73146ee9981187e09e0570e0d44fed46de6d916e
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2011-09-09  James Simonsen  <simonjam@chromium.org>
2
3         [Chromium] Fix leak of Skia stream with custom CSS fonts
4         https://bugs.webkit.org/show_bug.cgi?id=67815
5
6         Reviewed by Adam Barth.
7
8         Test: fast/css/font-face-opentype.html under valgrind
9
10         * platform/graphics/mac/FontCustomPlatformData.cpp:
11         (WebCore::createFontCustomPlatformData):
12         * platform/graphics/skia/FontCustomPlatformData.cpp:
13         (WebCore::createFontCustomPlatformData):
14
15 2011-09-07  Ryosuke Niwa  <rniwa@webkit.org>
16
17         Push more code from HTMLInputElement::setValue to TextFieldInputType::setValue
18         https://bugs.webkit.org/show_bug.cgi?id=67742
19
20         Reviewed by Darin Adler.
21
22         Moved more code in HTMLInputElement::setValue to TextFieldInputType::setValue, and merged
23         InputType::valueChanged into InputType::setValue. Also introduced
24         InputType::dispatchChangeEventInResponseToSetValue to be overridden by TextFieldInputType.
25
26         * html/BaseButtonInputType.cpp:
27         (WebCore::BaseButtonInputType::setValue):
28         * html/BaseButtonInputType.h:
29         * html/BaseCheckableInputType.cpp:
30         (WebCore::BaseCheckableInputType::setValue):
31         * html/BaseCheckableInputType.h:
32         * html/ColorInputType.cpp:
33         * html/ColorInputType.h:
34         * html/FileInputType.cpp:
35         (WebCore::FileInputType::setValue):
36         * html/FileInputType.h:
37         * html/HTMLInputElement.cpp:
38         (WebCore::HTMLInputElement::setValue):
39         * html/HTMLInputElement.h:
40         (WebCore::HTMLInputElement::cacheSelectionInResponseToSetValue):
41         * html/HiddenInputType.cpp:
42         (WebCore::HiddenInputType::setValue):
43         * html/HiddenInputType.h:
44         * html/InputType.cpp:
45         (WebCore::InputType::setValue):
46         (WebCore::InputType::dispatchChangeEventInResponseToSetValue):
47         * html/InputType.h:
48         * html/RangeInputType.cpp:
49         (WebCore::RangeInputType::setValue):
50         * html/RangeInputType.h:
51         * html/TextFieldInputType.cpp:
52         (WebCore::TextFieldInputType::setValue):
53         (WebCore::TextFieldInputType::dispatchChangeEventInResponseToSetValue):
54         * html/TextFieldInputType.h:
55
56 2011-09-08  Annie Sullivan  <sullivan@chromium.org>
57
58         Crashes in WebCore::InsertNodeBeforeCommand constructor.
59         https://bugs.webkit.org/show_bug.cgi?id=67763
60
61         Reviewed by Ryosuke Niwa.
62
63         Changes editableRootForPosition() to use the position's containerNode instead of deprecatedNode so that
64         positions which are before or after a given node cannot return that node as the editable root.
65
66         Test: editing/inserting/insert-paragraph-selection-outside-contenteditable.html
67
68         * editing/htmlediting.cpp:
69         (WebCore::editableRootForPosition): use containerNode instead of deprecatedNode.
70
71 2011-09-08  James Weatherall  <wez@chromium.org>
72
73         Release the reference to the HTMLPlugInElement's script object, when the element is removed from the document.  This breaks a cyclical reference that would otherwise cause the element to be retained until the document is torn down.
74         https://bugs.webkit.org/show_bug.cgi?id=66181
75
76         Reviewed by Anders Carlsson.
77
78         No new tests - no functional change.
79
80         * html/HTMLPlugInElement.cpp:
81         (WebCore::HTMLPlugInElement::removedFromDocument):
82         * html/HTMLPlugInElement.h:
83
84 2011-09-08  Daniel Bates  <dbates@webkit.org>
85
86         XSS filter bypass via non-standard URL encoding
87         https://bugs.webkit.org/show_bug.cgi?id=66588
88
89         Reviewed by Adam Barth.
90
91         Tests: http/tests/security/xssAuditor/script-tag-with-16bit-unicode-surrogate-pair.html
92                http/tests/security/xssAuditor/script-tag-with-16bit-unicode.html
93                http/tests/security/xssAuditor/script-tag-with-16bit-unicode2.html
94                http/tests/security/xssAuditor/script-tag-with-16bit-unicode3.html
95                http/tests/security/xssAuditor/script-tag-with-16bit-unicode4.html
96                http/tests/security/xssAuditor/script-tag-with-16bit-unicode5.html
97                http/tests/security/xssAuditor/script-tag-with-three-times-url-encoded-16bit-unicode.html
98                http/tests/security/xssAuditor/window-open-without-url-should-not-assert.html
99
100         Implement support for decoding non-standard 16-bit Unicode escape sequences of
101         the form %u26C4 as described in <http://www.w3.org/International/iri-edit/draft-duerst-iri.html#anchor29>.
102
103         See also <http://en.wikipedia.org/wiki/Percent-encoding#Non-standard_implementations>.
104
105         * GNUmakefile.list.am: Added DecodeEscapeSequences.h.
106         * WebCore.gypi: Ditto.
107         * WebCore.pro: Ditto.
108         * WebCore.vcproj/WebCore.vcproj: Ditto.
109         * WebCore.xcodeproj/project.pbxproj: Ditto.
110         * html/parser/XSSAuditor.cpp:
111         (WebCore::decode16BitUnicodeEscapeSequences): Added.
112         (WebCore::decodeStandardURLEscapeSequences): Added.
113         (WebCore::fullyDecodeString): Modified to call decode16BitUnicodeEscapeSequences().
114         (WebCore::XSSAuditor::init): Modified to return early when the URL of the document
115         is the empty string. This can happen when opening a new browser window or calling
116         window.open("").
117         * platform/KURL.cpp:
118         (WebCore::decodeURLEscapeSequences): Abstracted code into template-function decodeEscapeSequences().
119         This function just calls decodeEscapeSequences<URLEscapeSequence>().
120         * platform/text/DecodeEscapeSequences.h: Added.
121         (WebCore::Unicode16BitEscapeSequence::findInString):
122         (WebCore::Unicode16BitEscapeSequence::matchStringPrefix):
123         (WebCore::Unicode16BitEscapeSequence::decodeRun):
124         (WebCore::URLEscapeSequence::findInString):
125         (WebCore::URLEscapeSequence::matchStringPrefix):
126         (WebCore::URLEscapeSequence::decodeRun):
127         (WebCore::decodeEscapeSequences):
128
129 2011-09-08  Adam Barth  <abarth@webkit.org>
130
131         DocumentWriter::deprecatedFrameEncoding doesn't need to refert to Settings
132         https://bugs.webkit.org/show_bug.cgi?id=67812
133
134         Reviewed by Eric Seidel.
135
136         The one caller of this function does this work already.
137
138         * loader/DocumentWriter.cpp:
139         (WebCore::DocumentWriter::deprecatedFrameEncoding):
140
141 2011-09-08  Adam Klein  <adamk@chromium.org>
142
143         Always zero-out m_sortedTextBoxesPosition to avoid uninitialized read in TextIterator
144         https://bugs.webkit.org/show_bug.cgi?id=67810
145
146         Reviewed by Tony Chang.
147
148         Reported as a valgrind failure in http://crbug.com/84777.
149
150         No possible change in behavior, so no tests. The unitialized read
151         could never have an impact:
152
153            if (m_sortedTextBoxesPosition + 1 < m_sortedTextBoxes.size()) ...
154
155         Since m_sortedTextBoxes.size() will be zero here if
156         m_sortedTextBoxesPosition is uninitialized, and they're both unsigned,
157         so no possible value of m_sortedTextBoxesPosition could be < 0.
158
159         * editing/TextIterator.cpp:
160         (WebCore::TextIterator::TextIterator):
161
162 2011-09-08  Tony Chang  <tony@chromium.org>
163
164         Cleanup of switch statements with default cases
165         https://bugs.webkit.org/show_bug.cgi?id=67808
166
167         Reviewed by Adam Barth.
168
169         No new tests, just a small refactoring.
170
171         * page/WebKitAnimation.cpp:
172         (WebCore::WebKitAnimation::fillMode):
173         * platform/audio/Distance.cpp:
174         (WebCore::DistanceEffect::gain):
175
176 2011-09-08  Eric Seidel  <eric@webkit.org>
177
178         [BiDi] Add support for the BDI element
179         https://bugs.webkit.org/show_bug.cgi?id=50913
180
181         Reviewed by Ryosuke Niwa.
182
183         This patch is ridiculously trivial now that we have unicode-bidi: isolate support in WebKit.
184
185         Test: css3/bdi-element.html
186
187         * css/html.css:
188         (bdi):
189
190 2011-09-08  David Levin  <levin@chromium.org>
191
192         [chromium] KURL::copy doesn't produce something usable on another thread.
193         https://bugs.webkit.org/show_bug.cgi?id=67809
194
195         Reviewed by Adam Barth.
196
197         No new functionality exposed so no new test. This was caught by testing code: the thread
198         sanitizer run in Chromium (http://code.google.com/p/chromium/issues/detail?id=93708).
199
200         * platform/KURLGoogle.cpp:
201         (WebCore::KURLGooglePrivate::copyTo): Clear out the invalid String so that it will
202         not be used on another thread.
203
204 2011-09-08  Alexey Proskuryakov  <ap@apple.com>
205
206         REGRESSION (r66874): Missing RefPtr in ScriptController
207         https://bugs.webkit.org/show_bug.cgi?id=67748
208
209         Reviewed by Adam Barth.
210
211         * bindings/ScriptControllerBase.cpp: (WebCore::ScriptController::executeScript):
212
213 2011-09-08  Adam Barth  <abarth@webkit.org>
214
215         Second attempt to fix Chromium build.
216
217         * dom/Document.h:
218
219 2011-09-08  Oliver Hunt  <oliver@apple.com>
220
221         Use bump allocator for initial property storage
222         https://bugs.webkit.org/show_bug.cgi?id=67494
223
224         Reviewed by Geoffrey Garen.
225
226         Add a forwarding header.
227
228         * ForwardingHeaders/runtime/StorageBarrier.h: Added.
229
230 2011-09-08  Roland Steiner  <rolandsteiner@chromium.org>
231
232         Unreviewed, rolling out r94809.
233         http://trac.webkit.org/changeset/94809
234         https://bugs.webkit.org/show_bug.cgi?id=67718
235
236         commit _still_ premature, despite CQ eagerness
237
238         * html/HTMLAttributeNames.in:
239         * html/HTMLStyleElement.cpp:
240         * html/HTMLStyleElement.h:
241         * html/HTMLStyleElement.idl:
242
243 2011-09-08  Sam Weinig  <sam@webkit.org>
244
245         Remove the Completion object from JSC, I have never liked it
246         https://bugs.webkit.org/show_bug.cgi?id=67755
247
248         Reviewed by Gavin Barraclough.
249
250         * bindings/js/JSDOMBinding.cpp:
251         (WebCore::reportException):
252         * bindings/js/JSEventListener.cpp:
253         (WebCore::JSEventListener::handleEvent):
254         * bindings/js/JSInjectedScriptManager.cpp:
255         (WebCore::InjectedScriptManager::createInjectedScript):
256         * bindings/js/JSMainThreadExecState.h:
257         (WebCore::JSMainThreadExecState::evaluate):
258         * bindings/js/ScriptController.cpp:
259         (WebCore::ScriptController::evaluateInWorld):
260         * bindings/js/WorkerScriptController.cpp:
261         (WebCore::WorkerScriptController::evaluate):
262         * bindings/objc/WebScriptObject.mm:
263         (-[WebScriptObject evaluateWebScript:]):
264         * bridge/NP_jsobject.cpp:
265         (_NPN_Evaluate):
266         * bridge/jni/jni_jsobject.mm:
267         (JavaJSObject::eval):
268
269 2011-09-08  Adam Barth  <abarth@webkit.org>
270
271         Inline DocumentWriter::encoding() into it's only caller: deprecatedFrameEncoding()
272         https://bugs.webkit.org/show_bug.cgi?id=67807
273
274         Reviewed by Eric Seidel.
275
276         This function is super nutty.  We don't want any more folks to call it
277         thinking that it does something sane.
278
279         * loader/DocumentWriter.cpp:
280         (WebCore::DocumentWriter::deprecatedFrameEncoding):
281         * loader/DocumentWriter.h:
282
283 2011-09-08  Roland Steiner  <rolandsteiner@chromium.org>
284
285         <style scoped>: Add 'scoped' attribute
286         https://bugs.webkit.org/show_bug.cgi?id=67718
287
288         Add 'scoped' attribute to IDL and attribute list,
289         implement and test setting/resetting of the attribute.
290
291         Reviewed by Dimitri Glazkov.
292
293         Test: fast/css/style-scoped/basic-attribute.html
294
295         * html/HTMLAttributeNames.in:
296         * html/HTMLStyleElement.cpp:
297         (WebCore::HTMLStyleElement::scoped):
298         (WebCore::HTMLStyleElement::setScoped):
299         (WebCore::HTMLStyleElement::scopingElement):
300         * html/HTMLStyleElement.h:
301         * html/HTMLStyleElement.idl:
302
303 2011-09-08  Sheriff Bot  <webkit.review.bot@gmail.com>
304
305         Unreviewed, rolling out r94781.
306         http://trac.webkit.org/changeset/94781
307         https://bugs.webkit.org/show_bug.cgi?id=67806
308
309         Broke Objective-C binding on Mac (Requested by rniwa on
310         #webkit).
311
312         * dom/Element.idl:
313         * dom/Node.cpp:
314         (WebCore::Node::contains):
315         * dom/Node.idl:
316         * editing/DeleteSelectionCommand.cpp:
317         (WebCore::DeleteSelectionCommand::mergeParagraphs):
318
319 2011-09-08  Eric Seidel  <eric@webkit.org>
320
321         Remove DocumentWriter::setDecoder as a grep of WebKit shows no callers
322         https://bugs.webkit.org/show_bug.cgi?id=67803
323
324         Reviewed by Adam Barth.
325
326         Smells like dead code.
327
328         * loader/DocumentWriter.cpp:
329         * loader/DocumentWriter.h:
330
331 2011-09-08  Shinya Kawanaka  <shinyak@google.com>
332
333         Crashes in WebCore::ReplaceSelectionCommand::doApply
334         https://bugs.webkit.org/show_bug.cgi?id=67762
335
336         Reviewed by Ryosuke Niwa.
337
338         WebCore::enclosingBlock may return null, but its return value was not checked. This patch checks it.
339
340         Tests: editing/inserting/insert-without-enclosing-block.html
341
342         * editing/ReplaceSelectionCommand.cpp:
343         (WebCore::ReplaceSelectionCommand::doApply): Added null check.
344
345 2011-09-08  Sheriff Bot  <webkit.review.bot@gmail.com>
346
347         Unreviewed, rolling out r94784.
348         http://trac.webkit.org/changeset/94784
349         https://bugs.webkit.org/show_bug.cgi?id=67796
350
351         Commit was premature (Requested by rolandsteiner on #webkit).
352
353         * html/HTMLAttributeNames.in:
354         * html/HTMLStyleElement.cpp:
355         * html/HTMLStyleElement.h:
356         * html/HTMLStyleElement.idl:
357
358 2011-09-08  W. James MacLean  <wjmaclean@chromium.org>
359
360         [chromium] Add backend compositor support for rescaling (zooming) textures during zoom animation.
361         https://bugs.webkit.org/show_bug.cgi?id=66472
362
363         This patch contains plumbing from Internals to WebViewImpl that can be removed
364         at a later time when the zoom animator code is complete.
365
366         Reviewed by James Robinson.
367
368         Test: platform/chromium/compositing/zoom-animator-scale-test.html
369
370         * page/Settings.cpp:
371         (WebCore::Settings::Settings):
372         * page/Settings.h:
373         (WebCore::Settings::setZoomAnimatorScale):
374         (WebCore::Settings::zoomAnimatorScale):
375         * platform/graphics/chromium/LayerRendererChromium.cpp:
376         (WebCore::LayerRendererChromium::LayerRendererChromium):
377         (WebCore::LayerRendererChromium::drawLayersInternal):
378         * platform/graphics/chromium/LayerRendererChromium.h:
379         (WebCore::LayerRendererChromium::setZoomAnimatorScale):
380         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
381         (WebCore::CCLayerTreeHost::CCLayerTreeHost):
382         (WebCore::CCLayerTreeHost::commitTo):
383         (WebCore::CCLayerTreeHost::setZoomAnimatorScale):
384         (WebCore::CCLayerTreeHost::updateLayers):
385         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
386         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
387         (WebCore::CCLayerTreeHostImpl::setZoomAnimatorScale):
388         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
389         * testing/Internals.cpp:
390         (WebCore::Internals::setZoomAnimatorScale):
391         * testing/Internals.h:
392         * testing/Internals.idl:
393
394 2011-09-08  Eric Carlson  <eric.carlson@apple.com>
395
396         HTMLMediaElement is missing initialTime attribute
397         https://bugs.webkit.org/show_bug.cgi?id=67791
398
399         Reviewed by Darin Adler.
400
401         Test: media/media-initialTime.html
402
403         * html/HTMLMediaElement.cpp:
404         (WebCore::HTMLMediaElement::initialTime):
405         * html/HTMLMediaElement.h:
406         * html/HTMLMediaElement.idl:
407         * platform/graphics/MediaPlayer.cpp:
408         (WebCore::MediaPlayer::initialTime):
409         * platform/graphics/MediaPlayer.h:
410         * platform/graphics/MediaPlayerPrivate.h:
411         (WebCore::MediaPlayerPrivateInterface::initialTime):
412
413 2011-09-03  Robert Hogan  <robert@webkit.org>
414
415         Elements with position:absolute don't move to correct position after images load
416         https://bugs.webkit.org/show_bug.cgi?id=54611
417
418         Reviewed by Simon Fraser.
419
420         Test: fast/block/positioning/absolute-layout-after-image-load.html
421
422         In the test the 'label' block is an absolutely positioned child of an inline flow. So during layout, 
423         this RenderBlock::layoutPositionedObjects fails to dirty it for rendering because it requires 
424         the parent to be a BlockFlow. The code to do this was introduced in http://trac.webkit.org/changeset/8284. 
425         There doesn't seem to be a good reason for requiring a BlockFlow, so remove the check. 
426
427         Note: Although the issue is encountered only on first load without a fragment identifier, it 
428         happens reliably when you include the fragment identifier in the url (#Footnote_1). This is so 
429         because scrolling to the fragment always happens before the image has loaded, rendering the page 
430         and clearing the initial dirty bits in the positioned element's renderer. When the image finally 
431         loads in this scenario, the positioned element is otherwise clean and relies on the above code to get 
432         re-rendered.
433
434         Note: This was originally landed in r94755 but positioned-float-layout-after-image-load.html exposed
435               an ASSERT bug, unrelated to this change, and was rolled out. That issue is tracked separately
436               in bug 67759.
437
438         * rendering/RenderBlock.cpp:
439         (WebCore::RenderBlock::layoutPositionedObjects): remove the check for r->parent()->isBlockFlow() when 
440                                                          deciding whether to mark children for layout
441
442 2011-09-08  Roland Steiner  <rolandsteiner@chromium.org>
443
444         <style scoped>: Add 'scoped' attribute
445         https://bugs.webkit.org/show_bug.cgi?id=67718
446
447         Add 'scoped' attribute to IDL and attribute list,
448         implement and test setting/resetting of the attribute.
449
450         Reviewed by Dimitri Glazkov.
451
452         Test: fast/css/style-scoped/basic-attribute.html
453
454         * html/HTMLAttributeNames.in:
455         * html/HTMLStyleElement.cpp:
456         (WebCore::HTMLStyleElement::scoped):
457         (WebCore::HTMLStyleElement::setScoped):
458         (WebCore::HTMLStyleElement::scopingElement):
459         * html/HTMLStyleElement.h:
460         * html/HTMLStyleElement.idl:
461
462 2011-09-08  Erik Arvidsson  <arv@chromium.org>
463
464         Move Element.contains to Node
465         https://bugs.webkit.org/show_bug.cgi?id=67651
466
467         Reviewed by Darin Adler.
468
469         This moves the contains method from Element to Node as in the DOM4 working draft: 
470         http://dvcs.w3.org/hg/domcore/raw-file/tip/Overview.html#dom-node-contains
471
472         This also special cases Document contains to make it O(1) instead of O(depth).
473
474         Tests: fast/dom/Node/contains-method.html
475                perf/document-contains.html
476
477         * dom/Element.idl:
478         * dom/Node.cpp:
479         (WebCore::Node::contains): Added document special case.
480         * dom/Node.idl:
481         * editing/DeleteSelectionCommand.cpp:
482         (WebCore::DeleteSelectionCommand::mergeParagraphs): Added a null check.
483
484 2011-09-08  Chris Rogers  <crogers@google.com>
485
486         Check AudioContext createChannelMerger() for thread safety
487         https://bugs.webkit.org/show_bug.cgi?id=67247
488
489         Reviewed by Kenneth Russell.
490
491         Test: webaudio/audiochannelmerger-stereo.html
492
493         * webaudio/AudioChannelMerger.cpp:
494         (WebCore::AudioChannelMerger::process):
495         (WebCore::AudioChannelMerger::checkNumberOfChannelsForInput):
496         * webaudio/AudioChannelMerger.h:
497
498 2011-09-08  Ned Holbrook  <nholbrook@apple.com>
499
500         Refactor hyphen measurement
501         https://bugs.webkit.org/show_bug.cgi?id=67728
502
503         Reviewed by Darin Adler.
504
505         No new tests, purely refactoring.
506
507         * rendering/RenderBlockLineLayout.cpp:
508         (WebCore::measureHyphenWidth): Added.
509         (WebCore::setLogicalWidthForTextRun): Use measureHyphenWidth().
510         (WebCore::tryHyphenating): Ditto.
511         (WebCore::RenderBlock::LineBreaker::nextLineBreak): Ditto.
512
513 2011-09-08  Julien Chaffraix  <jchaffraix@webkit.org>
514
515         Remove LayoutStateDisabler instances from RenderLayer
516         https://bugs.webkit.org/show_bug.cgi?id=66896
517
518         Reviewed by Simon Fraser.
519
520         As part of r93614, scrollTo does not call updateLayerPositions anymore.
521         This means that we don't need to disable LayoutState from the scrolling code
522         in RenderLayer.
523
524         This change is covered by the existing tests.
525
526         * rendering/RenderLayer.cpp:
527         (WebCore::RenderLayer::updateLayerPositions): Updated the comment
528         that was not accurate anymore. Also explained what is wrong with
529         LayoutState vs RenderLayer now. Note that the ASSERT is still
530         valid and will not trigger as the remaining calls to updateLayerPositions
531         are done *outside* layout() where LayoutState is not set (thus disabled).
532
533         (WebCore::RenderLayer::updateScrollInfoAfterLayout): Removed
534         2 LayoutStateDisabler surrounding scrollToOffset.
535
536 2011-09-08  Julien Chaffraix  <jchaffraix@webkit.org>
537
538         Factor out the code to get the first non-null RenderTableSection in RenderTable
539         https://bugs.webkit.org/show_bug.cgi?id=66972
540
541         Reviewed by Darin Adler.
542
543         Refactoring only, covered by existing tests.
544
545         * accessibility/AccessibilityTable.cpp:
546         (WebCore::AccessibilityTable::addChildren):
547         (WebCore::AccessibilityTable::cellForColumnAndRow):
548         * accessibility/AccessibilityTableCell.cpp:
549         (WebCore::AccessibilityTableCell::rowIndexRange):
550         Updated those for the signature change in sectionBelow. Also added
551         a FIXME where topSection should be used instead of iterating
552         over the section (and likely missing some corner cases).
553
554         * rendering/FixedTableLayout.cpp:
555         (WebCore::FixedTableLayout::calcWidthArray):
556         * rendering/RenderTable.cpp:
557         (WebCore::RenderTable::calcBorderStart):
558         (WebCore::RenderTable::calcBorderEnd):
559         (WebCore::RenderTable::outerBorderBefore):
560         (WebCore::RenderTable::sectionAbove):
561         (WebCore::RenderTable::sectionBelow):
562         (WebCore::RenderTable::firstLineBoxBaseline):
563         Updated all those functions to use the newly added functions. Also changed
564         the variable names to match the functions.
565
566         (WebCore::RenderTable::layout):
567         (WebCore::RenderTable::topNonEmptySection): Newly added function
568         that returns the top non null section of the table that has at least a
569         row.
570
571         (WebCore::RenderTable::cellAbove):
572         (WebCore::RenderTable::cellBelow):
573         Update the signature of those 2 functions to take an enum as it makes the
574         rest of the code more readable.
575
576         * rendering/RenderTable.h:
577         (WebCore::RenderTable::topSection): Newly added function to return
578         the top non null section in the table.
579
580 2011-04-19  Eric Seidel  <eric@webkit.org>
581
582         Reviewed by Ryosuke Niwa.
583
584         [BiDi] [CSS3] MASTER: Add support for the unicode-bidi:isolate CSS property
585         https://bugs.webkit.org/show_bug.cgi?id=50912
586
587         This patch adds support for CSS3 unicode-bidi: isolate property, under the -webkit- vendor prefix.
588         Parsing support was added in a previous patch, this wires up the RenderStyle values
589         to code changes in the BidiResolver.
590
591         The effect of this patch is that it makes it possible to "isolate" runs of text
592         so that their RTL-ness or LTR-ness does not bleed out into the rest of your text
593         and effect layout.  This is important because many unicode characters (like parenthesis, ':', '-', etc.)
594         do not have intrinsic directionality and are affected by whatever characters come before/after.
595         If you have usernames which include RTL text, if you inject those usernames in your page
596         you might end up with nearby characters moving!
597         (like 'RTL USERNAME - my awesome site' as a title, could end up as
598         'my awesome site - USERNAME RTL' when correct would be 'USERNAME RTL - my awesome site'.)
