20% regression on dom_perf/DomDivWalk
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2013-01-22  Matt Falkenhagen  <falken@chromium.org>
2
3         20% regression on dom_perf/DomDivWalk
4         https://bugs.webkit.org/show_bug.cgi?id=106726
5
6         Reviewed by Hajime Morita.
7
8         This patch moves the checks in Element::removedFrom for Fullscreen and top layer flags
9         into a slow path. The idea is for the two checks for Fullscreen and top layer
10         to be replaced by one faster check in the fast path.
11
12         The plan is to migrate the Fullscreen implementation to use top layer, so this is just a
13         short-term fix for the perf regression.
14
15         No new tests: no functionality change
16
17         * dom/Element.cpp:
18         (WebCore::Element::removedFrom): Create a slow path to move the Fullscreen and top layer checks into.
19         * dom/Node.cpp:
20         (WebCore::Node::setIsInTopLayer): To allow for cleaner code in Element::removedFrom, define
21         setIsInTopLayer and isInTopLayer even when the feature flag is off.
22         * dom/Node.h:
23         (WebCore::Node::isInTopLayer): Ditto.
24         (Node):
25
26 2013-01-22  Mark Lam  <mark.lam@apple.com>
27
28         Change the Supplementable class to not use AtomicString.
29         https://bugs.webkit.org/show_bug.cgi?id=107535.
30
31         Reviewed by Adam Barth.
32
33         Replaced the use of AtomicString keys with literal const char* keys.
34         This simplifies the SupplementMap and makes it slightly leaner and faster.
35
36         No new tests.
37
38         * Modules/battery/BatteryController.cpp:
39         (WebCore::BatteryController::supplementName):
40         * Modules/battery/BatteryController.h:
41         (BatteryController):
42         * Modules/battery/NavigatorBattery.cpp:
43         (WebCore::NavigatorBattery::supplementName):
44         (WebCore):
45         (WebCore::NavigatorBattery::from):
46         * Modules/battery/NavigatorBattery.h:
47         (NavigatorBattery):
48         * Modules/filesystem/chromium/DraggedIsolatedFileSystem.cpp:
49         (WebCore::DraggedIsolatedFileSystem::supplementName):
50         * Modules/filesystem/chromium/DraggedIsolatedFileSystem.h:
51         (DraggedIsolatedFileSystem):
52         * Modules/gamepad/NavigatorGamepad.cpp:
53         (WebCore::NavigatorGamepad::supplementName):
54         (WebCore):
55         (WebCore::NavigatorGamepad::from):
56         * Modules/gamepad/NavigatorGamepad.h:
57         (NavigatorGamepad):
58         * Modules/geolocation/GeolocationController.cpp:
59         (WebCore::GeolocationController::supplementName):
60         * Modules/geolocation/GeolocationController.h:
61         (GeolocationController):
62         * Modules/geolocation/NavigatorGeolocation.cpp:
63         (WebCore::NavigatorGeolocation::supplementName):
64         (WebCore):
65         (WebCore::NavigatorGeolocation::from):
66         * Modules/geolocation/NavigatorGeolocation.h:
67         (NavigatorGeolocation):
68         * Modules/indexeddb/DOMWindowIndexedDatabase.cpp:
69         (WebCore::DOMWindowIndexedDatabase::supplementName):
70         (WebCore):
71         (WebCore::DOMWindowIndexedDatabase::from):
72         * Modules/indexeddb/DOMWindowIndexedDatabase.h:
73         (DOMWindowIndexedDatabase):
74         * Modules/indexeddb/PageGroupIndexedDatabase.cpp:
75         (WebCore::PageGroupIndexedDatabase::supplementName):
76         (WebCore):
77         (WebCore::PageGroupIndexedDatabase::from):
78         * Modules/indexeddb/PageGroupIndexedDatabase.h:
79         (PageGroupIndexedDatabase):
80         * Modules/indexeddb/WorkerContextIndexedDatabase.cpp:
81         (WebCore::WorkerContextIndexedDatabase::supplementName):
82         (WebCore):
83         (WebCore::WorkerContextIndexedDatabase::from):
84         * Modules/indexeddb/WorkerContextIndexedDatabase.h:
85         (WorkerContextIndexedDatabase):
86         * Modules/intents/DOMWindowIntents.cpp:
87         (WebCore::DOMWindowIntents::supplementName):
88         (WebCore):
89         (WebCore::DOMWindowIntents::from):
90         * Modules/intents/DOMWindowIntents.h:
91         (DOMWindowIntents):
92         * Modules/mediastream/UserMediaController.cpp:
93         (WebCore::UserMediaController::supplementName):
94         * Modules/mediastream/UserMediaController.h:
95         (UserMediaController):
96         * Modules/navigatorcontentutils/NavigatorContentUtils.cpp:
97         (WebCore::NavigatorContentUtils::supplementName):
98         * Modules/navigatorcontentutils/NavigatorContentUtils.h:
99         (NavigatorContentUtils):
100         * Modules/networkinfo/NavigatorNetworkInfoConnection.cpp:
101         (WebCore::NavigatorNetworkInfoConnection::supplementName):
102         (WebCore):
103         (WebCore::NavigatorNetworkInfoConnection::from):
104         * Modules/networkinfo/NavigatorNetworkInfoConnection.h:
105         (NavigatorNetworkInfoConnection):
106         * Modules/networkinfo/NetworkInfoController.cpp:
107         (WebCore::NetworkInfoController::supplementName):
108         * Modules/networkinfo/NetworkInfoController.h:
109         (NetworkInfoController):
110         * Modules/notifications/DOMWindowNotifications.cpp:
111         (WebCore::DOMWindowNotifications::supplementName):
112         (WebCore):
113         (WebCore::DOMWindowNotifications::from):
114         * Modules/notifications/DOMWindowNotifications.h:
115         (DOMWindowNotifications):
116         * Modules/notifications/NotificationController.cpp:
117         (WebCore::NotificationController::supplementName):
118         * Modules/notifications/NotificationController.h:
119         (NotificationController):
120         * Modules/notifications/WorkerContextNotifications.cpp:
121         (WebCore::WorkerContextNotifications::supplementName):
122         (WebCore):
123         (WebCore::WorkerContextNotifications::from):
124         * Modules/notifications/WorkerContextNotifications.h:
125         (WorkerContextNotifications):
126         * Modules/quota/DOMWindowQuota.cpp:
127         (WebCore::DOMWindowQuota::supplementName):
128         (WebCore):
129         (WebCore::DOMWindowQuota::from):
130         * Modules/quota/DOMWindowQuota.h:
131         (DOMWindowQuota):
132         * Modules/speech/DOMWindowSpeechSynthesis.cpp:
133         (WebCore::DOMWindowSpeechSynthesis::supplementName):
134         (WebCore):
135         (WebCore::DOMWindowSpeechSynthesis::from):
136         * Modules/speech/DOMWindowSpeechSynthesis.h:
137         (DOMWindowSpeechSynthesis):
138         * Modules/speech/SpeechRecognitionController.cpp:
139         (WebCore::SpeechRecognitionController::supplementName):
140         * Modules/speech/SpeechRecognitionController.h:
141         (SpeechRecognitionController):
142         * Modules/vibration/Vibration.cpp:
143         (WebCore::Vibration::supplementName):
144         * Modules/vibration/Vibration.h:
145         (Vibration):
146         * Modules/webdatabase/DatabaseContext.cpp:
147         (WebCore::DatabaseContext::supplementName):
148         (WebCore):
149         (WebCore::DatabaseContext::existingDatabaseContextFrom):
150         (WebCore::DatabaseContext::from):
151         * Modules/webdatabase/DatabaseContext.h:
152         (DatabaseContext):
153         * dom/ContextFeatures.cpp:
154         (WebCore::ContextFeatures::supplementName):
155         * dom/ContextFeatures.h:
156         * dom/DeviceMotionController.cpp:
157         (WebCore::DeviceMotionController::supplementName):
158         * dom/DeviceMotionController.h:
159         (DeviceMotionController):
160         * dom/DeviceOrientationController.cpp:
161         (WebCore::DeviceOrientationController::supplementName):
162         * dom/DeviceOrientationController.h:
163         (DeviceOrientationController):
164         * loader/PrerendererClient.cpp:
165         (WebCore::PrerendererClient::supplementName):
166         * loader/PrerendererClient.h:
167         (PrerendererClient):
168         * page/DOMWindowPagePopup.cpp:
169         (WebCore::DOMWindowPagePopup::supplementName):
170         * page/DOMWindowPagePopup.h:
171         (DOMWindowPagePopup):
172         * page/SpeechInput.cpp:
173         (WebCore::SpeechInput::supplementName):
174         * page/SpeechInput.h:
175         (SpeechInput):
176         * platform/RefCountedSupplement.h:
177         (WebCore::RefCountedSupplement::provideTo):
178         (WebCore::RefCountedSupplement::from):
179         * platform/Supplementable.h:
180         (WebCore):
181         (WebCore::Supplement::provideTo):
182         (WebCore::Supplement::from):
183         (WebCore::Supplementable::provideSupplement):
184         (WebCore::Supplementable::removeSupplement):
185         (WebCore::Supplementable::requireSupplement):
186         (Supplementable):
187         * testing/InternalSettings.cpp:
188         (WebCore::InternalSettings::supplementName):
189         (WebCore):
190         (WebCore::InternalSettings::from):
191         * testing/InternalSettings.h:
192         (InternalSettings):
193
194 2013-01-22  Hajime Morrita  <morrita@google.com>
195
196         non-ENABLE(DETAILS_ELEMENT) build fails.
197         https://bugs.webkit.org/show_bug.cgi?id=107626
198
199         Reviewed by Kent Tamura.
200
201         No new tests, build configuration change.
202
203         * rendering/RenderObject.h:
204         (RenderObject): Added a missing condition.
205
206 2013-01-22  Dima Gorbik  <dgorbik@apple.com>
207
208         Whitelist should also work for the WebVTT ::cue element without an argument
209         https://bugs.webkit.org/show_bug.cgi?id=107488
210
211         Reviewed by Andreas Kling.
212         
213         Apply filtering if the cue shadow pseudoId is set on the selector.
214
215         Existing tests were modified to cover this case.
216
217         * css/RuleSet.cpp:
218         (WebCore::determinePropertyWhitelistType):
219         * html/shadow/MediaControlElements.cpp:
220         (WebCore::MediaControlTextTrackContainerElement::createSubtrees):
221         * html/track/TextTrackCue.h:
222         (WebCore::TextTrackCue::cueShadowPseudoId):
223
224 2013-01-22  Hayato Ito  <hayato@chromium.org>
225
226         Make MediaQueryEvaluator(bool) constructor explicit.
227         https://bugs.webkit.org/show_bug.cgi?id=107620
228
229         Reviewed by Hajime Morita.
230
231         No new tests: no change in behavior.
232
233         * css/MediaQueryEvaluator.h:
234         (MediaQueryEvaluator):
235
236 2013-01-22  Anders Carlsson  <andersca@apple.com>
237
238         Use a platform strategy for local storage
239         https://bugs.webkit.org/show_bug.cgi?id=107600
240
241         Reviewed by Andreas Kling.
242
243         * CMakeLists.txt:
244         * GNUmakefile.list.am:
245         * WebCore.exp.in:
246         * WebCore.gypi:
247         * WebCore.vcproj/WebCore.vcproj:
248         * WebCore.xcodeproj/project.pbxproj:
249         Add new files.
250
251         * platform/PlatformStrategies.h:
252         Add a way to create/get the storage strategy.
253
254         * storage/StorageNamespace.cpp:
255         (WebCore::StorageNamespace::localStorageNamespace):
256         (WebCore::StorageNamespace::sessionStorageNamespace):
257         Call the storage strategy.
258
259         * storage/StorageNamespace.h:
260         * storage/StorageStrategy.cpp: Added.
261         (WebCore::StorageStrategy::localStorageNamespace):
262         (WebCore::StorageStrategy::sessionStorageNamespace):
263         Call through to StorageNamespaceImpl.
264
265         * storage/StorageStrategy.h: Added.
266
267 2013-01-22  Jun Jiang  <jun.a.jiang@intel.com>
268
269         Optimize the texture packing for texImage2D() and texSubImage2D() in WebGL
270         https://bugs.webkit.org/show_bug.cgi?id=105821
271
272         Reviewed by Kenneth Russell.
273
274         The original texture packing code uses function pointers to denote each unpack and pack operations for different combination of Source formats,
275         Destination formats and Alpha Operations. It could be made cleaner and simpler. In this patch, template functions are used and try best to avoid
276         generating useless code for unreachable path to avoid code bloat. Moreover, the flipY operation is moved into the pack operation instead of
277         operating in a standalone method to improve performance.
278
279         Already covered by current test.
280
281         * html/canvas/WebGLRenderingContext.cpp:
282         (WebCore):
283         (WebCore::WebGLRenderingContext::texImage2DImpl):
284         (WebCore::WebGLRenderingContext::texSubImage2DImpl):
285         * platform/graphics/GraphicsContext3D.cpp:
286         (WebCore::GraphicsContext3D::packImageData):
287         (WebCore::GraphicsContext3D::extractImageData):
288         (WebCore::GraphicsContext3D::extractTextureData):
289         (WebCore):
290         (WebCore::GraphicsContext3D::packPixels):
291         * platform/graphics/GraphicsContext3D.h:
292         (WebCore::GraphicsContext3D::srcFormatComeFromDOMElementOrImageData):
293         (GraphicsContext3D):
294         (WebCore::GraphicsContext3D::ImageExtractor::imageSourceFormat):
295         (ImageExtractor):
296         * platform/graphics/cairo/GraphicsContext3DCairo.cpp:
297         (WebCore::GraphicsContext3D::ImageExtractor::extractImage):
298         * platform/graphics/cg/GraphicsContext3DCG.cpp:
299         (WebCore::getSourceDataFormat):
300         (WebCore::GraphicsContext3D::ImageExtractor::extractImage):
301         * platform/graphics/efl/GraphicsContext3DEfl.cpp:
302         (WebCore::GraphicsContext3D::ImageExtractor::extractImage):
303         * platform/graphics/qt/GraphicsContext3DQt.cpp:
304         (WebCore::GraphicsContext3D::ImageExtractor::extractImage):
305         * platform/graphics/skia/GraphicsContext3DSkia.cpp:
306         (WebCore::GraphicsContext3D::ImageExtractor::extractImage):
307
308 2013-01-21  Kentaro Hara  <haraken@chromium.org>
309
310         Implement UIEvent constructor
311         https://bugs.webkit.org/show_bug.cgi?id=107430
312
313         Reviewed by Adam Barth.
314
315         Editor's draft: https://dvcs.w3.org/hg/d4e/raw-file/tip/source_respec.htm
316
317         UIEvent constructor is implemented under a DOM4_EVENTS_CONSTRUCTOR flag,
318         which is enabled on Safari and Chromium for now.
319
320         Test: fast/events/constructors/ui-event-constructor.html
321
322         * Configurations/FeatureDefines.xcconfig:
323         * bindings/scripts/CodeGeneratorV8.pm:
324         (GenerateHeader):
325         * bindings/scripts/test/V8/V8TestInterface.h:
326         (V8TestInterface):
327         * dom/UIEvent.cpp:
328         (WebCore::UIEventInit::UIEventInit):
329         (WebCore):
330         (WebCore::UIEvent::UIEvent):
331         * dom/UIEvent.h:
332         (WebCore):
333         (UIEventInit):
334         (UIEvent):
335         (WebCore::UIEvent::create):
336         (WebCore::UIEvent::view):
337         (WebCore::UIEvent::detail):
338         (FocusInEventDispatchMediator):
339         (FocusOutEventDispatchMediator):
340         * dom/UIEvent.idl:
341
342 2013-01-22  Joshua Bell  <jsbell@chromium.org>
343
344         IndexedDB: Remove IDBKey from WebKitIDL
345         https://bugs.webkit.org/show_bug.cgi?id=97375
346
347         Reviewed by Kentaro Hara.
348
349         Now that references to the artificial IDBKey type have been removed from all IDLs, remove
350         the support code, and move the conversion code into the IDBBindingUtilities. Removes
351         references to the autogenerated {V8,JS}IDBKey{Custom,}.{cpp,h} from the project files.
352
353         No new tests - just code moves/removing unused code. Updated binding reference test results.
354
355         * CMakeLists.txt:
356         * DerivedSources.cpp:
357         * DerivedSources.make:
358         * DerivedSources.pri:
359         * GNUmakefile.list.am:
360         * Modules/indexeddb/IDBKey.idl: Removed.
361         * Target.pri:
362         * UseJSC.cmake:
363         * UseV8.cmake:
364         * WebCore.gypi:
365         * WebCore.vcproj/WebCore.vcproj:
366         * WebCore.xcodeproj/project.pbxproj:
367         * bindings/js/IDBBindingUtilities.cpp:
368         (WebCore::toJS): Moved here from JSIDBKeyCustom.cpp
369         (WebCore):
370         * bindings/js/JSIDBKeyCustom.cpp: Removed.
371         * bindings/scripts/CodeGeneratorJS.pm:
372         (JSValueToNative):
373         * bindings/scripts/CodeGeneratorV8.pm:
374         (GenerateFunctionCallString):
375         (GetNativeType):
376         (JSValueToNative):
377         * bindings/scripts/test/CPP/WebDOMTestObj.cpp:
378         * bindings/scripts/test/CPP/WebDOMTestObj.h:
379         * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp:
380         * bindings/scripts/test/GObject/WebKitDOMTestObj.h:
381         * bindings/scripts/test/JS/JSTestObj.cpp:
382         * bindings/scripts/test/JS/JSTestObj.h:
383         * bindings/scripts/test/ObjC/DOMTestObj.h:
384         * bindings/scripts/test/ObjC/DOMTestObj.mm:
385         * bindings/scripts/test/TestObj.idl: Removed IDBKey-specific test.
386         * bindings/scripts/test/V8/V8TestObj.cpp:
387         * bindings/v8/IDBBindingUtilities.cpp:
388         (WebCore::toV8): Moved here from V8IDBKeyCustom.cpp
389         (WebCore):
390         * bindings/v8/custom/V8IDBKeyCustom.cpp: Removed.
391
392 2013-01-22  Tony Gentilcore  <tonyg@chromium.org>
393
394         Fix assertions in make8BitFrom16BitSource() with threaded parser
395         https://bugs.webkit.org/show_bug.cgi?id=107596
396
397         Reviewed by Adam Barth.
398
399         This fixes an assertion in several fast/parser tests. We need to keep track of whether the data is all 8bit.
400         Luckily this doesn't cost us any size on CompactHTMLToken because the bitfields are collapsed (verified by COMPILE_ASSERT).
401
402         No new tests because covered by existing fast/parser tests.
403
404         * html/parser/CompactHTMLToken.cpp:
405         (WebCore::CompactHTMLToken::CompactHTMLToken):
406         * html/parser/CompactHTMLToken.h:
407         (WebCore::CompactHTMLToken::isAll8BitData):
408         (CompactHTMLToken):
409         * html/parser/HTMLToken.h:
410         (WebCore::AtomicHTMLToken::AtomicHTMLToken):
411
412 2013-01-22  Tony Gentilcore  <tonyg@chromium.org>
413
414         Fix ASSERT(!hasInsertionPoint()) in threaded HTML parser
415         https://bugs.webkit.org/show_bug.cgi?id=107593
416
417         Reviewed by Adam Barth.
418
419         Prior to this patch, several fast/parser tests hit ASSERT(!hasInsertionPoint()) in prepareToStopParsing().
420         That was because hasInsertionPoint() checks m_input.haveSeenEndOfFile() which was skipped for the threaded
421         parser case. This patch causes us to call markEndOfFile().
422
423         No new tests because covered by existing fast/parser tests.
424
425         * html/parser/HTMLDocumentParser.cpp:
426         (WebCore::HTMLDocumentParser::didReceiveTokensFromBackgroundParser): This FIXME was done in a previous patch.
427         (WebCore::HTMLDocumentParser::finish):
428
429 2013-01-22  Joshua Bell  <jsbell@chromium.org>
430
431         Prevent race condition during Worker shutdown
432         https://bugs.webkit.org/show_bug.cgi?id=107577
433
434         Reviewed by Dmitry Titov.
435
436         During worker shutdown, from the main thread a cleanup task is posted followed by
437         terminating the message queue, which prevents further tasks from being processed. It was
438         possible for another task be posted by another thread between the main thread calls
439         to postTask and terminate(), which would cause that task to run after cleanup. Expose
440         a new WTF::MessageQueue::appendAndKill() method which keeps a mutex around the two steps,
441         and use that during worker shutdown.
442
443         No reliable tests for the race - problem identified by inspection of user crash stacks.
444
445         * workers/WorkerRunLoop.cpp:
446         (WebCore::WorkerRunLoop::postTaskAndTerminate): New method, uses MessageQueue::appendAndKill()
447         * workers/WorkerRunLoop.h:
448         * workers/WorkerThread.cpp:
449         (WebCore::WorkerThread::stop): Uses postTaskAndTerminate() to avoid race.
