal::typedArrayAttrAttrSetter):
1322
1323 2012-08-10  Huang Dongsung  <luxtella@company100.net>
1324
1325         REGRESSION (r123848): Heap-use-after-free in WebCore::CachedResource::didAddClient.
1326         https://bugs.webkit.org/show_bug.cgi?id=93632
1327         -and corresponding-
1328         <http://crbug.com/140656>
1329
1330         Reviewed by Antti Koivisto.
1331
1332         CachedCSSStyleSheet::didAddClient() calls CachedStyleSheetClient::setCSSStyleSheet
1333         and HTMLLnkElement can be CachedStyleSheetClient.
1334         HTMLLinkElement::setCSSStyleSheet may cause scripts to be executed, which could
1335         destroy the HTMLLinkElement instance. After calliing
1336         CachedStyleSheetClient::setCSSStyleSheet, using the CachedStyleSheetClient
1337         instance can cause Heap-use-after-free.
1338
1339         r115625 prevents HTMLLinkElement from being destroyed during
1340         HTMLLinkElement::setCSSStyleSheet, but r115625 doesn't prevent HTMLLinkElement
1341         from being destroyed after HTMLLinkElement::setCSSStyleSheet.
1342
1343         So this patch calls CachedResource::didAddClient() before calling
1344         setCSSStyleSheet() to make sure its client is not destroyed.
1345
1346         No new tests. it's covered by fast/css/cached-sheet-restore-crash.html.
1347
1348         * loader/cache/CachedCSSStyleSheet.cpp:
1349         (WebCore::CachedCSSStyleSheet::didAddClient):
1350
1351 2012-08-10  Kevin Ellis  <kevers@chromium.org>
1352
1353         Horizontal scrollbar appears in the month-year selector of input[type=date]
1354         https://bugs.webkit.org/show_bug.cgi?id=93517
1355
1356         Reviewed by Kent Tamura.
1357
1358         Update size of the month-year selector popup to account for the
1359         width of the vertical scrollbar being platform dependent.
1360
1361         * Resources/calendarPicker.css:
1362         (.month-selector-popup): Suppress horizontal scrolling.
1363         * Resources/calendarPicker.js:
1364         (YearMonthController.prototype.attachTo): Add a sizer element to facilitate determining the scrollbar width.
1365         (YearMonthController.prototype._showPopup): Use computed scrollbar width for popup resizing.
1366
1367 2012-08-10  Alexander Pavlov  <apavlov@chromium.org>
1368
1369         Web Inspector: Unreviewed, fix frontend compilability after r125268.
1370
1371         * inspector/front-end/CSSStyleModel.js:
1372         (WebInspector.NamedFlow):
1373         (WebInspector.NamedFlow.parsePayloadArray):
1374
1375 2012-08-10  Martin Leutelt  <martin.leutelt@basyskom.com>
1376
1377         [Qt] Dotted borders not drawn with rounded dots
1378         https://bugs.webkit.org/show_bug.cgi?id=92383
1379
1380         Reviewed by Noam Rosenthal.
1381
1382         The dots in borders with dotted style were previously drawn with
1383         rectangular dots. The CSS spec specifies that the dots should be
1384         rounded dots. This patch fixes this behavior for the Qt port.
1385
1386         No new tests, existing ones have been updated with new expected
1387         results.
1388
1389         * platform/graphics/qt/GraphicsContextQt.cpp:
1390         (WebCore::adjustPointsForDottedLine):
1391         (WebCore):
1392         (WebCore::drawLineEndpointsForStyle):
1393         (WebCore::GraphicsContext::drawLine):
1394
1395 2012-08-10  Pavel Feldman  <pfeldman@chromium.org>
1396
1397         Web Inspector: render arrays as dir in case they were logged into console prior to the front-end opening.
1398         https://bugs.webkit.org/show_bug.cgi?id=93713
1399
1400         Reviewed by Vsevolod Vlasov.
1401
1402         Dumping potentially outdated arrays using the "dir" representation.
1403
1404         * inspector/front-end/ConsoleMessage.js:
1405         (WebInspector.ConsoleMessageImpl):
1406         (WebInspector.ConsoleMessageImpl.prototype._formatParameterAsArray):
1407         (WebInspector.ConsoleMessageImpl.prototype.clone):
1408         * inspector/front-end/ConsoleModel.js:
1409         (WebInspector.ConsoleModel.prototype.enableAgent.callback):
1410         (WebInspector.ConsoleModel.prototype.enablingConsole):
1411         (WebInspector.ConsoleMessage.create):
1412         (WebInspector.ConsoleDispatcher.prototype.messageAdded):
1413         * inspector/front-end/ConsoleView.js:
1414         (WebInspector.ConsoleMessage.create):
1415
1416 2012-08-10  Dana Jansens  <danakj@chromium.org>
1417
1418         [chromium] Fix the colors in the debugging HUD
1419         https://bugs.webkit.org/show_bug.cgi?id=93656
1420
1421         Reviewed by Adrienne Walker.
1422
1423         The R and B channels became swapped in our compositor debug HUD when
1424         wkb.ug/92182 happened. This corrects the problem by swizzling the
1425         color channels when we draw to the SkCanvas, so that it matches the
1426         expectations of the shader.
1427
1428         Chromium bug: crbug.com/139908
1429
1430         * platform/graphics/chromium/cc/CCFontAtlas.cpp:
1431         (WebCore::CCFontAtlas::drawText):
1432         (WebCore::CCFontAtlas::drawOneLineOfTextInternal):
1433         * platform/graphics/chromium/cc/CCFontAtlas.h:
1434         (CCFontAtlas):
1435         * platform/graphics/chromium/cc/CCHeadsUpDisplayLayerImpl.cpp:
1436         (WebCore::createPaint):
1437         (WebCore):
1438         (WebCore::CCHeadsUpDisplayLayerImpl::drawHudContents):
1439         (WebCore::CCHeadsUpDisplayLayerImpl::drawFPSCounter):
1440         (WebCore::CCHeadsUpDisplayLayerImpl::drawFPSCounterText):
1441         (WebCore::CCHeadsUpDisplayLayerImpl::drawDebugRects):
1442
1443 2012-08-10  Dana Jansens  <danakj@chromium.org>
1444
1445         [chromium] Remove scissor from the namings in CCOcclusionTracker
1446         https://bugs.webkit.org/show_bug.cgi?id=93630
1447
1448         Reviewed by Adrienne Walker.
1449
1450         As a followup to wkb.ug/91800 which stops using partial-swap scissor
1451         in the occlusion tracker, this does a large rename to the occlusion
1452         tracker and affected tests to remove "scissor" from the names of its
1453         variables and methods, instead reflecting their new behaviour.
1454
1455         * platform/graphics/chromium/cc/CCOcclusionTracker.cpp:
1456         (WebCore::::CCOcclusionTrackerBase):
1457         (WebCore::addOcclusionBehindLayer):
1458         (WebCore::::markOccludedBehindLayer):
1459         (WebCore::testContentRectOccluded):
1460         (WebCore::::occluded):
1461         (WebCore::computeUnoccludedContentRect):
1462         (WebCore::::unoccludedContentRect):
1463         (WebCore::::unoccludedContributingSurfaceContentRect):
1464         (WebCore::::layerClipRectInTarget):
1465         (WebCore):
1466         * platform/graphics/chromium/cc/CCOcclusionTracker.h:
1467         (CCOcclusionTrackerBase):
1468         (WebCore::CCOcclusionTrackerBase::computeVisibleRegionInScreen):
1469
1470 2012-08-10  Jon Lee  <jonlee@apple.com>
1471
1472         Change Notification.permissionLevel() to Notification.permission
1473         https://bugs.webkit.org/show_bug.cgi?id=88919
1474         <rdar://problem/11650319>
1475
1476         Reviewed by Kentaro Hara.
1477
1478         Retrieving the permission level has changed to Notification.permission, per this discussion:
1479         http://lists.w3.org/Archives/Public/public-web-notification/2012Jun/0000.html
1480
1481         Test: fast/notifications/notifications-permission.html
1482
1483         * Modules/notifications/Notification.cpp: Rename to match attribute name.
1484         (WebCore::Notification::permission):
1485         * Modules/notifications/Notification.h: Rename to match attribute name.
1486         (Notification):
1487         * Modules/notifications/Notification.idl: Change to static readonly attribute.
1488
1489 2012-08-10  Kentaro Hara  <haraken@chromium.org>
1490
1491         [V8] Remove collectIsolatedContexts() from V8Proxy
1492         https://bugs.webkit.org/show_bug.cgi?id=93682
1493
1494         Reviewed by Adam Barth.
1495
1496         We want to remove V8Proxy. This patch removes V8Proxy::collectIsolatedContexts().
1497
1498         No tests. No change in behavior.
1499
1500         * bindings/v8/ScriptController.cpp:
1501         (WebCore::ScriptController::collectIsolatedContexts):
1502         * bindings/v8/V8Proxy.cpp:
1503         (WebCore::V8Proxy::collectIsolatedContexts):
1504
1505 2012-08-10  Simon Hausmann  <simon.hausmann@nokia.com>
1506
1507         [Qt] Unreviewed trivial build fix: Avoid passing a non-existance WebCore/websockets directory
1508         to the generators, which produces unnecessary warnings. The module lives now in WebCore/Modules/websockets.
1509
1510         * DerivedSources.pri:
1511
1512 2012-08-10  Andrey Kosyakov  <caseq@chromium.org>
1513
1514         Web Inspector: add frame ids to TimeStamp, Time and TimeEnd records in Timeline
1515         https://bugs.webkit.org/show_bug.cgi?id=93699
1516
1517         Reviewed by Pavel Feldman.
1518
1519         - plumb Frame from Console to TimelineAgent and use it to add frameId to 3 timeline records;
1520
1521         * inspector/InspectorConsoleInstrumentation.h:
1522         (WebCore::InspectorInstrumentation::startConsoleTiming):
1523         (WebCore::InspectorInstrumentation::stopConsoleTiming):
1524         (WebCore::InspectorInstrumentation::consoleTimeStamp):
1525         * inspector/InspectorInstrumentation.cpp:
1526         (WebCore):
1527         (WebCore::InspectorInstrumentation::startConsoleTimingImpl):
1528         (WebCore::InspectorInstrumentation::stopConsoleTimingImpl):
1529         (WebCore::InspectorInstrumentation::consoleTimeStampImpl):
1530         * inspector/InspectorInstrumentation.h:
1531         (InspectorInstrumentation):
1532         * inspector/InspectorTimelineAgent.cpp:
1533         (WebCore::InspectorTimelineAgent::didTimeStamp):
1534         (WebCore::InspectorTimelineAgent::time):
1535         (WebCore::InspectorTimelineAgent::timeEnd):
1536         * inspector/InspectorTimelineAgent.h:
1537         (InspectorTimelineAgent):
1538         * page/Console.cpp:
1539         (WebCore::Console::markTimeline):
1540         (WebCore::Console::time):
1541         (WebCore::Console::timeEnd):
1542         (WebCore::Console::timeStamp):
1543
1544 2012-08-10  Simon Hausmann  <simon.hausmann@nokia.com>
1545
1546         [Qt] Fix failing assertions when using JSC C API in QObject bridge
1547         https://bugs.webkit.org/show_bug.cgi?id=93720
1548
1549         Reviewed by Kenneth Rohde Christiansen.
1550
1551         Avoid calling JSValueProtect and JSValueIsEqual with null JSValueRefs, as in debug
1552         builds they trigger failing assertions about the arguments being non-null.
1553
1554         In these signal & slot connections the receiver can be null, when the signal is connected
1555         just to a function, for example using obj.mySignal.connect(function() { .... }).
1556
1557         * bridge/qt/qt_runtime.cpp:
1558         (JSC::Bindings::QtConnectionObject::QtConnectionObject):
1559         (JSC::Bindings::QtConnectionObject::~QtConnectionObject):
1560         (JSC::Bindings::QtConnectionObject::match):
1561
1562 2012-08-10  Simon Hausmann  <simon.hausmann@nokia.com>
1563
1564         [Qt] Remove QRegExp <> JS RegExp conversion
1565         https://bugs.webkit.org/show_bug.cgi?id=93716
1566
1567         Reviewed by Kenneth Rohde Christiansen.
1568
1569         Removed automatic conversion between QRegExp and JS regular expressions. The semantics
1570         between the expressions are totally different, which can cause data loss and unexpected
1571         behaviour. QJSEngine/Value doesn't have this conversion anymore neither.
1572
1573         * bridge/qt/qt_runtime.cpp:
1574         (JSC::Bindings::operator<<):
1575         (JSC::Bindings::valueRealType):
1576         (JSC::Bindings::convertValueToQVariant):
1577         (JSC::Bindings::convertQVariantToValue):
1578
1579 2012-08-10  Andrey Kosyakov  <caseq@chromium.org>
1580
1581         Web Inspector: console.timeStamp() marked are not shown in Timeline overview
1582         https://bugs.webkit.org/show_bug.cgi?id=93697
1583
1584         Reviewed by Pavel Feldman.
1585
1586         - ignore frameId on TimeStamp records, consider it's always an event divider.
1587
1588         * inspector/front-end/TimelinePresentationModel.js:
1589         (WebInspector.TimelinePresentationModel.isEventDivider):
1590
1591 2012-08-10  Mihnea Ovidenie  <mihnea@adobe.com>
1592
1593         [CSS Regions] region-overflow: break still renders the content that does not fit in the last region.
1594         https://bugs.webkit.org/show_bug.cgi?id=92996
1595
1596         Reviewed by Julien Chaffraix.
1597
1598         Flow content that follows the last break in the last region, if any, should not be rendered
1599         for the regions with region-overflow: break.
1600         http://www.w3.org/TR/css3-regions/#the-region-overflow-property
1601
1602         Modified the expected result for existing test fast/regions/region-overflow-break.html
1603         to reflect the correct behavior.
