2012-05-10  Antoine Labour  <piman@chromium.org>

        Sync with impl thread when removing references to external textures
        https://bugs.webkit.org/show_bug.cgi?id=86054

        We want to ensure the client side is safe to release textures, so we
        sync with the impl thread when:
        - we change the texture (and we had one)
        - the layer is removed from the tree (and we had a texture)
        - the layer is destroyed (and we had a texture)

        Reviewed by James Robinson.

        Test: TextureLayerChromiumTest.

        * platform/graphics/chromium/TextureLayerChromium.cpp:
        (WebCore::TextureLayerChromium::~TextureLayerChromium):
        (WebCore::TextureLayerChromium::setTextureId):
        (WebCore::TextureLayerChromium::setLayerTreeHost):
        (WebCore):
        * platform/graphics/chromium/TextureLayerChromium.h:
        (TextureLayerChromium):

2012-05-10  Kent Tamura  <tkent@chromium.org>

        [Chromium] attempt to build fix for Chromium-mac.
        r116697 introduced an override of a system function. It's intentional
        and WebCoreTextFieldCell should be in the whitelist.

        * WebCore.gyp/WebCore.gyp:

2012-05-10  Anders Carlsson  <andersca@apple.com>

        PDF files won't scroll in Safari when using Adobe plug-in
        https://bugs.webkit.org/show_bug.cgi?id=86167
        <rdar://problem/11389719>

        Reviewed by Sam Weinig.

        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::computeNonFastScrollableRegion):
        Loop over the frame view children looking for plug-in views that want wheel events
        and add them to the non-fast scrollable region. Ideally, the plug-ins should be added
        to the set of scrollable areas, but PluginView in WebKit2 is not a ScrollableArea yet.

        * plugins/PluginViewBase.h:
        (PluginViewBase):
        (WebCore::PluginViewBase::wantsWheelEvents):

2012-05-10  Alexey Proskuryakov  <ap@apple.com>

        Crash in 3rd party WebKit apps that disable cache at a wrong time
        https://bugs.webkit.org/show_bug.cgi?id=86027
        <rdar://problem/10615880>

        Reviewed by Antti Koivisto.

        Added an API test.

        The fix is to use CachedResourceHandle throughout MemoryCache, which will certainly
        keep the resource alive. Also removed earlier fixes.

        * css/CSSImageSetValue.cpp: (WebCore::CSSImageSetValue::cachedImageSet):
        * css/CSSImageValue.cpp: (WebCore::CSSImageValue::cachedImage):
        * css/WebKitCSSShaderValue.cpp: (WebCore::WebKitCSSShaderValue::cachedShader):
        * history/PageCache.cpp: (WebCore::PageCache::releaseAutoreleasedPagesNow):
        * loader/ImageLoader.cpp: (WebCore::ImageLoader::updateFromElement):
        * loader/TextTrackLoader.cpp: (WebCore::TextTrackLoader::load):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestImage):
        (WebCore::CachedResourceLoader::requestFont):
        (WebCore::CachedResourceLoader::requestTextTrack):
        (WebCore::CachedResourceLoader::requestShader):
        (WebCore::CachedResourceLoader::requestCSSStyleSheet):
        (WebCore::CachedResourceLoader::requestUserCSSStyleSheet):
        (WebCore::CachedResourceLoader::requestScript):
        (WebCore::CachedResourceLoader::requestXSLStyleSheet):
        (WebCore::CachedResourceLoader::requestSVGDocument):
        (WebCore::CachedResourceLoader::requestLinkResource):
        (WebCore::CachedResourceLoader::requestRawResource):
        (WebCore::CachedResourceLoader::requestResource):
        (WebCore::CachedResourceLoader::revalidateResource):
        (WebCore::CachedResourceLoader::loadResource):
        (WebCore::CachedResourceLoader::requestPreload):
        * loader/cache/CachedResourceLoader.h: (CachedResourceLoader):
        * loader/cache/MemoryCache.h: (WebCore::MemoryCache::setPruneEnabled):

        * loader/cache/CachedResourceHandle.h:
        (WebCore::CachedResourceHandle::CachedResourceHandle):
        (WebCore::CachedResourceHandle::operator=):
        Teach CachedResourceHandle how to make CachedResourceHandle<CachedResource> from
        a handle to subclass.

2012-05-10  Tien-Ren Chen  <trchen@chromium.org>

        Eliminate duplicated code for culled line box in RenderInline
        https://bugs.webkit.org/show_bug.cgi?id=85725

        This patch extracts the common part of culledInlineBoundingBox() /
        culledInlineAbsoluteRects() / culledInlineAbsoluteQuads() to become a
        template function generateCulledLineBoxRects(). The template function
        accepts a new parameter, GeneratorContext functor, which will be
        invoked everytime a new line box rect has been generated. The generated
        rect will be in local coordinate. The functor will be responsible for
        appropriate transformation, then appending to vector or union with
        existing bounding box.

        Reviewed by Eric Seidel.

        No new tests. No change in behavior.

        * rendering/RenderInline.cpp:
        (WebCore):
        (WebCore::RenderInline::generateLineBoxRects):
        (WebCore::RenderInline::generateCulledLineBoxRects):
        (WebCore::RenderInline::absoluteRects):
        (WebCore::RenderInline::absoluteQuads):
        (WebCore::RenderInline::linesBoundingBox):
        (WebCore::RenderInline::culledInlineVisualOverflowBoundingBox):
        (WebCore::RenderInline::addFocusRingRects):
        * rendering/RenderInline.h:
        (RenderInline):

2012-05-10  Abhishek Arya  <inferno@chromium.org>

        Crash in swapInNodePreservingAttributesAndChildren.
        https://bugs.webkit.org/show_bug.cgi?id=85197
 
        Reviewed by Ryosuke Niwa.
 
        Keep the children in a ref vector before adding them to newNode.
        They can get destroyed due to mutation events.

        No new tests because we don't have a reduction.

        * editing/ReplaceNodeWithSpanCommand.cpp:
        (WebCore::swapInNodePreservingAttributesAndChildren):

2012-05-10  Shinya Kawanaka  <shinyak@chromium.org>

        [Refactoring] Move Selection from DOMWindow to TreeScope.
        https://bugs.webkit.org/show_bug.cgi?id=82699

        Reviewed by Ryosuke Niwa.

        Since ShadowRoot will also manage its own version of DOMSelection, we would like to
        share the code among Document and DOMSelection. This patch moves DOMSelection from DOMWindow to TreeScope
        so that ShadowRoot can also use it.

        No new tests, should covered by existing tests.

        * dom/Document.cpp:
        (WebCore::Document::updateFocusAppearanceTimerFired):
        * dom/Document.h:
        (Document):
        * dom/ShadowRoot.cpp:
        (WebCore::ShadowRoot::selection):
        * do/mTreeScope.cpp:
        (WebCore::TreeScope::~TreeScope):
        (WebCore::TreeScope::getSelection):
        (WebCore):
        * dom/TreeScope.h:
        (WebCore):
        (TreeScope):
        * page/DOMSelection.cpp:
        (WebCore::DOMSelection::DOMSelection):
        (WebCore::DOMSelection::clearTreeScope):
        (WebCore):
        * page/DOMSelection.h:
        (WebCore):
        (WebCore::DOMSelection::create):
        (DOMSelection):
        (WebCore::DOMSelection::frame):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::~DOMWindow):
        (WebCore::DOMWindow::clearDOMWindowProperties):
        (WebCore::DOMWindow::getSelection):
        * page/DOMWindow.h:
        (DOMWindow):

2012-05-10  Kent Tamura  <tkent@chromium.org>

        Unreviewed, rolling out r116594.
        http://trac.webkit.org/changeset/116594
        https://bugs.webkit.org/show_bug.cgi?id=86013

        r116594 might have made some composition tests flaky.

        * platform/graphics/chromium/LayerChromium.cpp:
        (WebCore::LayerChromium::addAnimation):
        * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:
        (WebCore::CCLayerAnimationController::pushNewAnimationsToImplThread):
        * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
        (WebCore::CCLayerTreeHost::finishCommitOnImplThread):
        (WebCore::CCLayerTreeHost::didBecomeInvisibleOnImplThread):
        * platform/graphics/chromium/cc/CCLayerTreeHost.h:
        (CCLayerTreeHost):
        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
        (WebCore::CCLayerTreeHostImpl::CCLayerTreeHostImpl):
        * platform/graphics/chromium/cc/CCProxy.h:
        (CCProxy):
        * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
        (WebCore::CCSingleThreadProxy::CCSingleThreadProxy):
        (WebCore::CCSingleThreadProxy::doComposite):
        * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
        (WebCore):
        * platform/graphics/chromium/cc/CCThreadProxy.h:
        (CCThreadProxy):

2012-05-10  Michael Nordman  <michaeln@google.com>

        [chromium] DomStorage events handling needs TLC (2)
        https://bugs.webkit.org/show_bug.cgi?id=85221
        Alter the StorageArea virtual interface such that the mutators no longer
        return old values. This is to allow implementations of the interface to operate
        more asynchronously.

        Reviewed by Adam Barth.

        No new tests. Existing tests cover this.

        * storage/StorageArea.h: Alter the interface so the mutators no longer return previous values
        * storage/StorageAreaImpl.cpp:
        (WebCore::StorageAreaImpl::disabledByPrivateBrowsingInFrame):  removed an unneeded PLATFORM(CHROMIUM) guard
        (WebCore::StorageAreaImpl::setItem): no longer return the old value
        (WebCore::StorageAreaImpl::removeItem): no longer return the old value
        (WebCore::StorageAreaImpl::clear): no longer return whether something was cleared
        * storage/StorageAreaImpl.h: match StorageArea's virtual interface

2012-05-10  Beth Dakin  <bdakin@apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=86158
        Overlay scrollbars without layers never paint in overflow regions in 
        tiled drawing mode
        -and corresponding-
        <rdar://problem/11289546>

        Reviewed by Darin Adler.

        RenderLayers paint scrollbars that do not have their own layers by 
        running a second pass through the layer tree after the layer tree has 
        painted. This ensures that the scrollbars always paint on top of 
        content. However, this mechanism was relying on 
        FrameView::paintContents() as a choke-point for all painting to 
        trigger the second painting pass. That is not a reasonable choke-point 
        in tiled drawing, so this patch adds similar code to 
        RenderLayerBacking.

        Only opt into the second painting pass for scrollbars that do not have 
        their own layers.
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paintOverflowControls):
        
        A layer that paints into its backing cannot return early here if it 
        has overlay scrollbars to paint.
        (WebCore::RenderLayer::paintLayer):
        
        This replicates code in FrameView::paintContents(). After painting the 
        owning layer, do a second pass if there are overlay scrollbars to 
        paint.
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::paintIntoLayer):

2012-05-10  Anders Carlsson  <andersca@apple.com>

        Well, at least fixing the GTK+ build is something!

        * platform/gtk/LocalizedStringsGtk.cpp:
        (WebCore::insecurePluginVersionText):
        (WebCore):

2012-05-10  Anders Carlsson  <andersca@apple.com>

        Add insecurePluginVersionText stubs.

        * platform/blackberry/LocalizedStringsBlackBerry.cpp:
        (WebCore::insecurePluginVersionText):
        (WebCore):
        * platform/efl/LocalizedStringsEfl.cpp:
        (WebCore::insecurePluginVersionText):
        (WebCore):
        * platform/qt/LocalizedStringsQt.cpp:
        (WebCore::insecurePluginVersionText):
        (WebCore):

2012-05-10  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r116677.
        http://trac.webkit.org/changeset/116677
        https://bugs.webkit.org/show_bug.cgi?id=86159

        This patch causes linker error to some mac bots (Requested by
        jianli_ on #webkit).

        * WebCore.exp.in:
        * dom/ContainerNode.h:
        * dom/Node.cpp:
        (WebCore::Node::traverseNextNode):
        (WebCore::Node::traverseNextSibling):
        * dom/Node.h:
        (Node):

2012-05-10  Abhishek Arya  <inferno@chromium.org>

        Crash in FontCache::releaseFontData due to infinite float size.
        https://bugs.webkit.org/show_bug.cgi?id=86110

        Reviewed by Andreas Kling.

        New callers always forget to clamp the font size, which overflows
        to infinity on multiplication. It is best to clamp it at the end
        to avoid getting greater than std::numeric_limits<float>::max().

        Test: fast/css/large-font-size-crash.html

        * platform/graphics/FontDescription.h:
        (WebCore::FontDescription::setComputedSize):
        (WebCore::FontDescription::setSpecifiedSize):

2012-05-10  Beth Dakin  <bdakin@apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=82131
        [Mac] REGRESSION (r110480): Text field that specifies background-color 
        (or is auto-filled) gets un-themed border
        -and corresponding-
        <rdar://problem/11115221>

        Reviewed by Maciej Stachowiak.

        This change rolls out r110480 which is what caused styled text fields 
        to get the un-themed border, and it does a bunch of work to make sure 
        we get the pretty, new version of the NSTextField art whenever 
        possible. We do this differently for post-Lion OS's since there is now 
        a way to opt into it all the time. Lion and SnowLeopard can only use 
        the new art in HiDPI mode when the background color of the text field 
        is just white.

        RenderThemeMac::textField() takes a boolean paramter used to determine 
        if the new gradient will be used.
        * rendering/RenderThemeMac.h:
        (RenderThemeMac):
        
        This is the post-Lion workaround. This code has no effect on Lion and 
        SnowLeopard. This allows up to opt into a version of [NSTextField drawWithFrame:] that will only draw the frame of the text field; without this, it will draw the frame and the background, which creates a number of problems with styled text fields and text fields in HiDPI. There is a less comprehesive workaround for Lion and SnowLeopard in place in RenderThemeMac::textField().
        * rendering/RenderThemeMac.mm:
        (-[WebCoreTextFieldCell _coreUIDrawOptionsWithFrame:inView:includeFocus:]):
        
        This is the roll-out of r110480.
        (WebCore::RenderThemeMac::isControlStyled):
        
        See the comments for a full explanation, but this is mostly code for 
        Lion and SnowLeopard to determine if we can opt into the new artwork.
        (WebCore::RenderThemeMac::paintTextField):
        (WebCore::RenderThemeMac::textField):

2012-05-10  Anders Carlsson  <andersca@apple.com>

        WebKit1: Add a way to blacklist specific plug-ins/plug-in versions
        https://bugs.webkit.org/show_bug.cgi?id=86150
        <rdar://problem/9551196>

        Reviewed by Sam Weinig.

        * English.lproj/Localizable.strings:
        Update.

        * loader/SubframeLoader.cpp:
        (WebCore::SubframeLoader::loadPlugin):
        It is possible that the client has already set the unavailability reason so don't try to set it twice.

        * platform/LocalizedStrings.cpp:
        (WebCore::insecurePluginVersionText):
        * platform/LocalizedStrings.h:
        Add insecure plug-in version text.

        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::RenderEmbeddedObject::unavailablePluginReplacementText):
        * rendering/RenderEmbeddedObject.h:
        Add InsecurePluginVersion unavailability reason.

2012-05-10  Eric Seidel  <eric@webkit.org>

        Make IFRAME_SEAMLESS child documents inherit styles from their parent iframe element
        https://bugs.webkit.org/show_bug.cgi?id=85940

        Reviewed by Ojan Vafai.

        The HTML5 <iframe seamless> spec says:
        In a CSS-supporting user agent: the user agent must, for the purpose of CSS property
        inheritance only, treat the root element of the active document of the iframe
        element's nested browsing context as being a child of the iframe element.
        (Thus inherited properties on the root element of the document in the
        iframe will inherit the computed values of those properties on the iframe
        element instead of taking their initial values.)

        Initially I implemented this support to the letter of the spec. However, doing so I learned
        that WebKit has a RenderStyle for the Document Node, not just the root element of the document.
        In this RenderStyle on the Document, we add a bunch of per-document styles from settings
        including designMode.

        This change makes StyleResolver::styleForDocument inherit style from the parent iframe's
        style, before applying any of these per-document styles.  This may or may not be correct
        depending on what behavior we want for rtl-ordering, page-zoom, locale, design mode, etc.
        For now, we continue to treat the iframe's document as independent in these regards, and
        the settings on that document override those inherited from the iframe.

        Also, intially when making this work, I added redirects in recalcStyle and scheduleStyleRecalc
        from the child document to the parent document in the case of seamless (since the parent
        document effectively manages the style resolve and layout of the child in seamless mode).
        However, I was not able to find a test which depended on this code change, so in this final patch
        I have removed both of these modifications and replaced them with FIXMEs.  Based on discussions
        with Ojan and James Robinson, I believe both of those changes may eventually be wanted.

        This change basically does 3 things:
        1.  Makes StyleResolver::styleForDocument inherit from the parent iframe.
        2.  Makes any recalcStyle calls on the iframe propogate down into the child document (HTMLIFrameElement::didRecalcStyle).
        3.  Makes Document::recalcStyle aware of the fact that the Document's style *can* change
            for reasons other than recalcStyle(Force).

        I'm open to more testing suggestions, if reviewers have settings on the Document's style
        that you want to make sure we inherit from the parent iframe, or don't inherit, etc.
        I view this as a complete solution to this aspect of the current <iframe seamless> spec,
        but likely not the last code we will write for this aspect of the seamless feature. :)

        Tested by fast/frames/seamlesss/seamless-css-cascade.html and seamless-designMode.html

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::collectMatchingRulesForList):
        * dom/Document.cpp:
        (WebCore::Document::scheduleStyleRecalc):
        (WebCore::Document::recalcStyle):
        * html/HTMLIFrameElement.cpp:
        (WebCore::HTMLIFrameElement::HTMLIFrameElement):
        (WebCore::HTMLIFrameElement::didRecalcStyle):
        (WebCore):
        * html/HTMLIFrameElement.h:
        (HTMLIFrameElement):

2012-05-10  Julien Chaffraix  <jchaffraix@webkit.org>

        Crash in computedCSSPadding* functions due to RenderImage::imageDimensionsChanged called during attachment
        https://bugs.webkit.org/show_bug.cgi?id=85912

        Reviewed by Eric Seidel.

        Tests: fast/images/link-body-content-imageDimensionChanged-crash.html
               fast/images/script-counter-imageDimensionChanged-crash.html

        The bug comes from CSS generated images that could end up calling imageDimensionsChanged during attachment. As the
        rest of the code (e.g. computedCSSPadding*) would assumes that we are already inserted in the tree, we would crash.

        The solution is to bail out in this case as newly inserted RenderObject will trigger layout later on and properly
        handle what we would be doing as part of imageDimensionChanged (the only exception being updating our intrinsic
        size which should be done as part of imageDimensionsChanged).

        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::imageDimensionsChanged):

2012-05-10  Adam Barth  <abarth@webkit.org>

        ASSERT in BidiResolver<Iterator, Run>::commitExplicitEmbedding makes running debug builds annoying
        https://bugs.webkit.org/show_bug.cgi?id=86140

        Reviewed by Eric Seidel.

        The correct fix here is to resolve
        https://bugs.webkit.org/show_bug.cgi?id=76574, but in the mean time,
        this ASSERT is annoying.

        * platform/text/BidiResolver.h:
        (WebCore::::commitExplicitEmbedding):

2012-05-10  Mark Pilgrim  <pilgrim@chromium.org>

        [Chromium] Call addTraceEvent and getTraceCategoryEnabledFlag directly
        https://bugs.webkit.org/show_bug.cgi?id=85399

        Reviewed by Adam Barth.

        Part of a refactoring series. See tracking bug 82948.

        * CMakeLists.txt:
        * GNUmakefile.list.am:
        * Target.pri:
        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/EventTracer.cpp: Added.
        (WebCore):
        (WebCore::EventTracer::getTraceCategoryEnabledFlag):
        (WebCore::EventTracer::addTraceEvent):
        * platform/EventTracer.h: Added.
        (WebCore):
        (EventTracer):
        * platform/chromium/EventTracerChromium.cpp: Added.
        (WebCore):
        (WebCore::EventTracer::getTraceCategoryEnabledFlag):
        (WebCore::EventTracer::addTraceEvent):
        * platform/chromium/PlatformSupport.h:
        * platform/chromium/TraceEvent.h:

2012-05-10  Adam Barth  <abarth@webkit.org>

        ScrollView::fixedVisibleContentRect should be public
        https://bugs.webkit.org/show_bug.cgi?id=86147

        Reviewed by Eric Seidel.

        Some code in the WebKit layer of OS(ANDROID) uses this function. That
        could will be upstreamed in a later patch. For now, this patch just
        makes this function public so that we remove the diff to this file.

        * platform/ScrollView.h:
        (WebCore::ScrollView::fixedVisibleContentRect):
        (WebCore::ScrollView::delegatesScrollingDidChange):

2012-05-10  Anders Carlsson  <andersca@apple.com>

        Rename the missing plug-in indicator to the unavailable plug-in indicator
        https://bugs.webkit.org/show_bug.cgi?id=86136

        Reviewed by Sam Weinig.

        Since the indicator is shown for more than just missing plug-ins, generalize it and use a plug-in unavailability
        reason enum to make it easier to extend. Also, pass the unavailability reason to the ChromeClient member functions.

        * WebCore.exp.in:
        * html/HTMLEmbedElement.cpp:
        (WebCore::HTMLEmbedElement::updateWidget):
        * html/HTMLObjectElement.cpp:
        (WebCore::HTMLObjectElement::updateWidget):
        * html/HTMLPlugInElement.cpp:
        (WebCore::HTMLPlugInElement::defaultEventHandler):
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::updateWidgetIfNecessary):
        * loader/SubframeLoader.cpp:
        (WebCore::SubframeLoader::loadPlugin):
        * page/ChromeClient.h:
        (WebCore::ChromeClient::shouldUnavailablePluginMessageBeButton):
        (WebCore::ChromeClient::unavailablePluginButtonClicked):
        * page/FrameView.cpp:
        (WebCore::FrameView::updateWidget):
        * rendering/RenderEmbeddedObject.cpp:
        (WebCore::RenderEmbeddedObject::RenderEmbeddedObject):
        (WebCore::RenderEmbeddedObject::setPluginUnavailabilityReason):
        (WebCore::RenderEmbeddedObject::showsUnavailablePluginIndicator):
        (WebCore::RenderEmbeddedObject::setUnavailablePluginIndicatorIsPressed):
        (WebCore::RenderEmbeddedObject::paint):
        (WebCore::RenderEmbeddedObject::paintReplaced):
        (WebCore::RenderEmbeddedObject::getReplacementTextGeometry):
        (WebCore::RenderEmbeddedObject::unavailablePluginReplacementText):
        (WebCore):
        (WebCore::RenderEmbeddedObject::isInUnavailablePluginIndicator):
        (WebCore::shouldUnavailablePluginMessageBeButton):
        (WebCore::RenderEmbeddedObject::handleUnavailablePluginIndicatorEvent):
        (WebCore::RenderEmbeddedObject::getCursor):
        * rendering/RenderEmbeddedObject.h:
        (RenderEmbeddedObject):

2012-05-10  Brady Eidson  <beidson@apple.com>

        <rdar://problem/10972577> and https://bugs.webkit.org/show_bug.cgi?id=80170
        Contents of noscript elements turned into strings in WebArchives

        Reviewed by Andy Estes.

        There's a much deeper question about how innerHTML of <noscript> is expected to work in 
        both a scripting and non-scripting environment that we should pursue separately.

        But for webarchives, we can solve this by filtering out the <noscript> elements completely 
        if scripting is enabled.

        Test: webarchive/ignore-noscript-if-scripting-enabled.html

        * WebCore.exp.in:

        Add arguments to createMarkup and MarkupAccumulator methods to pass a Vector of QualifiedNames
        that should be filtered from the resulting markup:
        * editing/MarkupAccumulator.cpp:
        (WebCore::MarkupAccumulator::serializeNodes):
        (WebCore::MarkupAccumulator::serializeNodesWithNamespaces):
        * editing/MarkupAccumulator.h:
        * editing/markup.cpp:
        (WebCore::createMarkup):
        * editing/markup.h:

        If scripting is enabled, add the noscriptTag to the tag names to filter:
        * loader/archive/cf/LegacyWebArchive.cpp:
        (WebCore::LegacyWebArchive::create):

2012-05-10  Abhishek Arya  <inferno@chromium.org>

        Crash due to floats not removed from first-letter element.
        https://bugs.webkit.org/show_bug.cgi?id=86019

        Reviewed by Julien Chaffraix.

        Move clearing logic of a floating/positioned object from removeChild
        to removeChildNode. There are lot of places which use removeChildNode
        directly and hence the object is not removed from the floating or
        positioned objects list.

        Test: fast/block/float/float-not-removed-from-first-letter.html

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::removeChild):
        * rendering/RenderObjectChildList.cpp:
        (WebCore::RenderObjectChildList::removeChildNode):

2012-05-10  Andreas Kling  <kling@webkit.org>

        Remove empty ElementAttributeData destructor.
        <http://webkit.org/b/86126>

        Reviewed by Antti Koivisto.

        * dom/ElementAttributeData.cpp:
        * dom/ElementAttributeData.h:

2012-05-10  Yury Semikhatsky  <yurys@chromium.org>

        Web Inspector: heap snapshot comparison view is broken
        https://bugs.webkit.org/show_bug.cgi?id=86102

        Reviewed by Pavel Feldman.

        Pass HeapSnapshotProxy instead of undefined to the profile load callback. Added
        compiler annotations to avoid such errors in the future.

        * inspector/front-end/HeapSnapshotView.js:

2012-05-10  Zan Dobersek  <zandobersek@gmail.com>

        [GTK] ENABLE_IFRAME_SEAMLESS support
        https://bugs.webkit.org/show_bug.cgi?id=85843

        Reviewed by Eric Seidel.

        Export the ENABLE_IFRAME_SEAMLESS feature define when the feature is
        enabled.

        No new tests - all the related tests should now be passing.

        * GNUmakefile.am:

2012-05-10  Antti Koivisto  <antti@apple.com>

        Inline Node::traverseNextNode
        https://bugs.webkit.org/show_bug.cgi?id=85844

        Reviewed by Ryosuke Niwa.
        
        Inline traverseNextNode and traverseNextSibling to reduce entry/exit overhead and allow better code generation
        for many hot loops.

        In this version only the firstChild()/nextSibling() tests are inlined and the ancestor traversal is not.
        
        Performance bots will tell if this was worthwhile.

        * dom/ContainerNode.h:
        (WebCore::Node::traverseNextNode):
        (WebCore):
        (WebCore::Node::traverseNextSibling):
        * dom/Node.cpp:
        (WebCore::Node::traverseNextAncestorSibling):
        * dom/Node.h:
        (Node):

2012-05-10  Tommy Widenflycht  <tommyw@google.com>

        MediaStream API: Fix MediaHints parsing
        https://bugs.webkit.org/show_bug.cgi?id=86098

        Reviewed by Adam Barth.

        Not currently testable. Working on a series of patches that will fix that.

        * Modules/mediastream/PeerConnection00.cpp:
        (WebCore::PeerConnection00::createMediaHints):

2012-05-10  Tommy Widenflycht  <tommyw@google.com>

        [chromium] MediaStream API: Fix the ExtraData functionality in WebMediaStreamDescriptor
        https://bugs.webkit.org/show_bug.cgi?id=86087

        Reviewed by Adam Barth.

        Not easy to test but I have added code that excercises this to WebUserMediaClientMock (in DumpRenderTree).

        * platform/chromium/support/WebMediaStreamDescriptor.cpp:
        (WebKit::WebMediaStreamDescriptor::setExtraData):

2012-05-10  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: search title is shown beside the search field (not under) in the vertical mode.
        https://bugs.webkit.org/show_bug.cgi?id=86120

        Reviewed by Yury Semikhatsky.

        This change makes search title render as placeholder at all times.
        It also adjusts the size of the search field when navigation arrows appear.

        * inspector/front-end/SearchController.js:
        (WebInspector.SearchController):
        (WebInspector.SearchController.prototype.updateSearchLabel):
        (WebInspector.SearchController.prototype._updateSearchNavigationButtonState):
        (WebInspector.SearchController.prototype._createSearchNavigationButton):
        * inspector/front-end/inspector.css:
        (#toolbar-search-item):
        (.with-navigation-buttons #search):
        (.toolbar-search-navigation-label):
        (.with-navigation-buttons .toolbar-search-navigation-label):
        * inspector/front-end/inspector.html:

2012-05-10  Varun Jain  <varunjain@google.com>

        [chromium] Trigger context menu for long press gesture
        https://bugs.webkit.org/show_bug.cgi?id=85919

        Reviewed by Adam Barth.

        Test: fast/events/touch/gesture/context-menu-on-long-press.html

        * page/EventHandler.cpp:
        (WebCore):
        (WebCore::EventHandler::sendContextMenuEventForGesture):
        * page/EventHandler.h:
        (EventHandler):

2012-05-10  Abhishek Arya  <inferno@chromium.org>

        Crash in ApplyStyleCommand::joinChildTextNodes.
        https://bugs.webkit.org/show_bug.cgi?id=85939

        Reviewed by Ryosuke Niwa.

        Test: editing/style/apply-style-join-child-text-nodes-crash.html

        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::applyRelativeFontStyleChange): add conditions
        to bail out if our start and end position nodes are removed due to 
        mutation events in joinChildTextNodes.
        (WebCore::ApplyStyleCommand::applyInlineStyle): this executes after
        applyRelativeFontStyleChange in ApplyStyleCommand::doApply. So, need
        to bail out if our start and end position nodes are removed due to
        mutation events.
        (WebCore::ApplyStyleCommand::joinChildTextNodes): hold all the children
        in a ref vector to prevent them from getting destroyed due to mutation events.

2012-05-10  Erik Arvidsson  <arv@chromium.org>

        Unreviewed, rebaselined run-bindings-tests results.

        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::jsTestEventTargetPrototypeFunctionAddEventListener):
        (WebCore::jsTestEventTargetPrototypeFunctionRemoveEventListener):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionAddEventListener):
        (WebCore::jsTestObjPrototypeFunctionRemoveEventListener):
        * bindings/scripts/test/V8/V8TestException.cpp:
        (WebCore::V8TestException::wrapSlow):
        * bindings/scripts/test/V8/V8TestException.h:
        (WebCore::V8TestException::wrap):

2012-05-10  Abhishek Arya  <inferno@chromium.org>

        Crash in InsertParagraphSeparatorCommand::doApply.
        https://bugs.webkit.org/show_bug.cgi?id=84995

        Reviewed by Ryosuke Niwa.

        Test: editing/inserting/insert-paragraph-seperator-crash.html

        * editing/DeleteSelectionCommand.cpp:
        (WebCore::DeleteSelectionCommand::mergeParagraphs): no need of static cast, since
        type of enclosingBlock returned is already Element*.
        * editing/IndentOutdentCommand.cpp:
        (WebCore::IndentOutdentCommand::tryIndentingAsListItem): no need of static cast, since
        type of enclosingBlock returned is already Element*.
        * editing/InsertParagraphSeparatorCommand.cpp:
        (WebCore::InsertParagraphSeparatorCommand::doApply): RefPtr startBlock to guard against
        mutation events.
        * editing/htmlediting.cpp:
        (WebCore::enclosingBlock): make sure type of enclosingNode is an element before doing
        the static cast. This was already failing in a couple of layout tests. Also, isBlock
        check already exists in the function call to enclosingNodeOfType, so don't need it
        again on enclosingNode's renderer.
        * editing/htmlediting.h: 
        (WebCore):

2012-05-10  Allan Sandfeld Jensen  <allan.jensen@nokia.com>

        TouchAdjustment doesn't correct for scroll-offsets.
        https://bugs.webkit.org/show_bug.cgi?id=86083

        Reviewed by Kenneth Rohde Christiansen.

        Already tested by: touchadjustment/scroll-delegation

        * page/EventHandler.cpp:
        (WebCore::EventHandler::bestClickableNodeForTouchPoint):
        (WebCore::EventHandler::bestZoomableAreaForTouchPoint):
        * page/TouchAdjustment.cpp:
        (WebCore::TouchAdjustment::findNodeWithLowestDistanceMetric):
        * testing/Internals.cpp:
        (WebCore::Internals::bestZoomableAreaForTouchPoint):

2012-05-10  Konrad Piascik  <kpiascik@rim.com>

        Fix typo in filename
        https://bugs.webkit.org/show_bug.cgi?id=86095

        Reviewed by Andreas Kling.

        * UseJSC.cmake:

2012-05-10  Stephen Chenney  <schenney@chromium.org>

        SVG Filters allow invalid elements as children
        https://bugs.webkit.org/show_bug.cgi?id=83979

        Reviewed by Nikolas Zimmermann.

        According to the SVG spec, there are numerous restrictions on the
        content of nodes (that is, their children). Specific to this problem,
        SVGFilter elements may only contain SVGFilterPrimitive elements, and
        those may only contain animation related elements. This patch enforces
        the restriction on filters in the render tree, thus preventing us from
        having (for instance) content that is inside a filter yet filtered by
        the filter.

        Manual test: ManualTests/bugzilla-83979.svg

        * svg/SVGFilterElement.cpp:
        (WebCore::SVGFilterElement::childShouldCreateRenderer): Added to only allow renderers for fe* children
        (WebCore):
        * svg/SVGFilterElement.h:
        (SVGFilterElement):
        * svg/SVGFilterPrimitiveStandardAttributes.h: Do not allow any children at all for fe* elements.
        (SVGFilterPrimitiveStandardAttributes):

2012-05-10  Joe Thomas  <joethomas@motorola.com>

        [CSS3 Backgrounds and Borders] Add background-size to the background shorthand
        https://bugs.webkit.org/show_bug.cgi?id=27577

        Reviewed by Alexis Menard.

        Added CSSPropertyBackgroundSize to the background shorthand propery. Added the logic for parsing background-size.
        bakground-size appears after background-position followed by a '/'.
        The specification related to this change is http://www.w3.org/TR/css3-background/#the-background

        Tests: fast/backgrounds/background-shorthand-with-backgroundSize-style.html
               fast/backgrounds/size/backgroundSize-in-background-shorthand.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
        (WebCore::CSSComputedStyleDeclaration::getBackgroundShorthandValue):
        (WebCore):
        * css/CSSComputedStyleDeclaration.h:
        (CSSComputedStyleDeclaration):
        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue):
        (WebCore::CSSParser::parseFillShorthand):
        * css/StylePropertySet.cpp:
        (WebCore::StylePropertySet::getLayeredShorthandValue):
        * css/StylePropertyShorthand.cpp:
        (WebCore):
        (WebCore::backgroundShorthand):

2012-05-10  MORITA Hajime <morrita@google.com>

        Node::InDetachFlag could be removed.
        https://bugs.webkit.org/show_bug.cgi?id=85963

        Reviewed by Antti Koivisto.

        Removed Node::inDetach() since it can never true
        on the only call site setFocusedNode().

        No new test. Covered by existing tests.

        * dom/Document.cpp:
        (WebCore::Document::setFocusedNode):
        * dom/Node.cpp:
        (WebCore::Node::detach):
        * dom/Node.h:
        (WebCore):
        (Node):

2012-05-10  Keishi Hattori  <keishi@webkit.org>

        Crash in HTMLFormControlElement::m_fieldSetAncestor
        https://bugs.webkit.org/show_bug.cgi?id=86070

        Reviewed by Kent Tamura.

        No new tests.

        The previous patch r115990 didn't completely resolve the crash (Bug 85453)
        We don't have a reproducible test case, so we are reverting to the old code for setting m_fieldSetAncestor.

        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::HTMLFormControlElement):
        (WebCore::HTMLFormControlElement::updateFieldSetAndLegendAncestor):
        (WebCore::HTMLFormControlElement::insertedInto): Set m_dataListAncestorState to Unknown because ancestor has changed. Call setNeedsWillValidateCheck because style might need to be updated.
        (WebCore::HTMLFormControlElement::removedFrom):
        (WebCore::HTMLFormControlElement::disabled):
        (WebCore::HTMLFormControlElement::recalcWillValidate):
        (WebCore::HTMLFormControlElement::willValidate):
        (WebCore::HTMLFormControlElement::setNeedsWillValidateCheck):
        * html/HTMLFormControlElement.h:
        (HTMLFormControlElement): Added m_dataListAncestorState.

2012-05-10  Sam D  <dsam2912@gmail.com>

        Web Inspector: rename InspectorBackendStub.js to InspectorBackendCommands.js
        https://bugs.webkit.org/show_bug.cgi?id=72306

        Changed name for InspectorBackendStub.js to
        InspectorBackendCommands.js

        Reviewed by Yury Semikhatsky.

        No new tests required. File name is changed.

        * DerivedSources.pri:
        * GNUmakefile.am:
        * Target.pri:
        * WebCore.gyp/WebCore.gyp:
        * WebCore.gypi:
        * WebCore.vcproj/copyWebCoreResourceFiles.cmd:
        * WebCore.xcodeproj/project.pbxproj:
        * gyp/copy-inspector-resources.sh:
        * inspector/CodeGeneratorInspector.py:
        * inspector/front-end/InspectorBackendCommands.qrc: Added.
        * inspector/front-end/InspectorBackendStub.qrc: Removed.
        * inspector/front-end/inspector.html:

2012-05-10  Alexis Menard  <alexis.menard@openbossa.org>

        [Qt] Avoid string conversions to construct a QUrl when using Qt5.
        https://bugs.webkit.org/show_bug.cgi?id=86006

        Reviewed by Kenneth Rohde Christiansen.

        In Qt5, the QUrl constructor can handle the string directly, even in UTF-16 because the
        constructor QUrl(QString) has been fixed. Unfortunately we still need to use the old
        code path when building with Qt4.

        No new tests : it's a performance improvement which should be covered by tests.

        * platform/qt/KURLQt.cpp:
        (WebCore::KURL::operator QUrl):

2012-05-10  Noel Gordon  <noel.gordon@gmail.com>

        [chromium] REGRESSION(r107389) Visible line artifacts on some JPEG images
        https://bugs.webkit.org/show_bug.cgi?id=85772

        Reviewed by Kent Tamura.

        On some JPEG images, vertical and horizontal lines artifacts might appear in image
        regions with very high frequency color variation when using DCT_IFAST decodes. Use
        DCT_IFAST on small screen devices only (Chromium Android).

        No new tests. Covered by existing tests.

        * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
        (dctMethod): Permit DCT_IFAST decoding for Chromium Android only.

2012-05-10  Kenneth Rohde Christiansen  <kenneth@webkit.org>

        [Qt] Implement fit-to-width behaviour
        https://bugs.webkit.org/show_bug.cgi?id=86085

        Reviewed by Simon Hausmann.

        Add a method to get the minimum scale factor that contains the content
        without showing any chrome background.

        * dom/ViewportArguments.cpp:
        (WebCore::computeMinimumScaleFactorForContentContained):
        (WebCore):
        * dom/ViewportArguments.h:
        (WebCore):

2012-05-10  MORITA Hajime  <morrita@google.com>

        Remove support for Node::willRemove()
        https://bugs.webkit.org/show_bug.cgi?id=55209

        Reviewed by Ryosuke Niwa.

        This change de-virtualizes Node::willRemove(), gains
        5% speedup on Dromaeo dom-modify.

        Originally there were 5 willRemove() overrides:
        - Element
        - HTMLStyleElement
        - HTMLSourceElement
        - HTMLTrackElement
        - HTMLFrameOwnerElement

        For first 4 items, this change moves their implementations to
        Node::removedFrom() overrides.

        Then HTMLFrameOwnerElement is the only class which needs the
        notification.  Because it emits the "unload" event, it needs some
        notification _before_ its removal. To handle that, this change
        introduces ChildFrameDisconnector which collects
        corresponding decendant elements and disconnect their content frame.

        Even though this approach doesn't kill pre-removal tree traversal
        completely, it's a bit more efficient due to the de-virtualization.

        No new tests. Covered by existing test.

        * dom/ContainerNode.cpp:
        (WebCore::willRemoveChild): Replaced willRemove() call with ChildFrameDisconnector.
        (WebCore::willRemoveChildren): Ditto.
        (WebCore::ContainerNode::disconnectDescendantFrames): Added. Used from FrameLoader to replace Document::willRemove() call.
        (WebCore):
        * dom/ContainerNode.h:
        (ContainerNode):
        * dom/ContainerNodeAlgorithms.cpp:
        (WebCore::ChildFrameDisconnector::collectDescendant):
        (WebCore):
        (WebCore::ChildFrameDisconnector::Target::disconnect):
        * dom/ContainerNodeAlgorithms.h:
        (ChildFrameDisconnector):
        (Target):
        (WebCore::ChildFrameDisconnector::Target::Target):
        (WebCore::ChildFrameDisconnector::Target::isValid):
        (WebCore):
        (WebCore::ChildFrameDisconnector::ChildFrameDisconnector):
        (WebCore::ChildFrameDisconnector::collectDescendant):
        (WebCore::ChildFrameDisconnector::disconnect):
        * dom/Element.cpp:
        (WebCore::Element::removedFrom):
        * dom/Element.h:
        * dom/ElementShadow.cpp:
        * dom/ElementShadow.h:
        (ElementShadow):
        * dom/Node.cpp:
        * dom/Node.h: Added IsFrameOwnerElement flag to de-virtualize IsFrameOwnerElement().
        (WebCore::Node::isFrameOwnerElement): De-virtualized.
        (Node):
        * html/HTMLElement.h:
        (HTMLElement):
        (WebCore::HTMLElement::HTMLElement):
        * html/HTMLFrameOwnerElement.cpp:
        (WebCore::HTMLFrameOwnerElement::HTMLFrameOwnerElement):
        (WebCore::HTMLFrameOwnerElement::disconnectContentFrame): Extracted from original willRemove().
        * html/HTMLFrameOwnerElement.h:
        (HTMLFrameOwnerElement):
        (WebCore::toFrameOwnerElement):
        (WebCore):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::sourceWasRemoved): Renamed from sourceWillBeRemoved(), dealing with the timing change.
        * html/HTMLMediaElement.h:
        (HTMLMediaElement):
        (WebCore::isMediaElement):
        (WebCore):
        (WebCore::toMediaElement):
        * html/HTMLSourceElement.cpp:
        (WebCore::HTMLSourceElement::removedFrom): Moved some code from willRemove().
        * html/HTMLSourceElement.h:
        (HTMLSourceElement):
        * html/HTMLStyleElement.cpp:
        (WebCore::HTMLStyleElement::removedFrom):
        (WebCore):
        * html/HTMLStyleElement.h:
        (HTMLStyleElement):
        * html/HTMLTrackElement.cpp:
        (WebCore::HTMLTrackElement::removedFrom): Moved some code from willRemove().
        * html/HTMLTrackElement.h:
        (HTMLTrackElement):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::clear):

2012-05-10  Kinuko Yasuda  <kinuko@chromium.org>

        Change the return type of Entry.toURL() back to String from KURL
        https://bugs.webkit.org/show_bug.cgi?id=85858

        Reviewed by Ryosuke Niwa.

        I once changed it from String to KURL in r116273 but it turned out that
        it involves implicit conversion and may incur extra overhead.
        This partly reverts r116273 while keeping some internal functions
        returning KURL as it's what we initially create as and is more
        convenient to operate on.

        No new tests; no functional or visible changes.

        * Modules/filesystem/EntryBase.cpp:
        (WebCore::EntryBase::toURL):
        * Modules/filesystem/EntryBase.h:
        (EntryBase):

2012-05-10  Alexander Pavlov  <apavlov@chromium.org>

        Web Inspector: Autocomplete for CSS property values in the Styles pane behaving incorrectly
        https://bugs.webkit.org/show_bug.cgi?id=85784

        Reviewed by Vsevolod Vlasov.

        Before executing the number increment/decrement within CSS property value, the current word is checked
        for being a valid suggestion for the current property, and if it is, the numeric change is skipped
        in favor of the suggested property value switch by a suggest box.

        * inspector/front-end/StylesSidebarPane.js:

2012-05-10  Abhishek Arya  <inferno@chromium.org>

        Make DOMCharacterDataModified a scoped event (similar to r73690).
        https://bugs.webkit.org/show_bug.cgi?id=85920

        Reviewed by Ryosuke Niwa.

        DOMCharacterDataModified was missing in the list of already scoped
        DOM mutation events like DOMSubtreeModified, DOMNodeInserted, etc.
        It helps to delay event dispatches until the completion of each call
        of EditCommand::doApply. This has been useful in the past and helped to 
        prevent unexpected DOM tree mutations while the editing command is executing.

        * dom/CharacterData.cpp:
        (WebCore::CharacterData::dispatchModifiedEvent):

2012-05-10  Alexandre Elias  <aelias@google.com>

        Default to null value for HistoryItem::m_pageScaleFactor
        https://bugs.webkit.org/show_bug.cgi?id=84385

        Reviewed by Adam Barth.

        Previously, HistoryItem::m_pageScaleFactor defaulted to a value
        of 1, making it impossible to determine whether this value was never
        set, or intentionally set to 1.  This patch introduces a default value
        of 0 and makes restoreScrollPositionAndViewState not touch the page
        scale factor if this value is still present at time of reload.

        This is a no-op change for common navigation scenarios.  The
        motivation for this change is the corner case of syncing history items
        from a desktop browser to a mobile device.  In that case, we need a
        way to specify that the history item does not contain a
        pageScaleFactor so that the mobile device does not display the page
        overly zoomed in.

        No new tests.

        * history/HistoryItem.cpp:
        (WebCore::HistoryItem::HistoryItem):
        * loader/HistoryController.cpp:
        (WebCore::HistoryController::restoreScrollPositionAndViewState):

2012-05-10  Csaba Osztrogonác  <ossy@webkit.org>

        Use suitable viewport values when a Mobile DTD is used.
        https://bugs.webkit.org/show_bug.cgi?id=85425

        Unreviewed debug buildfix after r116571.

        * dom/Document.cpp:
        (WebCore::Document::setDocType):

2012-05-10  Yoshifumi Inoue  <yosin@chromium.org>

        [Forms] Move step related methods to InputType class from HTMLInputElement class
        https://bugs.webkit.org/show_bug.cgi?id=85978

        Reviewed by Kent Tamura.

        This patch is part of re-factoring of HTMLInputElement.cpp for numeric input type.
        In this patch, we move implementation of getAllowedValueStep and stepUp/stepUpFromRenderer
        to InputType class because of these are for DateTime/Number/Range.

        Following patches will change implementation of getAllowedValueStep to use StepRange and
        remove step related methods, defaultStep, stepScaleFactor, and so on.

        No new tests. This patch should not change behavior.

        * html/HTMLInputElement.cpp:
        (WebCore):
        (WebCore::HTMLInputElement::getAllowedValueStep):
        (WebCore::HTMLInputElement::stepUp):
        (WebCore::HTMLInputElement::stepDown):
        (WebCore::HTMLInputElement::stepUpFromRenderer):
        * html/HTMLInputElement.h:
        (HTMLInputElement):
        * html/InputType.cpp:
        (WebCore::InputType::applyStep):
        (WebCore):
        (WebCore::InputType::alignValueForStep):
        (WebCore::InputType::getAllowedValueStep):
        (WebCore::InputType::getAllowedValueStepWithDecimalPlaces):
        (WebCore::InputType::stepUp):
        (WebCore::InputType::stepUpFromRenderer):
        * html/InputType.h:
        (InputType):

2012-05-09  Kent Tamura  <tkent@chromium.org>

        Calendar Picker: Fix a crash by changing input type.
        https://bugs.webkit.org/show_bug.cgi?id=86007

        Reviewed by Hajime Morita.

        Manual test: forms/calendar-picker-crash-by-type-change.html

        * html/shadow/CalendarPickerElement.cpp:
        (WebCore::CalendarPickerElement::~CalendarPickerElement):
        Added. Make sure the popup is closed.
        * html/shadow/CalendarPickerElement.h:
        (CalendarPickerElement): Add declaration of the destructor.

2012-05-09  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Move suspendAnimations to use Internals interface.
        https://bugs.webkit.org/show_bug.cgi?id=85986

        Reviewed by Ryosuke Niwa.

        Add suspendAnimations functions, because it is able to work in the
        cross-port way through the Internals interface.

        No new tests, since we are improving here the infra-structure for testing
        a specific method.

        * testing/Internals.cpp:
        (WebCore::Internals::suspendAnimations):
        (WebCore):
        * testing/Internals.h:
        (Internals):
        * testing/Internals.idl:

2012-05-09  Charlie Reis  <creis@chromium.org>

        Add dispatchMessageEventWithOriginCheck to DOMWindow
        https://bugs.webkit.org/show_bug.cgi?id=85815

        Reviewed by Adam Barth.

        Useful for ports that support cross-process postMessage.
        No new tests, since covered by existing postMessage tests.

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::postMessageTimerFired):
        (WebCore):
        (WebCore::DOMWindow::dispatchMessageEventWithOriginCheck):
        * page/DOMWindow.h:
        (WebCore):
        (DOMWindow):

2012-05-09  Jason Liu  <jason.liu@torchmobile.com.cn>

        [BlackBerry] Cookie parsing issue. If the cookie value provided was (") then the browser creates a session cookie instead.
        https://bugs.webkit.org/show_bug.cgi?id=85775

        Reviewed by Rob Buis.

        Make CookieParser::parseOneCookie handle (cookiename="cookievalue;expires=xxxx) correctly.
        This cookie's value is "cookievalue not "cookievalue;expires=xxxx.

        Test: http/tests/cookies/single-quoted-value.html

        * platform/blackberry/CookieParser.cpp:
        (WebCore::CookieParser::parseOneCookie):

2012-05-09  Raymond Liu  <raymond.liu@intel.com>

        Add multi-channels support for CopyWithGainFrom in AudioBus
        https://bugs.webkit.org/show_bug.cgi?id=80675

        Reviewed by Chris Rogers.

        * platform/audio/AudioBus.cpp:
        (WebCore):
        (WebCore::AudioBus::AudioBus):
        (WebCore::AudioBus::copyWithGainFrom):
        * platform/audio/AudioBus.h:
        (AudioBus):

2012-05-09  Jessie Berlin  <jberlin@apple.com>

        Crash using the new WKBundleDOMWindowExtensions APIs.
        https://bugs.webkit.org/show_bug.cgi?id=85888

        Reviewed by Brady Eidson.

        WKBundlePageWillDestroyGlobalObjectForDOMWindowExtensionCallback was only being invoked when
        the WKPage was destroyed, and then only for the child frames. In addition, the
        DOMWindowExtension was holding onto a destroyed DOMWindow and attempting to unregister from
        when the WK2 wrapper object was attempting to destroy the DOMWindowExtension.

        The underlying issue here was that the DOMWindowProperties were getting disconnectFrame
        and willDetachPage called on them at the wrong times.

        Rename DOMWindowProperty::disconnectFrame and reconnectFrame to disconnectFrameForPageCache
        and reconnectFrameFromPageCache for clarity.

        Only invoke DOMWindowProperty::disconnectFrameForPageCache when the frame is going into the
        page cache.

        In the cases where the DOMWindow is getting destroyed, the frame is being destroyed, or the
        DOMWindow is getting cleared because the frame is being navigated, invoke
        DOMWindowProperty::willDestroyGlobalObjectInFrame instead of disconnectFrame.

        Invoke DOMWindowProperty::willDetachGlobalObjectFromFrame when a document is being detached
        because the frame has been detached (e.g. fast/storage/storage-detached-iframe.html) and
        won't be immediately destroyed.

        Invoke DOMWindowProperty::willDestroyGlobalObjectInCachedFrame when a cached frame is
        being destroyed.

        New WK2 API Test: DOMWindowExtensionNoCache.

        * Modules/indexeddb/DOMWindowIndexedDatabase.cpp:
        (WebCore::DOMWindowIndexedDatabase::disconnectFrameForPageCache):
        Updated for disconnectFrame rename.
        (WebCore::DOMWindowIndexedDatabase::reconnectFrameFromPageCache):
        Updated for reconnectFrame rename.
        (WebCore::DOMWindowIndexedDatabase::willDestroyGlobalObjectInCachedFrame):
        Get rid of the suspended IDBFactory.
        (WebCore::DOMWindowIndexedDatabase::willDestroyGlobalObjectInFrame):
        Get rid of the IDBFactory.
        (WebCore::DOMWindowIndexedDatabase::willDetachGlobalObjectFromFrame):
        Ditto.
        * Modules/indexeddb/DOMWindowIndexedDatabase.h:

        * dom/Document.cpp:
        (WebCore::Document::prepareForDestruction):
        Tell the DOMWindow before detaching the Document.
        * dom/Document.h:

        * history/CachedFrame.cpp:
        (WebCore::CachedFrame::destroy):
        Tell the DOMWindow.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::clear):
        Use Document::prepareForDestruction so that the DOMWindow is told about the main frame
        navigation before detaching the Document.

        * loader/appcache/DOMApplicationCache.cpp:
        (WebCore::DOMApplicationCache::disconnectFrameForPageCache):
        Updated for the disconnectFrame rename.
        (WebCore::DOMApplicationCache::reconnectFrameFromPageCache):
        Updated for the reconnectFrame rename.
        (WebCore::DOMApplicationCache::willDestroyGlobalObjectInFrame):
        Cover the cases formerly covered by disconnectFrame (which was sometimes being called when
        called when the frame was destroyed).
        * loader/appcache/DOMApplicationCache.h:

        * notifications/DOMWindowNotifications.cpp:
        (WebCore::DOMWindowNotifications::disconnectFrameForPageCache):
        Updated for the disconnectFrame rename.
        (WebCore::DOMWindowNotifications::reconnectFrameFromPageCache):
        Updated for the reconnectFrame rename.
        (WebCore::DOMWindowNotifications::willDestroyGlobalObjectInCachedFrame):
        Get rid of the suspended notification center.
        (WebCore::DOMWindowNotifications::willDestroyGlobalObjectInFrame):
        Get rid of the notification center.
        (WebCore::DOMWindowNotifications::willDetachGlobalObjectFromFrame):
        Do not allow use of the notification center by detached frames.
        * notifications/DOMWindowNotifications.h:

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::clearDOMWindowProperties):
        Do not call disconnectDOMWindowProperties. It is now the responsibility of the callers to
        tell the DOMWindowProperties the correct cause of being cleared.
        (WebCore::DOMWindow::~DOMWindow):
        Make sure the DOMWindowProperties still know that the DOMWindow is going away.
        (WebCore::DOMWindow::frameDestroyed):
        Invoke willDestroyGlobalObjectInFrame on the DOMWindowProperties.
        (WebCore::DOMWindow::willDetachPage):
        It is no longer necessary to tell the DOMWindowProperties anything here.
        (WebCore::DOMWindow::willDestroyCachedFrame):
        Tell the DOMWindowProperties.
        (WebCore::DOMWindow::willDestroyDocumentInFrame):
        Ditto.
        (WebCore::DOMWindow::willDetachDocumentFromFrame):
        Ditto.
        (WebCore::DOMWindow::clear):
        Ditto.
        (WebCore::DOMWindow::disconnectDOMWindowProperties):
        Updated for the disconnectFrame rename.
        (WebCore::DOMWindow::reconnectDOMWindowProperties):
        Ditto.
        * page/DOMWindow.h:

        * page/DOMWindowExtension.cpp:
        (WebCore::DOMWindowExtension::DOMWindowExtension):
        Move the responsibility for tracking the disconnected DOMWindow to DOMWindowProperty, since
        DOMWindowProperty will need it to unregister the property when a cached frame is destroyed.
        (WebCore::DOMWindowExtension::disconnectFrameForPageCache):
        Remove the code to check for disconnectFrame being called twice - it is now only called when
        a frame goes into the page cache.
        Let the DOMWindowProperty keep track of the disconnected DOMWindow.
        (WebCore::DOMWindowExtension::reconnectFrameFromPageCache):
        Let the DOMWindowProperty keep track of the disconnected DOMWindow.
        (WebCore::DOMWindowExtension::willDestroyGlobalObjectInCachedFrame):
        Dispatch the willDestroyGlobalObjectForDOMWindowExtension callback.
        (WebCore::DOMWindowExtension::willDestroyGlobalObjectInFrame):
        Ditto, but only if the callback hasn't already been sent because the frame has been detached.
        (WebCore::DOMWindowExtension::willDetachGlobalObjectFromFrame):
        Send the callback because nothing interesting can be done in the frame once it has been
        detached.
        * page/DOMWindowExtension.h:

        * page/DOMWindowProperty.cpp:
        (WebCore::DOMWindowProperty::DOMWindowProperty):
        Keep track of the disconnected DOMWindow so it can be used to unregister the property when a
        cached frame is destroyed.
        (WebCore::DOMWindowProperty::~DOMWindowProperty):
        Also unregister the property when a DOMWindowProperty for a cached frame is destroyed.
        (WebCore::DOMWindowProperty::disconnectFrameForPageCache):
        Keep track of the disconnected DOMWindow.
        (WebCore::DOMWindowProperty::reconnectFrameFromPageCache):
        Ditto.
        (WebCore::DOMWindowProperty::willDestroyGlobalObjectInCachedFrame):
        Unregister the property from the disconnected DOMWindow.
        (WebCore::DOMWindowProperty::willDestroyGlobalObjectInFrame):
        Unregister the property from the DOMWindow and stop keeping track of the frame.
        (WebCore::DOMWindowProperty::willDetachGlobalObjectFromFrame):
        Do not set m_frame to 0 because detached frames still have access to the DOMWindow, even if
        they can't do anything meaningful with it.
        * page/DOMWindowProperty.h:

        * page/Frame.cpp:
        (WebCore::Frame::setView):
        Tell the DOMWindow that the Document is being detached so it can tell the
        DOMWindowProperties.

        * page/PointerLock.cpp:
        (WebCore::PointerLock::disconnectFrameForPageCache):
        Updated for disconnectFrame rename.
        (WebCore::PointerLock::willDestroyGlobalObjectInFrame):
        Cover the cases formerly covered by disconnectFrame (which was sometimes being called when
        called when the frame was destroyed).
        * page/PointerLock.h:

2012-05-09  Ian Vollick  <vollick@chromium.org>

        [chromium] Ensure animations get ticked at least once when added.
        https://bugs.webkit.org/show_bug.cgi?id=86013

        Reviewed by James Robinson.

        Tested in
          CCLayerTreeHostTestTickAnimationWhileBackgrounded.runSingleThreaded
          CCLayerTreeHostTestAddAnimationWithTimingFunction.runSingleThreaded
          CCLayerTreeHostTestSynchronizeAnimationStartTimes.runSingleThreaded
          CCLayerTreeHostTestAnimationFinishedEvents.runSingleThreaded

        * platform/graphics/chromium/LayerChromium.cpp:
        (WebCore::LayerChromium::addAnimation):
        * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:
        (WebCore::CCLayerAnimationController::pushNewAnimationsToImplThread):
        * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
        (WebCore::CCLayerTreeHost::finishCommitOnImplThread):
        (WebCore::CCLayerTreeHost::didAddAnimation):
        (WebCore):
        (WebCore::CCLayerTreeHost::didBecomeInvisibleOnImplThread):
        * platform/graphics/chromium/cc/CCLayerTreeHost.h:
        (CCLayerTreeHost):
        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
        (WebCore::CCLayerTreeHostImpl::CCLayerTreeHostImpl):
        * platform/graphics/chromium/cc/CCProxy.h:
        (CCProxy):
        * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
        (CCSingleThreadProxyAnimationTimer):
        (WebCore::CCSingleThreadProxyAnimationTimer::create):
        (WebCore::CCSingleThreadProxyAnimationTimer::CCSingleThreadProxyAnimationTimer):
        (WebCore):
        (WebCore::CCSingleThreadProxy::CCSingleThreadProxy):
        (WebCore::CCSingleThreadProxy::didAddAnimation):
        (WebCore::CCSingleThreadProxy::doComposite):
        * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
        (WebCore):
        * platform/graphics/chromium/cc/CCThreadProxy.h:

2012-05-09  Adam Barth  <abarth@webkit.org>

        Implement HTML Media Capture
        https://bugs.webkit.org/show_bug.cgi?id=85958

        Reviewed by Eric Seidel.

        This patch begins the implementation of
        http://www.w3.org/TR/html-media-capture/ by adding the capture
        attribute to HTMLInputElement.

        Test: fast/forms/file/file-input-capture.html

        * html/FileInputType.cpp:
        (WebCore::FileInputType::handleDOMActivateEvent):
        * html/HTMLAttributeNames.in:
        * html/HTMLInputElement.cpp:
        (WebCore):
        (WebCore::HTMLInputElement::capture):
        (WebCore::HTMLInputElement::setCapture):
        * html/HTMLInputElement.h:
        (HTMLInputElement):
        * html/HTMLInputElement.idl:
        * platform/FileChooser.h:
        (FileChooserSettings):

2012-05-09  Charles Wei  <charles.wei@torchmobile.com.cn>

        [BlackBerry]  Refactor data scheme support
        https://bugs.webkit.org/show_bug.cgi?id=85938

        Reviewed by Rob Buis.

        We will create a DataStream in our platform repository,
        so that can be wrapped up by NetworkJob for webkit rendering,
        and by DownloadStream for downloading.

        Refactor, no new tests.

        * platform/network/blackberry/NetworkJob.cpp:
        (WebCore::NetworkJob::NetworkJob):
        (WebCore::NetworkJob::initialize):
        (WebCore::NetworkJob::cancelJob):
        (WebCore::NetworkJob::sendResponseIfNeeded):
        * platform/network/blackberry/NetworkJob.h:
        (NetworkJob):
        * platform/network/blackberry/NetworkManager.cpp:
        (WebCore::NetworkManager::startJob):

2012-05-09  Dana Jansens  <danakj@chromium.org>

        [chromium] Don't draw when canDraw() is false
        https://bugs.webkit.org/show_bug.cgi?id=85829

        Reviewed by Adrienne Walker.

        This is based on the work of Daniel Sievers in bug
        https://bugs.webkit.org/show_bug.cgi?id=82680. When canDraw() is false,
        we should not call drawLayers() or prepareToDraw() in both Single- and
        Multi-Threaded mode.

        drawLayers() is crashing in single threaded mode, and this attempts to
        prevent it from being called with invalid state. While making it behave
        properly in single-threaded mode, it seems appropriate to unrevert the
        parts of 82680 that made threaded mode behave similarly appropriately.

        A single-threaded test is not included since LTHTests is unable to run
        in single-threaded mode at this time (pending work from Ian Vollick). So
        we test in threaded mode only with a note to include a single thread
        version.

        Tests: CCLayerTreeHostTestCanDrawBlocksDrawing.runMultiThread

        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
        (WebCore::CCLayerTreeHostImpl::prepareToDraw):
        (WebCore::CCLayerTreeHostImpl::drawLayers):
        * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
        (WebCore::CCSingleThreadProxy::doComposite):
        * platform/graphics/chromium/cc/CCThreadProxy.cpp:
        (WebCore::CCThreadProxy::scheduledActionDrawAndSwapInternal):

2012-05-09  Martin Robinson  <mrobinson@igalia.com>

        [Cairo] GLContextGLX releases the context with an uninitialized display
        https://bugs.webkit.org/show_bug.cgi?id=86039

        Reviewed by Philippe Normand.

        No new tests. This does not change behavior on most machines, but has
        the potential to prevent a pretty nasty crash on others.

        Use the shared display to release GLX contexts instead of the uninitialized
        m_display member.

        * platform/graphics/glx/GLContextGLX.cpp:
        (WebCore::GLContextGLX::~GLContextGLX): Release the display with the shared
        display.
        * platform/graphics/glx/GLContextGLX.h:
        (GLContextGLX): Remove the m_display member.

2012-05-09  Tony Gentilcore  <tonyg@chromium.org>

        Subresources loaded after a reload completes shouldn't be revalidated.
        https://bugs.webkit.org/show_bug.cgi?id=84614

        Based on patch by Darin Fisher.

        Reviewed by Darin Fisher.

        Tests: http/tests/cache/loaded-from-cache-after-reload-within-iframe.html
               http/tests/cache/loaded-from-cache-after-reload.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::checkLoadCompleteForThisFrame): Reset m_loadType after the load completes.

2012-05-09  Erik Arvidsson  <arv@chromium.org>

        [V8] Fix issue where V8BindingPerContextData could keep the context object alive
        https://bugs.webkit.org/show_bug.cgi?id=86036

        Reviewed by Kentaro Hara.

        This is a partial revert of http://trac.webkit.org/changeset/114320/. This keeps
        the layout tests that were introduced since it turns out that
        http://trac.webkit.org/changeset/114989 fixes the tests too.

        Covered by: http/tests/security/isolatedWorld/context-destroy.html

        * bindings/v8/V8IsolatedContext.cpp:
        (WebCore::V8IsolatedContext::destroy):

2012-05-09  Anders Carlsson  <andersca@apple.com>

        Speed up some parts of TileCache drawing
        https://bugs.webkit.org/show_bug.cgi?id=86033
        <rdar://problem/10919373>

        Reviewed by Sam Weinig.

        * platform/graphics/ca/mac/TileCache.mm:
        (WebCore::TileCache::tileCoverageRect):
        If we can't have scrollbars, there's not much need to extend the tile coverage rect outside of the visible rect, since it's
        unlikely that we'll do any form of scrolling here.

        (WebCore::TileCache::revalidateTiles):
        Don't update the tile layer frame if it's big enough to contain the tile size. Also, if there are no new tiles created,
        don't call platformCALayerDidCreateTiles since that will trigger an extra layer flush.

2012-05-09  Alexandre Elias  <aelias@google.com>

        setPageScaleFactor should setScrollPosition if scale is unchanged
        https://bugs.webkit.org/show_bug.cgi?id=84400

        Reviewed by Adam Barth.

        Previously, setPageScaleFactor forgot about its "origin" argument if
        the page scale factor is unchanged.  This has proven undesirable in
        practice because, for example, a single pinch gesture may zoom in and
        back out to the original page scale factor, but at a different scroll
        offset.

        New test case added to scale-and-scroll-body-expected.txt

        * page/Page.cpp:
        (WebCore::Page::setPageScaleFactor):

2012-05-09  Hugo Parente Lima  <hugo.lima@openbossa.org>

        Use suitable viewport values on XHTML-MP pages.
        https://bugs.webkit.org/show_bug.cgi?id=85425

        Reviewed by Kenneth Rohde Christiansen.

        Tests: fast/viewport/viewport-legacy-xhtmlmp-misplaced-doctype.html
               fast/viewport/viewport-legacy-xhtmlmp-ordering.html
               fast/viewport/viewport-legacy-xhtmlmp.html

        Use device-width and device-height as viewport size on
        XHTML-MP pages if the use feature LEGACY_VIEWPORT_ADAPTION
        is set according as the non normative section of
        http://www.w3.org/TR/css-device-adapt/

        * dom/Document.cpp:
        (WebCore::Document::setDocType):

2012-05-09  Beth Dakin  <bdakin@apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=86025
        RTL and vertical text documents do no scroll properly with the new 
        tiled scrolling model
        -and corresponding-
        <rdar://problem/11077589>

        Reviewed by Dan Bernstein.
        
        Most of the fix here is just to teach the scrolling tree about the 
        scroll origin.
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::frameViewLayoutUpdated):
        (WebCore::ScrollingCoordinator::setScrollParameters):
        * page/scrolling/ScrollingCoordinator.h:
        (ScrollParameters):
        * page/scrolling/ScrollingTreeNode.cpp:
        (WebCore::ScrollingTreeNode::update):
        * page/scrolling/ScrollingTreeNode.h:
        (WebCore::ScrollingTreeNode::scrollOrigin):
        (ScrollingTreeNode):
        * page/scrolling/ScrollingTreeState.cpp:
        (WebCore::ScrollingTreeState::setScrollOrigin):
        (WebCore):
        * page/scrolling/ScrollingTreeState.h:
        (WebCore::ScrollingTreeState::scrollOrigin):
        (ScrollingTreeState):
        * page/scrolling/mac/ScrollingTreeNodeMac.mm:
        (WebCore::ScrollingTreeNodeMac::scrollPosition):
        (WebCore::ScrollingTreeNodeMac::setScrollLayerPosition):
        (WebCore::ScrollingTreeNodeMac::minimumScrollPosition):
        (WebCore::ScrollingTreeNodeMac::maximumScrollPosition):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::frameViewDidScroll):

        Teaching the scrolling tree about the scroll origin revealed this pre-
        existing bug. layoutOverflowRect() is not the right rect to use since 
        it is not writing-mode savvy. unscaledDocumentRect() is the right rect 
        for the view's bounds.
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateCompositedBounds):

2012-05-09  Rob Buis  <rwlbuis@webkit.org>

        Cleanup SVGElement.cpp
        https://bugs.webkit.org/show_bug.cgi?id=86004

        Reviewed by Eric Seidel.

        Remove unneeded includes. We do not need to check attr in SVGElement::attributeChanged,
        lower layers assume it is non-null and we do not call attributeChanged in SVG.

        * svg/SVGElement.cpp:
        (WebCore::SVGElement::attributeChanged):
        (WebCore::SVGElement::isAnimatableAttribute):

2012-05-09  Jochen Eisinger  <jochen@chromium.org>

        When creating a new page during a navigation, prime the initial document with the correct referrer policy
        https://bugs.webkit.org/show_bug.cgi?id=86001

        Reviewed by Adam Barth.

        Test: http/tests/security/referrer-policy-redirect-link.html

        * dom/Document.h:
        (WebCore::Document::setReferrerPolicy):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):

2012-05-09  Alec Flett  <alecflett@chromium.org>

        IndexedDB: call abort handler when there are problems committing
        https://bugs.webkit.org/show_bug.cgi?id=85841

        Reviewed by Ojan Vafai.

        No new tests. Every existing test that calls commit() is testing
        the success side of this, and this only throws when there are
        LevelDB errors, which is exactly what we're trying to diagnose
        with this patch.

        * Modules/indexeddb/IDBBackingStore.h:
        (Transaction):
        * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
        (WebCore::IDBLevelDBBackingStore::deleteDatabase):
        (WebCore::IDBLevelDBBackingStore::Transaction::commit):
        * Modules/indexeddb/IDBLevelDBBackingStore.h:
        (Transaction):
        * Modules/indexeddb/IDBTransactionBackendImpl.cpp:
        (WebCore::IDBTransactionBackendImpl::commit):

2012-05-09  Mark Pilgrim  <pilgrim@chromium.org>

        [Chromium] Remove PlatformSupport::loadPlatformImageResource, call loadResource directly
        https://bugs.webkit.org/show_bug.cgi?id=84417

        Reviewed by Adam Barth.

        Part of a refactoring series. See tracking bug 82948.

        * WebCore.gyp/WebCore.gyp:
        * WebCore.gypi:
        * platform/chromium/PlatformSupport.h:
        (PlatformSupport):
        * platform/graphics/chromium/ImageChromium.cpp:
        (WebCore::Image::loadPlatformResource):
        * platform/graphics/chromium/ImageChromiumMac.mm: Removed.

2012-05-09  Rob Buis  <rbuis@rim.com>

        Remove some isSVGFoo methods
        https://bugs.webkit.org/show_bug.cgi?id=86009

        Reviewed by Eric Seidel.

        These are not used at the moment and were probably just copy and pasted from
        isSVGFoo methods in RenderObject.h.

        * rendering/RenderObject.h:
        * rendering/svg/RenderSVGEllipse.h:
        (RenderSVGEllipse):
        * rendering/svg/RenderSVGRect.h:
        (RenderSVGRect):
        * rendering/svg/RenderSVGShape.h:

2012-05-09  Ian Vollick  <vollick@chromium.org>

        [chromium] Add impl-thread support for fill-mode and direction css animation properties
        https://bugs.webkit.org/show_bug.cgi?id=77662

        Reviewed by James Robinson.

        Adds support for accelerating css animations with -webkit-animation-fill-mode,
        and -webkit-animation-direction properties.

        Tested in:
          CCActiveAnimationTest.TrimTimeAlternating
          CCLayerAnimationControllerTest.createReversedAnimation
          CCLayerAnimationControllerTest.createAlternatingAnimation
          CCLayerAnimationControllerTest.createReversedAlternatingAnimation

        * platform/graphics/chromium/cc/CCActiveAnimation.cpp:
        (WebCore::CCActiveAnimation::CCActiveAnimation):
        (WebCore::CCActiveAnimation::trimTimeToCurrentIteration):
        (WebCore::CCActiveAnimation::cloneForImplThread):
        * platform/graphics/chromium/cc/CCActiveAnimation.h:
        (CCActiveAnimation):
        (WebCore::CCActiveAnimation::alternatesDirection):
        (WebCore::CCActiveAnimation::setAlternatesDirection):
        * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:

2012-05-09  Ken Buchanan  <kenrb@chromium.org>

        Crash from removal of a line break object
        https://bugs.webkit.org/show_bug.cgi?id=85997

        Reviewed by David Hyatt.

        Regression from r115343. That replaced a call to setNeedsLayout()
        with a separate call that used a different bit during linebox
        invalidation after renderer child removal. There are special cases
        where layout isn't marked on parent nodes just from the removal, so
        line dirtying needs to explicitly mark ancestors for layout.

        * rendering/RenderObject.h:
        (WebCore::RenderObject::setAncestorLineBoxDirty):

2012-05-09  Levi Weintraub  <leviw@chromium.org>

        Fix performance regression for floats caused by LayoutUnit change
        https://bugs.webkit.org/show_bug.cgi?id=85834

        Reviewed by Ojan Vafai.

        Refactoring FractionalLayout types to alleviate performance issues. Explicitly
        inlining constructor and operator functions in FractionalLayoutUnit, as well as
        pixelSnappedIntSize and pixelSnappedIntRect (particularly hot code paths). Also
        further simplifying round and ceil functions when sub-pixel layout is not enabled.

        pixelSnappedIntSize was the only function defined in FractionalLayoutSize.cpp,
        so it is removed.

        No new tests. No change in functionality.

        * CMakeLists.txt:
        * GNUmakefile.list.am:
        * Target.pri:
        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * platform/FractionalLayoutUnit.h:
        (WebCore::FractionalLayoutUnit::FractionalLayoutUnit):
        (FractionalLayoutUnit):
        (WebCore::FractionalLayoutUnit::toInt):
        (WebCore::FractionalLayoutUnit::toFloat):
        (WebCore::FractionalLayoutUnit::toDouble):
        (WebCore::FractionalLayoutUnit::toUnsigned):
        (WebCore::FractionalLayoutUnit::operator int):
        (WebCore::FractionalLayoutUnit::operator unsigned):
        (WebCore::FractionalLayoutUnit::operator float):
        (WebCore::FractionalLayoutUnit::operator double):
        (WebCore::FractionalLayoutUnit::operator bool):
        (WebCore::FractionalLayoutUnit::ceil):
        (WebCore::FractionalLayoutUnit::round):
        * platform/graphics/FractionalLayoutRect.cpp:
        (WebCore):
        * platform/graphics/FractionalLayoutRect.h:
        (WebCore::FractionalLayoutRect::pixelSnappedSize):
        (WebCore::pixelSnappedIntRect):
        (WebCore):
        * platform/graphics/FractionalLayoutSize.cpp: Removed.
        * platform/graphics/FractionalLayoutSize.h:
        (WebCore):
        * rendering/LayoutTypes.h:
        (WebCore::pixelSnappedIntSize):
        (WebCore):

2012-05-09  Abhishek Arya  <inferno@chromium.org>

        Crash in ReplaceSelectionCommand::performTrivialReplace
        https://bugs.webkit.org/show_bug.cgi?id=85943

        Reviewed by Ryosuke Niwa.

        RefPtr nodeAfterInsertionPos to guard against mutation events.

        Test: editing/inserting/insert-html-crash.html

        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::ReplaceSelectionCommand::performTrivialReplace):

2012-05-03  Shawn Singh  <shawnsingh@chromium.org>

        Hit testing is incorrect in some cases with perspective transforms
        https://bugs.webkit.org/show_bug.cgi?id=79136

        Reviewed by Simon Fraser.

        Tests: transforms/3d/hit-testing/coplanar-with-camera.html
               transforms/3d/hit-testing/perspective-clipped.html

        * platform/graphics/transforms/TransformationMatrix.cpp:
        (WebCore::TransformationMatrix::projectPoint): Fix a
        divide-by-zero error so that values do not become Inf or Nan. Also
        fix an overflow error by using a large, but not-too-large constant
        to represent infinity.

        (WebCore::TransformationMatrix::projectQuad): Fix an error where
        incorrect quads were being returned. Incorrect quads can occur
        when projectPoint clamped==true after returning.

2012-05-09  Caio Marcelo de Oliveira Filho  <caio.oliveira@openbossa.org>

        Simplify CSSParser::parseSimpleLengthValue()
        https://bugs.webkit.org/show_bug.cgi?id=85910

        Reviewed by Alexis Menard.

        Various small improvements to this function, mainly:
        - Move the check if the property ID accepts a simple length as early as possible;
        - Remove the check for the characters{8,16} pointers since they'll be valid (we ASSERT that);
        - Use a template to avoid duplicate code for 8 and 16 bit characters.

        * css/CSSParser.cpp:
        (WebCore):
        (WebCore::parseSimpleLength):
        (WebCore::parseSimpleLengthValue):

2012-05-09  Ami Fischman  <fischman@chromium.org>

        [chromium] Support multiple buffered time ranges
        https://bugs.webkit.org/show_bug.cgi?id=85926

        Reviewed by Eric Carlson.

        Preserve existing rendering of a single rect even in the presence of multiple buffered regions.

        No new tests as this change has no functional effects.

        * rendering/RenderMediaControlsChromium.cpp:
        (WebCore::paintMediaSlider):

2012-05-09  Dana Jansens  <danakj@chromium.org>

        Early-out and avoid any copying when possible for Region operations
        https://bugs.webkit.org/show_bug.cgi?id=85260

        Reviewed by Anders Carlsson.

        For an empty region, any intersection or subtraction will not modify
        the region, so we can simply return instead of creating a new Shape
        and replacing the current empty Shape.

        When a region is united with a region it contains, the orignal
        containing region is the result. So, if A.unite(B) and A.contains(B)
        then A does not need to change at all and we can return without making
        a copy of A's shape. When A is a rect, we can do this test even more
        simply.

        We also remove redundant checks from trySimpleOperation() methods, where
        the test is already done in the Region calling site.

        This change improves the performance of the Region overlap testing for
        composited layers, and allows us to avoid unnecessary copies of the
        Region during unite. With a layout test (attached to bug #81087), that
        creates a Region from the union of 225 composited layers, as well as
        600 overlapping layers above them, this change decreases the running
        time of the test by 3.2% by avoiding a copy of the entire Region for
        each insertion that does not change the resulting Region.

        Unit tests: RegionTest.unite

        * platform/graphics/Region.cpp:
        (WebCore::Region::Shape::UnionOperation::trySimpleOperation):
        (WebCore::Region::Shape::IntersectOperation::trySimpleOperation):
        (WebCore::Region::Shape::SubtractOperation::trySimpleOperation):
        (WebCore::Region::intersect):
        (WebCore::Region::unite):
        (WebCore::Region::subtract):
        * platform/graphics/Region.h:
        (WebCore::Region::isRect):
        (WebCore::Region::Shape::isRect):

2012-05-09  Tommy Widenflycht  <tommyw@google.com>

        MediaStream API: SessionDescription::addCandidate should not crash for malformed input
        https://bugs.webkit.org/show_bug.cgi?id=85988

        Reviewed by Adam Barth.

        Sending null would crash the browser. Added safeguards in both the bindings and the native code.

        Test: fast/mediastream/SessionDescription.html

        * Modules/mediastream/SessionDescription.cpp:
        (WebCore::SessionDescription::addCandidate):
        * Modules/mediastream/SessionDescription.h:
        (SessionDescription):
        * Modules/mediastream/SessionDescription.idl:

2012-05-09  Tommy Widenflycht  <tommyw@google.com>

        MediaStream API: Adding the possibility of port specific information in MediaStreamDescriptor
        https://bugs.webkit.org/show_bug.cgi?id=85794

        Reviewed by Adam Barth.

        To facilitate for ports I have added an ExtraData field that can be used for whatever purpose is needed.

        No behavioral changes.

        * platform/chromium/support/WebMediaStreamDescriptor.cpp:
        (ExtraDataContainer):
        (WebKit::ExtraDataContainer::ExtraDataContainer):
        (WebKit::ExtraDataContainer::extraData):
        (WebKit):
        (WebKit::WebMediaStreamDescriptor::extraData):
        (WebKit::WebMediaStreamDescriptor::setExtraData):
        * platform/mediastream/MediaStreamDescriptor.h:
        (ExtraData):
        (WebCore::MediaStreamDescriptor::ExtraData::~ExtraData):
        (MediaStreamDescriptor):
        (WebCore::MediaStreamDescriptor::extraData):
        (WebCore::MediaStreamDescriptor::setExtraData):

2012-05-09  Takashi Sakamoto  <tasak@google.com>

        Crash in WebCore::RenderBoxModelObject::paddingLeft
        https://bugs.webkit.org/show_bug.cgi?id=83889

        Reviewed by Abhishek Arya.

        RenderScrollbar creates RenderScrollbarPart without any parent
        renderers. However, if the scrollbar has percent padding styles,
        non-null parent renderer is required. So after creating/destroying
        RenderScrollbarPart instances, set owningRenderer(creating)/0
        (destroying) as its parent renderer.

        Test: scrollbars/scrollbar-percent-padding-crash.html
              scrollbars/scrollbar-percent-padding-crash-expected.txt

        * rendering/RenderScrollbar.cpp:
        (WebCore::RenderScrollbar::updateScrollbarPart):
        Added setParent after creating/destroying RenderScrollbarPart.
        * rendering/RenderScrollbarPart.cpp:
        Made RenderScollbar friend, because setParent is protected and
        RenderScrollbar is not inherited from class RenderObject.

2012-05-09  Takashi Sakamoto  <tasak@google.com>

        ShadowRoot needs applyAuthorStyles
        https://bugs.webkit.org/show_bug.cgi?id=78472

        Reviewed by Hajime Morita.

        Implemented applyAuthorStyles attribute defined in the following spec:
        http://dvcs.w3.org/hg/webcomponents/raw-file/tip/spec/shadow/index.html#shadow-root-attributes
        Since applyAuthorSheets attribute has been already implemented,
        renamed all applyAuthorSheets to applyAuthorStyles and
        added applyAuthorStyles to ShadowRoot.idl.
        Currently, changing dynamically applyAuthorStyles doesn't work. I will fix this isse in bugs:84215: https://bugs.webkit.org/show_bug.cgi?id=84251

        Test: fast/dom/shadow/shadow-root-applyAuthorStyles.html
              fast/dom/shadow/shadow-root-applyAuthorStyles-expected.html

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::collectMatchingRulesForList):
        * dom/ShadowRoot.cpp:
        (WebCore::ShadowRoot::ShadowRoot):
        (WebCore::ShadowRoot::applyAuthorStyles):
        (WebCore::ShadowRoot::setApplyAuthorStyles):
        * dom/ShadowRoot.h:
        * dom/TreeScope.cpp:
        (WebCore::TreeScope::applyAuthorStyles):
        * dom/TreeScope.h:
        (TreeScope):
        Changed all applyAuthorSheets to applyAuthorSytles.
        (ShadowRoot):
        * dom/ShadowRoot.idl:
        Added a new attribute, boolean applyAuthorStyles.

2012-05-09  Yoshifumi Inoue  <yosin@chromium.org>

        [Chromium][Forms] HTMLOptionsCollection doesn't have indexed properties on property enumeration
        https://bugs.webkit.org/show_bug.cgi?id=85937

        Reviewed by Kentaro Hara.

        This patch adds numeric indices to properties in enumeration to HTMLOptionsCollection V8 binding
        to changes Objects.keys in ECMAScript5 and for-in statement behavior for compatibility with
        Firefox 12, IE9, Opera 11, and Safari 5.

        Test: fast/forms/select/options-indexed-properties.html

        * bindings/scripts/CodeGeneratorV8.pm:
        (GenerateImplementationIndexer): Set $hasEnumerator true for interface HTMLOptionsCollection

2012-05-09  Shinya Kawanaka  <shinyak@chromium.org>

        Position should be able to have ShadowRoot as a container.
        https://bugs.webkit.org/show_bug.cgi?id=82021

        Reviewed by Ryosuke Niwa.

        Since Position could not take a shadow root as a container node, pointing the direct children
        of a shadow root was difficult.

        This patch makes it enabled, and fixes a lot of crashes caused by that limitation.
        Also, we confirm that ShadowRoot is not exposed to JavaScript layer.

        Currently this change is only enabled if shadow dom flag is enabled, since we cannot
        prove this change does not destroy the existing behavior. However, this change is really required
        to fix other editing bugs in Shadow DOM. A bunch of patches and tests will be added to
        fix other editing bugs and they will check this patch does not break editing.
        We will also add a fuzzer to check the stability of editing in Shadow DOM later, and it will
        also help to confirm the patch will not break the editing.

        Tests: editing/shadow/doubleclick-on-meter-in-shadow-crash.html
               editing/shadow/rightclick-on-meter-in-shadow-crash.html
               editing/shadow/shadow-selection-not-exported.html

        * dom/Position.cpp:
        (WebCore::Position::Position):
        (WebCore::Position::containerNode):
        (WebCore::Position::parentAnchoredEquivalent):
        (WebCore::Position::previous):
        (WebCore::Position::next):
        (WebCore::Position::atStartOfTree):
        (WebCore::Position::atEndOfTree):
        (WebCore::Position::findParent):
        * dom/Position.h:
        (WebCore):
        (WebCore::positionInParentBeforeNode):
        (WebCore::positionInParentAfterNode):

2012-05-09  Zoltan Horvath  <zoltan@webkit.org>

        [Qt] Build fix when using libpng version != 1.2
        https://bugs.webkit.org/show_bug.cgi?id=85614

        Reviewed by Eric Seidel.

        Don't enforce the version of libpng when passing the option to the linker.

        No new tests, no intended functionality change.

        * WebCore.pri:

2012-05-09  Oli Lan  <olilan@chromium.org>

        Add identifying methods for date/time input types.

        This patch adds methods isDateField(), isDateTimeField(), isDateTimeLocalField(),
        isMonthField(), isTimeField() and isWeekField() to InputType and the appropriate
        HTMLInputElement classes, to allow date/time input types to be identified.

        The new methods match the existing methods for types such as email, search and number.

        https://bugs.webkit.org/show_bug.cgi?id=78746

        Reviewed by Kent Tamura.

        A new test WebViewTest.TextInputType has been added in WebKit/chromium/tests that calls
        through to these methods via WebViewImpl.textInputType().

        * html/DateInputType.cpp:
        (WebCore::DateInputType::isDateField):
        (WebCore):
        * html/DateInputType.h:
        (DateInputType):
        * html/DateTimeInputType.cpp:
        (WebCore::DateTimeInputType::isDateTimeField):
        (WebCore):
        * html/DateTimeInputType.h:
        (DateTimeInputType):
        * html/DateTimeLocalInputType.cpp:
        (WebCore::DateTimeLocalInputType::isDateTimeLocalField):
        (WebCore):
        * html/DateTimeLocalInputType.h:
        (DateTimeLocalInputType):
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::isDateField):
        (WebCore):
        (WebCore::HTMLInputElement::isDateTimeField):
        (WebCore::HTMLInputElement::isDateTimeLocalField):
        (WebCore::HTMLInputElement::isMonthField):
        (WebCore::HTMLInputElement::isTimeField):
        (WebCore::HTMLInputElement::isWeekField):
        * html/HTMLInputElement.h:
        (HTMLInputElement):
        * html/InputType.cpp:
        (WebCore::InputType::isDateField):
        (WebCore):
        (WebCore::InputType::isDateTimeField):
        (WebCore::InputType::isDateTimeLocalField):
        (WebCore::InputType::isMonthField):
        (WebCore::InputType::isTimeField):
        (WebCore::InputType::isWeekField):
        * html/InputType.h:
        (InputType):
        * html/MonthInputType.cpp:
        (WebCore::MonthInputType::isMonthField):
        (WebCore):
        * html/MonthInputType.h:
        (MonthInputType):
        * html/TimeInputType.cpp:
        (WebCore::TimeInputType::isTimeField):
        (WebCore):
        * html/TimeInputType.h:
        (TimeInputType):
        * html/WeekInputType.cpp:
        (WebCore::WeekInputType::isWeekField):
        (WebCore):
        * html/WeekInputType.h:
        (WeekInputType):

2012-05-09  Nikolas Zimmermann  <nzimmermann@rim.com>

        REGRESSION(r105057): Infinite loop inside SVGTextLayoutEngine::currentLogicalCharacterMetrics
        https://bugs.webkit.org/show_bug.cgi?id=83405

        Reviewed by Darin Adler.

        Dynamically adding tspans carrying position information in the x/y/dx/dy/rotate lists is broken.
        To avoid mistakes like this in future, simplify the calling code in RenderSVGInlineText and centralize
        the managment of all caches (text positioning element cache / metrics map / layout attributes) in
        RenderSVGText. This avoids the hack in SVGRootInlineBox::computePerCharacterLayoutInformation() which
        called textRoot->rebuildLayoutAttributes(), which was used to fix previous security issues with this code.
        Instead correctly handle destruction of RenderSVGInlineText in RenderSVGText, keeping the m_layoutAttributes
        synchronized with the current state of the render tree. Fixes highcharts problems.

        Tests: svg/text/add-tspan-position-bug.html
               svg/text/modify-tspan-position-bug.html

        * rendering/svg/RenderSVGInline.cpp:
        (WebCore::RenderSVGInline::addChild):
        * rendering/svg/RenderSVGInlineText.cpp:
        (WebCore::RenderSVGInlineText::willBeDestroyed):
        (WebCore::RenderSVGInlineText::setTextInternal):
        (WebCore::RenderSVGInlineText::styleDidChange):
        * rendering/svg/RenderSVGText.cpp:
        (WebCore::recursiveUpdateMetrics):
        (WebCore::RenderSVGText::subtreeChildAdded):
        (WebCore::RenderSVGText::subtreeChildWillBeDestroyed):
        (WebCore::recursiveCollectLayoutAttributes):
        (WebCore::checkLayoutAttributesConsistency):
        (WebCore::RenderSVGText::subtreeChildWasDestroyed):
        (WebCore::RenderSVGText::subtreeStyleChanged):
        (WebCore::RenderSVGText::subtreeTextChanged):
        (WebCore::RenderSVGText::layout):
        (WebCore::RenderSVGText::addChild):
        (WebCore::RenderSVGText::rebuildAllLayoutAttributes):
        (WebCore::RenderSVGText::rebuildLayoutAttributes):
        * rendering/svg/RenderSVGText.h:
        (WebCore::RenderSVGText::layoutAttributes):
        * rendering/svg/SVGRootInlineBox.cpp:
        (WebCore::SVGRootInlineBox::computePerCharacterLayoutInformation):
        * rendering/svg/SVGTextLayoutAttributesBuilder.cpp:
        (WebCore::SVGTextLayoutAttributesBuilder::buildLayoutAttributes):

2012-05-08  Dongwoo Im  <dw.im@samsung.com>

        NavigatorRegisterProtocolHandler can call ChromeClient directly.
        https://bugs.webkit.org/show_bug.cgi?id=85944

        Reviewed by Adam Barth.

        Covered by fast/dom/register-protocol-handler.html

        * page/Chrome.cpp: Remove registerProtocolHandler function.
        * page/Chrome.h: Remove registerProtocolHandler prototype.
        (Chrome):
        * page/NavigatorRegisterProtocolHandler.cpp: Call ChromeClient::registerProtocolHandler directly.
        (WebCore::NavigatorRegisterProtocolHandler::registerProtocolHandler):

2012-05-08  Mario Sanchez Prada  <msanchez@igalia.com>

        Coding style issues present in RenderFrameSet.cpp
        https://bugs.webkit.org/show_bug.cgi?id=85955

        Reviewed by Eric Seidel.

        Just fixed those coding style issues.

        * rendering/RenderFrameSet.cpp:
        (WebCore::RenderFrameSet::GridAxis::resize):
        (WebCore::RenderFrameSet::layOutAxis):
        (WebCore::RenderFrameSet::continueResizing):

2012-05-08  Jon Lee  <jonlee@apple.com>

        Unreviewed build fix.

        * platform/mac/WebCoreSystemInterface.h:

2012-05-08  Jason Liu  <jason.liu@torchmobile.com.cn>

        [BlackBerry] Auth credentials set in private mode are reused in public mode.
        https://bugs.webkit.org/show_bug.cgi?id=84697

        Reviewed by Rob Buis.

        Add setPrivateMode function for CredentialStorage.

        Now, we only save credentials in memory and CredentialBackingStore isn't enabled.
        When we set private mode from on to off, we clear all these temporary credentials.

        We have to change Private Browsing to test, so have to write a manual test case.
        Test: ManualTests/blackberry/http-auth-private-mode-changed.html

        * network/CredentialStorage.cpp:
        (WebCore::CredentialStorage::setPrivateMode):
        (WebCore):
        * platform/network/CredentialStorage.h:
        (CredentialStorage):

2012-05-08  Rakesh KN  <rakesh.kn@motorola.com>

        RadioNodeList support in HTMLFormElement::elements
        https://bugs.webkit.org/show_bug.cgi?id=81854

        Reviewed by Ryosuke Niwa.

        Implement RadioNodeList support spec'ed at
        http://www.whatwg.org/specs/web-apps/current-work/multipage/common-dom-interfaces.html#radionodelist

        Test: fast/forms/form-collection-radio-node-list.html

        * CMakeLists.txt:
        Added entries for new files.
        * DerivedSources.cpp: Ditto.
        * DerivedSources.make: Ditto.
        * DerivedSources.pri: Ditto.
        * GNUmakefile.list.am: Ditto.
        * Target.pri: Ditto.
        * WebCore.gypi: Ditto.
        * WebCore.vcproj/WebCore.vcproj: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * bindings/js/JSHTMLCollectionCustom.cpp:
        (WebCore::getNamedItems):
        Modified to create RadioNodeList object when FormControlCollection has more than
        one element of same name/id.
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        Added code to include Node.h and JSNode.h in JSRadioNodeElement.cpp.
        * bindings/v8/custom/V8HTMLCollectionCustom.cpp:
        (WebCore::getNamedItems):
        Modified to create RadioNodeList object when FormControlCollection has more than
        one element of same name/id.
        * dom/Node.cpp:
        (WebCore::Node::invalidateNodeListsCacheAfterAttributeChanged):
        Invalidate lists even for change in id, type, checked attributes.
        (WebCore::NodeListsNodeData::invalidateCachesThatDependOnAttributes):
        Invalidate radioNodeList cache.
        (WebCore::NodeListsNodeData::isEmpty):
        Changes for radioNodeList.
        (WebCore::Node::radioNodeList):
        Creates if needed a RadioNodeList and adds it to the cache.
        (WebCore::Node::removeCachedRadioNodeList):
        Removes a cached radioNodeList.
        * dom/Node.h: Ditto
        * dom/NodeRareData.h:
        (WebCore):
        (NodeListsNodeData):
        Added radioNodeList list.
        * html/CollectionType.h:
        Added new FormControls type.
        * html/HTMLCollection.cpp:
        (WebCore::HTMLCollection::shouldIncludeChildren):
        (WebCore::HTMLCollection::isAcceptableElement):
        Handle FormControls collection type.
        * html/HTMLFormCollection.cpp:
        (WebCore::HTMLFormCollection::HTMLFormCollection):
        Contruct collection of FormControls type.
        * html/RadioNodeList.cpp: Added.
        (WebCore):
        (WebCore::RadioNodeList::RadioNodeList):
        (WebCore::RadioNodeList::~RadioNodeList):
        (WebCore::toRadioButtonInputElement):
        (WebCore::RadioNodeList::value):
        (WebCore::RadioNodeList::setValue):
        (WebCore::RadioNodeList::nodeMatches):
        * html/RadioNodeList.h: Added.
        (WebCore):
        (RadioNodeList):
        (WebCore::RadioNodeList::create):
        RadioNodeList implementation.
        * html/RadioNodeList.idl: Added.
        Idl for generating RadioNodeList JS/V8 bindings.

2012-05-08  Benjamin Poulain  <bpoulain@apple.com>

        [JSC] Regression: addEventListener() and removeEventListener() raise an exception on missing args
        https://bugs.webkit.org/show_bug.cgi?id=85928

        Reviewed by Geoffrey Garen.

        The functions addEventListener() and removeEventListener() raise an exception if there are missin arguments.
        This behavior breaks existing content.

        This patch change the code generator of JavaScript core to have an exception for addEventListener() and removeEventListener().
        For those function, we do not raise an exception on missin argument.

        This patch does not modify the V8 code generator because such exceptions are already in place there.

        Tests: fast/dom/Window/window-legacy-event-listener.html
               fast/dom/XMLHttpRequest-legacy-event-listener.html
               fast/dom/node-legacy-event-listener.html

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):

2012-05-08  Chris Rogers  <crogers@google.com>

        AudioParam should directly be given context in create() method
        https://bugs.webkit.org/show_bug.cgi?id=85905

        Reviewed by James Robinson.

        No new tests.  This is a low-level re-factoring and is covered by existing tests.

        * Modules/webaudio/AudioBufferSourceNode.cpp:
        (WebCore::AudioBufferSourceNode::AudioBufferSourceNode):
        * Modules/webaudio/AudioGain.h:
        (WebCore::AudioGain::create):
        (WebCore::AudioGain::AudioGain):
        * Modules/webaudio/AudioGainNode.cpp:
        (WebCore::AudioGainNode::AudioGainNode):
        * Modules/webaudio/AudioPannerNode.cpp:
        (WebCore::AudioPannerNode::AudioPannerNode):
        * Modules/webaudio/AudioParam.h:
        (WebCore::AudioParam::create):
        (AudioParam):
        (WebCore::AudioParam::AudioParam):
        * Modules/webaudio/BiquadFilterNode.cpp:
        (WebCore::BiquadFilterNode::BiquadFilterNode):
        * Modules/webaudio/BiquadProcessor.cpp:
        (WebCore::BiquadProcessor::BiquadProcessor):
        * Modules/webaudio/BiquadProcessor.h:
        * Modules/webaudio/DelayNode.cpp:
        (WebCore::DelayNode::DelayNode):
        * Modules/webaudio/DelayProcessor.cpp:
        (WebCore::DelayProcessor::DelayProcessor):
        * Modules/webaudio/DelayProcessor.h:
        (DelayProcessor):
        * Modules/webaudio/DynamicsCompressorNode.cpp:
        (WebCore::DynamicsCompressorNode::DynamicsCompressorNode):
        * Modules/webaudio/Oscillator.cpp:
        (WebCore::Oscillator::Oscillator):

2012-05-08  Dana Jansens  <danakj@chromium.org>

        [chromium] Show borders for partial-draw-culled quads to visualize culling behaviour
        https://bugs.webkit.org/show_bug.cgi?id=85414

        Reviewed by Adrienne Walker.

        The borders are brown, and are only shown when the quad's visible rect
        is non-empty and is different from the quad's original rect.

        Adds a flag to CCQuadCuller constructor, to enable showing debug borders
        around what it leaves after culling (when it culls anything in a quad
        at all).

        * platform/graphics/chromium/cc/CCDrawQuad.h:
        (WebCore::CCDrawQuad::isDebugQuad):
        (WebCore::CCDrawQuad::sharedQuadState):
        (CCDrawQuad):
        * platform/graphics/chromium/cc/CCQuadCuller.cpp:
        (WebCore):
        (WebCore::CCQuadCuller::CCQuadCuller):
        (WebCore::appendQuadInternal):
        (WebCore::CCQuadCuller::append):
        (WebCore::CCQuadCuller::appendSurface):
        (WebCore::CCQuadCuller::appendReplica):
        * platform/graphics/chromium/cc/CCQuadCuller.h:
        (CCQuadCuller):
        * platform/graphics/chromium/cc/CCRenderPass.cpp:
        (WebCore::CCRenderPass::appendQuadsForLayer):
        (WebCore::CCRenderPass::appendQuadsForRenderSurfaceLayer):

2012-05-08  Julien Chaffraix  <jchaffraix@webkit.org>

        Move RenderLayers z-index lists dirtying to post style change
        https://bugs.webkit.org/show_bug.cgi?id=85437

        Reviewed by Darin Adler.

        No expected change in behavior.

        This change moves the z-order lists to RenderLayer::styleChanged. As part of this
        change, also added proper handling of stacking context transition. This enabled
        us to tighten more of the dirtyZOrderLists / clearZOrderLists code.

        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::styleWillChange):
        Removed this code, moved to updateStackingContextsAfterStyleChange.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::RenderLayer):
        Only stacking contexts start with dirty z-order lists.

        (WebCore::RenderLayer::dirtyZOrderLists):
        Added an ASSERT.

        (WebCore::RenderLayer::updateStackingContextsAfterStyleChange):
        Refactored the code to handle the transition between stacking context status.

        (WebCore::RenderLayer::styleChanged):
        Added a call to updateStackingContextsAfterStyleChange.

        * rendering/RenderLayer.h:
        (WebCore::RenderLayer::isStackingContext):
        Added a call to the next function.

        (WebCore::RenderLayer::layerWithStyleIsStackingContext):
        Factored the isStackingContext logic here so that we can reuse it inside
        updateStackingContextsAfterStyleChange.

        (WebCore::RenderLayer::clearZOrderLists):
        Added an ASSERT.

2012-05-08  Abhishek Arya  <inferno@chromium.org>

        Crash due to owning renderer not removed from custom scrollbar.
        https://bugs.webkit.org/show_bug.cgi?id=80610

        Reviewed by Eric Seidel.

        Test: scrollbars/scrollbar-owning-renderer-crash.html

        Changed RenderScrollbar to keep pointer to owning node, instead of the
        renderer. Renderer can get destroyed without informing the scrollbar, causing
        crashes later. Remove code from r94107 since it is not needed anymore and saves
        times when RenderBox is getting destroyed.

        * page/FrameView.cpp:
        (WebCore::FrameView::createScrollbar): pass renderer's node.
        * page/FrameView.h:
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::willBeDestroyed): no longer need this. came originally from r94107.
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::createScrollbar): pass renderer's node.
        (WebCore::RenderLayer::destroyScrollbar): no longer need to clear owning renderer.
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::createScrollbar): pass renderer's node.
        * rendering/RenderMenuList.cpp:
        (WebCore::RenderMenuList::createScrollbar): pass renderer's node.
        * rendering/RenderScrollbar.cpp:
        (WebCore::RenderScrollbar::createCustomScrollbar): Store owner node instead of renderer.
        (WebCore::RenderScrollbar::RenderScrollbar): Store owner node instead of renderer.
        (WebCore::RenderScrollbar::owningRenderer): calculate owning renderer from owner node.
        * rendering/RenderScrollbar.h:
        (RenderScrollbar):
        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::createScrollbar): pass renderer's node.

2012-05-08  Jon Lee  <jonlee@apple.com>

        Safari warns that it needs to resend the form in an iFrame when going back
        https://bugs.webkit.org/show_bug.cgi?id=82658
        <rdar://problem/11292558>

        Reviewed by Darin Adler.

        Test: http/tests/loading/post-in-iframe-with-back-navigation.html

        * WebCore.exp.in: Add _wkCFURLRequestAllowAllPostCaching.
        * platform/mac/WebCoreSystemInterface.h: Add wkCFURLRequestAllowAllPostCaching.
        * platform/mac/WebCoreSystemInterface.mm: Add wkCFURLRequestAllowAllPostCaching.
        * platform/network/cf/ResourceRequestCFNet.cpp:
        (WebCore::ResourceRequest::doUpdatePlatformRequest): Set the bit to cache all POST responses.
        * platform/network/mac/ResourceRequestMac.mm:
        (WebCore::ResourceRequest::doUpdatePlatformRequest): Set the bit to cache all POST responses.

2012-05-08  Dana Jansens  <danakj@chromium.org>

        [chromium] Reflections with masks should not occlude
        https://bugs.webkit.org/show_bug.cgi?id=85927

        Reviewed by James Robinson.

        When a surface does not have a mask, we make both it and its reflection
        occlude the things below them. However, if the reflection has a mask
        applied to it, then we should not consider it as occluding.

        Adds replicaHasMask() to the render surface classes so we can test if
        the mask is present.

        Unit Tests: CCOcclusionTrackerTestReplicaWithMask

        * platform/graphics/chromium/RenderSurfaceChromium.cpp:
        (WebCore::RenderSurfaceChromium::hasMask):
        This is unusued right now, but will allow us to remove a FIXME from
        CCOcclusionTracker::finishedTargetRenderSurface().
        (WebCore):
        (WebCore::RenderSurfaceChromium::replicaHasMask):
        * platform/graphics/chromium/RenderSurfaceChromium.h:
        (RenderSurfaceChromium):
        * platform/graphics/chromium/cc/CCOcclusionTracker.cpp:
        (WebCore::::leaveToTargetRenderSurface):
        * platform/graphics/chromium/cc/CCRenderSurface.cpp:
        (WebCore::CCRenderSurface::hasMask):
        This is unusued right now, but will allow us to remove a FIXME from
        CCOcclusionTracker::finishedTargetRenderSurface().
        (WebCore):
        (WebCore::CCRenderSurface::replicaHasMask):
        * platform/graphics/chromium/cc/CCRenderSurface.h:
        (CCRenderSurface):

2012-05-08  Eric Seidel  <eric@webkit.org>

        Add stylesheet inheritance support to IFRAME_SEAMLESS
        https://bugs.webkit.org/show_bug.cgi?id=85914

        Reviewed by Ojan Vafai.

        This work is already guarded by IFRAME_SEAMLESS, as
        Document::shouldDisplaySeamlesslyWithParent always returns false
        when IFRAME_SEAMLESS is off.

        This makes the child document use all author stylesheets from all parent documents,
        per the seamless spec:
        http://www.whatwg.org/specs/web-apps/current-work/#attr-iframe-seamless

        This support is slightly inefficient as every time a sheet is added
        to a parent document, the child document must do a full style selector recalc.
        Normally author sheet additions have a fast-path which avoids the full selector recalc,
        but such is not possible in the seamless case as we're inserting the parents sheets
        earlier in the child's cascade (instead of just appending them to the end of the list).

        The test covers both the static inheritance as well as addition of a stylesheet
        to the parent and testing that it caused a recalc of the child.

        Covered by fast/frames/seamless/seamless-css-cascade.html

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::StyleResolver):
        (WebCore::StyleResolver::addStylesheetsFromSeamlessParents):
        (WebCore):
        * css/StyleResolver.h:
        (StyleResolver):
        * dom/Document.cpp:
        (WebCore::Document::seamlessParentUpdatedStylesheets):
        (WebCore):
        (WebCore::Document::notifySeamlessChildDocumentsOfStylesheetUpdate):
        (WebCore::Document::updateActiveStylesheets):
        * dom/Document.h:
        (Document):

2012-05-08  Raphael Kubo da Costa  <rakuco@webkit.org>

        [CMake] FindGStreamer: Fix the build with static WebCore.
        https://bugs.webkit.org/show_bug.cgi?id=85930

        Reviewed by Daniel Bates.

        No new tests, build fix.

        Building WebCore statically was failing because files in
        WebCore/platform/gstreamer when ENABLE_VIDEO was set required
        gstreamer-base, which was not being linked to after r116453.

        Fix that by looking for gstreamer-base, requiring and linking
        against it if GStreamer is used.

        * PlatformEfl.cmake: Link to GSTREAMER_LIBRARIES and
        GSTREAMER_BASE_LIBRARIES, and include GSTREAMER_INCLUDE_DIRS and
        GSTREAMER_BASE_INCLUDE_DIRS.

2012-05-08  Raymond Toy  <rtoy@google.com>

        JavaScriptAudioNode should not ASSERT if number of input channels is 0
        https://bugs.webkit.org/show_bug.cgi?id=85818

        Reviewed by Eric Seidel.

        Test: webaudio/javascriptaudionode-zero-input-channels.html

        * Modules/webaudio/JavaScriptAudioNode.cpp:
        (WebCore::JavaScriptAudioNode::process): Update buffersAreGood.
        (WebCore::JavaScriptAudioNode::fireProcessEvent): Remove ASSERT.

2012-05-08  Dana Jansens  <danakj@chromium.org>

        Region reads past end of spans
        https://bugs.webkit.org/show_bug.cgi?id=85909

        Reviewed by Anders Carlsson.

        Region currently checks aSpan == aSpanEnd as the indicator that
        we passed all the spans. When aSpan < aSpanEnd, it uses aSpan+1
        to find the height of the span.

        If aSpan == aSpanEnd - 1, then aSpan+1 == aSpanEnd. This does not
        represent a valid span, since aSpanEnd is past the end of the
        array, not the last element in the array. The loop should terminate
        in this case.

        Checking aSegment != aSegmentEnd is acceptable in the inner loop since
        it increments by two each time (segments come in pairs, while spans
        come in singles).

        Test: RegionTest.ReadPastFullSpanVectorInIntersectsTest

        * platform/graphics/Region.cpp:
        (WebCore::Region::Shape::compareShapes):

2012-05-08  Philip Rogers  <pdr@google.com>

        Prevent crash in animated lists
        https://bugs.webkit.org/show_bug.cgi?id=85382

        Reviewed by Nikolas Zimmermann.

        Animated lists blindly assign the last list value to m_toAtEndOfDurationType
        in SVGAnimationElement::startedActiveInterval. If the last list value's length
        is larger or smaller than the animated "to" length, we crash.

        This change prevents accessing values off the end of toAtEndOfDuration by adding
        a check for this case. It may seem inefficient to perform this check on every
        animation update but the "to" value can change (in cardinality) while animating.

        I checked each of the other animation types (e.g., SVGAnimatedAngle,
        SVGAnimatedBoolean, etc.) and was only able to hit this style of crash
        in the three types modified in this change:
        SVGAnimatedLengthList, SVGAnimatedNumberList, and SVGAnimatedPointList.

        Tests: svg/animations/animate-linear-discrete-additive-b-expected.svg
               svg/animations/animate-linear-discrete-additive-b.svg
               svg/animations/animate-linear-discrete-additive-c-expected.svg
               svg/animations/animate-linear-discrete-additive-c.svg
               svg/animations/animate-linear-discrete-additive-expected.svg
               svg/animations/animate-linear-discrete-additive.svg
               svg/animations/animate-list-crash.svg

        * svg/SVGAnimatedLengthList.cpp:
        (WebCore::SVGAnimatedLengthListAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedNumberList.cpp:
        (WebCore::SVGAnimatedNumberListAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedPointList.cpp:
        (WebCore::SVGAnimatedPointListAnimator::calculateAnimatedValue):

2012-05-08  Rafael Weinstein  <rafaelw@chromium.org>

        HTMLElementStack::hasOnlyHTMLElementsInScope is no longer called
        https://bugs.webkit.org/show_bug.cgi?id=85908

        Reviewed by Eric Seidel.

        This patch just removes the dead code.

        No tests needed. Cleanup only.

        * html/parser/HTMLElementStack.cpp:
        * html/parser/HTMLElementStack.h:
        (HTMLElementStack):

2012-05-08  W. James MacLean  <wjmaclean@chromium.org>

        [chromium] Create LinkHighlightLayerChromium class to provide link-highlight preview animations for GraphicsLayerChromium.
        https://bugs.webkit.org/show_bug.cgi?id=85084

        Reviewed by James Robinson.

        Unit test provided.

        Creates a layer delegate class to provide link highlight animations for link-preview feature.
        These are added to a GraphicsLayerChromium via provided methods. Moves dispensing of animation
        ids into a separate class.

        * WebCore.gypi:
        * platform/graphics/chromium/AnimationIdVendor.cpp: Added.
        (WebCore):
        (WebCore::AnimationIdVendor::getNextAnimationId):
        (WebCore::AnimationIdVendor::getNextGroupId):
        * platform/graphics/chromium/AnimationIdVendor.h: Added.
        (WebCore):
        (AnimationIdVendor):
        * platform/graphics/chromium/GraphicsLayerChromium.cpp:
        (WebCore::GraphicsLayerChromium::willBeDestroyed):
        (WebCore::GraphicsLayerChromium::updateNames):
        (WebCore::GraphicsLayerChromium::addAnimation):
        (WebCore::GraphicsLayerChromium::addLinkHighlight):
        (WebCore):
        (WebCore::GraphicsLayerChromium::didFinishLinkHighlight):
        (WebCore::GraphicsLayerChromium::updateChildList):
        (WebCore::GraphicsLayerChromium::mapAnimationNameToId):
        * platform/graphics/chromium/GraphicsLayerChromium.h:
        (WebCore):
        (GraphicsLayerChromium):
        * platform/graphics/chromium/LinkHighlight.cpp: Added.
        (WebCore):
        (WebCore::LinkHighlight::create):
        (WebCore::LinkHighlight::LinkHighlight):
        (WebCore::LinkHighlight::~LinkHighlight):
        (WebCore::LinkHighlight::contentLayer):
        (WebCore::LinkHighlight::paintContents):
        (WebCore::LinkHighlight::notifyAnimationStarted):
        (WebCore::LinkHighlight::notifyAnimationFinished):
        * platform/graphics/chromium/LinkHighlight.h: Added.
        (WebCore):
        (LinkHighlight):

2012-05-08  Raphael Kubo da Costa  <rakuco@webkit.org>

        [CMake] Rewrite FindGStreamer.cmake.
        https://bugs.webkit.org/show_bug.cgi?id=85857

        Reviewed by Daniel Bates.

        No new tests, build system change.

        We are currently kind of duplicating the same
        FindGStreamer-Foo.cmake file whenever a new GStreamer plugin needs
        to be found. Besides this approach not scaling very well, it
        relies on pkg-config for version checking, uses the LibFindMacros
        package that we should deprecate and all the find files could be
        merged into one, with users using the COMPONENTS feature of the
        FIND_PACKAGE() call to find the desired plugins.

        FindGStreamer.cmake has then been rewritten to take all that into
        account:
        - The LibFindMacros.cmake package is not used anymore.
        - Version check is performed in the CMake file itself by parsing
        the gstversion.h header.
        - All GStreamer plugins are searched and the COMPONENTS keyword
        used in the FIND_PACKAGE() call is used to check which plugins are
        required.
        - The plugins-base and base GStreamer plugins are not searched, as
        they were not used anywhere in the build system.

        * PlatformEfl.cmake: Update GStreamer-related variable names.

2012-05-08  Mikhail Pozdnyakov  <mikhail.pozdnyakov@intel.com>

        [EFL] Handling of numeric-pad keys in EFL's PlatformKeyboardEvent
        https://bugs.webkit.org/show_bug.cgi?id=85479

        Reviewed by Gustavo Noronha Silva.

        EFL's PlatformKeyboardEvent::isKeypad() now returns meaningful value.
        Added numeric-pad keys to the Key Map and Windows Key Map.

        No new tests.

        * platform/efl/EflKeyboardUtilities.cpp:
        (WebCore::createKeyMap):
        (WebCore::createWindowsKeyMap):
        * platform/efl/PlatformKeyboardEventEfl.cpp:
        (WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent):

2012-05-04  Nikolas Zimmermann  <nzimmermann@rim.com>

        Tie lifetime of SVGAnimateElement::m_animatedType to the duration of the animation
        https://bugs.webkit.org/show_bug.cgi?id=85627

        Reviewed by Antti Koivisto.

        Example:
        <rect width="10" height="100">
            <animate attributeName="width" from="10" to="100" begin="2s" dur="4s" fill="remove"/>
        </rect>

        At t=0s the <animate> element receives its first interval: begin=2s, end=6s.
        At this point we've created the 'OwnPtr<SVGAnimatedType> m_animatedType' in
        SVGAnimateElement, which holds the current animated value of the target type.
        In this example it contains a SVGLength with '10' as value at t=0s.

        Calling "rect.width.animVal.value" will return the value currently contained in the
        m_animatedType from the SVGAnimateElement, even though the animation didn't begin
        yet. This is fine, as the animVal equals to the baseVal, as long as no animation is
        running.

        At t=6s you'd expect that the whole 'animVal' object is destructed again, as it's no
        longer needed, as animVal will be equal to baseVal again, but the current code keeps
        the animVal alive, and just resets it to the baseVal. The animVals will be destructed
        once the animate element leaves the tree.

        CSS animations suffer from the same problem, we never remove the animated SMIL properties
        but we only reset them to the base value. This makes integration with CSS Animations and
        CSS Transitions harder, so this needs to be changed.

        This patch starts tracking the start/end of an animation chain properly, to destruct
        the animation effect for non-frozen animations at the end of their duration. This has to
        work properly together with seeking (SVGSVGElement.setCurrentTime), as our testing relies
        on the ability to drive the SMIL timeline from script.

        Tests: svg/animations/list-wrapper-assertion-expected.svg
               svg/animations/list-wrapper-assertion.svg

        * svg/SVGAnimateElement.cpp:
        (WebCore::SVGAnimateElement::resetAnimatedType):
        (WebCore::applyCSSPropertyToTarget):
        (WebCore::removeCSSPropertyFromTarget):
        (WebCore::applyCSSPropertyToTargetAndInstances):
        (WebCore::removeCSSPropertyFromTargetAndInstances):
        (WebCore::notifyTargetAboutAnimValChange):
        (WebCore::notifyTargetAndInstancesAboutAnimValChange):
        (WebCore::SVGAnimateElement::clearAnimatedType):
        (WebCore::SVGAnimateElement::applyResultsToTarget):
        (WebCore::SVGAnimateElement::targetElementWillChange):
        * svg/SVGAnimateElement.h:
        (SVGAnimateElement):
        * svg/SVGAnimateMotionElement.cpp:
        (WebCore::SVGAnimateMotionElement::resetAnimatedType):
        (WebCore::SVGAnimateMotionElement::clearAnimatedType):
        * svg/SVGAnimateMotionElement.h:
        (SVGAnimateMotionElement):
        * svg/SVGAnimationElement.cpp:
        * svg/SVGAnimationElement.h:
        * svg/animation/SMILTimeContainer.cpp:
        (WebCore::SMILTimeContainer::updateAnimations):
        * svg/animation/SVGSMILElement.cpp:
        (WebCore::SVGSMILElement::reset):
        (WebCore::SVGSMILElement::targetElementWillChange):
        (WebCore::SVGSMILElement::determineActiveState):
        (WebCore::SVGSMILElement::progress):
        * svg/animation/SVGSMILElement.h:
        (SVGSMILElement):
        * svg/properties/SVGAnimatedListPropertyTearOff.h:
            Remove svgAttributeChanged() calls from animationEnded/animValDidChange.
            Callers are now required to notify the target about changes. There are cases
            where we want to call animValDidChange without invoking svgAttributeChanged().
            That is supported now.
        (WebCore::SVGAnimatedListPropertyTearOff::animationEnded):
        (WebCore::SVGAnimatedListPropertyTearOff::animValDidChange):
        * svg/properties/SVGAnimatedProperty.h: Ditto.
        (WebCore::SVGAnimatedProperty::commitChange): Add safety guard.
        * svg/properties/SVGAnimatedPropertyTearOff.h: Ditto.
        (WebCore::SVGAnimatedPropertyTearOff::animationEnded):
        (WebCore::SVGAnimatedPropertyTearOff::animValDidChange):
        * svg/properties/SVGAnimatedStaticPropertyTearOff.h: Ditto.
        (WebCore::SVGAnimatedStaticPropertyTearOff::animationEnded):
        (WebCore::SVGAnimatedStaticPropertyTearOff::animValDidChange):

2012-05-08  Ryuan Choi  <ryuan.choi@samsung.com>

        [EFL][DRT]Do not create ScrollbarEfl when mockScrollbar is enabled.
        https://bugs.webkit.org/show_bug.cgi?id=81315

        Reviewed by Chang Shu.

        ScrollbarEfl creates custom scrollbars as separated layer and they are
        not related to ScrollbarTheme.
        So, DRT/Efl creates custom scrollbars on webview which paints mockScrollbar.

        This patch prevents creating custom scrollbars when mockScrollbar is enabled.

        Because DRT/Efl only renders the webview now, expected results are same
        until Bug 79853 is landed.

        * platform/efl/ScrollbarEfl.cpp:
        (Scrollbar::createNativeScrollbar):

2012-05-08  Timothy Hatcher  <timothy@apple.com>

        Fix the SOFT_LINK_STAGED_FRAMEWORK_OPTIONAL macro so it passes the full path to dlopen.

        dyld only considers libraries in the versioned framework path if their install name
        matches the library that it is attempting to load. The path we were passing to
        dlopen lacked the Versions/A component of the path so dyld did not recognize that
        we wanted it to use the staged version if it is newer.

        <rdar://problem/11406517>

        Reviewed by Mark Rowe.

        * platform/mac/SoftLinking.h: Have SOFT_LINK_STAGED_FRAMEWORK_OPTIONAL take the
        framework version as an argument and use it when constructing the path to dlopen.

2012-05-08  Rafael Brandao  <rafael.lobo@openbossa.org>

        Build fix for Qt Snowleopard Release
        https://bugs.webkit.org/show_bug.cgi?id=85895

        Reviewed by Alexis Menard.

        The enum value JSUint8ClampedArray conflicted with the JSUint8ClampedArray class.
        I've added the 'Type' suffix to the enum value to make their names different.

        No new tests needed.

        * bridge/qt/qt_runtime_qt4.cpp:
        (JSC::Bindings::valueRealType):
        (JSC::Bindings::convertValueToQVariant):

2012-05-08  Shezan Baig  <shezbaig.wk@gmail.com>

        offsetLeft broken within CSS3 columns
        https://bugs.webkit.org/show_bug.cgi?id=34875

        Reviewed by Julien Chaffraix.

        Reimplement offsetLeft and offsetTop in terms of a new method called
        'offsetTopLeft'. The new method starts from a reference point (the
        top-left coordinate of a box or inline) and adjusts this reference
        point for columns as we traverse each parent. Note that the reference
        point needs to be adjusted in both dimensions, even though offsetLeft
        and offsetTop return only one of them.

        A new method called 'offsetForColumns' was added to RenderObject. This
        method is similar to adjustForColumns, except that it returns the
        offset instead of modifying a reference. This method is necessary to
        simplify the implementation of offsetTopLeft.

        Tests: fast/block/positioning/offsetLeft-offsetTop-multicolumn-expected.txt
               fast/block/positioning/offsetLeft-offsetTop-multicolumn.html

        * rendering/RenderBox.h:
        (RenderBox):
        Override offsetLeft and offsetTop.
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::offsetLeft):
        Implemented in terms of RenderBoxModelObject::offsetTopLeft, using
        topLeftLocation as startPoint.
        (WebCore::RenderBox::offsetTop):
        Implemented in terms of RenderBoxModelObject::offsetTopLeft, using
        topLeftLocation as startPoint.
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::offsetTopLeft):
        New method to compute offsetLeft and offsetTop simultaneously, and
        adjusting for columns at each parent.
        (WebCore::RenderBoxModelObject::offsetLeft):
        Reimplemented in terms of offsetTopLeft.
        (WebCore::RenderBoxModelObject::offsetTop):
        Reimplemented in terms of offsetTopLeft.
        * rendering/RenderBoxModelObject.h:
        (RenderBoxModelObject):
        Declare new offsetTopLeft method.
        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::offsetLeft):
        Reimplemented in terms of RenderBoxModelObject::offsetTopLeft.
        (WebCore::RenderInline::offsetTop):
        Reimplemented in terms of RenderBoxModelObject::offsetTopLeft.
        * rendering/RenderObject.h:
        (RenderObject):
        (WebCore::RenderObject::offsetForColumns):
        New helper method to simplify implementation of offsetTopLeft.

2012-03-31  Robert Hogan  <robert@webkit.org>

        CSS 2.1 failure: first-letter-nested-004.htm fails
        https://bugs.webkit.org/show_bug.cgi?id=72987

        Reviewed by Eric Seidel.

        When styling first-letter check each sibling and drill into its inlines until we find either (i) a text node 
        that is not all whitespace, or (ii) a line break.

        This makes our rendering of the following tests compatible with FF and Opera. Our current behaviour is also conformant
        since the spec allows UAs to style just one element:
            css2.1/20110323/first-letter-quote-002.htm
            css2.1/20110323/first-letter-quote-003.htm
            css2.1/20110323/first-letter-quote-004.htm
            css2.1/20110323/first-letter-quote-005.htm

        This fixes the following two tests. We now drill into the descendants of an element styled with :first-letter looking
        for text to style:
            css2.1/20110323/first-letter-nested-004.htm
            css2.1/20110323/first-letter-nested-006.htm

        This patch changes our rendering of first-letter-dynamic-001.htm as we now render adjacent quotes in the second line as 
        green. This is consistent with the spec, which allows this behaviour but does not require it. It's the 'right' behaviour
        since it is consistent with the rendering of such quotes in a single element with :first-letter style.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::findLastObjectWithFirstLetterText): Iterate through the child's siblings looking for the last
          object to be styled :first-letter.
        (WebCore::RenderBlock::findLastObjectAfterFirstLetterPunctuation): Style any leading punctuation as first-letter, drill
          down into the child's descendants looking for text if necessary.
        (WebCore::RenderBlock::updateFirstLetter): Refactor to drill into sibling's children looking for inlines
         that should be styled as first-letter.
        (WebCore::RenderBlock::addFirstLetter): Split out from updateFirstLetter so that it can be used when a
         descendant node inside a sibling is found in findLastObjectWithFirstLetterText() needs to be styled as first-letter.
        * rendering/RenderBlock.h:

2012-05-08  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r116402.
        http://trac.webkit.org/changeset/116402
        https://bugs.webkit.org/show_bug.cgi?id=85898

        Caused a 3% regression on Chromium's bloat-http test on Linux
        (Requested by ojan_gardening on #webkit).

        * WebCore.exp.in:
        * bindings/v8/RetainedDOMInfo.cpp:
        * dom/ContainerNode.h:
        * dom/Node.cpp:
        (WebCore::Node::traverseNextNode):
        (WebCore):
        (WebCore::Node::traverseNextSibling):
        * dom/Node.h:
        (Node):

2012-05-08  Hironori Bono  <hbono@chromium.org>

        [Chromium] Fix the position of an RTL resizer
        https://bugs.webkit.org/show_bug.cgi?id=80640

        Reviewed by Tony Chang.

        When rendering an RTL resizer, my r110073 renders it at the same position as the
        one used for rendering a LTR resizer. Unfortunately, this code renders the RTL
        resizer image at an incorrect position on Mac and Linux. This change uses the
        correct formula to calculate the position of an RTL resizer.

        Test: platform/chromium/scrollbars/rtl-resizer-position.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::drawPlatformResizerImage):

2012-05-08  Andreas Kling  <kling@webkit.org>

        Element: isURLAttribute() should take a const Attribute&.
        <http://webkit.org/b/85890>

        Reviewed by Anders Carlsson.

        Change isURLAttribute(Attribute*) to isURLAttribute(const Attribute&) to enforce
        the fact that the Attribute can't be null, and shouldn't be mutated, at compile-time.
        Also sprinkle OVERRIDE while we're at it.

        * dom/Element.cpp:
        (WebCore::Element::getURLAttribute):
        (WebCore::Element::getNonEmptyURLAttribute):
        * dom/Element.h:
        (WebCore::Element::isURLAttribute):
        * editing/MarkupAccumulator.cpp:
        (WebCore::MarkupAccumulator::appendQuotedURLAttributeValue):
        (WebCore::MarkupAccumulator::appendAttribute):
        * editing/markup.cpp:
        (WebCore::completeURLs):
        * html/HTMLAnchorElement.cpp:
        (WebCore::HTMLAnchorElement::isURLAttribute):
        * html/HTMLAnchorElement.h:
        * html/HTMLBaseElement.cpp:
        (WebCore::HTMLBaseElement::isURLAttribute):
        * html/HTMLBaseElement.h:
        * html/HTMLBodyElement.cpp:
        (WebCore::HTMLBodyElement::isURLAttribute):
        * html/HTMLBodyElement.h:
        * html/HTMLButtonElement.cpp:
        (WebCore::HTMLButtonElement::isURLAttribute):
        * html/HTMLButtonElement.h:
        * html/HTMLElement.cpp:
        (WebCore::HTMLElement::isURLAttribute):
        * html/HTMLElement.h:
        * html/HTMLEmbedElement.cpp:
        (WebCore::HTMLEmbedElement::isURLAttribute):
        * html/HTMLEmbedElement.h:
        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::isURLAttribute):
        * html/HTMLFormElement.h:
        * html/HTMLFrameElementBase.cpp:
        (WebCore::HTMLFrameElementBase::isURLAttribute):
        * html/HTMLFrameElementBase.h:
        (HTMLFrameElementBase):
        * html/HTMLHtmlElement.cpp:
        (WebCore::HTMLHtmlElement::isURLAttribute):
        * html/HTMLHtmlElement.h:
        * html/HTMLImageElement.cpp:
        (WebCore::HTMLImageElement::isURLAttribute):
        * html/HTMLImageElement.h:
        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::isURLAttribute):
        * html/HTMLInputElement.h:
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::isURLAttribute):
        * html/HTMLLinkElement.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::isURLAttribute):
        * html/HTMLMediaElement.h:
        * html/HTMLModElement.cpp:
        (WebCore::HTMLModElement::isURLAttribute):
        * html/HTMLModElement.h:
        * html/HTMLObjectElement.cpp:
        (WebCore::HTMLObjectElement::isURLAttribute):
        * html/HTMLObjectElement.h:
        * html/HTMLParamElement.cpp:
        (WebCore::HTMLParamElement::isURLAttribute):
        * html/HTMLParamElement.h:
        * html/HTMLQuoteElement.cpp:
        (WebCore::HTMLQuoteElement::isURLAttribute):
        * html/HTMLQuoteElement.h:
        * html/HTMLScriptElement.cpp:
        (WebCore::HTMLScriptElement::isURLAttribute):
        * html/HTMLScriptElement.h:
        * html/HTMLSourceElement.cpp:
        (WebCore::HTMLSourceElement::isURLAttribute):
        * html/HTMLSourceElement.h:
        * html/HTMLTableCellElement.cpp:
        (WebCore::HTMLTableCellElement::isURLAttribute):
        * html/HTMLTableCellElement.h:
        * html/HTMLTableElement.cpp:
        (WebCore::HTMLTableElement::isURLAttribute):
        * html/HTMLTableElement.h:
        * html/HTMLTrackElement.cpp:
        (WebCore::HTMLTrackElement::isURLAttribute):
        * html/HTMLTrackElement.h:
        * html/HTMLVideoElement.cpp:
        (WebCore::HTMLVideoElement::isURLAttribute):
        * html/HTMLVideoElement.h:
        * svg/SVGScriptElement.cpp:
        (WebCore::SVGScriptElement::isURLAttribute):
        * svg/SVGScriptElement.h:

2012-05-08  Stephen Chenney  <schenney@chromium.org>

        Shrink ElementAttributeData by factoring out Attr object count.
        https://bugs.webkit.org/show_bug.cgi?id=85825

        Unreviewed build fix.

