[BlackBerry] Add a null check for media implementation to fix a crash.
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2012-08-03  George Staikos  <staikos@webkit.org>
2
3         [BlackBerry] Add a null check for media implementation to fix a crash.
4         https://bugs.webkit.org/show_bug.cgi?id=93107
5
6         Reviewed by Rob Buis.
7
8         Fixes media/video-size.html.
9
10         * platform/blackberry/RenderThemeBlackBerry.cpp:
11         (WebCore::RenderThemeBlackBerry::paintMediaSliderTrack): Add null check.
12
13 2012-08-03  Yury Semikhatsky  <yurys@chromium.org>
14
15         Unreviewed. Fixed WinCE compilation after r124589.
16
17         * css/PropertySetCSSStyleDeclaration.cpp:
18         (WebCore::StyleRuleCSSStyleDeclaration::reportMemoryUsage):
19         (WebCore::InlineCSSStyleDeclaration::reportMemoryUsage):
20
21 2012-08-03  Keishi Hattori  <keishi@webkit.org>
22
23         Add keyboard support for color suggestion popup
24         https://bugs.webkit.org/show_bug.cgi?id=93069
25
26         Reviewed by Kent Tamura.
27
28         This adds support for keyboard inside the color suggestion popup.
29         Tab or arrow keys to move around. Return or space to select the color.
30         Escape closes the popup.
31
32         No new tests. Covered in platform/chromium/fast/forms/color/color-suggestion-picker-appearance.html.
33
34         * Resources/colorSuggestionPicker.css:
35         (.color-swatch):
36         (.color-swatch:focus):
37         * Resources/colorSuggestionPicker.js:
38         (ColorPicker):
39         (ColorPicker.prototype._layout):
40         (ColorPicker.prototype.selectColorAtIndex): Selects color at index.
41         (ColorPicker.prototype._handleMouseMove): Set focus to the swatch under the mouse cursor.
42         (ColorPicker.prototype._handleKeyDown): Move focused element on arrow keys.
43         (ColorPicker.prototype._handleMouseDown): Prevents blur on click.
44
45 2012-08-03  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>
46
47         Add missing include to build on Mac OS 10.8
48
49         Reviewed by Ossy.
50
51         * platform/graphics/surfaces/mac/GraphicsSurfaceMac.cpp:
52
53 2012-08-03  Adam Barth  <abarth@webkit.org>
54
55         [V8] Re-wire "target" half of the same-origin security check through Document rather than DOMWindow
56         https://bugs.webkit.org/show_bug.cgi?id=93079
57
58         Reviewed by Eric Seidel.
59
60         Before this patch, we were traversing from Nodes to Frames to
61         DOMWindows to SecurityOrigins when determing the "target" of an
62         operation for the same-origin policy security check. Rather than
63         detouring through DOMWindow, these security checks should operate in
64         terms of ScriptExecutionContexts (aka Documents) because that's the
65         canonical place we store SecurityOrigin objects.
66
67         A future patch will re-wire the "active" part of the security check to
68         use ScriptExecutionContexts as well and we'll be able to remove the
69         extra copy of SecurityOrigin that we keep in DOMWindow.
70
71         * bindings/generic/BindingSecurity.cpp:
72         (WebCore::canAccessDocument):
73         (WebCore::BindingSecurity::canAccessFrame):
74         (WebCore::BindingSecurity::shouldAllowAccessToNode):
75         * bindings/v8/BindingState.cpp:
76         (WebCore::immediatelyReportUnsafeAccessTo):
77         * bindings/v8/BindingState.h:
78         (WebCore):
79         * bindings/v8/V8DOMWindowShell.cpp:
80         (WebCore::reportUnsafeJavaScriptAccess):
81         * bindings/v8/V8Proxy.cpp:
82         (WebCore::V8Proxy::reportUnsafeAccessTo):
83         * bindings/v8/V8Proxy.h:
84         (V8Proxy):
85
86 2012-08-03  Keishi Hattori  <keishi@webkit.org>
87
88         ColorSuggestionPicker popup's height doesn't get smaller than 100 px
89         https://bugs.webkit.org/show_bug.cgi?id=92945
90
91         Reviewed by Kent Tamura.
92
93         A window cannot be resized to be smaller than 100x100 pixels so this
94         adjust the color suggestion popup UI to look better when there are only
95         a few suggestions.
96
97         Tests: platform/chromium/fast/forms/color/color-suggestion-picker-one-row-appearance.html
98                platform/chromium/fast/forms/color/color-suggestion-picker-two-row-appearance.html
99
100         * Resources/colorSuggestionPicker.css:
101         (.color-swatch-container): Vertically center the swatches.
102
103 2012-08-03  Alexander Pavlov  <apavlov@chromium.org>
104
105         Web Inspector: Remove InspectorCSSAgent from InstrumentingAgents on clearFrontend()
106         https://bugs.webkit.org/show_bug.cgi?id=93082
107
108         Reviewed by Yury Semikhatsky.
109
110         * inspector/InspectorCSSAgent.cpp:
111         (WebCore::InspectorCSSAgent::InspectorCSSAgent):
112         (WebCore::InspectorCSSAgent::~InspectorCSSAgent):
113         (WebCore::InspectorCSSAgent::setFrontend):
114         (WebCore::InspectorCSSAgent::clearFrontend):
115
116 2012-08-03  Eugene Klyuchnikov  <eustas.big@gmail.com>
117
118         Web Inspector: Profiles: extract save to file / load from code
119         https://bugs.webkit.org/show_bug.cgi?id=92348
120
121         Reviewed by Yury Semikhatsky.
122
123         Motivation: extract reusable code for timeline load/save.
124         FileUtils.js will contain common code. Not all code moved to FileUtils
125         to make review easier. This code will be moved in next patch.
126
127         Core abstractions: OutputStream and OutputStreamDelegate.
128
129         OutputStream is interface that is used to transfer entity divded
130         to chunks. Transfer process is explicitly initialized (startTransfer)
131         and finalized (finishTrnsfer).
132
133         OutputStreamDelegate is interface to receive notifications about
134         transfer process: onTransferStarted, onChunkTransferred, onTransferFinished.
135
136         ChunkedFileReader: utility class that loads file by chunks of specified
137         size and notifies given delegate. OutputStream is supplied as a
138         parameter of method "start".
139
140         ChunkedFileWriter: implementation of OutputStream that saves data
141         to file specified by file name and notifies given delegate.
142
143         * WebCore.gypi: Added 'FileUtils.js'.
144         * WebCore.vcproj/WebCore.vcproj: Added 'FileUtils.js'.
145         * inspector/compile-front-end.py: Added 'FileUtils.js'.
146         * inspector/front-end/FileUtils.js: Added.
147         (WebInspector.OutputStreamDelegate): Added.
148         (WebInspector.ChunkedFileReader): Added.
149         (WebInspector.createFileSelectorElement): Added utility method to construct
150         hidden input element to select file.
151         * inspector/front-end/HeapSnapshotLoader.js: Adopted new API.
152         * inspector/front-end/HeapSnapshotProxy.js: Adopted new API.
153         * inspector/front-end/HeapSnapshotView.js: Adopted new API.
154         (WebInspector.HeapSnapshotLoadFromFileDelegate):
155         Extracted from existing code.
156         (WebInspector.ChunkedFileWriter): Renamed and refactored.
157         (WebInspector.HeapSnapshotSaveToFileDelegate):
158         Extracted from existing code.
159         * inspector/front-end/ProfilesPanel.js: Adopted new API.
160
161 2012-08-03  Alexander Pavlov  <apavlov@chromium.org>
162
163         Web Inspector: Incorrect blob url href when inspecting
164         https://bugs.webkit.org/show_bug.cgi?id=93076
165
166         Reviewed by Vsevolod Vlasov.
167
168         Special-cased the "blob" scheme to return the original URL intact on completion.
169
170         * inspector/front-end/ResourceUtils.js:
171         (WebInspector.completeURL):
172
173 2012-08-03  Yury Semikhatsky  <yurys@chromium.org>
174
175         Web Inspector: add CSSRule memory instrumentation
176         https://bugs.webkit.org/show_bug.cgi?id=92962
177
178         Reviewed by Pavel Feldman.
179
180         Added memory footprint reporting method to CSSRule and its descendants.
181
182         * css/CSSCharsetRule.cpp:
183         (WebCore::CSSCharsetRule::reportDescendantMemoryUsage):
184         (WebCore):
185         * css/CSSCharsetRule.h:
186         (CSSCharsetRule):
187         * css/CSSComputedStyleDeclaration.cpp:
188         (WebCore::CSSComputedStyleDeclaration::reportMemoryUsage):
189         (WebCore):
190         * css/CSSComputedStyleDeclaration.h:
191         (CSSComputedStyleDeclaration):
192         * css/CSSFontFaceRule.cpp:
193         (WebCore::CSSFontFaceRule::reportDescendantMemoryUsage):
194         (WebCore):
195         * css/CSSFontFaceRule.h:
196         (CSSFontFaceRule):
197         * css/CSSImportRule.cpp:
198         (WebCore::CSSImportRule::reportDescendantMemoryUsage):
199         (WebCore):
200         * css/CSSImportRule.h:
201         (CSSImportRule):
202         * css/CSSMediaRule.cpp:
203         (WebCore::CSSMediaRule::reportDescendantMemoryUsage):
204         (WebCore):
205         * css/CSSMediaRule.h:
206         (CSSMediaRule):
207         * css/CSSPageRule.cpp:
208         (WebCore::CSSPageRule::reportDescendantMemoryUsage):
209         (WebCore):
210         * css/CSSPageRule.h:
211         (CSSPageRule):
212         * css/CSSRule.cpp:
213         (WebCore::CSSRule::reportMemoryUsage): we manually implement polymorphic
214         call here to avoid adding vtable pointer to all CSSRule objects. Descendants
215         are expected to report their memory via reportDescendantMemoryUsage. The name
216         is intentionally different from reportMemoryUsage to avoid accidential infitite
217         recursion: if the descendants overrode non-virtual CSSRule::reportMemoryUsage,
218         it would be easy to add a new descendant type to the switch in
219         CSSRule::reportMemoryUsage without providing proper override for reportMemoryUsage
220         and CSSRule::reportMemoryUsage would end up calling itself.
221         (WebCore):
222         (WebCore::CSSRule::reportBaseClassMemoryUsage): again we cannot use
223         MemoryClassInfo::visitBaseClass like we do for virtual methods because it would
224         lead to a recursive call of CSSRule::reportMemoryUsage. This is why we use
225         reportBaseClassMemoryUsage to allow descendants to report objects referenced
226         from their base class.
227         * css/CSSRule.h:
228         (WebCore):
229         (CSSRule):
230         * css/CSSRuleList.cpp:
231         (WebCore::StaticCSSRuleList::reportMemoryUsage):
232         (WebCore):
233         * css/CSSRuleList.h:
234         (WebCore):
235         (CSSRuleList):
236         (StaticCSSRuleList):
237         (LiveCSSRuleList):
238         * css/CSSStyleDeclaration.h:
239         (WebCore):
240         (CSSStyleDeclaration):
241         * css/CSSStyleRule.cpp:
242         (WebCore::CSSStyleRule::reportDescendantMemoryUsage):
243         (WebCore):
244         * css/CSSStyleRule.h:
245         (CSSStyleRule):
246         * css/CSSStyleSheet.cpp:
247         (StyleSheetCSSRuleList):
248         (WebCore::CSSStyleSheet::reportMemoryUsage):
249         * css/CSSUnknownRule.h:
250         (CSSUnknownRule):
251         (WebCore::CSSUnknownRule::reportDescendantMemoryUsage):
252         * css/PropertySetCSSStyleDeclaration.cpp:
253         (WebCore::PropertySetCSSStyleDeclaration::reportMemoryUsage):
254         (WebCore):
255         (WebCore::StyleRuleCSSStyleDeclaration::reportMemoryUsage):
256         (WebCore::InlineCSSStyleDeclaration::reportMemoryUsage):
257         * css/PropertySetCSSStyleDeclaration.h:
258         (PropertySetCSSStyleDeclaration):
259         (StyleRuleCSSStyleDeclaration):
260         (InlineCSSStyleDeclaration):
261         * css/WebKitCSSKeyframeRule.cpp:
262         (WebCore::WebKitCSSKeyframeRule::reportDescendantMemoryUsage):
263         (WebCore):
264         * css/WebKitCSSKeyframeRule.h:
265         (WebKitCSSKeyframeRule):
266         * css/WebKitCSSKeyframesRule.cpp:
267         (WebCore::WebKitCSSKeyframesRule::reportDescendantMemoryUsage):
268         (WebCore):
269         * css/WebKitCSSKeyframesRule.h:
270         (WebKitCSSKeyframesRule):
271         * css/WebKitCSSRegionRule.cpp:
272         (WebCore::WebKitCSSRegionRule::reportDescendantMemoryUsage):
273         (WebCore):
274         * css/WebKitCSSRegionRule.h:
275         (WebKitCSSRegionRule):
276
277 2012-08-03  Adam Barth  <abarth@webkit.org>
278
279         WebCore::DragController::cleanupAfterSystemDrag should null-check page
280         https://bugs.webkit.org/show_bug.cgi?id=61815
281
282         Reviewed by Eric Seidel.
283
284         * page/DragController.cpp:
285         (WebCore::DragController::dragEnteredOrUpdated):
286         (WebCore::DragController::doSystemDrag):
287
288 2012-08-03  Sergio Carlos Morales Angeles  <carloschilazo@gmail.com>
289
290         Delete text from password does nothing.
291         https://bugs.webkit.org/show_bug.cgi?id=92040
292
293         Reviewed by Ryosuke Niwa.
294
295         Use Editor::canDelete() to determine if field is editable or not.
296         Added password-delete-contents test.
297
298         Test: editing/deleting/password-delete-contents.html
299
300         * editing/EditorCommand.cpp:
301         (WebCore::enabledDelete):
302
303 2012-08-03  Jan Keromnes  <janx@linux.com>
304
305         Web Inspector: Make textModel private to textEditor
306         https://bugs.webkit.org/show_bug.cgi?id=92999
307
308         Reviewed by Pavel Feldman.
309
310         Making textModel private to the textEditor ensures that it is accessed
311         only through the textEditor, making the latter more modular.
312
313         Tests were changed accordingly.
314
315         * inspector/front-end/JavaScriptSourceFrame.js:
316         (WebInspector.JavaScriptSourceFrame.prototype.afterTextChanged):
317         (WebInspector.JavaScriptSourceFrame.prototype._restoreBreakpointsAfterEditing):
318         (WebInspector.JavaScriptSourceFrame.prototype._addBreakpointDecoration):
319         (WebInspector.JavaScriptSourceFrame.prototype._removeBreakpointDecoration):
320         (WebInspector.JavaScriptSourceFrame.prototype._lineNumberAfterEditing):
321         * inspector/front-end/SourceFrame.js:
322         (WebInspector.SourceFrame):
323         (WebInspector.SourceFrame.prototype.setContent):
324         (WebInspector.SourceFrame.prototype.replaceAllWith):
325         (WebInspector.SourceFrame.prototype._collectRegexMatches):
326         (WebInspector.SourceFrame.prototype.addMessageToSource):
327         (WebInspector.SourceFrame.prototype.removeMessageFromSource):
328         (WebInspector.TextEditorDelegateForSourceFrame.prototype.commitEditing):
329         * inspector/front-end/TextEditor.js:
330         (WebInspector.TextEditor.prototype.setText):
331         (WebInspector.TextEditor.prototype.text):
332         (WebInspector.TextEditor.prototype.range):
333         (WebInspector.TextEditor.prototype.line):
334         (WebInspector.TextEditor.prototype.get linesCount):
335         (WebInspector.TextEditor.prototype.setAttribute):
336         (WebInspector.TextEditor.prototype.getAttribute):
337         (WebInspector.TextEditor.prototype.removeAttribute):
338         * inspector/front-end/UISourceCodeFrame.js:
339         (WebInspector.UISourceCodeFrame.prototype.afterTextChanged):
340
341 2012-08-03  Adam Barth  <abarth@webkit.org>
342
343         V8Proxy::retrieve(*) leads to really obfuscated code and should be removed
344         https://bugs.webkit.org/show_bug.cgi?id=93072
345
346         Reviewed by Eric Seidel.
347
348         Once upon a time, V8Proxy::retrieve did a bunch of checks before
349         returning the V8Proxy object (such as checking whether script was
350         enabled). Over time, we've removed all of these checks in order to fix
351         various bugs. Now all it does is check whether the Frame is 0. However,
352         because the function ends up returning 0 when its argument is 0, the
353         caller sill needs to have a null check.
354
355         This patch deletes all the variations of V8Proxy::retrieve(*) and
356         inlines them into their callers. In several cases, inlining the
357         function call showed that we were testing the Frame for 0 twice, and
358         I've removed the redundant null checks. In other cases, I've
359         uncontorted the callers to make the code more readable.
360
361         * bindings/scripts/CodeGeneratorV8.pm:
362         (GenerateToV8Converters):
363         * bindings/scripts/test/V8/V8TestActiveDOMObject.cpp:
364         (WebCore::V8TestActiveDOMObject::wrapSlow):
365         * bindings/scripts/test/V8/V8TestNamedConstructor.cpp:
366         (WebCore::V8TestNamedConstructorConstructorCallback):
367         * bindings/scripts/test/V8/V8TestNode.cpp:
368         (WebCore::V8TestNode::wrapSlow):
369         * bindings/v8/PageScriptDebugServer.cpp:
370         (WebCore::PageScriptDebugServer::addListener):
371         * bindings/v8/ScheduledAction.cpp:
372         (WebCore::ScheduledAction::execute):
373         * bindings/v8/ScriptController.h:
374         (WebCore::ScriptController::windowShell):
375         * bindings/v8/V8DOMWrapper.cpp:
376         (WebCore::V8DOMWrapper::instantiateV8Object):
377         * bindings/v8/V8EventListener.cpp:
378         (WebCore::V8EventListener::callListenerFunction):
379         * bindings/v8/V8Helpers.cpp:
380         (WebCore::toV8Proxy):
381         * bindings/v8/V8LazyEventListener.cpp:
382         (WebCore::V8LazyEventListener::callListenerFunction):
383         (WebCore::V8LazyEventListener::prepareListenerObject):
384         * bindings/v8/V8Proxy.cpp:
385         (WebCore::V8Proxy::handleOutOfMemory):
386         (WebCore::V8Proxy::retrievePerContextData):
387         (WebCore::V8Proxy::mainWorldContext):
388         (WebCore::toV8Context):
389         * bindings/v8/V8Proxy.h:
390         (V8Proxy):
391         * bindings/v8/custom/V8DOMWindowCustom.cpp:
392         (WebCore::V8DOMWindow::addEventListenerCallback):
393         (WebCore::V8DOMWindow::removeEventListenerCallback):
394         * bindings/v8/custom/V8DocumentCustom.cpp:
395         (WebCore::toV8):
396         * bindings/v8/custom/V8HTMLDocumentCustom.cpp:
397         (WebCore::V8HTMLDocument::openCallback):
398         (WebCore::toV8):
399         * bindings/v8/custom/V8SVGDocumentCustom.cpp:
400         (WebCore::toV8):
401
402 2012-08-03  Gyuyoung Kim  <gyuyoung.kim@samsung.com>
403
404         Add *explicit* keyword to constructors in WebCore/accessibility
405         https://bugs.webkit.org/show_bug.cgi?id=93067
406
407         Reviewed by Kentaro Hara.
408
409         As a step to add *explicit* keyword to constructors which have a parameter,
410         *explicit* keyword is added to Source/WebCore/accessibility in order to avoid
411         implicit type conversion.
412
413         No new tests. Covered by existing tests.
414
415         * accessibility/AXObjectCache.h:
416         (AXObjectCache):
417         * accessibility/AccessibilityARIAGrid.h:
418         (AccessibilityARIAGrid):
419         * accessibility/AccessibilityARIAGridCell.h:
420         (AccessibilityARIAGridCell):
421         * accessibility/AccessibilityARIAGridRow.h:
422         (AccessibilityARIAGridRow):
423         * accessibility/AccessibilityList.h:
424         (AccessibilityList):
425         * accessibility/AccessibilityListBox.h:
426         (AccessibilityListBox):
427         * accessibility/AccessibilityMediaControls.h:
428         (AccessibilityMediaControl):
429         (AccessibilityMediaTimeline):
430         (AccessibilityMediaControlsContainer):
431         (AccessibilityMediaTimeDisplay):
432         * accessibility/AccessibilityMenuList.h:
433         (AccessibilityMenuList):
434         * accessibility/AccessibilityNodeObject.h:
435         (AccessibilityNodeObject):
436         * accessibility/AccessibilityProgressIndicator.h:
437         (AccessibilityProgressIndicator):
438         * accessibility/AccessibilityRenderObject.h:
439         (AccessibilityRenderObject):
440         * accessibility/AccessibilityScrollView.h:
441         (AccessibilityScrollView):
442         * accessibility/AccessibilityScrollbar.h:
443         (AccessibilityScrollbar):
444         * accessibility/AccessibilitySlider.h:
445         (AccessibilitySlider):
446         * accessibility/AccessibilityTable.h:
447         (AccessibilityTable):
448         * accessibility/AccessibilityTableCell.h:
449         (AccessibilityTableCell):
450         * accessibility/AccessibilityTableRow.h:
451         (AccessibilityTableRow):
452
453 2012-08-03  Abhishek Arya  <inferno@chromium.org>
454
455         Regression(r124564): Wrong inlineChildrenBlock->hasLayer() computed in RenderBlock::removeChild.
456         https://bugs.webkit.org/show_bug.cgi?id=90800
457
458         Reviewed by Eric Seidel.
459
460         r124564 reversed the sequence of setStyle and removeChildNode calls, but failed to cache the value
461         of inlineChildrenBlock->hasLayer(). So, it will be null when the layer is removed from parent in setStyle.
