Fix cssText property of counter-valued CSSPrimitiveValue and avoid uninitialized...
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2011-09-13  Adam Klein  <adamk@chromium.org>
2
3         Fix cssText property of counter-valued CSSPrimitiveValue and avoid uninitialized read
4         https://bugs.webkit.org/show_bug.cgi?id=68021
5
6         Reviewed by Tony Chang.
7
8         Reported by valgrind in http://crbug.com/60653.
9
10         Besides fixing the uninitialized read, add support for outputting the
11         list separator for counters() calls and the list-style name.
12
13         Test: fast/css/counters/counter-cssText.html
14
15         * css/CSSPrimitiveValue.cpp:
16         (WebCore::CSSPrimitiveValue::cssText):
17
18 2011-09-13  Kenichi Ishibashi  <bashi@chromium.org>
19
20         WebFont followed tiny monospace text displays weird
21         https://bugs.webkit.org/show_bug.cgi?id=67996
22
23         Reviewed by Darin Adler.
24
25         Always call wkSetCGFontRenderingMode() in Font::drawGlyphs() so that the rendering mode is set correctly.
26
27         Test: platform/mac/fast/text/webfont-after-tiny-monospace-text.html
28
29         * platform/graphics/mac/FontMac.mm:
30         (WebCore::Font::drawGlyphs):
31
32 2011-09-13  Tom Sepez  <tsepez@chromium.org>
33
34         Fix XSS auditor bypass when inline handlers contain comments.
35         https://bugs.webkit.org/show_bug.cgi?id=27895
36
37         Reviewed by Adam Barth.
38
39         Tests: http/tests/security/xssAuditor/property-escape-comment.html
40                http/tests/security/xssAuditor/property-escape-entity.html
41                http/tests/security/xssAuditor/property-escape-quote.html
42
43         * html/parser/XSSAuditor.cpp:
44         (WebCore::XSSAuditor::snippetForAttribute):
45
46 2011-09-13  Kentaro Hara  <haraken@google.com>
47
48         Implement a HashChangeEvent constructor for V8
49         https://bugs.webkit.org/show_bug.cgi?id=67969
50
51         Reviewed by Nate Chapin.
52
53         Test: fast/events/constructors/hash-change-event-constructor.html
54
55         * bindings/v8/custom/V8EventConstructors.cpp: Added the HashChangeEvent constructor.
56         * dom/HashChangeEvent.idl: Added a 'V8CustomConstructor' attribute.
57
58 2011-09-13  Jeremy Apthorp  <jeremya@google.com>
59
60         Fix crash when an iframe element is removed during a transition to
61         fullscreen.
62         https://bugs.webkit.org/show_bug.cgi?id=67960
63
64         Reviewed by Adam Barth.
65
66         Test: fullscreen/full-screen-remove-ancestor-during-transition.html
67
68         * dom/Document.cpp:
69         (WebCore::Document::~Document):
70         Clear the list of elements to which we need to send a fullscreenchange
71         event.
72
73 2011-09-13  David Hyatt  <hyatt@apple.com>
74
75         https://bugs.webkit.org/show_bug.cgi?id=68040
76         
77         Make sure border image sub-properties can be specified in any order.
78
79         Reviewed by Beth Dakin.
80
81         New tests in fast/borders.
82
83         * css/CSSParser.cpp:
84         (WebCore::BorderImageParseContext::BorderImageParseContext):
85         (WebCore::BorderImageParseContext::canAdvance):
86         (WebCore::BorderImageParseContext::setCanAdvance):
87         (WebCore::BorderImageParseContext::allowCommit):
88         (WebCore::BorderImageParseContext::allowImage):
89         (WebCore::BorderImageParseContext::allowImageSlice):
90         (WebCore::BorderImageParseContext::allowSlash):
91         (WebCore::BorderImageParseContext::requireWidth):
92         (WebCore::BorderImageParseContext::requireOutset):
93         (WebCore::BorderImageParseContext::commitImage):
94         (WebCore::BorderImageParseContext::commitImageSlice):
95         (WebCore::BorderImageParseContext::commitSlash):
96         (WebCore::BorderImageParseContext::commitBorderWidth):
97         (WebCore::BorderImageParseContext::commitBorderOutset):
98         (WebCore::BorderImageParseContext::commitRepeat):
99         (WebCore::CSSParser::parseBorderImage):
100         (WebCore::CSSParser::parseBorderImageRepeat):
101         (WebCore::CSSParser::parseBorderImageSlice):
102         (WebCore::CSSParser::parseBorderImageQuad):
103         * css/CSSParserValues.h:
104         (WebCore::CSSParserValueList::previous):
105
106 2011-09-13  Jeff Miller  <jeffm@apple.com>
107
108         WebCore::Cursor::ensurePlatformCursor() should always set a valid platform cursor on Windows
109         https://bugs.webkit.org/show_bug.cgi?id=68043
110         
111         Make sure we set a valid platform cursor in the Cursor::NoDrop case, and add a default
112         clause that uses the arrow cursor in case another cursor type is added in the future
113         and we forget to update ensurePlatformCursor().
114
115         Reviewed by Anders Carlsson.
116
117         * platform/win/CursorWin.cpp:
118         (WebCore::Cursor::ensurePlatformCursor): Always set a valid platform cursor.
119
120 2011-09-12  Jon Honeycutt  <jhoneycutt@apple.com>
121
122         MSAA: WebKit reports the document state as disabled
123         https://bugs.webkit.org/show_bug.cgi?id=67974
124         <rdar://problem/10095898>
125
126         Reviewed by Brian Weinstein.
127
128         Test: platform/win/accessibility/document-enabled-state.html
129
130         * accessibility/AccessibilityScrollView.h:
131         (WebCore::AccessibilityScrollView::isEnabled):
132         This object backs the AccessibleDocument on Windows - always return
133         true for its enabled state.
134
135 2011-08-11  Cris Neckar  <cdn@chromium.org>
136
137         Fixes several bugs when adding CounterNodes to a tree which can cause asymetrical relationships.
138         https://bugs.webkit.org/show_bug.cgi?id=65996
139
140         Reviewed by Eric Seidel.
141
142         Test: fast/css/counters/counter-reparent-table-children-crash.html
143
144         * rendering/CounterNode.cpp:
145         (WebCore::CounterNode::insertAfter):
146         * rendering/RenderCounter.cpp:
147         (WebCore::findPlaceForCounter):
148         (WebCore::makeCounterNode):
149
150 2011-09-13  Beth Dakin  <bdakin@apple.com>
151
152         Adding a comment I forgot to add before.
153
154         * rendering/RenderImage.cpp:
155         (WebCore::RenderImage::imageSizeForError):
156
157 2011-09-13  Antti Koivisto  <antti@apple.com>
158
159         Move identifier filter from CSSStyleSelector to SelectorChecker
160         https://bugs.webkit.org/show_bug.cgi?id=68025
161
162         Reviewed by Sam Weinig.
163
164         This is a more logical place for this code. It also makes CSSStyleSelector slightly less bloated. 
165         It will make it possible to use fastRejectSelector for querySelectorAll in the future.
166
167         * css/CSSStyleSelector.cpp:
168         (WebCore::loadViewSourceStyle):
169         (WebCore::CSSStyleSelector::matchRulesForList):
170         (WebCore::RuleData::RuleData):
171         * css/CSSStyleSelector.h:
172         (WebCore::CSSStyleSelector::pushParent):
173         (WebCore::CSSStyleSelector::popParent):
174         * css/SelectorChecker.cpp:
175         (WebCore::collectElementIdentifierHashes):
176         (WebCore::SelectorChecker::pushParentStackFrame):
177         (WebCore::SelectorChecker::popParentStackFrame):
178         (WebCore::SelectorChecker::pushParent):
179         (WebCore::SelectorChecker::popParent):
180         (WebCore::collectDescendantSelectorIdentifierHashes):
181         (WebCore::SelectorChecker::collectIdentifierHashes):
182         * css/SelectorChecker.h:
183         (WebCore::SelectorChecker::parentStackIsConsistent):
184         (WebCore::SelectorChecker::ParentStackFrame::ParentStackFrame):
185         (WebCore::SelectorChecker::fastRejectSelector):
186
187 2011-09-13  Kiyoto Tamura  <owenestea@gmail.com>
188
189         For compatibility, execCommand should support deprecated 'useCSS' alias for 'styleWithCSS'
190         https://bugs.webkit.org/show_bug.cgi?id=36683
191
192         Reviewed by Ryosuke Niwa.
193
194         In addition to supporting the deprecated 'useCSS', 'styleWithCSS' now accepts any argument other than
195         the boolean false or the case-insensitive string "false". This is per
196         http://aryeh.name/spec/editing/editing.html#the-stylewithcss-command
197
198         Tests: editing/execCommand/style-with-css.html
199                editing/execCommand/use-css.html
200
201         * editing/EditorCommand.cpp:
202         (WebCore::executeStyleWithCSS):
203         (WebCore::executeUseCSS):
204         (WebCore::createCommandMap):
205
206 2011-09-13  Anders Carlsson  <andersca@apple.com>
207
208         Disable C++ exceptions when building with clang
209         https://bugs.webkit.org/show_bug.cgi?id=68031
210         <rdar://problem/9556880>
211
212         Reviewed by Mark Rowe.
213
214         * Configurations/Base.xcconfig:
215
216 2011-09-13  Beth Dakin  <bdakin@apple.com>
217
218         https://bugs.webkit.org/show_bug.cgi?id=67885
219         Outline for the high-resolution broken image icon draws at 2x
220         -and corresponding-
221         <rdar://problem/10104637>
222
223         Reviewed by Dan Bernstein.
224
225         Scaled the image size to account for the deviceScaleFactor. 
226         * rendering/RenderImage.cpp:
227         (WebCore::RenderImage::imageSizeForError):
228
229 2011-09-13  Tim Horton  <timothy_horton@apple.com>
230
231         REGRESSION (64275): Shape pattern-image fill turns black
232         https://bugs.webkit.org/show_bug.cgi?id=51061
233         <rdar://problem/8504705>
234
235         Reviewed by Simon Fraser.
236
237         When destroying a resource, register clients who are losing their
238         resource as having pending resources, so they can be resolved in the case a
239         resource with that id is re-registered.
240
241         Test: svg/custom/pending-resource-after-removal.xhtml
242
243         * rendering/svg/SVGResourcesCache.cpp:
244         (WebCore::SVGResourcesCache::resourceDestroyed):
245         * svg/SVGStyledElement.h:
246         (WebCore::toSVGStyledElement): Added.
247
248 2011-09-13  Eric Seidel  <eric@webkit.org>
249
250         Remove ENABLE_SVG_FOREIGN_OBJECT as it is a required part of HTML5
251         https://bugs.webkit.org/show_bug.cgi?id=68018
252
253         Reviewed by Ryosuke Niwa.
254
255         * Configurations/FeatureDefines.xcconfig:
256         * DerivedSources.make:
257         * GNUmakefile.am:
258         * WebCore.exp.in:
259         * dom/DOMImplementation.cpp:
260         (WebCore::isSVG10Feature):
261         (WebCore::isSVG11Feature):
262         * dom/Text.cpp:
263         (WebCore::Text::createRenderer):
264         * features.pri:
265         * page/DOMWindow.idl:
266         * rendering/svg/RenderSVGForeignObject.cpp:
267         * rendering/svg/RenderSVGForeignObject.h:
268         * svg/SVGAnimateMotionElement.cpp:
269         (WebCore::SVGAnimateMotionElement::hasValidAttributeType):
270         * svg/SVGForeignObjectElement.cpp:
271         * svg/SVGForeignObjectElement.h:
272         * svg/SVGForeignObjectElement.idl:
273         * svg/SVGLocatable.cpp:
274         (WebCore::isViewportElement):
275         * svg/SVGSVGElement.cpp:
276         (WebCore::SVGSVGElement::isOutermostSVG):
277         * svg/SVGUseElement.cpp:
278         (WebCore::isDisallowedElement):
279         (WebCore::SVGUseElement::associateInstancesWithShadowTreeElements):
280         * svg/svgtags.in:
281
282 2011-09-13  Joseph Pecoraro  <joepeck@webkit.org>
283
284         CRASH under WebCore::ArchiveResourceCollection::addAllResources loading WebArchive
285         https://bugs.webkit.org/show_bug.cgi?id=67983
286
287         Reviewed by Darin Adler.
288
289         Null mimetypes are okay for subresources, but as previously discovered
290         in bug 41082 they were required for main resources. Here we ensure
291         that they are required for main resources, but we allow null mimetypes
292         for subresources.
293
294         To fix a crash for bad input we never add a null ArchiveResource to the
295         Archive's subresource collection. It is useless and causes crashes whenever
296         someone iterates the Archive's subresource collection.
297
298         Test: webarchive/loading/test-loading-archive-subresource-null-mimetype.html
299
300         * loader/archive/cf/LegacyWebArchive.cpp:
301         (WebCore::LegacyWebArchive::createResource):
302         Allow a null mimetype, just type check from the dictionary.
303
304         (WebCore::LegacyWebArchive::extract):
305         Require a mimetype for the main resource. Do not add null
306         subresources to the subresource list.
307
308 2011-09-13  Mihai Parparita  <mihaip@chromium.org>
309
310         [Chromium] Remove javascript_engine from WebCore.gyp
311         https://bugs.webkit.org/show_bug.cgi?id=68001
312
313         Reviewed by Tony Chang.
314
315         Remove javascript_engine GYP variable (similar to the removal done on
316         the Chromium side with http://crrev.com/100692)
317
318         * WebCore.gyp/WebCore.gyp:
319
320 2011-09-12  Ryosuke Niwa  <rniwa@webkit.org>
321
322         [CSS3 Backgrounds and Borders] Add unprefixed border-image shorthand.
323         https://bugs.webkit.org/show_bug.cgi?id=67970
324
325         Reviewed by David Hyatt.
326
327         Also update CSSStyleSelector.cpp to support border-image to suppress assertion in
328         fast/borders/border-image-omit-right-slice.html
329
330         * css/CSSStyleSelector.cpp:
331         (WebCore::CSSStyleSelector::applyProperty):
332         (WebCore::CSSStyleSelector::mapNinePieceImage):
333
334 2011-09-13  Xianzhu Wang  <wangxianzhu@chromium.org>
335
336         Reviewed by Darin Adler.
337
338         Webkit wraps between hyphen-minus and numeric characters 
339         https://bugs.webkit.org/show_bug.cgi?id=20677
340
341         Disallow wrapping between a hyphen-minus and a digit if the hyphen-minus
342         is not directly after a digit or a letter.
343
344         Test: fast/text/line-breaks-after-hyphen-before-number.html
345
346         * rendering/break_lines.cpp:
347         (WebCore::asciiLineBreakTable): Disabled line-breaking after '-' and before '.', '0'-'9'. Note: the change for '0'-'9' doesn't really matter because the case is handled hard-coded in shouldBreakAfter().
348         (WebCore::shouldBreakAfter): Changed line-breaking behavior after '-'.
349         (WebCore::nextBreakablePosition): Passes lastLastCh to shouldBreakAfter. 
350
351 2011-09-13  Erik Wright  <erikwright@chromium.org>
352
353         platform/graphics/gtk/FontGtk.cpp was renamed to platform/graphics/pango/FontPango.cpp . Reflect this change in WebCore.gypi to fix a Chromium build breakage.
354         https://bugs.webkit.org/show_bug.cgi?id=68000
355
356         Reviewed by Tony Gentilcore.
357
358         No change in functionality, thus no new tests.
359
360         * WebCore.gypi:
361
362 2011-09-10  Mikhail Naganov  <mnaganov@chromium.org>
363
364         Web Inspector: Profiler: Fix overlapping data in function names column.
365         https://bugs.webkit.org/show_bug.cgi?id=67896
366
367         Reviewed by Pavel Feldman.
368
369         * inspector/front-end/ProfileDataGridTree.js:
370         (WebInspector.ProfileDataGridNode.prototype.createCell):
371         * inspector/front-end/dataGrid.css:
372         (.data-grid table.data):
373         (.data-grid td):
374
375 2011-09-13  Sheriff Bot  <webkit.review.bot@gmail.com>
376
377         Unreviewed, rolling out r95025.
378         http://trac.webkit.org/changeset/95025
379         https://bugs.webkit.org/show_bug.cgi?id=68005
380
381         Test failed on Snow Leopard bots. (Requested by yutak_home on
382         #webkit).
383
384         * websockets/ThreadableWebSocketChannelClientWrapper.cpp:
385         (WebCore::ThreadableWebSocketChannelClientWrapper::ThreadableWebSocketChannelClientWrapper):
386         (WebCore::ThreadableWebSocketChannelClientWrapper::subprotocol):
387         (WebCore::ThreadableWebSocketChannelClientWrapper::setSubprotocol):
388         * websockets/ThreadableWebSocketChannelClientWrapper.h:
389
390 2011-09-13  Yuta Kitamura  <yutak@chromium.org>
391
392         ThreadableWebSocketChannelClientWrapper shouldn't have a String in it.
393         https://bugs.webkit.org/show_bug.cgi?id=67908
394
395         Reviewed by David Levin.
396
397         Replace a String member variable in ThreadableWebSocketChannelClientWrapper with Vector<UChar>.
398
399         No change in functionality, thus no new tests. WebSocket worker tests
400         (tests under http/tests/websocket/tests/{hixie76,hybi}/workers/) should keep passing.
401
402         * websockets/ThreadableWebSocketChannelClientWrapper.cpp:
403         (WebCore::ThreadableWebSocketChannelClientWrapper::ThreadableWebSocketChannelClientWrapper):
404         (WebCore::ThreadableWebSocketChannelClientWrapper::subprotocol):
405         Create a String from Vector<UChar>.
406         (WebCore::ThreadableWebSocketChannelClientWrapper::setSubprotocol):
407         Copy the content of the given String into Vector.
408         * websockets/ThreadableWebSocketChannelClientWrapper.h:
409
410 2011-09-13  Fumitoshi Ukai  <ukai@chromium.org>
411
412         Unreviewed, build fix.
413
414         CSSPropertyBorderImage was added in r94989, but not yet added in
415         WebCore::CSSStyleSelector::applyProperty
416
417         CSSStyleSelector.cpp:2481: warning: enumeration value 'CSSPropertyBorderImage' not handled in switch
418
419         * css/CSSStyleSelector.cpp:
420         (WebCore::CSSStyleSelector::applyProperty):
421
422 2011-09-12  Shinya Kawanaka  <shinyak@google.com>
423
424         Crashes in WebCore::InsertListCommand::unlistifyParagraph.
425         https://bugs.webkit.org/show_bug.cgi?id=67918
426
427         Reviewed by Ryosuke Niwa.
428
429         execCommand("InsertUnorderedList") was crashing if the parent node of the target is
430         a kind of list element and it is not contenteditable.
431         This patch checks the parent node is contenteditable.
432
433         Test: editing/execCommand/insert-list-in-noneditable-list-parent.html
434
435         * editing/htmlediting.cpp:
436         (WebCore::enclosingListChild): Checks the parent node is contenteditable.
437
438 2011-09-12  Sheriff Bot  <webkit.review.bot@gmail.com>
439
440         Unreviewed, rolling out r94975.
441         http://trac.webkit.org/changeset/94975
442         https://bugs.webkit.org/show_bug.cgi?id=67984
443
444         crash in PrerenderBrowserTest.PrerenderHTML5VideoJs (Requested
445         by ukai on #webkit).
446
447         * platform/graphics/chromium/CanvasLayerChromium.h:
448         (WebCore::CanvasLayerChromium::layerTypeAsString):
449         * platform/graphics/chromium/ContentLayerChromium.h:
450         (WebCore::ContentLayerChromium::layerTypeAsString):
451         * platform/graphics/chromium/ImageLayerChromium.h:
452         (WebCore::ImageLayerChromium::layerTypeAsString):
453         * platform/graphics/chromium/LayerChromium.cpp:
454         (WebCore::LayerChromium::layerTreeAsText):
455         (WebCore::writeIndent):
456         (WebCore::LayerChromium::dumpLayer):
457         (WebCore::LayerChromium::dumpLayerProperties):
458         * platform/graphics/chromium/LayerChromium.h:
459         (WebCore::LayerChromium::layerTypeAsString):
460         * platform/graphics/chromium/LayerRendererChromium.cpp:
461         (WebCore::LayerRendererChromium::textureMemoryReclaimLimit):
462         (WebCore::LayerRendererChromium::create):
463         (WebCore::LayerRendererChromium::LayerRendererChromium):
464         (WebCore::LayerRendererChromium::close):
465         (WebCore::LayerRendererChromium::releaseTextures):
466         (WebCore::LayerRendererChromium::drawLayers):
467         (WebCore::LayerRendererChromium::drawLayersInternal):
468         (WebCore::LayerRendererChromium::getOffscreenLayerTexture):
469         (WebCore::LayerRendererChromium::initializeSharedObjects):
470         (WebCore::LayerRendererChromium::cleanupSharedObjects):
471         (WebCore::LayerRendererChromium::layerTreeAsText):
472         (WebCore::LayerRendererChromium::dumpRenderSurfaces):
473         * platform/graphics/chromium/LayerRendererChromium.h:
474         (WebCore::LayerRendererChromium::owner):
475         (WebCore::LayerRendererChromium::rootLayer):
476         (WebCore::LayerRendererChromium::rootLayerImpl):
477         (WebCore::LayerRendererChromium::viewportSize):
478         (WebCore::LayerRendererChromium::contentsTextureManager):
479         * platform/graphics/chromium/ManagedTexture.cpp:
480         (WebCore::ManagedTexture::bindTexture):
481         (WebCore::ManagedTexture::framebufferTexture2D):
482         * platform/graphics/chromium/PluginLayerChromium.h:
483         (WebCore::PluginLayerChromium::layerTypeAsString):
484         * platform/graphics/chromium/RenderSurfaceChromium.cpp:
485         (WebCore::RenderSurfaceChromium::name):
486         (WebCore::writeIndent):
487         (WebCore::RenderSurfaceChromium::dumpSurface):
488         * platform/graphics/chromium/RenderSurfaceChromium.h:
489         * platform/graphics/chromium/TextureManager.cpp:
490         (WebCore::TextureManager::deleteEvictedTextures):
491         (WebCore::TextureManager::removeTexture):
492         (WebCore::TextureManager::allocateTexture):
493         (WebCore::TextureManager::requestTexture):
494         * platform/graphics/chromium/TextureManager.h:
495         (WebCore::TextureManager::setAssociatedContextDebugOnly):
496         (WebCore::TextureManager::associatedContextDebugOnly):
497         * platform/graphics/chromium/TiledLayerChromium.cpp:
498         (WebCore::writeIndent):
499         (WebCore::TiledLayerChromium::dumpLayerProperties):
500         * platform/graphics/chromium/TiledLayerChromium.h:
501         * platform/graphics/chromium/VideoLayerChromium.h:
502         (WebCore::VideoLayerChromium::layerTypeAsString):
503         * platform/graphics/chromium/WebGLLayerChromium.h:
504         (WebCore::WebGLLayerChromium::layerTypeAsString):
505         * platform/graphics/chromium/cc/CCCanvasLayerImpl.cpp:
506         * platform/graphics/chromium/cc/CCCanvasLayerImpl.h:
507         * platform/graphics/chromium/cc/CCLayerImpl.cpp:
508         * platform/graphics/chromium/cc/CCLayerImpl.h:
509         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
510         (WebCore::CCLayerTreeHost::initialize):
511         (WebCore::CCLayerTreeHost::~CCLayerTreeHost):
512         (WebCore::CCLayerTreeHost::commitTo):
513         (WebCore::CCLayerTreeHost::didRecreateGraphicsContext):
514         (WebCore::CCLayerTreeHost::setVisible):
515         (WebCore::CCLayerTreeHost::contentsTextureManager):
516         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
517         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
518         (WebCore::CCLayerTreeHostImpl::drawLayers):
519         (WebCore::CCLayerTreeHostImpl::setVisible):
520         (WebCore::CCLayerTreeHostImpl::initializeLayerRenderer):
521         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
522         * platform/graphics/chromium/cc/CCPluginLayerImpl.cpp:
523         * platform/graphics/chromium/cc/CCPluginLayerImpl.h:
524         * platform/graphics/chromium/cc/CCProxy.h:
525         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
526         (WebCore::CCSingleThreadProxy::initializeLayerRenderer):
527         (WebCore::CCSingleThreadProxy::stop):
528         (WebCore::CCSingleThreadProxy::contentsTextureManager):
529         (WebCore::CCSingleThreadProxy::recreateContextIfNeeded):
530         * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
531         * platform/graphics/chromium/cc/CCThreadProxy.cpp:
532         (WebCore::CCThreadProxy::initializeLayerRenderer):
533         (WebCore::CCThreadProxy::contentsTextureManager):
534         (WebCore::CCThreadProxy::initializeLayerRendererOnCCThread):
535         (WebCore::CCThreadProxy::layerTreeHostClosedOnCCThread):
536         * platform/graphics/chromium/cc/CCThreadProxy.h:
537         * platform/graphics/chromium/cc/CCTiledLayerImpl.cpp:
538         (WebCore::CCTiledLayerImpl::dumpLayerProperties):
539         * platform/graphics/chromium/cc/CCTiledLayerImpl.h:
540         * platform/graphics/chromium/cc/CCVideoLayerImpl.cpp:
541         * platform/graphics/chromium/cc/CCVideoLayerImpl.h:
542
543 2011-09-12  Joseph Pecoraro  <joepeck@webkit.org>
544
545         Possible ASSERT(!storageTracker) in Lazily Initialized StorageTracker
546         https://bugs.webkit.org/show_bug.cgi?id=67957
547
548         Reviewed by Darin Adler.
549
550         The storageTracker singleton may already have been created
551         through StorageTracker::tracker before initializeTracker
552         gets called. Update the ASSERT in this case to check that
553         there is no client for the tracker.
