On Linux link QtWebKit with -no-undefined to catch build breakages due to missing

[WebKit-https.git] / WebCore / ChangeLog

2010-01-20  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Tor Arne Vestbø.

        On Linux link QtWebKit with -no-undefined to catch build breakages due to missing
        files in the .pro file, resulting in unresolved symbols.

        * WebCore.pro:

2010-01-20  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Tor Arne Vestbø.

        [Qt] Make it possible to link with -no-undefined.

        * WebCore.pro: Add missing explicit dependency to libXrender due to the
        use of XRenderFindVisualFormat in the X11 plugin code.

2010-01-20  Simon Hausmann  <simon.hausmann@nokia.com>

        Reviewed by Tor Arne Vestbø.

        Add missing files to the build.

        * WebCore.pro:

2010-01-20  Shinichiro Hamaji  <hamaji@chromium.org>

        Reviewed by Darin Fisher.

        [Chromium] computePageRectsForFrame seems to be unnecessary
        https://bugs.webkit.org/show_bug.cgi?id=33881

        * WebCore.gypi: Removed FrameChromium.h
        * page/chromium/FrameChromium.cpp: Removed computePageRectsForFrame.
        * page/chromium/FrameChromium.h: Removed.

2010-01-20  Roland Steiner  <rolandsteiner@chromium.org>

        Reviewed by Dan Bernstein.

        Bug 33266 - WebCore::InlineFlowBox::determineSpacingForFlowBoxes ReadAV@NULL (43c64e8abbda6766e5f5edbd254c2d57)
        (https://bugs.webkit.org/show_bug.cgi?id=33266)
        
        Ruby did not handle malformed cases correctly when the ruby base was in
        block flow. Changed the code to handle all possible cases.
        Also, added some simplification methods to RenderBlock.

        Tests: fast/ruby/ruby-illegal-1.html
               fast/ruby/ruby-illegal-2.html
               fast/ruby/ruby-illegal-3.html
               fast/ruby/ruby-illegal-4.html
               fast/ruby/ruby-illegal-5.html
               fast/ruby/ruby-illegal-6.html
               fast/ruby/ruby-illegal-7.html
               fast/ruby/ruby-illegal-combined.html
               fast/ruby/rubyDOM-insert-rt-block-1.html
               fast/ruby/rubyDOM-insert-rt-block-2.html
               fast/ruby/rubyDOM-insert-rt-block-3.html
               fast/ruby/rubyDOM-remove-rt-block-1.html
               fast/ruby/rubyDOM-remove-rt-block-2.html
               fast/ruby/rubyDOM-remove-rt-block-3.html

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::moveAllChildrenTo): useful for anonymous block manipulation
        (WebCore::RenderBlock::removeChild): making use of moveAllChildrenTo
        * rendering/RenderBlock.h:
        * rendering/RenderRubyBase.cpp:
        (WebCore::RenderRubyBase::hasOnlyWrappedInlineChildren):
        (WebCore::RenderRubyBase::moveChildren):
        (WebCore::RenderRubyBase::moveInlineChildren):
        (WebCore::RenderRubyBase::moveBlockChildren):
        (WebCore::RenderRubyBase::mergeBlockChildren):
        * rendering/RenderRubyBase.h:
        * rendering/RenderRubyRun.cpp:
        (WebCore::RenderRubyRun::addChild):
        (WebCore::RenderRubyRun::removeChild):

2010-01-19  Dan Bernstein  <mitz@apple.com>

        Build fix after r53514

        * WebCore.base.exp: Removed threadGlobalData(), which was inlined in r53514.

2010-01-19  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        Avoid calling NSEqualRects() on the garbage rect obtained
        by calling -frame on a null view.

        * platform/mac/WidgetMac.mm:
        (WebCore::Widget::setFrameRect):

2010-01-19  Maciej Stachowiak  <mjs@apple.com>

        Unreviewed build fix.

        Remove currentWorld from the exports file again, since it is now inline.

        * WebCore.base.exp:

2010-01-19  Brian Weinstein  <bweinstein@apple.com>

        Reviewed by Tim Hatcher.

        Part of <http://webkit.org/b/28622>.
        Caught exceptions still pause the debugger.
        
        Update JavaScriptDebugServer::exception to take a hasHandler parameter,
        so later we can differentiate between a caught and an uncaught exception.
        
        This just adds a new parameter, no behavior is changed.

        No change in functionality, so no tests.

        * inspector/JavaScriptDebugServer.cpp:
        (WebCore::JavaScriptDebugServer::exception):
        * inspector/JavaScriptDebugServer.h:

2010-01-18  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Adam Barth.

        Inline functions that are hot in DOM manipulation
        https://bugs.webkit.org/show_bug.cgi?id=33820

        (3% speedup on Dromaeo DOM Core tests)

        * bindings/js/JSDOMBinding.h:
        (WebCore::currentWorld): Inlined.
        (WebCore::jsString): Inlined String& overload and split off slow case.
        * bindings/js/JSDOMBinding.cpp:
        (WebCore::jsStringSlowCase): Slow case for the above.
        * dom/Document.h:
        (WebCore::Document::isHTMLDocument): Use a bit and an inline method
        instead of a virtual method, since this is so hot and size of Document
        is not a prime concern.
        (WebCore::Document::create): Adapt for above.
        (WebCore::Document::createXHTML): ditto
        * dom/Document.cpp:
        (WebCore::Document::Document): ditto
        * html/HTMLDocument.cpp:
        (WebCore::HTMLDocument::HTMLDocument): ditto
        * html/HTMLDocument.h: ditto
        * loader/PlaceholderDocument.h:
        (WebCore::PlaceholderDocument::PlaceholderDocument): ditto
        * svg/SVGDocument.cpp:
        (WebCore::SVGDocument::SVGDocument): ditto
        * dom/Element.h:
        (WebCore::Element::attributes): Inlined.
        (WebCore::Element::updateId): Inlined.
        * dom/Element.cpp: (Remove inlined methods.)
        * dom/NamedAttrMap.h:
        (WebCore::NamedNodeMap::getAttributeItem): Inlined and split off slow case.
        * dom/NamedAttrMap.cpp:
        (WebCore::NamedNodeMap::getAttributeItemSlowCase): Slow case for the above.
        * inspector/InspectorController.cpp:
        * inspector/InspectorController.h:
        (WebCore::InspectorController::didInsertDOMNode): Inlined so the fast case
        early exit doesn't incur a function call.
        (WebCore::InspectorController::didRemoveDOMNode): ditto
        (WebCore::InspectorController::didModifyDOMAttr): ditto
        * platform/ThreadGlobalData.h:
        (WebCore::threadGlobalData): Inlined.
        * platform/ThreadGlobalData.cpp: (Removed inline methods).
        * platform/Timer.h:
        (WebCore::TimerBase::isActive): Inlined.
        * platform/Timer.cpp: (Removed inline methods).
        * WebCore.xcodeproj/project.pbxproj: Install new heares.
        * WebCore.base.exp: Add appropriate exports.

2010-01-19  Jon Honeycutt  <jhoneycutt@apple.com>

        Chromium build fix.

        * accessibility/chromium/AccessibilityObjectChromium.cpp:
        (WebCore::AccessibilityObject::accessibilityPlatformIncludesObject):
        Call correct function.

2010-01-17  Jon Honeycutt  <jhoneycutt@apple.com>

        MSAA: The child <option> elements of a non-multiple <select> are not
        exposed

        https://bugs.webkit.org/show_bug.cgi?id=33773
        <rdar://problem/7550556>

        Reviewed by Alice Liu.

        This exposes the child <option> elements in a format similar to
        Firefox's: the <select> element has one child, a hidden list object,
        and this list has as its children the <option> elements.

        * GNUmakefile.am:
        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        Add new files to project.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::getOrCreate):
        If the element is a RenderMenuList, create an AccessibilityMenuList.
        (WebCore::AXObjectCache::getOrCreate):
        Add new types to create by role value.

        * accessibility/AccessibilityMenuList.cpp: Added.
        (WebCore::AccessibilityMenuList::AccessibilityMenuList):
        Call the base class constructor. Assert that the RenderObject passed
        is a RenderMenuList.
        (WebCore::AccessibilityMenuList::press):
        Show or hide the popup menu.
        (WebCore::AccessibilityMenuList::addChildren):
        Create an AccessibilityMenuListPopup. If the platform ignores its
        accessibility, remove it from the object cache and return early.
        Otherwise, set its parent object to this object, add it to our list of
        children, and tell it to add its children.
        (WebCore::AccessibilityMenuList::childrenChanged):
        Tell our child hidden list that its children changed.
        (WebCore::AccessibilityMenuList::isCollapsed):
        Return whether the popup menu is visible.

        * accessibility/AccessibilityMenuList.h: Added.
        (WebCore::AccessibilityMenuList::create):
        Adopt and return a new RenderMenuList.
        (WebCore::AccessibilityMenuList::isMenuList):
        (WebCore::AccessibilityMenuList::roleValue):
        (WebCore::AccessibilityMenuList::accessibilityIsIgnored):
        (WebCore::AccessibilityMenuList::canSetFocusAttribute):

        * accessibility/AccessibilityMenuListOption.cpp: Added.
        (WebCore::AccessibilityMenuListOption::AccessibilityMenuListOption):
        Initialize the pointer to our parent popup menu.
        (WebCore::AccessibilityMenuListOption::setElement):
        Assert that the element is an <option> element.
        (WebCore::AccessibilityMenuListOption::actionElement):
        Return our element.
        (WebCore::AccessibilityMenuListOption::parentObject):
        Return our parent popup menu.
        (WebCore::AccessibilityMenuListOption::isEnabled):
        Return true if the element itself is enabled.
        (WebCore::AccessibilityMenuListOption::isVisible):
        Return true if the popup is visible, or return true if the popup is
        collapsed but the element is selected.
        (WebCore::AccessibilityMenuListOption::isOffScreen):
        Return true if the object is invisible.
        (WebCore::AccessibilityMenuListOption::isSelected):
        (WebCore::AccessibilityMenuListOption::setSelected):
        (WebCore::AccessibilityMenuListOption::nameForMSAA):
        Return the <option> element's text.
        (WebCore::AccessibilityMenuListOption::canSetSelectedAttribute):
        Return true if enabled.
        (WebCore::AccessibilityMenuListOption::elementRect):
        Return the AccessibilityMenuList's rect.

        * accessibility/AccessibilityMenuListOption.h: Added.
        (WebCore::AccessibilityMenuListOption::create):
        Adopt and return a new AccessibilityMenuListOption.
        (WebCore::AccessibilityMenuListOption::setParent):
        (WebCore::AccessibilityMenuListOption::isMenuListOption):
        (WebCore::AccessibilityMenuListOption::roleValue):
        (WebCore::AccessibilityMenuListOption::canHaveChildren):
        (WebCore::AccessibilityMenuListOption::size):

        * accessibility/AccessibilityMenuListPopup.cpp: Added.
        (WebCore::AccessibilityMenuListPopup::AccessibilityMenuListPopup):
        Initialize the pointer to our parent list.
        (WebCore::AccessibilityMenuListPopup::isVisible):
        Return false; we're never considered visible.
        (WebCore::AccessibilityMenuListPopup::isOffScreen):
        Return true if the popup is collapsed.
        (WebCore::AccessibilityMenuListPopup::parentObject):
        Return our parent AccessibilityMenuList.
        (WebCore::AccessibilityMenuListPopup::isEnabled):
        Return true if our parent is enabled.
        (WebCore::AccessibilityMenuListPopup::menuListOptionAccessibilityObject):
        If the element is an <option> element, create a list item for it, and
        set the object's element to this element.
        (WebCore::AccessibilityMenuListPopup::press):
        Call our parent's press() function to show or hide the popup menu.
        (WebCore::AccessibilityMenuListPopup::addChildren):
        Walk the select element's children, and create list items for them. Add
        them to our list of children.
        (WebCore::AccessibilityMenuListPopup::childrenChanged):
        If any of our children have been detached from the document, remove
        them from the AXObjectCache and from our child list.
        (WebCore::AccessibilityMenuListPopup::setMenuList):

        * accessibility/AccessibilityMenuListPopup.h: Added.
        (WebCore::AccessibilityMenuListPopup::create):
        Adopt and return an AccessibilityMenuListPopup.
        (WebCore::AccessibilityMenuListPopup::isMenuListPopup):
        (WebCore::AccessibilityMenuListPopup::elementRect):
        (WebCore::AccessibilityMenuListPopup::size):
        (WebCore::AccessibilityMenuListPopup::roleValue):

        * accessibility/AccessibilityObject.cpp:
        (WebCore::AccessibilityObject::actionVerb):
        Add the menuListAction and menuListPopupAction verbs.

        * accessibility/AccessibilityObject.h:
        (WebCore::):
        Add new roles.
        (WebCore::AccessibilityObject::isMenuList):
        Stubbed.
        (WebCore::AccessibilityObject::isMenuListHiddenList):
        Stubbed.
        (WebCore::AccessibilityObject::isMenuListOption):
        Stubbed.
        (WebCore::AccessibilityObject::isVisible):
        Stubbed.

        * accessibility/chromium/AccessibilityObjectChromium.cpp:
        (WebCore::AccessibilityObject::accessibilityPlatformIncludesObject):
        Ignore the new object type.

        * accessibility/gtk/AccessibilityObjectAtk.cpp:
        (WebCore::AccessibilityObject::accessibilityPlatformIncludesObject):
        Ditto.

        * accessibility/mac/AccessibilityObjectMac.mm:
        (WebCore::AccessibilityObject::accessibilityPlatformIncludesObject):
        Ditto.

        * accessibility/qt/AccessibilityObjectQt.cpp:
        (WebCore::AccessibilityObject::accessibilityPlatformIncludesObject):
        Ditto.

        * accessibility/win/AccessibilityObjectWin.cpp:
        (WebCore::AccessibilityObject::accessibilityPlatformIncludesObject):
        Allow the new object types.

        * accessibility/wx/AccessibilityObjectWx.cpp:
        (WebCore::AccessibilityObject::accessibilityPlatformIncludesObject):
        Ignore the new object type.

        * accessibility/win/AccessibilityObjectWin.cpp:
        (WebCore::AccessibilityObject::accessibilityPlatformIncludesObject):
        If the object is an AccessibilityMenuListHiddenList or
        AccessibilityMenuListOption, include it.

        * html/HTMLOptionElement.cpp:
        (WebCore::HTMLOptionElement::disabled):
        Call ownElementDisabled().

        * html/HTMLOptionElement.h:
        (WebCore::HTMLOptionElement::ownElementDisabled):
        Return the base class implementation of disabled, which returns
        whether this <option> itself is disabled.

        * platform/LocalizedStrings.h:
        Declare new localized string functions.

        * platform/gtk/LocalizedStringsGtk.cpp:
        (WebCore::AXMenuListPopupActionVerb):
        Stubbed.
        (WebCore::AXMenuListActionVerb):
        Stubbed.

        * platform/haiku/LocalizedStringsHaiku.cpp:
        (WebCore::AXMenuListPopupActionVerb):
        Stubbed.
        (WebCore::AXMenuListActionVerb):
        Stubbed.

        * platform/mac/LocalizedStringsMac.mm:
        (WebCore::AXMenuListPopupActionVerb):
        Call the view factory's method.
        (WebCore::AXMenuListActionVerb):
        Ditto.

        * platform/qt/Localizations.cpp:
        (WebCore::AXMenuListPopupActionVerb):
        Stubbed.
        (WebCore::AXMenuListActionVerb):
        Stubbed.

        * platform/wx/LocalizedStringsWx.cpp:
        (WebCore::AXMenuListPopupActionVerb):
        Stubbed.
        (WebCore::AXMenuListActionVerb):
        Stubbed.

2010-01-19  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        Support reflections on WebGL
        https://bugs.webkit.org/show_bug.cgi?id=33754

        Support reflections of WebGL content, by ensuring that when the Canvas3DLayer containing the
        WebGL content gets displayed, we correctly copy its content to the clone layers.
        
        Test: compositing/webgl/webgl-reflection.html

        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::didDisplay): Give the didDisplay() client method a parameter
        which is the layer that displayed.
        * platform/graphics/mac/Canvas3DLayer.mm:
        (-[Canvas3DLayer display]): Override -[CALayer display], and call the client didDisplay().
        * platform/graphics/mac/GraphicsLayerCA.h: didDisplay() takes a PlatformLayer parameter.

        * platform/graphics/mac/GraphicsLayerCA.mm:
        (WebCore::GraphicsLayerCA::~GraphicsLayerCA): We need to clear the layer owner on the content
        layer, since we're setting it for WebGL layers now.
        
        (WebCore::GraphicsLayerCA::didDisplay): Handle didDisplay() calls for the content layer,
        as well as the main layer now, getting the correct layer to copy contents from, and using
        the correct clone map.
        
        (WebCore::GraphicsLayerCA::setContentsToGraphicsContext3D): Set the layer owner for WebGL
        layers, because we need the didDisplay() callback.

        * platform/graphics/mac/WebLayer.mm:
        (-[WebLayer display]): didDisplay() takes a layer argument.
        * platform/graphics/mac/WebTiledLayer.mm:
        (-[WebTiledLayer display]): ditto.

2010-01-19  Mark Rowe  <mrowe@apple.com>

        Reviewed by Oliver Hunt.

        <rdar://problem/7555330> <http://webkit.org/b/33770> dataFunctionMatrix leaks the array allocated by toArray

        Rework toArray to extract elements in to a vector rather than handing out raw pointers.  This prevents
        callers from forgetting to free the memory, and gives them the option of using stack buffers for
        sufficiently small allocations.

        * bindings/js/JSWebGLRenderingContextCustom.cpp:
        (WebCore::JSWebGLRenderingContext::texSubImage2D):
        (WebCore::toVector):
        (WebCore::dataFunctionf):
        (WebCore::dataFunctioni):
        (WebCore::dataFunctionMatrix):

2010-01-19  Carol Szabo  <carol.szabo@nokia.com>

        Reviewed by Darin Adler.

        Another crazy counters bug
        https://bugs.webkit.org/show_bug.cgi?id=11031

        This patch actually provides for counter updating when the style
        of a renderer changes.

        Tests: fast/css/counters/counter-increment-002.html
               fast/css/counters/counter-reset-000.html
               fast/css/counters/counter-reset-002.html

        * rendering/RenderCounter.cpp:
        (WebCore::RenderCounter::rendererStyleChanged):
        This function is added to update the counter hierarchy in 
        response to changes to the style of a renderer.
        * rendering/RenderCounter.h:
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::styleDidChange):
        For changes that may include the counter directives added a
        call to RenderCounter::rendererStyleChanged.

2010-01-19  Gustavo Noronha Silva  <gns@gnome.org>

        Unreviewed. Build fixes for make distcheck - missing files.

        * GNUmakefile.am:

2010-01-19  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=33850
        Attr.childNodes does not get updated after DOM mutations

        Test: fast/dom/Attr/child-nodes-cache.html

        * dom/Node.cpp: (WebCore::Node::notifyLocalNodeListsAttributeChanged): If the node is an
        attribute, then changing it shouldn't take the shortcut that only resets a subset of caches.

2010-01-19  John Sullivan  <sullivan@apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=33854
        Would like a variant of WebHTMLRepresentation's searchForLabelsBeforeElement that returns 
        more info about where the result was found

        Reviewed by Darin Adler.

        No new tests. This just adds a couple of out parameters for the benefit of WebKit clients.