450
451 2013-01-22  Tony Chang  <tony@chromium.org>
452
453         Unreviewed, rolling out r140171.
454         http://trac.webkit.org/changeset/140171
455         https://bugs.webkit.org/show_bug.cgi?id=107193
456
457         Regressed scrollable region size in other cases.
458
459         * rendering/RenderBlock.cpp:
460         (WebCore::RenderBlock::simplifiedLayout):
461
462 2013-01-22  Alexey Proskuryakov  <ap@apple.com>
463
464         [WK2] WebProcessService is not terminated when page is closed
465         https://bugs.webkit.org/show_bug.cgi?id=107595
466
467         Reviewed by Anders Carlsson.
468
469         * platform/mac/RunLoopMac.mm: (WebCore::RunLoop::stop): Allow stopping XPC service
470         run loop. Also, harmonized NSApp vs. [NSApplication sharedApplication] usage.
471
472 2013-01-22  Ojan Vafai  <ojan@chromium.org>
473
474         REGRESION(r130774): preferred width of tables does not take max-width into account
475         https://bugs.webkit.org/show_bug.cgi?id=107576
476
477         Reviewed by Tony Chang.
478
479         Constrain preferred widths by min/max the way we do in other
480         RenderBlock subclasses. Eventually, we'll shared the code with
481         RenderBlock, but this is an incremental step in that direction
482         that we can safely merge into release branches.
483
484         Test: fast/table/min-max-width-preferred-size.html
485
486         * rendering/RenderTable.cpp:
487         (WebCore::RenderTable::computePreferredLogicalWidths):
488
489 2013-01-22  Adam Barth  <abarth@webkit.org>
490
491         The BackgroundHTMLParser shouldn't pause when waiting for scripts
492         https://bugs.webkit.org/show_bug.cgi?id=107584
493
494         Reviewed by Eric Seidel.
495
496         Previously, the BackgroundHTMLParser would pause itself when it
497         encountered a scrip tag and wait for a signal from the main thread to
498         continue. After this patch, the BackgroundHTMLParser continues ahead
499         and the main thread keeps a queue of pending tokens.
500
501         This patch brings us closer to speculative parsing because when the
502         BackgroundHTMLParser is continuing ahead, it is speculating that it is
503         in the correct state. A future patch will let us abort incorret
504         speculations and resume from an eariler point in the input stream.
505
506         * html/parser/BackgroundHTMLParser.cpp:
507         (WebCore::checkThatTokensAreSafeToSendToAnotherThread):
508         (WebCore::BackgroundHTMLParser::BackgroundHTMLParser):
509         (WebCore::BackgroundHTMLParser::simulateTreeBuilder):
510         (WebCore::BackgroundHTMLParser::pumpTokenizer):
511         (WebCore::TokenDelivery::TokenDelivery):
512         (TokenDelivery):
513         (WebCore::TokenDelivery::execute):
514         (WebCore::BackgroundHTMLParser::sendTokensToMainThread):
515         * html/parser/BackgroundHTMLParser.h:
516         (BackgroundHTMLParser):
517         * html/parser/CompactHTMLToken.h:
518         (WebCore):
519         * html/parser/HTMLDocumentParser.cpp:
520         (WebCore::HTMLDocumentParser::didReceiveTokensFromBackgroundParser):
521         (WebCore):
522         (WebCore::HTMLDocumentParser::processTokensFromBackgroundParser):
523         (WebCore::HTMLDocumentParser::resumeParsingAfterScriptExecution):
524         * html/parser/HTMLDocumentParser.h:
525         (HTMLDocumentParser):
526
527 2013-01-22  Simon Fraser  <simon.fraser@apple.com>
528
529         Fix scrollperf logging
530         https://bugs.webkit.org/show_bug.cgi?id=107589
531
532         Reviewed by Tim Horton.
533
534         The scrollperf logging had two issues:
535
536         1. It relied on a paint logging a "filled" event, but it's possible
537         for existing tiles to be moved into the viewport and filling it, so
538         we need to log from the scrolling thread both when we have unfilled pixels,
539         and when the last scroll revealed unfilled pixels.
540         
541         2. On some pages, z-index:-1 elements behind the body cause the root
542         TileCache to have drawsContent set to false, so none of its tiles paint. In
543         that case, the check for a non-zero paintCount in TileCache::blankPixelCountForTiles()
544         was wrong; we don't think there's a way to have an unpainted tile in the tree.
545         
546         Also fix the signature of blankPixelCountForTiles() to take references.
547
548         * page/scrolling/mac/ScrollingTreeScrollingNodeMac.h:
549         (ScrollingTreeScrollingNodeMac):
550         * page/scrolling/mac/ScrollingTreeScrollingNodeMac.mm:
551         (WebCore::ScrollingTreeScrollingNodeMac::ScrollingTreeScrollingNodeMac):
552         (WebCore::ScrollingTreeScrollingNodeMac::logExposedUnfilledArea):
553         * platform/graphics/ca/mac/TileCache.h:
554         * platform/graphics/ca/mac/TileCache.mm:
555         (WebCore::TileCache::blankPixelCountForTiles):
556
557 2013-01-22  Eric Seidel  <eric@webkit.org>
558
559         Make CompactHTMLToken a little more compact
560         https://bugs.webkit.org/show_bug.cgi?id=107317
561
562         Reviewed by Adam Barth.
563
564         The windows builders got sad because MSVC won't combine
565         adjacent bit-fields with different types.  Changing
566         bool to unsigned should fix the problem.
567
568         * html/parser/CompactHTMLToken.h:
569         (CompactHTMLToken):
570
571 2013-01-22  Anthony Scian  <ascian@rim.com>
572
573         [Blackberry] Static code analysis warning fixes
574         https://bugs.webkit.org/show_bug.cgi?id=107464
575
576         Reviewed by Rob Buis.
577
578         Klocwork issues: 1367, 2367
579         - add NULL pointer checks detected by static code analysis
580
581         * platform/blackberry/WidgetBlackBerry.cpp:
582         (WebCore::Widget::setCursor):
583         * plugins/blackberry/PluginViewBlackBerry.cpp:
584         (WebCore::PluginView::updatePluginWidget):
585
586 2013-01-22  Joseph Pecoraro  <pecoraro@apple.com>
587
588         [Mac] Enable Page Visibility (PAGE_VISIBILITY_API)
589         https://bugs.webkit.org/show_bug.cgi?id=107230
590
591         Reviewed by David Kilzer.
592
593         No new tests. Covered by existing tests which are now unskipped.
594
595         * Configurations/FeatureDefines.xcconfig:
596
597 2013-01-22  Tony Gentilcore  <tonyg@chromium.org>
598
599         Make BackgroundHTMLParser track line/column numbers
600         https://bugs.webkit.org/show_bug.cgi?id=107561
601
602         Reviewed by Adam Barth.
603
604         No new tests because covered by existing fast/parser tests.
605
606         * html/parser/BackgroundHTMLParser.cpp:
607         (WebCore::BackgroundHTMLParser::pumpTokenizer):
608         * html/parser/CompactHTMLToken.cpp:
609         (WebCore::CompactHTMLToken::CompactHTMLToken):
610         * html/parser/CompactHTMLToken.h:
611         (CompactHTMLToken):
612         (WebCore::CompactHTMLToken::textPosition):
613         * html/parser/HTMLDocumentParser.cpp:
614         (WebCore::HTMLDocumentParser::didReceiveTokensFromBackgroundParser):
615         (WebCore::HTMLDocumentParser::lineNumber):
616         (WebCore::HTMLDocumentParser::textPosition):
617         * html/parser/HTMLDocumentParser.h:
618         (HTMLDocumentParser):
619
620 2013-01-22  Alec Flett  <alecflett@chromium.org>
621
622         IndexedDB: Don't assert when deprecated setCallbacks is called
623         https://bugs.webkit.org/show_bug.cgi?id=107580
624
625         Reviewed by Tony Chang.
626
627         Remove an assert for IDBTransactionBackendImpl that was deprecated
628         in a previous commit, but is still called by old chromium code.
629         After the chromium code is removed, this method will be removed
630         entirely.
631
632         * Modules/indexeddb/IDBTransactionBackendImpl.h:
633         (WebCore::IDBTransactionBackendImpl::setCallbacks):
634
635 2013-01-22  Zan Dobersek  <zandobersek@gmail.com>
636
637         [GTK] Disable CSS Regions in release builds
638         https://bugs.webkit.org/show_bug.cgi?id=106541
639
640         Reviewed by Martin Robinson.
641
642         The CSS Regions feature is not yet deemed stable enough to be enabled
643         in release builds, so disable it. It's still enabled for development
644         builds, via FeatureList.pm.
645
646         No new tests - no testable changes.
647
648         * GNUmakefile.features.am.in:
649
650 2013-01-22  Zan Dobersek  <zandobersek@gmail.com>
651
652         [GTK] Enable the <template> element support in development builds
653         https://bugs.webkit.org/show_bug.cgi?id=106575
654
655         Reviewed by Martin Robinson.
656
657         Add a missing build target that contains the custom JS bindings.
658
659         No new tests - the related tests are being unskipped and mostly pass.
660
661         * GNUmakefile.list.am:
662
663 2013-01-22  Joshua Bell  <jsbell@chromium.org>
664
665         IndexedDB: Remove dependency on IDBKey type from IDLs
666         https://bugs.webkit.org/show_bug.cgi?id=106912
667
668         Reviewed by Kentaro Hara.
669
670         This is a preamble to wkbug.com/97375 "Remove IDBKey from WebKitIDL"; IDBKey is
671         not a concept from the Indexed DB spec but a convenient internal type. It was
672         exposed in the IDL with custom binding code and special cases in the generator
673         to map from script values to the WebCore type. To remove those special cases
674         and match the WebIDL in the spec, the IDLs are changed to use "any" and the
675         implementations now take ScriptValues. This does mean that each call site must
676         call into IDBBindingUtilities to map from ScriptValue to IDBKey.
677
678         No new tests - just a refactor.
679
680         * Modules/indexeddb/IDBAny.cpp: Remove IDBKey as a variant type - just use ScriptValue.
681         * Modules/indexeddb/IDBAny.h:
682         (WebCore):
683         (IDBAny):
684         * Modules/indexeddb/IDBCursor.cpp:
685         (WebCore::IDBCursor::continueFunction): Now takes any/ScriptValue.
686         (WebCore):
687         * Modules/indexeddb/IDBCursor.h:
688         (WebCore::IDBCursor::continueFunction):
689         (IDBCursor):
690         * Modules/indexeddb/IDBCursor.idl:
691         * Modules/indexeddb/IDBCursorBackendImpl.cpp:
692         (WebCore::IDBCursorBackendImpl::deleteFunction):
693         * Modules/indexeddb/IDBFactory.cpp:
694         (WebCore::IDBFactory::cmp): Now takes any/ScriptValue.
695         * Modules/indexeddb/IDBFactory.h:
696         (IDBFactory):
697         * Modules/indexeddb/IDBFactory.idl:
698         * Modules/indexeddb/IDBIndex.cpp:
699         (WebCore::IDBIndex::openCursor): Now takes any/ScriptValue.
700         (WebCore::IDBIndex::count): Now takes any/ScriptValue.
701         (WebCore::IDBIndex::openKeyCursor): Now takes any/ScriptValue.
702         (WebCore::IDBIndex::get): Now takes any/ScriptValue.
703         (WebCore::IDBIndex::getKey): Now takes any/ScriptValue.
704         * Modules/indexeddb/IDBIndex.h:
705         (WebCore::IDBIndex::openCursor):
706         (IDBIndex):
707         (WebCore::IDBIndex::openKeyCursor):
708         * Modules/indexeddb/IDBIndex.idl:
709         * Modules/indexeddb/IDBKeyRange.cpp:
710         (WebCore::IDBKeyRange::create): Add helper for back-end creation of single-key ranges.
711         (WebCore):
712         (WebCore::IDBKeyRange::lowerValue): Impl. of new "any" type accessor exposed to script.
713         (WebCore::IDBKeyRange::upperValue): Ditto.
714         (WebCore::IDBKeyRange::only): Now takes any/ScriptValue.
715         (WebCore::IDBKeyRange::lowerBound): Now takes any/ScriptValue.
716         (WebCore::IDBKeyRange::upperBound): Now takes any/ScriptValue.
717         (WebCore::IDBKeyRange::bound): Now takes any/ScriptValue.
718         * Modules/indexeddb/IDBKeyRange.h:
719         (IDBKeyRange):
720         (WebCore::IDBKeyRange::lowerBound):
721         (WebCore::IDBKeyRange::upperBound):
722         (WebCore::IDBKeyRange::bound):
723         * Modules/indexeddb/IDBKeyRange.idl:
724         * Modules/indexeddb/IDBObjectStore.cpp:
725         (WebCore::IDBObjectStore::get): Now takes any/ScriptValue.
726         (WebCore::IDBObjectStore::add): Now takes any/ScriptValue.
727         (WebCore):
728         (WebCore::IDBObjectStore::put): Now takes any/ScriptValue.
729         (WebCore::IDBObjectStore::deleteFunction): Now takes any/ScriptValue.
730         (WebCore::IDBObjectStore::openCursor): Now takes any/ScriptValue.
731         (WebCore::IDBObjectStore::count): Now takes any/ScriptValue.
732         * Modules/indexeddb/IDBObjectStore.h:
733         (IDBObjectStore):
734         (WebCore::IDBObjectStore::openCursor):
735         * Modules/indexeddb/IDBObjectStore.idl:
736         * Modules/indexeddb/IDBRequest.cpp: Result IDBAny type is now ScriptValue.
737         (WebCore::IDBRequest::onSuccess):
738         * bindings/js/IDBBindingUtilities.cpp:
739         (WebCore::scriptValueToIDBKey): The inverse of idbKeyToScriptValue().
740         (WebCore):
741         * bindings/js/IDBBindingUtilities.h:
742         (WebCore):
743         * bindings/js/JSIDBAnyCustom.cpp:
744         (WebCore::toJS):
745         * bindings/v8/IDBBindingUtilities.cpp:
746         (WebCore::scriptValueToIDBKey): Ditto.
747         (WebCore):
748         * bindings/v8/IDBBindingUtilities.h:
749         (WebCore):
750         * bindings/v8/custom/V8IDBAnyCustom.cpp:
751         (WebCore::toV8): Remove IDBKey variant type.
752
753 2013-01-22  Justin Schuh  <jschuh@chromium.org>
754
755         TRANSFORMATION_MATRIX_USE_X86_64_SSE2 broken for 64-bit Windows builds
756         https://bugs.webkit.org/show_bug.cgi?id=107498
757
758         Reviewed by James Robinson.
759         
760         Enable TRANSFORMATION_MATRIX_USE_X86_64_SSE2 for 64-bit Windows.
761
762         No new tests. Covered by existing tests.
763
764         * platform/graphics/transforms/TransformationMatrix.h:
765         (WebCore):
766         (TransformationMatrix):
767
768 2013-01-22  Min Qin  <qinmin@chromium.org>
769
770         Fix a race condition on SkBitmap::lockPixels()/unlockPixels() for lazy image decoding
771         https://bugs.webkit.org/show_bug.cgi?id=107404
772
773         Reviewed by Stephen White.
774
775         Skbitmap::lockPixels()/unlockPixels() are not threadsafe.
776         unlike SkPixelRef, these 2 calls are not protected by an internal mutex.
777         Bugfix, no behaviral change and hard to test as tests will be flaky.
778
779         * platform/graphics/chromium/ImageDecodingStore.cpp:
780         (WebCore::ImageDecodingStore::lockCache):
781         (WebCore::ImageDecodingStore::unlockCache):
782         (WebCore::ImageDecodingStore::insertAndLockCache):
783         (WebCore::ImageDecodingStore::overwriteAndLockCache):
784         * platform/graphics/chromium/ImageDecodingStore.h:
785         (ImageDecodingStore):
786
787 2013-01-22  Eric Seidel  <eric@webkit.org>
788
789         Make CompactHTMLToken a little more compact
790         https://bugs.webkit.org/show_bug.cgi?id=107317
791
792         Reviewed by Darin Adler.
793
794         Reduce the size of CompactHTMLToken by two pointers.
795         The abuse of the attribute vector to store the DOCTYPE strings
796         is kinda lame, but makes a lot of sense given how rare DOCTYPE tokens are.
797
798         The resulting CompactHTMLToken vector should be a smaller malloc and thus faster.
799         However I saw no perf change on html-parser-srcdoc.html.
800
801         * html/parser/CompactHTMLToken.cpp:
802         (SameSizeAsCompactHTMLToken):
803         (WebCore):
804         (WebCore::CompactHTMLToken::CompactHTMLToken):
805         (WebCore::CompactHTMLToken::isSafeToSendToAnotherThread):
806         * html/parser/CompactHTMLToken.h:
807         (WebCore::CompactHTMLToken::type):
808         (CompactHTMLToken):
809         (WebCore::CompactHTMLToken::publicIdentifier):
810         (WebCore::CompactHTMLToken::systemIdentifier):
811
812 2013-01-22  Elliott Sprehn  <esprehn@chromium.org>
813
814         Assertion parent->inDocument() failed in WebCore::PseudoElement::PseudoElement
815         https://bugs.webkit.org/show_bug.cgi?id=106224
816
817         Reviewed by Ojan Vafai.
818
819         Appending a node that contains a <style> and also elements that should have
820         generated content can cause us to create PseudoElements in nodes that are not
821         yet inDocument because we may recalcStyle in HTMLStyleElement::insertedInto
822         triggering a reattach() which could then traverse into the siblings of the
823         <style> attaching them even though they are not yet inDocument.
824
825         This means that we should not assert about the parent of a PseudoElement
826         being inDocument as this is not always the case.
827
828         Instead forward Node::insertedInto and removedFrom notifications to
829         PseudoElements so they will correctly get their inDocument bit set. Nothing
830         in the code appears to depend on them being inDocument we just make sure to
831         set it so they're consistent with the rest of the document.
832
833         No new tests, there's no way to test that PseudoElements are really inDocument.
834
835         * dom/Element.cpp:
836         (WebCore::Element::insertedInto):
837         (WebCore::Element::removedFrom):
838         * dom/PseudoElement.cpp:
839         (WebCore::PseudoElement::PseudoElement):
840
841 2013-01-22  Alexis Menard  <alexis@webkit.org>
842
843         Allow construction of unprefixed transition DOM events.
844         https://bugs.webkit.org/show_bug.cgi?id=107319
845
846         Reviewed by Dean Jackson.
847
848         Make possible to construct unprefixed DOM events for transitions.
849         Unfortunately I have to duplicate the C++ implementation class of the
850         events (TransitionEvent.h and TransitionEvent.cpp). I can't find a
851         better way to re-use the WebKitTransitionEvent class to back the
852         TransitionEvent.idl as our code generators don't allow to have a
853         different name for the C++ class used in the generated file than the
854         interface name specified in the IDL file. Unfortunately
855         https://trac.webkit.org/wiki/WebKitIDL#InterfaceName doesn't help as
856         it's only a way to unlink the interface name specified in the IDL with
857         the one exposed in JavaScript. I don't think we should support such a
858         feature in our code generators as WebKitTransitionEvent class and more
859         exactly prefixed DOM events for transitions will be removed one day so
860         this use case will become obselete.
861
862         Test: fast/events/constructors/transition-event-constructor.html
863
864         * CMakeLists.txt:
865         * DerivedSources.cpp:
866         * DerivedSources.make:
867         * DerivedSources.pri:
868         * GNUmakefile.list.am:
869         * Target.pri:
870         * WebCore.gypi:
871         * WebCore.vcproj/WebCore.vcproj:
872         * WebCore.xcodeproj/project.pbxproj:
873         * dom/DOMAllInOne.cpp:
874         * dom/EventNames.in:
875         * dom/TransitionEvent.cpp: Added.
876         (WebCore):
877         (WebCore::TransitionEventInit::TransitionEventInit):
878         (WebCore::TransitionEvent::TransitionEvent):
879         (WebCore::TransitionEvent::~TransitionEvent):
880         (WebCore::TransitionEvent::propertyName):
881         (WebCore::TransitionEvent::elapsedTime):
882         (WebCore::TransitionEvent::interfaceName):
883         * dom/TransitionEvent.h: Added.
884         (WebCore):
885         (TransitionEventInit):
886         (TransitionEvent):
887         (WebCore::TransitionEvent::create):
888         * dom/TransitionEvent.idl: Added.
889         * page/DOMWindow.idl:
890         * page/animation/AnimationController.cpp:
891         (WebCore::AnimationControllerPrivate::fireEventsAndUpdateStyle): always
892         create a TransitionEvent now. EventTarget will be responsible to create
893         a WebKitTransitionEvent if necessary.
894
895 2013-01-22  Adam Barth  <abarth@webkit.org>
896
897         Wean BackgroundHTMLParser off HTMLInputStream
898         https://bugs.webkit.org/show_bug.cgi?id=107575
899
900         Reviewed by Eric Seidel.
901
902         The BackgroundHTMLParser doesn't need to use HTMLInputStream because it
903         doesn't need to handle nested calls to document.write. Instead, we can
904         just use a SegmentedString directly, which will let us checkpoint
905         m_input for speculation.