554
555         No test, this depends on how the port initializes the tracker.
556
557         * storage/StorageTracker.cpp:
558         (WebCore::StorageTracker::initializeTracker):
559
560 2011-09-12  Adam Klein  <adamk@chromium.org>
561
562         Fix out-of-bounds access in Gradient::sortStopsIfNecessary
563         https://bugs.webkit.org/show_bug.cgi?id=67958
564
565         Reviewed by Darin Adler.
566
567         Reported by Valgrind in http://crbug.com/77049.
568
569         The errant code was added as an optimization in r67804.
570         This patch reverts that one, as all parties agree that the optimization
571         doesn't seem worthwhile, and there clearly aren't any tests covering
572         the special case.
573
574         No new tests, as existing tests should cover the remaining call to
575         |std::stable_sort|.
576
577         * platform/graphics/Gradient.cpp:
578         (WebCore::Gradient::sortStopsIfNecessary):
579
580 2011-09-12  Jacky Jiang  <zhajiang@rim.com>
581
582         Setting document.title doesn't affect contents of title tag of XHTML documents
583         https://bugs.webkit.org/show_bug.cgi?id=57537
584
585         Reviewed by Alexey Proskuryakov.
586
587         Update the contents of the <title> tag of XHTML documents when setting
588         document.title.
589
590         Test: fast/dom/title-content-set-innerText-get.xhtml
591
592         * dom/Document.cpp:
593         (WebCore::Document::setTitle):
594
595 2011-09-12  Raphael Kubo da Costa  <kubo@profusion.mobi>
596
597         [EFL] Initialize m_unmodifiedText in PlatformKeyboardEventEfl.
598         https://bugs.webkit.org/show_bug.cgi?id=67038
599
600         Reviewed by Kenneth Rohde Christiansen.
601
602         Since most of the time it will return the same thing as text(), we
603         initialize it the same way we initialize m_text. The other case (what
604         would have been generated if no modifiers were pressed) should be
605         covered by this as well.
606
607         As this method is used when handling access keys, tests such as
608         fast/events/access-key-self-destruct.html should now pass.
609
610         No new tests, as this fixes a problem uncovered by the existing ones.
611
612         * platform/efl/PlatformKeyboardEventEfl.cpp:
613         (WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent):
614
615 2011-09-12  Hyowon Kim  <hw1008.kim@samsung.com>
616
617         Reviewed by Eric Seidel.
618
619         [EFL] Add GraphicsContext3DEfl for WebGL and accelerated compositing
620         https://bugs.webkit.org/show_bug.cgi?id=62709
621
622         Add GraphicsContext3D implementation for EFL port.
623         GraphicsContext3D delegates to GraphicsContext3DInternal.
624
625         * platform/graphics/efl/GraphicsContext3DEfl.cpp: Added.
626         (WebCore::GraphicsContext3D::create):
627         (WebCore::GraphicsContext3D::GraphicsContext3D):
628         (WebCore::GraphicsContext3D::~GraphicsContext3D):
629         (WebCore::GraphicsContext3D::platformGraphicsContext3D):
630         (WebCore::GraphicsContext3D::platformLayer):
631         (WebCore::GraphicsContext3D::makeContextCurrent):
632         (WebCore::GraphicsContext3D::isGLES2Compliant):
633         (WebCore::GraphicsContext3D::activeTexture):
634         (WebCore::GraphicsContext3D::attachShader):
635         (WebCore::GraphicsContext3D::bindAttribLocation):
636         (WebCore::GraphicsContext3D::bindBuffer):
637         (WebCore::GraphicsContext3D::bindFramebuffer):
638         (WebCore::GraphicsContext3D::bindRenderbuffer):
639         (WebCore::GraphicsContext3D::bindTexture):
640         (WebCore::GraphicsContext3D::blendColor):
641         (WebCore::GraphicsContext3D::blendEquation):
642         (WebCore::GraphicsContext3D::blendEquationSeparate):
643         (WebCore::GraphicsContext3D::blendFunc):
644         (WebCore::GraphicsContext3D::blendFuncSeparate):
645         (WebCore::GraphicsContext3D::bufferData):
646         (WebCore::GraphicsContext3D::bufferSubData):
647         (WebCore::GraphicsContext3D::checkFramebufferStatus):
648         (WebCore::GraphicsContext3D::clear):
649         (WebCore::GraphicsContext3D::clearColor):
650         (WebCore::GraphicsContext3D::clearDepth):
651         (WebCore::GraphicsContext3D::clearStencil):
652         (WebCore::GraphicsContext3D::colorMask):
653         (WebCore::GraphicsContext3D::compileShader):
654         (WebCore::GraphicsContext3D::copyTexImage2D):
655         (WebCore::GraphicsContext3D::copyTexSubImage2D):
656         (WebCore::GraphicsContext3D::cullFace):
657         (WebCore::GraphicsContext3D::depthFunc):
658         (WebCore::GraphicsContext3D::depthMask):
659         (WebCore::GraphicsContext3D::depthRange):
660         (WebCore::GraphicsContext3D::detachShader):
661         (WebCore::GraphicsContext3D::disable):
662         (WebCore::GraphicsContext3D::disableVertexAttribArray):
663         (WebCore::GraphicsContext3D::drawArrays):
664         (WebCore::GraphicsContext3D::drawElements):
665         (WebCore::GraphicsContext3D::enable):
666         (WebCore::GraphicsContext3D::enableVertexAttribArray):
667         (WebCore::GraphicsContext3D::finish):
668         (WebCore::GraphicsContext3D::flush):
669         (WebCore::GraphicsContext3D::framebufferRenderbuffer):
670         (WebCore::GraphicsContext3D::framebufferTexture2D):
671         (WebCore::GraphicsContext3D::frontFace):
672         (WebCore::GraphicsContext3D::generateMipmap):
673         (WebCore::GraphicsContext3D::getActiveAttrib):
674         (WebCore::GraphicsContext3D::getActiveUniform):
675         (WebCore::GraphicsContext3D::getAttachedShaders):
676         (WebCore::GraphicsContext3D::getAttribLocation):
677         (WebCore::GraphicsContext3D::getBooleanv):
678         (WebCore::GraphicsContext3D::getBufferParameteriv):
679         (WebCore::GraphicsContext3D::getContextAttributes):
680         (WebCore::GraphicsContext3D::getError):
681         (WebCore::GraphicsContext3D::getFloatv):
682         (WebCore::GraphicsContext3D::getFramebufferAttachmentParameteriv):
683         (WebCore::GraphicsContext3D::getIntegerv):
684         (WebCore::GraphicsContext3D::getProgramiv):
685         (WebCore::GraphicsContext3D::getProgramInfoLog):
686         (WebCore::GraphicsContext3D::getRenderbufferParameteriv):
687         (WebCore::GraphicsContext3D::getShaderiv):
688         (WebCore::GraphicsContext3D::getShaderInfoLog):
689         (WebCore::GraphicsContext3D::getShaderSource):
690         (WebCore::GraphicsContext3D::getString):
691         (WebCore::GraphicsContext3D::getTexParameterfv):
692         (WebCore::GraphicsContext3D::getTexParameteriv):
693         (WebCore::GraphicsContext3D::getUniformfv):
694         (WebCore::GraphicsContext3D::getUniformiv):
695         (WebCore::GraphicsContext3D::getUniformLocation):
696         (WebCore::GraphicsContext3D::getVertexAttribfv):
697         (WebCore::GraphicsContext3D::getVertexAttribiv):
698         (WebCore::GraphicsContext3D::getVertexAttribOffset):
699         (WebCore::GraphicsContext3D::hint):
700         (WebCore::GraphicsContext3D::isBuffer):
701         (WebCore::GraphicsContext3D::isEnabled):
702         (WebCore::GraphicsContext3D::isFramebuffer):
703         (WebCore::GraphicsContext3D::isProgram):
704         (WebCore::GraphicsContext3D::isRenderbuffer):
705         (WebCore::GraphicsContext3D::isShader):
706         (WebCore::GraphicsContext3D::isTexture):
707         (WebCore::GraphicsContext3D::lineWidth):
708         (WebCore::GraphicsContext3D::linkProgram):
709         (WebCore::GraphicsContext3D::pixelStorei):
710         (WebCore::GraphicsContext3D::polygonOffset):
711         (WebCore::GraphicsContext3D::readPixels):
712         (WebCore::GraphicsContext3D::releaseShaderCompiler):
713         (WebCore::GraphicsContext3D::renderbufferStorage):
714         (WebCore::GraphicsContext3D::sampleCoverage):
715         (WebCore::GraphicsContext3D::scissor):
716         (WebCore::GraphicsContext3D::shaderSource):
717         (WebCore::GraphicsContext3D::stencilFunc):
718         (WebCore::GraphicsContext3D::stencilFuncSeparate):
719         (WebCore::GraphicsContext3D::stencilMask):
720         (WebCore::GraphicsContext3D::stencilMaskSeparate):
721         (WebCore::GraphicsContext3D::stencilOp):
722         (WebCore::GraphicsContext3D::stencilOpSeparate):
723         (WebCore::GraphicsContext3D::texImage2D):
724         (WebCore::GraphicsContext3D::texParameterf):
725         (WebCore::GraphicsContext3D::texParameteri):
726         (WebCore::GraphicsContext3D::texSubImage2D):
727         (WebCore::GraphicsContext3D::uniform1f):
728         (WebCore::GraphicsContext3D::uniform1fv):
729         (WebCore::GraphicsContext3D::uniform1i):
730         (WebCore::GraphicsContext3D::uniform1iv):
731         (WebCore::GraphicsContext3D::uniform2f):
732         (WebCore::GraphicsContext3D::uniform2fv):
733         (WebCore::GraphicsContext3D::uniform2i):
734         (WebCore::GraphicsContext3D::uniform2iv):
735         (WebCore::GraphicsContext3D::uniform3f):
736         (WebCore::GraphicsContext3D::uniform3fv):
737         (WebCore::GraphicsContext3D::uniform3i):
738         (WebCore::GraphicsContext3D::uniform3iv):
739         (WebCore::GraphicsContext3D::uniform4f):
740         (WebCore::GraphicsContext3D::uniform4fv):
741         (WebCore::GraphicsContext3D::uniform4i):
742         (WebCore::GraphicsContext3D::uniform4iv):
743         (WebCore::GraphicsContext3D::uniformMatrix2fv):
744         (WebCore::GraphicsContext3D::uniformMatrix3fv):
745         (WebCore::GraphicsContext3D::uniformMatrix4fv):
746         (WebCore::GraphicsContext3D::useProgram):
747         (WebCore::GraphicsContext3D::validateProgram):
748         (WebCore::GraphicsContext3D::vertexAttrib1f):
749         (WebCore::GraphicsContext3D::vertexAttrib1fv):
750         (WebCore::GraphicsContext3D::vertexAttrib2f):
751         (WebCore::GraphicsContext3D::vertexAttrib2fv):
752         (WebCore::GraphicsContext3D::vertexAttrib3f):
753         (WebCore::GraphicsContext3D::vertexAttrib3fv):
754         (WebCore::GraphicsContext3D::vertexAttrib4f):
755         (WebCore::GraphicsContext3D::vertexAttrib4fv):
756         (WebCore::GraphicsContext3D::vertexAttribPointer):
757         (WebCore::GraphicsContext3D::viewport):
758         (WebCore::GraphicsContext3D::reshape):
759         (WebCore::GraphicsContext3D::markContextChanged):
760         (WebCore::GraphicsContext3D::markLayerComposited):
761         (WebCore::GraphicsContext3D::layerComposited):
762         (WebCore::GraphicsContext3D::paintRenderingResultsToCanvas):
763         (WebCore::GraphicsContext3D::paintRenderingResultsToImageData):
764         (WebCore::GraphicsContext3D::createBuffer):
765         (WebCore::GraphicsContext3D::createFramebuffer):
766         (WebCore::GraphicsContext3D::createProgram):
767         (WebCore::GraphicsContext3D::createRenderbuffer):
768         (WebCore::GraphicsContext3D::createShader):
769         (WebCore::GraphicsContext3D::createTexture):
770         (WebCore::GraphicsContext3D::deleteBuffer):
771         (WebCore::GraphicsContext3D::deleteFramebuffer):
772         (WebCore::GraphicsContext3D::deleteProgram):
773         (WebCore::GraphicsContext3D::deleteRenderbuffer):
774         (WebCore::GraphicsContext3D::deleteShader):
775         (WebCore::GraphicsContext3D::deleteTexture):
776         (WebCore::GraphicsContext3D::synthesizeGLError):
777         (WebCore::GraphicsContext3D::getExtensions):
778         (WebCore::GraphicsContext3D::getInternalFramebufferSize):
779         (WebCore::GraphicsContext3D::setContextLostCallback):
780         (WebCore::GraphicsContext3D::getImageData):
781
782 2011-09-12  Hyowon Kim  <hw1008.kim@samsung.com>
783
784         Reviewed by Eric Seidel.
785
786         [CMAKE] Remove platform/graphics/opengl/*OpenGL.cpp files in CMakeLists.txt
787         https://bugs.webkit.org/show_bug.cgi?id=62707
788
789         No change in fuctionality so no new tests.
790
791         Bug 62376 makes all ports use GraphicsContext3DOpenGL and
792         Extensions3DOpenGL when enabling WebGL.
793         However, some ports already have their own GC3D implementation.
794         In QT and chromium, for example, GC3D delegates to GC3DInternal.
795         So, it would be better to allow each port to decide whether or not
796         to include files in platform/graphics/opengl. 
797
798         * CMakeLists.txt:
799
800 2011-09-12  Dan Bernstein  <mitz@apple.com>
801
802         <rdar://problem/10054615> Floats in ruby text intrude into the base
803
804         Reviewed by Darin Adler.
805
806         Test: fast/ruby/float-overhang-from-ruby-text.html
807
808         * rendering/RenderRubyText.cpp:
809         (WebCore::RenderRubyText::avoidsFloats): Added. Returns true. This ensures that
810         RenderBlock::clearFloats() will not consider ruby text as having intruding floats.
811         * rendering/RenderRubyText.h:
812
813 2011-09-12  David Hyatt  <hyatt@apple.com>
814
815         https://bugs.webkit.org/show_bug.cgi?id=67970
816
817         Add unprefixed border-image property.
818
819         Reviewed by Beth Dakin.
820
821         * css/CSSComputedStyleDeclaration.cpp:
822         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
823         * css/CSSParser.cpp:
824         (WebCore::CSSParser::parseValue):
825         * css/CSSPropertyNames.in:
826
827 2011-09-12  Ryosuke Niwa  <rniwa@webkit.org>
828
829         REGRESSION: Moving up doesn't work in some cases
830         https://bugs.webkit.org/show_bug.cgi?id=67522
831
832         Reviewed by Eric Seidel.
833
834         The bug was caused by previousLinePosition's attempting to obtain the last root line box using
835         a position at minCaretOffset (which is, in practice, located at the beginning of wrapped lines).
836
837         Fix the bug by calling maxCaretOffset instead. Because isCandidate returns false at (br, 1),
838         use the positionBeforeNode for br elements.
839
840         Test: editing/selection/move-up-into-wrapped-line.html
841
842         * editing/visible_units.cpp:
843         (WebCore::previousLinePosition):
844
845 2011-09-12  David Levin  <levin@chromium.org>
846
847         Make the ThreadSafeRefCounted support in CrossThreadCopier work for T*.
848         https://bugs.webkit.org/show_bug.cgi?id=67947
849
850         Reviewed by Adam Barth.
851
852         The changes are tested by compiling and added compile asserts to do some verification as well.
853
854         * platform/CrossThreadCopier.cpp:
855         Added some compile asserts to verify various match and non-matches for CrossThreadCopier.
856         * platform/CrossThreadCopier.h:
857         Added a typedef to convert T* to T, just like the typedef's to remove RefPtr and PassRefPtr.
858         Added a compile assert to verify that only one of the typedef did anything.
859         (CrossThreadCopierBase<false, true, T>::copy): Remove "get" as it is unnecessary.
860         It shouldn't have been here (PassRefPtr and RefPtr easily and sometimes more efficiently
861         convert to PassRefPtr without get). Also, a raw pointer doesn't have a get() method.
862
863 2011-09-12  Chris Rogers  <crogers@google.com>
864
865         Address lifetime issues in OfflineAudioDestinationNode
866         https://bugs.webkit.org/show_bug.cgi?id=67949
867
868         Reviewed by Kenneth Russell.
869
870         No new tests.  This does not change JavaScript API.
871
872         * webaudio/OfflineAudioDestinationNode.cpp:
873         (WebCore::OfflineAudioDestinationNode::~OfflineAudioDestinationNode):
874         (WebCore::OfflineAudioDestinationNode::render):
875         (WebCore::OfflineAudioDestinationNode::notifyCompleteDispatch):
876
877 2011-09-12  Jeff Timanus  <twiz@chromium.org>
878
879         [chromium]  Prevent a crash when tearing down an ImageBuffer that was not successfully initialized.
880         https://bugs.webkit.org/show_bug.cgi?id=67944
881
882         Reviewed by Stephen White.
883         
884         * platform/graphics/skia/ImageBufferSkia.cpp:
885         (WebCore::ImageBuffer::~ImageBuffer):
886
887 2011-09-12  Michael Saboff  <msaboff@apple.com>
888
889         Update RegExp and related classes to use 8 bit strings when available
890         https://bugs.webkit.org/show_bug.cgi?id=67337
891
892         Updated call to match to use UString& instead of UChar*.
893
894         Reviewed by Gavin Barraclough.
895
896         No new tests, Covered by existing tests.
897
898         * platform/text/RegularExpression.cpp:
899         (WebCore::RegularExpression::match):
900
901 2011-09-12  Beth Dakin  <bdakin@apple.com>
902
903         https://bugs.webkit.org/show_bug.cgi?id=67898
904         REGRESSION(r94900): fast/images/support-broken-image-delegate.html fails on Mac
905
906         Reviewed by Simon Fraser.
907
908         New function willPaintBrokenImage() returns true when there has been an error 
909         loading the image and the broken image icon will be used in its place. This is 
910         necessary since it is possible to have an error loading an image and to NOT use 
911         the broken image icon. 
912         * loader/cache/CachedImage.cpp:
913         (WebCore::CachedImage::willPaintBrokenImage):
914         * loader/cache/CachedImage.h:
915         * rendering/RenderImage.cpp:
916         (WebCore::RenderImage::imageSizeForError):
917
918 2011-09-12  James Robinson  <jamesr@chromium.org>
919
920         [chromium] Move contents texture manager from LayerRendererChromium to CCLayerTreeHost
921         https://bugs.webkit.org/show_bug.cgi?id=67440
922
923         Reviewed by Kenneth Russell.
924
925         This moves the contents TextureManager over to the CCLayerTreeHost, where it belongs, and adds in a commit path
926         to make sure that textures are deleted even if the page is not visible.  This move also removed the need for
927         LayerRendererChromium's CCLayerTreeHost pointer, so I removed that as well.  That meant moving the
928         layerTreeAsText() logic over to the CCLayerImpl side, which is where it really belonged anyway.
929
930         Covered by existing compositing/ tests and
931         platform/chromium/compositor/lost-compositor-context-with-rendersurface.html
932
933         * platform/graphics/chromium/LayerRendererChromium.cpp:
934         (WebCore::LayerRendererChromium::releaseRenderSurfaceTextures):
935         (WebCore::LayerRendererChromium::drawLayers):
936         (WebCore::LayerRendererChromium::initializeSharedObjects):
937         (WebCore::LayerRendererChromium::cleanupSharedObjects):
938         * platform/graphics/chromium/LayerRendererChromium.h:
939         (WebCore::LayerRendererChromium::setContentsTextureMemoryUseBytes):
940         * platform/graphics/chromium/TextureManager.cpp:
941         (WebCore::TextureManager::highLimitBytes):
942         (WebCore::TextureManager::reclaimLimitBytes):
943         (WebCore::TextureManager::lowLimitBytes):
944         * platform/graphics/chromium/TextureManager.h:
945         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
946         (WebCore::CCLayerTreeHost::initialize):
947         (WebCore::CCLayerTreeHost::~CCLayerTreeHost):
948         (WebCore::CCLayerTreeHost::deleteContentsTextures):
949         (WebCore::CCLayerTreeHost::commitTo):
950         (WebCore::CCLayerTreeHost::setVisible):
951         (WebCore::CCLayerTreeHost::contentsTextureManager):
952         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
953         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
954         (WebCore::CCLayerTreeHostImpl::setVisible):
955         * platform/graphics/chromium/cc/CCProxy.h:
956         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
957         (WebCore::CCSingleThreadProxy::setNeedsCommit):
958         (WebCore::CCSingleThreadProxy::stop):
959         * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
960         * platform/graphics/chromium/cc/CCThreadProxy.cpp:
961         (WebCore::CCThreadProxy::setNeedsCommit):
962         (WebCore::CCThreadProxy::setNeedsCommitOnCCThread):
963         (WebCore::CCThreadProxy::layerTreeHostClosedOnCCThread):
964         * platform/graphics/chromium/cc/CCThreadProxy.h:
965
966 2011-09-12  Chris Rogers  <crogers@google.com>
967
968         DelayNode delay buffer is not correctly wrapping around
969         https://bugs.webkit.org/show_bug.cgi?id=67872
970
971         Reviewed by Kenneth Russell.
972
973         Test: webaudio/delaynode.html
974
975         * webaudio/DelayDSPKernel.cpp:
976         (WebCore::DelayDSPKernel::process):
977
978 2011-09-12  Arko Saha  <arko@motorola.com>
979
980         Selectstart is not fired when selection was created by arrow keys.
981         https://bugs.webkit.org/show_bug.cgi?id=60430
982
983         Reviewed by Ryosuke Niwa.
984
985         Fire selectstart when a user starts extending the selection using arrow key.
986         Fixed by Arko Saha  <arko@motorola.com> and Kaustubh Atrawalkar  <kaustubh@motorola.com>
987
988         Tests: fast/events/selectstart-by-arrow-keys-prevent-default.html
989                fast/events/selectstart-by-arrow-keys.html
990
991         * editing/FrameSelection.cpp:
992         (WebCore::FrameSelection::modify):
993         (WebCore::FrameSelection::shouldChangeSelection):
994         (WebCore::FrameSelection::dispatchSelectStart):
995         * editing/FrameSelection.h:
996
997 2011-09-12  James Robinson  <jamesr@chromium.org>
998
999         [chromium] REGRESSION(94353): Compositor textures and resources leaked when tab closed that is not last tab in the process
1000         https://bugs.webkit.org/show_bug.cgi?id=67816
1001
1002         Reviewed by Kenneth Russell.
1003
1004         We lack infrastructure to construct an automated test for this today. To test manually, open up a composited
1005         page (like the poster circle), duplicate the tab many times, close all the duplicates, and verify that the
1006         memory use returns to the single tab level.
1007
1008         * platform/graphics/chromium/LayerChromium.h:
1009         * platform/graphics/chromium/TiledLayerChromium.cpp:
1010         (WebCore::TiledLayerChromium::setLayerTreeHost):
1011         * platform/graphics/chromium/VideoLayerChromium.cpp:
1012         (WebCore::VideoLayerChromium::setLayerTreeHost):
1013         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
1014         (WebCore::CCLayerTreeHost::clearRenderSurfacesRecursive):
1015         (WebCore::CCLayerTreeHost::setRootLayer):
1016         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
1017
1018 2011-09-12  Kentaro Hara  <haraken@google.com>
1019
1020         Implement a HashChangeEvent constructor for JSC
1021         https://bugs.webkit.org/show_bug.cgi?id=67924
1022
1023         Reviewed by Sam Weinig.
1024
1025         The spec for the HashChangeEvent constructor is here:
1026         http://www.whatwg.org/specs/web-apps/current-work/#hashchangeevent
1027
1028         Test: fast/events/constructors/hash-change-event-constructor.html
1029
1030         * bindings/generic/EventConstructors.h: Added a definition for the HashChangeEvent constructor.
1031         * bindings/js/JSEventConstructors.cpp: Added #includes for HashChangeEvent.
1032         * dom/HashChangeEvent.h: Added a definition for HashChangeEventInit.
1033         (WebCore::HashChangeEventInit::HashChangeEventInit):
1034         (WebCore::HashChangeEvent::create):
1035         (WebCore::HashChangeEvent::HashChangeEvent):
1036         * dom/HashChangeEvent.idl: Makes HashChangeEvent constructible.