1604
1605         * rendering/RenderRegion.cpp:
1606         (WebCore::RenderRegion::regionOversetRect):
1607
1608 2012-08-10  Andrei Poenaru  <poenaru@adobe.com>
1609
1610         Web Inspector: Protocol Extension: Refactor protocol extension for CSS Regions
1611         https://bugs.webkit.org/show_bug.cgi?id=92089
1612
1613         Reviewed by Pavel Feldman.
1614
1615         Replaced "WebKitNamedFlowCollection::namedFlowsNames" with "WebKitNamedFlowCollection::namedFlows" to return a Vector of "WebKitNamedFlow"s,
1616         instead of a Vector of Strings.
1617
1618         Added the "Region" type to Inspector.json.
1619         Changed the "NamedFlow" type and the "getNamedFlowCollection" function in Inspector.json.
1620
1621         Modified existing test: inspector/styles/protocol-css-regions-commands.html
1622
1623         * dom/WebKitNamedFlowCollection.cpp:
1624         (WebCore::WebKitNamedFlowCollection::namedFlows):
1625         * dom/WebKitNamedFlowCollection.h:
1626         (WebKitNamedFlowCollection):
1627         * inspector/Inspector.json:
1628         * inspector/InspectorCSSAgent.cpp:
1629         (WebCore::InspectorCSSAgent::getNamedFlowCollection):
1630         (WebCore::InspectorCSSAgent::getFlowByName):
1631         (WebCore::InspectorCSSAgent::buildArrayForRegions):
1632         (WebCore):
1633         (WebCore::InspectorCSSAgent::buildObjectForNamedFlow):
1634         * inspector/InspectorCSSAgent.h:
1635         (InspectorCSSAgent):
1636         * inspector/InspectorDOMAgent.cpp:
1637         (WebCore::InspectorDOMAgent::pushNodeToFrontend):
1638         (WebCore):
1639         * inspector/InspectorDOMAgent.h:
1640         (InspectorDOMAgent):
1641         * inspector/front-end/CSSStyleModel.js:
1642         (WebInspector.CSSStyleModel.prototype.getNamedFlowCollectionAsync):
1643         (WebInspector.NamedFlow):
1644         (WebInspector.NamedFlow.parsePayloadArray):
1645
1646 2012-08-10  Keishi Hattori  <keishi@webkit.org>
1647
1648         Resize calandar and color suggestion popups to show error message
1649         https://bugs.webkit.org/show_bug.cgi?id=93695
1650
1651         Reviewed by Kent Tamura.
1652
1653         r125169 made PagePopupClient::contentSize() return zero size and so to
1654         see the error message, we need to resize the page popup.
1655
1656         No new tests. Not user facing.
1657
1658         * Resources/calendarPicker.js:
1659         (resizeWindow): Resizes popup window to given size.
1660         (showMain): Initiates transition to show the main element.
1661         (initialize):
1662         (fixWindowSize):
1663         * Resources/colorSuggestionPicker.js:
1664         (resizeWindow):
1665         (initialize):
1666         (ColorPicker.prototype._layout):
1667
1668 2012-08-10  Yury Semikhatsky  <yurys@chromium.org>
1669
1670         Web Inspector: further ResourceLoader memory instrumentation
1671         https://bugs.webkit.org/show_bug.cgi?id=93692
1672
1673         Reviewed by Vsevolod Vlasov.
1674
1675         Added missing parts to ResourceLoader and its descendants memory instrumentation.
1676         Added special logic for KURL and report the urls where we have them in instrumented classes.
1677
1678         * CMakeLists.txt:
1679         * GNUmakefile.list.am:
1680         * Target.pri:
1681         * WebCore.gypi:
1682         * WebCore.vcproj/WebCore.vcproj:
1683         * WebCore.xcodeproj/project.pbxproj:
1684         * css/StyleSheetContents.cpp:
1685         (WebCore::StyleSheetContents::reportMemoryUsage):
1686         * dom/Document.cpp:
1687         (WebCore::Document::reportMemoryUsage):
1688         * dom/MemoryInstrumentation.cpp:
1689         (WebCore::MemoryInstrumentation::addObject):
1690         (WebCore):
1691         * dom/MemoryInstrumentation.h:
1692         (WebCore):
1693         (MemoryInstrumentation):
1694         (WebCore::MemoryClassInfo::addMember):
1695         * loader/MainResourceLoader.cpp:
1696         (WebCore::MainResourceLoader::reportMemoryUsage):
1697         (WebCore):
1698         * loader/MainResourceLoader.h:
1699         (MainResourceLoader):
1700         * loader/SubresourceLoader.cpp:
1701         (WebCore::SubresourceLoader::reportMemoryUsage):
1702         (WebCore):
1703         * loader/SubresourceLoader.h:
1704         (SubresourceLoader):
1705         * loader/SubstituteData.cpp: Copied from Source/WebCore/dom/MemoryInstrumentation.cpp.
1706         (WebCore):
1707         (WebCore::SubstituteData::reportMemoryUsage):
1708         * loader/SubstituteData.h:
1709         (WebCore):
1710         (SubstituteData):
1711
1712 2012-08-10  Yoshifumi Inoue  <yosin@chromium.org>
1713
1714         [Forms] Introduce shadow elements for multiple fields time input UI
1715         https://bugs.webkit.org/show_bug.cgi?id=92960
1716
1717         Reviewed by Kent Tamura.
1718
1719         This patch introduces shadow elements for multiple fields time input UI:
1720             - DateTimeAMPMFieldElement - field UI for AM/PM
1721             - DateTimeEditElement - container of multiple DateTimeFieldElement
1722             - DateTimeFieldElement - base class of field UI
1723             - DateTimeHourFieldElement - field UI for hour
1724             - DateTimeMillisecondFieldElement - field UI for millisecond
1725             - DateTimeMinuteFieldElement - field UI for minute
1726             - DateTimeNumericFieldElement - base class of numeric field UI.
1727             - DateTimeSecondFieldElement - field UI for second
1728             - DateTimeSymbolicFieldElement - base class for symbolic field UI
1729         inside of ENABLE_INPUT_TYPE_TIME_MULTIPLE_FIELDS build flag.
1730
1731         No new tests. This patch doesn't change behavior.
1732
1733         * WebCore.gypi: Changed to include html/shadow/DateTimeEditElement.cpp,
1734         html/shadow/DateTimeEdditElement.h, html/shadow/DateTimeFieldElement.cpp,
1735         html/shadow/DateTimeFieldElement.h, html/shadow/DateTimeFieldElements.cpp,
1736         html/shadow/DateTimeFieldElements.h, html/shadow/DateTimeNumericFieldElement.cpp,
1737         html/shadow/DateTimeNumericFieldElement.h, html/shadow/DateTimeSymbolicFieldElement.cpp,
1738         and html/shadow/DateTimeSymbolicFieldElement.h.
1739         * html/shadow/DateTimeEditElement.cpp: Added.
1740         (DateTimeEditBuilder):
1741         (WebCore::DateTimeEditBuilder::DateTimeEditBuilder):
1742         (WebCore::DateTimeEditBuilder::build):
1743         (WebCore::DateTimeEditBuilder::needMillisecondField):
1744         (WebCore::DateTimeEditBuilder::needMinuteField):
1745         (WebCore::DateTimeEditBuilder::needSecondField):
1746         (WebCore::DateTimeEditBuilder::shouldMillisecondFieldReadOnly):
1747         (WebCore::DateTimeEditBuilder::shouldMinuteFieldReadOnly):
1748         (WebCore::DateTimeEditBuilder::shouldSecondFieldReadOnly):
1749         (WebCore::DateTimeEditBuilder::visitField):
1750         (WebCore::DateTimeEditBuilder::visitLiteral):
1751         (WebCore::DateTimeEditElement::EditControlOwner::~EditControlOwner):
1752         (WebCore::DateTimeEditElement::DateTimeEditElement):
1753         (WebCore::DateTimeEditElement::~DateTimeEditElement):
1754         (WebCore::DateTimeEditElement::addField):
1755         (WebCore::DateTimeEditElement::create):
1756         (WebCore::DateTimeEditElement::disabledStateChanged): Called when owner's disabled state is changed.
1757         (WebCore::DateTimeEditElement::fieldAt):
1758         (WebCore::DateTimeEditElement::focusFieldAt):
1759         (WebCore::DateTimeEditElement::handleKeyboardEvent):
1760         (WebCore::DateTimeEditElement::fieldValueChanged):
1761         (WebCore::DateTimeEditElement::focusOnNextField):
1762         (WebCore::DateTimeEditElement::handleMouseEvent):
1763         (WebCore::DateTimeEditElement::isDisabled):
1764         (WebCore::DateTimeEditElement::isReadOnly):
1765         (WebCore::DateTimeEditElement::layout):
1766         (WebCore::DateTimeEditElement::nextFieldIndex):
1767         (WebCore::DateTimeEditElement::previousFieldIndex):
1768         (WebCore::DateTimeEditElement::readOnlyStateChanged): Called when owner's readOnly state is changed.
1769         (WebCore::DateTimeEditElement::resetLayout):
1770         (WebCore::DateTimeEditElement::defaultEventHandler):
1771         (WebCore::DateTimeEditElement::setValueAsDate):
1772         (WebCore::DateTimeEditElement::setEmptyValue):
1773         (WebCore::DateTimeEditElement::spinButtonStepDown):
1774         (WebCore::DateTimeEditElement::spinButtonStepUp):
1775         (WebCore::DateTimeEditElement::updateUIState):
1776         (WebCore::DateTimeEditElement::valueAsDouble):
1777         * html/shadow/DateTimeEditElement.h: Added.
1778         (DateTimeEditElement):
1779         (EditControlOwner):
1780         (WebCore::DateTimeEditElement::removeEditControlOwner):
1781         * html/shadow/DateTimeFieldElement.cpp: Added.
1782         (WebCore::DateTimeFieldElement::FieldEventHandler::~FieldEventHandler):
1783         (WebCore::DateTimeFieldElement::DateTimeFieldElement):
1784         (WebCore::DateTimeFieldElement::defaultEventHandler):
1785         (WebCore::DateTimeFieldElement::defaultKeyboardEventHandler):
1786         (WebCore::DateTimeFieldElement::focusOnNextField):
1787         (WebCore::DateTimeFieldElement::initialize):
1788         (WebCore::DateTimeFieldElement::isReadOnly):
1789         (WebCore::DateTimeFieldElement::setReadOnly):
1790         (WebCore::DateTimeFieldElement::updateVisibleValue):
1791         (WebCore::DateTimeFieldElement::valueAsDouble):
1792         * html/shadow/DateTimeFieldElement.h: Added.
1793         (DateTimeFieldElement):
1794         (FieldEventHandler):
1795         (WebCore::DateTimeFieldElement::removeEventHandler):
1796         * html/shadow/DateTimeFieldElements.cpp: Added.
1797         (WebCore::DateTimeAMPMFieldElement::DateTimeAMPMFieldElement):
1798         (WebCore::DateTimeAMPMFieldElement::create):
1799         (WebCore::DateTimeAMPMFieldElement::setValueAsDate):
1800         (WebCore::DateTimeAMPMFieldElement::unitInMillisecond):
1801         (WebCore::DateTimeHourFieldElement::DateTimeHourFieldElement):
1802         (WebCore::DateTimeHourFieldElement::create):
1803         (WebCore::DateTimeHourFieldElement::setValueAsDate):
1804         (WebCore::DateTimeHourFieldElement::setValueAsInteger):
1805         (WebCore::DateTimeHourFieldElement::unitInMillisecond):
1806         (WebCore::DateTimeHourFieldElement::valueAsInteger):
1807         (WebCore::DateTimeMillisecondFieldElement::DateTimeMillisecondFieldElement):
1808         (WebCore::DateTimeMillisecondFieldElement::create):
1809         (WebCore::DateTimeMillisecondFieldElement::setValueAsDate):
1810         (WebCore::DateTimeMillisecondFieldElement::unitInMillisecond):
1811         (WebCore::DateTimeMinuteFieldElement::DateTimeMinuteFieldElement):
1812         (WebCore::DateTimeMinuteFieldElement::create):
1813         (WebCore::DateTimeMinuteFieldElement::setValueAsDate):
1814         (WebCore::DateTimeMinuteFieldElement::unitInMillisecond):
1815         (WebCore::DateTimeSecondFieldElement::DateTimeSecondFieldElement):
1816         (WebCore::DateTimeSecondFieldElement::create):
1817         (WebCore::DateTimeSecondFieldElement::setValueAsDate):
1818         (WebCore::DateTimeSecondFieldElement::unitInMillisecond):
1819         * html/shadow/DateTimeFieldElements.h: Added.
1820         (DateTimeAMPMFieldElement):
1821         (DateTimeHourFieldElement):
1822         (DateTimeMillisecondFieldElement):
1823         (DateTimeMinuteFieldElement):
1824         (DateTimeSecondFieldElement):
1825         * html/shadow/DateTimeNumericFieldElement.cpp: Added.
1826         (WebCore::displaySizeOfNumber):
1827         (WebCore::DateTimeNumericFieldElement::Range::Range):
1828         (WebCore::DateTimeNumericFieldElement::Range::clumpValue):
1829         (WebCore::DateTimeNumericFieldElement::DateTimeNumericFieldElement):
1830         (WebCore::DateTimeNumericFieldElement::handleKeyboardEvent):
1831         (WebCore::DateTimeNumericFieldElement::hasValue):
1832         (WebCore::DateTimeNumericFieldElement::setEmptyValue):
1833         (WebCore::DateTimeNumericFieldElement::setValueAsInteger):
1834         (WebCore::DateTimeNumericFieldElement::stepDown):
1835         (WebCore::DateTimeNumericFieldElement::stepUp):
1836         (WebCore::DateTimeNumericFieldElement::value):
1837         (WebCore::DateTimeNumericFieldElement::valueAsInteger):
1838         (WebCore::DateTimeNumericFieldElement::visibleValue):
1839         * html/shadow/DateTimeNumericFieldElement.h: Added.