599         This patch makes it possible to wrap sections of text in isolated spans, so that
600         they correctly order all their RTL/LTR contents, but also correctly participate in the
601         larger RTL/LTR ordering without affecting nearby characters.
602
603         Because much of this code is old and rarely touched, I've included extra background
604         information in hopes of expanding my set of potential reviewers:
605
606         WebKit uses the standard "Unicode Bidi Algorithm" henceforth known as the UBA.
607         The UBA is defined at http://unicode.org/reports/tr9/ for those not faint of heart.
608
609         Text layout is done per-block (<div>, <p>, etc), and begins with a string of text
610         (which in our case comes from the rendering tree) and a specified width.
611         First:  Text is measured and wrapped into lines.
612         Second: The UBA is run over the lines of text.
613         Third:  WebKit builds InlineBoxes (its linebox tree) and eventually render the text.
614
615         This patch modifies our UBA to ignore all text content inside "isolated" inlines (treating them as neutral characters)
616         and then adds another step after running the UBA, where we run the UBA recursively on any
617         previously identified "isolated" content.
618
619         The result of the UBA is an ordered list of "runs" of text with the RTL runs
620         correctly RTL and the LTR runs LTR.
621
622         The UBA does three things:
623         1.  It assigns a "class" to each character in a text stream (like neutral, strongly-RTL, strongly-LTR, etc.)
624         2.  Divides the text stream up into "runs" of characters of the same directionality (all RTL, all LTR).
625         3.  Re-orders those runs.
626
627         The UBA in WebKit is implemented by BidiResolver<T> in BidiResolver.h
628
629         The InlineBidiResolver (BidiResolver specialization which knows about the rendering tree)
630         walks along its InlineIterators, looking at each character and running the
631         Unicode Bidi Algorithm (UBA).  It walks through the rendering tree subtree under
632         a block, using a (poorly named) bidiNext function which returns the next inline object.
633         Each inline object (or text character there-in) has a corresponding meaning in the UBA
634         such as a "strong RTL" character or a "neutral" character.  The UBA reads these sequence
635         of characters, and figures out what direction (RTL or LTR) to assign to any neutral
636         characters it encounters, based on surrounding characters.
637
638         As the InlineBidiResolver is walking the rendering tree, the InlineIterator::advance()
639         function calls bidiNext(), which in turn can call notifyObserverEnteredObject/notifyObserverWillExitObject
640         notifying InlineBidiResolver that it is entering or exiting an "isolated"
641         span, at which point it will either start or stop ignoring the stream of characters
642         from the InlineIterator.  When the InlineBidiResolver is ignoring the stream of
643         characters, instead of creating separate BidiRuns at each RTL/LTR boundary
644         as it normally would, it instead creates one "fake" run for the entire
645         isolated span.  These fake runs participate in the normal UBA run ordering process,
646         but after the main UBA, a second pass is made where we examine
647         the list of isolatedRuns() and run the UBA on each of them, replacing the fake
648         run we previously inserted, with the resulting list of runs from that inner UBA run.
649         The way it "ignores" characters is by treating them all as neutral when inside an isolate.
650         Thus all the characters end up grouped in a single run, but their directionality (as a group)
651         is correctly affected by any surrounding strong characters.
652
653         If you understood that last paragraph, than the rest of the change is just plumbing.
654
655         I added a huge number of FIXMEs to this code, because this code has a variety of
656         design choices (or lack there of) which make some of this very difficult.
657
658         For example the bidiNext iterator function has two sets of mutually exclusive
659         parameters and can be used optionally with or without an observer.  Prior to this
660         change there was only ever one object which cared about observing a walk over inlines
661         and that was InlineBidiResolver.  This patch (regretfully) templatizes bidiNext
662         to support a new Observer type.  The correct fix would be to rip bidiNext into
663         multiple functions and rip need for observation out of InlineBidiResolver.
664         Unfortunately I've tried both in separate bugs and failed.  This code is very very
665         old and very poorly understood.  We're slowly moving forward, this is another tiny step.
666
667         This is my fourth iteration of this patch (I'm happy to do more!), but I believe
668         it's a good compromise between fixing all of the design gotcha's of our bidi
669         system and doing the minimum amount to add this killer CSS feature.
670
671         I ran the PLT.  (It averaged 0.2% faster with this change, but I attribute that to noise).
672
673         Test: css3/unicode-bidi-isolate-basic.html and css3/unicode-bidi-isolate-aharon.html
674
675         * platform/text/BidiResolver.h:
676         (WebCore::BidiCharacterRun::setNext):
677          - Needed by the new replaceRunWithRuns function.
678         (WebCore::BidiResolver::BidiResolver):
679         (WebCore::BidiResolver::~BidiResolver):
680         (WebCore::BidiResolver::enterIsolate):
681         (WebCore::BidiResolver::exitIsolate):
682         (WebCore::BidiResolver::inIsolate):
683         (WebCore::BidiResolver::isolatedRuns):
684          - Used to track isolated spans of text as they're encoutered.
685            They're stuffed away here to be processed recursively
686            after the main UBA has done its thang.
687         (WebCore::::appendRun):
688         (WebCore::::embed):
689         (WebCore::::commitExplicitEmbedding):
690         (WebCore::::createBidiRunsForLine):
691         * platform/text/BidiRunList.h:
692         (WebCore::::replaceRunWithRuns):
693          - This effectively takes all the runs from one runlist and adds them to
694            this one, replacing the fake run we inserted during a previous pass of the UBA.
695          - This RunList now owns the runs, so we call clear() on the other RunList
696            so that we don't end up double-freeing the runs.
697         (WebCore::::clear):
698          - This allows us to "take" runs from another run list and then clear it.
699         * rendering/BidiRun.h:
700         (WebCore::BidiRun::object):
701         * rendering/InlineIterator.h:
702         (WebCore::InlineIterator::object):
703         (WebCore::InlineIterator::offset):
704         (WebCore::notifyObserverEnteredObject): Mostly just renaming and adding a FIXME about plaintext.
705         (WebCore::notifyObserverWillExitObject): Mostly just renaming.
706         (WebCore::addPlaceholderRunForIsolatedInline):
707         (WebCore::isIsolatedInline):
708         (WebCore::InlineBidiResolver::appendRun):
709         * rendering/RenderBlockLineLayout.cpp:
710         (WebCore::statusWithDirection):
711         (WebCore::constructBidiRuns):
712          - This is the heavy-lifting of this change.  This function
713            runs the UBA recursively on all the previously identified isolated spans.
714          - If we encounter more isolated spans in our run, we just add them to the
715            main list an keep going.  Because the runs are linked lists and we have
716            direct pointers to our placeholder objects, we don't care what order
717            we process the placeholders in, so long as when we're done, they're all processed.
718         (WebCore::RenderBlock::layoutInlineChildren):
719
720 2011-09-08  Kentaro Hara  <haraken@google.com>
721
722         Implement a ProgressEvent constructor for JSC
723         https://bugs.webkit.org/show_bug.cgi?id=67537
724
725         Reviewed by Sam Weinig.
726
727         The spec for the ProgressEvent constructor is here:
728         http://www.w3.org/TR/progress-events/#interface-progressevent
729
730         Test: fast/events/constructors/progress-event-constructor.html
731
732         * bindings/generic/EventConstructors.h: Added a definition for the ProgressEvent constructor.
733         * bindings/js/JSDictionary.cpp:
734         (WebCore::JSDictionary::convertValue): Converts an ECMA-262 Number into an IDL unsigned long long value. Spec: http://www.w3.org/TR/WebIDL/#es-unsigned-long-long
735         * bindings/js/JSEventConstructors.cpp: Added #includes for ProgressEvent.
736         * dom/ProgressEvent.cpp:
737         (WebCore::ProgressEventInit::ProgressEventInit):
738         (WebCore::ProgressEvent::ProgressEvent):
739         * dom/ProgressEvent.h: Added a definition for ProgressEventInit.
740         (WebCore::ProgressEvent::create):
741         * dom/ProgressEvent.idl: Makes ProgressEvent constructible.
742
743 2011-09-08  Ryosuke Niwa  <rniwa@webkit.org>
744
745         Make bindings tests quiet after r94701.
746
747         * bindings/scripts/test/JS/JSTestInterface.cpp:
748         * bindings/scripts/test/JS/JSTestInterface.h:
749         (WebCore::JSTestInterfacePrototype::JSTestInterfacePrototype):
750         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
751         * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
752         (WebCore::JSTestMediaQueryListListenerPrototype::JSTestMediaQueryListListenerPrototype):
753         * bindings/scripts/test/JS/JSTestObj.cpp:
754         * bindings/scripts/test/JS/JSTestObj.h:
755         (WebCore::JSTestObjPrototype::JSTestObjPrototype):
756         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
757         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
758         (WebCore::JSTestSerializedScriptValueInterfacePrototype::JSTestSerializedScriptValueInterfacePrototype):
759
760 2011-09-07  Pavel Podivilov  <podivilov@chromium.org>
761
762         Web Inspector: get rid of RawSourceCode.createSourceMappingIfNeeded.
763         https://bugs.webkit.org/show_bug.cgi?id=67717
764
765         Listen to SourceMappingUpdated event instead of using createSourceMappingIfNeeded.
766
767         Reviewed by Yury Semikhatsky.
768
769         * inspector/front-end/DebuggerPresentationModel.js:
770         (WebInspector.DebuggerPresentationModel):
771         (WebInspector.DebuggerPresentationModel.prototype.linkifyLocation.updateAnchor):
772         (WebInspector.DebuggerPresentationModel.prototype.linkifyLocation):
773         (WebInspector.DebuggerPresentationModel.prototype._updateSourceMapping):
774         (WebInspector.DebuggerPresentationModel.prototype._restoreBreakpoints):
775         (WebInspector.DebuggerPresentationModel.prototype._restoreConsoleMessages):
776         (WebInspector.DebuggerPresentationModel.prototype.setFormatSource):
777         (WebInspector.DebuggerPresentationModel.prototype._consoleMessageAdded):
778         (WebInspector.DebuggerPresentationModel.prototype._createPresentationMessage):
779         (WebInspector.DebuggerPresentationModel.prototype._consoleCleared):
780         (WebInspector.DebuggerPresentationModel.prototype.continueToLine):
781         (WebInspector.DebuggerPresentationModel.prototype.messagesForUISourceCode):
782         (WebInspector.DebuggerPresentationModel.prototype._debuggerReset):
783         (WebInspector.PresentationCallFrame.prototype.sourceLine.sourceMappingUpdated):
784         (WebInspector.PresentationCallFrame.prototype.sourceLine):
785         * inspector/front-end/SourceFile.js:
786
787 2011-09-06  Pavel Podivilov  <podivilov@chromium.org>
788
789         Web Inspector: do not re-create RawSourceCode when toggling pretty-print mode.
790         https://bugs.webkit.org/show_bug.cgi?id=67647
791
792         1) Implement RawSourceCode.setFormatted that allows toggling pretty-print mode on the fly without resetting everything.
793         2) Add RawSourceCode unit tests.
794         3) Remove source mapping listeners and console messages from presentation model (they live in RawSourceCode now).
795
796         Reviewed by Yury Semikhatsky.
797
798         Test: inspector/debugger/raw-source-code.html
799
800         * inspector/front-end/DebuggerPresentationModel.js:
801         (WebInspector.DebuggerPresentationModel):
802         (WebInspector.DebuggerPresentationModel.prototype.linkifyLocation):
803         (WebInspector.DebuggerPresentationModel.prototype._addScript):
804         (WebInspector.DebuggerPresentationModel.prototype._sourceMappingUpdated):
805         (WebInspector.DebuggerPresentationModel.prototype.setFormatSource):
806         (WebInspector.DebuggerPresentationModel.prototype._createRawSourceCodeId):
807         (WebInspector.DebuggerPresentationModel.prototype._debuggerReset):
808         * inspector/front-end/ScriptsPanel.js:
809         (WebInspector.ScriptsPanel.prototype._toggleFormatSource):
810         * inspector/front-end/SourceFile.js:
811         (WebInspector.RawSourceCode):
812         (WebInspector.RawSourceCode.prototype.get uiSourceCode):
813         (WebInspector.RawSourceCode.prototype.setFormatted):
814         (WebInspector.RawSourceCode.prototype.rawLocationToUILocation):
815         (WebInspector.RawSourceCode.prototype._saveSourceMapping):
816
817 2011-09-08  Alexander Pavlov  <apavlov@chromium.org>
818
819         Web Inspector: [REGRESSION] Clear console shortcut Ctrl + L broken
820         https://bugs.webkit.org/show_bug.cgi?id=67711
821
822         Reviewed by Yury Semikhatsky.
823
824         * inspector/front-end/ConsoleView.js:
825         (WebInspector.ConsoleView.prototype._consoleCleared):
826         (WebInspector.ConsoleView.prototype._registerShortcuts):
827         (WebInspector.ConsoleView.prototype._promptKeyDown):
828
829 2011-09-08  Andras Becsi  <andras.becsi@nokia.com>
830
831         [Qt] Build fails with strict compiler
832         https://bugs.webkit.org/show_bug.cgi?id=67778
833
834         Reviewed by Csaba Osztrogonác.
835
836         No new tests needed.
837
838         * platform/graphics/TiledBackingStore.cpp:
839         (WebCore::TiledBackingStore::resizeEdgeTiles): Remove unused contentsRect variable
840         which's usage was removed in r94681 to fix the build with [-Werror=unused-but-set-variable].
841
842 2011-09-08  Sheriff Bot  <webkit.review.bot@gmail.com>
843
844         Unreviewed, rolling out r94695.
845         http://trac.webkit.org/changeset/94695
846         https://bugs.webkit.org/show_bug.cgi?id=67776
847
848         Hitting an assertion on Snow Leopard, Qt, GTK (Requested by
849         Zoltan on #webkit).
850
851         * rendering/RenderBlock.cpp:
852         (WebCore::RenderBlock::positionedFloatsNeedRelayout):
853         (WebCore::RenderBlock::layoutPositionedObjects):
854
855 2011-09-08  Alexander Pavlov  <apavlov@chromium.org>
856
857         Unreviewed, strip trailing whitespace in the Web Inspector frontend (*.js and *.css).
858
859         * inspector/front-end/ApplicationCacheItemsView.js:
860         * inspector/front-end/AuditResultView.js:
861         * inspector/front-end/BinarySearch.js:
862         * inspector/front-end/CSSStyleModel.js:
863         * inspector/front-end/ConsoleMessage.js:
864         * inspector/front-end/ConsoleModel.js:
865         * inspector/front-end/ConsoleView.js:
866         * inspector/front-end/CookieItemsView.js:
867         * inspector/front-end/CookieParser.js:
868         * inspector/front-end/DOMAgent.js:
869         * inspector/front-end/DOMStorage.js:
870         * inspector/front-end/DOMStorageItemsView.js:
871         * inspector/front-end/DataGrid.js:
872         * inspector/front-end/Database.js:
873         * inspector/front-end/DatabaseQueryView.js:
874         * inspector/front-end/DetailedHeapshotGridNodes.js:
875         * inspector/front-end/DetailedHeapshotView.js:
876         * inspector/front-end/ElementsTreeOutline.js:
877         * inspector/front-end/EmptyView.js:
878         * inspector/front-end/EventListenersSidebarPane.js:
879         * inspector/front-end/ExtensionCommon.js:
880         * inspector/front-end/GoToLineDialog.js:
881         * inspector/front-end/HeapSnapshot.js:
882         * inspector/front-end/HeapSnapshotProxy.js:
883         * inspector/front-end/HeapSnapshotWorkerDispatcher.js:
884         * inspector/front-end/ImageView.js:
885         * inspector/front-end/InjectedFakeWorker.js:
886         * inspector/front-end/InspectorFrontendHostStub.js:
887         * inspector/front-end/MetricsSidebarPane.js:
888         * inspector/front-end/NetworkManager.js:
889         * inspector/front-end/NetworkPanel.js:
890         * inspector/front-end/ObjectPropertiesSection.js:
891         * inspector/front-end/PartialQuickSort.js:
892         * inspector/front-end/ProfileView.js:
893         * inspector/front-end/ProfilesPanel.js:
894         * inspector/front-end/RemoteObject.js:
895         * inspector/front-end/Resource.js:
896         * inspector/front-end/ResourceCategory.js:
897         * inspector/front-end/ResourceHTMLView.js:
898         * inspector/front-end/ResourceHeadersView.js:
899         * inspector/front-end/ResourceJSONView.js:
900         * inspector/front-end/ResourceTimingView.js:
901         * inspector/front-end/ResourceTreeModel.js:
902         * inspector/front-end/ResourceView.js:
903         * inspector/front-end/ResourcesPanel.js:
904         * inspector/front-end/SearchController.js:
905         * inspector/front-end/SettingsScreen.js:
906         * inspector/front-end/ShortcutsScreen.js:
907         * inspector/front-end/SourceCSSTokenizer.js:
908         * inspector/front-end/SourceHTMLTokenizer.js:
909         * inspector/front-end/SourceJavaScriptTokenizer.js:
910         * inspector/front-end/StatusBarButton.js:
911         * inspector/front-end/TextEditorModel.js:
912         * inspector/front-end/TimelineGrid.js:
913         * inspector/front-end/View.js:
914         * inspector/front-end/heapProfiler.css:
915         * inspector/front-end/inspector.css:
916         * inspector/front-end/inspector.js:
917         * inspector/front-end/inspectorSyntaxHighlight.css:
918         * inspector/front-end/networkPanel.css:
919         * inspector/front-end/treeoutline.js:
920         * inspector/front-end/utilities.js:
921
922 2011-09-07  Andrey Kosyakov  <caseq@chromium.org>
923
924         Web Inspector: trying to scroll mouse wheel when in TextViewer's gutter pane causes EventException::DISPATCH_REQUEST_ERR
925         https://bugs.webkit.org/show_bug.cgi?id=67715
926
927         Reviewed by Yury Semikhatsky.
928
929         - avoid exception on attempt to dispatch an event that is being dispatched by cloning the event.
930
931         * inspector/front-end/TextViewer.js:
932         (WebInspector.TextViewer.forwardWheelEvent):
933         (WebInspector.TextViewer):
934
935 2011-09-07  Sheriff Bot  <webkit.review.bot@gmail.com>
936
937         Unreviewed, rolling out r94674 and r94689.
938         http://trac.webkit.org/changeset/94674
939         http://trac.webkit.org/changeset/94689
940         https://bugs.webkit.org/show_bug.cgi?id=67754
941
942         Broke inspector/debugger/script-formatter.html (Requested by
943         rniwa on #webkit).
944
945         * inspector/front-end/DebuggerPresentationModel.js:
946         (WebInspector.DebuggerPresentationModel):
947         (WebInspector.DebuggerPresentationModel.prototype.addSourceMappingListener):
948         (WebInspector.DebuggerPresentationModel.prototype.removeSourceMappingListener):
949         (WebInspector.DebuggerPresentationModel.prototype.linkifyLocation):
950         (WebInspector.DebuggerPresentationModel.prototype._addScript):
951         (WebInspector.DebuggerPresentationModel.prototype._sourceMappingUpdated):
952         (WebInspector.DebuggerPresentationModel.prototype._restoreBreakpoints):
953         (WebInspector.DebuggerPresentationModel.prototype.setFormatSource):
954         (WebInspector.DebuggerPresentationModel.prototype._createRawSourceCodeId):
955         (WebInspector.DebuggerPresentationModel.prototype._debuggerReset):
956         * inspector/front-end/ScriptsPanel.js:
957         (WebInspector.ScriptsPanel.prototype._toggleFormatSource):
958         * inspector/front-end/SourceFile.js:
959         (WebInspector.RawSourceCode):
960         (WebInspector.RawSourceCode.prototype.get uiSourceCode):
961         (WebInspector.RawSourceCode.prototype.get rawSourceCode):
962         (WebInspector.RawSourceCode.prototype.rawLocationToUILocation):
963         (WebInspector.RawSourceCode.prototype.requestContent):
964         (WebInspector.RawSourceCode.prototype._saveSourceMapping):
965
966 2011-09-07  Julien Chaffraix  <jchaffraix@webkit.org>
967
968         offsetFromRoot optimization is disabled after r93837
969         https://bugs.webkit.org/show_bug.cgi?id=67677
970
971         Reviewed by Simon Fraser.
972
973         Unfortunately not covered by any test as it does not change updateLayerPosition complexity (it is still O(n^2)
974         because of clippedOverflowRectForRepaint). However it is a noticeable slowdown on some use cases but we don't
975         have a good test harness to cover such slowdown.
976
977         * rendering/RenderLayer.cpp:
978         (WebCore::RenderLayer::updateLayerPositions): Pass offsetFromRoot as not doing so means that we miss
979         the optimization altogether.
980
981         (WebCore::RenderLayer::computeRepaintRects):
982         (WebCore::RenderLayer::updateLayerPositionsAfterScroll):
983         * rendering/RenderLayer.h:
984         Renamed |cachedOffset| to |offsetFromRoot| to be consistent with our latest renaming.
985
986 2011-09-07  Ryosuke Niwa  <rniwa@webkit.org>
987
988         Windows build fix after r94737.
989
990         * rendering/RenderBlock.cpp:
991         (WebCore::RenderBlock::adjustRectForColumns):
992
993 2011-09-07  Dan Bernstein  <mitz@apple.com>
994
995         Removed hyphenation function implementations for an usupported build configuration.
996
997         Reviewed by Sam Weinig.
998
999         * platform/text/cf/HyphenationCF.cpp:
1000
1001 2011-09-07  David Hyatt  <hyatt@apple.com>
1002
1003         https://bugs.webkit.org/show_bug.cgi?id=67739
1004
1005         adjustRectForColumns is O(# of columns) when it can be O(1). Fix the slow performance of this
1006         function by removing the loop and just computing the start and end column for a repaint rect
1007         and uniting everything in between.
1008
1009         Reviewed by Dan Bernstein.
1010
1011         * rendering/RenderBlock.cpp:
1012         (WebCore::RenderBlock::adjustRectForColumns):
1013
1014 2011-09-07  Sheriff Bot  <webkit.review.bot@gmail.com>
1015
1016         Unreviewed, rolling out r94714 and r94723.
1017         http://trac.webkit.org/changeset/94714
1018         http://trac.webkit.org/changeset/94723
1019         https://bugs.webkit.org/show_bug.cgi?id=67746
1020
1021         breaks gtk-linux tests with assertion failure (Requested by
1022         thorton on #webkit).
1023
1024         * platform/graphics/GraphicsContext.cpp:
1025         (WebCore::GraphicsContext::GraphicsContext):
1026         (WebCore::GraphicsContext::~GraphicsContext):
1027         * platform/graphics/GraphicsContext.h:
1028         (WebCore::GraphicsContext::inTransparencyLayer):
1029         * platform/graphics/cairo/GraphicsContextCairo.cpp:
1030         (WebCore::GraphicsContext::beginTransparencyLayer):
1031         (WebCore::GraphicsContext::endTransparencyLayer):
1032         * platform/graphics/cairo/GraphicsContextPlatformPrivateCairo.h:
1033         (WebCore::GraphicsContextPlatformPrivate::beginTransparencyLayer):
1034         (WebCore::GraphicsContextPlatformPrivate::endTransparencyLayer):
1035         * platform/graphics/cg/GraphicsContextCG.cpp:
1036         (WebCore::GraphicsContext::beginTransparencyLayer):
1037         (WebCore::GraphicsContext::endTransparencyLayer):
1038         * platform/graphics/cg/GraphicsContextPlatformPrivateCG.h:
1039         (WebCore::GraphicsContextPlatformPrivate::GraphicsContextPlatformPrivate):
1040         (WebCore::GraphicsContextPlatformPrivate::~GraphicsContextPlatformPrivate):
1041         (WebCore::GraphicsContextPlatformPrivate::beginTransparencyLayer):
1042         (WebCore::GraphicsContextPlatformPrivate::endTransparencyLayer):
1043         * platform/graphics/haiku/GraphicsContextHaiku.cpp:
1044         (WebCore::GraphicsContext::beginTransparencyLayer):
1045         (WebCore::GraphicsContext::endTransparencyLayer):
1046         * platform/graphics/mac/FontMac.mm:
1047         (WebCore::Font::drawGlyphs):
1048         * platform/graphics/openvg/GraphicsContextOpenVG.cpp:
1049         (WebCore::GraphicsContext::beginTransparencyLayer):
1050         (WebCore::GraphicsContext::endTransparencyLayer):
1051         * platform/graphics/qt/GraphicsContextQt.cpp:
1052         (WebCore::GraphicsContext::inTransparencyLayer):
1053         (WebCore::GraphicsContext::beginTransparencyLayer):
1054         (WebCore::GraphicsContext::endTransparencyLayer):
1055         * platform/graphics/skia/GraphicsContextSkia.cpp:
1056         (WebCore::GraphicsContext::beginTransparencyLayer):
1057         (WebCore::GraphicsContext::endTransparencyLayer):
1058         * platform/graphics/win/FontCGWin.cpp:
1059         (WebCore::drawGDIGlyphs):
1060         * platform/graphics/win/GraphicsContextCGWin.cpp:
1061         (WebCore::GraphicsContext::releaseWindowsContext):
1062         * platform/graphics/win/GraphicsContextCairoWin.cpp:
1063         (WebCore::GraphicsContext::releaseWindowsContext):
1064         * platform/graphics/win/GraphicsContextWin.cpp:
1065         (WebCore::GraphicsContext::inTransparencyLayer):
1066         (WebCore::GraphicsContext::getWindowsContext):
1067         * platform/graphics/wince/GraphicsContextWinCE.cpp:
1068         (WebCore::GraphicsContext::beginTransparencyLayer):
1069         (WebCore::GraphicsContext::endTransparencyLayer):
1070         * platform/graphics/wx/GraphicsContextWx.cpp:
1071         (WebCore::GraphicsContext::beginTransparencyLayer):
1072         (WebCore::GraphicsContext::endTransparencyLayer):
1073         * platform/win/ScrollbarThemeWin.cpp:
1074         (WebCore::ScrollbarThemeWin::paintTrackPiece):
1075         (WebCore::ScrollbarThemeWin::paintButton):
1076         (WebCore::ScrollbarThemeWin::paintThumb):
1077         * plugins/win/PluginViewWin.cpp:
1078         (WebCore::PluginView::paint):
1079         * rendering/RenderThemeWin.cpp:
1080         (WebCore::drawControl):
1081
1082 2011-09-07  Chris Fleizach  <cfleizach@apple.com>
1083
1084         Changes to aria-hidden don't change VO navigation
1085         https://bugs.webkit.org/show_bug.cgi?id=67722
1086
1087         Reviewed by Darin Adler.
1088
1089         When altering aria-hidden, WebCore needs to update the children caches of 
1090         affected elements. However, for elements that were children, but ignored, their
1091         caches did not get updated, and stale information would be propagated.