1037
1038 2011-09-12  Mike Reed  <reed@google.com>
1039
1040         [skia] remove dead code, no functionality change
1041         https://bugs.webkit.org/show_bug.cgi?id=67844
1042
1043         Reviewed by Kenneth Russell.
1044
1045         No new tests. just removing dead-code, existing tests apply
1046
1047         * platform/graphics/chromium/FontChromiumWin.cpp:
1048         (WebCore::Font::drawGlyphs):
1049
1050 2011-09-12  Pavel Feldman  <pfeldman@google.com>
1051
1052         Web Inspector: Runtime.callFunctionOn does not accept arguments that evaluate to false.
1053         https://bugs.webkit.org/show_bug.cgi?id=67934
1054
1055         Reviewed by Tony Gentilcore.
1056
1057         * inspector/InjectedScriptSource.js:
1058
1059 2011-09-12  Pavel Feldman  <pfeldman@google.com>
1060
1061         Web Inspector: event dividers do not update timeline boundaries.
1062         https://bugs.webkit.org/show_bug.cgi?id=67932
1063
1064         * inspector/front-end/NetworkPanel.js:
1065         (WebInspector.NetworkLogView.prototype._onLoadEventFired):
1066         (WebInspector.NetworkLogView.prototype._domContentLoadedEventFired):
1067         (WebInspector.NetworkLogView.prototype.refresh):
1068         (WebInspector.NetworkTimeCalculator.prototype.updateBoundariesForEventTime):
1069
1070 2011-09-12  Kentaro Hara  <haraken@google.com>
1071
1072         Implement a WebKitAnimationEvent constructor for V8
1073         https://bugs.webkit.org/show_bug.cgi?id=67922
1074
1075         Reviewed by Adam Barth.
1076
1077         Test: fast/events/constructors/webkit-animation-event-constructor.html
1078
1079         * bindings/v8/custom/V8EventConstructors.cpp: Added the WebKitAnimationEvent constructor.
1080         * dom/WebKitAnimationEvent.idl: Added a 'V8CustomConstructor' attribute.
1081
1082 2011-09-12  Andreas Kling  <kling@webkit.org>
1083
1084         Shrink CanvasGradient for builds without ENABLE(DASHBOARD_SUPPORT).
1085         https://bugs.webkit.org/show_bug.cgi?id=67916
1086
1087         Reviewed by Kenneth Rohde Christiansen.
1088
1089         * html/canvas/CanvasGradient.cpp:
1090         (WebCore::CanvasGradient::CanvasGradient):
1091         (WebCore::CanvasGradient::addColorStop):
1092         * html/canvas/CanvasGradient.h:
1093
1094 2011-09-12  Shinya Kawanaka  <shinyak@google.com>
1095
1096         Characters beyond U+10000 should be deleted by one pressing delete key.
1097         https://bugs.webkit.org/show_bug.cgi?id=40351
1098
1099         Reviewed by Kent Tamura.
1100
1101         If a character is the trail part of unicode surrogate pair, the lead part of it
1102         should also be deleted. Also, If in MacOSX, the deletion should honor Mac's behavior.
1103
1104         Test: editing/deleting/delete-surrogatepair.html
1105
1106         * rendering/RenderText.cpp:
1107         (WebCore::RenderText::previousOffsetForBackwardDeletion):
1108           Added if-macro to support chromium on mac, and added trail part check for unicode character.
1109
1110 2011-09-11  Kentaro Hara  <haraken@google.com>
1111
1112         Implement a ProgressEvent constructor for V8
1113         https://bugs.webkit.org/show_bug.cgi?id=67800
1114
1115         Reviewed by Sam Weinig.
1116
1117         Test: fast/events/constructors/progress-event-constructor.html
1118
1119         * bindings/js/JSDictionary.cpp:
1120         (WebCore::JSDictionary::convertValue): Replaced UnsignedLongLongMax with std::numeric_limits<unsigned long long>::max().
1121         * bindings/v8/OptionsObject.cpp:
1122         (WebCore::OptionsObject::getKeyValue): Returns an unsigned long long value corresponding to a given key. Spec: http://www.w3.org/TR/WebIDL/#es-unsigned-long-long
1123         * bindings/v8/OptionsObject.h:
1124         * bindings/v8/custom/V8EventConstructors.cpp: Added the ProgressEvent constructor.
1125         * dom/ProgressEvent.idl: Added a 'V8CustomConstructor' attribute.
1126
1127 2011-09-11  Dimitri Glazkov  <dglazkov@chromium.org>
1128
1129         REGRESSION (r87351): toggling display of lots (thousands) of elements with display:none is very slow
1130         https://bugs.webkit.org/show_bug.cgi?id=67581
1131
1132         Reviewed by Darin Adler.
1133
1134         Test: perf/show-hide-table-rows.html
1135
1136         * dom/NodeRenderingContext.cpp:
1137         (WebCore::NodeRendererFactory::createRendererAndStyle): Moved style-creating code into createRendererIfNeeded, renamed
1138             to createRenderer.
1139         (WebCore::NodeRendererFactory::createRendererIfNeeded): Re-arrange code to avoid unnecessary creation of renderers.
1140
1141 2011-09-11  Jeremy Moskovich  <jeremy@chromium.org>
1142
1143         [Chromium] Change OOP Font loading code to use CGFont*() APIs.
1144         https://bugs.webkit.org/show_bug.cgi?id=66935
1145
1146         This change is necessary due a bug in ATSFontDeactivate() on 10.7.
1147         See crbug.com/93191 for details.
1148
1149         Reviewed by Eric Seidel.
1150
1151         No new tests - covered by existing tests.
1152
1153         * platform/chromium/PlatformBridge.h:
1154         * platform/graphics/chromium/CrossProcessFontLoading.h:
1155         * platform/graphics/chromium/CrossProcessFontLoading.mm:
1156         (WebCore::MemoryActivatedFont::create):
1157         (WebCore::MemoryActivatedFont::MemoryActivatedFont):
1158         (WebCore::MemoryActivatedFont::~MemoryActivatedFont):
1159
1160 2011-09-09  Oliver Hunt  <oliver@apple.com>
1161
1162         Remove support for anonymous storage from jsobjects
1163         https://bugs.webkit.org/show_bug.cgi?id=67881
1164
1165         Reviewed by Sam Weinig.
1166
1167         Remove all use of anonymous slots, this required modifying
1168         bindings generation to add member variables for cached attributes,
1169         and override visitChildren with the necessary logic to mark those
1170         new members.
1171
1172         I added bindings generation tests for these values.
1173
1174         * bindings/js/JSAudioConstructor.h:
1175         (WebCore::JSAudioConstructor::createStructure):
1176         * bindings/js/JSDOMBinding.h:
1177         (WebCore::DOMConstructorObject::createStructure):
1178         * bindings/js/JSDOMGlobalObject.h:
1179         (WebCore::JSDOMGlobalObject::createStructure):
1180         * bindings/js/JSDOMWindowBase.h:
1181         (WebCore::JSDOMWindowBase::createStructure):
1182         * bindings/js/JSDOMWindowShell.h:
1183         (WebCore::JSDOMWindowShell::createStructure):
1184         * bindings/js/JSDOMWrapper.h:
1185         (WebCore::JSDOMWrapper::createStructure):
1186         * bindings/js/JSImageConstructor.h:
1187         (WebCore::JSImageConstructor::createStructure):
1188         * bindings/js/JSMessageEventCustom.cpp:
1189         (WebCore::JSMessageEvent::data):
1190         (WebCore::JSMessageEvent::initMessageEvent):
1191         * bindings/js/JSOptionConstructor.h:
1192         (WebCore::JSOptionConstructor::createStructure):
1193         * bindings/js/JSWorkerContextBase.h:
1194         (WebCore::JSWorkerContextBase::createStructure):
1195         * bindings/scripts/CodeGeneratorJS.pm:
1196         (GenerateHeader):
1197         (GenerateImplementation):
1198         (GenerateConstructorDeclaration):
1199         * bindings/scripts/test/JS/JSTestInterface.cpp:
1200         (WebCore::JSTestInterfaceConstructor::createStructure):
1201         * bindings/scripts/test/JS/JSTestInterface.h:
1202         (WebCore::JSTestInterface::createStructure):
1203         (WebCore::JSTestInterfacePrototype::createStructure):
1204         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
1205         (WebCore::JSTestMediaQueryListListenerConstructor::createStructure):
1206         * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
1207         (WebCore::JSTestMediaQueryListListener::createStructure):
1208         (WebCore::JSTestMediaQueryListListenerPrototype::createStructure):
1209         * bindings/scripts/test/JS/JSTestObj.cpp:
1210         (WebCore::JSTestObjConstructor::createStructure):
1211         (WebCore::jsTestObjCachedAttribute1):
1212         (WebCore::jsTestObjCachedAttribute2):
1213         (WebCore::JSTestObj::visitChildren):
1214         * bindings/scripts/test/JS/JSTestObj.h:
1215         (WebCore::JSTestObj::createStructure):
1216         (WebCore::JSTestObjPrototype::createStructure):
1217         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
1218         (WebCore::JSTestSerializedScriptValueInterfaceConstructor::createStructure):
1219         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
1220         (WebCore::JSTestSerializedScriptValueInterface::createStructure):
1221         (WebCore::JSTestSerializedScriptValueInterfacePrototype::createStructure):
1222         * bindings/scripts/test/TestObj.idl:
1223         * bindings/scripts/test/V8/V8TestObj.cpp:
1224         (WebCore::TestObjInternal::cachedAttribute1AttrGetter):
1225         (WebCore::TestObjInternal::cachedAttribute2AttrGetter):
1226         * bridge/c/CRuntimeObject.h:
1227         (JSC::Bindings::CRuntimeObject::createStructure):
1228         * bridge/c/c_instance.cpp:
1229         (JSC::Bindings::CRuntimeMethod::createStructure):
1230         * bridge/jni/jsc/JavaInstanceJSC.cpp:
1231         (JavaRuntimeMethod::createStructure):
1232         * bridge/jni/jsc/JavaRuntimeObject.h:
1233         (JSC::Bindings::JavaRuntimeObject::createStructure):
1234         * bridge/objc/ObjCRuntimeObject.h:
1235         (JSC::Bindings::ObjCRuntimeObject::createStructure):
1236         * bridge/objc/objc_instance.mm:
1237         (ObjCRuntimeMethod::createStructure):
1238         * bridge/objc/objc_runtime.h:
1239         (JSC::Bindings::ObjcFallbackObjectImp::createStructure):
1240         * bridge/runtime_array.h:
1241         (JSC::RuntimeArray::createStructure):
1242         * bridge/runtime_method.h:
1243         (JSC::RuntimeMethod::createStructure):
1244         * bridge/runtime_object.h:
1245         (JSC::Bindings::RuntimeObject::createStructure):
1246
1247 2011-09-01  Filip Pizlo  <fpizlo@apple.com>
1248
1249         The executable allocator makes it difficult to free individual
1250         chunks of executable memory
1251         https://bugs.webkit.org/show_bug.cgi?id=66363
1252
1253         Reviewed by Oliver Hunt.
1254         
1255         Introduced a best-fit, balanced-tree based allocator. The allocator
1256         required a balanced tree that does not allocate memory and that
1257         permits the removal of individual nodes directly (as opposed to by
1258         key); neither AVLTree nor WebCore's PODRedBlackTree supported this.
1259         Changed all references to executable code to use a reference counted
1260         handle.
1261
1262         No new layout tests because behavior is not changed.  New API unit
1263         tests:
1264         Tests/WTF/RedBlackTree.cpp
1265         Tests/WTF/MetaAllocator.cpp
1266
1267         * ForwardingHeaders/wtf/MetaAllocatorHandle.h: Added.
1268
1269 2011-09-10  Sam Weinig  <sam@webkit.org>
1270
1271         Add isInterruptedExecutionException and isTerminatedExecutionException predicates
1272         https://bugs.webkit.org/show_bug.cgi?id=67892
1273
1274         Reviewed by Andy "First Time Reviewer" Estes.
1275
1276         * bindings/js/JSDOMBinding.cpp:
1277         (WebCore::reportException):
1278         * bindings/js/JSEventListener.cpp:
1279         (WebCore::JSEventListener::handleEvent):
1280         * bindings/js/WorkerScriptController.cpp:
1281         (WebCore::WorkerScriptController::evaluate):
1282         Use the new predicates instead of probing the ClassInfo directly.
1283
1284 2011-09-10  Kevin Ollivier  <kevino@theolliviers.com>
1285
1286         [wx] Unreviewed build fix. MSW build fixes.
1287
1288         * config.h:
1289
1290 2011-09-09  David Hyatt  <hyatt@apple.com>
1291
1292         https://bugs.webkit.org/show_bug.cgi?id=67861
1293         
1294         Implement border-image-outset (and the mask equivalents).
1295
1296         Reviewed by Beth Dakin.
1297
1298         Added new tests in fast/borders and fast/reflections.
1299
1300         * css/CSSBorderImageValue.cpp:
1301         (WebCore::CSSBorderImageValue::CSSBorderImageValue):
1302         (WebCore::CSSBorderImageValue::cssText):
1303         * css/CSSBorderImageValue.h:
1304         (WebCore::CSSBorderImageValue::create):
1305         Add m_outset field to CSSBorderImageValue and teach it how to dump the field as
1306         part of cssText().
1307
1308         * css/CSSComputedStyleDeclaration.cpp:
1309         (WebCore::valueForNinePieceImageQuad):
1310         (WebCore::valueForNinePieceImage):
1311         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
1312         Add support for border-image-outset and -webkit-mask-box-image-outset. Refactor
1313         the code so that border-image-width and border-image-outset use a common
1314         function.
1315
1316         * css/CSSParser.cpp:
1317         (WebCore::CSSParser::parseValue):
1318         (WebCore::BorderImageParseContext::BorderImageParseContext):
1319         (WebCore::BorderImageParseContext::allowOutset):
1320         (WebCore::BorderImageParseContext::commitSlash):
1321         (WebCore::BorderImageParseContext::commitBorderWidth):
1322         (WebCore::BorderImageParseContext::commitBorderOutset):
1323         (WebCore::BorderImageParseContext::commitRepeat):
1324         (WebCore::BorderImageParseContext::commitBorderImage):
1325         (WebCore::CSSParser::parseBorderImage):
1326         Teach the border image parsing code about outsets. This code will soon be
1327         replaced by true shorthand parsing code, but for now keep it working and add
1328         outset support to it.
1329
1330         (WebCore::BorderImageQuadParseContext::BorderImageQuadParseContext):
1331         (WebCore::BorderImageQuadParseContext::commitBorderImageQuad):
1332         (WebCore::CSSParser::parseBorderImageQuad):
1333         (WebCore::CSSParser::parseBorderImageWidth):
1334         (WebCore::CSSParser::parseBorderImageOutset):
1335         * css/CSSParser.h:
1336         Refactor the border-image-width code so that it can be shared by border-image-outset, since
1337         they are extremely similar.
1338
1339         * css/CSSPropertyNames.in:
1340         Add the new properties.
1341
1342         * css/CSSStyleSelector.cpp:
1343         (WebCore::CSSStyleSelector::applyProperty):
1344         (WebCore::CSSStyleSelector::mapNinePieceImage):
1345         (WebCore::CSSStyleSelector::mapNinePieceImageQuad):
1346         (WebCore::CSSStyleSelector::loadPendingImages):
1347         * css/CSSStyleSelector.h:
1348         Refactor the code so that width/outset share common mapping functions. Add support for outset.
1349
1350         * rendering/InlineFlowBox.cpp:
1351         (WebCore::InlineFlowBox::addToLine):
1352         (WebCore::InlineFlowBox::addBoxShadowVisualOverflow):
1353         (WebCore::InlineFlowBox::addBorderOutsetVisualOverflow):
1354         (WebCore::InlineFlowBox::computeOverflow):
1355         Add new functions for computing the visual overflow caused by border outsets. Fix bugs in
1356         the shadow overflow code as well.
1357
1358         (WebCore::clipRectForNinePieceImageStrip):
1359         (WebCore::InlineFlowBox::paintBoxDecorations):
1360         (WebCore::InlineFlowBox::paintMask):
1361         * rendering/InlineFlowBox.h:
1362         Make sure the clip rect pushed when painting one piece of a split inline strip is expanded to
1363         include the border and mask outsets. Always include the block direction expansion, and conditionally
1364         include the inline direction expansion based off includeLogicalLeftEdge()/includeLogicalRightEdge().
1365         clipRectForNinePieceImageStrip is a common function shared by masks and border images that does this
1366         work.
1367
1368         * rendering/RenderBlock.cpp:
1369         (WebCore::RenderBlock::computeOverflow):
1370         * rendering/RenderBox.cpp:
1371         (WebCore::RenderBox::maskClipRect):
1372         (WebCore::RenderBox::addBoxShadowAndBorderOverflow):
1373         * rendering/RenderBox.h:
1374         Rename addShadowOverflow to addBoxShadowAndBorderOverflow. Have it compute both shadow and border image
1375         outset overflow. Fix bugs with shadow overflow computation.
1376
1377         * rendering/RenderBoxModelObject.cpp:
1378         (WebCore::RenderBoxModelObject::paintNinePieceImage):
1379         Change painting to apply the outsets to inflate the border image drawing area.
1380
1381         * rendering/RenderEmbeddedObject.cpp:
1382         (WebCore::RenderEmbeddedObject::layout):
1383         * rendering/RenderIFrame.cpp:
1384         (WebCore::RenderIFrame::layout):
1385         Patched to call the renamed addBoxShadowAndBorderOverflow function instead of addShadowOverflow.
1386
1387         * rendering/RenderLayer.cpp:
1388         (WebCore::RenderLayer::calculateRects):
1389         Patched to no longer apply box-shadow to overflow clip areas when inflating the intersection area for the
1390         layer bounds. Instead we generically apply all visual overflow so that border image outsets will also be
1391         included. This fixes https://bugs.webkit.org/show_bug.cgi?id=37467.
1392
1393         * rendering/RenderReplaced.cpp:
1394         (WebCore::RenderReplaced::layout):
1395         Patched to call the renamed addBoxShadowAndBorderOverflow function instead of addShadowOverflow.
1396
1397         * rendering/style/NinePieceImage.cpp:
1398         (WebCore::NinePieceImage::operator==):
1399         * rendering/style/NinePieceImage.h:
1400         (WebCore::NinePieceImage::NinePieceImage):
1401         (WebCore::NinePieceImage::outset):
1402         (WebCore::NinePieceImage::setOutset):
1403         (WebCore::NinePieceImage::computeOutset):
1404         (WebCore::NinePieceImage::copyOutsetFrom):
1405         Add the outset field to NinePieceImage along with some helpers for manipulating outsets.
1406
1407         * rendering/style/RenderStyle.cpp:
1408         (WebCore::RenderStyle::getImageOutsets):
1409         (WebCore::RenderStyle::getImageHorizontalOutsets):
1410         (WebCore::RenderStyle::getImageVerticalOutsets):
1411         * rendering/style/RenderStyle.h:
1412         (WebCore::InheritedFlags::hasBorderImageOutsets):
1413         (WebCore::InheritedFlags::getBorderImageOutsets):
1414         (WebCore::InheritedFlags::getBorderImageHorizontalOutsets):
1415         (WebCore::InheritedFlags::getBorderImageVerticalOutsets):
1416         (WebCore::InheritedFlags::getBorderImageInlineDirectionOutsets):
1417         (WebCore::InheritedFlags::getBorderImageBlockDirectionOutsets):
1418         (WebCore::InheritedFlags::getImageInlineDirectionOutsets):
1419         (WebCore::InheritedFlags::getImageBlockDirectionOutsets):
1420         Helpers for outset computation used by painting and overflow functions.
1421
1422 2011-09-10  Dan Bernstein  <mitz@apple.com>
1423
1424         Actually prevent unnecessary casts to MediaControls*.
1425
1426         Reviewed by Oliver Hunt.
1427
1428         * html/shadow/MediaControls.h:
1429
1430 2011-09-10  Ryosuke Niwa  <rniwa@webkit.org>
1431
1432         Remove printf added by r94900.
1433
1434         * rendering/RenderLayer.cpp:
1435         (WebCore::RenderLayer::drawPlatformResizerImage):
1436
1437 2011-09-09  Chris Marrin  <cmarrin@apple.com>
1438
1439         requestAnimationFrame doesn't throttle on Mac
1440         https://bugs.webkit.org/show_bug.cgi?id=67171
1441
1442         Reviewed by Simon Fraser.
1443
1444         Changed requestAnimationFrame to use a Timer in ScriptedAnimationController
1445         on Mac, rather than runLoopObservers. The Timer is throttled to fire no
1446         faster than every 15ms. It is behind a WTF_USE_REQUEST_ANIMATION_FRAME_TIMER
1447         flag and can be used by any implementation, but currently it is only enabled
1448         by PLATFORM(MAC).
1449
1450         * dom/ScriptedAnimationController.cpp:
1451         (WebCore::ScriptedAnimationController::ScriptedAnimationController):
1452         (WebCore::ScriptedAnimationController::resume):
1453         (WebCore::ScriptedAnimationController::registerCallback):
1454         (WebCore::ScriptedAnimationController::serviceScriptedAnimations):
1455         (WebCore::ScriptedAnimationController::scheduleAnimation):
1456         (WebCore::ScriptedAnimationController::animationTimerFired):
1457         * dom/ScriptedAnimationController.h:
1458         * loader/EmptyClients.h:
1459         * page/Chrome.cpp:
1460         (WebCore::Chrome::scheduleAnimation):
1461         * page/ChromeClient.h:
1462
1463 2011-09-10  Jarred Nicholls  <jarred@sencha.com>
1464
1465         [Qt] QWebSettings::setUserStyleSheetUrl() does not work with windows paths that contain drive letters
1466         https://bugs.webkit.org/show_bug.cgi?id=34884
1467         
1468         KURL::path() alone does not handle removing the leading slash from a windows file path.
1469         Using QUrl::toLocalFile() will turn file:///C:/path into C:/path appropriately.
1470
1471         Reviewed by Andreas Kling.
1472
1473         * platform/qt/KURLQt.cpp:
1474         (WebCore::KURL::fileSystemPath):
1475
1476 2011-09-10  Ken Buchanan <kenrb@chromium.org>
1477
1478         Crash due to bad data in SVGDocumentExtensions m_pendingResources
1479         https://bugs.webkit.org/show_bug.cgi?id=67488
1480
1481         Reviewed by Nikolas Zimmermann.
1482
1483         Resolving a crash condition caused by the deletion of
1484         elements while pending resource entries for those elements are still
1485         recorded.
1486
1487         * rendering/svg/RenderSVGResourceContainer.cpp:
1488         (WebCore::RenderSVGResourceContainer::registerResource)
1489         * svg/SVGDocumentExtensions.h:
1490         (WebCore::SVGDocumentExtensions::isElementInPendingResources)
1491         * svg/SVGDocumentExtensions.cpp:
1492         (WebCore::SVGDocumentExtensions::addPendingResource)
1493         (WebCore::SVGDocumentExtensions::isElementInPendingResources)
1494         (WebCore::SVGDocumentExtensions::removeElementFromPendingResources)
1495         * svg/SVGStyledElement.h:
1496         (WebCore::SVGStyledElement::clearHasPendingResourcesIfPossible)
1497         * svg/SVGStyledElement.cpp:
1498         (WebCore::SVGStyledElement::buildPendingResourcesIfNeeded)
1499         (WebCore::SVGStyledElement::clearHasPendingResourcesIfPossible)
1500         * svg/SVGUseElement.cpp:
1501         (WebCore::SVGUseElement::svgAttributeChanged)
1502
1503 2011-09-10  Adam Barth  <abarth@webkit.org>
1504
1505         Remove DocumentWriter::deprecatedFrameEncoding()
1506         https://bugs.webkit.org/show_bug.cgi?id=67882
1507
1508         Reviewed by Eric Seidel.
1509
1510         Three years ago, in http://trac.webkit.org/changeset/39026, Alexey
1511         Proskuryakov added ContentDispositionEncodingFallbackArray to work
1512         around a web site compatibility issue with a non-ASCII file name
1513         becoming garbled when received in the Content-Disposition header.
1514
1515         Since that time, there has been copious discussion of this topic among
1516         browser vendors, in the IETF, and in the broader web community.  For
1517         example, here is a Stack Overflow thread about this topic:
1518
1519         http://stackoverflow.com/questions/93551/how-to-encode-the-filename-parameter-of-content-disposition-header-in-http
1520
1521         Eric Lawrence has written a blog post that summarizes IE's perspective
1522         on this issue:
1523
1524         http://blogs.msdn.com/b/ieinternals/archive/2010/06/07/content-disposition-attachment-and-international-unicode-characters.aspx
1525
1526         The current consensus is that browsers should implement RFC 6266,
1527         which is a new RFC that updates the definition of the
1528         Content-Disposition header.  Chrome and Firefox have both implemented
1529         RFC 6266 and have encountered only one issue, which was then fixed by
1530         the web site operator.  IE has also implemented RFC 6266, but I don't
1531         have detailed information about their compatibility experience.
1532
1533         This patch add explicit PLATFORM #ifdefs around the quirky
1534         implementation previously used in Apple's Mac and Windows ports.  This
1535         code is already only used on Apple's ports, so this patch introduces no
1536         functional changes.  It does, however, discourage other ports from
1537         adopting this quirk.  IMHO, Apple should remove this quirk as soon as
1538         compatibility allows and converge behavior with the other major browser
1539         vendors.