906
907         * html/parser/BackgroundHTMLParser.cpp:
908         (WebCore::BackgroundHTMLParser::append):
909         (WebCore::BackgroundHTMLParser::finish):
910         (WebCore::BackgroundHTMLParser::markEndOfFile):
911         (WebCore):
912         (WebCore::BackgroundHTMLParser::pumpTokenizer):
913         * html/parser/BackgroundHTMLParser.h:
914         (BackgroundHTMLParser):
915
916 2013-01-22  Sergio Villar Senin  <svillar@igalia.com>
917
918         [Soup] Random thread crashes
919         https://bugs.webkit.org/show_bug.cgi?id=107439
920
921         Reviewed by Martin Robinson.
922
923         Process all pending requests in the inner GMainContext created to
924         perform synchronous requests before restoring the thread default. No
925         new tests required, already covered by network tests.
926
927         * platform/network/soup/ResourceHandleSoup.cpp:
928         (WebCore::WebCoreSynchronousLoader::~WebCoreSynchronousLoader):
929
930 2013-01-22  Christophe Dumez  <christophe.dumez@intel.com>
931
932         [gstreamer] GstBus signal watch should be removed on clean up
933         https://bugs.webkit.org/show_bug.cgi?id=107544
934
935         Reviewed by Philippe Normand.
936
937         Our gstreamer backend code currently calls gst_bus_add_signal_watch()
938         on GstBus to add a signal watch. As per the gstreamer  documentation,
939         "To clean up, the caller is responsible for calling
940         gst_bus_remove_signal_watch() as many times as this function is
941         called". This is because gst_bus_add_signal_watch() causes the GstBus
942         object to be ref'd and gst_bus_remove_signal_watch() needs to be
943         called to properly unref it.
944
945         This patch makes sure that gst_bus_remove_signal_watch() is called
946         on the GstBus object when cleaning up. This patch also uses smart
947         pointers for GstBus objects for consistency.
948
949         No new tests, no behavior change for layout tests.
950
951         * platform/audio/gstreamer/AudioDestinationGStreamer.cpp:
952         (WebCore::AudioDestinationGStreamer::AudioDestinationGStreamer):
953         (WebCore::AudioDestinationGStreamer::~AudioDestinationGStreamer):
954         * platform/audio/gstreamer/AudioFileReaderGStreamer.cpp:
955         (WebCore::AudioFileReader::~AudioFileReader):
956         (WebCore::AudioFileReader::decodeAudioForBusCreation):
957         * platform/graphics/gstreamer/GStreamerGWorld.cpp:
958         (WebCore::GStreamerGWorld::GStreamerGWorld):
959         * platform/graphics/gstreamer/GStreamerVersioning.cpp:
960         (webkitGstPipelineGetBus):
961         * platform/graphics/gstreamer/GStreamerVersioning.h:
962         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
963         (WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer):
964
965 2013-01-22  Adam Barth  <abarth@webkit.org>
966
967         BackgroundHTMLParser should simulate tree building in a separate function
968         https://bugs.webkit.org/show_bug.cgi?id=107569
969
970         Reviewed by Eric Seidel.
971
972         This patch cleans up BackgroundHTMLParser::pumpTokenizer to prepare for
973         implementing speculative parsing.
974
975         * html/parser/BackgroundHTMLParser.cpp:
976         (WebCore::BackgroundHTMLParser::simulateTreeBuilder):
977         (WebCore):
978         (WebCore::BackgroundHTMLParser::pumpTokenizer):
979         * html/parser/BackgroundHTMLParser.h:
980         (BackgroundHTMLParser):
981         * page/Settings.in:
982
983 2013-01-22  Sheriff Bot  <webkit.review.bot@gmail.com>
984
985         Unreviewed, rolling out r140435.
986         http://trac.webkit.org/changeset/140435
987         https://bugs.webkit.org/show_bug.cgi?id=107565
988
989         Crashes on ClusterFuzz due to float not removed (Requested by
990         inferno-sec on #webkit).
991
992         * rendering/RenderBox.cpp:
993         (WebCore::RenderBox::removeFloatingOrPositionedChildFromBlockLists):
994
995 2013-01-22  Robert Hogan  <robert@webkit.org>
996
997         When we do setAttribute("border", null) on a table we should create a border like every other browser
998         https://bugs.webkit.org/show_bug.cgi?id=102112
999
1000         Reviewed by Ryosuke Niwa.
1001
1002         http://www.whatwg.org/specs/web-apps/current-work/multipage/rendering.html#tables says:
1003         "If the [table's border] attribute is present but parsing the attribute's value using the rules for parsing 
1004         non-negative integers generates an error, a default value of 1px is expected to be used for that property instead."
1005
1006         Match the spec and bring us into line with other browsers by observing the 'parsing non-negative integers' algorithm.
1007
1008         Tests: fast/dom/HTMLTableElement/table-with-invalid-border.html
1009                fast/table/table-with-borderattr-null.html
1010                fast/table/table-with-borderattr-set-to-null.html
1011
1012         * html/HTMLElement.cpp:
1013         (WebCore::HTMLElement::parseBorderWidthAttribute):
1014         (WebCore::HTMLElement::applyBorderAttributeToStyle):
1015         * html/HTMLElement.h:
1016         (HTMLElement):
1017         * html/HTMLTableElement.cpp:
1018         (WebCore::HTMLTableElement::collectStyleForPresentationAttribute):
1019         (WebCore::HTMLTableElement::parseAttribute):
1020
1021 2013-01-22  Abhishek Arya  <inferno@chromium.org>
1022
1023         Heap-use-after-free in WebCore::RenderObject::isDescendantOf
1024         https://bugs.webkit.org/show_bug.cgi?id=107226
1025
1026         Reviewed by Emil A Eklund.
1027
1028         Test: fast/block/float/overhanging-float-not-removed-crash.html
1029
1030         * rendering/RenderBox.cpp:
1031         (WebCore::RenderBox::removeFloatingOrPositionedChildFromBlockLists):
1032         Skip anonymous blocks in the chain to get the enclosing block and
1033         be able to correctly mark the overhanging floats in the next siblings.
1034
1035 2013-01-22  Justin Schuh  <jschuh@chromium.org>
1036
1037         Silence MSVC 64-bit build warning c4309 for FrameTree::invalidCount
1038         https://bugs.webkit.org/show_bug.cgi?id=107439
1039
1040         Reviewed by Dimitri Glazkov.
1041         
1042         MSVC detects that the constant notFound is truncated on assignment to
1043         invalidCount. Since we never compare them (as it would always fail on
1044         64-bit anyway), just initialize invalidCount directly to -1.
1045
1046         No new tests. No behavior changed.
1047
1048         * page/FrameTree.h:
1049         (FrameTree):
1050
1051 2013-01-22  Zan Dobersek  <zdobersek@igalia.com>
1052
1053         [Autotools] Remove the Canvas Path configuration option
1054         https://bugs.webkit.org/show_bug.cgi?id=107537
1055
1056         Reviewed by Martin Robinson.
1057
1058         No new tests - no new testable functionality.
1059
1060         * GNUmakefile.am: Remove the Automake conditional analysis, the related
1061         configuration option is being removed as well.
1062         * GNUmakefile.features.am.in: Add the ENABLE_CANVAS_PATH feature define,
1063         defaulting to 0 in release builds (but is disabled in development builds
1064         of the GTK port as well at the moment).
1065
1066 2013-01-18  Stephen Chenney  <schenney@chromium.org>
1067
1068         Asserts when textPath is used with no path
1069         https://bugs.webkit.org/show_bug.cgi?id=107324
1070
1071         Reviewed by Eric Seidel.
1072
1073         We assert when there is no path associated with an SVG text path
1074         element. Instead, this patch detects the condition and stops trying to
1075         layout text for that textPath  element.
1076
1077         Test: svg/text/tpath-without-path.svg
1078
1079         * rendering/svg/SVGTextLayoutEngine.cpp:
1080         (WebCore::SVGTextLayoutEngine::beginTextPathLayout):
1081         (WebCore::SVGTextLayoutEngine::layoutTextOnLineOrPath):
1082
1083 2013-01-22  Andrey Adaikin  <aandrey@chromium.org>
1084
1085         Web Inspector: [Canvas] jump to prev/next drawing call in the replay
1086         https://bugs.webkit.org/show_bug.cgi?id=107551
1087
1088         Reviewed by Pavel Feldman.
1089
1090         Implement jumping to the next(previous) drawing call in the WebGL and canvas 2D replay.
1091
1092         * English.lproj/localizedStrings.js:
1093         * inspector/InjectedScriptCanvasModuleSource.js:
1094         (.):
1095         * inspector/Inspector.json:
1096         * inspector/front-end/CanvasProfileView.js:
1097         (WebInspector.CanvasProfileView):
1098         (WebInspector.CanvasProfileView.prototype.dispose):
1099         (WebInspector.CanvasProfileView.prototype._onReplayDrawingCallClick):
1100         * inspector/front-end/canvasProfiler.css:
1101         (.canvas-replay-prev-draw img):
1102         (.canvas-replay-next-draw img):
1103
1104 2013-01-22  Andrey Lushnikov  <lushnikov@chromium.org>
1105
1106         Web Inspector: remove asynchronous behavior from DTE paintLines method
1107         https://bugs.webkit.org/show_bug.cgi?id=107550
1108
1109         Reviewed by Pavel Feldman.
1110
1111         Remove paintLinesOperationCredit and all asynchronous behaviour from paintLines method;
1112         also, remove paintLineChunks method.
1113
1114         * inspector/front-end/DefaultTextEditor.js:
1115         (WebInspector.TextEditorMainPanel.prototype.expandChunks):
1116         (WebInspector.TextEditorMainPanel.prototype._highlightDataReady):
1117         (WebInspector.TextEditorMainPanel.prototype._paintLines):
1118         (WebInspector.TextEditorMainPanel.prototype._renderRanges):
1119         (WebInspector.TextEditorMainPanel.prototype._paintLine):
1120         (WebInspector.TextEditorMainPanel.prototype._applyDomUpdates):
1121
1122 2013-01-22  Eugene Klyuchnikov  <eustas@chromium.org>
1123
1124         Web Inspector: [Network] "Secure" cookies can not be deleted.
1125         https://bugs.webkit.org/show_bug.cgi?id=107543
1126
1127         Reviewed by Pavel Feldman.
1128
1129         To delete secure cookie URL schema need to be "https" instead of "http".
1130
1131         * inspector/front-end/CookieItemsView.js:
1132         (WebInspector.CookieItemsView.prototype._deleteCookie):
1133         Take care of secure cookies.
1134
1135 2013-01-22  Sheriff Bot  <webkit.review.bot@gmail.com>
1136
1137         Unreviewed, rolling out r140420.
1138         http://trac.webkit.org/changeset/140420
1139         https://bugs.webkit.org/show_bug.cgi?id=107557
1140
1141         Still causes crashes (EFL this time) (Requested by kov on
1142         #webkit).
1143
1144         * platform/graphics/gstreamer/GStreamerVersioning.cpp:
1145         * platform/graphics/gstreamer/GStreamerVersioning.h:
1146         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
1147         (StreamingClient):
1148         (_WebKitWebSrcPrivate):
1149         (webKitWebSrcFinalize):
1150         (webKitWebSrcStop):
1151         (StreamingClient::didReceiveData):
1152         * platform/network/ResourceHandleClient.h:
1153         (ResourceHandleClient):
1154         * platform/network/ResourceHandleInternal.h:
1155         (WebCore::ResourceHandleInternal::ResourceHandleInternal):
1156         (ResourceHandleInternal):
1157         * platform/network/soup/ResourceHandleSoup.cpp:
1158         (WebCore::cleanupSoupRequestOperation):
1159         (WebCore::nextMultipartResponsePartCallback):
1160         (WebCore::sendRequestCallback):
1161         (WebCore::readCallback):
1162
1163 2013-01-22  Allan Sandfeld Jensen  <allan.jensen@digia.com>
1164
1165         [Qt] Crash in PasteboardQt.cpp Pasteboard::writeSelection
1166         https://bugs.webkit.org/show_bug.cgi?id=102192
1167
1168         Patch by Fabien Valée
1169         Reviewed by Jocelyn Turcotte.
1170
1171         QClipboard::setMimeData transfers ownership of QMimeData to the clipboard,
1172         so we should not access it afterwards.
1173
1174         * platform/qt/PasteboardQt.cpp:
1175         (WebCore::Pasteboard::writeSelection):
1176         (WebCore::Pasteboard::writePlainText):
1177
1178 2013-01-22  Christophe Dumez  <christophe.dumez@intel.com>
1179
1180         Regression(r140414): It is causing crashes with gstreamer 0.10
1181         https://bugs.webkit.org/show_bug.cgi?id=107554
1182
1183         Reviewed by Philippe Normand.
1184
1185         gstreamer 0.10 doc led me to believe that gst_element_factory_make()
1186         was not returning a floating reference. However, based on testing
1187         (and results on Qt port) it does so we should NOT adopt the
1188         returned GstElement object.
1189
1190         No new tests, already covered by existing tests.
1191
1192         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1193
1194 2013-01-22  Andrey Lushnikov  <lushnikov@chromium.org>
1195
1196         Web Inspector: do not highlight really long lines in DTE.
1197         https://bugs.webkit.org/show_bug.cgi?id=107531
1198
1199         Reviewed by Pavel Feldman.
1200
1201         Improve TextEditorHighlighter.orderedRangesPerLine method to return
1202         only ranges that start before particular column.
1203
1204         Test: inspector/editor/text-editor-long-line.html
1205
1206         * inspector/front-end/TextEditorHighlighter.js:
1207         (WebInspector.TextEditorHighlighter):
1208         (WebInspector.TextEditorHighlighter.prototype.setHighlightLineLimit):
1209         (WebInspector.TextEditorHighlighter.prototype.orderedRangesPerLine.comparator):
1210         (WebInspector.TextEditorHighlighter.prototype.orderedRangesPerLine):
1211
1212 2013-01-22  Gustavo Noronha Silva  <gustavo.noronha@collabora.com>
1213
1214         [GStreamer][Soup] Let GStreamer provide the buffer data is downloaded to, to avoid copying
1215         https://bugs.webkit.org/show_bug.cgi?id=105552
1216
1217         Reviewed by Philippe Normand.
1218
1219         Makes it possible for the GStreamer media backend to provide the buffer to which
1220         the Soup networking backend will use to download data to. This makes copying
1221         memory unnecessary when ResourceHandle hands data over to the media player's
1222         StreamingClient. Thanks to Dan Winship for help designing the interface.
1223
1224         No behaviour change, covered by existing tests.
1225
1226         * platform/graphics/gstreamer/GStreamerVersioning.cpp:
1227         (createGstBufferForData): New helper to create a GstBuffer when
1228         we have a data pointer and a length.
1229         (getGstBufferSize): Abstract obtaining the size of the buffer, so the code
1230         is cleaner while still working for both GST 0.10 and 1.0.
1231         (setGstBufferSize): Ditto, but for setting the size.
1232         (getGstBufferDataPointer): Ditto, but for grabbing the data pointer.
1233         (mapGstBuffer): Convenience method to take care of mapping the buffer so that
1234         we can provide the data pointer to ResourceHandle.
1235         (unmapGstBuffer): Convenience method which takes care of unmapping the buffer
1236         and properly freeing the GstMapInfo.
1237         * platform/graphics/gstreamer/GStreamerVersioning.h:
1238         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
1239         (StreamingClient): New methods.
1240         (_WebKitWebSrcPrivate): We now store the GstBuffer we provided the data pointer from
1241         so we can later unmap it and push it to the pipeline.
1242         (webKitWebSrcDispose): Deal with the GstBuffer in case it exists when the source is
1243         destroyed.
1244         (webKitWebSrcStop): Also clear the GstBuffer in this case.
1245         (StreamingClient::didReceiveData): Handle the hand-over of the buffer.
1246         (StreamingClient::getBuffer): Provide ResourceHandle with a new GstBuffer's data pointer.
1247         * platform/network/ResourceHandleClient.h:
1248         (ResourceHandleClient):
1249         (WebCore::ResourceHandleClient::ResourceHandleClient): Constructor to initialize the buffer
1250         member variable to 0.
1251         (WebCore::ResourceHandleClient::~ResourceHandleClient): Destructor to free the buffer if it
1252         has been allocated.
1253         (WebCore::ResourceHandleClient::getBuffer): Default implementation which returns a
1254         newly allocated char pointer.
1255         * platform/network/ResourceHandleInternal.h:
1256         (WebCore::ResourceHandleInternal::ResourceHandleInternal):
1257         (ResourceHandleInternal): Store actual buffer size, which is no longer a constant.
1258         * platform/network/soup/ResourceHandleSoup.cpp:
1259         (WebCore::cleanupSoupRequestOperation): Clear the buffer pointer, the life-cycle of the
1260         buffer is handled by the ResourceHandleClient.
1261         (WebCore::nextMultipartResponsePartCallback): Get a new buffer from the client before reading.
1262         (WebCore::sendRequestCallback): Ditto.
1263         (WebCore::readCallback): Ditto.
1264
1265 2013-01-22  Michał Pakuła vel Rutka  <m.pakula@samsung.com>
1266
1267         [EFL] Fix context menu localized string
1268         https://bugs.webkit.org/show_bug.cgi?id=107536
1269
1270         One of localized string has a marker. Since EFL port does not support them
1271         it has to be removed, so the string will be displayed properly.
1272
1273         Reviewed by Laszlo Gombos.
1274
1275         * platform/efl/LocalizedStringsEfl.cpp:
1276         (WebCore::contextMenuItemTagCheckSpellingWhileTyping)
1277
1278 2013-01-22  Sheriff Bot  <webkit.review.bot@gmail.com>
1279
1280         Unreviewed, rolling out r140412.
1281         http://trac.webkit.org/changeset/140412
1282         https://bugs.webkit.org/show_bug.cgi?id=107549
1283
1284         Broke rendering of buttons on gmail (Requested by carewolf on
1285         #webkit).
1286
1287         * platform/graphics/qt/TransparencyLayer.h:
1288         (WebCore::TransparencyLayer::TransparencyLayer):
1289
1290 2013-01-22  Christophe Dumez  <christophe.dumez@intel.com>
1291
1292         [gstreamer] MediaPlayerPrivateGStreamer should take ownership of the playbin
1293         https://bugs.webkit.org/show_bug.cgi?id=107445
1294
1295         Reviewed by Philippe Normand.
1296
1297         In gstreamer 1.0, gst_element_factory_make() now returns a floating reference.
1298         MediaPlayerPrivateGStreamer calls gst_element_factory_make() to create the
1299         playbin object but does not take ownership of the object. As a consequence,
1300         the object keeps floating until it is unref'd in the
1301         MediaPlayerPrivateGStreamer destructor.
1302
1303         This patch uses a GRefPtr<GstElement> to store the playbin object and only
1304         adopt the object returned by gst_element_factory_make() if gstreamer 0.10
1305         is used. When gstreamer 1.0 is used, the returned object will not be adopted,
1306         which will remove the floating reference. This way, we ensure that the
1307         playbin object is owned by MediaPlayerPrivateGStreamer.
1308
1309         No new tests, no behavior change for layout tests.
1310
1311         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1312         (WebCore::MediaPlayerPrivateGStreamer::MediaPlayerPrivateGStreamer):
1313         (WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer):
1314         (WebCore::MediaPlayerPrivateGStreamer::load):
1315         (WebCore::MediaPlayerPrivateGStreamer::playbackPosition):
1316         (WebCore::MediaPlayerPrivateGStreamer::changePipelineState):
1317         (WebCore::MediaPlayerPrivateGStreamer::duration):
1318         (WebCore::MediaPlayerPrivateGStreamer::seek):
1319         (WebCore::MediaPlayerPrivateGStreamer::paused):
1320         (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfVideo):
1321         (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfAudio):
1322         (WebCore::MediaPlayerPrivateGStreamer::setVolume):
1323         (WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfVolumeChange):
1324         (WebCore::MediaPlayerPrivateGStreamer::setRate):
1325         (WebCore::MediaPlayerPrivateGStreamer::buffered):
1326         (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
1327         (WebCore::MediaPlayerPrivateGStreamer::fillTimerFired):
1328         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
1329         (MediaPlayerPrivateGStreamer):
1330
1331 2013-01-22  Yury Semikhatsky  <yurys@chromium.org>
1332
1333         Unreviewed. Fix closure compiler warning in inspector front-end after r140390.
1334
1335         * inspector/front-end/HeapSnapshotView.js:
1336
1337 2013-01-22  Allan Sandfeld Jensen  <allan.jensen@digia.com>
1338
1339         [Qt] Box shadows on a transparency layer is very slow
1340         https://bugs.webkit.org/show_bug.cgi?id=107547
1341
1342         Reviewed by Noam Rosenthal.
1343
1344         Set an initial clip on the transparency layer, so that the clipping
1345         bounds will never end up larger than the layer.
1346
1347         * platform/graphics/qt/TransparencyLayer.h:
1348         (WebCore::TransparencyLayer::TransparencyLayer):
1349
1350 2013-01-22  Matt Falkenhagen  <falken@chromium.org>
1351
1352         Move top layer flag from ElementRareData to NodeFlags
1353         https://bugs.webkit.org/show_bug.cgi?id=107542
1354
1355         Reviewed by Hajime Morita.
1356
1357         This is a speculative fix for a perf regression (https://bugs.webkit.org/show_bug.cgi?id=106726)
1358         likely due to checking the top layer flag in Element::removedFrom. It
1359         also simplifies code dealing with top layer and makes it no longer
1360         necessary to allocate rare data for top layer.