1092
1093         The fix is to always clearChildren() when a parent is asking for children. This 
1094         ensures information is always up to date when the parent itself is asking for new data.
1095
1096         Test: accessibility/aria-hidden-updates-alldescendants.html
1097
1098         * accessibility/AccessibilityObject.h:
1099         * accessibility/AccessibilityRenderObject.cpp:
1100         (WebCore::AccessibilityRenderObject::ariaIsHidden):
1101         (WebCore::AccessibilityRenderObject::childrenChanged):
1102         (WebCore::AccessibilityRenderObject::addChildren):
1103
1104 2011-09-07  Tim Horton  <timothy_horton@apple.com>
1105
1106         Text rendered with a simple (i.e. 0px blur) shadow inside a transparency layer has a double shadow
1107         https://bugs.webkit.org/show_bug.cgi?id=67543
1108         <rdar://problem/10070536>
1109
1110         Reviewed by Simon Fraser.
1111
1112         Generalize (begin|end)TransparencyLayer, which now forward
1113         through to (begin|end)PlatformTransparencyLayer, so that
1114         isInTransparencyLayer can exist on every platform.
1115
1116         Make use of isInTransparencyLayer in FontMac to disable
1117         "simple" shadow drawing when the text is being rendered
1118         into a transparency layer.
1119
1120         Test: svg/custom/simple-text-double-shadow.svg
1121
1122         * platform/graphics/GraphicsContext.cpp:
1123         (WebCore::GraphicsContext::GraphicsContext):
1124         (WebCore::GraphicsContext::~GraphicsContext):
1125         (WebCore::GraphicsContext::beginTransparencyLayer):
1126         (WebCore::GraphicsContext::endTransparencyLayer):
1127         (WebCore::GraphicsContext::isInTransparencyLayer):
1128         * platform/graphics/GraphicsContext.h:
1129         * platform/graphics/cairo/GraphicsContextCairo.cpp:
1130         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
1131         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
1132         (WebCore::GraphicsContext::supportsTransparencyLayers):
1133         * platform/graphics/cairo/GraphicsContextPlatformPrivateCairo.h:
1134         * platform/graphics/cg/GraphicsContextCG.cpp:
1135         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
1136         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
1137         (WebCore::GraphicsContext::supportsTransparencyLayers):
1138         * platform/graphics/cg/GraphicsContextPlatformPrivateCG.h:
1139         (WebCore::GraphicsContextPlatformPrivate::GraphicsContextPlatformPrivate):
1140         * platform/graphics/haiku/GraphicsContextHaiku.cpp:
1141         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
1142         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
1143         (WebCore::GraphicsContext::supportsTransparencyLayers):
1144         * platform/graphics/mac/FontMac.mm:
1145         (WebCore::Font::drawGlyphs):
1146         * platform/graphics/openvg/GraphicsContextOpenVG.cpp:
1147         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
1148         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
1149         (WebCore::GraphicsContext::supportsTransparencyLayers):
1150         * platform/graphics/qt/GraphicsContextQt.cpp:
1151         (WebCore::GraphicsContext::isInTransparencyLayer):
1152         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
1153         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
1154         (WebCore::GraphicsContext::supportsTransparencyLayers):
1155         * platform/graphics/skia/GraphicsContextSkia.cpp:
1156         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
1157         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
1158         (WebCore::GraphicsContext::supportsTransparencyLayers):
1159         * platform/graphics/win/FontCGWin.cpp:
1160         (WebCore::drawGDIGlyphs):
1161         * platform/graphics/win/GraphicsContextCGWin.cpp:
1162         (WebCore::GraphicsContext::releaseWindowsContext):
1163         * platform/graphics/win/GraphicsContextCairoWin.cpp:
1164         (WebCore::GraphicsContext::releaseWindowsContext):
1165         * platform/graphics/win/GraphicsContextWin.cpp:
1166         (WebCore::GraphicsContext::getWindowsContext):
1167         * platform/graphics/wince/GraphicsContextWinCE.cpp:
1168         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
1169         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
1170         (WebCore::GraphicsContext::supportsTransparencyLayers):
1171         * platform/graphics/wx/GraphicsContextWx.cpp:
1172         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
1173         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
1174         (WebCore::GraphicsContext::supportsTransparencyLayers):
1175         * platform/win/ScrollbarThemeWin.cpp:
1176         * plugins/win/PluginViewWin.cpp:
1177         * rendering/RenderThemeWin.cpp:
1178
1179 2011-09-07  Dan Bernstein  <mitz@apple.com>
1180
1181         <rdar://problem/8881922> Support the hyphenate-limit-lines property
1182         https://bugs.webkit.org/show_bug.cgi?id=67730
1183
1184         Reviewed by Dave Hyatt.
1185
1186         Tests: fast/css/parsing-hyphenate-limit-lines.html
1187                fast/text/hyphenate-limit-lines.html
1188
1189         * css/CSSComputedStyleDeclaration.cpp:
1190         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue): Added hyphenate-limit-lines.
1191         * css/CSSParser.cpp:
1192         (WebCore::CSSParser::parseValue): Ditto. Valid values are non-negative integers and the keyword
1193         "no-limit".
1194         * css/CSSPropertyNames.in: Added -webkit-hyphenate-limit-lines.
1195         * css/CSSStyleSelector.cpp:
1196         (WebCore::CSSStyleSelector::applyProperty): Added hyphenate-limit-lines.
1197         * css/CSSValueKeywords.in: Added the "no-limit" value keyword.
1198         * rendering/RenderBlock.h:
1199         * rendering/RenderBlockLineLayout.cpp:
1200         (WebCore::RenderBlock::layoutRunsAndFloats): Count the number of consecutive hyphenated lines
1201         before the start line and pass it to layoutRunsAndFloatsInRange().
1202         (WebCore::RenderBlock::layoutRunsAndFloatsInRange): Keep track of the number of consecutive
1203         hyphenated lines before the current line and pass it to LineBreaker::nextLineBreak().
1204         (WebCore::tryHyphenating): Added parameters for the number of consecutive hyphenated lines before
1205         the current line and the limit on consecutive hyphenated lines, and an early return if the limit
1206         has been reached.
1207         (WebCore::RenderBlock::LineBreaker::nextLineBreak): Added a parameter for the number of consecutive
1208         hyphenated lines before the current line, which is passed through to tryHyphenating, along with
1209         the value of hyphenate-limit-lines.
1210         * rendering/RootInlineBox.cpp:
1211         (WebCore::RootInlineBox::isHyphenated): Added. Returns true if the line was hyphenated.
1212         * rendering/RootInlineBox.h:
1213         * rendering/style/RenderStyle.h:
1214         (WebCore::InheritedFlags::hyphenationLimitLines): Added this getter.
1215         (WebCore::InheritedFlags::setHyphenationLimitLines): Added this setter.
1216         (WebCore::InheritedFlags::initialHyphenationLimitLines): Added. The initial value is -1,
1217         corresponding to "no-limit".
1218         * rendering/style/StyleRareInheritedData.cpp:
1219         (WebCore::StyleRareInheritedData::StyleRareInheritedData): Initialize new member variable.
1220         (WebCore::StyleRareInheritedData::operator==): Compare new member variable.
1221         * rendering/style/StyleRareInheritedData.h:
1222
1223 2011-09-02  Ojan Vafai  <ojan@chromium.org>
1224
1225         split overrideSize into overrideHeight and overrideWidth
1226         https://bugs.webkit.org/show_bug.cgi?id=67550
1227
1228         Reviewed by Sam Weinig.
1229
1230         All uses of overrideSize only set one of the width or the height.
1231         This change removes a bool from RenderObject and removes some
1232         flexbox specific logic from RenderBox.
1233
1234         The only downside is that we have two global maps where we used
1235         to have one.
1236
1237         No functional changes so existing tests are sufficient.
1238
1239         * rendering/RenderBox.cpp:
1240         (WebCore::RenderBox::hasOverrideHeight):
1241         (WebCore::RenderBox::hasOverrideWidth):
1242         (WebCore::RenderBox::setOverrideHeight):
1243         (WebCore::RenderBox::setOverrideWidth):
1244         (WebCore::RenderBox::clearOverrideSize):
1245         (WebCore::RenderBox::overrideWidth):
1246         (WebCore::RenderBox::overrideHeight):
1247         (WebCore::RenderBox::computeLogicalWidth):
1248         (WebCore::RenderBox::computeLogicalHeight):
1249         (WebCore::RenderBox::computePercentageLogicalHeight):
1250         * rendering/RenderBox.h:
1251         * rendering/RenderDeprecatedFlexibleBox.cpp:
1252         (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
1253         (WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox):
1254         (WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):
1255         * rendering/RenderFlexibleBox.cpp:
1256         (WebCore::RenderFlexibleBox::layoutAndPlaceChildrenHorizontal):
1257         * rendering/RenderObject.cpp:
1258         (WebCore::RenderObject::RenderObject):
1259         * rendering/RenderObject.h:
1260         * rendering/RenderTableCell.cpp:
1261         (WebCore::RenderTableCell::setOverrideHeightFromRowHeight):
1262         * rendering/RenderTableCell.h:
1263         * rendering/RenderTableSection.cpp:
1264         (WebCore::RenderTableSection::calcRowLogicalHeight):
1265         (WebCore::RenderTableSection::layoutRows):
1266
1267 2011-09-07  Alexei Svitkine  <asvitkine@chromium.org>
1268
1269         Add test infrastructure to test rubber-banding overhang drawing along with layout tests for existing Chromium Mac overhang drawing in the non-gpu path.
1270         https://bugs.webkit.org/show_bug.cgi?id=67511
1271
1272         Reviewed by Dimitri Glazkov.
1273
1274         Tests: platform/chromium-mac/rubberbanding/overhang-e.html
1275                platform/chromium-mac/rubberbanding/overhang-n.html
1276                platform/chromium-mac/rubberbanding/overhang-ne.html
1277                platform/chromium-mac/rubberbanding/overhang-nw.html
1278                platform/chromium-mac/rubberbanding/overhang-s.html
1279                platform/chromium-mac/rubberbanding/overhang-se.html
1280                platform/chromium-mac/rubberbanding/overhang-sw.html
1281                platform/chromium-mac/rubberbanding/overhang-w.html
1282
1283         * WebCore.exp.in:
1284         * platform/ScrollableArea.h:
1285         * testing/Internals.cpp:
1286         (WebCore::Internals::setScrollViewPosition):
1287         * testing/Internals.h:
1288         * testing/Internals.idl:
1289
1290 2011-09-07  David Reveman  <reveman@chromium.org>
1291
1292         [Chromium] Render surface anti-aliasing.
1293         https://bugs.webkit.org/show_bug.cgi?id=66437
1294
1295         Reviewed by James Robinson.
1296
1297         Add CCLayerQuad class and CCLayerQuad::Edge subclass to allow
1298         edge computations to be shared between tiled layers and render
1299         surfaces. Move isCCW utility function to FloatQuad class and
1300         add to2dTransform method to TransformationMatrix class. Add
1301         necessary anti-aliasing shaders for render surfaces and use them
1302         to avoid aliased edges.
1303
1304         Tests: compositing/reflections/nested-reflection-transformed.html (existing)
1305
1306         * WebCore.gypi:
1307         * platform/graphics/FloatQuad.cpp:
1308         (WebCore::FloatQuad::isCounterclockwise):
1309         * platform/graphics/FloatQuad.h:
1310         * platform/graphics/chromium/LayerChromium.cpp:
1311         (WebCore::LayerChromium::drawTexturedQuad):
1312         * platform/graphics/chromium/LayerChromium.h:
1313         * platform/graphics/chromium/LayerRendererChromium.cpp:
1314         (WebCore::LayerRendererChromium::LayerRendererChromium):
1315         (WebCore::LayerRendererChromium::headsUpDisplayProgram):
1316         (WebCore::LayerRendererChromium::renderSurfaceProgram):
1317         (WebCore::LayerRendererChromium::renderSurfaceProgramAA):
1318         (WebCore::LayerRendererChromium::renderSurfaceMaskProgram):
1319         (WebCore::LayerRendererChromium::renderSurfaceMaskProgramAA):
1320         (WebCore::LayerRendererChromium::tilerProgramSwizzle):
1321         (WebCore::LayerRendererChromium::canvasLayerProgram):
1322         (WebCore::LayerRendererChromium::pluginLayerProgram):
1323         (WebCore::LayerRendererChromium::videoLayerRGBAProgram):
1324         (WebCore::LayerRendererChromium::videoLayerYUVProgram):
1325         (WebCore::LayerRendererChromium::cleanupSharedObjects):
1326         * platform/graphics/chromium/LayerRendererChromium.h:
1327         (WebCore::LayerRendererChromium::sharedGeometryQuad):
1328         * platform/graphics/chromium/ShaderChromium.cpp:
1329         (WebCore::VertexShaderQuad::VertexShaderQuad):
1330         (WebCore::VertexShaderQuad::init):
1331         (WebCore::VertexShaderQuad::getShaderString):
1332         (WebCore::FragmentShaderRGBATexAlphaAA::FragmentShaderRGBATexAlphaAA):
1333         (WebCore::FragmentShaderRGBATexAlphaAA::init):
1334         (WebCore::FragmentShaderRGBATexAlphaAA::getShaderString):
1335         (WebCore::FragmentTexClampAlphaAABinding::FragmentTexClampAlphaAABinding):
1336         (WebCore::FragmentTexClampAlphaAABinding::init):
1337         (WebCore::FragmentShaderRGBATexClampAlphaAA::getShaderString):
1338         (WebCore::FragmentShaderRGBATexClampSwizzleAlphaAA::getShaderString):
1339         (WebCore::FragmentShaderRGBATexAlphaMaskAA::FragmentShaderRGBATexAlphaMaskAA):
1340         (WebCore::FragmentShaderRGBATexAlphaMaskAA::init):
1341         (WebCore::FragmentShaderRGBATexAlphaMaskAA::getShaderString):
1342         * platform/graphics/chromium/ShaderChromium.h:
1343         (WebCore::VertexShaderQuad::matrixLocation):
1344         (WebCore::VertexShaderQuad::pointLocation):
1345         (WebCore::FragmentShaderRGBATexAlphaAA::alphaLocation):
1346         (WebCore::FragmentShaderRGBATexAlphaAA::samplerLocation):
1347         (WebCore::FragmentShaderRGBATexAlphaAA::edgeLocation):
1348         (WebCore::FragmentShaderRGBATexAlphaMaskAA::alphaLocation):
1349         (WebCore::FragmentShaderRGBATexAlphaMaskAA::samplerLocation):
1350         (WebCore::FragmentShaderRGBATexAlphaMaskAA::maskSamplerLocation):
1351         (WebCore::FragmentShaderRGBATexAlphaMaskAA::edgeLocation):
1352         * platform/graphics/chromium/cc/CCCanvasLayerImpl.cpp:
1353         (WebCore::CCCanvasLayerImpl::draw):
1354         * platform/graphics/chromium/cc/CCHeadsUpDisplay.cpp:
1355         (WebCore::CCHeadsUpDisplay::draw):
1356         * platform/graphics/chromium/cc/CCLayerQuad.cpp: Added.
1357         (WebCore::CCLayerQuad::Edge::Edge):
1358         (WebCore::CCLayerQuad::CCLayerQuad):
1359         (WebCore::CCLayerQuad::floatQuad):
1360         (WebCore::CCLayerQuad::toFloatArray):
1361         * platform/graphics/chromium/cc/CCLayerQuad.h: Added.
1362         (WebCore::CCLayerQuad::Edge::Edge):
1363         (WebCore::CCLayerQuad::Edge::x):
1364         (WebCore::CCLayerQuad::Edge::y):
1365         (WebCore::CCLayerQuad::Edge::z):
1366         (WebCore::CCLayerQuad::Edge::setX):
1367         (WebCore::CCLayerQuad::Edge::setY):
1368         (WebCore::CCLayerQuad::Edge::setZ):
1369         (WebCore::CCLayerQuad::Edge::set):
1370         (WebCore::CCLayerQuad::Edge::moveX):
1371         (WebCore::CCLayerQuad::Edge::moveY):
1372         (WebCore::CCLayerQuad::Edge::moveZ):
1373         (WebCore::CCLayerQuad::Edge::move):
1374         (WebCore::CCLayerQuad::Edge::scaleX):
1375         (WebCore::CCLayerQuad::Edge::scaleY):
1376         (WebCore::CCLayerQuad::Edge::scaleZ):
1377         (WebCore::CCLayerQuad::Edge::scale):
1378         (WebCore::CCLayerQuad::Edge::intersect):
1379         (WebCore::CCLayerQuad::CCLayerQuad):
1380         (WebCore::CCLayerQuad::left):
1381         (WebCore::CCLayerQuad::top):
1382         (WebCore::CCLayerQuad::right):
1383         (WebCore::CCLayerQuad::bottom):
1384         (WebCore::CCLayerQuad::inflateX):
1385         (WebCore::CCLayerQuad::inflateY):
1386         (WebCore::CCLayerQuad::inflate):
1387         (WebCore::CCLayerQuad::inflateAntiAliasingDistance):
1388         * platform/graphics/chromium/cc/CCPluginLayerImpl.cpp:
1389         (WebCore::CCPluginLayerImpl::draw):
1390         * platform/graphics/chromium/cc/CCRenderSurface.cpp:
1391         (WebCore::CCRenderSurface::draw):
1392         (WebCore::CCRenderSurface::drawLayer):
1393         (WebCore::CCRenderSurface::drawSurface):
1394         * platform/graphics/chromium/cc/CCRenderSurface.h:
1395         * platform/graphics/chromium/cc/CCTiledLayerImpl.cpp:
1396         (WebCore::CCTiledLayerImpl::draw):
1397         (WebCore::CCTiledLayerImpl::drawTiles):
1398         * platform/graphics/chromium/cc/CCTiledLayerImpl.h:
1399         * platform/graphics/chromium/cc/CCVideoLayerImpl.cpp:
1400         (WebCore::CCVideoLayerImpl::drawYUV):
1401         (WebCore::CCVideoLayerImpl::drawRGBA):
1402         * platform/graphics/transforms/TransformationMatrix.cpp:
1403         (WebCore::TransformationMatrix::to2dTransform):
1404         * platform/graphics/transforms/TransformationMatrix.h:
1405
1406 2011-09-06  Oliver Hunt  <oliver@apple.com>
1407
1408         Remove JSObjectWithGlobalObject
1409         https://bugs.webkit.org/show_bug.cgi?id=67689
1410
1411         Reviewed by Geoff Garen.
1412
1413         Remove use of anonymous storage and JSObjectWithGlobalObject for
1414         accessing a JSObject's global object now that they're available
1415         on the object's structure.
1416
1417         * bindings/js/JSDOMWindowShell.cpp:
1418         (WebCore::JSDOMWindowShell::setWindow):
1419         * bindings/js/JSDOMWrapper.h:
1420         (WebCore::JSDOMWrapper::globalObject):
1421         (WebCore::JSDOMWrapper::JSDOMWrapper):
1422         * bindings/js/WorkerScriptController.cpp:
1423         (WebCore::WorkerScriptController::initScript):
1424         * bindings/scripts/CodeGeneratorJS.pm:
1425         (GenerateHeader):
1426         (GenerateImplementation):
1427         * bridge/objc/objc_runtime.h:
1428         * bridge/objc/objc_runtime.mm:
1429         (JSC::Bindings::ObjcFallbackObjectImp::ObjcFallbackObjectImp):
1430         (JSC::Bindings::ObjcFallbackObjectImp::finishCreation):
1431         * bridge/runtime_object.cpp:
1432         (JSC::Bindings::RuntimeObject::RuntimeObject):
1433         (JSC::Bindings::RuntimeObject::finishCreation):
1434         * bridge/runtime_object.h:
1435
1436 2011-09-07  Ryosuke Niwa  <rniwa@webkit.org>
1437
1438         Mac build fix after r94694.
1439
1440         * WebCore.xcodeproj/project.pbxproj:
1441
1442 2011-09-07  Tim Horton  <timothy_horton@apple.com>
1443
1444         FELighting is using width instead of height to determine skip for parallel(n>2) case
1445         https://bugs.webkit.org/show_bug.cgi?id=67719
1446         <rdar://problem/10086178>
1447
1448         Reviewed by Dirk Schulze.
1449
1450         No new tests, because the bug only exhibits under conditions which are currently
1451         impossible by default (using more than 2 cores) on some platforms.
1452
1453         * platform/graphics/filters/FELighting.cpp:
1454         (WebCore::FELighting::platformApplyGeneric):
1455
1456 2011-09-07  W. James MacLean  <wjmaclean@chromium.org>
1457
1458         Eliminate motion jitter in animated, blurred SVG image
1459         https://bugs.webkit.org/show_bug.cgi?id=67503
1460
1461         Fixes filter shear-free transform applied to SVG images.
1462
1463         In applyResource() the shearFreeAbsoluteTransform is applied to the drawing region,
1464         which is based on the object bounding box (which doesn't move). For a rotation
1465         around the centre of the box, this should really just be the identity matrix,
1466         since the BB should neither change size nor location. So really, we're just interested
1467         in the scale change of the BB here, and not in moving it.
1468
1469         This impacts how slices are extracted, and affects the {x|y}Mid and {x|y}Max extractions
1470         for vertical and horizontal slices, so the test verifies these.
1471
1472         Reviewed by Dirk Schulze.
1473
1474         Test: svg/W3C-SVG-1.1-SE/filters-image-05-f.svg
1475
1476         * rendering/svg/RenderSVGResourceFilter.cpp:
1477         (WebCore::RenderSVGResourceFilter::applyResource):
1478
1479 2011-09-03  Robert Hogan  <robert@webkit.org>
1480
1481         Elements with position:absolute don't move to correct position after images load
1482         https://bugs.webkit.org/show_bug.cgi?id=54611
1483
1484         Reviewed by Simon Fraser.
1485
1486         Test: fast/block/positioning/absolute-layout-after-image-load.html
1487               fast/block/positioning/positioned-float-layout-after-image-load.html
1488
1489         In the test the 'label' block is an absolutely positioned child of an inline flow. So during layout, 
1490         this RenderBlock::layoutPositionedObjects fails to dirty it for rendering because it requires 
1491         the parent to be a BlockFlow. The code to do this was introduced in http://trac.webkit.org/changeset/8284. 
1492         There doesn't seem to be a good reason for requiring a BlockFlow, so remove the check. Do the same
1493         for positioned floats in RenderBlock::positionedFloatsNeedRelayout(), although currently layoutPositionedObjects()
1494         takes care of it this at least ensures no regression in future.
1495
1496         Note: Although the issue is encountered only on first load without a fragment identifier, it 
1497         happens reliably when you include the fragment identifier in the url (#Footnote_1). This is so 
1498         because scrolling to the fragment always happens before the image has loaded, rendering the page 
1499         and clearing the initial dirty bits in the positioned element's renderer. When the image finally 
1500         loads in this scenario, the positioned element is otherwise clean and relies on the above code to get 
1501         re-rendered.
1502
1503         * rendering/RenderBlock.cpp:
1504         (WebCore::RenderBlock::layoutPositionedObjects): remove the check for r->parent()->isBlockFlow() when 
1505                                                          deciding whether to mark children for layout
1506         (WebCore::RenderBlock::positionedFloatsNeedRelayout): ditto
1507
1508 2011-09-07  Anna Cavender  <annacc@chromium.org>
1509
1510         Moving platform/track to html/track to avoid layering violation.
1511         https://bugs.webkit.org/show_bug.cgi?id=67680
1512
1513         Reviewed by Adam Barth.
1514
1515         No new tests. No new functionality.
1516
1517         * CMakeLists.txt:
1518         * GNUmakefile.am:
1519         * GNUmakefile.list.am:
1520         * WebCore.gyp/WebCore.gyp:
1521         * WebCore.gypi:
1522         * WebCore.pri:
1523         * WebCore.pro:
1524         * html/track/CueParser.cpp: Renamed from Source/WebCore/platform/track/CueParser.cpp.
1525         * html/track/CueParser.h: Renamed from Source/WebCore/platform/track/CueParser.h.
1526         * html/track/CueParserPrivate.h: Renamed from Source/WebCore/platform/track/CueParserPrivate.h.
1527         * html/track/WebVTTParser.cpp: Renamed from Source/WebCore/platform/track/WebVTTParser.cpp.
1528         * html/track/WebVTTParser.h: Renamed from Source/WebCore/platform/track/WebVTTParser.h.
1529         * html/track/WebVTTToken.h: Renamed from Source/WebCore/platform/track/WebVTTToken.h.
1530         * html/track/WebVTTTokenizer.cpp: Renamed from Source/WebCore/platform/track/WebVTTTokenizer.cpp.
1531         * html/track/WebVTTTokenizer.h: Renamed from Source/WebCore/platform/track/WebVTTTokenizer.h.
1532
1533 2011-09-07  David Hyatt  <hyatt@apple.com>
1534
1535         https://bugs.webkit.org/show_bug.cgi?id=67286
1536
1537         REGRESSION: css2.1/t090204-display-change-01-b-ao.html fails after r94084.
1538
1539         Make sure that the trailing floats line box explicitly sets the line top with leading and line bottom with
1540         leading to just be the block height.