1540
1541         See bug for manual test (the bug manifests in Safari download UI).
1542
1543         * loader/DocumentWriter.cpp:
1544         * loader/DocumentWriter.h:
1545         * loader/FrameLoader.cpp:
1546         (WebCore::FrameLoader::addExtraFieldsToRequest):
1547         * platform/network/ResourceRequestBase.cpp:
1548         (WebCore::ResourceRequestBase::adopt):
1549         (WebCore::ResourceRequestBase::copyData):
1550         * platform/network/ResourceRequestBase.h:
1551
1552 2011-09-09  Beth Dakin  <bdakin@apple.com>
1553
1554         Attempted Leopard build fix.
1555
1556         * rendering/RenderImage.cpp:
1557         (WebCore::RenderImage::paintReplaced):
1558         * rendering/RenderLayer.cpp:
1559         (WebCore::RenderLayer::drawPlatformResizerImage):
1560
1561 2011-09-09  Beth Dakin  <bdakin@apple.com>
1562
1563         Fix for https://bugs.webkit.org/show_bug.cgi?id=67819
1564         Use high resolution platform images when the deviceScaleFactor > 1
1565         -and corresponding-
1566         <rdar://problem/10003098>
1567
1568         Reviewed by Darin Adler.
1569
1570         Add all of the new high resolution images. I also removed some tiffs from the 
1571         project and replaced them with png equivalents (that are already checked into 
1572         WebCore anyway). Since the high resolution images are pngs, it makes sense to use 
1573         pngs for all of the images that load through Image::loadPlatformResource()
1574         * WebCore.xcodeproj/project.pbxproj:
1575         * platform/graphics/mac/ImageMac.mm:
1576         (WebCore::Image::loadPlatformResource):
1577
1578         Load the @2x resource for deviceScaleFactors >= 2.
1579         * editing/DeleteButtonController.cpp:
1580         (WebCore::DeleteButtonController::createDeletionUI):
1581
1582         CachedImage::brokenImage() is no longer a static helper function, but a real 
1583         member function. It also now loads the @2x resource for deviceScaleFactors >= 2 
1584         and takes a parameter for the deviceScaleFactor. When CachedImage::image() returns 
1585         the brokenImage(), it just returns the 1x version. brokenImage() has to be called 
1586         directly to reliably return the deviceScaleFactor-appropriate resource.
1587         * loader/cache/CachedImage.cpp:
1588         (WebCore::CachedImage::brokenImage):
1589         (WebCore::CachedImage::image):
1590         * loader/cache/CachedImage.h:
1591         * rendering/RenderLayer.cpp:
1592         (WebCore::RenderLayer::drawPlatformResizerImage):
1593         (WebCore::RenderLayer::paintResizer):
1594         * rendering/RenderLayer.h:
1595
1596         New static function to retrieve the deviceScaleFactor for callers that do not have 
1597         direct access to a Page.
1598         * page/Page.cpp:
1599         (WebCore::Page::deviceScaleFactor):
1600         * page/Page.h:
1601
1602         Call CachedImage::brokenImage() for the broken-image image at an accurate 
1603         resolution.
1604         * rendering/RenderImage.cpp:
1605         (WebCore::RenderImage::imageSizeForError):
1606         (WebCore::RenderImage::paintReplaced):
1607
1608 2011-09-09  Erik Arvidsson  <arv@chromium.org>
1609
1610         Move Element.contains to Node
1611         https://bugs.webkit.org/show_bug.cgi?id=67651
1612
1613         Reviewed by Darin Adler.
1614
1615         This moves the contains method from Element to Node as in the DOM4 working draft: 
1616         http://dvcs.w3.org/hg/domcore/raw-file/tip/Overview.html#dom-node-contains
1617
1618         This also special cases Document contains to make it O(1) instead of O(depth).
1619
1620         Tests: fast/dom/Node/contains-method.html
1621                perf/document-contains.html
1622
1623         * bindings/objc/PublicDOMInterfaces.h: Move contains from DOMElement to DOMNode.
1624         * dom/Element.idl:
1625         * dom/Node.cpp:
1626         (WebCore::Node::contains): Added document special case.
1627         * dom/Node.idl:
1628         * editing/DeleteSelectionCommand.cpp:
1629         (WebCore::DeleteSelectionCommand::mergeParagraphs): Added a null check.
1630
1631 2011-09-09  Tim Horton  <timothy_horton@apple.com>
1632
1633         Text rendered with a simple (i.e. 0px blur) shadow inside a transparency layer has a double shadow
1634         https://bugs.webkit.org/show_bug.cgi?id=67543
1635         <rdar://problem/10070536>
1636
1637         Reviewed by Darin Adler.
1638
1639         Generalize (begin|end)TransparencyLayer, which now forward
1640         through to (begin|end)PlatformTransparencyLayer, so that
1641         isInTransparencyLayer can exist on every platform.
1642
1643         Make use of isInTransparencyLayer in FontMac to disable
1644         "simple" shadow drawing when the text is being rendered
1645         into a transparency layer.
1646
1647         Test: svg/custom/simple-text-double-shadow.svg
1648
1649         * platform/graphics/GraphicsContext.cpp:
1650         (WebCore::GraphicsContext::GraphicsContext):
1651         (WebCore::GraphicsContext::~GraphicsContext):
1652         (WebCore::GraphicsContext::beginTransparencyLayer):
1653         (WebCore::GraphicsContext::endTransparencyLayer):
1654         (WebCore::GraphicsContext::isInTransparencyLayer):
1655         * platform/graphics/GraphicsContext.h:
1656         * platform/graphics/cairo/GraphicsContextCairo.cpp:
1657         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
1658         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
1659         (WebCore::GraphicsContext::supportsTransparencyLayers):
1660         * platform/graphics/cairo/GraphicsContextPlatformPrivateCairo.h:
1661         * platform/graphics/cg/GraphicsContextCG.cpp:
1662         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
1663         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
1664         (WebCore::GraphicsContext::supportsTransparencyLayers):
1665         * platform/graphics/cg/GraphicsContextPlatformPrivateCG.h:
1666         (WebCore::GraphicsContextPlatformPrivate::GraphicsContextPlatformPrivate):
1667         * platform/graphics/haiku/GraphicsContextHaiku.cpp:
1668         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
1669         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
1670         (WebCore::GraphicsContext::supportsTransparencyLayers):
1671         * platform/graphics/mac/FontMac.mm:
1672         (WebCore::Font::drawGlyphs):
1673         * platform/graphics/openvg/GraphicsContextOpenVG.cpp:
1674         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
1675         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
1676         (WebCore::GraphicsContext::supportsTransparencyLayers):
1677         * platform/graphics/qt/GraphicsContextQt.cpp:
1678         (WebCore::GraphicsContext::isInTransparencyLayer):
1679         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
1680         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
1681         (WebCore::GraphicsContext::supportsTransparencyLayers):
1682         * platform/graphics/skia/GraphicsContextSkia.cpp:
1683         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
1684         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
1685         (WebCore::GraphicsContext::supportsTransparencyLayers):
1686         * platform/graphics/win/FontCGWin.cpp:
1687         (WebCore::drawGDIGlyphs):
1688         * platform/graphics/win/GraphicsContextCGWin.cpp:
1689         (WebCore::GraphicsContext::releaseWindowsContext):
1690         * platform/graphics/win/GraphicsContextCairoWin.cpp:
1691         (WebCore::GraphicsContext::releaseWindowsContext):
1692         * platform/graphics/win/GraphicsContextWin.cpp:
1693         (WebCore::GraphicsContext::getWindowsContext):
1694         * platform/graphics/wince/GraphicsContextWinCE.cpp:
1695         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
1696         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
1697         (WebCore::GraphicsContext::supportsTransparencyLayers):
1698         * platform/graphics/wx/GraphicsContextWx.cpp:
1699         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
1700         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
1701         (WebCore::GraphicsContext::supportsTransparencyLayers):
1702         * platform/win/ScrollbarThemeWin.cpp:
1703         * plugins/win/PluginViewWin.cpp:
1704         * rendering/RenderThemeWin.cpp:
1705
1706 2011-09-09  Julien Chaffraix  <jchaffraix@webkit.org>
1707
1708         [V8] V8WebKitPoint::constructorCallback leaks
1709         https://bugs.webkit.org/show_bug.cgi?id=67865
1710
1711         Reviewed by Adam Barth.
1712
1713         Covered by fast/js/instanceof-XMLHttpRequest.html under Valgrind.
1714
1715         * bindings/v8/custom/V8WebKitPointConstructor.cpp:
1716         (WebCore::V8WebKitPoint::constructorCallback): Changed the code
1717         to use a RefPtr (per our usual style). Also use toV8 that will
1718         take care of properly wrapping the object.
1719
1720 2011-09-09  Chris Rogers  <crogers@google.com>
1721
1722         HRTFDatabaseLoader should not call WTF::waitForThreadCompletion() more than once
1723         https://bugs.webkit.org/show_bug.cgi?id=67866
1724
1725         Reviewed by David Levin.
1726
1727         No new tests since this is difficult to test.
1728         This is designed to fix existing webaudio layout test failures.
1729
1730         * platform/audio/HRTFDatabaseLoader.cpp:
1731         (WebCore::HRTFDatabaseLoader::HRTFDatabaseLoader):
1732         (WebCore::HRTFDatabaseLoader::~HRTFDatabaseLoader):
1733         (WebCore::HRTFDatabaseLoader::loadAsynchronously):
1734         (WebCore::HRTFDatabaseLoader::waitForLoaderThreadCompletion):
1735         * platform/audio/HRTFDatabaseLoader.h:
1736
1737 2011-09-09  Jessie Berlin  <jberlin@apple.com>
1738
1739         Cookies are not available after turning off Private Browsing after the last window has been
1740         closed.
1741         https://bugs.webkit.org/show_bug.cgi?id=67874
1742
1743         Reviewed by Darin Adler.
1744
1745         The private browsing storage session is a global setting that is being incorrectly set on a
1746         per-page basis (see http://webkit.org/b/67870).
1747
1748         In this case, the global value was getting out of sync with the per-page setting:
1749         1. The global value was getting set to true when setPrivateBrowsingEnabled(true) was called.
1750         2. All Pages were then closed, destroying their Settings objects.
1751         3. When a new Page was created, a new Settings object was created and its
1752            m_privateBrowsingEnabled value was getting set to false.
1753         4. The WebPage settings were then applied to the new Settings object, resulting in
1754            setPrivateBrowsingEnabled(false) to be called.
1755         5. An if (m_privateBrowsingEnabled == privateBrowsingEnabled) early return prevented the
1756            global value for the storage session from being destroyed.
1757
1758         * page/Settings.cpp:
1759         (WebCore::Settings::setPrivateBrowsingEnabled):
1760         Move the early return to be after setting the global private browsing values, and add a
1761         clearer comment + FIXME.
1762
1763 2011-09-09  Kentaro Hara  <haraken@google.com>
1764
1765         Generate a WebKitCSSMatrix constructor of V8 using the IDL 'Constructor' extended attribute
1766         https://bugs.webkit.org/show_bug.cgi?id=67458
1767
1768         Reviewed by Adam Barth.
1769
1770         Added a 'CallWithNullValue' extended attribute.
1771         If a parameter is optional and missing, 'CallWithDefaultValue'
1772         handles it as a string "undefined". On the other hand,
1773         'CallWithNullValue' handles it as a null string
1774         (Note: not a string "null", but a null string).
1775
1776         Tests: fast/dom/Window/custom-constructors.html
1777                transforms/svg-vs-css.xhtml
1778                transforms/cssmatrix-2d-interface.xhtml
1779                transforms/cssmatrix-3d-interface.xhtmlGenerate a WebKitCSSMatrix constructor
1780
1781         * WebCore.gypi: Removed V8WebKitCSSMatrixConstructor.cpp.
1782         * WebCore.pro: Removed V8WebKitCSSMatrixConstructor.cpp.
1783         * bindings/scripts/CodeGeneratorV8.pm:
1784         (GenerateParametersCheck): If the 'CallWithNullValue' extended attribute is set, we call MAYBE_MISSING_PARAMETER() with MissingIsEmpty mode to obtain a maybe missing parameter. Otherwise, we call MAYBE_MISSING_PARAMETER() with MissingIsUndefined mode.
1785         (RequiresCustomSignature):
1786         * bindings/scripts/test/V8/V8TestInterface.cpp: Updated test results.
1787         (WebCore::V8TestInterface::constructorCallback):
1788         * bindings/scripts/test/V8/V8TestMediaQueryListListener.cpp: Ditto.
1789         (WebCore::TestMediaQueryListListenerInternal::methodCallback):
1790         * bindings/scripts/test/V8/V8TestObj.cpp: Ditto.
1791         (WebCore::TestObjInternal::voidMethodWithArgsCallback):
1792         (WebCore::TestObjInternal::intMethodWithArgsCallback):
1793         (WebCore::TestObjInternal::objMethodWithArgsCallback):
1794         (WebCore::TestObjInternal::methodThatRequiresAllArgsCallback):
1795         (WebCore::TestObjInternal::methodThatRequiresAllArgsAndThrowsCallback):
1796         (WebCore::TestObjInternal::optionsObjectCallback):
1797         (WebCore::TestObjInternal::customArgsAndExceptionCallback):
1798         (WebCore::TestObjInternal::withDynamicFrameAndArgCallback):
1799         (WebCore::TestObjInternal::withDynamicFrameAndOptionalArgCallback):
1800         (WebCore::TestObjInternal::withDynamicFrameAndUserGestureCallback):
1801         (WebCore::TestObjInternal::withDynamicFrameAndUserGestureASADCallback):
1802         (WebCore::TestObjInternal::methodWithOptionalArgCallback):
1803         (WebCore::TestObjInternal::methodWithNonOptionalArgAndOptionalArgCallback):
1804         (WebCore::TestObjInternal::methodWithNonOptionalArgAndTwoOptionalArgsCallback):
1805         (WebCore::TestObjInternal::methodWithNonCallbackArgAndCallbackArgCallback):
1806         (WebCore::TestObjInternal::overloadedMethod1Callback):
1807         (WebCore::TestObjInternal::overloadedMethod2Callback):
1808         (WebCore::TestObjInternal::overloadedMethod3Callback):
1809         (WebCore::TestObjInternal::overloadedMethod4Callback):
1810         (WebCore::TestObjInternal::classMethodWithOptionalCallback):
1811         (WebCore::TestObjInternal::enabledAtRuntimeMethod1Callback):
1812         (WebCore::TestObjInternal::enabledAtRuntimeMethod2Callback):
1813         * bindings/v8/V8Binding.h:
1814         (WebCore::V8ParameterBase::prepareBase): The fact that V8ParameterBase does not have any object means that we do not need to prepare anything, i.e. we should just return true in this case.
1815         (WebCore::::prepare): If V8ParameterBase does not have any object, then we set a null string.
1816         * bindings/v8/custom/V8BindingMacros.h: MAYBE_MISSING_PARAMETER() returns the parameter of a given index if the parameter exists. If the parameter does not exist and MissingIsUndefined is set, this macro returns an object that represents undefined. If the parameter does not exist and MissingIsEmpty is set, this macro returns an empty object.
1817         * bindings/v8/custom/V8WebKitCSSMatrixConstructor.cpp: Removed.
1818         * css/WebKitCSSMatrix.idl: Added the 'Constructor' extended attribute.
1819
1820 2011-09-09  Geoffrey Garen  <ggaren@apple.com>
1821
1822         Reviewed by Dan Bernstein.
1823
1824         Removed ENABLE(SINGLE_THREADED) support, since it is always false
1825         https://bugs.webkit.org/show_bug.cgi?id=67862
1826
1827         Next step toward making the baseline platform assumption that threads exist.
1828
1829         * WebCore.pri:
1830         * features.pri: 
1831         * platform/sql/SQLiteDatabase.cpp:
1832         (WebCore::SQLiteDatabase::interrupt): Removed now-dead code.
1833
1834 2011-09-09  Fady Samuel  <fsamuel@chromium.org>
1835
1836         Move pageScaleFactor code from Frame.{h|cpp} to Page.{h|cpp}
1837         https://bugs.webkit.org/show_bug.cgi?id=67250
1838
1839         Reviewed by Simon Fraser.
1840
1841         No new tests because there's no change in functionality.
1842
1843         * WebCore.exp.in:
1844         * css/CSSStyleSelector.cpp:
1845         (WebCore::CSSStyleSelector::styleForDocument):
1846         * dom/Element.cpp:
1847         (WebCore::Element::getClientRects):
1848         (WebCore::Element::getBoundingClientRect):
1849         * dom/Range.cpp:
1850         (WebCore::adjustFloatQuadsForScrollAndAbsoluteZoomAndPageScale):
1851         * loader/HistoryController.cpp:
1852         (WebCore::HistoryController::restoreScrollPositionAndViewState):
1853         * page/Frame.cpp:
1854         (WebCore::Frame::Frame):
1855         (WebCore::Frame::pageScaleFactor):
1856         * page/Frame.h:
1857         * page/Page.cpp:
1858         (WebCore::Page::Page):
1859         (WebCore::Page::setPageScaleFactor):
1860         * page/Page.h:
1861         (WebCore::Page::pageScaleFactor):
1862         * rendering/RenderLayerCompositor.cpp:
1863         (WebCore::RenderLayerCompositor::shouldPropagateCompositingToEnclosingFrame):
1864         (WebCore::RenderLayerCompositor::pageScaleFactor):
1865         * rendering/RenderView.cpp:
1866         (WebCore::RenderView::paintBoxDecorations):
1867
1868 2011-09-09  Dominic Mazzoni  <dmazzoni@google.com>
1869
1870         AX: Images within anchors causes crash
1871         https://bugs.webkit.org/show_bug.cgi?id=44149
1872
1873         Reviewed by Chris Fleizach.
1874
1875         Fixes the way parent RenderObject of an AccessibilityRenderObject
1876         is computed in the presence of adjacent continuations.
1877
1878         Test: accessibility/div-within-anchors-causes-crash.html
1879
1880         * accessibility/AccessibilityRenderObject.cpp:
1881         (WebCore::AccessibilityRenderObject::renderParentObject):
1882
1883 2011-09-09  Kulanthaivel Palanichamy  <kulanthaivel@codeaurora.org>
1884
1885         CSS rules not being applied when a hidden field is inserted between an input[type=checkbox] and a label
1886         https://bugs.webkit.org/show_bug.cgi?id=66887
1887
1888         Reviewed by David Hyatt.
1889
1890         Test: fast/css/adjacent-sibling-selector.html
1891
1892         This patch addresses the problem of elements not getting their style recomputed
1893         when they are affected by direct adjacent sibling rules and one of their sibling in
1894         their corresponding rules is modified dynamically.
1895
1896         * css/CSSStyleSelector.cpp:
1897         (WebCore::CSSStyleSelector::canShareStyleWithElement):
1898         (WebCore::parentStylePreventsSharing):
1899         * css/SelectorChecker.cpp:
1900         (WebCore::SelectorChecker::checkSelector):
1901         * dom/Element.cpp:
1902         (WebCore::Element::recalcStyle):
1903         (WebCore::checkForSiblingStyleChanges):
1904         * rendering/style/RenderStyle.cpp:
1905         (WebCore::RenderStyle::RenderStyle):
1906         * rendering/style/RenderStyle.h:
1907         (WebCore::InheritedFlags::affectedByDirectAdjacentRules):
1908         (WebCore::InheritedFlags::setAffectedByDirectAdjacentRules):
1909
1910 2011-09-09  Rafael Antognolli  <antognolli@profusion.mobi>
1911
1912         Make the EFL port use the correct rendering file.
1913         https://bugs.webkit.org/show_bug.cgi?id=66323
1914
1915         Reviewed by Martin Robinson.
1916
1917         When compiling with Pango support, the EFL port should use
1918         FontPango.cpp instead of FontEfl.cpp (which is just full of stubs).
1919
1920         No new functionality so no new tests.
1921
1922         * CMakeListsEfl.txt:
1923
1924 2011-09-09  Chris Rogers  <crogers@google.com>
1925
1926         AudioBufferSourceNode must validate AudioBuffer in .buffer attribute setter
1927         https://bugs.webkit.org/show_bug.cgi?id=67749
1928
1929         Reviewed by Kenneth Russell.
1930
1931         Test: webaudio/audiobuffersource-channels.html
1932
1933         * WebCore.gypi:
1934         * bindings/js/JSAudioBufferSourceNodeCustom.cpp:
1935         (WebCore::JSAudioBufferSourceNode::setBuffer):
1936         * bindings/v8/custom/V8AudioBufferSourceNodeCustom.cpp: Copied from Source/WebCore/bindings/js/JSAudioBufferSourceNodeCustom.cpp.
1937         (WebCore::V8AudioBufferSourceNode::bufferAccessorSetter):
1938         * webaudio/AudioBufferSourceNode.cpp:
1939         (WebCore::AudioBufferSourceNode::setBuffer):
1940         * webaudio/AudioBufferSourceNode.h:
1941         * webaudio/AudioBufferSourceNode.idl:
1942
1943 2011-09-09  Dan Bernstein  <mitz@apple.com>
1944
1945         RenderBlock::addOverhangingFloats() takes superfluous parameters
1946         https://bugs.webkit.org/show_bug.cgi?id=67863
1947
1948         Reviewed by Dave Hyatt.
1949
1950         No new tests, because behavior is unchanged.
1951
1952         * rendering/RenderBlock.cpp:
1953         (WebCore::RenderBlock::layoutBlock):
1954         (WebCore::RenderBlock::layoutBlockChild):
1955         (WebCore::RenderBlock::addOverhangingFloats): Removed the logical{Left, Top}Offset parameters,
1956         since they were always the inverse of the logical{Left, Top}() of the child parameter.
1957         * rendering/RenderBlock.h:
1958
1959 2011-09-09  Rafael Antognolli  <antognolli@profusion.mobi>
1960
1961         Add replacement functions for gdk ones.
1962         https://bugs.webkit.org/show_bug.cgi?id=66323
1963
1964         Reviewed by Martin Robinson.
1965
1966         This will allow the EFL port to don't depend on gdk anymore.
1967
1968         No new functionality so no new tests.
1969
1970         * CMakeListsEfl.txt:
1971         * platform/graphics/cairo/CairoUtilities.cpp:
1972         (WebCore::appendRegionToCairoContext):
1973         * platform/graphics/cairo/CairoUtilities.h:
1974         * platform/graphics/pango/FontPango.cpp:
1975         (WebCore::drawGlyphsShadow):
1976         (WebCore::Font::drawComplexText):
1977         * platform/graphics/pango/PangoUtilities.cpp: Added.
1978         (WebCore::getLineClipRegionFromLayoutIter):
1979         (WebCore::getClipRegionFromPangoLayoutLine):
1980         * platform/graphics/pango/PangoUtilities.h: Added.
1981
1982 2011-09-09  Mark Hahnenberg  <mhahnenberg@apple.com>
1983
1984         Unzip initialization lists and constructors in JSCell hierarchy (5/7)
1985         https://bugs.webkit.org/show_bug.cgi?id=67420
1986
1987         Reviewed by Geoffrey Garen.
1988
1989         No new tests.
1990
1991         Completed the fifth level of the refactoring to add finishCreation() 
1992         methods to all classes within the JSCell hierarchy with non-trivial 
1993         constructor bodies.
1994
1995         This primarily consists of pushing the calls to finishCreation() down 
1996         into the constructors of the subclasses of the second level of the hierarchy 
1997         as well as pulling the finishCreation() calls out into the class's corresponding
1998         create() method if it has one.  Doing both simultaneously allows us to 
1999         maintain the invariant that the finishCreation() method chain is called exactly 
2000         once during the creation of an object, since calling it any other number of 
2001         times (0, 2, or more) will cause an assertion failure.
2002
2003         * WebCore.exp.in:
2004         * bindings/js/JSDOMBinding.h:
2005         (WebCore::DOMConstructorObject::DOMConstructorObject):
2006         * bindings/js/JSDOMGlobalObject.cpp:
2007         (WebCore::JSDOMGlobalObject::JSDOMGlobalObject):
2008         (WebCore::JSDOMGlobalObject::finishCreation):
2009         * bindings/js/JSDOMGlobalObject.h:
2010         * bindings/js/JSDOMWindowShell.cpp:
2011         * bindings/js/JSDOMWindowShell.h:
2012         (WebCore::JSDOMWindowShell::create):
2013         * bindings/js/JSDOMWrapper.h:
2014         (WebCore::JSDOMWrapper::JSDOMWrapper):
2015         * bindings/scripts/CodeGeneratorJS.pm:
2016         (GenerateImplementation):
2017         * bindings/scripts/test/JS/JSTestInterface.cpp:
2018         (WebCore::JSTestInterface::JSTestInterface):
2019         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
2020         (WebCore::JSTestMediaQueryListListener::JSTestMediaQueryListListener):
2021         * bindings/scripts/test/JS/JSTestObj.cpp:
2022         (WebCore::JSTestObj::JSTestObj):
2023         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
2024         (WebCore::JSTestSerializedScriptValueInterface::JSTestSerializedScriptValueInterface):
2025         * bridge/c/CRuntimeObject.cpp:
2026         (JSC::Bindings::CRuntimeObject::CRuntimeObject):
2027         (JSC::Bindings::CRuntimeObject::finishCreation):
2028         * bridge/c/CRuntimeObject.h:
2029         * bridge/jni/jsc/JavaRuntimeObject.cpp:
2030         (JSC::Bindings::JavaRuntimeObject::JavaRuntimeObject):
2031         (JSC::Bindings::JavaRuntimeObject::finishCreation):
2032         * bridge/jni/jsc/JavaRuntimeObject.h:
2033         * bridge/objc/ObjCRuntimeObject.h:
2034         * bridge/objc/ObjCRuntimeObject.mm:
2035         (JSC::Bindings::ObjCRuntimeObject::ObjCRuntimeObject):
2036         (JSC::Bindings::ObjCRuntimeObject::finishCreation):
2037         * bridge/objc/objc_runtime.h:
2038         (JSC::Bindings::ObjcFallbackObjectImp::create):
2039         * bridge/objc/objc_runtime.mm:
2040         (JSC::Bindings::ObjcFallbackObjectImp::ObjcFallbackObjectImp):
2041         * bridge/qt/qt_instance.cpp:
2042         (JSC::Bindings::QtRuntimeObject::QtRuntimeObject):
2043         * bridge/qt/qt_pixmapruntime.cpp:
2044         (JSC::Bindings::QtPixmapRuntimeObject::QtPixmapRuntimeObject):
2045         * bridge/qt/qt_runtime.cpp:
2046         (JSC::Bindings::QtRuntimeMethod::QtRuntimeMethod):
2047         (JSC::Bindings::QtRuntimeMethod::finishCreation):
2048         * bridge/qt/qt_runtime.h:
2049         * bridge/runtime_array.cpp:
2050         (JSC::RuntimeArray::RuntimeArray):
2051         * bridge/runtime_array.h:
2052         (JSC::RuntimeArray::create):
2053         * bridge/runtime_method.cpp:
2054         (JSC::RuntimeMethod::RuntimeMethod):
2055         (JSC::RuntimeMethod::finishCreation):
2056         * bridge/runtime_method.h:
2057         * bridge/runtime_object.cpp:
2058         (JSC::Bindings::RuntimeObject::RuntimeObject):
2059         * bridge/runtime_object.h:
2060         (JSC::Bindings::RuntimeObject::create):
2061
2062 2011-09-09  Rafael Antognolli  <antognolli@profusion.mobi>
2063
2064         Rename FontGtk.cpp to FontPango.cpp
2065         https://bugs.webkit.org/show_bug.cgi?id=66323
2066
2067         Reviewed by Martin Robinson.
2068
2069         This file will be used by the EFL port too, and since it's not GTK
2070         specific anymore, rename it to something better.
2071
2072         No new functionality so no new tests.
2073
2074         * GNUmakefile.list.am:
2075         * platform/graphics/pango/FontPango.cpp: Renamed from Source/WebCore/platform/graphics/gtk/FontGtk.cpp.
2076
2077 2011-09-09  Adam Klein  <adamk@chromium.org>
2078
2079         Initialize ExceptionCode in Element::removeAttribute
2080         https://bugs.webkit.org/show_bug.cgi?id=67820
2081
2082         Reviewed by Darin Adler.
2083
2084         Silences valgrind warning reported in http://crbug.com/76490.
2085
2086         No new tests since this would only very occasionally be flaky,
2087         and in the codepath in the valgrind report, the ec is ignored anyway.
2088
2089         * dom/Element.cpp:
2090         (WebCore::Element::removeAttribute): Initialize ec to 0.
2091
2092 2011-09-09  Laszlo Gombos  <laszlo.1.gombos@nokia.com>
2093
2094         [Qt] Remove common.pri
2095         https://bugs.webkit.org/show_bug.cgi?id=67814
2096
2097         Reviewed by Andreas Kling.
2098
2099         No new tests, no change in functionality.
2100
2101         * CodeGenerators.pri:
2102         * WebCore.pri:
2103
2104 2011-09-09  Dominic Mazzoni  <dmazzoni@google.com>
2105
2106         Assert being hit in AccessibilityRenderObject::addChildren()
2107         https://bugs.webkit.org/show_bug.cgi?id=61805
2108
2109         Reviewed by Chris Fleizach.
2110
2111         Fix nextSibling and previousSibling to handle adjacent continuations
2112         properly, otherwise nodes end up appearing in the accessibility
2113         tree twice (or a debug assertion could be raised).
2114
2115         Test: accessibility/adjacent-continuations-cause-assertion-failure.html
2116
2117         * accessibility/AccessibilityRenderObject.cpp:
2118         (WebCore::AccessibilityRenderObject::previousSibling):
2119         (WebCore::AccessibilityRenderObject::nextSibling):
2120
2121 2011-09-08  Kentaro Hara  <haraken@google.com>
2122
2123         Implement a WebKitAnimationEvent constructor.
2124         https://bugs.webkit.org/show_bug.cgi?id=67825
2125
2126         Reviewed by Sam Weinig.
2127
2128         There is no spec for the WebKitAnimationEvent constructor
2129         since it is WebKit-specific. However, based on the current
2130         IDL of initWebKitAnimationEvent(), the constructor IDL
2131         should be as follows.
2132
2133         [Constructor(DOMString type, optional WebKitAnimationEventInit eventInitDict)]
2134         interface WebKitAnimationEvent : Event {
2135             ...;
2136         }
2137
2138         dictionary WebKitAnimationEventInit : EventInit {
2139             DOMString animationName;
2140             double elapsedTime;
2141         }
2142
2143         Test: fast/events/constructors/webkit-animation-event-constructor.html
2144
2145         * bindings/generic/EventConstructors.h: Added a definition for the WebKitAnimationEvent constructor.
2146         * bindings/js/JSEventConstructors.cpp: Added #includes for WebKitAnimationEvent.
2147         * dom/WebKitAnimationEvent.cpp:
2148         (WebCore::WebKitAnimationEventInit::WebKitAnimationEventInit):
2149         (WebCore::WebKitAnimationEvent::WebKitAnimationEvent):
2150         * dom/WebKitAnimationEvent.h: Added a definition for WebKitAnimationEventInit.
2151         (WebCore::WebKitAnimationEvent::create):
2152         * dom/WebKitAnimationEvent.idl: Makes WebKitAnimationEvent constructible.
2153
2154 2011-09-08  Abhishek Arya  <inferno@chromium.org>
2155
2156         :before content rendering issues with list markers and run-ins.
2157         https://bugs.webkit.org/show_bug.cgi?id=67735
2158
2159         1) Remove the isAnonymous checks for run-in detection since the
2160         run-in can belong to a node.
2161         2) When the parent has block children, then the list marker will
2162         be enclosed in an anonymous block. In that case, for going to the
2163         next list marker, we need to traverse one level up. We don't need
2164         this check when searching for generated run-in (loop 2), since we
2165         know parent will have inline children, so the list marker wont be
2166         enclosed in an anonymous block.
2167
2168         Reviewed by Dave Hyatt.
2169
2170         Tests: fast/lists/list-marker-before-content-table.html
2171                fast/runin/runin-generated-before-content.html
2172
2173         * rendering/RenderObjectChildList.cpp:
2174         (WebCore::RenderObjectChildList::beforePseudoElementRenderer):
2175
2176 2011-09-09  Pavel Podivilov  <podivilov@chromium.org>
2177
2178         Web Inspector: introduce JavaScriptSourceFrame class.
2179         https://bugs.webkit.org/show_bug.cgi?id=67838
2180
2181         SourceFrame should not deal with JavaScript debugging since it is a base class for all source frame implementations.
2182
2183         Reviewed by Pavel Feldman.
2184
2185         * WebCore.gypi:
2186         * WebCore.vcproj/WebCore.vcproj:
2187         * inspector/front-end/JavaScriptSourceFrame.js: Added.
2188         (WebInspector.JavaScriptSourceFrame):
2189         (WebInspector.SourceFrameDelegateForScriptsPanel): moved from ScriptsPanel.js
2190         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.requestContent):
2191         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.debuggingSupported):
2192         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.setBreakpoint):
2193         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.updateBreakpoint):
2194         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.removeBreakpoint):
2195         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.findBreakpoint):
2196         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.continueToLine):
2197         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.canEditScriptSource):
2198         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.setScriptSource):
2199         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.setScriptSourceIsBeingEdited):
2200         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.debuggerPaused):
2201         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.evaluateInSelectedCallFrame):
2202         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.releaseEvaluationResult):
2203         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.suggestedFileName):
2204         * inspector/front-end/ScriptsPanel.js:
2205         (WebInspector.ScriptsPanel.prototype._createSourceFrame):
2206         * inspector/front-end/WebKit.qrc:
2207         * inspector/front-end/inspector.html:
2208
2209 2011-09-09  Sheriff Bot  <webkit.review.bot@gmail.com>
2210
2211         Unreviewed, rolling out r94845.
2212         http://trac.webkit.org/changeset/94845
2213         https://bugs.webkit.org/show_bug.cgi?id=67839
2214
2215         This patch kicked Qt-SL bots, but we don't need this
2216         modification. (Requested by ossy_ on #webkit).
2217
2218         * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
2219         * platform/mac/WebVideoFullscreenController.mm:
2220         * platform/mac/WebVideoFullscreenHUDWindowController.mm:
2221
2222 2011-09-09  Csaba Osztrogon√°c  <ossy@webkit.org>
2223
2224         [Qt][Mac]REGRESSION(r94774): Build is broken
2225         https://bugs.webkit.org/show_bug.cgi?id=67799
2226
2227         It seems these files didn't rebuilt because of a
2228         dependency bug. Touch them to trigger a rebuild.
2229
2230         * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
2231         * platform/mac/WebVideoFullscreenController.mm:
2232         * platform/mac/WebVideoFullscreenHUDWindowController.mm:
2233
2234 2011-09-09  Alexander Pavlov  <apavlov@chromium.org>
2235
2236         Unreviewed, Chromium valgrind build fix.
2237
2238         Web Inspector: [Chromium] Valgrind signals use of uninitialized field in InspectorStyleSheetForInlineStyle
2239         https://bugs.webkit.org/show_bug.cgi?id=67837
2240
2241         * inspector/InspectorStyleSheet.cpp:
2242         (WebCore::InspectorStyleSheetForInlineStyle::InspectorStyleSheetForInlineStyle):
2243
2244 2011-09-09  Sheriff Bot  <webkit.review.bot@gmail.com>
2245
2246         Unreviewed, rolling out r94536.
2247         http://trac.webkit.org/changeset/94536
2248         https://bugs.webkit.org/show_bug.cgi?id=67836
2249
2250         breaks absoluteLocation() of RelatedMouseEvent (Requested by
2251         jknotten on #webkit).
2252
2253         * dom/MouseRelatedEvent.cpp:
2254         (WebCore::MouseRelatedEvent::MouseRelatedEvent):
2255
2256 2011-09-08  Alexander Pavlov  <apavlov@chromium.org>
2257
2258         Web Inspector: live edit both for JS and CSS is not discoverable.
2259         https://bugs.webkit.org/show_bug.cgi?id=65962
2260
2261         Add the "Edit" button to SourceFrame, so that resources/scripts can be edited both in the
2262         Resources and the Scripts panels. The button is grayed out if the resource/script is not editable.
2263
2264         Reviewed by Yury Semikhatsky.
2265
2266         * inspector/front-end/Images/statusbarButtonGlyphs.png:
2267         * inspector/front-end/ResourceView.js:
2268         (WebInspector.EditableResourceSourceFrame.prototype.canEditSource):
2269         * inspector/front-end/ScriptsPanel.js:
2270         (WebInspector.ScriptsPanel.prototype.get statusBarItems):
2271         (WebInspector.ScriptsPanel.prototype.set visibleView):
2272         * inspector/front-end/SourceFrame.js:
2273         (WebInspector.SourceFrame):
2274         (WebInspector.SourceFrame.prototype.get statusBarItems):
2275         (WebInspector.SourceFrame.prototype._initializeTextViewer):
2276         (WebInspector.SourceFrame.prototype._editButtonClicked):
2277         (WebInspector.SourceFrame.prototype.canEditSource):
2278         (WebInspector.SourceFrame.prototype.startEditing):
2279         (WebInspector.SourceFrame.prototype.commitEditing):
2280         (WebInspector.SourceFrame.prototype._setReadOnly):
2281         (WebInspector.TextViewerDelegateForSourceFrame.prototype.doubleClick):
2282         * inspector/front-end/TextViewer.js:
2283         (WebInspector.TextEditorMainPanel.prototype.set readOnly):
2284         (WebInspector.TextEditorMainPanel.prototype._updateSelectionOnStartEditing):
2285         * inspector/front-end/inspector.css:
2286         (button.edit-source-status-bar-item .glyph):
2287         (button.edit-source-status-bar-item.toggled-on .glyph):
2288
2289 2011-09-09  Shinya Kawanaka  <shinyak@google.com>
2290
2291         Crashes in WebCore::AppendNodeCommand::create().
2292         https://bugs.webkit.org/show_bug.cgi?id=67767
2293
2294         Reviewed by Darin Adler.
2295
2296         In CompositeEditCommand::closeParagraphUnderNewElement(), lastNode could be a non Element node.
2297         The current code assumes lastNode is an Element node. This patch checks it.
2298
2299         Test: editing/execCommand/ident-crashes-topnode-is-text.html
2300
2301         * editing/CompositeEditCommand.cpp:
2302         (WebCore::CompositeEditCommand::cloneParagraphUnderNewElement): Added an element node check.
2303
2304 2011-09-09  Shinya Kawanaka  <shinyak@google.com>
2305
2306         Crashes in WebCore::ApplyStyleCommand.doApply()
2307         https://bugs.webkit.org/show_bug.cgi?id=67765
2308
2309         Reviewed by Ryosuke Niwa.
2310
2311         WebCore::enclosingBlock may return null, but ApplyStyleCommand::applyBlockStyle did not check it. This patch make it to be checked.
2312
2313         Test: editing/style/remove-format-without-enclosing-block.html
2314
2315         * editing/ApplyStyleCommand.cpp:
2316         (WebCore::ApplyStyleCommand::applyBlockStyle): Added null check.
2317
2318 2011-09-09  James Simonsen  <simonjam@chromium.org>
2319
2320         [Chromium] Fix leak of Skia stream with custom CSS fonts
2321         https://bugs.webkit.org/show_bug.cgi?id=67815
2322
2323         Reviewed by Adam Barth.
2324
2325         Test: fast/css/font-face-opentype.html under valgrind
2326
2327         * platform/graphics/mac/FontCustomPlatformData.cpp:
2328         (WebCore::createFontCustomPlatformData):
2329         * platform/graphics/skia/FontCustomPlatformData.cpp:
2330         (WebCore::createFontCustomPlatformData):
2331
2332 2011-09-07  Ryosuke Niwa  <rniwa@webkit.org>
2333
2334         Push more code from HTMLInputElement::setValue to TextFieldInputType::setValue
2335         https://bugs.webkit.org/show_bug.cgi?id=67742
2336
2337         Reviewed by Darin Adler.
2338
2339         Moved more code in HTMLInputElement::setValue to TextFieldInputType::setValue, and merged
2340         InputType::valueChanged into InputType::setValue. Also introduced
2341         InputType::dispatchChangeEventInResponseToSetValue to be overridden by TextFieldInputType.
2342
2343         * html/BaseButtonInputType.cpp:
2344         (WebCore::BaseButtonInputType::setValue):
2345         * html/BaseButtonInputType.h:
2346         * html/BaseCheckableInputType.cpp:
2347         (WebCore::BaseCheckableInputType::setValue):
2348         * html/BaseCheckableInputType.h:
2349         * html/ColorInputType.cpp:
2350         * html/ColorInputType.h:
2351         * html/FileInputType.cpp:
2352         (WebCore::FileInputType::setValue):
2353         * html/FileInputType.h:
2354         * html/HTMLInputElement.cpp:
2355         (WebCore::HTMLInputElement::setValue):
2356         * html/HTMLInputElement.h:
2357         (WebCore::HTMLInputElement::cacheSelectionInResponseToSetValue):
2358         * html/HiddenInputType.cpp:
2359         (WebCore::HiddenInputType::setValue):
2360         * html/HiddenInputType.h:
2361         * html/InputType.cpp:
2362         (WebCore::InputType::setValue):
2363         (WebCore::InputType::dispatchChangeEventInResponseToSetValue):
2364         * html/InputType.h:
2365         * html/RangeInputType.cpp:
2366         (WebCore::RangeInputType::setValue):
2367         * html/RangeInputType.h:
2368         * html/TextFieldInputType.cpp:
2369         (WebCore::TextFieldInputType::setValue):
2370         (WebCore::TextFieldInputType::dispatchChangeEventInResponseToSetValue):
2371         * html/TextFieldInputType.h:
2372
2373 2011-09-08  Annie Sullivan  <sullivan@chromium.org>
2374
2375         Crashes in WebCore::InsertNodeBeforeCommand constructor.
2376         https://bugs.webkit.org/show_bug.cgi?id=67763
2377
2378         Reviewed by Ryosuke Niwa.
2379
2380         Changes editableRootForPosition() to use the position's containerNode instead of deprecatedNode so that
2381         positions which are before or after a given node cannot return that node as the editable root.
2382
2383         Test: editing/inserting/insert-paragraph-selection-outside-contenteditable.html
2384
2385         * editing/htmlediting.cpp:
2386         (WebCore::editableRootForPosition): use containerNode instead of deprecatedNode.
2387
2388 2011-09-08  James Weatherall  <wez@chromium.org>
2389
2390         Release the reference to the HTMLPlugInElement's script object, when the element is removed from the document.  This breaks a cyclical reference that would otherwise cause the element to be retained until the document is torn down.
2391         https://bugs.webkit.org/show_bug.cgi?id=66181
2392
2393         Reviewed by Anders Carlsson.
2394
2395         No new tests - no functional change.
2396
2397         * html/HTMLPlugInElement.cpp:
2398         (WebCore::HTMLPlugInElement::removedFromDocument):
2399         * html/HTMLPlugInElement.h:
2400
2401 2011-09-08  Daniel Bates  <dbates@webkit.org>
2402
2403         XSS filter bypass via non-standard URL encoding
2404         https://bugs.webkit.org/show_bug.cgi?id=66588
2405
2406         Reviewed by Adam Barth.
2407
2408         Tests: http/tests/security/xssAuditor/script-tag-with-16bit-unicode-surrogate-pair.html
2409                http/tests/security/xssAuditor/script-tag-with-16bit-unicode.html
2410                http/tests/security/xssAuditor/script-tag-with-16bit-unicode2.html
2411                http/tests/security/xssAuditor/script-tag-with-16bit-unicode3.html
2412                http/tests/security/xssAuditor/script-tag-with-16bit-unicode4.html
2413                http/tests/security/xssAuditor/script-tag-with-16bit-unicode5.html
2414                http/tests/security/xssAuditor/script-tag-with-three-times-url-encoded-16bit-unicode.html
2415                http/tests/security/xssAuditor/window-open-without-url-should-not-assert.html
2416
2417         Implement support for decoding non-standard 16-bit Unicode escape sequences of
2418         the form %u26C4 as described in <http://www.w3.org/International/iri-edit/draft-duerst-iri.html#anchor29>.
2419
2420         See also <http://en.wikipedia.org/wiki/Percent-encoding#Non-standard_implementations>.
2421
2422         * GNUmakefile.list.am: Added DecodeEscapeSequences.h.
2423         * WebCore.gypi: Ditto.
2424         * WebCore.pro: Ditto.
2425         * WebCore.vcproj/WebCore.vcproj: Ditto.
2426         * WebCore.xcodeproj/project.pbxproj: Ditto.
2427         * html/parser/XSSAuditor.cpp:
2428         (WebCore::decode16BitUnicodeEscapeSequences): Added.
2429         (WebCore::decodeStandardURLEscapeSequences): Added.
2430         (WebCore::fullyDecodeString): Modified to call decode16BitUnicodeEscapeSequences().
2431         (WebCore::XSSAuditor::init): Modified to return early when the URL of the document
2432         is the empty string. This can happen when opening a new browser window or calling
2433         window.open("").
2434         * platform/KURL.cpp:
2435         (WebCore::decodeURLEscapeSequences): Abstracted code into template-function decodeEscapeSequences().
2436         This function just calls decodeEscapeSequences<URLEscapeSequence>().
2437         * platform/text/DecodeEscapeSequences.h: Added.
2438         (WebCore::Unicode16BitEscapeSequence::findInString):
2439         (WebCore::Unicode16BitEscapeSequence::matchStringPrefix):
2440         (WebCore::Unicode16BitEscapeSequence::decodeRun):
2441         (WebCore::URLEscapeSequence::findInString):
2442         (WebCore::URLEscapeSequence::matchStringPrefix):
2443         (WebCore::URLEscapeSequence::decodeRun):
2444         (WebCore::decodeEscapeSequences):
2445
2446 2011-09-08  Adam Barth  <abarth@webkit.org>
2447
2448         DocumentWriter::deprecatedFrameEncoding doesn't need to refert to Settings
2449         https://bugs.webkit.org/show_bug.cgi?id=67812
2450
2451         Reviewed by Eric Seidel.
2452
2453         The one caller of this function does this work already.
2454
2455         * loader/DocumentWriter.cpp:
2456         (WebCore::DocumentWriter::deprecatedFrameEncoding):
2457
2458 2011-09-08  Adam Klein  <adamk@chromium.org>
2459
2460         Always zero-out m_sortedTextBoxesPosition to avoid uninitialized read in TextIterator
2461         https://bugs.webkit.org/show_bug.cgi?id=67810
2462
2463         Reviewed by Tony Chang.
2464
2465         Reported as a valgrind failure in http://crbug.com/84777.
2466
2467         No possible change in behavior, so no tests. The unitialized read
2468         could never have an impact:
2469
2470            if (m_sortedTextBoxesPosition + 1 < m_sortedTextBoxes.size()) ...
2471
2472         Since m_sortedTextBoxes.size() will be zero here if
2473         m_sortedTextBoxesPosition is uninitialized, and they're both unsigned,
2474         so no possible value of m_sortedTextBoxesPosition could be < 0.
2475
2476         * editing/TextIterator.cpp:
2477         (WebCore::TextIterator::TextIterator):
2478
2479 2011-09-08  Tony Chang  <tony@chromium.org>
2480
2481         Cleanup of switch statements with default cases
2482         https://bugs.webkit.org/show_bug.cgi?id=67808
2483
2484         Reviewed by Adam Barth.
2485
2486         No new tests, just a small refactoring.
2487
2488         * page/WebKitAnimation.cpp:
2489         (WebCore::WebKitAnimation::fillMode):
2490         * platform/audio/Distance.cpp:
2491         (WebCore::DistanceEffect::gain):
2492
2493 2011-09-08  Eric Seidel  <eric@webkit.org>
2494
2495         [BiDi] Add support for the BDI element
2496         https://bugs.webkit.org/show_bug.cgi?id=50913
2497
2498         Reviewed by Ryosuke Niwa.
2499
2500         This patch is ridiculously trivial now that we have unicode-bidi: isolate support in WebKit.
2501
2502         Test: css3/bdi-element.html
2503
2504         * css/html.css:
2505         (bdi):
2506
2507 2011-09-08  David Levin  <levin@chromium.org>
2508
2509         [chromium] KURL::copy doesn't produce something usable on another thread.
2510         https://bugs.webkit.org/show_bug.cgi?id=67809
2511
2512         Reviewed by Adam Barth.
2513
2514         No new functionality exposed so no new test. This was caught by testing code: the thread
2515         sanitizer run in Chromium (http://code.google.com/p/chromium/issues/detail?id=93708).
2516
2517         * platform/KURLGoogle.cpp:
2518         (WebCore::KURLGooglePrivate::copyTo): Clear out the invalid String so that it will
2519         not be used on another thread.
2520
2521 2011-09-08  Alexey Proskuryakov  <ap@apple.com>
2522
2523         REGRESSION (r66874): Missing RefPtr in ScriptController
2524         https://bugs.webkit.org/show_bug.cgi?id=67748
2525
2526         Reviewed by Adam Barth.
2527
2528         * bindings/ScriptControllerBase.cpp: (WebCore::ScriptController::executeScript):
2529
2530 2011-09-08  Adam Barth  <abarth@webkit.org>
2531
2532         Second attempt to fix Chromium build.
2533
2534         * dom/Document.h:
2535
2536 2011-09-08  Oliver Hunt  <oliver@apple.com>
2537
2538         Use bump allocator for initial property storage
2539         https://bugs.webkit.org/show_bug.cgi?id=67494
2540
2541         Reviewed by Geoffrey Garen.
2542
2543         Add a forwarding header.
2544
2545         * ForwardingHeaders/runtime/StorageBarrier.h: Added.
2546
2547 2011-09-08  Roland Steiner  <rolandsteiner@chromium.org>
2548
2549         Unreviewed, rolling out r94809.
2550         http://trac.webkit.org/changeset/94809
2551         https://bugs.webkit.org/show_bug.cgi?id=67718
2552
2553         commit _still_ premature, despite CQ eagerness
2554
2555         * html/HTMLAttributeNames.in:
2556         * html/HTMLStyleElement.cpp:
2557         * html/HTMLStyleElement.h:
2558         * html/HTMLStyleElement.idl:
2559
2560 2011-09-08  Sam Weinig  <sam@webkit.org>
2561
2562         Remove the Completion object from JSC, I have never liked it
2563         https://bugs.webkit.org/show_bug.cgi?id=67755
2564
2565         Reviewed by Gavin Barraclough.
2566
2567         * bindings/js/JSDOMBinding.cpp:
2568         (WebCore::reportException):
2569         * bindings/js/JSEventListener.cpp:
2570         (WebCore::JSEventListener::handleEvent):
2571         * bindings/js/JSInjectedScriptManager.cpp:
2572         (WebCore::InjectedScriptManager::createInjectedScript):
2573         * bindings/js/JSMainThreadExecState.h:
2574         (WebCore::JSMainThreadExecState::evaluate):
2575         * bindings/js/ScriptController.cpp:
2576         (WebCore::ScriptController::evaluateInWorld):
2577         * bindings/js/WorkerScriptController.cpp:
2578         (WebCore::WorkerScriptController::evaluate):
2579         * bindings/objc/WebScriptObject.mm:
2580         (-[WebScriptObject evaluateWebScript:]):
2581         * bridge/NP_jsobject.cpp:
2582         (_NPN_Evaluate):
2583         * bridge/jni/jni_jsobject.mm:
2584         (JavaJSObject::eval):
2585
2586 2011-09-08  Adam Barth  <abarth@webkit.org>
2587
2588         Inline DocumentWriter::encoding() into it's only caller: deprecatedFrameEncoding()
2589         https://bugs.webkit.org/show_bug.cgi?id=67807
2590
2591         Reviewed by Eric Seidel.
2592
2593         This function is super nutty.  We don't want any more folks to call it
2594         thinking that it does something sane.