1840         (DateTimeNumericFieldElement):
1841         (WebCore::DateTimeNumericFieldElement::clumpValue):
1842         (WebCore::DateTimeNumericFieldElement::range):
1843         * html/shadow/DateTimeSymbolicFieldElement.cpp: Added.
1844         (WebCore::DateTimeSymbolicFieldElement::DateTimeSymbolicFieldElement):
1845         (WebCore::DateTimeSymbolicFieldElement::handleKeyboardEvent):
1846         (WebCore::DateTimeSymbolicFieldElement::hasValue):
1847         (WebCore::DateTimeSymbolicFieldElement::setEmptyValue):
1848         (WebCore::DateTimeSymbolicFieldElement::setValueAsInteger):
1849         (WebCore::DateTimeSymbolicFieldElement::stepDown):
1850         (WebCore::DateTimeSymbolicFieldElement::stepUp):
1851         (WebCore::DateTimeSymbolicFieldElement::value):
1852         (WebCore::DateTimeSymbolicFieldElement::valueAsInteger):
1853         (WebCore::DateTimeSymbolicFieldElement::visibleValue):
1854         * html/shadow/DateTimeSymbolicFieldElement.h: Added.
1855         (DateTimeSymbolicFieldElement):
1856
1857 2012-08-10  Tony Chang  <tony@chromium.org>
1858
1859         implement display: -webkit-inline-flex
1860         https://bugs.webkit.org/show_bug.cgi?id=77772
1861
1862         Reviewed by Ojan Vafai.
1863
1864         The crashes last time were because we were marking too much of the tree for relayout. During some editing
1865         operations, this causes a layout when we're in an inconsistent state.
1866
1867         Tests: css3/flexbox/inline-flex-crash.html
1868                css3/flexbox/inline-flex-crash2.html
1869                css3/flexbox/inline-flex.html
1870
1871         * rendering/RenderFlexibleBox.cpp:
1872         (WebCore::RenderFlexibleBox::computeMainAxisPreferredSizes): Only layout the child.
1873         (WebCore::RenderFlexibleBox::layoutAndPlaceChildren): Only layout the child.
1874         (WebCore::RenderFlexibleBox::applyStretchAlignmentToChild): Only layout the child.
1875         * rendering/style/RenderStyle.h: Include INLINE_FLEX as an inline and replaced display type.
1876
1877 2012-08-10  Vineet Chaudhary  <rgf748@motorola.com>
1878
1879         Moving the common code from CodegeneratorJS/V8.pm to Codegenerator.pm
1880         https://bugs.webkit.org/show_bug.cgi?id=93616
1881
1882         Reviewed by Adam Barth.
1883
1884         IsArrayType() IsConstructorTemplate() IsTypedArrayType() these methods
1885         has the common implementaion for both V8 and JS and can be moved to
1886         common place Codegenerator.pm
1887
1888         No new tests. There should be no behavioural changes.
1889
1890         * bindings/scripts/CodeGenerator.pm: Moved common code here.
1891         (IsArrayType):
1892         (IsConstructorTemplate):
1893         (IsSVGTypeWithWritablePropertiesNeedingTearOff):
1894         (IsTypedArrayType):
1895         * bindings/scripts/CodeGeneratorJS.pm:
1896         (AddIncludesForType):
1897         (AddClassForwardIfNeeded):
1898         (GenerateHeader):
1899         (GenerateParametersCheckExpression):
1900         (GenerateImplementation):
1901         (NativeToJSValue):
1902         (GenerateConstructorDeclaration):
1903         (GenerateConstructorDefinition):
1904         (IsConstructable):
1905         * bindings/scripts/CodeGeneratorV8.pm:
1906         (AddIncludesForType):
1907         (GenerateHeader):
1908         (GetHeaderClassInclude):
1909         (GenerateParametersCheckExpression):
1910         (GenerateImplementation):
1911         (GetTypeNameOfExternalTypedArray):
1912
1913 2012-08-10  Sheriff Bot  <webkit.review.bot@gmail.com>
1914
1915         Unreviewed, rolling out r125230 and r125238.
1916         http://trac.webkit.org/changeset/125230
1917         http://trac.webkit.org/changeset/125238
1918         https://bugs.webkit.org/show_bug.cgi?id=93698
1919
1920         Broke ChromiumOS browser tests. (Requested by yutak on
1921         #webkit).
1922
1923         * platform/graphics/chromium/TiledLayerChromium.cpp:
1924         (WebCore::TiledLayerChromium::setTexturePrioritiesInRect):
1925         (WebCore::TiledLayerChromium::updateContentRect):
1926         (WebCore::TiledLayerChromium::needsIdlePaint):
1927         (WebCore::TiledLayerChromium::idlePaintRect):
1928         * platform/graphics/chromium/cc/CCLayerTilingData.cpp:
1929         (WebCore::CCLayerTilingData::contentRectToTileIndices):
1930         (WebCore::CCLayerTilingData::setBounds):
1931         * platform/graphics/chromium/cc/CCPriorityCalculator.h:
1932
1933 2012-08-09  Carlos Garcia Campos  <cgarcia@igalia.com>
1934
1935         Handle SSL errors for SOUP
1936         https://bugs.webkit.org/show_bug.cgi?id=90267
1937
1938         Reviewed by Martin Robinson.
1939
1940         No new tests, this is covered by existing tests.
1941
1942         * platform/LocalizedStrings.h:
1943         (WebCore): Add unacceptableTLSCertificate() for SOUP.
1944         * platform/efl/LocalizedStringsEfl.cpp:
1945         (WebCore::unacceptableTLSCertificate):
1946         * platform/gtk/LocalizedStringsGtk.cpp:
1947         (WebCore::unacceptableTLSCertificate):
1948         * platform/network/ResourceHandle.h:
1949         * platform/network/soup/ResourceError.h:
1950         (WebCore::ResourceError::ResourceError): Add new constructor for
1951         SSL errors that receives a certificate and TLS errors.
1952         (WebCore::ResourceError::tlsErrors): Return TLS errors.
1953         (WebCore::ResourceError::certificate): Return the certificate.
1954         * platform/network/soup/ResourceHandleSoup.cpp:
1955         (HostTLSCertificates): Helper class to store certificates for a
1956         host.
1957         (WebCore::HostTLSCertificateSet::add): Add a new certificate.
1958         (WebCore::HostTLSCertificateSet::contains): Check whether
1959         certificate is stored.
1960         (WebCore::HostTLSCertificateSet::computeCertificateHash): Compute
1961         the SHA1 of the certificate data.
1962         (WebCore::allowsAnyHTTPSCertificateHosts): Global set to store
1963         hostnames for which SSL errors should be ignored.
1964         (WebCore::clientCertificates): Global map to store client
1965         certificates.
1966         (WebCore::hasUnignoredTLSErrors): Helper function to check whether
1967         current message contains TLS errors that shouldn't be ignored and
1968         certificate hasn't been approved already.
1969         (WebCore::sendRequestCallback): Finish the load with an error in
1970         case of SSL errors not handled by the SoupSession.
1971         (WebCore::ResourceHandle::setHostAllowsAnyHTTPSCertificate): Add
1972         the given hostname to the list of hosts for which SSL errors are
1973         ignored.
1974         (WebCore::ResourceHandle::setClientCertificate): Store the client
1975         certificate for the given host.
1976         (WebCore::ResourceHandle::setIgnoreSSLErrors): Set whether all SSL
1977         errors should be ignored.
1978
1979 2012-08-10  Arko Saha  <arko@motorola.com>
1980
1981         itemType.add should treat \t as a space.
1982         https://bugs.webkit.org/show_bug.cgi?id=92991
1983
1984         Reviewed by Ryosuke Niwa.
1985
1986         Earlier we used to append a space character i.e, ' ' to the string builder
1987         if the last character of input string is not a space character in addToken()
1988         method. We should add an space character if the last character of input is
1989         not a HTML Space character like, '\n', '\r', '\t', '\f' or ' '.
1990
1991         We can observe the same behavior in FireFox, Opera and IE. They also treat
1992         HTML space character as a space.
1993
1994         Test: fast/dom/MicroData/domsettabletokenlist-attributes-add-token.html
1995
1996         * html/DOMTokenList.cpp:
1997         (WebCore::DOMTokenList::addToken):
1998
1999 2012-08-10  Tony Chang  <tony@chromium.org>
2000
2001         Remove unused isFlexingChildren and make m_flexingChildren a local variable
2002         https://bugs.webkit.org/show_bug.cgi?id=93689
2003
2004         Reviewed by Ojan Vafai.
2005
2006         isFlexingChildren() is never called, so we can remove it.
2007
2008         m_flexingChildren is now only used locally, so remove the member variable and use a local variable.
2009
2010         No new tests, this is just a refactoring.
2011
2012         * rendering/RenderDeprecatedFlexibleBox.cpp:
2013         (WebCore::RenderDeprecatedFlexibleBox::RenderDeprecatedFlexibleBox):
2014         (WebCore::RenderDeprecatedFlexibleBox::layoutBlock):
2015         (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox): Make flexingChildren a local.
2016         (WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox): Make flexingChildren a local.
2017         (WebCore::RenderDeprecatedFlexibleBox::applyLineClamp): No need to set m_flexingChildren since it's not used
2018         outside of RenderDeprecatedFlexibleBox.
2019         * rendering/RenderDeprecatedFlexibleBox.h:
2020         (RenderDeprecatedFlexibleBox): Remove m_flexingChildren and don't bit pack the remaining bool since it doesn't
2021         do anything for 1 bool.
2022         * rendering/RenderObject.h:
2023
2024 2012-08-10  Sam D  <dsam2912@gmail.com>
2025
2026         Web Inspector: Search matches count view is flaky.
2027         https://bugs.webkit.org/show_bug.cgi?id=93451
2028
2029         Reviewed by Pavel Feldman.
2030
2031         Modified css properties for aligning search panel.
2032
2033         No new tests.UI change.
2034
2035         * inspector/front-end/inspector.css:
2036         (.search-results-matches):
2037
2038 2012-08-09  Simon Hausmann  <simon.hausmann@nokia.com>
2039
2040         [Qt] Remove support for __qt_sender__ in QObject bridge
2041         https://bugs.webkit.org/show_bug.cgi?id=93649
2042
2043         Reviewed by Kenneth Rohde Christiansen.
2044
2045         Support for __qt_sender__ has also been removed from QtScript/QJSEngine. The right
2046         JavaScript solution to the problem is Function.prototype.bind.
2047
2048         * bridge/qt/qt_instance.cpp:
2049         (Bindings):
2050         * bridge/qt/qt_instance.h:
2051         * bridge/qt/qt_runtime.cpp:
2052         (Bindings):
2053         (JSC::Bindings::QtConnectionObject::execute):
2054
2055 2012-08-09  Shane Stephens  <shanestephens@google.com>
2056
2057         Convert CSSParser's m_reusableSelectorVector to OwnPtr and rename to m_selectorVector.
2058         https://bugs.webkit.org/show_bug.cgi?id=93574
2059
2060         Reviewed by Ojan Vafai.
2061
2062         This is preparatory work for CSS Hierarchies (see wkb.ug/79939).
2063         CSS Hierarchies works by pushing selectorVectors onto a stack while nested selectorVectors are parsed.
2064         For this reason, the selectorVector in CSSParser can't be re-used between selector parses within a set of
2065         nested selectors. This patch wraps the selectorVector in an OwnPtr but does not otherwise modify its use.
2066
2067         Similarly, CSSParser::m_parsedProperties is converted from a direct ParsedPropertyVector included
2068         as a member of CSSParser to an OwnPtr.
2069
2070         Once Hierarchies are introduced, when a selectorVector is stacked a new one will be created 
2071         and stored in m_selectorVector (see wkb.ug/79939 for context). However, an accompanying unstacking
2072         mechanism ensures that selectorVectors will be reused in all circumstances where they currently are.
2073
2074         This patch also introduces a CSSSelectorVector typedef to simplify and improve readability of 
2075         type signatures in and around CSSParser.
2076
2077         No new tests as this patch doesn't introduce new functionality.
2078
2079         * css/CSSGrammar.y:
2080         * css/CSSParser.cpp:
2081         (WebCore::CSSParser::CSSParser):
2082         (WebCore::CSSParser::parseValue):
2083         (WebCore::CSSParser::parseColor):
2084         (WebCore::CSSParser::parseDeclaration):
2085         (WebCore):
2086         (WebCore::filterProperties):
2087         (WebCore::CSSParser::createStylePropertySet):
2088         (WebCore::CSSParser::addProperty):
2089         (WebCore::CSSParser::rollbackLastProperties):
2090         (WebCore::CSSParser::clearProperties):
2091         (WebCore::CSSParser::parse4Values):
2092         (WebCore::CSSParser::parseFlowThread):
2093         (WebCore::CSSParser::createFloatingSelectorVector):
2094         (WebCore::CSSParser::sinkFloatingSelectorVector):
2095         (WebCore::CSSParser::createStyleRule):
2096         (WebCore::CSSParser::createFontFaceRule):
2097         (WebCore::CSSParser::createPageRule):
2098         (WebCore::CSSParser::setReusableRegionSelectorVector):
2099         (WebCore::CSSParser::startDeclarationsForMarginBox):
2100         (WebCore::CSSParser::endDeclarationsForMarginBox):
2101         (WebCore::CSSParser::deleteFontFaceOnlyValues):
2102
2103         m_reusableSelectorVector renamed to m_selectorVector and wrapped in OwnPtr.
2104         m_parsedProperties wrapped in OwnPtr.