1541
1542         Reviewed by Dan Bernstein.
1543
1544         * rendering/RenderBlockLineLayout.cpp:
1545         (WebCore::RenderBlock::linkToEndLineIfNeeded):
1546
1547 2011-09-06  Abhishek Arya  <inferno@chromium.org>
1548
1549         Null owningRenderer crash in RenderScrollbar::updateScrollbarParts.
1550         https://bugs.webkit.org/show_bug.cgi?id=67669
1551
1552         Reviewed by James Robinson.
1553
1554         Owning renderer can be cleared for custom scrollbars in clearOwningRenderer()
1555         call. We need a null check in updateScrollbarParts, so that we do not crash.
1556
1557         No tests since issue seen in crash reports only and I donot know a way to
1558         reproduce.
1559
1560         * rendering/RenderScrollbar.cpp:
1561         (WebCore::RenderScrollbar::updateScrollbarParts):
1562
1563 2011-09-05  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>
1564
1565         [Qt][WK2] Make TiledDrawingArea request tiles only in the direction the viewport is panned to.
1566         https://bugs.webkit.org/show_bug.cgi?id=67606
1567
1568         Reviewed by Noam Rosenthal.
1569
1570         TiledBackingStore previously used different values for horizontal and vertial multiplication
1571         to calculate the cover area.
1572         This patch replaces this mechanism, used to give a bigger panning range to vertical panning,
1573         with the possibility to use the motion vector of the viewport to request tiles ahead instead.
1574         This allows economies on rendering resources as tiles won't be rendered beside the trajectory
1575         of the viewport.
1576
1577         * platform/graphics/TiledBackingStore.cpp:
1578         (WebCore::TiledBackingStore::TiledBackingStore):
1579         (WebCore::TiledBackingStore::setKeepAndCoverAreaMultipliers):
1580         (WebCore::TiledBackingStore::setCoverAreaFocusVector):
1581         (WebCore::TiledBackingStore::createTiles):
1582         (WebCore::TiledBackingStore::calculateKeepRect):
1583         (WebCore::TiledBackingStore::calculateCoverRect):
1584         * platform/graphics/TiledBackingStore.h:
1585         (WebCore::TiledBackingStore::getKeepAndCoverAreaMultipliers):
1586
1587 2011-09-01  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>
1588
1589         [Qt] TiledBackingStore: Import the resizeEdgeTiles logic from TiledDrawindAreaProxy.
1590         https://bugs.webkit.org/show_bug.cgi?id=67416
1591
1592         Reviewed by Kenneth Rohde Christiansen.
1593
1594         Original code by Antti Koivisto.
1595         With the current code, when the page is layouted during load, edge tiles will
1596         get removed instead of continuing to show their front buffer while the tile
1597         is being rendered for the new size.
1598
1599         * platform/graphics/Tile.h:
1600         * platform/graphics/TiledBackingStore.cpp:
1601         (WebCore::TiledBackingStore::createTiles):
1602         (WebCore::TiledBackingStore::resizeEdgeTiles):
1603         * platform/graphics/TiledBackingStore.h:
1604         * platform/graphics/qt/TileQt.cpp:
1605         (WebCore::TileQt::resize):
1606         * platform/graphics/qt/TileQt.h:
1607
1608 2011-09-07  Tim Horton  <timothy_horton@apple.com>
1609
1610         Don't round-trip through TransformationMatrix in SVGImageBufferTools::clearAffineTransform2DRotation
1611         https://bugs.webkit.org/show_bug.cgi?id=67242
1612         <rdar://problem/10069770>
1613
1614         Reviewed by Dirk Schulze.
1615
1616         No new tests, minor performance improvement.
1617
1618         * platform/graphics/transforms/AffineTransform.cpp:
1619         (WebCore::AffineTransform::blend):
1620         (WebCore::AffineTransform::decompose):
1621         (WebCore::AffineTransform::recompose):
1622         * platform/graphics/transforms/AffineTransform.h:
1623         * rendering/svg/SVGImageBufferTools.cpp:
1624         (WebCore::SVGImageBufferTools::clear2DRotation):
1625
1626 2011-09-06  Pavel Podivilov  <podivilov@chromium.org>
1627
1628         Web Inspector: do not re-create RawSourceCode when toggling pretty-print mode.
1629         https://bugs.webkit.org/show_bug.cgi?id=67647
1630
1631         1) Implement RawSourceCode.setFormatted that allows toggling pretty-print mode on the fly without resetting everything.
1632         2) Add RawSourceCode unit tests.
1633         3) Remove source mapping listeners and console messages from presentation model (they live in RawSourceCode now).
1634
1635         Reviewed by Yury Semikhatsky.
1636
1637         Test: inspector/debugger/raw-source-code.html
1638
1639         * inspector/front-end/DebuggerPresentationModel.js:
1640         (WebInspector.DebuggerPresentationModel):
1641         (WebInspector.DebuggerPresentationModel.prototype.linkifyLocation):
1642         (WebInspector.DebuggerPresentationModel.prototype._addScript):
1643         (WebInspector.DebuggerPresentationModel.prototype._sourceMappingUpdated):
1644         (WebInspector.DebuggerPresentationModel.prototype.setFormatSource):
1645         (WebInspector.DebuggerPresentationModel.prototype._createRawSourceCodeId):
1646         (WebInspector.DebuggerPresentationModel.prototype._debuggerReset):
1647         * inspector/front-end/ScriptsPanel.js:
1648         (WebInspector.ScriptsPanel.prototype._toggleFormatSource):
1649         * inspector/front-end/SourceFile.js:
1650         (WebInspector.RawSourceCode):
1651         (WebInspector.RawSourceCode.prototype.get uiSourceCode):
1652         (WebInspector.RawSourceCode.prototype.setFormatted):
1653         (WebInspector.RawSourceCode.prototype.rawLocationToUILocation):
1654         (WebInspector.RawSourceCode.prototype._saveSourceMapping):
1655
1656 2011-09-07  Alexander Pavlov  <apavlov@chromium.org>
1657
1658         Web Inspector: Implement circular tabbing through the Styles sidebar pane contents
1659         https://bugs.webkit.org/show_bug.cgi?id=67127
1660
1661         Reviewed by Yury Semikhatsky.
1662
1663         * inspector/front-end/Section.js:
1664         (WebInspector.Section.prototype.get firstSibling):
1665         (WebInspector.Section.prototype.get lastSibling):
1666         * inspector/front-end/StylesSidebarPane.js:
1667         (WebInspector.StylePropertiesSection.prototype.nextEditableSibling):
1668         (WebInspector.StylePropertiesSection.prototype.previousEditableSibling):
1669         (WebInspector.StylePropertiesSection.prototype.startEditingSelector):
1670         (WebInspector.StylePropertiesSection.prototype._moveEditorFromSelector):
1671         (WebInspector.StylePropertiesSection.prototype.editingSelectorCommitted.successCallback):
1672         (WebInspector.StylePropertiesSection.prototype.editingSelectorCommitted):
1673         (WebInspector.StylePropertyTreeElement.prototype):
1674         (WebInspector.StylePropertyTreeElement.prototype.element.userInput.previousContent.context.moveDirection):
1675
1676 2011-09-02  Andrey Kosyakov  <caseq@chromium.org>
1677
1678         Web Inspector: [Extensions API] expose console API
1679         https://bugs.webkit.org/show_bug.cgi?id=67506
1680
1681         Reviewed by Pavel Feldman.
1682
1683         Test: inspector/extensions/extensions-console.html
1684
1685         * inspector/front-end/ConsoleMessage.js:
1686         (WebInspector.ConsoleMessage.prototype.get text):
1687         (WebInspector.ConsoleMessage.prototype.get parameters):
1688         * inspector/front-end/ExtensionAPI.js:
1689         (WebInspector.injectedExtensionAPI.InspectorExtensionAPI):
1690         (WebInspector.injectedExtensionAPI):
1691         (WebInspector.injectedExtensionAPI.Console.prototype.getMessages):
1692         (WebInspector.injectedExtensionAPI.Console.prototype.addMessage):
1693         (WebInspector.injectedExtensionAPI.Console.prototype.get MessageLevel):
1694         (WebInspector.injectedExtensionAPI.Network.dispatchRequestEvent):
1695         (WebInspector.injectedExtensionAPI.Network):
1696         (WebInspector.injectedExtensionAPI.AuditCategoryImpl.dispatchAuditEvent):
1697         (WebInspector.injectedExtensionAPI.AuditCategoryImpl):
1698         (WebInspector.injectedExtensionAPI.InspectedWindow.dispatchResourceEvent):
1699         (WebInspector.injectedExtensionAPI.InspectedWindow.dispatchResourceContentEvent):
1700         (WebInspector.injectedExtensionAPI.InspectedWindow):
1701         * inspector/front-end/ExtensionCommon.js:
1702         (WebInspector.commonExtensionSymbols):
1703         * inspector/front-end/ExtensionServer.js:
1704         (WebInspector.ExtensionServer):
1705         (WebInspector.ExtensionServer.prototype._notifyConsoleMessageAdded):
1706         (WebInspector.ExtensionServer.prototype._onGetConsoleMessages):
1707         (WebInspector.ExtensionServer.prototype._onAddConsoleMessage):
1708         (WebInspector.ExtensionServer.prototype._makeConsoleMessage):
1709         (WebInspector.ExtensionServer.prototype._makeConsoleMessage.convertParameter):
1710         (WebInspector.ExtensionServer.prototype._dispatchCallback):
1711         (WebInspector.ExtensionServer.prototype.initExtensions):
1712
1713 2011-09-05  Andrey Kosyakov  <caseq@chromium.org>
1714
1715         Web Inspector: disable popover when a mouse button is pressed
1716         https://bugs.webkit.org/show_bug.cgi?id=67610
1717
1718         Reviewed by Pavel Feldman.
1719
1720         - disable popover when a mouse button is pressed
1721         - disable popover in a SourceFrame when the source is being edited
1722
1723         * inspector/front-end/Popover.js:
1724         (WebInspector.PopoverHelper):
1725         (WebInspector.PopoverHelper.prototype._mouseUp):
1726         (WebInspector.PopoverHelper.prototype._mouseDown):
1727         (WebInspector.PopoverHelper.prototype._handleMouseAction):
1728         * inspector/front-end/SourceFrame.js:
1729         (WebInspector.SourceFrame.prototype._onHidePopover):
1730         (WebInspector.SourceFrame.prototype.doubleClick):
1731
1732 2011-09-07  Antti Koivisto  <antti@apple.com>
1733
1734         https://bugs.webkit.org/show_bug.cgi?id=67634
1735         De-virtualize styleForRenderer()
1736
1737         Reviewed by Sam Weinig.
1738         
1739         This has performance and code clarity benefits.
1740
1741         - move styleForRenderer from Node to Element
1742         - get rid of the now unnecessary NodeRenderingContext parameter
1743         - de-virtualize, add virtual customStyleForRenderer()
1744
1745         * dom/Element.cpp:
1746         (WebCore::Element::customStyleForRenderer):
1747         (WebCore::Element::styleForRenderer):
1748         (WebCore::Element::recalcStyle):
1749         * dom/Element.h:
1750         * dom/Node.cpp:
1751         * dom/Node.h:
1752         (WebCore::Node::hasCustomWillOrDidRecalcStyle):
1753         (WebCore::Node::setHasCustomWillOrDidRecalcStyle):
1754         (WebCore::Node::hasCustomStyleForRenderer):
1755         (WebCore::Node::setHasCustomStyleForRenderer):
1756         
1757             Move styleForRenderer, add customStyleForRenderer, add a bit.
1758         
1759         * dom/NodeRenderingContext.cpp:
1760         (WebCore::NodeRendererFactory::createRendererAndStyle): 
1761         
1762             Handle non-element case separately since styleForRenderer was moved from Node to Element.
1763
1764         * html/HTMLNoScriptElement.cpp:
1765         (WebCore::HTMLNoScriptElement::HTMLNoScriptElement):
1766         (WebCore::HTMLNoScriptElement::customStyleForRenderer):
1767         * html/HTMLNoScriptElement.h:
1768         
1769             Move a strange XHTMLMP special case to where it belongs.
1770
1771         * html/HTMLOptGroupElement.cpp:
1772         (WebCore::HTMLOptGroupElement::attach):
1773         * html/HTMLOptionElement.cpp:
1774         (WebCore::HTMLOptionElement::attach):
1775         * html/HTMLTitleElement.cpp:
1776         (WebCore::HTMLTitleElement::textWithDirection):
1777         * html/shadow/TextControlInnerElements.cpp:
1778         (WebCore::TextControlInnerElement::TextControlInnerElement):
1779         (WebCore::TextControlInnerElement::customStyleForRenderer):
1780         (WebCore::TextControlInnerTextElement::TextControlInnerTextElement):
1781         (WebCore::TextControlInnerTextElement::customStyleForRenderer):
1782         * html/shadow/TextControlInnerElements.h:
1783         * rendering/svg/SVGShadowTreeElements.cpp:
1784         (WebCore::SVGShadowTreeContainerElement::customStyleForRenderer):
1785         * rendering/svg/SVGShadowTreeElements.h:
1786         * svg/SVGElement.cpp:
1787         (WebCore::SVGElement::SVGElement):
1788         (WebCore::SVGElement::customStyleForRenderer):
1789         * svg/SVGElement.h:
1790         
1791             Adopt customStyleForRenderer().
1792
1793 2011-09-07  Ryosuke Niwa  <rniwa@webkit.org>
1794
1795         Change event is not fired for input[type=number] when the user reverts a change made by script
1796         https://bugs.webkit.org/show_bug.cgi?id=67697
1797
1798         Reviewed by Kent Tamura.
1799
1800         The bug was caused by HTMLInputElement::setValue not calling setTextAsOfLastFormControlChangeEvent
1801         for text fields other than type=text.
1802
1803         Also fixed a that stepUpFromRenderer does not call setTextAsOfLastFormControlChangeEvent at appropriate
1804         timing due to setValueAsNumber always passing sendChangeEvent=false to setValue by propagating values
1805         through setValueAsNumber and applyStep. This refactoring allows us to remove calls to dispatch* in
1806         stepUpFromRenderer because they're now called in setValueAsNumber or applyStep.
1807
1808         Test: fast/forms/number-input-changeevent.html
1809
1810         * html/BaseDateAndTimeInputType.cpp:
1811         (WebCore::BaseDateAndTimeInputType::setValueAsNumber):
1812         * html/BaseDateAndTimeInputType.h:
1813         * html/HTMLInputElement.cpp:
1814         (WebCore::HTMLInputElement::applyStep):
1815         (WebCore::HTMLInputElement::stepUp):
1816         (WebCore::HTMLInputElement::stepDown):
1817         (WebCore::HTMLInputElement::setValue):
1818         (WebCore::HTMLInputElement::setValueAsNumber):
1819         (WebCore::HTMLInputElement::stepUpFromRenderer):
1820         * html/HTMLInputElement.h:
1821         * html/InputType.cpp:
1822         (WebCore::InputType::setValueAsNumber):
1823         * html/InputType.h:
1824         * html/NumberInputType.cpp:
1825         (WebCore::NumberInputType::setValueAsNumber):
1826         * html/NumberInputType.h:
1827         * html/RangeInputType.cpp:
1828         (WebCore::RangeInputType::setValueAsNumber):
1829         (WebCore::RangeInputType::handleKeydownEvent):
1830         * html/RangeInputType.h:
1831
1832 2011-09-07  Antti Koivisto  <antti@apple.com>
1833
1834         Try to fix Qt build by moving the Qt specific include (which is not really allowed here!).
1835
1836         Not reviewed.
1837
1838         * css/CSSStyleSelector.cpp:
1839         * css/SelectorChecker.cpp:
1840         (WebCore::SelectorChecker::determineLinkStateSlowCase):
1841
1842 2011-09-07  Antti Koivisto  <antti@apple.com>
1843
1844         Move SelectorChecker out from CSSStyleSelector scope
1845         https://bugs.webkit.org/show_bug.cgi?id=67648
1846
1847         Reviewed by Sam Weinig.
1848
1849         - Move SelectorChecker to SelectorChecker.h/cpp
1850         - Make private functions private
1851         - Make members private, add accessors
1852         - Move m_sameOriginOnly to CSSStyleSelector as it is not used by SelectorChecker
1853
1854         * CMakeLists.txt:
1855         * GNUmakefile.list.am:
1856         * WebCore.gypi:
1857         * WebCore.pro:
1858         * WebCore.vcproj/WebCore.vcproj:
1859         * WebCore.xcodeproj/project.pbxproj:
1860         * css/CSSStyleSelector.cpp:
1861         (WebCore::CSSStyleSelector::CSSStyleSelector):
1862         (WebCore::CSSStyleSelector::matchRules):
1863         (WebCore::CSSStyleSelector::matchRulesForList):
1864         (WebCore::CSSStyleSelector::sortMatchedRules):
1865         (WebCore::CSSStyleSelector::initForStyleResolve):
1866         (WebCore::CSSStyleSelector::matchUARules):
1867         (WebCore::CSSStyleSelector::styleForElement):
1868         (WebCore::CSSStyleSelector::pseudoStyleForElement):
1869         (WebCore::CSSStyleSelector::styleForPage):
1870         (WebCore::CSSStyleSelector::adjustRenderStyle):
1871         (WebCore::CSSStyleSelector::pseudoStyleRulesForElement):
1872         (WebCore::CSSStyleSelector::checkSelector):
1873         (WebCore::RuleData::RuleData):
1874         (WebCore::CSSStyleSelector::applyProperty):
1875         (WebCore::CSSStyleSelector::checkForGenericFamilyChange):
1876         (WebCore::CSSStyleSelector::setFontSize):
1877         (WebCore::CSSStyleSelector::getColorFromPrimitiveValue):
1878         * css/CSSStyleSelector.h:
1879         (WebCore::CSSStyleSelector::style):
1880         (WebCore::CSSStyleSelector::parentStyle):
1881         (WebCore::CSSStyleSelector::rootElementStyle):
1882         (WebCore::CSSStyleSelector::element):
1883         (WebCore::CSSStyleSelector::fontDescription):
1884         (WebCore::CSSStyleSelector::parentFontDescription):
1885         (WebCore::CSSStyleSelector::setFontDescription):
1886         (WebCore::CSSStyleSelector::setZoom):
1887         (WebCore::CSSStyleSelector::setEffectiveZoom):
1888         (WebCore::CSSStyleSelector::setTextSizeAdjust):
1889         (WebCore::CSSStyleSelector::setStyle):
1890         (WebCore::CSSStyleSelector::fontSelector):
1891         (WebCore::CSSStyleSelector::allVisitedStateChanged):
1892         (WebCore::CSSStyleSelector::visitedStateChanged):
1893         (WebCore::CSSStyleSelector::usesSiblingRules):
1894         (WebCore::CSSStyleSelector::usesFirstLineRules):
1895         (WebCore::CSSStyleSelector::usesBeforeAfterRules):
1896         (WebCore::CSSStyleSelector::usesLinkRules):
1897         (WebCore::CSSStyleSelector::addMatchedRule):
1898         (WebCore::CSSStyleSelector::isRightPage):
1899         (WebCore::CSSStyleSelector::ParentStackFrame::ParentStackFrame):
1900         (WebCore::CSSStyleSelector::styleNotYetAvailable):
1901         * css/SelectorChecker.cpp: Added.
1902         (WebCore::SelectorChecker::SelectorChecker):
1903         (WebCore::linkAttribute):
1904         (WebCore::SelectorChecker::determineLinkStateSlowCase):
1905         (WebCore::SelectorChecker::checkSelector):
1906         (WebCore::SelectorChecker::fastCheckSelector):
1907         (WebCore::SelectorChecker::isFastCheckableSelector):
1908         (WebCore::addLocalNameToSet):
1909         (WebCore::createHtmlCaseInsensitiveAttributesSet):
1910         (WebCore::htmlAttributeHasCaseInsensitiveValue):
1911         (WebCore::attributeQualifiedNameMatches):
1912         (WebCore::attributeValueMatches):
1913         (WebCore::anyAttributeMatches):
1914         (WebCore::SelectorChecker::checkOneSelector):
1915         (WebCore::SelectorChecker::checkScrollbarPseudoClass):
1916         (WebCore::SelectorChecker::allVisitedStateChanged):
1917         (WebCore::SelectorChecker::visitedStateChanged):
1918         * css/SelectorChecker.h: Added.
1919         (WebCore::SelectorChecker::document):
1920         (WebCore::SelectorChecker::strictParsing):
1921         (WebCore::SelectorChecker::isCollectingRulesOnly):
1922         (WebCore::SelectorChecker::setCollectingRulesOnly):
1923         (WebCore::SelectorChecker::isMatchingVisitedPseudoClass):
1924         (WebCore::SelectorChecker::setMatchingVisitedPseudoClass):
1925         (WebCore::SelectorChecker::pseudoStyle):
1926         (WebCore::SelectorChecker::setPseudoStyle):
1927         (WebCore::SelectorChecker::hasUnknownPseudoElements):
1928         (WebCore::SelectorChecker::clearHasUnknownPseudoElements):
1929         (WebCore::SelectorChecker::determineLinkState):
1930         * dom/Element.cpp:
1931         (WebCore::Element::webkitMatchesSelector):
1932         * dom/SelectorQuery.cpp:
1933         (WebCore::SelectorQuery::SelectorQuery):
1934         * dom/SelectorQuery.h:
1935
1936 2011-09-07  Dmitry Lomov  <dslomov@google.com>
1937
1938         https://bugs.webkit.org/show_bug.cgi?id=67413 
1939         [Chromium]Web Inspector: inspected page with dedicated worker crashes on refresh.
1940         This patch enforces lifetime ordering between WorkerInspectorController and WorkerScriptController.
1941
1942         Reviewed by Yury Semikhatsky.
1943
1944         * workers/WorkerContext.cpp:
1945         (WebCore::WorkerContext::clearInspector):
1946         * workers/WorkerContext.h:
1947         * workers/WorkerThread.cpp:
1948         (WebCore::WorkerThreadShutdownFinishTask::performTask):
1949
1950 2011-09-07  Sheriff Bot  <webkit.review.bot@gmail.com>
1951
1952         Unreviewed, rolling out r94627 and r94632.
1953         http://trac.webkit.org/changeset/94627
1954         http://trac.webkit.org/changeset/94632
1955         https://bugs.webkit.org/show_bug.cgi?id=67698
1956
1957         It broke tests on GTK and Qt (Requested by Ossy on #webkit).
1958
1959         * WebCore.exp.in:
1960         * bindings/js/JSDOMBinding.h:
1961         (WebCore::DOMConstructorObject::DOMConstructorObject):
1962         * bindings/js/JSDOMGlobalObject.cpp:
1963         (WebCore::JSDOMGlobalObject::JSDOMGlobalObject):
1964         * bindings/js/JSDOMGlobalObject.h:
1965         * bindings/js/JSDOMWindowShell.cpp:
1966         (WebCore::JSDOMWindowShell::create):
1967         * bindings/js/JSDOMWindowShell.h:
1968         * bindings/js/JSDOMWrapper.h:
1969         (WebCore::JSDOMWrapper::JSDOMWrapper):
1970         * bindings/scripts/CodeGeneratorJS.pm:
1971         (GenerateImplementation):
1972         * bindings/scripts/test/JS/JSTestInterface.cpp:
1973         (WebCore::JSTestInterface::JSTestInterface):
1974         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
1975         (WebCore::JSTestMediaQueryListListener::JSTestMediaQueryListListener):
1976         * bindings/scripts/test/JS/JSTestObj.cpp:
1977         (WebCore::JSTestObj::JSTestObj):
1978         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
1979         (WebCore::JSTestSerializedScriptValueInterface::JSTestSerializedScriptValueInterface):
1980         * bridge/c/CRuntimeObject.cpp:
1981         (JSC::Bindings::CRuntimeObject::CRuntimeObject):
1982         * bridge/c/CRuntimeObject.h:
1983         * bridge/jni/jsc/JavaRuntimeObject.cpp:
1984         (JSC::Bindings::JavaRuntimeObject::JavaRuntimeObject):
1985         * bridge/jni/jsc/JavaRuntimeObject.h:
1986         * bridge/objc/ObjCRuntimeObject.h:
1987         * bridge/objc/ObjCRuntimeObject.mm:
1988         (JSC::Bindings::ObjCRuntimeObject::ObjCRuntimeObject):
1989         * bridge/objc/objc_runtime.h:
1990         (JSC::Bindings::ObjcFallbackObjectImp::create):
1991         * bridge/objc/objc_runtime.mm:
1992         (JSC::Bindings::ObjcFallbackObjectImp::ObjcFallbackObjectImp):
1993         * bridge/qt/qt_instance.cpp:
1994         (JSC::Bindings::QtRuntimeObject::QtRuntimeObject):
1995         * bridge/qt/qt_pixmapruntime.cpp:
1996         (JSC::Bindings::QtPixmapRuntimeObject::QtPixmapRuntimeObject):
1997         * bridge/qt/qt_runtime.cpp:
1998         (JSC::Bindings::QtRuntimeMethod::QtRuntimeMethod):
1999         * bridge/qt/qt_runtime.h:
2000         * bridge/runtime_array.cpp:
2001         (JSC::RuntimeArray::RuntimeArray):
2002         * bridge/runtime_array.h:
2003         (JSC::RuntimeArray::create):
2004         * bridge/runtime_method.cpp:
2005         (JSC::RuntimeMethod::RuntimeMethod):
2006         * bridge/runtime_method.h:
2007         * bridge/runtime_object.cpp:
2008         (JSC::Bindings::RuntimeObject::RuntimeObject):
2009         * bridge/runtime_object.h:
2010         (JSC::Bindings::RuntimeObject::create):
2011
2012 2011-08-31  Yury Semikhatsky  <yurys@chromium.org>
2013
2014         fast/workers/worker-script-error.html fails on Chromium after r94061
2015         https://bugs.webkit.org/show_bug.cgi?id=67206
2016
2017         Default action should be prevented if window.onerror returned true and stay
2018         not prevented otherwise.