1361
1362         * dom/Element.cpp:
1363         (WebCore::Element::removedFrom): Check isInTopLayer first in case it helps fix the perf regression.
1364         (WebCore):
1365         * dom/Element.h: Move top layer functions from Element to Node.
1366         * dom/ElementRareData.h:
1367         (ElementRareData):
1368         (WebCore::ElementRareData::ElementRareData): Remove top layer flag from ElementRareData.
1369         * dom/Node.cpp: Move top layer functions from Element to Node.  
1370         (WebCore):
1371         (WebCore::Node::setIsInTopLayer):
1372         * dom/Node.h:
1373         (Node):
1374         (WebCore::Node::isInTopLayer):
1375         * dom/NodeRenderingContext.cpp: Remove unnecessary casts to Element for isInTopLayer().
1376         (WebCore::isRendererReparented):
1377         (WebCore::NodeRenderingContext::previousRenderer):
1378         (WebCore::NodeRenderingContext::parentRenderer):
1379         * rendering/RenderLayer.cpp: Ditto.
1380         (WebCore::RenderLayer::isInTopLayer):
1381         (WebCore::RenderLayer::rebuildZOrderLists):
1382
1383 2013-01-22  Mark Lam  <mark.lam@apple.com>
1384
1385         Fix broken mac builds due to <http://trac.webkit.org/changeset/140399>.
1386         https://bugs.webkit.org/show_bug.cgi?id=100710.
1387
1388         Not reviewed.
1389
1390         No new tests.
1391
1392         * WebCore.xcodeproj/project.pbxproj:
1393
1394 2013-01-22  Dan Carney  <dcarney@google.com>
1395
1396         [v8] Convert string conversion calls to one byte versions
1397         https://bugs.webkit.org/show_bug.cgi?id=107524
1398
1399         Reviewed by Kentaro Hara.
1400
1401         No new tests. No change in functionality.
1402
1403         * bindings/v8/SerializedScriptValue.cpp:
1404         * bindings/v8/V8StringResource.cpp:
1405         (WebCore::WebCoreStringResourceBase::toWebCoreStringResourceBase):
1406         (StringTraits):
1407         (WebCore::true):
1408         (WebCore::v8StringToWebCoreString):
1409
1410 2013-01-22  Eugene Klyuchnikov  <eustas@chromium.org>
1411
1412         Web Inspector: [Network] CookiesTable refactoring.
1413         https://bugs.webkit.org/show_bug.cgi?id=107511
1414
1415         Reviewed by Pavel Feldman.
1416
1417         CookiesTable uses integer indexes as column identifiers.
1418         This leads to cryptic code.
1419
1420         Descriptive column identifiers will make code clearer.
1421         Also "addCookiesFolder" replaced with "setCookieFolders" to avoid
1422         repetitive "_rebuildTable" invocation.
1423
1424         * inspector/front-end/CookiesTable.js:
1425         (WebInspector.CookiesTable): Use descriptive column identifiers.
1426         (WebInspector.CookiesTable.prototype.setCookieFolders):
1427         Accept multiple folders.
1428         (WebInspector.CookiesTable.prototype._rebuildTable):
1429         Use descriptive column identifiers.
1430         (WebInspector.CookiesTable.prototype._sortCookies):
1431         Ditto.
1432         (WebInspector.CookiesTable.prototype._createGridNode):
1433         Ditto.
1434         * inspector/front-end/RequestCookiesView.js:
1435         (WebInspector.RequestCookiesView.prototype._buildCookiesTable):
1436         Use "setCookieFolders".
1437
1438 2013-01-22  Zan Dobersek  <zdobersek@igalia.com>
1439
1440         [GTK] Disable support for unprefixed CSS animations, transitions, transforms in release builds
1441         https://bugs.webkit.org/show_bug.cgi?id=107436
1442
1443         Reviewed by Alexis Menard.
1444
1445         Disable the unprefixed CSS animations, transitions and transforms support
1446         in the release builds for now. The work in this area is not yet complete
1447         and should not ship in such state.
1448
1449         No new tests - no new functionality.
1450
1451         * GNUmakefile.features.am.in:
1452
1453 2013-01-22  Alexander Pavlov  <apavlov@chromium.org>
1454
1455         Web Inspector: [REGRESSION] SASSSourceMapping broken: _bindUISourceCode method is absent
1456         https://bugs.webkit.org/show_bug.cgi?id=107529
1457
1458         Reviewed by Pavel Feldman.
1459
1460         * inspector/front-end/SASSSourceMapping.js:
1461         (WebInspector.SASSSourceMapping.prototype._fileSaveFinished):
1462
1463 2013-01-22  Adam Barth  <abarth@webkit.org>
1464
1465         AtomicMarkupTokenBase must die
1466         https://bugs.webkit.org/show_bug.cgi?id=107513
1467
1468         Reviewed by Eric Seidel.
1469
1470         Now that NEW_XML has been removed from the tree, there is no reason to
1471         have AtomicMarkupTokenBase exist as a templated base class for
1472         AtomicHTMLToken. This patch just merges the code back into
1473         AtomicHTMLToken.
1474
1475         * html/parser/HTMLToken.h:
1476         (AtomicHTMLToken):
1477         (WebCore::AtomicHTMLToken::type):
1478         (WebCore::AtomicHTMLToken::name):
1479         (WebCore::AtomicHTMLToken::setName):
1480         (WebCore::AtomicHTMLToken::selfClosing):
1481         (WebCore::AtomicHTMLToken::getAttributeItem):
1482         (WebCore::AtomicHTMLToken::attributes):
1483         (WebCore::AtomicHTMLToken::characters):
1484         (WebCore::AtomicHTMLToken::charactersLength):
1485         (WebCore::AtomicHTMLToken::isAll8BitData):
1486         (WebCore::AtomicHTMLToken::comment):
1487         (WebCore::AtomicHTMLToken::publicIdentifier):
1488         (WebCore::AtomicHTMLToken::systemIdentifier):
1489         (WebCore::AtomicHTMLToken::clearExternalCharacters):
1490         (WebCore::AtomicHTMLToken::AtomicHTMLToken):
1491         (WebCore::AtomicMarkupTokenBase::initializeAttributes):
1492         (WebCore):
1493         * xml/parser/MarkupTokenBase.h:
1494
1495 2013-01-22  Eric Seidel  <eric@webkit.org>
1496
1497         Turn on ENABLE_THREADED_HTML_PARSER for Chromium (it's still disabled at runtime)
1498         https://bugs.webkit.org/show_bug.cgi?id=107519
1499
1500         Reviewed by Adam Barth.
1501
1502         Add some ASSERTs to be double-dog-sure that we're never using
1503         any of the threading code when threading is not enabled.
1504
1505         I also removed an if-branch in the !ENABLE_THREADED_HTML_PARSER case
1506         as it's not needed.
1507
1508         * html/parser/HTMLDocumentParser.cpp:
1509         (WebCore::HTMLDocumentParser::prepareToStopParsing):
1510         (WebCore::HTMLDocumentParser::startBackgroundParser):
1511         (WebCore::HTMLDocumentParser::stopBackgroundParser):
1512
1513 2013-01-22  Kentaro Hara  <haraken@chromium.org>
1514
1515         [V8] Make an Isolate parameter mandatory in toV8()
1516         https://bugs.webkit.org/show_bug.cgi?id=107520
1517
1518         Reviewed by Adam Barth.
1519
1520         Now it's safe to remove an optional Isolate parameter.
1521
1522         No tests. No change in behavior.
1523
1524         * bindings/scripts/CodeGeneratorV8.pm:
1525         (GenerateHeader):
1526         * bindings/scripts/test/V8/V8Float64Array.h:
1527         (WebCore::toV8):
1528         * bindings/scripts/test/V8/V8TestActiveDOMObject.h:
1529         (WebCore::toV8):
1530         * bindings/scripts/test/V8/V8TestCustomNamedGetter.h:
1531         (WebCore::toV8):
1532         * bindings/scripts/test/V8/V8TestEventConstructor.h:
1533         (WebCore::toV8):
1534         * bindings/scripts/test/V8/V8TestEventTarget.h:
1535         (WebCore::toV8):
1536         * bindings/scripts/test/V8/V8TestException.h:
1537         (WebCore::toV8):
1538         * bindings/scripts/test/V8/V8TestInterface.h:
1539         (WebCore::toV8):
1540         * bindings/scripts/test/V8/V8TestMediaQueryListListener.h:
1541         (WebCore::toV8):
1542         * bindings/scripts/test/V8/V8TestNamedConstructor.h:
1543         (WebCore::toV8):
1544         * bindings/scripts/test/V8/V8TestNode.h:
1545         (WebCore::toV8):
1546         * bindings/scripts/test/V8/V8TestObj.h:
1547         (WebCore::toV8):
1548         * bindings/scripts/test/V8/V8TestOverloadedConstructors.h:
1549         (WebCore::toV8):
1550         * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.h:
1551         (WebCore::toV8):
1552         * css/MediaQueryListListener.cpp:
1553         (WebCore::MediaQueryListListener::queryChanged):
1554         * testing/v8/WebCoreTestSupport.cpp:
1555         (WebCoreTestSupport::injectInternalsObject):
1556
1557 2013-01-22  Mihnea Ovidenie  <mihnea@adobe.com>
1558
1559         [CSS Regions] min-max height will not trigger a relayout when set on a region with auto-height
1560         https://bugs.webkit.org/show_bug.cgi?id=103738
1561
1562         Reviewed by David Hyatt.
1563
1564         When the style of an auto-height region changes with different min/max-height, we have to make sure
1565         that the 2-pass layout algorithm is run so that the region height is properly computed. When doing a 2-pass layout 
1566         for auto-height regions, we have to make sure that in the first pass, all auto-height regions start without a previously
1567         computed overrideLogicalContentHeight, otherwise we may end-up with incorrect results, illustrated by tests
1568         autoheight-two-pass-layout-complex-001.html and autoheight-two-pass-layout-complex-002.html.
1569
1570         If we do not have auto height regions, a single pass layout in enough to correctly flow content inside regions.
1571         When we have auto height regions, the algorithm to lay out content should be:
1572         1. If the flow thread content does not need lay out, we do a single pass layout.
1573         If during the layout, an auto-height region needs layout or a normal (not auto height) region changes its box dimensions,
1574         we need to perform a new 2-pass layout after this layout completes. If not, we bail out and skip step 2.
1575         2. Do a full two pass layout and make sure that all auto height regions start the 2-pass layout without a previously computed
1576         override logical content height.
1577
1578         Tests: fast/regions/autoheight-region-decrease-maxheight.html
1579                fast/regions/autoheight-region-decrease-minheight.html
1580                fast/regions/autoheight-region-decrease-width.html
1581                fast/regions/autoheight-region-increase-maxheight.html
1582                fast/regions/autoheight-region-increase-minheight.html
1583                fast/regions/autoheight-region-increase-width.html
1584                fast/regions/autoheight-region-new-maxheight-vrl.html
1585                fast/regions/autoheight-region-new-maxheight.html
1586                fast/regions/autoheight-region-new-minheight-vlr.html
1587                fast/regions/autoheight-region-new-minheight.html
1588                fast/regions/autoheight-region-remove-maxheight.html
1589                fast/regions/autoheight-region-remove-minheight.html
1590                fast/regions/autoheight-two-pass-layout-complex-001.html
1591                fast/regions/autoheight-two-pass-layout-complex-002.html
1592                fast/regions/region-height-auto-to-defined.html
1593                fast/regions/region-height-defined-to-auto.html
1594
1595         * rendering/FlowThreadController.cpp: Added a flag that is needed to mark whether we need a full 2-pass layout.
1596         (WebCore::FlowThreadController::FlowThreadController):
1597         * rendering/FlowThreadController.h:
1598         (WebCore::FlowThreadController::needsTwoPassLayoutForAutoHeightRegions):
1599         (WebCore::FlowThreadController::setNeedsTwoPassLayoutForAutoHeightRegions):
1600         * rendering/RenderFlowThread.cpp:
1601         (WebCore::RenderFlowThread::resetRegionsOverrideLogicalContentHeight): Use invalidateRegions because we need also to mark the flow thread as needing layout.
1602         (WebCore::RenderFlowThread::markAutoLogicalHeightRegionsForLayout):
1603         * rendering/RenderRegion.cpp:
1604         (WebCore::RenderRegion::layout): Make sure we do a 2-pass layout if needed.
1605         * rendering/RenderView.cpp:
1606         (WebCore::RenderView::layoutContentInAutoLogicalHeightRegions): Added a new function that models the layout algorithm for the case when we have auto height regions
1607         and flow threads.
1608         (WebCore::RenderView::layout):
1609         (WebCore::RenderView::checkTwoPassLayoutForAutoHeightRegions):
1610         * rendering/RenderView.h:
1611
1612 2013-01-22  Adam Barth  <abarth@webkit.org>
1613
1614         ENABLE(NEW_XML) isn't used by anyone and no one is actively working on it
1615         https://bugs.webkit.org/show_bug.cgi?id=100710
1616
1617         Reviewed by Eric Seidel.
1618
1619         As discussed on webkit-dev
1620         <http://lists.webkit.org/pipermail/webkit-dev/2012-August/022103.html>,
1621         ENABLE(NEW_XML) isn't used by anyone and no one is actively working on
1622         it. We should remove it from the code base for the time being. If folks
1623         want to work on it again, we can restore it from SVN history.
1624
1625         * GNUmakefile.list.am:
1626         * Target.pri:
1627         * WebCore.gypi:
1628         * WebCore.vcproj/WebCore.vcproj:
1629         * WebCore.xcodeproj/project.pbxproj:
1630         * dom/Document.cpp:
1631         (WebCore::Document::createParser):
1632         * dom/DocumentFragment.cpp:
1633         (WebCore::DocumentFragment::parseXML):
1634         * xml/parser/NewXMLDocumentParser.cpp: Removed.
1635         * xml/parser/NewXMLDocumentParser.h: Removed.
1636         * xml/parser/XMLCharacterReferenceParser.cpp: Removed.
1637         * xml/parser/XMLCharacterReferenceParser.h: Removed.
1638         * xml/parser/XMLToken.h: Removed.
1639         * xml/parser/XMLTokenizer.cpp: Removed.
1640         * xml/parser/XMLTokenizer.h: Removed.
1641         * xml/parser/XMLTreeBuilder.cpp: Removed.
1642         * xml/parser/XMLTreeBuilder.h: Removed.
1643
1644 2013-01-22  Kentaro Hara  <haraken@chromium.org>
1645
1646         [V8] Pass an Isolate to toV8() of event listeners
1647         https://bugs.webkit.org/show_bug.cgi?id=107517
1648
1649         Reviewed by Adam Barth.
1650
1651         By using Context::GetIsolate(), this patch passes an Isolate to toV8().
1652         I think this would be the last patch to pass an Isolate to toV8().
1653         In the next patch, I will make an Isolate parameter mandatory for toV8().
1654
1655         No tests. No change in behavior.
1656
1657         * bindings/v8/V8AbstractEventListener.cpp:
1658         (WebCore::V8AbstractEventListener::getReceiverObject):
1659         * bindings/v8/V8AbstractEventListener.h:
1660         (V8AbstractEventListener):
1661         * bindings/v8/V8EventListener.cpp:
1662         (WebCore::V8EventListener::callListenerFunction):
1663         * bindings/v8/V8LazyEventListener.cpp:
1664         (WebCore::toObjectWrapper):
1665         (WebCore::V8LazyEventListener::callListenerFunction):
1666         (WebCore::V8LazyEventListener::prepareListenerObject):
1667         * bindings/v8/V8WorkerContextEventListener.cpp:
1668         (WebCore::V8WorkerContextEventListener::getReceiverObject):
1669
1670 2013-01-22  Tim Horton  <timothy_horton@apple.com>
1671
1672         PDFPlugin: Build PDFPlugin everywhere, enable at runtime
1673         https://bugs.webkit.org/show_bug.cgi?id=107117
1674
1675         Reviewed by Alexey Proskuryakov.
1676
1677         Since PDFLayerController SPI is all forward-declared, the plugin should build
1678         on all Mac platforms, and can be enabled at runtime.
1679
1680         * Configurations/FeatureDefines.xcconfig:
1681
1682 2013-01-22  Dominic Mazzoni  <dmazzoni@google.com>
1683
1684         AX: Should assert if we try to create two AXObjects that point to the same renderer or node
1685         https://bugs.webkit.org/show_bug.cgi?id=107504
1686
1687         Reviewed by Chris Fleizach.
1688
1689         If two accessibility objects get created that point to the
1690         same widget, renderer, or node, that can lead to crashes or
1691         memory corruption later; make it assert instead of crashing.
1692
1693         * accessibility/AXObjectCache.cpp:
1694         (WebCore::AXObjectCache::getOrCreate):
1695
1696 2013-01-22  Kentaro Hara  <haraken@chromium.org>
1697
1698         [V8] Pass an Isolate to toV8()
1699         https://bugs.webkit.org/show_bug.cgi?id=107512
1700
1701         Reviewed by Adam Barth.
1702
1703         By using Context::GetIsolate(), this patch passes an Isolate to toV8().
1704
1705         No tests. No change in behavior.
1706
1707         * bindings/v8/IDBBindingUtilities.cpp:
1708         (WebCore::injectIDBKeyIntoScriptValue):
1709         (WebCore::idbKeyToScriptValue):
1710         * bindings/v8/ScriptController.cpp:
1711         (WebCore::createScriptObject):
1712         (WebCore::ScriptController::createScriptObjectForPluginElement):
1713         * bindings/v8/ScriptDebugServer.cpp:
1714         (WebCore::ScriptDebugServer::currentCallFrame):
1715         * bindings/v8/ScriptObject.cpp:
1716         (WebCore::ScriptGlobalObject::set):
1717         * bindings/v8/V8AbstractEventListener.cpp:
1718         (WebCore::V8AbstractEventListener::handleEvent):
1719         * bindings/v8/V8DOMWindowShell.cpp:
1720         (WebCore::V8DOMWindowShell::updateDocumentProperty):
1721         * bindings/v8/V8MutationCallback.cpp:
1722         (WebCore::V8MutationCallback::handleEvent):
1723         * bindings/v8/V8NodeFilterCondition.cpp:
1724         (WebCore::V8NodeFilterCondition::acceptNode):
1725         * bindings/v8/V8WorkerContextEventListener.cpp:
1726         (WebCore::V8WorkerContextEventListener::handleEvent):
1727         * bindings/v8/custom/V8CustomSQLStatementErrorCallback.cpp:
1728         (WebCore::V8SQLStatementErrorCallback::handleEvent):
1729         * bindings/v8/custom/V8InjectedScriptHostCustom.cpp:
1730         (WebCore::InjectedScriptHost::nodeAsScriptValue):
1731
1732 2013-01-22  Sergey Ryazanov  <serya@chromium.org>
1733
1734         Web Inspector: Show requests in `curl` syntax in DevTools → Network → Headers
1735         https://bugs.webkit.org/show_bug.cgi?id=107276
1736
1737         Reviewed by Pavel Feldman.
1738
1739         Test: inspector/curl-command.html
1740
1741         * inspector/front-end/NetworkPanel.js:
1742         (WebInspector.NetworkLogView.prototype._generateCurlCommand):
1743
1744 2013-01-22  Yury Semikhatsky  <yurys@chromium.org>
1745
1746         Web Inspector: reuse JS heap profiler UI for native heap graph representaion
1747         https://bugs.webkit.org/show_bug.cgi?id=107452
1748
1749         Reviewed by Pavel Feldman.
1750
1751         NativeHeapSnapshot is introduced to leverage JS heap snapshot processing algorithms
1752         for native heap graph. New snapshot type ("Native Heap Snapshot") is added to the
1753         profiles panel. It will represent native heap snapshots using the same UI as we use
1754         for JS heap snapshots.
1755
1756         * WebCore.gypi:
1757         * WebCore.vcproj/WebCore.vcproj:
1758         * inspector/compile-front-end.py:
1759         * inspector/front-end/HeapSnapshot.js:
1760         (WebInspector.HeapSnapshot):
1761         (WebInspector.HeapSnapshot.prototype._init):
1762         * inspector/front-end/HeapSnapshotProxy.js:
1763         (WebInspector.HeapSnapshotWorker):
1764         * inspector/front-end/HeapSnapshotView.js:
1765         (WebInspector.HeapProfileHeader.prototype.load):
1766         (WebInspector.HeapProfileHeader.prototype.startSnapshotTransfer): extracted a few methods
1767         to support overrides for native heap snapshots.
1768         (WebInspector.HeapProfileHeader.prototype.snapshotConstructorName):
1769         (WebInspector.HeapProfileHeader.prototype._setupWorker):
1770         * inspector/front-end/NativeHeapSnapshot.js: Added.