462         Fixed by the caching the bool value. 
463
464         Covered by existing test fast/block/layer-not-removed-from-parent-crash.html.
465
466         * rendering/RenderBlock.cpp:
467         (WebCore::RenderBlock::removeChild):
468
469 2012-08-03  Mario Sanchez Prada  <msanchez@igalia.com>
470
471         [GTK] Add a new and reusable enchant-based spellchecker in WebCore
472         https://bugs.webkit.org/show_bug.cgi?id=90269
473
474         Reviewed by Martin Robinson.
475
476         Move enchant specific code down to WebCore, into a new class
477         TextCheckerEnchant, that we can use from WK1 and WK2.
478
479         * GNUmakefile.am: Add flags to handle the SPELLCHECK feature.
480         * GNUmakefile.list.am: Added new files.
481         * platform/text/gtk/TextCheckerEnchant.cpp: Added.
482         (getAvailableDictionariesCallback):
483         (TextCheckerEnchant::TextCheckerEnchant):
484         (TextCheckerEnchant::~TextCheckerEnchant):
485         (TextCheckerEnchant::ignoreWord):
486         (TextCheckerEnchant::learnWord):
487         (TextCheckerEnchant::checkSpellingOfString):
488         (TextCheckerEnchant::getGuessesForWord):
489         (TextCheckerEnchant::updateSpellCheckingLanguages):
490         (TextCheckerEnchant::freeEnchantBrokerDictionaries):
491         * platform/text/gtk/TextCheckerEnchant.h: Added.
492         (WebCore):
493         (TextCheckerEnchant):
494         (WebCore::TextCheckerEnchant::create):
495
496 2012-08-03  Kwang Yul Seo  <skyul@company100.net>
497
498         Unreviewed r124536 followup, fix the assertion error on Chromium.
499
500         * html/parser/HTMLTreeBuilder.cpp:
501         (WebCore::HTMLTreeBuilder::callTheAdoptionAgency):
502
503 2012-08-03  Ilya Tikhonovsky  <loislo@chromium.org>
504
505         Web Inspector: simple replace objectType with ownerObjectType in NMI code.
506         https://bugs.webkit.org/show_bug.cgi?id=93001
507
508         Reviewed by Yury Semikhatsky.
509
510         In all the cases when we are visiting members, objectType field is actually the object type of the member's owner object.
511
512         * dom/MemoryInstrumentation.h:
513         (WebCore::MemoryInstrumentation::InstrumentedPointer::InstrumentedPointer):
514         (InstrumentedPointer):
515         (WebCore::MemoryInstrumentation::addObject):
516         (WebCore::MemoryInstrumentation::addInstrumentedObject):
517         (WebCore::MemoryInstrumentation::addRawBuffer):
518         (WebCore::MemoryInstrumentation::OwningTraits::addInstrumentedObject):
519         (WebCore::MemoryInstrumentation::OwningTraits::addObject):
520         (WebCore::MemoryObjectInfo::MemoryObjectInfo):
521         (WebCore::MemoryInstrumentation::addInstrumentedObjectImpl):
522         (WebCore::MemoryInstrumentation::addObjectImpl):
523         (WebCore::MemoryInstrumentation::addHashMap):
524         (WebCore::MemoryInstrumentation::addHashSet):
525         (WebCore::MemoryInstrumentation::addInstrumentedCollection):
526         (WebCore::MemoryInstrumentation::addListHashSet):
527         (WebCore::MemoryInstrumentation::addVector):
528         (WebCore::::process):
529
530 2012-08-02  Ilya Tikhonovsky  <loislo@chromium.org>
531
532         Web Inspector: extend test coverage for nmi code and fix 2 bugs.
533         https://bugs.webkit.org/show_bug.cgi?id=92994
534
535         Reviewed by Yury Semikhatsky.
536
537         1) owner object type propagation.
538         If a class with object-type DOM has an instrumented member with object-type Other then it has to be recorded as DOM.
539         Sample: We have SharedBuffer class and we don't know the object-type for it but we know that it is owned by an object with object-type CachedResourceImage.
540
541         2) the first member of an instrumented non virtual class was skipped even if it was reported properly.
542         it happened because the first member has the same address as it's owner
543
544         * dom/MemoryInstrumentation.h:
545         (WebCore::MemoryInstrumentation::addRootObject):
546         (WebCore::MemoryInstrumentation::InstrumentedPointer::InstrumentedPointer):
547         (InstrumentedPointer):
548         (WebCore::MemoryInstrumentation::addInstrumentedObject):
549         (MemoryInstrumentation):
550         (WebCore::MemoryInstrumentation::OwningTraits::addInstrumentedObject):
551         (WebCore::MemoryObjectInfo::MemoryObjectInfo):
552         (WebCore::MemoryObjectInfo::reportObjectInfo):
553         (WebCore::MemoryClassInfo::addInstrumentedMember):
554         (WebCore::MemoryInstrumentation::addInstrumentedObjectImpl):
555         (WebCore::MemoryInstrumentation::addObjectImpl):
556         (WebCore::MemoryInstrumentation::addInstrumentedCollection):
557         (WebCore::::process):
558
559 2012-08-03  Kentaro Hara  <haraken@chromium.org>
560
561         [V8] Make v8NonStringValueToWebCoreString a static method
562         https://bugs.webkit.org/show_bug.cgi?id=93066
563
564         Reviewed by Adam Barth.
565
566         v8NonStringValueToWebCoreString() and v8NonStringValueToAtomicWebCoreString()
567         are not intended to be used from outside V8Binding.cpp.
568         They should be static methods.
569
570         No tests. No change in behavior.
571
572         * bindings/v8/V8Binding.cpp:
573         (WebCore::v8NonStringValueToWebCoreString):
574         (WebCore):
575         (WebCore::v8NonStringValueToAtomicWebCoreString):
576         * bindings/v8/V8Binding.h:
577         (WebCore::v8StringToWebCoreString):
578         (WebCore::v8StringToAtomicWebCoreString):
579
580 2012-08-02  Abhishek Arya  <inferno@chromium.org>
581
582         Crash due to layer not removed from parent for anonymous block.
583         https://bugs.webkit.org/show_bug.cgi?id=90800
584
585         Reviewed by Kent Tamura.
586
587         Reverse the order of setStyle and removeChildNode calls. This ensures that setting the style
588         properly removes its layer from the parent in RenderBoxModelObject::styleDidChange. Calling
589         removeChildNode before calling setStyle is problematic since the parent layer never gets
590         notified.
591
592         Test: fast/block/layer-not-removed-from-parent-crash.html
593
594         * rendering/RenderBlock.cpp:
595         (WebCore::RenderBlock::removeChild):
596
597 2012-08-02  Adam Barth  <abarth@webkit.org>
598
599         V8Proxy::retrieveFrameFor*Context are used only by BindingState and should be removed as separate functions
600         https://bugs.webkit.org/show_bug.cgi?id=93049
601
602         Reviewed by Eric Seidel.
603
604         No one calls these functions directly anymore. This patch removes them
605         from V8Proxy and inlines their logic into BindingState.cpp.
606
607         * bindings/v8/BindingState.cpp:
608         (WebCore::activeContext):
609         (WebCore):
610         (WebCore::activeWindow):
611         (WebCore::activeFrame):
612         (WebCore::firstFrame):
613         (WebCore::currentFrame):
614         * bindings/v8/V8Proxy.cpp:
615         * bindings/v8/V8Proxy.h:
616         (V8Proxy):
617
618 2012-08-02  Yoshifumi Inoue  <yosin@chromium.org>
619
620         Make order of attribute/method in HTMLTrackElement.idl as same as specification
621         https://bugs.webkit.org/show_bug.cgi?id=80102
622
623         Reviewed by Kentaro Hara.
624
625         No new tests. This patch doesn't change behavior.
626
627         * html/HTMLTrackElement.idl: Reorder attribute/method position.
628
629 2012-08-02  Kent Tamura  <tkent@chromium.org>
630
631         Fix crashes for <input> and <textarea> with display:run-in.
632         https://bugs.webkit.org/show_bug.cgi?id=87300
633
634         Reviewed by Abhishek Arya.
635
636         Introduce RenderObject::canBeReplacedWithInlineRunIn, and renderers which
637         should not be run-in override it so that it returns false.
638
639         Test: fast/runin/input-text-runin.html
640               fast/runin/textarea-runin.html
641
642         * rendering/RenderBlock.cpp:
643         (WebCore::RenderBlock::moveRunInUnderSiblingBlockIfNeeded):
644         Checks canBeReplacedWithInlineRunIn instead of checking tag names.
645         * rendering/RenderFileUploadControl.cpp:
646         (WebCore::RenderFileUploadControl::canBeReplacedWithInlineRunIn):
647         Added. Disallow run-in.
648         * rendering/RenderFileUploadControl.h:
649         (RenderFileUploadControl): Declare canBeReplacedWithInlineRunIn.
650         * rendering/RenderListBox.cpp:
651         (WebCore::RenderListBox::canBeReplacedWithInlineRunIn):
652         Added. Disallow run-in. This is not a behavior change.
653         * rendering/RenderListBox.h:
654         (RenderListBox): Declare canBeReplacedWithInlineRunIn.
655         * rendering/RenderMenuList.cpp:
656         (WebCore::RenderMenuList::canBeReplacedWithInlineRunIn):
657         Added. Disallow run-in. This is not a behavior change.
658         * rendering/RenderMenuList.h:
659         (RenderMenuList): Declare canBeReplacedWithInlineRunIn.
660         * rendering/RenderObject.cpp:
661         (WebCore::RenderObject::canBeReplacedWithInlineRunIn):
662         Added. Allow run-in by default.
663         * rendering/RenderObject.h:
664         (RenderObject): Declare canBeReplacedWithInlineRunIn.
665         * rendering/RenderProgress.cpp:
666         (WebCore::RenderProgress::canBeReplacedWithInlineRunIn):
667         Added. Disallow run-in. This is not a behavior change.
668         * rendering/RenderProgress.h:
669         (RenderProgress): Declare canBeReplacedWithInlineRunIn.
670         * rendering/RenderSlider.cpp:
671         (WebCore::RenderSlider::canBeReplacedWithInlineRunIn):
672         Added. Disallow run-in.
673         * rendering/RenderSlider.h:
674         (RenderSlider): Declare canBeReplacedWithInlineRunIn.
675         * rendering/RenderTextControl.cpp:
676         (WebCore::RenderTextControl::canBeReplacedWithInlineRunIn):
677         Added. Disallow run-in.
678         * rendering/RenderTextControl.h:
679         (RenderTextControl): Declare canBeReplacedWithInlineRunIn.
680
681 2012-08-02  Kihong Kwon  <kihong.kwon@samsung.com>
682
683         [EFL] Fix wrong assigned value of BatteryStatus
684         https://bugs.webkit.org/show_bug.cgi?id=93058
685
686         Reviewed by Kentaro Hara.
687
688         There is a wrong change in the bug 92964.
689         property variable have to be used after assigned value in the setBatteryClient.
690
691         * platform/efl/BatteryProviderEfl.cpp:
692         (WebCore::BatteryProviderEfl::setBatteryClient):
693
694 2012-08-02  Arvid Nilsson  <anilsson@rim.com>
695
696         [BlackBerry] Add default implementation of GraphicsLayerClient::contentsVisible()
697         https://bugs.webkit.org/show_bug.cgi?id=93036
698
699         Reviewed by George Staikos.
700
701         Returning true by default would cause memory usage to balloon, because
702         the LayerTiler would believe every tile is visible and always needs to
703         be rendered. Instead, we choose to return false by default, relying
704         entirely on reactive rendering through render jobs.
705
706         However this revealed a subtle bug. If the entire layer was invalidated
707         every frame, checkerboard would never resolve with this default
708         implementation.
709
710         Fixed by not clearing render jobs when the entire layer is invalidated,
711         thus making us robust against an incomplete contentsVisible
712         implementation.
713
714         Also removed dead code related to the deprecated
715         LayerTiler::m_tilesWebKitThread mechanism, which has been replaced by
716         the implicit visibility management resulting from render jobs.
717
718         With m_tilesWebKitThread out of the way, rename m_tilesCompositingThread
719         to be simply m_tiles.
720
721         PR 187458
722
723         This is not currently testable using BlackBerry testing infrastructure.
724
725         * platform/graphics/GraphicsLayerClient.h:
726         (WebCore::GraphicsLayerClient::contentsVisible): Gets a default implementation instead of being pure virtual.
727         * platform/graphics/blackberry/LayerTile.cpp:
728         (WebCore::LayerTile::LayerTile): Merged LayerTileData into LayerTile now that m_tilesWebKitThread is gone.
729         * platform/graphics/blackberry/LayerTile.h:
730         (LayerTile):
731         * platform/graphics/blackberry/LayerTiler.cpp:
732         (WebCore::LayerTiler::~LayerTiler):
733         (WebCore::LayerTiler::updateTextureContentsIfNeeded): Bug fix to make us robust against the new default implementation of GraphicsLayerClient::contentsVisible()
734         (WebCore::LayerTiler::shouldPerformRenderJob):
735         (WebCore::LayerTiler::layerVisibilityChanged):
736         (WebCore::LayerTiler::uploadTexturesIfNeeded):
737         (WebCore::LayerTiler::drawTexturesInternal):
738         (WebCore::LayerTiler::deleteTextures):
739         (WebCore::LayerTiler::pruneTextures):
740         (WebCore::LayerTiler::bindContentsTexture):
741         * platform/graphics/blackberry/LayerTiler.h:
742         (LayerTiler):
743
744 2012-08-02  Keishi Hattori  <keishi@webkit.org>
745
746         Slider should snap to datalist tick marks
747         https://bugs.webkit.org/show_bug.cgi?id=92640
748
749         Reviewed by Kent Tamura.
750
751         Input type=range slider snaps to datalist tick marks.
752
753         Test: fast/forms/datalist/range-snap-to-datalist.html
754
755         * html/HTMLInputElement.cpp:
756         (WebCore::HTMLInputElement::findClosestTickMarkValue): Just calls InputType::findClosestTickMarkValue.
757         (WebCore):
758         * html/HTMLInputElement.h:
759         (HTMLInputElement):
760         * html/InputType.cpp:
761         (WebCore):
762         (WebCore::InputType::findClosestTickMarkValue): Overridden by RangeInputType.
763         * html/InputType.h:
764         (InputType):
765         * html/RangeInputType.cpp:
766         (WebCore::RangeInputType::RangeInputType):
767         (WebCore):
768         (WebCore::RangeInputType::listAttributeTargetChanged): Mark m_tickMarkValues as dirty.
769         (WebCore::decimalCompare):
770         (WebCore::RangeInputType::updateTickMarkValues): Sets m_tickMarkValues to a list of sorted valid datalist values.
771         (WebCore::RangeInputType::findClosestTickMarkValue): Finds closest tick mark value to a given value.
772         * html/RangeInputType.h:
773         (RangeInputType):
774         * html/shadow/SliderThumbElement.cpp:
775         (WebCore):
776         (WebCore::SliderThumbElement::setPositionFromPoint): Snaps to the closest tick mark value if it is within a certain distance.
777
778 2012-08-02  Ryuan Choi  <ryuan.choi@samsung.com>
779
780         [EFL] Crash while loading plugin after r121467
781         https://bugs.webkit.org/show_bug.cgi?id=92943
782
783         Reviewed by Laszlo Gombos.
784
785         r121467 replaced POSIX dlopen to helpers in eina_module, but some codes
786         are not changed.
787
788         No new tests, behavior has not changed.
789
790         * plugins/efl/PluginPackageEfl.cpp:
791         (WebCore::PluginPackage::fetchInfo):
792         Changes dlsym to eina_module_symbol_get to follow changes of r121467.
793
794 2012-08-02  Adam Barth  <abarth@webkit.org>
795
796         V8 bindings code that tries to find its context should use BindingState functions rather than V8Proxy
797         https://bugs.webkit.org/show_bug.cgi?id=93038
798
799         Reviewed by Eric Seidel.
800
801         After this patch, most code in the V8 bindings that tries to determine
802         it's "context" goes through BindingState.h rather than V8Proxy. This
803         patch is a step towards unifying all these code paths.
804
805         * bindings/scripts/CodeGeneratorV8.pm:
806         (GenerateNamedConstructorCallback):
807         * bindings/v8/BindingState.cpp:
808         (WebCore::currentFrame):
809         (WebCore):
810         * bindings/v8/BindingState.h:
811         (WebCore):
812         * bindings/v8/ScriptController.cpp:
813         (WebCore::ScriptController::retrieveFrameForEnteredContext):
814         (WebCore::ScriptController::retrieveFrameForCurrentContext):
815         * bindings/v8/V8DOMWindowShell.cpp:
816         (WebCore::v8UncaughtExceptionHandler):
817         * bindings/v8/V8Proxy.cpp:
818         (WebCore::V8Proxy::reportUnsafeAccessTo):
819         * bindings/v8/V8Proxy.h:
820         (V8Proxy):
821         * bindings/v8/V8Utilities.cpp:
822         (WebCore::getScriptExecutionContext):
823         * bindings/v8/custom/V8AudioContextCustom.cpp:
824         (WebCore::V8AudioContext::constructorCallback):
825         * bindings/v8/custom/V8DOMWindowCustom.cpp:
826         (WebCore::handlePostMessageCallback):
827         * bindings/v8/custom/V8HTMLDocumentCustom.cpp:
828         (WebCore::V8HTMLDocument::writeCallback):
829         (WebCore::V8HTMLDocument::writelnCallback):
830         (WebCore::V8HTMLDocument::openCallback):
831         * bindings/v8/custom/V8HTMLImageElementConstructor.cpp:
832         (WebCore::v8HTMLImageElementConstructorCallback):
833
834 2012-08-02  Sheriff Bot  <webkit.review.bot@gmail.com>
835
836         Unreviewed, rolling out r124540.
837         http://trac.webkit.org/changeset/124540
838         https://bugs.webkit.org/show_bug.cgi?id=93055
839
840         Broke compile on Chromium Win bot (Requested by dimich on
841         #webkit).
842
843         * Modules/indexeddb/IDBBackingStore.h:
844         (IDBBackingStore):
845         * Modules/indexeddb/IDBCallbacks.h:
846         (IDBCallbacks):
847         * Modules/indexeddb/IDBDatabaseBackendImpl.cpp:
848         (WebCore::IDBDatabaseBackendImpl::PendingOpenCall::PendingOpenCall):
849         (WebCore::IDBDatabaseBackendImpl::IDBDatabaseBackendImpl):
850         (WebCore::IDBDatabaseBackendImpl::openInternal):
851         (WebCore::IDBDatabaseBackendImpl::metadata):
852         (WebCore::IDBDatabaseBackendImpl::setVersion):
853         (WebCore::IDBDatabaseBackendImpl::transactionFinished):
854         (WebCore::IDBDatabaseBackendImpl::processPendingCalls):
855         (WebCore::IDBDatabaseBackendImpl::registerFrontendCallbacks):
856         (WebCore::IDBDatabaseBackendImpl::deleteDatabase):
857         (WebCore::IDBDatabaseBackendImpl::close):
858         * Modules/indexeddb/IDBDatabaseBackendImpl.h:
859         (IDBDatabaseBackendImpl):
860         * Modules/indexeddb/IDBDatabaseCallbacks.h:
861         (IDBDatabaseCallbacks):
862         * Modules/indexeddb/IDBFactoryBackendImpl.cpp:
863         (WebCore::IDBFactoryBackendImpl::open):
864         * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
865         (WebCore::IDBLevelDBBackingStore::getIDBDatabaseMetaData):
866         (WebCore::IDBLevelDBBackingStore::createIDBDatabaseMetaData):
867         (WebCore::IDBLevelDBBackingStore::deleteDatabase):
868         * Modules/indexeddb/IDBLevelDBBackingStore.h:
869         (IDBLevelDBBackingStore):
870         * Modules/indexeddb/IDBTransactionBackendImpl.cpp:
871         (WebCore::IDBTransactionBackendImpl::commit):
872
873 2012-08-02  Arvid Nilsson  <anilsson@rim.com>
874
875         [BlackBerry] Upstream GraphicsLayerClient::contentsVisible()
876         https://bugs.webkit.org/show_bug.cgi?id=93040
877
878         Reviewed by George Staikos.
879
880         Our LayerTiler uses both proactive and reactive rendering to populate
881         tiles. If contentsVisible() is accurate, it will cause the right tiles
882         to be rendered. Failing that, when a dirty tile is found to be visible
883         on the compositing thread, a render job is scheduled.
884
885         This is not currently testable using BlackBerry testing infrastructure.
886
887         * platform/graphics/GraphicsLayerClient.h:
888         (GraphicsLayerClient): New BlackBerry-specific method "contentsVisible" added.
889         * rendering/RenderLayerBacking.cpp:
890         (WebCore):
891         (WebCore::RenderLayerBacking::contentsVisible): BlackBerry-specific implementation.
892
893 2012-08-02  Alexandre Elias  <aelias@google.com>
894
895         [chromium] deviceViewportSize cleanup
896         https://bugs.webkit.org/show_bug.cgi?id=92794
897
898         Reviewed by Adrienne Walker.
899
900         In the future, CSS layout size will become increasingly disassociated
901         from physical device size, and it will become impossible to infer one
902         from the other inside the compositor.  Therefore, this patch allows
903         deviceViewportSize to be explicitly passed in by the outside client.
904
905         I also renamed the existing viewportSize field to "layoutViewportSize"
906         for clarity, and converted its uses to deviceViewportSize since
907         that is more appropriate.
908
909         I had to add some default-value scaffolding to WebLayerTreeView in
910         order to avoid breaking ui/compositor.  We can delete it once that's
911         updated.