        * WebCore.base.exp:
        Updated mangled signature for export.

        * page/Frame.cpp:
        (WebCore::Frame::searchForLabelsAboveCell):
        Now fills in an out parameter with the number of characters from the start of the cell.
        (WebCore::Frame::searchForLabelsBeforeElement):
        Now fills in an out parameter with the distance as a number of characters, and another
        with a bool for whether the result was in a table cell above the current cell (otherwise
        it was found in the text before this element and after the previous element or start of form).

        * page/Frame.h:
        Updated signatures.

        * page/mac/FrameMac.mm:
        (WebCore::Frame::searchForNSLabelsAboveCell):
        Same as above. This is a parallel copy of the function using Mac-specific data structures.
        (WebCore::Frame::searchForLabelsBeforeElement):
        Ditto

2010-01-19  Jakob Petsovits  <jpetsovits@rim.com>

        Reviewed by Nikolas Zimmermann.

        [OpenVG] Add (EGL) surface/context management
        https://bugs.webkit.org/show_bug.cgi?id=33403

        The foundations for a new OpenVG port.

        OpenVG is not tied to EGL per se, EGL just happens to be
        the only usable backend for OpenVG state and painting
        at the time of writing.

        The purpose of the SurfaceOpenVG class is to provide
        an EGL-independent interface for OpenVG-specific code.
        The EGLDisplayOpenVG class takes care of keeping track
        of EGL displays, surfaces and contexts. It also makes
        sure that all created contexts are interoperable, and
        that different surfaces use a single context if possible.

        * platform/graphics/openvg/EGLDisplayOpenVG.cpp: Added.
        (WebCore::displayManagers):
        (WebCore::EGLDisplayOpenVG::currentSurface):
        (WebCore::EGLDisplayOpenVG::registerPlatformSurface):
        (WebCore::EGLDisplayOpenVG::unregisterPlatformSurface):
        (WebCore::EGLDisplayOpenVG::setCurrentDisplay):
        (WebCore::EGLDisplayOpenVG::current):
        (WebCore::EGLDisplayOpenVG::forDisplay):
        (WebCore::EGLDisplayOpenVG::EGLDisplayOpenVG):
        (WebCore::EGLDisplayOpenVG::~EGLDisplayOpenVG):
        (WebCore::EGLDisplayOpenVG::setDefaultPbufferConfig):
        (WebCore::EGLDisplayOpenVG::defaultPbufferConfig):
        (WebCore::EGLDisplayOpenVG::setDefaultWindowConfig):
        (WebCore::EGLDisplayOpenVG::defaultWindowConfig):
        (WebCore::EGLDisplayOpenVG::sharedPlatformSurface):
        (WebCore::EGLDisplayOpenVG::createPbufferSurface):
        (WebCore::EGLDisplayOpenVG::surfaceForWindow):
        (WebCore::EGLDisplayOpenVG::surfacesCompatible):
        (WebCore::EGLDisplayOpenVG::destroySurface):
        (WebCore::EGLDisplayOpenVG::contextForSurface):
        * platform/graphics/openvg/EGLDisplayOpenVG.h: Added.
        (WebCore::EGLDisplayOpenVG::display):
        * platform/graphics/openvg/EGLUtils.h: Added.
        (toEGLErrorConstant):
        * platform/graphics/openvg/SurfaceOpenVG.cpp: Added.
        (WebCore::SurfaceOpenVG::currentSurface):
        (WebCore::SurfaceOpenVG::SurfaceOpenVG):
        (WebCore::SurfaceOpenVG::~SurfaceOpenVG):
        (WebCore::SurfaceOpenVG::isValid):
        (WebCore::SurfaceOpenVG::width):
        (WebCore::SurfaceOpenVG::height):
        (WebCore::SurfaceOpenVG::sharedSurface):
        (WebCore::SurfaceOpenVG::makeCurrent):
        (WebCore::SurfaceOpenVG::makeCompatibleCurrent):
        (WebCore::SurfaceOpenVG::flush):
        * platform/graphics/openvg/SurfaceOpenVG.h: Added.
        (WebCore::SurfaceOpenVG::eglDisplay):
        (WebCore::SurfaceOpenVG::eglSurface):
        (WebCore::SurfaceOpenVG::eglContext):
        * platform/graphics/openvg/VGUtils.h: Added.
        (toVGErrorConstant):

2010-01-19  Steve Block  <steveblock@google.com>

        Reviewed by David Levin.

        Renames jni_utility and jni_utility_private to JNIUtility and JNIUtilityPrivate
        https://bugs.webkit.org/show_bug.cgi?id=33843

        No new tests, refactoring only.

        * Android.jscbindings.mk:
        * Android.v8bindings.mk:
        * GNUmakefile.am:
        * WebCore.xcodeproj/project.pbxproj:
        * bridge/jni/JNIUtility.cpp: Copied from WebCore/bridge/jni/jni_utility.cpp.
        * bridge/jni/JNIUtility.h: Copied from WebCore/bridge/jni/jni_utility.h.
        * bridge/jni/jni_jsobject.mm:
        * bridge/jni/jni_objc.mm:
        * bridge/jni/jni_runtime.cpp:
        * bridge/jni/jni_runtime.h:
        * bridge/jni/jni_utility.cpp: Removed.
        * bridge/jni/jni_utility.h: Removed.
        * bridge/jni/jsc/JNIUtilityPrivate.cpp: Copied from WebCore/bridge/jni/jsc/jni_utility_private.cpp.
        (JSC::Bindings::convertValueToJValue):
        * bridge/jni/jsc/JNIUtilityPrivate.h: Copied from WebCore/bridge/jni/jsc/jni_utility_private.h.
        * bridge/jni/jsc/JavaClassJSC.cpp:
        * bridge/jni/jsc/JavaInstanceJSC.cpp:
        * bridge/jni/jsc/JavaStringJSC.h:
        * bridge/jni/jsc/jni_utility_private.cpp: Removed.
        * bridge/jni/jsc/jni_utility_private.h: Removed.
        * platform/android/GeolocationServiceBridge.cpp:
        * platform/android/GeolocationServiceBridge.h:
        * platform/android/TemporaryLinkStubs.cpp:

2010-01-19  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        Occasional crash when interacting with page with reflected WebGL
        https://bugs.webkit.org/show_bug.cgi?id=33863
        
        If updateCompositingLayers() was called with an updateRoot that was a reflection layer,
        then we would determine that the layer does not require compositing, and tear down its
        backing (without clearing replicaLayer() on the source layer's GraphicsLayer).
        
        Fix by changing requiresCompositingLayer() on a reflection layer to always give the
        same answer for a reflection and its original.
        
        Also add various belt-and-brances code and null checks to ensure that if we ever end up
        with a non-composited reflection layer, we won't crash.
        
        No new tests, because the crash depends on timing issues that are hard to reproduce in a test.

        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::replicaLayer): Make this public so we can use it in an assertion.
        
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateBacking): Clear the source layer's replica layer
        pointer if tearing down backing store of a reflection.
        
        (WebCore::RenderLayerCompositor::rebuildCompositingLayerTree): Null-check reflection->backing().
        (WebCore::RenderLayerCompositor::updateLayerTreeGeometry): Null-check reflection->backing().
        (WebCore::RenderLayerCompositor::updateCompositingDescendantGeometry): reflection->backing().
        (WebCore::RenderLayerCompositor::requiresCompositingLayer): If being called for a reflection layer,
        use the source layer to answer the question.        

2010-01-19  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein.

        Some composited reflections incorrectly positioned
        https://bugs.webkit.org/show_bug.cgi?id=33856
        
        When setting the position of the replicated layer inside the reflection, we need to take
        into account the bounds of the original layer, and the replica layer to get the
        reflection in the right place.

        Tests: compositing/reflections/nested-reflection-transformed2.html
               compositing/reflections/reflection-positioning2.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateGraphicsLayerGeometry):

2010-01-19  Enrica Casucci  <enrica@apple.com>

        Reviewed by Simon Fraser.

        REGRESSION: Infinite recursion in Position::getInlineBoxAndOffset()
        https://bugs.webkit.org/show_bug.cgi?id=33864
        <rdar://problem/7552959>
        
        Regression has been introduced by changeset 53085.
        The original fix had to be limited to editable content.

        Test: editing/selection/selection-applet.html

        * dom/Position.cpp:
        (WebCore::Position::getInlineBoxAndOffset):

2010-01-19  Kristian Amlie <kristian.amlie@nokia.com>

        Reviewed by Laszlo Gombos.

        [Qt] Fix qmake warning with qmake in Qt for Symbian
        https://bugs.webkit.org/show_bug.cgi?id=33786

        * WebCore.pro: Use QMAKE_LFLAGS instead of MMP_RULES.

2010-01-19  Daniel Bates  <dbates@rim.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=33851

        Fixes an issue in the Apple Mac port where ScrollView::platformVisibleContentRect
        returns the rectangle of the document within the content view of
        the scroll view (i.e. the rectangle not including scrollbars) when
        the parameter includeScrollbars == true

        Currently, this behavior contradicts both the comment in ScrollView.h
        for method visibleContentRect as well as the behavior in
        ScrollView::visibleContentRect() for a platform-independent scroll view.

        Instead, it should return the rectangle whose dimensions include
        the scrollbars.

        Also, removes some extra whitespace at the end of the lines.

        No tests included because we cannot test this using either DRT
        or a manual test.

        * platform/mac/ScrollViewMac.mm:
        (WebCore::ScrollView::platformVisibleContentRect): If includeScrollbars == true
        then return the rectangle whose dimensions are that of
        the frame (i.e. -[NSScrollView frame]).

2010-01-19  Steve Block  <steveblock@google.com>

        Reviewed by David Levin.

        Fixes style in WebCore/bridge/jni/jsc/JavaClassJSC
        https://bugs.webkit.org/show_bug.cgi?id=33819

        No new tests, style fixes only.

        * bridge/jni/jsc/JavaClassJSC.cpp: Modified.
        * bridge/jni/jsc/JavaClassJSC.h: Modified.

2010-01-19  Jaime Yap  <jaimeyap@google.com>

        Reviewed by Pavel Feldman.
        
        Refactors the TimelineRecordFactory and InspectorTimelineAgent to support reporting data
        when closing a record. Also includes grabbing the start and end line number for parse HTML
        records as a reference use case for the above refactor

        Tests updated:
            inspector/timeline-parse-html-expected.txt
            inspector/timeline-layout-expected.txt
            inspector/timeline-recalculate-styles-expected.txt

        https://bugs.webkit.org/show_bug.cgi?id=33853

        * html/HTMLTokenizer.cpp:
        (WebCore::HTMLTokenizer::write):
        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::willDispatchEvent):
        (WebCore::InspectorTimelineAgent::willLayout):
        (WebCore::InspectorTimelineAgent::willRecalculateStyle):
        (WebCore::InspectorTimelineAgent::willPaint):
        (WebCore::InspectorTimelineAgent::willWriteHTML):
        (WebCore::InspectorTimelineAgent::didWriteHTML):
        (WebCore::InspectorTimelineAgent::didInstallTimer):
        (WebCore::InspectorTimelineAgent::didRemoveTimer):
        (WebCore::InspectorTimelineAgent::willFireTimer):
        (WebCore::InspectorTimelineAgent::willChangeXHRReadyState):
        (WebCore::InspectorTimelineAgent::willLoadXHR):
        (WebCore::InspectorTimelineAgent::willEvaluateScript):
        (WebCore::InspectorTimelineAgent::willSendResourceRequest):
        (WebCore::InspectorTimelineAgent::didReceiveResourceResponse):
        (WebCore::InspectorTimelineAgent::didFinishLoadingResource):
        (WebCore::InspectorTimelineAgent::didMarkTimeline):
        (WebCore::InspectorTimelineAgent::didCompleteCurrentRecord):
        (WebCore::InspectorTimelineAgent::pushCurrentRecord):
        * inspector/InspectorTimelineAgent.h:
        (WebCore::InspectorTimelineAgent::TimelineRecordEntry::TimelineRecordEntry):
        * inspector/TimelineRecordFactory.cpp:
        (WebCore::TimelineRecordFactory::createEventDispatchData):
        (WebCore::TimelineRecordFactory::createGenericTimerData):
        (WebCore::TimelineRecordFactory::createTimerInstallData):
        (WebCore::TimelineRecordFactory::createXHRReadyStateChangeData):
        (WebCore::TimelineRecordFactory::createXHRLoadData):
        (WebCore::TimelineRecordFactory::createEvaluateScriptData):
        (WebCore::TimelineRecordFactory::createMarkTimelineData):
        (WebCore::TimelineRecordFactory::createResourceSendRequestData):
        (WebCore::TimelineRecordFactory::createResourceReceiveResponseData):
        (WebCore::TimelineRecordFactory::createResourceFinishData):
        (WebCore::TimelineRecordFactory::createPaintData):
        (WebCore::TimelineRecordFactory::createParseHTMLData):
        * inspector/TimelineRecordFactory.h:

2010-01-19 Joanmarie Diggs  <joanmarie.diggs@gmail.com>

        Reviewed by Xan Lopez.

        https://bugs.webkit.org/show_bug.cgi?id=30883
        [Gtk] Implement AtkText for HTML elements which contain text

        Moves the text assembling functionality from getPangoLayoutForAtk to
        textForObject, which webkit_accessible_text_get_text now falls back on
        when it comes up empty.

        Adds a check in textForObject so that we don't double-add newlines
        when we have a BR.

        * accessibility/gtk/AccessibilityObjectWrapperAtk.cpp:
        (textForObject):
        (getPangoLayoutForAtk):
        (webkit_accessible_text_get_text):

2010-01-19  Eric Carlson  <eric.carlson@apple.com>

        Reviewed by Adam Roben.

        error events don't fire if no <source> elements passed to media engine
        https://bugs.webkit.org/show_bug.cgi?id=33855

        Test: media/video-source-error-no-candidate.html

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::selectMediaResource): Only bail early if
        there is no 'src' attribute and no <source> child elements at all.

2010-01-19  Daniel Bates  <dbates@webkit.org>

        Reviewed by Adam Roben.

        https://bugs.webkit.org/show_bug.cgi?id=33822

        REGRESSION(r53273): Fixes redefinition of XFORM error when building
        WebKit using Qt Windows with the MinGW compiler.
 
        Note, MinGW has a slightly different declaration of the struct XFORM
        from that in the Microsoft SDK. So, we need to substitute an alternative
        typedef for XFORM when compiling with MinGW.

        No functionality was changed. So, no new tests.

        * platform/graphics/transforms/TransformationMatrix.h:

2010-01-19  Stephen White  <senorblanco@chromium.org>

        Reviewed by Dimitri Glazkov.

        Fix for crash on large TransparencyWin allocation.  The fix is
        to leave m_layerValid false when the allocPixels of
        OwnedBuffers::m_referenceBitmap fails.  Then TransparencyWin won't
        attempt to use it.

        Will be covered by a new unit test in Chromium's test_shell_tests (when
        this is rolled into Chromium).

        https://bugs.webkit.org/show_bug.cgi?id=33844

        * platform/graphics/chromium/TransparencyWin.cpp:
        (WebCore::TransparencyWin::initializeNewContext):
        Early return when m_referenceBitmap or its pixels is NULL, leaving
        m_layerValid false.

2010-01-19  Eric Carlson  <eric.carlson@apple.com>

        Reviewed by Adam Roben.

        video.networkState remains NETWORK_LOADING indefinitely when no <source> element was able to be loaded
        https://bugs.webkit.org/show_bug.cgi?id=33744

        Test: media/video-source-none-supported.html

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::loadNextSourceChild): Call waitForSourceChange if
            there are no valid source elements.
        (WebCore::HTMLMediaElement::waitForSourceChange): New, set networkState to NETWORK_NO_SOURCE.
        (WebCore::HTMLMediaElement::setNetworkState): Call waitForSourceChange if the movie
            hasn't reached HAVE_METADATA and there are no more <source> elements to try.
        * html/HTMLMediaElement.h: Declare waitForSourceChange.

2010-01-19  Daniel Bates  <dbates@rim.com>

        Reviewed by Adam Treat.

        https://bugs.webkit.org/show_bug.cgi?id=33408

        Implements an optimization to ignore fixed background images
        (i.e. background-attachment: fixed) when a page does not contain
        any fixed position elements so as to allow fast repaints (via bit
        blit) when scrolling a page.

        Currently, if a page has elements that specify either a fixed
        background or a fixed position then we perform a slow repaint
        (i.e disable blitting) so as to avoid rendering artifacts.
        However, on low-powered/mobile devices slow repaints can cause
        noticeable delays when scrolling a page with a fixed background
        image. By sacrificing support for fixed background images when
        there are no fixed elements on the page and with come care, we
        don't need to force slow repaints and can avoid rendering artifacts.
        Hence, on such devices we can improve the responsiveness of
        scrolling a page with a fixed background image.

        Note, this optimization is only enabled if the WebKit is built
        with FAST_MOBILE_SCROLLING enabled.

        Tests: fast/fast-mobile-scrolling/fixed-position-element.html
               fast/fast-mobile-scrolling/no-fixed-position-elements.html

        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry):
        Disable fixed background attachment if we can blit on scroll.
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::styleWillChange):

2010-01-19  Dave Hyatt  <hyatt@apple.com>

        Build bustage fix.  Land modified WebCore.base.exp file that includes export of currentWorld().

        * WebCore.base.exp:

2010-01-19  Brady Eidson  <beidson@apple.com>

        Reviewed by Alexey Proskuryakov.

        Crash in Page::backForwardList when using History object from a detached window
        <rdar://problem/7556252> and https://bugs.webkit.org/show_bug.cgi?id=33828

        Test: fast/loader/stateobjects/state-api-on-detached-frame-crash.html

        * page/History.cpp:
        (WebCore::History::stateObjectAdded): Do an early return when detached. The spec
          doesn't really cover expected behavior and we already do something similar in 
          other places, such as in History::length().

2010-01-19  Yury Semikhatsky  <yurys@chromium.org>

        Reviewed by NOBODY (build fix).

        Revert r53467. Browser crashes on opening inspector if there
        are messages in console.