1771         (WebInspector.NativeHeapSnapshot):
1772         (WebInspector.NativeHeapSnapshot.prototype.createNode):
1773         (WebInspector.NativeHeapSnapshot.prototype.createEdge):
1774         (WebInspector.NativeHeapSnapshot.prototype.createRetainingEdge):
1775         (WebInspector.NativeHeapSnapshot.prototype._markInvisibleEdges):
1776         (WebInspector.NativeHeapSnapshot.prototype._calculateFlags):
1777         (WebInspector.NativeHeapSnapshot.prototype.canHaveDistanceOne):
1778         (WebInspector.NativeHeapSnapshot.prototype.userObjectsMapAndFlag):
1779         (WebInspector.NativeHeapSnapshotNode):
1780         (WebInspector.NativeHeapSnapshotNode.prototype.canBeQueried):
1781         (WebInspector.NativeHeapSnapshotNode.prototype.isUserObject):
1782         (WebInspector.NativeHeapSnapshotNode.prototype.className):
1783         (WebInspector.NativeHeapSnapshotNode.prototype.classIndex):
1784         (WebInspector.NativeHeapSnapshotNode.prototype.id):
1785         (WebInspector.NativeHeapSnapshotNode.prototype.name):
1786         (WebInspector.NativeHeapSnapshotNode.prototype.isHidden):
1787         (WebInspector.NativeHeapSnapshotNode.prototype.isSynthetic):
1788         (WebInspector.NativeHeapSnapshotNode.prototype.isWindow):
1789         (WebInspector.NativeHeapSnapshotNode.prototype.isDetachedDOMTreesRoot):
1790         (WebInspector.NativeHeapSnapshotNode.prototype.isDetachedDOMTree):
1791         (WebInspector.NativeHeapSnapshotEdge):
1792         (WebInspector.NativeHeapSnapshotEdge.prototype.clone):
1793         (WebInspector.NativeHeapSnapshotEdge.prototype.hasStringName):
1794         (WebInspector.NativeHeapSnapshotEdge.prototype.isElement):
1795         (WebInspector.NativeHeapSnapshotEdge.prototype.isHidden):
1796         (WebInspector.NativeHeapSnapshotEdge.prototype.isWeak):
1797         (WebInspector.NativeHeapSnapshotEdge.prototype.isInternal):
1798         (WebInspector.NativeHeapSnapshotEdge.prototype.isInvisible):
1799         (WebInspector.NativeHeapSnapshotEdge.prototype.isShortcut):
1800         (WebInspector.NativeHeapSnapshotEdge.prototype.name):
1801         (WebInspector.NativeHeapSnapshotEdge.prototype.toString):
1802         (WebInspector.NativeHeapSnapshotEdge.prototype._nameOrIndex):
1803         (WebInspector.NativeHeapSnapshotRetainerEdge):
1804         (WebInspector.NativeHeapSnapshotRetainerEdge.prototype.clone):
1805         (WebInspector.NativeHeapSnapshotRetainerEdge.prototype.isElement):
1806         (WebInspector.NativeHeapSnapshotRetainerEdge.prototype.isHidden):
1807         (WebInspector.NativeHeapSnapshotRetainerEdge.prototype.isInternal):
1808         (WebInspector.NativeHeapSnapshotRetainerEdge.prototype.isInvisible):
1809         (WebInspector.NativeHeapSnapshotRetainerEdge.prototype.isShortcut):
1810         (WebInspector.NativeHeapSnapshotRetainerEdge.prototype.isWeak):
1811         * inspector/front-end/NativeMemorySnapshotView.js:
1812         (WebInspector.NativeSnapshotProfileType):
1813         (WebInspector.NativeSnapshotProfileType.prototype.get buttonTooltip):
1814         (WebInspector.NativeSnapshotProfileType.prototype.buttonClicked.didReceiveMemorySnapshot):
1815         (WebInspector.NativeSnapshotProfileType.prototype.buttonClicked):
1816         (WebInspector.NativeSnapshotProfileType.prototype.get treeItemTitle):
1817         (WebInspector.NativeSnapshotProfileType.prototype.get description):
1818         (WebInspector.NativeSnapshotProfileType.prototype.createTemporaryProfile):
1819         (WebInspector.NativeSnapshotProfileType.prototype.createProfile):
1820         (WebInspector.NativeSnapshotProfileHeader):
1821         (WebInspector.NativeSnapshotProfileHeader.prototype.createView):
1822         (WebInspector.NativeSnapshotProfileHeader.prototype.startSnapshotTransfer):
1823         (WebInspector.NativeSnapshotProfileHeader.prototype.snapshotConstructorName):
1824         (WebInspector.NativeSnapshotProfileHeader.prototype._takeNativeSnapshot): build a datastructure
1825         resembling one used for JS heap snapshots but populated with the data from the native snaphot.
1826         (WebInspector.NativeHeapSnapshotView):
1827         (WebInspector.NativeHeapSnapshotView.prototype.get profile):
1828         (WebInspector.NativeMemoryProfileType):
1829         (WebInspector.NativeMemoryProfileType.prototype.get buttonTooltip):
1830         * inspector/front-end/ProfilesPanel.js:
1831         (WebInspector.ProfilesPanel):
1832         * inspector/front-end/WebKit.qrc:
1833
1834 2013-01-21  Kentaro Hara  <haraken@chromium.org>
1835
1836         [V8] ScriptState::isolate() should use Context::GetIsolate()
1837         https://bugs.webkit.org/show_bug.cgi?id=107490
1838
1839         Reviewed by Adam Barth.
1840
1841         Now V8 provides Context::GetIsolate(). We should use it
1842         in ScriptState::isolate().
1843
1844         * bindings/v8/ScriptState.h:
1845         (WebCore::ScriptState::isolate):
1846         (ScriptState):
1847
1848 2013-01-21  Michał Pakuła vel Rutka  <m.pakula@samsung.com>
1849
1850         [EFL] Missing context menus strings
1851         https://bugs.webkit.org/show_bug.cgi?id=107104
1852
1853         Reviewed by Kenneth Rohde Christiansen.
1854
1855         Add 5 missing localization strings for text direction context menus.
1856
1857         * platform/efl/LocalizedStringsEfl.cpp:
1858         (WebCore::contextMenuItemTagRightToLeft):
1859         (WebCore::contextMenuItemTagLeftToRight):
1860         (WebCore::contextMenuItemTagWritingDirectionMenu):
1861         (WebCore::contextMenuItemTagTextDirectionMenu):
1862         (WebCore::contextMenuItemTagDefaultDirection):
1863
1864 2013-01-21  Kent Tamura  <tkent@chromium.org>
1865
1866         Date selection from calendar picker should dispatch 'input' event in addition to 'change' event
1867         https://bugs.webkit.org/show_bug.cgi?id=107427
1868
1869         Reviewed by Kentaro Hara.
1870
1871         According to the specification and Opera's behavior, we should dispatch
1872         not only 'change' event but also 'input' event when a user chooses a
1873         date from the calender picker.
1874
1875         http://www.whatwg.org/specs/web-apps/current-work/multipage/common-input-element-attributes.html#common-event-behaviors
1876         > When the user agent changes the element's value on behalf of the user
1877         > (e.g. as part of a form prefilling feature), the user agent must follow
1878         > these steps:
1879         > 1. If the input event applies, queue a task to fire a simple event
1880         > that bubbles named input at the input element.
1881         > 2. If the change event applies, queue a task to fire a simple event
1882         > that bubbles named change at the input element.
1883
1884         Tests: platform/chromium/fast/forms/calendar-picker/date-picker-events.html
1885                platform/chromium/fast/forms/calendar-picker/datetimelocal-picker-events.html
1886
1887         * html/InputType.cpp:
1888         (WebCore::InputType::setValue): Add DispatchInputAndChangeEvent support.
1889         * html/BaseChooserOnlyDateAndTimeInputType.cpp:
1890         (WebCore::BaseChooserOnlyDateAndTimeInputType::didChooseValue):
1891         Use DispatchInputAndChangeEvent, not DispatchChangeEvent.
1892         * html/BaseMultipleFieldsDateAndTimeInputType.cpp:
1893         (WebCore::BaseMultipleFieldsDateAndTimeInputType::pickerIndicatorChooseValue):
1894         Ditto.
1895
1896 2013-01-21  Justin Schuh  <jschuh@chromium.org>
1897
1898         [CHROMIUM] Suppress c4267 build warnings for Win64 targets
1899         https://bugs.webkit.org/show_bug.cgi?id=107499
1900
1901         Reviewed by Abhishek Arya.
1902
1903         No new tests. No code changes.
1904
1905         * WebCore.gyp/WebCore.gyp:
1906
1907 2013-01-21  Andreas Kling  <akling@apple.com>
1908
1909         CSSSelector::value() should assert that m_match != Tag.
1910         <http://webkit.org/b/107500>
1911
1912         Reviewed by Anders Carlsson.
1913
1914         Add an assertion to catch anyone trying to extract a value() from a Tag selector.
1915
1916         * css/CSSSelector.h:
1917         (CSSSelector):
1918         (WebCore::CSSSelector::value):
1919
1920 2013-01-21  Dimitri Glazkov  <dglazkov@chromium.org>
1921
1922         Move HTML Attribute case-sensitivity logic out of SelectorChecker to HTMLDocument.
1923         https://bugs.webkit.org/show_bug.cgi?id=107460
1924
1925         The case-sensitivity of HTML attributes is defined in HTML spec and is only applicable in HTML documents,
1926         so having this logic in HTMLDocument seems like a good thing.
1927
1928         Reviewed by Eric Seidel.
1929
1930         Refactoring, covered by existing tests.
1931
1932         * css/SelectorChecker.cpp:
1933         (WebCore): Moved code out of here.
1934         (WebCore::isFastCheckableMatch): Changed the callsite to use new location.
1935         (WebCore::SelectorChecker::checkOne): Ditto.
1936         * html/HTMLDocument.cpp:
1937         (WebCore::addLocalNameToSet): Moved the code into here.
1938         (WebCore): Ditto.
1939         (WebCore::createHtmlCaseInsensitiveAttributesSet): Ditto.
1940         (WebCore::HTMLDocument::isCaseSensitiveAttribute): Ditto.
1941         * html/HTMLDocument.h:
1942         (HTMLDocument): Added decl for the newly moved function.
1943
1944 2013-01-21  Shinya Kawanaka  <shinyak@chromium.org>
1945
1946         FrameSelection should use shadowHost instead of shadowAncestorNode
1947         https://bugs.webkit.org/show_bug.cgi?id=107220
1948
1949         Reviewed by Kent Tamura.
1950
1951         shadowAncestorNode() is deprecated and we want to use shadowHost.
1952         Here, all objects calling shadowAncestorNode() is in ShadowDOM, we can safely convert
1953         the call to shadowHost().
1954
1955         No new tests, simple refactoring.
1956
1957         * editing/FrameSelection.cpp:
1958         (WebCore::FrameSelection::selectAll):
1959
1960 2013-01-21  Dirk Schulze  <dschulze@adobe.com>
1961
1962         Add build flag for Canvas's Path object (disabled by default)
1963         https://bugs.webkit.org/show_bug.cgi?id=107473
1964
1965         Reviewed by Dean Jackson.
1966
1967         Add CANVAS_PATH build flag to build systems.
1968
1969         * Configurations/FeatureDefines.xcconfig:
1970         * GNUmakefile.am:
1971
1972 2013-01-21  Andreas Kling  <akling@apple.com>
1973
1974         CSS: Make tag sub-selectors standalone CSSSelectors.
1975         <http://webkit.org/b/107111>
1976
1977         Reviewed by Antti Koivisto.
1978
1979         TL;DR: Instead of storing a QualifiedName with every CSSSelector, special-case tag selectors
1980                by promoting them to stand-alone CSSSelectors.
1981                33% reduction in CSS selector memory usage, 4.77 MB progression on Membuster3.
1982                Fixed some bugs in Shadow DOM that were exposed by these changes.
1983
1984         A selector like this:
1985
1986             div.tripp.trapp#trull { }
1987
1988         Would previously be represented by a chain of 3 CSSSelector objects like so:
1989
1990             [ Tag: "div",  Type: Class,  Value: "tripp" ]
1991             [ Tag:     *,  Type: Class,  Value: "trapp" ]
1992             [ Tag:     *,  Type: ID,     Value: "trull" ]
1993
1994         After this change, the memory layout becomes:
1995
1996             [ Type: Tag,    Value: "div"   ]
1997             [ Type: Class,  Value: "tripp" ]
1998             [ Type: Class,  Value: "trapp" ]
1999             [ Type: ID,     Value: "trull" ]
2000
2001         This is a huge net memory win since the majority of selectors don't even have a tag name
2002         and those that do now have a flat cost of one more CSSSelector.
2003         Traversal is also slightly cleaner since any tag name will now be in a predictable place.
2004
2005         * css/SelectorChecker.cpp:
2006         (WebCore::isFastCheckableMatch):
2007         * html/shadow/HTMLContentElement.cpp:
2008         (WebCore::validateSubSelector):
2009
2010             Renamed CSSSelector::None to CSSSelector::Tag.
2011
2012         * css/SelectorChecker.h:
2013         (WebCore::SelectorChecker::tagMatches):
2014         * css/StyleResolver.cpp:
2015         (WebCore::StyleResolver::ruleMatches):
2016
2017             Changed SelectorChecker::tagMatches() to take a QualifiedName instead of a CSSSelector.
2018
2019         * dom/QualifiedName.cpp:
2020         (WebCore::QualifiedName::deref):
2021         (WebCore::QualifiedName::QualifiedNameImpl::~QualifiedNameImpl):
2022         * dom/QualifiedName.h:
2023         (QualifiedNameImpl):
2024
2025             Give QualifiedNameImpl a destructor so it can remove itself from the global cache instead of
2026             having QualifiedName do it. This makes it possible to participate in ownership of QualifiedNames
2027             via a QualifiedNameImpl pointer, as used by the union member in CSSSelector.
2028
2029         * css/CSSGrammar.y.in:
2030         * css/CSSParser.cpp:
2031         (WebCore::CSSParser::createFloatingSelectorWithTagName):
2032         (WebCore::CSSParser::updateSpecifiersWithNamespaceIfNeeded):
2033         (WebCore::CSSParser::updateSpecifiersWithElementName):
2034         * css/CSSParser.h:
2035         * css/CSSParserValues.h:
2036         (CSSParserSelector):
2037         * css/CSSParserValues.cpp:
2038         (WebCore::CSSParserSelector::CSSParserSelector):
2039         (WebCore::CSSParserSelector::prependTagSelector):
2040
2041             Make the CSS parser slap a CSSSelector with m_match=Tag at the head of all selectors that match
2042             one or more of these criteria:
2043
2044             - The selector starts with a tag, e.g "div.foo" or just plain "span"
2045             - There is a @namespace rule in effect, and the override namespace needs to be stored with the selector.
2046               These will have CSSSelectors::m_isTagForNamespaceRule set, this is only so that selector serialization
2047               can avoid outputting a '*' tag where we previously didn't.
2048
2049         (WebCore::CSSParserSelector::isSimple):
2050
2051             Merged the CSSSelector::isSimple() logic into CSSParserSelector, since it's only needed during parsing
2052             to figure out if a selector is allowed within :not().
2053
2054         * css/CSSSelector.h:
2055         (CSSSelector):
2056         (WebCore::CSSSelector::setValue):
2057         (WebCore::CSSSelector::CSSSelector):
2058         (WebCore::CSSSelector::~CSSSelector):
2059         (WebCore::CSSSelector::tagQName):
2060         * css/CSSSelector.cpp:
2061         (WebCore::CSSSelector::createRareData):
2062         (WebCore::CSSSelector::operator==):
2063
2064             Add a QualifiedNameImpl* m_tagQName member to the CSSSelector data union. This union pointer is used
2065             if m_match == Tag. tagQName() is used to retrieve the tag (renamed from tag().) 
2066
2067         (WebCore::CSSSelector::selectorText):
2068
2069             Only serialize Tag selector components that aren't namespace placeholders. This behavior is web-facing
2070             so we make an effort to stay consistent.
2071
2072         (WebCore::CSSSelector::specificityForOneSelector):
2073         (WebCore::CSSSelector::specificityForPage):
2074         * css/CSSSelectorList.cpp:
2075         (WebCore::SelectorNeedsNamespaceResolutionFunctor::operator()):
2076         * css/RuleSet.cpp:
2077         (WebCore::isSelectorMatchingHTMLBasedOnRuleHash):
2078         * css/SelectorFilter.cpp:
2079         (WebCore::collectDescendantSelectorIdentifierHashes):
2080         (WebCore::SelectorFilter::collectIdentifierHashes):
2081
2082             Adapt algorithms to having Tag selectors.
2083
2084         (WebCore::selectorListContainsUncommonAttributeSelector):
2085
2086             Loop through all selector components when looking for uncommon attributes.
2087
2088         (WebCore::determinePropertyWhitelistType):
2089
2090             Loop through all selector components when looking for ::cue().
2091
2092         (WebCore::RuleSet::addRule):
2093         (WebCore::RuleSet::findBestRuleSetAndAdd):
2094
2095             Break addRule into two methods to be able to peek ahead if the first selector is a Tag.
2096             Otherwise we'd end up sticking most selectors in m_tagRules, breaking the class/ID/etc optimizations.
2097
2098         * css/SelectorChecker.cpp:
2099         (WebCore::SelectorChecker::fastCheck):
2100         (WebCore::SelectorChecker::fastCheckSingleSelector):
2101
2102             It's no longer necessary to check the tagQName for every selector component, so don't.
2103             Also simplified the signature of the template argument function.
2104
2105         (WebCore::SelectorChecker::fastCheckRightmostSelector):
2106
2107             Updated for Tag selectors.
2108
2109         (WebCore::SelectorChecker::checkOne):
2110         (WebCore::SelectorChecker::matches):
2111         (WebCore::SelectorChecker::match):
2112
2113             Have match() take a SiblingTraversalStrategy so it can forward that to checkOne().
2114             This is necessary for shadow DOM code that was incorrectly calling checkOne() instead of match().
2115
2116         * css/StyleResolver.cpp:
2117         (WebCore::StyleResolver::ruleMatches):
2118
2119             The meaning of "single-part selector" changes a bit with this patch, and no longer includes "div.foo"
2120             as that is now a Tag, followed by a Class. Given that, we can't assume the tag check is unnecessary
2121             just because the rightmost descendant was found in one of the hashes.
2122
2123         (WebCore::StyleResolver::matchPageRulesForList):
2124
2125             Loop through all selector components when matching @page since pseudo types may not always be in
2126             the first subselector now.
2127
2128         * html/shadow/ContentDistributor.cpp:
2129         (WebCore::ContentDistributor::collectSelectFeatureSetFrom):
2130
2131             Collect feature information from subselectors to make sure nothing is missed. (This bug was exposed
2132             by offsetting the subselectors.)
2133
2134         * html/shadow/ContentSelectorQuery.cpp:
2135         (WebCore::ContentSelectorChecker::checkContentSelector):
2136
2137             Call SelectorChecker::match() instead of checkOne() to make subselector traversal work properly.
2138
2139 2013-01-21  Levi Weintraub  <leviw@chromium.org>
2140
2141         Event target rects on the top level document shouldn't be clipped.
2142         https://bugs.webkit.org/show_bug.cgi?id=107339
2143
2144         Reviewed by James Robinson.
2145
2146         clippedOverflowRectForRepaint clips the top-level RenderView to the viewport, which
2147         is wrong for generating event target rects, as the result will not extend to the bounds
2148         of the document on pages that scroll. Changing the top-level view to use documentRect
2149         instead.
2150
2151         Tests updated to cover bug: platform/chromium/fast/events/touch/touch-hit-rects-in-iframe.html
2152                                     platform/chromium/fast/events/touch/compositor-touch-hit-rects.html
2153
2154         * page/scrolling/ScrollingCoordinator.cpp:
2155         (WebCore::accumulateRendererTouchEventTargetRects): Use converToRootView instead of
2156         a loop around convertToContaining view. This is not a change in behavior.
2157         (WebCore::accumulateDocumentEventTargetRects): Switch to use documentRect instead of
2158         clippedOverflowRectForRepaint for the top-level Document, and use converToRootView
2159         to put rects in the coordinates of the top-level document.
2160
2161 2013-01-17  Andy Estes  <aestes@apple.com>
2162
2163         Add a USE() macro for content filtering code
2164         https://bugs.webkit.org/show_bug.cgi?id=107098
2165
2166         Reviewed by Mark Rowe.
2167
2168         * WebCore.exp.in: Use USE(CONTENT_FILTERING).
2169         * loader/MainResourceLoader.cpp:
2170         (WebCore::MainResourceLoader::MainResourceLoader): Ditto.
2171         (WebCore::MainResourceLoader::~MainResourceLoader): Ditto.
2172         (WebCore::MainResourceLoader::cancel): Ditto.
2173         (WebCore::MainResourceLoader::responseReceived): Ditto.
2174         (WebCore::MainResourceLoader::dataReceived): Ditto.
2175         (WebCore::MainResourceLoader::didFinishLoading): Ditto.
2176         (WebCore::MainResourceLoader::notifyFinished): Ditto.
2177         * loader/MainResourceLoader.h:
2178         (MainResourceLoader): Ditto.
2179         * platform/mac/WebCoreSystemInterface.h: Ditto.