2019
2020         Reviewed by Dmitry Titov.
2021
2022         Tests: fast/events/window-onerror14.html
2023                fast/events/window-onerror15.html
2024                fast/events/window-onerror16.html
2025
2026         * bindings/v8/V8AbstractEventListener.cpp:
2027         (WebCore::V8AbstractEventListener::invokeEventHandler):
2028         (WebCore::V8AbstractEventListener::shouldPreventDefault): allow specific
2029         event listeners to decide when to prevent default action based on the handler
2030         return value.
2031         * bindings/v8/V8AbstractEventListener.h:
2032         * bindings/v8/V8WindowErrorHandler.cpp:
2033         (WebCore::V8WindowErrorHandler::callListenerFunction):
2034         (WebCore::V8WindowErrorHandler::shouldPreventDefault):
2035         * bindings/v8/V8WindowErrorHandler.h:
2036         * bindings/v8/V8WorkerContextErrorHandler.cpp:
2037         (WebCore::V8WorkerContextErrorHandler::callListenerFunction):
2038         (WebCore::V8WorkerContextErrorHandler::shouldPreventDefault):
2039         * bindings/v8/V8WorkerContextErrorHandler.h:
2040
2041 2011-09-06  Xianzhu Wang  <wangxianzhu@chromium.org>
2042
2043         Replace usages of Vector<UChar> with existing StringBuilder
2044         https://bugs.webkit.org/show_bug.cgi?id=67079
2045
2046         Reviewed by Gavin Barraclough.
2047
2048         No new tests. All existing unit tests and layout tests should run
2049         as before.
2050
2051         * css/CSSOMUtils.cpp:
2052         (WebCore::appendCharacter):
2053         (WebCore::serializeCharacter):
2054         (WebCore::serializeCharacterAsCodePoint):
2055         (WebCore::serializeIdentifier):
2056         (WebCore::serializeString):
2057         * css/CSSOMUtils.h:
2058         * css/CSSPrimitiveValue.cpp:
2059         (WebCore::CSSPrimitiveValue::cssText):
2060         * css/CSSStyleSelector.cpp:
2061         (WebCore::CSSStyleSelector::SelectorChecker::determineLinkStateSlowCase):
2062         * css/CSSWrapShapes.cpp:
2063         (WebCore::CSSWrapShapeRect::cssText):
2064         (WebCore::CSSWrapShapeCircle::cssText):
2065         (WebCore::CSSWrapShapeEllipse::cssText):
2066         (WebCore::CSSWrapShapePolygon::cssText):
2067         * editing/HTMLInterchange.cpp:
2068         (WebCore::convertHTMLTextToInterchangeFormat):
2069         * editing/MarkupAccumulator.cpp:
2070         (WebCore::appendCharactersReplacingEntities):
2071         (WebCore::MarkupAccumulator::serializeNodes):
2072         (WebCore::MarkupAccumulator::appendStartTag):
2073         (WebCore::MarkupAccumulator::appendEndTag):
2074         (WebCore::MarkupAccumulator::concatenateMarkup):
2075         (WebCore::MarkupAccumulator::appendAttributeValue):
2076         (WebCore::MarkupAccumulator::appendCustomAttributes):
2077         (WebCore::MarkupAccumulator::appendQuotedURLAttributeValue):
2078         (WebCore::MarkupAccumulator::appendNodeValue):
2079         (WebCore::MarkupAccumulator::appendNamespace):
2080         (WebCore::MarkupAccumulator::appendText):
2081         (WebCore::MarkupAccumulator::appendComment):
2082         (WebCore::MarkupAccumulator::appendDocumentType):
2083         (WebCore::MarkupAccumulator::appendProcessingInstruction):
2084         (WebCore::MarkupAccumulator::appendElement):
2085         (WebCore::MarkupAccumulator::appendOpenTag):
2086         (WebCore::MarkupAccumulator::appendCloseTag):
2087         (WebCore::MarkupAccumulator::appendAttribute):
2088         (WebCore::MarkupAccumulator::appendCDATASection):
2089         (WebCore::MarkupAccumulator::appendStartMarkup):
2090         (WebCore::MarkupAccumulator::appendEndMarkup):
2091         * editing/MarkupAccumulator.h:
2092         * editing/markup.cpp:
2093         (WebCore::StyledMarkupAccumulator::appendElement):
2094         (WebCore::StyledMarkupAccumulator::wrapWithNode):
2095         (WebCore::StyledMarkupAccumulator::wrapWithStyleNode):
2096         (WebCore::StyledMarkupAccumulator::appendStyleNodeOpenTag):
2097         (WebCore::StyledMarkupAccumulator::takeResults):
2098         (WebCore::StyledMarkupAccumulator::appendText):
2099         (WebCore::urlToMarkup):
2100         * html/DOMTokenList.cpp:
2101         (WebCore::DOMTokenList::removeToken):
2102         * html/HTMLFontElement.cpp:
2103         (WebCore::parseFontSize):
2104         * html/HTMLTextFormControlElement.cpp:
2105         (WebCore::HTMLTextFormControlElement::strippedPlaceholder):
2106         * html/parser/CSSPreloadScanner.cpp:
2107         (WebCore::CSSPreloadScanner::emitRule):
2108         * html/parser/CSSPreloadScanner.h:
2109         * html/parser/HTMLEntityParser.cpp:
2110         (WebCore::consumeHTMLEntity):
2111         * html/parser/HTMLEntityParser.h:
2112         * html/parser/HTMLParserIdioms.cpp:
2113         (WebCore::parseHTMLInteger):
2114         (WebCore::parseHTMLNonNegativeInteger):
2115         * html/parser/HTMLTokenizer.cpp:
2116         (WebCore::HTMLTokenizer::processEntity):
2117         (WebCore::HTMLTokenizer::nextToken):
2118         * html/parser/HTMLTreeBuilder.cpp:
2119         (WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::giveRemainingTo):
2120         (WebCore::HTMLTreeBuilder::defaultForInTableText):
2121         * html/parser/HTMLTreeBuilder.h:
2122         * inspector/InspectorValues.cpp:
2123         (WebCore::InspectorValue::toJSONString):
2124         (WebCore::InspectorValue::writeJSON):
2125         (WebCore::InspectorBasicValue::writeJSON):
2126         (WebCore::InspectorString::writeJSON):
2127         (WebCore::InspectorObject::writeJSON):
2128         (WebCore::InspectorArray::writeJSON):
2129         * inspector/InspectorValues.h:
2130         * loader/CrossOriginAccessControl.cpp:
2131         (WebCore::createAccessControlPreflightRequest):
2132         * loader/appcache/ApplicationCacheStorage.cpp:
2133         (WebCore::ApplicationCacheStorage::store):
2134         * page/Chrome.cpp:
2135         (WebCore::Chrome::setToolTip):
2136         * page/PageSerializer.cpp:
2137         (WebCore::SerializerMarkupAccumulator::appendText):
2138         (WebCore::SerializerMarkupAccumulator::appendElement):
2139         (WebCore::SerializerMarkupAccumulator::appendCustomAttributes):
2140         * page/SecurityOrigin.cpp:
2141         (WebCore::SecurityOrigin::toString):
2142         * platform/KURL.cpp:
2143         (WebCore::KURL::deprecatedString):
2144         (WebCore::decodeURLEscapeSequences):
2145         * platform/LinkHash.cpp:
2146         (WebCore::squeezeOutNullCharacters):
2147         (WebCore::cleanSlashDotDotSlashes):
2148         (WebCore::mergeDoubleSlashes):
2149         (WebCore::cleanSlashDotSlashes):
2150         (WebCore::cleanPath):
2151         (WebCore::visitedURLInline):
2152         (WebCore::visitedURL):
2153         (WebCore::visitedLinkHash):
2154         * platform/LinkHash.h:
2155         * platform/gtk/DataObjectGtk.cpp:
2156         (WebCore::DataObjectGtk::setURL):
2157         * platform/network/HTTPParsers.cpp:
2158         (WebCore::extractMIMETypeFromMediaType):
2159         * platform/text/TextCodecICU.cpp:
2160         (WebCore::TextCodecICU::decode):
2161         * platform/text/TextStream.cpp:
2162         (WebCore::TextStream::operator<<):
2163         (WebCore::TextStream::release):
2164         * platform/text/TextStream.h:
2165         * plugins/PluginStream.cpp:
2166         (WebCore::PluginStream::startStream):
2167         * rendering/InlineTextBox.cpp:
2168         (WebCore::adjustCharactersAndLengthForHyphen):
2169         * rendering/InlineTextBox.h:
2170         (WebCore::BufferForAppendingHyphen::BufferForAppendingHyphen):
2171         * rendering/RenderListItem.cpp:
2172         (WebCore::RenderListItem::markerTextWithSuffix):
2173         * rendering/RenderListMarker.cpp:
2174         (WebCore::toSymbolic):
2175         (WebCore::RenderListMarker::paint):
2176         (WebCore::RenderListMarker::suffix):
2177         * rendering/RenderTreeAsText.cpp:
2178         (WebCore::quoteAndEscapeNonPrintables):
2179         * rendering/mathml/RenderMathMLFenced.cpp:
2180         (WebCore::RenderMathMLFenced::updateFromElement):
2181         * storage/IDBLevelDBCoding.cpp:
2182         (WebCore::IDBLevelDBCoding::decodeString):
2183         * xml/XMLHttpRequest.cpp:
2184         (WebCore::XMLHttpRequest::getAllResponseHeaders):
2185         * xml/XPathFunctions.cpp:
2186         (WebCore::XPath::FunId::evaluate):
2187         (WebCore::XPath::FunConcat::evaluate):
2188         * xml/XPathUtil.cpp:
2189         (WebCore::XPath::stringValue):
2190         * xml/XSLTProcessorLibxslt.cpp:
2191         (WebCore::writeToStringBuilder):
2192         (WebCore::saveResultToString):
2193         * xml/parser/CharacterReferenceParserInlineMethods.h:
2194         (WebCore::unconsumeCharacters):
2195         (WebCore::consumeCharacterReference):
2196         * xml/parser/XMLCharacterReferenceParser.cpp:
2197         (WebCore::consumeXMLCharacterReference):
2198         * xml/parser/XMLCharacterReferenceParser.h:
2199         * xml/parser/XMLTokenizer.cpp:
2200         (WebCore::XMLTokenizer::nextToken):
2201
2202 2011-09-05  Kent Tamura  <tkent@chromium.org>
2203
2204         REGRESSION (Safari 5.1 - ToT): File input retains its file icon when the value is reset
2205         https://bugs.webkit.org/show_bug.cgi?id=67567
2206
2207         Reviewed by Dimitri Glazkov.
2208
2209         - Introduce InputType::setValue(), which is called by HTMLInputElement::setValue().
2210         - Clear m_icon in FileInputType::setValue().
2211
2212         Tests: fast/forms/file/file-reset-in-change-expected.html
2213                fast/forms/file/file-reset-in-change.html
2214
2215         * html/BaseButtonInputType.cpp:
2216         (WebCore::BaseButtonInputType::setValue):
2217         Implemenation for the "default" mode.
2218         http://www.whatwg.org/specs/web-apps/current-work/multipage/common-input-element-attributes.html#dom-input-value-default
2219         * html/BaseButtonInputType.h:
2220         * html/BaseCheckableInputType.cpp:
2221         (WebCore::BaseCheckableInputType::setValue):
2222         Implemenation for the "default/on" mode.
2223         http://www.whatwg.org/specs/web-apps/current-work/multipage/common-input-element-attributes.html#dom-input-value-default-on
2224         * html/BaseCheckableInputType.h:
2225         * html/FileInputType.cpp:
2226         (WebCore::FileInputType::setValue):
2227         Implemenation for the "filename" mode, and clearing m_icon.
2228         http://www.whatwg.org/specs/web-apps/current-work/multipage/common-input-element-attributes.html#dom-input-value-filename
2229         * html/FileInputType.h:
2230         * html/HTMLInputElement.cpp:
2231         (WebCore::HTMLInputElement::setValue):
2232         Move some code to InputType::setValue().
2233         (WebCore::HTMLInputElement::setValueInternal): A helper for InputType::setValue().
2234         * html/HTMLInputElement.h:
2235         * html/HiddenInputType.cpp:
2236         (WebCore::HiddenInputType::setValue):
2237         Implementation for the "default" mode.
2238         * html/HiddenInputType.h:
2239         * html/InputType.cpp:
2240         (WebCore::InputType::setValue):
2241         Implementation for the "value" mode.
2242         http://www.whatwg.org/specs/web-apps/current-work/multipage/common-input-element-attributes.html#dom-input-value-value
2243         * html/InputType.h:
2244         * html/TextFieldInputType.cpp:
2245         (WebCore::TextFieldInputType::setValue):
2246         In addition to the "value" mode processing, updates placeholder visibililty.
2247         * html/TextFieldInputType.h:
2248
2249 2011-09-06  Ryosuke Niwa  <rniwa@webkit.org>
2250
2251         REGRESSION(r94274): The inner text value of an input element is not updated when input.value is set
2252         https://bugs.webkit.org/show_bug.cgi?id=67681
2253
2254         Reviewed by Kent Tamura.
2255
2256         The bug was caused by HTMLInputElement::setValue's not clearing m_suggestedValue before updateInnerTextValue is called.
2257         Since updateInnerTextValue uses the suggested value when one is present, we need to clear m_suggestedValue in advance.
2258
2259         Test: fast/forms/suggested-value-after-setvalue.html
2260
2261         * html/HTMLInputElement.cpp:
2262         (WebCore::HTMLInputElement::setValue):
2263
2264 2011-09-06  Adam Barth  <abarth@webkit.org>
2265
2266         Attempt to fix GTK build.
2267
2268         * bindings/gobject/WebKitHTMLElementWrapperFactory.cpp:
2269         (WebKit::createHTMLElementWrapper):
2270
2271 2011-09-06  Ryosuke Niwa  <rniwa@webkit.org>
2272
2273         fast/forms/suggested-value-crash.html crashes on Windows
2274         https://bugs.webkit.org/show_bug.cgi?id=67688
2275
2276         Reviewed by Adam Barth.
2277
2278         The crash was caused because functions in internals were accessing uninitialized QualifiedNames.
2279         Fixed the bug by avoiding to link to inputTag and textareaTag. Instead, we resort to toInputElement
2280         and string comparison.
2281
2282         * testing/Internals.cpp:
2283         (WebCore::Internals::wasLastChangeUserEdit):
2284         (WebCore::Internals::suggestedValue):
2285         (WebCore::Internals::setSuggestedValue):
2286
2287 2011-09-06  Mark Hahnenberg  <mhahnenberg@apple.com>
2288
2289         Unzip initialization lists and constructors in JSCell hierarchy (5/7)
2290         https://bugs.webkit.org/show_bug.cgi?id=67420
2291
2292         Reviewed by Geoffrey Garen.
2293
2294         No new tests.
2295
2296         Completed the fifth level of the refactoring to add finishCreation() 
2297         methods to all classes within the JSCell hierarchy with non-trivial 
2298         constructor bodies.
2299
2300         This primarily consists of pushing the calls to finishCreation() down 
2301         into the constructors of the subclasses of the second level of the hierarchy 
2302         as well as pulling the finishCreation() calls out into the class's corresponding
2303         create() method if it has one.  Doing both simultaneously allows us to 
2304         maintain the invariant that the finishCreation() method chain is called exactly 
2305         once during the creation of an object, since calling it any other number of 
2306         times (0, 2, or more) will cause an assertion failure.
2307
2308         * WebCore.exp.in:
2309         * bindings/js/JSDOMBinding.h:
2310         (WebCore::DOMConstructorObject::DOMConstructorObject):
2311         * bindings/js/JSDOMGlobalObject.cpp:
2312         (WebCore::JSDOMGlobalObject::JSDOMGlobalObject):
2313         (WebCore::JSDOMGlobalObject::finishCreation):
2314         * bindings/js/JSDOMGlobalObject.h:
2315         * bindings/js/JSDOMWindowShell.cpp:
2316         * bindings/js/JSDOMWindowShell.h:
2317         (WebCore::JSDOMWindowShell::create):
2318         * bindings/js/JSDOMWrapper.h:
2319         (WebCore::JSDOMWrapper::JSDOMWrapper):
2320         * bindings/scripts/CodeGeneratorJS.pm:
2321         (GenerateImplementation):
2322         * bindings/scripts/test/JS/JSTestInterface.cpp:
2323         (WebCore::JSTestInterface::JSTestInterface):
2324         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
2325         (WebCore::JSTestMediaQueryListListener::JSTestMediaQueryListListener):
2326         * bindings/scripts/test/JS/JSTestObj.cpp:
2327         (WebCore::JSTestObj::JSTestObj):
2328         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
2329         (WebCore::JSTestSerializedScriptValueInterface::JSTestSerializedScriptValueInterface):
2330         * bridge/c/CRuntimeObject.cpp:
2331         (JSC::Bindings::CRuntimeObject::CRuntimeObject):
2332         (JSC::Bindings::CRuntimeObject::finishCreation):
2333         * bridge/c/CRuntimeObject.h:
2334         * bridge/jni/jsc/JavaRuntimeObject.cpp:
2335         (JSC::Bindings::JavaRuntimeObject::JavaRuntimeObject):
2336         (JSC::Bindings::JavaRuntimeObject::finishCreation):
2337         * bridge/jni/jsc/JavaRuntimeObject.h:
2338         * bridge/objc/ObjCRuntimeObject.h:
2339         * bridge/objc/ObjCRuntimeObject.mm:
2340         (JSC::Bindings::ObjCRuntimeObject::ObjCRuntimeObject):
2341         (JSC::Bindings::ObjCRuntimeObject::finishCreation):
2342         * bridge/objc/objc_runtime.h:
2343         (JSC::Bindings::ObjcFallbackObjectImp::create):
2344         * bridge/objc/objc_runtime.mm:
2345         (JSC::Bindings::ObjcFallbackObjectImp::ObjcFallbackObjectImp):
2346         * bridge/qt/qt_instance.cpp:
2347         (JSC::Bindings::QtRuntimeObject::QtRuntimeObject):
2348         * bridge/qt/qt_pixmapruntime.cpp:
2349         (JSC::Bindings::QtPixmapRuntimeObject::QtPixmapRuntimeObject):
2350         * bridge/qt/qt_runtime.cpp:
2351         (JSC::Bindings::QtRuntimeMethod::QtRuntimeMethod):
2352         (JSC::Bindings::QtRuntimeMethod::finishCreation):
2353         * bridge/qt/qt_runtime.h:
2354         * bridge/runtime_array.cpp:
2355         (JSC::RuntimeArray::RuntimeArray):
2356         * bridge/runtime_array.h:
2357         (JSC::RuntimeArray::create):
2358         * bridge/runtime_method.cpp:
2359         (JSC::RuntimeMethod::RuntimeMethod):
2360         (JSC::RuntimeMethod::finishCreation):
2361         * bridge/runtime_method.h:
2362         * bridge/runtime_object.cpp:
2363         (JSC::Bindings::RuntimeObject::RuntimeObject):
2364         * bridge/runtime_object.h:
2365         (JSC::Bindings::RuntimeObject::create):
2366
2367 2011-09-06  Luke Macpherson   <macpherson@chromium.org>
2368
2369         Implement list style properties in CSSStyleApplyProperty.
2370         https://bugs.webkit.org/show_bug.cgi?id=67103
2371
2372         Reviewed by Eric Seidel.
2373
2374         No new tests / no behavioral changes.
2375
2376         * css/CSSStyleApplyProperty.cpp:
2377         Add class to wrap call to CSSStyleSelector::styleImage().
2378         (WebCore::ApplyPropertyStyleImage::ApplyPropertyStyleImage):
2379         (WebCore::ApplyPropertyStyleImage::applyValue):
2380         (WebCore::CSSStyleApplyProperty::CSSStyleApplyProperty):
2381         Initialize handlers for list style properties.
2382         * css/CSSStyleSelector.cpp:
2383         (WebCore::CSSStyleSelector::applyProperty):
2384         Remove existing property implementations.
2385
2386 2011-09-06  Alexis Menard  <alexis.menard@openbossa.org>
2387
2388         [Qt] Move away from QPointer as it is slow and it has a replacement QWeakPointer.
2389         https://bugs.webkit.org/show_bug.cgi?id=67673
2390
2391         Reviewed by Ariya Hidayat.
2392
2393         Move away from QPointer to QWeakPointer, it is faster.
2394
2395         No new tests, the existing ones should cover.
2396
2397         * bridge/qt/qt_instance.cpp:
2398         (JSC::Bindings::QtInstance::~QtInstance):
2399         (JSC::Bindings::QtInstance::getClass):
2400         (JSC::Bindings::QtField::name):
2401         (JSC::Bindings::QtField::valueFromInstance):
2402         * bridge/qt/qt_instance.h:
2403         (JSC::Bindings::QtInstance::getObject):
2404         * bridge/qt/qt_runtime.h:
2405         * platform/qt/SharedTimerQt.cpp:
2406         (WebCore::SharedTimerQt::inst):
2407
2408 2011-09-06  Oliver Hunt  <oliver@apple.com>
2409
2410         Update expected results of bindings tests.
2411
2412         * bindings/scripts/test/JS/JSTestInterface.cpp:
2413         (WebCore::JSTestInterfaceConstructor::createStructure):
2414         (WebCore::JSTestInterface::createPrototype):
2415         * bindings/scripts/test/JS/JSTestInterface.h:
2416         (WebCore::JSTestInterface::createStructure):
2417         (WebCore::JSTestInterfacePrototype::createStructure):
2418         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
2419         (WebCore::JSTestMediaQueryListListenerConstructor::createStructure):
2420         (WebCore::JSTestMediaQueryListListener::createPrototype):
2421         * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
2422         (WebCore::JSTestMediaQueryListListener::createStructure):
2423         (WebCore::JSTestMediaQueryListListenerPrototype::createStructure):
2424         * bindings/scripts/test/JS/JSTestObj.cpp:
2425         (WebCore::JSTestObjConstructor::createStructure):
2426         (WebCore::JSTestObj::createPrototype):
2427         * bindings/scripts/test/JS/JSTestObj.h:
2428         (WebCore::JSTestObj::createStructure):
2429         (WebCore::JSTestObjPrototype::createStructure):
2430         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
2431         (WebCore::JSTestSerializedScriptValueInterfaceConstructor::createStructure):
2432         (WebCore::JSTestSerializedScriptValueInterface::createPrototype):
2433         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
2434         (WebCore::JSTestSerializedScriptValueInterface::createStructure):
2435         (WebCore::JSTestSerializedScriptValueInterfacePrototype::createStructure):
2436
2437 2011-09-06  Eric Seidel  <eric@webkit.org>
2438
2439         Remove window.HTMLBlockquoteElement per HTML5 (and DOM Core 1)
2440         https://bugs.webkit.org/show_bug.cgi?id=67678
2441
2442         Reviewed by Darin Adler.
2443
2444         This is why we can't have nice things.
2445
2446         There was some confusion in the original DOM HTML 1 spec about
2447         the existence of HTMlBlockquoteElement which was clarified by
2448         a later errata, removing HTMLBlockquoteElement:
2449         http://www.w3.org/DOM/updates/REC-DOM-Level-1-19981001-errata.html
2450         "This interface is an error and must be ignored. The Interface HTMLQuoteElement is used for both the Q and BLOCKQUOTE elements"
2451
2452         Le sigh.  Personally I think having a separate HTMLBlockquoteElement
2453         is clearer, but thats not how the web works.  Removed it and updated test results.
2454
2455         * CMakeLists.txt:
2456         * CodeGenerators.pri:
2457         * DerivedSources.cpp:
2458         * DerivedSources.make:
2459         * GNUmakefile.list.am:
2460         * WebCore.gypi:
2461         * WebCore.pro:
2462         * WebCore.vcproj/WebCore.vcproj:
2463         * WebCore.xcodeproj/project.pbxproj:
2464         * bindings/gobject/GNUmakefile.am:
2465         * editing/IndentOutdentCommand.cpp:
2466         * html/HTMLBlockquoteElement.cpp: Removed.
2467         * html/HTMLBlockquoteElement.h: Removed.
2468         * html/HTMLBlockquoteElement.idl: Removed.
2469         * html/HTMLElementsAllInOne.cpp:
2470         * html/HTMLQuoteElement.cpp:
2471         (WebCore::HTMLQuoteElement::HTMLQuoteElement):
2472         (WebCore::HTMLQuoteElement::insertedIntoDocument):
2473         * html/HTMLTagNames.in:
2474         * page/DOMWindow.idl:
2475
2476 2011-09-06  Ryosuke Niwa  <rniwa@webkit.org>
2477
2478         Rename confirmCompositionWithoutDisturbingSelection to cancelComposition
2479         https://bugs.webkit.org/show_bug.cgi?id=67569
2480
2481         Reviewed by Antonio Gomes.
2482
2483         Renamed Editor::confirmCompositionWithoutDisturbingSelection to Editor::cancelComposition.
2484         Also renamed the shared function from confirmComposition to setComposition.
2485
2486         * WebCore.exp.in:
2487         * editing/Editor.cpp:
2488         (WebCore::Editor::confirmComposition):
2489         (WebCore::Editor::cancelComposition):
2490         (WebCore::Editor::setComposition):
2491         * editing/Editor.h:
2492
2493 2011-09-06  Sam Weinig  <sam@webkit.org>
2494
2495         WebVTTTokenizer files in the wrong place in the Xcode project.
2496
2497         * WebCore.xcodeproj/project.pbxproj:
2498         Move WebVTTTokenizer files so they are in the right place in the project.
2499
2500 2011-09-06  Chris Rogers  <crogers@google.com>
2501
2502         MediaElementAudioSourceNode destruction triggers ASSERTS
2503         https://bugs.webkit.org/show_bug.cgi?id=67665
2504
2505         Reviewed by Nate Chapin.
2506
2507         Test: webaudio/mediaelementaudiosourcenode-gc.html
2508
2509         * html/HTMLMediaElement.cpp:
2510         (WebCore::HTMLMediaElement::setAudioSourceNode):
2511         * webaudio/AudioContext.cpp:
2512         (WebCore::AudioContext::uninitializeDispatch):
2513         (WebCore::AudioContext::stop):
2514         * webaudio/AudioContext.h:
2515
2516 2011-09-05  Oliver Hunt  <oliver@apple.com>
2517
2518         An object's structure should reference the global object responsible for its creation
2519         https://bugs.webkit.org/show_bug.cgi?id=67624
2520
2521         Reviewed by Gavin Barraclough.
2522
2523         Update calls to Structure::create() to pass the globalObject in,
2524         and update the CodeGenerator to generate appropriate createStructure
2525         methods.
