https://bugs.webkit.org/show_bug.cgi?id=67898
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2011-09-12  Beth Dakin  <bdakin@apple.com>
2
3         https://bugs.webkit.org/show_bug.cgi?id=67898
4         REGRESSION(r94900): fast/images/support-broken-image-delegate.html fails on Mac
5
6         Reviewed by Simon Fraser.
7
8         New function willPaintBrokenImage() returns true when there has been an error 
9         loading the image and the broken image icon will be used in its place. This is 
10         necessary since it is possible to have an error loading an image and to NOT use 
11         the broken image icon. 
12         * loader/cache/CachedImage.cpp:
13         (WebCore::CachedImage::willPaintBrokenImage):
14         * loader/cache/CachedImage.h:
15         * rendering/RenderImage.cpp:
16         (WebCore::RenderImage::imageSizeForError):
17
18 2011-09-12  James Robinson  <jamesr@chromium.org>
19
20         [chromium] Move contents texture manager from LayerRendererChromium to CCLayerTreeHost
21         https://bugs.webkit.org/show_bug.cgi?id=67440
22
23         Reviewed by Kenneth Russell.
24
25         This moves the contents TextureManager over to the CCLayerTreeHost, where it belongs, and adds in a commit path
26         to make sure that textures are deleted even if the page is not visible.  This move also removed the need for
27         LayerRendererChromium's CCLayerTreeHost pointer, so I removed that as well.  That meant moving the
28         layerTreeAsText() logic over to the CCLayerImpl side, which is where it really belonged anyway.
29
30         Covered by existing compositing/ tests and
31         platform/chromium/compositor/lost-compositor-context-with-rendersurface.html
32
33         * platform/graphics/chromium/LayerRendererChromium.cpp:
34         (WebCore::LayerRendererChromium::releaseRenderSurfaceTextures):
35         (WebCore::LayerRendererChromium::drawLayers):
36         (WebCore::LayerRendererChromium::initializeSharedObjects):
37         (WebCore::LayerRendererChromium::cleanupSharedObjects):
38         * platform/graphics/chromium/LayerRendererChromium.h:
39         (WebCore::LayerRendererChromium::setContentsTextureMemoryUseBytes):
40         * platform/graphics/chromium/TextureManager.cpp:
41         (WebCore::TextureManager::highLimitBytes):
42         (WebCore::TextureManager::reclaimLimitBytes):
43         (WebCore::TextureManager::lowLimitBytes):
44         * platform/graphics/chromium/TextureManager.h:
45         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
46         (WebCore::CCLayerTreeHost::initialize):
47         (WebCore::CCLayerTreeHost::~CCLayerTreeHost):
48         (WebCore::CCLayerTreeHost::deleteContentsTextures):
49         (WebCore::CCLayerTreeHost::commitTo):
50         (WebCore::CCLayerTreeHost::setVisible):
51         (WebCore::CCLayerTreeHost::contentsTextureManager):
52         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
53         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
54         (WebCore::CCLayerTreeHostImpl::setVisible):
55         * platform/graphics/chromium/cc/CCProxy.h:
56         * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
57         (WebCore::CCSingleThreadProxy::setNeedsCommit):
58         (WebCore::CCSingleThreadProxy::stop):
59         * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
60         * platform/graphics/chromium/cc/CCThreadProxy.cpp:
61         (WebCore::CCThreadProxy::setNeedsCommit):
62         (WebCore::CCThreadProxy::setNeedsCommitOnCCThread):
63         (WebCore::CCThreadProxy::layerTreeHostClosedOnCCThread):
64         * platform/graphics/chromium/cc/CCThreadProxy.h:
65
66 2011-09-12  Chris Rogers  <crogers@google.com>
67
68         DelayNode delay buffer is not correctly wrapping around
69         https://bugs.webkit.org/show_bug.cgi?id=67872
70
71         Reviewed by Kenneth Russell.
72
73         Test: webaudio/delaynode.html
74
75         * webaudio/DelayDSPKernel.cpp:
76         (WebCore::DelayDSPKernel::process):
77
78 2011-09-12  Arko Saha  <arko@motorola.com>
79
80         Selectstart is not fired when selection was created by arrow keys.
81         https://bugs.webkit.org/show_bug.cgi?id=60430
82
83         Reviewed by Ryosuke Niwa.
84
85         Fire selectstart when a user starts extending the selection using arrow key.
86         Fixed by Arko Saha  <arko@motorola.com> and Kaustubh Atrawalkar  <kaustubh@motorola.com>
87
88         Tests: fast/events/selectstart-by-arrow-keys-prevent-default.html
89                fast/events/selectstart-by-arrow-keys.html
90
91         * editing/FrameSelection.cpp:
92         (WebCore::FrameSelection::modify):
93         (WebCore::FrameSelection::shouldChangeSelection):
94         (WebCore::FrameSelection::dispatchSelectStart):
95         * editing/FrameSelection.h:
96
97 2011-09-12  James Robinson  <jamesr@chromium.org>
98
99         [chromium] REGRESSION(94353): Compositor textures and resources leaked when tab closed that is not last tab in the process
100         https://bugs.webkit.org/show_bug.cgi?id=67816
101
102         Reviewed by Kenneth Russell.
103
104         We lack infrastructure to construct an automated test for this today. To test manually, open up a composited
105         page (like the poster circle), duplicate the tab many times, close all the duplicates, and verify that the
106         memory use returns to the single tab level.
107
108         * platform/graphics/chromium/LayerChromium.h:
109         * platform/graphics/chromium/TiledLayerChromium.cpp:
110         (WebCore::TiledLayerChromium::setLayerTreeHost):
111         * platform/graphics/chromium/VideoLayerChromium.cpp:
112         (WebCore::VideoLayerChromium::setLayerTreeHost):
113         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
114         (WebCore::CCLayerTreeHost::clearRenderSurfacesRecursive):
115         (WebCore::CCLayerTreeHost::setRootLayer):
116         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
117
118 2011-09-12  Kentaro Hara  <haraken@google.com>
119
120         Implement a HashChangeEvent constructor for JSC
121         https://bugs.webkit.org/show_bug.cgi?id=67924
122
123         Reviewed by Sam Weinig.
124
125         The spec for the HashChangeEvent constructor is here:
126         http://www.whatwg.org/specs/web-apps/current-work/#hashchangeevent
127
128         Test: fast/events/constructors/hash-change-event-constructor.html
129
130         * bindings/generic/EventConstructors.h: Added a definition for the HashChangeEvent constructor.
131         * bindings/js/JSEventConstructors.cpp: Added #includes for HashChangeEvent.
132         * dom/HashChangeEvent.h: Added a definition for HashChangeEventInit.
133         (WebCore::HashChangeEventInit::HashChangeEventInit):
134         (WebCore::HashChangeEvent::create):
135         (WebCore::HashChangeEvent::HashChangeEvent):
136         * dom/HashChangeEvent.idl: Makes HashChangeEvent constructible.
137
138 2011-09-12  Mike Reed  <reed@google.com>
139
140         [skia] remove dead code, no functionality change
141         https://bugs.webkit.org/show_bug.cgi?id=67844
142
143         Reviewed by Kenneth Russell.
144
145         No new tests. just removing dead-code, existing tests apply
146
147         * platform/graphics/chromium/FontChromiumWin.cpp:
148         (WebCore::Font::drawGlyphs):
149
150 2011-09-12  Pavel Feldman  <pfeldman@google.com>
151
152         Web Inspector: Runtime.callFunctionOn does not accept arguments that evaluate to false.
153         https://bugs.webkit.org/show_bug.cgi?id=67934
154
155         Reviewed by Tony Gentilcore.
156
157         * inspector/InjectedScriptSource.js:
158
159 2011-09-12  Pavel Feldman  <pfeldman@google.com>
160
161         Web Inspector: event dividers do not update timeline boundaries.
162         https://bugs.webkit.org/show_bug.cgi?id=67932
163
164         * inspector/front-end/NetworkPanel.js:
165         (WebInspector.NetworkLogView.prototype._onLoadEventFired):
166         (WebInspector.NetworkLogView.prototype._domContentLoadedEventFired):
167         (WebInspector.NetworkLogView.prototype.refresh):
168         (WebInspector.NetworkTimeCalculator.prototype.updateBoundariesForEventTime):
169
170 2011-09-12  Kentaro Hara  <haraken@google.com>
171
172         Implement a WebKitAnimationEvent constructor for V8
173         https://bugs.webkit.org/show_bug.cgi?id=67922
174
175         Reviewed by Adam Barth.
176
177         Test: fast/events/constructors/webkit-animation-event-constructor.html
178
179         * bindings/v8/custom/V8EventConstructors.cpp: Added the WebKitAnimationEvent constructor.
180         * dom/WebKitAnimationEvent.idl: Added a 'V8CustomConstructor' attribute.
181
182 2011-09-12  Andreas Kling  <kling@webkit.org>
183
184         Shrink CanvasGradient for builds without ENABLE(DASHBOARD_SUPPORT).
185         https://bugs.webkit.org/show_bug.cgi?id=67916
186
187         Reviewed by Kenneth Rohde Christiansen.
188
189         * html/canvas/CanvasGradient.cpp:
190         (WebCore::CanvasGradient::CanvasGradient):
191         (WebCore::CanvasGradient::addColorStop):
192         * html/canvas/CanvasGradient.h:
193
194 2011-09-12  Shinya Kawanaka  <shinyak@google.com>
195
196         Characters beyond U+10000 should be deleted by one pressing delete key.
197         https://bugs.webkit.org/show_bug.cgi?id=40351
198
199         Reviewed by Kent Tamura.
200
201         If a character is the trail part of unicode surrogate pair, the lead part of it
202         should also be deleted. Also, If in MacOSX, the deletion should honor Mac's behavior.
203
204         Test: editing/deleting/delete-surrogatepair.html
205
206         * rendering/RenderText.cpp:
207         (WebCore::RenderText::previousOffsetForBackwardDeletion):
208           Added if-macro to support chromium on mac, and added trail part check for unicode character.
209
210 2011-09-11  Kentaro Hara  <haraken@google.com>
211
212         Implement a ProgressEvent constructor for V8
213         https://bugs.webkit.org/show_bug.cgi?id=67800
214
215         Reviewed by Sam Weinig.
216
217         Test: fast/events/constructors/progress-event-constructor.html
218
219         * bindings/js/JSDictionary.cpp:
220         (WebCore::JSDictionary::convertValue): Replaced UnsignedLongLongMax with std::numeric_limits<unsigned long long>::max().
221         * bindings/v8/OptionsObject.cpp:
222         (WebCore::OptionsObject::getKeyValue): Returns an unsigned long long value corresponding to a given key. Spec: http://www.w3.org/TR/WebIDL/#es-unsigned-long-long
223         * bindings/v8/OptionsObject.h:
224         * bindings/v8/custom/V8EventConstructors.cpp: Added the ProgressEvent constructor.
225         * dom/ProgressEvent.idl: Added a 'V8CustomConstructor' attribute.
226
227 2011-09-11  Dimitri Glazkov  <dglazkov@chromium.org>
228
229         REGRESSION (r87351): toggling display of lots (thousands) of elements with display:none is very slow
230         https://bugs.webkit.org/show_bug.cgi?id=67581
231
232         Reviewed by Darin Adler.
233
234         Test: perf/show-hide-table-rows.html
235
236         * dom/NodeRenderingContext.cpp:
237         (WebCore::NodeRendererFactory::createRendererAndStyle): Moved style-creating code into createRendererIfNeeded, renamed
238             to createRenderer.
239         (WebCore::NodeRendererFactory::createRendererIfNeeded): Re-arrange code to avoid unnecessary creation of renderers.
240
241 2011-09-11  Jeremy Moskovich  <jeremy@chromium.org>
242
243         [Chromium] Change OOP Font loading code to use CGFont*() APIs.
244         https://bugs.webkit.org/show_bug.cgi?id=66935
245
246         This change is necessary due a bug in ATSFontDeactivate() on 10.7.
247         See crbug.com/93191 for details.
248
249         Reviewed by Eric Seidel.
250
251         No new tests - covered by existing tests.
252
253         * platform/chromium/PlatformBridge.h:
254         * platform/graphics/chromium/CrossProcessFontLoading.h:
255         * platform/graphics/chromium/CrossProcessFontLoading.mm:
256         (WebCore::MemoryActivatedFont::create):
257         (WebCore::MemoryActivatedFont::MemoryActivatedFont):
258         (WebCore::MemoryActivatedFont::~MemoryActivatedFont):
259
260 2011-09-09  Oliver Hunt  <oliver@apple.com>
261
262         Remove support for anonymous storage from jsobjects
263         https://bugs.webkit.org/show_bug.cgi?id=67881
264
265         Reviewed by Sam Weinig.
266
267         Remove all use of anonymous slots, this required modifying
268         bindings generation to add member variables for cached attributes,
269         and override visitChildren with the necessary logic to mark those
270         new members.
271
272         I added bindings generation tests for these values.
273
274         * bindings/js/JSAudioConstructor.h:
275         (WebCore::JSAudioConstructor::createStructure):
276         * bindings/js/JSDOMBinding.h:
277         (WebCore::DOMConstructorObject::createStructure):
278         * bindings/js/JSDOMGlobalObject.h:
279         (WebCore::JSDOMGlobalObject::createStructure):
280         * bindings/js/JSDOMWindowBase.h:
281         (WebCore::JSDOMWindowBase::createStructure):
282         * bindings/js/JSDOMWindowShell.h:
283         (WebCore::JSDOMWindowShell::createStructure):
284         * bindings/js/JSDOMWrapper.h:
285         (WebCore::JSDOMWrapper::createStructure):
286         * bindings/js/JSImageConstructor.h:
287         (WebCore::JSImageConstructor::createStructure):
288         * bindings/js/JSMessageEventCustom.cpp:
289         (WebCore::JSMessageEvent::data):
290         (WebCore::JSMessageEvent::initMessageEvent):
291         * bindings/js/JSOptionConstructor.h:
292         (WebCore::JSOptionConstructor::createStructure):
293         * bindings/js/JSWorkerContextBase.h:
294         (WebCore::JSWorkerContextBase::createStructure):
295         * bindings/scripts/CodeGeneratorJS.pm:
296         (GenerateHeader):
297         (GenerateImplementation):
298         (GenerateConstructorDeclaration):
299         * bindings/scripts/test/JS/JSTestInterface.cpp:
300         (WebCore::JSTestInterfaceConstructor::createStructure):
301         * bindings/scripts/test/JS/JSTestInterface.h:
302         (WebCore::JSTestInterface::createStructure):
303         (WebCore::JSTestInterfacePrototype::createStructure):
304         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
305         (WebCore::JSTestMediaQueryListListenerConstructor::createStructure):
306         * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
307         (WebCore::JSTestMediaQueryListListener::createStructure):
308         (WebCore::JSTestMediaQueryListListenerPrototype::createStructure):
309         * bindings/scripts/test/JS/JSTestObj.cpp:
310         (WebCore::JSTestObjConstructor::createStructure):
311         (WebCore::jsTestObjCachedAttribute1):
312         (WebCore::jsTestObjCachedAttribute2):
313         (WebCore::JSTestObj::visitChildren):
314         * bindings/scripts/test/JS/JSTestObj.h:
315         (WebCore::JSTestObj::createStructure):
316         (WebCore::JSTestObjPrototype::createStructure):
317         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
318         (WebCore::JSTestSerializedScriptValueInterfaceConstructor::createStructure):
319         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
320         (WebCore::JSTestSerializedScriptValueInterface::createStructure):
321         (WebCore::JSTestSerializedScriptValueInterfacePrototype::createStructure):
322         * bindings/scripts/test/TestObj.idl:
323         * bindings/scripts/test/V8/V8TestObj.cpp:
324         (WebCore::TestObjInternal::cachedAttribute1AttrGetter):
325         (WebCore::TestObjInternal::cachedAttribute2AttrGetter):
326         * bridge/c/CRuntimeObject.h:
327         (JSC::Bindings::CRuntimeObject::createStructure):
328         * bridge/c/c_instance.cpp:
329         (JSC::Bindings::CRuntimeMethod::createStructure):
330         * bridge/jni/jsc/JavaInstanceJSC.cpp:
331         (JavaRuntimeMethod::createStructure):
332         * bridge/jni/jsc/JavaRuntimeObject.h:
333         (JSC::Bindings::JavaRuntimeObject::createStructure):
334         * bridge/objc/ObjCRuntimeObject.h:
335         (JSC::Bindings::ObjCRuntimeObject::createStructure):
336         * bridge/objc/objc_instance.mm:
337         (ObjCRuntimeMethod::createStructure):
338         * bridge/objc/objc_runtime.h:
339         (JSC::Bindings::ObjcFallbackObjectImp::createStructure):
340         * bridge/runtime_array.h:
341         (JSC::RuntimeArray::createStructure):
342         * bridge/runtime_method.h:
343         (JSC::RuntimeMethod::createStructure):
344         * bridge/runtime_object.h:
345         (JSC::Bindings::RuntimeObject::createStructure):
346
347 2011-09-01  Filip Pizlo  <fpizlo@apple.com>
348
349         The executable allocator makes it difficult to free individual
350         chunks of executable memory
351         https://bugs.webkit.org/show_bug.cgi?id=66363
352
353         Reviewed by Oliver Hunt.
354         
355         Introduced a best-fit, balanced-tree based allocator. The allocator
356         required a balanced tree that does not allocate memory and that
357         permits the removal of individual nodes directly (as opposed to by
358         key); neither AVLTree nor WebCore's PODRedBlackTree supported this.
359         Changed all references to executable code to use a reference counted
360         handle.
361
362         No new layout tests because behavior is not changed.  New API unit
363         tests:
364         Tests/WTF/RedBlackTree.cpp
365         Tests/WTF/MetaAllocator.cpp
366
367         * ForwardingHeaders/wtf/MetaAllocatorHandle.h: Added.
368
369 2011-09-10  Sam Weinig  <sam@webkit.org>
370
371         Add isInterruptedExecutionException and isTerminatedExecutionException predicates
372         https://bugs.webkit.org/show_bug.cgi?id=67892
373
374         Reviewed by Andy "First Time Reviewer" Estes.
375
376         * bindings/js/JSDOMBinding.cpp:
377         (WebCore::reportException):
378         * bindings/js/JSEventListener.cpp:
379         (WebCore::JSEventListener::handleEvent):
380         * bindings/js/WorkerScriptController.cpp:
381         (WebCore::WorkerScriptController::evaluate):
382         Use the new predicates instead of probing the ClassInfo directly.
383
384 2011-09-10  Kevin Ollivier  <kevino@theolliviers.com>
385
386         [wx] Unreviewed build fix. MSW build fixes.
387
388         * config.h:
389
390 2011-09-09  David Hyatt  <hyatt@apple.com>
391
392         https://bugs.webkit.org/show_bug.cgi?id=67861
393         
394         Implement border-image-outset (and the mask equivalents).
395
396         Reviewed by Beth Dakin.
397
398         Added new tests in fast/borders and fast/reflections.
399
400         * css/CSSBorderImageValue.cpp:
401         (WebCore::CSSBorderImageValue::CSSBorderImageValue):
402         (WebCore::CSSBorderImageValue::cssText):
403         * css/CSSBorderImageValue.h:
404         (WebCore::CSSBorderImageValue::create):
405         Add m_outset field to CSSBorderImageValue and teach it how to dump the field as
406         part of cssText().
407
408         * css/CSSComputedStyleDeclaration.cpp:
409         (WebCore::valueForNinePieceImageQuad):
410         (WebCore::valueForNinePieceImage):
411         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
412         Add support for border-image-outset and -webkit-mask-box-image-outset. Refactor
413         the code so that border-image-width and border-image-outset use a common
414         function.
415
416         * css/CSSParser.cpp:
417         (WebCore::CSSParser::parseValue):
418         (WebCore::BorderImageParseContext::BorderImageParseContext):
419         (WebCore::BorderImageParseContext::allowOutset):
420         (WebCore::BorderImageParseContext::commitSlash):
421         (WebCore::BorderImageParseContext::commitBorderWidth):
422         (WebCore::BorderImageParseContext::commitBorderOutset):
423         (WebCore::BorderImageParseContext::commitRepeat):
424         (WebCore::BorderImageParseContext::commitBorderImage):
425         (WebCore::CSSParser::parseBorderImage):
426         Teach the border image parsing code about outsets. This code will soon be
427         replaced by true shorthand parsing code, but for now keep it working and add
428         outset support to it.
429
430         (WebCore::BorderImageQuadParseContext::BorderImageQuadParseContext):
431         (WebCore::BorderImageQuadParseContext::commitBorderImageQuad):
432         (WebCore::CSSParser::parseBorderImageQuad):
433         (WebCore::CSSParser::parseBorderImageWidth):
434         (WebCore::CSSParser::parseBorderImageOutset):
435         * css/CSSParser.h:
436         Refactor the border-image-width code so that it can be shared by border-image-outset, since
437         they are extremely similar.
438
439         * css/CSSPropertyNames.in:
440         Add the new properties.
441
442         * css/CSSStyleSelector.cpp:
443         (WebCore::CSSStyleSelector::applyProperty):
444         (WebCore::CSSStyleSelector::mapNinePieceImage):
445         (WebCore::CSSStyleSelector::mapNinePieceImageQuad):
446         (WebCore::CSSStyleSelector::loadPendingImages):
447         * css/CSSStyleSelector.h:
448         Refactor the code so that width/outset share common mapping functions. Add support for outset.
449
450         * rendering/InlineFlowBox.cpp:
451         (WebCore::InlineFlowBox::addToLine):
452         (WebCore::InlineFlowBox::addBoxShadowVisualOverflow):
453         (WebCore::InlineFlowBox::addBorderOutsetVisualOverflow):
454         (WebCore::InlineFlowBox::computeOverflow):
455         Add new functions for computing the visual overflow caused by border outsets. Fix bugs in
456         the shadow overflow code as well.
457
458         (WebCore::clipRectForNinePieceImageStrip):
459         (WebCore::InlineFlowBox::paintBoxDecorations):
460         (WebCore::InlineFlowBox::paintMask):
461         * rendering/InlineFlowBox.h:
462         Make sure the clip rect pushed when painting one piece of a split inline strip is expanded to
463         include the border and mask outsets. Always include the block direction expansion, and conditionally
464         include the inline direction expansion based off includeLogicalLeftEdge()/includeLogicalRightEdge().
465         clipRectForNinePieceImageStrip is a common function shared by masks and border images that does this
466         work.
467
468         * rendering/RenderBlock.cpp:
469         (WebCore::RenderBlock::computeOverflow):
470         * rendering/RenderBox.cpp:
471         (WebCore::RenderBox::maskClipRect):
472         (WebCore::RenderBox::addBoxShadowAndBorderOverflow):
473         * rendering/RenderBox.h:
474         Rename addShadowOverflow to addBoxShadowAndBorderOverflow. Have it compute both shadow and border image
475         outset overflow. Fix bugs with shadow overflow computation.
476
477         * rendering/RenderBoxModelObject.cpp:
478         (WebCore::RenderBoxModelObject::paintNinePieceImage):
479         Change painting to apply the outsets to inflate the border image drawing area.
480
481         * rendering/RenderEmbeddedObject.cpp:
482         (WebCore::RenderEmbeddedObject::layout):
483         * rendering/RenderIFrame.cpp:
484         (WebCore::RenderIFrame::layout):
485         Patched to call the renamed addBoxShadowAndBorderOverflow function instead of addShadowOverflow.
486
487         * rendering/RenderLayer.cpp:
488         (WebCore::RenderLayer::calculateRects):
489         Patched to no longer apply box-shadow to overflow clip areas when inflating the intersection area for the
490         layer bounds. Instead we generically apply all visual overflow so that border image outsets will also be
491         included. This fixes https://bugs.webkit.org/show_bug.cgi?id=37467.
492
493         * rendering/RenderReplaced.cpp:
494         (WebCore::RenderReplaced::layout):
495         Patched to call the renamed addBoxShadowAndBorderOverflow function instead of addShadowOverflow.
496
497         * rendering/style/NinePieceImage.cpp:
498         (WebCore::NinePieceImage::operator==):
499         * rendering/style/NinePieceImage.h:
500         (WebCore::NinePieceImage::NinePieceImage):
501         (WebCore::NinePieceImage::outset):
502         (WebCore::NinePieceImage::setOutset):
503         (WebCore::NinePieceImage::computeOutset):
504         (WebCore::NinePieceImage::copyOutsetFrom):
505         Add the outset field to NinePieceImage along with some helpers for manipulating outsets.
506
507         * rendering/style/RenderStyle.cpp:
508         (WebCore::RenderStyle::getImageOutsets):
509         (WebCore::RenderStyle::getImageHorizontalOutsets):
510         (WebCore::RenderStyle::getImageVerticalOutsets):
511         * rendering/style/RenderStyle.h:
512         (WebCore::InheritedFlags::hasBorderImageOutsets):
513         (WebCore::InheritedFlags::getBorderImageOutsets):
514         (WebCore::InheritedFlags::getBorderImageHorizontalOutsets):
515         (WebCore::InheritedFlags::getBorderImageVerticalOutsets):
516         (WebCore::InheritedFlags::getBorderImageInlineDirectionOutsets):
517         (WebCore::InheritedFlags::getBorderImageBlockDirectionOutsets):
518         (WebCore::InheritedFlags::getImageInlineDirectionOutsets):
519         (WebCore::InheritedFlags::getImageBlockDirectionOutsets):
520         Helpers for outset computation used by painting and overflow functions.
521
522 2011-09-10  Dan Bernstein  <mitz@apple.com>
523
524         Actually prevent unnecessary casts to MediaControls*.
525
526         Reviewed by Oliver Hunt.
527
528         * html/shadow/MediaControls.h:
529
530 2011-09-10  Ryosuke Niwa  <rniwa@webkit.org>
531
532         Remove printf added by r94900.
533
534         * rendering/RenderLayer.cpp:
535         (WebCore::RenderLayer::drawPlatformResizerImage):
536
537 2011-09-09  Chris Marrin  <cmarrin@apple.com>
538
539         requestAnimationFrame doesn't throttle on Mac
540         https://bugs.webkit.org/show_bug.cgi?id=67171
541
542         Reviewed by Simon Fraser.
543
544         Changed requestAnimationFrame to use a Timer in ScriptedAnimationController
545         on Mac, rather than runLoopObservers. The Timer is throttled to fire no
546         faster than every 15ms. It is behind a WTF_USE_REQUEST_ANIMATION_FRAME_TIMER
547         flag and can be used by any implementation, but currently it is only enabled
548         by PLATFORM(MAC).