2595
2596         * loader/DocumentWriter.cpp:
2597         (WebCore::DocumentWriter::deprecatedFrameEncoding):
2598         * loader/DocumentWriter.h:
2599
2600 2011-09-08  Roland Steiner  <rolandsteiner@chromium.org>
2601
2602         <style scoped>: Add 'scoped' attribute
2603         https://bugs.webkit.org/show_bug.cgi?id=67718
2604
2605         Add 'scoped' attribute to IDL and attribute list,
2606         implement and test setting/resetting of the attribute.
2607
2608         Reviewed by Dimitri Glazkov.
2609
2610         Test: fast/css/style-scoped/basic-attribute.html
2611
2612         * html/HTMLAttributeNames.in:
2613         * html/HTMLStyleElement.cpp:
2614         (WebCore::HTMLStyleElement::scoped):
2615         (WebCore::HTMLStyleElement::setScoped):
2616         (WebCore::HTMLStyleElement::scopingElement):
2617         * html/HTMLStyleElement.h:
2618         * html/HTMLStyleElement.idl:
2619
2620 2011-09-08  Sheriff Bot  <webkit.review.bot@gmail.com>
2621
2622         Unreviewed, rolling out r94781.
2623         http://trac.webkit.org/changeset/94781
2624         https://bugs.webkit.org/show_bug.cgi?id=67806
2625
2626         Broke Objective-C binding on Mac (Requested by rniwa on
2627         #webkit).
2628
2629         * dom/Element.idl:
2630         * dom/Node.cpp:
2631         (WebCore::Node::contains):
2632         * dom/Node.idl:
2633         * editing/DeleteSelectionCommand.cpp:
2634         (WebCore::DeleteSelectionCommand::mergeParagraphs):
2635
2636 2011-09-08  Eric Seidel  <eric@webkit.org>
2637
2638         Remove DocumentWriter::setDecoder as a grep of WebKit shows no callers
2639         https://bugs.webkit.org/show_bug.cgi?id=67803
2640
2641         Reviewed by Adam Barth.
2642
2643         Smells like dead code.
2644
2645         * loader/DocumentWriter.cpp:
2646         * loader/DocumentWriter.h:
2647
2648 2011-09-08  Shinya Kawanaka  <shinyak@google.com>
2649
2650         Crashes in WebCore::ReplaceSelectionCommand::doApply
2651         https://bugs.webkit.org/show_bug.cgi?id=67762
2652
2653         Reviewed by Ryosuke Niwa.
2654
2655         WebCore::enclosingBlock may return null, but its return value was not checked. This patch checks it.
2656
2657         Tests: editing/inserting/insert-without-enclosing-block.html
2658
2659         * editing/ReplaceSelectionCommand.cpp:
2660         (WebCore::ReplaceSelectionCommand::doApply): Added null check.
2661
2662 2011-09-08  Sheriff Bot  <webkit.review.bot@gmail.com>
2663
2664         Unreviewed, rolling out r94784.
2665         http://trac.webkit.org/changeset/94784
2666         https://bugs.webkit.org/show_bug.cgi?id=67796
2667
2668         Commit was premature (Requested by rolandsteiner on #webkit).
2669
2670         * html/HTMLAttributeNames.in:
2671         * html/HTMLStyleElement.cpp:
2672         * html/HTMLStyleElement.h:
2673         * html/HTMLStyleElement.idl:
2674
2675 2011-09-08  W. James MacLean  <wjmaclean@chromium.org>
2676
2677         [chromium] Add backend compositor support for rescaling (zooming) textures during zoom animation.
2678         https://bugs.webkit.org/show_bug.cgi?id=66472
2679
2680         This patch contains plumbing from Internals to WebViewImpl that can be removed
2681         at a later time when the zoom animator code is complete.
2682
2683         Reviewed by James Robinson.
2684
2685         Test: platform/chromium/compositing/zoom-animator-scale-test.html
2686
2687         * page/Settings.cpp:
2688         (WebCore::Settings::Settings):
2689         * page/Settings.h:
2690         (WebCore::Settings::setZoomAnimatorScale):
2691         (WebCore::Settings::zoomAnimatorScale):
2692         * platform/graphics/chromium/LayerRendererChromium.cpp:
2693         (WebCore::LayerRendererChromium::LayerRendererChromium):
2694         (WebCore::LayerRendererChromium::drawLayersInternal):
2695         * platform/graphics/chromium/LayerRendererChromium.h:
2696         (WebCore::LayerRendererChromium::setZoomAnimatorScale):
2697         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
2698         (WebCore::CCLayerTreeHost::CCLayerTreeHost):
2699         (WebCore::CCLayerTreeHost::commitTo):
2700         (WebCore::CCLayerTreeHost::setZoomAnimatorScale):
2701         (WebCore::CCLayerTreeHost::updateLayers):
2702         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
2703         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
2704         (WebCore::CCLayerTreeHostImpl::setZoomAnimatorScale):
2705         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
2706         * testing/Internals.cpp:
2707         (WebCore::Internals::setZoomAnimatorScale):
2708         * testing/Internals.h:
2709         * testing/Internals.idl:
2710
2711 2011-09-08  Eric Carlson  <eric.carlson@apple.com>
2712
2713         HTMLMediaElement is missing initialTime attribute
2714         https://bugs.webkit.org/show_bug.cgi?id=67791
2715
2716         Reviewed by Darin Adler.
2717
2718         Test: media/media-initialTime.html
2719
2720         * html/HTMLMediaElement.cpp:
2721         (WebCore::HTMLMediaElement::initialTime):
2722         * html/HTMLMediaElement.h:
2723         * html/HTMLMediaElement.idl:
2724         * platform/graphics/MediaPlayer.cpp:
2725         (WebCore::MediaPlayer::initialTime):
2726         * platform/graphics/MediaPlayer.h:
2727         * platform/graphics/MediaPlayerPrivate.h:
2728         (WebCore::MediaPlayerPrivateInterface::initialTime):
2729
2730 2011-09-03  Robert Hogan  <robert@webkit.org>
2731
2732         Elements with position:absolute don't move to correct position after images load
2733         https://bugs.webkit.org/show_bug.cgi?id=54611
2734
2735         Reviewed by Simon Fraser.
2736
2737         Test: fast/block/positioning/absolute-layout-after-image-load.html
2738
2739         In the test the 'label' block is an absolutely positioned child of an inline flow. So during layout, 
2740         this RenderBlock::layoutPositionedObjects fails to dirty it for rendering because it requires 
2741         the parent to be a BlockFlow. The code to do this was introduced in http://trac.webkit.org/changeset/8284. 
2742         There doesn't seem to be a good reason for requiring a BlockFlow, so remove the check. 
2743
2744         Note: Although the issue is encountered only on first load without a fragment identifier, it 
2745         happens reliably when you include the fragment identifier in the url (#Footnote_1). This is so 
2746         because scrolling to the fragment always happens before the image has loaded, rendering the page 
2747         and clearing the initial dirty bits in the positioned element's renderer. When the image finally 
2748         loads in this scenario, the positioned element is otherwise clean and relies on the above code to get 
2749         re-rendered.
2750
2751         Note: This was originally landed in r94755 but positioned-float-layout-after-image-load.html exposed
2752               an ASSERT bug, unrelated to this change, and was rolled out. That issue is tracked separately
2753               in bug 67759.
2754
2755         * rendering/RenderBlock.cpp:
2756         (WebCore::RenderBlock::layoutPositionedObjects): remove the check for r->parent()->isBlockFlow() when 
2757                                                          deciding whether to mark children for layout
2758
2759 2011-09-08  Roland Steiner  <rolandsteiner@chromium.org>
2760
2761         <style scoped>: Add 'scoped' attribute
2762         https://bugs.webkit.org/show_bug.cgi?id=67718
2763
2764         Add 'scoped' attribute to IDL and attribute list,
2765         implement and test setting/resetting of the attribute.
2766
2767         Reviewed by Dimitri Glazkov.
2768
2769         Test: fast/css/style-scoped/basic-attribute.html
2770
2771         * html/HTMLAttributeNames.in:
2772         * html/HTMLStyleElement.cpp:
2773         (WebCore::HTMLStyleElement::scoped):
2774         (WebCore::HTMLStyleElement::setScoped):
2775         (WebCore::HTMLStyleElement::scopingElement):
2776         * html/HTMLStyleElement.h:
2777         * html/HTMLStyleElement.idl:
2778
2779 2011-09-08  Erik Arvidsson  <arv@chromium.org>
2780
2781         Move Element.contains to Node
2782         https://bugs.webkit.org/show_bug.cgi?id=67651
2783
2784         Reviewed by Darin Adler.
2785
2786         This moves the contains method from Element to Node as in the DOM4 working draft: 
2787         http://dvcs.w3.org/hg/domcore/raw-file/tip/Overview.html#dom-node-contains
2788
2789         This also special cases Document contains to make it O(1) instead of O(depth).
2790
2791         Tests: fast/dom/Node/contains-method.html
2792                perf/document-contains.html
2793
2794         * dom/Element.idl:
2795         * dom/Node.cpp:
2796         (WebCore::Node::contains): Added document special case.
2797         * dom/Node.idl:
2798         * editing/DeleteSelectionCommand.cpp:
2799         (WebCore::DeleteSelectionCommand::mergeParagraphs): Added a null check.
2800
2801 2011-09-08  Chris Rogers  <crogers@google.com>
2802
2803         Check AudioContext createChannelMerger() for thread safety
2804         https://bugs.webkit.org/show_bug.cgi?id=67247
2805
2806         Reviewed by Kenneth Russell.
2807
2808         Test: webaudio/audiochannelmerger-stereo.html
2809
2810         * webaudio/AudioChannelMerger.cpp:
2811         (WebCore::AudioChannelMerger::process):
2812         (WebCore::AudioChannelMerger::checkNumberOfChannelsForInput):
2813         * webaudio/AudioChannelMerger.h:
2814
2815 2011-09-08  Ned Holbrook  <nholbrook@apple.com>
2816
2817         Refactor hyphen measurement
2818         https://bugs.webkit.org/show_bug.cgi?id=67728
2819
2820         Reviewed by Darin Adler.
2821
2822         No new tests, purely refactoring.
2823
2824         * rendering/RenderBlockLineLayout.cpp:
2825         (WebCore::measureHyphenWidth): Added.
2826         (WebCore::setLogicalWidthForTextRun): Use measureHyphenWidth().
2827         (WebCore::tryHyphenating): Ditto.
2828         (WebCore::RenderBlock::LineBreaker::nextLineBreak): Ditto.
2829
2830 2011-09-08  Julien Chaffraix  <jchaffraix@webkit.org>
2831
2832         Remove LayoutStateDisabler instances from RenderLayer
2833         https://bugs.webkit.org/show_bug.cgi?id=66896
2834
2835         Reviewed by Simon Fraser.
2836
2837         As part of r93614, scrollTo does not call updateLayerPositions anymore.
2838         This means that we don't need to disable LayoutState from the scrolling code
2839         in RenderLayer.
2840
2841         This change is covered by the existing tests.
2842
2843         * rendering/RenderLayer.cpp:
2844         (WebCore::RenderLayer::updateLayerPositions): Updated the comment
2845         that was not accurate anymore. Also explained what is wrong with
2846         LayoutState vs RenderLayer now. Note that the ASSERT is still
2847         valid and will not trigger as the remaining calls to updateLayerPositions
2848         are done *outside* layout() where LayoutState is not set (thus disabled).
2849
2850         (WebCore::RenderLayer::updateScrollInfoAfterLayout): Removed
2851         2 LayoutStateDisabler surrounding scrollToOffset.
2852
2853 2011-09-08  Julien Chaffraix  <jchaffraix@webkit.org>
2854
2855         Factor out the code to get the first non-null RenderTableSection in RenderTable
2856         https://bugs.webkit.org/show_bug.cgi?id=66972
2857
2858         Reviewed by Darin Adler.
2859
2860         Refactoring only, covered by existing tests.
2861
2862         * accessibility/AccessibilityTable.cpp:
2863         (WebCore::AccessibilityTable::addChildren):
2864         (WebCore::AccessibilityTable::cellForColumnAndRow):
2865         * accessibility/AccessibilityTableCell.cpp:
2866         (WebCore::AccessibilityTableCell::rowIndexRange):
2867         Updated those for the signature change in sectionBelow. Also added
2868         a FIXME where topSection should be used instead of iterating
2869         over the section (and likely missing some corner cases).
2870
2871         * rendering/FixedTableLayout.cpp:
2872         (WebCore::FixedTableLayout::calcWidthArray):
2873         * rendering/RenderTable.cpp:
2874         (WebCore::RenderTable::calcBorderStart):
2875         (WebCore::RenderTable::calcBorderEnd):
2876         (WebCore::RenderTable::outerBorderBefore):
2877         (WebCore::RenderTable::sectionAbove):
2878         (WebCore::RenderTable::sectionBelow):
2879         (WebCore::RenderTable::firstLineBoxBaseline):
2880         Updated all those functions to use the newly added functions. Also changed
2881         the variable names to match the functions.
2882
2883         (WebCore::RenderTable::layout):
2884         (WebCore::RenderTable::topNonEmptySection): Newly added function
2885         that returns the top non null section of the table that has at least a
2886         row.
2887
2888         (WebCore::RenderTable::cellAbove):
2889         (WebCore::RenderTable::cellBelow):
2890         Update the signature of those 2 functions to take an enum as it makes the
2891         rest of the code more readable.
2892
2893         * rendering/RenderTable.h:
2894         (WebCore::RenderTable::topSection): Newly added function to return
2895         the top non null section in the table.
2896
2897 2011-04-19  Eric Seidel  <eric@webkit.org>
2898
2899         Reviewed by Ryosuke Niwa.
2900
2901         [BiDi] [CSS3] MASTER: Add support for the unicode-bidi:isolate CSS property
2902         https://bugs.webkit.org/show_bug.cgi?id=50912
2903
2904         This patch adds support for CSS3 unicode-bidi: isolate property, under the -webkit- vendor prefix.
2905         Parsing support was added in a previous patch, this wires up the RenderStyle values
2906         to code changes in the BidiResolver.
2907
2908         The effect of this patch is that it makes it possible to "isolate" runs of text
2909         so that their RTL-ness or LTR-ness does not bleed out into the rest of your text
2910         and effect layout.  This is important because many unicode characters (like parenthesis, ':', '-', etc.)
2911         do not have intrinsic directionality and are affected by whatever characters come before/after.
2912         If you have usernames which include RTL text, if you inject those usernames in your page
2913         you might end up with nearby characters moving!
2914         (like 'RTL USERNAME - my awesome site' as a title, could end up as
2915         'my awesome site - USERNAME RTL' when correct would be 'USERNAME RTL - my awesome site'.)
2916         This patch makes it possible to wrap sections of text in isolated spans, so that
2917         they correctly order all their RTL/LTR contents, but also correctly participate in the
2918         larger RTL/LTR ordering without affecting nearby characters.
2919
2920         Because much of this code is old and rarely touched, I've included extra background
2921         information in hopes of expanding my set of potential reviewers:
2922
2923         WebKit uses the standard "Unicode Bidi Algorithm" henceforth known as the UBA.
2924         The UBA is defined at http://unicode.org/reports/tr9/ for those not faint of heart.
2925
2926         Text layout is done per-block (<div>, <p>, etc), and begins with a string of text
2927         (which in our case comes from the rendering tree) and a specified width.
2928         First:  Text is measured and wrapped into lines.
2929         Second: The UBA is run over the lines of text.
2930         Third:  WebKit builds InlineBoxes (its linebox tree) and eventually render the text.
2931
2932         This patch modifies our UBA to ignore all text content inside "isolated" inlines (treating them as neutral characters)
2933         and then adds another step after running the UBA, where we run the UBA recursively on any
2934         previously identified "isolated" content.
2935
2936         The result of the UBA is an ordered list of "runs" of text with the RTL runs
2937         correctly RTL and the LTR runs LTR.
2938
2939         The UBA does three things:
2940         1.  It assigns a "class" to each character in a text stream (like neutral, strongly-RTL, strongly-LTR, etc.)
2941         2.  Divides the text stream up into "runs" of characters of the same directionality (all RTL, all LTR).
2942         3.  Re-orders those runs.
2943
2944         The UBA in WebKit is implemented by BidiResolver<T> in BidiResolver.h
2945
2946         The InlineBidiResolver (BidiResolver specialization which knows about the rendering tree)
2947         walks along its InlineIterators, looking at each character and running the
2948         Unicode Bidi Algorithm (UBA).  It walks through the rendering tree subtree under
2949         a block, using a (poorly named) bidiNext function which returns the next inline object.
2950         Each inline object (or text character there-in) has a corresponding meaning in the UBA
2951         such as a "strong RTL" character or a "neutral" character.  The UBA reads these sequence
2952         of characters, and figures out what direction (RTL or LTR) to assign to any neutral
2953         characters it encounters, based on surrounding characters.
2954
2955         As the InlineBidiResolver is walking the rendering tree, the InlineIterator::advance()
2956         function calls bidiNext(), which in turn can call notifyObserverEnteredObject/notifyObserverWillExitObject
2957         notifying InlineBidiResolver that it is entering or exiting an "isolated"
2958         span, at which point it will either start or stop ignoring the stream of characters
2959         from the InlineIterator.  When the InlineBidiResolver is ignoring the stream of
2960         characters, instead of creating separate BidiRuns at each RTL/LTR boundary
2961         as it normally would, it instead creates one "fake" run for the entire
2962         isolated span.  These fake runs participate in the normal UBA run ordering process,
2963         but after the main UBA, a second pass is made where we examine
2964         the list of isolatedRuns() and run the UBA on each of them, replacing the fake
2965         run we previously inserted, with the resulting list of runs from that inner UBA run.
2966         The way it "ignores" characters is by treating them all as neutral when inside an isolate.
2967         Thus all the characters end up grouped in a single run, but their directionality (as a group)
2968         is correctly affected by any surrounding strong characters.
2969
2970         If you understood that last paragraph, than the rest of the change is just plumbing.
2971
2972         I added a huge number of FIXMEs to this code, because this code has a variety of
2973         design choices (or lack there of) which make some of this very difficult.
2974
2975         For example the bidiNext iterator function has two sets of mutually exclusive
2976         parameters and can be used optionally with or without an observer.  Prior to this
2977         change there was only ever one object which cared about observing a walk over inlines
2978         and that was InlineBidiResolver.  This patch (regretfully) templatizes bidiNext
2979         to support a new Observer type.  The correct fix would be to rip bidiNext into
2980         multiple functions and rip need for observation out of InlineBidiResolver.
2981         Unfortunately I've tried both in separate bugs and failed.  This code is very very
2982         old and very poorly understood.  We're slowly moving forward, this is another tiny step.
2983
2984         This is my fourth iteration of this patch (I'm happy to do more!), but I believe
2985         it's a good compromise between fixing all of the design gotcha's of our bidi
2986         system and doing the minimum amount to add this killer CSS feature.
2987
2988         I ran the PLT.  (It averaged 0.2% faster with this change, but I attribute that to noise).
2989
2990         Test: css3/unicode-bidi-isolate-basic.html and css3/unicode-bidi-isolate-aharon.html
2991
2992         * platform/text/BidiResolver.h:
2993         (WebCore::BidiCharacterRun::setNext):
2994          - Needed by the new replaceRunWithRuns function.
2995         (WebCore::BidiResolver::BidiResolver):
2996         (WebCore::BidiResolver::~BidiResolver):
2997         (WebCore::BidiResolver::enterIsolate):
2998         (WebCore::BidiResolver::exitIsolate):
2999         (WebCore::BidiResolver::inIsolate):
3000         (WebCore::BidiResolver::isolatedRuns):
3001          - Used to track isolated spans of text as they're encoutered.
3002            They're stuffed away here to be processed recursively
3003            after the main UBA has done its thang.
3004         (WebCore::::appendRun):
3005         (WebCore::::embed):
3006         (WebCore::::commitExplicitEmbedding):
3007         (WebCore::::createBidiRunsForLine):
3008         * platform/text/BidiRunList.h:
3009         (WebCore::::replaceRunWithRuns):
3010          - This effectively takes all the runs from one runlist and adds them to
3011            this one, replacing the fake run we inserted during a previous pass of the UBA.
3012          - This RunList now owns the runs, so we call clear() on the other RunList
3013            so that we don't end up double-freeing the runs.
3014         (WebCore::::clear):
3015          - This allows us to "take" runs from another run list and then clear it.
3016         * rendering/BidiRun.h:
3017         (WebCore::BidiRun::object):
3018         * rendering/InlineIterator.h:
3019         (WebCore::InlineIterator::object):
3020         (WebCore::InlineIterator::offset):
3021         (WebCore::notifyObserverEnteredObject): Mostly just renaming and adding a FIXME about plaintext.
3022         (WebCore::notifyObserverWillExitObject): Mostly just renaming.
3023         (WebCore::addPlaceholderRunForIsolatedInline):
3024         (WebCore::isIsolatedInline):
3025         (WebCore::InlineBidiResolver::appendRun):
3026         * rendering/RenderBlockLineLayout.cpp:
3027         (WebCore::statusWithDirection):
3028         (WebCore::constructBidiRuns):
3029          - This is the heavy-lifting of this change.  This function
3030            runs the UBA recursively on all the previously identified isolated spans.
3031          - If we encounter more isolated spans in our run, we just add them to the
3032            main list an keep going.  Because the runs are linked lists and we have
3033            direct pointers to our placeholder objects, we don't care what order
3034            we process the placeholders in, so long as when we're done, they're all processed.
3035         (WebCore::RenderBlock::layoutInlineChildren):
3036
3037 2011-09-08  Kentaro Hara  <haraken@google.com>
3038
3039         Implement a ProgressEvent constructor for JSC
3040         https://bugs.webkit.org/show_bug.cgi?id=67537
3041
3042         Reviewed by Sam Weinig.
3043
3044         The spec for the ProgressEvent constructor is here:
3045         http://www.w3.org/TR/progress-events/#interface-progressevent
3046
3047         Test: fast/events/constructors/progress-event-constructor.html
3048
3049         * bindings/generic/EventConstructors.h: Added a definition for the ProgressEvent constructor.
3050         * bindings/js/JSDictionary.cpp:
3051         (WebCore::JSDictionary::convertValue): Converts an ECMA-262 Number into an IDL unsigned long long value. Spec: http://www.w3.org/TR/WebIDL/#es-unsigned-long-long
3052         * bindings/js/JSEventConstructors.cpp: Added #includes for ProgressEvent.
3053         * dom/ProgressEvent.cpp:
3054         (WebCore::ProgressEventInit::ProgressEventInit):
3055         (WebCore::ProgressEvent::ProgressEvent):
3056         * dom/ProgressEvent.h: Added a definition for ProgressEventInit.
3057         (WebCore::ProgressEvent::create):
3058         * dom/ProgressEvent.idl: Makes ProgressEvent constructible.
3059
3060 2011-09-08  Ryosuke Niwa  <rniwa@webkit.org>
3061
3062         Make bindings tests quiet after r94701.
3063
3064         * bindings/scripts/test/JS/JSTestInterface.cpp:
3065         * bindings/scripts/test/JS/JSTestInterface.h:
3066         (WebCore::JSTestInterfacePrototype::JSTestInterfacePrototype):
3067         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
3068         * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
3069         (WebCore::JSTestMediaQueryListListenerPrototype::JSTestMediaQueryListListenerPrototype):
3070         * bindings/scripts/test/JS/JSTestObj.cpp:
3071         * bindings/scripts/test/JS/JSTestObj.h:
3072         (WebCore::JSTestObjPrototype::JSTestObjPrototype):
3073         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
3074         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
3075         (WebCore::JSTestSerializedScriptValueInterfacePrototype::JSTestSerializedScriptValueInterfacePrototype):
3076
3077 2011-09-07  Pavel Podivilov  <podivilov@chromium.org>
3078
3079         Web Inspector: get rid of RawSourceCode.createSourceMappingIfNeeded.
3080         https://bugs.webkit.org/show_bug.cgi?id=67717
3081
3082         Listen to SourceMappingUpdated event instead of using createSourceMappingIfNeeded.
3083
3084         Reviewed by Yury Semikhatsky.
3085
3086         * inspector/front-end/DebuggerPresentationModel.js:
3087         (WebInspector.DebuggerPresentationModel):
3088         (WebInspector.DebuggerPresentationModel.prototype.linkifyLocation.updateAnchor):
3089         (WebInspector.DebuggerPresentationModel.prototype.linkifyLocation):
3090         (WebInspector.DebuggerPresentationModel.prototype._updateSourceMapping):
3091         (WebInspector.DebuggerPresentationModel.prototype._restoreBreakpoints):
3092         (WebInspector.DebuggerPresentationModel.prototype._restoreConsoleMessages):
3093         (WebInspector.DebuggerPresentationModel.prototype.setFormatSource):
3094         (WebInspector.DebuggerPresentationModel.prototype._consoleMessageAdded):
3095         (WebInspector.DebuggerPresentationModel.prototype._createPresentationMessage):
3096         (WebInspector.DebuggerPresentationModel.prototype._consoleCleared):
3097         (WebInspector.DebuggerPresentationModel.prototype.continueToLine):
3098         (WebInspector.DebuggerPresentationModel.prototype.messagesForUISourceCode):
3099         (WebInspector.DebuggerPresentationModel.prototype._debuggerReset):
3100         (WebInspector.PresentationCallFrame.prototype.sourceLine.sourceMappingUpdated):
3101         (WebInspector.PresentationCallFrame.prototype.sourceLine):
3102         * inspector/front-end/SourceFile.js:
3103
3104 2011-09-06  Pavel Podivilov  <podivilov@chromium.org>
3105
3106         Web Inspector: do not re-create RawSourceCode when toggling pretty-print mode.
3107         https://bugs.webkit.org/show_bug.cgi?id=67647
3108
3109         1) Implement RawSourceCode.setFormatted that allows toggling pretty-print mode on the fly without resetting everything.
3110         2) Add RawSourceCode unit tests.
3111         3) Remove source mapping listeners and console messages from presentation model (they live in RawSourceCode now).
3112
3113         Reviewed by Yury Semikhatsky.
3114
3115         Test: inspector/debugger/raw-source-code.html
3116
3117         * inspector/front-end/DebuggerPresentationModel.js:
3118         (WebInspector.DebuggerPresentationModel):
3119         (WebInspector.DebuggerPresentationModel.prototype.linkifyLocation):
3120         (WebInspector.DebuggerPresentationModel.prototype._addScript):
3121         (WebInspector.DebuggerPresentationModel.prototype._sourceMappingUpdated):
3122         (WebInspector.DebuggerPresentationModel.prototype.setFormatSource):
3123         (WebInspector.DebuggerPresentationModel.prototype._createRawSourceCodeId):
3124         (WebInspector.DebuggerPresentationModel.prototype._debuggerReset):
3125         * inspector/front-end/ScriptsPanel.js:
3126         (WebInspector.ScriptsPanel.prototype._toggleFormatSource):
3127         * inspector/front-end/SourceFile.js:
3128         (WebInspector.RawSourceCode):
3129         (WebInspector.RawSourceCode.prototype.get uiSourceCode):
3130         (WebInspector.RawSourceCode.prototype.setFormatted):
3131         (WebInspector.RawSourceCode.prototype.rawLocationToUILocation):
3132         (WebInspector.RawSourceCode.prototype._saveSourceMapping):
3133
3134 2011-09-08  Alexander Pavlov  <apavlov@chromium.org>
3135
3136         Web Inspector: [REGRESSION] Clear console shortcut Ctrl + L broken
3137         https://bugs.webkit.org/show_bug.cgi?id=67711
3138
3139         Reviewed by Yury Semikhatsky.
3140
3141         * inspector/front-end/ConsoleView.js:
3142         (WebInspector.ConsoleView.prototype._consoleCleared):
3143         (WebInspector.ConsoleView.prototype._registerShortcuts):
3144         (WebInspector.ConsoleView.prototype._promptKeyDown):
3145
3146 2011-09-08  Andras Becsi  <andras.becsi@nokia.com>
3147
3148         [Qt] Build fails with strict compiler
3149         https://bugs.webkit.org/show_bug.cgi?id=67778
3150
3151         Reviewed by Csaba Osztrogon√°c.
3152
3153         No new tests needed.
3154
3155         * platform/graphics/TiledBackingStore.cpp:
3156         (WebCore::TiledBackingStore::resizeEdgeTiles): Remove unused contentsRect variable
3157         which's usage was removed in r94681 to fix the build with [-Werror=unused-but-set-variable].
3158
3159 2011-09-08  Sheriff Bot  <webkit.review.bot@gmail.com>
3160
3161         Unreviewed, rolling out r94695.
3162         http://trac.webkit.org/changeset/94695
3163         https://bugs.webkit.org/show_bug.cgi?id=67776
3164
3165         Hitting an assertion on Snow Leopard, Qt, GTK (Requested by
3166         Zoltan on #webkit).
3167
3168         * rendering/RenderBlock.cpp:
3169         (WebCore::RenderBlock::positionedFloatsNeedRelayout):
3170         (WebCore::RenderBlock::layoutPositionedObjects):
3171
3172 2011-09-08  Alexander Pavlov  <apavlov@chromium.org>
3173
3174         Unreviewed, strip trailing whitespace in the Web Inspector frontend (*.js and *.css).
3175
3176         * inspector/front-end/ApplicationCacheItemsView.js:
3177         * inspector/front-end/AuditResultView.js:
3178         * inspector/front-end/BinarySearch.js:
3179         * inspector/front-end/CSSStyleModel.js:
3180         * inspector/front-end/ConsoleMessage.js:
3181         * inspector/front-end/ConsoleModel.js:
3182         * inspector/front-end/ConsoleView.js:
3183         * inspector/front-end/CookieItemsView.js:
3184         * inspector/front-end/CookieParser.js:
3185         * inspector/front-end/DOMAgent.js:
3186         * inspector/front-end/DOMStorage.js:
3187         * inspector/front-end/DOMStorageItemsView.js:
3188         * inspector/front-end/DataGrid.js:
3189         * inspector/front-end/Database.js:
3190         * inspector/front-end/DatabaseQueryView.js:
3191         * inspector/front-end/DetailedHeapshotGridNodes.js:
3192         * inspector/front-end/DetailedHeapshotView.js:
3193         * inspector/front-end/ElementsTreeOutline.js:
3194         * inspector/front-end/EmptyView.js:
3195         * inspector/front-end/EventListenersSidebarPane.js:
3196         * inspector/front-end/ExtensionCommon.js:
3197         * inspector/front-end/GoToLineDialog.js:
3198         * inspector/front-end/HeapSnapshot.js:
3199         * inspector/front-end/HeapSnapshotProxy.js:
3200         * inspector/front-end/HeapSnapshotWorkerDispatcher.js:
3201         * inspector/front-end/ImageView.js:
3202         * inspector/front-end/InjectedFakeWorker.js:
3203         * inspector/front-end/InspectorFrontendHostStub.js:
3204         * inspector/front-end/MetricsSidebarPane.js:
3205         * inspector/front-end/NetworkManager.js:
3206         * inspector/front-end/NetworkPanel.js:
3207         * inspector/front-end/ObjectPropertiesSection.js:
3208         * inspector/front-end/PartialQuickSort.js:
3209         * inspector/front-end/ProfileView.js:
3210         * inspector/front-end/ProfilesPanel.js:
3211         * inspector/front-end/RemoteObject.js:
3212         * inspector/front-end/Resource.js:
3213         * inspector/front-end/ResourceCategory.js:
3214         * inspector/front-end/ResourceHTMLView.js:
3215         * inspector/front-end/ResourceHeadersView.js:
3216         * inspector/front-end/ResourceJSONView.js:
3217         * inspector/front-end/ResourceTimingView.js:
3218         * inspector/front-end/ResourceTreeModel.js:
3219         * inspector/front-end/ResourceView.js:
3220         * inspector/front-end/ResourcesPanel.js:
3221         * inspector/front-end/SearchController.js:
3222         * inspector/front-end/SettingsScreen.js:
3223         * inspector/front-end/ShortcutsScreen.js:
3224         * inspector/front-end/SourceCSSTokenizer.js:
3225         * inspector/front-end/SourceHTMLTokenizer.js:
3226         * inspector/front-end/SourceJavaScriptTokenizer.js:
3227         * inspector/front-end/StatusBarButton.js:
3228         * inspector/front-end/TextEditorModel.js:
3229         * inspector/front-end/TimelineGrid.js:
3230         * inspector/front-end/View.js:
3231         * inspector/front-end/heapProfiler.css:
3232         * inspector/front-end/inspector.css:
3233         * inspector/front-end/inspector.js:
3234         * inspector/front-end/inspectorSyntaxHighlight.css:
3235         * inspector/front-end/networkPanel.css:
3236         * inspector/front-end/treeoutline.js:
3237         * inspector/front-end/utilities.js:
3238
3239 2011-09-07  Andrey Kosyakov  <caseq@chromium.org>
3240
3241         Web Inspector: trying to scroll mouse wheel when in TextViewer's gutter pane causes EventException::DISPATCH_REQUEST_ERR
3242         https://bugs.webkit.org/show_bug.cgi?id=67715
3243
3244         Reviewed by Yury Semikhatsky.
3245
3246         - avoid exception on attempt to dispatch an event that is being dispatched by cloning the event.
3247
3248         * inspector/front-end/TextViewer.js:
3249         (WebInspector.TextViewer.forwardWheelEvent):
3250         (WebInspector.TextViewer):
3251
3252 2011-09-07  Sheriff Bot  <webkit.review.bot@gmail.com>
3253
3254         Unreviewed, rolling out r94674 and r94689.
3255         http://trac.webkit.org/changeset/94674
3256         http://trac.webkit.org/changeset/94689
3257         https://bugs.webkit.org/show_bug.cgi?id=67754
3258
3259         Broke inspector/debugger/script-formatter.html (Requested by
3260         rniwa on #webkit).
3261
3262         * inspector/front-end/DebuggerPresentationModel.js:
3263         (WebInspector.DebuggerPresentationModel):
3264         (WebInspector.DebuggerPresentationModel.prototype.addSourceMappingListener):
3265         (WebInspector.DebuggerPresentationModel.prototype.removeSourceMappingListener):
3266         (WebInspector.DebuggerPresentationModel.prototype.linkifyLocation):
3267         (WebInspector.DebuggerPresentationModel.prototype._addScript):
3268         (WebInspector.DebuggerPresentationModel.prototype._sourceMappingUpdated):
3269         (WebInspector.DebuggerPresentationModel.prototype._restoreBreakpoints):
3270         (WebInspector.DebuggerPresentationModel.prototype.setFormatSource):
3271         (WebInspector.DebuggerPresentationModel.prototype._createRawSourceCodeId):
3272         (WebInspector.DebuggerPresentationModel.prototype._debuggerReset):
3273         * inspector/front-end/ScriptsPanel.js:
3274         (WebInspector.ScriptsPanel.prototype._toggleFormatSource):
3275         * inspector/front-end/SourceFile.js:
3276         (WebInspector.RawSourceCode):
3277         (WebInspector.RawSourceCode.prototype.get uiSourceCode):
3278         (WebInspector.RawSourceCode.prototype.get rawSourceCode):
3279         (WebInspector.RawSourceCode.prototype.rawLocationToUILocation):
3280         (WebInspector.RawSourceCode.prototype.requestContent):
3281         (WebInspector.RawSourceCode.prototype._saveSourceMapping):
3282
3283 2011-09-07  Julien Chaffraix  <jchaffraix@webkit.org>
3284
3285         offsetFromRoot optimization is disabled after r93837
3286         https://bugs.webkit.org/show_bug.cgi?id=67677
3287
3288         Reviewed by Simon Fraser.
3289
3290         Unfortunately not covered by any test as it does not change updateLayerPosition complexity (it is still O(n^2)
3291         because of clippedOverflowRectForRepaint). However it is a noticeable slowdown on some use cases but we don't
3292         have a good test harness to cover such slowdown.
3293
3294         * rendering/RenderLayer.cpp:
3295         (WebCore::RenderLayer::updateLayerPositions): Pass offsetFromRoot as not doing so means that we miss
3296         the optimization altogether.
3297
3298         (WebCore::RenderLayer::computeRepaintRects):
3299         (WebCore::RenderLayer::updateLayerPositionsAfterScroll):
3300         * rendering/RenderLayer.h:
3301         Renamed |cachedOffset| to |offsetFromRoot| to be consistent with our latest renaming.
3302
3303 2011-09-07  Ryosuke Niwa  <rniwa@webkit.org>
3304
3305         Windows build fix after r94737.
3306
3307         * rendering/RenderBlock.cpp:
3308         (WebCore::RenderBlock::adjustRectForColumns):
3309
3310 2011-09-07  Dan Bernstein  <mitz@apple.com>
3311
3312         Removed hyphenation function implementations for an usupported build configuration.
3313
3314         Reviewed by Sam Weinig.
3315
3316         * platform/text/cf/HyphenationCF.cpp:
3317
3318 2011-09-07  David Hyatt  <hyatt@apple.com>
3319
3320         https://bugs.webkit.org/show_bug.cgi?id=67739
3321
3322         adjustRectForColumns is O(# of columns) when it can be O(1). Fix the slow performance of this
3323         function by removing the loop and just computing the start and end column for a repaint rect
3324         and uniting everything in between.
3325
3326         Reviewed by Dan Bernstein.
3327
3328         * rendering/RenderBlock.cpp:
3329         (WebCore::RenderBlock::adjustRectForColumns):
3330
3331 2011-09-07  Sheriff Bot  <webkit.review.bot@gmail.com>
3332
3333         Unreviewed, rolling out r94714 and r94723.
3334         http://trac.webkit.org/changeset/94714
3335         http://trac.webkit.org/changeset/94723
3336         https://bugs.webkit.org/show_bug.cgi?id=67746
3337
3338         breaks gtk-linux tests with assertion failure (Requested by
3339         thorton on #webkit).
3340
3341         * platform/graphics/GraphicsContext.cpp:
3342         (WebCore::GraphicsContext::GraphicsContext):
3343         (WebCore::GraphicsContext::~GraphicsContext):
3344         * platform/graphics/GraphicsContext.h:
3345         (WebCore::GraphicsContext::inTransparencyLayer):
3346         * platform/graphics/cairo/GraphicsContextCairo.cpp:
3347         (WebCore::GraphicsContext::beginTransparencyLayer):
3348         (WebCore::GraphicsContext::endTransparencyLayer):
3349         * platform/graphics/cairo/GraphicsContextPlatformPrivateCairo.h:
3350         (WebCore::GraphicsContextPlatformPrivate::beginTransparencyLayer):
3351         (WebCore::GraphicsContextPlatformPrivate::endTransparencyLayer):
3352         * platform/graphics/cg/GraphicsContextCG.cpp:
3353         (WebCore::GraphicsContext::beginTransparencyLayer):
3354         (WebCore::GraphicsContext::endTransparencyLayer):
3355         * platform/graphics/cg/GraphicsContextPlatformPrivateCG.h:
3356         (WebCore::GraphicsContextPlatformPrivate::GraphicsContextPlatformPrivate):
3357         (WebCore::GraphicsContextPlatformPrivate::~GraphicsContextPlatformPrivate):
3358         (WebCore::GraphicsContextPlatformPrivate::beginTransparencyLayer):
3359         (WebCore::GraphicsContextPlatformPrivate::endTransparencyLayer):
3360         * platform/graphics/haiku/GraphicsContextHaiku.cpp:
3361         (WebCore::GraphicsContext::beginTransparencyLayer):
3362         (WebCore::GraphicsContext::endTransparencyLayer):
3363         * platform/graphics/mac/FontMac.mm:
3364         (WebCore::Font::drawGlyphs):
3365         * platform/graphics/openvg/GraphicsContextOpenVG.cpp:
3366         (WebCore::GraphicsContext::beginTransparencyLayer):
3367         (WebCore::GraphicsContext::endTransparencyLayer):
3368         * platform/graphics/qt/GraphicsContextQt.cpp:
3369         (WebCore::GraphicsContext::inTransparencyLayer):
3370         (WebCore::GraphicsContext::beginTransparencyLayer):
3371         (WebCore::GraphicsContext::endTransparencyLayer):
3372         * platform/graphics/skia/GraphicsContextSkia.cpp:
3373         (WebCore::GraphicsContext::beginTransparencyLayer):
3374         (WebCore::GraphicsContext::endTransparencyLayer):
3375         * platform/graphics/win/FontCGWin.cpp:
3376         (WebCore::drawGDIGlyphs):
3377         * platform/graphics/win/GraphicsContextCGWin.cpp:
3378         (WebCore::GraphicsContext::releaseWindowsContext):
3379         * platform/graphics/win/GraphicsContextCairoWin.cpp:
3380         (WebCore::GraphicsContext::releaseWindowsContext):
3381         * platform/graphics/win/GraphicsContextWin.cpp:
3382         (WebCore::GraphicsContext::inTransparencyLayer):
3383         (WebCore::GraphicsContext::getWindowsContext):
3384         * platform/graphics/wince/GraphicsContextWinCE.cpp:
3385         (WebCore::GraphicsContext::beginTransparencyLayer):
3386         (WebCore::GraphicsContext::endTransparencyLayer):
3387         * platform/graphics/wx/GraphicsContextWx.cpp:
3388         (WebCore::GraphicsContext::beginTransparencyLayer):
3389         (WebCore::GraphicsContext::endTransparencyLayer):
3390         * platform/win/ScrollbarThemeWin.cpp:
3391         (WebCore::ScrollbarThemeWin::paintTrackPiece):
3392         (WebCore::ScrollbarThemeWin::paintButton):
3393         (WebCore::ScrollbarThemeWin::paintThumb):
3394         * plugins/win/PluginViewWin.cpp:
3395         (WebCore::PluginView::paint):
3396         * rendering/RenderThemeWin.cpp:
3397         (WebCore::drawControl):
3398
3399 2011-09-07  Chris Fleizach  <cfleizach@apple.com>
3400
3401         Changes to aria-hidden don't change VO navigation
3402         https://bugs.webkit.org/show_bug.cgi?id=67722
3403
3404         Reviewed by Darin Adler.
3405
3406         When altering aria-hidden, WebCore needs to update the children caches of 
3407         affected elements. However, for elements that were children, but ignored, their
3408         caches did not get updated, and stale information would be propagated.
3409
3410         The fix is to always clearChildren() when a parent is asking for children. This 
3411         ensures information is always up to date when the parent itself is asking for new data.
3412
3413         Test: accessibility/aria-hidden-updates-alldescendants.html
3414
3415         * accessibility/AccessibilityObject.h:
3416         * accessibility/AccessibilityRenderObject.cpp:
3417         (WebCore::AccessibilityRenderObject::ariaIsHidden):
3418         (WebCore::AccessibilityRenderObject::childrenChanged):
3419         (WebCore::AccessibilityRenderObject::addChildren):
3420
3421 2011-09-07  Tim Horton  <timothy_horton@apple.com>
3422
3423         Text rendered with a simple (i.e. 0px blur) shadow inside a transparency layer has a double shadow
3424         https://bugs.webkit.org/show_bug.cgi?id=67543
3425         <rdar://problem/10070536>
3426
3427         Reviewed by Simon Fraser.
3428
3429         Generalize (begin|end)TransparencyLayer, which now forward
3430         through to (begin|end)PlatformTransparencyLayer, so that
3431         isInTransparencyLayer can exist on every platform.
3432
3433         Make use of isInTransparencyLayer in FontMac to disable
3434         "simple" shadow drawing when the text is being rendered
3435         into a transparency layer.
3436
3437         Test: svg/custom/simple-text-double-shadow.svg
3438
3439         * platform/graphics/GraphicsContext.cpp:
3440         (WebCore::GraphicsContext::GraphicsContext):
3441         (WebCore::GraphicsContext::~GraphicsContext):
3442         (WebCore::GraphicsContext::beginTransparencyLayer):
3443         (WebCore::GraphicsContext::endTransparencyLayer):
3444         (WebCore::GraphicsContext::isInTransparencyLayer):
3445         * platform/graphics/GraphicsContext.h:
3446         * platform/graphics/cairo/GraphicsContextCairo.cpp:
3447         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
3448         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
3449         (WebCore::GraphicsContext::supportsTransparencyLayers):
3450         * platform/graphics/cairo/GraphicsContextPlatformPrivateCairo.h:
3451         * platform/graphics/cg/GraphicsContextCG.cpp:
3452         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
3453         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
3454         (WebCore::GraphicsContext::supportsTransparencyLayers):
3455         * platform/graphics/cg/GraphicsContextPlatformPrivateCG.h:
3456         (WebCore::GraphicsContextPlatformPrivate::GraphicsContextPlatformPrivate):
3457         * platform/graphics/haiku/GraphicsContextHaiku.cpp:
3458         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
3459         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
3460         (WebCore::GraphicsContext::supportsTransparencyLayers):
3461         * platform/graphics/mac/FontMac.mm:
3462         (WebCore::Font::drawGlyphs):
3463         * platform/graphics/openvg/GraphicsContextOpenVG.cpp:
3464         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
3465         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
3466         (WebCore::GraphicsContext::supportsTransparencyLayers):
3467         * platform/graphics/qt/GraphicsContextQt.cpp:
3468         (WebCore::GraphicsContext::isInTransparencyLayer):
3469         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
3470         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
3471         (WebCore::GraphicsContext::supportsTransparencyLayers):
3472         * platform/graphics/skia/GraphicsContextSkia.cpp:
3473         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
3474         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
3475         (WebCore::GraphicsContext::supportsTransparencyLayers):
3476         * platform/graphics/win/FontCGWin.cpp:
3477         (WebCore::drawGDIGlyphs):
3478         * platform/graphics/win/GraphicsContextCGWin.cpp:
3479         (WebCore::GraphicsContext::releaseWindowsContext):
3480         * platform/graphics/win/GraphicsContextCairoWin.cpp:
3481         (WebCore::GraphicsContext::releaseWindowsContext):
3482         * platform/graphics/win/GraphicsContextWin.cpp:
3483         (WebCore::GraphicsContext::getWindowsContext):
3484         * platform/graphics/wince/GraphicsContextWinCE.cpp:
3485         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
3486         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
3487         (WebCore::GraphicsContext::supportsTransparencyLayers):
3488         * platform/graphics/wx/GraphicsContextWx.cpp:
3489         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
3490         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
3491         (WebCore::GraphicsContext::supportsTransparencyLayers):
3492         * platform/win/ScrollbarThemeWin.cpp:
3493         * plugins/win/PluginViewWin.cpp:
3494         * rendering/RenderThemeWin.cpp:
3495
3496 2011-09-07  Dan Bernstein  <mitz@apple.com>
3497
3498         <rdar://problem/8881922> Support the hyphenate-limit-lines property
3499         https://bugs.webkit.org/show_bug.cgi?id=67730
3500
3501         Reviewed by Dave Hyatt.
3502
3503         Tests: fast/css/parsing-hyphenate-limit-lines.html
3504                fast/text/hyphenate-limit-lines.html
3505
3506         * css/CSSComputedStyleDeclaration.cpp:
3507         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue): Added hyphenate-limit-lines.
3508         * css/CSSParser.cpp:
3509         (WebCore::CSSParser::parseValue): Ditto. Valid values are non-negative integers and the keyword
3510         "no-limit".
3511         * css/CSSPropertyNames.in: Added -webkit-hyphenate-limit-lines.
3512         * css/CSSStyleSelector.cpp:
3513         (WebCore::CSSStyleSelector::applyProperty): Added hyphenate-limit-lines.
3514         * css/CSSValueKeywords.in: Added the "no-limit" value keyword.
3515         * rendering/RenderBlock.h:
3516         * rendering/RenderBlockLineLayout.cpp:
3517         (WebCore::RenderBlock::layoutRunsAndFloats): Count the number of consecutive hyphenated lines
3518         before the start line and pass it to layoutRunsAndFloatsInRange().
3519         (WebCore::RenderBlock::layoutRunsAndFloatsInRange): Keep track of the number of consecutive
3520         hyphenated lines before the current line and pass it to LineBreaker::nextLineBreak().
3521         (WebCore::tryHyphenating): Added parameters for the number of consecutive hyphenated lines before
3522         the current line and the limit on consecutive hyphenated lines, and an early return if the limit
3523         has been reached.
3524         (WebCore::RenderBlock::LineBreaker::nextLineBreak): Added a parameter for the number of consecutive
3525         hyphenated lines before the current line, which is passed through to tryHyphenating, along with
3526         the value of hyphenate-limit-lines.
3527         * rendering/RootInlineBox.cpp:
3528         (WebCore::RootInlineBox::isHyphenated): Added. Returns true if the line was hyphenated.
3529         * rendering/RootInlineBox.h:
3530         * rendering/style/RenderStyle.h:
3531         (WebCore::InheritedFlags::hyphenationLimitLines): Added this getter.
3532         (WebCore::InheritedFlags::setHyphenationLimitLines): Added this setter.
3533         (WebCore::InheritedFlags::initialHyphenationLimitLines): Added. The initial value is -1,
3534         corresponding to "no-limit".
3535         * rendering/style/StyleRareInheritedData.cpp:
3536         (WebCore::StyleRareInheritedData::StyleRareInheritedData): Initialize new member variable.
3537         (WebCore::StyleRareInheritedData::operator==): Compare new member variable.
3538         * rendering/style/StyleRareInheritedData.h:
3539
3540 2011-09-02  Ojan Vafai  <ojan@chromium.org>
3541
3542         split overrideSize into overrideHeight and overrideWidth
3543         https://bugs.webkit.org/show_bug.cgi?id=67550
3544
3545         Reviewed by Sam Weinig.
3546
3547         All uses of overrideSize only set one of the width or the height.
3548         This change removes a bool from RenderObject and removes some
3549         flexbox specific logic from RenderBox.
3550
3551         The only downside is that we have two global maps where we used
3552         to have one.
3553
3554         No functional changes so existing tests are sufficient.
3555
3556         * rendering/RenderBox.cpp:
3557         (WebCore::RenderBox::hasOverrideHeight):
3558         (WebCore::RenderBox::hasOverrideWidth):
3559         (WebCore::RenderBox::setOverrideHeight):
3560         (WebCore::RenderBox::setOverrideWidth):
3561         (WebCore::RenderBox::clearOverrideSize):
3562         (WebCore::RenderBox::overrideWidth):
3563         (WebCore::RenderBox::overrideHeight):
3564         (WebCore::RenderBox::computeLogicalWidth):
3565         (WebCore::RenderBox::computeLogicalHeight):
3566         (WebCore::RenderBox::computePercentageLogicalHeight):
3567         * rendering/RenderBox.h:
3568         * rendering/RenderDeprecatedFlexibleBox.cpp:
3569         (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
3570         (WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox):
3571         (WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):
3572         * rendering/RenderFlexibleBox.cpp:
3573         (WebCore::RenderFlexibleBox::layoutAndPlaceChildrenHorizontal):
3574         * rendering/RenderObject.cpp:
3575         (WebCore::RenderObject::RenderObject):
3576         * rendering/RenderObject.h:
3577         * rendering/RenderTableCell.cpp:
3578         (WebCore::RenderTableCell::setOverrideHeightFromRowHeight):
3579         * rendering/RenderTableCell.h:
3580         * rendering/RenderTableSection.cpp:
3581         (WebCore::RenderTableSection::calcRowLogicalHeight):
3582         (WebCore::RenderTableSection::layoutRows):
3583
3584 2011-09-07  Alexei Svitkine  <asvitkine@chromium.org>
3585
3586         Add test infrastructure to test rubber-banding overhang drawing along with layout tests for existing Chromium Mac overhang drawing in the non-gpu path.
3587         https://bugs.webkit.org/show_bug.cgi?id=67511
3588
3589         Reviewed by Dimitri Glazkov.
3590
3591         Tests: platform/chromium-mac/rubberbanding/overhang-e.html
3592                platform/chromium-mac/rubberbanding/overhang-n.html
3593                platform/chromium-mac/rubberbanding/overhang-ne.html
3594                platform/chromium-mac/rubberbanding/overhang-nw.html
3595                platform/chromium-mac/rubberbanding/overhang-s.html
3596                platform/chromium-mac/rubberbanding/overhang-se.html
3597                platform/chromium-mac/rubberbanding/overhang-sw.html
3598                platform/chromium-mac/rubberbanding/overhang-w.html
3599
3600         * WebCore.exp.in:
3601         * platform/ScrollableArea.h:
3602         * testing/Internals.cpp:
3603         (WebCore::Internals::setScrollViewPosition):
3604         * testing/Internals.h:
3605         * testing/Internals.idl:
3606
3607 2011-09-07  David Reveman  <reveman@chromium.org>
3608
3609         [Chromium] Render surface anti-aliasing.
3610         https://bugs.webkit.org/show_bug.cgi?id=66437
3611
3612         Reviewed by James Robinson.
3613
3614         Add CCLayerQuad class and CCLayerQuad::Edge subclass to allow
3615         edge computations to be shared between tiled layers and render
3616         surfaces. Move isCCW utility function to FloatQuad class and
3617         add to2dTransform method to TransformationMatrix class. Add
3618         necessary anti-aliasing shaders for render surfaces and use them
3619         to avoid aliased edges.
3620
3621         Tests: compositing/reflections/nested-reflection-transformed.html (existing)
3622
3623         * WebCore.gypi:
3624         * platform/graphics/FloatQuad.cpp:
3625         (WebCore::FloatQuad::isCounterclockwise):
3626         * platform/graphics/FloatQuad.h:
3627         * platform/graphics/chromium/LayerChromium.cpp:
3628         (WebCore::LayerChromium::drawTexturedQuad):
3629         * platform/graphics/chromium/LayerChromium.h:
3630         * platform/graphics/chromium/LayerRendererChromium.cpp:
3631         (WebCore::LayerRendererChromium::LayerRendererChromium):
3632         (WebCore::LayerRendererChromium::headsUpDisplayProgram):
3633         (WebCore::LayerRendererChromium::renderSurfaceProgram):
3634         (WebCore::LayerRendererChromium::renderSurfaceProgramAA):
3635         (WebCore::LayerRendererChromium::renderSurfaceMaskProgram):
3636         (WebCore::LayerRendererChromium::renderSurfaceMaskProgramAA):
3637         (WebCore::LayerRendererChromium::tilerProgramSwizzle):
3638         (WebCore::LayerRendererChromium::canvasLayerProgram):
3639         (WebCore::LayerRendererChromium::pluginLayerProgram):
3640         (WebCore::LayerRendererChromium::videoLayerRGBAProgram):
3641         (WebCore::LayerRendererChromium::videoLayerYUVProgram):
3642         (WebCore::LayerRendererChromium::cleanupSharedObjects):
3643         * platform/graphics/chromium/LayerRendererChromium.h:
3644         (WebCore::LayerRendererChromium::sharedGeometryQuad):
3645         * platform/graphics/chromium/ShaderChromium.cpp:
3646         (WebCore::VertexShaderQuad::VertexShaderQuad):
3647         (WebCore::VertexShaderQuad::init):
3648         (WebCore::VertexShaderQuad::getShaderString):
3649         (WebCore::FragmentShaderRGBATexAlphaAA::FragmentShaderRGBATexAlphaAA):
3650         (WebCore::FragmentShaderRGBATexAlphaAA::init):
3651         (WebCore::FragmentShaderRGBATexAlphaAA::getShaderString):
3652         (WebCore::FragmentTexClampAlphaAABinding::FragmentTexClampAlphaAABinding):
3653         (WebCore::FragmentTexClampAlphaAABinding::init):
3654         (WebCore::FragmentShaderRGBATexClampAlphaAA::getShaderString):
3655         (WebCore::FragmentShaderRGBATexClampSwizzleAlphaAA::getShaderString):
3656         (WebCore::FragmentShaderRGBATexAlphaMaskAA::FragmentShaderRGBATexAlphaMaskAA):
3657         (WebCore::FragmentShaderRGBATexAlphaMaskAA::init):
3658         (WebCore::FragmentShaderRGBATexAlphaMaskAA::getShaderString):
3659         * platform/graphics/chromium/ShaderChromium.h:
3660         (WebCore::VertexShaderQuad::matrixLocation):
3661         (WebCore::VertexShaderQuad::pointLocation):
3662         (WebCore::FragmentShaderRGBATexAlphaAA::alphaLocation):
3663         (WebCore::FragmentShaderRGBATexAlphaAA::samplerLocation):
3664         (WebCore::FragmentShaderRGBATexAlphaAA::edgeLocation):
3665         (WebCore::FragmentShaderRGBATexAlphaMaskAA::alphaLocation):
3666         (WebCore::FragmentShaderRGBATexAlphaMaskAA::samplerLocation):
3667         (WebCore::FragmentShaderRGBATexAlphaMaskAA::maskSamplerLocation):
3668         (WebCore::FragmentShaderRGBATexAlphaMaskAA::edgeLocation):
3669         * platform/graphics/chromium/cc/CCCanvasLayerImpl.cpp:
3670         (WebCore::CCCanvasLayerImpl::draw):
3671         * platform/graphics/chromium/cc/CCHeadsUpDisplay.cpp:
3672         (WebCore::CCHeadsUpDisplay::draw):
3673         * platform/graphics/chromium/cc/CCLayerQuad.cpp: Added.
3674         (WebCore::CCLayerQuad::Edge::Edge):
3675         (WebCore::CCLayerQuad::CCLayerQuad):
3676         (WebCore::CCLayerQuad::floatQuad):
3677         (WebCore::CCLayerQuad::toFloatArray):
3678         * platform/graphics/chromium/cc/CCLayerQuad.h: Added.
3679         (WebCore::CCLayerQuad::Edge::Edge):
3680         (WebCore::CCLayerQuad::Edge::x):
3681         (WebCore::CCLayerQuad::Edge::y):
3682         (WebCore::CCLayerQuad::Edge::z):
3683         (WebCore::CCLayerQuad::Edge::setX):
3684         (WebCore::CCLayerQuad::Edge::setY):
3685         (WebCore::CCLayerQuad::Edge::setZ):
3686         (WebCore::CCLayerQuad::Edge::set):
3687         (WebCore::CCLayerQuad::Edge::moveX):
3688         (WebCore::CCLayerQuad::Edge::moveY):
3689         (WebCore::CCLayerQuad::Edge::moveZ):
3690         (WebCore::CCLayerQuad::Edge::move):
3691         (WebCore::CCLayerQuad::Edge::scaleX):
3692         (WebCore::CCLayerQuad::Edge::scaleY):
3693         (WebCore::CCLayerQuad::Edge::scaleZ):
3694         (WebCore::CCLayerQuad::Edge::scale):
3695         (WebCore::CCLayerQuad::Edge::intersect):
3696         (WebCore::CCLayerQuad::CCLayerQuad):
3697         (WebCore::CCLayerQuad::left):
3698         (WebCore::CCLayerQuad::top):
3699         (WebCore::CCLayerQuad::right):
3700         (WebCore::CCLayerQuad::bottom):
3701         (WebCore::CCLayerQuad::inflateX):
3702         (WebCore::CCLayerQuad::inflateY):
3703         (WebCore::CCLayerQuad::inflate):
3704         (WebCore::CCLayerQuad::inflateAntiAliasingDistance):
3705         * platform/graphics/chromium/cc/CCPluginLayerImpl.cpp:
3706         (WebCore::CCPluginLayerImpl::draw):
3707         * platform/graphics/chromium/cc/CCRenderSurface.cpp:
3708         (WebCore::CCRenderSurface::draw):
3709         (WebCore::CCRenderSurface::drawLayer):
3710         (WebCore::CCRenderSurface::drawSurface):
3711         * platform/graphics/chromium/cc/CCRenderSurface.h:
3712         * platform/graphics/chromium/cc/CCTiledLayerImpl.cpp:
3713         (WebCore::CCTiledLayerImpl::draw):
3714         (WebCore::CCTiledLayerImpl::drawTiles):
3715         * platform/graphics/chromium/cc/CCTiledLayerImpl.h:
3716         * platform/graphics/chromium/cc/CCVideoLayerImpl.cpp:
3717         (WebCore::CCVideoLayerImpl::drawYUV):
3718         (WebCore::CCVideoLayerImpl::drawRGBA):
3719         * platform/graphics/transforms/TransformationMatrix.cpp:
3720         (WebCore::TransformationMatrix::to2dTransform):
3721         * platform/graphics/transforms/TransformationMatrix.h:
3722
3723 2011-09-06  Oliver Hunt  <oliver@apple.com>
3724
3725         Remove JSObjectWithGlobalObject
3726         https://bugs.webkit.org/show_bug.cgi?id=67689
3727
3728         Reviewed by Geoff Garen.
3729
3730         Remove use of anonymous storage and JSObjectWithGlobalObject for
3731         accessing a JSObject's global object now that they're available
3732         on the object's structure.
3733
3734         * bindings/js/JSDOMWindowShell.cpp:
3735         (WebCore::JSDOMWindowShell::setWindow):
3736         * bindings/js/JSDOMWrapper.h:
3737         (WebCore::JSDOMWrapper::globalObject):
3738         (WebCore::JSDOMWrapper::JSDOMWrapper):
3739         * bindings/js/WorkerScriptController.cpp:
3740         (WebCore::WorkerScriptController::initScript):
3741         * bindings/scripts/CodeGeneratorJS.pm:
3742         (GenerateHeader):
3743         (GenerateImplementation):
3744         * bridge/objc/objc_runtime.h:
3745         * bridge/objc/objc_runtime.mm:
3746         (JSC::Bindings::ObjcFallbackObjectImp::ObjcFallbackObjectImp):
3747         (JSC::Bindings::ObjcFallbackObjectImp::finishCreation):
3748         * bridge/runtime_object.cpp:
3749         (JSC::Bindings::RuntimeObject::RuntimeObject):
3750         (JSC::Bindings::RuntimeObject::finishCreation):
3751         * bridge/runtime_object.h:
3752
3753 2011-09-07  Ryosuke Niwa  <rniwa@webkit.org>
3754
3755         Mac build fix after r94694.
3756
3757         * WebCore.xcodeproj/project.pbxproj:
3758
3759 2011-09-07  Tim Horton  <timothy_horton@apple.com>
3760
3761         FELighting is using width instead of height to determine skip for parallel(n>2) case
3762         https://bugs.webkit.org/show_bug.cgi?id=67719
3763         <rdar://problem/10086178>
3764
3765         Reviewed by Dirk Schulze.
3766
3767         No new tests, because the bug only exhibits under conditions which are currently
3768         impossible by default (using more than 2 cores) on some platforms.
3769
3770         * platform/graphics/filters/FELighting.cpp:
3771         (WebCore::FELighting::platformApplyGeneric):
3772
3773 2011-09-07  W. James MacLean  <wjmaclean@chromium.org>
3774
3775         Eliminate motion jitter in animated, blurred SVG image
3776         https://bugs.webkit.org/show_bug.cgi?id=67503
3777
3778         Fixes filter shear-free transform applied to SVG images.
3779
3780         In applyResource() the shearFreeAbsoluteTransform is applied to the drawing region,
3781         which is based on the object bounding box (which doesn't move). For a rotation
3782         around the centre of the box, this should really just be the identity matrix,
3783         since the BB should neither change size nor location. So really, we're just interested
3784         in the scale change of the BB here, and not in moving it.
3785
3786         This impacts how slices are extracted, and affects the {x|y}Mid and {x|y}Max extractions
3787         for vertical and horizontal slices, so the test verifies these.
3788
3789         Reviewed by Dirk Schulze.
3790
3791         Test: svg/W3C-SVG-1.1-SE/filters-image-05-f.svg
3792
3793         * rendering/svg/RenderSVGResourceFilter.cpp:
3794         (WebCore::RenderSVGResourceFilter::applyResource):
3795
3796 2011-09-03  Robert Hogan  <robert@webkit.org>
3797
3798         Elements with position:absolute don't move to correct position after images load
3799         https://bugs.webkit.org/show_bug.cgi?id=54611
3800
3801         Reviewed by Simon Fraser.
3802
3803         Test: fast/block/positioning/absolute-layout-after-image-load.html
3804               fast/block/positioning/positioned-float-layout-after-image-load.html
3805
3806         In the test the 'label' block is an absolutely positioned child of an inline flow. So during layout, 
3807         this RenderBlock::layoutPositionedObjects fails to dirty it for rendering because it requires 
3808         the parent to be a BlockFlow. The code to do this was introduced in http://trac.webkit.org/changeset/8284. 
3809         There doesn't seem to be a good reason for requiring a BlockFlow, so remove the check. Do the same
3810         for positioned floats in RenderBlock::positionedFloatsNeedRelayout(), although currently layoutPositionedObjects()
3811         takes care of it this at least ensures no regression in future.
3812
3813         Note: Although the issue is encountered only on first load without a fragment identifier, it 
3814         happens reliably when you include the fragment identifier in the url (#Footnote_1). This is so 
3815         because scrolling to the fragment always happens before the image has loaded, rendering the page 
3816         and clearing the initial dirty bits in the positioned element's renderer. When the image finally 
3817         loads in this scenario, the positioned element is otherwise clean and relies on the above code to get 
3818         re-rendered.
3819
3820         * rendering/RenderBlock.cpp:
3821         (WebCore::RenderBlock::layoutPositionedObjects): remove the check for r->parent()->isBlockFlow() when 
3822                                                          deciding whether to mark children for layout
3823         (WebCore::RenderBlock::positionedFloatsNeedRelayout): ditto
3824
3825 2011-09-07  Anna Cavender  <annacc@chromium.org>
3826
3827         Moving platform/track to html/track to avoid layering violation.
3828         https://bugs.webkit.org/show_bug.cgi?id=67680
3829
3830         Reviewed by Adam Barth.
3831
3832         No new tests. No new functionality.
3833
3834         * CMakeLists.txt:
3835         * GNUmakefile.am:
3836         * GNUmakefile.list.am:
3837         * WebCore.gyp/WebCore.gyp:
3838         * WebCore.gypi:
3839         * WebCore.pri:
3840         * WebCore.pro:
3841         * html/track/CueParser.cpp: Renamed from Source/WebCore/platform/track/CueParser.cpp.
3842         * html/track/CueParser.h: Renamed from Source/WebCore/platform/track/CueParser.h.
3843         * html/track/CueParserPrivate.h: Renamed from Source/WebCore/platform/track/CueParserPrivate.h.
3844         * html/track/WebVTTParser.cpp: Renamed from Source/WebCore/platform/track/WebVTTParser.cpp.
3845         * html/track/WebVTTParser.h: Renamed from Source/WebCore/platform/track/WebVTTParser.h.
3846         * html/track/WebVTTToken.h: Renamed from Source/WebCore/platform/track/WebVTTToken.h.
3847         * html/track/WebVTTTokenizer.cpp: Renamed from Source/WebCore/platform/track/WebVTTTokenizer.cpp.
3848         * html/track/WebVTTTokenizer.h: Renamed from Source/WebCore/platform/track/WebVTTTokenizer.h.
3849
3850 2011-09-07  David Hyatt  <hyatt@apple.com>
3851
3852         https://bugs.webkit.org/show_bug.cgi?id=67286
3853
3854         REGRESSION: css2.1/t090204-display-change-01-b-ao.html fails after r94084.
3855
3856         Make sure that the trailing floats line box explicitly sets the line top with leading and line bottom with
3857         leading to just be the block height.
3858
3859         Reviewed by Dan Bernstein.
3860
3861         * rendering/RenderBlockLineLayout.cpp:
3862         (WebCore::RenderBlock::linkToEndLineIfNeeded):
3863
3864 2011-09-06  Abhishek Arya  <inferno@chromium.org>
3865
3866         Null owningRenderer crash in RenderScrollbar::updateScrollbarParts.
3867         https://bugs.webkit.org/show_bug.cgi?id=67669
3868
3869         Reviewed by James Robinson.
3870
3871         Owning renderer can be cleared for custom scrollbars in clearOwningRenderer()
3872         call. We need a null check in updateScrollbarParts, so that we do not crash.
3873
3874         No tests since issue seen in crash reports only and I donot know a way to
3875         reproduce.
3876
3877         * rendering/RenderScrollbar.cpp:
3878         (WebCore::RenderScrollbar::updateScrollbarParts):
3879
3880 2011-09-05  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>
3881
3882         [Qt][WK2] Make TiledDrawingArea request tiles only in the direction the viewport is panned to.
3883         https://bugs.webkit.org/show_bug.cgi?id=67606
3884
3885         Reviewed by Noam Rosenthal.
3886
3887         TiledBackingStore previously used different values for horizontal and vertial multiplication
3888         to calculate the cover area.
3889         This patch replaces this mechanism, used to give a bigger panning range to vertical panning,
3890         with the possibility to use the motion vector of the viewport to request tiles ahead instead.
3891         This allows economies on rendering resources as tiles won't be rendered beside the trajectory
3892         of the viewport.
3893
3894         * platform/graphics/TiledBackingStore.cpp:
3895         (WebCore::TiledBackingStore::TiledBackingStore):
3896         (WebCore::TiledBackingStore::setKeepAndCoverAreaMultipliers):
3897         (WebCore::TiledBackingStore::setCoverAreaFocusVector):
3898         (WebCore::TiledBackingStore::createTiles):
3899         (WebCore::TiledBackingStore::calculateKeepRect):
3900         (WebCore::TiledBackingStore::calculateCoverRect):
3901         * platform/graphics/TiledBackingStore.h:
3902         (WebCore::TiledBackingStore::getKeepAndCoverAreaMultipliers):
3903
3904 2011-09-01  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>
3905
3906         [Qt] TiledBackingStore: Import the resizeEdgeTiles logic from TiledDrawindAreaProxy.
3907         https://bugs.webkit.org/show_bug.cgi?id=67416
3908
3909         Reviewed by Kenneth Rohde Christiansen.
3910
3911         Original code by Antti Koivisto.
3912         With the current code, when the page is layouted during load, edge tiles will
3913         get removed instead of continuing to show their front buffer while the tile
3914         is being rendered for the new size.
3915
3916         * platform/graphics/Tile.h:
3917         * platform/graphics/TiledBackingStore.cpp:
3918         (WebCore::TiledBackingStore::createTiles):
3919         (WebCore::TiledBackingStore::resizeEdgeTiles):
3920         * platform/graphics/TiledBackingStore.h:
3921         * platform/graphics/qt/TileQt.cpp:
3922         (WebCore::TileQt::resize):
3923         * platform/graphics/qt/TileQt.h:
3924
3925 2011-09-07  Tim Horton  <timothy_horton@apple.com>
3926
3927         Don't round-trip through TransformationMatrix in SVGImageBufferTools::clearAffineTransform2DRotation
3928         https://bugs.webkit.org/show_bug.cgi?id=67242
3929         <rdar://problem/10069770>
3930
3931         Reviewed by Dirk Schulze.
3932
3933         No new tests, minor performance improvement.
3934
3935         * platform/graphics/transforms/AffineTransform.cpp:
3936         (WebCore::AffineTransform::blend):
3937         (WebCore::AffineTransform::decompose):
3938         (WebCore::AffineTransform::recompose):
3939         * platform/graphics/transforms/AffineTransform.h:
3940         * rendering/svg/SVGImageBufferTools.cpp:
3941         (WebCore::SVGImageBufferTools::clear2DRotation):
3942
3943 2011-09-06  Pavel Podivilov  <podivilov@chromium.org>
3944
3945         Web Inspector: do not re-create RawSourceCode when toggling pretty-print mode.
3946         https://bugs.webkit.org/show_bug.cgi?id=67647
3947
3948         1) Implement RawSourceCode.setFormatted that allows toggling pretty-print mode on the fly without resetting everything.
3949         2) Add RawSourceCode unit tests.
3950         3) Remove source mapping listeners and console messages from presentation model (they live in RawSourceCode now).
3951
3952         Reviewed by Yury Semikhatsky.
3953
3954         Test: inspector/debugger/raw-source-code.html
3955
3956         * inspector/front-end/DebuggerPresentationModel.js:
3957         (WebInspector.DebuggerPresentationModel):
3958         (WebInspector.DebuggerPresentationModel.prototype.linkifyLocation):
3959         (WebInspector.DebuggerPresentationModel.prototype._addScript):
3960         (WebInspector.DebuggerPresentationModel.prototype._sourceMappingUpdated):
3961         (WebInspector.DebuggerPresentationModel.prototype.setFormatSource):
3962         (WebInspector.DebuggerPresentationModel.prototype._createRawSourceCodeId):
3963         (WebInspector.DebuggerPresentationModel.prototype._debuggerReset):
3964         * inspector/front-end/ScriptsPanel.js:
3965         (WebInspector.ScriptsPanel.prototype._toggleFormatSource):
3966         * inspector/front-end/SourceFile.js:
3967         (WebInspector.RawSourceCode):
3968         (WebInspector.RawSourceCode.prototype.get uiSourceCode):
3969         (WebInspector.RawSourceCode.prototype.setFormatted):
3970         (WebInspector.RawSourceCode.prototype.rawLocationToUILocation):
3971         (WebInspector.RawSourceCode.prototype._saveSourceMapping):
3972
3973 2011-09-07  Alexander Pavlov  <apavlov@chromium.org>
3974
3975         Web Inspector: Implement circular tabbing through the Styles sidebar pane contents
3976         https://bugs.webkit.org/show_bug.cgi?id=67127
3977
3978         Reviewed by Yury Semikhatsky.
3979
3980         * inspector/front-end/Section.js:
3981         (WebInspector.Section.prototype.get firstSibling):
3982         (WebInspector.Section.prototype.get lastSibling):
3983         * inspector/front-end/StylesSidebarPane.js:
3984         (WebInspector.StylePropertiesSection.prototype.nextEditableSibling):
3985         (WebInspector.StylePropertiesSection.prototype.previousEditableSibling):
3986         (WebInspector.StylePropertiesSection.prototype.startEditingSelector):
3987         (WebInspector.StylePropertiesSection.prototype._moveEditorFromSelector):
3988         (WebInspector.StylePropertiesSection.prototype.editingSelectorCommitted.successCallback):
3989         (WebInspector.StylePropertiesSection.prototype.editingSelectorCommitted):
3990         (WebInspector.StylePropertyTreeElement.prototype):
3991         (WebInspector.StylePropertyTreeElement.prototype.element.userInput.previousContent.context.moveDirection):
3992
3993 2011-09-02  Andrey Kosyakov  <caseq@chromium.org>
3994
3995         Web Inspector: [Extensions API] expose console API
3996         https://bugs.webkit.org/show_bug.cgi?id=67506
3997
3998         Reviewed by Pavel Feldman.
3999
4000         Test: inspector/extensions/extensions-console.html
4001
4002         * inspector/front-end/ConsoleMessage.js:
4003         (WebInspector.ConsoleMessage.prototype.get text):
4004         (WebInspector.ConsoleMessage.prototype.get parameters):
4005         * inspector/front-end/ExtensionAPI.js:
4006         (WebInspector.injectedExtensionAPI.InspectorExtensionAPI):
4007         (WebInspector.injectedExtensionAPI):
4008         (WebInspector.injectedExtensionAPI.Console.prototype.getMessages):
4009         (WebInspector.injectedExtensionAPI.Console.prototype.addMessage):
4010         (WebInspector.injectedExtensionAPI.Console.prototype.get MessageLevel):
4011         (WebInspector.injectedExtensionAPI.Network.dispatchRequestEvent):
4012         (WebInspector.injectedExtensionAPI.Network):
4013         (WebInspector.injectedExtensionAPI.AuditCategoryImpl.dispatchAuditEvent):
4014         (WebInspector.injectedExtensionAPI.AuditCategoryImpl):
4015         (WebInspector.injectedExtensionAPI.InspectedWindow.dispatchResourceEvent):
4016         (WebInspector.injectedExtensionAPI.InspectedWindow.dispatchResourceContentEvent):
4017         (WebInspector.injectedExtensionAPI.InspectedWindow):
4018         * inspector/front-end/ExtensionCommon.js:
4019         (WebInspector.commonExtensionSymbols):
4020         * inspector/front-end/ExtensionServer.js:
4021         (WebInspector.ExtensionServer):
4022         (WebInspector.ExtensionServer.prototype._notifyConsoleMessageAdded):
4023         (WebInspector.ExtensionServer.prototype._onGetConsoleMessages):
4024         (WebInspector.ExtensionServer.prototype._onAddConsoleMessage):
4025         (WebInspector.ExtensionServer.prototype._makeConsoleMessage):
4026         (WebInspector.ExtensionServer.protot