2526
2527         * bindings/js/JSAudioConstructor.h:
2528         (WebCore::JSAudioConstructor::createStructure):
2529         * bindings/js/JSDOMBinding.h:
2530         (WebCore::DOMConstructorObject::createStructure):
2531         (WebCore::getDOMStructure):
2532         * bindings/js/JSDOMGlobalObject.h:
2533         (WebCore::JSDOMGlobalObject::createStructure):
2534         (WebCore::getDOMConstructor):
2535         * bindings/js/JSDOMWindowBase.h:
2536         (WebCore::JSDOMWindowBase::createStructure):
2537         * bindings/js/JSDOMWindowShell.cpp:
2538         (WebCore::JSDOMWindowShell::setWindow):
2539         * bindings/js/JSDOMWindowShell.h:
2540         (WebCore::JSDOMWindowShell::createStructure):
2541         * bindings/js/JSDOMWrapper.h:
2542         (WebCore::JSDOMWrapper::createStructure):
2543         * bindings/js/JSImageConstructor.h:
2544         (WebCore::JSImageConstructor::createStructure):
2545         * bindings/js/JSImageDataCustom.cpp:
2546         (WebCore::toJS):
2547         * bindings/js/JSOptionConstructor.h:
2548         (WebCore::JSOptionConstructor::createStructure):
2549         * bindings/js/JSWorkerContextBase.h:
2550         (WebCore::JSWorkerContextBase::createStructure):
2551         * bindings/js/WorkerScriptController.cpp:
2552         (WebCore::WorkerScriptController::initScript):
2553         * bindings/scripts/CodeGeneratorJS.pm:
2554         (GenerateHeader):
2555         (GenerateImplementation):
2556         (GenerateConstructorDeclaration):
2557         * bridge/c/CRuntimeObject.h:
2558         (JSC::Bindings::CRuntimeObject::createStructure):
2559         * bridge/c/c_instance.cpp:
2560         (JSC::Bindings::CRuntimeMethod::createStructure):
2561         * bridge/jni/jsc/JavaInstanceJSC.cpp:
2562         (JavaRuntimeMethod::createStructure):
2563         * bridge/jni/jsc/JavaRuntimeObject.h:
2564         (JSC::Bindings::JavaRuntimeObject::createStructure):
2565         * bridge/objc/ObjCRuntimeObject.h:
2566         (JSC::Bindings::ObjCRuntimeObject::createStructure):
2567         * bridge/objc/objc_instance.mm:
2568         (ObjCRuntimeMethod::createStructure):
2569         * bridge/objc/objc_runtime.h:
2570         (JSC::Bindings::ObjcFallbackObjectImp::createStructure):
2571         * bridge/runtime_array.h:
2572         (JSC::RuntimeArray::createStructure):
2573         * bridge/runtime_method.h:
2574         (JSC::RuntimeMethod::createStructure):
2575         * bridge/runtime_object.h:
2576         (JSC::Bindings::RuntimeObject::createStructure):
2577
2578 2011-09-06  Anders Carlsson  <andersca@apple.com>
2579
2580         Move NPAPI headers in bridge to plugins
2581         https://bugs.webkit.org/show_bug.cgi?id=67661
2582
2583         Reviewed by Darin Adler.
2584
2585         * WebCore.gypi:
2586         * WebCore.pro:
2587         * WebCore.vcproj/WebCore.vcproj:
2588         * WebCore.xcodeproj/project.pbxproj:
2589         Update build systems.
2590
2591         * bridge/npapi.h: Removed.
2592         * bridge/npruntime.h: Removed.
2593         * bridge/nptypes.h: Removed.
2594         * plugins/npapi.h: Copied from Source/WebCore/bridge/npapi.h.
2595         * plugins/npruntime.h: Copied from Source/WebCore/bridge/npruntime.h.
2596         * plugins/nptypes.h: Copied from Source/WebCore/bridge/nptypes.h.
2597
2598 2011-09-06  David Hyatt  <hyatt@apple.com>
2599
2600         https://bugs.webkit.org/show_bug.cgi?id=67672
2601         
2602         Improve background-size parsing. Make it actually dump auto values properly, and also make it omit
2603         auto if it is the second value. Fix the parsing to not create a value list when only a singleton value
2604         is specified.
2605
2606         Reviewed by Beth Dakin.
2607
2608         Covered well by existing tests.
2609
2610         * css/CSSComputedStyleDeclaration.cpp:
2611         (WebCore::fillSizeToCSSValue):
2612         * css/CSSParser.cpp:
2613         (WebCore::CSSParser::parseFillSize):
2614         * css/CSSStyleSelector.cpp:
2615         (WebCore::CSSStyleSelector::mapFillSize):
2616
2617 2011-09-06  David Hyatt  <hyatt@apple.com>
2618
2619         https://bugs.webkit.org/show_bug.cgi?id=67657
2620         
2621         Implement border-image-width. This patch stops short of converting -webkit-border-image to a shorthand.
2622         I'll do that in the next patch.
2623
2624         Note that unlike the -webkit-border-image syntax, border-image-width does not actually set the border
2625         width values. It simply makes cuts into the border image drawing area (which for now is just the border
2626         box, but that will change once border-image-outset is implemented).
2627         
2628         This means we need additional storage for the slices, since they are now separate from the border widths.
2629         
2630         For backwards compatibility, -webkit-border-image will continue to set the border widths when
2631         border-image-width is specified in the -webkit-border-image shorthand.
2632
2633         Reviewed by Beth Dakin.
2634
2635         Added new tests in fast/borders.
2636
2637         * css/CSSBorderImageSliceValue.cpp:
2638         (WebCore::CSSBorderImageSliceValue::CSSBorderImageSliceValue):
2639         (WebCore::CSSBorderImageSliceValue::cssText):
2640         * css/CSSBorderImageSliceValue.h:
2641         (WebCore::CSSBorderImageSliceValue::create):
2642         (WebCore::CSSBorderImageSliceValue::slices):
2643         Rename slices() to imageSlices() and add borderSlices() and m_borderSlices to hold the desired cuts
2644         for the border image drawing area. Converted the slices over to the new Quad primitive value (a RectBase
2645         subclass that is identical to Rect but dumps as a quad instead of a rect primitive).
2646
2647         * css/CSSBorderImageValue.cpp:
2648         (WebCore::CSSBorderImageValue::CSSBorderImageValue):
2649         (WebCore::CSSBorderImageValue::cssText):
2650         * css/CSSBorderImageValue.h:
2651         (WebCore::CSSBorderImageValue::create):
2652         Make CSSBorderImageValue take the border slices during construction now.
2653     
2654         * css/CSSComputedStyleDeclaration.cpp:
2655         (WebCore::valueForNinePieceImageSlice):
2656         (WebCore::valueForNinePieceImageWidth):
2657         (WebCore::valueForNinePieceImageRepeat):
2658         (WebCore::valueForNinePieceImage):
2659         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
2660         Add support for computed style via valueForNinePieceImageWidth. Patch all of the border image properties
2661         to dump the most compact form possible for the property values, e.g., "stretch stretch" becomes "stretch."
2662
2663         * css/CSSParser.cpp:
2664         (WebCore::CSSParser::parseValue):
2665         (WebCore::CSSParser::parseReflect):
2666         (WebCore::BorderImageParseContext::BorderImageParseContext):
2667         (WebCore::BorderImageParseContext::commitImageSlice):
2668         (WebCore::BorderImageParseContext::commitBorderWidth):
2669         (WebCore::BorderImageParseContext::commitBorderImage):
2670         (WebCore::CSSParser::parseBorderImage):
2671         (WebCore::isBorderImageRepeatKeyword):
2672         (WebCore::CSSParser::parseBorderImageRepeat):
2673         (WebCore::BorderImageSliceParseContext::commitBorderImageSlice):
2674         (WebCore::CSSParser::parseBorderImageSlice):
2675         (WebCore::BorderImageWidthParseContext::BorderImageWidthParseContext):
2676         (WebCore::BorderImageWidthParseContext::allowNumber):
2677         (WebCore::BorderImageWidthParseContext::allowFinalCommit):
2678         (WebCore::BorderImageWidthParseContext::top):
2679         (WebCore::BorderImageWidthParseContext::commitNumber):
2680         (WebCore::BorderImageWidthParseContext::setAllowFinalCommit):
2681         (WebCore::BorderImageWidthParseContext::setTop):
2682         (WebCore::BorderImageWidthParseContext::commitBorderImageWidth):
2683         (WebCore::CSSParser::parseBorderImageWidth):
2684         * css/CSSParser.h:
2685         Modify the border-image code to pass off border-image-width parsing to parseBorderImageWidth.
2686
2687         * css/CSSPrimitiveValue.cpp:
2688         (WebCore::isValidCSSUnitTypeForDoubleConversion):
2689         (WebCore::CSSPrimitiveValue::init):
2690         (WebCore::CSSPrimitiveValue::cleanup):
2691         (WebCore::CSSPrimitiveValue::getQuadValue):
2692         (WebCore::CSSPrimitiveValue::cssText):
2693         * css/CSSPrimitiveValue.h:
2694         (WebCore::CSSPrimitiveValue::getQuadValue):
2695         Add the new Quad value to CSSPrimitiveValue.
2696     
2697         * css/CSSPropertyNames.in:
2698         Add the new properties for border-image-width and -webkit-mask-box-image-width.
2699
2700         * css/CSSStyleSelector.cpp:
2701         (WebCore::CSSStyleSelector::applyProperty):
2702         (WebCore::CSSStyleSelector::mapNinePieceImage):
2703         (WebCore::CSSStyleSelector::mapNinePieceImageSlice):
2704         (WebCore::CSSStyleSelector::mapNinePieceImageWidth):
2705         (WebCore::CSSStyleSelector::loadPendingImages):
2706         * css/CSSStyleSelector.h:
2707         Add the code to map the image width into border slices.
2708     
2709         * css/Rect.h:
2710         (WebCore::RectBase::top):
2711         (WebCore::RectBase::right):
2712         (WebCore::RectBase::bottom):
2713         (WebCore::RectBase::left):
2714         (WebCore::RectBase::setTop):
2715         (WebCore::RectBase::setRight):
2716         (WebCore::RectBase::setBottom):
2717         (WebCore::RectBase::setLeft):
2718         (WebCore::RectBase::RectBase):
2719         (WebCore::RectBase::~RectBase):
2720         (WebCore::Rect::create):
2721         (WebCore::Rect::Rect):
2722         (WebCore::Quad::create):
2723         (WebCore::Quad::Quad):
2724         Adding the new Quad value.
2725
2726         * rendering/RenderBoxModelObject.cpp:
2727         (WebCore::computeBorderImageSide):
2728         (WebCore::RenderBoxModelObject::paintNinePieceImage):
2729         Modify painting to treat the border slices as separate from the border widths.
2730         
2731         * rendering/style/NinePieceImage.cpp:
2732         (WebCore::NinePieceImage::operator==):
2733         * rendering/style/NinePieceImage.h:
2734         (WebCore::NinePieceImage::NinePieceImage):
2735         (WebCore::NinePieceImage::imageSlices):
2736         (WebCore::NinePieceImage::setImageSlices):
2737         (WebCore::NinePieceImage::borderSlices):
2738         (WebCore::NinePieceImage::setBorderSlices):
2739         (WebCore::NinePieceImage::copyImageSlicesFrom):
2740         (WebCore::NinePieceImage::copyBorderSlicesFrom):
2741         * rendering/style/StyleRareNonInheritedData.cpp:
2742         Add the border slices.
2743         
2744         (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
2745         * rendering/style/StyleReflection.h:
2746         (WebCore::StyleReflection::StyleReflection):
2747         Make sure masks and reflections default border-image-width to auto instead of 1, since that matches
2748         old behavior.
2749
2750 2011-09-06  Noel Gordon  <noel.gordon@gmail.com>
2751
2752         [chromium skia] JPEGImageEncoder: hoist constants out of the encoding loop
2753         https://bugs.webkit.org/show_bug.cgi?id=67589
2754
2755         Reviewed by Kenneth Russell.
2756
2757         Change the row converter function signatures to be the same.  Call them via a function
2758         pointer during the encoding loop.  Minor webkit style cleanup, remove unused include.
2759
2760         No new tests.  Covered by existing canvas 2d and 3d tests.
2761         canvas/philip/tests/toDataURL.jpeg.alpha.html
2762         fast/canvas/webgl/premultiplyalpha-test.html
2763
2764         * platform/image-encoders/skia/JPEGImageEncoder.cpp:  Remove SkUnPreMultiply.h (not used).
2765         (WebCore::preMultipliedBGRAtoRGB):  Use unsigned char* instead of void* for pixels.
2766         (WebCore::RGBAtoRGB):  pixels & pixelCount to match the preMultipliedBGRAtoRGB() signature.
2767         (WebCore::encodePixels):  Move constants out of the encoding loop: use a function pointer
2768         to call preMultipliedBGRAtoRGB or RGBAtoRGB (now they have identical signatures), define
2769         and use pixelRowStride constant.
2770         (WebCore::JPEGImageEncoder::encode):
2771
2772 2011-09-06  Aaron Colwell  <acolwell@chromium.org>
2773
2774         Allow MediaSource API to be enabled at runtime.
2775         https://bugs.webkit.org/show_bug.cgi?id=67306
2776
2777         Reviewed by Eric Carlson.
2778
2779         * bindings/generic/RuntimeEnabledFeatures.cpp:
2780         * bindings/generic/RuntimeEnabledFeatures.h:
2781         (WebCore::RuntimeEnabledFeatures::webkitMediaSourceEnabled):
2782         (WebCore::RuntimeEnabledFeatures::setWebkitMediaSourceEnabled):
2783         * html/HTMLMediaElement.idl:
2784
2785 2011-09-06  Mike Reed  <reed@google.com>
2786
2787         [skia] never draw with GDI, so that all text can be gpu-accelerated
2788         https://bugs.webkit.org/show_bug.cgi?id=65203
2789
2790         Reviewed by Kenneth Russell.
2791
2792         * platform/graphics/chromium/FontChromiumWin.cpp:
2793         (WebCore::TransparencyAwareFontPainter::TransparencyAwareFontPainter::TransparencyAwareFontPainter):
2794         (WebCore::TransparencyAwareFontPainter::TransparencyAwareGlyphPainter::TransparencyAwareGlyphPainter):
2795         (WebCore::TransparencyAwareFontPainter::TransparencyAwareGlyphPainter::drawGlyphs):
2796         (WebCore::TransparencyAwareFontPainter::TransparencyAwareUniscribePainter::TransparencyAwareUniscribePainter):
2797         (WebCore::drawGlyphsWin):
2798         (WebCore::Font::drawComplexText):
2799         * platform/graphics/chromium/UniscribeHelper.cpp:
2800         (WebCore::UniscribeHelper::draw):
2801         * platform/graphics/skia/PlatformContextSkia.cpp:
2802         * platform/graphics/skia/PlatformContextSkia.h:
2803         * platform/graphics/skia/SkiaFontWin.cpp:
2804         (WebCore::skiaDrawText):
2805         * platform/graphics/skia/SkiaFontWin.h:
2806
2807 2011-09-06  Nat Duca  <nduca@chromium.org>
2808
2809         [chromium] REGRESSION(94353): requestAnimationFrame not throttled in compositing path
2810         https://bugs.webkit.org/show_bug.cgi?id=67621
2811
2812         CCSingleThreadProxy should not perform layout when called
2813         via the compositeImmediately path. Doing so makes it look
2814         like frame rate is unbounded.
2815
2816         Reviewed by James Robinson.
2817
2818         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
2819         (WebCore::CCSingleThreadProxy::compositeAndReadback):
2820         (WebCore::CCSingleThreadProxy::compositeImmediately):
2821         (WebCore::CCSingleThreadProxy::commitIfNeeded):
2822         * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
2823
2824 2011-09-06  Ryosuke Niwa  <rniwa@webkit.org>
2825
2826         REGRESSION(r94274): FormManagerTest.PreviewForm and FillFormNonEmptyField fail on chromium
2827         https://bugs.webkit.org/show_bug.cgi?id=67453
2828
2829         Reviewed by Kent Tamura.
2830
2831         Fixed the bug by updating inner text value in setSuggestedValue.
2832
2833         Also added a suggestedValue and setSuggestedValue on window.internals for testing purposes.
2834
2835         Test: fast/forms/suggested-value.html
2836
2837         * WebCore.exp.in:
2838         * testing/Internals.cpp:
2839         (WebCore::Internals::suggestedValue):
2840         (WebCore::Internals::setSuggestedValue):
2841         * testing/Internals.h:
2842         * testing/Internals.idl:
2843
2844 2011-09-06  Eric Carlson  <eric.carlson@apple.com>
2845
2846         load() does not reset the resource selection algorithm
2847         https://bugs.webkit.org/show_bug.cgi?id=64917
2848
2849         Reviewed by Darin Adler.
2850
2851         Test: media/video-source-load.html
2852
2853         * html/HTMLMediaElement.cpp:
2854         (WebCore::HTMLMediaElement::selectMediaResource): Reset m_nextChildNodeToConsider, update
2855             comments and rearrange logic to more closely match logic in spec.
2856         (WebCore::HTMLMediaElement::noneSupported): Update comments.
2857
2858 2011-09-06  Abhishek Arya  <inferno@chromium.org>
2859
2860         Style not propagated to anonymous boxes and anonymous
2861         inline-blocks.
2862         https://bugs.webkit.org/show_bug.cgi?id=67364
2863
2864         Reviewed by James Robinson.
2865
2866         Share propagateStyleToAnonymousChildren with RenderBlock::styleDidChange.
2867
2868         * rendering/RenderBlock.cpp:
2869         (WebCore::RenderBlock::styleDidChange):
2870         * rendering/RenderObject.cpp:
2871         (WebCore::RenderObject::propagateStyleToAnonymousChildren):
2872         * rendering/RenderObject.h:
2873
2874 2011-09-06  Robin Cao  <robin.cao@torchmobile.com.cn>
2875
2876         [skia] States of GraphicsContext may never be restored after clipToImageBuffer
2877         https://bugs.webkit.org/show_bug.cgi?id=67358
2878
2879         beginLayerClippedToImage/applyClipFromImage are mismatched when clipping to
2880         an empty ImageBuffer, which will make states of GraphicsContext incorrect.
2881
2882         Reviewed by James Robinson.
2883
2884         Test: fast/repaint/background-clip-text.html
2885
2886         * platform/graphics/skia/PlatformContextSkia.cpp:
2887         (WebCore::PlatformContextSkia::beginLayerClippedToImage):
2888
2889 2011-09-06  Raphael Kubo da Costa  <kubo@profusion.mobi>
2890
2891         [EFL] Do not allocate memory for extremely large surfaces.
2892         https://bugs.webkit.org/show_bug.cgi?id=65192
2893
2894         Reviewed by Martin Robinson.
2895
2896         So far, RenderThemeEfl tried to allocate a buffer and a cairo surface
2897         the size of the whole form element passed to it.
2898
2899         In the case of
2900         fast/overflow/overflow-height-float-not-removed-crash.html and others,
2901         this meant extremely large widgets, which crashed the code.
2902
2903         We now only render the widgets if they are smaller than some hardcoded
2904         and sufficiently large values which should work in most cases.
2905
2906         No new tests, as this was uncovered by existing ones.
2907
2908         * platform/efl/RenderThemeEfl.cpp:
2909         (WebCore::RenderThemeEfl::isFormElementTooLargeToDisplay):
2910         (WebCore::RenderThemeEfl::cacheThemePartNew):
2911         (WebCore::RenderThemeEfl::paintThemePart):
2912         * platform/efl/RenderThemeEfl.h:
2913
2914 2011-08-30  Pavel Podivilov  <podivilov@chromium.org>
2915
2916         Web Inspector: implement source map v3 consumer.
2917         https://bugs.webkit.org/show_bug.cgi?id=67205
2918
2919         Reviewed by Yury Semikhatsky.
2920
2921         Test: inspector/debugger/compiler-source-mapping.html
2922
2923         * WebCore.gypi:
2924         * WebCore.vcproj/WebCore.vcproj:
2925         * inspector/front-end/CompilerSourceMapping.js: Added.
2926         (WebInspector.CompilerSourceMapping):
2927         (WebInspector.CompilerSourceMapping.prototype.compiledLocationToSourceLocation):
2928         (WebInspector.CompilerSourceMapping.prototype.sourceLocationToCompiledLocation):
2929         (WebInspector.CompilerSourceMapping.prototype.get sources):
2930         (WebInspector.ClosureCompilerSourceMapping):
2931         (WebInspector.ClosureCompilerSourceMapping.prototype.compiledLocationToSourceLocation):
2932         (WebInspector.ClosureCompilerSourceMapping.prototype.sourceLocationToCompiledLocation):
2933         (WebInspector.ClosureCompilerSourceMapping.prototype.get sources):
2934         (WebInspector.ClosureCompilerSourceMapping.prototype._findMapping):
2935         (WebInspector.ClosureCompilerSourceMapping.prototype._parsePayload):
2936         (WebInspector.ClosureCompilerSourceMapping.prototype._isSeparator):
2937         (WebInspector.ClosureCompilerSourceMapping.prototype._decodeVLQ):
2938         (WebInspector.ClosureCompilerSourceMapping.StringCharIterator):
2939         (WebInspector.ClosureCompilerSourceMapping.StringCharIterator.prototype.next):
2940         (WebInspector.ClosureCompilerSourceMapping.StringCharIterator.prototype.peek):
2941         (WebInspector.ClosureCompilerSourceMapping.StringCharIterator.prototype.hasNext):
2942         * inspector/front-end/WebKit.qrc:
2943         * inspector/front-end/inspector.html:
2944
2945 2011-09-05  Pavel Podivilov  <podivilov@chromium.org>
2946
2947         Web Inspector: re-implement RawSourceCode.
2948         https://bugs.webkit.org/show_bug.cgi?id=67609
2949
2950         RawSourceCode content and source mapping loading logic is too complex, re-implement it using simpler semantics:
2951         1) Initially, RawSourceCode doesn't have any content or mapping because content loading and
2952         formatting operations are asynchronous, it only has scripts metadata. We don't update UI right
2953         after RawSourceCode creation until full RawSourceCode representation is ready (content + mapping).
2954         2) When RawSourceCode representation is ready (e.g. resource is finished, or content is formatted
2955         if in pretty-print mode) we dispatch SourceMappingUpdated event to notify the listeners that
2956         source code should be shown to user and raw locations should be converted to ui locations
2957         (to show breakpoins, messages, call frames etc in UI). At this moment, all source file's content
2958         is ready for loading and source mapping is available.
2959         3) Later, RawSourceCode representation may change again, e.g. if pretty-print mode is toggled, or
2960         blocked resource is finished etc., in that case SourceMappingUpdated is dispatched again to update
2961         source code, links and decorations in UI.
2962
2963         Reviewed by Yury Semikhatsky.
2964
2965         * inspector/front-end/DebuggerPresentationModel.js:
2966         (WebInspector.DebuggerPresentationModel.prototype.linkifyLocation):
2967         (WebInspector.DebuggerPresentationModel.prototype._addScript):
2968         (WebInspector.DebuggerPresentationModel.prototype._sourceMappingUpdated):
2969         (WebInspector.DebuggerPresentationModel.prototype._restoreBreakpoints):
2970         (WebInspector.DebuggerPresentationModel.prototype._addConsoleMessage.didGetUILocation):
2971         (WebInspector.DebuggerPresentationModel.prototype._addConsoleMessage):
2972         (WebInspector.DebuggerPresentationModel.prototype.messagesForUISourceCode):
2973         * inspector/front-end/ScriptsPanel.js:
2974         (WebInspector.ScriptsPanel.prototype._uiSourceCodeReplaced):
2975         (WebInspector.ScriptsPanel.prototype._sourceFrameLoaded):
2976         * inspector/front-end/SourceFile.js:
2977         (WebInspector.RawSourceCode):
2978         (WebInspector.RawSourceCode.prototype.addScript):
2979         (WebInspector.RawSourceCode.prototype.contentEdited):
2980         (WebInspector.RawSourceCode.prototype._resourceFinished):
2981         (WebInspector.RawSourceCode.prototype.requestContent):
2982         (WebInspector.RawSourceCode.prototype.createSourceMappingIfNeeded.sourceMappingUpdated):
2983         (WebInspector.RawSourceCode.prototype.createSourceMappingIfNeeded):
2984         (WebInspector.RawSourceCode.prototype.forceLoadContent):
2985         (WebInspector.RawSourceCode.prototype._updateSourceMapping.didCreateSourceMapping):
2986         (WebInspector.RawSourceCode.prototype._updateSourceMapping):
2987         (WebInspector.RawSourceCode.prototype._createContentProvider):
2988         (WebInspector.RawSourceCode.prototype._createSourceMapping.didRequestContent.didFormatContent):
2989         (WebInspector.RawSourceCode.prototype._createSourceMapping.didRequestContent):
2990         (WebInspector.RawSourceCode.prototype._createSourceMapping):
2991         (WebInspector.RawSourceCode.prototype._saveSourceMapping):
2992         (WebInspector.StaticContentProvider):
2993         (WebInspector.StaticContentProvider.prototype.requestContent):
2994
2995 2011-09-06  Csaba Osztrogonác  <ossy@webkit.org>
2996
2997         Unreviewed, rolling out r94564.
2998         http://trac.webkit.org/changeset/94564
2999         https://bugs.webkit.org/show_bug.cgi?id=67555
3000
3001         It broke many tests
3002
3003         * svg/SVGTRefElement.cpp:
3004         (WebCore::SVGTRefElement::svgAttributeChanged):
3005
3006 2011-09-06  Rob Buis  <rbuis@rim.com>
3007
3008         use after free in WebCore::SVGTRefElement::updateReferencedText
3009         https://bugs.webkit.org/show_bug.cgi?id=67555
3010
3011         Reviewed by Nikolas Zimmermann.
3012
3013         Do not install event listener if tref is not part of any document.
3014
3015         Test: svg/custom/tref-clone-crash.html
3016
3017         * svg/SVGTRefElement.cpp:
3018         (WebCore::SVGTRefElement::svgAttributeChanged):
3019
3020 2011-09-06  Sheriff Bot  <webkit.review.bot@gmail.com>
3021
3022         Unreviewed, rolling out r94560.
3023         http://trac.webkit.org/changeset/94560
3024         https://bugs.webkit.org/show_bug.cgi?id=67636
3025
3026         It made inspector/debugger/script-formatter.html flakey
3027         (Requested by Ossy on #webkit).
