Comment on WebCore::HTMLMediaElement::childShouldCreateRenderer() should explain why
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2012-07-16  MORITA Hajime  <morrita@google.com>
2
3         Comment on WebCore::HTMLMediaElement::childShouldCreateRenderer() should explain why
4         https://bugs.webkit.org/show_bug.cgi?id=91174
5
6         Reviewed by Kent Tamura.
7
8         Clarified the explanation.
9
10         * html/HTMLMediaElement.cpp:
11         (WebCore::HTMLMediaElement::childShouldCreateRenderer):
12
13 2012-07-16  Sheriff Bot  <webkit.review.bot@gmail.com>
14
15         Unreviewed, rolling out r120033.
16         http://trac.webkit.org/changeset/120033
17         https://bugs.webkit.org/show_bug.cgi?id=91454
18
19         Broke background gradients (Requested by smfr on #webkit).
20
21         * platform/graphics/GeneratorGeneratedImage.cpp:
22         (WebCore::GeneratorGeneratedImage::draw):
23
24 2012-07-16  Joshua Bell  <jsbell@chromium.org>
25
26         IndexedDB: Implement spec updates to IDBTransaction.error
27         https://bugs.webkit.org/show_bug.cgi?id=91409
28
29         Reviewed by Tony Chang.
30
31         The Indexed DB spec was updated to resolve some edge cases around the
32         IDBTransaction.error attribute. It was agreed that accessing error should
33         never throw, error should be null if the transaction is not finished or
34         abort() was explicitly called, an appropriate error should be returned if
35         a commit failed, and a generic AbortError should be used if a request
36         callback throws. These cases are now handled per spec, except that a reason
37         is not provided for the commit failure (it's always UnknownError).
38
39         Test: storage/indexeddb/transaction-error.html
40               storage/indexeddb/transaction-abort.html
41
42         * Modules/indexeddb/IDBRequest.cpp:
43         (WebCore::IDBRequest::dispatchEvent): Refactor some nested if() blocks; don't
44         re-abort the transaction if dispatching in response to an abort.
45         (WebCore::IDBRequest::uncaughtExceptionInEventHandler): Abort transaction
46         only if not already aborting, and set it's error to AbortError.
47         * Modules/indexeddb/IDBTransaction.cpp:
48         (WebCore::IDBTransaction::onAbort): Set error if abort triggered by back end.
49         * Modules/indexeddb/IDBTransaction.h:
50         (WebCore::IDBTransaction::db): Move impl to header file.
51         (WebCore::IDBTransaction::error): Move impl to header file, simplify.
52         (IDBTransaction):
53         * Modules/indexeddb/IDBTransaction.idl: The error attribute no longer throws.
54
55 2012-07-16  Joshua Bell  <jsbell@chromium.org>
56
57         IndexedDB: Implement spec updates to IDBTransaction.error
58         https://bugs.webkit.org/show_bug.cgi?id=91409
59
60         Reviewed by Tony Chang.
61
62         The Indexed DB spec was updated to resolve some edge cases around the
63         IDBTransaction.error attribute. It was agreed that accessing error should
64         never throw, error should be null if the transaction is not finished or
65         abort() was explicitly called, an appropriate error should be returned if
66         a commit failed, and a generic AbortError should be used if a request
67         callback throws. These cases are now handled per spec, except that a reason
68         is not provided for the commit failure (it's always UnknownError).
69
70         Test: storage/indexeddb/transaction-error.html
71               storage/indexeddb/transaction-abort.html
72
73         * Modules/indexeddb/IDBRequest.cpp:
74         (WebCore::IDBRequest::dispatchEvent): Refactor some nested if() blocks; don't
75         re-abort the transaction if dispatching in response to an abort.
76         (WebCore::IDBRequest::uncaughtExceptionInEventHandler): Abort transaction
77         only if not already aborting, and set it's error to AbortError.
78         * Modules/indexeddb/IDBTransaction.cpp:
79         (WebCore::IDBTransaction::onAbort): Set error if abort triggered by back end.
80         * Modules/indexeddb/IDBTransaction.h:
81         (WebCore::IDBTransaction::db): Move impl to header file.
82         (WebCore::IDBTransaction::error): Move impl to header file, simplify.
83         (IDBTransaction):
84         * Modules/indexeddb/IDBTransaction.idl: The error attribute no longer throws.
85
86 2012-07-16  Alec Flett  <alecflett@chromium.org>
87
88         IndexedDB: Introduce putWithIndexKeys and calculate them in the renderer
89         https://bugs.webkit.org/show_bug.cgi?id=90923
90
91         Reviewed by Darin Fisher.
92
93         Refactor IndexWriter to depend only on IDBIndexMetadata and on
94         (databaseId, objectStoreId, indexId) so that it can talk directly
95         to the backing store, and also eventually be moved into the renderer.
96
97         This also introduces IDBObjectStoreBackendInterface::putWithIndexKeys
98         as a replacement for IDBObjectStoreBackendInterface::put, already
99         stubbed out in the chromium port. It will fully replace put()
100         after both chromium and webkit sides have reached alignment.
101
102         No new tests as this is just a refactor and existing tests cover
103         correctness.
104
105         * Modules/indexeddb/IDBCursor.cpp:
106         (WebCore::IDBCursor::setValueReady):
107         * Modules/indexeddb/IDBIndexBackendImpl.cpp:
108         * Modules/indexeddb/IDBIndexBackendImpl.h:
109         * Modules/indexeddb/IDBObjectStore.h:
110         (IDBObjectStore):
111         * Modules/indexeddb/IDBObjectStoreBackendImpl.cpp:
112         (WebCore::IDBObjectStoreBackendImpl::put):
113         (WebCore):
114         (WebCore::IDBObjectStoreBackendImpl::putWithIndexKeys):
115         (WebCore::IDBObjectStoreBackendImpl::putInternal):
116         (WebCore::IDBObjectStoreBackendImpl::populateIndex):
117         * Modules/indexeddb/IDBObjectStoreBackendImpl.h:
118         (IDBObjectStoreBackendImpl):
119         * Modules/indexeddb/IDBObjectStoreBackendInterface.h:
120         * Modules/indexeddb/IDBRequest.cpp:
121         (WebCore::IDBRequest::onSuccess):
122
123 2012-07-16  Adrienne Walker  <enne@google.com>
124
125         [chromium] Unify compositor quad transforms into content space
126         https://bugs.webkit.org/show_bug.cgi?id=91350
127
128         Reviewed by Kenneth Russell.
129
130         For the purpose of simplification and as a first step towards removing
131         any transform that takes a centered rect, remove the ability of layers
132         to override the quad transform. All quads and quad transforms operate
133         on content space with the origin in the top left.
134
135         The gutter quads used to use the root layer (that doesn't draw
136         content) as the layer to create the shared quad state from. This is
137         now created manually as a layer without bounds should never in general
138         need a shared quad state created for it.
139
140         No change in functionality; tested by existing layout and unit tests.
141
142         * platform/graphics/chromium/cc/CCIOSurfaceLayerImpl.cpp:
143         (WebCore::CCIOSurfaceLayerImpl::appendQuads):
144         * platform/graphics/chromium/cc/CCLayerImpl.cpp:
145         (WebCore::CCLayerImpl::createSharedQuadState):
146         * platform/graphics/chromium/cc/CCLayerImpl.h:
147         (CCLayerImpl):
148         * platform/graphics/chromium/cc/CCRenderPass.cpp:
149         (WebCore::CCRenderPass::appendQuadsToFillScreen):
150         * platform/graphics/chromium/cc/CCSolidColorLayerImpl.cpp:
151         (WebCore::CCSolidColorLayerImpl::appendQuads):
152         * platform/graphics/chromium/cc/CCSolidColorLayerImpl.h:
153         (CCSolidColorLayerImpl):
154         * platform/graphics/chromium/cc/CCTextureLayerImpl.cpp:
155         (WebCore::CCTextureLayerImpl::appendQuads):
156         * platform/graphics/chromium/cc/CCTiledLayerImpl.cpp:
157         * platform/graphics/chromium/cc/CCTiledLayerImpl.h:
158         (CCTiledLayerImpl):
159         * platform/graphics/chromium/cc/CCVideoLayerImpl.cpp:
160         (WebCore::CCVideoLayerImpl::appendQuads):
161
162 2012-07-16  Adrienne Walker  <enne@google.com>
163
164         [chromium] Unify compositor quad transforms into content space
165         https://bugs.webkit.org/show_bug.cgi?id=91350
166
167         Reviewed by Kenneth Russell.
168
169         For the purpose of simplification and as a first step towards removing
170         any transform that takes a centered rect, remove the ability of layers
171         to override the quad transform. All quads and quad transforms operate
172         on content space with the origin in the top left.
173
174         The gutter quads used to use the root layer (that doesn't draw
175         content) as the layer to create the shared quad state from. This is
176         now created manually as a layer without bounds should never in general
177         need a shared quad state created for it.
178
179         No change in functionality; tested by existing layout and unit tests.
180
181         * platform/graphics/chromium/cc/CCIOSurfaceLayerImpl.cpp:
182         (WebCore::CCIOSurfaceLayerImpl::appendQuads):
183         * platform/graphics/chromium/cc/CCLayerImpl.cpp:
184         (WebCore::CCLayerImpl::createSharedQuadState):
185         * platform/graphics/chromium/cc/CCLayerImpl.h:
186         (CCLayerImpl):
187         * platform/graphics/chromium/cc/CCRenderPass.cpp:
188         (WebCore::CCRenderPass::appendQuadsToFillScreen):
189         * platform/graphics/chromium/cc/CCSolidColorLayerImpl.cpp:
190         (WebCore::CCSolidColorLayerImpl::appendQuads):
191         * platform/graphics/chromium/cc/CCSolidColorLayerImpl.h:
192         (CCSolidColorLayerImpl):
193         * platform/graphics/chromium/cc/CCTextureLayerImpl.cpp:
194         (WebCore::CCTextureLayerImpl::appendQuads):
195         * platform/graphics/chromium/cc/CCTiledLayerImpl.cpp:
196         * platform/graphics/chromium/cc/CCTiledLayerImpl.h:
197         (CCTiledLayerImpl):
198         * platform/graphics/chromium/cc/CCVideoLayerImpl.cpp:
199         (WebCore::CCVideoLayerImpl::appendQuads):
200
201 2012-07-16  Joshua Bell  <jsbell@chromium.org>
202
203         IndexedDB: Resolve test and IDL FIXMEs for a handful of landed patches
204         https://bugs.webkit.org/show_bug.cgi?id=91423
205
206         Reviewed by Tony Chang.
207
208         IDBObjectStore.createIndex() had a hack to handle a null keyPath argument for the
209         DOMString[] overload and treat it as the string "null". Now that IDL arrays are not
210         nullable by default following r121817 this hack can be removed and the binding layer
211         will automagically coerce to DOMString.
212
213         Test: storage/indexeddb/keypath-basics.html
214
215         * Modules/indexeddb/IDBObjectStore.cpp:
216         (WebCore::IDBObjectStore::createIndex): Remove special case for null in DOMString[] overload.
217         * Modules/indexeddb/IDBObjectStore.idl: Remove Nullable suffix from DOMString[] overload
218         so that the DOMString overload will match null.
219
220 2012-07-16  Bear Travis  <betravis@adobe.com>
221
222         Resolve CSS Exclusions shapeInside, shapeOutside properties to Length based WrapShape classes
223         https://bugs.webkit.org/show_bug.cgi?id=89670
224
225         Reviewed by Dirk Schulze.
226
227         Layout of CSS Exclusions requires length based WrapShape classes,
228         rather than the existing CSSValue based CSSWrapShape classes. This
229         patch adds length based WrapShape analogs to the CSSWrapShapes, and
230         modifies RenderStyle to use a WrapShape instead of a CSSWrapShape.
231         The translation between WrapShape and CSSWrapShape classes
232         is handled by helper functions in the new WrapShapeFunctions files.
233         StyleBuilder resolves CSSWrapShapes to WrapShapes for layout use.
234         CSSComputedStyleDeclaration translates WrapShapes to CSSWrapShapes
235         for style use.
236
237         There are existing tests that cover the style serialization / resolution
238         in fast/exclusions/parsing-wrap-shape-inside.html and
239         fast/exclusions/parsing/wrap-shape-outside.html
240
241         Test: fast/exclusions/parsing-wrap-shape-lengths.html
242
243         * CMakeLists.txt: Build system changes for adding new files
244         * GNUmakefile.list.am: Ditto
245         * Target.pri: Ditto
246         * WebCore.gypi: Ditto
247         * WebCore.vcproj/WebCore.vcproj: Ditto
248         * WebCore.xcodeproj/project.pbxproj: Ditto
249         * css/CSSComputedStyleDeclaration.cpp: Translate WrapShapes back to CSSWrapShapes
250         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
251         * css/CSSWrapShapes.h: Mostly changing functions to be const
252         (WebCore::CSSWrapShapeRectangle::type):
253         (WebCore::CSSWrapShapeCircle::type):
254         (WebCore::CSSWrapShapeEllipse::type):
255         (WebCore::CSSWrapShapePolygon::getXAt):
256         (WebCore::CSSWrapShapePolygon::getYAt):
257         (WebCore::CSSWrapShapePolygon::values):
258         (WebCore::CSSWrapShapePolygon::type):
259         * css/StyleBuilder.cpp: Resolve CSSWrapShapes to WrapShapes
260         (WebCore):
261         (WebCore::ApplyPropertyWrapShape::setValue):
262         (WebCore::ApplyPropertyWrapShape::applyValue):
263         (WebCore::ApplyPropertyWrapShape::createHandler):
264         * css/WrapShapeFunctions.cpp: Added.
265         (WebCore):
266         (WebCore::valueForWrapShape):
267         (WebCore::convertToLength):
268         (WebCore::wrapShapeForValue):
269         * css/WrapShapeFunctions.h: Added.
270         (WebCore):
271         * rendering/style/RenderStyle.h:
272         * rendering/style/StyleRareNonInheritedData.h:
273         (StyleRareNonInheritedData):
274         * rendering/style/WrapShapes.h: Added.
275         (WebCore):
276         (WrapShape):
277         (WebCore::WrapShape::~WrapShape):
278         (WebCore::WrapShape::WrapShape):
279         (WrapShapeRectangle):
280         (WebCore::WrapShapeRectangle::create):
281         (WebCore::WrapShapeRectangle::left):
282         (WebCore::WrapShapeRectangle::top):
283         (WebCore::WrapShapeRectangle::width):
284         (WebCore::WrapShapeRectangle::height):
285         (WebCore::WrapShapeRectangle::cornerRadiusX):
286         (WebCore::WrapShapeRectangle::cornerRadiusY):
287         (WebCore::WrapShapeRectangle::setLeft):
288         (WebCore::WrapShapeRectangle::setTop):
289         (WebCore::WrapShapeRectangle::setWidth):
290         (WebCore::WrapShapeRectangle::setHeight):
291         (WebCore::WrapShapeRectangle::setCornerRadiusX):
292         (WebCore::WrapShapeRectangle::setCornerRadiusY):
293         (WebCore::WrapShapeRectangle::type):
294         (WebCore::WrapShapeRectangle::WrapShapeRectangle):
295         (WrapShapeCircle):
296         (WebCore::WrapShapeCircle::create):
297         (WebCore::WrapShapeCircle::left):
298         (WebCore::WrapShapeCircle::top):
299         (WebCore::WrapShapeCircle::radius):
300         (WebCore::WrapShapeCircle::setLeft):
301         (WebCore::WrapShapeCircle::setTop):
302         (WebCore::WrapShapeCircle::setRadius):
303         (WebCore::WrapShapeCircle::type):
304         (WebCore::WrapShapeCircle::WrapShapeCircle):
305         (WrapShapeEllipse):
306         (WebCore::WrapShapeEllipse::create):
307         (WebCore::WrapShapeEllipse::top):
308         (WebCore::WrapShapeEllipse::left):
309         (WebCore::WrapShapeEllipse::radiusX):
310         (WebCore::WrapShapeEllipse::radiusY):
311         (WebCore::WrapShapeEllipse::setTop):
312         (WebCore::WrapShapeEllipse::setLeft):
313         (WebCore::WrapShapeEllipse::setRadiusX):
314         (WebCore::WrapShapeEllipse::setRadiusY):
315         (WebCore::WrapShapeEllipse::type):
316         (WebCore::WrapShapeEllipse::WrapShapeEllipse):
317         (WrapShapePolygon):
318         (WebCore::WrapShapePolygon::create):
319         (WebCore::WrapShapePolygon::windRule):
320         (WebCore::WrapShapePolygon::values):
321         (WebCore::WrapShapePolygon::getXAt):
322         (WebCore::WrapShapePolygon::getYAt):
323         (WebCore::WrapShapePolygon::setWindRule):
324         (WebCore::WrapShapePolygon::appendPoint):
325         (WebCore::WrapShapePolygon::type):
326         (WebCore::WrapShapePolygon::WrapShapePolygon):
327
328 2012-07-16  Simon Fraser  <simon.fraser@apple.com>
329
330         Fix compositing layers in columns when in paginated mode
331         https://bugs.webkit.org/show_bug.cgi?id=91425
332
333         Reviewed by Dave Hyatt.
334
335         Enhance a hack that was added to allow composited layers to
336         display in columns to work for paginated mode, where the
337         RenderView is renderer with columns.
338
339         Test: compositing/columns/composited-in-paginated.html
340
341         * rendering/RenderLayer.cpp:
342         (WebCore::RenderLayer::updateLayerPosition):
343
344 2012-07-16  Emil A Eklund  <eae@chromium.org>
345
346         Inconsistent rounding in table layout causes background color to bleed through
347         https://bugs.webkit.org/show_bug.cgi?id=91410
348
349         Reviewed by Eric Seidel.
350
351         At certain zoom levels a rounding error in the table layout code cases
352         the table background color to bleed through between cells. Tables layout
353         happens on pixel bounds however the paint offset wasn't correctly rounded.
354
355         Test: fast/sub-pixel/table-rows-no-gaps.html
356
357         * rendering/RenderTable.cpp:
358         (WebCore::RenderTable::paintObject):
359         Round paintOffset before passing it to the paint method of the children.
360
361 2012-07-16  Sheriff Bot  <webkit.review.bot@gmail.com>
362
363         Unreviewed, rolling out r122739.
364         http://trac.webkit.org/changeset/122739
365         https://bugs.webkit.org/show_bug.cgi?id=91424
366
367         Broke mac builds (Requested by rniwa on #webkit).
368
369         * inspector/CodeGeneratorInspector.py:
370         (flatten_list):
371
372 2012-07-16  Dana Jansens  <danakj@chromium.org>
373
374         [chromium] Remove non-ephemeral data from RenderSurface as it duplicates data from the owning layer
375         https://bugs.webkit.org/show_bug.cgi?id=91418
376
377         Reviewed by Adrienne Walker.
378
379         This removes the filters and masks from render surfaces, and makes them
380         used directly from the owning layer. Also removes skipsDraw from
381         surfaces as it was just not used at all.
382
383         Covered by existing tests.
384
385         * platform/graphics/chromium/LayerChromium.h:
386         (WebCore::LayerChromium::filters):
387         (WebCore::LayerChromium::backgroundFilters):
388         (WebCore::LayerChromium::hasMask):
389         (WebCore::LayerChromium::hasReplica):
390         (WebCore::LayerChromium::replicaHasMask):
391         (LayerChromium):
392         * platform/graphics/chromium/RenderSurfaceChromium.cpp:
393         (WebCore::RenderSurfaceChromium::RenderSurfaceChromium):
394         * platform/graphics/chromium/RenderSurfaceChromium.h:
395         (RenderSurfaceChromium):
396         * platform/graphics/chromium/cc/CCLayerImpl.h:
397         (WebCore::CCLayerImpl::hasMask):
398         (WebCore::CCLayerImpl::hasReplica):
399         (WebCore::CCLayerImpl::replicaHasMask):
400         (CCLayerImpl):
401         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
402         (WebCore::CCLayerTreeHost::calculateMemoryForRenderSurfaces):
403         * platform/graphics/chromium/cc/CCLayerTreeHostCommon.cpp:
404         (WebCore::calculateDrawTransformsInternal):
405         * platform/graphics/chromium/cc/CCOcclusionTracker.cpp:
406         (WebCore::::finishedRenderTarget):
407         (WebCore::reduceOcclusionBelowSurface):
408         (WebCore::::leaveToRenderTarget):
409         * platform/graphics/chromium/cc/CCRenderPass.cpp:
410         (WebCore::CCRenderPass::appendQuadsForRenderSurfaceLayer):
411         * platform/graphics/chromium/cc/CCRenderSurface.cpp:
412         (WebCore::CCRenderSurface::drawableContentRect):
413         (WebCore::CCRenderSurface::appendQuads):
414         * platform/graphics/chromium/cc/CCRenderSurface.h:
415         (CCRenderSurface):
416
417 2012-07-16  Beth Dakin  <bdakin@apple.com>
418
419         https://bugs.webkit.org/show_bug.cgi?id=91299
420         Paginated views should restrict available height to column height
421         -and corresponding-
422         <rdar://problem/11152108>
423
424         Reviewed by Dan Bernstein.
425
426         Now that RenderViews can have columns, availableLogicalHeight needs to consider 
427         that column height, much like how availableLogicalWidth already considers column 
428         width.
429
430         availableLogicalHeight is newly virtual, like the already-virtual 
431         availableLogicalWidth.
432         * rendering/RenderBox.h:
433         (RenderBox):
434
435         Check with the columnHeight.
436         * rendering/RenderView.cpp:
437         (WebCore):
438         (WebCore::RenderView::availableLogicalHeight):
439         * rendering/RenderView.h:
440
441         setPagination now takes pageLength as an optional parameter. 
442         * testing/InternalSettings.cpp:
443         (WebCore::InternalSettings::setPagination):
444         * testing/InternalSettings.h:
445         (WebCore::InternalSettings::setPagination):
446         (InternalSettings):
447         * testing/InternalSettings.idl:
448         * testing/Internals.cpp:
449         (WebCore::Internals::setPagination):
450         * testing/Internals.h:
451         (WebCore::Internals::setPagination):
452         (Internals):
453         * testing/Internals.idl:
454
455 2012-07-16  Dana Jansens  <danakj@chromium.org>
456
457         [chromium] Remove targetRenderSurface concept, give layers a renderTarget which is the layer whose coordinate space they draw into
458         https://bugs.webkit.org/show_bug.cgi?id=91288
459
460         Reviewed by Adrienne Walker.
461
462         Always use pointers to layers when discussing render targets instead of
463         pointing directly to a RenderSurface.
464
465         Covered by existing tests.
466
467         * platform/graphics/chromium/LayerChromium.cpp:
468         (WebCore::LayerChromium::LayerChromium):
469         (WebCore::LayerChromium::createRenderSurface):
470         * platform/graphics/chromium/LayerChromium.h:
471         (WebCore::LayerChromium::renderTarget):
472         (WebCore::LayerChromium::setRenderTarget):
473         (LayerChromium):
474         * platform/graphics/chromium/RenderSurfaceChromium.cpp:
475         * platform/graphics/chromium/RenderSurfaceChromium.h:
476         * platform/graphics/chromium/ScrollbarLayerChromium.cpp:
477         (WebCore::ScrollbarLayerChromium::setTexturePriorities):
478         * platform/graphics/chromium/TiledLayerChromium.cpp:
479         (WebCore::TiledLayerChromium::setTexturePrioritiesInRect):
480         * platform/graphics/chromium/cc/CCLayerImpl.cpp:
481         (WebCore::CCLayerImpl::CCLayerImpl):
482         (WebCore::CCLayerImpl::createRenderSurface):
483         (WebCore::CCLayerImpl::dumpLayerProperties):
484         * platform/graphics/chromium/cc/CCLayerImpl.h:
485         (WebCore::CCLayerImpl::renderTarget):
486         (WebCore::CCLayerImpl::setRenderTarget):
487         (CCLayerImpl):
488         * platform/graphics/chromium/cc/CCLayerTreeHostCommon.cpp:
489         (WebCore::calculateLayerScissorRect):
490         (WebCore::calculateSurfaceScissorRect):
491         (WebCore::calculateVisibleContentRect):
492         (WebCore::computeScrollCompensationForThisLayer):
493         (WebCore::calculateDrawTransformsInternal):
494         (WebCore::pointIsClippedBySurfaceOrClipRect):
495         * platform/graphics/chromium/cc/CCOcclusionTracker.cpp:
496         (WebCore::::enterLayer):
497         (WebCore::::leaveLayer):
498         (WebCore::::enterRenderTarget):
499         (WebCore::::finishedRenderTarget):
500         (WebCore):
501         (WebCore::reduceOcclusionBelowSurface):
502         (WebCore::::leaveToRenderTarget):
503         (WebCore::::markOccludedBehindLayer):
504         (WebCore::::occluded):
505         (WebCore::::unoccludedContentRect):
506         (WebCore::::unoccludedContributingSurfaceContentRect):
507         (WebCore::::layerScissorRectInTargetSurface):
508         * platform/graphics/chromium/cc/CCOcclusionTracker.h:
509         (CCOcclusionTrackerBase):
510         (WebCore::CCOcclusionTrackerBase::StackObject::StackObject):
511         (StackObject):
512         * platform/graphics/chromium/cc/CCQuadCuller.cpp:
513         (WebCore::CCQuadCuller::appendSurface):
514         * platform/graphics/chromium/cc/CCRenderSurface.cpp:
515         * platform/graphics/chromium/cc/CCRenderSurface.h:
516         (CCRenderSurface):
517
518 2012-07-16  Florin Malita  <fmalita@chromium.org>
519
520         SVGAnimationElement::currentValuesForValuesAnimation crash
521         https://bugs.webkit.org/show_bug.cgi?id=91326
522
523         Reviewed by Simon Fraser.
524
525         SVGSMILElement::progress() assumes that seekToIntervalCorrespondingToTime() always
526         lands inside a defined interval, but one can force arbitrary time offsets using
527         setCurrentTime(). This patch adds logic for handling non-interval time offsets
528         gracefully.
529
530         Test: svg/animations/smil-setcurrenttime-crash.svg
531
532         * svg/animation/SVGSMILElement.cpp:
533         (WebCore::SVGSMILElement::progress):
534
535 2012-07-16  Joshua Netterfield  <jnetterfield@rim.com>
536
537         [BlackBerry] Upstream WebGL Code
538         https://bugs.webkit.org/show_bug.cgi?id=91143
539
540         Reviewed by Rob Buis.
541
542         This patch includes BlackBerry-specific fixes for anti-aliasing, logging, and shader compilation.
543
544         No new tests, because there is no new functionality.
545
546         * platform/graphics/GraphicsContext3D.h: Add a value for TI Imagination chipsets on BlackBerry platforms
547         * platform/graphics/blackberry/GraphicsContext3DBlackBerry.cpp: Multiple downstream changes
548         (WebCore::GraphicsContext3D::GraphicsContext3D):
549         (WebCore::GraphicsContext3D::reshapeFBOs):
550         (WebCore):
551         (WebCore::GraphicsContext3D::logFrameBufferStatus):
552         (WebCore::GraphicsContext3D::readPixelsIMG): BlackBerry-specific fix for Imagination hardware.
553         (WebCore::GraphicsContext3D::paintsIntoCanvasBuffer):
554         (WebCore::GraphicsContext3D::platformTexture):
555         (WebCore::GraphicsContext3D::platformGraphicsContext3D):
556         (WebCore::GraphicsContext3D::paintToCanvas):
557         * platform/graphics/opengl/Extensions3DOpenGL.h: Remove unnecessary whitespace.
558         (Extensions3DOpenGL):
559         * platform/graphics/opengl/Extensions3DOpenGLCommon.cpp:
560         (WebCore::Extensions3DOpenGLCommon::getTranslatedShaderSourceANGLE): Hack to fix ANGLE-generated code on BlackBerry platforms.
561         * platform/graphics/opengl/Extensions3DOpenGLCommon.h:
562         (Extensions3DOpenGLCommon):
563         * platform/graphics/opengl/Extensions3DOpenGLES.cpp: I am not in a position to change system headers from correct to incorrect.
564         (WebCore::Extensions3DOpenGLES::renderbufferStorageMultisample):
565         (WebCore::Extensions3DOpenGLES::supportsExtension):
566         * platform/graphics/opengl/Extensions3DOpenGLES.h: I am not in a position to change system headers from correct to incorrect.
567         (Extensions3DOpenGLES):
568         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp: Add a BlackBerry-specific anti-aliasing fix.
569         (WebCore::GraphicsContext3D::paintRenderingResultsToCanvas):
570         (WebCore::GraphicsContext3D::prepareTexture):
571         (WebCore::GraphicsContext3D::bindFramebuffer):
572         (WebCore::GraphicsContext3D::compileShader):
573         (WebCore::GraphicsContext3D::copyTexImage2D):
574         (WebCore::GraphicsContext3D::copyTexSubImage2D):
575         (WebCore):
576         * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
577         (WebCore):
578
579 2012-07-16  Tony Chang  <tony@chromium.org>
580
581         Position grid items by row/column index
582         https://bugs.webkit.org/show_bug.cgi?id=91293
583
584         Reviewed by Ojan Vafai.
585
586         Do some initial grid positioning. Only handle the simple case where tracks are
587         fixed values and don't properly size the grid items. This gives us something to
588         work with and starts implementing the "Grid Track Sizing Algorithm":
589         http://dev.w3.org/csswg/css3-grid-layout/#grid-track-sizing-algorithm0
590
591         Test: fast/css-grid-layout/place-cell-by-index.html
592
593         * rendering/RenderGrid.cpp:
594         (RenderGrid::GridTrack): Data structure for holding the track size. UsedBreadth matches the terminology
595         used in the spec.
596         (WebCore::RenderGrid::layoutBlock): Pull in some boiler plate code and put the
597         grid specific code in layoutGridItems.
598         (WebCore::RenderGrid::computedUsedBreadthOfGridTracks): Implement part of the grid track sizing algorithm.
599         (WebCore::RenderGrid::layoutGridItems): Compute the size of grid tracks, layout and position children.
600         (WebCore::RenderGrid::findChildLogicalPosition): Map track sizes to the actual position of the child.
601         * rendering/RenderGrid.h:
602         * rendering/style/RenderStyle.h: Just return a copy of Length rather than a reference to Length. This seems
603         more consistent with other getters that return a Length.
604
605 2012-07-16  Sami Kyostila  <skyostil@chromium.org>
606
607         [chromium] Only apply page scale delta to root scroll layer
608         https://bugs.webkit.org/show_bug.cgi?id=91374
609
610         Reviewed by Adrienne Walker.
611
612         When the user pinch-zooms the web page though the Chromium compositor, the
613         per-layer page scale delta is used to keep track of the difference between the
614         page scale on the compositor thread versus the main thread. On the next
615         commit to the main thread these values are reset to 1.
616
617         When calculating layer positions, the compositor applies a layer's page scale
618         delta both to the layer itself as well as all of its children. Since we are
619         currently updating the page scale delta on all scrollable layers, this results
620         in scrollable child layers getting scaled multiple times.
621
622         This patch changes the compositor to only apply the page scale delta on the
623         root scroll layer.
624
625         New unit test: CCLayerTreeHostImplTest.pageScaleDeltaAppliedToRootScrollLayerOnly
626
627         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
628         (WebCore::CCLayerTreeHostImpl::setPageScaleFactorAndLimits):
629         (WebCore::CCLayerTreeHostImpl::setPageScaleDelta):
630
631 2012-07-16  Kihong Kwon  <kihong.kwon@samsung.com>
632
633         Remove setController from BatteryClient
634         https://bugs.webkit.org/show_bug.cgi?id=90944
635
636         Reviewed by Adam Barth.
637
638         BatteryClient doesn't need to keep m_controller,
639         because BatteryController can be accessed using BatteryController::from().
640         Remove BatteryClient::setController function.
641
642         No new tests. Covered by existing tests.
643
644         * Modules/battery/BatteryClient.h:
645         * Modules/battery/BatteryController.cpp:
646         (WebCore::BatteryController::BatteryController):
647
648 2012-07-16  Mike West  <mkwst@chromium.org>
649
650         Invalid `script-nonce` directives should block script execution.
651         https://bugs.webkit.org/show_bug.cgi?id=91353
652
653         Reviewed by Adam Barth.
654
655         If the `script-nonce` Content Security Policy directive contains an
656         invalid value, we should fail loudly, throwing a warning to the console
657         and denying execution of script on the page. The is in line with the
658         current state of the experimental CSP 1.1 Editors Draft[1].
659
660         [1]: https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#script-nonce--experimental
661
662         Test: http/tests/security/contentSecurityPolicy/1.1/scriptnonce-invalidnonce.html
663
664         * page/ContentSecurityPolicy.cpp:
665         (WebCore::CSPDirectiveList::checkNonceAndReportViolation):
666             Check against null rather than empty for early exit, otherwise
667             only compare nonces if the stored nonce isn't empty.
668         (WebCore::CSPDirectiveList::parseScriptNonce):
669             Assign the empty string if nonce is invalid.
670
671 2012-07-16  Min Qin  <qinmin@chromium.org>
672
673         [Android] remove RenderThemeChromiumAndroid::paintMediaFullscreenButton()
674         https://bugs.webkit.org/show_bug.cgi?id=91291
675
676         Reviewed by Adam Barth.
677
678         The recent media control refactoring added paintMediaFullscreenButton() in RenderThemeChromiumSkia.
679         Since RenderThemeChromiumAndroid inherits from that class, we don't need to redefine this function.
680         No test needed as this change just removes an unnecessary override.
681
682         * rendering/RenderThemeChromiumAndroid.cpp:
683         * rendering/RenderThemeChromiumAndroid.h:
684
685 2012-07-16  Peter Rybin  <peter.rybin@gmail.com>
686
687         Web Inspector: CodeGeneratorInspector.py: fix output write logic to support incremental build
688         https://bugs.webkit.org/show_bug.cgi?id=90642
689
690         Reviewed by Yury Semikhatsky.
691
692         A small intermediate writer is added. It handles comparing old and new source before actual writing.
693
694         * inspector/CodeGeneratorInspector.py:
695         (flatten_list):
696         (SmartOutput):
697         (SmartOutput.__init__):
698         (SmartOutput.write):
699         (SmartOutput.close):
700
701 2012-07-16  Dana Jansens  <danakj@chromium.org>
702
703         [chromium] Incorrect assertion: Replicas will cause a RenderPass to be removed twice
704         https://bugs.webkit.org/show_bug.cgi?id=91328
705
706         Reviewed by Adrienne Walker.
707
708         We asserted that we would never attempt to remove a render pass that had
709         already been removed. This was incorrect as a surface with a replica has
710         two quads and both may cause us to attempt its removal. We must handle
711         this case gracefully.
712
713         Test: CCLayerTreeHostTestSurfaceNotAllocatedForLayersOutsideMemoryLimit
714
715         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
716         (WebCore::CCLayerTreeHostImpl::CullRenderPassesWithNoQuads::shouldRemoveRenderPass):
717
718 2012-07-16  Ilya Tikhonovsky  <loislo@chromium.org>
719
720         Web Inspector: native memory: fix instrumentation for string members
721         https://bugs.webkit.org/show_bug.cgi?id=91384
722
723         Reviewed by Pavel Feldman.
724
725         It was possible to report a string member via addMember instead of addString.
726         This patch is fixing the problem and adding a link time guard.
727
728         Covered by existing inspector performance tests infrastructure.
729
730         * dom/ElementAttributeData.h:
731         (WebCore::ElementAttributeData::reportMemoryUsage):
732         * dom/MemoryInstrumentation.h:
733         (WebCore):
734         (WebCore::MemoryClassInfo::addString):
735         * dom/QualifiedName.h:
736         (WebCore::QualifiedName::QualifiedNameImpl::reportMemoryUsage):
737
738 2012-07-16  Zoltan Horvath  <zoltan@webkit.org>
739
740         Unreviewed. Remove unnecessary executable bits after r122720.
741
742         * platform/graphics/ImageSource.h:
743         * platform/graphics/qt/ImageBufferQt.cpp:
744         * platform/graphics/qt/ImageDecoderQt.cpp:
745         * platform/graphics/qt/ImageQt.cpp:
746         * platform/graphics/qt/StillImageQt.h:
747         * platform/graphics/qt/TransparencyLayer.h:
748
749 2012-07-16  Zoltan Horvath  <zoltan@webkit.org>
750
751         [Qt] Change NativeImagePtr from QPixmap* to QImage*
752         https://bugs.webkit.org/show_bug.cgi?id=88785
753
754         Reviewed by Simon Hausmann.
755
756         Since we use raster engine there is no difference between QPixmap and QImage, so we are going
757         to use QImage everywhere where it is possible. This refactoring contains the change of the
758         NativeImagePtr typedef from QPixmap* to QImage* and covers the related modifications.
759
760         Part of the change is similar to Viatcheslav Ostapenko's internal work.
761
762         Covered by existing tests.
763
764         * bridge/qt/qt_pixmapruntime.cpp:
765         (JSC::Bindings::QtPixmapAssignToElementMethod::invoke):
766         (JSC::Bindings::QtPixmapInstance::variantFromObject):
767         * platform/DragImage.h:
768         (WebCore):
769         * platform/graphics/GraphicsContext.h:
770         (GraphicsContext):
771         * platform/graphics/Image.h:
772         (Image):
773         * platform/graphics/ImageSource.h:
774         (WebCore):
775         * platform/graphics/gstreamer/ImageGStreamer.h:
776         * platform/graphics/gstreamer/ImageGStreamerQt.cpp:
777         (ImageGStreamer::ImageGStreamer):
778         * platform/graphics/qt/GraphicsContext3DQt.cpp:
779         (WebCore::GraphicsContext3D::getImageData):
780         * platform/graphics/qt/GraphicsContextQt.cpp:
781         (WebCore::GraphicsContext::pushTransparencyLayerInternal):
782         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
783         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
784         * platform/graphics/qt/ImageBufferDataQt.h:
785         (ImageBufferData):
786         * platform/graphics/qt/ImageBufferQt.cpp:
787         (WebCore::ImageBufferData::ImageBufferData):
788         (WebCore::ImageBuffer::copyImage):
789         (WebCore::ImageBuffer::clip):
790         (WebCore::ImageBuffer::platformTransformColorSpace):
791         (WebCore::getImageData):
792         (WebCore::ImageBuffer::putByteArray):
793         (WebCore::encodeImage):
794         (WebCore::ImageBuffer::toDataURL):
795         * platform/graphics/qt/ImageDecoderQt.cpp:
796         (WebCore::ImageFrame::asNewNativeImage):
797         * platform/graphics/qt/ImageQt.cpp:
798         (graphics):
799         (loadResourceImage):
800         (WebCore::Image::loadPlatformResource):
801         (WebCore::Image::setPlatformResource):
802         (WebCore::Image::drawPattern):
803         (WebCore::BitmapImage::BitmapImage):
804         (WebCore::BitmapImage::draw):
805         (WebCore::BitmapImage::checkForSolidColor):
806         (WebCore::BitmapImage::create):
807         * platform/graphics/qt/NativeImageQt.h: Added.
808         (WebCore):
809         (NativeImageQt):
810         (WebCore::NativeImageQt::defaultFormatForAlphaEnabledImages):
811         (WebCore::NativeImageQt::defaultFormatForOpaqueImages):
812          * platform/graphics/qt/PatternQt.cpp:
813         (WebCore::Pattern::createPlatformPattern):
814         * platform/graphics/qt/StillImageQt.cpp:
815         (WebCore::StillImage::StillImage):
816         (WebCore::StillImage::~StillImage):
817         (WebCore::StillImage::currentFrameHasAlpha):
818         (WebCore::StillImage::size):
819         (WebCore::StillImage::nativeImageForCurrentFrame):
820         (WebCore::StillImage::draw):
821         * platform/graphics/qt/StillImageQt.h:
822         (WebCore::StillImage::create):
823         (WebCore::StillImage::createForRendering):
824         (StillImage):
825         * platform/graphics/qt/TransparencyLayer.h:
826         (WebCore::TransparencyLayer::TransparencyLayer):
827         (TransparencyLayer):
828         * platform/graphics/texmap/TextureMapperGL.cpp:
829         * platform/graphics/surfaces/qt/GraphicsSurfaceQt.cpp:
830         (WebCore::GraphicsSurface::createReadOnlyImage):
831          * platform/qt/ClipboardQt.cpp:
832         (WebCore::ClipboardQt::createDragImage):
833         (WebCore::ClipboardQt::declareAndWriteDragImage):
834         * platform/qt/CursorQt.cpp:
835         (WebCore::createCustomCursor):
836         * platform/qt/DragImageQt.cpp:
837         (WebCore::createDragImageFromImage):
838         * platform/qt/PasteboardQt.cpp:
839         (WebCore::Pasteboard::writeImage):
840
841 2012-07-16  Ilya Tikhonovsky  <loislo@chromium.org>
842
843         Web Inspector: moving forward to the better memory instrumentation API
844         https://bugs.webkit.org/show_bug.cgi?id=91259
845
846         Reviewed by Pavel Feldman.
847
848         I'm trying to remove unnecessary complexity of the API
849         reportInstrumentedObject and reportInstrumentedPointer will be replaced with addInstrumentedMember
850         The same will happen with reportPointer, reportObject pair.
851         Also info.report* will be replaced with info.add*
852
853         * bindings/js/ScriptWrappable.h:
854         (WebCore::ScriptWrappable::reportMemoryUsage):
855         * bindings/v8/DOMDataStore.cpp:
856         (WebCore::DOMDataStore::reportMemoryUsage):
857         * bindings/v8/IntrusiveDOMWrapperMap.h:
858         (WebCore::ChunkedTable::reportMemoryUsage):
859         * bindings/v8/ScriptProfiler.cpp:
860         (WebCore::ScriptProfiler::collectBindingMemoryInfo):
861         * bindings/v8/ScriptWrappable.h:
862         (WebCore::ScriptWrappable::reportMemoryUsage):
863         * bindings/v8/V8Binding.cpp:
864         (WebCore::V8BindingPerIsolateData::reportMemoryUsage):
865         (WebCore::StringCache::reportMemoryUsage):
866         * bindings/v8/V8DOMMap.h:
867         * css/StylePropertySet.h:
868         (WebCore::StylePropertySet::reportMemoryUsage):
869         * dom/CharacterData.cpp:
870         (WebCore::CharacterData::reportMemoryUsage):
871         * dom/ContainerNode.h:
872         (WebCore::ContainerNode::reportMemoryUsage):
873         * dom/Document.cpp:
874         (WebCore::Document::reportMemoryUsage):
875         * dom/Element.h:
876         (WebCore::Element::reportMemoryUsage):
877         * dom/ElementAttributeData.h:
878         (WebCore::ElementAttributeData::reportMemoryUsage):
879         * dom/MemoryInstrumentation.h:
880         (WebCore::MemoryInstrumentation::addInstrumentedMember):
881         (MemoryInstrumentation):
882         (WebCore::MemoryInstrumentation::addMember):
883         (WebCore::MemoryInstrumentation::OwningTraits::addInstrumentedMember):
884         (WebCore::MemoryInstrumentation::OwningTraits::addMember):
885         (WebCore::MemoryInstrumentation::addInstrumentedMemberImpl):
886         (WebCore::MemoryInstrumentation::addMemberImpl):
887         (WebCore::MemoryClassInfo::addInstrumentedMember):
888         (WebCore::MemoryClassInfo::addMember):
889         (WebCore::MemoryClassInfo::addHashMap):
890         (WebCore::MemoryClassInfo::addHashSet):
891         (WebCore::MemoryClassInfo::addListHashSet):
892         (WebCore::MemoryClassInfo::addVector):
893         (WebCore::MemoryClassInfo::addString):
894         (WebCore::MemoryInstrumentation::addHashMap):
895         (WebCore::MemoryInstrumentation::addHashSet):
896         (WebCore::MemoryInstrumentation::addListHashSet):
897         (WebCore::MemoryInstrumentation::addVector):
898         * dom/Node.cpp:
899         (WebCore::Node::reportMemoryUsage):
900         * dom/QualifiedName.h:
901         (WebCore::QualifiedName::QualifiedNameImpl::reportMemoryUsage):
902         (WebCore::QualifiedName::reportMemoryUsage):
903         * inspector/InspectorMemoryAgent.cpp:
904         (WebCore):
905         * platform/TreeShared.h:
906         (WebCore::TreeShared::reportMemoryUsage):
907
908 2012-07-16  Sheriff Bot  <webkit.review.bot@gmail.com>
909
910         Unreviewed, rolling out r122714.
911         http://trac.webkit.org/changeset/122714
912         https://bugs.webkit.org/show_bug.cgi?id=91380
913
914         It broke mac compilation (Requested by loislo on #webkit).
915
916         * bindings/js/ScriptWrappable.h:
917         (WebCore::ScriptWrappable::reportMemoryUsage):
918         * bindings/v8/DOMDataStore.cpp:
919         (WebCore::DOMDataStore::reportMemoryUsage):
920         * bindings/v8/IntrusiveDOMWrapperMap.h:
921         (WebCore::ChunkedTable::reportMemoryUsage):
922         * bindings/v8/ScriptProfiler.cpp:
923         (WebCore::ScriptProfiler::collectBindingMemoryInfo):
924         * bindings/v8/ScriptWrappable.h:
925         (WebCore::ScriptWrappable::reportMemoryUsage):
926         * bindings/v8/V8Binding.cpp:
927         (WebCore::V8BindingPerIsolateData::reportMemoryUsage):
928         (WebCore::StringCache::reportMemoryUsage):
929         * bindings/v8/V8DOMMap.h:
930         * css/StylePropertySet.h:
931         (WebCore::StylePropertySet::reportMemoryUsage):
932         * dom/CharacterData.cpp:
933         (WebCore::CharacterData::reportMemoryUsage):
934         * dom/ContainerNode.h:
935         (WebCore::ContainerNode::reportMemoryUsage):
936         * dom/Document.cpp:
937         (WebCore::Document::reportMemoryUsage):
938         * dom/Element.h:
939         (WebCore::Element::reportMemoryUsage):
940         * dom/ElementAttributeData.h:
941         (WebCore::ElementAttributeData::reportMemoryUsage):
942         * dom/MemoryInstrumentation.h:
943         (WebCore::MemoryInstrumentation::reportObject):
944         (MemoryInstrumentation):
945         (WebCore::MemoryInstrumentation::reportPointer):
946         (WebCore::MemoryClassInfo::reportInstrumentedPointer):
947         (WebCore::MemoryClassInfo::reportInstrumentedObject):
948         (WebCore::MemoryClassInfo::reportPointer):
949         (WebCore::MemoryClassInfo::reportObject):
950         (WebCore::MemoryClassInfo::reportHashMap):
951         (WebCore::MemoryClassInfo::reportHashSet):
952         (WebCore::MemoryClassInfo::reportListHashSet):
953         (WebCore::MemoryClassInfo::reportVector):
954         (MemoryClassInfo):
955         (WebCore::MemoryClassInfo::reportString):
956         (WebCore):
957         (WebCore::MemoryInstrumentation::reportInstrumentedPointer):
958         (WebCore::MemoryInstrumentation::reportInstrumentedObject):
959         (WebCore::MemoryInstrumentation::reportHashMap):
960         (WebCore::MemoryInstrumentation::reportHashSet):
961         (WebCore::MemoryInstrumentation::reportListHashSet):
962         (WebCore::MemoryInstrumentation::reportVector):
963         * dom/Node.cpp:
964         (WebCore::Node::reportMemoryUsage):
965         * dom/QualifiedName.h:
966         (WebCore::QualifiedName::QualifiedNameImpl::reportMemoryUsage):
967         (WebCore::QualifiedName::reportMemoryUsage):
968         * inspector/InspectorMemoryAgent.cpp:
969         (WebCore):
970         * platform/TreeShared.h:
971         (WebCore::TreeShared::reportMemoryUsage):
972
973 2012-07-16  Ilya Tikhonovsky  <loislo@chromium.org>
974
975         Web Inspector: moving forward to the better memory instrumentation API
976         https://bugs.webkit.org/show_bug.cgi?id=91259
977
978         Reviewed by Pavel Feldman.
979
980         I'm trying to remove unnecessary complexity of the API
981         reportInstrumentedObject and reportInstrumentedPointer will be replaced with addInstrumentedMember
982         The same will happen with reportPointer, reportObject pair.
983         Also info.report* will be replaced with info.add*
984
985         * bindings/js/ScriptWrappable.h:
986         (WebCore::ScriptWrappable::reportMemoryUsage):
987         * bindings/v8/DOMDataStore.cpp:
988         (WebCore::DOMDataStore::reportMemoryUsage):
989         * bindings/v8/IntrusiveDOMWrapperMap.h:
990         (WebCore::ChunkedTable::reportMemoryUsage):
991         * bindings/v8/ScriptProfiler.cpp:
992         (WebCore::ScriptProfiler::collectBindingMemoryInfo):
993         * bindings/v8/ScriptWrappable.h:
994         (WebCore::ScriptWrappable::reportMemoryUsage):
995         * bindings/v8/V8Binding.cpp:
996         (WebCore::V8BindingPerIsolateData::reportMemoryUsage):
997         (WebCore::StringCache::reportMemoryUsage):
998         * bindings/v8/V8DOMMap.h:
999         * css/StylePropertySet.h:
1000         (WebCore::StylePropertySet::reportMemoryUsage):
1001         * dom/CharacterData.cpp:
1002         (WebCore::CharacterData::reportMemoryUsage):
1003         * dom/ContainerNode.h:
1004         (WebCore::ContainerNode::reportMemoryUsage):
1005         * dom/Document.cpp:
1006         (WebCore::Document::reportMemoryUsage):
1007         * dom/Element.h:
1008         (WebCore::Element::reportMemoryUsage):
1009         * dom/ElementAttributeData.h:
1010         (WebCore::ElementAttributeData::reportMemoryUsage):
1011         * dom/MemoryInstrumentation.h:
1012         (WebCore::MemoryInstrumentation::addInstrumentedMember):
1013         (MemoryInstrumentation):
1014         (WebCore::MemoryInstrumentation::addMember):
1015         (WebCore::MemoryInstrumentation::OwningTraits::addInstrumentedMember):
1016         (WebCore::MemoryInstrumentation::OwningTraits::addMember):
1017         (WebCore::MemoryInstrumentation::addInstrumentedMemberImpl):
1018         (WebCore::MemoryInstrumentation::addMemberImpl):
1019         (WebCore::MemoryClassInfo::addInstrumentedMember):
1020         (WebCore::MemoryClassInfo::addMember):
1021         (WebCore::MemoryClassInfo::addHashMap):
1022         (WebCore::MemoryClassInfo::addHashSet):
1023         (WebCore::MemoryClassInfo::addListHashSet):
1024         (WebCore::MemoryClassInfo::addVector):
1025         (WebCore::MemoryClassInfo::addString):
1026         (WebCore::MemoryInstrumentation::addHashMap):
1027         (WebCore::MemoryInstrumentation::addHashSet):
1028         (WebCore::MemoryInstrumentation::addListHashSet):
1029         (WebCore::MemoryInstrumentation::addVector):
1030         * dom/Node.cpp:
1031         (WebCore::Node::reportMemoryUsage):
1032         * dom/QualifiedName.h:
1033         (WebCore::QualifiedName::QualifiedNameImpl::reportMemoryUsage):
1034         (WebCore::QualifiedName::reportMemoryUsage):
1035         * inspector/InspectorMemoryAgent.cpp:
1036         (WebCore):
1037         * platform/TreeShared.h:
1038         (WebCore::TreeShared::reportMemoryUsage):
1039
1040 2012-07-16  Ilya Tikhonovsky  <loislo@chromium.org>
1041
1042         Web Inspector: native memory instrumentation: extract instrumentation methods into MemoryClassInfo
1043         https://bugs.webkit.org/show_bug.cgi?id=91227
1044
1045         Reviewed by Pavel Feldman.
1046
1047         void Node::reportMemoryUsage(MemoryObjectInfo* memoryObjectInfo) const
1048         {
1049             MemoryClassInfo<Node> info(memoryObjectInfo, this, MemoryInstrumentation::DOM);
1050             info.visitBaseClass<ScriptWrappable>(this);
1051
1052             info.addMember(m_notInstrumentedPointer); // automatically detects poniter/reference
1053             info.addInstrumentedMember(m_next);
1054             info.addHashSet<MemoryInstrumentation::NonClass>(m_aHash);                // NonClass value_type (report only size of internal template structures)
1055             info.addHashSet<MemoryInstrumentation::NotInstrumentedClass>(m_aHashSet); // not instrumented value_type (use sizeof)
1056             info.addHashSet<MemoryInstrumentation::InstrumentedClass>(m_aHashSet);    // instrumented value_type (call visit)
1057         }
1058
1059         The change is covered by existing tests for native memory snapshot.
1060
1061         * bindings/v8/DOMDataStore.cpp:
1062         (WebCore::DOMDataStore::reportMemoryUsage):
1063         * bindings/v8/IntrusiveDOMWrapperMap.h:
1064         (WebCore::ChunkedTable::reportMemoryUsage):
1065         * bindings/v8/ScriptWrappable.h:
1066         (WebCore::ScriptWrappable::reportMemoryUsage):
1067         * bindings/v8/V8Binding.cpp:
1068         (WebCore::V8BindingPerIsolateData::reportMemoryUsage):
1069         (WebCore::StringCache::reportMemoryUsage):
1070         * bindings/v8/V8DOMMap.h:
1071         * css/StylePropertySet.h:
1072         (WebCore::StylePropertySet::reportMemoryUsage):
1073         * dom/CharacterData.cpp:
1074         (WebCore::CharacterData::reportMemoryUsage):
1075         * dom/ContainerNode.h:
1076         (WebCore::ContainerNode::reportMemoryUsage):
1077         * dom/Document.cpp:
1078         (WebCore::Document::reportMemoryUsage):
1079         * dom/Element.h:
1080         (WebCore::Element::reportMemoryUsage):
1081         * dom/ElementAttributeData.h:
1082         (WebCore::ElementAttributeData::reportMemoryUsage):
1083         * dom/MemoryInstrumentation.h:
1084         (MemoryInstrumentation):
1085         (WebCore::MemoryObjectInfo::objectType):
1086         (WebCore::MemoryObjectInfo::objectSize):
1087         (WebCore::MemoryObjectInfo::memoryInstrumentation):
1088         (MemoryObjectInfo):
1089         (WebCore::MemoryObjectInfo::reportObjectInfo):
1090         (WebCore):
1091         (MemoryClassInfo):
1092         (WebCore::MemoryClassInfo::MemoryClassInfo):
1093         (WebCore::MemoryClassInfo::visitBaseClass):
1094         (WebCore::MemoryClassInfo::reportInstrumentedPointer):
1095         (WebCore::MemoryClassInfo::reportInstrumentedObject):
1096         (WebCore::MemoryClassInfo::reportPointer):
1097         (WebCore::MemoryClassInfo::reportObject):
1098         (WebCore::MemoryClassInfo::reportHashMap):
1099         (WebCore::MemoryClassInfo::reportHashSet):
1100         (WebCore::MemoryClassInfo::reportListHashSet):
1101         (WebCore::MemoryClassInfo::reportVector):
1102         (WebCore::MemoryClassInfo::reportString):
1103         * dom/Node.cpp:
1104         (WebCore::Node::reportMemoryUsage):
1105         * dom/QualifiedName.h:
1106         (WebCore::QualifiedName::QualifiedNameImpl::reportMemoryUsage):
1107         (WebCore::QualifiedName::reportMemoryUsage):
1108         * platform/TreeShared.h:
1109         (WebCore::TreeShared::reportMemoryUsage):
1110
1111 2012-07-15  Carlos Garcia Campos  <cgarcia@igalia.com>
1112
1113         Unreviewed. Fix make distcheck.
1114
1115         * GNUmakefile.am: Add missing idl directory.
1116         * GNUmakefile.list.am: Add missing files to compilation.
1117
1118 2012-07-16  Eugene Klyuchnikov  <eustas.big@gmail.com>
1119
1120         Web Inspector: Implement message loop instrumentation for timeline
1121         https://bugs.webkit.org/show_bug.cgi?id=88325
1122
1123         Reviewed by Pavel Feldman.
1124
1125         Message loop instrumentation will show when the render thread is busy.
1126
1127         * inspector/front-end/Settings.js:
1128         (WebInspector.ExperimentsSettings):
1129         Added new experiment.
1130         * inspector/front-end/TimelineGrid.js:
1131         (WebInspector.TimelineGrid.prototype.get dividersLabelBarElement):
1132         Exposed label bar element.
1133         * inspector/front-end/TimelinePanel.js:
1134         (WebInspector.TimelinePanel):
1135         (WebInspector.TimelinePanel.prototype._resetPanel):
1136         Cleanups recorded tasks.
1137         (WebInspector.TimelinePanel.prototype._refresh):
1138         Updates CPU bar.
1139         (WebInspector.TimelinePanel.prototype._refreshRecords):
1140         Ditto.
1141         (WebInspector.TimelinePanel.prototype._refreshCpuBars.compareEndTime):
1142         Ditto.
1143         (WebInspector.TimelinePanel.prototype._refreshCpuBars):
1144         Ditto.
1145         (WebInspector.TimelinePanel.prototype._enableMainThreadMonitoringExperiment):
1146         Adds CPU bar to UI.
1147         (WebInspector.TimelinePanel.prototype._showPopover):
1148         Fix NPE.
1149         (WebInspector.TimelineCalculator.prototype.computeTime):
1150         Utility for position to time conversion.
1151         (WebInspector.TimelineCalculator.prototype.setDisplayWindow):
1152         Remenbers clientWidth.
1153         * inspector/front-end/TimelinePresentationModel.js:
1154         (WebInspector.TimelinePresentationModel.categories):
1155         Define CPU bar colors.
1156         * inspector/front-end/timelinePanel.css:
1157         (.timeline-cpu-bars):
1158         CPU bar styles.
1159         (.timeline-cpu-bars-label):
1160         Ditto.
1161
1162 2012-07-16  Sheriff Bot  <webkit.review.bot@gmail.com>
1163
1164         Unreviewed, rolling out r122681.
1165         http://trac.webkit.org/changeset/122681
1166         https://bugs.webkit.org/show_bug.cgi?id=91363
1167
1168         Patch introduces crashes in debug builds for GTK and EFL ports
1169         (Requested by zdobersek on #webkit).
1170
1171         * platform/ScrollableArea.cpp:
1172         (WebCore::ScrollableArea::scrollPositionChanged):
1173
1174 2012-07-16  Luke Macpherson  <macpherson@chromium.org>
1175
1176         Compilation failure in StyleResolver.cpp (clang)
1177         https://bugs.webkit.org/show_bug.cgi?id=89892
1178
1179         Reviewed by Ryosuke Niwa.
1180
1181         Patch adds assertions that unreachable code is in fact not reached.
1182
1183         Covered by fast/css/variables tests.
1184
1185         * css/CSSParser.cpp:
1186         (WebCore::CSSParser::parseValue):
1187         * css/StyleResolver.cpp:
1188         (WebCore::StyleResolver::collectMatchingRulesForList):
1189
1190 2012-07-15  Mike Lawther  <mikelawther@chromium.org>
1191
1192         Fix calculation of rgba's alpha in CSS custom text
1193         https://bugs.webkit.org/show_bug.cgi?id=91355
1194
1195         Reviewed by Ryosuke Niwa.
1196
1197         Alpha values are stored as an 8 bit value. To convert this to a float in the
1198         range [0,1], we need to divide by 255, not 256. 
1199
1200         Test: fast/css/rgba-custom-text.html
1201
1202         * css/CSSPrimitiveValue.cpp:
1203         (WebCore::CSSPrimitiveValue::customCssText):
1204
1205 2012-07-15  Jason Liu  <jason.liu@torchmobile.com.cn>
1206
1207         [BlackBerry] We shouldn't call didFinishLoading for the old request when a new request has been sent by notifyAuthReceived.
1208         https://bugs.webkit.org/show_bug.cgi?id=90962
1209
1210         Reviewed by Rob Buis.
1211
1212         We start a new NetworkJob with credentials after receiving 401/407 status.
1213         We should not release resources in webcore when the old job is closed because
1214         they are needed by the new one.
1215         We should do as 3XX.
1216
1217         No new tests. No change in behaviour.
1218
1219         * platform/network/blackberry/NetworkJob.cpp:
1220         (WebCore::NetworkJob::NetworkJob):
1221         (WebCore::NetworkJob::notifyAuthReceived):
1222         (WebCore::NetworkJob::shouldReleaseClientResource):
1223         (WebCore::NetworkJob::handleRedirect):
1224         * platform/network/blackberry/NetworkJob.h:
1225         (NetworkJob):
1226
1227 2012-07-15  Ryosuke Niwa  <rniwa@webkit.org>
1228
1229         REGRESSION(r122660): Cannot iterate over HTMLCollection that contains non-child descendent nodes in some conditions
1230         https://bugs.webkit.org/show_bug.cgi?id=91334
1231
1232         Reviewed by Ojan Vafai.
1233
1234         The bug was caused by using lastChild() as the starting node for traversePreviousNode. Since it's the inverse of
1235         Node::traverseNextNode(), which visits nodes in pre order, we must start our search from the last descendent node,
1236         which is visited traverseNextNode immediately before reaching the root node.
1237
1238         Test: fast/dom/htmlcollection-backwards-subtree-iteration.html
1239
1240         * html/HTMLCollection.cpp:
1241         (WebCore::lastDescendent):
1242         (WebCore):
1243         (WebCore::itemBeforeOrAfter):
1244
1245 2012-07-15  Joseph Pecoraro  <pecoraro@apple.com>
1246
1247         Windowless WebView not firing JavaScript load event if there is a media element
1248         https://bugs.webkit.org/show_bug.cgi?id=91331
1249
1250         Reviewed by Eric Carlson.
1251
1252         In prepareForLoad we start deferring the load event. If we fall into this
1253         clause where the page can not start loading media we bail, potentially
1254         indefinitely waiting until we can start loading media. Since we can not
1255         be certain this will ever happen, we should stop deferring the page's
1256         load event.
1257
1258         Test: WebKit1.WindowlessWebViewWithMedia TestWebKitAPI test. The only
1259         way this path was reachable right now is on the mac port.
1260
1261         * html/HTMLMediaElement.cpp:
1262         (WebCore::HTMLMediaElement::loadInternal):
1263
1264 2012-07-15  Dan Bernstein  <mitz@apple.com>
1265
1266         <rdar://problem/11875795> REGRESSION (tiled drawing): Page’s scroll bars flash with each character you type in a textarea (affects Wikipedia and YouTube)
1267         https://bugs.webkit.org/show_bug.cgi?id=91348
1268
1269         Reviewed by Anders Carlsson.
1270
1271         * platform/ScrollableArea.cpp:
1272         (WebCore::ScrollableArea::scrollPositionChanged): Added an early return if the scroll position
1273         did not, in fact, change. This avoids the call to ScrollAnimator::notifyContentAreaScrolled,
1274         which is what causes the scroll bars to flash.
1275
1276 2012-07-14  Eric Carlson  <eric.carlson@apple.com>
1277
1278         Enable AVCF hardware video decoding
1279         https://bugs.webkit.org/show_bug.cgi?id=90015
1280         <rdar://problem/10770317>
1281
1282         Reviewed by Anders Carlsson.
1283
1284         * html/HTMLMediaElement.cpp:
1285         (WebCore):
1286         (WebCore::HTMLMediaElement::mediaPlayerGraphicsDeviceAdapter): New, return the client's graphics 
1287             device adapter.
1288         * html/HTMLMediaElement.h:
1289
1290         * page/ChromeClient.h:
1291         (WebCore::ChromeClient::graphicsDeviceAdapter): New.
1292
1293         * platform/graphics/MediaPlayer.cpp:
1294         (WebCore::MediaPlayer::graphicsDeviceAdapter): New, ask the media element for the graphics
1295             device adapter.
1296         * platform/graphics/MediaPlayer.h:
1297
1298         * platform/graphics/avfoundation/cf/AVFoundationCFSoftLinking.h: Soft-link AVCFPlayerSetDirect3DDevice
1299             and AVCFPlayerEnableHardwareAcceleratedVideoDecoderKey.
1300
1301         * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp: 
1302         (WebCore::MediaPlayerPrivateAVFoundationCF::createAVAssetForURL): Pass the current d3d9
1303             device interface to the AVFWrapper.
1304         (WebCore::AVFWrapper::createAssetForURL): If the d3d9 device implements IDirect3DDevice9Ex,
1305             tell the AVAsset to enable hardware video decoding.
1306         (WebCore::AVFWrapper::createPlayer): Pass the d3d9 device to the player if it implements IDirect3DDevice9Ex.
1307
1308         * platform/graphics/ca/win/CACFLayerTreeHost.h:
1309         (WebCore::CACFLayerTreeHost::graphicsDeviceAdapter): New, default implementation.
1310
1311         * platform/graphics/ca/win/LegacyCACFLayerTreeHost.h:
1312         (WebCore::LegacyCACFLayerTreeHost::graphicsDeviceAdapter): New, default implementation.
1313         * platform/graphics/ca/win/WKCACFViewLayerTreeHost.cpp:
1314         (WebCore::WKCACFViewLayerTreeHost::graphicsDeviceAdapter): New.
1315         * platform/graphics/ca/win/WKCACFViewLayerTreeHost.h:
1316
1317         * platform/win/SoftLinking.h: Define SOFT_LINK_DLL_IMPORT_OPTIONAL, SOFT_LINK_LOADED_LIBRARY,
1318             and SOFT_LINK_VARIABLE_DLL_IMPORT_OPTIONAL.
1319
1320 2012-07-14  Ryosuke Niwa  <rniwa@webkit.org>
1321
1322         Fix Chromium Mac build failure after r122670.
1323
1324         * platform/graphics/mac/ComplexTextController.cpp:
1325
1326 2012-07-14  Mark Rowe  <mrowe@apple.com>
1327
1328         Fix the Snow Leopard build.
1329
1330         * platform/LocalizedStrings.cpp:
1331         (WebCore::contextMenuItemTagLookUpInDictionary): Fix a typo in the condition so that Snow Leopard
1332         continues to take the expected path.
1333
1334 2012-07-14  Ryosuke Niwa  <rniwa@webkit.org>
1335
1336         Accessing the last item in children should be a constant time operation
1337         https://bugs.webkit.org/show_bug.cgi?id=91320
1338
1339         Reviewed by Ojan Vafai.
1340
1341         Traverse nodes from the last item when the target offset we're looking for is closer to the last item
1342         than to the cached item. e.g. if the cached item was at offset 0 in the collection and length was 100,
1343         we should not be looking for the item at offset 95 from the cached item.
1344
1345         Note that this trick can be only used in HTML collection that supports itemBefore and when the length
1346         cache is available.
1347
1348         Also broke shouldSearchFromFirstItem into smaller logical pieces to clarify the intents.
1349
1350         Test: perf/htmlcollection-last-item.html
1351
1352         * html/HTMLCollection.cpp:
1353         (WebCore):
1354         (WebCore::HTMLCollection::isLastItemCloserThanLastOrCachedItem):
1355         (WebCore::HTMLCollection::isFirstItemCloserThanCachedItem):
1356         (WebCore::HTMLCollection::item):
1357         * html/HTMLCollection.h:
1358         (HTMLCollection):
1359
1360 2012-07-14  Mark Rowe  <mrowe@apple.com>
1361
1362         Fix the Windows build.
1363
1364         * platform/network/cf/DNSCFNet.cpp: Fix the condition to take Windows in to account.
1365
1366 2012-07-14  Mark Rowe  <mrowe@apple.com>
1367
1368         Make it explicit which code paths iOS should use when doing checks based on OS X versions.
1369
1370         Rubber-stamped by David Kilzer.
1371
1372         * WebCore.exp.in:
1373         * accessibility/AccessibilityList.h:
1374         * accessibility/AccessibilityTable.h:
1375         * accessibility/mac/AXObjectCacheMac.mm:
1376         * editing/mac/EditorMac.mm:
1377         * loader/MainResourceLoader.cpp:
1378         * loader/MainResourceLoader.h:
1379         * page/AlternativeTextClient.h:
1380         * page/mac/SettingsMac.mm:
1381         * platform/LocalizedStrings.cpp:
1382         * platform/MemoryPressureHandler.cpp:
1383         * platform/audio/mac/AudioBusMac.mm:
1384         * platform/graphics/Gradient.h:
1385         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1386         * platform/graphics/ca/GraphicsLayerCA.cpp:
1387         * platform/graphics/ca/PlatformCALayer.h:
1388         * platform/graphics/ca/mac/PlatformCALayerMac.mm:
1389         * platform/graphics/ca/mac/TileCache.mm:
1390         * platform/graphics/cg/GraphicsContextCG.cpp:
1391         * platform/graphics/cg/ImageBufferCG.cpp:
1392         * platform/graphics/cg/ImageBufferDataCG.h:
1393         * platform/graphics/cg/ImageCG.cpp:
1394         * platform/graphics/cg/ImageSourceCG.cpp:
1395         * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
1396         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1397         * platform/graphics/mac/ComplexTextController.cpp:
1398         * platform/graphics/mac/ComplexTextControllerCoreText.mm:
1399         * platform/graphics/mac/FontCacheMac.mm:
1400         * platform/graphics/mac/FontCustomPlatformData.cpp:
1401         * platform/graphics/mac/FontMac.mm:
1402         * platform/graphics/mac/GraphicsContextMac.mm:
1403         * platform/graphics/mac/SimpleFontDataMac.mm:
1404         * platform/graphics/mac/WebLayer.h:
1405         * platform/graphics/mac/WebLayer.mm:
1406         * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
1407         * platform/mac/DisplaySleepDisabler.cpp:
1408         * platform/mac/DisplaySleepDisabler.h:
1409         * platform/mac/HTMLConverter.h:
1410         * platform/mac/HTMLConverter.mm:
1411         * platform/mac/MemoryPressureHandlerMac.mm:
1412         * platform/mac/SharedTimerMac.mm:
1413         * platform/mac/SuddenTermination.mm:
1414         * platform/mac/WebFontCache.mm:
1415         * platform/network/Credential.h:
1416         * platform/network/ResourceHandle.h:
1417         * platform/network/cf/DNSCFNet.cpp:
1418         * platform/network/cf/ProxyServerCFNet.cpp:
1419         * platform/network/cf/ResourceRequest.h:
1420         * platform/network/cf/SocketStreamHandleCFNet.cpp:
1421         * platform/network/mac/AuthenticationMac.mm:
1422         * platform/network/mac/CookieStorageMac.mm:
1423         * platform/network/mac/ResourceHandleMac.mm:
1424         * platform/network/mac/ResourceRequestMac.mm:
1425         * platform/network/mac/WebCoreURLResponse.mm:
1426         * platform/text/TextChecking.h:
1427         * platform/text/cf/HyphenationCF.cpp:
1428         * platform/text/mac/HyphenationMac.mm:
1429         * rendering/RenderLayerBacking.cpp:
1430         * rendering/RenderLayerCompositor.cpp:
1431
1432 2012-07-14  Sheriff Bot  <webkit.review.bot@gmail.com>
1433
1434         Unreviewed, rolling out r122614.
1435         http://trac.webkit.org/changeset/122614
1436         https://bugs.webkit.org/show_bug.cgi?id=91317
1437
1438         Broke performance tests (Requested by rniwa on #webkit).
1439
1440         * bindings/v8/V8Binding.cpp:
1441         (WebCore::StringCache::v8ExternalStringSlow):
1442
1443 2012-07-05  Robert Hogan  <robert@webkit.org>
1444
1445         CSS 2.1 failure: vertical-align-boxes-001 fails
1446         https://bugs.webkit.org/show_bug.cgi?id=90626
1447
1448         Reviewed by Eric Seidel.
1449
1450         Tests: css2.1/20110323/vertical-align-boxes-001.htm
1451
1452         A percentage value vertical-align is always a percentage of the actual line-height rather than
1453         the margin box per http://www.w3.org/TR/CSS21/visudet.html#propdef-vertical-align: 'Percentages: 
1454         refer to the 'line-height' of the element itself'.  Confusingly, RenderBox::lineheight() is a
1455         shorthand into the dimensions of the margin box for replaced elements in the other vertical-align
1456         cases, i.e. where it's the margin box that's relevant rather than the 'line-height'. So rather than patch RenderBox's
1457         lineHeight() to somehow consider the percentage cases, just give percentage vertical-align the full computedLineHeight()
1458         rather than lineHeight()'s margin box.
1459
1460         * rendering/RootInlineBox.cpp:
1461         (WebCore::RootInlineBox::verticalPositionForBox):
1462
1463 2012-07-13  Ryosuke Niwa  <rniwa@webkit.org>
1464
1465         Iterating backwards over HTMLCollection is O(n^2)
1466         https://bugs.webkit.org/show_bug.cgi?id=91306
1467
1468         Reviewed by Anders Carlsson.
1469
1470         Fixed the bug by introducing itemBefore that iterates nodes backwards to complement itemAfter.
1471         Unfortunately, some HTML collections such as HTMLFormCollection and HTMLTableRowsCollection have
1472         its own itemAfter function and writing an equivalent itemBefore is somewhat tricky. For now,
1473         added a new boolean flag indicating whether a given HTML collection supports itemBefore or not,
1474         and left those HTML collections that override itemAfter alone.
1475
1476         This also paves our way to share more code between DynamicNodeList and HTMLCollection.
1477
1478         Test: perf/htmlcollection-backwards-iteration.html
1479
1480         * dom/DynamicNodeList.h:
1481         (WebCore::DynamicNodeListCacheBase::DynamicNodeListCacheBase): Takes ItemBeforeSupportType.
1482         (WebCore::DynamicNodeListCacheBase::supportsItemBefore): Added.
1483         (DynamicNodeListCacheBase):
1484         (WebCore::DynamicNodeListCacheBase::setItemCache): Replaced a FIXME by an assertion now that
1485         we can.
1486         * html/HTMLAllCollection.cpp:
1487         (WebCore::HTMLAllCollection::HTMLAllCollection): Supports itemBefore since it doesn't override
1488         itemAfter.
1489         * html/HTMLCollection.cpp:
1490         (WebCore::HTMLCollection::HTMLCollection):
1491         (WebCore::HTMLCollection::create):
1492         (WebCore::isAcceptableElement): Made it a static local function instead of a static member.
1493         (WebCore::nextNode): Templatized.
1494         (WebCore::itemBeforeOrAfter): Extracted from itemAfter and templatized.
1495         (WebCore::HTMLCollection::itemBefore): Added.
1496         (WebCore::HTMLCollection::itemAfter):
1497         (WebCore::HTMLCollection::shouldSearchFromFirstItem): Added. Determines whether we should reset
1498         the item cache to the first item. We obviously do if the cache is invalid. If the target offset
1499         is after the cached offset, then we shouldn't go back regardless of availability of itemBefore.
1500         Otherwise, we go back to the first item iff itemBefore is not available or the distance from
1501         the cached offset to the target offset is greater than the target offset itself.
1502         (WebCore::HTMLCollection::length):
1503         (WebCore::HTMLCollection::item): Use the term "offset" to match the terminology elsewhere.
1504         (WebCore::HTMLCollection::itemBeforeOrAfterCachedItem): Ditto. Also added the logic to iterate
1505         nodes backwards using itemBefore. Once we're in this branch, we should always find a matching
1506         item since the target offset was less than the cached offset, and offsets are non-negative.
1507         If we had ever reached the end of the loop without finding an item, it indicates that the cache
1508         has been invalid and we have some serious bug elsewhere.
1509         * html/HTMLCollection.h:
1510         (WebCore::HTMLCollectionCacheBase::HTMLCollectionCacheBase):
1511         (HTMLCollection):
1512         * html/HTMLOptionsCollection.cpp:
1513         (WebCore::HTMLOptionsCollection::HTMLOptionsCollection): Supports itemBefore since it doesn't
1514         override itemAfter.
1515         * html/HTMLFormCollection.cpp:
1516         (WebCore::HTMLFormCollection::HTMLFormCollection): Doesn't support itemBefore as it overrides
1517         itemAfter.
1518         * html/HTMLNameCollection.cpp:
1519         (WebCore::HTMLNameCollection::HTMLNameCollection): Ditto.
1520         * html/HTMLPropertiesCollection.cpp:
1521         (WebCore::HTMLPropertiesCollection::HTMLPropertiesCollection):
1522         * html/HTMLTableRowsCollection.cpp:
1523         (WebCore::HTMLTableRowsCollection::HTMLTableRowsCollection):
1524
1525 2012-07-13  Eric Penner  <epenner@google.com>
1526
1527         [chromium] Add 'self-managed' option to CCPrioritizedTexture to enable render-surface and canvas use cases.
1528         https://bugs.webkit.org/show_bug.cgi?id=91177
1529
1530         Reviewed by Adrienne Walker.
1531
1532         This makes the render-surface memory use case generic as 'self-managed' textures,
1533         as this use case is popping up in other places (eg. canvases). It's exactly the
1534         same idea except we can have as many place-holders as we want at arbitrary
1535         priorities.
1536
1537         This already tested by the render surface unit tests which now also use the 
1538         generic placeholder.
1539
1540         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
1541         (WebCore::CCLayerTreeHost::CCLayerTreeHost):
1542         (WebCore::CCLayerTreeHost::initializeLayerRenderer):
1543         (WebCore::CCLayerTreeHost::updateLayers):
1544         (WebCore::CCLayerTreeHost::setPrioritiesForSurfaces):
1545         (WebCore):
1546         (WebCore::CCLayerTreeHost::setPrioritiesForLayers):
1547         (WebCore::CCLayerTreeHost::prioritizeTextures):
1548         (WebCore::CCLayerTreeHost::calculateMemoryForRenderSurfaces):
1549         (WebCore::CCLayerTreeHost::paintLayerContents):
1550         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
1551         (CCLayerTreeHost):
1552         * platform/graphics/chromium/cc/CCPrioritizedTexture.cpp:
1553         (WebCore::CCPrioritizedTexture::CCPrioritizedTexture):
1554         (WebCore::CCPrioritizedTexture::setToSelfManagedMemoryPlaceholder):
1555         * platform/graphics/chromium/cc/CCPrioritizedTexture.h:
1556         (CCPrioritizedTexture):
1557         (WebCore::CCPrioritizedTexture::setIsSelfManaged):
1558         (WebCore::CCPrioritizedTexture::isSelfManaged):
1559         * platform/graphics/chromium/cc/CCPrioritizedTextureManager.cpp:
1560         (WebCore::CCPrioritizedTextureManager::prioritizeTextures):
1561         (WebCore::CCPrioritizedTextureManager::acquireBackingTextureIfNeeded):
1562         (WebCore::CCPrioritizedTextureManager::destroyBacking):
1563         * platform/graphics/chromium/cc/CCPrioritizedTextureManager.h:
1564         (CCPrioritizedTextureManager):
1565         (WebCore::CCPrioritizedTextureManager::memoryForSelfManagedTextures):
1566
1567 2012-07-13  Kent Tamura  <tkent@chromium.org>
1568
1569         Internals: Clean up the mock PagePopupDriver correctly.
1570         https://bugs.webkit.org/show_bug.cgi?id=91250
1571
1572         Unreviewed, a trivial testing code fix.
1573
1574         * testing/InternalSettings.cpp:
1575         (WebCore::InternalSettings::Backup::restoreTo):
1576         (WebCore::InternalSettings::reset):
1577         Resetting PaePopupDriver here instead of Backup::restoreTo.
1578         Also, close the mock popup before resetting PagePopupDriver by clearing m_pagePopupDriver.
1579         * testing/MockPagePopupDriver.cpp:
1580         (WebCore::MockPagePopupDriver::~MockPagePopupDriver):
1581         Close the popup.
1582
1583 2012-07-13  Tony Payne  <tpayne@chromium.org>
1584
1585         Remove Widget from screenColorProfile
1586         https://bugs.webkit.org/show_bug.cgi?id=91300
1587
1588         Reviewed by Adam Barth.
1589
1590         Chromium, the only platform implementing screenColorProfile, does not
1591         need the Widget, so removing for simplicity.
1592
1593         Covered by existing tests.
1594
1595         * platform/PlatformScreen.h:
1596         (WebCore): Updated comment to remove reference to type param that no
1597         longer exists and removed Widget param.
1598         * platform/blackberry/PlatformScreenBlackBerry.cpp:
1599         (WebCore::screenColorProfile): Removed widget param.
1600         * platform/chromium/PlatformScreenChromium.cpp:
1601         (WebCore::screenColorProfile): Removed widget param.
1602         * platform/efl/PlatformScreenEfl.cpp:
1603         (WebCore::screenColorProfile): Removed widget param.
1604         * platform/gtk/PlatformScreenGtk.cpp:
1605         (WebCore::screenColorProfile): Removed widget param.
1606         * platform/image-decoders/ImageDecoder.h:
1607         (WebCore::ImageDecoder::qcmsOutputDeviceProfile): removed param to
1608         match screenColorProfile()'s new spec.
1609         * platform/mac/PlatformScreenMac.mm:
1610         (WebCore::screenColorProfile): Removed widget param.
1611         * platform/qt/PlatformScreenQt.cpp:
1612         (WebCore::screenColorProfile): Removed widget param.
1613         * platform/win/PlatformScreenWin.cpp:
1614         (WebCore::screenColorProfile): Removed widget param.
1615
1616 2012-07-13  Brian Anderson  <brianderson@chromium.org>
1617
1618         [chromium] Add flushes to CCTextureUpdater::update
1619         https://bugs.webkit.org/show_bug.cgi?id=89035
1620
1621         Reviewed by Adrienne Walker.
1622
1623         Automatic flushes are being removed from the command buffer, so
1624         this moves the flushes into the CCTextureUpdater itself.
1625
1626         CCTextureUpdaterTest added to verify texture upload/flushing patterns.
1627
1628         * platform/graphics/chromium/cc/CCGraphicsContext.h:
1629         (WebCore::CCGraphicsContext::flush):
1630         (CCGraphicsContext):
1631         * platform/graphics/chromium/cc/CCTextureUpdater.cpp:
1632         (WebCore):
1633         (WebCore::CCTextureUpdater::update): Manual flushes added here.
1634
1635 2012-07-13  Kiran Muppala  <cmuppala@apple.com>
1636
1637         REGRESSION: RenderInline boundingBox ignores relative position offset
1638         https://bugs.webkit.org/show_bug.cgi?id=91168
1639
1640         Reviewed by Simon Fraser.
1641
1642         RenderGeometryMap, used for caching the transform to the view,
1643         expects the first mapping pushed, to be that of the view itself.
1644         RenderInline was instead pushing it's own offset first.  Besides
1645         the offset of the view itself was not being pushed.
1646
1647         Relaxed the RenderGeometryMap restriction that the first pushed
1648         step should be of the view.  It is sufficient that the view's mapping
1649         is pushed in the first call to pushMappingsToAncestor.  Modified
1650         RenderInline to push the offset of the view also to the geometry map.
1651
1652         Test: fast/inline/inline-relative-offset-boundingbox.html
1653
1654         * rendering/RenderGeometryMap.cpp:
1655         (WebCore::RenderGeometryMap::pushMappingsToAncestor): Add assertion to
1656         check if mapping to view was pushed in first invocation.
1657         (WebCore::RenderGeometryMap::pushView): Correct assertion that checks
1658         if the view's mapping is the first one to be applied.
1659         (WebCore::RenderGeometryMap::stepInserted): Use isRenderView to check if
1660         a mapping step belongs to a view instead of using mapping size.
1661         (WebCore::RenderGeometryMap::stepRemoved): Ditto.
1662         * rendering/RenderInline.cpp:
1663         (WebCore::(anonymous namespace)::AbsoluteQuadsGeneratorContext::AbsoluteQuadsGeneratorContext):
1664         Push mappings all the way up to and including the view.
1665
1666 2012-07-13  Xianzhu Wang  <wangxianzhu@chromium.org>
1667
1668         Move WebCore/platform/text/Base64 to WTF/wtf/text
1669         https://bugs.webkit.org/show_bug.cgi?id=91162
1670
1671         Reviewed by Adam Barth.
1672
1673         No new tests. Files moving only.
1674
1675         * CMakeLists.txt:
1676         * GNUmakefile.list.am:
1677         * Modules/websockets/WebSocketHandshake.cpp:
1678         (WebCore::generateSecWebSocketKey):
1679         (WebCore::WebSocketHandshake::getExpectedWebSocketAccept):
1680         * Target.pri:
1681         * WebCore.gypi:
1682         * WebCore.order:
1683         * WebCore.vcproj/WebCore.vcproj:
1684         * WebCore.xcodeproj/project.pbxproj:
1685         * fileapi/FileReaderLoader.cpp:
1686         (WebCore::FileReaderLoader::convertToDataURL):
1687         * inspector/DOMPatchSupport.cpp:
1688         (WebCore::DOMPatchSupport::createDigest):
1689         * inspector/InspectorFileSystemAgent.cpp:
1690         (WebCore):
1691         * inspector/InspectorPageAgent.cpp:
1692         (WebCore::InspectorPageAgent::cachedResourceContent):
1693         (WebCore::InspectorPageAgent::sharedBufferContent):
1694         * loader/archive/mhtml/MHTMLArchive.cpp:
1695         (WebCore::MHTMLArchive::generateMHTMLData):
1696         * loader/archive/mhtml/MHTMLParser.cpp:
1697         (WebCore::MHTMLParser::parseNextPart):
1698         * page/DOMWindow.cpp:
1699         (WebCore::DOMWindow::btoa):
1700         (WebCore::DOMWindow::atob):
1701         * page/Page.cpp:
1702         (WebCore::Page::userStyleSheetLocationChanged):
1703         * platform/graphics/cairo/ImageBufferCairo.cpp:
1704         (WebCore::ImageBuffer::toDataURL):
1705         * platform/graphics/cg/ImageBufferCG.cpp:
1706         (WebCore::CGImageToDataURL):
1707         * platform/graphics/gtk/ImageBufferGtk.cpp:
1708         (WebCore::ImageBuffer::toDataURL):
1709         * platform/graphics/skia/FontCustomPlatformData.cpp:
1710         (WebCore::createUniqueFontName):
1711         * platform/graphics/skia/ImageBufferSkia.cpp:
1712         (WebCore::ImageBuffer::toDataURL):
1713         (WebCore::ImageDataToDataURL):
1714         * platform/graphics/win/FontCustomPlatformData.cpp:
1715         (WebCore::createUniqueFontName):
1716         * platform/graphics/wince/FontCustomPlatformData.cpp:
1717         (WebCore::createUniqueFontName):
1718         * platform/graphics/wince/ImageBufferWinCE.cpp:
1719         * platform/graphics/wx/ImageBufferWx.cpp:
1720         * platform/network/DataURL.cpp:
1721         (WebCore::handleDataURL):
1722         * platform/network/cf/ResourceHandleCFNet.cpp:
1723         (WebCore::applyBasicAuthorizationHeader):
1724         * platform/network/mac/ResourceHandleMac.mm:
1725         (WebCore::applyBasicAuthorizationHeader):
1726         * platform/network/soup/ResourceHandleSoup.cpp:
1727         * platform/win/SSLKeyGeneratorWin.cpp:
1728         (WebCore::WebCore::signedPublicKeyAndChallengeString):
1729
1730 2012-07-13  Xianzhu Wang  <wangxianzhu@chromium.org>
1731
1732         [Chromium] Sometimes bottom of text is truncated when page has a fractional scale
1733         https://bugs.webkit.org/show_bug.cgi?id=88684
1734
1735         Reviewed by Tony Chang.
1736
1737         When the page has a fractional scale, the ascent and descent part of the fonts might be fractional.
1738         If the descent part is rounded down, the bottom of the text might be truncated when displayed
1739         when subpixel text positioning is enabled.
1740         To avoid that, borrow one unit from the ascent when possible.
1741
1742         Test: fast/text/descent-clip-in-scaled-page.html
1743
1744         * platform/graphics/harfbuzz/FontPlatformDataHarfBuzz.cpp:
1745         (WebCore::FontPlatformData::setupPaint): Moved NoPreference handling into querySystemForRenderStyle so that fontRenderStyle() can have actual styles without NoPreference.
1746         (WebCore::FontPlatformData::querySystemForRenderStyle): Added NoPreference handling (moved from setupPaint)
1747         * platform/graphics/harfbuzz/FontPlatformDataHarfBuzz.h:
1748         (FontPlatformData):
1749         (WebCore::FontPlatformData::fontRenderStyle): Added to let SimpleFontDataSkia access the font render styles.
1750         * platform/graphics/skia/SimpleFontDataSkia.cpp:
1751         (WebCore::SimpleFontData::platformInit):
1752
1753 2012-07-13  Ryosuke Niwa  <rniwa@webkit.org>
1754
1755         Remove an assertion after r122637.
1756
1757         * dom/DynamicNodeList.h:
1758         (WebCore::DynamicNodeListCacheBase::shouldInvalidateTypeOnAttributeChange):
1759
1760 2012-07-13  Pierre Rossi  <pierre.rossi@gmail.com>
1761
1762         [Qt] Improve the mobile theme slightly
1763         https://bugs.webkit.org/show_bug.cgi?id=90806
1764
1765         Reviewed by Kenneth Rohde Christiansen.
1766
1767         Improve drawing of the mobile theme's controls' background.
1768
1769         Ensure the focus ring never appears with the mobile theme, since it
1770         looks bad in combination with the highlights.
1771
1772         No new tests. The painting code from the mobile theme is still
1773         not covered specifically (it will when we revive pixel tests).
1774
1775         * platform/qt/RenderThemeQtMobile.cpp:
1776         (WebCore):
1777         (WebCore::addPointToOctants): Added. This is simply a helper to avoid
1778             doing too much duplicate work in drawControlBackground.
1779         (WebCore::drawControlBackground): Rely on the octant logic added above
1780             and take the opportunity to increase the granularity.
1781         (WebCore::borderPen):
1782         (WebCore::StylePainterMobile::findLineEdit):
1783         (WebCore::RenderThemeQtMobile::adjustTextFieldStyle):
1784         * platform/qt/RenderThemeQtMobile.h:
1785         (RenderThemeQtMobile):
1786         (WebCore::RenderThemeQtMobile::supportsFocusRing):
1787
1788 2012-07-13  Julien Chaffraix  <jchaffraix@webkit.org>
1789
1790         Remove an always-failing table-wrapping check in RenderObject::addChild
1791         https://bugs.webkit.org/show_bug.cgi?id=91286
1792
1793         Reviewed by Eric Seidel.
1794
1795         Due to the structure of the code, this test is always failing (newChild->isTableCell()
1796         is true to get in the branch).
1797
1798         The changeset adding the code didn't add testing so I poundered adding the mentioned test,
1799         which is passing. However the test would need to be blindly changed to be included in our
1800         test harness. I would also expect this code to be exercised by other table tests anyway.
1801
1802         * rendering/RenderObject.cpp:
1803         (WebCore::RenderObject::addChild):
1804         Removed never-reached branch. While at it, removed a 'what' comment in the same file.
1805
1806 2012-07-13  Emil A Eklund  <eae@chromium.org>
1807
1808         Use LayoutBoxExtent for image outsets
1809         https://bugs.webkit.org/show_bug.cgi?id=91166
1810
1811         Reviewed by Tony Chang.
1812
1813         Change RenderStyle and calling code to use LayoutBoxExtent for image
1814         outsets and remove text direction and writing mode versions of the
1815         outline getters from RenderStyle as LayoutBoxExtent provides the same
1816         functionality.
1817
1818         No new tests, no change in functionality.
1819
1820         * platform/graphics/FractionalLayoutBoxExtent.h:
1821         * platform/graphics/FractionalLayoutBoxExtent.cpp:
1822         (WebCore::FractionalLayoutBoxExtent::logicalTop):
1823         (WebCore::FractionalLayoutBoxExtent::logicalBottom):
1824         Add logicalTop and logicalBottom methods to go with the existing
1825         logicalLeft and logicalRight ones.
1826
1827         * platform/graphics/FractionalLayoutRect.h:
1828         (WebCore::FractionalLayoutRect::expand):
1829         Add FractionalLayoutBoxExtent version of expand method.
1830
1831         * rendering/InlineFlowBox.cpp:
1832         (WebCore::InlineFlowBox::addBorderOutsetVisualOverflow):
1833         Change implementation to use the new FractionalLayoutBoxExtent version of
1834         borderImageOutsets and the logicalTop/Bottom/Left/Right methods.
1835         
1836         (WebCore::clipRectForNinePieceImageStrip):
1837         Change implementation to use the new FractionalLayoutBoxExtent version of
1838         borderImageOutsets.
1839         
1840         * rendering/RenderBox.cpp:
1841         (WebCore::RenderBox::maskClipRect):
1842         Change implementation to use the new FractionalLayoutBoxExtent version of
1843         borderImageOutsets and the new FractionalLayoutRect::expand method.
1844         
1845         (WebCore::RenderBox::addVisualEffectOverflow):
1846         Change implementation to use the new FractionalLayoutBoxExtent version of
1847         borderImageOutsets.
1848         
1849         * rendering/RenderBoxModelObject.cpp:
1850         (WebCore::RenderBoxModelObject::paintNinePieceImage):
1851         Change implementation to use the new FractionalLayoutBoxExtent version of
1852         borderImageOutsets and the new FractionalLayoutRect::expand method.
1853
1854         * rendering/style/RenderStyle.h:
1855         * rendering/style/RenderStyle.cpp:
1856         (WebCore::RenderStyle::imageOutsets):
1857         Change getImageOutsets to return a FractionalLayoutBoxExtent object and
1858         rename to imageOutsets to match the webkit naming convention for getters.
1859
1860         Remove getBorderImageHorizontalOutsets, getBorderImageVerticalOutsets,
1861         getBorderImageInlineDirectionOutsets, getImageHorizontalOutsets,
1862         getImageVerticalOutsets and getBorderImageBlockDirectionOutsets methods
1863         as the same functionality is provided by FractionalLayoutBoxExtent.
1864
1865 2012-07-13  David Hyatt  <hyatt@apple.com>
1866
1867         https://bugs.webkit.org/show_bug.cgi?id=91278
1868         Improve block margin estimation function to account for not having a layout and for quirks mode
1869         
1870         Reviewed by Simon Fraser.
1871
1872         * rendering/RenderBlock.cpp:
1873         (WebCore::RenderBlock::marginBeforeEstimateForChild):
1874         Revise marginBeforeEstimateForChild so that it computes block margins for the grandchild before
1875         recurring. This includes the quirks margin information as well. This ensures that the margins are
1876         up-to-date when checked, even before the object has had its first layout.
1877         
1878         * rendering/RenderBlock.h:
1879         (WebCore::RenderBlock::setMarginStartForChild):
1880         (WebCore::RenderBlock::setMarginEndForChild):
1881         (WebCore::RenderBlock::setMarginBeforeForChild):
1882         (WebCore::RenderBlock::setMarginAfterForChild):
1883         * rendering/RenderBox.cpp:
1884         (WebCore::RenderBox::computeBlockDirectionMargins):
1885         * rendering/RenderBox.h:
1886         (RenderBox):
1887         Add consts in order to compile.
1888
1889 2012-07-13  Ryosuke Niwa  <rniwa@webkit.org>
1890
1891         NodeLists should not invalidate on irreleavnt attribute changes
1892         https://bugs.webkit.org/show_bug.cgi?id=91277
1893
1894         Reviewed by Ojan Vafai.
1895
1896         Explicitely check the invalidation type and the changed attribute in NodeListNodeData::invalidateCaches
1897         and ElementRareData::clearHTMLCollectionCaches to only invalidate node lists affected by the change.
1898
1899         Also merged invalidateNodeListsCacheAfterAttributeChanged and invalidateNodeListsCacheAfterChildrenChanged
1900         as invalidateNodeListCachesInAncestors since they're almost identical after r122498.
1901
1902         In addition, moved shouldInvalidateNodeListForType from Document.cpp to DynamicNodeList.h and renamed it to
1903         shouldInvalidateTypeOnAttributeChange since it needs to called in Node.cpp and ElementRareData.h.
1904
1905         * dom/Attr.cpp:
1906         (WebCore::Attr::setValue):
1907         (WebCore::Attr::childrenChanged):
1908         * dom/ContainerNode.cpp:
1909         (WebCore::ContainerNode::childrenChanged):
1910         * dom/Document.cpp:
1911         (WebCore::Document::registerNodeListCache): Calls isRootedAtDocument() instead of directly comparing
1912         the value of NodeListRootType in order to prepare for the bug 80269.
1913         (WebCore::Document::unregisterNodeListCache): Ditto.
1914         (WebCore): shouldInvalidateNodeListForType is moved to DynamicNodeList.h
1915         (WebCore::Document::shouldInvalidateNodeListCaches):
1916         * dom/DynamicNodeList.h:
1917         (DynamicNodeListCacheBase):
1918         (WebCore::DynamicNodeListCacheBase::shouldInvalidateTypeOnAttributeChange): Moved from Document.cpp.
1919         * dom/Element.cpp: 
1920         (WebCore::Element::attributeChanged):
1921         * dom/ElementRareData.h:
1922         (WebCore::ElementRareData::clearHTMLCollectionCaches): Takes const QualifiedName* to compare against
1923         the invalidation type of HTML collections via shouldInvalidateTypeOnAttributeChange.
1924         * dom/Node.cpp:
1925         (WebCore::Node::invalidateNodeListCachesInAncestors): Merged invalidateNodeListCachesInAncestors and
1926         invalidateNodeListsCacheAfterChildrenChanged. Also pass attrName to clearHTMLCollectionCaches.
1927         (WebCore::NodeListsNodeData::invalidateCaches): Compares attrName against the invalidation type of
1928         node lists via shouldInvalidateTypeOnAttributeChange.
1929         (WebCore):
1930         * dom/Node.h:
1931         (Node):
1932         * dom/NodeRareData.h:
1933         (WebCore::NodeRareData::ensureNodeLists): Merged NodeRareData::createNodeLists.
1934         (WebCore::NodeRareData::clearChildNodeListCache): Moved from Node.cpp.
1935         (NodeRareData):
1936         * html/HTMLCollection.h:
1937         (HTMLCollectionCacheBase):
1938
1939 2012-07-13  Arpita Bahuguna  <arpitabahuguna@gmail.com>
1940
1941         Refactor RenderTable to use the section's iteration functions.
1942         https://bugs.webkit.org/show_bug.cgi?id=89751
1943
1944         Reviewed by Julien Chaffraix.
1945
1946         Removing anti-pattern wherever possible from RenderTable code. Also, modifying
1947         RenderTable sections' iterations to use helper functions.
1948
1949         No new tests required for this change since no change in behavior is expected.
1950
1951         * rendering/RenderTable.cpp:
1952         (WebCore::RenderTable::addOverflowFromChildren):
1953         (WebCore::RenderTable::setCellLogicalWidths):
1954         (WebCore::RenderTable::outerBorderStart):
1955         (WebCore::RenderTable::outerBorderEnd):
1956         Removed anti-patterns involving iterations over RenderObjects.
1957
1958         (WebCore::RenderTable::outerBorderAfter):
1959         Modified RenderTable sections' iteration to use helper functions.
1960
1961 2012-07-13  Enrica Casucci  <enrica@apple.com>
1962
1963         Threadsafety issues in WebScriptObject
1964         https://bugs.webkit.org/show_bug.cgi?id=90849
1965
1966         Reviewed by Geoff Garen.
1967
1968         Updated fix for this bug. The JSC API lock needs to be acquired also in JSObject.
1969
1970         * bindings/objc/WebScriptObject.mm:
1971         (-[WebScriptObject JSObject]):
1972
1973 2012-07-13  Raymond Toy  <rtoy@google.com>
1974
1975         DelayNode doesn't work if delayTime.value == delayTime.maxValue
1976         https://bugs.webkit.org/show_bug.cgi?id=90357
1977
1978         Reviewed by Kenneth Russell.
1979
1980         Increase delay buffer size slightly so that the read and write
1981         pointers don't become equal when the delay and the max delay are
1982         the same.
1983         
1984         Tests: webaudio/delaynode-max-default-delay.html
1985                webaudio/delaynode-max-nondefault-delay.html
1986
1987         * Modules/webaudio/DelayDSPKernel.cpp:
1988         (WebCore): Moved SmoothingTimeConstant to WebCore namespace.
1989         (WebCore::DelayDSPKernel::DelayDSPKernel): Add some additional checks to prevent crashes; use bufferLengthForDelay to compute buffer length.
1990         (WebCore::DelayDSPKernel::bufferLengthForDelay): New function to compute buffer length.
1991         * Modules/webaudio/DelayDSPKernel.h:
1992         (DelayDSPKernel): Declare bufferLengthForDelay. 
1993
1994 2012-07-13  Benjamin Poulain  <bpoulain@apple.com>
1995
1996         Always aggressively preload on iOS
1997         https://bugs.webkit.org/show_bug.cgi?id=91276
1998
1999         Reviewed by Simon Fraser.
2000
2001         * loader/cache/CachedResourceLoader.cpp:
2002         (WebCore::CachedResourceLoader::preload):
2003
2004 2012-07-13  Vineet Chaudhary  <rgf748@motorola.com>
2005
2006         Restructure V8Utilities::extractTransferables() with help of toV8Sequence()
2007         https://bugs.webkit.org/show_bug.cgi?id=91208
2008
2009         Reviewed by Kentaro Hara.
2010
2011         We can remove the specialised check for MessagePort from V8Utilities::extractTransferables()
2012         using toV8Sequence() as it validates the passed object for sequence type per WebIDL spec.
2013
2014         No new test as just refactoring.
2015         Existing tests under fast/dom/Window/window-* fast/dom/events/*
2016         covers tests.
2017
2018         * bindings/v8/V8Utilities.cpp:
2019         (WebCore::extractTransferables):
2020
2021 2012-07-13  Vincent Scheib  <scheib@chromium.org>
2022
2023         Pointer Lock handles disconnected DOM elements
2024         https://bugs.webkit.org/show_bug.cgi?id=77029
2025
2026         Reviewed by Adrienne Walker.
2027
2028         Pointer Lock Controller now checks when elements or documents are
2029         removed, and unlocks if the target element is being removed.
2030
2031         Tests: pointer-lock/locked-element-iframe-removed-from-dom.html
2032                pointer-lock/locked-element-removed-from-dom.html
2033
2034         * dom/Document.cpp:
2035         (WebCore::Document::detach):
2036         * dom/Element.cpp:
2037         (WebCore::Element::removedFrom):
2038         (WebCore::Element::webkitRequestPointerLock):
2039         * page/PointerLockController.cpp:
2040         (WebCore::PointerLockController::requestPointerLock):
2041         (WebCore::PointerLockController::elementRemoved):
2042         (WebCore):
2043         (WebCore::PointerLockController::documentDetached):
2044         (WebCore::PointerLockController::didLosePointerLock):
2045         (WebCore::PointerLockController::enqueueEvent):
2046         * page/PointerLockController.h:
2047         (WebCore):
2048         (PointerLockController):
2049
2050 2012-07-13  Ryosuke Niwa  <rniwa@webkit.org>
2051
2052         HTMLCollection should use DynamicNodeList's invalidation model
2053         https://bugs.webkit.org/show_bug.cgi?id=90326
2054
2055         Reviewed by Anders Carlsson.
2056
2057         Make HTMLCollection invalidated upon attribute and children changes instead of invalidating it on demand
2058         by comparing DOM tree versions. Node that HTMLCollections owned by Document are invalidated with other
2059         document-rooted node lists in m_listsInvalidatedAtDocument for simplicity although this mechanism is
2060         normally used for node lists owned by a non-Document node that contains nodes outside of its subtree.
2061         ItemProperties and FormControls are more "traditional" users of the mechanism.
2062
2063         Also, merged DynamicNodeList::invalidateCache and HTMLCollection::invalidateCache.
2064
2065         * dom/Document.cpp:
2066         (WebCore::Document::registerNodeListCache): Renamed. No longer takes NodeListInvalidationType or
2067         NodeListRootType since they can be obtained from the cache base. Increment the node list counter for
2068         InvalidateOnIdNameAttrChange when a HTMLCollection is passed in since all HTMLCollections need to be
2069         invalidated on id or name content attribute changes due to named getters.
2070         (WebCore::Document::unregisterNodeListCache): Ditto.
2071         (WebCore::shouldInvalidateNodeListForType):
2072         (WebCore::Document::shouldInvalidateNodeListCaches):
2073         (WebCore::Document::clearNodeListCaches):
2074         * dom/Document.h:
2075         (WebCore): Added InvalidateOnIdNameAttrChange, InvalidateOnHRefAttrChange, and InvalidateOnAnyAttrChange.
2076         (Document):
2077         * dom/DynamicNodeList.cpp:
2078         (WebCore::DynamicNodeListCacheBase::invalidateCache): Added. Invalidates caches of both DynamicNodeList
2079         and HTMLCollection. We can't afford to use virtual function calls here because this function is called on
2080         all node lists and HTML collections owned by ancestors of an element under which a node is added, removed,
2081         or its attributes are changed.
2082         (WebCore):
2083         * dom/DynamicNodeList.h:
2084         (WebCore::DynamicNodeListCacheBase::DynamicNodeListCacheBase): Initializes member variables directly
2085         instead of calling clearCache now that DynamicNodeListCacheBase::invalidateCache has become polymorphic.
2086         (DynamicNodeListCacheBase): Increased the number of bits for m_invalidationType since we now have 9
2087         invalidation types.
2088         (WebCore::DynamicSubtreeNodeList::~DynamicSubtreeNodeList):
2089         (WebCore::DynamicSubtreeNodeList::DynamicSubtreeNodeList):
2090         * dom/ElementRareData.h:
2091         (ElementRareData):
2092         (WebCore::ElementRareData::clearHTMLCollectionCaches): Added.
2093         (WebCore::ElementRareData::adoptTreeScope): Added; similar to NodeRareData::adoptTreeScope.
2094         * dom/Node.cpp:
2095         (WebCore::Node::invalidateNodeListsCacheAfterAttributeChanged): Clears HTML collection caches as well as
2096         node list caches.
2097         (WebCore::Node::invalidateNodeListsCacheAfterChildrenChanged): Ditto.
2098         * dom/NodeRareData.h:
2099         (WebCore::NodeListsNodeData::adoptTreeScope):
2100         * dom/TreeScopeAdopter.cpp:
2101         (WebCore::TreeScopeAdopter::moveTreeToNewScope): Calls ElementRareData's adoptTreeScope as well as
2102         NodeRareData's.
2103         * html/HTMLAllCollection.cpp:
2104         (WebCore::HTMLAllCollection::namedItemWithIndex):
2105         * html/HTMLCollection.cpp:
2106         (WebCore::rootTypeFromCollectionType): Added. As mentioned above, treat all Document-owned HTML collection
2107         as if rooted at document for convenience.
2108         (WebCore::invalidationTypeExcludingIdAndNameAttributes): Added. Since all HTML collection requires
2109         invalidation on id and name content attribute changes, which is taken care by the special logic in
2110         Document::registerNodeListCache, exclude those two attributes from consideration.
2111         (WebCore::HTMLCollection::HTMLCollection): Calls Document::registerNodeListCache.
2112         (WebCore::HTMLCollection::~HTMLCollection): Calls Document::unregisterNodeListCache.
2113         (WebCore::HTMLCollection::length):
2114         (WebCore::HTMLCollection::item):
2115         (WebCore::HTMLCollection::namedItem):
2116         (WebCore::HTMLCollection::updateNameCache):
2117         * html/HTMLCollection.h:
2118         (WebCore::HTMLCollectionCacheBase::HTMLCollectionCacheBase):
2119         (HTMLCollectionCacheBase): Removed m_cacheTreeVersion and clearCache since they're no longer used.
2120         (HTMLCollection):
2121         * html/HTMLFormCollection.cpp:
2122         (WebCore::HTMLFormCollection::namedItem):
2123         (WebCore::HTMLFormCollection::updateNameCache):
2124         * html/HTMLOptionsCollection.h:
2125         (HTMLOptionsCollection):
2126         * html/HTMLPropertiesCollection.cpp:
2127         (WebCore::HTMLPropertiesCollection::updateNameCache):
2128         * html/HTMLPropertiesCollection.h:
2129         (WebCore::HTMLPropertiesCollection::invalidateCache):
2130
2131 2012-07-13  Shawn Singh  <shawnsingh@chromium.org>
2132
2133         [chromium] Remove incorrect debug assertion in LayerRendererChromium.cpp
2134         https://bugs.webkit.org/show_bug.cgi?id=91260
2135
2136         Reviewed by Adrienne Walker.
2137
2138         ASSERT(!clipped) was being triggered after skinny almost-degenerate
2139         quads went through anti-aliasing inflation, and then were being
2140         transformed back from device space to local space. It turns out
2141         this assertion is too aggressive, and we don't yet have an obvious
2142         need to change the behavior on the clipped==true case.
2143
2144         No new tests needed, this patch fixes only comments and debug code.
2145
2146         * platform/graphics/chromium/LayerRendererChromium.cpp:
2147         (WebCore::LayerRendererChromium::drawRenderPassQuad):
2148            fixed a comment.
2149
2150         (WebCore::LayerRendererChromium::drawTileQuad):
2151            fixed a similar comment, removed unnecessary assertion.
2152
2153 2012-07-13  Philip Rogers  <pdr@google.com>
2154
2155         Remove assert in localCoordinateSpaceTransform()
2156         https://bugs.webkit.org/show_bug.cgi?id=91189
2157
2158         Reviewed by Nikolas Zimmermann.
2159
2160         The assert in localCoordinateSpaceTransform was added to catch subclasses forgetting
2161         to override the method but it is better to simply return the identity matrix.
2162
2163         This scenario can occur when we break the SVG content model, such as asking for
2164         the CTM of a <g> element inside a <tspan>. This is undefined in the spec because
2165         tspan is not a subclass of SVGLocatable but both Firefox and Opera
2166         implement this by returning the identity matrix.
2167
2168         Test: svg/custom/invalid-ctm.svg
2169
2170         * svg/SVGStyledElement.cpp:
2171         (WebCore::SVGStyledElement::localCoordinateSpaceTransform):
2172
2173 2012-07-13  Kentaro Hara  <haraken@chromium.org>
2174
2175         [V8] String wrappers should be marked Independent
2176         https://bugs.webkit.org/show_bug.cgi?id=91251
2177
2178         Reviewed by Adam Barth.
2179
2180         Currently V8 String wrappers are not marked Independent.
2181         By marking them Independent, they can be reclaimed by the scavenger GC.
2182
2183         I tried to find some cases where this change reduces memory usage,
2184         but couldn't due to sensitive behavior of GC.
2185
2186         No tests. No change in behavior.
2187
2188         * bindings/v8/V8Binding.cpp:
2189         (WebCore::StringCache::v8ExternalStringSlow):
2190
2191 2012-07-13  Peter Beverloo  <peter@chromium.org>
2192
2193         [Chromium] Make the v8 i18n API dependency conditional for Android, disable strict aliasing
2194         https://bugs.webkit.org/show_bug.cgi?id=91240
2195
2196         Reviewed by Adam Barth.
2197
2198         Disable the v8 internationalization API for Chromium Android, as it's
2199         disabled and not always available in checkouts. Furthermore, disable
2200         strict aliasing for the webkit_remaining target, similar to what
2201         x11-based builds are doing (see the webcore_prerequisites target).
2202
2203         * WebCore.gyp/WebCore.gyp:
2204
2205 2012-07-13  Kentaro Hara  <haraken@chromium.org>
2206
2207         [CallWith=XXX] arguments should be placed at the head of method arguments
2208         https://bugs.webkit.org/show_bug.cgi?id=91217
2209
2210         Reviewed by Adam Barth.
2211
2212         The EFL build with the ENABLE_FILE_SYSTEM flag caused a build error,
2213         because CodeGeneratorJS.pm assumes webkitEntries(ScriptExecutionContext*, HTMLInputElement*)
2214         but the actual signature is webkitEntries(HTMLInputElement*, ScriptExecutionContext*) (bug 91185).
2215
2216         Per https://trac.webkit.org/wiki/WebKitIDL#CallWith, [CallWith=XXX] arguments should be placed
2217         at the head of the arguments. (i.e. the behavior of CodeGeneratorJS.pm is correct.)
2218
2219         Thus the correct fix is (1) to change the signature of webkitEntries() and webkitGetAsEntry()
2220         so that ScriptExecutionContext* comes first and (2) to modify CodeGeneratorV8.pm to support the order.
2221
2222         Test: bindings/scripts/test/TestObj.idl
2223
2224         * Modules/filesystem/DataTransferItemFileSystem.h: Placed ScriptExecutionContext* at the head of arguments.
2225         (DataTransferItemFileSystem):
2226         * Modules/filesystem/HTMLInputElementFileSystem.cpp: Ditto.
2227         (WebCore::HTMLInputElementFileSystem::webkitEntries):
2228         * Modules/filesystem/HTMLInputElementFileSystem.h: Ditto.
2229         (HTMLInputElementFileSystem):
2230         * Modules/filesystem/chromium/DataTransferItemFileSystemChromium.cpp: Ditto.
2231         (WebCore::DataTransferItemFileSystem::webkitGetAsEntry):
2232
2233         * bindings/scripts/CodeGeneratorV8.pm: Modified to support the correct order.
2234         (GenerateNormalAttrGetter):
2235         (GenerateNormalAttrSetter):
2236         (GenerateFunctionCallString):
2237
2238         * bindings/scripts/test/V8/V8TestInterface.cpp: Updated run-bindings-tests results.
2239         (WebCore::TestInterfaceV8Internal::supplementalMethod2Callback):
2240
2241 2012-07-13  Mary Wu  <mary.wu@torchmobile.com.cn>
2242
2243         [BlackBerry] Some small changes in network code
2244         https://bugs.webkit.org/show_bug.cgi?id=90974
2245
2246         Reviewed by Rob Buis.
2247
2248         1. Set status in NetworkJob/SocketStreamHandleBlackBerry so that
2249         its wrapped stream can also query the stream result.
2250         2. pass download attribute to NetworkRequest.
2251
2252         RIM PR# 171555
2253         Reviewed internally by Lyon Chen and Joe Mason.
2254
2255         * platform/network/blackberry/NetworkJob.cpp:
2256         (WebCore::NetworkJob::handleNotifyClose):
2257         * platform/network/blackberry/NetworkJob.h:
2258         (WebCore::NetworkJob::status):
2259         * platform/network/blackberry/ResourceRequestBlackBerry.cpp:
2260         (WebCore::platformTargetTypeForRequest):
2261         * platform/network/blackberry/SocketStreamHandle.h:
2262         (WebCore::SocketStreamHandle::status):
2263         (SocketStreamHandle):
2264         * platform/network/blackberry/SocketStreamHandleBlackBerry.cpp:
2265         (WebCore::SocketStreamHandle::notifyStatusReceived):
2266         (WebCore::SocketStreamHandle::notifyClose):
2267
2268 2012-07-13  Vsevolod Vlasov  <vsevik@chromium.org>
2269
2270         Web Inspector: Remove uiSourceCode from Resource.
2271         https://bugs.webkit.org/show_bug.cgi?id=91201
2272
2273         Reviewed by Pavel Feldman.
2274
2275         Removed Resource._uiSourceCode field as it is not used anymore.
2276
2277         * inspector/front-end/Resource.js:
2278         (WebInspector.Resource.prototype.isHidden):
2279         * inspector/front-end/UISourceCode.js:
2280         (WebInspector.UISourceCode):
2281
2282 2012-07-13  Sheriff Bot  <webkit.review.bot@gmail.com>
2283
2284         Unreviewed, rolling out r122450 and r122580.
2285         http://trac.webkit.org/changeset/122450
2286         http://trac.webkit.org/changeset/122580
2287         https://bugs.webkit.org/show_bug.cgi?id=91263
2288
2289         Caused multiple regressions on ClusterFuzz (Requested by
2290         inferno-sec on #webkit).
2291
2292         * bindings/js/ScriptWrappable.h:
2293         (WebCore::ScriptWrappable::reportMemoryUsage):
2294         * bindings/v8/DOMDataStore.cpp:
2295         (WebCore::DOMDataStore::reportMemoryUsage):
2296         * bindings/v8/IntrusiveDOMWrapperMap.h:
2297         (WebCore::ChunkedTable::reportMemoryUsage):
2298         * bindings/v8/ScriptWrappable.h:
2299         (WebCore::ScriptWrappable::reportMemoryUsage):
2300         * bindings/v8/V8Binding.cpp:
2301         (WebCore::V8BindingPerIsolateData::reportMemoryUsage):
2302         (WebCore::StringCache::reportMemoryUsage):
2303         * bindings/v8/V8DOMMap.h:
2304         * css/PropertySetCSSStyleDeclaration.cpp:
2305         (WebCore::InlineCSSStyleDeclaration::ensureMutablePropertySet):
2306         * css/StylePropertySet.cpp:
2307         * css/StylePropertySet.h:
2308         (WebCore::StylePropertySet::reportMemoryUsage):
2309         * dom/CharacterData.cpp:
2310         (WebCore::CharacterData::reportMemoryUsage):
2311         * dom/ContainerNode.h:
2312         (WebCore::ContainerNode::reportMemoryUsage):
2313         * dom/Document.cpp:
2314         (WebCore::Document::reportMemoryUsage):
2315         * dom/Element.cpp:
2316         (WebCore::Element::detachAttribute):
2317         (WebCore::Element::removeAttribute):
2318         (WebCore::Element::attributes):
2319         (WebCore::Element::setAttributeInternal):
2320         (WebCore::Element::parserSetAttributes):
2321         (WebCore::Element::hasEquivalentAttributes):
2322         (WebCore::Element::createAttributeData):
2323         (WebCore):
2324         (WebCore::Element::setAttributeNode):
2325         (WebCore::Element::removeAttributeNode):
2326         (WebCore::Element::getAttributeNode):
2327         (WebCore::Element::getAttributeNodeNS):
2328         (WebCore::Element::hasAttribute):
2329         (WebCore::Element::hasAttributeNS):
2330         (WebCore::Element::normalizeAttributes):
2331         (WebCore::Element::cloneAttributesFromElement):
2332         * dom/Element.h:
2333         (WebCore::Element::attributeData):
2334         (Element):
2335         (WebCore::Element::reportMemoryUsage):
2336         (WebCore::Element::ensureAttributeData):
2337         (WebCore::Element::updatedAttributeData):
2338         (WebCore::Element::ensureUpdatedAttributeData):
2339         * dom/ElementAttributeData.cpp:
2340         (WebCore::ElementAttributeData::attrIfExists):
2341         (WebCore::ElementAttributeData::ensureAttr):
2342         (WebCore::ElementAttributeData::setAttr):
2343         (WebCore::ElementAttributeData::removeAttr):
2344         (WebCore::ElementAttributeData::setClass):
2345         (WebCore):
2346         (WebCore::ElementAttributeData::ensureInlineStyle):
2347         (WebCore::ElementAttributeData::ensureMutableInlineStyle):
2348         (WebCore::ElementAttributeData::destroyInlineStyle):
2349         (WebCore::ElementAttributeData::addAttribute):
2350         (WebCore::ElementAttributeData::removeAttribute):
2351         (WebCore::ElementAttributeData::isEquivalent):
2352         (WebCore::ElementAttributeData::detachAttrObjectsFromElement):
2353         (WebCore::ElementAttributeData::getAttributeItemIndexSlowCase):
2354         (WebCore::ElementAttributeData::cloneDataFrom):
2355         (WebCore::ElementAttributeData::clearAttributes):
2356         (WebCore::ElementAttributeData::replaceAttribute):
2357         (WebCore::ElementAttributeData::getAttributeNode):
2358         * dom/ElementAttributeData.h:
2359         (WebCore::ElementAttributeData::create):
2360         (ElementAttributeData):
2361         (WebCore::ElementAttributeData::setIdForStyleResolution):
2362         (WebCore::ElementAttributeData::setAttributeStyle):
2363         (WebCore::ElementAttributeData::length):
2364         (WebCore::ElementAttributeData::isEmpty):
2365         (WebCore::ElementAttributeData::attributeItem):
2366         (WebCore::ElementAttributeData::getAttributeItem):
2367         (WebCore::ElementAttributeData::reportMemoryUsage):
2368         (WebCore::ElementAttributeData::ElementAttributeData):
2369         (WebCore::ElementAttributeData::attributeVector):
2370         (WebCore::ElementAttributeData::clonedAttributeVector):
2371         (WebCore::ElementAttributeData::removeAttribute):
2372         (WebCore::ElementAttributeData::getAttributeItemIndex):
2373         * dom/MemoryInstrumentation.h:
2374         (MemoryInstrumentation):
2375         (MemoryObjectInfo):
2376         (WebCore::MemoryObjectInfo::reportInstrumentedPointer):
2377         (WebCore::MemoryObjectInfo::reportPointer):
2378         (WebCore::MemoryObjectInfo::reportInstrumentedObject):
2379         (WebCore::MemoryObjectInfo::reportObject):
2380         (WebCore::MemoryObjectInfo::reportObjectInfo):
2381         (WebCore::MemoryObjectInfo::reportHashMap):
2382         (WebCore::MemoryObjectInfo::reportHashSet):
2383         (WebCore::MemoryObjectInfo::reportListHashSet):
2384         (WebCore::MemoryObjectInfo::reportVector):
2385         (WebCore::MemoryObjectInfo::reportString):
2386         (WebCore::MemoryObjectInfo::objectType):
2387         (WebCore::MemoryObjectInfo::objectSize):
2388         (WebCore::MemoryObjectInfo::memoryInstrumentation):
2389         * dom/Node.cpp:
2390         (WebCore::Node::reportMemoryUsage):
2391         * dom/QualifiedName.h:
2392         (WebCore::QualifiedName::QualifiedNameImpl::reportMemoryUsage):
2393         (WebCore::QualifiedName::reportMemoryUsage):
2394         * dom/StyledElement.cpp:
2395         (WebCore::StyledElement::style):
2396         (WebCore::StyledElement::classAttributeChanged):
2397         (WebCore::StyledElement::setInlineStyleProperty):
2398         (WebCore::StyledElement::removeInlineStyleProperty):
2399         (WebCore::StyledElement::addSubresourceAttributeURLs):
2400         * dom/StyledElement.h:
2401         (WebCore::StyledElement::ensureInlineStyle):
2402         * html/parser/HTMLConstructionSite.cpp:
2403         (WebCore::HTMLConstructionSite::createHTMLElementFromSavedElement):
2404         * platform/TreeShared.h:
2405         (WebCore::TreeShared::reportMemoryUsage):
2406         * xml/parser/XMLDocumentParserQt.cpp:
2407         (WebCore::XMLDocumentParser::XMLDocumentParser):
2408
2409 2012-07-13  Huang Dongsung  <luxtella@company100.net>
2410
2411         Remove down-casting to BitmapImage in GraphicsContext::drawImage.
2412         https://bugs.webkit.org/show_bug.cgi?id=90755
2413
2414         Reviewed by Simon Fraser.
2415
2416         Add a BitmapImage draw method which takes RespectImageOrientationEnum enum as
2417         the last argument for CG. Then we can remove the conditional down-casting in
2418         GraphicsContext::drawImage.
2419
2420         This change is needed for parallel image decoders. Because parallel image
2421         decoders use a Bitmap image wrapper class which extends Image (not Bitmap), the
2422         down-casting above causes the loss of RespectImageOrientationEnum which must be
2423         passed to BitmapImage.
2424
2425         No new tests, no behavior change.
2426
2427         * platform/graphics/BitmapImage.cpp:
2428         * platform/graphics/BitmapImage.h:
2429         * platform/graphics/GraphicsContext.cpp:
2430         (WebCore::GraphicsContext::drawImage):
2431         * platform/graphics/Image.cpp:
2432         (WebCore::Image::draw):
2433         (WebCore):
2434         * platform/graphics/Image.h:
2435         (Image):
2436
2437 2012-07-13  Lauro Neto  <lauro.neto@openbossa.org>
2438
2439         Fix QtWebKit build with OpenGLES after GC3D/E3D refactor
2440         https://bugs.webkit.org/show_bug.cgi?id=91156
2441
2442         Reviewed by Noam Rosenthal.
2443
2444         Adds several build fixes.
2445
2446         * platform/graphics/GraphicsContext3D.h:
2447             Use E3DOpenGLES instead of previously removed E3DQt.
2448
2449         * platform/graphics/OpenGLESShims.h:
2450             Enable defines for Qt.
2451
2452         * platform/graphics/opengl/Extensions3DOpenGLES.cpp:
2453         (WebCore::Extensions3DOpenGLES::blitFramebuffer):
2454         (WebCore):
2455         (WebCore::Extensions3DOpenGLES::renderbufferStorageMultisample):
2456         (WebCore::Extensions3DOpenGLES::copyTextureCHROMIUM):
2457             Added pure virtual stubs.
2458
2459         (WebCore::Extensions3DOpenGLES::supportsExtension):
2460             Remove PROC suffix. See bug #91130.
2461
2462         * platform/graphics/opengl/Extensions3DOpenGLES.h:
2463         (Extensions3DOpenGLES):
2464             Added pure virtual stubs.
2465
2466         * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
2467         (WebCore::GraphicsContext3D::reshapeFBOs):
2468             Readded missing function after removed in r122250.
2469
2470         (WebCore):
2471             Use PLATFORM(BLACKBERRY) guard around port-specific include.
2472
2473         * platform/graphics/qt/GraphicsContext3DQt.cpp:
2474             Added USE(OPENGL_ES_2) guard instead of always loading the OpenGL extensions.
2475
2476
2477 2012-07-13  Keishi Hattori  <keishi@webkit.org>
2478
2479         Form of FormAssociatedElement is not updated when id target changes.
2480         https://bugs.webkit.org/show_bug.cgi?id=91042
2481
2482         Reviewed by Kent Tamura.
2483
2484         Test: fast/forms/update-form-attribute-element.html
2485
2486         This patch introduces the IdTargetObserver and IdTargetObserverRegistry class.
2487         They can be used to be notified when the element that an id is pointing to (the id target)
2488         changes.
2489
2490         * CMakeLists.txt: Added IdTargetObserverRegistry.{h,cpp} and IdTargetObserver.{h,cpp}
2491         * GNUmakefile.list.am: Ditto.
2492         * Target.pri: Ditto.
2493         * WebCore.gypi: Ditto.
2494         * WebCore.vcproj/WebCore.vcproj: Ditto.
2495         * WebCore.xcodeproj/project.pbxproj: Ditto.
2496         * dom/DOMAllInOne.cpp:
2497         * dom/IdTargetObserver.cpp: Added. When you want notified of changes to an id target, you should create a new class that inherits this.
2498         (WebCore):
2499         (WebCore::IdTargetObserver::IdTargetObserver):
2500         (WebCore::IdTargetObserver::~IdTargetObserver):
2501         * dom/IdTargetObserver.h: Added.
2502         (WebCore):
2503         (IdTargetObserver):
2504         * dom/IdTargetObserverRegistry.cpp: Added.
2505         (WebCore):
2506         (WebCore::IdTargetObserverRegistry::create):
2507         (WebCore::IdTargetObserverRegistry::addObserver): Register an IdTargetObserver to observe an id target.
2508         (WebCore::IdTargetObserverRegistry::removeObserver): Unregisters an IdTargetObserver from observing.
2509         (WebCore::IdTargetObserverRegistry::notifyObserversInternal):
2510         * dom/IdTargetObserverRegistry.h: Added.
2511         (WebCore):
2512         (IdTargetObserverRegistry):
2513         (WebCore::IdTargetObserverRegistry::IdTargetObserverRegistry):
2514         (WebCore::IdTargetObserverRegistry::notifyObservers): Calls idTargetChanged on all observers for an id. Inlining first part of function for performance.
2515         * dom/TreeScope.cpp:
2516         (WebCore::TreeScope::TreeScope):
2517         (WebCore::TreeScope::addElementById): Calls IdTargetObserverRegistry::notifyObservers because the id target might have changed.
2518         (WebCore::TreeScope::removeElementById): Ditto.
2519         * dom/TreeScope.h:
2520         (WebCore):
2521         (WebCore::TreeScope::idTargetObserverRegistry):
2522         (TreeScope):
2523         * html/FormAssociatedElement.cpp: Observer for id targets defined by the form attribute.
2524         (WebCore::FormAssociatedElement::didMoveToNewDocument):
2525         (WebCore::FormAssociatedElement::insertedInto):
2526         (WebCore::FormAssociatedElement::removedFrom):
2527         (WebCore::FormAssociatedElement::formAttributeChanged):
2528         (WebCore::FormAssociatedElement::resetFormAttributeTargetObserver): Creates and sets up a new FormAttributeTargetObserver.
2529         (WebCore):
2530         (WebCore::FormAssociatedElement::formAttributeTargetChanged):
2531         (WebCore::FormAttributeTargetObserver::create):
2532         (WebCore::FormAttributeTargetObserver::FormAttributeTargetObserver):
2533         (WebCore::FormAttributeTargetObserver::idTargetChanged):
2534         * html/FormAssociatedElement.h:
2535         (FormAssociatedElement):
2536         * html/FormController.cpp:
2537         * html/FormController.h:
2538         (FormController):
2539         * html/HTMLFormElement.cpp:
2540         (WebCore::HTMLFormElement::removedFrom):
2541         (WebCore::HTMLFormElement::formElementIndexWithFormAttribute): Modified to take a range. It
2542         scans the range and returns the index to insert the element in m_associatedElement.
2543         (WebCore::HTMLFormElement::formElementIndex): Modified to only scan the elements in
2544         m_associatedElement that precede and follow the form element.
2545         * html/HTMLFormElement.h:
2546         (HTMLFormElement):
2547
2548 2012-07-13  Gabor Rapcsanyi  <rgabor@webkit.org>
2549
2550         Optimizing blend filter to ARM-NEON with intrinsics
2551         https://bugs.webkit.org/show_bug.cgi?id=90949
2552
2553         Reviewed by Zoltan Herczeg.
2554
2555         The feBlend SVG filter modes can be greatly fasten up with ARM-NEON since
2556         we are able to calculate with 2 pixels (8 channels) at the same time.
2557         The code is written with NEON intrinsics and it doesn't affect the
2558         general - it has the same behaviour as the original algorithm.
2559         With this NEON optimization the calculation is ~4.5 times faster for each mode.
2560
2561         Existing tests cover this issue.
2562
2563         * CMakeLists.txt:
2564         * GNUmakefile.list.am:
2565         * Target.pri:
2566         * WebCore.gypi:
2567         * WebCore.vcproj/WebCore.vcproj:
2568         * WebCore.xcodeproj/project.pbxproj:
2569         * platform/graphics/filters/FEBlend.cpp:
2570         (WebCore::FEBlend::platformApplyGeneric):
2571         (WebCore):
2572         (WebCore::FEBlend::platformApplySoftware):
2573         * platform/graphics/filters/FEBlend.h:
2574         (FEBlend):
2575         * platform/graphics/filters/arm/FEBlendNEON.h: Added.
2576         (WebCore):
2577         (FEBlendUtilitiesNEON):
2578         (WebCore::FEBlendUtilitiesNEON::div255): integer divison with 255
2579         (WebCore::FEBlendUtilitiesNEON::normal): calculate normal mode blending for two pixels
2580         (WebCore::FEBlendUtilitiesNEON::multiply): calculate multiply mode blending for two pixels
2581         (WebCore::FEBlendUtilitiesNEON::screen): calculate screen mode blending for two pixels
2582         (WebCore::FEBlendUtilitiesNEON::darken): calculate darken mode blending for two pixels
2583         (WebCore::FEBlendUtilitiesNEON::lighten): calculate lighten mode blending for two pixels
2584         (WebCore::FEBlend::platformApplyNEON):
2585
2586 2012-07-13  Ilya Tikhonovsky  <loislo@chromium.org>
2587
2588         Web Inspector: native memory instrumentation: extract instrumentation methods into MemoryClassInfo
2589         https://bugs.webkit.org/show_bug.cgi?id=91227
2590
2591         Reviewed by Pavel Feldman.
2592
2593         void Node::reportMemoryUsage(MemoryObjectInfo* memoryObjectInfo) const
2594         {
2595             MemoryClassInfo<Node> info(memoryObjectInfo, this, MemoryInstrumentation::DOM);
2596             info.visitBaseClass<ScriptWrappable>(this);
2597
2598             info.addMember(m_notInstrumentedPointer); // automatically detects poniter/reference
2599             info.addInstrumentedMember(m_next);
2600             info.addHashSet<MemoryInstrumentation::NonClass>(m_aHash);                // NonClass value_type (report only size of internal template structures)
2601             info.addHashSet<MemoryInstrumentation::NotInstrumentedClass>(m_aHashSet); // not instrumented value_type (use sizeof)
2602             info.addHashSet<MemoryInstrumentation::InstrumentedClass>(m_aHashSet);    // instrumented value_type (call visit)
2603         }
2604
2605         The change is covered by existing tests for native memory snapshot.
2606
2607         * bindings/v8/DOMDataStore.cpp:
2608         (WebCore::DOMDataStore::reportMemoryUsage):
2609         * bindings/v8/IntrusiveDOMWrapperMap.h:
2610         (WebCore::ChunkedTable::reportMemoryUsage):
2611         * bindings/v8/ScriptWrappable.h:
2612         (WebCore::ScriptWrappable::reportMemoryUsage):
2613         * bindings/v8/V8Binding.cpp:
2614         (WebCore::V8BindingPerIsolateData::reportMemoryUsage):
2615         (WebCore::StringCache::reportMemoryUsage):
2616         * bindings/v8/V8DOMMap.h:
2617         * css/StylePropertySet.h:
2618         (WebCore::StylePropertySet::reportMemoryUsage):
2619         * dom/CharacterData.cpp:
2620         (WebCore::CharacterData::reportMemoryUsage):
2621         * dom/ContainerNode.h:
2622         (WebCore::ContainerNode::reportMemoryUsage):
2623         * dom/Document.cpp:
2624         (WebCore::Document::reportMemoryUsage):
2625         * dom/Element.h:
2626         (WebCore::Element::reportMemoryUsage):
2627         * dom/ElementAttributeData.h:
2628         (WebCore::ElementAttributeData::reportMemoryUsage):
2629         * dom/MemoryInstrumentation.h:
2630         (MemoryInstrumentation):
2631         (WebCore::MemoryObjectInfo::objectType):
2632         (WebCore::MemoryObjectInfo::objectSize):
2633         (WebCore::MemoryObjectInfo::memoryInstrumentation):
2634         (MemoryObjectInfo):
2635         (WebCore::MemoryObjectInfo::reportObjectInfo):
2636         (WebCore):
2637         (MemoryClassInfo):
2638         (WebCore::MemoryClassInfo::MemoryClassInfo):
2639         (WebCore::MemoryClassInfo::visitBaseClass):
2640         (WebCore::MemoryClassInfo::reportInstrumentedPointer):
2641         (WebCore::MemoryClassInfo::reportInstrumentedObject):
2642         (WebCore::MemoryClassInfo::reportPointer):
2643         (WebCore::MemoryClassInfo::reportObject):
2644         (WebCore::MemoryClassInfo::reportHashMap):
2645         (WebCore::MemoryClassInfo::reportHashSet):
2646         (WebCore::MemoryClassInfo::reportListHashSet):
2647         (WebCore::MemoryClassInfo::reportVector):
2648         (WebCore::MemoryClassInfo::reportString):
2649         * dom/Node.cpp:
2650         (WebCore::Node::reportMemoryUsage):
2651         * dom/QualifiedName.h:
2652         (WebCore::QualifiedName::QualifiedNameImpl::reportMemoryUsage):
2653         (WebCore::QualifiedName::reportMemoryUsage):
2654         * platform/TreeShared.h:
2655         (WebCore::TreeShared::reportMemoryUsage):
2656
2657 2012-07-13  Pavel Feldman  <pfeldman@chromium.org>
2658
2659         Web Inspector: align scope filters
2660         https://bugs.webkit.org/show_bug.cgi?id=91213
2661
2662         Reviewed by Vsevolod Vlasov.
2663
2664         * inspector/front-end/elementsPanel.css:
2665         (.crumbs):
2666         * inspector/front-end/inspector.css:
2667         (.status-bar > div):
2668         (.scope-bar):
2669         (.scope-bar li):
2670         (.scope-bar li.all):
2671         * inspector/front-end/networkLogView.css:
2672
2673 2012-07-13  Peter Rybin  <peter.rybin@gmail.com>
2674
2675         Web Inspector: too many hardcoded strings in InspectorBackendDispatcher.
2676         https://bugs.webkit.org/show_bug.cgi?id=89198
2677
2678         Reviewed by Yury Semikhatsky.
2679
2680         Instead of generating error message string on every call (mostly for nothing),
2681         error message is generated deeper inside the handler and only command name
2682         is passed every time.
2683
2684         * inspector/CodeGeneratorInspector.py:
2685         (Generator.process_command):
2686
2687 2012-07-13  Joshua Netterfield  <jnetterfield@rim.com>
2688
2689         [BlackBerry] Update about:* pages
2690         https://bugs.webkit.org/show_bug.cgi?id=91121
2691
2692         Reviewed by Yong Li.
2693
2694         Update the about:config pages, and improve the aesthetics of the about:build, about:version, about:credits, about:memory, about:config, and similar pages.
2695
2696         No new tests, because there is no new funtionality.
2697
2698         * platform/network/blackberry/NetworkJob.cpp: Update the aesthetics of about:* pages
2699
2700 2012-07-13  Olivier Blin  <olivier.blin@softathome.com>
2701
2702         Fix checking for optional DeviceOrientationEvent.absolute in JSC bindings
2703         https://bugs.webkit.org/show_bug.cgi?id=91225
2704
2705         Reviewed by Steve Block.
2706
2707         This issue comes from r105036
2708
2709         * bindings/js/JSDeviceOrientationEventCustom.cpp:
2710         (WebCore::JSDeviceOrientationEvent::initDeviceOrientationEvent):
2711
2712 2012-07-13  Andrei Bucur  <abucur@adobe.com>
2713         [CSS Regions] Fix build for bug 89000
2714         https://bugs.webkit.org/show_bug.cgi?id=91215
2715
2716         Reviewed by Kentaro Hara.
2717
2718         Remove the unused variable m_state that was a leftover from a previous version of the patch.
2719
2720         Tests: No new tests, build fix.
2721
2722         * dom/WebKitNamedFlow.cpp:
2723         (WebCore::WebKitNamedFlow::WebKitNamedFlow):
2724         * dom/WebKitNamedFlow.h:
2725         (WebKitNamedFlow):
2726
2727 2012-07-13  Kenichi Ishibashi  <bashi@chromium.org>
2728
2729         [Chromium] Fix bugs in HarfBuzzShaper
2730         https://bugs.webkit.org/show_bug.cgi?id=90951
2731
2732         Reviewed by Tony Chang.
2733
2734         The current implementation has following problems:
2735         - Cannot render RTL text if the TextRun is divided into more than two
2736           HarfBuzzRun.
2737         - Script handling in TextRun partitioning is incorrect.
2738         - Inaccurate calculation of selection rect.
2739         - Wrong rendering position when the first glyph of the TextRun have
2740           non-zero offsets in terms of HarfBuzz.
2741
2742         To fix these problems I rewrote HarfBuzzShaper class. Here is the summary:
2743         - Divide the whole range of TextRun first, then shape them in visual
2744           order.
2745         - Divide TextRun in the same way of old-harfbuzz's
2746           hb_utf16_script_run_next().
2747         - Prefer float than int when calculating selection.
2748         - Adjust the drawing point after shaping.
2749
2750         Added tests covers the fix except for the last problem. The last problem will be covered
2751         by fast/text/international/complex-joining-using-gpos.html after chromium linux port switches
2752         to use HarfBuzzShaper.
2753
2754         Tests: fast/text/shaping/shaping-script-order.html
2755                fast/text/shaping/shaping-selection-rect.html
2756
2757         * platform/graphics/harfbuzz/FontHarfBuzz.cpp:
2758         (WebCore::Font::drawComplexText): Adjusts point after shaping.
2759         * platform/graphics/harfbuzz/ng/HarfBuzzShaper.cpp:
2760         (WebCore::HarfBuzzShaper::HarfBuzzRun::HarfBuzzRun):
2761         (WebCore):
2762         (WebCore::HarfBuzzShaper::HarfBuzzRun::applyShapeResult): Added.
2763         (WebCore::HarfBuzzShaper::HarfBuzzRun::setGlyphAndAdvance): Offsets are no longer needed.
2764         (WebCore::HarfBuzzShaper::HarfBuzzRun::xPositionForOffset): Calculates character offset based on advance.
2765         (WebCore::normalizeCharacters): Added.
2766         (WebCore::HarfBuzzShaper::HarfBuzzShaper):
2767         (WebCore::HarfBuzzShaper::~HarfBuzzShaper):
2768         (WebCore::HarfBuzzShaper::shape): Divides TextRun first, then shapes them.
2769         (WebCore::HarfBuzzShaper::adjustStartPoint): Added.
2770         (WebCore::HarfBuzzShaper::collectHarfBuzzRuns): Added.
2771         (WebCore::HarfBuzzShaper::shapeHarfBuzzRuns): Added.
2772         (WebCore::HarfBuzzShaper::setGlyphPositionsForHarfBuzzRun): Followed other changes.
2773         (WebCore::HarfBuzzShaper::selectionRect): Use float for calculating selection.
2774         * platform/graphics/harfbuzz/ng/HarfBuzzShaper.h:
2775         (HarfBuzzShaper): Holds the start index of character. Removed unnecessary variables.
2776         (WebCore::HarfBuzzShaper::HarfBuzzRun::create): Ditto.
2777         (HarfBuzzRun):
2778         (WebCore::HarfBuzzShaper::HarfBuzzRun::fontData): Added.
2779         (WebCore::HarfBuzzShaper::HarfBuzzRun::startIndex): Ditto.
2780         (WebCore::HarfBuzzShaper::HarfBuzzRun::glyphs): Ditto.
2781         (WebCore::HarfBuzzShaper::HarfBuzzRun::advances): Ditto.
2782
2783 2012-07-13  Kentaro Hara  <haraken@chromium.org>
2784
2785         Unreviewed, rolling out r122545.
2786         http://trac.webkit.org/changeset/122545
2787         https://bugs.webkit.org/show_bug.cgi?id=91185
2788
2789         We found that this was a wrong fix
2790
2791         * bindings/scripts/CodeGeneratorJS.pm:
2792         (GenerateImplementation):
2793
2794 2012-07-13  Kentaro Hara  <haraken@chromium.org>
2795
2796         Unreviewed, rolling out r122553.
2797         http://trac.webkit.org/changeset/122553
2798         https://bugs.webkit.org/show_bug.cgi?id=91198
2799
2800         We found that this was a wrong fix
2801
2802         * bindings/scripts/CodeGeneratorJS.pm:
2803         (GenerateImplementation):
2804
2805 2012-07-13  Kent Tamura  <tkent@chromium.org>
2806
2807         Change the timing of form state restore
2808         https://bugs.webkit.org/show_bug.cgi?id=89962
2809
2810         Reviewed by Hajime Morita.
2811
2812         For a preparation to fix a form identification problem (Bug 91209),
2813         restore controls states when the parsing of their owner forms is
2814         completed. For controls without owners, their states are restored when
2815         their parsing is completed as ever.
2816
2817         No new tests. This doesn't change observable behavior.
2818
2819         * html/FormController.cpp:
2820         (WebCore::ownerFormForState):
2821         Added. This code was used in formKey(), and restoreControlState*() use it.
2822         (WebCore::FormKeyGenerator::formKey): Use ownerFormForState(). No behavior change.
2823         (WebCore::FormController::restoreControlStateFor):
2824         Moved some code from HTMLFormControlElementWithState::finishParsingChildren().
2825         The difference is we don't resotre state if this control is owned by a form.
2826         (WebCore::FormController::restoreControlStateIn):
2827         Restore states of associated controls. This is called from
2828         finishParsingChildren() for <form>.
2829         * html/FormController.h:
2830         (FormController):
2831         - Declare restoreControlStateFor() and restoreControlStateIn().
2832         - Make takeStateForFormElement() private.
2833
2834         * html/FormAssociatedElement.cpp:
2835         (WebCore::FormAssociatedElement::isFormControlElementWithState):
2836         Added. The default implementation returns false.
2837         * html/FormAssociatedElement.h:
2838         (FormAssociatedElement):
2839         Added isFormControlElementWithState() for FormController::restoreControlStateIn().
2840         * html/HTMLFormControlElementWithState.cpp:
2841         (WebCore::HTMLFormControlElementWithState::finishParsingChildren):
2842         Some code was moved to FormController:restoreControlStateFor().
2843         (WebCore::HTMLFormControlElementWithState::isFormControlElementWithState):
2844         Added. Returns true.
2845         * html/HTMLFormControlElementWithState.h:
2846         (HTMLFormControlElementWithState): Declare isFormControlElementWithState().
2847         * html/HTMLFormElement.cpp:
2848         (WebCore::HTMLFormElement::finishParsingChildren):
2849         Added. Calls FormController::restoreControlStateIn().
2850         * html/HTMLFormElement.h:
2851         (HTMLFormElement): Declare finishParsingChildren().
2852
2853 2012-07-13  Kent Tamura  <tkent@chromium.org>
2854
2855         Make calendar pickers testable
2856         https://bugs.webkit.org/show_bug.cgi?id=84827
2857
2858         Reviewed by Hajime Morita.
2859
2860         WebCore:
2861         - Add PagePopupDriver, an interface to open/close a PagePopup.
2862         - Add setPagePopupDriver() to ChromeClient in order to inject a
2863         PagePopupDriver for testing.
2864
2865         Internals:
2866         Add MockPagePopupDriver, which creates a MockPagePopup, which creates a
2867         normal <iframe> in the top-level document, and load the popup content on
2868         it. MockPagePopupDriver is enabled by
2869         internals.settings.setEnableMockPagePopup(true).
2870
2871         Test: fast/forms/date/calendar-picker-appearance.html
2872
2873         * WebCore.gypi: Add new files.
2874         * WebCore.xcodeproj/project.pbxproj: Add files to make this buildable.
2875         * page/ChromeClient.h:
2876         (ChromeClient): Add function for PagePopupDriver.
2877         * loader/EmptyClients.h: Add empty implementations for PagePopupDriver functions.
2878         * page/PagePopupDriver.h: Added.
2879         (PagePopupDriver):
2880         (WebCore::PagePopupDriver::~PagePopupDriver):
2881
2882         * testing/InternalSettings.cpp:
2883         (WebCore::InternalSettings::Backup::restoreTo): Reset the mock PagePopupDriver.
2884         (WebCore::InternalSettings::setEnableMockPagePopup):
2885         Register MockPagePopupDriver to ChromeClient.
2886         * testing/InternalSettings.h:
2887         (InternalSettings): Declare setEnableMockPagePopup().
2888         * testing/InternalSettings.idl: ditto.
2889         * testing/MockPagePopupDriver.cpp: Added.
2890         (MockPagePopup): Pseudo PagePopup implementation with the standard <iframe>.
2891         (WebCore::MockPagePopupDriver::MockPagePopupDriver): Added.
2892         (WebCore::MockPagePopupDriver::create): Added.
2893         (WebCore::MockPagePopupDriver::~MockPagePopupDriver): Added.
2894         (WebCore::MockPagePopupDriver::openPagePopup):
2895         Added. An override of PagePopupDriver function. This creates a MockPagePopup.
2896         (WebCore::MockPagePopupDriver::closePagePopup):
2897         Added. An override of PagePopupDriver function. This deletes the MockPagePopup.
2898         * testing/MockPagePopupDriver.h:
2899         (MockPagePopupDriver): Added.
2900
2901         * testing/v8/WebCoreTestSupport.cpp:
2902         (WebCoreTestSupport::injectPagePopupController):
2903         Added. Production code uses per-Page context feature framework. However
2904         MockPagePopup uses the same page as the host page. So we can't use the
2905         framework and need to inject window.pagePopupController manually.
2906         * testing/v8/WebCoreTestSupport.h:
2907         (WebCoreTestSupport): Add injectPagePopupController().
2908
2909 2012-07-12  Pavel Feldman  <pfeldman@chromium.org>
2910
2911         Web Inspector: mute the native looks of the selects in the console.
2912         https://bugs.webkit.org/show_bug.cgi?id=91120
2913
2914         Reviewed by Vsevolod Vlasov.
2915
2916         This is necessary for Mac now that we don't use border images for select.
2917
2918         * inspector/front-end/ConsoleView.js:
2919         (WebInspector.ConsoleView.prototype.get statusBarItems):
2920         (WebInspector.ConsoleView.prototype.addContext):
2921         (WebInspector.ConsoleView.prototype.removeContext):
2922         (WebInspector.ConsoleView.prototype._updateIsolatedWorldSelector):
2923         (WebInspector.ConsoleView.prototype._appendIsolatedContextOption):
2924         (WebInspector.ConsoleView.prototype._currentEvaluationContext):
2925         (WebInspector.ConsoleView.prototype._currentIsolatedContextId):
2926         * inspector/front-end/StatusBarButton.js:
2927         (WebInspector.StatusBarComboBox):
2928         (WebInspector.StatusBarComboBox.prototype.addOption):
2929         (WebInspector.StatusBarComboBox.prototype.removeOption):
2930         (WebInspector.StatusBarComboBox.prototype.removeOptions):
2931         (WebInspector.StatusBarComboBox.prototype.selectedOption):
2932         * inspector/front-end/inspector.css:
2933         (.status-bar-select-container):
2934         (select.status-bar-item):
2935         (.console-context):
2936
2937 2012-07-13  Andrei Bucur  <abucur@adobe.com>
2938
2939         [CSS Regions] Fix the lifecycle for the flow objects and their renderers
2940         https://bugs.webkit.org/show_bug.cgi?id=89000
2941
2942         Reviewed by Eric Seidel.
2943
2944         This patch adds the concept of a NamedFlowCollection, owned by the document, that keeps track of
2945         all the named flows that exist in the Document. This collection contains a ListHashSet of weak references to
2946         all the existing NamedFlows in the document. This is not a managed set because the CREATED flows are referenced from the renderer and
2947         the NULL flows are only cached, they should be destructible.
2948         Two named flows are considered to be equal if they have the same name.
2949         I've changed the NamedFlow state to depend on the existence of its renderer. A flow thread that has a renderer will also have a NamedFlow object.
2950         A flow thread without a renderer can have a NamedFlow object, but only in the NULL state. It's possible for a NamedFlow object to jump from the
2951         NULL state to the CREATED state if it was not destroyed (e.g. it was referenced from JS). Keeping track of the NULL state flows that have listeners will be important
2952         so when they go back to the CREATED state, the listeners would still be there.
2953
2954         Link to spec: http://www.w3.org/TR/2012/WD-css3-regions-20120503/
2955
2956         Tests: The old tests have been modified to take into account the new behavior
2957
2958         * CMakeLists.txt:
2959         * GNUmakefile.list.am:
2960         * Target.pri:
2961         * WebCore.gypi:
2962         * WebCore.vcproj/WebCore.vcproj:
2963         * WebCore.xcodeproj/project.pbxproj:
2964         * dom/DOMAllInOne.cpp:
2965         * dom/Document.cpp:
2966         (WebCore::Document::~Document):
2967         (WebCore):
2968         (WebCore::Document::webkitGetFlowByName):
2969         (WebCore::Document::namedFlows):
2970         * dom/Document.h:
2971         (WebCore):
2972         (Document):
2973         * dom/WebKitNamedFlow.cpp:
2974         (WebCore::WebKitNamedFlow::WebKitNamedFlow):
2975         (WebCore::WebKitNamedFlow::~WebKitNamedFlow):
2976         (WebCore::WebKitNamedFlow::create):
2977         (WebCore):
2978         (WebCore::WebKitNamedFlow::name):
2979         (WebCore::WebKitNamedFlow::overset):
2980         (WebCore::nodeInFlowThread):
2981         (WebCore::WebKitNamedFlow::getRegionsByContentNode):
2982         (WebCore::WebKitNamedFlow::getContent):
2983         (WebCore::WebKitNamedFlow::setRenderer):
2984         * dom/WebKitNamedFlow.h:
2985         (WebCore):
2986         (WebKitNamedFlow):
2987         (WebCore::WebKitNamedFlow::getFlowState):
2988         (WebCore::WebKitNamedFlow::switchFlowState):
2989         * dom/WebKitNamedFlowCollection.cpp: Added.
2990         (WebCore):
2991         (WebCore::WebKitNamedFlowCollection::WebKitNamedFlowCollection):
2992         (WebCore::WebKitNamedFlowCollection::length): An O(1) operation
2993         (WebCore::WebKitNamedFlowCollection::item): An O(N) operation
2994         (WebCore::WebKitNamedFlowCollection::flowByName): An O(1) operation
2995         (WebCore::WebKitNamedFlowCollection::ensureNamedFlowInCreatedState): An O(1) operation
2996         (WebCore::WebKitNamedFlowCollection::moveNamedFlowToNullState): An O(1) operation
2997         (WebCore::WebKitNamedFlowCollection::discardNamedFlow): An O(1) operation
2998         (WebCore::WebKitNamedFlowCollection::documentDestroyed):
2999         (WebCore::WebKitNamedFlowCollection::NamedFlowHashFunctions::hash):
3000         (WebCore::WebKitNamedFlowCollection::NamedFlowHashFunctions::equal):
3001         (WebKitNamedFlowCollection::NamedFlowHashFunctions):
3002         (WebCore::WebKitNamedFlowCollection::NamedFlowHashTranslator::hash):
3003         (WebCore::WebKitNamedFlowCollection::NamedFlowHashTranslator::equal):
3004         * dom/WebKitNamedFlowCollection.h: Copied from Source/WebCore/dom/WebKitNamedFlow.h.
3005         (WebCore):
3006         (WebKitNamedFlowCollection):
3007         (WebCore::WebKitNamedFlowCollection::create):
3008         (WebCore::WebKitNamedFlowCollection::document):
3009         * rendering/FlowThreadController.cpp:
3010         (WebCore::FlowThreadController::ensureRenderFlowThreadWithName):
3011         (WebCore::FlowThreadController::removeFlowThread):
3012         (WebCore):
3013         * rendering/FlowThreadController.h:
3014         (FlowThreadController):
3015         * rendering/RenderNamedFlowThread.cpp:
3016         (WebCore::RenderNamedFlowThread::RenderNamedFlowThread):
3017         (WebCore):
3018         (WebCore::RenderNamedFlowThread::~RenderNamedFlowThread):
3019         (WebCore::RenderNamedFlowThread::removeRegionFromThread):
3020         (WebCore::RenderNamedFlowThread::unregisterNamedFlowContentNode):
3021         (WebCore::RenderNamedFlowThread::flowThreadName):
3022         (WebCore::RenderNamedFlowThread::willBeDestroyed):
3023         * rendering/RenderNamedFlowThread.h:
3024         (RenderNamedFlowThread):
3025         (WebCore::RenderNamedFlowThread::contentNodes):
3026         (WebCore::RenderNamedFlowThread::canBeDestroyed):
3027
3028 2012-07-13  Vineet Chaudhary  <rgf748@motorola.com>
3029
3030         [V8Bindings] Implement generalised method to validates that the passed object is a sequence type.
3031         https://bugs.webkit.org/show_bug.cgi?id=91056
3032
3033         Reviewed by Kentaro Hara.
3034
3035         Currently the V8 implementation validates that the passed object is a sequence type only
3036         for MessagePort in V8Utilities::extractTransferables().
3037         There should be generalised method for other types too.
3038         Spec URL: http://www.w3.org/TR/2012/WD-WebIDL-20120207/#es-sequence
3039
3040         No new test, Just refactoring. There should be no behavioral changes.
3041
3042         * bindings/v8/V8Binding.h:
3043         (WebCore::toV8Sequence): Added implementation of toV8Sequence().
3044
3045 2012-07-13  Zeno Albisser  <zeno@webkit.org>
3046
3047         [Qt][WK2] Implement GraphicsSurface for Linux/GLX.
3048         https://bugs.webkit.org/show_bug.cgi?id=90881
3049
3050         Add a GLX based GraphicsSurface implementation for Linux.
3051         Native X windows are being used for exchanging textures
3052         with the UIProcess.
3053
3054         Reviewed by Noam Rosenthal.
3055
3056         * Target.pri:
3057         * WebCore.pri:
3058         * platform/graphics/surfaces/GraphicsSurface.cpp:
3059         (WebCore::GraphicsSurface::create):
3060             Move creating GraphicsSurface instance into
3061             platformCreate/platformImport functions to allow
3062             platform specific creation based on the provided flags.
3063         (WebCore::GraphicsSurface::GraphicsSurface):
3064         (WebCore::GraphicsSurface::~GraphicsSurface):
3065             Call platformDestroy when destroying a GraphicsSurface.
3066         (WebCore):
3067         * platform/graphics/surfaces/GraphicsSurface.h:
3068             Make platformCreate/platformImport functions static
3069             to be able to call these from the static create function.
3070             Add Destructor prototype and add GraphicsSurfacePrivate member.
3071         (WebCore):
3072         (GraphicsSurface):
3073         * platform/graphics/surfaces/mac/GraphicsSurfaceMac.cpp:
3074         (WebCore):
3075         (WebCore::GraphicsSurface::platformCreate):
3076         (WebCore::GraphicsSurface::platformImport):
3077             Insert creation of GraphicsSurface instance.
3078             This allows having a platform specific creation mechanism
3079             for GLX.
3080         * platform/graphics/surfaces/qt/GraphicsSurfaceGLX.cpp: Added.
3081         (WebCore):
3082         (OffScreenRootWindow):
3083         (WebCore::OffScreenRootWindow::OffScreenRootWindow):
3084         (WebCore::OffScreenRootWindow::get):
3085         (WebCore::OffScreenRootWindow::~OffScreenRootWindow):
3086             Add an OffScreenRootWindow singelton that is being used
3087             as a parent for all native offscreen windows.
3088         (GraphicsSurfacePrivate):
3089             This class is used to manage all the X related resources
3090             such as opening a display or creating XPixmaps etc.
3091         (WebCore::GraphicsSurfacePrivate::GraphicsSurfacePrivate):
3092             Open a connection to the X server and create a
3093             QOpenGLContext that can be used to resolve GL functions.
3094         (WebCore::GraphicsSurfacePrivate::~GraphicsSurfacePrivate):
3095             Properly cleanup and release all the X resources again.
3096         (WebCore::GraphicsSurfacePrivate::createSurface):
3097             Create a surface that is placed off screen and can be
3098             used as a rendering target by the WebProcess.
3099         (WebCore::GraphicsSurfacePrivate::createPixmap):
3100             Create a GLXPixmap from the XWindow that was previously
3101             redirected by the WebProcess. This GLXPixmap can then be
3102             bound to a texture and being painted on screen by the
3103             UIProcess.
3104         (WebCore::GraphicsSurfacePrivate::makeCurrent):
3105         (WebCore::GraphicsSurfacePrivate::swapBuffers):
3106         (WebCore::GraphicsSurfacePrivate::display):
3107         (WebCore::GraphicsSurfacePrivate::glxPixmap):
3108         (WebCore::GraphicsSurfacePrivate::size):
3109         (WebCore::GraphicsSurfacePrivate::glContext):
3110         (WebCore::resolveGLMethods):
3111             Initialize all the function pointers for the GL functions used.
3112         (WebCore::GraphicsSurface::platformExport):
3113         (WebCore::GraphicsSurface::platformGetTextureID):
3114             Bind the GLXPixmap to a texture.
3115         (WebCore::GraphicsSurface::platformCopyToGLTexture):
3116             Not beeing implemented for GLX.
3117         (WebCore::GraphicsSurface::platformCopyFromFramebuffer):
3118             Blit origin fbo onto the GraphicsSurface's backing.
3119         (WebCore::GraphicsSurface::platformCreate):
3120         (WebCore::GraphicsSurface::platformImport):
3121         (WebCore::GraphicsSurface::platformLock):
3122         (WebCore::GraphicsSurface::platformUnlock):
3123         (WebCore::GraphicsSurface::platformDestroy):
3124
3125 2012-07-13  Dongwoo Im  <dw.im@samsung.com>
3126
3127         CodeGeneratorJS.pm : SetterExpression should use 'push' rather than 'unshift'
3128         https://bugs.webkit.org/show_bug.cgi?id=91198
3129
3130         Reviewed by Kentaro Hara.
3131
3132         'SetterExpression' should use 'push' to make arguments, rather than 'unshift'.
3133
3134         No new tests. Covered by existing tests.
3135
3136         * bindings/scripts/CodeGeneratorJS.pm:
3137         (GenerateImplementation):
3138
3139 2012-07-13  Yoshifumi Inoue  <yosin@chromium.org>
3140
3141         REGRESSION(r119948): [Forms] Spin button Up/Down actions make value to zero for input type "number" when step mismatched
3142         https://bugs.webkit.org/show_bug.cgi?id=91197
3143
3144         Reviewed by Kent Tamura.
3145
3146         This patch fixes implementation of Decimal::ceiling() and floor().
3147         They return wrong value for small fractional numbers.
3148
3149         The bug is occurred when:
3150           - Step-able input type, e.g. number, date, datetime, and so on.
3151           - Current value is step mismatched
3152           - Current value is smaller than step
3153           - Step up/down by spin button
3154         because spin button up/down actions are implemented in InputType::setpUpFromRenderer
3155         which calls Decimal::ceiling() and floor() for step mismatched case.
3156
3157         Tests: fast/forms/number/number-stepup-stepdown-from-renderer.html: Added test cases
3158                WebKit/chromium/tests/DecimalTest.cpp: Added test cases
3159
3160         * platform/Decimal.cpp:
3161         (WebCore::Decimal::ceiling): Changed to return 1 for positive small fractional number.
3162         (WebCore::Decimal::floor): Changed to return -1 for negative small fractional number.
3163
3164 2012-07-13  Dominic Mazzoni  <dmazzoni@google.com>
3165
3166         Should be possible to focus elements within canvas fallback content
3167         https://bugs.webkit.org/show_bug.cgi?id=87898
3168
3169         Reviewed by Chris Fleizach.
3170
3171         Patches isFocusable in dom/Node.cpp and html/HTMLFormControlElement.cpp
3172         to make elements focusable if they're a descendent of a canvas element
3173         if they would otherwise have been focusable but just didn't have
3174         a renderer. Adds a bit to ElementRareData to efficiently keep track
3175         of elements in a canvas subtree.
3176
3177         Test: fast/canvas/fallback-content.html
3178
3179         * dom/Element.cpp:
3180         (WebCore::Element::attach):
3181         (WebCore::Element::detach):
3182         (WebCore::Element::setIsInCanvasSubtree):
3183         (WebCore):
3184         (WebCore::Element::isInCanvasSubtree):
3185         * dom/Element.h:
3186         (Element):
3187         * dom/ElementRareData.h:
3188         (ElementRareData):
3189         (WebCore::ElementRareData::ElementRareData):
3190         * dom/Node.cpp:
3191         (WebCore::Node::isFocusable):
3192         * html/HTMLCanvasElement.cpp:
3193         (WebCore::HTMLCanvasElement::attach):
3194         (WebCore):
3195         * html/HTMLCanvasElement.h:
3196         (HTMLCanvasElement):
3197         * html/HTMLFormControlElement.cpp:
3198         (WebCore::HTMLFormControlElement::isFocusable):
3199
3200 2012-07-12  Carlos Garcia Campos  <cgarcia@igalia.com>
3201
3202         [GTK] Add API to get HTTPS status to WebKit2 GTK+
3203         https://bugs.webkit.org/show_bug.cgi?id=91100
3204
3205         Reviewed by Martin Robinson.
3206
3207         * platform/network/soup/ResourceResponse.h:
3208         (WebCore::ResourceResponse::soupMessageCertificate): Return the
3209         certificate.
3210         (WebCore::ResourceResponse::setSoupMessageCertificate): Set a
3211         certificate.
3212         (WebCore::ResourceResponse::soupMessageTLSErrors): Return the TLS
3213         errors.
3214         (WebCore::ResourceResponse::setSoupMessageTLSErrors): Set TLS
3215         errors.
3216         * platform/network/soup/ResourceResponseSoup.cpp:
3217         (WebCore::ResourceResponse::toSoupMessage): Set the certificate
3218         and TLS errors to the newly created SoupMessage.
3219         (WebCore::ResourceResponse::updateFromSoupMessage): Get the
3220         certificate and TLS errors from the SoupMessage.
3221
3222 2012-07-13  Ryosuke Niwa  <rniwa@webkit.org>
3223
3224         RadioNodeList is not updated upon input type change
3225         https://bugs.webkit.org/show_bug.cgi?id=91178
3226
3227         Reviewed by Alexey Proskuryakov.
3228
3229         Invalidate the radio node lists when type content attribute changes since it excludes
3230         image type input elements.
3231
3232         Test: fast/forms/radionodelist-image-type.html
3233
3234         * dom/Document.cpp:
3235         (WebCore::shouldInvalidateNodeListForType):
3236         * dom/Document.h: Renamed InvalidateOnIdNameForAttrChange to InvalidateOnFormAttrChange
3237         since listing all attribute name isn't useful at this point.
3238         * html/RadioNodeList.cpp:
3239         (WebCore::RadioNodeList::RadioNodeList):
3240
3241 2012-07-12  Dongwoo Im  <dw.im@samsung.com>
3242
3243         CodeGeneratorJS.pm need to handle the attribute which has "CallWith=ScriptExecutionContext" option.
3244         https://bugs.webkit.org/show_bug.cgi?id=91185
3245
3246         Reviewed by Kentaro Hara.
3247
3248         When an attribute has "CallWith=ScriptExecutionContext" option, 'ScriptExecutionContext*' parameter should be the last parameter.
3249
3250         No new tests. Covered by existing tests.
3251
3252         * bindings/scripts/CodeGeneratorJS.pm:
3253         (GenerateImplementation):
3254
3255 2012-07-12  Yoshifumi Inoue  <yosin@chromium.org>
3256
3257         REGRESSION(r117738): [Forms] stepMismatch for input type "time" with large step value always return false.
3258         https://bugs.webkit.org/show_bug.cgi?id=91062
3259
3260         Reviewed by Kent Tamura.
3261
3262         This patch changes value of StepRange::acceptableError to zero for
3263         integer restricted step value.
3264
3265         No new tests, existing test covers (fast/forms/time/ValidityState-stepMismatch-time.html) this change although they are listed in TestExpectation file.
3266
3267         * html/StepRange.cpp:
3268         (WebCore::StepRange::acceptableError): Changed to return 0 if step value is restricted to be an integer.
3269
3270 2012-07-12  Dan Bernstein  <mitz@apple.com>
3271
3272         Pass an option flag to CFStringGetHyphenationLocationBeforeIndex() that tells it to not
3273         terminate the search at the last word boundary before the given index.
3274
3275         Reviewed by Adele Peterson.
3276
3277         No test, because the current version of Core Foundation ignores the options parameter.
3278
3279         * platform/text/cf/HyphenationCF.cpp:
3280         (WebCore::lastHyphenLocation): Changed the options parameter from 0 to 1.
3281
3282 2012-07-12  Eric Seidel  <eric@webkit.org>
3283
3284         Incorrect behaviour calling Range setStart or setEnd with boundary in different document
3285         https://bugs.webkit.org/show_bug.cgi?id=42517
3286
3287         Reviewed by Ojan Vafai.
3288
3289         Added a new static inline "checkForDifferentRootContainer" to share some code
3290         and made setStart/setEnd do the right thing in the x-document case.  I removed
3291         the bogus checks in set*After/set*Before functions, and since they just call
3292         through to setStart/setEnd, they also now do the right thing.
3293
3294         Test: fast/dom/Range/set-wrong-document-err.html
3295
3296         * dom/Range.cpp:
3297         (WebCore::checkForDifferentRootContainer):
3298         (WebCore):
3299         (WebCore::Range::setStart):
3300         (WebCore::Range::setEnd):
3301         (WebCore::Range::setStartAfter):
3302         (WebCore::Range::setEndBefore):
3303         (WebCore::Range::setEndAfter):
3304         (WebCore::Range::setStartBefore):
3305
3306 2012-07-12  Erik Arvidsson  <arv@chromium.org>
3307
3308         [V8] Simplify CodeGeneratorV8 since V8OnProto is only true for DOMWindow
3309         https://bugs.webkit.org/show_bug.cgi?id=91165
3310
3311         Reviewed by Nate Chapin.
3312
3313         The old code was dead code since V8OnProto only ever gets set to 1 for DOMWindow.
3314
3315         No new tests. No change in functionality.
3316
3317         * bindings/scripts/CodeGeneratorV8.pm:
3318         (GenerateNormalAttrSetter):
3319
3320 2012-07-12  Ryosuke Niwa  <rniwa@webkit.org>
3321
3322         Build fix. Initialize unused const member variables to make compilers happy.
3323
3324         * dom/DynamicNodeList.h:
3325         (WebCore::DynamicNodeListCacheBase::DynamicNodeListCacheBase):
3326
3327 2012-07-12  Konrad Piascik  <kpiascik@rim.com>
3328
3329         Web Inspector: Geolocation override
3330         https://bugs.webkit.org/show_bug.cgi?id=89365
3331
3332         Reviewed by Pavel Feldman.
3333
3334         Reverted original patch.
3335         Change has not been reviewed by the right people. It declares
3336         public protocol methods and is wrong in several ways.
3337
3338         * Modules/geolocation/GeolocationController.cpp:
3339         (WebCore::GeolocationController::GeolocationController):
3340         (WebCore::GeolocationController::positionChanged):
3341         * Modules/geolocation/GeolocationController.h:
3342         (GeolocationController):
3343         * inspector/Inspector.json:
3344         * inspector/InspectorInstrumentation.cpp:
3345         (WebCore):
3346         * inspector/InspectorInstrumentation.h:
3347         (WebCore):
3348         (InspectorInstrumentation):
3349         * inspector/InspectorPageAgent.cpp:
3350         (WebCore::InspectorPageAgent::InspectorPageAgent):
3351         * inspector/InspectorPageAgent.h:
3352         * inspector/front-end/Settings.js:
3353         * inspector/front-end/SettingsScreen.js:
3354         (WebInspector.UserAgentSettingsTab):
3355         (WebInspector.UserAgentSettingsTab.prototype._createDeviceMetricsElement):
3356         * inspector/front-end/UserAgentSupport.js:
3357
3358 2012-07-12  Ryosuke Niwa  <rniwa@webkit.org>
3359
3360         Move m_type and m_hasNameCache from HTMLCollectionCacheBase to DynamicNodeListCacheBase for better bit packing
3361         https://bugs.webkit.org/show_bug.cgi?id=91164
3362
3363         Reviewed by Anders Carlsson.
3364
3365         Moved m_type and m_hasNameCache from HTMLCollection and renamed them to m_collectionType and m_isNameCacheValid.
3366
3367         Also renamed shouldIncludeChildren to shouldOnlyIncludeDirectChildren and negated the return value since
3368         all HTMLCollection include children in the collection and the function was meant to tell us whether the collection
3369         should include descendents that are not direct children of base().
3370
3371         In addition, renamed nextNodeOrSibling to nextNode since "or sibling" doesn't seem to add any semantic clarity.
3372
3373         * dom/DynamicNodeList.h:
3374         (WebCore::DynamicNodeListCacheBase::DynamicNodeListCacheBase):
3375         (DynamicNodeListCacheBase):
3376         (WebCore::DynamicNodeListCacheBase::type):
3377         (WebCore::DynamicNodeListCacheBase::hasNameCache):
3378         (WebCore::DynamicNodeListCacheBase::setHasNameCache):
3379         (WebCore::DynamicNodeListCacheBase::clearCache):
3380         * html/HTMLCollection.cpp:
3381         (WebCore::shouldOnlyIncludeDirectChildren):
3382         (WebCore::HTMLCollection::HTMLCollection):
3383         (WebCore::HTMLCollection::isAcceptableElement):
3384         (WebCore::nextNode):
3385         (WebCore::HTMLCollection::itemAfter):
3386         * html/HTMLCollection.h:
3387         (WebCore::HTMLCollectionCacheBase::HTMLCollectionCacheBase):
3388         (HTMLCollectionCacheBase):
3389         (WebCore::HTMLCollectionCacheBase::clearCache):
3390
3391 2012-07-12  Shinya Kawanaka  <shinyak@chromium.org>
3392
3393         Needs callback before AuthorShadowRoot is added.
3394         https://bugs.webkit.org/show_bug.cgi?id=91167
3395
3396         Reviewed by Hajime Morita.
3397
3398         This is a preliminary patch for adding multiple Shadow DOM support for media elements and form elements.
3399         They assume that UserAgentShadowRoot is the oldest, however currently a page author may try to add
3400         AuthorShadowRoot before adding UserAgentShadowRoot.
3401
3402         This patch adds a callback before AuthorShadowRoot is being added, and allow us to add UserAgentShadowRoot
3403         for those elements. See also Bug 77936, Bug 77937, Bug 90532.
3404
3405         * dom/Element.h:
3406         (WebCore::Element::willAddAuthorShadowRoot):
3407         * dom/ElementShadow.cpp:
3408         (WebCore::ElementShadow::addShadowRoot):
3409         * dom/ElementShadow.h:
3410         (ElementShadow):
3411         * dom/ShadowRoot.cpp:
3412         (WebCore::ShadowRoot::create):
3413
3414 2012-07-12  Dana Jansens  <danakj@chromium.org>
3415
3416         [chromium] Remove the RenderPass pointer from RenderPassDrawQuad
3417         https://bugs.webkit.org/show_bug.cgi?id=91023
3418
3419         Reviewed by Adrienne Walker.
3420
3421         Removes the RenderPass pointer and keeps only an integer id in the
3422         quad to refer back to the RenderPass the quad reads from.
3423
3424         Covered by existing tests.
3425
3426         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
3427         (WebCore::CCLayerTreeHostImpl::calculateRenderPasses):
3428         (WebCore::findRenderPassById):
3429         (WebCore):
3430         (WebCore::removeRenderPassesRecursive):
3431         (WebCore::CCLayerTreeHostImpl::CullRenderPassesWithCachedTextures::shouldRemoveRenderPass):
3432         (WebCore::CCLayerTreeHostImpl::CullRenderPassesWithNoQuads::shouldRemoveRenderPass):
3433         (WebCore::CCLayerTreeHostImpl::removeRenderPasses):
3434         (WebCore::CCLayerTreeHostImpl::prepareToDraw):
3435         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
3436         (FrameData):
3437         (CullRenderPassesWithCachedTextures):
3438         (CullRenderPassesWithNoQuads):
3439         (CCLayerTreeHostImpl):
3440         * platform/graphics/chromium/cc/CCRenderPass.cpp:
3441         (WebCore::CCRenderPass::appendQuadsForRenderSurfaceLayer):
3442         * platform/graphics/chromium/cc/CCRenderPass.h:
3443         (WebCore):
3444         * platform/graphics/chromium/cc/CCRenderPassDrawQuad.cpp:
3445         (WebCore::CCRenderPassDrawQuad::create):
3446         (WebCore::CCRenderPassDrawQuad::CCRenderPassDrawQuad):
3447         * platform/graphics/chromium/cc/CCRenderPassDrawQuad.h:
3448         (CCRenderPassDrawQuad):
3449         * platform/graphics/chromium/cc/CCRenderSurface.cpp:
3450         (WebCore::CCRenderSurface::appendQuads):
3451         * platform/graphics/chromium/cc/CCRenderSurface.h:
3452         (CCRenderSurface):
3453
3454 2012-07-12  Elliott Sprehn  <esprehn@gmail.com>
3455
3456         Unneeded tree walking when adding or removing children due to RenderCounter / RenderQuote logic
3457         https://bugs.webkit.org/show_bug.cgi?id=89900
3458
3459         Reviewed by Eric Seidel and Abhishek Arya.
3460
3461         Previously we would walk the all children a renderer whenever adding
3462         or removing a child renderer from its RenderObjectChildList to look for 
3463         RenderQuote and RenderCounter instances to update. This patch introduces 
3464         a counter in RenderView for the number of RenderQuote and RenderCounter 
3465         instances in that document so we can avoid these traversals.
3466
3467         No tests needed since this is just a short circuiting of logic and the existing
3468         tests should cover it.
3469
3470         * rendering/RenderCounter.cpp:
3471         (WebCore::RenderCounter::RenderCounter): Increment instance counter.
3472         (WebCore::RenderCounter::willBeDestroyed): Decrement instance counter.
3473         (WebCore):
3474         (WebCore::RenderCounter::rendererRemovedFromTree): Short circuit when counter is zero.
3475         (WebCore::RenderCounter::rendererSubtreeAttached): Short circuit when counter is zero.
3476         * rendering/RenderCounter.h:
3477         (RenderCounter):
3478         * rendering/RenderObjectChildList.cpp:
3479         (WebCore::RenderObjectChildList::removeChildNode): Short circuit calling into Counter and Quote code when the document is being destroyed.
3480         * rendering/RenderQuote.cpp:
3481         (WebCore::RenderQuote::RenderQuote):
3482         (WebCore::RenderQuote::willBeDestroyed):
3483         (WebCore):
3484         (WebCore::RenderQuote::rendererSubtreeAttached): Increment instance counter.
3485         (WebCore::RenderQuote::rendererRemovedFromTree): Decrement instance counter.
3486         * rendering/RenderQuote.h:
3487         (RenderQuote):
3488         * rendering/RenderView.cpp:
3489         (WebCore::RenderView::RenderView):
3490         * rendering/RenderView.h: Methods for managing the RenderQuote and RenderCounter counts.
3491         (RenderView):
3492         (WebCore::RenderView::addRenderQuote):
3493         (WebCore::RenderView::removeRenderQuote):
3494         (WebCore::RenderView::hasRenderQuotes):
3495         (WebCore::RenderView::addRenderCounter):
3496         (WebCore::RenderView::removeRenderCounter):
3497         (WebCore::RenderView::hasRenderCounters):
3498
3499 2012-07-12  Ryosuke Niwa  <rniwa@webkit.org>
3500
3501         Merge HTMLCollectionWithArrayStorage into HTMLCollection
3502         https://bugs.webkit.org/show_bug.cgi?id=91144
3503
3504         Reviewed by Anders Carlsson.
3505
3506         Merged HTMLCollectionWithArrayStorage::item into HTMLCollection::item and got rid of
3507         HTMLCollectionWithArrayStorage. Also de-virtualized HTMLCollection::item and HTMLCollection::length
3508         and merged itemInArrayAfter and itemAfter.
3509
3510         In addition, improved the algorithm in HTMLCollection::length to take advantage of item cache.
3511         Instead of always computing the length from the beginning, we start the search from the cached item
3512         so that if we're near end of the collection, we avoid significant portion of the node traversal.
3513
3514         Furthermore, made HTMLCollection always call setItemCache with a non-null item and HTMLCollection::item
3515         set the length cache when it reaches the end of the collection to avoid redundant length calculations.
3516
3517         * dom/DynamicNodeList.h:
3518         (WebCore::DynamicNodeListCacheBase::setItemCache): Add a FIXME.
3519         * html/HTMLCollection.cpp:
3520         (WebCore::HTMLCollection::itemAfter): Regular HTMLCollection doesn't have uses elements array so
3521         assert that offsetInArray is always 0.
3522         (WebCore): Removed calcLength.
3523         (WebCore::HTMLCollection::length): Rewritten. The algorithm is as follows:
3524         When there is no item cache, we look for the first item by calling item(0). If item(0) returns null,
3525         then it must have set the length cache so bail out. If the previous step didn't bail out, then
3526         the item cache is valid and not null (see above), so count the number of remaining items in collection
3527         starting at the cached item's offset + 1.
3528         (WebCore::HTMLCollection::item): Avoid calling setItemCache with null. When the first item is null,
3529         set the length cache instead.
3530         (WebCore::HTMLCollection::itemAfterCachedItem): Extracted from HTMLCollectionWithArrayStorage::item.
3531         (WebCore::HTMLCollection::namedItem): Pass in arrayOffset to itemAfter. Note this variable is never
3532         used since only HTMLFormCollection and HTMLPropertiesCollection use array offsets but they override
3533         this function.
3534         (WebCore::HTMLCollection::updateNameCache): Ditto.
3535         * html/HTMLCollection.h:
3536         (HTMLCollection):
3537         (WebCore):
3538         * html/HTMLFormCollection.cpp: Removed calcLength(). Even though this function didn't iterate over
3539         the collection directly, HTMLFormElement::length and HTMLFieldSetElement::length did so we're not
3540         regressing any performance here.
3541         (WebCore::HTMLFormCollection::HTMLFormCollection):
3542         (WebCore::HTMLFormCollection::itemAfter):
3543         * html/HTMLFormCollection.h:
3544         (HTMLFormCollection):
3545         * html/HTMLNameCollection.cpp:
3546         (WebCore::HTMLNameCollection::itemAfter):
3547         * html/HTMLNameCollection.h:
3548         (HTMLNameCollection):
3549         * html/HTMLPropertiesCollection.cpp: Removed calcLength().
3550         (WebCore::HTMLPropertiesCollection::HTMLPropertiesCollection):
3551         (WebCore::HTMLPropertiesCollection::itemAfter):
3552         (WebCore):
3553         * html/HTMLPropertiesCollection.h:
3554         (HTMLPropertiesCollection):
3555         * html/HTMLTableRowsCollection.cpp:
3556         (WebCore::HTMLTableRowsCollection::itemAfter):
3557         * html/HTMLTableRowsCollection.h:
3558         (HTMLTableRowsCollection):
3559
3560 2012-07-12  Pravin D  <pravind.2k4@gmail.com>
3561
3562         Row size/position is wrongly calculated when table having overlapping rowspan cell and colspan cell
3563         https://bugs.webkit.org/show_bug.cgi?id=16811
3564
3565         Reviewed by Julien Chaffraix.
3566
3567         The height of a row is calculated by taking the max height of the cells contained in it. When a row contains
3568         a rowSpan cell and if this row is not the last row of the cell, then its height is max height of other non
3569         rowSpan cells. If the row is the last row of the rowSpan cell, then using the contraint laid by CSS2.1 spec
3570         "For a rowSpan cell, the sum of the row heights involved must be great enough to encompass the cell spanning the rows",
3571         the last remaining height of the rowSpan(cell height minus heights of other involved rows) is taken into consideration
3572         while calculating the height of this row.
3573         Currently when calculating the height of the row we are only using the height of the primary cell at position (row, col).
3574         However when a row has colSpan cell and rowSpan, they might overlap. In such a sitution as only the primary cells height
3575         is considered, the height of the row will be calculated worngly if the other overlapping cell has greater height.
3576         Thus all the overlapping cell at position (row, col) must be considered while calculating the height of a row. 
3577
3578         Test: fast/table/last-cell-of-rowspan-overlapping-colspan-cell.html
3579
3580         * rendering/RenderTableSection.cpp:
3581         (WebCore::RenderTableSection::calcRowLogicalHeight):
3582         Fixed function to use all the overlapping cells at position(row, col) to calculate the height/position of rows.
3583
3584 2012-07-12  Joshua Bell  <jsbell@chromium.org>
3585
3586         IndexedDB: Enable IDBFactory.deleteDatabase() and webkitGetDatabaseNames() in Workers
3587         https://bugs.webkit.org/show_bug.cgi?id=90310
3588
3589         Reviewed by Tony Chang.
3590
3591         Simplify Document vs. Worker logic for IDBFactory::open() and hook up the
3592         other two IDBFactory methods for use by workers as well.
3593
3594         Test: storage/indexeddb/factory-basics-workers.html
3595
3596         * Modules/indexeddb/IDBFactory.cpp:
3597         (isContextValid): Helper function consolidating checks that context is usable.
3598         (getIndexedDBDatabasePath): Helper function for accessing group settings.
3599         (WebCore::IDBFactory::getDatabaseNames): Simplify - just pass context through to back end.
3600         (WebCore::IDBFactory::open): Ditto.
3601         (WebCore::IDBFactory::deleteDatabase): Ditto.
3602         (WebCore::IDBFactory::cmp): Whitespace.
3603         * Modules/indexeddb/IDBFactoryBackendImpl.cpp: Obsolete openFromWorker() removed.
3604         (WebCore::IDBFactoryBackendImpl::getDatabaseNames): Signature updated.
3605         (WebCore::IDBFactoryBackendImpl::deleteDatabase): Signature updated.
3606         (WebCore::IDBFactoryBackendImpl::open): Signature updated.
3607         * Modules/indexeddb/IDBFactoryBackendImpl.h:
3608         (IDBFactoryBackendImpl):
3609         * Modules/indexeddb/IDBFactoryBackendInterface.h: Interface methods now take both SecurityOrigin
3610         and ScriptExecutionContext, but not Frame. In the proxy, SecurityOrigin is redundant (can be
3611         accessed from context) but on the real back end the context is null (as Frame was previously).
3612         (IDBFactoryBackendInterface):
3613         * inspector/InspectorIndexedDBAgent.cpp:
3614         (WebCore):
3615         (WebCore::InspectorIndexedDBAgent::requestDatabaseNamesForFrame):
3616         (WebCore::InspectorIndexedDBAgent::requestDatabase):
3617         (WebCore::InspectorIndexedDBAgent::requestData):
3618
3619 2012-07-12  Dana Jansens  <danakj@chromium.org>
3620
3621         [chromium] The root layer should not try create a second RenderSurface for itself
3622         https://bugs.webkit.org/show_bug.cgi?id=91124
3623
3624         Reviewed by Adrienne Walker.
3625
3626         Tests: CCLayerTreeHostImplTest.rootLayerDoesntCreateExtraSurface
3627
3628         * platform/graphics/chromium/cc/CCLayerTreeHostCommon.cpp:
3629         (WebCore::subtreeShouldRenderToSeparateSurface):
3630
3631 2012-07-12  Adam Barth  <abarth@webkit.org>
3632
3633         Regression (r122359) Layout Test html5lib/runner.html is failing
3634         https://bugs.webkit.org/show_bug.cgi?id=91047
3635
3636         Reviewed by Tony Chang.
3637
3638         This ASSERT is bogus because doctypes can be removed from the DOM and
3639         then re-added.
3640
3641         Test: fast/viewport/viewport-legacy-xhtmlmp-remove-and-add.html
3642
3643         * dom/Document.cpp:
3644         (WebCore::Document::setDocType):
3645
3646 2012-07-12  Ojan Vafai  <ojan@chromium.org>
3647
3648         Implied minimum size of flex items is min-content
3649         https://bugs.webkit.org/show_bug.cgi?id=87546
3650
3651         Reviewed by Tony Chang.
3652
3653         http://dev.w3.org/csswg/css3-flexbox/#min-size-auto
3654         In the main axis direction, min-size of auto means min-content.
3655
3656         Test: css3/flexbox/flex-item-min-size.html
3657
3658         * rendering/RenderBox.cpp:
3659         (WebCore::RenderBox::computeLogicalWidthInRegionUsing):
3660         (WebCore::RenderBox::computeContentLogicalHeightUsing):
3661         (WebCore::RenderBox::computeReplacedLogicalWidthUsing):
3662         (WebCore::RenderBox::computeReplacedLogicalHeightUsing):
3663         (WebCore::RenderBox::computePositionedLogicalWidthUsing):
3664         (WebCore::RenderBox::computePositionedLogicalHeightUsing):
3665         It turned out that these FIXMEs are all unnecessary with the changes to RenderFlexibleBox.
3666
3667         * rendering/RenderFlexibleBox.cpp:
3668         (WebCore::RenderFlexibleBox::computeMainAxisPreferredSizes):
3669         (WebCore::RenderFlexibleBox::adjustChildSizeForMinAndMax):
3670
3671 2012-07-12  Eric Penner  <epenner@google.com>
3672
3673         [chromium] Use CCTexture/TextureAllocator and remove TextureManager
3674         https://bugs.webkit.org/show_bug.cgi?id=91001
3675
3676         Reviewed by Adrienne Walker.
3677
3678         Use CCTexture to clean up CCPrioritizedTexture::Backing.
3679         Add TextureAllocator.h and remove remainder of TextureManager.h/cpp.
3680         Minor move/refactoring of link/unlink in CCPrioritizedTexture.
3681         Remove double initialization of the default memory limit.
3682
3683         Covered by existing tests (refactoring).
3684
3685         * WebCore.gypi:
3686         * platform/graphics/chromium/BitmapCanvasLayerTextureUpdater.cpp:
3687         * platform/graphics/chromium/BitmapCanvasLayerTextureUpdater.h:
3688         (WebCore):
3689         * platform/graphics/chromium/BitmapSkPictureCanvasLayerTextureUpdater.cpp:
3690         * platform/graphics/chromium/BitmapSkPictureCanvasLayerTextureUpdater.h:
3691         (WebCore):
3692         * platform/graphics/chromium/ImageLayerChromium.cpp:
3693         * platform/graphics/chromium/LayerRendererChromium.cpp:
3694         (WebCore::LayerRendererChromium::initialize):
3695         * platform/graphics/chromium/ManagedTexture.cpp: Removed.
3696         * platform/graphics/chromium/ManagedTexture.h: Removed.
3697         * platform/graphics/chromium/RenderSurfaceChromium.h:
3698         (WebCore):
3699         * platform/graphics/chromium/TextureAllocator.h: Copied from Source/WebCore/platform/graphics/chromium/cc/CCPriorityCalculator.h.
3700         (WebCore):
3701         (TextureAllocator):
3702         (WebCore::TextureAllocator::~TextureAllocator):
3703         * platform/graphics/chromium/TextureManager.cpp: Removed.
3704         * platform/graphics/chromium/TextureManager.h: Removed.
3705         * platform/graphics/chromium/TiledLayerChromium.cpp:
3706         * platform/graphics/chromium/TrackingTextureAllocator.cpp:
3707         (WebCore::TrackingTextureAllocator::createTexture):
3708         (WebCore::TrackingTextureAllocator::deleteTexture):
3709         * platform/graphics/chromium/TrackingTextureAllocator.h:
3710         * platform/graphics/chromium/cc/CCHeadsUpDisplay.cpp:
3711         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
3712         (WebCore::CCLayerTreeHost::prioritizeTextures):
3713         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
3714         (WebCore):
3715         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
3716         (WebCore::CCLayerTreeHostImpl::CCLayerTreeHostImpl):
3717         * platform/graphics/chromium/cc/CCPrioritizedTexture.cpp:
3718         (WebCore::CCPrioritizedTexture::CCPrioritizedTexture):
3719         (WebCore::CCPrioritizedTexture::setDimensions):
3720         (WebCore::CCPrioritizedTexture::textureId):
3721         (WebCore::CCPrioritizedTexture::bindTexture):
3722         (WebCore::CCPrioritizedTexture::framebufferTexture2D):
3723         (WebCore::CCPrioritizedTexture::link):
3724         (WebCore):
3725         (WebCore::CCPrioritizedTexture::unlink):
3726         * platform/graphics/chromium/cc/CCPrioritizedTexture.h:
3727         (WebCore):
3728         (WebCore::CCPrioritizedTexture::bytes):
3729         (CCPrioritizedTexture):
3730         (WebCore::CCPrioritizedTexture::haveBackingTexture):
3731         (WebCore::CCPrioritizedTexture::Backing::Backing):
3732         (WebCore::CCPrioritizedTexture::Backing::~Backing):
3733         (WebCore::CCPrioritizedTexture::Backing::owner):
3734         (Backing):
3735         (WebCore::CCPrioritizedTexture::backing):
3736         * platform/graphics/chromium/cc/CCPrioritizedTextureManager.cpp:
3737         (WebCore::CCPrioritizedTextureManager::prioritizeTextures):
3738         (WebCore::CCPrioritizedTextureManager::requestLate):
3739         (WebCore::CCPrioritizedTextureManager::acquireBackingTextureIfNeeded):
3740         (WebCore::CCPrioritizedTextureManager::reduceMemory):
3741         (WebCore::CCPrioritizedTextureManager::clearAllMemory):
3742         (WebCore::CCPrioritizedTextureManager::registerTexture):
3743         (WebCore::CCPrioritizedTextureManager::returnBackingTexture):
3744         (WebCore::CCPrioritizedTextureManager::createBacking):
3745         (WebCore::CCPrioritizedTextureManager::destroyBacking):
3746         (WebCore::CCPrioritizedTextureManager::assertInvariants):
3747         * platform/graphics/chromium/cc/CCPrioritizedTextureManager.h:
3748         (CCPrioritizedTextureManager):
3749         (WebCore::CCPrioritizedTextureManager::defaultMemoryAllocationLimit):
3750         (WebCore::CCPrioritizedTextureManager::compareBackings):
3751         * platform/graphics/chromium/cc/CCPriorityCalculator.h:
3752         * platform/graphics/chromium/cc/CCScopedTexture.cpp:
3753         * platform/graphics/chromium/cc/CCScopedTexture.h:
3754         * platform/graphics/chromium/cc/CCTexture.h:
3755         (WebCore::CCTexture::CCTexture):
3756         * platform/graphics/chromium/cc/CCTiledLayerImpl.cpp:
3757         (WebCore):
3758         * platform/graphics/chromium/cc/CCVideoLayerImpl.cpp:
3759
3760 2012-07-12  Ryosuke Niwa  <rniwa@webkit.org>
3761
3762         Let XCode have its own way.
3763
3764         * WebCore.xcodeproj/project.pbxproj:
3765
3766 2012-07-12  Julien Chaffraix  <jchaffraix@webkit.org>
3767
3768         ASSERT(genChild->isListMarker() || genChild->style()->styleType() == FIRST_LETTER) triggered on flex-box content
3769         https://bugs.webkit.org/show_bug.cgi?id=91003
3770
3771         Reviewed by Abhishek Arya.
3772
3773         Tests: fast/flexbox/assert-generated-deprecated-flexbox.html
3774                fast/flexbox/assert-generated-new-flexbox.html
3775
3776         The issue was that findBeforeAfterParent didn't return the right parent for the flex-box case. This would
3777         make us update the wrong children (and not propagate the style updates properly).
3778
3779         * rendering/RenderObjectChildList.cpp:
3780         (WebCore::findBeforeAfterParent):
3781         Added a check for flex boxes (both deprecated and new).
3782
3783 2012-07-12  Pravin D  <pravind.2k4@gmail.com>
3784
3785         Percentage width replaced element in zero percent/fixed width container block incorrectly rendered.
3786         https://bugs.webkit.org/show_bug.cgi?id=9493
3787
3788         Reviewed by Andy Estes.
3789
3790         When the width of the container is zero percent/fixed value then the width of the replaced element must also be zero.
3791
3792         Test: fast/css/percent-width-img-inside-zero-percent-and-fixed-container.html
3793
3794         * rendering/RenderBox.cpp:
3795         (WebCore::RenderBox::computeReplacedLogicalWidthUsing):
3796           When the containing block's available width is zero there can be two cases.
3797           The containing block is floated/positioned in which case the width of the replaced child element must be its instrinsic width.
3798           On the other hand if the width of the container is specified to be either zero percent or fixed value then the width of the
3799           replaced elment must be zero.
3800
3801 2012-07-11  Ryosuke Niwa  <rniwa@webkit.org>
3802
3803         invalidateNodeListsCacheAfterAttributeChanged should dynamically figure out which attribute needs invalidation
3804         https://bugs.webkit.org/show_bug.cgi?id=91046
3805
3806         Reviewed by Anders Carlsson.
3807
3808         Added an array of counters (m_nodeListCounts) for each set of attributes (NodeListInvalidationType) node lists care about
3809         to Document, and made DynamicSubtreeNodeList's constructor and destructor increment and decrement these counters via
3810         registerDynamicSubtreeNodeList and unregisterDynamicSubtreeNodeList respectively. shouldInvalidateDynamicSubtreeNodeList,
3811         which is called by invalidateNodeListsCacheAfterAttributeChanged, then use these counters to determine whether a given
3812         attribute change should result in node list invalidations.
3813
3814         Also removed m_numNodeListCaches from TreeScope because this counter has now become redundant with m_nodeListCounts.
3815
3816         * dom/ChildNodeList.cpp:
3817         (WebCore::ChildNodeList::ChildNodeList): Do not invalidate on attribute changes.
3818         * dom/ClassNodeList.cpp:
3819         (WebCore::ClassNodeList::ClassNodeList): Invalidate on class attribute changes.
3820         * dom/Document.cpp:
3821         (WebCore::Document::Document): Initialize m_nodeListCounts.
3822         (WebCore::Document::~Document): Add assertions to make sure m_listsInvalidatedAtDocument, m_nodeListCounts, and
3823         m_collections are all empty.
3824         (WebCore::Document::registerDynamicSubtreeNodeList): This function is now called for all DynamicSubtreeNodeLists supposed
3825         to just ones rooted at the document in order to increment the counter for each invalidation type.
3826         (WebCore::Document::unregisterDynamicSubtreeNodeList): Ditto.
3827         (WebCore::shouldInvalidateDynamicSubtreeNodeListForType): Checks the attribute name against NodeListInvalidationType.
3828         (WebCore::Document::shouldInvalidateDynamicSubtreeNodeList): Returns true if the given attribute name matches the invalidation
3829         type of the existing DynamicSubtreeNodeLists in the document. If the attribute name is not given (used when children change),
3830         then it checks for the existence of any DynamicSubtreeNodeLists. Conceptually, this function can be written as a list of
3831         "if" statements that checks values in m_nodeListCounts and the attribute name. We use "for" loop and switch statement instead
3832         to share logic and detect future addition of values to NodeListInvalidationType.
3833         * dom/Document.h:
3834         (Document): Moved RootType and InvalidationType from DynamicNodeListCacheBase and renamed them to NodeListRootType and
3835         NodeListInvalidationType respectively in order to reduce the possibility of future name collisions. Also the invalidation type
3836         now contains 6 values instead of 2.
3837         * dom/DynamicNodeList.cpp:
3838         (WebCore):
3839         * dom/DynamicNodeList.h:
3840         (WebCore::DynamicNodeListCacheBase::DynamicNodeListCacheBase): 
3841         (WebCore::DynamicNodeListCacheBase::shouldInvalidateOnAttributeChange):
3842         (WebCore::DynamicNodeListCacheBase::rootType): Added.
3843         (WebCore::DynamicNodeListCacheBase::invalidationType): Added.
3844         (DynamicNodeListCacheBase): Uses 3 bits to store invalidation type now that the number of values have increased from 2 to 6.
3845         (WebCore::DynamicNodeList::DynamicNodeList):
3846         (WebCore::DynamicSubtreeNodeList::~DynamicSubtreeNodeList): Call unregisterDynamicSubtreeNodeList.
3847         (WebCore::DynamicSubtreeNodeList::DynamicSubtreeNodeList): Call registerDynamicSubtreeNodeList.
3848         * dom/MicroDataItemList.cpp:
3849         (WebCore::MicroDataItemList::MicroDataItemList): Invalidate on itemscope, itemprop, and itemtype content attribute changes.
3850         * dom/NameNodeList.cpp:
3851         (WebCore::NameNodeList::NameNodeList): Invalidate on name attribute changes.
3852         * dom/Node.cpp:
3853         (WebCore::Node::clearRareData):
3854         (WebCore::Node::invalidateNodeListsCacheAfterAttributeChanged): Replaced the hard coded check list of attributes, by a call
3855         to shouldInvalidateDynamicSubtreeNodeList.
3856         (WebCore::Node::invalidateNodeListsCacheAfterChildrenChanged): Calls shouldInvalidateDynamicSubtreeNodeList.
3857         (WebCore::Node::getElementsByTagName):
3858         (WebCore::Node::getElementsByTagNameNS):
3859         (WebCore::Node::getElementsByName):
3860         (WebCore::Node::getElementsByClassName):
3861         (WebCore::Node::radioNodeList):
3862         (WebCore::NodeRareData::createNodeLists):
3863         * dom/NodeRareData.h:
3864         (WebCore::NodeListsNodeData::adoptTreeScope): Unregister and register node lists in m_tagNodeListCacheNS since all node lists
3865         need to be accounted in m_nodeListCounts.
3866         (WebCore::NodeRareData::ensureNodeLists):
3867         (NodeRareData):
3868         * dom/TagNodeList.cpp:
3869         (WebCore::TagNodeList::TagNodeList): Do not invalidate on any attribute changes.
3870         * dom/TreeScope.cpp:
3871         (WebCore::TreeScope::TreeScope): No longer initializes m_numNodeListCaches since it has been removed.
3872         * dom/TreeScope.h:
3873         (TreeScope): Removed m_numNodeListCaches.
3874         * dom/TreeScopeAdopter.cpp:
3875         (WebCore::TreeScopeAdopter::moveTreeToNewScope):
3876         * html/HTMLCollection.h:
3877         (WebCore::HTMLCollectionCacheBase::HTMLCollectionCacheBase): Just pass in DoNotInvalidateOnAttributeChanges for now since
3878         it's never used in HTMLCollections.
3879         * html/LabelableElement.cpp:
3880         (WebCore::LabelableElement::labels):
3881         * html/LabelsNodeList.cpp:
3882         (WebCore::LabelsNodeList::LabelsNodeList): Invalidate on for content attribute changes.
3883         (WebCore::LabelsNodeList::~LabelsNodeList):
3884         * html/RadioNodeList.cpp:
3885         (WebCore::RadioNodeList::RadioNodeList): Invalidate on id, name, and for content attribute changes.
3886         (WebCore::RadioNodeList::~RadioNodeList):
3887
3888 2012-07-12  Gavin Barraclough  <barraclough@apple.com>
3889
3890         Threadsafety issues in WebScriptObject
3891         https://bugs.webkit.org/show_bug.cgi?id=90849
3892
3893         Reviewed by Filip Pizlo & Oliver Hunt.
3894
3895         Updated fix for this bug. Taking the JSC API lock from WebScriptObject::release
3896         may not be safe; better to just guard the JSWrapperCache with its own spinlock.
3897
3898         * bindings/objc/WebScriptObject.mm:
3899         (WebCore::getJSWrapper):
3900             - Added spinlock; also retain/autorelease the returned wrapper - it is unsafe
3901               to wait for the caller to do so, due to a race condition vs release removing
3902               the wrapper from the map.
3903         (WebCore::addJSWrapper):
3904             - Take the spinlock guarding the cache.
3905         (WebCore::removeJSWrapper):
3906             - Take the spinlock guarding the cache.
3907         (WebCore::removeJSWrapperIfRetainCountOne):
3908             - Take the spinlock guarding the cache, remove the wrapper if retainCount is one.
3909         (WebCore::createJSWrapper):
3910             - Remove the API lock; this method no longer needs to retain/autorelease (this is
3911               done by getJSWrapper).
3912         (-[WebScriptObject _setImp:originRootObject:rootObject:]):
3913             - Remove the API lock.
3914         (-[WebScriptObject release]):
3915             - Remove the API lock, retainCount check moved into removeJSWrapperIfRetainCountOne.
3916
3917 2012-07-11  David Hyatt  <hyatt@apple.com>
3918
3919         https://bugs.webkit.org/show_bug.cgi?id=91000
3920         REGRESSION (r122244): Overflow elements don't shrink as much as they should.
3921
3922         Reviewed by Simon Fraser.
3923
3924         This is a fix for a a regression from https://bugs.webkit.org/show_bug.cgi?id=90646.
3925
3926         I incorrectly analyzed the issue with Robert Hogan's negative margin patch and fooled myself into putting back
3927         in an incorrect minimum width check from long ago.
3928         
3929         What should have happened in the test case I patched is that the overflow element should shrink to 0. The issue 
3930         with improving the logical top estimate in the previous patch is it made the clear delta become 0. This in turn
3931         exposed a bug in our clearing algorithm with Robert's changes where you could need a relayout even if you didn't
3932         actually move. This issue only occurs because the floats list is getting changed mid-layout because of negative margins.
3933
3934         The patch changes getClearDelta to call setChildNeedsLayout(true) on children whose widths change even when their
3935         positions do not. In effect this dynamic addition of new floats after you have done a layout on the child already means
3936         that you can need to lay out again despite not actually having to move.
3937         
3938         To handle this, the code that does the relayout is now called if the child needs a relayout. This is done even if
3939         the logical top estimate matches the final position.
3940         
3941         No new tests required, since the test in fast/block/float is now correctly covering the issue.
3942
3943         * rendering/RenderBlock.cpp:
3944         (WebCore::RenderBlock::layoutBlockChild):
3945         (WebCore::RenderBlock::getClearDelta):
3946         * rendering/RenderBox.cpp:
3947         (WebCore::RenderBox::shrinkLogicalWidthToAvoidFloats):
3948
3949 2012-07-12  James Weatherall  <wez@chromium.org>
3950
3951         storage tests are flaky (crashing) on windows
3952         https://bugs.webkit.org/show_bug.cgi?id=90469
3953
3954         Reviewed by Kentaro Hara.
3955
3956         Add a missing check that the underlying V8 object reference in a V8 NPObject is valid, and zero the NPObject's rootObject member when disposing it, to ensure that it won't be mistakenly touched after that point.
3957
3958         This patch is intended to resolve flakiness in the storage tests including:
3959           storage/indexeddb/mozilla/indexes.html
3960           storage/indexeddb/mozilla/key-requirements-inline-and-passed.html
3961           storage/websql/multiple-databases-garbage-collection.html
3962
3963   &