        * bindings/js/JSInjectedScriptHostCustom.cpp:
        (WebCore::JSInjectedScriptHost::databaseForId):
        (WebCore::JSInjectedScriptHost::inspectedWindow):
        (WebCore::JSInjectedScriptHost::wrapCallback):
        (WebCore::JSInjectedScriptHost::currentCallFrame):
        (WebCore::JSInjectedScriptHost::nodeForId):
        (WebCore::JSInjectedScriptHost::wrapObject):
        (WebCore::JSInjectedScriptHost::unwrapObject):
        (WebCore::JSInjectedScriptHost::pushNodePathToFrontend):
        (WebCore::JSInjectedScriptHost::selectDatabase):
        (WebCore::JSInjectedScriptHost::selectDOMStorage):
        * bindings/js/ScriptController.cpp:
        * bindings/js/ScriptController.h:
        * bindings/js/ScriptObject.h:
        * bindings/js/ScriptValue.cpp:
        (WebCore::ScriptValue::quarantineValue):
        * bindings/js/ScriptValue.h:
        * bindings/v8/ScriptObject.h:
        * bindings/v8/ScriptValue.h:
        (WebCore::ScriptValue::quarantineValue):
        * bindings/v8/custom/V8InjectedScriptHostCustom.cpp:
        (WebCore::V8InjectedScriptHost::inspectedWindowCallback):
        (WebCore::V8InjectedScriptHost::wrapCallbackCallback):
        (WebCore::V8InjectedScriptHost::wrapObjectCallback):
        (WebCore::V8InjectedScriptHost::unwrapObjectCallback):
        * inspector/ConsoleMessage.cpp:
        (WebCore::ConsoleMessage::ConsoleMessage):
        (WebCore::ConsoleMessage::addToConsole):
        (WebCore::ConsoleMessage::isEqual):
        * inspector/ConsoleMessage.h:
        * inspector/InjectedScriptHost.cpp:
        (WebCore::InjectedScriptHost::wrapObject):
        (WebCore::InjectedScriptHost::unwrapObject):
        * inspector/InjectedScriptHost.h:
        * inspector/InjectedScriptHost.idl:
        * inspector/InspectorBackend.cpp:
        (WebCore::InspectorBackend::dispatchOnInjectedScript):
        (WebCore::InspectorBackend::releaseWrapperObjectGroup):
        * inspector/InspectorBackend.h:
        * inspector/InspectorBackend.idl:
        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::InspectorController):
        (WebCore::InspectorController::clearConsoleMessages):
        (WebCore::InspectorController::inspectedWindowScriptObjectCleared):
        (WebCore::InspectorController::windowScriptObjectAvailable):
        (WebCore::InspectorController::scriptObjectReady):
        (WebCore::InspectorController::setFrontendProxyObject):
        (WebCore::InspectorController::close):
        (WebCore::InspectorController::resetScriptObjects):
        (WebCore::InspectorController::didPause):
        (WebCore::InspectorController::wrapObject):
        (WebCore::InspectorController::unwrapObject):
        (WebCore::InspectorController::releaseWrapperObjectGroup):
        (WebCore::InspectorController::resetInjectedScript):
        * inspector/InspectorController.h:
        * inspector/InspectorFrontend.cpp:
        (WebCore::InspectorFrontend::addConsoleMessage):
        (WebCore::InspectorFrontend::pausedScript):
        * inspector/InspectorFrontend.h:
        * inspector/front-end/AuditsPanel.js:
        (WebInspector.AuditsPanel.prototype._reloadResources):
        * inspector/front-end/ConsoleView.js:
        (WebInspector.ConsoleView.prototype.requestClearMessages):
        (WebInspector.ConsoleView.prototype.completions):
        (WebInspector.ConsoleView.prototype.doEvalInWindow):
        (WebInspector.ConsoleView.prototype._formatnode):
        (WebInspector.ConsoleView.prototype._formatarray):
        * inspector/front-end/DOMAgent.js:
        (WebInspector.DOMNode):
        (WebInspector.CSSStyleDeclaration):
        (WebInspector.CSSStyleDeclaration.parseRule):
        * inspector/front-end/Database.js:
        (WebInspector.Database.prototype.executeSql):
        * inspector/front-end/ElementsPanel.js:
        (WebInspector.ElementsPanel.this.treeOutline.focusedNodeChanged):
        (WebInspector.ElementsPanel.prototype.setDocument):
        (WebInspector.ElementsPanel.prototype.searchCanceled):
        (WebInspector.ElementsPanel.prototype.performSearch):
        * inspector/front-end/ElementsTreeOutline.js:
        (WebInspector.ElementsTreeElement.prototype.createTooltipForImageNode):
        * inspector/front-end/EventListenersSidebarPane.js:
        ():
        * inspector/front-end/InjectedScript.js:
        (InjectedScript.dispatch):
        (InjectedScript.toggleStyleEnabled):
        (InjectedScript._serializeRule):
        (InjectedScript._serializeStyle):
        (InjectedScript.getProperties):
        (InjectedScript.setPropertyValue):
        (InjectedScript._evaluateAndWrap):
        (InjectedScript.getCallFrames):
        (InjectedScript._inspectObject):
        (InjectedScript._ensureCommandLineAPIInstalled):
        (InjectedScript._resolveObject):
        (InjectedScript._window):
        (InjectedScript._objectForId):
        (InjectedScript.createProxyObject):
        (InjectedScript.executeSql):
        (InjectedScript.executeSql.errorCallback):
        (InjectedScript.executeSql.queryTransaction):
        (Object.type):
        (String.prototype.escapeCharacters):
        * inspector/front-end/InjectedScriptAccess.js:
        (InjectedScriptAccess._installHandler.InjectedScriptAccess.methodName):
        (InjectedScriptAccess._installHandler):
        * inspector/front-end/MetricsSidebarPane.js:
        (WebInspector.MetricsSidebarPane):
        (WebInspector.MetricsSidebarPane.prototype.update.inlineStyleCallback):
        (WebInspector.MetricsSidebarPane.prototype.update):
        (WebInspector.MetricsSidebarPane.prototype.editingCommitted):
        * inspector/front-end/ObjectPropertiesSection.js:
        (WebInspector.ObjectPropertiesSection.prototype.update):
        (WebInspector.ObjectPropertyTreeElement.prototype.onpopulate):
        (WebInspector.ObjectPropertyTreeElement.prototype.applyExpression):
        * inspector/front-end/ObjectProxy.js:
        (WebInspector.ObjectProxy):
        (WebInspector.ObjectProxy.getPropertiesAsync):
        * inspector/front-end/PropertiesSidebarPane.js:
        (WebInspector.PropertiesSidebarPane.prototype.update.callback):
        (WebInspector.PropertiesSidebarPane.prototype.update):
        * inspector/front-end/ResourcesPanel.js:
        (WebInspector.ResourceSidebarTreeElement.prototype.ondblclick):
        * inspector/front-end/ScriptsPanel.js:
        (WebInspector.ScriptsPanel.prototype.doEvalInCallFrame):
        * inspector/front-end/StylesSidebarPane.js:
        (WebInspector.StylesSidebarPane.prototype.update):
        (WebInspector.StylePropertiesSection.prototype.editingSelectorCommitted):
        (WebInspector.BlankStylePropertiesSection.prototype.editingSelectorCommitted):
        (WebInspector.StylePropertyTreeElement.prototype):
        * inspector/front-end/WatchExpressionsSidebarPane.js:
        (WebInspector.WatchExpressionsSection.prototype.update):
        * inspector/front-end/inspector.js:
        (WebInspector.loaded):
        (WebInspector.pausedScript):
        (WebInspector.addConsoleMessage):
        (WebInspector.log.logMessage):
        (WebInspector.log):

2010-01-19  Yury Semikhatsky  <yurys@chromium.org>

        Reviewed by Pavel Feldman.

        Inject inspector script directly into the inspected context. All the
        communication between the script and the frontend is serialized into
        JSON strings. It allows to get rid of object quarantines in Web Inspector.

        https://bugs.webkit.org/show_bug.cgi?id=32554

        * bindings/js/JSInjectedScriptHostCustom.cpp:
        (WebCore::JSInjectedScriptHost::databaseForId):
        (WebCore::JSInjectedScriptHost::currentCallFrame):
        (WebCore::JSInjectedScriptHost::nodeForId):
        (WebCore::JSInjectedScriptHost::pushNodePathToFrontend):
        (WebCore::JSInjectedScriptHost::selectDatabase):
        (WebCore::JSInjectedScriptHost::selectDOMStorage):
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::mainWorldScriptState):
        * bindings/js/ScriptController.h:
        * bindings/js/ScriptObject.h:
        (WebCore::ScriptObject::scriptState):
        * bindings/js/ScriptValue.cpp:
        * bindings/js/ScriptValue.h:
        * bindings/v8/ScriptObject.h:
        (WebCore::ScriptObject::scriptState):
        * bindings/v8/ScriptValue.h:
        * bindings/v8/custom/V8InjectedScriptHostCustom.cpp:
        * inspector/ConsoleMessage.cpp:
        (WebCore::ConsoleMessage::ConsoleMessage):
        (WebCore::ConsoleMessage::addToConsole):
        (WebCore::ConsoleMessage::isEqual):
        * inspector/ConsoleMessage.h:
        * inspector/InjectedScriptHost.cpp:
        (WebCore::InjectedScriptHost::releaseWrapperObjectGroup):
        * inspector/InjectedScriptHost.h:
        * inspector/InjectedScriptHost.idl:
        * inspector/InspectorBackend.cpp:
        (WebCore::InspectorBackend::setInjectedScriptSource):
        (WebCore::InspectorBackend::dispatchOnInjectedScript):
        (WebCore::InspectorBackend::releaseWrapperObjectGroup):
        * inspector/InspectorBackend.h:
        * inspector/InspectorBackend.idl:
        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::InspectorController):
        (WebCore::InspectorController::clearConsoleMessages):
        (WebCore::InspectorController::inspectedWindowScriptObjectCleared):
        (WebCore::InspectorController::windowScriptObjectAvailable):
        (WebCore::InspectorController::scriptObjectReady):
        (WebCore::InspectorController::setFrontendProxyObject):
        (WebCore::InspectorController::close):
        (WebCore::InspectorController::resetScriptObjects):
        (WebCore::InspectorController::didPause):
        (WebCore::InspectorController::injectedScriptForNodeId):
        * inspector/InspectorController.h:
        * inspector/InspectorFrontend.cpp:
        (WebCore::InspectorFrontend::addConsoleMessage):
        (WebCore::InspectorFrontend::pausedScript):
        * inspector/InspectorFrontend.h:
        * inspector/front-end/AuditsPanel.js:
        (WebInspector.AuditsPanel.prototype._reloadResources):
        * inspector/front-end/ConsoleView.js:
        (WebInspector.ConsoleView.prototype.requestClearMessages):
        (WebInspector.ConsoleView.prototype.doEvalInWindow):
        * inspector/front-end/DOMAgent.js:
        (WebInspector.DOMNode):
        (WebInspector.CSSStyleDeclaration):
        (WebInspector.CSSStyleDeclaration.parseRule):
        * inspector/front-end/Database.js:
        (WebInspector.Database.prototype.executeSql):
        * inspector/front-end/ElementsPanel.js:
        (WebInspector.ElementsPanel.this.treeOutline.focusedNodeChanged.InjectedScriptAccess.get addInspectedNode):
        (WebInspector.ElementsPanel.this.treeOutline.focusedNodeChanged):
        (WebInspector.ElementsPanel.prototype.setDocument):
        (WebInspector.ElementsPanel.prototype.searchCanceled):
        (WebInspector.ElementsPanel.prototype.performSearch):
        * inspector/front-end/ElementsTreeOutline.js:
        (WebInspector.ElementsTreeElement.prototype.createTooltipForImageNode):
        * inspector/front-end/EventListenersSidebarPane.js:
        ():
        * inspector/front-end/InjectedScript.js:
        (injectedScriptConstructor):
        (injectedScriptConstructor.):
        * inspector/front-end/InjectedScriptAccess.js:
        (InjectedScriptAccess):
        (InjectedScriptAccess.getDefault):
        (get InjectedScriptAccess):
        (InjectedScriptAccess._installHandler.InjectedScriptAccess.prototype.methodName):
        (InjectedScriptAccess._installHandler):
        * inspector/front-end/MetricsSidebarPane.js:
        (WebInspector.MetricsSidebarPane):
        (WebInspector.MetricsSidebarPane.prototype.update.inlineStyleCallback):
        * inspector/front-end/ObjectPropertiesSection.js:
        * inspector/front-end/ObjectProxy.js:
        (WebInspector.ObjectProxy):
        * inspector/front-end/PropertiesSidebarPane.js:
        (WebInspector.PropertiesSidebarPane.prototype.update.callback):
        * inspector/front-end/ResourcesPanel.js:
        (WebInspector.ResourceSidebarTreeElement.prototype.ondblclick):
        * inspector/front-end/ScriptsPanel.js:
        * inspector/front-end/StylesSidebarPane.js:
        (WebInspector.StylePropertyTreeElement.prototype):
        * inspector/front-end/WatchExpressionsSidebarPane.js:
        (WebInspector.WatchExpressionsSection.prototype.update):
        * inspector/front-end/inspector.js:
        (WebInspector.loaded):
        (WebInspector.pausedScript):
        (WebInspector.addConsoleMessage):
        (WebInspector.log.logMessage):
        (WebInspector.log):

2010-01-19  Steve Block  <steveblock@google.com>

        Unreviewed build fix.

        Fixes Windows build due to http://trac.webkit.org/changeset/53464
        Updates WebCore.vcproj to reflect renaming of runtime.[cpp|h] to Bridge.[cpp|h]

        No new tests, build fix only.

        * WebCore.vcproj/WebCore.vcproj:

2010-01-19  Steve Block  <steveblock@google.com>

        Reviewed by Adam Barth.

        Renames WebCore/bridge/runtime.[cpp|h] to WebCore/bridge/Bridge.[cpp|h]
        https://bugs.webkit.org/show_bug.cgi?id=33801

        runtime.[cpp|h] contains general interface classes for use in the bridge,
        so Bridge is a more appropriate name than runtime.

        No new tests, renaming only.

        * Android.jscbindings.mk:
        * GNUmakefile.am:
        * WebCore.pro:
        * WebCore.xcodeproj/project.pbxproj:
        * WebCoreSources.bkl:
        * bindings/js/JSPluginElementFunctions.cpp:
        * bindings/js/ScriptControllerGtk.cpp:
        * bindings/js/ScriptControllerHaiku.cpp:
        * bindings/js/ScriptControllerMac.mm:
        * bindings/js/ScriptControllerQt.cpp:
        * bindings/js/ScriptControllerWin.cpp:
        * bindings/js/ScriptControllerWx.cpp:
        * bindings/js/ScriptInstance.h:
        * bindings/objc/WebScriptObject.mm:
        * bridge/Bridge.cpp: Copied from WebCore/bridge/runtime.cpp.
        * bridge/Bridge.h: Copied from WebCore/bridge/runtime.h.
        * bridge/c/c_class.h:
        * bridge/c/c_instance.h:
        * bridge/c/c_runtime.h:
        * bridge/jni/jni_instance.h:
        * bridge/objc/objc_runtime.h:
        * bridge/qt/qt_class.h:
        * bridge/qt/qt_instance.h:
        * bridge/qt/qt_runtime.cpp:
        * bridge/qt/qt_runtime.h:
        * bridge/runtime.cpp: Removed.
        * bridge/runtime.h: Removed.
        * bridge/runtime_array.h:
        * bridge/runtime_method.h:
        * bridge/runtime_object.h:
        * bridge/runtime_root.cpp:
        * bridge/testbindings.cpp:
        * bridge/testbindings.mm:
        * bridge/testqtbindings.cpp:
        * page/win/FrameWin.cpp:
        * platform/graphics/wince/MediaPlayerProxy.cpp:
        * plugins/PluginView.cpp:
        * plugins/gtk/PluginViewGtk.cpp:
        * plugins/mac/PluginViewMac.cpp:
        * plugins/qt/PluginViewQt.cpp:
        * plugins/symbian/PluginViewSymbian.cpp:
        * plugins/win/PluginViewWin.cpp:

2010-01-19  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        REGRESSION (52082): Crash on worker thread when reloading http://radnan.public.iastate.edu/procedural/
        https://bugs.webkit.org/show_bug.cgi?id=33826

        Test: fast/workers/worker-gc2.html

        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::~WorkerScriptController): Removed some
        ASSERTs that have moved to JavaScriptCore.

2010-01-19  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix).

        Reverting r53455, breaks 2 javascriptcore tests.

        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::~WorkerScriptController):

2010-01-18  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Oliver Hunt.

        REGRESSION (52082): Crash on worker thread when reloading http://radnan.public.iastate.edu/procedural/
        https://bugs.webkit.org/show_bug.cgi?id=33826

        Test: fast/workers/worker-gc2.html

        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::~WorkerScriptController): Removed some
        ASSERTs that have moved to JavaScriptCore.

2010-01-18  Daniel Bates  <dbates@webkit.org>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=33089

        Implements all of the alphabetic CSS3 list-style-types as per
        section 4.4 of the CSS3 Lists module <http://www.w3.org/TR/css3-lists/#alphabetic>.

        Test: fast/lists/w3-css3-list-styles-alphabetic.html

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue): Updated comment to include
        added list-style-types.
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): Added new list style types,
        alphabetized enums, and removed indent to conform to the WebKit Code Style Guidelines.
        * css/CSSValueKeywords.in:
        * inspector/front-end/CSSSourceSyntaxHighlighter.js:
        (WebInspector.CSSSourceSyntaxHighlighter): Added new list style types
        and alphabetized array valueKeywords.
        * platform/text/CharacterNames.h: Added constant ethiopicPrefaceColon.
        * rendering/RenderListMarker.cpp:
        (WebCore::toAlphabetic):
        (WebCore::listMarkerSuffix): Added.
        (WebCore::listMarkerText):
        (WebCore::RenderListMarker::paint): Modified to call WebCore::listMarkerSuffix.
        (WebCore::RenderListMarker::calcPrefWidths): Ditto.
        (WebCore::RenderListMarker::getRelativeMarkerRect): Ditto.
        * rendering/style/RenderStyle.h:
        (WebCore::):
        * rendering/style/RenderStyleConstants.h:
        (WebCore::):

2010-01-18  Daniel Bates  <dbates@webkit.org>

        Unreviewed, fix misspelling of the word maximum in comment.

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::maximum):

2010-01-18  Dan Bernstein  <mitz@apple.com>

        Rubber-stamped by Sam Weinig.

        <rdar://problem/7476957> REGRESSION (r49567): Business widget list does not line up: too tall due to line height rounding change

        Reverted r49567.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::computeLogicalBoxHeights):
        * rendering/RenderBR.cpp:
        (WebCore::RenderBR::lineHeight):
        * rendering/style/RenderStyle.h:
        (WebCore::InheritedFlags::computedLineHeight):

2010-01-18  Steve Block  <steveblock@google.com>

        Reviewed by Adam Barth.

        Moves JSC-specific implementation of JavaString to a private implementation class.
        https://bugs.webkit.org/show_bug.cgi?id=33558

        Also modifies JavaField::name and JavaMethod::name to return const JavaString&, rather than UString::Rep*,
        which is JSC-specific. This allows this code to be used with both JSC and V8, as required by Android.

        No new tests, refactoring only.

        * WebCore.xcodeproj/project.pbxproj: Modified. Added JavaStringJSC.h
        * bridge/jni/jni_class.cpp: Modified.
        (JavaClass::JavaClass): Modified. Updates call sites of JavaField::name and JavaMethod::name.
        * bridge/jni/jni_runtime.h: Modified.
        (JSC::Bindings::JavaString::JavaString): Modified. Pass through to implementation.
        (JSC::Bindings::JavaString::UTF8String): Modified. Pass through to implementation.
        (JSC::Bindings::JavaString::uchars): Modified. Pass through to implementation.
        (JSC::Bindings::JavaString::length): Modified. Pass through to implementation.
        (JSC::Bindings::JavaString::operator UString): Modified. Pass through to implementation.
        (JSC::Bindings::JavaField::name): Modified. Pass through to implementation.
        (JSC::Bindings::JavaMethod::name): Modified. Pass through to implementation.
        * bridge/jni/jsc/JavaStringJSC.h: Added.
        (JSC::Bindings::JavaStringImpl::~JavaStringImpl):
        (JSC::Bindings::JavaStringImpl::init):
        (JSC::Bindings::JavaStringImpl::UTF8String):
        (JSC::Bindings::JavaStringImpl::uchars):
        (JSC::Bindings::JavaStringImpl::length):
        (JSC::Bindings::JavaStringImpl::uString):

2010-01-18  Yuzo Fujishima  <yuzo@google.com>

        Reviewed by Darin Adler.

        Skip an error after invalid blocks in a CSS expression.
        https://bugs.webkit.org/show_bug.cgi?id=33650

        * css/CSSGrammar.y:

2010-01-15  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Darin Adler & Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=33731
        Remove uses of PtrAndFlags from WebCore::StringImpl.

        These break the OS X Leaks tool.  Move the management of null-terminated copies
        out from StringImpl to String, and use a bit stolen from the refCount to hold the
        'InTable' flag.

        * platform/sql/SQLiteFileSystem.cpp:
        (WebCore::SQLiteFileSystem::openDatabase):
        * platform/sql/SQLiteStatement.cpp:
        (WebCore::SQLiteStatement::prepare):
        * platform/sql/SQLiteStatement.h:
        * platform/text/PlatformString.h:
        * platform/text/String.cpp:
        (WebCore::String::copyWithNullTermination):
        * platform/text/StringImpl.cpp:
        (WebCore::StringImpl::StringImpl):
        (WebCore::StringImpl::~StringImpl):
        (WebCore::StringImpl::create):
        (WebCore::StringImpl::crossThreadString):
        (WebCore::StringImpl::sharedBuffer):
        * platform/text/StringImpl.h:
        (WebCore::StringImpl::inTable):
        (WebCore::StringImpl::setInTable):

2010-01-18  Nikolas Zimmermann  <nzimmermann@rim.com>

        Reviewed by Dirk Schulze.

        Rewrite SVG <use> support in a modern-fashion
        https://bugs.webkit.org/show_bug.cgi?id=33776

        Tests: svg/custom/relative-sized-deep-shadow-tree-content.xhtml
               svg/custom/relative-sized-shadow-tree-content.xhtml

        Fixes: svg/W3C-SVG-1.1/animate-elem-30-t.svg (animated circle sometimes takes wrong path)

        Rewrite <use> support in less intrusive way. Try hard to avoid recloning where possible, and do it lazily.
        Introduce RenderSVGShadowTreeRootContainer as special renderer for SVGUseElement, that now manages the
        render tree, instead of SVGUseElement manually hacking around it's own renderer from the DOM side.

        Instead of recloning the whole shadow tree for every attribute change (DOM setAttribute / SVG DOM changes / CSS changes / childrenChanged()...)
        just notify the RenderSVGShadowTreeRootContainer that it's supposed to reclone the tree upon the next updateFromElement() call.

        updateFromElement() is fired from SVGUseElement::attach() / recalcStyle(), as it's done for HTMLFormControlElement/HTMLMediaElement, thus
        lazily recloning the shadow tree if necessary.

        Animations for <use> elements was a real performance bottlenck as the tree got recloned on every attribute change. Reclones are _completly_
        avoided for animations now - the SVGAnim*Element classes already updated the instances of an element manually, though that resulted in a reclone
        nontheless, and thus killing performance. <use> elements can only be recloned through mutations of the elements that they reference to.
        For example referencing a <rect> element from a <use> element and scripting the <rect> element (setAttribute, or child tree mutations etc.).
        We reclone instead of trying to synchronize trees - as it's currenty implemented - because it's very hard to do it right.

        Any DOM / SVG DOM / CSS change on the <use> element don't reclone the tree anymore, this is a huge speed benefit.
        x/y attribute changes are correctly handled in the render tree now (by an additional local transformation), now percentual values work
        as expected, and resize on window changes - affecting lots of testcases.

        The <use> implementation is much safer now, not doing any mutations synchronously from svgAttributeChanged etc.
        Remove hack to force garbage collection on SVGElementInstance destruction - can't reproduce it anymore.

        * Android.mk: Add new files to build.
        * GNUmakefile.am: Ditto.
        * WebCore.gypi: Ditto.
        * WebCore.pro: Ditto.
        * WebCore.vcproj/WebCore.vcproj: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * rendering/RenderSVGShadowTreeRootContainer.cpp: Added. This is the rendered now created by SVGUseElement.
        (WebCore::RenderSVGShadowTreeRootContainer::RenderSVGShadowTreeRootContainer):
        (WebCore::RenderSVGShadowTreeRootContainer::~RenderSVGShadowTreeRootContainer):
        (WebCore::RenderSVGShadowTreeRootContainer::updateStyle): Used form SVGUseElement to request style recalculations for the shadow tree renderers
        (WebCore::RenderSVGShadowTreeRootContainer::updateFromElement): Used from SVGUseElement attach/recalcStyle to eventually request shadow tree updates.
        (WebCore::RenderSVGShadowTreeRootContainer::styleDidChange): Used to propage style updates across shadow tree boundaries.
        * rendering/RenderSVGShadowTreeRootContainer.h: Added.
        (WebCore::RenderSVGShadowTreeRootContainer::markShadowTreeForRecreation): Marks the shadow tree for a reclone, next time updateFromElement is used.
        * rendering/RenderSVGTransformableContainer.cpp:
        (WebCore::RenderSVGTransformableContainer::calculateLocalTransform): Take containerTranslation() into account, supplied by RenderSVGSDhadowTreeContainer.
        * rendering/SVGShadowTreeElements.cpp: Added. This is the root element of the SVG shadow tree residing as (hidden) child of SVGUseElement (DOM wise).
        (WebCore::SVGShadowTreeContainerElement::SVGShadowTreeContainerElement):
        (WebCore::SVGShadowTreeContainerElement::~SVGShadowTreeContainerElement):
        (WebCore::SVGShadowTreeContainerElement::containerTranslation): Used from calculateLocalTransform() to take x/y translation into account for shadow tree container elements.
        (WebCore::SVGShadowTreeRootElement::SVGShadowTreeRootElement):
        (WebCore::SVGShadowTreeRootElement::~SVGShadowTreeRootElement):
        (WebCore::SVGShadowTreeRootElement::attachElement): Used by RenderSVGShadowTreeRootContainer, instead of attach(), as we're a shadow tree root node.
        * rendering/SVGShadowTreeElements.h: Added. This is the root element of each SVG shadow sub-tree (whenever a <use> element is expanded in the shadow tree).
        (WebCore::SVGShadowTreeContainerElement::isShadowTreeContainerElement): Return true here.
        (WebCore::SVGShadowTreeContainerElement::setContainerOffset): Used from SVGUseElement to propagate x/y translation values set on <use> elements in the shadow tree.
        (WebCore::SVGShadowTreeRootElement::isShadowNode): Identify us as shadow node.
        (WebCore::SVGShadowTreeRootElement::shadowParentNode): Ditto. Return actual shadow parent node (== corresponding use element).
        * svg/SVGElement.cpp: Shrink size of all SVG*Elements, by removing the m_shadowParent parent. SVGShadowTreeRootElement is the new base class for shadow tree.
        (WebCore::SVGElement::SVGElement):
        (WebCore::SVGElement::eventParentNode): Call virtual shadowParentNode() method, instead of accessing m_shadowParent.
        * svg/SVGElement.h: Remove isShadowNode() / shadowParentNode() / setShadowParentNode().
        * svg/SVGElementInstance.cpp: Remove the hack, calling garbage collection before destruction. Can't reproduce this anymore, let's see what the bots say.
        (WebCore::SVGElementInstance::SVGElementInstance): Remove now unnecessary m_needsUpdate flag.
        (WebCore::SVGElementInstance::invalidateAllInstancesOfElement): Don't invalidate if instance updates are blocked (see SVGStyledElement changes)
        * svg/SVGElementInstance.h: Remove m_needsUpdate, and forgetWrapper() method.
        * svg/SVGGElement.h:
        (WebCore::SVGGElement::isShadowTreeContainerElement): Add new virtual method here returning false by default, SVGShadowTreeContainerElement will override it.
        * svg/SVGStyledElement.cpp: Remove gElementsWithInstanceUpdatesBlocked HashSet tracking the state of instancesUpdatesBlocked() per SVGStyledElement - make it a member variable.
        * svg/SVGStyledElement.h: Add inline getter/setters around m_instanceUpdatesBlocked.
        (WebCore::SVGStyledElement::instanceUpdatesBlocked):
        (WebCore::SVGStyledElement::setInstanceUpdatesBlocked):
        * svg/SVGUseElement.cpp: Full rewrite of <use> support, a detailed discussion would blow the ChangeLog - see short version above.
        (WebCore::SVGUseElement::SVGUseElement):
        (WebCore::SVGUseElement::instanceRoot):
        (WebCore::SVGUseElement::insertedIntoDocument):
        (WebCore::SVGUseElement::removedFromDocument):
        (WebCore::SVGUseElement::svgAttributeChanged):
        (WebCore::updateContainerOffset):
        (WebCore::SVGUseElement::updateContainerOffsets):
        (WebCore::SVGUseElement::recalcStyle):
        (WebCore::dumpInstanceTree):
        (WebCore::SVGUseElement::buildPendingResource):
        (WebCore::SVGUseElement::buildShadowAndInstanceTree):
        (WebCore::SVGUseElement::createRenderer):
        (WebCore::updateFromElementCallback):
        (WebCore::SVGUseElement::attach):
        (WebCore::SVGUseElement::detach):
        (WebCore::SVGUseElement::toClipPath):
        (WebCore::SVGUseElement::buildInstanceTree):
        (WebCore::SVGUseElement::handleDeepUseReferencing):
        (WebCore::SVGUseElement::buildShadowTree):
        (WebCore::SVGUseElement::expandUseElementsInShadowTree):
        (WebCore::SVGUseElement::expandSymbolElementsInShadowTree):
        (WebCore::SVGUseElement::instanceForShadowTreeElement):
        (WebCore::SVGUseElement::invalidateShadowTree):
        (WebCore::SVGUseElement::transferUseAttributesToReplacedElement):
        * svg/SVGUseElement.h:
        (WebCore::SVGUseElement::isPendingResource):

2010-01-18  Kent Tamura  <tkent@chromium.org>

        Reviewed by Darin Adler.

        HTMLInputElement::valueAsDate setter support for type=month.
        https://bugs.webkit.org/show_bug.cgi?id=33021

        Introduce ISODateTime::setMillisecondsSinceEpochForMonth() and
        toString() for the Month type, and HTMLInputElement::setValueAsDate()
        calls them.

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::setValueAsDate):
        * html/ISODateTime.cpp:
        (WebCore::beforeGregorianStartDate):
        (WebCore::ISODateTime::addDay): Use beforeGregorianStartDate().
        (WebCore::ISODateTime::parseMonth): Use beforeGregorianStartDate().
        (WebCore::ISODateTime::setMillisecondsSinceEpochForDateInternal):
        (WebCore::ISODateTime::setMillisecondsSinceEpochForMonth):
        (WebCore::ISODateTime::toString): Implement only for the Month type.
        * html/ISODateTime.h:

2010-01-18  Enrica Casucci  <enrica@apple.com>

        Reviewed by Darin Adler.

        Script attributes are copied and pasted, making cross-domain attacks possible (30019)
        <rdar://problem/6008809>
        https://bugs.webkit.org/show_bug.cgi?id=30019

        When we create the document fragment from a markup string,
        either to perform a paste operation or a drag and drop, we
        want to remove all the event handlers and any attribute that contain
        a value that leads to code execution.
        The HTMLParser class is now aware of the needs of stripping these attributes.
        I've modified the call to createMarkupString for every platform.

        Test: editing/pasteboard/paste-noscript.html

        * WebCore.base.exp:
        * dom/Element.cpp:
        (WebCore::isEventHandlerAttribute):
        (WebCore::Element::setAttributeMap):
        * dom/Element.h:
        * dom/MappedAttributeEntry.h:
        (WebCore::):
        * editing/markup.cpp:
        (WebCore::createFragmentFromMarkup):
        * editing/markup.h:
        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::createContextualFragment):
        * html/HTMLElement.h:
        * html/HTMLParser.cpp:
        (WebCore::HTMLParser::HTMLParser):
        (WebCore::HTMLParser::parseToken):
        * html/HTMLParser.h:
        * html/HTMLTokenizer.cpp:
        (WebCore::HTMLTokenizer::HTMLTokenizer):
        (WebCore::parseHTMLDocumentFragment):
        * html/HTMLTokenizer.h:
        * platform/chromium/DragDataChromium.cpp:
        (WebCore::DragData::asFragment):
        * platform/chromium/PasteboardChromium.cpp:
        (WebCore::Pasteboard::documentFragment):
        * platform/gtk/PasteboardGtk.cpp:
        (WebCore::Pasteboard::documentFragment):
        * platform/mac/PasteboardMac.mm:
        (WebCore::Pasteboard::documentFragment):
        * platform/qt/DragDataQt.cpp:
        (WebCore::DragData::asFragment):
        * platform/qt/PasteboardQt.cpp:
        (WebCore::Pasteboard::documentFragment):
        * platform/win/ClipboardUtilitiesWin.cpp:
        (WebCore::fragmentFromCF_HTML):
        (WebCore::fragmentFromHTML):

2010-01-18  Steve Falkenburg  <sfalken@apple.com>

        Reviewed by Sam Weinig.

        <https://bugs.webkit.org/show_bug.cgi?id=33816>        
        Crashes in Geolocation code due to refcounting, observer balance issues.
        
        Hold a ref to the GeoNotifier while dispatching a callback. The code was
        copying a data member to avoid accessing a freed this ptr, but was still
        using the this ptr.
        
        Geolocation::removeObserver calls are not always balanced with addObserver.
        Instead of asserting and continuing, don't try to remove non-existant
        observers.

        * page/Geolocation.cpp:
        (WebCore::Geolocation::GeoNotifier::timerFired): Protect notifier.
        * page/GeolocationController.cpp:
        (WebCore::GeolocationController::removeObserver): Change ASSERT into an if with early return.

2010-01-18  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=33815
        Crash when using DOMTimer from a detached frame

        Test: fast/dom/Window/timer-null-script-execution-context.html

        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::setTimeout):
        (WebCore::JSDOMWindow::setInterval):
        * page/DOMWindow.h:
        * page/DOMWindow.idl:
        Make setTimer and setInterval raise an exception. It is not specified in HTML5, but both
        IE and Firefox do raise an exception in this situation, although different ones.

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::setTimeout): Raise INVALID_ACCESS_ERR if script execution context is
        null (meaning that the window is detached).
        (WebCore::DOMWindow::setInterval): Ditto.
        (WebCore::DOMWindow::clearTimeout): Silently return early if there is no script execution
        context.
        (WebCore::DOMWindow::clearInterval): Ditto.
        Raise INVALID_ACCESS_ERR if script execution context is null (meaning .

2010-01-18  Steve Block  <steveblock@google.com>

        Reviewed by Adam Barth.

        Moves JSC-specific version of JavaClass from bridge/jni/jni_class to bridge/jni/jsc/JavaClassJSC
        https://bugs.webkit.org/show_bug.cgi?id=33561

        No new tests, refactoring only.

        * Android.jscbindings.mk: Modified. Removed jni_class.cpp and added JavaClassJSC.cpp
        * GNUmakefile.am: Modified. Removed jni_class.h and added JavaClassJSC.h
        * WebCore.xcodeproj/project.pbxproj: Modified. Removed jni_class.[cpp|h] and added JavaClassJSC.[cpp|h]
        * bridge/jni/jni_class.cpp: Removed.
        * bridge/jni/jni_class.h: Removed.
        * bridge/jni/jsc/JavaClassJSC.cpp: Copied from WebCore/bridge/jni/jni_class.cpp.
        * bridge/jni/jsc/JavaClassJSC.h: Copied from WebCore/bridge/jni/jni_class.h.
        * bridge/jni/jsc/JavaInstanceJSC.cpp: Modified. Includes JavaClassJSC.h

2010-01-18  Steve Block  <steveblock@google.com>

        Reviewed by Adam Barth.

        Fix style in WebCore/bridge/jni/jsc/JavaInstanceJSC.[cpp|h]
        https://bugs.webkit.org/show_bug.cgi?id=33792

        No new tests, style fixes only.

        * bridge/jni/jni_runtime.cpp: Modified.
        (JavaField::dispatchValueFromInstance): Modified. Updated to use renamed JavaInstance::m_instance
        (JavaField::dispatchSetValueToInstance): Modified. Updated to use renamed JavaInstance::m_instance
        (JavaArray::JavaArray): Modified. Updated to use renamed JavaInstance::m_instance
        * bridge/jni/jni_runtime.h: Modified.
        (JSC::Bindings::JavaArray::javaArray): Modified. Updated to use renamed JavaInstance::m_instance
        * bridge/jni/jsc/JavaInstanceJSC.cpp: Modified. Fixed style
        * bridge/jni/jsc/JavaInstanceJSC.h: Modified. Fixed style

2010-01-18  Chris Marrin  <cmarrin@apple.com>

        Reviewed by Oliver Hunt.

        https://bugs.webkit.org/show_bug.cgi?id=30073
        Moved reshape to HTMLCanvasElement::reset and have it always
        set the size to the canvas width and height attrs.

        This is not testable with LayoutTests, so I instead added logic
        to the demo at:

        https://cvs.khronos.org/svn/repos/registry/trunk/public/webgl/sdk/demos/webkit/SpinningBox.html

        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::reset):
        (WebCore::HTMLCanvasElement::paint):

2010-01-18  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Geoffrey Garen.

        https://bugs.webkit.org/show_bug.cgi?id=33813
        <rdar://problem/7545104> Crash when using DOMApplicationCache from a destroyed frame

        Test: http/tests/appcache/destroyed-frame.html

        * loader/appcache/DOMApplicationCache.cpp:
        (WebCore::DOMApplicationCache::scriptExecutionContext): Return null when there is no frame.

2010-01-18  Dan Bernstein  <mitz@apple.com>

        Reviewed by Darin Adler.

        REGRESSION (r53420): incomplete repaint of bottom of bugs.webkit.org comment field
        https://bugs.webkit.org/show_bug.cgi?id=33809

        Test: fast/repaint/trailing-floats-root-line-box-overflow.html

        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlock::layoutInlineChildren): Copy bottom overflow from the last
        root box to the trailing floats box, which is becoming the last root box. This is
        needed because painting code assumes that the last line in a block is the one with the
        lowest overflow bottom.

2010-01-18  Csaba Osztrogonác  <ossy@webkit.org>

        [Qt] Unreviewed trivial buildfix. (r53429)

        * WebCore.pri: missing XMLNS_NAMES added.

2010-01-18  Geoffrey Garen  <ggaren@apple.com>

        Reviewed by Darin Adler.

        Removed unnecessary use of scriptExecutionContext() when creating a JS event listener.
        https://bugs.webkit.org/show_bug.cgi?id=33811

        This change simplifies a bunch of code, and also reduces
        the number of places that use the difficult-to-understand and possibly
        crashy-null scriptExecutionContext() idiom.

        * bindings/js/JSDOMGlobalObject.cpp:
        * bindings/js/JSDOMGlobalObject.h:
        * bindings/js/JSEventListener.h:
        (WebCore::createJSAttributeEventListener):
        * bindings/scripts/CodeGeneratorJS.pm:

2010-01-18  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=33787
        Add constants for more XML strings

        No change in functionality, so no tests.

        * WebCore/xml/xmlnsattrs.in: Added a new file for xmlns namespace and attribute - 
        XMLNames.{h,cpp} are auto-generated, and I dodn't see a reasonable way to extend it.

        * platform/text/AtomicString.cpp: (WebCore::AtomicString::init):
        * platform/text/AtomicString.h:
        Added atomic strings for "xml" and "xmlns".

        * page/Frame.cpp: (WebCore::Frame::Frame): Call XMLNSNames::init().

        * dom/Attr.cpp: (WebCore::Attr::setPrefix):
        * dom/Document.cpp:
        (WebCore::Document::hasPrefixNamespaceMismatch):
        (WebCore::Document::createAttributeNS):
        * dom/Node.cpp:
        (WebCore::Node::checkSetPrefix):
        (WebCore::Node::isDefaultNamespace):
        (WebCore::Node::lookupNamespaceURI):
        (WebCore::Node::lookupNamespacePrefix):
        * dom/XMLTokenizerLibxml2.cpp:
        (WebCore::XMLTokenizer::XMLTokenizer):
        (WebCore::handleElementNamespaces):
        * editing/markup.cpp:
        (WebCore::shouldAddNamespaceAttr):
        (WebCore::appendNamespace):
        * xml/XPathStep.cpp:
        (WebCore::XPath::nodeMatchesBasicTest):
        (WebCore::XPath::Step::nodesInAxis):
        Use the new constants.

        * Android.derived.mk:
        * DerivedSources.make:
        * GNUmakefile.am:
        * WebCore.gyp/WebCore.gyp:
        * WebCore.pri:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * WebCoreSources.bkl:
        Added the new files to projects.

2010-01-18  Anders Carlsson  <andersca@apple.com>

        Fix !ENABLE(3D_CANVAS) build.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::is3DCanvas):

2010-01-18  Timothy Hatcher  <timothy@apple.com>

        Adjust the scroll position when doing a full page zoom, so the content
        stays in relatively the same position.

        <rdar://problem/6150099> Zooming should keep the page content in the same place

        Reviewed by Oliver Hunt.

        * page/Frame.cpp:
        (WebCore::Frame::setZoomFactor): Apply the zoom percent difference to
        the scroll position, only when doing a full page zoom.

2010-01-18  Adam Roben  <aroben@apple.com>

        Add SecurityOrigin::{set,is}DomainRelaxationForbiddenForURLScheme and
        respect it

        WebCore part of fixing <http://webkit.org/b/33806>
        <rdar://problem/7552837> Would like API to disallow setting of
        document.domain for pages with certain URL schemes

        Test: http/tests/security/setDomainRelaxationForbiddenForURLScheme.html

        Reviewed by Sam Weinig.

        * WebCore.base.exp: Export
        SecurityOrigin::setDomainRelaxationForbiddenForURLScheme.

        * dom/Document.cpp:
        (WebCore::Document::setDomain): If domain relaxation is forbidden for
        our security origin's scheme, throw an exception and don't allow
        the domain to be set.

        * page/SecurityOrigin.cpp:
        (WebCore::schemesForbiddenFromDomainRelaxation): Added. Returns a
        global set of schemes.
        (WebCore::SecurityOrigin::setDomainRelaxationForbiddenForURLScheme):
        Add or remove the scheme to schemesForbiddenFromDomainRelaxation, as
        appropriate.
        (WebCore::SecurityOrigin::isDomainRelaxationForbiddenForURLScheme):
        Returns true if the scheme is in schemesForbiddenFromDomainRelaxation.

        * page/SecurityOrigin.h: Added
        {set,is}DomainRelaxationForbiddenForURLScheme.

2010-01-18  Dan Bernstein  <mitz@apple.com>

        Address review comments on the last change

        * rendering/TrailingFloatsRootInlineBox.h:
        (WebCore::TrailingFloatsRootInlineBox::TrailingFloatsRootInlineBox):

2010-01-18  Dan Bernstein  <mitz@apple.com>

        Reviewed by Darin Adler.

        <rdar://problem/6892207> REGRESSION (Safari 4): Menus at sciencedirect.com push the main article context down the page
        <rdar://problem/7546035> Second right floated image misplacment
        https://bugs.webkit.org/show_bug.cgi?id=33245

        Test: fast/dynamic/float-in-trailing-whitespace-after-last-line-break-2.html

        When the last line of a block contains a line break and there are floats
        after the line break, it is incorrect to put those floats in the last line’s
        floats vector (along with floats from before the break). Instead, create
        an additional line box (a TrailingFloatsRootInlineBox) and put those floats
        in its floats vector. 

        * WebCore.vcproj/WebCore.vcproj: Added TrailingFloatsRootInlineBox.h
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::markLinesDirtyInVerticalRange): Added an optional
        parameter, which is the highest line to dirty.
        * rendering/RenderBlock.h:
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlock::layoutInlineChildren): Create a TrailingFloatsRootInlineBox
        for the floats occurring after the line break on the last line.
        (WebCore::RenderBlock::determineStartPosition): Prevent dirtying of lines
        above the first dirty line.
        * rendering/TrailingFloatsRootInlineBox.h: Added.
        (WebCore::TrailingFloatsRootInlineBox::TrailingFloatsRootInlineBox): Call
        setHasVirtualHeight().
        (WebCore::TrailingFloatsRootInlineBox::virtualHeight): Return 0.

2010-01-18  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (build fix).

        Eeeep! reverting r53416 & r53417, more to be done to fix windows.

        * WebCore.base.exp:
        * platform/sql/SQLiteFileSystem.cpp:
        (WebCore::SQLiteFileSystem::openDatabase):
        * platform/sql/SQLiteStatement.cpp:
        (WebCore::SQLiteStatement::prepare):
        * platform/sql/SQLiteStatement.h:
        * platform/sql/chromium/SQLiteFileSystemChromium.cpp:
        (WebCore::SQLiteFileSystem::openDatabase):
        * platform/text/PlatformString.h:
        * platform/text/String.cpp:
        (WebCore::String::charactersWithNullTermination):
        * platform/text/StringImpl.cpp:
        (WebCore::StringImpl::operator new):
        (WebCore::StringImpl::operator delete):
        (WebCore::StringImpl::StringImpl):
        (WebCore::StringImpl::~StringImpl):
        (WebCore::StringImpl::create):
        (WebCore::StringImpl::createWithTerminatingNullCharacter):
        (WebCore::StringImpl::crossThreadString):
        (WebCore::StringImpl::sharedBuffer):
        * platform/text/StringImpl.h:
        (WebCore::StringImpl::hasTerminatingNullCharacter):
        (WebCore::StringImpl::inTable):
        (WebCore::StringImpl::setInTable):
        (WebCore::StringImpl::):
        * platform/win/ClipboardUtilitiesWin.cpp:
        (WebCore::createGlobalData):
        * storage/OriginUsageRecord.cpp:
        (WebCore::OriginUsageRecord::addDatabase):
        (WebCore::OriginUsageRecord::markDatabase):

2010-01-18  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by NOBODY (windows build fix).

        * platform/win/ClipboardUtilitiesWin.cpp:
        (WebCore::createGlobalData):

2010-01-15  Gavin Barraclough  <barraclough@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=33731
        Remove uses of PtrAndFlags from WebCore::StringImpl.

        These break the OS X Leaks tool.  Move the management of null-terminated copies
        out from StringImpl to String, and use a bit stolen from the refCount to hold the
        'InTable' flag.

        * platform/sql/SQLiteFileSystem.cpp:
        (WebCore::SQLiteFileSystem::openDatabase):
        * platform/sql/SQLiteStatement.cpp:
        (WebCore::SQLiteStatement::prepare):
        * platform/sql/SQLiteStatement.h:
        * platform/text/PlatformString.h:
        * platform/text/String.cpp:
        (WebCore::String::copyWithNullTermination):
        * platform/text/StringImpl.cpp:
        (WebCore::StringImpl::StringImpl):
        (WebCore::StringImpl::~StringImpl):
        (WebCore::StringImpl::create):
        (WebCore::StringImpl::crossThreadString):
        (WebCore::StringImpl::sharedBuffer):
        * platform/text/StringImpl.h:
        (WebCore::StringImpl::inTable):
        (WebCore::StringImpl::setInTable):

2010-01-18  Chris Marrin  <cmarrin@apple.com>

        Reviewed by Darin Adler.

        Made root compositing layer scroll rather than scroll parent.
        https://bugs.webkit.org/show_bug.cgi?id=32279
        
        There's some general cleanup here so the frames, bounds and
        positions of all the associated layers are correct.
        I also changed API of setScrollFrame to use an IntRect.

        * platform/graphics/win/WKCACFLayerRenderer.cpp:
        (WebCore::WKCACFLayerRenderer::WKCACFLayerRenderer):
        (WebCore::WKCACFLayerRenderer::setScrollFrame):
        (WebCore::WKCACFLayerRenderer::setRootChildLayer):
        (WebCore::WKCACFLayerRenderer::createRenderer):
        (WebCore::WKCACFLayerRenderer::resize):
        * platform/graphics/win/WKCACFLayerRenderer.h:

2010-01-18  Ilya Tikhonovsky  <loislo@chromium.org>

        Reviewed by Pavel Feldman.

        WebInspector: Timeline panel scrolling speed can be 2 times faster.
        https://bugs.webkit.org/show_bug.cgi?id=33794

        * inspector/front-end/TimelinePanel.js:
        (WebInspector.TimelinePanel.prototype._scheduleRefresh):
        (WebInspector.TimelinePanel.prototype._refreshRecords):
        (WebInspector.TimelineCalculator):
        (WebInspector.TimelineCalculator.prototype.calculateWindow):
        (WebInspector.TimelineCalculator.prototype.reset):
        (WebInspector.TimelineCalculator.prototype.updateBoundaries):
        (WebInspector.TimelineRecordGraphRow.prototype.update):

2010-01-18  Steve Block  <steveblock@google.com>

        Reviewed by Adam Barth.

        Moves JSC-specific version of JavaInstance from bridge/jni/jni_instance to bridge/jni/jsc/JavaInstanceJSC
        https://bugs.webkit.org/show_bug.cgi?id=33672

        No new tests, refactoring only.

        * Android.jscbindings.mk: Modified. Removed jni_instance.cpp and added JavaInstanceJSC.cpp
        * GNUmakefile.am: Modified. Removed jni_instance.h and added JavaInstanceJSC.h
        * WebCore.xcodeproj/project.pbxproj: Modified. Removed jni_instance.[cpp|h] and added JavaInstanceJSC.[cpp|h]
        * bindings/js/ScriptControllerMac.mm: Modified. Includes JavaInstanceJSC.h
        * bridge/jni/jni_instance.cpp: Removed.
        * bridge/jni/jni_instance.h: Removed.
        * bridge/jni/jni_runtime.h: Modified. Includes JavaInstanceJSC.h
        * bridge/jni/jsc/JavaInstanceJSC.cpp: Copied from WebCore/bridge/jni/jni_instance.cpp.
        * bridge/jni/jsc/JavaInstanceJSC.h: Copied from WebCore/bridge/jni/jni_instance.h.

2010-01-18  Peter Kasting  <pkasting@google.com>

        Reviewed by Adam Barth.

        Simplify image decoders slightly by using OwnPtr instead of raw pointers
        and eliminating a basically-useless wrapper class in the GIF decoder.
        https://bugs.webkit.org/show_bug.cgi?id=28751

        * platform/graphics/qt/ImageDecoderQt.cpp:
        (WebCore::ImageDecoderQt::ImageDecoderQt):
        (WebCore::ImageDecoderQt::~ImageDecoderQt):
        (WebCore::ImageDecoderQt::setData):
        (WebCore::ImageDecoderQt::internalReadImage):
        (WebCore::ImageDecoderQt::failRead):
        * platform/graphics/qt/ImageDecoderQt.h:
        * platform/image-decoders/gif/GIFImageDecoder.cpp:
        (WebCore::GIFImageDecoder::GIFImageDecoder):
        (WebCore::GIFImageDecoder::~GIFImageDecoder):
        (WebCore::GIFImageDecoder::setData):
        (WebCore::GIFImageDecoder::frameCount):
        (WebCore::GIFImageDecoder::repetitionCount):
        (WebCore::GIFImageDecoder::decode):
        (WebCore::GIFImageDecoder::decodingHalted):
        (WebCore::GIFImageDecoder::initFrameBuffer):
        (WebCore::GIFImageDecoder::haveDecodedRow):
        (WebCore::GIFImageDecoder::gifComplete):
        * platform/image-decoders/gif/GIFImageDecoder.h:
        * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
        (WebCore::JPEGImageDecoder::JPEGImageDecoder):
        (WebCore::JPEGImageDecoder::~JPEGImageDecoder):
        (WebCore::JPEGImageDecoder::setData):
        (WebCore::JPEGImageDecoder::decode):
        * platform/image-decoders/jpeg/JPEGImageDecoder.h:
        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageDecoder::PNGImageDecoder):
        (WebCore::PNGImageDecoder::~PNGImageDecoder):
        (WebCore::PNGImageDecoder::setData):
        (WebCore::PNGImageDecoder::decode):
        (WebCore::PNGImageDecoder::headerAvailable):
        (WebCore::PNGImageDecoder::rowAvailable):
        * platform/image-decoders/png/PNGImageDecoder.h:

2010-01-18  Daniel Cheng  <dcheng@google.com>

        Reviewed by Adam Roben.

        DataTransfer interface broken on Windows--types member is always
        undefined, and getData() does not work.
        https://bugs.webkit.org/show_bug.cgi?id=30527

        * platform/win/ClipboardWin.cpp:
        (WebCore::addMimeTypesForFormat): pass FORMATETC as a const ref.
        (WebCore::ClipboardWin::types): fix calls to IEnumFORMATETC.
        (WebCore::ClipboardWin::hasData): fix calls to IEnumFORMATETC.

2010-01-18  Mikhail Naganov  <mnaganov@chromium.org>

        Reviewed by Timothy Hatcher.

        Don't show Profiles welcome screen on panel switch,
        if a profile view is shown.

        https://bugs.webkit.org/show_bug.cgi?id=33799

        * inspector/front-end/ProfilesPanel.js:
        (WebInspector.ProfilesPanel.prototype.show):

2010-01-18  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] Force qmake to generate a single makefile for DerivedSources.pro

        * DerivedSources.pro:

2010-01-18  Jonathan Dixon  <joth@chromium.org>

        Reviewed by Adam Barth.

        Add support for enabling navigator.geolocation at runtime in the V8 bindings.
        Adds the [EnabledAtRuntime] modifier to the navigator IDL.
        https://bugs.webkit.org/show_bug.cgi?id=33467

        * WebCore.gypi:
        * bindings/v8/RuntimeEnabledFeatures.cpp:
        * bindings/v8/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setGeolocationEnabled):
        (WebCore::RuntimeEnabledFeatures::geolocationEnabled):
        * bindings/v8/custom/V8NavigatorCustom.cpp: Added.
        (WebCore::V8Navigator::GeolocationEnabled):
        * page/Navigator.cpp:
        (WebCore::Navigator::geolocation):
        * page/Navigator.idl:

2010-01-18  Alexander Pavlov  <apavlov@chromium.org>

        Reviewed by Pavel Feldman.

        Improve Resources panel performance for lots of resources

        DOM properties are extracted into const's, comparisons are faster.
        https://bugs.webkit.org/show_bug.cgi?id=33790

        * inspector/front-end/AbstractTimelinePanel.js:
        (WebInspector.AbstractTimelinePanel.prototype._updateDividersLabelBarPosition):
        * inspector/front-end/Resource.js:
        (WebInspector.Resource.CompareByStartTime):
        (WebInspector.Resource.CompareByResponseReceivedTime):
        (WebInspector.Resource.CompareByEndTime):
        (WebInspector.Resource.CompareByDuration):
        (WebInspector.Resource.CompareByLatency):
        (WebInspector.Resource.CompareBySize):
        * inspector/front-end/ResourcesPanel.js:
        (WebInspector.ResourceGraph.prototype.refreshLabelPositions):

2010-01-18  Daniel Bates  <dbates@rim.com>

        Reviewed by Eric Seidel.

        https://bugs.webkit.org/show_bug.cgi?id=33726

        Following up on changes made with respect to bug #33498, we should
        fix the the style errors found by the style bot.
        
        Moreover, this fixes all the style errors found by check-webkit-style
        except the use of an underline in the variable name _niflags. We should
        fix this in a second run through for all the other variables names that
        contain an underline because there are many.

        No functionality was changed. So, no new tests.

        * rendering/style/SVGRenderStyle.h:
        (WebCore::SVGRenderStyle::create):
        (WebCore::SVGRenderStyle::copy):
        (WebCore::SVGRenderStyle::operator!=):
        (WebCore::SVGRenderStyle::hasStroke):
        (WebCore::SVGRenderStyle::hasFill):
        (WebCore::SVGRenderStyle::InheritedFlags::operator==):
        (WebCore::SVGRenderStyle::InheritedFlags::operator!=):
        (WebCore::SVGRenderStyle::NonInheritedFlags::operator==):
        (WebCore::SVGRenderStyle::NonInheritedFlags::operator!=):
        (WebCore::SVGRenderStyle::NonInheritedFlags::):
        (WebCore::SVGRenderStyle::):
        (WebCore::SVGRenderStyle::setBitDefaults):

2010-01-18  Andrei Popescu  <andreip@google.com>

        Reviewed by Adam Barth.

        [Android] DOMWrapperMap::Visitor needs virtual destructor
        https://bugs.webkit.org/show_bug.cgi?id=33675

        Add protected virtual dtor to DOMWrapperMap::Visitor. See bug for further discussion.

        No new tests needed, functionality not changed.

        * bindings/v8/V8DOMMap.h:
        (WebCore::DOMWrapperMap::Visitor::~Visitor): Added.

2010-01-18  Simon Hausmann  <simon.hausmann@nokia.com>

        Unreviewed Symbian build fix.

        If we don't link with def files, then we have to pass EXPORTUNFROZEN,
        so that the build system still creates the .dso files in
        release/armv5/lib and we can actually link against the created QtWebKit
        dlls.

        Thanks Iain for the help!

        * WebCore.pro:

2010-01-17  Srinidhi Shreedhara  <srinidhi.shreedhara@nokia.com>

        Reviewed by Simon Hausmann.

        [Qt] [Symbian] SetWindow call in npapi plugin does not happen when the cooridnates are negative
        https://bugs.webkit.org/show_bug.cgi?id=33573

        * plugins/symbian/PluginViewSymbian.cpp:
        (WebCore::PluginView::setNPWindowIfNeeded): Remove tests for negative
        coordinates for early return.

2010-01-17  Oliver Hunt  <oliver@apple.com>

        Reviewed by Dan Bernstein.

        REGRESSION (r52449): SVG mask wrongly clipped when not at origin for recent nightly build
        https://bugs.webkit.org/show_bug.cgi?id=33782

        Test: svg/custom/transformedMaskFails.svg

        When computing the bounds for elements in a mask, we iterate through
        all of our children requesting their repaint bounds using
        repaintRectInLocalCoordinates(), but we were not converting that
        rect into our own coordinate system, thus leading to an incorrect
        repaint rect.  This patch simply adds the missing localToParent
        transform.

        * svg/SVGMaskElement.cpp:
        (WebCore::SVGMaskElement::drawMaskerContent):

2010-01-17  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Dan Bernstein.

        Avoid slow access to AX objects on attribute access when AX is off
        https://bugs.webkit.org/show_bug.cgi?id=33779

        ~4% Dromaeo attributes test speedup

        * dom/Element.cpp:
        (WebCore::Element::updateAfterAttributeChanged): Don't do expensive lookup of
        AX object cache unless accessibility is on and an AX-related attribute is
        changed.

2010-01-17  Kevin Watters  <kevinwatters@gmail.com>

        Reviewed by Kevin Ollivier.

        [wx] On Win and GTK, we need to manually apply the transforms when falling back
        to GDI / GDK drawing, but this is not needed on Mac since we always use CG there.
        
        https://bugs.webkit.org/show_bug.cgi?id=33730

        * platform/wx/RenderThemeWx.cpp:
        (WebCore::RenderThemeWx::paintButton):

2010-01-17  Martin Robinson  <martin.james.robinson@gmail.com>

        Reviewed by Gustavo Noronha Silva.

        [GTK] GtkWebKit incompatible with rgba colormaps
        https://bugs.webkit.org/show_bug.cgi?id=20736

        Fix GTK theme rendering onto drawables with RGBA colormaps. Now
        each type of colormap has its own collection of GtkWidgets.

        This fix does not introduce any functionality changes, so does not
        includes new tests.

        * platform/gtk/RenderThemeGtk.cpp:
        (WebCore::RenderThemeGtk::RenderThemeGtk):
        (WebCore::RenderThemeGtk::~RenderThemeGtk):
        (WebCore::RenderThemeGtk::partsForDrawable):
        (WebCore::adjustMozillaStyle):
        (WebCore::setMozillaState):
        (WebCore::paintMozillaGtkWidget):
        (WebCore::setToggleSize):
        (WebCore::RenderThemeGtk::setCheckboxSize):
        (WebCore::RenderThemeGtk::paintCheckbox):
        (WebCore::RenderThemeGtk::setRadioSize):
        (WebCore::RenderThemeGtk::paintRadio):
        (WebCore::RenderThemeGtk::paintButton):
        (WebCore::RenderThemeGtk::adjustMenuListStyle):
        (WebCore::RenderThemeGtk::paintMenuList):
        (WebCore::RenderThemeGtk::adjustTextFieldStyle):
        (WebCore::RenderThemeGtk::paintTextField):
        (WebCore::RenderThemeGtk::paintSearchFieldResultsButton):
        (WebCore::RenderThemeGtk::paintSearchFieldResultsDecoration):
        (WebCore::RenderThemeGtk::paintSearchFieldCancelButton):
        * platform/gtk/RenderThemeGtk.h:
        * platform/gtk/gtk2drawing.c:
        (moz_gtk_use_theme_parts):
        (ensure_window_widget):
        (setup_widget_prototype):
        (ensure_button_widget):
        (ensure_hpaned_widget):
        (ensure_vpaned_widget):
        (ensure_toggle_button_widget):
        (ensure_button_arrow_widget):
        (ensure_checkbox_widget):
        (ensure_radiobutton_widget):
        (ensure_scrollbar_widget):
        (ensure_spin_widget):
        (ensure_scale_widget):
        (ensure_entry_widget):
        (moz_gtk_get_combo_box_inner_button):
        (moz_gtk_get_combo_box_button_inner_widgets):
        (ensure_combo_box_widgets):
        (moz_gtk_get_combo_box_entry_inner_widgets):
        (moz_gtk_get_combo_box_entry_arrow):
        (ensure_combo_box_entry_widgets):
        (ensure_handlebox_widget):
        (ensure_toolbar_widget):
        (ensure_toolbar_separator_widget):
        (ensure_tooltip_widget):
        (ensure_tab_widget):
        (ensure_progress_widget):
        (ensure_statusbar_widget):
        (ensure_frame_widget):
        (ensure_menu_bar_widget):
        (ensure_menu_bar_item_widget):
        (ensure_menu_popup_widget):
        (ensure_menu_item_widget):
        (ensure_image_menu_item_widget):
        (ensure_menu_separator_widget):
        (ensure_check_menu_item_widget):
        (ensure_tree_view_widget):
        (ensure_tree_header_cell_widget):
        (ensure_expander_widget):
        (ensure_scrolled_window_widget):
        (moz_gtk_checkbox_get_metrics):
        (moz_gtk_radio_get_metrics):
        (moz_gtk_splitter_get_metrics):
        (moz_gtk_toggle_paint):
        (moz_gtk_scrollbar_button_paint):
        (moz_gtk_scrollbar_trough_paint):
        (moz_gtk_scrollbar_thumb_paint):
        (moz_gtk_spin_paint):
        (moz_gtk_spin_updown_paint):
        (moz_gtk_scale_paint):
        (moz_gtk_scale_thumb_paint):
        (moz_gtk_gripper_paint):
        (moz_gtk_hpaned_paint):
        (moz_gtk_vpaned_paint):
        (moz_gtk_caret_paint):
        (moz_gtk_treeview_paint):
        (moz_gtk_tree_header_cell_paint):
        (moz_gtk_tree_header_sort_arrow_paint):
        (moz_gtk_treeview_expander_paint):
        (moz_gtk_expander_paint):
        (moz_gtk_combo_box_paint):
        (moz_gtk_downarrow_paint):
        (moz_gtk_combo_box_entry_button_paint):
        (moz_gtk_container_paint):
        (moz_gtk_toggle_label_paint):
        (moz_gtk_toolbar_paint):
        (moz_gtk_toolbar_separator_paint):
        (moz_gtk_tooltip_paint):
        (moz_gtk_resizer_paint):
        (moz_gtk_frame_paint):
        (moz_gtk_progressbar_paint):
        (moz_gtk_progress_chunk_paint):
        (moz_gtk_get_tab_thickness):
        (moz_gtk_tab_paint):
        (moz_gtk_tabpanels_paint):
        (moz_gtk_tab_scroll_arrow_paint):
        (moz_gtk_menu_bar_paint):
        (moz_gtk_menu_popup_paint):
        (moz_gtk_menu_separator_paint):
        (moz_gtk_menu_item_paint):
        (moz_gtk_menu_arrow_paint):
        (moz_gtk_check_menu_item_paint):
        (moz_gtk_window_paint):
        (moz_gtk_get_widget_border):
        (moz_gtk_get_combo_box_entry_button_size):
        (moz_gtk_get_tab_scroll_arrow_size):
        (moz_gtk_get_downarrow_size):
        (moz_gtk_get_toolbar_separator_width):
        (moz_gtk_get_expander_size):
        (moz_gtk_get_treeview_expander_size):
        (moz_gtk_get_menu_separator_height):
        (moz_gtk_get_scalethumb_metrics):
        (moz_gtk_get_scrollbar_metrics):
        (moz_gtk_images_in_menus):
        (moz_gtk_widget_paint):
        (moz_gtk_get_scrollbar_widget):
        (moz_gtk_shutdown):
        (moz_gtk_destroy_theme_parts_widgets):
        * platform/gtk/gtkdrawing.h:

2010-01-16  Maciej Stachowiak  <mjs@apple.com>

        Reviewed by Oliver Hunt.

        Cache JS string values made from DOM strings (Dromaeo speedup)
        https://bugs.webkit.org/show_bug.cgi?id=33768
        <rdar://problem/7353576>

        Added a new cache for JSString values that are created from Strings or AtomicStrings
        in the DOM. It's common for the same string to be retrieved from the DOM repeatedly,
        and it is wasteful to make a new JS-level string value every time.
        
        The string cache is per-world, and thus thread-safe and not a
        vector for accidental information exchange.
        
        ~30% speedup on Dromaeo Attributes test, also substantially helps other Dromaeo DOM tests.

        * bindings/js/JSDOMBinding.cpp:
        (WebCore::jsStringCache): Helper function to get the string cache for the current world.
        (WebCore::jsString): Some new overloads including the caching version.
        (WebCore::stringWrapperDestroyed): Finalizer callback - remove from relevant caches.
        * bindings/js/JSDOMBinding.h:
        (WebCore::jsString): Prototype new overloads (and define a few inline).
        * bindings/js/JSJavaScriptCallFrameCustom.cpp:
        (WebCore::JSJavaScriptCallFrame::type): Explicitly make a UString.
        * bindings/js/ScriptFunctionCall.cpp:
        (WebCore::ScriptFunctionCall::appendArgument): Ditto.
        * WebCore.base.exp: Add new JSString overloads that WebCore gets to see.

2010-01-16  Oliver Hunt  <oliver@apple.com>

        Reviewed by Nikolas Zimmermann.

        SVG Markers are getting culled incorrectly
        https://bugs.webkit.org/show_bug.cgi?id=33767

        Use applyTransformToPaintInfo to transform the paintInfo, otherwise
        the paint rect is not updated leading to incorrect culling.

        * svg/graphics/SVGResourceMarker.cpp:
        (WebCore::SVGResourceMarker::draw):

2010-01-15  John Sullivan  <sullivan@apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=33751 and <rdar://problem/7538330>
        Zip code field is misidentified as street address because id attribute isn't checked.

        Reviewed by Darin Adler

        No new tests. I believe this code is used only by Safari AutoFill, but in any case
        it does not affect page rendering or anything else at the WebCore/WebKit level.

        * page/Frame.cpp:
        (WebCore::matchLabelsAgainstString):
        New function, split out from matchLabelsAgainstElement.
        (WebCore::Frame::matchLabelsAgainstElement):
        Now calls matchLabelsAgainstString for the id attribute if no match is found for the name attribute.
        
        * page/mac/FrameMac.mm:
        (WebCore::matchLabelsAgainstString):
        Same as above. This is a parallel copy of the function using Mac-specific data structures.
        (WebCore::Frame::matchLabelsAgainstElement):
        Ditto.

2010-01-16  Timothy Hatcher  <timothy@apple.com>

        Use String.trim() instead of a regex in the Web Inspector.

        https://bugs.webkit.org/show_bug.cgi?id=33765

        Reviewed by George Staikos.

        * inspector/front-end/ElementsPanel.js:
        (WebInspector.ElementsPanel.prototype.performSearch): Use .trim().
        * inspector/front-end/ObjectPropertiesSection.js:
        (WebInspector.ObjectPropertyTreeElement.prototype.applyExpression): Ditto.
        * inspector/front-end/ProfileView.js:
        * inspector/front-end/SourceFrame.js:
        (WebInspector.SourceFrame.prototype._evalSelectionInCallFrame): Ditto.
        * inspector/front-end/StylesSidebarPane.js:
        (WebInspector.StylePropertyTreeElement.prototype): Ditto.
        * inspector/front-end/utilities.js:
        (String.prototype.trimLeadingWhitespace): Removed.
        (String.prototype.trimTrailingWhitespace): Removed.
        (String.prototype.trimWhitespace): Removed.

2010-01-16  Oliver Hunt  <oliver@apple.com>

        Reviewed by Nikolas Zimmermann.

        Copying TransformationMatrix consumed a lot of cpu time while scroll with cursor over content
        https://bugs.webkit.org/show_bug.cgi?id=33766

        Make localToParentTransform return by reference to avid copy overhead.
        This is a little gnarly in places as it means we need to be able to 
        return temporary values in a few implementations, so we have to add
        class fields to hold them, heppily the classes that these effect are
         sufficiently uncommon for this to be okay.

        * rendering/RenderForeignObject.cpp:
        (WebCore::RenderForeignObject::localToParentTransform):
        * rendering/RenderForeignObject.h:
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::localTransform):
        (WebCore::RenderObject::localToParentTransform):
        * rendering/RenderObject.h:
        * rendering/RenderPath.cpp:
        (WebCore::RenderPath::localToParentTransform):
        (WebCore::RenderPath::nodeAtFloatPoint):
        * rendering/RenderPath.h:
        * rendering/RenderSVGImage.h:
        (WebCore::RenderSVGImage::localToParentTransform):
        * rendering/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::localToParentTransform):
        * rendering/RenderSVGRoot.h:
        * rendering/RenderSVGText.h:
        (WebCore::RenderSVGText::localToParentTransform):
        * rendering/RenderSVGTransformableContainer.cpp:
        (WebCore::RenderSVGTransformableContainer::localToParentTransform):
        * rendering/RenderSVGTransformableContainer.h:
        * rendering/RenderSVGViewportContainer.cpp:
        (WebCore::RenderSVGViewportContainer::localToParentTransform):
        * rendering/RenderSVGViewportContainer.h:

2010-01-16  Darin Adler  <darin@apple.com>

        Reviewed by Oliver Hunt and Alexey Proskuryakov.

        ValidityState can hold a stale pointer to control
        https://bugs.webkit.org/show_bug.cgi?id=33729
        rdar://problem/7545114

        Test: fast/forms/ValidityState-removed-control.html

        * html/HTMLFormControlElement.h: Use OwnPtr instead of
        RefPtr to point to the ValidityState object.

        * html/ValidityState.cpp: Use a constant instead of a
        macro for the email validation regular expression.
        (WebCore::ValidityState::validationMessage): Use
        m_control instead of control function; we don't need
        a function for this. Also marked const.
        (WebCore::ValidityState::typeMismatch): Ditto.
        Fixed some minor style problems.
        (WebCore::ValidityState::rangeUnderflow): Ditto.
        (WebCore::ValidityState::rangeOverflow): Ditto.
        (WebCore::ValidityState::stepMismatch): Ditto.
        (WebCore::ValidityState::valid): Ditto.
        (WebCore::ValidityState::isValidEmailAddress):
        Changed local variable names for clarity. Got rid of
        an unneeded global variable.

        * html/ValidityState.h: Removed RefCounted as a base
        class, deriving from Noncopyable instead. Changed
        creation to use PassOwnPtr instead of PassRefPtr.
        Eliminated unneeded control function. Added ref and
        deref functions that forward the reference counting
        to the control. Moved constructor here and made it
        inline.

2010-01-15  Alexey Proskuryakov  <ap@apple.com>

        Reviewed by Darin Adler.

        https://bugs.webkit.org/show_bug.cgi?id=33752
        Assertion failure when getting a href attribute with prefix

        This was due to a temporary change made in 2005 (r9639) - checks in checkSetPrefix were
        disabled during introduction of QualifiedName, but never re-enabled.

        Tests: fast/dom/bad-href-attribute.html
               fast/dom/node-prefix-setter-namespace-exception.html

        * dom/Attr.cpp: (WebCore::Attr::setPrefix):
        * dom/Element.cpp: (WebCore::Element::setPrefix):
        * dom/Node.cpp: (WebCore::Node::checkSetPrefix):
        Re-enabled the checks. Also, changed the prefix setter to treat "" as null, matching Firefox
        (DOM 3 Core spec says this behavior is implementation defined).

2010-01-16  Brady Eidson  <beidson@apple.com>

        Reviewed by Darin Adler.

        <rdar://problem/7536748> and https://bugs.webkit.org/show_bug.cgi?id=33571
        History traversals to a new document do not get the popstate event

        State objects now live-on in their HistoryItem indefinitely.
        This means any back/forward navigation might result in a popstate event, not just to 
        pre-existing documents as was previously the case.

        * history/HistoryItem.cpp:
        (WebCore::HistoryItem::documentDetached): State objects are held beyond Document lifetime.
       
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::begin): If there is a pending state object for this Frame load, pass it
          on to the Document after the Document is created.
        (WebCore::FrameLoader::transitionToCommitted): If the current history item has a state object,
          set it as the FrameLoad's pending state object.
        * loader/FrameLoader.h:
        
        * page/Page.cpp:
        (WebCore::Page::goToItem): Remove a now-invalid ASSERT.

2010-01-15  Simon Fraser  <simon.fraser@apple.com>

        Reviewed by Dan Bernstein and Adele Peterson.

        Support reflections on composited layers
        https://bugs.webkit.org/show_bug.cgi?id=31885
        
        Implement reflections (via -webkit-box-reflect:) on compositing layers.
        
        We add to the GraphicsLayer the notion of having a replica, and being a replicated layer.
        The replica layer is not parented in the tree, but referenced by another layer.
        RenderLayerBacking sets this up when it finds RenderLayers for reflections.
        
        GraphicsLayerCA implements rendering of replica layers by cloning CA layers,
        and copying their properties, including animations and contents. Deep reflections
        are supported by a hash of clone layers on each GraphicsLayerCA, indexed by
        the path down the tree to each replica instance.
        
        When GraphicsLayerCA properties are changed, in most cases the clones must also
        be updated.

        Tests: compositing/masks/direct-image-mask.html
               compositing/reflections/animation-inside-reflection.html
               compositing/reflections/compositing-change-inside-reflection.html
               compositing/reflections/deeply-nested-reflections.html
               compositing/reflections/masked-reflection-on-composited.html
               compositing/reflections/nested-reflection-anchor-point.html
               compositing/reflections/nested-reflection-animated.html
               compositing/reflections/nested-reflection-mask-change.html
               compositing/reflections/nested-reflection-on-overflow.html
               compositing/reflections/nested-reflection-opacity.html
               compositing/reflections/nested-reflection-size-change.html
               compositing/reflections/nested-reflection-transformed.html
               compositing/reflections/nested-reflection-transition.html
               compositing/reflections/nested-reflection.html
               compositing/reflections/reflection-opacity.html
               compositing/reflections/reflection-ordering.html
               compositing/reflections/reflection-positioning.html
               compositing/reflections/transform-inside-reflection.html

        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::isReplicated): Returns true when this layer has a replicated layer.
        (WebCore::GraphicsLayer::replicatedLayerPosition):
        (WebCore::GraphicsLayer::setReplicatedLayerPosition): The position of the replica layer must be 
        special-cased; we cannot just copy the position of the original.
        (WebCore::GraphicsLayer::didDisplay): Method that indicates that the contents of the layer changed,
        which gives us a chance to update clone layers.
        (WebCore::GraphicsLayer::replicaLayer): reference to the replica layer.
        (WebCore::GraphicsLayer::replicatedLayer): reference to the layer that this (replica) layer is replicating.
        (WebCore::GraphicsLayer::setReplicatedLayer):

        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::GraphicsLayer):
        (WebCore::GraphicsLayer::setReplicatedByLayer): Hook up a replica with its replicated layer.
        (WebCore::GraphicsLayer::dumpProperties):

        * platform/graphics/mac/GraphicsLayerCA.h:
        (WebCore::GraphicsLayerCA::primaryLayer): Returns a CALayer, since structural layers may not be WebLayers.
        (WebCore::GraphicsLayerCA::isReplicatedRootClone): Given a cloneID (string representation of the path to a clone
        down the tree, which is a bitstring of 1 (replica), or 0 (non-replica)), returns true if this ID represents the
        root of a replica tree.
        (WebCore::GraphicsLayerCA::primaryLayerClones): Returns a pointer to the hash map of clones of the primary layers.

        (WebCore::GraphicsLayerCA::ReplicaState::ReplicaState): Small struct used to track original/clone branching
        down the tree during recursion, to build cloneID paths.

        (WebCore::GraphicsLayerCA::hasCloneLayers): returns true if this layer has clone layers.

        * platform/graphics/mac/GraphicsLayerCA.mm:
        (WebCore::GraphicsLayerCA::~GraphicsLayerCA): remove the clone layers.
        (WebCore::GraphicsLayerCA::setChildren): call noteSublayersChanged() since we may have to update replicas too.
        (WebCore::GraphicsLayerCA::addChild): ditto
        (WebCore::GraphicsLayerCA::addChildAtIndex): ditto
        (WebCore::GraphicsLayerCA::addChildBelow): ditto
        (WebCore::GraphicsLayerCA::addChildAbove): ditto
        (WebCore::GraphicsLayerCA::replaceChild): ditto
        (WebCore::GraphicsLayerCA::removeFromParent): ditto
        (WebCore::GraphicsLayerCA::setMaskLayer): call propagateLayerChangeToReplicas()
        (WebCore::GraphicsLayerCA::setReplicatedLayer): note replica changed.
        (WebCore::GraphicsLayerCA::setReplicatedByLayer): ditto
        (WebCore::GraphicsLayerCA::moveOrCopyAllAnimationsForProperty): Enhanced to allow moving or copying animations.
        (WebCore::GraphicsLayerCA::moveOrCopyAnimationsForProperty): Ditto.
        (WebCore::GraphicsLayerCA::setContentsToImage): call noteSublayersChanged()
        (WebCore::GraphicsLayerCA::setContentsToVideo): call noteSublayersChanged()
        (WebCore::GraphicsLayerCA::didDisplay): here is our chance to copy updated contents to clone layers.
        (WebCore::GraphicsLayerCA::recursiveCommitChanges):
        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers): pre-order commit, for things that need to be
            committed before we recurse on children.
        (WebCore::GraphicsLayerCA::commitLayerChangesAfterSublayers): post-order commit, for things that need to be
            committed after we recurse on children, like clones.
        (WebCore::GraphicsLayerCA::updateLayerNames): New method to match the other 'update' methods.
        (WebCore::GraphicsLayerCA::updateSublayerList): Insert replica layers into the hierarchy.
        (WebCore::GraphicsLayerCA::updateLayerPosition): update clones.
        (WebCore::GraphicsLayerCA::updateLayerSize): ditto
        (WebCore::GraphicsLayerCA::updateAnchorPoint): ditto
        (WebCore::GraphicsLayerCA::updateTransform): ditto
        (WebCore::GraphicsLayerCA::updateChildrenTransform): ditto
        (WebCore::GraphicsLayerCA::updateMasksToBounds): ditto
        (WebCore::GraphicsLayerCA::updateContentsOpaque): ditto
        (WebCore::GraphicsLayerCA::updateBackfaceVisibility): ditto
        (WebCore::GraphicsLayerCA::updateStructuralLayer): call ensureStructuralLayer()
        (WebCore::moveAnimation): utility to move a CAAnimation from one layer to another.
        (WebCore::GraphicsLayerCA::ensureStructuralLayer): refactored code which creates enclosing CALayers for reflection
        flattening, or CATransformLayers for preserve-3d.
        (WebCore::GraphicsLayerCA::structuralLayerPurpose): indicates why we need a structural layer.
        (WebCore::GraphicsLayerCA::updateLayerDrawsContent): update clones
        (WebCore::GraphicsLayerCA::updateContentsImage): ditto
        (WebCore::GraphicsLayerCA::updateContentsRect): ditto
        (WebCore::GraphicsLayerCA::updateMaskLayer): ditto
        (WebCore::GraphicsLayerCA::updateReplicatedLayers): This is where we ask for the tree of layers for the replica
        and its children, and attach them as sublayers.
        (WebCore::GraphicsLayerCA::ReplicaState::cloneID): Build a bitstring from the array of original/clone values; this
        string serves to identify clones in the hash map.
        (WebCore::GraphicsLayerCA::replicatedLayerRoot): Request the tree of clone layers, set its position and transform,
        and return it.
        (WebCore::GraphicsLayerCA::setAnimationOnLayer): update clones
        (WebCore::GraphicsLayerCA::removeAnimationFromLayer): ditto
        (WebCore::GraphicsLayerCA::pauseAnimationOnLayer): ditto
        (WebCore::GraphicsLayerCA::setContentsToGraphicsContext3D): udpate sublayers.
        (WebCore::GraphicsLayerCA::suspendAnimations): update clones.
        (WebCore::GraphicsLayerCA::resumeAnimations): ditto
        (WebCore::GraphicsLayerCA::animatedLayerClones): return the hash map for clones of the appropriate layer for the given property.
        (WebCore::GraphicsLayerCA::ensureCloneLayers): create and return clones for the CALayers for this layer.
        (WebCore::GraphicsLayerCA::removeCloneLayers): clear out the clone layers.
        (WebCore::GraphicsLayerCA::positionForCloneRootLayer): the root of a clonal subtree needs its position and transform to be special-cased,
        since it doesn't just copy those properties from the original.
        (WebCore::GraphicsLayerCA::propagateLayerChangeToReplicas): push the change flags onto the replica.
        (WebCore::GraphicsLayerCA::fetchCloneLayers): recurse down sublayers, creating clones of the CALayers along the way, and returning
        the root of the clone tree.
        (WebCore::copyAnimation): utility to copy an animation from one layer to another. Animations can be shared between layers.
        (WebCore::GraphicsLayerCA::cloneLayer): utility to clone a CALayer, copying those properties which GraphicsLayerCA makes use of
        (WebCore::GraphicsLayerCA::setOpacityInternal): push opacity changes to clones.
        (WebCore::GraphicsLayerCA::updateOpacityOnLayer): ditto
        (WebCore::GraphicsLayerCA::noteSublayersChanged): set the ChildrenChanged flag, and proprate changes to the replica, if any.

        * platform/graphics/mac/WebLayer.mm:
        (-[WebLayer display]): override -display so we know when to update the contents of clone layers

        * platform/graphics/mac/WebTiledLayer.mm:
        (-[WebTiledLayer display]): ditto.

        * rendering/RenderLayer.h:
        (WebCore::RenderLayer::isReflection): New method that returns true if the renderer is a replica.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::RenderLayer): initialize m_isReflection
        (WebCore::RenderLayer::updateReflectionStyle): call setIsReflection

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::createGraphicsLayer): Put a name on the reflection layer.
        (WebCore::RenderLayerBacking::updateGraphicsLayerConfiguration): Hook up the GraphicsLayers for the reflection.
        (WebCore::RenderLayerBacking::updateGraphicsLayerGeometry): Reflection overrides preserve-3d (you have to flatten to reflect).
        Also hook up updating the reflection layer geometry, and the relica position.
        
        (WebCore::RenderLayerBacking::paintIntoLayer): We no longer paint the reflection in software.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::computeCompositingRequirements): Hook reflection layers into the compositing logic.
        (WebCore::RenderLayerCompositor::canAccelerateVideoRendering): No longer have to push video into software if it's reflected.
        (WebCore::RenderLayerCompositor::rebuildCompositingLayerTree): Update the bounds of the reflection layer.
        (WebCore::RenderLayerCompositor::updateCompositingDescendantGeometry): ditto
        (WebCore::RenderLayerCompositor::requiresCompositingWhenDescendantsAreCompositing): a compositing descendant forces
        a reflection ancestor to composite now.
        (WebCore::RenderLayerBacking::containsPaintedContent): Reflection layers don't paint anything.
        (WebCore::RenderLayerBacking::isDirectlyCompositedImage): No need to fall out of direct compositing mode
        for masks or reflections any more.
        (WebCore::RenderLayerBacking::paintIntoLayer): No need to paint the reflection manually now.

        * rendering/RenderObject.h:
        (WebCore::RenderObject::isReplica):
        * rendering/RenderReplica.h:
        (WebCore::RenderReplica::isReplica):
        New method used to determine if a render is a replica.

2010-01-15  Carol Szabo  <carol.szabo@nokia.com>

        Reviewed by Darin Adler.

        CSS2.1 Counters not updated when new elements are inserted in the DOM.
        https://bugs.webkit.org/show_bug.cgi?id=32884

        Test: fast/css/counters/adding-nodes.html

        * rendering/CounterNode.cpp:
        (WebCore::CounterNode::insertAfter):
        Modified to handle the addition of nodes with children. Needed when formerly 
        root nodes become descendants of a new node.
        * rendering/RenderCounter.cpp:
        (WebCore::makeCounterNode):
        Changed to handle the case when root counter nodes lose their root 
        status as a result of a new root counter node creation. 
        (WebCore::destroyCounterNodeWithoutMapRemoval):
        Refactored more code into destroyCounterNodeChildren and renamed the
        function according to its new action.
        (WebCore::RenderCounter::destroyCounterNodes):
        Simplified to share more code with the new destroyCounterNode.
        (WebCore::RenderCounter::destroyCounterNode):
        Added to allow for selective counterNode destruction.
        (WebCore::RenderCounter::rendererSubtreeAttached):
        Added to refresh counter values in response to DOM changes.
        For renderers with no attached counters the execution time of this
        function cannot be discerned in comparison with the time needed to
        add a node or change the style of a node.
        (WebCore::updateCounters):
        Helper function for rendererSubtreeAttached. Updates the counters
        attached to a Renderer in response to the renderer or its ancestors
        being attached to the renderer tree.
        * rendering/RenderCounter.h:
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::addChild):
        Changed to update counter values if needed.

2010-01-15  Alejandro G. Castro  <alex@igalia.com>

        Reviewed by Xan Lopez.

        Original patch by David Ronis <david.ronis@mcgill.ca>

        Upgrade 1.1.17->1.1.18 fails: GTK_WIDGET_TOPLEVEL' was not declared in this scope
        https://bugs.webkit.org/show_bug.cgi?id=33486

        Deprecated symbols replaced for gtk+ versions over 2.18.

        * platform/gtk/PlatformScreenGtk.cpp:
        (WebCore::getVisual):
        (WebCore::screenRect):

2010-01-15  Oliver Hunt  <oliver@apple.com>

        Reviewed by Sam Weinig.

        Bad DOM performance in large SVG files
        https://bugs.webkit.org/show_bug.cgi?id=30055

        Improve the performance of the early culling check by avoiding save/restore
        of graphics state in culled case.

        * rendering/RenderPath.cpp:
        (WebCore::RenderPath::paint):

2010-01-15  Eric Seidel  <eric@webkit.org>

        No review, rolling out r53344.
        http://trac.webkit.org/changeset/53344
        https://bugs.webkit.org/show_bug.cgi?id=32920

        Broke the Chromium Mac builder.

        * WebCore.gypi:
        * bindings/scripts/CodeGeneratorV8.pm:
        * bindings/v8/SerializedScriptValue.cpp: Removed.
        * bindings/v8/SerializedScriptValue.h:
        (WebCore::SerializedScriptValue::create):
        (WebCore::SerializedScriptValue::release):
        (WebCore::SerializedScriptValue::toString):
        (WebCore::SerializedScriptValue::SerializedScriptValue):
        * bindings/v8/custom/V8DOMWindowCustom.cpp:
        (WebCore::V8DOMWindow::postMessageCallback):
        * bindings/v8/custom/V8DedicatedWorkerContextCustom.cpp:
        (WebCore::V8DedicatedWorkerContext::postMessageCallback):
        * bindings/v8/custom/V8HistoryCustom.cpp:
        (WebCore::V8History::pushStateCallback):
        (WebCore::V8History::replaceStateCallback):
        * bindings/v8/custom/V8MessageEventCustom.cpp:
        (WebCore::V8MessageEvent::initMessageEventCallback):
        * bindings/v8/custom/V8MessagePortCustom.cpp:
        (WebCore::V8MessagePort::postMessageCallback):
        * bindings/v8/custom/V8PopStateEventCustom.cpp:
        (WebCore::V8PopStateEvent::initPopStateEventCallback):
        (WebCore::V8PopStateEvent::stateAccessorGetter):
        * bindings/v8/custom/V8WorkerCustom.cpp:
        (WebCore::V8Worker::postMessageCallback):

2010-01-15  Darin Fisher  <darin@chromium.org>

        Reviewed by Brady Eidson.

        history.length does not return number of elements in history list
        https://bugs.webkit.org/show_bug.cgi?id=24472

        Test: fast/history/history-length.html

        * page/Page.cpp:
        (WebCore::Page::getHistoryLength):

2010-01-15  Dmitry Titov  <dimich@chromium.org>

        Reviewed by Darin Adler.

        Need to ensure that Document::postTask does not provide the Task with a dangling pointer to destroyed Document
        https://bugs.webkit.org/show_bug.cgi?id=31633

        Don't see a way to add test for it, we don't have a way to reproduce the issue currently.

        * dom/Document.cpp:
        (WebCore::DocumentWeakReference::DocumentWeakReference):
        (WebCore::DocumentWeakReference::document):
        (WebCore::DocumentWeakReference::clear):
        (WebCore::Document::Document): Create a weak reference to this Document.
        (WebCore::Document::~Document): Clear the weak pointer, preventing further execution of tasks.
        (WebCore::PerformTaskContext::PerformTaskContext):
        (WebCore::performTask): Check if the documentWeakReference is cleared by Document destructor - in this case do not run the task.
        (WebCore::Document::postTask):
        * dom/Document.h:
        (WebCore::DocumentWeakReference::create):

2010-01-15  Vitaly Repeshko  <vitalyr@chromium.org>

        Reviewed by David Levin.

        [V8] Support SerializedScriptValue.
        https://bugs.webkit.org/show_bug.cgi?id=32920
        http://crbug.com/30620

        Initial implementation of SerializedScriptValue which is used to
        to create a serialized representation of JavaScript objects.  This
        representation is needed for structured clones and worker messages.

        * WebCore.gypi: Added SerializedScriptValue.cpp.
        * bindings/scripts/CodeGeneratorV8.pm: Removed conversion to string before using SerializedScriptValue.
        * bindings/v8/SerializedScriptValue.cpp: Added.
        (WebCore::):
        (WebCore::ZigZag::encode):
        (WebCore::ZigZag::decode):
        (WebCore::Writer::Writer):
        (WebCore::Writer::writeUndefined):
        (WebCore::Writer::writeNull):
        (WebCore::Writer::writeTrue):
        (WebCore::Writer::writeFalse):
        (WebCore::Writer::writeString):
        (WebCore::Writer::writeInt32):
        (WebCore::Writer::writeNumber):
        (WebCore::Writer::endComposite):
        (WebCore::Writer::data):
        (WebCore::Writer::doWriteUint32):
        (WebCore::Writer::append):
        (WebCore::Writer::ensureSpace):
        (WebCore::Writer::fillHole):
        (WebCore::Writer::charAt):
        (WebCore::Serializer::Serializer):
        (WebCore::Serializer::serialize):
        (WebCore::Serializer::StateBase::~StateBase):
        (WebCore::Serializer::StateBase::nextState):
        (WebCore::Serializer::StateBase::setNextState):
        (WebCore::Serializer::StateBase::composite):
        (WebCore::Serializer::StateBase::StateBase):
        (WebCore::Serializer::State::composite):
        (WebCore::Serializer::State::tag):
        (WebCore::Serializer::State::State):
        (WebCore::Serializer::StackCleaner::StackCleaner):
        (WebCore::Serializer::StackCleaner::~StackCleaner):
        (WebCore::Serializer::ArrayState::ArrayState):
        (WebCore::Serializer::ArrayState::done):
        (WebCore::Serializer::ArrayState::advance):
        (WebCore::Serializer::ObjectState::ObjectState):
        (WebCore::Serializer::ObjectState::done):
        (WebCore::Serializer::ObjectState::advance):
        (WebCore::Serializer::ObjectState::nextProperty):
        (WebCore::Serializer::doSerialize):
        (WebCore::Serializer::push):
        (WebCore::Serializer::top):
        (WebCore::Serializer::pop):
        (WebCore::Serializer::checkComposite):
        (WebCore::Reader::Reader):
        (WebCore::Reader::isEof):
        (WebCore::Reader::read):
        (WebCore::Reader::readTag):
        (WebCore::Reader::readString):
        (WebCore::Reader::readInt32):
        (WebCore::Reader::readNumber):
        (WebCore::Reader::doReadUint32):
        (WebCore::Deserializer::Deserializer):
        (WebCore::Deserializer::deserialize):
        (WebCore::Deserializer::doDeserialize):
        (WebCore::Deserializer::push):
        (WebCore::Deserializer::pop):
        (WebCore::Deserializer::stackDepth):
        (WebCore::Deserializer::element):
        (WebCore::SerializedScriptValue::SerializedScriptValue):
        (WebCore::SerializedScriptValue::deserialize):
        * bindings/v8/SerializedScriptValue.h:
        (WebCore::SerializedScriptValue::create):
        (WebCore::SerializedScriptValue::createFromWire):
        (WebCore::SerializedScriptValue::release):
        (WebCore::SerializedScriptValue::toWireString):

        Updated uses of SerializedScriptValue:
        * bindings/v8/custom/V8DOMWindowCustom.cpp:
        (WebCore::V8DOMWindow::postMessageCallback):
        * bindings/v8/custom/V8DedicatedWorkerContextCustom.cpp:
        (WebCore::V8DedicatedWorkerContext::postMessageCallback):
        * bindings/v8/custom/V8HistoryCustom.cpp:
        (WebCore::V8History::pushStateCallback):
        (WebCore::V8History::replaceStateCallback):
        * bindings/v8/custom/V8MessageEventCustom.cpp:
        (WebCore::V8MessageEvent::initMessageEventCallback):
        * bindings/v8/custom/V8MessagePortCustom.cpp:
        (WebCore::V8MessagePort::postMessageCallback):
        * bindings/v8/custom/V8WorkerCustom.cpp:
        (WebCore::V8Worker::postMessageCallback):

2010-01-15  Oliver Hunt  <oliver@apple.com>

        Reviewed by Dirk Schulze.

        Bad DOM performance in large SVG files
        https://bugs.webkit.org/show_bug.cgi?id=30055

        Add an early return when we go to paint a RenderPath that
        isn't in the current clip.

        * rendering/RenderPath.cpp:
        (WebCore::RenderPath::paint):
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::draw):

2010-01-15  Steve Block  <steveblock@google.com>

        Reviewed by Eric Seidel.

        Make Geolocation::suspend/resume public.
        https://bugs.webkit.org/show_bug.cgi?id=33679

        These were made private in Bug 32499, but are required by Android to be public.

        No new tests, build fix only.

        * page/Geolocation.cpp: Modified
        (WebCore::Geolocation::suspend): Added back in
        (WebCore::Geolocation::resume): Added back in
        * page/Geolocation.h: Modified. Make suspend and resume public

2010-01-15  Alexander Pavlov  <apavlov@chromium.org>

        Reviewed by Pavel Feldman.

        Set pointer cursor when over a breakpoint in the BreakpointsSidebarPane

        https://bugs.webkit.org/show_bug.cgi?id=33713

        * inspector/front-end/inspector.css:

2010-01-15  Nate Chapin  <japhet@chromium.org>

        Reviewed by Dimitri Glazkov.

        [V8] Generate more of the custom behaviors that the v8 bindings attach to v8 FunctionTemplates.

        * bindings/scripts/CodeGeneratorV8.pm:
        * bindings/v8/V8Binding.cpp:
        (WebCore::getToStringName):
        (WebCore::constructorToString):
        (WebCore::getToStringTemplate):
        * bindings/v8/V8Binding.h:
        * bindings/v8/V8DOMWindowShell.cpp:
        (WebCore::V8DOMWindowShell::createNewContext):
        * bindings/v8/V8DOMWrapper.cpp:
        (WebCore::V8DOMWrapper::getTemplate):

2010-01-15  Dimitri Glazkov  <dglazkov@chromium.org>

        No review, rolling out r53331.
        http://trac.webkit.org/changeset/53331
        https://bugs.webkit.org/show_bug.cgi?id=30055

        Broke fast/borders/svg-as-border-image-3.html. Don't give up,
        Oliver! You are really, really close.

        * rendering/RenderPath.cpp:
        (WebCore::RenderPath::paint):

2010-01-15  Oliver Hunt  <oliver@apple.com>

        Reviewed by Nikolas Zimmermann.

        Bad DOM performance in large SVG files
        https://bugs.webkit.org/show_bug.cgi?id=30055

        Add an early return when we go to paint a RenderPath that
        isn't in the current clip.

        * rendering/RenderPath.cpp:
        (WebCore::RenderPath::paint):

2010-01-15  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>

        Reviewed by Antti Koivisto.

        Use OS(MAC_OS_X) instead of PLATFORM(MAC) when determining navigator.platform

        https://bugs.webkit.org/show_bug.cgi?id=33711

        * page/NavigatorBase.cpp:

2010-01-14  Philippe Normand  <pnormand@igalia.com>

        Reviewed by Xan Lopez.

        [Gtk] Compiler warning: comparisons like 'X<=Y<=Z' do not have their mathematical meaning
        https://bugs.webkit.org/show_bug.cgi?id=33575

        Patch from Magnus Boman <captain.magnus@gmail.com>

        * platform/graphics/gtk/MediaPlayerPrivateGStreamer.cpp:
        (WebCore::mimeTypeCache): fix compiler warnings.

2010-01-14  Mikhail Naganov  <mnaganov@chromium.org>

        Reviewed by Timothy Hatcher.

        Add welcome screen to Profiles pane to provide some instructions for novices.

        https://bugs.webkit.org/show_bug.cgi?id=19268

        * English.lproj/localizedStrings.js:
        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * inspector/front-end/ProfileView.js:
        (WebInspector.CPUProfileType.prototype.get welcomeMessage):
        * inspector/front-end/ProfilesPanel.js:
        (WebInspector.ProfileType.prototype.get welcomeMessage):
        (WebInspector.ProfilesPanel):
        (WebInspector.ProfilesPanel.prototype.show):
        (WebInspector.ProfilesPanel.prototype.registerProfileType):
        (WebInspector.ProfilesPanel.prototype._addWelcomeMessage.messageButtonClicked):
        (WebInspector.ProfilesPanel.prototype._addWelcomeMessage):
        (WebInspector.ProfilesPanel.prototype.showProfile):
        (WebInspector.ProfilesPanel.prototype.closeVisibleView):
        (WebInspector.ProfilesPanel.prototype._updateInterface):
        * inspector/front-end/WebKit.qrc:
        * inspector/front-end/WelcomeView.js: Added.
        (WebInspector.WelcomeView):
        (WebInspector.WelcomeView.prototype._windowResized):
        (WebInspector.WelcomeView.prototype.addMessage):
        * inspector/front-end/inspector.css:
        * inspector/front-end/inspector.html:

2010-01-13  Girish Ramakrishnan  <girish@forwardbias.in>

        Reviewed by Simon Hausmann.

        [Qt/Win] Flash in QGraphicsWebView does not process hover correctly.
        
        https://bugs.webkit.org/show_bug.cgi?id=33591
        
        Mouse hover does not work as expected with the flash in some sites.
        - http://www.bbc.co.uk/ Hover over the map
        - http://www.barbie.com/ Hover over the menu items (Games, Videos)
        The problem appears to be that Flash queries NPNVnetscapeWindow on every
        mouse hover. I do not how flash uses this value but returning 0 when flash
        is in windowless mode solves the problem (When using QGraphicsWebView we
        inject wmode opaque, thereby putting the plugin in windowless mode).

        * plugins/win/PluginViewWin.cpp:
        (windowHandleForPageClient):

2010-01-15  Zoltan Horvath  <zoltan@webkit.org>

        Reviewed by Darin Adler.

        Allow custom memory allocation control for Peer class
        https://bugs.webkit.org/show_bug.cgi?id=33670

        Inherits the following class from Noncopyable because it is 
        instantiated by 'new' and no need to be copyable:

        class name - instantiated at: WebCore/'location'
        class Peer - websockets/WebSocketChannelClient.h:38

        * websockets/WorkerThreadableWebSocketChannel.h:

2010-01-15  Zoltan Horvath  <zoltan@webkit.org>

        Reviewed by Oliver Hunt.

        [Qt] Allow custom memory allocation control for GraphicsContextPlatformPrivate class
        https://bugs.webkit.org/show_bug.cgi?id=33669

        Inherits the following class from Noncopyable because it is 
        instantiated by 'new' and no need to be copyable:

        class name                           - instantiated at: WebCore/'location'
        class GraphicsContextPlatformPrivate - platform/graphics/qt/GraphicsContextQt.cpp:254

        * platform/graphics/qt/GraphicsContextQt.cpp:

2010-01-14  Darin Fisher  <darin@chromium.org>

        Reviewed by Brady Eidson.

        history.pushState should clear the entire forward history
        https://bugs.webkit.org/show_bug.cgi?id=33160

        Test: fast/loader/stateobjects/pushstate-clears-forward-history.html

        * history/BackForwardList.cpp:
        (WebCore::BackForwardList::addItem):
        (WebCore::BackForwardList::pushStateItem):
        * history/BackForwardList.h:

2010-01-14  Gavin Barraclough  <barraclough@apple.com>

        Rubber stamped by Sam Weinig.

        Make naming & behaviour of UString[Impl] methods more consistent.
        https://bugs.webkit.org/show_bug.cgi?id=33702

        WebCore change reflecting UString method name change computedHash() -> existingHash().

        * platform/text/AtomicString.cpp:
        (WebCore::AtomicString::add):
        (WebCore::AtomicString::find):

2010-01-14  Dan Bernstein  <mitz@apple.com>

        Reviewed by Simon Fraser.

        <rdar://problem/6020083> -webkit-gradient slows down scrolling when page has horizontal scrollbar
        https://bugs.webkit.org/show_bug.cgi?id=19650

        * platform/graphics/GeneratedImage.cpp:
        (WebCore::GeneratedImage::drawPattern): Added call to adjustParametersForTiledDrawing(),
        letting the generator substitute the parameters with visually-equivalent values that
        are more efficient.
        * platform/graphics/Generator.h:
        (WebCore::Generator::adjustParametersForTiledDrawing): Added a base class implementation
        that does nothing.
        * platform/graphics/Gradient.cpp:
        (WebCore::Gradient::adjustParametersForTiledDrawing): Added. If the gradient is a horizontal
        or vertical linear gradient, changes to use a 1-pixel tall (or wide) tile.
        * platform/graphics/Gradient.h:

2010-01-14  Norbert Leser  <norbert.leser@nokia.com>

        Reviewed by Laszlo Gombos.

        Platform Symbian specific:
        Added time-based optimization (-Otime) and increased optimization level to -O3,
        conditionally for RVCT compiler (for ARM), for increasing performance
        (primarily affecting JavaScript execution).
        Default settings are -Ospace and -O2.

        No new tests needed because no new funtionality is introduced,
        only potential regression on existing tests needs to be evaluated.

        * WebCore.pro:

2010-01-14  Jungshik Shin  <jshin@chromium.org>

        Unreviewed, attempted build fix on chromium.

        Fix a Chromium build failure due to an unused variable in V8 binding.(part 2)

        * bindings/v8/V8Collection.h:
        (WebCore::getNamedPropertyOfCollection):

2010-01-14  Jungshik Shin  <jshin@chromium.org>

        Unreviewed, attempted build fix on chromium.

        Fix a Chromium build failure due to an unused variable in V8 binding. 

        * bindings/v8/V8Collection.h:
        (WebCore::getIndexedPropertyOfCollection):

2010-01-14  Peter Kasting  <pkasting@google.com>

        Unreviewed, attempted build fix.

        * platform/image-decoders/gif/GIFImageDecoder.cpp:
        (WebCore::GIFImageDecoder::haveDecodedRow):

2010-01-14  Peter Kasting  <pkasting@google.com>

        Reviewed by Adam Barth.

        Simplify image decoders by making downsampling functions available at
        all times, allowing much duplicated logic to be collapsed.
        https://bugs.webkit.org/show_bug.cgi?id=28751

        * platform/graphics/ImageSource.cpp:
        (WebCore::ImageSource::setData):
        * platform/image-decoders/ImageDecoder.cpp:
        (WebCore::ImageDecoder::prepareScaleDataIfNecessary):
        * platform/image-decoders/ImageDecoder.h:
        (WebCore::ImageDecoder::ImageDecoder):
        (WebCore::ImageDecoder::scaledSize):
        (WebCore::ImageDecoder::setMaxNumPixels):
        * platform/image-decoders/gif/GIFImageDecoder.cpp:
        (WebCore::GIFImageDecoder::sizeNowAvailable):
        (WebCore::GIFImageDecoder::initFrameBuffer):
        (WebCore::GIFImageDecoder::haveDecodedRow):
        (WebCore::GIFImageDecoder::frameComplete):
        * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
        (WebCore::JPEGImageDecoder::setSize):
        (WebCore::JPEGImageDecoder::outputScanlines):
        * platform/image-decoders/jpeg/JPEGImageDecoder.h:
        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageDecoder::headerAvailable):
        (WebCore::PNGImageDecoder::rowAvailable):

2010-01-14  Jian Li  <jianli@chromium.org>

        Reviewed by Eric Seidel.

        [chromium] Remove obsolete CF related files from gyp build.
        https://bugs.webkit.org/show_bug.cgi?id=33002

        * WebCore.gypi:

2010-01-14  Peter Kasting  <pkasting@google.com>

        Reviewed by Adam Barth.

        Decoding images to scaled output buffers resulted in garbage for
        no-alpha PNGs and CMYK JPEGs.
        https://bugs.webkit.org/show_bug.cgi?id=33624
        
        No layout test since I don't have access to a platform that scales the
        output buffers.

        * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
        (WebCore::convertCMYKToRGBA):
        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageDecoder::rowAvailable):

2010-01-14  Brian Weinstein  <bweinstein@apple.com>

        Rubber-stamped by Oliver Hunt.

        Fix an assertion that was causing test crashes. Filed a bug
        about the weirdness that causes this assertion (inconsistencies 
        between DragOperationMove and DragOperationGeneric).

        * dom/Clipboard.cpp:
        (WebCore::dragOpFromIEOp):
        (WebCore::Clipboard::setDestinationOperation):

2010-01-14  Beth Dakin  <bdakin@apple.com>

        Reviewed by Sam Weinig.

        Fix for https://bugs.webkit.org/show_bug.cgi?id=33498 REGRESSION: 
        svg/css/circle-in-mask-with-shadow.svg failing pixel tests
        -and corresponding-
        <rdar://problem/7544176>

        This change makes repaintRectInLocalCoordinates return a rect that 
        is -webkit-svg-shadow-aware.

        * rendering/RenderPath.cpp:
        (WebCore::RenderPath::repaintRectInLocalCoordinates):
        * rendering/RenderSVGContainer.cpp:
        (WebCore::RenderSVGContainer::repaintRectInLocalCoordinates):
        * rendering/RenderSVGImage.cpp:
        (WebCore::RenderSVGImage::repaintRectInLocalCoordinates):
        * rendering/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::repaintRectInLocalCoordinates):
        * rendering/RenderSVGText.cpp:
        (WebCore::RenderSVGText::repaintRectInLocalCoordinates):
        * rendering/SVGRenderSupport.cpp:
        (WebCore::SVGRenderBase::prepareToRenderSVGContent):
        * rendering/style/SVGRenderStyle.cpp:
        (WebCore::SVGRenderStyle::inflateForShadow):
        * rendering/style/SVGRenderStyle.h:

2010-01-14  Brian Weinstein  <bweinstein@apple.com>

        Reviewed by Adam Roben.

        Drag and Drop source/destination code needs cleanup.
        <https://bugs.webkit.org/show_bug.cgi?id=33691>.
        
        Cleaned up some Drag and Drop code that deals with getting
        source and destination operations, and added some ASSERTS to make
        sure we don't get in bad states.

        * dom/Clipboard.cpp:
        (WebCore::Clipboard::sourceOperation): Make this return the operation itself.
        (WebCore::Clipboard::destinationOperation): Ditto.
        (WebCore::Clipboard::setSourceOperation): Add an assert to make sure we're valud.
        (WebCore::Clipboard::setDestinationOperation): Ditto.
        * dom/Clipboard.h:
        * page/DragController.cpp:
        (WebCore::DragController::tryDHTMLDrag):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleDrag):

2010-01-14  Timothy Hatcher  <timothy@apple.com>

        Make the Web Inspector's JavaScript debugger work with isolated worlds.
        Console evaluation is not performed in the correct world yet, tracked
        by bug http://webkit.org/b/33692.

        http://webkit.org/b/33690

        Reviewed by Adam Roben.

        * bindings/js/ScriptCachedFrameData.cpp:
        (WebCore::ScriptCachedFrameData::restore): Attach the debugger to
        any window shell, not just for the debugger world.
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::clearWindowShell): Detach the debugger, and
        reattach to all window shells, not just for the debugger world.
        (WebCore::ScriptController::initScript): Attach the debugger to
        any window shell, not just for the debugger world.
        (WebCore::ScriptController::attachDebugger): Changed to loop through
        all the window shells and call the new overloaded attachDebugger.
        (WebCore::ScriptController::attachDebugger): Added. An overload that
        takes a window shell to attach the debugger to. Has most of the
        logic from the original attachDebugger.
        * bindings/js/ScriptController.h: Added the new attachDebugger.

2010-01-14  Adam Roben  <aroben@apple.com>

        Make Cache::requestResource return 0 if the resource's load fails
        immediately

        Fixes <rdar://problem/7543406> <http://webkit.org/b/33687>
        window.onload never fires if page contains a <script src=foo> whose
        load is cancelled by resource load delegate returning null from
        willSendRequest

        Test: fast/loader/onload-willSendRequest-null-for-script.html

        Reviewed by Dave Hyatt.

        * loader/Cache.cpp:
        (WebCore::Cache::requestResource): Moved code to handle immediate load
        failure out of the "cache is disabled" block so that it will run even
        when the cache is enabled.

2010-01-14  Stephen White  <senorblanco@chromium.org>

        Reviewed by mitz@webkit.org.

        Fix for crash with gradient on table cell.  Pass the correct
        background object down to
        RenderBoxModelObject::paintFillLayerExtended().  This also allowed a
        rework of the fix to bug 18445 by passing the correct RenderObject
        from RenderBox::paintRootBoxDecorations() down to
        RenderBoxModelObject::paintFillLayerExtended().
        https://bugs.webkit.org/show_bug.cgi?id=28426

        Covered by new layout test:  LayoutTests/fast/gradients/crash-on-tr.html

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::paintFillLayers):
        (WebCore::RenderBox::paintFillLayer):
        * rendering/RenderBox.h:
        Plumb through the correct background RenderObject.
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintFillLayerExtended):
        Use the passed-in background RenderObject (if present) when painting background images.  Remove the previous fix for bug 18445.
        * rendering/RenderBoxModelObject.h:
        Plumb through the correct background RenderObject.
        * rendering/RenderTableCell.cpp:
        Pass in the correct backgroundObject to paintFillLayers().

        (WebCore::RenderTableCell::paintBackgroundsBehindCell):

2010-01-14  Nate Chapin  <japhet@chromium.org>

        Reviewed by Dimitri Glazkov.

        Standardize the rest of the v8 bindings on toNative() wherever possible.

        https://bugs.webkit.org/show_bug.cgi?id=33677

        * bindings/v8/NPV8Object.cpp:
        (v8ObjectToNPObject): Special case for converting NPObjects, since there aren't genereated bindings for them.
        * bindings/v8/NPV8Object.h:
        * bindings/v8/ScriptController.cpp:
        * bindings/v8/V8Collection.cpp:
        * bindings/v8/V8Collection.h:
        (WebCore::toNativeCollection): Special case for converting V8Collections, since there aren't genereated bindings for them.
        * bindings/v8/V8DOMWindowShell.cpp:
        * bindings/v8/V8DOMWrapper.cpp:
        * bindings/v8/V8DOMWrapper.h:
        * bindings/v8/V8NPObject.cpp:
        * bindings/v8/V8Proxy.cpp:
        * bindings/v8/V8SVGPODTypeWrapper.h:
        * bindings/v8/WorkerContextExecutionProxy.cpp:

2010-01-14  Evan Stade  <estade@chromium.org>

        Reviewed by Eric Seidel.

        Chromium Linux: don't stretch checkboxes
        https://bugs.webkit.org/show_bug.cgi?id=28631

        Make the default size for checkboxes/radio buttons also the maximum
        size.

        Based on patch by Adam Langley.

        Test: fast/css/non-standard-checkbox-size.html

        * rendering/RenderThemeChromiumSkia.cpp:
        (WebCore::center):
        (WebCore::RenderThemeChromiumSkia::paintCheckbox):
        (WebCore::RenderThemeChromiumSkia::setCheckboxSize):
        (WebCore::RenderThemeChromiumSkia::paintRadio):

2010-01-14  Brian Weinstein  <bweinstein@apple.com>

        Reviewed by Adam Roben.

        Follow up to <https://bugs.webkit.org/show_bug.cgi?id=33635>.
        
        Now that dropEffect and effectAllowed are guaranteed to not be
        null, change null checks into asserts to make sure we are returning
        a proper DragOperation value.

        * dom/Clipboard.cpp:
        (WebCore::Clipboard::sourceOperation): Change null check to assert.
        (WebCore::Clipboard::destinationOperation): Ditto.

2010-01-14  Brian Weinstein  <bweinstein@apple.com>

        Reviewed by Oliver Hunt.

        [DnD] effectAllowed and dropEffect can be set to bogus values.
        Fixes <https://bugs.webkit.org/show_bug.cgi?id=33635>.
        
        Test to make aure dropEffect and effectAllowed are being set to valid values
        when they are being set (list of valid values given by HTML5 specification).
        
        Also, drive by change to initialize dropEffect to none (as described in spec).

        Test: fast/events/bogus-dropEffect-effectAllowed.html

        * dom/Clipboard.cpp:
        (WebCore::Clipboard::Clipboard): Initialize m_dropEffect to "none".
        (WebCore::Clipboard::setDropEffect): Check if dropEffect is being set to a valid value.
        (WebCore::Clipboard::setEffectAllowed): Check if effectAllowed is being set to a valid value.

2010-01-14  Kent Hansen  <kent.hansen@nokia.com>

        Reviewed by Darin Adler.

        Infinite recursion in RuntimeObjectImp::getOwnPropertyNames()
        https://bugs.webkit.org/show_bug.cgi?id=33371

        RuntimeObjectImp should not reimplement getPropertyNames();
        move the implementation to getOwnPropertyNames().

        * bridge/runtime_object.cpp:
        (JSC::RuntimeObjectImp::getOwnPropertyNames):
        * bridge/runtime_object.h:

2010-01-14  Kwang Yul Seo  <skyul@company100.net>

        Reviewed by Alexey Proskuryakov.

        Add ENABLE(XSLT) guard to TransformSourceLibxslt.cpp
        https://bugs.webkit.org/show_bug.cgi?id=33665

        TransformSource is available only when ENABLE(XSLT) guard is true.

        * dom/TransformSourceLibxslt.cpp:

2010-01-14  Adam Roben  <aroben@apple.com>

        Treat all synchronous loads equally in FrameLoader::loadSubframe

        Only loads of the empty URL or about:blank were being treated as
        synchronous loads. But other loads can be synchronous (e.g., when we
        receive a null ResourceRequest from requestFromDelegate or when a
        policy decision of "ignore" is made). We now treat those loads the
        same way we treated empty URLs and about:blank.

        Fixes <rdar://problem/7533333> <http://webkit.org/b/33533>
        window.onload never fires if page contains an <iframe> with a bad
        scheme or whose load is cancelled by returning null from resource load
        delegate's willSendRequest

      &n