912
913         No new tests (covered by existing tests).
914
915         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
916         (WebCore::CCLayerTreeHost::finishCommitOnImplThread):
917         (WebCore::CCLayerTreeHost::setViewportSize):
918         (WebCore::CCLayerTreeHost::updateLayers):
919         (WebCore::CCLayerTreeHost::setDeviceScaleFactor):
920         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
921         (CCLayerTreeHost):
922         (WebCore::CCLayerTreeHost::layoutViewportSize):
923         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
924         (WebCore::CCLayerTreeHostImpl::canDraw):
925         (WebCore::CCLayerTreeHostImpl::startPageScaleAnimation):
926         (WebCore::CCLayerTreeHostImpl::setViewportSize):
927         (WebCore::CCLayerTreeHostImpl::setDeviceScaleFactor):
928         (WebCore::CCLayerTreeHostImpl::updateMaxScrollPosition):
929         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
930         (CCLayerTreeHostImpl):
931         (WebCore::CCLayerTreeHostImpl::layoutViewportSize):
932
933 2012-08-02  Adam Barth  <abarth@webkit.org>
934
935         V8Proxy::currentContext() doesn't do anything and should be removed
936         https://bugs.webkit.org/show_bug.cgi?id=93041
937
938         Reviewed by Eric Seidel.
939
940         It's just a wrapper for GetCurrent().
941
942         * bindings/v8/DateExtension.cpp:
943         (WebCore::DateExtension::setAllowSleep):
944         * bindings/v8/V8NPUtils.cpp:
945         (WebCore::convertV8ObjectToNPVariant):
946         * bindings/v8/V8Proxy.cpp:
947         (WebCore::V8Proxy::retrieve):
948         (WebCore::V8Proxy::mainWorldContext):
949         * bindings/v8/V8Proxy.h:
950         (V8Proxy):
951         * bindings/v8/custom/V8InjectedScriptHostCustom.cpp:
952         (WebCore::getJSListenerFunctions):
953
954 2012-08-02  David Grogan  <dgrogan@chromium.org>
955
956         IndexedDB: Core upgradeneeded logic
957         https://bugs.webkit.org/show_bug.cgi?id=92558
958
959         Reviewed by Ojan Vafai.
960
961         This is the backend webkit logic needed for integer versions. The rest
962         is in https://bugs.webkit.org/show_bug.cgi?id=89505.
963
964         I tried to make use of the existing processPendingCalls and added two
965         more queues, pendingOpenWithVersionCalls and
966         pendingSecondHalfOpenWithVersionCalls. The "second half" refers to
967         how there are two events that need to be fired in response to an
968         open-with-version call. The "second half" queue holds the open
969         requests that should immediately follow the caller's upgradeneeded
970         handler.
971
972         No new tests, there are so many they are in their own patch:
973         https://bugs.webkit.org/show_bug.cgi?id=92560
974
975         Though this patch doesn't change any expected behavior anyway, lack of
976         regressions is what we're hoping for here.
977
978         * Modules/indexeddb/IDBBackingStore.h:
979         (IDBBackingStore):
980         * Modules/indexeddb/IDBCallbacks.h:
981         (WebCore::IDBCallbacks::onBlocked):
982         (WebCore::IDBCallbacks::onUpgradeNeeded):
983         * Modules/indexeddb/IDBDatabaseBackendImpl.cpp:
984         (IDBDatabaseBackendImpl::PendingOpenCall):
985         (IDBDatabaseBackendImpl::PendingOpenWithVersionCall):
986         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::create):
987         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::callbacks):
988         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::version):
989         (WebCore::IDBDatabaseBackendImpl::PendingOpenWithVersionCall::PendingOpenWithVersionCall):
990         (WebCore):
991         (WebCore::IDBDatabaseBackendImpl::IDBDatabaseBackendImpl):
992         (WebCore::IDBDatabaseBackendImpl::openInternal):
993         (WebCore::IDBDatabaseBackendImpl::metadata):
994         (WebCore::IDBDatabaseBackendImpl::setVersion):
995         (WebCore::IDBDatabaseBackendImpl::setIntVersionInternal):
996         (WebCore::IDBDatabaseBackendImpl::transactionFinished):
997         (WebCore::IDBDatabaseBackendImpl::transactionFinishedAndEventsFired):
998         When an upgradeneeded event is fired in response to an
999         open-with-version call, the version change transaction must receive its
1000         complete event before processPendingCalls fires a success event at
1001         IDBOpenDBRequest. In the future this should probably be changed
1002         instead to transactionFinishedAndAbortFired and
1003         transactionFinishedAndCompleteFired so that we'll know to fire a
1004         success or error event at IDBOpenDBRequest. Currently, instead of
1005         firing error when there's an abort, we don't fire anything.
1006
1007         (WebCore::IDBDatabaseBackendImpl::processPendingCalls):
1008         Now that this is called after a connection is opened, we unfortunately
1009         lose the invariant that there is only one existing connection when this
1010         is called, but nothing inside this function actually relied on that.
1011         Additionally, the secondHalfOpen calls only ever need to be serviced
1012         in one place: right after a version change transaction completes, so
1013         it could be moved out of here.
1014
1015         (WebCore::IDBDatabaseBackendImpl::registerFrontendCallbacks):
1016         Now that setVersion and deleteDatabase calls are queued up behind
1017         secondHalfOpen calls, we have to service those queues when
1018         secondHalfOpen calls complete, which is here.  So call
1019         processPendingCalls().
1020
1021         (WebCore::IDBDatabaseBackendImpl::runIntVersionChangeTransaction):
1022         (WebCore::IDBDatabaseBackendImpl::openConnectionWithVersion):
1023         (WebCore::IDBDatabaseBackendImpl::deleteDatabase):
1024         (WebCore::IDBDatabaseBackendImpl::close):
1025         * Modules/indexeddb/IDBDatabaseBackendImpl.h:
1026         (IDBDatabaseBackendImpl):
1027         * Modules/indexeddb/IDBDatabaseCallbacks.h:
1028         (WebCore::IDBDatabaseCallbacks::onVersionChange):
1029         * Modules/indexeddb/IDBFactoryBackendImpl.cpp:
1030         (WebCore::IDBFactoryBackendImpl::open):
1031         This is refactored some so that the call to openConection{WithVersion}
1032         happens once, at the end.
1033
1034         * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
1035         (WebCore::IDBLevelDBBackingStore::getIDBDatabaseMetaData):
1036         (WebCore::IDBLevelDBBackingStore::createIDBDatabaseMetaData):
1037         (WebCore::IDBLevelDBBackingStore::updateIDBDatabaseIntVersion):
1038         (WebCore):
1039         (WebCore::IDBLevelDBBackingStore::deleteDatabase):
1040         * Modules/indexeddb/IDBLevelDBBackingStore.h:
1041         (IDBLevelDBBackingStore):
1042         * Modules/indexeddb/IDBTransactionBackendImpl.cpp:
1043         (WebCore::IDBTransactionBackendImpl::commit):
1044         See above comments about transactionFinishedAndEventsFired. I tried
1045         moving the call to transactionFinished after the events were fired but
1046         that failed some asserts. But changing those asserts is still an
1047         alternative to splitting up transactionFinished as is done here.
1048
1049 2012-08-02  Rob Buis  <rwlbuis@webkit.org>
1050
1051         SVG text selection doesn't work with hyperlinked text
1052         https://bugs.webkit.org/show_bug.cgi?id=29166
1053
1054         Reviewed by Eric Seidel.
1055
1056         Cleanup SVGAElement. There is no need to test for middle mouse button here, this
1057         is handled elsewhere, so remove isMiddleMouseButtonEvent. Similarly handleLinkClick
1058         is not used anymore by HTMLAnchorElement, remove it. Finally, _self indeed is not needed.
1059
1060         No new tests, since no change in behaviour.
1061
1062         * WebCore.order:
1063         * html/HTMLAnchorElement.cpp:
1064         * html/HTMLAnchorElement.h:
1065         (WebCore):
1066         * svg/SVGAElement.cpp:
1067         (WebCore::SVGAElement::defaultEventHandler):
1068
1069 2012-08-02  Kwang Yul Seo  <skyul@company100.net>
1070
1071         Move causesFosterParenting() to HTMLStackItem
1072         https://bugs.webkit.org/show_bug.cgi?id=93048
1073
1074         Reviewed by Adam Barth.
1075
1076         Changed to share causesFosterParenting() between HTMLTreeBuilder and HTMLConstructionSite
1077         by moving this function to HTMLStackItem.
1078
1079         No functional change, so no new tests.
1080
1081         * html/parser/HTMLConstructionSite.cpp:
1082         (WebCore::HTMLConstructionSite::shouldFosterParent):
1083         * html/parser/HTMLStackItem.h:
1084         (WebCore::HTMLStackItem::causesFosterParenting):
1085         (HTMLStackItem):
1086         * html/parser/HTMLTreeBuilder.cpp:
1087         (WebCore::HTMLTreeBuilder::callTheAdoptionAgency):
1088
1089 2012-08-02  Kwang Yul Seo  <skyul@company100.net>
1090
1091         Read tag names and attributes from the saved tokens in HTMLTreeBuilder::callTheAdoptionAgency(AtomicHTMLToken*)
1092         https://bugs.webkit.org/show_bug.cgi?id=93047
1093
1094         Reviewed by Adam Barth.
1095
1096         This is a follow-up patch for r123577.
1097         Changed to retrieve the stack item of commonAncestor and read the local name from the saved token.
1098
1099         No new tests, covered by existing tests.
1100
1101         * html/parser/HTMLTreeBuilder.cpp:
1102         (WebCore::HTMLTreeBuilder::callTheAdoptionAgency):
1103
1104 2012-08-02  Vincent Scheib  <scheib@chromium.org>
1105
1106         Remove old Pointer Lock API.
1107         https://bugs.webkit.org/show_bug.cgi?id=88892
1108
1109         Reviewed by Adam Barth.
1110
1111         Removing the old Pointer Lock API as one of the final cleanup
1112         changes for the Update to Fullscreen style locking Spec meta
1113         bug https://bugs.webkit.org/show_bug.cgi?id=84402.
1114
1115         This change primarily removes idl, access in navigator,
1116         one event, and supporting infrastructure in page/PointerLock.
1117
1118         In PointerLockController changes were already noted clearly with
1119         TODOs differentiating old and new api sections.
1120
1121         Test: pointer-lock/pointerlockchange-event-on-lock-lost.html
1122
1123         * WebCore.gypi:
1124         * dom/Element.cpp:
1125         (WebCore::Element::webkitRequestPointerLock):
1126         * dom/EventNames.h:
1127         (WebCore):
1128         * page/Navigator.cpp:
1129         * page/Navigator.h:
1130         (WebCore):
1131         (Navigator):
1132         * page/Navigator.idl:
1133         * page/PointerLock.cpp: Removed.
1134         * page/PointerLock.h: Removed.
1135         * page/PointerLock.idl: Removed.
1136         * page/PointerLockController.cpp:
1137         (WebCore::PointerLockController::requestPointerLock):
1138         (WebCore::PointerLockController::didAcquirePointerLock):
1139         (WebCore::PointerLockController::didNotAcquirePointerLock):
1140         (WebCore::PointerLockController::didLosePointerLock):
1141         * page/PointerLockController.h:
1142         (PointerLockController):
1143
1144 2012-08-02  Ryosuke Niwa  <rniwa@webkit.org>
1145
1146         scripts in formaction should be stripped upon paste
1147         https://bugs.webkit.org/show_bug.cgi?id=92298
1148
1149         Reviewed by Eric Seidel.
1150
1151         Strip formaction attribute values when the URL is of javascript protocol.
1152
1153         Test: editing/pasteboard/paste-noscript-xhtml.html
1154               editing/pasteboard/paste-noscript.html
1155
1156         * dom/Element.cpp:
1157         (WebCore::isAttributeToRemove): Explicitly compare with href and nohref instead of comparing
1158         the ends of strings since comparing two AtomicString is much faster.
1159
1160 2012-08-02  Elliott Sprehn  <esprehn@gmail.com>
1161
1162         Built in quotes don't use lang attribute
1163         https://bugs.webkit.org/show_bug.cgi?id=92918
1164
1165         Reviewed by Alexey Proskuryakov.
1166
1167         Previously even though there was a table in RenderQuote of languages mapped
1168         to quotes we always used basic quotes. This patch removes the broken tree
1169         walking and uses Element::computeInheritedLanguage fixing this.
1170
1171         Tests: fast/css-generated-content/quotes-lang-expected.html
1172                fast/css-generated-content/quotes-lang.html
1173                fast/css-generated-content/quotes-xml-lang-expected.html
1174                fast/css-generated-content/quotes-xml-lang.html
1175
1176         * rendering/RenderQuote.cpp:
1177         (WebCore::RenderQuote::originalText):
1178         (WebCore::RenderQuote::quotesData): New method that determines the right QuotesData to use.
1179         (WebCore):
1180         * rendering/RenderQuote.h:
1181         (RenderQuote):
1182
1183 2012-08-02  Adam Barth  <abarth@webkit.org>
1184
1185         Add back a header I mistakenly removed in my previous commit.
1186
1187         * WebCore.xcodeproj/project.pbxproj:
1188
1189 2012-08-02  Adrienne Walker  <enne@google.com>
1190
1191         [chromium] Remove dependency on Scrollbar.h from ScrollbarLayerChromium
1192         https://bugs.webkit.org/show_bug.cgi?id=93024
1193
1194         Reviewed by James Robinson.
1195
1196         Change part enum from the Scrollbar version to WebScrollbar's.
1197
1198         Tested by composited layout tests.
1199
1200         * platform/graphics/chromium/ScrollbarLayerChromium.cpp:
1201         (WebCore::ScrollbarBackgroundPainter::create):
1202         (WebCore::ScrollbarBackgroundPainter::ScrollbarBackgroundPainter):
1203         (ScrollbarBackgroundPainter):
1204         (WebCore::ScrollbarLayerChromium::createTextureUpdaterIfNeeded):
1205
1206 2012-08-02  Adam Barth  <abarth@webkit.org>
1207
1208         BindingSecurityBase serves no purpose and should be removed
1209         https://bugs.webkit.org/show_bug.cgi?id=93025
1210
1211         Reviewed by Eric Seidel.
1212
1213         Now that we don't use templates in the generic bindings, we can merge
1214         BindingSecurity and BindingSecurityBase. This patch also removes some
1215         functions that are no longer used (and reduces the number of
1216         #includes).
1217
1218         No behavior change.
1219
1220         * GNUmakefile.list.am:
1221         * WebCore.gypi:
1222         * bindings/generic/BindingSecurity.h:
1223         (WebCore):
1224         (BindingSecurity):
1225         * bindings/generic/BindingSecurityBase.cpp: Removed.
1226         * bindings/generic/BindingSecurityBase.h: Removed.
1227         * bindings/v8/V8Binding.h:
1228         * bindings/v8/V8Utilities.cpp:
1229         * bindings/v8/custom/V8MutationObserverCustom.cpp:
1230
1231 2012-08-02  Ryosuke Niwa  <rniwa@webkit.org>
1232
1233         Let XCode have its own away and also sort the files.
1234
1235         * WebCore.xcodeproj/project.pbxproj:
1236
1237 2012-08-02  Tien-Ren Chen  <trchen@chromium.org>
1238
1239         [chromium] Add CCScrollbarAnimationController class for compositor scrollbar animation
1240         https://bugs.webkit.org/show_bug.cgi?id=91688
1241
1242         Reviewed by Adrienne Walker.
1243
1244         Add CCScrollbarAnimationController that serves as the middle man
1245         between the scrolling layer and scrollbar layer. Now all scroll offset
1246         information are pushed through the controller, and individual platform
1247         can provide specialized controller for extra processing.
1248
1249         A basic fadeout controller for Android scrollbar is included.
1250
1251         New test: ScrollbarLayerChromiumTest.scrollOffsetSynchronization
1252                   CCScrollbarAnimationControllerLinearFade.*
1253
1254         * WebCore.gypi:
1255         * page/FrameView.cpp:
1256         (WebCore::FrameView::calculateScrollbarModesForLayout):
1257         * page/scrolling/chromium/ScrollingCoordinatorChromium.cpp:
1258         (WebCore::createScrollbarLayer):
1259         * platform/graphics/chromium/TreeSynchronizer.cpp:
1260         (WebCore::TreeSynchronizer::synchronizeTreeRecursive):
1261         (WebCore::TreeSynchronizer::updateScrollbarLayerPointersRecursive):
1262         * platform/graphics/chromium/cc/CCLayerImpl.cpp:
1263         (WebCore::CCLayerImpl::scrollBy):
1264         (WebCore::CCLayerImpl::setMaxScrollPosition):
1265         (WebCore):
1266         (WebCore::CCLayerImpl::horizontalScrollbarLayer):
1267         (WebCore::CCLayerImpl::setHorizontalScrollbarLayer):
1268         (WebCore::CCLayerImpl::verticalScrollbarLayer):
1269         (WebCore::CCLayerImpl::setVerticalScrollbarLayer):
1270         * platform/graphics/chromium/cc/CCLayerImpl.h:
1271         (WebCore):
1272         (CCLayerImpl):
1273         (WebCore::CCLayerImpl::scrollbarAnimationController):
1274         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
1275         (WebCore::CCLayerTreeHostImpl::animate):
1276         (WebCore::CCLayerTreeHostImpl::pinchGestureBegin):
1277         (WebCore::CCLayerTreeHostImpl::pinchGestureUpdate):
1278         (WebCore::CCLayerTreeHostImpl::pinchGestureEnd):
1279         (WebCore::CCLayerTreeHostImpl::animateScrollbars):
1280         (WebCore):
1281         (WebCore::CCLayerTreeHostImpl::animateScrollbarsRecursive):
1282         * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
1283         (CCLayerTreeHostImpl):
1284         * platform/graphics/chromium/cc/CCScrollbarAnimationController.cpp: Added.
1285         (WebCore):
1286         (WebCore::CCScrollbarAnimationController::create):
1287         (WebCore::CCScrollbarAnimationController::CCScrollbarAnimationController):
1288         (WebCore::CCScrollbarAnimationController::~CCScrollbarAnimationController):
1289         (WebCore::CCScrollbarAnimationController::getScrollLayerBounds):
1290         (WebCore::CCScrollbarAnimationController::updateScrollOffset):
1291         * platform/graphics/chromium/cc/CCScrollbarAnimationController.h: Added.
1292         (WebCore):
1293         (CCScrollbarAnimationController):
1294         (WebCore::CCScrollbarAnimationController::animate):
1295         (WebCore::CCScrollbarAnimationController::didPinchGestureBegin):
1296         (WebCore::CCScrollbarAnimationController::didPinchGestureUpdate):
1297         (WebCore::CCScrollbarAnimationController::didPinchGestureEnd):
1298         (WebCore::CCScrollbarAnimationController::setHorizontalScrollbarLayer):
1299         (WebCore::CCScrollbarAnimationController::horizontalScrollbarLayer):
1300         (WebCore::CCScrollbarAnimationController::setVerticalScrollbarLayer):
1301         (WebCore::CCScrollbarAnimationController::verticalScrollbarLayer):
1302         * platform/graphics/chromium/cc/CCScrollbarAnimationControllerAndroid.cpp: Added.
1303         (WebCore):
1304         (WebCore::CCScrollbarAnimationController::create):
1305         (WebCore::CCScrollbarAnimationControllerAndroid::CCScrollbarAnimationControllerAndroid):
1306         (WebCore::CCScrollbarAnimationControllerAndroid::~CCScrollbarAnimationControllerAndroid):
1307         (WebCore::CCScrollbarAnimationControllerAndroid::animate):
1308         (WebCore::CCScrollbarAnimationControllerAndroid::didPinchGestureUpdate):
1309         (WebCore::CCScrollbarAnimationControllerAndroid::didPinchGestureEnd):
1310         (WebCore::CCScrollbarAnimationControllerAndroid::updateScrollOffset):
1311         (WebCore::CCScrollbarAnimationControllerAndroid::opacityAtTime):
1312         * platform/graphics/chromium/cc/CCScrollbarAnimationControllerAndroid.h: Added.
1313         (WebCore):
1314         (CCScrollbarAnimationControllerAndroid):
1315         * platform/graphics/chromium/cc/CCScrollbarLayerImpl.cpp:
1316         (WebCore::CCScrollbarLayerImpl::CCScrollbarLayerImpl):
1317         (WebCore):
1318         (WebCore::CCScrollbarLayerImpl::CCScrollbar::value):
1319         (WebCore::CCScrollbarLayerImpl::CCScrollbar::currentPos):
1320         (WebCore::CCScrollbarLayerImpl::CCScrollbar::totalSize):
1321         (WebCore::CCScrollbarLayerImpl::CCScrollbar::maximum):
1322         * platform/graphics/chromium/cc/CCScrollbarLayerImpl.h:
1323         (WebCore::CCScrollbarLayerImpl::orientation):
1324         (WebCore::CCScrollbarLayerImpl::setCurrentPos):
1325         (WebCore::CCScrollbarLayerImpl::setTotalSize):
1326         (WebCore::CCScrollbarLayerImpl::setMaximum):
1327         (CCScrollbarLayerImpl):
1328
1329 2012-06-15  David Barton  <dbarton@mathscribe.com>
1330
1331         MathML: nested square root symbols have varying descenders
1332         https://bugs.webkit.org/show_bug.cgi?id=43819
1333
1334         Reviewed by Eric Seidel.
1335
1336         This bug stems from the use of offsetHeight() on a renderer that's possibly a
1337         RenderInline, in getBoxModelObjectHeight() in RenderMathMLBlock.h.
1338         RenderInline::offsetHeight() actually returns linesBoundingBox().height(), which can be
1339         overly large, especially for the big STIX fonts that include a few mathematical symbols
1340         with unusually tall ascenders or descenders. A better solution for MathML in general is
1341         the CSS properties { -webkit-line-box-contain: glyphs replaced; line-height: 0; }. This
1342         gives tight glyph-based formatting in radical expressions, subscripts, superscripts,
1343         underscripts, overscripts, numerators, denominators, etc. To make this work, inline
1344         elements such as <mn> and <mi> must be wrapped inside implicit <mrow>s or just
1345         RenderMathMLBlocks, when a tight height is desired. We also replace
1346         getBoxModelObjectWidth(), which uses offsetWidth(), with contentLogicalWidth(). Finally,
1347         we enable the STIXGeneral font for use inside layout tests.