        * dom/ElementAttributeData.cpp:
        (WebCore::attrListForElement): Was returning false instead of 0 for a pointer value. Now returns 0.

2012-05-08  Andreas Kling  <kling@webkit.org>

        Element: Merge idAttributeChanged() into attributeChanged().
        <http://webkit.org/b/85885>

        Reviewed by Antti Koivisto.

        No new tests, code churn only.

        * dom/Element.h:
        * dom/Element.cpp:
        (WebCore::Element::attributeChanged): There's no need for this to be a standalone function anymore.

2012-05-08  Andreas Kling  <kling@webkit.org>

        Shrink ElementAttributeData by factoring out Attr object count.
        <http://webkit.org/b/85825>

        Reviewed by Antti Koivisto.

        Stop tracking the number of Attr objects that point to a given Element on the
        Element itself and manage this by having a global hashmap of Element => AttrList,
        where AttrList is a vector of (pointers to) the associated Attr objects.

        This shrinks ElementAttributeData by one integer, effectively reducing memory
        consumption by ~530kB when viewing the full HTML5 spec at <http://whatwg.org/c>.

        * dom/ElementAttributeData.h:
        (ElementAttributeData):

            Remove m_attrCount...

        * dom/Node.h:
        (WebCore::Node::hasAttrList):
        (WebCore::Node::setHasAttrList):
        (WebCore::Node::clearHasAttrList):

            ...replacing it with a Node flag that tells us whether there's an Attr
            object map for this Node (only applies to Elements.)

        * dom/ElementAttributeData.cpp:
        (WebCore::attrListMap):
        (WebCore::attrListForElement):
        (WebCore::ensureAttrListForElement):
        (WebCore::removeAttrListForElement):
        (WebCore::ElementAttributeData::attrIfExists):
        (WebCore::ElementAttributeData::ensureAttr):
        (WebCore::ElementAttributeData::setAttr):
        (WebCore::ElementAttributeData::removeAttr):
        (WebCore::ElementAttributeData::detachAttributesFromElement):

            Map Element => per-Element AttrList in a global hash.

2012-05-08  Chris Guan  <chris.guan@torchmobile.com.cn>

        [Blackberry] remove m_isRequestedByPlugin in ResourceRequest
        https://bugs.webkit.org/show_bug.cgi?id=84559

        Reviewed by Antonio Gomes.

        ResourceRequest is a network level abstraction, and it should
        not know anything about web concepts such as plug-ins, and Blackberry
        does not need m_isRequestedByPlugin any longer, So clean up all related
        code.

        Tested on a website of http://edition.cnn.com, a new window should be
        opened only when user has a singe tap gesture on a plugin element.

        * platform/network/blackberry/ResourceRequest.h:
        (WebCore::ResourceRequest::ResourceRequest):
        (ResourceRequest):
        (CrossThreadResourceRequestData):
        * platform/network/blackberry/ResourceRequestBlackBerry.cpp:
        (WebCore::ResourceRequest::doPlatformCopyData):
        (WebCore::ResourceRequest::doPlatformAdopt):

2012-05-03  Alexander Pavlov  <apavlov@chromium.org>

        Extra line-breaks added when copying from source.
        https://bugs.webkit.org/show_bug.cgi?id=85282

        Reviewed by Ryosuke Niwa.

        The code used to replace any \n by \r\n, even the one that had a preceding \r, resulting in \r\r\n.
        This change introduces a check for the preceding \r when replacing \n's.

        Test: platform/win/editing/pasteboard/pasting-crlf-isnt-translated-to-crcrlf-win.html

        * platform/chromium/ClipboardUtilitiesChromium.cpp:
        (WebCore::replaceNewlinesWithWindowsStyleNewlines):
        * platform/win/ClipboardUtilitiesWin.cpp:
        (WebCore::replaceNewlinesWithWindowsStyleNewlines):

2012-05-08  Adam Barth  <abarth@webkit.org>

        OS(ANDROID) JNI AttachCurrentThread take JNIEnv** as a parameter, not void**
        https://bugs.webkit.org/show_bug.cgi?id=85869

        Reviewed by Eric Seidel.

        According to
        http://docs.oracle.com/javase/1.5.0/docs/guide/jni/spec/invocation.html,
        AttachCurrentThread takes a JNIEnv** rather than a void**.  Apparently,
        most implementations actually take a void**.  The OS(ANDROID)
        implementation, however, actually takes an JNIEnv**.  This patch
        introduces a typedef to give each implementation what it desires.

        * bridge/jni/JNIUtility.cpp:
        (JSC::Bindings::getJNIEnv):

2012-05-08  Balazs Kelemen  <kbalazs@webkit.org>

        [Qt] X11 plugins need to be reworked for Qt5+WK1
        https://bugs.webkit.org/show_bug.cgi?id=80691

        Reviewed by Simon Hausmann.

        Implement basic windowless plugin support with Qt5.
        The solution is the same that has been chosen for
        WebKit2. We get the content drawed by the plugin
        from the X server as an image, create a QImage
        from it and paint it to the window surface with QPainter.
        Performance is sufficient for basic video playback.

        No new tests, covered by existing plugin tests.

        * Target.pri:
        * WebCore.pri:
        * platform/qt/QWebPageClient.h:
        (QWebPageClient):
        * plugins/PluginView.h:
        (PluginView):
        * plugins/qt/PluginPackageQt.cpp:
        (WebCore::PluginPackage::isPluginBlacklisted):
        Blacklist plugins that are incompatible with Qt5.
        The only one I know about currently is skypebuttons
        but the list can be extended in the future.
        (WebCore):
        (WebCore::PluginPackage::load):
        * plugins/qt/PluginViewQt.cpp:
        (X11Environment):
        (WebCore):
        (WebCore::x11Display):
        (WebCore::x11Screen):
        (WebCore::rootWindowID):
        (WebCore::displayDepth):
        (WebCore::syncX):
        (WebCore::PluginView::platformPageClient): Added a safe
        convenience getter for the QWebpageClient.
        (WebCore::PluginView::updatePluginWidget):
        (WebCore::PluginView::setFocus):
        (WebCore::setupGraphicsExposeEvent):
        (WebCore::PluginView::paintUsingXPixmap):
        (WebCore::setSharedXEventFields):
        (WebCore::PluginView::initXEvent):
        (WebCore::PluginView::setXKeyEventSpecificFields):
        (WebCore::setXButtonEventSpecificFields):
        (WebCore::setXMotionEventSpecificFields):
        (WebCore::setXCrossingEventSpecificFields):
        (WebCore::PluginView::setNPWindowIfNeeded):
        (WebCore::PluginView::setParentVisible):
        (WebCore::PluginView::platformGetValue):
        (WebCore::PluginView::invalidateRect):
        (WebCore::getVisualAndColormap):
        Refactored this function to make it more clear
        what does it actually do.
        (WebCore::PluginView::platformStart):
        (WebCore::PluginView::platformDestroy):

2012-05-07  Antti Koivisto  <antti@apple.com>

        Inline Node::traverseNextNode
        https://bugs.webkit.org/show_bug.cgi?id=85844

        Reviewed by Ryosuke Niwa.

        Inline traverseNextNode and traverseNextSibling to reduce entry/exit overhead and allow better code generation
        for many hot loops. Also added separate versions of stayWithin and unscoped cases (the function is
        so simple that this seemed like the cleanest way to do it, the most reliable too) and used UNLIKELY for the 
        end-of-traversal conditions.
        
        The traversal function can show up to ~1% in normal page loading profiles.
        
        run-perf-tests seems to think this is a progression in some subtests though bots will tell for certain.

        * WebCore.exp.in:
        * dom/ContainerNode.h:
        
            Following the existing pattern, function bodies go to ContainerNode.h so they can call parentNode().
            (which returns ContainerNode, not Node).

        (WebCore::Node::traverseNextNode):
        (WebCore):
        (WebCore::Node::traverseNextSibling):
        * dom/Node.cpp:
        (WebCore):
        * dom/Node.h:
        (Node):

2012-05-05  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: make JavaScriptSourceFrame use breakpoint manager's breakpoints store.
        https://bugs.webkit.org/show_bug.cgi?id=85714

        Reviewed by Yury Semikhatsky.

        It is currently using its own copy of breakpoints which is not necessary.

        * inspector/front-end/BreakpointManager.js:
        (WebInspector.BreakpointManager):
        (WebInspector.BreakpointManager.prototype.restoreBreakpoints):
        (WebInspector.BreakpointManager.prototype.setBreakpoint):
        (WebInspector.BreakpointManager.prototype._innerSetBreakpoint):
        (WebInspector.BreakpointManager.prototype.findBreakpoint):
        (WebInspector.BreakpointManager.prototype.reset):
        (WebInspector.BreakpointManager.prototype._debuggerReset):
        (WebInspector.BreakpointManager.prototype._breakpointResolved):
        (WebInspector.BreakpointManager.prototype._uiLocationAdded):
        (WebInspector.BreakpointManager.prototype._uiLocationRemoved):
        (WebInspector.BreakpointManager.Breakpoint.prototype._breakpointStorageId):
        (WebInspector.BreakpointManager.Storage.prototype._restoreBreakpoints):
        (set WebInspector.BreakpointManager.Storage.Item):
        * inspector/front-end/JavaScriptSource.js:
        (WebInspector.JavaScriptSource.prototype.consoleMessagesCleared):
        (WebInspector.JavaScriptSource.prototype.breakpointStorageId):
        * inspector/front-end/JavaScriptSourceFrame.js:
        (WebInspector.JavaScriptSourceFrame):
        (WebInspector.JavaScriptSourceFrame.prototype._onContentChanged):
        (WebInspector.JavaScriptSourceFrame.prototype.populateLineGutterContextMenu):
        (WebInspector.JavaScriptSourceFrame.prototype.beforeTextChanged):
        (WebInspector.JavaScriptSourceFrame.prototype._onMouseDown):
        (WebInspector.JavaScriptSourceFrame.prototype._breakpointAdded):
        (WebInspector.JavaScriptSourceFrame.prototype._breakpointRemoved):
        (WebInspector.JavaScriptSourceFrame.prototype.onTextViewerContentLoaded):
        (WebInspector.JavaScriptSourceFrame.prototype._continueToLine):
        (WebInspector.JavaScriptSourceFrame.prototype._updateBreakpointsAfterLiveEdit):

2012-05-07  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: do not create locations for resolved provisional breakpoints
        https://bugs.webkit.org/show_bug.cgi?id=85716

        Reviewed by Yury Semikhatsky.

        Marked provisional breakpoints as such.

        * inspector/front-end/BreakpointManager.js:
        (WebInspector.BreakpointManager.prototype._debuggerReset):
        (WebInspector.BreakpointManager.prototype._breakpointResolved):

2012-05-07  Simon Fraser  <simon.fraser@apple.com>

        Compositing layers with transformed children not large enough to show contents
        https://bugs.webkit.org/show_bug.cgi?id=85855

        Reviewed by Dan Bernstein.
        
        r114518 added a code path to RenderLayer::calculateLayerBounds() which
        does an early return if the layer has clipping. However, this code
        path omitted to take local transforms into account.
        
        Fix is to handle transforms as we do in the non-clipped case.

        Test: compositing/geometry/bounds-clipped-composited-child.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateLayerBounds):

2012-05-07  Scott Graham  <scottmg@chromium.org>

        Fix signed/unsigned mismatch
        https://bugs.webkit.org/show_bug.cgi?id=85845

        Make literal in assert be unsigned to match comparison on LHS. Avoids
        warning on Windows.

        Reviewed by Eric Seidel.

        No new tests. No intended functionality change.

        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::splitColumn):

2012-05-07  Emil A Eklund  <eae@chromium.org>

        Fix performance regression for floats caused by LayoutUnit change
        https://bugs.webkit.org/show_bug.cgi?id=85834

        Reviewed by Eric Seidel.

        Fix performance regression caused by r116009 by disabling the use of
        64bit math in FractionalLayoutUnit, simplifying the pixelSnappedMaxX/Y
        math, inlining a couple of methods and replacing the literal 0 (zero)
        with ZERO_LAYOUT_UNIT.

        No new tests, no change in functionality.

        * platform/FractionalLayoutUnit.h:
        (WebCore::boundedMultiply):
        (WebCore::operator*):
        (WebCore::operator/):
        Disable the use of 64bit (long long) math in the case where the fraction
        is set to 1.
        
        * platform/graphics/FractionalLayoutRect.h:
        (WebCore::FractionalLayoutRect::pixelSnappedMaxX):
        (WebCore::FractionalLayoutRect::pixelSnappedMaxY):
        Simplify the pixel snapping logic for maxX/maxY.
        
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::isSelfCollapsingBlock):
        (WebCore::RenderBlock::layoutBlock):
        (WebCore::RenderBlock::computeOverflow):
        (WebCore::RenderBlock::clearFloatsIfNeeded):
        (WebCore::RenderBlock::paintChildren):
        (WebCore::RenderBlock::blockSelectionGap):
        (WebCore::RenderBlock::logicalLeftSelectionGap):
        (WebCore::RenderBlock::logicalRightSelectionGap):
        (WebCore::RenderBlock::computeLogicalLocationForFloat):
        (WebCore::RenderBlock::lowestFloatLogicalBottom):
        (WebCore::RenderBlock::getClearDelta):
        (WebCore::RenderBlock::computeBlockPreferredLogicalWidths):
        (WebCore::RenderBlock::addFocusRingRects):
        (WebCore::RenderBlock::adjustLinePositionForPagination):
        * rendering/RenderBlock.h:
        (WebCore::RenderBlock::availableLogicalWidthForLine):
        (WebCore::RenderBlock::availableLogicalWidthForContent):
        (WebCore::RenderBlock::FloatingObject::x):
        (WebCore::RenderBlock::FloatingObject::maxX):
        (WebCore::RenderBlock::FloatingObject::y):
        (WebCore::RenderBlock::FloatingObject::maxY):
        (WebCore::RenderBlock::FloatingObject::width):
        (WebCore::RenderBlock::FloatingObject::height):
        (FloatingObject):
        (WebCore::RenderBlock::FloatingObject::pixelSnappedX):
        (WebCore::RenderBlock::FloatingObject::pixelSnappedMaxX):
        (WebCore::RenderBlock::FloatingObject::pixelSnappedY):
        (WebCore::RenderBlock::FloatingObject::pixelSnappedMaxY):
        (WebCore::RenderBlock::FloatingObject::pixelSnappedWidth):
        (WebCore::RenderBlock::FloatingObject::pixelSnappedHeight):
        (WebCore::RenderBlock::RenderBlockRareData::positiveMarginBeforeDefault):
        (WebCore::RenderBlock::RenderBlockRareData::negativeMarginBeforeDefault):
        (WebCore::RenderBlock::RenderBlockRareData::positiveMarginAfterDefault):
        (WebCore::RenderBlock::RenderBlockRareData::negativeMarginAfterDefault):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::accumulateRelativePositionOffsets):
        (WebCore::RenderBoxModelObject::offsetLeft):
        (WebCore::RenderBoxModelObject::offsetTop):
        (WebCore::RenderBoxModelObject::computedCSSPaddingTop):
        (WebCore::RenderBoxModelObject::computedCSSPaddingBottom):
        (WebCore::RenderBoxModelObject::computedCSSPaddingLeft):
        (WebCore::RenderBoxModelObject::computedCSSPaddingRight):
        (WebCore::RenderBoxModelObject::computedCSSPaddingBefore):
        (WebCore::RenderBoxModelObject::computedCSSPaddingAfter):
        (WebCore::RenderBoxModelObject::computedCSSPaddingStart):
        (WebCore::RenderBoxModelObject::computedCSSPaddingEnd):

2012-05-07  Dongwoo Im  <dw.im@samsung.com>

        width/height attributes of input element cannot be accessed by JavaScript.
        https://bugs.webkit.org/show_bug.cgi?id=70304

        Reviewed by Darin Adler.

        If the type of input element is image button, width/height attributes should be supported.
        These attributes are defined in HTML5 spec.
        http://www.w3.org/TR/html5/the-map-element.html#attr-dim-width

        Tests: fast/forms/input-width-height-attributes-without-renderer-loaded-image.html
               fast/forms/input-width-height-attributes-without-renderer-not-loaded-image.html
               fast/forms/input-width-height-attributes-without-renderer.html
               fast/forms/input-width-height-attributes.html

        * html/HTMLInputElement.cpp: Add setter/getter functions to query/set width/height of input element.
        (WebCore):
        (WebCore::HTMLInputElement::height): Gets height of input element.
        (WebCore::HTMLInputElement::width): Gets width of input element.
        (WebCore::HTMLInputElement::setHeight): Sets height of input element.
        (WebCore::HTMLInputElement::setWidth): Sets width of input element.
        * html/HTMLInputElement.h: Add public prototype.
        (HTMLInputElement):
        * html/HTMLInputElement.idl: Add width/height attributes.
        * html/ImageInputType.cpp: Add getter functions if the element is an image button.
        (WebCore):
        (WebCore::ImageInputType::height): Gets height of input element.
        (WebCore::ImageInputType::width): Gets width of input element.
        * html/ImageInputType.h: Add prototype.
        (ImageInputType):
        * html/InputType.cpp: Add getter functions.
        (WebCore::InputType::height): Returns zero.
        (WebCore):
        (WebCore::InputType::width): Returns zero.
        * html/InputType.h: Add prototype.
        (InputType):

2012-05-07  Kinuko Yasuda  <kinuko@chromium.org>

        Support cross-filesystem operations in FileSystem API
        https://bugs.webkit.org/show_bug.cgi?id=84135

        Reviewed by David Levin.

        Currently we pass Entry's fullPath to AsyncFileSystem layer where
        we convert the given path to filesystem URL which includes origin and
        filesystem type information, but in that way we cannot handle
        cross-filesystem operations (e.g. cross-filesystem copy and move)
        well since we end up with always attaching the source filesystem's
        origin and type information for argument paths.

        This patch does:
        - change AsyncFileSystem's operation methods not to take entry paths
          but complete filesystem URLs.
        - move type and rootURL information from AsyncFileSystem instance into
          DOMFileSystemBase instance (platform layer to Modules/filesystem layer)
        - move filesystem-type related code in AsyncFileSystemChromium.cpp into
          DOMFileSystemChromium.cpp, which implements chromioum-specific
          DOMFileSystem code.
        - move platform/FileSystemType.h into Modules/filesystem/FileSystemType.h.
        - adding FileSystemType.h entry to build files (e.g. WebCore.gypi, WebCore.xcodeproj etc)

        Test: fast/filesystem/cross-filesystem-op.html

        * Modules/filesystem/DOMFileSystem.cpp:
        (WebCore::DOMFileSystem::create):
        (WebCore::DOMFileSystem::DOMFileSystem):
        (WebCore::DOMFileSystem::createWriter):
        (WebCore::DOMFileSystem::createFile):
        * Modules/filesystem/DOMFileSystem.h:
        * Modules/filesystem/DOMFileSystemBase.cpp:
        (WebCore::DOMFileSystemBase::DOMFileSystemBase):
        (WebCore::DOMFileSystemBase::createFileSystemURL): Added as an internal
        implementation of Entry.toURL().
        (WebCore::DOMFileSystemBase::getMetadata):
        (WebCore::verifyAndGetDestinationPathForCopyOrMove):
        (WebCore::DOMFileSystemBase::move):
        (WebCore::DOMFileSystemBase::copy):
        (WebCore::DOMFileSystemBase::remove):
        (WebCore::DOMFileSystemBase::removeRecursively):
        (WebCore::DOMFileSystemBase::getParent):
        (WebCore::DOMFileSystemBase::getFile):
        (WebCore::DOMFileSystemBase::getDirectory):
        (WebCore::DOMFileSystemBase::readDirectory):
        * Modules/filesystem/DOMFileSystemBase.h: Changed to make each
        DOMFileSystemBase instance have filesystem type and rootURL (they were
        held by AsyncFileSystem previously)
        (WebCore::DOMFileSystemBase::create): Changed to take additional parameters.
        (WebCore::DOMFileSystemBase::type): Added.(Moved from AsyncFileSystem::type)
        (WebCore::DOMFileSystemBase::rootURL): Added.(Moved from AsyncFileSystem::rootURL).
        * Modules/filesystem/DOMFileSystemSync.cpp:
        (WebCore::DOMFileSystemSync::create):
        (WebCore::DOMFileSystemSync::DOMFileSystemSync):
        (WebCore::DOMFileSystemSync::createFile):
        (WebCore::DOMFileSystemSync::createWriter):
        * Modules/filesystem/DOMFileSystemSync.h:
        (WebCore::DOMFileSystemSync::create):
        * Modules/filesystem/DOMWindowFileSystem.cpp:
        (WebCore::DOMWindowFileSystem::webkitRequestFileSystem):
        (WebCore::DOMWindowFileSystem::webkitResolveLocalFileSystemURL):
        * Modules/filesystem/EntryBase.cpp:
        (WebCore::EntryBase::toURL):
        * Modules/filesystem/FileSystemCallbacks.cpp:
        (WebCore::FileSystemCallbacks::create):
        (WebCore::FileSystemCallbacks::FileSystemCallbacks):
        (WebCore::FileSystemCallbacks::didOpenFileSystem):
        (WebCore::ResolveURICallbacks::create):
        (WebCore::ResolveURICallbacks::ResolveURICallbacks):
        (WebCore::ResolveURICallbacks::didOpenFileSystem):
        * Modules/filesystem/FileSystemCallbacks.h:
        (FileSystemCallbacks):
        (ResolveURICallbacks):
        * Modules/filesystem/FileSystemType.h: Renamed from Source/WebCore/platform/FileSystemType.h.
        * Modules/filesystem/LocalFileSystem.cpp:
        (WebCore::openFileSystem):
        (WebCore::LocalFileSystem::readFileSystem):
        (WebCore::LocalFileSystem::requestFileSystem):
        * Modules/filesystem/LocalFileSystem.h:
        * Modules/filesystem/WorkerContextFileSystem.cpp:
        (WebCore::WorkerContextFileSystem::webkitRequestFileSystem):
        (WebCore::WorkerContextFileSystem::webkitRequestFileSystemSync):
        (WebCore::WorkerContextFileSystem::webkitResolveLocalFileSystemURL):
        (WebCore::WorkerContextFileSystem::webkitResolveLocalFileSystemSyncURL):
        * Modules/filesystem/chromium/DOMFileSystemChromium.cpp: Added for chromium-specific
        implementation. Almost all of the code is moved from AsyncFileSystemChromium.
        (WebCore::DOMFileSystemBase::isValidType):
        (WebCore::DOMFileSystemBase::crackFileSystemURL):
        (WebCore::DOMFileSystemBase::supportsToURL):
        (WebCore::DOMFileSystemBase::createFileSystemURL):
        (WebCore::DOMFileSystemChromium::createIsolatedFileSystem):
        * Modules/filesystem/chromium/DOMFileSystemChromium.h: Added.
        * Modules/filesystem/chromium/DataTransferItemFileSystemChromium.cpp:
        (WebCore::DataTransferItemFileSystem::webkitGetAsEntry):
        * Modules/filesystem/chromium/DraggedIsolatedFileSystem.cpp:
        (WebCore::DraggedIsolatedFileSystem::getDOMFileSystem):
        * WebCore.gypi:
        * platform/AsyncFileSystem.cpp:
        (WebCore::AsyncFileSystem::openFileSystem):
        * platform/AsyncFileSystem.h:
        (AsyncFileSystem):
        (WebCore::AsyncFileSystem::AsyncFileSystem):
        * platform/AsyncFileSystemCallbacks.h:
        (WebCore::AsyncFileSystemCallbacks::didOpenFileSystem):
        * platform/blackberry/AsyncFileSystemBlackBerry.cpp:
        (WebCore::AsyncFileSystem::create):
        (WebCore::AsyncFileSystem::openFileSystem):
        (WebCore::AsyncFileSystemBlackBerry::AsyncFileSystemBlackBerry):
        (WebCore::AsyncFileSystemBlackBerry::move):
        (WebCore::AsyncFileSystemBlackBerry::copy):
        (WebCore::AsyncFileSystemBlackBerry::remove):
        (WebCore::AsyncFileSystemBlackBerry::removeRecursively):
        (WebCore::AsyncFileSystemBlackBerry::readMetadata):
        (WebCore::AsyncFileSystemBlackBerry::createFile):
        (WebCore::AsyncFileSystemBlackBerry::createDirectory):
        (WebCore::AsyncFileSystemBlackBerry::fileExists):
        (WebCore::AsyncFileSystemBlackBerry::directoryExists):
        (WebCore::AsyncFileSystemBlackBerry::readDirectory):
        (WebCore::AsyncFileSystemBlackBerry::createWriter):
        (WebCore::AsyncFileSystemBlackBerry::createSnapshotFileAndReadMetadata):
        * platform/blackberry/AsyncFileSystemBlackBerry.h:
        * platform/chromium/PlatformSupport.h:
        * platform/gtk/AsyncFileSystemGtk.cpp:
        (WebCore::AsyncFileSystem::create):
        (WebCore::AsyncFileSystem::openFileSystem):
        (WebCore::AsyncFileSystemGtk::AsyncFileSystemGtk):
        (WebCore::AsyncFileSystemGtk::move):
        (WebCore::AsyncFileSystemGtk::copy):
        (WebCore::AsyncFileSystemGtk::remove):
        (WebCore::AsyncFileSystemGtk::removeRecursively):
        (WebCore::AsyncFileSystemGtk::readMetadata):
        (WebCore::AsyncFileSystemGtk::createFile):
        (WebCore::AsyncFileSystemGtk::createDirectory):
        (WebCore::AsyncFileSystemGtk::fileExists):
        (WebCore::AsyncFileSystemGtk::directoryExists):
        (WebCore::AsyncFileSystemGtk::readDirectory):
        (WebCore::AsyncFileSystemGtk::createWriter):
        * platform/gtk/AsyncFileSystemGtk.h:

        * GNUmakefile.list.am: Added FileSystemType.h.
        * WebCore.gypi: Added FileSystemType.h.
        * WebCore.vcproj/WebCore.vcproj: Added FileSystemType.h.
        * WebCore.xcodeproj/project.pbxproj: Added FileSystemType.h.

2012-05-07  Adam Barth  <abarth@webkit.org>

        [Chromium] Android wishes to use an empty implementation if AXObjectCache
        https://bugs.webkit.org/show_bug.cgi?id=85842

        Reviewed by Eric Seidel.

        Add proper HAVE(ACCESSIBILITY) ifdefs so that Chromium builds without
        accessibility.

        * accessibility/chromium/AXObjectCacheChromium.cpp:
        * accessibility/chromium/AccessibilityObjectChromium.cpp:

2012-05-07  Greg Billock  <gbillock@google.com>

        [Web Intents] Flagged-off implementation of an intent tag for registration.
        https://bugs.webkit.org/show_bug.cgi?id=73039

        Reviewed by Adam Barth.

        The intent tag is a declarative way for pages to register that they
        accept delivery of web intent invocations of particular types. See the
        spec at http://dvcs.w3.org/hg/web-intents/raw-file/tip/spec/Overview.html

        After discussion on the WhatWG list (see thread at
        http://lists.whatwg.org/pipermail/whatwg-whatwg.org/2012-April/035301.html)
        the current plan is to combine declarative registration of Web
        Intents and protocol/content handlers with this tag. Alternatives
        considered were the meta and link tags.

        * WebCore.gypi:
        * html/HTMLAttributeNames.in:
        * html/HTMLElementsAllInOne.cpp:
        * html/HTMLIntentElement.cpp: Added.
        (WebCore::HTMLIntentElement::HTMLIntentElement):
        (WebCore::HTMLIntentElement::create):
        (WebCore::HTMLIntentElement::insertedIntoDocument):
        * html/HTMLIntentElement.h: Added.
        * html/HTMLIntentElement.idl: Added.
        * html/HTMLTagNames.in:
        * loader/FrameLoaderClient.h:
        (WebCore::FrameLoaderClient::registerIntentService):
        * page/DOMWindow.idl:

2012-05-07  Dana Jansens  <danakj@chromium.org>

        Region::intersects() and Region::contains() are slow due to copy overhead
        https://bugs.webkit.org/show_bug.cgi?id=81076

        Reviewed by Anders Carlsson.

        Testing contains() and intersects() requires a copy which ends up
        invoking a malloc on sufficiently complicated web pages, and slows down
        the test unnecessarily. These methods can be done by iterating over the
        Region::Shape values rather than making a copy of the entire region and
        manipulating it.

        This uses Region::Shape::compareShapes() to walk the query regions and
        compute the result of the intersects or contains tests without making a
        copy.

        This change improves the performance of the Region overlap testing for
        composited layers, and allows for testing contains() before unite() to
        avoid unnecessary copies of the Region when inserting into complex
        Regions. With a layout test that has 225 composited layers, and tests
        Region.intersects() for 1000 layers above them, this change decreases
        the running time of the test by 1.2% by avoiding a copy of the 225
        rects each time.

        Unit test: RegionTest.intersectsRegion
                   RegionTest.containsRegion

        * platform/graphics/Region.cpp:
        (WebCore::Region::contains):
        (WebCore::Region::intersects):
        (WebCore):
        (WebCore::Region::Shape::compareShapes):
        (Region::Shape::CompareContainsOperation):
        (WebCore::Region::Shape::CompareContainsOperation::aOutsideB):
        (WebCore::Region::Shape::CompareContainsOperation::bOutsideA):
        (WebCore::Region::Shape::CompareContainsOperation::aOverlapsB):
        (Region::Shape::CompareIntersectsOperation):
        (WebCore::Region::Shape::CompareIntersectsOperation::aOutsideB):
        (WebCore::Region::Shape::CompareIntersectsOperation::bOutsideA):
        (WebCore::Region::Shape::CompareIntersectsOperation::aOverlapsB):
        * platform/graphics/Region.h:
        (Shape):

2012-05-07  David Tseng  <dtseng@google.com>

        Correct logical error in accessibilityIsIgnored.
        https://bugs.webkit.org/show_bug.cgi?id=85828

        Reviewed by Chris Fleizach.

        Covered by existing tests.

        * accessibility/AccessibilityMenuListOption.cpp:
        (WebCore::AccessibilityMenuListOption::accessibilityIsIgnored):
        * accessibility/AccessibilityMenuListPopup.cpp:
        (WebCore::AccessibilityMenuListPopup::accessibilityIsIgnored):

2012-05-04  Zhenyao Mo  <zmo@google.com>

        vertexAttribPointer needs to reject large negative offsets
        https://bugs.webkit.org/show_bug.cgi?id=85117

        Reviewed by Kenneth Russell.

        * html/canvas/WebGLRenderingContext.cpp: Use long long for GLsizeiptr and GLintptr
        (WebCore):
        (WebCore::WebGLRenderingContext::bufferData):
        (WebCore::WebGLRenderingContext::bufferSubData):
        (WebCore::WebGLRenderingContext::drawElements):
        (WebCore::WebGLRenderingContext::getVertexAttribOffset):
        (WebCore::WebGLRenderingContext::vertexAttribPointer):
        * html/canvas/WebGLRenderingContext.h: Ditto
        (WebGLRenderingContext):
        * html/canvas/WebGLRenderingContext.idl: Ditto

2012-05-07  Pravin D  <pravind.2k4@gmail.com>

        :first-line text-decorations are not rendered
        https://bugs.webkit.org/show_bug.cgi?id=6047

        Text-decorations are applied during paint phase. The style was not being properly selected in case of
        first line box. The patch fixes this. 

        Reviewed by Eric Seidel.

        Tests: fast/css/first-line-text-decoration-inherited-from-parent.html
               fast/css/first-line-text-decoration.html

        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::paintDecoration):
        Inform the decoration color retriever if this box is part of the first line box or not.

        * rendering/RenderObject.cpp:
        (WebCore::decorationColor):
        Changed the argument from RenderObject* to RenderStyle*. As this function is just a helper to getTextDecorationColors
        as used RenderObject solely to retrieve the corresponding RenderStyle, which(RenderStyle*) was already available with the latter function. 

        (WebCore::RenderObject::getTextDecorationColors):
        Take a new variable to check if first line style or the regular style has to be used.
        Sends RenderStyle* as an argument to decorationColor(). 

        * rendering/RenderObject.h:
        (RenderObject):

2012-05-07  Julien Chaffraix  <jchaffraix@webkit.org>

        Refactor windowClipRectForLayer to remove the explicit RenderLayer dependency
        https://bugs.webkit.org/show_bug.cgi?id=84090

        Reviewed by David Hyatt.

        No observable change in behavior.

        The function name was ambiguous as it was not a general purpose function but was
        working directly on HTMLFrameOwnerElement. The rename makes this more obvious as
        well as removes the explicit dependency on RenderLayer.

        One of the slight change of this refactoring is that we now always null-check the
        HTMLFrameOwnerElement's renderer as part windowClipRectForFrameOwner as I don't see
        any evidence for the other code paths not to hit that. Also we may recur more on our
        frame tree if we have no layer as we now call windowClipRect() in this case.

        * page/FrameView.h:
        (FrameView):
        * plugins/PluginView.cpp:
        (WebCore::PluginView::windowClipRect):
        * WebCore.exp.in:
        * WebCore.order:
        * page/FrameView.cpp:
        (WebCore::FrameView::windowClipRect):
        Updated after windowClipRectForLayer name and signature change.

        (WebCore::FrameView::windowClipRectForFrameOwner):
        This function now takes the HTMLFrameOwnerElement directly.

        * plugins/PluginView.cpp:
        (WebCore::PluginView::PluginView):
        (WebCore::PluginView::create):
        * plugins/PluginView.h:
        (PluginView):
        Updated |m_element| to be an HTMLPlugInElement as this was what was
        passed by every caller. This makes the conversion to HTMLFrameOwnerElement
        possible.

2012-05-07  Enrica Casucci  <enrica@apple.com>

        REGRESSION (r101575): Chinese input is broken when composing mail in iCloud using Safari.
        https://bugs.webkit.org/show_bug.cgi?id=85840
        <rdar://problem/11115520> 
        
        Reviewed by Alexey Proskuryakov.

        The revision that broke this, introduced a way to sanitize the markup when deleting a range selection.
        iCloud listens for DOM modification events and clears the selection, altering the input method state.
        The fix consists in adding a paramenter to DeleteSelectionCommand to control when we sanitize the
        markup.
        
        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::deleteSelection):
        * editing/CompositeEditCommand.h:
        * editing/DeleteSelectionCommand.cpp:
        (WebCore::DeleteSelectionCommand::DeleteSelectionCommand):
        (WebCore::DeleteSelectionCommand::doApply):
        * editing/DeleteSelectionCommand.h:
        (WebCore::DeleteSelectionCommand::create):
        * editing/InsertTextCommand.cpp:
        (WebCore::InsertTextCommand::doApply):

2012-05-07  Andy Estes  <aestes@apple.com>

        ENABLE_IFRAME_SEAMLESS should be part of FEATURE_DEFINES.

        * Configurations/FeatureDefines.xcconfig:

2012-05-06  Martin Robinson  <mrobinson@igalia.com>

        [Cairo] Implement ImageBuffer::copyImage for BackingStoreCopy == DontCopyBackingStore
        https://bugs.webkit.org/show_bug.cgi?id=85728

        Reviewed by Alejandro G. Castro.

        No new tests. This should not change functionality, only increase performance.

        * platform/graphics/cairo/ImageBufferCairo.cpp:
        (WebCore::ImageBuffer::copyImage): Add an implementation that knows how to avoid copying the backing store.
        (WebCore::ImageBuffer::draw): Use the copyImage constructor now that it knows how to
        avoid copying the backing store.
        (WebCore::ImageBuffer::drawPattern): Ditto.
        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::updateBackingStore): Use DontCopyBackingStore for Cairo
        as well.

2012-05-07  Noel Gordon  <noel.gordon@gmail.com>

        [CG] Separate image encoding from dataURL construction
        https://bugs.webkit.org/show_bug.cgi?id=85782

        Reviewed by Kenneth Russell.

        Remove the implicit assumption that a dataURL is the only desired output format
        of the image encoding phase.

        No new tests. No behavioral change. Covered by canvas 2d and 3d tests:
            canvas/philip/tests/*toDataURL*.html
            fast/canvas/webgl/premultiplyalpha-test.html

        * platform/graphics/cg/ImageBufferCG.cpp:
        (WebCore::CGImageEncodeToData): Image encoding helper: encode the image using the
        uti-defined encoder (PNG/JPEG/etc) and output to the given CFMutableDataRef data.
        (WebCore):
        (WebCore::CGImageToDataURL): Refactor to use CGImageEncodeToData().

2012-05-07  Scott Graham  <scottmg@chromium.org>

        [Chromium] Suppress switch-without-cases warning
        https://bugs.webkit.org/show_bug.cgi?id=85830

        Warnings like 
        ...\webkit\CSSGrammar.cpp(2075) : warning C4065: switch statement contains 'default' but no 'case' labels
        are generated. These are bogus, so just suppress them in the build
        settings.

        Reviewed by Dirk Pranke

        No new tests, no intended functionlity change. Just changing compiler
        settings.

        * WebCore.gyp/WebCore.gyp:

2012-05-07  Adrienne Walker  <enne@google.com>

        [chromium] Allow for asymmetric tile sizes on composited tiled layers
        https://bugs.webkit.org/show_bug.cgi?id=85687

        Reviewed by James Robinson.

        Update TiledLayerChromium/CCLayerTilingData/TilingData to allow for a
        the width and height of tile sizes to differ. Modify TilingData to use
        IntSize everywhere for these width/height pairs.

        Also, remove some unused functions from TilingData.

        Test: TilingDataTest.*

        * platform/graphics/chromium/TiledLayerChromium.cpp:
        (WebCore::TiledLayerChromium::TiledLayerChromium):
        (WebCore::TiledLayerChromium::updateTileSizeAndTilingOption):
        * platform/graphics/chromium/cc/CCLayerTilingData.cpp:
        (WebCore::CCLayerTilingData::CCLayerTilingData):
        (WebCore::CCLayerTilingData::setTileSize):
        (WebCore):
        (WebCore::CCLayerTilingData::tileSize):
        (WebCore::CCLayerTilingData::operator=):
        (WebCore::CCLayerTilingData::tileRect):
        (WebCore::CCLayerTilingData::setBounds):
        (WebCore::CCLayerTilingData::bounds):
        * platform/graphics/chromium/cc/CCLayerTilingData.h:
        (CCLayerTilingData):
        * platform/graphics/gpu/Texture.cpp:
        (WebCore::Texture::Texture):
        (WebCore::Texture::create):
        (WebCore::Texture::load):
        (WebCore::Texture::updateSubRect):
        * platform/graphics/gpu/TilingData.cpp:
        (WebCore::TilingData::TilingData):
        (WebCore::TilingData::setTotalSize):
        (WebCore::TilingData::setMaxTextureSize):
        (WebCore::TilingData::tileXIndexFromSrcCoord):
        (WebCore::TilingData::tileYIndexFromSrcCoord):
        (WebCore::TilingData::tileBounds):
        (WebCore::TilingData::tileSizeX):
        (WebCore::TilingData::tileSizeY):
        (WebCore::TilingData::recomputeNumTiles):
        * platform/graphics/gpu/TilingData.h:
        (TilingData):
        (WebCore::TilingData::totalSize):
        (WebCore::TilingData::maxTextureSize):
        (WebCore::TilingData::TilingData):

2012-05-07  Raymond Toy  <rtoy@google.com>

        ConvolverNode setBuffer() should not ASSERT on null buffer
        https://bugs.webkit.org/show_bug.cgi?id=85653

        Reviewed by Chris Rogers.

        Test: webaudio/convolver-setBuffer-null.html

        * Modules/webaudio/ConvolverNode.cpp:
        (WebCore::ConvolverNode::setBuffer):  Don't ASSERT on null buffer.

2012-05-07  Ken Buchanan  <kenrb@chromium.org>

        Crash due to positioned object list not being cleared during block flow split
        https://bugs.webkit.org/show_bug.cgi?id=85074

        Reviewed by Abhishek Arya.

        When an element is being split due to a column span element being
        inserted, any of its ancestors that are underneath the column
        containing block also get split. If an ancestor has an object in
        its positioned object list from a previous layout, then the list
        will have to be cleared because the positioned object could have moved
        to be under the continuation. This patch causes the list to be
        cleared.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::splitBlocks):

2012-05-07  Eric Seidel  <eric@webkit.org>

        Add ENABLE_IFRAME_SEAMLESS so Apple can turn off SEAMLESS if needed
        https://bugs.webkit.org/show_bug.cgi?id=85822

        Reviewed by Adam Barth.

        * Configurations/FeatureDefines.xcconfig:
        * dom/Document.cpp:
        (WebCore::Document::shouldDisplaySeamlesslyWithParent):

2012-05-07  Shezan Baig  <shezbaig.wk@gmail.com>

        Selection Background Color Error
        https://bugs.webkit.org/show_bug.cgi?id=80382

        Reviewed by David Hyatt.

        Determine the text colors and selection colors before painting the
        background behind the text.  This is because when determining whether
        to invert the selection background, the selection text color should be
        used instead of the regular text color.  With this patch, the selection
        text color is passed to 'paintSelection' so that the selection
        background can be compared against it, instead of comparing against the
        CSSPropertyColor value.

        Test: fast/backgrounds/selection-background-color.html

        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::paint):
            Pass selection text color to paintSelection

        (WebCore::InlineTextBox::paintSelection):
            Use the selection text color instead of CSSPropertyColor

        * rendering/InlineTextBox.h:
        (InlineTextBox):
            Adjust signature of paintSelection to accept text color

2012-05-07  David Reveman  <reveman@chromium.org>

        [Chromium] Use GL_CHROMIUM_command_buffer_query to throttle texture uploads.
        https://bugs.webkit.org/show_bug.cgi?id=81004

        Reviewed by Adrienne Walker.

        Add ThrottledTextureUploader class that uses GL_CHROMIUM_command_buffer_query
        to throttle texture uploads based on number of currently pending queries.

        Unit test: ThrottledTextureUploaderTest.IsBusy

        * WebCore.gypi:
        * platform/graphics/chromium/LayerRendererChromium.cpp:
        (WebCore::LayerRendererChromium::create):
        (WebCore::LayerRendererChromium::LayerRendererChromium):
        (WebCore::LayerRendererChromium::initializeSharedObjects):
        * platform/graphics/chromium/LayerRendererChromium.h:
        (LayerRendererChromium):
        * platform/graphics/chromium/TextureUploader.cpp: Removed.
        * platform/graphics/chromium/TextureUploader.h:
        (TextureUploader):
        * platform/graphics/chromium/ThrottledTextureUploader.cpp: Added.
        (WebCore):
        (WebCore::ThrottledTextureUploader::Query::Query):
        (WebCore::ThrottledTextureUploader::Query::~Query):
        (WebCore::ThrottledTextureUploader::Query::begin):
        (WebCore::ThrottledTextureUploader::Query::end):
        (WebCore::ThrottledTextureUploader::Query::isPending):
        (WebCore::ThrottledTextureUploader::Query::wait):
        (WebCore::ThrottledTextureUploader::ThrottledTextureUploader):
        (WebCore::ThrottledTextureUploader::~ThrottledTextureUploader):
        (WebCore::ThrottledTextureUploader::isBusy):
        (WebCore::ThrottledTextureUploader::beginUploads):
        (WebCore::ThrottledTextureUploader::endUploads):
        (WebCore::ThrottledTextureUploader::uploadTexture):
        (WebCore::ThrottledTextureUploader::processQueries):
        * platform/graphics/chromium/ThrottledTextureUploader.h: Copied from Source/WebCore/platform/graphics/chromium/TextureUploader.h.
        (WebCore):
        (ThrottledTextureUploader):
        (WebCore::ThrottledTextureUploader::create):
        (Query):
        (WebCore::ThrottledTextureUploader::Query::create):
        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
        (WebCore::CCLayerTreeHostImpl::initializeLayerRenderer):
        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
        (CCLayerTreeHostImpl):
        * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
        (UnthrottledTextureUploader):
        (WebCore::UnthrottledTextureUploader::create):
        (WebCore::UnthrottledTextureUploader::~UnthrottledTextureUploader):
        (WebCore::UnthrottledTextureUploader::isBusy):
        (WebCore::UnthrottledTextureUploader::beginUploads):
        (WebCore::UnthrottledTextureUploader::endUploads):
        (WebCore::UnthrottledTextureUploader::uploadTexture):
        (WebCore::UnthrottledTextureUploader::UnthrottledTextureUploader):
        (WebCore):
        (WebCore::CCSingleThreadProxy::initializeLayerRenderer):
        (WebCore::CCSingleThreadProxy::recreateContext):
        (WebCore::CCSingleThreadProxy::doCommit):
        * platform/graphics/chromium/cc/CCTextureUpdater.cpp:
        (WebCore::CCTextureUpdater::update):
        * platform/graphics/chromium/cc/CCTextureUpdater.h:
        (CCTextureUpdater):
        * platform/graphics/chromium/cc/CCThreadProxy.cpp:
        (WebCore):
        (UnthrottledTextureUploader):
        (WebCore::UnthrottledTextureUploader::create):
        (WebCore::UnthrottledTextureUploader::~UnthrottledTextureUploader):
        (WebCore::UnthrottledTextureUploader::isBusy):
        (WebCore::UnthrottledTextureUploader::beginUploads):
        (WebCore::UnthrottledTextureUploader::endUploads):
        (WebCore::UnthrottledTextureUploader::uploadTexture):
        (WebCore::UnthrottledTextureUploader::UnthrottledTextureUploader):
        (WebCore::CCThreadProxy::initializeLayerRendererOnImplThread):
        (WebCore::CCThreadProxy::recreateContextOnImplThread):

2012-05-07  Rob Buis  <rbuis@rim.com>

        Shrink SVGInlineTextBox object size
        https://bugs.webkit.org/show_bug.cgi?id=85805

        Reviewed by Darin Adler.

        Reduce the object size of SVGInlineTextBox by using bitfields. This
        should be 4 bytes on 32-bits and 8 bytes on 64-bits systems.

        * rendering/svg/RenderSVGResource.h:
        * rendering/svg/SVGInlineTextBox.cpp:
        (ExpectedSVGInlineTextBoxSize):
        (WebCore):
        * rendering/svg/SVGInlineTextBox.h:
        (SVGInlineTextBox):

2012-05-07  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r116334.
        http://trac.webkit.org/changeset/116334
        https://bugs.webkit.org/show_bug.cgi?id=85816

        Broke the Chromium Win/Mac compile (Requested by
        ojan_gardening on #webkit).

        * WebCore.gypi:
        * platform/graphics/chromium/AnimationIdVendor.cpp: Removed.
        * platform/graphics/chromium/AnimationIdVendor.h: Removed.
        * platform/graphics/chromium/GraphicsLayerChromium.cpp:
        (std):
        (WebCore::GraphicsLayerChromium::updateNames):
        (WebCore::GraphicsLayerChromium::addAnimation):
        (WebCore::GraphicsLayerChromium::updateChildList):
        (WebCore::GraphicsLayerChromium::mapAnimationNameToId):
        * platform/graphics/chromium/GraphicsLayerChromium.h:
        (WebCore):
        (GraphicsLayerChromium):
        * platform/graphics/chromium/LinkHighlightLayerDelegate.cpp: Removed.
        * platform/graphics/chromium/LinkHighlightLayerDelegate.h: Removed.

2012-05-07  Adrienne Walker  <enne@google.com>

        Fix containerForRepaint() assumption about non-null enclosingLayer()
        https://bugs.webkit.org/show_bug.cgi?id=85807

        Reviewed by Simon Fraser.

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::containerForRepaint):

2012-05-07  Alec Flett  <alecflett@chromium.org>

        IndexedDB: Replace numeric constants with strings
        https://bugs.webkit.org/show_bug.cgi?id=84894

        Reviewed by Tony Chang.

        Test: storage/indexeddb/legacy-constants.html

        Update IDBObjectStore.openCursor, IDBIndex.openCursor,
        IDBIndex.openKeyCursor, IDBDatabase.transaction,
        IDBCursor.direction, IDBTransaction.mode, and
        IDBRequest.readyState to meet the latest spec. All of these APIs
        now support string-based values in addition to the
        legacy/deprecated enum-based values.

        * Modules/indexeddb/IDBCursor.cpp:
        (WebCore):
        (WebCore::IDBCursor::direction):
        (WebCore::IDBCursor::stringToDirection):
        (WebCore::IDBCursor::directionToString):
        * Modules/indexeddb/IDBCursor.h:
        (IDBCursor):
        * Modules/indexeddb/IDBCursor.idl:
        * Modules/indexeddb/IDBDatabase.cpp:
        (WebCore::IDBDatabase::transaction):
        (WebCore):
        * Modules/indexeddb/IDBDatabase.h:
        (IDBDatabase):
        * Modules/indexeddb/IDBDatabase.idl:
        * Modules/indexeddb/IDBIndex.cpp:
        (WebCore::IDBIndex::openCursor):
        (WebCore):
        (WebCore::IDBIndex::openKeyCursor):
        * Modules/indexeddb/IDBIndex.h:
        (WebCore::IDBIndex::openCursor):
        (IDBIndex):
        (WebCore::IDBIndex::openKeyCursor):
        * Modules/indexeddb/IDBIndex.idl:
        * Modules/indexeddb/IDBObjectStore.cpp:
        (WebCore::IDBObjectStore::openCursor):
        (WebCore):
        * Modules/indexeddb/IDBObjectStore.h:
        (WebCore::IDBObjectStore::openCursor):
        (IDBObjectStore):
        * Modules/indexeddb/IDBObjectStore.idl:
        * Modules/indexeddb/IDBRequest.cpp:
        (WebCore::IDBRequest::IDBRequest):
        (WebCore::IDBRequest::readyState):
        (WebCore::IDBRequest::markEarlyDeath):
        (WebCore::IDBRequest::resetReadyState):
        (WebCore::IDBRequest::abort):
        (WebCore::IDBRequest::finishCursor):
        (WebCore::IDBRequest::onSuccess):
        (WebCore::IDBRequest::stop):
        * Modules/indexeddb/IDBRequest.h:
        * Modules/indexeddb/IDBRequest.idl:
        * Modules/indexeddb/IDBTransaction.cpp:
        (WebCore):
        (WebCore::IDBTransaction::mode):
        (WebCore::IDBTransaction::stringToMode):
        (WebCore::IDBTransaction::modeToString):
        * Modules/indexeddb/IDBTransaction.h:
        (IDBTransaction):
        * Modules/indexeddb/IDBTransaction.idl:

2012-05-07  W. James MacLean  <wjmaclean@chromium.org>

        [chromium] Create LinkHighlightLayerChromium class to provide link-highlight preview animations for GraphicsLayerChromium.
        https://bugs.webkit.org/show_bug.cgi?id=85084

        Reviewed by Adrienne Walker.

        Unit test provided.

        Creates a layer delegate class to provide link highlight animations for link-preview feature.
        These are added to a GraphicsLayerChromium via provided methods. Moves dispensing of animation
        ids into a separate class.

        * WebCore.gypi:
        * platform/graphics/chromium/AnimationIdVendor.cpp: Added.
        (WebCore):
        (WebCore::AnimationIdVendor::getNextAnimationId):
        (WebCore::AnimationIdVendor::getNextGroupId):
        * platform/graphics/chromium/AnimationIdVendor.h: Added.
        (WebCore):
        (AnimationIdVendor):
        * platform/graphics/chromium/GraphicsLayerChromium.cpp:
        (WebCore::GraphicsLayerChromium::updateNames):
        (WebCore::GraphicsLayerChromium::addAnimation):
        (WebCore::GraphicsLayerChromium::addLinkHighlightLayer):
        (WebCore):
        (WebCore::GraphicsLayerChromium::didFinishLinkHighlightLayer):
        (WebCore::GraphicsLayerChromium::updateChildList):
        (WebCore::GraphicsLayerChromium::mapAnimationNameToId):
        * platform/graphics/chromium/GraphicsLayerChromium.h:
        (WebCore):
        (GraphicsLayerChromium):
        * platform/graphics/chromium/LinkHighlightLayerDelegate.cpp: Added.
        (WebCore):
        (WebCore::LinkHighlightLayerDelegate::create):
        (WebCore::LinkHighlightLayerDelegate::LinkHighlightLayerDelegate):
        (WebCore::LinkHighlightLayerDelegate::~LinkHighlightLayerDelegate):
        (WebCore::LinkHighlightLayerDelegate::getContentLayer):
        (WebCore::LinkHighlightLayerDelegate::paintContents):
        (WebCore::LinkHighlightLayerDelegate::didScroll):
        (WebCore::LinkHighlightLayerDelegate::notifyAnimationStarted):
        (WebCore::LinkHighlightLayerDelegate::notifyAnimationFinished):
        * platform/graphics/chromium/LinkHighlightLayerDelegate.h: Added.
        (WebCore):
        (LinkHighlightLayerDelegate):

2012-05-07  Joshua Bell  <jsbell@chromium.org>

        IndexedDB: LevelDB coding for bools is broken
        https://bugs.webkit.org/show_bug.cgi?id=85810

        Reviewed by Tony Chang.

        Code was appending to a pre-sized Vector, rather than using an
        index setter. This caused uninitialized data to be written out.
        Issue was detected on the Chromium side in http://crbug.com/126388

        Tests: webkit_unit_tests --gtest_filter='IDBLevelDBCodingTest.*codeBool'

        * Modules/indexeddb/IDBLevelDBCoding.cpp:
        (WebCore::IDBLevelDBCoding::encodeBool):

2012-05-07  Shawn Singh  <shawnsingh@chromium.org>

        [chromium] CCMathUtil projectPoint needs to avoid divide-by-zero
        https://bugs.webkit.org/show_bug.cgi?id=85560

        Reviewed by Adrienne Walker.

        Unit test added: CCMathUtilTest.cpp - verifyProjectionOfPerpendicularPlane
        Unit test updated/renamed: CCLayerTreeHostCommonTest.cpp - verifyVisibleRectFor3dPerspectiveWhenClippedByW

        The divide-by-zero occurs in an innocuous case where the layers
        are probably invisible anyway. However, producing Infs and NaNs
        could cause values to be used when un-intended, so its appropriate
        to handle the divide-by-zero correctly.

        * platform/graphics/chromium/cc/CCMathUtil.cpp:
        (WebCore::projectPoint):

2012-05-07  Pravin D  <pravind.2k4@gmail.com>

        Wrong positioning due to wrong width calculation wrt width:0
        https://bugs.webkit.org/show_bug.cgi?id=50135

        Reviewed by Eric Seidel.

        Test: fast/block/block-parent-with-zero-width-child.html

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::computePreferredLogicalWidths):
        When width is fixed, the specified width must be taken, provided the value is positive.
        Width=0 case was being ignored.

2012-05-07  Noel Gordon  <noel.gordon@gmail.com>

        [CG] ImageBuffer::ImageDataToDataURL: Remove alpha stuffing when encoding to JPEG
        https://bugs.webkit.org/show_bug.cgi?id=85779

        Reviewed by Eric Seidel.

        No change in behavior. Covered by fast/canvas/webgl/premultiplyalpha-test.html

        * platform/graphics/cg/ImageBufferCG.cpp:
        (WebCore::ImageDataToDataURL): Remove the need to stuff the alpha channel with 255.
        Rename dataVector to premultipliedData and verify that its resize() worked. Rewrite
        the premultiplication loop without the alpha channel = 255 part and ask the CG JPEG
        encoder to ignore the alpha channel (kCGImageAlphaNoneSkipLast) instead.

2012-05-07  Dominik Röttsches  <dominik.rottsches@linux.intel.com>

        [GTK] media/video-seek-past-end-playing.html times out
        https://bugs.webkit.org/show_bug.cgi?id=84858

        Reviewed by Philippe Normand.

        Removing the intentional state change to PAUSED on didEnd().
        My understanding is that the fix works because the additional
        state transition to PAUSED was resetting the internal m_seeking state to early,
        so that updatePlayState() in HTMLMediaElement was not able to
        correctly figure out/recover playstate after seeking.

        No new tests, covered by existing media tests, and fixing
        video-seek-past-end-playing.html flakiness on GTK, failure on EFL.

        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

2012-05-07  Abhishek Arya  <inferno@chromium.org>

        Crash in RenderBlock::updateFirstLetterStyle.
        https://bugs.webkit.org/show_bug.cgi?id=85759

        Reviewed by Julien Chaffraix.

        Test: fast/css-generated-content/first-letter-next-sibling-crash.html

        RenderBlock::removeChild can bring up the children from last single anonymous block,
        causing |nextSibling| in RenderBlock::updateFirstLetterStyle to go stale. We prevent
        this by removing the child safely using removeChildNode before destroying it.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::updateFirstLetterStyle):

2012-05-07  Tommy Widenflycht  <tommyw@google.com>

        MediaStream API: Rename MediaStreamCenter::didConstructMediaStream
        https://bugs.webkit.org/show_bug.cgi?id=85796

        Reviewed by Adam Barth.

        Renamed MediaStreamCenter::didConstructMediaStream to didCreateMediaStream,
        and change so that it is only called for MediaStreams created from JS.

        Not really testable.

        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::create):
        * platform/mediastream/MediaStreamCenter.h:
        (MediaStreamCenter):
        * platform/mediastream/chromium/MediaStreamCenterChromium.cpp:
        (WebCore::MediaStreamCenterChromium::didCreateMediaStream):
        * platform/mediastream/chromium/MediaStreamCenterChromium.h:
        (MediaStreamCenterChromium):
        * platform/mediastream/gstreamer/MediaStreamCenterGStreamer.cpp:
        (WebCore::MediaStreamCenterGStreamer::didCreateMediaStream):
        * platform/mediastream/gstreamer/MediaStreamCenterGStreamer.h:
        (MediaStreamCenterGStreamer):

2012-05-07  Nat Duca  <nduca@chromium.org>

        Unreviewed, rolling out r115525.
        http://trac.webkit.org/changeset/115525
        https://bugs.webkit.org/show_bug.cgi?id=66683

        Too many pages rely on DOMTimeStamp as first argument.
        Reverting while we consider next steps.

        * WebCore.exp.in:
        * bindings/js/JSRequestAnimationFrameCallbackCustom.cpp:
        (WebCore::JSRequestAnimationFrameCallback::handleEvent):
        * dom/Document.cpp:
        (WebCore::Document::serviceScriptedAnimations):
        * dom/Document.h:
        (Document):
        * dom/RequestAnimationFrameCallback.h:
        (RequestAnimationFrameCallback):
        * dom/RequestAnimationFrameCallback.idl:
        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::ScriptedAnimationController):
        (WebCore::ScriptedAnimationController::serviceScriptedAnimations):
        (WebCore):
        (WebCore::ScriptedAnimationController::windowScreenDidChange):
        (WebCore::ScriptedAnimationController::scheduleAnimation):
        (WebCore::ScriptedAnimationController::animationTimerFired):
        * dom/ScriptedAnimationController.h:
        (ScriptedAnimationController):
        (WebCore::ScriptedAnimationController::displayRefreshFired):
        * page/FrameView.cpp:
        (WebCore::FrameView::serviceScriptedAnimations):
        * page/FrameView.h:
        (FrameView):
        * platform/graphics/DisplayRefreshMonitor.cpp:
        (WebCore::DisplayRefreshMonitor::DisplayRefreshMonitor):
        (WebCore::DisplayRefreshMonitor::notifyClients):
        * platform/graphics/DisplayRefreshMonitor.h:
        (DisplayRefreshMonitor):
        * platform/graphics/blackberry/DisplayRefreshMonitorBlackBerry.cpp:
        (WebCore::DisplayRefreshMonitor::displayLinkFired):
        * platform/graphics/mac/DisplayRefreshMonitorMac.cpp:
        (WebCore):
        (WebCore::DisplayRefreshMonitor::requestRefreshCallback):
        (WebCore::DisplayRefreshMonitor::displayLinkFired):

2012-05-07  Tommy Widenflycht  <tommyw@google.com>

        MediaStream API: Allow UserMediaRequest::succeed to take an MediaStreamDescriptor
        https://bugs.webkit.org/show_bug.cgi?id=85798

        Reviewed by Adam Barth.

        Adding another UserMediaRequest::succeed function that takes an MediaStreamDescriptor
        instead of the two MediaStreamSource arrays.

        Not currently testable.

        * Modules/mediastream/LocalMediaStream.cpp:
        (WebCore::LocalMediaStream::create):
        (WebCore):
        (WebCore::LocalMediaStream::LocalMediaStream):
        * Modules/mediastream/LocalMediaStream.h:
        (LocalMediaStream):
        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::succeed):
        (WebCore):
        * Modules/mediastream/UserMediaRequest.h:
        (WebCore):
        (UserMediaRequest):

2012-05-07  Michal Mocny  <mmocny@google.com>

        [chromium] setContentsMemoryAllocationLimitBytes needs to setNeedsCommit.
        https://bugs.webkit.org/show_bug.cgi?id=85801

        Reviewed by Adrienne Walker.

        CCLayerTreeHost::setContentsMemoryAllocationLimitBytes needs to call setNeedsCommit after adjusting memory
        limits, so that we push a new frame.  In particular, when returning from non visibile state, we adjust
        memory allocation from 0 to non 0, and we need to push a non blank frame.

        * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
        (WebCore::CCLayerTreeHost::setVisible):
        (WebCore::CCLayerTreeHost::setContentsMemoryAllocationLimitBytes):

2012-05-07  Christophe Dumez  <christophe.dumez@intel.com>

        [EFL] media/track/track-cue-rendering-snap-to-lines-not-set.html fails
        https://bugs.webkit.org/show_bug.cgi?id=85602

        Reviewed by Eric Carlson.

        Fix positioning of the controls panel back to relative, as it is
        in the parent CSS.

        * css/mediaControlsEfl.css:
        (audio::-webkit-media-controls-panel, video::-webkit-media-controls-panel):

2012-05-07  Adam Bergkvist  <adam.bergkvist@ericsson.com>

        MediaStream should not be an ActiveDOMObject
        https://bugs.webkit.org/show_bug.cgi?id=85191

        Reviewed by Adam Barth.

        The model with MediaStreamDescriptor and MediaStream (and LocalMediaStream)
        allows the JavaScript objects (MediaStream and LocalMediaStream) to be
        cleaned up while the MediaStreamDescriptor lives on to manage the stream in
        the platform. This happens for example when a URL is created to represent
        a MediaStream (using createObjectURL()). In that case, the MediaStreamDescriptor
        is put into the MediaStreamRegistry and even though the MediaStream object is
        lost, the URL still works since the descriptor is kept in the registry.

        The changes introduced in r113460 (http://webkit.org/b/83143) turned
        MediaStream and LocalMediaStream into ActiveDOMObjects. For example on page
        reload, LocalMediaStream calls MediaStreamCenter::didStopLocalMediaStream()
        via its ActiveDOMObject::stop() method. However, when a page reload occurs,
        the LocalMediaStream object may have been cleaned up already and
        MediaStreamCenter::didStopLocalMediaStream() will not be called.

        One way to make the behavior consistent would be to call
        MediaStreamCenter::didStopLocalMediaStream() when the descriptor is cleaned up,
        cause then we wouldn't be dependent on the LocalMediaStream object being alive.
        However, calling MediaStreamCenter::didStopLocalMediaStream() might not be the
        correct thing to do when all references to the descriptor are lost since there
        can be MediaStream objects constructed from the tracks of the LocalMediaStream
        that should continue to work. MediaStreamCenter::didStopLocalMediaStream() was
        intended for LocalMediaStream.stop() which is used to revoke access to devices;
        that should not necessarily happen when the descriptor of a LocalMediaStream is
        cleaned up. If it's necessary for some ports to signal to the platform that a
        MediaStreamDescriptor is cleaned up, then I would suggest adding a new function,
        willDestroyMediaStreamDescriptor(), to the MediaStreamCenter interface.

        The current resolution is to make MediaStream a ContextDestructionObserver
        instead of an ActiveDOMObject.

        Currently not testable.

        * Modules/mediastream/LocalMediaStream.cpp:
        (WebCore::LocalMediaStream::create):
        * Modules/mediastream/LocalMediaStream.h:
        (LocalMediaStream):
        * Modules/mediastream/LocalMediaStream.idl:
        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::create):
        (WebCore::MediaStream::MediaStream):
        (WebCore::MediaStream::scriptExecutionContext):
        * Modules/mediastream/MediaStream.h:

2012-05-07  Liam Quinn  <lquinn@rim.com>

        [BlackBerry] WWW-Authenticate header on 200 response pops up authentication dialog
        https://bugs.webkit.org/show_bug.cgi?id=85643

        Reviewed by George Staikos.

        RIM PR: 151992
        Ignore WWW-Authenticate header if the response code is not 401.
        Ignore Proxy-Authenticate header if the response code is not 407.

        Manual test added to observe whether the authentication dialog appears on a 200 response with WWW-Authenticate.

        * platform/network/blackberry/NetworkJob.cpp:
        (WebCore::NetworkJob::handleNotifyHeaderReceived):

2012-05-07  Alexander Pavlov  <apavlov@chromium.org>

        Web Inspector: [TextPrompt] Event listeners and CSS style are not removed on detachment
        https://bugs.webkit.org/show_bug.cgi?id=85789

        Reviewed by Yury Semikhatsky.

        * inspector/front-end/TextPrompt.js:
        (WebInspector.TextPrompt.prototype._attachInternal):
        (WebInspector.TextPrompt.prototype.detach):

2012-05-07  Csaba Osztrogonác  <ossy@webkit.org>

        Buildfix for buggy GCC
        https://bugs.webkit.org/show_bug.cgi?id=85781

        Reviewed by Zoltan Herczeg.

        * rendering/RenderBlock.h:
        (WebCore::RenderBlock::MarginInfo::clearMargin):

2012-05-07  Alexander Pavlov  <apavlov@chromium.org>

        Web Inspector: [REGRESSION] Context menu for the left Script view gutter is broken
        https://bugs.webkit.org/show_bug.cgi?id=85785

        Reviewed by Pavel Feldman.

        Fixed remaining usages of WebInspector.save to be WebInspector.fileManager.save.

        * inspector/front-end/NetworkPanel.js:
        (WebInspector.NetworkLogView.prototype._exportAll):
        (WebInspector.NetworkLogView.prototype._exportRequest):
        * inspector/front-end/ResourcesPanel.js:
        (WebInspector.FrameResourceTreeElement.prototype._appendSaveAsAction.doSave):
        (WebInspector.ResourceRevisionTreeElement.prototype._handleContextMenuEvent.doSave):
        * inspector/front-end/TextViewer.js:
        (WebInspector.TextViewer.prototype._contextMenu):


2012-05-07  Antti Koivisto  <antti@apple.com>

        Share stylesheet data structures between documents
        https://bugs.webkit.org/show_bug.cgi?id=85598

        Reviewed by Darin Adler.

        We currently make a copy of the data structures when restoring a cached stylesheet. This patch lets us share
        the data until someone uses a mutating CSSOM API to modify the sheet.
        
        The patch implements copy-on-write for the internal style sheet data structures. If any mutating CSSOM API is
        invoked, we check if the mutation is safe (there is only one client, the sheet is not cached). If not then the
        internal structures are copied and any existing CSSOM objects are re-attached to the new style tree. The copied
        tree is mutated while the other clients stay attached to the original tree.
        
        Sharing can save significant amount of memory on sites with large stylesheets. For example if you have
        multiple articles open on wsj.com this saves ~2.6MB per tab.
        
        Test: http/tests/css/shared-stylesheet-mutation.html
              http/tests/css/shared-stylesheet-mutation-preconstruct.html

        * css/CSSFontFaceRule.cpp:
        (WebCore::CSSFontFaceRule::reattach):
        (WebCore):
        * css/CSSFontFaceRule.h:
        (CSSFontFaceRule):
        * css/CSSMediaRule.cpp:
        (WebCore::CSSMediaRule::insertRule):
        (WebCore::CSSMediaRule::deleteRule):
        (WebCore::CSSMediaRule::reattach):
        (WebCore):
        * css/CSSMediaRule.h:
        (CSSMediaRule):
        * css/CSSPageRule.cpp:
        (WebCore::CSSPageRule::setSelectorText):
        (WebCore::CSSPageRule::reattach):
        (WebCore):
        * css/CSSPageRule.h:
        (CSSPageRule):
        * css/CSSRule.cpp:
        (WebCore::CSSRule::reattach):
        
            After the internal stylerule tree has been copied, the existing wrappers are re-attached using recursive reattach() function.

        * css/CSSRule.h:
        (WebCore):
        (CSSRule):
        * css/CSSStyleRule.cpp:
        (WebCore::CSSStyleRule::setSelectorText):
        (WebCore::CSSStyleRule::reattach):
        (WebCore):
        * css/CSSStyleRule.h:
        (CSSStyleRule):
        * css/CSSStyleSheet.cpp:
        (WebCore::StyleSheetInternal::StyleSheetInternal):
        (WebCore::StyleSheetInternal::isCacheable):
        (WebCore::StyleSheetInternal::ruleAt):
        
            Add ruleAt(), use it for both wrapper creation and reattaching.  Remove createChildRuleCSSOMWrapper .

        (WebCore):
        (WebCore::StyleSheetInternal::wrapperInsertRule):
        (WebCore::StyleSheetInternal::wrapperDeleteRule):
        
            Invalidation moves to the calling wrapper.

        (WebCore::StyleSheetInternal::addedToMemoryCache):
        (WebCore::StyleSheetInternal::removedFromMemoryCache):
        (WebCore::CSSStyleSheet::willMutateRules):
        
            This is called whenever StyleSheetInternal is going to be mutated. It will do copy-on-write if needed.
            
            Usually invoked by CSSStyleSheet::RuleMutation RAII type.

        (WebCore::CSSStyleSheet::didMutateRules):
        
            This is called after the mutation is complete and will trigger the style recalc in the document.

        (WebCore::CSSStyleSheet::didMutate):
        
            This is called directly after mutations that don't change StyleSheetInternal so don't require copy-on-write.

        (WebCore::CSSStyleSheet::reattachChildRuleCSSOMWrappers):
        (WebCore::CSSStyleSheet::setDisabled):
        (WebCore::CSSStyleSheet::insertRule):
        (WebCore::CSSStyleSheet::deleteRule):
        * css/CSSStyleSheet.h:
        (StyleSheetInternal):
        (WebCore::StyleSheetInternal::hasOneClient):
        (WebCore::StyleSheetInternal::isMutable):
        (WebCore::StyleSheetInternal::setMutable):
        
            Track mutability. Mutation is allowed only after willMutate call.

        (WebCore::StyleSheetInternal::isInMemoryCache):
        
            Track if the object is in memory cache.

        (WebCore::CSSStyleSheet::clearOwnerRule):
        (CSSStyleSheet):
        * css/MediaList.cpp:
        (WebCore::MediaList::setMediaText):
        (WebCore::MediaList::deleteMedium):
        (WebCore::MediaList::appendMedium):
        (WebCore::MediaList::didMutate):
        (WebCore):
        (WebCore::MediaList::reattach):
        * css/MediaList.h:
        (MediaList):
        * css/PropertySetCSSStyleDeclaration.cpp:
        (WebCore::PropertySetCSSStyleDeclaration::setCssText):
        (WebCore::PropertySetCSSStyleDeclaration::setProperty):
        (WebCore::PropertySetCSSStyleDeclaration::removeProperty):
        (WebCore::PropertySetCSSStyleDeclaration::setPropertyInternal):
        (WebCore):
        (WebCore::StyleRuleCSSStyleDeclaration::willMutate):
        (WebCore::StyleRuleCSSStyleDeclaration::didMutate):
        (WebCore::StyleRuleCSSStyleDeclaration::reattach):
        (WebCore::InlineCSSStyleDeclaration::didMutate):
        * css/PropertySetCSSStyleDeclaration.h:
        (WebCore::PropertySetCSSStyleDeclaration::willMutate):
        (WebCore::PropertySetCSSStyleDeclaration::didMutate):
        (StyleRuleCSSStyleDeclaration):
        * css/WebKitCSSKeyframesRule.cpp:
        (WebCore::WebKitCSSKeyframesRule::setName):
        (WebCore::WebKitCSSKeyframesRule::insertRule):
        (WebCore::WebKitCSSKeyframesRule::deleteRule):
        (WebCore::WebKitCSSKeyframesRule::reattach):
        (WebCore):
        * css/WebKitCSSKeyframesRule.h:
        (WebKitCSSKeyframesRule):
        * css/WebKitCSSRegionRule.cpp:
        (WebCore::WebKitCSSRegionRule::reattach):
        * css/WebKitCSSRegionRule.h:
        (WebKitCSSRegionRule):
        * inspector/InspectorStyleSheet.cpp:
        (WebCore::InspectorStyleSheet::reparseStyleSheet):
        * loader/cache/CachedCSSStyleSheet.cpp:
        (WebCore::CachedCSSStyleSheet::~CachedCSSStyleSheet):
        (WebCore::CachedCSSStyleSheet::destroyDecodedData):
        (WebCore::CachedCSSStyleSheet::restoreParsedStyleSheet):
        
            Don't copy when restoring. It is no longer necessary.
            Set the cache bit on the stylesheet.

        (WebCore::CachedCSSStyleSheet::saveParsedStyleSheet):

2012-05-06  Kinuko Yasuda  <kinuko@chromium.org>

        Cleanup: Change boolean synchronous flag argument into enum in FileSystem API code
        https://bugs.webkit.org/show_bug.cgi?id=85741

        Reviewed by David Levin.

        No new tests as this change has no functional effects.

        * Modules/filesystem/DOMWindowFileSystem.cpp:
        (WebCore::DOMWindowFileSystem::webkitRequestFileSystem):
        * Modules/filesystem/LocalFileSystem.cpp:
        (WebCore::LocalFileSystem::requestFileSystem):
        * Modules/filesystem/LocalFileSystem.h:
        (LocalFileSystem):
        * Modules/filesystem/WorkerContextFileSystem.cpp:
        (WebCore::WorkerContextFileSystem::webkitRequestFileSystem):
        (WebCore::WorkerContextFileSystem::webkitRequestFileSystemSync):
        (WebCore::WorkerContextFileSystem::webkitResolveLocalFileSystemSyncURL):
        * platform/FileSystemType.h: Added FileSystemSynchronousType enum.

2012-05-07  Antti Koivisto  <antti@apple.com>

        Revert the previous.

        Not reviewed.
        
        Apparently r116235 was already rolled out.

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::determineScope):

2012-05-07  Antti Koivisto  <antti@apple.com>

        REGRESSION(r116235): broke a lot of tests on all chromium debug bots
        https://bugs.webkit.org/show_bug.cgi?id=85773

        Not reviewed.

        Try to fix assert when scoped stylesheets are enabled.

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::determineScope):

2012-05-06  Kinuko Yasuda  <kinuko@chromium.org>

        Cleanup: Move FileSystem API type definitions into a separate header file
        https://bugs.webkit.org/show_bug.cgi?id=85738

        Reviewed by David Levin.

        Move FileSystem API type definitions from AsyncFileSystem.h and
        AsyncFileSystemChromium.cpp for chromium port into a single separate
        header file: FileSystemType.h

        By doing this we make it clearer that every filesystem type can be
        found in the header file and also can save including entire
        AsyncFileSystem definition just for referring type enum value.

        No new tests as this change has no visible or functional changes.

        * Modules/filesystem/DOMFileSystemBase.cpp:
        (WebCore::pathToAbsolutePath):
        * Modules/filesystem/DOMWindowFileSystem.cpp:
        (WebCore::DOMWindowFileSystem::webkitRequestFileSystem):
        (WebCore::DOMWindowFileSystem::webkitResolveLocalFileSystemURL):
        (WebCore):
        * Modules/filesystem/DOMWindowFileSystem.h:
        * Modules/filesystem/LocalFileSystem.h:
        (LocalFileSystem):
        * Modules/filesystem/WorkerContextFileSystem.cpp:
        (WebCore::WorkerContextFileSystem::webkitRequestFileSystem):
        (WebCore::WorkerContextFileSystem::webkitRequestFileSystemSync):
        (WebCore::WorkerContextFileSystem::webkitResolveLocalFileSystemURL):
        (WebCore::WorkerContextFileSystem::webkitResolveLocalFileSystemSyncURL):
        (WebCore):
        * Modules/filesystem/WorkerContextFileSystem.h:
        * platform/AsyncFileSystem.cpp:
        (WebCore::AsyncFileSystem::isValidType):
        (WebCore::AsyncFileSystem::create):
        (WebCore::AsyncFileSystem::openFileSystem):
        * platform/AsyncFileSystem.h:
        (AsyncFileSystem):
        (WebCore::AsyncFileSystem::type):
        (WebCore::AsyncFileSystem::AsyncFileSystem):
        * platform/FileSystemType.h: Added.
        (WebCore):
        * platform/blackberry/AsyncFileSystemBlackBerry.cpp:
        (WebCore::AsyncFileSystem::isValidType):
        (WebCore::AsyncFileSystem::create):
        (WebCore::AsyncFileSystem::openFileSystem):
        (WebCore::AsyncFileSystem::crackFileSystemURL):
        (WebCore::AsyncFileSystemBlackBerry::AsyncFileSystemBlackBerry):
        * platform/blackberry/AsyncFileSystemBlackBerry.h:
        (AsyncFileSystemBlackBerry):
        * platform/gtk/AsyncFileSystemGtk.cpp:
        (WebCore::AsyncFileSystem::isValidType):
        (WebCore::AsyncFileSystem::create):
        (WebCore::AsyncFileSystem::openFileSystem):
        (WebCore::AsyncFileSystem::crackFileSystemURL):
        (WebCore::AsyncFileSystemGtk::AsyncFileSystemGtk):
        * platform/gtk/AsyncFileSystemGtk.h:
        (AsyncFileSystemGtk):

2012-05-06  MORITA Hajime  <morrita@google.com>

        https://bugs.webkit.org/show_bug.cgi?id=85265
        [Shadow DOM] ShadowTree needs a better name

        Reviewed by Dimitri Glazkov.

        Renamed ShadowTree to ElementShadow, The ElementShadow class is
        going to be a facade of Shadow related APIs.

        Following renames follow:
        - Element::shadowTree() to Element::shadow()
        - ShadowRoot::tree() to ShadowRoot::owner()
        - ShadowTree::recalcShadowTreeStyle() to ElementShadow::recalcStyle()

        No new tests. Just renames.

        * CMakeLists.txt:
        * GNUmakefile.list.am:
        * Target.pri:
        * WebCore.exp.in:
        * WebCore.gypi:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/ComposedShadowTreeWalker.cpp:
        (WebCore::shadowFor):
        (WebCore::shadowOfParent):
        (WebCore::ComposedShadowTreeWalker::traverseChild):
        (WebCore::ComposedShadowTreeWalker::traverseSiblingOrBackToInsertionPoint):
        (WebCore::ComposedShadowTreeWalker::traverseParent):
        * dom/ContainerNodeAlgorithms.cpp:
        (WebCore::ChildNodeInsertionNotifier::notifyDescendantInsertedIntoDocument):
        (WebCore::ChildNodeInsertionNotifier::notifyDescendantInsertedIntoTree):
        (WebCore::ChildNodeRemovalNotifier::notifyDescendantRemovedFromDocument):
        (WebCore::ChildNodeRemovalNotifier::notifyDescendantRemovedFromTree):
        * dom/DOMAllInOne.cpp:
        * dom/Document.cpp:
        (WebCore::Document::buildAccessKeyMap):
        * dom/Element.cpp:
        (WebCore::Element::~Element):
        (WebCore::Element::willRemove):
        (WebCore::Element::attach):
        (WebCore::Element::detach):
        (WebCore::Element::recalcStyle):
        (WebCore::Element::hasShadowRoot):
        (WebCore::Element::shadow):
        (WebCore::Element::ensureShadow):
        (WebCore::Element::ensureShadowRoot):
        (WebCore::Element::childrenChanged):
        * dom/Element.h:
        (WebCore):
        (Element):
        * dom/ElementRareData.h:
        (ElementRareData):
        (WebCore::ElementRareData::~ElementRareData):
        * dom/ElementShadow.cpp: Renamed from Source/WebCore/dom/ShadowTree.cpp.
        (WebCore):
        (WebCore::ElementShadow::ElementShadow):
        (WebCore::ElementShadow::~ElementShadow):
        (WebCore::validateShadowRoot):
        (WebCore::ElementShadow::addShadowRoot):
        (WebCore::ElementShadow::removeAllShadowRoots):
        (WebCore::ElementShadow::willRemove):
        (WebCore::ElementShadow::setParentTreeScope):
        (WebCore::ElementShadow::attach):
        (WebCore::ElementShadow::attachHost):
        (WebCore::ElementShadow::detach):
        (WebCore::ElementShadow::detachHost):
        (WebCore::ElementShadow::insertionPointFor):
        (WebCore::ElementShadow::selectionFor):
        (WebCore::ElementShadow::reattach):
        (WebCore::ElementShadow::childNeedsStyleRecalc):
        (WebCore::ElementShadow::needsStyleRecalc):
        (WebCore::ElementShadow::recalcStyle):
        (WebCore::ElementShadow::needsReattachHostChildrenAndShadow):
        (WebCore::ElementShadow::hostChildrenChanged):
        (WebCore::ElementShadow::setNeedsReattachHostChildrenAndShadow):
        (WebCore::ElementShadow::reattachHostChildrenAndShadow):
        * dom/ElementShadow.h: Renamed from Source/WebCore/dom/ShadowTree.h.
        (WebCore):
        (ElementShadow):
        (WebCore::ElementShadow::hasShadowRoot):
        (WebCore::ElementShadow::youngestShadowRoot):
        (WebCore::ElementShadow::oldestShadowRoot):
        (WebCore::ElementShadow::selector):
        (WebCore::ElementShadow::clearNeedsReattachHostChildrenAndShadow):
        (WebCore::ElementShadow::host):
        (ShadowRootVector):
        (WebCore::ShadowRootVector::ShadowRootVector):
        * dom/Node.cpp:
        (WebCore::oldestShadowRootFor):
        * dom/NodeRenderingContext.cpp:
        (WebCore::NodeRenderingContext::NodeRenderingContext):
        (WebCore::NodeRenderingContext::hostChildrenChanged):
        * dom/NodeRenderingContext.h:
        (WebCore):
        * dom/ShadowRoot.cpp:
        (WebCore::ShadowRoot::create):
        (WebCore::ShadowRoot::owner):
        * dom/ShadowRoot.h:
        (WebCore):
        (ShadowRoot):
        * dom/TreeScopeAdopter.cpp:
        (WebCore::shadowFor):
        (WebCore::TreeScopeAdopter::moveTreeToNewScope):
        (WebCore::TreeScopeAdopter::moveTreeToNewDocument):
        (WebCore::TreeScopeAdopter::moveShadowToNewDocument):
        * dom/TreeScopeAdopter.h:
        (TreeScopeAdopter):
        * html/ColorInputType.cpp:
        (WebCore::ColorInputType::createShadowSubtree):
        (WebCore::ColorInputType::shadowColorSwatch):
        * html/FileInputType.cpp:
        (WebCore::FileInputType::createShadowSubtree):
        (WebCore::FileInputType::multipleAttributeChanged):
        * html/HTMLDetailsElement.cpp:
        (WebCore::HTMLDetailsElement::findMainSummary):
        * html/HTMLKeygenElement.cpp:
        (WebCore::HTMLKeygenElement::shadowSelect):
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaControls):
        (WebCore::HTMLMediaElement::hasMediaControls):
        * html/HTMLSummaryElement.cpp:
        * html/HTMLTextAreaElement.cpp:
        (WebCore::HTMLTextAreaElement::innerTextElement):
        (WebCore::HTMLTextAreaElement::updatePlaceholderText):
        * html/InputType.cpp:
        (WebCore::InputType::destroyShadowSubtree):
        * html/RangeInputType.cpp:
        (WebCore::RangeInputType::handleMouseDownEvent):
        (WebCore::RangeInputType::createShadowSubtree):
        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::createShadowSubtree):
        (WebCore::TextFieldInputType::updatePlaceholderText):
        * html/ValidationMessage.cpp:
        (WebCore::ValidationMessage::deleteBubbleTree):
        * html/shadow/HTMLContentElement.cpp:
        (WebCore::HTMLContentElement::parseAttribute):
        * html/shadow/InsertionPoint.cpp:
        (WebCore::InsertionPoint::attach):
        (WebCore::InsertionPoint::detach):
        (WebCore::InsertionPoint::distributeHostChildren):
        (WebCore::InsertionPoint::clearDistribution):
        * html/shadow/InsertionPoint.h:
        * html/shadow/SliderThumbElement.cpp:
        (WebCore::sliderThumbElementOf):
        (WebCore::RenderSliderContainer::layout):
        (WebCore::trackLimiterElementOf):
        * html/shadow/TextFieldDecorationElement.cpp:
        (WebCore::getDecorationRootAndDecoratedRoot):
        * inspector/InspectorDOMAgent.cpp:
        (WebCore::InspectorDOMAgent::unbind):
        (WebCore::InspectorDOMAgent::buildObjectForNode):
        * page/FocusController.cpp:
        (WebCore::FocusScope::focusScopeOf):
        (WebCore::FocusScope::focusScopeOwnedByShadowHost):
        * rendering/RenderFileUploadControl.cpp:
        (WebCore::RenderFileUploadControl::uploadButton):
        * svg/SVGTRefElement.cpp:
        (WebCore::SVGTRefElement::updateReferencedText):
        (WebCore::SVGTRefElement::detachTarget):
        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::clearResourceReferences):
        (WebCore::SVGUseElement::buildShadowAndInstanceTree):
        (WebCore::SVGUseElement::buildShadowTree):
        * testing/Internals.cpp:
        (WebCore::Internals::ensureShadowRoot):
        (WebCore::Internals::youngestShadowRoot):
        (WebCore::Internals::oldestShadowRoot):
        (WebCore::Internals::removeShadowRoot):

2012-05-06  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r116235.
        http://trac.webkit.org/changeset/116235
        https://bugs.webkit.org/show_bug.cgi?id=85773

        broke a lot of tests on all chromium debug bots (Requested by
        caseq_ on #webkit).

        * bindings/objc/DOMCSS.mm:
        * css/CSSFontFaceRule.cpp:
        * css/CSSFontFaceRule.h:
        (CSSFontFaceRule):
        * css/CSSImportRule.cpp:
        * css/CSSMediaRule.cpp:
        (WebCore::CSSMediaRule::insertRule):
        (WebCore::CSSMediaRule::deleteRule):
        * css/CSSMediaRule.h:
        (CSSMediaRule):
        * css/CSSPageRule.cpp:
        (WebCore::CSSPageRule::setSelectorText):
        * css/CSSPageRule.h:
        (CSSPageRule):
        * css/CSSRule.cpp:
        * css/CSSRule.h:
        (CSSRule):
        (WebCore::CSSRule::parserContext):
        * css/CSSStyleRule.cpp:
        (WebCore::CSSStyleRule::setSelectorText):
        * css/CSSStyleRule.h:
        * css/CSSStyleSheet.cpp:
        (WebCore::StyleSheetInternal::StyleSheetInternal):
        (WebCore::StyleSheetInternal::isCacheable):
        (WebCore::StyleSheetInternal::createChildRuleCSSOMWrapper):
        (WebCore::StyleSheetInternal::wrapperInsertRule):
        (WebCore::StyleSheetInternal::wrapperDeleteRule):
        (WebCore::StyleSheetInternal::styleSheetChanged):
        (WebCore):
        (WebCore::CSSStyleSheet::setDisabled):
        (WebCore::CSSStyleSheet::item):
        (WebCore::CSSStyleSheet::insertRule):
        (WebCore::CSSStyleSheet::deleteRule):
        * css/CSSStyleSheet.h:
        (StyleSheetInternal):
        (WebCore::StyleSheetInternal::hasCharsetRule):
        (WebCore::CSSStyleSheet::styleSheetChanged):
        (CSSStyleSheet):
        * css/MediaList.cpp:
        (WebCore::MediaList::setMediaText):
        (WebCore::MediaList::deleteMedium):
        (WebCore::MediaList::appendMedium):
        (WebCore::MediaList::notifyChanged):
        * css/MediaList.h:
        (MediaList):
        * css/PropertySetCSSStyleDeclaration.cpp:
        (WebCore::PropertySetCSSStyleDeclaration::setCssText):
        (WebCore::PropertySetCSSStyleDeclaration::setProperty):
        (WebCore::PropertySetCSSStyleDeclaration::removeProperty):
        (WebCore::PropertySetCSSStyleDeclaration::setPropertyInternal):
        (WebCore::PropertySetCSSStyleDeclaration::didMutate):
        (WebCore):
        (WebCore::StyleRuleCSSStyleDeclaration::setNeedsStyleRecalc):
        (WebCore::InlineCSSStyleDeclaration::setNeedsStyleRecalc):
        * css/PropertySetCSSStyleDeclaration.h:
        (WebCore::PropertySetCSSStyleDeclaration::setNeedsStyleRecalc):
        (PropertySetCSSStyleDeclaration):
        (StyleRuleCSSStyleDeclaration):
        * css/StylePropertySet.cpp:
        * css/WebKitCSSKeyframesRule.cpp:
        (WebCore::WebKitCSSKeyframesRule::setName):
        (WebCore::WebKitCSSKeyframesRule::insertRule):
        (WebCore::WebKitCSSKeyframesRule::deleteRule):
        * css/WebKitCSSKeyframesRule.h:
        (WebKitCSSKeyframesRule):
        * css/WebKitCSSRegionRule.cpp:
        * css/WebKitCSSRegionRule.h:
        (WebKitCSSRegionRule):
        * inspector/InspectorStyleSheet.cpp:
        (WebCore::InspectorStyleSheet::reparseStyleSheet):
        * loader/cache/CachedCSSStyleSheet.cpp:
        (WebCore::CachedCSSStyleSheet::~CachedCSSStyleSheet):
        (WebCore::CachedCSSStyleSheet::destroyDecodedData):
        (WebCore::CachedCSSStyleSheet::restoreParsedStyleSheet):
        (WebCore::CachedCSSStyleSheet::saveParsedStyleSheet):

2012-05-06  Adam Barth  <abarth@webkit.org>

        Attempt to fix the !ENABLE(INSPECTOR) build by making InspectorValues
        available unconditionally.  We should probably rename these classes to
        JSONValues and move them into WebCore/platform.

        * inspector/InspectorValues.cpp:
        * inspector/InspectorValues.h:

2012-05-06  Adam Barth  <abarth@webkit.org>

        CSP violation reports should have all the fields required by the spec
        https://bugs.webkit.org/show_bug.cgi?id=85682

        Reviewed by Darin Adler.

        This patch updates our CSP violation reports to include all the fields
        in the spec.  We've discussed all these fields in the working group,
        and we have fairly high confidence that these are safe to expose.

        Tests: http/tests/security/contentSecurityPolicy/report-and-enforce.html
               http/tests/security/contentSecurityPolicy/report-blocked-uri-cross-origin.html
               http/tests/security/contentSecurityPolicy/report-blocked-uri.html
               http/tests/security/contentSecurityPolicy/report-only-from-header.html
               http/tests/security/contentSecurityPolicy/report-only.html
               http/tests/security/contentSecurityPolicy/report-uri-from-child-frame.html
               http/tests/security/contentSecurityPolicy/report-uri.html

        * page/ContentSecurityPolicy.cpp:
        (CSPDirectiveList):
        (WebCore::CSPDirectiveList::reportViolation):
        (WebCore::CSPDirectiveList::checkSourceAndReportViolation):

2012-05-06  Kinuko Yasuda  <kinuko@chromium.org>

        Cleanup: FileSystem API's Entry.toURL() impl should return KURL instead of String
        https://bugs.webkit.org/show_bug.cgi?id=85736

        Change the return type of Entry::toURL() from String to KURL.

        Reviewed by David Levin.

        No new tests as this change should not have any visible impact in the javascript layer.

        * Modules/filesystem/EntryBase.cpp:
        (WebCore::EntryBase::toURL):
        * Modules/filesystem/EntryBase.h:
        * platform/AsyncFileSystem.h:
        * platform/blackberry/AsyncFileSystemBlackberry.cpp:
        (AsyncFileSystemBlackberry::toURL):
        * platform/blackberry/AsyncFileSystemBlackberry.h:
        * platform/gtk/AsyncFileSystemGtk.cpp:
        (AsyncFileSystemGtk::toURL):
        * platform/gtk/AsyncFileSystemGtk.h:

2012-05-06  Kentaro Hara  <haraken@chromium.org>

        [V8][Performance] Remove Isolate lookup from the call path
        to get a cached JS wrapper object by getDOMXXXXMap().
        https://bugs.webkit.org/show_bug.cgi?id=85205

        Reviewed by Adam Barth.

        The patch improves the performance of getting a cached JS wrapper
        by getDOMXXXXMap(). For example, it improves the performance
        of toV8(NodeList*) in getElementsByTagName(), getElementsByName(),
        getElementsByClassName() by 7 ~ 9%.

        Performance tests: https://bugs.webkit.org/attachment.cgi?id=139468

        The performance test results in my Linux desktop:

        getElementsByTagName :   40.76 ms => 37.52ms (+8.6%)
        getElementsByName :      41.02 ms => 37.42ms (+9.6%)
        getElementsByClassName : 40.32 ms => 37.68ms (+7.0%)

        Unfortunately we cannot observe performance improvement in
        Dromaeo/dom-query.html, which are testing getElementsByTagName(),
        getElementsByName(), getElementsByClassName(). This is because
        the bottleneck of these Dromaeo tests is not toV8(NodeList*) but
        .length and .nodeType accesses. The patch for optimizing them
        will be coming soon.

        No tests. No change in behavior.

        * bindings/scripts/CodeGeneratorV8.pm: Modified as described above.
        (GenerateHeader):
        (GenerateNormalAttrGetter):
        (GetDomMapFunction):
        (NativeToJSValue):
        * bindings/v8/DOMData.cpp:
        (WebCore::DOMData::getCurrentStore):

        * bindings/scripts/test/V8/V8Float64Array.h: Updated run-bindings-tests results.
        (WebCore::V8Float64Array::wrap):
        * bindings/scripts/test/V8/V8TestActiveDOMObject.h:
        (WebCore::V8TestActiveDOMObject::wrap):
        * bindings/scripts/test/V8/V8TestCustomNamedGetter.h:
        (WebCore::V8TestCustomNamedGetter::wrap):
        * bindings/scripts/test/V8/V8TestEventConstructor.h:
        (WebCore::V8TestEventConstructor::wrap):
        * bindings/scripts/test/V8/V8TestEventTarget.cpp:
        (WebCore::TestEventTargetV8Internal::itemCallback):
        * bindings/scripts/test/V8/V8TestEventTarget.h:
        (WebCore::V8TestEventTarget::wrap):
        * bindings/scripts/test/V8/V8TestInterface.cpp:
        (WebCore::TestInterfaceV8Internal::supplementalNodeAttrGetter):
        * bindings/scripts/test/V8/V8TestInterface.h:
        (WebCore::V8TestInterface::wrap):
        * bindings/scripts/test/V8/V8TestMediaQueryListListener.h:
        (WebCore::V8TestMediaQueryListListener::wrap):
        * bindings/scripts/test/V8/V8TestNamedConstructor.h:
        (WebCore::V8TestNamedConstructor::wrap):
        * bindings/scripts/test/V8/V8TestObj.cpp:
        (WebCore::TestObjV8Internal::readOnlyTestObjAttrAttrGetter):
        (WebCore::TestObjV8Internal::cachedAttribute1AttrGetter):
        (WebCore::TestObjV8Internal::cachedAttribute2AttrGetter):
        (WebCore::TestObjV8Internal::contentDocumentAttrGetter):
        (WebCore::TestObjV8Internal::getSVGDocumentCallback):
        * bindings/scripts/test/V8/V8TestObj.h:
        (WebCore::V8TestObj::wrap):
        * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.h:
        (WebCore::V8TestSerializedScriptValueInterface::wrap):

2012-05-06  Adam Barth  <abarth@webkit.org>

        Content Security Policy reports should be reported with content-type application/json, should contain all required fields
        https://bugs.webkit.org/show_bug.cgi?id=61360

        Reviewed by Eric Seidel.

        This patch changes ContentSecurityPolicy to use JSON format for sending
        violation reports rather than wwwform-encoding.  This patch aligns our
        behavior with the specification and with Mozilla.  A follow up patch
        will update the list of fields in the report to match the spec.

        * loader/PingLoader.cpp:
        (WebCore::PingLoader::reportContentSecurityPolicyViolation):
        * page/ContentSecurityPolicy.cpp:
        (WebCore::CSPDirectiveList::reportViolation):

2012-05-06  Mary Wu  <mary.wu@torchmobile.com.cn>

        [BlackBerry] Support html5 download attribute.
        https://bugs.webkit.org/show_bug.cgi?id=85044

        Reviewed by Antonio Gomes.

        Pass download attribute filename to networkJob and it could be
        overridden by the Content-Disposition HTTP header's filename parameter.

        * platform/network/blackberry/NetworkJob.cpp:
        (WebCore::NetworkJob::initialize):
        * platform/network/blackberry/ResourceRequest.h:
        (WebCore::ResourceRequest::setSuggestSaveName):
        (WebCore::ResourceRequest::suggestSaveName):
        (ResourceRequest):
        * platform/network/blackberry/ResourceRequestBlackBerry.cpp:
        (WebCore::ResourceRequest::initializePlatformRequest):

2012-05-06  Kenichi Ishibashi  <bashi@chromium.org>

        Disallow unquoted -webkit-font-feature-settings tags
        https://bugs.webkit.org/show_bug.cgi?id=85362

        Reviewed by Kent Tamura.

        Disallow unquoted tags to follow the current draft.
        http://dev.w3.org/csswg/css3-fonts/#font-feature-settings-prop

        No new tests. css3/font-feature-settings-parsing.html was updated.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseFontFeatureTag): Accepts only 4-characters string.

2012-05-06  Raphael Kubo da Costa  <rakuco@webkit.org>

        Unreviewed build fix for r116260.

        COMPILE_ASSERT() does not expect a string in its second parameter.

        * platform/graphics/TextRun.cpp:
        (WebCore):

2012-05-06  Rob Buis  <rbuis@rim.com>

        Shrink TextRun object size
        https://bugs.webkit.org/show_bug.cgi?id=85751

        Reviewed by Darin Adler.

        Reorder the member variables in TextRun so it shrinks from 56 to 40 bytes on my 64-bit build. This is important
        for SVG, since RenderSVGText shrinks because of this.

        Also add a compile assert for the expected object size.

        * platform/graphics/TextRun.cpp:
        (ExpectedTextRunSize):
        (WebCore):
        * platform/graphics/TextRun.h:
        (WebCore::TextRun::TextRun):
        (WebCore::TextRun::direction):
        (TextRun):

2012-05-06  Jonathan Dong  <jonathan.dong@torchmobile.com.cn>

        [BlackBerry] Autofill backing store implementation upstream
        https://bugs.webkit.org/show_bug.cgi?id=85575

        Reviewed by Rob Buis.

        Implemented class AutofillBackingStore which is responsible
        for handling interaction with autofill database.

        Replaced static function
        CredentialBackingStore* CredentialBackingStore::instance()
        with a helper function
        CredentialBackingStore& credentialBackingStore(),
        and used DEFINE_STATIC_LOCAL to construct the singleton
        object.
        Also removed unnecessary function close() and combined with
        the destructor of class CredentialBackingStore.

        Initial upstream, No new tests.

        * PlatformBlackBerry.cmake:
        * platform/network/blackberry/AutofillBackingStore.cpp: Added.
        (WebCore):
        (WebCore::autofillBackingStore):
        (WebCore::AutofillBackingStore::AutofillBackingStore):
        (WebCore::AutofillBackingStore::~AutofillBackingStore):
        (WebCore::AutofillBackingStore::open):
        (WebCore::AutofillBackingStore::add):
        (WebCore::AutofillBackingStore::update):
        (WebCore::AutofillBackingStore::contains):
        (WebCore::AutofillBackingStore::get):
        (WebCore::AutofillBackingStore::clear):
        * platform/network/blackberry/AutofillBackingStore.h: Added.
        (WebCore):
        (AutofillBackingStore):
        * platform/network/blackberry/CredentialBackingStore.cpp:
        (WebCore::credentialBackingStore):
        (WebCore::CredentialBackingStore::~CredentialBackingStore):
        * platform/network/blackberry/CredentialBackingStore.h:
        (CredentialBackingStore):
        (WebCore):
        * platform/network/blackberry/CredentialStorageBlackBerry.cpp:
        (WebCore::CredentialStorage::getFromPersistentStorage):

2012-05-06  MORITA Hajime  <morrita@google.com>

        [Shadow DOM] Node distribution should be refreshed before style recalc.
        https://bugs.webkit.org/show_bug.cgi?id=85259

        Reviewed by Dimitri Glazkov.

        Element::recalcStyle() calls child element's recalcStyle()
        recursively, following ShadowTree::recalcShadowTreeStyle(). But
        recalcShadowTreeStyle() should be called before such recursion if
        necessary.

        This is because style calculation and following renderer attachment
        of each child element depends on up-to-date node distribution result
        which is computed during the recalcShadowTreeStyle().

        Test: fast/dom/shadow/shadow-dynamic-style-change-via-mutation-and-selector.html

        * dom/Element.cpp: Moved recalcShadowTreeStyle() before child traversals.
        (WebCore::Element::recalcStyle):

2012-05-06  Adam Barth  <abarth@webkit.org>

        CSP should let sites both enforce one policy and monitor another
        https://bugs.webkit.org/show_bug.cgi?id=85561

        Reviewed by Eric Seidel.

        This patch lets us enforce and/or monitor multiple CSP policies.
        Rather than having a single directive list, we now have a vector of
        directive lists.

        Tests: http/tests/security/contentSecurityPolicy/combine-multiple-policies.html
               http/tests/security/contentSecurityPolicy/report-and-enforce.html

        * page/ContentSecurityPolicy.cpp:
        (WebCore::ContentSecurityPolicy::copyStateFrom):
        (WebCore::ContentSecurityPolicy::didReceiveHeader):
        (WebCore::ContentSecurityPolicy::deprecatedHeader):
        (WebCore::ContentSecurityPolicy::deprecatedHeaderType):
            - Even after this patch, workers aren't smart enough to enforce
              multiple policies.  They just use the first header, like they did
              before.  We'll need to teach workers how to enforce multiple
              policies in a future patch.
        (WebCore::ContentSecurityPolicy::allowJavaScriptURLs):
        (WebCore::ContentSecurityPolicy::allowInlineEventHandlers):
        (WebCore::ContentSecurityPolicy::allowInlineScript):
        (WebCore::ContentSecurityPolicy::allowInlineStyle):
        (WebCore::ContentSecurityPolicy::allowEval):
        (WebCore::ContentSecurityPolicy::allowScriptFromSource):
        (WebCore::ContentSecurityPolicy::allowObjectFromSource):
        (WebCore::ContentSecurityPolicy::allowChildFrameFromSource):
        (WebCore::ContentSecurityPolicy::allowImageFromSource):
        (WebCore::ContentSecurityPolicy::allowStyleFromSource):
        (WebCore::ContentSecurityPolicy::allowFontFromSource):
        (WebCore::ContentSecurityPolicy::allowMediaFromSource):
        (WebCore::ContentSecurityPolicy::allowConnectFromSource):
        * page/ContentSecurityPolicy.h:
        * workers/DefaultSharedWorkerRepository.cpp:
        (WebCore::SharedWorkerScriptLoader::notifyFinished):
        * workers/WorkerMessagingProxy.cpp:
        (WebCore::WorkerMessagingProxy::startWorkerContext):

2012-05-06  Rob Buis  <rbuis@rim.com>

        InlineBox::setHasBadParent should be debug only
        https://bugs.webkit.org/show_bug.cgi?id=85748

        Reviewed by Eric Seidel.

        Do not provide InlineBox::setHasBadParent in release builds.

        * rendering/InlineBox.h:
        (InlineBox):
        (WebCore):
        (WebCore::InlineBox::setHasBadParent):

2012-05-06  Mike West  <mkwst@chromium.org>

        KURL::isBlankURL would be a nicer idiom than KURL::protocolIs("about")
        https://bugs.webkit.org/show_bug.cgi?id=85641

        Reviewed by Adam Barth.

        * dom/Document.cpp:
        (WebCore::shouldInheritSecurityOriginFromOwner):
        * page/ContentSecurityPolicy.cpp:
        (WebCore::CSPDirectiveList::allowObjectFromSource):
        (WebCore::CSPDirectiveList::allowChildFrameFromSource):
        * page/PageSerializer.cpp:
        (WebCore::SerializerMarkupAccumulator::appendCustomAttributes):
        (WebCore::PageSerializer::serializeFrame):
        * platform/KURL.cpp:
        (WebCore::KURL::isBlankURL):
        (WebCore):
        * platform/KURL.h:
        (KURL):
        (WebCore):

2012-05-06  Martin Robinson  <mrobinson@igalia.com>

        [TextureMapper] Layer images is uploaded to the GPU for each sync
        https://bugs.webkit.org/show_bug.cgi?id=85727

        Reviewed by Noam Rosenthal.

        No new tests. This does not change functionality,
        it only improves performance.

        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::updateBackingStore): Reset the needsDisplay
        and needsDisplayRect variables after uploading the layer image.

2012-05-06  Gyuyoung Kim  <gyuyoung.kim@samsung.com>

        Convert isPageBoxVisible to use Internals interface.
        https://bugs.webkit.org/show_bug.cgi?id=85692

        Reviewed by Darin Adler.

        Add isPageBoxVisible functions, because it is able to work in the
        cross-port way through the Internals interface.

        No new tests, since we are improving here the infra-structure for testing
        a specific method.

        * testing/Internals.cpp:
        (WebCore):
        (WebCore::Internals::isPageBoxVisible):
        * testing/Internals.h:
        (Internals):
        * testing/Internals.idl:

2012-05-06  Eugene Klyuchnikov  <eustas.bug@gmail.com>

        Web Inspector: "Goto Function" filtering should be less restrictive.
        https://bugs.webkit.org/show_bug.cgi?id=85586

        Reviewed by Pavel Feldman.

        Added tests for generated regex.

        Changes:
        1) Avoid asterisks in filtering queue.
        2) Optimization: do not create regexp for each item.

        * inspector/front-end/FilteredItemSelectionDialog.js: 
        (WebInspector.FilteredItemSelectionDialog.prototype.get _itemsLoaded):
        Applied new filtering workflow.
        (WebInspector.FilteredItemSelectionDialog.prototype._checkItemAt):
        Removed.
        (WebInspector.FilteredItemSelectionDialog.prototype._createSearchRegExp):
        Removed unused "suffix" logic; changed the way regexp is composed from query.
        (WebInspector.FilteredItemSelectionDialog.prototype._filterItems):
        Applied new filtering workflow.
        (WebInspector.FilteredItemSelectionDialog.prototype._onKeyDown):
        Removed unused var.

2012-05-06  Kent Tamura  <tkent@chromium.org>

        Rename ICULocale to LocaleICU, part 2
        https://bugs.webkit.org/show_bug.cgi?id=85695

        Reviewed by Kentaro Hara.

        No behavior change

        * platform/text/LocaleICU.cpp: Rename ICULocale to LocaleICU.
        * platform/text/LocaleICU.h: ditto.
        Also, update obsolete comments.
        * platform/text/LocalizedDateICU.cpp: Rename ICULocale to LocaleICU.
        (WebCore::parseLocalizedDate):
        (WebCore::formatLocalizedDate):
        (WebCore::localizedDateFormatText):
        (WebCore::monthLabels):
        (WebCore::weekDayShortLabels):
        (WebCore::firstDayOfWeek):
        * platform/text/LocalizedNumberICU.cpp: ditto.
        (WebCore::convertToLocalizedNumber):
        (WebCore::convertFromLocalizedNumber):

2012-05-06  Kevin Ollivier  <kevino@theolliviers.com>

        [wx] Unreviewed. Build fixes for recent trunk changes.

        * platform/graphics/SimpleFontData.h:
        (SimpleFontData):
        * platform/graphics/wx/FontPlatformData.h:
        (FontPlatformData):
        (WebCore::FontPlatformData::isCompositeFontReference):
        * platform/graphics/wx/SimpleFontDataWx.cpp:
        (WebCore):
        (WebCore::SimpleFontData::getCompositeFontReferenceFontData):
        * plugins/mac/PluginViewMac.mm:
        * rendering/RenderObject.h:

2012-05-06  Andrey Kosyakov  <caseq@chromium.org>

        Web Inspector: take timeline frame mode out of experimental
        https://bugs.webkit.org/show_bug.cgi?id=85707

        Reviewed by Pavel Feldman.

        - remove "Vertical timeline overview" experiment;
        - add supportsFrameInstrumentation capability to InspectorTimelineAgent;
        - show frame mode selector conditionally on supportsFrameInstrumentation capability.

        * inspector/Inspector.json: Add Timeline.supportsFrameInstrumentation capability;
        * inspector/InspectorClient.h: Add supportsFrameInstrumentation();
        (InspectorClient):
        (WebCore::InspectorClient::supportsFrameInstrumentation):
        * inspector/InspectorController.cpp:
        (WebCore::InspectorController::InspectorController):
        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::supportsFrameInstrumentation):
        (WebCore):
        (WebCore::InspectorTimelineAgent::InspectorTimelineAgent): Added FrameInstrumentationSupport parameter.
        * inspector/InspectorTimelineAgent.h:
        (WebCore):
        (WebCore::InspectorTimelineAgent::create): ditto.
        (InspectorTimelineAgent):
        * inspector/WorkerInspectorController.cpp: Updated call site for InspectorTimelineAgent::create() to indicate frame instrumentation not supported.
        (WebCore::WorkerInspectorController::WorkerInspectorController):
        * inspector/front-end/Settings.js:
        (WebInspector.ExperimentsSettings): Removed "Vertical Overview" experiment.
        * inspector/front-end/TimelineOverviewPane.js: Expose frame mode conditionally on capability, not the experiment.
        (WebInspector.TimelineOverviewPane):
        * inspector/front-end/inspector.js: Added initialization for Capabilities.timelineSupportsFrameInstrumentation;
        (WebInspector.doLoadedDone):

2012-05-06  Antti Koivisto  <antti@apple.com>

        Build fix.

        Not reviewed.

        * css/PropertySetCSSStyleDeclaration.cpp:

2012-05-04  Antti Koivisto  <antti@apple.com>

        Share stylesheet data structures between documents
        https://bugs.webkit.org/show_bug.cgi?id=85598

        Reviewed by Darin Adler.

        We currently make a copy of the data structures when restoring a cached stylesheet. This patch lets us share
        the data until someone uses CSSOM to modify the sheet.
        
        The patch implements copy-on-write for the internal style sheet data structures. If any mutation CSSOM API is
        invoked, we check if the stylesheet can be safely mutated (we are the only client, it is not cached). If not
        then the internal structures are copied and any existing CSSOM objects are re-attached to the new tree.
        
        Sharing can save significant amount of memory on sites with large stylesheets. For example if you have
        multiple articles open on wsj.com this saves ~2.6MB per tab.
        
        Test: http/tests/css/shared-stylesheet-mutation.html
              http/tests/css/shared-stylesheet-mutation-preconstruct.html

        * css/CSSFontFaceRule.cpp:
        (WebCore::CSSFontFaceRule::reattach):
        (WebCore):
        * css/CSSFontFaceRule.h:
        (CSSFontFaceRule):
        * css/CSSMediaRule.cpp:
        (WebCore::CSSMediaRule::insertRule):
        (WebCore::CSSMediaRule::deleteRule):
        (WebCore::CSSMediaRule::reattach):
        (WebCore):
        * css/CSSMediaRule.h:
        (CSSMediaRule):
        * css/CSSPageRule.cpp:
        (WebCore::CSSPageRule::setSelectorText):
        (WebCore::CSSPageRule::reattach):
        (WebCore):
        * css/CSSPageRule.h:
        (CSSPageRule):
        * css/CSSRule.cpp:
        (WebCore::CSSRule::reattach):
        
            After the internal stylerule tree has been copied, the existing wrappers are re-attached using recursive reattach() function.

        * css/CSSRule.h:
        (WebCore):
        (CSSRule):
        * css/CSSStyleRule.cpp:
        (WebCore::CSSStyleRule::setSelectorText):
        (WebCore::CSSStyleRule::reattach):
        (WebCore):
        * css/CSSStyleRule.h:
        (CSSStyleRule):
        * css/CSSStyleSheet.cpp:
        (WebCore::StyleSheetInternal::StyleSheetInternal):
        (WebCore::StyleSheetInternal::isCacheable):
        (WebCore::StyleSheetInternal::ruleAt):
        
            Add ruleAt(), use it for both wrapper creation and reattaching.  Remove createChildRuleCSSOMWrapper .

        (WebCore):
        (WebCore::StyleSheetInternal::wrapperInsertRule):
        (WebCore::StyleSheetInternal::wrapperDeleteRule):
        
            Invalidation moves to the calling wrapper.

        (WebCore::StyleSheetInternal::addedToMemoryCache):
        (WebCore::StyleSheetInternal::removedFromMemoryCache):
        (WebCore::CSSStyleSheet::willMutateRules):
        
            This is called whenever StyleSheetInternal is going to be mutated. It will do copy-on-write if needed.
            
            Usually invoked by CSSStyleSheet::RuleMutation RAII type.

        (WebCore::CSSStyleSheet::didMutateRules):
        
            This is called after the mutation is complete and will trigger the style recalc in the document.

        (WebCore::CSSStyleSheet::didMutate):
        
            This is called directly after mutations that don't change StyleSheetInternal so don't require copy-on-write.

        (WebCore::CSSStyleSheet::reattachChildRuleCSSOMWrappers):
        (WebCore::CSSStyleSheet::setDisabled):
        (WebCore::CSSStyleSheet::insertRule):
        (WebCore::CSSStyleSheet::deleteRule):
        * css/CSSStyleSheet.h:
        (StyleSheetInternal):
        (WebCore::StyleSheetInternal::hasOneClient):
        (WebCore::StyleSheetInternal::isMutable):
        (WebCore::StyleSheetInternal::setMutable):
        
            Track mutability. Mutation is allowed only after willMutate call.

        (WebCore::StyleSheetInternal::isInMemoryCache):
        
            Track if the object is in memory cache.

        (WebCore::CSSStyleSheet::clearOwnerRule):
        (CSSStyleSheet):
        * css/MediaList.cpp:
        (WebCore::MediaList::setMediaText):
        (WebCore::MediaList::deleteMedium):
        (WebCore::MediaList::appendMedium):
        (WebCore::MediaList::didMutate):
        (WebCore):
        (WebCore::MediaList::reattach):
        * css/MediaList.h:
        (MediaList):
        * css/PropertySetCSSStyleDeclaration.cpp:
        (WebCore::PropertySetCSSStyleDeclaration::setCssText):
        (WebCore::PropertySetCSSStyleDeclaration::setProperty):
        (WebCore::PropertySetCSSStyleDeclaration::removeProperty):
        (WebCore::PropertySetCSSStyleDeclaration::setPropertyInternal):
        (WebCore):
        (WebCore::StyleRuleCSSStyleDeclaration::willMutate):
        (WebCore::StyleRuleCSSStyleDeclaration::didMutate):
        (WebCore::StyleRuleCSSStyleDeclaration::reattach):
        (WebCore::InlineCSSStyleDeclaration::didMutate):
        * css/PropertySetCSSStyleDeclaration.h:
        (WebCore::PropertySetCSSStyleDeclaration::willMutate):
        (WebCore::PropertySetCSSStyleDeclaration::didMutate):
        (StyleRuleCSSStyleDeclaration):
        * css/WebKitCSSKeyframesRule.cpp:
        (WebCore::WebKitCSSKeyframesRule::setName):
        (WebCore::WebKitCSSKeyframesRule::insertRule):
        (WebCore::WebKitCSSKeyframesRule::deleteRule):
        (WebCore::WebKitCSSKeyframesRule::reattach):
        (WebCore):
        * css/WebKitCSSKeyframesRule.h:
        (WebKitCSSKeyframesRule):
        * css/WebKitCSSRegionRule.cpp:
        (WebCore::WebKitCSSRegionRule::reattach):
        * css/WebKitCSSRegionRule.h:
        (WebKitCSSRegionRule):
        * inspector/InspectorStyleSheet.cpp:
        (WebCore::InspectorStyleSheet::reparseStyleSheet):
        * loader/cache/CachedCSSStyleSheet.cpp:
        (WebCore::CachedCSSStyleSheet::~CachedCSSStyleSheet):
        (WebCore::CachedCSSStyleSheet::destroyDecodedData):
        (WebCore::CachedCSSStyleSheet::restoreParsedStyleSheet):
        
            Don't copy when restoring. It is no longer necessary.
            Set the cache bit on the stylesheet.

        (WebCore::CachedCSSStyleSheet::saveParsedStyleSheet):

2012-05-05  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r116221.
        http://trac.webkit.org/changeset/116221
        https://bugs.webkit.org/show_bug.cgi?id=85722

        broke builds that use -Wshorten-64-to-32 (Requested by pizlo
        on #webkit).

        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore):
        (WebCore::WebGLRenderingContext::bufferData):
        (WebCore::WebGLRenderingContext::bufferSubData):
        (WebCore::WebGLRenderingContext::drawElements):
        (WebCore::WebGLRenderingContext::getVertexAttribOffset):
        (WebCore::WebGLRenderingContext::vertexAttribPointer):
        * html/canvas/WebGLRenderingContext.h:
        (WebGLRenderingContext):
        * html/canvas/WebGLRenderingContext.idl:

2012-05-05  Martin Robinson  <mrobinson@igalia.com>

        [GTK] WebKit should properly set the input method context window location
        https://bugs.webkit.org/show_bug.cgi?id=84981

        Reviewed by Gustavo Noronha Silva.

        * platform/gtk/GtkInputMethodFilter.cpp:
        (WebCore::GtkInputMethodFilter::setCursorRect): Add this method to plumb the
        cursor rect through to the input method.
        * platform/gtk/GtkInputMethodFilter.h: Add the new method declaration.

2012-05-05  Dean Jackson  <dino@apple.com>

        Add new Setting/Preference to disable requestAnimationFrame
        https://bugs.webkit.org/show_bug.cgi?id=85693

        Reviewed by Simon Fraser.

        Hook up the new WebPreference for disabling requestAnimationFrame
        to Settings. This isn't disabling the feature in the typical
        WebKit ENABLE() way - it's still available in the DOM, it's
        just that the animations will never be serviced. This allows a client
        to disable the machinery without breaking content (other than the
        animations).

        The new test is currently skipped on all platforms because toggling
        the preference interferes with the other tests that are running
        at the same time (and expect a working requestAnimationFrame).
        https://bugs.webkit.org/show_bug.cgi?id=85689

        Test: fast/animation/request-animation-frame-disabled.html

        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::serviceScriptedAnimations):
        (WebCore::ScriptedAnimationController::windowScreenDidChange):
        (WebCore::ScriptedAnimationController::scheduleAnimation):
        Check the setting before deciding to act.
        * page/Settings.cpp:
        (WebCore::Settings::Settings):
        * page/Settings.h:
        (WebCore::Settings::setRequestAnimationFrameEnabled):
        (WebCore::Settings::requestAnimationFrameEnabled):
        (Settings):

2012-05-05  Gustavo Noronha Silva  <gns@gnome.org>

        Unreviewed, make distcheck fix.

        * GNUmakefile.list.am: Add missing headers to the sources list.

2012-05-05  Ilya Tikhonovsky  <loislo@chromium.org>

        Web Inspector: convert standalone functions save/append/savedURL/appendedToURL into WebInspector.FileManager object.
        https://bugs.webkit.org/show_bug.cgi?id=85710

        The idea is to have an object and be able to add/remove event listeners from it.

        Reviewed by Yury Semikhatsky.

        * English.lproj/localizedStrings.js:
        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * inspector/compile-front-end.py:
        * inspector/front-end/FileManager.js: Copied from Source/WebCore/inspector/front-end/InspectorFrontendHostStub.js.
        (WebInspector.FileManager):
        (WebInspector.FileManager.prototype.canSave):
        (WebInspector.FileManager.prototype.canAppend):
        (WebInspector.FileManager.prototype.append):
        (WebInspector.FileManager.prototype.appendedToURL):
        * inspector/front-end/HeapSnapshotView.js:
        (WebInspector.HeapProfileHeader.prototype.canSave):
        (WebInspector.HeapProfileHeader.prototype.save):
        * inspector/front-end/InspectorFrontendHostStub.js:
        * inspector/front-end/WebKit.qrc:
        * inspector/front-end/inspector.html:

2012-05-05  Zhenyao Mo  <zmo@google.com>

        vertexAttribPointer needs to reject large negative offsets
        https://bugs.webkit.org/show_bug.cgi?id=85117

        Reviewed by Kenneth Russell.

        * html/canvas/WebGLRenderingContext.cpp: Use long long for GLsizeiptr and GLintptr
        (WebCore):
        (WebCore::WebGLRenderingContext::bufferData):
        (WebCore::WebGLRenderingContext::bufferSubData):
        (WebCore::WebGLRenderingContext::drawElements):
        (WebCore::WebGLRenderingContext::getVertexAttribOffset):
        (WebCore::WebGLRenderingContext::vertexAttribPointer):
        * html/canvas/WebGLRenderingContext.h: Ditto
        (WebGLRenderingContext):
        * html/canvas/WebGLRenderingContext.idl: Ditto

2012-05-05  Andrey Kosyakov  <caseq@chromium.org>

        Web Inspector: add separate timeline overview item for the frame mode
        https://bugs.webkit.org/show_bug.cgi?id=85706

        - remove two-buttons horizontal/vertical mode switch from Timelines item of the timeline overview menu;
        - rename "Timeline" into "Events";
        - add "Frames" item;
        - replace overview sidebar icons with smaller, monochrome ones.

        * English.lproj/localizedStrings.js: Added "Frames" and "Events".
        * inspector/front-end/Images/statusbarButtonGlyphs.png: Added icon for "Memory".
        * inspector/front-end/TimelineOverviewPane.js:
        (WebInspector.TimelineOverviewPane):
        (WebInspector.TimelineOverviewPane.prototype._showEvents):
        (WebInspector.TimelineOverviewPane.prototype._showFrames):
        (WebInspector.TimelineOverviewPane.prototype._showMemoryGraph):
        (WebInspector.TimelineOverviewPane.prototype._setMode):
        * inspector/front-end/timelinePanel.css:
        (#timeline-overview-sidebar .sidebar-tree-item):
        (#timeline-overview-sidebar .sidebar-tree-item .titles.no-subtitle):
        (#timeline-overview-sidebar .icon):
        (.timeline-overview-sidebar-events .icon):
        (.timeline-overview-sidebar-frames .icon):
        (.timeline-overview-sidebar-memory .icon):

2012-05-05  Ilya Tikhonovsky  <loislo@chromium.org>

        Web Inspector: save HeapSnapshot implementation.
        https://bugs.webkit.org/show_bug.cgi?id=85595

        HeapSnapshot specific implementation for loading was moved
        from ProfilesPanel to HeapProfileHeader class.

        Reviewed by Yury Semikhatsky.

        * inspector/front-end/HeapSnapshotView.js:
        (WebInspector.HeapSnapshotView.prototype.get profileWrapper):
        (WebInspector.HeapSnapshotView.prototype.get baseProfileWrapper):
        (WebInspector.HeapProfileHeader):
        (WebInspector.HeapProfileHeader.prototype.load.setProfileWait):
        (WebInspector.HeapProfileHeader.prototype.load.done):
        (WebInspector.HeapProfileHeader.prototype.load):
        (WebInspector.HeapProfileHeader.prototype._saveStatusUpdate):
        (WebInspector.HeapProfileHeader.prototype.pushJSONChunk):
        (WebInspector.HeapProfileHeader.prototype.finishHeapSnapshot):
        (WebInspector.HeapProfileHeader.prototype.canSave):
        (WebInspector.HeapProfileHeader.prototype.save):
        * inspector/front-end/InspectorFrontendAPI.js:
        (InspectorFrontendAPI.appendedToURL):
        * inspector/front-end/ProfilesPanel.js:
        (WebInspector.ProfilesPanel.prototype._registerProfileType):
        (WebInspector.ProfilesPanel.prototype._handleContextMenuEvent):
        (WebInspector.ProfilesPanel.prototype.loadHeapSnapshot):
        (WebInspector.ProfilesPanel.prototype._addHeapSnapshotChunk):
        (WebInspector.ProfilesPanel.prototype._finishHeapSnapshot):
        (WebInspector.ProfileSidebarTreeElement.prototype.set searchMatches):
        (WebInspector.ProfileSidebarTreeElement.prototype.handleContextMenuEvent):
        * inspector/front-end/inspector.js:
        (WebInspector.append):
        (WebInspector.appendedToURL):

2012-05-05  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: allow overriding the script mapping on the UI level
        https://bugs.webkit.org/show_bug.cgi?id=85702

        Reviewed by Yury Semikhatsky.

        This allows formatting update live locations all over the place automatically.

        * inspector/front-end/Script.js:
        (WebInspector.Script.prototype.rawLocationToUILocation):
        (WebInspector.Script.Location):
        (WebInspector.Script.Location.prototype.update):
        (WebInspector.Script.Location.prototype.dispose):
        * inspector/front-end/UISourceCode.js:
        (WebInspector.UISourceCode):
        (WebInspector.UISourceCode.prototype.addLiveLocation):
        (WebInspector.UISourceCode.prototype.removeLiveLocation):
        (WebInspector.UISourceCode.prototype.updateLiveLocations):
        (WebInspector.UISourceCode.prototype.overrideLocation):

2012-05-05  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: simplify the JavaScriptOutline dialog interaction.
        https://bugs.webkit.org/show_bug.cgi?id=85701

        Reviewed by Yury Semikhatsky.

        Removed bidirectional dependency between scripts panel and outline dialog.

        * inspector/front-end/FilteredItemSelectionDialog.js:
        (WebInspector.JavaScriptOutlineDialog):
        (WebInspector.JavaScriptOutlineDialog.show):
        (WebInspector.JavaScriptOutlineDialog.prototype.requestItems):
        (WebInspector.JavaScriptOutlineDialog.prototype._didBuildOutlineChunk):
        (WebInspector.JavaScriptOutlineDialog.prototype.selectItem):
        * inspector/front-end/ScriptFormatterWorker.js:
        * inspector/front-end/ScriptsPanel.js:
        (WebInspector.ScriptsPanel.prototype.addToWatch):
        (WebInspector.ScriptsPanel.prototype._showJavaScriptOutlineDialog):

2012-05-04  Ilya Tikhonovsky  <loislo@chromium.org>

        Web Inspector: annotate ProfilerAgent.
        https://bugs.webkit.org/show_bug.cgi?id=85630

        Reviewed by Pavel Feldman.

        * inspector/Inspector.json:
        * inspector/InspectorProfilerAgent.cpp:
        (WebCore::InspectorProfilerAgent::createProfileHeader):
        (WebCore::InspectorProfilerAgent::createSnapshotHeader):
        (WebCore::InspectorProfilerAgent::getProfileHeaders):
        (WebCore):
        (WebCore::InspectorProfilerAgent::getProfile):
        * inspector/InspectorProfilerAgent.h:
        (InspectorProfilerAgent):
        * inspector/front-end/CSSSelectorProfileView.js:
        * inspector/front-end/HeapSnapshotView.js:
        (WebInspector.HeapSnapshotProfileType.prototype.createProfile):
        * inspector/front-end/ProfileView.js:
        * inspector/front-end/ProfilesPanel.js:
        (WebInspector.ProfilesPanel.prototype.addProfileHeader):
        (WebInspector.ProfilesPanel.prototype._addHeapSnapshotChunk):
        (WebInspector.ProfilerDispatcher.prototype.resetProfiles):

2012-05-04  Gustavo Noronha Silva  <gns@gnome.org>

        [GTK] Simplify how libWebCoreModules is linked in, and fix WebKit2 build
        https://bugs.webkit.org/show_bug.cgi?id=85691

        * GNUmakefile.am: link libWebCoreModules into libWebCore.

2012-05-04  Kent Tamura  <tkent@chromium.org>

        Rename ICULocale to LocaleICU, part 1
        https://bugs.webkit.org/show_bug.cgi?id=85688

        Reviewed by Kentaro Hara.

        Rename it for consistency. Our convention is Foo<Platform>.{cpp,h}.
        This patch changes only file names. We'll rename ICULocale class
        by a following patch.

        No behavior changes.

        * WebCore.gypi:
        * platform/text/LocaleICU.cpp: Renamed from Source/WebCore/platform/text/ICULocale.cpp.
        * platform/text/LocaleICU.h: Renamed from Source/WebCore/platform/text/ICULocale.h.
        * platform/text/LocalizedDateICU.cpp: Rename ICULocale.h to LocaleICU.h.
        * platform/text/LocalizedNumberICU.cpp: ditto.

2012-05-04  Julien Chaffraix  <jchaffraix@webkit.org>

        Leaf non self-painting layers should bail out early in RenderLayer::paintLayer
        https://bugs.webkit.org/show_bug.cgi?id=85678

        Reviewed by Darin Adler.

        Performance optimization, no expected change in behavior.

        The gist of the change is that leaf non self-painting layers don't need to be painted as their
        associated RenderBoxModelObject should properly paint itself without any help.

        For RenderLayer trees that have a large number of leafs nodes (like a table with a leaf RenderLayer for
        each cells), not bailing out is a big overhead as it ends up doing a lot of computation for no real
        painting. See http://dglazkov.github.com/performance-tests/biggrid.html for a benchmark for that. On
        my machine, it reduces the paint time when scrolling to 70ms from 120ms (45% speedup).

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::paintLayer):

2012-05-04  Rob Buis  <rbuis@rim.com>

        Remove InlineBox::next()
        https://bugs.webkit.org/show_bug.cgi?id=85668

        Reviewed by Nikolas Zimmermann.

        InlineBox::next() not needed since nextOnLine() does the same.

        * rendering/InlineBox.h:
        (InlineBox):
        * rendering/InlineFlowBox.h:
        (WebCore::InlineFlowBox::setConstructed):

2012-05-04  Chris Rogers  <crogers@google.com>

        Oscillator must implement noteOn() and noteOff()
        https://bugs.webkit.org/show_bug.cgi?id=85236

        Reviewed by Kenneth Russell.

        Test: webaudio/oscillator-scheduling.html
        to be landed separately to get proper platform baselines

        * Modules/webaudio/AudioBufferSourceNode.cpp:
        (WebCore::AudioBufferSourceNode::process):
        Simplify/remove zeroing-out silence at end of buffer, since it's now handled in the base-class AudioScheduledSourceNode::updateSchedulingInfo().

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::createBufferSource):
        Improve comment about ownership and dynamic-lifetime of AudioBufferSourceNode.

        (WebCore::AudioContext::createOscillator):
        AudioContext keeps a reference to the Oscillator and that reference is released in AudioScheduledSourceNode,
        when it has finished playing.

        * Modules/webaudio/AudioScheduledSourceNode.h:
        * Modules/webaudio/AudioScheduledSourceNode.cpp:
        (WebCore::AudioScheduledSourceNode::updateSchedulingInfo):
        updateSchedulingInfo() is now responsible for zeroing out the very start (before a note starts)
        and the very end (after note ends) of the output AudioBus.  We've also simplified the number
        of arguments passed to this method, because of this. It now handles playbackState transition to FINISHED_STATE.

        * Modules/webaudio/Oscillator.cpp:
        (WebCore::Oscillator::Oscillator):
        (WebCore::Oscillator::calculateSampleAccuratePhaseIncrements):
        The frequency value needs to snap immediately to its correct value the very first time.
        This bug needs to be fixed here so that the Oscillator layout scheduling test works correctly.

        (WebCore::Oscillator::process):
        Since Oscillator in now changing to be a AudioScheduledSourceNode, we need to call AudioScheduledSourceNode::updateSchedulingInfo()
        to handle playbackState for us.

        (WebCore::Oscillator::propagatesSilence):
        Add scheduling logic for propagatesSilence().

        (Oscillator):
        * Modules/webaudio/Oscillator.idl:
        Add noteOn(), noteOff() methods and playbackState according to specification.

2012-05-04  Andy Estes  <aestes@apple.com>

        Remove uses of ASSERT(false)
        https://bugs.webkit.org/show_bug.cgi?id=85686

        Reviewed by Dean Jackson.

        Replace uses of ASSERT(false) with ASSERT_NOT_REACHED(). Also, in two places, there was code structured like:

        if (expr) {
            // do something
        } else {
            ASSERT(false);
        }

        Replace this with:

        ASSERT(expr);
        if (!expr)
            return;

        // do something

        * Modules/webdatabase/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::deleteOrigin):
        (WebCore::DatabaseTracker::doneCreatingDatabase):
        (WebCore::DatabaseTracker::doneDeletingDatabase):
        (WebCore::DatabaseTracker::deleteDatabase):
        * bridge/objc/objc_instance.mm:
        (ObjcInstance::invokeObjcMethod):
        * bridge/objc/objc_utility.mm:
        (JSC::Bindings::convertObjcValueToValue):
        (JSC::Bindings::objcValueTypeForType):
        * dom/Node.cpp:
        (WebCore::Node::createRenderer):
        * loader/icon/IconDatabase.cpp:
        (WebCore::IconDatabase::setIconURLForPageURLInSQLDatabase):
        (WebCore::IconDatabase::setIconIDForPageURLInSQLDatabase):
        * platform/graphics/GraphicsContext3D.cpp:
        (WebCore::doPacking):
        * platform/text/BidiResolver.h:
        (WebCore::::createBidiRunsForLine):

2012-05-04  Noel Gordon  <noel.gordon@gmail.com>

        [CG] Minor refactor of ImageBuffer::CGImageToDataURL and its callers
        https://bugs.webkit.org/show_bug.cgi?id=85280

        Reviewed by Kenneth Russell.

        This patch means to simplify the diff of an upcoming patch. Refactoring
        here in preparation for that patch.

        No new tests. No behavioral change. Covered by canvas 2d and 3d tests:
          canvas/philip/tests/*toDataURL*.html
          fast/canvas/webgl/premultiplyalpha-test.html

        * platform/graphics/cg/ImageBufferCG.cpp:
        (WebCore::CGImageToDataURL): Move the invalid image (!image) test here.
        The comments are about JPEG images; say that. Rename out to base64Data.
        (WebCore::ImageBuffer::toDataURL): Remove the !image test.
        (WebCore::ImageDataToDataURL): Move and define variables where used and
        make the code flow read similarly to toDataURL. Remove the !image test.

2012-05-04  Shawn Singh  <shawnsingh@chromium.org>

        [chromium] Changes to layer tree structure need to be tracked properly
        https://bugs.webkit.org/show_bug.cgi?id=85421

        Reviewed by Adrienne Walker.

        Unit test added: TreeSynchronizerTest.syncSimpleTreeAndTrackStackingOrderChange

        Earlier, we were relying on WebCore behavior that always called
        setNeedsDisplay whenever the layer tree structure changed.
        However, in general it is more correct to consider layer tree
        changes even when things don't need repainting; for example Aura
        code is encountring this bug now. This patch corrects the
        compositor so that layer tree structural changes are considered
        property changes, without requiring that layers needed to be
        repainted.

        * platform/graphics/chromium/LayerChromium.cpp:
        (WebCore::LayerChromium::LayerChromium):
        (WebCore::LayerChromium::insertChild):
        (WebCore::LayerChromium::pushPropertiesTo):
        * platform/graphics/chromium/LayerChromium.h:
        (LayerChromium):
        * platform/graphics/chromium/cc/CCLayerImpl.cpp:
        (WebCore::CCLayerImpl::setStackingOrderChanged):
        (WebCore):
        * platform/graphics/chromium/cc/CCLayerImpl.h:
        (CCLayerImpl):

2012-05-04  Jeffrey Pfau  <jpfau@apple.com>

        Unreviewed; build fix after r116191.

        * bindings/js/JSEventListener.h:

2012-05-04  Enrica Casucci  <enrica@apple.com>

        REGRESSION: Cursor jumps to the first line after deleting the last word.
        https://bugs.webkit.org/show_bug.cgi?id=85334
        <rdar://problem/11210059>

        Reviewed by Ryosuke Niwa.

        This regression was introduced with the work to remove redundant divs.
        When we decide to remove a DIV, we need to adjust the selection, if it is
        expressed in terms of the node being removed. The new position was computed
        using updatePositionForNodeRemoval that was not designed for the case where we
        remove preserving children.
        This patch adds a new method to CompositeEditCommand to do this properly.
        
        Test: editing/deleting/delete-word-from-unstyled-div.html

        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::isRemovableBlock): Code clenup.
        (WebCore::CompositeEditCommand::updatePositionForNodeRemovalPreservingChildren): Added.
         * editing/CompositeEditCommand.h:
        * editing/DeleteSelectionCommand.cpp:
        (WebCore::DeleteSelectionCommand::removeRedundantBlocks): Uses updatePositionForNodeRemovalPreservingChildren.

2012-05-04  Jeffrey Pfau  <jpfau@apple.com>

        Prevent early EventListener deletion
        https://bugs.webkit.org/show_bug.cgi?id=73970

        Reviewed by Oliver Hunt.

        Test: fast/events/attribute-listener-deletion-crash.html

        * bindings/js/JSEventListener.h:
        (WebCore::JSEventListener::jsFunction):

2012-05-04  Yongjun Zhang  <yongjun_zhang@apple.com>

        Add "combining short stroke overlay character (u0335)" to lookalike characters blacklist.
        https://bugs.webkit.org/show_bug.cgi?id=85440

        Reviewed by David Kilzer.

        We should add u0335 to the characters blacklist.

        * platform/mac/WebCoreNSURLExtras.mm:
        (WebCore::isLookalikeCharacter):

2012-05-04  Satoru Takabayashi  <satorux@chromium.org>

        [chromium] Add plumbing for file display names for drag and drop
        https://bugs.webkit.org/show_bug.cgi?id=85673

        Reviewed by Darin Fisher.

        No new tests: this change itself shouldn't change existing behavior.

        * platform/chromium/ChromiumDataObject.cpp:
        (WebCore::ChromiumDataObject::addFilename):
        * platform/chromium/ChromiumDataObject.h:
        (ChromiumDataObject):

2012-05-04  Levi Weintraub  <leviw@chromium.org>

        Correct pixel snapping in RenderSVGRoot::paintReplaced
        https://bugs.webkit.org/show_bug.cgi?id=85671

        Reviewed by Eric Seidel.

        SVG root elements are still painted on pixel boundaries, so their children should
        apply transforms based on their actual painted location, not their sub-pixel
        one. This corrects a clipping and painting issue where these sub-pixel units are
        incorrectly applied to the graphics context.

        Covered by existing tests when sub-pixel layout is enabled.

        * rendering/svg/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::paintReplaced):

2012-05-04  Adam Barth  <abarth@webkit.org>

        Refactor CSP state to prepare for having both a ReportOnly and an Enforced policy
        https://bugs.webkit.org/show_bug.cgi?id=85662

        Reviewed by Eric Seidel.

        This patch refactors the ContentSecurityPolicy state into a separate
        DirectiveList class to prepare for
        https://bugs.webkit.org/show_bug.cgi?id=85561, which will cause us to
        need two directive lists: one for enforcement and one for monitoring.

        This patch shouldn't cause any change in behavior.

        * page/ContentSecurityPolicy.cpp:
        (CSPDirectiveList):
        (WebCore::CSPDirectiveList::header):
        (WebCore::CSPDirectiveList::headerType):
        (WebCore::CSPDirectiveList::denyIfEnforcingPolicy):
        (WebCore):
        (WebCore::CSPDirectiveList::CSPDirectiveList):
        (WebCore::CSPDirectiveList::create):
        (WebCore::CSPDirectiveList::reportViolation):
        (WebCore::CSPDirectiveList::logUnrecognizedDirective):
        (WebCore::CSPDirectiveList::checkEval):
        (WebCore::CSPDirectiveList::operativeDirective):
        (WebCore::CSPDirectiveList::checkInlineAndReportViolation):
        (WebCore::CSPDirectiveList::checkEvalAndReportViolation):
        (WebCore::CSPDirectiveList::checkSourceAndReportViolation):
        (WebCore::CSPDirectiveList::allowJavaScriptURLs):
        (WebCore::CSPDirectiveList::allowInlineEventHandlers):
        (WebCore::CSPDirectiveList::allowInlineScript):
        (WebCore::CSPDirectiveList::allowInlineStyle):
        (WebCore::CSPDirectiveList::allowEval):
        (WebCore::CSPDirectiveList::allowScriptFromSource):
        (WebCore::CSPDirectiveList::allowObjectFromSource):
        (WebCore::CSPDirectiveList::allowChildFrameFromSource):
        (WebCore::CSPDirectiveList::allowImageFromSource):
        (WebCore::CSPDirectiveList::allowStyleFromSource):
        (WebCore::CSPDirectiveList::allowFontFromSource):
        (WebCore::CSPDirectiveList::allowMediaFromSource):
        (WebCore::CSPDirectiveList::allowConnectFromSource):
        (WebCore::CSPDirectiveList::parse):
        (WebCore::CSPDirectiveList::parseDirective):
        (WebCore::CSPDirectiveList::parseReportURI):
        (WebCore::CSPDirectiveList::createCSPDirective):
        (WebCore::CSPDirectiveList::applySandboxPolicy):
        (WebCore::CSPDirectiveList::addDirective):
        (WebCore::ContentSecurityPolicy::ContentSecurityPolicy):
        (WebCore::ContentSecurityPolicy::~ContentSecurityPolicy):
        (WebCore::ContentSecurityPolicy::copyStateFrom):
        (WebCore::ContentSecurityPolicy::didReceiveHeader):
        (WebCore::ContentSecurityPolicy::setOverrideAllowInlineStyle):
        (WebCore::ContentSecurityPolicy::header):
        (WebCore::ContentSecurityPolicy::headerType):
        (WebCore::ContentSecurityPolicy::allowJavaScriptURLs):
        (WebCore::ContentSecurityPolicy::allowInlineEventHandlers):
        (WebCore::ContentSecurityPolicy::allowInlineScript):
        (WebCore::ContentSecurityPolicy::allowInlineStyle):
        (WebCore::ContentSecurityPolicy::allowEval):
        (WebCore::ContentSecurityPolicy::allowScriptFromSource):
        (WebCore::ContentSecurityPolicy::allowObjectFromSource):
        (WebCore::ContentSecurityPolicy::allowChildFrameFromSource):
        (WebCore::ContentSecurityPolicy::allowImageFromSource):
        (WebCore::ContentSecurityPolicy::allowStyleFromSource):
        (WebCore::ContentSecurityPolicy::allowFontFromSource):
        (WebCore::ContentSecurityPolicy::allowMediaFromSource):
        (WebCore::ContentSecurityPolicy::allowConnectFromSource):
        * page/ContentSecurityPolicy.h:
        (WebCore):
        * workers/WorkerMessagingProxy.cpp:
        (WebCore::WorkerMessagingProxy::startWorkerContext):

2012-05-04  Abhishek Arya  <inferno@chromium.org>

        ASSERT(beforeChildAnonymousContainer->isTable()); fails in RenderBlock::addChildIgnoringAnonymousColumnBlocks.
        https://bugs.webkit.org/show_bug.cgi?id=84606

        Reviewed by Julien Chaffraix.

        RenderBlock::removeChild forgot to set display on the anonymous block, causing it
        to display as INLINE. To prevent this kind of failure in future, we replace
        createAnonymousStyle with createAnonymousStyleWithDisplay to make everyone explictly
        pass display as the argument.

        Test: fast/block/block-add-child-crash.html

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::removeChild): 
        (WebCore::RenderBlock::createAnonymousWithParentRendererAndDisplay):
        (WebCore::RenderBlock::createAnonymousColumnsWithParentRenderer):
        (WebCore::RenderBlock::createAnonymousColumnSpanWithParentRenderer):
        * rendering/RenderInline.cpp:
        (WebCore::updateStyleOfAnonymousBlockContinuations):
        (WebCore::RenderInline::addChildIgnoringContinuation):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::propagateStyleToAnonymousChildren):
        * rendering/RenderRuby.cpp:
        (WebCore::createAnonymousRubyInlineBlock):
        * rendering/RenderRubyRun.cpp:
        (WebCore::RenderRubyRun::createRubyBase):
        (WebCore::RenderRubyRun::staticCreateRubyRun):
        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::createAnonymousWithParentRenderer):
        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::createAnonymousWithParentRenderer):
        * rendering/RenderTableRow.cpp:
        (WebCore::RenderTableRow::createAnonymousWithParentRenderer):
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::createAnonymousWithParentRenderer):
        * rendering/mathml/RenderMathMLBlock.cpp:
        (WebCore::RenderMathMLBlock::createAlmostAnonymousBlock):
        * rendering/mathml/RenderMathMLRow.cpp:
        (WebCore::RenderMathMLRow::createAnonymousWithParentRenderer):
        * rendering/mathml/RenderMathMLSubSup.cpp:
        (WebCore::RenderMathMLSubSup::addChild):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::createAnonymousStyleWithDisplay):
        * rendering/style/RenderStyle.h:

2012-04-27  Erik Arvidsson  <arv@chromium.org>

        WebKit IDL does not use exception syntax
        https://bugs.webkit.org/show_bug.cgi?id=85100

        Reviewed by Dimitri Glazkov.

        This adds support for exception ExceptionName { ... } which currently sets a flag
        on the domClass.

        Binding tests updated.

        * Modules/indexeddb/IDBDatabaseException.idl:
        * Modules/webdatabase/SQLException.idl:
        * bindings/scripts/IDLParser.pm:
        (ParseInterface):
        (DetermineParseMode):
        (ProcessSection):
        * bindings/scripts/IDLStructure.pm:
        * bindings/scripts/test/CPP/WebDOMTestException.cpp: Added.
        (WebDOMTestException::WebDOMTestExceptionPrivate::WebDOMTestExceptionPrivate):
        (WebDOMTestException::WebDOMTestExceptionPrivate):
        (WebDOMTestException::WebDOMTestException):
        (WebDOMTestException::operator=):
        (WebDOMTestException::impl):
        (WebDOMTestException::~WebDOMTestException):
        (WebDOMTestException::name):
        (toWebCore):
        (toWebKit):
        * bindings/scripts/test/CPP/WebDOMTestException.h: Added.
        (WebCore):
        (WebDOMTestException):
        * bindings/scripts/test/GObject/WebKitDOMTestException.cpp: Added.
        (WebKit):
        (WebKit::kit):
        (WebKit::core):
        (WebKit::wrapTestException):
        (webkit_dom_test_exception_finalize):
        (webkit_dom_test_exception_set_property):
        (webkit_dom_test_exception_get_property):
        (webkit_dom_test_exception_constructed):
        (webkit_dom_test_exception_class_init):
        (webkit_dom_test_exception_init):
        (webkit_dom_test_exception_get_name):
        * bindings/scripts/test/GObject/WebKitDOMTestException.h: Added.
        (_WebKitDOMTestException):
        (_WebKitDOMTestExceptionClass):
        * bindings/scripts/test/GObject/WebKitDOMTestExceptionPrivate.h: Added.
        (WebKit):
        * bindings/scripts/test/JS/JSTestException.cpp: Added.
        (WebCore):
        (WebCore::JSTestExceptionConstructor::JSTestExceptionConstructor):
        (WebCore::JSTestExceptionConstructor::finishCreation):
        (WebCore::JSTestExceptionConstructor::getOwnPropertySlot):
        (WebCore::JSTestExceptionConstructor::getOwnPropertyDescriptor):
        (WebCore::JSTestExceptionPrototype::self):
        (WebCore::JSTestException::JSTestException):
        (WebCore::JSTestException::finishCreation):
        (WebCore::JSTestException::createPrototype):
        (WebCore::JSTestException::destroy):
        (WebCore::JSTestException::~JSTestException):
        (WebCore::JSTestException::getOwnPropertySlot):
        (WebCore::JSTestException::getOwnPropertyDescriptor):
        (WebCore::jsTestExceptionName):
        (WebCore::jsTestExceptionConstructor):
        (WebCore::JSTestException::getConstructor):
        (WebCore::isObservable):
        (WebCore::JSTestExceptionOwner::isReachableFromOpaqueRoots):
        (WebCore::JSTestExceptionOwner::finalize):
        (WebCore::toJS):
        (WebCore::toTestException):
        * bindings/scripts/test/JS/JSTestException.h: Added.
        (WebCore):
        (JSTestException):
        (WebCore::JSTestException::create):
        (WebCore::JSTestException::createStructure):
        (WebCore::JSTestException::impl):
        (WebCore::JSTestException::releaseImpl):
        (WebCore::JSTestException::releaseImplIfNotNull):
        (JSTestExceptionOwner):
        (WebCore::wrapperOwner):
        (WebCore::wrapperContext):
        (JSTestExceptionPrototype):
        (WebCore::JSTestExceptionPrototype::create):
        (WebCore::JSTestExceptionPrototype::createStructure):
        (WebCore::JSTestExceptionPrototype::JSTestExceptionPrototype):
        (JSTestExceptionConstructor):
        (WebCore::JSTestExceptionConstructor::create):
        (WebCore::JSTestExceptionConstructor::createStructure):
        * bindings/scripts/test/ObjC/DOMTestException.h: Added.
        * bindings/scripts/test/ObjC/DOMTestException.mm: Added.
        (-[DOMTestException dealloc]):
        (-[DOMTestException finalize]):
        (-[DOMTestException name]):
        (core):
        (kit):
        * bindings/scripts/test/ObjC/DOMTestExceptionInternal.h: Added.
        (WebCore):
        * bindings/scripts/test/TestException.idl: Copied from Source/WebCore/xml/XPathException.idl.
        * bindings/scripts/test/V8/V8TestException.cpp: Added.
        (WebCore):
        (TestExceptionV8Internal):
        (WebCore::TestExceptionV8Internal::V8_USE):
        (WebCore::TestExceptionV8Internal::nameAttrGetter):
        (WebCore::ConfigureV8TestExceptionTemplate):
        (WebCore::V8TestException::GetRawTemplate):
        (WebCore::V8TestException::GetTemplate):
        (WebCore::V8TestException::HasInstance):
        (WebCore::V8TestException::wrapSlow):
        (WebCore::V8TestException::derefObject):
        * bindings/scripts/test/V8/V8TestException.h: Added.
        (WebCore):
        (V8TestException):
        (WebCore::V8TestException::toNative):
        (WebCore::V8TestException::wrap):
        (WebCore::toV8):
        * dom/DOMCoreException.idl:
        * dom/EventException.idl:
        * dom/RangeException.idl:
        * fileapi/FileException.idl:
        * fileapi/OperationNotAllowedException.idl:
        * svg/SVGException.idl:
        * xml/XMLHttpRequestException.idl:
        * xml/XPathException.idl:

2012-05-04  Rafael Weinstein  <rafaelw@chromium.org>

        V8RecursionScope not declared in V8Proxy::newInstance which causes ASSERT() failure from NPAPI
        https://bugs.webkit.org/show_bug.cgi?id=85659

        Reviewed by Ojan Vafai.

        Added a stack-allocted V8RecursionScope to the newInstance call.

        No new tests. No change in observable behavior.

        * bindings/v8/V8Proxy.cpp:
        (WebCore::V8Proxy::newInstance):

2012-05-04  Joshua Bell  <jsbell@chromium.org>

        IndexedDB: Remove all index metadata records when deleting an index
        https://bugs.webkit.org/show_bug.cgi?id=85557

        Reviewed by Tony Chang.

        An assert is hit when re-loading database from backing store due to stale index
        metadata entry. Do a range delete to clear all metadata entries when deleting an
        index. Define metadata entries as enum and limits as consts instead of hardcoded ints.

        No new tests - issue does not repro as layout test. Will land test in Chromium.

        * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
        (WebCore::getBool): Helper functions; replaces pattern of putInt()/read only lead byte.
        (WebCore):
        (WebCore::putBool):
        (WebCore::IDBLevelDBBackingStore::getObjectStores): Skip stale data. Use enums, helpers.
        (WebCore::IDBLevelDBBackingStore::createObjectStore): Use enums.
        (WebCore::IDBLevelDBBackingStore::deleteObjectStore): Use enums.
        (WebCore::getNewVersionNumber): Use enums.
        (WebCore::IDBLevelDBBackingStore::getIndexes): Skip stale data. Use enums, helpers.
        (WebCore::getNewIndexId): Use enums.
        (WebCore::IDBLevelDBBackingStore::createIndex): Use enums.
        (WebCore::IDBLevelDBBackingStore::deleteIndex): Delete metadata by range.
        * Modules/indexeddb/IDBLevelDBCoding.cpp:
        (IDBLevelDBCoding): Add constants for metadata maximum values.
        (WebCore::IDBLevelDBCoding::encodeBool):
        (WebCore::IDBLevelDBCoding::decodeBool):
        (WebCore::IDBLevelDBCoding::ObjectStoreMetaDataKey::encodeMaxKey): Use consts.
        (WebCore::IDBLevelDBCoding::IndexMetaDataKey::encodeMaxKey): Use consts.
        * Modules/indexeddb/IDBLevelDBCoding.h:
        (IDBLevelDBCoding): Expose enums for metadata types.

2012-05-04  Anders Carlsson  <andersca@apple.com>

        Move markPagesForFullStyleRecalc to PageCache
        https://bugs.webkit.org/show_bug.cgi?id=85664

        Reviewed by Dan Bernstein.

        Instead of going through all the history items in the back/forward list looking for cached pages, just iterate over the cached pages in the page.

        * history/BackForwardController.cpp:
        * history/BackForwardController.h:
        * history/HistoryItem.cpp:
        * history/HistoryItem.h:
        * history/PageCache.cpp:
        (WebCore::PageCache::markPagesForFullStyleRecalc):
        (WebCore):
        * history/PageCache.h:
        (PageCache):
        * page/Frame.cpp:
        (WebCore::Frame::setPageAndTextZoomFactors):
        * page/Page.cpp:
        (WebCore::Page::setDeviceScaleFactor):
        (WebCore::Page::setPagination):

2012-05-04  Tony Chang  <tony@chromium.org>

        The computed style of flex-item-align should never be auto.
        https://bugs.webkit.org/show_bug.cgi?id=85656

        Reviewed by Ojan Vafai.

        If the node lacks a parent and flex-item-align is auto, we should
        return stretch. This was recently clarified in the spec.

        New testcase in css3/flexbox/css-properties.html.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):

2012-05-04  Christophe Dumez  <christophe.dumez@intel.com>

        [soup] URL of the ResourceResponse passed to willSendRequest is incorrect
        https://bugs.webkit.org/show_bug.cgi?id=85072

        Reviewed by Gustavo Noronha Silva.

        Store the response message by catching the "got-headers" signal so
        that it can be passed later to willSendRequest() in case of
        redirection. This is required because the SoupMessage headers and URL
        have already been updated once restartedCallback() is called.

        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore):
        (WebCore::gotHeadersCallback):
        (WebCore::restartedCallback):
        (WebCore::sendRequestCallback):
        (WebCore::startHTTPRequest):

2012-05-04  Ian Vollick  <vollick@chromium.org>

        [chromium] CCProxy's shouldn't try to draw if there is no layer renderer
        https://bugs.webkit.org/show_bug.cgi?id=85218

        Reviewed by Adrienne Walker.

        * platform/graphics/chromium/cc/CCThreadProxy.cpp:
        (WebCore::CCThreadProxy::scheduledActionDrawAndSwapInternal):

2012-05-04  Rob Buis  <rbuis@rim.com>

        [BlackBerry] Rendering bmp file as text file when Content-Type:image/x-ms-bmp from apache web server.
        https://bugs.webkit.org/show_bug.cgi?id=85036

        Reviewed by Antonio Gomes.

        Move getNormalizedMIMEType from WebKit into MIMETypeRegistry. This way we support uncommon mime types like image/pjpeg
        and image/x-ms-bmp out of the box since we map to the more common image/jpeg and image/bmp respectively.

        * platform/MIMETypeRegistry.cpp:
        (WebCore::initializeSupportedImageMIMETypes):
        (WebCore::MIMETypeRegistry::isSupportedImageMIMEType):
        (WebCore::MIMETypeRegistry::isSupportedImageResourceMIMEType):
        (WebCore):
        (WebCore::mimeTypeAssociationMap):
        (WebCore::MIMETypeRegistry::getNormalizedMIMEType):
        * platform/MIMETypeRegistry.h:
        (MIMETypeRegistry):

2012-05-04  Sami Kyostila  <skyostil@chromium.org>

        [chromium] Revert compositor layer scrolling
        https://bugs.webkit.org/show_bug.cgi?id=85644

        Reviewed by Steve Block.

        This patch reverts the following commits because they were found to
        trigger crashes. See discussion at http://code.google.com/p/chromium/issues/detail?id=124393.

            [chromium] Allow scrolling non-root layers in the compositor thread
            http://trac.webkit.org/changeset/114651

            [chromium] Don't crash when scrolling empty layer tree
            http://trac.webkit.org/changeset/114761

            [chromium] Don't keep pointers to released layer tree
            http://trac.webkit.org/changeset/115080

        * platform/graphics/chromium/ContentLayerChromium.cpp:
        * platform/graphics/chromium/ContentLayerChromium.h:
        (ContentLayerChromium):
        * platform/graphics/chromium/GraphicsLayerChromium.h:
        (GraphicsLayerChromium):
        * platform/graphics/chromium/LayerChromium.cpp:
        (WebCore::LayerChromium::pushPropertiesTo):
        * platform/graphics/chromium/LayerChromium.h:
        (LayerChromium):
        * platform/graphics/chromium/cc/CCLayerImpl.cpp:
        * platform/graphics/chromium/cc/CCLayerImpl.h:
        * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
        (WebCore::CCLayerTreeHost::applyScrollAndScale):
        * platform/graphics/chromium/cc/CCLayerTreeHostCommon.h:
        (CCLayerTreeHostCommon):
        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
        (WebCore::CCLayerTreeHostImpl::CCLayerTreeHostImpl):
        (WebCore::CCLayerTreeHostImpl::startPageScaleAnimation):
        (WebCore::CCLayerTreeHostImpl::calculateRenderSurfaceLayerList):
        (WebCore::CCLayerTreeHostImpl::contentSize):
        (WebCore::CCLayerTreeHostImpl::prepareToDraw):
        (WebCore::findScrollLayer):
        (WebCore::CCLayerTreeHostImpl::setRootLayer):
        (WebCore::CCLayerTreeHostImpl::setPageScaleFactorAndLimits):
        (WebCore):
        (WebCore::CCLayerTreeHostImpl::adjustScrollsForPageScaleChange):
        (WebCore::CCLayerTreeHostImpl::setPageScaleDelta):
        (WebCore::CCLayerTreeHostImpl::applyPageScaleDeltaToScrollLayer):
        (WebCore::CCLayerTreeHostImpl::updateMaxScrollPosition):
        (WebCore::CCLayerTreeHostImpl::scrollBegin):
        (WebCore::CCLayerTreeHostImpl::scrollBy):
        (WebCore::CCLayerTreeHostImpl::scrollEnd):
        (WebCore::CCLayerTreeHostImpl::pinchGestureUpdate):
        (WebCore::CCLayerTreeHostImpl::computePinchZoomDeltas):
        (WebCore::CCLayerTreeHostImpl::makeScrollAndScaleSet):
        (WebCore::CCLayerTreeHostImpl::processScrollDeltas):
        (WebCore::CCLayerTreeHostImpl::animatePageScale):
        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
        (WebCore::CCLayerTreeHostImpl::releaseRootLayer):
        (WebCore::CCLayerTreeHostImpl::scrollLayer):
        (CCLayerTreeHostImpl):

2012-05-04  Ojan Vafai  <ojan@chromium.org>

        Remove file that was deleted in http://trac.webkit.org/changeset/116085/.
        For some reason, this was breaking the chromium build (probably a gyp bug
        since chromium shouldn't be pulling in this file).

        * WebCore.gypi:

2012-05-04  Tony Chang  <tony@chromium.org>

        fix bit packing in FillLayer on Windows
        https://bugs.webkit.org/show_bug.cgi?id=85636

        Reviewed by Ryosuke Niwa.

        Use unsigned for all bit packed types. I manually verified that
        the current uses of these member variables always assign true or false.

        No new tests, adding a compile assert to verify bit packing.

        * rendering/style/FillLayer.cpp:
        (SameSizeAsFillLayer): Added compile assert.
        (WebCore):
        (WebCore::FillLayer::FillLayer): Reorder m_sizeLength so bit packed fields are adjacent.
        (WebCore::FillLayer::operator=): Ditto.
        * rendering/style/FillLayer.h:
        (FillLayer): Convert bools to unsigned to match other bit packed fields.

2012-05-04  Tommy Widenflycht  <tommyw@google.com>

        MediaStream API: Make PeerConnection00's API fully compliant with the draft
        https://bugs.webkit.org/show_bug.cgi?id=85491

        Reviewed by Adam Barth.

        Mainly making the relevant API's use objects (aka Dictionaries) instead of the temporary strings,
        but also making a few API's exception aware and changing the name of a flag.

        Test: fast/mediastream/peerconnection-iceoptions.html

        * Modules/mediastream/PeerConnection00.cpp:
        (WebCore::PeerConnection00::createMediaHints):
        (WebCore::PeerConnection00::createOffer):
        (WebCore):
        (WebCore::PeerConnection00::createAnswer):
        (WebCore::PeerConnection00::createIceOptions):
        (WebCore::PeerConnection00::createDefaultIceOptions):
        (WebCore::PeerConnection00::startIce):
        (WebCore::PeerConnection00::addStream):
        (WebCore::PeerConnection00::changeReadyState):
        * Modules/mediastream/PeerConnection00.h:
        (WebCore):
        (PeerConnection00):
        * Modules/mediastream/PeerConnection00.idl:
        * platform/mediastream/chromium/PeerConnection00HandlerInternal.cpp:
        (WebCore::PeerConnection00HandlerInternal::startIce):

2012-05-04  David Tseng  <dtseng@google.com>

        Chromium should include MenuListPopups' and MenuListOptions' within the ax tree.
        https://bugs.webkit.org/show_bug.cgi?id=85541

        Reviewed by Chris Fleizach.

        Covered by existing tests. 
        LayoutTests/accessibility/menu-list-sends-change-notification.html

        * accessibility/AccessibilityMockObject.h:
        (WebCore::AccessibilityMockObject::accessibilityIsIgnored):
        * accessibility/chromium/AccessibilityObjectChromium.cpp:
        (WebCore::AccessibilityObject::accessibilityPlatformIncludesObject):

2012-05-04  Levi Weintraub <leviw@chromium.org>

        Unreviewed. Fixing ChangeLog conflict markers after 116009.

2012-05-04  Dan Winship  <danw@gnome.org>

        [GTK] ASSERTION FAILED: shouldLoadAsEmptyDocument(r.url()) ||
        !defersLoading() in MainResourceLoader.cpp:382

        Remove a soup_session_pause_message() call that got left behind,
        update the defersLoading stuff to handle this case.

        https://bugs.webkit.org/show_bug.cgi?id=85159

        Reviewed by Martin Robinson.

        No new tests. Now passes loader/load-defer-resume-crash.html under
        debug build.

        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::sendRequestCallback):
        (WebCore::ResourceHandle::platformSetDefersLoading):

2012-05-03  Martin Robinson  <mrobinson@igalia.com>

        [GTK] Rework IME handling to fix bugs and prepare for WebKit2
        https://bugs.webkit.org/show_bug.cgi?id=84556

        Reviewed by Gustavo Noronha Silva.

        No new tests. This change is already covered by a suite of keyboard
        handling unit tests in WebKitGTK+. There are some changes in behavior,
        but they are difficult to test without mocking out an entire GtkIMContext.

        Add a struct, CompositionResults, which is used by PlatformKeyboardEvent
        to package composition information with a keyboard event. Also add some logic
        to PlatformKeyboardEvent to give the right information when it has composition
        results.

        * GNUmakefile.list.am: Added new sources to the list.
        * platform/PlatformKeyboardEvent.h:  Added a new CompositionResults member,
        getter, and argument to the constructor.
        * platform/gtk/CompositionResults.h: Added.
        * platform/gtk/GtkInputMethodFilter.cpp: Added.
        * platform/gtk/GtkInputMethodFilter.h: Added.
        * platform/gtk/PlatformKeyboardEventGtk.cpp:
        (WebCore::PlatformKeyboardEvent::windowsKeyCodeForGdkKeyCode): When
        the key value is void return the VK_PROCESS keycode, which is the keycode
        that web content expects with keystrokes that trigger composition events.
        (WebCore::eventTypeForGdkKeyEvent): Abstract out this helper.
        (WebCore::modifiersForGdkKeyEvent): Abstract out this helper.
        (WebCore::PlatformKeyboardEvent::PlatformKeyboardEvent): When a PlatformKeyEvent
        has composition results, use VK_PROCESS as the keycode for this event.
        (WebCore::PlatformKeyboardEvent::disambiguateKeyDownEvent): When this event is
        transformed into a Char event, the PlatformKeyboardEvent used for DOM keypress
        events, and it has composition results clear the text members. This forces the
        EventHandler code to drop the keypress event. Platform events that change the
        composition states do not have corresponding keypress DOM events (only keydown
        and keyup events), so this is necessary to ensure web compatibility.

2012-05-04  Jochen Eisinger  <jochen@chromium.org>

        Correctly update the outgoing referrer when navigating back from an history item created by pushState/replaceState
        https://bugs.webkit.org/show_bug.cgi?id=85374

        Reviewed by Nate Chapin.

        Test: http/tests/history/history-navigations-set-referrer.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::loadInSameDocument):

2012-05-04  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>

        [Qt] Clean up and split features.prf into a static list of defaults

        The static list of feature defaults is used as a fallback for any
        feature that's not dynamically detected or overriden on the command
        line (though build-webkit or passing DEFINES+= to qmake).

        The static list is complete, which allows for auto-generation based
        on Features.py (see bug https://bugs.webkit.org/show_bug.cgi?id=85456)

        https://bugs.webkit.org/show_bug.cgi?id=85611

        Reviewed by Simon Hausmann.

        * Target.pri:

2012-05-04  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r116085, r116091, and r116095.
        http://trac.webkit.org/changeset/116085
        http://trac.webkit.org/changeset/116091
        http://trac.webkit.org/changeset/116095
        https://bugs.webkit.org/show_bug.cgi?id=85628

        We are not ready with dependencies on all platform yet (mac) +
        problems with debug builds. (Requested by Zoltan on #webkit).

        * Target.pri:
        * WebCore.pri:
        * platform/MIMETypeRegistry.cpp:
        (WebCore::initializeSupportedImageMIMETypes):
        (WebCore::initializeSupportedImageMIMETypesForEncoding):
        * platform/graphics/ImageSource.cpp:
        * platform/graphics/ImageSource.h:
        (WebCore):
        * platform/graphics/qt/ImageDecoderQt.cpp:
        (WebCore::ImageDecoder::create):
        (WebCore):
        (WebCore::ImageDecoderQt::filenameExtension):
        (WebCore::ImageDecoderQt::internalHandleCurrentImage):
        (WebCore::ImageDecoderQt::clearPointers):
        * platform/image-decoders/ImageDecoder.cpp:
        (WebCore::ImageDecoder::create):
        * platform/image-decoders/ImageDecoder.h:
        (WebCore::ImageFrame::getAddr):
        (ImageFrame):
        * platform/image-decoders/qt/ImageFrameQt.cpp: Added.
        (WebCore):
        (WebCore::ImageFrame::ImageFrame):
        (WebCore::ImageFrame::operator=):
        (WebCore::ImageFrame::clearPixelData):
        (WebCore::ImageFrame::zeroFillPixelData):
        (WebCore::ImageFrame::copyBitmapData):
        (WebCore::ImageFrame::setSize):
        (WebCore::ImageFrame::asNewNativeImage):
        (WebCore::ImageFrame::hasAlpha):
        (WebCore::ImageFrame::setHasAlpha):
        (WebCore::ImageFrame::setColorProfile):
        (WebCore::ImageFrame::setStatus):
        (WebCore::ImageFrame::setPixmap):
        (WebCore::ImageFrame::width):
        (WebCore::ImageFrame::height):

2012-05-04  Ilya Tikhonovsky  <loislo@chromium.org>

        Web Inspector: eliminate temporaryProfile property from ProfilesPanel.
        https://bugs.webkit.org/show_bug.cgi?id=85623

        We can run different profilers at the same time therefore we have to keep temorary profile per profiler type.

        Reviewed by Yury Semikhatsky.

        * inspector/front-end/CSSSelectorProfileView.js:
        (WebInspector.CSSSelectorProfileType.prototype.createView):
        (WebInspector.CSSSelectorProfileType.prototype.createTemporaryProfile):
        (WebInspector.CSSSelectorProfileType.prototype.createProfile):
        * inspector/front-end/HeapSnapshotView.js:
        (WebInspector.HeapSnapshotProfileType.prototype.createView):
        (WebInspector.HeapSnapshotProfileType.prototype.createTemporaryProfile):
        (WebInspector.HeapSnapshotProfileType.prototype.createProfile):
        * inspector/front-end/ProfileView.js:
        (WebInspector.CPUProfileType.prototype.startRecordingProfile):
        (WebInspector.CPUProfileType.prototype.createView):
        (WebInspector.CPUProfileType.prototype.createTemporaryProfile):
        (WebInspector.CPUProfileType.prototype.createProfile):
        * inspector/front-end/ProfilesPanel.js:
        (WebInspector.ProfileType.prototype.createSidebarTreeElementForProfile):
        (WebInspector.ProfileType.prototype.createTemporaryProfile):
        (WebInspector.ProfileType.prototype.createProfile):
        (WebInspector.ProfileHeader):
        (WebInspector.HeapProfileHeader):
        (WebInspector.ProfilesPanel.prototype.addProfileHeader):
        (WebInspector.ProfilesPanel.prototype.findTemporaryProfile):
        (WebInspector.ProfilesPanel.prototype._removeTemporaryProfile):
        (WebInspector.ProfilesPanel.prototype._populateProfiles.populateCallback.var):
        (WebInspector.ProfilesPanel.prototype._populateProfiles.populateCallback):
        (WebInspector.ProfilesPanel.prototype._populateProfiles):
        (WebInspector.ProfilesPanel.prototype.setRecordingProfile):
        (WebInspector.ProfilesPanel.prototype.takeHeapSnapshot):
        (WebInspector.ProfilesPanel.prototype._reportHeapSnapshotProgress):
        (WebInspector.ProfilerDispatcher.prototype.addProfileHeader):

2012-05-04  Ilya Tikhonovsky  <loislo@chromium.org>

        Web Inspector: [chromium] ScriptGCEvent should not be static.
        https://bugs.webkit.org/show_bug.cgi?id=80788

        The static members of ScriptGCEvent were moved into per isolate data structure.
        Drive by fix: Sometimes the used heap size after a GC is slightly more than it was before.

        Reviewed by Yury Semikhatsky.

        * bindings/v8/ScriptGCEvent.cpp:
        (WebCore::ScriptGCEvent::gcPrologueCallback):
        (WebCore::ScriptGCEvent::gcEpilogueCallback):
        * bindings/v8/V8Binding.h:
        (WebCore::GCEventData::GCEventData):
        (WebCore::GCEventData::clear):
        (GCEventData):
        (WebCore):
        (WebCore::V8BindingPerIsolateData::gcEventData):
        (V8BindingPerIsolateData):

2012-05-04  Kent Hansen <kent.hansen@nokia.com>

        [Qt] Update Qt bridge after changes to QMetaMethod
        https://bugs.webkit.org/show_bug.cgi?id=85478

        Reviewed by Tor Arne Vestbø.

        QMetaMethod::signature() has been renamed to methodSignature() and
        returns a QByteArray.

        The new function QMetaMethod::name() gives direct access to a
        method's name. returnType(), parameterCount(), and parameterType()
        give direct access to type information.

        Ported the custom QtConnectionObject meta-object to revision 7;
        revision 6 and below aren't supported (and don't compile) with Qt5.

        * Target.pri:
        * bridge/qt/qt_class.cpp:
        (JSC::Bindings::QtClass::fallbackObject):
        * bridge/qt/qt_instance.cpp:
        (JSC::Bindings::QtInstance::getPropertyNames):
        * bridge/qt/qt_runtime.cpp:
        (JSC::Bindings::findMethodIndex):
        (Bindings):
        (qt_meta_stringdata_QtConnectionObject_t):
        (JSC::Bindings::QtConnectionObject::qt_static_metacall):
        (JSC::Bindings::QtConnectionObject::qt_metacast):
        (JSC::Bindings::QtConnectionObject::qt_metacall):
        (JSC::Bindings::QtConnectionObject::execute):
        * bridge/qt/qt_runtime.h:
        (QtConnectionObject):
        * bridge/qt/qt_runtime_qt4.cpp: Copied from Source/WebCore/bridge/qt/qt_runtime.cpp.
        (Bindings):
        (QWKNoDebug):
        (JSC::Bindings::QWKNoDebug::QWKNoDebug):
        (JSC::Bindings::QWKNoDebug::~QWKNoDebug):
        (JSC::Bindings::QWKNoDebug::operator<<):
        (JSC::Bindings::operator<<):
        (RuntimeConversion):
        (JSC::Bindings::registerCustomType):
        (JSC::Bindings::isJSUint8ClampedArray):
        (JSC::Bindings::valueRealType):
        (JSC::Bindings::convertValueToQVariantMap):
        (JSC::Bindings::convertValueToQVariant):
        (JSC::Bindings::convertQVariantToValue):
        (JSC::Bindings::QtRuntimeMethod::QtRuntimeMethod):
        (JSC::Bindings::QtRuntimeMethod::finishCreation):
        (JSC::Bindings::QtRuntimeMethod::~QtRuntimeMethod):
        (JSC::Bindings::QtRuntimeMethod::destroy):
        (JSC::Bindings::QtRuntimeMethodData::~QtRuntimeMethodData):
        (JSC::Bindings::QtRuntimeMethodData::finalize):
        (JSC::Bindings::QtRuntimeMetaMethodData::~QtRuntimeMetaMethodData):
        (JSC::Bindings::QtRuntimeConnectionMethodData::~QtRuntimeConnectionMethodData):
        (QtMethodMatchType):
        (JSC::Bindings::QtMethodMatchType::QtMethodMatchType):
        (JSC::Bindings::QtMethodMatchType::kind):
        (JSC::Bindings::QtMethodMatchType::isValid):
        (JSC::Bindings::QtMethodMatchType::isVariant):
        (JSC::Bindings::QtMethodMatchType::isMetaType):
        (JSC::Bindings::QtMethodMatchType::isUnresolved):
        (JSC::Bindings::QtMethodMatchType::isMetaEnum):
        (JSC::Bindings::QtMethodMatchType::enumeratorIndex):
        (JSC::Bindings::QtMethodMatchType::variant):
        (JSC::Bindings::QtMethodMatchType::metaType):
        (JSC::Bindings::QtMethodMatchType::metaEnum):
        (JSC::Bindings::QtMethodMatchType::unresolved):
        (JSC::Bindings::QtMethodMatchType::typeId):
        (JSC::Bindings::QtMethodMatchType::name):
        (QtMethodMatchData):
        (JSC::Bindings::QtMethodMatchData::QtMethodMatchData):
        (JSC::Bindings::QtMethodMatchData::isValid):
        (JSC::Bindings::QtMethodMatchData::firstUnresolvedIndex):
        (JSC::Bindings::indexOfMetaEnum):
        (JSC::Bindings::findMethodIndex):
        (JSC::Bindings::findSignalIndex):
        (JSC::Bindings::QtRuntimeMetaMethod::QtRuntimeMetaMethod):
        (JSC::Bindings::QtRuntimeMetaMethod::finishCreation):
        (JSC::Bindings::QtRuntimeMetaMethod::visitChildren):
        (JSC::Bindings::QtRuntimeMetaMethod::call):
        (JSC::Bindings::QtRuntimeMetaMethod::getCallData):
        (JSC::Bindings::QtRuntimeMetaMethod::getOwnPropertySlot):
        (JSC::Bindings::QtRuntimeMetaMethod::getOwnPropertyDescriptor):
        (JSC::Bindings::QtRuntimeMetaMethod::getOwnPropertyNames):
        (JSC::Bindings::QtRuntimeMetaMethod::lengthGetter):
        (JSC::Bindings::QtRuntimeMetaMethod::connectGetter):
        (JSC::Bindings::QtRuntimeMetaMethod::disconnectGetter):
        (JSC::Bindings::QtRuntimeConnectionMethod::QtRuntimeConnectionMethod):
        (JSC::Bindings::QtRuntimeConnectionMethod::finishCreation):
        (JSC::Bindings::QtRuntimeConnectionMethod::call):
        (JSC::Bindings::QtRuntimeConnectionMethod::getCallData):
        (JSC::Bindings::QtRuntimeConnectionMethod::getOwnPropertySlot):
        (JSC::Bindings::QtRuntimeConnectionMethod::getOwnPropertyDescriptor):
        (JSC::Bindings::QtRuntimeConnectionMethod::getOwnPropertyNames):
        (JSC::Bindings::QtRuntimeConnectionMethod::lengthGetter):
        (JSC::Bindings::QtConnectionObject::QtConnectionObject):
        (JSC::Bindings::QtConnectionObject::~QtConnectionObject):
        (JSC::Bindings::QtConnectionObject::metaObject):
        (JSC::Bindings::QtConnectionObject::qt_metacast):
        (JSC::Bindings::QtConnectionObject::qt_metacall):
        (JSC::Bindings::isJavaScriptFunction):
        (JSC::Bindings::QtConnectionObject::execute):
        (JSC::Bindings::QtConnectionObject::match):
        (JSC::Bindings::QtConnectionObject::createWithInternalJSC):
        (JSC::Bindings::::QtArray):
        (JSC::Bindings::::~QtArray):
        (JSC::Bindings::::rootObject):
        (JSC::Bindings::::setValueAt):
        (JSC::Bindings::::valueAt):

2012-05-04  Yury Semikhatsky  <yurys@chromium.org>

        Web Inspector: use single method for retrieving evaluation context in the runtime agent
        https://bugs.webkit.org/show_bug.cgi?id=85621

        Reviewed by Pavel Feldman.

        Merged two script state retrieval methods into one. Moved Page specific logic
        into PageRuntimeAgent.

        * inspector/InspectorRuntimeAgent.cpp:
        (WebCore::InspectorRuntimeAgent::evaluate):
        * inspector/InspectorRuntimeAgent.h:
        (InspectorRuntimeAgent):
        * inspector/PageRuntimeAgent.cpp:
        (WebCore::PageRuntimeAgent::scriptStateForEval):
        * inspector/PageRuntimeAgent.h:
        (PageRuntimeAgent):
        * inspector/WorkerRuntimeAgent.cpp:
        (WebCore::WorkerRuntimeAgent::scriptStateForEval):
        * inspector/WorkerRuntimeAgent.h:
        (WorkerRuntimeAgent):

2012-05-04  Jochen Eisinger  <jochen@chromium.org>

        Unreviewed, rolling out r115549.
        http://trac.webkit.org/changeset/115549
        https://bugs.webkit.org/show_bug.cgi?id=83894

        The newly added CRASH() statements are triggered too often

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::init):
        (WebCore::FrameLoader::setupForReplace):
        (WebCore::FrameLoader::stopAllLoaders):
        (WebCore::FrameLoader::clearProvisionalLoad):
        (WebCore::FrameLoader::continueFragmentScrollAfterNavigationPolicy):
        (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):

2012-05-04  Zoltan Horvath  <zoltan@webkit.org>

        [Qt] Error message fix after r116091
        https://bugs.webkit.org/show_bug.cgi?id=85614

        Reviewed by Alexis Menard.

        No new tests : error message fix.

        * WebCore.pri:

2012-05-04  Alexis Menard  <alexis.menard@openbossa.org>

        [Qt] Build fix when using libpng version > 1.2.
        https://bugs.webkit.org/show_bug.cgi?id=85614

        Reviewed by Tor Arne Vestbø.

        Don't enforce the version of libpng when passing the option to the linker.

        No new tests : build fix.

        * WebCore.pri:

2012-05-04  Simon Hausmann  <simon.hausmann@nokia.com>

        [Qt] Images are scaled badly in WebKit2
        https://bugs.webkit.org/show_bug.cgi?id=85610

        Reviewed by Jocelyn Turcotte.

        Enable smooth pixmap transforms when rendering into the GraphicsSurface image.
        This class is only used in WK2.

        * platform/graphics/surfaces/qt/GraphicsSurfaceQt.cpp:
        (WebCore::GraphicsSurface::platformBeginPaint):

2012-05-04  Zoltan Horvath  <zoltan@webkit.org>

        [Qt] Remove unnecessary executeable bits after r116085

        No new tests.

        * Target.pri:
        * WebCore.pri:
        * platform/graphics/ImageSource.cpp:
        * platform/graphics/ImageSource.h:
        * platform/graphics/qt/ImageDecoderQt.cpp:
        * platform/graphics/qt/ImageDecoderQt.h:
        * platform/image-decoders/ImageDecoder.cpp:
        * platform/image-decoders/ImageDecoder.h:

2012-05-04  Zoltan Horvath  <zoltan@webkit.org>

        [Qt] Set WebCore imagedecoders as default and add fallback to QImageDecoder
        https://bugs.webkit.org/show_bug.cgi?id=80400

        This change modifies the default ImageDecoder for Qt-port from QImageDecoder to WebCore ImageDecoder.
        The new behavior is to use QImageDecoder only if WebCoreImageDecoder doesn't support the requested
        image type.
        The WTF_USE_QT_IMAGE_DECODER macro has been removed, since it is no longer needed.

        This change adds build depedency for libpng-dev and libjpeg-dev packages, becuase PNG and JPEG imagedecoders
        need not only these libraries, but their headers also. Qmake-config tests for these libraries were
        introduced in r110045.

        Reviewed by Simon Hausmann.

        No new tests needed.

        * Target.pri: Move WebCore ImageDecoder files out of guards. Remove ImageFrameQt.cpp from sources.
        * WebCore.pri: Move WebCore ImageDecoder include paths out of guards.
        * platform/MIMETypeRegistry.cpp:
        (WebCore::initializeSupportedImageMIMETypes): Add WebCore supported and Qt supported MIME types.
        (WebCore::initializeSupportedImageMIMETypesForEncoding): Use Qt supported MIME types.
        * platform/graphics/ImageSource.cpp: Remove unnecessary includes.
        * platform/graphics/ImageSource.h: Remove unnecessary typedefs.
        (WebCore):
        * platform/graphics/qt/ImageDecoderQt.cpp:
        (WebCore::ImageDecoderQt::filenameExtension): Remove unnecessary semicolon.
        (WebCore::ImageDecoderQt::internalHandleCurrentImage): Use QImage and ImageFrame instead of QPixmap.
        (WebCore):
        (WebCore::ImageFrame::asNewNativeImage): Moved here from removed ImageFrameQt.cpp.
        * platform/image-decoders/ImageDecoder.cpp: Reorganize the includes of the header.
        (WebCore::ImageDecoder::create): Add platform macro guarded fallback case for QImageDecoder.
        * platform/image-decoders/ImageDecoder.h: Remove Qt-specific codes.
        (WebCore::ImageFrame::getAddr): Remove Qt-specific case, since it is no longer needed.
        (ImageFrame):
        * platform/image-decoders/qt/ImageFrameQt.cpp: Removed. Dead code, other code has been moved to
        ImageDecoderQt.cpp.

2012-05-03  Ilya Tikhonovsky  <loislo@chromium.org>

        Web Inspector: createRawLocationByURL is too slow if a big number of evals happen.
        https://bugs.webkit.org/show_bug.cgi?id=85477

        It iterates through all the _scripts even they have no url.
        We can keep a separate map of scripts with url.

        Reviewed by Yury Semikhatsky.

        * inspector/front-end/DebuggerModel.js:
        (WebInspector.DebuggerModel):
        (WebInspector.DebuggerModel.prototype._globalObjectCleared):
        (WebInspector.DebuggerModel.prototype._resetScriptsMap):
        (WebInspector.DebuggerModel.prototype._parsedScriptSource):
        (WebInspector.DebuggerModel.prototype.createRawLocationByURL):

2012-05-03  David Barr  <davidbarr@chromium.org>

        Antialias single-edge solid borders
        https://bugs.webkit.org/show_bug.cgi?id=85031

        Reviewed by Simon Fraser.

        Antialiasing is avoided for adjacent edges due to artifacts at the seam.
        There are no such artifacts for single-edge borders so enable antialiasing.

        Test: fast/css/border-solid-single-edge-antialias.html

        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::paintBorder):

2012-05-03  Adam Barth  <abarth@webkit.org>

        CSP: Eval isn't blocked in about:blank subframes
        https://bugs.webkit.org/show_bug.cgi?id=85553

        Reviewed by Eric Seidel.

        ContentSecurityPolicy has a back pointer to ScriptExecutionContext.
        That means we shouldn't share a single ContentSecurityPolicy object
        between multiple ScriptExecutionContexts.  This patch copies the state
        from one ScriptExecutionContext to another rather than sharing the
        ContentSecurityPolicy object itself.

        This resulted in a subtle but w.r.t. blocking eval.  Because we block
        eval by setting a bit in the JavaScript engine when enforcing the
        policy, that bit wasn't copied along with the rest of the state when we
        were sharing the ContentSecurityPolicy object.  Now that we use the
        more robust ContentSecurityPolicy::copyStateFrom function, we don't
        have that bug.

        Test: http/tests/security/contentSecurityPolicy/eval-blocked-in-about-blank-iframe.html

        * dom/Document.cpp:
        (WebCore::Document::initSecurityContext):
        (WebCore):
        (WebCore::Document::initContentSecurityPolicy):
        * dom/Document.h:
        (Document):
        * dom/SecurityContext.cpp:
        (WebCore::SecurityContext::setContentSecurityPolicy):
        * dom/SecurityContext.h:
        (SecurityContext):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::didBeginDocument):
        * page/ContentSecurityPolicy.h:
        (WebCore::ContentSecurityPolicy::create):

2012-05-03  Abhishek Arya  <inferno@chromium.org>

        Regression(r113769): Crash in AudioNodeOutput::disconnectAllParams.
        https://bugs.webkit.org/show_bug.cgi?id=85196

        Reviewed by Chris Rogers.

        RefPtr the AudioParam hashset in AudioNodeOutput to prevent accessing
        destroyed entries.

        No new tests. Unable to reproduce it in DRT.

        * Modules/webaudio/AudioNodeOutput.cpp:
        (WebCore::AudioNodeOutput::disconnectAllParams):
        * Modules/webaudio/AudioNodeOutput.h:
        (AudioNodeOutput):

2012-05-03  Noel Gordon  <noel.gordon@gmail.com>

        PNGImageDecoder: Clean up rowAvailable() some more
        https://bugs.webkit.org/show_bug.cgi?id=85464

        Reviewed by Eric Seidel.

        No new tests. Covered by existing tests: fast/images/png-extra-row-crash.html in
        particular.

        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageDecoder::rowAvailable): Use colorChannels consistently. Split
        the useful libpng comments in two, then place the early-out code and conditions
        inbetween. The png variable is only used in one place so move it there.

2012-05-03  Ojan Vafai  <ojan@chromium.org>

        Histogram total allocated bytes in the arena in addition to the render tree size
        https://bugs.webkit.org/show_bug.cgi?id=85537

        Reviewed by Eric Seidel.

        We only free bytes allocated to a RenderArena when destroying the Document.
        Histogram both the render tree size and the total bytes allocated. This
        gives a better sense of the overhead of RenderArena as well as giving a more
        accurate number for the amount of actual memory used by the render tree.

        No new tests. This is not webfacing, so this can't be tested without adding
        API to layout test controller, which doesn't seem worth it for this code.

        * page/Page.cpp:
        (WebCore::Page::renderTreeSize):
        (WebCore::Page::setVisibilityState):
        * page/Page.h:
        (Page):
        * platform/Arena.cpp:
        (WebCore::ArenaAllocate):
        * platform/Arena.h:
        (WebCore):
        * rendering/RenderArena.cpp:
        (WebCore::RenderArena::allocate):
        * rendering/RenderArena.h:
        (WebCore::RenderArena::totalRenderArenaAllocatedBytes):
        (RenderArena):

2012-05-03  Mary Wu  <mary.wu@torchmobile.com.cn>

        [BlackBerry] Add missed member in CrossThreadResourceRequestData
        https://bugs.webkit.org/show_bug.cgi?id=85448

        Reviewed by Antonio Gomes.

        * platform/network/blackberry/ResourceRequest.h:
        (CrossThreadResourceRequestData):
        * platform/network/blackberry/ResourceRequestBlackBerry.cpp:
        (WebCore::ResourceRequest::doPlatformCopyData):
        (WebCore::ResourceRequest::doPlatformAdopt):

2012-05-03  Adam Barth  <abarth@webkit.org>

        CSP shouldn't block about:blank for iframes
        https://bugs.webkit.org/show_bug.cgi?id=85233

        Reviewed by Eric Seidel.

        As discussed at the W3C WebAppSec face-to-face meeting, there's no
        point in blocking about:blank iframes or objects because blocking a
        frame or object just results in displaying about:blank anyway.  This
        patch just removes the spurious console message and violation report.

        Test: http/tests/security/contentSecurityPolicy/frame-src-about-blank-allowed-by-default.html

        * page/ContentSecurityPolicy.cpp:
        (WebCore::ContentSecurityPolicy::allowObjectFromSource):
        (WebCore::ContentSecurityPolicy::allowChildFrameFromSource):

2012-05-03  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r116040.
        http://trac.webkit.org/changeset/116040
        https://bugs.webkit.org/show_bug.cgi?id=85559

        Broke a few IndexedDB browsertests (Requested by zhenyao on
        #webkit).

        * Modules/indexeddb/IDBCursor.cpp:
        (WebCore::IDBCursor::direction):
        * Modules/indexeddb/IDBCursor.h:
        (IDBCursor):
        * Modules/indexeddb/IDBCursor.idl:
        * Modules/indexeddb/IDBDatabase.cpp:
        (WebCore::IDBDatabase::transaction):
        (WebCore):
        * Modules/indexeddb/IDBDatabase.h:
        * Modules/indexeddb/IDBDatabase.idl:
        * Modules/indexeddb/IDBIndex.cpp:
        (WebCore::IDBIndex::openCursor):
        (WebCore::IDBIndex::openKeyCursor):
        * Modules/indexeddb/IDBIndex.h:
        (WebCore::IDBIndex::openCursor):
        (WebCore::IDBIndex::openKeyCursor):
        * Modules/indexeddb/IDBIndex.idl:
        * Modules/indexeddb/IDBObjectStore.cpp:
        (WebCore::IDBObjectStore::openCursor):
        * Modules/indexeddb/IDBObjectStore.h:
        (WebCore::IDBObjectStore::openCursor):
        (IDBObjectStore):
        * Modules/indexeddb/IDBObjectStore.idl:
        * Modules/indexeddb/IDBRequest.cpp:
        (WebCore::IDBRequest::IDBRequest):
        (WebCore::IDBRequest::readyState):
        (WebCore::IDBRequest::markEarlyDeath):
        (WebCore::IDBRequest::resetReadyState):
        (WebCore::IDBRequest::abort):
        (WebCore::IDBRequest::finishCursor):
        (WebCore::IDBRequest::onSuccess):
        (WebCore::IDBRequest::stop):
        * Modules/indexeddb/IDBRequest.h:
        * Modules/indexeddb/IDBRequest.idl:
        * Modules/indexeddb/IDBTransaction.cpp:
        (WebCore::IDBTransaction::mode):
        * Modules/indexeddb/IDBTransaction.h:
        (IDBTransaction):
        * Modules/indexeddb/IDBTransaction.idl:

2012-05-03  Raphael Kubo da Costa  <rakuco@webkit.org>

        [CMake] Rewrite FindCairo.cmake.
        https://bugs.webkit.org/show_bug.cgi?id=84895

        Reviewed by Daniel Bates.

        The old approach relied on pkg-config for finding Cairo (which
        introduced a dependency on pkg-config that could be avoided), used
        the LibFindMacros code that we should probably remove in the
        future and did not use the FindPackageHandleStandardArguments
        module.

        Change all that by rewriting the module.
        - Use the pkg-config output optionally instead of requiring it
        like LibFindMacros did.
        - Remove the implicit dependency on FreeType which often found it
        the wrong way via pkg-config and without considering
        CMAKE_PREFIX_PATH.
        - Retrieve the Cairo version by looking at cairo-version.h instead
        of relying on pkg-config. It requires some additional code for
        checking if the desired version has been found, but that will not
        be needed once we start depending on CMake 2.8.3 or later.

        The only downside is that FPHSA sets <UPPERCASED_NAME>_FOUND
        instead of <Name>_FOUND, and to keep things consistent
        Cairo_LIBRARIES and Cairo_INCLUDE_DIRS have become CAIRO_LIBRARIES
        and CAIRO_INCLUDE_DIRS.

        No new tests, build system change.

        * PlatformEfl.cmake: Use CAIRO_FOO instead of Cairo_FOO.

2012-05-03  Anders Carlsson  <andersca@apple.com>

        Focus ring only appears in top-left tile
        https://bugs.webkit.org/show_bug.cgi?id=85556
        <rdar://problem/11359656>

        Reviewed by Simon Fraser.

        It is sufficient to just apply the current CTM to the clip rect and set that as the focus ring clip rect.

        * platform/graphics/mac/WebLayer.mm:
        (drawLayerContents):

2012-05-03  Alec Flett  <alecflett@chromium.org>

        IndexedDB: Replace numeric constants with strings
        https://bugs.webkit.org/show_bug.cgi?id=84894

        Reviewed by Tony Chang.

        Test: storage/indexeddb/legacy-constants.html

        Update IDBObjectStore.openCursor, IDBIndex.openCursor,
        IDBIndex.openKeyCursor, IDBDatabase.transaction,
        IDBCursor.direction, IDBTransaction.mode, and
        IDBRequest.readyState to meet the latest spec. All of these APIs
        now support string-based values in addition to the
        legacy/deprecated enum-based values.

        * Modules/indexeddb/IDBCursor.cpp:
        (WebCore):
        (WebCore::IDBCursor::direction):
        (WebCore::IDBCursor::stringToDirection):
        (WebCore::IDBCursor::directionToString):
        * Modules/indexeddb/IDBCursor.h:
        (IDBCursor):
        * Modules/indexeddb/IDBCursor.idl:
        * Modules/indexeddb/IDBDatabase.cpp:
        (WebCore::IDBDatabase::transaction):
        (WebCore):
        * Modules/indexeddb/IDBDatabase.h:
        (IDBDatabase):
        * Modules/indexeddb/IDBDatabase.idl:
        * Modules/indexeddb/IDBIndex.cpp:
        (WebCore::IDBIndex::openCursor):
        (WebCore):
        (WebCore::IDBIndex::openKeyCursor):
        * Modules/indexeddb/IDBIndex.h:
        (WebCore::IDBIndex::openCursor):
        (IDBIndex):
        (WebCore::IDBIndex::openKeyCursor):
        * Modules/indexeddb/IDBIndex.idl:
        * Modules/indexeddb/IDBObjectStore.cpp:
        (WebCore::IDBObjectStore::openCursor):
        (WebCore):
        * Modules/indexeddb/IDBObjectStore.h:
        (WebCore::IDBObjectStore::openCursor):
        (IDBObjectStore):
        * Modules/indexeddb/IDBObjectStore.idl:
        * Modules/indexeddb/IDBRequest.cpp:
        (WebCore::IDBRequest::IDBRequest):
        (WebCore::IDBRequest::readyState):
        (WebCore::IDBRequest::markEarlyDeath):
        (WebCore::IDBRequest::resetReadyState):
        (WebCore::IDBRequest::abort):
        (WebCore::IDBRequest::finishCursor):
        (WebCore::IDBRequest::onSuccess):
        (WebCore::IDBRequest::stop):
        * Modules/indexeddb/IDBRequest.h:
        * Modules/indexeddb/IDBRequest.idl:
        * Modules/indexeddb/IDBTransaction.cpp:
        (WebCore):
        (WebCore::IDBTransaction::mode):
        (WebCore::IDBTransaction::stringToMode):
        (WebCore::IDBTransaction::modeToString):
        * Modules/indexeddb/IDBTransaction.h:
        (IDBTransaction):
        * Modules/indexeddb/IDBTransaction.idl:

2012-05-03  Sam Weinig  <sam@webkit.org>

        Add an eventPhase NONE constant
        https://bugs.webkit.org/show_bug.cgi?id=85397

        Reviewed by Anders Carlsson.

        Updates existing tests.

        * dom/Event.h:
        * dom/Event.idl:
        Add NONE constant.

2012-05-03  Tony Chang  <tony@chromium.org>

        Height overflow when nesting multiple new Flexbox'es.
        https://bugs.webkit.org/show_bug.cgi?id=83572

        Reviewed by Ojan Vafai.

        Test: css3/flexbox/nested-stretch.html

        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::computeAvailableFreeSpace):

2012-05-03  Julien Chaffraix  <jchaffraix@webkit.org>

        ASSERT(!m_zOrderListsDirty) is triggering in Safari
        https://bugs.webkit.org/show_bug.cgi?id=85512

        Reviewed by Simon Fraser.

        Unfortunately no test as I don't think the 2 cases are testable reliably.

        A better fix would be to introduce some iterator that handle updating the
        lists for you. For now, just adding the missing updateLayerListsIfNeeded()
        calls.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::hasVisibleNonCompositingDescendantLayers):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::layerHas3DContent):

2012-05-03  Philip Rogers  <pdr@google.com>

        Fix numeric precision issue in SVG animations
        https://bugs.webkit.org/show_bug.cgi?id=85502

        Reviewed by Dirk Schulze.

        r93938 had a bug where floating point numbers where compared exactly,
        exposing a bug when floating point precision was not sufficient. This
        change compares against an epsilon value to get around these precision
        issues.

        Test: svg/animations/animate-end-attribute-numeric-precision.html

        * svg/animation/SVGSMILElement.cpp:
        (WebCore::SVGSMILElement::calculateAnimationPercentAndRepeat):

2012-05-03  Joshua Bell  <jsbell@chromium.org>

        Fix coding style issues in IDBLevelDBCoding.cpp
        https://bugs.webkit.org/show_bug.cgi?id=85536

        Reviewed by Tony Chang.

        No tests - just code formatting changes.

        * Modules/indexeddb/IDBLevelDBCoding.cpp:
        (WebCore::IDBLevelDBCoding::encodeIDBKey):
        (WebCore::IDBLevelDBCoding::decodeIDBKey):
        (WebCore::IDBLevelDBCoding::extractEncodedIDBKey):
        (WebCore::IDBLevelDBCoding::compareEncodedIDBKeys):

2012-04-30  Filip Pizlo  <fpizlo@apple.com>

        PageCache autorelease should not wait until 3 seconds and 42 pages
        https://bugs.webkit.org/show_bug.cgi?id=85254
        <rdar://problem/11349613>

        Reviewed by Geoffrey Garen.

        No new tests, since there is no change in behavior.

        * history/PageCache.cpp:
        (WebCore):
        (WebCore::PageCache::PageCache):
        (WebCore::PageCache::releaseAutoreleasedPagesNowDueToTimer):
        * history/PageCache.h:
        (PageCache):

2012-05-03  Levi Weintraub  <leviw@chromium.org>

        Unreviewed build fix for Mac WK2. Adding a mistakenly removed symbol back to WebCore.exp.in.

        * WebCore.exp.in:

2012-05-03  Levi Weintraub  <leviw@chromium.org>

        Unreviewed build fix for Qt after 116009. No changes in behavior.

        * rendering/RenderTreeAsText.cpp:
        (WebCore::RenderTreeAsText::writeRenderObject):

2012-05-03  W. James MacLean  <wjmaclean@chromium.org>

        [chromium] Revise touchpad fling curve to use exponential curve, to improve feel and small fling performance.
        https://bugs.webkit.org/show_bug.cgi?id=85530

        Reviewed by Kenneth Russell.

        Existing unit tests updated for new curve.

        Modifies TouchpadFLingGestureCurve to use an exponential, rather than polynomial, curve.
        This change appears to improve the overall feel of touchpad fling, and substantially
        improves small-fling performance.

        * platform/TouchpadFlingPlatformGestureCurve.cpp:
        (WebCore::TouchpadFlingPlatformGestureCurve::create):
        (WebCore):
        (WebCore::position):
        (WebCore::velocity):
        (WebCore::TouchpadFlingPlatformGestureCurve::TouchpadFlingPlatformGestureCurve):

2012-04-23  Levi Weintraub  <leviw@chromium.org> and Emil A Eklund <eae@chromium.org>

        [meta] Switch away from integers representing pixels for layout/event handling/rendering
        https://bugs.webkit.org/show_bug.cgi?id=60318

        Reviewed by Eric Seidel.

        Swapping the LayoutUnit backend to FractionalLayoutUnit from int.
        
        FractionalLayoutUnit is a new type that uses an integer to represent a fraction of a pixel.
        We're also adding a feature flag -- ENABLE_SUBPIXEL_LAYOUT -- that toggles this fraction
        between 1/1 and 1/60. Initially, all platforms will default to subpixel layout being off,
        so FractionalLayoutUnits will effectively continue to act as integers.
        
        With ENABLE_SUBPIXEL_LAYOUT turned on, FractionalLayoutUnits accumulate error from sub-pixel
        CSS values and applied zooming, and painting uses pixel-snapping to align these values
        to pixels. See http://trac.webkit.org/wiki/LayoutUnit for details.

        In a number of previous patches, LayoutUnits were plumbed throughout the rendering tree
        to prepare for this change. This included a number of functions in LayoutTypes.h and
        the IntRect/Point/Size classes that were effectively no-ops while LayoutUnits were
        integers. Subsequent patches will remove unnecessary versions of these functions; see
        http://webkit.org/b/84616 for tracking these changes.

        Tests: fast/sub-pixel/client-width-height-snapping.html
               fast/sub-pixel/layout-boxes-with-zoom.html
               fast/sub-pixel/size-of-box-with-zoom.html

        * WebCore.exp.in: Updating function signatures that expose FractionalLayoutUnits.
        * WebCore.xcodeproj/project.pbxproj: Adding missing FractionalLayoutPoint.h header.
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::zoomAdjustedPixelValue): Using adjustFloatForAbsoluteZoom instead of int
        to make use of extra precision before returning the pixel value.
        * css/CSSPrimitiveValue.cpp:
        (WebCore::CSSPrimitiveValue::computeLength): No longer rounds for imprecise conversion
        when sub-pixel layout is enabled.
        (WebCore::CSSPrimitiveValue::customCssText): Returning integer values for pixels.
        * dom/Element.cpp:
        (WebCore::adjustForLocalZoom): Using rounding instead of incrementing the value before
        adjusting to account for truncation when sub-pixel layout is enabled.
        * page/SpatialNavigation.cpp:
        (WebCore::distanceDataForNode): Using FractionalLayoutUnit::abs instead of std::abs.
        * platform/FractionalLayoutUnit.h: Adding some missing operators and a flag around the
        constant denominator to switch it between 1/1 and 1/60 depending on the feature flag.
        * platform/Length.h: Changing the default type for value to float, and adding intValue
        since this more closely matches usage in a sub-pixel layout world.
        * platform/win/PopupMenuWin.cpp:
        (WebCore::PopupMenuWin::paint): Using minimumIntValueForLength in this platform code
        instead of LayoutUnits.
        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::placeBoxesInBlockDirection):
        * rendering/LayoutTypes.h: This file contains the actual switch for changing LayoutUnits
        to be FractionalLayoutUnits. Also updating stub methods with their proper implementations.
        * rendering/PaintInfo.h:
        (WebCore::PaintInfo::infiniteRect): Ensuring the infiniteRect doesn't overflow the
        FractionalLayoutUnit bounds.
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlock::checkPaginationAndFloatsAtEndLine): Switch to
        FractionalLayoutUnit's abs function instead of std::abs.
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry): Add rounding for
        setting the phase of the background geometry before applying modulo from the tile size.
        * rendering/RenderDeprecatedFlexibleBox.cpp:
        (WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox): Stop applying flex when
        we have less than a pixel to distribute.
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::backgroundClipRect): Replace PaintInfo::infiniteRect with the
        LayoutRect equivalent.
        * rendering/RenderLineBoxList.cpp:
        (WebCore::RenderLineBoxList::rangeIntersectsRect): Using FractionalLayoutUnit::abs
        instead of std::abs.
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::repaintAfterLayoutIfNeeded): Ditto.
        * rendering/RenderObject.h:
        (WebCore): Removing unnecessary adjustForAbsoluteZoom function.
        (WebCore::RenderObject::outlineSize): Outlines remain ints.
        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::styleOrColLogicalWidth): Build fix. Using floats because
        colWidthSum is a Length which uses floats.
        * rendering/RenderThemeChromiumSkia.cpp:
        (WebCore::RenderThemeChromiumSkia::paintSearchFieldResultsButton): Explicit templatization
        for max.
        * rendering/RenderTreeAsText.cpp: Adding code to minimize test expectation churn. It
        may be worth outputting float values in test expectations, but this isn't done with
        the inline box tree yet, either.
        * rendering/RenderTreeAsText.h:
        (WebCore): Adding a FractionalLayoutPoint operator.
        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::updateWidgetGeometry): Adding missing pixel snapping, and switching
        absoluteContentBox to an IntRect, as this is what boundingBox returns.
        * rendering/svg/SVGRenderTreeAsText.cpp:
        (WebCore::writePositionAndStyle): Adding an enclosingIntRect for consistency with old results.

2012-05-03  Levi Weintraub  <leviw@chromium.org> and Emil A Eklund <eae@chromium.org>

        [meta] Switch away from integers representing pixels for layout/event handling/rendering
        https://bugs.webkit.org/show_bug.cgi?id=60318

        Reviewed by Eric Seidel.

        Swapping the LayoutUnit backend to FractionalLayoutUnit from int.
        
        FractionalLayoutUnit is a new type that uses an integer that can represent a fraction of a
        pixel. The ENABLE_SUBPIXEL_LAYOUT feature flags toggles this fraction between 1/1 and 1/60.
        Initially, all platforms will default to subpixel layout being off, so FractionalLayoutUnits
        will effectively continue to act as integers.
        
        With ENABLE_SUBPIXEL_LAYOUT turned on, FractionalLayoutUnits accumulate error from sub-pixel
        CSS values and applied zooming, and painting uses pixel-snapping to align these values
        to pixels and prevent unwanted anti-aliasing. See http://trac.webkit.org/wiki/LayoutUnit for
        details.

        In a number of previous patches, LayoutUnits were plumbed throughout the rendering tree to
        prepare for this change. This included a number of functions in LayoutTypes.h and the
        IntRect/Point/Size classes that were effectively no-ops while LayoutUnits were integers. See
        http://webkit.org/b/60318 for the exhaustive list of changes that were done in preparation
        for this. Subsequent patches will remove unnecessary versions of these functions.
        http://webkit.org/b/84616 tracks these changes.

        Tests: fast/sub-pixel/client-width-height-snapping.html
               fast/sub-pixel/layout-boxes-with-zoom.html
               fast/sub-pixel/size-of-box-with-zoom.html

        * WebCore.exp.in: Updating function signatures that expose FractionalLayoutUnits.
        * WebCore.order: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Adding missing FractionalLayoutPoint.h header.
        * css/CSSPrimitiveValue.cpp:
        (WebCore::CSSPrimitiveValue::computeLength): No longer rounds for imprecise conversion
        when sub-pixel layout is enabled.
        * dom/Element.cpp:
        (WebCore::adjustForLocalZoom): Using rounding instead of incrementing the value before
        adjusting to account for truncation when sub-pixel layout is enabled.
        * rendering/mathml/RenderMathMLBlock.cpp:
        (WebCore): Fixing a static initializer build error by moving an integer constant to be
        an int.
        * rendering/LayoutTypes.h: This file contains the actual switch for changing LayoutUnits
        to be FractionalLayoutUnits. Also updating stub methods with their proper implementations.
        * rendering/PaintInfo.h:
        (WebCore::PaintInfo::infiniteRect): Ensuring the infiniteRect doesn't overflow the
        FractionalLayoutUnit bounds. LayoutRect::infiniteRect() is the largest rectangle that can
        be represented using LayoutUnits.
        * rendering/RenderLayer.h:
        (WebCore::ClipRect::operator!=): Add overload of != to fix complaining compilers when
        * rendering/RenderTreeAsText.cpp: Adding code to minimize test expectation churn. It
        may be worth outputting float values in test expectations, but this isn't done with
        the inline box tree yet, either.
        * rendering/RenderTreeAsText.h:
        (WebCore): Adding a FractionalLayoutPoint operator.
        * rendering/svg/SVGRenderTreeAsText.cpp:
        (WebCore::writePositionAndStyle):
        (WebCore): Adding a FractionalLayoutPoint operator.

2012-05-03  Anders Carlsson  <andersca@apple.com>

        Move repaint counter drawing code out into a separate function
        https://bugs.webkit.org/show_bug.cgi?id=85539

        Reviewed by Simon Fraser.

        The majority of code in TileCache::drawLayer deals with drawing the repaint counter. Move this code out
        into a separate function to make it more clear what drawLayer does.

        * platform/graphics/ca/mac/TileCache.h:
        (TileCache):
        * platform/graphics/ca/mac/TileCache.mm:
        (WebCore::TileCache::drawLayer):
        (WebCore::TileCache::drawRepaintCounter):
        (WebCore):

2012-05-03  Simon Fraser  <simon.fraser@apple.com>

        Compositing 'requiresOwnBackingStore' logic caused new clip rect assertions
        https://bugs.webkit.org/show_bug.cgi?id=85455

        Reviewed by Dean Jackson.
        
        r114283 added logic that allows compositing layers to avoid allocating their own
        backing store and to paint into an ancestor instead. However, that caused
        assertions in RenderLayer::updateClipRects() about m_clipRectsRoot being
        incorrect, because clip rect code assumed that compositing layers
        always painted themselves.
        
        Fixed by calling paintsIntoCompositedAncestor() in RenderLayer::clippingRoot(),
        so that clip rect computation matches painting.

        I wasn't able to easily make a test that reproduces the assertion in DRT.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::clippingRoot):

2012-05-03  Tim Horton  <timothy_horton@apple.com>

        REGRESSION(99539): SVG <img> disregards page scale and device scale
        https://bugs.webkit.org/show_bug.cgi?id=77237
        <rdar://problem/10767413>

        Reviewed by Simon Fraser.

        Rename SVGImageCache::SizeAndZoom to SVGImageCache::SizeAndScales, as it carries more than just zoom now.

        Pass the product of the device and page scales through everything that takes a SVGImageCache::SizeAndScales,
        using it to inflate the size of the buffer created in lookupOrCreateBitmapImageForRenderer,
        and to inflate the destination rectangle passed to SVGImage::draw, which will cause a transformation
        on the context being drawn into.

        Invalidate the SVGImageCache entry on device/page scale changes in addition to zoom changes.

        This patch does not cause SVGImageCache to take into account scale caused by CSS transforms; that is tracked
        separately by https://bugs.webkit.org/show_bug.cgi?id=85335.

        Tests: svg/as-image/image-respects-deviceScaleFactor.html
               svg/as-image/image-respects-pageScaleFactor.html

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::setContainerSizeForRenderer):
        (WebCore::CachedImage::imageSizeForRenderer):
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::drawSVGToImageBuffer):
        * svg/graphics/SVGImage.h:
        * svg/graphics/SVGImageCache.cpp:
        (WebCore::SVGImageCache::~SVGImageCache):
        (WebCore::SVGImageCache::removeRendererFromCache):
        (WebCore::SVGImageCache::setRequestedSizeAndScales):
        (WebCore::SVGImageCache::requestedSizeAndScales):
        (WebCore::SVGImageCache::redraw):
        (WebCore::SVGImageCache::lookupOrCreateBitmapImageForRenderer):
        * svg/graphics/SVGImageCache.h:
        (WebCore::SVGImageCache::SizeAndScales::SizeAndScales):
        (SizeAndScales):
        (SVGImageCache):
        (WebCore::SVGImageCache::ImageData::ImageData):
        (ImageData):

2012-05-03  Fady Samuel  <fsamuel@chromium.org>

        Removing line in computeViewportAttributes that enforces a minimum scale factor to never allow zooming out more than viewport
        https://bugs.webkit.org/show_bug.cgi?id=70609

        Reviewed by Kenneth Rohde Christiansen.

        Make Viewport Attributes' layoutSize be a FloatRect to avoid rounding
        too early, and the occasional off by one fixed layout dimensions.

        * dom/ViewportArguments.cpp:
        (WebCore::computeViewportAttributes):
        * dom/ViewportArguments.h:
        (ViewportAttributes):

2012-05-03  Joshua Bell  <jsbell@chromium.org>

        IndexedDB: Handle generated keys up to 2^53
        https://bugs.webkit.org/show_bug.cgi?id=85114

        The spec defines the behavior for generated keys up to 2^53
        (the maximum integer storable as an ECMAScript number) and
        the error case when going beyond that. Ensure that we can
        handle values up to that point and generate errors beyond.

        Reviewed by Tony Chang.

        Test: storage/indexeddb/key-generator.html

        * Modules/indexeddb/IDBBackingStore.h:
        (IDBBackingStore):
        * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
        (WebCore::IDBLevelDBBackingStore::nextAutoIncrementNumber):
        * Modules/indexeddb/IDBLevelDBBackingStore.h:
        (IDBLevelDBBackingStore):
        * Modules/indexeddb/IDBObjectStoreBackendImpl.cpp:
        (WebCore::IDBObjectStoreBackendImpl::putInternal):
        (WebCore::IDBObjectStoreBackendImpl::genAutoIncrementKey):
        * Modules/indexeddb/IDBObjectStoreBackendImpl.h:
        (IDBObjectStoreBackendImpl):

2012-05-03  Simon Fraser  <simon.fraser@apple.com>

        Remove RenderLayerCompositor::didStartAcceleratedAnimation()
        https://bugs.webkit.org/show_bug.cgi?id=85514

        Reviewed by Antti Koivisto.
        
        Remove RenderLayerCompositor::didStartAcceleratedAnimation(), which is no longer
        needed.

        Code removal, no new tests.

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::startAnimation):
        (WebCore::RenderLayerBacking::startTransition):
        * rendering/RenderLayerCompositor.cpp:
        * rendering/RenderLayerCompositor.h:

2012-05-03  Andreas Kling  <kling@webkit.org>

        REGRESSION(r111387): CSSOM representation of 'background-image' values should be CSSPrimitiveValue.
        <http://webkit.org/b/85500>

        Reviewed by Antti Koivisto.

        Use the cloneForCSSOM() mechanism in CSSValue to expose CSSImageValue to bindings as a URI
        primitive value. This matches the specced behavior of computed image values, and restores our
        previous behavior without having CSSImageValue subclass CSSPrimitiveValue.

        Also added a failsafe return after the isCSSOMSafe() assertion in the JSC bindings, since it's
        better to expose an incorrect return value than an insecurely shared one, should we have or add
        bugs in this code.

        * bindings/js/JSCSSValueCustom.cpp:
        (WebCore::toJS):
        * css/CSSImageValue.cpp:
        (WebCore::CSSImageValue::cloneForCSSOM):
        * css/CSSImageValue.h:
        * css/CSSValue.cpp:
        (WebCore::CSSValue::cloneForCSSOM):

2012-05-03  Keishi Hattori  <keishi@webkit.org>

        Crash in HTMLFormControlElement::m_fieldSetAncestor
        https://bugs.webkit.org/show_bug.cgi?id=85453

        Reviewed by Kent Tamura.

        Modified tests: fast/forms/datalist/datalist-child-validation.html
                        fast/forms/form-control-element-crash.html

        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::removedFrom): Only set the invalid ancestor flag.
        The element will be detached from the document so there is no need to update the style.
        And the validation message will be hidden by the blur event.
        (WebCore::HTMLFormControlElement::willValidate): Because of the change to removedFrom,
        m_ancestorsValid may be false.

2012-05-03  Simon Fraser  <simon.fraser@apple.com>

        Keep overlap testing for compositing on pages with 3d transforms when possible
        https://bugs.webkit.org/show_bug.cgi?id=62487

        Reviewed by Antti Koivisto.
        
        Change RenderLayerCompositor to always use overlap testing when possible.

        Rather than turn off overlap testing wholesale when encountering a non-affine
        transform, or starting an accelerated transform animation, we constrain
        the disabling of overlap testing to within overflow:hidden areas when possible.

        Tests: compositing/layer-creation/overlap-animation.html
               compositing/layer-creation/overlap-transforms.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::setCompositedBounds): Whitespace fix.
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::CompositingState::CompositingState):
        (CompositingState): Add a member boolean to track whether we're testing overlap. Add a copy
        constructor.
        (WebCore::RenderLayerCompositor::updateCompositingLayers): Initialize the 'testing overlap'
        setting based on m_compositingConsultsOverlap (though this will always be true until removed
        in a future commit).
        (WebCore::RenderLayerCompositor::updateBacking): No longer turn off overlap testing
        when we see a non-affine transform.
        (WebCore::RenderLayerCompositor::computeCompositingRequirements): No need for the 'struct'
        in the arguments.
        Consult compositingState.m_testingOverlap to see if we want to test overlap.
        Use the new CompositingState copy ctor for childState, but set m_subtreeIsCompositing to false
        as before.
        If this layer is composited, look to see if need to disable over lap testing based on
        the transform or an animation.
        Just as we propagate m_subtreeIsCompositing, we have to propagate m_testingOverlap=false
        for the rest of the traverse.
        If we've just processed a layer which clips compositing descendants, we can go back
        to testing for overlap.
        (WebCore::RenderLayerCompositor::didStartAcceleratedAnimation): No need to do anything
        here now. It will be removed in future.
        (WebCore::RenderLayerCompositor::hasNonAffineTransform): No longer check
        perspective here, since that doesn't affect whether _this_ layer should disable
        overlap testing. Checking for a non-affine transform is sufficient.
        (WebCore::RenderLayerCompositor::isRunningAcceleratedTransformAnimation):
        New method to check if AnimationController is running a transform animation.
        * rendering/RenderLayerCompositor.h:
        (RenderLayerCompositor):

2012-05-03  Chris Fleizach  <cfleizach@apple.com>

        accessibility/misspelled-attributed-string.html test sometimes throws exceptions
        https://bugs.webkit.org/show_bug.cgi?id=85081

        Reviewed by Darin Adler.

        Add in more range checking in case we get back ranges from spell checking that are wrong.

        * accessibility/mac/WebAccessibilityObjectWrapper.mm:
        (AXAttributeStringSetFont):
        (AXAttributeStringSetColor):
        (AXAttributeStringSetNumber):
        (AXAttributeStringSetBlockquoteLevel):
        (AXAttributeStringSetHeadingLevel):
        (AXAttributeStringSetElement):

2012-05-03  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: move canonical mime type calculation to Resource
        https://bugs.webkit.org/show_bug.cgi?id=85507

        Reviewed by Yury Semikhatsky.

        Drive-by: small refactoring that prepares code for formatter extraction.

        * inspector/front-end/BreakpointsSidebarPane.js:
        * inspector/front-end/DebuggerModel.js:
        (WebInspector.DebuggerModel.prototype.createLiveLocation):
        (WebInspector.DebuggerModel.prototype.rawLocationToUILocation):
        * inspector/front-end/DebuggerPresentationModel.js:
        (WebInspector.DebuggerPresentationModelResourceBinding.prototype._uiSourceCodeForResource):
        * inspector/front-end/NetworkManager.js:
        (WebInspector.NetworkDispatcher.prototype._createNetworkRequest):
        (get WebInspector):
        * inspector/front-end/Resource.js:
        (WebInspector.Resource.prototype.requestContent):
        (WebInspector.Resource.prototype.canonicalMimeType):
        (WebInspector.Resource.prototype._innerRequestContent.callback):
        (WebInspector.Resource.prototype._innerRequestContent):
        * inspector/front-end/ResourceView.js:
        (WebInspector.ResourceSourceFrame.prototype.requestContent):
        (WebInspector.ResourceSourceFrame.prototype._contentChanged):

2012-05-03  Yury Semikhatsky  <yurys@chromium.org>

        Web Inspector: 'expires' value is incorrect for cookies
        https://bugs.webkit.org/show_bug.cgi?id=85489

        Reviewed by Pavel Feldman.

        Fixed cookie 'expires' property type from integer to number so that
        we don't lose precision when assembling Cookie parameter in InspectorResourceAgent.

        * inspector/Inspector.json:

2012-05-03  Dan Bernstein  <mitz@apple.com>

        highlight for Ruby text is mispositioned in the Web Inspector
        https://bugs.webkit.org/show_bug.cgi?id=82684

        Reviewed by Simon Fraser.

        Tests: fast/writing-mode/flipped-blocks-inline-map-local-to-container-expected.html
               fast/writing-mode/flipped-blocks-inline-map-local-to-container.html

        In flipped blocks writing modes, flipping was being applied twice to box descendants of
        inline children of the flipped block, once during RenderBox::mapLocalToContainer, and then
        again by RenderInline::mapLocalToContainer. The fix is to make the latter only apply the
        flip to local coordinates originating in the inline or a descendant inline. This is done
        by adding a parameter of type ApplyContainerFlipOrNot, which defaults to ApplyContainerFlip
        but is reset to DoNotApplyContainerFlip in recursive calls into mapLocalToContainer().

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::mapLocalToContainer): Added ApplyContainerFlipOrNot parameter, passing
        DoNotApplyContainerFlip when recursing into the container.
        * rendering/RenderBox.h:

        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::mapLocalToContainer): Added ApplyContainerFlipOrNot paramerer, and
        made the flipping conditional on its value.

        * rendering/RenderInline.h:

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::mapLocalToContainer): Added ApplyContainerFlipOrNot parameter,
        passing DoNotApplyContainerFlip when recursing into the container.
        (WebCore::RenderObject::localToContainerQuad): Pass ApplyContainerFlip.
        (WebCore::RenderObject::localToContainerPoint): Ditto.
        * rendering/RenderObject.h:

        * rendering/RenderView.cpp:
        (WebCore::RenderView::mapLocalToContainer): Added ApplyContainerFlipOrNot parameter.
        * rendering/RenderView.h:

        * rendering/svg/RenderSVGForeignObject.cpp:
        (WebCore::RenderSVGForeignObject::mapLocalToContainer): Ditto.
        * rendering/svg/RenderSVGForeignObject.h:

        * rendering/svg/RenderSVGInline.cpp:
        (WebCore::RenderSVGInline::mapLocalToContainer): Ditto.
        * rendering/svg/RenderSVGInline.h:

        * rendering/svg/RenderSVGModelObject.cpp:
        (WebCore::RenderSVGModelObject::mapLocalToContainer): Ditto.
        * rendering/svg/RenderSVGModelObject.h:

        * rendering/svg/RenderSVGRoot.cpp:
        (WebCore::RenderSVGRoot::mapLocalToContainer): Ditto.
        * rendering/svg/RenderSVGRoot.h:

        * rendering/svg/RenderSVGText.cpp:
        (WebCore::RenderSVGText::mapLocalToContainer): Ditto.
        * rendering/svg/RenderSVGText.h:

        * rendering/svg/SVGRenderSupport.cpp:
        (WebCore::SVGRenderSupport::mapLocalToContainer): Pass DoNotApplyContainerFlip when
        recursing into the parent.

2012-05-03  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: make Script a ContentProvider.
        https://bugs.webkit.org/show_bug.cgi?id=85486

        Reviewed by Yury Semikhatsky.

        This allows us to get rid of the corresponding content provider wrapper.

        * inspector/front-end/ContentProviders.js:
        * inspector/front-end/RawSourceCode.js:
        (WebInspector.RawSourceCode.prototype._createContentProvider):
        * inspector/front-end/Script.js:
        (WebInspector.Script.prototype.contentURL):
        (WebInspector.Script.prototype.requestContent.didGetScriptSource):
        (WebInspector.Script.prototype.requestContent):
        * inspector/front-end/SnippetsModel.js:
        (WebInspector.SnippetsScriptMapping.prototype._createUISourceCodeForScript):

2012-05-03  Caio Marcelo de Oliveira Filho  <caio.oliveira@openbossa.org>

        Remove extra checks for empty string when parsing CSS value
        https://bugs.webkit.org/show_bug.cgi?id=85480

        Reviewed by Alexis Menard.

        Each parse value helper function was checking whether the value string was empty. For the
        common case this check is already done by StylePropertySet::setProperty(). So this patch
        make CSSParser::parseValue() assume the value string is not empty, and fix the other two
        clients.

        Test: fast/html/font-face-empty-should-not-crash.html

        * css/CSSParser.cpp:
        (WebCore::parseColorValue): Replace the string empty check by an ASSERT() to document
        function's expectations.
        (WebCore::parseSimpleLengthValue): Ditto.
        (WebCore::parseKeywordValue): Ditto.
        (WebCore::CSSParser::parseFontFaceValue): This will be covered by the added test.
        (WebCore::CSSParser::parseValue):
        * css/WebKitCSSMatrix.cpp:
        (WebCore::WebKitCSSMatrix::setMatrixValue): This is already covered by
        transforms/cssmatrix-2d-interface.xhtml.

2012-05-03  Arpita Bahuguna  <arpitabahuguna@gmail.com>

        Broken handling of pseudo-elements in selectors API
        https://bugs.webkit.org/show_bug.cgi?id=83446

        Reviewed by Antti Koivisto.

        Test: fast/dom/Window/querySelectorAll-with-pseudo-elements.html

        * css/SelectorChecker.cpp:
        (WebCore::SelectorChecker::SelectorChecker):
        Setting the default value for the enum member m_mode to ResolvingStyle.

        (WebCore::SelectorChecker::checkSelector):
        Instead of verifying against the bool m_isCollectingRulesOnly, we now check whether or not
        m_mode is set to ResolvingStyle.

        (WebCore::SelectorChecker::checkOneSelector):
        Instead of verifying against the bool m_isCollectingRulesOnly, we now check whether or not
        m_mode is set to ResolvingStyle. Also, for the pseudo-elements case we check if its
        value is set to QueryingRules in which case we return false.

        * css/SelectorChecker.h:
        (WebCore::SelectorChecker::mode):
        Returns the mode (m_mode) value.

        (WebCore::SelectorChecker::setMode):
        Sets the mode (m_mode) to the passed enum value.

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::sortAndTransferMatchedRules):
        (WebCore::StyleResolver::collectMatchingRulesForList):
        Retrieves SelectorChecker's mode value.

        * dom/SelectorQuery.cpp:
        (WebCore::SelectorQuery::SelectorQuery):
        Sets SelectorChecker's mode to QueryingRules.

        * html/shadow/ContentSelectorQuery.cpp:
        (WebCore::ContentSelectorQuery::ContentSelectorQuery):
        Sets SelectorChecker's mode to CollectingRules.

2012-05-03  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: EXC_BAD_ACCESS in DOM breakpoint processing code.
        https://bugs.webkit.org/show_bug.cgi?id=85482

        Reviewed by Yury Semikhatsky.

        0 check added since we are guaranteed to get immediate parent, but not the whole ancestor tree.

        * inspector/InspectorDOMDebuggerAgent.cpp:
        (WebCore::InspectorDOMDebuggerAgent::descriptionForDOMEvent):

2012-05-03  Ilya Tikhonovsky  <loislo@chromium.org>

        Web Inspector: compile time ambiguity happens when I try to assign a TypeBuilder object to an out argument.
        https://bugs.webkit.org/show_bug.cgi?id=85462

        It happens because we have type casting operators for both types RefPtr<*Type*> and PassRefPtr<*Type*>.
        I think we can drop PassRefPtr type casting operator and use a named function 'release'.

        Reviewed by Yury Semikhatsky.

        * inspector/CodeGeneratorInspector.py:
        * inspector/ContentSearchUtils.cpp:
        (WebCore::ContentSearchUtils::buildObjectForSearchMatch):
        * inspector/InspectorApplicationCacheAgent.cpp:
        (WebCore::InspectorApplicationCacheAgent::buildObjectForApplicationCache):
        * inspector/InspectorPageAgent.cpp:
        (WebCore::buildObjectForCookie):
        (WebCore::buildObjectForSearchResult):
        * inspector/InspectorResourceAgent.cpp:
        (WebCore::buildObjectForTiming):
        (WebCore::InspectorResourceAgent::buildInitiatorObject):
        * inspector/ScriptCallFrame.cpp:
        (WebCore::ScriptCallFrame::buildInspectorObject):

2012-05-03  Yury Semikhatsky  <yurys@chromium.org>

        Web Inspector: crash in InspectorResourceAgent::didReceiveWebSocketFrame
        https://bugs.webkit.org/show_bug.cgi?id=85394

        Reviewed by Pavel Feldman.

        Pass string length explicitely when creating String object from non-null-terminated
        char* strings.

        * inspector/InspectorResourceAgent.cpp:
        (WebCore):
        (WebCore::InspectorResourceAgent::didReceiveWebSocketFrame):
        (WebCore::InspectorResourceAgent::didSendWebSocketFrame):

2012-05-03  'Pavel Feldman'  <pfeldman@chromium.org>

        Not reviewed: never surround InspectorInstrumentation:: with ENABLED(INSPECTOR)

        * dom/ContainerNode.cpp:
        (WebCore::ContainerNode::insertBefore):
        (WebCore::ContainerNode::replaceChild):
        (WebCore::ContainerNode::appendChild):
        (WebCore::dispatchChildRemovalEvents):

2012-04-30  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: migrate breakpoint manager to live locations.
        https://bugs.webkit.org/show_bug.cgi?id=85136

        Reviewed by Yury Semikhatsky.

        - Merges Breakpoint and UIBreakpoint to have single instance
        - Extracts storage from the breakpoint manager
        - Makes breakpoint manager use source mapping from the script, not the presentation model
        - Removes breakpoints collection from the UISourceCode
        Unfortunately, there are too many inter-dependencies that require that these changes are done simultaneously.

        * inspector/front-end/BreakpointManager.js:
        (WebInspector.BreakpointManager):
        (WebInspector.BreakpointManager.prototype.setBreakpoint):
        (WebInspector.BreakpointManager.prototype.breakpoint):
        (WebInspector.BreakpointManager.prototype.breakpointLocationsForUISourceCode):
        (WebInspector.BreakpointManager.prototype.removeAllBreakpoints):
        (WebInspector.BreakpointManager.prototype.reset):
        (WebInspector.BreakpointManager.prototype.debuggerReset):
        (WebInspector.BreakpointManager.prototype._breakpointResolved):
        (WebInspector.BreakpointManager.prototype._removeBreakpoint):
        (WebInspector.BreakpointManager.prototype._uiLocationAdded):
        (WebInspector.BreakpointManager.prototype._uiLocationRemoved):
        (WebInspector.BreakpointManager.prototype.storage):
        (WebInspector.BreakpointManager.Breakpoint):
        (WebInspector.BreakpointManager.Breakpoint.prototype.primaryUILocation):
        (WebInspector.BreakpointManager.Breakpoint.prototype._addResolvedLocation):
        (WebInspector.BreakpointManager.Breakpoint.prototype.enabled):
        (WebInspector.BreakpointManager.Breakpoint.prototype.setEnabled):
        (WebInspector.BreakpointManager.Breakpoint.prototype.condition):
        (WebInspector.BreakpointManager.Breakpoint.prototype.setCondition):
        (WebInspector.BreakpointManager.Breakpoint.prototype._updateBreakpoint):
        (WebInspector.BreakpointManager.Breakpoint.prototype.remove):
        (WebInspector.BreakpointManager.Breakpoint.prototype._setInDebugger.didSetBreakpoint):
        (WebInspector.BreakpointManager.Breakpoint.prototype._setInDebugger):
        (WebInspector.BreakpointManager.Breakpoint.prototype._removeFromDebugger):
        (WebInspector.BreakpointManager.Breakpoint.prototype._resetLocations):
        (WebInspector.BreakpointManager.Breakpoint.prototype._breakpointStorageId):
        (WebInspector.BreakpointManager.Breakpoint.prototype._fakeBreakpointAtPrimaryLocation):
        (WebInspector.BreakpointManager.Storage.get this):
        (WebInspector.BreakpointManager.Storage):
        (WebInspector.BreakpointManager.Storage.prototype.restoreBreakpoints):
        (WebInspector.BreakpointManager.Storage.prototype._updateBreakpoint):
        (WebInspector.BreakpointManager.Storage.prototype._removeBreakpoint):
        (WebInspector.BreakpointManager.Storage.prototype._save):
        (set WebInspector.BreakpointManager.Storage.Item):
        * inspector/front-end/BreakpointsSidebarPane.js:
        (WebInspector.JavaScriptBreakpointsSidebarPane):
        (WebInspector.JavaScriptBreakpointsSidebarPane.prototype._breakpointAdded.didRequestContent):
        (WebInspector.JavaScriptBreakpointsSidebarPane.prototype._breakpointAdded):
        (WebInspector.JavaScriptBreakpointsSidebarPane.prototype._breakpointRemoved):
        (WebInspector.JavaScriptBreakpointsSidebarPane.prototype.highlightBreakpoint):
        (WebInspector.JavaScriptBreakpointsSidebarPane.prototype._createBreakpointItemId):
        (WebInspector.JavaScriptBreakpointsSidebarPane.prototype._breakpointClicked):
        (WebInspector.JavaScriptBreakpointsSidebarPane.prototype._breakpointCheckboxClicked):
        (WebInspector.JavaScriptBreakpointsSidebarPane.prototype._breakpointContextMenu):
        * inspector/front-end/DebuggerModel.js:
        (WebInspector.DebuggerModel):
        (WebInspector.DebuggerModel.prototype.breakpointsActive):
        (WebInspector.DebuggerModel.prototype.createLiveLocation):
        * inspector/front-end/DebuggerPresentationModel.js:
        (WebInspector.DebuggerPresentationModel.prototype._handleUISourceCodeListChanged):
        (WebInspector.DebuggerPresentationModelResourceBinding.prototype._setContentWithInitialContent):
        * inspector/front-end/JavaScriptSource.js:
        (WebInspector.JavaScriptSource):
        (WebInspector.JavaScriptSource.prototype.consoleMessagesCleared):
        * inspector/front-end/JavaScriptSourceFrame.js:
        (WebInspector.JavaScriptSourceFrame):
        (WebInspector.JavaScriptSourceFrame.prototype.canEditSource):
        (WebInspector.JavaScriptSourceFrame.prototype.editContent):
        (WebInspector.JavaScriptSourceFrame.prototype._onContentChanged):
        (WebInspector.JavaScriptSourceFrame.prototype.populateLineGutterContextMenu):
        (WebInspector.JavaScriptSourceFrame.prototype.beforeTextChanged):
        (WebInspector.JavaScriptSourceFrame.prototype.didEditContent):
        (WebInspector.JavaScriptSourceFrame.prototype._addBreakpointDecoration):
        (WebInspector.JavaScriptSourceFrame.prototype._onMouseDown):
        (WebInspector.JavaScriptSourceFrame.prototype._editBreakpointCondition.finishEditing):
        (WebInspector.JavaScriptSourceFrame.prototype._editBreakpointCondition):
        (WebInspector.JavaScriptSourceFrame.prototype._breakpointAdded):
        (WebInspector.JavaScriptSourceFrame.prototype._breakpointRemoved):
        (WebInspector.JavaScriptSourceFrame.prototype.onTextViewerContentLoaded):
        (WebInspector.JavaScriptSourceFrame.prototype._setBreakpoint):
        (WebInspector.JavaScriptSourceFrame.prototype._continueToLine):
        (WebInspector.JavaScriptSourceFrame.prototype._updateBreakpointsAfterLiveEdit):
        * inspector/front-end/Script.js:
        (WebInspector.Script.prototype.rawLocationToUILocation):
        * inspector/front-end/ScriptsPanel.js:
        (WebInspector.ScriptsPanel.prototype._uiSourceCodeAdded):
        (WebInspector.ScriptsPanel.prototype._uiSourceCodeRemoved):
        (WebInspector.ScriptsPanel.prototype._debuggerPaused.else.didGetUILocation):
        (WebInspector.ScriptsPanel.prototype._debuggerPaused):
        (WebInspector.ScriptsPanel.prototype._uiSourceCodeReplaced):
        * inspector/front-end/UISourceCode.js:
        (WebInspector.UISourceCode.prototype.contentChanged):

2012-05-03  Andrey Kosyakov  <caseq@chromium.org>

        Unreviewed attemp to fix chromium win build broken at r115943.

        * notifications/NotificationClient.h:
        (WebCore):

2012-05-03  Vivek Galatage  <vivekgalatage@gmail.com>

        Linker warnings due to duplicate symbols for SimplifyMarkupCommand.cpp on Windows
        https://bugs.webkit.org/show_bug.cgi?id=85467

        Reviewed by Ryosuke Niwa.

        Removed the multiple inclusion of the file SimplifyMarkupCommand.cpp 

        No new tests required.

        * WebCore.vcproj/WebCore.vcproj:

2012-05-03  Uday Kiran  <udaykiran@motorola.com>

        CSS clip: auto clips to box borders instead of removing clipping
        https://bugs.webkit.org/show_bug.cgi?id=36772

        Reviewed by Andreas Kling.

        According to CSS 2.1 spec, http://www.w3.org/TR/CSS2/visufx.html#propdef-clip,
        clip property with value 'auto' the element does not clip.
        Also getPropertyValue for clip when auto is specified should return "auto"
        and not "rect(0px 0px 0px 0px)".

        Tests: css2.1/20110323/clip-001-expected.html
               css2.1/20110323/clip-001.html

        * css/StyleBuilder.cpp:
        (WebCore::ApplyPropertyClip::applyValue):

2012-05-02  Antti Koivisto  <antti@apple.com>

        Add temporary feature define for parsed stylesheet caching
        https://bugs.webkit.org/show_bug.cgi?id=85413

        Rubber-stamped by Nikolas Zimmermann.

        While not an externally visible feature this is still a significant internal change.
        It is good to have define in case someone has an urgent need to turn it off.
        
        Caching is enabled by default on all platforms. The define should be removed after some bake time.

        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::setCSSStyleSheet):

2012-05-03  Nikolas Zimmermann  <nzimmermann@rim.com>

        Accumulation for values-animation is broken
        https://bugs.webkit.org/show_bug.cgi?id=85158

        Reviewed by Zoltan Herczeg.

        Follow-up patch: Add const Foo& foo() const accessors to SVGAnimatedType,
        to avoid the "Foo& foo = animated->foo()" idiom in all cases where we
        don't need to mutate 'foo'. Use "const Foo& foo = animated->foo()" instead.
        Inline all of these methods to avoid the function call overhead.

        For to-animations we actually mutated the from value before, but it wasn't a
        problem in practive, as we did that on every animation step. Fully avoid these
        inconsitencies by never mutating the from/to types stored in SVGAnimateElement.

        Cache toAtEndOfDurationType just like m_toType/m_fromType in SVGAnimateElement,
        to avoid reconstructing it on every animation step.

        No new tests, only design/performance fixes.

        * svg/SVGAnimateElement.cpp:
        (WebCore::SVGAnimateElement::calculateAnimatedValue):
        (WebCore::SVGAnimateElement::calculateToAtEndOfDurationValue):
        (WebCore::SVGAnimateElement::targetElementWillChange):
        * svg/SVGAnimateElement.h:
        (SVGAnimateElement):
        * svg/SVGAnimateMotionElement.cpp:
        (WebCore::SVGAnimateMotionElement::SVGAnimateMotionElement):
        (WebCore::SVGAnimateMotionElement::calculateToAtEndOfDurationValue):
        (WebCore::SVGAnimateMotionElement::calculateFromAndToValues):
        (WebCore::SVGAnimateMotionElement::calculateFromAndByValues):
        (WebCore::SVGAnimateMotionElement::calculateAnimatedValue):
        * svg/SVGAnimateMotionElement.h:
        (SVGAnimateMotionElement):
        * svg/SVGAnimatedAngle.cpp:
        (WebCore::SVGAnimatedAngleAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedAngleAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedBoolean.cpp:
        (WebCore::SVGAnimatedBooleanAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedColor.cpp:
        (WebCore::SVGAnimatedColorAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedEnumeration.cpp:
        (WebCore::SVGAnimatedEnumerationAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedInteger.cpp:
        (WebCore::SVGAnimatedIntegerAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedIntegerOptionalInteger.cpp:
        (WebCore::SVGAnimatedIntegerOptionalIntegerAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedIntegerOptionalIntegerAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedLength.cpp:
        (WebCore::SVGAnimatedLengthAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedLengthAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedLengthList.cpp:
        (WebCore::SVGAnimatedLengthListAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedLengthListAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedNumber.cpp:
        (WebCore::SVGAnimatedNumberAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedNumberList.cpp:
        (WebCore::SVGAnimatedNumberListAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedNumberListAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedNumberOptionalNumber.cpp:
        (WebCore::SVGAnimatedNumberOptionalNumberAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedNumberOptionalNumberAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedPath.cpp:
        (WebCore::SVGAnimatedPathAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedPointList.cpp:
        (WebCore::SVGAnimatedPointListAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedPointListAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedPreserveAspectRatio.cpp:
        (WebCore::SVGAnimatedPreserveAspectRatioAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedRect.cpp:
        (WebCore::SVGAnimatedRectAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedString.cpp:
        (WebCore::SVGAnimatedStringAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedTransformList.cpp:
        (WebCore::SVGAnimatedTransformListAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedTransformListAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedType.cpp:
        * svg/SVGAnimatedType.h:
        (WebCore::SVGAnimatedType::angleAndEnumeration):
        (SVGAnimatedType):
        (WebCore::SVGAnimatedType::boolean):
        (WebCore::SVGAnimatedType::color):
        (WebCore::SVGAnimatedType::enumeration):
        (WebCore::SVGAnimatedType::integer):
        (WebCore::SVGAnimatedType::integerOptionalInteger):
        (WebCore::SVGAnimatedType::length):
        (WebCore::SVGAnimatedType::lengthList):
        (WebCore::SVGAnimatedType::number):
        (WebCore::SVGAnimatedType::numberList):
        (WebCore::SVGAnimatedType::numberOptionalNumber):
        (WebCore::SVGAnimatedType::path):
        (WebCore::SVGAnimatedType::pointList):
        (WebCore::SVGAnimatedType::preserveAspectRatio):
        (WebCore::SVGAnimatedType::rect):
        (WebCore::SVGAnimatedType::string):
        (WebCore::SVGAnimatedType::transformList):
        * svg/SVGAnimationElement.cpp:
        (WebCore::SVGAnimationElement::currentValuesForValuesAnimation):
        (WebCore::SVGAnimationElement::startedActiveInterval):
        (WebCore::SVGAnimationElement::updateAnimation):
        * svg/SVGAnimationElement.h:
        (WebCore::SVGAnimationElement::adjustFromToListValues):
        (WebCore::SVGAnimationElement::animateDiscreteType):
        (SVGAnimationElement):

2012-05-02  Alexander Færøy  <ahf@0x90.dk>

        Rename deviceDPI to devicePixelRatio
        https://bugs.webkit.org/show_bug.cgi?id=85049

        Reviewed by Kenneth Rohde Christiansen.

        No new tests added since this is a minor refactoring with no changes
        that should affect tests.

        * page/Settings.cpp:
        (WebCore::Settings::Settings):
        * page/Settings.h:
        (WebCore::Settings::setDevicePixelRatio):
        (WebCore::Settings::devicePixelRatio):
        (Settings):

2012-05-03  Nikolas Zimmermann  <nzimmermann@rim.com>

        Fix multiple begin values support - especially with seeking through setCurrentTime
        https://bugs.webkit.org/show_bug.cgi?id=85372

        Reviewed by Zoltan Herczeg.

        Multiple begin values aka. begin="0s; 2s" aren't correctly handled - resulting in broken & unexpected behavior.
        Supporting seeking properly on documents containing such animations is very important, otherwise we can't reliable
        test animations using either reftests or the SVG JS animation test framework.

        Testcase:
        <rect height="100" fill="green">
            <animate attributeName="width" begin="0s; 2s" dur="8s" from="0" to="100" fill="freeze"/>
        </rect>

        What's expected?
        Two times should be contained in the 'begin' times list in SVGSMILElement: m_beginTimes = { 0s, 2s }.
        The initial first resolved interval is: m_intervalBegin=0.0s, m_intervalEnd=8.0s.

        During t=0s..1.9999s the m_intervalBegin/m_intervalEnd are correct.
        At t=2s, a new interval can be started. m_intervalEnd should be set to nextBeginTime, where nextBeginTime=2s.
        The current interval should get cropped to: m_intervalBegin=0s, m_intervalEnd=2s. The following call to
        resolveNextInterval() sees that elapsed >= m_intervalEnd, and thus moves on to the next interval.
        m_intervalBegin should be 2s and m_intervalEnd=10s after that.

        In trunk this behavior is only partly implemented and broken. Especially broken together with seeking via SVGSVGElement.setCurrentTime.
        That's because we don't correctly seek to the right interval in case of multiple begin values, eg. if we sample an animation with
        begin="0s; 3s" dur="6s" we always remain in the first interval and don't move on.

        Fix all of these issues, making lots more tests work in Dr. Olaf Hofmanns SVG Animation test suite.

        Tests: svg/animations/multiple-begin-additive-animation.html
               svg/animations/multiple-begin-animation-discrete-expected.svg
               svg/animations/multiple-begin-animation-discrete.svg
               svg/animations/multiple-begin-animation-expected.svg
               svg/animations/multiple-begin-animation.svg

        * svg/animation/SMILTimeContainer.cpp:
        (WebCore::SMILTimeContainer::begin):
        (WebCore::SMILTimeContainer::setElapsed):
        (WebCore::SMILTimeContainer::updateAnimations):
        * svg/animation/SMILTimeContainer.h:
        (SMILTimeContainer):
        * svg/animation/SVGSMILElement.cpp:
        (WebCore::SVGSMILElement::findInstanceTime):
        (WebCore::SVGSMILElement::resolveInterval):
        (WebCore::SVGSMILElement::resolveNextInterval):
        (WebCore):
        (WebCore::SVGSMILElement::checkRestart):
        (WebCore::SVGSMILElement::seekToIntervalCorrespondingToTime):
        (WebCore::SVGSMILElement::progress):
        * svg/animation/SVGSMILElement.h:
        (SVGSMILElement):

2012-05-03  Dana Jansens  <danakj@chromium.org>

        [chromium] Don't add small opaque areas to the occlusion tracker's Region
        https://bugs.webkit.org/show_bug.cgi?id=85297

        Reviewed by Adrienne Walker.

        Don't add small opaque areas (smaller than 160x160) to the occlusion
        tracker's Region objects to avoid high Region::unite() costs.

        We would like Region to just be fast enough that this isn't a concern,
        and there are patches in flight to do this, but at the moment, small
        opaque areas add significant cost if there is many of them, for
        potentially small gains since they do not cover entire tiles.

        Comments in http://code.google.com/p/chromium/issues/detail?id=124687
        motivate this approach for now, and point to around 160x160 being
        a reasonable threshold.

        Removes the opaque paint tracking flag while we're here. The flag is
        no longer used, and was broken when we moved the "paint vs opaque
        flag" distinction out to the layers.

        Unit test: CCOcclusionTrackerTestMinimumTrackingSize

        * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
        (WebCore::CCLayerTreeHost::paintLayerContents):
        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
        (WebCore::CCLayerTreeHostImpl::calculateRenderPasses):
        * platform/graphics/chromium/cc/CCOcclusionTracker.cpp:
        (WebCore::::CCOcclusionTrackerBase):
        (WebCore::addOcclusionBehindLayer):
        (WebCore::::markOccludedBehindLayer):
        * platform/graphics/chromium/cc/CCOcclusionTracker.h:
        (WebCore::CCOcclusionTrackerBase::setMinimumTrackingSize):
        (CCOcclusionTrackerBase):
        (WebCore::CCOcclusionTrackerBase::preferredMinimumTrackingSize):

2012-05-02  Jon Lee  <jonlee@apple.com>

        Migrate permission functions to Notification from NotificationCenter
        https://bugs.webkit.org/show_bug.cgi?id=80485
        <rdar://problem/10965458>

        Reviewed by Jian Li.

        * notifications/Notification.idl: Add permission functions.
        * notifications/DOMWindowNotifications.idl: Wrap webkitNotifications as part of legacy API.

        * notifications/Notification.cpp: New permission functions are wrapped with ENABLE(NOTIFICATIONS)
        (WebCore::Notification::taskTimerFired): Use the new permission functions to determine whether we can show the
        notification.
        (WebCore::Notification::permissionLevel):
        (WebCore::Notification::permissionString): Declare three static locals for each of the values, and return
        based on the permission enum.
        (WebCore::Notification::requestPermission): Forward request to client.
        * notifications/Notification.h:

        * notifications/NotificationPermissionCallback.h: Added.
        (NotificationPermissionCallback):
        (WebCore::NotificationPermissionCallback::~NotificationPermissionCallback):
        * notifications/NotificationPermissionCallback.idl: Added.

        * notifications/NotificationCenter.cpp: Wrap permission functions in ENABLE(LEGACY_NOTIFICATIONS)
        * notifications/NotificationCenter.h: Wrap permission functions in ENABLE(LEGACY_NOTIFICATIONS)
        * notifications/NotificationCenter.idl: Refactor conditionals to make the center available only when
        ENABLE(LEGACY_NOTIFICATIONS) is on.
        * notifications/NotificationPresenter.h:
        (WebCore::NotificationPresenter::requestPermission): Add new requestPermission() function for new
        NotificationPermissionCallback type. Make it a stub implementation until all ports have adopted.

        * notifications/NotificationClient.h: Add another requestPermission() client call, wrapped in
        ENABLE(NOTIFICATIONS) that accepts the NotificationPermissionCallback. Wrap the original one in
        ENABLE(LEGACY_NOTIFICATIONS).

        * bindings/js/JSDesktopNotificationsCustom.cpp: Change to include the implementation only in
        ENABLE(LEGACY_NOTIFICATIONS).
        * bindings/js/JSNotificationsCustom.cpp: Custom implementation of requestPermission().
        * bindings/v8/custom/V8NotificationCustom.cpp: Custom implementation of requestPermission().

        * notifications/WorkerContextNotifications.idl: Make webktNotifications available only in legacy API.
        * CMakeLists.txt: Add new callback idl.
        * DerivedSources.make: Add new callback idl.
        * DerivedSources.pri: Add new callback idl.
        * GNUmakefile.list.am: Add NotificationPermissionCallback files.
        * Target.pri: Include JSNotificationCustom.cpp, V8NotificationCustom.cpp
        * UseJSC.cmake: Include JSNotificationCustom.cpp
        * UseV8.cmake: Include V8NotificationCustom.cpp
        * WebCore.gypi: Include JSNotificationCustom.cpp, V8NotificationCustom.cpp, JSNotificationPermissionCallback.{h,cpp}
        * WebCore.vcproj/WebCore.vcproj: Include JSNotificationCustom.cpp, JSNotificationPermissionCallback.{h,cpp}
        * WebCore.exp.in: Export permissionString().
        * WebCore.xcodeproj/project.pbxproj: Add callback idl, h, and cpp files.

2012-05-02  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r115907.
        http://trac.webkit.org/changeset/115907
        https://bugs.webkit.org/show_bug.cgi?id=85458

        It broke all viewport tests on Qt and on GTK (Requested by
        Ossy on #webkit).

        * dom/ViewportArguments.cpp:
        (WebCore::computeViewportAttributes):
        * dom/ViewportArguments.h:
        (ViewportAttributes):

2012-05-02  Gustavo Noronha Silva  <gns@gnome.org>

        [GTK] Finish moving modules into libWebCoreModules.la
        https://bugs.webkit.org/show_bug.cgi?id=85449

        Unreviewed build fix.

        * GNUmakefile.list.am: move remaining modules source files into the
        libWebCoreModules library, this should fix the problems people had
        building the 1.9.1 tarball with unpatched make.

2012-05-02  Dongwoo Im  <dw.im@samsung.com>

        [EFL] Unreviewed, Fix build break when WEB_AUDIO is enabled.
        https://bugs.webkit.org/show_bug.cgi?id=85443

        Unreviewed build fix.

        Three new files were added in the Modules/webaudio directory.
        These files should be included into the CMakeLists.txt file.

        * CMakeLists.txt: Add the newly created files into the CMakeLists.txt

2012-05-02  Eric Seidel  <eric@webkit.org>

        Sort ENABLE_ defines in FeatureDefines.xcconfig files to make them easier to compare with one another (and easier to autogenerate)
        https://bugs.webkit.org/show_bug.cgi?id=85433

        Reviewed by Adam Barth.

        I have a script which can autogenerate these xcconfig files as well as the
        vsprops files (and soon the Chromium, cmake, gnumake and qmake) feature lists
        from a central feature list file.
        In preparation for posting such a tool, I'm re-sorting these xcconfig files to be
        alphabetically ordered (currently they're close, but not quite).
        There is also at least one inconsistency between these files (CSS_LEGACY_PREFIXES) which
        I will fix in a second pass.  I will also sort the FEATURE_DEFINES = line in a follow-up patch.

        * Configurations/FeatureDefines.xcconfig:

2012-05-02  Dana Jansens  <danakj@chromium.org>

        [chromium] Don't occlude pixels in a surface that are needed for a background filter blur
        https://bugs.webkit.org/show_bug.cgi?id=84317

        Reviewed by Adrienne Walker.

        Blur filters move pixels around, so a pixel can influence the value of
        pixels at some distance away. If a pixel is not occluded, then all
        pixels within the radius of the blur may influence the value of that
        pixel, so they should also stay unoccluded.

        For background filters, the pixels are read from the filter's target
        surface, so we remove occlusion from that target surface from pixels
        that will blur into visible pixels.

        Unit test: CCOcclusionTrackerTestDontOccludePixelsNeededForBackgroundFilter
                   CCOcclusionTrackerTestTwoBackgroundFiltersReduceOcclusionTwice
                   CCOcclusionTrackerTestDontOccludePixelsNeededForBackgroundFilterWithClip
                   CCOcclusionTrackerTestDontReduceOcclusionBelowBackgroundFilter
                   CCOcclusionTrackerTestDontReduceOcclusionIfBackgroundFilterIsOccluded
                   CCOcclusionTrackerTestReduceOcclusionWhenBackgroundFilterIsPartiallyOccluded

        * platform/graphics/chromium/cc/CCOcclusionTracker.cpp:
        (WebCore::reduceOcclusion):
        (WebCore):
        (WebCore::reduceOcclusionBelowSurface):
        (WebCore::::leaveToTargetRenderSurface):
        (WebCore::::unoccludedContributingSurfaceContentRect):
        * platform/graphics/chromium/cc/CCOcclusionTracker.h:
        (CCOcclusionTrackerBase):
        * platform/graphics/chromium/cc/CCQuadCuller.cpp:
        (WebCore::CCQuadCuller::appendSurface):
        (WebCore::CCQuadCuller::appendReplica):

2012-05-02  Levi Weintraub  <leviw@chromium.org>

        Convert FractionalLayoutUnit overflow assertions to stderr warnings
        https://bugs.webkit.org/show_bug.cgi?id=85393

        Reviewed by Eric Seidel.

        Writing warnings to stderr when FractionalLayoutUnits overflow on debug builds instead of asserting
        and crashing. It can be very useful to WebKit developers know when overflow is occurring, but it's
        not always a programming error, so assert wasn't the right action.

        No new tests. No change in behavior.

        * platform/FractionalLayoutUnit.h:
        (WebCore):
        (WebCore::FractionalLayoutUnit::FractionalLayoutUnit):
        (WebCore::FractionalLayoutUnit::toUnsigned):
        (WebCore::FractionalLayoutUnit::setRawValue):

2012-04-18  Jon Honeycutt  <jhoneycutt@apple.com>

        FrameLoaderClient::dispatchWillSendSubmitEvent() should be given more
        information about the form being submitted
        https://bugs.webkit.org/show_bug.cgi?id=84297

        Reviewed by Andy Estes.

        * html/HTMLFormElement.cpp:
        (WebCore::HTMLFormElement::prepareForSubmission):
        Get the form field names and values, and use them to create a FormState
        object. Pass this object when calling dispatchWillSendSubmitEvent().
        (WebCore::HTMLFormElement::getTextFieldValues):
        Loop over the associated elements, looking for <input> elements.
        Collect their names and values.

        * html/HTMLFormElement.h:
        Declare getTextFieldData().

        * loader/EmptyClients.h:
        (WebCore::EmptyFrameLoaderClient::dispatchWillSendSubmitEvent):
        Updated declaration for new parameter type.

        * loader/FrameLoaderClient.h:
        Updated declaration of dispatchWillSendSubmitEvent() for new param
        type.

2012-04-13  Jon Honeycutt  <jhoneycutt@apple.com>

        Make Page::setDefersLoading() have a call count so that each time
        loading is deferred, it must be balanced with a call to resume.
        https://bugs.webkit.org/show_bug.cgi?id=84522

        Reviewed by Andy Estes.

        * page/Page.cpp:
        (WebCore::Page::Page):
        Initialize new call count member.
        (WebCore::Page::setDefersLoading):
        Check whether the callers wants balanced defer/resume loading behavior.
        If the call count is not changing from 0 to 1 or 1 to 0, return early.
        Otherwise, defer or resume loading for frames in this page.

        * page/Page.h:
        (WebCore::Page::defersLoading):
        Added a member to hold the call count.

        * page/Settings.cpp:
        (WebCore::Settings::Settings):
        Initialized new member m_wantsBalancedSetDefersLoadingBehavior.

        * page/Settings.h:
        (Settings):
        Added new member m_wantsBalancedSetDefersLoadingBehavior.
        (WebCore::Settings::setWantsBalancedSetDefersLoadingBehavior):
        Setter.
        (WebCore::Settings::wantsBalancedSetDefersLoadingBehavior):
        Getter.

2012-05-02  Ojan Vafai  <ojan@chromium.org>

        Add a histogram for rendertree size
        https://bugs.webkit.org/show_bug.cgi?id=85226

        Reviewed by Eric Seidel.

        We record it when the page gets hidden, since this is a point
        at which, in theory, we could kill the rendertree.

        No new tests. This isn't web visible, so there's no way to test it.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::clear):
        * page/Page.cpp:
        (WebCore::Page::renderTreeSize):
        (WebCore):
        (WebCore::Page::setVisibilityState):
        * page/Page.h:
        (Page):
        * platform/HistogramSupport.cpp:
        (WebCore::HistogramSupport::histogramCustomCounts):
        (WebCore):
        * platform/HistogramSupport.h:
        (HistogramSupport):
        * platform/chromium/HistogramSupportChromium.cpp:
        (WebCore::HistogramSupport::histogramCustomCounts):
        (WebCore):

2012-05-02  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r115902.
        http://trac.webkit.org/changeset/115902
        https://bugs.webkit.org/show_bug.cgi?id=85441

        Compile failure on linux 32 (Requested by zhenyao on #webkit).

        * Modules/indexeddb/IDBBackingStore.h:
        (IDBBackingStore):
        * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
        (WebCore::IDBLevelDBBackingStore::nextAutoIncrementNumber):
        * Modules/indexeddb/IDBLevelDBBackingStore.h:
        (IDBLevelDBBackingStore):
        * Modules/indexeddb/IDBObjectStoreBackendImpl.cpp:
        (WebCore::IDBObjectStoreBackendImpl::putInternal):
        (WebCore::IDBObjectStoreBackendImpl::genAutoIncrementKey):
        * Modules/indexeddb/IDBObjectStoreBackendImpl.h:
        (IDBObjectStoreBackendImpl):

2012-05-02  Julien Chaffraix  <jchaffraix@webkit.org>

        Add ASSERTs to avoid querying dirtied z-index or normal flow lists on RenderLayer
        https://bugs.webkit.org/show_bug.cgi?id=84920

        Reviewed by Simon Fraser.

        Covered by existing tests in Debug (at least several time!).

        This change adds some ASSERTs on RenderLayer that prevent any use of its lists if they
        are dirtied.

        On top of this change, we added an invariant that non-stacking contexts should have their
        z-index lists NULL (instead of empty or NULL previously). This is enforced at
        updateZOrderLists time as we now ensure that it is called in a timely manner.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::calculateLayerBounds):
        Added call to updateLayersIfNeeded as we will query them later and there is no guarantee
        that they are not dirty (we recurse in our children as part of calculateLayerBounds).
        This was causing the new ASSERTs to trigger on css3/filter/ tests.

        (WebCore::RenderLayer::dirtyZOrderLists):
        Added a comment as to why we can't ASSERT that we are in a stacking context here.

        (WebCore::RenderLayer::rebuildZOrderLists):
        Added an ASSERT that we only rebuild z-index lists for dirtied stacking context.

        (WebCore::RenderLayer::updateLayerListsIfNeeded):
        Updated to ensure that the reflection layer has its layers updated too. This was triggering
        the new ASSERTs on fast/runins/run-in-layer-not-removed-crash.html.

        (WebCore::RenderLayer::updateCompositingAndLayerListsIfNeeded):
        Updated to use the new isDirtyStackingContext function.

        * rendering/RenderLayer.h:
        (WebCore::RenderLayer::isDirtyStackingContext):
        New helper function. Also made updateLayerListsIfNeeded() the only way
        to update layer. That should prevent any misuse.

        (WebCore::RenderLayer::posZOrderList):
        (WebCore::RenderLayer::negZOrderList):
        (WebCore::RenderLayer::normalFlowList):
        ASSERT that we don't query any of the previous lists if they are dirty. Also
        enforce the invariant that non-stacking contexts should have NULL z-index lists.

        (WebCore::RenderLayer::clearZOrderLists):
        New function to clearZOrderLists so that we can enfore the previous invariant.

        (WebCore::RenderLayer::updateZOrderLists):
        Updated to clear the dirty flag and the z-index lists for non-stacking context.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::addToOverlapMapRecursive):
        (WebCore::RenderLayerCompositor::computeCompositingRequirements):
        (WebCore::RenderLayerCompositor::rebuildCompositingLayerTree):
        Removed the explicit ASSERTs.

        (WebCore::RenderLayerCompositor::updateLayerTreeGeometry):
        (WebCore::RenderLayerCompositor::canBeComposited):
        Disabled compositing on RenderLayer in flow thread. Because flow thread's
        RenderLayer are not collected as part of RenderLayer's lists and could be composited,
        this was causing the new ASSERTs to trigger (e.g. on fast/regions/webkit-flow-renderer-layer.html).

        * rendering/RenderTreeAsText.cpp:
        (WebCore::writeLayers):
        Updated to use updateLayerListsIfNeeded().

2012-05-02  Levi Weintraub  <leviw@chromium.org>

        Remove unused adjustForAbsoluteZoom method in RenderObject.h
        https://bugs.webkit.org/show_bug.cgi?id=85396

        Reviewed by Eric Seidel.

        We only want to use the integer adjustForAbsoluteZoom method, so this remnant is both unused
        and potentially confusing.

        No new tests. Removing unused code.

        * rendering/RenderObject.h:
        (WebCore):

2012-05-02  Fady Samuel  <fsamuel@chromium.org>

        Removing line in computeViewportAttributes that enforces a minimum scale factor to never allow zooming out more than viewport
        https://bugs.webkit.org/show_bug.cgi?id=70609

        Reviewed by Kenneth Rohde Christiansen.

        Make ViewportAttributes' layoutSize be a FloatRect to avoid rounding
        too early, and the occasional off by one fixed layout dimensions.

        * dom/ViewportArguments.cpp:
        (WebCore::computeViewportAttributes):
        * dom/ViewportArguments.h:
        (ViewportAttributes):

2012-05-02  Joshua Bell  <jsbell@chromium.org>

        IndexedDB: Handle generated keys up to 2^53
        https://bugs.webkit.org/show_bug.cgi?id=85114

        The spec defines the behavior for generated keys up to 2^53
        (the maximum integer storable as an ECMAScript number) and
        the error case when going beyond that. Ensure that we can
        handle values up to that point and generate errors beyond.

        Reviewed by Tony Chang.

        Test: storage/indexeddb/key-generator.html

        * Modules/indexeddb/IDBBackingStore.h:
        (IDBBackingStore):
        * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
        (WebCore::IDBLevelDBBackingStore::nextAutoIncrementNumber):
        * Modules/indexeddb/IDBLevelDBBackingStore.h:
        (IDBLevelDBBackingStore):
        * Modules/indexeddb/IDBObjectStoreBackendImpl.cpp:
        (WebCore::IDBObjectStoreBackendImpl::putInternal):
        (WebCore::IDBObjectStoreBackendImpl::genAutoIncrementKey):
        * Modules/indexeddb/IDBObjectStoreBackendImpl.h:
        (IDBObjectStoreBackendImpl):

2012-05-02  Adam Klein  <adamk@chromium.org>

        Childlist mutations in shadow DOM should be observable with MutationObservers
        https://bugs.webkit.org/show_bug.cgi?id=85402

        Reviewed by Ojan Vafai.

        Though Mutation Events are not supported in Shadow DOM,
        MutationObservers are supposed to be. Due to a misplacement of the
        ChildListMutationScope, they were erroneously getting skipped.

        This patch moves code around to properly notify when childlist are
        mutated in shadow DOM and covers that change with a new test.

        Test: fast/mutation/shadow-dom.html

        * dom/ContainerNode.cpp:
        (WebCore::willRemoveChild): Handle notification of removal directly.
        (WebCore::willRemoveChildren): ditto.
        (WebCore::dispatchChildInsertionEvents): Remove notification of insertion.
        (WebCore::dispatchChildRemovalEvents): Remove notification of removal.
        (WebCore::updateTreeAfterInsertion): Handle notification of insertion directly.

2012-05-02  Eric Carlson  <eric.carlson@apple.com>

        Crash in WebCore::TextTrackList::remove
        https://bugs.webkit.org/show_bug.cgi?id=85095

        Reviewed by Maciej Stachowiak.

        Test: media/track/track-remove-quickly.html

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::willRemoveTrack): Return immediately if the tracks collection
            has not been allocated yet.

2012-05-02  David Barton  <dbarton@mathscribe.com>

        After appending MathML with jquery the table renders with overlaps
        https://bugs.webkit.org/show_bug.cgi?id=52444

        Reviewed by Julien Chaffraix.

        This patch also fixes bugs 72834 and 47781. The main problem is that correct preferred
        logical widths are affected by operator stretching. Thus we add a call to
        setNeedsLayoutAndPrefWidthsRecalc() after the stretching code in
        RenderMathMLOperator.cpp, and change RenderMathMLBlock and RenderMathMLRow to make sure
        that stretching of children is done before an <mrow>'s preferred logical widths are
        computed.
        
        Test: Added a test to mathml/presentation/mo-stretch.html

        * rendering/mathml/RenderMathMLBlock.cpp:
        (WebCore::RenderMathMLBlock::RenderMathMLBlock):
        (WebCore::RenderMathMLBlock::computePreferredLogicalWidths):
        (WebCore::RenderMathMLBlock::computeChildrenPreferredLogicalHeights):
        (WebCore::RenderMathMLBlock::preferredLogicalHeightAfterSizing):
        * rendering/mathml/RenderMathMLBlock.h:
        (WebCore::RenderMathMLBlock::unembellishedOperator):
        (WebCore::RenderMathMLBlock::isPreferredLogicalHeightDirty):
        (WebCore::RenderMathMLBlock::preferredLogicalHeight):
        (WebCore::RenderMathMLBlock::setPreferredLogicalHeight):
            - Add m_preferredLogicalHeight and methods to compute and return it.
            - Remove stretchToHeight() from most classes as it no longer needs to be done
              recursively. We just call it on the base of an embellished operator, and that
              calls setNeedsLayoutAndPrefWidthsRecalc() to mark itself and its container
              chain.
        
        * rendering/mathml/RenderMathMLOperator.cpp:
        (WebCore::RenderMathMLOperator::stretchToHeight):
            - Don't compare an unexpanded height to an expanded one.
        (WebCore::RenderMathMLOperator::computePreferredLogicalWidths):
        (WebCore::RenderMathMLOperator::updateFromElement):
            - After stretching, call setNeedsLayoutAndPrefWidthsRecalc().
        * rendering/mathml/RenderMathMLOperator.h:
        (RenderMathMLOperator):
        
        * rendering/mathml/RenderMathMLRow.cpp:
        (WebCore::RenderMathMLRow::computePreferredLogicalWidths):
        (WebCore::RenderMathMLRow::layout):
        * rendering/mathml/RenderMathMLRow.h:
        (RenderMathMLRow):
            - Add computePreferredLogicalWidths(), using computeChildrenPreferredLogicalHeights()
              to compute our children's preferred logical heights if necessary, followed by
              operator stretching.
        
        * rendering/mathml/RenderMathMLSubSup.cpp:
        * rendering/mathml/RenderMathMLSubSup.h:
        (RenderMathMLSubSup):
        * rendering/mathml/RenderMathMLUnderOver.cpp:
        * rendering/mathml/RenderMathMLUnderOver.h:
        (RenderMathMLUnderOver):

2012-05-02  Dana Jansens  <danakj@chromium.org>

        [chromium] Avoid extra Region copies in CCOcclusionTracker
        https://bugs.webkit.org/show_bug.cgi?id=85257

        Reviewed by Adrienne Walker.

        Instead of making a Region for each layer and then uniting the region
        with the current occlusion, directly add the rects for the given layer
        to the current occlusion.

        When subtracting a region from a rect, just subtract the region
        directly instead of computing the intersecting region.

        Covered by existing tests.

        * platform/graphics/chromium/cc/CCOcclusionTracker.cpp:
        (WebCore::addOcclusionBehindLayer):
        (WebCore::::markOccludedBehindLayer):
        (WebCore::rectSubtractRegion):

2012-05-02  Keith Rosenblatt  <keith.rosenblatt@nokia.com>

        [Qt] ASSERT in FontCustomPlatformDataQt.cpp with invalid font in data URI
        https://bugs.webkit.org/show_bug.cgi?id=85089

        Reviewed by Simon Hausmann.

        Do not return data referencing an invalid QRawFont from createFontCustomPlatformData().  Instead
        return null.

        Test: fast/css/font-face-data-uri-invalid.html

        * platform/graphics/qt/FontCustomPlatformDataQt.cpp:
        (WebCore::createFontCustomPlatformData):

2012-05-02  Michal Mocny  <mmocny@google.com>

        [chromium] Set contents texture manager preferred memory limit based on GpuMemoryManager suggestion.
        https://bugs.webkit.org/show_bug.cgi?id=84270

        Reviewed by Kenneth Russell.

        Updates the content texture manager memory limits based on GpuMemoryManager memory allocation suggestions.

        The memory allocation size (in bytes) is fed from LayerRendererChromium memory allocation changed callback
        handler to CCLayerTreeHost.  At that point we adjust the limits, using the existing notions of preferred and
        max limits.

        On android, the preferred limit is half the maximum (as it has always been), but on all other platforms the
        preferred limit is now equal to max, in order to allow more agressive prepainting.

        Finally, android has memory constraints dependant on viewportSize, but that logic has been pushed into
        the GpuMemoryManager.

        * platform/graphics/chromium/LayerRendererChromium.cpp:
        (WebCore::LayerRendererGpuMemoryAllocationChangedCallbackAdapter::onGpuMemoryAllocationChanged):
        (WebCore::LayerRendererChromium::beginDrawingFrame):
        * platform/graphics/chromium/LayerRendererChromium.h:
        (LayerRendererChromiumClient):
        * platform/graphics/chromium/TextureManager.cpp:
        (WebCore::TextureManager::setMemoryAllocationLimitBytes):
        (WebCore):
        * platform/graphics/chromium/TextureManager.h:
        (TextureManager):
        * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
        (WebCore::CCLayerTreeHost::setViewportSize):
        (WebCore::CCLayerTreeHost::setContentsMemoryAllocationLimitBytes):
        (WebCore):
        * platform/graphics/chromium/cc/CCLayerTreeHost.h:
        (CCLayerTreeHost):
        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
        (WebCore::CCLayerTreeHostImpl::setContentsMemoryAllocationLimitBytes):
        (WebCore):
        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
        (CCLayerTreeHostImplClient):
        * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
        (WebCore::CCSingleThreadProxy::postSetContentsMemoryAllocationLimitBytesToMainThreadOnImplThread):
        (WebCore):
        * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
        * platform/graphics/chromium/cc/CCThreadProxy.cpp:
        (WebCore::CCThreadProxy::postSetContentsMemoryAllocationLimitBytesToMainThreadOnImplThread):
        (WebCore):
        (WebCore::CCThreadProxy::setContentsMemoryAllocationLimitBytes):
        * platform/graphics/chromium/cc/CCThreadProxy.h:
        (CCThreadProxy):

2012-05-02  Emil A Eklund  <eae@chromium.org>

        Fix usage of layout types in platform code
        https://bugs.webkit.org/show_bug.cgi?id=85392

        Reviewed by Eric Seidel.

        No new tests, no change in functionality.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleGestureTap):
        Use rounded point for gestures as event handling is still mostly int based.

2012-05-02  Kenneth Russell  <kbr@google.com>

        Don't allocate stencil buffer if stencil flag is false in context creation attributes
        https://bugs.webkit.org/show_bug.cgi?id=85317

        Reviewed by Dimitri Glazkov.

        Make it appear to WebGL application that there is no stencil
        buffer even if the underlying GraphicsContext3D allocated one.
        Verified intended behavior with test case from Mozilla's bug report.

        Updated context-attributes-alpha-depth-stencil-antialias.html test
        from Khronos repository. Ran WebGL layout tests on Linux in
        Chrome's DRT and on Mac OS in Safari's.

        * html/canvas/WebGLFramebuffer.cpp:
        (WebCore::WebGLFramebuffer::hasStencilBuffer): Added query method.
        (WebCore): Changed desired semantics of isValidRenderbuffer.
        * html/canvas/WebGLFramebuffer.h:
        (WebGLFramebuffer): Added hasStencilBuffer.
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore):
        (WebCore::WebGLRenderingContext::initializeNewContext):
            Clear new flag.
        (WebCore::WebGLRenderingContext::bindFramebuffer):
            Reset stencil test upon framebuffer change.
        (WebCore::WebGLRenderingContext::disable):
            Cache flag; reset stencil test.
        (WebCore::WebGLRenderingContext::enable):
            Cache flag; reset stencil test.
        (WebCore::WebGLRenderingContext::framebufferRenderbuffer):
            Reset stencil test upon renderbuffer change.
        (WebCore::WebGLRenderingContext::getContextAttributes):
            Force depth and stencil to false if false was requested.
        (WebCore::WebGLRenderingContext::isEnabled):
            Return cached flag.
        (WebCore::WebGLRenderingContext::renderbufferStorage):
            Reset stencil test upon renderbuffer reallocation.
        (WebCore::WebGLRenderingContext::applyStencilTest):
            Enable or disable stencil test based on request and availability.
        (WebCore::WebGLRenderingContext::enableOrDisable):
            Helper function.
        * html/canvas/WebGLRenderingContext.h:
        (WebGLRenderingContext):
            Added cache of STENCIL_TEST flag. Deleted unused m_stencilBits.

2012-05-02  Ryosuke Niwa  <rniwa@webkit.org>

        Drag and drop text into table is pasting the text in the next <td> element
        https://bugs.webkit.org/show_bug.cgi?id=75004

        Reviewed by Darin Adler.

        The bug was caused by ReplaceSelectionCommand adjusting the insertion position to be before
        of the block element containing the insertion position even when the block element is a table cell.

        Fixed the bug by not moving the insertion position before the table cell in this case.

        Test: editing/pasteboard/paste-into-table-cell.html

        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::ReplaceSelectionCommand::doApply):

2012-05-02  Beth Dakin  <bdakin@apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=85309
        supportsExpandedScrollbars() should check for the method we actually call rather 
        than a related method

        Reviewed by Anders Carlsson.

        Missing colon.
        * platform/mac/ScrollbarThemeMac.mm:
        (WebCore::supportsExpandedScrollbars):

2012-05-02  Antti Koivisto  <antti@apple.com>

        Move title and media queries from StyleSheetInternal to CSSStyleSheet
        https://bugs.webkit.org/show_bug.cgi?id=85387

        Reviewed by Anders Carlsson.

        Stylesheet title and media queries are determined by the owner, not by the stylesheet itself.
        The fields belong to CSSStyleSheet.
        
        This will make it easier to share StyleSheetInternal instances between documents.

        * css/CSSStyleSheet.cpp:
        (WebCore::StyleSheetInternal::StyleSheetInternal):
        (WebCore::StyleSheetInternal::isCacheable):
        (WebCore):
        (WebCore::CSSStyleSheet::setDisabled):
        
            Invalidate the document style directly instead of ping-ponging through StyleSheetInternal.

        (WebCore::CSSStyleSheet::setMediaQueries):
        (WebCore::CSSStyleSheet::media):
        * css/CSSStyleSheet.h:
        (StyleSheetInternal):
        (WebCore::StyleSheetInternal::originalURL):
        (WebCore::StyleSheetInternal::hasCharsetRule):
        (WebCore::CSSStyleSheet::mediaQueries):
        (CSSStyleSheet):
        (WebCore::CSSStyleSheet::setTitle):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::appendAuthorStylesheets):
        (WebCore::StyleResolver::collectMatchingRulesForList):
        * dom/DOMImplementation.cpp:
        (WebCore::DOMImplementation::createCSSStyleSheet):
        * dom/ProcessingInstruction.cpp:
        (WebCore::ProcessingInstruction::setCSSStyleSheet):
        * dom/StyleElement.cpp:
        (WebCore::StyleElement::createSheet):
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::parseAttribute):
        (WebCore::HTMLLinkElement::setCSSStyleSheet):
        * html/HTMLStyleElement.cpp:
        (WebCore::HTMLStyleElement::parseAttribute):
        * svg/SVGStyleElement.cpp:
        (WebCore::SVGStyleElement::parseAttribute):

2012-05-02  Alexis Menard  <alexis.menard@openbossa.org>

        Unreviewed Qt build fix with GCC 4.7.0.

        * platform/qt/DeviceMotionProviderQt.h:
        (DeviceMotionProviderQt):
        * platform/qt/DeviceOrientationProviderQt.cpp:
        (WebCore::DeviceOrientationProviderQt::~DeviceOrientationProviderQt):
        (WebCore):
        * platform/qt/DeviceOrientationProviderQt.h:
        (DeviceOrientationProviderQt):

2012-05-02  No'am Rosenthal  <noam.rosenthal@nokia.com>

        [Texmap] Enable css filters in TextureMapperGL
        https://bugs.webkit.org/show_bug.cgi?id=75778

        Unreviewed build fix to greenify the Qt Minimal bot.

        * platform/graphics/texmap/TextureMapperShaderManager.h:

2012-05-02  Philippe Normand  <pnormand@igalia.com>

        [GTK] Compilation warnings in RenderTheme
        https://bugs.webkit.org/show_bug.cgi?id=85286

        Reviewed by Martin Robinson.

        Removed un-needed code and refactored fileListNameForWidth
        accordingly to avoid un-used variable warnings during compilation.

        * platform/gtk/RenderThemeGtk.cpp:
        (WebCore):
        (WebCore::RenderThemeGtk::fileListNameForWidth):

2012-05-02  Ryosuke Niwa  <rniwa@webkit.org>

        NULL ptr in WebCore::AppendNodeCommand::AppendNodeCommand
        https://bugs.webkit.org/show_bug.cgi?id=75843

        Reviewed by Tony Chang.

        The crash was caused by indentIntoBlockquote's passing a bad outerBlock to moveParagraphsWithClone.

        When the position is created after blockquote in the following DOM:
        BODY
        * BLOCKQUOTE style=margin: 0 0 0 40px; border: none; padding: 0px;
            E
                #text "\nx\n"
        VisiblePosition's constructor (of startOfContents) turns the position into a legacy position (blockquote, 0).
        The crash occurs because this position doesn't belong in the same paragraph as E, which is the paragraph
        we're trying to move into the blockquote.

        Fixed bug by calling positionInParentAfterNode instead of positionAfterNode for now. We should eventually be
        able to use positionAfterNode here once VisiblePosition's constructor starts handling before/after positions
        properly.

        Test: editing/execCommand/indent-with-after-content-crash.html

        * editing/IndentOutdentCommand.cpp:
        (WebCore::IndentOutdentCommand::indentIntoBlockquote):

2012-05-02  Jer Noble  <jer.noble@apple.com>

        WebWindowFadeAnimation ignores "duration" parameter.
        https://bugs.webkit.org/show_bug.cgi?id=85386

        Reviewed by Brady Eidson.

        Ignoring the "duration" parameter causes the full screen fade and scale animations
        to get out of sync.

        * platform/mac/WebWindowAnimation.mm:
        (-[WebWindowFadeAnimation initWithDuration:window:initialAlpha:finalAlpha:]):

2012-05-02  Julien Chaffraix  <jchaffraix@webkit.org>

        REGRESSION(110072): Clipping is not applied on layers that are animated using platform code
        https://bugs.webkit.org/show_bug.cgi?id=83954

        Reviewed by Simon Fraser.

        Tests: fast/layers/no-clipping-overflow-hidden-added-after-transform-expected.html
               fast/layers/no-clipping-overflow-hidden-added-after-transform.html
               fast/layers/no-clipping-overflow-hidden-added-after-transition-expected.html
               fast/layers/no-clipping-overflow-hidden-added-after-transition.html
               fast/layers/no-clipping-overflow-hidden-hardware-acceleration-expected.html
               fast/layers/no-clipping-overflow-hidden-hardware-acceleration.html
               (and all the tests that will need to be rebaselined)

        r110072 changed the way we create layers to lazily allocate overflow: hidden ones
        based on layout overflow. However with hardware acceleration, certain operations
        do cause overflow without actually calling layout (the test cases added as part
        of this change are using transition / animation). This means that those cases
        wouldn't properly clip.

        Due to the above issue and the other regressions from r110072, the easiest fix is
        to just to roll it out.

        * rendering/RenderBox.h:
        Changed to allocate a layer whenever we have an overflow clip.

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::scrolledContentOffset):
        (WebCore::RenderBox::cachedSizeForOverflowClip):
        Reverted those 2 to avoid using the cached size logic.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::updateScrollInfoAfterLayout):
        (WebCore::RenderBlock::layoutBlock):
        (WebCore::RenderBlock::paint):
        (WebCore::RenderBlock::isPointInOverflowControl):
        * rendering/RenderBlock.h:
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::willBeDestroyed):
        (WebCore::RenderBox::styleDidChange):
        (WebCore::RenderBox::layout):
        (WebCore::RenderBox::scrollWidth):
        (WebCore::RenderBox::scrollHeight):
        (WebCore::RenderBox::scrollLeft):
        (WebCore::RenderBox::scrollTop):
        (WebCore::RenderBox::setScrollLeft):
        (WebCore::RenderBox::setScrollTop):
        (WebCore::RenderBox::includeVerticalScrollbarSize):
        (WebCore::RenderBox::includeHorizontalScrollbarSize):
        (WebCore::RenderBox::pushContentsClip):
        (WebCore::RenderBox::popContentsClip):
        (WebCore::RenderBox::addLayoutOverflow):
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::styleDidChange):
        * rendering/RenderBoxModelObject.h:
        (RenderBoxModelObject):
        * rendering/RenderDeprecatedFlexibleBox.cpp:
        (WebCore::RenderDeprecatedFlexibleBox::layoutBlock):
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::layoutBlock):
        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::layout):
        * rendering/RenderTableRow.h:
        (RenderTableRow):
        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::layout):
        Removed the previous scaffolding code and reverted some functions to
        being private (as they were prior to r110072).

2012-05-02  No'am Rosenthal  <noam.rosenthal@nokia.com>

        [Texmap] Enable css filters in TextureMapperGL
        https://bugs.webkit.org/show_bug.cgi?id=75778

        Reviewed by Jocelyn Turcotte.

        Added support for color filters in TextureMapperGL. Blur and shadow would be done in a
        different patch.

        Modified BitmapTexture::applyFilters to return a texture, since GL cannot paint a texture
        into itself.
        Created a shader map for standard filters, since all of them work more or less the same way
        with a single uniform. Added the colorization shaders based on the W3C filter spec, as
        already implemented in FEFilterRenderer.cpp and FEColorMatrix.cpp.
        We use two swapping textures to render the filters.

        Covered by tests in css3/filters.

        * platform/graphics/texmap/TextureMapper.cpp:
        (WebCore::TextureMapper::acquireTextureFromPool):
        * platform/graphics/texmap/TextureMapper.h:
        (WebCore::BitmapTexture::applyFilters):
        * platform/graphics/texmap/TextureMapperGL.cpp:
        (WebCore::BitmapTextureGL::updateContents):
        (WebCore):
        (WebCore::TextureMapperGL::drawFiltered):
        (WebCore::BitmapTextureGL::applyFilters):
        (WebCore::BitmapTextureGL::bind):
        * platform/graphics/texmap/TextureMapperGL.h:
        (TextureMapperGL):
        (BitmapTextureGL):
        * platform/graphics/texmap/TextureMapperImageBuffer.cpp:
        (WebCore::BitmapTextureImageBuffer::applyFilters):
        * platform/graphics/texmap/TextureMapperImageBuffer.h:
        (BitmapTextureImageBuffer):
        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::applyFilters):
        (WebCore::TextureMapperLayer::syncCompositingStateSelf):
        * platform/graphics/texmap/TextureMapperShaderManager.cpp:
        (WebCore::TextureMapperShaderManager::~TextureMapperShaderManager):
        (WebCore):
        (WebCore::StandardFilterProgram::~StandardFilterProgram):
        (WebCore::StandardFilterProgram::StandardFilterProgram):
        (WebCore::StandardFilterProgram::create):
        (WebCore::StandardFilterProgram::prepare):
        (WebCore::TextureMapperShaderManager::getShaderForFilter):
        * platform/graphics/texmap/TextureMapperShaderManager.h:
        (WebCore):
        (StandardFilterProgram):
        (WebCore::StandardFilterProgram::vertexAttrib):
        (WebCore::StandardFilterProgram::texCoordAttrib):
        (WebCore::StandardFilterProgram::textureUniform):
        (TextureMapperShaderManager):

2012-05-02  Philippe Normand  <pnormand@igalia.com>

        [GTK] media/track/track-cue-rendering-snap-to-lines-not-set.html fails
        https://bugs.webkit.org/show_bug.cgi?id=84378

        Reviewed by Eric Carlson.

        Fix positioning of the controls panel back to relative, as it is
        in the parent CSS. Also remove some duplicate CSS attributes.

        * css/mediaControlsGtk.css:
        (audio::-webkit-media-controls-panel, video::-webkit-media-controls-panel):

2012-05-02  Beth Dakin  <bdakin@apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=85309
        supportsExpandedScrollbars() should check for the method we actually call rather 
        than a related method
        -and corresponding-
        <rdar://problem/11065691>

        Reviewed by Anders Carlsson.

        * platform/mac/ScrollbarThemeMac.mm:
        (WebCore::supportsExpandedScrollbars):

2012-05-02  Zalan Bujtas  <zbujtas@gmail.com>

        [Qt] Remove redundant updateViewportArguments() call from HTMLBodyElement::didNotifyDescendantInseretions()
        https://bugs.webkit.org/show_bug.cgi?id=84241

        Reviewed by Kenneth Rohde Christiansen.

        No need to update viewport arguments when the body element is inserted into the Document.
        Viewport arguments are updated first when the Document is set on the Frame, and later
        on any subsequent occurence of the viewport meta tag in the document.
        It is sufficient to dispatch viewport update once per main frame, if no viewport meta tag is present.

        Also add a flag to be able to track viewport argument update dispatch.

        No tests. Currrent viewport tests cover this behaviour.

        * dom/Document.cpp:
        (WebCore::Document::Document):
        (WebCore::Document::updateViewportArguments):
        (WebCore::Document::documentWillSuspendForPageCache):
        * dom/Document.h:
        (Document):
        (WebCore::Document::didDispatchViewportPropertiesChanged):
        * html/HTMLBodyElement.cpp:
        (WebCore::HTMLBodyElement::didNotifyDescendantInseretions):

2012-05-02  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: Cannot read property 'length' of undefined TextEditorModel.js:467
        https://bugs.webkit.org/show_bug.cgi?id=85360

        Reviewed by Yury Semikhatsky.

        Added the undo/redo stack length checks.

        * inspector/front-end/TextEditorModel.js:
        (WebInspector.TextEditorModel.endsWithBracketRegex.):

2012-05-02  Pavel Feldman  <pfeldman@chromium.org>

        WebInspector: Scripts panel editor dirty state is cleared when the tab with editor is closed.
        https://bugs.webkit.org/show_bug.cgi?id=85361

        Reviewed by Yury Semikhatsky.

        Added content validation upon script show.

        * inspector/front-end/JavaScriptSourceFrame.js:
        (WebInspector.JavaScriptSourceFrame.prototype.wasShown):

2012-05-02  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: breakpoints are de-activated only upon the second click.
        https://bugs.webkit.org/show_bug.cgi?id=85359

        Reviewed by Yury Semikhatsky.

        Initial value for activated state is set.

        * inspector/front-end/DebuggerModel.js:
        (WebInspector.DebuggerModel):

2012-05-02  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: live edit fails to report error
        https://bugs.webkit.org/show_bug.cgi?id=85357

        Reviewed by Yury Semikhatsky.

        ProtocolError is now a string, not an error object.

        * inspector/front-end/DatabaseQueryView.js:
        (WebInspector.DatabaseQueryView.prototype._queryError):
        * inspector/front-end/SourceFrame.js:
        (WebInspector.SourceFrame.prototype.didEditContent):

2012-05-02  Lars Knudsen  <lars.knudsen@nokia.com>

        [Qt] Make DeviceMotion and DeviceOrientation work with WebKit2
        https://bugs.webkit.org/show_bug.cgi?id=64595

        Reviewed by Kenneth Rohde Christiansen.

        No new tests added.  This change adds support for WK2
        what was in WK1.

        Also moving DeviceMotion and DeviceOrientation clients and
        providers to WebCore.  This is done to allow clean dependencies
        when statically linking WK2.

        * Target.pri:
        * WebCore.pri:
        * platform/qt/DeviceMotionClientQt.cpp: Renamed from Source/WebKit/qt/WebCoreSupport/DeviceMotionClientQt.cpp.
        (WebCore):
        (WebCore::DeviceMotionClientQt::~DeviceMotionClientQt):
        (WebCore::DeviceMotionClientQt::deviceMotionControllerDestroyed):
        (WebCore::DeviceMotionClientQt::setController):
        (WebCore::DeviceMotionClientQt::startUpdating):
        (WebCore::DeviceMotionClientQt::stopUpdating):
        (WebCore::DeviceMotionClientQt::currentDeviceMotion):
        * platform/qt/DeviceMotionClientQt.h: Renamed from Source/WebKit/qt/WebCoreSupport/DeviceMotionClientQt.h.
        (WebCore):
        (DeviceMotionClientQt):
        (WebCore::DeviceMotionClientQt::DeviceMotionClientQt):
        * platform/qt/DeviceMotionProviderQt.cpp: Renamed from Source/WebKit/qt/WebCoreSupport/DeviceMotionProviderQt.cpp.
        (WebCore):
        (WebCore::DeviceMotionProviderQt::DeviceMotionProviderQt):
        (WebCore::DeviceMotionProviderQt::~DeviceMotionProviderQt):
        (WebCore::DeviceMotionProviderQt::setController):
        (WebCore::DeviceMotionProviderQt::start):
        (WebCore::DeviceMotionProviderQt::stop):
        (WebCore::DeviceMotionProviderQt::filter):
        * platform/qt/DeviceMotionProviderQt.h: Renamed from Source/WebKit/qt/WebCoreSupport/DeviceMotionProviderQt.h.
        (WebCore):
        (DeviceMotionProviderQt):
        (WebCore::DeviceMotionProviderQt::currentDeviceMotion):
        * platform/qt/DeviceOrientationClientQt.cpp: Renamed from Source/WebKit/qt/WebCoreSupport/DeviceOrientationClientQt.cpp.
        (WebCore):
        (WebCore::DeviceOrientationClientQt::deviceOrientationControllerDestroyed):
        (WebCore::DeviceOrientationClientQt::setController):
        (WebCore::DeviceOrientationClientQt::startUpdating):
        (WebCore::DeviceOrientationClientQt::stopUpdating):
        (WebCore::DeviceOrientationClientQt::lastOrientation):
        * platform/qt/DeviceOrientationClientQt.h: Renamed from Source/WebKit/qt/WebCoreSupport/DeviceOrientationClientQt.h.
        (WebCore):
        (DeviceOrientationClientQt):
        * platform/qt/DeviceOrientationProviderQt.cpp: Renamed from Source/WebKit/qt/WebCoreSupport/DeviceOrientationProviderQt.cpp.
        (WebCore):
        (WebCore::DeviceOrientationProviderQt::DeviceOrientationProviderQt):
        (WebCore::DeviceOrientationProviderQt::~DeviceOrientationProviderQt):
        (WebCore::DeviceOrientationProviderQt::setController):
        (WebCore::DeviceOrientationProviderQt::start):
        (WebCore::DeviceOrientationProviderQt::stop):
        (WebCore::DeviceOrientationProviderQt::filter):
        * platform/qt/DeviceOrientationProviderQt.h: Renamed from Source/WebKit/qt/WebCoreSupport/DeviceOrientationProviderQt.h.
        (WebCore):
        (DeviceOrientationProviderQt):
        (WebCore::DeviceOrientationProviderQt::isActive):
        (WebCore::DeviceOrientationProviderQt::lastOrientation):
        (WebCore::DeviceOrientationProviderQt::hasAlpha):

2012-05-02  Yury Semikhatsky  <yurys@chromium.org>

        Web Inspector: exception in console when there are watch expressions
        https://bugs.webkit.org/show_bug.cgi?id=85351

        Check if script execution is still paused before trying to resolve an
        object for script popover because execution may be resumed after popover
        showing is scheduled but before we start resolving the object under
        the cursor in which case there is no selected call frame any more and
        we should hide the popover.

        Reviewed by Pavel Feldman.

        * inspector/front-end/JavaScriptSourceFrame.js:
        (WebInspector.JavaScriptSourceFrame.prototype._resolveObjectForPopover):

2012-05-02  Tommy Widenflycht  <tommyw@google.com>

        MediaStream API: Changing webkitGetUserMedia to take an object instead of a string
        https://bugs.webkit.org/show_bug.cgi?id=84850

        Reviewed by Dimitri Glazkov.

        The standard changed a while back to use an object as a dictionary but since JSC
        didn't support the Dictionary class until just recently we have not updated the API until now.

        Change covered by existing, and edited, tests.

        * Modules/mediastream/NavigatorMediaStream.cpp:
        (WebCore::NavigatorMediaStream::webkitGetUserMedia):
        * Modules/mediastream/NavigatorMediaStream.h:
        (WebCore):
        (NavigatorMediaStream):
        * Modules/mediastream/NavigatorMediaStream.idl:
        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::create):
        (WebCore::UserMediaRequest::UserMediaRequest):
        * Modules/mediastream/UserMediaRequest.h:
        (WebCore):
        (UserMediaRequest):
        * platform/mediastream/MediaStreamSourcesQueryClient.h:
        (MediaStreamSourcesQueryClient):

2012-05-02  Antti Koivisto  <antti@apple.com>

        StyleSheetInternal::parseUserStyleSheet() should be called parseAuthorStyleSheet().

        Rubber-stamped by Nikolas Zimmermann.

        * css/CSSImportRule.cpp:
        (WebCore::StyleRuleImport::setCSSStyleSheet):
        * css/CSSStyleSheet.cpp:
        (WebCore::StyleSheetInternal::parseAuthorStyleSheet):
        * css/CSSStyleSheet.h:
        (StyleSheetInternal):
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::setCSSStyleSheet):

2012-05-02  Yury Semikhatsky  <yurys@chromium.org>

        REGRESSION: Web Inspector doesn't show cookies anymore
        https://bugs.webkit.org/show_bug.cgi?id=85349

        Pass root node instead of DataGrid object to the "populateNode" method.
        Added compiler annotations so that closure compiler catches such errors.

        Reviewed by Pavel Feldman.

        * inspector/front-end/CookiesTable.js:
        (WebInspector.CookiesTable.prototype._rebuildTable):
        * inspector/front-end/NetworkRequest.js:
        (WebInspector.NetworkRequest.prototype.addFrameError):

2012-05-02  Dongwoo Im  <dw.im@samsung.com>

        [EFL] Implement the Web Audio API feature.
        https://bugs.webkit.org/show_bug.cgi?id=78688

        Reviewed by Philippe Normand.

        Implement the Web Audio API feature on the EFL port.
        https://dvcs.w3.org/hg/audio/raw-file/tip/webaudio/specification.html

        * CMakeLists.txt: Add the list of the files which are needed for the Web Audio APi.
        * PlatformEfl.cmake: Add the list of the files which are needed for the Web Audio APi.
        * UseJSC.cmake: Add the list of the files which are needed for the Web Audio APi.
        * platform/audio/HRTFElevation.cpp: Enable the USE_CONCATENATED_IMPULSE_RESPONSES macro.
        (WebCore):
        * platform/audio/efl/AudioBusEfl.cpp: Added.
        (WebCore):
        (WebCore::AudioBus::loadPlatformResource): Create the absolute path of the audio resource.

2012-05-01  Kentaro Hara  <haraken@chromium.org>

        [V8] Add an Isolate parameter to setJSWrapperForXXX()
        https://bugs.webkit.org/show_bug.cgi?id=85329

        Reviewed by Adam Barth.

        The objective is to pass Isolate around in V8 bindings.
        This patch adds an Isolate parameter to setJSWrapperForXXX()
        and passes Isolate to setJSWrapperForXXX() in CodeGeneratorV8.pm.
        I'll pass Isolate to setJSWrapperForXXX() in custom bindings
        in a follow-up patch.

        No tests. No change in behavior.

        * bindings/scripts/CodeGeneratorV8.pm: Modified as described above.
        (GenerateConstructorCallback):
        (GenerateEventConstructorCallback):
        (GenerateNamedConstructorCallback):
        (GenerateToV8Converters):
        * bindings/v8/V8DOMWrapper.cpp:
        (WebCore::V8DOMWrapper::setJSWrapperForDOMNode):
        (WebCore::V8DOMWrapper::setJSWrapperForActiveDOMNode):
        * bindings/v8/V8DOMWrapper.h:
        (V8DOMWrapper):
        (WebCore::V8DOMWrapper::setJSWrapperForDOMObject):
        (WebCore::V8DOMWrapper::setJSWrapperForActiveDOMObject):

        * bindings/scripts/test/V8/V8Float64Array.cpp: Updated run-bindings-tests results.
        (WebCore::V8Float64Array::wrapSlow):
        * bindings/scripts/test/V8/V8TestActiveDOMObject.cpp:
        (WebCore::V8TestActiveDOMObject::wrapSlow):
        * bindings/scripts/test/V8/V8TestCustomNamedGetter.cpp:
        (WebCore::V8TestCustomNamedGetter::wrapSlow):
        * bindings/scripts/test/V8/V8TestEventConstructor.cpp:
        (WebCore::V8TestEventConstructor::constructorCallback):
        (WebCore::V8TestEventConstructor::wrapSlow):
        * bindings/scripts/test/V8/V8TestEventTarget.cpp:
        (WebCore::V8TestEventTarget::wrapSlow):
        * bindings/scripts/test/V8/V8TestInterface.cpp:
        (WebCore::V8TestInterface::constructorCallback):
        (WebCore::V8TestInterface::wrapSlow):
        * bindings/scripts/test/V8/V8TestMediaQueryListListener.cpp:
        (WebCore::V8TestMediaQueryListListener::wrapSlow):
        * bindings/scripts/test/V8/V8TestNamedConstructor.cpp:
        (WebCore::V8TestNamedConstructorConstructorCallback):
        (WebCore::V8TestNamedConstructor::wrapSlow):
        * bindings/scripts/test/V8/V8TestNode.cpp:
        (WebCore::V8TestNode::constructorCallback):
        (WebCore::V8TestNode::wrapSlow):
        * bindings/scripts/test/V8/V8TestObj.cpp:
        (WebCore::V8TestObj::constructorCallback):
        (WebCore::V8TestObj::wrapSlow):
        * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.cpp:
        (WebCore::V8TestSerializedScriptValueInterface::constructorCallback):
        (WebCore::V8TestSerializedScriptValueInterface::wrapSlow):

2012-05-01  Eric Seidel  <eric@webkit.org>

        Add <iframe seamless> navigation code (and pass all the navigation tests)
        https://bugs.webkit.org/show_bug.cgi?id=85340

        Reviewed by Adam Barth.

        This code was primarily written by Adam Barth and then submitted to my
        GitHub branch via a pull request:
        https://github.com/eseidel/webkit/compare/master...seamless
        https://github.com/eseidel/webkit/pull/2
        https://github.com/eseidel/webkit/pull/3

        I rewrote parts of it to use Docment::shouldDisplaySeamlesslyWithParent.

        Other parts of the original change have already been committed to WebKit by Adam
        as part of prep-work for making the loader seamless-ready.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::findFrameForNavigation):

2012-05-01  Vincent Scheib  <scheib@chromium.org>

        Fullscreen pop-up logic restored to using processingUserGesture.
        https://bugs.webkit.org/show_bug.cgi?id=85105

        WebKit was recently updated to the new Fullscreen API:
        http://dvcs.w3.org/hg/fullscreen/raw-file/tip/Overview.html#api
        http://trac.webkit.org/changeset/111028

        This change reverts back to using processingUserGesture() instead
        of DOMWindow::allowPopUp(). This fixes incorrect behavior in
        at least the Chromium port and is consistent with the cited
        definition of "allowed to show a pop-up":
          An algorithm is allowed to show a pop-up if, in the task in which the algorithm is running, either:
          - an activation behavior is currently being processed whose click event was trusted, or
          - the event listener for a trusted click event is being handled.

        Reviewed by Dimitri Glazkov.

        No new tests.

        * dom/Document.cpp:
        (WebCore::Document::requestFullScreenForElement):

2012-05-01  Xiaomei Ji  <xji@chromium.org>

        enable ctrl-arrow move by word visually in non-Windows platforms.
        https://bugs.webkit.org/show_bug.cgi?id=85017

        Reviewed by Ryosuke Niwa.

        Enable ctrl-arrow moves caret by word in visual order in non-Windows platforms that use ICU word
        break iterator (it is not enabled for WinCE and Qt where ICU is not used). For those platforms, ctrl-arrow
        moves caret to word break position before spaces. For example, given a logical text "abc def hij", the word
        break positions using ctrl-left-arrow from rightmost position are "|abc |def |hij".
        The word break positions using ctrl-right-arrow from leftmost position are "abc| def| hij|".

        Test: editing/selection/move-by-word-visually-mac.html

        * editing/EditingBehavior.h:
        (EditingBehavior):
        (WebCore::EditingBehavior::shouldEatSpaceToNextWord): To control different word break positions
        (regards to space) for different platforms.
        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::modifyMovingRight): Enable visual word movement for all platforms that use ICU.
        (WebCore::FrameSelection::modifyMovingLeft):
        * editing/visible_units.cpp:
        (WebCore::visualWordPosition): Determine the right word break position (regards to space) based on EditingBehavior.
        (WebCore::leftWordPosition):
        (WebCore::rightWordPosition):
        * editing/visible_units.h:

2012-05-01  Raymond Liu  <raymond.liu@intel.com>

        Modify RealtimeAnalyserNode pull mechanism
        https://bugs.webkit.org/show_bug.cgi?id=77515

        Reviewed by Chris Rogers.

        Test: webaudio/automatic-pull-node.html

        * GNUmakefile.list.am:
        * Modules/webaudio/AudioBasicInspectorNode.cpp: Added.
        (WebCore):
        (WebCore::AudioBasicInspectorNode::AudioBasicInspectorNode):
        (WebCore::AudioBasicInspectorNode::pullInputs):
        (WebCore::AudioBasicInspectorNode::connect):
        (WebCore::AudioBasicInspectorNode::disconnect):
        (WebCore::AudioBasicInspectorNode::checkNumberOfChannelsForInput):
        (WebCore::AudioBasicInspectorNode::updatePullStatus):
        * Modules/webaudio/AudioBasicInspectorNode.h: Added.
        (WebCore):
        (AudioBasicInspectorNode):
        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::AudioContext):
        (WebCore::AudioContext::~AudioContext):
        (WebCore::AudioContext::handlePreRenderTasks):
        (WebCore::AudioContext::handlePostRenderTasks):
        (WebCore::AudioContext::markForDeletion):
        (WebCore):
        (WebCore::AudioContext::addAutomaticPullNode):
        (WebCore::AudioContext::removeAutomaticPullNode):
        (WebCore::AudioContext::updateAutomaticPullNodes):
        (WebCore::AudioContext::processAutomaticPullNodes):
        * Modules/webaudio/AudioContext.h:
        (AudioContext):
        * Modules/webaudio/AudioDestinationNode.cpp:
        (WebCore::AudioDestinationNode::provideInput):
        * Modules/webaudio/AudioNode.h:
        (AudioNode):
        * Modules/webaudio/AudioNodeOutput.h:
        (WebCore::AudioNodeOutput::isConnected):
        (AudioNodeOutput):
        * Modules/webaudio/RealtimeAnalyserNode.cpp:
        (WebCore::RealtimeAnalyserNode::RealtimeAnalyserNode):
        * Modules/webaudio/RealtimeAnalyserNode.h:
        (RealtimeAnalyserNode):
        * WebCore.gypi:
        * WebCore.xcodeproj/project.pbxproj:

2012-05-01  Keishi Hattori  <keishi@webkit.org>

        datalist: Form control in a <datalist> should be barred from constraint validation
        https://bugs.webkit.org/show_bug.cgi?id=84359

        Reviewed by Kent Tamura.

        Tests: fast/forms/datalist/datalist-child-validation.html
               fast/forms/form-control-element-crash.html

        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::HTMLFormControlElement):
        (WebCore::HTMLFormControlElement::updateAncestors): Updates the ancestor information.
        (WebCore::HTMLFormControlElement::insertedInto): Invalidate the ancestor information and call setNeedsWillValidateCheck because willValidate might have changed.
        (WebCore::HTMLFormControlElement::removedFrom): Ditto.
        (WebCore::HTMLFormControlElement::disabled):
        (WebCore::HTMLFormControlElement::recalcWillValidate): Returns false if element has a datalist ancestor.
        (WebCore::HTMLFormControlElement::willValidate): Check if ancestor information is valid too.
        (WebCore::HTMLFormControlElement::setNeedsWillValidateCheck):
        * html/HTMLFormControlElement.h:
        (HTMLFormControlElement):

2012-05-01  Kent Tamura  <tkent@chromium.org>

        Calendar Picker: Close the picker by ESC key
        https://bugs.webkit.org/show_bug.cgi?id=85337

        Reviewed by Kentaro Hara.

        No new tests. Calendar picker is not testable in DRT yet.

        * Resources/calendarPicker.js:
        (handleGlobalKey): Close the popup by ESC key.

2012-05-01  Noel Gordon  <noel.gordon@gmail.com>

        PNGImageDecoder: Handle interlace buffer allocation failure
        https://bugs.webkit.org/show_bug.cgi?id=85276

        Reviewed by Eric Seidel.

        No new tests. Not something we can easily test (malloc failure).

        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageDecoder::rowAvailable): Check interlace buffer allocations
        and bail via longjmp on failure. Note PNG_INTERLACE_ADAM7 is the only libpng
        supported interlace type so test for it explicitly.

2012-05-01  Kent Tamura  <tkent@chromium.org>

        Calendar Picker: Too wide in Japanese locale
        https://bugs.webkit.org/show_bug.cgi?id=85331

        Reviewed by Kentaro Hara.

        No new tests. This is a locale-specific behavior.

        * Resources/calendarPicker.js:
        (formatJapaneseImperialEra):
        Do not show an imperial era later than 平成99年 to avoid very long
        year string like "275760年(平成273772年)."
        (YearMonthController.prototype.attachTo):
        - Respect the maximum year specfied by <input max=...>
          If <input max="9999-12-31"> is specified, we don't need to
          secure space for the year 275,760.
        - Check the width for 平成99年 as well as the maximum year because
          "2087年(平成99年)" is usually wider than "275760年".

2012-05-01  Noel Gordon  <noel.gordon@gmail.com>

        PNGImageDecoder: Add ENABLE(IMAGE_DECODER_DOWN_SAMPLING) guards to rowAvailable
        https://bugs.webkit.org/show_bug.cgi?id=85268

        Reviewed by Eric Seidel.

        PNGImageDecoder supports image downsampling. Add ENABLE guards to show where
        downsampling is applied when outputting decoded rows to the frame buffer. Most
        ports don't enable the flag: don't penalize them in terms speed in this tight
        row pixel write loop. s/y/destY/ to match setRGBA() and amend some comments.

        No new tests. No change in behavior.

        * platform/image-decoders/png/PNGImageDecoder.cpp:
        (WebCore::PNGImageDecoder::rowAvailable):

2012-05-01  Eric Seidel  <eric@webkit.org>

        Remove uneeded min/max pref width assignment from RenderView
        https://bugs.webkit.org/show_bug.cgi?id=85325

        Reviewed by Julien Chaffraix.

        This code has been with us since the original import from KDE:
        http://trac.webkit.org/browser/trunk/WebCore/khtml/rendering/render_root.cpp?annotate=blame&rev=4#L93
        It's never been documented, or explained.  Removing it showed no
        effect on my local layout tests run.
        However this code blocks proper implementation of <iframe seamless>
        as we have to do proper min/max width negotiation across the iframe boundary.

        I would remove the whole function, but doing so opens a whole can of worms
        as this override is public, yet normally this function is *private* (well protected on RenderBox).
        It seems plausible that frame flattening code needs this override since it doesn't always
        call the min/maxPreferredWidth() calls which normally automatically call this compute*
        function if the pref-widths are dirty.
        Instead of trying to track that all down, I'm just removing this line, and we'll go
        back and remove the whole function at a later date if possible.

        * rendering/RenderView.cpp:
        (WebCore::RenderView::computePreferredLogicalWidths):

2012-05-01  Nate Chapin  <japhet@chromium.org>

        REGRESSION(r115654): PDFs come up blank
        https://bugs.webkit.org/show_bug.cgi?id=85275

        Reviewed by Alexey Proskuryakov.

        Test: http/tests/loading/pdf-commit-load-callbacks.html

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::finishedLoading): The load needs to be
            committed before we call finishedLoading on the
            FrameLoaderClient.
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::transitionToCommitted): We're guaranteeing
            that receivedFirstData() will be called other ways (namely,
            DocumentLoader won't finish without doing so). This call now
            causes custom representations to double-commit, which is bad.

2012-05-01  Eric Seidel  <eric@webkit.org>

        Add support for seamless attribute as well as seamless sandbox flag and default CSS styling
        https://bugs.webkit.org/show_bug.cgi?id=85302

        Reviewed by Ojan Vafai.

        This also adds support for the seamless sandbox flag from HTML 5.
        The sandbox flag is not speficially overridable in the current HTML5,
        but it is set (like all sandbox flags) by default when sandbox is specified.
        Unfortunately this support is not yet observable in this patch, as
        this patch adds not observable features of seamless.

        This patch also adds the html.css additions for seamless, as specified:
        http://www.whatwg.org/specs/web-apps/current-work/multipage/rendering.html#replaced-elements

        I noticed that my previous testing did not confirm that iframes marked
        for seamless (but not possible to display as seamless due to sandbox, etc.)
        were still to have this seamless styling.  I've added additional testing for this case.

        I also added another test for the about:blank FIXME added as part of this change.

        In order to support srcdoc w/ seamless, we needed to move the srcdoc determination
        sooner in the initSecurityContext function (before the should-inherit early return).

        The next patch will make seamless actually observable from JS/DOM, this one
        just lays down all the plumbing, and separates the security aspects for
        easy review.

        Test: fast/frames/seamless/seamless-inherited-origin.html

        * css/html.css:
        (iframe:not([seamless])):
        (iframe[seamless]):
        * dom/Document.cpp:
        (WebCore::isEligibleForSeamless):
        (WebCore):
        (WebCore::Document::initSecurityContext):
        (WebCore::Document::seamlessParentIFrame):
        (WebCore::Document::shouldDisplaySeamlesslyWithParent):
        * dom/Document.h:
        (WebCore):
        (Document):
        * dom/SecurityContext.cpp:
        (WebCore::SecurityContext::SecurityContext):
        * dom/SecurityContext.h:
        (WebCore::SecurityContext::mayDisplaySeamlessWithParent):
        (SecurityContext):
        * html/HTMLAttributeNames.in:
        * html/HTMLIFrameElement.cpp:
        (WebCore::HTMLIFrameElement::shouldDisplaySeamlessly):
        (WebCore):
        * html/HTMLIFrameElement.h:
        (HTMLIFrameElement):
        * html/HTMLIFrameElement.idl:

2012-05-01  Min Qin  <qinmin@google.com>

        use USE(NATIVE_FULLSCREEN_VIDEO) instead of ENABLE(NATIVE_FULLSCREEN_VIDEO)
        https://bugs.webkit.org/show_bug.cgi?id=85316

        Reviewed by Kent Tamura.

        NATIVE_FULLSCREEN_VIDEO means the fullscreen video is implemented by native
        system view instead of webkit.
        So it is more appropriate to use USE(NATIVE_FULLSCREEN_VIDEO).
        This chagne also disabled the rendering of the fullscreen video element in webkit
        when that flag is set.
        Just renaming the variable, no new tests.

        * dom/Document.cpp:
        (WebCore::Document::webkitWillEnterFullScreenForElement):
        (WebCore):
        * platform/graphics/MediaPlayer.cpp:
        (WebCore):
        * platform/graphics/MediaPlayer.h:
        (MediaPlayer):
        * platform/graphics/MediaPlayerPrivate.h:
        (MediaPlayerPrivateInterface):

2012-05-01  Jeffrey Pfau  <jpfau@apple.com>

        <rdar://problem/10422318> Support for web content filter delegate for filtering https content
        https://bugs.webkit.org/show_bug.cgi?id=85300

        Reviewed by Alexey Proskuryakov.

        No new tests.

        * WebCore.exp.in:
        * loader/MainResourceLoader.cpp:
        (WebCore::MainResourceLoader::MainResourceLoader):
        (WebCore::MainResourceLoader::~MainResourceLoader):
        (WebCore::MainResourceLoader::didCancel):
        (WebCore::MainResourceLoader::didReceiveResponse):
        (WebCore::MainResourceLoader::didReceiveData):
        (WebCore::MainResourceLoader::didFinishLoading):
        (WebCore::MainResourceLoader::didFail):
        * loader/MainResourceLoader.h:
        (MainResourceLoader):
        * platform/mac/WebCoreSystemInterface.h:
        * platform/mac/WebCoreSystemInterface.mm:

2012-05-01  Kent Tamura  <tkent@chromium.org>

        Calendar Picker: Add capability to add platform-specific style sheet
        https://bugs.webkit.org/show_bug.cgi?id=85272

        Reviewed by Kentaro Hara.

        Add RenderTheme::extraCalendarPickerStyleSheet(). The resultant string
        of the function is inserted into the calendar picker page.

        No new tests. Calendar picker apperance is not testable yet.

        * Resources/calendarPicker.css: Removed styles for year-month buttons.
        * Resources/calendarPickerMac.css:
        Moved from calendarPicker.css, and adjust styles so that they look
        standard Lion buttons.
        (.year-month-button):
        (.year-month-button:active):
        (.year-month-button:disabled):
        * WebCore.gyp/WebCore.gyp: Add a rule to produce CalendarPickerMac.{cpp,h}.
        * html/shadow/CalendarPickerElement.cpp:
        (WebCore::CalendarPickerElement::writeDocument):
        Add extraCalendarPickerStyleSheet() result to the document.
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::extraCalendarPickerStyleSheet):
        Added. Returns an empty CString by default.
        * rendering/RenderTheme.h:
        (RenderTheme): Added extraCalendarPickerStyleSheet().
        * rendering/RenderThemeChromiumMac.h: Added extraCalendarPickerStyleSheet().
        * rendering/RenderThemeChromiumMac.mm:
        (WebCore::RenderThemeChromiumMac::extraCalendarPickerStyleSheet):
        Added. Returns the content of Resources/calendarPickerMac.css.

2012-05-01  James Simonsen  <simonjam@chromium.org>

        Ensure HTMLElementStack fails gracefully if it has a non-Element.
        https://bugs.webkit.org/show_bug.cgi?id=85167

        Reviewed by Adam Barth.

        Test: Added to html5lib/resources/webkit02.dat

        * html/parser/HTMLElementStack.cpp:
        (WebCore::HTMLElementStack::oneBelowTop):
        * html/parser/HTMLTreeBuilder.cpp:
        (WebCore::HTMLTreeBuilder::processEndTag):

2012-05-01  Ryosuke Niwa  <rniwa@webkit.org>

        *Command.h files shouldn't be exported to WebKit layer
        https://bugs.webkit.org/show_bug.cgi?id=74778

        Reviewed by Eric Seidel.

        Remove the dependency on *Command.h files from Mac port's WebKit layer.
        Also wrapped the call to TypingCommand::insertParagraphSeparatorInQuotedContent in the Editor class
        so that we can just expose Editor's method instead of directly exposing the said static method.

        * WebCore.exp.in:
        * WebCore.xcodeproj/project.pbxproj:
        * editing/Editor.h:
        (Editor):
        * editing/mac/EditorMac.mm:
        (WebCore::Editor::insertParagraphSeparatorInQuotedContent):
        (WebCore):

2012-05-01  Julien Chaffraix  <jchaffraix@webkit.org>

        Remove one bit from m_column to pack RenderTableCell bits more
        https://bugs.webkit.org/show_bug.cgi?id=85291

        Reviewed by Ojan Vafai.

        Memory improvement, covered by the existing unit tests.

        * rendering/RenderTableCell.cpp:
        * rendering/RenderTableCell.h:
        Remove one bit from m_column (which should be fine as I wouldn't expect tables above 1 millions
        columns to render at all anyway) to pack the bitfields in 32 bits. Re-arranged the bits to have the bigger
        bitfield first.

2012-05-01  Anders Carlsson  <andersca@apple.com>

        Slow scrolling on www.sholby.net
        https://bugs.webkit.org/show_bug.cgi?id=85304
        <rdar://problem/11138952>

        Reviewed by Beth Dakin.

        Fix two performance issues that showed up on the profiles.

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::checkLoadCompleteForThisFrame):
        Reset the relevant painted object counter; it's only interesting when loading.

        * page/Page.cpp:
        (WebCore::Page::startCountingRelevantRepaintedObjects):
        Set m_isCountingRelevantRepaintedObjects to true after calling reset, since reset now sets it to false.

        (WebCore::Page::resetRelevantPaintedObjectCounter):
        Set m_isCountingRelevantRepaintedObjects to false.

        (WebCore::Page::addRelevantRepaintedObject):
        Use HashSet::find to avoid an extra hash lookup.

        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::updateMainFrameScrollPositionAndScrollLayerPosition):
        Remove the call to FrameView::updateCompositingLayersAfterLayout now, since FrameView::notifyScrollPositionChanged
        already calls this and was making us to a lot of work twice.

2012-05-01  Silvia Pfeiffer  <silviapf@chromium.org>

        Audio controls have a 1px surplus outline coming from RenderImage::paintReplaced base class,
        which needs overwriting.
        https://bugs.webkit.org/show_bug.cgi?id=84570

        Reviewed by Eric Carlson.

        No new tests - covered by existing audio rendering tests.

        * rendering/RenderMedia.cpp:
        (WebCore::RenderMedia::paintReplaced): Overwrite inherited function.
        (WebCore):
        * rendering/RenderMedia.h:
        (RenderMedia):

2012-05-01  Terry Anderson  <tdanderson@chromium.org>

        Allow a pre-targeted node to be specified when dispatching a GestureTap event
        https://bugs.webkit.org/show_bug.cgi?id=85296

        Reviewed by Adam Barth.

        https://bugs.webkit.org/show_bug.cgi?id=85101
            The new parameter will be used and tested in this patch.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleGestureTap):
            The new preTargetedNode parameter can be used to pass in the Node that is
            the target of the GestureTap event. If this parameter is used, adjustedPoint
            is changed to be the center of the Node's bounding rectangle.
        * page/EventHandler.h:
        (EventHandler):

2012-05-01  Jessie Berlin  <jberlin@apple.com>

        Crash calling disconnectFrame on a DOMWindowExtension a second time.
        https://bugs.webkit.org/show_bug.cgi?id=85301

        Reviewed by Darin Adler.

        DOMWindowExtension::disconnectFrame assumed it would only be called when there was a frame
        to disconnect. However, DOMWindow's destructor invokes disconnectFrame on all its
        DOMWindowProperties, even if it already did so when it entered the page cache.

        * page/DOMWindowExtension.cpp:
        (WebCore::DOMWindowExtension::disconnectFrame):
        Don't do anything if the frame has already been disconnected.

2012-05-01  Aaron Colwell  <acolwell@chromium.org>

        Temporarily remove webkitSourceAddId() & webkitSourceRemoveId() from DOM
        until the rest of the Media Source v0.5 methods are implemented. This is
        to prevent ambiguity about whether v0.5 is fully supported or not.
        https://bugs.webkit.org/show_bug.cgi?id=85295

        Reviewed by Eric Carlson.

        No new tests. Removing methods from DOM so relevant tests are removed.

        * html/HTMLMediaElement.idl:

2012-05-01  Douglas Stockwell  <dstockwell@chromium.org>

        IndexedDB: stale index entries may not be removed in some cases
        https://bugs.webkit.org/show_bug.cgi?id=85224

        Reviewed by Ojan Vafai.

        Ensure that stale index entries are removed when the corresponding
        object store entry no longer exists.

        No new tests. Addresses a performance / storage leak that is
        not amenable to verification in a layout test.

        * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
        (WebCore):

2012-05-01  Igor Oliveira  <igor.o@sisa.samsung.com>

        Use HashMap<OwnPtr> for CounterMap in RenderCounter
        https://bugs.webkit.org/show_bug.cgi?id=85294

        Reviewed by Eric Seidel.

        * rendering/RenderCounter.cpp:
        (WebCore):
        (WebCore::makeCounterNode):
        (WebCore::RenderCounter::destroyCounterNodes):

2012-05-01  Philip Rogers  <pdr@google.com>

        Skip building instance tree for disallowed target
        https://bugs.webkit.org/show_bug.cgi?id=85202

        Reviewed by Nikolas Zimmermann.

        When the target of a use is disallowed (e.g., a mask element) we can
        skip building the instance tree because the shadow tree will be
        skipped as well.

        Test: svg/custom/animate-disallowed-mask-element.svg

        * svg/SVGUseElement.cpp:
        (WebCore::SVGUseElement::buildInstanceTree):

2012-04-29  Nikolas Zimmermann  <nzimmermann@rim.com>

        Accumulation for values-animation is broken
        https://bugs.webkit.org/show_bug.cgi?id=85158

        Reviewed by Darin Adler.

        Example:
        <rect width="999" height="100" fill="green"/>
            <animate begin="0s" values="0; 30; 20" accumulate="sum" repeatCount="5" dur="2s"/>
        </rect>

        The rect should animate like this:
        0.000s -> 0
        0.500s -> 15
        1.000s -> 30
        1.500s -> 25
        1.999s -> 20
        2.000s -> 20 (first accumulation, starts accumulating from the last set value, here '20').
        2.500s -> 45
        3.000s -> 50
        3.500s -> 45
        3.999s -> 40
        4.000s -> 40 (second accumulation)
        etc.

        This is currently broken for values-animation. The accumulation should happen after a full cycle of the values animation ran (aka. at the end of the duration).
        A values animation works like this: iterate over the list of values, and calculate a 'from' and 'to' value for a given time. Example for values="0; 30; 20" dur="2s":
            - 0.0s .. 1.0s -> from=0, to=30
            - 1.0s .. 2.0s -> from=30, to=20

        Accumulation currently is taken into account at each interval for a values-animation instead of the end of the cycle. Fix that
        by passing an additional 'toAtEndOfDuration' type to calculateAnimatedValue() which is used for accumulation instead of the
        current 'to' value.

        Test: svg/animations/accumulate-values-width-animation.html

        * svg/SVGAnimateElement.cpp:
        (WebCore::SVGAnimateElement::calculateAnimatedValue):
        * svg/SVGAnimateElement.h:
        (SVGAnimateElement):
        * svg/SVGAnimateMotionElement.cpp:
        (WebCore::SVGAnimateMotionElement::calculateAnimatedValue):
        * svg/SVGAnimateMotionElement.h:
        (SVGAnimateMotionElement):
        * svg/SVGAnimatedAngle.cpp:
        (WebCore::SVGAnimatedAngleAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedAngle.h:
        (SVGAnimatedAngleAnimator):
        * svg/SVGAnimatedBoolean.cpp:
        (WebCore::SVGAnimatedBooleanAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedBoolean.h:
        (SVGAnimatedBooleanAnimator):
        * svg/SVGAnimatedColor.cpp:
        (WebCore::SVGAnimatedColorAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedColor.h:
        (SVGAnimatedColorAnimator):
        * svg/SVGAnimatedEnumeration.cpp:
        (WebCore::SVGAnimatedEnumerationAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedEnumeration.h:
        (SVGAnimatedEnumerationAnimator):
        * svg/SVGAnimatedInteger.cpp:
        (WebCore::SVGAnimatedIntegerAnimator::calculateAnimatedInteger):
        (WebCore::SVGAnimatedIntegerAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedInteger.h:
        (SVGAnimatedIntegerAnimator):
        * svg/SVGAnimatedIntegerOptionalInteger.cpp:
        (WebCore::SVGAnimatedIntegerOptionalIntegerAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedIntegerOptionalInteger.h:
        (SVGAnimatedIntegerOptionalIntegerAnimator):
        * svg/SVGAnimatedLength.cpp:
        (WebCore::SVGAnimatedLengthAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedLength.h:
        (SVGAnimatedLengthAnimator):
        * svg/SVGAnimatedLengthList.cpp:
        (WebCore::SVGAnimatedLengthListAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedLengthList.h:
        (SVGAnimatedLengthListAnimator):
        * svg/SVGAnimatedNumber.cpp:
        (WebCore::SVGAnimatedNumberAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedNumber.h:
        (SVGAnimatedNumberAnimator):
        * svg/SVGAnimatedNumberList.cpp:
        (WebCore::SVGAnimatedNumberListAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedNumberList.h:
        (SVGAnimatedNumberListAnimator):
        * svg/SVGAnimatedNumberOptionalNumber.cpp:
        (WebCore::SVGAnimatedNumberOptionalNumberAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedNumberOptionalNumber.h:
        (SVGAnimatedNumberOptionalNumberAnimator):
        * svg/SVGAnimatedPath.cpp:
        (WebCore::SVGAnimatedPathAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedPath.h:
        (SVGAnimatedPathAnimator):
        * svg/SVGAnimatedPointList.cpp:
        (WebCore::SVGAnimatedPointListAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedPointList.h:
        (SVGAnimatedPointListAnimator):
        * svg/SVGAnimatedPreserveAspectRatio.cpp:
        (WebCore::SVGAnimatedPreserveAspectRatioAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedPreserveAspectRatio.h:
        (SVGAnimatedPreserveAspectRatioAnimator):
        * svg/SVGAnimatedRect.cpp:
        (WebCore::SVGAnimatedRectAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedRect.h:
        (SVGAnimatedRectAnimator):
        * svg/SVGAnimatedString.cpp:
        (WebCore::SVGAnimatedStringAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedString.h:
        (SVGAnimatedStringAnimator):
        * svg/SVGAnimatedTransformList.cpp:
        (WebCore::SVGAnimatedTransformListAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedTransformList.h:
        (SVGAnimatedTransformListAnimator):
        * svg/SVGAnimatedTypeAnimator.h:
        (SVGAnimatedTypeAnimator):
        * svg/SVGAnimationElement.cpp:
        (WebCore::SVGAnimationElement::currentValuesForValuesAnimation):
        (WebCore::SVGAnimationElement::updateAnimation):
        * svg/SVGAnimationElement.h:
        (WebCore::SVGAnimationElement::animateAdditiveNumber):
        (SVGAnimationElement):

2012-05-01  Beth Dakin  <bdakin@apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=85231
        Fixed position objects that are removed from the DOM don't kick off 
        fixed position recalculation
        -and corresponding-
        <rdar://problem/11297916>

        Reviewed by Darin Adler.

        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::willBeDestroyed):

2012-05-01  Dana Jansens  <danakj@chromium.org>

        Early-out for subtracting a non-intersecting region
        https://bugs.webkit.org/show_bug.cgi?id=85258

        Reviewed by Hajime Morita.

        Given regions A and B, if the bounds of the regions do not intersect,
        then the regions themselves do not intersect. If the intersection of
        A and B is empty, then A subtract B == A.

        * platform/graphics/Region.cpp:
        (WebCore::Region::subtract):

2012-04-30  Kent Tamura  <tkent@chromium.org>

        [Chromium/Windows] Add LocalizedDateWin
        https://bugs.webkit.org/show_bug.cgi?id=84935

        Reviewed by Kentaro Hara.

        LocalizedDateICU.cpp doesn't reflect system settings. So there were some
        problems such as <input type=date> doesn't use system's date format.

        We need to use Windows API to get a date format and calendar parameters.

        We obtain a date format like "MM/dd/yy" via Windows API, and
        format/parse dates for the format by our own code because Windows API
        can't handle years older than 1601 and doesn't have date parsing API.

        Unit test: Source/WebKit/chromium/tests/LocaleWinTest.cpp

        * WebCore.gypi: Add LocalizedDateWin.cpp.
        * WebCore.gyp/WebCore.gyp:
        For Windows, remove LocalizedDateICU.cpp and add LocalizedDateWin.cpp.
        All of *Win.cpp files are excluded by default.

        * platform/text/LocaleWin.cpp: Added.
        (WebCore::LocaleWin::LocaleWin):
        (WebCore::LocaleWin::create):
        (WebCore::LocaleWin::currentLocale):
        (WebCore::LocaleWin::~LocaleWin):
        (WebCore::LocaleWin::getLocaleInfoString):
        A helper function to obtain a string by GetLocaleInfo().
        (WebCore::LocaleWin::initializeShortMonthLabels):
        Obtain short month names from Windows.

        (WebCore::DateFormatToken): A struct to represent a token in a date format.
        e.g. A format string "MM/dd/yy" generates five DateFormatToken:
         Month2, Literal, Day2, Literal, Year2.
        (isEraSymbol): A readability helper function.
        (isYearSymbol): ditto.
        (isMonthSymbol): ditto.
        (isDaySymbol): ditto.
        (countContinuousLetters):
        (commitLiteralToken): A helper for parseDateFormat().
        (parseDateFormat):
        Parse a format string, and generate a list of DateFormatToken.

        (WebCore::parseNumber): A helper for parseDate().
        (WebCore::LocaleWin::parseNumberOrMonth): ditto.
        (WebCore::LocaleWin::parseDate):
        Parse a user-provided date string by matching with a DateFormatToken list.

        (WebCore::appendNumber): A helper for formatDate().
        (WebCore::appendTwoDigitsNumber): ditto. Write at least two digits.
        (WebCore::appendFourDigitsNumber): ditto. Write at least four digits.
        (WebCore::LocaleWin::formatDate):
        Format a DateComponents by iterating a DateFormatToken list.

        (WebCore::LocaleWin::initializeShortDateTokens):
        (WebCore::substituteLabelsIntoFormat):
        Creates a user-visible format string by iterating a DateFormatToken list.
        (WebCore::LocaleWin::dateFormatText):
        (WebCore::LocaleWin::initializeMonthLabels):
        Creates month names by Windows API.
        (WebCore::LocaleWin::initializeWeekDayShortLabels):
         Creates day names by Windows API.
        (WebCore::LocaleWin::monthLabels):
        Public accessor function for month names.
        (WebCore::LocaleWin::weekDayShortLabels):
        Public accessor function for day names.
        * platform/text/LocaleWin.h: Added.

        * platform/text/LocalizedDateWin.cpp:
        Added. The following functions simply delegate to LocaleWin::currentLocale().
        (WebCore::parseLocalizedDate):
        (WebCore::formatLocalizedDate):
        (WebCore::localizedDateFormatText):
        (WebCore::monthLabels):
        (WebCore::weekDayShortLabels):
        (WebCore::firstDayOfWeek):

2012-04-30  Kent Tamura  <tkent@chromium.org>

        REGRESSION(r115600): parseLocalizedDate() should fail for invalid inputs
        https://bugs.webkit.org/show_bug.cgi?id=85176

        Reviewed by Kentaro Hara.

        Test: fast/forms/date/input-date-commit-valid-only.html

        * platform/text/mac/LocalizedDateMac.mm:
        (WebCore::parseLocalizedDate):
        We should check nil for the result of NSDateFormtter::dateFromString.

2012-04-30  Mark Rowe  <mrowe@apple.com>

        Fix another leak due to misuse of createCFString.

        Reviewed by Darin Adler.

        * plugins/mac/PluginPackageMac.cpp:
        (WebCore::PluginPackage::fetchInfo): Adopt the result of createCFString.

2012-04-30  Mark Rowe  <mrowe@apple.com>

        <rdar://problem/11312198> Many leaks during fast/events/dropzone-002.html

        Reviewed by Darin Adler.

        * platform/mac/ClipboardMac.mm:
        (WebCore::utiTypeFromCocoaType): Adopt the result of createCFString.

2012-04-30  Mark Rowe  <mrowe@apple.com>

        <rdar://problem/11352575> Many CGImageRefs leaked during media layout tests

        Reviewed by Brian Weinstein.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
        (WebCore::MediaPlayerPrivateAVFoundationObjC::createImageForTimeInRect): Adopt the CGImageRef.

2012-04-30  Emil A Eklund  <eae@chromium.org>

        Change RenderBoxModelObject::calculateBackgroundImageGeometry to use roundToInt
        https://bugs.webkit.org/show_bug.cgi?id=85249

        Reviewed by Eric Seidel.

        Prepare RenderBoxModelObject for FractionalLayoutUnits by adding rounding
        logic to calculateBackgroundImageGeometry. Background images, as all
        images, needs to be layed out on pixel boundaries thus we need to convert
        it to a integer value.

        No new tests, no change in functionality.

        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry):

2012-04-30  Ilya Sherman  <isherman@chromium.org>

        Unreviewed, rolling out r113511.
        http://trac.webkit.org/changeset/113511
        https://bugs.webkit.org/show_bug.cgi?id=66032
        https://bugs.webkit.org/show_bug.cgi?id=85150

        Regression: Many autofilled form fields lack the default
        autofill background even when authors don’t override the
        autofill colors

        * css/html.css:
        (input:-webkit-autofill): Restore !important modifiers

2012-04-30  Julien Chaffraix  <jchaffraix@webkit.org>

        Move RenderTableCell's row index to RenderTableRow
        https://bugs.webkit.org/show_bug.cgi?id=85229

        Reviewed by Ojan Vafai.

        Covered by the existing table tests.

        Row index is a RenderTableRow concept and as such this change moves
        the relevant logic into the class.

        While touching the code, renamed row() -> rowIndex() as now RenderTableCell
        can return its parent RenderTableRow and we were returning an index, not the row
        itself.

        * accessibility/AccessibilityTable.cpp:
        (WebCore::AccessibilityTable::cellForColumnAndRow):
        * accessibility/AccessibilityTableCell.cpp:
        (WebCore::AccessibilityTableCell::rowIndexRange):
        (WebCore::AccessibilityTableCell::titleUIElement):
        * rendering/RenderTable.cpp:
        (WebCore::RenderTable::cellAbove):
        (WebCore::RenderTable::cellBelow):
        (WebCore::RenderTable::cellBefore):
        (WebCore::RenderTable::cellAfter):
        * rendering/RenderTreeAsText.cpp:
        (WebCore::RenderTreeAsText::writeRenderObject):
        Updated after the renaming RenderTableCell::row() -> rowIndex().

        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::RenderTableCell):
        (WebCore::RenderTableCell::computeCollapsedBeforeBorder):
        (WebCore::RenderTableCell::computeCollapsedAfterBorder):
        Updated after m_rowIndex removal and row() -> rowIndex() renaming.

        (WebCore::RenderTableCell::styleDidChange):
        Switched the rowWasSet check to an ASSERT. The new logic guarantees that
        row index was set straight when we insert the row. The previous logic was
        opened to some race conditions as we could wait for a recalcCells call before
        setting the index on the rows which made this check necessary.

        * rendering/RenderTableCell.h:
        (WebCore::RenderTableCell::row):
        Added this RenderTableRow getter.

        (WebCore::RenderTableCell::rowIndex):
        Renamed from row().

        * rendering/RenderTableRow.cpp:
        (WebCore::RenderTableRow::RenderTableRow):
        (WebCore::RenderTableRow::styleDidChange):
        Updated after adding m_rowIndex / rowIndex().

        * rendering/RenderTableRow.h:
        (WebCore::RenderTableRow::setRowIndex):
        (WebCore::RenderTableRow::rowIndex):
        Added those getter / setter. Also kept m_rowIndex's smaller size
        for future optimization and for symmetry with the column index on
        RenderTableCell.

        * rendering/RenderTableSection.cpp:
        (WebCore::RenderTableSection::addChild):
        (WebCore::RenderTableSection::recalcCells):
        Made sure that whenever we insert or update our row index
        we do call setRowIndex().

        (WebCore::RenderTableSection::addCell):
        This logic now doesn't need to query insertionRow as the cell's
        should have the index of the row in which it is inserted.

        (WebCore::RenderTableSection::calcRowLogicalHeight):
        (WebCore::RenderTableSection::layoutRows):
        (WebCore::compareCellPositionsWithOverflowingCells):
        More updates after row() -> rowIndex() renaming.

        * rendering/RenderTableSection.h:
        Removed rowIndexForRenderer now that the row caches this informatin.

2012-04-30  Keishi Hattori  <keishi@webkit.org>

        datalist: Inconsistent behavior of HTMLInputElement::list
        https://bugs.webkit.org/show_bug.cgi?id=84351

        Each platform will have a different set of input types that support the datalist UI.
        This patch makes shouldRespectListAttribute ask the RenderTheme if it supports datalist UI for that input type.
        Thus making it possible to do feature detection with JS.

        Reviewed by Kent Tamura.

        * WebCore.gypi: Added RenderThemeChromiumCommon.{cpp,h}
        * html/ColorInputType.cpp:
        (WebCore::ColorInputType::shouldRespectListAttribute):
        (WebCore):
        * html/ColorInputType.h:
        (ColorInputType):
        * html/InputType.cpp:
        (WebCore::InputType::themeSupportsDataListUI): Static method used by TextFieldInputType, RangeInputType, and ColorInputType.
        (WebCore):
        * html/InputType.h:
        (InputType):
        * html/RangeInputType.cpp:
        (WebCore::RangeInputType::shouldRespectListAttribute):
        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::shouldRespectListAttribute):
        * rendering/RenderTheme.h:
        (RenderTheme):
        (WebCore::RenderTheme::supportsDataListUI): Returns true if the platform can show the datalist suggestions for a given input type.
        * rendering/RenderThemeChromiumCommon.cpp: Added.
        (WebCore):
        (WebCore::RenderThemeChromiumCommon::supportsDataListUI):
        * rendering/RenderThemeChromiumCommon.h: Added.
        (WebCore):
        (RenderThemeChromiumCommon):
        * rendering/RenderThemeChromiumMac.h:
        (RenderThemeChromiumMac):
        * rendering/RenderThemeChromiumMac.mm:
        (WebCore::RenderThemeChromiumMac::supportsDataListUI):
        (WebCore):
        * rendering/RenderThemeChromiumSkia.cpp:
        (WebCore::RenderThemeChromiumMac::supportsDataListUI):
        (WebCore):
        * rendering/RenderThemeChromiumSkia.h:
        (RenderThemeChromiumSkia):

2012-04-30  Levi Weintraub  <leviw@chromium.org>

        RenderObject incorrectly lists maximalOutlineSize as a LayoutUnit
        https://bugs.webkit.org/show_bug.cgi?id=85248

        Reviewed by Eric Seidel.

        Reverting RenderObject::maximalOutlineSize to int. This is a slop value for repaint
        rects that doesn't affect layout. It also derives its value from RenderView's function
        of the same name, which is already an integer.

        No new tests. No change in behavior.

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::maximalOutlineSize):
        * rendering/RenderObject.h:
        (RenderObject):

2012-04-30  Xingnan Wang  <xingnan.wang@intel.com>

        Add multichannel support for input of JavaScriptAudioNode
        https://bugs.webkit.org/show_bug.cgi?id=84687

        Reviewed by Chris Rogers.

        Tests: webaudio/javascriptaudionode-downmix8-2channel-input.html
               webaudio/javascriptaudionode-upmix2-8channel-input.html

        * Modules/webaudio/JavaScriptAudioNode.cpp:
        (WebCore::JavaScriptAudioNode::create):
        (WebCore::JavaScriptAudioNode::JavaScriptAudioNode):
        (WebCore::JavaScriptAudioNode::initialize):
        (WebCore::JavaScriptAudioNode::process):
        * Modules/webaudio/JavaScriptAudioNode.h:
        (JavaScriptAudioNode):

2012-04-30  Oliver Hunt  <oliver@apple.com>

        Harden arithmetic in ImageBufferDataCG
        https://bugs.webkit.org/show_bug.cgi?id=61373

        Reviewed by Gavin Barraclough.

        We have a checked type that allows us to automate many of the
        bounds checks we want here, so let's replace the floating point
        math, and just use Checked<> throughout.  We use a non-recording
        Checked<> as no overflows should reach this point, so we'll take
        a hard early failure, over the cost of many branches when
        accessing the raw values in loops.

        * platform/graphics/cg/ImageBufferDataCG.cpp:
        (WebCore::ImageBufferData::getData):
        (WebCore::ImageBufferData::putData):

2012-04-30  Levi Weintraub  <leviw@chromium.org>

        Add absoluteValue method for LayoutUnits to allow overloading abs()
        https://bugs.webkit.org/show_bug.cgi?id=85214

        Reviewed by Eric Seidel.

        Adding an absoluteValue free inline function that operates on LayoutUnits, which
        allows us to have one function signature for ints or FractionalLayoutUnits. We
        can't simply add a FractionalLayoutUnit flavor of abs because it confuses
        some compilers due to the implicit FractionalLayoutUnit constructors that take
        ints and floats.

        No new tests. No change in behavior.

        * page/SpatialNavigation.cpp:
        (WebCore::distanceDataForNode):
        * rendering/LayoutTypes.h:
        (WebCore::absoluteValue):
        (WebCore):
        * rendering/RenderBlockLineLayout.cpp:
        (WebCore::RenderBlock::checkPaginationAndFloatsAtEndLine):
        * rendering/RenderLineBoxList.cpp:
        (WebCore::RenderLineBoxList::rangeIntersectsRect):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::repaintAfterLayoutIfNeeded):

2012-04-30  Levi Weintraub  <leviw@chromium.org>

        Update LayoutUnit usage in InlineFlowBox and RenderWidget
        https://bugs.webkit.org/show_bug.cgi?id=85239

        Reviewed by Eric Seidel.

        Updating LayoutUnit usage in a pair of remaining functions to minimize the remaining work to switching
        to FractionalLayoutUnits for layout instead of integers.

        No new tests. No change in behavior.

        * rendering/InlineFlowBox.cpp:
        (WebCore::InlineFlowBox::placeBoxesInBlockDirection): Though stored as a float, the top is always
        set to an integer value. When we move to sub-pixel, we need to preserve this. Not preserving this
        behavior affects text decorations, most notably underlines.
        * rendering/RenderWidget.cpp:
        (WebCore::RenderWidget::updateWidgetGeometry): Adding pixel snapping for the content box if it's
        not transformed (absoluteContentBox includes pixel snapping), and properly treating the boundingBox
        as an IntRect.

2012-04-30  Levi Weintraub  <leviw@chromium.org>

        Prepare RenderDeprecatedFlexibleBox for sub-pixel layout
        https://bugs.webkit.org/show_bug.cgi?id=85217

        Reviewed by Eric Seidel.

        Bailing from the space distribution loop in layoutHorizontal/VerticalBox when
        the remaining space falls below one pixel. This has no effect in whole-pixel
        layout, but avoids unnecessary work/infinite loops in the sub-pixel case.

        No new tests. No change in behavior.

        * rendering/RenderDeprecatedFlexibleBox.cpp:
        (WebCore::RenderDeprecatedFlexibleBox::layoutHorizontalBox):
        (WebCore::RenderDeprecatedFlexibleBox::layoutVerticalBox):

2012-04-30  Ryosuke Niwa  <rniwa@webkit.org>

        NULL ptr in WebCore::Range::getBorderAndTextQuads
        https://bugs.webkit.org/show_bug.cgi?id=77218

        Reviewed by Eric Seidel.

        The crash was caused by a malformed range obtained within an event handler of mutation events
        (DOMNodeRemovedFromDocument). Because this range wasn't updated per node removal, range functions
        end up not behaving well.

        Fixed the bug by changing the order of the notifications in ContainerNode::willRemoveChild.
        We now fire mutation events first before updating ranges so that any range created inside those
        event handlers can also be updated prior to the actual node removal.

        Test: fast/dom/Range/range-created-in-mutation-event-crash.xhtml

        * dom/ContainerNode.cpp:
        (WebCore::willRemoveChild):

2012-04-30  Anders Carlsson  <andersca@apple.com>

        ScrollingCoordinator::requestScrollPositionUpdate should not update the main frame scroll position
        https://bugs.webkit.org/show_bug.cgi?id=85240
        <rdar://problem/11286609>

        Reviewed by Sam Weinig.

        The call to updateMainFrameScrollPosition was added to make the WebKit2 find overlay work, since it relies
        on scroll position updates being synchronous. Change the find code in WebKit2 to handle asynchronous scroll
        position updates and remove the call to updateMainFrameScrollPosition.

        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::requestScrollPositionUpdate):

2012-04-30  Anders Carlsson  <andersca@apple.com>

        Add a way to asynchronously call a function once the scroll position of a page has been updated
        https://bugs.webkit.org/show_bug.cgi?id=85237

        Reviewed by Sam Weinig.

        * WebCore.exp.in:
        Export functions needed by WebKit2.

        * page/scrolling/ScrollingCoordinator.h:
        Make commitTreeStateIfNeeded public.

2012-04-30  Kentaro Hara  <haraken@chromium.org>

        WebGLRenderingContext methods should throw TypeError for not enough arguments
        https://bugs.webkit.org/show_bug.cgi?id=84787

        Reviewed by Kenneth Russell.

        Currently, WebGLRenderingcontext methods implement
        "Not enough arguments" error as SyntaxError. The Web IDL
        spec requires that it should be TypeError:
        http://www.w3.org/TR/WebIDL/#dfn-overload-resolution-algorithm

        This patch changes SyntaxError to TypeError.

        I wanted to confirm the behavior of Firefox and Opera,
        but they do not implement WebGL yet.

        Test: fast/canvas/webgl/webgl-exceptions.html

        * bindings/js/JSWebGLRenderingContextCustom.cpp:
        (WebCore::getObjectParameter):
        (WebCore::JSWebGLRenderingContext::getAttachedShaders):
        (WebCore::JSWebGLRenderingContext::getExtension):
        (WebCore::JSWebGLRenderingContext::getFramebufferAttachmentParameter):
        (WebCore::JSWebGLRenderingContext::getParameter):
        (WebCore::JSWebGLRenderingContext::getProgramParameter):
        (WebCore::JSWebGLRenderingContext::getShaderParameter):
        (WebCore::JSWebGLRenderingContext::getUniform):
        (WebCore::dataFunctionf):
        (WebCore::dataFunctioni):
        (WebCore::dataFunctionMatrix):
        * bindings/v8/custom/V8WebGLRenderingContextCustom.cpp:
        (WebCore::getObjectParameter):
        (WebCore::V8WebGLRenderingContext::getAttachedShadersCallback):
        (WebCore::V8WebGLRenderingContext::getExtensionCallback):
        (WebCore::V8WebGLRenderingContext::getFramebufferAttachmentParameterCallback):
        (WebCore::V8WebGLRenderingContext::getParameterCallback):
        (WebCore::V8WebGLRenderingContext::getProgramParameterCallback):
        (WebCore::V8WebGLRenderingContext::getShaderParameterCallback):
        (WebCore::V8WebGLRenderingContext::getUniformCallback):
        (WebCore::vertexAttribAndUniformHelperf):
        (WebCore::uniformHelperi):
        (WebCore::uniformMatrixHelper):

2012-04-30  Emil A Eklund  <eae@chromium.org>

        [gtk, qt, chromium, win] Fix usage of LayoutUnits and rounding in platform code
        https://bugs.webkit.org/show_bug.cgi?id=85222

        Reviewed by Eric Seidel.

        Update platform code to use the pixel snapped values for painting rects
        to line up with device pixels and change platform specific hit testing
        code to use roundedPoint as hit testing is still mostly done on integer
        bounds.

        No new tests, no change in functionality.

        * platform/qt/RenderThemeQt.cpp:
        (WebCore::RenderThemeQt::paintMediaVolumeSliderTrack):
        * platform/win/PopupMenuWin.cpp:
        (WebCore::PopupMenuWin::paint):
        * rendering/RenderThemeChromiumSkia.cpp:
        (WebCore::RenderThemeChromiumSkia::paintSearchFieldCancelButton):
        (WebCore::RenderThemeChromiumSkia::paintSearchFieldResultsDecoration):
        (WebCore::RenderThemeChromiumSkia::paintSearchFieldResultsButton):

2012-04-30  Kentaro Hara  <haraken@chromium.org>

        [V8][JSC] Remove hard-coded "Not enough arguments" errors
        https://bugs.webkit.org/show_bug.cgi?id=85207

        Reviewed by Sam Weinig.

        In bug 85022 and bug 85097, we implemented
        createNotEnoughArgumentsError() in JSC and
        V8Proxy::throwNotEnoughArgumentsError() in V8 and partially
        removed hard-coded "Not enough arguments" errors.
        This patch removes hard-coded "Not enough arguments"
        errors by using the helper methods.

        No tests. No change in behavior.

        * bindings/js/JSAudioContextCustom.cpp:
        (WebCore::JSAudioContextConstructor::constructJSAudioContext):
        * bindings/js/JSSVGLengthCustom.cpp:
        (WebCore::JSSVGLength::convertToSpecifiedUnits):
        * bindings/js/JSWebSocketCustom.cpp:
        (WebCore::JSWebSocketConstructor::constructJSWebSocket):
        (WebCore::JSWebSocket::send):
        * bindings/js/JSXMLHttpRequestCustom.cpp:
        (WebCore::JSXMLHttpRequest::open):
        * bindings/v8/ScriptController.cpp:
        (WebCore::setValueAndClosePopupCallback):
        * bindings/v8/custom/V8AudioContextCustom.cpp:
        (WebCore::V8AudioContext::constructorCallback):
        * bindings/v8/custom/V8SVGLengthCustom.cpp:
        (WebCore::V8SVGLength::convertToSpecifiedUnitsCallback):
        * bindings/v8/custom/V8WebSocketCustom.cpp:
        (WebCore::V8WebSocket::constructorCallback):
        (WebCore::V8WebSocket::sendCallback):
        * bindings/v8/custom/V8XMLHttpRequestCustom.cpp:
        (WebCore::V8XMLHttpRequest::openCallback):

2012-04-30  Benjamin Poulain  <benjamin@webkit.org>

        Add String::startsWith() and endsWith() for string literals
        https://bugs.webkit.org/show_bug.cgi?id=85154

        Reviewed by Darin Adler.

        Update WebCore to use the simpler startsWith() and endsWith() taking
        a UChar.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::markPropertyEnd):
        * css/WebKitCSSKeyframeRule.cpp:
        (WebCore::StyleKeyframe::parseKeyString):
        * editing/markup.cpp:
        (WebCore::createFragmentFromText):
        * html/HTMLObjectElement.cpp:
        (WebCore::HTMLObjectElement::addSubresourceAttributeURLs):
        * html/HTMLTextFormControlElement.cpp:
        (WebCore::HTMLTextFormControlElement::setInnerTextValue):
        * inspector/ContentSearchUtils.cpp:
        (WebCore::ContentSearchUtils::getRegularExpressionMatchesByLines):
        * inspector/InspectorCSSAgent.cpp:
        (WebCore::InspectorCSSAgent::SetPropertyTextAction::redo):
        * loader/MainResourceLoader.cpp:
        (WebCore::MainResourceLoader::substituteMIMETypeFromPluginDatabase):
        * loader/appcache/ManifestParser.cpp:
        (WebCore::parseManifest):
        * platform/blackberry/CookieManager.cpp:
        (WebCore::CookieManager::shouldRejectForSecurityReason):
        * platform/posix/FileSystemPOSIX.cpp:
        (WebCore::pathByAppendingComponent):
        * plugins/PluginDatabase.cpp:
        (WebCore::PluginDatabase::findPlugin):
        * svg/SVGStopElement.cpp:
        (WebCore::SVGStopElement::parseAttribute):
        * svg/animation/SVGSMILElement.cpp:
        (WebCore::SVGSMILElement::parseOffsetValue):
        (WebCore::SVGSMILElement::parseCondition):

2012-04-30  Abhishek Arya  <inferno@chromium.org>

        Remove positioned float code.
        https://bugs.webkit.org/show_bug.cgi?id=84795

        Reviewed by Dan Bernstein.

        Backout r92004 and some pieces from r91702.

        Test: fast/block/float/positioned-float-crash.html

        * css/CSSParser.cpp:
        (WebCore::isValidKeywordPropertyAndValue):
        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        (WebCore::CSSPrimitiveValue::operator EFloat):
        * css/CSSValueKeywords.in:
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::RenderBlock):
        (WebCore::RenderBlock::layoutBlock):
        (WebCore::RenderBlock::addOverflowFromFloats):
        (WebCore::RenderBlock::layoutBlockChild):
        (WebCore::RenderBlock::simplifiedLayout):
        (WebCore::RenderBlock::layoutPositionedObjects):
        (WebCore::RenderBlock::insertFloatingObject):
        (WebCore::RenderBlock::positionNewFloats):
        (WebCore::RenderBlock::clearFloats):
        (WebCore::RenderBlock::FloatingObjects::clear):
        (WebCore::RenderBlock::FloatingObjects::increaseObjectsCount):
        (WebCore::RenderBlock::FloatingObjects::decreaseObjectsCount):
        * rendering/RenderBlock.h:
        (RenderBlock):
        (WebCore::RenderBlock::forceLayoutInlineChildren):
        (FloatingObject):
        (WebCore::RenderBlock::FloatingObject::FloatingObject):
        (WebCore::RenderBlock::hasOverhangingFloats):
        (WebCore::RenderBlock::FloatingObjects::FloatingObjects):
        (FloatingObjects):
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::updateBoxModelInfoFromStyle):
        * rendering/RenderDeprecatedFlexibleBox.cpp:
        (WebCore::RenderDeprecatedFlexibleBox::layoutBlock):
        * rendering/RenderDeprecatedFlexibleBox.h:
        (RenderDeprecatedFlexibleBox):
        * rendering/RenderFlexibleBox.cpp:
        (WebCore::RenderFlexibleBox::layoutBlock):
        * rendering/RenderFlexibleBox.h:
        (RenderFlexibleBox):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::updateScrollbarsAfterLayout):
        * rendering/style/RenderStyleConstants.h:

2012-04-29  Sam Weinig  <sam@webkit.org>

        Remove BlobBuilder
        https://bugs.webkit.org/show_bug.cgi?id=84036

        Reviewed by Anders Carlsson.

        * GNUmakefile.am:
        * fileapi/WebKitBlobBuilder.idl:
        * page/DOMWindow.idl:
        * workers/WorkerContext.idl:
        Make exposing the WebKitBlobBuilder JS object conditional on a new
        ENABLE_LEGACY_WEBKIT_BLOB_BUILDER flag. Don't enable this for the Mac,
        but do for everyone else.

2012-04-30  Anders Carlsson  <andersca@apple.com>

        Add a barrier-style dispatch member function to ScrollingThread
        https://bugs.webkit.org/show_bug.cgi?id=85228

        Reviewed by Sam Weinig.

        Add a ScrollingThread::dispatchBarrier function which takes a WTF::Function and dispatches it to the main thread
        once all the currently scheduled scrolling thread functions have run. This is to be used for synchronization between the
        scrolling thread and the main thread.

        * page/scrolling/ScrollingThread.cpp:
        (WebCore::callFunctionOnMainThread):
        (WebCore):
        (WebCore::ScrollingThread::dispatchBarrier):
        * page/scrolling/ScrollingThread.h:
        (ScrollingThread):

2012-04-30  Min Qin  <qinmin@google.com>

        Expose a flag so that fullscreen video on android can work with FULLSCREEN_API
        https://bugs.webkit.org/show_bug.cgi?id=84414

        Reviewed by Darin Fisher.

        No tests, just exposing the flag, and will be used by android later.
        Sorry, there is a merge error during the previous commit, resolved now

        * platform/graphics/MediaPlayer.cpp:
        (WebCore::MediaPlayer::setControls):
        (WebCore):
        (WebCore::MediaPlayer::enterFullscreen):
        (WebCore::MediaPlayer::exitFullscreen):
        * platform/graphics/MediaPlayer.h:
        (MediaPlayer):
        * platform/graphics/MediaPlayerPrivate.h:
        (MediaPlayerPrivateInterface):
        (WebCore::MediaPlayerPrivateInterface::enterFullscreen):

2012-04-30  Nate Chapin  <japhet@chromium.org>

        Move more of committing and starting to write a Document
        to DocumentLoader.
        https://bugs.webkit.org/show_bug.cgi?id=83908

        Reviewed by Adam Barth.

        No new tests, refactor only.

        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::commitIfReady): Ignore m_gotFirstByte here, since
            it was always true here anyway.
        (WebCore::DocumentLoader::finishedLoading): If we are finishing an empty
            document, create the document now, so that FrameLoaderClient doesn't
            have to do it later (FrameLoaderClient code will be removed in a later
            patch).
        (WebCore::DocumentLoader::commitData): Call receivedFirstData() directly and
            do some work receivedFirstData() used to do, setEncoding() only once per
            load.
        (WebCore::DocumentLoader::receivedData):
        (WebCore::DocumentLoader::maybeCreateArchive):
        * loader/DocumentLoader.h:
        * loader/DocumentWriter.cpp:
        (WebCore::DocumentWriter::setEncoding):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::receivedFirstData): Move DocumentLoader calls
            to DocumentLoader.
        * loader/FrameLoader.h: Remove m_hasReceivedFirstData and willSetEncoding(),
            allow hasReceivedData() to be called directly.
        (FrameLoader):

2012-04-30  Kentaro Hara  <haraken@chromium.org>

        Unreviewed. Fix test crashes in Win/Linux debug builds.

        * bindings/v8/V8LazyEventListener.cpp:
        (WebCore::V8LazyEventListener::V8LazyEventListener):
        (WebCore::V8LazyEventListener::prepareListenerObject):
        * bindings/v8/V8LazyEventListener.h:
        (V8LazyEventListener):

2012-04-30  Tommy Widenflycht  <tommyw@google.com>

        MediaStream API: Change LocalMediaStream::stop to be synchronous
        https://bugs.webkit.org/show_bug.cgi?id=84942

        Reviewed by Dimitri Glazkov.

        Since I changed LocalMediaStream to be a ActiveDOMObject recently the stop()
        behaviour needs to change since it is no longer a good idea to start a timer when called.

        Not possible to write a test for this.

        * Modules/mediastream/LocalMediaStream.cpp:
        (WebCore::LocalMediaStream::LocalMediaStream):
        (WebCore::LocalMediaStream::stop):
        * Modules/mediastream/LocalMediaStream.h:
        (LocalMediaStream):

2012-04-28  Emil A Eklund  <eae@chromium.org> and Levi Weintraub  <leviw@chromium.org>

        Add ENABLE_SUBPIXEL_LAYOUT controlling FractionalLayoutUnit denominator
        https://bugs.webkit.org/show_bug.cgi?id=85146

        Reviewed by Eric Seidel.

        Add a new flag for controlling the fixed point denominator in
        FractionalLayoutUnit. Controls whether the denominator is set to 60 or 1.
        Until we change the LayoutUnit typedef this change will have no effect.

        No new tests, no change in functionality.

        * platform/FractionalLayoutUnit.h:
        (WebCore):
        (WebCore::FractionalLayoutUnit::operator++):
        (WebCore::operator/):
        (WebCore::operator+):
        Add ++, / double and and + double operators. These are needed when
        ENABLE_SUBPIXEL_LAYOUT is not enabled.
        
        * platform/graphics/FractionalLayoutRect.cpp:
        (WebCore::enclosingFractionalLayoutRect):

2012-04-30  Justin Schuh  <jschuh@chromium.org>

        loadOrRedirectSubframe should return the owner element's frame
        https://bugs.webkit.org/show_bug.cgi?id=84780

        Reviewed by Nate Chapin.

        Test: fast/loader/javascript-url-iframe-remove-on-navigate.html

        * loader/SubframeLoader.cpp:
        (WebCore::SubframeLoader::loadOrRedirectSubframe):

2012-04-30  Caio Marcelo de Oliveira Filho  <caio.oliveira@openbossa.org>

        Use Vector<Attribute> directly instead of encapsulating it in AttributeVector
        https://bugs.webkit.org/show_bug.cgi?id=84413

        Reviewed by Andreas Kling.

        As commented in https://bugs.webkit.org/show_bug.cgi?id=79963#c16 we do not
        usually subclass basic types like Vector. This patch changes code to use
        Vector<Attribute> directly and move around the functionality of the former
        methods to more specific helper functions or inline code at the callers.

        * dom/Element.cpp:
        (WebCore::Element::parserSetAttributes):
        (WebCore::Element::normalizeAttributes):
        * dom/Element.h:
        (Element):
        * dom/ElementAttributeData.cpp:
        * dom/ElementAttributeData.h:
        (WebCore::findAttributeInVector):
        (WebCore::ElementAttributeData::getAttributeItem):
        (ElementAttributeData):
        (WebCore::ElementAttributeData::attributeVector):
        (WebCore::ElementAttributeData::clonedAttributeVector):
        (WebCore::ElementAttributeData::getAttributeItemIndex):
        (WebCore):
        * html/parser/HTMLConstructionSite.cpp:
        (WebCore::HTMLConstructionSite::createHTMLElementFromSavedElement):
        * html/parser/HTMLToken.h:
        (WebCore::AtomicHTMLToken::AtomicHTMLToken):
        * html/parser/HTMLTreeBuilder.cpp:
        (WebCore::HTMLTreeBuilder::processFakeStartTag):
        (WebCore::HTMLTreeBuilder::attributesForIsindexInput): Loop through the attributes
        backwards so we can remove items without affecting the rest of the loop run.
        * html/parser/HTMLTreeBuilder.h:
        * html/parser/TextDocumentParser.cpp:
        (WebCore::TextDocumentParser::insertFakePreElement):
        * xml/XMLErrors.cpp:
        (WebCore::createXHTMLParserErrorHeader):
        (WebCore::XMLErrors::insertErrorMessageBlock):
        * xml/parser/MarkupTokenBase.h:
        (WebCore::AtomicMarkupTokenBase::AtomicMarkupTokenBase):
        (WebCore::AtomicMarkupTokenBase::getAttributeItem):
        (WebCore::AtomicMarkupTokenBase::attributes):
        (AtomicMarkupTokenBase):
        (WebCore::::initializeAttributes):
        * xml/parser/XMLToken.h:
        (WebCore::AtomicXMLToken::AtomicXMLToken):

2012-04-30  Mark Pilgrim  <pilgrim@chromium.org>

        [Chromium] Remove PlatformSupport::loadPlatformAudioResource, call loadResource directly
        https://bugs.webkit.org/show_bug.cgi?id=85193

        Reviewed by Kentaro Hara.

        Part of a refactoring series. See tracking bug 82948.

        * platform/audio/chromium/AudioBusChromium.cpp:
        (WebCore::AudioBus::loadPlatformResource):
        * platform/chromium/PlatformSupport.h:
        (PlatformSupport):

2012-04-30  Mark Pilgrim  <pilgrim@chromium.org>

        [Chromium] Call defaultLocale directly
        https://bugs.webkit.org/show_bug.cgi?id=85192

        Reviewed by Kentaro Hara.

        Part of a refactoring series. See tracking bug 82948.

        * platform/chromium/LanguageChromium.cpp:
        (WebCore::platformLanguage):
        * platform/chromium/PlatformSupport.h:
        (PlatformSupport):

2012-04-30  Beth Dakin  <bdakin@apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=82922
        border-image with image-set does not render correctly when viewed at 
        2x
        -and corresponding-
        <rdar://problem/11167820>

        Reviewed by Dan Bernstein.

        StyleImage::computeIntrinsicDimensions() is only called from one 
        place: RenderBoxModelObject::calculateIntrinsicDimensions(), and that 
        is only used for background images and border images. In my original 
        image-set work, I decided that 
        StyleCachedImageSet::computeIntrinsicDimensions() would compute 
        "intrinsic" dimensions, meaning that they would compute the dimensions 
        that the image resource was pretending to be rather than the actual 
        dimensions of the resource. I chose to do this because it made 
        background images work great without changing the call-site. But border 
        images need to know the actual intrinsic dimensions, so this design 
        decision (which was admittedly questionable from the start) won't 
        stick.
        
        This patch makes StyleImage::computeIntrinsicDimensions() return 
        actual intrinsic dimensions. Then the border-image and background-
        image code is very lightly patched to account for the image's scale 
        factor.

        These functions no longer need the scale factor parameter.
        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::computeIntrinsicDimensions):
        * loader/cache/CachedImage.h:
        (CachedImage):
        * platform/graphics/GeneratedImage.h:
        (GeneratedImage):
        * platform/graphics/GeneratorGeneratedImage.cpp:
        (WebCore::GeneratedImage::computeIntrinsicDimensions):
        * platform/graphics/Image.cpp:
        (WebCore::Image::computeIntrinsicDimensions):
        * platform/graphics/Image.h:
        (Image):
        * platform/graphics/cg/PDFDocumentImage.cpp:
        (WebCore::PDFDocumentImage::computeIntrinsicDimensions):
        * platform/graphics/cg/PDFDocumentImage.h:
        (PDFDocumentImage):
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::computeIntrinsicDimensions):
        * svg/graphics/SVGImage.h:
        (SVGImage):
        * rendering/style/StyleCachedImageSet.cpp:
        (WebCore::StyleCachedImageSet::computeIntrinsicDimensions):
        
        New function on StyleImage returns the image's scale factor. 
        * rendering/style/StyleCachedImageSet.h:
        (WebCore::StyleCachedImageSet::imageScaleFactor):
        * rendering/style/StyleImage.h:
        (WebCore::StyleImage::imageScaleFactor):

        Scale the intrinsic size of the background image down by the scale 
        factor.
        * rendering/RenderBoxModelObject.cpp:
        (WebCore::RenderBoxModelObject::calculateFillTileSize):
        
        Slices should be multiplied by the image's scale factor since they are 
        always expected to the specified in the 1x image's coordinate space.
        (WebCore::RenderBoxModelObject::paintNinePieceImage):

2012-04-30  Arko Saha  <arko@motorola.com>

        Remove custom bindings code in JSHTMLCollectionCustom.cpp for HTMLPropertiesCollection.
        https://bugs.webkit.org/show_bug.cgi?id=85172

        Reviewed by Kentaro Hara.

        Use [JSGenerateToJSObject] in HTMLPropertiesCollection.idl, so that it can generate toJS()
        in JSHTMLPropertiesCollection.cpp automatically.

        * bindings/js/JSHTMLCollectionCustom.cpp:
        (WebCore::toJS):
        * html/HTMLPropertiesCollection.idl:

2012-04-30  No'am Rosenthal  <noam.rosenthal@nokia.com>

        [Texmap] TextureMapperLayer uses intermediate surfaces too eagerly
        https://bugs.webkit.org/show_bug.cgi?id=85103

        Reviewed by Kenneth Rohde Christiansen.

        Instead of automatically using an intermediate surface for layers with opacity and
        children, we limit surface usage for layers with more than one child and for layers with
        one child and contents of its own.

        This prevents us from using intermediate surfaces in cases where a single layer with
        opacity has a single descendant with content, in which case normal blending can be used.

        Covered by existing compositing layout tests.

        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore):
        * platform/graphics/texmap/TextureMapperLayer.h:

2012-04-30  Yi Shen  <yi.4.shen@nokia.com>

        Inserting a paragraph between quoted lines in editing/deleting/delete-4038408-fix.html doesn't work
        https://bugs.webkit.org/show_bug.cgi?id=78193

        Reviewed by Ryosuke Niwa.

        When pasting a copied portion of a blockquote with a newline at the end into an unquoted area,
        the newline is inserted after the blockquote since we don't want it also to be quoted. However,
        this behavior has also applied when we insert a paragraph between quoted lines, which is incorrect.
        To figure out the right place to insert a paragraph, we need providing more information to the
        InsertParagraphSeparatorCommand by introducing a boolean parameter "pasteBlockqutoeIntoUnquotedArea".

        Tests: editing/inserting/insert-paragraph-separator-in-blockquote.html
               editing/pasteboard/paste-wrapped-blockquote-into-nonblockquote.html

        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::insertParagraphSeparator):
        * editing/CompositeEditCommand.h:
        (CompositeEditCommand):
        * editing/InsertParagraphSeparatorCommand.cpp:
        (WebCore::InsertParagraphSeparatorCommand::InsertParagraphSeparatorCommand):
        (WebCore::InsertParagraphSeparatorCommand::doApply):
        * editing/InsertParagraphSeparatorCommand.h:
        (WebCore::InsertParagraphSeparatorCommand::create):
        (InsertParagraphSeparatorCommand):
        * editing/ReplaceSelectionCommand.cpp:
        (WebCore::ReplaceSelectionCommand::doApply):

2012-04-30  Antti Koivisto  <antti@apple.com>

        Protect current element in HTMLLinkElement::setCSSStyleSheet
        https://bugs.webkit.org/show_bug.cgi?id=85166

        Reviewed by Andreas Kling.
        
        Stylesheet loading can trigger script execution.
        
        Test: fast/css/cached-sheet-restore-crash.html

        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::setCSSStyleSheet):

2012-04-29  Keishi Hattori  <keishi@webkit.org>

        Build fix for LocalizedDateMac.mm
        https://bugs.webkit.org/show_bug.cgi?id=85164

        Reviewed by Kent Tamura.

        * platform/text/mac/LocalizedDateMac.mm:
        (WebCore::monthLabels):

2012-04-29  Luke Macpherson  <macpherson@chromium.org>

        Initialize member variables in CSSParser's constructor.
        https://bugs.webkit.org/show_bug.cgi?id=84377

        Reviewed by Kentaro Hara.

        It is good practice not to leave member variables uninitialized. They make debugging more difficult by reducing
        repeatability, and in some cases lead to the possibility of information leakage occuring. This patch simply adds
        initialization of m_numParsedPropertiesBeforeMarginBox to CSSParser's constructor to INVALID_NUM_PARSED_PROPERTIES
        so that the initial state is the same as the state after the properties are cleared.

        No tests added because this is a code style fix, not an actual bug so long as the bison generated code calls
        startDeclarationsForMarginBox() and endDeclarationsForMarginBox() symmetrically. The lack of initialization was
        originally detected by coverity.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::CSSParser):

2012-04-29  Kent Tamura  <tkent@chromium.org>

        [Mac] Add LocalizedDateMac
        https://bugs.webkit.org/show_bug.cgi?id=85039

        Reviewed by Kentaro Hara.

        A date shown <input type=date> should be formatted for user's OS
        settings. Chromium-Mac used LocalizedDateICU.cpp to format/parse visible
        date strings and it didn't reflect user-settings.

        Test: covered by fast/forms/date/date-appearance.html

        * WebCore.gyp/WebCore.gyp:
        Use LocalizedDateMac.mm for OS X instead of LocalizedDateICU.cpp.
        * WebCore.gypi: Add LocalizedDateMac.mm
        * platform/text/mac/LocalizedDateMac.mm: Added.
        (WebCore::createShortDateFormatter):
        Creates a NSDateFormatter with desired settings.
        (WebCore::parseLocalizedDate): Impelment for tyep=date.
        (WebCore::formatLocalizedDate): ditto.
        (WebCore::isYearSymbol): A readability helper for format string parsing.
        (WebCore::isMonthSymbol): ditto.
        (WebCore::isDaySymbol): ditto.
        (WebCore::localizeDateFormat):
        Parse a format string, and replace symbols with user-friendly labels.
        (WebCore::localizedDateFormatText):
        Gets a format string, and apply localizeDateFormat().
        (WebCore::monthLabels): Obtain month names from the system.
        (WebCore::weekDayShortLabels): Obtain week day symbols from the system.
        (WebCore::firstDayOfWeek): Obtain first day of week from the system.
        * platform/text/ICULocale.cpp:
        (WebCore::createFallbackMonthLabels): Uses WTF::monthFullName.

2012-04-29  Sam Weinig  <sam@webkit.org>

        Add support for the Blob constructor (Part 2)
        https://bugs.webkit.org/show_bug.cgi?id=84555

        Address additional feedback on Blob construction.
        - Add exception when the dictionary is not an object.
        - Ensure the proper ordering of dictionary access. Tested via
          throwing exceptions in toString, and ensuring correct one is
          fired first.
        - Changed type of exception throw for invalid enumeration to a
          TypeError.

        Reviewed by Kentaro Hara.

        Updated fast/files/blob-constructor.html to be more comprehensive.

        * bindings/js/JSBlobCustom.cpp:
        (WebCore::JSBlobConstructor::constructJSBlob):
        * bindings/v8/custom/V8BlobCustom.cpp:
        (WebCore::V8Blob::constructorCallback):

2012-04-29  No'am Rosenthal  <noam.rosenthal@nokia.com>

        [Texmap] Leaves demo: wrong geometry when opacity animation kicks in
        https://bugs.webkit.org/show_bug.cgi?id=85096

        Reviewed by Kenneth Rohde Christiansen.

        We should use combined() instead of combinedForChildren() since we don't allow
        intermediate surfaces for preserves-3d. Also, we should apply the offset before
        multiplying the transforms, otherwise the transform-origin is incorrect.

        Covered by existing compositing tests.

        * platform/graphics/texmap/TextureMapperLayer.cpp:
        (WebCore::TextureMapperLayer::paintSelf):
        (WebCore::TextureMapperLayer::paintRecursive):

2012-04-29  Mark Pilgrim  <pilgrim@chromium.org>

        [Chromium] Call highUsageDeltaMB directly
        https://bugs.webkit.org/show_bug.cgi?id=84844

        Reviewed by Kentaro Hara.

        Part of a refactoring series. See tracking bug 82948.

        * bindings/v8/V8GCController.cpp:
        (WebCore::V8GCController::checkMemoryUsage):
        * platform/MemoryUsageSupport.cpp:
        (WebCore):
        (WebCore::MemoryUsageSupport::highUsageDeltaMB):
        * platform/MemoryUsageSupport.h:
        (MemoryUsageSupport):
        * platform/chromium/MemoryUsageSupportChromium.cpp:
        (WebCore::MemoryUsageSupport::highUsageDeltaMB):
        (WebCore):
        * platform/chromium/PlatformSupport.h:
        (PlatformSupport):

2012-04-29  Kentaro Hara  <haraken@chromium.org>

        REGRESSION(r113086): onresize event handler can be deleted in popup window
        https://bugs.webkit.org/show_bug.cgi?id=84908

        Reviewed by Ojan Vafai.

        In a nutshell, an onresize event handler in the popup window
        can be non-deterministically deleted. For more details, please
        look at Chromium issue 123642:
        http://code.google.com/p/chromium/issues/detail?id=123642

        I confirmed that this bug is the regression caused by r113086.

        r113086 introduced the following code:

        void V8LazyEventListener::prepareListenerObject(...) {
            if (hasExistingListenerObject())
                return;
            ...;
            // Since we only parse once, there's no need to keep data
            // used for parsing around anymore.
            m_functionName = String();
            m_code = String();
            m_eventParameterName = String();
            m_sourceURL = String();

            setListenerObject(wrappedFunction);
        }

        This is not correct. The parsing can be done more than once,
        and thus we cannot clear data. This patch removes the above code.

        Consider the following situation:

        (1) Assume '<body onresize="f()"></body>'.
        (2) prepareListenerObject() runs.
        (3) Since this is the first parsing, hasExistingListenerObject()
        returns false. After the parsing, the listener object is set
        by setListenerObject().
        (4) GC runs. Since there is no strong reference to the listener
        object, weakEventListenerCallback() is called back, and the listener
        object is disposed.
        (5) A resize event is triggered.
        (6) prepareListenerObject() is called again. Since the listener object
        is already disposed, hasExistingListenerObject() returns false,
        and the second parsing starts.

        In my investigation, the above situation is happening in the reported
        Chromium bug. Anyway, I am sure that potentially the parsing can be
        done more than once, and thus we must keep m_xxxx data.

        However, this is just a temporary fix. We should fix the code so that
        an alive event listener object is never reclaimed.
        See https://bugs.webkit.org/show_bug.cgi?id=85152 for more details.

        No tests: I tried hard to create a DRT test, but could not.
        The bug depends on the behavior of GC, and thus the reported bug is
        non-deterministic. For example, (as explained in the Chromium issue,)
        the bug does not happen if we load an HTML from network because
        the network latency hides the bug. Also the bug happens in the
        popup window only. If we open the reported HTML in the main window,
        we cannot reproduce the bug.

        * bindings/v8/V8LazyEventListener.cpp:
        (WebCore::V8LazyEventListener::prepareListenerObject):

2012-04-28  Sam Weinig  <sam@webkit.org>

        Smooth scrolling needs a new key
        <rdar://problem/11331632>

        Reviewed by Geoffrey Garen.

        * platform/mac/ScrollAnimatorMac.mm:
        (WebCore::scrollAnimationEnabledForSystem):
        (WebCore::ScrollAnimatorMac::scroll):
        Update for new key.

2012-04-28  Li Yin  <li.yin@intel.com>

        MessagePort must set m_closed to be true at the end of MessagePort::close function
        https://bugs.webkit.org/show_bug.cgi?id=85139

        In the function MessagePort::close, the "m_closed = true" must be executed at the end, not at the beginning.
        Or, the m_entangledChannel->close() will not be executed.
        And it resulted in the failure of MS bench mark messagechannel_close.htm.
        http://samples.msdn.microsoft.com/ietestcenter/WebWorkers/messagechannel_close.htm

        Reviewed by Kentaro Hara.

        Test: fast/events/message-port-close.html

        * dom/MessagePort.cpp:
        (WebCore::MessagePort::close):

2012-04-28  Sam Weinig  <sam@webkit.org>

        And again.

        * bindings/v8/custom/V8BlobCustom.cpp:
        (WebCore::V8Blob::constructorCallback):

2012-04-28  Sam Weinig  <sam@webkit.org>

        Once again, try to make these puppies work.

        * bindings/v8/custom/V8BlobCustom.cpp:

2012-04-28  Sam Weinig  <sam@webkit.org>

        Fix the Chromium build.

        * bindings/v8/custom/V8BlobCustom.cpp:
        (WebCore::V8Blob::constructorCallback):

2012-04-27  Sam Weinig  <sam@webkit.org>

        Add support for the Blob constructor
        https://bugs.webkit.org/show_bug.cgi?id=84555

        Reviewed by Maciej Stachowiak.

        Test: fast/files/blob-constructor.html

        This adds an implementation of the Blob constructor that willfully
        violates the W3C Editor’s Draft 29 February 2012 in the following ways:
        - Elements in the parts array are coerced to DOMStrings https://www.w3.org/Bugs/Public/show_bug.cgi?id=16721 
        - Don't throw for invalid key in the dictionary https://www.w3.org/Bugs/Public/show_bug.cgi?id=16727
        - Values for the endings property are treated as enums https://www.w3.org/Bugs/Public/show_bug.cgi?id=16729 

        * bindings/js/JSBlobCustom.cpp:
        (WebCore::JSBlobConstructor::constructJSBlob):
        Implement blob constructor.

        * bindings/v8/custom/V8BlobCustom.cpp:
        (WebCore::V8Blob::constructorCallback):
        Implement blob constructor.

        * fileapi/Blob.idl:
        Add constructor to IDL.

        * workers/WorkerContext.idl:
        Add Blob constructor to the worker global object.

2012-04-28  Igor Oliveira  <igor.o@sisa.samsung.com>

        Move PropertyWrapper out of the  AnimationBase
        https://bugs.webkit.org/show_bug.cgi?id=84978

        Reviewed by Dean Jackson.

        AnimationBase is a complex class. It has a state machine and a bunch of
        property handlers. This patch moves the property handlers to a separate
        class making AnimationBase simpler.

        * CMakeLists.txt:
        * GNUmakefile.list.am:
        * Target.pri:
        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * page/animation/AnimationBase.cpp:
        * page/animation/AnimationBase.h:
        (AnimationBase):
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationController::supportsAcceleratedAnimationOfProperty):
        * page/animation/CSSPropertyAnimation.cpp: Added.
        (WebCore):
        (WebCore::blendFunc):
        (WebCore::crossfadeBlend):
        (AnimationPropertyWrapperBase):
        (WebCore::AnimationPropertyWrapperBase::AnimationPropertyWrapperBase):
        (WebCore::AnimationPropertyWrapperBase::~AnimationPropertyWrapperBase):
        (WebCore::AnimationPropertyWrapperBase::isShorthandWrapper):
        (WebCore::AnimationPropertyWrapperBase::property):
        (WebCore::AnimationPropertyWrapperBase::animationIsAccelerated):
        (WebCore::addPropertyWrapper):
        (WebCore::wrapperForProperty):
        (PropertyWrapperGetter):
        (WebCore::PropertyWrapperGetter::PropertyWrapperGetter):
        (WebCore::PropertyWrapperGetter::equals):
        (PropertyWrapper):
        (WebCore::PropertyWrapper::PropertyWrapper):
        (WebCore::PropertyWrapper::blend):
        (RefCountedPropertyWrapper):
        (WebCore::RefCountedPropertyWrapper::RefCountedPropertyWrapper):
        (WebCore::RefCountedPropertyWrapper::blend):
        (StyleImagePropertyWrapper):
        (WebCore::StyleImagePropertyWrapper::StyleImagePropertyWrapper):
        (WebCore::StyleImagePropertyWrapper::equals):
        (PropertyWrapperColor):
        (WebCore::PropertyWrapperColor::PropertyWrapperColor):
        (WebCore::PropertyWrapperColor::blend):
        (PropertyWrapperAcceleratedOpacity):
        (WebCore::PropertyWrapperAcceleratedOpacity::PropertyWrapperAcceleratedOpacity):
        (WebCore::PropertyWrapperAcceleratedOpacity::animationIsAccelerated):
        (WebCore::PropertyWrapperAcceleratedOpacity::blend):
        (PropertyWrapperAcceleratedTransform):
        (WebCore::PropertyWrapperAcceleratedTransform::PropertyWrapperAcceleratedTransform):
        (WebCore::PropertyWrapperAcceleratedTransform::animationIsAccelerated):
        (WebCore::PropertyWrapperAcceleratedTransform::blend):
        (PropertyWrapperAcceleratedFilter):
        (WebCore::PropertyWrapperAcceleratedFilter::PropertyWrapperAcceleratedFilter):
        (WebCore::PropertyWrapperAcceleratedFilter::animationIsAccelerated):
        (WebCore::PropertyWrapperAcceleratedFilter::blend):
        (WebCore::shadowListLength):
        (WebCore::shadowForBlending):
        (PropertyWrapperShadow):
        (WebCore::PropertyWrapperShadow::PropertyWrapperShadow):
        (WebCore::PropertyWrapperShadow::equals):
        (WebCore::PropertyWrapperShadow::blend):
        (WebCore::PropertyWrapperShadow::blendSimpleOrMatchedShadowLists):
        (WebCore::PropertyWrapperShadow::blendMismatchedShadowLists):
        (PropertyWrapperMaybeInvalidColor):
        (WebCore::PropertyWrapperMaybeInvalidColor::PropertyWrapperMaybeInvalidColor):
        (WebCore::PropertyWrapperMaybeInvalidColor::equals):
        (WebCore::PropertyWrapperMaybeInvalidColor::blend):
        (PropertyWrapperVisitedAffectedColor):
        (WebCore::PropertyWrapperVisitedAffectedColor::PropertyWrapperVisitedAffectedColor):
        (WebCore::PropertyWrapperVisitedAffectedColor::equals):
        (WebCore::PropertyWrapperVisitedAffectedColor::blend):
        (FillLayerAnimationPropertyWrapperBase):
        (WebCore::FillLayerAnimationPropertyWrapperBase::FillLayerAnimationPropertyWrapperBase):
        (WebCore::FillLayerAnimationPropertyWrapperBase::~FillLayerAnimationPropertyWrapperBase):
        (FillLayerPropertyWrapperGetter):
        (WebCore::FillLayerPropertyWrapperGetter::FillLayerPropertyWrapperGetter):
        (WebCore::FillLayerPropertyWrapperGetter::equals):
        (FillLayerPropertyWrapper):
        (WebCore::FillLayerPropertyWrapper::FillLayerPropertyWrapper):
        (WebCore::FillLayerPropertyWrapper::blend):
        (FillLayerRefCountedPropertyWrapper):
        (WebCore::FillLayerRefCountedPropertyWrapper::FillLayerRefCountedPropertyWrapper):
        (WebCore::FillLayerRefCountedPropertyWrapper::blend):
        (FillLayerStyleImagePropertyWrapper):
        (WebCore::FillLayerStyleImagePropertyWrapper::FillLayerStyleImagePropertyWrapper):
        (WebCore::FillLayerStyleImagePropertyWrapper::equals):
        (FillLayersPropertyWrapper):
        (WebCore::FillLayersPropertyWrapper::FillLayersPropertyWrapper):
        (WebCore::FillLayersPropertyWrapper::equals):
        (WebCore::FillLayersPropertyWrapper::blend):
        (ShorthandPropertyWrapper):
        (WebCore::ShorthandPropertyWrapper::ShorthandPropertyWrapper):
        (WebCore::ShorthandPropertyWrapper::isShorthandWrapper):
        (WebCore::ShorthandPropertyWrapper::equals):
        (WebCore::ShorthandPropertyWrapper::blend):
        (WebCore::ShorthandPropertyWrapper::propertyWrappers):
        (PropertyWrapperFlex):
        (WebCore::PropertyWrapperFlex::PropertyWrapperFlex):
        (WebCore::PropertyWrapperFlex::equals):
        (WebCore::PropertyWrapperFlex::blend):
        (PropertyWrapperSVGPaint):
        (WebCore::PropertyWrapperSVGPaint::PropertyWrapperSVGPaint):
        (WebCore::PropertyWrapperSVGPaint::equals):
        (WebCore::PropertyWrapperSVGPaint::blend):
        (WebCore::addShorthandProperties):
        (WebCore::CSSPropertyAnimation::ensurePropertyMap):
        (WebCore::gatherEnclosingShorthandProperties):
        (WebCore::CSSPropertyAnimation::blendProperties):
        (WebCore::CSSPropertyAnimation::animationOfPropertyIsAccelerated):
        (WebCore::CSSPropertyAnimation::animatableShorthandsAffectingProperty):
        (WebCore::CSSPropertyAnimation::propertiesEqual):
        (WebCore::CSSPropertyAnimation::getPropertyAtIndex):
        (WebCore::CSSPropertyAnimation::getNumProperties):
        * page/animation/CSSPropertyAnimation.h: Added.
        (WebCore):
        (CSSPropertyAnimation):
        * page/animation/CompositeAnimation.cpp:
        (WebCore::CompositeAnimation::updateTransitions):
        (WebCore::CompositeAnimation::pauseTransitionAtTime):
        * page/animation/ImplicitAnimation.cpp:
        (WebCore::ImplicitAnimation::animate):
        (WebCore::ImplicitAnimation::getAnimatedStyle):
        (WebCore::ImplicitAnimation::isTargetPropertyEqual):
        (WebCore::ImplicitAnimation::blendPropertyValueInStyle):
        (WebCore::ImplicitAnimation::timeToNextService):
        * page/animation/KeyframeAnimation.cpp:
        (WebCore::KeyframeAnimation::animate):
        (WebCore::KeyframeAnimation::getAnimatedStyle):
        (WebCore::KeyframeAnimation::timeToNextService):
        * rendering/style/RenderStyle.h:

2012-04-28  Geoffrey Garen  <ggaren@apple.com>

        Clarified JSGlobalData (JavaScript VM) lifetime
        https://bugs.webkit.org/show_bug.cgi?id=85142

        Reviewed by Anders Carlsson.

        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::~WorkerScriptController): Slightly 
        simpler than before. We can't just rely on our default destructor 
        because we need to hold the JSLock when we tear down the VM.

        * bridge/NP_jsobject.cpp:
        (_NPN_InvokeDefault):
        (_NPN_Invoke):
        (_NPN_Evaluate):
        (_NPN_Construct): Don't RefPtr<> the JSGlobalData because it makes it 
        seem like you know something the rest of our code doesn't know. The 
        plugin JSGlobalData is immortal, anyway.

        I also removed some timeout checker related code because that feature 
        doesn't work anymore, so it was effectively dead code.

2012-04-28  Ilya Tikhonovsky  <loislo@chromium.org>

        Web Inspector: InspectorFrontendHost.append has to be implemented for saving heap snapshots.
        https://bugs.webkit.org/show_bug.cgi?id=85137

        We can save a file with help of InspectorFrontendHost.save method,
        but it is suitable only for relatively small portions of data and
        can't process the 6Gb heap snapshot.
        These methods just pass the url and content into embedder.

        Reviewed by Yury Semikhatsky.

        * inspector/InspectorFrontendClient.h:
        (InspectorFrontendClient):
        * inspector/InspectorFrontendClientLocal.h:
        (WebCore::InspectorFrontendClientLocal::append):
        * inspector/InspectorFrontendHost.cpp:
        (WebCore::InspectorFrontendHost::append):
        (WebCore):
        * inspector/InspectorFrontendHost.h:
        (InspectorFrontendHost):
        * inspector/InspectorFrontendHost.idl:

2012-04-28  No'am Rosenthal  <noam.rosenthal@nokia.com>

        [Qt][Texmap] Error of cross-compiling webkit with Qt 4.8.1
        https://bugs.webkit.org/show_bug.cgi?id=84321

        Speculative build-fix for Qt 4.8.
        Use QGLContext for Qt 4.x instead of the platform-specific context.

        Reviewed by Simon Hausmann.

        No new tests, build fix.

        * platform/graphics/texmap/TextureMapperGL.cpp:
        (SharedGLData):
        (WebCore::TextureMapperGLData::SharedGLData::getCurrentGLContext):

2012-04-28  No'am Rosenthal  <noam.rosenthal@nokia.com>

        [Texmap] Falling leaves demo missing opacity fade out animation
        https://bugs.webkit.org/show_bug.cgi?id=83691

        Reviewed by Martin Robinson.

        The bug originated from clearing an intermediate surface with glClear while the scissor
        state was wrong.
        When using intermediate surfaces, maintain a clip-stack for each surface, rather than
        a single clip-stack for the whole scene. When a surface is bound, its clip stack should
        be applied.

        Covered by existing compositing tests.

        * platform/graphics/texmap/TextureMapperGL.cpp:
        (SharedGLData):
        (WebCore::TextureMapperGL::ClipStack::push):
        (WebCore):
        (WebCore::TextureMapperGL::ClipStack::pop):
        (WebCore::scissorClip):
        (WebCore::TextureMapperGL::ClipStack::apply):
        (WebCore::TextureMapperGL::clipStack):
        (WebCore::TextureMapperGL::beginPainting):
        (WebCore::TextureMapperGL::drawTexture):
        (WebCore::BitmapTextureGL::didReset):
        (WebCore::BitmapTextureGL::clearIfNeeded):
        (WebCore::BitmapTextureGL::createFboIfNeeded):
        (WebCore::BitmapTextureGL::bind):
        (WebCore::TextureMapperGL::bindDefaultSurface):
        (WebCore::TextureMapperGL::bindSurface):
        (WebCore::TextureMapperGL::beginScissorClip):
        (WebCore::TextureMapperGL::beginClip):
        (WebCore::TextureMapperGL::endClip):
        * platform/graphics/texmap/TextureMapperGL.h:
        (TextureMapperGL):
        (ClipState):
        (WebCore::TextureMapperGL::ClipState::ClipState):
        (ClipStack):
        (WebCore::TextureMapperGL::ClipStack::current):
        (WebCore::TextureMapperGL::ClipStack::clear):
        (BitmapTextureGL):
        (WebCore::BitmapTextureGL::BitmapTextureGL):

2012-04-26  Emil A Eklund  <eae@chromium.org> and Levi Weintraub  <leviw@chromium.org>

        Move Length and CSS length computation to float
        https://bugs.webkit.org/show_bug.cgi?id=84801

        Reviewed by Eric Seidel.

        Change Length and CSS length computation to floating point. This gets us
        closer to the goal of supporting subpixel layout and improves precision
        for SVG which already uses floating point for its layout.

        This change makes computedStyle return fractional values for pixel values
        if a fraction is specified. It also changes the result of computations
        where two or more values with fractional precision. Prior to this change
        the result of Length(2.9) + Length(2.9) would be 4 as each value would be
        floored. With this change the result is 5 as the addition is done with
        floating point precision and then the result will be floored. Once we
        enable subpixel layout the resulting value in this example would be 5.8.

        Updated existing layout tests.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::zoomAdjustedPixelValue):
        * css/CSSPrimitiveValue.cpp:
        (WebCore::CSSPrimitiveValue::computeLength):
        * css/CSSPrimitiveValue.h:
        (WebCore):
        (WebCore::roundForImpreciseConversion):
        Add specialized float version of roundForImpreciseConversion that matches
        the int versions rounding logic.
        
        If a value is sufficiently close to the next integer round it up to
        ensure that a style rule such as "width: 4.999px" evaluates to 5px
        instead of 4px. This is needed as, although Lengths are using floating
        point, the layout system still uses integer precision and floors the
        Length values.
        This will change once we move to FractionalLayoutUnits but for now this
        is needed to ensure compatibility with the existing system and tests.
        
        Without this specialized rounding logic we fail a handful of tests
        including acid3.
        
        * platform/Length.h:
        (WebCore::Length::value):
        (Length):
        (WebCore::Length::intValue):
        * rendering/RenderTableCell.cpp:
        (WebCore::RenderTableCell::styleOrColLogicalWidth):

2012-04-28  Alexander Pavlov  <apavlov@chromium.org>

        Web Inspector: Enable touch events feature fails touch feature detection
        https://bugs.webkit.org/show_bug.cgi?id=84397

        Whenever the touch emulation is enabled, Inspector adds a script to evaluate on load,
        that adds ontouch(start|end|move|cancel) properties to window.__proto__ and document.__proto__.

        Reviewed by Pavel Feldman.

        * inspector/front-end/DOMAgent.js:
        (WebInspector.DOMAgent.prototype._emulateTouchEventsChanged.get if):
        (WebInspector.DOMAgent.prototype._emulateTouchEventsChanged.scriptAddedCallback):
        (WebInspector.DOMAgent.prototype._emulateTouchEventsChanged):
        * inspector/front-end/inspector.js:

2012-04-28  Eugene Klyuchnikov  <eustas.bug@gmail.com>

        Web Inspector: Shortcuts screen UI polish
        https://bugs.webkit.org/show_bug.cgi?id=84708

          1) remove inconsistent shadow;
          2) reduce border radius;
          3) vertically center the “X” button;
          4) replace unreadable symbolic shortcuts with text;
          5) gaps / colors / opacity adjustments;
          6) section-to-column distribution algorithm is replaced with a fair one.

        Reviewed by Pavel Feldman.

        This is a UI polising patch, so no new tests added.

        * English.lproj/localizedStrings.js: added keyboars arrow keys items
        * inspector/front-end/KeyboardShortcut.js: replace unreadable symbolic shortcuts with text
        * inspector/front-end/ShortcutsScreen.js:
        (WebInspector.ShortcutsScreen):
        (WebInspector.ShortcutsScreen.prototype.show): remove redundant parameter
        (WebInspector.ShortcutsScreen.prototype._buildTable): change section distributing algorithm
        (WebInspector.ShortcutsSection.prototype.renderSection): render colon with margins
        (WebInspector.ShortcutsSection.prototype._renderHeader): apply classname to th elements
        * inspector/front-end/helpScreen.css:
        (.help-window-main): reduce radius, remove shadow; tune color and opacity
        (.help-window-caption): fix spacing; add ruler
        (.help-window-title): fix spacing; remove ruler
        (.help-content): fix spacing
        (.help-close-button): fix spacing; adjust background color
        (.help-column-table): fix spacing
        (.help-table > tr > th): fix color
        (.help-key): fix color
        (.help-combine-keys, .help-key-delimiter): extract common style
        (.help-combine-keys): remove dupe
        (.help-section-title): add space between sections

2012-04-28  Noel Gordon  <noel.gordon@gmail.com>

        Remove PlatformTouchPointQt.cpp PlatformTouchEventQt.cpp from the gyp projects
        https://bugs.webkit.org/show_bug.cgi?id=85132

        Unreviewed VS2010 gyp project generation fix.

        PlatformTouchPointQt.cpp and PlatformTouchEventQt.cpp were removed in r115312,
        so remove them from the gyp projects.

        * WebCore.gypi:

2012-04-28  Nikolas Zimmermann  <nzimmermann@rim.com>

        <animateTransform type="scale"> should use '0' as effective from value not '1', if no base value is specified and from is not given
        https://bugs.webkit.org/show_bug.cgi?id=85133

        It should start from scale=0. I had that fixed before, but it got lost during merging. Restore the fix.
        See bug 85051, for more context why this is correct.

        Tests: svg/animations/animateTransform-by-scale-1-expected.svg
               svg/animations/animateTransform-by-scale-1.svg

        * svg/SVGAnimatedTransformList.cpp:
        (WebCore::SVGAnimatedTransformListAnimator::calculateAnimatedValue):

2012-04-28  Nikolas Zimmermann  <nzimmermann@rim.com>

        SVGAnimateColorElement doesn't support by/to animations properly
        https://bugs.webkit.org/show_bug.cgi?id=36704

        Reviewed by Antti Koivisto.

        Switch AnimatedColorAnimator to use the standard animateAdditiveNumber() method, taking progress & repeatCount into account.
        This gives us accumulation/repeatCount support for free.

        We just animate the four color components on their own now and clamp once at the end after addition/accumulation finished.
        Import <animateColor> tests from Dr. Olaf Hoffmanns SVG Animation test suite, which all pass now.

        While I was at it, remove the includeSMILProperties boolean from computeCSSPropertyValue - we always use the computed style
        without SMIL effects included, whenever we want to retrieve the "base value", or handle "inherit/currentColor".

        Tests: svg/animations/animateColor-additive-2a-expected.svg
               svg/animations/animateColor-additive-2a.svg
               svg/animations/animateColor-additive-2b-expected.svg
               svg/animations/animateColor-additive-2b.svg
               svg/animations/animateColor-additive-2c-expected.svg
               svg/animations/animateColor-additive-2c.svg
               svg/animations/animateColor-additive-2d-expected.svg
               svg/animations/animateColor-additive-2d.svg

        * svg/ColorDistance.cpp:
        (WebCore::ColorDistance::clampColor):
        (WebCore::ColorDistance::addColors):
        (WebCore::ColorDistance::addToColor):
        * svg/ColorDistance.h:
        (ColorDistance):
        * svg/SVGAnimateElement.cpp:
        (WebCore::SVGAnimateElement::resetToBaseValue):
        * svg/SVGAnimatedColor.cpp:
        (WebCore::SVGAnimatedColorAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedColorAnimator::calculateAnimatedValue):
        * svg/SVGAnimationElement.cpp:
        (WebCore::SVGAnimationElement::computeCSSPropertyValue):
        (WebCore::SVGAnimationElement::adjustForInheritance):
        * svg/SVGAnimationElement.h:
        (SVGAnimationElement):

2012-04-28  Nikolas Zimmermann  <nzimmermann@rim.com>

        Not reviewed. Fix Qt build -- I was too quick.

        * rendering/svg/SVGPathData.cpp: Add back Path.h include.

2012-04-28  Nikolas Zimmermann  <nzimmermann@rim.com>

        Rename SVGPathParserFactory to SVGPathUtilities and remove the obsolete singleton
        https://bugs.webkit.org/show_bug.cgi?id=85129

        SVGPathParserFactory implements the singleton pattern, but stores no members.
        Remove the singleton and move all functions to free-functions into SVGPathUtilities.h.

        Makes the code easier to read - doesn't affect any tests.

        * CMakeLists.txt:
        * GNUmakefile.list.am:
        * Target.pri:
        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/svg/SVGPathData.cpp:
        (WebCore::updatePathFromPathElement):
        * rendering/svg/SVGRenderTreeAsText.cpp:
        (WebCore::operator<<):
        * svg/SVGAllInOne.cpp:
        * svg/SVGAnimateMotionElement.cpp:
        (WebCore::SVGAnimateMotionElement::parseAttribute):
        * svg/SVGAnimatedPath.cpp:
        (WebCore::SVGAnimatedPathAnimator::constructFromString):
        (WebCore::SVGAnimatedPathAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedPathAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedPathAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedPathAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedType.cpp:
        * svg/SVGGlyphElement.cpp:
        (WebCore::SVGGlyphElement::buildGenericGlyphIdentifier):
        * svg/SVGPathBlender.cpp: Fix typo s/;;/;/
        * svg/SVGPathElement.cpp:
        (WebCore::SVGPathElement::getTotalLength):
        (WebCore::SVGPathElement::getPointAtLength):
        (WebCore::SVGPathElement::getPathSegAtLength):
        (WebCore::SVGPathElement::parseAttribute):
        (WebCore::SVGPathElement::svgAttributeChanged):
        (WebCore::SVGPathElement::lookupOrCreateDWrapper):
        (WebCore::SVGPathElement::pathSegListChanged):
        * svg/SVGPathParserFactory.h: Removed.
        * svg/SVGPathSegList.cpp:
        (WebCore::SVGPathSegList::valueAsString):
        * svg/SVGPathUtilities.cpp: Renamed from Source/WebCore/svg/SVGPathParserFactory.cpp.
        (WebCore):
        (WebCore::globalSVGPathBuilder):
        (WebCore::globalSVGPathSegListBuilder):
        (WebCore::globalSVGPathByteStreamBuilder):
        (WebCore::globalSVGPathStringBuilder):
        (WebCore::globalSVGPathTraversalStateBuilder):
        (WebCore::globalSVGPathParser):
        (WebCore::globalSVGPathBlender):
        (WebCore::buildPathFromString):
        (WebCore::buildSVGPathByteStreamFromSVGPathSegList):
        (WebCore::buildPathFromByteStream):
        (WebCore::buildSVGPathSegListFromByteStream):
        (WebCore::buildStringFromByteStream):
        (WebCore::buildStringFromSVGPathSegList):
        (WebCore::buildSVGPathByteStreamFromString):
        (WebCore::buildAnimatedSVGPathByteStream):
        (WebCore::addToSVGPathByteStream):
        (WebCore::getSVGPathSegAtLengthFromSVGPathByteStream):
        (WebCore::getTotalLengthOfSVGPathByteStream):
        (WebCore::getPointAtLengthOfSVGPathByteStream):
        * svg/SVGPathUtilities.h: Added.
        (WebCore):
        * svg/properties/SVGAnimatedPathSegListPropertyTearOff.h:
        (WebCore::SVGAnimatedPathSegListPropertyTearOff::animValDidChange):

2012-04-28  Nikolas Zimmermann  <nzimmermann@rim.com>

        Fix repetitions & by animation support for path animations
        https://bugs.webkit.org/show_bug.cgi?id=85071

        Rubber-stamped by Antti Koivisto.

        Cleanup SVGPathBlender, to make it more readable.

        * svg/SVGPathBlender.cpp:
        (WebCore::SVGPathBlender::blendLineToHorizontalSegment):
        (WebCore::SVGPathBlender::blendLineToVerticalSegment):
        (WebCore::SVGPathBlender::blendArcToSegment):
        (WebCore::SVGPathBlender::blendAnimatedPath):

2012-04-28  Yury Semikhatsky  <yurys@chromium.org>

        Unreviewed. Qt build fix: added new exported symbols.

        * WebCore.exp.in:

2012-04-28  Yury Semikhatsky  <yurys@chromium.org>

        Unreviewed. Fix Qt minimal build after r115553.

        * inspector/InspectorConsoleAgent.h:

2012-04-27  Nikolas Zimmermann  <nzimmermann@rim.com>

        Fix repetitions & by animation support for path animations
        https://bugs.webkit.org/show_bug.cgi?id=85071

        Reviewed by Antti Koivisto.

        Implement additive="sum" / by-animation support for path animations, eg.
        <path d="M 10 10 L 10 100 Z">
            <animate attributeName="d" begin="0s" dur="4s" by="M 0 0 L 90 0 Z"/>
        <path>

        animates the d attribute to "M 10 10 L 100 100 0 Z".

        Now only <animateColor> and <animateMotion> are left to be fixed, all other types are working as expected now in all additive/accumulate/from-by/by/from-to animations.

        Tests: svg/animations/path-animation-expected.svg
               svg/animations/repeating-path-animation-expected.svg
               svg/animations/repeating-path-animation.svg

        * svg/SVGAnimatedPath.cpp:
        (WebCore::SVGAnimatedPathAnimator::addAnimatedTypes): Implemented, to support by-animations, instead of falling back to to-animations.
        (WebCore::SVGAnimatedPathAnimator::calculateAnimatedValue): Handle repetitions, accumulation & addition.
        * svg/SVGPathBlender.cpp: Allow empty from source everywhere, use default values if no from value is specified, needed for by-animations.
        (WebCore::SVGPathBlender::SVGPathBlender):
        (WebCore::SVGPathBlender::blendAnimatedDimensonalFloat):
        (WebCore::SVGPathBlender::blendAnimatedFloatPoint):
        (WebCore::SVGPathBlender::blendMoveToSegment):
        (WebCore::SVGPathBlender::blendLineToSegment):
        (WebCore::SVGPathBlender::blendLineToHorizontalSegment):
        (WebCore::SVGPathBlender::blendLineToVerticalSegment):
        (WebCore::SVGPathBlender::blendCurveToCubicSegment):
        (WebCore::SVGPathBlender::blendCurveToCubicSmoothSegment):
        (WebCore::SVGPathBlender::blendCurveToQuadraticSegment):
        (WebCore::SVGPathBlender::blendCurveToQuadraticSmoothSegment):
        (WebCore::SVGPathBlender::blendArcToSegment):
        (WebCore::SVGPathBlender::addAnimatedPath):
        (WebCore::SVGPathBlender::blendAnimatedPath):
        * svg/SVGPathBlender.h: Add new addAnimatedPath function.
        (SVGPathBlender):
        * svg/SVGPathByteStream.h:
        (SVGPathByteStream): Make SVGPathByteStreams copyable, needed for SVGAnimatedPathAnimator.
        (WebCore::SVGPathByteStream::size): Returns size of the SVGPathByteStream.
        * svg/SVGPathParserFactory.cpp:
        (WebCore::SVGPathParserFactory::buildAnimatedSVGPathByteStream): Allow empty from streams, needed for by animations. 
        (WebCore::SVGPathParserFactory::addToSVGPathByteStream): Add 'byStream' 'repeatCount' times to 'toStream'. Both streams must match in size.
        * svg/SVGPathParserFactory.h: Add new addToSVGPathByteStream function.
        * svg/SVGPointList.cpp: Remove dead code.
        * svg/SVGPointList.h: Ditto.
        (SVGPointList):

2012-04-28  Nikolas Zimmermann  <nzimmermann@rim.com>

        SVGAnimateMotion does not handle accumulation
        https://bugs.webkit.org/show_bug.cgi?id=18564

        Reviewed by Antti Koivisto.

        Implement accumulation for <animateMotion>. Add lots of new
        reftests, verifying additive/accumulate behavior is correct.

        Tests: svg/animations/animateMotion-additive-1-expected.svg
               svg/animations/animateMotion-additive-1.svg
               svg/animations/animateMotion-additive-2a-expected.svg
               svg/animations/animateMotion-additive-2a.svg
               svg/animations/animateMotion-additive-2b-expected.svg
               svg/animations/animateMotion-additive-2b.svg
               svg/animations/animateMotion-additive-2c-expected.svg
               svg/animations/animateMotion-additive-2c.svg
               svg/animations/animateMotion-additive-2d-expected.svg
               svg/animations/animateMotion-additive-2d.svg
               svg/animations/mozilla/animateMotion-by-1-expected.svg
               svg/animations/mozilla/animateMotion-by-1.svg
               svg/animations/mozilla/animateMotion-from-to-1-expected.svg
               svg/animations/mozilla/animateMotion-from-to-1.svg
               svg/animations/mozilla/animateMotion-indefinite-to-1-expected.svg
               svg/animations/mozilla/animateMotion-indefinite-to-1.svg
               svg/animations/mozilla/animateMotion-indefinite-to-2-expected.svg
               svg/animations/mozilla/animateMotion-indefinite-to-2.svg
               svg/animations/mozilla/animateMotion-mpath-pathLength-1-expected.svg
               svg/animations/mozilla/animateMotion-mpath-pathLength-1.svg
               svg/animations/mozilla/animateMotion-mpath-targetChange-1-expected.svg
               svg/animations/mozilla/animateMotion-mpath-targetChange-1.svg
               svg/animations/mozilla/animateMotion-to-overridden-1-expected.svg
               svg/animations/mozilla/animateMotion-to-overridden-1.svg

        * svg/SVGAnimateMotionElement.cpp:
        (WebCore::SVGAnimateMotionElement::SVGAnimateMotionElement):
        (WebCore::SVGAnimateMotionElement::buildTransformForProgress):
        (WebCore::SVGAnimateMotionElement::calculateAnimatedValue):
        * svg/SVGAnimateMotionElement.h:

2012-04-27  Yury Semikhatsky  <yurys@chromium.org>

        ScriptStateProtectedPtr should not keep a strong reference to the context
        https://bugs.webkit.org/show_bug.cgi?id=85009

        Delete console message arguments when DOMWindow where the messages were created
        is reset on its frame.

        Reviewed by Pavel Feldman.

        Test: http/tests/inspector-enabled/console-clear-arguments-on-frame-navigation.html

        * inspector/ConsoleMessage.cpp:
        (WebCore::ConsoleMessage::addToFrontend):
        (WebCore::ConsoleMessage::windowCleared):
        (WebCore::ConsoleMessage::argumentCount):
        (WebCore):
        * inspector/ConsoleMessage.h:
        (ConsoleMessage):
        * inspector/InspectorConsoleAgent.cpp:
        (WebCore::InspectorConsoleAgent::consoleMessageArgumentCounts):
        (WebCore):
        * inspector/InspectorConsoleAgent.h:
        (InspectorConsoleAgent):
        * page/Frame.cpp:
        (WebCore::Frame::clearDOMWindow):
        (WebCore::Frame::setDOMWindow):
        * testing/Internals.cpp:
        (WebCore):
        (WebCore::Internals::consoleMessageArgumentCounts):
        * testing/Internals.h:
        (Internals):
        * testing/Internals.idl:

2012-04-27  Jochen Eisinger  <jochen@chromium.org>

        Ensure that there's always a provisional document loader if the frame loader is in provisional state
        https://bugs.webkit.org/show_bug.cgi?id=83894

        Reviewed by Nate Chapin.

        We're still seeing crashes in the FrameLoader where the FrameLoader's
        state is "provisional" but there is no provisional document loader. I
        added code to update the FrameLoader's state everytime the provisional
        document loader is cleared, and added checks that the FrameLoader's
        state can't be set to provisional without a provisional loader.

        If the crashes go away, or the newly added checks reveal the culprit,
        we should relex the checks to use ASSERT() instead of CRASH().

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::init):
        (WebCore::FrameLoader::setupForReplace):
        (WebCore::FrameLoader::stopAllLoaders):
        (WebCore::FrameLoader::clearProvisionalLoad):
        (WebCore::FrameLoader::continueFragmentScrollAfterNavigationPolicy):
        (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):

2012-04-27  Geoffrey Garen  <ggaren@apple.com>

        Try to fix the Qt build.

        * bridge/qt/qt_runtime.cpp:
        (JSC::Bindings::QtRuntimeMethod::finishCreation):

2012-04-27  Geoffrey Garen  <ggaren@apple.com>

        Made WeakSet::allocate() static and removed its JSGlobalData argument
        https://bugs.webkit.org/show_bug.cgi?id=85128

        Reviewed by Anders Carlsson.

        Mechanically removed JSGlobalData arguments from PassWeak<T> and Weak<T> allocation.

        * bindings/js/JSDOMBinding.cpp:
        (WebCore::jsStringSlowCase):
        * bindings/js/JSEventListener.h:
        (WebCore::JSEventListener::setWrapper):
        * bindings/js/JSNodeFilterCondition.cpp:
        (WebCore::JSNodeFilterCondition::JSNodeFilterCondition):
        * bindings/js/ScriptWrappable.h:
        (WebCore::ScriptWrappable::setWrapper):
        * bridge/jsc/BridgeJSC.cpp:
        (JSC::Bindings::Instance::createRuntimeObject):
        * bridge/qt/qt_runtime.cpp:
        (JSC::Bindings::QtRuntimeMethod::finishCreation):
        * bridge/runtime_root.cpp:
        (JSC::Bindings::RootObject::addRuntimeObject):

2012-04-27  Mark Rowe  <mrowe@apple.com>

        <rdar://problem/11313710> Leaks under WebCore::CSSImageSetValue::cachedImageSet when running tests

        There was a reference cycle between CSSImageSetValue and StyleCachedImageSet via
        CSSImageSetValue::m_imageSet / StyleCachedImageSet::m_imageSetValue. Break the cycle
        by having StyleCachedImageSet hold a weak reference to the CSSImageSetValue rather
        than a strong reference.

        Reviewed by Geoff Garen.

        * rendering/style/StyleCachedImageSet.cpp:
        (WebCore::StyleCachedImageSet::StyleCachedImageSet):
        * rendering/style/StyleCachedImageSet.h:
        (StyleCachedImageSet):

2012-04-27  Mark Rowe  <mrowe@apple.com>

        <rdar://problem/10346980> REGRESSION: Cannot enter text in Dashboard widget fields that have placeholder attribute

        Remove a dashboard backwards compatibility quirk that was in place to support an old version
        of the Stocks widget. It prevented the pointer-events property from being applied in Dashboard
        widgets, which caused -webkit-input-placeholder elements to eat mouse clicks rather than giving
        focus to the containing input elements. The offending widget has long since been fixed.

        Reviewed by Dan Bernstein.

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::collectMatchingRulesForList):

2012-04-27  Dean Jackson  <dino@apple.com>

        Support reverse and alternate-reverse in CA animations
        https://bugs.webkit.org/show_bug.cgi?id=78041

        Reviewed by Beth Dakin.

        CoreAnimation does not natively support reverse and alternate-reverse
        animation directions so we need to flip the animation values (keyframe
        keys and timing functions) that we send to GraphicsLayerCA. Unfortunately
        this code adds a lot of conditionals because it isn't as simple as
        reversing the order of keys. You also now have a different alignment of
        timing functions to the reversed list.

        New tests to cover the two new directions, making sure the timing
        functions are correctly inverted, and exercising fill modes.

        Tests: animations/animation-direction-reverse-fill-mode-hardware.html
               animations/animation-direction-reverse-fill-mode.html
               animations/animation-direction-reverse-hardware-opacity.html
               animations/animation-direction-reverse-hardware.html
               animations/animation-direction-reverse-non-hardware.html
               animations/animation-direction-reverse-timing-functions-hardware.html
               animations/animation-direction-reverse-timing-functions.html

        * platform/graphics/ca/GraphicsLayerCA.cpp:
          Handle the previously unsupported animation directions, reversing
          the list of values and keytimes that would be used to create
          the CA Animation.
        (WebCore::GraphicsLayerCA::addAnimation):
          Do not create an animation if on Windows and using a reverse
          direction.
        (WebCore::GraphicsLayerCA::createFilterAnimationsFromKeyframes):
        (WebCore::GraphicsLayerCA::setupAnimation):
        (WebCore::GraphicsLayerCA::setAnimationEndpoints):
        (WebCore::GraphicsLayerCA::setAnimationKeyframes):
        (WebCore::GraphicsLayerCA::setTransformAnimationEndpoints):
        (WebCore::GraphicsLayerCA::setTransformAnimationKeyframes):
        (WebCore::GraphicsLayerCA::setFilterAnimationEndpoints):
        (WebCore::GraphicsLayerCA::setFilterAnimationKeyframes):
        * platform/graphics/ca/PlatformCAAnimation.h:
        (PlatformCAAnimation): Pass through a flag that tells the CA Animation
        that it should invert the timing functions.
        * platform/graphics/ca/mac/PlatformCAAnimationMac.mm:
        (toCAMediaTimingFunction): Add a parameter that will invert the timing
        function coefficients if necessary.
        (PlatformCAAnimation::setTimingFunction):
        (PlatformCAAnimation::setTimingFunctions):
        * platform/graphics/ca/win/PlatformCAAnimationWin.cpp:
        (toCACFTimingFunction):
          New unused parameter.

2012-04-27  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r115407.
        http://trac.webkit.org/changeset/115407
        https://bugs.webkit.org/show_bug.cgi?id=85126

        Caused heap use after free (Requested by keishi_ on #webkit).

        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::HTMLFormControlElement):
        (WebCore::HTMLFormControlElement::updateFieldSetAndLegendAncestor):
        (WebCore::HTMLFormControlElement::insertedInto):
        (WebCore::HTMLFormControlElement::removedFrom):
        (WebCore::HTMLFormControlElement::disabled):
        (WebCore::HTMLFormControlElement::recalcWillValidate):
        (WebCore::HTMLFormControlElement::setNeedsWillValidateCheck):
        * html/HTMLFormControlElement.h:
        (HTMLFormControlElement):

2012-04-27  Kentaro Hara  <haraken@chromium.org>

        [JSC] Implement a helper method createNotEnoughArgumentsError()
        https://bugs.webkit.org/show_bug.cgi?id=85102

        Reviewed by Geoffrey Garen.

        In bug 84787, kbr@ requested to avoid hard-coding
        createTypeError(exec, "Not enough arguments") here and there.
        This patch implements createNotEnoughArgumentsError(exec)
        and uses it in JSC bindings.

        c.f. a corresponding bug for V8 bindings is bug 85097.

        Test: bindings/scripts/test/TestObj.idl

        * bindings/scripts/CodeGeneratorJS.pm: Modified as described above.
        (GenerateArgumentsCountCheck):

        * bindings/js/JSDataViewCustom.cpp: Ditto.
        (WebCore::getDataViewMember):
        (WebCore::setDataViewMember):
        * bindings/js/JSDeprecatedPeerConnectionCustom.cpp:
        (WebCore::JSDeprecatedPeerConnectionConstructor::constructJSDeprecatedPeerConnection):
        * bindings/js/JSDirectoryEntryCustom.cpp:
        (WebCore::JSDirectoryEntry::getFile):
        (WebCore::JSDirectoryEntry::getDirectory):
        * bindings/js/JSSharedWorkerCustom.cpp:
        (WebCore::JSSharedWorkerConstructor::constructJSSharedWorker):
        * bindings/js/JSWebKitMutationObserverCustom.cpp:
        (WebCore::JSWebKitMutationObserverConstructor::constructJSWebKitMutationObserver):
        (WebCore::JSWebKitMutationObserver::observe):
        * bindings/js/JSWorkerCustom.cpp:
        (WebCore::JSWorkerConstructor::constructJSWorker):

        * bindings/scripts/test/JS/JSFloat64Array.cpp: Updated run-bindings-tests.
        (WebCore::jsFloat64ArrayPrototypeFunctionFoo):
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        (WebCore::jsTestActiveDOMObjectPrototypeFunctionExcitingFunction):
        (WebCore::jsTestActiveDOMObjectPrototypeFunctionPostMessage):
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
        (WebCore::jsTestCustomNamedGetterPrototypeFunctionAnotherFunction):
        * bindings/scripts/test/JS/JSTestEventTarget.cpp:
        (WebCore::jsTestEventTargetPrototypeFunctionItem):
        (WebCore::jsTestEventTargetPrototypeFunctionAddEventListener):
        (WebCore::jsTestEventTargetPrototypeFunctionRemoveEventListener):
        (WebCore::jsTestEventTargetPrototypeFunctionDispatchEvent):
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        (WebCore::JSTestInterfaceConstructor::constructJSTestInterface):
        (WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod2):
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
        (WebCore::jsTestMediaQueryListListenerPrototypeFunctionMethod):
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
        (WebCore::JSTestNamedConstructorNamedConstructor::constructJSTestNamedConstructor):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::JSTestObjConstructor::constructJSTestObj):
        (WebCore::jsTestObjPrototypeFunctionVoidMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionIntMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionObjMethodWithArgs):
        (WebCore::jsTestObjPrototypeFunctionMethodWithSequenceArg):
        (WebCore::jsTestObjPrototypeFunctionMethodReturningSequence):
        (WebCore::jsTestObjPrototypeFunctionMethodThatRequiresAllArgsAndThrows):
        (WebCore::jsTestObjPrototypeFunctionSerializedValue):
        (WebCore::jsTestObjPrototypeFunctionIdbKey):
        (WebCore::jsTestObjPrototypeFunctionOptionsObject):
        (WebCore::jsTestObjPrototypeFunctionAddEventListener):
        (WebCore::jsTestObjPrototypeFunctionRemoveEventListener):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndOptionalArg):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndTwoOptionalArgs):
        (WebCore::jsTestObjPrototypeFunctionMethodWithCallbackArg):
        (WebCore::jsTestObjPrototypeFunctionMethodWithNonCallbackArgAndCallbackArg):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod1):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod2):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod3):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod4):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod5):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod6):
        (WebCore::jsTestObjPrototypeFunctionOverloadedMethod7):
        (WebCore::jsTestObjConstructorFunctionClassMethod2):
        (WebCore::jsTestObjConstructorFunctionOverloadedMethod11):
        (WebCore::jsTestObjConstructorFunctionOverloadedMethod12):
        (WebCore::jsTestObjPrototypeFunctionMethodWithUnsignedLongArray):
        (WebCore::jsTestObjPrototypeFunctionConvert1):
        (WebCore::jsTestObjPrototypeFunctionConvert2):
        (WebCore::jsTestObjPrototypeFunctionConvert3):
        (WebCore::jsTestObjPrototypeFunctionConvert4):
        (WebCore::jsTestObjPrototypeFunctionConvert5):
        (WebCore::jsTestObjPrototypeFunctionStrictFunction):
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        (WebCore::JSTestSerializedScriptValueInterfaceConstructor::constructJSTestSerializedScriptValueInterface):
        (WebCore::jsTestSerializedScriptValueInterfacePrototypeFunctionAcceptTransferList):

2012-04-27  Mark Pilgrim  <pilgrim@chromium.org>

        [Chromium] Call highMemoryUsageMB directly
        https://bugs.webkit.org/show_bug.cgi?id=84841

        Reviewed by Kentaro Hara.

        Part of a refactoring series. See tracking bug 82948.

        * bindings/v8/V8GCController.cpp:
        (WebCore::V8GCController::checkMemoryUsage):
        * platform/MemoryUsageSupport.cpp:
        (WebCore::MemoryUsageSupport::highMemoryUsageMB):
        (WebCore):
        * platform/MemoryUsageSupport.h:
        (MemoryUsageSupport):
        * platform/chromium/MemoryUsageSupportChromium.cpp:
        (WebCore::MemoryUsageSupport::highMemoryUsageMB):
        (WebCore):
        * platform/chromium/PlatformSupport.h:
        (PlatformSupport):

2012-04-27  Geoffrey Garen  <ggaren@apple.com>

        Only allow non-null pointers in the WeakSet
        https://bugs.webkit.org/show_bug.cgi?id=85119

        Reviewed by Darin Adler.

        * bridge/jsc/BridgeJSC.cpp:
        (JSC::Bindings::Instance::Instance): Don't allocate a WeakImpl just to
        store null. This was needless, and is now a compile error. Instead,
        rely on the default constructor, which will produce a cheap null.

2012-04-27  Kentaro Hara  <haraken@chromium.org>

        "Not enough arguments" error should be TypeError
        https://bugs.webkit.org/show_bug.cgi?id=84628

        Reviewed by Darin Adler.

        Currently, some custom bindings implement "Not enough arguments"
        error as SyntaxError. The Web IDL spec requires that it should be
        TypeError: http://www.w3.org/TR/WebIDL/#dfn-overload-resolution-algorithm
        Thus, this patch changes SyntaxError to TypeError.

        Tests: http/tests/websocket/tests/hixie76/url-parsing.html:
               http/tests/websocket/tests/hybi/url-parsing.html:
               http/tests/xmlhttprequest/exceptions.html:
               svg/dom/SVGLength.html:
               webaudio/audionode.html:

        * bindings/js/JSAudioContextCustom.cpp:
        (WebCore::JSAudioContextConstructor::constructJSAudioContext):
        * bindings/js/JSSVGLengthCustom.cpp:
        (WebCore::JSSVGLength::convertToSpecifiedUnits):
        * bindings/js/JSWebSocketCustom.cpp:
        (WebCore::JSWebSocketConstructor::constructJSWebSocket):
        (WebCore::JSWebSocket::send):
        * bindings/js/JSXMLHttpRequestCustom.cpp:
        (WebCore::JSXMLHttpRequest::open):
        * bindings/v8/custom/V8AudioContextCustom.cpp:
        (WebCore::V8AudioContext::constructorCallback):
        * bindings/v8/custom/V8SVGLengthCustom.cpp:
        (WebCore::V8SVGLength::convertToSpecifiedUnitsCallback):
        * bindings/v8/custom/V8WebSocketCustom.cpp:
        (WebCore::V8WebSocket::constructorCallback):
        (WebCore::V8WebSocket::sendCallback):
        * bindings/v8/custom/V8XMLHttpRequestCustom.cpp:
        (WebCore::V8XMLHttpRequest::openCallback):

2012-04-27  Kenneth Russell  <kbr@google.com>

        Remove SHADER_COMPILER constant
        https://bugs.webkit.org/show_bug.cgi?id=85115

        Reviewed by Darin Adler.

        Removed constant which was previously removed from spec. Updated
        layout test and expected results.

        * html/canvas/WebGLRenderingContext.idl:

2012-04-27  Arvid Nilsson  <anilsson@rim.com>

        [BlackBerry] Fixed background is scrolling in http://www.nieuwecode.nl
        https://bugs.webkit.org/show_bug.cgi?id=85109

        Reviewed by Antonio Gomes.

        Since the BlackBerry port uses very similar fixed position acceleration
        as the Qt WebKit2 port, the same fix that worked for them in bug 83980
        works for us.

        Fixed by opting in to the FIXED_POSITION_CREATES_STACKING_CONTEXT
        mechanism.

        Covered by existing manual test fixed-position-no-z-index.html.

        * css/StyleResolver.cpp:

2012-04-27  Nat Duca  <nduca@chromium.org>

        Expose high-resolution on requestAnimationFrame callback
        https://bugs.webkit.org/show_bug.cgi?id=66683

        This changes requestAnimationFrame's animationStartTime argument
        to be a high resolution DOM timestamp, per disucssion here:
        http://lists.w3.org/Archives/Public/public-web-perf/2012Apr/0004.html

        Reviewed by James Robinson.

        Covered by existing requestAnimationFrame tests.

        * dom/Document.cpp:
        (WebCore::Document::serviceScriptedAnimations):
        * dom/Document.h:
        (Document):
        * dom/ScriptedAnimationController.cpp:
        (WebCore::ScriptedAnimationController::ScriptedAnimationController):
        (WebCore::ScriptedAnimationController::serviceScriptedAnimations):
        (WebCore):
        (WebCore::ScriptedAnimationController::windowScreenDidChange):
        (WebCore::ScriptedAnimationController::scheduleAnimation):
        (WebCore::ScriptedAnimationController::animationTimerFired):
        (WebCore::ScriptedAnimationController::displayRefreshFired):
        * dom/ScriptedAnimationController.h:
        (ScriptedAnimationController):
        * page/FrameView.cpp:
        (WebCore::FrameView::serviceScriptedAnimations):
        * page/FrameView.h:
        (FrameView):
        * platform/graphics/DisplayRefreshMonitor.cpp:
        (WebCore::DisplayRefreshMonitor::DisplayRefreshMonitor):
        (WebCore::DisplayRefreshMonitor::notifyClients):
        * platform/graphics/DisplayRefreshMonitor.h:
        (DisplayRefreshMonitor):
        * platform/graphics/blackberry/DisplayRefreshMonitorBlackBerry.cpp:
        (WebCore::DisplayRefreshMonitor::displayLinkFired):
        * platform/graphics/mac/DisplayRefreshMonitorMac.cpp:
        (WebCore):
        (WebCore::DisplayRefreshMonitor::requestRefreshCallback):
        (WebCore::DisplayRefreshMonitor::displayLinkFired):

2012-04-27  Kentaro Hara  <haraken@chromium.org>

        [V8] Implement a helper method V8Proxy::throwNotEnoughArgumentsError()
        https://bugs.webkit.org/show_bug.cgi?id=85097

        Reviewed by Kenneth Russell.

        In bug 84787, kbr requested to avoid hard-coding
        throwError("Not enough arguments", V8Proxy::TypeError) here and there.
        This patch implements V8Proxy::throwNotEnoughArgumentsError()
        and uses it in V8 bindings.

        No tests. No change in behavior.

        * bindings/scripts/CodeGeneratorV8.pm:
        (GenerateArgumentsCountCheck):
        (GenerateEventConstructorCallback):
        * bindings/v8/V8Proxy.cpp:
        (WebCore::V8Proxy::throwNotEnoughArgmentsError):
        (WebCore):
        * bindings/v8/V8Proxy.h:
        (V8Proxy):
        * bindings/v8/custom/V8DataViewCustom.cpp:
        (WebCore::V8DataView::getInt8Callback):
        (WebCore::V8DataView::getUint8Callback):
        (WebCore::V8DataView::setInt8Callback):
        (WebCore::V8DataView::setUint8Callback):
        * bindings/v8/custom/V8DirectoryEntryCustom.cpp:
        (WebCore::V8DirectoryEntry::getDirectoryCallback):
        (WebCore::V8DirectoryEntry::getFileCallback):
        * bindings/v8/custom/V8IntentConstructor.cpp:
        (WebCore::V8Intent::constructorCallback):
        * bindings/v8/custom/V8WebKitMutationObserverCustom.cpp:
        (WebCore::V8WebKitMutationObserver::constructorCallback):
        (WebCore::V8WebKitMutationObserver::observeCallback):

        Test: bindings/scripts/test/TestObj.idl

        * bindings/scripts/CodeGeneratorV8.pm: Modified as described above.
        (GenerateArgumentsCountCheck):
        (GenerateEventConstructorCallback):

        * bindings/v8/V8Proxy.cpp: Ditto.
        (WebCore::V8Proxy::throwNotEnoughArgumentsError):
        (WebCore):
        * bindings/v8/V8Proxy.h:
        (V8Proxy):
        * bindings/v8/custom/V8DataViewCustom.cpp:
        (WebCore::V8DataView::getInt8Callback):
        (WebCore::V8DataView::getUint8Callback):
        (WebCore::V8DataView::setInt8Callback):
        (WebCore::V8DataView::setUint8Callback):
        * bindings/v8/custom/V8DirectoryEntryCustom.cpp:
        (WebCore::V8DirectoryEntry::getDirectoryCallback):
        (WebCore::V8DirectoryEntry::getFileCallback):
        * bindings/v8/custom/V8IntentConstructor.cpp:
        (WebCore::V8Intent::constructorCallback):
        * bindings/v8/custom/V8WebKitMutationObserverCustom.cpp:
        (WebCore::V8WebKitMutationObserver::constructorCallback):
        (WebCore::V8WebKitMutationObserver::observeCallback):

        * bindings/scripts/test/V8/V8Float64Array.cpp: Updated run-bindings-tests.
        (WebCore::Float64ArrayV8Internal::fooCallback):
        * bindings/scripts/test/V8/V8TestActiveDOMObject.cpp:
        (WebCore::TestActiveDOMObjectV8Internal::excitingFunctionCallback):
        (WebCore::TestActiveDOMObjectV8Internal::postMessageCallback):
        * bindings/scripts/test/V8/V8TestCustomNamedGetter.cpp:
        (WebCore::TestCustomNamedGetterV8Internal::anotherFunctionCallback):
        * bindings/scripts/test/V8/V8TestEventConstructor.cpp:
        (WebCore::V8TestEventConstructor::constructorCallback):
        * bindings/scripts/test/V8/V8TestEventTarget.cpp:
        (WebCore::TestEventTargetV8Internal::itemCallback):
        (WebCore::TestEventTargetV8Internal::dispatchEventCallback):
        * bindings/scripts/test/V8/V8TestInterface.cpp:
        (WebCore::TestInterfaceV8Internal::supplementalMethod2Callback):
        (WebCore::V8TestInterface::constructorCallback):
        * bindings/scripts/test/V8/V8TestMediaQueryListListener.cpp:
        (WebCore::TestMediaQueryListListenerV8Internal::methodCallback):
        * bindings/scripts/test/V8/V8TestNamedConstructor.cpp:
        (WebCore::V8TestNamedConstructorConstructorCallback):
        * bindings/scripts/test/V8/V8TestObj.cpp:
        (WebCore::TestObjV8Internal::voidMethodWithArgsCallback):
        (WebCore::TestObjV8Internal::intMethodWithArgsCallback):
        (WebCore::TestObjV8Internal::objMethodWithArgsCallback):
        (WebCore::TestObjV8Internal::methodWithSequenceArgCallback):
        (WebCore::TestObjV8Internal::methodReturningSequenceCallback):
        (WebCore::TestObjV8Internal::methodThatRequiresAllArgsAndThrowsCallback):
        (WebCore::TestObjV8Internal::serializedValueCallback):
        (WebCore::TestObjV8Internal::idbKeyCallback):
        (WebCore::TestObjV8Internal::optionsObjectCallback):
        (WebCore::TestObjV8Internal::methodWithNonOptionalArgAndOptionalArgCallback):
        (WebCore::TestObjV8Internal::methodWithNonOptionalArgAndTwoOptionalArgsCallback):
        (WebCore::TestObjV8Internal::methodWithCallbackArgCallback):
        (WebCore::TestObjV8Internal::methodWithNonCallbackArgAndCallbackArgCallback):
        (WebCore::TestObjV8Internal::overloadedMethod1Callback):
        (WebCore::TestObjV8Internal::overloadedMethod2Callback):
        (WebCore::TestObjV8Internal::overloadedMethod3Callback):
        (WebCore::TestObjV8Internal::overloadedMethod4Callback):
        (WebCore::TestObjV8Internal::overloadedMethod5Callback):
        (WebCore::TestObjV8Internal::overloadedMethod6Callback):
        (WebCore::TestObjV8Internal::overloadedMethod7Callback):
        (WebCore::TestObjV8Internal::overloadedMethod11Callback):
        (WebCore::TestObjV8Internal::overloadedMethod12Callback):
        (WebCore::TestObjV8Internal::enabledAtRuntimeMethod1Callback):
        (WebCore::TestObjV8Internal::enabledAtRuntimeMethod2Callback):
        (WebCore::TestObjV8Internal::convert1Callback):
        (WebCore::TestObjV8Internal::convert2Callback):
        (WebCore::TestObjV8Internal::convert3Callback):
        (WebCore::TestObjV8Internal::convert4Callback):
        (WebCore::TestObjV8Internal::convert5Callback):
        (WebCore::TestObjV8Internal::strictFunctionCallback):
        (WebCore::V8TestObj::constructorCallback):
        * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.cpp:
        (WebCore::TestSerializedScriptValueInterfaceV8Internal::acceptTransferListCallback):
        (WebCore::V8TestSerializedScriptValueInterface::constructorCallback):

2012-04-27  Mark Pilgrim  <pilgrim@chromium.org>

        [Chromium] Call lowMemoryUsageMB directly
        https://bugs.webkit.org/show_bug.cgi?id=84840

        Reviewed by Kentaro Hara.

        Part of a refactoring series. See tracking bug 82948.

        * bindings/v8/V8GCController.cpp:
        (WebCore::V8GCController::checkMemoryUsage):
        * platform/MemoryUsageSupport.cpp:
        (WebCore::MemoryUsageSupport::lowMemoryUsageMB):
        (WebCore):
        * platform/MemoryUsageSupport.h:
        (MemoryUsageSupport):
        * platform/chromium/MemoryUsageSupportChromium.cpp:
        (WebCore::MemoryUsageSupport::lowMemoryUsageMB):
        (WebCore):
        * platform/chromium/PlatformSupport.h:
        (PlatformSupport):

2012-04-27  Yi Shen  <yi.4.shen@nokia.com>

        REGRESSION(113723): Pressing enter in this list example deletes the whole list
        https://bugs.webkit.org/show_bug.cgi?id=85016

        Reviewed by Enrica Casucci.

        The bug was caused by CompositeEditCommand::breakOutOfEmptyListItem, which calls isListItem
        on the empty list's siblings to decide which part of the list should get removed. However,
        the check fails when the empty list's sibling is a text node, or a list element (e.g. ul, ol).
        Fixed it by skipping empty list's non-element sibling and calling isListElement to do further
        check.

        Test: added new test cases in the existing test (break-out-of-empty-list-item.html)

        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::breakOutOfEmptyListItem):

2012-04-27  Ian Vollick  <vollick@chromium.org>

        [chromium] Add pause and resume support for accelerated css animations.
        https://bugs.webkit.org/show_bug.cgi?id=84601

        Reviewed by James Robinson.

        Tested in:
        CCLayerAnimationControllerTest.syncPauseResume
        CCActiveAnimationTest.TrimTimeTimeOffset
        CCActiveAnimationTest.TrimTimeSuspendResume
        CCActiveAnimationTest.IsFinishedNeedsSynchronizedStartTime
        CCActiveAnimationTest.RunStateChangesIgnoredWhileSuspended

        * platform/graphics/chromium/GraphicsLayerChromium.cpp:
        (WebCore::GraphicsLayerChromium::suspendAnimations):
        (WebCore::GraphicsLayerChromium::resumeAnimations):
        * platform/graphics/chromium/GraphicsLayerChromium.h:
        (GraphicsLayerChromium):
        * platform/graphics/chromium/LayerChromium.cpp:
        (WebCore::LayerChromium::suspendAnimations):
        (WebCore::LayerChromium::resumeAnimations):
        * platform/graphics/chromium/LayerChromium.h:
        (LayerChromium):
        * platform/graphics/chromium/cc/CCActiveAnimation.cpp:
        (WebCore::CCActiveAnimation::CCActiveAnimation):
        (WebCore::CCActiveAnimation::setRunState):
        (WebCore::CCActiveAnimation::suspend):
        (WebCore::CCActiveAnimation::resume):
        (WebCore::CCActiveAnimation::isFinishedAt):
        (WebCore::CCActiveAnimation::trimTimeToCurrentIteration):
        (WebCore::CCActiveAnimation::cloneForImplThread):
        (WebCore::CCActiveAnimation::pushPropertiesTo):
        * platform/graphics/chromium/cc/CCActiveAnimation.h:
        (CCActiveAnimation):
        (WebCore::CCActiveAnimation::setStartTime):
        (WebCore::CCActiveAnimation::timeOffset):
        (WebCore::CCActiveAnimation::setTimeOffset):
        (WebCore::CCActiveAnimation::isFinished):
        * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:
        (WebCore::CCLayerAnimationController::addAnimation):
        (WebCore::CCLayerAnimationController::pauseAnimation):
        (WebCore::CCLayerAnimationController::suspendAnimations):
        (WebCore::CCLayerAnimationController::resumeAnimations):
        (WebCore::CCLayerAnimationController::pushAnimationUpdatesTo):
        (WebCore::CCLayerAnimationController::getActiveAnimation):
        (WebCore::CCLayerAnimationController::pushNewAnimationsToImplThread):
        (WebCore::CCLayerAnimationController::removeAnimationsCompletedOnMainThread):
        (WebCore::CCLayerAnimationController::pushPropertiesToImplThread):
        (WebCore):
        (WebCore::CCLayerAnimationController::tickAnimations):
        * platform/graphics/chromium/cc/CCLayerAnimationController.h:
        (CCLayerAnimationController):

2012-04-27  Tim Horton  <timothy_horton@apple.com>

        SMIL animation causes leak of the related Document (and many elements)
        https://bugs.webkit.org/show_bug.cgi?id=83856
        <rdar://problem/11216047>

        Reviewed by Dean Jackson.

        The SVGAnimatedProperty cache was previously holding a reference to the properties it contained;
        said references were cleared in the SVGAnimatedProperty destructor (which was never called because
        there was always one remaining reference from the cache).

        The SVGAnimatedProperty cache now holds raw pointers instead of RefPtrs; the SVGAnimateElement now
        owns its own SVGAnimatedProperties, both for itself and for any <use/> instances of itself. They're
        cleared and destroyed within SVGAnimateElement::targetElementWillChange, at which time they're removed
        from the cache.

        SVGPropertyTearOffs now keep a reference to their SVGElement (m_contextElement) instead of their SVGAnimatedProperty;
        this way, there is no reference cycle, but the animated property (owned by the element) and the element itself are
        kept alive until the TearOff is garbage collected.

        Tests: svg/animations/smil-leak-dynamically-added-element-instances.svg
               svg/animations/smil-leak-elements.svg
               svg/animations/smil-leak-element-instances-noBaseValRef.svg
               svg/animations/smil-leak-element-instances.svg
               svg/animations/svglength-element-removed-crash.svg

        * svg/SVGAnimateElement.cpp:
        (WebCore::SVGAnimateElement::calculateAnimatedValue):
        (WebCore::propertyTypesAreConsistent):
        (WebCore::SVGAnimateElement::resetToBaseValue):
        (WebCore::SVGAnimateElement::applyResultsToTarget):
        (WebCore::SVGAnimateElement::targetElementWillChange):
        * svg/SVGAnimateElement.h:
        (SVGAnimateElement):
        * svg/SVGAnimatedAngle.cpp:
        (WebCore::SVGAnimatedAngleAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedAngleAnimator::stopAnimValAnimation):
        (WebCore::SVGAnimatedAngleAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedAngleAnimator::animValWillChange):
        (WebCore::SVGAnimatedAngleAnimator::animValDidChange):
        * svg/SVGAnimatedAngle.h:
        (SVGAnimatedAngleAnimator):
        * svg/SVGAnimatedBoolean.cpp:
        (WebCore::SVGAnimatedBooleanAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedBooleanAnimator::stopAnimValAnimation):
        (WebCore::SVGAnimatedBooleanAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedBooleanAnimator::animValWillChange):
        (WebCore::SVGAnimatedBooleanAnimator::animValDidChange):
        * svg/SVGAnimatedBoolean.h:
        (SVGAnimatedBooleanAnimator):
        * svg/SVGAnimatedColor.h:
        (WebCore::SVGAnimatedColorAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedColorAnimator::stopAnimValAnimation):
        (WebCore::SVGAnimatedColorAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedColorAnimator::animValWillChange):
        (WebCore::SVGAnimatedColorAnimator::animValDidChange):
        * svg/SVGAnimatedEnumeration.cpp:
        (WebCore::SVGAnimatedEnumerationAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedEnumerationAnimator::stopAnimValAnimation):
        (WebCore::SVGAnimatedEnumerationAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedEnumerationAnimator::animValWillChange):
        (WebCore::SVGAnimatedEnumerationAnimator::animValDidChange):
        * svg/SVGAnimatedEnumeration.h:
        (SVGAnimatedEnumerationAnimator):
        * svg/SVGAnimatedInteger.cpp:
        (WebCore::SVGAnimatedIntegerAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedIntegerAnimator::stopAnimValAnimation):
        (WebCore::SVGAnimatedIntegerAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedIntegerAnimator::animValWillChange):
        (WebCore::SVGAnimatedIntegerAnimator::animValDidChange):
        * svg/SVGAnimatedInteger.h:
        (SVGAnimatedIntegerAnimator):
        * svg/SVGAnimatedIntegerOptionalInteger.cpp:
        (WebCore::SVGAnimatedIntegerOptionalIntegerAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedIntegerOptionalIntegerAnimator::stopAnimValAnimation):
        (WebCore::SVGAnimatedIntegerOptionalIntegerAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedIntegerOptionalIntegerAnimator::animValWillChange):
        (WebCore::SVGAnimatedIntegerOptionalIntegerAnimator::animValDidChange):
        * svg/SVGAnimatedIntegerOptionalInteger.h:
        (SVGAnimatedIntegerOptionalIntegerAnimator):
        * svg/SVGAnimatedLength.cpp:
        (WebCore::SVGAnimatedLengthAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedLengthAnimator::stopAnimValAnimation):
        (WebCore::SVGAnimatedLengthAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedLengthAnimator::animValWillChange):
        (WebCore::SVGAnimatedLengthAnimator::animValDidChange):
        * svg/SVGAnimatedLength.h:
        (SVGAnimatedLengthAnimator):
        * svg/SVGAnimatedLengthList.cpp:
        (WebCore::SVGAnimatedLengthListAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedLengthListAnimator::stopAnimValAnimation):
        (WebCore::SVGAnimatedLengthListAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedLengthListAnimator::animValWillChange):
        (WebCore::SVGAnimatedLengthListAnimator::animValDidChange):
        * svg/SVGAnimatedLengthList.h:
        (SVGAnimatedLengthListAnimator):
        * svg/SVGAnimatedNumber.cpp:
        (WebCore::SVGAnimatedNumberAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedNumberAnimator::stopAnimValAnimation):
        (WebCore::SVGAnimatedNumberAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedNumberAnimator::animValWillChange):
        (WebCore::SVGAnimatedNumberAnimator::animValDidChange):
        * svg/SVGAnimatedNumber.h:
        (SVGAnimatedNumberAnimator):
        * svg/SVGAnimatedNumberList.cpp:
        (WebCore::SVGAnimatedNumberListAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedNumberListAnimator::stopAnimValAnimation):
        (WebCore::SVGAnimatedNumberListAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedNumberListAnimator::animValWillChange):
        (WebCore::SVGAnimatedNumberListAnimator::animValDidChange):
        * svg/SVGAnimatedNumberList.h:
        (SVGAnimatedNumberListAnimator):
        * svg/SVGAnimatedNumberOptionalNumber.cpp:
        (WebCore::SVGAnimatedNumberOptionalNumberAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedNumberOptionalNumberAnimator::stopAnimValAnimation):
        (WebCore::SVGAnimatedNumberOptionalNumberAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedNumberOptionalNumberAnimator::animValWillChange):
        (WebCore::SVGAnimatedNumberOptionalNumberAnimator::animValDidChange):
        * svg/SVGAnimatedNumberOptionalNumber.h:
        (SVGAnimatedNumberOptionalNumberAnimator):
        * svg/SVGAnimatedPath.cpp:
        (WebCore::SVGAnimatedPathAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedPathAnimator::stopAnimValAnimation):
        (WebCore::SVGAnimatedPathAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedPathAnimator::animValWillChange):
        (WebCore::SVGAnimatedPathAnimator::animValDidChange):
        * svg/SVGAnimatedPath.h:
        (SVGAnimatedPathAnimator):
        * svg/SVGAnimatedPointList.cpp:
        (WebCore::SVGAnimatedPointListAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedPointListAnimator::stopAnimValAnimation):
        (WebCore::SVGAnimatedPointListAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedPointListAnimator::animValWillChange):
        (WebCore::SVGAnimatedPointListAnimator::animValDidChange):
        * svg/SVGAnimatedPointList.h:
        (SVGAnimatedPointListAnimator):
        * svg/SVGAnimatedPreserveAspectRatio.cpp:
        (WebCore::SVGAnimatedPreserveAspectRatioAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedPreserveAspectRatioAnimator::stopAnimValAnimation):
        (WebCore::SVGAnimatedPreserveAspectRatioAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedPreserveAspectRatioAnimator::animValWillChange):
        (WebCore::SVGAnimatedPreserveAspectRatioAnimator::animValDidChange):
        * svg/SVGAnimatedPreserveAspectRatio.h:
        (SVGAnimatedPreserveAspectRatioAnimator):
        * svg/SVGAnimatedRect.cpp:
        (WebCore::SVGAnimatedRectAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedRectAnimator::stopAnimValAnimation):
        (WebCore::SVGAnimatedRectAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedRectAnimator::animValWillChange):
        (WebCore::SVGAnimatedRectAnimator::animValDidChange):
        * svg/SVGAnimatedRect.h:
        (SVGAnimatedRectAnimator):
        * svg/SVGAnimatedString.cpp:
        (WebCore::SVGAnimatedStringAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedStringAnimator::stopAnimValAnimation):
        (WebCore::SVGAnimatedStringAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedStringAnimator::animValWillChange):
        (WebCore::SVGAnimatedStringAnimator::animValDidChange):
        * svg/SVGAnimatedString.h:
        (SVGAnimatedStringAnimator):
        * svg/SVGAnimatedTransformList.cpp:
        (WebCore::SVGAnimatedTransformListAnimator::startAnimValAnimation):
        (WebCore::SVGAnimatedTransformListAnimator::stopAnimValAnimation):
        (WebCore::SVGAnimatedTransformListAnimator::resetAnimValToBaseVal):
        (WebCore::SVGAnimatedTransformListAnimator::animValWillChange):
        (WebCore::SVGAnimatedTransformListAnimator::animValDidChange):
        * svg/SVGAnimatedTransformList.h:
        (SVGAnimatedTransformListAnimator):
        * svg/SVGAnimatedTypeAnimator.h:
        (SVGAnimatedTypeAnimator):
        (WebCore::SVGAnimatedTypeAnimator::findAnimatedPropertiesForAttributeName):
        (WebCore::SVGAnimatedTypeAnimator::findAnimatedPropertiesFromInstancesForAttributeName):
        (WebCore::SVGAnimatedTypeAnimator::constructFromBaseValue):
        (WebCore::SVGAnimatedTypeAnimator::resetFromBaseValue):
        (WebCore::SVGAnimatedTypeAnimator::stopAnimValAnimationForType):
        (WebCore::SVGAnimatedTypeAnimator::animValDidChangeForType):
        (WebCore::SVGAnimatedTypeAnimator::animValWillChangeForType):
        (WebCore::SVGAnimatedTypeAnimator::constructFromBaseValues):
        (WebCore::SVGAnimatedTypeAnimator::resetFromBaseValues):
        (WebCore::SVGAnimatedTypeAnimator::stopAnimValAnimationForTypes):
        (WebCore::SVGAnimatedTypeAnimator::animValDidChangeForTypes):
        (WebCore::SVGAnimatedTypeAnimator::animValWillChangeForTypes):
        (WebCore::SVGAnimatedTypeAnimator::castAnimatedPropertyToActualType):
        (WebCore::SVGAnimatedTypeAnimator::executeAction):
        * svg/properties/SVGAnimatedProperty.h:
        (SVGAnimatedProperty):
        * svg/properties/SVGPropertyTearOff.h:
        (WebCore::SVGPropertyTearOff::animatedProperty):
        (SVGPropertyTearOff):

2012-04-27  Adam Klein  <adamk@chromium.org>

        Remove misspelled, unused, unimplemented method from V8Proxy
        https://bugs.webkit.org/show_bug.cgi?id=85091

        Reviewed by Dimitri Glazkov.

        * bindings/v8/V8Proxy.h:
        (V8Proxy):

2012-04-24  Jeffrey Pfau  <jpfau@apple.com>

        Disable RTF in JavaScript drag-and-drop
        https://bugs.webkit.org/show_bug.cgi?id=76597

        Reviewed by Maciej Stachowiak.

        Test: fast/events/drag-and-drop-subframe-dataTransfer.html

        * platform/mac/ClipboardMac.mm:
        (WebCore::cocoaTypeFromHTMLClipboardType):

2012-04-26  James Robinson  <jamesr@chromium.org>

        [chromium] Separate IOSurface layer type from texture layers
        https://bugs.webkit.org/show_bug.cgi?id=85030

        Reviewed by Adrienne Walker.

        Adds a new layer type for IOSurface layers and pipes through a separate path through to rendering. IOSurface
        layers are very simple - they have an IOSurface id and size, nothing else. All IOSurface layers are "flipped" in
        our terminology.

        * WebCore.gypi:
        * platform/graphics/chromium/IOSurfaceLayerChromium.cpp:
        (WebCore):
        (WebCore::IOSurfaceLayerChromium::create):
        (WebCore::IOSurfaceLayerChromium::IOSurfaceLayerChromium):
        (WebCore::IOSurfaceLayerChromium::~IOSurfaceLayerChromium):
        (WebCore::IOSurfaceLayerChromium::setIOSurfaceProperties):
        (WebCore::IOSurfaceLayerChromium::createCCLayerImpl):
        (WebCore::IOSurfaceLayerChromium::drawsContent):
        (WebCore::IOSurfaceLayerChromium::pushPropertiesTo):
        * platform/graphics/chromium/IOSurfaceLayerChromium.h:
        (WebCore):
        (IOSurfaceLayerChromium):
        * platform/graphics/chromium/LayerRendererChromium.cpp:
        (WebCore::LayerRendererChromium::drawIOSurfaceQuad):
        (WebCore::LayerRendererChromium::cleanupSharedObjects):
        * platform/graphics/chromium/LayerRendererChromium.h:
        (LayerRendererChromium):
        * platform/graphics/chromium/TextureLayerChromium.cpp:
        (WebCore::TextureLayerChromium::TextureLayerChromium):
        (WebCore::TextureLayerChromium::drawsContent):
        (WebCore::TextureLayerChromium::pushPropertiesTo):
        * platform/graphics/chromium/TextureLayerChromium.h:
        (TextureLayerChromium):
        * platform/graphics/chromium/cc/CCIOSurfaceDrawQuad.cpp:
        (WebCore::CCIOSurfaceDrawQuad::create):
        (WebCore::CCIOSurfaceDrawQuad::CCIOSurfaceDrawQuad):
        * platform/graphics/chromium/cc/CCIOSurfaceDrawQuad.h:
        (CCIOSurfaceDrawQuad):
        * platform/graphics/chromium/cc/CCIOSurfaceLayerImpl.cpp:
        (WebCore):
        (WebCore::CCIOSurfaceLayerImpl::CCIOSurfaceLayerImpl):
        (WebCore::CCIOSurfaceLayerImpl::~CCIOSurfaceLayerImpl):
        (WebCore::CCIOSurfaceLayerImpl::willDraw):
        (WebCore::CCIOSurfaceLayerImpl::appendQuads):
        (WebCore::CCIOSurfaceLayerImpl::dumpLayerProperties):
        (WebCore::CCIOSurfaceLayerImpl::didLoseContext):
        (WebCore::CCIOSurfaceLayerImpl::setIOSurfaceProperties):
        * platform/graphics/chromium/cc/CCIOSurfaceLayerImpl.h:
        (WebCore):
        (CCIOSurfaceLayerImpl):
        (WebCore::CCIOSurfaceLayerImpl::create):
        * platform/graphics/chromium/cc/CCTextureLayerImpl.cpp:
        (WebCore::CCTextureLayerImpl::CCTextureLayerImpl):
        (WebCore::CCTextureLayerImpl::~CCTextureLayerImpl):
        (WebCore::CCTextureLayerImpl::appendQuads):
        (WebCore::CCTextureLayerImpl::didLoseContext):
        * platform/graphics/chromium/cc/CCTextureLayerImpl.h:
        (CCTextureLayerImpl):

2012-04-27  Arvid Nilsson  <anilsson@rim.com>

        [BlackBerry] OpenGL related bug fixes
        https://bugs.webkit.org/show_bug.cgi?id=84836

        Reviewed by Antonio Gomes.

        PR147254, 148933, 149117, 149721, 150228

        No new tests, covered by existing BlackBerry browser stress tests

        * platform/graphics/blackberry/CanvasLayerWebKitThread.cpp:
        (WebCore::CanvasLayerWebKitThread::updateTextureContentsIfNeeded):
        * platform/graphics/blackberry/LayerCompositingThread.cpp:
        (WebCore::LayerCompositingThread::drawTextures):
        * platform/graphics/blackberry/LayerRenderer.cpp:
        (WebCore::LayerRenderer::~LayerRenderer):
        (WebCore::LayerRenderer::drawLayers):
        (WebCore::LayerRenderer::initializeSharedGLObjects):

2012-04-27  Nat Duca  <nduca@chromium.org>

        Implement high-resolution time via window.performance.webkitNow()
        https://bugs.webkit.org/show_bug.cgi?id=66684

        This implements the high resolution time spec from
        http://www.w3.org/TR/hr-time/, giving javascript access to
        sub-millisecond timestamps that increase over time instead of being
        subject to skewing, for example when the host machine's clock changes.

        Reviewed by Tony Gentilcore.

        Test: fast/performance/performance-now-timestamps.html

        * page/Performance.cpp:
        (WebCore::Performance::now):
        (WebCore):
        * page/Performance.h:
        (Performance):
        * page/Performance.idl:

2012-04-27  Filip Pizlo  <fpizlo@apple.com>

        If you get a list of DOMWrapperWorld*'s and then plan to allocate in the heap, you should ref
        the DOMWrapperWorld*'s
        https://bugs.webkit.org/show_bug.cgi?id=85098
        <rdar://problem/11318170>

        Reviewed by Sam Weinig.

        No new tests because this addresses hard-to-repro flaky behavior arising from GCs at inconvenient
        times.

        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::getAllWorlds):
        * bindings/js/ScriptController.h:
        (ScriptController):
        * bindings/js/WebCoreJSClientData.h:
        (WebCore::WebCoreJSClientData::getAllWorlds):
        * bindings/v8/ScriptController.cpp:
        (WebCore::ScriptController::getAllWorlds):
        * bindings/v8/ScriptController.h:
        (ScriptController):
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::dispatchDidClearWindowObjectsInAllWorlds):
        (WebCore::FrameLoader::dispatchGlobalObjectAvailableInAllWorlds):

2012-04-27  Geoffrey Garen  <ggaren@apple.com>

        Removed the sole use of Weak<Unknown>
        https://bugs.webkit.org/show_bug.cgi?id=85099

        Reviewed by Sam Weinig.

        The semantics and implementation of Weak<Unknown> are unclear because:
            - Should you call a finalizer for a non-GC thingy? If so, when?

                * Possible answer: No.

            - If WeakImpls for GC thingies live with the GC thingies in the
              heap, where do WeakImpls for non-GC thingies live?

                * Possible answer: Directly in the Weak<T>.

        Since no clients actually want these behaviors, it's hard to tell if
        they're the right behaviors, and it's not worth the implementation
        complexity. If we come up with a client that wants these behaviors, we
        can always revisit this.

        * bindings/js/JSNodeFilterCondition.cpp:
        (WebCore::JSNodeFilterCondition::JSNodeFilterCondition): Just leave our
        filter NULL if it's not an object -- that's a better way to indicate
        "not a valid filter object".

        (WebCore::JSNodeFilterCondition::acceptNode): Fixed up some naming to
        clarify that the object we're working with is not necessarily a function.

        * bindings/js/JSNodeFilterCondition.h:
        (JSNodeFilterCondition): Use Weak<JSObject>, since that more closely
        matches what we're trying to do.

2012-04-26  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to getDOMXXXMap()
        https://bugs.webkit.org/show_bug.cgi?id=85022

        Reviewed by Nate Chapin.

        The objective is to pass Isolate around in V8 bindings.
        This patch passes Isolate to getDOMXXXMap().

        Also this patch removes DOMMap::getDOMDataStore() and
        DOMData::getDefalutStore(), since the indirection by the
        methods is redundant. This is not for performance
        optimization but just for refactoring.

        No tests. No change in behavior.

        * bindings/v8/DOMData.cpp:
        (WebCore::DOMData::getCurrentStore):
        * bindings/v8/DOMData.h:
        (DOMData):
        * bindings/v8/V8DOMMap.cpp:
        (WebCore::getDOMNodeMap):
        (WebCore::getActiveDOMNodeMap):
        (WebCore::getDOMObjectMap):
        (WebCore::getActiveDOMObjectMap):
        (WebCore::removeAllDOMObjects):
        * bindings/v8/V8DOMMap.h:
        (WebCore):

2012-04-26  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to V8BindingPerIsolateData::current()
        https://bugs.webkit.org/show_bug.cgi?id=85023

        Reviewed by Nate Chapin.

        The objective is to pass Isolate around in V8 bindings.
        This patch passes Isolate to V8BindingPerIsolateData::current().

        No tests. No change in behavior.

        * bindings/v8/V8Binding.h:
        (WebCore::V8BindingPerIsolateData::current):
        (WebCore::v8ExternalString):

2012-04-27  Dimitri Glazkov  <dglazkov@chromium.org>

        Unreviewed, rolling out r115484.
        http://trac.webkit.org/changeset/115484
        https://bugs.webkit.org/show_bug.cgi?id=84555

        Broke Chromium compile.

        * bindings/js/JSBlobCustom.cpp:
        * bindings/v8/custom/V8BlobCustom.cpp:
        * fileapi/Blob.cpp:
        * fileapi/Blob.h:
        (Blob):
        * fileapi/Blob.idl:
        * workers/WorkerContext.idl:

2012-04-27  Alexandru Chiculita  <achicu@adobe.com>

        [CSS Shaders] Implement CSS Animations and Transitions for CSS Shaders
        https://bugs.webkit.org/show_bug.cgi?id=71406

        Reviewed by Dean Jackson.

        I've implemented the blend function for the CustomFilterOperation. This should enable animations for CSS Shaders.
        Currently, just floats are implemented. If any of the filter attributes like shader, mesh size or box mode are different, 
        the fallback is to use the "to" part of the animation instead. If other shader parameters do not match, it will merge the parameter values
        between the "from" and "to" states.

        Test: css3/filters/custom/custom-filter-animation.html

        * platform/graphics/filters/CustomFilterNumberParameter.h:
        (WebCore::CustomFilterNumberParameter::blend):
        (CustomFilterNumberParameter):
        (WebCore::CustomFilterNumberParameter::operator==):
        * platform/graphics/filters/CustomFilterOperation.cpp:
        (WebCore::equalCustomFilterParameters):
        (WebCore):
        (WebCore::checkCustomFilterParametersOrder):
        (WebCore::blendCustomFilterParameters):
        (WebCore::CustomFilterOperation::CustomFilterOperation):
        (WebCore::CustomFilterOperation::blend):
        * platform/graphics/filters/CustomFilterOperation.h:
        (WebCore):
        (CustomFilterOperation):
        (WebCore::CustomFilterOperation::operator==):
        (WebCore::CustomFilterOperation::operator!=):
        * platform/graphics/filters/CustomFilterParameter.h:
        (CustomFilterParameter):
        (WebCore::CustomFilterParameter::isSameType):
        (WebCore::CustomFilterParameter::operator==):
        (WebCore::CustomFilterParameter::operator!=):
        * platform/graphics/filters/CustomFilterProgram.h:
        * rendering/style/StyleCustomFilterProgram.h:
        (StyleCustomFilterProgram):
        (WebCore::StyleCustomFilterProgram::cachedVertexShader):
        (WebCore::StyleCustomFilterProgram::cachedFragmentShader):
        (WebCore::StyleCustomFilterProgram::operator==):

2012-04-27  Chris Rogers  <crogers@google.com>

        Re-factor scheduling logic from AudioBufferSourceNode into AudioScheduledSourceNode
        https://bugs.webkit.org/show_bug.cgi?id=84639

        Reviewed by Eric Carlson.

        Playback logic involving noteOn(), noteOff(), and playbackState were intertwined with
        the AudioBufferSourceNode's buffer playback code.  These are more general concepts and
        may be implemented separately in another class called AudioScheduledSourceNode.

        No new tests. Covered by existing layout tests.

        * GNUmakefile.list.am:
        Add AudioScheduledSourceNode files to makefile.

        * Modules/webaudio/AudioBufferSourceNode.cpp:
        (WebCore):
        (WebCore::AudioBufferSourceNode::AudioBufferSourceNode):
        Re-factor some member variables into new base class AudioScheduledSourceNode.

        (WebCore::AudioBufferSourceNode::process):
        Re-factor scheduling logic into AudioScheduledSourceNode.

        * Modules/webaudio/AudioBufferSourceNode.h:
        (AudioBufferSourceNode):
        Simplify by re-factoring scheduling logic into AudioScheduledSourceNode.

        * Modules/webaudio/AudioScheduledSourceNode.cpp: Added.
        (WebCore):
        (WebCore::AudioScheduledSourceNode::AudioScheduledSourceNode):
        (WebCore::AudioScheduledSourceNode::updateSchedulingInfo):
        Get frame information for the current time quantum.

        * Modules/webaudio/AudioScheduledSourceNode.h: Added.
        (WebCore::AudioScheduledSourceNode::noteOn):
        (WebCore::AudioScheduledSourceNode::noteOff):
        (WebCore::AudioScheduledSourceNode::finish):
        (WebCore::AudioScheduledSourceNode::playbackState):
        (WebCore::AudioScheduledSourceNode::isPlayingOrScheduled):
        (WebCore::AudioScheduledSourceNode::hasFinished):
        Re-factored from AudioBufferSourceNode.

        * WebCore.gypi:
        * WebCore.xcodeproj/project.pbxproj:
        Add AudioScheduledSourceNode files to makefiles.
    
2012-04-26  Sam Weinig  <sam@webkit.org>

        Add support for the Blob constructor
        https://bugs.webkit.org/show_bug.cgi?id=84555

        Reviewed by Maciej Stachowiak.

        Test: fast/files/blob-constructor.html

        This adds an implementation of the Blob constructor that willfully
        violates the W3C Editor’s Draft 29 February 2012 in the following ways:
        - Elements in the parts array are coerced to DOMStrings https://www.w3.org/Bugs/Public/show_bug.cgi?id=16721 
        - Don't throw for invalid key in the dictionary https://www.w3.org/Bugs/Public/show_bug.cgi?id=16727
        - Values for the endings property are treated as enums https://www.w3.org/Bugs/Public/show_bug.cgi?id=16729 

        * bindings/js/JSBlobCustom.cpp:
        (WebCore::JSBlobConstructor::constructJSBlob):
        Implement blob constructor.

        * bindings/v8/custom/V8BlobCustom.cpp:
        (WebCore::V8Blob::constructorCallback):
        Implement blob constructor.

        * fileapi/Blob.idl:
        Add constructor to IDL.

        * workers/WorkerContext.idl:
        Add Blob constructor to the worker global object.

2012-04-27  Allan Sandfeld Jensen  <allan.jensen@nokia.com>

        [Qt] Fix minimal build.
        https://bugs.webkit.org/show_bug.cgi?id=85045

        Reviewed by Tor Arne Vestbø.

        Compile LIBXML XML parser even if ENABLE_XSLT is not set.

        * Target.pri:

2012-04-27  Shawn Singh  <shawnsingh@chromium.org>

        Infinite backgroundClipRect should not be scrolled.
        https://bugs.webkit.org/show_bug.cgi?id=84979

        Reviewed by Adrienne Walker.

        Test: compositing/iframes/scroll-fixed-transformed-element.html

        By accidentally scrolling clipRects that should be considered
        "infinite", they were no longer being considered infinite. This
        caused a chain of un-intended code paths that caused fixed
        position elements to stutter when scrolling in Chromium.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::backgroundClipRect):

2012-04-27  Ryosuke Niwa  <rniwa@webkit.org>

        FormatBlock crashes when body element is removed prior to the command execution
        https://bugs.webkit.org/show_bug.cgi?id=84937

        Reviewed by Tony Chang.

        The crash was because because DOM had been modified since the last time selection had been "validated",
        and therefore frame selection's endpoints are no longer visible when we instantiated visibleStart
        and visibleEnd from m_endingSelection of the edit command.

        Fixed the bug by checking the nullity and orphanedness of visible start and visible end directly.
        I suspect we have similar bugs in other commands. The fundamental problem is that the copy constructor
        of VisibleSelection never validates so when a VisibleSelection is passed from one class to another
        (e.g. FrameSelection to EditCommand), we may not adjust end points as needed.

        Test: editing/execCommand/format-block-without-body-crash.html

        * editing/ApplyBlockElementCommand.cpp:
        (WebCore::ApplyBlockElementCommand::doApply):

2012-04-27  Enrica Casucci  <enrica@apple.com>

        REGRESSION(r96257): Deleting a large amount of text is very slow.
        https://bugs.webkit.org/show_bug.cgi?id=83983
        <rdar://problem/10826076>
        
        Reviewed by Ryosuke Niwa.

        The change in r96257 did not cause the performance regression per se,
        but exposed a problem in the way we calculate the offset in container
        node when the anchorType is PositionIsOffsetInAnchor.
        The offset was computed as the minimum between the given offset and
        lastOffsetInNode. If the container has a very large number of children,
        we walk the entire list of child nodes in the container simply to find
        out how many they are.
        Looking through the entire editing code, I found other 2 cases (one
        is only an ASSERT) where we could do a similar optimization.

        No new tests. No behavior change, only performance optimization.

        * dom/Position.cpp:
        (WebCore::Position::computeOffsetInContainerNode):
        * dom/Position.h:
        (WebCore::minOffsetForNode):
        (WebCore::offsetIsBeforeLastNodeOffset):
        * editing/ApplyStyleCommand.cpp:
        (WebCore::ApplyStyleCommand::removeInlineStyle):
        (WebCore::ApplyStyleCommand::mergeEndWithNextIfIdentical):

2012-04-27  Julien Chaffraix  <jchaffraix@webkit.org>

        NULL-deref in RenderBox::clippedOverflowRectForRepaint
        https://bugs.webkit.org/show_bug.cgi?id=84774

        Reviewed by Tony Chang.

        Test: fast/inline/crash-new-continuation-with-outline.html

        The bug comes from trying to repaint the :after content as part of updateBeforeAfterContent.
        The repainting logic would query the yet-to-be-inserted continuation(). Then we would crash in
        RenderBox::clippedOverflowRectForRepaint as we didn't have an enclosingLayer() (which any
        RenderObject in the tree will have).

        The fix is to check in RenderInline::clippedOverflowRectForRepaint that our continuation()
        is properly inserted in the tree. We could check that it isRooted() but it's an overkill here.

        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::clippedOverflowRectForRepaint):

2012-04-27  Antti Koivisto  <antti@apple.com>

        Memory cache pruning should be protected against reentering.
        https://bugs.webkit.org/show_bug.cgi?id=85077

        Reviewed by Alexey Proskuryakov.

        MemoryCache::pruneDeadResourcesToSize() has some ad-hock protection against reentering.
        This patch adds more complete protection.

        * loader/cache/MemoryCache.cpp:
        (WebCore::MemoryCache::MemoryCache):
        (WebCore::MemoryCache::pruneLiveResourcesToSize):
        
            Protect live resource pruning too.

        (WebCore::MemoryCache::pruneDeadResourcesToSize):
        
            Remove the existing weak reentrancy handling in favor of full proctection.

        * loader/cache/MemoryCache.h:
        (MemoryCache):

2012-04-27  Alexander Pavlov  <apavlov@chromium.org>

        Web Inspector: Implement the "Disable JavaScript" option in the settings dialog
        (re-landing r115417 with a test that should work on Windows.)
        https://bugs.webkit.org/show_bug.cgi?id=84946

        Reviewed by Yury Semikhatsky.

        Test: inspector/debugger/disable-script.html

        * inspector/Inspector.json:
        * inspector/InspectorPageAgent.cpp:
        (PageAgentState):
        (WebCore::InspectorPageAgent::enable):
        (WebCore::InspectorPageAgent::disable):
        (WebCore::InspectorPageAgent::getScriptExecutionStatus):
        (WebCore):
        (WebCore::InspectorPageAgent::setScriptExecutionDisabled):
        * inspector/InspectorPageAgent.h:
        * inspector/front-end/Settings.js:
        * inspector/front-end/SettingsScreen.js:
        (WebInspector.SettingsScreen):
        (WebInspector.SettingsScreen.prototype.get _updateScriptDisabledCheckbox):
        (WebInspector.SettingsScreen.prototype._javaScriptDisabledChanged):
        * inspector/front-end/inspector.js:

2012-04-27  Keishi Hattori  <keishi@webkit.org>

        IETC HTML5: verify HTMLDataListElement - instanceof HTMLDataListElement fails.
        https://bugs.webkit.org/show_bug.cgi?id=81196

        Reviewed by Kent Tamura.

        Test: fast/dom/Window/window-properties.html, fast/dom/Window/window-lookup-precedence.html

        HTMLDataListElement should be available on DOMWindow.

        * page/DOMWindow.idl: Added HTMLDataListElement.

2012-04-27  Dimitri Glazkov  <dglazkov@chromium.org>

        Unreviewed, rolling out r115417.
        http://trac.webkit.org/changeset/115417
        https://bugs.webkit.org/show_bug.cgi?id=84946

        Added test is broken on windows.

        * inspector/Inspector.json:
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::enable):
        (WebCore::InspectorPageAgent::disable):
        * inspector/InspectorPageAgent.h:
        * inspector/front-end/Settings.js:
        * inspector/front-end/SettingsScreen.js:
        (WebInspector.SettingsScreen):
        * inspector/front-end/inspector.js:

2012-04-27  Gavin Peters  <gavinp@chromium.org>

        Add new ENABLE_LINK_PRERENDER define to control the Prerendering API
        https://bugs.webkit.org/show_bug.cgi?id=84871

        Reviewed by Adam Barth.

        Prerendering is currently covered by the ENABLE_LINK_PREFETCH macro, but the new Prerendering
        API separates it from prefetching.  Having separate include guards lets ports enable prefetching,
        a relatively easy change, without needing to build the infrastructure for prerendering, which
        is considerably more complicated.

        * Configurations/FeatureDefines.xcconfig:

2012-04-27  Zan Dobersek  <zandobersek@gmail.com>

        [Gtk][DOM Bindings] Feature-protected properties are put under condition guards
        https://bugs.webkit.org/show_bug.cgi?id=85068

        Reviewed by Martin Robinson.

        Generated feature-dependent properties are now present regardless of that
        feature being enabled. On getting or setting that property's value a warning
        is thrown if the feature is not enabled. Additionally, if the generated
        interface is feature-dependant, when getting or setting any property's value
        a warning is thrown if the feature is not enabled.

        No new tests - covered by existing bindings tests.

        * bindings/scripts/CodeGeneratorGObject.pm:
        (GenerateProperty):
        (GenerateProperties):
        * bindings/scripts/test/GObject/WebKitDOMTestInterface.cpp: Rebaseline.
        (webkit_dom_test_interface_set_property):
        (webkit_dom_test_interface_get_property):
        (webkit_dom_test_interface_class_init):
        * bindings/scripts/test/GObject/WebKitDOMTestObj.cpp: Ditto.
        (webkit_dom_test_obj_set_property):
        (webkit_dom_test_obj_get_property):
        (webkit_dom_test_obj_class_init):
        * bindings/scripts/test/GObject/WebKitDOMTestSerializedScriptValueInterface.cpp: Ditto.
        (webkit_dom_test_serialized_script_value_interface_get_property):

2012-04-27  Zan Dobersek  <zandobersek@gmail.com>

        [Gtk][DOM Bindings] Conditional string in implementation file generated in wrong place after 113450
        https://bugs.webkit.org/show_bug.cgi?id=85065

        Reviewed by Martin Robinson.

        Put the condition string in implementation file after the header inclusions. This ensures
        that build errors do not occur when disabling the future that applies to the condition string
        because of WebCore objects and methods that are still in use despite the feature being disabled.

        No new tests - covered by bindings tests.

        * bindings/scripts/CodeGeneratorGObject.pm:
        (WriteData):
        * bindings/scripts/test/GObject/WebKitDOMTestCallback.cpp: Rebaseline generated results.
        * bindings/scripts/test/GObject/WebKitDOMTestInterface.cpp: Ditto.
        * bindings/scripts/test/GObject/WebKitDOMTestSerializedScriptValueInterface.cpp: Ditto.

2012-04-27  Andreas Kling  <kling@webkit.org>

        Avoid mutating Element attribute storage in StepRange constructor.
        <http://webkit.org/b/84797>

        Reviewed by Antti Koivisto.

        Test: fast/selectors/querySelector-in-range-crash.html

        * dom/Attribute.h:

            Add comment about the volatility of references returned by getters.

        * html/StepRange.cpp:
        (WebCore::StepRange::StepRange):

            Replace hasAttribute/getAttribute pair by a single fastGetAttribute.

        * html/HTMLInputElement.cpp:
        (WebCore::HTMLInputElement::updateType):
        (WebCore::HTMLInputElement::value):

            Store the value attribute in an local variable before passing it to sanitizeValue().

2012-04-27  Rob Buis  <rbuis@rim.com>

        SVG inline style of 'marker-*' does not override
        https://bugs.webkit.org/show_bug.cgi?id=84824

        Reviewed by Nikolas Zimmermann.

        Properly handle CSSValueNone for clip-path, filter, mask and marker-* properties. Instead
        of bailing out, set the none value explicitly, since an earlier match may have set it to
        something other than none.

        Tests: svg/custom/inline-style-overrides-clipPath-expected.svg
               svg/custom/inline-style-overrides-clipPath.svg
               svg/custom/inline-style-overrides-filter-expected.svg
               svg/custom/inline-style-overrides-filter.svg
               svg/custom/inline-style-overrides-markers-expected.svg
               svg/custom/inline-style-overrides-markers.svg
               svg/custom/inline-style-overrides-mask-expected.svg
               svg/custom/inline-style-overrides-mask.svg

        * css/SVGCSSStyleSelector.cpp:
        (WebCore::StyleResolver::applySVGProperty):

2012-04-27  Christophe Dumez  <christophe.dumez@intel.com>

        [EFL] media/video-controls-rendering-toggle-display-none.html is failing
        https://bugs.webkit.org/show_bug.cgi?id=84949

        Reviewed by Antonio Gomes.

        Fix volume slider rendering so that the
        media/video-controls-rendering-toggle-display-none.html passes.

        * css/mediaControlsEfl.css:
        (audio::-webkit-media-controls-mute-button, video::-webkit-media-controls-mute-button):
        (audio::-webkit-media-controls-volume-slider-container, video::-webkit-media-controls-volume-slider-container):
        (audio::-webkit-media-controls-volume-slider, video::-webkit-media-controls-volume-slider):

2012-04-27  Nikolas Zimmermann  <nzimmermann@rim.com>

        Support values animation mode with just a single value
        https://bugs.webkit.org/show_bug.cgi?id=85064

        Reviewed by Antti Koivisto.

        values="a" is equal to <set to="a"> per SMIL specification.
        We currently only support values animation if at least two values are given, fix that.

        The reference animations in Dr. Olaf Hoffmanns SVG Animation test suite are mostly using
        values animations, sometimes with only a single value given. Lots of the reference animations
        are broken in trunk w/o this patch and now work as expected.

        See http://hoffmann.bplaced.net/svgtest/index.php?s=en&in=start.

        Test: svg/animations/single-values-animation.html

        * svg/SVGAnimationElement.cpp:
        (WebCore::SVGAnimationElement::calculateKeyTimesForCalcModePaced):
        (WebCore::SVGAnimationElement::currentValuesForValuesAnimation):
        (WebCore::SVGAnimationElement::startedActiveInterval):

2012-04-27  Konrad Piascik  <kpiascik@rim.com>

        Web Inspector: Allow inspection of Web Socket Frames
        https://bugs.webkit.org/show_bug.cgi?id=83282

        Reviewed by Pavel Feldman.

        Tests: http/tests/inspector/web-socket-frame-error.html
               http/tests/inspector/web-socket-frame.html

        * English.lproj/localizedStrings.js: Added new Web Inspector front-end UI strings.
        * Modules/websockets/WebSocketChannel.cpp:  Added InspectorInstrumentation calls to
                                                    the following methods.
        (WebCore::WebSocketChannel::fail):
        (WebCore::WebSocketChannel::processFrame):
        (WebCore::WebSocketChannel::sendFrame):
        * WebCore.gypi: Added new Web Inspector resource file.
        * WebCore.vcproj/WebCore.vcproj: Added new Web Inspector resource file.
        * inspector/Inspector.json: Added new Web Inspector resource file.
        * inspector/InspectorInstrumentation.cpp: Added new methods for instrumenting a Web Socket frame or error.
        (WebCore::InspectorInstrumentation::didReceiveWebSocketFrameImpl):
        (WebCore::InspectorInstrumentation::didReceiveWebSocketFrameErrorImpl):
        (WebCore::InspectorInstrumentation::didSendWebSocketFrameImpl):
        * inspector/InspectorInstrumentation.h:
        (WebCore):
        (InspectorInstrumentation):
        (WebCore::InspectorInstrumentation::didReceiveWebSocketFrame):
        (WebCore::InspectorInstrumentation::didReceiveWebSocketFrameError):
        (WebCore::InspectorInstrumentation::didSendWebSocketFrame):
        * inspector/InspectorResourceAgent.cpp:
        (WebCore::InspectorResourceAgent::didReceiveWebSocketFrame):
        (WebCore):
        (WebCore::InspectorResourceAgent::didSendWebSocketFrame):
        (WebCore::InspectorResourceAgent::didReceiveWebSocketFrameError):
        * inspector/InspectorResourceAgent.h:
        (WebCore):
        (InspectorResourceAgent):
        * inspector/compile-front-end.py: Added new Web Inspector resource file.
        * inspector/front-end/NetworkItemView.js: Added a new View for inspecting Web Socket frames and errors.
        (WebInspector.NetworkItemView):
        * inspector/front-end/NetworkManager.js: Implemented callback called by InspectorResourceAgent for
                                                 the new Web Socket frame and error calls.
        (WebInspector.NetworkDispatcher.prototype.webSocketFrameReceived):
        (WebInspector.NetworkDispatcher.prototype.webSocketFrameSent):
        (WebInspector.NetworkDispatcher.prototype.webSocketFrameError):
        * inspector/front-end/NetworkRequest.js: Added a frames array to a Resource request along
                                                 with accessor and helper methods
        (WebInspector.NetworkRequest):
        (WebInspector.NetworkRequest.prototype.resource):
        (WebInspector.NetworkRequest.prototype.hasFrames):
        (WebInspector.NetworkRequest.prototype.frameLength):
        (WebInspector.NetworkRequest.prototype.getFrame):
        (WebInspector.NetworkRequest.prototype.addFrameError):
        (WebInspector.NetworkRequest.prototype.addFrame):
        (WebInspector.NetworkRequest.prototype._pushFrame):
        * inspector/front-end/ResourceWebSocketFrameView.js: Added to help display Web Socket frame and error data.
        (WebInspector.ResourceWebSocketFrameView):
        * inspector/front-end/WebKit.qrc: Added new Web Inspector resource file.
        * inspector/front-end/inspector.html: Added new Web Inspector resource file.

2012-04-27  Nikolas Zimmermann  <nzimmermann@rim.com>

        Fix repetitions & by animation support for SVGAnimateTransformElement
        https://bugs.webkit.org/show_bug.cgi?id=85051

        Reviewed by Antti Koivisto.

        Repetitions are currently handled by adjusting percentage (percentage += repeatCount).
        This doesn't work for <animateTransform> as each repetition has to be post-multiplied to the animated transform list. Fix that.

        By-animations are equal to values="0;by" animations in SMIL. '0' is the neutral element of addition, which is the _zero_ matrix,
        not the identity matrix for SVGTransform. Add a new construction mode to SVGTransform to be able to construct zero transforms.

        Tests: svg/animations/animateTransform-accumulation-expected.svg
               svg/animations/animateTransform-accumulation.svg
               svg/animations/animateTransform-by-scale-expected.svg
               svg/animations/animateTransform-by-scale.svg
               svg/animations/animateTransform-from-by-from-to-comparision-expected.svg
               svg/animations/animateTransform-from-by-from-to-comparision.svg
               svg/animations/animateTransform-from-by-scale-additive-sum-expected.svg
               svg/animations/animateTransform-from-by-scale-additive-sum.svg
               svg/animations/animateTransform-from-by-scale-expected.svg
               svg/animations/animateTransform-from-by-scale.svg
               svg/animations/animateTransform-rotate-around-point-expected.svg
               svg/animations/animateTransform-rotate-around-point.svg
               svg/animations/animateTransform-skewX-expected.svg
               svg/animations/animateTransform-skewX.svg
               svg/animations/animateTransform-skewY-expected.svg
               svg/animations/animateTransform-skewY.svg
               svg/animations/animateTransform-translate-expected.svg
               svg/animations/animateTransform-translate.svg
               svg/animations/multiple-animateTransform-additive-sum-expected.svg
               svg/animations/multiple-animateTransform-additive-sum.svg

        * svg/SVGAnimateTransformElement.cpp:
        (WebCore::SVGAnimateTransformElement::parseAttribute):
        * svg/SVGAnimatedTransformList.cpp:
        (WebCore::SVGAnimatedTransformListAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedTransformListAnimator::calculateAnimatedValue):
        * svg/SVGAnimationElement.h:
        (WebCore::SVGAnimationElement::adjustFromToListValues):
        * svg/SVGTransform.cpp:
        (WebCore::SVGTransform::SVGTransform):
        * svg/SVGTransform.h:
        * svg/SVGTransformDistance.cpp:
        (WebCore::SVGTransformDistance::SVGTransformDistance):
        (WebCore::SVGTransformDistance::scaledDistance):
        (WebCore::SVGTransformDistance::addSVGTransforms):
        (WebCore::SVGTransformDistance::addToSVGTransform):
        (WebCore::SVGTransformDistance::distance):
        * svg/SVGTransformDistance.h:
        (SVGTransformDistance):

2012-04-27  Nikolas Zimmermann  <nzimmermann@rim.com>

        SVG Animations update baseVal instead of animVal
        https://bugs.webkit.org/show_bug.cgi?id=12437

        Reviewed by Dirk Schulze.

        Cleanup animation code, remove last remaining crufts of the old setAttribute() animation model.
        Now only two animation modes remain: animate SVG DOM animVal properties or CSS properties.

        Stop caching base values per string in SMILTimeContainer, as it breaks additive="sum" for CSS
        properties if the underlying base value is changed from the outside (eg. when calling
        style.fontSize="20px", if font-size was 10px, and we're running an additive by-animation with 50px).

        This requires us to cache the computed style of a SVGElement, without SMIL style property changes,
        in SVGElementRareData, similar to how the computed style itself is cached in ElementRareData.
        To be able to compute the base value for a CSS property at any time, we have to exclude any
        previous animation effects residing in the SMIL animated style properties, per SMIL2/3 specs.

        NOTE: This doesn't change or affect the way CSS Animations/Transitions are applied, we still
              have some bugs in that area, but this patch doesn't address them. The idea is to only
              remove the cache, to pave the way for future additive="sum" patches.

        Tests: svg/animations/change-css-property-while-animating-fill-freeze.html
               svg/animations/change-css-property-while-animating-fill-remove.html

        * dom/Element.cpp:
        (WebCore::Element::recalcStyle):
        * dom/Node.h:
        * svg/SVGAnimateElement.cpp:
        (WebCore::propertyTypesAreConsistent):
        (WebCore::SVGAnimateElement::resetToBaseValue):
        (WebCore::SVGAnimateElement::applyResultsToTarget):
        * svg/SVGAnimateElement.h:
        (SVGAnimateElement):
        * svg/SVGAnimateMotionElement.cpp:
        (WebCore::SVGAnimateMotionElement::resetToBaseValue):
        * svg/SVGAnimateMotionElement.h:
        (SVGAnimateMotionElement):
        * svg/SVGAnimationElement.cpp:
        (WebCore::applyCSSPropertyToTarget):
        (WebCore::SVGAnimationElement::setTargetAttributeAnimatedCSSValue):
        * svg/SVGAnimationElement.h:
        * svg/SVGElement.cpp:
        (WebCore::SVGElement::SVGElement):
        (WebCore::SVGElement::willRecalcStyle):
        (WebCore):
        (WebCore::SVGElement::rareSVGData):
        (WebCore::SVGElement::ensureRareSVGData):
        (WebCore::SVGElement::computedStyle):
        (WebCore::SVGElement::isAnimatableAttribute):
        * svg/SVGElement.h:
        (SVGElement):
        * svg/SVGElementRareData.h:
        (WebCore::SVGElementRareData::SVGElementRareData):
        (WebCore::SVGElementRareData::ensureAnimatedSMILStyleProperties):
        (WebCore::SVGElementRareData::destroyAnimatedSMILStyleProperties):
        (WebCore::SVGElementRareData::overrideComputedStyle):
        (WebCore::SVGElementRareData::setUseOverrideComputedStyle):
        * svg/animation/SMILTimeContainer.cpp:
        (WebCore::SMILTimeContainer::updateAnimations):
        * svg/animation/SMILTimeContainer.h:
        (SMILTimeContainer):
        * svg/animation/SVGSMILElement.h:
        (SVGSMILElement):

2012-04-26  Alexander Pavlov  <apavlov@chromium.org>

        Web Inspector: Implement the "Disable JavaScript" option in the settings dialog
        (re-landing r115323 with a fixed test.)
        https://bugs.webkit.org/show_bug.cgi?id=84946

        Based on user actions in the Inspector frontend, InspectorPageAgent invokes Settings::setScriptEnabled()
        for the associated page to switch the script execution therein.

        Reviewed by Yury Semikhatsky.

        Test: inspector/debugger/disable-script.html

        * inspector/Inspector.json:
        * inspector/InspectorPageAgent.cpp:
        (PageAgentState):
        (WebCore::InspectorPageAgent::enable):
        (WebCore::InspectorPageAgent::disable):
        (WebCore::InspectorPageAgent::getScriptExecutionStatus):
        (WebCore):
        (WebCore::InspectorPageAgent::setScriptExecutionDisabled):
        * inspector/InspectorPageAgent.h:
        * inspector/front-end/Settings.js:
        * inspector/front-end/SettingsScreen.js:
        (WebInspector.SettingsScreen):
        (WebInspector.SettingsScreen.prototype.get _updateScriptDisabledCheckbox):
        (WebInspector.SettingsScreen.prototype._javaScriptDisabledChanged):
        * inspector/front-end/inspector.js:

2012-04-26  Ryosuke Niwa  <rniwa@webkit.org>

        REGRESSION (r94497): Pressing Command+A when inline (Marked Text) is not empty will clean whole content
        https://bugs.webkit.org/show_bug.cgi?id=84501

        Reviewed by Alexey Proskuryakov.

        The bug was caused by setComposition, which is called by cancelComposition, deleting the contents when
        the passed text is empty. Fixed it by not deleting text when canceling compositions. This is okay because
        as the comment above the line suggests, this particular call to TypingCommand::deleteSelection is only useful
        when the confirmed text is empty and the composition text had previously been non-empty.

        Test: editing/input/select-all-clear-input-method.html

        * editing/Editor.cpp:
        (WebCore::Editor::setComposition):

2012-04-26  Keishi Hattori  <keishi@webkit.org>

        datalist: Form control in a <datalist> should be barred from constraint validation
        https://bugs.webkit.org/show_bug.cgi?id=84359

        http://www.whatwg.org/specs/web-apps/current-work/multipage/the-button-element.html#the-datalist-element
        According to this, if an element has a datalist element ancestor, it is barred from constraint validation.

        Reviewed by Kent Tamura.

        Test: fast/forms/datalist/datalist-child-validation.html

        * html/HTMLFormControlElement.cpp:
        (WebCore::HTMLFormControlElement::HTMLFormControlElement):
        (WebCore::HTMLFormControlElement::updateAncestors): Updates the ancestor information.
        (WebCore::HTMLFormControlElement::insertedInto): Invalidates the ancestor information and calls setNeedsWillValidateCheck
        (WebCore::HTMLFormControlElement::removedFrom): Invalidates the ancestor information and calls setNeedsWillValidateCheck
        (WebCore::HTMLFormControlElement::disabled):
        (WebCore::HTMLFormControlElement::recalcWillValidate): Returns false if element has a datalist ancestor.
        (WebCore::HTMLFormControlElement::setNeedsWillValidateCheck): Check if ancestor information is valid too.
        * html/HTMLFormControlElement.h:
        (HTMLFormControlElement):

2012-04-26  Adrienne Walker  <enne@google.com>

        [chromium] Remove unused CCLayerImpl::debugID()
        https://bugs.webkit.org/show_bug.cgi?id=85019

        Reviewed by James Robinson.

        CCLayerSorter used debugID() but it was never set anywhere. Change
        the CCLayerSorter LOG messages to use id(), which does get set.

        * platform/graphics/chromium/cc/CCLayerImpl.h:
        (CCLayerImpl):
        * platform/graphics/chromium/cc/CCLayerSorter.cpp:
        (WebCore::CCLayerSorter::createGraphNodes):
        (WebCore::CCLayerSorter::createGraphEdges):
        (WebCore::CCLayerSorter::sort):

2012-04-26  Nico Weber  <thakis@chromium.org>

        [chromium] Fix C++ language use.
        https://bugs.webkit.org/show_bug.cgi?id=85015

        Reviewed by James Robinson.

        Even though MSVC allows it, a sizeof followed by a non-parenthesized
        typename is not valid C++.

        No functionality change.

        * rendering/RenderThemeChromiumWin.cpp:
        (WebCore):
        (WebCore::getNonClientMetrics):

2012-04-24  James Robinson  <jamesr@chromium.org>

        [chromium] Move ProgramBinding definitions to LayerRendererChromium and normalize naming
        https://bugs.webkit.org/show_bug.cgi?id=84808

        Reviewed by Adrienne Walker.

        The GL programs used are logically part of LayerRendererChromium and not something specific to a layer type,
        since a different renderer would want to use a different thing to render the same layer types. This moves all of
        the ProgramBinding definitions into LayerRendererChromium and gives them consistent names. With the exception of
        CCRenderSurface (noted by an inline comment), these programs are private to LRC.

        This patch also deduplicates programs a bit:
        1.) Video's NativeTexture and RGBA programs were the same thing, folded.
        2.) The TexStretch and TexTransform shaders are basically the same thing, folded together.

        * platform/graphics/chromium/LayerChromium.h:
        (LayerChromium):
        * platform/graphics/chromium/LayerRendererChromium.cpp:
        (WebCore::LayerRendererChromium::drawCheckerboardQuad):
        (WebCore::LayerRendererChromium::drawDebugBorderQuad):
        (WebCore::LayerRendererChromium::drawSolidColorQuad):
        (WebCore::LayerRendererChromium::drawTileQuad):
        (WebCore::LayerRendererChromium::drawYUV):
        (WebCore::LayerRendererChromium::drawRGBA):
        (WebCore::LayerRendererChromium::drawNativeTexture2D):
        (WebCore::LayerRendererChromium::drawStreamTexture):
        (WebCore::LayerRendererChromium::drawTextureQuad):
        (WebCore::LayerRendererChromium::drawHeadsUpDisplay):
        (WebCore::LayerRendererChromium::initializeSharedObjects):
        (WebCore::LayerRendererChromium::tileCheckerboardProgram):
        (WebCore::LayerRendererChromium::solidColorProgram):
        (WebCore::LayerRendererChromium::headsUpDisplayProgram):
        (WebCore::LayerRendererChromium::renderSurfaceProgram):
        (WebCore::LayerRendererChromium::renderSurfaceProgramAA):
        (WebCore::LayerRendererChromium::renderSurfaceMaskProgram):
        (WebCore::LayerRendererChromium::renderSurfaceMaskProgramAA):
        (WebCore::LayerRendererChromium::tileProgram):
        (WebCore::LayerRendererChromium::tileProgramOpaque):
        (WebCore::LayerRendererChromium::tileProgramAA):
        (WebCore::LayerRendererChromium::tileProgramSwizzle):
        (WebCore::LayerRendererChromium::tileProgramSwizzleOpaque):
        (WebCore::LayerRendererChromium::tileProgramSwizzleAA):
        (WebCore::LayerRendererChromium::textureProgramFlip):
        (WebCore::LayerRendererChromium::textureTexRectProgram):
        (WebCore::LayerRendererChromium::textureTexRectProgramFlip):
        (WebCore::LayerRendererChromium::videoRGBAProgram):
        (WebCore::LayerRendererChromium::videoYUVProgram):
        (WebCore::LayerRendererChromium::videoStreamTextureProgram):
        (WebCore::LayerRendererChromium::cleanupSharedObjects):
        * platform/graphics/chromium/LayerRendererChromium.h:
        (WebCore):
        (LayerRendererChromium):
        * platform/graphics/chromium/ShaderChromium.cpp:
        * platform/graphics/chromium/ShaderChromium.h:
        * platform/graphics/chromium/cc/CCHeadsUpDisplay.h:
        (CCHeadsUpDisplay):
        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
        (WebCore):
        * platform/graphics/chromium/cc/CCRenderSurface.cpp:
        (WebCore::CCRenderSurface::copyTextureToFramebuffer):
        (WebCore::CCRenderSurface::drawLayer):
        * platform/graphics/chromium/cc/CCRenderSurface.h:
        (CCRenderSurface):
        * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
        * platform/graphics/chromium/cc/CCTextureLayerImpl.h:
        (CCTextureLayerImpl):
        * platform/graphics/chromium/cc/CCThreadProxy.cpp:
        * platform/graphics/chromium/cc/CCTiledLayerImpl.h:
        (CCTiledLayerImpl):
        * platform/graphics/chromium/cc/CCVideoLayerImpl.h:
        (WebCore):
        (CCVideoLayerImpl):

2012-04-26  Jeffrey Pfau  <jpfau@apple.com>

        Invalid cast in WebCore::HTMLCollection::isAcceptableElement
        https://bugs.webkit.org/show_bug.cgi?id=84626

        Reviewed by Darin Adler.

        Check if the object is an HTMLElement before casting.

        Test: fast/dom/htmlcollection-non-html.html

        * html/HTMLCollection.cpp:
        (WebCore::HTMLCollection::isAcceptableElement):

2012-04-26  Dana Jansens  <danakj@chromium.org>

        [chromium] Some background filters require inflating damage on the surface behind them
        https://bugs.webkit.org/show_bug.cgi?id=84479

        Reviewed by Adrienne Walker.

        A layer with a background blur will expand the damage from pixels in the
        surface below it. We extend the damage tracker to expand damage in a
        surface below such layers.

        Unit test: CCDamageTrackerTest.verifyDamageForBackgroundBlurredChild

        * platform/graphics/chromium/cc/CCDamageTracker.cpp:
        (WebCore::expandPixelOutsetsWithFilters):
        (WebCore):
        (WebCore::expandDamageRectInsideRectWithFilters):
        (WebCore::expandDamageRectWithFilters):
        (WebCore::CCDamageTracker::updateDamageTrackingState):
        (WebCore::CCDamageTracker::trackDamageFromActiveLayers):
        * platform/graphics/chromium/cc/CCDamageTracker.h:
        (CCDamageTracker):

2012-04-26  Simon Fraser  <simon.fraser@apple.com>

        Improve compositing logging output
        https://bugs.webkit.org/show_bug.cgi?id=85010

        Reviewed by Dean Jackson.

        In the compositing log channel output, indent the layers
        based on z-order tree depth. Tabulate the summary, and
        show obligate and secondary backing store area separately.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::updateClipRects):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::RenderLayerCompositor):
        (WebCore::RenderLayerCompositor::updateCompositingLayers):
        (WebCore::RenderLayerCompositor::logLayerInfo):
        (WebCore::RenderLayerCompositor::rebuildCompositingLayerTree):
        (WebCore::RenderLayerCompositor::updateLayerTreeGeometry):
        (WebCore::RenderLayerCompositor::reasonForCompositing):
        * rendering/RenderLayerCompositor.h:
        (RenderLayerCompositor):

2012-04-26  Anders Carlsson  <andersca@apple.com>

        REGRESSION (r115163): Unable to scroll article body with trackpad on altdevblogaday.com blog post
        https://bugs.webkit.org/show_bug.cgi?id=85024
        <rdar://problem/11330758>

        Reviewed by Sam Weinig.

        Fix broken logic in canHaveScrollbars.

        * page/scrolling/ScrollingTreeNode.h:
        (WebCore::ScrollingTreeNode::canHaveScrollbars):

2012-04-24  James Robinson  <jamesr@chromium.org>

        [chromium] Use different CCDrawQuad types for textures vs IOSurfaces
        https://bugs.webkit.org/show_bug.cgi?id=84811

        Reviewed by Adrienne Walker.

        IOSurface and texture backed layers share few properties (only the flipped bool), so it doesn't make a lot of
        sense for them to use the same CCDrawQuad type for both. This splits IOSurfaces out to a dedicated quad type to
        make it easier to understand which bits of state apply to each.

        The logical next step after this is to split the layer type as well, but that will be awkward until bug 84808 is
        resolved.

        * WebCore.gypi:
        * platform/graphics/chromium/LayerRendererChromium.cpp:
        (WebCore::LayerRendererChromium::drawQuad):
        (WebCore::LayerRendererChromium::drawTextureQuad):
        (WebCore):
        (WebCore::LayerRendererChromium::drawIOSurfaceQuad):
        * platform/graphics/chromium/LayerRendererChromium.h:
        (LayerRendererChromium):
        * platform/graphics/chromium/cc/CCDrawQuad.cpp:
        (WebCore::CCDrawQuad::toIOSurfaceDrawQuad):
        (WebCore):
        * platform/graphics/chromium/cc/CCDrawQuad.h:
        (WebCore):
        (CCDrawQuad):
        * platform/graphics/chromium/cc/CCIOSurfaceDrawQuad.cpp: Copied from Source/WebCore/platform/graphics/chromium/cc/CCTextureDrawQuad.cpp.
        (WebCore):
        (WebCore::CCIOSurfaceDrawQuad::create):
        (WebCore::CCIOSurfaceDrawQuad::CCIOSurfaceDrawQuad):
        * platform/graphics/chromium/cc/CCIOSurfaceDrawQuad.h: Copied from Source/WebCore/platform/graphics/chromium/cc/CCTextureDrawQuad.h.
        (WebCore):
        (CCIOSurfaceDrawQuad):
        (WebCore::CCIOSurfaceDrawQuad::flipped):
        (WebCore::CCIOSurfaceDrawQuad::ioSurfaceSize):
        (WebCore::CCIOSurfaceDrawQuad::ioSurfaceTextureId):
        * platform/graphics/chromium/cc/CCTextureDrawQuad.cpp:
        (WebCore::CCTextureDrawQuad::create):
        (WebCore::CCTextureDrawQuad::CCTextureDrawQuad):
        * platform/graphics/chromium/cc/CCTextureDrawQuad.h:
        (CCTextureDrawQuad):
        * platform/graphics/chromium/cc/CCTextureLayerImpl.cpp:
        (WebCore::CCTextureLayerImpl::appendQuads):

2012-04-26  Benjamin Poulain  <bpoulain@apple.com>

        Use WebKit types for the cache of ObjcClass::methodsNamed()
        https://bugs.webkit.org/show_bug.cgi?id=85012

        Reviewed by Geoffrey Garen.

        This patch redefines the method cache ObjcClass to avoid memory allocations in the case of positive match.

        Instead of using the converted name as the key, the original identifier string is used. This shortcuts
        all the other operations when there is a match.

        A side effect is a method can appear multiple times in the cache if it is invoked with different names using
        the escape character "$". An attaquer could bloat the cache with a few hundreds strings.
        In the common case, having each name mapped is an improvment.

        * bridge/objc/objc_class.h:
        (ObjcClass):
        * bridge/objc/objc_class.mm:
        (JSC::Bindings::ObjcClass::ObjcClass):
        (JSC::Bindings::ObjcClass::methodsNamed):

2012-04-26  Ojan Vafai  <ojan@chromium.org>

        Delete dead code in Arena.h/cpp
        https://bugs.webkit.org/show_bug.cgi?id=84997

        Reviewed by Eric Seidel.

        Also cleaned up some style issues. Renamed some single-letter variable names.
        Avoided anything other than totally trivial style changes to be 100% sure
        that there is no change in behavior.

        No new tests. There's no non-style code changes except inlining CLEAR_UNUSED
        and CLEAR_ARENA.

        * platform/Arena.cpp:
        (WebCore):
        (WebCore::CeilingLog2):
        (WebCore::InitArenaPool):
        (WebCore::ArenaAllocate):
        (WebCore::FreeArenaList):
        (WebCore::FinishArenaPool):
        * platform/Arena.h:
        (WebCore):

2012-04-26  Shawn Singh  <shawnsingh@chromium.org>

        Re-implement backFaceVisibility to avoid dealing with perspective w < 0 problem
        https://bugs.webkit.org/show_bug.cgi?id=84059

        Reviewed by Adrienne Walker.

        Unit tests added to CCMathUtilTest.cpp.

        This patch changes the implementation of backFaceIsVisible so that
        it doesn't need to deal with the w < 0 problem from of perspective
        projections. Instead, it is equally correct to simply use the
        inverse-transpose of the matrix, and quickly check the third row,
        third column element. Additionally, it was appropriate to move
        this function into TransformationMatrix itself.

        Making this change fixes some issues related to disappearing
        layers in Chromium (where the compositor incorrectly thought that
        the back face was visible, and skipped the layer).

        * platform/graphics/chromium/cc/CCLayerTreeHostCommon.cpp:
        (WebCore::calculateVisibleLayerRect):
        (WebCore::layerShouldBeSkipped):
        * platform/graphics/transforms/TransformationMatrix.cpp:
        (WebCore::TransformationMatrix::isBackFaceVisible):
        (WebCore):
        * platform/graphics/transforms/TransformationMatrix.h:
        (TransformationMatrix):

2012-04-26  Martin Robinson  <mrobinson@igalia.com>

        [Cairo] Wrap cairo surfaces in a class when storing native images
        https://bugs.webkit.org/show_bug.cgi?id=83611

        Reviewed by Alejandro G. Castro.

        No new tests. This is just a refactoring. This shouldn't change
        functionality.

        Added class that wraps Cairo images surfaces to serve as the "native image"
        type for the Cairo platform. This will allow the addition of caching resampled
        images as well as versions of the image for non-image Cairo backends. Also
        split out BitmapImageCairo.cpp from ImageCairo.cpp since these classes are
        defined in two headers.

        * GNUmakefile.list.am: Added new files.
        * platform/graphics/BitmapImage.h: Added a factory method that takes an image surface to
        reduce code churn.
        * platform/graphics/ImageSource.h: NativeImagePtr is now NativeImageCairo*.
        (WebCore):
        * platform/graphics/cairo/BitmapImageCairo.cpp: Copied from Source/WebCore/platform/graphics/cairo/ImageCairo.cpp.
        * platform/graphics/cairo/GraphicsContext3DCairo.cpp: Updated to reflect use of NativeImageCairo.
        * platform/graphics/cairo/ImageCairo.cpp: Ditto.
        * platform/graphics/cairo/NativeImageCairo.cpp: Added.
        * platform/graphics/cairo/NativeImageCairo.h: Added.
        * platform/graphics/cairo/PatternCairo.cpp: Updated to reflect use of NativeImageCairo.
        * platform/graphics/gtk/ImageGtk.cpp: Ditto.
        * platform/image-decoders/cairo/ImageDecoderCairo.cpp: Ditto.

2012-04-26  Mark Hahnenberg  <mhahnenberg@apple.com>

        [GTK] Massive media tests failures since r115288
        https://bugs.webkit.org/show_bug.cgi?id=84950

        Reviewed by Filip Pizlo.

        No new tests.

        Since the "cross-platform" WebCore timer is at too high of a level in terms of the layers 
        of WebKit for JSC to use, we are not currently able to use it in JSC, thus only those 
        platforms that support CoreFoundation can currently take advantage of the new and improved 
        GC activity timer. We've restored the old code paths for those platforms that don't have 
        CF so that they will at least have the same behavior as before when calling garbageCollectSoon.

        * bindings/js/GCController.cpp: Added back the old WebCore timer along with some 
        if-defs that do away with the WebCore timer on platforms that support CoreFoundation.
        (WebCore::GCController::GCController):
        (WebCore::GCController::garbageCollectSoon):
        (WebCore):
        (WebCore::GCController::gcTimerFired):
        * bindings/js/GCController.h: Ditto.
        (GCController):

2012-04-26  Adam Klein  <adamk@chromium.org>

        Don't include V8Proxy.h in ScriptValue.h when V8GCController is all that's required
        https://bugs.webkit.org/show_bug.cgi?id=84986

        Reviewed by Kentaro Hara.

        This makes it easier to include ScriptValue.h since it greatly reduces
        that header's dependencies.

        * bindings/v8/ScriptValue.h: Changed to include just V8GCController.h and
        removed comment which is redundant with explicit V8GCController references nearby.

2012-04-26  Aaron Colwell  <acolwell@chromium.org>

        Fix missing sourceState change on MEDIA_ERR_SOURCE_NOT_SUPPORTED error.
        https://bugs.webkit.org/show_bug.cgi?id=84996

        Reviewed by Eric Carlson.

        No new tests. http/tests/media/media-source/webm/video-media-source-errors.html was updated to verify that webkitSourceState is always SOURCE_CLOSED when the onerror event fires.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::noneSupported):

2012-04-26  Antti Koivisto  <antti@apple.com>

        Cache parsed stylesheets
        https://bugs.webkit.org/show_bug.cgi?id=85004

        Reviewed by Andreas Kling.

        CSS parsing is 1-2% of WebKit CPU usage on average pages, more on sites with large stylesheets.
        We currently reparse all stylesheets from source text when they are encountered again. In many
        browsing scenarios we can eliminate lot of this by caching the parsed stylesheets. For example 
        it is very common for subpages of a site to share the stylesheets.
        
        This patch enables memory caching for stylesheet loaded using the <link> element. Only stylesheets
        that have no import rules are cacheable for now.
        
        Cached stylesheets are copied on restore so there is no sharing (and no memory wins) yet.
        In the future we will also be able to share the actual data structures between pages for 
        significant memory savings.
        
        After browsing around for a while <5% of the memory cache data was in parsed stylesheets so this
        does not bloat the cache significantly.

        * css/CSSStyleSheet.cpp:
        (WebCore):
        (WebCore::StyleSheetInternal::estimatedSizeInBytes):
        
            Estimate stylesheet size so we can handle decoded data pruning correctly.

        * css/CSSStyleSheet.h:
        (StyleSheetInternal):
        * css/StylePropertySet.cpp:
        (WebCore::StylePropertySet::averageSizeInBytes):
        (WebCore):
        * css/StylePropertySet.h:
        (StylePropertySet):
        * css/StyleRule.cpp:
        (WebCore::StyleRule::averageSizeInBytes):
        (WebCore):
        * css/StyleRule.h:
        (StyleRule):
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::setCSSStyleSheet):
        
            Save and restore parsed stylesheet. The current CSS parse context must be identical to the cached 
            stylesheets. This ensures that the parsing results would be identical.

        * loader/cache/CachedCSSStyleSheet.cpp:
        (WebCore):
        (WebCore::CachedCSSStyleSheet::destroyDecodedData):
        (WebCore::CachedCSSStyleSheet::restoreParsedStyleSheet):
        (WebCore::CachedCSSStyleSheet::saveParsedStyleSheet):
        * loader/cache/CachedCSSStyleSheet.h:
        
            The parsed stylesheet cache is considered decoded data, similar to the image bitmaps. It uses the
            same mechanism for pruning.

        (WebCore):
        (CachedCSSStyleSheet):

2012-04-26  Anders Carlsson  <andersca@apple.com>

        A TileCache should never outlive its WebTileCacheLayer
        https://bugs.webkit.org/show_bug.cgi?id=85008
        <rdar://problem/11141172>

        Reviewed by Andreas Kling.

        Since WebTileCacheLayer objects can be destroyed on the scrolling thread, make sure to delete the TileCache layer
        when the PlatformCALayer is destroyed. This fixes a crash when the tile revalidation timer fires after the WebTileCacheLayer has
        been destroyed, but before the TileCache itself has been destroyed.

        * platform/graphics/ca/mac/PlatformCALayerMac.mm:
        (PlatformCALayer::~PlatformCALayer):
        * platform/graphics/ca/mac/WebTileCacheLayer.h:
        * platform/graphics/ca/mac/WebTileCacheLayer.mm:
        (-[WebTileCacheLayer dealloc]):
        (-[WebTileCacheLayer invalidate]):

2012-04-26  Benjamin Poulain  <bpoulain@apple.com>

        Use String instead of RefPtr<StringImpl> for the cache of ObjcClass
        https://bugs.webkit.org/show_bug.cgi?id=84932

        Reviewed by Andreas Kling.

        The cache with RefPtr<StringImpl*> was added with r115007.

        This patch aims at making the code a little easier to read. By using String,
        one would not need to know the Traits for StringImpl.

        * bridge/objc/objc_class.h:
        (ObjcClass):

2012-04-26  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to wrap() in SerializedScriptValue.cpp
        https://bugs.webkit.org/show_bug.cgi?id=84923

        Reviewed by Nate Chapin.

        The objective is to pass Isolate around in V8 bindings.
        In this bug we pass Isolate to wrap() in SerializedScriptValue.cpp.

        No tests. No change in behavior.

        * bindings/v8/SerializedScriptValue.cpp:

2012-04-26  Hao Zheng  <zhenghao@chromium.org>

        [chromium] Complex text support for Android.
        https://bugs.webkit.org/show_bug.cgi?id=84431

        Complex text support is different on Android from other platforms.
        There are 2 kinds of font on Android: system fonts and fallback fonts.
        System fonts have a name, and are accessible in FontPlatformData.
        Fallback fonts do not have specific names, so they are not accessible
        from WebKit directly. There is one font for each script support.
        To feed Harfbuzz, use a trick to get correct SkTypeface based on script.

        Reviewed by Tony Chang.

        No new tests. Current tests are runnable on Android.

        * platform/graphics/FontCache.h:
        (FontCache): Make ComplexTextController friend of FontCache on Android.
        * platform/graphics/chromium/FontCacheAndroid.cpp:
        (WebCore::FontCache::createFontPlatformData):
        * platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp:
        (WebCore::ComplexTextController::getComplexFontPlatformData):
        (WebCore):
        (WebCore::ComplexTextController::setupFontForScriptRun):
        * platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.h:
        (ComplexTextController):

2012-04-26  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to wrap() (Part2)
        https://bugs.webkit.org/show_bug.cgi?id=84922

        Reviewed by Nate Chapin.

        The objective is to pass Isolate around in V8 bindings.
        This patch passes Isolate to wrap() in custom bindings.

        No tests. No change in behavior.

        * bindings/v8/custom/V8LocationCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8NamedNodeMapCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8SVGPathSegCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8StyleSheetCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8Uint16ArrayCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8Uint32ArrayCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8Uint8ArrayCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8Uint8ClampedArrayCustom.cpp:
        (WebCore::toV8):

2012-04-26  Jon Lee  <jonlee@apple.com>

        [WK2] AlternativeTextClient leaks when the page is destroyed
        https://bugs.webkit.org/show_bug.cgi?id=84307
        <rdar://problem/11328431>

        Reviewed by Enrica Casucci.

        * page/AlternativeTextClient.h: Add pageDestroyed() call, as in EditorClient.
        (AlternativeTextClient):
        * page/Page.cpp:
        (WebCore::Page::~Page): When the page is destroyed, notify the client if it exists.

2012-04-26  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to wrap() (Part1)
        https://bugs.webkit.org/show_bug.cgi?id=84921

        Reviewed by Nate Chapin.

        The objective is to pass Isolate around in V8 bindings.
        This patch passes Isolate to wrap() in custom bindings.

        No tests. No change in behavior.

        * bindings/v8/custom/V8BlobCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8CSSRuleCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8CSSStyleSheetCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8CSSValueCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8DOMStringMapCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8DOMTokenListCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8DataViewCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8EventCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8Float32ArrayCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8Float64ArrayCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8HTMLCollectionCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8ImageDataCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8Int16ArrayCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8Int32ArrayCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8Int8ArrayCustom.cpp:
        (WebCore::toV8):

2012-04-26  Benjamin Poulain  <bpoulain@apple.com>

        ObjcClass::methodsNamed() can leak if buffer is dynamically allocated
        https://bugs.webkit.org/show_bug.cgi?id=84668

        Reviewed by Alexey Proskuryakov.

        Change ObjcClass::methodsNamed() to be based on a vector instead of managing
        the memory manually.

        Tests: platform/mac/plugins/bindings-objc-long-method-name.html
               platform/mac/plugins/bindings-objc-method-name-conversion.html

        * bridge/objc/objc_class.mm:
        (Bindings):
        (JSC::Bindings::convertJSMethodNameToObjc):
        (JSC::Bindings::ObjcClass::methodsNamed):

2012-04-26  Justin Novosad  <junov@chromium.org>

        [Chromium] Single buffered canvas layers with the threaded compositor
        https://bugs.webkit.org/show_bug.cgi?id=80540

        Reviewed by James Robinson.

        Tests:
        CCLayerTreeHostTestWriteLayersRedraw
        CCLayerTreeHostTestWriteLayersAfterVisible
        Canvas2DLayerChromiumTest.testFullLifecycleSingleThreadDeferred
        Canvas2DLayerChromiumTest.testFullLifecycleThreadDeferred
        CCSchedulerTest.VisibilitySwitchWithTextureAcquisition
        CCSchedulerTest.TextureAcquisitionCollision

        Disable double buffering and rate limiting on accelerated canvas
        when the threaded compositor and deferred canvas are enabled.
        Concurrent access to the layer texture by the main renderer thread and
        the compositor thread is avoided by enforcing a lock. The state of the
        lock is maintained by CCSchedulerStateMachine. Write access by the main
        thread is acquired through a signal round trip to the compositor thread,
        which may block the main thread in the event that one or more committed
        layers need to be protected until the compositor completes the requested
        draw. Draws on the impl thread are cancelled if the main thread has
        obtained write access to the texture.  The write access is relinquished
        by the main thread upon commit completion.  The scheduler state machine
        is responsible for preventing the texture lock from causing deadlocks by
        detecting and resolving problematic states.

        * platform/graphics/chromium/Canvas2DLayerChromium.cpp:
        (WebCore::Canvas2DLayerChromium::create):
        (WebCore::Canvas2DLayerChromium::Canvas2DLayerChromium):
        (WebCore::Canvas2DLayerChromium::~Canvas2DLayerChromium):
        (WebCore::Canvas2DLayerChromium::drawingIntoImplThreadTexture):
        (WebCore):
        (WebCore::Canvas2DLayerChromium::setTextureId):
        (WebCore::Canvas2DLayerChromium::setNeedsDisplayRect):
        (WebCore::Canvas2DLayerChromium::update):
        (WebCore::Canvas2DLayerChromium::layerWillDraw):
        (WebCore::Canvas2DLayerChromium::pushPropertiesTo):
        * platform/graphics/chromium/Canvas2DLayerChromium.h:
        * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
        (WebCore::CCLayerTreeHost::acquireLayerTextures):
        (WebCore):
        * platform/graphics/chromium/cc/CCLayerTreeHost.h:
        (CCLayerTreeHost):
        * platform/graphics/chromium/cc/CCProxy.h:
        (CCProxy):
        * platform/graphics/chromium/cc/CCScheduler.cpp:
        (WebCore::CCScheduler::setMainThreadNeedsLayerTextures):
        (WebCore):
        (WebCore::CCScheduler::processScheduledActions):
        * platform/graphics/chromium/cc/CCScheduler.h:
        (CCSchedulerClient):
        (CCScheduler):
        * platform/graphics/chromium/cc/CCSchedulerStateMachine.cpp:
        (WebCore::CCSchedulerStateMachine::CCSchedulerStateMachine):
        (WebCore::CCSchedulerStateMachine::drawSuspendedUntilCommit):
        (WebCore):
        (WebCore::CCSchedulerStateMachine::scheduledToDraw):
        (WebCore::CCSchedulerStateMachine::shouldDraw):
        (WebCore::CCSchedulerStateMachine::shouldAcquireLayerTexturesForMainThread):
        (WebCore::CCSchedulerStateMachine::nextAction):
        (WebCore::CCSchedulerStateMachine::updateState):
        (WebCore::CCSchedulerStateMachine::setMainThreadNeedsLayerTextures):
        * platform/graphics/chromium/cc/CCSchedulerStateMachine.h:
        (CCSchedulerStateMachine):
        * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
        * platform/graphics/chromium/cc/CCThreadProxy.cpp:
        (WebCore::CCThreadProxy::CCThreadProxy):
        (WebCore::CCThreadProxy::beginFrame):
        (WebCore::CCThreadProxy::scheduledActionDrawAndSwapInternal):
        (WebCore):
        (WebCore::CCThreadProxy::acquireLayerTextures):
        (WebCore::CCThreadProxy::acquireLayerTexturesForMainThreadOnImplThread):
        (WebCore::CCThreadProxy::scheduledActionAcquireLayerTexturesForMainThread):
        * platform/graphics/chromium/cc/CCThreadProxy.h:
        (CCThreadProxy):
        * platform/graphics/skia/ImageBufferSkia.cpp:
        (WebCore):
        (WebCore::AcceleratedDeviceContext::AcceleratedDeviceContext):
        (WebCore::AcceleratedDeviceContext::prepareForDraw):
        (AcceleratedDeviceContext):
        (WebCore::createAcceleratedCanvas):
        (WebCore::ImageBuffer::context):

2012-04-26  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to toV8() in SerializedScriptValue.cpp
        https://bugs.webkit.org/show_bug.cgi?id=84918

        Reviewed by Nate Chapin.

        This is the last step to pass Isolate around in
        SerializedScriptValue.cpp. This patch passes Isolate
        to toV8().

        No tests. No change in behavior.

        * bindings/v8/SerializedScriptValue.cpp:

2012-04-26  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to wrapSlow()
        https://bugs.webkit.org/show_bug.cgi?id=84919

        Reviewed by Nate Chapin.

        The objective is to pass Isolate around in V8 bindings.
        In this bug, we pass Isolate to wrapSlow().

        Test: bindings/scripts/test/TestObj.idl etc

        * bindings/scripts/CodeGeneratorV8.pm: Modified as described above.
        (GenerateHeader):
        (GenerateToV8Converters):

        * bindings/scripts/test/V8/V8Float64Array.cpp: Updated run-bindings-tests.
        (WebCore::V8Float64Array::wrapSlow):
        * bindings/scripts/test/V8/V8Float64Array.h:
        (V8Float64Array):
        (WebCore::V8Float64Array::wrap):
        * bindings/scripts/test/V8/V8TestActiveDOMObject.cpp:
        (WebCore::V8TestActiveDOMObject::wrapSlow):
        * bindings/scripts/test/V8/V8TestActiveDOMObject.h:
        (V8TestActiveDOMObject):
        (WebCore::V8TestActiveDOMObject::wrap):
        * bindings/scripts/test/V8/V8TestCustomNamedGetter.cpp:
        (WebCore::V8TestCustomNamedGetter::wrapSlow):
        * bindings/scripts/test/V8/V8TestCustomNamedGetter.h:
        (V8TestCustomNamedGetter):
        (WebCore::V8TestCustomNamedGetter::wrap):
        * bindings/scripts/test/V8/V8TestEventConstructor.cpp:
        (WebCore::V8TestEventConstructor::wrapSlow):
        * bindings/scripts/test/V8/V8TestEventConstructor.h:
        (V8TestEventConstructor):
        (WebCore::V8TestEventConstructor::wrap):
        * bindings/scripts/test/V8/V8TestEventTarget.cpp:
        (WebCore::V8TestEventTarget::wrapSlow):
        * bindings/scripts/test/V8/V8TestEventTarget.h:
        (V8TestEventTarget):
        (WebCore::V8TestEventTarget::wrap):
        * bindings/scripts/test/V8/V8TestInterface.cpp:
        (WebCore::V8TestInterface::wrapSlow):
        * bindings/scripts/test/V8/V8TestInterface.h:
        (V8TestInterface):
        (WebCore::V8TestInterface::wrap):
        * bindings/scripts/test/V8/V8TestMediaQueryListListener.cpp:
        (WebCore::V8TestMediaQueryListListener::wrapSlow):
        * bindings/scripts/test/V8/V8TestMediaQueryListListener.h:
        (V8TestMediaQueryListListener):
        (WebCore::V8TestMediaQueryListListener::wrap):
        * bindings/scripts/test/V8/V8TestNamedConstructor.cpp:
        (WebCore::V8TestNamedConstructor::wrapSlow):
        * bindings/scripts/test/V8/V8TestNamedConstructor.h:
        (V8TestNamedConstructor):
        (WebCore::V8TestNamedConstructor::wrap):
        * bindings/scripts/test/V8/V8TestNode.cpp:
        (WebCore::V8TestNode::wrapSlow):
        * bindings/scripts/test/V8/V8TestNode.h:
        (V8TestNode):
        (WebCore::V8TestNode::wrap):
        * bindings/scripts/test/V8/V8TestObj.cpp:
        (WebCore::V8TestObj::wrapSlow):
        * bindings/scripts/test/V8/V8TestObj.h:
        (V8TestObj):
        (WebCore::V8TestObj::wrap):
        * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.cpp:
        (WebCore::V8TestSerializedScriptValueInterface::wrapSlow):
        * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.h:
        (V8TestSerializedScriptValueInterface):
        (WebCore::V8TestSerializedScriptValueInterface::wrap):

2012-04-25  Antonio Gomes  <agomes@rim.com>

        Add ScrollAnimatorBlackBerry as an extension to ScrollAnimatorNone
        https://bugs.webkit.org/show_bug.cgi?id=84625

        Reviewed by Anders Carlsson.

        Patch adds ScrollAnimatorBlackBerry class as an extension to of
        ScrollAnimatorNone. The main goal here is extending the later to allow
        overscrolling while the animation runs.

        Once the animation finishes, the flag gets reseted and
        ScrollableArea::constrainsScrollingtoContentEdge is set back to the value
        it had before, so this method has to be explicitly called anytime it is wanted.

        * CMakeLists.txt:
        * platform/ScrollAnimator.h:
        (WebCore::ScrollAnimator::animationWillStart):
        (WebCore::ScrollAnimator::animationDidFinish):
        (ScrollAnimator):
        * platform/ScrollAnimatorNone.cpp:
        (WebCore):
        (WebCore::ScrollAnimatorNone::scroll):
        (WebCore::ScrollAnimatorNone::animationTimerFired):
        * platform/blackberry/ScrollAnimatorBlackBerry.cpp: Added.
        (WebCore):
        (WebCore::ScrollAnimator::create):
        (WebCore::ScrollAnimatorBlackBerry::ScrollAnimatorBlackBerry):
        (WebCore::ScrollAnimatorBlackBerry::animationWillStart):
        (WebCore::ScrollAnimatorBlackBerry::animationDidFinish):
        (WebCore::ScrollAnimatorBlackBerry::setDisableConstrainsScrollingToContentEdgeWhileAnimating):
        * platform/blackberry/ScrollAnimatorBlackBerry.h: Added.
        (WebCore):
        (ScrollAnimatorBlackBerry):

2012-04-26  Antonio Gomes  <agomes@rim.com>

        [BlackBerry] Add smooth_scrolling options to CMAKE and enable it for Blackberry
        https://bugs.webkit.org/show_bug.cgi?id=84954

        Reviewed by Daniel Bates.

        Add the default scroll animator to the build system (ScrollAnimatorNone.cpp)

        * CMakeLists.txt:

2012-04-25  Antonio Gomes  <agomes@rim.com>

        Make ScrollView::scrollSize scrollbar-independent
        https://bugs.webkit.org/show_bug.cgi?id=84873

        Reviewed by Anders Carlsson.

        For ports that disable scrollbars creation at FrameView creation time
        ScrollView::scrollSize should still return the scrollable ammount of
        content (if any) if scrolling is not prohibted.

        No new test, but it makes ScrollAnimator work for the BlackBerry port.

        * platform/ScrollView.cpp:
        (WebCore::ScrollView::scrollSize):

2012-04-25  Anders Carlsson  <andersca@apple.com>

        The tile cache should know if a frame view can ever have scrollbars
        https://bugs.webkit.org/show_bug.cgi?id=84888

        Reviewed by Andreas Kling.

        If a frame view has overflow: hidden on its body element we know that the document will most
        likely never be scrolled. The tile cache should know about this so we can optimize.

        * page/FrameView.cpp:
        (WebCore::FrameView::performPostLayoutTasks):
        * platform/graphics/TiledBacking.h:
        (TiledBacking):
        * platform/graphics/ca/mac/TileCache.h:
        (TileCache):
        * platform/graphics/ca/mac/TileCache.mm:
        (WebCore::TileCache::TileCache):
        (WebCore::TileCache::setCanHaveScrollbars):
        (WebCore):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::RenderLayerBacking):

2012-04-26  Ken Buchanan  <kenrb@chromium.org>

        Crash from removal of line break object after layout
        https://bugs.webkit.org/show_bug.cgi?id=75461

        Reviewed by David Hyatt.

        There is a condition where objects can get removed from underneath
        inlines while they represent a line break object in a RootInlineBox
        of an ancestor block. If an intermediary inline has already been
        marked as needing layout, then the line box will not get dirtied
        because dirtyLineFromChangedChild thinks it already has been.

        This patch introduces a new set in RenderObject to indicate whether
        an ancestral line box corresponding to the current line has been
        marked dirty or not. dirtyLinesFromChangedChild() can use this set 
        rather than m_selfNeedsLayout, so it will not be confused if a
        container was dirtied for some other reason that did not affect the
        line box.

        * rendering/RenderLineBoxList.cpp:
        (WebCore::RenderLineBoxList::dirtyLinesFromChangedChild): Use the new
        set rather than m_selfNeedsLayout in the container to determine
        whether to continue propagating upward.
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::s_ancestorLineboxDirtySet): Instantiate the
        static member.
        (WebCore::RenderObject::willBeDestroyed): Clears the object from the
        linebox set when it is being destroyed.
        * rendering/RenderObject.h:
        (WebCore::RenderObject::s_ancestorLineboxDirtySet): Added static
        member set.
        (WebCore::RenderObject::setNeedsLayout): Clears the
        object from the linebox set when layout bits are getting cleared.
        (WebCore::RenderObject::ancestorLineBoxDirty): Added.
        (WebCore::RenderObject::setAncestorLineBoxDirty): Added.

2012-04-26  Christophe Dumez  <christophe.dumez@intel.com>

        [EFL] Enable VIDEO_TRACK feature
        https://bugs.webkit.org/show_bug.cgi?id=84830

        Reviewed by Gustavo Noronha Silva.

        Enable support for VIDEO_TRACK feature by default for EFL port.

        * UseJSC.cmake:
        * bindings/generic/RuntimeEnabledFeatures.cpp:
        (WebCore):

2012-04-26  Antti Koivisto  <antti@apple.com>

        Implement StyleSheetInternal copying
        https://bugs.webkit.org/show_bug.cgi?id=84969

        Reviewed by Andreas Kling.

        We need to be able to copy stylesheets to cache them. Copying is already implement for
        most of the stylesheet data types but StyleSheetInternal::copy() is still missing.
        
        Preparation for stylesheet caching. The copying code is not used yet.

        * css/CSSNamespace.h:
        
            Instead of making it copyable, remove CSSNamespace class.
    
        * css/CSSParser.cpp:
        (WebCore::operator==):
        (WebCore):
        (WebCore::CSSParser::addNamespace):
        
            Avoid ping-ponging to StyleSheetInternal and back to set the default namespace.

        * css/CSSParserMode.h:
        (WebCore):
        (WebCore::operator!=):

            Add equality comparison operator to CSSParseMode. This will be needed to determine
            if a cached copy can be used.
            
        * css/CSSStyleSheet.cpp:
        (WebCore::StyleSheetInternal::StyleSheetInternal):
        (WebCore):
        (WebCore::StyleSheetInternal::isCacheable):
        (WebCore::StyleSheetInternal::parserAddNamespace):
        (WebCore::StyleSheetInternal::determineNamespace):
        
            Use HashMap instead of iterating a linked list of CSSNamespaces.

        (WebCore::StyleSheetInternal::styleSheetChanged):
        
            Add mutation bit.

        * css/CSSStyleSheet.h:
        (WebCore):
        (StyleSheetInternal):
        (WebCore::StyleSheetInternal::copy):
        
            Copy constructor. It only usable for cacheable stylesheets.

2012-04-26  Philip Rogers  <pdr@google.com>

        Fix Skia's SkPathContainsPoint to work with sub-pixel accuracy
        https://bugs.webkit.org/show_bug.cgi?id=84117

        Reviewed by Eric Seidel.

        Because we do hit testing in object-space (i.e., we may see a 0.1px*0.1px path) we
        need to support sub-pixel hit testing in Skia. Skia does not provide analytical
        path hit testing, so hit tests are done by rasterizing a path and checking if a
        specific pixel is drawn. SkPathContainsPoint did not work with sub-pixel values
        because this rasterization was sometimes very small which did not give enough
        resolution to check if the hit test pixel was drawn.

        This patch scales the path to a very large size during hit testing so that Skia's
        raster-based hit testing will work properly. Because Skia avoids unnecessary
        path rasterization, this is actually inexpensive.

        Below is a summary of a performance test on simple and complex paths:
                                                 (before patch, after patch)
        Skia/Chrome 10,000 hit tests on a simple path:  (229ms, 238ms)
        Skia/Chrome 10,000 hit tests on a complex path: (701ms, 704ms)
        For comparison, CG/Safari takes 236ms on the simple path and 466ms on the complex path.
 
        Therefore, this patch introduces small but measurable regression in hit testing
        performance due to scaling the path.

        Test: svg/hittest/svg-small-path.xhtml

        * platform/graphics/skia/SkiaUtils.cpp:
        (WebCore::SkPathContainsPoint):

2012-04-26  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r115323.
        http://trac.webkit.org/changeset/115323
        https://bugs.webkit.org/show_bug.cgi?id=84975

        Bad test, breaks all builds (Requested by apavlov1 on
        #webkit).

        * inspector/Inspector.json:
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::enable):
        (WebCore::InspectorPageAgent::disable):
        * inspector/InspectorPageAgent.h:
        * inspector/front-end/Settings.js:
        * inspector/front-end/SettingsScreen.js:
        (WebInspector.SettingsScreen):
        * inspector/front-end/inspector.js:

2012-04-26  Douglas Stockwell  <dstockwell@chromium.org>

        IndexedDB: cursor does not correctly iterate over keys added and removed during iteration
        https://bugs.webkit.org/show_bug.cgi?id=84467

        Reviewed by Ojan Vafai.

        Ensure that the iterator over the tree of cached adds/removes always points at
        the current key, or if the db iterator is current, the next key:
        
        - When refreshing the tree iterator after a mutation, always seek unless the
        tree iterator is current.
        
        - When handing conflicts and delete markers, only advance the tree iterator as
        far as the db iterator.
        
        Remove the expensive (and now redundant) logic that issued a get() to check
        whether an item had been deleted.

        Test: storage/indexeddb/cursor-added-bug.html

        * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
        (WebCore):
        * platform/leveldb/LevelDBTransaction.cpp:
        (WebCore::LevelDBTransaction::TransactionIterator::refreshTreeIterator):
        (WebCore::LevelDBTransaction::TransactionIterator::handleConflictsAndDeletes):

2012-04-26  Alexander Pavlov  <apavlov@chromium.org>

        Web Inspector: Implement the "Disable JavaScript" option in the settings dialog
        https://bugs.webkit.org/show_bug.cgi?id=84946

        Based on user actions in the Inspector frontend, InspectorPageAgent invokes Settings::setScriptEnabled()
        for the associated page to switch the script execution therein.

        Reviewed by Yury Semikhatsky.

        Test: inspector/debugger/disable-script.html

        * inspector/Inspector.json:
        * inspector/InspectorPageAgent.cpp:
        (PageAgentState):
        (WebCore::InspectorPageAgent::enable):
        (WebCore::InspectorPageAgent::disable):
        (WebCore::InspectorPageAgent::getScriptExecutionStatus):
        (WebCore):
        (WebCore::InspectorPageAgent::setScriptExecutionDisabled):
        * inspector/InspectorPageAgent.h:
        * inspector/front-end/Settings.js:
        * inspector/front-end/SettingsScreen.js:
        (WebInspector.SettingsScreen):
        (WebInspector.SettingsScreen.prototype.get _updateScriptDisabledCheckbox):
        (WebInspector.SettingsScreen.prototype._javaScriptDisabledChanged):
        * inspector/front-end/inspector.js:

2012-04-26  Dominik Röttsches  <dominik.rottsches@linux.intel.com>

        [cairo] CairoGraphicsContext fillRect (with Color) overrides composite operator
        https://bugs.webkit.org/show_bug.cgi?id=84848

        Reviewed by Martin Robinson.

        FillRectWithColor used to be called fillRectSourceOver before r89314
        where this operator still made sense. The way this function is used
        these days doesn't expect the composite operator to be overridden anymore.

        No new tests, covered by existing tests, e.g.
        svg/filters/feDropShadow.svg

        * platform/graphics/cairo/GraphicsContextCairo.cpp:
        (WebCore::fillRectWithColor):

2012-04-26  Nikolas Zimmermann  <nzimmermann@rim.com>

        Fix additive by animations for most SMIL list types
        https://bugs.webkit.org/show_bug.cgi?id=84968

        Reviewed by Antti Koivisto.

        Unify SMIL list animation code, to correctly respect the underlying from value for by-animations.
        Add lots of new tests covering by-animations for all primitives (except AnimatedPath/TransformList).
        AnimatedTransformList is not working correctly yet, and will be covered in a follow-up patch.
        AnimatdPath by-animations are complex, and thus also handled in another follow-up patch.

        Tests: svg/animations/additive-type-by-animation.html
               svg/animations/length-list-animation-expected.svg
               svg/animations/length-list-animation.svg
               svg/animations/svglength-additive-by-1.html
               svg/animations/svglength-additive-by-2.html
               svg/animations/svglength-additive-by-3.html
               svg/animations/svglength-additive-by-4.html
               svg/animations/svglength-additive-by-5.html
               svg/animations/svglength-additive-by-6.html
               svg/animations/svglength-additive-from-by-1.html
               svg/animations/svglength-additive-from-by-2.html
               svg/animations/svglength-additive-from-by-3.html
               svg/animations/svglength-additive-from-by-4.html

        * svg/SVGAnimatedLengthList.cpp:
        (WebCore::SVGAnimatedLengthListAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedLengthListAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedNumberList.cpp:
        (WebCore::SVGAnimatedNumberListAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedNumberListAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedPointList.cpp:
        (WebCore::SVGAnimatedPointListAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedPointListAnimator::calculateAnimatedValue):
        * svg/SVGAnimationElement.h:
        (WebCore::SVGAnimationElement::adjustFromToListValues):

2012-04-26  Antti Koivisto  <antti@apple.com>

        Add copy constructor to CSSSelector
        https://bugs.webkit.org/show_bug.cgi?id=84956

        Reviewed by Anders Carlsson.

        To copy CSSSelectorLists correctly CSSSelector needs a copy constructor.
        
        This will be needed to implement stylesheet caching. The code is not used yet.

        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::createRareData):
        * css/CSSSelector.h:
        (CSSSelector):
        (WebCore::CSSSelector::RareData::create):
        (RareData):
        
            Refcount RareData to make copying easier. This has no significant memory impact, rare data is rare.

        (WebCore::CSSSelector::CSSSelector):
        (WebCore):
        (WebCore::CSSSelector::~CSSSelector):
        * css/CSSSelectorList.cpp:
        (WebCore::CSSSelectorList::CSSSelectorList):
        
            Use copy constructor instead of memcpy (which doesn't work).

2012-04-26  Raphael Kubo da Costa  <rakuco@webkit.org>

        [EFL] Fix the build with DRAG_SUPPORT disabled.
        https://bugs.webkit.org/show_bug.cgi?id=84963

        Reviewed by Antonio Gomes.

        No new tests, build system-related change.

        EventHandlerEfl.cpp always assumed DRAG_SUPPORT was enabled and lacked
        the proper #if ENABLED() checks for some member variables and methods
        conditionally defined in EventHandler.h.

        * page/efl/EventHandlerEfl.cpp:
        (WebCore):

2012-04-26  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: remove stackTrace property from requestWillBeSent - it is already a part of the initiator.
        https://bugs.webkit.org/show_bug.cgi?id=84964

        Reviewed by Yury Semikhatsky.

        * inspector/InspectorResourceAgent.cpp:
        (WebCore::InspectorResourceAgent::willSendRequest):
        * inspector/front-end/ConsoleMessage.js:
        (WebInspector.ConsoleMessageImpl.prototype._formatMessage):
        * inspector/front-end/NetworkManager.js:
        (WebInspector.NetworkDispatcher.prototype.requestWillBeSent):
        (WebInspector.NetworkDispatcher.prototype.requestServedFromMemoryCache):
        (WebInspector.NetworkDispatcher.prototype._appendRedirect):
        (WebInspector.NetworkDispatcher.prototype._createNetworkRequest):
        (get WebInspector):

2012-04-26  Stephen Chenney  <schenney@chromium.org>

        SVG FEConvolveMatrix does not check for invalid property values
        https://bugs.webkit.org/show_bug.cgi?id=84363

        Reviewed by Dirk Schulze.

        Adding code to check for valid input values on SVG feConvolveMatrix properties.
        And adding some of the first effective error reporting for SVG elements.

        Tests: svg/filters/feConvolveMatrix-invalid-targetX-expected.svg
               svg/filters/feConvolveMatrix-invalid-targetX.svg
               svg/filters/feConvolveMatrix-invalid-targetY-expected.svg
               svg/filters/feConvolveMatrix-invalid-targetY.svg
               svg/filters/feConvolveMatrix-negative-kernelUnitLengthX-expected.svg
               svg/filters/feConvolveMatrix-negative-kernelUnitLengthX.svg
               svg/filters/feConvolveMatrix-negative-kernelUnitLengthY-expected.svg
               svg/filters/feConvolveMatrix-negative-kernelUnitLengthY.svg
               svg/filters/feConvolveMatrix-negative-orderX-expected.svg
               svg/filters/feConvolveMatrix-negative-orderX.svg
               svg/filters/feConvolveMatrix-negative-orderY-expected.svg
               svg/filters/feConvolveMatrix-negative-orderY.svg
               svg/filters/feConvolveMatrix-non-integral-order-expected.svg
               svg/filters/feConvolveMatrix-non-integral-order.svg
               svg/filters/feConvolveMatrix-zero-divisor-expected.svg
               svg/filters/feConvolveMatrix-zero-divisor.svg

        * platform/graphics/filters/FEConvolveMatrix.cpp:
        (WebCore::FEConvolveMatrix::FEConvolveMatrix):
        (WebCore::FEConvolveMatrix::setKernelSize):
        (WebCore::FEConvolveMatrix::setDivisor):
        (WebCore::FEConvolveMatrix::setKernelUnitLength):
        * svg/SVGFEConvolveMatrixElement.cpp:
        (WebCore::SVGFEConvolveMatrixElement::parseAttribute):
        (WebCore::SVGFEConvolveMatrixElement::build):

2012-04-26  Allan Sandfeld Jensen  <allan.jensen@nokia.com>

        Move WebKit1 specific conversion of touch-events to WebKit1.
        https://bugs.webkit.org/show_bug.cgi?id=84951

        Reviewed by Kenneth Rohde Christiansen.

        No change in functionality. No new tests. 

        * Target.pri:
        * platform/PlatformTouchEvent.h:
        (PlatformTouchEvent):
        * platform/PlatformTouchPoint.h:
        (PlatformTouchPoint):
        * platform/qt/PlatformTouchEventQt.cpp: Removed.
        * platform/qt/PlatformTouchPointQt.cpp: Removed.

2012-04-26  Nikolas Zimmermann  <nzimmermann@rim.com>

        Share code used to animate numbers types between all animators
        https://bugs.webkit.org/show_bug.cgi?id=84945

        Reviewed by Antti Koivisto.

        Refactor animateAdditiveNumber() from SVGAnimatedNumberAnimator into SVGAnimationElement,
        to reuse it for all primitives. Converted most primitives to use the new code. Lists, paths,
        colors are still todo.

        Doesn't affect any tests.

        * svg/SVGAnimatedAngle.cpp:
        (WebCore::SVGAnimatedAngleAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedInteger.cpp:
        (WebCore::SVGAnimatedIntegerAnimator::calculateAnimatedInteger):
        (WebCore::SVGAnimatedIntegerAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedInteger.h:
        (SVGAnimatedIntegerAnimator):
        * svg/SVGAnimatedIntegerOptionalInteger.cpp:
        (WebCore::SVGAnimatedIntegerOptionalIntegerAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedIntegerOptionalIntegerAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedLength.cpp:
        (WebCore::SVGAnimatedLengthAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedLengthList.cpp:
        (WebCore::SVGAnimatedLengthListAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedNumber.cpp:
        (WebCore::SVGAnimatedNumberAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedNumber.h:
        * svg/SVGAnimatedNumberList.cpp:
        (WebCore::SVGAnimatedNumberListAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedNumberOptionalNumber.cpp:
        (WebCore::SVGAnimatedNumberOptionalNumberAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedNumberOptionalNumberAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedNumberOptionalNumber.h:
        * svg/SVGAnimatedRect.cpp:
        (WebCore::SVGAnimatedRectAnimator::calculateAnimatedValue):
        * svg/SVGAnimationElement.h:
        (WebCore::SVGAnimationElement::animateAdditiveNumber):
        (SVGAnimationElement):

2012-04-26  Ryosuke Niwa  <rniwa@webkit.org>

        Forgotten build fix after r115227.

        * css/StylePropertySet.cpp:
        (WebCore::StylePropertySet::get4Values):

2012-04-26  Mihnea Ovidenie  <mihnea@adobe.com>

        Crash when collecting svg symbol element in named flow.
        https://bugs.webkit.org/show_bug.cgi?id=84493

        Reviewed by David Hyatt.

        Test: fast/regions/symbol-in-named-flow-crash.svg

        * dom/Element.cpp:
        (WebCore::Element::~Element):
        Add an assert that an element that was collected into a named flow was already removed at this point
        (when the document is not in the process of destruction)
        (WebCore::Element::unregisterNamedFlowContentNode):
        Created a new function for unregistering a content node. In the future, this function may be used for
        content nodes from shadow dom.
        (WebCore::Element::detach):
        * dom/Element.h:
        (Element):
        * dom/NodeRenderingContext.cpp:
        (WebCore::NodeRenderingContext::moveToFlowThreadIfNeeded):
        Prevent elements that are part of shadow dom to be collected into a named flow.

2012-04-26  Nikolas Zimmermann  <nzimmermann@rim.com>

        Share code used to animate discrete types between all animators
        https://bugs.webkit.org/show_bug.cgi?id=84853

        Reviewed by Andreas Kling.

        Share by-animation handling for non-additive types in a central method in SVGAnimatedTypeAnimator,
        to be reusable by SVGAnimatedBoolean/Enumeration/PreserveAspectRatio/String. Add a new test covering
        these animations have no effect.

        Test: svg/animations/non-additive-type-by-animation.html

        * svg/SVGAnimateElement.cpp:
        (WebCore::SVGAnimateElement::calculateFromAndByValues):
        (WebCore::SVGAnimateElement::isAdditive):
        * svg/SVGAnimateElement.h:
        (SVGAnimateElement):
        * svg/SVGAnimateMotionElement.cpp:
        (WebCore::SVGAnimateMotionElement::calculateFromAndByValues):
        * svg/SVGAnimatedBoolean.cpp:
        (WebCore::isTrueString):
        (WebCore::SVGAnimatedBooleanAnimator::constructFromString):
        (WebCore::SVGAnimatedBooleanAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedBooleanAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedEnumeration.cpp:
        (WebCore::SVGAnimatedEnumerationAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedEnumerationAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedPreserveAspectRatio.cpp:
        (WebCore::SVGAnimatedPreserveAspectRatioAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedPreserveAspectRatioAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedString.cpp:
        (WebCore::SVGAnimatedStringAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedStringAnimator::calculateAnimatedValue):
        * svg/SVGAnimationElement.cpp:
        (WebCore::SVGAnimationElement::startedActiveInterval):
        * svg/SVGAnimationElement.h:
        (SVGAnimationElement):
        (WebCore::SVGAnimationElement::animateDiscreteType):

2012-04-26  Chris Fleizach2  <cfleizach@apple.com>

        CrashTracer: [USER] 157 crashes in WebProcess at com.apple.WebCore: WebCore::AccessibilityRenderObject::isAttachment const + 29
        https://bugs.webkit.org/show_bug.cgi?id=84463

        Reviewed by Darin Adler.

        Accessibility was not being enabled when WK2 was asking only for the focused UI element.

        No layout test could be written because the WKTestRunner mechanism works differently when asking for this.

        * accessibility/AXObjectCache.cpp:
        (WebCore::AXObjectCache::focusedUIElementForPage):
        (WebCore::AXObjectCache::rootObject):
        (WebCore::AXObjectCache::rootObjectForFrame):

2012-04-25  Dana Jansens  <danakj@chromium.org>

        [chromium] Remove guarded virtual methods from WebFilterOperation API
        https://bugs.webkit.org/show_bug.cgi?id=84926

        Reviewed by James Robinson.

        * WebCore.gypi:
        * platform/chromium/support/WebFilterOperation.cpp: Removed.
        * platform/chromium/support/WebFilterOperations.cpp:
        (WebKit::WebFilterOperations::append):

2012-04-25  Benjamin Poulain  <benjamin@webkit.org>

        Add a version of StringImpl::find() without offset
        https://bugs.webkit.org/show_bug.cgi?id=83968

        Reviewed by Sam Weinig.

        Remove the zero offset of the find() functions on strings.

        * html/parser/XSSAuditor.cpp:
        (WebCore::XSSAuditor::init):
        * platform/network/ResourceResponseBase.cpp:
        (WebCore::trimToNextSeparator):
        (WebCore::parseCacheHeader):

2012-04-25  Mark Hahnenberg  <mhahnenberg@apple.com>

        WebCore shouldn't call collectAllGarbage directly
        https://bugs.webkit.org/show_bug.cgi?id=84897

        Reviewed by Geoffrey Garen.

        No new tests. 

        Currently, GCController calls Heap::collectAllGarbage directly, which leads 
        to an overload of collections as the timer in GCController and the timer in 
        GCActivityCallback compete for collection time and fire independently. As a 
        result, we end up doing almost 600 full collections during an in-browser run 
        of SunSpider, or 20 full collections on a single load of TechCrunch. 

        We can do better by preventing WebCore from calling collectAllGarbage directly 
        and instead going through Heap::reportAbandonedObjectGraph, since that is what 
        WebCore is trying to do--notify the Heap that a lot of garbage may have just 
        been generated when we left a page.

        * WebCore.exp.in:
        * bindings/js/GCController.cpp: Removed all timer stuff.
        (WebCore::GCController::GCController):
        (WebCore::GCController::garbageCollectSoon): Changed to call Heap::reportAbandonedObjectGraph.
        (WebCore::GCController::garbageCollectNow): Changed to still directly call collectAllGarbage.
        We will deprecate this function soon hopefully.
        * bindings/js/GCController.h: Removed timer stuff.
        (GCController):
        * bindings/js/ScriptProfiler.cpp:
        (WebCore::ScriptProfiler::collectGarbage): Changed to call garbageCollectSoon.

2012-04-25  James Robinson  <jamesr@chromium.org>

        [chromium] REGRESSION(112286) Compositor initialization blocks for program compilation / linking
        https://bugs.webkit.org/show_bug.cgi?id=84822

        Reviewed by Adrienne Walker.

        r112286 introduced a subtle regression in the chromium compositor startup sequence - by querying the texture
        copy program's uniform location at the end of LayerRendererChromium::initialize(), the compositor's thread was
        blocked until the service side compiled _all_ eagerly initialized shaders. The intent of the way the compositor
        programs are created is that a set of commonly-used programs are sent to the service side, but no blocking calls
        are made until after we go through the first paint (with the hope that the service side will complete the
        compilation by then).

        Fixed by moving program initialization (which also grabs uniform locations) until the first actual use of the
        copier. It may be worth deferring the program initialization completely if it's not used very often.

        Added unit test in LayerRendererChromiumTests to make sure LRC initialization does not make any
        synchronous calls (like getUniformLocation()).

        * platform/graphics/chromium/TextureCopier.cpp:
        (WebCore::AcceleratedTextureCopier::AcceleratedTextureCopier):
        (WebCore::AcceleratedTextureCopier::copyTexture):

2012-04-25  Jason Liu  <jason.liu@torchmobile.com.cn>

        [BlackBerry] Authenticated proxy isn't working.
        https://bugs.webkit.org/show_bug.cgi?id=84579

        Reviewed by Antonio Gomes.

        We should try to get username and password from WiFi advanced configuration first
        when 407 is received.

        No new tests. This is covered by existing http tests when proxy's username and password
        are configured for WiFi.

        * platform/network/blackberry/NetworkJob.cpp:
        (WebCore::NetworkJob::sendRequestWithCredentials):

2012-04-25  Alec Flett  <alecflett@chromium.org>

        IndexedDB: implement cursor.advance()
        https://bugs.webkit.org/show_bug.cgi?id=84174

        Reviewed by Ojan Vafai.

        Implement IDBCursor.advance() to spec.

        Test: storage/indexeddb/cursor-advance.html

        * Modules/indexeddb/IDBBackingStore.h:
        * Modules/indexeddb/IDBCursor.cpp:
        (WebCore::IDBCursor::advance):
        (WebCore):
        * Modules/indexeddb/IDBCursor.h:
        (IDBCursor):
        * Modules/indexeddb/IDBCursor.idl:
        * Modules/indexeddb/IDBCursorBackendImpl.cpp:
        (WebCore::IDBCursorBackendImpl::advance):
        (WebCore):
        (WebCore::IDBCursorBackendImpl::advanceInternal):
        * Modules/indexeddb/IDBCursorBackendImpl.h:
        (IDBCursorBackendImpl):
        * Modules/indexeddb/IDBCursorBackendInterface.h:
        * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
        (WebCore):

2012-04-24  Adrienne Walker  <enne@google.com>

        [chromium] Hold video provider lock from willDraw to didDraw
        https://bugs.webkit.org/show_bug.cgi?id=84805

        Reviewed by James Robinson.

        * platform/graphics/chromium/cc/CCVideoLayerImpl.cpp:
        (WebCore::CCVideoLayerImpl::willDraw):
        (WebCore):
        (WebCore::CCVideoLayerImpl::willDrawInternal):
        (WebCore::CCVideoLayerImpl::appendQuads):
        (WebCore::CCVideoLayerImpl::didDraw):
        * platform/graphics/chromium/cc/CCVideoLayerImpl.h:

2012-04-25  Adrienne Walker  <enne@google.com>

        [chromium] Prevent CCLayerImpl::willDraw/didDraw mismatches
        https://bugs.webkit.org/show_bug.cgi?id=84812

        Reviewed by James Robinson.

        Because some layers lock/unlock resources, it needs to be guaranteed
        that if willDraw is called on a layer then didDraw will also be called
        on that layer before another willDraw or before layer destruction. Add
        asserts to make sure that this is the case.

        willDraw is called via CCLayerTreeHostImpl::prepareToDraw ->
        calculateRenderPasses. didDraw was previously called in
        CCLayerTreeHostImpl::drawLayers. Sometimes drawLayers was being
        skipped by the caller of these functions based on what prepareToDraw
        returned (causing didDraw to not be called). Fix this by having an
        explicit step to call didDraw on all layers. This new didDrawAllLayers
        function must be called if and only if prepareToDraw is called.

        Tested by existing tests via new asserts in CCLayerImpl.

        * platform/graphics/chromium/cc/CCLayerImpl.cpp:
        (WebCore::CCLayerImpl::CCLayerImpl):
        (WebCore::CCLayerImpl::~CCLayerImpl):
        (WebCore::CCLayerImpl::willDraw):
        (WebCore):
        (WebCore::CCLayerImpl::didDraw):
        * platform/graphics/chromium/cc/CCLayerImpl.h:
        (CCLayerImpl):
        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
        (WebCore::CCLayerTreeHostImpl::drawLayers):
        (WebCore::CCLayerTreeHostImpl::didDrawAllLayers):
        (WebCore):
        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
        (CCLayerTreeHostImpl):
        * platform/graphics/chromium/cc/CCScrollbarLayerImpl.cpp:
        (WebCore::CCScrollbarLayerImpl::willDraw):
        (WebCore::CCScrollbarLayerImpl::didDraw):
        * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
        (WebCore::CCSingleThreadProxy::doComposite):
        * platform/graphics/chromium/cc/CCTextureLayerImpl.cpp:
        (WebCore::CCTextureLayerImpl::willDraw):
        * platform/graphics/chromium/cc/CCThreadProxy.cpp:
        (WebCore::CCThreadProxy::scheduledActionDrawAndSwapInternal):
        * platform/graphics/chromium/cc/CCVideoLayerImpl.cpp:
        (WebCore::CCVideoLayerImpl::willDraw):
        (WebCore::CCVideoLayerImpl::didDraw):

2012-04-24  Kent Tamura  <tkent@chromium.org>

        Calendar Picker: Resize to minimal size to fit the content
        https://bugs.webkit.org/show_bug.cgi?id=84826

        Reviewed by Hajime Morita.

        Using fixed-size popup isn't nice. The calender picker popup size should
        be minimal.

        The minimal size depends on font settings, localized labels, and
        localized formats. So we put visible objects on a transparent element,
        calculate minimal size, resize the popup, then show the objects.

        * Resources/calendarPicker.css:
        (body): Don't use purple. It was for debugging purpose.
        The body is visible for a short period becuse we use transparent element.
        (#main):
         - Add nowrap to avoid text wrapping.
         - Add wider width to avoid wrapping.
         - Add opacity to hide incomplete layout.
        (.year-month-upper): Don't set flexible box yet.
        (.month-selector-box): Fix incorrect display value.
        (.days-area):
        Don't set table-layout:fixed and width:100% in order that it has the
        minimal width.

        * Resources/calendarPicker.js:
        (initialize): Make a new functio to resize.
        (fixWindowSize):
        Compute the required width from the right edge of the next year button,
        the maximum cell width, and so on.  Then, set CSS properties to have
        correct layout.
        (YearMonthController.prototype.attachTo):
        Set min-width property for a long year-month string.
        (YearMonthController.prototype._showPopup):
        Center the _monthPopup vertically.

        * html/shadow/CalendarPickerElement.cpp:
        (WebCore::CalendarPickerElement::contentSize):
        Specify small size for the initial size. It's better than showing a
        large window then shrink the size.
        * page/PagePopupClient.h:
        (PagePopupClient): Remove a false comment. We should support resize*().

2012-04-25  Kent Tamura  <tkent@chromium.org>

        Unreviewed. Sort Xcode project file.

        * WebCore.xcodeproj/project.pbxproj:

2012-04-25  Alpha Lam  <hclam@chromium.org>

        Unreviewed, rolling out r115260.
        http://trac.webkit.org/changeset/115260
        https://bugs.webkit.org/show_bug.cgi?id=84467

        r115260 is crashing a list of IndexDB tests, revert.

        * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
        (WebCore):
        * platform/leveldb/LevelDBTransaction.cpp:
        (WebCore::LevelDBTransaction::TransactionIterator::refreshTreeIterator):
        (WebCore::LevelDBTransaction::TransactionIterator::handleConflictsAndDeletes):
        * platform/leveldb/LevelDBTransaction.h:
        (TransactionIterator):

2012-04-25  James Simonsen  <simonjam@chromium.org>

        [Web Timing] Add a vendor-prefixed Performance Timeline API
        https://bugs.webkit.org/show_bug.cgi?id=80350

        As described here: http://dvcs.w3.org/hg/webperf/raw-file/tip/specs/PerformanceTimeline/Overview.html

        The API is there and should be correct, but it isn't particularly useful,
        because nothing is populated. Upcoming changes will add Navigation Timing
        and Resource Timing.

        Reviewed by Tony Gentilcore.

        No new tests. Functionality is disabled on all platforms.

        * CMakeLists.txt: Added PerformanceEntry* files.
        * DerivedSources.pri: Ditto.
        * GNUmakefile.list.am: Ditto.
        * WebCore.gypi: Ditto.
        * WebCore.vcproj/WebCore.vcproj: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * page/Performance.cpp:
        (WebCore::Performance::webkitGetEntries): Added.
        (WebCore::Performance::webkitGetEntriesByType): Added.
        (WebCore::Performance::webkitGetEntriesByName): Added.
        * page/Performance.h:
        (Performance):
        * page/Performance.idl:
        * page/PerformanceEntry.cpp: Added.
        (WebCore):
        (WebCore::PerformanceEntry::PerformanceEntry):
        (WebCore::PerformanceEntry::name):
        (WebCore::PerformanceEntry::entryType):
        (WebCore::PerformanceEntry::startTime):
        (WebCore::PerformanceEntry::duration):
        * page/PerformanceEntry.h: Added.
        (WebCore):
        (PerformanceEntry):
        * page/PerformanceEntry.idl: Added.
        * page/PerformanceEntryList.cpp: Added.
        (WebCore):
        (WebCore::PerformanceEntryList::PerformanceEntryList):
        (WebCore::PerformanceEntryList::~PerformanceEntryList):
        (WebCore::PerformanceEntryList::length):
        (WebCore::PerformanceEntryList::item):
        (WebCore::PerformanceEntryList::append):
        * page/PerformanceEntryList.h: Added.
        (WebCore):
        (PerformanceEntryList):
        (WebCore::PerformanceEntryList::create):
        * page/PerformanceEntryList.idl: Added.

2012-04-25  Benjamin Poulain  <bpoulain@apple.com>

        Move convertJSMethodNameToObjc() to be a utility function of ObjcClass
        https://bugs.webkit.org/show_bug.cgi?id=84915

        Reviewed by Darin Adler.

        The function convertJSMethodNameToObjc() is only useful for ObjcClass::methodsNamed().

        This patch moves the function from objc_utility.mm to be a static function in objc_class.mm.
        It aims at simplifying the code for future changes of ObjcClass.

        * bridge/objc/objc_class.mm:
        (Bindings):
        (JSC::Bindings::convertJSMethodNameToObjc):
        * bridge/objc/objc_utility.h:
        * bridge/objc/objc_utility.mm:
        (Bindings):

2012-04-25  Kent Tamura  <tkent@chromium.org>

        Unreviewed. Sort Xcode project file.

        * WebCore.xcodeproj/project.pbxproj:

2012-04-25  Greg Billock  <gbillock@google.com>

        Implement object-literal constructor for the Intent object.
        https://bugs.webkit.org/show_bug.cgi?id=84220

        Reviewed by Kentaro Hara.

        The use of the custom constructor will hopefully be temporary, as we plan
        to convert to just using the object literal constructor, which can then use codegen.
        See spec: http://dvcs.w3.org/hg/web-intents/raw-file/tip/spec/Overview.html

        Added support for the service and extras parameters in the Intent
        object to support the speced members in the object literal constructor.

        Added supporting accessor to Dictionary to retrieve a sub-Dictionary,
        and a utility to ScriptValue to serialize with ports.

        Test: webintents/web-intent-obj-constructor.html

        (WebCore):
        * Modules/intents/Intent.cpp:
        (WebCore::Intent::create):
        (WebCore::Intent::Intent):
        (WebCore::Intent::service):
        (WebCore):
        (WebCore::Intent::extras):
        * Modules/intents/Intent.h:
        (WebCore):
        (Intent):
        * Modules/intents/Intent.idl:
        * WebCore.gypi:
        * bindings/v8/Dictionary.cpp:
        (WebCore::Dictionary::get):
        (WebCore):
        * bindings/v8/Dictionary.h:
        (Dictionary):
        * bindings/v8/ScriptValue.cpp:
        (WebCore::ScriptValue::serialize):
        (WebCore):
        * bindings/v8/ScriptValue.h:
        (WTF):
        (WebCore):
        (ScriptValue):
        * bindings/v8/custom/V8IntentConstructor.cpp: Added.
        (WebCore):
        (WebCore::V8Intent::constructorCallback):

2012-04-25  Alexandru Chiculita  <achicu@adobe.com>

        CSS Shaders: Use u_texture instead of s_texture. It was updated in the spec
        https://bugs.webkit.org/show_bug.cgi?id=82618

        Reviewed by Dean Jackson.
        
        Changed the uniform name passed to the CSS Shaders from s_texture to u_texture.
        https://dvcs.w3.org/hg/FXTF/raw-file/tip/filters/index.html

        No new tests, just updating existing ones.

        * platform/graphics/filters/CustomFilterShader.cpp:
        (WebCore::CustomFilterShader::defaultFragmentShaderString):
        (WebCore::CustomFilterShader::initializeParameterLocations):

2012-04-25  Douglas Stockwell  <dstockwell@chromium.org>

        IndexedDB: cursor does not correctly iterate over keys added and removed during iteration
        https://bugs.webkit.org/show_bug.cgi?id=84467

        Reviewed by Ojan Vafai.

        Ensure that the iterator over the tree of cached adds/removes always points at
        the current key, or if the db iterator is current, the next key:
        
        - When refreshing the tree iterator after a mutation, always seek unless the
        tree iterator is current.
        
        - When handing conflicts and delete markers, only advance the tree iterator as
        far as the db iterator.
        
        Remove the expensive (and now redundant) logic that issued a get() to check
        whether an item had been deleted.

        Test: storage/indexeddb/cursor-added-bug.html

        * Modules/indexeddb/IDBLevelDBBackingStore.cpp:
        (WebCore):
        * platform/leveldb/LevelDBTransaction.cpp:
        (WebCore::LevelDBTransaction::TransactionIterator::refreshTreeIterator):
        (WebCore::LevelDBTransaction::TransactionIterator::handleConflictsAndDeletes):

2012-04-25  Antti Koivisto  <antti@apple.com>

        Try to fix build with STYLE_SCOPED enabled.

        Not reviewed.

        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::determineScope):

2012-04-25  Alec Flett  <alecflett@chromium.org>

        IndexedDB: support openCursor(IDBKey)
        https://bugs.webkit.org/show_bug.cgi?id=84652

        Reviewed by Ojan Vafai.

        Add signatures for openCursor/openKeyCursor(IDBKey).

        Test: storage/indexeddb/opencursor-key.html

        * Modules/indexeddb/IDBIndex.cpp:
        (WebCore::IDBIndex::openCursor):
        (WebCore):
        (WebCore::IDBIndex::openKeyCursor):
        * Modules/indexeddb/IDBIndex.h:
        (WebCore::IDBIndex::openCursor):
        (IDBIndex):
        (WebCore::IDBIndex::openKeyCursor):
        * Modules/indexeddb/IDBIndex.idl:
        * Modules/indexeddb/IDBObjectStore.cpp:
        (WebCore::IDBObjectStore::openCursor):
        (WebCore):
        * Modules/indexeddb/IDBObjectStore.h:
        (WebCore::IDBObjectStore::openCursor):
        (IDBObjectStore):
        * Modules/indexeddb/IDBObjectStore.idl:

2012-04-25  Antti Koivisto  <antti@apple.com>

        Remove owner node pointer from StyleSheetInternal 
        https://bugs.webkit.org/show_bug.cgi?id=84882

        Reviewed by Andreas Kling.

        To make sharing between multiple nodes possible StyleSheetInternal should not have a Node pointer.
        
        - Make StyleSheetInternal constructor take CSSParserContext instead of Node*
        - Move owner node pointer to CSSStyleSheet. CSSStyleSheet now acts as a client for StyleSheetInternal.
        
        This gets us closer to being able to cache stylesheet data structures.
        
        * css/CSSImportRule.cpp:
        (WebCore::StyleRuleImport::setCSSStyleSheet):
        (WebCore::StyleRuleImport::requestStyleSheet):
        
            Setup CSSParserContext.
            Remove FIXME about updateBaseURL(). It is no longer possible to change URL of StyleSheetInternal.

        * css/CSSPageRule.cpp:
        (WebCore::CSSPageRule::setSelectorText):
        * css/CSSParser.cpp:
        (WebCore::CSSParserContext::CSSParserContext):
        * css/CSSParserMode.h:
        (CSSParserContext):
    
            Expand CSSParserContext constructors.

        * css/CSSStyleRule.cpp:
        (WebCore::CSSStyleRule::setSelectorText):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::StyleResolver):
        (WebCore::StyleResolver::addAuthorRulesAndCollectUserRulesFromSheets):
        (WebCore::StyleResolver::collectMatchingRulesForList):
        * css/StyleResolver.h:
        (StyleResolver):
        * css/CSSStyleSheet.cpp:

            User stylesheets went back to being CSSStyleSheets. Adapt to that.

        (WebCore::StyleSheetInternal::StyleSheetInternal):
        (WebCore):
        (WebCore::StyleSheetInternal::checkLoaded):
        (WebCore::StyleSheetInternal::startLoadingDynamicSheet):
        (WebCore::StyleSheetInternal::rootStyleSheet):
        (WebCore::StyleSheetInternal::singleOwnerNode):
        (WebCore::StyleSheetInternal::singleOwnerDocument):
        (WebCore::StyleSheetInternal::styleSheetChanged):
        
            The owner node is now located through CSSStyleSheet. Only one client is supported atm.

        (WebCore::StyleSheetInternal::registerClient):
        (WebCore::StyleSheetInternal::unregisterClient):
        
            Register CSSStyleSheets.

        (WebCore::CSSStyleSheet::CSSStyleSheet):
        (WebCore::CSSStyleSheet::~CSSStyleSheet):
        (WebCore::CSSStyleSheet::rules):
        (WebCore::CSSStyleSheet::cssRules):
        (WebCore::CSSStyleSheet::ownerDocument):
        * css/CSSStyleSheet.h:
        (WebCore::StyleSheetInternal::create):
        (WebCore::StyleSheetInternal::createInline):
        (StyleSheetInternal):
        (WebCore::CSSStyleSheet::create):
        (CSSStyleSheet):
        
            Moved m_ownerNode.
            Changed constructors
            Removed setFinalURL(). 

        * css/PropertySetCSSStyleDeclaration.cpp:
        (WebCore::StyleRuleCSSStyleDeclaration::setNeedsStyleRecalc):
        * dom/Document.cpp:
        (WebCore::Document::updateBaseURL):
        
            Instead of setFinalURL, construct a new StyleSheetInternal if the base url ever changes.

        (WebCore::Document::pageUserSheet):
        (WebCore::Document::pageGroupUserSheets):
        (WebCore::Document::addUserSheet):
        (WebCore::Document::elementSheet):
        * dom/Document.h:
        (Document):
        (WebCore::Document::documentUserSheets):
        
            Adapt to the new interface.
            Turned user stylesheets CSSStyleSheets so they can find the owner node.

        * dom/ProcessingInstruction.cpp:
        (WebCore::ProcessingInstruction::setCSSStyleSheet):
        * dom/StyleElement.cpp:
        (WebCore::StyleElement::createSheet):
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::setCSSStyleSheet):
        * inspector/InspectorCSSAgent.cpp:
        (WebCore::SelectorProfile::startSelector):
        (WebCore::InspectorCSSAgent::bindStyleSheet):
        * inspector/InspectorStyleSheet.cpp:
        (WebCore::fillMediaListChain):
        (WebCore::InspectorStyleSheet::ownerDocument):
        * page/PageSerializer.cpp:
        (WebCore::PageSerializer::serializeCSSStyleSheet):

2012-04-25  Adam Klein  <adamk@chromium.org>

        Fix uninitialized variable warnings in PasteboardMac.mm after 115145
        https://bugs.webkit.org/show_bug.cgi?id=84879

        Reviewed by Enrica Casucci.

        * platform/mac/PasteboardMac.mm:
        (WebCore::Pasteboard::getDataSelection): Initialize attributedString to nil.
        (WebCore::Pasteboard::writeSelectionForTypes): ditto.

2012-04-25  Kenneth Russell  <kbr@google.com>

        Delete CanvasPixelArray, ByteArray, JSByteArray and JSC code once unreferenced
        https://bugs.webkit.org/show_bug.cgi?id=83655

        Reviewed by Oliver Hunt.

        Removed last few references to ByteArray, replacing with
        Uint8ClampedArray as necessary, and deleted now-obsolete
        CanvasPixelArray, ByteArray and JSByteArray. Removed code from
        JavaScriptCore special-casing ByteArray.

        No new tests. Did full layout test run on Mac OS; no regressions
        seen from this change.

        * CMakeLists.txt:
        * DerivedSources.pri:
        * ForwardingHeaders/runtime/JSByteArray.h: Removed.
        * GNUmakefile.list.am:
        * PlatformBlackBerry.cmake:
        * Target.pri:
        * UseV8.cmake:
        * WebCore.gypi:
        * WebCore.order:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/v8/SerializedScriptValue.cpp:
        * bindings/v8/V8Binding.h:
        (WebCore::isHostObject):
        * bindings/v8/custom/V8CanvasPixelArrayCustom.cpp: Removed.
        * bindings/v8/custom/V8InjectedScriptHostCustom.cpp:
        (WebCore::V8InjectedScriptHost::typeCallback):
        * bridge/qt/qt_runtime.cpp:
        (JSC::Bindings::isJSUint8ClampedArray):
        (Bindings):
        (JSC::Bindings::valueRealType):
        (JSC::Bindings::convertValueToQVariant):
        (JSC::Bindings::convertQVariantToValue):
        * html/canvas/CanvasPixelArray.cpp: Removed.
        * html/canvas/CanvasPixelArray.h: Removed.
        * html/canvas/CanvasPixelArray.idl: Removed.
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore):
        * platform/graphics/filters/FEConvolveMatrix.h:
        * rendering/svg/RenderSVGResourceMasker.cpp:

2012-04-25  Alpha Lam  <hclam@chromium.org>

        Unreviewed build fix.

        Build fix for compilation failure due to r115243.

        * platform/graphics/chromium/LayerChromium.h:
        (WebCore):

2012-04-25  Ryosuke Niwa  <rniwa@webkit.org>

        Build fix after r115227. Return null string when the string builder is empty
        to match the old behavior.

        * css/StylePropertySet.cpp:
        (WebCore::StylePropertySet::borderPropertyValue):

2012-04-25  Ian Vollick  <vollick@chromium.org>

        [chromium] Add support for animation finished events.
        https://bugs.webkit.org/show_bug.cgi?id=84454

        Reviewed by James Robinson.

        Tested in CCLayerTreeHostTestAnimationFinishedEvents

        * platform/graphics/chromium/GraphicsLayerChromium.cpp:
        (WebCore::GraphicsLayerChromium::willBeDestroyed):
        (WebCore::GraphicsLayerChromium::notifyAnimationFinished):
        (WebCore):
        * platform/graphics/chromium/GraphicsLayerChromium.h:
        * platform/graphics/chromium/LayerChromium.cpp:
        (WebCore::LayerChromium::notifyAnimationStarted):
        (WebCore::LayerChromium::notifyAnimationFinished):
        (WebCore):
        * platform/graphics/chromium/LayerChromium.h:
        (WebCore):
        (LayerChromium):
        * platform/graphics/chromium/cc/CCAnimationEvents.h:
        (WebCore::CCAnimationEvent::CCAnimationEvent):
        (CCAnimationEvent):
        (WebCore):
        * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:
        (WebCore::CCLayerAnimationController::animate):
        (WebCore::CCLayerAnimationController::notifyAnimationStarted):
        (WebCore::CCLayerAnimationController::startAnimationsWaitingForNextTick):
        (WebCore::CCLayerAnimationController::startAnimationsWaitingForStartTime):
        (WebCore::CCLayerAnimationController::startAnimationsWaitingForTargetAvailability):
        (WebCore::CCLayerAnimationController::purgeFinishedAnimations):
        * platform/graphics/chromium/cc/CCLayerAnimationController.h:
        (CCLayerAnimationController):
        * platform/graphics/chromium/cc/CCLayerAnimationDelegate.h:
        (CCLayerAnimationDelegate):
        * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
        (WebCore::CCLayerTreeHost::setAnimationEventsRecursive):

2012-04-25  Enrica Casucci  <enrica@apple.com>

        REGRESSION (r110494): Dragging images from Safari to Finder results in .webloc rather than image file
        https://bugs.webkit.org/show_bug.cgi?id=84878
        <rdar://problem/11155407>
        
        In WebKit2, it could happen to try to start the drag twice, given the asynchronous nature
        of the communication between the UI process and the WebProcess.
        We need to guarantee that we don't do that, otherwise on OS X the pasteboard ownership
        gets changed which affects the promised file types.

        Reviewed by Alexey Proskuryakov.

        * page/EventHandler.cpp:
        (WebCore::EventHandler::handleDrag): Reset m_mouseDownMayStartDrag to false to
        avoid attempting to start another drag.

2012-04-25  Andreas Kling  <kling@webkit.org>

        Remove unused Attribute constructor.

        Semi-knowingly rubber-stamped by Antti Koivisto.

        * dom/Attribute.h:

2012-04-25  Nate Chapin  <japhet@chromium.org>

        Crash in CachedRawResource::didAddClient() due to missing protector.
        https://bugs.webkit.org/show_bug.cgi?id=83632

        Reviewed by Eric Seidel.

        Test: http/tests/xmlhttprequest/access-control-repeated-failed-preflight-crash.html

        * loader/cache/CachedRawResource.cpp:
        (WebCore::CachedRawResource::didAddClient):

2012-04-25  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to SerializedScriptValue::deserialize()
        https://bugs.webkit.org/show_bug.cgi?id=84758

        Reviewed by Nate Chapin.

        The objective is to pass Isolate around. This patch passes
        Isolate to SerializedScriptValue::deserialize().

        No tests. No change in behavior.

        * bindings/v8/custom/V8HistoryCustom.cpp:
        (WebCore::V8History::stateAccessorGetter):
        * bindings/v8/custom/V8IDBAnyCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8MessageEventCustom.cpp:
        (WebCore::V8MessageEvent::dataAccessorGetter):
        * bindings/v8/custom/V8PopStateEventCustom.cpp:
        (WebCore::V8PopStateEvent::stateAccessorGetter):

2012-04-25  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to SerializedScriptValue::create() in custom bindings
        https://bugs.webkit.org/show_bug.cgi?id=84757

        Reviewed by Nate Chapin.

        The objective is to pass Isolate around in V8 bindings.
        This patch passes Isolate to SerializedScriptValue::create()
        in custom bindings.

        No tests. No change in behavior.

        * bindings/v8/custom/V8DOMWindowCustom.cpp:
        (WebCore::handlePostMessageCallback):
        * bindings/v8/custom/V8DedicatedWorkerContextCustom.cpp:
        (WebCore::handlePostMessageCallback):
        * bindings/v8/custom/V8HistoryCustom.cpp:
        (WebCore::V8History::pushStateCallback):
        (WebCore::V8History::replaceStateCallback):
        * bindings/v8/custom/V8MessagePortCustom.cpp:
        (WebCore::handlePostMessageCallback):
        * bindings/v8/custom/V8WorkerCustom.cpp:
        (WebCore::handlePostMessageCallback):

2012-04-25  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to SerializedScriptValue::create() in CodeGeneratorV8.pm
        https://bugs.webkit.org/show_bug.cgi?id=84753

        Reviewed by Nate Chapin.

        The objective is to pass Isolate around in V8 bindings.
        This patch passes Isolate to SerializedScriptValue::create()
        in CodeGeneratorV8.pm.

        Tests: bindings/scripts/test/TestObj.idl
               bindings/scripts/test/TestSerializedScriptValueInterface.idl

        * bindings/scripts/CodeGeneratorV8.pm:
        (GenerateNormalAttrSetter):
        (GenerateParametersCheck):
        (JSValueToNative):

        * bindings/scripts/test/V8/V8TestObj.cpp: Updated run-bindings-tests results.
        (WebCore::TestObjV8Internal::intSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::shortSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::longSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::longLongSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::unsignedIntSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::unsignedShortSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::unsignedLongSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::unsignedLongLongSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::floatSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::doubleSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::booleanSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::voidSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::dateSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::serializedValueCallback):
        * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.cpp:
        (WebCore::TestSerializedScriptValueInterfaceV8Internal::valueAttrSetter):
        (WebCore::TestSerializedScriptValueInterfaceV8Internal::cachedValueAttrSetter):
        (WebCore::TestSerializedScriptValueInterfaceV8Internal::acceptTransferListCallback):
        (WebCore::TestSerializedScriptValueInterfaceV8Internal::multiTransferListCallback):
        (WebCore::V8TestSerializedScriptValueInterface::constructorCallback):

2012-04-25  Kentaro Hara  <haraken@chromium.org>

        [V8] Add m_isolate to SerializedScriptValue::Writer
        and SerializedScriptValue::Reader
        https://bugs.webkit.org/show_bug.cgi?id=84739

        Reviewed by Nate Chapin.

        This is the second step to pass Isolate around
        in SerializedScriptValue. This patch adds m_isolate to
        SerializedScriptValue::Writer and SerializedScriptValue::Reader,
        so that they can use the isolate around. The fix is safe since
        Writer and Reader are guaranteed to be used by one Isolate.

        No tests. No change in behavior.

        * bindings/v8/SerializedScriptValue.cpp:
        (WebCore::SerializedScriptValue::create):
        (WebCore::SerializedScriptValue::nullValue):
        (WebCore::SerializedScriptValue::undefinedValue):
        (WebCore::SerializedScriptValue::booleanValue):
        (WebCore::SerializedScriptValue::numberValue):
        (WebCore::SerializedScriptValue::SerializedScriptValue):
        (WebCore::SerializedScriptValue::deserialize):
        * bindings/v8/SerializedScriptValue.h:
        (SerializedScriptValue):

2012-04-25  Kentaro Hara  <haraken@chromium.org>

        [V8] Make the Isolate* parameter non-optional in setDOMException()
        https://bugs.webkit.org/show_bug.cgi?id=84736

        Reviewed by Nate Chapin.

        Now all setDOMException() callers pass Isolate* to setDOMException().
        This patch makes the Isolate* parameter non-optional.

        No tests. No change in behavior.

        * bindings/v8/V8Proxy.h:
        (V8Proxy):

2012-04-24  Ryosuke Niwa  <rniwa@webkit.org>

        REGRESSION(r112177): listStyleType CSS property gets converted into listStyle
        https://bugs.webkit.org/show_bug.cgi?id=83026

        Reviewed by Darin Adler.

        Fixed the bug by not using shorthand notations when some values are missing.

        However, we still want to return a value when shorthand border property is explicitly
        requested so extract borderPropertyValue with a flag to support both behaviors.

        * css/StylePropertySet.cpp:
        (WebCore::borderPropertyValue): Extracted from getPropertyValue.
        (WebCore::StylePropertySet::getPropertyValue):
        (WebCore::StylePropertySet::get4Values): Don't return values when priority don't match.
        (WebCore::StylePropertySet::getShorthandValue):
        (WebCore::StylePropertySet::getCommonValue): Don't return null string for initial values
        to disambiguate missing values and "initial" in getPropertyValue. Also check propriety.
        (WebCore::StylePropertySet::asText): Support emitting border-width, border-style, and
        border-color when border doesn't work but the former properties do.

2012-04-25  Ian Vollick  <vollick@chromium.org>

        [chromium] Do not clobber synchronized start times.
        https://bugs.webkit.org/show_bug.cgi?id=84605

        Reviewed by James Robinson.

        Tested in CCLayerAnimationControllerTest.doNotClobberStartTimes

        (WebCore):
        * platform/graphics/chromium/cc/CCActiveAnimation.h:
        (CCActiveAnimation):
        (WebCore::CCActiveAnimation::hasSetStartTime):
        * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:
        (WebCore::CCLayerAnimationController::startAnimationsWaitingForNextTick):
        (WebCore::CCLayerAnimationController::startAnimationsWaitingForTargetAvailability):

2012-04-25  Nate Chapin  <japhet@chromium.org>

        REGRESSION (r100311): YummySoup app crashes when trying to print
        https://bugs.webkit.org/show_bug.cgi?id=83918

        Reviewed by Alexey Proskuryakov.

        Test: http/tests/xmlhttprequest/cancel-during-failure-crash.html

        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::didFail): Set m_calledDidFinishLoad when calling
           didFailToLoad() to prevent it from getting called twice if we cancel
           re-entrantly.

2012-04-25  Alexis Menard  <alexis.menard@openbossa.org>

        Not reviewed, fix Windows build after r115215.

        * css/CSSAllInOne.cpp:

2012-04-25  Eric Carlson  <eric.carlson@apple.com>

        Not reviewed, attempt to fix Windows build after r115215.

        * css/CSSAllInOne.cpp: Don't try to include CSSStyleSelector.cpp.

2012-04-25  Mark Pilgrim  <pilgrim@chromium.org>

        [Chromium] Call actualMemoryUsageMB directly
        https://bugs.webkit.org/show_bug.cgi?id=84837

        Reviewed by Kentaro Hara.

        Part of a refactoring series. See tracking bug 82948.

        * bindings/v8/V8DOMWindowShell.cpp:
        (WebCore::reportFatalErrorInV8):
        * bindings/v8/V8GCController.cpp:
        (WebCore):
        * platform/MemoryUsageSupport.cpp:
        (WebCore::MemoryUsageSupport::actualMemoryUsageMB):
        (WebCore):
        * platform/MemoryUsageSupport.h:
        (MemoryUsageSupport):
        * platform/chromium/MemoryUsageSupportChromium.cpp:
        (WebCore::MemoryUsageSupport::actualMemoryUsageMB):
        (WebCore):
        * platform/chromium/PlatformSupport.h:
        (PlatformSupport):

2012-04-25  Alexis Menard  <alexis.menard@openbossa.org>

        Rename CSSStyleSelector files to StyleResolver.
        https://bugs.webkit.org/show_bug.cgi?id=84814

        Reviewed by Antti Koivisto.

        Rename CSSStyleSelector files to match the new class name StyleResolver.
        Update the includes all over the code base to the new name.

        No new tests : renaming files, no behavior changes expected.

        * CMakeLists.txt:
        * GNUmakefile.list.am:
        * Target.pri:
        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSAllInOne.cpp:
        * css/CSSCalculationValue.cpp:
        * css/CSSFontSelector.cpp:
        * css/CSSGradientValue.cpp:
        * css/MediaQueryEvaluator.cpp:
        * css/MediaQueryMatcher.cpp:
        * css/SVGCSSStyleSelector.cpp:
        * css/StyleBuilder.cpp:
        * css/StyleMedia.cpp:
        * css/StyleResolver.cpp: Renamed from Source/WebCore/css/CSSStyleSelector.cpp.
        (WebCore):
        (RuleData):
        (WebCore::RuleData::position):
        (WebCore::RuleData::rule):
        (WebCore::RuleData::selector):
        (WebCore::RuleData::hasFastCheckableSelector):
        (WebCore::RuleData::hasMultipartSelector):
        (WebCore::RuleData::hasRightmostSelectorMatchingHTMLBasedOnRuleHash):
        (WebCore::RuleData::containsUncommonAttributeSelector):
        (WebCore::RuleData::specificity):
        (WebCore::RuleData::linkMatchType):
        (WebCore::RuleData::hasDocumentSecurityOrigin):
        (WebCore::RuleData::isInRegionRule):
        (WebCore::RuleData::descendantSelectorIdentifierHashes):
        (SameSizeAsRuleData):
        (RuleSet):
        (WebCore::RuleSet::create):
        (WebCore::RuleSet::disableAutoShrinkToFit):
        (WebCore::RuleSet::features):
        (WebCore::RuleSet::idRules):
        (WebCore::RuleSet::classRules):
        (WebCore::RuleSet::tagRules):
        (WebCore::RuleSet::shadowPseudoElementRules):
        (WebCore::RuleSet::linkPseudoClassRules):
        (WebCore::RuleSet::focusPseudoClassRules):
        (WebCore::RuleSet::universalRules):
        (WebCore::RuleSet::pageRules):
        (WebCore::RuleSet::RuleSetSelectorPair::RuleSetSelectorPair):
        (RuleSetSelectorPair):
        (WebCore::elementCanUseSimpleDefaultStyle):
        (WebCore::screenEval):
        (WebCore::printEval):
        (WebCore::leftToRightDeclaration):
        (WebCore::rightToLeftDeclaration):
        (WebCore::StyleResolver::StyleResolver):
        (WebCore::StyleResolver::addAuthorRulesAndCollectUserRulesFromSheets):
        (WebCore::makeRuleSet):
        (WebCore::StyleResolver::collectFeatures):
        (WebCore::StyleResolver::determineScope):
        (WebCore::StyleResolver::ruleSetForScope):
        (WebCore::StyleResolver::appendAuthorStylesheets):
        (WebCore::StyleResolver::setupScopeStack):
        (WebCore::StyleResolver::pushScope):
        (WebCore::StyleResolver::popScope):
        (WebCore::StyleResolver::pushParentElement):
        (WebCore::StyleResolver::popParentElement):
        (WebCore::StyleResolver::pushParentShadowRoot):
        (WebCore::StyleResolver::popParentShadowRoot):
        (WebCore::StyleResolver::addKeyframeStyle):
        (WebCore::StyleResolver::~StyleResolver):
        (WebCore::StyleResolver::sweepMatchedPropertiesCache):
        (WebCore::StyleResolver::Features::Features):
        (WebCore::StyleResolver::Features::~Features):
        (WebCore::StyleResolver::Features::add):
        (WebCore::StyleResolver::Features::clear):
        (WebCore::parseUASheet):
        (WebCore::loadFullDefaultStyle):
        (WebCore::loadSimpleDefaultStyle):
        (WebCore::loadViewSourceStyle):
        (WebCore::ensureDefaultStyleSheetsForElement):
        (WebCore::StyleResolver::addMatchedProperties):
        (WebCore::StyleResolver::addElementStyleProperties):
        (WebCore::StyleResolver::collectMatchingRules):
        (WebCore::StyleResolver::collectMatchingRulesForRegion):
        (WebCore::StyleResolver::sortAndTransferMatchedRules):
        (WebCore::StyleResolver::matchScopedAuthorRules):
        (WebCore::StyleResolver::matchAuthorRules):
        (WebCore::StyleResolver::matchUserRules):
        (WebCore::StyleResolver::matchUARules):
        (MatchingUARulesScope):
        (WebCore::MatchingUARulesScope::MatchingUARulesScope):
        (WebCore::MatchingUARulesScope::~MatchingUARulesScope):
        (WebCore::MatchingUARulesScope::isMatchingUARules):
        (WebCore::StyleResolver::collectMatchingRulesForList):
        * css/StyleResolver.h: Renamed from Source/WebCore/css/CSSStyleSelector.h.
        (WebCore):
        (MediaQueryResult):
        (WebCore::MediaQueryResult::MediaQueryResult):
        (StyleResolver):
        (WebCore::StyleResolver::style):
        (WebCore::StyleResolver::parentStyle):
        (WebCore::StyleResolver::rootElementStyle):
        (WebCore::StyleResolver::element):
        (WebCore::StyleResolver::document):
        (WebCore::StyleResolver::fontDescription):
        (WebCore::StyleResolver::parentFontDescription):
        (WebCore::StyleResolver::setFontDescription):
        (WebCore::StyleResolver::setZoom):
        (WebCore::StyleResolver::setEffectiveZoom):
        (WebCore::StyleResolver::setTextSizeAdjust):
        (WebCore::StyleResolver::hasParentNode):
        (WebCore::StyleResolver::pushScope):
        (WebCore::StyleResolver::popScope):
        (WebCore::StyleResolver::setStyle):
        (WebCore::StyleResolver::fontSelector):
        (WebCore::StyleResolver::allVisitedStateChanged):
        (WebCore::StyleResolver::visitedStateChanged):
        (WebCore::StyleResolver::usesSiblingRules):
        (WebCore::StyleResolver::usesFirstLineRules):
        (WebCore::StyleResolver::usesBeforeAfterRules):
        (WebCore::StyleResolver::usesLinkRules):
        (WebCore::StyleResolver::RuleFeature::RuleFeature):
        (RuleFeature):
        (Features):
        (WebCore::StyleResolver::addMatchedRule):
        (WebCore::StyleResolver::MatchRanges::MatchRanges):
        (MatchRanges):
        (WebCore::StyleResolver::MatchedProperties::MatchedProperties):
        (MatchedProperties):
        (WebCore::StyleResolver::MatchResult::MatchResult):
        (MatchResult):
        (WebCore::StyleResolver::MatchOptions::MatchOptions):
        (MatchOptions):
        (WebCore::StyleResolver::isRightPage):
        (WebCore::StyleResolver::styleNotYetAvailable):
        (WebCore::StyleResolver::applyPropertyToRegularStyle):
        (WebCore::StyleResolver::applyPropertyToVisitedLinkStyle):
        (MatchedPropertiesCacheItem):
        (WebCore::StyleResolver::scopeStackIsConsistent):
        (WebCore::StyleResolver::ScopeStackFrame::ScopeStackFrame):
        (ScopeStackFrame):
        * css/WebKitCSSMatrix.cpp:
        * dom/Document.cpp:
        * dom/Element.cpp:
        * dom/Node.cpp:
        * dom/ShadowRoot.cpp:
        * dom/ShadowTree.cpp:
        * dom/StyledElement.cpp:
        * editing/ApplyStyleCommand.cpp:
        * editing/EditingStyle.cpp:
        * editing/Editor.cpp:
        * editing/markup.cpp:
        * history/CachedPage.cpp:
        * html/HTMLDocument.cpp:
        * html/HTMLLinkElement.cpp:
        * html/HTMLOptGroupElement.cpp:
        * html/HTMLOptionElement.cpp:
        * html/ValidationMessage.cpp:
        * html/canvas/CanvasRenderingContext2D.cpp:
        * html/shadow/MediaControlElements.cpp:
        * inspector/InspectorCSSAgent.cpp:
        * inspector/InspectorDOMAgent.cpp:
        * inspector/InspectorStyleSheet.cpp:
        * loader/LinkLoader.cpp:
        * page/DOMWindow.cpp:
        * page/FrameView.cpp:
        * page/Page.cpp:
        * page/animation/KeyframeAnimation.cpp:
        * platform/qt/RenderThemeQt.cpp:
        * platform/qt/RenderThemeQtMobile.cpp:
        * rendering/RenderLayer.cpp:
        * rendering/RenderLayerBacking.cpp:
        * rendering/RenderListBox.cpp:
        * rendering/RenderMenuList.cpp:
        * rendering/RenderObject.cpp:
        * rendering/RenderRegion.cpp:
        * rendering/RenderSlider.cpp:
        * rendering/RenderTextControlSingleLine.cpp:
        * rendering/RenderThemeMac.mm:
        * rendering/RenderThemeSafari.cpp:
        * rendering/style/RenderStyle.cpp:
        * rendering/style/StyleGeneratedImage.cpp:
        * rendering/style/StyleRareNonInheritedData.cpp:
        * rendering/svg/RenderSVGInlineText.cpp:
        * svg/SVGClipPathElement.cpp:
        * svg/SVGElement.cpp:
        * svg/SVGFontFaceElement.cpp:
        * svg/SVGGradientElement.cpp:
        * svg/SVGMaskElement.cpp:
        * svg/SVGUseElement.cpp:

2012-04-25  Crystal Zhang  <haizhang@rim.com>
            https://bugs.webkit.org/show_bug.cgi?id=84875
    
            make-css-file-arrays.pl now only take css files, make it also take js files,
            as for html popups we also need load js files.
    
            Reviewed by Antonio Gomes.
    
            * css/make-css-file-arrays.pl:

2012-04-25  Li Yin  <li.yin@intel.com>

        [chromium][workers] setTargetType(ResourceRequest::TargetIsWorker) is repeatedly called in chromium
        https://bugs.webkit.org/show_bug.cgi?id=84542

        Reviewed by David Levin.

        In chromium platform, the default value of m_targetType is ResourceRequest::TargetIsWorker
        it isn't necessary to call
        worker->m_scriptLoader->setTargetType(ResourceRequest::TargetIsWorker) again in Worker.cpp
        In chromium platform, the m_targettype value determines the priority of resource loaded.

        No new tests because this patch just deletes a repeated code, it can reduce code workload and can't impact any feature.
        If the target type isn't set correctly, the following test maybe fail because of timeout in the chromium.
        fast/workers/storage/multiple-transactions-on-different-handles.html
        fast/workers/storage/multiple-transactions-on-different-handles-sync.html
        fast/workers/storage/interrupt-database.html

        * workers/Worker.cpp:
        (WebCore::Worker::create):

2012-04-25  Yury Semikhatsky  <yurys@chromium.org>

        Web Inspector: move HeapSnapshotLoader into a separate file
        https://bugs.webkit.org/show_bug.cgi?id=84860

        Extracted HeapSnapshotLoader into its own file.

        Reviewed by Pavel Feldman.

        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * inspector/compile-front-end.py:
        * inspector/front-end/HeapSnapshot.js:
        * inspector/front-end/HeapSnapshotLoader.js: Added.
        (WebInspector.HeapSnapshotLoader):
        (WebInspector.HeapSnapshotLoader.prototype._findBalancedCurlyBrackets):
        (WebInspector.HeapSnapshotLoader.prototype.finishLoading):
        (WebInspector.HeapSnapshotLoader.prototype._parseUintArray):
        (WebInspector.HeapSnapshotLoader.prototype._parseStringsArray):
        (WebInspector.HeapSnapshotLoader.prototype.pushJSONChunk):
        * inspector/front-end/WebKit.qrc:
        * inspector/front-end/inspector.html:

2012-04-25  'Pavel Feldman'  <pfeldman@chromium.org>

        Not reviewed: inspector frontend tests fix.

        * inspector/front-end/ScriptsSearchScope.js:

2012-04-25  Ian Vollick  <vollick@chromium.org>

        [chromium] Animations waiting for a synchronized start time should never be marked finished.
        https://bugs.webkit.org/show_bug.cgi?id=84519

        Reviewed by James Robinson.

        Tested in CCLayerAnimationControllerTest.AnimationsWaitingForStartTimeDoNotFinishIfTheyWaitLongerToStartThanTheirDuration

        * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:
        (WebCore::CCLayerAnimationController::tickAnimations):

2012-04-25  Pierre Rossi  <pierre.rossi@gmail.com>

        [SVG] Nothing should be stroked when the stroke-width is 0
        https://bugs.webkit.org/show_bug.cgi?id=83568

        Reviewed by Nikolas Zimmermann.

        The spec states that "A zero value causes no stroke to be painted".
        We should avoid calling functions that could incorrectly paint something
        in that case.

        Test: svg/custom/path-zero-strokewidth.svg

        * rendering/style/SVGRenderStyle.h:
        (WebCore::SVGRenderStyle::hasVisibleStroke):
        * rendering/svg/RenderSVGEllipse.cpp:
        (WebCore::RenderSVGEllipse::strokeShape): Check if the stroke should be visible before painting.
        * rendering/svg/RenderSVGRect.cpp:
        (WebCore::RenderSVGRect::strokeShape): Ditto.
        * rendering/svg/RenderSVGShape.cpp:
        (WebCore::RenderSVGShape::strokeShape): Ditto.
        (WebCore::RenderSVGShape::strokePath): Ditto.
        * rendering/svg/SVGInlineTextBox.cpp:
        (WebCore::SVGInlineTextBox::paint): Dont call paintText for zero-width stroke.
        (WebCore::SVGInlineTextBox::paintDecoration): Ditto.

2012-04-25  Alexis Menard  <alexis.menard@openbossa.org>

        Unfortunately http://trac.webkit.org/changeset/115055 was landed using webkit-patch
        land-from bug but didn't do the right thing, we lost the history.

        This commit is merging back CSSStyleApplyProperty.* and their history, rename the files
        to StyleBuilder and re-apply the two patches on trunk that were apply after the rename.

        Rename CSSStyleSelector class to StyleResolver.
        https://bugs.webkit.org/show_bug.cgi?id=84734

        The name CSSStyleSelector is confusing as it conflicts a bit with
        the CSS concept of selectors. One could think it's an encapsulation
        of the CSS selectors but it's not, in fact this class is responsible
        of finding the RenderStyle for a given element. This is the first patch
        as I will later rename the files, and then rename the local variables.

        Replace occurences of style selector from variables and methods names by style resolver.
        https://bugs.webkit.org/show_bug.cgi?id=84765
        
        Rename methods and variables to follow the new name StyleResolver. It requires to update the
        local variables, methods parameters, and function names to match the new name and to remove
        the concept of "selector" to avoid clashing with the CSS concept. The next and last patch
        will be to rename CSSStyleSelector file and update the includes.

        * css/StyleBuilder.cpp: Replaced with Source/WebCore/css/CSSStyleApplyProperty.cpp.
        (WebCore::ApplyPropertyExpanding::applyInheritValue):
        (WebCore::ApplyPropertyExpanding::applyInitialValue):
        (WebCore::ApplyPropertyExpanding::applyValue):
        (WebCore::ApplyPropertyDefaultBase::applyInheritValue):
        (WebCore::ApplyPropertyDefaultBase::applyInitialValue):
        (WebCore::ApplyPropertyDefaultBase::applyValue):
        (WebCore::ApplyPropertyDefault::applyValue):
        (WebCore::ApplyPropertyNumber::applyValue):
        (WebCore::ApplyPropertyStyleImage::applyValue):
        (WebCore::ApplyPropertyAuto::applyInheritValue):
        (WebCore::ApplyPropertyAuto::applyInitialValue):
        (WebCore::ApplyPropertyAuto::applyValue):
        (WebCore::ApplyPropertyClip::convertToLength):
        (WebCore::ApplyPropertyClip::applyInheritValue):
        (WebCore::ApplyPropertyClip::applyInitialValue):
        (WebCore::ApplyPropertyClip::applyValue):
        (WebCore::ApplyPropertyColor::applyInheritValue):
        (WebCore::ApplyPropertyColor::applyInitialValue):
        (WebCore::ApplyPropertyColor::applyValue):
        (WebCore::ApplyPropertyColor::applyColorValue):
        (WebCore::ApplyPropertyDirection::applyValue):
        (WebCore::ApplyPropertyLength::applyValue):
        (WebCore::ApplyPropertyString::applyValue):
        (WebCore::ApplyPropertyBorderRadius::applyValue):
        (WebCore::ApplyPropertyFillLayer::applyInheritValue):
        (WebCore::ApplyPropertyFillLayer::applyInitialValue):
        (WebCore::ApplyPropertyFillLayer::applyValue):
        (WebCore::ApplyPropertyComputeLength::applyValue):
        (WebCore::ApplyPropertyFont::applyInheritValue):
        (WebCore::ApplyPropertyFont::applyInitialValue):
        (WebCore::ApplyPropertyFont::applyValue):
        (WebCore::ApplyPropertyFontSize::applyInheritValue):
        (WebCore::ApplyPropertyFontSize::applyInitialValue):
        (WebCore::ApplyPropertyFontSize::applyValue):
        (WebCore::ApplyPropertyFontWeight::applyValue):
        (WebCore::ApplyPropertyFontVariantLigatures::applyInheritValue):
        (WebCore::ApplyPropertyFontVariantLigatures::applyInitialValue):
        (WebCore::ApplyPropertyFontVariantLigatures::applyValue):
        (WebCore::ApplyPropertyBorderImage::applyValue):
        (WebCore::ApplyPropertyBorderImageModifier::applyInheritValue):
        (WebCore::ApplyPropertyBorderImageModifier::applyInitialValue):
        (WebCore::ApplyPropertyBorderImageModifier::applyValue):
        (WebCore::ApplyPropertyBorderImageSource::applyValue):
        (WebCore::ApplyPropertyCounter::emptyFunction):
        (WebCore::ApplyPropertyCounter::applyInheritValue):
        (WebCore::ApplyPropertyCounter::applyValue):
        (WebCore::ApplyPropertyCursor::applyInheritValue):
        (WebCore::ApplyPropertyCursor::applyInitialValue):
        (WebCore::ApplyPropertyCursor::applyValue):
        (WebCore::ApplyPropertyTextAlign::applyValue):
        (WebCore::ApplyPropertyTextDecoration::applyValue):
        (WebCore::ApplyPropertyUnicodeBidi::applyValue):
        (WebCore::ApplyPropertyLineHeight::applyValue):
        (WebCore::ApplyPropertyPageSize::applyInheritValue):
        (WebCore::ApplyPropertyPageSize::applyInitialValue):
        (WebCore::ApplyPropertyPageSize::applyValue):
        (WebCore::ApplyPropertyTextEmphasisStyle::applyInheritValue):
        (WebCore::ApplyPropertyTextEmphasisStyle::applyInitialValue):
        (WebCore::ApplyPropertyTextEmphasisStyle::applyValue):
        (WebCore):
        (WebCore::ApplyPropertyAnimation::map):
        (WebCore::ApplyPropertyAnimation::applyInheritValue):
        (WebCore::ApplyPropertyAnimation::applyInitialValue):
        (WebCore::ApplyPropertyAnimation::applyValue):
        (WebCore::ApplyPropertyOutlineStyle::applyInheritValue):
        (WebCore::ApplyPropertyOutlineStyle::applyInitialValue):
        (WebCore::ApplyPropertyOutlineStyle::applyValue):
        (WebCore::ApplyPropertyResize::applyValue):
        (WebCore::ApplyPropertyVerticalAlign::applyValue):
        (WebCore::ApplyPropertyAspectRatio::applyInheritValue):
        (WebCore::ApplyPropertyAspectRatio::applyInitialValue):
        (WebCore::ApplyPropertyAspectRatio::applyValue):
        (WebCore::ApplyPropertyZoom::resetEffectiveZoom):
        (WebCore::ApplyPropertyZoom::applyInheritValue):
        (WebCore::ApplyPropertyZoom::applyInitialValue):
        (WebCore::ApplyPropertyZoom::applyValue):
        (WebCore::ApplyPropertyDisplay::isValidDisplayValue):
        (WebCore::ApplyPropertyDisplay::applyInheritValue):
        (WebCore::ApplyPropertyDisplay::applyInitialValue):
        (WebCore::ApplyPropertyDisplay::applyValue):
        (WebCore::ApplyPropertyFlex::applyInheritValue):
        (WebCore::ApplyPropertyFlex::applyInitialValue):
        (WebCore::ApplyPropertyFlex::applyValue):
        (WebCore::StyleBuilder::StyleBuilder):
        * css/StyleBuilder.h: Replaced with Source/WebCore/css/CSSStyleApplyProperty.h.
        (WebCore):
        (PropertyHandler):
        (WebCore::PropertyHandler::applyInheritValue):
        (WebCore::PropertyHandler::applyInitialValue):
        (WebCore::PropertyHandler::applyValue):

2012-04-25  Eric Carlson  <eric.carlson@apple.com>

        Not reviewed, fix Windows build after r115165.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::updateCompositingLayers): Initialize logging variable.

2012-04-25  Florin Malita  <fmalita@chromium.org>

        [Coverity] Uninitialized fields in RenderSVGShape constructors
        https://bugs.webkit.org/show_bug.cgi?id=84749

        Reviewed by Darin Adler.

        Removing unused RenderSVGShape constructor and field.

        No new tests - no behavior change.

        * rendering/svg/RenderSVGShape.cpp:
        * rendering/svg/RenderSVGShape.h:
        (RenderSVGShape):

2012-04-25  'Pavel Feldman'  <pfeldman@chromium.org>

        Not reviewed: follow up to r115194, removed debug output.

        * inspector/front-end/DebuggerPresentationModel.js:
        (WebInspector.DebuggerPresentationModel.prototype._parsedScriptSource):

2012-04-25  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: extract Linkifier from DebuggerPresentationModel.
        https://bugs.webkit.org/show_bug.cgi?id=84855

        Reviewed by Yury Semikhatsky.

        There is nothing Linkifier needs from the model, extracting as a top-level class.

        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * inspector/compile-front-end.py:
        * inspector/front-end/ConsoleMessage.js:
        * inspector/front-end/ConsoleView.js:
        (WebInspector.ConsoleView):
        * inspector/front-end/DebuggerPresentationModel.js:
        * inspector/front-end/EventListenersSidebarPane.js:
        * inspector/front-end/Linkifier.js: Added.
        (WebInspector.LinkifierFormatter):
        (WebInspector.LinkifierFormatter.prototype.formatLiveAnchor):
        (WebInspector.Linkifier):
        (WebInspector.Linkifier.prototype.linkifyLocation):
        (WebInspector.Linkifier.prototype.linkifyRawLocation):
        (WebInspector.Linkifier.prototype.reset):
        (WebInspector.Linkifier.prototype._updateAnchor):
        (WebInspector.Linkifier.DefaultFormatter):
        (WebInspector.Linkifier.DefaultFormatter.prototype.formatLiveAnchor):
        * inspector/front-end/NetworkPanel.js:
        * inspector/front-end/ObjectPopoverHelper.js:
        (WebInspector.ObjectPopoverHelper.prototype._showObjectPopover.showObjectPopover.):
        (WebInspector.ObjectPopoverHelper.prototype._showObjectPopover):
        * inspector/front-end/ProfileView.js:
        * inspector/front-end/ScriptsSearchScope.js:
        (WebInspector.ScriptsSearchResultsPane):
        * inspector/front-end/TimelinePresentationModel.js:
        (WebInspector.TimelinePresentationModel):
        * inspector/front-end/WebKit.qrc:
        * inspector/front-end/inspector.html:

2012-04-25  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: move sourcemap-agnostic part of the debugger presentation model into the raw debugger.
        https://bugs.webkit.org/show_bug.cgi?id=84852

        Reviewed by Yury Semikhatsky.

        There is no need to keep that much debugging functionality in the debugger presentation model.
        It all perfectly applies to the raw script debugger. Methods for selecting call frames, activating breakpoints
        and paused details were moved to the WebInspector.DebuggerModel.

        * inspector/front-end/BreakpointManager.js:
        (WebInspector.BreakpointManager.prototype._removeBreakpointFromUI):
        * inspector/front-end/CallStackSidebarPane.js:
        (WebInspector.CallStackSidebarPane):
        (WebInspector.CallStackSidebarPane.prototype.update):
        (WebInspector.CallStackSidebarPane.prototype.setSelectedCallFrame):
        (WebInspector.CallStackSidebarPane.prototype._selectedCallFrameIndex):
        (WebInspector.CallStackSidebarPane.prototype._placardSelected):
        (WebInspector.CallStackSidebarPane.Placard):
        (WebInspector.CallStackSidebarPane.Placard.prototype._update):
        * inspector/front-end/ConsoleView.js:
        * inspector/front-end/DebuggerModel.js:
        (WebInspector.DebuggerModel.prototype._globalObjectCleared):
        (WebInspector.DebuggerModel.prototype._didEditScriptSource):
        (WebInspector.DebuggerModel.prototype._setDebuggerPausedDetails):
        (WebInspector.DebuggerModel.prototype._pausedScript):
        (WebInspector.DebuggerModel.prototype._resumedScript):
        (WebInspector.DebuggerModel.prototype.isPaused):
        (WebInspector.DebuggerModel.prototype.setSelectedCallFrame.updateExecutionLine):
        (WebInspector.DebuggerModel.prototype.setSelectedCallFrame):
        (WebInspector.DebuggerModel.prototype.selectedCallFrame):
        (WebInspector.DebuggerModel.prototype.evaluateOnSelectedCallFrame):
        (WebInspector.DebuggerModel.prototype.getSelectedCallFrameVariables.propertiesCollected):
        (WebInspector.DebuggerModel.prototype.getSelectedCallFrameVariables):
        (WebInspector.DebuggerModel.prototype.setBreakpointsActive):
        (WebInspector.DebuggerModel.prototype.breakpointsActive):
        (WebInspector.DebuggerModel.CallFrame):
        (WebInspector.DebuggerModel.CallFrame.prototype.get script):
        (WebInspector.DebuggerModel.CallFrame.prototype.get type):
        (WebInspector.DebuggerModel.CallFrame.prototype.get scopeChain):
        (WebInspector.DebuggerModel.CallFrame.prototype.get this):
        (WebInspector.DebuggerModel.CallFrame.prototype.get functionName):
        (WebInspector.DebuggerModel.CallFrame.prototype.get location):
        (WebInspector.DebuggerModel.CallFrame.prototype.evaluate):
        (WebInspector.DebuggerModel.CallFrame.prototype.createLiveLocation):
        (WebInspector.DebuggerModel.CallFrame.prototype.dispose):
        (WebInspector.DebuggerPausedDetails):
        (WebInspector.DebuggerPausedDetails.prototype.dispose):
        * inspector/front-end/DebuggerPresentationModel.js:
        (WebInspector.DebuggerPresentationModel):
        (WebInspector.DebuggerPresentationModel.prototype.createLiveLocation):
        (WebInspector.DebuggerPresentationModel.prototype._parsedScriptSource):
        (WebInspector.DebuggerPresentationModel.prototype._callFrameSelected):
        (WebInspector.DebuggerPresentationModel.prototype.setScriptSource.didEditScriptSource):
        (WebInspector.DebuggerPresentationModel.prototype.setScriptSource):
        (WebInspector.DebuggerPresentationModel.prototype._debuggerReset):
        * inspector/front-end/JavaScriptSource.js:
        (WebInspector.JavaScriptSource.prototype.setBreakpoint):
        * inspector/front-end/JavaScriptSourceFrame.js:
        (WebInspector.JavaScriptSourceFrame.prototype._resolveObjectForPopover):
        * inspector/front-end/Script.js:
        (WebInspector.Script.prototype.setSourceMapping):
        (WebInspector.Script.prototype.createLiveLocation):
        (WebInspector.Script.Location.prototype.update):
        * inspector/front-end/ScriptMapping.js:
        (WebInspector.LiveLocation):
        (WebInspector.LiveLocation.prototype.update):
        (WebInspector.LiveLocation.prototype.dispose):
        * inspector/front-end/ScriptsPanel.js:
        (WebInspector.ScriptsPanel.prototype._consoleCommandEvaluatedInSelectedCallFrame):
        (WebInspector.ScriptsPanel.prototype._debuggerPaused):
        (WebInspector.ScriptsPanel.prototype._callFrameSelected):
        (WebInspector.ScriptsPanel.prototype._toggleBreakpointsClicked):
        * inspector/front-end/UISourceCode.js:

2012-04-25  Yury Semikhatsky  <yurys@chromium.org>

        Web Inspector: use composite node provider for diff nodes in heap profiler
        https://bugs.webkit.org/show_bug.cgi?id=84849

        Inroduced HeapSnapshotDiffNodesProvider which is basically a composite provider
        combining providers for added and deleted nodes. This allowed to remove custom
        implementation of HeapSnapshotGridNode.prototype.populateChildren.

        Reviewed by Pavel Feldman.

        * inspector/front-end/HeapSnapshot.js:
        (WebInspector.HeapSnapshotNodesProvider.prototype.sort.sortByNodeField): moved index assignment to sortByComparator
        so that it is done only once.
        (WebInspector.HeapSnapshotNodesProvider.prototype.sort.sortByComparator):
        (WebInspector.HeapSnapshotNodesProvider.prototype.sort):
        * inspector/front-end/HeapSnapshotGridNodes.js:
        (WebInspector.HeapSnapshotGridNode):
        (WebInspector.HeapSnapshotGridNode.prototype.populateChildren.callSerialize):
        (WebInspector.HeapSnapshotGridNode.prototype.populateChildren.childrenRetrieved.notify):
        (WebInspector.HeapSnapshotGridNode.prototype.populateChildren.childrenRetrieved):
        (WebInspector.HeapSnapshotGridNode.prototype.populateChildren):
        (WebInspector.HeapSnapshotGridNode.prototype.sort.afterSort):
        (WebInspector.HeapSnapshotGridNode.prototype.sort):
        (WebInspector.HeapSnapshotDiffNodesProvider):
        (WebInspector.HeapSnapshotDiffNodesProvider.prototype.dispose):
        (WebInspector.HeapSnapshotDiffNodesProvider.prototype.isEmpty):
        (WebInspector.HeapSnapshotDiffNodesProvider.prototype.serializeNextItems):
        (WebInspector.HeapSnapshotDiffNodesProvider.prototype.serializeNextItems.didReceiveDeletedItems):
        (WebInspector.HeapSnapshotDiffNodesProvider.prototype.serializeNextItems.didReceiveAddedItems):
        (WebInspector.HeapSnapshotDiffNodesProvider.prototype.sortAndRewind.afterSort):
        (WebInspector.HeapSnapshotDiffNodesProvider.prototype.sortAndRewind):
        (WebInspector.HeapSnapshotDiffNode):
        (WebInspector.HeapSnapshotDiffNode._createProvider):
        (WebInspector.HeapSnapshotDiffNode.prototype._createChildNode):

2012-04-25  Nikolas Zimmermann  <nzimmermann@rim.com>

        Refactor to/from/animatedType creation, to share more code between animators
        https://bugs.webkit.org/show_bug.cgi?id=84846

        Reviewed by Antti Koivisto.

        Share more code bewteen animators, doesn't change functionality yet, except for one bug in SVGAnimatedString.
        SVGAnimatedString used to mutate the from/to values during animation, leading to problems in animate-element-31-t.svg.
        It now needs a rebaseline, now that this bug is fixed as side-effect.

        * svg/SVGAnimateColorElement.cpp:
        (WebCore::attributeValueIsCurrentColor):
        (WebCore::SVGAnimateColorElement::determinePropertyValueTypes):
        (WebCore):
        * svg/SVGAnimateColorElement.h:
        (SVGAnimateColorElement):
        * svg/SVGAnimateElement.cpp:
        (WebCore::SVGAnimateElement::SVGAnimateElement):
        * svg/SVGAnimateElement.h:
        (SVGAnimateElement):
        * svg/SVGAnimatedAngle.cpp:
        (WebCore::SVGAnimatedAngleAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedBoolean.cpp:
        (WebCore::SVGAnimatedBooleanAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedColor.cpp:
        (WebCore::adjustForCurrentColor):
        (WebCore):
        (WebCore::parseColorFromString):
        (WebCore::SVGAnimatedColorAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedEnumeration.cpp:
        (WebCore::SVGAnimatedEnumerationAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedInteger.cpp:
        (WebCore::SVGAnimatedIntegerAnimator::calculateAnimatedInteger):
        (WebCore::SVGAnimatedIntegerAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedIntegerOptionalInteger.cpp:
        (WebCore::SVGAnimatedIntegerOptionalIntegerAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedLength.cpp:
        (WebCore::parseLengthFromString):
        (WebCore):
        (WebCore::SVGAnimatedLengthAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedLengthList.cpp:
        (WebCore::parseLengthListFromString):
        (WebCore):
        (WebCore::SVGAnimatedLengthListAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedNumber.cpp:
        (WebCore::parseNumberFromString):
        (WebCore):
        (WebCore::SVGAnimatedNumberAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedNumberList.cpp:
        (WebCore::SVGAnimatedNumberListAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedNumberOptionalNumber.cpp:
        (WebCore::SVGAnimatedNumberOptionalNumberAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedPointList.cpp:
        (WebCore::SVGAnimatedPointListAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedPreserveAspectRatio.cpp:
        (WebCore::SVGAnimatedPreserveAspectRatioAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedRect.cpp:
        (WebCore::SVGAnimatedRectAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedString.cpp:
        (WebCore::parseStringFromString):
        (WebCore):
        (WebCore::SVGAnimatedStringAnimator::calculateAnimatedValue):
        * svg/SVGAnimatedTransformList.cpp:
        (WebCore::SVGAnimatedTransformListAnimator::calculateAnimatedValue):
        * svg/SVGAnimationElement.cpp:
        (WebCore::SVGAnimationElement::SVGAnimationElement):
        (WebCore::SVGAnimationElement::adjustForInheritance):
        (WebCore):
        (WebCore::inheritsFromProperty):
        (WebCore::SVGAnimationElement::determinePropertyValueTypes):
        * svg/SVGAnimationElement.h:
        (WebCore::SVGAnimationElement::fromPropertyValueType):
        (WebCore::SVGAnimationElement::toPropertyValueType):
        (SVGAnimationElement):
        (WebCore::SVGAnimationElement::adjustForInheritance):
        (WebCore::SVGAnimationElement::adjustFromToValues):
        (WebCore::SVGAnimationElement::adjustFromToListValues):

2012-04-25  Nikolas Zimmermann  <nzimmermann@rim.com>

        Share single calculateFromToValues/calculateFromByValues between all SVGAnimatedTypeAnimators
        https://bugs.webkit.org/show_bug.cgi?id=84832

        Reviewed by Antti Koivisto.

        calculateFromAndToValues / calculateFromAndByValues don't need to be spread across all SVGAnimatedTypeAnimators.
        Centralize these new implementations in SVGAnimatedTypeAnimator.h. Refactored addAnimatedTypes() from constructFromAndByValues.

        calculateFromAndToValues:
            from = constructFromString(fromString)
            to = constructFromString(toString)
        
        calculateFromAndByValues:
            from = constructFromString(fromString)
            to = constructFromString(byString)
            addAnimatedTypes(from, to)

        Doesn't affect any tests, just refactors code.

        * svg/SVGAnimateElement.cpp:
        (WebCore::SVGAnimateElement::calculateFromAndToValues):
        (WebCore::SVGAnimateElement::calculateFromAndByValues):
        * svg/SVGAnimatedAngle.cpp:
        (WebCore::SVGAnimatedAngleAnimator::addAnimatedTypes):
        * svg/SVGAnimatedAngle.h:
        (SVGAnimatedAngleAnimator):
        * svg/SVGAnimatedBoolean.cpp:
        (WebCore::SVGAnimatedBooleanAnimator::addAnimatedTypes):
        * svg/SVGAnimatedBoolean.h:
        (SVGAnimatedBooleanAnimator):
        * svg/SVGAnimatedColor.cpp:
        (WebCore::SVGAnimatedColorAnimator::addAnimatedTypes):
        * svg/SVGAnimatedColor.h:
        (SVGAnimatedColorAnimator):
        * svg/SVGAnimatedEnumeration.cpp:
        (WebCore::SVGAnimatedEnumerationAnimator::addAnimatedTypes):
        * svg/SVGAnimatedEnumeration.h:
        (SVGAnimatedEnumerationAnimator):
        * svg/SVGAnimatedInteger.cpp:
        (WebCore::SVGAnimatedIntegerAnimator::addAnimatedTypes):
        * svg/SVGAnimatedInteger.h:
        (SVGAnimatedIntegerAnimator):
        * svg/SVGAnimatedIntegerOptionalInteger.cpp:
        (WebCore::SVGAnimatedIntegerOptionalIntegerAnimator::addAnimatedTypes):
        * svg/SVGAnimatedIntegerOptionalInteger.h:
        (SVGAnimatedIntegerOptionalIntegerAnimator):
        * svg/SVGAnimatedLength.cpp:
        (WebCore::SVGAnimatedLengthAnimator::addAnimatedTypes):
        * svg/SVGAnimatedLength.h:
        (SVGAnimatedLengthAnimator):
        * svg/SVGAnimatedLengthList.cpp:
        (WebCore::SVGAnimatedLengthListAnimator::addAnimatedTypes):
        * svg/SVGAnimatedLengthList.h:
        (SVGAnimatedLengthListAnimator):
        * svg/SVGAnimatedNumber.cpp:
        (WebCore::SVGAnimatedNumberAnimator::addAnimatedTypes):
        * svg/SVGAnimatedNumber.h:
        (SVGAnimatedNumberAnimator):
        * svg/SVGAnimatedNumberList.cpp:
        (WebCore::SVGAnimatedNumberListAnimator::addAnimatedTypes):
        * svg/SVGAnimatedNumberList.h:
        (SVGAnimatedNumberListAnimator):
        * svg/SVGAnimatedNumberOptionalNumber.cpp:
        (WebCore::SVGAnimatedNumberOptionalNumberAnimator::addAnimatedTypes):
        * svg/SVGAnimatedNumberOptionalNumber.h:
        (SVGAnimatedNumberOptionalNumberAnimator):
        * svg/SVGAnimatedPath.cpp:
        (WebCore::SVGAnimatedPathAnimator::constructFromString):
        (WebCore::SVGAnimatedPathAnimator::addAnimatedTypes):
        * svg/SVGAnimatedPath.h:
        (SVGAnimatedPathAnimator):
        * svg/SVGAnimatedPointList.cpp:
        (WebCore::SVGAnimatedPointListAnimator::addAnimatedTypes):
        * svg/SVGAnimatedPointList.h:
        (SVGAnimatedPointListAnimator):
        * svg/SVGAnimatedPreserveAspectRatio.cpp:
        (WebCore::SVGAnimatedPreserveAspectRatioAnimator::addAnimatedTypes):
        * svg/SVGAnimatedPreserveAspectRatio.h:
        (SVGAnimatedPreserveAspectRatioAnimator):
        * svg/SVGAnimatedRect.cpp:
        (WebCore::SVGAnimatedRectAnimator::addAnimatedTypes):
        * svg/SVGAnimatedRect.h:
        (SVGAnimatedRectAnimator):
        * svg/SVGAnimatedString.cpp:
        (WebCore::SVGAnimatedStringAnimator::addAnimatedTypes):
        * svg/SVGAnimatedString.h:
        (SVGAnimatedStringAnimator):
        * svg/SVGAnimatedTransformList.cpp:
        (WebCore::SVGAnimatedTransformListAnimator::SVGAnimatedTransformListAnimator):
        (WebCore::SVGAnimatedTransformListAnimator::constructFromString):
        (WebCore::SVGAnimatedTransformListAnimator::addAnimatedTypes):
        (WebCore::SVGAnimatedTransformListAnimator::calculateDistance):
        * svg/SVGAnimatedTransformList.h:
        (SVGAnimatedTransformListAnimator):
        * svg/SVGAnimatedTypeAnimator.h:
        (SVGAnimatedTypeAnimator):
        (WebCore::SVGAnimatedTypeAnimator::calculateFromAndToValues):
        (WebCore::SVGAnimatedTypeAnimator::calculateFromAndByValues):
        (WebCore::SVGAnimatedTypeAnimator::setContextElement):

2012-04-25  Andreas Kling  <kling@webkit.org>

        Shrink RenderText by 8 bytes on 64-bit.
        <http://webkit.org/b/84828>

        Reviewed by Maciej Stachowiak.

        Reorder the members so that the bits in RenderText falls into the padding at
        the end of RenderObject on 64-bit. Updated the compile-time size assertion to
        account for the new object structure.

        This shrinks RenderText from 104 to 96 bytes on 64-bit release builds.

        * rendering/RenderText.cpp:
        (SameSizeAsRenderText):
        (WebCore::RenderText::RenderText):
        * rendering/RenderText.h:
        (RenderText):

2012-04-25  Raymond Toy  <rtoy@google.com>

        No audio from MediaElementAudioSourceNode
        https://bugs.webkit.org/show_bug.cgi?id=84669

        MediaElementAudioSourceNode needs custom propagatesSilence() to
        return false to indicate the node never propagates silence.
        
        Reviewed by Chris Rogers.

        * Modules/webaudio/MediaElementAudioSourceNode.h:
        (MediaElementAudioSourceNode): Add propagatesSilence().

2012-04-25  Xianzhu Wang  <wangxianzhu@chromium.org>

        Web Inspector: Incorrect highlight position of inspected element in a scrolled page
        https://bugs.webkit.org/show_bug.cgi?id=84755

        Reviewed by Pavel Feldman.

        Test: inspector/elements/highlight-node-scroll.html

        * inspector/DOMNodeHighlighter.cpp: Ensures the highlight position is in page coordinates.

2012-04-24  Yury Semikhatsky  <yurys@chromium.org>

        Unreviewed. Revert part of the change r115063 which commented out
        real worker creation. It was commited by mistake.

        * inspector/front-end/HeapSnapshotProxy.js:
        (WebInspector.HeapSnapshotWorker):

2012-04-24  Jon Lee  <jonlee@apple.com>

        New Notification constructor do not take into account security origin permissions
        https://bugs.webkit.org/show_bug.cgi?id=84825
        <rdar://problem/11315405>

        Reviewed by Darin Adler.

        Tests requires support for notifications on Mac (see 79492).

        When the task timer fires, we should check to see that the notification has permission
        to show. If not, we fire the onError event.

        * notifications/Notification.cpp:
        (WebCore::Notification::Notification): Since the timer may show, or call the onerror event,
        we rename it from m_showTaskTimer. to m_taskTimer.
        (WebCore::Notification::dispatchErrorEvent): The default constructor of ErrorEvent doesn't
        create the proper event object. Create it using Event::create().
        (WebCore::Notification::taskTimerFired): Check to see that we have permission first.
        * notifications/Notification.h:
        (Notification):

2012-04-24  Simon Fraser  <simon.fraser@apple.com>

        Add a logging channel and some ouput for compositing
        https://bugs.webkit.org/show_bug.cgi?id=84817

        Reviewed by Darin Adler.

        Add a logging channel called "Compositing".
        
        Output useful information to this channel, including
        a line for each composited layer, its composited bounds,
        the reason it was composited, the backing store megapixels,
        and a count of total composited layers and total backing
        store megapixels.

        * platform/Logging.cpp:
        (WebCore):
        (WebCore::getChannelFromName):
        * platform/Logging.h:
        (WebCore):
        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::backingStoreArea):
        * platform/graphics/GraphicsLayer.h:
        (GraphicsLayer):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::backingStoreArea):
        (WebCore):
        * platform/graphics/ca/GraphicsLayerCA.h:
        (GraphicsLayerCA):
        * platform/mac/LoggingMac.mm:
        (WebCore::initializeLoggingChannelsIfNecessary):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::nameForLayer):
        (WebCore::RenderLayerBacking::backingStoreArea):
        (WebCore):
        * rendering/RenderLayerBacking.h:
        (RenderLayerBacking):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore):
        (WebCore::compositingLogEnabled):
        (WebCore::RenderLayerCompositor::RenderLayerCompositor):
        (WebCore::RenderLayerCompositor::updateCompositingLayers):
        (WebCore::RenderLayerCompositor::logCompositingInfo):
        (WebCore::RenderLayerCompositor::rebuildCompositingLayerTree):
        (WebCore::RenderLayerCompositor::updateLayerTreeGeometry):
        (WebCore::RenderLayerCompositor::reasonForCompositing):
        * rendering/RenderLayerCompositor.h:
        (RenderLayerCompositor):

2012-04-24  Kulanthaivel Palanichamy  <kulanthaivel@codeaurora.org>

        getMatchedCSSRules() should return null when the second argument is an unrecognized pseudo-element name
        https://bugs.webkit.org/show_bug.cgi?id=83298

        Reviewed by Ojan Vafai.

        I couldn't find any specification or any meaningful discussion on this API, but I
        assume that it shouldn't be any different from window.getComputedStyle()
        as far as the parameters are concerned.

        Test: fast/dom/Window/getMatchedCSSRules-with-invalid-pseudo-elements.html

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::getMatchedCSSRules):
        * page/DOMWindow.idl:

2012-04-24  Anders Carlsson  <andersca@apple.com>

        overflow: hidden on the main frame is broken with threaded scrolling
        https://bugs.webkit.org/show_bug.cgi?id=84819
        <rdar://problem/10920677>

        Reviewed by Darin Adler.

        Pass along the horizontal and vertical scrollbar modes to the scrolling tree and use it
        to determine if wheel events should be handled or not. This matches what we do for non-threaded scrolling.

        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::frameViewLayoutUpdated):
        (WebCore::ScrollingCoordinator::setScrollParameters):
        * page/scrolling/ScrollingCoordinator.h:
        (ScrollParameters):
        * page/scrolling/ScrollingTreeNode.cpp:
        (WebCore::ScrollingTreeNode::ScrollingTreeNode):
        (WebCore::ScrollingTreeNode::update):
        * page/scrolling/ScrollingTreeNode.h:
        (WebCore::ScrollingTreeNode::canHaveScrollbars):
        (ScrollingTreeNode):
        * page/scrolling/ScrollingTreeState.cpp:
        (WebCore::ScrollingTreeState::ScrollingTreeState):
        (WebCore::ScrollingTreeState::setHorizontalScrollbarMode):
        (WebCore):
        (WebCore::ScrollingTreeState::setVerticalScrollbarMode):
        * page/scrolling/ScrollingTreeState.h:
        (WebCore::ScrollingTreeState::horizontalScrollbarMode):
        (ScrollingTreeState):
        (WebCore::ScrollingTreeState::verticalScrollbarMode):
        * page/scrolling/mac/ScrollingTreeNodeMac.mm:
        (WebCore::ScrollingTreeNodeMac::handleWheelEvent):

2012-04-24  Adrienne Walker  <enne@google.com>

        [chromium] Don't call calculateRenderPasses in CCLayerTreeHostImpl::scrollBegin()
        https://bugs.webkit.org/show_bug.cgi?id=84807

        Reviewed by James Robinson.

        Instead of calculate render passes and quads and tracking damage,
        simply calculate the updated render layer list, which is what is
        needed for scrolling.  This prevents a willDraw/didDraw mismatch on
        layers.

        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
        (WebCore::CCLayerTreeHostImpl::calculateRenderSurfaceLayerList):
        (WebCore):
        (WebCore::CCLayerTreeHostImpl::calculateRenderPasses):
        (WebCore::CCLayerTreeHostImpl::ensureMostRecentRenderSurfaceLayerList):
        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
        (CCLayerTreeHostImpl):

2012-04-24  Dana Jansens  <danakj@chromium.org>

        [chromium] Unbounded draws should use clip to limit their damage to opaque tracking
        https://bugs.webkit.org/show_bug.cgi?id=84494

        Reviewed by Adrienne Walker.

        Unit test: PlatformContextSkiaTest.UnboundedDrawsAreClipped

        * platform/graphics/skia/OpaqueRegionSkia.cpp:
        (WebCore::OpaqueRegionSkia::didDrawRect):
        (WebCore::OpaqueRegionSkia::didDrawPath):
        (WebCore::OpaqueRegionSkia::didDrawPoints):
        (WebCore::OpaqueRegionSkia::didDrawBounded):
        (WebCore::OpaqueRegionSkia::didDrawUnbounded):
        * platform/graphics/skia/OpaqueRegionSkia.h:
        (OpaqueRegionSkia):

2012-04-24  Alexis Menard  <alexis.menard@openbossa.org>

        Implement createTBody for table element.
        https://bugs.webkit.org/show_bug.cgi?id=84465

        Reviewed by Ojan Vafai.

        Implement createTBody of table element to allow creating tbodies from JS.
        It's following the specification http://dev.w3.org/html5/spec/the-table-element.html#dom-table-createtbody.

        Tests: fast/table/table-create-tbody-existing-tbody.html
               fast/table/table-create-tbody-multiple-tbody.html
               fast/table/table-create-tbody.html

        * html/HTMLTableElement.cpp:
        (WebCore::HTMLTableElement::createTBody):
        (WebCore):
        * html/HTMLTableElement.h:
        (HTMLTableElement):
        * html/HTMLTableElement.idl:

2012-04-24  Anders Carlsson  <andersca@apple.com>

        ScrollingCoordinator::setScrollParameters should take a single struct
        https://bugs.webkit.org/show_bug.cgi?id=84816

        Reviewed by Andreas Kling.

        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::frameViewLayoutUpdated):
        (WebCore::ScrollingCoordinator::setScrollParameters):
        * page/scrolling/ScrollingCoordinator.h:
        (ScrollingCoordinator):
        (ScrollParameters):
        * page/scrolling/ScrollingCoordinatorNone.cpp:
        (WebCore::ScrollingCoordinator::setScrollParameters):
        * page/scrolling/chromium/ScrollingCoordinatorChromium.cpp:
        (WebCore::ScrollingCoordinator::setScrollParameters):

2012-04-24  Adam Klein  <adamk@chromium.org>

        Remove unused undefined() method from ScriptValue
        https://bugs.webkit.org/show_bug.cgi?id=84751

        Reviewed by Kentaro Hara.

        * bindings/js/ScriptValue.h:
        (ScriptValue):
        * bindings/v8/ScriptValue.h:
        (ScriptValue):

2012-04-24  Yong Li  <yoli@rim.com>

        ASSERT failure in RenderLayer::computeRepaintRects
        https://bugs.webkit.org/show_bug.cgi?id=84480

        Reviewed by Simon Fraser.

        Update visibility status if necessary before updating
        compositing state in RenderLayer::styleChanged().

        No new tests because this is obviously right thing to do
        and creating new test seems too much for this small change.

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::styleChanged):

2012-04-24  Kent Tamura  <tkent@chromium.org>

        Calendar Picker: Open a calendar picker by keyboard operation
        https://bugs.webkit.org/show_bug.cgi?id=84680

        Reviewed by Kentaro Hara.

        - Open a calendar picker by the down arrow key.
        - Remove stepping down/up by keyboard and wheel operations.
          This behavior was for text fields with spin buttons. Because the date
        type doesn't have spin buttons, we should remove this behavior.

        No new tests for opening a calendar picker. This behavior is not
        testable by DRT yet. For removal of stepping up/down,
        fast/forms/date/date-stepup-stepdown-from-renderer.html is updated.

        * html/BaseDateAndTimeInputType.cpp:
        (WebCore::BaseDateAndTimeInputType::handleKeydownEvent):
        Check shouldHaveSpinButton() before spin button key operations.
        (WebCore::BaseDateAndTimeInputType::handleWheelEvent):
        Check shouldHaveSpinButton() before spin button wheel operations.
        * html/BaseDateAndTimeInputType.h:
        (BaseDateAndTimeInputType):
        Make handleKeydownEvent() protected because a subclass overrides it.
        * html/DateInputType.cpp:
        (WebCore::DateInputType::handleKeydownEvent):
        Open a calendar picker by the down arrow key.
        * html/DateInputType.h:
        (DateInputType): Add handleKeydownEvent() declaration.
        * html/shadow/CalendarPickerElement.h:
        (CalendarPickerElement): Make openPopup() public because DateInputType calls it.

2012-04-24  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r115099, r115102, and r115127.
        http://trac.webkit.org/changeset/115099
        http://trac.webkit.org/changeset/115102
        http://trac.webkit.org/changeset/115127
        https://bugs.webkit.org/show_bug.cgi?id=84809

        Made html5lib/runner.html crash, spot fix didn't help so
        rolling out so original author can do over. (Requested by
        kling on #webkit).

        * dom/Element.cpp:
        (WebCore::Element::parserSetAttributes):
        (WebCore::Element::normalizeAttributes):
        * dom/Element.h:
        (Element):
        * dom/ElementAttributeData.cpp:
        (WebCore::AttributeVector::removeAttribute):
        (WebCore):
        * dom/ElementAttributeData.h:
        (AttributeVector):
        (WebCore::AttributeVector::AttributeVector):
        (WebCore):
        (WebCore::AttributeVector::getAttributeItem):
        (WebCore::AttributeVector::getAttributeItemIndex):
        (WebCore::AttributeVector::insertAttribute):
        (WebCore::ElementAttributeData::getAttributeItem):
        (WebCore::ElementAttributeData::getAttributeItemIndex):
        (WebCore::ElementAttributeData::attributeVector):
        (WebCore::ElementAttributeData::clonedAttributeVector):
        (ElementAttributeData):
        * html/parser/HTMLConstructionSite.cpp:
        (WebCore::HTMLConstructionSite::createHTMLElementFromSavedElement):
        * html/parser/HTMLToken.h:
        (WebCore::AtomicHTMLToken::AtomicHTMLToken):
        * html/parser/HTMLTreeBuilder.cpp:
        (WebCore::HTMLTreeBuilder::processFakeStartTag):
        (WebCore::HTMLTreeBuilder::attributesForIsindexInput):
        * html/parser/HTMLTreeBuilder.h:
        * html/parser/TextDocumentParser.cpp:
        (WebCore::TextDocumentParser::insertFakePreElement):
        * xml/XMLErrors.cpp:
        (WebCore::createXHTMLParserErrorHeader):
        (WebCore::XMLErrors::insertErrorMessageBlock):
        * xml/parser/MarkupTokenBase.h:
        (WebCore::AtomicMarkupTokenBase::AtomicMarkupTokenBase):
        (WebCore::AtomicMarkupTokenBase::getAttributeItem):
        (WebCore::AtomicMarkupTokenBase::attributes):
        (AtomicMarkupTokenBase):
        (WebCore::::initializeAttributes):
        * xml/parser/XMLToken.h:
        (WebCore::AtomicXMLToken::AtomicXMLToken):

2012-04-24  Jeffrey Pfau  <jpfau@apple.com>

        Prevent drag and drop from setting file URLs
        https://bugs.webkit.org/show_bug.cgi?id=76596

        Reviewed by Enrica Casucci.

        Blacklisted file URLs from being set via dataTransfer.setData for specific types.

        * platform/mac/ClipboardMac.mm:
        (WebCore::ClipboardMac::setData):

2012-04-24  Enrica Casucci  <enrica@apple.com>

        REGRESSION (r109022) Safari not placing service data on pasteboard.
        https://bugs.webkit.org/show_bug.cgi?id=84766
        <rdar://problem/11085756>
        
        The support for OS X services requires that the write operations to
        the pasteboard occur synchronously. This behavior was changed with r109022.
        This change removes the original synchronous call to the WebProcess to perform
        the pasteboard write that had become asynchronous after r109022.
        It implements instead a synchronous call to retrive the content to be placed
        in the pasteboard.

        Reviewed by Alexey Proskuryakov.

        * WebCore.exp.in:
        * editing/Editor.h:
        * editing/mac/EditorMac.mm:
        (WebCore::Editor::writeSelectionToPasteboard):
        (WebCore::Editor::stringSelectionForPasteboard): Added.
        (WebCore::Editor::dataSelectionForPasteboard): Added.
        * platform/Pasteboard.h:
        * platform/mac/PasteboardMac.mm:
        (WebCore::Pasteboard::getStringSelection): Added.
        (WebCore::Pasteboard::getDataSelection): Added.
        (WebCore::Pasteboard::writeSelectionForTypes):
        (WebCore::Pasteboard::writeSelection):

2012-04-24  Dana Jansens  <danakj@chromium.org>

        [chromium] Image masks are considered opaque incorrectly
        https://bugs.webkit.org/show_bug.cgi?id=84275

        Reviewed by Adrienne Walker.

        Match the behaviour of SkCanvas layers more closely while tracking
        opaque paints. SkCanvas layers actually act as a separate device
        (ie. pixels) and when the layer is popped off, the pixels are copied
        down to the layer below.

        While we can use the total clip to decide what pixels the the
        drawing operation will affect in the final device, the blending
        down through layers needs to consider each layer carefully.

        In this case the image mask is drawn into a layer which is copied
        down using the DestinationIn operation. Since the layer contains
        non-opaque pixels, the DestinationIn copy can destroy opaque
        areas in the next layer. We add OpaqueRegionSkia::FillByCopy to
        distinguish the case where we are copying a block of pixels, and the
        alpha values are essentially unknown.

        Unit test: PlatformContextSkiaTest.trackImageMask
                   PlatformContextSkiaTest.trackImageMaskWithOpaqueRect

        * platform/graphics/skia/OpaqueRegionSkia.cpp:
        (WebCore::paintIsOpaque):
        (WebCore::OpaqueRegionSkia::applyOpaqueRegionFromLayer):
        (WebCore::OpaqueRegionSkia::pushCanvasLayer):
        (WebCore::OpaqueRegionSkia::popCanvasLayer):
        (WebCore::OpaqueRegionSkia::didDrawRect):
        (WebCore::OpaqueRegionSkia::didDrawPath):
        (WebCore::OpaqueRegionSkia::didDrawPoints):
        (WebCore::OpaqueRegionSkia::didDrawBounded):
        (WebCore::OpaqueRegionSkia::didDraw):
        (WebCore::OpaqueRegionSkia::didDrawUnbounded):
        (WebCore::OpaqueRegionSkia::markRectAsOpaque):
        (WebCore::OpaqueRegionSkia::markRectAsNonOpaque):
        (WebCore::OpaqueRegionSkia::markAllAsNonOpaque):
        * platform/graphics/skia/OpaqueRegionSkia.h:
        (OpaqueRegionSkia):
        (CanvasLayerState):
        * platform/graphics/skia/PlatformContextSkia.cpp:
        (WebCore::PlatformContextSkia::restoreLayer):

2012-04-24  Alexandru Chiculita  <achicu@adobe.com>

        CSS Shaders: Repainting the FECustomFilter requires full source image
        https://bugs.webkit.org/show_bug.cgi?id=76689

        Reviewed by Dean Jackson..

        When a pixel of a filtered layer changes we need to update the whole bounding box of the layer and
        not just the dirty rectangle. That's because the shader might change the color of any of the pixels inside the box.

        Added tests where a shader is moving and rotating the contents and the actual
        dirty box of the source image is not the same as the output dirty rectangle.

        Tests: css3/filters/custom/filter-repaint-custom-clipped.html
               css3/filters/custom/filter-repaint-custom-rotated.html
               css3/filters/custom/filter-repaint-custom.html

        * rendering/FilterEffectRenderer.cpp:
        (WebCore::FilterEffectRenderer::FilterEffectRenderer):
        (WebCore::FilterEffectRenderer::build):
        (WebCore::FilterEffectRenderer::computeSourceImageRectForDirtyRect):
        * rendering/FilterEffectRenderer.h:
        (FilterEffectRenderer):
        (WebCore::FilterEffectRenderer::hasCustomShaderFilter):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::setFilterBackendNeedsRepaintingInRect):

2012-04-24  Alexis Menard  <alexis.menard@openbossa.org>

        Replace occurences of style selector from variables and methods names by style resolver.
        https://bugs.webkit.org/show_bug.cgi?id=84765

        Reviewed by Andreas Kling.

        Rename methods and variables to follow the new name StyleResolver. It requires to update the
        local variables, methods parameters, and function names to match the new name and to remove
        the concept of "selector" to avoid clashing with the CSS concept. The next and last patch
        will be to rename CSSStyleSelector file and update the includes.

        No new tests : just renaming the variables and method names. No behavior changes expected.

        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::dispatchInvalidationCallbacks):
        * css/CSSGradientValue.cpp:
        (WebCore::CSSGradientValue::addStops):
        * css/CSSPageRule.cpp:
        (WebCore::CSSPageRule::setSelectorText):
        * css/CSSStyleRule.cpp:
        (WebCore::CSSStyleRule::setSelectorText):
        * css/CSSStyleSheet.cpp:
        (WebCore::StyleSheetInternal::styleSheetChanged):
        * css/MediaQueryEvaluator.cpp:
        (WebCore::MediaQueryEvaluator::eval):
        * css/MediaQueryMatcher.cpp:
        (WebCore::MediaQueryMatcher::prepareEvaluator):
        (WebCore::MediaQueryMatcher::styleResolverChanged):
        * css/MediaQueryMatcher.h:
        (MediaQueryMatcher):
        * css/PropertySetCSSStyleDeclaration.cpp:
        (WebCore::StyleRuleCSSStyleDeclaration::setNeedsStyleRecalc):
        * css/StyleBuilder.cpp:
        (WebCore::ApplyPropertyExpanding::applyInheritValue):
        (WebCore::ApplyPropertyExpanding::applyInitialValue):
        (WebCore::ApplyPropertyExpanding::applyValue):
        (WebCore::ApplyPropertyDefaultBase::applyInheritValue):
        (WebCore::ApplyPropertyDefaultBase::applyInitialValue):
        (WebCore::ApplyPropertyDefault::applyValue):
        (WebCore::ApplyPropertyNumber::applyValue):
        (WebCore::ApplyPropertyStyleImage::applyValue):
        (WebCore::ApplyPropertyAuto::applyInheritValue):
        (WebCore::ApplyPropertyAuto::applyInitialValue):
        (WebCore::ApplyPropertyAuto::applyValue):
        (WebCore::ApplyPropertyClip::convertToLength):
        (WebCore::ApplyPropertyClip::applyInheritValue):
        (WebCore::ApplyPropertyClip::applyInitialValue):
        (WebCore::ApplyPropertyClip::applyValue):
        (WebCore::ApplyPropertyColor::applyInheritValue):
        (WebCore::ApplyPropertyColor::applyInitialValue):
        (WebCore::ApplyPropertyColor::applyValue):
        (WebCore::ApplyPropertyColor::applyColorValue):
        (WebCore::ApplyPropertyDirection::applyValue):
        (WebCore::ApplyPropertyLength::applyValue):
        (WebCore::ApplyPropertyString::applyValue):
        (WebCore::ApplyPropertyBorderRadius::applyValue):
        (WebCore::ApplyPropertyFillLayer::applyInheritValue):
        (WebCore::ApplyPropertyFillLayer::applyInitialValue):
        (WebCore::ApplyPropertyFillLayer::applyValue):
        (WebCore::ApplyPropertyComputeLength::applyValue):
        (WebCore::ApplyPropertyFont::applyInheritValue):
        (WebCore::ApplyPropertyFont::applyInitialValue):
        (WebCore::ApplyPropertyFont::applyValue):
        (WebCore::ApplyPropertyFontSize::applyInheritValue):
        (WebCore::ApplyPropertyFontSize::applyInitialValue):
        (WebCore::ApplyPropertyFontSize::applyValue):
        (WebCore::ApplyPropertyFontWeight::applyValue):
        (WebCore::ApplyPropertyFontVariantLigatures::applyInheritValue):
        (WebCore::ApplyPropertyFontVariantLigatures::applyInitialValue):
        (WebCore::ApplyPropertyFontVariantLigatures::applyValue):
        (WebCore::ApplyPropertyBorderImage::applyValue):
        (WebCore::ApplyPropertyBorderImageModifier::applyInheritValue):
        (WebCore::ApplyPropertyBorderImageModifier::applyInitialValue):
        (WebCore::ApplyPropertyBorderImageModifier::applyValue):
        (WebCore::ApplyPropertyBorderImageSource::applyValue):
        (WebCore::ApplyPropertyCounter::applyInheritValue):
        (WebCore::ApplyPropertyCounter::applyValue):
        (WebCore::ApplyPropertyCursor::applyInheritValue):
        (WebCore::ApplyPropertyCursor::applyInitialValue):
        (WebCore::ApplyPropertyCursor::applyValue):
        (WebCore::ApplyPropertyTextAlign::applyValue):
        (WebCore::ApplyPropertyTextDecoration::applyValue):
        (WebCore::ApplyPropertyUnicodeBidi::applyValue):
        (WebCore::ApplyPropertyLineHeight::applyValue):
        (WebCore::ApplyPropertyPageSize::applyValue):
        (WebCore::ApplyPropertyTextEmphasisStyle::applyInheritValue):
        (WebCore::ApplyPropertyTextEmphasisStyle::applyInitialValue):
        (WebCore::ApplyPropertyTextEmphasisStyle::applyValue):
        (WebCore::ApplyPropertyAnimation::map):
        (WebCore::ApplyPropertyAnimation::applyInheritValue):
        (WebCore::ApplyPropertyAnimation::applyInitialValue):
        (WebCore::ApplyPropertyAnimation::applyValue):
        (WebCore::ApplyPropertyOutlineStyle::applyInheritValue):
        (WebCore::ApplyPropertyOutlineStyle::applyInitialValue):
        (WebCore::ApplyPropertyOutlineStyle::applyValue):
        (WebCore::ApplyPropertyResize::applyValue):
        (WebCore::ApplyPropertyVerticalAlign::applyValue):
        (WebCore::ApplyPropertyAspectRatio::applyInheritValue):
        (WebCore::ApplyPropertyAspectRatio::applyInitialValue):
        (WebCore::ApplyPropertyAspectRatio::applyValue):
        (WebCore::ApplyPropertyZoom::resetEffectiveZoom):
        (WebCore::ApplyPropertyZoom::applyInheritValue):
        (WebCore::ApplyPropertyZoom::applyInitialValue):
        (WebCore::ApplyPropertyZoom::applyValue):
        (WebCore::ApplyPropertyDisplay::isValidDisplayValue):
        (WebCore::ApplyPropertyDisplay::applyInheritValue):
        (WebCore::ApplyPropertyDisplay::applyInitialValue):
        (WebCore::ApplyPropertyDisplay::applyValue):
        (WebCore::ApplyPropertyFlex::applyInheritValue):
        (WebCore::ApplyPropertyFlex::applyInitialValue):
        (WebCore::ApplyPropertyFlex::applyValue):
        * css/StyleBuilder.h:
        (WebCore::PropertyHandler::applyInheritValue):
        (WebCore::PropertyHandler::applyInitialValue):
        (WebCore::PropertyHandler::applyValue):
        * css/StyleMedia.cpp:
        (WebCore::StyleMedia::matchMedium):
        * dom/Document.cpp:
        (WebCore::Document::Document):
        (WebCore::Document::~Document):
        (WebCore::Document::setDocType):
        (WebCore::Document::childrenChanged):
        (WebCore::Document::setContentLanguage):
        (WebCore::Document::recalcStyle):
        (WebCore::Document::updateLayoutIgnorePendingStylesheets):
        (WebCore::Document::styleForElementIgnoringPendingStylesheets):
        (WebCore::Document::styleForPage):
        (WebCore::Document::combineCSSFeatureFlags):
        (WebCore::Document::resetCSSFeatureFlags):
        (WebCore::Document::createStyleResolver):
        (WebCore::Document::clearStyleResolver):
        (WebCore::Document::clearPageUserSheet):
        (WebCore::Document::updatePageUserSheet):
        (WebCore::Document::clearPageGroupUserSheets):
        (WebCore::Document::updatePageGroupUserSheets):
        (WebCore::Document::addUserSheet):
        (WebCore::Document::processHttpEquiv):
        (WebCore::Document::setSelectedStylesheetSet):
        (WebCore::Document::removePendingSheet):
        (WebCore::Document::evaluateMediaQueryList):
        (WebCore::Document::styleResolverChanged):
        (WebCore::Document::analyzeStylesheetChange):
        (WebCore::Document::updateActiveStylesheets):
        * dom/Document.h:
        (WebCore::Document::styleResolverIfExists):
        (WebCore::Document::styleResolver):
        (Document):
        * dom/Element.cpp:
        (WebCore::StyleResolverParentPusher::StyleResolverParentPusher):
        (WebCore::StyleResolverParentPusher::push):
        (WebCore::StyleResolverParentPusher::~StyleResolverParentPusher):
        (StyleResolverParentPusher):
        (WebCore::Element::attributeChanged):
        (WebCore::Element::attach):
        (WebCore::Element::styleForRenderer):
        (WebCore::Element::recalcStyle):
        (WebCore::Element::beginParsingChildren):
        (WebCore::Element::finishParsingChildren):
        * dom/ProcessingInstruction.cpp:
        (WebCore::ProcessingInstruction::removedFrom):
        * dom/ShadowRoot.cpp:
        (WebCore::ShadowRoot::attach):
        * dom/ShadowTree.cpp:
        (WebCore::ShadowTree::recalcShadowTreeStyle):
        * dom/StyleElement.cpp:
        (WebCore::StyleElement::removedFromDocument):
        * editing/EditingStyle.cpp:
        (WebCore::styleFromMatchedRulesForElement):
        * history/CachedPage.cpp:
        (WebCore::CachedPage::restore):
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::styleResolver):
        * html/HTMLCanvasElement.h:
        (HTMLCanvasElement):
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::setDisabledState):
        (WebCore::HTMLLinkElement::process):
        (WebCore::HTMLLinkElement::removedFrom):
        (WebCore::HTMLLinkElement::removePendingSheet):
        * html/HTMLStyleElement.cpp:
        (WebCore::HTMLStyleElement::registerWithScopingNode):
        (WebCore::HTMLStyleElement::unregisterWithScopingNode):
        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::setFont):
        * inspector/InspectorCSSAgent.cpp:
        (WebCore::InspectorCSSAgent::recalcStyleForPseudoStateIfNeeded):
        (WebCore::InspectorCSSAgent::getMatchedStylesForNode):
        (WebCore::InspectorCSSAgent::buildArrayForRuleList):
        (WebCore::InspectorCSSAgent::clearPseudoState):
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::updateViewMetrics):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::getMatchedCSSRules):
        * page/Frame.cpp:
        (WebCore::Frame::setPrinting):
        * page/FrameView.cpp:
        (WebCore::FrameView::layout):
        * page/Page.cpp:
        (WebCore::Page::setViewMode):
        (WebCore::Page::setNeedsRecalcStyleInAllFrames):
        (WebCore::Page::allVisitedStateChanged):
        (WebCore::Page::visitedStateChanged):
        * page/animation/KeyframeAnimation.cpp:
        (WebCore::KeyframeAnimation::KeyframeAnimation):
        * platform/efl/RenderThemeEfl.cpp:
        (WebCore::RenderThemeEfl::adjustSliderTrackStyle):
        (WebCore::RenderThemeEfl::adjustSliderThumbStyle):
        (WebCore::RenderThemeEfl::adjustCheckboxStyle):
        (WebCore::RenderThemeEfl::adjustRadioStyle):
        (WebCore::RenderThemeEfl::adjustButtonStyle):
        (WebCore::RenderThemeEfl::adjustMenuListStyle):
        (WebCore::RenderThemeEfl::adjustMenuListButtonStyle):
        (WebCore::RenderThemeEfl::adjustTextFieldStyle):
        (WebCore::RenderThemeEfl::adjustTextAreaStyle):
        (WebCore::RenderThemeEfl::adjustSearchFieldDecorationStyle):
        (WebCore::RenderThemeEfl::adjustSearchFieldResultsButtonStyle):
        (WebCore::RenderThemeEfl::adjustSearchFieldResultsDecorationStyle):
        (WebCore::RenderThemeEfl::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeEfl::adjustSearchFieldStyle):
        (WebCore::RenderThemeEfl::adjustProgressBarStyle):
        * platform/gtk/RenderThemeGtk.cpp:
        (WebCore::RenderThemeGtk::adjustButtonStyle):
        (WebCore::RenderThemeGtk::adjustMenuListStyle):
        (WebCore::RenderThemeGtk::adjustMenuListButtonStyle):
        (WebCore::RenderThemeGtk::adjustSearchFieldResultsButtonStyle):
        (WebCore::RenderThemeGtk::adjustSearchFieldResultsDecorationStyle):
        (WebCore::RenderThemeGtk::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeGtk::adjustSearchFieldStyle):
        (WebCore::RenderThemeGtk::adjustSliderThumbStyle):
        * platform/qt/RenderThemeQt.cpp:
        (WebCore::RenderThemeQt::adjustSliderThumbStyle):
        (WebCore::RenderThemeQt::adjustSearchFieldStyle):
        (WebCore::RenderThemeQt::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeQt::adjustSearchFieldDecorationStyle):
        (WebCore::RenderThemeQt::adjustSearchFieldResultsDecorationStyle):
        (WebCore::RenderThemeQt::adjustInnerSpinButtonStyle):
        * platform/qt/RenderThemeQtMobile.cpp:
        (WebCore::RenderThemeQtMobile::adjustButtonStyle):
        (WebCore::RenderThemeQtMobile::adjustMenuListStyle):
        * platform/wx/RenderThemeWx.cpp:
        (WebCore::RenderThemeWx::adjustButtonStyle):
        * rendering/RenderListBox.cpp:
        (WebCore::RenderListBox::updateFromElement):
        (WebCore::RenderListBox::paintItemForeground):
        * rendering/RenderMenuList.cpp:
        (WebCore::RenderMenuList::fontSelector):
        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::getUncachedPseudoStyle):
        * rendering/RenderRegion.cpp:
        (WebCore::RenderRegion::styleDidChange):
        (WebCore::RenderRegion::computeStyleInRegion):
        * rendering/RenderTextControlSingleLine.cpp:
        (WebCore::RenderTextControlSingleLine::fontSelector):
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::adjustStyle):
        (WebCore::RenderTheme::adjustInputFieldSpeechButtonStyle):
        * rendering/RenderThemeChromiumSkia.cpp:
        (WebCore::RenderThemeChromiumSkia::adjustMenuListStyle):
        (WebCore::RenderThemeChromiumSkia::adjustMenuListButtonStyle):
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::adjustMenuListStyle):
        (WebCore::RenderThemeMac::adjustSliderThumbStyle):
        (WebCore::RenderThemeMac::adjustSearchFieldStyle):
        * rendering/RenderThemeSafari.cpp:
        (WebCore::RenderThemeSafari::setFontFromControlSize):
        (WebCore::RenderThemeSafari::adjustButtonStyle):
        (WebCore::RenderThemeSafari::adjustMenuListStyle):
        (WebCore::RenderThemeSafari::adjustMenuListButtonStyle):
        (WebCore::RenderThemeSafari::adjustSliderThumbStyle):
        (WebCore::RenderThemeSafari::adjustSearchFieldStyle):
        (WebCore::RenderThemeSafari::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeSafari::adjustSearchFieldDecorationStyle):
        (WebCore::RenderThemeSafari::adjustSearchFieldResultsDecorationStyle):
        (WebCore::RenderThemeSafari::adjustSearchFieldResultsButtonStyle):
        * rendering/RenderThemeWin.cpp:
        (WebCore::RenderThemeWin::adjustInnerSpinButtonStyle):
        (WebCore::RenderThemeWin::adjustMenuListStyle):
        (WebCore::RenderThemeWin::adjustMenuListButtonStyle):
        (WebCore::RenderThemeWin::adjustSearchFieldStyle):
        (WebCore::RenderThemeWin::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeWin::adjustSearchFieldDecorationStyle):
        (WebCore::RenderThemeWin::adjustSearchFieldResultsDecorationStyle):
        (WebCore::RenderThemeWin::adjustSearchFieldResultsButtonStyle):
        * rendering/RenderThemeWinCE.cpp:
        (WebCore::RenderThemeWinCE::adjustMenuListStyle):
        (WebCore::RenderThemeWinCE::adjustSearchFieldStyle):
        (WebCore::RenderThemeWinCE::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeWinCE::adjustSearchFieldDecorationStyle):
        (WebCore::RenderThemeWinCE::adjustSearchFieldResultsDecorationStyle):
        (WebCore::RenderThemeWinCE::adjustSearchFieldResultsButtonStyle):
        (WebCore::RenderThemeWinCE::adjustMenuListButtonStyle):
        * rendering/style/StyleGeneratedImage.cpp:
        (WebCore::StyleGeneratedImage::image):
        * rendering/svg/RenderSVGInlineText.cpp:
        (WebCore::RenderSVGInlineText::computeNewScaledFontForStyle):
        * svg/SVGElement.cpp:
        (WebCore::SVGElement::customStyleForRenderer):
        * svg/SVGFontFaceElement.cpp:
        (WebCore::SVGFontFaceElement::rebuildFontFace):
        (WebCore::SVGFontFaceElement::removedFrom):
        * xml/XMLTreeViewer.cpp:
        (WebCore::XMLTreeViewer::transformDocumentToTreeView):
        * xml/parser/XMLDocumentParser.cpp:
        (WebCore::XMLDocumentParser::end):
        * xml/parser/XMLDocumentParserLibxml2.cpp:
        (WebCore::XMLDocumentParser::doEnd):
        * xml/parser/XMLDocumentParserQt.cpp:
        (WebCore::XMLDocumentParser::doEnd):
        * WebCore.exp.in:

2012-04-24  Yael Aharon  <yael.aharon@nokia.com>

        Fixed background is scrolling in http://www.nieuwecode.nl/ in Qt webkit2
        https://bugs.webkit.org/show_bug.cgi?id=83980

        Reviewed by Simon Fraser.

        When a fixed position element does not have z-index explicitly specified, it does not create a
        stacking context. This results in fixed elements scrolling with the content layer.
        This patch creates a stacking context for fixed positioned elements for the Qt port, by enabling
        the flag ENABLE_FIXED_POSITION_CREATES_STACKING_CONTEXT.
        Added a manual test because this patch takes effect only during scrolling.

        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::collectMatchingRulesForList):

2012-04-24  Andreas Kling  <kling@webkit.org>

        REGRESSION(r115099): html5lib/runner.html crashes.
        <http://webkit.org/b/84791>

        Reviewed by Anders Carlsson.

        Unbreak and simplify the code that filters attributes on isindex elements.
        It's perfectly safe to remove elements from a Vector while iterating over it.

        * html/parser/HTMLTreeBuilder.cpp:
        (WebCore::HTMLTreeBuilder::attributesForIsindexInput):

2012-04-24  Victor Carbune  <vcarbune@adobe.com>

        Extra display logic for the media control panel element
        https://bugs.webkit.org/show_bug.cgi?id=82476

        Reviewed by Eric Carlson.

        This patch fixes a bug which caused the controls to be displayed
        when they should remain hidden. Added an extra variable to the
        panel elements which properly keeps the state of the panel (visible or not).

        Test: media/video-controls-toggling.html

        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlPanelElement::MediaControlPanelElement): Added the
        variable m_isDisplayed to hold the state whether the panel is visible or not.
        (WebCore::MediaControlPanelElement::makeOpaque): Showing the panel only if it
        is visible.
        (WebCore::MediaControlPanelElement::makeTransparent): Enabled the transition
        timer which sets the display:none property on the controls.
        (WebCore::MediaControlPanelElement::setIsDisplayed): Setter for the state variable.
        (WebCore):
        * html/shadow/MediaControlElements.h:
        (MediaControlPanelElement):
        * html/shadow/MediaControlRootElement.cpp:
        (WebCore::MediaControlRootElement::show): Updated the panel visibility state.
        (WebCore::MediaControlRootElement::hide): Updated the panel visibility state.
        * html/shadow/MediaControlRootElementChromium.cpp:
        (WebCore::MediaControlRootElementChromium::show): Updated the panel visibility state.
        (WebCore::MediaControlRootElementChromium::hide): Updated the panel visibility state.

2012-04-24  Alexandru Chiculita  <achicu@adobe.com>

        CSS Shaders: Custom filters painting is broken
        https://bugs.webkit.org/show_bug.cgi?id=82803

        Reviewed by Kenneth Russell.

        In this patch I moved CSS Shaders file loading notifications from FilterEffectRenderer to the new RenderLayerFilterInfo.
        That's because FilterEffectRenderer is only used when running the filters in the software pipeline
        and has a very short lifetime. Due to a recent change FilterEffectRenderer actually
        gets deleted if the shader is not loaded, so it doesn't live that much to be notified when the shader
        was actually loaded.

        Also removed the FilterEffectObserver, that was only used to notify the RenderLayer about the loaded shader.

        No new tests. This is making existing CSS Shaders tests pass again.
        Cannot un-skip on Mac for now because the feature is compile time disabled.
        
        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/filters/CustomFilterOperation.h:
        (WebCore::CustomFilterOperation::affectsOpacity):
        (WebCore::CustomFilterOperation::movesPixels):
        * platform/graphics/filters/FilterOperations.cpp:
        (WebCore):
        (WebCore::FilterOperations::hasCustomFilter):
        * platform/graphics/filters/FilterOperations.h:
        (FilterOperations):
        * platform/graphics/texmap/TextureMapperImageBuffer.cpp:
        (WebCore::BitmapTextureImageBuffer::applyFilters):
        * rendering/FilterEffectObserver.h: Removed.
        * rendering/FilterEffectRenderer.cpp:
        (WebCore::FilterEffectRenderer::FilterEffectRenderer):
        (WebCore::FilterEffectRenderer::~FilterEffectRenderer):
        (WebCore::FilterEffectRenderer::build):
        * rendering/FilterEffectRenderer.h:
        (WebCore):
        (WebCore::FilterEffectRenderer::create):
        (FilterEffectRenderer):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::updateOrRemoveFilterEffect):
        * rendering/RenderLayer.h:
        * rendering/RenderLayerFilterInfo.cpp:
        (WebCore::RenderLayerFilterInfo::~RenderLayerFilterInfo):
        (WebCore::RenderLayerFilterInfo::notifyCustomFilterProgramLoaded):
        (WebCore):
        (WebCore::RenderLayerFilterInfo::updateCustomFilterClients):
        (WebCore::RenderLayerFilterInfo::removeCustomFilterClients):
        * rendering/RenderLayerFilterInfo.h:
        (WebCore):
        (RenderLayerFilterInfo):

2012-04-24  Antti Koivisto  <antti@apple.com>

        Another build fix.

        Not reviewed.

        * css/MediaList.cpp:
        (WebCore::MediaQuerySet::MediaQuerySet):
        * css/StylePropertySet.cpp:
        (WebCore::StylePropertySet::StylePropertySet):

2012-04-24  Antti Koivisto  <antti@apple.com>

        Try to fix Qt build.

        Not reviewed.

        * css/StyleRule.h:
        (WebCore::StyleRuleBase::StyleRuleBase):

2012-04-24  Antti Koivisto  <antti@apple.com>

        Implement StyleRule copying
        https://bugs.webkit.org/show_bug.cgi?id=84752

        Reviewed by Andreas Kling.
        
        We'll need this for copy-on-write when style sheet data is shared between documents.

        Implement copy() and copy constructor for style rules their children as needed.
        
        The code is not yet used.

        * css/CSSSelectorList.cpp:
        (WebCore::CSSSelectorList::CSSSelectorList):
        (WebCore):
        * css/CSSSelectorList.h:
        (CSSSelectorList):
        * css/MediaList.h:
        (WebCore::MediaQuerySet::copy):
        (MediaQuerySet):
        * css/MediaQuery.cpp:
        (WebCore::MediaQuery::MediaQuery):
        (WebCore):
        * css/MediaQuery.h:
        (MediaQuery):
        (WebCore::MediaQuery::copy):
        * css/MediaQueryExp.h:
        (WebCore::MediaQueryExp::copy):
        (MediaQueryExp):
        * css/StylePropertySet.cpp:
        (WebCore::StylePropertySet::StylePropertySet):
        (WebCore):
        (WebCore::StylePropertySet::copy):
        * css/StylePropertySet.h:
        
            Make this copy parse mode too. As a result ElementAttributeData no longer needs to set it explicitly after copying.

        (StylePropertySet):
        * css/StyleRule.cpp:
        (WebCore::StyleRuleBase::copy):
        (WebCore):
        (WebCore::StyleRule::StyleRule):
        (WebCore::StyleRulePage::StyleRulePage):
        (WebCore::StyleRuleFontFace::StyleRuleFontFace):
        (WebCore::StyleRuleBlock::StyleRuleBlock):
        (WebCore::StyleRuleMedia::StyleRuleMedia):
        (WebCore::StyleRuleRegion::StyleRuleRegion):
        * css/StyleRule.h:
        (StyleRuleBase):
        (WebCore::StyleRuleBase::StyleRuleBase):
        (WebCore::StyleRule::copy):
        (StyleRule):
        (WebCore::StyleRuleFontFace::copy):
        (StyleRuleFontFace):
        (WebCore::StyleRulePage::copy):
        (StyleRulePage):
        (StyleRuleBlock):
        (WebCore::StyleRuleMedia::copy):
        (StyleRuleMedia):
        (WebCore::StyleRuleRegion::copy):
        (StyleRuleRegion):
        * css/WebKitCSSKeyframesRule.cpp:
        (WebCore):
        (WebCore::StyleRuleKeyframes::StyleRuleKeyframes):
        * css/WebKitCSSKeyframesRule.h:
        (WebCore):
        (WebCore::StyleRuleKeyframes::copy):
        (StyleRuleKeyframes):

2012-04-24  Ryosuke Niwa  <rniwa@webkit.org>

        Revert r115009; It doesn't make necessary changes to NodeRareData and Node.

        * CMakeLists.txt:
        * DerivedSources.cpp:
        * DerivedSources.make:
        * DerivedSources.pri:
        * GNUmakefile.list.am:
        * Target.pri:
        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSHTMLCollectionCustom.cpp:
        (WebCore::getNamedItems):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        * bindings/v8/custom/V8HTMLCollectionCustom.cpp:
        (WebCore::getNamedItems):
        * html/CollectionType.h:
        * html/HTMLCollection.cpp:
        (WebCore::HTMLCollection::shouldIncludeChildren):
        (WebCore::HTMLCollection::isAcceptableElement):
        * html/HTMLFormCollection.cpp:
        (WebCore::HTMLFormCollection::HTMLFormCollection):
        * html/RadioNodeList.cpp: Removed.
        * html/RadioNodeList.h: Removed.
        * html/RadioNodeList.idl: Removed.

2012-04-24  Chris Rogers  <crogers@google.com>

        WaveTable should normalize to 0dbFS instead of -6dbFS
        https://bugs.webkit.org/show_bug.cgi?id=84644

        Reviewed by Kenneth Russell.

        No new tests. Oscillator tests will be rebaselined after landing, since several platforms are affected.

        * Modules/webaudio/WaveTable.cpp:
        (WebCore::WaveTable::createBandLimitedTables):

2012-04-24  Tommy Widenflycht  <tommyw@google.com>

        MediaStream API: Create a new flag for PeerConnection
        https://bugs.webkit.org/show_bug.cgi?id=84723

        Reviewed by Dimitri Glazkov.

        To allow Chrome to make the GetUserMedia functionality available by default we
        need another flag for the PeerConnection related parts. This new flag is in
        addition to the general media stream flag, and both need to be enabled for
        PeerConnection object creation.

        No code behavior changes.

        * bindings/generic/RuntimeEnabledFeatures.cpp:
        (WebCore):
        * bindings/generic/RuntimeEnabledFeatures.h:
        (RuntimeEnabledFeatures):
        (WebCore::RuntimeEnabledFeatures::peerConnectionEnabled):
        (WebCore::RuntimeEnabledFeatures::setPeerConnectionEnabled):
        (WebCore::RuntimeEnabledFeatures::webkitDeprecatedPeerConnectionEnabled):
        (WebCore::RuntimeEnabledFeatures::webkitPeerConnection00Enabled):

2012-04-24  Joe Mason  <jmason@rim.com>

        [BlackBerry] Revert broken changes to authentication dialog
        https://bugs.webkit.org/show_bug.cgi?id=80135

        Reviewed by Antonio Gomes.

        The previous patches from this bug caused an infinite loop when using digest auth;
        apparently they were only tested with basic.

        * platform/blackberry/PageClientBlackBerry.h:
        * platform/network/blackberry/NetworkJob.cpp:
        (WebCore::NetworkJob::handleAuthHeader):
        (WebCore::NetworkJob::sendRequestWithCredentials):

2012-04-24  Caio Marcelo de Oliveira Filho  <caio.oliveira@openbossa.org>

        Fix wrong ASSERT() in findAttributeInVector()
        https://bugs.webkit.org/show_bug.cgi?id=84756

        Unreviewed build fix.

        * dom/ElementAttributeData.h:
        (WebCore::findAttributeInVector):

2012-04-24  Anders Carlsson  <andersca@apple.com>

        Update the scroll layer position on the main thread when viewing full-frame images
        https://bugs.webkit.org/show_bug.cgi?id=84754
        <rdar://problem/11193304>

        Reviewed by Andreas Kling.

        Showing really big images can be slow sometimes and in that case it's better to update the scroll layer position on
        the main thread, which will avoid flashing white.

        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::updateShouldUpdateScrollLayerPositionOnMainThread):

2012-04-24  Caio Marcelo de Oliveira Filho  <caio.oliveira@openbossa.org>

        Use Vector<Attribute> directly instead of encapsulating it in AttributeVector
        https://bugs.webkit.org/show_bug.cgi?id=84413

        Reviewed by Andreas Kling.

        As commented in https://bugs.webkit.org/show_bug.cgi?id=79963#c16 we do not
        usually subclass basic types like Vector. This patch changes code to use
        Vector<Attribute> directly and move around the functionality of the former
        methods to more specific helper functions or inline code at the callers.

        * dom/Element.cpp:
        (WebCore::Element::parserSetAttributes):
        (WebCore::Element::normalizeAttributes):
        * dom/Element.h:
        (Element):
        * dom/ElementAttributeData.cpp:
        * dom/ElementAttributeData.h:
        (WebCore::getAttributeFromVector):
        (WebCore::ElementAttributeData::getAttributeItem):
        (ElementAttributeData):
        (WebCore::ElementAttributeData::attributeVector):
        (WebCore::ElementAttributeData::clonedAttributeVector):
        (WebCore::ElementAttributeData::getAttributeItemIndex):
        (WebCore):
        * html/parser/HTMLConstructionSite.cpp:
        (WebCore::HTMLConstructionSite::createHTMLElementFromSavedElement):
        * html/parser/HTMLToken.h:
        (WebCore::AtomicHTMLToken::AtomicHTMLToken):
        * html/parser/HTMLTreeBuilder.cpp:
        (WebCore::HTMLTreeBuilder::processFakeStartTag):
        (WebCore::HTMLTreeBuilder::attributesForIsindexInput):
        * html/parser/HTMLTreeBuilder.h:
        * html/parser/TextDocumentParser.cpp:
        (WebCore::TextDocumentParser::insertFakePreElement):
        * xml/XMLErrors.cpp:
        (WebCore::createXHTMLParserErrorHeader):
        (WebCore::XMLErrors::insertErrorMessageBlock):
        * xml/parser/MarkupTokenBase.h:
        (WebCore::AtomicMarkupTokenBase::AtomicMarkupTokenBase):
        (WebCore::AtomicMarkupTokenBase::getAttributeItem):
        (WebCore::AtomicMarkupTokenBase::attributes):
        (AtomicMarkupTokenBase):
        (WebCore::::initializeAttributes):
        * xml/parser/XMLToken.h:
        (WebCore::AtomicXMLToken::AtomicXMLToken):

2012-04-24  Alexis Menard  <alexis.menard@openbossa.org>

        Rename CSSStyleSelector class to StyleResolver.
        https://bugs.webkit.org/show_bug.cgi?id=84734

        Reviewed by Andreas Kling.

        The name CSSStyleSelector is confusing as it conflicts a bit with
        the CSS concept of selectors. One could think it's an encapsulation
        of the CSS selectors but it's not, in fact this class is responsible
        of finding the RenderStyle for a given element. This is the first patch
        as I will later rename the files, and then rename the local variables.

        No new tests : renaming, no behavior changes should appear.

        * css/CSSCalculationValue.cpp:
        (WebCore::CSSCalcPrimitiveValue::toCalcValue):
        * css/CSSFontSelector.cpp:
        (WebCore::CSSFontSelector::dispatchInvalidationCallbacks):
        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseSizeParameter):
        * css/CSSStyleSelector.cpp:
        (RuleSet):
        (WebCore::RuleSet::features):
        (WebCore):
        (WebCore::StyleResolver::StyleResolver):
        (WebCore::StyleResolver::addAuthorRulesAndCollectUserRulesFromSheets):
        (WebCore::makeRuleSet):
        (WebCore::StyleResolver::collectFeatures):
        (WebCore::StyleResolver::determineScope):
        (WebCore::StyleResolver::ruleSetForScope):
        (WebCore::StyleResolver::appendAuthorStylesheets):
        (WebCore::StyleResolver::setupScopeStack):
        (WebCore::StyleResolver::pushScope):
        (WebCore::StyleResolver::popScope):
        (WebCore::StyleResolver::pushParentElement):
        (WebCore::StyleResolver::popParentElement):
        (WebCore::StyleResolver::pushParentShadowRoot):
        (WebCore::StyleResolver::popParentShadowRoot):
        (WebCore::StyleResolver::addKeyframeStyle):
        (WebCore::StyleResolver::~StyleResolver):
        (WebCore::StyleResolver::sweepMatchedPropertiesCache):
        (WebCore::StyleResolver::Features::Features):
        (WebCore::StyleResolver::Features::~Features):
        (WebCore::StyleResolver::Features::add):
        (WebCore::StyleResolver::Features::clear):
        (WebCore::StyleResolver::addMatchedProperties):
        (WebCore::StyleResolver::addElementStyleProperties):
        (WebCore::StyleResolver::collectMatchingRules):
        (WebCore::StyleResolver::collectMatchingRulesForRegion):
        (WebCore::StyleResolver::sortAndTransferMatchedRules):
        (WebCore::StyleResolver::matchScopedAuthorRules):
        (WebCore::StyleResolver::matchAuthorRules):
        (WebCore::StyleResolver::matchUserRules):
        (WebCore::StyleResolver::matchUARules):
        (WebCore::StyleResolver::collectMatchingRulesForList):
        * css/CSSStyleSelector.h:
        (StyleResolver):
        (Features):
        * css/MediaQueryEvaluator.cpp:
        (WebCore::MediaQueryEvaluator::eval):
        * css/MediaQueryEvaluator.h:
        (WebCore):
        (MediaQueryEvaluator):
        * css/MediaQueryMatcher.cpp:
        (WebCore::MediaQueryMatcher::prepareEvaluator):
        * css/SVGCSSStyleSelector.cpp:
        (WebCore::StyleResolver::applySVGProperty):
        * css/StyleBuilder.cpp:
        (WebCore::ApplyPropertyExpanding::applyInheritValue):
        (WebCore::ApplyPropertyExpanding::applyInitialValue):
        (WebCore::ApplyPropertyExpanding::applyValue):
        (WebCore::ApplyPropertyDefaultBase::applyInheritValue):
        (WebCore::ApplyPropertyDefaultBase::applyInitialValue):
        (WebCore::ApplyPropertyDefaultBase::applyValue):
        (WebCore::ApplyPropertyDefault::applyValue):
        (WebCore::ApplyPropertyNumber::applyValue):
        (WebCore::ApplyPropertyStyleImage::applyValue):
        (WebCore::ApplyPropertyAuto::applyInheritValue):
        (WebCore::ApplyPropertyAuto::applyInitialValue):
        (WebCore::ApplyPropertyAuto::applyValue):
        (WebCore::ApplyPropertyClip::convertToLength):
        (WebCore::ApplyPropertyClip::applyInheritValue):
        (WebCore::ApplyPropertyClip::applyInitialValue):
        (WebCore::ApplyPropertyClip::applyValue):
        (WebCore::ApplyPropertyColor::applyInheritValue):
        (WebCore::ApplyPropertyColor::applyInitialValue):
        (WebCore::ApplyPropertyColor::applyValue):
        (WebCore::ApplyPropertyColor::applyColorValue):
        (WebCore::ApplyPropertyDirection::applyValue):
        (WebCore::ApplyPropertyLength::applyValue):
        (WebCore::ApplyPropertyString::applyValue):
        (WebCore::ApplyPropertyBorderRadius::applyValue):
        (WebCore::ApplyPropertyFillLayer::applyInheritValue):
        (WebCore::ApplyPropertyFillLayer::applyInitialValue):
        (WebCore::ApplyPropertyFillLayer::applyValue):
        (WebCore::ApplyPropertyComputeLength::applyValue):
        (WebCore::ApplyPropertyFont::applyInheritValue):
        (WebCore::ApplyPropertyFont::applyInitialValue):
        (WebCore::ApplyPropertyFont::applyValue):
        (WebCore::ApplyPropertyFontSize::applyInheritValue):
        (WebCore::ApplyPropertyFontSize::applyInitialValue):
        (WebCore::ApplyPropertyFontSize::applyValue):
        (WebCore::ApplyPropertyFontWeight::applyValue):
        (WebCore::ApplyPropertyFontVariantLigatures::applyInheritValue):
        (WebCore::ApplyPropertyFontVariantLigatures::applyInitialValue):
        (WebCore::ApplyPropertyFontVariantLigatures::applyValue):
        (WebCore::ApplyPropertyBorderImage::applyValue):
        (WebCore::ApplyPropertyBorderImageModifier::applyInheritValue):
        (WebCore::ApplyPropertyBorderImageModifier::applyInitialValue):
        (WebCore::ApplyPropertyBorderImageModifier::applyValue):
        (WebCore::ApplyPropertyBorderImageSource::applyValue):
        (WebCore::ApplyPropertyCounter::emptyFunction):
        (WebCore::ApplyPropertyCounter::applyInheritValue):
        (WebCore::ApplyPropertyCounter::applyValue):
        (WebCore::ApplyPropertyCursor::applyInheritValue):
        (WebCore::ApplyPropertyCursor::applyInitialValue):
        (WebCore::ApplyPropertyCursor::applyValue):
        (WebCore::ApplyPropertyTextAlign::applyValue):
        (WebCore::ApplyPropertyTextDecoration::applyValue):
        (WebCore::ApplyPropertyUnicodeBidi::applyValue):
        (WebCore::ApplyPropertyLineHeight::applyValue):
        (WebCore::ApplyPropertyPageSize::applyInheritValue):
        (WebCore::ApplyPropertyPageSize::applyInitialValue):
        (WebCore::ApplyPropertyPageSize::applyValue):
        (WebCore::ApplyPropertyTextEmphasisStyle::applyInheritValue):
        (WebCore::ApplyPropertyTextEmphasisStyle::applyInitialValue):
        (WebCore::ApplyPropertyTextEmphasisStyle::applyValue):
        (WebCore):
        (WebCore::ApplyPropertyAnimation::map):
        (WebCore::ApplyPropertyAnimation::applyInheritValue):
        (WebCore::ApplyPropertyAnimation::applyInitialValue):
        (WebCore::ApplyPropertyAnimation::applyValue):
        (WebCore::ApplyPropertyOutlineStyle::applyInheritValue):
        (WebCore::ApplyPropertyOutlineStyle::applyInitialValue):
        (WebCore::ApplyPropertyOutlineStyle::applyValue):
        (WebCore::ApplyPropertyResize::applyValue):
        (WebCore::ApplyPropertyVerticalAlign::applyValue):
        (WebCore::ApplyPropertyAspectRatio::applyInheritValue):
        (WebCore::ApplyPropertyAspectRatio::applyInitialValue):
        (WebCore::ApplyPropertyAspectRatio::applyValue):
        (WebCore::ApplyPropertyZoom::resetEffectiveZoom):
        (WebCore::ApplyPropertyZoom::applyInheritValue):
        (WebCore::ApplyPropertyZoom::applyInitialValue):
        (WebCore::ApplyPropertyZoom::applyValue):
        (WebCore::ApplyPropertyDisplay::isValidDisplayValue):
        (WebCore::ApplyPropertyDisplay::applyInheritValue):
        (WebCore::ApplyPropertyDisplay::applyInitialValue):
        (WebCore::ApplyPropertyDisplay::applyValue):
        (WebCore::ApplyPropertyFlex::applyInheritValue):
        (WebCore::ApplyPropertyFlex::applyInitialValue):
        (WebCore::ApplyPropertyFlex::applyValue):
        (WebCore::StyleBuilder::StyleBuilder):
        * css/StyleBuilder.h:
        (WebCore):
        (PropertyHandler):
        (WebCore::PropertyHandler::applyInheritValue):
        (WebCore::PropertyHandler::applyInitialValue):
        (WebCore::PropertyHandler::applyValue):
        * css/StyleMedia.cpp:
        (WebCore::StyleMedia::matchMedium):
        * css/WebKitCSSKeyframesRule.cpp:
        (WebCore::WebKitCSSKeyframesRule::setName):
        * css/WebKitCSSMatrix.cpp:
        (WebCore::WebKitCSSMatrix::setMatrixValue):
        * dom/Document.cpp:
        (WebCore::Document::recalcStyle):
        (WebCore::Document::createStyleSelector):
        (WebCore::Document::testAddedStylesheetRequiresStyleRecalc):
        * dom/Document.h:
        (WebCore):
        (WebCore::Document::styleSelectorIfExists):
        (WebCore::Document::styleSelector):
        (Document):
        * dom/Element.cpp:
        (StyleSelectorParentPusher):
        (WebCore::Element::attributeChanged):
        (WebCore::Element::beginParsingChildren):
        (WebCore::Element::finishParsingChildren):
        * dom/ShadowRoot.cpp:
        (WebCore::ShadowRoot::attach):
        * dom/ShadowTree.cpp:
        (WebCore::ShadowTree::recalcShadowTreeStyle):
        * editing/EditingStyle.cpp:
        (WebCore::EditingStyle::mergeStyleFromRules):
        (WebCore::EditingStyle::removeStyleFromRulesAndContext):
        (WebCore::EditingStyle::removePropertiesInElementDefaultStyle):
        (WebCore::legacyFontSizeFromCSSValue):
        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::focusedOrActiveStateChanged):
        * history/CachedPage.cpp:
        (WebCore::CachedPage::restore):
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::styleSelector):
        * html/HTMLCanvasElement.h:
        (HTMLCanvasElement):
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::process):
        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::setFont):
        * inspector/InspectorCSSAgent.cpp:
        (WebCore::InspectorCSSAgent::getMatchedStylesForNode):
        (WebCore::InspectorCSSAgent::buildArrayForRuleList):
        * inspector/InspectorCSSAgent.h:
        (InspectorCSSAgent):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::getMatchedCSSRules):
        * page/Page.cpp:
        (WebCore::Page::allVisitedStateChanged):
        (WebCore::Page::visitedStateChanged):
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationController::updateAnimations):
        * platform/blackberry/RenderThemeBlackBerry.cpp:
        (WebCore::RenderThemeBlackBerry::adjustButtonStyle):
        (WebCore::RenderThemeBlackBerry::adjustTextAreaStyle):
        (WebCore::RenderThemeBlackBerry::adjustTextFieldStyle):
        (WebCore::RenderThemeBlackBerry::adjustSearchFieldStyle):
        (WebCore::RenderThemeBlackBerry::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeBlackBerry::adjustMenuListButtonStyle):
        (WebCore::RenderThemeBlackBerry::adjustMenuListStyle):
        (WebCore::RenderThemeBlackBerry::adjustCheckboxStyle):
        (WebCore::RenderThemeBlackBerry::adjustRadioStyle):
        * platform/blackberry/RenderThemeBlackBerry.h:
        (RenderThemeBlackBerry):
        * platform/efl/RenderThemeEfl.cpp:
        (WebCore::RenderThemeEfl::adjustSliderTrackStyle):
        (WebCore::RenderThemeEfl::adjustSliderThumbStyle):
        (WebCore::RenderThemeEfl::adjustCheckboxStyle):
        (WebCore::RenderThemeEfl::adjustRadioStyle):
        (WebCore::RenderThemeEfl::adjustButtonStyle):
        (WebCore::RenderThemeEfl::adjustMenuListStyle):
        (WebCore::RenderThemeEfl::adjustMenuListButtonStyle):
        (WebCore::RenderThemeEfl::adjustTextFieldStyle):
        (WebCore::RenderThemeEfl::adjustTextAreaStyle):
        (WebCore::RenderThemeEfl::adjustSearchFieldDecorationStyle):
        (WebCore::RenderThemeEfl::adjustSearchFieldResultsButtonStyle):
        (WebCore::RenderThemeEfl::adjustSearchFieldResultsDecorationStyle):
        (WebCore::RenderThemeEfl::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeEfl::adjustSearchFieldStyle):
        (WebCore::RenderThemeEfl::adjustProgressBarStyle):
        * platform/efl/RenderThemeEfl.h:
        (RenderThemeEfl):
        * platform/gtk/RenderThemeGtk.cpp:
        (WebCore::RenderThemeGtk::adjustButtonStyle):
        (WebCore::RenderThemeGtk::adjustMenuListStyle):
        (WebCore::RenderThemeGtk::adjustMenuListButtonStyle):
        (WebCore::RenderThemeGtk::adjustSearchFieldResultsButtonStyle):
        (WebCore::RenderThemeGtk::adjustSearchFieldResultsDecorationStyle):
        (WebCore::RenderThemeGtk::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeGtk::adjustSearchFieldStyle):
        (WebCore::RenderThemeGtk::adjustSliderTrackStyle):
        (WebCore::RenderThemeGtk::adjustSliderThumbStyle):
        (WebCore::RenderThemeGtk::adjustProgressBarStyle):
        * platform/gtk/RenderThemeGtk.h:
        (RenderThemeGtk):
        * platform/gtk/RenderThemeGtk2.cpp:
        (WebCore::RenderThemeGtk::adjustInnerSpinButtonStyle):
        * platform/gtk/RenderThemeGtk3.cpp:
        (WebCore::RenderThemeGtk::adjustInnerSpinButtonStyle):
        * platform/qt/RenderThemeQt.cpp:
        (WebCore::RenderThemeQt::adjustTextFieldStyle):
        (WebCore::RenderThemeQt::adjustTextAreaStyle):
        (WebCore::RenderThemeQt::adjustMenuListStyle):
        (WebCore::RenderThemeQt::adjustMenuListButtonStyle):
        (WebCore::RenderThemeQt::adjustProgressBarStyle):
        (WebCore::RenderThemeQt::adjustSliderTrackStyle):
        (WebCore::RenderThemeQt::adjustSliderThumbStyle):
        (WebCore::RenderThemeQt::adjustSearchFieldStyle):
        (WebCore::RenderThemeQt::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeQt::adjustSearchFieldDecorationStyle):
        (WebCore::RenderThemeQt::adjustSearchFieldResultsDecorationStyle):
        (WebCore::RenderThemeQt::adjustInnerSpinButtonStyle):
        * platform/qt/RenderThemeQt.h:
        (RenderThemeQt):
        * platform/qt/RenderThemeQtMobile.cpp:
        (WebCore::RenderThemeQtMobile::adjustButtonStyle):
        (WebCore::RenderThemeQtMobile::adjustTextFieldStyle):
        (WebCore::RenderThemeQtMobile::adjustMenuListStyle):
        * platform/qt/RenderThemeQtMobile.h:
        (RenderThemeQtMobile):
        * platform/wx/RenderThemeWx.cpp:
        (RenderThemeWx):
        (WebCore::RenderThemeWx::adjustButtonStyle):
        (WebCore::RenderThemeWx::adjustTextFieldStyle):
        (WebCore::RenderThemeWx::adjustMenuListStyle):
        (WebCore::RenderThemeWx::adjustMenuListButtonStyle):
        * rendering/RenderInputSpeech.cpp:
        (WebCore::RenderInputSpeech::adjustInputFieldSpeechButtonStyle):
        * rendering/RenderInputSpeech.h:
        (RenderInputSpeech):
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::adjustStyle):
        (WebCore::RenderTheme::adjustCheckboxStyle):
        (WebCore::RenderTheme::adjustRadioStyle):
        (WebCore::RenderTheme::adjustButtonStyle):
        (WebCore::RenderTheme::adjustInnerSpinButtonStyle):
        (WebCore::RenderTheme::adjustTextFieldStyle):
        (WebCore::RenderTheme::adjustTextAreaStyle):
        (WebCore::RenderTheme::adjustMenuListStyle):
        (WebCore::RenderTheme::adjustInputFieldSpeechButtonStyle):
        (WebCore::RenderTheme::adjustMeterStyle):
        (WebCore::RenderTheme::adjustProgressBarStyle):
        (WebCore::RenderTheme::adjustMenuListButtonStyle):
        (WebCore::RenderTheme::adjustSliderTrackStyle):
        (WebCore::RenderTheme::adjustSliderThumbStyle):
        (WebCore::RenderTheme::adjustSearchFieldStyle):
        (WebCore::RenderTheme::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderTheme::adjustSearchFieldDecorationStyle):
        (WebCore::RenderTheme::adjustSearchFieldResultsDecorationStyle):
        (WebCore::RenderTheme::adjustSearchFieldResultsButtonStyle):
        * rendering/RenderTheme.h:
        (RenderTheme):
        * rendering/RenderThemeChromiumAndroid.cpp:
        (WebCore::RenderThemeChromiumAndroid::adjustInnerSpinButtonStyle):
        * rendering/RenderThemeChromiumAndroid.h:
        (RenderThemeChromiumAndroid):
        * rendering/RenderThemeChromiumLinux.cpp:
        (WebCore::RenderThemeChromiumLinux::adjustInnerSpinButtonStyle):
        * rendering/RenderThemeChromiumLinux.h:
        (RenderThemeChromiumLinux):
        * rendering/RenderThemeChromiumSkia.cpp:
        (WebCore::RenderThemeChromiumSkia::adjustButtonStyle):
        (WebCore::RenderThemeChromiumSkia::adjustSearchFieldStyle):
        (WebCore::RenderThemeChromiumSkia::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeChromiumSkia::adjustSearchFieldDecorationStyle):
        (WebCore::RenderThemeChromiumSkia::adjustSearchFieldResultsDecorationStyle):
        (WebCore::RenderThemeChromiumSkia::adjustSearchFieldResultsButtonStyle):
        (WebCore::RenderThemeChromiumSkia::adjustMenuListStyle):
        (WebCore::RenderThemeChromiumSkia::adjustMenuListButtonStyle):
        * rendering/RenderThemeChromiumSkia.h:
        (RenderThemeChromiumSkia):
        * rendering/RenderThemeChromiumWin.cpp:
        (WebCore):
        (WebCore::RenderThemeChromiumWin::adjustInnerSpinButtonStyle):
        (WebCore::RenderThemeChromiumWin::adjustProgressBarStyle):
        * rendering/RenderThemeChromiumWin.h:
        (RenderThemeChromiumWin):
        * rendering/RenderThemeMac.h:
        (RenderThemeMac):
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::setFontFromControlSize):
        (WebCore::RenderThemeMac::adjustTextFieldStyle):
        (WebCore::RenderThemeMac::adjustTextAreaStyle):
        (WebCore::RenderThemeMac::adjustProgressBarStyle):
        (WebCore::RenderThemeMac::adjustMenuListStyle):
        (WebCore::RenderThemeMac::adjustMenuListButtonStyle):
        (WebCore::RenderThemeMac::adjustSliderTrackStyle):
        (WebCore::RenderThemeMac::adjustSliderThumbStyle):
        (WebCore::RenderThemeMac::adjustSearchFieldStyle):
        (WebCore::RenderThemeMac::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeMac::adjustSearchFieldDecorationStyle):
        (WebCore::RenderThemeMac::adjustSearchFieldResultsDecorationStyle):
        (WebCore::RenderThemeMac::adjustSearchFieldResultsButtonStyle):
        * rendering/RenderThemeSafari.cpp:
        (WebCore::RenderThemeSafari::setFontFromControlSize):
        (WebCore::RenderThemeSafari::adjustButtonStyle):
        (WebCore::RenderThemeSafari::adjustTextFieldStyle):
        (WebCore::RenderThemeSafari::adjustTextAreaStyle):
        (WebCore::RenderThemeSafari::adjustMenuListStyle):
        (WebCore::RenderThemeSafari::adjustMenuListButtonStyle):
        (WebCore::RenderThemeSafari::adjustSliderThumbStyle):
        (WebCore::RenderThemeSafari::adjustSearchFieldStyle):
        (WebCore::RenderThemeSafari::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeSafari::adjustSearchFieldDecorationStyle):
        (WebCore::RenderThemeSafari::adjustSearchFieldResultsDecorationStyle):
        (WebCore::RenderThemeSafari::adjustSearchFieldResultsButtonStyle):
        * rendering/RenderThemeSafari.h:
        (RenderThemeSafari):
        * rendering/RenderThemeWin.cpp:
        (WebCore::RenderThemeWin::adjustInnerSpinButtonStyle):
        (WebCore::RenderThemeWin::adjustMenuListStyle):
        (WebCore::RenderThemeWin::adjustMenuListButtonStyle):
        (WebCore::RenderThemeWin::adjustSearchFieldStyle):
        (WebCore::RenderThemeWin::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeWin::adjustSearchFieldDecorationStyle):
        (WebCore::RenderThemeWin::adjustSearchFieldResultsDecorationStyle):
        (WebCore::RenderThemeWin::adjustSearchFieldResultsButtonStyle):
        * rendering/RenderThemeWin.h:
        (RenderThemeWin):
        (WebCore::RenderThemeWin::adjustButtonStyle):
        (WebCore::RenderThemeWin::adjustTextFieldStyle):
        (WebCore::RenderThemeWin::adjustTextAreaStyle):
        * rendering/RenderThemeWinCE.cpp:
        (WebCore::RenderThemeWinCE::adjustMenuListStyle):
        (WebCore::RenderThemeWinCE::adjustSearchFieldStyle):
        (WebCore::RenderThemeWinCE::adjustSearchFieldCancelButtonStyle):
        (WebCore::RenderThemeWinCE::adjustSearchFieldDecorationStyle):
        (WebCore::RenderThemeWinCE::adjustSearchFieldResultsDecorationStyle):
        (WebCore::RenderThemeWinCE::adjustSearchFieldResultsButtonStyle):
        (WebCore::RenderThemeWinCE::adjustMenuListButtonStyle):
        * rendering/RenderThemeWinCE.h:
        (RenderThemeWinCE):
        (WebCore::RenderThemeWinCE::adjustButtonStyle):
        (WebCore::RenderThemeWinCE::adjustTextFieldStyle):
        (WebCore::RenderThemeWinCE::adjustTextAreaStyle):
        * rendering/style/RenderStyle.cpp:
        (WebCore::RenderStyle::isStyleAvailable):
        * rendering/style/RenderStyle.h:
        (WebCore):
        * rendering/style/StyleRareNonInheritedData.h:
        (WebCore):
        * rendering/svg/RenderSVGInlineText.cpp:
        (WebCore::RenderSVGInlineText::computeNewScaledFontForStyle):
        * rendering/svg/SVGRenderSupport.cpp:
        (WebCore::SVGRenderSupport::isOverflowHidden):

2012-04-15  Robert Hogan  <robert@webkit.org>

        CSS 2.1 failure: table-columns-example-001 fails
        https://bugs.webkit.org/show_bug.cgi?id=83978

        Reviewed by David Hyatt.

        Tests: css2.1/20110323/table-columns-example-001.html
               fast/css/table-rules-attribute-groups-with-frame.html
               fast/css/table-rules-attribute-groups.html
               fast/css/table-rules-attribute-none-with-frame.html
               fast/css/table-rules-attribute-with-frame1.html
               fast/css/table-rules-attribute-with-frame2.html
               fast/css/table-rules-attribute.html

        WebKit does not implement the 'cols', 'rows', and 'all' rules attributes correctly
        for cells that are adjacent to the table's edges. The solution is to follow the hint in the
        spec at http://www.w3.org/TR/CSS21/tables.html#columns and set the table's border to 
        hidden when the rules attribute is set to one of 'cols', 'rows' or 'all', and the table itself
        has no explicit border. Border collapsing will take care of the rest as 'hidden' always wins in 
        border-conflict resolution. It's not completely clear from the spec that an explicit table border
        should trump a cols rule but doing so is consistent with FF and Opera at least. A 'rules' attribute
        is trumped by anything specified for the 'frame' attribute so need to ensure that is respected too.

        In short, any 'rules' attribute means a hidden table border unless there's a frame or border attribute.

        * html/HTMLTableElement.cpp:
        (WebCore::HTMLTableElement::additionalAttributeStyle):

2012-04-22  Timothy Hatcher  <timothy@apple.com>

        Stop installing localizedStrings.js in Production builds.

        <rdar://problem/11296649>

        Reviewed by Joseph Pecoraro.

        * Configurations/WebCore.xcconfig: Added EXCLUDED_SOURCE_FILE_NAMES_Production_macosx
        and modified EXCLUDED_SOURCE_FILE_NAMES to look for CONFIGURATION variant.

2012-04-24  Yuzhu Shen  <yzshen@chromium.org>

        [chromium] Add a description field in WebURLError and show failure description in the inspector network tab.
        https://bugs.webkit.org/show_bug.cgi?id=84566

        Reviewed by Pavel Feldman.

        * inspector/front-end/NetworkPanel.js:
        (WebInspector.NetworkDataGridNode.prototype._refreshStatusCell):
        * platform/chromium/support/WebURLError.cpp:
        (WebKit::WebURLError::operator=):
        (WebKit::WebURLError::operator ResourceError):

2012-04-24  Rob Buis  <rbuis@rim.com>

        [SVG] getBBox on a <g> within symbol returns 0 but with defs it works correctly
        https://bugs.webkit.org/show_bug.cgi?id=72796

        SVG <use> of <symbol> containing <linearGradient> renders black
        https://bugs.webkit.org/show_bug.cgi?id=82775

        Reviewed by Dirk Schulze.

        Create RenderSVGHiddenContainer for each <symbol>, which allows creation of child renderers too. This fixes
        both bugs since the bbox can be calculated at all times now and gradients in <symbol> are always created.
        This does allocate more memory but in general <symbol> is not used a lot and they tend to be small subtrees.

        Patch by Leo Yang.

        Tests: svg/custom/bbox-of-g-in-symbol.svg
               svg/custom/gradient-in-symbol-expected.svg
               svg/custom/gradient-in-symbol.svg

        * svg/SVGSymbolElement.cpp:
        (WebCore::SVGSymbolElement::createRenderer):
        (WebCore):
        * svg/SVGSymbolElement.h:
        (SVGSymbolElement):

2012-04-24  Brady Eidson  <beidson@apple.com>

        <rdar://problem/10120155> and https://bugs.webkit.org/show_bug.cgi?id=82664
         Need DOMWindow mechanism to supplement UserScripts for page cache notifications

        This patch creates a new object type "DOMWindowExtension" which extends DOMWindowProperty.
        A DOMWindowExtension is tied to a particular DOMWindow and represents extensibility in that
        DOMWindow within a particular DOMWrapperWorld.

        It is a token object meant designed to notify clients of the various events in the lifetime
        of a DOMWindow property such as creation, disconnecting for the page cache, reconnecting
        when restoring from the page cache, and DOMWindow destruction.

        Reviewed by Sam Weinig.

        New WebKit API test DOMWindowExtensionBasic added.

        Add hooks for 4 new client calls regarding DOMWindowExtensions and global object lifetime:
        * loader/FrameLoaderClient.h:
        (WebCore::FrameLoaderClient::dispatchCanCreateGlobalObject):
        (WebCore::FrameLoaderClient::dispatchWillDisconnectDOMWindowExtensionFromGlobalObject):
        (WebCore::FrameLoaderClient::dispatchDidReconnectDOMWindowExtensionToGlobalObject):
        (WebCore::FrameLoaderClient::dispatchWillDestroyGlobalObjectForDOMWindowExtension):
        
        At the same time "DidClearWindowObject" is called, also notify clients that the global object is available:
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::receivedFirstData):
        (WebCore::FrameLoader::dispatchGlobalObjectAvailableInAllWorlds):
        * loader/FrameLoader.h:

         DOMWindowProperties might want to unregister themselves during these notifications, so copy
         the set to a Vector. While this technique is arguably fragile, its certainly less fragile than
         mutating a set while iterating it:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::willDetachPage):
        (WebCore::DOMWindow::disconnectDOMWindowProperties):
        (WebCore::DOMWindow::reconnectDOMWindowProperties):

         Implement the DOMWindowExtension object. It acts like a DOMWindowProperty with the added capability
         of remembering what Frame it used to be connected to so it can *always* notify clients on willDetachPage:
        * page/DOMWindowExtension.cpp: Added.
        (WebCore::DOMWindowExtension::DOMWindowExtension):
        (WebCore::DOMWindowExtension::~DOMWindowExtension):
        (WebCore::DOMWindowExtension::disconnectFrame):
        (WebCore::DOMWindowExtension::reconnectFrame):
        (WebCore::DOMWindowExtension::willDetachPage):
        * page/DOMWindowExtension.h: Added.
        (WebCore::DOMWindowExtension::create):
        (WebCore::DOMWindowExtension::world):

         Project files:
        * CMakeLists.txt:
        * GNUmakefile.list.am:
        * Target.pri:
        * WebCore.exp.in:
        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:

2012-04-24  Sami Kyostila  <skyostil@chromium.org>

        [chromium] Don't keep pointers to released layer tree
        https://bugs.webkit.org/show_bug.cgi?id=84715

        Reviewed by Adrienne Walker.

        As part of tree synchronization, CCLayerTreeHostImpl loses ownership of
        the previous tree (as per releaseRootLayer()). After this point we
        should not retain any pointers to the old tree, because they are
        effectively invalid as soon as the root layer is released.

        For processing scroll updates we need to keep track of which layer is
        being scrolled, and this state needs to survive tree synchronizations.
        Instead of keeping a direct pointer to the scrolled layer, we now save
        the id of that layer and use it to look up the same layer from the new
        tree.

        Unit test: CCLayerTreeHostImplTest.replaceTreeWhileScrolling

        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
        (WebCore::CCLayerTreeHostImpl::CCLayerTreeHostImpl):
        (WebCore::CCLayerTreeHostImpl::setRootLayer):
        (WebCore::CCLayerTreeHostImpl::releaseRootLayer):
        (WebCore::CCLayerTreeHostImpl::scrollBegin):
        (WebCore::CCLayerTreeHostImpl::scrollEnd):
        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
        (CCLayerTreeHostImpl):

2012-04-24  Alexandru Chiculita  <achicu@adobe.com>

        [CSS Filters] Move m_filter and related fields from RenderLayer to a different structure and only allocate it when needed
        https://bugs.webkit.org/show_bug.cgi?id=84460

        Reviewed by Dean Jackson.

        The new RenderLayerFilterInfo is meant to be allocated only when needed by filters. The link to the RenderLayerFilterInfo
        is maintained using a HashMap and a single boolean in the RenderLayer class.

        No new tests, just extracted a couple of fields inside the RenderLayer to a separate class.

        * GNUmakefile.list.am:
        * Target.pri:
        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/FilterEffectRenderer.cpp:
        (WebCore::FilterEffectRendererHelper::prepareFilterEffect):
        (WebCore::FilterEffectRendererHelper::beginFilterEffect):
        (WebCore::FilterEffectRendererHelper::applyFilterEffect):
        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::RenderLayer):
        (WebCore::RenderLayer::~RenderLayer):
        (WebCore::RenderLayer::paintsWithFilters):
        (WebCore::RenderLayer::requiresFullLayerImageForFilters):
        (WebCore::RenderLayer::setFilterBackendNeedsRepaintingInRect):
        (WebCore::RenderLayer::paintLayerContents):
        (WebCore::RenderLayer::updateOrRemoveFilterEffect):
        * rendering/RenderLayer.h:
        (WebCore::RenderLayer::filterRenderer):
        (RenderLayer):
        (WebCore::RenderLayer::filterInfo):
        (WebCore::RenderLayer::ensureFilterInfo):
        (WebCore::RenderLayer::removeFilterInfoIfNeeded):
        (WebCore::RenderLayer::hasFilterInfo):
        (WebCore::RenderLayer::setHasFilterInfo):
        * rendering/RenderLayerFilterInfo.cpp: Added.
        (WebCore):
        (WebCore::RenderLayerFilterInfo::filterInfoForRenderLayer):
        (WebCore::RenderLayerFilterInfo::createFilterInfoForRenderLayerIfNeeded):
        (WebCore::RenderLayerFilterInfo::removeFilterInfoForRenderLayer):
        (WebCore::RenderLayerFilterInfo::RenderLayerFilterInfo):
        (WebCore::RenderLayerFilterInfo::~RenderLayerFilterInfo):
        (WebCore::RenderLayerFilterInfo::setRenderer):
        * rendering/RenderLayerFilterInfo.h: Added.
        (WebCore):
        (RenderLayerFilterInfo):
        (WebCore::RenderLayerFilterInfo::dirtySourceRect):
        (WebCore::RenderLayerFilterInfo::addDirtySourceRect):
        (WebCore::RenderLayerFilterInfo::resetDirtySourceRect):
        (WebCore::RenderLayerFilterInfo::renderer):

2012-04-24  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate around in SerializedScriptValue.cpp (Part1)
        https://bugs.webkit.org/show_bug.cgi?id=84663

        Reviewed by Nate Chapin.

        The objective is to pass Isolate to toV8() in SerializedScriptValue.cpp.

        Part1: Add an Isolate argument to SerializedScriptValue::create(),
        SerializedScriptValue::deserialize(), etc.
        Part2: Add an m_isolate member to SerializedScriptValue::Writer()
        and SerializedScriptValue::Reader().
        Part3: Pass Isolate to toV8().

        This patch fixes Part1.

        No tests. No change in behavior.

        * bindings/v8/SerializedScriptValue.cpp:
        (WebCore::SerializedScriptValue::create):
        (WebCore::SerializedScriptValue::undefinedValue):
        (WebCore::SerializedScriptValue::booleanValue):
        (WebCore::SerializedScriptValue::numberValue):
        (WebCore::SerializedScriptValue::SerializedScriptValue):
        (WebCore::SerializedScriptValue::deserialize):
        (WebCore::SerializedScriptValue::deserializeForInspector):
        * bindings/v8/SerializedScriptValue.h:
        (SerializedScriptValue):

2012-04-24  Kentaro Hara  <haraken@chromium.org>

        [V8][Refactoring] Remove deserializeAndSetProperty()
        from SerializedScriptValue.cpp
        https://bugs.webkit.org/show_bug.cgi?id=84662

        Reviewed by Nate Chapin.

        SerializedScriptValue::deserializeAndSetProperty() is no
        longer used. This patch removes it.

        No tests. No change in behavior.

        * bindings/v8/SerializedScriptValue.cpp:
        * bindings/v8/SerializedScriptValue.h:

2012-04-24  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to setDOMException() in CodeGeneratorV8.pm
        https://bugs.webkit.org/show_bug.cgi?id=84660

        Reviewed by Nate Chapin.

        The objective is to pass Isolate around in V8 bindings.
        This patch passes Isolate to setDOMException() in CodeGeneratorV8.pm.

        Test: bindings/scripts/test/TestEventTarget.idl
              bindings/scripts/test/TestObj.idl
              bindings/scripts/test/TestInterface.idl

        * bindings/scripts/CodeGeneratorV8.pm: Modified as described above.
        (GenerateSetDOMException):
        (GenerateNormalAttrGetter):
        (GenerateNormalAttrSetter):
        (GenerateFunctionCallback):
        (GenerateParametersCheck):
        (GenerateFunctionCallString):

        * bindings/scripts/test/V8/V8TestEventTarget.cpp:
        Updated run-bindings-tests results.
        (WebCore::TestEventTargetV8Internal::itemCallback):
        (WebCore::TestEventTargetV8Internal::dispatchEventCallback):
        * bindings/scripts/test/V8/V8TestInterface.cpp: Ditto.
        (WebCore::TestInterfaceV8Internal::supplementalMethod2Callback):
        * bindings/scripts/test/V8/V8TestObj.cpp: Ditto.
        (WebCore::TestObjV8Internal::attrWithGetterExceptionAttrGetter):
        (WebCore::TestObjV8Internal::attrWithGetterExceptionAttrSetter):
        (WebCore::TestObjV8Internal::attrWithSetterExceptionAttrSetter):
        (WebCore::TestObjV8Internal::stringAttrWithGetterExceptionAttrGetter):
        (WebCore::TestObjV8Internal::stringAttrWithGetterExceptionAttrSetter):
        (WebCore::TestObjV8Internal::stringAttrWithSetterExceptionAttrSetter):
        (WebCore::TestObjV8Internal::withScriptStateAttributeRaisesAttrGetter):
        (WebCore::TestObjV8Internal::withScriptStateAttributeRaisesAttrSetter):
        (WebCore::TestObjV8Internal::withScriptExecutionContextAttributeRaisesAttrGetter):
        (WebCore::TestObjV8Internal::withScriptExecutionContextAttributeRaisesAttrSetter):
        (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateAttributeRaisesAttrGetter):
        (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateAttributeRaisesAttrSetter):
        (WebCore::TestObjV8Internal::methodThatRequiresAllArgsAndThrowsCallback):
        (WebCore::TestObjV8Internal::methodWithExceptionCallback):
        (WebCore::TestObjV8Internal::withScriptStateVoidExceptionCallback):
        (WebCore::TestObjV8Internal::withScriptStateObjExceptionCallback):
        (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateObjExceptionCallback):
        (WebCore::TestObjV8Internal::getSVGDocumentCallback):
        (WebCore::TestObjV8Internal::strictFunctionCallback):

2012-04-24  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to setDOMException() (Part2)
        https://bugs.webkit.org/show_bug.cgi?id=84658

        Reviewed by Nate Chapin.

        The objective is to pass Isolate around in V8 bindings.
        This patch passes Isolate to setDOMException() in custom
        binding code.

        No tests. No change in behavior.

        * bindings/v8/V8Collection.cpp:
        (WebCore::toOptionsCollectionSetter):
        * bindings/v8/V8Collection.h:
        (WebCore):
        * bindings/v8/custom/V8ArrayBufferViewCustom.h:
        (WebCore::constructWebGLArrayWithArrayBufferArgument):
        (WebCore::setWebGLArrayHelper):
        * bindings/v8/custom/V8DOMWindowCustom.cpp:
        (WebCore::WindowSetTimeoutImpl):
        * bindings/v8/custom/V8DataViewCustom.cpp:
        (WebCore::V8DataView::getInt8Callback):
        (WebCore::V8DataView::getUint8Callback):
        (WebCore::V8DataView::setInt8Callback):
        (WebCore::V8DataView::setUint8Callback):
        * bindings/v8/custom/V8DirectoryEntrySyncCustom.cpp:
        (WebCore::V8DirectoryEntrySync::getDirectoryCallback):
        (WebCore::V8DirectoryEntrySync::getFileCallback):
        * bindings/v8/custom/V8HTMLCanvasElementCustom.cpp:
        (WebCore::V8HTMLCanvasElement::toDataURLCallback):
        * bindings/v8/custom/V8HTMLElementCustom.cpp:
        (WebCore::V8HTMLElement::itemValueAccessorSetter):
        * bindings/v8/custom/V8HTMLOptionsCollectionCustom.cpp:
        (WebCore::V8HTMLOptionsCollection::addCallback):
        (WebCore::V8HTMLOptionsCollection::lengthAccessorSetter):
        (WebCore::V8HTMLOptionsCollection::indexedPropertySetter):
        * bindings/v8/custom/V8HTMLSelectElementCustom.cpp:
        (WebCore::V8HTMLSelectElement::indexedPropertySetter):
        * bindings/v8/custom/V8NodeCustom.cpp:
        (WebCore::V8Node::insertBeforeCallback):
        (WebCore::V8Node::replaceChildCallback):
        (WebCore::V8Node::removeChildCallback):
        (WebCore::V8Node::appendChildCallback):
        * bindings/v8/custom/V8SQLTransactionCustom.cpp:
        (WebCore::V8SQLTransaction::executeSqlCallback):
        * bindings/v8/custom/V8WebKitMutationObserverCustom.cpp:
        (WebCore::V8WebKitMutationObserver::observeCallback):
        * bindings/v8/custom/V8XMLHttpRequestCustom.cpp:
        (WebCore::V8XMLHttpRequest::responseAccessorGetter):

2012-04-24  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to setDOMException() (Part1)
        https://bugs.webkit.org/show_bug.cgi?id=84656

        Reviewed by Nate Chapin.

        The objective is to pass Isolate around in V8 bindings.
        This patch passes Isolate to setDOMException() in custom binding code.

        No tests. No change in behavior.

        * bindings/v8/custom/V8LocationCustom.cpp:
        (WebCore::V8Location::protocolAccessorSetter):
        * bindings/v8/custom/V8SQLTransactionSyncCustom.cpp:
        (WebCore::V8SQLTransactionSync::executeSqlCallback):
        * bindings/v8/custom/V8SVGLengthCustom.cpp:
        (WebCore::V8SVGLength::valueAccessorGetter):
        (WebCore::V8SVGLength::valueAccessorSetter):
        (WebCore::V8SVGLength::convertToSpecifiedUnitsCallback):
        * bindings/v8/custom/V8WebGLRenderingContextCustom.cpp:
        (WebCore::getObjectParameter):
        (WebCore::V8WebGLRenderingContext::getAttachedShadersCallback):
        (WebCore::V8WebGLRenderingContext::getExtensionCallback):
        (WebCore::V8WebGLRenderingContext::getFramebufferAttachmentParameterCallback):
        (WebCore::V8WebGLRenderingContext::getParameterCallback):
        (WebCore::V8WebGLRenderingContext::getProgramParameterCallback):
        (WebCore::V8WebGLRenderingContext::getShaderParameterCallback):
        (WebCore::V8WebGLRenderingContext::getUniformCallback):
        (WebCore::vertexAttribAndUniformHelperf):
        (WebCore::uniformHelperi):
        (WebCore::uniformMatrixHelper):

2012-04-24  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: encapsulate live location into the Script.
        https://bugs.webkit.org/show_bug.cgi?id=84722

        Reviewed by Yury Semikhatsky.

        Live location is just a location on the script. The way it is implemented today involves too many indirections.

        * inspector/front-end/CompilerScriptMapping.js:
        * inspector/front-end/DebuggerModel.js:
        (WebInspector.DebuggerModel.prototype.setBreakpointByScriptLocation):
        (WebInspector.DebuggerModel.prototype.scriptForId):
        * inspector/front-end/DebuggerPresentationModel.js:
        (WebInspector.DebuggerPresentationModel.prototype.createLiveLocation):
        (WebInspector.DebuggerPresentationModel.prototype._addConsoleMessageToScript):
        (WebInspector.DebuggerPresentationModel.prototype._debuggerPaused):
        (WebInspector.DebuggerPresentationModel.prototype.set selectedCallFrame):
        (WebInspector.PresentationCallFrame.prototype.uiLocation):
        (WebInspector.DebuggerPresentationModel.CallFramePlacard):
        (WebInspector.DebuggerPresentationModel.Linkifier.prototype.linkifyRawLocation):
        * inspector/front-end/RawSourceCode.js:
        * inspector/front-end/ResourceScriptMapping.js:
        (WebInspector.ResourceScriptMapping.prototype.addScript):
        (WebInspector.ResourceScriptMapping.prototype._uiSourceCodeChanged):
        (WebInspector.ResourceScriptMapping.prototype._bindScriptToRawSourceCode):
        * inspector/front-end/Script.js:
        (WebInspector.Script):
        (WebInspector.Script.prototype.isInlineScript):
        (WebInspector.Script.prototype.setSourceMapping):
        (WebInspector.Script.prototype.createLocation):
        (WebInspector.Script.Location):
        (WebInspector.Script.Location.prototype.dispose):
        (WebInspector.Script.Location.prototype._update):
        * inspector/front-end/ScriptMapping.js:
        (WebInspector.UILocation):
        (WebInspector.SourceMapping):
        (WebInspector.SourceMapping.prototype.rawLocationToUILocation):
        (WebInspector.SourceMapping.prototype.uiLocationToRawLocation):
        (WebInspector.MainScriptMapping):
        (WebInspector.MainScriptMapping.prototype.addScript):
        (WebInspector.MainScriptMapping.prototype.reset):
        * inspector/front-end/SnippetsModel.js:
        (WebInspector.SnippetsScriptMapping.prototype._createUISourceCodeForScript):

2012-04-24  Yury Semikhatsky  <yurys@chromium.org>

        Web Inspector: a bunch of heap profiler cleanups
        https://bugs.webkit.org/show_bug.cgi?id=84730

        - HeapSnapshotProviderProxy passed explicitely as a parameter to HeapSnapshotGridNode
        constructor
        - Removed dead code
        - Removed unused parameters
        - Added more closure compiler annotations
        - Extracted code finding cycled among node ancestors into a separate method

        Reviewed by Pavel Feldman.

        * inspector/front-end/HeapSnapshot.js:
        (WebInspector.HeapSnapshot.prototype.createEdgesProvider):
        (WebInspector.HeapSnapshot.prototype.createRetainingEdgesProvider):
        (WebInspector.HeapSnapshot.prototype.createNodesProviderForDominator):
        (WebInspector.HeapSnapshotEdgesProvider):
        * inspector/front-end/HeapSnapshotDataGrids.js:
        * inspector/front-end/HeapSnapshotGridNodes.js:
        (WebInspector.HeapSnapshotGridNode):
        (WebInspector.HeapSnapshotGenericObjectNode):
        (WebInspector.HeapSnapshotObjectNode):
        (WebInspector.HeapSnapshotObjectNode.prototype._findAncestorWithSameSnapshotNodeId):
        (WebInspector.HeapSnapshotInstanceNode):
        (WebInspector.HeapSnapshotConstructorNode):
        (WebInspector.HeapSnapshotDiffNode):
        (WebInspector.HeapSnapshotDiffNode._createProvider):
        (WebInspector.HeapSnapshotDominatorObjectNode):
        * inspector/front-end/HeapSnapshotProxy.js:
        (WebInspector.HeapSnapshotWorker):
        (WebInspector.HeapSnapshotProxy.prototype.createNodesProviderForDominator):
        * inspector/front-end/utilities.js:

2012-04-24  Adam Klein  <adamk@chromium.org>

        Fix includes in StrongInlines.h and ScriptValue.h
        https://bugs.webkit.org/show_bug.cgi?id=84659

        Reviewed by Geoffrey Garen.

        This change was prompted by an attempt to use ScriptValue.h from a
        WebCore header file and running into trouble with the (as it turns out
        unnecessary) include of JSDOMBinding.h.

        * bindings/js/ScriptValue.cpp: Add include of JSDOMBinding.h, now that
        it's not included by the header.
        * bindings/js/ScriptValue.h: Remove unnecessary include of JSDOMBinding.h.

2012-04-24  Antti Koivisto  <antti@apple.com>

        Move MediaList CSSOM wrapper ownership to parent rule or stylesheet
        https://bugs.webkit.org/show_bug.cgi?id=84716

        Reviewed by Anders Carlsson.

        MediaList CSSOM wrapper should be owned by a rule or a stylesheet, not by the underlying 
        MediaQuerySet.
        
        Remove the ref forwarding from MediaList in favor of regular refcounting. Use the usual
        pattern where the parent wrapper refs the child wrapper and zeroes the backpointer
        on destruction. 

        * bindings/js/JSDOMBinding.h:
        (WebCore::root):
        * css/CSSImportRule.cpp:
        (WebCore::CSSImportRule::~CSSImportRule):
        (WebCore::CSSImportRule::media):
        * css/CSSImportRule.h:
        (StyleRuleImport):
        (CSSImportRule):
        * css/CSSMediaRule.cpp:
        (WebCore::CSSMediaRule::~CSSMediaRule):
        (WebCore::CSSMediaRule::media):
        * css/CSSMediaRule.h:
        (CSSMediaRule):
        * css/CSSStyleSheet.cpp:
        (WebCore::CSSStyleSheet::~CSSStyleSheet):
        (WebCore::CSSStyleSheet::media):
        * css/CSSStyleSheet.h:
        (CSSStyleSheet):
        * css/MediaList.cpp:
        (WebCore::MediaQuerySet::mediaText):
        (WebCore::MediaList::MediaList):
        (WebCore):
        (WebCore::MediaList::notifyChanged):
        * css/MediaList.h:
        (MediaQuerySet):
        (WebCore::MediaList::create):
        (WebCore::MediaList::parentRule):
        (WebCore::MediaList::clearParentStyleSheet):
        (WebCore::MediaList::clearParentRule):
        (WebCore::MediaList::queries):
        (MediaList):
        * css/StyleRule.h:
        (WebCore::StyleRuleMedia::mediaQueries):

2012-04-24  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Should pass canvas/philip/tests/toDataURL.jpeg.alpha.html
        https://bugs.webkit.org/show_bug.cgi?id=83973

        Reviewed by Philippe Normand.

        Test: canvas/philip/tests/toDataURL.jpeg.alpha.html

        * platform/graphics/gtk/ImageBufferGtk.cpp:
        (WebCore::encodeImage): Convert ARGB32 cairo surface into RGB24
        when encoding JPEG images since JPEG encoder doesn't support alpha
        channel.

2012-04-24  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Add WebKitCookieManager::changed signal to WebKit2 GTK+ API
        https://bugs.webkit.org/show_bug.cgi?id=82598

        Reviewed by Philippe Normand.

        * GNUmakefile.list.am: Add new files to compilation.
        * platform/gtk/TemporaryLinkStubs.cpp: Remove stubs for
        setCookieStoragePrivateBrowsingEnabled,
        startObservingCookieChanges and stopObservingCookieChanges.
        * platform/network/soup/CookieStorageSoup.cpp: Added.
        (WebCore::setCookieStoragePrivateBrowsingEnabled):
        (WebCore::soupCookiesChanged): Notify cookies changes using
        platform strategies.
        (WebCore::startObservingCookieChanges): Connect to changed signal
        of the soup cookie jar.
        (WebCore::stopObservingCookieChanges): Disconnect signals handlers
        for changed signals of the soup cookie jar.

2012-04-24  Alexis Menard  <alexis.menard@openbossa.org>

        Rename CSSStyleApplyProperty files to StyleBuilder.
        https://bugs.webkit.org/show_bug.cgi?id=84721

        Reviewed by Antti Koivisto.

        r115043 renamed CSSStyleApplyProperty class to StyleBuilder. This
        patch rename the files to match the new class name.

        No new tests : renaming of files, no behavior changes expected.

        * CMakeLists.txt:
        * GNUmakefile.list.am:
        * Target.pri:
        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * css/CSSAllInOne.cpp:
        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::collectMatchingRulesForList):
        * css/StyleBuilder.cpp: Renamed from Source/WebCore/css/CSSStyleApplyProperty.cpp.
        (WebCore):
        (ApplyPropertyExpanding):
        (WebCore::ApplyPropertyExpanding::applyInheritValue):
        (WebCore::ApplyPropertyExpanding::applyInitialValue):
        (WebCore::ApplyPropertyExpanding::applyValue):
        (WebCore::ApplyPropertyExpanding::createHandler):
        (ApplyPropertyDefaultBase):
        (WebCore::ApplyPropertyDefaultBase::setValue):
        (WebCore::ApplyPropertyDefaultBase::value):
        (WebCore::ApplyPropertyDefaultBase::initial):
        (WebCore::ApplyPropertyDefaultBase::applyInheritValue):
        (WebCore::ApplyPropertyDefaultBase::applyInitialValue):
        (WebCore::ApplyPropertyDefaultBase::applyValue):
        (WebCore::ApplyPropertyDefaultBase::createHandler):
        (ApplyPropertyDefault):
        (WebCore::ApplyPropertyDefault::setValue):
        (WebCore::ApplyPropertyDefault::applyValue):
        (WebCore::ApplyPropertyDefault::createHandler):
        (ApplyPropertyNumber):
        (WebCore::ApplyPropertyNumber::setValue):
        (WebCore::ApplyPropertyNumber::applyValue):
        (WebCore::ApplyPropertyNumber::createHandler):
        (ApplyPropertyStyleImage):
        (WebCore::ApplyPropertyStyleImage::applyValue):
        (WebCore::ApplyPropertyStyleImage::createHandler):
        (ApplyPropertyAuto):
        (WebCore::ApplyPropertyAuto::setValue):
        (WebCore::ApplyPropertyAuto::value):
        (WebCore::ApplyPropertyAuto::hasAuto):
        (WebCore::ApplyPropertyAuto::setAuto):
        (WebCore::ApplyPropertyAuto::applyInheritValue):
        (WebCore::ApplyPropertyAuto::applyInitialValue):
        (WebCore::ApplyPropertyAuto::applyValue):
        (WebCore::ApplyPropertyAuto::createHandler):
        (ApplyPropertyClip):
        (WebCore::ApplyPropertyClip::convertToLength):
        (WebCore::ApplyPropertyClip::applyInheritValue):
        (WebCore::ApplyPropertyClip::applyInitialValue):
        (WebCore::ApplyPropertyClip::applyValue):
        (WebCore::ApplyPropertyClip::createHandler):
        (WebCore::defaultInitialColor):
        (ApplyPropertyColor):
        (WebCore::ApplyPropertyColor::applyInheritValue):
        (WebCore::ApplyPropertyColor::applyInitialValue):
        (WebCore::ApplyPropertyColor::applyValue):
        (WebCore::ApplyPropertyColor::applyColorValue):
        (WebCore::ApplyPropertyColor::createHandler):
        (ApplyPropertyDirection):
        (WebCore::ApplyPropertyDirection::applyValue):
        (WebCore::ApplyPropertyDirection::createHandler):
        (ApplyPropertyLength):
        (WebCore::ApplyPropertyLength::setValue):
        (WebCore::ApplyPropertyLength::applyValue):
        (WebCore::ApplyPropertyLength::createHandler):
        (ApplyPropertyString):
        (WebCore::ApplyPropertyString::setValue):
        (WebCore::ApplyPropertyString::applyValue):
        (WebCore::ApplyPropertyString::createHandler):
        (ApplyPropertyBorderRadius):
        (WebCore::ApplyPropertyBorderRadius::setValue):
        (WebCore::ApplyPropertyBorderRadius::applyValue):
        (WebCore::ApplyPropertyBorderRadius::createHandler):
        (FillLayerAccessorTypes):
        (ApplyPropertyFillLayer):
        (WebCore::ApplyPropertyFillLayer::applyInheritValue):
        (WebCore::ApplyPropertyFillLayer::applyInitialValue):
        (WebCore::ApplyPropertyFillLayer::applyValue):
        (WebCore::ApplyPropertyFillLayer::createHandler):
        (ApplyPropertyComputeLength):
        (WebCore::ApplyPropertyComputeLength::setValue):
        (WebCore::ApplyPropertyComputeLength::applyValue):
        (WebCore::ApplyPropertyComputeLength::createHandler):
        (ApplyPropertyFont):
        (WebCore::ApplyPropertyFont::applyInheritValue):
        (WebCore::ApplyPropertyFont::applyInitialValue):
        (WebCore::ApplyPropertyFont::applyValue):
        (WebCore::ApplyPropertyFont::createHandler):
        (ApplyPropertyFontSize):
        (WebCore::ApplyPropertyFontSize::largerFontSize):
        (WebCore::ApplyPropertyFontSize::smallerFontSize):
        (WebCore::ApplyPropertyFontSize::applyInheritValue):
        (WebCore::ApplyPropertyFontSize::applyInitialValue):
        (WebCore::ApplyPropertyFontSize::applyValue):
        (WebCore::ApplyPropertyFontSize::createHandler):
        (ApplyPropertyFontWeight):
        (WebCore::ApplyPropertyFontWeight::applyValue):
        (WebCore::ApplyPropertyFontWeight::createHandler):
        (ApplyPropertyFontVariantLigatures):
        (WebCore::ApplyPropertyFontVariantLigatures::applyInheritValue):
        (WebCore::ApplyPropertyFontVariantLigatures::applyInitialValue):
        (WebCore::ApplyPropertyFontVariantLigatures::applyValue):
        (WebCore::ApplyPropertyFontVariantLigatures::createHandler):
        (ApplyPropertyBorderImage):
        (WebCore::ApplyPropertyBorderImage::applyValue):
        (WebCore::ApplyPropertyBorderImage::createHandler):
        (ApplyPropertyBorderImageModifier):
        (WebCore::ApplyPropertyBorderImageModifier::getValue):
        (WebCore::ApplyPropertyBorderImageModifier::setValue):
        (WebCore::ApplyPropertyBorderImageModifier::applyInheritValue):
        (WebCore::ApplyPropertyBorderImageModifier::applyInitialValue):
        (WebCore::ApplyPropertyBorderImageModifier::applyValue):
        (WebCore::ApplyPropertyBorderImageModifier::createHandler):
        (ApplyPropertyBorderImageSource):
        (WebCore::ApplyPropertyBorderImageSource::applyValue):
        (WebCore::ApplyPropertyBorderImageSource::createHandler):
        (ApplyPropertyCounter):
        (WebCore::ApplyPropertyCounter::emptyFunction):
        (WebCore::ApplyPropertyCounter::applyInheritValue):
        (WebCore::ApplyPropertyCounter::applyValue):
        (WebCore::ApplyPropertyCounter::createHandler):
        (ApplyPropertyCursor):
        (WebCore::ApplyPropertyCursor::applyInheritValue):
        (WebCore::ApplyPropertyCursor::applyInitialValue):
        (WebCore::ApplyPropertyCursor::applyValue):
        (WebCore::ApplyPropertyCursor::createHandler):
        (ApplyPropertyTextAlign):
        (WebCore::ApplyPropertyTextAlign::applyValue):
        (WebCore::ApplyPropertyTextAlign::createHandler):
        (ApplyPropertyTextDecoration):
        (WebCore::ApplyPropertyTextDecoration::applyValue):
        (WebCore::ApplyPropertyTextDecoration::createHandler):
        (ApplyPropertyUnicodeBidi):
        (WebCore::ApplyPropertyUnicodeBidi::applyValue):
        (WebCore::ApplyPropertyUnicodeBidi::createHandler):
        (ApplyPropertyLineHeight):
        (WebCore::ApplyPropertyLineHeight::applyValue):
        (WebCore::ApplyPropertyLineHeight::createHandler):
        (ApplyPropertyPageSize):
        (WebCore::ApplyPropertyPageSize::mmLength):
        (WebCore::ApplyPropertyPageSize::inchLength):
        (WebCore::ApplyPropertyPageSize::getPageSizeFromName):
        (WebCore::ApplyPropertyPageSize::applyInheritValue):
        (WebCore::ApplyPropertyPageSize::applyInitialValue):
        (WebCore::ApplyPropertyPageSize::applyValue):
        (WebCore::ApplyPropertyPageSize::createHandler):
        (ApplyPropertyTextEmphasisStyle):
        (WebCore::ApplyPropertyTextEmphasisStyle::applyInheritValue):
        (WebCore::ApplyPropertyTextEmphasisStyle::applyInitialValue):
        (WebCore::ApplyPropertyTextEmphasisStyle::applyValue):
        (WebCore::ApplyPropertyTextEmphasisStyle::createHandler):
        (ApplyPropertyAnimation):
        (WebCore::ApplyPropertyAnimation::setValue):
        (WebCore::ApplyPropertyAnimation::value):
        (WebCore::ApplyPropertyAnimation::test):
        (WebCore::ApplyPropertyAnimation::clear):
        (WebCore::ApplyPropertyAnimation::initial):
        (WebCore::ApplyPropertyAnimation::map):
        (WebCore::ApplyPropertyAnimation::accessAnimations):
        (WebCore::ApplyPropertyAnimation::animations):
        (WebCore::ApplyPropertyAnimation::applyInheritValue):
        (WebCore::ApplyPropertyAnimation::applyInitialValue):
        (WebCore::ApplyPropertyAnimation::applyValue):
        (WebCore::ApplyPropertyAnimation::createHandler):
        (ApplyPropertyOutlineStyle):
        (WebCore::ApplyPropertyOutlineStyle::applyInheritValue):
        (WebCore::ApplyPropertyOutlineStyle::applyInitialValue):
        (WebCore::ApplyPropertyOutlineStyle::applyValue):
        (WebCore::ApplyPropertyOutlineStyle::createHandler):
        (ApplyPropertyResize):
        (WebCore::ApplyPropertyResize::applyValue):
        (WebCore::ApplyPropertyResize::createHandler):
        (ApplyPropertyVerticalAlign):
        (WebCore::ApplyPropertyVerticalAlign::applyValue):
        (WebCore::ApplyPropertyVerticalAlign::createHandler):
        (ApplyPropertyAspectRatio):
        (WebCore::ApplyPropertyAspectRatio::applyInheritValue):
        (WebCore::ApplyPropertyAspectRatio::applyInitialValue):
        (WebCore::ApplyPropertyAspectRatio::applyValue):
        (WebCore::ApplyPropertyAspectRatio::createHandler):
        (ApplyPropertyZoom):
        (WebCore::ApplyPropertyZoom::resetEffectiveZoom):
        (WebCore::ApplyPropertyZoom::applyInheritValue):
        (WebCore::ApplyPropertyZoom::applyInitialValue):
        (WebCore::ApplyPropertyZoom::applyValue):
        (WebCore::ApplyPropertyZoom::createHandler):
        (ApplyPropertyDisplay):
        (WebCore::ApplyPropertyDisplay::isValidDisplayValue):
        (WebCore::ApplyPropertyDisplay::applyInheritValue):
        (WebCore::ApplyPropertyDisplay::applyInitialValue):
        (WebCore::ApplyPropertyDisplay::applyValue):
        (WebCore::ApplyPropertyDisplay::createHandler):
        (ApplyPropertyFlex):
        (WebCore::ApplyPropertyFlex::applyInheritValue):
        (WebCore::ApplyPropertyFlex::applyInitialValue):
        (WebCore::ApplyPropertyFlex::applyValue):
        (WebCore::ApplyPropertyFlex::createHandler):
        (WebCore::ApplyPropertyFlex::getFlexValue):
        (WebCore::StyleBuilder::sharedStyleBuilder):
        (WebCore::StyleBuilder::StyleBuilder):
        * css/StyleBuilder.h: Renamed from Source/WebCore/css/CSSStyleApplyProperty.h.
        (WebCore):
        (PropertyHandler):
        (WebCore::PropertyHandler::PropertyHandler):
        (WebCore::PropertyHandler::applyInheritValue):
        (WebCore::PropertyHandler::applyInitialValue):
        (WebCore::PropertyHandler::applyValue):
        (WebCore::PropertyHandler::isValid):
        (WebCore::PropertyHandler::inheritFunction):
        (WebCore::PropertyHandler::initialFunction):
        (WebCore::PropertyHandler::applyFunction):
        (StyleBuilder):
        (WebCore::StyleBuilder::propertyHandler):
        (WebCore::StyleBuilder::index):
        (WebCore::StyleBuilder::valid):
        (WebCore::StyleBuilder::setPropertyHandler):

2012-04-24  Florin Malita  <fmalita@chromium.org>

        WebCore::EventTarget::addEventListener crash
        https://bugs.webkit.org/show_bug.cgi?id=84171

        Reviewed by Nikolas Zimmermann.

        Test: svg/custom/use-tref-crash.svg

        Adding tref target event listeners while building the shadow tree is
        problematic, because SVGUseElement::buildShadowAndInstanceTree() only
        sets the element instance<->shadow element association at a later time.

        Fortunately, buildShadowAndInstanceTree() also propagates the event
        handlers (transferEventListenersToShadowTree) - so we can simply skip
        them in SVGTRefElement::buildPendingResource() for shadow elements.

        * svg/SVGTRefElement.cpp:
        (WebCore::SVGTRefElement::buildPendingResource):

2012-04-24  Kent Tamura  <tkent@chromium.org>

        Clickable area of a calendar picker indicator is too small.
        https://bugs.webkit.org/show_bug.cgi?id=84677

        Reviewed by Kentaro Hara.

        Test: fast/forms/date/date-appearance.html is affected.

        * css/html.css:
        (input::-webkit-calendar-picker-indicator):
        - Remove unnecessary disaplay:inline-block.
        - Add paddings instead of the margin.
        (input::-webkit-calendar-picker-indicator:hover):
        Add hover style.

2012-04-24  Alexis Menard  <alexis.menard@openbossa.org>

        Another unreviewed build fix for Mac.

        * css/CSSStyleSelector.h:
        (CSSStyleSelector):

2012-04-24  Alexis Menard  <alexis.menard@openbossa.org>

        Unreviewed build fix attempt for Mac.

        * rendering/style/RenderStyle.h:

2012-04-24  Alexis Menard  <alexis.menard@openbossa.org>

        Rename CSSStyleApplyProperty class to StyleBuilder.
        https://bugs.webkit.org/show_bug.cgi?id=84711

        Reviewed by Antti Koivisto.

        As per discussion on bug https://bugs.webkit.org/show_bug.cgi?id=42764
        the name is a bit confusing. This first patch rename the class and a
        following one will rename the files. We also drop the CSS prefix of the
        class to keep CSS prefixed classes for CSSOM types.

        No new tests : renaming, no behavior changes should appear.

        * css/CSSStyleApplyProperty.cpp:
        (WebCore::ApplyPropertyExpanding::applyInheritValue):
        (WebCore::ApplyPropertyExpanding::applyInitialValue):
        (WebCore::ApplyPropertyExpanding::applyValue):
        (WebCore::StyleBuilder::sharedStyleBuilder):
        (WebCore::StyleBuilder::StyleBuilder):
        * css/CSSStyleApplyProperty.h:
        (WebCore):
        (StyleBuilder):
        * css/CSSStyleSelector.cpp:
        (WebCore::CSSStyleSelector::CSSStyleSelector):
        (WebCore::CSSStyleSelector::collectMatchingRulesForList):
        * css/CSSStyleSelector.h:
        (CSSStyleSelector):

2012-04-24  Kent Tamura  <tkent@chromium.org>

        Merge LocalizedCalendar into LocalizedDate
        https://bugs.webkit.org/show_bug.cgi?id=84685

        Reviewed by Kentaro Hara.

        The functionality of LocalizedCalendar is very related to
        LocalizedDate. We should merge them.

        No new tests. Just refactoring.

        * WebCore.gypi: Remove LocalizedCalendar.h and LocalizedCalenderICU.cpp.
        * html/shadow/CalendarPickerElement.cpp:
        Include LocalizedDate.h instead of LocalizedCalendar.h.
        * platform/text/LocalizedCalendar.h:
        Removed. Merged into LocalizedDate.h.
        * platform/text/LocalizedCalendarICU.cpp:
        Removed. Merged into LocalizedDateICU.h.
        * platform/text/LocalizedDate.h:
        (WebCore): Move some functions from LocalizedCalendar.h.
        * platform/text/LocalizedDateICU.cpp:
        Move some functions from LocalizedCalendarICU.cpp.

2012-04-24  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: remove pure delegation code from DebuggerPresentationModel
        https://bugs.webkit.org/show_bug.cgi?id=84704

        Reviewed by Yury Semikhatsky.

        This change removes the code that delegates calls to breakpoint manager and exposes the breakpoint
        manager in debugger presentation model itself. It allows narrowing dpm dependencies.

        * inspector/front-end/BreakpointsSidebarPane.js:
        (WebInspector.JavaScriptBreakpointsSidebarPane):
        (WebInspector.JavaScriptBreakpointsSidebarPane.prototype._breakpointCheckboxClicked):
        (WebInspector.JavaScriptBreakpointsSidebarPane.prototype._breakpointContextMenu):
        (WebInspector.JavaScriptBreakpointsSidebarPane.prototype._contextMenu):
        * inspector/front-end/DebuggerModel.js:
        (WebInspector.DebuggerModel.prototype.debuggerPausedDetails):
        (WebInspector.DebuggerModel.prototype.createRawLocationByURL):
        (WebInspector.DebuggerModel.prototype.isPaused):
        * inspector/front-end/DebuggerPresentationModel.js:
        (WebInspector.DebuggerPresentationModel.prototype.get breakpointManager):
        (WebInspector.DebuggerPresentationModel.prototype._debuggerPaused):
        (WebInspector.DebuggerPresentationModelResourceBinding.prototype._setContentWithInitialContent):
        * inspector/front-end/JavaScriptSource.js:
        (WebInspector.JavaScriptSource):
        (WebInspector.JavaScriptSource.prototype.consoleMessagesCleared):
        (WebInspector.JavaScriptSource.prototype.findBreakpoint):
        (WebInspector.JavaScriptSource.prototype.setBreakpoint):
        (WebInspector.JavaScriptSource.prototype.setBreakpointEnabled):
        (WebInspector.JavaScriptSource.prototype.removeBreakpoint):
        (WebInspector.JavaScriptSource.prototype.updateBreakpoint):
        (WebInspector.JavaScriptSource.prototype.continueToLine):
        (WebInspector.JavaScriptSource.prototype.canSetContent):
        (WebInspector.JavaScriptSource.prototype.setContent):
        (WebInspector.JavaScriptSource.prototype.updateBreakpointsAfterLiveEdit):
        * inspector/front-end/JavaScriptSourceFrame.js:
        (WebInspector.JavaScriptSourceFrame.prototype.canEditSource):
        (WebInspector.JavaScriptSourceFrame.prototype.editContent):
        (WebInspector.JavaScriptSourceFrame.prototype._onContentChanged):
        (WebInspector.JavaScriptSourceFrame.prototype.populateLineGutterContextMenu.else.editBreakpointCondition.didEditBreakpointCondition):
        (WebInspector.JavaScriptSourceFrame.prototype.populateLineGutterContextMenu.else):
        (WebInspector.JavaScriptSourceFrame.prototype.populateLineGutterContextMenu):
        (WebInspector.JavaScriptSourceFrame.prototype.beforeTextChanged):
        (WebInspector.JavaScriptSourceFrame.prototype._getPopoverAnchor):
        (WebInspector.JavaScriptSourceFrame.prototype._resolveObjectForPopover.showObjectPopover):
        (WebInspector.JavaScriptSourceFrame.prototype._resolveObjectForPopover):
        (WebInspector.JavaScriptSourceFrame.prototype._setBreakpoint):
        (WebInspector.JavaScriptSourceFrame.prototype._onMouseDown):
        * inspector/front-end/ScopeChainSidebarPane.js:
        (WebInspector.ScopeChainSidebarPane.prototype.update):
        * inspector/front-end/ScriptsPanel.js:
        (WebInspector.ScriptsPanel.prototype._debuggerPaused.else.didGetUILocation):
        (WebInspector.ScriptsPanel.prototype._debuggerPaused):

2012-04-24  Yury Semikhatsky  <yurys@chromium.org>

        Web Inspector: native nodes may have snapshot id less than base snapshot max JS object id
        https://bugs.webkit.org/show_bug.cgi?id=84681

        Make sure new nodes whose IDs less than base snapshot max JS object id will
        get into snapshot delta.

        Reviewed by Pavel Feldman.

        Test: inspector/profiler/heap-snapshot-comparison-dom-groups-change.html

        * inspector/front-end/HeapSnapshot.js:
        (WebInspector.HeapSnapshot.prototype._calculateDiffForClass):
        * inspector/front-end/HeapSnapshotDataGrids.js:
        (WebInspector.HeapSnapshotSortableDataGrid): Drive-by fix, made recursion counter
        a normal field on HeapSnapshotSortableDataGrid.
        (WebInspector.HeapSnapshotSortableDataGrid.prototype.recursiveSortingEnter):
        (WebInspector.HeapSnapshotSortableDataGrid.prototype.recursiveSortingLeave):

2012-04-24  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r115000.
        http://trac.webkit.org/changeset/115000
        https://bugs.webkit.org/show_bug.cgi?id=84703

        Breaks webkit_unit_tests on Mac in Chromium:
        http://build.chromium.org/p/chromium.webkit/builders/Webkit%20Mac10.6/builds/15157
        (Requested by mnaganov on #webkit).

        * platform/graphics/skia/OpaqueRegionSkia.cpp:
        (WebCore::paintIsOpaque):
        (WebCore::OpaqueRegionSkia::popCanvasLayer):
        (WebCore::OpaqueRegionSkia::didDraw):
        (WebCore::OpaqueRegionSkia::didDrawUnbounded):
        (WebCore::OpaqueRegionSkia::markRectAsOpaque):
        (WebCore::OpaqueRegionSkia::markRectAsNonOpaque):
        * platform/graphics/skia/OpaqueRegionSkia.h:
        (OpaqueRegionSkia):
        (WebCore::OpaqueRegionSkia::CanvasLayerState::CanvasLayerState):
        (CanvasLayerState):
        * platform/graphics/skia/PlatformContextSkia.cpp:
        (WebCore::PlatformContextSkia::restoreLayer):

2012-04-23  Antti Koivisto  <antti@apple.com>

        Consolidate external stylesheet quirks handling to StyleSheetInternal
        https://bugs.webkit.org/show_bug.cgi?id=84632

        Reviewed by Andreas Kling.

        Move the repeated code from StyleImportRule and HTMLLinkElement to StyleSheetInternal::parseUserStyleSheet.
        
        Remove a BUILDING_ON_LEOPARD-only quirk.

        * css/CSSImportRule.cpp:
        (WebCore::StyleRuleImport::setCSSStyleSheet):
        * css/CSSParser.cpp:
        (WebCore):
        (WebCore::CSSParserContext::CSSParserContext):
        
            Add new settings bits to the CSSParserContext. These are used for external stylesheet parsing quirks.

        * css/CSSParserMode.h:
        (CSSParserContext):
        * css/CSSStyleSheet.cpp:
        (WebCore::StyleSheetInternal::parseUserStyleSheet):
        (WebCore::StyleSheetInternal::parseString):
        (WebCore):
        (WebCore::StyleSheetInternal::parseStringAtLine):
        * css/CSSStyleSheet.h:
        (WebCore):
        (StyleSheetInternal):
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::setCSSStyleSheet):

2012-04-24  Yael Aharon  <yael.aharon@nokia.com>

        [Qt] Move notification icon download out of WebCore
        https://bugs.webkit.org/show_bug.cgi?id=80700

        Reviewed by Simon Hausmann.

        Remove the code that downloads the notification's icon out of WebCore.
        Other ports let the client decide if to download the icon or not.
        No new tests. This patch is only removing code.

        * notifications/Notification.cpp:
        (WebCore::Notification::~Notification):
        (WebCore::Notification::show):
        (WebCore::Notification::close):
        (WebCore::Notification::contextDestroyed):
        * notifications/Notification.h:
        (Notification):

2012-04-24  Rakesh KN  <rakesh.kn@motorola.com>

        RadioNodeList support in HTMLFormElement::elements
        https://bugs.webkit.org/show_bug.cgi?id=81854

        Implement RadioNodeList support spec'ed at
        http://www.whatwg.org/specs/web-apps/current-work/multipage/common-dom-interfaces.html#radionodelist

        Reviewed by Ryosuke Niwa.

        Test: fast/forms/form-collection-radio-node-list.html

        * CMakeLists.txt:
        Added entries for new files.
        * DerivedSources.cpp: Ditto.
        * DerivedSources.make: Ditto.
        * DerivedSources.pri: Ditto.
        * GNUmakefile.list.am: Ditto.
        * Target.pri: Ditto.
        * WebCore.gypi: Ditto.
        * WebCore.vcproj/WebCore.vcproj: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * bindings/js/JSHTMLCollectionCustom.cpp:
        (WebCore::getNamedItems):
        Modified to create RadioNodeList object when FormControlCollection has more than
        one element of same name/id.
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation):
        Added code to include Node.h and JSNode.h in JSRadioNodeElement.cpp.
        * bindings/v8/custom/V8HTMLCollectionCustom.cpp:
        (WebCore::getNamedItems):
        Modified to create RadioNodeList object when FormControlCollection has more than
        one element of same name/id.
        * html/CollectionType.h:
        Added new FormControls type.
        * html/HTMLCollection.cpp:
        (WebCore::HTMLCollection::shouldIncludeChildren):
        (WebCore::HTMLCollection::isAcceptableElement):
        Handle FormControls collection type.
        * html/HTMLFormCollection.cpp:
        (WebCore::HTMLFormCollection::HTMLFormCollection):
        Contruct collection of FormControls type.
        * html/RadioNodeList.cpp: Added.
        (WebCore):
        (WebCore::RadioNodeList::RadioNodeList):
        (WebCore::RadioNodeList::~RadioNodeList):
        (WebCore::toRadioButtonInputElement):
        (WebCore::RadioNodeList::value):
        (WebCore::RadioNodeList::setValue):
        (WebCore::RadioNodeList::nodeMatches):
        * html/RadioNodeList.h: Added.
        (WebCore):
        (RadioNodeList):
        (WebCore::RadioNodeList::create):
        RadioNodeList implementation.
        * html/RadioNodeList.idl: Added.
        Idl for generating RadioNodeList JS/V8 bindings.

2012-04-24  Benjamin Poulain  <bpoulain@apple.com>

        Implement the field cache of ObjcClass in WebKit types
        https://bugs.webkit.org/show_bug.cgi?id=84667

        Reviewed by Geoffrey Garen.

        Every time we get a field through the Objective-C bridge, we waste some time converting
        the incoming string to an CFString.

        This patch implement the field cache based on WTF types so that we can return directly
        in case of a positive match.

        When we do not have a match on the Identifier, we allocate the memory and find the valid field
        as before.

        * bridge/objc/objc_class.h:
        (ObjcClass):
        * bridge/objc/objc_class.mm:
        (JSC::Bindings::deleteMethod):
        (Bindings):
        (JSC::Bindings::ObjcClass::ObjcClass):
        (JSC::Bindings::ObjcClass::fieldNamed):

2012-04-23  Andy Estes  <aestes@apple.com>

        Incremental rendering should be unsuppressed after the load event or a configurable timeout, whichever occurs first.
        https://bugs.webkit.org/show_bug.cgi?id=84583

        Reviewed by Anders Carlsson.

        In high-latency situations, having incremental rendering suppression
        enabled makes for a worse experience due to the excessively long time
        it takes for the load event to fire. So that clients that opt in to
        incremental rendering suppression can mitigate this, add a configurable
        timeout in which rendering is re-enabled if the load event has yet to
        fire.

        * dom/Document.cpp:
        (WebCore::Document::Document):
        (WebCore::Document::setReadyState): When the document transitions to
        the loading state, start a timer; when it transitions to the completed
        state, allow visual updates.
        (WebCore::Document::setVisualUpdatesAllowed): If visual updates are
        allowed, force a repaint. Otherwise, set a flag that suppresses
        rendering.
        (WebCore::Document::visualUpdatesSuppressionTimerFired): When the timer
        fires, allow visual updates.
        (WebCore::Document::implicitClose): Remove code that is now called in
        setVisualUpdatesAllowed().
        * dom/Document.h:
        (WebCore::Document::visualUpdatesAllowed):
        * page/Settings.cpp:
        (WebCore::Settings::Settings):
        * page/Settings.h:
        (WebCore::Settings::setIncrementalRenderingSuppressionTimeoutInSeconds):
        (WebCore::Settings::incrementalRenderingSuppressionTimeoutInSeconds):

2012-04-23  Dana Jansens  <danakj@chromium.org>

        [chromium] Image masks are considered opaque incorrectly
        https://bugs.webkit.org/show_bug.cgi?id=84275

        Reviewed by Adrienne Walker.

        Match the behaviour of SkCanvas layers more closely while tracking
        opaque paints. SkCanvas layers actually act as a separate device
        (ie. pixels) and when the layer is popped off, the pixels are copied
        down to the layer below.

        While we can use the total clip to decide what pixels the the
        drawing operation will affect in the final device, the blending
        down through layers needs to consider each layer carefully.

        In this case the image mask is drawn into a layer which is copied
        down using the DestinationIn operation. Since the layer contains
        non-opaque pixels, the DestinationIn copy can destroy opaque
        areas in the next layer. We add OpaqueRegionSkia::FillByCopy to
        distinguish the case where we are copying a block of pixels, and the
        alpha values are essentially unknown.

        Unit test: PlatformContextSkiaTest.trackImageMask
                   PlatformContextSkiaTest.trackImageMaskWithOpaqueRect

        * platform/graphics/skia/OpaqueRegionSkia.cpp:
        (WebCore::paintIsOpaque):
        (WebCore::OpaqueRegionSkia::applyOpaqueRegionFromLayer):
        (WebCore::OpaqueRegionSkia::pushCanvasLayer):
        (WebCore::OpaqueRegionSkia::popCanvasLayer):
        (WebCore::OpaqueRegionSkia::didDrawRect):
        (WebCore::OpaqueRegionSkia::didDrawPath):
        (WebCore::OpaqueRegionSkia::didDrawPoints):
        (WebCore::OpaqueRegionSkia::didDrawBounded):
        (WebCore::OpaqueRegionSkia::didDraw):
        (WebCore::OpaqueRegionSkia::didDrawUnbounded):
        (WebCore::OpaqueRegionSkia::markRectAsOpaque):
        (WebCore::OpaqueRegionSkia::markRectAsNonOpaque):
        (WebCore::OpaqueRegionSkia::markAllAsNonOpaque):
        * platform/graphics/skia/OpaqueRegionSkia.h:
        (OpaqueRegionSkia):
        (CanvasLayerState):
        * platform/graphics/skia/PlatformContextSkia.cpp:
        (WebCore::PlatformContextSkia::restoreLayer):

2012-04-23  Kent Tamura  <tkent@chromium.org>

        Show the format indicator in a date field
        https://bugs.webkit.org/show_bug.cgi?id=83872

        Reviewed by Hajime Morita.

        Enable the fixed placeholder feature for the date type, and show
        the editable date format as the fixed placeholder.
        The format string is created by the following steps.
        1. Obtain a pattern string from ICU
          http://icu-project.org/apiref/icu4c/classSimpleDateFormat.html#details
        2. Replace a sequence of 'y', 'Y', 'M', or 'd' in the pattern with
          a natural language string such as "year", "month", or "day".

        Test: fast/forms/date/date-fixed-placeholder.html

        * html/DateInputType.cpp:
        (WebCore::DateInputType::supportsPlaceholder): Added. Returns true.
        (WebCore::DateInputType::usesFixedPlaceholder): Added. Returns true.
        (WebCore::DateInputType::fixedPlaceholder):
        Added. Calls localizedDateFormatText() provided by LocalizedDate.h.
        * html/DateInputType.h:
        (DateInputType): Add declarations of new override functions.
        * platform/LocalizedStrings.h:
        (WebCore): Add dateFormat{Year,Month,DayInMonth}Text()
        * platform/text/ICULocale.cpp:
        (WebCore::isICUYearSymbol): A function to improve redability.
        (WebCore::isICUMonthSymbol): ditto.
        (WebCore::isICUDayInMonthSymbol): ditto.
        (WebCore::localizeFormat): Step 2 of the above description.
        (WebCore::ICULocale::initializeLocalizedDateFormatText):
        Step 1 of the above description.
        (WebCore::ICULocale::localizedDateFormatText):
        * platform/text/ICULocale.h:
        (ICULocale): Add new functions and a data member.
        * platform/text/LocalizedDate.h:
        (WebCore): Add localizedDateFormatText().
        * platform/text/LocalizedDateICU.cpp:
        (WebCore::localizedDateFormatText):
        Just call ICULocale::localizedDateFormatText().

2012-04-23  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to v8Array()
        https://bugs.webkit.org/show_bug.cgi?id=84295

        Reviewed by Nate Chapin.

        The final objective is to pass Isolate around in V8 bindings.
        This patch passes the Isolate to v8Array().

        (GenerateNormalAttrGetter):
        (NativeToJSValue):
        * bindings/scripts/test/V8/V8TestObj.cpp:
        (WebCore::TestObjV8Internal::sequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::methodReturningSequenceCallback):
        * bindings/v8/V8Binding.h:
        (WebCore::v8Array):

2012-04-23  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to GetNamedProperty()
        https://bugs.webkit.org/show_bug.cgi?id=84277

        Reviewed by Nate Chapin.

        The objective is to pass Isolate around in V8 bindings.
        This patch passes Isolate to GetNamedProperty().

        (GenerateHeader):
        * bindings/v8/V8DOMWindowShell.cpp:
        (WebCore::getter):
        * bindings/v8/custom/V8HTMLDocumentCustom.cpp:
        (WebCore::V8HTMLDocument::GetNamedProperty):
        (WebCore::V8HTMLDocument::allAccessorGetter):

2012-04-23  Michael Nordman  <michaeln@google.com>

        [chromium] DomStorage event handling mods.
        https://bugs.webkit.org/show_bug.cgi?id=84387

        Add a few simple inline getters to allow the source Document of a storage
        event to be identified given a pointer to the source StorageArea so those
        Documents can be excluded by the event dispatching logic.

        Reviewed by Dimitri Glazkov.

        No new tests. No new functionality or change in behavior.

        * page/DOMWindow.h:
        (WebCore::DOMWindow::optionalSessionStorage): simple inline getter to avoid construction where possible
        (WebCore::DOMWindow::optionalLocalStorage): ditto
        * storage/Storage.h:
        (WebCore::Storage::area): simple inline getter

2012-04-23  Kenneth Russell  <kbr@google.com>

        Change ImageData to reference Uint8ClampedArray rather than CanvasPixelArray
        https://bugs.webkit.org/show_bug.cgi?id=73011

        Reviewed by Oliver Hunt.

        Changed ImageData to contain Uint8ClampedArray instead of ByteArray
        per current HTML5 spec.

        In order to avoid introducing large data copies, it was necessary to
        switch a few other places in WebKit to use Uint8ClampedArray at the
        same time, most notably the FilterEffect implementation, portions of
        ImageBuffer, and a couple of places in the image encoders.

        Note that the change in method name from "get" to "item" occurred
        because JSC's autogenerated indexed getters reference a method
        called "item". If desired, a convenience method could be
        introduced to avoid the renamings in the FilterEffect classes.

        With these changes, ByteArray and some custom code in JavaScriptCore
        actually become unreferenced, and can be deleted. This deletion will
        be done separately in Bug 83655, to keep the size of this patch
        manageable.

        Test: fast/canvas/imagedata-contains-uint8clampedarray.html

        * bindings/js/JSImageDataCustom.cpp:
        (WebCore::toJS):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::CloneSerializer::dumpIfTerminal):
        (WebCore::CloneDeserializer::readTerminal):
        * bindings/v8/SerializedScriptValue.cpp:
        * bindings/v8/custom/V8ImageDataCustom.cpp:
        (WebCore::toV8):
        * bridge/qt/qt_pixmapruntime.cpp:
        (JSC::Bindings::QtPixmapToImageDataMethod::invoke):
        * html/ImageData.cpp:
        (WebCore::ImageData::create):
        (WebCore::ImageData::ImageData):
        * html/ImageData.h:
        (ImageData):
        (WebCore::ImageData::data):
        * html/ImageData.idl:
        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::createEmptyImageData):
        (WebCore::CanvasRenderingContext2D::getImageData):
        (WebCore::CanvasRenderingContext2D::putImageData):
        * platform/graphics/GraphicsContext3D.cpp:
        (WebCore::GraphicsContext3D::extractImageData):
        * platform/graphics/ImageBuffer.cpp:
        (WebCore::ImageBuffer::genericConvertToLuminanceMask):
        * platform/graphics/ImageBuffer.h:
        * platform/graphics/ShadowBlur.cpp:
        (WebCore::ShadowBlur::blurShadowBuffer):
        * platform/graphics/cairo/ImageBufferCairo.cpp:
        (WebCore::getImageData):
        (WebCore::ImageBuffer::getUnmultipliedImageData):
        (WebCore::ImageBuffer::getPremultipliedImageData):
        (WebCore::ImageBuffer::putByteArray):
        * platform/graphics/cg/ImageBufferCG.cpp:
        (WebCore::ImageBuffer::getUnmultipliedImageData):
        (WebCore::ImageBuffer::getPremultipliedImageData):
        (WebCore::ImageBuffer::putByteArray):
        (WebCore::ImageBuffer::toDataURL):
        (WebCore::ImageDataToDataURL):
        * platform/graphics/cg/ImageBufferDataCG.cpp:
        (WebCore::ImageBufferData::getData):
        (WebCore::ImageBufferData::putData):
        * platform/graphics/cg/ImageBufferDataCG.h:
        (ImageBufferData):
        * platform/graphics/filters/FEBlend.cpp:
        (WebCore::FEBlend::platformApplySoftware):
        * platform/graphics/filters/FEColorMatrix.cpp:
        (WebCore::effectType):
        (WebCore::FEColorMatrix::platformApplySoftware):
        * platform/graphics/filters/FEComponentTransfer.cpp:
        (WebCore::FEComponentTransfer::platformApplySoftware):
        * platform/graphics/filters/FEComposite.cpp:
        (WebCore::FEComposite::platformArithmeticSoftware):
        (WebCore::FEComposite::platformApplySoftware):
        * platform/graphics/filters/FEComposite.h:
        * platform/graphics/filters/FEConvolveMatrix.cpp:
        (WebCore::setDestinationPixels):
        (WebCore::FEConvolveMatrix::fastSetInteriorPixels):
        (WebCore::FEConvolveMatrix::fastSetOuterPixels):
        (WebCore::FEConvolveMatrix::platformApplySoftware):
        * platform/graphics/filters/FEConvolveMatrix.h:
        (PaintingData):
        * platform/graphics/filters/FECustomFilter.cpp:
        (WebCore::FECustomFilter::platformApplySoftware):
        (WebCore::FECustomFilter::bindProgramAndBuffers):
        * platform/graphics/filters/FECustomFilter.h:
        (JSC):
        (FECustomFilter):
        * platform/graphics/filters/FEDisplacementMap.cpp:
        (WebCore::FEDisplacementMap::platformApplySoftware):
        * platform/graphics/filters/FEDropShadow.cpp:
        (WebCore::FEDropShadow::platformApplySoftware):
        * platform/graphics/filters/FEGaussianBlur.cpp:
        (WebCore::boxBlur):
        (WebCore::FEGaussianBlur::platformApplyGeneric):
        (WebCore::FEGaussianBlur::platformApply):
        (WebCore::FEGaussianBlur::platformApplySoftware):
        * platform/graphics/filters/FEGaussianBlur.h:
        (PlatformApplyParameters):
        (FEGaussianBlur):
        * platform/graphics/filters/FELighting.cpp:
        (WebCore::FELighting::LightingData::topLeft):
        (WebCore::FELighting::LightingData::topRow):
        (WebCore::FELighting::LightingData::topRight):
        (WebCore::FELighting::LightingData::leftColumn):
        (WebCore::FELighting::LightingData::interior):
        (WebCore::FELighting::LightingData::rightColumn):
        (WebCore::FELighting::LightingData::bottomLeft):
        (WebCore::FELighting::LightingData::bottomRow):
        (WebCore::FELighting::LightingData::bottomRight):
        (WebCore::FELighting::inlineSetPixel):
        (WebCore::FELighting::drawLighting):
        (WebCore::FELighting::platformApplySoftware):
        * platform/graphics/filters/FELighting.h:
        (LightingData):
        (FELighting):
        * platform/graphics/filters/FEMorphology.cpp:
        (WebCore::FEMorphology::platformApplyGeneric):
        (WebCore::FEMorphology::platformApplySoftware):
        * platform/graphics/filters/FEMorphology.h:
        (PaintingData):
        * platform/graphics/filters/FETurbulence.cpp:
        (WebCore::FETurbulence::fillRegion):
        (WebCore::FETurbulence::platformApplySoftware):
        * platform/graphics/filters/FETurbulence.h:
        (FillRegionParameters):
        (FETurbulence):
        * platform/graphics/filters/FilterEffect.cpp:
        (WebCore::FilterEffect::forceValidPreMultipliedPixels):
        (WebCore::FilterEffect::asUnmultipliedImage):
        (WebCore::FilterEffect::asPremultipliedImage):
        (WebCore::FilterEffect::copyImageBytes):
        (WebCore::FilterEffect::copyUnmultipliedImage):
        (WebCore::FilterEffect::copyPremultipliedImage):
        (WebCore::FilterEffect::createUnmultipliedImageResult):
        (WebCore::FilterEffect::createPremultipliedImageResult):
        * platform/graphics/filters/FilterEffect.h:
        (FilterEffect):
        * platform/graphics/filters/arm/FEGaussianBlurNEON.h:
        (WebCore::FEGaussianBlur::platformApplyNeon):
        * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
        (WebCore::GraphicsContext3D::paintRenderingResultsToImageData):
        * platform/graphics/qt/ImageBufferQt.cpp:
        (WebCore::getImageData):
        (WebCore::ImageBuffer::getUnmultipliedImageData):
        (WebCore::ImageBuffer::getPremultipliedImageData):
        (WebCore::ImageBuffer::putByteArray):
        * platform/graphics/skia/ImageBufferSkia.cpp:
        (WebCore::getImageData):
        (WebCore::ImageBuffer::getUnmultipliedImageData):
        (WebCore::ImageBuffer::getPremultipliedImageData):
        (WebCore::ImageBuffer::putByteArray):
        * platform/graphics/texmap/TextureMapperGL.cpp:
        * platform/graphics/wince/ImageBufferWinCE.cpp:
        (WebCore::getImageData):
        (WebCore::ImageBuffer::getUnmultipliedImageData):
        (WebCore::ImageBuffer::getPremultipliedImageData):
        (WebCore::ImageBuffer::putByteArray):
        * platform/graphics/wx/ImageBufferWx.cpp:
        (WebCore::ImageBuffer::getUnmultipliedImageData):
        (WebCore::ImageBuffer::getPremultipliedImageData):
        (WebCore::ImageBuffer::putByteArray):
        * platform/image-encoders/skia/JPEGImageEncoder.cpp:
        (WebCore::JPEGImageEncoder::encode):
        * platform/image-encoders/skia/PNGImageEncoder.cpp:
        (WebCore::PNGImageEncoder::encode):
        * platform/image-encoders/skia/WEBPImageEncoder.cpp:
        (WebCore::WEBPImageEncoder::encode):

2012-04-23  Ryan Sleevi  <rsleevi@chromium.org>

        [chromium] Remove deleted files from WebCore.gypi and fix typo
        https://bugs.webkit.org/show_bug.cgi?id=84651

        Reviewed by Ryosuke Niwa.

        No new tests. No behavior change.

        * WebCore.gypi:
        Remove references to PlatformMouseEventQt.cpp and WheelEventQt.cpp. Add a missing comma.

2012-04-23  Erik Arvidsson  <arv@chromium.org>

        [V8] Fix issue with trying to access a constructor in a frame that has been removed
        https://bugs.webkit.org/show_bug.cgi?id=84640

        Reviewed by Kentaro Hara.

        This regressed in r113250. Now we do what we did before and return undefined if the frame
        does not have a context.

        Test: fast/dom/constructor-in-removed-frame.html

        * bindings/v8/V8DOMWrapper.cpp:
        (WebCore::V8DOMWrapper::constructorForType):

2012-04-23  Chris Rogers  <crogers@google.com>

        Oscillator::setWaveTable() should not reset oscillator phase
        https://bugs.webkit.org/show_bug.cgi?id=84647
        
        Reviewed by Kenneth Russell.

        * Modules/webaudio/Oscillator.cpp:
        (WebCore::Oscillator::setWaveTable):

2012-04-23  Kentaro Hara  <haraken@chromium.org>

        [V8][Refactoring] Remove V8Proxy::throwSyntaxError()
        https://bugs.webkit.org/show_bug.cgi?id=84627

        Reviewed by Nate Chapin.

        This patch removes V8Proxy::throwSyntaxError()
        since it is no longer used.

        No tests. No change in behavior.

        * bindings/v8/V8Proxy.cpp:
        * bindings/v8/V8Proxy.h:
        (V8Proxy):

2012-04-18  James Robinson  <jamesr@chromium.org>

        [chromium] Use TextureLayerChromium for WebGL content instead of a dedicated layer type
        https://bugs.webkit.org/show_bug.cgi?id=84311

        Reviewed by Adrienne Walker.

        WebGL content's interface with the compositor can be expressed in terms of two basic operations:
        1.) Do some stuff
        2.) Provide a texture ID for the compositor to use

        This implements (1) in DrawingBufferChromium and uses the already-existing TextureLayerChromium to handle (2).
        This cuts down the compositor interface significantly and allows for more code reuse in exchange for more code
        in TextureLayerChromium to handle the features WebGL needs.

        * WebCore.gypi:
        * platform/graphics/chromium/DrawingBufferChromium.cpp:
        (WebCore::DrawingBuffer::~DrawingBuffer):
        (DrawingBufferPrivate):
        (WebCore::DrawingBufferPrivate::DrawingBufferPrivate):
        (WebCore::DrawingBufferPrivate::~DrawingBufferPrivate):
        (WebCore::DrawingBufferPrivate::layer):
        (WebCore):
        (WebCore::DrawingBuffer::platformLayer):
        * platform/graphics/chromium/LayerRendererChromium.cpp:
        * platform/graphics/chromium/TextureLayerChromium.h:
        (TextureLayerChromiumClient):
        (WebCore::TextureLayerChromiumClient::~TextureLayerChromiumClient):
        (WebCore):
        (TextureLayerChromium):
        (WebCore::TextureLayerChromium::clearClient):
        * platform/graphics/chromium/WebGLLayerChromium.cpp: Removed.
        * platform/graphics/chromium/WebGLLayerChromium.h: Removed.
        * platform/graphics/gpu/DrawingBuffer.h:
        (WebCore):
        (WebCore::DrawingBuffer::graphicsContext3D):
        (DrawingBuffer):

2012-04-23  Alec Flett  <alecflett@chromium.org>

        IndexedDB: remove IDB(Index|ObjectStore)BackendImpl::get/getKey for IDBKey
        https://bugs.webkit.org/show_bug.cgi?id=84285

        Reviewed by Dimitri Glazkov.

        No new tests required, this code is no longer called.

        This is old code supporting IDBKey-based lookup, supplanted by
        IDBKeyRange. Now that chromium IPC/proxy code has landed,
        these functions can be removed.

        * Modules/indexeddb/IDBIndexBackendInterface.h:
        (IDBIndexBackendInterface):
        * Modules/indexeddb/IDBObjectStoreBackendInterface.h:
        (IDBObjectStoreBackendInterface):

2012-04-22  Martin Robinson  <mrobinson@igalia.com>

        REGRESSION(113604): [Soup] Some pages that use synchronous XMLHttpRequests freeze the browser
        https://bugs.webkit.org/show_bug.cgi?id=84560

        Reviewed by Xan Lopez.

        When kicking off a synchronous XMLHttpRequest, add one to the connection
        limit. This ensures that when a page starts a synchronous request, while
        already at the connection limit the request will not deadlock.

        * platform/network/soup/ResourceHandleSoup.cpp:
        (WebCore::WebCoreSynchronousLoader::WebCoreSynchronousLoader): Accept a new SoupSession
        argument so that we can get the correct SoupSession for the networking context. Bump
        the connection limit.
        (WebCore::WebCoreSynchronousLoader::~WebCoreSynchronousLoader): Decrement the connection limit.
        (WebCore::WebCoreSynchronousLoader::adjustMaxConnections): Added this helper.
        (WebCoreSynchronousLoader): Added a new SoupSession member.
        (WebCore::sessionFromContext): Added this helper.
        (WebCore::ResourceHandleInternal::soupSession): Use the new sessionFromContext helper.
        (WebCore::ResourceHandle::loadResourceSynchronously): Pass the SoupSession from the NetworkingContext
        to the synchronous loader.

2012-04-23  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r114965.
        http://trac.webkit.org/changeset/114965
        https://bugs.webkit.org/show_bug.cgi?id=84665

        Four new resource load delegate test failures (Requested by
        jernoble on #webkit).

        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::didFinishLoading):
        (WebCore::SubresourceLoader::didFail):
        (WebCore::SubresourceLoader::willCancel):
        (WebCore::SubresourceLoader::releaseResources):

2012-04-23  Beth Dakin  <bdakin@apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=84649
        RenderMathMLOperator currently ignores font families, fails 
        to use Stix

        Reviewed by Dan Bernstein.

        This patch makes RenderMathMLOperator honor the font-family 
        list. This means that by default, Stix glyphs will now be 
        used for operators just like for other MathML content. 
        Unfortunately, just doing that resulted in a bug because of 
        the fragile hardcoded glyph sizes. The Stix vertical bar 
        glyph is much smaller than the code assumed any glyphs would 
        be. That code should be re-written, but in the meantime, I 
        put a fix in place to try to make it work for small glyphs.

        These new functions should be used instead of accessing
        gGlyphHeight or gGlyphLineHeight directly. If the glyph is
        smaller than the expected hardcoded value, then the actual
        glyph height is used, and a new line height based on the
        glyph height is used.
        (WebCore::RenderMathMLOperator::glyphHeightForCharacter):
        (WebCore::RenderMathMLOperator::lineHeightForCharacter):

        Use the style's FontDescription to honor the font family
        list and the style's FontSelector to honor @font-face.
        Also use glyphHeightForCharacter() instead of gGlyphHeight. 
        And now that createGlyph() takes a lineHeight, use 
        lineHeightForCharacter() to determine the right value. 
        (WebCore::RenderMathMLOperator::updateFromElement):

        size was an ambiguous variable name, so I renamed it to the 
        more accurate maxHeightForRenderer. This function also now
        takes a lineHeight instead of using gGlyphLineHeight. And
        again, use the style's FontDescription and FontSelector.
        (WebCore::RenderMathMLOperator::createStackableStyle):

        Re-name size to maxHeightForRenderer, and take lineHeight as 
        a parameter.
        (WebCore::RenderMathMLOperator::createGlyph):
        * rendering/mathml/RenderMathMLOperator.h:
        (RenderMathMLOperator):

2012-04-23  Eriq Augustine  <eaugusti@chromium.org>

        Return value from executed script in Chromium.
        https://bugs.webkit.org/show_bug.cgi?id=79851

        Reviewed by Adam Barth.

        Providing a varaiant of evaluateScriptInIsolatedWorld that
        returns the value of the evaluated script.

        Test: platform/chromium/http/tests/misc/execute-and-return-value.html

        * bindings/v8/ScriptController.cpp:
        (WebCore::ScriptController::evaluateInIsolatedWorld):
        * bindings/v8/ScriptController.h:
        (ScriptController):
        * bindings/v8/V8Proxy.cpp:
        (WebCore::V8Proxy::evaluateInIsolatedWorld):
        * bindings/v8/V8Proxy.h:
        (V8Proxy):

2012-04-23  Kent Tamura  <tkent@chromium.org>

        RenderDetailsMarker should draw the triangle inside the content box
        https://bugs.webkit.org/show_bug.cgi?id=84557

        Reviewed by Hajime Morita.

        RenderDetailsMarker didn't support cases in which a marker has
        borders and/or padings, or non-square size.

        Test: fast/html/details-marker-style.html

        * rendering/RenderDetailsMarker.cpp:
        (WebCore::RenderDetailsMarker::getPath):
        Scale by contentWidth() and contentHeight().
        (WebCore::RenderDetailsMarker::paint):
        Move the trianle origin by the ammount of left/top borders and paddings.

2012-04-23  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to toV8() (Part6)
        https://bugs.webkit.org/show_bug.cgi?id=84273

        Reviewed by Nate Chapin.

        The objective is to pass Isolate to all toV8()s.
        Since there are a lot of toV8()s, I'll make the change
        step by step. This patch passes Isolate to toV8() in
        several custom bindings.

        No tests. No change in behavior.

        * bindings/v8/custom/V8HTMLAllCollectionCustom.cpp:
        (WebCore::getNamedItems):
        (WebCore::getItem):
        (WebCore::V8HTMLAllCollection::namedPropertyGetter):
        (WebCore::V8HTMLAllCollection::itemCallback):
        (WebCore::V8HTMLAllCollection::namedItemCallback):
        (WebCore::V8HTMLAllCollection::callAsFunctionCallback):
        * bindings/v8/custom/V8HTMLCollectionCustom.cpp:
        (WebCore::getNamedItems):
        (WebCore::V8HTMLCollection::namedPropertyGetter):
        (WebCore::V8HTMLCollection::namedItemCallback):
        (WebCore::toV8):
        * bindings/v8/custom/V8SVGPathSegCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8StyleSheetCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8StyleSheetListCustom.cpp:
        (WebCore::V8StyleSheetList::namedPropertyGetter):
        * bindings/v8/custom/V8TrackEventCustom.cpp:
        (WebCore::V8TrackEvent::trackAccessorGetter):
        * bindings/v8/custom/V8WebGLRenderingContextCustom.cpp:
        (WebCore::toV8Object):
        (WebCore::getObjectParameter):
        (WebCore::V8WebGLRenderingContext::getAttachedShadersCallback):
        (WebCore::V8WebGLRenderingContext::getExtensionCallback):
        (WebCore::V8WebGLRenderingContext::getFramebufferAttachmentParameterCallback):
        (WebCore::V8WebGLRenderingContext::getParameterCallback):
        (WebCore::V8WebGLRenderingContext::getProgramParameterCallback):
        (WebCore::V8WebGLRenderingContext::getShaderParameterCallback):
        (WebCore::V8WebGLRenderingContext::getUniformCallback):
        * bindings/v8/custom/V8XMLHttpRequestCustom.cpp:
        (WebCore::V8XMLHttpRequest::responseAccessorGetter):
        * bindings/v8/custom/V8XSLTProcessorCustom.cpp:
        (WebCore::V8XSLTProcessor::transformToFragmentCallback):
        (WebCore::V8XSLTProcessor::transformToDocumentCallback):

2012-04-23  Kent Tamura  <tkent@chromium.org>

        Move the content of LocalizedCalendarICU.cpp and LocalizedDateICU.cpp to ICULocale.cpp.
        https://bugs.webkit.org/show_bug.cgi?id=84568

        Reviewed by Hajime Morita.

        Move it to ICULocal.cpp because we want to share UDateFormat
        object in LocalizedDate functions and LocalizedCalendar functions,
        and it becomes easier to cache the UDateFormat object, and making
        unit tests for these functions easier.

        No new tests because of no bahevior changes.

        * platform/text/ICULocale.cpp:
        (WebCore::ICULocale::ICULocale): Initialize new members.
        (WebCore::ICULocale::~ICULocale): Delete m_shortDateFormat.
        (WebCore::ICULocale::initializeShortDateFormat):
        Moved from creteShortDateFormatter of LocalizedDateICU.cpp.
        (WebCore::ICULocale::parseLocalizedDate):
        Moved from LocalizedDate.cpp, use m_shortDateFormat.
        (WebCore::ICULocale::formatLocalizedDate): ditto.
        (WebCore::ICULocale::createLabelVector):
        Moved from LocalizedCalendarICU.cpp, use m_shortDateFormat.
        (WebCore::createFallbackMonthLabels): Moved from LocalizedCalendarICU.cpp.
        (WebCore::createFallbackWeekDayShortLabels): ditto.
        (WebCore::ICULocale::initializeCalendar):
        lazy initialization of m_monthLabels, m_weekDayShortLabels, and m_firstDayOfWeek.
        (WebCore::ICULocale::monthLabels):
        (WebCore::ICULocale::weekDayShortLabels):
        (WebCore::ICULocale::firstDayOfWeek):
        * platform/text/ICULocale.h:
        (ICULocale): Add declarations.
        * platform/text/LocalizedCalendarICU.cpp:
        (WebCore::monthLabels): Use ICULocale::currentLocale().
        (WebCore::weekDayShortLabels): ditto.
        (WebCore::firstDayOfWeek): ditto.
        * platform/text/LocalizedDateICU.cpp:
        (WebCore::parseLocalizedDate): ditto.
        (WebCore::formatLocalizedDate): ditto.

2012-04-23  Raymond Toy  <rtoy@google.com>

        Move AudioDestinationChromium FIFO class to its own class.
        https://bugs.webkit.org/show_bug.cgi?id=84058

        Reviewed by Chris Rogers.

        Current tests cover the changes.

        * WebCore.gypi: Update with new files.
        * platform/audio/AudioPullFIFO.cpp: Copied from Source/WebKit/chromium/src/AudioDestinationChromium.cpp.
        (WebCore): Renamed old class the AudioPullFIFO.
        (WebCore::AudioPullFIFO::AudioPullFIFO):
        (WebCore::AudioPullFIFO::consume):
        (WebCore::AudioPullFIFO::findWrapLengths):
        (WebCore::AudioPullFIFO::fillBuffer):
        * platform/audio/AudioPullFIFO.h: Added.
        (WebCore):
        (AudioPullFIFO):
        (WebCore::AudioPullFIFO::updateIndex):

2012-04-23  Nate Chapin  <japhet@chromium.org>

        REGRESSION (r100311): YummySoup app crashes when trying to print
        https://bugs.webkit.org/show_bug.cgi?id=83918

        Reviewed by Alexey Proskuryakov.

        Test: http/tests/xmlhttprequest/cancel-during-failure-crash.html

        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::didFinishLoading):
        (WebCore::SubresourceLoader::didFail):
        (WebCore::SubresourceLoader::willCancel): Now that we might enter the function if we're already Finishing,
            some cleanup needs to be done in the Initialized state only.
        (WebCore::SubresourceLoader::releaseResources): Move requesting counting decrement and laodDone() to
            the finishing functions.

2012-04-23  Shawn Singh  <shawnsingh@chromium.org>

        [chromium] Visualize accelerated compositor rects.
        https://bugs.webkit.org/show_bug.cgi?id=79400

        Reviewed by Adrienne Walker.

        No tests, all the code added is only debugging code.

        This patch adds support for visualizing three different types of
        rects on the chromium heads-up display:
        1. updateRects that indicate what was painted/uploaded to a resource
        2. propertyChangedRects that indicate layers that has property changes
        3. surfaceDamageRects that are the accumulation of updateRects and
           propertyChangedRects, indicating what pixels on the screen have
           actually changed.  (Surface damage also accounts for newly exposed
           areas but that is not explicitly visualized.)

        In addition to adding support for visualizing this, the
        CCHeadsUpDisplay was significantly refactored, separating the FPS
        Counter functionality into a different class, so that the heads-up
        display is all about visualizing annotations, and those
        annotations (frame rate, debug rects) are logged separately.

        * WebCore.gypi:
        * platform/graphics/chromium/cc/CCDebugRectHistory.cpp: Added.
        (WebCore):
        (WebCore::CCDebugRectHistory::CCDebugRectHistory):
        (WebCore::CCDebugRectHistory::enabled):
        (WebCore::CCDebugRectHistory::saveDebugRectsForCurrentFrame):
        (WebCore::CCDebugRectHistory::savePaintRects):
        (WebCore::CCDebugRectHistory::savePropertyChangedRects):
        (WebCore::CCDebugRectHistory::saveSurfaceDamageRects):
        * platform/graphics/chromium/cc/CCDebugRectHistory.h: Added.
        (WebCore):
        (WebCore::CCDebugRect::CCDebugRect):
        (CCDebugRect):
        (CCDebugRectHistory):
        (WebCore::CCDebugRectHistory::create):
        (WebCore::CCDebugRectHistory::debugRects):
        * platform/graphics/chromium/cc/CCFrameRateCounter.cpp: Added.
        (WebCore):
        (WebCore::safeMod):
        (WebCore::CCFrameRateCounter::frameIndex):
        (WebCore::CCFrameRateCounter::CCFrameRateCounter):
        (WebCore::CCFrameRateCounter::markBeginningOfFrame):
        (WebCore::CCFrameRateCounter::markEndOfFrame):
        (WebCore::CCFrameRateCounter::isBadFrameInterval):
        (WebCore::CCFrameRateCounter::isBadFrame):
        (WebCore::CCFrameRateCounter::getAverageFPSAndStandardDeviation):
        (WebCore::CCFrameRateCounter::timeStampOfRecentFrame):
        * platform/graphics/chromium/cc/CCFrameRateCounter.h: Added.
        (WebCore):
        (CCFrameRateCounter):
        (WebCore::CCFrameRateCounter::create):
        (WebCore::CCFrameRateCounter::currentFrameNumber):
        (WebCore::CCFrameRateCounter::timeStampHistorySize):
        * platform/graphics/chromium/cc/CCHeadsUpDisplay.cpp:
        (WebCore):
        (WebCore::CCHeadsUpDisplay::enabled):
        (WebCore::CCHeadsUpDisplay::showDebugRects):
        (WebCore::CCHeadsUpDisplay::draw):
        (WebCore::CCHeadsUpDisplay::drawHudContents):
        (WebCore::CCHeadsUpDisplay::drawFPSCounter):
        (WebCore::CCHeadsUpDisplay::drawFPSCounterText):
        (WebCore::CCHeadsUpDisplay::drawDebugRects):
        * platform/graphics/chromium/cc/CCHeadsUpDisplay.h:
        (WebCore):
        (CCHeadsUpDisplay):
        (WebCore::CCHeadsUpDisplay::CCHeadsUpDisplay):
        * platform/graphics/chromium/cc/CCLayerTreeHost.h:
        (WebCore::CCSettings::CCSettings):
        (CCSettings):
        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
        (WebCore::CCLayerTreeHostImpl::CCLayerTreeHostImpl):
        (WebCore::CCLayerTreeHostImpl::calculateRenderPasses):
        (WebCore::CCLayerTreeHostImpl::drawLayers):
        (WebCore::CCLayerTreeHostImpl::swapBuffers):
        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.h:
        (WebCore):
        (WebCore::CCLayerTreeHostImpl::fpsCounter):
        (WebCore::CCLayerTreeHostImpl::debugRectHistory):
        (CCLayerTreeHostImpl):

2012-04-23  Julien Chaffraix  <jchaffraix@webkit.org>

        Cut dependency on RenderLayer::scrollRectToVisible outside rendering
        https://bugs.webkit.org/show_bug.cgi?id=84607

        Reviewed by Simon Fraser.

        Layering fix only, there should be no change behavior.

        Because we don't have an accessor on RenderObject, a lot of the code needs
        to know about RenderLayer. This is not necessary and exposes RenderLayer to
        objects that shouldn't know about it.

        This patch adds a RenderObject::scrollRectToVisible with the ad-hoc explanation
        as to why it isn't on RenderBox (scrolling is a RenderBox concept).

        * WebCore.exp.in:
        * WebCore.order:
        Updated to expose the new method.

        * dom/Element.cpp:
        (WebCore::Element::scrollIntoView):
        (WebCore::Element::scrollIntoViewIfNeeded):
        (WebCore::Element::updateFocusAppearance):
        * editing/Editor.cpp:
        (WebCore::Editor::findStringAndScrollToVisible):
        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::revealSelection):
        * page/FrameView.cpp:
        (WebCore::FrameView::scrollToAnchor):
        Updated those call sites to use the new function.

        * rendering/RenderLayer.h:
        Removed ScrollBehavior.h #include and default argument values
        as we are always called through RenderObject now.

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::scrollRectToVisible):
        * rendering/RenderObject.h:
        Added a new function that just forwards to the enclosing layer
        if any. We return whether we actually tried to scroll to match
        some call sites expectations.

2012-04-23  Zhenyao Mo  <zmo@google.com>

        framebuffer binding should not be changed after canvas resize or compositing
        https://bugs.webkit.org/show_bug.cgi?id=84609

        Reviewed by Kenneth Russell.

        Test: fast/canvas/webgl/framebuffer-bindings-unaffected-on-resize.html

        * html/canvas/WebGLRenderingContext.cpp: set framebuffer binding to DrawingBuffer.
        (WebCore):
        (WebCore::WebGLRenderingContext::bindFramebuffer):
        (WebCore::WebGLRenderingContext::deleteFramebuffer):
        (WebCore::WebGLRenderingContext::loseContextImpl):
        * platform/graphics/cairo/DrawingBufferCairo.cpp: initialize m_framebufferBinding.
        (WebCore::DrawingBuffer::DrawingBuffer):
        * platform/graphics/chromium/DrawingBufferChromium.cpp: Ditto.
        (WebCore::DrawingBuffer::DrawingBuffer):
        * platform/graphics/chromium/WebGLLayerChromium.cpp: Recover framebuffer binding after update().
        (WebCore::WebGLLayerChromium::update):
        * platform/graphics/gpu/DrawingBuffer.cpp: Add a function to restore framebuffer binding.
        (WebCore::DrawingBuffer::restoreFramebufferBinding):
        (WebCore):
        * platform/graphics/gpu/DrawingBuffer.h: Ditto.
        (WebCore::DrawingBuffer::setTexture2DBinding):
        (DrawingBuffer):
        (WebCore::DrawingBuffer::setFramebufferBinding):
        * platform/graphics/gpu/mac/DrawingBufferMac.mm: initialize m_framebufferBinding.
        (WebCore::DrawingBuffer::DrawingBuffer):
        * platform/graphics/gpu/qt/DrawingBufferQt.cpp: initialize m_framebufferBinding.
        (WebCore::DrawingBuffer::DrawingBuffer):

2012-04-23  Victor Carbune  <vcarbune@adobe.com>

        Simplify volume slider rendering
        https://bugs.webkit.org/show_bug.cgi?id=82150

        Reviewed by Eric Carlson.

        Test: media/video-controls-rendering-toggle-display-none.html

        * css/mediaControlsChromium.css: Update controls css for Chromium.
        (audio::-webkit-media-controls-panel, video::-webkit-media-controls-panel):
        (audio::-webkit-media-controls-mute-button, video::-webkit-media-controls-mute-button):
        (audio::-webkit-media-controls-volume-slider-container, video::-webkit-media-controls-volume-slider-container):
        * css/mediaControlsGtk.css: Update controls css for GTK.
        (audio::-webkit-media-controls-mute-button, video::-webkit-media-controls-mute-button):
        (audio::-webkit-media-controls-volume-slider-container, video::-webkit-media-controls-volume-slider-container):
        * css/mediaControlsQuickTime.css: Update controls css for Safari.
        (audio::-webkit-media-controls-mute-button, video::-webkit-media-controls-mute-button):
        (audio::-webkit-media-controls-volume-slider-container, video::-webkit-media-controls-volume-slider-container):
        (audio::-webkit-media-controls-volume-slider, video::-webkit-media-controls-volume-slider):
        * html/shadow/MediaControlElements.cpp: Removed particular renderer.
        (WebCore):
        * html/shadow/MediaControlElements.h:
        (MediaControlVolumeSliderContainerElement): Remoed particular renderer.
        * html/shadow/MediaControlRootElement.cpp:
        (WebCore::MediaControlRootElement::create): Added a div element as a container. Removed extra unused mute button.
        * html/shadow/MediaControlRootElementChromium.cpp: Added an extra div
        element as a container for the mute button and the volume slider to
        easily position them relative to each other.
        (WebCore::MediaControlRootElementChromium::create):

2012-04-23  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r109981.
        http://trac.webkit.org/changeset/109981
        https://bugs.webkit.org/show_bug.cgi?id=84630

        Broke Twitter map buddy icon (see
        https://bugs.webkit.org/show_bug.cgi?id=84558) (Requested by
        thorton on #webkit).

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::addToOverlapMap):
        (WebCore::RenderLayerCompositor::computeCompositingRequirements):

2012-04-23  Emil A Eklund  <eae@chromium.org>

        Crash in RenderInline::clippedOverflowRectForRepaint for PrintPreview
        https://bugs.webkit.org/show_bug.cgi?id=84300

        Reviewed by Simon Fraser.

        No new tests, have not been able to come up with a reliable reduction.

        * rendering/RenderInline.cpp:
        (WebCore::RenderInline::clippedOverflowRectForRepaint):
        Add NULL check for containingBlock() as it can return NULL when detached
        from the tree.

2012-04-23  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r114929.
        http://trac.webkit.org/changeset/114929
        https://bugs.webkit.org/show_bug.cgi?id=84623

        Broke 35 canvas/webgl tests (Requested by jernoble on
        #webkit).

        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore):
        (WebCore::WebGLRenderingContext::bindFramebuffer):
        (WebCore::WebGLRenderingContext::deleteFramebuffer):
        (WebCore::WebGLRenderingContext::loseContextImpl):
        * platform/graphics/cairo/DrawingBufferCairo.cpp:
        (WebCore::DrawingBuffer::DrawingBuffer):
        * platform/graphics/chromium/DrawingBufferChromium.cpp:
        (WebCore::DrawingBuffer::DrawingBuffer):
        * platform/graphics/chromium/WebGLLayerChromium.cpp:
        (WebCore::WebGLLayerChromium::update):
        * platform/graphics/gpu/DrawingBuffer.cpp:
        * platform/graphics/gpu/DrawingBuffer.h:
        (WebCore::DrawingBuffer::setTexture2DBinding):
        (DrawingBuffer):
        * platform/graphics/gpu/mac/DrawingBufferMac.mm:
        (WebCore::DrawingBuffer::DrawingBuffer):
        * platform/graphics/gpu/qt/DrawingBufferQt.cpp:
        (WebCore::DrawingBuffer::DrawingBuffer):

2012-04-23  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate around in V8Collection.h
        https://bugs.webkit.org/show_bug.cgi?id=84299

        Reviewed by Nate Chapin.

        The objective is to pass Isolate around in V8 bindings.
        This patch passes Isolate around in V8Collection.h.

        No tests. No change in behavior.

        * bindings/v8/V8Collection.h:
        (WebCore::getV8Object):
        (WebCore::getNamedPropertyOfCollection):
        (WebCore::collectionNamedPropertyGetter):
        (WebCore::getIndexedPropertyOfCollection):
        (WebCore::collectionIndexedPropertyGetter):

2012-04-23  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to toV8() (Part5)
        https://bugs.webkit.org/show_bug.cgi?id=84271

        Reviewed by Nate Chapin.

        The objective is to pass Isolate to all toV8()s.
        Since there are a lot of toV8(), I'll make the change
        step by step. This patch passes Isolate to toV8()
        in several custom bindings.

        No tests. No change in behavior.

        * bindings/v8/custom/V8MessageChannelConstructor.cpp:
        (WebCore::V8MessageChannel::constructorCallback):
        * bindings/v8/custom/V8MessageEventCustom.cpp:
        (WebCore::V8MessageEvent::dataAccessorGetter):
        (WebCore::V8MessageEvent::portsAccessorGetter):
        * bindings/v8/custom/V8MutationCallbackCustom.cpp:
        (WebCore::V8MutationCallback::handleEvent):
        * bindings/v8/custom/V8NamedNodeMapCustom.cpp:
        (WebCore::V8NamedNodeMap::indexedPropertyGetter):
        (WebCore::V8NamedNodeMap::namedPropertyGetter):
        (WebCore::toV8):
        * bindings/v8/custom/V8NodeListCustom.cpp:
        (WebCore::V8NodeList::namedPropertyGetter):
        * bindings/v8/custom/V8NotificationCenterCustom.cpp:
        (WebCore::V8NotificationCenter::createHTMLNotificationCallback):
        (WebCore::V8NotificationCenter::createNotificationCallback):
        * bindings/v8/custom/V8PerformanceCustom.cpp:
        (WebCore::V8Performance::memoryAccessorGetter):
        * bindings/v8/custom/V8PopStateEventCustom.cpp:
        (WebCore::V8PopStateEvent::stateAccessorGetter):
        * bindings/v8/custom/V8SQLTransactionSyncCustom.cpp:
        (WebCore::V8SQLTransactionSync::executeSqlCallback):
        * bindings/v8/custom/V8SVGPathSegCustom.cpp:
        (WebCore::toV8):

2012-04-23  Zhenyao Mo  <zmo@google.com>

        framebuffer binding should not be changed after canvas resize or compositing
        https://bugs.webkit.org/show_bug.cgi?id=84609

        Reviewed by Kenneth Russell.

        Test: fast/canvas/webgl/framebuffer-bindings-unaffected-on-resize.html

        * html/canvas/WebGLRenderingContext.cpp: set framebuffer binding to DrawingBuffer.
        (WebCore):
        (WebCore::WebGLRenderingContext::bindFramebuffer):
        (WebCore::WebGLRenderingContext::deleteFramebuffer):
        (WebCore::WebGLRenderingContext::loseContextImpl):
        * platform/graphics/cairo/DrawingBufferCairo.cpp: initialize m_framebufferBinding.
        (WebCore::DrawingBuffer::DrawingBuffer):
        * platform/graphics/chromium/DrawingBufferChromium.cpp: Ditto.
        (WebCore::DrawingBuffer::DrawingBuffer):
        * platform/graphics/chromium/WebGLLayerChromium.cpp: Recover framebuffer binding after update().
        (WebCore::WebGLLayerChromium::update):
        * platform/graphics/gpu/DrawingBuffer.cpp: Add a function to restore framebuffer binding.
        (WebCore::DrawingBuffer::restoreFramebufferBinding):
        (WebCore):
        * platform/graphics/gpu/DrawingBuffer.h: Ditto.
        (WebCore::DrawingBuffer::setTexture2DBinding):
        (DrawingBuffer):
        (WebCore::DrawingBuffer::setFramebufferBinding):
        * platform/graphics/gpu/mac/DrawingBufferMac.mm: initialize m_framebufferBinding.
        (WebCore::DrawingBuffer::DrawingBuffer):
        * platform/graphics/gpu/qt/DrawingBufferQt.cpp: initialize m_framebufferBinding.
        (WebCore::DrawingBuffer::DrawingBuffer):

2012-04-23  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to toV8() (Part4)
        https://bugs.webkit.org/show_bug.cgi?id=84269

        Reviewed by Nate Chapin.

        The objective is to pass Isolate to all toV8()s.
        Since there are a lot of toV8()s, I'll make the change
        step by step. This patch passes Isolate to toV8() in
        several custom bindings.

        No tests. No change in behavior.

        * bindings/v8/custom/V8HTMLCanvasElementCustom.cpp:
        (WebCore::V8HTMLCanvasElement::getContextCallback):
        * bindings/v8/custom/V8HTMLCollectionCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8HTMLDocumentCustom.cpp:
        (WebCore::V8HTMLDocument::allAccessorGetter):
        * bindings/v8/custom/V8HTMLElementCustom.cpp:
        (WebCore::toV8Object):
        (WebCore::V8HTMLElement::itemValueAccessorGetter):
        * bindings/v8/custom/V8HTMLFormElementCustom.cpp:
        (WebCore::V8HTMLFormElement::indexedPropertyGetter):
        (WebCore::V8HTMLFormElement::namedPropertyGetter):
        * bindings/v8/custom/V8HTMLFrameSetElementCustom.cpp:
        (WebCore::V8HTMLFrameSetElement::namedPropertyGetter):
        * bindings/v8/custom/V8HTMLImageElementConstructor.cpp:
        (WebCore::v8HTMLImageElementConstructorCallback):
        * bindings/v8/custom/V8HTMLLinkElementCustom.cpp:
        (WebCore::V8HTMLLinkElement::sizesAccessorGetter):
        * bindings/v8/custom/V8HTMLOptionsCollectionCustom.cpp:
        (WebCore::V8HTMLOptionsCollection::indexedPropertyGetter):
        * bindings/v8/custom/V8HTMLOutputElementCustom.cpp:
        (WebCore::V8HTMLOutputElement::htmlForAccessorGetter):
        * bindings/v8/custom/V8HTMLSelectElementCustom.cpp:
        (WebCore::V8HTMLSelectElement::indexedPropertyGetter):
        * bindings/v8/custom/V8ImageDataCustom.cpp:
        (WebCore::toV8):

2012-04-23  Emil A Eklund  <eae@chromium.org>

        Clean up subpixel unit handling in hit testing code
        https://bugs.webkit.org/show_bug.cgi?id=84496

        Reviewed by Eric Seidel.

        Fix use of IntRect and LayoutRect in hit testing code in preparation for
        subpixel layout.

        No new tests, no change in functionality.

        * rendering/HitTestResult.cpp:
        (WebCore::HitTestResult::rectForPoint):
        Revert rectForPoint to IntRect as all call sites converted it to an
        IntRect anyway to compare it with an IntPoint or another IntRect.

        * rendering/HitTestingTransformState.cpp:
        (WebCore::HitTestingTransformState::boundsOfMappedQuad):
        * rendering/HitTestingTransformState.h:
        Convert boundsOfMappedQuad to LayoutRect as the TransformationMatrix now
        has subpixel precision.

2012-04-23  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to toV8() (Part3)
        https://bugs.webkit.org/show_bug.cgi?id=84261

        Reviewed by Nate Chapin.

        The objective is to pass Isolate to all toV8()s.
        Since there are a lot of toV8(), I'll make the change
        step by step. This patch passes Isolate to toV8()
        in several custom bindings.

        No tests. No change in behavior.

        * bindings/v8/custom/V8DOMWindowCustom.cpp:
        (WebCore::V8DOMWindow::openCallback):
        (WebCore::V8DOMWindow::indexedPropertyGetter):
        (WebCore::V8DOMWindow::namedPropertyGetter):
        * bindings/v8/custom/V8DirectoryEntrySyncCustom.cpp:
        (WebCore::V8DirectoryEntrySync::getDirectoryCallback):
        (WebCore::V8DirectoryEntrySync::getFileCallback):
        * bindings/v8/custom/V8DocumentCustom.cpp:
        (WebCore::V8Document::evaluateCallback):
        (WebCore::V8Document::getCSSCanvasContextCallback):
        (WebCore::V8Document::createTouchListCallback):
        * bindings/v8/custom/V8DocumentLocationCustom.cpp:
        (WebCore::V8Document::locationAccessorGetter):
        * bindings/v8/custom/V8EntryCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8EntrySyncCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8EventCustom.cpp:
        (WebCore::V8Event::dataTransferAccessorGetter):
        (WebCore::V8Event::clipboardDataAccessorGetter):
        (WebCore):
        * bindings/v8/custom/V8FileReaderCustom.cpp:
        (WebCore::V8FileReader::resultAccessorGetter):
        * bindings/v8/custom/V8HTMLAllCollectionCustom.cpp:
        (WebCore::getItem):
        (WebCore::V8HTMLAllCollection::callAsFunctionCallback):

2012-04-23  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to toV8() (Part2)
        https://bugs.webkit.org/show_bug.cgi?id=84259

        Reviewed by Nate Chapin.

        The objective is to pass Isolate to all toV8()s.
        Since there are a lot of toV8(), I'll make the change
        step by step. This patch passes Isolate to toV8() in
        several custom bindings.

        No tests. No change in behavior.

        * bindings/v8/custom/V8BlobCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8CSSRuleCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8CSSStyleSheetCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8CSSValueCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8CanvasRenderingContext2DCustom.cpp:
        (WebCore::toV8Object):
        (WebCore::V8CanvasRenderingContext2D::strokeStyleAccessorGetter):
        (WebCore::V8CanvasRenderingContext2D::fillStyleAccessorGetter):
        * bindings/v8/custom/V8ConsoleCustom.cpp:
        (WebCore::V8Console::memoryAccessorGetter):
        * bindings/v8/custom/V8CustomSQLStatementErrorCallback.cpp:
        (WebCore::V8SQLStatementErrorCallback::handleEvent):
        * bindings/v8/custom/V8DOMStringMapCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8DOMTokenListCustom.cpp:
        (WebCore::toV8):

2012-04-23  Kentaro Hara  <haraken@chromium.org>

        [V8][Refactoring] Remove V8Proxy::toV8()
        https://bugs.webkit.org/show_bug.cgi?id=84257

        Reviewed by Nate Chapin.

        Some constructorCallback()s are using V8Proxy::toV8(),
        other constructorCallback()s are directly using setJSWrapperForXXX()
        (XXX can be DOMObject, ActiveDOMObject, Node or ActiveNode).
        We should unify them.

        Considering the fact that V8Proxy::toV8() just supports
        XXX=DOMObject and thus is not flexible, replacing V8Proxy::toV8()
        with setJSWrapperForDOMObject() would make sense.

        No tests. No change in behavior.

        * bindings/v8/V8Proxy.h: Removed toV8().

        * bindings/scripts/CodeGeneratorV8.pm: Replaced toV8() with setJSWrapperForDOMObject().
        (GenerateEventConstructorCallback):
        * bindings/v8/custom/V8ArrayBufferCustom.cpp: Ditto.
        (WebCore::V8ArrayBuffer::constructorCallback):
        * bindings/v8/custom/V8ArrayBufferViewCustom.h: Ditto.
        (WebCore::constructWebGLArrayWithArrayBufferArgument):
        (WebCore::constructWebGLArray):
        * bindings/v8/custom/V8DOMFormDataCustom.cpp: Ditto.
        (WebCore::V8DOMFormData::constructorCallback):
        * bindings/v8/custom/V8DataViewCustom.cpp: Ditto.
        (WebCore::V8DataView::constructorCallback):
        * bindings/v8/custom/V8MessageChannelConstructor.cpp: Ditto.
        (WebCore::V8MessageChannel::constructorCallback):
        * bindings/v8/custom/V8WebKitPointConstructor.cpp: Ditto.
        (WebCore::V8WebKitPoint::constructorCallback):

        * bindings/scripts/test/V8/V8TestEventConstructor.cpp: Updated run-bindings-tests results.
        (WebCore::V8TestEventConstructor::constructorCallback):

2012-04-23  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to toV8() (Part1)
        https://bugs.webkit.org/show_bug.cgi?id=84250

        Reviewed by Nate Chapin.

        The final objective is to pass Isolate around in V8 bindings.
        This patch makes a change in CodeGeneratorV8.pm so that the
        generated code passes Isolate to toV8().

        No tests. No change in behavior.

        * bindings/scripts/CodeGeneratorV8.pm: Modified as described above.
        (GenerateNormalAttrGetter):
        (GenerateNamedConstructorCallback):
        (GenerateCallbackImplementation):
        (GenerateFunctionCallString):
        (NativeToJSValue):

        * bindings/scripts/test/V8/V8Float64Array.cpp: Updated run-bindings-tests results.
        (WebCore::Float64ArrayV8Internal::fooCallback):
        * bindings/scripts/test/V8/V8TestCallback.cpp:
        (WebCore::V8TestCallback::callbackWithClass1Param):
        (WebCore::V8TestCallback::callbackWithClass2Param):
        (WebCore::V8TestCallback::callbackWithStringList):
        (WebCore::V8TestCallback::callbackRequiresThisToPass):
        * bindings/scripts/test/V8/V8TestInterface.cpp:
        (WebCore::TestInterfaceV8Internal::supplementalMethod2Callback):
        * bindings/scripts/test/V8/V8TestNamedConstructor.cpp:
        (WebCore::V8TestNamedConstructorConstructorCallback):
        * bindings/scripts/test/V8/V8TestObj.cpp:
        (WebCore::TestObjV8Internal::readOnlyTestObjAttrAttrGetter):
        (WebCore::TestObjV8Internal::testObjAttrAttrGetter):
        (WebCore::TestObjV8Internal::XMLObjAttrAttrGetter):
        (WebCore::TestObjV8Internal::withScriptExecutionContextAttributeAttrGetter):
        (WebCore::TestObjV8Internal::withScriptStateAttributeRaisesAttrGetter):
        (WebCore::TestObjV8Internal::withScriptExecutionContextAttributeRaisesAttrGetter):
        (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateAttributeAttrGetter):
        (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateAttributeRaisesAttrGetter):
        (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateWithSpacesAttributeAttrGetter):
        (WebCore::TestObjV8Internal::withScriptArgumentsAndCallStackAttributeAttrGetter):
        (WebCore::TestObjV8Internal::cachedAttribute1AttrGetter):
        (WebCore::TestObjV8Internal::cachedAttribute2AttrGetter):
        (WebCore::TestObjV8Internal::mutablePointAttrGetter):
        (WebCore::TestObjV8Internal::immutablePointAttrGetter):
        (WebCore::TestObjV8Internal::objMethodCallback):
        (WebCore::TestObjV8Internal::objMethodWithArgsCallback):
        (WebCore::TestObjV8Internal::methodThatRequiresAllArgsAndThrowsCallback):
        (WebCore::TestObjV8Internal::withScriptStateObjCallback):
        (WebCore::TestObjV8Internal::withScriptStateObjExceptionCallback):
        (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateObjExceptionCallback):
        (WebCore::TestObjV8Internal::withScriptExecutionContextAndScriptStateWithSpacesCallback):
        (WebCore::TestObjV8Internal::mutablePointFunctionCallback):
        (WebCore::TestObjV8Internal::immutablePointFunctionCallback):
        (WebCore::TestObjV8Internal::strictFunctionCallback):
        * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.cpp:
        (WebCore::TestSerializedScriptValueInterfaceV8Internal::portsAttrGetter):

2012-04-23  Kentaro Hara  <haraken@chromium.org>

        [V8] Add an optional Isolate argument to setDOMException() and throwError()
        https://bugs.webkit.org/show_bug.cgi?id=84310

        Reviewed by Nate Chapin.

        The objective is to pass Isolate to setDOMException()
        and throwError(). This patch adds an optional Isolate argument
        to setDOMException() and throwError(). I'll pass the Isolate
        to these methods in the following patches.

        No tests. No change in behavior.

        * bindings/v8/V8Proxy.cpp:
        (WebCore):
        (WebCore::V8Proxy::setDOMException):
        (WebCore::V8Proxy::throwError):
        * bindings/v8/V8Proxy.h:
        (V8Proxy):
        (WebCore):
        (WebCore::throwError):

2012-04-23  Ian Vollick  <vollick@chromium.org>

        [chromium] Properly ignore unsupported animation directions.
        https://bugs.webkit.org/show_bug.cgi?id=84599

        Reviewed by Adrienne Walker.

        Tested in CCLayerAnimationControllerTest.ignoreUnsupportedAnimationDirections.

        * platform/graphics/chromium/cc/CCLayerAnimationController.cpp:

2012-04-17  Kentaro Hara  <haraken@chromium.org>

        [Performance][V8] Skip Isolate look-up to find StringCache
        https://bugs.webkit.org/show_bug.cgi?id=84103

        Reviewed by Nate Chapin.

        This patch improves the performance of a lot of DOM attribute
        getters that return a string.

        - Improves the performance of Dromaeo/dom-attr.html(element.property)
          by 27.7%.
        - Improves the performance of Dromaeo/dom-attr.html(getAttribute)
          by 10.6%.
        - Improves the performance of div.id, div.className,
          div.nodeName, text.nodeValue, text.textContent by 12% -- 21%.

        The followings are the test results in my Linux desktop.

        Performance test: Dromaeo/dom-attr.html
        Total:                     674.64runs/s ->  707.03runs/s (+ 4.8%)
        getAttribute:             1537.60runs/s -> 1700.20runs/s (+10.6%)
        element.property:         1389.00runs/s -> 1774.20runs/s (+27.7%)
        setAttribute:              538.88runs/s ->  548.87runs/s (+ 1.9%)
        element.property = value:  644.07runs/s ->  656.67runs/s (+ 2.0%)
        element.expando = value:   219.76runs/s ->  207.14runs/s (- 6.8%)
        element.expando:           578.77runs/s ->  554.67runs/s (- 4.2%)

        Performance test: https://bugs.webkit.org/attachment.cgi?id=137440
        div.id:           30.70ns -> 26.70ns (+15%)
        div.className:    31.10ns -> 26.40ns (+18%)
        div.nodeName:     37.70ns -> 33.00ns (+14%)
        text.nodeValue:   31.40ns -> 25.90ns (+21%)
        text.textContent: 51.50ns -> 45.90ns (+12%)

        Previously V8 bindings need to look up an Isolate to find
        an Isolate-local StringCache. This patch skips the look-up
        by getting the Isolate from AccessorInfo.GetIsolate()
        or Arguments.GetIsolate().

        No tests. No change in behavior.

        * bindings/scripts/CodeGeneratorV8.pm:
        (GenerateNormalAttrGetter):
        (GenerateFunctionCallString):
        (NativeToJSValue):
        * bindings/v8/V8Binding.cpp:
        (WebCore::getElementStringAttr):
        * bindings/v8/V8Binding.h:
        (WebCore::v8ExternalString): Make 'isolate' an optional argument.
        Ideally we want to make 'isolate' a non-optional argument,
        but it is difficult to rewrite all v8ExternalString() callers
        at a breath. We can rewrite them incrementally.
        (WebCore::v8String): Ditto.
        (WebCore::v8StringOrNull): Ditto.
        (WebCore::v8StringOrUndefined): Ditto.
        (WebCore::v8StringOrFalse): Ditto.

        * bindings/scripts/test/V8/V8TestEventConstructor.cpp: Updated run-bindings-tests results.
        (WebCore::TestEventConstructorV8Internal::attr1AttrGetter):
        (WebCore::TestEventConstructorV8Internal::attr2AttrGetter):
        * bindings/scripts/test/V8/V8TestInterface.cpp:
        (WebCore::TestInterfaceV8Internal::supplementalStr1AttrGetter):
        (WebCore::TestInterfaceV8Internal::supplementalStr2AttrGetter):
        * bindings/scripts/test/V8/V8TestObj.cpp:
        (WebCore::TestObjV8Internal::readOnlyStringAttrAttrGetter):
        (WebCore::TestObjV8Internal::stringAttrAttrGetter):
        (WebCore::TestObjV8Internal::reflectedStringAttrAttrGetter):
        (WebCore::TestObjV8Internal::reflectedURLAttrAttrGetter):
        (WebCore::TestObjV8Internal::reflectedCustomURLAttrAttrGetter):
        (WebCore::TestObjV8Internal::stringAttrWithGetterExceptionAttrGetter):
        (WebCore::TestObjV8Internal::stringAttrWithSetterExceptionAttrGetter):
        (WebCore::TestObjV8Internal::hashAttrGetter):
        (WebCore::TestObjV8Internal::conditionalMethod1Callback):

2012-04-17  Kentaro Hara  <haraken@chromium.org>

        [V8] Add an optional Isolate argument to wrap()
        https://bugs.webkit.org/show_bug.cgi?id=84202

        Reviewed by Nate Chapin.

        The final objective is to pass Isolate around in V8 bindings.
        This patch adds an optional Isolate argument to wrap().
        After rewriting all wrap() callers so that they pass Isolate
        to wrap(), I'll make the Isolate argument non-optional.

        No tests. No change in behavior.

        * bindings/scripts/CodeGeneratorV8.pm: Modified as described above.
        (GenerateHeader):
        * bindings/v8/custom/V8DocumentCustom.cpp: Ditto.
        (WebCore::toV8):
        * bindings/v8/custom/V8HTMLDocumentCustom.cpp: Ditto.
        (WebCore::toV8):
        * bindings/v8/custom/V8NodeCustom.cpp: Ditto.
        (WebCore::toV8Slow):
        * bindings/v8/custom/V8SVGDocumentCustom.cpp: Ditto.
        (WebCore::toV8):
        * dom/make_names.pl: Ditto.
        (printWrapperFactoryCppFile):

        * bindings/scripts/test/V8/V8Float64Array.h:
        Updated run-bindings-tests results.
        (V8Float64Array):
        (WebCore::V8Float64Array::wrap):
        * bindings/scripts/test/V8/V8TestActiveDOMObject.h:
        (V8TestActiveDOMObject):
        (WebCore::V8TestActiveDOMObject::wrap):
        (WebCore::toV8):
        * bindings/scripts/test/V8/V8TestCustomNamedGetter.h:
        (V8TestCustomNamedGetter):
        (WebCore::V8TestCustomNamedGetter::wrap):
        (WebCore::toV8):
        * bindings/scripts/test/V8/V8TestEventConstructor.h:
        (V8TestEventConstructor):
        (WebCore::V8TestEventConstructor::wrap):
        (WebCore::toV8):
        * bindings/scripts/test/V8/V8TestEventTarget.h:
        (V8TestEventTarget):
        (WebCore::V8TestEventTarget::wrap):
        (WebCore::toV8):
        * bindings/scripts/test/V8/V8TestInterface.h:
        (V8TestInterface):
        (WebCore::V8TestInterface::wrap):
        (WebCore::toV8):
        * bindings/scripts/test/V8/V8TestMediaQueryListListener.h:
        (V8TestMediaQueryListListener):
        (WebCore::V8TestMediaQueryListListener::wrap):
        (WebCore::toV8):
        * bindings/scripts/test/V8/V8TestNamedConstructor.h:
        (V8TestNamedConstructor):
        (WebCore::V8TestNamedConstructor::wrap):
        (WebCore::toV8):
        * bindings/scripts/test/V8/V8TestNode.h:
        (V8TestNode):
        (WebCore::V8TestNode::wrap):
        (WebCore::toV8):
        * bindings/scripts/test/V8/V8TestObj.h:
        (V8TestObj):
        (WebCore::V8TestObj::wrap):
        (WebCore::toV8):
        * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.h:
        (V8TestSerializedScriptValueInterface):
        (WebCore::V8TestSerializedScriptValueInterface::wrap):
        (WebCore::toV8):

2012-04-17  Kentaro Hara  <haraken@chromium.org>

        [V8] Pass Isolate to toV8Slow()
        https://bugs.webkit.org/show_bug.cgi?id=84173

        Reviewed by Nate Chapin.

        The final objective is to pass Isolate around in V8 bindings.
        This patch passes the Isolate to toV8Slow().

        No tests. No change in behavior.

        * bindings/scripts/CodeGeneratorV8.pm:
        (GenerateHeader):
        * bindings/v8/custom/V8NodeCustom.cpp:
        (WebCore::toV8Slow):

2012-04-17  Kentaro Hara  <haraken@chromium.org>

        [V8] Add an optional Isolate argument to toV8().
        https://bugs.webkit.org/show_bug.cgi?id=84161

        Reviewed by Nate Chapin.

        The final objective is to pass Isolate around in V8 bindings.
        This patch adds an optional Isolate argument to toV8().
        After rewriting all toV8() callers so that they pass Isolate,
        I will make the Isolate argument non-optional.

        No tests. No change in behavior.

        * bindings/scripts/CodeGeneratorV8.pm:
        Modified as described above.
        (GenerateHeader):
        (NativeToJSValue):
        * bindings/v8/custom/V8BlobCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8CSSRuleCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8CSSStyleSheetCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8CSSValueCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8CanvasPixelArrayCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8DOMStringMapCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8DOMTokenListCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8DOMWindowCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8DataViewCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8DocumentCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8EntryCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8EntrySyncCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8EventCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8Float32ArrayCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8Float64ArrayCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8HTMLCollectionCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8HTMLDocumentCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8HTMLElementCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8IDBAnyCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8IDBKeyCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8ImageDataCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8Int16ArrayCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8Int32ArrayCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8Int8ArrayCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8LocationCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8NamedNodeMapCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8NodeCustom.cpp:
        (WebCore::toV8Slow):
        * bindings/v8/custom/V8SVGDocumentCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8SVGElementCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8SVGPathSegCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8ScriptProfileCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8ScriptProfileNodeCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8StyleSheetCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8Uint16ArrayCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8Uint32ArrayCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8Uint8ArrayCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8Uint8ClampedArrayCustom.cpp:
        (WebCore::toV8):
        * bindings/v8/custom/V8WorkerContextCustom.cpp:
        (WebCore::toV8):

        * bindings/scripts/test/V8/V8Float64Array.h:
        Updated run-bindings-tests results.
        (WebCore):
        (WebCore::toV8):
        * bindings/scripts/test/V8/V8TestActiveDOMObject.h:
        (WebCore::toV8):
        * bindings/scripts/test/V8/V8TestCustomNamedGetter.h:
        (WebCore::toV8):
        * bindings/scripts/test/V8/V8TestEventConstructor.h:
        (WebCore::toV8):
        * bindings/scripts/test/V8/V8TestEventTarget.h:
        (WebCore::toV8):
        * bindings/scripts/test/V8/V8TestInterface.h:
        (WebCore::toV8):
        * bindings/scripts/test/V8/V8TestMediaQueryListListener.h:
        (WebCore::toV8):
        * bindings/scripts/test/V8/V8TestNamedConstructor.h:
        (WebCore::toV8):
        * bindings/scripts/test/V8/V8TestNode.h:
        (WebCore::toV8):
        * bindings/scripts/test/V8/V8TestObj.h:
        (WebCore::toV8):
        * bindings/scripts/test/V8/V8TestSerializedScriptValueInterface.h:
        (WebCore::toV8):

2012-04-23  Michał Pakuła vel Rutka  <m.pakula@samsung.com>
        [EFL][WK2] Fix build break when non-cross platform CONTEXT_MENUS are enabled.
        https://bugs.webkit.org/show_bug.cgi?id=84136

        Reviewed by Andreas Kling.

        There was a mismatch between contextMenuItemVector declaration and definition.
        Fixed by changing PlatformMenuDescription for EFL port by adding a const modifier.

        No new tests required.

        * platform/PlatformMenuDescription.h:
        (WebCore): Added const modifier to PlatformMenuDescription definition.

2012-04-23  Pierre Rossi  <pierre.rossi@gmail.com>

        [Qt] Ensure zero-width space effectively accounts for a width of zero.
        https://bugs.webkit.org/show_bug.cgi?id=84595

        Reviewed by Simon Hausmann.

        The logic so far relies on FontCache::getFontDataForCharacters to
        return a valid fontData in the case where the fonts specified don't
        have a glyph for the zero-width space character.
        QTextLayout::glyphRuns simply ignores characters that don't render in
        the glyph runs it returns, so we need to ensure that the subsequent
        call to platformWidthForGlyph doesn't lead to a non-zero width.

        Covered by tests containing control characters such as
        a soft-hyphen like it's the case in:
        svg/as-image/img-preserveAspectRatio-support-1.html

        * platform/graphics/qt/SimpleFontDataQt.cpp:
        (WebCore::SimpleFontData::platformWidthForGlyph):

2012-04-23  Ian Vollick  <vollick@chromium.org>

        [chromium] When prepareToDraw fails due to animation checkerboard, we need to call setNeedsCommit
        https://bugs.webkit.org/show_bug.cgi?id=84520

        Reviewed by Adrienne Walker.

        Tested in CCLayerTreeHostImplTest.prepareToDrawFailsWhenAnimationUsesCheckerboard

        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
        (WebCore::CCLayerTreeHostImpl::prepareToDraw):

2012-04-23  Alexis Menard  <alexis.menard@openbossa.org>

        Simplify CSSParser::parseFont.
        https://bugs.webkit.org/show_bug.cgi?id=78698

        Reviewed by Antti Koivisto.

        Simplify parseFont by sharing the code we have for
        the longhands of the font property.

        No new tests : Extend the existing font shorthand test and modify expected files
        as now the order of the longhands added in the property list of the style
        has changed. It's very unlikely that some code is relying on this order though. It will
        also match the way the spec order them http://www.w3.org/TR/css3-fonts/#font-prop
        even though the order is arbitrary for some values.

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseValue):
        (WebCore::CSSParser::parseFont):
        (WebCore::CSSParser::parseLineHeight):
        (WebCore):
        (WebCore::CSSParser::parseFontSize):
        (WebCore::CSSParser::parseFontWeight):  Fix a bug discovered while using parseFontWeight from
        the parseFont (case font: 0/0, Arial, sans-serif; in a layout test), we should return true only
        when we add something in the property list.
        * css/CSSParser.h:

2012-04-23  Yury Semikhatsky  <yurys@chromium.org>

        Web Inspector: improve the way heap snapshot diff is calculated
        https://bugs.webkit.org/show_bug.cgi?id=84590

        Diff calculation now consists of the following steps:
        1. Collect data about nodes in the base heap snapshot
        2. Pass it to the second snapshot.
        3. Calculate delta for each class.

        Reviewed by Pavel Feldman.

        * inspector/front-end/HeapSnapshot.js:
        (WebInspector.HeapSnapshot):
        (WebInspector.HeapSnapshot.prototype.dispose):
        (WebInspector.HeapSnapshot.prototype.aggregatesForDiff):
        (WebInspector.HeapSnapshot.prototype.calculateSnapshotDiff):
        (WebInspector.HeapSnapshot.prototype._calculateDiffForClass):
        (WebInspector.HeapSnapshot.prototype.createAddedNodesProvider):
        (WebInspector.HeapSnapshot.prototype.createDeletedNodesProvider):
        * inspector/front-end/HeapSnapshotDataGrids.js:
        (WebInspector.HeapSnapshotDiffDataGrid.prototype._populateChildren.aggregatesForDiffReceived.didCalculateSnapshotDiff):
        (WebInspector.HeapSnapshotDiffDataGrid.prototype._populateChildren):
        * inspector/front-end/HeapSnapshotGridNodes.js:
        (WebInspector.HeapSnapshotIteratorsTuple):
        (WebInspector.HeapSnapshotDiffNode):
        (WebInspector.HeapSnapshotDiffNode.prototype._createChildNode):
        (WebInspector.HeapSnapshotDiffNode.prototype._createNodesProvider):
        * inspector/front-end/HeapSnapshotProxy.js:
        (WebInspector.HeapSnapshotProxy.prototype.aggregatesForDiff):
        (WebInspector.HeapSnapshotProxy.prototype.calculateSnapshotDiff):
        (WebInspector.HeapSnapshotProxy.prototype.createAddedNodesProvider):
        (WebInspector.HeapSnapshotProxy.prototype.createDeletedNodesProvider):
        * inspector/front-end/HeapSnapshotView.js:
        (WebInspector.HeapSnapshotView.prototype._changeBase):

2012-04-23  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: Rename and extract UISourceCodeImpl into JavaScriptSource
        https://bugs.webkit.org/show_bug.cgi?id=84587

        Reviewed by Yury Semikhatsky.

        No changes other than extraction here. This is the first step in the Resource
        hierarchy refactoring described in bug 84586.

        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * inspector/compile-front-end.py:
        * inspector/front-end/CompilerScriptMapping.js:
        (WebInspector.CompilerScriptMapping.prototype.addScript):
        * inspector/front-end/DebuggerPresentationModel.js:
        * inspector/front-end/JavaScriptSource.js: Added.
        (WebInspector.JavaScriptSource):
        (WebInspector.JavaScriptSource.prototype.breakpoints):
        (WebInspector.JavaScriptSource.prototype.breakpointAdded):
        (WebInspector.JavaScriptSource.prototype.breakpointRemoved):
        (WebInspector.JavaScriptSource.prototype.consoleMessages):
        (WebInspector.JavaScriptSource.prototype.consoleMessageAdded):
        (WebInspector.JavaScriptSource.prototype.consoleMessagesCleared):
        * inspector/front-end/RawSourceCode.js:
        (WebInspector.RawSourceCode.prototype._createUISourceCode):
        * inspector/front-end/SnippetsModel.js:
        (WebInspector.SnippetsScriptMapping.prototype._snippetAdded):
        (WebInspector.SnippetsScriptMapping.prototype._createUISourceCodeForScript):
        * inspector/front-end/WebKit.qrc:
        * inspector/front-end/inspector.html:

2012-04-23  Gavin Peters  <gavinp@chromium.org>

        Move ReferrerPolicy out of SecurityPolicy class into its own header in platform.
        https://bugs.webkit.org/show_bug.cgi?id=84516

        Reviewed by Adam Barth.

        No change in behaviour; same enum, different class.

        * GNUmakefile.list.am:
        * Target.pri:
        * WebCore.exp.in:
        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/Document.cpp:
        (WebCore::Document::Document):
        (WebCore::Document::processReferrerPolicy):
        * dom/Document.h:
        (WebCore::Document::referrerPolicy):
        (Document):
        * page/SecurityPolicy.h:
        * platform/ReferrerPolicy.h: Added.
        (WebCore):

2012-04-23  Vineet Chaudhary  <rgf748@motorola.com>

        JS binding code generator doesn't handle "attribute unsigned long[]" well
        https://bugs.webkit.org/show_bug.cgi?id=84540

        Reviewed by Kentaro Hara.

        Codegenerator should handle spaces with the sequence<> to support
        numeric types like "unsigned long", "int" .. etc. and primitive types
        like "boolean", "Date" etc.

        Tests: bindings/scripts/test/TestObj.idl

        * bindings/scripts/CodeGenerator.pm:
        (SkipIncludeHeader): Rename AvoidInclusionOfType to SkipIncludeHeader.
        (GetArrayType):
        * bindings/scripts/CodeGeneratorJS.pm:
        (AddIncludesForType):
        (NativeToJSValue):
        * bindings/scripts/CodeGeneratorObjC.pm:
        (AddIncludesForType):
        (GenerateImplementation):
        * bindings/scripts/CodeGeneratorV8.pm:
        (AddIncludesForType):
        (GetHeaderClassInclude):
        (GenerateNormalAttrGetter):
        (NativeToJSValue):
        * bindings/scripts/IDLStructure.pm:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore):
        (WebCore::jsTestObjIntSequenceAttr):
        (WebCore::jsTestObjShortSequenceAttr):
        (WebCore::jsTestObjLongSequenceAttr):
        (WebCore::jsTestObjLongLongSequenceAttr):
        (WebCore::jsTestObjUnsignedIntSequenceAttr):
        (WebCore::jsTestObjUnsignedShortSequenceAttr):
        (WebCore::jsTestObjUnsignedLongSequenceAttr):
        (WebCore::jsTestObjUnsignedLongLongSequenceAttr):
        (WebCore::jsTestObjFloatSequenceAttr):
        (WebCore::jsTestObjDoubleSequenceAttr):
        (WebCore::jsTestObjBooleanSequenceAttr):
        (WebCore::jsTestObjVoidSequenceAttr):
        (WebCore::jsTestObjDateSequenceAttr):
        (WebCore::setJSTestObjSequenceAttr):
        (WebCore::setJSTestObjIntSequenceAttr):
        (WebCore::setJSTestObjShortSequenceAttr):
        (WebCore::setJSTestObjLongSequenceAttr):
        (WebCore::setJSTestObjLongLongSequenceAttr):
        (WebCore::setJSTestObjUnsignedIntSequenceAttr):
        (WebCore::setJSTestObjUnsignedShortSequenceAttr):
        (WebCore::setJSTestObjUnsignedLongSequenceAttr):
        (WebCore::setJSTestObjUnsignedLongLongSequenceAttr):
        (WebCore::setJSTestObjFloatSequenceAttr):
        (WebCore::setJSTestObjDoubleSequenceAttr):
        (WebCore::setJSTestObjBooleanSequenceAttr):
        (WebCore::setJSTestObjVoidSequenceAttr):
        (WebCore::setJSTestObjDateSequenceAttr):
        * bindings/scripts/test/JS/JSTestObj.h:
        (WebCore):
        * bindings/scripts/test/ObjC/DOMTestObj.h:
        * bindings/scripts/test/TestObj.idl:
        * bindings/scripts/test/V8/V8TestObj.cpp:
        (WebCore::TestObjV8Internal::intSequenceAttrAttrGetter):
        (TestObjV8Internal):
        (WebCore::TestObjV8Internal::intSequenceAttrAttrSetter):
        (WebCore::TestObjV8Internal::shortSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::shortSequenceAttrAttrSetter):
        (WebCore::TestObjV8Internal::longSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::longSequenceAttrAttrSetter):
        (WebCore::TestObjV8Internal::longLongSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::longLongSequenceAttrAttrSetter):
        (WebCore::TestObjV8Internal::unsignedIntSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::unsignedIntSequenceAttrAttrSetter):
        (WebCore::TestObjV8Internal::unsignedShortSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::unsignedShortSequenceAttrAttrSetter):
        (WebCore::TestObjV8Internal::unsignedLongSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::unsignedLongSequenceAttrAttrSetter):
        (WebCore::TestObjV8Internal::unsignedLongLongSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::unsignedLongLongSequenceAttrAttrSetter):
        (WebCore::TestObjV8Internal::floatSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::floatSequenceAttrAttrSetter):
        (WebCore::TestObjV8Internal::doubleSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::doubleSequenceAttrAttrSetter):
        (WebCore::TestObjV8Internal::booleanSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::booleanSequenceAttrAttrSetter):
        (WebCore::TestObjV8Internal::voidSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::voidSequenceAttrAttrSetter):
        (WebCore::TestObjV8Internal::dateSequenceAttrAttrGetter):
        (WebCore::TestObjV8Internal::dateSequenceAttrAttrSetter):
        (WebCore):

2012-04-23  Andreas Kling  <kling@webkit.org>

        Unreviewed assertion fix for Chromium bots.

        Skip unnecessary Attr::attachToElement() after constructing an Attr using the
        constructor that attaches to an Element.

        * dom/ElementAttributeData.cpp:
        (WebCore::ElementAttributeData::ensureAttr):

2012-04-23  Andreas Kling  <kling@webkit.org>

        REGRESSION(r114870): Assertion failure in ElementAttributeData::setAttr().
        <http://webkit.org/b/84581>

        Reviewed by Antti Koivisto.

        Attach the Attr and bump m_attrCount manually in ensureAttr() instead of calling
        setAttr(). The latter asserts that the Attr isn't present in the map, which
        obviously isn't true after we've just added it.

        This has the added effect of removing one unnecessary hash lookup.

        * dom/ElementAttributeData.cpp:
        (WebCore::ElementAttributeData::ensureAttr):

2012-04-23  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: make ParsedURL.prototype.displayName data url friendly.
        https://bugs.webkit.org/show_bug.cgi?id=84578

        Reviewed by Yury Semikhatsky.

        We'd like to define valid URL as the one that has scheme, host and path.
        We can append to this URL and manipulate its content. We still want 
        possibly invalid specs (such as data or about) to exist and have nice
        display names.

        * inspector/front-end/ResourceUtils.js:
        (WebInspector.ParsedURL):
        (WebInspector.ParsedURL.prototype.get displayName):

2012-04-23  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: introduce String.prototype.starts/endsWith and use it all over the place.
        https://bugs.webkit.org/show_bug.cgi?id=84574

        Reviewed by Yury Semikhatsky.

        * inspector/front-end/AuditRules.js:
        (WebInspector.AuditRules.VendorPrefixedCSSProperties.prototype.visitProperty):
        * inspector/front-end/BreakpointsSidebarPane.js:
        (WebInspector.EventListenerBreakpointsSidebarPane.prototype._setBreakpoint):
        (WebInspector.EventListenerBreakpointsSidebarPane.prototype._removeBreakpoint):
        * inspector/front-end/CSSCompletions.js:
        (WebInspector.CSSCompletions.prototype.startsWith):
        (WebInspector.CSSCompletions.prototype._firstIndexOfPrefix):
        * inspector/front-end/ConsoleView.js:
        (WebInspector.ConsoleView.prototype._reportCompletions):
        * inspector/front-end/CookieItemsView.js:
        (WebInspector.Cookies.cookieMatchesResourceURL):
        * inspector/front-end/DatabaseQueryView.js:
        (WebInspector.DatabaseQueryView.prototype.completions):
        * inspector/front-end/ElementsTreeOutline.js:
        (WebInspector.ElementsTreeElement.prototype._buildAttributeDOM):
        * inspector/front-end/ProfileView.js:
        * inspector/front-end/ProfilesPanel.js:
        (WebInspector.ProfilesPanel.prototype.addProfileHeader):
        (WebInspector.ProfilesPanel.prototype.displayTitleForProfileLink):
        (WebInspector.ProfileSidebarTreeElement):
        (WebInspector.ProfileSidebarTreeElement.prototype.get mainTitle):
        * inspector/front-end/ResourceUtils.js:
        (WebInspector.ParsedURL):
        (WebInspector.displayNameForURL):
        (WebInspector.linkifyStringAsFragmentWithCustomLinkifier):
        (WebInspector.completeURL):
        * inspector/front-end/SnippetsModel.js:
        (WebInspector.SnippetsModel.prototype.snippetIdForSourceURL):
        * inspector/front-end/SourceCSSTokenizer.js:
        (WebInspector.SourceCSSTokenizer.prototype.nextToken):
        * inspector/front-end/SourceCSSTokenizer.re2js:
        * inspector/front-end/TextPrompt.js:
        (WebInspector.TextPrompt.prototype._completeCommonPrefix):
        * inspector/front-end/UIUtils.js:
        (WebInspector.startEditing):
        * inspector/front-end/utilities.js:

2012-04-23  Andreas Kling  <kling@webkit.org>

        REGRESSION(r114870): Performance hit on DOM/CloneNodes and DOM/CreateNodes.
        <http://webkit.org/b/84575>

        Reviewed by Antti Koivisto.

        Simplify the cloning of Attributes from one Element to another by simply
        assigning to m_attributes. This avoids default-constructing a bunch of
        Attribute objects that we overwrite immediately anyway (this used to be
        fine because they were RefPtr<Attribute> but now that a default-constructed
        Attribute contains a QualifiedName, we were doing a bunch of extra hash
        lookups, etc.)

        * dom/ElementAttributeData.cpp:
        (WebCore::ElementAttributeData::setAttributes):

2012-04-20  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: implement "open stylesheet" dialog.
        https://bugs.webkit.org/show_bug.cgi?id=84466

        Reviewed by Yury Semikhatsky.

        This change introduces abstract OpenResourceDialog and re-uses it in OpenScriptDialog and OpenStylesheetDialog.
        Drive-by fix for data: url representation in the navigator and open resource dialogs.

        * inspector/front-end/FilteredItemSelectionDialog.js:
        (WebInspector.FilteredItemSelectionDialog.prototype.position):
        (WebInspector.OpenResourceDialog.filterOutEmptyURLs):
        (WebInspector.OpenResourceDialog.compareFunction):
        (WebInspector.OpenResourceDialog):
        (WebInspector.OpenResourceDialog.prototype.itemTitleAt):
        (WebInspector.OpenResourceDialog.prototype.itemKeyAt):
        (WebInspector.OpenResourceDialog.prototype.itemsCount):
        (WebInspector.OpenResourceDialog.prototype.requestItems):
        (WebInspector.OpenResourceDialog.prototype.selectItem):
        (WebInspector.OpenScriptDialog):
        (WebInspector.OpenScriptDialog.install):
        (WebInspector.OpenScriptDialog._show):
        (WebInspector.OpenScriptDialog.prototype.selectItem):
        * inspector/front-end/ResourceUtils.js:
        (WebInspector.ParsedURL):
        * inspector/front-end/ScriptsPanel.js:
        * inspector/front-end/StylesPanel.js:
        (WebInspector.StylesPanel):
        (WebInspector.StylesPanel.prototype._showOpenStylesheetDialog):
        (WebInspector.OpenStylesheetDialog):
        (WebInspector.OpenStylesheetDialog.prototype.selectItem):
        * inspector/front-end/inspector.html:

2012-04-23  Kent Tamura  <tkent@chromium.org>

        Add test function to get placeholder string
        https://bugs.webkit.org/show_bug.cgi?id=84536

        Reviewed by Ryosuke Niwa.

        Add window.internals.visiblePlaceholder(element), which returns a
        placeholder string only when it's visible.

        * WebCore.exp.in: Expose HTMLTextFormControlElement::placeholderShouldBeVisible().
        * testing/Internals.cpp:
        (WebCore::Internals::visiblePlaceholder): Added.
        (WebCore::Internals::selectColorInColorChooser): Omit HTMLNames::.
        * testing/Internals.h:
        (Internals): Add visiblePlaceholder().
        * testing/Internals.idl: ditto.

2012-04-23  Szilard Ledan  <szledan@inf.u-szeged.hu>

        Incorrect handling of CSS escape sequences that encode surrogates
        https://bugs.webkit.org/show_bug.cgi?id=76152

        Reviewed by Kent Tamura.

        Test: fast/css/parsing-css-surrogate-pairs.html

        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseEscape):

2012-04-22  Yury Semikhatsky  <yurys@chromium.org>

        Web Inspector: make populateChildren methods private in heap profiler front-end
        https://bugs.webkit.org/show_bug.cgi?id=84562

        - populateChildren method on HeapSnapshotConstructorsDataGrid and
        HeapSnapshotDiffDataGrid now is private.
        - Made _defaultPopulateCount a public method on HeapSnapshotSortableDataGrid which
        is overriden in some descendants
        - Removed unused HeapSnapshotPathFinderProxy
        - added closure compiler annotations

        Reviewed by Pavel Feldman.

        * inspector/front-end/HeapSnapshotDataGrids.js:
        (WebInspector.HeapSnapshotSortableDataGrid.prototype.defaultPopulateCount):
        (WebInspector.HeapSnapshotConstructorsDataGrid.prototype.setDataSource):
        (WebInspector.HeapSnapshotConstructorsDataGrid.prototype._filterSelectIndexChanged):
        (WebInspector.HeapSnapshotDiffDataGrid.prototype.defaultPopulateCount):
        (WebInspector.HeapSnapshotDiffDataGrid.prototype.setBaseDataSource):
        (WebInspector.HeapSnapshotDominatorsDataGrid.prototype.defaultPopulateCount):
        * inspector/front-end/HeapSnapshotGridNodes.js:
        (WebInspector.HeapSnapshotGridNode):
        (WebInspector.HeapSnapshotGridNode.prototype.populateChildren.callSerialize):
        (WebInspector.HeapSnapshotDiffNode):
        (WebInspector.HeapSnapshotDiffNode.prototype.populateChildren.firstProviderPopulated):
        * inspector/front-end/HeapSnapshotProxy.js:

2012-04-22  Andreas Kling  <kling@webkit.org>

        Unreviewed build fix, remove Attribute.cpp from DOMAllInOne.cpp.

        * dom/DOMAllInOne.cpp: My nemesis.

2012-04-22  Andreas Kling  <kling@webkit.org>

        Optimize Element attribute storage for the common case (no Attr objects.)
        <http://webkit.org/b/83440>

        Reviewed by Antti Koivisto.

        Reduce Attribute to its smallest possible size; a qname/value pair.
        They are no-longer ref-counted, which allows us to store them in Vectors.

        Refactored the DOM Attr object to go with the new Attribute:
        Attr now wraps either {element, qname} or {qname, value}. The latter is for
        the case where a standalone Attr object is instantiated via DOM APIs.

        ElementAttributeData.cpp manages a map of pair<element, qname> => Attr.
        Each Element (well, ElementAttributeData) keeps track of how many Attr
        objects are pointing to it. This is so we can avoid hash lookups during
        common operations in the typical case where you have zero Attrs.

        Also removed the inline capacity (was 4) from AttributeVector as that
        would significantly increase bloat now that we store Attribute (2 pointers)
        rather than RefPtr<Attribute>. We trade this one piece of indirection
        for the removal of per-Attribute indirection.

        * CMakeLists.txt:
        * GNUmakefile.list.am:
        * Target.pri:
        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * dom/Attr.cpp:
        (WebCore::Attr::Attr):
        (WebCore):
        (WebCore::Attr::create):
        (WebCore::Attr::~Attr):
        (WebCore::Attr::createTextChild):
        (WebCore::Attr::setPrefix):
        (WebCore::Attr::setValue):
        (WebCore::Attr::cloneNode):
        (WebCore::Attr::childrenChanged):
        (WebCore::Attr::style):
        (WebCore::Attr::value):
        (WebCore::Attr::elementAttribute):
        (WebCore::Attr::detachFromElementWithValue):
        (WebCore::Attr::attachToElement):
        * dom/Attr.h:
        (WebCore):
        (Attr):
        (WebCore::Attr::qualifiedName):
        (WebCore::Attr::localName):
        (WebCore::Attr::namespaceURI):
        (WebCore::Attr::prefix):
        * dom/Attribute.cpp: Removed.
        * dom/Attribute.h:
        (WebCore::Attribute::Attribute):
        (Attribute):
        * dom/Document.cpp:
        (WebCore::Document::importNode):
        (WebCore::Document::createAttributeNS):
        * dom/Element.cpp:
        (WebCore::Element::~Element):
        (WebCore::Element::detachAttribute):
        (WebCore):
        (WebCore::Element::removeAttribute):
        (WebCore::Element::setAttributeInternal):
        (WebCore::Element::parserSetAttributes):
        (WebCore::Element::setAttributeNode):
        (WebCore::Element::removeAttributeNode):
        (WebCore::Element::normalizeAttributes):
        (WebCore::Element::didRemoveAttribute):
        (WebCore::Element::attrIfExists):
        (WebCore::Element::ensureAttr):
        * dom/Element.h:
        (Element):
        (WebCore::Element::getAttributeItemIndex):
        * dom/ElementAttributeData.cpp:
        (WebCore):
        (WebCore::attrMap):
        (WebCore::ElementAttributeData::attrIfExists):
        (WebCore::ElementAttributeData::ensureAttr):
        (WebCore::ElementAttributeData::setAttr):
        (WebCore::ElementAttributeData::removeAttr):
        (WebCore::AttributeVector::removeAttribute):
        (WebCore::ElementAttributeData::~ElementAttributeData):
        (WebCore::ElementAttributeData::addAttribute):
        (WebCore::ElementAttributeData::removeAttribute):
        (WebCore::ElementAttributeData::isEquivalent):
        (WebCore::ElementAttributeData::detachAttributesFromElement):
        (WebCore::ElementAttributeData::getAttributeItemIndexSlowCase):
        (WebCore::ElementAttributeData::setAttributes):
        (WebCore::ElementAttributeData::clearAttributes):
        (WebCore::ElementAttributeData::replaceAttribute):
        (WebCore::ElementAttributeData::getAttributeNode):
        * dom/ElementAttributeData.h:
        (WebCore):
        (WebCore::AttributeVector::AttributeVector):
        (AttributeVector):
        (WebCore::AttributeVector::getAttributeItem):
        (WebCore::AttributeVector::getAttributeItemIndex):
        (WebCore::AttributeVector::insertAttribute):
        (WebCore::ElementAttributeData::attributeItem):
        (ElementAttributeData):
        (WebCore::ElementAttributeData::ElementAttributeData):
        (WebCore::ElementAttributeData::attributeVector):
        (WebCore::ElementAttributeData::clonedAttributeVector):
        (WebCore::ElementAttributeData::removeAttribute):
        (WebCore::ElementAttributeData::getAttributeItem):
        (WebCore::ElementAttributeData::getAttributeItemIndex):
        * dom/NamedNodeMap.cpp:
        (WebCore::NamedNodeMap::getNamedItem):
        (WebCore::NamedNodeMap::getNamedItemNS):
        (WebCore::NamedNodeMap::removeNamedItem):
        (WebCore::NamedNodeMap::removeNamedItemNS):
        (WebCore::NamedNodeMap::item):
        * dom/Node.cpp:
        (WebCore::Node::compareDocumentPosition):
        * html/HTMLAnchorElement.cpp:
        (WebCore::HTMLAnchorElement::parseAttribute):
        * html/HTMLSelectElement.cpp:
        (WebCore::HTMLSelectElement::parseAttribute):
        * html/parser/HTMLConstructionSite.cpp:
        (WebCore::HTMLConstructionSite::insertHTMLHtmlStartTagBeforeHTML):
        (WebCore::HTMLConstructionSite::mergeAttributesFromTokenIntoElement):
        (WebCore::HTMLConstructionSite::insertScriptElement):
        (WebCore::HTMLConstructionSite::createElement):
        (WebCore::HTMLConstructionSite::createHTMLElement):
        (WebCore::HTMLConstructionSite::createHTMLElementFromSavedElement):
        * html/parser/HTMLToken.h:
        (WebCore::AtomicHTMLToken::AtomicHTMLToken):
        * html/parser/HTMLTreeBuilder.cpp:
        (WebCore::HTMLTreeBuilder::processFakeStartTag):
        (WebCore::HTMLTreeBuilder::attributesForIsindexInput):
        (WebCore::HTMLTreeBuilder::processIsindexStartTagForInBody):
        (WebCore):
        (WebCore::HTMLTreeBuilder::processStartTagForInBody):
        * html/parser/HTMLTreeBuilder.h:
        * html/parser/TextDocumentParser.cpp:
        (WebCore::TextDocumentParser::insertFakePreElement):
        * page/PageSerializer.cpp:
        (WebCore::SerializerMarkupAccumulator::appendCustomAttributes):
        * svg/SVGFitToViewBox.cpp:
        * svg/properties/SVGAnimatedPropertySynchronizer.h:
        * xml/XMLErrors.cpp:
        (WebCore::createXHTMLParserErrorHeader):
        (WebCore::XMLErrors::insertErrorMessageBlock):
        * xml/XPathNodeSet.cpp:
        (WebCore::XPath::NodeSet::traversalSort):
        * xml/XPathStep.cpp:
        (WebCore::XPath::Step::nodesInAxis):
        * xml/parser/MarkupTokenBase.h:
        (WebCore::AtomicMarkupTokenBase::AtomicMarkupTokenBase):
        (WebCore::AtomicMarkupTokenBase::getAttributeItem):
        (WebCore::AtomicMarkupTokenBase::attributes):
        (AtomicMarkupTokenBase):
        (WebCore::::initializeAttributes):
        * xml/parser/XMLToken.h:
        (WebCore::AtomicXMLToken::AtomicXMLToken):
        * xml/parser/XMLTreeBuilder.cpp:
        (WebCore::XMLTreeBuilder::processNamespaces):
        (WebCore::XMLTreeBuilder::processAttributes):

2012-04-22  Sriram Neelakandan  <sriram.neelakandan@gmail.com>

        Sync the MOZ_X11 changes from r14 of http://code.google.com/p/npapi-sdk/
        also, modified required build flags for Qt,Gtk and CMake
        [Qt]  Added MOZ_X11 build flag for !embedded
        https://bugs.webkit.org/show_bug.cgi?id=40785

        Reviewed by Anders Carlsson.

        No new tests. This does not change functionality. Affects all X11 Ports. Build should break if MOZ_X11 is not passed where required

        * WebCore.pri:
        * plugins/npapi.h:

2012-04-22  Pablo Flouret  <pablof@motorola.com>

        Reset event propagation and canceled flags in Event.initEvent
        https://bugs.webkit.org/show_bug.cgi?id=83964

        Reviewed by Ryosuke Niwa.

        Step 3 in http://dvcs.w3.org/hg/domcore/raw-file/tip/Overview.html#dom-event-initevent
        Useful for re-configuring an event before dispatching.

        Test: fast/events/flags-unset-on-init-event.html

        * dom/Event.cpp:
        (WebCore::Event::initEvent):

2012-04-22  Martin Robinson  <mrobinson@igalia.com>

        [Cairo] Implement CompositeDifference
        https://bugs.webkit.org/show_bug.cgi?id=77354

        Reviewed by Alejandro G. Castro.

        No new tests. The difference compositing operator are not exposed
        to web content, so this change is simply in preparation for a time
        in which it is used.

        Properly map the difference compositing blend modes to a Cairo operator.

        * platform/graphics/cairo/CairoUtilities.cpp:
        (WebCore::toCairoOperator): Add a mapping for difference. Remove
        code supporting versions of Cairo before 1.10, since the Cairo backend
        requires 1.10 or greater already.

2012-04-22  Jon Lee  <jonlee@apple.com>

        Remove notifications support on Mac Lion.
        https://bugs.webkit.org/show_bug.cgi?id=84554
        <rdar://problem/11297128>

        Reviewed by Sam Weinig.

        * Configurations/FeatureDefines.xcconfig:

2012-04-22  Shawn Singh  <shawnsingh@chromium.org>

        [chromium] Damage Tracker needs to use CCMathUtil transforms
        https://bugs.webkit.org/show_bug.cgi?id=84070

        Reviewed by Adrienne Walker.

        Unit test added to CCDamageTracker.cpp.

        This patch makes CCDamageTracker use CCMathUtil transforms, so
        that perspective w < 0 problem is correctly handled.

        * platform/graphics/chromium/cc/CCDamageTracker.cpp:
        (WebCore::CCDamageTracker::extendDamageForLayer):
        (WebCore::CCDamageTracker::extendDamageForRenderSurface):

2012-04-20  Jon Lee  <jonlee@apple.com>

        Add Notification constructor
        https://bugs.webkit.org/show_bug.cgi?id=80477
        <rdar://problem/10912431>

        Reviewed by Jian Li.

        Tests will be added once there is support for web notifications on the Mac ports.

        * WebCore.exp.in: Export finalize() function.

        Modify Dictionary to support creation of event listeners.
        * bindings/js/Dictionary.h:
        (WebCore::Dictionary::isObject): Return true if the JSDictionary is valid.
        (WebCore::Dictionary::isUndefinedOrNull): Return true if the JSDictionary is not valid.
        (WebCore::Dictionary::get): Add convenience function to take const char* for
        property name, to prevent having to do implicit conversion to WTF::String.
        (WebCore::Dictionary::getEventListener): Add function to create event listener
        from the dictionary.
        (WebCore::Dictionary::asJSObject): Helper to convert WebCore objects to JS wrapper.
        * bindings/js/Dictionary.cpp:
        (WebCore::Notification): Implement asJSObject() for Notification.
        * bindings/js/JSDictionary.h:
        (WebCore::JSDictionary::execState): Expose the exec state so that the Dictionary
        can obtain its world for creating the event listener.

        * bindings/v8/Dictionary.h:
        (WebCore::Dictionary::getEventListener): Stub implementation.

        Add new constructor to idl definitions.
        * notifications/DOMWindowNotifications.idl: Add Notification constructor, if
        ENABLE(NOTIFICATIONS) is on.
        * notifications/Notification.idl: If ENABLE(NOTIFICATIONS) is turned on, define
        the constructor. Otherwise, use OmitConstructor.
        * notifications/NotificationCenter.idl: Wrap creation functions in
        ENABLE(LEGACY_NOTIFICATIONS).
        * notifications/NotificationCenter.h: Ditto.
        (NotificationCenter):

        * notifications/Notification.h:
        (Notification): Wrap legacy constructors in ENABLE(LEGACY_NOTIFICATIONS).
        (WebCore::Notification::create): New creation function based on discussions in WG.
        * notifications/Notification.cpp:
        (WebCore::getAndAddEventListener): Helper function to get the listener from the
        dictionary, and attach to the notification.
        (WebCore::Notification::create): Create the notification, then apply whatever
        properties can be found in the dictionary to the notification. In order to
        attach the event listeners, the notification has to have been created, which is
        why this all happens in the factory method and not in the constructor.
        (WebCore::Notification::setBody): Added so that it can be set if we find it in the
        dictionary.

        The new constructor queues a task to show when it is created. To support this, we
        use a one-shot timer that calls show() in the next iteration of the run loop.
        (WebCore::Notification::Notification): Start the timer.
        (WebCore::Notification::showTaskTimerFired): Call show().

        Notifications, not being attached to the DOM, could be GC'ed by the JS engine
        before its life cycle has completed. We add calls to setPendingActivity() when the
        notification has been shown, and when it is closed, we unsetPendingActivity().
        To guarantee that we only call this once, we add a new state to the Notification
        state machine, called NotificationState::Closed.
        (WebCore::Notification::show): Call setPendingActivity() for all ports. Remove conditional on Mac.
        (WebCore::Notification::close): Include Closed state to machine; do nothing.
        (WebCore::Notification::dispatchCloseEvent): Call finalize().
        (WebCore::Notification::finalize): If the state is not Closed, we unsetPendingActivity()
        to make it available for GC.
        (WebCore::Notification::finishLoading): Remove the unsetPendingActivity(). That call
        was to balance the setPendingActivity() called for loading the icon. Instead of wrapping
        around the icon load, we wrap around the show() -> finalize() loop.

        In Notification, rename some of the stages and functions to more clearly communicate
        that they mostly deal with the icon of the notification, instead of general loading.
        (WebCore::Notification::show): Refactored to use LoadingIcon and CancelledIcon.
        (WebCore::Notification::close): Refactored to use LoadingIcon and CancelledIcon.
        (WebCore::Notification::~Notification): Refactor to use LoadingIcon.
        (WebCore::Notification::startLoadingIcon): Renamed from startLoading().
        (WebCore::Notification::stopLoadingIcon): Renamed from stopLoading().
        (WebCore::Notification::finishLoadingIcon): Renamed from finishLoading().
        (WebCore::Notification::didFinishLoading):
        (WebCore::Notification::didFail):
        (WebCore::Notification::didFailRedirectCheck):
        (WebCore::Notification::didReceiveResponse):
        (WebCore::Notification::finishLoading):

        Add Dictionary.cpp.
        * GNUmakefile.list.am:
        * Target.pri:
        * UseJSC.cmake:
        * WebCore.gypi:

        Fix bug in V8 bindings generation code. If the constructor doesn't raise an exception,
        don't use an exception code.
        * bindings/scripts/CodeGeneratorV8.pm:
        (GenerateParametersCheck):
        * bindings/scripts/test/V8/V8TestObj.cpp: Reset results.
        (WebCore::TestObjV8Internal::optionsObjectCallback):

2012-04-21  Benjamin C Meyer  <bmeyer@rim.com>

        Support loading the same plugin in multiple locations in the Blackberry port.
        https://bugs.webkit.org/show_bug.cgi?id=84537

        The hash for the plugin is only based upon the plugin meta information
        which will be the same for the same plugin in the system and user's
        plugin folders.

        It looks like this code was copied/based on the windows port
        which doesn't allow the same plugin to be loaded more than once.

        Because we want to support multiple copies of the same plugin
        in the blackberry port we want to incorperate the path of the plugin
        into the hash.

        PR 150404

        Reviewed by Adam Treat.

        * plugins/blackberry/PluginPackageBlackBerry.cpp:
        (WebCore::PluginPackage::hash):

2012-04-21  Benjamin C Meyer  <bmeyer@rim.com>

        System plugins are preferred over application plugins
        https://bugs.webkit.org/show_bug.cgi?id=84538

        Set the preferred paths for plugins so that plugins that reside
        inside of the bar will be preferred over plugins that are in the
        system folder.

        PR 150404

        Reviewed by Adam Treat.

        * plugins/PluginDatabase.cpp:
        (WebCore::PluginDatabase::isPreferredPluginDirectory):

2012-04-21  Darin Adler  <darin@apple.com>

        Improve performance of removing user and password from URLs
        https://bugs.webkit.org/show_bug.cgi?id=84525

        Reviewed by Dan Bernstein.

        Performance improvement only. Correctness covered by existing regression tests.

        The most common use of KURL::setUser and KURL::setPass, by far, is to remove
        the user and password from a URL that already has neither. Optimize this by
        not re-parsing the URL in that case.

        * platform/KURL.cpp:
        (WebCore::KURL::setUser): Restructure code so that the code path that removes
        the user does no work when there is nothing to remove. Otherwise, leave the
        logic of the function untouched.
        (WebCore::KURL::setPass): Same thing, only for password rather than user.

2012-04-20  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r114768.
        http://trac.webkit.org/changeset/114768
        https://bugs.webkit.org/show_bug.cgi?id=84521

        Original patch was not the problem, re-applying (Requested by
        pfeldman_ on #webkit).

        * bindings/v8/V8IsolatedContext.cpp:
        (WebCore::setInjectedScriptContextDebugId):
        (WebCore):
        (WebCore::V8IsolatedContext::V8IsolatedContext):
        * bindings/v8/V8Proxy.cpp:
        (WebCore::V8Proxy::evaluateInIsolatedWorld):
        * bindings/v8/V8Proxy.h:
        (V8Proxy):

2012-04-20  Adrienne Walker  <enne@google.com>

        [chromium] Refactor opaque content transform out of Skia context
        https://bugs.webkit.org/show_bug.cgi?id=83608

        Reviewed by James Robinson.

        Having PlatformContextSkia know about the transform into content space
        for a layer is a layering violation. This change lets the
        PlatformContextSkia deal with opaque rects in its own space and lets
        the caller handle transforming it into its own space. This also
        prevents a matrix multiply per draw into the Skia canvas and does it
        just once at the end to transform the final rect.

        This is an incremental refactoring so that additional tracking for
        text rects can be added and use the same space as opaque rects.

        Tests: LayerTextureUpdaterTest.testPartialOpaqueRectNoTransform
               LayerTextureUpdaterTest.testPartialOpaqueRectTranslation
               LayerTextureUpdaterTest.testPartialOpaqueRectScale

        * platform/graphics/chromium/BitmapCanvasLayerTextureUpdater.cpp:
        (WebCore::BitmapCanvasLayerTextureUpdater::prepareToUpdate):
        * platform/graphics/chromium/BitmapCanvasLayerTextureUpdater.h:
        (BitmapCanvasLayerTextureUpdater):
        * platform/graphics/chromium/BitmapSkPictureCanvasLayerTextureUpdater.cpp:
        (WebCore::BitmapSkPictureCanvasLayerTextureUpdater::prepareToUpdate):
        * platform/graphics/chromium/BitmapSkPictureCanvasLayerTextureUpdater.h:
        (BitmapSkPictureCanvasLayerTextureUpdater):
        * platform/graphics/chromium/CanvasLayerTextureUpdater.cpp:
        (WebCore::CanvasLayerTextureUpdater::paintContents):
        * platform/graphics/chromium/CanvasLayerTextureUpdater.h:
        (CanvasLayerTextureUpdater):
        * platform/graphics/chromium/LayerTextureUpdater.h:
        (WebCore::LayerTextureUpdater::prepareToUpdate):
        * platform/graphics/chromium/SkPictureCanvasLayerTextureUpdater.cpp:
        (WebCore::SkPictureCanvasLayerTextureUpdater::prepareToUpdate):
        * platform/graphics/chromium/SkPictureCanvasLayerTextureUpdater.h:
        (SkPictureCanvasLayerTextureUpdater):
        * platform/graphics/chromium/TiledLayerChromium.cpp:
        (WebCore::TiledLayerChromium::updateTiles):
        * platform/graphics/skia/OpaqueRegionSkia.cpp:
        (WebCore::OpaqueRegionSkia::didDrawRect):
        (WebCore::OpaqueRegionSkia::didDrawPath):
        (WebCore::OpaqueRegionSkia::didDrawPoints):
        (WebCore::OpaqueRegionSkia::didDrawBounded):
        (WebCore::OpaqueRegionSkia::didDraw):
        * platform/graphics/skia/OpaqueRegionSkia.h:
        (OpaqueRegionSkia):
        * platform/graphics/skia/PlatformContextSkia.cpp:
        (WebCore::PlatformContextSkia::didDrawRect):
        (WebCore::PlatformContextSkia::didDrawPath):
        (WebCore::PlatformContextSkia::didDrawPoints):
        (WebCore::PlatformContextSkia::didDrawBounded):
        * platform/graphics/skia/PlatformContextSkia.h:
        (PlatformContextSkia):

2012-04-20  Enrica Casucci  <enrica@apple.com>

        CRASH at WebCore::ReplaceSelectionCommand::removeRedundantMarkup
        https://bugs.webkit.org/show_bug.cgi?id=84518
        <rdar://problem/10714790>

        Reviewed by Simon Fraser.

        There are cases where the m_lastNodeInserted is NULL to begin with or
        gets deleted by removeRedundantStylesAndKeepStyleSpanInline.
        This change handles those cases properly.
        
        Tests: editing/pasteboard/paste-sanitize-crash-1.html
               editing/pasteboard/paste-sanitize-crash-2.html

        * editing/ReplaceSelectionCommand.h:
        (WebCore::ReplaceSelectionCommand::InsertedNodes::pastLastLeaf):
        * editing/SimplifyMarkupCommand.cpp:
        (WebCore::SimplifyMarkupCommand::doApply):

2012-04-20  Michael Nordman  <michaeln@google.com>

        [chromium] Tiny change to DomStorage v8 bindings to avoid a relatively expensive test in a couple
        of places by reordering the expressions in compound conditions, if (fastTest && moreExpensiveTest)
        https://bugs.webkit.org/show_bug.cgi?id=84500

        Reviewed by Kentaro Hara.

        No new tests, no new functionality.

        * bindings/v8/custom/V8StorageCustom.cpp:
        (WebCore::storageGetter):
        (WebCore::V8Storage::namedPropertyQuery):

2012-04-20  Dan Bernstein  <mitz@apple.com>

        REGRESSION (r114784): svg/text/foreignObject-text-clipping-bug.xml failing on Mountain Lion Debug Tests
        https://bugs.webkit.org/show_bug.cgi?id=84505

        Reviewed by Anders Carlsson.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::blockBeforeWithinSelectionRoot): Changed to not assume that boxes only
        have boxes as siblings.

2012-04-20  Dana Jansens  <danakj@chromium.org>

        [chromium] Remove special case for recreating layers during sync
        https://bugs.webkit.org/show_bug.cgi?id=84458

        Reviewed by James Robinson.

        We no longer delete layers on the impl side, unless it is due to
        deleting the layer on webkit side. So we will no longer have a
        situation where we need to push properties from an old
        LayerChromium to a new CCLayerImpl.

        * platform/graphics/chromium/TreeSynchronizer.cpp:
        (WebCore::TreeSynchronizer::reuseOrCreateCCLayerImpl):

2012-04-20  Dana Jansens  <danakj@chromium.org>

        [chromium] WebFilterOperations API does not compile or dynamically link
        https://bugs.webkit.org/show_bug.cgi?id=84506

        Reviewed by James Robinson.

        Non-inline functions need WEBKIT_EXPORT in their declarations,
        and the type used in the WebPrivateOwnPtr needs to be forward-
        declared even when WEBKIT_IMPLEMENTATION is not defined.

        * platform/chromium/support/WebFilterOperations.cpp:
        (WebKit::WebFilterOperations::initialize):

2012-04-20  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r114333.
        http://trac.webkit.org/changeset/114333
        https://bugs.webkit.org/show_bug.cgi?id=84511

        perf regression (Requested by morrita on #webkit).

        * dom/Node.cpp:
        * dom/Node.h:
        (WebCore):
        (Node):
        (WebCore::Node::isElementNode):
        (WebCore::Node::isContainerNode):
        (WebCore::Node::isTextNode):
        (WebCore::Node::isHTMLElement):
        (WebCore::Node::isSVGElement):
        (WebCore::Node::isStyledElement):
        (WebCore::Node::isShadowRoot):
        (WebCore::Node::parentNode):
        (WebCore::Node::parentNodeGuaranteedHostFree):

2012-04-20  Alec Flett  <alecflett@chromium.org>

        IndexedDB: Support get/getKey(keyRange)
        https://bugs.webkit.org/show_bug.cgi?id=83638

        Reviewed by Ojan Vafai.

        Support IDBKeyRange as a parameter to all the various get/getKey 
        combinations. Switches the existing get/getKey versions that use 
        IDBKey directly to start using IDBKeyRange.only(). 

        Test: storage/indexeddb/get-keyrange.html

        * Modules/indexeddb/IDBIndex.cpp:
        (WebCore::IDBIndex::get):
        (WebCore):
        (WebCore::IDBIndex::getKey):
        * Modules/indexeddb/IDBIndex.h:
        (IDBIndex):
        * Modules/indexeddb/IDBIndex.idl:
        * Modules/indexeddb/IDBIndexBackendImpl.cpp:
        (WebCore::IDBIndexBackendImpl::getInternal):
        (WebCore):
        (WebCore::IDBIndexBackendImpl::getByRangeInternal):
        (WebCore::IDBIndexBackendImpl::getKeyInternal):
        (WebCore::IDBIndexBackendImpl::getKeyByRangeInternal):
        (WebCore::IDBIndexBackendImpl::get):
        (WebCore::IDBIndexBackendImpl::getKey):
        * Modules/indexeddb/IDBIndexBackendImpl.h:
        (IDBIndexBackendImpl):
        * Modules/indexeddb/IDBIndexBackendInterface.h:
        (IDBIndexBackendInterface):
        * Modules/indexeddb/IDBObjectStore.cpp:
        (WebCore::IDBObjectStore::get):
        (WebCore):
        * Modules/indexeddb/IDBObjectStore.h:
        (IDBObjectStore):
        * Modules/indexeddb/IDBObjectStore.idl:
        * Modules/indexeddb/IDBObjectStoreBackendImpl.cpp:
        (WebCore):
        (WebCore::IDBObjectStoreBackendImpl::get):
        (WebCore::IDBObjectStoreBackendImpl::getByRangeInternal):
        (WebCore::IDBObjectStoreBackendImpl::getInternal):
        * Modules/indexeddb/IDBObjectStoreBackendImpl.h:
        (IDBObjectStoreBackendImpl):
        * Modules/indexeddb/IDBObjectStoreBackendInterface.h:
        (IDBObjectStoreBackendInterface):

2012-04-20  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r114789.
        http://trac.webkit.org/changeset/114789
        https://bugs.webkit.org/show_bug.cgi?id=84515

        Caused 5 tests to fail on mac/ (Requested by jernoble on
        #webkit).

        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        * css/CSSValueKeywords.in:
        * platform/ThemeTypes.h:
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::paint):

2012-04-20  Brady Eidson  <beidson@apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=84512
        Repurpose ActiveDOMObject::WillShowDialog to WillDeferLoading

        Reviewed by Eric Carlson.

        No new tests. (Refactor, no behavior change)

        Rename WillShowDialog to WillDeferLoading:
        * dom/ActiveDOMObject.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::suspend):

        Don't take a ReasonForSuspension argument anymore, just use WillDeferLoading:
        * page/PageGroupLoadDeferrer.cpp:
        (WebCore::PageGroupLoadDeferrer::PageGroupLoadDeferrer):
        * page/PageGroupLoadDeferrer.h:

        Don't pass a Reason anymore as WillDeferLoading is used by default:
        * page/Chrome.cpp:
        (WebCore::Chrome::runModal):
        (WebCore::Chrome::runBeforeUnloadConfirmPanel):
        (WebCore::Chrome::runJavaScriptAlert):
        (WebCore::Chrome::runJavaScriptConfirm):
        (WebCore::Chrome::runJavaScriptPrompt):
        (WebCore::Chrome::shouldInterruptJavaScript):

2012-04-20  James Robinson  <jamesr@chromium.org>

        [chromium] Plumb a compositor surface ready notification through to the threaded compositor
        https://bugs.webkit.org/show_bug.cgi?id=84305

        Reviewed by Adrienne Walker.

        Plumb setSurfaceReady through to the scheduler.

        * platform/graphics/chromium/cc/CCLayerTreeHost.cpp:
        (WebCore::CCLayerTreeHost::setSurfaceReady):
        (WebCore):
        * platform/graphics/chromium/cc/CCLayerTreeHost.h:
        (CCLayerTreeHost):
        * platform/graphics/chromium/cc/CCProxy.h:
        (CCProxy):
        * platform/graphics/chromium/cc/CCSingleThreadProxy.cpp:
        (WebCore::CCSingleThreadProxy::setSurfaceReady):
        (WebCore):
        * platform/graphics/chromium/cc/CCSingleThreadProxy.h:
        (CCSingleThreadProxy):
        * platform/graphics/chromium/cc/CCThreadProxy.cpp:
        (WebCore::CCThreadProxy::setSurfaceReady):
        (WebCore):
        (WebCore::CCThreadProxy::setSurfaceReadyOnImplThread):
        (WebCore::CCThreadProxy::initializeImplOnImplThread):
        * platform/graphics/chromium/cc/CCThreadProxy.h:
        (CCThreadProxy):

2012-04-20  Mark Pilgrim  <pilgrim@chromium.org>

        [Chromium] Call memoryUsageMB directly
        https://bugs.webkit.org/show_bug.cgi?id=84376

        Reviewed by Kentaro Hara.

        Now that memoryUsageMB has been moved from PlatformSupport.h to
        Platform.h, we need to be able to call it directly
        from WebCore/bindings/v8/V8GCController.cpp.
        That means we need a new MemoryUsageSupport class in
        WebCore/platform/ and an implementation in
        WebCore/platform/chromium/MemoryUsageSupportChromium.cpp.
        Other ports are welcome to implement their memory usage
        functions if they wish. This pattern was based on the
        HistogramSupport/HistogramSupportChromium classes.

        Part of a refactoring series. See tracking bug 82948.

        * CMakeLists.txt:
        * GNUmakefile.list.am:
        * Target.pri:
        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/v8/V8GCController.cpp:
        (WebCore):
        * platform/MemoryUsageSupport.cpp: Added.
        (WebCore):
        (WebCore::MemoryUsageSupport::memoryUsageMB):
        * platform/MemoryUsageSupport.h: Added.
        (WebCore):
        (MemoryUsageSupport):
        * platform/chromium/MemoryUsageSupportChromium.cpp: Added.
        (WebCore):
        (WebCore::MemoryUsageSupport::memoryUsageMB):
        * platform/chromium/PlatformSupport.h:
        (PlatformSupport):

2012-04-20  Anders Carlsson  <andersca@apple.com>

        Re-land. The non-fast scrollable region is now always updated after layout, and frameViewScrollableAreasDidChange has been removed.

        computeNonFastScrollableRegion needs to traverse the entire frame tree
        https://bugs.webkit.org/show_bug.cgi?id=84409
        <rdar://problem/11285741>

        Reviewed by Dan Bernstein.

        Now that scrollable areas won't be in the set of scrollable areas unless they are actually scrollable, we need to look for scrollable
        areas in the entire frame tree since there can be a scrollable frame that's a subframe of a non-scrollable frame for example.

        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::computeNonFastScrollableRegion):
        (WebCore::ScrollingCoordinator::frameViewLayoutUpdated):

2012-04-20  Adrienne Walker  <enne@google.com>

        [chromium] Clip TransparencyWin to prevent OOM from large Skia canvas
        https://bugs.webkit.org/show_bug.cgi?id=84289

        Reviewed by James Robinson.

        TransparencyWin will create a Skia canvas of whatever size is passed
        in, even if the result will ultimately be clipped. Handle the clip
        implicitly and try (in some cases) to create a smaller canvas. This
        can happen due to RenderBox::paintBoxDecorations passing a paint rect
        down of the entire element's size.

        Modes with more complicated transforms (ScaleTransform, UnTransform)
        are not handled yet.

        Tests: TransparencyWin.ClippedKeepTransformNoLayer
               TransparencyWin.ClippedKeepTransformOpaqueCompositeLayer
               TransparencyWin.ClippedKeepTransformOpaqueWhiteLayer

        * platform/graphics/chromium/TransparencyWin.cpp:
        (WebCore::TransparencyWin::computeLayerSize):

2012-04-04  Jer Noble  <jer.noble@apple.com>

        apple.com top navigation bar appears inside video during full screen exit animation
        https://bugs.webkit.org/show_bug.cgi?id=83095

        Reviewed by Eric Carlson.

        Test: fullscreen/full-screen-exit-animation-stacking-context.html

        Only tell ancestors of the full screen element that they are no longer ancestors once
        the full screen animation is complete:
        * dom/Document.cpp:
        (WebCore::Document::webkitWillExitFullScreenForElement):
        (WebCore::Document::webkitDidExitFullScreenForElement):

        To facilitate writing reproducible LayoutTests, expose webkitWill/Did/Enter/ExitFullScreen
        from the Internals object, so scripts can call them explicitly:
        * testing/Internals.cpp:
        (WebCore::Internals::webkitWillEnterFullScreenForElement): Call the Document equivalent.
        (WebCore::Internals::webkitDidEnterFullScreenForElement): Ditto.
        (WebCore::Internals::webkitWillExitFullScreenForElement): Ditto.
        (WebCore::Internals::webkitDidExitFullScreenForElement): Ditto.
        * testing/Internals.h:
        * testing/Internals.idl:

2012-04-17  Jer Noble  <jer.noble@apple.com>

        media-exit-fullscreen-button (and related enums) is unnecessary and should be removed.
        https://bugs.webkit.org/show_bug.cgi?id=84162

        Reviewed by Eric Carlson.

        No new tests; no change in functionality so covered by existing tests.

        Remove the media-exit-fullscreen-button keyword, and rename media-enter-fullscreen-button to
        media-fullscreen-button.

        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        * css/CSSValueKeywords.in:
        * css/mediaControls.css:
        (audio::-webkit-media-controls-fullscreen-button, video::-webkit-media-controls-fullscreen-button):
        * platform/ThemeTypes.h:
        * rendering/RenderTheme.cpp:
        (WebCore::RenderTheme::paint):

2012-04-20  Alexandre Elias  <aelias@google.com>

        [chromium] Fix compile errors when DEBUG_GL_CALLS is enabled
        https://bugs.webkit.org/show_bug.cgi?id=84491

        Reviewed by Ojan Vafai.

        DEBUG_GL_CALLS had not been used in a while and the mode no longer
        compiled when I tried it.  I improved the GLC macro to support either
        raw pointers or RefPtrs, and to be a single expression in order to
        interact properly with if/else blocks.  I fixed the cases where we
        were passing in the "context" method pointer by mistake, and removed the
        now-unnecessary "get()" calls for the RefPtrs.

        No new tests. (No-op change in release builds.)

        * platform/graphics/chromium/LayerRendererChromium.cpp:
        (WebCore::LayerRendererChromium::initialize):
        (WebCore::LayerRendererChromium::clearRenderSurface):
        (WebCore::LayerRendererChromium::beginDrawingFrame):
        (WebCore::LayerRendererChromium::doNoOp):
        (WebCore::LayerRendererChromium::drawQuad):
        (WebCore::LayerRendererChromium::drawTextureQuad):
        (WebCore::LayerRendererChromium::drawHeadsUpDisplay):
        (WebCore::LayerRendererChromium::finishDrawingFrame):
        (WebCore::LayerRendererChromium::useRenderSurface):
        (WebCore::LayerRendererChromium::bindFramebufferToTexture):
        (WebCore::LayerRendererChromium::setScissorToRect):
        (WebCore::LayerRendererChromium::setDrawViewportRect):
        (WebCore::LayerRendererChromium::initializeSharedObjects):
        (WebCore::LayerRendererChromium::cleanupSharedObjects):
        * platform/graphics/chromium/LayerRendererChromium.h:
        (WebCore):

2012-04-20  Anders Carlsson  <andersca@apple.com>

        Fix build.

        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::updateMainFrameScrollPositionAndScrollLayerPosition):

2012-04-19  Simon Fraser  <simon.fraser@apple.com>

        Set m_compositingDependsOnGeometry to false if possible
        https://bugs.webkit.org/show_bug.cgi?id=84391

        Reviewed by James Robinson.
        
        For some kinds of elements, RenderLayerCompositor has to delay decisions about
        compositing until the element's size and/or position are known. This was previsouly
        based on the confusingly named m_compositingDependsOnGeometry flag, but another
        variant of the same technique, with an additional flag m_compositingNeedsUpdate,
        was added in r98627.
        
        Also, once the m_compositingDependsOnGeometry flag was set to true, nothing
        set it to false, so every compositing layer update resulted in a computeCompositingRequirements()
        pass over the layers.
        
        Rename the m_compositingDependsOnGeometry flag to m_reevaluateCompositingAfterLayout,
        and clear the flag when we do a layout-related compositing layer update.
        Use the same flag for position:fixed compositing.
        
        This requires RenderLayerCompositor to distinguish between style- and layout-
        related updates, requiring some minor refactoring in FrameView.

        Should not change behavior.
        
        * dom/Document.cpp:
        (WebCore::Document::recalcStyle):
        (WebCore::Document::implicitClose):
        * page/FrameView.cpp:
        (WebCore::FrameView::updateCompositingLayersAfterStyleChange):
        (WebCore::FrameView::updateCompositingLayersAfterLayout):
        (WebCore::FrameView::restoreBackingStores):
        (WebCore::FrameView::layout):
        * page/FrameView.h:
        (FrameView):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::RenderLayerCompositor):
        (WebCore::RenderLayerCompositor::updateCompositingLayersTimerFired):
        (WebCore::RenderLayerCompositor::updateCompositingLayers):
        (WebCore::RenderLayerCompositor::layerTreeAsText):
        (WebCore::RenderLayerCompositor::requiresCompositingForPlugin):
        (WebCore::RenderLayerCompositor::requiresCompositingForFrame):
        (WebCore::RenderLayerCompositor::requiresCompositingForPosition):
        * rendering/RenderLayerCompositor.h:
        (RenderLayerCompositor):

2012-04-20  Dan Bernstein  <mitz@apple.com>

        <rdar://problem/10786000> Selection highlights of lines in adjoining blocks can overlap
        https://bugs.webkit.org/show_bug.cgi?id=84489

        Reviewed by Anders Carlsson.

        Test: fast/block/line-layout/selection-highlight-overlap.html

        * rendering/EllipsisBox.cpp:
        (WebCore::EllipsisBox::selectionRect): Changed to use
        selection{Top,Height}AdjustedForPrecedingBlock().
        * rendering/InlineTextBox.cpp:
        (WebCore::InlineTextBox::paintSelection): Ditto.
        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::inlineSelectionGaps): Ditto.
        (WebCore::RenderBlock::blockBeforeWithinSelectionRoot): Added. Returns the block which is
        likely to contain the selected line just before the first line in this block, if it is
        within the same selection root.
        * rendering/RenderBlock.h:
        * rendering/RootInlineBox.cpp:
        (WebCore::RootInlineBox::selectionTopAdjustedForPrecedingBlock): Added. If the selection
        starts before our block, finds the last line in the preceding block and adjusts the selection
        top to avoid overlap with that line’s selection bottom.
        * rendering/RootInlineBox.h:
        (WebCore::RootInlineBox::selectionHeightAdjustedForPrecedingBlock): Added. Like
        selectionHeight(), but uses selectionTopAdjustedForPrecedingBlock().

2012-04-20  Xianzhu Wang  <wangxianzhu@chromium.org>

        Crash in getOrDrawNodeHighlight after r114659
        https://bugs.webkit.org/show_bug.cgi?id=84486

        Reviewed by Daniel Bates.

        No new tests. Fixes a crash in test: inspector/elements/elements-panel-selection-on-refresh.html.

        * inspector/DOMNodeHighlighter.cpp:

2012-04-20  Brady Eidson  <beidson@apple.com>

        https://bugs.webkit.org/show_bug.cgi?id=84490
        PageGroupLoadDeferrer needs to take a ReasonForSuspension argument

        Reviewed by Anders Carlsson.

        No new tests. (Refactor, no change in behavior)

        - Make PageGroupLoadDeferrer take a ReasonForSuspension argument so it can pass it along.
        * page/PageGroupLoadDeferrer.cpp:
        (WebCore::PageGroupLoadDeferrer::PageGroupLoadDeferrer):
        * page/PageGroupLoadDeferrer.h:

        - Change suspendScheduledTasks to take a ReasonForSuspension.
        - As long as we're changing Document.h, add a m_suspendedScheduledTasks flag and some
          ASSERTs to catch what would be epically wrong behavior in the future.
        * dom/Document.cpp:
        (WebCore::Document::Document):
        (WebCore::Document::suspendScheduledTasks):
        (WebCore::Document::resumeScheduledTasks):
        * dom/Document.h:

        - Pass ActiveDOMObject::WillShowDialog along to all PageGroupLoadDeferrers, as it used
          to be the default behavior
        * page/Chrome.cpp:
        (WebCore::Chrome::runModal):
        (WebCore::Chrome::runBeforeUnloadConfirmPanel):
        (WebCore::Chrome::runJavaScriptAlert):
        (WebCore::Chrome::runJavaScriptConfirm):
        (WebCore::Chrome::runJavaScriptPrompt):
        (WebCore::Chrome::shouldInterruptJavaScript):

2012-04-20  Anders Carlsson  <andersca@apple.com>

        Scrolling after going to a find-in-page result jumps to the top of the page
        https://bugs.webkit.org/show_bug.cgi?id=84485
        <rdar://problem/11273734>

        Reviewed by Beth Dakin.

        If we're both updating the requested scroll position and entering slow mode in the same commit, the
        probable main thread scroll position should be the requested scroll position.

        * page/scrolling/mac/ScrollingTreeNodeMac.mm:
        (WebCore::ScrollingTreeNodeMac::update):

2012-04-20  James Robinson  <jamesr@chromium.org>

        Avoid synchronously recalculating the nonFastScrollableRegion when the ScrollableArea set changes
        https://bugs.webkit.org/show_bug.cgi?id=84470

        Reviewed by Anders Carlsson.

        When a scrollable area is added or removed, we shouldn't recalculate the nonFastScrollableRegion synchronously
        since this is slow, the RenderObject tree might not be in an up-to-date state, and we'll typically do layout
        soon anyway.

        * page/FrameView.cpp:
        (WebCore::FrameView::addScrollableArea):
        (WebCore::FrameView::removeScrollableArea):
        * page/scrolling/ScrollingCoordinator.cpp:
        * page/scrolling/ScrollingCoordinator.h:
        (ScrollingCoordinator):

2012-04-20  Emil A Eklund  <eae@chromium.org>

        Fix use of LayoutUnits in DOMNodeHighlighter
        https://bugs.webkit.org/show_bug.cgi?id=84472

        Reviewed by Eric Seidel.

        Fix use of subpixel units and rounding in new code introduced in r114659.

        No new tests, no change in functionality.

        * inspector/DOMNodeHighlighter.cpp:

2012-04-17  Antonio Gomes  <agomes@rim.com>

        Relax ScrollView::adjustScrollPositionWithinRange in case constrainsScrollingToContentEdge is false
        https://bugs.webkit.org/show_bug.cgi?id=84178

        Reviewed by Adam Treat.

        No new tests since it is not easily testable.

        When a port has both delegatesScrolling and constrainsScrollingToContentEdge set to FALSE
        (i.e. it accepts overscrolled position), calling ScrollView::setScrollPosition with an overscrolled
        position still gets the position clamped to the content size edges.

        Patch relaxes ::adjustScrollPositionWithinRange in that sense in order to track the actual scroll
        position.

        Note: ScrollView::setScrollOffset already does something similar.

        * platform/ScrollView.cpp:
        (WebCore::ScrollView::adjustScrollPositionWithinRange):

2012-04-20  Sheriff Bot  <webkit.review.bot@gmail.com>

        Unreviewed, rolling out r114535.
        http://trac.webkit.org/changeset/114535
        https://bugs.webkit.org/show_bug.cgi?id=84475

        It might have caused V8 crashes. (Requested by pfeldman_ on
        #webkit).

        * bindings/v8/V8IsolatedContext.cpp:
        (WebCore::V8IsolatedContext::V8IsolatedContext):
        * bindings/v8/V8Proxy.cpp:
        (WebCore::V8Proxy::evaluateInIsolatedWorld):
        (WebCore::V8Proxy::setInjectedScriptContextDebugId):
        (WebCore):
        * bindings/v8/V8Proxy.h:
        (V8Proxy):

2012-04-20  Dean Jackson  <dino@apple.com>

        -webkit-filter missing from computed style enumeration
        https://bugs.webkit.org/show_bug.cgi?id=84468

        Reviewed by Timothy Hatcher.
        
        CSSComputedStyleDeclaration has a list of properties that it exposes.
        While the computed style for filter was available, the property wasn't
        listed and hence missing in clients like the Web Inspector.

        Covered by existing tests.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore): add CSSPropertyWebkitFilter

2012-04-20  Emil A Eklund  <eae@chromium.org>

        [win] Update windows platform code to use pixel snapped values
        https://bugs.webkit.org/show_bug.cgi?id=84283

        Reviewed by Eric Seidel.

        No new tests, no change in functionality.

        * accessibility/AccessibilityObject.h:
        (WebCore::AccessibilityObject::pixelSnappedElementRect):
        Use pixel snapped values when computing screenRect.
        
        * platform/win/PopupMenuWin.cpp:
        (WebCore::PopupMenuWin::calculatePositionAndSize):
        (WebCore::PopupMenuWin::paint):
        Cast client padding to ints as they are guaranteed to align with device pixels.

2012-04-20  Dana Jansens  <danakj@chromium.org>

        [chromium] Some filters require inflating damage rect in CCDamageTracker
        https://bugs.webkit.org/show_bug.cgi?id=84373

        Reviewed by James Robinson.

        When a layer is blurred, damaged pixels are blurred out into a radius
        and their damage should be expanded to include total blurred region.

        Unit test: CCDamageTrackerTest.verifyDamageForBlurredSurface

        * platform/graphics/chromium/cc/CCDamageTracker.cpp:
        (WebCore::CCDamageTracker::updateDamageTrackingState):
        (WebCore::CCDamageTracker::expandDamageRectWithForegroundFilters):
        (WebCore):
        * platform/graphics/chromium/cc/CCDamageTracker.h:
        (WebCore):
        (CCDamageTracker):
        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
        (WebCore::CCLayerTreeHostImpl::trackDamageForAllSurfaces):

2012-04-20  Sami Kyostila  <skyostil@chromium.org>

        [chromium] Don't crash when scrolling empty layer tree
        https://bugs.webkit.org/show_bug.cgi?id=84455

        Reviewed by James Robinson.

        Do not try to calculate render passes when there are no layers in the
        layer tree.

        Added new unit test.

        * platform/graphics/chromium/cc/CCLayerTreeHostImpl.cpp:
        (WebCore::CCLayerTreeHostImpl::calculateRenderPasses):

2012-04-20  Victor Carbune  <vcarbune@adobe.com>

        Ensure text is centered for default captions
        https://bugs.webkit.org/show_bug.cgi?id=84450

        Reviewed by Eric Carlson.

        Updated existing test.

        * html/track/TextTrackCue.cpp:
        (WebCore::TextTrackCue::getDisplayTree): Added default width.

2012-04-20  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: open file dialog is not centered.
        https://bugs.webkit.org/show_bug.cgi?id=84464

        Reviewed by Yury Semikhatsky.

        There was an error in the positioning logic.

        * inspector/front-end/FilteredItemSelectionDialog.js:
        (WebInspector.FilteredItemSelectionDialog.prototype.position):

2012-04-20  Allan Sandfeld Jensen  <allan.jensen@nokia.com>

        [Qt] PlatformMouseEventQt.cpp should be deleted.
        https://bugs.webkit.org/show_bug.cgi?id=84437

        Reviewed by Kenneth Rohde Christiansen.

        * platform/qt/PlatformMouseEventQt.cpp: Removed.

2012-04-20  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: follow up to r114729: more @return annotations added.
        https://bugs.webkit.org/show_bug.cgi?id=84447

        Reviewed by Yury Semikhatsky.

        * inspector/front-end/Resource.js:
        (WebInspector.Resource):
        (WebInspector.ResourceRevision.prototype.get content):
        * inspector/front-end/ResourceTreeModel.js:
        (WebInspector.ResourceTreeFrame.prototype._addRequest):
        * inspector/front-end/ResourceUtils.js:
        (String.prototype.asParsedURL):

2012-04-20  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: migrate from ScriptsNavigator to NavigatorView in the Styles panel
        https://bugs.webkit.org/show_bug.cgi?id=84459

        Reviewed by Yury Semikhatsky.

        Now that NavigatorView has all the functionality we need, we can use it.

        * inspector/front-end/NavigatorView.js:
        (WebInspector.NavigatorScriptTreeElement.prototype.ondblclick):
        * inspector/front-end/ScriptsNavigator.js:
        (WebInspector.ScriptsNavigator):
        * inspector/front-end/StylesPanel.js:
        (WebInspector.StylesPanel):
        (WebInspector.StylesPanel.prototype._resourceAdded):
        (WebInspector.StylesPanel.prototype._reset):
        (WebInspector.StylesPanel.prototype._itemSelected):
        (WebInspector.StylesPanel.prototype._showFile):
        * inspector/front-end/navigatorView.css:
        (.navigator-tabbed-pane .tabbed-pane-content):
        (.navigator-tabbed-pane .navigator-container):
        (.navigator-tabbed-pane .navigator):
        (.navigator-tabbed-pane .tabbed-pane-header):
        (.navigator-tabbed-pane .tabbed-pane-header-contents):
        * inspector/front-end/scriptsPanel.css:

2012-04-20  Sam D  <dsam2912@gmail.com>

        Web Inspector: Does not have search navigation button for going through matches in either direction (prev, next)
        https://bugs.webkit.org/show_bug.cgi?id=84235

        Added buttons for navigating on seiarch matches in inspector panel
        through button clicks as well. 

        Reviewed by Pavel Feldman.

        No new tests / ux enhanced for search functionality

        * English.lproj/localizedStrings.js:
        * WebCore.gypi:
        * inspector/front-end/Images/searchNext.png: Added.
        * inspector/front-end/Images/searchPrev.png: Added.
        * inspector/front-end/SearchController.js:
        (WebInspector.SearchController):
        (WebInspector.SearchController.prototype._updateSearchNavigationButtonState):
        (WebInspector.SearchController.prototype._updateSearchMatchesCountAndCurrentMatchIndex):
        (WebInspector.SearchController.prototype._onNextButtonSearch):
        (WebInspector.SearchController.prototype._onPrevButtonSearch):
        (WebInspector.SearchController.prototype._performSearch):
        (WebInspector.SearchController.prototype._createSearchNavigationButton):
        (WebInspector.SearchController.prototype._populateSearchNavigationButtons):
        * inspector/front-end/WebKit.qrc:
        * inspector/front-end/inspector.css:
        (.toolbar-search-item):
        (#search):
        (#toolbar-search-navigation-control):
        (.toolbar-search-navigation-label):
        (.toolbar-search-navigation-label:hover):
        (.toolbar-search-navigation-icon-prev , .toolbar-search-navigation-icon-next):
        (.toolbar-search-navigation-icon-prev):
        (.toolbar-search-navigation-icon-next):
        * inspector/front-end/inspector.html:

2012-04-20  Pavel Feldman  <pfeldman@chromium.org>

        Web Inspector: extract NavigatorView and NavigatorOverlayController from ScriptsNavigator.
        https://bugs.webkit.org/show_bug.cgi?id=84441

        Reviewed by Yury Semikhatsky.

        - Moves NavigatorOverlayController out of ScriptsNavigator
        - Extracts NavigatorView from ScriptsNavigator and makes ScriptsNavigator contain 3 NavigatorView instances (one per tab)
        - Subclasses SnippetsNavigatorView and leaves it within ScriptsNavigator.

        * WebCore.gypi:
        * WebCore.vcproj/WebCore.vcproj:
        * inspector/compile-front-end.py:
        * inspector/front-end/NavigatorOverlayController.js: Added.
        (WebInspector.NavigatorOverlayController.prototype.wasShown):
        (WebInspector.NavigatorOverlayController.prototype._createNavigatorControlButton):
        (WebInspector.NavigatorOverlayController.prototype._escDownWhileNavigatorOverlayOpen):
        (WebInspector.NavigatorOverlayController.prototype._toggleNavigator):
        (WebInspector.NavigatorOverlayController.prototype._hidePinnedNavigator):
        (WebInspector.NavigatorOverlayController.prototype.set _pinNavigator):
        (WebInspector.NavigatorOverlayController.prototype.set showNavigatorOverlay):
        (WebInspector.NavigatorOverlayController.prototype.hideNavigatorOverlay):
        (WebInspector.NavigatorOverlayController.prototype._navigatorOverlayWasShown):
        * inspector/front-end/NavigatorView.js: Added.
        (WebInspector.NavigatorView):
        (WebInspector.NavigatorView.prototype._updateScriptTitle.get if):
        (WebInspector.NavigatorView.prototype._updateScriptTitle):
        (WebInspector.NavigatorView.prototype._scriptSelected):
        (WebInspector.NavigatorView.prototype._removeUISourceCode.get while):
        (WebInspector.NavigatorView.prototype._removeUISourceCode):
        (WebInspector.NavigatorView.prototype._showScriptFoldersSettingChanged):
        (WebInspector.NavigatorView.prototype._fileRenamed):
        (WebInspector.NavigatorView.prototype.rename.commitHandler):
        (WebInspector.NavigatorView.prototype.rename.cancelHandler):
        (WebInspector.NavigatorView.prototype.rename.afterEditing):
        (WebInspector.NavigatorView.prototype.reset):
        (WebInspector.NavigatorView.prototype.createFolderTreeElement):
        (WebInspector.NavigatorView.prototype.getOrCreateFolderTreeElement):
        (WebInspector.NavigatorView.prototype.handleContextMenu):
        (WebInspector.NavigatorTreeOutline):
        (WebInspector.NavigatorTreeOutline._treeElementsCompare.compare.typeWeight):
        (WebInspector.NavigatorTreeOutline._treeElementsCompare):
        (WebInspector.NavigatorTreeOutline.prototype.scriptTreeElements):
        (WebInspector.NavigatorTreeOutline.prototype.searchStarted):
        (WebInspector.NavigatorTreeOutline.prototype.searchFinishe