2011-05-01 Nikolas Zimmermann <nzimmermann@rim.com>
[WebKit-https.git] / Source / WebCore / ChangeLog
index 5b5b9fa..9402299 100644 (file)
@@ -1,3 +1,178 @@
+2011-05-01  Nikolas Zimmermann  <nzimmermann@rim.com>
+
+        Reviewed by Dirk Schulze.
+
+        LEAK: SVGElement leaks when detaching it in a pending resource state
+        https://bugs.webkit.org/show_bug.cgi?id=59072
+
+        Make the pending resources set non-refcounted again. We made it refcounted a while ago
+        to fix a security bug, as we had dangling pointers in the set in SVGDocumentExtensions.
+        Fix the underlying problem, by removing all pending resources referencing to a particular
+        SVGElement, upon its destruction or upon removing it from the document.
+
+        Example: <rect fill="url(#foo)" id="rect">
+        When we try to render the rect, the foo paint server can't be found and thus "foo" will be
+        added to the pending resource set, with "rect" as client. When "foo" appears, it would remove
+        itself from the pending resource set, and a ref count to the "rect" would be released.
+        If "foo" never appears, SVGDocumentExtensions still holds a ref to the <rect>, thus keeping
+        it and the associated document alive.
+
+        Tests: svg/custom/pending-resource-leak-2.svg
+               svg/custom/pending-resource-leak-3.svg
+               svg/custom/pending-resource-leak.svg
+
+        These tests cover several scenarios where we used to leak. Should fix several SVG*Element leaks on the bots.
+        I manually tested reloading above testcases dozens of times, before the leak count was incremented by 2 nodes on every reload, that's gone now.
+
+        * rendering/svg/RenderSVGResourceContainer.cpp:
+        (WebCore::RenderSVGResourceContainer::registerResource):
+        * rendering/svg/RenderSVGShadowTreeRootContainer.cpp:
+        (WebCore::RenderSVGShadowTreeRootContainer::updateFromElement):
+        * rendering/svg/SVGResources.cpp:
+        (WebCore::registerPendingResource):
+        * svg/SVGDocumentExtensions.cpp:
+        (WebCore::SVGDocumentExtensions::addPendingResource):
+        (WebCore::SVGDocumentExtensions::hasPendingResources):
+        (WebCore::SVGDocumentExtensions::removeElementFromPendingResources):
+        (WebCore::SVGDocumentExtensions::removePendingResource):
+        * svg/SVGDocumentExtensions.h:
+        * svg/SVGElement.cpp:
+        * svg/SVGElement.h:
+        * svg/SVGElementRareData.h:
+        (WebCore::SVGElementRareData::SVGElementRareData):
+        (WebCore::SVGElementRareData::hasPendingResources):
+        (WebCore::SVGElementRareData::setHasPendingResources):
+        * svg/SVGStyledElement.cpp:
+        (WebCore::SVGStyledElement::~SVGStyledElement):
+        (WebCore::SVGStyledElement::insertedIntoDocument):
+        (WebCore::SVGStyledElement::removedFromDocument):
+        (WebCore::SVGStyledElement::hasPendingResources):
+        (WebCore::SVGStyledElement::setHasPendingResources):
+        * svg/SVGStyledElement.h:
+        (WebCore::SVGStyledElement::needsPendingResourceHandling):
+        (WebCore::SVGStyledElement::buildPendingResource):
+        * svg/SVGUseElement.cpp:
+        (WebCore::SVGUseElement::SVGUseElement):
+        (WebCore::SVGUseElement::insertedIntoDocument):
+        (WebCore::SVGUseElement::svgAttributeChanged):
+        (WebCore::SVGUseElement::buildPendingResource):
+        * svg/SVGUseElement.h:
+
+2011-05-01  Rafael Brandao  <rafael.lobo@openbossa.org>
+
+        Reviewed by Csaba Osztrogon√°c.
+
+        [Qt] build-webkit warning Inspector.idl is missing
+        https://bugs.webkit.org/show_bug.cgi?id=59047
+        
+        Added variable_out to pipe output from one compiler to another,
+        and then forced the output to be added to the sources.
+
+        * CodeGenerators.pri:
+
+2011-05-01  Dan Bernstein  <mitz@apple.com>
+
+        Reviewed by Anders Carlsson.
+
+        <rdar://problem/9155067> REGRESSION (float-based line boxes): Gaps and overlaps in selection highlight
+        https://bugs.webkit.org/show_bug.cgi?id=56658
+
+        Test: fast/text/selection-rect-rounding.html
+
+        * platform/graphics/FontFastPath.cpp:
+        (WebCore::Font::selectionRectForSimpleText): Account for non-integral anchor point coordinates.