1348
1349         Tested by existing LayoutTests/mathml/presentation/ files including roots.xhtml.
1350
1351         * css/mathml.css:
1352         (math):
1353         (mtext):
1354         (mroot > * + *):
1355         (mtd):
1356         * rendering/mathml/RenderMathMLBlock.cpp:
1357         (WebCore::RenderMathMLBlock::preferredLogicalHeightAfterSizing):
1358         (WebCore::RenderMathMLBlock::baselinePosition):
1359         * rendering/mathml/RenderMathMLBlock.h:
1360         * rendering/mathml/RenderMathMLFraction.cpp:
1361         (WebCore::RenderMathMLFraction::baselinePosition):
1362         * rendering/mathml/RenderMathMLOperator.cpp:
1363         (WebCore::RenderMathMLOperator::createStackableStyle):
1364         (WebCore::RenderMathMLOperator::baselinePosition):
1365         * rendering/mathml/RenderMathMLRoot.cpp:
1366         (WebCore::RenderMathMLRoot::addChild):
1367         (WebCore::RenderMathMLRoot::computePreferredLogicalWidths):
1368         (WebCore::RenderMathMLRoot::paint):
1369         * rendering/mathml/RenderMathMLRoot.h:
1370         * rendering/mathml/RenderMathMLSquareRoot.cpp:
1371         * rendering/mathml/RenderMathMLSquareRoot.h:
1372         * rendering/mathml/RenderMathMLSubSup.cpp:
1373         (WebCore::RenderMathMLSubSup::layout):
1374         * rendering/mathml/RenderMathMLUnderOver.cpp:
1375         (WebCore::RenderMathMLUnderOver::baselinePosition):
1376         * rendering/mathml/RenderMathMLUnderOver.h:
1377
1378 2012-08-02  Adrienne Walker  <enne@google.com>
1379
1380         [chromium] Make CCScrollbarLayerImpl handle lost contexts properly
1381         https://bugs.webkit.org/show_bug.cgi?id=93021
1382
1383         Reviewed by James Robinson.
1384
1385         The resource ids that CCScrollbarLayerImpl holds onto need to be
1386         discarded during a lost context as the resource provider they came
1387         from is also destroyed.
1388
1389         Make a scrollbarGeometry function that wraps all uses of the
1390         m_geometry member to make it possible to test CCScrollbarLayerImpl
1391         without depending on WebCore.
1392
1393         Test: CCLayerTreeHostImplTest.dontUseOldResourcesAfterLostContext
1394
1395         * platform/graphics/chromium/cc/CCScrollbarLayerImpl.cpp:
1396         (WebCore::CCScrollbarLayerImpl::scrollbarGeometry):
1397         (WebCore):
1398         (WebCore::CCScrollbarLayerImpl::appendQuads):
1399         (WebCore::CCScrollbarLayerImpl::didLoseContext):
1400         * platform/graphics/chromium/cc/CCScrollbarLayerImpl.h:
1401         (CCScrollbarLayerImpl):
1402
1403 2012-08-02  Oliver Hunt  <oliver@apple.com>
1404
1405         A few objects aren't being safely protected from GC in all cases
1406         https://bugs.webkit.org/show_bug.cgi?id=93031
1407
1408         Reviewed by Filip Pizlo.
1409
1410         I haven't seen evidence that anyone is hitting bugs due to this, but any
1411         GC error can lead to later -- hard to diagnose -- bugs if they result in
1412         resurrecting dead objects.
1413
1414         * bindings/js/JSCustomXPathNSResolver.cpp:
1415         (WebCore::JSCustomXPathNSResolver::create):
1416         (WebCore::JSCustomXPathNSResolver::JSCustomXPathNSResolver):
1417         (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI):
1418         * bindings/js/JSCustomXPathNSResolver.h:
1419         (JSCustomXPathNSResolver):
1420         * bindings/js/JSDictionary.cpp:
1421         (WebCore::JSDictionary::tryGetProperty):
1422         * bindings/js/JSDictionary.h:
1423         (WebCore::JSDictionary::JSDictionary):
1424         (WebCore::JSDictionary::initializerObject):
1425
1426 2012-08-02  Emil A Eklund  <eae@chromium.org>
1427
1428         Range::isPointInRange incorrectly throws WRONG_DOCUMENT_ERR
1429         https://bugs.webkit.org/show_bug.cgi?id=93009
1430
1431         Reviewed by Ojan Vafai.
1432
1433         The latest working draft of the DOM4 spec has all but killed the
1434         WRONG_DOCUMENT_ERR exception. Update isPointInRange to return false
1435         instead of throwing an exception when the range and point are in
1436         different documents. This matches the Mozilla behavior.
1437
1438         Test: fast/html/range-point-in-range-for-different-documents.html
1439
1440         * dom/Range.cpp:
1441         (WebCore::Range::isPointInRange):
1442         Return false instead of throwing WRONG_DOCUMENT_ERR when the point is in
1443         a different document.
1444
1445 2012-08-02  Erik Arvidsson  <arv@chromium.org>
1446
1447         DOM4: className should be defined on Element and not on HTMLElement
1448         https://bugs.webkit.org/show_bug.cgi?id=93014
1449
1450         Reviewed by Adam Barth.
1451
1452         DOM4 specs that Element should have the className WebIDL attribute. This moves the
1453         attribute to the correct IDL file.
1454
1455         Test: fast/dom/Element/class-name.html
1456
1457         * dom/Element.idl:
1458         * html/HTMLElement.idl:
1459
1460 2012-08-02  Erik Arvidsson  <arv@chromium.org>
1461
1462         [V8] Handle case where Error.prototype returns an empty object
1463         https://bugs.webkit.org/show_bug.cgi?id=91792
1464
1465         Reviewed by Kentaro Hara.
1466
1467         In some edge cases we get an empty object back from Error.prototype.
1468
1469         No new tests. I cannot reproduce this.
1470
1471         * bindings/v8/V8BindingPerContextData.cpp:
1472         (WebCore::V8BindingPerContextData::constructorForTypeSlowCase):
1473
1474 2012-08-02  Eric Seidel  <eric@webkit.org>
1475
1476         Add back ASSERT(!needsLayout) to RenderTableSection which is now valid
1477         https://bugs.webkit.org/show_bug.cgi?id=92954
1478
1479         Unreviewed, follow-up per Mitz's request.
1480
1481         * rendering/RenderTableSection.cpp:
1482         (WebCore::RenderTableSection::paint):
1483
1484 2012-08-02  James Robinson  <jamesr@chromium.org>
1485
1486         [chromium] Remove unused includes from compositor code
1487         https://bugs.webkit.org/show_bug.cgi?id=92930
1488
1489         Reviewed by Adrienne Walker.
1490
1491         * platform/graphics/chromium/BitmapCanvasLayerTextureUpdater.cpp:
1492         * platform/graphics/chromium/ScrollbarLayerChromium.cpp:
1493         * platform/graphics/chromium/cc/CCScrollbarLayerImpl.h:
1494
1495 2012-08-02  Adam Barth  <abarth@webkit.org>
1496
1497         The generic bindings shouldn't use templates
1498         https://bugs.webkit.org/show_bug.cgi?id=93016
1499
1500         Reviewed by Eric Seidel.
1501
1502         We originally created the generic bindings to share code between the
1503         JavaScriptCore and V8 bindings. However, the code came out sort of ugly
1504         because we used templates (with the idea that templates would let us
1505         use more than one scripting engine).
1506
1507         This patch rips out the templates in an attempt to make the code
1508         prettier and therefore easier to use in both V8 and JSC. I've tried to
1509         keep this patch small by remaning things mostly in place. In the next
1510         patch, I'll move a bunch of code out of headers and into cpp files.
1511
1512         No behavior change.
1513
1514         * GNUmakefile.am:
1515         * UseV8.cmake:
1516         * WebCore.gyp/WebCore.gyp:
1517         * WebCore.gypi:
1518         * WebCore.pri:
1519         * bindings/generic/BindingSecurity.h:
1520         (WebCore):
1521         (BindingSecurity):
1522         (WebCore::BindingSecurity::canAccessWindow):
1523         (WebCore::BindingSecurity::canAccessFrame):
1524         (WebCore::BindingSecurity::shouldAllowAccessToNode):
1525         (WebCore::BindingSecurity::allowPopUp):
1526         (WebCore::BindingSecurity::allowSettingFrameSrcToJavascriptUrl):
1527         (WebCore::BindingSecurity::allowSettingSrcToJavascriptURL):
1528         * bindings/generic/GenericBinding.h:
1529         (WebCore::completeURL):
1530         * bindings/scripts/CodeGeneratorV8.pm:
1531         (GenerateDomainSafeFunctionGetter):
1532         (GenerateNormalAttrGetter):
1533         (GenerateReplaceableAttrSetter):
1534         (GenerateFunctionCallback):
1535         (GenerateImplementation):
1536         * bindings/scripts/test/V8/V8Float64Array.cpp:
1537         * bindings/scripts/test/V8/V8TestActiveDOMObject.cpp:
1538         (WebCore::TestActiveDOMObjectV8Internal::excitingFunctionCallback):
1539         (WebCore::TestActiveDOMObjectV8Internal::postMessageAttrGetter):
1540         * bindings/scripts/test/V8/V8TestCustomNamedGetter.cpp:
1541         * bindings/scripts/test/V8/V8TestEventConstructor.cpp:
1542         * bindings/scripts/test/V8/V8TestEventTarget.cpp:
1543         * bindings/scripts/test/V8/V8TestException.cpp:
1544         * bindings/scripts/test/V8/V8TestInterface.cpp:
1545         * bindings/scripts/test/V8/V8TestMediaQueryListListener.cpp:
1546         * bindings/scripts/test/V8/V8TestNamedConstructor.cpp:
1547         * bindings/scripts/test/V8/V8TestNode.cpp:
1548         * bindings/scripts/test/V8/V8TestObj.cpp:
1549         (WebCore::TestObjV8Internal::contentDocumentAttrGetter):
1550         (WebCore::TestObjV8Internal::getSVGDocumentCallback):
1551         * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.cpp:
1552         * bindings/v8/BindingState.cpp: Renamed from Source/WebCore/bindings/v8/specialization/V8BindingState.cpp.
1553         (WebCore):
1554         (WebCore::BindingState::instance):
1555         (WebCore::activeWindow):
1556         (WebCore::firstWindow):
1557         (WebCore::activeFrame):
1558         (WebCore::firstFrame):
1559         (WebCore::immediatelyReportUnsafeAccessTo):
1560         * bindings/v8/BindingState.h: Renamed from Source/WebCore/bindings/v8/specialization/V8BindingState.h.
1561         (WebCore):
1562         (BindingState):
1563         * bindings/v8/ScriptController.cpp:
1564         (WebCore::ScriptController::canAccessFromCurrentOrigin):
1565         * bindings/v8/V8Binding.h:
1566         (WebCore):
1567         * bindings/v8/V8DOMWindowShell.cpp:
1568         * bindings/v8/V8Proxy.cpp:
1569         * bindings/v8/V8Utilities.cpp:
1570         (WebCore::callingOrEnteredFrame):
1571         (WebCore::completeURL):
1572         * bindings/v8/custom/V8DOMWindowCustom.cpp:
1573         (WebCore::WindowSetTimeoutImpl):
1574         (WebCore::V8DOMWindow::eventAccessorGetter):
1575         (WebCore::V8DOMWindow::eventAccessorSetter):
1576         (WebCore::V8DOMWindow::locationAccessorSetter):
1577         (WebCore::V8DOMWindow::openerAccessorSetter):
1578         (WebCore::V8DOMWindow::addEventListenerCallback):
1579         (WebCore::V8DOMWindow::removeEventListenerCallback):
1580         (WebCore::V8DOMWindow::showModalDialogCallback):
1581         (WebCore::V8DOMWindow::openCallback):
1582         (WebCore::V8DOMWindow::namedSecurityCheck):
1583         (WebCore::V8DOMWindow::indexedSecurityCheck):
1584         * bindings/v8/custom/V8DocumentLocationCustom.cpp:
1585         (WebCore::V8Document::locationAccessorSetter):
1586         * bindings/v8/custom/V8EntryCustom.cpp:
1587         * bindings/v8/custom/V8EntrySyncCustom.cpp:
1588         * bindings/v8/custom/V8HTMLFrameElementCustom.cpp:
1589         (WebCore::V8HTMLFrameElement::locationAccessorSetter):
1590         * bindings/v8/custom/V8HistoryCustom.cpp:
1591         (WebCore::V8History::indexedSecurityCheck):
1592         (WebCore::V8History::namedSecurityCheck):
1593         * bindings/v8/custom/V8InjectedScriptHostCustom.cpp:
1594         * bindings/v8/custom/V8InjectedScriptManager.cpp:
1595         (WebCore::InjectedScriptManager::canAccessInspectedWindow):
1596         * bindings/v8/custom/V8LocationCustom.cpp:
1597         (WebCore::V8Location::hashAccessorSetter):
1598         (WebCore::V8Location::hostAccessorSetter):
1599         (WebCore::V8Location::hostnameAccessorSetter):
1600         (WebCore::V8Location::hrefAccessorSetter):
1601         (WebCore::V8Location::pathnameAccessorSetter):
1602         (WebCore::V8Location::portAccessorSetter):
1603         (WebCore::V8Location::protocolAccessorSetter):
1604         (WebCore::V8Location::searchAccessorSetter):
1605         (WebCore::V8Location::reloadAccessorGetter):
1606         (WebCore::V8Location::replaceAccessorGetter):
1607         (WebCore::V8Location::assignAccessorGetter):
1608         (WebCore::V8Location::reloadCallback):
1609         (WebCore::V8Location::replaceCallback):
1610         (WebCore::V8Location::assignCallback):
1611         (WebCore::V8Location::toStringCallback):
1612         (WebCore::V8Location::indexedSecurityCheck):
1613         (WebCore::V8Location::namedSecurityCheck):
1614         * bindings/v8/custom/V8NamedNodeMapCustom.cpp:
1615         * bindings/v8/custom/V8NodeCustom.cpp:
1616
1617 2012-08-02  Abhishek Arya  <inferno@chromium.org>
1618
1619         No isChildAllowed checked when adding RenderFullScreen as the child..
1620         https://bugs.webkit.org/show_bug.cgi?id=92995
1621
1622         Reviewed by Eric Seidel.
1623
1624         Test: fullscreen/fullscreen-child-not-allowed-crash.html
1625
1626         * dom/Document.cpp:
1627         (WebCore::Document::webkitWillEnterFullScreenForElement): pass the object's parent
1628         pointer as an additional argument.
1629         * dom/NodeRenderingContext.cpp:
1630         (WebCore::NodeRendererFactory::createRendererIfNeeded): pass the to be parent |parentRenderer|
1631         as the argument. 
1632         * rendering/RenderFullScreen.cpp:
1633         (RenderFullScreen::wrapRenderer): make sure that parent allows RenderFullScreen as the child.
1634         * rendering/RenderFullScreen.h: 
1635         (RenderFullScreen): support the object's parent
1636         pointer as an additional argument.
1637
1638 2012-08-01  James Robinson  <jamesr@chromium.org>
1639
1640         [chromium] Wrap shared context getters in WebKit API and avoid WebCore::GraphicsContext3D use in compositor internals
1641         https://bugs.webkit.org/show_bug.cgi?id=92917
1642
1643         Reviewed by Adrienne Walker.
1644
1645         This uses Platform API wrappers to access the shared WebGraphicsContext3D / Ganesh contexts from the compositor
1646         to evaluate accelerated filters or do accelerated painting.
1647
1648         Filters changes covered by css3/filters/*-hw.html layout tests.
1649
1650         * WebCore.gypi:
1651         * platform/chromium/support/WebSharedGraphicsContext3D.cpp:
1652         (WebKit):
1653         (WebKit::WebSharedGraphicsContext3D::mainThreadContext):
1654         (WebKit::WebSharedGraphicsContext3D::mainThreadGrContext):
1655         (WebKit::WebSharedGraphicsContext3D::compositorThreadContext):
1656         (WebKit::WebSharedGraphicsContext3D::compositorThreadGrContext):
1657         (WebKit::WebSharedGraphicsContext3D::haveCompositorThreadContext):
1658         (WebKit::WebSharedGraphicsContext3D::createCompositorThreadContext):
1659         * platform/graphics/chromium/FrameBufferSkPictureCanvasLayerTextureUpdater.cpp:
1660         (WebCore::createAcceleratedCanvas):
1661         (WebCore::FrameBufferSkPictureCanvasLayerTextureUpdater::Texture::updateRect):
1662         (WebCore::FrameBufferSkPictureCanvasLayerTextureUpdater::updateTextureRect):
1663         * platform/graphics/chromium/FrameBufferSkPictureCanvasLayerTextureUpdater.h:
1664         (WebKit):
1665         (FrameBufferSkPictureCanvasLayerTextureUpdater):
1666         * platform/graphics/chromium/LayerRendererChromium.cpp:
1667         (WebCore::applyFilters):
1668         * platform/graphics/chromium/cc/CCRenderSurfaceFilters.cpp:
1669         (WebCore::CCRenderSurfaceFilters::apply):
1670         * platform/graphics/chromium/cc/CCRenderSurfaceFilters.h:
1671         (WebKit):
1672         (CCRenderSurfaceFilters):
1673
1674 2012-08-02  Beth Dakin  <bdakin@apple.com>
1675
1676         https://bugs.webkit.org/show_bug.cgi?id=93020
1677         REGRESSION (tiled scrolling): Full-screen video is broken if page is 
1678         scrolled
1679         -and corresponding-
1680         <rdar://problem/11629778>
1681
1682         Reviewed by Anders Carlsson.
1683
1684         The bug here is that ScrollingTreeNodeMac::setScrollLayerPosition() 
1685         uses the CALayer (PlatformLayer) directly to set the position. That 
1686         means that the GraphicsLayer that owns that PlatformLayer does not 
1687         have updated position information. That results in this bug when we 
1688         switch from fast scrolling to main thread scrolling, because at that 
1689         point, the GraphicsLayer needs to have the correct information. So 
1690         make sure to update the main thread scroll position and layer 
1691         position before transitioning to main thread scrolling.
1692         * page/scrolling/ScrollingCoordinator.cpp:
1693         (WebCore::ScrollingCoordinator::setShouldUpdateScrollLayerPositionOnMainThread):
1694
1695 2012-08-02  Addy Osmani  <addyo@chromium.org>
1696
1697         Web Inspector: Rename 'User agent' to 'Overrides' in settings screen
1698         https://bugs.webkit.org/show_bug.cgi?id=92990
1699
1700         Reviewed by Pavel Feldman.
1701
1702         Simple setting rename of User agent -> Overrides
1703
1704         * English.lproj/localizedStrings.js:
1705         * inspector/front-end/SettingsScreen.js:
1706
1707 2012-08-02  Philip Rogers  <pdr@google.com>
1708
1709         Do not dispatch modification events in SVG attribute synchronization
1710         https://bugs.webkit.org/show_bug.cgi?id=92604
1711
1712         Reviewed by Ryosuke Niwa.
1713
1714         Previously, calling hasAttribute() during layout could hit a
1715         layout-during-layout bug because calling hasAttribute() could dispatch a 
1716         subtree modification event which could synchronously force a layout. hasAttribute()
1717         exhibits this behavior because property synchronization is done lazily.
1718
1719         This patch skips dispatching subtree modification events during attribute
1720         synchronization.
1721
1722         Additionally, this patch contains a refactoring of lazy attribute setting. We
1723         now have a single place where lazy attributes are set (setSynchronizedLazyAttribute)
1724         and lazy attribute flags have been moved to just Element and ElementAttributeData.
1725
1726         Test: svg/custom/path-domsubtreemodified-crash.html
1727
1728         * dom/Element.cpp:
1729         (WebCore::Element::setAttribute):
1730         (WebCore::Element::setSynchronizedLazyAttribute):
1731         (WebCore):
1732         (WebCore::Element::setAttributeInternal):
1733         * dom/Element.h:
1734         (Element):
1735         * dom/ElementAttributeData.cpp:
1736         (WebCore::ElementAttributeData::addAttribute):
1737         (WebCore::ElementAttributeData::removeAttribute):
1738         * dom/ElementAttributeData.h:
1739         (ElementAttributeData):
1740         * dom/StyledElement.cpp:
1741         (WebCore::StyledElement::updateStyleAttribute):
1742         * svg/properties/SVGAnimatedPropertyMacros.h:
1743         (WebCore::SVGSynchronizableAnimatedProperty::synchronize):
1744
1745 2012-08-02  Konrad Piascik  <kpiascik@rim.com>
1746
1747         Web Inspector: Override the DeviceOrientation
1748         https://bugs.webkit.org/show_bug.cgi?id=91008
1749
1750         Reviewed by Pavel Feldman.
1751
1752         Re-added the m_page member variable to DeviceOrientationController and
1753         added InspectorInstrumentation to see if the DeviceOrientationData
1754         should be overridden or not.
1755
1756         Added UI to the web inspector front-end to allow users to override the
1757         device orientation.  This is currently hidden behind an experiment.
1758
1759         Test: inspector/device-orientation-success.html
1760
1761         * English.lproj/localizedStrings.js:
1762         * dom/DeviceOrientationController.cpp:
1763         (WebCore::DeviceOrientationController::DeviceOrientationController):
1764         (WebCore::DeviceOrientationController::create):
1765         (WebCore::DeviceOrientationController::didChangeDeviceOrientation):
1766         (WebCore::provideDeviceOrientationTo):
1767         * dom/DeviceOrientationController.h:
1768         (DeviceOrientationController):
1769         * inspector/Inspector.json:
1770         * inspector/InspectorInstrumentation.cpp:
1771         (WebCore):
1772         (WebCore::InspectorInstrumentation::overrideDeviceOrientationImpl):
1773         * inspector/InspectorInstrumentation.h:
1774         (WebCore):
1775         (InspectorInstrumentation):
1776         (WebCore::InspectorInstrumentation::overrideDeviceOrientation):
1777         * inspector/InspectorPageAgent.cpp:
1778         (WebCore::InspectorPageAgent::setDeviceOrientationOverride):
1779         (WebCore):
1780         (WebCore::InspectorPageAgent::clearDeviceOrientationOverride):
1781         (WebCore::InspectorPageAgent::canOverrideDeviceOrientation):
1782         (WebCore::InspectorPageAgent::overrideDeviceOrientation):
1783         * inspector/InspectorPageAgent.h:
1784         * inspector/front-end/Settings.js:
1785         (WebInspector.ExperimentsSettings):
1786         * inspector/front-end/SettingsScreen.js:
1787         (WebInspector.UserAgentSettingsTab):
1788         (WebInspector.UserAgentSettingsTab.prototype._createInput):
1789         (WebInspector.UserAgentSettingsTab.prototype._createDeviceMetricsElement):
1790         (WebInspector.UserAgentSettingsTab.prototype._createGeolocationOverrideElement):
1791         (WebInspector.UserAgentSettingsTab.prototype._onDeviceOrientationOverrideCheckboxClicked):
1792         (WebInspector.UserAgentSettingsTab.prototype._applyDeviceOrientationUserInput):
1793         (WebInspector.UserAgentSettingsTab.prototype._setDeviceOrientation.set if):
1794         (WebInspector.UserAgentSettingsTab.prototype._setDeviceOrientation):
1795         (WebInspector.UserAgentSettingsTab.prototype._createDeviceOrientationOverrideElement):
1796         * inspector/front-end/UserAgentSupport.js:
1797         (WebInspector.UserAgentSupport.DeviceOrientation):
1798         (WebInspector.UserAgentSupport.DeviceOrientation.prototype.toSetting):
1799         (WebInspector.UserAgentSupport.DeviceOrientation.parseSetting):
1800         (WebInspector.UserAgentSupport.DeviceOrientation.parseUserInput):
1801         (WebInspector.UserAgentSupport.DeviceOrientation.clearDeviceOrientationOverride):
1802         * inspector/front-end/inspector.js:
1803         (WebInspector.doLoadedDone):
1804
1805 2012-08-02  Arnaud Renevier  <a.renevier@sisa.samsung.com>
1806
1807         TypedArray set method is slow when called with another typed array
1808         https://bugs.webkit.org/show_bug.cgi?id=92556
1809
1810         Reviewed by Kenneth Russell.
1811
1812         When setting multiples values to a typed array from an array like
1813         element, try to determine if the argument is a typed array. If so,
1814         cast the argument to a typed array, and read each element with .item()
1815         method. That avoid reading the value as a JSValue, and speedups set
1816         method by approximatively 10x.
1817
1818         Introduce setWebGLArrayWithTypedArrayArgument template function which
1819         checks if argument is a typed array. If so, it copies the data to
1820         target typed array and returns true. Otherwise, it returns false.
1821
1822         Introduce copyTypedArrayBuffer template function which copies data
1823         from a typed array to another one. This function is also used from
1824         constructArrayBufferViewWithTypedArrayArgument.
1825
1826         * bindings/js/JSArrayBufferViewHelper.h:
1827         (WebCore):
1828         (WebCore::copyTypedArrayBuffer):
1829         (WebCore::setWebGLArrayWithTypedArrayArgument):
1830         (WebCore::setWebGLArrayHelper):
1831         (WebCore::constructArrayBufferViewWithTypedArrayArgument):
1832         * bindings/js/JSFloat32ArrayCustom.cpp:
1833         (WebCore::JSFloat32Array::set):
1834         * bindings/js/JSFloat64ArrayCustom.cpp:
1835         (WebCore::JSFloat64Array::set):
1836         * bindings/js/JSInt16ArrayCustom.cpp:
1837         (WebCore::JSInt16Array::set):
1838         * bindings/js/JSInt32ArrayCustom.cpp:
1839         (WebCore::JSInt32Array::set):
1840         * bindings/js/JSInt8ArrayCustom.cpp:
1841         (WebCore::JSInt8Array::set):
1842         * bindings/js/JSUint16ArrayCustom.cpp:
1843         (WebCore::JSUint16Array::set):
1844         * bindings/js/JSUint32ArrayCustom.cpp:
1845         (WebCore::JSUint32Array::set):
1846         * bindings/js/JSUint8ArrayCustom.cpp:
1847         (WebCore::JSUint8Array::set):
1848         * bindings/js/JSUint8ClampedArrayCustom.cpp:
1849         (WebCore::JSUint8ClampedArray::set):
1850
1851 2012-08-02  Chris Fleizach  <cfleizach@apple.com>
1852
1853         AXEnabled = false for AXIncrementors inside text fields
1854         https://bugs.webkit.org/show_bug.cgi?id=93008
1855
1856         Reviewed by Anders Carlsson.
1857
1858         Mock objects should return "enabled" by default, since they are valid objects.
1859
1860         * accessibility/AccessibilityMockObject.h:
1861         (WebCore::AccessibilityMockObject::isEnabled):
1862         (AccessibilityMockObject):
1863
1864 2012-08-02  Eric Seidel  <eric@webkit.org>
1865
1866         Add back ASSERT(!needsLayout) to RenderTableSection which is now valid
1867         https://bugs.webkit.org/show_bug.cgi?id=92954
1868
1869         Reviewed by Julien Chaffraix.
1870
1871         * rendering/RenderTableSection.cpp:
1872         (WebCore::RenderTableSection::paint):
1873
1874 2012-08-02  Kevin Ellis  <kevers@chromium.org>
1875
1876         Month-year selector on calendar picker should be touch friendly.
1877         https://bugs.webkit.org/show_bug.cgi?id=92678
1878
1879         Reviewed by Kent Tamura.
1880
1881         Previously the month-year popup menu was implemented using a listbox,
1882         which does not support CSS customization.  Entries in the listbox
1883         were too shallow to reliably target with touch gestures.  The
1884         replacement popup is CSS configurable with larger entries on devices
1885         that support touch input.
1886
1887         Manually tested with and without touch support in English, Japanese
1888         and Arabic.
1889
1890         * Resources/calendarPicker.css:
1891         (.month-selector-popup): Update to use scrollable div instead of listbox.
1892         (.month-selector-popup-contents): Render popup as a table within a scrollable div.
1893         (.month-selector-popup-entry): Formatting entries in the month-year popup.
1894         (.selected-month-year): Highlight the selected month-year.
1895         (@media (pointer:coarse)): Enlarge entries in the popup meu on devices that support touch.
1896         * Resources/calendarPicker.js:
1897         (YearMonthController.prototype.attachTo): Change selector popup from a list-box to a div.
1898         (YearMonthController.prototype._redraw): Populate table based popup rather than listbox.
1899         (YearMonthController.prototype._showPopup): Set scroll position and resize for scrollbar.
1900         (YearMonthController.prototype._closePopup): Restore focus to the calendar.
1901         (YearMonthController.prototype._getSelection): Added to retrieve the selected month-year.
1902         (YearMonthController.prototype._handleMouseMove): Added to update selected month-year on hover.
1903         (YearMonthController.prototype._handleMonthPopupKey): Add keyboard navigation.
1904         (YearMonthController.prototype._handleYearMonthChange): Retrieve value from selected month-year.
1905
1906 2012-08-02  Vsevolod Vlasov  <vsevik@chromium.org>
1907
1908         Web Inspector: [Regression] context menu does not open on Sources panel tabs on mac
1909         https://bugs.webkit.org/show_bug.cgi?id=93000
1910
1911         Reviewed by Pavel Feldman.
1912
1913         * inspector/front-end/UIUtils.js:
1914         (WebInspector._elementDragStart):
1915
1916 2012-08-02  Kwang Yul Seo  <skyul@company100.net>
1917
1918         Check if the last table element's parent node is an element when determining the foster parent element.
1919         https://bugs.webkit.org/show_bug.cgi?id=92977
1920
1921         Reviewed by Adam Barth.
1922
1923         According to the HTML5 spec, if the last table element in the stack of open elements has no parent,
1924         or ITS PARENT NODE IS NOT AN ELEMENT, then the foster parent element is the element
1925         before the last table element in the stack of open elements.
1926
1927         Changed to check if the table element's parent node is an element.
1928
1929         Test: fast/parser/foster-parent.html
1930
1931         * html/parser/HTMLConstructionSite.cpp:
1932         (WebCore::HTMLConstructionSite::findFosterSite):
1933
1934 2012-08-02  Philippe Normand  <pnormand@igalia.com>
1935
1936         [GStreamer] Use GST_DEBUG instead of LOG_VERBOSE
1937         https://bugs.webkit.org/show_bug.cgi?id=89350
1938
1939         Reviewed by Martin Robinson.
1940
1941         Wrap the media player's logging calls to a new macro that also
1942         hooks into GStreamer's logging facilities. This way the developer
1943         gets the best of both worlds, leaving the choice between GST_DEBUG
1944         and WEBKIT_DEBUG environment variables.
1945
1946         * platform/graphics/gstreamer/GStreamerUtilities.h:
1947         (WebCore):
1948         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
1949         (WebCore::initializeGStreamerAndRegisterWebKitElements):
1950         (WebCore::MediaPlayerPrivateGStreamer::load):
1951         (WebCore::MediaPlayerPrivateGStreamer::commitLoad):
1952         (WebCore::MediaPlayerPrivateGStreamer::playbackPosition):
1953         (WebCore::MediaPlayerPrivateGStreamer::play):
1954         (WebCore::MediaPlayerPrivateGStreamer::pause):
1955         (WebCore::MediaPlayerPrivateGStreamer::duration):
1956         (WebCore::MediaPlayerPrivateGStreamer::seek):
1957         (WebCore::MediaPlayerPrivateGStreamer::naturalSize):
1958         (WebCore::MediaPlayerPrivateGStreamer::setRate):
1959         (WebCore::MediaPlayerPrivateGStreamer::handleMessage):
1960         (WebCore::MediaPlayerPrivateGStreamer::processBufferingStats):
1961         (WebCore::MediaPlayerPrivateGStreamer::fillTimerFired):
1962         (WebCore::MediaPlayerPrivateGStreamer::maxTimeSeekable):
1963         (WebCore::MediaPlayerPrivateGStreamer::maxTimeLoaded):
1964         (WebCore::MediaPlayerPrivateGStreamer::didLoadingProgress):
1965
1966 2012-08-02  Antti Koivisto  <antti@apple.com>
1967
1968         Inline stylesheets can confuse style sharing
1969         https://bugs.webkit.org/show_bug.cgi?id=92970
1970
1971         Reviewed by Dan Bernstein.
1972
1973         Consider document 
1974         
1975         <div class="i30"></div>
1976         <style>.i30 { background-color:green; }</style>
1977         <div class="i30"></div>
1978         
1979         When processing the <style> element the scope optimization marks the first div as needing style recalc. 
1980         Next the parser adds the second div to the tree and immediately calculates its style. Since it looks exactly 
1981         like the first div the style sharing optimization copies the style from there. The pending recalc of the
1982         first div is resolved by a timer but the second div is left with the old style.
1983         
1984         Fix by disallowing style sharing from elements with pending style recalc.
1985
1986         Test: fast/css/style-sharing-inline-stylesheet.html
1987
1988         * css/StyleResolver.cpp:
1989         (WebCore::StyleResolver::canShareStyleWithElement):
1990
1991 2012-08-02  Tommy Widenflycht  <tommyw@google.com>
1992
1993         MediaStream API: Add RTCPeerConnectionHandler infrastructure
1994         https://bugs.webkit.org/show_bug.cgi?id=92866
1995
1996         Reviewed by Adam Barth.
1997
1998         Introducing RTCPeerConnectionHandler & RTCPeerConnectionHandlerClient,
1999         together with the Chromium WebKit interface, following the pattern of
2000         the previous PeerConnection00Handler but with the optimizations from MediaStreamCenter.
2001
2002         Not yet testable due to not enough code landed.
2003
2004         * CMakeLists.txt:
2005         * GNUmakefile.list.am:
2006         * Modules/mediastream/RTCPeerConnection.cpp:
2007         (WebCore::RTCPeerConnection::create):
2008         (WebCore::RTCPeerConnection::RTCPeerConnection):
2009         * Modules/mediastream/RTCPeerConnection.h:
2010         (RTCPeerConnection):
2011         * WebCore.gypi:
2012         * platform/mediastream/RTCPeerConnectionHandler.cpp: Added.
2013         (WebCore):
2014         (RTCPeerConnectionHandlerDummy):
2015         (WebCore::RTCPeerConnectionHandler::create):
2016         (WebCore::RTCPeerConnectionHandlerDummy::RTCPeerConnectionHandlerDummy):
2017         (WebCore::RTCPeerConnectionHandlerDummy::~RTCPeerConnectionHandlerDummy):
2018         (WebCore::RTCPeerConnectionHandlerDummy::initialize):
2019         * platform/mediastream/RTCPeerConnectionHandler.h: Copied from Source/WebCore/Modules/mediastream/RTCPeerConnection.h.
2020         (WebCore):
2021         (RTCPeerConnectionHandler):
2022         (WebCore::RTCPeerConnectionHandler::~RTCPeerConnectionHandler):
2023         (WebCore::RTCPeerConnectionHandler::RTCPeerConnectionHandler):
2024         * platform/mediastream/RTCPeerConnectionHandlerClient.h: Copied from Source/WebCore/Modules/mediastream/RTCPeerConnection.h.
2025         (WebCore):
2026         (RTCPeerConnectionHandlerClient):
2027         (WebCore::RTCPeerConnectionHandlerClient::~RTCPeerConnectionHandlerClient):
2028         * platform/mediastream/chromium/RTCPeerConnectionHandlerChromium.cpp: Added.
2029         (WebCore):
2030         (WebCore::RTCPeerConnectionHandler::create):
2031         (WebCore::RTCPeerConnectionHandlerChromium::RTCPeerConnectionHandlerChromium):
2032         (WebCore::RTCPeerConnectionHandlerChromium::~RTCPeerConnectionHandlerChromium):
2033         (WebCore::RTCPeerConnectionHandlerChromium::initialize):
2034         * platform/mediastream/chromium/RTCPeerConnectionHandlerChromium.h: Added.
2035         (WebCore):
2036         (RTCPeerConnectionHandlerChromium):
2037
2038 2012-08-02  Kent Tamura  <tkent@chromium.org>
2039
2040         Move number localization code in LocaleICU.cpp to new class
2041         https://bugs.webkit.org/show_bug.cgi?id=92976
2042
2043         Reviewed by Kentaro Hara.
2044
2045         The number localization code by character mapping is usefull for non-ICU
2046         platforms.
2047
2048         No new tests. This is just a refactoring, and is covered by
2049         Source/WebKit/chromium/tests/LocalizedNumberICUTest.cpp.
2050
2051         * WebCore.gypi: Add NumberLocalizer.{cpp,h}.
2052         * platform/text/LocaleICU.cpp:
2053         (WebCore::LocaleICU::decimalSymbol):
2054         Renamed from setDecimalSymbol. This function returns the resultant
2055         string instead of setting it to a data member.
2056         (WebCore::LocaleICU::decimalTextAttribute):
2057         Renamed from setDecimalTextAttributel. This function returns the
2058         resultant string instead of setting it to the specified string.
2059         (WebCore::LocaleICU::initializeNumberLocalizerData):
2060         Renamed from initializeDecimalFormat.
2061         Calls NumberLocaizer::setNumberLocalizerData.
2062         (WebCore::LocaleICU::localizedDecimalSeparator):
2063         Rename initializeDecimalFormat to initializeNumberLocalizerData.
2064         * platform/text/LocaleICU.h:
2065         (LocaleICU): Remove some members, and inherit NumberLocalizer.
2066         * platform/text/NumberLocalizer.cpp: Added. Move the code from LocaleICU.cpp
2067         (WebCore):
2068         (WebCore::NumberLocalizer::~NumberLocalizer):
2069         (WebCore::NumberLocalizer::setNumberLocalizerData): Added.
2070         (WebCore::NumberLocalizer::convertToLocalizedNumber):
2071         (WebCore::matches):
2072         (WebCore::NumberLocalizer::detectSignAndGetDigitRange):
2073         (WebCore::NumberLocalizer::matchedDecimalSymbolIndex):
2074         (WebCore::NumberLocalizer::convertFromLocalizedNumber):
2075         (WebCore::NumberLocalizer::localizedDecimalSeparator):
2076         * platform/text/NumberLocalizer.h: Added.
2077         (NumberLocalizer):
2078         (WebCore::NumberLocalizer::NumberLocalizer):
2079
2080 2012-08-02  Alexander Pavlov  <apavlov@chromium.org>
2081
2082         Web Inspector: Move DOM breakpoints-related context menu items into a submenu
2083         https://bugs.webkit.org/show_bug.cgi?id=92989
2084
2085         Reviewed by Vsevolod Vlasov.
2086
2087         A "Break on..." submenu is added to the element context menu, to host all DOM breakpoint items.
2088
2089         * English.lproj/localizedStrings.js:
2090         * inspector/front-end/DOMBreakpointsSidebarPane.js:
2091         (WebInspector.DOMBreakpointsSidebarPane):
2092         (WebInspector.DOMBreakpointsSidebarPane.prototype.populateNodeContextMenu):
2093
2094 2012-08-02  Dominik Röttsches  <dominik.rottsches@intel.com>
2095
2096         [Cairo] Add complex font drawing using HarfbuzzNG
2097         https://bugs.webkit.org/show_bug.cgi?id=91864
2098
2099         Reviewed by Martin Robinson.
2100
2101         Unfortunately the Freetype based approach that avoids allocations and UTF8 conversion
2102         fails to produce correct results for some tests.
2103
2104         No new tests, at least
2105           fast/dom/52776.html
2106           fast/text/atsui-negative-spacing-features.html
2107           fast/text/atsui-spacing-features.html
2108         expose this problem.
2109
2110         * platform/graphics/harfbuzz/ng/HarfBuzzNGFaceCairo.cpp:
2111         (WebCore::harfbuzzGetGlyph): Revert to initial cairo_scaled_font based approach.
2112
2113 2012-08-02  Eugene Klyuchnikov  <eustas.big@gmail.com>
2114
2115         Web Inspector: Fix protocol version check.
2116         https://bugs.webkit.org/show_bug.cgi?id=91497
2117
2118         Reviewed by Pavel Feldman.
2119
2120         Generated method 'supportsInspectorProtocolVersion' should return
2121         false when requested  minor version is *greater* than actual
2122         minor version.
2123
2124         * inspector/generate-inspector-protocol-version: Fixed stub text
2125
2126 2012-08-02  Alexei Filippov  <alexeif@chromium.org>
2127
2128         Web Inspector: count RenderStyle objects in the native memory profiler
2129         https://bugs.webkit.org/show_bug.cgi?id=91759
2130
2131         Reviewed by Yury Semikhatsky.
2132
2133         The patch adds instrumentation to the following classes:
2134           - RenderStyle
2135           - StyleRareInheritedData
2136           - StyleRareNonInheritedData
2137
2138         * bindings/js/ScriptWrappable.h:
2139         * bindings/v8/ScriptWrappable.h:
2140         * dom/MemoryInstrumentation.h:
2141         (WebCore):
2142         (WebCore::MemoryInstrumentation::OwningTraits::addObject):
2143         (WebCore::MemoryInstrumentation::addInstrumentedObjectImpl):
2144         (WebCore::MemoryInstrumentation::addObjectImpl):
2145         * dom/Node.cpp:
2146         (WebCore::Node::reportMemoryUsage):
2147         * dom/Node.h:
2148         (WebCore):
2149         * rendering/style/RenderStyle.cpp:
2150         (WebCore::RenderStyle::reportMemoryUsage):
2151         (WebCore):
2152         * rendering/style/RenderStyle.h:
2153         (WebCore):
2154         * rendering/style/StyleRareInheritedData.cpp:
2155         (WebCore::StyleRareInheritedData::reportMemoryUsage):
2156         (WebCore):
2157         * rendering/style/StyleRareInheritedData.h:
2158         (WebCore):
2159         (StyleRareInheritedData):
2160         * rendering/style/StyleRareNonInheritedData.cpp:
2161         (WebCore::StyleRareNonInheritedData::reportMemoryUsage):
2162         (WebCore):
2163         * rendering/style/StyleRareNonInheritedData.h:
2164         (WebCore):
2165         (StyleRareNonInheritedData):
2166
2167 2012-08-02  Alexei Filippov  <alexeif@chromium.org>
2168
2169         Web Inspector: rename host->origin in the inspector protocol DOMStorage entry
2170         https://bugs.webkit.org/show_bug.cgi?id=92979
2171
2172         Reviewed by Yury Semikhatsky.
2173
2174         * inspector/Inspector.json:
2175         * inspector/InspectorDOMStorageResource.cpp:
2176         (WebCore::InspectorDOMStorageResource::bind):
2177         * inspector/front-end/DOMStorage.js:
2178         (WebInspector.DOMStorageDispatcher.prototype.addDOMStorage):
2179
2180 2012-08-02  Kihong Kwon  <kihong.kwon@samsung.com>
2181
2182         [EFL] Change return value of battey level
2183         https://bugs.webkit.org/show_bug.cgi?id=92964
2184
2185         Reviewed by Simon Hausmann.
2186
2187         Change return value of navigator.webkitBattery.level from 0~100 to 0~1.0.
2188         Battery level have to returns 0~1.0 by Battery Status API spec.
2189
2190         * platform/efl/BatteryProviderEfl.cpp:
2191         (WebCore::BatteryProviderEfl::setBatteryClient):
2192
2193 2012-08-02  Yury Semikhatsky  <yurys@chromium.org>
2194
2195         Web Inspector: remove extraObjectSize parameter from MemoryClassInfo constructor
2196         https://bugs.webkit.org/show_bug.cgi?id=92981
2197
2198         Reviewed by Alexander Pavlov.
2199
2200         Refactored MemoryInstrumentation to get rid of extraSize parameter from
2201         MemoryObjectInfo constructor and MemoryObjectInfo::reportObjectInfo. The
2202         extra size should always be reported as an object that occupies these extra
2203         bytes.
2204
2205         * dom/ElementAttributeData.cpp:
2206         (WebCore::ElementAttributeData::reportMemoryUsage):
2207         (WebCore):
2208         * dom/ElementAttributeData.h:
2209         (WebCore):
2210         (ElementAttributeData):
2211         * dom/MemoryInstrumentation.h:
2212         (WebCore::MemoryObjectInfo::reportObjectInfo):
2213         (WebCore::MemoryClassInfo::MemoryClassInfo):
2214
2215 2012-08-02  Sheriff Bot  <webkit.review.bot@gmail.com>
2216
2217         Unreviewed, rolling out r124439.
2218         http://trac.webkit.org/changeset/124439
2219         https://bugs.webkit.org/show_bug.cgi?id=92980
2220
2221         Broke Chromium Mac Release compile (Requested by apavlov on
2222         #webkit).
2223
2224         * CMakeLists.txt:
2225         * GNUmakefile.list.am:
2226         * Modules/mediastream/RTCPeerConnection.cpp:
2227         (WebCore::RTCPeerConnection::create):
2228         (WebCore::RTCPeerConnection::RTCPeerConnection):
2229         * Modules/mediastream/RTCPeerConnection.h:
2230         * WebCore.gypi:
2231         * platform/mediastream/RTCPeerConnectionHandler.cpp: Removed.
2232         * platform/mediastream/RTCPeerConnectionHandler.h: Removed.
2233         * platform/mediastream/RTCPeerConnectionHandlerClient.h: Removed.
2234         * platform/mediastream/chromium/RTCPeerConnectionHandlerChromium.cpp: Removed.
2235         * platform/mediastream/chromium/RTCPeerConnectionHandlerChromium.h: Removed.
2236
2237 2012-08-02  Simon Hausmann  <simon.hausmann@nokia.com>
2238
2239         [Qt] Uninitialized memory read in QObject runtime bridge
2240         https://bugs.webkit.org/show_bug.cgi?id=92972
2241
2242         Reviewed by Kenneth Rohde Christiansen.
2243
2244         The vargs array has an initial size of 0 and when calling a method with no return value
2245         and no arguments, vargs remains empty. Therefore unconditional access to vargs[0] results
2246         in access to uninitialized memory.
2247
2248         No new tests, covered by valgrind in existing qobjectbridge tests.
2249
2250         * bridge/qt/qt_runtime.cpp:
2251         (JSC::Bindings::QtRuntimeMetaMethod::call):
2252         * bridge/qt/qt_runtime_qt4.cpp:
2253         (JSC::Bindings::QtRuntimeMetaMethod::call):
2254
2255 2012-08-02  Zoltan Herczeg  <zherczeg@webkit.org>
2256
2257         Alignment issue for readTime in PluginDatabase.cpp
2258         https://bugs.webkit.org/show_bug.cgi?id=92746
2259
2260         Reviewed by Simon Hausmann.
2261
2262         When the byte stream is written, nothing guarantees that
2263         the time_t data is aligned. This issue caused alignment
2264         traps on ARM CPUs.
2265
2266         No new tests. Covered by existing tests.
2267
2268         * plugins/PluginDatabase.cpp:
2269         (WebCore::readTime):
2270
2271 2012-08-02  Tommy Widenflycht  <tommyw@google.com>
2272
2273         MediaStream API: Add RTCPeerConnectionHandler infrastructure
2274         https://bugs.webkit.org/show_bug.cgi?id=92866
2275
2276         Reviewed by Kentaro Hara.
2277
2278         Introducing RTCPeerConnectionHandler & RTCPeerConnectionHandlerClient,
2279         together with the Chromium WebKit interface, following the pattern of
2280         the previous PeerConnection00Handler but with the optimizations from MediaStreamCenter.
2281
2282         Not yet testable due to not enough code landed.
2283
2284         * CMakeLists.txt:
2285         * GNUmakefile.list.am:
2286         * Modules/mediastream/RTCPeerConnection.cpp:
2287         (WebCore::RTCPeerConnection::create):
2288         (WebCore::RTCPeerConnection::RTCPeerConnection):
2289         * Modules/mediastream/RTCPeerConnection.h:
2290         (RTCPeerConnection):
2291         * WebCore.gypi:
2292         * platform/mediastream/RTCPeerConnectionHandler.cpp: Added.
2293         (WebCore):
2294         (RTCPeerConnectionHandlerDummy):
2295         (WebCore::RTCPeerConnectionHandler::create):
2296         (WebCore::RTCPeerConnectionHandlerDummy::RTCPeerConnectionHandlerDummy):
2297         (WebCore::RTCPeerConnectionHandlerDummy::~RTCPeerConnectionHandlerDummy):
2298         (WebCore::RTCPeerConnectionHandlerDummy::initialize):
2299         * platform/mediastream/RTCPeerConnectionHandler.h: Copied from Source/WebCore/Modules/mediastream/RTCPeerConnection.h.
2300         (WebCore):
2301         (RTCPeerConnectionHandler):
2302         (WebCore::RTCPeerConnectionHandler::~RTCPeerConnectionHandler):
2303         (WebCore::RTCPeerConnectionHandler::RTCPeerConnectionHandler):
2304         * platform/mediastream/RTCPeerConnectionHandlerClient.h: Copied from Source/WebCore/Modules/mediastream/RTCPeerConnection.h.
2305         (WebCore):
2306         (RTCPeerConnectionHandlerClient):
2307         (WebCore::RTCPeerConnectionHandlerClient::~RTCPeerConnectionHandlerClient):
2308         * platform/mediastream/chromium/RTCPeerConnectionHandlerChromium.cpp: Added.
2309         (WebCore):
2310         (WebCore::RTCPeerConnectionHandler::create):
2311         (WebCore::RTCPeerConnectionHandlerChromium::RTCPeerConnectionHandlerChromium):
2312         (WebCore::RTCPeerConnectionHandlerChromium::~RTCPeerConnectionHandlerChromium):
2313         (WebCore::RTCPeerConnectionHandlerChromium::initialize):
2314         * platform/mediastream/chromium/RTCPeerConnectionHandlerChromium.h: Added.
2315         (WebCore):
2316         (RTCPeerConnectionHandlerChromium):
2317
2318 2012-08-02  Yury Semikhatsky  <yurys@chromium.org>
2319
2320         Web Inspector: rename reportMemoryUsage to reportDescendantMemoryUsage in StyleRuleBase descendants
2321         https://bugs.webkit.org/show_bug.cgi?id=92966
2322
2323         Reviewed by Alexander Pavlov.
2324
2325         Renamed reportMemoryUsage to reportDescendantMemoryUsage in all descendants of
2326         StyleRuleBase to avoid accidental recursive calls to StyleRuleBase::reportMemoryUsage
2327         when a new type of rule is added.
2328
2329         * css/StyleRule.cpp:
2330         (WebCore::StyleRuleBase::reportMemoryUsage):
2331         (WebCore::StyleRule::reportDescendantMemoryUsage):
2332         (WebCore::StyleRulePage::reportDescendantMemoryUsage):
2333         (WebCore::StyleRuleFontFace::reportDescendantMemoryUsage):
2334         (WebCore::StyleRuleBlock::reportDescendantMemoryUsage):
2335         (WebCore::StyleRuleMedia::reportDescendantMemoryUsage):
2336         (WebCore::StyleRuleRegion::reportDescendantMemoryUsage):
2337         * css/StyleRule.h:
2338         (StyleRule):
2339         (StyleRuleFontFace):
2340         (StyleRulePage):
2341         (StyleRuleBlock):
2342         (StyleRuleMedia):
2343         (StyleRuleRegion):
2344         * css/StyleRuleImport.cpp:
2345         (WebCore::StyleRuleImport::reportDescendantMemoryUsage):
2346         * css/StyleRuleImport.h:
2347         (StyleRuleImport):
2348         * css/WebKitCSSKeyframesRule.cpp:
2349         (WebCore::StyleRuleKeyframes::reportDescendantMemoryUsage):
2350         * css/WebKitCSSKeyframesRule.h:
2351         (StyleRuleKeyframes):
2352
2353 2012-08-02  Hironori Bono  <hbono@chromium.org>
2354
2355         [Chromium] Implement hyphenation for Chromium
2356         https://bugs.webkit.org/show_bug.cgi?id=48610
2357
2358         Reviewed by Eric Seidel.
2359
2360         This change adds a couple of methods canHyphenate and computeLastHyphenLocation
2361         to Platform so Chromium can implement them. Also, this change uses these methods
2362         to implement the hyphenation methods of WebCore. (This change does not change
2363         any behaviors until Chromium implements these methods.)
2364
2365         No new tests because this change is for fixing a couple of existing layout tests
2366         'fast/text/hyphenate-character.html' and 'fast/text/hyphens.html'.
2367
2368         * WebCore.gypi:
2369         * platform/text/chromium/Hyphenation.cpp: Added.
2370         (WebCore):
2371         (WebCore::canHyphenate): Called Platform::canHyphenation().
2372         (WebCore::lastHyphenLocation): Called Platform::computeLastHyphenLocation().
2373
2374 2012-08-02  ulan@chromium.org  <ulan@chromium.org>
2375
2376         [chromium] Improve garbage collector hint if page uses Canvas contexts
2377         https://bugs.webkit.org/show_bug.cgi?id=92856
2378
2379         Reviewed by Kentaro Hara.
2380
2381         Request GC by sending context disposed and idle notification to V8 instead
2382         of sending low memory notification. It is faster as it causes one GC
2383         instead of seven GCs caused by low memory notification.
2384
2385         * bindings/v8/V8Binding.cpp:
2386         (WebCore::V8BindingPerIsolateData::V8BindingPerIsolateData):
2387         * bindings/v8/V8Binding.h:
2388         (V8BindingPerIsolateData):
2389         (WebCore::V8BindingPerIsolateData::setShouldCollectGarbageSoon):
2390         (WebCore::V8BindingPerIsolateData::clearShouldCollectGarbageSoon):
2391         (WebCore::V8BindingPerIsolateData::shouldCollectGarbageSoon):
2392         * bindings/v8/V8Proxy.cpp:
2393         (WebCore::V8Proxy::hintForGCIfNecessary):
2394         * bindings/v8/custom/V8HTMLCanvasElementCustom.cpp:
2395         (WebCore::V8HTMLCanvasElement::getContextCallback):
2396
2397 2012-08-02  Mihnea Ovidenie  <mihnea@adobe.com>
2398
2399         CSSRegions: Crash when reattaching a region to a named flow.
2400         https://bugs.webkit.org/show_bug.cgi?id=91307
2401
2402         Reviewed by Abhishek Arya.
2403
2404         The lifetime of a flow thread  has changed from not being destroyed (until the RenderView is destroyed) to being destroyed,
2405         under certain conditions, no attached regions and no content, before RenderView is destroyed.
2406         When the flow thread does not have any content and the region to be detached is the last region for the flow thread,
2407         the flow thread is destroyed.
2408         In this case, if the same region has to be attached again to the flow thread, the flow thread needs to be
2409         recreated, otherwise the crash will result.
2410
2411         Test: fast/regions/region-flow-reattach-crash.html
2412
2413         * rendering/RenderRegion.cpp:
2414         (WebCore::RenderRegion::attachRegion):
2415         We skip the attach if we are in the middle of document destruction.
2416         We recreate the flow thread to which the region is intended to be attached only if the region was
2417         not previously marked as invalid in relation to the flow thread (because the region was part of a
2418         circular dependency).
2419         (WebCore::RenderRegion::detachRegion): After the region is detached from flow thread,
2420         null the region internal pointer to the flow thread to mark that the region is not
2421         attached.
2422
2423 2012-08-02  Tommy Widenflycht  <tommyw@google.com>
2424
2425         MediaStream API: Move RTCConfiguration to its proper place
2426         https://bugs.webkit.org/show_bug.cgi?id=92867
2427
2428         Reviewed by Adam Barth.
2429
2430         This patch moves RTCConfiguration to Source/WebCore/platform/mediastream,
2431         and adds its WebKit interface for chromium.
2432
2433         No functional code changes.
2434
2435         * GNUmakefile.list.am:
2436         * Modules/mediastream/RTCPeerConnection.cpp:
2437         * WebCore.gypi:
2438         * platform/chromium/support/WebRTCConfiguration.cpp: Added.
2439         (WebKit):
2440         (WebKit::WebRTCICEServer::WebRTCICEServer):
2441         (WebKit::WebRTCICEServer::assign):
2442         (WebKit::WebRTCICEServer::reset):
2443         (WebKit::WebRTCICEServer::uri):
2444         (WebKit::WebRTCICEServer::credential):
2445         (WebKit::WebRTCConfiguration::WebRTCConfiguration):
2446         (WebKit::WebRTCConfiguration::assign):
2447         (WebKit::WebRTCConfiguration::reset):
2448         (WebKit::WebRTCConfiguration::numberOfServers):
2449         (WebKit::WebRTCConfiguration::server):
2450         * platform/mediastream/RTCConfiguration.h: Added.
2451         (WebCore):
2452         (RTCIceServer):
2453         (WebCore::RTCIceServer::create):
2454         (WebCore::RTCIceServer::~RTCIceServer):
2455         (WebCore::RTCIceServer::uri):
2456         (WebCore::RTCIceServer::credential):
2457         (WebCore::RTCIceServer::RTCIceServer):
2458         (RTCConfiguration):
2459         (WebCore::RTCConfiguration::create):
2460         (WebCore::RTCConfiguration::~RTCConfiguration):
2461         (WebCore::RTCConfiguration::appendServer):
2462         (WebCore::RTCConfiguration::numberOfServers):
2463         (WebCore::RTCConfiguration::server):
2464         (WebCore::RTCConfiguration::RTCConfiguration):
2465
2466 2012-08-02  Alexander Shalamov  <alexander.shalamov@intel.com>
2467
2468         [EFL] Browser crashes when non-progress element with -webkit-appearance:progress-bar is rendered
2469         https://bugs.webkit.org/show_bug.cgi?id=92747
2470
2471         Reviewed by Hajime Morita.
2472
2473         When https://bugs.webkit.org/show_bug.cgi?id=40158 was fixed, all ports
2474         were fixed except EFL port. This patch fixes assert that is hit when
2475         non-progress element is rendered with -webkit-appearance:progress-bar style.
2476
2477         * platform/efl/RenderThemeEfl.cpp:
2478         (WebCore::RenderThemeEfl::paintProgressBar):
2479
2480 2012-08-02  Yoshifumi Inoue  <yosin@chromium.org>
2481
2482         REGRESSION(r102741): [Forms] In selects, when disabled, browser skips first option if not in optgroup, then selects first option in optgroup
2483         https://bugs.webkit.org/show_bug.cgi?id=92833
2484
2485         Reviewed by Kent Tamura.
2486
2487         This patch changes implementation of HTMLOptionElement::disabled() to
2488         follow the "disabled" concept of option element in HTML5 specification[1],
2489         the option element is disabled if option element has "disabled"
2490         attribute or parent optgroup element has "disabled" attribute. Before
2491         this patch, HTMLOptionElement::disabled() checks presenting "disabled"
2492         attribute in option element itself and any parent element.
2493
2494         Before this patch, HTMLSelectElement::recalcListItems() didn't considers
2495         non-disabled option as default selected option if select element is
2496         disabled because HTMLOptionElement::disabled() returned true if select
2497         element is disabled.
2498
2499         After this patch, HTMLOptionElement::disabled() is independent from
2500         select element. HTMLSelectElement::recalcListItems() considers
2501         non-disabled option as default selected option.
2502
2503         [1] http://www.whatwg.org/specs/web-apps/current-work/multipage/the-button-element.html#concept-option-disabled
2504
2505         Tests: fast/forms/basic-selects.html: Fixed expectation to right thing.
2506
2507         * css/html.css:
2508         (select[disabled]>option): Added to render option elements in disabled
2509         select element to disabled color as before this patch.
2510         * html/HTMLOptionElement.cpp:
2511         (WebCore::HTMLOptionElement::disabled): Changed to check parent element
2512         is optgroup.
2513         * html/HTMLSelectElement.cpp:
2514         (WebCore::HTMLSelectElement::listBoxDefaultEventHandler): On mouse up
2515         and down, don't update selection if select element is disabled.
2516         * rendering/RenderListBox.cpp:
2517         (WebCore::RenderListBox::paintItemForeground): Added checking select
2518         element is disabled. Before this patch, it was done by HTMLOptionElement::disabled().
2519
2520 2012-08-01  Sheriff Bot  <webkit.review.bot@gmail.com>
2521
2522         Unreviewed, rolling out r124406.
2523         http://trac.webkit.org/changeset/124406
2524         https://bugs.webkit.org/show_bug.cgi?id=92951
2525
2526         it set the Mac bots on fire (Requested by pizlo on #webkit).
2527
2528         * bindings/js/ScriptDebugServer.cpp:
2529         (WebCore::ScriptDebugServer::setBreakpoint):
2530         (WebCore::ScriptDebugServer::removeBreakpoint):
2531         (WebCore::ScriptDebugServer::hasBreakpoint):
2532         (WebCore::ScriptDebugServer::createCallFrameAndPauseIfNeeded):
2533         (WebCore::ScriptDebugServer::updateCallFrameAndPauseIfNeeded):
2534         (WebCore::ScriptDebugServer::callEvent):
2535         (WebCore::ScriptDebugServer::atStatement):
2536         (WebCore::ScriptDebugServer::returnEvent):
2537         (WebCore::ScriptDebugServer::exception):
2538         (WebCore::ScriptDebugServer::willExecuteProgram):
2539         (WebCore::ScriptDebugServer::didExecuteProgram):
2540         (WebCore::ScriptDebugServer::didReachBreakpoint):
2541         * bindings/js/ScriptDebugServer.h:
2542         (ScriptDebugServer):
2543
2544 2012-08-01  Ilya Tikhonovsky  <loislo@chromium.org>
2545
2546         Web Inspector: test native memory instrumentation code with help of unittests
2547         https://bugs.webkit.org/show_bug.cgi?id=92743
2548
2549         Reviewed by Yury Semikhatsky.
2550
2551         Test a part of existing Native Memory Instrumentation code with help of unit tests.
2552         6 tests were added and two bugs were fixed.
2553         a drive-by improvement: the method MemoryInstrumentation::addInstrumentedObject
2554         was marked as private and addRootObject was introduced instead of it.
2555         The new function also calls processDeferedPointers.
2556
2557         * bindings/v8/ScriptProfiler.cpp:
2558         (WebCore::ScriptProfiler::collectBindingMemoryInfo):
2559         * dom/MemoryInstrumentation.h:
2560         (WebCore::MemoryInstrumentation::addRootObject):
2561         (MemoryInstrumentation):
2562         (WebCore::MemoryInstrumentation::addInstrumentedObject):
2563         (WebCore::MemoryInstrumentation::addInstrumentedObjectImpl):
2564         (WebCore):
2565         (WebCore::MemoryInstrumentation::addObjectImpl):
2566         * inspector/InspectorMemoryAgent.cpp:
2567         (WebCore):
2568         * inspector/MemoryInstrumentationImpl.h:
2569         (MemoryInstrumentationImpl):
2570         (WebCore::MemoryInstrumentationImpl::totalSize):
2571         (WebCore::MemoryInstrumentationImpl::reportedSizeForAllTypes):
2572
2573 2012-08-01  Ryosuke Niwa  <rniwa@webkit.org>
2574
2575         Chromium Android build fix after r124402.
2576         Initialize the out variables as suggested by the compiler.
2577
2578         * Modules/indexeddb/IDBLevelDBCoding.cpp:
2579         (WebCore::IDBLevelDBCoding::DatabaseFreeListKey::decode):
2580         (WebCore::IDBLevelDBCoding::DatabaseNameKey::decode):
2581         (WebCore::IDBLevelDBCoding::ObjectStoreMetaDataKey::decode):
2582         (WebCore::IDBLevelDBCoding::IndexMetaDataKey::decode):
2583         (WebCore::IDBLevelDBCoding::ObjectStoreFreeListKey::decode):
2584         (WebCore::IDBLevelDBCoding::IndexFreeListKey::decode):
2585         (WebCore::IDBLevelDBCoding::ObjectStoreNamesKey::decode):
2586         (WebCore::IDBLevelDBCoding::IndexNamesKey::decode):
2587
2588 2012-08-01  Keishi Hattori  <keishi@webkit.org>
2589
2590         Fix typo in colorSuggestionPicker.js
2591         https://bugs.webkit.org/show_bug.cgi?id=92936
2592
2593         Reviewed by Kent Tamura.
2594
2595         Fixes typo.
2596
2597         Test: platform/chromium/fast/forms/color/color-suggestion-picker-with-scrollbar-appearance.html
2598
2599         * Resources/colorSuggestionPicker.js:
2600         (getScrollbarWidth):
2601
2602 2012-08-01  Shinya Kawanaka  <shinyak@chromium.org>
2603
2604         The elements in Shadow DOM of input should not be modifiable.
2605         https://bugs.webkit.org/show_bug.cgi?id=92200
2606
2607         Reviewed by Kent Tamura.
2608
2609         Since we don't have "-webkit-user-modify: read-only !important;" for the elements in Shadow DOM of
2610         input element, user can change them and it causes a crash.
2611
2612         We should have "-webkit-user-modify: read-only !important;" for those elements.
2613
2614         Test: fast/forms/input-user-modify.html
2615
2616         * css/html.css:
2617         (input::-webkit-textfield-decoration-container):
2618         (input[type="search"]::-webkit-search-cancel-button):
2619         (input[type="search"]::-webkit-search-decoration):
2620         (input[type="search"]::-webkit-search-results-decoration):
2621         (input[type="search"]::-webkit-search-results-button):
2622         (input::-webkit-inner-spin-button):
2623         (input::-webkit-input-speech-button):
2624         (input::-webkit-input-placeholder, isindex::-webkit-input-placeholder):
2625         (input[type="file"]::-webkit-file-upload-button):
2626         (input[type="range"]::-webkit-slider-container, input[type="range"]::-webkit-media-slider-container):
2627         (input[type="range"]::-webkit-slider-runnable-track):
2628         (input[type="range"]::-webkit-slider-thumb, input[type="range"]::-webkit-media-slider-thumb):
2629         (input[type="color"]::-webkit-color-swatch-wrapper):
2630         (input[type="color"]::-webkit-color-swatch):
2631         (input::-webkit-calendar-picker-indicator):
2632
2633 2012-08-01  Peter Wang  <peter.wang@torchmobile.com.cn>
2634
2635         Web Inspector: [JSC] implement setting breakpoints by line:column
2636         https://bugs.webkit.org/show_bug.cgi?id=53003
2637
2638         Reviewed by Geoffrey Garen.
2639
2640         As JSC is enabled to provide column info of statement, ScriptDebugServer can use it to
2641         support "Pretty Print" debug mode.
2642
2643         No new test case for this patch.
2644
2645         * bindings/js/ScriptDebugServer.cpp:
2646         (WebCore::ScriptDebugServer::setBreakpoint):
2647         (WebCore::ScriptDebugServer::removeBreakpoint):
2648         (WebCore):
2649         (WebCore::ScriptDebugServer::updateCurrentStatementPosition):
2650         (WebCore::ScriptDebugServer::hasBreakpoint):
2651         (WebCore::ScriptDebugServer::createCallFrameAndPauseIfNeeded):
2652         (WebCore::ScriptDebugServer::updateCallFrameAndPauseIfNeeded):
2653         (WebCore::ScriptDebugServer::callEvent):
2654         (WebCore::ScriptDebugServer::atStatement):
2655         (WebCore::ScriptDebugServer::returnEvent):
2656         (WebCore::ScriptDebugServer::exception):
2657         (WebCore::ScriptDebugServer::willExecuteProgram):
2658         (WebCore::ScriptDebugServer::didExecuteProgram):
2659         (WebCore::ScriptDebugServer::didReachBreakpoint):
2660         * bindings/js/ScriptDebugServer.h:
2661         (ScriptDebugServer):
2662
2663 2012-08-01  Xingnan Wang  <xingnan.wang@intel.com>
2664
2665         IndexedDB: ObjectStoreMetaDataKey::m_metaDataType should use byte type
2666         https://bugs.webkit.org/show_bug.cgi?id=92725
2667
2668         Reviewed by Kentaro Hara.
2669
2670         No new tests - Low level functions covered by existing layout tests and also covered by Chromium
2671         webkit_unit_tests IDBLevelIDBCodingTest.*.
2672
2673         * Modules/indexeddb/IDBLevelDBCoding.cpp:
2674         (IDBLevelDBCoding):
2675         (WebCore::IDBLevelDBCoding::decodeByte):
2676         (WebCore::IDBLevelDBCoding::DatabaseFreeListKey::decode):
2677         (WebCore::IDBLevelDBCoding::DatabaseNameKey::decode):
2678         (WebCore::IDBLevelDBCoding::ObjectStoreMetaDataKey::decode):
2679         (WebCore::IDBLevelDBCoding::ObjectStoreMetaDataKey::encode):
2680         (WebCore::IDBLevelDBCoding::ObjectStoreMetaDataKey::metaDataType):
2681         (WebCore::IDBLevelDBCoding::IndexMetaDataKey::decode):
2682         (WebCore::IDBLevelDBCoding::ObjectStoreFreeListKey::decode):
2683         (WebCore::IDBLevelDBCoding::IndexFreeListKey::decode):
2684         (WebCore::IDBLevelDBCoding::ObjectStoreNamesKey::decode):
2685         (WebCore::IDBLevelDBCoding::IndexNamesKey::decode):
2686         * Modules/indexeddb/IDBLevelDBCoding.h:
2687         (IDBLevelDBCoding):
2688
2689 2012-08-01  James Robinson  <jamesr@chromium.org>
2690
2691         [chromium] Use new-style tracing macros with explicit category
2692         https://bugs.webkit.org/show_bug.cgi?id=92928
2693
2694         Reviewed by Adam Barth.
2695
2696         The chromium tracing system supports using a string identifier for trace categories that can be used to filter
2697         events. This switches over to setting an explicit category for all traces and removes the old-style
2698         TRACE_EVENT() macro.
2699
2700         * bindings/v8/ScheduledAction.cpp:
2701         (WebCore::ScheduledAction::execute):
2702         * platform/ScrollAnimatorNone.cpp:
2703         (WebCore::ScrollAnimatorNone::scroll):
2704         (WebCore::ScrollAnimatorNone::animationTimerFired):
2705         * platform/chromium/TraceEvent.h:
2706         * platform/graphics/chromium/ProgramBinding.cpp:
2707         (WebCore::ProgramBindingBase::init):
2708         * platform/graphics/skia/ImageSkia.cpp:
2709         (WebCore::drawResampledBitmap):
2710         (WebCore::paintSkBitmap):
2711         (WebCore::Image::drawPattern):
2712         * platform/graphics/skia/NativeImageSkia.cpp:
2713         (WebCore::NativeImageSkia::resizedBitmap):
2714         * platform/graphics/skia/PlatformContextSkia.cpp:
2715         (WebCore::PlatformContextSkia::bitmap):
2716         * platform/image-decoders/bmp/BMPImageDecoder.cpp:
2717         (WebCore::BMPImageDecoder::decode):
2718         * platform/image-decoders/gif/GIFImageDecoder.cpp:
2719         (WebCore::GIFImageDecoder::decode):
2720         * platform/image-decoders/ico/ICOImageDecoder.cpp:
2721         (WebCore::ICOImageDecoder::decode):
2722         * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
2723         (WebCore::JPEGImageDecoder::decode):
2724         * platform/image-decoders/png/PNGImageDecoder.cpp:
2725         (WebCore::PNGImageDecoder::decode):
2726         * platform/image-decoders/webp/WEBPImageDecoder.cpp:
2727         (WebCore::WEBPImageDecoder::decode):
2728
2729 2012-08-01  Mikhail Pozdnyakov  <mikhail.pozdnyakov@intel.com>
2730
2731         [EFL] Crash at WebCore::toRenderSlider
2732         https://bugs.webkit.org/show_bug.cgi?id=92893
2733
2734         Reviewed by Hajime Morita.
2735
2736         Added a type check before casting a render object to RenderSlider as 
2737         an arbitrary element can have for example webkit-appearance: slider-horizontal.
2738
2739         No new tests. Existing test fast/forms/range/slider-appearance-crash.html covers the case.
2740
2741         * platform/efl/RenderThemeEfl.cpp:
2742         (WebCore::RenderThemeEfl::paintThemePart):
2743
2744 2012-08-01  Koji Ishii  <kojiishi@gmail.com>
2745
2746         Cache support for OpenTypeVerticalData
2747         https://bugs.webkit.org/show_bug.cgi?id=81332
2748
2749         Reviewed by Tony Chang.
2750
2751         This patch adds FontCache to cache OpenTypeVerticalData class
2752         instances that was introduced in bug 81326.
2753
2754         We need one instance of the class per OpenType font file, and we don't
2755         have a class to hold such instances today.
2756
2757         ENABLE_OPENTYPE_VERTICAL isn't enabled for any platforms yet, so this
2758         patch isn't on any code path. Apple Windows port (bug 48459) is going
2759         to use this code, and probably Chromium (51450, 69282) as well.
2760
2761         "FIXME" comment in SimpleFontData.h will be implemented in 48459.
2762
2763         No new tests are required. No behavior changes.
2764
2765         * platform/graphics/FontCache.cpp:
2766         (WebCore::FontCache::getCachedFontPlatformData): Ignore leading "@" on Windows to disable Windows feature for vertical flow.
2767         (WebCore):
2768         (WebCore::FontCache::getVerticalData): Get cached OpenTypeVerticalData from FontPlatformData, or crete one.
2769         (WebCore::FontCache::purgeInactiveFontData): Purge inactive OpenTypeVerticalData.
2770         * platform/graphics/FontCache.h:
2771         (WebCore):
2772         * platform/graphics/SimpleFontData.h:
2773         (SimpleFontData):
2774         (WebCore::SimpleFontData::verticalData): A dummy implementation for purgeInactiveFontData() to work.
2775         * platform/graphics/opentype/OpenTypeVerticalData.h: Added m_inFontCache for mark & sweep.
2776         (OpenTypeVerticalData):
2777
2778 2012-08-01  James Robinson  <jamesr@chromium.org>
2779
2780         [chromium] Move compositor HUD font atlas initialization code out of compositor core
2781         https://bugs.webkit.org/show_bug.cgi?id=92924
2782
2783         Reviewed by Adrienne Walker.
2784
2785         This moves the HUD font atlas initialization code out of the compositor implementation to cut out Font-related
2786         dependencies. The new flow is that an embedder can pass a font atlas to the CCLayerTreeHost, after which the
2787         atlas is provided the HUD layer (if any) on the next commit. The HUD layer renders text using the font atlas if
2788         it has any if the settings require text.
2789
2790         HUD tested manually, we don't have automated tests for this debugging-only feature.
2791
2792         * platform/graphics/chromium/CompositorHUDFontAtlas.cpp:
2793         (WebCore):
2794         (WebCore::CompositorHUDFontAtlas::generateFontAtlas):
2795         * platform/graphics/chromium/CompositorHUDFontAtlas.h:
2796         (CompositorHUDFontAtlas):
2797         * platform/graphics/chromium/HeadsUpDisplayLayerChromium.cpp:
2798         (WebCore::HeadsUpDisplayLayerChromium::create):
2799         (WebCore::HeadsUpDisplayLayerChromium::HeadsUpDisplayLayerChromium):
2800         (WebCore::HeadsUpDisplayLayerChromium::setFontAtlas):
2801         (WebCore):
2802         (WebCore::HeadsUpDisplayLayerChromium::createCCLayerImpl):
2803         (WebCore::HeadsUpDisplayLayerChromium::pushPropertiesTo):
2804         * platform/graphics/chromium/HeadsUpDisplayLayerChromium.h:
2805         (HeadsUpDisplayLayerChromium):
2806         * platform/graphics/chromium/cc/CCFontAtlas.cpp:
2807         (WebCore::CCFontAtlas::CCFontAtlas):
2808         * platform/graphics/chromium/cc/CCFontAtlas.h:
2809         (WebCore):
2810         (WebCore::CCFontAtlas::create):
2811         (CCFontAtlas):
2812         * platform/graphics/chromium/cc/CCHeadsUpDisplayLayerImpl.cpp:
2813         (WebCore::CCHeadsUpDisplayLayerImpl::CCHeadsUpDisplayLayerImpl):
2814         (WebCore::CCHeadsUpDisplayLayerImpl::setFontAtlas):
2815         (WebCore):
2816         * platform/graphics/chromium/cc/CCHeadsUpDisplayLayerImpl.h:
2817         (WebCore::CCHeadsUpDisplayLayerImpl::create):
2818         (CCHeadsUpDisplayLayerImpl):
2819         * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
2820         (WebCore::CCLayerTreeHost::setFontAtlas):
2821         (WebCore):
2822         (WebCore::CCLayerTreeHost::willCommit):
2823         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
2824         (WebCore):
2825         (CCLayerTreeHost):
2826
2827 2012-08-01  Antoine Labour  <piman@chromium.org>
2828
2829         [chromium] factor out the optimization pass in CCRenderSurfaceFilters::apply
2830         https://bugs.webkit.org/show_bug.cgi?id=92453
2831
2832         Reviewed by James Robinson.
2833
2834         This separates the "optimization" pass in CCRenderSurfaceFilters::apply
2835         to resolve a succession of color matrix filters into a single operation.
2836         This allows testing of that code.
2837         This introduces a new generic color matrix WebFilterOperation, which can
2838         also be used on its own.
2839
2840         New test: CCRenderSurfaceFiltersTest.
2841
2842         * platform/graphics/chromium/cc/CCRenderSurfaceFilters.cpp:
2843         (WebCore::CCRenderSurfaceFilters::optimize):
2844         (WebCore):
2845         (WebCore::CCRenderSurfaceFilters::apply):
2846         * platform/graphics/chromium/cc/CCRenderSurfaceFilters.h:
2847         (CCRenderSurfaceFilters):
2848
2849 2012-08-01  Jian Li  <jianli@chromium.org>
2850
2851         Add new CSS property "-webkit-widget-region" to expose dashboard region support for other port
2852         https://bugs.webkit.org/show_bug.cgi?id=90298
2853
2854         Reviewed by Adam Barth.
2855
2856         The css property "-webkit-widget-region" is essentially a synonym of
2857         "-webkit-dashboard-region" that allows us to expose dashboard region
2858         support for other port. This patch also adds a new feature define
2859         ENABLE(WIDGET_REGION) such that "-webkit-dashboard-region" is only
2860         provided under ENABLE(DASHBOARD_SUPPORT) as it is now and
2861         "-webkit-widget-region" is only exposed under ENABLE(WIDGET_REGION).
2862
2863         Change almost all the code pieces guarded by ENABLE(DASHBOARD_SUPPORT)
2864         to make them also guarded by ENABLE(WIDGET_REGION), except those
2865         that are specific to Apple/WebKit.
2866
2867         Currently ENABLE(WIDGET_REGION) has been turned on by default for
2868         Mac/WebKit and chromium ports.
2869
2870         Test: fast/css/widget-region-parser.html
2871
2872         * Configurations/FeatureDefines.xcconfig: Add ENABLE_WIDGET_REGION define.
2873         * DerivedSources.make:
2874         * GNUmakefile.am: Add ENABLE_WIDGET_REGION define.
2875         * WebCore.exp.in:
2876         * css/CSSComputedStyleDeclaration.cpp: Handle CSSPropertyWebkitWidgetRegion.
2877         (WebCore):
2878         (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
2879         * css/CSSParser.cpp: Parse "-webkit-widget-region".
2880         (WebCore::CSSParser::parseValue):
2881         (WebCore):
2882         (WebCore::CSSParser::parseDashboardRegions):
2883         * css/CSSProperty.cpp: Handle CSSPropertyWebkitWidgetRegion.
2884         (WebCore::CSSProperty::isInheritedProperty):
2885         * css/CSSPrimitiveValue.cpp:
2886         (WebCore):
2887         (WebCore::CSSPrimitiveValue::customCssText):
2888         (WebCore::CSSPrimitiveValue::cloneForCSSOM):
2889         * css/CSSPropertyNames.in: Add "-webkit-widget-region" property.
2890         * css/DashboardRegion.h:
2891         (DashboardRegion):
2892         * css/StyleResolver.cpp: Handle CSSPropertyWebkitWidgetRegion.
2893         * dom/Document.cpp:
2894         (WebCore::Document::Document):
2895         (WebCore):
2896         * dom/Document.h:
2897         (WebCore):
2898         (Document):
2899         * page/Chrome.cpp:
2900         (WebCore):
2901         * page/ChromeClient.h:
2902         (ChromeClient):
2903         * page/FrameView.cpp:
2904         (WebCore::FrameView::layout):
2905         (WebCore):
2906         (WebCore::FrameView::paintContents):
2907         * page/FrameView.h:
2908         (FrameView):
2909         * rendering/RenderInline.cpp:
2910         (WebCore):
2911         * rendering/RenderInline.h:
2912         (RenderInline):
2913         * rendering/RenderLayer.cpp:
2914         (WebCore::RenderLayer::scrollTo):
2915         (WebCore::RenderLayer::setHasHorizontalScrollbar):
2916         (WebCore::RenderLayer::setHasVerticalScrollbar):
2917         (WebCore::RenderLayer::updateScrollbarsAfterLayout):
2918         * rendering/RenderListBox.cpp:
2919         (WebCore::RenderListBox::setHasVerticalScrollbar):
2920         * rendering/RenderObject.cpp:
2921         (WebCore::RenderObject::styleWillChange):
2922         (WebCore):
2923         * rendering/RenderObject.h:
2924         (RenderObject):
2925         * rendering/style/RenderStyle.cpp:
2926         (WebCore::RenderStyle::diff):
2927         (WebCore):
2928         * rendering/style/RenderStyle.h:
2929         * rendering/style/StyleDashboardRegion.h:
2930         * rendering/style/StyleRareNonInheritedData.cpp:
2931         (WebCore::StyleRareNonInheritedData::operator==):
2932         * rendering/style/StyleRareNonInheritedData.h:
2933         (WebCore):
2934         (StyleRareNonInheritedData):
2935
2936 2012-08-01  Arnaud Renevier  <a.renevier@sisa.samsung.com>
2937
2938         [V8] TypedArray binding performance improvements
2939         https://bugs.webkit.org/show_bug.cgi?id=92557
2940
2941         Reviewed by Kenneth Russell.
2942
2943         Improve TypedArray bindings performance:
2944         - create arrays with createUninitialized when possible. Typed Array
2945         construction is about 10% faster.
2946         - when creating a typed array from a same typed array, memcpy data
2947         from source to target.
2948
2949         In order to detect if argument array is the same type as
2950         implementation array, we pass the javascript wrapper type as a new
2951         type argument to template function constructWebGLArray.
2952
2953         Introduce wrapArrayBufferView which wraps typed array into a v8::Value
2954
2955         No new tests: Performance tests are already handled by
2956         Bindings/typed-array-construct-from-same-type.html and
2957         Bindings/typed-array-construct-from-typed.html
2958
2959         * bindings/v8/custom/V8ArrayBufferViewCustom.h:
2960         (WebCore):
2961         (WebCore::constructWebGLArray):
2962         * bindings/v8/custom/V8Float32ArrayCustom.cpp:
2963         (WebCore::V8Float32Array::constructorCallback):
2964         * bindings/v8/custom/V8Float64ArrayCustom.cpp:
2965         (WebCore::V8Float64Array::constructorCallback):
2966         * bindings/v8/custom/V8Int16ArrayCustom.cpp:
2967         (WebCore::V8Int16Array::constructorCallback):
2968         * bindings/v8/custom/V8Int32ArrayCustom.cpp:
2969         (WebCore::V8Int32Array::constructorCallback):
2970         * bindings/v8/custom/V8Int8ArrayCustom.cpp:
2971         (WebCore::V8Int8Array::constructorCallback):
2972         * bindings/v8/custom/V8Uint16ArrayCustom.cpp:
2973         (WebCore::V8Uint16Array::constructorCallback):
2974         * bindings/v8/custom/V8Uint32ArrayCustom.cpp:
2975         (WebCore::V8Uint32Array::constructorCallback):
2976         * bindings/v8/custom/V8Uint8ArrayCustom.cpp:
2977         (WebCore::V8Uint8Array::constructorCallback):
2978         * bindings/v8/custom/V8Uint8ClampedArrayCustom.cpp:
2979         (WebCore::V8Uint8ClampedArray::constructorCallback):
2980
2981 2012-08-01  Antoine Labour  <piman@chromium.org>
2982
2983         [chromium] Fix lost context handling on hud layer
2984         https://bugs.webkit.org/show_bug.cgi?id=92915
2985
2986         Reviewed by Adrienne Walker.
2987
2988         On lost context we need to release CCScopedTextures, otherwise later on
2989         we will try to re-allocate it using a stale CCResourceProvider.
2990
2991         Test CCLayerTreeHostImplTest.dontUseOldResourcesAfterLostContext
2992         extended.
2993
2994         * platform/graphics/chromium/cc/CCHeadsUpDisplayLayerImpl.cpp:
2995         (WebCore::CCHeadsUpDisplayLayerImpl::didLoseContext):
2996         * platform/graphics/chromium/cc/CCHeadsUpDisplayLayerImpl.h:
2997
2998 2012-08-01  Kwang Yul Seo  <skyul@company100.net>
2999
3000         Read tag names and attributes from the saved tokens in HTMLElementStack
3001         https://bugs.webkit.org/show_bug.cgi?id=92830
3002
3003         Reviewed by Adam Barth.
3004
3005         This is a follow-up patch for r123577.
3006         Replaced top()->hasTagName(x) with topStackItem()->hasTagName(x).
3007         Also replaced item->element()->hasTagName(x) with item->hasTagName(x).
3008
3009         No new tests, covered by existing tests.
3010
3011         * html/parser/HTMLElementStack.cpp:
3012         (WebCore::HTMLElementStack::pop):
3013         (WebCore::HTMLElementStack::popUntil):
3014         (WebCore::HTMLElementStack::pushHTMLHtmlElement):
3015         (WebCore::HTMLElementStack::pushHTMLHeadElement):
3016         (WebCore::HTMLElementStack::pushHTMLBodyElement):
3017         (WebCore::HTMLElementStack::push):
3018         (WebCore::HTMLElementStack::insertAbove):
3019         (WebCore::HTMLElementStack::popCommon):
3020
3021 2012-08-01  Antoine Labour  <piman@chromium.org>
3022
3023         [chromium] remove unused fields from LayerRendererCapabilities
3024         https://bugs.webkit.org/show_bug.cgi?id=92906
3025
3026         Reviewed by James Robinson.
3027
3028         No new tests (just removing dead code).
3029
3030         * platform/graphics/chromium/LayerRendererChromium.cpp:
3031         (WebCore::LayerRendererChromium::initialize):
3032         * platform/graphics/chromium/cc/CCLayerTreeHost.h:
3033         (WebCore::LayerRendererCapabilities::LayerRendererCapabilities):
3034         (LayerRendererCapabilities):
3035
3036 2012-08-01  James Robinson  <jamesr@chromium.org>
3037
3038         [chromium] Move compositor HUD font atlas generation out of compositor core
3039         https://bugs.webkit.org/show_bug.cgi?id=92901
3040
3041         Reviewed by Adrienne Walker.
3042
3043         This moves the font atlas generation out of CCFontAtlas into a separate helper class and ports the CCFontAtlas
3044         text drawing code over to use skia directly.
3045
3046         * WebCore.gypi:
3047         * platform/graphics/chromium/CompositorHUDFontAtlas.cpp: Added.
3048         (WebCore):
3049         (WebCore::wrapPositionIfNeeded):
3050         (WebCore::CompositorHUDFontAtlas::generateFontAtlas):
3051         * platform/graphics/chromium/CompositorHUDFontAtlas.h: Added.
3052         (WebCore):
3053         (CompositorHUDFontAtlas):
3054         * platform/graphics/chromium/cc/CCFontAtlas.cpp:
3055         (WebCore::CCFontAtlas::CCFontAtlas):
3056         (WebCore::CCFontAtlas::~CCFontAtlas):
3057         (WebCore::CCFontAtlas::initialize):
3058         (WebCore::CCFontAtlas::drawText):
3059         (WebCore::CCFontAtlas::drawOneLineOfTextInternal):
3060         (WebCore::CCFontAtlas::drawDebugAtlas):
3061         * platform/graphics/chromium/cc/CCFontAtlas.h:
3062         (WebCore):
3063         (CCFontAtlas):
3064         * platform/graphics/chromium/cc/CCHeadsUpDisplayLayerImpl.cpp:
3065
3066 2012-08-01  Peter Beverloo  <peter@chromium.org>
3067
3068         [Text Autosizing] Provide an API for influencing the font scale factor
3069         https://bugs.webkit.org/show_bug.cgi?id=92882
3070
3071         Reviewed by Adam Barth.
3072
3073         Add the font scale factor to settings, and provide an API in
3074         window.internal.settings to change it from layout tests.
3075
3076         The font scale factor applied to Text Autosizing influences the sizing
3077         of text, and will influence the scaling of boosted blocks once the
3078         implementation progresses. For Android, it will be set to the font size
3079         chosen in the user's system-wide preferences.
3080
3081         Test: fast/text-autosizing/font-scale-factor.html
3082
3083         * page/Settings.cpp:
3084         (WebCore::Settings::Settings):
3085         (WebCore):
3086         (WebCore::Settings::setTextAutosizingFontScaleFactor):
3087         * page/Settings.h:
3088         (Settings):
3089         (WebCore::Settings::textAutosizingFontScaleFactor):
3090         * rendering/TextAutosizer.cpp:
3091         (WebCore::TextAutosizer::processBlock):
3092         * testing/InternalSettings.cpp:
3093         (WebCore::InternalSettings::Backup::Backup):
3094         (WebCore::InternalSettings::Backup::restoreTo):
3095         (WebCore::InternalSettings::setTextAutosizingFontScaleFactor):
3096         (WebCore):
3097         * testing/InternalSettings.h:
3098         (Backup):
3099         (InternalSettings):
3100         * testing/InternalSettings.idl:
3101
3102 2012-08-01  Mike West  <mkwst@chromium.org>
3103
3104         CSP should correctly block plugin resources rendered in PluginDocuments.
3105         https://bugs.webkit.org/show_bug.cgi?id=92675
3106
3107         Reviewed by Adam Barth.
3108
3109         In certain cases, plugins aren't loaded directly, but are stuffed into a
3110         newly-created PluginDocument before rendering. While we were already
3111         correctly populating information that allowed us to make decisions about
3112         that document's security origin, and already dealing with sandbox
3113         status by creating a 'SinkDocument' that ignored plugin data, we weren't
3114         correctly inheriting the parent frame's Content Security Policy. This
3115         patch ensures that PluginDocuments correctly inherit their parent's
3116         Content Security Policy, meaning that the plugin is blocked or allowed
3117         according to the policy of the protected resource in which the
3118         PluginDocument is embedded.
3119
3120         Tests: http/tests/security/contentSecurityPolicy/object-src-url-allowed.html
3121                http/tests/security/contentSecurityPolicy/object-src-url-blocked.html
3122
3123         * dom/Document.cpp:
3124         (WebCore::Document::initContentSecurityPolicy):
3125             Populate a created PluginDocument with its frame's parent's Content
3126             Security Policy.
3127
3128 2012-08-01  Florin Malita  <fmalita@chromium.org>
3129
3130         SVG animation not working for elements inserted after parsing is finished
3131         https://bugs.webkit.org/show_bug.cgi?id=92025
3132
3133         Reviewed by Nikolas Zimmermann.
3134
3135         Time containers for SVG elements inserted after document parsing is finished need to be
3136         initialized on insertion (since they've missed the Document::implicitClose() initialization
3137         point).
3138
3139         Test: svg/animations/deferred-insertion.html
3140
3141         * svg/SVGSVGElement.cpp:
3142         (WebCore::SVGSVGElement::insertedInto):
3143
3144 2012-08-01  Vincent Scheib  <scheib@chromium.org>
3145
3146         Block pointer lock for sandboxed iframes.
3147         https://bugs.webkit.org/show_bug.cgi?id=92796
3148
3149         Reviewed by Adam Barth.
3150
3151         Sandboxed iframe documents should be blocked from using the
3152         pointer lock API until there is specification agreement
3153         on what attribute to use to allow the feature. After
3154         specification this restriction can be relaxed, but not
3155         restricting it now would require breaking applications
3156         later.
3157
3158         Test: http/tests/pointer-lock/iframe-sandboxed.html
3159
3160         * dom/SecurityContext.h:
3161         * page/PointerLockController.cpp:
3162         (WebCore::PointerLockController::requestPointerLock):
3163
3164 2012-08-01  Patrick Gansterer  <paroga@webkit.org>
3165
3166         Replace WTF::getCurrentLocalTime() with GregorianDateTime::setToCurrentLocalTime()
3167         https://bugs.webkit.org/show_bug.cgi?id=92286
3168
3169         Reviewed by Geoffrey Garen.
3170
3171         Add a method to GregorianDateTime to set its values to the current locale time.
3172         Replacing all occurrences of getCurrentLocalTime with the new function allows
3173         us to remove getCurrentLocalTime in a next step.
3174
3175         * html/FTPDirectoryDocument.cpp:
3176         (WebCore::processFileDateString):
3177         * loader/archive/mhtml/MHTMLArchive.cpp:
3178         (WebCore::MHTMLArchive::generateMHTMLData):
3179
3180 2012-08-01  Ojan Vafai  <ojan@chromium.org>
3181
3182         Remove code duplication in determining if display is inline or replaced
3183         https://bugs.webkit.org/show_bug.cgi?id=92880
3184
3185         Reviewed by Julien Chaffraix.
3186
3187         Deduplicate lists of display types by using private helpers.
3188
3189         No new tests. No change in behavior.
3190
3191         * rendering/style/RenderStyle.h:
3192
3193 2012-08-01  Tommy Widenflycht  <tommyw@google.com>
3194
3195         MediaStream API: Add ExtraData capability to MediaStreamSource
3196         https://bugs.webkit.org/show_bug.cgi?id=92860
3197
3198         Reviewed by Adam Barth.
3199
3200         The Chromium port needs to store some related data in MediaStreamSource objects.
3201
3202         Not testable from a LayoutTest.
3203
3204         * platform/chromium/support/WebMediaStreamSource.cpp:
3205         (ExtraDataContainer):
3206         (WebKit::ExtraDataContainer::ExtraDataContainer):
3207         (WebKit::ExtraDataContainer::extraData):
3208         (WebKit):
3209         (WebKit::WebMediaStreamSource::extraData):
3210         (WebKit::WebMediaStreamSource::setExtraData):
3211         * platform/mediastream/MediaStreamSource.h:
3212         (ExtraData):
3213         (WebCore::MediaStreamSource::ExtraData::~ExtraData):
3214         (MediaStreamSource):
3215         (WebCore::MediaStreamSource::extraData):
3216         (WebCore::MediaStreamSource::setExtraData):
3217
3218 2012-08-01  Joshua Bell  <jsbell@chromium.org>
3219
3220         IndexedDB: IDBCursor.continue(key) does not throw for key "behind" cursor
3221         https://bugs.webkit.org/show_bug.cgi?id=92562
3222
3223         Reviewed by Ojan Vafai.
3224
3225         Per spec, IDBCursor.continue(key) should throw for forward cursors
3226         if key <= current key, and for reverse cursors if key >= current key.
3227         Code was present on the back end but the error code was ignored, possibly
3228         broken in a recent refactor, and there were no tests for this case.
3229
3230         Test: storage/indexeddb/cursor-continue-dir.html
3231
3232         * Modules/indexeddb/IDBCursor.cpp:
3233         (WebCore::IDBCursor::advance): Handle async transaction termination.
3234         (WebCore::IDBCursor::continueFunction): Move checks here from backend.
3235         * Modules/indexeddb/IDBCursorBackendImpl.cpp:
3236         (WebCore::IDBCursorBackendImpl::IDBCursorBackendImpl): Don't need direction param.
3237         (WebCore::IDBCursorBackendImpl::continueFunction): Remove checks.
3238         * Modules/indexeddb/IDBCursorBackendImpl.h: Only IDBBackingStore::cursor needs direction now.
3239         (WebCore::IDBCursorBackendImpl::create):
3240         (IDBCursorBackendImpl):
3241         * Modules/indexeddb/IDBIndexBackendImpl.cpp:
3242         (WebCore::IDBIndexBackendImpl::openCursorInternal): Drop unused param.
3243         * Modules/indexeddb/IDBObjectStoreBackendImpl.cpp:
3244         (WebCore::IDBObjectStoreBackendImpl::openCursorInternal): Ditto.
3245
3246 2012-08-01  Rick Byers  <rbyers@chromium.org>
3247
3248         Don't request a clickCount of 1 on mouseMove event generated by tap gestures
3249         https://bugs.webkit.org/show_bug.cgi?id=92779
3250
3251         Reviewed by Adam Barth.
3252
3253         mousemove events don't have a click count, so we shouldn't be passing 1
3254         here.  Note this makes no real difference in practice since the value is
3255         ignored - fixed strictly for pedantics.
3256         
3257         Test: fast/events/touch/gesture/gesture-click
3258
3259         * page/EventHandler.cpp:
3260         (WebCore::EventHandler::handleGestureTap):
3261
3262 2012-08-01  Kihong Kwon  <kihong.kwon@samsung.com>
3263
3264         Dropping webkit prefix from Vibration API
3265         https://bugs.webkit.org/show_bug.cgi?id=92840
3266
3267         Reviewed by Adam Barth.
3268
3269         Remove webkit prefix from navigator.webkitVibrate().
3270         - Vibration API have been entered CR already.
3271         - Firefox already implements Vibration API.
3272
3273         No new tests. Covered by fast/dom/navigator-vibration.html
3274
3275         * Modules/vibration/NavigatorVibration.cpp:
3276         (WebCore::NavigatorVibration::vibrate):
3277         * Modules/vibration/NavigatorVibration.h:
3278         (NavigatorVibration):
3279         * Modules/vibration/NavigatorVibration.idl:
3280
3281 2012-08-01  Kwang Yul Seo  <skyul@company100.net>
3282
3283         Read tag names and attributes from the saved tokens in HTMLFormattingElementList::closestElementInScopeWithName(const AtomicString&)
3284         https://bugs.webkit.org/show_bug.cgi?id=92841
3285
3286         Reviewed by Adam Barth.
3287
3288         This is a follow-up patch for r123577.
3289         Replaced entry.element()->hasLocalName(targetName) with entry.stackItem()->hasLocalName(targetName).
3290
3291         No new tests, covered by existing tests.
3292
3293         * html/parser/HTMLFormattingElementList.cpp:
3294         (WebCore::HTMLFormattingElementList::closestElementInScopeWithName):
3295
3296 2012-08-01  Kwang Yul Seo  <skyul@company100.net>
3297
3298         HTMLTreeBuilder passes a wrong token when pushing the head element
3299         https://bugs.webkit.org/show_bug.cgi?id=92838
3300
3301         Reviewed by Adam Barth.
3302
3303         When the tree builder pushes the head element in the "after head" insertion mode,
3304         it creates a HTMLStackItem from a wrong token.
3305
3306         Added HTMLConstructionSite::headStackItem() to retrieve the stack item for the head
3307         element. Modified the tree builder to pass the correct stack item when pushing the head
3308         element in the "after head" insertion mode.
3309
3310         No new tests, covered by existing tests.
3311
3312         * html/parser/HTMLConstructionSite.cpp:
3313         (WebCore::HTMLConstructionSite::insertHTMLHeadElement):
3314         * html/parser/HTMLConstructionSite.h:
3315         (WebCore::HTMLConstructionSite::head):
3316         (WebCore::HTMLConstructionSite::headStackItem):
3317         (HTMLConstructionSite):
3318         * html/parser/HTMLTreeBuilder.cpp:
3319         (WebCore::HTMLTreeBuilder::processStartTag):
3320
3321 2012-08-01  Andrei Bucur  <abucur@adobe.com>
3322
3323         [CSS Regions] The regionLayoutUpdate event should be dispatched on the NamedFlow object
3324         https://bugs.webkit.org/show_bug.cgi?id=88778
3325
3326         Reviewed by Adam Barth.
3327
3328         Spec: http://www.w3.org/TR/css3-regions/#region-flow-layout-events
3329
3330         This patch implements the regionLayoutUpdate event per May 3rd CSS Regions spec recommendation.
3331         Before this patch the event was dispatched individually on each region whenever its overflow state changed. The trigger conditions are preserved with the following additions:
3332         - the event is dispatched when the last region is removed
3333         - the event is not dispatched when the named flow switches to the NULL state
3334         Also, the NamedFlow objects are not deleted if they switch to the NULL state and have listeners attached. In that scenario the JS wrapper will not release the reference
3335         until the parent Document is destroyed.
3336
3337         Tests: The old tests have been modified to use the event on the NamedFlow object rather the one on the Region. New tests have been added to verify the
3338         correct behavior in the special states of the NamedFlow (no region chain, NULL state).
3339
3340         * dom/Document.cpp:
3341         (WebCore::Document::addListenerTypeIfNeeded): Listeners are not added on Nodes any more so the regionLayoutUpdate type was removed from the list.
3342         * dom/Document.h:
3343         * dom/EventTarget.h:
3344         (WebCore):
3345         * dom/EventTargetFactory.in:
3346         * dom/Node.cpp:
3347         * dom/Node.h:
3348         (Node):
3349         * dom/WebKitNamedFlow.cpp:
3350         (WebCore::WebKitNamedFlow::eventTargetData):
3351         (WebCore):
3352         (WebCore::WebKitNamedFlow::ensureEventTargetData):
3353         (WebCore::WebKitNamedFlow::dispatchRegionLayoutUpdateEvent): The 3rd May WD says the event is bubbling. However this doesn't make sense as this object doesn't belong to the DOM tree. This was fixed in the ED.
3354         (WebCore::WebKitNamedFlow::interfaceName):
3355         (WebCore::WebKitNamedFlow::scriptExecutionContext):
3356         (WebCore::WebKitNamedFlow::base): Getter for the owner Document used by the wrapper to determine if the object is reachable.
3357         * dom/WebKitNamedFlow.h:
3358         (WebCore):
3359         (WebKitNamedFlow):
3360         (WebCore::WebKitNamedFlow::refEventTarget):
3361         (WebCore::WebKitNamedFlow::derefEventTarget):
3362         * dom/WebKitNamedFlow.idl:
3363         * rendering/RenderFlowThread.cpp:
3364         (WebCore::RenderFlowThread::RenderFlowThread):
3365         (WebCore::RenderFlowThread::layout): The event dispatching is now handled by the implementation of RenderFlowThread.
3366         (WebCore::RenderFlowThread::computeOverflowStateForRegions):
3367         * rendering/RenderFlowThread.h:
3368         * rendering/RenderNamedFlowThread.cpp:
3369         (WebCore::RenderNamedFlowThread::RenderNamedFlowThread):
3370         (WebCore::RenderNamedFlowThread::removeRegionFromThread): The layout doesn't detect changes caused by removing the last region. This case is handled separately.
3371         (WebCore::RenderNamedFlowThread::dispatchRegionLayoutUpdateEvent):
3372         (WebCore):
3373         (WebCore::RenderNamedFlowThread::regionLayoutUpdateEventTimerFired):
3374         * rendering/RenderNamedFlowThread.h:
3375         (RenderNamedFlowThread):
3376         * rendering/RenderRegion.cpp:
3377         (WebCore::RenderRegion::RenderRegion):
3378         * rendering/RenderRegion.h:
3379         (RenderRegion):
3380
3381 2012-07-31  Robert Hogan  <robert@webkit.org>
3382
3383         CSS 2.1 failure: margin-collapse-012 fails
3384         https://bugs.webkit.org/show_bug.cgi?id=80219
3385
3386         Reviewed by Eric Seidel.
3387
3388         Tests: css2.1/20110323/margin-collapse-012.htm
3389                fast/css/margin-collapse-abspos-negmargin.htm
3390
3391         I also ran this against the full margin-collapse-* CSS 2.1 suite without regressions.
3392
3393         Per http://www.w3.org/TR/CSS21/box.html#collapsing-margins don't collapse the margins of 
3394         positioned blocks. Instead, just use the margin of the sibling/container to offset the 
3395         positioned block's logical top - its own margin gets added in later at 
3396         RenderBox::computePositionedLogicalHeightUsing().
3397
3398         * rendering/RenderBlock.cpp:
3399         (WebCore::RenderBlock::adjustPositionedBlock):
3400
3401 2012-08-01  Sheriff Bot  <webkit.review.bot@gmail.com>
3402
3403         Unreviewed, rolling out r124334.
3404         http://trac.webkit.org/changeset/124334
3405         https://bugs.webkit.org/show_bug.cgi?id=92879
3406
3407         Broke MemoryInstrumentationTest.sizeOf from webkit_unit_tests
3408         on Chromium canaries (Requested by apavlov1 on #webkit).
3409
3410         * bindings/v8/ScriptProfiler.cpp:
3411         (WebCore::ScriptProfiler::collectBindingMemoryInfo):
3412         * dom/MemoryInstrumentation.h:
3413         (WebCore::MemoryInstrumentation::addInstrumentedObject):
3414         (MemoryInstrumentation):
3415         (WebCore::MemoryInstrumentation::addInstrumentedObjectImpl):
3416         * inspector/InspectorMemoryAgent.cpp:
3417         (WebCore):
3418         * inspector/MemoryInstrumentationImpl.h:
3419         (MemoryInstrumentationImpl):
3420         (WebCore::MemoryInstrumentationImpl::totalTypeSize):
3421
3422 2012-08-01  Han Shen  <shenhan@google.com>
3423
3424         Fix gcc 4.7 compile warnings.
3425         https://bugs.webkit.org/show_bug.cgi?id=92797
3426
3427         Reviewed by Kentaro Hara.
3428
3429         GCC 4.7 gives (more strict) warnings on uninitialized variables,
3430         fixed by providing initilization values.
3431
3432         Tested by gcc 4.7 building. No change in behavior.
3433
3434         * platform/graphics/filters/arm/NEONHelpers.h:
3435         (WebCore::loadRGBA8AsFloat): Add initilizaton value for local variable.
3436
3437 2012-08-01  Ryosuke Niwa  <rniwa@webkit.org>
3438
3439         REGRESSION(r122498): Assertion failure: m_nodeListCounts is sometimes not zero in the Document destructor
3440         https://bugs.webkit.org/show_bug.cgi?id=92742
3441
3442         Reviewed by Andreas Kling.
3443
3444         The bug was caused by adoptTreeScope's not always calling unregisterNodeListCache and registerNodeListCache
3445         on node lists that use m_atomicNameCaches and m_nameCaches.
3446
3447         Tests: fast/dom/NodeList/nodelist-moved-to-fragment-2.html
3448                fast/dom/NodeList/nodelist-moved-to-fragment.html
3449
3450         * dom/NodeRareData.h:
3451         (WebCore::NodeListsNodeData::adoptTreeScope):
3452
3453 2012-08-01  Vsevolod Vlasov  <vsevik@chromium.org>
3454
3455         Web Inspector: Crashes in NetworkResourcesData.
3456         https://bugs.webkit.org/show_bug.cgi?id=92874
3457
3458         Reviewed by Yury Semikhatsky.
3459
3460         * inspector/NetworkResourcesData.cpp:
3461         (WebCore::contentSizeInBytes):
3462         (WebCore):
3463         (WebCore::NetworkResourcesData::ResourceData::removeContent):
3464         (WebCore::NetworkResourcesData::ResourceData::decodeDataToContent):
3465         (WebCore::NetworkResourcesData::setResourceContent):
3466         (WebCore::NetworkResourcesData::maybeDecodeDataToContent):
3467
3468 2012-08-01  Ilya Tikhonovsky  <loislo@chromium.org>