2105         * css/CSSParser.h:
2106         (WebCore::CSSParser::hasProperties):
2107         (WebCore::CSSParser::selectorVector): function renamed from reusableSelectorVector
2108         (CSSParser): 
2109         (WebCore::CSSParser::reusableRegionSelectorVector):
2110         * css/CSSParserValues.cpp:
2111         (WebCore::CSSParserSelector::adoptSelectorVector):
2112         * css/CSSParserValues.h: CSSSelectorVector typedef added
2113         (WebCore):
2114         (CSSParserSelector):
2115         * css/CSSSelectorList.cpp:
2116         (WebCore::CSSSelectorList::adoptSelectorVector):
2117         * css/CSSSelectorList.h:
2118         (CSSSelectorList):
2119         * css/SVGCSSParser.cpp:
2120         (WebCore::CSSParser::parseSVGValue):
2121         * css/StyleRule.cpp:
2122         (WebCore::StyleRuleRegion::StyleRuleRegion):
2123         * css/StyleRule.h:
2124         (WebCore::StyleRule::parserAdoptSelectorVector):
2125         (WebCore::StyleRulePage::parserAdoptSelectorVector):
2126         (WebCore::StyleRuleRegion::create):
2127         (StyleRuleRegion):
2128
2129 2012-08-02  Dominic Cooney  <dominicc@chromium.org>
2130
2131         SVGElementInstance should have EventTarget on the prototype chain
2132         https://bugs.webkit.org/show_bug.cgi?id=88232
2133
2134         Reviewed by Adam Barth.
2135
2136         SVG 1.1 specifies that SVGElementInstance has EventTarget as its
2137         parent interface:
2138         <http://www.w3.org/TR/SVG/struct.html#InterfaceSVGElementInstance>
2139         Match the spec by putting EventTarget on the prototype chain of
2140         SVGElementInstance instead of redundantly declaring
2141         addEventListener, removeEventListener and dispatchEvent on the
2142         SVGElementInstance interface. This is an incremental step to make
2143         all EventTargets do it this way, being tracked in bug 67312.
2144
2145         Covered by existing tests, eg
2146         svg/custom/use-instanceRoot-as-event-target.xhtml
2147
2148         * CMakeLists.txt: Finding base interface types requires
2149         searching directories with the IDLs of base interfaces.
2150         * DerivedSources.cpp: Add generated JSEventTarget.cpp.
2151         * DerivedSources.make: (Search paths again -- see CMakeLists.txt)
2152         * DerivedSources.pri: "
2153         * bindings/js/JSEventTargetCustom.cpp:
2154         (WebCore::toEventTarget): Try to unwrap EventTargets simply as
2155         EventTargets. When all EventTargets do this consistently this
2156         function will be simplified.
2157         * bindings/js/JSSVGElementInstanceCustom.cpp:
2158         (WebCore::JSSVGElementInstance::visitChildren): SVGElementInstance
2159         skips walking its event listener list because it forwards
2160         listeners to its corresponding element.
2161         * bindings/scripts/CodeGenerator.pm:
2162         (IsStrictSubtype): For finding what is an EventTarget based on
2163         parent interface.
2164         * bindings/scripts/CodeGeneratorJS.pm:
2165         (GenerateHeader): Extend the heuristic for what is an
2166         EventTarget. When all EventTargets are handled consistently this
2167         will be simplified.
2168         (GenerateImplementation):
2169         * bindings/scripts/CodeGeneratorV8.pm: Extend the heuristic for
2170         what is an EventTarget, and remove some of the special-casing for
2171         EventTarget.
2172         (GenerateHeader):
2173         (GetInternalFields):
2174         (GenerateImplementation):
2175         (BaseInterfaceName):
2176         (GenerateToV8Converters):
2177         (GetNativeType):
2178         (JSValueToNative):
2179         (GetV8HeaderName):
2180         * bindings/scripts/test/V8/V8Float64Array.cpp:
2181         (WebCore::V8Float64Array::wrapSlow): Add assertions.
2182         * bindings/scripts/test/V8/V8TestNode.cpp:
2183         (WebCore::V8TestNode::wrapSlow):
2184         * svg/SVGElementInstance.h: Must extend EventTarget first so that
2185         static_cast<EventTarget*>(elementInstance) is the same pointer as
2186         elementInstance, similar to how static_cast<Node*>(element) is the
2187         same pointer as element.
2188         * svg/SVGElementInstance.idl: Extend EventTarget; no longer need
2189         to declare add/removeEventListener and dispatchEvent.
2190
2191 2012-08-09  Vivek Galatage  <vivekgalatage@gmail.com>
2192
2193         Web Inspector: Remove unused method InspectorResourceAgent::clearCache from Resource Agent.
2194         https://bugs.webkit.org/show_bug.cgi?id=93675
2195
2196         Reviewed by Pavel Feldman.
2197
2198         Removing unused method declaration for clearCache in InspectorResourceAgent. It's marked as FIXME.
2199         Hence cleaning up.
2200
2201         No new tests as cleanup.
2202
2203         * inspector/InspectorResourceAgent.h:
2204         (InspectorResourceAgent):
2205
2206 2012-08-09  Peter Rybin  <peter.rybin@gmail.com>
2207
2208         Web Inspector: CodeGeneratorInspector.py: add complete support for TypeBuilder::Array
2209         https://bugs.webkit.org/show_bug.cgi?id=93559
2210
2211         Reviewed by Pavel Feldman.
2212
2213         Missing binding methods are added to templates. Core assert methods are declared in a helper class now.
2214
2215         * inspector/CodeGeneratorInspector.py:
2216         (RawTypes.BaseType.generate_validate_method):
2217         (RawTypes.BaseType.get_raw_validator_call_text):
2218         (RawTypes.generate_validate_methods):
2219         (RawTypes.Int.generate_validate_method):
2220         (RawTypes.Int.get_raw_validator_call_text):
2221         (RawTypes.Number.get_validate_method_params.ValidateMethodParams):
2222         (RawTypes.Any.generate_validate_method):
2223         (RawTypes.Any.get_raw_validator_call_text):
2224         (RawTypes.Array.get_validate_method_params.ValidateMethodParams):
2225         (RawTypes.Array.get_validate_method_params):
2226         (PlainObjectBinding.get_validator_call_text):
2227         (RuntimeCastHelper):
2228         (Generator):
2229         (Generator.go):
2230
2231 2012-08-09  Sukolsak Sakshuwong  <sukolsak@google.com>
2232
2233         Mouse-select then Cut, results in preceding character being lost
2234         https://bugs.webkit.org/show_bug.cgi?id=60830
2235
2236         Reviewed by Ryosuke Niwa.
2237
2238         This bug happened only in text fields and text areas, not in other
2239         content-editable elements. That's because when we cut or copied text
2240         in a text control, we called Pasteboard::writePlainText instead of
2241         Pasteboard::writeSelection. writePlainText did not record the smart replace
2242         information. Make writePlainText record the smart replace information.
2243
2244         Test: editing/pasteboard/smart-paste-in-text-control.html
2245
2246         * editing/Editor.cpp:
2247         (WebCore::Editor::cut):
2248         (WebCore::Editor::copy):
2249         * inspector/InjectedScriptHost.cpp:
2250         (WebCore::InjectedScriptHost::copyText):
2251         * inspector/InspectorFrontendHost.cpp:
2252         (WebCore::InspectorFrontendHost::copyText):
2253         * platform/Pasteboard.h:
2254         * platform/blackberry/PasteboardBlackBerry.cpp:
2255         (WebCore::Pasteboard::writePlainText):
2256         * platform/chromium/PasteboardChromium.cpp:
2257         (WebCore::Pasteboard::writePlainText):
2258         * platform/efl/PasteboardEfl.cpp:
2259         (WebCore::Pasteboard::writePlainText):
2260         * platform/gtk/PasteboardGtk.cpp:
2261         (WebCore::Pasteboard::writePlainText):
2262         * platform/mac/ClipboardMac.mm:
2263         (WebCore::ClipboardMac::writePlainText):
2264         * platform/mac/PasteboardMac.mm:
2265         (WebCore::Pasteboard::writePlainText):
2266         * platform/qt/PasteboardQt.cpp:
2267         (WebCore::Pasteboard::writePlainText):
2268         * platform/win/PasteboardWin.cpp:
2269         (WebCore::Pasteboard::writePlainText):
2270         * platform/wince/PasteboardWinCE.cpp:
2271         (WebCore::Pasteboard::writePlainText):
2272         * platform/wx/ClipboardWx.cpp:
2273         (WebCore::ClipboardWx::writePlainText):
2274         * platform/wx/PasteboardWx.cpp:
2275         (WebCore::Pasteboard::writePlainText):
2276
2277 2012-08-09  Kentaro Hara  <haraken@chromium.org>
2278
2279         Unreviewed. Updated run-binding-tests results.
2280
2281         * bindings/scripts/test/V8/V8TestActiveDOMObject.cpp:
2282         (WebCore::TestActiveDOMObjectV8Internal::TestActiveDOMObjectDomainSafeFunctionSetter):
2283
2284 2012-08-09  Luke Macpherson   <macpherson@chromium.org>
2285
2286         Fix null pointer deref in RenderFileUploadControl::computePreferredLogicalWidth().
2287         https://bugs.webkit.org/show_bug.cgi?id=93579
2288
2289         Reviewed by Kent Tamura.
2290
2291         Checks the upload control has a non-null button renderer before dereferencing.
2292
2293         Test: fast/forms/file/file-crash-by-display-none-button.html
2294
2295         * rendering/RenderFileUploadControl.cpp:
2296         (WebCore::RenderFileUploadControl::computePreferredLogicalWidths):
2297
2298 2012-08-09  Kentaro Hara  <haraken@chromium.org>
2299
2300         [V8] Rename V8BindingPerContextData to V8PerContextData
2301         https://bugs.webkit.org/show_bug.cgi?id=93595
2302
2303         Reviewed by Adam Barth.
2304
2305         For a better name. See discussion in bug 93333.
2306
2307         No tests. No change in behavior.
2308
2309         * UseV8.cmake: Added V8PerContextData.cpp. The fact that missing V8BindingPerContextData.cpp
2310         has not caused any problem indicates that UseV8.cmake is not used at all?
2311         * WebCore.gypi:
2312         * bindings/v8/V8DOMWindowShell.cpp:
2313         (WebCore::V8DOMWindowShell::initContextIfNeeded):
2314         * bindings/v8/V8DOMWindowShell.h:
2315         (WebCore::V8DOMWindowShell::perContextData):
2316         (V8DOMWindowShell):
2317         * bindings/v8/V8DOMWrapper.cpp:
2318         (WebCore::V8DOMWrapper::constructorForType):
2319         (WebCore::V8DOMWrapper::perContextData):
2320         (WebCore::V8DOMWrapper::instantiateV8Object):
2321         * bindings/v8/V8DOMWrapper.h:
2322         (WebCore):
2323         (V8DOMWrapper):
2324         * bindings/v8/V8IsolatedContext.cpp:
2325         (WebCore::V8IsolatedContext::V8IsolatedContext):
2326         * bindings/v8/V8IsolatedContext.h:
2327         (WebCore):
2328         (WebCore::V8IsolatedContext::perContextData):
2329         (V8IsolatedContext):
2330         * bindings/v8/V8PerContextData.cpp: Renamed from Source/WebCore/bindings/v8/V8BindingPerContextData.cpp.
2331         (WebCore):
2332         (WebCore::V8PerContextData::dispose):
2333         (WebCore::V8PerContextData::init):
2334         (WebCore::V8PerContextData::createWrapperFromCacheSlowCase):
2335         (WebCore::V8PerContextData::constructorForTypeSlowCase):
2336         * bindings/v8/V8PerContextData.h: Renamed from Source/WebCore/bindings/v8/V8BindingPerContextData.h.
2337         (WebCore):
2338         (V8PerContextData):
2339         (WebCore::V8PerContextData::create):
2340         (WebCore::V8PerContextData::~V8PerContextData):
2341         (WebCore::V8PerContextData::createWrapperFromCache):
2342         (WebCore::V8PerContextData::constructorForType):
2343         (WebCore::V8PerContextData::V8PerContextData):
2344         * bindings/v8/V8Proxy.cpp:
2345         (WebCore::V8Proxy::retrievePerContextData):
2346         * bindings/v8/V8Proxy.h:
2347         (WebCore):
2348         (V8Proxy):
2349         * bindings/v8/WorkerContextExecutionProxy.cpp:
2350         (WebCore::WorkerContextExecutionProxy::initContextIfNeeded):
2351         * bindings/v8/WorkerContextExecutionProxy.h:
2352         (WebCore):
2353         (WebCore::WorkerContextExecutionProxy::perContextData):
2354         (WorkerContextExecutionProxy):
2355
2356 2012-08-09  Erik Arvidsson  <arv@chromium.org>
2357
2358         HTMLElement.classList cannot remove classnames with uppercase characters
2359         https://bugs.webkit.org/show_bug.cgi?id=93628
2360
2361         Reviewed by Alexey Proskuryakov.
2362
2363         Before this patch we were trying to be smart and determine whether we needed the update m_classNamesForQuirksMode
2364         based on whether m_classNamesForQuirksMode.isNull(), however, m_classNamesForQuirksMode.isNull() is true when the
2365         class name is the empty string.
2366
2367         We also did not update m_classNamesForQuirksMode when the class attribute was cleared.
2368
2369         Updated tests.
2370
2371         * dom/StyledElement.cpp:
2372         (WebCore::StyledElement::classAttributeChanged):
2373         * html/ClassList.cpp:
2374         (WebCore::ClassList::reset):
2375         (WebCore::ClassList::classNames):
2376
2377 2012-08-09  Yuta Kitamura  <yutak@chromium.org>
2378
2379         Unreviewed, Chromium-mac (clang) build fix for r125230.
2380
2381         * platform/graphics/chromium/TiledLayerChromium.cpp:
2382         (WebCore):
2383
2384 2012-08-09  MORITA Hajime  <morrita@google.com>
2385
2386         https://bugs.webkit.org/show_bug.cgi?id=93587
2387         Node::replaceChild() can create bad DOM topology with MutationEvent, Part 2
2388
2389         Reviewed by Kent Tamura.
2390
2391         This is a followup of r124156. replaceChild() has yet another hidden
2392         MutationEvent trigger. This change added a guard for it.
2393
2394         Test: fast/events/mutation-during-replace-child-2.html
2395
2396         * dom/ContainerNode.cpp:
2397         (WebCore::ContainerNode::replaceChild):
2398
2399 2012-08-09  Kentaro Hara  <haraken@chromium.org>
2400
2401         [V8] V8Utilities::throwTypeMismatchException() should use setDOMException()
2402         https://bugs.webkit.org/show_bug.cgi?id=93610
2403
2404         Reviewed by Adam Barth.
2405
2406         Given that V8Utilities::throwTypeMismatchException() throws a DOM exception,
2407         we should use setDOMException() instead of throwError().
2408
2409         This patch also renames throwTypeMismatchException() to setTypeMismatchException().
2410
2411         No tests. I couldn't figure out how to trigger the call path.
2412         Either way this is just a minor change of error message.
2413
2414         * bindings/v8/V8Utilities.cpp:
2415         (WebCore::setTypeMismatchException):
2416         * bindings/v8/V8Utilities.h:
2417         (WebCore::createFunctionOnlyCallback):
2418
2419 2012-08-09  Julien Chaffraix  <jchaffraix@webkit.org>
2420
2421         Crash in WebCore::RenderTable::cellBefore
2422         https://bugs.webkit.org/show_bug.cgi?id=91160
2423
2424         Reviewed by Abhishek Arya.
2425
2426         The issue was that we wouldn't properly set the row index on row in a newly split table. When inserting
2427         the cell into the new row, we would try to repaint the cell which would access the row index and crash.
2428         This came from splitAnonymousBoxesAroundChild calling RenderObjectChildList::insertChildNode directly
2429         which doesn't invoke the row setting logic (RenderTableSection::addChild for example but we cannot call
2430         addChild due to concern over splitting flows in the general case).
2431
2432         Test: fast/table/split-anonymous-boxes-around-table-repaint-crash.html
2433
2434         * rendering/RenderBox.cpp:
2435         (WebCore::RenderBox::splitAnonymousBoxesAroundChild):
2436         Dirty our parent box, which forces a cell recomputation which will set the row index. This needs to
2437         be done *before* we insert the child to avoid crashing when repainting the new child.
2438
2439 2012-08-09  Erik Arvidsson  <arv@chromium.org>
2440
2441         [V8] Fix issues with [DoNotCheckSecurity] which depended on non ES5 compliant behavior
2442         https://bugs.webkit.org/show_bug.cgi?id=93555
2443
2444         Reviewed by Kentaro Hara.
2445
2446         Before this change we were relying on a V8 bug where instance properties could be shadow
2447         read only properties on the prototype. With this change we no longer depend on this incorrect
2448         V8 behavior and instead use a hidden v8 property that is only returned if the code can access
2449         the frame.
2450
2451         No new tests. No change in behavior.
2452
2453         * bindings/scripts/CodeGeneratorV8.pm:
2454         (GenerateDomainSafeFunctionGetter):
2455         (GenerateDomainSafeFunctionSetter):
2456         (GenerateNonStandardFunction):
2457         (GenerateImplementation):
2458         * bindings/scripts/test/V8/V8TestActiveDOMObject.cpp:
2459         (WebCore::TestActiveDOMObjectV8Internal::postMessageAttrGetter):
2460         (WebCore::TestActiveDOMObjectV8Internal::TestActiveDOMObjectDomainSafeFunctionSetter):
2461         (TestActiveDOMObjectV8Internal):
2462         (WebCore::ConfigureV8TestActiveDOMObjectTemplate):
2463
2464 2012-08-09  David Grogan  <dgrogan@chromium.org>
2465
2466         IndexedDB: intversion-long-queue.html fails an assert
2467         https://bugs.webkit.org/show_bug.cgi?id=92783
2468
2469         Reviewed by Tony Chang.
2470
2471         onBlocked needs the same shouldEnqueueEvent check that the other
2472         event generators have.
2473
2474         Tests: intversion-long-queue is no longer skipped.
2475
2476         * Modules/indexeddb/IDBRequest.h:
2477         (IDBRequest):
2478         * Modules/indexeddb/IDBVersionChangeRequest.cpp:
2479         (WebCore::IDBVersionChangeRequest::onBlocked):
2480
2481 2012-08-09  Eric Penner  <epenner@google.com>
2482
2483         [chromium] Paint animated layers immediately to avoid animation hiccups.
2484         https://bugs.webkit.org/show_bug.cgi?id=93028
2485
2486         Reviewed by Adrienne Walker.
2487
2488         This is a technique used on Android, which is very prone
2489         to hiccups in animations. Paint the entire layer if it is
2490         of reasonable size such that there is no hiccups when the
2491         animation reaches unpainted content. The reasonable size
2492         is choosen for page-transitions specifically, as this was
2493         the problem case (animations would just jump to the end).
2494
2495         Since we already have a special case this just modifies it
2496         and replaces the unit test with a new one. This can be
2497         improved/simplified further when distances/directions are
2498         available for the animated layers.
2499
2500         Replaced one test.
2501
2502         * platform/graphics/chromium/TiledLayerChromium.cpp:
2503         (UpdatableTile):
2504         (WebCore::UpdatableTile::resetUpdateState):
2505         (WebCore::UpdatableTile::markForUpdate):
2506         (WebCore::UpdatableTile::UpdatableTile):
2507         (WebCore::TiledLayerChromium::TiledLayerChromium):
2508         (WebCore::TiledLayerChromium::pushPropertiesTo):
2509         (WebCore):
2510         (WebCore::TiledLayerChromium::updateTiles):
2511         (WebCore::TiledLayerChromium::markOcclusionsAndRequestTextures):
2512         (WebCore::TiledLayerChromium::haveTexturesForTiles):
2513         (WebCore::TiledLayerChromium::markTilesForUpdate):
2514         (WebCore::TiledLayerChromium::updateTileTextures):
2515         (WebCore::TiledLayerChromium::setTexturePrioritiesInRect):
2516         (WebCore::TiledLayerChromium::resetUpdateState):
2517         (WebCore::TiledLayerChromium::updateContentRect):
2518         (WebCore::TiledLayerChromium::needsIdlePaint):
2519         (WebCore::TiledLayerChromium::idlePaintRect):
2520         * platform/graphics/chromium/TiledLayerChromium.h:
2521         (TiledLayerChromium):
2522         * platform/graphics/chromium/cc/CCLayerTilingData.cpp:
2523         (WebCore::CCLayerTilingData::contentRectToTileIndices):
2524         * platform/graphics/chromium/cc/CCPriorityCalculator.h:
2525         (WebCore::CCPriorityCalculator::maxPriority):
2526
2527 2012-08-09  Julien Chaffraix  <jchaffraix@webkit.org>
2528
2529         REGRESSION(r117339): cell in block-level table in inline-block are aligned with their last line box
2530         https://bugs.webkit.org/show_bug.cgi?id=91137
2531
2532         Reviewed by Tony Chang.
2533
2534         Fixed the code to properly ignore any inline-table's baseline for the purpose of 'inline-block' baseline computation.
2535         See http://lists.w3.org/Archives/Public/www-style/2012Jul/0721.html about the discussion.
2536
2537         While touching the code, properly fixed the table baseline logic that was wrong because it wrongly piggy-backed
2538         on the inline-block baseline logic.
2539
2540         Tests: fast/table/anonymous-table-no-baseline-align.html
2541                fast/table/inline-table-in-inline-block-last-baseline-align.html
2542
2543         * rendering/RenderTable.cpp:
2544         (WebCore::RenderTable::baselinePosition):
2545         Overrode this function: this is needed as RenderBlock assumes that isReplaced() == true
2546         means it is handling an inline-block, not a table.
2547
2548         (WebCore::RenderTable::lastLineBoxBaseline):
2549         Table are ignored for the purpose of inline-block baseline determination.
2550
2551         (WebCore::RenderTable::firstLineBoxBaseline):
2552         Inlined the code from getLineBoxBaseline. Added some comments to explain
2553         why this code works as expected in the 'table' case.
2554
2555         * rendering/RenderTable.h:
2556         Added baselinePosition.
2557
2558 2012-08-09  Adam Barth  <abarth@webkit.org>
2559
2560         Sandboxing view source documents is ineffective
2561         https://bugs.webkit.org/show_bug.cgi?id=93660
2562
2563         Reviewed by Eric Seidel.
2564
2565         Prior to this patch, Document::setIsViewSource changed the
2566         SecurityOrigin object on Document but didn't update the copy on
2567         DOMWindow. As a consequence, the security checks that use the copy on
2568         DOMWindow didn't notice the change and acted as if the document wasn't
2569         sandboxed.
2570
2571         This bug wasn't present for most view source documents because
2572         HTMLViewSourceDocument sets the flag in its constructor. However, for
2573         view source documents created by the XMLTreeViewer, the bit was set at
2574         the end of parsing rather than during construction.
2575
2576         This mechansim is really more of a mitigation than an important
2577         security check, and I was tempted to remove the sandboxing entirely
2578         given that sandboxing a document at the end of parsing isn't overly
2579         effective anyway. However, we can worry about that issue in a future
2580         patch.
2581
2582         For the time being, this patch just synchronizes DOMWindow and
2583         Document's copy of the SecurityOrigin. The long-term solution here, of
2584         course, is to keep working on fixing
2585         https://bugs.webkit.org/show_bug.cgi?id=75793, which this patch gets us
2586         one (small) step closer to fixing.
2587
2588         * dom/Document.cpp:
2589         (WebCore::Document::setIsViewSource):
2590
2591 2012-08-09  Benjamin Poulain  <bpoulain@apple.com>
2592
2593         Append the unit in place when generating the text value of a CSSPrimitiveValue
2594         https://bugs.webkit.org/show_bug.cgi?id=93572
2595
2596         Reviewed by Andreas Kling.
2597
2598         Previously, the units were added to the formatted number by the operator+. This would create
2599         a new WTF::String for the unit, then use String::append() to add it to the number.
2600
2601         This was ineffective because it required one malloc for the unit, followed by a realloc + copying
2602         the bytes.
2603
2604         This patch adds handling for the unit directly in formatNumber() so that we only do one malloc
2605         and append the units in place.
2606
2607         Avoiding the intermediate string is both more efficient (9% faster as seen from JavaScript)
2608         and generate more compact code (~8kb less code on x86_64).
2609
2610         * css/CSSPrimitiveValue.cpp:
2611         (WebCore::formatNumber):
2612         (WebCore::CSSPrimitiveValue::customCssText):
2613
2614 2012-08-09  Elliott Sprehn  <esprehn@gmail.com>
2615
2616         Reimplement RenderQuote placement algorithm
2617         https://bugs.webkit.org/show_bug.cgi?id=93056
2618
2619         Reviewed by Eric Seidel.
2620
2621         Greatly simplify the code that maintains the linked list of RenderQuotes. Now RenderQuote
2622         is placed into the linked list in computePreferredLogicalWidths on first access and is
2623         detached when destroyed (or explicitly removed).
2624
2625         The new algorithm doesn't require walking up the tree of renderers when there are no
2626         RenderQuotes in the tree yet, and also removes the need to walk over every subtree
2627         when inserting in rendererSubtreeAttached.
2628
2629         No new tests because this patch doesn't change any behavior.
2630
2631         * rendering/RenderObjectChildList.cpp:
2632         (WebCore::RenderObjectChildList::removeChildNode): Call detachQuote when removing from a child list.
2633         (WebCore::RenderObjectChildList::appendChildNode):
2634         (WebCore::RenderObjectChildList::insertChildNode):
2635         * rendering/RenderQuote.cpp:
2636         (WebCore::RenderQuote::RenderQuote):
2637         (WebCore::RenderQuote::~RenderQuote):
2638         (WebCore::RenderQuote::willBeDestroyed): Call detachQuote to ensure all destroyed quotes are detached.
2639         (WebCore::RenderQuote::originalText):
2640         (WebCore::RenderQuote::computePreferredLogicalWidths): Attach quote before computing the width.
2641         (WebCore):
2642         (WebCore::RenderQuote::attachQuote): Puts the RenderQuote in the linked list of quotes and computes the depth.
2643         (WebCore::RenderQuote::detachQuote): Removes the quote from the linked list.
2644         (WebCore::RenderQuote::updateDepth):
2645         * rendering/RenderQuote.h:
2646         (RenderQuote):
2647         * rendering/style/RenderStyle.cpp:
2648         (WebCore::RenderStyle::diff): Return StyleDifferenceLayout if quotes change and remove check in styleDidChange in RenderQuote.
2649         * rendering/RenderView.cpp:
2650         (WebCore::RenderView::RenderView):
2651         * rendering/RenderView.h:
2652         (WebCore):
2653         (WebCore::RenderView::setRenderQuoteHead):
2654         (WebCore::RenderView::renderQuoteHead): Stores the first quote in the document.
2655         (RenderView):
2656
2657 2012-08-06  Nat Duca  <nduca@chromium.org>
2658
2659         [chromium] Expose CCGraphicsContext as WebCompositorOutputSurface
2660         https://bugs.webkit.org/show_bug.cgi?id=92890
2661
2662         Reviewed by James Robinson.
2663
2664         * platform/graphics/chromium/cc/CCGraphicsContext.h:
2665         (WebCore):
2666         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
2667         (WebCore::CCLayerTreeHost::initializeLayerRenderer):
2668         (WebCore::CCLayerTreeHost::recreateContext):
2669         (WebCore::CCLayerTreeHost::createContext):
2670         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
2671         (WebCore):
2672         (CCLayerTreeHostClient):
2673         (WebCore::CCLayerTreeSettings::CCLayerTreeSettings):
2674         (CCLayerTreeSettings):
2675         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
2676         (WebCore::CCLayerTreeHostImpl::onVSyncParametersChanged):
2677         (WebCore):
2678         (WebCore::CCLayerTreeHostImpl::initializeLayerRenderer):
2679         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
2680         (CCLayerTreeHostImplClient):
2681         * platform/graphics/chromium/cc/CCProxy.h:
2682         (WebKit):
2683         (WebCore):
2684         * platform/graphics/chromium/cc/CCRenderer.h:
2685         (CCRendererClient):
2686         (WebCore::CCRendererClient::~CCRendererClient):
2687         * platform/graphics/chromium/cc/CCResourceProvider.cpp:
2688         * platform/graphics/chromium/cc/CCResourceProvider.h:
2689         * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
2690         * platform/graphics/chromium/cc/CCThreadProxy.cpp:
2691         (WebCore::CCThreadProxy::recreateContext):
2692         (WebCore::CCThreadProxy::onVSyncParametersChanged):
2693         (WebCore):
2694         (WebCore::CCThreadProxy::beginFrame):
2695         * platform/graphics/chromium/cc/CCThreadProxy.h:
2696
2697 2012-08-09  Nat Duca  <nduca@chromium.org>
2698
2699         Unreviewed, rolling out r125212.
2700         http://trac.webkit.org/changeset/125212
2701         https://bugs.webkit.org/show_bug.cgi?id=92890
2702
2703         Compile failure on mac dbg builder
2704
2705         * platform/graphics/chromium/cc/CCGraphicsContext.h:
2706         (WebCore):
2707         (CCGraphicsContext):
2708         (WebCore::CCGraphicsContext::create2D):
2709         (WebCore::CCGraphicsContext::create3D):
2710         (WebCore::CCGraphicsContext::context3D):
2711         (WebCore::CCGraphicsContext::CCGraphicsContext):
2712         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
2713         (WebCore::CCLayerTreeHost::initializeLayerRenderer):
2714         (WebCore::CCLayerTreeHost::recreateContext):
2715         (WebCore::CCLayerTreeHost::createContext):
2716         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
2717         (WebCore):
2718         (CCLayerTreeHostClient):
2719         (WebCore::CCLayerTreeSettings::CCLayerTreeSettings):
2720         (CCLayerTreeSettings):
2721         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
2722         (WebCore::CCLayerTreeHostImpl::initializeLayerRenderer):
2723         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
2724         (CCLayerTreeHostImplClient):
2725         * platform/graphics/chromium/cc/CCProxy.h:
2726         (WebCore):
2727         * platform/graphics/chromium/cc/CCRenderer.h:
2728         (CCRendererClient):
2729         * platform/graphics/chromium/cc/CCResourceProvider.cpp:
2730         * platform/graphics/chromium/cc/CCResourceProvider.h:
2731         (WebCore):
2732         * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
2733         * platform/graphics/chromium/cc/CCThreadProxy.cpp:
2734         (WebCore::CCThreadProxy::recreateContext):
2735         (WebCore::CCThreadProxy::beginFrame):
2736         * platform/graphics/chromium/cc/CCThreadProxy.h:
2737
2738 2012-08-09  Kentaro Hara  <haraken@chromium.org>
2739
2740         [V8] Remove V8Proxy::throwError(ExceptionCode&)
2741         https://bugs.webkit.org/show_bug.cgi?id=93605
2742
2743         Reviewed by Adam Barth.
2744
2745         (1) Pass Isolate around to V8Utilities::extractTransferables().
2746         (2) Replace throwError(ExceptionCode&) in V8Utilities::extractTransferables()
2747         with setDOMException(ExceptionCode&, Isolate*), which completely removes
2748         V8Proxy::throwError(ExceptionCode&) from the code base.
2749         (3) Remove V8Proxy::throwError(ExceptionCode&).
2750
2751         No tests. No change in behavior.
2752
2753         * bindings/scripts/CodeGeneratorV8.pm:
2754         (GenerateParametersCheck):
2755         * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.cpp:
2756         (WebCore::TestSerializedScriptValueInterfaceV8Internal::acceptTransferListCallback):
2757         (WebCore::TestSerializedScriptValueInterfaceV8Internal::multiTransferListCallback):
2758         (WebCore::V8TestSerializedScriptValueInterface::constructorCallback):
2759         * bindings/v8/Dictionary.cpp:
2760         (WebCore::Dictionary::get):
2761         * bindings/v8/V8Proxy.h:
2762         (WebCore):
2763         * bindings/v8/V8Utilities.cpp:
2764         (WebCore::extractTransferables):
2765         (WebCore::getMessagePortArray):
2766         * bindings/v8/V8Utilities.h:
2767         (WebCore):
2768         * bindings/v8/custom/V8DOMWindowCustom.cpp:
2769         (WebCore::handlePostMessageCallback):
2770         * bindings/v8/custom/V8DedicatedWorkerContextCustom.cpp:
2771         (WebCore::handlePostMessageCallback):
2772         * bindings/v8/custom/V8IntentConstructor.cpp:
2773         (WebCore::V8Intent::constructorCallback):
2774         * bindings/v8/custom/V8MessageEventCustom.cpp:
2775         (WebCore::V8MessageEvent::initMessageEventCallback):
2776         * bindings/v8/custom/V8MessagePortCustom.cpp:
2777         (WebCore::handlePostMessageCallback):
2778         * bindings/v8/custom/V8WorkerCustom.cpp:
2779         (WebCore::handlePostMessageCallback):
2780
2781 2012-08-09  Kentaro Hara  <haraken@chromium.org>
2782
2783         [V8] Rename V8BindingPerIsolateData to V8PerIsolateData
2784         https://bugs.webkit.org/show_bug.cgi?id=93592
2785
2786         Reviewed by Adam Barth.
2787
2788         For a better name. See discussion in bug 93333.
2789
2790         No tests. No change in behavior.
2791
2792         * UseV8.cmake:
2793         * WebCore.gypi:
2794         * bindings/scripts/CodeGeneratorV8.pm:
2795         (GenerateImplementation):
2796         * bindings/scripts/test/V8/V8Float64Array.cpp:
2797         (WebCore::V8Float64Array::GetRawTemplate):
2798         (WebCore::V8Float64Array::GetTemplate):
2799         * bindings/scripts/test/V8/V8TestActiveDOMObject.cpp:
2800         (WebCore::V8TestActiveDOMObject::GetRawTemplate):
2801         (WebCore::V8TestActiveDOMObject::GetTemplate):
2802         * bindings/scripts/test/V8/V8TestCustomNamedGetter.cpp:
2803         (WebCore::V8TestCustomNamedGetter::GetRawTemplate):
2804         (WebCore::V8TestCustomNamedGetter::GetTemplate):
2805         * bindings/scripts/test/V8/V8TestEventConstructor.cpp:
2806         (WebCore::V8TestEventConstructor::GetRawTemplate):
2807         (WebCore::V8TestEventConstructor::GetTemplate):
2808         * bindings/scripts/test/V8/V8TestEventTarget.cpp:
2809         (WebCore::V8TestEventTarget::GetRawTemplate):
2810         (WebCore::V8TestEventTarget::GetTemplate):
2811         * bindings/scripts/test/V8/V8TestException.cpp:
2812         (WebCore::V8TestException::GetRawTemplate):
2813         (WebCore::V8TestException::GetTemplate):
2814         * bindings/scripts/test/V8/V8TestInterface.cpp:
2815         (WebCore::V8TestInterface::GetRawTemplate):
2816         (WebCore::V8TestInterface::GetTemplate):
2817         * bindings/scripts/test/V8/V8TestMediaQueryListListener.cpp:
2818         (WebCore::V8TestMediaQueryListListener::GetRawTemplate):
2819         (WebCore::V8TestMediaQueryListListener::GetTemplate):
2820         * bindings/scripts/test/V8/V8TestNamedConstructor.cpp:
2821         (WebCore::V8TestNamedConstructor::GetRawTemplate):
2822         (WebCore::V8TestNamedConstructor::GetTemplate):
2823         * bindings/scripts/test/V8/V8TestNode.cpp:
2824         (WebCore::V8TestNode::GetRawTemplate):
2825         (WebCore::V8TestNode::GetTemplate):
2826         * bindings/scripts/test/V8/V8TestObj.cpp:
2827         (WebCore::V8TestObj::GetRawTemplate):
2828         (WebCore::V8TestObj::GetTemplate):
2829         * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.cpp:
2830         (WebCore::V8TestSerializedScriptValueInterface::GetRawTemplate):
2831         (WebCore::V8TestSerializedScriptValueInterface::GetTemplate):
2832         * bindings/v8/DOMData.cpp:
2833         (WebCore::DOMData::getCurrentStore):
2834         * bindings/v8/DOMDataStore.cpp:
2835         (WebCore::DOMDataStore::allStores):
2836         * bindings/v8/ScriptGCEvent.cpp:
2837         (WebCore::isolateGCEventData):
2838         * bindings/v8/ScriptProfiler.cpp:
2839         (WebCore::ScriptProfiler::visitExternalStrings):
2840         (WebCore::ScriptProfiler::collectBindingMemoryInfo):
2841         * bindings/v8/StaticDOMDataStore.cpp:
2842         (WebCore::StaticDOMDataStore::StaticDOMDataStore):
2843         (WebCore::StaticDOMDataStore::~StaticDOMDataStore):
2844         * bindings/v8/V8Binding.cpp:
2845         (WebCore::V8PerIsolateData::visitExternalStrings):
2846         (WebCore::getToStringName):
2847         (WebCore::getToStringTemplate):
2848         * bindings/v8/V8Binding.h:
2849         (WebCore::ConstructorMode::ConstructorMode):
2850         (WebCore::ConstructorMode::~ConstructorMode):
2851         (WebCore::ConstructorMode::current):
2852         (WebCore::v8ExternalString):
2853         (WebCore::v8Integer):
2854         (WebCore::v8UnsignedInteger):
2855         * bindings/v8/V8DOMMap.cpp:
2856         (WebCore::DOMDataStoreHandle::DOMDataStoreHandle):
2857         (WebCore::DOMDataStoreHandle::~DOMDataStoreHandle):
2858         * bindings/v8/V8DOMWindowShell.cpp:
2859         (WebCore::V8DOMWindowShell::initContextIfNeeded):
2860         * bindings/v8/V8GCController.cpp:
2861         (WebCore::currentGlobalHandleMap):
2862         (WebCore::V8GCController::gcPrologue):
2863         * bindings/v8/V8HiddenPropertyName.cpp:
2864         (WebCore):
2865         * bindings/v8/V8LazyEventListener.cpp:
2866         (WebCore::V8LazyEventListener::prepareListenerObject):
2867         * bindings/v8/V8PerIsolateData.cpp: Renamed from Source/WebCore/bindings/v8/V8BindingPerIsolateData.cpp.
2868         (WebCore):
2869         (WebCore::V8PerIsolateData::V8PerIsolateData):
2870         (WebCore::V8PerIsolateData::~V8PerIsolateData):
2871         (WebCore::V8PerIsolateData::create):
2872         (WebCore::V8PerIsolateData::ensureInitialized):
2873         (WebCore::V8PerIsolateData::dispose):
2874         (WebCore::V8PerIsolateData::reportMemoryUsage):
2875         * bindings/v8/V8PerIsolateData.h: Renamed from Source/WebCore/bindings/v8/V8BindingPerIsolateData.h.
2876         (WebCore):
2877         (V8PerIsolateData):
2878         (WebCore::V8PerIsolateData::current):
2879         (WebCore::V8PerIsolateData::rawTemplateMap):
2880         (WebCore::V8PerIsolateData::templateMap):
2881         (WebCore::V8PerIsolateData::toStringName):
2882         (WebCore::V8PerIsolateData::toStringTemplate):
2883         (WebCore::V8PerIsolateData::lazyEventListenerToStringTemplate):
2884         (WebCore::V8PerIsolateData::stringCache):
2885         (WebCore::V8PerIsolateData::integerCache):
2886         (WebCore::V8PerIsolateData::allStores):
2887         (WebCore::V8PerIsolateData::hiddenPropertyName):
2888         (WebCore::V8PerIsolateData::auxiliaryContext):
2889         (WebCore::V8PerIsolateData::registerDOMDataStore):
2890         (WebCore::V8PerIsolateData::unregisterDOMDataStore):
2891         (WebCore::V8PerIsolateData::domDataStore):
2892         (WebCore::V8PerIsolateData::setDOMDataStore):
2893         (WebCore::V8PerIsolateData::recursionLevel):
2894         (WebCore::V8PerIsolateData::incrementRecursionLevel):
2895         (WebCore::V8PerIsolateData::decrementRecursionLevel):
2896         (WebCore::V8PerIsolateData::globalHandleMap):
2897         (WebCore::V8PerIsolateData::internalScriptRecursionLevel):
2898         (WebCore::V8PerIsolateData::incrementInternalScriptRecursionLevel):
2899         (WebCore::V8PerIsolateData::decrementInternalScriptRecursionLevel):
2900         (WebCore::V8PerIsolateData::gcEventData):
2901         (WebCore::V8PerIsolateData::setShouldCollectGarbageSoon):
2902         (WebCore::V8PerIsolateData::clearShouldCollectGarbageSoon):
2903         (WebCore::V8PerIsolateData::shouldCollectGarbageSoon):
2904         * bindings/v8/V8Proxy.cpp:
2905         (WebCore::V8Proxy::hintForGCIfNecessary):
2906         * bindings/v8/V8RecursionScope.h:
2907         (WebCore::V8RecursionScope::V8RecursionScope):
2908         (WebCore::V8RecursionScope::~V8RecursionScope):
2909         (WebCore::V8RecursionScope::recursionLevel):
2910         (WebCore::V8RecursionScope::properlyUsed):
2911         (WebCore::V8RecursionScope::MicrotaskSuppression::MicrotaskSuppression):
2912         (WebCore::V8RecursionScope::MicrotaskSuppression::~MicrotaskSuppression):
2913         * bindings/v8/V8Utilities.cpp:
2914         (WebCore::V8AuxiliaryContext::auxiliaryContext):
2915         * bindings/v8/V8ValueCache.cpp:
2916         (WebCore::cachedStringCallback):
2917         * bindings/v8/WorkerContextExecutionProxy.cpp:
2918         (WebCore::WorkerContextExecutionProxy::initIsolate):
2919         * bindings/v8/WorkerScriptController.cpp:
2920         (WebCore::WorkerScriptController::WorkerScriptController):
2921         (WebCore::WorkerScriptController::~WorkerScriptController):
2922         * bindings/v8/custom/V8HTMLCanvasElementCustom.cpp:
2923         (WebCore::V8HTMLCanvasElement::getContextCallback):
2924
2925 2012-08-09  Mike West  <mkwst@chromium.org>
2926
2927         Invalid Content Security Policy sources should generate console warnings.
2928         https://bugs.webkit.org/show_bug.cgi?id=93599
2929
2930         Reviewed by Adam Barth.
2931
2932         Given a Content Security Policy directive, we're currently correctly
2933         ignoring sources that we can't parse: "'slef'", "http:///", etc. have
2934         no effect on the protected resource's active policy. We're not, however
2935         telling the developer what we're doing, which can lead to confusion.
2936         This patch adds a console warning whenever an invalid source expression
2937         is encountered while parsing a directive in order to make WebKit's
2938         behavior more transparent to the developer.
2939
2940         There should be no functional change as a result of this patch: the
2941         policy should be parsed exactly as before, it should simply be more
2942         verbose.
2943
2944         Test: http/tests/security/contentSecurityPolicy/source-list-parsing-07.html
2945
2946         * page/ContentSecurityPolicy.cpp:
2947         (WebCore::CSPSourceList::parse):
2948             Two changes: First, if 'parseSource' returns false, then log a
2949             warning to the developer's console. Second, if both the source and
2950             host are empty, but parsing succeeded, then we know we're dealing
2951             with either a wildcard- or keyword-source that was properly handled
2952             inside 'parseSource', so jump to the next source.
2953         (WebCore::CSPSourceList::parseSource):
2954             Wildcard- and keyword-sources now return 'true'. They parsed
2955             correctly, after all.
2956         (WebCore::ContentSecurityPolicy::reportInvalidSourceExpression):
2957             Log a console warning if an invalid source expression is present in
2958             a CSP directive's value.
2959         (WebCore):
2960         * page/ContentSecurityPolicy.h:
2961
2962 2012-08-06  Nat Duca  <nduca@chromium.org>
2963
2964         [chromium] Expose CCGraphicsContext as WebCompositorOutputSurface
2965         https://bugs.webkit.org/show_bug.cgi?id=92890
2966
2967         Reviewed by James Robinson.
2968
2969         * platform/graphics/chromium/cc/CCGraphicsContext.h:
2970         (WebCore):
2971         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
2972         (WebCore::CCLayerTreeHost::initializeLayerRenderer):
2973         (WebCore::CCLayerTreeHost::recreateContext):
2974         (WebCore::CCLayerTreeHost::createContext):
2975         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
2976         (WebCore):
2977         (CCLayerTreeHostClient):
2978         (WebCore::CCLayerTreeSettings::CCLayerTreeSettings):
2979         (CCLayerTreeSettings):
2980         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
2981         (WebCore::CCLayerTreeHostImpl::onVSyncParametersChanged):
2982         (WebCore):
2983         (WebCore::CCLayerTreeHostImpl::initializeLayerRenderer):
2984         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
2985         (CCLayerTreeHostImplClient):
2986         * platform/graphics/chromium/cc/CCProxy.h:
2987         (WebKit):
2988         (WebCore):
2989         * platform/graphics/chromium/cc/CCRenderer.h:
2990         (CCRendererClient):
2991         (WebCore::CCRendererClient::~CCRendererClient):
2992         * platform/graphics/chromium/cc/CCResourceProvider.cpp:
2993         * platform/graphics/chromium/cc/CCResourceProvider.h:
2994         * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
2995         * platform/graphics/chromium/cc/CCThreadProxy.cpp:
2996         (WebCore::CCThreadProxy::recreateContext):
2997         (WebCore::CCThreadProxy::onVSyncParametersChanged):
2998         (WebCore):
2999         (WebCore::CCThreadProxy::beginFrame):
3000         * platform/graphics/chromium/cc/CCThreadProxy.h:
3001
3002 2012-08-09  Bruno de Oliveira Abinader  <bruno.abinader@basyskom.com>
3003
3004         [css3-text] Add suport for -webkit-text-decoration-line
3005         https://bugs.webkit.org/show_bug.cgi?id=90959
3006
3007         Reviewed by Kenneth Rohde Christiansen.
3008
3009         This patch implements the "text-decoration-line" property specified in CSS3
3010         working draft, with "-webkit-" prefix. The specification can be found below:
3011         http://dev.w3.org/csswg/css3-text/#text-decoration-line
3012
3013         Additionally, Mozilla implementation details can be found here:
3014         https://developer-dev.allizom.org/en-US/docs/CSS/text-decoration-line
3015
3016         It is important to notice that "-webkit-text-decoration-line" and
3017         "text-decoration" properties shares the same property handlers, however, the
3018         former resets the latter if value from latter doesn't have "important" value
3019         set (same behavior as Firefox). In a rare case where both properties have
3020         "important" value set, the text decoration gets value from the last parsed
3021         property.
3022
3023         Test: fast/css/text-decoration-line.html
3024
3025         * css/CSSComputedStyleDeclaration.cpp:
3026         (WebCore::renderTextDecorationFlagsToCSSValue):
3027         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
3028         * css/CSSParser.cpp:
3029         (WebCore::CSSParser::parseValue):
3030         (WebCore::CSSParser::addTextDecorationProperty):
3031         (WebCore::CSSParser::parseTextDecoration):
3032         * css/CSSParser.h:
3033         * css/CSSProperty.cpp:
3034         (WebCore::CSSProperty::isInheritedProperty):
3035         * css/CSSPropertyNames.in:
3036         * css/StyleBuilder.cpp:
3037         (WebCore::StyleBuilder::StyleBuilder):
3038         * css/StyleResolver.cpp:
3039         (WebCore::StyleResolver::collectMatchingRulesForList):
3040
3041 2012-08-09  Huang Dongsung  <luxtella@company100.net>
3042
3043         Extract the definition of NativeImagePtr from ImageSource.h into NativeImagePtr.h.
3044         https://bugs.webkit.org/show_bug.cgi?id=93466
3045
3046         Reviewed by Adam Barth.
3047
3048         Image.h includes ImageSource.h in order to know the definition of NativeImagePtr.
3049         But Image does not need to know the definition of ImageSource. So, this patch
3050         extracts the definition of NativeImagePtr from ImageSource.h into NativeImagePtr.h.
3051
3052         This is a preparation for asynchronous image decoding. Async decoding
3053         will need a callback function, which sends a NativeImagePtr to clients, and the
3054         callback must know the definition of NativeImagePtr, not ImageSource.
3055
3056         No new tests, behavior is unchanged.
3057
3058         * GNUmakefile.list.am:
3059         * Target.pri:
3060         * WebCore.gypi:
3061         * WebCore.vcproj/WebCore.vcproj:
3062         * WebCore.xcodeproj/project.pbxproj:
3063         * platform/graphics/BitmapImage.h:
3064         * platform/graphics/Image.h:
3065         * platform/graphics/ImageSource.h:
3066         (WebCore):
3067         * platform/graphics/NativeImagePtr.h: Added.
3068         (WebCore):
3069
3070 2012-08-09  Robert Hogan  <robert@webkit.org>
3071
3072         CSS 2.1 failure: 'Text-indent' only affects a line if it is the first formatted line of an element
3073         https://bugs.webkit.org/show_bug.cgi?id=63185
3074
3075         Reviewed by Eric Seidel.
3076
3077         Per CSS 2.1 (http://www.w3.org/TR/CSS21/text.html) : "'Text-indent' only affects a line if it is the 
3078         first formatted line of an element. For example, the first line of an anonymous block box is only 
3079         affected if it is the first child of its parent element."
3080
3081         Tests: fast/css/text-indent-first-line-001.html
3082                fast/css/text-indent-first-line-002.html
3083                fast/css/text-indent-first-line-003.html
3084                fast/css/text-indent-first-line-004.html
3085                fast/css/text-indent-first-line-005.html
3086                fast/css/text-indent-first-line-006.html
3087
3088         * rendering/RenderBlockLineLayout.cpp:
3089         (WebCore::RenderBlock::computeInlineDirectionPositionsForLine): As well as being the first line under a parent block,
3090           check that this is also the first *formatted* line of an element by ensuring that we are at the start of a 
3091           formatting context and not just a continuation of a previous anonymous block in an existing formatting context.
3092
3093 2012-08-09  Jan Keromnes  <janx@linux.com>
3094
3095         Web Inspector: replace the Web Inspector editor with CodeMirror
3096         https://bugs.webkit.org/show_bug.cgi?id=92769
3097
3098         Reviewed by Pavel Feldman.
3099
3100         Integrating CodeMirror as a devtools experiment. Currently supporting
3101         basic editing, search/replacing, and saving. Missing proper breakpoints
3102         wiring, debugging, message bubbles, popovers and context menus. WIP.
3103
3104         * WebCore.gypi:
3105         * WebCore.vcproj/WebCore.vcproj:
3106         * inspector/compile-front-end.py:
3107         * inspector/front-end/CodeMirrorTextEditor.js: Added.
3108         (WebInspector.CodeMirrorTextEditor.this._codeMirror.CodeMirror):
3109         (WebInspector.CodeMirrorTextEditor):
3110         (WebInspector.CodeMirrorTextEditor.prototype.set mimeType):
3111         (WebInspector.CodeMirrorTextEditor.prototype.setReadOnly):
3112         (WebInspector.CodeMirrorTextEditor.prototype.readOnly):
3113         (WebInspector.CodeMirrorTextEditor.prototype.defaultFocusedElement):
3114         (WebInspector.CodeMirrorTextEditor.prototype.focus):
3115         (WebInspector.CodeMirrorTextEditor.prototype.revealLine):
3116         (WebInspector.CodeMirrorTextEditor.prototype.addDecoration):
3117         (WebInspector.CodeMirrorTextEditor.prototype.removeDecoration):
3118         (WebInspector.CodeMirrorTextEditor.prototype.markAndRevealRange):
3119         (WebInspector.CodeMirrorTextEditor.prototype.highlightLine):
3120         (WebInspector.CodeMirrorTextEditor.prototype.clearLineHighlight):
3121         (WebInspector.CodeMirrorTextEditor.prototype.freeCachedElements):
3122         (WebInspector.CodeMirrorTextEditor.prototype.elementsToRestoreScrollPositionsFor):
3123         (WebInspector.CodeMirrorTextEditor.prototype.inheritScrollPositions):
3124         (WebInspector.CodeMirrorTextEditor.prototype.beginUpdates):
3125         (WebInspector.CodeMirrorTextEditor.prototype.endUpdates):
3126         (WebInspector.CodeMirrorTextEditor.prototype.onResize):
3127         (WebInspector.CodeMirrorTextEditor.prototype.editRange):
3128         (WebInspector.CodeMirrorTextEditor.prototype._onChange):
3129         (WebInspector.CodeMirrorTextEditor.prototype._commitEditing):
3130         (WebInspector.CodeMirrorTextEditor.prototype.scrollToLine):
3131         (WebInspector.CodeMirrorTextEditor.prototype.selection):
3132         (WebInspector.CodeMirrorTextEditor.prototype.lastSelection):
3133         (WebInspector.CodeMirrorTextEditor.prototype.setSelection):
3134         (WebInspector.CodeMirrorTextEditor.prototype.setText):
3135         (WebInspector.CodeMirrorTextEditor.prototype.text):
3136         (WebInspector.CodeMirrorTextEditor.prototype.range):
3137         (WebInspector.CodeMirrorTextEditor.prototype.line):
3138         (WebInspector.CodeMirrorTextEditor.prototype.get linesCount):
3139         (WebInspector.CodeMirrorTextEditor.prototype.setAttribute):
3140         (WebInspector.CodeMirrorTextEditor.prototype.getAttribute):
3141         (WebInspector.CodeMirrorTextEditor.prototype.removeAttribute):
3142         (WebInspector.CodeMirrorTextEditor.prototype.wasShown):
3143         (WebInspector.CodeMirrorTextEditor.prototype.willHide):
3144         (WebInspector.CodeMirrorTextEditor.prototype._textChanged):
3145         (WebInspector.CodeMirrorTextEditor.prototype._toPos):
3146         (WebInspector.CodeMirrorTextEditor.prototype._toRange):
3147         * inspector/front-end/Settings.js:
3148         (WebInspector.ExperimentsSettings):
3149         * inspector/front-end/SourceFrame.js:
3150         (WebInspector.SourceFrame):
3151         * inspector/front-end/WebKit.qrc:
3152         * inspector/front-end/cmdevtools.css: Added.
3153         * inspector/front-end/inspector.html:
3154
3155 2012-08-09  Dana Jansens  <danakj@chromium.org>
3156
3157         [chromium] Do partial-swap scissoring on quads during draw instead of on layers
3158         https://bugs.webkit.org/show_bug.cgi?id=91800
3159
3160         Reviewed by Adrienne Walker.
3161
3162         Computing the scissor rect for each render pass is now done in
3163         LayerRendererChromium::drawRenderPass() instead of being done for each
3164         layer and then copied into the quads. This allows us to always push a
3165         full frame of quads (and include damage rects) from a child compositor,
3166         and do partial-swap scissoring in the host compositor.
3167
3168         This also make partial-swap functionality completely contained within
3169         LayerRendererChromium!
3170
3171         The scissorRect is removed from all layers, and the concept of
3172         scissorRect is now misplaced in CCOcclusionTracker, so the variables
3173         and methods in the tracker should be renamed to more appropriate
3174         things.
3175
3176         Covered by existing tests, as well as: CCLayerTreeHostImplTest.textureCachingWithScissor
3177
3178         * platform/graphics/chromium/LayerChromium.h:
3179         (LayerChromium):
3180         * platform/graphics/chromium/LayerRendererChromium.cpp:
3181         (WebCore::LayerRendererChromium::clearFramebuffer):
3182         (WebCore::LayerRendererChromium::renderPassTextureSize):
3183         (WebCore::LayerRendererChromium::drawFrame):
3184         (WebCore::LayerRendererChromium::drawRenderPass):
3185         (WebCore::LayerRendererChromium::drawQuad):
3186         (WebCore::LayerRendererChromium::drawDebugBorderQuad):
3187         (WebCore::LayerRendererChromium::drawBackgroundFilters):
3188         (WebCore::LayerRendererChromium::drawTileQuad):
3189         (WebCore::LayerRendererChromium::swapBuffers):
3190         (WebCore::LayerRendererChromium::useRenderPass):
3191         (WebCore::LayerRendererChromium::setScissorToRect):
3192         * platform/graphics/chromium/LayerRendererChromium.h:
3193         (LayerRendererChromium):
3194         (DrawingFrame):
3195         * platform/graphics/chromium/RenderSurfaceChromium.cpp:
3196         * platform/graphics/chromium/RenderSurfaceChromium.h:
3197         (RenderSurfaceChromium):
3198         * platform/graphics/chromium/cc/CCDrawQuad.h:
3199         (WebCore::CCDrawQuad::clippedRectInTarget):
3200         * platform/graphics/chromium/cc/CCLayerImpl.cpp:
3201         (WebCore::CCLayerImpl::createSharedQuadState):
3202         * platform/graphics/chromium/cc/CCLayerImpl.h:
3203         (CCLayerImpl):
3204         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
3205         (WebCore::CCLayerTreeHost::updateLayers):
3206         (WebCore::CCLayerTreeHost::paintLayerContents):
3207         * platform/graphics/chromium/cc/CCLayerTreeHostCommon.cpp:
3208         (WebCore::calculateVisibleRectsInternal):
3209         (WebCore::CCLayerTreeHostCommon::calculateVisibleRects):
3210         * platform/graphics/chromium/cc/CCLayerTreeHostCommon.h:
3211         (CCLayerTreeHostCommon):
3212         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
3213         (WebCore::CCLayerTreeHostImpl::calculateRenderSurfaceLayerList):
3214         (WebCore::CCLayerTreeHostImpl::calculateRenderPasses):
3215         (WebCore::CCLayerTreeHostImpl::drawLayers):
3216         (WebCore::CCLayerTreeHostImpl::swapBuffers):
3217         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
3218         (CCLayerTreeHostImpl):
3219         * platform/graphics/chromium/cc/CCOcclusionTracker.cpp:
3220         (WebCore::::layerScissorRectInTargetSurface):
3221         * platform/graphics/chromium/cc/CCRenderPass.cpp:
3222         (WebCore::CCRenderPass::CCRenderPass):
3223         (WebCore::CCRenderPass::appendQuadsToFillScreen):
3224         * platform/graphics/chromium/cc/CCRenderPass.h:
3225         (CCRenderPass):
3226         (WebCore::CCRenderPass::transformToRootTarget):
3227         (WebCore::CCRenderPass::outputRect):
3228         (WebCore::CCRenderPass::damageRect):
3229         (WebCore::CCRenderPass::setDamageRect):
3230         * platform/graphics/chromium/cc/CCRenderSurface.cpp:
3231         (WebCore::computeClippedRectInTarget):
3232         (WebCore):
3233         (WebCore::CCRenderSurface::createSharedQuadState):
3234         (WebCore::CCRenderSurface::createReplicaSharedQuadState):
3235         * platform/graphics/chromium/cc/CCRenderSurface.h:
3236         (CCRenderSurface):
3237         * platform/graphics/chromium/cc/CCRenderer.h:
3238         (CCRenderer):
3239         * platform/graphics/chromium/cc/CCSharedQuadState.cpp:
3240         (WebCore::CCSharedQuadState::create):
3241         (WebCore::CCSharedQuadState::CCSharedQuadState):
3242         * platform/graphics/chromium/cc/CCSharedQuadState.h:
3243         (CCSharedQuadState):
3244         * platform/graphics/chromium/cc/CCTiledLayerImpl.cpp:
3245         (WebCore::CCTiledLayerImpl::appendQuads):
3246
3247 2012-08-09  Mike West  <mkwst@chromium.org>
3248
3249         Content Security Policy directives that begin with an invalid character should log a console warning.
3250         https://bugs.webkit.org/show_bug.cgi?id=93622
3251
3252         Reviewed by Adam Barth.
3253
3254         CSP directives containing unrecognized characters somewhere in the
3255         middle were caught and logged by the current algorithm. We additionally
3256         caught the case in which the directive begins with an invalid character,
3257         but we silently ignored it. Now we're slightly more vocal.
3258
3259         This change also exits 'parseDirective' early in the case where the
3260         directive text is empty, or filled only with whitespace. There doesn't
3261         seem to be any value in flagging that case, as it has no impact on the
3262         way the policy would have been interpreted (that is, 'img-src *;;...'
3263         doesn't change in meaning by ignoring the empty directive between the
3264         semicolons).
3265
3266         Test: http/tests/security/contentSecurityPolicy/directive-parsing-05.html
3267
3268         * page/ContentSecurityPolicy.cpp:
3269         (WebCore::CSPDirectiveList::parseDirective):
3270             Two changes: first, we now exit early if the entire directive text
3271             is empty (e.g. ';;;' or ';      ;'); second, if the directive begins
3272             with a character that doesn't match 'isDirectiveNameCharacter', then
3273             we advance either to the next space, or the end of the value, and
3274             report an unrecognized directive to the policy.
3275
3276 2012-08-09  Shawn Singh  <shawnsingh@chromium.org>
3277
3278         [chromium] Pass mask scale and offset to shaders for correct masking
3279         https://bugs.webkit.org/show_bug.cgi?id=93558
3280
3281         Reviewed by Adrienne Walker.
3282
3283         In chromium compositor code, the mask was accidentally mapped 1:1
3284         to the layer's renderSurface, rather than the layer itself. This
3285         patch adds a layout test that reproduces the error and fixes the
3286         problem. The solution we opted for in this patch is to pass a
3287         scale and offset to the fragment shader, so that the correct
3288         texture coordinate lookup is computed by the fragment shader.
3289
3290         Test: compositing/masks/mask-of-clipped-layer.html
3291
3292         * platform/graphics/chromium/LayerRendererChromium.cpp:
3293         (WebCore::LayerRendererChromium::drawRenderPassQuad):
3294         * platform/graphics/chromium/ShaderChromium.cpp:
3295         (WebCore::FragmentShaderRGBATexAlphaMask::FragmentShaderRGBATexAlphaMask):
3296         (WebCore::FragmentShaderRGBATexAlphaMask::init):
3297         (WebCore::FragmentShaderRGBATexAlphaMask::getShaderString):
3298         (WebCore::FragmentShaderRGBATexAlphaMaskAA::FragmentShaderRGBATexAlphaMaskAA):
3299         (WebCore::FragmentShaderRGBATexAlphaMaskAA::init):
3300         (WebCore::FragmentShaderRGBATexAlphaMaskAA::getShaderString):
3301         * platform/graphics/chromium/ShaderChromium.h:
3302         (WebCore::FragmentShaderRGBATexAlphaMask::maskTexCoordScaleLocation):
3303         (WebCore::FragmentShaderRGBATexAlphaMask::maskTexCoordOffsetLocation):
3304         (FragmentShaderRGBATexAlphaMask):
3305         (WebCore::FragmentShaderRGBATexAlphaMaskAA::maskTexCoordScaleLocation):
3306         (WebCore::FragmentShaderRGBATexAlphaMaskAA::maskTexCoordOffsetLocation):
3307         (FragmentShaderRGBATexAlphaMaskAA):
3308         * platform/graphics/chromium/cc/CCRenderPassDrawQuad.cpp:
3309         (WebCore::CCRenderPassDrawQuad::create):
3310         (WebCore::CCRenderPassDrawQuad::CCRenderPassDrawQuad):
3311         * platform/graphics/chromium/cc/CCRenderPassDrawQuad.h:
3312         (CCRenderPassDrawQuad):
3313         (WebCore::CCRenderPassDrawQuad::maskTexCoordScaleX):
3314         (WebCore::CCRenderPassDrawQuad::maskTexCoordScaleY):
3315         (WebCore::CCRenderPassDrawQuad::maskTexCoordOffsetX):
3316         (WebCore::CCRenderPassDrawQuad::maskTexCoordOffsetY):
3317         * platform/graphics/chromium/cc/CCRenderSurface.cpp:
3318         (WebCore::CCRenderSurface::appendQuads):
3319
3320 2012-08-09  Mihnea Ovidenie  <mihnea@adobe.com>
3321
3322         CSSRegions: Crash when attaching a region to the removed named flow
3323         https://bugs.webkit.org/show_bug.cgi?id=93204
3324
3325         Reviewed by Abhishek Arya.
3326
3327         The crash happens because the flow thread reference is passed to the RenderRegion object
3328         when the RenderRegion object is created. However, it is only in RenderRegion::attachRegion method
3329         when the region is taken into account and stored in flow thread regions list. Under these circumstances,
3330         it is possible that the flow thread passed to the region at the moment of region creation be destroyed
3331         before the region gets the chance to be attached to the flow thread and a crash will occur.
3332
3333         This patch moves the moment when the RenderRegion object stores its 'weak' reference to the flow thread
3334         from RenderRegion constructor to attachRegion method, preventing the situation in which the region is attached
3335         to a wrong flow thread object.
3336
3337         Test: fast/regions/region-attached-wrong-flow-crash.html
3338
3339         * rendering/RenderObject.cpp:
3340         (WebCore::RenderObject::createObject): Pass 0 instead of a reference to the flow thread.
3341         * rendering/RenderRegion.cpp:
3342         (WebCore::RenderRegion::checkRegionStyle): Added this function to check whether the region has region style rules attached.
3343         (WebCore):
3344         (WebCore::RenderRegion::styleDidChange): Use checkRegionStyle.
3345         (WebCore::RenderRegion::attachRegion): Store the reference to the flow thread. If the flow thread does not exist, it will be created.
3346         Also, check whether the region has region style rules attached, since at this moment the region has a flow thread. Checking whether
3347         the region has region style rules is not enough in styleDidChange, because styleDidChange is sometimes triggered before attachRegion.
3348         * rendering/RenderRegion.h:
3349         (RenderRegion):
3350
3351 2012-08-09  Iain Merrick  <husky@chromium.org>
3352
3353         [chromium] Enable kerning on Android
3354         https://bugs.webkit.org/show_bug.cgi?id=92737
3355
3356         Reviewed by Adam Barth.
3357
3358         This #ifdef was incorrectly copied from our forked WebKit repository
3359         while unforking our Android-specific changes. Kerning works without
3360         any known problems.
3361
3362         Covered by existing tests (layout and instrumentation tests).
3363
3364         * platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp:
3365         (WebCore::ComplexTextController::ComplexTextController):
3366
3367 2012-08-09  'Pavel Feldman'  <pfeldman@chromium.org>
3368
3369         Web Inspector: follow up to r125174 - fix subtype use.
3370
3371         Not reviewed, trivial fix.
3372
3373         * inspector/InjectedScriptSource.js:
3374         (.):
3375
3376 2012-08-09  Yury Semikhatsky  <yurys@chromium.org>
3377
3378         Web Inspector: DocumentEventQueue memory instrumentation
3379         https://bugs.webkit.org/show_bug.cgi?id=93604
3380
3381         Reviewed by Pavel Feldman.
3382
3383         Provided DocumentEventQueue:: reportMemoryUsage implementation.
3384
3385         * dom/Document.cpp:
3386         (WebCore::Document::reportMemoryUsage):
3387         * dom/DocumentEventQueue.cpp:
3388         (WebCore::DocumentEventQueue::reportMemoryUsage):
3389         (WebCore):
3390         * dom/DocumentEventQueue.h:
3391         (WebCore):
3392         * dom/Event.cpp:
3393         (WebCore::Event::reportMemoryUsage):
3394         (WebCore):
3395         * dom/Event.h:
3396         (WebCore):
3397         (Event):
3398
3399 2012-08-09  Pavel Feldman  <pfeldman@chromium.org>
3400
3401         Web Inspector: add codemirror library as an experiment
3402         https://bugs.webkit.org/show_bug.cgi?id=93620
3403
3404         Reviewed by Vsevolod Vlasov.
3405
3406         This change adds codemirror, deploys it, but does not include it into the inspector.html. Clients need to fetch it
3407         using XHR and eval into the inspector's context to use as a part of their experiments.
3408
3409         * WebCore.gypi:
3410         * WebCore.vcproj/WebCore.vcproj:
3411         * inspector/front-end/WebKit.qrc:
3412         * inspector/front-end/cm/LICENSE: Added.
3413         * inspector/front-end/cm/codemirror.css: Added.
3414         (.CodeMirror):
3415         * inspector/front-end/cm/xml.js: Added.
3416         (CodeMirror.defineMode.):
3417         (CodeMirror.defineMode):
3418
3419 2012-08-09  Xan Lopez  <xlopez@igalia.com>
3420
3421         1.9.6 drops symbols, breaking compatibility
3422         https://bugs.webkit.org/show_bug.cgi?id=93477
3423
3424         Reviewed by Carlos Garcia Campos.
3425
3426         Expose documentURI as writable again for the GObject DOM
3427         bindings. DOM4 makes it read-only, but we need to revert to the
3428         old state for compatibility reasons, just like Objective C.
3429
3430         * dom/Document.idl: ditto.
3431
3432 2012-08-09  Mario Sanchez Prada  <msanchez@igalia.com>
3433
3434         REGRESSION (r124997): Flaky crashes in two tests
3435         https://bugs.webkit.org/show_bug.cgi?id=93501
3436
3437         Reviewed by Martin Robinson.
3438
3439         Add missing null check to make sure we early return if the
3440         accessibility object does not have a valid parent exposed in the
3441         accessibility hierarchy.
3442
3443         * accessibility/gtk/AXObjectCacheAtk.cpp:
3444         (WebCore::emitTextChanged): Add missing null check.
3445
3446 2012-08-09  Pavel Feldman  <pfeldman@chromium.org>
3447
3448         Web Inspector: generate preview for the objects dumped into the console upon logging.
3449         https://bugs.webkit.org/show_bug.cgi?id=35801
3450