Context Navigation

← Previous Period
Next Period →

Timeline

Oct 13, 2013:

10:58 PM Changeset in webkit [157387] by Darin Adler

18 edits in trunk

Deprecate or remove deleteAllValues functions; there are only a few call sites left
https://bugs.webkit.org/show_bug.cgi?id=122738

Reviewed by Anders Carlsson.

Source/WebCore:

platform/blackberry/CookieMap.cpp:

(WebCore::CookieMap::deleteAllCookiesAndDomains):

platform/network/blackberry/rss/RSSParserBase.cpp:

(WebCore::RSSFeed::clear):

platform/win/WCDataObject.cpp:

(WebCore::WCDataObject::~WCDataObject):
Renamed deleteAllValues to deprecatedDeleteAllValues.

Source/WebKit/blackberry:

WebKitSupport/InPageSearchManager.cpp:

(BlackBerry::WebKit::InPageSearchManager::cancelPendingScopingEffort):
Renamed deleteAllValues to deprecatedDeleteAllValues.

Source/WebKit2:

Shared/Plugins/NPRemoteObjectMap.cpp:

(WebKit::NPRemoteObjectMap::pluginDestroyed): Renamed deleteAllValues to
deprecatedDeleteAllValues.

Source/WTF:

wtf/Deque.h: Deleted deleteAllValues.
wtf/HashMap.h: Ditto.
wtf/HashSet.h: Ditto.
wtf/ListHashSet.h: Ditto.
wtf/Vector.h: Renamed deleteAllValues to deprecatedDeleteAllValues.

Tools:

DumpRenderTree/win/DRTDataObject.cpp:

(DRTDataObject::~DRTDataObject):

DumpRenderTree/win/UIDelegate.cpp:

(DRTUndoStack::~DRTUndoStack):
(DRTUndoStack::clear):
Renamed deleteAllValues to deprecatedDeleteAllValues.

Scripts/do-webcore-rename: Updated to perform this rename, as is traditional.

10:02 PM Changeset in webkit [157386] by ap@apple.com

3 edits in trunk/Tools

build.webkit.org/dashboard incorrectly shows interrupted builds as green
https://bugs.webkit.org/show_bug.cgi?id=122732

Reviewed by Tim Hatcher.

BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/BuildbotIteration.js:

(BuildbotIteration.prototype.update): Removed a special case for status 4 (EXCEPTION).
I don't see it occur any time in recent history, but judging from what happens for
status 5 (RETRY), we can just finish this function normally.
Record overall text description for iteration as BuildbotIteration.text.

BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/BuildbotTesterQueueView.js:

(BuildbotTesterQueueView.prototype.update.appendBuilderQueueStatus): If an iteration is a failure,
but no tests failed, make it yellow, and use buildbot-provided description for it.

5:11 PM Changeset in webkit [157385] by weinig@apple.com

104 edits in trunk/Source/WebCore

Merge NODE_TYPE_CASTS and ELEMENT_TYPE_CASTS
https://bugs.webkit.org/show_bug.cgi?id=122735

Reviewed by Antti Koivisto.

NODE_TYPE_CASTS and ELEMENT_TYPE_CASTS are identical. Let them become one
with one another.

3:06 PM Changeset in webkit [157384] by akling@apple.com

2 edits in trunk/Source/WebCore

Uncrashify Document::head() too. (Why am I even awake?)

2:21 PM Changeset in webkit [157383] by akling@apple.com

2 edits in trunk/Source/WebCore

REGRESSION(r157381): Make Document::body() crash less when there is no documentElement.

Unreviewed.

1:45 PM Changeset in webkit [157382] by fpizlo@apple.com

3 edits in trunk/Source/JavaScriptCore

FTL OSR exit should perform zero extension on values smaller than 64-bit
https://bugs.webkit.org/show_bug.cgi?id=122688

Reviewed by Gavin Barraclough.

In the DFG we usually make the simplistic assumption that a 32-bit value in a 64-bit
register will have zeros on the high bits. In the few cases where the high bits are
non-zero, the DFG sort of tells us this explicitly.

But when working with llvm.webkit.stackmap, it doesn't work that way. Consider we might
emit LLVM IR like:

%2 = trunc i64 %1 to i32
stuff %2
call @llvm.webkit.stackmap(...., %2)

LLVM may never actually emit a truncation instruction of any kind. And that's great - in
many cases it won't be needed, like if 'stuff %2' is a 32-bit op that ignores the high
bits anyway. Hence LLVM may tell us that %2 is in the register that still had the value
from before truncation, and that register may have garbage in the high bits.