3028
3029         * inspector/front-end/BreakpointManager.js:
3030         (WebInspector.BreakpointManager.prototype.set reset):
3031         * inspector/front-end/DebuggerPresentationModel.js:
3032         (WebInspector.DebuggerPresentationModel.prototype._addScript.didCreateSourceMapping):
3033         (WebInspector.DebuggerPresentationModel.prototype._addScript):
3034         (WebInspector.DebuggerPresentationModel.prototype._uiSourceCodeReplaced):
3035         (WebInspector.DebuggerPresentationModel.prototype.setFormatSource):
3036         (WebInspector.DebuggerPresentationModel.prototype._addConsoleMessage.didGetUILocation):
3037         (WebInspector.DebuggerPresentationModel.prototype._addConsoleMessage):
3038         (WebInspector.PresenationCallFrame.prototype.select):
3039         * inspector/front-end/ScriptsPanel.js:
3040         (WebInspector.ScriptsPanel.prototype._uiSourceCodeReplaced):
3041         (WebInspector.ScriptsPanel.prototype._sourceFrameLoaded):
3042         * inspector/front-end/SourceFile.js:
3043         (WebInspector.RawSourceCode):
3044         (WebInspector.RawSourceCode.prototype.addScript):
3045         (WebInspector.RawSourceCode.prototype.contentEdited):
3046         (WebInspector.RawSourceCode.prototype.requestContent):
3047         (WebInspector.RawSourceCode.prototype.createSourceMappingIfNeeded.didRequestContent):
3048         (WebInspector.RawSourceCode.prototype.createSourceMappingIfNeeded):
3049         (WebInspector.RawSourceCode.prototype._setContentProvider):
3050         (WebInspector.RawSourceCode.prototype.forceLoadContent):
3051         (WebInspector.RawSourceCode.prototype._reload):
3052         (WebInspector.RawSourceCode.prototype._requestContent):
3053         (WebInspector.RawSourceCode.prototype._loadResourceContent):
3054         (WebInspector.RawSourceCode.prototype._loadScriptContent):
3055         (WebInspector.RawSourceCode.prototype._loadAndConcatenateScriptsContent):
3056         (WebInspector.RawSourceCode.prototype._didRequestContent):
3057         (WebInspector.RawSourceCode.prototype._hasPendingResource):
3058         (WebInspector.FormattedContentProvider):
3059         (WebInspector.FormattedContentProvider.prototype.requestContent.didRequestContent.didFormatContent):
3060         (WebInspector.FormattedContentProvider.prototype.requestContent):
3061
3062 2011-09-06  Antti Koivisto  <antti@apple.com>
3063
3064         https://bugs.webkit.org/show_bug.cgi?id=67480
3065         [Chromium] [REGRESSION] Layout Test svg/batik/text/textStyles.svg is failing
3066
3067         Reviewed by Dimitri Glazkov.
3068
3069         The text node needs willRecalcStyle mechanism too.
3070
3071         * dom/Text.cpp:
3072         (WebCore::Text::recalcTextStyle):
3073         * dom/Text.h:
3074         (WebCore::Text::willRecalcTextStyle):
3075         * svg/SVGTRefElement.cpp:
3076         (WebCore::SVGTRefElement::SVGTRefElement):
3077         (WebCore::SVGShadowText::SVGShadowText):
3078         (WebCore::SVGShadowText::willRecalcTextStyle):
3079
3080 2011-09-05  Pavel Podivilov  <podivilov@chromium.org>
3081
3082         Web Inspector: re-implement RawSourceCode.
3083         https://bugs.webkit.org/show_bug.cgi?id=67609
3084
3085         RawSourceCode content and source mapping loading logic is too complex, re-implement it using simpler semantics:
3086         1) Initially, RawSourceCode doesn't have any content or mapping because content loading and
3087         formatting operations are asynchronous, it only has scripts metadata. We don't update UI right
3088         after RawSourceCode creation until full RawSourceCode representation is ready (content + mapping).
3089         2) When RawSourceCode representation is ready (e.g. resource is finished, or content is formatted
3090         if in pretty-print mode) we dispatch SourceMappingUpdated event to notify the listeners that
3091         source code should be shown to user and raw locations should be converted to ui locations
3092         (to show breakpoins, messages, call frames etc in UI). At this moment, all source file's content
3093         is ready for loading and source mapping is available.
3094         3) Later, RawSourceCode representation may change again, e.g. if pretty-print mode is toggled, or
3095         blocked resource is finished etc., in that case SourceMappingUpdated is dispatched again to update
3096         source code, links and decorations in UI.
3097
3098         Reviewed by Yury Semikhatsky.
3099
3100         * inspector/front-end/DebuggerPresentationModel.js:
3101         (WebInspector.DebuggerPresentationModel.prototype.linkifyLocation):
3102         (WebInspector.DebuggerPresentationModel.prototype._addScript):
3103         (WebInspector.DebuggerPresentationModel.prototype._sourceMappingUpdated):
3104         (WebInspector.DebuggerPresentationModel.prototype._restoreBreakpoints):
3105         (WebInspector.DebuggerPresentationModel.prototype._addConsoleMessage.didGetUILocation):
3106         (WebInspector.DebuggerPresentationModel.prototype._addConsoleMessage):
3107         (WebInspector.DebuggerPresentationModel.prototype.messagesForUISourceCode):
3108         * inspector/front-end/ScriptsPanel.js:
3109         (WebInspector.ScriptsPanel.prototype._uiSourceCodeReplaced):
3110         (WebInspector.ScriptsPanel.prototype._sourceFrameLoaded):
3111         * inspector/front-end/SourceFile.js:
3112         (WebInspector.RawSourceCode):
3113         (WebInspector.RawSourceCode.prototype.addScript):
3114         (WebInspector.RawSourceCode.prototype.contentEdited):
3115         (WebInspector.RawSourceCode.prototype._resourceFinished):
3116         (WebInspector.RawSourceCode.prototype.requestContent):
3117         (WebInspector.RawSourceCode.prototype.createSourceMappingIfNeeded.sourceMappingUpdated):
3118         (WebInspector.RawSourceCode.prototype.createSourceMappingIfNeeded):
3119         (WebInspector.RawSourceCode.prototype.forceLoadContent):
3120         (WebInspector.RawSourceCode.prototype._updateSourceMapping.didCreateSourceMapping):
3121         (WebInspector.RawSourceCode.prototype._updateSourceMapping):
3122         (WebInspector.RawSourceCode.prototype._createContentProvider):
3123         (WebInspector.RawSourceCode.prototype._createSourceMapping.didRequestContent.didFormatContent):
3124         (WebInspector.RawSourceCode.prototype._createSourceMapping.didRequestContent):
3125         (WebInspector.RawSourceCode.prototype._createSourceMapping):
3126         (WebInspector.RawSourceCode.prototype._saveSourceMapping):
3127         (WebInspector.StaticContentProvider):
3128         (WebInspector.StaticContentProvider.prototype.requestContent):
3129
3130 2011-09-06  Dirk Schulze  <krit@webkit.org>
3131
3132         Return to transform multiplication: motion transform * other transforms
3133         https://bugs.webkit.org/show_bug.cgi?id=67601
3134
3135         Reviewed by Nikolas Zimmermann.
3136         
3137         Right now we take the current transform of a transformable SVG element, post multiply the animation transform
3138         and post multiply the motion transform to the other both:
3139
3140           transform * animation transform * motion transform
3141
3142         We switched to this behavior with the clean up of AffineTransform.
3143         While the specification of SVG demands us to do so, no other SVG viewer is doing it that way. Now switching back to:
3144
3145           motion transform * transform * animation transform
3146
3147         This is done by other SVG viewers as well. While their is no consense about how to multiply the different transforms
3148         on the SVG WG, their is a consense that the current specified behavior is unwanted. See
3149         http://lists.w3.org/Archives/Public/www-svg/2011Jan/0055.html for more details.
3150
3151         We pass the following tests of the official W3C SVG test suite again now:
3152
3153         - animate-elem-24-t.svg
3154         - animate-elem-30-t.svg
3155
3156         * svg/SVGStyledTransformableElement.cpp:
3157         (WebCore::SVGStyledTransformableElement::animatedLocalTransform):
3158         * svg/SVGTextElement.cpp:
3159         (WebCore::SVGTextElement::animatedLocalTransform):
3160
3161 2011-09-05  Adam Barth  <abarth@webkit.org>
3162
3163         window.HTMLSpanElement does not exist
3164         https://bugs.webkit.org/show_bug.cgi?id=67571
3165
3166         Reviewed by Sam Weinig.
3167
3168         We have these objects for most other elements and HTMLSpanElement
3169         exists in Firefox and in the HTML5 spec.  This patch adds it.
3170
3171         Test: fast/dom/wrapper-classes.html
3172
3173         * CMakeLists.txt:
3174         * CodeGenerators.pri:
3175         * DerivedSources.cpp:
3176         * DerivedSources.make:
3177         * GNUmakefile.list.am:
3178         * WebCore.gypi:
3179         * WebCore.pro:
3180         * WebCore.vcproj/WebCore.vcproj:
3181         * WebCore.xcodeproj/project.pbxproj:
3182         * html/HTMLElementsAllInOne.cpp:
3183         * html/HTMLSpanElement.cpp: Added.
3184         (WebCore::HTMLSpanElement::HTMLSpanElement):
3185         (WebCore::HTMLSpanElement::create):
3186         * html/HTMLSpanElement.h: Added.
3187         * html/HTMLSpanElement.idl: Added.
3188         * html/HTMLTagNames.in:
3189         * page/DOMWindow.idl:
3190
3191 2011-09-04  Abhishek Arya  <inferno@chromium.org>
3192
3193         Style not propagated to anonymous boxes and anonymous
3194         inline-blocks.
3195         https://bugs.webkit.org/show_bug.cgi?id=67364
3196
3197         Reviewed by James Robinson.
3198
3199         Tests: fast/ruby/ruby-block-style-not-updated-with-before-after-content.html
3200                fast/ruby/ruby-block-style-not-updated.html
3201                fast/ruby/ruby-inline-style-not-updated-with-before-after-content.html
3202                fast/ruby/ruby-inline-style-not-updated.html
3203                fast/table/table-row-style-not-updated-with-after-content.html
3204                fast/table/table-row-style-not-updated-with-before-content.html
3205                fast/table/table-row-style-not-updated.html
3206                fast/table/table-style-not-updated.html
3207
3208         * rendering/RenderObject.cpp:
3209         (WebCore::RenderObject::propagateStyleToAnonymousChildren):
3210         * rendering/RenderObject.h:
3211         (WebCore::RenderObject::isBeforeAfterContent):
3212         * rendering/RenderRuby.cpp:
3213         (WebCore::RenderRubyAsInline::styleDidChange):
3214         (WebCore::RenderRubyAsBlock::styleDidChange):
3215         * rendering/RenderRuby.h:
3216         * rendering/RenderTable.cpp:
3217         (WebCore::RenderTable::styleDidChange):
3218         * rendering/RenderTableRow.cpp:
3219         (WebCore::RenderTableRow::styleDidChange):
3220         (WebCore::RenderTableRow::addChild):
3221         * rendering/RenderTableSection.cpp:
3222         (WebCore::RenderTableSection::styleDidChange):
3223         (WebCore::RenderTableSection::addChild):
3224         * rendering/RenderTableSection.h:
3225
3226 2011-09-05  Abhishek Arya  <inferno@chromium.org>
3227
3228         Crash in RenderObjectChildList::destroyLeftOverChildren()
3229         https://bugs.webkit.org/show_bug.cgi?id=64753
3230
3231         Reviewed by James Robinson.
3232
3233         If any of the ancestors between column span element and containing
3234         column's block is a continuation, then don't attempt to render the
3235         column span by splitting the block into continuations.
3236
3237         Test: fast/multicol/column-span-parent-continuation-crash.html
3238
3239         * rendering/RenderBlock.cpp:
3240         (WebCore::RenderBlock::columnsBlockForSpanningElement):
3241
3242 2011-09-05  Sheriff Bot  <webkit.review.bot@gmail.com>
3243
3244         Unreviewed, rolling out r94537.
3245         http://trac.webkit.org/changeset/94537
3246         https://bugs.webkit.org/show_bug.cgi?id=67618
3247
3248         Does not compile on Chromium Mac (Requested by abarth_ on
3249         #webkit).
3250
3251         * platform/image-encoders/skia/JPEGImageEncoder.cpp:
3252         (WebCore::preMultipliedBGRAtoRGB):
3253         (WebCore::RGBAtoRGB):
3254         (WebCore::encodePixels):
3255         (WebCore::JPEGImageEncoder::encode):
3256
3257 2011-09-05  Noel Gordon  <noel.gordon@gmail.com>
3258
3259         [chromium skia] JPEGImageEncoder: hoist contants out of the encoding loop
3260         https://bugs.webkit.org/show_bug.cgi?id=67589
3261
3262         Reviewed by Adam Barth.
3263
3264         Change the row converter function signatures to be the same.  Call them via a function
3265         pointer during the encoding loop.  Minor webkit stlye cleanup, remove unused include.
3266
3267         No new tests.  Covered by existing canvas 2d and 3d tests.
3268         canvas/philip/tests/toDataURL.jpeg.alpha.html
3269         fast/canvas/webgl/premultiplyalpha-test.html
3270
3271         * platform/image-encoders/skia/JPEGImageEncoder.cpp:  Remove SkUnPreMultiply.h (not used).
3272         (WebCore::preMultipliedBGRAtoRGB):  Use unsigned char* instead of void* for pixels.
3273         (WebCore::RGBAtoRGB):  pixels & pixelCount to match the preMultipliedBGRAtoRGB() signature.
3274         (WebCore::encodePixels):  Move contants out of the encoding loop: use a function pointer to
3275         call preMultipliedBGRAtoRGB or RGBAtoRGB (now they have identical signatures) during the
3276         image row encoding loop.  Add/use pixelRowStride constant.
3277         (WebCore::JPEGImageEncoder::encode):  webkit style: no need to split lines.
3278
3279 2011-09-05  John Knottenbelt  <jknotten@chromium.org>
3280
3281         Take pageScaleFactor into account for MouseRelatedEvents.
3282         https://bugs.webkit.org/show_bug.cgi?id=67592
3283
3284         Reviewed by Dimitri Glazkov.
3285
3286         Test: fast/events/page-scaled-mouse-click.html
3287
3288         * dom/MouseRelatedEvent.cpp:
3289         (WebCore::MouseRelatedEvent::MouseRelatedEvent):
3290
3291 2011-09-02  Pavel Podivilov  <podivilov@chromium.org>
3292
3293         Web Inspector: rename RawSourceCode.reload to contentEdited.
3294         https://bugs.webkit.org/show_bug.cgi?id=67504
3295
3296         Make RawSourceCode.reload private and remove RawSourceCode.content getter and setter
3297         (RawSourceCode isn't supposed to have any content).
3298
3299         Reviewed by Yury Semikhatsky.
3300
3301         * inspector/front-end/DebuggerPresentationModel.js:
3302         (WebInspector.DebuggerPresentationModel.prototype.setScriptSource.didEditScriptSource):
3303         (WebInspector.DebuggerPresentationModel.prototype.setScriptSource):
3304         (WebInspector.DebuggerPresentationModelResourceBinding.prototype.canSetContent):
3305         (WebInspector.DebuggerPresentationModelResourceBinding.prototype.setContent):
3306         (WebInspector.DebuggerPresentationModelResourceBinding.prototype._setContentWithInitialContent):
3307         * inspector/front-end/SourceFile.js:
3308         (WebInspector.RawSourceCode):
3309         (WebInspector.RawSourceCode.prototype.contentEdited):
3310         (WebInspector.RawSourceCode.prototype.forceLoadContent):
3311         (WebInspector.RawSourceCode.prototype._reload):
3312         (WebInspector.RawSourceCode.prototype._didRequestContent):
3313
3314 2011-09-05  Leandro Gracia Gil  <leandrogracia@chromium.org>
3315
3316         Fix the regression of bug 65333 introduced by 60170.
3317         This caused the speech input bubble to appear in the wrong side for RTL text inputs.
3318         https://bugs.webkit.org/show_bug.cgi?id=67597
3319
3320         Reviewed by Tony Gentilcore.
3321
3322         No new tests. Fixing regression.
3323
3324         * html/shadow/TextControlInnerElements.cpp:
3325         (WebCore::InputFieldSpeechButtonElement::startSpeechInput):
3326
3327 2011-09-05  Alexander Pavlov  <apavlov@chromium.org>
3328
3329         Web Inspector: F5 results in a Web Inspector frontend reload on non-Macs
3330         https://bugs.webkit.org/show_bug.cgi?id=67602
3331
3332         Reviewed by Yury Semikhatsky.
3333
3334         * inspector/front-end/inspector.js:
3335         (WebInspector.documentKeyDown):
3336
3337 2011-09-05  Sheriff Bot  <webkit.review.bot@gmail.com>
3338
3339         Unreviewed, rolling out r94525.
3340         http://trac.webkit.org/changeset/94525
3341         https://bugs.webkit.org/show_bug.cgi?id=67599
3342
3343         WinCE compilation failed. (Requested by loislo on #webkit).
3344
3345         * platform/text/TextBoundaries.cpp:
3346         * platform/text/TextBreakIteratorICU.cpp:
3347         * platform/text/qt/TextBoundariesQt.cpp:
3348         * platform/text/qt/TextBreakIteratorQt.cpp:
3349
3350 2011-09-05  Alexander Færøy  <alexander.faeroy@nokia.com>
3351
3352         [Qt] Compiling using system ICU uses QTextBreakIterator in some cases.
3353         https://bugs.webkit.org/show_bug.cgi?id=67391
3354
3355         Reviewed by Kenneth Rohde Christiansen.
3356
3357         * platform/text/TextBoundaries.cpp:
3358         * platform/text/TextBreakIteratorICU.cpp:
3359         * platform/text/qt/TextBoundariesQt.cpp:
3360         * platform/text/qt/TextBreakIteratorQt.cpp:
3361
3362 2011-09-05  Kaustubh Atrawalkar  <kaustubh@motorola.com>
3363
3364         Logic from HTMLElement::deprecatedCreateContextualFragment moved into
3365         Range::createContextualFragment function.
3366         https://bugs.webkit.org/show_bug.cgi?id=67056
3367
3368         Reviewed by Ryosuke Niwa.
3369
3370         Code Refactoring for deprecatedCreateContextualFragment.
3371
3372         No new tests. Code Re-factoring.
3373
3374         * dom/Element.cpp:
3375         * dom/Element.h:
3376         * dom/Range.cpp:
3377         (WebCore::insertIntoFragment):
3378         (WebCore::Range::createDocumentFragmentForElement):
3379         (WebCore::Range::createContextualFragment):
3380         * dom/Range.h:
3381         * editing/markup.cpp:
3382         (WebCore::createFragmentFromMarkup):
3383         * html/HTMLElement.cpp:
3384         * html/HTMLElement.h:
3385
3386 2011-09-04  James Kozianski  <koz@chromium.org>
3387
3388         Unreviewed, rolling out r94510.
3389         http://trac.webkit.org/changeset/94510
3390         https://bugs.webkit.org/show_bug.cgi?id=66531
3391
3392         Causes layout test crashes.
3393
3394         * dom/Document.cpp:
3395         (WebCore::Document::webkitWillEnterFullScreenForElement):
3396         (WebCore::Document::webkitDidExitFullScreenForElement):
3397         * dom/NodeRenderingContext.cpp:
3398         (WebCore::wrapWithRenderFullScreen):
3399         (WebCore::NodeRendererFactory::createRendererIfNeeded):
3400         * rendering/RenderFullScreen.cpp:
3401         (RenderFullScreen::createFullScreenStyle):
3402         * rendering/RenderFullScreen.h:
3403
3404 2011-09-04  Abhishek Arya  <inferno@chromium.org>
3405
3406         Unreviewed. Compile fix for r94511.
3407
3408         * dom/Range.cpp:
3409         (WebCore::Range::processContents):
3410         (WebCore::Range::processAncestorsAndTheirSiblings):
3411
3412 2011-09-04  Abhishek Arya  <inferno@chromium.org>
3413
3414         Crash in Range::processAncestorsAndTheirSiblings.
3415         https://bugs.webkit.org/show_bug.cgi?id=67556
3416
3417         Reviewed by Ryosuke Niwa.
3418
3419         Create a temporary RefPtr Node vector to keep all the ancestor's
3420         childs so that we don't access removed child nodes.
3421
3422         Test: fast/dom/Range/range-delete-contents-event-fire-crash.html
3423
3424         * dom/Range.cpp:
3425         (WebCore::Range::processContents):
3426         (WebCore::Range::processAncestorsAndTheirSiblings):
3427
3428 2011-09-04  Jeremy Apthorp  <jeremya@google.com>
3429
3430         Don't detach elements from the render tree when entering fullscreen mode
3431         https://bugs.webkit.org/show_bug.cgi?id=66531
3432
3433         This prevents plugin instances from being destroyed and reinstantiated
3434         when entering fullscreen mode.
3435
3436         Reviewed by Darin Fisher.
3437
3438         Test: plugins/fullscreen-plugins-dont-reload.html
3439
3440         * dom/Document.cpp:
3441         (WebCore::Document::webkitWillEnterFullScreenForElement):
3442         (WebCore::Document::webkitDidExitFullScreenForElement):
3443         * dom/NodeRenderingContext.cpp:
3444         (WebCore::NodeRendererFactory::createRendererIfNeeded):
3445         * rendering/RenderFullScreen.cpp:
3446         (createFullScreenStyle):
3447         (RenderFullScreen::wrapRenderer):
3448         (RenderFullScreen::unwrapRenderer):
3449         * rendering/RenderFullScreen.h:
3450
3451 2011-09-04  Dan Bernstein  <mitz@apple.com>
3452
3453         <rdar://problem/10071256> Retain retired custom fonts until the next style recalc
3454
3455         Reviewed by Darin Adler.
3456
3457         Test: fast/css/font-face-used-after-retired.html
3458
3459         During style recalc, existing renderers may reference their old style, including font data.
3460         Allow them to do so safely by keeping retired custom font data around until after style recalc.
3461
3462         * css/CSSFontFace.cpp:
3463         (WebCore::CSSFontFace::retireCustomFont): Added. Calls through to CSSFontSelector, if the font
3464         face is still part of any segmented font face. Otherwise, deletes the custom font data.
3465         * css/CSSFontFace.h:
3466         * css/CSSFontFaceSource.cpp:
3467         (WebCore::CSSFontFaceSource::pruneTable): Changed to call retireCustomFont() instead of deleting
3468         retired font data.
3469         * css/CSSFontSelector.cpp:
3470         (WebCore::CSSFontSelector::retireCustomFont): Added. Calls through to the Document, if this is
3471         still the active font selector for a document. Otherwise, deletes the custom font data.
3472         * css/CSSFontSelector.h:
3473         * css/CSSSegmentedFontFace.cpp:
3474         (WebCore::CSSSegmentedFontFace::pruneTable): Changed to call retireCustomFont() instead of
3475         deleting retired font data.
3476         * dom/Document.cpp:
3477         (WebCore::Document::~Document): Added a call to deleteRetiredCustomFonts(), in case the Document
3478         is destroyed before getting a chance to recalc style after custom fonts have been retired.
3479         (WebCore::Document::recalcStyle): Added a call to deleteRetiredCustomFonts() after style recalc.
3480         (WebCore::Document::deleteRetiredCustomFonts): Added. Deletes all previously-retired custom font
3481         data.
3482         * dom/Document.h:
3483         (WebCore::Document::retireCustomFont): Added.
3484
3485 2011-09-04  Sam Weinig  <sam@webkit.org>
3486
3487         Document.createEvent should support all the interfaces of Event we got
3488         https://bugs.webkit.org/show_bug.cgi?id=67568
3489
3490         Reviewed by Anders Carlsson.
3491
3492         Updated fast/events/event-creation.html
3493
3494         * dom/BeforeLoadEvent.h:
3495         (WebCore::BeforeLoadEvent::create):
3496         (WebCore::BeforeLoadEvent::BeforeLoadEvent):
3497         Added empty create.
3498         
3499         * dom/Document.cpp:
3500         (WebCore::Document::createEvent):
3501         Add missing interfaces.
3502
3503         * dom/HashChangeEvent.h:
3504         (WebCore::HashChangeEvent::create):
3505         (WebCore::HashChangeEvent::HashChangeEvent):
3506         Added empty create.
3507
3508         * page/SpeechInputEvent.cpp:
3509         (WebCore::SpeechInputEvent::create):
3510         (WebCore::SpeechInputEvent::SpeechInputEvent):
3511         (WebCore::SpeechInputEvent::~SpeechInputEvent):
3512         * page/SpeechInputEvent.h:
3513         Added empty create.
3514
3515 2011-09-04  Adam Barth  <abarth@webkit.org>
3516
3517         [Chromium] Add memory threshold values to WebKitPlatformSupport.h
3518         https://bugs.webkit.org/show_bug.cgi?id=67575
3519
3520         Reviewed by Darin Fisher.
3521
3522         Grab these memory thresholds from PlatformSupport rather than hard-coding them.
3523
3524         * bindings/v8/V8GCController.cpp:
3525         (WebCore::V8GCController::checkMemoryUsage):
3526         * platform/chromium/PlatformSupport.h:
3527         * platform/qt/PlatformSupport.h:
3528         (WebCore::PlatformSupport::lowMemoryUsageMB):
3529         (WebCore::PlatformSupport::highMemoryUsageMB):
3530         (WebCore::PlatformSupport::highUsageDeltaMB):
3531
3532 2011-09-04  Kevin Ollivier  <kevino@theolliviers.com>
3533
3534         [wx] Unreviewed build fix. Add new / moved files missing from last commit.