549
550         * dom/ScriptedAnimationController.cpp:
551         (WebCore::ScriptedAnimationController::ScriptedAnimationController):
552         (WebCore::ScriptedAnimationController::resume):
553         (WebCore::ScriptedAnimationController::registerCallback):
554         (WebCore::ScriptedAnimationController::serviceScriptedAnimations):
555         (WebCore::ScriptedAnimationController::scheduleAnimation):
556         (WebCore::ScriptedAnimationController::animationTimerFired):
557         * dom/ScriptedAnimationController.h:
558         * loader/EmptyClients.h:
559         * page/Chrome.cpp:
560         (WebCore::Chrome::scheduleAnimation):
561         * page/ChromeClient.h:
562
563 2011-09-10  Jarred Nicholls  <jarred@sencha.com>
564
565         [Qt] QWebSettings::setUserStyleSheetUrl() does not work with windows paths that contain drive letters
566         https://bugs.webkit.org/show_bug.cgi?id=34884
567         
568         KURL::path() alone does not handle removing the leading slash from a windows file path.
569         Using QUrl::toLocalFile() will turn file:///C:/path into C:/path appropriately.
570
571         Reviewed by Andreas Kling.
572
573         * platform/qt/KURLQt.cpp:
574         (WebCore::KURL::fileSystemPath):
575
576 2011-09-10  Ken Buchanan <kenrb@chromium.org>
577
578         Crash due to bad data in SVGDocumentExtensions m_pendingResources
579         https://bugs.webkit.org/show_bug.cgi?id=67488
580
581         Reviewed by Nikolas Zimmermann.
582
583         Resolving a crash condition caused by the deletion of
584         elements while pending resource entries for those elements are still
585         recorded.
586
587         * rendering/svg/RenderSVGResourceContainer.cpp:
588         (WebCore::RenderSVGResourceContainer::registerResource)
589         * svg/SVGDocumentExtensions.h:
590         (WebCore::SVGDocumentExtensions::isElementInPendingResources)
591         * svg/SVGDocumentExtensions.cpp:
592         (WebCore::SVGDocumentExtensions::addPendingResource)
593         (WebCore::SVGDocumentExtensions::isElementInPendingResources)
594         (WebCore::SVGDocumentExtensions::removeElementFromPendingResources)
595         * svg/SVGStyledElement.h:
596         (WebCore::SVGStyledElement::clearHasPendingResourcesIfPossible)
597         * svg/SVGStyledElement.cpp:
598         (WebCore::SVGStyledElement::buildPendingResourcesIfNeeded)
599         (WebCore::SVGStyledElement::clearHasPendingResourcesIfPossible)
600         * svg/SVGUseElement.cpp:
601         (WebCore::SVGUseElement::svgAttributeChanged)
602
603 2011-09-10  Adam Barth  <abarth@webkit.org>
604
605         Remove DocumentWriter::deprecatedFrameEncoding()
606         https://bugs.webkit.org/show_bug.cgi?id=67882
607
608         Reviewed by Eric Seidel.
609
610         Three years ago, in http://trac.webkit.org/changeset/39026, Alexey
611         Proskuryakov added ContentDispositionEncodingFallbackArray to work
612         around a web site compatibility issue with a non-ASCII file name
613         becoming garbled when received in the Content-Disposition header.
614
615         Since that time, there has been copious discussion of this topic among
616         browser vendors, in the IETF, and in the broader web community.  For
617         example, here is a Stack Overflow thread about this topic:
618
619         http://stackoverflow.com/questions/93551/how-to-encode-the-filename-parameter-of-content-disposition-header-in-http
620
621         Eric Lawrence has written a blog post that summarizes IE's perspective
622         on this issue:
623
624         http://blogs.msdn.com/b/ieinternals/archive/2010/06/07/content-disposition-attachment-and-international-unicode-characters.aspx
625
626         The current consensus is that browsers should implement RFC 6266,
627         which is a new RFC that updates the definition of the
628         Content-Disposition header.  Chrome and Firefox have both implemented
629         RFC 6266 and have encountered only one issue, which was then fixed by
630         the web site operator.  IE has also implemented RFC 6266, but I don't
631         have detailed information about their compatibility experience.
632
633         This patch add explicit PLATFORM #ifdefs around the quirky
634         implementation previously used in Apple's Mac and Windows ports.  This
635         code is already only used on Apple's ports, so this patch introduces no
636         functional changes.  It does, however, discourage other ports from
637         adopting this quirk.  IMHO, Apple should remove this quirk as soon as
638         compatibility allows and converge behavior with the other major browser
639         vendors.
640
641         See bug for manual test (the bug manifests in Safari download UI).
642
643         * loader/DocumentWriter.cpp:
644         * loader/DocumentWriter.h:
645         * loader/FrameLoader.cpp:
646         (WebCore::FrameLoader::addExtraFieldsToRequest):
647         * platform/network/ResourceRequestBase.cpp:
648         (WebCore::ResourceRequestBase::adopt):
649         (WebCore::ResourceRequestBase::copyData):
650         * platform/network/ResourceRequestBase.h:
651
652 2011-09-09  Beth Dakin  <bdakin@apple.com>
653
654         Attempted Leopard build fix.
655
656         * rendering/RenderImage.cpp:
657         (WebCore::RenderImage::paintReplaced):
658         * rendering/RenderLayer.cpp:
659         (WebCore::RenderLayer::drawPlatformResizerImage):
660
661 2011-09-09  Beth Dakin  <bdakin@apple.com>
662
663         Fix for https://bugs.webkit.org/show_bug.cgi?id=67819
664         Use high resolution platform images when the deviceScaleFactor > 1
665         -and corresponding-
666         <rdar://problem/10003098>
667
668         Reviewed by Darin Adler.
669
670         Add all of the new high resolution images. I also removed some tiffs from the 
671         project and replaced them with png equivalents (that are already checked into 
672         WebCore anyway). Since the high resolution images are pngs, it makes sense to use 
673         pngs for all of the images that load through Image::loadPlatformResource()
674         * WebCore.xcodeproj/project.pbxproj:
675         * platform/graphics/mac/ImageMac.mm:
676         (WebCore::Image::loadPlatformResource):
677
678         Load the @2x resource for deviceScaleFactors >= 2.
679         * editing/DeleteButtonController.cpp:
680         (WebCore::DeleteButtonController::createDeletionUI):
681
682         CachedImage::brokenImage() is no longer a static helper function, but a real 
683         member function. It also now loads the @2x resource for deviceScaleFactors >= 2 
684         and takes a parameter for the deviceScaleFactor. When CachedImage::image() returns 
685         the brokenImage(), it just returns the 1x version. brokenImage() has to be called 
686         directly to reliably return the deviceScaleFactor-appropriate resource.
687         * loader/cache/CachedImage.cpp:
688         (WebCore::CachedImage::brokenImage):
689         (WebCore::CachedImage::image):
690         * loader/cache/CachedImage.h:
691         * rendering/RenderLayer.cpp:
692         (WebCore::RenderLayer::drawPlatformResizerImage):
693         (WebCore::RenderLayer::paintResizer):
694         * rendering/RenderLayer.h:
695
696         New static function to retrieve the deviceScaleFactor for callers that do not have 
697         direct access to a Page.
698         * page/Page.cpp:
699         (WebCore::Page::deviceScaleFactor):
700         * page/Page.h:
701
702         Call CachedImage::brokenImage() for the broken-image image at an accurate 
703         resolution.
704         * rendering/RenderImage.cpp:
705         (WebCore::RenderImage::imageSizeForError):
706         (WebCore::RenderImage::paintReplaced):
707
708 2011-09-09  Erik Arvidsson  <arv@chromium.org>
709
710         Move Element.contains to Node
711         https://bugs.webkit.org/show_bug.cgi?id=67651
712
713         Reviewed by Darin Adler.
714
715         This moves the contains method from Element to Node as in the DOM4 working draft: 
716         http://dvcs.w3.org/hg/domcore/raw-file/tip/Overview.html#dom-node-contains
717
718         This also special cases Document contains to make it O(1) instead of O(depth).
719
720         Tests: fast/dom/Node/contains-method.html
721                perf/document-contains.html
722
723         * bindings/objc/PublicDOMInterfaces.h: Move contains from DOMElement to DOMNode.
724         * dom/Element.idl:
725         * dom/Node.cpp:
726         (WebCore::Node::contains): Added document special case.
727         * dom/Node.idl:
728         * editing/DeleteSelectionCommand.cpp:
729         (WebCore::DeleteSelectionCommand::mergeParagraphs): Added a null check.
730
731 2011-09-09  Tim Horton  <timothy_horton@apple.com>
732
733         Text rendered with a simple (i.e. 0px blur) shadow inside a transparency layer has a double shadow
734         https://bugs.webkit.org/show_bug.cgi?id=67543
735         <rdar://problem/10070536>
736
737         Reviewed by Darin Adler.
738
739         Generalize (begin|end)TransparencyLayer, which now forward
740         through to (begin|end)PlatformTransparencyLayer, so that
741         isInTransparencyLayer can exist on every platform.
742
743         Make use of isInTransparencyLayer in FontMac to disable
744         "simple" shadow drawing when the text is being rendered
745         into a transparency layer.
746
747         Test: svg/custom/simple-text-double-shadow.svg
748
749         * platform/graphics/GraphicsContext.cpp:
750         (WebCore::GraphicsContext::GraphicsContext):
751         (WebCore::GraphicsContext::~GraphicsContext):
752         (WebCore::GraphicsContext::beginTransparencyLayer):
753         (WebCore::GraphicsContext::endTransparencyLayer):
754         (WebCore::GraphicsContext::isInTransparencyLayer):
755         * platform/graphics/GraphicsContext.h:
756         * platform/graphics/cairo/GraphicsContextCairo.cpp:
757         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
758         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
759         (WebCore::GraphicsContext::supportsTransparencyLayers):
760         * platform/graphics/cairo/GraphicsContextPlatformPrivateCairo.h:
761         * platform/graphics/cg/GraphicsContextCG.cpp:
762         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
763         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
764         (WebCore::GraphicsContext::supportsTransparencyLayers):
765         * platform/graphics/cg/GraphicsContextPlatformPrivateCG.h:
766         (WebCore::GraphicsContextPlatformPrivate::GraphicsContextPlatformPrivate):
767         * platform/graphics/haiku/GraphicsContextHaiku.cpp:
768         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
769         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
770         (WebCore::GraphicsContext::supportsTransparencyLayers):
771         * platform/graphics/mac/FontMac.mm:
772         (WebCore::Font::drawGlyphs):
773         * platform/graphics/openvg/GraphicsContextOpenVG.cpp:
774         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
775         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
776         (WebCore::GraphicsContext::supportsTransparencyLayers):
777         * platform/graphics/qt/GraphicsContextQt.cpp:
778         (WebCore::GraphicsContext::isInTransparencyLayer):
779         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
780         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
781         (WebCore::GraphicsContext::supportsTransparencyLayers):
782         * platform/graphics/skia/GraphicsContextSkia.cpp:
783         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
784         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
785         (WebCore::GraphicsContext::supportsTransparencyLayers):
786         * platform/graphics/win/FontCGWin.cpp:
787         (WebCore::drawGDIGlyphs):
788         * platform/graphics/win/GraphicsContextCGWin.cpp:
789         (WebCore::GraphicsContext::releaseWindowsContext):
790         * platform/graphics/win/GraphicsContextCairoWin.cpp:
791         (WebCore::GraphicsContext::releaseWindowsContext):
792         * platform/graphics/win/GraphicsContextWin.cpp:
793         (WebCore::GraphicsContext::getWindowsContext):
794         * platform/graphics/wince/GraphicsContextWinCE.cpp:
795         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
796         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
797         (WebCore::GraphicsContext::supportsTransparencyLayers):
798         * platform/graphics/wx/GraphicsContextWx.cpp:
799         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
800         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
801         (WebCore::GraphicsContext::supportsTransparencyLayers):
802         * platform/win/ScrollbarThemeWin.cpp:
803         * plugins/win/PluginViewWin.cpp:
804         * rendering/RenderThemeWin.cpp:
805
806 2011-09-09  Julien Chaffraix  <jchaffraix@webkit.org>
807
808         [V8] V8WebKitPoint::constructorCallback leaks
809         https://bugs.webkit.org/show_bug.cgi?id=67865
810
811         Reviewed by Adam Barth.
812
813         Covered by fast/js/instanceof-XMLHttpRequest.html under Valgrind.
814
815         * bindings/v8/custom/V8WebKitPointConstructor.cpp:
816         (WebCore::V8WebKitPoint::constructorCallback): Changed the code
817         to use a RefPtr (per our usual style). Also use toV8 that will
818         take care of properly wrapping the object.
819
820 2011-09-09  Chris Rogers  <crogers@google.com>
821
822         HRTFDatabaseLoader should not call WTF::waitForThreadCompletion() more than once
823         https://bugs.webkit.org/show_bug.cgi?id=67866
824
825         Reviewed by David Levin.
826
827         No new tests since this is difficult to test.
828         This is designed to fix existing webaudio layout test failures.
829
830         * platform/audio/HRTFDatabaseLoader.cpp:
831         (WebCore::HRTFDatabaseLoader::HRTFDatabaseLoader):
832         (WebCore::HRTFDatabaseLoader::~HRTFDatabaseLoader):
833         (WebCore::HRTFDatabaseLoader::loadAsynchronously):
834         (WebCore::HRTFDatabaseLoader::waitForLoaderThreadCompletion):
835         * platform/audio/HRTFDatabaseLoader.h:
836
837 2011-09-09  Jessie Berlin  <jberlin@apple.com>
838
839         Cookies are not available after turning off Private Browsing after the last window has been
840         closed.
841         https://bugs.webkit.org/show_bug.cgi?id=67874
842
843         Reviewed by Darin Adler.
844
845         The private browsing storage session is a global setting that is being incorrectly set on a
846         per-page basis (see http://webkit.org/b/67870).
847
848         In this case, the global value was getting out of sync with the per-page setting:
849         1. The global value was getting set to true when setPrivateBrowsingEnabled(true) was called.
850         2. All Pages were then closed, destroying their Settings objects.
851         3. When a new Page was created, a new Settings object was created and its
852            m_privateBrowsingEnabled value was getting set to false.
853         4. The WebPage settings were then applied to the new Settings object, resulting in
854            setPrivateBrowsingEnabled(false) to be called.
855         5. An if (m_privateBrowsingEnabled == privateBrowsingEnabled) early return prevented the
856            global value for the storage session from being destroyed.
857
858         * page/Settings.cpp:
859         (WebCore::Settings::setPrivateBrowsingEnabled):
860         Move the early return to be after setting the global private browsing values, and add a
861         clearer comment + FIXME.
862
863 2011-09-09  Kentaro Hara  <haraken@google.com>
864
865         Generate a WebKitCSSMatrix constructor of V8 using the IDL 'Constructor' extended attribute
866         https://bugs.webkit.org/show_bug.cgi?id=67458
867
868         Reviewed by Adam Barth.
869
870         Added a 'CallWithNullValue' extended attribute.
871         If a parameter is optional and missing, 'CallWithDefaultValue'
872         handles it as a string "undefined". On the other hand,
873         'CallWithNullValue' handles it as a null string
874         (Note: not a string "null", but a null string).
875
876         Tests: fast/dom/Window/custom-constructors.html
877                transforms/svg-vs-css.xhtml
878                transforms/cssmatrix-2d-interface.xhtml
879                transforms/cssmatrix-3d-interface.xhtmlGenerate a WebKitCSSMatrix constructor
880
881         * WebCore.gypi: Removed V8WebKitCSSMatrixConstructor.cpp.
882         * WebCore.pro: Removed V8WebKitCSSMatrixConstructor.cpp.
883         * bindings/scripts/CodeGeneratorV8.pm:
884         (GenerateParametersCheck): If the 'CallWithNullValue' extended attribute is set, we call MAYBE_MISSING_PARAMETER() with MissingIsEmpty mode to obtain a maybe missing parameter. Otherwise, we call MAYBE_MISSING_PARAMETER() with MissingIsUndefined mode.
885         (RequiresCustomSignature):
886         * bindings/scripts/test/V8/V8TestInterface.cpp: Updated test results.
887         (WebCore::V8TestInterface::constructorCallback):
888         * bindings/scripts/test/V8/V8TestMediaQueryListListener.cpp: Ditto.
889         (WebCore::TestMediaQueryListListenerInternal::methodCallback):
890         * bindings/scripts/test/V8/V8TestObj.cpp: Ditto.
891         (WebCore::TestObjInternal::voidMethodWithArgsCallback):
892         (WebCore::TestObjInternal::intMethodWithArgsCallback):
893         (WebCore::TestObjInternal::objMethodWithArgsCallback):
894         (WebCore::TestObjInternal::methodThatRequiresAllArgsCallback):
895         (WebCore::TestObjInternal::methodThatRequiresAllArgsAndThrowsCallback):
896         (WebCore::TestObjInternal::optionsObjectCallback):
897         (WebCore::TestObjInternal::customArgsAndExceptionCallback):
898         (WebCore::TestObjInternal::withDynamicFrameAndArgCallback):
899         (WebCore::TestObjInternal::withDynamicFrameAndOptionalArgCallback):
900         (WebCore::TestObjInternal::withDynamicFrameAndUserGestureCallback):
901         (WebCore::TestObjInternal::withDynamicFrameAndUserGestureASADCallback):
902         (WebCore::TestObjInternal::methodWithOptionalArgCallback):
903         (WebCore::TestObjInternal::methodWithNonOptionalArgAndOptionalArgCallback):
904         (WebCore::TestObjInternal::methodWithNonOptionalArgAndTwoOptionalArgsCallback):
905         (WebCore::TestObjInternal::methodWithNonCallbackArgAndCallbackArgCallback):
906         (WebCore::TestObjInternal::overloadedMethod1Callback):
907         (WebCore::TestObjInternal::overloadedMethod2Callback):
908         (WebCore::TestObjInternal::overloadedMethod3Callback):
909         (WebCore::TestObjInternal::overloadedMethod4Callback):
910         (WebCore::TestObjInternal::classMethodWithOptionalCallback):
911         (WebCore::TestObjInternal::enabledAtRuntimeMethod1Callback):
912         (WebCore::TestObjInternal::enabledAtRuntimeMethod2Callback):
913         * bindings/v8/V8Binding.h:
914         (WebCore::V8ParameterBase::prepareBase): The fact that V8ParameterBase does not have any object means that we do not need to prepare anything, i.e. we should just return true in this case.
915         (WebCore::::prepare): If V8ParameterBase does not have any object, then we set a null string.
916         * bindings/v8/custom/V8BindingMacros.h: MAYBE_MISSING_PARAMETER() returns the parameter of a given index if the parameter exists. If the parameter does not exist and MissingIsUndefined is set, this macro returns an object that represents undefined. If the parameter does not exist and MissingIsEmpty is set, this macro returns an empty object.
917         * bindings/v8/custom/V8WebKitCSSMatrixConstructor.cpp: Removed.
918         * css/WebKitCSSMatrix.idl: Added the 'Constructor' extended attribute.
919
920 2011-09-09  Geoffrey Garen  <ggaren@apple.com>
921
922         Reviewed by Dan Bernstein.
923
924         Removed ENABLE(SINGLE_THREADED) support, since it is always false
925         https://bugs.webkit.org/show_bug.cgi?id=67862
926
927         Next step toward making the baseline platform assumption that threads exist.
928
929         * WebCore.pri:
930         * features.pri: 
931         * platform/sql/SQLiteDatabase.cpp:
932         (WebCore::SQLiteDatabase::interrupt): Removed now-dead code.
933
934 2011-09-09  Fady Samuel  <fsamuel@chromium.org>
935
936         Move pageScaleFactor code from Frame.{h|cpp} to Page.{h|cpp}
937         https://bugs.webkit.org/show_bug.cgi?id=67250
938
939         Reviewed by Simon Fraser.
940
941         No new tests because there's no change in functionality.
942
943         * WebCore.exp.in:
944         * css/CSSStyleSelector.cpp:
945         (WebCore::CSSStyleSelector::styleForDocument):
946         * dom/Element.cpp:
947         (WebCore::Element::getClientRects):
948         (WebCore::Element::getBoundingClientRect):
949         * dom/Range.cpp:
950         (WebCore::adjustFloatQuadsForScrollAndAbsoluteZoomAndPageScale):
951         * loader/HistoryController.cpp:
952         (WebCore::HistoryController::restoreScrollPositionAndViewState):
953         * page/Frame.cpp:
954         (WebCore::Frame::Frame):
955         (WebCore::Frame::pageScaleFactor):
956         * page/Frame.h:
957         * page/Page.cpp:
958         (WebCore::Page::Page):
959         (WebCore::Page::setPageScaleFactor):
960         * page/Page.h:
961         (WebCore::Page::pageScaleFactor):
962         * rendering/RenderLayerCompositor.cpp:
963         (WebCore::RenderLayerCompositor::shouldPropagateCompositingToEnclosingFrame):
964         (WebCore::RenderLayerCompositor::pageScaleFactor):
965         * rendering/RenderView.cpp:
966         (WebCore::RenderView::paintBoxDecorations):
967
968 2011-09-09  Dominic Mazzoni  <dmazzoni@google.com>
969
970         AX: Images within anchors causes crash
971         https://bugs.webkit.org/show_bug.cgi?id=44149
972
973         Reviewed by Chris Fleizach.
974
975         Fixes the way parent RenderObject of an AccessibilityRenderObject
976         is computed in the presence of adjacent continuations.
977
978         Test: accessibility/div-within-anchors-causes-crash.html
979
980         * accessibility/AccessibilityRenderObject.cpp:
981         (WebCore::AccessibilityRenderObject::renderParentObject):
982
983 2011-09-09  Kulanthaivel Palanichamy  <kulanthaivel@codeaurora.org>
984
985         CSS rules not being applied when a hidden field is inserted between an input[type=checkbox] and a label
986         https://bugs.webkit.org/show_bug.cgi?id=66887
987
988         Reviewed by David Hyatt.
989
990         Test: fast/css/adjacent-sibling-selector.html
991
992         This patch addresses the problem of elements not getting their style recomputed
993         when they are affected by direct adjacent sibling rules and one of their sibling in
994         their corresponding rules is modified dynamically.
995
996         * css/CSSStyleSelector.cpp:
997         (WebCore::CSSStyleSelector::canShareStyleWithElement):
998         (WebCore::parentStylePreventsSharing):
999         * css/SelectorChecker.cpp:
1000         (WebCore::SelectorChecker::checkSelector):
1001         * dom/Element.cpp:
1002         (WebCore::Element::recalcStyle):
1003         (WebCore::checkForSiblingStyleChanges):
1004         * rendering/style/RenderStyle.cpp:
1005         (WebCore::RenderStyle::RenderStyle):
1006         * rendering/style/RenderStyle.h:
1007         (WebCore::InheritedFlags::affectedByDirectAdjacentRules):
1008         (WebCore::InheritedFlags::setAffectedByDirectAdjacentRules):
1009
1010 2011-09-09  Rafael Antognolli  <antognolli@profusion.mobi>
1011
1012         Make the EFL port use the correct rendering file.
1013         https://bugs.webkit.org/show_bug.cgi?id=66323
1014
1015         Reviewed by Martin Robinson.
1016
1017         When compiling with Pango support, the EFL port should use
1018         FontPango.cpp instead of FontEfl.cpp (which is just full of stubs).
1019
1020         No new functionality so no new tests.
1021
1022         * CMakeListsEfl.txt:
1023
1024 2011-09-09  Chris Rogers  <crogers@google.com>
1025
1026         AudioBufferSourceNode must validate AudioBuffer in .buffer attribute setter
1027         https://bugs.webkit.org/show_bug.cgi?id=67749
1028
1029         Reviewed by Kenneth Russell.
1030
1031         Test: webaudio/audiobuffersource-channels.html
1032
1033         * WebCore.gypi:
1034         * bindings/js/JSAudioBufferSourceNodeCustom.cpp:
1035         (WebCore::JSAudioBufferSourceNode::setBuffer):
1036         * bindings/v8/custom/V8AudioBufferSourceNodeCustom.cpp: Copied from Source/WebCore/bindings/js/JSAudioBufferSourceNodeCustom.cpp.
1037         (WebCore::V8AudioBufferSourceNode::bufferAccessorSetter):
1038         * webaudio/AudioBufferSourceNode.cpp:
1039         (WebCore::AudioBufferSourceNode::setBuffer):
1040         * webaudio/AudioBufferSourceNode.h:
1041         * webaudio/AudioBufferSourceNode.idl:
1042
1043 2011-09-09  Dan Bernstein  <mitz@apple.com>
1044
1045         RenderBlock::addOverhangingFloats() takes superfluous parameters
1046         https://bugs.webkit.org/show_bug.cgi?id=67863
1047
1048         Reviewed by Dave Hyatt.
1049
1050         No new tests, because behavior is unchanged.
1051
1052         * rendering/RenderBlock.cpp:
1053         (WebCore::RenderBlock::layoutBlock):
1054         (WebCore::RenderBlock::layoutBlockChild):
1055         (WebCore::RenderBlock::addOverhangingFloats): Removed the logical{Left, Top}Offset parameters,
1056         since they were always the inverse of the logical{Left, Top}() of the child parameter.