2180         * platform/mac/WebCoreSystemInterface.mm: Ditto.
2181
2182 2013-01-21  Bem Jones-Bey  <bjonesbe@adobe.com>
2183
2184         [CSS Exclusions] shape-outside on floats for rectangle shapes positioning
2185         https://bugs.webkit.org/show_bug.cgi?id=100399
2186
2187         Reviewed by David Hyatt.
2188
2189         When a float has a shape-outside with non-zero x or y, the float's
2190         exclusion behavior can happen at a completely different location than
2191         where the float's content is painted. This patch brings initial
2192         support for this behavior.
2193
2194         Test: fast/exclusions/shape-outside-floats/shape-outside-floats-positioning.html
2195
2196         * rendering/RenderBlock.cpp:
2197         (WebCore::RenderBlock::flipFloatForWritingModeForChild): If called
2198             during painting, make sure to pass that state down to the float
2199             positioning so that it can use the proper position.
2200         (WebCore::RenderBlock::paintFloats): Since this is concerned with
2201             painting, use the position of the float, not the shape.
2202         (WebCore::RenderBlock::positionNewFloats): Set the correct location
2203             for the float, relative to the location of the shape.
2204         (WebCore::RenderBlock::addOverhangingFloats): Add FIXME.
2205         * rendering/RenderBlock.h:
2206         (WebCore::RenderBlock::xPositionForFloatIncludingMargin): 
2207         (WebCore::RenderBlock::yPositionForFloatIncludingMargin): Since the 
2208             position of the shape (FloatingObject) can be different from the
2209             position of the float's box (RenderBox), the position needs to be
2210             computed differently for painting than for determining layout.
2211         (WebCore::RenderBlock::flipFloatForWritingModeForChild): Change
2212             signature to take painting flag.
2213
2214 2013-01-21  Eric Carlson  <eric.carlson@apple.com>
2215
2216         Support non-WebVTT cues from in-band text tracks
2217         https://bugs.webkit.org/show_bug.cgi?id=107046
2218
2219         Reviewed by Sam Weinig.
2220
2221         * CMakeLists.txt: Add new files.
2222         * GNUmakefile.list.am: Ditto.
2223         * Target.pri: Ditto.
2224         * WebCore.gypi: Ditto.
2225         * WebCore.vcproj/WebCore.vcproj: Ditto.
2226         * WebCore.xcodeproj/project.pbxproj: Ditto.
2227
2228         * html/shadow/MediaControlElements.cpp:
2229         (WebCore::MediaControlTextTrackContainerElement::updateDisplay): Pass video size to getDisplayTree.
2230
2231         * html/track/InbandTextTrack.cpp:
2232         (WebCore::InbandTextTrack::addGenericCue): New, create a generic cue if it doesn't already exist.
2233         (WebCore::InbandTextTrack::addWebVTTCue): Renamed from addCue.
2234         * html/track/InbandTextTrack.h:
2235
2236         * html/track/TextTrack.cpp:
2237         (WebCore::TextTrack::hasCue): Moved from InbandTextTrack.cpp, use operator == instead of inline
2238             comparison so derived TextTrackCues can be compared.
2239         * html/track/TextTrack.h:
2240
2241         * html/track/TextTrackCue.cpp:
2242         (WebCore::TextTrackCueBox::applyCSSProperties): Interface change.
2243         (WebCore::TextTrackCue::TextTrackCue): Don't create the display tree in the constructor, it may
2244             never be needed.
2245         (WebCore::TextTrackCue::createDisplayTree): New, create the display tree.
2246         (WebCore::TextTrackCue::displayTreeInternal): Display tree accessor, allows it to be created lazily.
2247         (WebCore::TextTrackCue::setAlign): Alignment -> CueAlignment.
2248         (WebCore::TextTrackCue::setIsActive): Use displayTreeInternal().
2249         (WebCore::TextTrackCue::getDisplayTree): Use displayTreeInternal(), pass video size to applyCSSProperties.
2250         (WebCore::TextTrackCue::removeDisplayTree): Use displayTreeInternal().
2251         (WebCore::TextTrackCue::operator==): New.
2252         * html/track/TextTrackCue.h:
2253         (WebCore::TextTrackCue::getAlignment): Alignment -> CueAlignment.
2254         (WebCore::TextTrackCue::operator!=): New.
2255         (WebCore::TextTrackCue::cueType): New, cue type identified needed by operator==.
2256         (WebCore::TextTrackCue::ownerDocument): New.
2257
2258         * html/track/TextTrackCueGeneric.cpp: Added.
2259         (WebCore::TextTrackCueGenericBox::create):
2260         (WebCore::TextTrackCueGenericBox::TextTrackCueGenericBox):
2261         (WebCore::TextTrackCueGenericBox::applyCSSProperties):
2262         (WebCore:::TextTrackCue):
2263         (WebCore::TextTrackCueGeneric::createDisplayTree):
2264         (WebCore::TextTrackCueGeneric::operator==):
2265         * html/track/TextTrackCueGeneric.h: Added.
2266         (WebCore::TextTrackCueGeneric::create):
2267         (WebCore::TextTrackCueGeneric::~TextTrackCueGeneric):
2268         (WebCore::TextTrackCueGeneric::baseFontSizeRelativeToVideoHeight):
2269         (WebCore::TextTrackCueGeneric::setBaseFontSizeRelativeToVideoHeight):
2270         (WebCore::TextTrackCueGeneric::fontSizeMultiplier):
2271         (WebCore::TextTrackCueGeneric::setFontSizeMultiplier):
2272         (WebCore::TextTrackCueGeneric::fontName):
2273         (WebCore::TextTrackCueGeneric::setFontName):
2274         (WebCore::TextTrackCueGeneric::operator!=):
2275         (WebCore::TextTrackCueGeneric::cueType):
2276
2277         * platform/graphics/InbandTextTrackPrivateClient.h:
2278         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
2279         (WebCore::InbandTextTrackPrivateAVF::processCueAttributes): Copy cue attributes into GenericCueData
2280             struct instead of trying to convert to WebVTT settings string. Process font size,font base
2281             size, font name, and vertical layout attributes,
2282         (WebCore::InbandTextTrackPrivateAVF::processCue): Create separate cues for each attributed
2283             string in the array because each one can be at a different screen location.
2284         (WebCore::InbandTextTrackPrivateAVF::resetCueValues):
2285         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.h:
2286         (InbandTextTrackPrivateAVF):
2287
2288         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
2289         (WebCore::MediaPlayerPrivateAVFoundation::seekCompleted): Reset any partially accumulated cues
2290             delivered since the seek was started.
2291         (WebCore::MediaPlayerPrivateAVFoundation::addGenericCue): Renamed from flushCurrentCue.
2292         * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
2293
2294         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
2295         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayer): Whitespace cleanup.
2296         (WebCore::MediaPlayerPrivateAVFoundationObjC::createAVPlayerItem): Ditto.
2297         (WebCore::MediaPlayerPrivateAVFoundationObjC::tracksChanged): Tell legible output to deliver cues
2298             without any additional styling needed by the internal renderer.
2299         (WebCore::MediaPlayerPrivateAVFoundationObjC::processTextTracks):
2300         (WebCore::MediaPlayerPrivateAVFoundationObjC::setCurrentTrack): Do nothing if asked to change
2301             to the track that is already current.
2302         (-[WebCoreAVFMovieObserver legibleOutput:didOutputAttributedStrings:nativeSampleBuffers:forItemTime:]):
2303             Check to make sure that the client callback isn't NULL.
2304
2305 2013-01-21  Robert Hogan  <robert@webkit.org>
2306
2307         Misaligned logo on www.nzherald.co.nz possibly due to negative margin-top
2308         https://bugs.webkit.org/show_bug.cgi?id=14664
2309
2310         Reviewed by David Hyatt.
2311
2312         Test: fast/block/float/clear-negative-margin-top.html
2313
2314         * rendering/RenderBlock.cpp:
2315         (WebCore::RenderBlock::collapseMargins): If a negative margin pulls a block up so that floats from
2316         siblings overhang, then ensure addOverHangingFloats() uses the revised logical top position when
2317         deciding whether a float does indeed overhang into the block after margin-collapsing.
2318         (WebCore::RenderBlock::clearFloatsIfNeeded):
2319
2320 2013-01-21  Rik Cabanier  <cabanier@adobe.com>
2321
2322         Proposal: Add support for even-odd fill and clip to Canvas
2323         https://bugs.webkit.org/show_bug.cgi?id=106188
2324
2325         Reviewed by Dirk Schulze.
2326
2327         This patch adds support for an optional winding rule to fill, clip
2328         and isPointInPath in canvas 2d. By default, the fill is non-zero but
2329         you can now pass in an optional winding rule string ("nonzero" or "evenodd")
2330         to make an explicit choice.
2331
2332         Tests: fast/canvas/canvas-clip-rule.html
2333                fast/canvas/canvas-fill-rule.html
2334                fast/canvas/canvas-isPointInPath-winding.html
2335
2336         * html/canvas/CanvasRenderingContext2D.cpp: Change implementation so it sets the windig rule in the context.
2337         (WebCore::parseWinding):
2338         (WebCore):
2339         (WebCore::CanvasRenderingContext2D::fill):
2340         (WebCore::CanvasRenderingContext2D::clip):
2341         (WebCore::CanvasRenderingContext2D::isPointInPath):
2342         * html/canvas/CanvasRenderingContext2D.h: 
2343         (CanvasRenderingContext2D):
2344         * html/canvas/CanvasRenderingContext2D.idl: Change the idl so the new API is exposed to JavaScript.
2345         * platform/graphics/cg/GraphicsContextCG.cpp: Fixes a bug where the wrong winding rule was set for clipping in Core Graphics.
2346         (WebCore::GraphicsContext::clip):
2347
2348 2013-01-21  ChangSeok Oh  <shivamidow@gmail.com>
2349
2350         [GTK][AC] setOpacity doesn't work for GraphicsLayerClutter
2351         https://bugs.webkit.org/show_bug.cgi?id=105436
2352
2353         Reviewed by Gustavo Noronha Silva.
2354
2355         Implement GraphicsLayerClutter::setOpacity based on Mac's GraphicsLayer implementation.
2356
2357         No new tests since this patch can be covered by already existing gtk ac tests.
2358
2359         * platform/graphics/clutter/GraphicsLayerClutter.cpp:
2360         (WebCore::GraphicsLayerClutter::setOpacity):
2361         (WebCore):
2362         (WebCore::GraphicsLayerClutter::updateOpacityOnLayer):
2363         (WebCore::GraphicsLayerClutter::commitLayerChangesBeforeSublayers):
2364         * platform/graphics/clutter/GraphicsLayerClutter.h:
2365
2366 2013-01-21  ChangSeok Oh  <shivamidow@gmail.com>
2367
2368         [Texmap][GTK] The poster-circle doesn't appear.
2369         https://bugs.webkit.org/show_bug.cgi?id=106672
2370
2371         Reviewed by Noam Rosenthal.
2372
2373         We need to call setNeedsDisplay to redraw GraphicsLayer after we set drawsContent
2374         a new value for the layer. Otherwise we can't get a chance for first drawing the layer.
2375
2376         Test: compositing/visibility/visibility-composited-animation.html
2377
2378         * platform/graphics/texmap/TextureMapperLayer.cpp:
2379         (WebCore::TextureMapperLayer::flushCompositingStateForThisLayerOnly):
2380
2381 2013-01-21  Viatcheslav Ostapenko  <sl.ostapenko@samsung.com>
2382
2383         [EFL][Qt][WebGl] Random crash in GraphicsContext3D::drawArrays
2384         https://bugs.webkit.org/show_bug.cgi?id=107178
2385
2386         Reviewed by Noam Rosenthal.
2387
2388         Workaround for the problem in mesa when internal llvm pipe object is deleted
2389         later than the screen object. Screen object is deleted because the corresponding 
2390         X server display connection closed.
2391         Keep X server display connection open until program shutdown. 
2392         OffScreenRootWindow::display is now static, so there is no need to create
2393         OffScreenRootWindow object on client side.
2394
2395         Fixes crash that appears during run of fast/canavs/webgl tests.
2396
2397         * platform/graphics/surfaces/glx/GraphicsSurfaceGLX.cpp:
2398         (OffScreenRootWindow):
2399         (WebCore::OffScreenRootWindow::DisplayConnection::DisplayConnection):
2400         (DisplayConnection):
2401         (WebCore::OffScreenRootWindow::DisplayConnection::~DisplayConnection):
2402         (WebCore::OffScreenRootWindow::DisplayConnection::display):
2403         (WebCore::OffScreenRootWindow::display):
2404         (WebCore::OffScreenRootWindow::~OffScreenRootWindow):
2405         (WebCore):
2406         (WebCore::GraphicsSurfacePrivate::GraphicsSurfacePrivate):
2407         (WebCore::GraphicsSurfacePrivate::createSurface):
2408         (WebCore::GraphicsSurfacePrivate::createPixmap):
2409         (WebCore::GraphicsSurfacePrivate::makeCurrent):
2410         (WebCore::GraphicsSurfacePrivate::doneCurrent):
2411         (WebCore::GraphicsSurfacePrivate::swapBuffers):
2412         (WebCore::GraphicsSurfacePrivate::display):
2413         (WebCore::GraphicsSurfacePrivate::size):
2414         (WebCore::GraphicsSurfacePrivate::findFBConfigWithAlpha):
2415         (WebCore::GraphicsSurfacePrivate::clear):
2416         (GraphicsSurfacePrivate):
2417
2418 2013-01-21  Michael[tm] Smith  <mike@w3.org>
2419
2420         Implement the HTML <main> element.
2421         https://bugs.webkit.org/show_bug.cgi?id=103172
2422
2423         Reviewed by Chris Fleizach.
2424
2425         Authored by Steve Faulkner <faulkner.steve@gmail.com>
2426
2427         <main> should behave the same as <nav>, <section>, and <article>, and <aside>.
2428         <main> should expose AXLandmarkMain correctly on each platform.
2429
2430         Tests: fast/html/main-element.html
2431                platform/chromium/accessibility/main-element.html
2432                platform/mac/accessibility/main-element.html
2433
2434         * accessibility/AccessibilityRenderObject.cpp:
2435         (WebCore::AccessibilityRenderObject::determineAccessibilityRole):
2436         * css/html.css:
2437         (article, aside, footer, header, hgroup, main, nav, section):
2438         * editing/FormatBlockCommand.cpp:
2439         (WebCore::isElementForFormatBlock):
2440         * html/HTMLTagNames.in:
2441         * html/parser/HTMLStackItem.h:
2442         (WebCore::HTMLStackItem::isSpecialNode):
2443         * html/parser/HTMLTreeBuilder.cpp:
2444         (WebCore::HTMLTreeBuilder::processStartTagForInBody):
2445         (WebCore::HTMLTreeBuilder::processEndTagForInBody):
2446
2447 2013-01-21  Joanmarie Diggs  <jdiggs@igalia.com>
2448
2449         Crash in AccessibilityTableCell::parentTable()
2450         https://bugs.webkit.org/show_bug.cgi?id=107261
2451
2452         Reviewed by Chris Fleizach.
2453
2454         Test: accessibility/table-destroyed-crash.html
2455
2456         Getting the parent table in order to get the role value should not be
2457         done when objects are being destroyed. Also, it does not seem safe to
2458         assume we have an AXObjectCache.
2459
2460         Moving the logic from roleValue() to determineAccessibilityRole() has
2461         the side effect of not being able to verify the cell is in an AXTable
2462         when that AXTable has not yet been created. Therefore isTableCell()
2463         should look to see if it is the descendant of an AXRow.
2464
2465         * accessibility/AccessibilityTableCell.cpp:
2466         (WebCore::AccessibilityTableCell::parentTable):
2467         (WebCore::AccessibilityTableCell::isTableCell):
2468         (WebCore::AccessibilityTableCell::determineAccessibilityRole):
2469         * accessibility/AccessibilityTableCell.h:
2470         (AccessibilityTableCell):
2471
2472 2013-01-21  Halton Huo  <halton.huo@intel.com>
2473
2474         [GTK] Volume button should not be shown for videos without audio
2475         https://bugs.webkit.org/show_bug.cgi?id=106436
2476
2477         Reviewed by Philippe Normand.
2478
2479         The volume control is no longer shown for videos with no audio.
2480
2481         No new tests, tested by media/video-no-audio.html.
2482
2483         * platform/gtk/RenderThemeGtk.cpp:
2484         (WebCore::RenderThemeGtk::hasOwnDisabledStateHandlingFor):
2485         (WebCore):
2486         * platform/gtk/RenderThemeGtk.h:
2487
2488 2013-01-21  Dan Winship  <danw@gnome.org>
2489
2490         [Soup] Work around a glib bug
2491         https://bugs.webkit.org/show_bug.cgi?id=106789
2492
2493         Reviewed by Martin Robinson.
2494
2495         In glib <= 2.35.4, g_input_stream_skip_async() applied to a
2496         libsoup response stream will do a synchronous skip() in another
2497         thread, which libsoup isn't expecting and doesn't have proper
2498         locking for. Work around this until the next time we bump the glib
2499         requirement by using read_async() (and throwing away the result)
2500         instead of skip_async().
2501
2502         No new tests; fixes a race condition in existing tests with older
2503         glib
2504
2505         * platform/network/soup/ResourceHandleSoup.cpp:
2506         (WebCore::redirectSkipCallback):
2507         (WebCore::sendRequestCallback):
2508
2509 2013-01-18  Andrey Kosyakov  <caseq@chromium.org>
2510
2511         Web Inspector: data grid resize is slow
2512         https://bugs.webkit.org/show_bug.cgi?id=107291
2513
2514         Reviewed by Pavel Feldman.
2515
2516         - avoid (most of) unnecessary relayouts and style recalculation when dragging data grid resizer.
2517
2518         * inspector/front-end/DataGrid.js:
2519         (WebInspector.DataGrid.prototype._positionResizers):
2520         (WebInspector.DataGrid.prototype._resizerDragging):
2521
2522 2013-01-21  Vladislav Kaznacheev  <kaznacheev@chromium.org>
2523
2524         [Inspector] Layout Elements panel in a single column when docked right.
2525         https://bugs.webkit.org/show_bug.cgi?id=107129
2526
2527         Reviewed by Pavel Feldman.
2528
2529         If the Inspector is docked right, the style panes in the Elements panel
2530         are put below the DOM tree pane, not to the right. This behavior
2531         is experimental (hidden behind a new flag "elementsPanelSingleColumn").
2532
2533         No new tests.
2534
2535         * inspector/front-end/DockController.js:
2536         (WebInspector.DockController.prototype.dockSide):
2537         (WebInspector.DockController.prototype._updateUI):
2538         (WebInspector.DockController.prototype._toggleDockState):
2539         * inspector/front-end/ElementsPanel.js:
2540         (WebInspector.ElementsPanel.prototype.onResize):
2541         (WebInspector.ElementsPanel.prototype._onDockStateChanged):
2542         (WebInspector.ElementsPanel.prototype._sidebarPosition):
2543         * inspector/front-end/Panel.js:
2544         (WebInspector.Panel.prototype.createSidebarView):
2545         * inspector/front-end/Settings.js:
2546         (WebInspector.ExperimentsSettings):
2547         * inspector/front-end/SidebarView.js:
2548         (WebInspector.SidebarView):
2549         (WebInspector.SidebarView.prototype.get mainElement):
2550         (WebInspector.SidebarView.prototype.get sidebarElement):
2551         (WebInspector.SidebarView.prototype._setSidebarElementStyle):
2552         (WebInspector.SidebarView.prototype.setSidebarPosition):
2553         (WebInspector.SidebarView.prototype._innerSetSidebarPosition):
2554         (WebInspector.SidebarView.prototype.setMinimumSidebarHeight):
2555         (WebInspector.SidebarView.prototype.setMinimumMainHeightPercent):
2556         (WebInspector.SidebarView.prototype.applyConstraints):
2557         (WebInspector.SidebarView.prototype.hideMainElement):
2558         (WebInspector.SidebarView.prototype.hideSidebarElement):
2559         * inspector/front-end/SplitView.js:
2560         (WebInspector.SplitView):
2561         * inspector/front-end/splitView.css:
2562         (.split-view-sidebar-top):
2563         (.split-view-sidebar-top.maximized):
2564         (.split-view-sidebar-bottom):
2565         (.split-view-sidebar-bottom.maximized):
2566
2567 2013-01-21  Yury Semikhatsky  <yurys@chromium.org>
2568
2569         Web Inspector: do not serialize native heap graph when collecting information about memory distribution
2570         https://bugs.webkit.org/show_bug.cgi?id=107450
2571
2572         Reviewed by Pavel Feldman.
2573
2574         Native heap graph is not reported when we need to show only high-level memory distribution.
2575
2576         * inspector/front-end/NativeMemorySnapshotView.js:
2577         (WebInspector.NativeMemorySnapshotView):
2578         (WebInspector.NativeMemoryProfileType.prototype.buttonClicked.didReceiveMemorySnapshot):
2579         (WebInspector.NativeMemoryProfileType.prototype.buttonClicked):
2580
2581 2013-01-21  Alexander Pavlov  <apavlov@chromium.org>
2582
2583         Web Inspector: [REGRESSION] Forced :visited pseudoclass has no effect on A elements
2584         https://bugs.webkit.org/show_bug.cgi?id=107448
2585
2586         Reviewed by Antti Koivisto.
2587
2588         * css/StyleResolver.cpp:
2589         (WebCore::StyleResolver::sortAndTransferMatchedRules): Remove totally bad code.
2590         (WebCore::StyleResolver::styleForElement):
2591           Use InsideVisitedLink if PseudoVisited has been forced by Inspector.
2592
2593 2013-01-18  Andrey Adaikin  <aandrey@chromium.org>
2594
2595         Web Inspector: modify generate_protocol_externs.py to generate JSON typedef's for @constructors
2596         https://bugs.webkit.org/show_bug.cgi?id=107287
2597
2598         Reviewed by Pavel Feldman.
2599
2600         Modify generate_protocol_externs.py to generate @typedefs instead of @constructors,
2601
2602         * inspector/InjectedScriptCanvasModuleSource.js:
2603         (.):
2604         * inspector/InjectedScriptSource.js:
2605         * inspector/compile-front-end.py:
2606         * inspector/generate_protocol_externs.py:
2607         (param_type):
2608
2609 2013-01-21  Oleg Smirnov  <oleg.smirnov@lge.com>
2610
2611         [Gtk] [Cairo] Memory leak when is WebView destroy.
2612         https://bugs.webkit.org/show_bug.cgi?id=107112
2613
2614         Reviewed by Martin Robinson.
2615
2616         Make createSurfaceForBackingStore return a smart pointer in all supported
2617         build configurations to avoid a memory leak.
2618         
2619         No new tests. There is memory leak only.
2620
2621         * platform/cairo/WidgetBackingStoreCairo.cpp:
2622         (WebCore::createSurfaceForBackingStore):
2623
2624 2013-01-21  Kent Tamura  <tkent@chromium.org>
2625
2626         INPUT_MULTIPLE_FIELDS_UI: should not dispatch 'input' events if the element value is not updated
2627         https://bugs.webkit.org/show_bug.cgi?id=107429
2628
2629         Reviewed by Kentaro Hara.
2630
2631         http://www.whatwg.org/specs/web-apps/current-work/multipage/common-input-element-attributes.html#common-event-behaviors
2632         > any time the user causes the element's value to change, the user agent
2633         > must queue a task to fire a simple event that bubbles named input at the
2634         > input element.
2635
2636         Tests:
2637         fast/forms/time-multiple-fields/time-multiple-fields-keyboard-event.html
2638         is updated to cover this change.
2639
2640         * html/BaseMultipleFieldsDateAndTimeInputType.cpp:
2641         (WebCore::BaseMultipleFieldsDateAndTimeInputType::editControlValueChanged):
2642         If the new value is equivalent to the old value, don't dispatch events.
2643         However we should recalculate validity and call notifyFormStateChanged
2644         because input.validity.badInput state might be changed.
2645
2646 2013-01-21  Alexander Pavlov  <apavlov@chromium.org>
2647
2648         Web Inspector: Do not dispatch mousemove when emulating touch event and no touch is active
2649         https://bugs.webkit.org/show_bug.cgi?id=107419
2650
2651         Reviewed by Pavel Feldman.
2652
2653         mousemove event should not be dispatched when emulating touch events and mouse button is not pressed
2654
2655         * page/EventHandler.cpp:
2656         (WebCore::EventHandler::dispatchSyntheticTouchEventIfEnabled):
2657
2658 2013-01-21  Andrey Lushnikov  <lushnikov@chromium.org>
2659
2660         Web Inspector: fix highlight bug in DTE.
2661         https://bugs.webkit.org/show_bug.cgi?id=107433
2662
2663         Reviewed by Pavel Feldman.
2664
2665         Do not re-create |state.ranges| array when it already contains highlight.
2666
2667         Test: inpector/editor/highlighter-chunk-limit.txt
2668
2669         * inspector/front-end/TextEditorHighlighter.js:
2670         (WebInspector.TextEditorHighlighter.prototype._highlightLines):
2671
2672 2013-01-21  Takashi Sakamoto  <tasak@google.com>
2673
2674         [Refactoring] rename StyleRuleBlock -> StyleRuleGroup
2675         https://bugs.webkit.org/show_bug.cgi?id=107415
2676
2677         Reviewed by Antti Koivisto.
2678
2679         StyleRuleBlock should be renamed StyleRuleGroup, because
2680         CSSGroupingRule (not CSSBlockRule) is an interface for an at-rule that
2681         contains other rules nested inside itself:
2682         http://www.w3.org/TR/2012/WD-css3-conditional-20121213/#the-cssgroupingrule-interface
2683         To match the name: CSSGroupingRule, StyleRuleGroup looks better.
2684
2685         No new tests, because just refactoring.
2686
2687         * css/CSSGroupingRule.cpp:
2688         (WebCore::CSSGroupingRule::CSSGroupingRule):
2689         (WebCore::CSSGroupingRule::reattach):
2690         * css/CSSGroupingRule.h:
2691         (CSSGroupingRule):
2692         * css/StyleRule.cpp:
2693         (WebCore::StyleRuleGroup::StyleRuleGroup):
2694         (WebCore::StyleRuleGroup::wrapperInsertRule):
2695         (WebCore::StyleRuleGroup::wrapperRemoveRule):
2696         (WebCore::StyleRuleGroup::reportDescendantMemoryUsage):
2697         (WebCore::StyleRuleMedia::StyleRuleMedia):
2698         (WebCore::StyleRuleSupports::StyleRuleSupports):
2699         (WebCore::StyleRuleRegion::StyleRuleRegion):
2700         * css/StyleRule.h:
2701         (StyleRuleGroup):
2702         (WebCore::StyleRuleHost::StyleRuleHost):
2703         (WebCore::toStyleRuleMedia):
2704         (WebCore::toStyleRuleSupports):
2705         (WebCore::toStyleRuleRegion):
2706         Just replaced StyleRuleBlock with StyleRuleGroup.
2707
2708 2013-01-21  Andrey Lushnikov  <lushnikov@chromium.org>
2709
2710         Web Inspector: refactoring to use string as argument for highlightRegex API
2711         https://bugs.webkit.org/show_bug.cgi?id=107243
2712
2713         Reviewed by Pavel Feldman.
2714
2715         Use string as argument for highlightRegex API instead of using regex object.
2716
2717         No new tests: no change in behaviour.
2718
2719         * inspector/front-end/DefaultTextEditor.js:
2720         (WebInspector.TextEditorMainPanel.prototype.highlightRegex):
2721         * inspector/front-end/TextEditor.js:
2722
2723 2013-01-21  Sheriff Bot  <webkit.review.bot@gmail.com>
2724
2725         Unreviewed, rolling out r140311.
2726         http://trac.webkit.org/changeset/140311
2727         https://bugs.webkit.org/show_bug.cgi?id=107431
2728
2729         Broke selection-related tests (Requested by apavlov on
2730         #webkit).
2731
2732         * page/EventHandler.cpp:
2733         (WebCore::EventHandler::dispatchSyntheticTouchEventIfEnabled):
2734
2735 2013-01-21  Kentaro Hara  <haraken@chromium.org>
2736
2737         Unreviewed. Build fix.
2738
2739         * bindings/v8/V8NPObject.cpp:
2740         (WebCore::createV8ObjectForNPObject):
2741
2742 2013-01-20  Alexander Pavlov  <apavlov@chromium.org>
2743
2744         Web Inspector: Do not dispatch mousemove when emulating touch event and no touch is active
2745         https://bugs.webkit.org/show_bug.cgi?id=107419
2746
2747         Reviewed by Pavel Feldman.
2748
2749         mousemove event should not be dispatched when emulating touch events and mouse button is not pressed
2750
2751         * page/EventHandler.cpp:
2752         (WebCore::EventHandler::dispatchSyntheticTouchEventIfEnabled):
2753
2754 2013-01-21  Tommy Widenflycht  <tommyw@google.com>
2755
2756         MediaStream API: Update the RTCPeerConnection states to match the latest specification
2757         https://bugs.webkit.org/show_bug.cgi?id=107120
2758
2759         Reviewed by Adam Barth.
2760
2761         http://dev.w3.org/2011/webrtc/editor/webrtc.html#interface-definition
2762
2763         RTCPeerConnection::readyState and iceState are history and instead signalingState,
2764         iceConnectionState and iceGatheringState have been introduced.
2765
2766         Existing tests updated to cover this patch.
2767
2768         * Modules/mediastream/RTCPeerConnection.cpp:
2769         (WebCore::RTCPeerConnection::RTCPeerConnection):
2770         (WebCore::RTCPeerConnection::createOffer):
2771         (WebCore::RTCPeerConnection::createAnswer):
2772         (WebCore::RTCPeerConnection::setLocalDescription):
2773         (WebCore::RTCPeerConnection::localDescription):
2774         (WebCore::RTCPeerConnection::setRemoteDescription):
2775         (WebCore::RTCPeerConnection::remoteDescription):
2776         (WebCore::RTCPeerConnection::updateIce):
2777         (WebCore::RTCPeerConnection::addIceCandidate):
2778         (WebCore::RTCPeerConnection::readyState):
2779         (WebCore):
2780         (WebCore::RTCPeerConnection::signalingState):
2781         (WebCore::RTCPeerConnection::iceConnectionState):
2782         (WebCore::RTCPeerConnection::addStream):
2783         (WebCore::RTCPeerConnection::removeStream):
2784         (WebCore::RTCPeerConnection::createDataChannel):
2785         (WebCore::RTCPeerConnection::close):
2786         (WebCore::RTCPeerConnection::didChangeSignalingState):
2787         (WebCore::RTCPeerConnection::didChangeIceGatheringState):
2788         (WebCore::RTCPeerConnection::didChangeIceConnectionState):
2789         (WebCore::RTCPeerConnection::didAddRemoteStream):
2790         (WebCore::RTCPeerConnection::didRemoveRemoteStream):
2791         (WebCore::RTCPeerConnection::didAddRemoteDataChannel):
2792         (WebCore::RTCPeerConnection::stop):
2793         (WebCore::RTCPeerConnection::changeSignalingState):
2794         (WebCore::RTCPeerConnection::changeIceGatheringState):
2795         (WebCore::RTCPeerConnection::changeIceConnectionState):
2796         * Modules/mediastream/RTCPeerConnection.h:
2797         (RTCPeerConnection):
2798         * Modules/mediastream/RTCPeerConnection.idl:
2799         * platform/mediastream/RTCPeerConnectionHandlerClient.h:
2800         (RTCPeerConnectionHandlerClient):
2801         * platform/mediastream/chromium/RTCPeerConnectionHandlerChromium.cpp:
2802         (WebCore::RTCPeerConnectionHandlerChromium::didChangeSignalingState):
2803         (WebCore::RTCPeerConnectionHandlerChromium::didChangeICEConnectionState):
2804         * platform/mediastream/chromium/RTCPeerConnectionHandlerChromium.h:
2805         (RTCPeerConnectionHandlerChromium):
2806
2807 2013-01-21  Kent Tamura  <tkent@chromium.org>
2808
2809         Use ISO8601 date/time formats as fallbacks for date/time input types
2810         https://bugs.webkit.org/show_bug.cgi?id=107418
2811
2812         Reviewed by Kentaro Hara.
2813
2814         We obtain date/time formats from OSes to build date/time input type
2815         UIs. If something wrong happens in the code, fallback formats are
2816         used. Such fallback formats should not be English formats in order that
2817         we can find defects easily.
2818
2819         No new tests. These formats should not be used unless the current code
2820         has defects.
2821
2822         * html/DateTimeInputType.cpp:
2823         (WebCore::DateTimeInputType::setupLayoutParameters):
2824         Use an ISO8601 format which is same as a format used in HTML5.
2825         * html/DateTimeLocalInputType.cpp:
2826         (WebCore::DateTimeLocalInputType::setupLayoutParameters): Ditto.
2827         * html/MonthInputType.cpp:
2828         (WebCore::MonthInputType::setupLayoutParameters): Ditto.
2829         * html/WeekInputType.cpp:
2830         (WebCore::WeekInputType::setupLayoutParameters): Ditto.
2831         * platform/text/LocaleICU.cpp:
2832         (WebCore::LocaleICU::dateFormat): Ditto.
2833         * platform/text/LocaleNone.cpp:
2834         (WebCore::LocaleNone::dateFormat): Ditto.
2835         (WebCore::LocaleNone::dateTimeFormatWithSeconds): Ditto.
2836         (WebCore::LocaleNone::dateTimeFormatWithoutSeconds): Ditto.
2837
2838 2013-01-20  Matt Falkenhagen  <falken@chromium.org>
2839
2840         Elements must be reattached when inserted/removed from top layer
2841         https://bugs.webkit.org/show_bug.cgi?id=105489
2842
2843         Relanding r139402 as rollout due to suspected perf regression did not help (bug 106726).
2844
2845         Reviewed by Julien Chaffraix.
2846
2847         Ensure a reattach occurs when an element is inserted/removed from top layer, so its renderer can be inserted correctly:
2848         as a child of RenderView in top layer sibling order if it's in the top layer, and in the usual place otherwise.
2849
2850         We previously relied on style recalc to catch when an element is inserted/removed from the top layer, because it
2851         only happens on dialog.show/close which toggle display: none. But that is incorrect because, for example, close()
2852         followed immediately by show() results in no style change.
2853
2854         Tests: fast/dom/HTMLDialogElement/removed-element-is-removed-from-top-layer.html
2855                fast/dom/HTMLDialogElement/top-layer-stacking-correct-order-remove-readd.html
2856
2857         * dom/Element.cpp:
2858         (WebCore::Element::removedFrom): Call Document::removeFromTopLayer to let the element be removed from the top layer vector.
2859         removeFromTopLayer calls Element::setIsInTopLayer(false) itself if needed.
2860         (WebCore::Element::setIsInTopLayer): Ensure a reattach occurs if the element is already attached.
2861
2862 2013-01-20  Yury Semikhatsky  <yurys@chromium.org>
2863
2864         Web Inspector: change HeapSnapshotLoader to allow loading native heap snapshots
2865         https://bugs.webkit.org/show_bug.cgi?id=107282
2866
2867         Reviewed by Pavel Feldman.
2868
2869         Conctete heap snapshot constructor name is passed as a parameter to HeapSnapshotLoaderProxy and
2870         propagated to HeapSnapshotLoader.buildSnapshot to support different types of heap snapshots.
2871
2872         * inspector/front-end/HeapSnapshotLoader.js:
2873         (WebInspector.HeapSnapshotLoader.prototype.buildSnapshot):
2874         * inspector/front-end/HeapSnapshotProxy.js:
2875         (WebInspector.HeapSnapshotWorker.prototype.createLoader):
2876         (WebInspector.HeapSnapshotLoaderProxy):
2877         (WebInspector.HeapSnapshotLoaderProxy.prototype.close):
2878         * inspector/front-end/HeapSnapshotView.js:
2879         (WebInspector.HeapProfileHeader.prototype._setupWorker):
2880
2881 2013-01-20  Kentaro Hara  <haraken@chromium.org>
2882
2883         Implement MediaStreamEvent constructor
2884         https://bugs.webkit.org/show_bug.cgi?id=107411
2885
2886         Reviewed by Adam Barth.
2887
2888         Spec: http://www.w3.org/TR/webrtc/#mediastreamevent
2889
2890         Test: fast/events/constructors/media-stream-event-constructor.html
2891
2892         * Modules/mediastream/MediaStreamEvent.cpp:
2893         (WebCore::MediaStreamEventInit::MediaStreamEventInit):
2894         (WebCore):
2895         (WebCore::MediaStreamEvent::create):
2896         (WebCore::MediaStreamEvent::MediaStreamEvent):
2897         * Modules/mediastream/MediaStreamEvent.h:
2898         (MediaStreamEventInit):
2899         (WebCore):
2900         (MediaStreamEvent):
2901         * Modules/mediastream/MediaStreamEvent.idl:
2902         * bindings/js/JSDictionary.cpp:
2903         (WebCore):
2904         (WebCore::JSDictionary::convertValue):
2905         * bindings/js/JSDictionary.h:
2906         (WebCore):
2907         * bindings/v8/Dictionary.cpp:
2908         (WebCore):
2909         (WebCore::Dictionary::get):
2910         * bindings/v8/Dictionary.h:
2911         (Dictionary):
2912
2913 2013-01-20  Vladislav Kaznacheev  <kaznacheev@chromium.org>
2914
2915         Web Inspector: Allow SplitView to change orientation after the construction.
2916         https://bugs.webkit.org/show_bug.cgi?id=107263
2917
2918         Added SplitView.prototype.setIsVertical to change the orientation on the fly.
2919         Instead of passing default sidebar size to the constructor the client
2920         may now pass separate defaults for the sidebar width and height. Passing
2921         just one default works as before.
2922
2923         Reviewed by Pavel Feldman.
2924
2925         No new tests.
2926
2927         * inspector/front-end/SplitView.js:
2928         (WebInspector.SplitView):
2929         (WebInspector.SplitView.prototype.isVertical):
2930         (WebInspector.SplitView.prototype.setIsVertical):
2931         (WebInspector.SplitView.prototype._innerSetIsVertical):
2932         (WebInspector.SplitView.prototype._updateLayout):
2933         (WebInspector.SplitView.prototype.isSidebarSecond):
2934         (WebInspector.SplitView.prototype.showBoth):
2935         (WebInspector.SplitView.prototype._updateTotalSize):
2936         (WebInspector.SplitView.prototype._innerSetSidebarSize):
2937         (WebInspector.SplitView.prototype.wasShown):
2938         (WebInspector.SplitView.prototype.onResize):
2939         (WebInspector.SplitView.prototype.installResizer):
2940         (WebInspector.SplitView.prototype._onDragStart):
2941         (WebInspector.SplitView.prototype._sizeSetting):
2942         (WebInspector.SplitView.prototype._lastSidebarSize):
2943         (WebInspector.SplitView.prototype.get _saveSidebarSize):
2944
2945 2013-01-20  Kentaro Hara  <haraken@chromium.org>
2946
2947         Add a [ConstructorConditional] IDL attribute
2948         https://bugs.webkit.org/show_bug.cgi?id=107407
2949
2950         Reviewed by Adam Barth.
2951
2952         Per discussion in webkit-dev, we need to implement DOM4 event constructors
2953         under a enable flag. For that purpose, we implement a [ConstructorConditional]
2954         IDL attribute.
2955
2956         Test: bindings/scripts/test/TestInterface.idl
2957
2958         * bindings/scripts/CodeGenerator.pm:
2959         (GenerateConstructorConditionalString):
2960         * bindings/scripts/CodeGeneratorJS.pm:
2961         (GenerateConstructorDeclaration):
2962         (GenerateConstructorHelperMethods):
2963         * bindings/scripts/CodeGeneratorV8.pm:
2964         (GenerateHeader):
2965         (GenerateImplementation):
2966         * bindings/scripts/IDLAttributes.txt:
2967         * bindings/scripts/test/JS/JSTestInterface.cpp:
2968         (WebCore):
2969         * bindings/scripts/test/JS/JSTestInterface.h:
2970         (JSTestInterfaceConstructor):
2971         * bindings/scripts/test/TestInterface.idl:
2972         * bindings/scripts/test/V8/V8TestInterface.cpp:
2973         (WebCore::ConfigureV8TestInterfaceTemplate):
2974         * bindings/scripts/test/V8/V8TestInterface.h:
2975         (V8TestInterface):
2976
2977 2013-01-18  Kentaro Hara  <haraken@chromium.org>
2978
2979         [V8] We should set a class id for a NPObject wrapper
2980         https://bugs.webkit.org/show_bug.cgi?id=107249
2981
2982         Reviewed by Adam Barth.
2983
2984         This is one of steps to avoid hitting an ASSERT()
2985         that will be added in https://bugs.webkit.org/show_bug.cgi?id=107137 .
2986
2987         No tests. No change in behavior.
2988
2989         * bindings/v8/V8DOMWrapper.h:
2990         (V8DOMWrapper):
2991         (WebCore::V8DOMWrapper::setWrapperClass):
2992         (WebCore):
2993         * bindings/v8/V8NPObject.cpp:
2994         (WebCore::createV8ObjectForNPObject):
2995
2996 2013-01-20  Mike Lawther  <mikelawther@chromium.org>
2997
2998         CSS3 calc: unprefix implementation
2999         https://bugs.webkit.org/show_bug.cgi?id=91951
3000
3001         Reviewed by Ojan Vafai.
3002
3003         Add support for the unprefixed 'calc()' function, while retaining support for the prefixed version.
3004
3005         Test: css3/calc/simple-calcs-prefixed.html
3006
3007         * css/CSSCalculationValue.cpp:
3008         (WebCore::buildCssText):
3009         (WebCore::CSSCalcValue::create):
3010         * css/CSSParser.cpp:
3011         (WebCore::CSSParser::isCalculation):
3012         (WebCore::CSSParser::detectFunctionTypeToken):
3013
3014 2013-01-20  Shinya Kawanaka  <shinyak@chromium.org>
3015
3016         Distribution state becomes inconsistent with content/shadow reprojection
3017         https://bugs.webkit.org/show_bug.cgi?id=106634
3018
3019         Reviewed by Hajime Morita.
3020
3021         Distribution should be resolved from shallower ShadowDOM to deeper Shadow DOM. However, in the current implementation,
3022         there is a case that distribution for deeper ShadowDOM happens to be resolved before distribution
3023         for shallower ShadowDOM is resolved.