3535
3536         * platform/wx/LocalDC.h: Added.
3537         (WebCore::LocalDC::LocalDC):
3538         (WebCore::LocalDC::context):
3539         (WebCore::LocalDC::~LocalDC):
3540         * platform/wx/wxcode/cairo: Added.
3541         * platform/wx/wxcode/cairo/non-kerned-drawing.cpp: Added.
3542         (WebCore::pangoFontMap):
3543         (WebCore::createPangoFontForFont):
3544         (WebCore::createScaledFontForFont):
3545         (WebCore::pango_font_get_glyph):
3546         (WebCore::drawTextWithSpacing):
3547         * platform/wx/wxcode/gdiplus: Added.
3548         * platform/wx/wxcode/gdiplus/non-kerned-drawing.cpp: Added.
3549         (dmin):
3550         (dmax):
3551         (DegToRad):
3552         (RadToDeg):
3553         (WebCore::drawTextWithSpacing):
3554
3555 2011-09-04  Robin Dunn  <robin@alldunn.com>
3556
3557         [wx] Enable wxWebKit to run using the wxGC Cairo backend on platforms other than GTK.
3558         https://bugs.webkit.org/show_bug.cgi?id=67577
3559
3560         Reviewed by Kevin Ollivier.
3561
3562         * platform/graphics/GlyphBuffer.h:
3563         (WebCore::GlyphBuffer::glyphAt):
3564         (WebCore::GlyphBuffer::add):
3565         * platform/graphics/wx/GraphicsContextWx.cpp:
3566         (WebCore::GraphicsContext::clipOut):
3567         (WebCore::GraphicsContext::clipPath):
3568         * platform/graphics/wx/PathWx.cpp:
3569         (WebCore::Path::Path):
3570         (WebCore::Path::clear):
3571         * platform/graphics/wx/TransformationMatrixWx.cpp:
3572         (WebCore::TransformationMatrix::operator wxGraphicsMatrix):
3573         (WebCore::AffineTransform::operator wxGraphicsMatrix):
3574         * platform/image-decoders/wx/ImageDecoderWx.cpp:
3575         (WebCore::ImageFrame::asNewNativeImage):
3576         * platform/wx/ContextMenuWx.cpp:
3577         (ContextMenu::ContextMenu):
3578         * platform/wx/LocalDC.h: Added.
3579         (WebCore::LocalDC::LocalDC):
3580         (WebCore::LocalDC::context):
3581         (WebCore::LocalDC::~LocalDC):
3582         * platform/wx/RenderThemeWx.cpp:
3583         (WebCore::RenderThemeWx::paintButton):
3584         (WebCore::RenderThemeWx::paintTextField):
3585         (WebCore::RenderThemeWx::paintMenuList):
3586         (WebCore::RenderThemeWx::paintMenuListButton):
3587         * platform/wx/ScrollbarThemeWx.cpp:
3588         (WebCore::ScrollbarThemeWx::paint):
3589         * platform/wx/wxcode/cairo: Added.
3590         * platform/wx/wxcode/cairo/non-kerned-drawing.cpp: Added.
3591         (WebCore::pangoFontMap):
3592         (WebCore::createPangoFontForFont):
3593         (WebCore::createScaledFontForFont):
3594         (WebCore::pango_font_get_glyph):
3595         (WebCore::drawTextWithSpacing):
3596         * platform/wx/wxcode/gdiplus: Added.
3597         * platform/wx/wxcode/gdiplus/non-kerned-drawing.cpp: Added.
3598         (dmin):
3599         (dmax):
3600         (DegToRad):
3601         (RadToDeg):
3602         (WebCore::drawTextWithSpacing):
3603         * platform/wx/wxcode/gtk/non-kerned-drawing.cpp: Removed.
3604         * platform/wx/wxcode/win/non-kerned-drawing.cpp: Removed.
3605         * platform/wx/wxcode/win/scrollbar_render.cpp:
3606         (GraphicsHDC::GraphicsHDC):
3607         (GraphicsHDC::~GraphicsHDC):
3608         (wxRenderer_DrawScrollbar):
3609
3610 2011-09-03  Laszlo Gombos  <laszlo.1.gombos@nokia.com>
3611
3612         REGRESSION (r86268): Fix for qt_networkAccessAllowed()
3613         https://bugs.webkit.org/show_bug.cgi?id=67570
3614
3615         Reviewed by Noam Rosenthal.
3616
3617         No new tests as this change only removes dead code.
3618         Support for Qt 4.6 has  been removed a while back.
3619
3620         * WebCore.pri:
3621         * WebCore.pro:
3622         * features.pri:
3623         * platform/network/NetworkStateNotifier.h:
3624         * platform/network/qt/NetworkStateNotifierQt.cpp:
3625
3626 2011-09-03  Ryosuke Niwa  <rniwa@webkit.org>
3627
3628         REGRESSION(r94274): selection-change-closes-typing.html fails
3629         https://bugs.webkit.org/show_bug.cgi?id=67377
3630
3631         Reviewed by Kent Tamura.
3632
3633         The problem was that when the shadow DOM is updated by setInnerTextValue, WebKit layer detects the selection
3634         change and calls confirmCompositionWithoutDisturbingSelection, which in turn modifies the shadow DOM by
3635         inserting text.
3636
3637         Fixed the bug by not inserting text in confirmCompositionWithoutDisturbingSelection. It turned out that this
3638         function is only used to cancel composition but never to confirming composition and restoring selection.
3639
3640         Test: platform/mac/editing/input/selection-change-closes-typing-2.html
3641
3642         * editing/Editor.cpp:
3643         (WebCore::Editor::confirmCompositionWithoutDisturbingSelection):
3644         (WebCore::Editor::confirmComposition):
3645
3646 2011-09-03  Sam Weinig  <sam@webkit.org>
3647
3648         Add missing Event constructors to DOMWindow.idl
3649         https://bugs.webkit.org/show_bug.cgi?id=67449
3650
3651         Reviewed by Anders Carlsson.
3652
3653         Covered by existing tests.
3654
3655         * page/DOMWindow.idl:
3656
3657 2011-08-27  Robert Hogan  <robert@webkit.org>
3658
3659         div align="center" rendering problem
3660         https://bugs.webkit.org/show_bug.cgi?id=4860
3661
3662         Reviewed by David Hyatt.
3663
3664         When an inline element with absolute position was the sole or first child of a render block with
3665         centred alignment, it wasn't obeying its parent's alignment. However it would obey the
3666         alignment if it was preceded by some text. The problem was that the element's render object
3667         was getting skipped as leading white space, so it was not included in a normal line block in
3668         a bidi run. Instead, its position was getting set by RenderBlockLineLayout::setStaticPositions()
3669         which does not pay attention to alignment. Preceding the element with some text allowed the object
3670         to get included in a Bidi run and so get a linebox which would get properly aligned.
3671
3672         The fix is to get RenderBlockLineLayout::setStaticPositions() to obey the alignment specified by
3673         the object's container. This allows WebKit to get the same result on the test as Firefox and IE.
3674         Opera has the same bug as unpatched WebKit.
3675
3676         Tests: fast/css/bug4860-absolute-block-child-does-not-inherit-alignment.html
3677                - Ensure positioned block elements inherit alignment.
3678                fast/css/bug4860-absolute-inline-child-inherits-alignment.html
3679                - Ensure positioned inline elements inherit alignment.
3680                fast/inline/absolute-positioned-inline-in-centred-block.html
3681                - Ensure positioned inline element that's the sole or first child of a rendered block
3682                  obeys parents alignment.
3683                fast/inline/absolute-positioned-block-in-centred-block.html
3684                - As above, but a positioned block should not inherit alignment.
3685
3686         * rendering/RenderBlock.h:
3687         * rendering/RenderBlockLineLayout.cpp:
3688         (WebCore::RenderBlock::updateLogicalWidthForAlignment):
3689         (WebCore::RenderBlock::computeInlineDirectionPositionsForLine): Move the alignment check to updateLogicalWidthForAlignment.
3690         (WebCore::setStaticPositions): use startAlignedOffsetForLine and use startAlignedOffsetForBlock
3691         (WebCore::RenderBlock::startAlignedOffsetForLine): New function, find the aligned offset using updateLogicalWidthForAlignment
3692
3693 2011-09-03  Andreas Kling  <kling@webkit.org>
3694
3695         Remove two unused functions from Element.
3696         https://bugs.webkit.org/show_bug.cgi?id=67492
3697
3698         Reviewed by Benjamin Poulain.
3699
3700         Removed openTagStartToString() and setCStringAttribute() as they are
3701         not called from anywhere.
3702
3703         * dom/Element.cpp:
3704         * dom/Element.h:
3705
3706 2011-09-03  Andrew Wason  <rectalogic@rectalogic.com>
3707
3708         [Qt] Enable support for WebGL OES_standard_derivatives for Qt
3709         https://bugs.webkit.org/show_bug.cgi?id=67430
3710
3711         Reviewed by Noam Rosenthal.
3712
3713         Tested using https://cvs.khronos.org/svn/repos/registry/trunk/public/webgl/sdk/tests/conformance/extensions/oes-standard-derivatives.html
3714
3715         Enable existing support for OES_standard_derivatives for Qt.
3716
3717         * platform/graphics/opengl/Extensions3DOpenGL.cpp:
3718         (WebCore::Extensions3DOpenGL::ensureEnabled):
3719         (WebCore::Extensions3DOpenGL::isEnabled):
3720
3721 2011-09-03  Yuta Kitamura  <yutak@chromium.org>
3722
3723         WebSocket: Send ArrayBuffer as WebSocket binary message
3724         https://bugs.webkit.org/show_bug.cgi?id=67477
3725
3726         Reviewed by Kent Tamura.
3727
3728         Tests: http/tests/websocket/tests/hybi/send-arraybuffer.html
3729                http/tests/websocket/tests/hybi/workers/send-arraybuffer.html
3730                http/tests/websocket/tests/hybi/bufferedAmount-after-close.html (updated)
3731
3732         * bindings/js/JSWebSocketCustom.cpp:
3733         (WebCore::JSWebSocket::send):
3734         * bindings/v8/custom/V8WebSocketCustom.cpp:
3735         (WebCore::V8WebSocket::sendCallback):
3736         * websockets/ThreadableWebSocketChannel.h:
3737         * websockets/ThreadableWebSocketChannelClientWrapper.cpp:
3738         (WebCore::ThreadableWebSocketChannelClientWrapper::ThreadableWebSocketChannelClientWrapper):
3739         (WebCore::ThreadableWebSocketChannelClientWrapper::sendRequestResult):
3740         (WebCore::ThreadableWebSocketChannelClientWrapper::setSendRequestResult):
3741         * websockets/ThreadableWebSocketChannelClientWrapper.h:
3742         Rename "sent" to "sendRequestResult" to clarify the meaning. Messages from the script may not
3743         be sent immediately, thus the return value of WebSocketChannel::send() indicates whether the
3744         message has been queued successfully, rather than whether the message has been sent or not.
3745         * websockets/WebSocket.cpp:
3746         (WebCore::WebSocket::send):
3747         Case of sending "[object ArrayBuffer]" is covered by an existing test
3748         http/tests/websocket/tests/{hybi,hixie76}/send-object.html.
3749         * websockets/WebSocket.h:
3750         * websockets/WebSocket.idl:
3751         * websockets/WebSocketChannel.cpp:
3752         (WebCore::WebSocketChannel::send):
3753         * websockets/WebSocketChannel.h:
3754         * websockets/WorkerThreadableWebSocketChannel.cpp:
3755         (WebCore::WorkerThreadableWebSocketChannel::send):
3756         (WebCore::workerContextDidSend):
3757         (WebCore::WorkerThreadableWebSocketChannel::Peer::send):
3758         (WebCore::WorkerThreadableWebSocketChannel::mainThreadSendArrayBuffer):
3759         Construct an ArrayBuffer from the data on Vector<char>.
3760         (WebCore::WorkerThreadableWebSocketChannel::Bridge::send):
3761         Copy the content into temporary buffer of Vector<char>, and send it to the main thread.
3762         * websockets/WorkerThreadableWebSocketChannel.h:
3763
3764 2011-09-02  Kentaro Hara  <haraken@google.com>
3765
3766         Implement a CustomEvent constructor for V8
3767         https://bugs.webkit.org/show_bug.cgi?id=67527
3768
3769         Reviewed by Sam Weinig.
3770
3771         Test: fast/events/constructors/custom-event-constructor.html
3772
3773         * bindings/v8/OptionsObject.h:
3774         (WebCore::OptionsObject::getKeyValue): Returns ScriptValue corresponding to a given key.
3775         * bindings/v8/custom/V8EventConstructors.cpp: Added the CustomEvent constructor.
3776         * dom/CustomEvent.idl: Added a 'V8CustomConstructor' attribute.
3777
3778 2011-09-02  Adrienne Walker  <enne@google.com>
3779
3780         [chromium] Move updateLayers from LayerRendererChromium to CCLayerTreeHost
3781         https://bugs.webkit.org/show_bug.cgi?id=67438
3782
3783         Reviewed by James Robinson.
3784
3785         Covered by existing tests.
3786
3787         Move functionality used by both CCLayerTreeHost and
3788         LayerRendererChromium into CCLayerTreeHostCommon. Move update, paint,
3789         and updateCompositorResource functions into CClayerTreeHost.
3790
3791         * WebCore.gypi:
3792         * platform/graphics/chromium/LayerChromium.cpp:
3793         (WebCore::sortLayers):
3794         * platform/graphics/chromium/LayerChromium.h:
3795         * platform/graphics/chromium/LayerRendererChromium.cpp:
3796         (WebCore::LayerRendererChromium::textureMemoryReclaimLimit):
3797         (WebCore::LayerRendererChromium::drawLayers):
3798         (WebCore::LayerRendererChromium::drawLayersInternal):
3799         * platform/graphics/chromium/LayerRendererChromium.h:
3800         * platform/graphics/chromium/cc/CCLayerImpl.cpp:
3801         (WebCore::sortLayers):
3802         * platform/graphics/chromium/cc/CCLayerImpl.h:
3803         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
3804         (WebCore::CCLayerTreeHost::commitTo):
3805         (WebCore::CCLayerTreeHost::updateLayers):
3806         (WebCore::paintContentsIfDirty):
3807         (WebCore::CCLayerTreeHost::paintLayerContents):
3808         (WebCore::CCLayerTreeHost::updateCompositorResources):
3809         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
3810         * platform/graphics/chromium/cc/CCLayerTreeHostCommon.cpp: Added.
3811         (WebCore::CCLayerTreeHostCommon::isScaleOrTranslation):
3812         (WebCore::CCLayerTreeHostCommon::calculateVisibleRect):
3813         (WebCore::CCLayerTreeHostCommon::calculateVisibleLayerRect):
3814         * platform/graphics/chromium/cc/CCLayerTreeHostCommon.h: Added.
3815         (WebCore::CCLayerTreeHostCommon::calculateDrawTransformsAndVisibility):
3816         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
3817         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
3818         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
3819         (WebCore::CCSingleThreadProxy::commitIfNeeded):
3820
3821 2011-09-02  Chris Marrin  <cmarrin@apple.com>
3822
3823         https://bugs.webkit.org/show_bug.cgi?id=67510
3824         Crash can occur when doing a PlatformCAAnimation::copy() with no valueFunction
3825
3826         Reviewed by Simon Fraser.
3827         
3828         Do a null check in two places to avoid sending nulls to CACF ValueFunction API.
3829
3830         Test: animations/pause-crash.html
3831
3832         * platform/graphics/ca/win/PlatformCAAnimationWin.cpp:
3833         (PlatformCAAnimation::valueFunction):
3834         (PlatformCAAnimation::setValueFunction):
3835
3836 2011-09-02  Bill Budge  <bbudge@chromium.org>
3837
3838         Add a 'didDownloadData' method to ResourceLoader, SubresourceLoader,
3839         SubresourceLoaderClient, DocumentThreadableLoader, ResourceHandleClient,
3840         and ThreadableLoaderClient for the Chromium port only, so we can pass
3841         these notifications from our ResourceHandle implementation through the
3842         WebCore loader framework.
3843         https://bugs.webkit.org/show_bug.cgi?id=67229
3844
3845         Reviewed by Darin Fisher.
3846
3847         No new tests. Exposes no new functionality.
3848
3849         * WebCore.gypi:
3850         * loader/DocumentThreadableLoader.h:
3851         * loader/ResourceLoader.h:
3852         * loader/SubresourceLoader.h:
3853         * loader/SubresourceLoaderClient.h:
3854         (WebCore::SubresourceLoaderClient::didDownloadData):
3855         * loader/ThreadableLoaderClient.h:
3856         (WebCore::ThreadableLoaderClient::didDownloadData):
3857         * loader/ThreadableLoaderClientWrapper.h:
3858         (WebCore::ThreadableLoaderClientWrapper::didDownloadData):
3859         * loader/chromium: Added.
3860         * loader/chromium/DocumentThreadableLoaderChromium.cpp: Added.
3861         (WebCore::DocumentThreadableLoader::didDownloadData):
3862         * loader/chromium/ResourceLoaderChromium.cpp: Added.
3863         (WebCore::ResourceLoader::didDownloadData):
3864         * loader/chromium/SubresourceLoaderChromium.cpp: Added.
3865         (WebCore::SubresourceLoader::didDownloadData):
3866         * platform/network/ResourceHandleClient.h:
3867         (WebCore::ResourceHandleClient::didDownloadData):
3868
3869 2011-09-02  Jeff Miller  <jeffm@apple.com>
3870
3871         Assert that PlatformCALayerWinInternal::displayCallback() is only called on the main thread
3872         https://bugs.webkit.org/show_bug.cgi?id=67541
3873
3874         Reviewed by Simon Fraser.
3875
3876         No new tests, covered by existing media tests.
3877
3878         * platform/graphics/ca/win/PlatformCALayerWinInternal.cpp:
3879         (PlatformCALayerWinInternal::displayCallback): Assert that is function is only called on the main thread.
3880
3881 2011-09-02  Julien Chaffraix  <jchaffraix@webkit.org>
3882
3883         Enable RenderLayer::updateLayerPosition's cachedOffset optimization for more cases
3884         https://bugs.webkit.org/show_bug.cgi?id=66901
3885
3886         Reviewed by Simon Fraser.
3887
3888         Test: fast/layers/assert-RenderLayer-update-positions.html
3889               Also covered by existing tests under the new ASSERT.
3890
3891         This change extends the range of callers making use of the cachedOffset optimization.
3892
3893         Most callers did not make use of cachedOffset as it did not work when called on a subtree.
3894         This limitation is now gone thus we can enable it more widely.
3895
3896         The semantics of the optimization are changed a bit as we now return if it is enabled whereas
3897         the old code would check if it was *disabled*. Also there were some renames done to match more
3898         closely what was going on (s/cachedOffset/offsetFromRoot/ and s/cachedOffsetDisabled/hasLayerOffset/).
3899
3900         Note that this is an optimistic optimization: if cachedOffset is not used, then we have
3901         done at least an extra traversal up to the root. I have found it to be a wash on file
3902         cycler (alexa) but to be a nice improvement (~20%) on some table benchmarks (modifying
3903         a cell, scrolling).
3904
3905         * page/FrameView.cpp:
3906         (WebCore::FrameView::layout): Extended the use of cachedOffset to subtree layouts.
3907         * rendering/RenderBoxModelObject.cpp:
3908         (WebCore::RenderBoxModelObject::styleDidChange): Forbid the use cachedOffset in this
3909         case as we have only a single layer to update.
3910
3911         * rendering/RenderLayer.cpp:
3912         (WebCore::RenderLayer::computeOffsetFromRoot): Added this function to get the offset from the root
3913         layer at a certain point in the RenderLayer's tree. It gets the root layer's checking if no layer
3914         in between would prevent convertToLayerCoords to work and return the position relative to
3915         this layer.
3916
3917         (WebCore::RenderLayer::updateLayerPositions): Added a new ASSERT to make sure our cachedOffset
3918         is always fine. Also added a comment about calling convertToLayerCoords.
3919
3920         (WebCore::RenderLayer::removeOnlyThisLayer): Added cachedOffset here too as we may have to
3921         update several layers. We save the offset prior to being removed from the hierarchy for
3922         correctness.
3923
3924         (WebCore::RenderLayer::paintChildLayerIntoColumns): Added a comment here about calling convertToLayerCoords.
3925
3926         * rendering/RenderLayer.h: Swapped the argument in updateLayerPositions to make
3927         cachedOffset a mandatory field. Patched all the callers.
3928
3929         (WebCore::RenderLayer::canUseConvertToLayerCoords): Added this helper method to know when a
3930         renderer prevents convertToLayerCoords from working. Added some FIXME around suspicious use
3931         of convertToLayerCoords.
3932
3933 2011-08-30  Matthew Delaney  <mdelaney@apple.com>
3934
3935         Read out of bounds in sUnpremultiplyData_RGBA8888 / ImageBufferData::getData
3936         https://bugs.webkit.org/show_bug.cgi?id=65352
3937
3938         Reviewed by Simon Fraser.
3939
3940         New test: fast/canvas/canvas-getImageData-large-crash.html
3941
3942         This patch prevents overflows from happening in getImageData, createImageData, and canvas creation
3943         calls that specify widths and heights that end up overflowing the ints that we store those values in
3944         as well as derived values such as area and maxX / maxY of the bounding rects involved. Overflow of integer
3945         arithmetic is detected via the use of the new Checked type that was introduced in r94207.
3946
3947         * html/HTMLCanvasElement.cpp:
3948         (WebCore::HTMLCanvasElement::convertLogicalToDevice): Removed dependency on ints, using FloatRects/Sizes instead.
3949         (WebCore::HTMLCanvasElement::createImageBuffer): Moved the check for max canvas area and dimensions here.
3950           Added in check that prevents us from having canvases of sizes that will cause overflows.
3951         (WebCore::HTMLCanvasElement::baseTransform): Updated use of convertLogicalToDevice.
3952         * html/HTMLCanvasElement.h: Updated method signatures.
3953         * html/canvas/CanvasRenderingContext2D.cpp:
3954         (WebCore::createEmptyImageData): Added in check to prevent creating ImageData objects that will cause overflow when computing their size.
3955         (WebCore::CanvasRenderingContext2D::createImageData): Avoid creating ImageData objects of size that will overflow later.
3956         (WebCore::CanvasRenderingContext2D::getImageData): Added in check to prevent trying to get ImageData objects that will cause overflow when computing their size.
3957         * platform/graphics/FloatRect.cpp:
3958         (WebCore::FloatRect::isExpressibleAsIntRect): New method that tests whether a FloatRect can become an IntRect without overflow or having to be clamped.
3959         * platform/graphics/FloatRect.h:
3960         * platform/graphics/FloatSize.cpp:
3961         (WebCore::FloatSize::isExpressibleAsIntSize): Same as FloatRect, but for FloatSize->IntSize.
3962         * platform/graphics/FloatSize.h:
3963         * platform/graphics/cg/ImageBufferCG.cpp: Added check for overflow.
3964         (WebCore::ImageBuffer::ImageBuffer):
3965
3966 2011-09-02  Dan Bernstein  <mitz@apple.com>
3967
3968         <rdar://problem/9755843> anonymous RenderMathMLOperator sets itself as the renderer of its parent mfenced node
3969
3970         Reviewed by Darin Adler.
3971
3972         Test: mathml/operator-hijacks-fenced-node.xhtml
3973
3974         * rendering/mathml/RenderMathMLOperator.cpp:
3975         (WebCore::RenderMathMLOperator::updateFromElement): Rather than unconditionally setting the
3976         node’s renderer to this, just restore it to whatever it was before calling destroyLeftoverChildren().
3977
3978 2011-09-02  Mark Hahnenberg  <mhahnenberg@apple.com>
3979
3980         Incorporate newer, faster dtoa library
3981         https://bugs.webkit.org/show_bug.cgi?id=66346
3982
3983         Reviewed by Oliver Hunt.
3984
3985         No new tests.
3986
3987         Added new dtoa library at http://code.google.com/p/double-conversion/.
3988         Replaced old call to dtoa.  The new library is much faster than the old one.
3989         We still use the old dtoa for some stuff in WebCore as well as the old strtod, 
3990         but we can phase these out eventually as well.
3991
3992         * ForwardingHeaders/wtf/dtoa/double-conversion.h: Added.
3993         * WebCore.vcproj/copyForwardingHeaders.cmd:
3994         * css/CSSPrimitiveValue.cpp:
3995         (WebCore::formatNumber):
3996         * html/parser/HTMLParserIdioms.cpp:
3997         (WebCore::serializeForNumberType):
3998         * inspector/InspectorValues.cpp:
3999         (WebCore::InspectorBasicValue::writeJSON):
4000         * platform/graphics/Color.cpp:
4001         (WebCore::Color::serialized):
4002
4003 2011-09-02  Nat Duca  <nduca@chromium.org>
4004
4005         [chromium] Check for null context when reinitializing compositor
4006         https://bugs.webkit.org/show_bug.cgi?id=67507
4007
4008         Reviewed by James Robinson.
4009
4010         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
4011         (WebCore::CCSingleThreadProxy::recreateContextIfNeeded):
4012
4013 2011-09-02  Sam Weinig  <sam@webkit.org>
4014
4015         Remove BeforeProcessEvent, it was never meant to be
4016         https://bugs.webkit.org/show_bug.cgi?id=67493
4017
4018         Reviewed by Anders Carlsson.
4019
4020         BeforeProcessEvent was added, never hooked up, and never removed.
4021         Now it is being removed.
4022
4023         * CodeGenerators.pri:
4024         * DerivedSources.make:
4025         * GNUmakefile.list.am: