Unreviewed, rolling out r116498.
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2012-05-11  Sheriff Bot  <webkit.review.bot@gmail.com>
2
3         Unreviewed, rolling out r116498.
4         http://trac.webkit.org/changeset/116498
5         https://bugs.webkit.org/show_bug.cgi?id=86251
6
7         Causes crashes in major sites and security issues (Requested
8         by schenney on #webkit).
9
10         * rendering/svg/RenderSVGInline.cpp:
11         (WebCore::RenderSVGInline::addChild):
12         * rendering/svg/RenderSVGInlineText.cpp:
13         (WebCore::RenderSVGInlineText::willBeDestroyed):
14         (WebCore::RenderSVGInlineText::setTextInternal):
15         (WebCore::RenderSVGInlineText::styleDidChange):
16         * rendering/svg/RenderSVGText.cpp:
17         (WebCore::recursiveUpdateLayoutAttributes):
18         (WebCore::RenderSVGText::layoutAttributesChanged):
19         (WebCore::RenderSVGText::layoutAttributesWillBeDestroyed):
20         (WebCore::RenderSVGText::invalidateTextPositioningElements):
21         (WebCore::recursiveUpdateScaledFont):
22         (WebCore::RenderSVGText::layout):
23         (WebCore::RenderSVGText::addChild):
24         (WebCore::recursiveCollectLayoutAttributes):
25         (WebCore::RenderSVGText::rebuildLayoutAttributes):
26         (WebCore):
27         * rendering/svg/RenderSVGText.h:
28         (RenderSVGText):
29         (WebCore::RenderSVGText::layoutAttributes):
30         * rendering/svg/SVGRootInlineBox.cpp:
31         (WebCore::SVGRootInlineBox::computePerCharacterLayoutInformation):
32         * rendering/svg/SVGTextLayoutAttributesBuilder.cpp:
33         (WebCore::SVGTextLayoutAttributesBuilder::buildLayoutAttributes):
34
35 2012-05-11  Tim Horton  <timothy_horton@apple.com>
36
37         FrameView->m_lastPaintTime is not updated in the tiled drawing case
38         https://bugs.webkit.org/show_bug.cgi?id=86246
39         <rdar://problem/11248475>
40
41         Reviewed by Simon Fraser.
42
43         Update FrameView's m_lastPaintTime from RenderLayerBacking::paintContents
44         if the RenderLayerBacking is backing a tiled drawing layer.
45
46         In the future we might want to consider updating m_lastPaintTime when any
47         compositing layer is painted into, but this change gets us on par with the
48         non-tiled-drawing case as it stands now.
49
50         No new tests.
51
52         * page/FrameView.h:
53         (WebCore::FrameView::setLastPaintTime):
54         * rendering/RenderLayerBacking.cpp:
55         (WebCore::RenderLayerBacking::paintContents):
56
57 2012-05-11  Shezan Baig  <shezbaig.wk@gmail.com>
58
59         Add helper function for node()->rootEditableElement() == node()
60         https://bugs.webkit.org/show_bug.cgi?id=86217
61
62         Reviewed by Ryosuke Niwa.
63
64         Added Node::isRootEditableElement and updated existing code that did
65         (node->rootEditableElement() == node) to use isRootEditableElement
66         instead.
67
68         No new tests. No change in behavior.
69
70         * dom/Node.cpp:
71         (WebCore::Node::isRootEditableElement):
72         (WebCore):
73         * dom/Node.h:
74         (Node):
75         Added new helper function.
76
77         * dom/Document.cpp:
78         (WebCore::Document::setFocusedNode):
79         * dom/Element.cpp:
80         (WebCore::Element::updateFocusAppearance):
81         * editing/CompositeEditCommand.cpp:
82         (WebCore::CompositeEditCommand::cloneParagraphUnderNewElement):
83         * editing/DeleteSelectionCommand.cpp:
84         (WebCore::DeleteSelectionCommand::removeNode):
85         * editing/InsertParagraphSeparatorCommand.cpp:
86         (WebCore::InsertParagraphSeparatorCommand::doApply):
87         * page/FocusController.cpp:
88         (WebCore::FocusController::setFocusedNode):
89         * rendering/RenderBlock.cpp:
90         (WebCore::RenderBlock::hasLineIfEmpty):
91         * rendering/RenderBlockLineLayout.cpp:
92         (WebCore::RenderBlock::addOverflowFromInlineChildren):
93         Updates to existing code to use the new helper function.
94
95 2012-05-11  Shawn Singh  <shawnsingh@chromium.org>
96
97         [chromium] Create WebTransformationMatrix interface for chromium platform
98         https://bugs.webkit.org/show_bug.cgi?id=86049
99
100         Reviewed by James Robinson.
101
102         This patch creates a WebTransformationMatrix interface. It will
103         remain unused at the moment, until (a) unit tests are created
104         and (b) when we are ready to make a brief transition of all other
105         chromium code to use it.
106
107         * WebCore.gypi:
108         * platform/chromium/support/WebTransformationMatrix.cpp: Added.
109         (WebKit):
110         (WebKit::WebTransformationMatrix::WebTransformationMatrix):
111         (WebKit::WebTransformationMatrix::operator=):
112         (WebKit::WebTransformationMatrix::operator==):
113         (WebKit::WebTransformationMatrix::operator*):
114         (WebKit::WebTransformationMatrix::inverse):
115         (WebKit::WebTransformationMatrix::to2dTransform):
116         (WebKit::WebTransformationMatrix::multiply):
117         (WebKit::WebTransformationMatrix::makeIdentity):
118         (WebKit::WebTransformationMatrix::translate):
119         (WebKit::WebTransformationMatrix::translate3d):
120         (WebKit::WebTransformationMatrix::translateRight3d):
121         (WebKit::WebTransformationMatrix::scale):
122         (WebKit::WebTransformationMatrix::scaleNonUniform):
123         (WebKit::WebTransformationMatrix::scale3d):
124         (WebKit::WebTransformationMatrix::rotate):
125         (WebKit::WebTransformationMatrix::rotate3d):
126         (WebKit::WebTransformationMatrix::skewX):
127         (WebKit::WebTransformationMatrix::skewY):
128         (WebKit::WebTransformationMatrix::applyPerspective):
129         (WebKit::WebTransformationMatrix::blend):
130         (WebKit::WebTransformationMatrix::hasPerspective):
131         (WebKit::WebTransformationMatrix::isInvertible):
132         (WebKit::WebTransformationMatrix::isBackFaceVisible):
133         (WebKit::WebTransformationMatrix::isIdentity):
134         (WebKit::WebTransformationMatrix::isIdentityOrTranslation):
135         (WebKit::WebTransformationMatrix::isIntegerTranslation):
136         (WebKit::WebTransformationMatrix::m11):
137         (WebKit::WebTransformationMatrix::setM11):
138         (WebKit::WebTransformationMatrix::m12):
139         (WebKit::WebTransformationMatrix::setM12):
140         (WebKit::WebTransformationMatrix::m13):
141         (WebKit::WebTransformationMatrix::setM13):
142         (WebKit::WebTransformationMatrix::m14):
143         (WebKit::WebTransformationMatrix::setM14):
144         (WebKit::WebTransformationMatrix::m21):
145         (WebKit::WebTransformationMatrix::setM21):
146         (WebKit::WebTransformationMatrix::m22):
147         (WebKit::WebTransformationMatrix::setM22):
148         (WebKit::WebTransformationMatrix::m23):
149         (WebKit::WebTransformationMatrix::setM23):
150         (WebKit::WebTransformationMatrix::m24):
151         (WebKit::WebTransformationMatrix::setM24):
152         (WebKit::WebTransformationMatrix::m31):
153         (WebKit::WebTransformationMatrix::setM31):
154         (WebKit::WebTransformationMatrix::m32):
155         (WebKit::WebTransformationMatrix::setM32):
156         (WebKit::WebTransformationMatrix::m33):
157         (WebKit::WebTransformationMatrix::setM33):
158         (WebKit::WebTransformationMatrix::m34):
159         (WebKit::WebTransformationMatrix::setM34):
160         (WebKit::WebTransformationMatrix::m41):
161         (WebKit::WebTransformationMatrix::setM41):
162         (WebKit::WebTransformationMatrix::m42):
163         (WebKit::WebTransformationMatrix::setM42):
164         (WebKit::WebTransformationMatrix::m43):
165         (WebKit::WebTransformationMatrix::setM43):
166         (WebKit::WebTransformationMatrix::m44):
167         (WebKit::WebTransformationMatrix::setM44):
168         (WebKit::WebTransformationMatrix::a):
169         (WebKit::WebTransformationMatrix::setA):
170         (WebKit::WebTransformationMatrix::b):
171         (WebKit::WebTransformationMatrix::setB):
172         (WebKit::WebTransformationMatrix::c):
173         (WebKit::WebTransformationMatrix::setC):
174         (WebKit::WebTransformationMatrix::d):
175         (WebKit::WebTransformationMatrix::setD):
176         (WebKit::WebTransformationMatrix::e):
177         (WebKit::WebTransformationMatrix::setE):
178         (WebKit::WebTransformationMatrix::f):
179         (WebKit::WebTransformationMatrix::setF):
180         (WebKit::WebTransformationMatrix::toWebCoreTransform):
181         (WebKit::WebTransformationMatrix::mapRect):
182         (WebKit::WebTransformationMatrix::mapPoint):
183         (WebKit::WebTransformationMatrix::mapQuad):
184         (WebKit::WebTransformationMatrix::projectPoint):
185
186 2012-05-11  Alexandru Chiculita  <achicu@adobe.com>
187
188         [CSS Shaders] Make CSS Shaders render to texture framebuffers
189         https://bugs.webkit.org/show_bug.cgi?id=85113
190
191         Reviewed by Dean Jackson.
192
193         Added the required members to store the framebuffer, the texture and the depth buffer. Also removed the m_drawingBuffer
194         because context->readPixels doesn't require one anymore.
195
196         ReadPixels is not flipping the result, so I've also removed the flipping projection matrix that was specific only to Chromium.
197
198         Added a test to check that colors are not switched and the resulting image is not mirrored.
199
200         Test: css3/filters/custom/effect-color-check.html
201
202         * platform/graphics/filters/FECustomFilter.cpp:
203         (WebCore::FECustomFilter::FECustomFilter):
204         (WebCore::FECustomFilter::~FECustomFilter):
205         (WebCore):
206         (WebCore::FECustomFilter::deleteRenderBuffers):
207         (WebCore::FECustomFilter::platformApplySoftware):
208         (WebCore::FECustomFilter::initializeContext):
209         (WebCore::FECustomFilter::resizeContext):
210         (WebCore::FECustomFilter::bindProgramAndBuffers):
211         * platform/graphics/filters/FECustomFilter.h:
212         (FECustomFilter):
213
214 2012-05-11  Anders Carlsson  <andersca@apple.com>
215
216         REGRESSION(r116687): [Chromium] plugins/embed-attributes-style.html shows a garbled string
217         https://bugs.webkit.org/show_bug.cgi?id=86170
218
219         Reviewed by Andreas Kling.
220
221         The string we are passing to the TextRun constructor needs to stay alive for longer so revert back to the old
222         behavior where we store it as a member variable.
223
224         * rendering/RenderEmbeddedObject.cpp:
225         (WebCore::unavailablePluginReplacementText):
226         (WebCore):
227         (WebCore::RenderEmbeddedObject::setPluginUnavailabilityReason):
228         (WebCore::RenderEmbeddedObject::getReplacementTextGeometry):
229         * rendering/RenderEmbeddedObject.h:
230         (RenderEmbeddedObject):
231
232 2012-05-11  Simon Fraser  <simon.fraser@apple.com>
233
234         CVDisplayLink keeps running after a single requestAnimationFrame
235         https://bugs.webkit.org/show_bug.cgi?id=86174
236         
237         Reviewed by Sam Weinig.
238         
239         A DisplayRefreshMonitor would keep its CVDisplayLink alive for as long
240         as it had clients, and the client is the ScriptedAnimationController, which
241         lives on the document. So a single requestAnimationFrame call would kick
242         off a CVDisplayLink which lived until the document was destroyed.
243         
244         Fix by having the DisplayRefreshMonitor kill itself if the CVDisplayLink
245         fires for 10 times with no scheduled callbacks (to avoid creation/deletion
246         thrash on pages that call requestAnimationFrames with short setTimeouts,
247         as some do).
248         
249         Use a HashMap in DisplayRefreshMonitorManager for the set of DisplayRefreshMonitor,
250         with the displayID as the key (using UnsignedWithZeroKeyHashTraits<uint64_t> since
251         we want to allow for 0 to be a valid displayID).
252         
253         Use a HashSet in DisplayRefreshMonitor for the client set, so that we don't have to
254         worry about adding clients twice.
255         
256         Also fix a possible crash when the only client of a DisplayRefreshMonitor
257         was removed from inside the callback by making DisplayRefreshMonitor ref-counted,
258         with a protector.
259
260         Test: fast/animation/request-animation-frame-detach-element2.html
261
262         * platform/graphics/DisplayRefreshMonitor.cpp:
263         (WebCore::DisplayRefreshMonitor::DisplayRefreshMonitor): Initialize m_unscheduledFireCount
264         (WebCore::DisplayRefreshMonitor::handleDisplayRefreshedNotificationOnMainThread): Renamed
265         from refreshDisplayOnMainThread, since it doesn't just refresh the display.
266         (WebCore::DisplayRefreshMonitor::addClient): No longer inline.
267         (WebCore::DisplayRefreshMonitor::removeClient): No longer inline.
268         (WebCore::DisplayRefreshMonitor::displayDidRefresh): Keep track of m_unscheduledFireCount,
269         which we used to kill this monitor if it has been idle for a while.
270         Use a RefPtr<DisplayRefreshMonitor> to prevent deletion while running the callback.
271         Copy the clients to a vector to protect against mutating the set while enumerating it.
272         Notify the DisplayRefreshMonitorManager when we're done, so that it can decide
273         to delete inactive monitors.
274         
275         (WebCore::DisplayRefreshMonitorManager::ensureMonitorForClient): find or allocate
276         a DisplayRefreshMonitor for a given client.
277         (WebCore::DisplayRefreshMonitorManager::registerClient): Simplified by use of HashMap.
278         (WebCore::DisplayRefreshMonitorManager::unregisterClient): Ditto.
279         (WebCore::DisplayRefreshMonitorManager::scheduleAnimation): Ditto. Uses
280         ensureMonitorForClient() since an earlier inactive monitor may have been removed.
281         (WebCore::DisplayRefreshMonitorManager::displayDidRefresh): Remove inactive
282         monitors.
283         * platform/graphics/DisplayRefreshMonitor.h: Make DisplayRefreshMonitor
284         ref-counted, to make it easier to avoid deletion while it's on the stack.
285         (WebCore::DisplayRefreshMonitor::create):
286         (DisplayRefreshMonitor):
287         (WebCore::DisplayRefreshMonitor::shouldBeTerminated):
288         (DisplayRefreshMonitorManager):
289         * platform/graphics/blackberry/DisplayRefreshMonitorBlackBerry.cpp: Attempt to
290         keep things building.
291         (WebCore::DisplayRefreshMonitor::~DisplayRefreshMonitor):
292         (WebCore::DisplayRefreshMonitor::displayLinkFired):
293         to give the manager a chance to kill this monitor.
294         * platform/graphics/mac/DisplayRefreshMonitorMac.cpp:
295         (WebCore::DisplayRefreshMonitor::~DisplayRefreshMonitor):
296         (WebCore::DisplayRefreshMonitor::displayLinkFired): Don't bail early
297         if not scheduled; we want to call handleDisplayRefreshedNotificationOnMainThread(),
298
299 2012-05-11  Pavel Feldman  <pfeldman@chromium.org>
300
301         Web Inspector: move canEditScriptSource and setScriptSource from DebuggerPresentationModel into ResourceBinding
302         https://bugs.webkit.org/show_bug.cgi?id=86234
303
304         Reviewed by Vsevolod Vlasov.
305
306         Simple move refactoring.
307
308         * inspector/front-end/DebuggerPresentationModel.js:
309         (WebInspector.DebuggerPresentationModel):
310         (WebInspector.DebuggerResourceBinding):
311         (WebInspector.DebuggerResourceBinding.canEditScriptSource):
312         (WebInspector.DebuggerResourceBinding.setScriptSource.didEditScriptSource):
313         (WebInspector.DebuggerResourceBinding.setScriptSource):
314         (WebInspector.DebuggerResourceBinding.prototype.canSetContent):
315         (WebInspector.DebuggerResourceBinding.prototype._uiSourceCodeForResource):
316         (WebInspector.DebuggerResourceBinding.prototype._setContentWithInitialContent):
317         * inspector/front-end/JavaScriptSourceFrame.js:
318         (WebInspector.JavaScriptSourceFrame.prototype.canEditSource):
319         (WebInspector.JavaScriptSourceFrame.prototype.editContent):
320
321 2012-05-11  Julien Chaffraix  <jchaffraix@webkit.org>
322
323         Remove RenderLayer::m_scrollOverflow
324         https://bugs.webkit.org/show_bug.cgi?id=86226
325
326         Reviewed by Simon Fraser.
327
328         No expected change in behavior.
329
330         * rendering/RenderLayer.cpp:
331         (WebCore::RenderLayer::computeScrollDimensions):
332         Added 2 local variables to compute the left / top scrollable overflows.
333
334         * rendering/RenderLayer.h:
335         (WebCore::RenderLayer::scrolledContentOffset):
336         Returned m_scrollOffset directly as this is what the old code was doing by adding
337         m_scrollOrigin then adding m_scrollOverflow (which was set to -m_scrollOrigin in
338         computeScrollDimensions).
339
340         (RenderLayer::m_scrollOffset): Improved the comment about what m_scrollOffset is.
341
342 2012-05-11  Pavel Feldman  <pfeldman@chromium.org>
343
344         Web Inspector: extract PresentationConsoleMessageHelper from DebuggerPresentationModel.
345         https://bugs.webkit.org/show_bug.cgi?id=86229
346
347         Reviewed by Vsevolod Vlasov.
348
349         This change also starts tracking messages along with the live location changes.
350
351         Tested with script-formatter-console.html.
352
353         * inspector/front-end/BreakpointManager.js:
354         * inspector/front-end/DebuggerPresentationModel.js:
355         (WebInspector.DebuggerPresentationModel):
356         (WebInspector.DebuggerPresentationModel.prototype._parsedScriptSource):
357         (WebInspector.DebuggerPresentationModel.prototype._debuggerReset):
358         (WebInspector.PresentationConsoleMessageHelper):
359         (WebInspector.PresentationConsoleMessageHelper.prototype._addPendingConsoleMessage):
360         (WebInspector.PresentationConsoleMessageHelper.prototype._parsedScriptSource):
361         (WebInspector.PresentationConsoleMessageHelper.prototype._debuggerReset):
362         (WebInspector.PresentationConsoleMessage):
363         * inspector/front-end/JavaScriptSourceFrame.js:
364         (WebInspector.JavaScriptSourceFrame.prototype.populateLineGutterContextMenu):
365         (WebInspector.JavaScriptSourceFrame.prototype._consoleMessageAdded):
366         (WebInspector.JavaScriptSourceFrame.prototype._setBreakpoint):
367
368 2012-05-11  Emil A Eklund  <eae@chromium.org>
369
370         Simplify FloatingObject by removing unnecessary convenience methods.
371         https://bugs.webkit.org/show_bug.cgi?id=86163
372
373         Reviewed by Eric Seidel.
374
375         Simplify the pixel snapping in FloatingObject by getting rid of a bunch
376         of convenience methods.
377
378         No new tests, no change in functionality.
379
380         * rendering/RenderBlock.cpp:
381         (WebCore::RenderBlock::addOverhangingFloats):
382         (WebCore::RenderBlock::addIntrudingFloats):
383         (WebCore::RenderBlock::FloatingObjects::intervalForFloatingObject):
384         (WebCore::::string):
385         * rendering/RenderBlock.h:
386         (FloatingObject):
387         (WebCore::RenderBlock::pixelSnappedLogicalTopForFloat):
388         (WebCore::RenderBlock::pixelSnappedLogicalBottomForFloat):
389         (WebCore::RenderBlock::pixelSnappedLogicalLeftForFloat):
390         (WebCore::RenderBlock::pixelSnappedLogicalRightForFloat):
391
392 2012-05-11  Ian Vollick  <vollick@chromium.org>
393
394         [chromium] Ensure that animations continue to run when transform-style is changed
395         https://bugs.webkit.org/show_bug.cgi?id=83283
396
397         Make sure that we transfer animations when changing layers due to a transform-style change.
398         Unit tested in GraphicsLayerChromiumTest.updateLayerPreserves3DWithAnimations
399
400         Reviewed by James Robinson.
401
402         Test: animations/change-transform-style-during-animation.html
403
404         * platform/graphics/chromium/GraphicsLayerChromium.cpp:
405         (WebCore::GraphicsLayerChromium::updateLayerPreserves3D):
406         * platform/graphics/chromium/LayerChromium.cpp:
407         (WebCore::LayerChromium::setLayerAnimationController):
408         (WebCore::LayerChromium::releaseLayerAnimationController):
409         (WebCore):
410         (WebCore::LayerChromium::notifyAnimationStarted):
411         * platform/graphics/chromium/LayerChromium.h:
412         (LayerChromium):
413         * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:
414         (WebCore::CCLayerAnimationController::CCLayerAnimationController):
415         (WebCore::CCLayerAnimationController::pushAnimationUpdatesTo):
416         (WebCore::CCLayerAnimationController::notifyAnimationStarted):
417         (WebCore::CCLayerAnimationController::setClient):
418         (WebCore):
419         (WebCore::CCLayerAnimationController::pushNewAnimationsToImplThread):
420         (WebCore::CCLayerAnimationController::replaceImplThreadAnimations):
421         * platform/graphics/chromium/cc/CCLayerAnimationController.h:
422         (CCLayerAnimationController):
423         (WebCore::CCLayerAnimationController::setForceSync):
424
425 2012-05-11  Tommy Widenflycht  <tommyw@google.com>
426
427         MediaStream API: Fix a reference counting issue in UserMediaRequest
428         https://bugs.webkit.org/show_bug.cgi?id=86210
429
430         Reviewed by Abhishek Arya.
431
432         When contextDestroyed() is called on UserMediaRequest it does a callback to the
433         page client. If the receiving code clears their stored copy the UserMediaRequest
434         object is destroyed in the middle of the call.
435
436         Currently only testable manually against chrome, preferably with asan turned on.
437         I have added a manual test that verifies the fix, but I have started work
438         to make DumpRenderTree able to test this and many other things. The first patch is here:
439         https://bugs.webkit.org/show_bug.cgi?id=86215
440
441         * Modules/mediastream/UserMediaRequest.cpp:
442         (WebCore::UserMediaRequest::contextDestroyed):
443
444 2012-05-11  Min Qin  <qinmin@google.com>
445
446         split MediaPlayer::enterFullscreen into 2 seperate functions
447         https://bugs.webkit.org/show_bug.cgi?id=86052
448
449         Reviewed by Adam Barth.
450
451         It is confusing that enterFullscreen returns a boolean while exitFullscreen does
452         not do the same. And ios does not need the return value.
453         So remove the return value on enterFullscreen and make a seperate canEnterFullscreen()
454         function for android.
455         No tests as there are no behavior change, just refactoring.
456
457         * platform/graphics/MediaPlayer.cpp:
458         (WebCore::MediaPlayer::enterFullscreen):
459         (WebCore):
460         (WebCore::MediaPlayer::canEnterFullscreen):
461         * platform/graphics/MediaPlayer.h:
462         (MediaPlayer):
463         * platform/graphics/MediaPlayerPrivate.h:
464         (WebCore::MediaPlayerPrivateInterface::enterFullscreen):
465         (MediaPlayerPrivateInterface):
466         (WebCore::MediaPlayerPrivateInterface::canEnterFullscreen):
467
468 2012-05-11  Pavel Feldman  <pfeldman@chromium.org>
469
470         Web Inspector: move breakpoint manager from debuggerPresentationModel to WebInspector.
471         https://bugs.webkit.org/show_bug.cgi?id=86220
472
473         Reviewed by Yury Semikhatsky.
474
475         Now that breakpoint manager does not depend on the source mapping instance from the
476         debugger presentation model, it can be moved out.
477
478         * inspector/front-end/DebuggerPresentationModel.js:
479         (WebInspector.DebuggerPresentationModel):
480         * inspector/front-end/JavaScriptSource.js:
481         (WebInspector.JavaScriptSource):
482         (WebInspector.JavaScriptSource.prototype.setFormatted.didGetContent.didFormatContent):
483         (WebInspector.JavaScriptSource.prototype.setFormatted.didGetContent):
484         (WebInspector.JavaScriptSource.prototype.setFormatted):
485         * inspector/front-end/JavaScriptSourceFrame.js:
486         (WebInspector.JavaScriptSourceFrame):
487         * inspector/front-end/ScriptsPanel.js:
488         * inspector/front-end/inspector.js:
489
490 2012-05-11  David Reveman  <reveman@chromium.org>
491
492         [Chromium] Move instantiation of texture uploader to LayerRendererChromium.
493         https://bugs.webkit.org/show_bug.cgi?id=85893
494
495         Reviewed by Adrienne Walker.
496
497         Move instantiation of texture uploader to LayerRendererChromium and
498         allow CCProxy to decide between a throttled or unthrottled uploader
499         using a flag passed to the LayerRendererChromium constructor.
500
501         * platform/graphics/chromium/LayerRendererChromium.cpp:
502         (WebCore::LayerRendererChromium::create):
503         (WebCore::LayerRendererChromium::LayerRendererChromium):
504         (WebCore::LayerRendererChromium::initializeSharedObjects):
505         * platform/graphics/chromium/LayerRendererChromium.h:
506         (LayerRendererChromium):
507         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
508         (WebCore::CCLayerTreeHostImpl::initializeLayerRenderer):
509         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
510         (CCLayerTreeHostImpl):
511         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
512         (WebCore::CCSingleThreadProxy::initializeLayerRenderer):
513         (WebCore::CCSingleThreadProxy::recreateContext):
514         * platform/graphics/chromium/cc/CCThreadProxy.cpp:
515         (WebCore::CCThreadProxy::initializeLayerRendererOnImplThread):
516         (WebCore::CCThreadProxy::recreateContextOnImplThread):
517
518 2012-05-10  Pavel Feldman  <pfeldman@chromium.org>
519
520         Web Inspector: pass source mapping into UISourceCode's constructor; move formatting outside mapping.
521         https://bugs.webkit.org/show_bug.cgi?id=86099
522
523         Reviewed by Vsevolod Vlasov.
524
525         This changes moves formatting out of the source mapping machinery.
526         As a result, it removes most of the DebuggerPresentation's mapping-related code as well
527         as most of the raw source code's code.
528
529         * inspector/front-end/BreakpointManager.js:
530         (WebInspector.BreakpointManager):
531         (WebInspector.BreakpointManager.prototype.restoreBreakpoints):
532         (WebInspector.BreakpointManager.Breakpoint):
533         * inspector/front-end/CallStackSidebarPane.js:
534         (WebInspector.CallStackSidebarPane.prototype.setStatus):
535         * inspector/front-end/CompilerScriptMapping.js:
536         * inspector/front-end/DebuggerPresentationModel.js:
537         (WebInspector.DebuggerPresentationModel):
538         (WebInspector.DebuggerPresentationModel.prototype._callFrameSelected):
539         (WebInspector.DebuggerPresentationModel.prototype._handleUISourceCodeListChanged):
540         (WebInspector.DebuggerPresentationModel.prototype.continueToLine):
541         * inspector/front-end/JavaScriptSource.js:
542         (WebInspector.JavaScriptSource):
543         (WebInspector.JavaScriptSource.prototype.fireContentAvailable):
544         (WebInspector.JavaScriptSource.prototype.setFormatted.if):
545         (WebInspector.JavaScriptSource.prototype.setFormatted.didGetContent.didFormatContent):
546         (WebInspector.JavaScriptSource.prototype.setFormatted.didGetContent):
547         (WebInspector.JavaScriptSource.prototype.setFormatted):
548         (WebInspector.JavaScriptSource.prototype.togglingFormatter):
549         (WebInspector.JavaScriptSource.prototype.uiLocationToRawLocation):
550         (WebInspector.JavaScriptSource.prototype.overrideLocation):
551         (WebInspector.JavaScriptSource.prototype.breakpointStorageId):
552         (WebInspector):
553         * inspector/front-end/JavaScriptSourceFrame.js:
554         (WebInspector.JavaScriptSourceFrame.prototype._onContentChanged):
555         (WebInspector.JavaScriptSourceFrame.prototype._breakpointRemoved):
556         * inspector/front-end/RawSourceCode.js:
557         (WebInspector.RawSourceCode):
558         (WebInspector.RawSourceCode.prototype.addScript):
559         (WebInspector.RawSourceCode.prototype.rawLocationToUILocation):
560         (WebInspector.RawSourceCode.prototype._createUISourceCode):
561         (WebInspector.RawSourceCode.prototype.uiLocationToRawLocation):
562         (WebInspector.RawSourceCode.prototype.uiSourceCode):
563         (WebInspector.RawSourceCode.prototype._finishedLoading):
564         * inspector/front-end/ResourceScriptMapping.js:
565         (WebInspector.ResourceScriptMapping):
566         (WebInspector.ResourceScriptMapping.prototype.addScript):
567         (WebInspector.ResourceScriptMapping.prototype._handleUISourceCodeChanged):
568         (WebInspector.ResourceScriptMapping.prototype._uiSourceCodeChanged):
569         * inspector/front-end/Script.js:
570         (WebInspector.Script.prototype.rawLocationToUILocation):
571         * inspector/front-end/ScriptFormatter.js:
572         (WebInspector.ScriptFormatter.prototype._didFormatContent):
573         (WebInspector.FormatterSourceMapping):
574         (WebInspector.FormatterSourceMapping.prototype.originalToFormatted):
575         (WebInspector.FormatterSourceMapping.prototype.formattedToOriginal):
576         (WebInspector.IdentityFormatterSourceMapping):
577         (WebInspector.IdentityFormatterSourceMapping.prototype.originalToFormatted):
578         (WebInspector.IdentityFormatterSourceMapping.prototype.formattedToOriginal):
579         (WebInspector.FormatterSourceMappingImpl):
580         (WebInspector.FormatterSourceMappingImpl.prototype.originalToFormatted):
581         (WebInspector.FormatterSourceMappingImpl.prototype.formattedToOriginal):
582         * inspector/front-end/ScriptMapping.js:
583         (WebInspector.MainScriptMapping):
584         (WebInspector.MainScriptMapping.prototype._handleUISourceCodeListChanged):
585         (WebInspector.MainScriptMapping.prototype.reset):
586         * inspector/front-end/ScriptsPanel.js:
587         (WebInspector.ScriptsPanel.prototype._handleUISourceCodeAdded):
588         (WebInspector.ScriptsPanel.prototype.showFunctionDefinition):
589         (WebInspector.ScriptsPanel.prototype._showFile):
590         (WebInspector.ScriptsPanel.prototype._revealExecutionLine):
591         (WebInspector.ScriptsPanel.prototype._toggleFormatSource):
592         * inspector/front-end/ScriptsSearchScope.js:
593         (WebInspector.ScriptsSearchResultsPane.prototype.createAnchor):
594         * inspector/front-end/SnippetsModel.js:
595         (WebInspector.SnippetsScriptMapping.prototype._snippetAdded):
596         (WebInspector.SnippetsScriptMapping.prototype._createUISourceCodeForScript):
597         * inspector/front-end/UISourceCode.js:
598         (WebInspector.UISourceCode):
599         (WebInspector.UISourceCode.prototype.requestContent):
600         (WebInspector.UISourceCode.prototype.mimeType):
601         (WebInspector.UISourceCode.prototype.content):
602         (WebInspector.UISourceCode.prototype.fireContentAvailable):
603         (WebInspector.UISourceCode.prototype.contentLoaded):
604         (WebInspector.UISourceCode.prototype.uiLocationToRawLocation):
605
606 2012-05-11  Dominik Röttsches  <dominik.rottsches@intel.com>
607
608         [EFL][DRT] Input Attribute Placeholder RefTests failing
609         https://bugs.webkit.org/show_bug.cgi?id=85603
610
611         Unreviewed, build fix for EFL.
612
613         * platform/efl/RenderThemeEfl.cpp:
614
615 2012-05-11  Alexei Filippov  <alexeif@chromium.org>
616
617         Web Inspector: Remove support of combined nodes and edges serialization schema.
618         https://bugs.webkit.org/show_bug.cgi?id=86209
619
620         Reviewed by Yury Semikhatsky.
621
622         * inspector/front-end/HeapSnapshot.js:
623         (WebInspector.HeapSnapshotNode.prototype.get _nodes):
624         (WebInspector.HeapSnapshotNode.prototype._edgeIndexesStart):
625         (WebInspector.HeapSnapshotNode.prototype._edgeIndexesEnd):
626         (WebInspector.HeapSnapshot):
627         (WebInspector.HeapSnapshot.prototype._init):
628         (WebInspector.HeapSnapshot.prototype._buildRetainers):
629         (WebInspector.HeapSnapshot.prototype._bfs):
630         (WebInspector.HeapSnapshot.prototype._buildAggregates):
631         (WebInspector.HeapSnapshot.prototype._calculateClassesRetainedSize):
632         (WebInspector.HeapSnapshot.prototype._buildDominatedNodes):
633         * inspector/front-end/HeapSnapshotLoader.js:
634         (WebInspector.HeapSnapshotLoader.prototype.pushJSONChunk):
635
636 2012-05-11  Yury Semikhatsky  <yurys@chromium.org>
637
638         Web Inspector: add Profiler.getHeapObjectId command
639         https://bugs.webkit.org/show_bug.cgi?id=86211
640
641         Reviewed by Pavel Feldman.
642
643         Added Profiler.getHeapObjectId command to the protocol which allows to convert remote
644         object id to heap snapshot object id.
645
646         * bindings/js/ScriptProfiler.cpp:
647         (WebCore::ScriptProfiler::getHeapObjectId):
648         (WebCore):
649         * bindings/js/ScriptProfiler.h:
650         (WebCore):
651         (ScriptProfiler):
652         * bindings/v8/ScriptProfiler.cpp:
653         (WebCore::ScriptProfiler::getHeapObjectId):
654         (WebCore):
655         * bindings/v8/ScriptProfiler.h:
656         (WebCore):
657         (ScriptProfiler):
658         * inspector/InjectedScript.cpp:
659         (WebCore::InjectedScript::findObjectById):
660         (WebCore):
661         * inspector/InjectedScript.h:
662         (InjectedScript):
663         * inspector/InjectedScriptSource.js:
664         (.):
665         * inspector/Inspector.json:
666         * inspector/InspectorProfilerAgent.cpp:
667         (WebCore::InspectorProfilerAgent::getHeapObjectId):
668         (WebCore):
669         * inspector/InspectorProfilerAgent.h:
670         (InspectorProfilerAgent):
671
672 2012-05-11  Allan Sandfeld Jensen  <allan.jensen@nokia.com>
673
674         Qt support for new layout types.
675         https://bugs.webkit.org/show_bug.cgi?id=85607
676
677         Reviewed by Simon Hausmann.
678
679         Adds similar Qt support to FractionalLayout classes as Qt has for
680         FloatSomething and IntSomething classes. This means Qt code can stay
681         unchanged from after the redefinition of Layout classes.
682
683         No new functionality. No new tests.
684
685         * Target.pri:
686         * platform/FractionalLayoutUnit.h:
687         (WebCore::operator<<):
688         (WebCore::operator>>):
689         * platform/graphics/FractionalLayoutPoint.h:
690         (FractionalLayoutPoint):
691         * platform/graphics/FractionalLayoutRect.h:
692         (FractionalLayoutRect):
693         * platform/graphics/FractionalLayoutSize.h:
694         (FractionalLayoutSize):
695         * platform/graphics/qt/FractionalLayoutPointQt.cpp: Added.
696         (WebCore::FractionalLayoutPoint::FractionalLayoutPoint):
697         (WebCore::FractionalLayoutPoint::operator QPointF):
698         * platform/graphics/qt/FractionalLayoutRectQt.cpp: Added.
699         (WebCore::FractionalLayoutRect::FractionalLayoutRect):
700         (WebCore::FractionalLayoutRect::operator QRectF):
701         * platform/graphics/qt/FractionalLayoutSizeQt.cpp: Added.
702         (WebCore::FractionalLayoutSize::FractionalLayoutSize):
703         (WebCore::FractionalLayoutSize::operator QSizeF):
704
705 2012-05-11  Allan Sandfeld Jensen  <allan.jensen@nokia.com>
706
707         Internals::touchPositionAdjustedToBestClickableNode adjust twice for scroll-offset
708         https://bugs.webkit.org/show_bug.cgi?id=86205
709
710         Reviewed by Simon Hausmann.
711
712         Remove the redundant conversion from document to window coords.
713
714         Test: touchadjustment/scroll-offset.html
715
716         * testing/Internals.cpp:
717         (WebCore::Internals::touchPositionAdjustedToBestClickableNode):
718         (WebCore::Internals::bestZoomableAreaForTouchPoint):
719
720 2012-05-11  Ilya Tikhonovsky  <loislo@chromium.org>
721
722         Web Inspector: load heap snapshot implementation.
723         https://bugs.webkit.org/show_bug.cgi?id=86097
724
725         The idea is to have a hidden file selector control.
726         When the user select a context menu item or click a button
727         we redirect this user-action to file selector.
728         As result we see the standard file selector dialog.
729         When the user selects a file we load it's chunks and push the chunks to the worker.
730         The loaded snapshot can be completely unrelated to the current page.
731         Thats why we have to skip range selection options in Summary tab.
732
733         Reviewed by Yury Semikhatsky.
734
735         * English.lproj/localizedStrings.js:
736         * inspector/front-end/CSSSelectorProfileView.js:
737         (WebInspector.CSSSelectorProfileType.prototype.createTemporaryProfile): now it accepts a custom title.
738         * inspector/front-end/HeapSnapshotView.js:
739         (WebInspector.HeapSnapshotView.prototype._updateFilterOptions): we have to skip the profiles loaded from file because there is no guaranty t
740         (WebInspector.HeapSnapshotProfileType.prototype.createTemporaryProfile): now it accepts a custom title.
741         (WebInspector.HeapSnapshotProfileType.prototype.createProfile): cosmetic changes.
742         (WebInspector.HeapProfileHeader):
743         (WebInspector.HeapProfileHeader.prototype._setupWorker): a common part was extracted from load method and reused in loadFromFile.
744         (WebInspector.HeapProfileHeader.prototype._saveStatusUpdate): cosmetic changes.
745         (WebInspector.HeapProfileHeader.prototype.finishHeapSnapshot):
746         (WebInspector.HeapProfileHeader.prototype.canSaveToFile): cosmetic rename for better consistency with 'load' part.
747         (WebInspector.HeapProfileHeader.prototype.saveToFile): cosmetic rename for better consistency with 'load' part.
748         (WebInspector.HeapProfileHeader.prototype.canLoadFromFile): cosmetic rename for better consistency with 'load' part.
749         (WebInspector.HeapProfileHeader.prototype.loadFromFile): chunk based file loader.
750         (WebInspector.HeapProfileHeader.prototype.loadFromFile.loadNextChunk):
751         (WebInspector.HeapProfileHeader.prototype.loadFromFile.onLoad):
752         * inspector/front-end/ProfileView.js:
753         (WebInspector.CPUProfileType.prototype.createTemporaryProfile): now it accepts a custom title.
754         * inspector/front-end/ProfilesPanel.js:
755         (WebInspector.ProfileType.prototype.createTemporaryProfile): now it accepts a custom title.
756         (WebInspector.ProfileHeader.prototype.canSaveToFile): cosmetic rename for better consistency with 'load' part.
757         (WebInspector.ProfileHeader.prototype.saveToFile): cosmetic rename for better consistency with 'load' part.
758         (WebInspector.ProfileHeader.prototype.canLoadFromFile): default implementation for 'load' part.
759         (WebInspector.ProfileHeader.prototype.loadFromFile): default implementation for 'load' part.
760         (WebInspector.ProfilesPanel.prototype._createFileSelectorElement):
761         (WebInspector.ProfilesPanel.prototype._loadFromFile):
762         (WebInspector.ProfileSidebarTreeElement.prototype.handleContextMenuEvent):
763
764 2012-05-11  Dominik Röttsches  <dominik.rottsches@intel.com>
765
766         [EFL][DRT] Input Attribute Placeholder RefTests failing
767         https://bugs.webkit.org/show_bug.cgi?id=85603
768
769         Reviewed by Hajime Morita.
770
771         Refrain from overriding style coloring by theme coloring.
772         RenderThemeEfl was always overriding colors and whitespace
773         handling leading to failures in reftests that verify placeholder styling
774         which expect the user agent stylesheet to be applied correctly
775         without any color overrides. Also, leave whitespace handling untouched.
776
777         No new tests, covered by existing tests. See also
778         the LayoutTests/ChangeLog in this commit for the required
779         rebaselining.
780
781         * platform/efl/RenderThemeEfl.cpp:
782         (WebCore::RenderThemeEfl::createEdje):
783         (WebCore::RenderThemeEfl::applyEdjeColors):
784         (WebCore::RenderThemeEfl::RenderThemeEfl):
785         (WebCore::RenderThemeEfl::adjustButtonStyle):
786         (WebCore::RenderThemeEfl::adjustMenuListStyle):
787         (WebCore::RenderThemeEfl::adjustTextFieldStyle):
788         (WebCore::RenderThemeEfl::adjustSearchFieldStyle):
789         * platform/efl/RenderThemeEfl.h:
790         (RenderThemeEfl):
791
792 2012-05-11  Christophe Dumez  <christophe.dumez@intel.com>
793
794         Web Intents code only supports V8
795         https://bugs.webkit.org/show_bug.cgi?id=85954
796
797         Reviewed by Adam Barth.
798
799         Add necessary abstraction for js Dictionary and ScriptValue so that
800         the Web Intents code in WebCore compiles with JSC, not just V8.
801
802         This required changes in the JSC bindings generator to pass
803         callback arguments of type SerializedScriptValue as raw pointers
804         instead of RefPtr. This matches the change made to the V8 bindings
805         generator in r104531.
806
807         * CMakeLists.txt:
808         * Modules/intents/Intent.cpp:
809         * Modules/intents/Intent.h:
810         * bindings/js/Dictionary.cpp:
811         (WebCore::Dictionary::Dictionary):
812         (WebCore):
813         (WebCore::Dictionary::getOwnPropertiesAsStringHashMap):
814         * bindings/js/Dictionary.h:
815         (Dictionary):
816         * bindings/js/JSBindingsAllInOne.cpp:
817         * bindings/js/JSDictionary.cpp:
818         (WebCore::JSDictionary::convertValue):
819         (WebCore):
820         * bindings/js/JSDictionary.h:
821         (WebCore):
822         (WebCore::JSDictionary::initializerObject):
823         * bindings/js/ScriptValue.cpp:
824         (WebCore::ScriptValue::serialize):
825         (WebCore):
826         * bindings/js/ScriptValue.h:
827         (ScriptValue):
828         * bindings/scripts/CodeGeneratorJS.pm:
829         (AddIncludesForType):
830         (GenerateCallbackHeader):
831         (GenerateCallbackImplementation):
832         (GetNativeTypeForCallbacks):
833
834 2012-05-11  Alexander Pavlov  <apavlov@chromium.org>
835
836         Web Inspector: Can't type spaces in "Override User Agent" field
837         https://bugs.webkit.org/show_bug.cgi?id=86202
838
839         Reviewed by Yury Semikhatsky.
840
841         * inspector/front-end/HelpScreen.js:
842         (WebInspector.HelpScreen.prototype.isClosingKey):
843         (WebInspector.HelpScreen.prototype._onKeyDown):
844         * inspector/front-end/SettingsScreen.js:
845         (WebInspector.SettingsScreen.prototype.isClosingKey):
846
847 2012-05-11  Dominik Röttsches  <dominik.rottsches@intel.com>
848
849         [EFL][DRT] Input Attribute Placeholder RefTests failing
850         https://bugs.webkit.org/show_bug.cgi?id=85603
851
852         Reviewed by Hajime Morita.
853
854         Refrain from overriding style coloring by theme coloring.
855         RenderThemeEfl was always overriding colors and whitespace
856         handling leading to failures in reftests that verify placeholder styling
857         which expect the user agent stylesheet to be applied correctly
858         without any color overrides. Also, leave whitespace handling untouched.
859
860         No new tests, covered by existing tests. See also
861         the LayoutTests/ChangeLog in this commit for the required
862         rebaselining.
863
864         * platform/efl/RenderThemeEfl.cpp:
865         (WebCore::RenderThemeEfl::createEdje):
866         (WebCore::RenderThemeEfl::applyEdjeColors):
867         (WebCore::RenderThemeEfl::RenderThemeEfl):
868         (WebCore::RenderThemeEfl::adjustButtonStyle):
869         (WebCore::RenderThemeEfl::adjustMenuListStyle):
870         (WebCore::RenderThemeEfl::adjustTextFieldStyle):
871         (WebCore::RenderThemeEfl::adjustSearchFieldStyle):
872         * platform/efl/RenderThemeEfl.h:
873         (RenderThemeEfl):
874
875 2012-05-11  Gustavo Noronha Silva  <gns@gnome.org>
876
877         REGRESSION(r116205): [GTK]: build no longer supports thin archives
878         https://bugs.webkit.org/show_bug.cgi?id=86207
879
880         * GNUmakefile.am: go back to not linking libWebCoreModules into
881         libWebCore; when linking 2 convenience libraries libtools tries to
882         extract the object files from one of them to add to the other, breaking
883         thin archive builds
884
885 2012-05-11  Keishi Hattori  <keishi@webkit.org>
886
887         Sanitization algorithm for input type=email should strip whitespaces
888         https://bugs.webkit.org/show_bug.cgi?id=86177
889
890         Reviewed by Kent Tamura.
891
892         No new tests. Covered by: fast/forms/ValidityState-typeMismatch-email.html
893
894         The spec says that the value sanitization algorithm should
895         > Strip line breaks from the value, then strip leading and trailing whitespace from the value.
896
897         * html/EmailInputType.cpp:
898         (WebCore::EmailInputType::sanitizeValue):
899
900 2012-05-11  Sheriff Bot  <webkit.review.bot@gmail.com>
901
902         Unreviewed, rolling out r116752.
903         http://trac.webkit.org/changeset/116752
904         https://bugs.webkit.org/show_bug.cgi?id=86201
905
906         Build failure on Chromium-mac (Requested by tkent on #webkit).
907
908         * html/FormAssociatedElement.cpp:
909         * html/FormAssociatedElement.h:
910         (FormAssociatedElement):
911         * html/HTMLFormControlElement.cpp:
912         (WebCore::HTMLFormControlElement::setCustomValidity):
913         * html/HTMLFormControlElement.h:
914         (HTMLFormControlElement):
915         * html/HTMLInputElement.cpp:
916         (WebCore::HTMLInputElement::isValidValue):
917         (WebCore::HTMLInputElement::typeMismatch):
918         (WebCore::HTMLInputElement::valueMissing):
919         (WebCore::HTMLInputElement::patternMismatch):
920         (WebCore::HTMLInputElement::rangeUnderflow):
921         (WebCore::HTMLInputElement::rangeOverflow):
922         (WebCore::HTMLInputElement::minimum):
923         (WebCore::HTMLInputElement::maximum):
924         (WebCore::HTMLInputElement::stepMismatch):
925         (WebCore::HTMLInputElement::minimumString):
926         (WebCore::HTMLInputElement::maximumString):
927         (WebCore):
928         (WebCore::HTMLInputElement::stepBaseString):
929         (WebCore::HTMLInputElement::stepString):
930         (WebCore::HTMLInputElement::typeMismatchText):
931         (WebCore::HTMLInputElement::valueMissingText):
932         (WebCore::HTMLInputElement::isInRange):
933         (WebCore::HTMLInputElement::isOutOfRange):
934         * html/HTMLInputElement.h:
935         (HTMLInputElement):
936         * html/HTMLObjectElement.h:
937         (WebCore::HTMLObjectElement::setCustomValidity):
938         * html/HTMLSelectElement.cpp:
939         (WebCore::HTMLSelectElement::valueMissing):
940         * html/HTMLSelectElement.h:
941         (HTMLSelectElement):
942         * html/HTMLTextAreaElement.cpp:
943         * html/HTMLTextAreaElement.h:
944         (WebCore::HTMLTextAreaElement::valueMissing):
945         (HTMLTextAreaElement):
946         * html/InputType.cpp:
947         (WebCore::InputType::alignValueForStep):
948         (WebCore::InputType::stepUpFromRenderer):
949         * html/InputType.h:
950         (InputType):
951         * html/ValidityState.cpp:
952         (WebCore::ValidityState::validationMessage):
953         (WebCore):
954         (WebCore::ValidityState::setCustomErrorMessage):
955         (WebCore::ValidityState::valueMissing):
956         (WebCore::ValidityState::typeMismatch):
957         (WebCore::ValidityState::patternMismatch):
958         (WebCore::ValidityState::tooLong):
959         (WebCore::ValidityState::rangeUnderflow):
960         (WebCore::ValidityState::rangeOverflow):
961         (WebCore::ValidityState::stepMismatch):
962         (WebCore::ValidityState::customError):
963         (WebCore::ValidityState::valid):
964         * html/ValidityState.h:
965         (ValidityState):
966
967 2012-05-11  Alexander Pavlov  <apavlov@chromium.org>
968
969         Web Inspector: Search box doesn't allow CSS selectors anymore
970         https://bugs.webkit.org/show_bug.cgi?id=86196
971
972         Reviewed by Pavel Feldman.
973
974         Refactoring in http://trac.webkit.org/changeset/99983 inadvertently removed the selector matching during
975         node search in the InspectorDOMAgent. This change re-introduces the Document::querySelectorAll() evaluation
976         for the user query.
977
978         * inspector/InspectorDOMAgent.cpp:
979         (WebCore::InspectorDOMAgent::performSearch):
980
981 2012-05-11  Sheriff Bot  <webkit.review.bot@gmail.com>
982
983         Unreviewed, rolling out r116527.
984         http://trac.webkit.org/changeset/116527
985         https://bugs.webkit.org/show_bug.cgi?id=86199
986
987         Causing crashes on ClusterFuzz (Requested by inferno-sec on
988         #webkit).
989
990         * rendering/RenderScrollbar.cpp:
991         (WebCore::RenderScrollbar::updateScrollbarPart):
992         * rendering/RenderScrollbarPart.h:
993
994 2012-05-11  Yoshifumi Inoue  <yosin@chromium.org>
995
996         [Forms] Move ValidityState methods implementation to another place
997         https://bugs.webkit.org/show_bug.cgi?id=86058
998
999         Reviewed by Kent Tamura.
1000
1001         This patch changes ValidityState class for limiting scope of
1002         number/range input type related methods for introducing decimal
1003         arithmetic.
1004
1005         Methods related to validation are moved from ValidateState to
1006         input, select and textarea elements with virtual method based
1007         dispatching via FormAssociateElement instead of tag name
1008         dispatching so far for code simplification.
1009
1010         No new tests. This patch doesn't change behavior.
1011
1012         * html/FormAssociatedElement.cpp:
1013         (WebCore::FormAssociatedElement::customError): Added. Called from ValidateState. Returns custom error mssage in member variable.
1014         (WebCore::FormAssociatedElement::patternMismatch): Added.  Called from ValidateState. This is default implementation.
1015         (WebCore::FormAssociatedElement::rangeOverflow): Added.  Called from ValidateState. This is default implementation.
1016         (WebCore::FormAssociatedElement::rangeUnderflow): Added.  Called from ValidateState. This is default implementation.
1017         (WebCore::FormAssociatedElement::stepMismatch): Added.  Called from ValidateState. This is default implementation.
1018         (WebCore::FormAssociatedElement::tooLong): Added.  Called from ValidateState. This is default implementation.
1019         (WebCore::FormAssociatedElement::typeMismatch): Added.  Called from ValidateState. This is default implementation.
1020         (WebCore::FormAssociatedElement::valid): Added.  Called from ValidateState. This is default implementation.
1021         (WebCore::FormAssociatedElement::valueMissing): Added.  Called from ValidateState. This is default implementation.
1022         (WebCore::FormAssociatedElement::customValidationMessage): Added.  Called from ValidateState. This is default implementation.
1023         (WebCore::FormAssociatedElement::validationMessage): Added.  Called from ValidateState. This is default implementation.
1024         (WebCore::FormAssociatedElement::setCustomValidity): Added.  set custom error message.
1025         * html/FormAssociatedElement.h:
1026         (FormAssociatedElement): Added new instance value m_customValidationMessage.
1027         * html/HTMLFormControlElement.cpp:
1028         (WebCore::HTMLFormControlElement::setCustomValidity): Changed. Calls base class setCustomValidity.
1029         * html/HTMLFormControlElement.h:
1030         (HTMLFormControlElement):
1031         * html/HTMLInputElement.cpp:
1032         (WebCore::HTMLInputElement::isValidValue): Call m_inputType methods instead of HTMLInputElement's.
1033         (WebCore::HTMLInputElement::tooLong): Call m_inputType methods instead of HTMLInputElement's.
1034         (WebCore):
1035         (WebCore::HTMLInputElement::typeMismatch): Move implementation to InputType.
1036         (WebCore::HTMLInputElement::valueMissing):  Move implementation to InputType.
1037         (WebCore::HTMLInputElement::patternMismatch): Move implementation to InputType.
1038         (WebCore::HTMLInputElement::rangeUnderflow): Move implementation to InputType.
1039         (WebCore::HTMLInputElement::rangeOverflow): Move implementation to InputType.
1040         (WebCore::HTMLInputElement::validationMessage): Move implementation to InputType.
1041         (WebCore::HTMLInputElement::stepMismatch): Move implementation to InputType.
1042         (WebCore::HTMLInputElement::isInRange): Call m_inputType methods instead of HTMLInputElement's.
1043         (WebCore::HTMLInputElement::isOutOfRange): Call m_inputType methods instead of HTMLInputElement's.
1044         * html/HTMLInputElement.h:
1045         (HTMLInputElement): Make tooLong method private.
1046         * html/HTMLObjectElement.h: Add "virtual" and "OVERRIDE".
1047         * html/HTMLSelectElement.cpp:
1048         (WebCore::HTMLSelectElement::validationMessage): Added. Implementation for HTMLSelectElement.
1049         (WebCore::HTMLSelectElement::valueMissing): Added. Implementation for HTMLSelectElement.
1050         * html/HTMLSelectElement.h:
1051         (HTMLSelectElement):  Added entries for newly added methods.
1052         * html/HTMLTextAreaElement.cpp:
1053         (WebCore::HTMLTextAreaElement::validationMessage): Added. Implementation for HTMLTextAreaElement.
1054         (WebCore::HTMLTextAreaElement::valueMissing): Added. Implementation for HTMLTextAreaElement.
1055         (WebCore::HTMLTextAreaElement::tooLong): Added. Implementation for HTMLTextAreaElement.
1056         * html/HTMLTextAreaElement.h:
1057         (HTMLTextAreaElement): Added entries for newly added methods. Change tooLong and valueMissing private.
1058         * html/InputType.cpp:
1059         (WebCore::InputType::stepMismatch): Change method signature.
1060         (WebCore::InputType::alignValueForStep):  Changed for calling InputClass instead of HTMLINputElement.
1061         (WebCore::InputType::stepUpFromRenderer):  Added. Moved from HTMLInputElement.
1062         (WebCore::InputType::validationMessage): Added.  Moved from HTMLInputElement.
1063         * html/InputType.h:
1064         (InputType): Added entries for newly added methods and update methods signature.
1065         * html/ValidityState.cpp: Move actual implementation to FormAssociatedElement and derived classes for localizing implementation change of elements and input types.
1066         (WebCore::ValidityState::validationMessage): Changed to call FormAssociatedElement's method.
1067         (WebCore::ValidityState::valueMissing): Changed to call FormAssociatedElement's method.
1068         (WebCore::ValidityState::typeMismatch): Changed to call FormAssociatedElement's method.
1069         (WebCore::ValidityState::patternMismatch): Changed to call FormAssociatedElement's method.
1070         (WebCore::ValidityState::tooLong): Changed to call FormAssociatedElement's method.
1071         (WebCore::ValidityState::rangeUnderflow): Changed to call FormAssociatedElement's method.
1072         (WebCore::ValidityState::rangeOverflow): Changed to call FormAssociatedElement's method.
1073         (WebCore::ValidityState::stepMismatch): Changed to call FormAssociatedElement's method.
1074         (WebCore::ValidityState::customError): Changed to call FormAssociatedElement's method.
1075         (WebCore::ValidityState::valid):
1076         * html/ValidityState.h:
1077         (ValidityState): Remove custom validation message related things.
1078
1079 2012-05-11  Kent Tamura  <tkent@chromium.org>
1080
1081         Fix a build error without SVG, introduced by tab-size support.
1082
1083         * css/StyleResolver.cpp:
1084         (WebCore::StyleResolver::collectMatchingRulesForList):
1085
1086 2012-05-11  Shinya Kawanaka  <shinyak@chromium.org>
1087
1088         [Refactoring] Move Selection from DOMWindow to TreeScope.
1089         https://bugs.webkit.org/show_bug.cgi?id=82699
1090
1091         Reviewed by Ryosuke Niwa.
1092
1093         Since ShadowRoot will also manage its own version of DOMSelection, we would like to
1094         share the code among Document and DOMSelection. This patch moves DOMSelection from DOMWindow to TreeScope
1095         so that ShadowRoot can also use it.
1096
1097         No new tests, should covered by existing tests.
1098
1099         * dom/Document.cpp:
1100         (WebCore::Document::updateFocusAppearanceTimerFired):
1101         * dom/Document.h:
1102         (Document):
1103         * dom/ShadowRoot.cpp:
1104         (WebCore::ShadowRoot::selection):
1105         * dom/TreeScope.cpp:
1106         (WebCore::TreeScope::~TreeScope):
1107         (WebCore::TreeScope::getSelection):
1108         (WebCore):
1109         * dom/TreeScope.h:
1110         (WebCore):
1111         (TreeScope):
1112         * page/DOMSelection.cpp:
1113         (WebCore::DOMSelection::DOMSelection):
1114         (WebCore::DOMSelection::clearTreeScope):
1115         (WebCore):
1116         * page/DOMSelection.h:
1117         (WebCore):
1118         (WebCore::DOMSelection::create):
1119         (DOMSelection):
1120         * page/DOMWindow.cpp:
1121         (WebCore::DOMWindow::~DOMWindow):
1122         (WebCore::DOMWindow::clearDOMWindowProperties):
1123         (WebCore::DOMWindow::getSelection):
1124         * page/DOMWindow.h:
1125         (DOMWindow):
1126
1127 2012-05-04  Yury Semikhatsky  <yurys@chromium.org>
1128
1129         Web Inspector: console should allow JS execution in the context of an isolated world
1130         https://bugs.webkit.org/show_bug.cgi?id=85612
1131
1132         Reviewed by Pavel Feldman.
1133
1134         Added an option to select not only a frame but also isolated world in which
1135         to perform evaluation of the code typed into the console.
1136
1137         Each execution context can be identified using it injected script id. We call it
1138         execution context id in the protocol. Runtime agent is extended with an event that
1139         is sent when new ExecutionContext is created. The event tracking can be enabled/disabled
1140         using setReportExecutionContextCreation command.
1141
1142         * bindings/js/ScriptController.cpp:
1143         (WebCore):
1144         (WebCore::isolatedWorldToSecurityOriginMap):
1145         * bindings/js/ScriptController.h:
1146         (ScriptController):
1147         * bindings/js/ScriptState.cpp:
1148         (WebCore::isolatedWorldScriptState):
1149         (WebCore):
1150         * bindings/js/ScriptState.h:
1151         (WebCore):
1152         * bindings/v8/ScriptController.cpp:
1153         (WebCore):
1154         (WebCore::ScriptController::isolatedWorldToSecurityOriginMap):
1155         * bindings/v8/ScriptController.h:
1156         (ScriptController):
1157         * bindings/v8/ScriptState.cpp:
1158         (WebCore::isolatedWorldScriptState):
1159         (WebCore):
1160         * bindings/v8/ScriptState.h:
1161         (WebCore):
1162         * bindings/v8/V8IsolatedContext.cpp:
1163         (WebCore::V8IsolatedContext::setSecurityOrigin):
1164         * bindings/v8/V8Proxy.cpp:
1165         (WebCore::V8Proxy::setIsolatedWorldSecurityOrigin):
1166         (WebCore::V8Proxy::isolatedWorldContext):
1167         (WebCore):
1168         (WebCore::V8Proxy::isolatedWorldToSecurityOriginMap):
1169         * bindings/v8/V8Proxy.h:
1170         (V8Proxy):
1171         * inspector/CodeGeneratorInspector.py:
1172         (DomainNameFixes):
1173         * inspector/Inspector.json:
1174         * inspector/InspectorInstrumentation.cpp:
1175         (WebCore::InspectorInstrumentation::didCreateIsolatedContextImpl):
1176         (WebCore):
1177         * inspector/InspectorInstrumentation.h:
1178         (WebCore):
1179         (InspectorInstrumentation):
1180         (WebCore::InspectorInstrumentation::didCreateIsolatedContext):
1181         * inspector/InspectorRuntimeAgent.cpp:
1182         (WebCore::InspectorRuntimeAgent::evaluate):
1183         * inspector/InspectorRuntimeAgent.h:
1184         (InspectorRuntimeAgent):
1185         * inspector/InstrumentingAgents.h:
1186         (WebCore):
1187         (WebCore::InstrumentingAgents::InstrumentingAgents):
1188         (WebCore::InstrumentingAgents::pageRuntimeAgent):
1189         (WebCore::InstrumentingAgents::setPageRuntimeAgent):
1190         (InstrumentingAgents):
1191         * inspector/PageRuntimeAgent.cpp:
1192         (PageRuntimeAgentState):
1193         (WebCore):
1194         (WebCore::PageRuntimeAgent::PageRuntimeAgent):
1195         (WebCore::PageRuntimeAgent::setFrontend):
1196         (WebCore::PageRuntimeAgent::clearFrontend):
1197         (WebCore::PageRuntimeAgent::restore):
1198         (WebCore::PageRuntimeAgent::setReportExecutionContextCreation):
1199         (WebCore::PageRuntimeAgent::didCreateExecutionContext):
1200         (WebCore::PageRuntimeAgent::getScriptStateForEval):
1201         * inspector/PageRuntimeAgent.h:
1202         (WebCore):
1203         (PageRuntimeAgent):
1204         * inspector/WorkerRuntimeAgent.cpp:
1205         (WebCore::WorkerRuntimeAgent::setReportExecutionContextCreation):
1206         (WebCore::WorkerRuntimeAgent::getScriptStateForEval):
1207         * inspector/WorkerRuntimeAgent.h:
1208         (WorkerRuntimeAgent):
1209         * inspector/front-end/ConsoleView.js:
1210         (WebInspector.ConsoleView.prototype.get statusBarItems):
1211         (WebInspector.ConsoleView.prototype.addContext):
1212         (WebInspector.ConsoleView.prototype.removeContext):
1213         (WebInspector.ConsoleView.prototype._updateIsolatedWorldSelector):
1214         (WebInspector.ConsoleView.prototype._contextUpdated):
1215         (WebInspector.ConsoleView.prototype._addedExecutionContext):
1216         (WebInspector.ConsoleView.prototype._currentEvaluationContextId):
1217         (WebInspector.ConsoleView.prototype._currentEvaluationContext):
1218         (WebInspector.ConsoleView.prototype._currentIsolatedWorldId):
1219         (WebInspector.ConsoleView.prototype.evalInInspectedWindow):
1220         * inspector/front-end/ExtensionPanel.js:
1221         (WebInspector.ExtensionSidebarPane.prototype.setExpression):
1222         * inspector/front-end/ExtensionServer.js:
1223         (WebInspector.ExtensionServer.prototype._onEvaluateOnInspectedPage):
1224         * inspector/front-end/JavaScriptContextManager.js:
1225         (WebInspector.JavaScriptContextManager):
1226         (WebInspector.JavaScriptContextManager.prototype._didLoadCachedResources):
1227         (WebInspector.JavaScriptContextManager.prototype.isolatedContextCreated):
1228         (WebInspector.RuntimeDispatcher):
1229         (WebInspector.RuntimeDispatcher.prototype.isolatedContextCreated):
1230         (WebInspector.ExecutionContext):
1231         (WebInspector.ExecutionContext.comparator):
1232         (WebInspector.FrameEvaluationContext):
1233         (WebInspector.FrameEvaluationContext.prototype._frameNavigated):
1234         (WebInspector.FrameEvaluationContext.prototype._addExecutionContext):
1235         (WebInspector.FrameEvaluationContext.prototype._ensureMainWorldContextAdded):
1236         (WebInspector.FrameEvaluationContext.prototype.isolatedContexts):
1237
1238 2012-05-11  Andrey Kosyakov  <caseq@chromium.org>
1239
1240         Web Inspector: use div, not span as a parent element for ElementsTreeOutline in Audits panel
1241         https://bugs.webkit.org/show_bug.cgi?id=86188
1242
1243         Reviewed by Yury Semikhatsky.
1244
1245         We need to use <div>, not <span> as a container for ElementsTreeOutline, as latter accesses its parent offsetWidth
1246         within _treeElementFromEvent(), which returns 0 for inline elements.