1057         * rendering/RenderBlock.h:
1058
1059 2011-09-09  Rafael Antognolli  <antognolli@profusion.mobi>
1060
1061         Add replacement functions for gdk ones.
1062         https://bugs.webkit.org/show_bug.cgi?id=66323
1063
1064         Reviewed by Martin Robinson.
1065
1066         This will allow the EFL port to don't depend on gdk anymore.
1067
1068         No new functionality so no new tests.
1069
1070         * CMakeListsEfl.txt:
1071         * platform/graphics/cairo/CairoUtilities.cpp:
1072         (WebCore::appendRegionToCairoContext):
1073         * platform/graphics/cairo/CairoUtilities.h:
1074         * platform/graphics/pango/FontPango.cpp:
1075         (WebCore::drawGlyphsShadow):
1076         (WebCore::Font::drawComplexText):
1077         * platform/graphics/pango/PangoUtilities.cpp: Added.
1078         (WebCore::getLineClipRegionFromLayoutIter):
1079         (WebCore::getClipRegionFromPangoLayoutLine):
1080         * platform/graphics/pango/PangoUtilities.h: Added.
1081
1082 2011-09-09  Mark Hahnenberg  <mhahnenberg@apple.com>
1083
1084         Unzip initialization lists and constructors in JSCell hierarchy (5/7)
1085         https://bugs.webkit.org/show_bug.cgi?id=67420
1086
1087         Reviewed by Geoffrey Garen.
1088
1089         No new tests.
1090
1091         Completed the fifth level of the refactoring to add finishCreation() 
1092         methods to all classes within the JSCell hierarchy with non-trivial 
1093         constructor bodies.
1094
1095         This primarily consists of pushing the calls to finishCreation() down 
1096         into the constructors of the subclasses of the second level of the hierarchy 
1097         as well as pulling the finishCreation() calls out into the class's corresponding
1098         create() method if it has one.  Doing both simultaneously allows us to 
1099         maintain the invariant that the finishCreation() method chain is called exactly 
1100         once during the creation of an object, since calling it any other number of 
1101         times (0, 2, or more) will cause an assertion failure.
1102
1103         * WebCore.exp.in:
1104         * bindings/js/JSDOMBinding.h:
1105         (WebCore::DOMConstructorObject::DOMConstructorObject):
1106         * bindings/js/JSDOMGlobalObject.cpp:
1107         (WebCore::JSDOMGlobalObject::JSDOMGlobalObject):
1108         (WebCore::JSDOMGlobalObject::finishCreation):
1109         * bindings/js/JSDOMGlobalObject.h:
1110         * bindings/js/JSDOMWindowShell.cpp:
1111         * bindings/js/JSDOMWindowShell.h:
1112         (WebCore::JSDOMWindowShell::create):
1113         * bindings/js/JSDOMWrapper.h:
1114         (WebCore::JSDOMWrapper::JSDOMWrapper):
1115         * bindings/scripts/CodeGeneratorJS.pm:
1116         (GenerateImplementation):
1117         * bindings/scripts/test/JS/JSTestInterface.cpp:
1118         (WebCore::JSTestInterface::JSTestInterface):
1119         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
1120         (WebCore::JSTestMediaQueryListListener::JSTestMediaQueryListListener):
1121         * bindings/scripts/test/JS/JSTestObj.cpp:
1122         (WebCore::JSTestObj::JSTestObj):
1123         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
1124         (WebCore::JSTestSerializedScriptValueInterface::JSTestSerializedScriptValueInterface):
1125         * bridge/c/CRuntimeObject.cpp:
1126         (JSC::Bindings::CRuntimeObject::CRuntimeObject):
1127         (JSC::Bindings::CRuntimeObject::finishCreation):
1128         * bridge/c/CRuntimeObject.h:
1129         * bridge/jni/jsc/JavaRuntimeObject.cpp:
1130         (JSC::Bindings::JavaRuntimeObject::JavaRuntimeObject):
1131         (JSC::Bindings::JavaRuntimeObject::finishCreation):
1132         * bridge/jni/jsc/JavaRuntimeObject.h:
1133         * bridge/objc/ObjCRuntimeObject.h:
1134         * bridge/objc/ObjCRuntimeObject.mm:
1135         (JSC::Bindings::ObjCRuntimeObject::ObjCRuntimeObject):
1136         (JSC::Bindings::ObjCRuntimeObject::finishCreation):
1137         * bridge/objc/objc_runtime.h:
1138         (JSC::Bindings::ObjcFallbackObjectImp::create):
1139         * bridge/objc/objc_runtime.mm:
1140         (JSC::Bindings::ObjcFallbackObjectImp::ObjcFallbackObjectImp):
1141         * bridge/qt/qt_instance.cpp:
1142         (JSC::Bindings::QtRuntimeObject::QtRuntimeObject):
1143         * bridge/qt/qt_pixmapruntime.cpp:
1144         (JSC::Bindings::QtPixmapRuntimeObject::QtPixmapRuntimeObject):
1145         * bridge/qt/qt_runtime.cpp:
1146         (JSC::Bindings::QtRuntimeMethod::QtRuntimeMethod):
1147         (JSC::Bindings::QtRuntimeMethod::finishCreation):
1148         * bridge/qt/qt_runtime.h:
1149         * bridge/runtime_array.cpp:
1150         (JSC::RuntimeArray::RuntimeArray):
1151         * bridge/runtime_array.h:
1152         (JSC::RuntimeArray::create):
1153         * bridge/runtime_method.cpp:
1154         (JSC::RuntimeMethod::RuntimeMethod):
1155         (JSC::RuntimeMethod::finishCreation):
1156         * bridge/runtime_method.h:
1157         * bridge/runtime_object.cpp:
1158         (JSC::Bindings::RuntimeObject::RuntimeObject):
1159         * bridge/runtime_object.h:
1160         (JSC::Bindings::RuntimeObject::create):
1161
1162 2011-09-09  Rafael Antognolli  <antognolli@profusion.mobi>
1163
1164         Rename FontGtk.cpp to FontPango.cpp
1165         https://bugs.webkit.org/show_bug.cgi?id=66323
1166
1167         Reviewed by Martin Robinson.
1168
1169         This file will be used by the EFL port too, and since it's not GTK
1170         specific anymore, rename it to something better.
1171
1172         No new functionality so no new tests.
1173
1174         * GNUmakefile.list.am:
1175         * platform/graphics/pango/FontPango.cpp: Renamed from Source/WebCore/platform/graphics/gtk/FontGtk.cpp.
1176
1177 2011-09-09  Adam Klein  <adamk@chromium.org>
1178
1179         Initialize ExceptionCode in Element::removeAttribute
1180         https://bugs.webkit.org/show_bug.cgi?id=67820
1181
1182         Reviewed by Darin Adler.
1183
1184         Silences valgrind warning reported in http://crbug.com/76490.
1185
1186         No new tests since this would only very occasionally be flaky,
1187         and in the codepath in the valgrind report, the ec is ignored anyway.
1188
1189         * dom/Element.cpp:
1190         (WebCore::Element::removeAttribute): Initialize ec to 0.
1191
1192 2011-09-09  Laszlo Gombos  <laszlo.1.gombos@nokia.com>
1193
1194         [Qt] Remove common.pri
1195         https://bugs.webkit.org/show_bug.cgi?id=67814
1196
1197         Reviewed by Andreas Kling.
1198
1199         No new tests, no change in functionality.
1200
1201         * CodeGenerators.pri:
1202         * WebCore.pri:
1203
1204 2011-09-09  Dominic Mazzoni  <dmazzoni@google.com>
1205
1206         Assert being hit in AccessibilityRenderObject::addChildren()
1207         https://bugs.webkit.org/show_bug.cgi?id=61805
1208
1209         Reviewed by Chris Fleizach.
1210
1211         Fix nextSibling and previousSibling to handle adjacent continuations
1212         properly, otherwise nodes end up appearing in the accessibility
1213         tree twice (or a debug assertion could be raised).
1214
1215         Test: accessibility/adjacent-continuations-cause-assertion-failure.html
1216
1217         * accessibility/AccessibilityRenderObject.cpp:
1218         (WebCore::AccessibilityRenderObject::previousSibling):
1219         (WebCore::AccessibilityRenderObject::nextSibling):
1220
1221 2011-09-08  Kentaro Hara  <haraken@google.com>
1222
1223         Implement a WebKitAnimationEvent constructor.
1224         https://bugs.webkit.org/show_bug.cgi?id=67825
1225
1226         Reviewed by Sam Weinig.
1227
1228         There is no spec for the WebKitAnimationEvent constructor
1229         since it is WebKit-specific. However, based on the current
1230         IDL of initWebKitAnimationEvent(), the constructor IDL
1231         should be as follows.
1232
1233         [Constructor(DOMString type, optional WebKitAnimationEventInit eventInitDict)]
1234         interface WebKitAnimationEvent : Event {
1235             ...;
1236         }
1237
1238         dictionary WebKitAnimationEventInit : EventInit {
1239             DOMString animationName;
1240             double elapsedTime;
1241         }
1242
1243         Test: fast/events/constructors/webkit-animation-event-constructor.html
1244
1245         * bindings/generic/EventConstructors.h: Added a definition for the WebKitAnimationEvent constructor.
1246         * bindings/js/JSEventConstructors.cpp: Added #includes for WebKitAnimationEvent.
1247         * dom/WebKitAnimationEvent.cpp:
1248         (WebCore::WebKitAnimationEventInit::WebKitAnimationEventInit):
1249         (WebCore::WebKitAnimationEvent::WebKitAnimationEvent):
1250         * dom/WebKitAnimationEvent.h: Added a definition for WebKitAnimationEventInit.
1251         (WebCore::WebKitAnimationEvent::create):
1252         * dom/WebKitAnimationEvent.idl: Makes WebKitAnimationEvent constructible.
1253
1254 2011-09-08  Abhishek Arya  <inferno@chromium.org>
1255
1256         :before content rendering issues with list markers and run-ins.
1257         https://bugs.webkit.org/show_bug.cgi?id=67735
1258
1259         1) Remove the isAnonymous checks for run-in detection since the
1260         run-in can belong to a node.
1261         2) When the parent has block children, then the list marker will
1262         be enclosed in an anonymous block. In that case, for going to the
1263         next list marker, we need to traverse one level up. We don't need
1264         this check when searching for generated run-in (loop 2), since we
1265         know parent will have inline children, so the list marker wont be
1266         enclosed in an anonymous block.
1267
1268         Reviewed by Dave Hyatt.
1269
1270         Tests: fast/lists/list-marker-before-content-table.html
1271                fast/runin/runin-generated-before-content.html
1272
1273         * rendering/RenderObjectChildList.cpp:
1274         (WebCore::RenderObjectChildList::beforePseudoElementRenderer):
1275
1276 2011-09-09  Pavel Podivilov  <podivilov@chromium.org>
1277
1278         Web Inspector: introduce JavaScriptSourceFrame class.
1279         https://bugs.webkit.org/show_bug.cgi?id=67838
1280
1281         SourceFrame should not deal with JavaScript debugging since it is a base class for all source frame implementations.
1282
1283         Reviewed by Pavel Feldman.
1284
1285         * WebCore.gypi:
1286         * WebCore.vcproj/WebCore.vcproj:
1287         * inspector/front-end/JavaScriptSourceFrame.js: Added.
1288         (WebInspector.JavaScriptSourceFrame):
1289         (WebInspector.SourceFrameDelegateForScriptsPanel): moved from ScriptsPanel.js
1290         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.requestContent):
1291         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.debuggingSupported):
1292         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.setBreakpoint):
1293         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.updateBreakpoint):
1294         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.removeBreakpoint):
1295         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.findBreakpoint):
1296         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.continueToLine):
1297         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.canEditScriptSource):
1298         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.setScriptSource):
1299         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.setScriptSourceIsBeingEdited):
1300         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.debuggerPaused):
1301         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.evaluateInSelectedCallFrame):
1302         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.releaseEvaluationResult):
1303         (WebInspector.SourceFrameDelegateForScriptsPanel.prototype.suggestedFileName):
1304         * inspector/front-end/ScriptsPanel.js:
1305         (WebInspector.ScriptsPanel.prototype._createSourceFrame):
1306         * inspector/front-end/WebKit.qrc:
1307         * inspector/front-end/inspector.html:
1308
1309 2011-09-09  Sheriff Bot  <webkit.review.bot@gmail.com>
1310
1311         Unreviewed, rolling out r94845.
1312         http://trac.webkit.org/changeset/94845
1313         https://bugs.webkit.org/show_bug.cgi?id=67839
1314
1315         This patch kicked Qt-SL bots, but we don't need this
1316         modification. (Requested by ossy_ on #webkit).
1317
1318         * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
1319         * platform/mac/WebVideoFullscreenController.mm:
1320         * platform/mac/WebVideoFullscreenHUDWindowController.mm:
1321
1322 2011-09-09  Csaba Osztrogon√°c  <ossy@webkit.org>
1323
1324         [Qt][Mac]REGRESSION(r94774): Build is broken
1325         https://bugs.webkit.org/show_bug.cgi?id=67799
1326
1327         It seems these files didn't rebuilt because of a
1328         dependency bug. Touch them to trigger a rebuild.
1329
1330         * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
1331         * platform/mac/WebVideoFullscreenController.mm:
1332         * platform/mac/WebVideoFullscreenHUDWindowController.mm:
1333
1334 2011-09-09  Alexander Pavlov  <apavlov@chromium.org>
1335
1336         Unreviewed, Chromium valgrind build fix.
1337
1338         Web Inspector: [Chromium] Valgrind signals use of uninitialized field in InspectorStyleSheetForInlineStyle
1339         https://bugs.webkit.org/show_bug.cgi?id=67837
1340
1341         * inspector/InspectorStyleSheet.cpp:
1342         (WebCore::InspectorStyleSheetForInlineStyle::InspectorStyleSheetForInlineStyle):
1343
1344 2011-09-09  Sheriff Bot  <webkit.review.bot@gmail.com>
1345
1346         Unreviewed, rolling out r94536.
1347         http://trac.webkit.org/changeset/94536
1348         https://bugs.webkit.org/show_bug.cgi?id=67836
1349
1350         breaks absoluteLocation() of RelatedMouseEvent (Requested by
1351         jknotten on #webkit).
1352
1353         * dom/MouseRelatedEvent.cpp:
1354         (WebCore::MouseRelatedEvent::MouseRelatedEvent):
1355
1356 2011-09-08  Alexander Pavlov  <apavlov@chromium.org>
1357
1358         Web Inspector: live edit both for JS and CSS is not discoverable.
1359         https://bugs.webkit.org/show_bug.cgi?id=65962
1360
1361         Add the "Edit" button to SourceFrame, so that resources/scripts can be edited both in the
1362         Resources and the Scripts panels. The button is grayed out if the resource/script is not editable.
1363
1364         Reviewed by Yury Semikhatsky.
1365
1366         * inspector/front-end/Images/statusbarButtonGlyphs.png:
1367         * inspector/front-end/ResourceView.js:
1368         (WebInspector.EditableResourceSourceFrame.prototype.canEditSource):
1369         * inspector/front-end/ScriptsPanel.js:
1370         (WebInspector.ScriptsPanel.prototype.get statusBarItems):
1371         (WebInspector.ScriptsPanel.prototype.set visibleView):
1372         * inspector/front-end/SourceFrame.js:
1373         (WebInspector.SourceFrame):
1374         (WebInspector.SourceFrame.prototype.get statusBarItems):
1375         (WebInspector.SourceFrame.prototype._initializeTextViewer):
1376         (WebInspector.SourceFrame.prototype._editButtonClicked):
1377         (WebInspector.SourceFrame.prototype.canEditSource):
1378         (WebInspector.SourceFrame.prototype.startEditing):
1379         (WebInspector.SourceFrame.prototype.commitEditing):
1380         (WebInspector.SourceFrame.prototype._setReadOnly):
1381         (WebInspector.TextViewerDelegateForSourceFrame.prototype.doubleClick):
1382         * inspector/front-end/TextViewer.js:
1383         (WebInspector.TextEditorMainPanel.prototype.set readOnly):
1384         (WebInspector.TextEditorMainPanel.prototype._updateSelectionOnStartEditing):
1385         * inspector/front-end/inspector.css:
1386         (button.edit-source-status-bar-item .glyph):
1387         (button.edit-source-status-bar-item.toggled-on .glyph):
1388
1389 2011-09-09  Shinya Kawanaka  <shinyak@google.com>
1390
1391         Crashes in WebCore::AppendNodeCommand::create().
1392         https://bugs.webkit.org/show_bug.cgi?id=67767
1393
1394         Reviewed by Darin Adler.
1395
1396         In CompositeEditCommand::closeParagraphUnderNewElement(), lastNode could be a non Element node.
1397         The current code assumes lastNode is an Element node. This patch checks it.
1398
1399         Test: editing/execCommand/ident-crashes-topnode-is-text.html
1400
1401         * editing/CompositeEditCommand.cpp:
1402         (WebCore::CompositeEditCommand::cloneParagraphUnderNewElement): Added an element node check.
1403
1404 2011-09-09  Shinya Kawanaka  <shinyak@google.com>
1405
1406         Crashes in WebCore::ApplyStyleCommand.doApply()
1407         https://bugs.webkit.org/show_bug.cgi?id=67765
1408
1409         Reviewed by Ryosuke Niwa.
1410
1411         WebCore::enclosingBlock may return null, but ApplyStyleCommand::applyBlockStyle did not check it. This patch make it to be checked.
1412
1413         Test: editing/style/remove-format-without-enclosing-block.html
1414
1415         * editing/ApplyStyleCommand.cpp:
1416         (WebCore::ApplyStyleCommand::applyBlockStyle): Added null check.
1417
1418 2011-09-09  James Simonsen  <simonjam@chromium.org>
1419
1420         [Chromium] Fix leak of Skia stream with custom CSS fonts
1421         https://bugs.webkit.org/show_bug.cgi?id=67815
1422
1423         Reviewed by Adam Barth.
1424
1425         Test: fast/css/font-face-opentype.html under valgrind
1426
1427         * platform/graphics/mac/FontCustomPlatformData.cpp:
1428         (WebCore::createFontCustomPlatformData):
1429         * platform/graphics/skia/FontCustomPlatformData.cpp:
1430         (WebCore::createFontCustomPlatformData):
1431
1432 2011-09-07  Ryosuke Niwa  <rniwa@webkit.org>
1433
1434         Push more code from HTMLInputElement::setValue to TextFieldInputType::setValue
1435         https://bugs.webkit.org/show_bug.cgi?id=67742
1436
1437         Reviewed by Darin Adler.
1438
1439         Moved more code in HTMLInputElement::setValue to TextFieldInputType::setValue, and merged
1440         InputType::valueChanged into InputType::setValue. Also introduced
1441         InputType::dispatchChangeEventInResponseToSetValue to be overridden by TextFieldInputType.
1442
1443         * html/BaseButtonInputType.cpp:
1444         (WebCore::BaseButtonInputType::setValue):
1445         * html/BaseButtonInputType.h:
1446         * html/BaseCheckableInputType.cpp:
1447         (WebCore::BaseCheckableInputType::setValue):
1448         * html/BaseCheckableInputType.h:
1449         * html/ColorInputType.cpp:
1450         * html/ColorInputType.h:
1451         * html/FileInputType.cpp:
1452         (WebCore::FileInputType::setValue):
1453         * html/FileInputType.h:
1454         * html/HTMLInputElement.cpp:
1455         (WebCore::HTMLInputElement::setValue):
1456         * html/HTMLInputElement.h:
1457         (WebCore::HTMLInputElement::cacheSelectionInResponseToSetValue):
1458         * html/HiddenInputType.cpp:
1459         (WebCore::HiddenInputType::setValue):
1460         * html/HiddenInputType.h:
1461         * html/InputType.cpp:
1462         (WebCore::InputType::setValue):
1463         (WebCore::InputType::dispatchChangeEventInResponseToSetValue):
1464         * html/InputType.h:
1465         * html/RangeInputType.cpp:
1466         (WebCore::RangeInputType::setValue):
1467         * html/RangeInputType.h:
1468         * html/TextFieldInputType.cpp:
1469         (WebCore::TextFieldInputType::setValue):
1470         (WebCore::TextFieldInputType::dispatchChangeEventInResponseToSetValue):
1471         * html/TextFieldInputType.h:
1472
1473 2011-09-08  Annie Sullivan  <sullivan@chromium.org>
1474
1475         Crashes in WebCore::InsertNodeBeforeCommand constructor.
1476         https://bugs.webkit.org/show_bug.cgi?id=67763
1477
1478         Reviewed by Ryosuke Niwa.
1479
1480         Changes editableRootForPosition() to use the position's containerNode instead of deprecatedNode so that
1481         positions which are before or after a given node cannot return that node as the editable root.
1482
1483         Test: editing/inserting/insert-paragraph-selection-outside-contenteditable.html
1484
1485         * editing/htmlediting.cpp:
1486         (WebCore::editableRootForPosition): use containerNode instead of deprecatedNode.
1487
1488 2011-09-08  James Weatherall  <wez@chromium.org>
1489
1490         Release the reference to the HTMLPlugInElement's script object, when the element is removed from the document.  This breaks a cyclical reference that would otherwise cause the element to be retained until the document is torn down.
1491         https://bugs.webkit.org/show_bug.cgi?id=66181
1492
1493         Reviewed by Anders Carlsson.
1494
1495         No new tests - no functional change.
1496
1497         * html/HTMLPlugInElement.cpp:
1498         (WebCore::HTMLPlugInElement::removedFromDocument):
1499         * html/HTMLPlugInElement.h:
1500
1501 2011-09-08  Daniel Bates  <dbates@webkit.org>
1502
1503         XSS filter bypass via non-standard URL encoding
1504         https://bugs.webkit.org/show_bug.cgi?id=66588
1505
1506         Reviewed by Adam Barth.
1507
1508         Tests: http/tests/security/xssAuditor/script-tag-with-16bit-unicode-surrogate-pair.html
1509                http/tests/security/xssAuditor/script-tag-with-16bit-unicode.html
1510                http/tests/security/xssAuditor/script-tag-with-16bit-unicode2.html
1511                http/tests/security/xssAuditor/script-tag-with-16bit-unicode3.html
1512                http/tests/security/xssAuditor/script-tag-with-16bit-unicode4.html
1513                http/tests/security/xssAuditor/script-tag-with-16bit-unicode5.html
1514                http/tests/security/xssAuditor/script-tag-with-three-times-url-encoded-16bit-unicode.html
1515                http/tests/security/xssAuditor/window-open-without-url-should-not-assert.html
1516
1517         Implement support for decoding non-standard 16-bit Unicode escape sequences of
1518         the form %u26C4 as described in <http://www.w3.org/International/iri-edit/draft-duerst-iri.html#anchor29>.
1519
1520         See also <http://en.wikipedia.org/wiki/Percent-encoding#Non-standard_implementations>.
1521
1522         * GNUmakefile.list.am: Added DecodeEscapeSequences.h.
1523         * WebCore.gypi: Ditto.
1524         * WebCore.pro: Ditto.
1525         * WebCore.vcproj/WebCore.vcproj: Ditto.
1526         * WebCore.xcodeproj/project.pbxproj: Ditto.
1527         * html/parser/XSSAuditor.cpp:
1528         (WebCore::decode16BitUnicodeEscapeSequences): Added.
1529         (WebCore::decodeStandardURLEscapeSequences): Added.
1530         (WebCore::fullyDecodeString): Modified to call decode16BitUnicodeEscapeSequences().
1531         (WebCore::XSSAuditor::init): Modified to return early when the URL of the document
1532         is the empty string. This can happen when opening a new browser window or calling
1533         window.open("").
1534         * platform/KURL.cpp:
1535         (WebCore::decodeURLEscapeSequences): Abstracted code into template-function decodeEscapeSequences().
1536         This function just calls decodeEscapeSequences<URLEscapeSequence>().
1537         * platform/text/DecodeEscapeSequences.h: Added.
1538         (WebCore::Unicode16BitEscapeSequence::findInString):
1539         (WebCore::Unicode16BitEscapeSequence::matchStringPrefix):
1540         (WebCore::Unicode16BitEscapeSequence::decodeRun):
1541         (WebCore::URLEscapeSequence::findInString):
1542         (WebCore::URLEscapeSequence::matchStringPrefix):
1543         (WebCore::URLEscapeSequence::decodeRun):
1544         (WebCore::decodeEscapeSequences):
1545
1546 2011-09-08  Adam Barth  <abarth@webkit.org>
1547
1548         DocumentWriter::deprecatedFrameEncoding doesn't need to refert to Settings
1549         https://bugs.webkit.org/show_bug.cgi?id=67812
1550
1551         Reviewed by Eric Seidel.
1552
1553         The one caller of this function does this work already.
1554
1555         * loader/DocumentWriter.cpp:
1556         (WebCore::DocumentWriter::deprecatedFrameEncoding):
1557
1558 2011-09-08  Adam Klein  <adamk@chromium.org>
1559
1560         Always zero-out m_sortedTextBoxesPosition to avoid uninitialized read in TextIterator
1561         https://bugs.webkit.org/show_bug.cgi?id=67810
1562
1563         Reviewed by Tony Chang.
1564
1565         Reported as a valgrind failure in http://crbug.com/84777.
1566
1567         No possible change in behavior, so no tests. The unitialized read
1568         could never have an impact:
1569
1570            if (m_sortedTextBoxesPosition + 1 < m_sortedTextBoxes.size()) ...
1571
1572         Since m_sortedTextBoxes.size() will be zero here if
1573         m_sortedTextBoxesPosition is uninitialized, and they're both unsigned,
1574         so no possible value of m_sortedTextBoxesPosition could be < 0.
1575
1576         * editing/TextIterator.cpp:
1577         (WebCore::TextIterator::TextIterator):
1578
1579 2011-09-08  Tony Chang  <tony@chromium.org>
1580
1581         Cleanup of switch statements with default cases
1582         https://bugs.webkit.org/show_bug.cgi?id=67808
1583
1584         Reviewed by Adam Barth.
1585
1586         No new tests, just a small refactoring.
1587
1588         * page/WebKitAnimation.cpp:
1589         (WebCore::WebKitAnimation::fillMode):
1590         * platform/audio/Distance.cpp:
1591         (WebCore::DistanceEffect::gain):
1592
1593 2011-09-08  Eric Seidel  <eric@webkit.org>
1594
1595         [BiDi] Add support for the BDI element
1596         https://bugs.webkit.org/show_bug.cgi?id=50913
1597
1598         Reviewed by Ryosuke Niwa.
1599
1600         This patch is ridiculously trivial now that we have unicode-bidi: isolate support in WebKit.
1601
1602         Test: css3/bdi-element.html
1603
1604         * css/html.css:
1605         (bdi):
1606
1607 2011-09-08  David Levin  <levin@chromium.org>
1608
1609         [chromium] KURL::copy doesn't produce something usable on another thread.
1610         https://bugs.webkit.org/show_bug.cgi?id=67809
1611
1612         Reviewed by Adam Barth.
1613
1614         No new functionality exposed so no new test. This was caught by testing code: the thread
1615         sanitizer run in Chromium (http://code.google.com/p/chromium/issues/detail?id=93708).
1616
1617         * platform/KURLGoogle.cpp:
1618         (WebCore::KURLGooglePrivate::copyTo): Clear out the invalid String so that it will
1619         not be used on another thread.
1620
1621 2011-09-08  Alexey Proskuryakov  <ap@apple.com>
1622
1623         REGRESSION (r66874): Missing RefPtr in ScriptController
1624         https://bugs.webkit.org/show_bug.cgi?id=67748
1625
1626         Reviewed by Adam Barth.
1627
1628         * bindings/ScriptControllerBase.cpp: (WebCore::ScriptController::executeScript):
1629
1630 2011-09-08  Adam Barth  <abarth@webkit.org>
1631
1632         Second attempt to fix Chromium build.
1633
1634         * dom/Document.h:
1635
1636 2011-09-08  Oliver Hunt  <oliver@apple.com>
1637
1638         Use bump allocator for initial property storage
1639         https://bugs.webkit.org/show_bug.cgi?id=67494
1640
1641         Reviewed by Geoffrey Garen.
1642
1643         Add a forwarding header.
1644
1645         * ForwardingHeaders/runtime/StorageBarrier.h: Added.
1646
1647 2011-09-08  Roland Steiner  <rolandsteiner@chromium.org>
1648
1649         Unreviewed, rolling out r94809.
1650         http://trac.webkit.org/changeset/94809
1651         https://bugs.webkit.org/show_bug.cgi?id=67718
1652
1653         commit _still_ premature, despite CQ eagerness
1654
1655         * html/HTMLAttributeNames.in:
1656         * html/HTMLStyleElement.cpp:
1657         * html/HTMLStyleElement.h:
1658         * html/HTMLStyleElement.idl:
1659
1660 2011-09-08  Sam Weinig  <sam@webkit.org>
1661
1662         Remove the Completion object from JSC, I have never liked it
1663         https://bugs.webkit.org/show_bug.cgi?id=67755
1664
1665         Reviewed by Gavin Barraclough.
1666
1667         * bindings/js/JSDOMBinding.cpp:
1668         (WebCore::reportException):
1669         * bindings/js/JSEventListener.cpp:
1670         (WebCore::JSEventListener::handleEvent):
1671         * bindings/js/JSInjectedScriptManager.cpp:
1672         (WebCore::InjectedScriptManager::createInjectedScript):
1673         * bindings/js/JSMainThreadExecState.h:
1674         (WebCore::JSMainThreadExecState::evaluate):
1675         * bindings/js/ScriptController.cpp:
1676         (WebCore::ScriptController::evaluateInWorld):
1677         * bindings/js/WorkerScriptController.cpp:
1678         (WebCore::WorkerScriptController::evaluate):
1679         * bindings/objc/WebScriptObject.mm:
1680         (-[WebScriptObject evaluateWebScript:]):
1681         * bridge/NP_jsobject.cpp:
1682         (_NPN_Evaluate):
1683         * bridge/jni/jni_jsobject.mm:
1684         (JavaJSObject::eval):
1685
1686 2011-09-08  Adam Barth  <abarth@webkit.org>
1687
1688         Inline DocumentWriter::encoding() into it's only caller: deprecatedFrameEncoding()
1689         https://bugs.webkit.org/show_bug.cgi?id=67807
1690
1691         Reviewed by Eric Seidel.
1692
1693         This function is super nutty.  We don't want any more folks to call it
1694         thinking that it does something sane.
1695
1696         * loader/DocumentWriter.cpp:
1697         (WebCore::DocumentWriter::deprecatedFrameEncoding):
1698         * loader/DocumentWriter.h:
1699
1700 2011-09-08  Roland Steiner  <rolandsteiner@chromium.org>
1701
1702         <style scoped>: Add 'scoped' attribute
1703         https://bugs.webkit.org/show_bug.cgi?id=67718
1704
1705         Add 'scoped' attribute to IDL and attribute list,
1706         implement and test setting/resetting of the attribute.
1707
1708         Reviewed by Dimitri Glazkov.
1709
1710         Test: fast/css/style-scoped/basic-attribute.html
1711
1712         * html/HTMLAttributeNames.in:
1713         * html/HTMLStyleElement.cpp:
1714         (WebCore::HTMLStyleElement::scoped):
1715         (WebCore::HTMLStyleElement::setScoped):
1716         (WebCore::HTMLStyleElement::scopingElement):
1717         * html/HTMLStyleElement.h:
1718         * html/HTMLStyleElement.idl:
1719
1720 2011-09-08  Sheriff Bot  <webkit.review.bot@gmail.com>
1721
1722         Unreviewed, rolling out r94781.
1723         http://trac.webkit.org/changeset/94781
1724         https://bugs.webkit.org/show_bug.cgi?id=67806
1725
1726         Broke Objective-C binding on Mac (Requested by rniwa on
1727         #webkit).
1728
1729         * dom/Element.idl:
1730         * dom/Node.cpp:
1731         (WebCore::Node::contains):
1732         * dom/Node.idl:
1733         * editing/DeleteSelectionCommand.cpp:
1734         (WebCore::DeleteSelectionCommand::mergeParagraphs):
1735
1736 2011-09-08  Eric Seidel  <eric@webkit.org>
1737
1738         Remove DocumentWriter::setDecoder as a grep of WebKit shows no callers
1739         https://bugs.webkit.org/show_bug.cgi?id=67803
1740
1741         Reviewed by Adam Barth.
1742
1743         Smells like dead code.
1744
1745         * loader/DocumentWriter.cpp:
1746         * loader/DocumentWriter.h:
1747
1748 2011-09-08  Shinya Kawanaka  <shinyak@google.com>
1749
1750         Crashes in WebCore::ReplaceSelectionCommand::doApply
1751         https://bugs.webkit.org/show_bug.cgi?id=67762
1752
1753         Reviewed by Ryosuke Niwa.
1754
1755         WebCore::enclosingBlock may return null, but its return value was not checked. This patch checks it.
1756
1757         Tests: editing/inserting/insert-without-enclosing-block.html
1758
1759         * editing/ReplaceSelectionCommand.cpp:
1760         (WebCore::ReplaceSelectionCommand::doApply): Added null check.
1761
1762 2011-09-08  Sheriff Bot  <webkit.review.bot@gmail.com>
1763
1764         Unreviewed, rolling out r94784.
1765         http://trac.webkit.org/changeset/94784
1766         https://bugs.webkit.org/show_bug.cgi?id=67796
1767
1768         Commit was premature (Requested by rolandsteiner on #webkit).
1769
1770         * html/HTMLAttributeNames.in:
1771         * html/HTMLStyleElement.cpp:
1772         * html/HTMLStyleElement.h:
1773         * html/HTMLStyleElement.idl:
1774
1775 2011-09-08  W. James MacLean  <wjmaclean@chromium.org>
1776
1777         [chromium] Add backend compositor support for rescaling (zooming) textures during zoom animation.
1778         https://bugs.webkit.org/show_bug.cgi?id=66472
1779
1780         This patch contains plumbing from Internals to WebViewImpl that can be removed
1781         at a later time when the zoom animator code is complete.
1782
1783         Reviewed by James Robinson.
1784
1785         Test: platform/chromium/compositing/zoom-animator-scale-test.html
1786
1787         * page/Settings.cpp:
1788         (WebCore::Settings::Settings):
1789         * page/Settings.h:
1790         (WebCore::Settings::setZoomAnimatorScale):
1791         (WebCore::Settings::zoomAnimatorScale):
1792         * platform/graphics/chromium/LayerRendererChromium.cpp:
1793         (WebCore::LayerRendererChromium::LayerRendererChromium):
1794         (WebCore::LayerRendererChromium::drawLayersInternal):
1795         * platform/graphics/chromium/LayerRendererChromium.h:
1796         (WebCore::LayerRendererChromium::setZoomAnimatorScale):
1797         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
1798         (WebCore::CCLayerTreeHost::CCLayerTreeHost):
1799         (WebCore::CCLayerTreeHost::commitTo):
1800         (WebCore::CCLayerTreeHost::setZoomAnimatorScale):
1801         (WebCore::CCLayerTreeHost::updateLayers):
1802         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
1803         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
1804         (WebCore::CCLayerTreeHostImpl::setZoomAnimatorScale):
1805         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
1806         * testing/Internals.cpp:
1807         (WebCore::Internals::setZoomAnimatorScale):
1808         * testing/Internals.h:
1809         * testing/Internals.idl:
1810
1811 2011-09-08  Eric Carlson  <eric.carlson@apple.com>
1812
1813         HTMLMediaElement is missing initialTime attribute
1814         https://bugs.webkit.org/show_bug.cgi?id=67791
1815
1816         Reviewed by Darin Adler.
1817
1818         Test: media/media-initialTime.html
1819
1820         * html/HTMLMediaElement.cpp:
1821         (WebCore::HTMLMediaElement::initialTime):
1822         * html/HTMLMediaElement.h:
1823         * html/HTMLMediaElement.idl:
1824         * platform/graphics/MediaPlayer.cpp:
1825         (WebCore::MediaPlayer::initialTime):
1826         * platform/graphics/MediaPlayer.h:
1827         * platform/graphics/MediaPlayerPrivate.h:
1828         (WebCore::MediaPlayerPrivateInterface::initialTime):
1829
1830 2011-09-03  Robert Hogan  <robert@webkit.org>
1831
1832         Elements with position:absolute don't move to correct position after images load
1833         https://bugs.webkit.org/show_bug.cgi?id=54611
1834
1835         Reviewed by Simon Fraser.
1836
1837         Test: fast/block/positioning/absolute-layout-after-image-load.html
1838
1839         In the test the 'label' block is an absolutely positioned child of an inline flow. So during layout, 
1840         this RenderBlock::layoutPositionedObjects fails to dirty it for rendering because it requires 
1841         the parent to be a BlockFlow. The code to do this was introduced in http://trac.webkit.org/changeset/8284. 
1842         There doesn't seem to be a good reason for requiring a BlockFlow, so remove the check. 
1843
1844         Note: Although the issue is encountered only on first load without a fragment identifier, it 
1845         happens reliably when you include the fragment identifier in the url (#Footnote_1). This is so 
1846         because scrolling to the fragment always happens before the image has loaded, rendering the page 
1847         and clearing the initial dirty bits in the positioned element's renderer. When the image finally 
1848         loads in this scenario, the positioned element is otherwise clean and relies on the above code to get 
1849         re-rendered.
1850
1851         Note: This was originally landed in r94755 but positioned-float-layout-after-image-load.html exposed
1852               an ASSERT bug, unrelated to this change, and was rolled out. That issue is tracked separately
1853               in bug 67759.
1854
1855         * rendering/RenderBlock.cpp:
1856         (WebCore::RenderBlock::layoutPositionedObjects): remove the check for r->parent()->isBlockFlow() when 
1857                                                          deciding whether to mark children for layout
1858
1859 2011-09-08  Roland Steiner  <rolandsteiner@chromium.org>
1860
1861         <style scoped>: Add 'scoped' attribute
1862         https://bugs.webkit.org/show_bug.cgi?id=67718
1863
1864         Add 'scoped' attribute to IDL and attribute list,
1865         implement and test setting/resetting of the attribute.
1866
1867         Reviewed by Dimitri Glazkov.
1868
1869         Test: fast/css/style-scoped/basic-attribute.html
1870
1871         * html/HTMLAttributeNames.in:
1872         * html/HTMLStyleElement.cpp:
1873         (WebCore::HTMLStyleElement::scoped):
1874         (WebCore::HTMLStyleElement::setScoped):
1875         (WebCore::HTMLStyleElement::scopingElement):
1876         * html/HTMLStyleElement.h:
1877         * html/HTMLStyleElement.idl:
1878
1879 2011-09-08  Erik Arvidsson  <arv@chromium.org>
1880
1881         Move Element.contains to Node
1882         https://bugs.webkit.org/show_bug.cgi?id=67651
1883
1884         Reviewed by Darin Adler.
1885
1886         This moves the contains method from Element to Node as in the DOM4 working draft: 
1887         http://dvcs.w3.org/hg/domcore/raw-file/tip/Overview.html#dom-node-contains
1888
1889         This also special cases Document contains to make it O(1) instead of O(depth).
1890
1891         Tests: fast/dom/Node/contains-method.html
1892                perf/document-contains.html
1893
1894         * dom/Element.idl:
1895         * dom/Node.cpp:
1896         (WebCore::Node::contains): Added document special case.
1897         * dom/Node.idl:
1898         * editing/DeleteSelectionCommand.cpp:
1899         (WebCore::DeleteSelectionCommand::mergeParagraphs): Added a null check.
1900
1901 2011-09-08  Chris Rogers  <crogers@google.com>
1902
1903         Check AudioContext createChannelMerger() for thread safety
1904         https://bugs.webkit.org/show_bug.cgi?id=67247
1905
1906         Reviewed by Kenneth Russell.
1907
1908         Test: webaudio/audiochannelmerger-stereo.html
1909
1910         * webaudio/AudioChannelMerger.cpp:
1911         (WebCore::AudioChannelMerger::process):
1912         (WebCore::AudioChannelMerger::checkNumberOfChannelsForInput):
1913         * webaudio/AudioChannelMerger.h:
1914
1915 2011-09-08  Ned Holbrook  <nholbrook@apple.com>
1916
1917         Refactor hyphen measurement
1918         https://bugs.webkit.org/show_bug.cgi?id=67728
1919
1920         Reviewed by Darin Adler.
1921
1922         No new tests, purely refactoring.
1923
1924         * rendering/RenderBlockLineLayout.cpp:
1925         (WebCore::measureHyphenWidth): Added.
1926         (WebCore::setLogicalWidthForTextRun): Use measureHyphenWidth().
1927         (WebCore::tryHyphenating): Ditto.
1928         (WebCore::RenderBlock::LineBreaker::nextLineBreak): Ditto.
1929
1930 2011-09-08  Julien Chaffraix  <jchaffraix@webkit.org>
1931
1932         Remove LayoutStateDisabler instances from RenderLayer
1933         https://bugs.webkit.org/show_bug.cgi?id=66896
1934
1935         Reviewed by Simon Fraser.
1936
1937         As part of r93614, scrollTo does not call updateLayerPositions anymore.
1938         This means that we don't need to disable LayoutState from the scrolling code
1939         in RenderLayer.
1940
1941         This change is covered by the existing tests.
1942
1943         * rendering/RenderLayer.cpp:
1944         (WebCore::RenderLayer::updateLayerPositions): Updated the comment
1945         that was not accurate anymore. Also explained what is wrong with
1946         LayoutState vs RenderLayer now. Note that the ASSERT is still
1947         valid and will not trigger as the remaining calls to updateLayerPositions
1948         are done *outside* layout() where LayoutState is not set (thus disabled).
1949
1950         (WebCore::RenderLayer::updateScrollInfoAfterLayout): Removed
1951         2 LayoutStateDisabler surrounding scrollToOffset.
1952
1953 2011-09-08  Julien Chaffraix  <jchaffraix@webkit.org>
1954
1955         Factor out the code to get the first non-null RenderTableSection in RenderTable
1956         https://bugs.webkit.org/show_bug.cgi?id=66972
1957
1958         Reviewed by Darin Adler.
1959
1960         Refactoring only, covered by existing tests.
1961
1962         * accessibility/AccessibilityTable.cpp:
1963         (WebCore::AccessibilityTable::addChildren):
1964         (WebCore::AccessibilityTable::cellForColumnAndRow):
1965         * accessibility/AccessibilityTableCell.cpp:
1966         (WebCore::AccessibilityTableCell::rowIndexRange):
1967         Updated those for the signature change in sectionBelow. Also added
1968         a FIXME where topSection should be used instead of iterating
1969         over the section (and likely missing some corner cases).
1970
1971         * rendering/FixedTableLayout.cpp:
1972         (WebCore::FixedTableLayout::calcWidthArray):
1973         * rendering/RenderTable.cpp:
1974         (WebCore::RenderTable::calcBorderStart):
1975         (WebCore::RenderTable::calcBorderEnd):
1976         (WebCore::RenderTable::outerBorderBefore):
1977         (WebCore::RenderTable::sectionAbove):
1978         (WebCore::RenderTable::sectionBelow):
1979         (WebCore::RenderTable::firstLineBoxBaseline):
1980         Updated all those functions to use the newly added functions. Also changed
1981         the variable names to match the functions.
1982
1983         (WebCore::RenderTable::layout):
1984         (WebCore::RenderTable::topNonEmptySection): Newly added function
1985         that returns the top non null section of the table that has at least a
1986         row.
1987
1988         (WebCore::RenderTable::cellAbove):
1989         (WebCore::RenderTable::cellBelow):
1990         Update the signature of those 2 functions to take an enum as it makes the
1991         rest of the code more readable.
1992
1993         * rendering/RenderTable.h:
1994         (WebCore::RenderTable::topSection): Newly added function to return
1995         the top non null section in the table.
1996
1997 2011-04-19  Eric Seidel  <eric@webkit.org>
1998
1999         Reviewed by Ryosuke Niwa.
2000
2001         [BiDi] [CSS3] MASTER: Add support for the unicode-bidi:isolate CSS property
2002         https://bugs.webkit.org/show_bug.cgi?id=50912
2003
2004         This patch adds support for CSS3 unicode-bidi: isolate property, under the -webkit- vendor prefix.
2005         Parsing support was added in a previous patch, this wires up the RenderStyle values
2006         to code changes in the BidiResolver.
2007
2008         The effect of this patch is that it makes it possible to "isolate" runs of text
2009         so that their RTL-ness or LTR-ness does not bleed out into the rest of your text
2010         and effect layout.  This is important because many unicode characters (like parenthesis, ':', '-', etc.)
2011         do not have intrinsic directionality and are affected by whatever characters come before/after.
2012         If you have usernames which include RTL text, if you inject those usernames in your page
2013         you might end up with nearby characters moving!
2014         (like 'RTL USERNAME - my awesome site' as a title, could end up as
2015         'my awesome site - USERNAME RTL' when correct would be 'USERNAME RTL - my awesome site'.)
2016         This patch makes it possible to wrap sections of text in isolated spans, so that
2017         they correctly order all their RTL/LTR contents, but also correctly participate in the
2018         larger RTL/LTR ordering without affecting nearby characters.
2019
2020         Because much of this code is old and rarely touched, I've included extra background
2021         information in hopes of expanding my set of potential reviewers:
2022
2023         WebKit uses the standard "Unicode Bidi Algorithm" henceforth known as the UBA.
2024         The UBA is defined at http://unicode.org/reports/tr9/ for those not faint of heart.
2025
2026         Text layout is done per-block (<div>, <p>, etc), and begins with a string of text
2027         (which in our case comes from the rendering tree) and a specified width.
2028         First:  Text is measured and wrapped into lines.
2029         Second: The UBA is run over the lines of text.
2030         Third:  WebKit builds InlineBoxes (its linebox tree) and eventually render the text.
2031
2032         This patch modifies our UBA to ignore all text content inside "isolated" inlines (treating them as neutral characters)
2033         and then adds another step after running the UBA, where we run the UBA recursively on any
2034         previously identified "isolated" content.
2035
2036         The result of the UBA is an ordered list of "runs" of text with the RTL runs
2037         correctly RTL and the LTR runs LTR.
2038
2039         The UBA does three things:
2040         1.  It assigns a "class" to each character in a text stream (like neutral, strongly-RTL, strongly-LTR, etc.)
2041         2.  Divides the text stream up into "runs" of characters of the same directionality (all RTL, all LTR).
2042         3.  Re-orders those runs.
2043
2044         The UBA in WebKit is implemented by BidiResolver<T> in BidiResolver.h
2045
2046         The InlineBidiResolver (BidiResolver specialization which knows about the rendering tree)
2047         walks along its InlineIterators, looking at each character and running the
2048         Unicode Bidi Algorithm (UBA).  It walks through the rendering tree subtree under
2049         a block, using a (poorly named) bidiNext function which returns the next inline object.
2050         Each inline object (or text character there-in) has a corresponding meaning in the UBA
2051         such as a "strong RTL" character or a "neutral" character.  The UBA reads these sequence
2052         of characters, and figures out what direction (RTL or LTR) to assign to any neutral
2053         characters it encounters, based on surrounding characters.
2054
2055         As the InlineBidiResolver is walking the rendering tree, the InlineIterator::advance()
2056         function calls bidiNext(), which in turn can call notifyObserverEnteredObject/notifyObserverWillExitObject
2057         notifying InlineBidiResolver that it is entering or exiting an "isolated"
2058         span, at which point it will either start or stop ignoring the stream of characters
2059         from the InlineIterator.  When the InlineBidiResolver is ignoring the stream of
2060         characters, instead of creating separate BidiRuns at each RTL/LTR boundary
2061         as it normally would, it instead creates one "fake" run for the entire
2062         isolated span.  These fake runs participate in the normal UBA run ordering process,
2063         but after the main UBA, a second pass is made where we examine
2064         the list of isolatedRuns() and run the UBA on each of them, replacing the fake
2065         run we previously inserted, with the resulting list of runs from that inner UBA run.
2066         The way it "ignores" characters is by treating them all as neutral when inside an isolate.
2067         Thus all the characters end up grouped in a single run, but their directionality (as a group)
2068         is correctly affected by any surrounding strong characters.
2069
2070         If you understood that last paragraph, than the rest of the change is just plumbing.
2071
2072         I added a huge number of FIXMEs to this code, because this code has a variety of
2073         design choices (or lack there of) which make some of this very difficult.
2074
2075         For example the bidiNext iterator function has two sets of mutually exclusive
2076         parameters and can be used optionally with or without an observer.  Prior to this
2077         change there was only ever one object which cared about observing a walk over inlines
2078         and that was InlineBidiResolver.  This patch (regretfully) templatizes bidiNext
2079         to support a new Observer type.  The correct fix would be to rip bidiNext into
2080         multiple functions and rip need for observation out of InlineBidiResolver.
2081         Unfortunately I've tried both in separate bugs and failed.  This code is very very
2082         old and very poorly understood.  We're slowly moving forward, this is another tiny step.
2083
2084         This is my fourth iteration of this patch (I'm happy to do more!), but I believe
2085         it's a good compromise between fixing all of the design gotcha's of our bidi
2086         system and doing the minimum amount to add this killer CSS feature.
2087
2088         I ran the PLT.  (It averaged 0.2% faster with this change, but I attribute that to noise).
2089
2090         Test: css3/unicode-bidi-isolate-basic.html and css3/unicode-bidi-isolate-aharon.html
2091
2092         * platform/text/BidiResolver.h:
2093         (WebCore::BidiCharacterRun::setNext):
2094          - Needed by the new replaceRunWithRuns function.
2095         (WebCore::BidiResolver::BidiResolver):
2096         (WebCore::BidiResolver::~BidiResolver):
2097         (WebCore::BidiResolver::enterIsolate):
2098         (WebCore::BidiResolver::exitIsolate):
2099         (WebCore::BidiResolver::inIsolate):
2100         (WebCore::BidiResolver::isolatedRuns):
2101          - Used to track isolated spans of text as they're encoutered.
2102            They're stuffed away here to be processed recursively
2103            after the main UBA has done its thang.
2104         (WebCore::::appendRun):
2105         (WebCore::::embed):
2106         (WebCore::::commitExplicitEmbedding):
2107         (WebCore::::createBidiRunsForLine):
2108         * platform/text/BidiRunList.h:
2109         (WebCore::::replaceRunWithRuns):
2110          - This effectively takes all the runs from one runlist and adds them to
2111            this one, replacing the fake run we inserted during a previous pass of the UBA.
2112          - This RunList now owns the runs, so we call clear() on the other RunList
2113            so that we don't end up double-freeing the runs.
2114         (WebCore::::clear):
2115          - This allows us to "take" runs from another run list and then clear it.
2116         * rendering/BidiRun.h:
2117         (WebCore::BidiRun::object):
2118         * rendering/InlineIterator.h:
2119         (WebCore::InlineIterator::object):
2120         (WebCore::InlineIterator::offset):
2121         (WebCore::notifyObserverEnteredObject): Mostly just renaming and adding a FIXME about plaintext.
2122         (WebCore::notifyObserverWillExitObject): Mostly just renaming.
2123         (WebCore::addPlaceholderRunForIsolatedInline):
2124         (WebCore::isIsolatedInline):
2125         (WebCore::InlineBidiResolver::appendRun):
2126         * rendering/RenderBlockLineLayout.cpp:
2127         (WebCore::statusWithDirection):
2128         (WebCore::constructBidiRuns):
2129          - This is the heavy-lifting of this change.  This function
2130            runs the UBA recursively on all the previously identified isolated spans.
2131          - If we encounter more isolated spans in our run, we just add them to the
2132            main list an keep going.  Because the runs are linked lists and we have
2133            direct pointers to our placeholder objects, we don't care what order
2134            we process the placeholders in, so long as when we're done, they're all processed.
2135         (WebCore::RenderBlock::layoutInlineChildren):
2136
2137 2011-09-08  Kentaro Hara  <haraken@google.com>
2138
2139         Implement a ProgressEvent constructor for JSC
2140         https://bugs.webkit.org/show_bug.cgi?id=67537
2141
2142         Reviewed by Sam Weinig.
2143
2144         The spec for the ProgressEvent constructor is here:
2145         http://www.w3.org/TR/progress-events/#interface-progressevent
2146
2147         Test: fast/events/constructors/progress-event-constructor.html
2148
2149         * bindings/generic/EventConstructors.h: Added a definition for the ProgressEvent constructor.
2150         * bindings/js/JSDictionary.cpp:
2151         (WebCore::JSDictionary::convertValue): Converts an ECMA-262 Number into an IDL unsigned long long value. Spec: http://www.w3.org/TR/WebIDL/#es-unsigned-long-long
2152         * bindings/js/JSEventConstructors.cpp: Added #includes for ProgressEvent.
2153         * dom/ProgressEvent.cpp:
2154         (WebCore::ProgressEventInit::ProgressEventInit):
2155         (WebCore::ProgressEvent::ProgressEvent):
2156         * dom/ProgressEvent.h: Added a definition for ProgressEventInit.
2157         (WebCore::ProgressEvent::create):
2158         * dom/ProgressEvent.idl: Makes ProgressEvent constructible.
2159
2160 2011-09-08  Ryosuke Niwa  <rniwa@webkit.org>
2161
2162         Make bindings tests quiet after r94701.
2163
2164         * bindings/scripts/test/JS/JSTestInterface.cpp:
2165         * bindings/scripts/test/JS/JSTestInterface.h:
2166         (WebCore::JSTestInterfacePrototype::JSTestInterfacePrototype):
2167         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
2168         * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
2169         (WebCore::JSTestMediaQueryListListenerPrototype::JSTestMediaQueryListListenerPrototype):
2170         * bindings/scripts/test/JS/JSTestObj.cpp:
2171         * bindings/scripts/test/JS/JSTestObj.h:
2172         (WebCore::JSTestObjPrototype::JSTestObjPrototype):
2173         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
2174         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
2175         (WebCore::JSTestSerializedScriptValueInterfacePrototype::JSTestSerializedScriptValueInterfacePrototype):
2176
2177 2011-09-07  Pavel Podivilov  <podivilov@chromium.org>
2178
2179         Web Inspector: get rid of RawSourceCode.createSourceMappingIfNeeded.
2180         https://bugs.webkit.org/show_bug.cgi?id=67717
2181
2182         Listen to SourceMappingUpdated event instead of using createSourceMappingIfNeeded.
2183
2184         Reviewed by Yury Semikhatsky.
2185
2186         * inspector/front-end/DebuggerPresentationModel.js:
2187         (WebInspector.DebuggerPresentationModel):
2188         (WebInspector.DebuggerPresentationModel.prototype.linkifyLocation.updateAnchor):
2189         (WebInspector.DebuggerPresentationModel.prototype.linkifyLocation):
2190         (WebInspector.DebuggerPresentationModel.prototype._updateSourceMapping):
2191         (WebInspector.DebuggerPresentationModel.prototype._restoreBreakpoints):
2192         (WebInspector.DebuggerPresentationModel.prototype._restoreConsoleMessages):
2193         (WebInspector.DebuggerPresentationModel.prototype.setFormatSource):
2194         (WebInspector.DebuggerPresentationModel.prototype._consoleMessageAdded):
2195         (WebInspector.DebuggerPresentationModel.prototype._createPresentationMessage):
2196         (WebInspector.DebuggerPresentationModel.prototype._consoleCleared):
2197         (WebInspector.DebuggerPresentationModel.prototype.continueToLine):
2198         (WebInspector.DebuggerPresentationModel.prototype.messagesForUISourceCode):
2199         (WebInspector.DebuggerPresentationModel.prototype._debuggerReset):
2200         (WebInspector.PresentationCallFrame.prototype.sourceLine.sourceMappingUpdated):
2201         (WebInspector.PresentationCallFrame.prototype.sourceLine):
2202         * inspector/front-end/SourceFile.js:
2203
2204 2011-09-06  Pavel Podivilov  <podivilov@chromium.org>
2205
2206         Web Inspector: do not re-create RawSourceCode when toggling pretty-print mode.
2207         https://bugs.webkit.org/show_bug.cgi?id=67647
2208
2209         1) Implement RawSourceCode.setFormatted that allows toggling pretty-print mode on the fly without resetting everything.
2210         2) Add RawSourceCode unit tests.
2211         3) Remove source mapping listeners and console messages from presentation model (they live in RawSourceCode now).
2212
2213         Reviewed by Yury Semikhatsky.
2214
2215         Test: inspector/debugger/raw-source-code.html
2216
2217         * inspector/front-end/DebuggerPresentationModel.js:
2218         (WebInspector.DebuggerPresentationModel):
2219         (WebInspector.DebuggerPresentationModel.prototype.linkifyLocation):
2220         (WebInspector.DebuggerPresentationModel.prototype._addScript):
2221         (WebInspector.DebuggerPresentationModel.prototype._sourceMappingUpdated):
2222         (WebInspector.DebuggerPresentationModel.prototype.setFormatSource):
2223         (WebInspector.DebuggerPresentationModel.prototype._createRawSourceCodeId):
2224         (WebInspector.DebuggerPresentationModel.prototype._debuggerReset):
2225         * inspector/front-end/ScriptsPanel.js:
2226         (WebInspector.ScriptsPanel.prototype._toggleFormatSource):
2227         * inspector/front-end/SourceFile.js:
2228         (WebInspector.RawSourceCode):
2229         (WebInspector.RawSourceCode.prototype.get uiSourceCode):
2230         (WebInspector.RawSourceCode.prototype.setFormatted):
2231         (WebInspector.RawSourceCode.prototype.rawLocationToUILocation):
2232         (WebInspector.RawSourceCode.prototype._saveSourceMapping):
2233
2234 2011-09-08  Alexander Pavlov  <apavlov@chromium.org>
2235
2236         Web Inspector: [REGRESSION] Clear console shortcut Ctrl + L broken
2237         https://bugs.webkit.org/show_bug.cgi?id=67711
2238
2239         Reviewed by Yury Semikhatsky.
2240
2241         * inspector/front-end/ConsoleView.js:
2242         (WebInspector.ConsoleView.prototype._consoleCleared):
2243         (WebInspector.ConsoleView.prototype._registerShortcuts):
2244         (WebInspector.ConsoleView.prototype._promptKeyDown):
2245
2246 2011-09-08  Andras Becsi  <andras.becsi@nokia.com>
2247
2248         [Qt] Build fails with strict compiler
2249         https://bugs.webkit.org/show_bug.cgi?id=67778
2250
2251         Reviewed by Csaba Osztrogon√°c.
2252
2253         No new tests needed.
2254
2255         * platform/graphics/TiledBackingStore.cpp:
2256         (WebCore::TiledBackingStore::resizeEdgeTiles): Remove unused contentsRect variable
2257         which's usage was removed in r94681 to fix the build with [-Werror=unused-but-set-variable].
2258
2259 2011-09-08  Sheriff Bot  <webkit.review.bot@gmail.com>
2260
2261         Unreviewed, rolling out r94695.
2262         http://trac.webkit.org/changeset/94695
2263         https://bugs.webkit.org/show_bug.cgi?id=67776
2264
2265         Hitting an assertion on Snow Leopard, Qt, GTK (Requested by
2266         Zoltan on #webkit).
2267
2268         * rendering/RenderBlock.cpp:
2269         (WebCore::RenderBlock::positionedFloatsNeedRelayout):
2270         (WebCore::RenderBlock::layoutPositionedObjects):
2271
2272 2011-09-08  Alexander Pavlov  <apavlov@chromium.org>
2273
2274         Unreviewed, strip trailing whitespace in the Web Inspector frontend (*.js and *.css).
2275
2276         * inspector/front-end/ApplicationCacheItemsView.js:
2277         * inspector/front-end/AuditResultView.js:
2278         * inspector/front-end/BinarySearch.js:
2279         * inspector/front-end/CSSStyleModel.js:
2280         * inspector/front-end/ConsoleMessage.js:
2281         * inspector/front-end/ConsoleModel.js:
2282         * inspector/front-end/ConsoleView.js:
2283         * inspector/front-end/CookieItemsView.js:
2284         * inspector/front-end/CookieParser.js:
2285         * inspector/front-end/DOMAgent.js:
2286         * inspector/front-end/DOMStorage.js:
2287         * inspector/front-end/DOMStorageItemsView.js:
2288         * inspector/front-end/DataGrid.js:
2289         * inspector/front-end/Database.js:
2290         * inspector/front-end/DatabaseQueryView.js:
2291         * inspector/front-end/DetailedHeapshotGridNodes.js:
2292         * inspector/front-end/DetailedHeapshotView.js:
2293         * inspector/front-end/ElementsTreeOutline.js:
2294         * inspector/front-end/EmptyView.js:
2295         * inspector/front-end/EventListenersSidebarPane.js:
2296         * inspector/front-end/ExtensionCommon.js:
2297         * inspector/front-end/GoToLineDialog.js:
2298         * inspector/front-end/HeapSnapshot.js:
2299         * inspector/front-end/HeapSnapshotProxy.js:
2300         * inspector/front-end/HeapSnapshotWorkerDispatcher.js:
2301         * inspector/front-end/ImageView.js:
2302         * inspector/front-end/InjectedFakeWorker.js:
2303         * inspector/front-end/InspectorFrontendHostStub.js:
2304         * inspector/front-end/MetricsSidebarPane.js:
2305         * inspector/front-end/NetworkManager.js:
2306         * inspector/front-end/NetworkPanel.js:
2307         * inspector/front-end/ObjectPropertiesSection.js:
2308         * inspector/front-end/PartialQuickSort.js:
2309         * inspector/front-end/ProfileView.js:
2310         * inspector/front-end/ProfilesPanel.js:
2311         * inspector/front-end/RemoteObject.js:
2312         * inspector/front-end/Resource.js:
2313         * inspector/front-end/ResourceCategory.js:
2314         * inspector/front-end/ResourceHTMLView.js:
2315         * inspector/front-end/ResourceHeadersView.js:
2316         * inspector/front-end/ResourceJSONView.js:
2317         * inspector/front-end/ResourceTimingView.js:
2318         * inspector/front-end/ResourceTreeModel.js:
2319         * inspector/front-end/ResourceView.js:
2320         * inspector/front-end/ResourcesPanel.js:
2321         * inspector/front-end/SearchController.js:
2322         * inspector/front-end/SettingsScreen.js:
2323         * inspector/front-end/ShortcutsScreen.js:
2324         * inspector/front-end/SourceCSSTokenizer.js:
2325         * inspector/front-end/SourceHTMLTokenizer.js:
2326         * inspector/front-end/SourceJavaScriptTokenizer.js:
2327         * inspector/front-end/StatusBarButton.js:
2328         * inspector/front-end/TextEditorModel.js:
2329         * inspector/front-end/TimelineGrid.js:
2330         * inspector/front-end/View.js:
2331         * inspector/front-end/heapProfiler.css:
2332         * inspector/front-end/inspector.css:
2333         * inspector/front-end/inspector.js:
2334         * inspector/front-end/inspectorSyntaxHighlight.css:
2335         * inspector/front-end/networkPanel.css:
2336         * inspector/front-end/treeoutline.js:
2337         * inspector/front-end/utilities.js:
2338
2339 2011-09-07  Andrey Kosyakov  <caseq@chromium.org>
2340
2341         Web Inspector: trying to scroll mouse wheel when in TextViewer's gutter pane causes EventException::DISPATCH_REQUEST_ERR
2342         https://bugs.webkit.org/show_bug.cgi?id=67715
2343
2344         Reviewed by Yury Semikhatsky.
2345
2346         - avoid exception on attempt to dispatch an event that is being dispatched by cloning the event.
2347
2348         * inspector/front-end/TextViewer.js:
2349         (WebInspector.TextViewer.forwardWheelEvent):
2350         (WebInspector.TextViewer):
2351
2352 2011-09-07  Sheriff Bot  <webkit.review.bot@gmail.com>
2353
2354         Unreviewed, rolling out r94674 and r94689.
2355         http://trac.webkit.org/changeset/94674
2356         http://trac.webkit.org/changeset/94689
2357         https://bugs.webkit.org/show_bug.cgi?id=67754
2358
2359         Broke inspector/debugger/script-formatter.html (Requested by
2360         rniwa on #webkit).
2361
2362         * inspector/front-end/DebuggerPresentationModel.js:
2363         (WebInspector.DebuggerPresentationModel):
2364         (WebInspector.DebuggerPresentationModel.prototype.addSourceMappingListener):
2365         (WebInspector.DebuggerPresentationModel.prototype.removeSourceMappingListener):
2366         (WebInspector.DebuggerPresentationModel.prototype.linkifyLocation):
2367         (WebInspector.DebuggerPresentationModel.prototype._addScript):
2368         (WebInspector.DebuggerPresentationModel.prototype._sourceMappingUpdated):
2369         (WebInspector.DebuggerPresentationModel.prototype._restoreBreakpoints):
2370         (WebInspector.DebuggerPresentationModel.prototype.setFormatSource):
2371         (WebInspector.DebuggerPresentationModel.prototype._createRawSourceCodeId):
2372         (WebInspector.DebuggerPresentationModel.prototype._debuggerReset):
2373         * inspector/front-end/ScriptsPanel.js:
2374         (WebInspector.ScriptsPanel.prototype._toggleFormatSource):
2375         * inspector/front-end/SourceFile.js:
2376         (WebInspector.RawSourceCode):
2377         (WebInspector.RawSourceCode.prototype.get uiSourceCode):
2378         (WebInspector.RawSourceCode.prototype.get rawSourceCode):
2379         (WebInspector.RawSourceCode.prototype.rawLocationToUILocation):
2380         (WebInspector.RawSourceCode.prototype.requestContent):
2381         (WebInspector.RawSourceCode.prototype._saveSourceMapping):
2382
2383 2011-09-07  Julien Chaffraix  <jchaffraix@webkit.org>
2384
2385         offsetFromRoot optimization is disabled after r93837
2386         https://bugs.webkit.org/show_bug.cgi?id=67677
2387
2388         Reviewed by Simon Fraser.
2389
2390         Unfortunately not covered by any test as it does not change updateLayerPosition complexity (it is still O(n^2)
2391         because of clippedOverflowRectForRepaint). However it is a noticeable slowdown on some use cases but we don't
2392         have a good test harness to cover such slowdown.
2393
2394         * rendering/RenderLayer.cpp:
2395         (WebCore::RenderLayer::updateLayerPositions): Pass offsetFromRoot as not doing so means that we miss
2396         the optimization altogether.
2397
2398         (WebCore::RenderLayer::computeRepaintRects):
2399         (WebCore::RenderLayer::updateLayerPositionsAfterScroll):
2400         * rendering/RenderLayer.h:
2401         Renamed |cachedOffset| to |offsetFromRoot| to be consistent with our latest renaming.
2402
2403 2011-09-07  Ryosuke Niwa  <rniwa@webkit.org>
2404
2405         Windows build fix after r94737.
2406
2407         * rendering/RenderBlock.cpp:
2408         (WebCore::RenderBlock::adjustRectForColumns):
2409
2410 2011-09-07  Dan Bernstein  <mitz@apple.com>
2411
2412         Removed hyphenation function implementations for an usupported build configuration.
2413
2414         Reviewed by Sam Weinig.
2415
2416         * platform/text/cf/HyphenationCF.cpp:
2417
2418 2011-09-07  David Hyatt  <hyatt@apple.com>
2419
2420         https://bugs.webkit.org/show_bug.cgi?id=67739
2421
2422         adjustRectForColumns is O(# of columns) when it can be O(1). Fix the slow performance of this
2423         function by removing the loop and just computing the start and end column for a repaint rect
2424         and uniting everything in between.
2425
2426         Reviewed by Dan Bernstein.
2427
2428         * rendering/RenderBlock.cpp:
2429         (WebCore::RenderBlock::adjustRectForColumns):
2430
2431 2011-09-07  Sheriff Bot  <webkit.review.bot@gmail.com>
2432
2433         Unreviewed, rolling out r94714 and r94723.
2434         http://trac.webkit.org/changeset/94714
2435         http://trac.webkit.org/changeset/94723
2436         https://bugs.webkit.org/show_bug.cgi?id=67746
2437
2438         breaks gtk-linux tests with assertion failure (Requested by
2439         thorton on #webkit).
2440
2441         * platform/graphics/GraphicsContext.cpp:
2442         (WebCore::GraphicsContext::GraphicsContext):
2443         (WebCore::GraphicsContext::~GraphicsContext):
2444         * platform/graphics/GraphicsContext.h:
2445         (WebCore::GraphicsContext::inTransparencyLayer):
2446         * platform/graphics/cairo/GraphicsContextCairo.cpp:
2447         (WebCore::GraphicsContext::beginTransparencyLayer):
2448         (WebCore::GraphicsContext::endTransparencyLayer):
2449         * platform/graphics/cairo/GraphicsContextPlatformPrivateCairo.h:
2450         (WebCore::GraphicsContextPlatformPrivate::beginTransparencyLayer):
2451         (WebCore::GraphicsContextPlatformPrivate::endTransparencyLayer):
2452         * platform/graphics/cg/GraphicsContextCG.cpp:
2453         (WebCore::GraphicsContext::beginTransparencyLayer):
2454         (WebCore::GraphicsContext::endTransparencyLayer):
2455         * platform/graphics/cg/GraphicsContextPlatformPrivateCG.h:
2456         (WebCore::GraphicsContextPlatformPrivate::GraphicsContextPlatformPrivate):
2457         (WebCore::GraphicsContextPlatformPrivate::~GraphicsContextPlatformPrivate):
2458         (WebCore::GraphicsContextPlatformPrivate::beginTransparencyLayer):
2459         (WebCore::GraphicsContextPlatformPrivate::endTransparencyLayer):
2460         * platform/graphics/haiku/GraphicsContextHaiku.cpp:
2461         (WebCore::GraphicsContext::beginTransparencyLayer):
2462         (WebCore::GraphicsContext::endTransparencyLayer):
2463         * platform/graphics/mac/FontMac.mm:
2464         (WebCore::Font::drawGlyphs):
2465         * platform/graphics/openvg/GraphicsContextOpenVG.cpp:
2466         (WebCore::GraphicsContext::beginTransparencyLayer):
2467         (WebCore::GraphicsContext::endTransparencyLayer):
2468         * platform/graphics/qt/GraphicsContextQt.cpp:
2469         (WebCore::GraphicsContext::inTransparencyLayer):
2470         (WebCore::GraphicsContext::beginTransparencyLayer):
2471         (WebCore::GraphicsContext::endTransparencyLayer):
2472         * platform/graphics/skia/GraphicsContextSkia.cpp:
2473         (WebCore::GraphicsContext::beginTransparencyLayer):
2474         (WebCore::GraphicsContext::endTransparencyLayer):
2475         * platform/graphics/win/FontCGWin.cpp:
2476         (WebCore::drawGDIGlyphs):
2477         * platform/graphics/win/GraphicsContextCGWin.cpp:
2478         (WebCore::GraphicsContext::releaseWindowsContext):
2479         * platform/graphics/win/GraphicsContextCairoWin.cpp:
2480         (WebCore::GraphicsContext::releaseWindowsContext):
2481         * platform/graphics/win/GraphicsContextWin.cpp:
2482         (WebCore::GraphicsContext::inTransparencyLayer):
2483         (WebCore::GraphicsContext::getWindowsContext):
2484         * platform/graphics/wince/GraphicsContextWinCE.cpp:
2485         (WebCore::GraphicsContext::beginTransparencyLayer):
2486         (WebCore::GraphicsContext::endTransparencyLayer):
2487         * platform/graphics/wx/GraphicsContextWx.cpp:
2488         (WebCore::GraphicsContext::beginTransparencyLayer):
2489         (WebCore::GraphicsContext::endTransparencyLayer):
2490         * platform/win/ScrollbarThemeWin.cpp:
2491         (WebCore::ScrollbarThemeWin::paintTrackPiece):
2492         (WebCore::ScrollbarThemeWin::paintButton):
2493         (WebCore::ScrollbarThemeWin::paintThumb):
2494         * plugins/win/PluginViewWin.cpp:
2495         (WebCore::PluginView::paint):
2496         * rendering/RenderThemeWin.cpp:
2497         (WebCore::drawControl):
2498
2499 2011-09-07  Chris Fleizach  <cfleizach@apple.com>
2500
2501         Changes to aria-hidden don't change VO navigation
2502         https://bugs.webkit.org/show_bug.cgi?id=67722
2503
2504         Reviewed by Darin Adler.
2505
2506         When altering aria-hidden, WebCore needs to update the children caches of 
2507         affected elements. However, for elements that were children, but ignored, their
2508         caches did not get updated, and stale information would be propagated.
2509
2510         The fix is to always clearChildren() when a parent is asking for children. This 
2511         ensures information is always up to date when the parent itself is asking for new data.
2512
2513         Test: accessibility/aria-hidden-updates-alldescendants.html
2514
2515         * accessibility/AccessibilityObject.h:
2516         * accessibility/AccessibilityRenderObject.cpp:
2517         (WebCore::AccessibilityRenderObject::ariaIsHidden):
2518         (WebCore::AccessibilityRenderObject::childrenChanged):
2519         (WebCore::AccessibilityRenderObject::addChildren):
2520
2521 2011-09-07  Tim Horton  <timothy_horton@apple.com>
2522
2523         Text rendered with a simple (i.e. 0px blur) shadow inside a transparency layer has a double shadow
2524         https://bugs.webkit.org/show_bug.cgi?id=67543
2525         <rdar://problem/10070536>
2526
2527         Reviewed by Simon Fraser.
2528
2529         Generalize (begin|end)TransparencyLayer, which now forward
2530         through to (begin|end)PlatformTransparencyLayer, so that
2531         isInTransparencyLayer can exist on every platform.
2532
2533         Make use of isInTransparencyLayer in FontMac to disable
2534         "simple" shadow drawing when the text is being rendered
2535         into a transparency layer.
2536
2537         Test: svg/custom/simple-text-double-shadow.svg
2538
2539         * platform/graphics/GraphicsContext.cpp:
2540         (WebCore::GraphicsContext::GraphicsContext):
2541         (WebCore::GraphicsContext::~GraphicsContext):
2542         (WebCore::GraphicsContext::beginTransparencyLayer):
2543         (WebCore::GraphicsContext::endTransparencyLayer):
2544         (WebCore::GraphicsContext::isInTransparencyLayer):
2545         * platform/graphics/GraphicsContext.h:
2546         * platform/graphics/cairo/GraphicsContextCairo.cpp:
2547         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
2548         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
2549         (WebCore::GraphicsContext::supportsTransparencyLayers):
2550         * platform/graphics/cairo/GraphicsContextPlatformPrivateCairo.h:
2551         * platform/graphics/cg/GraphicsContextCG.cpp:
2552         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
2553         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
2554         (WebCore::GraphicsContext::supportsTransparencyLayers):
2555         * platform/graphics/cg/GraphicsContextPlatformPrivateCG.h:
2556         (WebCore::GraphicsContextPlatformPrivate::GraphicsContextPlatformPrivate):
2557         * platform/graphics/haiku/GraphicsContextHaiku.cpp:
2558         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
2559         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
2560         (WebCore::GraphicsContext::supportsTransparencyLayers):
2561         * platform/graphics/mac/FontMac.mm:
2562         (WebCore::Font::drawGlyphs):
2563         * platform/graphics/openvg/GraphicsContextOpenVG.cpp:
2564         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
2565         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
2566         (WebCore::GraphicsContext::supportsTransparencyLayers):
2567         * platform/graphics/qt/GraphicsContextQt.cpp:
2568         (WebCore::GraphicsContext::isInTransparencyLayer):
2569         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
2570         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
2571         (WebCore::GraphicsContext::supportsTransparencyLayers):
2572         * platform/graphics/skia/GraphicsContextSkia.cpp:
2573         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
2574         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
2575         (WebCore::GraphicsContext::supportsTransparencyLayers):
2576         * platform/graphics/win/FontCGWin.cpp:
2577         (WebCore::drawGDIGlyphs):
2578         * platform/graphics/win/GraphicsContextCGWin.cpp:
2579         (WebCore::GraphicsContext::releaseWindowsContext):
2580         * platform/graphics/win/GraphicsContextCairoWin.cpp:
2581         (WebCore::GraphicsContext::releaseWindowsContext):
2582         * platform/graphics/win/GraphicsContextWin.cpp:
2583         (WebCore::GraphicsContext::getWindowsContext):
2584         * platform/graphics/wince/GraphicsContextWinCE.cpp:
2585         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
2586         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
2587         (WebCore::GraphicsContext::supportsTransparencyLayers):
2588         * platform/graphics/wx/GraphicsContextWx.cpp:
2589         (WebCore::GraphicsContext::beginPlatformTransparencyLayer):
2590         (WebCore::GraphicsContext::endPlatformTransparencyLayer):
2591         (WebCore::GraphicsContext::supportsTransparencyLayers):
2592         * platform/win/ScrollbarThemeWin.cpp:
2593         * plugins/win/PluginViewWin.cpp:
2594         * rendering/RenderThemeWin.cpp:
2595
2596 2011-09-07  Dan Bernstein  <mitz@apple.com>
2597
2598         <rdar://problem/8881922> Support the hyphenate-limit-lines property
2599         https://bugs.webkit.org/show_bug.cgi?id=67730
2600
2601         Reviewed by Dave Hyatt.
2602
2603         Tests: fast/css/parsing-hyphenate-limit-lines.html
2604                fast/text/hyphenate-limit-lines.html
2605
2606         * css/CSSComputedStyleDeclaration.cpp:
2607         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue): Added hyphenate-limit-lines.
2608         * css/CSSParser.cpp:
2609         (WebCore::CSSParser::parseValue): Ditto. Valid values are non-negative integers and the keyword
2610         "no-limit".
2611         * css/CSSPropertyNames.in: Added -webkit-hyphenate-limit-lines.
2612         * css/CSSStyleSelector.cpp:
2613         (WebCore::CSSStyleSelector::applyProperty): Added hyphenate-limit-lines.
2614         * css/CSSValueKeywords.in: Added the "no-limit" value keyword.
2615         * rendering/RenderBlock.h:
2616         * rendering/RenderBlockLineLayout.cpp:
2617         (WebCore::RenderBlock::layoutRunsAndFloats): Count the number of consecutive hyphenated lines
2618         before the start line and pass it to layoutRunsAndFloatsInRange().
2619         (WebCore::RenderBlock::layoutRunsAndFloatsInRange): Keep track of the number of consecutive
2620         hyphenated lines before the current line and pass it to LineBreaker::nextLineBreak().
2621         (WebCore::tryHyphenating): Added parameters for the number of consecutive hyphenated lines before
2622         the current line and the limit on consecutive hyphenated lines, and an early return if the limit
2623         has been reached.
2624         (WebCore::RenderBlock::LineBreaker::nextLineBreak): Added a parameter for the number of consecutive
2625         hyphenated lines before the current line, which is passed through to tryHyphenating, along with
2626         the value of hyphenate-limit-lines.
2627         * rendering/RootInlineBox.cpp:
2628         (WebCore::RootInlineBox::isHyphenated): Added. Returns true if the line was hyphenated.
2629         * rendering/RootInlineBox.h:
2630         * rendering/style/RenderStyle.h:
2631         (WebCore::InheritedFlags::hyphenationLimitLines): Added this getter.
2632         (WebCore::InheritedFlags::setHyphenationLimitLines): Added this setter.
2633         (WebCore::InheritedFlags::initialHyphenationLimitLines): Added. The initial value is -1,
2634         corresponding to "no-limit".
2635         * rendering/style/StyleRareInheritedData.cpp:
2636         (WebCore::StyleRareInheritedData::StyleRareInheritedData): Initialize new member variable.
2637         (WebCore::StyleRareInheritedData::operator==): Compare new member variable.
2638         * rendering/style/StyleRareInheritedData.h:
2639
2640 2011-09-02  Ojan Vafai  <ojan@chromium.org>
2641
2642         split overrideSize into overrideHeight and overrideWidth
2643         https://bugs.webkit.org/show_bug.cgi?id=67550
2644
2645         Reviewed by Sam Weinig.
2646
2647         All uses of overrideSize only set one of the width or the height.
2648         This change removes a bool from RenderObject and removes some
2649         flexbox specific logic from RenderBox.
2650
2651         The only downside is that we have two global maps where we used
2652         to have one.
2653
2654         No functional changes so existing tests are sufficient.
2655
2656         * rendering/RenderBox.cpp:
2657         (WebCore::RenderBox::hasOverrideHeight):
2658         (WebCore::RenderBox::hasOverrideWidth):
2659         (WebCore::RenderBox::setOverrideHeight):
2660         (WebCore::RenderBox::setOverrideWidth):
2661         (WebCore::RenderBox::clearOverrideSize):
2662         (WebCore::RenderBox::overrideWidth):
2663         (WebCore::RenderBox::overrideHeight):
2664         (WebCore::RenderBox::computeLogicalWidth):
2665         (WebCore::RenderBox::computeLogicalHeight):
2666         (WebCore::RenderBox::computePercentageLogicalHeight):
2667         * rendering/RenderBox.h:
2668         * rendering/RenderDeprecatedFlexibleBox.cpp:
2669         (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
2670         (WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox):
2671         (WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):
2672         * rendering/RenderFlexibleBox.cpp:
2673         (WebCore::RenderFlexibleBox::layoutAndPlaceChildrenHorizontal):
2674         * rendering/RenderObject.cpp:
2675         (WebCore::RenderObject::RenderObject):
2676         * rendering/RenderObject.h:
2677         * rendering/RenderTableCell.cpp:
2678         (WebCore::RenderTableCell::setOverrideHeightFromRowHeight):
2679         * rendering/RenderTableCell.h:
2680         * rendering/RenderTableSection.cpp:
2681         (WebCore::RenderTableSection::calcRowLogicalHeight):
2682         (WebCore::RenderTableSection::layoutRows):
2683
2684 2011-09-07  Alexei Svitkine  <asvitkine@chromium.org>
2685
2686         Add test infrastructure to test rubber-banding overhang drawing along with layout tests for existing Chromium Mac overhang drawing in the non-gpu path.
2687         https://bugs.webkit.org/show_bug.cgi?id=67511
2688
2689         Reviewed by Dimitri Glazkov.
2690
2691         Tests: platform/chromium-mac/rubberbanding/overhang-e.html
2692                platform/chromium-mac/rubberbanding/overhang-n.html
2693                platform/chromium-mac/rubberbanding/overhang-ne.html
2694                platform/chromium-mac/rubberbanding/overhang-nw.html
2695                platform/chromium-mac/rubberbanding/overhang-s.html
2696                platform/chromium-mac/rubberbanding/overhang-se.html
2697                platform/chromium-mac/rubberbanding/overhang-sw.html
2698                platform/chromium-mac/rubberbanding/overhang-w.html
2699
2700         * WebCore.exp.in:
2701         * platform/ScrollableArea.h:
2702         * testing/Internals.cpp:
2703         (WebCore::Internals::setScrollViewPosition):
2704         * testing/Internals.h:
2705         * testing/Internals.idl:
2706
2707 2011-09-07  David Reveman  <reveman@chromium.org>
2708
2709         [Chromium] Render surface anti-aliasing.
2710         https://bugs.webkit.org/show_bug.cgi?id=66437
2711
2712         Reviewed by James Robinson.
2713
2714         Add CCLayerQuad class and CCLayerQuad::Edge subclass to allow
2715         edge computations to be shared between tiled layers and render
2716         surfaces. Move isCCW utility function to FloatQuad class and
2717         add to2dTransform method to TransformationMatrix class. Add
2718         necessary anti-aliasing shaders for render surfaces and use them
2719         to avoid aliased edges.
2720
2721         Tests: compositing/reflections/nested-reflection-transformed.html (existing)
2722
2723         * WebCore.gypi:
2724         * platform/graphics/FloatQuad.cpp:
2725         (WebCore::FloatQuad::isCounterclockwise):
2726         * platform/graphics/FloatQuad.h:
2727         * platform/graphics/chromium/LayerChromium.cpp:
2728         (WebCore::LayerChromium::drawTexturedQuad):
2729         * platform/graphics/chromium/LayerChromium.h:
2730         * platform/graphics/chromium/LayerRendererChromium.cpp:
2731         (WebCore::LayerRendererChromium::LayerRendererChromium):
2732         (WebCore::LayerRendererChromium::headsUpDisplayProgram):
2733         (WebCore::LayerRendererChromium::renderSurfaceProgram):
2734         (WebCore::LayerRendererChromium::renderSurfaceProgramAA):
2735         (WebCore::LayerRendererChromium::renderSurfaceMaskProgram):
2736         (WebCore::LayerRendererChromium::renderSurfaceMaskProgramAA):
2737         (WebCore::LayerRendererChromium::tilerProgramSwizzle):
2738         (WebCore::LayerRendererChromium::canvasLayerProgram):
2739         (WebCore::LayerRendererChromium::pluginLayerProgram):
2740         (WebCore::LayerRendererChromium::videoLayerRGBAProgram):
2741         (WebCore::LayerRendererChromium::videoLayerYUVProgram):
2742         (WebCore::LayerRendererChromium::cleanupSharedObjects):
2743         * platform/graphics/chromium/LayerRendererChromium.h:
2744         (WebCore::LayerRendererChromium::sharedGeometryQuad):
2745         * platform/graphics/chromium/ShaderChromium.cpp:
2746         (WebCore::VertexShaderQuad::VertexShaderQuad):
2747         (WebCore::VertexShaderQuad::init):
2748         (WebCore::VertexShaderQuad::getShaderString):
2749         (WebCore::FragmentShaderRGBATexAlphaAA::FragmentShaderRGBATexAlphaAA):
2750         (WebCore::FragmentShaderRGBATexAlphaAA::init):
2751         (WebCore::FragmentShaderRGBATexAlphaAA::getShaderString):
2752         (WebCore::FragmentTexClampAlphaAABinding::FragmentTexClampAlphaAABinding):
2753         (WebCore::FragmentTexClampAlphaAABinding::init):
2754         (WebCore::FragmentShaderRGBATexClampAlphaAA::getShaderString):
2755         (WebCore::FragmentShaderRGBATexClampSwizzleAlphaAA::getShaderString):
2756         (WebCore::FragmentShaderRGBATexAlphaMaskAA::FragmentShaderRGBATexAlphaMaskAA):
2757         (WebCore::FragmentShaderRGBATexAlphaMaskAA::init):
2758         (WebCore::FragmentShaderRGBATexAlphaMaskAA::getShaderString):
2759         * platform/graphics/chromium/ShaderChromium.h:
2760         (WebCore::VertexShaderQuad::matrixLocation):
2761         (WebCore::VertexShaderQuad::pointLocation):
2762         (WebCore::FragmentShaderRGBATexAlphaAA::alphaLocation):
2763         (WebCore::FragmentShaderRGBATexAlphaAA::samplerLocation):
2764         (WebCore::FragmentShaderRGBATexAlphaAA::edgeLocation):
2765         (WebCore::FragmentShaderRGBATexAlphaMaskAA::alphaLocation):
2766         (WebCore::FragmentShaderRGBATexAlphaMaskAA::samplerLocation):
2767         (WebCore::FragmentShaderRGBATexAlphaMaskAA::maskSamplerLocation):
2768         (WebCore::FragmentShaderRGBATexAlphaMaskAA::edgeLocation):
2769         * platform/graphics/chromium/cc/CCCanvasLayerImpl.cpp:
2770         (WebCore::CCCanvasLayerImpl::draw):
2771         * platform/graphics/chromium/cc/CCHeadsUpDisplay.cpp:
2772         (WebCore::CCHeadsUpDisplay::draw):
2773         * platform/graphics/chromium/cc/CCLayerQuad.cpp: Added.
2774         (WebCore::CCLayerQuad::Edge::Edge):
2775         (WebCore::CCLayerQuad::CCLayerQuad):
2776         (WebCore::CCLayerQuad::floatQuad):
2777         (WebCore::CCLayerQuad::toFloatArray):
2778         * platform/graphics/chromium/cc/CCLayerQuad.h: Added.
2779         (WebCore::CCLayerQuad::Edge::Edge):
2780         (WebCore::CCLayerQuad::Edge::x):
2781         (WebCore::CCLayerQuad::Edge::y):
2782         (WebCore::CCLayerQuad::Edge::z):
2783         (WebCore::CCLayerQuad::Edge::setX):
2784         (WebCore::CCLayerQuad::Edge::setY):
2785         (WebCore::CCLayerQuad::Edge::setZ):
2786         (WebCore::CCLayerQuad::Edge::set):
2787         (WebCore::CCLayerQuad::Edge::moveX):
2788         (WebCore::CCLayerQuad::Edge::moveY):
2789         (WebCore::CCLayerQuad::Edge::moveZ):
2790         (WebCore::CCLayerQuad::Edge::move):
2791         (WebCore::CCLayerQuad::Edge::scaleX):
2792         (WebCore::CCLayerQuad::Edge::scaleY):
2793         (WebCore::CCLayerQuad::Edge::scaleZ):
2794         (WebCore::CCLayerQuad::Edge::scale):
2795         (WebCore::CCLayerQuad::Edge::intersect):
2796         (WebCore::CCLayerQuad::CCLayerQuad):
2797         (WebCore::CCLayerQuad::left):
2798         (WebCore::CCLayerQuad::top):
2799         (WebCore::CCLayerQuad::right):
2800         (WebCore::CCLayerQuad::bottom):
2801         (WebCore::CCLayerQuad::inflateX):
2802         (WebCore::CCLayerQuad::inflateY):
2803         (WebCore::CCLayerQuad::inflate):
2804         (WebCore::CCLayerQuad::inflateAntiAliasingDistance):
2805         * platform/graphics/chromium/cc/CCPluginLayerImpl.cpp:
2806         (WebCore::CCPluginLayerImpl::draw):
2807         * platform/graphics/chromium/cc/CCRenderSurface.cpp:
2808         (WebCore::CCRenderSurface::draw):
2809         (WebCore::CCRenderSurface::drawLayer):
2810         (WebCore::CCRenderSurface::drawSurface):
2811         * platform/graphics/chromium/cc/CCRenderSurface.h:
2812         * platform/graphics/chromium/cc/CCTiledLayerImpl.cpp:
2813         (WebCore::CCTiledLayerImpl::draw):
2814         (WebCore::CCTiledLayerImpl::drawTiles):
2815         * platform/graphics/chromium/cc/CCTiledLayerImpl.h:
2816         * platform/graphics/chromium/cc/CCVideoLayerImpl.cpp:
2817         (WebCore::CCVideoLayerImpl::drawYUV):
2818         (WebCore::CCVideoLayerImpl::drawRGBA):
2819         * platform/graphics/transforms/TransformationMatrix.cpp:
2820         (WebCore::TransformationMatrix::to2dTransform):
2821         * platform/graphics/transforms/TransformationMatrix.h:
2822
2823 2011-09-06  Oliver Hunt  <oliver@apple.com>
2824
2825         Remove JSObjectWithGlobalObject
2826         https://bugs.webkit.org/show_bug.cgi?id=67689
2827
2828         Reviewed by Geoff Garen.
2829
2830         Remove use of anonymous storage and JSObjectWithGlobalObject for
2831         accessing a JSObject's global object now that they're available
2832         on the object's structure.
2833
2834         * bindings/js/JSDOMWindowShell.cpp:
2835         (WebCore::JSDOMWindowShell::setWindow):
2836         * bindings/js/JSDOMWrapper.h:
2837         (WebCore::JSDOMWrapper::globalObject):
2838         (WebCore::JSDOMWrapper::JSDOMWrapper):
2839         * bindings/js/WorkerScriptController.cpp:
2840         (WebCore::WorkerScriptController::initScript):
2841         * bindings/scripts/CodeGeneratorJS.pm:
2842         (GenerateHeader):
2843         (GenerateImplementation):
2844         * bridge/objc/objc_runtime.h:
2845         * bridge/objc/objc_runtime.mm:
2846         (JSC::Bindings::ObjcFallbackObjectImp::ObjcFallbackObjectImp):
2847         (JSC::Bindings::ObjcFallbackObjectImp::finishCreation):
2848         * bridge/runtime_object.cpp:
2849         (JSC::Bindings::RuntimeObject::RuntimeObject):
2850         (JSC::Bindings::RuntimeObject::finishCreation):
2851         * bridge/runtime_object.h:
2852
2853 2011-09-07  Ryosuke Niwa  <rniwa@webkit.org>
2854
2855         Mac build fix after r94694.
2856
2857         * WebCore.xcodeproj/project.pbxproj:
2858
2859 2011-09-07  Tim Horton  <timothy_horton@apple.com>
2860
2861         FELighting is using width instead of height to determine skip for parallel(n>2) case
2862         https://bugs.webkit.org/show_bug.cgi?id=67719
2863         <rdar://problem/10086178>
2864
2865         Reviewed by Dirk Schulze.
2866
2867         No new tests, because the bug only exhibits under conditions which are currently
2868         impossible by default (using more than 2 cores) on some platforms.
2869
2870         * platform/graphics/filters/FELighting.cpp:
2871         (WebCore::FELighting::platformApplyGeneric):
2872
2873 2011-09-07  W. James MacLean  <wjmaclean@chromium.org>
2874
2875         Eliminate motion jitter in animated, blurred SVG image
2876         https://bugs.webkit.org/show_bug.cgi?id=67503
2877
2878         Fixes filter shear-free transform applied to SVG images.
2879
2880         In applyResource() the shearFreeAbsoluteTransform is applied to the drawing region,
2881         which is based on the object bounding box (which doesn't move). For a rotation
2882         around the centre of the box, this should really just be the identity matrix,
2883         since the BB should neither change size nor location. So really, we're just interested
2884         in the scale change of the BB here, and not in moving it.
2885
2886         This impacts how slices are extracted, and affects the {x|y}Mid and {x|y}Max extractions
2887         for vertical and horizontal slices, so the test verifies these.
2888
2889         Reviewed by Dirk Schulze.
2890
2891         Test: svg/W3C-SVG-1.1-SE/filters-image-05-f.svg
2892
2893         * rendering/svg/RenderSVGResourceFilter.cpp:
2894         (WebCore::RenderSVGResourceFilter::applyResource):
2895
2896 2011-09-03  Robert Hogan  <robert@webkit.org>
2897
2898         Elements with position:absolute don't move to correct position after images load
2899         https://bugs.webkit.org/show_bug.cgi?id=54611
2900
2901         Reviewed by Simon Fraser.
2902
2903         Test: fast/block/positioning/absolute-layout-after-image-load.html
2904               fast/block/positioning/positioned-float-layout-after-image-load.html
2905
2906         In the test the 'label' block is an absolutely positioned child of an inline flow. So during layout, 
2907         this RenderBlock::layoutPositionedObjects fails to dirty it for rendering because it requires 
2908         the parent to be a BlockFlow. The code to do this was introduced in http://trac.webkit.org/changeset/8284. 
2909         There doesn't seem to be a good reason for requiring a BlockFlow, so remove the check. Do the same
2910         for positioned floats in RenderBlock::positionedFloatsNeedRelayout(), although currently layoutPositionedObjects()
2911         takes care of it this at least ensures no regression in future.
2912
2913         Note: Although the issue is encountered only on first load without a fragment identifier, it 
2914         happens reliably when you include the fragment identifier in the url (#Footnote_1). This is so 
2915         because scrolling to the fragment always happens before the image has loaded, rendering the page 
2916         and clearing the initial dirty bits in the positioned element's renderer. When the image finally 
2917         loads in this scenario, the positioned element is otherwise clean and relies on the above code to get 
2918         re-rendered.
2919
2920         * rendering/RenderBlock.cpp:
2921         (WebCore::RenderBlock::layoutPositionedObjects): remove the check for r->parent()->isBlockFlow() when 
2922                                                          deciding whether to mark children for layout
2923         (WebCore::RenderBlock::positionedFloatsNeedRelayout): ditto
2924
2925 2011-09-07  Anna Cavender  <annacc@chromium.org>
2926
2927         Moving platform/track to html/track to avoid layering violation.
2928         https://bugs.webkit.org/show_bug.cgi?id=67680
2929
2930         Reviewed by Adam Barth.
2931
2932         No new tests. No new functionality.
2933
2934         * CMakeLists.txt:
2935         * GNUmakefile.am:
2936         * GNUmakefile.list.am:
2937         * WebCore.gyp/WebCore.gyp:
2938         * WebCore.gypi:
2939         * WebCore.pri:
2940         * WebCore.pro:
2941         * html/track/CueParser.cpp: Renamed from Source/WebCore/platform/track/CueParser.cpp.
2942         * html/track/CueParser.h: Renamed from Source/WebCore/platform/track/CueParser.h.
2943         * html/track/CueParserPrivate.h: Renamed from Source/WebCore/platform/track/CueParserPrivate.h.
2944         * html/track/WebVTTParser.cpp: Renamed from Source/WebCore/platform/track/WebVTTParser.cpp.
2945         * html/track/WebVTTParser.h: Renamed from Source/WebCore/platform/track/WebVTTParser.h.
2946         * html/track/WebVTTToken.h: Renamed from Source/WebCore/platform/track/WebVTTToken.h.
2947         * html/track/WebVTTTokenizer.cpp: Renamed from Source/WebCore/platform/track/WebVTTTokenizer.cpp.
2948         * html/track/WebVTTTokenizer.h: Renamed from Source/WebCore/platform/track/WebVTTTokenizer.h.
2949
2950 2011-09-07  David Hyatt  <hyatt@apple.com>
2951
2952         https://bugs.webkit.org/show_bug.cgi?id=67286
2953
2954         REGRESSION: css2.1/t090204-display-change-01-b-ao.html fails after r94084.
2955
2956         Make sure that the trailing floats line box explicitly sets the line top with leading and line bottom with
2957         leading to just be the block height.
2958
2959         Reviewed by Dan Bernstein.
2960
2961         * rendering/RenderBlockLineLayout.cpp:
2962         (WebCore::RenderBlock::linkToEndLineIfNeeded):
2963
2964 2011-09-06  Abhishek Arya  <inferno@chromium.org>
2965
2966         Null owningRenderer crash in RenderScrollbar::updateScrollbarParts.
2967         https://bugs.webkit.org/show_bug.cgi?id=67669
2968
2969         Reviewed by James Robinson.
2970
2971         Owning renderer can be cleared for custom scrollbars in clearOwningRenderer()
2972         call. We need a null check in updateScrollbarParts, so that we do not crash.
2973
2974         No tests since issue seen in crash reports only and I donot know a way to
2975         reproduce.
2976
2977         * rendering/RenderScrollbar.cpp:
2978         (WebCore::RenderScrollbar::updateScrollbarParts):
2979
2980 2011-09-05  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>
2981
2982         [Qt][WK2] Make TiledDrawingArea request tiles only in the direction the viewport is panned to.
2983         https://bugs.webkit.org/show_bug.cgi?id=67606
2984
2985         Reviewed by Noam Rosenthal.
2986
2987         TiledBackingStore previously used different values for horizontal and vertial multiplication
2988         to calculate the cover area.
2989         This patch replaces this mechanism, used to give a bigger panning range to vertical panning,
2990         with the possibility to use the motion vector of the viewport to request tiles ahead instead.
2991         This allows economies on rendering resources as tiles won't be rendered beside the trajectory
2992         of the viewport.
2993
2994         * platform/graphics/TiledBackingStore.cpp:
2995         (WebCore::TiledBackingStore::TiledBackingStore):
2996         (WebCore::TiledBackingStore::setKeepAndCoverAreaMultipliers):
2997         (WebCore::TiledBackingStore::setCoverAreaFocusVector):
2998         (WebCore::TiledBackingStore::createTiles):
2999         (WebCore::TiledBackingStore::calculateKeepRect):
3000         (WebCore::TiledBackingStore::calculateCoverRect):
3001         * platform/graphics/TiledBackingStore.h:
3002         (WebCore::TiledBackingStore::getKeepAndCoverAreaMultipliers):
3003
3004 2011-09-01  Jocelyn Turcotte  <jocelyn.turcotte@nokia.com>
3005
3006         [Qt] TiledBackingStore: Import the resizeEdgeTiles logic from TiledDrawindAreaProxy.
3007         https://bugs.webkit.org/show_bug.cgi?id=67416
3008
3009         Reviewed by Kenneth Rohde Christiansen.
3010
3011         Original code by Antti Koivisto.
3012         With the current code, when the page is layouted during load, edge tiles will
3013         get removed instead of continuing to show their front buffer while the tile
3014         is being rendered for the new size.
3015
3016         * platform/graphics/Tile.h:
3017         * platform/graphics/TiledBackingStore.cpp:
3018         (WebCore::TiledBackingStore::createTiles):
3019         (WebCore::TiledBackingStore::resizeEdgeTiles):
3020         * platform/graphics/TiledBackingStore.h:
3021         * platform/graphics/qt/TileQt.cpp:
3022         (WebCore::TileQt::resize):
3023         * platform/graphics/qt/TileQt.h:
3024
3025 2011-09-07  Tim Horton  <timothy_horton@apple.com>
3026
3027         Don't round-trip through TransformationMatrix in SVGImageBufferTools::clearAffineTransform2DRotation
3028         https://bugs.webkit.org/show_bug.cgi?id=67242
3029         <rdar://problem/10069770>
3030
3031         Reviewed by Dirk Schulze.
3032
3033         No new tests, minor performance improvement.
3034
3035         * platform/graphics/transforms/AffineTransform.cpp:
3036         (WebCore::AffineTransform::blend):
3037         (WebCore::AffineTransform::decompose):
3038         (WebCore::AffineTransform::recompose):
3039         * platform/graphics/transforms/AffineTransform.h:
3040         * rendering/svg/SVGImageBufferTools.cpp:
3041         (WebCore::SVGImageBufferTools::clear2DRotation):
3042
3043 2011-09-06  Pavel Podivilov  <podivilov@chromium.org>
3044
3045         Web Inspector: do not re-create RawSourceCode when toggling pretty-print mode.
3046         https://bugs.webkit.org/show_bug.cgi?id=67647
3047
3048         1) Implement RawSourceCode.setFormatted that allows toggling pretty-print mode on the fly without resetting everything.
3049         2) Add RawSourceCode unit tests.
3050         3) Remove source mapping listeners and console messages from presentation model (they live in RawSourceCode now).
3051
3052         Reviewed by Yury Semikhatsky.
3053
3054         Test: inspector/debugger/raw-source-code.html
3055
3056         * inspector/front-end/DebuggerPresentationModel.js:
3057         (WebInspector.DebuggerPresentationModel):
3058         (WebInspector.DebuggerPresentationModel.prototype.linkifyLocation):
3059         (WebInspector.DebuggerPresentationModel.prototype._addScript):
3060         (WebInspector.DebuggerPresentationModel.prototype._sourceMappingUpdated):
3061         (WebInspector.DebuggerPresentationModel.prototype.setFormatSource):
3062         (WebInspector.DebuggerPresentationModel.prototype._createRawSourceCodeId):
3063         (WebInspector.DebuggerPresentationModel.prototype._debuggerReset):
3064         * inspector/front-end/ScriptsPanel.js:
3065         (WebInspector.ScriptsPanel.prototype._toggleFormatSource):
3066         * inspector/front-end/SourceFile.js:
3067         (WebInspector.RawSourceCode):
3068         (WebInspector.RawSourceCode.prototype.get uiSourceCode):
3069         (WebInspector.RawSourceCode.prototype.setFormatted):
3070         (WebInspector.RawSourceCode.prototype.rawLocationToUILocation):
3071         (WebInspector.RawSourceCode.prototype._saveSourceMapping):
3072
3073 2011-09-07  Alexander Pavlov  <apavlov@chromium.org>
3074
3075         Web Inspector: Implement circular tabbing through the Styles sidebar pane contents
3076         https://bugs.webkit.org/show_bug.cgi?id=67127
3077
3078         Reviewed by Yury Semikhatsky.
3079
3080         * inspector/front-end/Section.js:
3081         (WebInspector.Section.prototype.get firstSibling):
3082         (WebInspector.Section.prototype.get lastSibling):
3083         * inspector/front-end/StylesSidebarPane.js:
3084         (WebInspector.StylePropertiesSection.prototype.nextEditableSibling):
3085         (WebInspector.StylePropertiesSection.prototype.previousEditableSibling):
3086         (WebInspector.StylePropertiesSection.prototype.startEditingSelector):
3087         (WebInspector.StylePropertiesSection.prototype._moveEditorFromSelector):
3088         (WebInspector.StylePropertiesSection.prototype.editingSelectorCommitted.successCallback):
3089         (WebInspector.StylePropertiesSection.prototype.editingSelectorCommitted):
3090         (WebInspector.StylePropertyTreeElement.prototype):
3091         (WebInspector.StylePropertyTreeElement.prototype.element.userInput.previousContent.context.moveDirection):
3092
3093 2011-09-02  Andrey Kosyakov  <caseq@chromium.org>
3094
3095         Web Inspector: [Extensions API] expose console API
3096         https://bugs.webkit.org/show_bug.cgi?id=67506
3097
3098         Reviewed by Pavel Feldman.
3099
3100         Test: inspector/extensions/extensions-console.html
3101
3102         * inspector/front-end/ConsoleMessage.js:
3103         (WebInspector.ConsoleMessage.prototype.get text):
3104         (WebInspector.ConsoleMessage.prototype.get parameters):
3105         * inspector/front-end/ExtensionAPI.js:
3106         (WebInspector.injectedExtensionAPI.InspectorExtensionAPI):
3107         (WebInspector.injectedExtensionAPI):
3108         (WebInspector.injectedExtensionAPI.Console.prototype.getMessages):
3109         (WebInspector.injectedExtensionAPI.Console.prototype.addMessage):
3110         (WebInspector.injectedExtensionAPI.Console.prototype.get MessageLevel):
3111         (WebInspector.injectedExtensionAPI.Network.dispatchRequestEvent):
3112         (WebInspector.injectedExtensionAPI.Network):
3113         (WebInspector.injectedExtensionAPI.AuditCategoryImpl.dispatchAuditEvent):
3114         (WebInspector.injectedExtensionAPI.AuditCategoryImpl):
3115         (WebInspector.injectedExtensionAPI.InspectedWindow.dispatchResourceEvent):
3116         (WebInspector.injectedExtensionAPI.InspectedWindow.dispatchResourceContentEvent):
3117         (WebInspector.injectedExtensionAPI.InspectedWindow):
3118         * inspector/front-end/ExtensionCommon.js:
3119         (WebInspector.commonExtensionSymbols):
3120         * inspector/front-end/ExtensionServer.js:
3121         (WebInspector.ExtensionServer):
3122         (WebInspector.ExtensionServer.prototype._notifyConsoleMessageAdded):
3123         (WebInspector.ExtensionServer.prototype._onGetConsoleMessages):
3124         (WebInspector.ExtensionServer.prototype._onAddConsoleMessage):
3125         (WebInspector.ExtensionServer.prototype._makeConsoleMessage):
3126         (WebInspector.ExtensionServer.prototype._makeConsoleMessage.convertParameter):
3127         (WebInspector.ExtensionServer.prototype._dispatchCallback):
3128         (WebInspector.ExtensionServer.prototype.initExtensions):
3129
3130 2011-09-05  Andrey Kosyakov  <caseq@chromium.org>
3131
3132         Web Inspector: disable popover when a mouse button is pressed
3133         https://bugs.webkit.org/show_bug.cgi?id=67610
3134
3135         Reviewed by Pavel Feldman.
3136
3137         - disable popover when a mouse button is pressed
3138         - disable popover in a SourceFrame when the source is being edited
3139
3140         * inspector/front-end/Popover.js:
3141         (WebInspector.PopoverHelper):
3142         (WebInspector.PopoverHelper.prototype._mouseUp):
3143         (WebInspector.PopoverHelper.prototype._mouseDown):
3144         (WebInspector.PopoverHelper.prototype._handleMouseAction):
3145         * inspector/front-end/SourceFrame.js:
3146         (WebInspector.SourceFrame.prototype._onHidePopover):
3147         (WebInspector.SourceFrame.prototype.doubleClick):
3148
3149 2011-09-07  Antti Koivisto  <antti@apple.com>
3150
3151         https://bugs.webkit.org/show_bug.cgi?id=67634
3152         De-virtualize styleForRenderer()
3153
3154         Reviewed by Sam Weinig.
3155         
3156         This has performance and code clarity benefits.
3157
3158         - move styleForRenderer from Node to Element
3159         - get rid of the now unnecessary NodeRenderingContext parameter
3160         - de-virtualize, add virtual customStyleForRenderer()
3161
3162         * dom/Element.cpp:
3163         (WebCore::Element::customStyleForRenderer):
3164         (WebCore::Element::styleForRenderer):
3165         (WebCore::Element::recalcStyle):
3166         * dom/Element.h:
3167         * dom/Node.cpp:
3168         * dom/Node.h:
3169         (WebCore::Node::hasCustomWillOrDidRecalcStyle):
3170         (WebCore::Node::setHasCustomWillOrDidRecalcStyle):
3171         (WebCore::Node::hasCustomStyleForRenderer):
3172         (WebCore::Node::setHasCustomStyleForRenderer):
3173         
3174             Move styleForRenderer, add customStyleForRenderer, add a bit.
3175         
3176         * dom/NodeRenderingContext.cpp:
3177         (WebCore::NodeRendererFactory::createRendererAndStyle): 
3178         
3179             Handle non-element case separately since styleForRenderer was moved from Node to Element.
3180
3181         * html/HTMLNoScriptElement.cpp:
3182         (WebCore::HTMLNoScriptElement::HTMLNoScriptElement):
3183         (WebCore::HTMLNoScriptElement::customStyleForRenderer):
3184         * html/HTMLNoScriptElement.h:
3185         
3186             Move a strange XHTMLMP special case to where it belongs.
3187
3188         * html/HTMLOptGroupElement.cpp:
3189         (WebCore::HTMLOptGroupElement::attach):
3190         * html/HTMLOptionElement.cpp:
3191         (WebCore::HTMLOptionElement::attach):
3192         * html/HTMLTitleElement.cpp:
3193         (WebCore::HTMLTitleElement::textWithDirection):
3194         * html/shadow/TextControlInnerElements.cpp:
3195         (WebCore::TextControlInnerElement::TextControlInnerElement):
3196         (WebCore::TextControlInnerElement::customStyleForRenderer):
3197         (WebCore::TextControlInnerTextElement::TextControlInnerTextElement):
3198         (WebCore::TextControlInnerTextElement::customStyleForRenderer):
3199         * html/shadow/TextControlInnerElements.h:
3200         * rendering/svg/SVGShadowTreeElements.cpp:
3201         (WebCore::SVGShadowTreeContainerElement::customStyleForRenderer):
3202         * rendering/svg/SVGShadowTreeElements.h:
3203         * svg/SVGElement.cpp:
3204         (WebCore::SVGElement::SVGElement):
3205         (WebCore::SVGElement::customStyleForRenderer):
3206         * svg/SVGElement.h:
3207         
3208             Adopt customStyleForRenderer().
3209
3210 2011-09-07  Ryosuke Niwa  <rniwa@webkit.org>
3211
3212         Change event is not fired for input[type=number] when the user reverts a change made by script
3213         https://bugs.webkit.org/show_bug.cgi?id=67697
3214
3215         Reviewed by Kent Tamura.
3216
3217         The bug was caused by HTMLInputElement::setValue not calling setTextAsOfLastFormControlChangeEvent
3218         for text fields other than type=text.
3219
3220         Also fixed a that stepUpFromRenderer does not call setTextAsOfLastFormControlChangeEvent at appropriate
3221         timing due to setValueAsNumber always passing sendChangeEvent=false to setValue by propagating values
3222         through setValueAsNumber and applyStep. This refactoring allows us to remove calls to dispatch* in
3223         stepUpFromRenderer because they're now called in setValueAsNumber or applyStep.
3224
3225         Test: fast/forms/number-input-changeevent.html
3226
3227         * html/BaseDateAndTimeInputType.cpp:
3228         (WebCore::BaseDateAndTimeInputType::setValueAsNumber):
3229         * html/BaseDateAndTimeInputType.h:
3230         * html/HTMLInputElement.cpp:
3231         (WebCore::HTMLInputElement::applyStep):
3232         (WebCore::HTMLInputElement::stepUp):
3233         (WebCore::HTMLInputElement::stepDown):
3234         (WebCore::HTMLInputElement::setValue):
3235         (WebCore::HTMLInputElement::setValueAsNumber):
3236         (WebCore::HTMLInputElement::stepUpFromRenderer):
3237         * html/HTMLInputElement.h:
3238         * html/InputType.cpp:
3239         (WebCore::InputType::setValueAsNumber):
3240         * html/InputType.h:
3241         * html/NumberInputType.cpp:
3242         (WebCore::NumberInputType::setValueAsNumber):
3243         * html/NumberInputType.h:
3244         * html/RangeInputType.cpp:
3245         (WebCore::RangeInputType::setValueAsNumber):
3246         (WebCore::RangeInputType::handleKeydownEvent):
3247         * html/RangeInputType.h:
3248
3249 2011-09-07  Antti Koivisto  <antti@apple.com>
3250
3251         Try to fix Qt build by moving the Qt specific include (which is not really allowed here!).
3252
3253         Not reviewed.
3254
3255         * css/CSSStyleSelector.cpp:
3256         * css/SelectorChecker.cpp:
3257         (WebCore::SelectorChecker::determineLinkStateSlowCase):
3258
3259 2011-09-07  Antti Koivisto  <antti@apple.com>
3260
3261         Move SelectorChecker out from CSSStyleSelector scope
3262         https://bugs.webkit.org/show_bug.cgi?id=67648
3263
3264         Reviewed by Sam Weinig.
3265
3266         - Move SelectorChecker to SelectorChecker.h/cpp
3267         - Make private functions private
3268         - Make members private, add accessors
3269         - Move m_sameOriginOnly to CSSStyleSelector as it is not used by SelectorChecker
3270
3271         * CMakeLists.txt:
3272         * GNUmakefile.list.am:
3273         * WebCore.gypi:
3274         * WebCore.pro:
3275         * WebCore.vcproj/WebCore.vcproj:
3276         * WebCore.xcodeproj/project.pbxproj:
3277         * css/CSSStyleSelector.cpp:
3278         (WebCore::CSSStyleSelector::CSSStyleSelector):
3279         (WebCore::CSSStyleSelector::matchRules):
3280         (WebCore::CSSStyleSelector::matchRulesForList):
3281         (WebCore::CSSStyleSelector::sortMatchedRules):
3282         (WebCore::CSSStyleSelector::initForStyleResolve):
3283         (WebCore::CSSStyleSelector::matchUARules):
3284         (WebCore::CSSStyleSelector::styleForElement):
3285         (WebCore::CSSStyleSelector::pseudoStyleForElement):
3286         (WebCore::CSSStyleSelector::styleForPage):
3287         (WebCore::CSSStyleSelector::adjustRenderStyle):
3288         (WebCore::CSSStyleSelector::pseudoStyleRulesForElement):
3289         (WebCore::CSSStyleSelector::checkSelector):
3290         (WebCore::RuleData::RuleData):
3291         (WebCore::CSSStyleSelector::applyProperty):
3292         (WebCore::CSSStyleSelector::checkForGenericFamilyChange):
3293         (WebCore::CSSStyleSelector::setFontSize):
3294         (WebCore::CSSStyleSelector::getColorFromPrimitiveValue):
3295         * css/CSSStyleSelector.h:
3296         (WebCore::CSSStyleSelector::style):
3297         (WebCore::CSSStyleSelector::parentStyle):
3298         (WebCore::CSSStyleSelector::rootElementStyle):
3299         (WebCore::CSSStyleSelector::element):
3300         (WebCore::CSSStyleSelector::fontDescription):
3301         (WebCore::CSSStyleSelector::parentFontDescription):
3302         (WebCore::CSSStyleSelector::setFontDescription):
3303         (WebCore::CSSStyleSelector::setZoom):
3304         (WebCore::CSSStyleSelector::setEffectiveZoom):
3305         (WebCore::CSSStyleSelector::setTextSizeAdjust):
3306         (WebCore::CSSStyleSelector::setStyle):
3307         (WebCore::CSSStyleSelector::fontSelector):
3308         (WebCore::CSSStyleSelector::allVisitedStateChanged):
3309         (WebCore::CSSStyleSelector::visitedStateChanged):
3310         (WebCore::CSSStyleSelector::usesSiblingRules):
3311         (WebCore::CSSStyleSelector::usesFirstLineRules):
3312         (WebCore::CSSStyleSelector::usesBeforeAfterRules):
3313         (WebCore::CSSStyleSelector::usesLinkRules):
3314         (WebCore::CSSStyleSelector::addMatchedRule):
3315         (WebCore::CSSStyleSelector::isRightPage):
3316         (WebCore::CSSStyleSelector::ParentStackFrame::ParentStackFrame):
3317         (WebCore::CSSStyleSelector::styleNotYetAvailable):
3318         * css/SelectorChecker.cpp: Added.
3319         (WebCore::SelectorChecker::SelectorChecker):
3320         (WebCore::linkAttribute):
3321         (WebCore::SelectorChecker::determineLinkStateSlowCase):
3322         (WebCore::SelectorChecker::checkSelector):
3323         (WebCore::SelectorChecker::fastCheckSelector):
3324         (WebCore::SelectorChecker::isFastCheckableSelector):
3325         (WebCore::addLocalNameToSet):
3326         (WebCore::createHtmlCaseInsensitiveAttributesSet):
3327         (WebCore::htmlAttributeHasCaseInsensitiveValue):
3328         (WebCore::attributeQualifiedNameMatches):
3329         (WebCore::attributeValueMatches):
3330         (WebCore::anyAttributeMatches):
3331         (WebCore::SelectorChecker::checkOneSelector):
3332         (WebCore::SelectorChecker::checkScrollbarPseudoClass):
3333         (WebCore::SelectorChecker::allVisitedStateChanged):
3334         (WebCore::SelectorChecker::visitedStateChanged):
3335         * css/SelectorChecker.h: Added.
3336         (WebCore::SelectorChecker::document):
3337         (WebCore::SelectorChecker::strictParsing):
3338         (WebCore::SelectorChecker::isCollectingRulesOnly):
3339         (WebCore::SelectorChecker::setCollectingRulesOnly):
3340         (WebCore::SelectorChecker::isMatchingVisitedPseudoClass):
3341         (WebCore::SelectorChecker::setMatchingVisitedPseudoClass):
3342         (WebCore::SelectorChecker::pseudoStyle):
3343         (WebCore::SelectorChecker::setPseudoStyle):
3344         (WebCore::SelectorChecker::hasUnknownPseudoElements):
3345         (WebCore::SelectorChecker::clearHasUnknownPseudoElements):
3346         (WebCore::SelectorChecker::determineLinkState):
3347         * dom/Element.cpp:
3348         (WebCore::Element::webkitMatchesSelector):
3349         * dom/SelectorQuery.cpp:
3350         (WebCore::SelectorQuery::SelectorQuery):
3351         * dom/SelectorQuery.h:
3352
3353 2011-09-07  Dmitry Lomov  <dslomov@google.com>
3354
3355         https://bugs.webkit.org/show_bug.cgi?id=67413 
3356         [Chromium]Web Inspector: inspected page with dedicated worker crashes on refresh.
3357         This patch enforces lifetime ordering between WorkerInspectorController and WorkerScriptController.
3358
3359         Reviewed by Yury Semikhatsky.
3360
3361         * workers/WorkerContext.cpp:
3362         (WebCore::WorkerContext::clearInspector):
3363         * workers/WorkerContext.h:
3364         * workers/WorkerThread.cpp:
3365         (WebCore::WorkerThreadShutdownFinishTask::performTask):
3366
3367 2011-09-07  Sheriff Bot  <webkit.review.bot@gmail.com>
3368
3369         Unreviewed, rolling out r94627 and r94632.
3370         http://trac.webkit.org/changeset/94627
3371         http://trac.webkit.org/changeset/94632
3372         https://bugs.webkit.org/show_bug.cgi?id=67698
3373
3374         It broke tests on GTK and Qt (Requested by Ossy on #webkit).
3375
3376         * WebCore.exp.in:
3377         * bindings/js/JSDOMBinding.h:
3378         (WebCore::DOMConstructorObject::DOMConstructorObject):
3379         * bindings/js/JSDOMGlobalObject.cpp:
3380         (WebCore::JSDOMGlobalObject::JSDOMGlobalObject):
3381         * bindings/js/JSDOMGlobalObject.h:
3382         * bindings/js/JSDOMWindowShell.cpp:
3383         (WebCore::JSDOMWindowShell::create):
3384         * bindings/js/JSDOMWindowShell.h:
3385         * bindings/js/JSDOMWrapper.h:
3386         (WebCore::JSDOMWrapper::JSDOMWrapper):
3387         * bindings/scripts/CodeGeneratorJS.pm:
3388         (GenerateImplementation):
3389         * bindings/scripts/test/JS/JSTestInterface.cpp:
3390         (WebCore::JSTestInterface::JSTestInterface):
3391         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
3392         (WebCore::JSTestMediaQueryListListener::JSTestMediaQueryListListener):
3393         * bindings/scripts/test/JS/JSTestObj.cpp:
3394         (WebCore::JSTestObj::JSTestObj):
3395         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
3396         (WebCore::JSTestSerializedScriptValueInterface::JSTestSerializedScriptValueInterface):
3397         * bridge/c/CRuntimeObject.cpp:
3398         (JSC::Bindings::CRuntimeObject::CRuntimeObject):
3399         * bridge/c/CRuntimeObject.h:
3400         * bridge/jni/jsc/JavaRuntimeObject.cpp:
3401         (JSC::Bindings::JavaRuntimeObject::JavaRuntimeObject):
3402         * bridge/jni/jsc/JavaRuntimeObject.h:
3403         * bridge/objc/ObjCRuntimeObject.h:
3404         * bridge/objc/ObjCRuntimeObject.mm:
3405         (JSC::Bindings::ObjCRuntimeObject::ObjCRuntimeObject):
3406         * bridge/objc/objc_runtime.h:
3407         (JSC::Bindings::ObjcFallbackObjectImp::create):
3408         * bridge/objc/objc_runtime.mm:
3409         (JSC::Bindings::ObjcFallbackObjectImp::ObjcFallbackObjectImp):
3410         * bridge/qt/qt_instance.cpp:
3411         (JSC::Bindings::QtRuntimeObject::QtRuntimeObject):
3412         * bridge/qt/qt_pixmapruntime.cpp:
3413         (JSC::Bindings::QtPixmapRuntimeObject::QtPixmapRuntimeObject):
3414         * bridge/qt/qt_runtime.cpp:
3415         (JSC::Bindings::QtRuntimeMethod::QtRuntimeMethod):
3416         * bridge/qt/qt_runtime.h:
3417         * bridge/runtime_array.cpp:
3418         (JSC::RuntimeArray::RuntimeArray):
3419         * bridge/runtime_array.h:
3420         (JSC::RuntimeArray::create):
3421         * bridge/runtime_method.cpp:
3422         (JSC::RuntimeMethod::RuntimeMethod):
3423         * bridge/runtime_method.h:
3424         * bridge/runtime_object.cpp:
3425         (JSC::Bindings::RuntimeObject::RuntimeObject):
3426         * bridge/runtime_object.h:
3427         (JSC::Bindings::RuntimeObject::create):
3428
3429 2011-08-31  Yury Semikhatsky  <yurys@chromium.org>
3430
3431         fast/workers/worker-script-error.html fails on Chromium after r94061
3432         https://bugs.webkit.org/show_bug.cgi?id=67206
3433
3434         Default action should be prevented if window.onerror returned true and stay
3435         not prevented otherwise.
3436
3437         Reviewed by Dmitry Titov.
3438
3439         Tests: fast/events/window-onerror14.html
3440                fast/events/window-onerror15.html
3441                fast/events/window-onerror16.html
3442
3443         * bindings/v8/V8AbstractEventListener.cpp:
3444         (WebCore::V8AbstractEventListener::invokeEventHandler):
3445         (WebCore::V8AbstractEventListener::shouldPreventDefault): allow specific
3446         event listeners to decide when to prevent default action based on the handler
3447         return value.
3448         * bindings/v8/V8AbstractEventListener.h:
3449         * bindings/v8/V8WindowErrorHandler.cpp:
3450         (WebCore::V8WindowErrorHandler::callListenerFunction):
3451         (WebCore::V8WindowErrorHandler::shouldPreventDefault):
3452         * bindings/v8/V8WindowErrorHandler.h:
3453         * bindings/v8/V8WorkerContextErrorHandler.cpp:
3454         (WebCore::V8WorkerContextErrorHandler::callListenerFunction):
3455         (WebCore::V8WorkerContextErrorHandler::shouldPreventDefault):
3456         * bindings/v8/V8WorkerContextErrorHandler.h:
3457
3458 2011-09-06  Xianzhu Wang  <wangxianzhu@chromium.org>
3459
3460         Replace usages of Vector<UChar> with existing StringBuilder
3461         https://bugs.webkit.org/show_bug.cgi?id=67079
3462
3463         Reviewed by Gavin Barraclough.
3464
3465         No new tests. All existing unit tests and layout tests should run
3466         as before.
3467
3468         * css/CSSOMUtils.cpp:
3469         (WebCore::appendCharacter):
3470         (WebCore::serializeCharacter):
3471         (WebCore::serializeCharacterAsCodePoint):
3472         (WebCore::serializeIdentifier):
3473         (WebCore::serializeString):
3474         * css/CSSOMUtils.h:
3475         * css/CSSPrimitiveValue.cpp:
3476         (WebCore::CSSPrimitiveValue::cssText):
3477         * css/CSSStyleSelector.cpp:
3478         (WebCore::CSSStyleSelector::SelectorChecker::determineLinkStateSlowCase):
3479         * css/CSSWrapShapes.cpp:
3480         (WebCore::CSSWrapShapeRect::cssText):
3481         (WebCore::CSSWrapShapeCircle::cssText):
3482         (WebCore::CSSWrapShapeEllipse::cssText):
3483         (WebCore::CSSWrapShapePolygon::cssText):
3484         * editing/HTMLInterchange.cpp:
3485         (WebCore::convertHTMLTextToInterchangeFormat):
3486         * editing/MarkupAccumulator.cpp:
3487         (WebCore::appendCharactersReplacingEntities):
3488         (WebCore::MarkupAccumulator::serializeNodes):
3489         (WebCore::MarkupAccumulator::appendStartTag):
3490         (WebCore::MarkupAccumulator::appendEndTag):
3491         (WebCore::MarkupAccumulator::concatenateMarkup):
3492         (WebCore::MarkupAccumulator::appendAttributeValue):
3493         (WebCore::MarkupAccumulator::appendCustomAttributes):
3494         (WebCore::MarkupAccumulator::appendQuotedURLAttributeValue):
3495         (WebCore::MarkupAccumulator::appendNodeValue):
3496         (WebCore::MarkupAccumulator::appendNamespace):
3497         (WebCore::MarkupAccumulator::appendText):
3498         (WebCore::MarkupAccumulator::appendComment):
3499         (WebCore::MarkupAccumulator::appendDocumentType):
3500         (WebCore::MarkupAccumulator::appendProcessingInstruction):
3501         (WebCore::MarkupAccumulator::appendElement):
3502         (WebCore::MarkupAccumulator::appendOpenTag):
3503         (WebCore::MarkupAccumulator::appendCloseTag):
3504         (WebCore::MarkupAccumulator::appendAttribute):
3505         (WebCore::MarkupAccumulator::appendCDATASection):
3506         (WebCore::MarkupAccumulator::appendStartMarkup):
3507         (WebCore::MarkupAccumulator::appendEndMarkup):
3508         * editing/MarkupAccumulator.h:
3509         * editing/markup.cpp:
3510         (WebCore::StyledMarkupAccumulator::appendElement):
3511         (WebCore::StyledMarkupAccumulator::wrapWithNode):
3512         (WebCore::StyledMarkupAccumulator::wrapWithStyleNode):
3513         (WebCore::StyledMarkupAccumulator::appendStyleNodeOpenTag):
3514         (WebCore::StyledMarkupAccumulator::takeResults):
3515         (WebCore::StyledMarkupAccumulator::appendText):
3516         (WebCore::urlToMarkup):
3517         * html/DOMTokenList.cpp:
3518         (WebCore::DOMTokenList::removeToken):
3519         * html/HTMLFontElement.cpp:
3520         (WebCore::parseFontSize):
3521         * html/HTMLTextFormControlElement.cpp:
3522         (WebCore::HTMLTextFormControlElement::strippedPlaceholder):
3523         * html/parser/CSSPreloadScanner.cpp:
3524         (WebCore::CSSPreloadScanner::emitRule):
3525         * html/parser/CSSPreloadScanner.h:
3526         * html/parser/HTMLEntityParser.cpp:
3527         (WebCore::consumeHTMLEntity):
3528         * html/parser/HTMLEntityParser.h:
3529         * html/parser/HTMLParserIdioms.cpp:
3530         (WebCore::parseHTMLInteger):
3531         (WebCore::parseHTMLNonNegativeInteger):
3532         * html/parser/HTMLTokenizer.cpp:
3533         (WebCore::HTMLTokenizer::processEntity):
3534         (WebCore::HTMLTokenizer::nextToken):
3535         * html/parser/HTMLTreeBuilder.cpp:
3536         (WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::giveRemainingTo):
3537         (WebCore::HTMLTreeBuilder::defaultForInTableText):
3538         * html/parser/HTMLTreeBuilder.h:
3539         * inspector/InspectorValues.cpp:
3540         (WebCore::InspectorValue::toJSONString):
3541         (WebCore::InspectorValue::writeJSON):
3542         (WebCore::InspectorBasicValue::writeJSON):
3543         (WebCore::InspectorString::writeJSON):
3544         (WebCore::InspectorObject::writeJSON):
3545         (WebCore::InspectorArray::writeJSON):
3546         * inspector/InspectorValues.h:
3547         * loader/CrossOriginAccessControl.cpp:
3548         (WebCore::createAccessControlPreflightRequest):
3549         * loader/appcache/ApplicationCacheStorage.cpp:
3550         (WebCore::ApplicationCacheStorage::store):
3551         * page/Chrome.cpp:
3552         (WebCore::Chrome::setToolTip):
3553         * page/PageSerializer.cpp:
3554         (WebCore::SerializerMarkupAccumulator::appendText):
3555         (WebCore::SerializerMarkupAccumulator::appendElement):
3556         (WebCore::SerializerMarkupAccumulator::appendCustomAttributes):
3557         * page/SecurityOrigin.cpp:
3558         (WebCore::SecurityOrigin::toString):
3559         * platform/KURL.cpp:
3560         (WebCore::KURL::deprecatedString):
3561         (WebCore::decodeURLEscapeSequences):
3562         * platform/LinkHash.cpp:
3563         (WebCore::squeezeOutNullCharacters):
3564         (WebCore::cleanSlashDotDotSlashes):
3565         (WebCore::mergeDoubleSlashes):
3566         (WebCore::cleanSlashDotSlashes):
3567         (WebCore::cleanPath):
3568         (WebCore::visitedURLInline):
3569         (WebCore::visitedURL):
3570         (WebCore::visitedLinkHash):
3571         * platform/LinkHash.h:
3572         * platform/gtk/DataObjectGtk.cpp:
3573         (WebCore::DataObjectGtk::setURL):
3574         * platform/network/HTTPParsers.cpp:
3575         (WebCore::extractMIMETypeFromMediaType):
3576         * platform/text/TextCodecICU.cpp:
3577         (WebCore::TextCodecICU::decode):
3578         * platform/text/TextStream.cpp:
3579         (WebCore::TextStream::operator<<):
3580         (WebCore::TextStream::release):
3581         * platform/text/TextStream.h:
3582         * plugins/PluginStream.cpp:
3583         (WebCore::PluginStream::startStream):
3584         * rendering/InlineTextBox.cpp:
3585         (WebCore::adjustCharactersAndLengthForHyphen):
3586         * rendering/InlineTextBox.h:
3587         (WebCore::BufferForAppendingHyphen::BufferForAppendingHyphen):
3588         * rendering/RenderListItem.cpp:
3589         (WebCore::RenderListItem::markerTextWithSuffix):
3590         * rendering/RenderListMarker.cpp:
3591         (WebCore::toSymbolic):
3592         (WebCore::RenderListMarker::paint):
3593         (WebCore::RenderListMarker::suffix):
3594         * rendering/RenderTreeAsText.cpp:
3595         (WebCore::quoteAndEscapeNonPrintables):
3596         * rendering/mathml/RenderMathMLFenced.cpp:
3597         (WebCore::RenderMathMLFenced::updateFromElement):
3598         * storage/IDBLevelDBCoding.cpp:
3599         (WebCore::IDBLevelDBCoding::decodeString):
3600         * xml/XMLHttpRequest.cpp:
3601         (WebCore::XMLHttpRequest::getAllResponseHeaders):
3602         * xml/XPathFunctions.cpp:
3603         (WebCore::XPath::FunId::evaluate):
3604         (WebCore::XPath::FunConcat::evaluate):
3605         * xml/XPathUtil.cpp:
3606         (WebCore::XPath::stringValue):
3607         * xml/XSLTProcessorLibxslt.cpp:
3608         (WebCore::writeToStringBuilder):
3609         (WebCore::saveResultToString):
3610         * xml/parser/CharacterReferenceParserInlineMethods.h:
3611         (WebCore::unconsumeCharacters):
3612         (WebCore::consumeCharacterReference):
3613         * xml/parser/XMLCharacterReferenceParser.cpp:
3614         (WebCore::consumeXMLCharacterReference):
3615         * xml/parser/XMLCharacterReferenceParser.h:
3616         * xml/parser/XMLTokenizer.cpp:
3617         (WebCore::XMLTokenizer::nextToken):
3618
3619 2011-09-05  Kent Tamura  <tkent@chromium.org>
3620
3621         REGRESSION (Safari 5.1 - ToT): File input retains its file icon when the value is reset
3622         https://bugs.webkit.org/show_bug.cgi?id=67567
3623
3624         Reviewed by Dimitri Glazkov.
3625
3626         - Introduce InputType::setValue(), which is called by HTMLInputElement::setValue().
3627         - Clear m_icon in FileInputType::setValue().
3628
3629         Tests: fast/forms/file/file-reset-in-change-expected.html
3630                fast/forms/file/file-reset-in-change.html
3631
3632         * html/BaseButtonInputType.cpp:
3633         (WebCore::BaseButtonInputType::setValue):
3634         Implemenation for the "default" mode.
3635         http://www.whatwg.org/specs/web-apps/current-work/multipage/common-input-element-attributes.html#dom-input-value-default
3636         * html/BaseButtonInputType.h:
3637         * html/BaseCheckableInputType.cpp:
3638         (WebCore::BaseCheckableInputType::setValue):
3639         Implemenation for the "default/on" mode.
3640         http://www.whatwg.org/specs/web-apps/current-work/multipage/common-input-element-attributes.html#dom-input-value-default-on
3641         * html/BaseCheckableInputType.h:
3642         * html/FileInputType.cpp:
3643         (WebCore::FileInputType::setValue):
3644         Implemenation for the "filename" mode, and clearing m_icon.
3645         http://www.whatwg.org/specs/web-apps/current-work/multipage/common-input-element-attributes.html#dom-input-value-filename
3646         * html/FileInputType.h:
3647         * html/HTMLInputElement.cpp:
3648         (WebCore::HTMLInputElement::setValue):
3649         Move some code to InputType::setValue().
3650         (WebCore::HTMLInputElement::setValueInternal): A helper for InputType::setValue().
3651         * html/HTMLInputElement.h:
3652         * html/HiddenInputType.cpp:
3653         (WebCore::HiddenInputType::setValue):
3654         Implementation for the "default" mode.
3655         * html/HiddenInputType.h:
3656         * html/InputType.cpp:
3657         (WebCore::InputType::setValue):
3658         Implementation for the "value" mode.
3659         http://www.whatwg.org/specs/web-apps/current-work/multipage/common-input-element-attributes.html#dom-input-value-value
3660         * html/InputType.h:
3661         * html/TextFieldInputType.cpp:
3662         (WebCore::TextFieldInputType::setValue):
3663         In addition to the "value" mode processing, updates placeholder visibililty.
3664         * html/TextFieldInputType.h:
3665
3666 2011-09-06  Ryosuke Niwa  <rniwa@webkit.org>
3667
3668         REGRESSION(r94274): The inner text value of an input element is not updated when input.value is set
3669         https://bugs.webkit.org/show_bug.cgi?id=67681
3670
3671         Reviewed by Kent Tamura.
3672
3673         The bug was caused by HTMLInputElement::setValue's not clearing m_suggestedValue before updateInnerTextValue is called.
3674         Since updateInnerTextValue uses the suggested value when one is present, we need to clear m_suggestedValue in advance.
3675
3676         Test: fast/forms/suggested-value-after-setvalue.html
3677
3678         * html/HTMLInputElement.cpp:
3679         (WebCore::HTMLInputElement::setValue):
3680
3681 2011-09-06  Adam Barth  <abarth@webkit.org>
3682
3683         Attempt to fix GTK build.
3684
3685         * bindings/gobject/WebKitHTMLElementWrapperFactory.cpp:
3686         (WebKit::createHTMLElementWrapper):
3687
3688 2011-09-06  Ryosuke Niwa  <rniwa@webkit.org>
3689
3690         fast/forms/suggested-value-crash.html crashes on Windows
3691         https://bugs.webkit.org/show_bug.cgi?id=67688
3692
3693         Reviewed by Adam Barth.
3694
3695         The crash was caused because functions in internals were accessing uninitialized QualifiedNames.
3696         Fixed the bug by avoiding to link to inputTag and textareaTag. Instead, we resort to toInputElement
3697         and string comparison.
3698
3699         * testing/Internals.cpp:
3700         (WebCore::Internals::wasLastChangeUserEdit):
3701         (WebCore::Internals::suggestedValue):
3702         (WebCore::Internals::setSuggestedValue):
3703
3704 2011-09-06  Mark Hahnenberg  <mhahnenberg@apple.com>
3705
3706         Unzip initialization lists and constructors in JSCell hierarchy (5/7)
3707         https://bugs.webkit.org/show_bug.cgi?id=67420
3708
3709         Reviewed by Geoffrey Garen.
3710
3711         No new tests.
3712
3713         Completed the fifth level of the refactoring to add finishCreation() 
3714         methods to all classes within the JSCell hierarchy with non-trivial 
3715         constructor bodies.
3716
3717         This primarily consists of pushing the calls to finishCreation() down 
3718         into the constructors of the subclasses of the second level of the hierarchy 
3719         as well as pulling the finishCreation() calls out into the class's corresponding
3720         create() method if it has one.  Doing both simultaneously allows us to 
3721         maintain the invariant that the finishCreation() method chain is called exactly 
3722         once during the creation of an object, since calling it any other number of 
3723         times (0, 2, or more) will cause an assertion failure.
3724
3725         * WebCore.exp.in:
3726         * bindings/js/JSDOMBinding.h:
3727         (WebCore::DOMConstructorObject::DOMConstructorObject):
3728         * bindings/js/JSDOMGlobalObject.cpp:
3729         (WebCore::JSDOMGlobalObject::JSDOMGlobalObject):
3730         (WebCore::JSDOMGlobalObject::finishCreation):
3731         * bindings/js/JSDOMGlobalObject.h:
3732         * bindings/js/JSDOMWindowShell.cpp:
3733         * bindings/js/JSDOMWindowShell.h:
3734         (WebCore::JSDOMWindowShell::create):
3735         * bindings/js/JSDOMWrapper.h:
3736         (WebCore::JSDOMWrapper::JSDOMWrapper):
3737         * bindings/scripts/CodeGeneratorJS.pm:
3738         (GenerateImplementation):
3739         * bindings/scripts/test/JS/JSTestInterface.cpp:
3740         (WebCore::JSTestInterface::JSTestInterface):
3741         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
3742         (WebCore::JSTestMediaQueryListListener::JSTestMediaQueryListListener):
3743         * bindings/scripts/test/JS/JSTestObj.cpp:
3744         (WebCore::JSTestObj::JSTestObj):
3745         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
3746         (WebCore::JSTestSerializedScriptValueInterface::JSTestSerializedScriptValueInterface):
3747         * bridge/c/CRuntimeObject.cpp:
3748         (JSC::Bindings::CRuntimeObject::CRuntimeObject):
3749         (JSC::Bindings::CRuntimeObject::finishCreation):
3750         * bridge/c/CRuntimeObject.h:
3751         * bridge/jni/jsc/JavaRuntimeObject.cpp:
3752         (JSC::Bindings::JavaRuntimeObject::JavaRuntimeObject):
3753         (JSC::Bindings::JavaRuntimeObject::finishCreation):
3754         * bridge/jni/jsc/JavaRuntimeObject.h:
3755         * bridge/objc/ObjCRuntimeObject.h:
3756         * bridge/objc/ObjCRuntimeObject.mm:
3757         (JSC::Bindings::ObjCRuntimeObject::ObjCRuntimeObject):
3758         (JSC::Bindings::ObjCRuntimeObject::finishCreation):
3759         * bridge/objc/objc_runtime.h:
3760         (JSC::Bindings::ObjcFallbackObjectImp::create):
3761         * bridge/objc/objc_runtime.mm:
3762         (JSC::Bindings::ObjcFallbackObjectImp::ObjcFallbackObjectImp):
3763         * bridge/qt/qt_instance.cpp:
3764         (JSC::Bindings::QtRuntimeObject::QtRuntimeObject):
3765         * bridge/qt/qt_pixmapruntime.cpp:
3766         (JSC::Bindings::QtPixmapRuntimeObject::QtPixmapRuntimeObject):
3767         * bridge/qt/qt_runtime.cpp:
3768         (JSC::Bindings::QtRuntimeMethod::QtRuntimeMethod):
3769         (JSC::Bindings::QtRuntimeMethod::finishCreation):
3770         * bridge/qt/qt_runtime.h:
3771         * bridge/runtime_array.cpp:
3772         (JSC::RuntimeArray::RuntimeArray):
3773         * bridge/runtime_array.h:
3774         (JSC::RuntimeArray::create):
3775         * bridge/runtime_method.cpp:
3776         (JSC::RuntimeMethod::RuntimeMethod):
3777         (JSC::RuntimeMethod::finishCreation):
3778         * bridge/runtime_method.h:
3779         * bridge/runtime_object.cpp:
3780         (JSC::Bindings::RuntimeObject::RuntimeObject):
3781         * bridge/runtime_object.h:
3782         (JSC::Bindings::RuntimeObject::create):
3783
3784 2011-09-06  Luke Macpherson   <macpherson@chromium.org>
3785
3786         Implement list style properties in CSSStyleApplyProperty.
3787         https://bugs.webkit.org/show_bug.cgi?id=67103
3788
3789         Reviewed by Eric Seidel.
3790
3791         No new tests / no behavioral changes.
3792
3793         * css/CSSStyleApplyProperty.cpp:
3794         Add class to wrap call to CSSStyleSelector::styleImage().
3795         (WebCore::ApplyPropertyStyleImage::ApplyPropertyStyleImage):
3796         (WebCore::ApplyPropertyStyleImage::applyValue):
3797         (WebCore::CSSStyleApplyProperty::CSSStyleApplyProperty):
3798         Initialize handlers for list style properties.
3799         * css/CSSStyleSelector.cpp:
3800         (WebCore::CSSStyleSelector::applyProperty):
3801         Remove existing property implementations.
3802
3803 2011-09-06  Alexis Menard  <alexis.menard@openbossa.org>
3804
3805         [Qt] Move away from QPointer as it is slow and it has a replacement QWeakPointer.
3806         https://bugs.webkit.org/show_bug.cgi?id=67673
3807
3808         Reviewed by Ariya Hidayat.
3809
3810         Move away from QPointer to QWeakPointer, it is faster.
3811
3812         No new tests, the existing ones should cover.
3813
3814         * bridge/qt/qt_instance.cpp:
3815         (JSC::Bindings::QtInstance::~QtInstance):
3816         (JSC::Bindings::QtInstance::getClass):
3817         (JSC::Bindings::QtField::name):
3818         (JSC::Bindings::QtField::valueFromInstance):
3819         * bridge/qt/qt_instance.h:
3820         (JSC::Bindings::QtInstance::getObject):
3821         * bridge/qt/qt_runtime.h:
3822         * platform/qt/SharedTimerQt.cpp:
3823         (WebCore::SharedTimerQt::inst):
3824
3825 2011-09-06  Oliver Hunt  <oliver@apple.com>
3826
3827         Update expected results of bindings tests.
3828
3829         * bindings/scripts/test/JS/JSTestInterface.cpp:
3830         (WebCore::JSTestInterfaceConstructor::createStructure):
3831         (WebCore::JSTestInterface::createPrototype):
3832         * bindings/scripts/test/JS/JSTestInterface.h:
3833         (WebCore::JSTestInterface::createStructure):
3834         (WebCore::JSTestInterfacePrototype::createStructure):
3835         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
3836         (WebCore::JSTestMediaQueryListListenerConstructor::createStructure):
3837         (WebCore::JSTestMediaQueryListListener::createPrototype):
3838         * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
3839         (WebCore::JSTestMediaQueryListListener::createStructure):
3840         (WebCore::JSTestMediaQueryListListenerPrototype::createStructure):
3841         * bindings/scripts/test/JS/JSTestObj.cpp:
3842         (WebCore::JSTestObjConstructor::createStructure):
3843         (WebCore::JSTestObj::createPrototype):
3844         * bindings/scripts/test/JS/JSTestObj.h:
3845         (WebCore::JSTestObj::createStructure):
3846         (WebCore::JSTestObjPrototype::createStructure):
3847         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
3848         (WebCore::JSTestSerializedScriptValueInterfaceConstructor::createStructure):
3849         (WebCore::JSTestSerializedScriptValueInterface::createPrototype):
3850         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
3851         (WebCore::JSTestSerializedScriptValueInterface::createStructure):
3852         (WebCore::JSTestSerializedScriptValueInterfacePrototype::createStructure):
3853
3854 2011-09-06  Eric Seidel  <eric@webkit.org>
3855
3856         Remove window.HTMLBlockquoteElement per HTML5 (and DOM Core 1)
3857         https://bugs.webkit.org/show_bug.cgi?id=67678
3858
3859         Reviewed by Darin Adler.
3860
3861         This is why we can't have nice things.
3862
3863         There was some confusion in the original DOM HTML 1 spec about
3864         the existence of HTMlBlockquoteElement which was clarified by
3865         a later errata, removing HTMLBlockquoteElement:
3866         http://www.w3.org/DOM/updates/REC-DOM-Level-1-19981001-errata.html
3867         "This interface is an error and must be ignored. The Interface HTMLQuoteElement is used for both the Q and BLOCKQUOTE elements"
3868
3869         Le sigh.  Personally I think having a separate HTMLBlockquoteElement
3870         is clearer, but thats not how the web works.  Removed it and updated test results.
3871
3872         * CMakeLists.txt:
3873         * CodeGenerators.pri:
3874         * DerivedSources.cpp:
3875         * DerivedSources.make:
3876         * GNUmakefile.list.am:
3877         * WebCore.gypi:
3878         * WebCore.pro:
3879         * WebCore.vcproj/WebCore.vcproj:
3880         * WebCore.xcodeproj/project.pbxproj:
3881         * bindings/gobject/GNUmakefile.am:
3882         * editing/IndentOutdentCommand.cpp:
3883         * html/HTMLBlockquoteElement.cpp: Removed.
3884         * html/HTMLBlockquoteElement.h: Removed.
3885         * html/HTMLBlockquoteElement.idl: Removed.
3886         * html/HTMLElementsAllInOne.cpp:
3887         * html/HTMLQuoteElement.cpp:
3888         (WebCore::HTMLQuoteElement::HTMLQuoteElement):
3889         (WebCore::HTMLQuoteElement::insertedIntoDocument):
3890         * html/HTMLTagNames.in:
3891         * page/DOMWindow.idl:
3892
3893 2011-09-06  Ryosuke Niwa  <rniwa@webkit.org>
3894
3895         Rename confirmCompositionWithoutDisturbingSelection to cancelComposition
3896         https://bugs.webkit.org/show_bug.cgi?id=67569
3897
3898         Reviewed by Antonio Gomes.
3899
3900         Renamed Editor::confirmCompositionWithoutDisturbingSelection to Editor::cancelComposition.
3901         Also renamed the shared function from confirmComposition to setComposition.
3902
3903         * WebCore.exp.in:
3904         * editing/Editor.cpp:
3905         (WebCore::Editor::confirmComposition):
3906         (WebCore::Editor::cancelComposition):
3907         (WebCore::Editor::setComposition):
3908         * editing/Editor.h:
3909
3910 2011-09-06  Sam Weinig  <sam@webkit.org>
3911
3912         WebVTTTokenizer files in the wrong place in the Xcode project.
3913
3914         * WebCore.xcodeproj/project.pbxproj:
3915         Move WebVTTTokenizer files so they are in the right place in the project.
3916
3917 2011-09-06  Chris Rogers  <crogers@google.com>
3918
3919         MediaElementAudioSourceNode destruction triggers ASSERTS
3920         https://bugs.webkit.org/show_bug.cgi?id=67665
3921
3922         Reviewed by Nate Chapin.
3923
3924         Test: webaudio/mediaelementaudiosourcenode-gc.html
3925
3926         * html/HTMLMediaElement.cpp:
3927         (WebCore::HTMLMediaElement::setAudioSourceNode):
3928         * webaudio/AudioContext.cpp:
3929         (WebCore::AudioContext::uninitializeDispatch):
3930         (WebCore::AudioContext::stop):
3931         * webaudio/AudioContext.h:
3932
3933 2011-09-05  Oliver Hunt  <oliver@apple.com>
3934
3935         An object's structure should reference the global object responsible for its creation
3936         https://bugs.webkit.org/show_bug.cgi?id=67624
3937
3938         Reviewed by Gavin Barraclough.
3939
3940         Update calls to Structure::create() to pass the globalObject in,
3941         and update the CodeGenerator to generate appropriate createStructure
3942         methods.
3943
3944         * bindings/js/JSAudioConstructor.h:
3945         (WebCore::JSAudioConstructor::createStructure):
3946         * bindings/js/JSDOMBinding.h:
3947         (WebCore::DOMConstructorObject::createStructure):
3948         (WebCore::getDOMStructure):
3949         * bindings/js/JSDOMGlobalObject.h:
3950         (WebCore::JSDOMGlobalObject::createStructure):
3951         (WebCore::getDOMConstructor):
3952         * bindings/js/JSDOMWindowBase.h:
3953         (WebCore::JSDOMWindowBase::createStructure):
3954         * bindings/js/JSDOMWindowShell.cpp:
3955         (WebCore::JSDOMWindowShell::setWindow):
3956         * bindings/js/JSDOMWindowShell.h:
3957         (WebCore::JSDOMWindowShell::createStructure):
3958         * bindings/js/JSDOMWrapper.h:
3959         (WebCore::JSDOMWrapper::createStructure):
3960         * bindings/js/JSImageConstructor.h:
3961         (WebCore::JSImageConstructor::createStructure):
3962         * bindings/js/JSImageDataCustom.cpp:
3963         (WebCore::toJS):
3964         * bindings/js/JSOptionConstructor.h:
3965         (WebCore::JSOptionConstructor::createStructure):
3966         * bindings/js/JSWorkerContextBase.h:
3967         (WebCore::JSWorkerContextBase::createStructure):
3968         * bindings/js/WorkerScriptController.cpp:
3969         (WebCore::WorkerScriptController::initScript):
3970         * bindings/scripts/CodeGeneratorJS.pm:
3971         (GenerateHeader):
3972         (GenerateImplementation):
3973         (GenerateConstructorDeclaration):
3974         * bridge/c/CRuntimeObject.h:
3975         (JSC::Bindings::CRuntimeObject::createStructure):
3976         * bridge/c/c_instance.cpp:
3977         (JSC::Bindings::CRuntimeMethod::createStructure):
3978         * bridge/jni/jsc/JavaInstanceJSC.cpp:
3979         (JavaRuntimeMethod::createStructure):
3980         * bridge/jni/jsc/JavaRuntimeObject.h:
3981         (JSC::Bindings::JavaRuntimeObject::createStructure):
3982         * bridge/objc/ObjCRuntimeObject.h:
3983         (JSC::Bindings::ObjCRuntimeObject::createStructure):
3984         * bridge/objc/objc_instance.mm:
3985         (ObjCRuntimeMethod::createStructure):
3986         * bridge/objc/objc_runtime.h:
3987         (JSC::Bindings::ObjcFallbackObjectImp::createStructure):
3988         * bridge/runtime_array.h:
3989         (JSC::RuntimeArray::createStructure):
3990         * bridge/runtime_method.h:
3991         (JSC::RuntimeMethod::createStructure):
3992         * bridge/runtime_object.h:
3993         (JSC::Bindings::RuntimeObject::createStructure):
3994
3995 2011-09-06  Anders Carlsson  <andersca@apple.com>
3996
3997         Move NPAPI headers in bridge to plugins
3998         https://bugs.webkit.org/show_bug.cgi?id=67661
3999
4000         Reviewed by Darin Adler.
4001
4002         * WebCore.gypi:
4003         * WebCore.pro:
4004         * WebCore.vcproj/WebCore.vcproj:
4005         * WebCore.xcodeproj/project.pbxproj:
4006         Update build systems.
4007
4008         * bridge/npapi.h: Removed.
4009         * bridge/npruntime.h: Removed.
4010         * bridge/nptypes.h: Removed.
4011         * plugins/npapi.h: Copied from Source/WebCore/bridge/npapi.h.
4012