+        * platform/graphics/mac/FontComplexTextMac.cpp:
+        (WebCore::Font::selectionRectForComplexText): Ditto.
+        * rendering/InlineTextBox.cpp:
+        (WebCore::InlineTextBox::selectionRect): Floor the horizontal sides of the clip rect.
+        (WebCore::InlineTextBox::paintSelection): Pass the logical left location to Font::selectionRectForText(),
+        since it affects rounding.
+
+2011-04-30  Justin Schuh  <jschuh@chromium.org>
+
+        Reviewed by Dirk Schulze.
+
+        Make RenderSVGResourceFilter take ownership of filter data when painting
+        https://bugs.webkit.org/show_bug.cgi?id=51524
+
+        Test: svg/custom/filter-on-svgimage.svg
+
+        * rendering/svg/RenderSVGResourceFilter.cpp:
+        (WebCore::RenderSVGResourceFilter::removeClientFromCache):
+        (WebCore::RenderSVGResourceFilter::postApplyResource):
+        * rendering/svg/RenderSVGResourceFilter.h:
+        (WebCore::FilterData::FilterData):
+
+2011-04-30  Martin Robinson  <mrobinson@igalia.com>
+
+        Reviewed by Adam Barth.
+
+        Enable strict mode for OwnPtr and PassOwnPtr
+        https://bugs.webkit.org/show_bug.cgi?id=59428
+
+        Fix assignments and .set() calls with OwnPtr to use adoptPtr. Have GeolocationService
+        factory methods return a PassOwnPtr.
+
+        No new tests. This should not change functionality.
+
+        * platform/GeolocationService.cpp:
+        (WebCore::createGeolocationServiceNull):
+        (WebCore::GeolocationService::create):
+        * platform/GeolocationService.h:
+        * platform/android/GeolocationServiceAndroid.cpp:
+        (WebCore::GeolocationServiceAndroid::create):
+        * platform/android/GeolocationServiceAndroid.h:
+        * platform/efl/GeolocationServiceEfl.cpp:
+        (WebCore::GeolocationServiceEfl::create):
+        * platform/efl/GeolocationServiceEfl.h:
+        * platform/graphics/cairo/CairoUtilities.cpp:
+        (WebCore::appendPathToCairoContext):
+        * platform/graphics/cairo/GraphicsContextCairo.cpp:
+        (WebCore::drawPathShadow):
+        (WebCore::GraphicsContext::clip):
+        * platform/graphics/cairo/ImageBufferCairo.cpp:
+        (WebCore::ImageBuffer::ImageBuffer):
+        * platform/graphics/cairo/OwnPtrCairo.h:
+        * platform/graphics/cairo/PathCairo.cpp:
+        (WebCore::Path::Path):
+        (WebCore::Path::operator=):
+        (WebCore::Path::apply):
+        * platform/gtk/GeolocationServiceGtk.cpp:
+        (WebCore::GeolocationServiceGtk::create):
+        * platform/gtk/GeolocationServiceGtk.h:
+        * platform/mock/GeolocationServiceMock.cpp:
+        (WebCore::GeolocationServiceMock::create):
+        * platform/mock/GeolocationServiceMock.h:
+
+2011-04-30  Pavel Feldman  <pfeldman@chromium.org>
+
+        Not reviewed: inspector toolbar titles were 2px off.
+
+        * inspector/front-end/inspector.css:
+        (#toolbar-dropdown .toolbar-label):
+
+2011-04-30  Mihai Parparita  <mihaip@chromium.org>
+
+        Reviewed by Eric Seidel.
+
+        V8Proxy.h shouldn't include SecurityOrigin.h
+        https://bugs.webkit.org/show_bug.cgi?id=59859
+
+        Remove SecurityOrigin.h #include from V8Proxy.h. Touching
+        SecurityOrigin.h now rebuilds 234 targets instead of 638 (when building
+        chromium's DumpRenderTree).
+
+        * bindings/v8/NPV8Object.cpp:
+        * bindings/v8/V8Proxy.cpp:
+        * bindings/v8/V8Proxy.h:
+        * css/CSSStyleSelector.cpp:
+        * dom/XMLDocumentParserLibxml2.cpp:
+        * html/HTMLLinkElement.cpp:
+        * loader/SubframeLoader.cpp:
+        * page/History.cpp:
+        * storage/IDBFactory.cpp:
+        * storage/StorageAreaImpl.cpp:
+
 2011-04-29  Adam Barth  <abarth@webkit.org>
 
         Reviewed by Eric Seidel.