1247
1248         * inspector/front-end/AuditFormatters.js:
1249         (WebInspector.AuditFormatters.node.onNodeAvailable):
1250         (WebInspector.AuditFormatters.node):
1251
1252 2012-05-11  Antti Koivisto  <antti@apple.com>
1253
1254         Inline Node::traverseNextNode
1255         https://bugs.webkit.org/show_bug.cgi?id=85844
1256
1257         Reviewed by Ryosuke Niwa.
1258         
1259         Inline traverseNextNode and traverseNextSibling to reduce entry/exit overhead and allow better code generation
1260         for many hot loops.
1261
1262         In this version only the firstChild()/nextSibling() tests are inlined and the ancestor traversal is not.
1263         
1264         Performance bots will tell if this was worthwhile.
1265
1266         * dom/ContainerNode.h:
1267         (WebCore::Node::traverseNextNode):
1268         (WebCore):
1269         (WebCore::Node::traverseNextSibling):
1270         * dom/Node.cpp:
1271         (WebCore::Node::traverseNextAncestorSibling):
1272         * dom/Node.h:
1273         (Node):
1274         * bindings/v8/RetainedDOMInfo.cpp:
1275
1276 2012-05-07  Yury Semikhatsky  <yurys@chromium.org>
1277
1278         Web Inspector: get rid of InspectorAgent::emitCommitLoadIfNeeded method
1279         https://bugs.webkit.org/show_bug.cgi?id=85708
1280
1281         Reviewed by Pavel Feldman.
1282
1283         Instead of calling emitCommitLoadIfNeeded after all agents are restored
1284         required actions are performed directly in the restore() methods.
1285
1286         * inspector/InspectorAgent.cpp:
1287         * inspector/InspectorAgent.h:
1288         (WebCore::InspectorAgent::didCommitLoadFired):
1289         * inspector/InspectorController.cpp:
1290         (WebCore::InspectorController::InspectorController):
1291         (WebCore::InspectorController::restoreInspectorStateFromCookie):
1292         * inspector/InspectorDatabaseAgent.cpp:
1293         (WebCore::InspectorDatabaseAgent::restore):
1294         * inspector/InspectorPageAgent.cpp:
1295         (WebCore::InspectorPageAgent::create):
1296         (WebCore::InspectorPageAgent::InspectorPageAgent):
1297         (WebCore::InspectorPageAgent::restore):
1298         * inspector/InspectorPageAgent.h:
1299         (WebCore):
1300         * inspector/InspectorResourceAgent.cpp:
1301         (WebCore::InspectorResourceAgent::restore):
1302
1303 2012-05-10  Andrey Kosyakov  <caseq@chromium.org>
1304
1305         Web Inspector: [Extensions API] add audit formatters for remote objects and DOM elements
1306         https://bugs.webkit.org/show_bug.cgi?id=86108
1307
1308         Reviewed by Pavel Feldman.
1309
1310        - added two new formatters to AuditResults object of webInspector.audits API;
1311
1312         * inspector/front-end/AuditFormatters.js:
1313         (WebInspector.AuditFormatters.resourceLink):
1314         (WebInspector.AuditFormatters.object.onEvaluate):
1315         (WebInspector.AuditFormatters.object): format as a remote object property list;
1316         (WebInspector.AuditFormatters.node.onNodeAvailable):
1317         (WebInspector.AuditFormatters.node.onEvaluate):
1318         (WebInspector.AuditFormatters.node): format as a DOM elements sub-tree;
1319         (WebInspector.AuditFormatters.Utilities.evaluate): common expression evaluation logic for both new formatters;
1320         * inspector/front-end/ExtensionAPI.js:
1321         (injectedExtensionAPI.AuditResultImpl):
1322         * inspector/front-end/auditsPanel.css:
1323         (.audit-result-tree ol.outline-disclosure):
1324         (.audit-result-tree .section .header):
1325         (.audit-result-tree .section .header::before):
1326
1327 2012-05-11  Sheriff Bot  <webkit.review.bot@gmail.com>
1328
1329         Unreviewed, rolling out r116727.
1330         http://trac.webkit.org/changeset/116727
1331         https://bugs.webkit.org/show_bug.cgi?id=86181
1332
1333         Build error on Chromium-Android (Requested by tkent on
1334         #webkit).
1335
1336         * platform/graphics/MediaPlayer.cpp:
1337         (WebCore::MediaPlayer::enterFullscreen):
1338         (WebCore):
1339         * platform/graphics/MediaPlayer.h:
1340         (MediaPlayer):
1341         * platform/graphics/MediaPlayerPrivate.h:
1342         (WebCore::MediaPlayerPrivateInterface::enterFullscreen):
1343         (MediaPlayerPrivateInterface):
1344
1345 2012-05-11  Sheriff Bot  <webkit.review.bot@gmail.com>
1346
1347         Unreviewed, rolling out r116731.
1348         http://trac.webkit.org/changeset/116731
1349         https://bugs.webkit.org/show_bug.cgi?id=86178
1350
1351         Build failure on Chromium-mac (Requested by tkent on #webkit).
1352
1353         * platform/graphics/chromium/LayerRendererChromium.cpp:
1354         (WebCore::LayerRendererChromium::create):
1355         (WebCore::LayerRendererChromium::LayerRendererChromium):
1356         (WebCore::LayerRendererChromium::initializeSharedObjects):
1357         * platform/graphics/chromium/LayerRendererChromium.h:
1358         (LayerRendererChromium):
1359         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
1360         (WebCore::CCLayerTreeHostImpl::initializeLayerRenderer):
1361         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
1362         (CCLayerTreeHostImpl):
1363         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
1364         (UnthrottledTextureUploader):
1365         (WebCore::UnthrottledTextureUploader::create):
1366         (WebCore::UnthrottledTextureUploader::~UnthrottledTextureUploader):
1367         (WebCore::UnthrottledTextureUploader::isBusy):
1368         (WebCore::UnthrottledTextureUploader::beginUploads):
1369         (WebCore::UnthrottledTextureUploader::endUploads):
1370         (WebCore::UnthrottledTextureUploader::uploadTexture):
1371         (WebCore::UnthrottledTextureUploader::UnthrottledTextureUploader):
1372         (WebCore):
1373         (WebCore::CCSingleThreadProxy::initializeLayerRenderer):
1374         (WebCore::CCSingleThreadProxy::recreateContext):
1375         * platform/graphics/chromium/cc/CCThreadProxy.cpp:
1376         (WebCore):
1377         (UnthrottledTextureUploader):
1378         (WebCore::UnthrottledTextureUploader::create):
1379         (WebCore::UnthrottledTextureUploader::~UnthrottledTextureUploader):
1380         (WebCore::UnthrottledTextureUploader::isBusy):
1381         (WebCore::UnthrottledTextureUploader::beginUploads):
1382         (WebCore::UnthrottledTextureUploader::endUploads):
1383         (WebCore::UnthrottledTextureUploader::uploadTexture):
1384         (WebCore::UnthrottledTextureUploader::UnthrottledTextureUploader):
1385         (WebCore::CCThreadProxy::initializeLayerRendererOnImplThread):
1386         (WebCore::CCThreadProxy::recreateContextOnImplThread):
1387
1388 2012-05-10  David Reveman  <reveman@chromium.org>
1389
1390         [Chromium] Move instantiation of texture uploader to LayerRendererChromium.
1391         https://bugs.webkit.org/show_bug.cgi?id=85893
1392
1393         Reviewed by Adrienne Walker.
1394
1395         Move instantiation of texture uploader to LayerRendererChromium and
1396         allow CCProxy to decide between a throttled or unthrottled uploader
1397         using a flag passed to the LayerRendererChromium constructor.
1398
1399         * platform/graphics/chromium/LayerRendererChromium.cpp:
1400         (WebCore::LayerRendererChromium::create):
1401         (WebCore::LayerRendererChromium::LayerRendererChromium):
1402         (WebCore::LayerRendererChromium::initializeSharedObjects):
1403         * platform/graphics/chromium/LayerRendererChromium.h:
1404         (LayerRendererChromium):
1405         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
1406         (WebCore::CCLayerTreeHostImpl::initializeLayerRenderer):
1407         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
1408         (CCLayerTreeHostImpl):
1409         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
1410         (WebCore::CCSingleThreadProxy::initializeLayerRenderer):
1411         (WebCore::CCSingleThreadProxy::recreateContext):
1412         * platform/graphics/chromium/cc/CCThreadProxy.cpp:
1413         (WebCore::CCThreadProxy::initializeLayerRendererOnImplThread):
1414         (WebCore::CCThreadProxy::recreateContextOnImplThread):
1415
1416 2012-05-10  MORITA Hajime  <morrita@google.com>
1417
1418         ElementShadow should minimize the usage of "ShadowRoot" name
1419         https://bugs.webkit.org/show_bug.cgi?id=85970
1420
1421         Reviewed by Dimitri Glazkov.
1422
1423         This change cleans two out dated assumptions which brought in at
1424         early stage of Shadow DOM implementation.
1425
1426         - Removed Element::hasShadowRoot(): shadow existence can be checked by Element::shadow().
1427         - Made ElementShadow::removeAllShadowRoots() private: we no longer allow ShadowRoot removal.
1428           It can only happens at the ElementShadow destruction.
1429
1430         Most of changes in element implementations are basically simple
1431         replacement from hasShadowRoot() to shadow().
1432
1433         No new tests. Covered by existing tests.
1434
1435         * WebCore.exp.in:
1436         * dom/ContainerNodeAlgorithms.h:
1437         (WebCore::ChildFrameDisconnector::collectDescendant):
1438         * dom/ComposedShadowTreeWalker.cpp:
1439         (WebCore::ComposedShadowTreeWalker::traverseChild):
1440         * dom/Document.cpp:
1441         (WebCore::Document::buildAccessKeyMap):
1442         * dom/Element.cpp:
1443         (WebCore::Element::recalcStyle):
1444         (WebCore::Element::ensureShadowRoot):
1445         (WebCore::Element::childrenChanged):
1446         * dom/Element.h:
1447         (Element):
1448         (WebCore::isShadowHost):
1449         (WebCore):
1450         * dom/ElementShadow.cpp:
1451         (WebCore::ElementShadow::~ElementShadow):
1452         (WebCore::ElementShadow::removeAllShadowRoots):
1453         * dom/ElementShadow.h:
1454         (ElementShadow):
1455         (WebCore::ElementShadow::host):
1456         * dom/EventDispatcher.cpp:
1457         * dom/Node.cpp:
1458         (WebCore::oldestShadowRootFor):
1459         * dom/NodeRenderingContext.cpp:
1460         (WebCore::NodeRenderingContext::NodeRenderingContext):
1461         * dom/ShadowRoot.cpp:
1462         (WebCore::ShadowRoot::create):
1463         * html/ColorInputType.cpp:
1464         (WebCore::ColorInputType::createShadowSubtree):
1465         * html/FileInputType.cpp:
1466         (WebCore::FileInputType::createShadowSubtree):
1467         (WebCore::FileInputType::multipleAttributeChanged):
1468         * html/HTMLDetailsElement.cpp:
1469         (WebCore::HTMLDetailsElement::createShadowSubtree):
1470         * html/HTMLInputElement.cpp:
1471         (WebCore::HTMLInputElement::createShadowSubtree):
1472         * html/HTMLKeygenElement.cpp:
1473         (WebCore::HTMLKeygenElement::HTMLKeygenElement):
1474         (WebCore::HTMLKeygenElement::shadowSelect):
1475         * html/HTMLMediaElement.cpp:
1476         (WebCore::HTMLMediaElement::hasMediaControls):
1477         * html/HTMLMeterElement.cpp:
1478         (WebCore::HTMLMeterElement::createShadowSubtree):
1479         * html/HTMLProgressElement.cpp:
1480         (WebCore::HTMLProgressElement::createShadowSubtree):
1481         * html/HTMLSummaryElement.cpp:
1482         (WebCore::HTMLSummaryElement::createShadowSubtree):
1483         * html/HTMLTextAreaElement.cpp:
1484         (WebCore::HTMLTextAreaElement::createShadowSubtree):
1485         * html/InputType.cpp:
1486         (WebCore::InputType::destroyShadowSubtree):
1487         * html/RangeInputType.cpp:
1488         (WebCore::RangeInputType::handleMouseDownEvent):
1489         (WebCore::RangeInputType::createShadowSubtree):
1490         * html/TextFieldInputType.cpp:
1491         (WebCore::TextFieldInputType::createShadowSubtree):
1492         * html/shadow/SliderThumbElement.cpp:
1493         (WebCore::trackLimiterElementOf):
1494         * inspector/InspectorDOMAgent.cpp:
1495         (WebCore::InspectorDOMAgent::unbind):
1496         (WebCore::InspectorDOMAgent::buildObjectForNode):
1497         * page/FocusController.cpp:
1498         (WebCore):
1499         * rendering/RenderFileUploadControl.cpp:
1500         (WebCore::RenderFileUploadControl::uploadButton):
1501         * svg/SVGTRefElement.cpp:
1502         (WebCore::SVGTRefElement::updateReferencedText):
1503         (WebCore::SVGTRefElement::detachTarget):
1504         * testing/Internals.cpp:
1505         (WebCore::Internals::ensureShadowRoot):
1506         (WebCore::Internals::youngestShadowRoot):
1507         (WebCore::Internals::oldestShadowRoot):
1508         * testing/Internals.h:
1509         (Internals):
1510         * testing/Internals.idl:
1511
1512 2012-05-10  Gyuyoung Kim  <gyuyoung.kim@samsung.com>
1513
1514         Move resumeAnimations to use Internals interface
1515         https://bugs.webkit.org/show_bug.cgi?id=86063
1516
1517         Reviewed by Alexey Proskuryakov.
1518
1519         Add resumeAnimations functions, because it is able to work in the
1520         cross-port way through the Internals interface.
1521
1522         No new tests, since we are improving here the infra-structure for testing
1523         a specific method.
1524
1525         * testing/Internals.cpp:
1526         (WebCore::Internals::resumeAnimations):
1527         (WebCore):
1528         * testing/Internals.h:
1529         (Internals):
1530         * testing/Internals.idl:
1531
1532 2012-05-10  Min Qin  <qinmin@google.com>
1533
1534         split MediaPlayer::enterFullscreen into 2 seperate functions
1535         https://bugs.webkit.org/show_bug.cgi?id=86052
1536
1537         Reviewed by Benjamin Poulain.
1538
1539         It is confusing that enterFullscreen returns a boolean while exitFullscreen does
1540         not do the same. And ios does not need the return value.
1541         So remove the return value on enterFullscreen and make a seperate canEnterFullscreen()
1542         function for android.
1543         No tests as there are no behavior change, just refactoring.
1544
1545         * platform/graphics/MediaPlayer.cpp:
1546         (WebCore::MediaPlayer::enterFullscreen):
1547         (WebCore):
1548         (WebCore::MediaPlayer::canEnterFullscreen):
1549         * platform/graphics/MediaPlayer.h:
1550         (MediaPlayer):
1551         * platform/graphics/MediaPlayerPrivate.h:
1552         (WebCore::MediaPlayerPrivateInterface::enterFullscreen):
1553         (MediaPlayerPrivateInterface):
1554         (WebCore::MediaPlayerPrivateInterface::canEnterFullscreen):
1555
1556 2012-05-10  Sheriff Bot  <webkit.review.bot@gmail.com>
1557
1558         Unreviewed, rolling out r116715.
1559         http://trac.webkit.org/changeset/116715
1560         https://bugs.webkit.org/show_bug.cgi?id=86172
1561
1562         Broke http/tests/security/cross-frame-access-selection.html
1563         (Requested by tkent on #webkit).
1564
1565         * dom/Document.cpp:
1566         (WebCore):
1567         (WebCore::Document::getSelection):
1568         * dom/Document.h:
1569         (Document):
1570         * dom/ShadowRoot.cpp:
1571         (WebCore::ShadowRoot::selection):
1572         * dom/TreeScope.cpp:
1573         (WebCore::TreeScope::~TreeScope):
1574         * dom/TreeScope.h:
1575         (WebCore):
1576         (TreeScope):
1577         * page/DOMSelection.cpp:
1578         (WebCore::DOMSelection::DOMSelection):
1579         * page/DOMSelection.h:
1580         (WebCore):
1581         (WebCore::DOMSelection::create):
1582         (DOMSelection):
1583         * page/DOMWindow.cpp:
1584         (WebCore::DOMWindow::~DOMWindow):
1585         (WebCore::DOMWindow::clearDOMWindowProperties):
1586         (WebCore::DOMWindow::getSelection):
1587         * page/DOMWindow.h:
1588         (DOMWindow):
1589
1590 2012-05-10  Hajime Morrita  <morrita@google.com>
1591
1592         WebKit should support tab-size.
1593         https://bugs.webkit.org/show_bug.cgi?id=52994
1594
1595         - Added boilerplate for "tab-size" CSS property.
1596         - Added RenderStye::tabSize() as a RareInheritedData.
1597         - Replaced TextRun::m_allowTabs into TextRun::m_tabSize.
1598
1599         Reviewed by Simon Fraser.
1600
1601         Tests: fast/css/tab-size-expected.html
1602                fast/css/tab-size.html
1603
1604         * css/CSSComputedStyleDeclaration.cpp:
1605         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
1606         * css/CSSParser.cpp:
1607         (WebCore::CSSParser::parseValue):
1608         * css/CSSProperty.cpp:
1609         (WebCore::CSSProperty::isInheritedProperty):
1610         * css/CSSPropertyNames.in:
1611         * css/CSSStyleSelector.cpp:
1612         (WebCore::CSSStyleSelector::applyProperty):
1613         * html/canvas/CanvasRenderingContext2D.cpp:
1614         (WebCore::CanvasRenderingContext2D::drawTextInternal):
1615         * platform/chromium/PopupListBox.cpp:
1616         (WebCore::PopupListBox::paintRow):
1617         * platform/graphics/Font.h:
1618         (WebCore::Font::tabWidth):
1619         * platform/graphics/TextRun.h:
1620         (WebCore::TextRun::TextRun):
1621         (WebCore::TextRun::allowTabs):
1622         (WebCore::TextRun::tabSize):
1623         (WebCore::TextRun::setTabSize):
1624         * platform/graphics/WidthIterator.cpp:
1625         (WebCore::WidthIterator::advance):
1626         * platform/graphics/mac/ComplexTextController.cpp:
1627         (WebCore::ComplexTextController::adjustGlyphsAndAdvances):
1628         * platform/win/PopupMenuWin.cpp:
1629         (WebCore::PopupMenuWin::paint):
1630         * rendering/InlineTextBox.cpp:
1631         (WebCore::InlineTextBox::constructTextRun):
1632         * rendering/RenderBlock.cpp:
1633         (WebCore::RenderBlock::constructTextRun):
1634         * rendering/RenderBlockLineLayout.cpp:
1635         (WebCore::textWidth):
1636         (WebCore::tryHyphenating):
1637         * rendering/RenderText.cpp:
1638         (WebCore::RenderText::widthFromCache):
1639         (WebCore::RenderText::computePreferredLogicalWidths):
1640         (WebCore::RenderText::width):
1641         * rendering/RenderText.h:
1642         * rendering/style/RenderStyle.cpp:
1643         (WebCore::RenderStyle::diff):
1644         * rendering/style/RenderStyle.h:
1645         (WebCore::RenderStyleBitfields::tabSize):
1646         (WebCore::RenderStyleBitfields::collapsedTabSize):
1647         (WebCore::RenderStyleBitfields::setTabSize):
1648         (WebCore::RenderStyleBitfields::initialTabSize):
1649         * rendering/style/StyleRareInheritedData.cpp:
1650         (WebCore::StyleRareInheritedData::StyleRareInheritedData):
1651         (WebCore::StyleRareInheritedData::operator==):
1652         * rendering/style/StyleRareInheritedData.h:
1653         * rendering/svg/SVGInlineTextBox.cpp:
1654         (WebCore::SVGInlineTextBox::constructTextRun):
1655         * rendering/svg/SVGTextMetrics.cpp:
1656         (WebCore::constructTextRun):
1657
1658 2012-05-10  Antoine Labour  <piman@chromium.org>
1659
1660         Sync with impl thread when removing references to external textures
1661         https://bugs.webkit.org/show_bug.cgi?id=86054
1662
1663         We want to ensure the client side is safe to release textures, so we
1664         sync with the impl thread when:
1665         - we change the texture (and we had one)
1666         - the layer is removed from the tree (and we had a texture)
1667         - the layer is destroyed (and we had a texture)
1668
1669         Reviewed by James Robinson.
1670
1671         Test: TextureLayerChromiumTest.
1672
1673         * platform/graphics/chromium/TextureLayerChromium.cpp:
1674         (WebCore::TextureLayerChromium::~TextureLayerChromium):
1675         (WebCore::TextureLayerChromium::setTextureId):
1676         (WebCore::TextureLayerChromium::setLayerTreeHost):
1677         (WebCore):
1678         * platform/graphics/chromium/TextureLayerChromium.h:
1679         (TextureLayerChromium):
1680
1681 2012-05-10  Kent Tamura  <tkent@chromium.org>
1682
1683         [Chromium] attempt to build fix for Chromium-mac.