3024
3025         Here, we have 2 problems about distribution.
3026         1) Invalidation state is not propagated to nested (= deeper) ShadowDOM.
3027             - This causes deeper ShadowDOM looks having a valid distribution though it should be invalid.
3028         2) We are not resolving shallower ShadowDOM when deeper ShadowDOM's distribution is needed.
3029             - Because of (1), we have to check all the ancestor ShadowDOM.
3030
3031         For (1), we change invalidate() to invalidate nested ShadowDOM's distribution as well.
3032         For (2), when resolving distribution, we will check the ancestor ShadowDOM's distribution state. If the ancestor's
3033         distribution is not valid, we resolve it first.
3034
3035         For optimization of (1), actually we can skip invalidating distribution of some ShadowDOMs.
3036         If ShadowRoot of deeper ShadowDOM does not have an InsertionPoint as children, we can skip invalidating
3037         its distribution, because only children can be distributed to InsertionPoint.
3038
3039         Tests: fast/dom/shadow/distribution-crash.html
3040                fast/dom/shadow/nested-reprojection-inconsistent.html
3041
3042         * dom/ElementShadow.cpp:
3043         (WebCore::ElementShadow::attach): Should resolve distribution from ancestor.
3044         * dom/ElementShadow.h:
3045         * html/shadow/ContentDistributor.cpp:
3046         (WebCore::ContentDistributor::distribute): Added ASSERT that the parent ShadowRoot's distribution is resolved.
3047         (WebCore::ContentDistributor::invalidate): For each InsertionPoint, we have to invalidate
3048         its parent element's distribution (if it has ElementShadow).
3049         (WebCore::ContentDistributor::ensureDistribution):
3050         * html/shadow/ContentDistributor.h:
3051         (WebCore::ContentDistributor::isValid):
3052         * html/shadow/HTMLShadowElement.cpp:
3053         (WebCore::HTMLShadowElement::olderShadowRoot): Should resolve distribution from ancestor.
3054         * html/shadow/InsertionPoint.cpp:
3055         (WebCore::InsertionPoint::attach): ditto.
3056         (WebCore::InsertionPoint::detach): ditto.
3057         (WebCore::InsertionPoint::getDistributedNodes): ditto.
3058         (WebCore::resolveReprojection): ditto.
3059
3060 2013-01-20  Dominic Mazzoni  <dmazzoni@google.com>
3061
3062         Make SpeechSynthesis compile in the Chromium port
3063         https://bugs.webkit.org/show_bug.cgi?id=107382
3064
3065         Reviewed by Adam Barth.
3066
3067         Add stubs for the Chromium implementation of speech synthesis,
3068         and add all source and header files to WebCore.gypi. Everything
3069         is behind the ENABLE_SPEECH_SYNTHESIS flag.
3070
3071         * Modules/speech/chromium/SpeechSynthesisChromium.cpp: Added.
3072         (WebCore):
3073         (WebCore::SpeechSynthesis::initializeVoiceList):
3074         (WebCore::SpeechSynthesis::pending):
3075         (WebCore::SpeechSynthesis::speaking):
3076         (WebCore::SpeechSynthesis::paused):
3077         (WebCore::SpeechSynthesis::speak):
3078         (WebCore::SpeechSynthesis::cancel):
3079         (WebCore::SpeechSynthesis::pause):
3080         (WebCore::SpeechSynthesis::resume):
3081         * WebCore.gypi:
3082
3083 2013-01-20  Kent Tamura  <tkent@chromium.org>
3084
3085         Re-layout child blocks when border/padding of the box-sizing:border-box parent is updated
3086         https://bugs.webkit.org/show_bug.cgi?id=104997
3087
3088         Reviewed by Tony Chang.
3089
3090         When padding or border is updated for a parent block with
3091         box-sizing:border-box and width, the width of its child block was not
3092         updated.
3093
3094         Tests: fast/css/box-sizing-border-box-dynamic-padding-border-update.html
3095                fast/forms/text/text-padding-dynamic-change.html
3096
3097         * rendering/RenderBox.cpp:
3098         (WebCore::RenderBox::styleDidChange):
3099         If box-sizing of the old style and/or the new style is border-box and
3100         padding or border is changed, apply setChildNeedsLayout(true) for child
3101         boxes.
3102
3103 2013-01-20  Kentaro Hara  <haraken@chromium.org>
3104
3105         [V8] Remove custom V8ScriptProfileCustom::toV8()
3106         https://bugs.webkit.org/show_bug.cgi?id=107246
3107
3108         Reviewed by Adam Barth.
3109
3110         V8ScriptProfileCustom::toV8() needs not to be custom.
3111         Furthermore, the current custom toV8() is wrong in that
3112         it doesn't use a creationContext and it doesn't set a
3113         wrapper class id. This is one of steps to avoiding
3114         ASSERT()s that will be added in
3115         https://bugs.webkit.org/show_bug.cgi?id=107137 .
3116
3117         No tests. No change in behavior.
3118
3119         * UseV8.cmake:
3120         * WebCore.gypi:
3121         * bindings/v8/custom/V8ScriptProfileCustom.cpp: Removed.
3122         * inspector/ScriptProfile.idl:
3123
3124 2013-01-20  Sheriff Bot  <webkit.review.bot@gmail.com>
3125
3126         Unreviewed, rolling out r140290.
3127         http://trac.webkit.org/changeset/140290
3128         https://bugs.webkit.org/show_bug.cgi?id=107412
3129
3130         Broke tests of inspector and calendar picker in debug build
3131         (Requested by tkent on #webkit).
3132
3133         * rendering/RenderBox.cpp:
3134         (WebCore::RenderBox::styleDidChange):
3135
3136 2013-01-20  Yongsheng Zhu  <yongsheng.zhu@intel.com>
3137
3138         Dispatch LongPress to inner frames
3139         https://bugs.webkit.org/show_bug.cgi?id=106874
3140
3141         Reviewed by Antonio Gomes.
3142
3143         Do check whether a LongPress gesture event should be passed
3144         to inner frames. If needed, dispatch it.
3145
3146         Tests: fast/events/touch/gesture/long-press-on-draggable-element-in-iframe-triggers-drag.html
3147                fast/events/touch/gesture/long-press-on-draggable-element-in-nested-iframes-triggers-drag.html
3148
3149         * page/EventHandler.cpp:
3150         (WebCore::EventHandler::handleGestureLongPress):
3151
3152 2013-01-20  Gyuyoung Kim  <gyuyoung.kim@samsung.com>
3153
3154         Clean up missing *explicit* keyword in ctors of WebCore/rendering.
3155         https://bugs.webkit.org/show_bug.cgi?id=107373
3156
3157         Reviewed by Darin Adler.
3158
3159         Need to add *explicit* keyword to avoid implicit type conversion.
3160
3161         * rendering/RenderApplet.h:
3162         (RenderApplet):
3163         * rendering/RenderArena.h:
3164         (RenderArena):
3165         * rendering/RenderBR.h:
3166         (RenderBR):
3167         * rendering/RenderBlock.h:
3168         (RenderBlock):
3169         * rendering/RenderBox.h:
3170         (RenderBox):
3171         * rendering/RenderDetailsMarker.h:
3172         (RenderDetailsMarker):
3173         * rendering/RenderFlexibleBox.h:
3174         (RenderFlexibleBox):
3175         * rendering/RenderFlowThread.h:
3176         * rendering/RenderFullScreen.h:
3177         (RenderFullScreen):
3178         * rendering/RenderGeometryMap.h:
3179         (WebCore::RenderGeometryMapStep::RenderGeometryMapStep):
3180         * rendering/RenderGrid.h:
3181         (RenderGrid):
3182         * rendering/RenderImage.h:
3183         (RenderImage):
3184         * rendering/RenderLayerBacking.h:
3185         (RenderLayerBacking):
3186         * rendering/RenderLayerCompositor.h:
3187         (RenderLayerCompositor):
3188         * rendering/RenderLayerModelObject.h:
3189         (RenderLayerModelObject):
3190         * rendering/RenderListBox.h:
3191         (RenderListBox):
3192         * rendering/RenderListMarker.h:
3193         (RenderListMarker):
3194         * rendering/RenderMedia.h:
3195         (RenderMedia):
3196         * rendering/RenderMeter.h:
3197         (RenderMeter):
3198         * rendering/RenderMultiColumnBlock.h:
3199         (RenderMultiColumnBlock):
3200         * rendering/RenderMultiColumnFlowThread.h:
3201         (RenderMultiColumnFlowThread):
3202         * rendering/RenderObject.h:
3203         (RenderObject):
3204         * rendering/RenderPart.h:
3205         (RenderPart):
3206         * rendering/RenderProgress.h:
3207         (RenderProgress):
3208         * rendering/RenderReplaced.h:
3209         (RenderReplaced):
3210         * rendering/RenderReplica.h:
3211         (RenderReplica):
3212         * rendering/RenderRuby.h:
3213         (RenderRubyAsInline):
3214         * rendering/RenderRubyBase.h:
3215         (RenderRubyBase):
3216         * rendering/RenderRubyRun.h:
3217         (RenderRubyRun):
3218         * rendering/RenderRubyText.h:
3219         (RenderRubyText):
3220         * rendering/RenderSearchField.h:
3221         (RenderSearchField):
3222         * rendering/RenderSlider.h:
3223         (RenderSlider):
3224         * rendering/RenderSnapshottedPlugIn.h:
3225         (RenderSnapshottedPlugIn):
3226         * rendering/RenderTextControlMultiLine.h:
3227         (RenderTextControlMultiLine):
3228         * rendering/RenderTextControlSingleLine.h:
3229         (RenderTextControlSingleLine):
3230         * rendering/RenderView.h:
3231         (RenderView):
3232         * rendering/RenderWidgetProtector.h:
3233         (WebCore::RenderWidgetProtector::RenderWidgetProtector):
3234         * rendering/RootInlineBox.h:
3235         (RootInlineBox): Remove meaningless parameter name.
3236         * rendering/TableLayout.h:
3237         (WebCore::TableLayout::TableLayout):
3238
3239 2013-01-20  Kent Tamura  <tkent@chromium.org>
3240
3241         Re-layout child blocks when border/padding of the box-sizing:border-box parent is updated
3242         https://bugs.webkit.org/show_bug.cgi?id=104997
3243
3244         Reviewed by Tony Chang.
3245
3246         When padding or border is updated for a parent block with
3247         box-sizing:border-box and width, the width of its child block was not
3248         updated.
3249
3250         Tests: fast/css/box-sizing-border-box-dynamic-padding-border-update.html
3251                fast/forms/text/text-padding-dynamic-change.html
3252
3253         * rendering/RenderBox.cpp:
3254         (WebCore::RenderBox::styleDidChange):
3255         If box-sizing of the old style and/or the new style is border-box and
3256         padding or border is changed, apply setChildNeedsLayout(true) for child
3257         boxes.
3258
3259 2013-01-20  Kentaro Hara  <haraken@chromium.org>
3260
3261         Unreviewed, rolling out r140270.
3262         http://trac.webkit.org/changeset/140270
3263         https://bugs.webkit.org/show_bug.cgi?id=107253
3264
3265         Hit asserts in a debug build
3266
3267         * bindings/v8/V8DOMWindowShell.cpp:
3268         (WebCore::V8DOMWindowShell::installDOMWindow):
3269
3270 2013-01-20  Shinya Kawanaka  <shinyak@chromium.org>
3271
3272         [Shadow DOM] Specifying scrollbar style of an element having RenderLayer in ShadowDOM does not work.
3273         https://bugs.webkit.org/show_bug.cgi?id=107222
3274
3275         Reviewed by Simon Fraser.
3276
3277         When specifying scrollbar style in ShadowDOM, it's not used. If the host element of ShadowDOM has scrollbar style,
3278         it's used instead.
3279
3280         The root cause of this bug is that RenderLayer always see shadowAncestorNode's style. Some elements having
3281         UserAgent ShadowDOM (e.g. <textarea>) should see host's style, but most of elements should see its style.
3282
3283         Test: fast/dom/shadow/scrollbar.html
3284
3285         * rendering/RenderLayer.cpp:
3286         (WebCore::rendererForScrollbar):
3287         (WebCore):
3288         (WebCore::RenderLayer::createScrollbar):
3289         (WebCore::RenderLayer::updateScrollCornerStyle):
3290         (WebCore::RenderLayer::updateResizerStyle):
3291
3292 2013-01-20  Yoshifumi Inoue  <yosin@chromium.org>
3293
3294         Dragging over an element with scrollbars should scroll the element when dragging near edges
3295         https://bugs.webkit.org/show_bug.cgi?id=39725
3296
3297         Reviewed by Hajime Morita.
3298
3299         This patch introduces auto scrolling functionality during drag-and-drop
3300         when drop source is near edge of scrollable element.
3301
3302         When drop source is inside 20px of scrollable element more than 200ms,
3303         scrollable element is automatically scrolled every 50ms toward drop
3304         source position, e.g. vertically scroll up when drop source is in top
3305         edge.
3306
3307         Test: fast/events/drag-and-drop-autoscroll.html
3308
3309         * page/AutoscrollController.cpp:
3310         (WebCore::AutoscrollController::AutoscrollController): Changed to initialize m_dragAndDropAutoscrollStartTime.
3311         (WebCore::AutoscrollController::updateDragAndDrop): Added for start/stop autoscroll during drag-and-drop.
3312         (WebCore::AutoscrollController::autoscrollTimerFired): Changed to add autoscroll for drag-and-drop, and to pass last know position to RenderBox::autoscroll().
3313         * page/AutoscrollController.h:
3314         (AutoscrollController): Changed to add updateDragAndDrop() and m_dragAndDropAutoscrollReferencePosition and m_dragAndDropAutoscrollStartTime.
3315         * page/ChromeClient.h:
3316         (WebCore::ChromeClient): Changed to add new function shouldAutoscrollForDragAndDrop().
3317         * page/EventHandler.cpp:
3318         (WebCore::EventHandler::updateDragAndDrop): Changed to call AutoscrollController::updateDragAndDrop().
3319         (WebCore::EventHandler::clearDragState): Changed to call stopAutoscrollTimer().
3320         * rendering/RenderBox.cpp:
3321         (WebCore::RenderBox::autoscroll): Changed for new parameter position.
3322         (WebCore::RenderBox::calculateAutoscrollDirection): Added for autoscroll.
3323         * rendering/RenderBox.h:
3324         (RenderBox):
3325         * rendering/RenderLayer.cpp:
3326         (WebCore::RenderLayer::autoscroll):  Changed for new parameter position and move updateSelectionForMouseDrag() to AutoscrollController.
3327         * rendering/RenderLayer.h:
3328         (RenderLayer):
3329         * rendering/RenderListBox.cpp:
3330         (WebCore::RenderListBox::autoscroll):  Changed for new parameter position.
3331         * rendering/RenderListBox.h:
3332         (RenderListBox):
3333         * rendering/RenderTextControlSingleLine.cpp:
3334         (WebCore::RenderTextControlSingleLine::autoscroll):  Changed for new parameter position.
3335         * rendering/RenderTextControlSingleLine.h:
3336         (RenderTextControlSingleLine):
3337
3338 2013-01-20  Laszlo Gombos  <l.gombos@samsung.com>
3339
3340         Simplify a list of negative PLATFORM() tests
3341         https://bugs.webkit.org/show_bug.cgi?id=107365
3342
3343         Reviewed by Eric Seidel.
3344
3345         Simplify a list of negative PLATFORM() tests into a simpler list
3346         of positive tests for better readability and maintenance.
3347
3348         No new tests as there is no new functionality.
3349
3350         * config.h:
3351
3352 2013-01-20  Simon Fraser  <simon.fraser@apple.com>
3353
3354         Avoid filling a rounded rect when radii are zero
3355         https://bugs.webkit.org/show_bug.cgi?id=107402
3356         <rdar://problem/12793315>
3357
3358         Reviewed by Sam Weinig.
3359
3360         It's more efficient to clip and fill rects than rounded rects,
3361         so optimize for the case where rounded rect radii are zero.
3362
3363         * platform/graphics/GraphicsContext.cpp:
3364         (WebCore::GraphicsContext::clipRoundedRect):
3365         (WebCore::GraphicsContext::clipOutRoundedRect):
3366         (WebCore::GraphicsContext::fillRoundedRect):
3367
3368 2013-01-20  Alexey Proskuryakov  <ap@apple.com>
3369
3370         Remove obsolete plug-in sandboxing code.
3371         https://bugs.webkit.org/show_bug.cgi?id=107362
3372
3373         Reviewed by Darin Adler.
3374
3375         * WebCore.xcodeproj/project.pbxproj:
3376         * plugins/npapi-sandbox.h: Removed.
3377
3378 2013-01-20  Peter Rybin  <peter.rybin@gmail.com>
3379
3380         Web Inspector: Make V8 LiveEdit API disabled by default
3381         https://bugs.webkit.org/show_bug.cgi?id=106668
3382
3383         Reviewed by Yury Semikhatsky.
3384
3385         Initialize method is patched accordingly.
3386
3387         * bindings/v8/JavaScriptCallFrame.cpp:
3388         (WebCore::JavaScriptCallFrame::restart): missing enable/disable calls added for restart
3389         * bindings/v8/V8Initializer.cpp:
3390         (WebCore::initializeV8Common): initializer method patched
3391
3392 2013-01-20  Christophe Dumez  <christophe.dumez@intel.com>
3393
3394         [gstreamer]  assertion in g_object_unref from _WebKitWebAudioSourcePrivate destructor
3395         https://bugs.webkit.org/show_bug.cgi?id=107374
3396
3397         Reviewed by Philippe Normand.
3398
3399         WebKitWebAudioSrc object gets unrefed one time too many in
3400         _WebKitWebAudioSourcePrivate destructor, causing an assertion
3401         in g_object_unref. This patch passes NULL instead of
3402         g_object_unref to gst_task_new() so that the WebKitWebAudioSrc
3403         object does not get unrefed when the GstTask is destroyed.
3404
3405         No new tests, already covered by webaudio tests.
3406
3407         * platform/audio/gstreamer/WebKitWebAudioSourceGStreamer.cpp:
3408         (webkit_web_audio_src_init):
3409
3410 2013-01-20  Kentaro Hara  <haraken@chromium.org>
3411
3412         [V8] Create a persistent wrapper for Window.prototype and innerGlobalObject
3413         https://bugs.webkit.org/show_bug.cgi?id=107253
3414
3415         Reviewed by Adam Barth.
3416
3417         This is one of steps to avoid hitting an ASSERT()
3418         that will be added in https://bugs.webkit.org/show_bug.cgi?id=107137 .
3419         We should have a persistent wrapper for all DOM objects
3420         and set a class id on the wrapper.
3421
3422         No tests. No change in behavior.
3423
3424         * bindings/v8/V8DOMWindowShell.cpp:
3425         (WebCore::V8DOMWindowShell::installDOMWindow):
3426
3427 2013-01-19  Philip Rogers  <pdr@google.com>
3428
3429         Refactor SVGSVGElement to inherit from SVGStyledTransformableElement
3430         https://bugs.webkit.org/show_bug.cgi?id=107393
3431
3432         Reviewed by Dirk Schulze.
3433
3434         This patch refactors SVGSVGElement to inherit from SVGStyledTransformableElement instead
3435         of SVGStyledLocatableElement. In a followup patch, SVGStyledTransformableElement will
3436         be refactored into SVGGraphicsElement which will match the spec:
3437         https://svgwg.org/svg2-draft/single-page.html#struct-InterfaceSVGSVGElement
3438
3439         Tests: svg/transforms/svgsvgelement-transform-expected.svg
3440                svg/transforms/svgsvgelement-transform.svg
3441
3442         * svg/SVGSVGElement.cpp:
3443         (WebCore):
3444         (WebCore::SVGSVGElement::SVGSVGElement):
3445         (WebCore::SVGSVGElement::didMoveToNewDocument):
3446         (WebCore::SVGSVGElement::parseAttribute):
3447         (WebCore::SVGSVGElement::insertedInto):
3448         (WebCore::SVGSVGElement::removedFrom):
3449         * svg/SVGSVGElement.h:
3450         (SVGSVGElement):
3451         * svg/SVGSVGElement.idl:
3452
3453 2013-01-19  Philip Rogers  <pdr@google.com>
3454
3455         Merge SVGStylable into SVGStyledElement
3456         https://bugs.webkit.org/show_bug.cgi?id=106877
3457
3458         Reviewed by Dirk Schulze.
3459
3460         SVG2 changes element inheritance so all SVGElements are stylable. As a first-step towards a
3461         cleaner class hierarchy, this patch moves SVGStylable into SVGStyledElement.
3462
3463         No new tests as this is just a refactoring.
3464
3465         * CMakeLists.txt:
3466         * DerivedSources.make:
3467         * GNUmakefile.list.am:
3468         * Target.pri: