Invalid `script-nonce` directives should block script execution.
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2012-07-16  Mike West  <mkwst@chromium.org>
2
3         Invalid `script-nonce` directives should block script execution.
4         https://bugs.webkit.org/show_bug.cgi?id=91353
5
6         Reviewed by Adam Barth.
7
8         If the `script-nonce` Content Security Policy directive contains an
9         invalid value, we should fail loudly, throwing a warning to the console
10         and denying execution of script on the page. The is in line with the
11         current state of the experimental CSP 1.1 Editors Draft[1].
12
13         [1]: https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#script-nonce--experimental
14
15         Test: http/tests/security/contentSecurityPolicy/1.1/scriptnonce-invalidnonce.html
16
17         * page/ContentSecurityPolicy.cpp:
18         (WebCore::CSPDirectiveList::checkNonceAndReportViolation):
19             Check against null rather than empty for early exit, otherwise
20             only compare nonces if the stored nonce isn't empty.
21         (WebCore::CSPDirectiveList::parseScriptNonce):
22             Assign the empty string if nonce is invalid.
23
24 2012-07-16  Min Qin  <qinmin@chromium.org>
25
26         [Android] remove RenderThemeChromiumAndroid::paintMediaFullscreenButton()
27         https://bugs.webkit.org/show_bug.cgi?id=91291
28
29         Reviewed by Adam Barth.
30
31         The recent media control refactoring added paintMediaFullscreenButton() in RenderThemeChromiumSkia.
32         Since RenderThemeChromiumAndroid inherits from that class, we don't need to redefine this function.
33         No test needed as this change just removes an unnecessary override.
34
35         * rendering/RenderThemeChromiumAndroid.cpp:
36         * rendering/RenderThemeChromiumAndroid.h:
37
38 2012-07-16  Peter Rybin  <peter.rybin@gmail.com>
39
40         Web Inspector: CodeGeneratorInspector.py: fix output write logic to support incremental build
41         https://bugs.webkit.org/show_bug.cgi?id=90642
42
43         Reviewed by Yury Semikhatsky.
44
45         A small intermediate writer is added. It handles comparing old and new source before actual writing.
46
47         * inspector/CodeGeneratorInspector.py:
48         (flatten_list):
49         (SmartOutput):
50         (SmartOutput.__init__):
51         (SmartOutput.write):
52         (SmartOutput.close):
53
54 2012-07-16  Dana Jansens  <danakj@chromium.org>
55
56         [chromium] Incorrect assertion: Replicas will cause a RenderPass to be removed twice
57         https://bugs.webkit.org/show_bug.cgi?id=91328
58
59         Reviewed by Adrienne Walker.
60
61         We asserted that we would never attempt to remove a render pass that had
62         already been removed. This was incorrect as a surface with a replica has
63         two quads and both may cause us to attempt its removal. We must handle
64         this case gracefully.
65
66         Test: CCLayerTreeHostTestSurfaceNotAllocatedForLayersOutsideMemoryLimit
67
68         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
69         (WebCore::CCLayerTreeHostImpl::CullRenderPassesWithNoQuads::shouldRemoveRenderPass):
70
71 2012-07-16  Ilya Tikhonovsky  <loislo@chromium.org>
72
73         Web Inspector: native memory: fix instrumentation for string members
74         https://bugs.webkit.org/show_bug.cgi?id=91384
75
76         Reviewed by Pavel Feldman.
77
78         It was possible to report a string member via addMember instead of addString.
79         This patch is fixing the problem and adding a link time guard.
80
81         Covered by existing inspector performance tests infrastructure.
82
83         * dom/ElementAttributeData.h:
84         (WebCore::ElementAttributeData::reportMemoryUsage):
85         * dom/MemoryInstrumentation.h:
86         (WebCore):
87         (WebCore::MemoryClassInfo::addString):
88         * dom/QualifiedName.h:
89         (WebCore::QualifiedName::QualifiedNameImpl::reportMemoryUsage):
90
91 2012-07-16  Zoltan Horvath  <zoltan@webkit.org>
92
93         Unreviewed. Remove unnecessary executable bits after r122720.
94
95         * platform/graphics/ImageSource.h:
96         * platform/graphics/qt/ImageBufferQt.cpp:
97         * platform/graphics/qt/ImageDecoderQt.cpp:
98         * platform/graphics/qt/ImageQt.cpp:
99         * platform/graphics/qt/StillImageQt.h:
100         * platform/graphics/qt/TransparencyLayer.h:
101
102 2012-07-16  Zoltan Horvath  <zoltan@webkit.org>
103
104         [Qt] Change NativeImagePtr from QPixmap* to QImage*
105         https://bugs.webkit.org/show_bug.cgi?id=88785
106
107         Reviewed by Simon Hausmann.
108
109         Since we use raster engine there is no difference between QPixmap and QImage, so we are going
110         to use QImage everywhere where it is possible. This refactoring contains the change of the
111         NativeImagePtr typedef from QPixmap* to QImage* and covers the related modifications.
112
113         Part of the change is similar to Viatcheslav Ostapenko's internal work.
114
115         Covered by existing tests.
116
117         * bridge/qt/qt_pixmapruntime.cpp:
118         (JSC::Bindings::QtPixmapAssignToElementMethod::invoke):
119         (JSC::Bindings::QtPixmapInstance::variantFromObject):
120         * platform/DragImage.h:
121         (WebCore):
122         * platform/graphics/GraphicsContext.h:
123         (GraphicsContext):
124         * platform/graphics/Image.h:
125         (Image):
126         * platform/graphics/ImageSource.h:
127         (WebCore):
128         * platform/graphics/gstreamer/ImageGStreamer.h:
129         * platform/graphics/gstreamer/ImageGStreamerQt.cpp:
130         (ImageGStreamer::ImageGStreamer):
131         * platform/graphics/qt/GraphicsContext3DQt.cpp:
132         (WebCore::GraphicsContext3D::getImageData):
133         * platform/graphics/qt/GraphicsContextQt.cpp:
134         (WebCore::GraphicsContext::pushTransparencyLayerInternal):
135         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
136         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
137         * platform/graphics/qt/ImageBufferDataQt.h:
138         (ImageBufferData):
139         * platform/graphics/qt/ImageBufferQt.cpp:
140         (WebCore::ImageBufferData::ImageBufferData):
141         (WebCore::ImageBuffer::copyImage):
142         (WebCore::ImageBuffer::clip):
143         (WebCore::ImageBuffer::platformTransformColorSpace):
144         (WebCore::getImageData):
145         (WebCore::ImageBuffer::putByteArray):
146         (WebCore::encodeImage):
147         (WebCore::ImageBuffer::toDataURL):
148         * platform/graphics/qt/ImageDecoderQt.cpp:
149         (WebCore::ImageFrame::asNewNativeImage):
150         * platform/graphics/qt/ImageQt.cpp:
151         (graphics):
152         (loadResourceImage):
153         (WebCore::Image::loadPlatformResource):
154         (WebCore::Image::setPlatformResource):
155         (WebCore::Image::drawPattern):
156         (WebCore::BitmapImage::BitmapImage):
157         (WebCore::BitmapImage::draw):
158         (WebCore::BitmapImage::checkForSolidColor):
159         (WebCore::BitmapImage::create):
160         * platform/graphics/qt/NativeImageQt.h: Added.
161         (WebCore):
162         (NativeImageQt):
163         (WebCore::NativeImageQt::defaultFormatForAlphaEnabledImages):
164         (WebCore::NativeImageQt::defaultFormatForOpaqueImages):
165          * platform/graphics/qt/PatternQt.cpp:
166         (WebCore::Pattern::createPlatformPattern):
167         * platform/graphics/qt/StillImageQt.cpp:
168         (WebCore::StillImage::StillImage):
169         (WebCore::StillImage::~StillImage):
170         (WebCore::StillImage::currentFrameHasAlpha):
171         (WebCore::StillImage::size):
172         (WebCore::StillImage::nativeImageForCurrentFrame):
173         (WebCore::StillImage::draw):
174         * platform/graphics/qt/StillImageQt.h:
175         (WebCore::StillImage::create):
176         (WebCore::StillImage::createForRendering):
177         (StillImage):
178         * platform/graphics/qt/TransparencyLayer.h:
179         (WebCore::TransparencyLayer::TransparencyLayer):
180         (TransparencyLayer):
181         * platform/graphics/texmap/TextureMapperGL.cpp:
182         * platform/graphics/surfaces/qt/GraphicsSurfaceQt.cpp:
183         (WebCore::GraphicsSurface::createReadOnlyImage):
184          * platform/qt/ClipboardQt.cpp:
185         (WebCore::ClipboardQt::createDragImage):
186         (WebCore::ClipboardQt::declareAndWriteDragImage):
187         * platform/qt/CursorQt.cpp:
188         (WebCore::createCustomCursor):
189         * platform/qt/DragImageQt.cpp:
190         (WebCore::createDragImageFromImage):
191         * platform/qt/PasteboardQt.cpp:
192         (WebCore::Pasteboard::writeImage):
193
194 2012-07-16  Ilya Tikhonovsky  <loislo@chromium.org>
195
196         Web Inspector: moving forward to the better memory instrumentation API
197         https://bugs.webkit.org/show_bug.cgi?id=91259
198
199         Reviewed by Pavel Feldman.
200
201         I'm trying to remove unnecessary complexity of the API
202         reportInstrumentedObject and reportInstrumentedPointer will be replaced with addInstrumentedMember
203         The same will happen with reportPointer, reportObject pair.
204         Also info.report* will be replaced with info.add*
205
206         * bindings/js/ScriptWrappable.h:
207         (WebCore::ScriptWrappable::reportMemoryUsage):
208         * bindings/v8/DOMDataStore.cpp:
209         (WebCore::DOMDataStore::reportMemoryUsage):
210         * bindings/v8/IntrusiveDOMWrapperMap.h:
211         (WebCore::ChunkedTable::reportMemoryUsage):
212         * bindings/v8/ScriptProfiler.cpp:
213         (WebCore::ScriptProfiler::collectBindingMemoryInfo):
214         * bindings/v8/ScriptWrappable.h:
215         (WebCore::ScriptWrappable::reportMemoryUsage):
216         * bindings/v8/V8Binding.cpp:
217         (WebCore::V8BindingPerIsolateData::reportMemoryUsage):
218         (WebCore::StringCache::reportMemoryUsage):
219         * bindings/v8/V8DOMMap.h:
220         * css/StylePropertySet.h:
221         (WebCore::StylePropertySet::reportMemoryUsage):
222         * dom/CharacterData.cpp:
223         (WebCore::CharacterData::reportMemoryUsage):
224         * dom/ContainerNode.h:
225         (WebCore::ContainerNode::reportMemoryUsage):
226         * dom/Document.cpp:
227         (WebCore::Document::reportMemoryUsage):
228         * dom/Element.h:
229         (WebCore::Element::reportMemoryUsage):
230         * dom/ElementAttributeData.h:
231         (WebCore::ElementAttributeData::reportMemoryUsage):
232         * dom/MemoryInstrumentation.h:
233         (WebCore::MemoryInstrumentation::addInstrumentedMember):
234         (MemoryInstrumentation):
235         (WebCore::MemoryInstrumentation::addMember):
236         (WebCore::MemoryInstrumentation::OwningTraits::addInstrumentedMember):
237         (WebCore::MemoryInstrumentation::OwningTraits::addMember):
238         (WebCore::MemoryInstrumentation::addInstrumentedMemberImpl):
239         (WebCore::MemoryInstrumentation::addMemberImpl):
240         (WebCore::MemoryClassInfo::addInstrumentedMember):
241         (WebCore::MemoryClassInfo::addMember):
242         (WebCore::MemoryClassInfo::addHashMap):
243         (WebCore::MemoryClassInfo::addHashSet):
244         (WebCore::MemoryClassInfo::addListHashSet):
245         (WebCore::MemoryClassInfo::addVector):
246         (WebCore::MemoryClassInfo::addString):
247         (WebCore::MemoryInstrumentation::addHashMap):
248         (WebCore::MemoryInstrumentation::addHashSet):
249         (WebCore::MemoryInstrumentation::addListHashSet):
250         (WebCore::MemoryInstrumentation::addVector):
251         * dom/Node.cpp:
252         (WebCore::Node::reportMemoryUsage):
253         * dom/QualifiedName.h:
254         (WebCore::QualifiedName::QualifiedNameImpl::reportMemoryUsage):
255         (WebCore::QualifiedName::reportMemoryUsage):
256         * inspector/InspectorMemoryAgent.cpp:
257         (WebCore):
258         * platform/TreeShared.h:
259         (WebCore::TreeShared::reportMemoryUsage):
260
261 2012-07-16  Sheriff Bot  <webkit.review.bot@gmail.com>
262
263         Unreviewed, rolling out r122714.
264         http://trac.webkit.org/changeset/122714
265         https://bugs.webkit.org/show_bug.cgi?id=91380
266
267         It broke mac compilation (Requested by loislo on #webkit).
268
269         * bindings/js/ScriptWrappable.h:
270         (WebCore::ScriptWrappable::reportMemoryUsage):
271         * bindings/v8/DOMDataStore.cpp:
272         (WebCore::DOMDataStore::reportMemoryUsage):
273         * bindings/v8/IntrusiveDOMWrapperMap.h:
274         (WebCore::ChunkedTable::reportMemoryUsage):
275         * bindings/v8/ScriptProfiler.cpp:
276         (WebCore::ScriptProfiler::collectBindingMemoryInfo):
277         * bindings/v8/ScriptWrappable.h:
278         (WebCore::ScriptWrappable::reportMemoryUsage):
279         * bindings/v8/V8Binding.cpp:
280         (WebCore::V8BindingPerIsolateData::reportMemoryUsage):
281         (WebCore::StringCache::reportMemoryUsage):
282         * bindings/v8/V8DOMMap.h:
283         * css/StylePropertySet.h:
284         (WebCore::StylePropertySet::reportMemoryUsage):
285         * dom/CharacterData.cpp:
286         (WebCore::CharacterData::reportMemoryUsage):
287         * dom/ContainerNode.h:
288         (WebCore::ContainerNode::reportMemoryUsage):
289         * dom/Document.cpp:
290         (WebCore::Document::reportMemoryUsage):
291         * dom/Element.h:
292         (WebCore::Element::reportMemoryUsage):
293         * dom/ElementAttributeData.h:
294         (WebCore::ElementAttributeData::reportMemoryUsage):
295         * dom/MemoryInstrumentation.h:
296         (WebCore::MemoryInstrumentation::reportObject):
297         (MemoryInstrumentation):
298         (WebCore::MemoryInstrumentation::reportPointer):
299         (WebCore::MemoryClassInfo::reportInstrumentedPointer):
300         (WebCore::MemoryClassInfo::reportInstrumentedObject):
301         (WebCore::MemoryClassInfo::reportPointer):
302         (WebCore::MemoryClassInfo::reportObject):
303         (WebCore::MemoryClassInfo::reportHashMap):
304         (WebCore::MemoryClassInfo::reportHashSet):
305         (WebCore::MemoryClassInfo::reportListHashSet):
306         (WebCore::MemoryClassInfo::reportVector):
307         (MemoryClassInfo):
308         (WebCore::MemoryClassInfo::reportString):
309         (WebCore):
310         (WebCore::MemoryInstrumentation::reportInstrumentedPointer):
311         (WebCore::MemoryInstrumentation::reportInstrumentedObject):
312         (WebCore::MemoryInstrumentation::reportHashMap):
313         (WebCore::MemoryInstrumentation::reportHashSet):
314         (WebCore::MemoryInstrumentation::reportListHashSet):
315         (WebCore::MemoryInstrumentation::reportVector):
316         * dom/Node.cpp:
317         (WebCore::Node::reportMemoryUsage):
318         * dom/QualifiedName.h:
319         (WebCore::QualifiedName::QualifiedNameImpl::reportMemoryUsage):
320         (WebCore::QualifiedName::reportMemoryUsage):
321         * inspector/InspectorMemoryAgent.cpp:
322         (WebCore):
323         * platform/TreeShared.h:
324         (WebCore::TreeShared::reportMemoryUsage):
325
326 2012-07-16  Ilya Tikhonovsky  <loislo@chromium.org>
327
328         Web Inspector: moving forward to the better memory instrumentation API
329         https://bugs.webkit.org/show_bug.cgi?id=91259
330
331         Reviewed by Pavel Feldman.
332
333         I'm trying to remove unnecessary complexity of the API
334         reportInstrumentedObject and reportInstrumentedPointer will be replaced with addInstrumentedMember
335         The same will happen with reportPointer, reportObject pair.
336         Also info.report* will be replaced with info.add*
337
338         * bindings/js/ScriptWrappable.h:
339         (WebCore::ScriptWrappable::reportMemoryUsage):
340         * bindings/v8/DOMDataStore.cpp:
341         (WebCore::DOMDataStore::reportMemoryUsage):
342         * bindings/v8/IntrusiveDOMWrapperMap.h:
343         (WebCore::ChunkedTable::reportMemoryUsage):
344         * bindings/v8/ScriptProfiler.cpp:
345         (WebCore::ScriptProfiler::collectBindingMemoryInfo):
346         * bindings/v8/ScriptWrappable.h:
347         (WebCore::ScriptWrappable::reportMemoryUsage):
348         * bindings/v8/V8Binding.cpp:
349         (WebCore::V8BindingPerIsolateData::reportMemoryUsage):
350         (WebCore::StringCache::reportMemoryUsage):
351         * bindings/v8/V8DOMMap.h:
352         * css/StylePropertySet.h:
353         (WebCore::StylePropertySet::reportMemoryUsage):
354         * dom/CharacterData.cpp:
355         (WebCore::CharacterData::reportMemoryUsage):
356         * dom/ContainerNode.h:
357         (WebCore::ContainerNode::reportMemoryUsage):
358         * dom/Document.cpp:
359         (WebCore::Document::reportMemoryUsage):
360         * dom/Element.h:
361         (WebCore::Element::reportMemoryUsage):
362         * dom/ElementAttributeData.h:
363         (WebCore::ElementAttributeData::reportMemoryUsage):
364         * dom/MemoryInstrumentation.h:
365         (WebCore::MemoryInstrumentation::addInstrumentedMember):
366         (MemoryInstrumentation):
367         (WebCore::MemoryInstrumentation::addMember):
368         (WebCore::MemoryInstrumentation::OwningTraits::addInstrumentedMember):
369         (WebCore::MemoryInstrumentation::OwningTraits::addMember):
370         (WebCore::MemoryInstrumentation::addInstrumentedMemberImpl):
371         (WebCore::MemoryInstrumentation::addMemberImpl):
372         (WebCore::MemoryClassInfo::addInstrumentedMember):
373         (WebCore::MemoryClassInfo::addMember):
374         (WebCore::MemoryClassInfo::addHashMap):
375         (WebCore::MemoryClassInfo::addHashSet):
376         (WebCore::MemoryClassInfo::addListHashSet):
377         (WebCore::MemoryClassInfo::addVector):
378         (WebCore::MemoryClassInfo::addString):
379         (WebCore::MemoryInstrumentation::addHashMap):
380         (WebCore::MemoryInstrumentation::addHashSet):
381         (WebCore::MemoryInstrumentation::addListHashSet):
382         (WebCore::MemoryInstrumentation::addVector):
383         * dom/Node.cpp:
384         (WebCore::Node::reportMemoryUsage):
385         * dom/QualifiedName.h:
386         (WebCore::QualifiedName::QualifiedNameImpl::reportMemoryUsage):
387         (WebCore::QualifiedName::reportMemoryUsage):
388         * inspector/InspectorMemoryAgent.cpp:
389         (WebCore):
390         * platform/TreeShared.h:
391         (WebCore::TreeShared::reportMemoryUsage):
392
393 2012-07-16  Ilya Tikhonovsky  <loislo@chromium.org>
394
395         Web Inspector: native memory instrumentation: extract instrumentation methods into MemoryClassInfo
396         https://bugs.webkit.org/show_bug.cgi?id=91227
397
398         Reviewed by Pavel Feldman.
399
400         void Node::reportMemoryUsage(MemoryObjectInfo* memoryObjectInfo) const
401         {
402             MemoryClassInfo<Node> info(memoryObjectInfo, this, MemoryInstrumentation::DOM);
403             info.visitBaseClass<ScriptWrappable>(this);
404
405             info.addMember(m_notInstrumentedPointer); // automatically detects poniter/reference
406             info.addInstrumentedMember(m_next);
407             info.addHashSet<MemoryInstrumentation::NonClass>(m_aHash);                // NonClass value_type (report only size of internal template structures)
408             info.addHashSet<MemoryInstrumentation::NotInstrumentedClass>(m_aHashSet); // not instrumented value_type (use sizeof)
409             info.addHashSet<MemoryInstrumentation::InstrumentedClass>(m_aHashSet);    // instrumented value_type (call visit)
410         }
411
412         The change is covered by existing tests for native memory snapshot.
413
414         * bindings/v8/DOMDataStore.cpp:
415         (WebCore::DOMDataStore::reportMemoryUsage):
416         * bindings/v8/IntrusiveDOMWrapperMap.h:
417         (WebCore::ChunkedTable::reportMemoryUsage):
418         * bindings/v8/ScriptWrappable.h:
419         (WebCore::ScriptWrappable::reportMemoryUsage):
420         * bindings/v8/V8Binding.cpp:
421         (WebCore::V8BindingPerIsolateData::reportMemoryUsage):
422         (WebCore::StringCache::reportMemoryUsage):
423         * bindings/v8/V8DOMMap.h:
424         * css/StylePropertySet.h:
425         (WebCore::StylePropertySet::reportMemoryUsage):
426         * dom/CharacterData.cpp:
427         (WebCore::CharacterData::reportMemoryUsage):
428         * dom/ContainerNode.h:
429         (WebCore::ContainerNode::reportMemoryUsage):
430         * dom/Document.cpp:
431         (WebCore::Document::reportMemoryUsage):
432         * dom/Element.h:
433         (WebCore::Element::reportMemoryUsage):
434         * dom/ElementAttributeData.h:
435         (WebCore::ElementAttributeData::reportMemoryUsage):
436         * dom/MemoryInstrumentation.h:
437         (MemoryInstrumentation):
438         (WebCore::MemoryObjectInfo::objectType):
439         (WebCore::MemoryObjectInfo::objectSize):
440         (WebCore::MemoryObjectInfo::memoryInstrumentation):
441         (MemoryObjectInfo):
442         (WebCore::MemoryObjectInfo::reportObjectInfo):
443         (WebCore):
444         (MemoryClassInfo):
445         (WebCore::MemoryClassInfo::MemoryClassInfo):
446         (WebCore::MemoryClassInfo::visitBaseClass):
447         (WebCore::MemoryClassInfo::reportInstrumentedPointer):
448         (WebCore::MemoryClassInfo::reportInstrumentedObject):
449         (WebCore::MemoryClassInfo::reportPointer):
450         (WebCore::MemoryClassInfo::reportObject):
451         (WebCore::MemoryClassInfo::reportHashMap):
452         (WebCore::MemoryClassInfo::reportHashSet):
453         (WebCore::MemoryClassInfo::reportListHashSet):
454         (WebCore::MemoryClassInfo::reportVector):
455         (WebCore::MemoryClassInfo::reportString):
456         * dom/Node.cpp:
457         (WebCore::Node::reportMemoryUsage):
458         * dom/QualifiedName.h:
459         (WebCore::QualifiedName::QualifiedNameImpl::reportMemoryUsage):
460         (WebCore::QualifiedName::reportMemoryUsage):
461         * platform/TreeShared.h:
462         (WebCore::TreeShared::reportMemoryUsage):
463
464 2012-07-15  Carlos Garcia Campos  <cgarcia@igalia.com>
465
466         Unreviewed. Fix make distcheck.
467
468         * GNUmakefile.am: Add missing idl directory.
469         * GNUmakefile.list.am: Add missing files to compilation.
470
471 2012-07-16  Eugene Klyuchnikov  <eustas.big@gmail.com>
472
473         Web Inspector: Implement message loop instrumentation for timeline
474         https://bugs.webkit.org/show_bug.cgi?id=88325
475
476         Reviewed by Pavel Feldman.
477
478         Message loop instrumentation will show when the render thread is busy.
479
480         * inspector/front-end/Settings.js:
481         (WebInspector.ExperimentsSettings):
482         Added new experiment.
483         * inspector/front-end/TimelineGrid.js:
484         (WebInspector.TimelineGrid.prototype.get dividersLabelBarElement):
485         Exposed label bar element.
486         * inspector/front-end/TimelinePanel.js:
487         (WebInspector.TimelinePanel):
488         (WebInspector.TimelinePanel.prototype._resetPanel):
489         Cleanups recorded tasks.
490         (WebInspector.TimelinePanel.prototype._refresh):
491         Updates CPU bar.
492         (WebInspector.TimelinePanel.prototype._refreshRecords):
493         Ditto.
494         (WebInspector.TimelinePanel.prototype._refreshCpuBars.compareEndTime):
495         Ditto.
496         (WebInspector.TimelinePanel.prototype._refreshCpuBars):
497         Ditto.
498         (WebInspector.TimelinePanel.prototype._enableMainThreadMonitoringExperiment):
499         Adds CPU bar to UI.
500         (WebInspector.TimelinePanel.prototype._showPopover):
501         Fix NPE.
502         (WebInspector.TimelineCalculator.prototype.computeTime):
503         Utility for position to time conversion.
504         (WebInspector.TimelineCalculator.prototype.setDisplayWindow):
505         Remenbers clientWidth.
506         * inspector/front-end/TimelinePresentationModel.js:
507         (WebInspector.TimelinePresentationModel.categories):
508         Define CPU bar colors.
509         * inspector/front-end/timelinePanel.css:
510         (.timeline-cpu-bars):
511         CPU bar styles.
512         (.timeline-cpu-bars-label):
513         Ditto.
514
515 2012-07-16  Sheriff Bot  <webkit.review.bot@gmail.com>
516
517         Unreviewed, rolling out r122681.
518         http://trac.webkit.org/changeset/122681
519         https://bugs.webkit.org/show_bug.cgi?id=91363
520
521         Patch introduces crashes in debug builds for GTK and EFL ports
522         (Requested by zdobersek on #webkit).
523
524         * platform/ScrollableArea.cpp:
525         (WebCore::ScrollableArea::scrollPositionChanged):
526
527 2012-07-16  Luke Macpherson  <macpherson@chromium.org>
528
529         Compilation failure in StyleResolver.cpp (clang)
530         https://bugs.webkit.org/show_bug.cgi?id=89892
531
532         Reviewed by Ryosuke Niwa.
533
534         Patch adds assertions that unreachable code is in fact not reached.
535
536         Covered by fast/css/variables tests.
537
538         * css/CSSParser.cpp:
539         (WebCore::CSSParser::parseValue):
540         * css/StyleResolver.cpp:
541         (WebCore::StyleResolver::collectMatchingRulesForList):
542
543 2012-07-15  Mike Lawther  <mikelawther@chromium.org>
544
545         Fix calculation of rgba's alpha in CSS custom text
546         https://bugs.webkit.org/show_bug.cgi?id=91355
547
548         Reviewed by Ryosuke Niwa.
549
550         Alpha values are stored as an 8 bit value. To convert this to a float in the
551         range [0,1], we need to divide by 255, not 256. 
552
553         Test: fast/css/rgba-custom-text.html
554
555         * css/CSSPrimitiveValue.cpp:
556         (WebCore::CSSPrimitiveValue::customCssText):
557
558 2012-07-15  Jason Liu  <jason.liu@torchmobile.com.cn>
559
560         [BlackBerry] We shouldn't call didFinishLoading for the old request when a new request has been sent by notifyAuthReceived.
561         https://bugs.webkit.org/show_bug.cgi?id=90962
562
563         Reviewed by Rob Buis.
564
565         We start a new NetworkJob with credentials after receiving 401/407 status.
566         We should not release resources in webcore when the old job is closed because
567         they are needed by the new one.
568         We should do as 3XX.
569
570         No new tests. No change in behaviour.
571
572         * platform/network/blackberry/NetworkJob.cpp:
573         (WebCore::NetworkJob::NetworkJob):
574         (WebCore::NetworkJob::notifyAuthReceived):
575         (WebCore::NetworkJob::shouldReleaseClientResource):
576         (WebCore::NetworkJob::handleRedirect):
577         * platform/network/blackberry/NetworkJob.h:
578         (NetworkJob):
579
580 2012-07-15  Ryosuke Niwa  <rniwa@webkit.org>
581
582         REGRESSION(r122660): Cannot iterate over HTMLCollection that contains non-child descendent nodes in some conditions
583         https://bugs.webkit.org/show_bug.cgi?id=91334
584
585         Reviewed by Ojan Vafai.
586
587         The bug was caused by using lastChild() as the starting node for traversePreviousNode. Since it's the inverse of
588         Node::traverseNextNode(), which visits nodes in pre order, we must start our search from the last descendent node,
589         which is visited traverseNextNode immediately before reaching the root node.
590
591         Test: fast/dom/htmlcollection-backwards-subtree-iteration.html
592
593         * html/HTMLCollection.cpp:
594         (WebCore::lastDescendent):
595         (WebCore):
596         (WebCore::itemBeforeOrAfter):
597
598 2012-07-15  Joseph Pecoraro  <pecoraro@apple.com>
599
600         Windowless WebView not firing JavaScript load event if there is a media element
601         https://bugs.webkit.org/show_bug.cgi?id=91331
602
603         Reviewed by Eric Carlson.
604
605         In prepareForLoad we start deferring the load event. If we fall into this
606         clause where the page can not start loading media we bail, potentially
607         indefinitely waiting until we can start loading media. Since we can not
608         be certain this will ever happen, we should stop deferring the page's
609         load event.
610
611         Test: WebKit1.WindowlessWebViewWithMedia TestWebKitAPI test. The only
612         way this path was reachable right now is on the mac port.
613
614         * html/HTMLMediaElement.cpp:
615         (WebCore::HTMLMediaElement::loadInternal):
616
617 2012-07-15  Dan Bernstein  <mitz@apple.com>
618
619         <rdar://problem/11875795> REGRESSION (tiled drawing): Page’s scroll bars flash with each character you type in a textarea (affects Wikipedia and YouTube)
620         https://bugs.webkit.org/show_bug.cgi?id=91348
621
622         Reviewed by Anders Carlsson.
623
624         * platform/ScrollableArea.cpp:
625         (WebCore::ScrollableArea::scrollPositionChanged): Added an early return if the scroll position
626         did not, in fact, change. This avoids the call to ScrollAnimator::notifyContentAreaScrolled,
627         which is what causes the scroll bars to flash.
628
629 2012-07-14  Eric Carlson  <eric.carlson@apple.com>
630
631         Enable AVCF hardware video decoding
632         https://bugs.webkit.org/show_bug.cgi?id=90015
633         <rdar://problem/10770317>
634
635         Reviewed by Anders Carlsson.
636
637         * html/HTMLMediaElement.cpp:
638         (WebCore):
639         (WebCore::HTMLMediaElement::mediaPlayerGraphicsDeviceAdapter): New, return the client's graphics 
640             device adapter.
641         * html/HTMLMediaElement.h:
642
643         * page/ChromeClient.h:
644         (WebCore::ChromeClient::graphicsDeviceAdapter): New.
645
646         * platform/graphics/MediaPlayer.cpp:
647         (WebCore::MediaPlayer::graphicsDeviceAdapter): New, ask the media element for the graphics
648             device adapter.
649         * platform/graphics/MediaPlayer.h:
650
651         * platform/graphics/avfoundation/cf/AVFoundationCFSoftLinking.h: Soft-link AVCFPlayerSetDirect3DDevice
652             and AVCFPlayerEnableHardwareAcceleratedVideoDecoderKey.
653
654         * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp: 
655         (WebCore::MediaPlayerPrivateAVFoundationCF::createAVAssetForURL): Pass the current d3d9
656             device interface to the AVFWrapper.
657         (WebCore::AVFWrapper::createAssetForURL): If the d3d9 device implements IDirect3DDevice9Ex,
658             tell the AVAsset to enable hardware video decoding.
659         (WebCore::AVFWrapper::createPlayer): Pass the d3d9 device to the player if it implements IDirect3DDevice9Ex.
660
661         * platform/graphics/ca/win/CACFLayerTreeHost.h:
662         (WebCore::CACFLayerTreeHost::graphicsDeviceAdapter): New, default implementation.
663
664         * platform/graphics/ca/win/LegacyCACFLayerTreeHost.h:
665         (WebCore::LegacyCACFLayerTreeHost::graphicsDeviceAdapter): New, default implementation.
666         * platform/graphics/ca/win/WKCACFViewLayerTreeHost.cpp:
667         (WebCore::WKCACFViewLayerTreeHost::graphicsDeviceAdapter): New.
668         * platform/graphics/ca/win/WKCACFViewLayerTreeHost.h:
669
670         * platform/win/SoftLinking.h: Define SOFT_LINK_DLL_IMPORT_OPTIONAL, SOFT_LINK_LOADED_LIBRARY,
671             and SOFT_LINK_VARIABLE_DLL_IMPORT_OPTIONAL.
672
673 2012-07-14  Ryosuke Niwa  <rniwa@webkit.org>
674
675         Fix Chromium Mac build failure after r122670.
676
677         * platform/graphics/mac/ComplexTextController.cpp:
678
679 2012-07-14  Mark Rowe  <mrowe@apple.com>
680
681         Fix the Snow Leopard build.
682
683         * platform/LocalizedStrings.cpp:
684         (WebCore::contextMenuItemTagLookUpInDictionary): Fix a typo in the condition so that Snow Leopard
685         continues to take the expected path.
686
687 2012-07-14  Ryosuke Niwa  <rniwa@webkit.org>
688
689         Accessing the last item in children should be a constant time operation
690         https://bugs.webkit.org/show_bug.cgi?id=91320
691
692         Reviewed by Ojan Vafai.
693
694         Traverse nodes from the last item when the target offset we're looking for is closer to the last item
695         than to the cached item. e.g. if the cached item was at offset 0 in the collection and length was 100,
696         we should not be looking for the item at offset 95 from the cached item.
697
698         Note that this trick can be only used in HTML collection that supports itemBefore and when the length
699         cache is available.
700
701         Also broke shouldSearchFromFirstItem into smaller logical pieces to clarify the intents.
702
703         Test: perf/htmlcollection-last-item.html
704
705         * html/HTMLCollection.cpp:
706         (WebCore):
707         (WebCore::HTMLCollection::isLastItemCloserThanLastOrCachedItem):
708         (WebCore::HTMLCollection::isFirstItemCloserThanCachedItem):
709         (WebCore::HTMLCollection::item):
710         * html/HTMLCollection.h:
711         (HTMLCollection):
712
713 2012-07-14  Mark Rowe  <mrowe@apple.com>
714
715         Fix the Windows build.
716
717         * platform/network/cf/DNSCFNet.cpp: Fix the condition to take Windows in to account.
718
719 2012-07-14  Mark Rowe  <mrowe@apple.com>
720
721         Make it explicit which code paths iOS should use when doing checks based on OS X versions.
722
723         Rubber-stamped by David Kilzer.
724
725         * WebCore.exp.in:
726         * accessibility/AccessibilityList.h:
727         * accessibility/AccessibilityTable.h:
728         * accessibility/mac/AXObjectCacheMac.mm:
729         * editing/mac/EditorMac.mm:
730         * loader/MainResourceLoader.cpp:
731         * loader/MainResourceLoader.h:
732         * page/AlternativeTextClient.h:
733         * page/mac/SettingsMac.mm:
734         * platform/LocalizedStrings.cpp:
735         * platform/MemoryPressureHandler.cpp:
736         * platform/audio/mac/AudioBusMac.mm:
737         * platform/graphics/Gradient.h:
738         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
739         * platform/graphics/ca/GraphicsLayerCA.cpp:
740         * platform/graphics/ca/PlatformCALayer.h:
741         * platform/graphics/ca/mac/PlatformCALayerMac.mm:
742         * platform/graphics/ca/mac/TileCache.mm:
743         * platform/graphics/cg/GraphicsContextCG.cpp:
744         * platform/graphics/cg/ImageBufferCG.cpp:
745         * platform/graphics/cg/ImageBufferDataCG.h:
746         * platform/graphics/cg/ImageCG.cpp:
747         * platform/graphics/cg/ImageSourceCG.cpp:
748         * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
749         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
750         * platform/graphics/mac/ComplexTextController.cpp:
751         * platform/graphics/mac/ComplexTextControllerCoreText.mm:
752         * platform/graphics/mac/FontCacheMac.mm:
753         * platform/graphics/mac/FontCustomPlatformData.cpp:
754         * platform/graphics/mac/FontMac.mm:
755         * platform/graphics/mac/GraphicsContextMac.mm:
756         * platform/graphics/mac/SimpleFontDataMac.mm:
757         * platform/graphics/mac/WebLayer.h:
758         * platform/graphics/mac/WebLayer.mm:
759         * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
760         * platform/mac/DisplaySleepDisabler.cpp:
761         * platform/mac/DisplaySleepDisabler.h:
762         * platform/mac/HTMLConverter.h:
763         * platform/mac/HTMLConverter.mm:
764         * platform/mac/MemoryPressureHandlerMac.mm:
765         * platform/mac/SharedTimerMac.mm:
766         * platform/mac/SuddenTermination.mm:
767         * platform/mac/WebFontCache.mm:
768         * platform/network/Credential.h:
769         * platform/network/ResourceHandle.h:
770         * platform/network/cf/DNSCFNet.cpp:
771         * platform/network/cf/ProxyServerCFNet.cpp:
772         * platform/network/cf/ResourceRequest.h:
773         * platform/network/cf/SocketStreamHandleCFNet.cpp:
774         * platform/network/mac/AuthenticationMac.mm:
775         * platform/network/mac/CookieStorageMac.mm:
776         * platform/network/mac/ResourceHandleMac.mm:
777         * platform/network/mac/ResourceRequestMac.mm:
778         * platform/network/mac/WebCoreURLResponse.mm:
779         * platform/text/TextChecking.h:
780         * platform/text/cf/HyphenationCF.cpp:
781         * platform/text/mac/HyphenationMac.mm:
782         * rendering/RenderLayerBacking.cpp:
783         * rendering/RenderLayerCompositor.cpp:
784
785 2012-07-14  Sheriff Bot  <webkit.review.bot@gmail.com>
786
787         Unreviewed, rolling out r122614.
788         http://trac.webkit.org/changeset/122614
789         https://bugs.webkit.org/show_bug.cgi?id=91317
790
791         Broke performance tests (Requested by rniwa on #webkit).
792
793         * bindings/v8/V8Binding.cpp:
794         (WebCore::StringCache::v8ExternalStringSlow):
795
796 2012-07-05  Robert Hogan  <robert@webkit.org>
797
798         CSS 2.1 failure: vertical-align-boxes-001 fails
799         https://bugs.webkit.org/show_bug.cgi?id=90626
800
801         Reviewed by Eric Seidel.
802
803         Tests: css2.1/20110323/vertical-align-boxes-001.htm
804
805         A percentage value vertical-align is always a percentage of the actual line-height rather than
806         the margin box per http://www.w3.org/TR/CSS21/visudet.html#propdef-vertical-align: 'Percentages: 
807         refer to the 'line-height' of the element itself'.  Confusingly, RenderBox::lineheight() is a
808         shorthand into the dimensions of the margin box for replaced elements in the other vertical-align
809         cases, i.e. where it's the margin box that's relevant rather than the 'line-height'. So rather than patch RenderBox's
810         lineHeight() to somehow consider the percentage cases, just give percentage vertical-align the full computedLineHeight()
811         rather than lineHeight()'s margin box.
812
813         * rendering/RootInlineBox.cpp:
814         (WebCore::RootInlineBox::verticalPositionForBox):
815
816 2012-07-13  Ryosuke Niwa  <rniwa@webkit.org>
817
818         Iterating backwards over HTMLCollection is O(n^2)
819         https://bugs.webkit.org/show_bug.cgi?id=91306
820
821         Reviewed by Anders Carlsson.
822
823         Fixed the bug by introducing itemBefore that iterates nodes backwards to complement itemAfter.
824         Unfortunately, some HTML collections such as HTMLFormCollection and HTMLTableRowsCollection have
825         its own itemAfter function and writing an equivalent itemBefore is somewhat tricky. For now,
826         added a new boolean flag indicating whether a given HTML collection supports itemBefore or not,
827         and left those HTML collections that override itemAfter alone.
828
829         This also paves our way to share more code between DynamicNodeList and HTMLCollection.
830
831         Test: perf/htmlcollection-backwards-iteration.html
832
833         * dom/DynamicNodeList.h:
834         (WebCore::DynamicNodeListCacheBase::DynamicNodeListCacheBase): Takes ItemBeforeSupportType.
835         (WebCore::DynamicNodeListCacheBase::supportsItemBefore): Added.
836         (DynamicNodeListCacheBase):
837         (WebCore::DynamicNodeListCacheBase::setItemCache): Replaced a FIXME by an assertion now that
838         we can.
839         * html/HTMLAllCollection.cpp:
840         (WebCore::HTMLAllCollection::HTMLAllCollection): Supports itemBefore since it doesn't override
841         itemAfter.
842         * html/HTMLCollection.cpp:
843         (WebCore::HTMLCollection::HTMLCollection):
844         (WebCore::HTMLCollection::create):
845         (WebCore::isAcceptableElement): Made it a static local function instead of a static member.
846         (WebCore::nextNode): Templatized.
847         (WebCore::itemBeforeOrAfter): Extracted from itemAfter and templatized.
848         (WebCore::HTMLCollection::itemBefore): Added.
849         (WebCore::HTMLCollection::itemAfter):
850         (WebCore::HTMLCollection::shouldSearchFromFirstItem): Added. Determines whether we should reset
851         the item cache to the first item. We obviously do if the cache is invalid. If the target offset
852         is after the cached offset, then we shouldn't go back regardless of availability of itemBefore.
853         Otherwise, we go back to the first item iff itemBefore is not available or the distance from
854         the cached offset to the target offset is greater than the target offset itself.
855         (WebCore::HTMLCollection::length):
856         (WebCore::HTMLCollection::item): Use the term "offset" to match the terminology elsewhere.
857         (WebCore::HTMLCollection::itemBeforeOrAfterCachedItem): Ditto. Also added the logic to iterate
858         nodes backwards using itemBefore. Once we're in this branch, we should always find a matching
859         item since the target offset was less than the cached offset, and offsets are non-negative.
860         If we had ever reached the end of the loop without finding an item, it indicates that the cache
861         has been invalid and we have some serious bug elsewhere.
862         * html/HTMLCollection.h:
863         (WebCore::HTMLCollectionCacheBase::HTMLCollectionCacheBase):
864         (HTMLCollection):
865         * html/HTMLOptionsCollection.cpp:
866         (WebCore::HTMLOptionsCollection::HTMLOptionsCollection): Supports itemBefore since it doesn't
867         override itemAfter.
868         * html/HTMLFormCollection.cpp:
869         (WebCore::HTMLFormCollection::HTMLFormCollection): Doesn't support itemBefore as it overrides
870         itemAfter.
871         * html/HTMLNameCollection.cpp:
872         (WebCore::HTMLNameCollection::HTMLNameCollection): Ditto.
873         * html/HTMLPropertiesCollection.cpp:
874         (WebCore::HTMLPropertiesCollection::HTMLPropertiesCollection):
875         * html/HTMLTableRowsCollection.cpp:
876         (WebCore::HTMLTableRowsCollection::HTMLTableRowsCollection):
877
878 2012-07-13  Eric Penner  <epenner@google.com>
879
880         [chromium] Add 'self-managed' option to CCPrioritizedTexture to enable render-surface and canvas use cases.
881         https://bugs.webkit.org/show_bug.cgi?id=91177
882
883         Reviewed by Adrienne Walker.
884
885         This makes the render-surface memory use case generic as 'self-managed' textures,
886         as this use case is popping up in other places (eg. canvases). It's exactly the
887         same idea except we can have as many place-holders as we want at arbitrary
888         priorities.
889
890         This already tested by the render surface unit tests which now also use the 
891         generic placeholder.
892
893         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
894         (WebCore::CCLayerTreeHost::CCLayerTreeHost):
895         (WebCore::CCLayerTreeHost::initializeLayerRenderer):
896         (WebCore::CCLayerTreeHost::updateLayers):
897         (WebCore::CCLayerTreeHost::setPrioritiesForSurfaces):
898         (WebCore):
899         (WebCore::CCLayerTreeHost::setPrioritiesForLayers):
900         (WebCore::CCLayerTreeHost::prioritizeTextures):
901         (WebCore::CCLayerTreeHost::calculateMemoryForRenderSurfaces):
902         (WebCore::CCLayerTreeHost::paintLayerContents):
903         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
904         (CCLayerTreeHost):
905         * platform/graphics/chromium/cc/CCPrioritizedTexture.cpp:
906         (WebCore::CCPrioritizedTexture::CCPrioritizedTexture):
907         (WebCore::CCPrioritizedTexture::setToSelfManagedMemoryPlaceholder):
908         * platform/graphics/chromium/cc/CCPrioritizedTexture.h:
909         (CCPrioritizedTexture):
910         (WebCore::CCPrioritizedTexture::setIsSelfManaged):
911         (WebCore::CCPrioritizedTexture::isSelfManaged):
912         * platform/graphics/chromium/cc/CCPrioritizedTextureManager.cpp:
913         (WebCore::CCPrioritizedTextureManager::prioritizeTextures):
914         (WebCore::CCPrioritizedTextureManager::acquireBackingTextureIfNeeded):
915         (WebCore::CCPrioritizedTextureManager::destroyBacking):
916         * platform/graphics/chromium/cc/CCPrioritizedTextureManager.h:
917         (CCPrioritizedTextureManager):
918         (WebCore::CCPrioritizedTextureManager::memoryForSelfManagedTextures):
919
920 2012-07-13  Kent Tamura  <tkent@chromium.org>
921
922         Internals: Clean up the mock PagePopupDriver correctly.
923         https://bugs.webkit.org/show_bug.cgi?id=91250
924
925         Unreviewed, a trivial testing code fix.
926
927         * testing/InternalSettings.cpp:
928         (WebCore::InternalSettings::Backup::restoreTo):
929         (WebCore::InternalSettings::reset):
930         Resetting PaePopupDriver here instead of Backup::restoreTo.
931         Also, close the mock popup before resetting PagePopupDriver by clearing m_pagePopupDriver.
932         * testing/MockPagePopupDriver.cpp:
933         (WebCore::MockPagePopupDriver::~MockPagePopupDriver):
934         Close the popup.
935
936 2012-07-13  Tony Payne  <tpayne@chromium.org>
937
938         Remove Widget from screenColorProfile
939         https://bugs.webkit.org/show_bug.cgi?id=91300
940
941         Reviewed by Adam Barth.
942
943         Chromium, the only platform implementing screenColorProfile, does not
944         need the Widget, so removing for simplicity.
945
946         Covered by existing tests.
947
948         * platform/PlatformScreen.h:
949         (WebCore): Updated comment to remove reference to type param that no
950         longer exists and removed Widget param.
951         * platform/blackberry/PlatformScreenBlackBerry.cpp:
952         (WebCore::screenColorProfile): Removed widget param.
953         * platform/chromium/PlatformScreenChromium.cpp:
954         (WebCore::screenColorProfile): Removed widget param.
955         * platform/efl/PlatformScreenEfl.cpp:
956         (WebCore::screenColorProfile): Removed widget param.
957         * platform/gtk/PlatformScreenGtk.cpp:
958         (WebCore::screenColorProfile): Removed widget param.
959         * platform/image-decoders/ImageDecoder.h:
960         (WebCore::ImageDecoder::qcmsOutputDeviceProfile): removed param to
961         match screenColorProfile()'s new spec.
962         * platform/mac/PlatformScreenMac.mm:
963         (WebCore::screenColorProfile): Removed widget param.
964         * platform/qt/PlatformScreenQt.cpp:
965         (WebCore::screenColorProfile): Removed widget param.
966         * platform/win/PlatformScreenWin.cpp:
967         (WebCore::screenColorProfile): Removed widget param.
968
969 2012-07-13  Brian Anderson  <brianderson@chromium.org>
970
971         [chromium] Add flushes to CCTextureUpdater::update
972         https://bugs.webkit.org/show_bug.cgi?id=89035
973
974         Reviewed by Adrienne Walker.
975
976         Automatic flushes are being removed from the command buffer, so
977         this moves the flushes into the CCTextureUpdater itself.
978
979         CCTextureUpdaterTest added to verify texture upload/flushing patterns.
980
981         * platform/graphics/chromium/cc/CCGraphicsContext.h:
982         (WebCore::CCGraphicsContext::flush):
983         (CCGraphicsContext):
984         * platform/graphics/chromium/cc/CCTextureUpdater.cpp:
985         (WebCore):
986         (WebCore::CCTextureUpdater::update): Manual flushes added here.
987
988 2012-07-13  Kiran Muppala  <cmuppala@apple.com>
989
990         REGRESSION: RenderInline boundingBox ignores relative position offset
991         https://bugs.webkit.org/show_bug.cgi?id=91168
992
993         Reviewed by Simon Fraser.
994
995         RenderGeometryMap, used for caching the transform to the view,
996         expects the first mapping pushed, to be that of the view itself.
997         RenderInline was instead pushing it's own offset first.  Besides
998         the offset of the view itself was not being pushed.
999
1000         Relaxed the RenderGeometryMap restriction that the first pushed
1001         step should be of the view.  It is sufficient that the view's mapping
1002         is pushed in the first call to pushMappingsToAncestor.  Modified
1003         RenderInline to push the offset of the view also to the geometry map.
1004
1005         Test: fast/inline/inline-relative-offset-boundingbox.html
1006
1007         * rendering/RenderGeometryMap.cpp:
1008         (WebCore::RenderGeometryMap::pushMappingsToAncestor): Add assertion to
1009         check if mapping to view was pushed in first invocation.
1010         (WebCore::RenderGeometryMap::pushView): Correct assertion that checks
1011         if the view's mapping is the first one to be applied.
1012         (WebCore::RenderGeometryMap::stepInserted): Use isRenderView to check if
1013         a mapping step belongs to a view instead of using mapping size.
1014         (WebCore::RenderGeometryMap::stepRemoved): Ditto.
1015         * rendering/RenderInline.cpp:
1016         (WebCore::(anonymous namespace)::AbsoluteQuadsGeneratorContext::AbsoluteQuadsGeneratorContext):
1017         Push mappings all the way up to and including the view.
1018
1019 2012-07-13  Xianzhu Wang  <wangxianzhu@chromium.org>
1020
1021         Move WebCore/platform/text/Base64 to WTF/wtf/text
1022         https://bugs.webkit.org/show_bug.cgi?id=91162
1023
1024         Reviewed by Adam Barth.
1025
1026         No new tests. Files moving only.
1027
1028         * CMakeLists.txt:
1029         * GNUmakefile.list.am:
1030         * Modules/websockets/WebSocketHandshake.cpp:
1031         (WebCore::generateSecWebSocketKey):
1032         (WebCore::WebSocketHandshake::getExpectedWebSocketAccept):
1033         * Target.pri:
1034         * WebCore.gypi:
1035         * WebCore.order:
1036         * WebCore.vcproj/WebCore.vcproj:
1037         * WebCore.xcodeproj/project.pbxproj:
1038         * fileapi/FileReaderLoader.cpp:
1039         (WebCore::FileReaderLoader::convertToDataURL):
1040         * inspector/DOMPatchSupport.cpp:
1041         (WebCore::DOMPatchSupport::createDigest):
1042         * inspector/InspectorFileSystemAgent.cpp:
1043         (WebCore):
1044         * inspector/InspectorPageAgent.cpp:
1045         (WebCore::InspectorPageAgent::cachedResourceContent):
1046         (WebCore::InspectorPageAgent::sharedBufferContent):
1047         * loader/archive/mhtml/MHTMLArchive.cpp:
1048         (WebCore::MHTMLArchive::generateMHTMLData):
1049         * loader/archive/mhtml/MHTMLParser.cpp:
1050         (WebCore::MHTMLParser::parseNextPart):
1051         * page/DOMWindow.cpp:
1052         (WebCore::DOMWindow::btoa):
1053         (WebCore::DOMWindow::atob):
1054         * page/Page.cpp:
1055         (WebCore::Page::userStyleSheetLocationChanged):
1056         * platform/graphics/cairo/ImageBufferCairo.cpp:
1057         (WebCore::ImageBuffer::toDataURL):
1058         * platform/graphics/cg/ImageBufferCG.cpp:
1059         (WebCore::CGImageToDataURL):
1060         * platform/graphics/gtk/ImageBufferGtk.cpp:
1061         (WebCore::ImageBuffer::toDataURL):
1062         * platform/graphics/skia/FontCustomPlatformData.cpp:
1063         (WebCore::createUniqueFontName):
1064         * platform/graphics/skia/ImageBufferSkia.cpp:
1065         (WebCore::ImageBuffer::toDataURL):
1066         (WebCore::ImageDataToDataURL):
1067         * platform/graphics/win/FontCustomPlatformData.cpp:
1068         (WebCore::createUniqueFontName):
1069         * platform/graphics/wince/FontCustomPlatformData.cpp:
1070         (WebCore::createUniqueFontName):
1071         * platform/graphics/wince/ImageBufferWinCE.cpp:
1072         * platform/graphics/wx/ImageBufferWx.cpp:
1073         * platform/network/DataURL.cpp:
1074         (WebCore::handleDataURL):
1075         * platform/network/cf/ResourceHandleCFNet.cpp:
1076         (WebCore::applyBasicAuthorizationHeader):
1077         * platform/network/mac/ResourceHandleMac.mm:
1078         (WebCore::applyBasicAuthorizationHeader):
1079         * platform/network/soup/ResourceHandleSoup.cpp:
1080         * platform/win/SSLKeyGeneratorWin.cpp:
1081         (WebCore::WebCore::signedPublicKeyAndChallengeString):
1082
1083 2012-07-13  Xianzhu Wang  <wangxianzhu@chromium.org>
1084
1085         [Chromium] Sometimes bottom of text is truncated when page has a fractional scale
1086         https://bugs.webkit.org/show_bug.cgi?id=88684
1087
1088         Reviewed by Tony Chang.
1089
1090         When the page has a fractional scale, the ascent and descent part of the fonts might be fractional.
1091         If the descent part is rounded down, the bottom of the text might be truncated when displayed
1092         when subpixel text positioning is enabled.
1093         To avoid that, borrow one unit from the ascent when possible.
1094
1095         Test: fast/text/descent-clip-in-scaled-page.html
1096
1097         * platform/graphics/harfbuzz/FontPlatformDataHarfBuzz.cpp:
1098         (WebCore::FontPlatformData::setupPaint): Moved NoPreference handling into querySystemForRenderStyle so that fontRenderStyle() can have actual styles without NoPreference.
1099         (WebCore::FontPlatformData::querySystemForRenderStyle): Added NoPreference handling (moved from setupPaint)
1100         * platform/graphics/harfbuzz/FontPlatformDataHarfBuzz.h:
1101         (FontPlatformData):
1102         (WebCore::FontPlatformData::fontRenderStyle): Added to let SimpleFontDataSkia access the font render styles.
1103         * platform/graphics/skia/SimpleFontDataSkia.cpp:
1104         (WebCore::SimpleFontData::platformInit):
1105
1106 2012-07-13  Ryosuke Niwa  <rniwa@webkit.org>
1107
1108         Remove an assertion after r122637.
1109
1110         * dom/DynamicNodeList.h:
1111         (WebCore::DynamicNodeListCacheBase::shouldInvalidateTypeOnAttributeChange):
1112
1113 2012-07-13  Pierre Rossi  <pierre.rossi@gmail.com>
1114
1115         [Qt] Improve the mobile theme slightly
1116         https://bugs.webkit.org/show_bug.cgi?id=90806
1117
1118         Reviewed by Kenneth Rohde Christiansen.
1119
1120         Improve drawing of the mobile theme's controls' background.
1121
1122         Ensure the focus ring never appears with the mobile theme, since it
1123         looks bad in combination with the highlights.
1124
1125         No new tests. The painting code from the mobile theme is still
1126         not covered specifically (it will when we revive pixel tests).
1127
1128         * platform/qt/RenderThemeQtMobile.cpp:
1129         (WebCore):
1130         (WebCore::addPointToOctants): Added. This is simply a helper to avoid
1131             doing too much duplicate work in drawControlBackground.
1132         (WebCore::drawControlBackground): Rely on the octant logic added above
1133             and take the opportunity to increase the granularity.
1134         (WebCore::borderPen):
1135         (WebCore::StylePainterMobile::findLineEdit):
1136         (WebCore::RenderThemeQtMobile::adjustTextFieldStyle):
1137         * platform/qt/RenderThemeQtMobile.h:
1138         (RenderThemeQtMobile):
1139         (WebCore::RenderThemeQtMobile::supportsFocusRing):
1140
1141 2012-07-13  Julien Chaffraix  <jchaffraix@webkit.org>
1142
1143         Remove an always-failing table-wrapping check in RenderObject::addChild
1144         https://bugs.webkit.org/show_bug.cgi?id=91286
1145
1146         Reviewed by Eric Seidel.
1147
1148         Due to the structure of the code, this test is always failing (newChild->isTableCell()
1149         is true to get in the branch).
1150
1151         The changeset adding the code didn't add testing so I poundered adding the mentioned test,
1152         which is passing. However the test would need to be blindly changed to be included in our
1153         test harness. I would also expect this code to be exercised by other table tests anyway.
1154
1155         * rendering/RenderObject.cpp:
1156         (WebCore::RenderObject::addChild):
1157         Removed never-reached branch. While at it, removed a 'what' comment in the same file.
1158
1159 2012-07-13  Emil A Eklund  <eae@chromium.org>
1160
1161         Use LayoutBoxExtent for image outsets
1162         https://bugs.webkit.org/show_bug.cgi?id=91166
1163
1164         Reviewed by Tony Chang.
1165
1166         Change RenderStyle and calling code to use LayoutBoxExtent for image
1167         outsets and remove text direction and writing mode versions of the
1168         outline getters from RenderStyle as LayoutBoxExtent provides the same
1169         functionality.
1170
1171         No new tests, no change in functionality.
1172
1173         * platform/graphics/FractionalLayoutBoxExtent.h:
1174         * platform/graphics/FractionalLayoutBoxExtent.cpp:
1175         (WebCore::FractionalLayoutBoxExtent::logicalTop):
1176         (WebCore::FractionalLayoutBoxExtent::logicalBottom):
1177         Add logicalTop and logicalBottom methods to go with the existing
1178         logicalLeft and logicalRight ones.
1179
1180         * platform/graphics/FractionalLayoutRect.h:
1181         (WebCore::FractionalLayoutRect::expand):
1182         Add FractionalLayoutBoxExtent version of expand method.
1183
1184         * rendering/InlineFlowBox.cpp:
1185         (WebCore::InlineFlowBox::addBorderOutsetVisualOverflow):
1186         Change implementation to use the new FractionalLayoutBoxExtent version of
1187         borderImageOutsets and the logicalTop/Bottom/Left/Right methods.
1188         
1189         (WebCore::clipRectForNinePieceImageStrip):
1190         Change implementation to use the new FractionalLayoutBoxExtent version of
1191         borderImageOutsets.
1192         
1193         * rendering/RenderBox.cpp:
1194         (WebCore::RenderBox::maskClipRect):
1195         Change implementation to use the new FractionalLayoutBoxExtent version of
1196         borderImageOutsets and the new FractionalLayoutRect::expand method.
1197         
1198         (WebCore::RenderBox::addVisualEffectOverflow):
1199         Change implementation to use the new FractionalLayoutBoxExtent version of
1200         borderImageOutsets.
1201         
1202         * rendering/RenderBoxModelObject.cpp:
1203         (WebCore::RenderBoxModelObject::paintNinePieceImage):
1204         Change implementation to use the new FractionalLayoutBoxExtent version of
1205         borderImageOutsets and the new FractionalLayoutRect::expand method.
1206
1207         * rendering/style/RenderStyle.h:
1208         * rendering/style/RenderStyle.cpp:
1209         (WebCore::RenderStyle::imageOutsets):
1210         Change getImageOutsets to return a FractionalLayoutBoxExtent object and
1211         rename to imageOutsets to match the webkit naming convention for getters.
1212
1213         Remove getBorderImageHorizontalOutsets, getBorderImageVerticalOutsets,
1214         getBorderImageInlineDirectionOutsets, getImageHorizontalOutsets,
1215         getImageVerticalOutsets and getBorderImageBlockDirectionOutsets methods
1216         as the same functionality is provided by FractionalLayoutBoxExtent.
1217
1218 2012-07-13  David Hyatt  <hyatt@apple.com>
1219
1220         https://bugs.webkit.org/show_bug.cgi?id=91278
1221         Improve block margin estimation function to account for not having a layout and for quirks mode
1222         
1223         Reviewed by Simon Fraser.
1224
1225         * rendering/RenderBlock.cpp:
1226         (WebCore::RenderBlock::marginBeforeEstimateForChild):
1227         Revise marginBeforeEstimateForChild so that it computes block margins for the grandchild before
1228         recurring. This includes the quirks margin information as well. This ensures that the margins are
1229         up-to-date when checked, even before the object has had its first layout.
1230         
1231         * rendering/RenderBlock.h:
1232         (WebCore::RenderBlock::setMarginStartForChild):
1233         (WebCore::RenderBlock::setMarginEndForChild):
1234         (WebCore::RenderBlock::setMarginBeforeForChild):
1235         (WebCore::RenderBlock::setMarginAfterForChild):
1236         * rendering/RenderBox.cpp:
1237         (WebCore::RenderBox::computeBlockDirectionMargins):
1238         * rendering/RenderBox.h:
1239         (RenderBox):
1240         Add consts in order to compile.
1241
1242 2012-07-13  Ryosuke Niwa  <rniwa@webkit.org>
1243
1244         NodeLists should not invalidate on irreleavnt attribute changes
1245         https://bugs.webkit.org/show_bug.cgi?id=91277
1246
1247         Reviewed by Ojan Vafai.
1248
1249         Explicitely check the invalidation type and the changed attribute in NodeListNodeData::invalidateCaches
1250         and ElementRareData::clearHTMLCollectionCaches to only invalidate node lists affected by the change.
1251
1252         Also merged invalidateNodeListsCacheAfterAttributeChanged and invalidateNodeListsCacheAfterChildrenChanged
1253         as invalidateNodeListCachesInAncestors since they're almost identical after r122498.
1254
1255         In addition, moved shouldInvalidateNodeListForType from Document.cpp to DynamicNodeList.h and renamed it to
1256         shouldInvalidateTypeOnAttributeChange since it needs to called in Node.cpp and ElementRareData.h.
1257
1258         * dom/Attr.cpp:
1259         (WebCore::Attr::setValue):
1260         (WebCore::Attr::childrenChanged):
1261         * dom/ContainerNode.cpp:
1262         (WebCore::ContainerNode::childrenChanged):
1263         * dom/Document.cpp:
1264         (WebCore::Document::registerNodeListCache): Calls isRootedAtDocument() instead of directly comparing
1265         the value of NodeListRootType in order to prepare for the bug 80269.
1266         (WebCore::Document::unregisterNodeListCache): Ditto.
1267         (WebCore): shouldInvalidateNodeListForType is moved to DynamicNodeList.h
1268         (WebCore::Document::shouldInvalidateNodeListCaches):
1269         * dom/DynamicNodeList.h:
1270         (DynamicNodeListCacheBase):
1271         (WebCore::DynamicNodeListCacheBase::shouldInvalidateTypeOnAttributeChange): Moved from Document.cpp.
1272         * dom/Element.cpp: 
1273         (WebCore::Element::attributeChanged):
1274         * dom/ElementRareData.h:
1275         (WebCore::ElementRareData::clearHTMLCollectionCaches): Takes const QualifiedName* to compare against
1276         the invalidation type of HTML collections via shouldInvalidateTypeOnAttributeChange.
1277         * dom/Node.cpp:
1278         (WebCore::Node::invalidateNodeListCachesInAncestors): Merged invalidateNodeListCachesInAncestors and
1279         invalidateNodeListsCacheAfterChildrenChanged. Also pass attrName to clearHTMLCollectionCaches.
1280         (WebCore::NodeListsNodeData::invalidateCaches): Compares attrName against the invalidation type of
1281         node lists via shouldInvalidateTypeOnAttributeChange.
1282         (WebCore):
1283         * dom/Node.h:
1284         (Node):
1285         * dom/NodeRareData.h:
1286         (WebCore::NodeRareData::ensureNodeLists): Merged NodeRareData::createNodeLists.
1287         (WebCore::NodeRareData::clearChildNodeListCache): Moved from Node.cpp.
1288         (NodeRareData):
1289         * html/HTMLCollection.h:
1290         (HTMLCollectionCacheBase):
1291
1292 2012-07-13  Arpita Bahuguna  <arpitabahuguna@gmail.com>
1293
1294         Refactor RenderTable to use the section's iteration functions.
1295         https://bugs.webkit.org/show_bug.cgi?id=89751
1296
1297         Reviewed by Julien Chaffraix.
1298
1299         Removing anti-pattern wherever possible from RenderTable code. Also, modifying
1300         RenderTable sections' iterations to use helper functions.
1301
1302         No new tests required for this change since no change in behavior is expected.
1303
1304         * rendering/RenderTable.cpp:
1305         (WebCore::RenderTable::addOverflowFromChildren):
1306         (WebCore::RenderTable::setCellLogicalWidths):
1307         (WebCore::RenderTable::outerBorderStart):
1308         (WebCore::RenderTable::outerBorderEnd):
1309         Removed anti-patterns involving iterations over RenderObjects.
1310
1311         (WebCore::RenderTable::outerBorderAfter):
1312         Modified RenderTable sections' iteration to use helper functions.
1313
1314 2012-07-13  Enrica Casucci  <enrica@apple.com>
1315
1316         Threadsafety issues in WebScriptObject
1317         https://bugs.webkit.org/show_bug.cgi?id=90849
1318
1319         Reviewed by Geoff Garen.
1320
1321         Updated fix for this bug. The JSC API lock needs to be acquired also in JSObject.
1322
1323         * bindings/objc/WebScriptObject.mm:
1324         (-[WebScriptObject JSObject]):
1325
1326 2012-07-13  Raymond Toy  <rtoy@google.com>
1327
1328         DelayNode doesn't work if delayTime.value == delayTime.maxValue
1329         https://bugs.webkit.org/show_bug.cgi?id=90357
1330
1331         Reviewed by Kenneth Russell.
1332
1333         Increase delay buffer size slightly so that the read and write
1334         pointers don't become equal when the delay and the max delay are
1335         the same.
1336         
1337         Tests: webaudio/delaynode-max-default-delay.html
1338                webaudio/delaynode-max-nondefault-delay.html
1339
1340         * Modules/webaudio/DelayDSPKernel.cpp:
1341         (WebCore): Moved SmoothingTimeConstant to WebCore namespace.
1342         (WebCore::DelayDSPKernel::DelayDSPKernel): Add some additional checks to prevent crashes; use bufferLengthForDelay to compute buffer length.
1343         (WebCore::DelayDSPKernel::bufferLengthForDelay): New function to compute buffer length.
1344         * Modules/webaudio/DelayDSPKernel.h:
1345         (DelayDSPKernel): Declare bufferLengthForDelay. 
1346
1347 2012-07-13  Benjamin Poulain  <bpoulain@apple.com>
1348
1349         Always aggressively preload on iOS
1350         https://bugs.webkit.org/show_bug.cgi?id=91276
1351
1352         Reviewed by Simon Fraser.
1353
1354         * loader/cache/CachedResourceLoader.cpp:
1355         (WebCore::CachedResourceLoader::preload):
1356
1357 2012-07-13  Vineet Chaudhary  <rgf748@motorola.com>
1358
1359         Restructure V8Utilities::extractTransferables() with help of toV8Sequence()
1360         https://bugs.webkit.org/show_bug.cgi?id=91208
1361
1362         Reviewed by Kentaro Hara.
1363
1364         We can remove the specialised check for MessagePort from V8Utilities::extractTransferables()
1365         using toV8Sequence() as it validates the passed object for sequence type per WebIDL spec.
1366
1367         No new test as just refactoring.
1368         Existing tests under fast/dom/Window/window-* fast/dom/events/*
1369         covers tests.
1370
1371         * bindings/v8/V8Utilities.cpp:
1372         (WebCore::extractTransferables):
1373
1374 2012-07-13  Vincent Scheib  <scheib@chromium.org>
1375
1376         Pointer Lock handles disconnected DOM elements
1377         https://bugs.webkit.org/show_bug.cgi?id=77029
1378
1379         Reviewed by Adrienne Walker.
1380
1381         Pointer Lock Controller now checks when elements or documents are
1382         removed, and unlocks if the target element is being removed.
1383
1384         Tests: pointer-lock/locked-element-iframe-removed-from-dom.html
1385                pointer-lock/locked-element-removed-from-dom.html
1386
1387         * dom/Document.cpp:
1388         (WebCore::Document::detach):
1389         * dom/Element.cpp:
1390         (WebCore::Element::removedFrom):
1391         (WebCore::Element::webkitRequestPointerLock):
1392         * page/PointerLockController.cpp:
1393         (WebCore::PointerLockController::requestPointerLock):
1394         (WebCore::PointerLockController::elementRemoved):
1395         (WebCore):
1396         (WebCore::PointerLockController::documentDetached):
1397         (WebCore::PointerLockController::didLosePointerLock):
1398         (WebCore::PointerLockController::enqueueEvent):
1399         * page/PointerLockController.h:
1400         (WebCore):
1401         (PointerLockController):
1402
1403 2012-07-13  Ryosuke Niwa  <rniwa@webkit.org>
1404
1405         HTMLCollection should use DynamicNodeList's invalidation model
1406         https://bugs.webkit.org/show_bug.cgi?id=90326
1407
1408         Reviewed by Anders Carlsson.
1409
1410         Make HTMLCollection invalidated upon attribute and children changes instead of invalidating it on demand
1411         by comparing DOM tree versions. Node that HTMLCollections owned by Document are invalidated with other
1412         document-rooted node lists in m_listsInvalidatedAtDocument for simplicity although this mechanism is
1413         normally used for node lists owned by a non-Document node that contains nodes outside of its subtree.
1414         ItemProperties and FormControls are more "traditional" users of the mechanism.
1415
1416         Also, merged DynamicNodeList::invalidateCache and HTMLCollection::invalidateCache.
1417
1418         * dom/Document.cpp:
1419         (WebCore::Document::registerNodeListCache): Renamed. No longer takes NodeListInvalidationType or
1420         NodeListRootType since they can be obtained from the cache base. Increment the node list counter for
1421         InvalidateOnIdNameAttrChange when a HTMLCollection is passed in since all HTMLCollections need to be
1422         invalidated on id or name content attribute changes due to named getters.
1423         (WebCore::Document::unregisterNodeListCache): Ditto.
1424         (WebCore::shouldInvalidateNodeListForType):
1425         (WebCore::Document::shouldInvalidateNodeListCaches):
1426         (WebCore::Document::clearNodeListCaches):
1427         * dom/Document.h:
1428         (WebCore): Added InvalidateOnIdNameAttrChange, InvalidateOnHRefAttrChange, and InvalidateOnAnyAttrChange.
1429         (Document):
1430         * dom/DynamicNodeList.cpp:
1431         (WebCore::DynamicNodeListCacheBase::invalidateCache): Added. Invalidates caches of both DynamicNodeList
1432         and HTMLCollection. We can't afford to use virtual function calls here because this function is called on
1433         all node lists and HTML collections owned by ancestors of an element under which a node is added, removed,
1434         or its attributes are changed.
1435         (WebCore):
1436         * dom/DynamicNodeList.h:
1437         (WebCore::DynamicNodeListCacheBase::DynamicNodeListCacheBase): Initializes member variables directly
1438         instead of calling clearCache now that DynamicNodeListCacheBase::invalidateCache has become polymorphic.
1439         (DynamicNodeListCacheBase): Increased the number of bits for m_invalidationType since we now have 9
1440         invalidation types.
1441         (WebCore::DynamicSubtreeNodeList::~DynamicSubtreeNodeList):
1442         (WebCore::DynamicSubtreeNodeList::DynamicSubtreeNodeList):
1443         * dom/ElementRareData.h:
1444         (ElementRareData):
1445         (WebCore::ElementRareData::clearHTMLCollectionCaches): Added.
1446         (WebCore::ElementRareData::adoptTreeScope): Added; similar to NodeRareData::adoptTreeScope.
1447         * dom/Node.cpp:
1448         (WebCore::Node::invalidateNodeListsCacheAfterAttributeChanged): Clears HTML collection caches as well as
1449         node list caches.
1450         (WebCore::Node::invalidateNodeListsCacheAfterChildrenChanged): Ditto.
1451         * dom/NodeRareData.h:
1452         (WebCore::NodeListsNodeData::adoptTreeScope):
1453         * dom/TreeScopeAdopter.cpp:
1454         (WebCore::TreeScopeAdopter::moveTreeToNewScope): Calls ElementRareData's adoptTreeScope as well as
1455         NodeRareData's.
1456         * html/HTMLAllCollection.cpp:
1457         (WebCore::HTMLAllCollection::namedItemWithIndex):
1458         * html/HTMLCollection.cpp:
1459         (WebCore::rootTypeFromCollectionType): Added. As mentioned above, treat all Document-owned HTML collection
1460         as if rooted at document for convenience.
1461         (WebCore::invalidationTypeExcludingIdAndNameAttributes): Added. Since all HTML collection requires
1462         invalidation on id and name content attribute changes, which is taken care by the special logic in
1463         Document::registerNodeListCache, exclude those two attributes from consideration.
1464         (WebCore::HTMLCollection::HTMLCollection): Calls Document::registerNodeListCache.
1465         (WebCore::HTMLCollection::~HTMLCollection): Calls Document::unregisterNodeListCache.
1466         (WebCore::HTMLCollection::length):
1467         (WebCore::HTMLCollection::item):
1468         (WebCore::HTMLCollection::namedItem):
1469         (WebCore::HTMLCollection::updateNameCache):
1470         * html/HTMLCollection.h:
1471         (WebCore::HTMLCollectionCacheBase::HTMLCollectionCacheBase):
1472         (HTMLCollectionCacheBase): Removed m_cacheTreeVersion and clearCache since they're no longer used.
1473         (HTMLCollection):
1474         * html/HTMLFormCollection.cpp:
1475         (WebCore::HTMLFormCollection::namedItem):
1476         (WebCore::HTMLFormCollection::updateNameCache):
1477         * html/HTMLOptionsCollection.h:
1478         (HTMLOptionsCollection):
1479         * html/HTMLPropertiesCollection.cpp:
1480         (WebCore::HTMLPropertiesCollection::updateNameCache):
1481         * html/HTMLPropertiesCollection.h:
1482         (WebCore::HTMLPropertiesCollection::invalidateCache):
1483
1484 2012-07-13  Shawn Singh  <shawnsingh@chromium.org>
1485
1486         [chromium] Remove incorrect debug assertion in LayerRendererChromium.cpp
1487         https://bugs.webkit.org/show_bug.cgi?id=91260
1488
1489         Reviewed by Adrienne Walker.
1490
1491         ASSERT(!clipped) was being triggered after skinny almost-degenerate
1492         quads went through anti-aliasing inflation, and then were being
1493         transformed back from device space to local space. It turns out
1494         this assertion is too aggressive, and we don't yet have an obvious
1495         need to change the behavior on the clipped==true case.
1496
1497         No new tests needed, this patch fixes only comments and debug code.
1498
1499         * platform/graphics/chromium/LayerRendererChromium.cpp:
1500         (WebCore::LayerRendererChromium::drawRenderPassQuad):
1501            fixed a comment.
1502
1503         (WebCore::LayerRendererChromium::drawTileQuad):
1504            fixed a similar comment, removed unnecessary assertion.
1505
1506 2012-07-13  Philip Rogers  <pdr@google.com>
1507
1508         Remove assert in localCoordinateSpaceTransform()
1509         https://bugs.webkit.org/show_bug.cgi?id=91189
1510
1511         Reviewed by Nikolas Zimmermann.
1512
1513         The assert in localCoordinateSpaceTransform was added to catch subclasses forgetting
1514         to override the method but it is better to simply return the identity matrix.
1515
1516         This scenario can occur when we break the SVG content model, such as asking for
1517         the CTM of a <g> element inside a <tspan>. This is undefined in the spec because
1518         tspan is not a subclass of SVGLocatable but both Firefox and Opera
1519         implement this by returning the identity matrix.
1520
1521         Test: svg/custom/invalid-ctm.svg
1522
1523         * svg/SVGStyledElement.cpp:
1524         (WebCore::SVGStyledElement::localCoordinateSpaceTransform):
1525
1526 2012-07-13  Kentaro Hara  <haraken@chromium.org>
1527
1528         [V8] String wrappers should be marked Independent
1529         https://bugs.webkit.org/show_bug.cgi?id=91251
1530
1531         Reviewed by Adam Barth.
1532
1533         Currently V8 String wrappers are not marked Independent.
1534         By marking them Independent, they can be reclaimed by the scavenger GC.
1535
1536         I tried to find some cases where this change reduces memory usage,
1537         but couldn't due to sensitive behavior of GC.
1538
1539         No tests. No change in behavior.
1540
1541         * bindings/v8/V8Binding.cpp:
1542         (WebCore::StringCache::v8ExternalStringSlow):
1543
1544 2012-07-13  Peter Beverloo  <peter@chromium.org>
1545
1546         [Chromium] Make the v8 i18n API dependency conditional for Android, disable strict aliasing
1547         https://bugs.webkit.org/show_bug.cgi?id=91240
1548
1549         Reviewed by Adam Barth.
1550
1551         Disable the v8 internationalization API for Chromium Android, as it's
1552         disabled and not always available in checkouts. Furthermore, disable
1553         strict aliasing for the webkit_remaining target, similar to what
1554         x11-based builds are doing (see the webcore_prerequisites target).
1555
1556         * WebCore.gyp/WebCore.gyp:
1557
1558 2012-07-13  Kentaro Hara  <haraken@chromium.org>
1559
1560         [CallWith=XXX] arguments should be placed at the head of method arguments
1561         https://bugs.webkit.org/show_bug.cgi?id=91217
1562
1563         Reviewed by Adam Barth.
1564
1565         The EFL build with the ENABLE_FILE_SYSTEM flag caused a build error,
1566         because CodeGeneratorJS.pm assumes webkitEntries(ScriptExecutionContext*, HTMLInputElement*)
1567         but the actual signature is webkitEntries(HTMLInputElement*, ScriptExecutionContext*) (bug 91185).
1568
1569         Per https://trac.webkit.org/wiki/WebKitIDL#CallWith, [CallWith=XXX] arguments should be placed
1570         at the head of the arguments. (i.e. the behavior of CodeGeneratorJS.pm is correct.)
1571
1572         Thus the correct fix is (1) to change the signature of webkitEntries() and webkitGetAsEntry()
1573         so that ScriptExecutionContext* comes first and (2) to modify CodeGeneratorV8.pm to support the order.
1574
1575         Test: bindings/scripts/test/TestObj.idl
1576
1577         * Modules/filesystem/DataTransferItemFileSystem.h: Placed ScriptExecutionContext* at the head of arguments.
1578         (DataTransferItemFileSystem):
1579         * Modules/filesystem/HTMLInputElementFileSystem.cpp: Ditto.
1580         (WebCore::HTMLInputElementFileSystem::webkitEntries):
1581         * Modules/filesystem/HTMLInputElementFileSystem.h: Ditto.
1582         (HTMLInputElementFileSystem):
1583         * Modules/filesystem/chromium/DataTransferItemFileSystemChromium.cpp: Ditto.
1584         (WebCore::DataTransferItemFileSystem::webkitGetAsEntry):
1585
1586         * bindings/scripts/CodeGeneratorV8.pm: Modified to support the correct order.
1587         (GenerateNormalAttrGetter):
1588         (GenerateNormalAttrSetter):
1589         (GenerateFunctionCallString):
1590
1591         * bindings/scripts/test/V8/V8TestInterface.cpp: Updated run-bindings-tests results.
1592         (WebCore::TestInterfaceV8Internal::supplementalMethod2Callback):
1593
1594 2012-07-13  Mary Wu  <mary.wu@torchmobile.com.cn>
1595
1596         [BlackBerry] Some small changes in network code
1597         https://bugs.webkit.org/show_bug.cgi?id=90974
1598
1599         Reviewed by Rob Buis.
1600
1601         1. Set status in NetworkJob/SocketStreamHandleBlackBerry so that
1602         its wrapped stream can also query the stream result.
1603         2. pass download attribute to NetworkRequest.
1604
1605         RIM PR# 171555
1606         Reviewed internally by Lyon Chen and Joe Mason.
1607
1608         * platform/network/blackberry/NetworkJob.cpp:
1609         (WebCore::NetworkJob::handleNotifyClose):
1610         * platform/network/blackberry/NetworkJob.h:
1611         (WebCore::NetworkJob::status):
1612         * platform/network/blackberry/ResourceRequestBlackBerry.cpp:
1613         (WebCore::platformTargetTypeForRequest):
1614         * platform/network/blackberry/SocketStreamHandle.h:
1615         (WebCore::SocketStreamHandle::status):
1616         (SocketStreamHandle):
1617         * platform/network/blackberry/SocketStreamHandleBlackBerry.cpp:
1618         (WebCore::SocketStreamHandle::notifyStatusReceived):
1619         (WebCore::SocketStreamHandle::notifyClose):
1620
1621 2012-07-13  Vsevolod Vlasov  <vsevik@chromium.org>
1622
1623         Web Inspector: Remove uiSourceCode from Resource.
1624         https://bugs.webkit.org/show_bug.cgi?id=91201
1625
1626         Reviewed by Pavel Feldman.
1627
1628         Removed Resource._uiSourceCode field as it is not used anymore.
1629
1630         * inspector/front-end/Resource.js:
1631         (WebInspector.Resource.prototype.isHidden):
1632         * inspector/front-end/UISourceCode.js:
1633         (WebInspector.UISourceCode):
1634
1635 2012-07-13  Sheriff Bot  <webkit.review.bot@gmail.com>
1636
1637         Unreviewed, rolling out r122450 and r122580.
1638         http://trac.webkit.org/changeset/122450
1639         http://trac.webkit.org/changeset/122580
1640         https://bugs.webkit.org/show_bug.cgi?id=91263
1641
1642         Caused multiple regressions on ClusterFuzz (Requested by
1643         inferno-sec on #webkit).
1644
1645         * bindings/js/ScriptWrappable.h:
1646         (WebCore::ScriptWrappable::reportMemoryUsage):
1647         * bindings/v8/DOMDataStore.cpp:
1648         (WebCore::DOMDataStore::reportMemoryUsage):
1649         * bindings/v8/IntrusiveDOMWrapperMap.h:
1650         (WebCore::ChunkedTable::reportMemoryUsage):
1651         * bindings/v8/ScriptWrappable.h:
1652         (WebCore::ScriptWrappable::reportMemoryUsage):
1653         * bindings/v8/V8Binding.cpp:
1654         (WebCore::V8BindingPerIsolateData::reportMemoryUsage):
1655         (WebCore::StringCache::reportMemoryUsage):
1656         * bindings/v8/V8DOMMap.h:
1657         * css/PropertySetCSSStyleDeclaration.cpp:
1658         (WebCore::InlineCSSStyleDeclaration::ensureMutablePropertySet):
1659         * css/StylePropertySet.cpp:
1660         * css/StylePropertySet.h:
1661         (WebCore::StylePropertySet::reportMemoryUsage):
1662         * dom/CharacterData.cpp:
1663         (WebCore::CharacterData::reportMemoryUsage):
1664         * dom/ContainerNode.h:
1665         (WebCore::ContainerNode::reportMemoryUsage):
1666         * dom/Document.cpp:
1667         (WebCore::Document::reportMemoryUsage):
1668         * dom/Element.cpp:
1669         (WebCore::Element::detachAttribute):
1670         (WebCore::Element::removeAttribute):
1671         (WebCore::Element::attributes):
1672         (WebCore::Element::setAttributeInternal):
1673         (WebCore::Element::parserSetAttributes):
1674         (WebCore::Element::hasEquivalentAttributes):
1675         (WebCore::Element::createAttributeData):
1676         (WebCore):
1677         (WebCore::Element::setAttributeNode):
1678         (WebCore::Element::removeAttributeNode):
1679         (WebCore::Element::getAttributeNode):
1680         (WebCore::Element::getAttributeNodeNS):
1681         (WebCore::Element::hasAttribute):
1682         (WebCore::Element::hasAttributeNS):
1683         (WebCore::Element::normalizeAttributes):
1684         (WebCore::Element::cloneAttributesFromElement):
1685         * dom/Element.h:
1686         (WebCore::Element::attributeData):
1687         (Element):
1688         (WebCore::Element::reportMemoryUsage):
1689         (WebCore::Element::ensureAttributeData):
1690         (WebCore::Element::updatedAttributeData):
1691         (WebCore::Element::ensureUpdatedAttributeData):
1692         * dom/ElementAttributeData.cpp:
1693         (WebCore::ElementAttributeData::attrIfExists):
1694         (WebCore::ElementAttributeData::ensureAttr):
1695         (WebCore::ElementAttributeData::setAttr):
1696         (WebCore::ElementAttributeData::removeAttr):
1697         (WebCore::ElementAttributeData::setClass):
1698         (WebCore):
1699         (WebCore::ElementAttributeData::ensureInlineStyle):
1700         (WebCore::ElementAttributeData::ensureMutableInlineStyle):
1701         (WebCore::ElementAttributeData::destroyInlineStyle):
1702         (WebCore::ElementAttributeData::addAttribute):
1703         (WebCore::ElementAttributeData::removeAttribute):
1704         (WebCore::ElementAttributeData::isEquivalent):
1705         (WebCore::ElementAttributeData::detachAttrObjectsFromElement):
1706         (WebCore::ElementAttributeData::getAttributeItemIndexSlowCase):
1707         (WebCore::ElementAttributeData::cloneDataFrom):
1708         (WebCore::ElementAttributeData::clearAttributes):
1709         (WebCore::ElementAttributeData::replaceAttribute):
1710         (WebCore::ElementAttributeData::getAttributeNode):
1711         * dom/ElementAttributeData.h:
1712         (WebCore::ElementAttributeData::create):
1713         (ElementAttributeData):
1714         (WebCore::ElementAttributeData::setIdForStyleResolution):
1715         (WebCore::ElementAttributeData::setAttributeStyle):
1716         (WebCore::ElementAttributeData::length):
1717         (WebCore::ElementAttributeData::isEmpty):
1718         (WebCore::ElementAttributeData::attributeItem):
1719         (WebCore::ElementAttributeData::getAttributeItem):
1720         (WebCore::ElementAttributeData::reportMemoryUsage):
1721         (WebCore::ElementAttributeData::ElementAttributeData):
1722         (WebCore::ElementAttributeData::attributeVector):
1723         (WebCore::ElementAttributeData::clonedAttributeVector):
1724         (WebCore::ElementAttributeData::removeAttribute):
1725         (WebCore::ElementAttributeData::getAttributeItemIndex):
1726         * dom/MemoryInstrumentation.h:
1727         (MemoryInstrumentation):
1728         (MemoryObjectInfo):
1729         (WebCore::MemoryObjectInfo::reportInstrumentedPointer):
1730         (WebCore::MemoryObjectInfo::reportPointer):
1731         (WebCore::MemoryObjectInfo::reportInstrumentedObject):
1732         (WebCore::MemoryObjectInfo::reportObject):
1733         (WebCore::MemoryObjectInfo::reportObjectInfo):
1734         (WebCore::MemoryObjectInfo::reportHashMap):
1735         (WebCore::MemoryObjectInfo::reportHashSet):
1736         (WebCore::MemoryObjectInfo::reportListHashSet):
1737         (WebCore::MemoryObjectInfo::reportVector):
1738         (WebCore::MemoryObjectInfo::reportString):
1739         (WebCore::MemoryObjectInfo::objectType):
1740         (WebCore::MemoryObjectInfo::objectSize):
1741         (WebCore::MemoryObjectInfo::memoryInstrumentation):
1742         * dom/Node.cpp:
1743         (WebCore::Node::reportMemoryUsage):
1744         * dom/QualifiedName.h:
1745         (WebCore::QualifiedName::QualifiedNameImpl::reportMemoryUsage):
1746         (WebCore::QualifiedName::reportMemoryUsage):
1747         * dom/StyledElement.cpp:
1748         (WebCore::StyledElement::style):
1749         (WebCore::StyledElement::classAttributeChanged):
1750         (WebCore::StyledElement::setInlineStyleProperty):
1751         (WebCore::StyledElement::removeInlineStyleProperty):
1752         (WebCore::StyledElement::addSubresourceAttributeURLs):
1753         * dom/StyledElement.h:
1754         (WebCore::StyledElement::ensureInlineStyle):
1755         * html/parser/HTMLConstructionSite.cpp:
1756         (WebCore::HTMLConstructionSite::createHTMLElementFromSavedElement):
1757         * platform/TreeShared.h:
1758         (WebCore::TreeShared::reportMemoryUsage):
1759         * xml/parser/XMLDocumentParserQt.cpp:
1760         (WebCore::XMLDocumentParser::XMLDocumentParser):
1761
1762 2012-07-13  Huang Dongsung  <luxtella@company100.net>
1763
1764         Remove down-casting to BitmapImage in GraphicsContext::drawImage.
1765         https://bugs.webkit.org/show_bug.cgi?id=90755
1766
1767         Reviewed by Simon Fraser.
1768
1769         Add a BitmapImage draw method which takes RespectImageOrientationEnum enum as
1770         the last argument for CG. Then we can remove the conditional down-casting in
1771         GraphicsContext::drawImage.
1772
1773         This change is needed for parallel image decoders. Because parallel image
1774         decoders use a Bitmap image wrapper class which extends Image (not Bitmap), the
1775         down-casting above causes the loss of RespectImageOrientationEnum which must be
1776         passed to BitmapImage.
1777
1778         No new tests, no behavior change.
1779
1780         * platform/graphics/BitmapImage.cpp:
1781         * platform/graphics/BitmapImage.h:
1782         * platform/graphics/GraphicsContext.cpp:
1783         (WebCore::GraphicsContext::drawImage):
1784         * platform/graphics/Image.cpp:
1785         (WebCore::Image::draw):
1786         (WebCore):
1787         * platform/graphics/Image.h:
1788         (Image):
1789
1790 2012-07-13  Lauro Neto  <lauro.neto@openbossa.org>
1791
1792         Fix QtWebKit build with OpenGLES after GC3D/E3D refactor
1793         https://bugs.webkit.org/show_bug.cgi?id=91156
1794
1795         Reviewed by Noam Rosenthal.
1796
1797         Adds several build fixes.
1798
1799         * platform/graphics/GraphicsContext3D.h:
1800             Use E3DOpenGLES instead of previously removed E3DQt.
1801
1802         * platform/graphics/OpenGLESShims.h:
1803             Enable defines for Qt.
1804
1805         * platform/graphics/opengl/Extensions3DOpenGLES.cpp:
1806         (WebCore::Extensions3DOpenGLES::blitFramebuffer):
1807         (WebCore):
1808         (WebCore::Extensions3DOpenGLES::renderbufferStorageMultisample):
1809         (WebCore::Extensions3DOpenGLES::copyTextureCHROMIUM):
1810             Added pure virtual stubs.
1811
1812         (WebCore::Extensions3DOpenGLES::supportsExtension):
1813             Remove PROC suffix. See bug #91130.
1814
1815         * platform/graphics/opengl/Extensions3DOpenGLES.h:
1816         (Extensions3DOpenGLES):
1817             Added pure virtual stubs.
1818
1819         * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
1820         (WebCore::GraphicsContext3D::reshapeFBOs):
1821             Readded missing function after removed in r122250.
1822
1823         (WebCore):
1824             Use PLATFORM(BLACKBERRY) guard around port-specific include.
1825
1826         * platform/graphics/qt/GraphicsContext3DQt.cpp:
1827             Added USE(OPENGL_ES_2) guard instead of always loading the OpenGL extensions.
1828
1829
1830 2012-07-13  Keishi Hattori  <keishi@webkit.org>
1831
1832         Form of FormAssociatedElement is not updated when id target changes.
1833         https://bugs.webkit.org/show_bug.cgi?id=91042
1834
1835         Reviewed by Kent Tamura.
1836
1837         Test: fast/forms/update-form-attribute-element.html
1838
1839         This patch introduces the IdTargetObserver and IdTargetObserverRegistry class.
1840         They can be used to be notified when the element that an id is pointing to (the id target)
1841         changes.
1842
1843         * CMakeLists.txt: Added IdTargetObserverRegistry.{h,cpp} and IdTargetObserver.{h,cpp}
1844         * GNUmakefile.list.am: Ditto.
1845         * Target.pri: Ditto.
1846         * WebCore.gypi: Ditto.
1847         * WebCore.vcproj/WebCore.vcproj: Ditto.
1848         * WebCore.xcodeproj/project.pbxproj: Ditto.
1849         * dom/DOMAllInOne.cpp:
1850         * dom/IdTargetObserver.cpp: Added. When you want notified of changes to an id target, you should create a new class that inherits this.
1851         (WebCore):
1852         (WebCore::IdTargetObserver::IdTargetObserver):
1853         (WebCore::IdTargetObserver::~IdTargetObserver):
1854         * dom/IdTargetObserver.h: Added.
1855         (WebCore):
1856         (IdTargetObserver):
1857         * dom/IdTargetObserverRegistry.cpp: Added.
1858         (WebCore):
1859         (WebCore::IdTargetObserverRegistry::create):
1860         (WebCore::IdTargetObserverRegistry::addObserver): Register an IdTargetObserver to observe an id target.
1861         (WebCore::IdTargetObserverRegistry::removeObserver): Unregisters an IdTargetObserver from observing.
1862         (WebCore::IdTargetObserverRegistry::notifyObserversInternal):
1863         * dom/IdTargetObserverRegistry.h: Added.
1864         (WebCore):
1865         (IdTargetObserverRegistry):
1866         (WebCore::IdTargetObserverRegistry::IdTargetObserverRegistry):
1867         (WebCore::IdTargetObserverRegistry::notifyObservers): Calls idTargetChanged on all observers for an id. Inlining first part of function for performance.
1868         * dom/TreeScope.cpp:
1869         (WebCore::TreeScope::TreeScope):
1870         (WebCore::TreeScope::addElementById): Calls IdTargetObserverRegistry::notifyObservers because the id target might have changed.
1871         (WebCore::TreeScope::removeElementById): Ditto.
1872         * dom/TreeScope.h:
1873         (WebCore):
1874         (WebCore::TreeScope::idTargetObserverRegistry):
1875         (TreeScope):
1876         * html/FormAssociatedElement.cpp: Observer for id targets defined by the form attribute.
1877         (WebCore::FormAssociatedElement::didMoveToNewDocument):
1878         (WebCore::FormAssociatedElement::insertedInto):
1879         (WebCore::FormAssociatedElement::removedFrom):
1880         (WebCore::FormAssociatedElement::formAttributeChanged):
1881         (WebCore::FormAssociatedElement::resetFormAttributeTargetObserver): Creates and sets up a new FormAttributeTargetObserver.
1882         (WebCore):
1883         (WebCore::FormAssociatedElement::formAttributeTargetChanged):
1884         (WebCore::FormAttributeTargetObserver::create):
1885         (WebCore::FormAttributeTargetObserver::FormAttributeTargetObserver):
1886         (WebCore::FormAttributeTargetObserver::idTargetChanged):
1887         * html/FormAssociatedElement.h:
1888         (FormAssociatedElement):
1889         * html/FormController.cpp:
1890         * html/FormController.h:
1891         (FormController):
1892         * html/HTMLFormElement.cpp:
1893         (WebCore::HTMLFormElement::removedFrom):
1894         (WebCore::HTMLFormElement::formElementIndexWithFormAttribute): Modified to take a range. It
1895         scans the range and returns the index to insert the element in m_associatedElement.
1896         (WebCore::HTMLFormElement::formElementIndex): Modified to only scan the elements in
1897         m_associatedElement that precede and follow the form element.
1898         * html/HTMLFormElement.h:
1899         (HTMLFormElement):
1900
1901 2012-07-13  Gabor Rapcsanyi  <rgabor@webkit.org>
1902
1903         Optimizing blend filter to ARM-NEON with intrinsics
1904         https://bugs.webkit.org/show_bug.cgi?id=90949
1905
1906         Reviewed by Zoltan Herczeg.
1907
1908         The feBlend SVG filter modes can be greatly fasten up with ARM-NEON since
1909         we are able to calculate with 2 pixels (8 channels) at the same time.
1910         The code is written with NEON intrinsics and it doesn't affect the
1911         general - it has the same behaviour as the original algorithm.
1912         With this NEON optimization the calculation is ~4.5 times faster for each mode.
1913
1914         Existing tests cover this issue.
1915
1916         * CMakeLists.txt:
1917         * GNUmakefile.list.am:
1918         * Target.pri:
1919         * WebCore.gypi:
1920         * WebCore.vcproj/WebCore.vcproj:
1921         * WebCore.xcodeproj/project.pbxproj:
1922         * platform/graphics/filters/FEBlend.cpp:
1923         (WebCore::FEBlend::platformApplyGeneric):
1924         (WebCore):
1925         (WebCore::FEBlend::platformApplySoftware):
1926         * platform/graphics/filters/FEBlend.h:
1927         (FEBlend):
1928         * platform/graphics/filters/arm/FEBlendNEON.h: Added.
1929         (WebCore):
1930         (FEBlendUtilitiesNEON):
1931         (WebCore::FEBlendUtilitiesNEON::div255): integer divison with 255
1932         (WebCore::FEBlendUtilitiesNEON::normal): calculate normal mode blending for two pixels
1933         (WebCore::FEBlendUtilitiesNEON::multiply): calculate multiply mode blending for two pixels
1934         (WebCore::FEBlendUtilitiesNEON::screen): calculate screen mode blending for two pixels
1935         (WebCore::FEBlendUtilitiesNEON::darken): calculate darken mode blending for two pixels
1936         (WebCore::FEBlendUtilitiesNEON::lighten): calculate lighten mode blending for two pixels
1937         (WebCore::FEBlend::platformApplyNEON):
1938
1939 2012-07-13  Ilya Tikhonovsky  <loislo@chromium.org>
1940
1941         Web Inspector: native memory instrumentation: extract instrumentation methods into MemoryClassInfo
1942         https://bugs.webkit.org/show_bug.cgi?id=91227
1943
1944         Reviewed by Pavel Feldman.
1945
1946         void Node::reportMemoryUsage(MemoryObjectInfo* memoryObjectInfo) const
1947         {
1948             MemoryClassInfo<Node> info(memoryObjectInfo, this, MemoryInstrumentation::DOM);
1949             info.visitBaseClass<ScriptWrappable>(this);
1950
1951             info.addMember(m_notInstrumentedPointer); // automatically detects poniter/reference
1952             info.addInstrumentedMember(m_next);
1953             info.addHashSet<MemoryInstrumentation::NonClass>(m_aHash);                // NonClass value_type (report only size of internal template structures)
1954             info.addHashSet<MemoryInstrumentation::NotInstrumentedClass>(m_aHashSet); // not instrumented value_type (use sizeof)
1955             info.addHashSet<MemoryInstrumentation::InstrumentedClass>(m_aHashSet);    // instrumented value_type (call visit)
1956         }
1957
1958         The change is covered by existing tests for native memory snapshot.
1959
1960         * bindings/v8/DOMDataStore.cpp:
1961         (WebCore::DOMDataStore::reportMemoryUsage):
1962         * bindings/v8/IntrusiveDOMWrapperMap.h:
1963         (WebCore::ChunkedTable::reportMemoryUsage):
1964         * bindings/v8/ScriptWrappable.h:
1965         (WebCore::ScriptWrappable::reportMemoryUsage):
1966         * bindings/v8/V8Binding.cpp:
1967         (WebCore::V8BindingPerIsolateData::reportMemoryUsage):
1968         (WebCore::StringCache::reportMemoryUsage):
1969         * bindings/v8/V8DOMMap.h:
1970         * css/StylePropertySet.h:
1971         (WebCore::StylePropertySet::reportMemoryUsage):
1972         * dom/CharacterData.cpp:
1973         (WebCore::CharacterData::reportMemoryUsage):
1974         * dom/ContainerNode.h:
1975         (WebCore::ContainerNode::reportMemoryUsage):
1976         * dom/Document.cpp:
1977         (WebCore::Document::reportMemoryUsage):
1978         * dom/Element.h:
1979         (WebCore::Element::reportMemoryUsage):
1980         * dom/ElementAttributeData.h:
1981         (WebCore::ElementAttributeData::reportMemoryUsage):
1982         * dom/MemoryInstrumentation.h:
1983         (MemoryInstrumentation):
1984         (WebCore::MemoryObjectInfo::objectType):
1985         (WebCore::MemoryObjectInfo::objectSize):
1986         (WebCore::MemoryObjectInfo::memoryInstrumentation):
1987         (MemoryObjectInfo):
1988         (WebCore::MemoryObjectInfo::reportObjectInfo):
1989         (WebCore):
1990         (MemoryClassInfo):
1991         (WebCore::MemoryClassInfo::MemoryClassInfo):
1992         (WebCore::MemoryClassInfo::visitBaseClass):
1993         (WebCore::MemoryClassInfo::reportInstrumentedPointer):
1994         (WebCore::MemoryClassInfo::reportInstrumentedObject):
1995         (WebCore::MemoryClassInfo::reportPointer):
1996         (WebCore::MemoryClassInfo::reportObject):
1997         (WebCore::MemoryClassInfo::reportHashMap):
1998         (WebCore::MemoryClassInfo::reportHashSet):
1999         (WebCore::MemoryClassInfo::reportListHashSet):
2000         (WebCore::MemoryClassInfo::reportVector):
2001         (WebCore::MemoryClassInfo::reportString):
2002         * dom/Node.cpp:
2003         (WebCore::Node::reportMemoryUsage):
2004         * dom/QualifiedName.h:
2005         (WebCore::QualifiedName::QualifiedNameImpl::reportMemoryUsage):
2006         (WebCore::QualifiedName::reportMemoryUsage):
2007         * platform/TreeShared.h:
2008         (WebCore::TreeShared::reportMemoryUsage):
2009
2010 2012-07-13  Pavel Feldman  <pfeldman@chromium.org>
2011
2012         Web Inspector: align scope filters
2013         https://bugs.webkit.org/show_bug.cgi?id=91213
2014
2015         Reviewed by Vsevolod Vlasov.
2016
2017         * inspector/front-end/elementsPanel.css:
2018         (.crumbs):
2019         * inspector/front-end/inspector.css:
2020         (.status-bar > div):
2021         (.scope-bar):
2022         (.scope-bar li):
2023         (.scope-bar li.all):
2024         * inspector/front-end/networkLogView.css:
2025
2026 2012-07-13  Peter Rybin  <peter.rybin@gmail.com>
2027
2028         Web Inspector: too many hardcoded strings in InspectorBackendDispatcher.
2029         https://bugs.webkit.org/show_bug.cgi?id=89198
2030
2031         Reviewed by Yury Semikhatsky.
2032
2033         Instead of generating error message string on every call (mostly for nothing),
2034         error message is generated deeper inside the handler and only command name
2035         is passed every time.
2036
2037         * inspector/CodeGeneratorInspector.py:
2038         (Generator.process_command):
2039
2040 2012-07-13  Joshua Netterfield  <jnetterfield@rim.com>
2041
2042         [BlackBerry] Update about:* pages
2043         https://bugs.webkit.org/show_bug.cgi?id=91121
2044
2045         Reviewed by Yong Li.
2046
2047         Update the about:config pages, and improve the aesthetics of the about:build, about:version, about:credits, about:memory, about:config, and similar pages.
2048
2049         No new tests, because there is no new funtionality.
2050
2051         * platform/network/blackberry/NetworkJob.cpp: Update the aesthetics of about:* pages
2052
2053 2012-07-13  Olivier Blin  <olivier.blin@softathome.com>
2054
2055         Fix checking for optional DeviceOrientationEvent.absolute in JSC bindings
2056         https://bugs.webkit.org/show_bug.cgi?id=91225
2057
2058         Reviewed by Steve Block.
2059
2060         This issue comes from r105036
2061
2062         * bindings/js/JSDeviceOrientationEventCustom.cpp:
2063         (WebCore::JSDeviceOrientationEvent::initDeviceOrientationEvent):
2064
2065 2012-07-13  Andrei Bucur  <abucur@adobe.com>
2066         [CSS Regions] Fix build for bug 89000
2067         https://bugs.webkit.org/show_bug.cgi?id=91215
2068
2069         Reviewed by Kentaro Hara.
2070
2071         Remove the unused variable m_state that was a leftover from a previous version of the patch.
2072
2073         Tests: No new tests, build fix.
2074
2075         * dom/WebKitNamedFlow.cpp:
2076         (WebCore::WebKitNamedFlow::WebKitNamedFlow):
2077         * dom/WebKitNamedFlow.h:
2078         (WebKitNamedFlow):
2079
2080 2012-07-13  Kenichi Ishibashi  <bashi@chromium.org>
2081
2082         [Chromium] Fix bugs in HarfBuzzShaper
2083         https://bugs.webkit.org/show_bug.cgi?id=90951
2084
2085         Reviewed by Tony Chang.
2086
2087         The current implementation has following problems:
2088         - Cannot render RTL text if the TextRun is divided into more than two
2089           HarfBuzzRun.
2090         - Script handling in TextRun partitioning is incorrect.
2091         - Inaccurate calculation of selection rect.
2092         - Wrong rendering position when the first glyph of the TextRun have
2093           non-zero offsets in terms of HarfBuzz.
2094
2095         To fix these problems I rewrote HarfBuzzShaper class. Here is the summary:
2096         - Divide the whole range of TextRun first, then shape them in visual
2097           order.
2098         - Divide TextRun in the same way of old-harfbuzz's
2099           hb_utf16_script_run_next().
2100         - Prefer float than int when calculating selection.
2101         - Adjust the drawing point after shaping.
2102
2103         Added tests covers the fix except for the last problem. The last problem will be covered
2104         by fast/text/international/complex-joining-using-gpos.html after chromium linux port switches
2105         to use HarfBuzzShaper.
2106
2107         Tests: fast/text/shaping/shaping-script-order.html
2108                fast/text/shaping/shaping-selection-rect.html
2109
2110         * platform/graphics/harfbuzz/FontHarfBuzz.cpp:
2111         (WebCore::Font::drawComplexText): Adjusts point after shaping.
2112         * platform/graphics/harfbuzz/ng/HarfBuzzShaper.cpp:
2113         (WebCore::HarfBuzzShaper::HarfBuzzRun::HarfBuzzRun):
2114         (WebCore):
2115         (WebCore::HarfBuzzShaper::HarfBuzzRun::applyShapeResult): Added.
2116         (WebCore::HarfBuzzShaper::HarfBuzzRun::setGlyphAndAdvance): Offsets are no longer needed.
2117         (WebCore::HarfBuzzShaper::HarfBuzzRun::xPositionForOffset): Calculates character offset based on advance.
2118         (WebCore::normalizeCharacters): Added.
2119         (WebCore::HarfBuzzShaper::HarfBuzzShaper):
2120         (WebCore::HarfBuzzShaper::~HarfBuzzShaper):
2121         (WebCore::HarfBuzzShaper::shape): Divides TextRun first, then shapes them.
2122         (WebCore::HarfBuzzShaper::adjustStartPoint): Added.
2123         (WebCore::HarfBuzzShaper::collectHarfBuzzRuns): Added.
2124         (WebCore::HarfBuzzShaper::shapeHarfBuzzRuns): Added.
2125         (WebCore::HarfBuzzShaper::setGlyphPositionsForHarfBuzzRun): Followed other changes.
2126         (WebCore::HarfBuzzShaper::selectionRect): Use float for calculating selection.
2127         * platform/graphics/harfbuzz/ng/HarfBuzzShaper.h:
2128         (HarfBuzzShaper): Holds the start index of character. Removed unnecessary variables.
2129         (WebCore::HarfBuzzShaper::HarfBuzzRun::create): Ditto.
2130         (HarfBuzzRun):
2131         (WebCore::HarfBuzzShaper::HarfBuzzRun::fontData): Added.
2132         (WebCore::HarfBuzzShaper::HarfBuzzRun::startIndex): Ditto.
2133         (WebCore::HarfBuzzShaper::HarfBuzzRun::glyphs): Ditto.
2134         (WebCore::HarfBuzzShaper::HarfBuzzRun::advances): Ditto.
2135
2136 2012-07-13  Kentaro Hara  <haraken@chromium.org>
2137
2138         Unreviewed, rolling out r122545.
2139         http://trac.webkit.org/changeset/122545
2140         https://bugs.webkit.org/show_bug.cgi?id=91185
2141
2142         We found that this was a wrong fix
2143
2144         * bindings/scripts/CodeGeneratorJS.pm:
2145         (GenerateImplementation):
2146
2147 2012-07-13  Kentaro Hara  <haraken@chromium.org>
2148
2149         Unreviewed, rolling out r122553.
2150         http://trac.webkit.org/changeset/122553
2151         https://bugs.webkit.org/show_bug.cgi?id=91198
2152
2153         We found that this was a wrong fix
2154
2155         * bindings/scripts/CodeGeneratorJS.pm:
2156         (GenerateImplementation):
2157
2158 2012-07-13  Kent Tamura  <tkent@chromium.org>
2159
2160         Change the timing of form state restore
2161         https://bugs.webkit.org/show_bug.cgi?id=89962
2162
2163         Reviewed by Hajime Morita.
2164
2165         For a preparation to fix a form identification problem (Bug 91209),
2166         restore controls states when the parsing of their owner forms is
2167         completed. For controls without owners, their states are restored when
2168         their parsing is completed as ever.
2169
2170         No new tests. This doesn't change observable behavior.
2171
2172         * html/FormController.cpp:
2173         (WebCore::ownerFormForState):
2174         Added. This code was used in formKey(), and restoreControlState*() use it.
2175         (WebCore::FormKeyGenerator::formKey): Use ownerFormForState(). No behavior change.
2176         (WebCore::FormController::restoreControlStateFor):
2177         Moved some code from HTMLFormControlElementWithState::finishParsingChildren().
2178         The difference is we don't resotre state if this control is owned by a form.
2179         (WebCore::FormController::restoreControlStateIn):
2180         Restore states of associated controls. This is called from
2181         finishParsingChildren() for <form>.
2182         * html/FormController.h:
2183         (FormController):
2184         - Declare restoreControlStateFor() and restoreControlStateIn().
2185         - Make takeStateForFormElement() private.
2186
2187         * html/FormAssociatedElement.cpp:
2188         (WebCore::FormAssociatedElement::isFormControlElementWithState):
2189         Added. The default implementation returns false.
2190         * html/FormAssociatedElement.h:
2191         (FormAssociatedElement):
2192         Added isFormControlElementWithState() for FormController::restoreControlStateIn().
2193         * html/HTMLFormControlElementWithState.cpp:
2194         (WebCore::HTMLFormControlElementWithState::finishParsingChildren):
2195         Some code was moved to FormController:restoreControlStateFor().
2196         (WebCore::HTMLFormControlElementWithState::isFormControlElementWithState):
2197         Added. Returns true.
2198         * html/HTMLFormControlElementWithState.h:
2199         (HTMLFormControlElementWithState): Declare isFormControlElementWithState().
2200         * html/HTMLFormElement.cpp:
2201         (WebCore::HTMLFormElement::finishParsingChildren):
2202         Added. Calls FormController::restoreControlStateIn().
2203         * html/HTMLFormElement.h:
2204         (HTMLFormElement): Declare finishParsingChildren().
2205
2206 2012-07-13  Kent Tamura  <tkent@chromium.org>
2207
2208         Make calendar pickers testable
2209         https://bugs.webkit.org/show_bug.cgi?id=84827
2210
2211         Reviewed by Hajime Morita.
2212
2213         WebCore:
2214         - Add PagePopupDriver, an interface to open/close a PagePopup.
2215         - Add setPagePopupDriver() to ChromeClient in order to inject a
2216         PagePopupDriver for testing.
2217
2218         Internals:
2219         Add MockPagePopupDriver, which creates a MockPagePopup, which creates a
2220         normal <iframe> in the top-level document, and load the popup content on
2221         it. MockPagePopupDriver is enabled by
2222         internals.settings.setEnableMockPagePopup(true).
2223
2224         Test: fast/forms/date/calendar-picker-appearance.html
2225
2226         * WebCore.gypi: Add new files.
2227         * WebCore.xcodeproj/project.pbxproj: Add files to make this buildable.
2228         * page/ChromeClient.h:
2229         (ChromeClient): Add function for PagePopupDriver.
2230         * loader/EmptyClients.h: Add empty implementations for PagePopupDriver functions.
2231         * page/PagePopupDriver.h: Added.
2232         (PagePopupDriver):
2233         (WebCore::PagePopupDriver::~PagePopupDriver):
2234
2235         * testing/InternalSettings.cpp:
2236         (WebCore::InternalSettings::Backup::restoreTo): Reset the mock PagePopupDriver.
2237         (WebCore::InternalSettings::setEnableMockPagePopup):
2238         Register MockPagePopupDriver to ChromeClient.
2239         * testing/InternalSettings.h:
2240         (InternalSettings): Declare setEnableMockPagePopup().
2241         * testing/InternalSettings.idl: ditto.
2242         * testing/MockPagePopupDriver.cpp: Added.
2243         (MockPagePopup): Pseudo PagePopup implementation with the standard <iframe>.
2244         (WebCore::MockPagePopupDriver::MockPagePopupDriver): Added.
2245         (WebCore::MockPagePopupDriver::create): Added.
2246         (WebCore::MockPagePopupDriver::~MockPagePopupDriver): Added.
2247         (WebCore::MockPagePopupDriver::openPagePopup):
2248         Added. An override of PagePopupDriver function. This creates a MockPagePopup.
2249         (WebCore::MockPagePopupDriver::closePagePopup):
2250         Added. An override of PagePopupDriver function. This deletes the MockPagePopup.
2251         * testing/MockPagePopupDriver.h:
2252         (MockPagePopupDriver): Added.
2253
2254         * testing/v8/WebCoreTestSupport.cpp:
2255         (WebCoreTestSupport::injectPagePopupController):
2256         Added. Production code uses per-Page context feature framework. However
2257         MockPagePopup uses the same page as the host page. So we can't use the
2258         framework and need to inject window.pagePopupController manually.
2259         * testing/v8/WebCoreTestSupport.h:
2260         (WebCoreTestSupport): Add injectPagePopupController().
2261
2262 2012-07-12  Pavel Feldman  <pfeldman@chromium.org>
2263
2264         Web Inspector: mute the native looks of the selects in the console.
2265         https://bugs.webkit.org/show_bug.cgi?id=91120
2266
2267         Reviewed by Vsevolod Vlasov.
2268
2269         This is necessary for Mac now that we don't use border images for select.
2270
2271         * inspector/front-end/ConsoleView.js:
2272         (WebInspector.ConsoleView.prototype.get statusBarItems):
2273         (WebInspector.ConsoleView.prototype.addContext):
2274         (WebInspector.ConsoleView.prototype.removeContext):
2275         (WebInspector.ConsoleView.prototype._updateIsolatedWorldSelector):
2276         (WebInspector.ConsoleView.prototype._appendIsolatedContextOption):
2277         (WebInspector.ConsoleView.prototype._currentEvaluationContext):
2278         (WebInspector.ConsoleView.prototype._currentIsolatedContextId):
2279         * inspector/front-end/StatusBarButton.js:
2280         (WebInspector.StatusBarComboBox):
2281         (WebInspector.StatusBarComboBox.prototype.addOption):
2282         (WebInspector.StatusBarComboBox.prototype.removeOption):
2283         (WebInspector.StatusBarComboBox.prototype.removeOptions):
2284         (WebInspector.StatusBarComboBox.prototype.selectedOption):
2285         * inspector/front-end/inspector.css:
2286         (.status-bar-select-container):
2287         (select.status-bar-item):
2288         (.console-context):
2289
2290 2012-07-13  Andrei Bucur  <abucur@adobe.com>
2291
2292         [CSS Regions] Fix the lifecycle for the flow objects and their renderers
2293         https://bugs.webkit.org/show_bug.cgi?id=89000
2294
2295         Reviewed by Eric Seidel.
2296
2297         This patch adds the concept of a NamedFlowCollection, owned by the document, that keeps track of
2298         all the named flows that exist in the Document. This collection contains a ListHashSet of weak references to
2299         all the existing NamedFlows in the document. This is not a managed set because the CREATED flows are referenced from the renderer and
2300         the NULL flows are only cached, they should be destructible.
2301         Two named flows are considered to be equal if they have the same name.
2302         I've changed the NamedFlow state to depend on the existence of its renderer. A flow thread that has a renderer will also have a NamedFlow object.
2303         A flow thread without a renderer can have a NamedFlow object, but only in the NULL state. It's possible for a NamedFlow object to jump from the
2304         NULL state to the CREATED state if it was not destroyed (e.g. it was referenced from JS). Keeping track of the NULL state flows that have listeners will be important
2305         so when they go back to the CREATED state, the listeners would still be there.
2306
2307         Link to spec: http://www.w3.org/TR/2012/WD-css3-regions-20120503/
2308
2309         Tests: The old tests have been modified to take into account the new behavior
2310
2311         * CMakeLists.txt:
2312         * GNUmakefile.list.am:
2313         * Target.pri:
2314         * WebCore.gypi:
2315         * WebCore.vcproj/WebCore.vcproj:
2316         * WebCore.xcodeproj/project.pbxproj:
2317         * dom/DOMAllInOne.cpp:
2318         * dom/Document.cpp:
2319         (WebCore::Document::~Document):
2320         (WebCore):
2321         (WebCore::Document::webkitGetFlowByName):
2322         (WebCore::Document::namedFlows):
2323         * dom/Document.h:
2324         (WebCore):
2325         (Document):
2326         * dom/WebKitNamedFlow.cpp:
2327         (WebCore::WebKitNamedFlow::WebKitNamedFlow):
2328         (WebCore::WebKitNamedFlow::~WebKitNamedFlow):
2329         (WebCore::WebKitNamedFlow::create):
2330         (WebCore):
2331         (WebCore::WebKitNamedFlow::name):
2332         (WebCore::WebKitNamedFlow::overset):
2333         (WebCore::nodeInFlowThread):
2334         (WebCore::WebKitNamedFlow::getRegionsByContentNode):
2335         (WebCore::WebKitNamedFlow::getContent):
2336         (WebCore::WebKitNamedFlow::setRenderer):
2337         * dom/WebKitNamedFlow.h:
2338         (WebCore):
2339         (WebKitNamedFlow):
2340         (WebCore::WebKitNamedFlow::getFlowState):
2341         (WebCore::WebKitNamedFlow::switchFlowState):
2342         * dom/WebKitNamedFlowCollection.cpp: Added.
2343         (WebCore):
2344         (WebCore::WebKitNamedFlowCollection::WebKitNamedFlowCollection):
2345         (WebCore::WebKitNamedFlowCollection::length): An O(1) operation
2346         (WebCore::WebKitNamedFlowCollection::item): An O(N) operation
2347         (WebCore::WebKitNamedFlowCollection::flowByName): An O(1) operation
2348         (WebCore::WebKitNamedFlowCollection::ensureNamedFlowInCreatedState): An O(1) operation
2349         (WebCore::WebKitNamedFlowCollection::moveNamedFlowToNullState): An O(1) operation
2350         (WebCore::WebKitNamedFlowCollection::discardNamedFlow): An O(1) operation
2351         (WebCore::WebKitNamedFlowCollection::documentDestroyed):
2352         (WebCore::WebKitNamedFlowCollection::NamedFlowHashFunctions::hash):
2353         (WebCore::WebKitNamedFlowCollection::NamedFlowHashFunctions::equal):
2354         (WebKitNamedFlowCollection::NamedFlowHashFunctions):
2355         (WebCore::WebKitNamedFlowCollection::NamedFlowHashTranslator::hash):
2356         (WebCore::WebKitNamedFlowCollection::NamedFlowHashTranslator::equal):
2357         * dom/WebKitNamedFlowCollection.h: Copied from Source/WebCore/dom/WebKitNamedFlow.h.
2358         (WebCore):
2359         (WebKitNamedFlowCollection):
2360         (WebCore::WebKitNamedFlowCollection::create):
2361         (WebCore::WebKitNamedFlowCollection::document):
2362         * rendering/FlowThreadController.cpp:
2363         (WebCore::FlowThreadController::ensureRenderFlowThreadWithName):
2364         (WebCore::FlowThreadController::removeFlowThread):
2365         (WebCore):
2366         * rendering/FlowThreadController.h:
2367         (FlowThreadController):
2368         * rendering/RenderNamedFlowThread.cpp:
2369         (WebCore::RenderNamedFlowThread::RenderNamedFlowThread):
2370         (WebCore):
2371         (WebCore::RenderNamedFlowThread::~RenderNamedFlowThread):
2372         (WebCore::RenderNamedFlowThread::removeRegionFromThread):
2373         (WebCore::RenderNamedFlowThread::unregisterNamedFlowContentNode):
2374         (WebCore::RenderNamedFlowThread::flowThreadName):
2375         (WebCore::RenderNamedFlowThread::willBeDestroyed):
2376         * rendering/RenderNamedFlowThread.h:
2377         (RenderNamedFlowThread):
2378         (WebCore::RenderNamedFlowThread::contentNodes):
2379         (WebCore::RenderNamedFlowThread::canBeDestroyed):
2380
2381 2012-07-13  Vineet Chaudhary  <rgf748@motorola.com>
2382
2383         [V8Bindings] Implement generalised method to validates that the passed object is a sequence type.
2384         https://bugs.webkit.org/show_bug.cgi?id=91056
2385
2386         Reviewed by Kentaro Hara.
2387
2388         Currently the V8 implementation validates that the passed object is a sequence type only
2389         for MessagePort in V8Utilities::extractTransferables().
2390         There should be generalised method for other types too.
2391         Spec URL: http://www.w3.org/TR/2012/WD-WebIDL-20120207/#es-sequence
2392
2393         No new test, Just refactoring. There should be no behavioral changes.
2394
2395         * bindings/v8/V8Binding.h:
2396         (WebCore::toV8Sequence): Added implementation of toV8Sequence().
2397
2398 2012-07-13  Zeno Albisser  <zeno@webkit.org>
2399
2400         [Qt][WK2] Implement GraphicsSurface for Linux/GLX.
2401         https://bugs.webkit.org/show_bug.cgi?id=90881
2402
2403         Add a GLX based GraphicsSurface implementation for Linux.
2404         Native X windows are being used for exchanging textures
2405         with the UIProcess.
2406
2407         Reviewed by Noam Rosenthal.
2408
2409         * Target.pri:
2410         * WebCore.pri:
2411         * platform/graphics/surfaces/GraphicsSurface.cpp:
2412         (WebCore::GraphicsSurface::create):
2413             Move creating GraphicsSurface instance into
2414             platformCreate/platformImport functions to allow
2415             platform specific creation based on the provided flags.
2416         (WebCore::GraphicsSurface::GraphicsSurface):
2417         (WebCore::GraphicsSurface::~GraphicsSurface):
2418             Call platformDestroy when destroying a GraphicsSurface.
2419         (WebCore):
2420         * platform/graphics/surfaces/GraphicsSurface.h:
2421             Make platformCreate/platformImport functions static
2422             to be able to call these from the static create function.
2423             Add Destructor prototype and add GraphicsSurfacePrivate member.
2424         (WebCore):
2425         (GraphicsSurface):
2426         * platform/graphics/surfaces/mac/GraphicsSurfaceMac.cpp:
2427         (WebCore):
2428         (WebCore::GraphicsSurface::platformCreate):
2429         (WebCore::GraphicsSurface::platformImport):
2430             Insert creation of GraphicsSurface instance.
2431             This allows having a platform specific creation mechanism
2432             for GLX.
2433         * platform/graphics/surfaces/qt/GraphicsSurfaceGLX.cpp: Added.
2434         (WebCore):
2435         (OffScreenRootWindow):
2436         (WebCore::OffScreenRootWindow::OffScreenRootWindow):
2437         (WebCore::OffScreenRootWindow::get):
2438         (WebCore::OffScreenRootWindow::~OffScreenRootWindow):
2439             Add an OffScreenRootWindow singelton that is being used
2440             as a parent for all native offscreen windows.
2441         (GraphicsSurfacePrivate):
2442             This class is used to manage all the X related resources
2443             such as opening a display or creating XPixmaps etc.
2444         (WebCore::GraphicsSurfacePrivate::GraphicsSurfacePrivate):
2445             Open a connection to the X server and create a
2446             QOpenGLContext that can be used to resolve GL functions.
2447         (WebCore::GraphicsSurfacePrivate::~GraphicsSurfacePrivate):
2448             Properly cleanup and release all the X resources again.
2449         (WebCore::GraphicsSurfacePrivate::createSurface):
2450             Create a surface that is placed off screen and can be
2451             used as a rendering target by the WebProcess.
2452         (WebCore::GraphicsSurfacePrivate::createPixmap):
2453             Create a GLXPixmap from the XWindow that was previously
2454             redirected by the WebProcess. This GLXPixmap can then be
2455             bound to a texture and being painted on screen by the
2456             UIProcess.
2457         (WebCore::GraphicsSurfacePrivate::makeCurrent):
2458         (WebCore::GraphicsSurfacePrivate::swapBuffers):
2459         (WebCore::GraphicsSurfacePrivate::display):
2460         (WebCore::GraphicsSurfacePrivate::glxPixmap):
2461         (WebCore::GraphicsSurfacePrivate::size):
2462         (WebCore::GraphicsSurfacePrivate::glContext):
2463         (WebCore::resolveGLMethods):
2464             Initialize all the function pointers for the GL functions used.
2465         (WebCore::GraphicsSurface::platformExport):
2466         (WebCore::GraphicsSurface::platformGetTextureID):
2467             Bind the GLXPixmap to a texture.
2468         (WebCore::GraphicsSurface::platformCopyToGLTexture):
2469             Not beeing implemented for GLX.
2470         (WebCore::GraphicsSurface::platformCopyFromFramebuffer):
2471             Blit origin fbo onto the GraphicsSurface's backing.
2472         (WebCore::GraphicsSurface::platformCreate):
2473         (WebCore::GraphicsSurface::platformImport):
2474         (WebCore::GraphicsSurface::platformLock):
2475         (WebCore::GraphicsSurface::platformUnlock):
2476         (WebCore::GraphicsSurface::platformDestroy):
2477
2478 2012-07-13  Dongwoo Im  <dw.im@samsung.com>
2479
2480         CodeGeneratorJS.pm : SetterExpression should use 'push' rather than 'unshift'
2481         https://bugs.webkit.org/show_bug.cgi?id=91198
2482
2483         Reviewed by Kentaro Hara.
2484
2485         'SetterExpression' should use 'push' to make arguments, rather than 'unshift'.
2486
2487         No new tests. Covered by existing tests.
2488
2489         * bindings/scripts/CodeGeneratorJS.pm:
2490         (GenerateImplementation):
2491
2492 2012-07-13  Yoshifumi Inoue  <yosin@chromium.org>
2493
2494         REGRESSION(r119948): [Forms] Spin button Up/Down actions make value to zero for input type "number" when step mismatched
2495         https://bugs.webkit.org/show_bug.cgi?id=91197
2496
2497         Reviewed by Kent Tamura.
2498
2499         This patch fixes implementation of Decimal::ceiling() and floor().
2500         They return wrong value for small fractional numbers.
2501
2502         The bug is occurred when:
2503           - Step-able input type, e.g. number, date, datetime, and so on.
2504           - Current value is step mismatched
2505           - Current value is smaller than step
2506           - Step up/down by spin button
2507         because spin button up/down actions are implemented in InputType::setpUpFromRenderer
2508         which calls Decimal::ceiling() and floor() for step mismatched case.
2509
2510         Tests: fast/forms/number/number-stepup-stepdown-from-renderer.html: Added test cases
2511                WebKit/chromium/tests/DecimalTest.cpp: Added test cases
2512
2513         * platform/Decimal.cpp:
2514         (WebCore::Decimal::ceiling): Changed to return 1 for positive small fractional number.
2515         (WebCore::Decimal::floor): Changed to return -1 for negative small fractional number.
2516
2517 2012-07-13  Dominic Mazzoni  <dmazzoni@google.com>
2518
2519         Should be possible to focus elements within canvas fallback content
2520         https://bugs.webkit.org/show_bug.cgi?id=87898
2521
2522         Reviewed by Chris Fleizach.
2523
2524         Patches isFocusable in dom/Node.cpp and html/HTMLFormControlElement.cpp
2525         to make elements focusable if they're a descendent of a canvas element
2526         if they would otherwise have been focusable but just didn't have
2527         a renderer. Adds a bit to ElementRareData to efficiently keep track
2528         of elements in a canvas subtree.
2529
2530         Test: fast/canvas/fallback-content.html
2531
2532         * dom/Element.cpp:
2533         (WebCore::Element::attach):
2534         (WebCore::Element::detach):
2535         (WebCore::Element::setIsInCanvasSubtree):
2536         (WebCore):
2537         (WebCore::Element::isInCanvasSubtree):
2538         * dom/Element.h:
2539         (Element):
2540         * dom/ElementRareData.h:
2541         (ElementRareData):
2542         (WebCore::ElementRareData::ElementRareData):
2543         * dom/Node.cpp:
2544         (WebCore::Node::isFocusable):
2545         * html/HTMLCanvasElement.cpp:
2546         (WebCore::HTMLCanvasElement::attach):
2547         (WebCore):
2548         * html/HTMLCanvasElement.h:
2549         (HTMLCanvasElement):
2550         * html/HTMLFormControlElement.cpp:
2551         (WebCore::HTMLFormControlElement::isFocusable):
2552
2553 2012-07-12  Carlos Garcia Campos  <cgarcia@igalia.com>
2554
2555         [GTK] Add API to get HTTPS status to WebKit2 GTK+
2556         https://bugs.webkit.org/show_bug.cgi?id=91100
2557
2558         Reviewed by Martin Robinson.
2559
2560         * platform/network/soup/ResourceResponse.h:
2561         (WebCore::ResourceResponse::soupMessageCertificate): Return the
2562         certificate.
2563         (WebCore::ResourceResponse::setSoupMessageCertificate): Set a
2564         certificate.
2565         (WebCore::ResourceResponse::soupMessageTLSErrors): Return the TLS
2566         errors.
2567         (WebCore::ResourceResponse::setSoupMessageTLSErrors): Set TLS
2568         errors.
2569         * platform/network/soup/ResourceResponseSoup.cpp:
2570         (WebCore::ResourceResponse::toSoupMessage): Set the certificate
2571         and TLS errors to the newly created SoupMessage.
2572         (WebCore::ResourceResponse::updateFromSoupMessage): Get the
2573         certificate and TLS errors from the SoupMessage.
2574
2575 2012-07-13  Ryosuke Niwa  <rniwa@webkit.org>
2576
2577         RadioNodeList is not updated upon input type change
2578         https://bugs.webkit.org/show_bug.cgi?id=91178
2579
2580         Reviewed by Alexey Proskuryakov.
2581
2582         Invalidate the radio node lists when type content attribute changes since it excludes
2583         image type input elements.
2584
2585         Test: fast/forms/radionodelist-image-type.html
2586
2587         * dom/Document.cpp:
2588         (WebCore::shouldInvalidateNodeListForType):
2589         * dom/Document.h: Renamed InvalidateOnIdNameForAttrChange to InvalidateOnFormAttrChange
2590         since listing all attribute name isn't useful at this point.
2591         * html/RadioNodeList.cpp:
2592         (WebCore::RadioNodeList::RadioNodeList):
2593
2594 2012-07-12  Dongwoo Im  <dw.im@samsung.com>
2595
2596         CodeGeneratorJS.pm need to handle the attribute which has "CallWith=ScriptExecutionContext" option.
2597         https://bugs.webkit.org/show_bug.cgi?id=91185
2598
2599         Reviewed by Kentaro Hara.
2600
2601         When an attribute has "CallWith=ScriptExecutionContext" option, 'ScriptExecutionContext*' parameter should be the last parameter.
2602
2603         No new tests. Covered by existing tests.
2604
2605         * bindings/scripts/CodeGeneratorJS.pm:
2606         (GenerateImplementation):
2607
2608 2012-07-12  Yoshifumi Inoue  <yosin@chromium.org>
2609
2610         REGRESSION(r117738): [Forms] stepMismatch for input type "time" with large step value always return false.
2611         https://bugs.webkit.org/show_bug.cgi?id=91062
2612
2613         Reviewed by Kent Tamura.
2614
2615         This patch changes value of StepRange::acceptableError to zero for
2616         integer restricted step value.
2617
2618         No new tests, existing test covers (fast/forms/time/ValidityState-stepMismatch-time.html) this change although they are listed in TestExpectation file.
2619
2620         * html/StepRange.cpp:
2621         (WebCore::StepRange::acceptableError): Changed to return 0 if step value is restricted to be an integer.
2622
2623 2012-07-12  Dan Bernstein  <mitz@apple.com>
2624
2625         Pass an option flag to CFStringGetHyphenationLocationBeforeIndex() that tells it to not
2626         terminate the search at the last word boundary before the given index.
2627
2628         Reviewed by Adele Peterson.
2629
2630         No test, because the current version of Core Foundation ignores the options parameter.
2631
2632         * platform/text/cf/HyphenationCF.cpp:
2633         (WebCore::lastHyphenLocation): Changed the options parameter from 0 to 1.
2634
2635 2012-07-12  Eric Seidel  <eric@webkit.org>
2636
2637         Incorrect behaviour calling Range setStart or setEnd with boundary in different document
2638         https://bugs.webkit.org/show_bug.cgi?id=42517
2639
2640         Reviewed by Ojan Vafai.
2641
2642         Added a new static inline "checkForDifferentRootContainer" to share some code
2643         and made setStart/setEnd do the right thing in the x-document case.  I removed
2644         the bogus checks in set*After/set*Before functions, and since they just call
2645         through to setStart/setEnd, they also now do the right thing.
2646
2647         Test: fast/dom/Range/set-wrong-document-err.html
2648
2649         * dom/Range.cpp:
2650         (WebCore::checkForDifferentRootContainer):
2651         (WebCore):
2652         (WebCore::Range::setStart):
2653         (WebCore::Range::setEnd):
2654         (WebCore::Range::setStartAfter):
2655         (WebCore::Range::setEndBefore):
2656         (WebCore::Range::setEndAfter):
2657         (WebCore::Range::setStartBefore):
2658
2659 2012-07-12  Erik Arvidsson  <arv@chromium.org>
2660
2661         [V8] Simplify CodeGeneratorV8 since V8OnProto is only true for DOMWindow
2662         https://bugs.webkit.org/show_bug.cgi?id=91165
2663
2664         Reviewed by Nate Chapin.
2665
2666         The old code was dead code since V8OnProto only ever gets set to 1 for DOMWindow.
2667
2668         No new tests. No change in functionality.
2669
2670         * bindings/scripts/CodeGeneratorV8.pm:
2671         (GenerateNormalAttrSetter):
2672
2673 2012-07-12  Ryosuke Niwa  <rniwa@webkit.org>
2674
2675         Build fix. Initialize unused const member variables to make compilers happy.
2676
2677         * dom/DynamicNodeList.h:
2678         (WebCore::DynamicNodeListCacheBase::DynamicNodeListCacheBase):
2679
2680 2012-07-12  Konrad Piascik  <kpiascik@rim.com>
2681
2682         Web Inspector: Geolocation override
2683         https://bugs.webkit.org/show_bug.cgi?id=89365
2684
2685         Reviewed by Pavel Feldman.
2686
2687         Reverted original patch.
2688         Change has not been reviewed by the right people. It declares
2689         public protocol methods and is wrong in several ways.
2690
2691         * Modules/geolocation/GeolocationController.cpp:
2692         (WebCore::GeolocationController::GeolocationController):
2693         (WebCore::GeolocationController::positionChanged):
2694         * Modules/geolocation/GeolocationController.h:
2695         (GeolocationController):
2696         * inspector/Inspector.json:
2697         * inspector/InspectorInstrumentation.cpp:
2698         (WebCore):
2699         * inspector/InspectorInstrumentation.h:
2700         (WebCore):
2701         (InspectorInstrumentation):
2702         * inspector/InspectorPageAgent.cpp:
2703         (WebCore::InspectorPageAgent::InspectorPageAgent):
2704         * inspector/InspectorPageAgent.h:
2705         * inspector/front-end/Settings.js:
2706         * inspector/front-end/SettingsScreen.js:
2707         (WebInspector.UserAgentSettingsTab):
2708         (WebInspector.UserAgentSettingsTab.prototype._createDeviceMetricsElement):
2709         * inspector/front-end/UserAgentSupport.js:
2710
2711 2012-07-12  Ryosuke Niwa  <rniwa@webkit.org>
2712
2713         Move m_type and m_hasNameCache from HTMLCollectionCacheBase to DynamicNodeListCacheBase for better bit packing
2714         https://bugs.webkit.org/show_bug.cgi?id=91164
2715
2716         Reviewed by Anders Carlsson.
2717
2718         Moved m_type and m_hasNameCache from HTMLCollection and renamed them to m_collectionType and m_isNameCacheValid.
2719
2720         Also renamed shouldIncludeChildren to shouldOnlyIncludeDirectChildren and negated the return value since
2721         all HTMLCollection include children in the collection and the function was meant to tell us whether the collection
2722         should include descendents that are not direct children of base().
2723
2724         In addition, renamed nextNodeOrSibling to nextNode since "or sibling" doesn't seem to add any semantic clarity.
2725
2726         * dom/DynamicNodeList.h:
2727         (WebCore::DynamicNodeListCacheBase::DynamicNodeListCacheBase):
2728         (DynamicNodeListCacheBase):
2729         (WebCore::DynamicNodeListCacheBase::type):
2730         (WebCore::DynamicNodeListCacheBase::hasNameCache):
2731         (WebCore::DynamicNodeListCacheBase::setHasNameCache):
2732         (WebCore::DynamicNodeListCacheBase::clearCache):
2733         * html/HTMLCollection.cpp:
2734         (WebCore::shouldOnlyIncludeDirectChildren):
2735         (WebCore::HTMLCollection::HTMLCollection):
2736         (WebCore::HTMLCollection::isAcceptableElement):
2737         (WebCore::nextNode):
2738         (WebCore::HTMLCollection::itemAfter):
2739         * html/HTMLCollection.h:
2740         (WebCore::HTMLCollectionCacheBase::HTMLCollectionCacheBase):
2741         (HTMLCollectionCacheBase):
2742         (WebCore::HTMLCollectionCacheBase::clearCache):
2743
2744 2012-07-12  Shinya Kawanaka  <shinyak@chromium.org>
2745
2746         Needs callback before AuthorShadowRoot is added.
2747         https://bugs.webkit.org/show_bug.cgi?id=91167
2748
2749         Reviewed by Hajime Morita.
2750
2751         This is a preliminary patch for adding multiple Shadow DOM support for media elements and form elements.
2752         They assume that UserAgentShadowRoot is the oldest, however currently a page author may try to add
2753         AuthorShadowRoot before adding UserAgentShadowRoot.
2754
2755         This patch adds a callback before AuthorShadowRoot is being added, and allow us to add UserAgentShadowRoot
2756         for those elements. See also Bug 77936, Bug 77937, Bug 90532.
2757
2758         * dom/Element.h:
2759         (WebCore::Element::willAddAuthorShadowRoot):
2760         * dom/ElementShadow.cpp:
2761         (WebCore::ElementShadow::addShadowRoot):
2762         * dom/ElementShadow.h:
2763         (ElementShadow):
2764         * dom/ShadowRoot.cpp:
2765         (WebCore::ShadowRoot::create):
2766
2767 2012-07-12  Dana Jansens  <danakj@chromium.org>
2768
2769         [chromium] Remove the RenderPass pointer from RenderPassDrawQuad
2770         https://bugs.webkit.org/show_bug.cgi?id=91023
2771
2772         Reviewed by Adrienne Walker.
2773
2774         Removes the RenderPass pointer and keeps only an integer id in the
2775         quad to refer back to the RenderPass the quad reads from.
2776
2777         Covered by existing tests.
2778
2779         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
2780         (WebCore::CCLayerTreeHostImpl::calculateRenderPasses):
2781         (WebCore::findRenderPassById):
2782         (WebCore):
2783         (WebCore::removeRenderPassesRecursive):
2784         (WebCore::CCLayerTreeHostImpl::CullRenderPassesWithCachedTextures::shouldRemoveRenderPass):
2785         (WebCore::CCLayerTreeHostImpl::CullRenderPassesWithNoQuads::shouldRemoveRenderPass):
2786         (WebCore::CCLayerTreeHostImpl::removeRenderPasses):
2787         (WebCore::CCLayerTreeHostImpl::prepareToDraw):
2788         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
2789         (FrameData):
2790         (CullRenderPassesWithCachedTextures):
2791         (CullRenderPassesWithNoQuads):
2792         (CCLayerTreeHostImpl):
2793         * platform/graphics/chromium/cc/CCRenderPass.cpp:
2794         (WebCore::CCRenderPass::appendQuadsForRenderSurfaceLayer):
2795         * platform/graphics/chromium/cc/CCRenderPass.h:
2796         (WebCore):
2797         * platform/graphics/chromium/cc/CCRenderPassDrawQuad.cpp:
2798         (WebCore::CCRenderPassDrawQuad::create):
2799         (WebCore::CCRenderPassDrawQuad::CCRenderPassDrawQuad):
2800         * platform/graphics/chromium/cc/CCRenderPassDrawQuad.h:
2801         (CCRenderPassDrawQuad):
2802         * platform/graphics/chromium/cc/CCRenderSurface.cpp:
2803         (WebCore::CCRenderSurface::appendQuads):
2804         * platform/graphics/chromium/cc/CCRenderSurface.h:
2805         (CCRenderSurface):
2806
2807 2012-07-12  Elliott Sprehn  <esprehn@gmail.com>
2808
2809         Unneeded tree walking when adding or removing children due to RenderCounter / RenderQuote logic
2810         https://bugs.webkit.org/show_bug.cgi?id=89900
2811
2812         Reviewed by Eric Seidel and Abhishek Arya.
2813
2814         Previously we would walk the all children a renderer whenever adding
2815         or removing a child renderer from its RenderObjectChildList to look for 
2816         RenderQuote and RenderCounter instances to update. This patch introduces 
2817         a counter in RenderView for the number of RenderQuote and RenderCounter 
2818         instances in that document so we can avoid these traversals.
2819
2820         No tests needed since this is just a short circuiting of logic and the existing
2821         tests should cover it.
2822
2823         * rendering/RenderCounter.cpp:
2824         (WebCore::RenderCounter::RenderCounter): Increment instance counter.
2825         (WebCore::RenderCounter::willBeDestroyed): Decrement instance counter.
2826         (WebCore):
2827         (WebCore::RenderCounter::rendererRemovedFromTree): Short circuit when counter is zero.
2828         (WebCore::RenderCounter::rendererSubtreeAttached): Short circuit when counter is zero.
2829         * rendering/RenderCounter.h:
2830         (RenderCounter):
2831         * rendering/RenderObjectChildList.cpp:
2832         (WebCore::RenderObjectChildList::removeChildNode): Short circuit calling into Counter and Quote code when the document is being destroyed.
2833         * rendering/RenderQuote.cpp:
2834         (WebCore::RenderQuote::RenderQuote):
2835         (WebCore::RenderQuote::willBeDestroyed):
2836         (WebCore):
2837         (WebCore::RenderQuote::rendererSubtreeAttached): Increment instance counter.
2838         (WebCore::RenderQuote::rendererRemovedFromTree): Decrement instance counter.
2839         * rendering/RenderQuote.h:
2840         (RenderQuote):
2841         * rendering/RenderView.cpp:
2842         (WebCore::RenderView::RenderView):
2843         * rendering/RenderView.h: Methods for managing the RenderQuote and RenderCounter counts.
2844         (RenderView):
2845         (WebCore::RenderView::addRenderQuote):
2846         (WebCore::RenderView::removeRenderQuote):
2847         (WebCore::RenderView::hasRenderQuotes):
2848         (WebCore::RenderView::addRenderCounter):
2849         (WebCore::RenderView::removeRenderCounter):
2850         (WebCore::RenderView::hasRenderCounters):
2851
2852 2012-07-12  Ryosuke Niwa  <rniwa@webkit.org>
2853
2854         Merge HTMLCollectionWithArrayStorage into HTMLCollection
2855         https://bugs.webkit.org/show_bug.cgi?id=91144
2856
2857         Reviewed by Anders Carlsson.
2858
2859         Merged HTMLCollectionWithArrayStorage::item into HTMLCollection::item and got rid of
2860         HTMLCollectionWithArrayStorage. Also de-virtualized HTMLCollection::item and HTMLCollection::length
2861         and merged itemInArrayAfter and itemAfter.
2862
2863         In addition, improved the algorithm in HTMLCollection::length to take advantage of item cache.
2864         Instead of always computing the length from the beginning, we start the search from the cached item
2865         so that if we're near end of the collection, we avoid significant portion of the node traversal.
2866
2867         Furthermore, made HTMLCollection always call setItemCache with a non-null item and HTMLCollection::item
2868         set the length cache when it reaches the end of the collection to avoid redundant length calculations.
2869
2870         * dom/DynamicNodeList.h:
2871         (WebCore::DynamicNodeListCacheBase::setItemCache): Add a FIXME.
2872         * html/HTMLCollection.cpp:
2873         (WebCore::HTMLCollection::itemAfter): Regular HTMLCollection doesn't have uses elements array so
2874         assert that offsetInArray is always 0.
2875         (WebCore): Removed calcLength.
2876         (WebCore::HTMLCollection::length): Rewritten. The algorithm is as follows:
2877         When there is no item cache, we look for the first item by calling item(0). If item(0) returns null,
2878         then it must have set the length cache so bail out. If the previous step didn't bail out, then
2879         the item cache is valid and not null (see above), so count the number of remaining items in collection
2880         starting at the cached item's offset + 1.
2881         (WebCore::HTMLCollection::item): Avoid calling setItemCache with null. When the first item is null,
2882         set the length cache instead.
2883         (WebCore::HTMLCollection::itemAfterCachedItem): Extracted from HTMLCollectionWithArrayStorage::item.
2884         (WebCore::HTMLCollection::namedItem): Pass in arrayOffset to itemAfter. Note this variable is never
2885         used since only HTMLFormCollection and HTMLPropertiesCollection use array offsets but they override
2886         this function.
2887         (WebCore::HTMLCollection::updateNameCache): Ditto.
2888         * html/HTMLCollection.h:
2889         (HTMLCollection):
2890         (WebCore):
2891         * html/HTMLFormCollection.cpp: Removed calcLength(). Even though this function didn't iterate over
2892         the collection directly, HTMLFormElement::length and HTMLFieldSetElement::length did so we're not
2893         regressing any performance here.
2894         (WebCore::HTMLFormCollection::HTMLFormCollection):
2895         (WebCore::HTMLFormCollection::itemAfter):
2896         * html/HTMLFormCollection.h:
2897         (HTMLFormCollection):
2898         * html/HTMLNameCollection.cpp:
2899         (WebCore::HTMLNameCollection::itemAfter):
2900         * html/HTMLNameCollection.h:
2901         (HTMLNameCollection):
2902         * html/HTMLPropertiesCollection.cpp: Removed calcLength().
2903         (WebCore::HTMLPropertiesCollection::HTMLPropertiesCollection):
2904         (WebCore::HTMLPropertiesCollection::itemAfter):
2905         (WebCore):
2906         * html/HTMLPropertiesCollection.h:
2907         (HTMLPropertiesCollection):
2908         * html/HTMLTableRowsCollection.cpp:
2909         (WebCore::HTMLTableRowsCollection::itemAfter):
2910         * html/HTMLTableRowsCollection.h:
2911         (HTMLTableRowsCollection):
2912
2913 2012-07-12  Pravin D  <pravind.2k4@gmail.com>
2914
2915         Row size/position is wrongly calculated when table having overlapping rowspan cell and colspan cell
2916         https://bugs.webkit.org/show_bug.cgi?id=16811
2917
2918         Reviewed by Julien Chaffraix.
2919
2920         The height of a row is calculated by taking the max height of the cells contained in it. When a row contains
2921         a rowSpan cell and if this row is not the last row of the cell, then its height is max height of other non
2922         rowSpan cells. If the row is the last row of the rowSpan cell, then using the contraint laid by CSS2.1 spec
2923         "For a rowSpan cell, the sum of the row heights involved must be great enough to encompass the cell spanning the rows",
2924         the last remaining height of the rowSpan(cell height minus heights of other involved rows) is taken into consideration
2925         while calculating the height of this row.
2926         Currently when calculating the height of the row we are only using the height of the primary cell at position (row, col).
2927         However when a row has colSpan cell and rowSpan, they might overlap. In such a sitution as only the primary cells height
2928         is considered, the height of the row will be calculated worngly if the other overlapping cell has greater height.
2929         Thus all the overlapping cell at position (row, col) must be considered while calculating the height of a row. 
2930
2931         Test: fast/table/last-cell-of-rowspan-overlapping-colspan-cell.html
2932
2933         * rendering/RenderTableSection.cpp:
2934         (WebCore::RenderTableSection::calcRowLogicalHeight):
2935         Fixed function to use all the overlapping cells at position(row, col) to calculate the height/position of rows.
2936
2937 2012-07-12  Joshua Bell  <jsbell@chromium.org>
2938
2939         IndexedDB: Enable IDBFactory.deleteDatabase() and webkitGetDatabaseNames() in Workers
2940         https://bugs.webkit.org/show_bug.cgi?id=90310
2941
2942         Reviewed by Tony Chang.
2943
2944         Simplify Document vs. Worker logic for IDBFactory::open() and hook up the
2945         other two IDBFactory methods for use by workers as well.
2946
2947         Test: storage/indexeddb/factory-basics-workers.html
2948
2949         * Modules/indexeddb/IDBFactory.cpp:
2950         (isContextValid): Helper function consolidating checks that context is usable.
2951         (getIndexedDBDatabasePath): Helper function for accessing group settings.
2952         (WebCore::IDBFactory::getDatabaseNames): Simplify - just pass context through to back end.
2953         (WebCore::IDBFactory::open): Ditto.
2954         (WebCore::IDBFactory::deleteDatabase): Ditto.
2955         (WebCore::IDBFactory::cmp): Whitespace.
2956         * Modules/indexeddb/IDBFactoryBackendImpl.cpp: Obsolete openFromWorker() removed.
2957         (WebCore::IDBFactoryBackendImpl::getDatabaseNames): Signature updated.
2958         (WebCore::IDBFactoryBackendImpl::deleteDatabase): Signature updated.
2959         (WebCore::IDBFactoryBackendImpl::open): Signature updated.
2960         * Modules/indexeddb/IDBFactoryBackendImpl.h:
2961         (IDBFactoryBackendImpl):
2962         * Modules/indexeddb/IDBFactoryBackendInterface.h: Interface methods now take both SecurityOrigin
2963         and ScriptExecutionContext, but not Frame. In the proxy, SecurityOrigin is redundant (can be
2964         accessed from context) but on the real back end the context is null (as Frame was previously).
2965         (IDBFactoryBackendInterface):
2966         * inspector/InspectorIndexedDBAgent.cpp:
2967         (WebCore):
2968         (WebCore::InspectorIndexedDBAgent::requestDatabaseNamesForFrame):
2969         (WebCore::InspectorIndexedDBAgent::requestDatabase):
2970         (WebCore::InspectorIndexedDBAgent::requestData):
2971
2972 2012-07-12  Dana Jansens  <danakj@chromium.org>
2973
2974         [chromium] The root layer should not try create a second RenderSurface for itself
2975         https://bugs.webkit.org/show_bug.cgi?id=91124
2976
2977         Reviewed by Adrienne Walker.
2978
2979         Tests: CCLayerTreeHostImplTest.rootLayerDoesntCreateExtraSurface
2980
2981         * platform/graphics/chromium/cc/CCLayerTreeHostCommon.cpp:
2982         (WebCore::subtreeShouldRenderToSeparateSurface):
2983
2984 2012-07-12  Adam Barth  <abarth@webkit.org>
2985
2986         Regression (r122359) Layout Test html5lib/runner.html is failing
2987         https://bugs.webkit.org/show_bug.cgi?id=91047
2988
2989         Reviewed by Tony Chang.
2990
2991         This ASSERT is bogus because doctypes can be removed from the DOM and
2992         then re-added.
2993
2994         Test: fast/viewport/viewport-legacy-xhtmlmp-remove-and-add.html
2995
2996         * dom/Document.cpp:
2997         (WebCore::Document::setDocType):
2998
2999 2012-07-12  Ojan Vafai  <ojan@chromium.org>
3000
3001         Implied minimum size of flex items is min-content
3002         https://bugs.webkit.org/show_bug.cgi?id=87546
3003
3004         Reviewed by Tony Chang.
3005
3006         http://dev.w3.org/csswg/css3-flexbox/#min-size-auto
3007         In the main axis direction, min-size of auto means min-content.
3008
3009         Test: css3/flexbox/flex-item-min-size.html
3010
3011         * rendering/RenderBox.cpp:
3012         (WebCore::RenderBox::computeLogicalWidthInRegionUsing):
3013         (WebCore::RenderBox::computeContentLogicalHeightUsing):
3014         (WebCore::RenderBox::computeReplacedLogicalWidthUsing):
3015         (WebCore::RenderBox::computeReplacedLogicalHeightUsing):
3016         (WebCore::RenderBox::computePositionedLogicalWidthUsing):
3017         (WebCore::RenderBox::computePositionedLogicalHeightUsing):
3018         It turned out that these FIXMEs are all unnecessary with the changes to RenderFlexibleBox.
3019
3020         * rendering/RenderFlexibleBox.cpp:
3021         (WebCore::RenderFlexibleBox::computeMainAxisPreferredSizes):
3022         (WebCore::RenderFlexibleBox::adjustChildSizeForMinAndMax):
3023
3024 2012-07-12  Eric Penner  <epenner@google.com>
3025
3026         [chromium] Use CCTexture/TextureAllocator and remove TextureManager
3027         https://bugs.webkit.org/show_bug.cgi?id=91001
3028
3029         Reviewed by Adrienne Walker.
3030
3031         Use CCTexture to clean up CCPrioritizedTexture::Backing.
3032         Add TextureAllocator.h and remove remainder of TextureManager.h/cpp.
3033         Minor move/refactoring of link/unlink in CCPrioritizedTexture.
3034         Remove double initialization of the default memory limit.
3035
3036         Covered by existing tests (refactoring).
3037
3038         * WebCore.gypi:
3039         * platform/graphics/chromium/BitmapCanvasLayerTextureUpdater.cpp:
3040         * platform/graphics/chromium/BitmapCanvasLayerTextureUpdater.h:
3041         (WebCore):
3042         * platform/graphics/chromium/BitmapSkPictureCanvasLayerTextureUpdater.cpp:
3043         * platform/graphics/chromium/BitmapSkPictureCanvasLayerTextureUpdater.h:
3044         (WebCore):
3045         * platform/graphics/chromium/ImageLayerChromium.cpp:
3046         * platform/graphics/chromium/LayerRendererChromium.cpp:
3047         (WebCore::LayerRendererChromium::initialize):
3048         * platform/graphics/chromium/ManagedTexture.cpp: Removed.
3049         * platform/graphics/chromium/ManagedTexture.h: Removed.
3050         * platform/graphics/chromium/RenderSurfaceChromium.h:
3051         (WebCore):
3052         * platform/graphics/chromium/TextureAllocator.h: Copied from Source/WebCore/platform/graphics/chromium/cc/CCPriorityCalculator.h.
3053         (WebCore):
3054         (TextureAllocator):
3055         (WebCore::TextureAllocator::~TextureAllocator):
3056         * platform/graphics/chromium/TextureManager.cpp: Removed.
3057         * platform/graphics/chromium/TextureManager.h: Removed.
3058         * platform/graphics/chromium/TiledLayerChromium.cpp:
3059         * platform/graphics/chromium/TrackingTextureAllocator.cpp:
3060         (WebCore::TrackingTextureAllocator::createTexture):
3061         (WebCore::TrackingTextureAllocator::deleteTexture):
3062         * platform/graphics/chromium/TrackingTextureAllocator.h:
3063         * platform/graphics/chromium/cc/CCHeadsUpDisplay.cpp:
3064         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
3065         (WebCore::CCLayerTreeHost::prioritizeTextures):
3066         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
3067         (WebCore):
3068         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
3069         (WebCore::CCLayerTreeHostImpl::CCLayerTreeHostImpl):
3070         * platform/graphics/chromium/cc/CCPrioritizedTexture.cpp:
3071         (WebCore::CCPrioritizedTexture::CCPrioritizedTexture):
3072         (WebCore::CCPrioritizedTexture::setDimensions):
3073         (WebCore::CCPrioritizedTexture::textureId):
3074         (WebCore::CCPrioritizedTexture::bindTexture):
3075         (WebCore::CCPrioritizedTexture::framebufferTexture2D):
3076         (WebCore::CCPrioritizedTexture::link):
3077         (WebCore):
3078         (WebCore::CCPrioritizedTexture::unlink):
3079         * platform/graphics/chromium/cc/CCPrioritizedTexture.h:
3080         (WebCore):
3081         (WebCore::CCPrioritizedTexture::bytes):
3082         (CCPrioritizedTexture):
3083         (WebCore::CCPrioritizedTexture::haveBackingTexture):
3084         (WebCore::CCPrioritizedTexture::Backing::Backing):
3085         (WebCore::CCPrioritizedTexture::Backing::~Backing):
3086         (WebCore::CCPrioritizedTexture::Backing::owner):
3087         (Backing):
3088         (WebCore::CCPrioritizedTexture::backing):
3089         * platform/graphics/chromium/cc/CCPrioritizedTextureManager.cpp:
3090         (WebCore::CCPrioritizedTextureManager::prioritizeTextures):
3091         (WebCore::CCPrioritizedTextureManager::requestLate):
3092         (WebCore::CCPrioritizedTextureManager::acquireBackingTextureIfNeeded):
3093         (WebCore::CCPrioritizedTextureManager::reduceMemory):
3094         (WebCore::CCPrioritizedTextureManager::clearAllMemory):
3095         (WebCore::CCPrioritizedTextureManager::registerTexture):
3096         (WebCore::CCPrioritizedTextureManager::returnBackingTexture):
3097         (WebCore::CCPrioritizedTextureManager::createBacking):
3098         (WebCore::CCPrioritizedTextureManager::destroyBacking):
3099         (WebCore::CCPrioritizedTextureManager::assertInvariants):
3100         * platform/graphics/chromium/cc/CCPrioritizedTextureManager.h:
3101         (CCPrioritizedTextureManager):
3102         (WebCore::CCPrioritizedTextureManager::defaultMemoryAllocationLimit):
3103         (WebCore::CCPrioritizedTextureManager::compareBackings):
3104         * platform/graphics/chromium/cc/CCPriorityCalculator.h:
3105         * platform/graphics/chromium/cc/CCScopedTexture.cpp:
3106         * platform/graphics/chromium/cc/CCScopedTexture.h:
3107         * platform/graphics/chromium/cc/CCTexture.h:
3108         (WebCore::CCTexture::CCTexture):
3109         * platform/graphics/chromium/cc/CCTiledLayerImpl.cpp:
3110         (WebCore):
3111         * platform/graphics/chromium/cc/CCVideoLayerImpl.cpp:
3112
3113 2012-07-12  Ryosuke Niwa  <rniwa@webkit.org>
3114
3115         Let XCode have its own way.
3116
3117         * WebCore.xcodeproj/project.pbxproj:
3118
3119 2012-07-12  Julien Chaffraix  <jchaffraix@webkit.org>
3120
3121         ASSERT(genChild->isListMarker() || genChild->style()->styleType() == FIRST_LETTER) triggered on flex-box content
3122         https://bugs.webkit.org/show_bug.cgi?id=91003
3123
3124         Reviewed by Abhishek Arya.
3125
3126         Tests: fast/flexbox/assert-generated-deprecated-flexbox.html
3127                fast/flexbox/assert-generated-new-flexbox.html
3128
3129         The issue was that findBeforeAfterParent didn't return the right parent for the flex-box case. This would
3130         make us update the wrong children (and not propagate the style updates properly).
3131
3132         * rendering/RenderObjectChildList.cpp:
3133         (WebCore::findBeforeAfterParent):
3134         Added a check for flex boxes (both deprecated and new).
3135
3136 2012-07-12  Pravin D  <pravind.2k4@gmail.com>
3137
3138         Percentage width replaced element in zero percent/fixed width container block incorrectly rendered.
3139         https://bugs.webkit.org/show_bug.cgi?id=9493
3140
3141         Reviewed by Andy Estes.
3142
3143         When the width of the container is zero percent/fixed value then the width of the replaced element must also be zero.
3144
3145         Test: fast/css/percent-width-img-inside-zero-percent-and-fixed-container.html
3146
3147         * rendering/RenderBox.cpp:
3148         (WebCore::RenderBox::computeReplacedLogicalWidthUsing):
3149           When the containing block's available width is zero there can be two cases.
3150           The containing block is floated/positioned in which case the width of the replaced child element must be its instrinsic width.
3151           On the other hand if the width of the container is specified to be either zero percent or fixed value then the width of the
3152           replaced elment must be zero.
3153
3154 2012-07-11  Ryosuke Niwa  <rniwa@webkit.org>
3155
3156         invalidateNodeListsCacheAfterAttributeChanged should dynamically figure out which attribute needs invalidation
3157         https://bugs.webkit.org/show_bug.cgi?id=91046
3158
3159         Reviewed by Anders Carlsson.
3160
3161         Added an array of counters (m_nodeListCounts) for each set of attributes (NodeListInvalidationType) node lists care about
3162         to Document, and made DynamicSubtreeNodeList's constructor and destructor increment and decrement these counters via
3163         registerDynamicSubtreeNodeList and unregisterDynamicSubtreeNodeList respectively. shouldInvalidateDynamicSubtreeNodeList,
3164         which is called by invalidateNodeListsCacheAfterAttributeChanged, then use these counters to determine whether a given
3165         attribute change should result in node list invalidations.
3166
3167         Also removed m_numNodeListCaches from TreeScope because this counter has now become redundant with m_nodeListCounts.
3168
3169         * dom/ChildNodeList.cpp:
3170         (WebCore::ChildNodeList::ChildNodeList): Do not invalidate on attribute changes.
3171         * dom/ClassNodeList.cpp:
3172         (WebCore::ClassNodeList::ClassNodeList): Invalidate on class attribute changes.
3173         * dom/Document.cpp:
3174         (WebCore::Document::Document): Initialize m_nodeListCounts.
3175         (WebCore::Document::~Document): Add assertions to make sure m_listsInvalidatedAtDocument, m_nodeListCounts, and
3176         m_collections are all empty.
3177         (WebCore::Document::registerDynamicSubtreeNodeList): This function is now called for all DynamicSubtreeNodeLists supposed
3178         to just ones rooted at the document in order to increment the counter for each invalidation type.
3179         (WebCore::Document::unregisterDynamicSubtreeNodeList): Ditto.
3180         (WebCore::shouldInvalidateDynamicSubtreeNodeListForType): Checks the attribute name against NodeListInvalidationType.
3181         (WebCore::Document::shouldInvalidateDynamicSubtreeNodeList): Returns true if the given attribute name matches the invalidation
3182         type of the existing DynamicSubtreeNodeLists in the document. If the attribute name is not given (used when children change),
3183         then it checks for the existence of any DynamicSubtreeNodeLists. Conceptually, this function can be written as a list of
3184         "if" statements that checks values in m_nodeListCounts and the attribute name. We use "for" loop and switch statement instead
3185         to share logic and detect future addition of values to NodeListInvalidationType.
3186         * dom/Document.h:
3187         (Document): Moved RootType and InvalidationType from DynamicNodeListCacheBase and renamed them to NodeListRootType and
3188         NodeListInvalidationType respectively in order to reduce the possibility of future name collisions. Also the invalidation type
3189         now contains 6 values instead of 2.
3190         * dom/DynamicNodeList.cpp:
3191         (WebCore):
3192         * dom/DynamicNodeList.h:
3193         (WebCore::DynamicNodeListCacheBase::DynamicNodeListCacheBase): 
3194         (WebCore::DynamicNodeListCacheBase::shouldInvalidateOnAttributeChange):
3195         (WebCore::DynamicNodeListCacheBase::rootType): Added.
3196         (WebCore::DynamicNodeListCacheBase::invalidationType): Added.
3197         (DynamicNodeListCacheBase): Uses 3 bits to store invalidation type now that the number of values have increased from 2 to 6.
3198         (WebCore::DynamicNodeList::DynamicNodeList):
3199         (WebCore::DynamicSubtreeNodeList::~DynamicSubtreeNodeList): Call unregisterDynamicSubtreeNodeList.
3200         (WebCore::DynamicSubtreeNodeList::DynamicSubtreeNodeList): Call registerDynamicSubtreeNodeList.
3201         * dom/MicroDataItemList.cpp:
3202         (WebCore::MicroDataItemList::MicroDataItemList): Invalidate on itemscope, itemprop, and itemtype content attribute changes.
3203         * dom/NameNodeList.cpp:
3204         (WebCore::NameNodeList::NameNodeList): Invalidate on name attribute changes.
3205         * dom/Node.cpp:
3206         (WebCore::Node::clearRareData):
3207         (WebCore::Node::invalidateNodeListsCacheAfterAttributeChanged): Replaced the hard coded check list of attributes, by a call
3208         to shouldInvalidateDynamicSubtreeNodeList.
3209         (WebCore::Node::invalidateNodeListsCacheAfterChildrenChanged): Calls shouldInvalidateDynamicSubtreeNodeList.
3210         (WebCore::Node::getElementsByTagName):
3211         (WebCore::Node::getElementsByTagNameNS):
3212         (WebCore::Node::getElementsByName):
3213         (WebCore::Node::getElementsByClassName):
3214         (WebCore::Node::radioNodeList):
3215         (WebCore::NodeRareData::createNodeLists):
3216         * dom/NodeRareData.h:
3217         (WebCore::NodeListsNodeData::adoptTreeScope): Unregister and register node lists in m_tagNodeListCacheNS since all node lists
3218         need to be accounted in m_nodeListCounts.
3219         (WebCore::NodeRareData::ensureNodeLists):
3220         (NodeRareData):
3221         * dom/TagNodeList.cpp:
3222         (WebCore::TagNodeList::TagNodeList): Do not invalidate on any attribute changes.
3223         * dom/TreeScope.cpp:
3224         (WebCore::TreeScope::TreeScope): No longer initializes m_numNodeListCaches since it has been removed.
3225         * dom/TreeScope.h:
3226         (TreeScope): Removed m_numNodeListCaches.
3227         * dom/TreeScopeAdopter.cpp:
3228         (WebCore::TreeScopeAdopter::moveTreeToNewScope):
3229         * html/HTMLCollection.h:
3230         (WebCore::HTMLCollectionCacheBase::HTMLCollectionCacheBase): Just pass in DoNotInvalidateOnAttributeChanges for now since
3231         it's never used in HTMLCollections.
3232         * html/LabelableElement.cpp:
3233         (WebCore::LabelableElement::labels):
3234         * html/LabelsNodeList.cpp:
3235         (WebCore::LabelsNodeList::LabelsNodeList): Invalidate on for content attribute changes.
3236         (WebCore::LabelsNodeList::~LabelsNodeList):
3237         * html/RadioNodeList.cpp:
3238         (WebCore::RadioNodeList::RadioNodeList): Invalidate on id, name, and for content attribute changes.
3239         (WebCore::RadioNodeList::~RadioNodeList):
3240
3241 2012-07-12  Gavin Barraclough  <barraclough@apple.com>
3242
3243         Threadsafety issues in WebScriptObject
3244         https://bugs.webkit.org/show_bug.cgi?id=90849
3245
3246         Reviewed by Filip Pizlo & Oliver Hunt.
3247
3248         Updated fix for this bug. Taking the JSC API lock from WebScriptObject::release
3249         may not be safe; better to just guard the JSWrapperCache with its own spinlock.
3250
3251         * bindings/objc/WebScriptObject.mm:
3252         (WebCore::getJSWrapper):
3253             - Added spinlock; also retain/autorelease the returned wrapper - it is unsafe
3254               to wait for the caller to do so, due to a race condition vs release removing
3255               the wrapper from the map.
3256         (WebCore::addJSWrapper):
3257             - Take the spinlock guarding the cache.
3258         (WebCore::removeJSWrapper):
3259             - Take the spinlock guarding the cache.
3260         (WebCore::removeJSWrapperIfRetainCountOne):
3261             - Take the spinlock guarding the cache, remove the wrapper if retainCount is one.
3262         (WebCore::createJSWrapper):
3263             - Remove the API lock; this method no longer needs to retain/autorelease (this is
3264               done by getJSWrapper).
3265         (-[WebScriptObject _setImp:originRootObject:rootObject:]):
3266             - Remove the API lock.
3267         (-[WebScriptObject release]):
3268             - Remove the API lock, retainCount check moved into removeJSWrapperIfRetainCountOne.
3269
3270 2012-07-11  David Hyatt  <hyatt@apple.com>
3271
3272         https://bugs.webkit.org/show_bug.cgi?id=91000
3273         REGRESSION (r122244): Overflow elements don't shrink as much as they should.
3274
3275         Reviewed by Simon Fraser.
3276
3277         This is a fix for a a regression from https://bugs.webkit.org/show_bug.cgi?id=90646.
3278
3279         I incorrectly analyzed the issue with Robert Hogan's negative margin patch and fooled myself into putting back
3280         in an incorrect minimum width check from long ago.
3281         
3282         What should have happened in the test case I patched is that the overflow element should shrink to 0. The issue 
3283         with improving the logical top estimate in the previous patch is it made the clear delta become 0. This in turn
3284         exposed a bug in our clearing algorithm with Robert's changes where you could need a relayout even if you didn't
3285         actually move. This issue only occurs because the floats list is getting changed mid-layout because of negative margins.
3286
3287         The patch changes getClearDelta to call setChildNeedsLayout(true) on children whose widths change even when their
3288         positions do not. In effect this dynamic addition of new floats after you have done a layout on the child already means
3289         that you can need to lay out again despite not actually having to move.
3290         
3291         To handle this, the code that does the relayout is now called if the child needs a relayout. This is done even if
3292         the logical top estimate matches the final position.
3293         
3294         No new tests required, since the test in fast/block/float is now correctly covering the issue.
3295
3296         * rendering/RenderBlock.cpp:
3297         (WebCore::RenderBlock::layoutBlockChild):
3298         (WebCore::RenderBlock::getClearDelta):
3299         * rendering/RenderBox.cpp:
3300         (WebCore::RenderBox::shrinkLogicalWidthToAvoidFloats):
3301
3302 2012-07-12  James Weatherall  <wez@chromium.org>
3303
3304         storage tests are flaky (crashing) on windows
3305         https://bugs.webkit.org/show_bug.cgi?id=90469
3306
3307         Reviewed by Kentaro Hara.
3308
3309         Add a missing check that the underlying V8 object reference in a V8 NPObject is valid, and zero the NPObject's rootObject member when disposing it, to ensure that it won't be mistakenly touched after that point.
3310
3311         This patch is intended to resolve flakiness in the storage tests including:
3312           storage/indexeddb/mozilla/indexes.html
3313           storage/indexeddb/mozilla/key-requirements-inline-and-passed.html
3314           storage/websql/multiple-databases-garbage-collection.html
3315
3316         * bindings/v8/NPV8Object.cpp:
3317         (WebCore::disposeUnderlyingV8Object):
3318         Zero the NPObject's underlying rootObject.
3319         (_NPN_EvaluateHelper):
3320         Add check that the underlying V8 object reference is valid.
3321
3322 2012-07-12  No'am Rosenthal  <noam.rosenthal@nokia.com>
3323
3324         Move TextureMapperAnimation and texmap/LayerTransform to platform/graphics
3325         https://bugs.webkit.org/show_bug.cgi?id=91111
3326
3327         Reviewed by Kenneth Rohde Christiansen.
3328
3329         TextureMapperAnimation and LayerTransform are not specific to TextureMapper, and we want
3330         to use them for other purposes as well. Moving them to platform/graphics would make that
3331         more explicit.
3332
3333         No new tests, moving files around.
3334
3335         * GNUmakefile.list.am:
3336         * Target.pri:
3337         * WebCore.gypi:
3338         * platform/graphics/GraphicsLayerAnimation.cpp: Renamed from Source/WebCore/platform/graphics/texmap/TextureMapperAnimation.cpp.
3339         * platform/graphics/GraphicsLayerAnimation.h: Renamed from Source/WebCore/platform/graphics/texmap/TextureMapperAnimation.h.
3340         * platform/graphics/GraphicsLayerTransform.cpp: Renamed from Source/WebCore/platform/graphics/texmap/LayerTransform.cpp.
3341         * platform/graphics/GraphicsLayerTransform.h: Renamed from Source/WebCore/platform/graphics/texmap/LayerTransform.h.
3342         * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
3343         (WebCore::GraphicsLayerTextureMapper::addAnimation):
3344         * platform/graphics/texmap/GraphicsLayerTextureMapper.h:
3345         (GraphicsLayerTextureMapper):
3346         * platform/graphics/texmap/TextureMapperLayer.h:
3347         (TextureMapperLayer):
3348         (WebCore::TextureMapperLayer::setAnimatedTransform):
3349         (WebCore::TextureMapperLayer::setAnimatedOpacity):
3350
3351 2012-07-12  Vsevolod Vlasov  <vsevik@chromium.org>
3352
3353         Web Inspector: Simplify UISourceCode code after moving revisions support inside it.
3354         https://bugs.webkit.org/show_bug.cgi?id=91118
3355
3356         Reviewed by Pavel Feldman.
3357
3358         * inspector/front-end/UISourceCode.js:
3359         (WebInspector.UISourceCode.prototype._setContent):
3360         (WebInspector.UISourceCode.prototype.revertToOriginal):
3361         (WebInspector.UISourceCode.prototype.revertAndClearHistory):
3362         (WebInspector.UISourceCode.prototype.contentChanged):
3363         (WebInspector.UISourceCode.prototype.commitWorkingCopy):
3364         (WebInspector.Revision.prototype.revertToThis):
3365
3366 2012-07-12  Allan Sandfeld Jensen  <allan.jensen@nokia.com>
3367
3368         Unreviewed. Build fix for r122462.
3369
3370         * platform/qt/MemoryUsageSupportQt.cpp:
3371
3372 2012-07-12  Vsevolod Vlasov  <vsevik@chromium.org>
3373
3374         Web Inspector: Remove resources panel edited resources search support.
3375         https://bugs.webkit.org/show_bug.cgi?id=91101
3376
3377         Reviewed by Pavel Feldman.
3378
3379         * inspector/front-end/ResourcesPanel.js:
3380         (WebInspector.ResourcesPanel.prototype.performSearch.callback):
3381         (WebInspector.ResourcesPanel.prototype.performSearch):
3382
3383 2012-07-12  Vsevolod Vlasov  <vsevik@chromium.org>
3384
3385         Unreviewed r122460 inspector closure compilation fix follow up.
3386
3387         * inspector/front-end/RevisionHistoryView.js:
3388         (WebInspector.RevisionHistoryView):
3389
3390 2012-07-12  Ilya Tikhonovsky  <loislo@chromium.org>
3391
3392         Web Inspector: fix native memory instrumentation code for the bindings instrumentation.
3393         https://bugs.webkit.org/show_bug.cgi?id=91096
3394
3395         The instrumented class has to have instrumentation method which reports class size and type and
3396         the member objects and pointers.
3397
3398         Sample:
3399         void Node::reportMemoryUsage(MemoryObjectInfo* memoryObjectInfo) const
3400         {
3401             memoryObjectInfo->reportObjectInfo(this, MemoryInstrumentation::DOM); // report object size and type.
3402             TreeShared<Node, ContainerNode>::reportMemoryUsage(memoryObjectInfo); // call base class instrumentation.
3403             ScriptWrappable::reportMemoryUsage(memoryObjectInfo); // call base class instrumentation.
3404             memoryObjectInfo->reportPointer(m_document, MemoryInstrumentation::DOM); // report uninstrumented pointer.
3405             memoryObjectInfo->reportInstrumentedPointer(m_next); // report instrumented pointer.
3406             memoryObjectInfo->reportInstrumentedObject(m_anObject); // report instrumented object.
3407         }
3408
3409         Reviewed by Pavel Feldman.
3410
3411         Existing tests for native memory instrumentation.
3412
3413         * bindings/v8/DOMDataStore.cpp:
3414         (WebCore::DOMDataStore::reportMemoryUsage):
3415         * bindings/v8/DOMDataStore.h:
3416         (WebCore):
3417         (DOMDataStore):
3418         * bindings/v8/IntrusiveDOMWrapperMap.h:
3419         (WebCore::ChunkedTable::reportMemoryUsage):
3420         * bindings/v8/ScriptProfiler.cpp:
3421         (WebCore::ScriptProfiler::collectBindingMemoryInfo):
3422         * bindings/v8/V8Binding.cpp:
3423         (WebCore::V8BindingPerIsolateData::reportMemoryUsage):
3424         (WebCore::StringCache::reportMemoryUsage):
3425         * bindings/v8/V8Binding.h:
3426         (WebCore):
3427         (StringCache):
3428         (V8BindingPerIsolateData):
3429         * bindings/v8/V8DOMMap.h:
3430         (WebCore):
3431         (AbstractWeakReferenceMap):
3432         * inspector/InspectorMemoryAgent.cpp:
3433         (WebCore):
3434
3435 2012-07-12  Pavel Feldman  <pfeldman@chromium.org>
3436
3437         Web Inspector: beautify find bar looks, simplify search update routines.
3438         https://bugs.webkit.org/show_bug.cgi?id=91087
3439
3440         Reviewed by Vsevolod Vlasov.
3441
3442         This change updates the looks to the one on the screenshots and simplifies match count update routines.
3443
3444         * inspector/front-end/SearchController.js:
3445         (WebInspector.SearchController.onMatchesMouseDown):
3446         (WebInspector.SearchController):
3447         (WebInspector.SearchController.prototype.activePanelChanged.performPanelSearch):
3448         (WebInspector.SearchController.prototype.activePanelChanged):
3449         (WebInspector.SearchController.prototype._updateSearchNavigationButtonState):
3450         (WebInspector.SearchController.prototype._updateSearchMatchesCountAndCurrentMatchIndex):
3451         (WebInspector.SearchController.prototype._onKeyDown):
3452         (WebInspector.SearchController.prototype._onInput):
3453         (WebInspector.SearchController.prototype._onNextButtonSearch):
3454         (WebInspector.SearchController.prototype._onPrevButtonSearch):
3455         (WebInspector.SearchController.prototype._performSearch):
3456         * inspector/front-end/inspector.css:
3457         (#search):
3458         (#search:focus):
3459         (.toolbar-search-navigation-controls):
3460         (.toolbar-search-navigation):
3461         (.toolbar-search-navigation.enabled:hover):
3462         (.toolbar-search-navigation.enabled, .toolbar-search-navigation.enabled:active):
3463         (.toolbar-search):
3464         (.toolbar-search-control):
3465         (.search-results-matches):
3466         (.inspector-footer):
3467
3468 2012-07-12  Joshua Bell  <jsbell@chromium.org>
3469
3470         IndexedDB: ASSERT hit calling open from callback in Worker
3471         https://bugs.webkit.org/show_bug.cgi?id=90832
3472
3473         Reviewed by Kentaro Hara.
3474
3475         GroupSettings are used to provide the backing store path in some
3476         ports. Accessing those settings from a Worker was added, but the
3477         access referenced thread startup data that is cleared before the
3478         run loop, so an IDBFactory.open() call executed asynchronously
3479         would dereference a null pointer. Plumb the settings startup
3480         data into the context itself, like all of the other properties.
3481
3482         Test: storage/indexeddb/open-twice-workers.html
3483
3484         * Modules/indexeddb/IDBFactory.cpp:
3485         (WebCore::IDBFactory::open):
3486         * workers/DedicatedWorkerContext.cpp:
3487         (WebCore::DedicatedWorkerContext::DedicatedWorkerContext):
3488         * workers/DedicatedWorkerContext.h:
3489         (WebCore::DedicatedWorkerContext::create):
3490         (DedicatedWorkerContext):
3491         * workers/DedicatedWorkerThread.cpp:
3492         (WebCore::DedicatedWorkerThread::createWorkerContext):
3493         * workers/DedicatedWorkerThread.h:
3494         (DedicatedWorkerThread):
3495         * workers/SharedWorkerContext.cpp:
3496         (WebCore::SharedWorkerContext::SharedWorkerContext):
3497         * workers/SharedWorkerContext.h:
3498         (WebCore::SharedWorkerContext::create):
3499         (SharedWorkerContext):
3500         * workers/SharedWorkerThread.cpp:
3501         (WebCore::SharedWorkerThread::createWorkerContext):
3502         * workers/SharedWorkerThread.h:
3503         (SharedWorkerThread):
3504         * workers/WorkerContext.cpp:
3505         (WebCore::WorkerContext::WorkerContext):
3506         * workers/WorkerContext.h:
3507         (WebCore::WorkerContext::groupSettings):
3508         (WorkerContext):
3509         * workers/WorkerThread.cpp:
3510         (WebCore::WorkerThread::workerThread):
3511         * workers/WorkerThread.h:
3512         (WorkerThread):
3513
3514 2012-07-12  Allan Sandfeld Jensen  <allan.jensen@nokia.com>
3515
3516         [Qt] Implement MemoryUsageSupport
3517         https://bugs.webkit.org/show_bug.cgi?id=91094
3518
3519         Reviewed by Adam Barth.
3520
3521         Implements Qt versions of the memory-usage functions using the information we have available
3522         from the various memory systems used in WebKit.
3523
3524         Also gets rid of a redundant indirection in V8GCController.
3525
3526         * Target.pri:
3527         * bindings/v8/V8GCController.cpp:
3528         (WebCore::V8GCController::gcEpilogue):
3529         (WebCore::V8GCController::checkMemoryUsage):
3530         * platform/qt/MemoryUsageSupportQt.cpp: Added.
3531         (WebCore::mallocMemoryUsage):
3532         (WebCore::memoryUsageKB):
3533         (WebCore::actualMemoryUsageKB):
3534         (WebCore::MemoryUsageSupport::memoryUsageMB):
3535         (WebCore::MemoryUsageSupport::actualMemoryUsageMB):
3536         (WebCore::MemoryUsageSupport::lowMemoryUsageMB):
3537         (WebCore::MemoryUsageSupport::highMemoryUsageMB):
3538         (WebCore::MemoryUsageSupport::highUsageDeltaMB):
3539         (WebCore::MemoryUsageSupport::processMemorySizesInBytes):
3540         * platform/qt/PlatformSupport.h:
3541         (PlatformSupport):
3542
3543 2012-07-12  Vsevolod Vlasov  <vsevik@chromium.org>
3544
3545         Web Inspector: Revision history view should be updated when uiSourceCodes are removed or replaced.
3546         https://bugs.webkit.org/show_bug.cgi?id=91095
3547
3548         Reviewed by Pavel Feldman.
3549
3550         RevisionHistoryView is now reset in WorkspaceReset event handler.
3551         UISourceCodes are now removed from RevisionHistoryView when uiSourceCode is removed or replace.
3552
3553         * inspector/front-end/RevisionHistoryView.js:
3554         (WebInspector.RevisionHistoryView):
3555         (WebInspector.RevisionHistoryView.prototype._clearHistory):
3556         (WebInspector.RevisionHistoryView.prototype._uiSourceCodeRemoved):
3557         (WebInspector.RevisionHistoryView.prototype._uiSourceCodeReplaced):
3558         * inspector/front-end/ScriptsPanel.js:
3559         (WebInspector.ScriptsPanel.prototype._reset):
3560
3561 2012-07-12  Dongwoo Im  <dw.im@samsung.com>
3562
3563         InspectorFileSystemAgent.cpp have to include File.h explicitly
3564         https://bugs.webkit.org/show_bug.cgi?id=91078
3565
3566         Reviewed by Vsevolod Vlasov.
3567
3568         Make sure the InspectorFileSystemAgent.cpp include the File.h by including explicitly.
3569
3570         No new tests. Covered by existing tests.
3571
3572         * inspector/InspectorFileSystemAgent.cpp: Include File.h
3573
3574 2012-07-12  Vsevolod Vlasov  <vsevik@chromium.org>
3575
3576         Web Inspector: [Regression] Stale revisions should be removed on navigation.
3577         https://bugs.webkit.org/show_bug.cgi?id=91080
3578
3579         Reviewed by Pavel Feldman.
3580
3581         Moved all the code responsible for script mapping resetting to Workspace.
3582         Stale revisions are removed in Workspace._reset now.
3583
3584         * inspector/front-end/ScriptSnippetModel.js:
3585         (WebInspector.ScriptSnippetModel):
3586         * inspector/front-end/StylesPanel.js:
3587         (WebInspector.StylesUISourceCodeProvider):
3588         (WebInspector.StylesUISourceCodeProvider.prototype._populate):
3589         (WebInspector.StylesUISourceCodeProvider.prototype.reset):
3590         * inspector/front-end/UISourceCode.js:
3591         (WebInspector.UISourceCode.prototype._restoreRevisionHistory):
3592         * inspector/front-end/Workspace.js:
3593         (WebInspector.Workspace):
3594         (WebInspector.Workspace.prototype._reset):
3595
3596 2012-07-12  Andreas Kling  <kling@webkit.org>
3597
3598         Make ElementAttributeData a variable-sized object to reduce memory use.
3599         <http://webkit.org/b/88240>
3600
3601         Reviewed by Antti "Obi-Wan" Koivisto.
3602
3603         Take advantage of the fact that we know at ElementAttributeData construction time how many attributes
3604         it needs to accomodate and allocate exactly as much space as needed instead of using a Vector.
3605         For elements that never have their attribute list mutated (the vast majority), this saves a lot of
3606         memory and removes the indirection to Vector<Attribute>'s heap-allocated storage.
3607
3608         Introduced a mutability flag to ElementAttributeData and sprinkled assertions all over to make sure
3609         that nothing tries to mutate an element with a raw attribute array.
3610
3611         When an Element's attribute(s) are mutated, we reconstruct the ElementAttributeData, this time using
3612         a Vector as backing instead. This is triggered when calling Element::mutableAttributeData().
3613
3614         This reduces memory consumption by 3.2MB when viewing the full HTML5 spec at <http://whatwg.org/c/>.
3615         That is a ~35% reduction in DOM attribute memory use.
3616
3617         Furthermore, that page ends up promoting 27% of the elements to mutable attribute storage due to dynamic
3618         adding of "class" attributes. For more static pages, savings are even greater.
3619
3620         Also did away with ElementAttributeData::removeAttribute(name) and do separate index lookup where
3621         needed. Not a big deal but avoids double lookup of attributes when removing them.
3622
3623         * css/PropertySetCSSStyleDeclaration.cpp:
3624         (WebCore::InlineCSSStyleDeclaration::ensureMutablePropertySet):
3625
3626             Call ensureInlineStyle() on the element so we know we have a StylePropertySet to work with.
3627             May cause the creation (and replacement) of a new underlying StylePropertySet on the Element's
3628             attribute data.
3629
3630         * css/StylePropertySet.cpp:
3631         (WebCore::StylePropertySet::adoptCSSOMWrapperFrom):
3632
3633             Added. Allows switching the underlying StylePropertySet object while retaining CSSOM wrapper
3634             identity (web facing behavior.)
3635
3636         * dom/Element.cpp:
3637         (WebCore::Element::detachAttribute):
3638         (WebCore::Element::removeAttribute):
3639         (WebCore::Element::attributes):
3640         (WebCore::Element::setAttributeInternal):
3641         (WebCore::Element::parserSetAttributes):
3642         (WebCore::Element::hasEquivalentAttributes):
3643         (WebCore::Element::setAttributeNode):
3644         (WebCore::Element::removeAttributeNode):
3645         (WebCore::Element::getAttributeNode):
3646         (WebCore::Element::getAttributeNodeNS):
3647         (WebCore::Element::hasAttribute):
3648         (WebCore::Element::hasAttributeNS):
3649         (WebCore::Element::normalizeAttributes):
3650         (WebCore::Element::cloneAttributesFromElement):
3651         (WebCore::Element::createMutableAttributeData):
3652         * dom/Element.h:
3653         (WebCore::Element::attributeData):
3654         (Element):
3655         (WebCore::Element::updatedAttributeData):
3656         (WebCore::Element::ensureAttributeData):
3657         (WebCore::Element::ensureUpdatedAttributeData):
3658         (WebCore::Element::mutableAttributeData):
3659         (WebCore):
3660         * dom/ElementAttributeData.cpp:
3661         (WebCore::ElementAttributeData::createImmutable):
3662         (WebCore):
3663         (WebCore::ElementAttributeData::ElementAttributeData):
3664         (WebCore::ElementAttributeData::~ElementAttributeData):
3665         (WebCore::ElementAttributeData::attrIfExists):
3666         (WebCore::ElementAttributeData::ensureAttr):
3667         (WebCore::ElementAttributeData::setAttr):
3668         (WebCore::ElementAttributeData::removeAttr):
3669         (WebCore::ElementAttributeData::ensureInlineStyle):
3670         (WebCore::ElementAttributeData::ensureMutableInlineStyle):
3671         (WebCore::ElementAttributeData::destroyInlineStyle):
3672         (WebCore::ElementAttributeData::addAttribute):
3673         (WebCore::ElementAttributeData::removeAttribute):
3674         (WebCore::ElementAttributeData::isEquivalent):
3675         (WebCore::ElementAttributeData::detachAttrObjectsFromElement):
3676         (WebCore::ElementAttributeData::getAttributeItemIndexSlowCase):
3677         (WebCore::ElementAttributeData::cloneDataFrom):
3678         (WebCore::ElementAttributeData::clearAttributes):
3679         (WebCore::ElementAttributeData::replaceAttribute):
3680         (WebCore::ElementAttributeData::getAttributeNode):
3681         * dom/ElementAttributeData.h:
3682         (WebCore::ElementAttributeData::create):
3683         (ElementAttributeData):
3684         (WebCore::ElementAttributeData::setClass):
3685         (WebCore::ElementAttributeData::setIdForStyleResolution):
3686         (WebCore::ElementAttributeData::inlineStyle):
3687         (WebCore::ElementAttributeData::setAttributeStyle):
3688         (WebCore::ElementAttributeData::reportMemoryUsage):
3689         (WebCore::ElementAttributeData::isMutable):
3690         (WebCore::ElementAttributeData::makeMutable):
3691         (WebCore::ElementAttributeData::length):
3692         (WebCore):
3693         (WebCore::ElementAttributeData::isEmpty):
3694         (WebCore::ElementAttributeData::array):
3695         (WebCore::ElementAttributeData::removeAttribute):
3696         (WebCore::ElementAttributeData::getAttributeItem):
3697         (WebCore::ElementAttributeData::getAttributeItemIndex):
3698         (WebCore::ElementAttributeData::attributeItem):
3699         * dom/StyledElement.cpp:
3700         (WebCore::StyledElement::style):
3701         (WebCore::StyledElement::classAttributeChanged):
3702         (WebCore::StyledElement::setInlineStyleProperty):
3703         (WebCore::StyledElement::removeInlineStyleProperty):
3704         (WebCore::StyledElement::addSubresourceAttributeURLs):
3705         * dom/StyledElement.h:
3706         (WebCore::StyledElement::ensureInlineStyle):
3707         * html/parser/HTMLConstructionSite.cpp:
3708         (WebCore::HTMLConstructionSite::createHTMLElementFromSavedElement):
3709         * xml/parser/XMLDocumentParserQt.cpp:
3710         (WebCore::XMLDocumentParser::XMLDocumentParser):
3711
3712 2012-07-12  Florin Malita  <fmalita@chromium.org>
3713
3714         Incorrect handling of chained pending resources in SVGUseElement
3715         https://bugs.webkit.org/show_bug.cgi?id=89686
3716
3717         Reviewed by Nikolas Zimmermann.
3718
3719         Currently SVGUseElement builds the shadow tree when the target first
3720         becomes available. This is normally OK, but if the target itself (or
3721         one of its children) is a <use> element with pending resources, then
3722         the shadow expansion only captures the current state of the tree and
3723         never gets updated when the pending resource becomes available.
3724
3725         In order to support arbitrary <use>-on-<use> constructs, this patch
3726         tracks nested <use> dependencies and rebuilds the dependent trees
3727         whenever the target gets updated.
3728
3729
3730         Tests: svg/custom/use-nested-expected.svg
3731                svg/custom/use-nested.svg
3732
3733         * svg/SVGElement.cpp:
3734         (WebCore::SVGElement::removedFrom): removedFrom needs to be called up the inheritance chain
3735         before invoking removeAllElementReferencesForTarget. Otherwise we could end up finding the
3736         element being removed as a valid target in SVGUseElement::buildInstanceTree because its
3737         InDocument flag is not cleared yet.
3738         * svg/SVGUseElement.cpp:
3739         (WebCore::SVGUseElement::~SVGUseElement):
3740         (WebCore::SVGUseElement::clearResourceReferences):
3741         (WebCore::SVGUseElement::buildPendingResource):
3742         (WebCore::SVGUseElement::buildShadowAndInstanceTree):
3743         (WebCore::SVGUseElement::buildInstanceTree):
3744         * svg/SVGUseElement.h:
3745         (SVGUseElement):
3746         Track <use> -> <use> dependencies using SVGDocumentExtensions'
3747         m_elementDependencies framework and ensure dependent trees are rebuilt
3748         when the target itself gets rebuilt.
3749
3750 2012-07-12  MORITA Hajime  <morrita@google.com>
3751
3752         Typo: ParentTranversalDetails should be ParentTraversalDetails
3753         https://bugs.webkit.org/show_bug.cgi?id=91059
3754
3755         Reviewed by Andreas Kling.
3756
3757         Did a bare rename from ParentTranversalDetails to ParentTraversalDetails
3758
3759         No new tests, just a rename.
3760
3761         * dom/ComposedShadowTreeWalker.cpp:
3762         (WebCore::ComposedShadowTreeWalker::ParentTraversalDetails::didTraverseInsertionPoint):
3763         (WebCore::ComposedShadowTreeWalker::ParentTraversalDetails::didTraverseShadowRoot):
3764         (WebCore::ComposedShadowTreeWalker::ParentTraversalDetails::didFindNode):
3765         (WebCore::ComposedShadowTreeWalker::findParent):
3766         (WebCore::ComposedShadowTreeWalker::traverseNodeEscapingFallbackContents):
3767         (WebCore::ComposedShadowTreeWalker::traverseParent):
3768         (WebCore::ComposedShadowTreeWalker::traverseParentInCurrentTree):
3769         (WebCore::ComposedShadowTreeWalker::traverseParentBackToYoungerShadowRootOrHost):
3770         * dom/ComposedShadowTreeWalker.h:
3771         (WebCore::ComposedShadowTreeWalker::ParentTraversalDetails::ParentTraversalDetails):
3772         (ComposedShadowTreeWalker):
3773         * dom/NodeRenderingContext.h:
3774         (NodeRenderingContext):
3775
3776 2012-07-11  Antti Koivisto  <antti@apple.com>
3777
3778         Failure to dispatch didFinishLoadForFrame if font load fails synchronously 
3779         https://bugs.webkit.org/show_bug.cgi?id=91018
3780
3781         Reviewed by Enrica Casucci.
3782
3783         New font loads may be triggered by layout after the document load is complete but before we have dispatched
3784         didFinishLoading for the frame. If the load fails synchronously we might fail to ever invoke 
3785         FrameLoader::checkLoadComplete and so fail to dispatch didFinishLoading.
3786         
3787         Make sure this doesn't happen by calling FrameLoader::checkLoadComplete explicitly after triggering font loads.
3788
3789         * css/CSSFontSelector.cpp:
3790         (WebCore::CSSFontSelector::beginLoadTimerFired):
3791
3792 2012-07-12  Gyuyoung Kim  <gyuyoung.kim@samsung.com>
3793
3794         Register protocol handler files should be in Modules/protocolhandler
3795         https://bugs.webkit.org/show_bug.cgi?id=90766
3796
3797         Reviewed by Hajime Morita.
3798
3799         The register protocol handler files are now self-contained. This patch is moved to the Modules.
3800
3801         No new tests. Covered by existing tests.
3802
3803         * CMakeLists.txt:
3804         * GNUmakefile.am:
3805         * GNUmakefile.list.am:
3806         * Modules/protocolhandler/NavigatorRegisterProtocolHandler.cpp: Renamed from Source/WebCore/page/NavigatorRegisterProtocolHandler.cpp.
3807         (WebCore):
3808         (WebCore::initProtocolHandlerWhitelist):
3809         (WebCore::verifyCustomHandlerURL):
3810         (WebCore::isProtocolWhitelisted):
3811         (WebCore::verifyProtocolHandlerScheme):
3812         (WebCore::NavigatorRegisterProtocolHandler::NavigatorRegisterProtocolHandler):
3813         (WebCore::NavigatorRegisterProtocolHandler::~NavigatorRegisterProtocolHandler):
3814         (WebCore::NavigatorRegisterProtocolHandler::registerProtocolHandler):
3815         (WebCore::customHandlersStateString):
3816         (WebCore::NavigatorRegisterProtocolHandler::isProtocolHandlerRegistered):
3817         (WebCore::NavigatorRegisterProtocolHandler::unregisterProtocolHandler):
3818         * Modules/protocolhandler/NavigatorRegisterProtocolHandler.h: Renamed from Source/WebCore/page/NavigatorRegisterProtocolHandler.h.
3819         (WebCore):
3820         (NavigatorRegisterProtocolHandler):
3821         * Modules/protocolhandler/NavigatorRegisterProtocolHandler.idl: Renamed from Source/WebCore/page/NavigatorRegisterProtocolHandler.idl.
3822         * Target.pri:
3823         * WebCore.gyp/WebCore.gyp:
3824         * WebCore.gypi:
3825         * WebCore.pri:
3826         * WebCore.vcproj/WebCore.vcproj:
3827         * WebCore.vcproj/WebCoreCommon.vsprops:
3828         * WebCore.vcproj/copyForwardingHeaders.cmd:
3829         * WebCore.xcodeproj/project.pbxproj:
3830
3831 2012-07-12  Jonathan Dong  <jonathan.dong@torchmobile.com.cn>
3832
3833         [BlackBerry] Cannot use digest proxy auth and NTLM auth at the same time
3834         https://bugs.webkit.org/show_bug.cgi?id=91054
3835
3836         Reviewed by George Staikos.
3837
3838         Added an interface function syncProxyCredential() in class
3839         PageClientBlackBerry, which is responsible to notify WebPageClient
3840         to synchronize proxy credential to the chrome process.
3841
3842         Internally reviewed by Jason Liu <jason.liu@torchmobile.com.cn>
3843
3844         No new tests since there's no functional change.
3845
3846         * platform/blackberry/PageClientBlackBerry.h:
3847         * platform/network/blackberry/NetworkJob.cpp:
3848         (WebCore::NetworkJob::storeCredentials): Remember the accepted proxy
3849         credential and notify webpage client to synchronize it.
3850
3851 2012-07-12  Xingnan Wang  <xingnan.wang@intel.com>
3852
3853         [IndexedDB] upperOpen set to true in lowerBound()/lowerOpen set to true in upperBound()
3854         https://bugs.webkit.org/show_bug.cgi?id=90867
3855
3856         Reviewed by Tony Chang.
3857
3858         In the latest W3C spec upperOpen/lowerOpen are set to true in lowerBound()/upperBound(), which
3859         we should keep aligned with.
3860
3861         No new tests - updated storage/indexeddb/keyrange.html to match new behavior.
3862
3863         * Modules/indexeddb/IDBKeyRange.cpp:
3864         (WebCore::IDBKeyRange::lowerBound):
3865         (WebCore::IDBKeyRange::upperBound):
3866
3867 2012-07-12  MORITA Hajime  <morrita@google.com>
3868
3869         [Shadow DOM] <video> with <shadow> crashes
3870         https://bugs.webkit.org/show_bug.cgi?id=91055
3871
3872         Reviewed by Kent Tamura.
3873
3874         This is similar to Bug 90480, where an undesired renderer is created by
3875         locating an insertion point on the shadow boundary.
3876
3877         This change adds a guard for such case by cheking whether the
3878         source node of each to-be-created renderer comes from the UA shadow
3879         tree, which is allowed to have a renderer.
3880
3881         Test: fast/dom/shadow/insertion-point-video-crash.html
3882
3883         * html/HTMLMediaElement.cpp:
3884         (WebCore::HTMLMediaElement::childShouldCreateRenderer): Added a check.
3885         (WebCore::HTMLMediaElement::mediaControls): Added const.
3886         (WebCore::HTMLMediaElement::hasMediaControls): Added const.
3887         * html/HTMLMediaElement.h:
3888         (HTMLMediaElement):
3889
3890 2012-07-12  Yoshifumi Inoue  <yosin@chromium.org>
3891
3892         REGRESSION(r122184): LocaleMac::currentLocale should use current locale rather than newly create locale object. 
3893         https://bugs.webkit.org/show_bug.cgi?id=91057
3894
3895         Reviewed by Kent Tamura.
3896
3897         This patch changes NSLocale object of LocaleMac::m_locale variable to
3898         current NSLocale object rather than newly created NSLocale object from
3899         locale identifier.
3900
3901         No new tests. We don't have way to change system preferences from
3902         test scripts and restoring them. To test this patch, we need to do so.
3903
3904         * platform/text/mac/LocaleMac.h:
3905         (LocaleMac): Added a constructor which takes NSLocale object.
3906         * platform/text/mac/LocaleMac.mm:
3907         (WebCore::LocaleMac::LocaleMac): Added a constructor which takes NSLocale object.
3908         (WebCore::LocaleMac::currentLocale): Changed to construct LocaleMac object from NSLocale object rather than locale identifier.
3909
3910 2012-07-11  Carlos Garcia Campos  <cgarcia@igalia.com>
3911
3912         [GTK] Add webkit_cookie_manager_set_persistent_storage() to WebKit2 GTK+ API
3913         https://bugs.webkit.org/show_bug.cgi?id=83016
3914
3915         Reviewed by Martin Robinson.
3916
3917         * platform/network/soup/CookieStorageSoup.cpp:
3918         (WebCore::soupCookiesChanged): Do not notify about changes in
3919         other cookie jars than the current one.
3920
3921 2012-07-12  Philip Rogers  <pdr@google.com>
3922
3923         Refactor RenderSVGShape bounding box code
3924         https://bugs.webkit.org/show_bug.cgi?id=90655
3925
3926         Reviewed by Nikolas Zimmermann.
3927
3928         RenderSVGShape::objectBoundingBox worked differently than RenderSVGShape::strokeBoundingBox by
3929         not caching the object bounding box and instead computing it on each call. For consistency and
3930         performance objectBoundingBox has been refactored to return a cached value.
3931
3932         createShape has been renamed updateShapeFromElement for understandability. updateShapeFromElement
3933         now updates the internal state of the shape (bounding boxes, etc) from the associated element.
3934         RenderSVGShape::inflateWithStrokeAndMarkerBounds has been merged into
3935         RenderSVGShape::calculateStrokeBoundingBox which is called from updateShapeFromElement.
3936
3937         After this change all bounding box computation is now handled in updateShapeFromElement. Because
3938         subclasses override updateShapeFromElement it will be easy for them to have custom bounding box
3939         code there (as will happen for RenderSVGPath in a followup patch).
3940
3941         strokeBoundingBox and objectBoundingBox are now able to return their cached values immediately
3942         in RenderSVGRect and RenderSVGEllipse instead of checking their fallback state on each call.
3943
3944         Additionally, to save space RenderSVGEllipse and RenderSVGRect now use the m_fillBoundingBox and
3945         m_strokeBoundingBox of RenderSVGShape instead of having their own.
3946
3947         This patch also removes setStrokeAndMarkerBoundingBox that was previously dead code.
3948
3949         No new tests, just a refactoring.
3950
3951         * rendering/svg/RenderSVGEllipse.cpp:
3952         (WebCore::RenderSVGEllipse::updateShapeFromElement):
3953         (WebCore):
3954         (WebCore::RenderSVGEllipse::fillShape):
3955         (WebCore::RenderSVGEllipse::strokeShape):
3956         (WebCore::RenderSVGEllipse::shapeDependentStrokeContains):
3957         * rendering/svg/RenderSVGEllipse.h:
3958         (RenderSVGEllipse):
3959         (WebCore::RenderSVGEllipse::isEmpty):
3960         * rendering/svg/RenderSVGRect.cpp:
3961         (WebCore::RenderSVGRect::updateShapeFromElement):
3962         (WebCore):
3963         (WebCore::RenderSVGRect::fillShape):
3964         (WebCore::RenderSVGRect::strokeShape):
3965         (WebCore::RenderSVGRect::shapeDependentStrokeContains):
3966         (WebCore::RenderSVGRect::shapeDependentFillContains):