1684         r116697 introduced an override of a system function. It's intentional
1685         and WebCoreTextFieldCell should be in the whitelist.
1686
1687         * WebCore.gyp/WebCore.gyp:
1688
1689 2012-05-10  Anders Carlsson  <andersca@apple.com>
1690
1691         PDF files won't scroll in Safari when using Adobe plug-in
1692         https://bugs.webkit.org/show_bug.cgi?id=86167
1693         <rdar://problem/11389719>
1694
1695         Reviewed by Sam Weinig.
1696
1697         * page/scrolling/ScrollingCoordinator.cpp:
1698         (WebCore::computeNonFastScrollableRegion):
1699         Loop over the frame view children looking for plug-in views that want wheel events
1700         and add them to the non-fast scrollable region. Ideally, the plug-ins should be added
1701         to the set of scrollable areas, but PluginView in WebKit2 is not a ScrollableArea yet.
1702
1703         * plugins/PluginViewBase.h:
1704         (PluginViewBase):
1705         (WebCore::PluginViewBase::wantsWheelEvents):
1706
1707 2012-05-10  Alexey Proskuryakov  <ap@apple.com>
1708
1709         Crash in 3rd party WebKit apps that disable cache at a wrong time
1710         https://bugs.webkit.org/show_bug.cgi?id=86027
1711         <rdar://problem/10615880>
1712
1713         Reviewed by Antti Koivisto.
1714
1715         Added an API test.
1716
1717         The fix is to use CachedResourceHandle throughout MemoryCache, which will certainly
1718         keep the resource alive. Also removed earlier fixes.
1719
1720         * css/CSSImageSetValue.cpp: (WebCore::CSSImageSetValue::cachedImageSet):
1721         * css/CSSImageValue.cpp: (WebCore::CSSImageValue::cachedImage):
1722         * css/WebKitCSSShaderValue.cpp: (WebCore::WebKitCSSShaderValue::cachedShader):
1723         * history/PageCache.cpp: (WebCore::PageCache::releaseAutoreleasedPagesNow):
1724         * loader/ImageLoader.cpp: (WebCore::ImageLoader::updateFromElement):
1725         * loader/TextTrackLoader.cpp: (WebCore::TextTrackLoader::load):
1726         * loader/cache/CachedResourceLoader.cpp:
1727         (WebCore::CachedResourceLoader::requestImage):
1728         (WebCore::CachedResourceLoader::requestFont):
1729         (WebCore::CachedResourceLoader::requestTextTrack):
1730         (WebCore::CachedResourceLoader::requestShader):
1731         (WebCore::CachedResourceLoader::requestCSSStyleSheet):
1732         (WebCore::CachedResourceLoader::requestUserCSSStyleSheet):
1733         (WebCore::CachedResourceLoader::requestScript):
1734         (WebCore::CachedResourceLoader::requestXSLStyleSheet):
1735         (WebCore::CachedResourceLoader::requestSVGDocument):
1736         (WebCore::CachedResourceLoader::requestLinkResource):
1737         (WebCore::CachedResourceLoader::requestRawResource):
1738         (WebCore::CachedResourceLoader::requestResource):
1739         (WebCore::CachedResourceLoader::revalidateResource):
1740         (WebCore::CachedResourceLoader::loadResource):
1741         (WebCore::CachedResourceLoader::requestPreload):
1742         * loader/cache/CachedResourceLoader.h: (CachedResourceLoader):
1743         * loader/cache/MemoryCache.h: (WebCore::MemoryCache::setPruneEnabled):
1744
1745         * loader/cache/CachedResourceHandle.h:
1746         (WebCore::CachedResourceHandle::CachedResourceHandle):
1747         (WebCore::CachedResourceHandle::operator=):
1748         Teach CachedResourceHandle how to make CachedResourceHandle<CachedResource> from
1749         a handle to subclass.
1750
1751 2012-05-10  Tien-Ren Chen  <trchen@chromium.org>
1752
1753         Eliminate duplicated code for culled line box in RenderInline
1754         https://bugs.webkit.org/show_bug.cgi?id=85725
1755
1756         This patch extracts the common part of culledInlineBoundingBox() /
1757         culledInlineAbsoluteRects() / culledInlineAbsoluteQuads() to become a
1758         template function generateCulledLineBoxRects(). The template function
1759         accepts a new parameter, GeneratorContext functor, which will be
1760         invoked everytime a new line box rect has been generated. The generated
1761         rect will be in local coordinate. The functor will be responsible for
1762         appropriate transformation, then appending to vector or union with
1763         existing bounding box.
1764
1765         Reviewed by Eric Seidel.
1766
1767         No new tests. No change in behavior.
1768
1769         * rendering/RenderInline.cpp:
1770         (WebCore):
1771         (WebCore::RenderInline::generateLineBoxRects):
1772         (WebCore::RenderInline::generateCulledLineBoxRects):
1773         (WebCore::RenderInline::absoluteRects):
1774         (WebCore::RenderInline::absoluteQuads):
1775         (WebCore::RenderInline::linesBoundingBox):
1776         (WebCore::RenderInline::culledInlineVisualOverflowBoundingBox):
1777         (WebCore::RenderInline::addFocusRingRects):
1778         * rendering/RenderInline.h:
1779         (RenderInline):
1780
1781 2012-05-10  Abhishek Arya  <inferno@chromium.org>
1782
1783         Crash in swapInNodePreservingAttributesAndChildren.
1784         https://bugs.webkit.org/show_bug.cgi?id=85197
1785  
1786         Reviewed by Ryosuke Niwa.
1787  
1788         Keep the children in a ref vector before adding them to newNode.
1789         They can get destroyed due to mutation events.
1790
1791         No new tests because we don't have a reduction.
1792
1793         * editing/ReplaceNodeWithSpanCommand.cpp:
1794         (WebCore::swapInNodePreservingAttributesAndChildren):
1795
1796 2012-05-10  Shinya Kawanaka  <shinyak@chromium.org>
1797
1798         [Refactoring] Move Selection from DOMWindow to TreeScope.
1799         https://bugs.webkit.org/show_bug.cgi?id=82699
1800
1801         Reviewed by Ryosuke Niwa.
1802
1803         Since ShadowRoot will also manage its own version of DOMSelection, we would like to
1804         share the code among Document and DOMSelection. This patch moves DOMSelection from DOMWindow to TreeScope
1805         so that ShadowRoot can also use it.
1806
1807         No new tests, should covered by existing tests.
1808
1809         * dom/Document.cpp:
1810         (WebCore::Document::updateFocusAppearanceTimerFired):
1811         * dom/Document.h:
1812         (Document):
1813         * dom/ShadowRoot.cpp:
1814         (WebCore::ShadowRoot::selection):
1815         * do/mTreeScope.cpp:
1816         (WebCore::TreeScope::~TreeScope):
1817         (WebCore::TreeScope::getSelection):
1818         (WebCore):
1819         * dom/TreeScope.h:
1820         (WebCore):
1821         (TreeScope):
1822         * page/DOMSelection.cpp:
1823         (WebCore::DOMSelection::DOMSelection):
1824         (WebCore::DOMSelection::clearTreeScope):
1825         (WebCore):
1826         * page/DOMSelection.h:
1827         (WebCore):
1828         (WebCore::DOMSelection::create):
1829         (DOMSelection):
1830         (WebCore::DOMSelection::frame):
1831         * page/DOMWindow.cpp:
1832         (WebCore::DOMWindow::~DOMWindow):
1833         (WebCore::DOMWindow::clearDOMWindowProperties):
1834         (WebCore::DOMWindow::getSelection):
1835         * page/DOMWindow.h:
1836         (DOMWindow):
1837
1838 2012-05-10  Kent Tamura  <tkent@chromium.org>
1839
1840         Unreviewed, rolling out r116594.
1841         http://trac.webkit.org/changeset/116594
1842         https://bugs.webkit.org/show_bug.cgi?id=86013
1843
1844         r116594 might have made some composition tests flaky.
1845
1846         * platform/graphics/chromium/LayerChromium.cpp:
1847         (WebCore::LayerChromium::addAnimation):
1848         * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:
1849         (WebCore::CCLayerAnimationController::pushNewAnimationsToImplThread):
1850         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
1851         (WebCore::CCLayerTreeHost::finishCommitOnImplThread):
1852         (WebCore::CCLayerTreeHost::didBecomeInvisibleOnImplThread):
1853         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
1854         (CCLayerTreeHost):
1855         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
1856         (WebCore::CCLayerTreeHostImpl::CCLayerTreeHostImpl):
1857         * platform/graphics/chromium/cc/CCProxy.h:
1858         (CCProxy):
1859         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
1860         (WebCore::CCSingleThreadProxy::CCSingleThreadProxy):
1861         (WebCore::CCSingleThreadProxy::doComposite):
1862         * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
1863         (WebCore):
1864         * platform/graphics/chromium/cc/CCThreadProxy.h:
1865         (CCThreadProxy):
1866
1867 2012-05-10  Michael Nordman  <michaeln@google.com>
1868
1869         [chromium] DomStorage events handling needs TLC (2)
1870         https://bugs.webkit.org/show_bug.cgi?id=85221
1871         Alter the StorageArea virtual interface such that the mutators no longer
1872         return old values. This is to allow implementations of the interface to operate
1873         more asynchronously.
1874
1875         Reviewed by Adam Barth.
1876
1877         No new tests. Existing tests cover this.
1878
1879         * storage/StorageArea.h: Alter the interface so the mutators no longer return previous values
1880         * storage/StorageAreaImpl.cpp:
1881         (WebCore::StorageAreaImpl::disabledByPrivateBrowsingInFrame):  removed an unneeded PLATFORM(CHROMIUM) guard
1882         (WebCore::StorageAreaImpl::setItem): no longer return the old value
1883         (WebCore::StorageAreaImpl::removeItem): no longer return the old value
1884         (WebCore::StorageAreaImpl::clear): no longer return whether something was cleared
1885         * storage/StorageAreaImpl.h: match StorageArea's virtual interface
1886
1887 2012-05-10  Beth Dakin  <bdakin@apple.com>
1888
1889         https://bugs.webkit.org/show_bug.cgi?id=86158
1890         Overlay scrollbars without layers never paint in overflow regions in 
1891         tiled drawing mode
1892         -and corresponding-
1893         <rdar://problem/11289546>
1894
1895         Reviewed by Darin Adler.
1896
1897         RenderLayers paint scrollbars that do not have their own layers by 
1898         running a second pass through the layer tree after the layer tree has 
1899         painted. This ensures that the scrollbars always paint on top of 
1900         content. However, this mechanism was relying on 
1901         FrameView::paintContents() as a choke-point for all painting to 
1902         trigger the second painting pass. That is not a reasonable choke-point 
1903         in tiled drawing, so this patch adds similar code to 
1904         RenderLayerBacking.
1905
1906         Only opt into the second painting pass for scrollbars that do not have 
1907         their own layers.
1908         * rendering/RenderLayer.cpp:
1909         (WebCore::RenderLayer::paintOverflowControls):
1910         
1911         A layer that paints into its backing cannot return early here if it 
1912         has overlay scrollbars to paint.
1913         (WebCore::RenderLayer::paintLayer):
1914         
1915         This replicates code in FrameView::paintContents(). After painting the 
1916         owning layer, do a second pass if there are overlay scrollbars to 
1917         paint.
1918         * rendering/RenderLayerBacking.cpp:
1919         (WebCore::RenderLayerBacking::paintIntoLayer):
1920
1921 2012-05-10  Anders Carlsson  <andersca@apple.com>
1922
1923         Well, at least fixing the GTK+ build is something!
1924
1925         * platform/gtk/LocalizedStringsGtk.cpp:
1926         (WebCore::insecurePluginVersionText):
1927         (WebCore):
1928
1929 2012-05-10  Anders Carlsson  <andersca@apple.com>
1930
1931         Add insecurePluginVersionText stubs.
1932
1933         * platform/blackberry/LocalizedStringsBlackBerry.cpp:
1934         (WebCore::insecurePluginVersionText):
1935         (WebCore):
1936         * platform/efl/LocalizedStringsEfl.cpp:
1937         (WebCore::insecurePluginVersionText):
1938         (WebCore):
1939         * platform/qt/LocalizedStringsQt.cpp:
1940         (WebCore::insecurePluginVersionText):
1941         (WebCore):
1942
1943 2012-05-10  Sheriff Bot  <webkit.review.bot@gmail.com>
1944
1945         Unreviewed, rolling out r116677.
1946         http://trac.webkit.org/changeset/116677
1947         https://bugs.webkit.org/show_bug.cgi?id=86159
1948
1949         This patch causes linker error to some mac bots (Requested by
1950         jianli_ on #webkit).
1951
1952         * WebCore.exp.in:
1953         * dom/ContainerNode.h:
1954         * dom/Node.cpp:
1955         (WebCore::Node::traverseNextNode):
1956         (WebCore::Node::traverseNextSibling):
1957         * dom/Node.h:
1958         (Node):
1959
1960 2012-05-10  Abhishek Arya  <inferno@chromium.org>
1961
1962         Crash in FontCache::releaseFontData due to infinite float size.
1963         https://bugs.webkit.org/show_bug.cgi?id=86110
1964
1965         Reviewed by Andreas Kling.
1966
1967         New callers always forget to clamp the font size, which overflows
1968         to infinity on multiplication. It is best to clamp it at the end
1969         to avoid getting greater than std::numeric_limits<float>::max().
1970
1971         Test: fast/css/large-font-size-crash.html
1972
1973         * platform/graphics/FontDescription.h:
1974         (WebCore::FontDescription::setComputedSize):
1975         (WebCore::FontDescription::setSpecifiedSize):
1976
1977 2012-05-10  Beth Dakin  <bdakin@apple.com>
1978
1979         https://bugs.webkit.org/show_bug.cgi?id=82131
1980         [Mac] REGRESSION (r110480): Text field that specifies background-color 
1981         (or is auto-filled) gets un-themed border
1982         -and corresponding-
1983         <rdar://problem/11115221>
1984
1985         Reviewed by Maciej Stachowiak.
1986
1987         This change rolls out r110480 which is what caused styled text fields 
1988         to get the un-themed border, and it does a bunch of work to make sure 
1989         we get the pretty, new version of the NSTextField art whenever 
1990         possible. We do this differently for post-Lion OS's since there is now 
1991         a way to opt into it all the time. Lion and SnowLeopard can only use 
1992         the new art in HiDPI mode when the background color of the text field 
1993         is just white.
1994
1995         RenderThemeMac::textField() takes a boolean paramter used to determine 
1996         if the new gradient will be used.
1997         * rendering/RenderThemeMac.h:
1998         (RenderThemeMac):
1999         
2000         This is the post-Lion workaround. This code has no effect on Lion and 
2001         SnowLeopard. This allows up to opt into a version of [NSTextField drawWithFrame:] that will only draw the frame of the text field; without this, it will draw the frame and the background, which creates a number of problems with styled text fields and text fields in HiDPI. There is a less comprehesive workaround for Lion and SnowLeopard in place in RenderThemeMac::textField().
2002         * rendering/RenderThemeMac.mm:
2003         (-[WebCoreTextFieldCell _coreUIDrawOptionsWithFrame:inView:includeFocus:]):
2004         
2005         This is the roll-out of r110480.
2006         (WebCore::RenderThemeMac::isControlStyled):
2007         
2008         See the comments for a full explanation, but this is mostly code for 
2009         Lion and SnowLeopard to determine if we can opt into the new artwork.
2010         (WebCore::RenderThemeMac::paintTextField):
2011         (WebCore::RenderThemeMac::textField):
2012
2013 2012-05-10  Anders Carlsson  <andersca@apple.com>
2014
2015         WebKit1: Add a way to blacklist specific plug-ins/plug-in versions
2016         https://bugs.webkit.org/show_bug.cgi?id=86150
2017         <rdar://problem/9551196>
2018
2019         Reviewed by Sam Weinig.
2020
2021         * English.lproj/Localizable.strings:
2022         Update.
2023
2024         * loader/SubframeLoader.cpp:
2025         (WebCore::SubframeLoader::loadPlugin):
2026         It is possible that the client has already set the unavailability reason so don't try to set it twice.
2027
2028         * platform/LocalizedStrings.cpp:
2029         (WebCore::insecurePluginVersionText):
2030         * platform/LocalizedStrings.h:
2031         Add insecure plug-in version text.
2032
2033         * rendering/RenderEmbeddedObject.cpp:
2034         (WebCore::RenderEmbeddedObject::unavailablePluginReplacementText):
2035         * rendering/RenderEmbeddedObject.h:
2036         Add InsecurePluginVersion unavailability reason.
2037
2038 2012-05-10  Eric Seidel  <eric@webkit.org>
2039
2040         Make IFRAME_SEAMLESS child documents inherit styles from their parent iframe element
2041         https://bugs.webkit.org/show_bug.cgi?id=85940
2042
2043         Reviewed by Ojan Vafai.
2044
2045         The HTML5 <iframe seamless> spec says:
2046         In a CSS-supporting user agent: the user agent must, for the purpose of CSS property
2047         inheritance only, treat the root element of the active document of the iframe
2048         element's nested browsing context as being a child of the iframe element.
2049         (Thus inherited properties on the root element of the document in the
2050         iframe will inherit the computed values of those properties on the iframe
2051         element instead of taking their initial values.)
2052
2053         Initially I implemented this support to the letter of the spec. However, doing so I learned
2054         that WebKit has a RenderStyle for the Document Node, not just the root element of the document.
2055         In this RenderStyle on the Document, we add a bunch of per-document styles from settings
2056         including designMode.
2057
2058         This change makes StyleResolver::styleForDocument inherit style from the parent iframe's
2059         style, before applying any of these per-document styles.  This may or may not be correct
2060         depending on what behavior we want for rtl-ordering, page-zoom, locale, design mode, etc.
2061         For now, we continue to treat the iframe's document as independent in these regards, and
2062         the settings on that document override those inherited from the iframe.
2063
2064         Also, intially when making this work, I added redirects in recalcStyle and scheduleStyleRecalc
2065         from the child document to the parent document in the case of seamless (since the parent
2066         document effectively manages the style resolve and layout of the child in seamless mode).
2067         However, I was not able to find a test which depended on this code change, so in this final patch
2068         I have removed both of these modifications and replaced them with FIXMEs.  Based on discussions
2069         with Ojan and James Robinson, I believe both of those changes may eventually be wanted.
2070
2071         This change basically does 3 things:
2072         1.  Makes StyleResolver::styleForDocument inherit from the parent iframe.
2073         2.  Makes any recalcStyle calls on the iframe propogate down into the child document (HTMLIFrameElement::didRecalcStyle).
2074         3.  Makes Document::recalcStyle aware of the fact that the Document's style *can* change
2075             for reasons other than recalcStyle(Force).
2076
2077         I'm open to more testing suggestions, if reviewers have settings on the Document's style
2078         that you want to make sure we inherit from the parent iframe, or don't inherit, etc.
2079         I view this as a complete solution to this aspect of the current <iframe seamless> spec,
2080         but likely not the last code we will write for this aspect of the seamless feature. :)
2081
2082         Tested by fast/frames/seamlesss/seamless-css-cascade.html and seamless-designMode.html
2083
2084         * css/StyleResolver.cpp:
2085         (WebCore::StyleResolver::collectMatchingRulesForList):
2086         * dom/Document.cpp:
2087         (WebCore::Document::scheduleStyleRecalc):
2088         (WebCore::Document::recalcStyle):
2089         * html/HTMLIFrameElement.cpp:
2090         (WebCore::HTMLIFrameElement::HTMLIFrameElement):
2091         (WebCore::HTMLIFrameElement::didRecalcStyle):
2092         (WebCore):
2093         * html/HTMLIFrameElement.h:
2094         (HTMLIFrameElement):
2095
2096 2012-05-10  Julien Chaffraix  <jchaffraix@webkit.org>
2097
2098         Crash in computedCSSPadding* functions due to RenderImage::imageDimensionsChanged called during attachment
2099         https://bugs.webkit.org/show_bug.cgi?id=85912
2100
2101         Reviewed by Eric Seidel.
2102
2103         Tests: fast/images/link-body-content-imageDimensionChanged-crash.html
2104                fast/images/script-counter-imageDimensionChanged-crash.html
2105
2106         The bug comes from CSS generated images that could end up calling imageDimensionsChanged during attachment. As the
2107         rest of the code (e.g. computedCSSPadding*) would assumes that we are already inserted in the tree, we would crash.
2108
2109         The solution is to bail out in this case as newly inserted RenderObject will trigger layout later on and properly
2110         handle what we would be doing as part of imageDimensionChanged (the only exception being updating our intrinsic
2111         size which should be done as part of imageDimensionsChanged).
2112
2113         * rendering/RenderImage.cpp:
2114         (WebCore::RenderImage::imageDimensionsChanged):
2115
2116 2012-05-10  Adam Barth  <abarth@webkit.org>
2117
2118         ASSERT in BidiResolver<Iterator, Run>::commitExplicitEmbedding makes running debug builds annoying
2119         https://bugs.webkit.org/show_bug.cgi?id=86140
2120
2121         Reviewed by Eric Seidel.
2122
2123         The correct fix here is to resolve
2124         https://bugs.webkit.org/show_bug.cgi?id=76574, but in the mean time,
2125         this ASSERT is annoying.
2126
2127         * platform/text/BidiResolver.h:
2128         (WebCore::::commitExplicitEmbedding):
2129
2130 2012-05-10  Mark Pilgrim  <pilgrim@chromium.org>
2131
2132         [Chromium] Call addTraceEvent and getTraceCategoryEnabledFlag directly
2133         https://bugs.webkit.org/show_bug.cgi?id=85399
2134
2135         Reviewed by Adam Barth.
2136
2137         Part of a refactoring series. See tracking bug 82948.
2138
2139         * CMakeLists.txt:
2140         * GNUmakefile.list.am:
2141         * Target.pri:
2142         * WebCore.gypi:
2143         * WebCore.vcproj/WebCore.vcproj:
2144         * WebCore.xcodeproj/project.pbxproj:
2145         * platform/EventTracer.cpp: Added.
2146         (WebCore):
2147         (WebCore::EventTracer::getTraceCategoryEnabledFlag):
2148         (WebCore::EventTracer::addTraceEvent):
2149         * platform/EventTracer.h: Added.
2150         (WebCore):
2151         (EventTracer):
2152         * platform/chromium/EventTracerChromium.cpp: Added.
2153         (WebCore):
2154         (WebCore::EventTracer::getTraceCategoryEnabledFlag):
2155         (WebCore::EventTracer::addTraceEvent):
2156         * platform/chromium/PlatformSupport.h:
2157         * platform/chromium/TraceEvent.h:
2158
2159 2012-05-10  Adam Barth  <abarth@webkit.org>
2160
2161         ScrollView::fixedVisibleContentRect should be public
2162         https://bugs.webkit.org/show_bug.cgi?id=86147
2163
2164         Reviewed by Eric Seidel.
2165
2166         Some code in the WebKit layer of OS(ANDROID) uses this function. That
2167         could will be upstreamed in a later patch. For now, this patch just
2168         makes this function public so that we remove the diff to this file.
2169
2170         * platform/ScrollView.h:
2171         (WebCore::ScrollView::fixedVisibleContentRect):
2172         (WebCore::ScrollView::delegatesScrollingDidChange):
2173
2174 2012-05-10  Anders Carlsson  <andersca@apple.com>
2175
2176         Rename the missing plug-in indicator to the unavailable plug-in indicator
2177         https://bugs.webkit.org/show_bug.cgi?id=86136
2178
2179         Reviewed by Sam Weinig.
2180
2181         Since the indicator is shown for more than just missing plug-ins, generalize it and use a plug-in unavailability
2182         reason enum to make it easier to extend. Also, pass the unavailability reason to the ChromeClient member functions.
2183
2184         * WebCore.exp.in:
2185         * html/HTMLEmbedElement.cpp:
2186         (WebCore::HTMLEmbedElement::updateWidget):
2187         * html/HTMLObjectElement.cpp:
2188         (WebCore::HTMLObjectElement::updateWidget):
2189         * html/HTMLPlugInElement.cpp:
2190         (WebCore::HTMLPlugInElement::defaultEventHandler):
2191         * html/HTMLPlugInImageElement.cpp:
2192         (WebCore::HTMLPlugInImageElement::updateWidgetIfNecessary):
2193         * loader/SubframeLoader.cpp:
2194         (WebCore::SubframeLoader::loadPlugin):
2195         * page/ChromeClient.h:
2196         (WebCore::ChromeClient::shouldUnavailablePluginMessageBeButton):
2197         (WebCore::ChromeClient::unavailablePluginButtonClicked):
2198         * page/FrameView.cpp:
2199         (WebCore::FrameView::updateWidget):
2200         * rendering/RenderEmbeddedObject.cpp:
2201         (WebCore::RenderEmbeddedObject::RenderEmbeddedObject):
2202         (WebCore::RenderEmbeddedObject::setPluginUnavailabilityReason):
2203         (WebCore::RenderEmbeddedObject::showsUnavailablePluginIndicator):
2204         (WebCore::RenderEmbeddedObject::setUnavailablePluginIndicatorIsPressed):
2205         (WebCore::RenderEmbeddedObject::paint):
2206         (WebCore::RenderEmbeddedObject::paintReplaced):
2207         (WebCore::RenderEmbeddedObject::getReplacementTextGeometry):
2208         (WebCore::RenderEmbeddedObject::unavailablePluginReplacementText):
2209         (WebCore):
2210         (WebCore::RenderEmbeddedObject::isInUnavailablePluginIndicator):
2211         (WebCore::shouldUnavailablePluginMessageBeButton):
2212         (WebCore::RenderEmbeddedObject::handleUnavailablePluginIndicatorEvent):
2213         (WebCore::RenderEmbeddedObject::getCursor):
2214         * rendering/RenderEmbeddedObject.h:
2215         (RenderEmbeddedObject):
2216
2217 2012-05-10  Brady Eidson  <beidson@apple.com>
2218
2219         <rdar://problem/10972577> and https://bugs.webkit.org/show_bug.cgi?id=80170
2220         Contents of noscript elements turned into strings in WebArchives
2221
2222         Reviewed by Andy Estes.
2223
2224         There's a much deeper question about how innerHTML of <noscript> is expected to work in 
2225         both a scripting and non-scripting environment that we should pursue separately.
2226
2227         But for webarchives, we can solve this by filtering out the <noscript> elements completely 
2228         if scripting is enabled.
2229
2230         Test: webarchive/ignore-noscript-if-scripting-enabled.html
2231
2232         * WebCore.exp.in:
2233
2234         Add arguments to createMarkup and MarkupAccumulator methods to pass a Vector of QualifiedNames
2235         that should be filtered from the resulting markup:
2236         * editing/MarkupAccumulator.cpp:
2237         (WebCore::MarkupAccumulator::serializeNodes):
2238         (WebCore::MarkupAccumulator::serializeNodesWithNamespaces):
2239         * editing/MarkupAccumulator.h:
2240         * editing/markup.cpp:
2241         (WebCore::createMarkup):
2242         * editing/markup.h:
2243
2244         If scripting is enabled, add the noscriptTag to the tag names to filter:
2245         * loader/archive/cf/LegacyWebArchive.cpp:
2246         (WebCore::LegacyWebArchive::create):
2247
2248 2012-05-10  Abhishek Arya  <inferno@chromium.org>
2249
2250         Crash due to floats not removed from first-letter element.
2251         https://bugs.webkit.org/show_bug.cgi?id=86019
2252
2253         Reviewed by Julien Chaffraix.
2254
2255         Move clearing logic of a floating/positioned object from removeChild
2256         to removeChildNode. There are lot of places which use removeChildNode
2257         directly and hence the object is not removed from the floating or
2258         positioned objects list.
2259
2260         Test: fast/block/float/float-not-removed-from-first-letter.html
2261
2262         * rendering/RenderObject.cpp:
2263         (WebCore::RenderObject::removeChild):
2264         * rendering/RenderObjectChildList.cpp:
2265         (WebCore::RenderObjectChildList::removeChildNode):
2266
2267 2012-05-10  Andreas Kling  <kling@webkit.org>
2268
2269         Remove empty ElementAttributeData destructor.
2270         <http://webkit.org/b/86126>
2271
2272         Reviewed by Antti Koivisto.
2273
2274         * dom/ElementAttributeData.cpp:
2275         * dom/ElementAttributeData.h:
2276
2277 2012-05-10  Yury Semikhatsky  <yurys@chromium.org>
2278
2279         Web Inspector: heap snapshot comparison view is broken
2280         https://bugs.webkit.org/show_bug.cgi?id=86102
2281
2282         Reviewed by Pavel Feldman.
2283
2284         Pass HeapSnapshotProxy instead of undefined to the profile load callback. Added
2285         compiler annotations to avoid such errors in the future.
2286
2287         * inspector/front-end/HeapSnapshotView.js:
2288
2289 2012-05-10  Zan Dobersek  <zandobersek@gmail.com>
2290
2291         [GTK] ENABLE_IFRAME_SEAMLESS support
2292         https://bugs.webkit.org/show_bug.cgi?id=85843
2293
2294         Reviewed by Eric Seidel.
2295
2296         Export the ENABLE_IFRAME_SEAMLESS feature define when the feature is
2297         enabled.
2298
2299         No new tests - all the related tests should now be passing.
2300
2301         * GNUmakefile.am:
2302
2303 2012-05-10  Antti Koivisto  <antti@apple.com>
2304
2305         Inline Node::traverseNextNode
2306         https://bugs.webkit.org/show_bug.cgi?id=85844
2307
2308         Reviewed by Ryosuke Niwa.
2309         
2310         Inline traverseNextNode and traverseNextSibling to reduce entry/exit overhead and allow better code generation
2311         for many hot loops.
2312
2313         In this version only the firstChild()/nextSibling() tests are inlined and the ancestor traversal is not.
2314         
2315         Performance bots will tell if this was worthwhile.
2316
2317         * dom/ContainerNode.h:
2318         (WebCore::Node::traverseNextNode):
2319         (WebCore):
2320         (WebCore::Node::traverseNextSibling):
2321         * dom/Node.cpp:
2322         (WebCore::Node::traverseNextAncestorSibling):
2323         * dom/Node.h:
2324         (Node):
2325
2326 2012-05-10  Tommy Widenflycht  <tommyw@google.com>
2327
2328         MediaStream API: Fix MediaHints parsing
2329         https://bugs.webkit.org/show_bug.cgi?id=86098
2330
2331         Reviewed by Adam Barth.
2332
2333         Not currently testable. Working on a series of patches that will fix that.
2334
2335         * Modules/mediastream/PeerConnection00.cpp:
2336         (WebCore::PeerConnection00::createMediaHints):
2337
2338 2012-05-10  Tommy Widenflycht  <tommyw@google.com>
2339
2340         [chromium] MediaStream API: Fix the ExtraData functionality in WebMediaStreamDescriptor
2341         https://bugs.webkit.org/show_bug.cgi?id=86087
2342
2343         Reviewed by Adam Barth.
2344
2345         Not easy to test but I have added code that excercises this to WebUserMediaClientMock (in DumpRenderTree).
2346
2347         * platform/chromium/support/WebMediaStreamDescriptor.cpp:
2348         (WebKit::WebMediaStreamDescriptor::setExtraData):
2349
2350 2012-05-10  Pavel Feldman  <pfeldman@chromium.org>
2351
2352         Web Inspector: search title is shown beside the search field (not under) in the vertical mode.
2353         https://bugs.webkit.org/show_bug.cgi?id=86120
2354
2355         Reviewed by Yury Semikhatsky.
2356
2357         This change makes search title render as placeholder at all times.
2358         It also adjusts the size of the search field when navigation arrows appear.
2359
2360         * inspector/front-end/SearchController.js:
2361         (WebInspector.SearchController):
2362         (WebInspector.SearchController.prototype.updateSearchLabel):
2363         (WebInspector.SearchController.prototype._updateSearchNavigationButtonState):
2364         (WebInspector.SearchController.prototype._createSearchNavigationButton):
2365         * inspector/front-end/inspector.css:
2366         (#toolbar-search-item):
2367         (.with-navigation-buttons #search):
2368         (.toolbar-search-navigation-label):
2369         (.with-navigation-buttons .toolbar-search-navigation-label):
2370         * inspector/front-end/inspector.html:
2371
2372 2012-05-10  Varun Jain  <varunjain@google.com>
2373
2374         [chromium] Trigger context menu for long press gesture
2375         https://bugs.webkit.org/show_bug.cgi?id=85919
2376
2377         Reviewed by Adam Barth.
2378
2379         Test: fast/events/touch/gesture/context-menu-on-long-press.html
2380
2381         * page/EventHandler.cpp:
2382         (WebCore):
2383         (WebCore::EventHandler::sendContextMenuEventForGesture):
2384         * page/EventHandler.h:
2385         (EventHandler):
2386
2387 2012-05-10  Abhishek Arya  <inferno@chromium.org>
2388
2389         Crash in ApplyStyleCommand::joinChildTextNodes.
2390         https://bugs.webkit.org/show_bug.cgi?id=85939
2391
2392         Reviewed by Ryosuke Niwa.
2393
2394         Test: editing/style/apply-style-join-child-text-nodes-crash.html
2395
2396         * editing/ApplyStyleCommand.cpp:
2397         (WebCore::ApplyStyleCommand::applyRelativeFontStyleChange): add conditions
2398         to bail out if our start and end position nodes are removed due to 
2399         mutation events in joinChildTextNodes.
2400         (WebCore::ApplyStyleCommand::applyInlineStyle): this executes after
2401         applyRelativeFontStyleChange in ApplyStyleCommand::doApply. So, need
2402         to bail out if our start and end position nodes are removed due to
2403         mutation events.
2404         (WebCore::ApplyStyleCommand::joinChildTextNodes): hold all the children
2405         in a ref vector to prevent them from getting destroyed due to mutation events.
2406
2407 2012-05-10  Erik Arvidsson  <arv@chromium.org>
2408
2409         Unreviewed, rebaselined run-bindings-tests results.
2410
2411         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
2412         (WebCore::jsTestEventTargetPrototypeFunctionAddEventListener):
2413         (WebCore::jsTestEventTargetPrototypeFunctionRemoveEventListener):
2414         * bindings/scripts/test/JS/JSTestObj.cpp:
2415         (WebCore::jsTestObjPrototypeFunctionAddEventListener):
2416         (WebCore::jsTestObjPrototypeFunctionRemoveEventListener):
2417         * bindings/scripts/test/V8/V8TestException.cpp:
2418         (WebCore::V8TestException::wrapSlow):
2419         * bindings/scripts/test/V8/V8TestException.h:
2420         (WebCore::V8TestException::wrap):
2421
2422 2012-05-10  Abhishek Arya  <inferno@chromium.org>
2423
2424         Crash in InsertParagraphSeparatorCommand::doApply.
2425         https://bugs.webkit.org/show_bug.cgi?id=84995
2426
2427         Reviewed by Ryosuke Niwa.
2428
2429         Test: editing/inserting/insert-paragraph-seperator-crash.html
2430
2431         * editing/DeleteSelectionCommand.cpp:
2432         (WebCore::DeleteSelectionCommand::mergeParagraphs): no need of static cast, since
2433         type of enclosingBlock returned is already Element*.
2434         * editing/IndentOutdentCommand.cpp:
2435         (WebCore::IndentOutdentCommand::tryIndentingAsListItem): no need of static cast, since
2436         type of enclosingBlock returned is already Element*.
2437         * editing/InsertParagraphSeparatorCommand.cpp:
2438         (WebCore::InsertParagraphSeparatorCommand::doApply): RefPtr startBlock to guard against
2439         mutation events.
2440         * editing/htmlediting.cpp:
2441         (WebCore::enclosingBlock): make sure type of enclosingNode is an element before doing
2442         the static cast. This was already failing in a couple of layout tests. Also, isBlock
2443         check already exists in the function call to enclosingNodeOfType, so don't need it
2444         again on enclosingNode's renderer.
2445         * editing/htmlediting.h: 
2446         (WebCore):
2447
2448 2012-05-10  Allan Sandfeld Jensen  <allan.jensen@nokia.com>
2449
2450         TouchAdjustment doesn't correct for scroll-offsets.
2451         https://bugs.webkit.org/show_bug.cgi?id=86083
2452
2453         Reviewed by Kenneth Rohde Christiansen.
2454
2455         Already tested by: touchadjustment/scroll-delegation
2456
2457         * page/EventHandler.cpp:
2458         (WebCore::EventHandler::bestClickableNodeForTouchPoint):
2459         (WebCore::EventHandler::bestZoomableAreaForTouchPoint):
2460         * page/TouchAdjustment.cpp:
2461         (WebCore::TouchAdjustment::findNodeWithLowestDistanceMetric):
2462         * testing/Internals.cpp:
2463         (WebCore::Internals::bestZoomableAreaForTouchPoint):
2464
2465 2012-05-10  Konrad Piascik  <kpiascik@rim.com>
2466
2467         Fix typo in filename
2468         https://bugs.webkit.org/show_bug.cgi?id=86095
2469
2470         Reviewed by Andreas Kling.
2471
2472         * UseJSC.cmake:
2473
2474 2012-05-10  Stephen Chenney  <schenney@chromium.org>
2475
2476         SVG Filters allow invalid elements as children
2477         https://bugs.webkit.org/show_bug.cgi?id=83979
2478
2479         Reviewed by Nikolas Zimmermann.
2480
2481         According to the SVG spec, there are numerous restrictions on the
2482         content of nodes (that is, their children). Specific to this problem,
2483         SVGFilter elements may only contain SVGFilterPrimitive elements, and
2484         those may only contain animation related elements. This patch enforces
2485         the restriction on filters in the render tree, thus preventing us from
2486         having (for instance) content that is inside a filter yet filtered by
2487         the filter.
2488
2489         Manual test: ManualTests/bugzilla-83979.svg
2490
2491         * svg/SVGFilterElement.cpp:
2492         (WebCore::SVGFilterElement::childShouldCreateRenderer): Added to only allow renderers for fe* children
2493         (WebCore):
2494         * svg/SVGFilterElement.h:
2495         (SVGFilterElement):
2496         * svg/SVGFilterPrimitiveStandardAttributes.h: Do not allow any children at all for fe* elements.
2497         (SVGFilterPrimitiveStandardAttributes):
2498
2499 2012-05-10  Joe Thomas  <joethomas@motorola.com>
2500
2501         [CSS3 Backgrounds and Borders] Add background-size to the background shorthand
2502         https://bugs.webkit.org/show_bug.cgi?id=27577
2503
2504         Reviewed by Alexis Menard.
2505
2506         Added CSSPropertyBackgroundSize to the background shorthand propery. Added the logic for parsing background-size.
2507         bakground-size appears after background-position followed by a '/'.
2508         The specification related to this change is http://www.w3.org/TR/css3-background/#the-background
2509
2510         Tests: fast/backgrounds/background-shorthand-with-backgroundSize-style.html
2511                fast/backgrounds/size/backgroundSize-in-background-shorthand.html
2512
2513         * css/CSSComputedStyleDeclaration.cpp:
2514         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
2515         (WebCore::CSSComputedStyleDeclaration::getBackgroundShorthandValue):
2516         (WebCore):
2517         * css/CSSComputedStyleDeclaration.h:
2518         (CSSComputedStyleDeclaration):
2519         * css/CSSParser.cpp:
2520         (WebCore::CSSParser::parseValue):
2521         (WebCore::CSSParser::parseFillShorthand):
2522         * css/StylePropertySet.cpp:
2523         (WebCore::StylePropertySet::getLayeredShorthandValue):
2524         * css/StylePropertyShorthand.cpp:
2525         (WebCore):
2526         (WebCore::backgroundShorthand):
2527
2528 2012-05-10  MORITA Hajime <morrita@google.com>
2529
2530         Node::InDetachFlag could be removed.
2531         https://bugs.webkit.org/show_bug.cgi?id=85963
2532
2533         Reviewed by Antti Koivisto.
2534
2535         Removed Node::inDetach() since it can never true
2536         on the only call site setFocusedNode().
2537
2538         No new test. Covered by existing tests.
2539
2540         * dom/Document.cpp:
2541         (WebCore::Document::setFocusedNode):
2542         * dom/Node.cpp:
2543         (WebCore::Node::detach):
2544         * dom/Node.h:
2545         (WebCore):
2546         (Node):
2547
2548 2012-05-10  Keishi Hattori  <keishi@webkit.org>
2549
2550         Crash in HTMLFormControlElement::m_fieldSetAncestor
2551         https://bugs.webkit.org/show_bug.cgi?id=86070
2552
2553         Reviewed by Kent Tamura.
2554
2555         No new tests.
2556
2557         The previous patch r115990 didn't completely resolve the crash (Bug 85453)
2558         We don't have a reproducible test case, so we are reverting to the old code for setting m_fieldSetAncestor.
2559
2560         * html/HTMLFormControlElement.cpp:
2561         (WebCore::HTMLFormControlElement::HTMLFormControlElement):
2562         (WebCore::HTMLFormControlElement::updateFieldSetAndLegendAncestor):
2563         (WebCore::HTMLFormControlElement::insertedInto): Set m_dataListAncestorState to Unknown because ancestor has changed. Call setNeedsWillValidateCheck because style might need to be updated.
2564         (WebCore::HTMLFormControlElement::removedFrom):
2565         (WebCore::HTMLFormControlElement::disabled):
2566         (WebCore::HTMLFormControlElement::recalcWillValidate):
2567         (WebCore::HTMLFormControlElement::willValidate):
2568         (WebCore::HTMLFormControlElement::setNeedsWillValidateCheck):
2569         * html/HTMLFormControlElement.h:
2570         (HTMLFormControlElement): Added m_dataListAncestorState.
2571
2572 2012-05-10  Sam D  <dsam2912@gmail.com>
2573
2574         Web Inspector: rename InspectorBackendStub.js to InspectorBackendCommands.js
2575         https://bugs.webkit.org/show_bug.cgi?id=72306
2576
2577         Changed name for InspectorBackendStub.js to
2578         InspectorBackendCommands.js
2579
2580         Reviewed by Yury Semikhatsky.
2581
2582         No new tests required. File name is changed.
2583
2584         * DerivedSources.pri:
2585         * GNUmakefile.am:
2586         * Target.pri:
2587         * WebCore.gyp/WebCore.gyp:
2588         * WebCore.gypi:
2589         * WebCore.vcproj/copyWebCoreResourceFiles.cmd:
2590         * WebCore.xcodeproj/project.pbxproj:
2591         * gyp/copy-inspector-resources.sh:
2592         * inspector/CodeGeneratorInspector.py:
2593         * inspector/front-end/InspectorBackendCommands.qrc: Added.
2594         * inspector/front-end/InspectorBackendStub.qrc: Removed.
2595         * inspector/front-end/inspector.html:
2596
2597 2012-05-10  Alexis Menard  <alexis.menard@openbossa.org>
2598
2599         [Qt] Avoid string conversions to construct a QUrl when using Qt5.
2600         https://bugs.webkit.org/show_bug.cgi?id=86006
2601
2602         Reviewed by Kenneth Rohde Christiansen.
2603
2604         In Qt5, the QUrl constructor can handle the string directly, even in UTF-16 because the
2605         constructor QUrl(QString) has been fixed. Unfortunately we still need to use the old
2606         code path when building with Qt4.
2607
2608         No new tests : it's a performance improvement which should be covered by tests.
2609
2610         * platform/qt/KURLQt.cpp:
2611         (WebCore::KURL::operator QUrl):
2612
2613 2012-05-10  Noel Gordon  <noel.gordon@gmail.com>
2614
2615         [chromium] REGRESSION(r107389) Visible line artifacts on some JPEG images
2616         https://bugs.webkit.org/show_bug.cgi?id=85772
2617
2618         Reviewed by Kent Tamura.
2619
2620         On some JPEG images, vertical and horizontal lines artifacts might appear in image
2621         regions with very high frequency color variation when using DCT_IFAST decodes. Use
2622         DCT_IFAST on small screen devices only (Chromium Android).
2623
2624         No new tests. Covered by existing tests.
2625
2626         * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
2627         (dctMethod): Permit DCT_IFAST decoding for Chromium Android only.
2628
2629 2012-05-10  Kenneth Rohde Christiansen  <kenneth@webkit.org>
2630
2631         [Qt] Implement fit-to-width behaviour
2632         https://bugs.webkit.org/show_bug.cgi?id=86085
2633
2634         Reviewed by Simon Hausmann.
2635
2636         Add a method to get the minimum scale factor that contains the content
2637         without showing any chrome background.
2638
2639         * dom/ViewportArguments.cpp:
2640         (WebCore::computeMinimumScaleFactorForContentContained):
2641         (WebCore):
2642         * dom/ViewportArguments.h:
2643         (WebCore):
2644
2645 2012-05-10  MORITA Hajime  <morrita@google.com>
2646
2647         Remove support for Node::willRemove()
2648         https://bugs.webkit.org/show_bug.cgi?id=55209
2649
2650         Reviewed by Ryosuke Niwa.
2651
2652         This change de-virtualizes Node::willRemove(), gains
2653         5% speedup on Dromaeo dom-modify.
2654
2655         Originally there were 5 willRemove() overrides:
2656         - Element
2657         - HTMLStyleElement
2658         - HTMLSourceElement
2659         - HTMLTrackElement
2660         - HTMLFrameOwnerElement
2661
2662         For first 4 items, this change moves their implementations to
2663         Node::removedFrom() overrides.
2664
2665         Then HTMLFrameOwnerElement is the only class which needs the
2666         notification.  Because it emits the "unload" event, it needs some
2667         notification _before_ its removal. To handle that, this change
2668         introduces ChildFrameDisconnector which collects
2669         corresponding decendant elements and disconnect their content frame.
2670
2671         Even though this approach doesn't kill pre-removal tree traversal
2672         completely, it's a bit more efficient due to the de-virtualization.
2673
2674         No new tests. Covered by existing test.
2675
2676         * dom/ContainerNode.cpp:
2677         (WebCore::willRemoveChild): Replaced willRemove() call with ChildFrameDisconnector.
2678         (WebCore::willRemoveChildren): Ditto.
2679         (WebCore::ContainerNode::disconnectDescendantFrames): Added. Used from FrameLoader to replace Document::willRemove() call.
2680         (WebCore):
2681         * dom/ContainerNode.h:
2682         (ContainerNode):
2683         * dom/ContainerNodeAlgorithms.cpp:
2684         (WebCore::ChildFrameDisconnector::collectDescendant):
2685         (WebCore):
2686         (WebCore::ChildFrameDisconnector::Target::disconnect):
2687         * dom/ContainerNodeAlgorithms.h:
2688         (ChildFrameDisconnector):
2689         (Target):
2690         (WebCore::ChildFrameDisconnector::Target::Target):
2691         (WebCore::ChildFrameDisconnector::Target::isValid):
2692         (WebCore):
2693         (WebCore::ChildFrameDisconnector::ChildFrameDisconnector):
2694         (WebCore::ChildFrameDisconnector::collectDescendant):
2695         (WebCore::ChildFrameDisconnector::disconnect):
2696         * dom/Element.cpp:
2697         (WebCore::Element::removedFrom):
2698         * dom/Element.h:
2699         * dom/ElementShadow.cpp:
2700         * dom/ElementShadow.h:
2701         (ElementShadow):
2702         * dom/Node.cpp:
2703         * dom/Node.h: Added IsFrameOwnerElement flag to de-virtualize IsFrameOwnerElement().
2704         (WebCore::Node::isFrameOwnerElement): De-virtualized.
2705         (Node):
2706         * html/HTMLElement.h:
2707         (HTMLElement):
2708         (WebCore::HTMLElement::HTMLElement):
2709         * html/HTMLFrameOwnerElement.cpp:
2710         (WebCore::HTMLFrameOwnerElement::HTMLFrameOwnerElement):
2711         (WebCore::HTMLFrameOwnerElement::disconnectContentFrame): Extracted from original willRemove().
2712         * html/HTMLFrameOwnerElement.h:
2713         (HTMLFrameOwnerElement):
2714         (WebCore::toFrameOwnerElement):
2715         (WebCore):
2716         * html/HTMLMediaElement.cpp:
2717         (WebCore::HTMLMediaElement::sourceWasRemoved): Renamed from sourceWillBeRemoved(), dealing with the timing change.
2718         * html/HTMLMediaElement.h:
2719         (HTMLMediaElement):
2720         (WebCore::isMediaElement):
2721         (WebCore):
2722         (WebCore::toMediaElement):
2723         * html/HTMLSourceElement.cpp:
2724         (WebCore::HTMLSourceElement::removedFrom): Moved some code from willRemove().
2725         * html/HTMLSourceElement.h:
2726         (HTMLSourceElement):
2727         * html/HTMLStyleElement.cpp:
2728         (WebCore::HTMLStyleElement::removedFrom):
2729         (WebCore):
2730         * html/HTMLStyleElement.h:
2731         (HTMLStyleElement):
2732         * html/HTMLTrackElement.cpp:
2733         (WebCore::HTMLTrackElement::removedFrom): Moved some code from willRemove().
2734         * html/HTMLTrackElement.h:
2735         (HTMLTrackElement):
2736         * loader/FrameLoader.cpp:
2737         (WebCore::FrameLoader::clear):
2738
2739 2012-05-10  Kinuko Yasuda  <kinuko@chromium.org>
2740
2741         Change the return type of Entry.toURL() back to String from KURL
2742         https://bugs.webkit.org/show_bug.cgi?id=85858
2743
2744         Reviewed by Ryosuke Niwa.
2745
2746         I once changed it from String to KURL in r116273 but it turned out that
2747         it involves implicit conversion and may incur extra overhead.
2748         This partly reverts r116273 while keeping some internal functions
2749         returning KURL as it's what we initially create as and is more
2750         convenient to operate on.
2751
2752         No new tests; no functional or visible changes.
2753
2754         * Modules/filesystem/EntryBase.cpp:
2755         (WebCore::EntryBase::toURL):
2756         * Modules/filesystem/EntryBase.h:
2757         (EntryBase):
2758
2759 2012-05-10  Alexander Pavlov  <apavlov@chromium.org>
2760
2761         Web Inspector: Autocomplete for CSS property values in the Styles pane behaving incorrectly
2762         https://bugs.webkit.org/show_bug.cgi?id=85784
2763
2764         Reviewed by Vsevolod Vlasov.
2765
2766         Before executing the number increment/decrement within CSS property value, the current word is checked
2767         for being a valid suggestion for the current property, and if it is, the numeric change is skipped
2768         in favor of the suggested property value switch by a suggest box.
2769
2770         * inspector/front-end/StylesSidebarPane.js:
2771
2772 2012-05-10  Abhishek Arya  <inferno@chromium.org>
2773
2774         Make DOMCharacterDataModified a scoped event (similar to r73690).
2775         https://bugs.webkit.org/show_bug.cgi?id=85920
2776
2777         Reviewed by Ryosuke Niwa.
2778
2779         DOMCharacterDataModified was missing in the list of already scoped
2780         DOM mutation events like DOMSubtreeModified, DOMNodeInserted, etc.
2781         It helps to delay event dispatches until the completion of each call
2782         of EditCommand::doApply. This has been useful in the past and helped to 
2783         prevent unexpected DOM tree mutations while the editing command is executing.
2784
2785         * dom/CharacterData.cpp:
2786         (WebCore::CharacterData::dispatchModifiedEvent):
2787
2788 2012-05-10  Alexandre Elias  <aelias@google.com>
2789
2790         Default to null value for HistoryItem::m_pageScaleFactor
2791         https://bugs.webkit.org/show_bug.cgi?id=84385
2792
2793         Reviewed by Adam Barth.
2794
2795         Previously, HistoryItem::m_pageScaleFactor defaulted to a value
2796         of 1, making it impossible to determine whether this value was never
2797         set, or intentionally set to 1.  This patch introduces a default value
2798         of 0 and makes restoreScrollPositionAndViewState not touch the page
2799         scale factor if this value is still present at time of reload.
2800
2801         This is a no-op change for common navigation scenarios.  The
2802         motivation for this change is the corner case of syncing history items
2803         from a desktop browser to a mobile device.  In that case, we need a
2804         way to specify that the history item does not contain a
2805         pageScaleFactor so that the mobile device does not display the page
2806         overly zoomed in.
2807
2808         No new tests.
2809
2810         * history/HistoryItem.cpp:
2811         (WebCore::HistoryItem::HistoryItem):
2812         * loader/HistoryController.cpp:
2813         (WebCore::HistoryController::restoreScrollPositionAndViewState):
2814
2815 2012-05-10  Csaba Osztrogonác  <ossy@webkit.org>
2816
2817         Use suitable viewport values when a Mobile DTD is used.
2818         https://bugs.webkit.org/show_bug.cgi?id=85425
2819
2820         Unreviewed debug buildfix after r116571.
2821
2822         * dom/Document.cpp:
2823         (WebCore::Document::setDocType):
2824
2825 2012-05-10  Yoshifumi Inoue  <yosin@chromium.org>
2826
2827         [Forms] Move step related methods to InputType class from HTMLInputElement class
2828         https://bugs.webkit.org/show_bug.cgi?id=85978
2829
2830         Reviewed by Kent Tamura.
2831
2832         This patch is part of re-factoring of HTMLInputElement.cpp for numeric input type.
2833         In this patch, we move implementation of getAllowedValueStep and stepUp/stepUpFromRenderer
2834         to InputType class because of these are for DateTime/Number/Range.
2835
2836         Following patches will change implementation of getAllowedValueStep to use StepRange and
2837         remove step related methods, defaultStep, stepScaleFactor, and so on.
2838
2839         No new tests. This patch should not change behavior.
2840
2841         * html/HTMLInputElement.cpp:
2842         (WebCore):
2843         (WebCore::HTMLInputElement::getAllowedValueStep):
2844         (WebCore::HTMLInputElement::stepUp):
2845         (WebCore::HTMLInputElement::stepDown):
2846         (WebCore::HTMLInputElement::stepUpFromRenderer):
2847         * html/HTMLInputElement.h:
2848         (HTMLInputElement):
2849         * html/InputType.cpp:
2850         (WebCore::InputType::applyStep):
2851         (WebCore):
2852         (WebCore::InputType::alignValueForStep):
2853         (WebCore::InputType::getAllowedValueStep):
2854         (WebCore::InputType::getAllowedValueStepWithDecimalPlaces):
2855         (WebCore::InputType::stepUp):
2856         (WebCore::InputType::stepUpFromRenderer):
2857         * html/InputType.h:
2858         (InputType):
2859
2860 2012-05-09  Kent Tamura  <tkent@chromium.org>
2861
2862         Calendar Picker: Fix a crash by changing input type.
2863         https://bugs.webkit.org/show_bug.cgi?id=86007
2864
2865         Reviewed by Hajime Morita.
2866
2867         Manual test: forms/calendar-picker-crash-by-type-change.html
2868
2869         * html/shadow/CalendarPickerElement.cpp:
2870         (WebCore::CalendarPickerElement::~CalendarPickerElement):
2871         Added. Make sure the popup is closed.
2872         * html/shadow/CalendarPickerElement.h:
2873         (CalendarPickerElement): Add declaration of the destructor.
2874
2875 2012-05-09  Gyuyoung Kim  <gyuyoung.kim@samsung.com>
2876
2877         Move suspendAnimations to use Internals interface.
2878         https://bugs.webkit.org/show_bug.cgi?id=85986
2879
2880         Reviewed by Ryosuke Niwa.
2881
2882         Add suspendAnimations functions, because it is able to work in the
2883         cross-port way through the Internals interface.
2884
2885         No new tests, since we are improving here the infra-structure for testing
2886         a specific method.
2887
2888         * testing/Internals.cpp:
2889         (WebCore::Internals::suspendAnimations):
2890         (WebCore):
2891         * testing/Internals.h:
2892         (Internals):
2893         * testing/Internals.idl:
2894
2895 2012-05-09  Charlie Reis  <creis@chromium.org>
2896
2897         Add dispatchMessageEventWithOriginCheck to DOMWindow
2898         https://bugs.webkit.org/show_bug.cgi?id=85815
2899
2900         Reviewed by Adam Barth.
2901
2902         Useful for ports that support cross-process postMessage.
2903         No new tests, since covered by existing postMessage tests.
2904
2905         * page/DOMWindow.cpp:
2906         (WebCore::DOMWindow::postMessageTimerFired):
2907         (WebCore):
2908         (WebCore::DOMWindow::dispatchMessageEventWithOriginCheck):
2909         * page/DOMWindow.h:
2910         (WebCore):
2911         (DOMWindow):
2912
2913 2012-05-09  Jason Liu  <jason.liu@torchmobile.com.cn>
2914
2915         [BlackBerry] Cookie parsing issue. If the cookie value provided was (") then the browser creates a session cookie instead.
2916         https://bugs.webkit.org/show_bug.cgi?id=85775
2917
2918         Reviewed by Rob Buis.
2919
2920         Make CookieParser::parseOneCookie handle (cookiename="cookievalue;expires=xxxx) correctly.
2921         This cookie's value is "cookievalue not "cookievalue;expires=xxxx.
2922
2923         Test: http/tests/cookies/single-quoted-value.html
2924
2925         * platform/blackberry/CookieParser.cpp:
2926         (WebCore::CookieParser::parseOneCookie):
2927
2928 2012-05-09  Raymond Liu  <raymond.liu@intel.com>
2929
2930         Add multi-channels support for CopyWithGainFrom in AudioBus
2931         https://bugs.webkit.org/show_bug.cgi?id=80675
2932
2933         Reviewed by Chris Rogers.
2934
2935         * platform/audio/AudioBus.cpp:
2936         (WebCore):
2937         (WebCore::AudioBus::AudioBus):
2938         (WebCore::AudioBus::copyWithGainFrom):
2939         * platform/audio/AudioBus.h:
2940         (AudioBus):
2941
2942 2012-05-09  Jessie Berlin  <jberlin@apple.com>
2943
2944         Crash using the new WKBundleDOMWindowExtensions APIs.
2945         https://bugs.webkit.org/show_bug.cgi?id=85888
2946
2947         Reviewed by Brady Eidson.
2948
2949         WKBundlePageWillDestroyGlobalObjectForDOMWindowExtensionCallback was only being invoked when
2950         the WKPage was destroyed, and then only for the child frames. In addition, the
2951         DOMWindowExtension was holding onto a destroyed DOMWindow and attempting to unregister from
2952         when the WK2 wrapper object was attempting to destroy the DOMWindowExtension.
2953
2954         The underlying issue here was that the DOMWindowProperties were getting disconnectFrame
2955         and willDetachPage called on them at the wrong times.
2956
2957         Rename DOMWindowProperty::disconnectFrame and reconnectFrame to disconnectFrameForPageCache
2958         and reconnectFrameFromPageCache for clarity.
2959
2960         Only invoke DOMWindowProperty::disconnectFrameForPageCache when the frame is going into the
2961         page cache.
2962
2963         In the cases where the DOMWindow is getting destroyed, the frame is being destroyed, or the
2964         DOMWindow is getting cleared because the frame is being navigated, invoke
2965         DOMWindowProperty::willDestroyGlobalObjectInFrame instead of disconnectFrame.
2966
2967         Invoke DOMWindowProperty::willDetachGlobalObjectFromFrame when a document is being detached
2968         because the frame has been detached (e.g. fast/storage/storage-detached-iframe.html) and
2969         won't be immediately destroyed.
2970
2971         Invoke DOMWindowProperty::willDestroyGlobalObjectInCachedFrame when a cached frame is
2972         being destroyed.
2973
2974         New WK2 API Test: DOMWindowExtensionNoCache.
2975
2976         * Modules/indexeddb/DOMWindowIndexedDatabase.cpp:
2977         (WebCore::DOMWindowIndexedDatabase::disconnectFrameForPageCache):
2978         Updated for disconnectFrame rename.
2979         (WebCore::DOMWindowIndexedDatabase::reconnectFrameFromPageCache):
2980         Updated for reconnectFrame rename.
2981         (WebCore::DOMWindowIndexedDatabase::willDestroyGlobalObjectInCachedFrame):
2982         Get rid of the suspended IDBFactory.
2983         (WebCore::DOMWindowIndexedDatabase::willDestroyGlobalObjectInFrame):
2984         Get rid of the IDBFactory.
2985         (WebCore::DOMWindowIndexedDatabase::willDetachGlobalObjectFromFrame):
2986         Ditto.
2987         * Modules/indexeddb/DOMWindowIndexedDatabase.h:
2988
2989         * dom/Document.cpp:
2990         (WebCore::Document::prepareForDestruction):
2991         Tell the DOMWindow before detaching the Document.
2992         * dom/Document.h:
2993
2994         * history/CachedFrame.cpp:
2995         (WebCore::CachedFrame::destroy):
2996         Tell the DOMWindow.
2997
2998         * loader/FrameLoader.cpp:
2999         (WebCore::FrameLoader::clear):
3000         Use Document::prepareForDestruction so that the DOMWindow is told about the main frame
3001         navigation before detaching the Document.
3002
3003         * loader/appcache/DOMApplicationCache.cpp:
3004         (WebCore::DOMApplicationCache::disconnectFrameForPageCache):
3005         Updated for the disconnectFrame rename.
3006         (WebCore::DOMApplicationCache::reconnectFrameFromPageCache):
3007         Updated for the reconnectFrame rename.
3008         (WebCore::DOMApplicationCache::willDestroyGlobalObjectInFrame):
3009         Cover the cases formerly covered by disconnectFrame (which was sometimes being called when
3010         called when the frame was destroyed).
3011         * loader/appcache/DOMApplicationCache.h:
3012
3013         * notifications/DOMWindowNotifications.cpp:
3014         (WebCore::DOMWindowNotifications::disconnectFrameForPageCache):
3015         Updated for the disconnectFrame rename.
3016         (WebCore::DOMWindowNotifications::reconnectFrameFromPageCache):
3017         Updated for the reconnectFrame rename.
3018         (WebCore::DOMWindowNotifications::willDestroyGlobalObjectInCachedFrame):
3019         Get rid of the suspended notification center.
3020         (WebCore::DOMWindowNotifications::willDestroyGlobalObjectInFrame):
3021         Get rid of the notification center.
3022         (WebCore::DOMWindowNotifications::willDetachGlobalObjectFromFrame):
3023         Do not allow use of the notification center by detached frames.
3024         * notifications/DOMWindowNotifications.h:
3025
3026         * page/DOMWindow.cpp:
3027         (WebCore::DOMWindow::clearDOMWindowProperties):
3028         Do not call disconnectDOMWindowProperties. It is now the responsibility of the callers to
3029         tell the DOMWindowProperties the correct cause of being cleared.
3030         (WebCore::DOMWindow::~DOMWindow):
3031         Make sure the DOMWindowProperties still know that the DOMWindow is going away.
3032         (WebCore::DOMWindow::frameDestroyed):
3033         Invoke willDestroyGlobalObjectInFrame on the DOMWindowProperties.
3034         (WebCore::DOMWindow::willDetachPage):
3035         It is no longer necessary to tell the DOMWindowProperties anything here.
3036         (WebCore::DOMWindow::willDestroyCachedFrame):
3037         Tell the DOMWindowProperties.
3038         (WebCore::DOMWindow::willDestroyDocumentInFrame):
3039         Ditto.
3040         (WebCore::DOMWindow::willDetachDocumentFromFrame):
3041         Ditto.
3042         (WebCore::DOMWindow::clear):
3043         Ditto.
3044         (WebCore::DOMWindow::disconnectDOMWindowProperties):
3045         Updated for the disconnectFrame rename.
3046         (WebCore::DOMWindow::reconnectDOMWindowProperties):
3047         Ditto.
3048         * page/DOMWindow.h:
3049
3050         * page/DOMWindowExtension.cpp:
3051         (WebCore::DOMWindowExtension::DOMWindowExtension):
3052         Move the responsibility for tracking the disconnected DOMWindow to DOMWindowProperty, since
3053         DOMWindowProperty will need it to unregister the property when a cached frame is destroyed.
3054         (WebCore::DOMWindowExtension::disconnectFrameForPageCache):
3055         Remove the code to check for disconnectFrame being called twice - it is now only called when
3056         a frame goes into the page cache.
3057         Let the DOMWindowProperty keep track of the disconnected DOMWindow.
3058         (WebCore::DOMWindowExtension::reconnectFrameFromPageCache):
3059         Let the DOMWindowProperty keep track of the disconnected DOMWindow.
3060         (WebCore::DOMWindowExtension::willDestroyGlobalObjectInCachedFrame):
3061         Dispatch the willDestroyGlobalObjectForDOMWindowExtension callback.
3062         (WebCore::DOMWindowExtension::willDestroyGlobalObjectInFrame):
3063         Ditto, but only if the callback hasn't already been sent because the frame has been detached.
3064         (WebCore::DOMWindowExtension::willDetachGlobalObjectFromFrame):
3065         Send the callback because nothing interesting can be done in the frame once it has been
3066         detached.
3067         * page/DOMWindowExtension.h:
3068
3069         * page/DOMWindowProperty.cpp:
3070         (WebCore::DOMWindowProperty::DOMWindowProperty):
3071         Keep track of the disconnected DOMWindow so it can be used to unregister the property when a
3072         cached frame is destroyed.
3073         (WebCore::DOMWindowProperty::~DOMWindowProperty):
3074         Also unregister the property when a DOMWindowProperty for a cached frame is destroyed.
3075         (WebCore::DOMWindowProperty::disconnectFrameForPageCache):
3076         Keep track of the disconnected DOMWindow.
3077         (WebCore::DOMWindowProperty::reconnectFrameFromPageCache):
3078         Ditto.
3079         (WebCore::DOMWindowProperty::willDestroyGlobalObjectInCachedFrame):
3080         Unregister the property from the disconnected DOMWindow.
3081         (WebCore::DOMWindowProperty::willDestroyGlobalObjectInFrame):
3082         Unregister the property from the DOMWindow and stop keeping track of the frame.
3083         (WebCore::DOMWindowProperty::willDetachGlobalObjectFromFrame):
3084         Do not set m_frame to 0 because detached frames still have access to the DOMWindow, even if
3085         they can't do anything meaningful with it.
3086         * page/DOMWindowProperty.h:
3087
3088         * page/Frame.cpp:
3089         (WebCore::Frame::setView):
3090         Tell the DOMWindow that the Document is being detached so it can tell the
3091         DOMWindowProperties.
3092
3093         * page/PointerLock.cpp:
3094         (WebCore::PointerLock::disconnectFrameForPageCache):
3095         Updated for disconnectFrame rename.
3096         (WebCore::PointerLock::willDestroyGlobalObjectInFrame):
3097         Cover the cases formerly covered by disconnectFrame (which was sometimes being called when
3098         called when the frame was destroyed).
3099         * page/PointerLock.h:
3100
3101 2012-05-09  Ian Vollick  <vollick@chromium.org>
3102
3103         [chromium] Ensure animations get ticked at least once when added.
3104         https://bugs.webkit.org/show_bug.cgi?id=86013
3105
3106         Reviewed by James Robinson.
3107
3108         Tested in
3109           CCLayerTreeHostTestTickAnimationWhileBackgrounded.runSingleThreaded
3110           CCLayerTreeHostTestAddAnimationWithTimingFunction.runSingleThreaded
3111           CCLayerTreeHostTestSynchronizeAnimationStartTimes.runSingleThreaded
3112           CCLayerTreeHostTestAnimationFinishedEvents.runSingleThreaded
3113
3114         * platform/graphics/chromium/LayerChromium.cpp:
3115         (WebCore::LayerChromium::addAnimation):
3116         * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:
3117         (WebCore::CCLayerAnimationController::pushNewAnimationsToImplThread):
3118         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
3119         (WebCore::CCLayerTreeHost::finishCommitOnImplThread):
3120         (WebCore::CCLayerTreeHost::didAddAnimation):
3121         (WebCore):
3122         (WebCore::CCLayerTreeHost::didBecomeInvisibleOnImplThread):
3123         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
3124         (CCLayerTreeHost):
3125         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
3126         (WebCore::CCLayerTreeHostImpl::CCLayerTreeHostImpl):
3127         * platform/graphics/chromium/cc/CCProxy.h:
3128         (CCProxy):
3129         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
3130         (CCSingleThreadProxyAnimationTimer):
3131         (WebCore::CCSingleThreadProxyAnimationTimer::create):
3132         (WebCore::CCSingleThreadProxyAnimationTimer::CCSingleThreadProxyAnimationTimer):
3133         (WebCore):
3134         (WebCore::CCSingleThreadProxy::CCSingleThreadProxy):
3135         (WebCore::CCSingleThreadProxy::didAddAnimation):
3136         (WebCore::CCSingleThreadProxy::doComposite):
3137         * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
3138         (WebCore):
3139         * platform/graphics/chromium/cc/CCThreadProxy.h:
3140
3141 2012-05-09  Adam Barth  <abarth@webkit.org>
3142
3143         Implement HTML Media Capture
3144         https://bugs.webkit.org/show_bug.cgi?id=85958
3145
3146         Reviewed by Eric Seidel.
3147
3148         This patch begins the implementation of
3149         http://www.w3.org/TR/html-media-capture/ by adding the capture
3150         attribute to HTMLInputElement.
3151
3152         Test: fast/forms/file/file-input-capture.html
3153
3154         * html/FileInputType.cpp:
3155         (WebCore::FileInputType::handleDOMActivateEvent):
3156         * html/HTMLAttributeNames.in:
3157         * html/HTMLInputElement.cpp:
3158         (WebCore):
3159         (WebCore::HTMLInputElement::capture):
3160         (WebCore::HTMLInputElement::setCapture):
3161         * html/HTMLInputElement.h:
3162         (HTMLInputElement):
3163         * html/HTMLInputElement.idl:
3164         * platform/FileChooser.h:
3165         (FileChooserSettings):
3166
3167 2012-05-09  Charles Wei  <charles.wei@torchmobile.com.cn>
3168
3169         [BlackBerry]  Refactor data scheme support
3170         https://bugs.webkit.org/show_bug.cgi?id=85938
3171
3172         Reviewed by Rob Buis.
3173
3174         We will create a DataStream in our platform repository,
3175         so that can be wrapped up by NetworkJob for webkit rendering,
3176         and by DownloadStream for downloading.
3177
3178         Refactor, no new tests.
3179
3180         * platform/network/blackberry/NetworkJob.cpp:
3181         (WebCore::NetworkJob::NetworkJob):
3182         (WebCore::NetworkJob::initialize):
3183         (WebCore::NetworkJob::cancelJob):
3184         (WebCore::NetworkJob::sendResponseIfNeeded):
3185         * platform/network/blackberry/NetworkJob.h:
3186         (NetworkJob):
3187         * platform/network/blackberry/NetworkManager.cpp:
3188         (WebCore::NetworkManager::startJob):
3189
3190 2012-05-09  Dana Jansens  <danakj@chromium.org>
3191
3192         [chromium] Don't draw when canDraw() is false
3193         https://bugs.webkit.org/show_bug.cgi?id=85829
3194
3195         Reviewed by Adrienne Walker.
3196
3197         This is based on the work of Daniel Sievers in bug
3198         https://bugs.webkit.org/show_bug.cgi?id=82680. When canDraw() is false,
3199         we should not call drawLayers() or prepareToDraw() in both Single- and
3200         Multi-Threaded mode.
3201
3202         drawLayers() is crashing in single threaded mode, and this attempts to
3203         prevent it from being called with invalid state. While making it behave
3204         properly in single-threaded mode, it seems appropriate to unrevert the
3205         parts of 82680 that made threaded mode behave similarly appropriately.
3206
3207         A single-threaded test is not included since LTHTests is unable to run
3208         in single-threaded mode at this time (pending work from Ian Vollick). So
3209         we test in threaded mode only with a note to include a single thread
3210         version.
3211
3212         Tests: CCLayerTreeHostTestCanDrawBlocksDrawing.runMultiThread
3213
3214         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
3215         (WebCore::CCLayerTreeHostImpl::prepareToDraw):
3216         (WebCore::CCLayerTreeHostImpl::drawLayers):
3217         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
3218         (WebCore::CCSingleThreadProxy::doComposite):
3219         * platform/graphics/chromium/cc/CCThreadProxy.cpp:
3220         (WebCore::CCThreadProxy::scheduledActionDrawAndSwapInternal):
3221
3222 2012-05-09  Martin Robinson  <mrobinson@igalia.com>
3223
3224         [Cairo] GLContextGLX releases the context with an uninitialized display
3225         https://bugs.webkit.org/show_bug.cgi?id=86039
3226
3227         Reviewed by Philippe Normand.
3228
3229         No new tests. This does not change behavior on most machines, but has
3230         the potential to prevent a pretty nasty crash on others.
3231
3232         Use the shared display to release GLX contexts instead of the uninitialized
3233         m_display member.
3234
3235         * platform/graphics/glx/GLContextGLX.cpp:
3236         (WebCore::GLContextGLX::~GLContextGLX): Release the display with the shared
3237         display.
3238         * platform/graphics/glx/GLContextGLX.h:
3239         (GLContextGLX): Remove the m_display member.
3240
3241 2012-05-09  Tony Gentilcore  <tonyg@chromium.org>
3242
3243         Subresources loaded after a reload completes shouldn't be revalidated.
3244         https://bugs.webkit.org/show_bug.cgi?id=84614
3245
3246         Based on patch by Darin Fisher.
3247
3248         Reviewed by Darin Fisher.
3249
3250         Tests: http/tests/cache/loaded-from-cache-after-reload-within-iframe.html
3251                http/tests/cache/loaded-from-cache-after-reload.html
3252
3253         * loader/FrameLoader.cpp:
3254         (WebCore::FrameLoader::checkLoadCompleteForThisFrame): Reset m_loadType after the load completes.
3255
3256 2012-05-09  Erik Arvidsson  <arv@chromium.org>
3257
3258         [V8] Fix issue where V8BindingPerContextData could keep the context object alive
3259         https://bugs.webkit.org/show_bug.cgi?id=86036
3260
3261         Reviewed by Kentaro Hara.
3262
3263         This is a partial revert of http://trac.webkit.org/changeset/114320/. This keeps
3264         the layout tests that were introduced since it turns out that
3265         http://trac.webkit.org/changeset/114989 fixes the tests too.
3266
3267         Covered by: http/tests/security/isolatedWorld/context-destroy.html
3268
3269         * bindings/v8/V8IsolatedContext.cpp:
3270         (WebCore::V8IsolatedContext::destroy):
3271
3272 2012-05-09  Anders Carlsson  <andersca@apple.com>
3273
3274         Speed up some parts of TileCache drawing
3275         https://bugs.webkit.org/show_bug.cgi?id=86033
3276         <rdar://problem/10919373>
3277
3278         Reviewed by Sam Weinig.
3279
3280         * platform/graphics/ca/mac/TileCache.mm:
3281         (WebCore::TileCache::tileCoverageRect):
3282         If we can't have scrollbars, there's not much need to extend the tile coverage rect outside of the visible rect, since it's
3283         unlikely that we'll do any form of scrolling here.
3284
3285         (WebCore::TileCache::revalidateTiles):
3286         Don't update the tile layer frame if it's big enough to contain the tile size. Also, if there are no new tiles created,
3287         don't call platformCALayerDidCreateTiles since that will trigger an extra layer flush.
3288
3289 2012-05-09  Alexandre Elias  <aelias@google.com>
3290
3291         setPageScaleFactor should setScrollPosition if scale is unchanged
3292         https://bugs.webkit.org/show_bug.cgi?id=84400
3293
3294         Reviewed by Adam Barth.
3295
3296         Previously, setPageScaleFactor forgot about its "origin" argument if
3297         the page scale factor is unchanged.  This has proven undesirable in
3298         practice because, for example, a single pinch gesture may zoom in and
3299         back out to the original page scale factor, but at a different scroll
3300         offset.
3301
3302         New test case added to scale-and-scroll-body-expected.txt
3303
3304         * page/Page.cpp:
3305         (WebCore::Page::setPageScaleFactor):
3306
3307 2012-05-09  Hugo Parente Lima  <hugo.lima@openbossa.org>
3308
3309         Use suitable viewport values on XHTML-MP pages.
3310         https://bugs.webkit.org/show_bug.cgi?id=85425
3311
3312         Reviewed by Kenneth Rohde Christiansen.
3313
3314         Tests: fast/viewport/viewport-legacy-xhtmlmp-misplaced-doctype.html
3315                fast/viewport/viewport-legacy-xhtmlmp-ordering.html
3316                fast/viewport/viewport-legacy-xhtmlmp.html
3317
3318         Use device-width and device-height as viewport size on
3319         XHTML-MP pages if the use feature LEGACY_VIEWPORT_ADAPTION
3320         is set according as the non normative section of
3321         http://www.w3.org/TR/css-device-adapt/
3322
3323         * dom/Document.cpp:
3324         (WebCore::Document::setDocType):
3325
3326 2012-05-09  Beth Dakin  <bdakin@apple.com>
3327
3328         https://bugs.webkit.org/show_bug.cgi?id=86025
3329         RTL and vertical text documents do no scroll properly with the new 
3330         tiled scrolling model
3331         -and corresponding-
3332         <rdar://problem/11077589>
3333
3334         Reviewed by Dan Bernstein.
3335         
3336         Most of the fix here is just to teach the scrolling tree about the 
3337         scroll origin.
3338         * page/scrolling/ScrollingCoordinator.cpp:
3339         (WebCore::ScrollingCoordinator::frameViewLayoutUpdated):
3340         (WebCore::ScrollingCoordinator::setScrollParameters):
3341         * page/scrolling/ScrollingCoordinator.h:
3342         (ScrollParameters):
3343         * page/scrolling/ScrollingTreeNode.cpp:
3344         (WebCore::ScrollingTreeNode::update):
3345         * page/scrolling/ScrollingTreeNode.h:
3346         (WebCore::ScrollingTreeNode::scrollOrigin):
3347         (ScrollingTreeNode):
3348         * page/scrolling/ScrollingTreeState.cpp:
3349         (WebCore::ScrollingTreeState::setScrollOrigin):
3350         (WebCore):
3351         * page/scrolling/ScrollingTreeState.h:
3352         (WebCore::ScrollingTreeState::scrollOrigin):
3353         (ScrollingTreeState):
3354         * page/scrolling/mac/ScrollingTreeNodeMac.mm:
3355         (WebCore::ScrollingTreeNodeMac::scrollPosition):
3356         (WebCore::ScrollingTreeNodeMac::setScrollLayerPosition):
3357         (WebCore::ScrollingTreeNodeMac::minimumScrollPosition):
3358         (WebCore::ScrollingTreeNodeMac::maximumScrollPosition):
3359         * rendering/RenderLayerCompositor.cpp:
3360         (WebCore::RenderLayerCompositor::frameViewDidScroll):
3361
3362         Teaching the scrolling tree about the scroll origin revealed this pre-
3363         existing bug. layoutOverflowRect() is not the right rect to use since 
3364         it is not writing-mode savvy. unscaledDocumentRect() is the right rect 
3365         for the view's bounds.
3366         * rendering/RenderLayerBacking.cpp:
3367         (WebCore::RenderLayerBacking::updateCompositedBounds):
3368
3369 2012-05-09  Rob Buis  <rwlbuis@webkit.org>
3370
3371         Cleanup SVGElement.cpp
3372         https://bugs.webkit.org/show_bug.cgi?id=86004
3373
3374         Reviewed by Eric Seidel.
3375
3376         Remove unneeded includes. We do not need to check attr in SVGElement::attributeChanged,
3377         lower layers assume it is non-null and we do not call attributeChanged in SVG.
3378
3379         * svg/SVGElement.cpp:
3380         (WebCore::SVGElement::attributeChanged):
3381         (WebCore::SVGElement::isAnimatableAttribute):
3382
3383 2012-05-09  Jochen Eisinger  <jochen@chromium.org>
3384
3385         When creating a new page during a navigation, prime the initial document with the correct referrer policy
3386         https://bugs.webkit.org/show_bug.cgi?id=86001
3387
3388         Reviewed by Adam Barth.
3389
3390         Test: http/tests/security/referrer-policy-redirect-link.html
3391
3392         * dom/Document.h:
3393         (WebCore::Document::setReferrerPolicy):
3394         * loader/FrameLoader.cpp:
3395         (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
3396
3397 2012-05-09  Alec Flett  <alecflett@chromium.org>
3398
3399         IndexedDB: call abort handler when there are problems committing
3400         https://bugs.webkit.org/show_bug.cgi?id=85841
3401
3402         Reviewed by Ojan Vafai.
3403
3404         No new tests. Every existing test that calls commit() is testing
3405         the success side of this, and this only throws when there are
3406         LevelDB errors, which is exactly what we're trying to diagnose
3407         with this patch.
3408
3409         * Modules/indexeddb/IDBBackingStore.h:
3410         (Transaction):
3411         * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
3412         (WebCore::IDBLevelDBBackingStore::deleteDatabase):
3413         (WebCore::IDBLevelDBBackingStore::Transaction::commit):
3414         * Modules/indexeddb/IDBLevelDBBackingStore.h:
3415         (Transaction):
3416         * Modules/indexeddb/IDBTransactionBackendImpl.cpp:
3417         (WebCore::IDBTransactionBackendImpl::commit):
3418
3419 2012-05-09  Mark Pilgrim  <pilgrim@chromium.org>
3420
3421         [Chromium] Remove PlatformSupport::loadPlatformImageResource, call loadResource directly
3422         https://bugs.webkit.org/show_bug.cgi?id=84417
3423
3424         Reviewed by Adam Barth.
3425
3426         Part of a refactoring series. See tracking bug 82948.
3427
3428         * WebCore.gyp/WebCore.gyp:
3429         * WebCore.gypi:
3430         * platform/chromium/PlatformSupport.h:
3431         (PlatformSupport):
3432         * platform/graphics/chromium/ImageChromium.cpp:
3433         (WebCore::Image::loadPlatformResource):
3434         * platform/graphics/chromium/ImageChromiumMac.mm: Removed.
3435
3436 2012-05-09  Rob Buis  <rbuis@rim.com>
3437
3438         Remove some isSVGFoo methods
3439         https://bugs.webkit.org/show_bug.cgi?id=86009
3440
3441         Reviewed by Eric Seidel.
3442
3443         These are not used at the moment and were probably just copy and pasted from
3444         isSVGFoo methods in RenderObject.h.
3445
3446         * rendering/RenderObject.h:
3447         * rendering/svg/RenderSVGEllipse.h:
3448         (RenderSVGEllipse):
3449         * rendering/svg/RenderSVGRect.h:
3450         (RenderSVGRect):
3451         * rendering/svg/RenderSVGShape.h:
3452
3453 2012-05-09  Ian Vollick  <vollick@chromium.org>
3454
3455         [chromium] Add impl-thread support for fill-mode and direction css animation properties
3456         https://bugs.webkit.org/show_bug.cgi?id=77662
3457
3458         Reviewed by James Robinson.
3459