This means that on our end, if we want a 32-bit value and we want that value to be
zero-extended, we should zero-extend it ourselves. This is pretty easy and should be
cheap, so we should just do it and not make it a requirement that LLVM does it on its
end.

This makes all tests pass with JSC_ftlOSRExitUsesStackmap=true.

ftl/FTLOSRExitCompiler.cpp:

(JSC::FTL::compileStubWithOSRExitStackmap):

ftl/FTLValueFormat.cpp:

(JSC::FTL::reboxAccordingToFormat):

12:21 PM Changeset in webkit [157381] by Darin Adler

3 edits in trunk/Source/WebCore

Rewrite Document::body and Document::head in modern style, way clearer and shorter
https://bugs.webkit.org/show_bug.cgi?id=122717

Reviewed by Andreas Kling.

dom/Document.cpp:

(WebCore::Document::body): Use iterator to make this way easier to read.
(WebCore::Document::head): Ditto.

html/HTMLTagNames.in: Added generateTypeHelpers for body and head.

12:17 PM Changeset in webkit [157380] by mrowe@apple.com

5 edits
5 copies in trunk

Roll deps^HH^HHChangeLogs.

11:52 AM Changeset in webkit [157379] by berto@igalia.com

2 edits in trunk/LayoutTests

Unreviewed GTK gardening.

platform/gtk-wk2/TestExpectations:

Add bug number to the failing animation tests.

11:39 AM Changeset in webkit [157378] by akling@apple.com

4 edits in trunk/Source/WebCore

RenderLayerBacking should have RenderLayer& backpointer.
<https://webkit.org/b/122731>

Reviewed by Anders Carlsson.

RenderLayerBacking is always owned by a RenderLayer and so should
store its backpointer in a reference.

10:26 AM Changeset in webkit [157377] by commit-queue@webkit.org

4 edits in trunk/LayoutTests

Removing input-file-entries.html from TestExpectation
https://bugs.webkit.org/show_bug.cgi?id=122674

Patch by Santosh Mahto <santosh.ma@samsung.com> on 2013-10-13
Reviewed by Anders Carlsson.

input-file-entries.html has been removed in
changeset 156692. so removing references to this file.

platform/win/TestExpectations:
platform/wincairo/TestExpectations:
platform/wk2/TestExpectations:

10:10 AM Changeset in webkit [157376] by andersca@apple.com

2 edits in trunk/Source/JavaScriptCore

Try to fix the Lion build.

Configurations/JavaScriptCore.xcconfig:

9:15 AM Changeset in webkit [157375] by Darin Adler

52 edits in trunk/Source/WebCore

Make element predicates and type casts work more consistently on more types
https://bugs.webkit.org/show_bug.cgi?id=122718

Reviewed by Antti Koivisto.

dom/ContainerNodeAlgorithms.cpp:

(WebCore::assertConnectedSubrameCountIsConsistent):

dom/ContainerNodeAlgorithms.h:

(WebCore::ChildFrameDisconnector::collectFrameOwners):
Updated for name change.

dom/Document.cpp:

(WebCore::Document::adoptNode): Use a reference instead of a pointer.
(WebCore::Document::dispatchFullScreenChangeOrErrorEvent): Updated for
typecast name change and also to cast a reference, since we don't overload
for pointers.
(WebCore::Document::updateHoverActiveState): Ditto.

dom/Element.h: Made the isElementOfType functions take references instead

of pointers. Also use const in the type template argument. These changes go
hand in hand with the changes in the generated code and all the classes.
Also use a bit of nullptr.

dom/ElementIterator.h:

(WebCore::findElementAncestorOfType): Got rid of the ElementTypeWithConst
naming since this works with or without const. Added const to the call site
for isElementOfType, because it works that way now.

dom/ElementTraversal.h:

(WebCore::Traversal::firstChildTemplate): Add const to the type when calling
isElementOfType. Along with the corresponding changes, this makes these
templates work for const types.
(WebCore::Traversal::lastChildTemplate): Ditto.
(WebCore::Traversal::firstWithinTemplate): Ditto.
(WebCore::Traversal::lastWithinTemplate): Ditto.
(WebCore::Traversal::nextTemplate): Ditto.
(WebCore::Traversal::previousTemplate): Ditto.
(WebCore::Traversal::nextSiblingTemplate): Ditto.
(WebCore::Traversal::previousSiblingTemplate): Ditto.
(WebCore::Traversal::nextSkippingChildrenTemplate): Ditto.

dom/Node.cpp:

(WebCore::Node::handleLocalEvents): Check isElementNode and then call the
isDisabledFormControl member function, since we no longer have a helper that
takes a node.
(WebCore::Node::willRespondToMouseMoveEvents): Ditto.
(WebCore::Node::willRespondToMouseClickEvents): Ditto.
(WebCore::Node::willRespondToTouchEvents): Ditto.

dom/PseudoElement.h: Use some nullptr. Added an isPseudoElement function

that the ELEMENT_TYPE_CASTS macro can use, and also used that macro to make
the toPseudoElement functions instead of a hand-written local variant.

dom/make_names.pl:

(printTypeHelpers): Added unimplemented versions of the element predicate
functions that return void to catch unnecessary runtime checks of types
that are already known at compile time. Added assertions to the pointer
overloads of the predicates. Maybe later we can delete them. Added const
to the isElementOf template arguments to make these work with both const
and non-const. Put overloads in a consistent order, most specific class
first, then less specific. Changed isElementOfType to take references
rather than pointers.

editing/Editor.cpp:

(WebCore::Editor::selectionForCommand): Updated to pass a reference.
(WebCore::Editor::setBaseWritingDirection): Ditto.
(WebCore::findFirstMarkable): Ditto.

html/FormAssociatedElement.h: Tweaked a comment.

html/HTMLBodyElement.cpp:

(WebCore::HTMLBodyElement::insertedInto): Updated for name change and to
pass a reference.

html/HTMLElement.cpp:

(WebCore::HTMLElement::translate): Removed FIXME and const_cast since the
problem is fixed.
(WebCore::HTMLElement::directionality): Use a reference.

html/HTMLElement.h: Use const in the type of the isElementOfType functions.

Use references for all the arguments, not pointers.

html/HTMLFieldSetElement.cpp:

(WebCore::HTMLFieldSetElement::refreshElementsIfNeeded): Use documentVersion
instead of docVersion for local variable name. Use elementDescendants instead
of elementTraversal.
(WebCore::HTMLFieldSetElement::length): Use length instead of len for name.

html/HTMLFormControlElement.h: Put predicates into the standard format and

did them on single lines. Added ELEMENT_TYPE_CASTS so we get standard casts.

html/HTMLFrameElementBase.h: Ditto.
html/HTMLFrameOwnerElement.h: Ditto, but changed the name to match the class,

so it's now isHTMLFrameOwnerElement and toHTMLFrameOwnerElement.

html/HTMLLabelElement.cpp:

(WebCore::nodeAsSupportedLabelableElement): Updated to use references.

html/HTMLMediaElement.h: Put predicates into the standard format and did

them on single lines. Added ELEMENT_TYPE_CASTS so we get standard casts.

html/HTMLPlugInElement.h: Ditto. Also marked isPluginElement FINAL.
html/HTMLPlugInImageElement.h: Ditto.
html/HTMLTableCellElement.cpp: Removed old hand-written cast functions.
html/HTMLTableCellElement.h: Did same predicate and ELEMENT_TYPE_CASTS

changes. Also fixed up the ordering of functions in the class.

html/HTMLTextFormControlElement.cpp:

(WebCore::enclosingTextFormControl): Updated to use references and nullptr.

html/HTMLTextFormControlElement.h: Did same predicate and ELEMENT_TYPE_CASTS.

html/HTMLTrackElement.cpp:

(WebCore::HTMLTrackElement::removedFrom): Call isHTMLMediaElement by its new name.

html/LabelableElement.h: Did same predicate and ELEMENT_TYPE_CASTS.

html/track/WebVTTElement.h: Made isWebVTTElement private. Changed the argument

type of setLanguage to const AtomicString& to avoid excess reference count churn.
Did the predicate and type casts thing.

loader/archive/cf/LegacyWebArchive.cpp:

(WebCore::LegacyWebArchive::create): Update for name changes and use references.

mathml/MathMLElement.h: Did same predicate and ELEMENT_TYPE_CASTS.

page/FocusController.cpp:

(WebCore::FocusController::findFocusableElementDescendingDownIntoFrameDocument):
(WebCore::FocusController::advanceFocusInDocumentOrder):

page/PageSerializer.cpp:

(WebCore::SerializerMarkupAccumulator::appendCustomAttributes):
Update for name change.

platform/Pasteboard.h: Removed unneeded forward declaration.

rendering/RenderWidget.h: Updated for name change.

rendering/svg/RenderSVGResourceFilter.cpp:

(WebCore::RenderSVGResourceFilter::buildPrimitives): Use element iterator
and nullptr.

svg/SVGAElement.cpp:

(WebCore::SVGAElement::defaultEventHandler): Update for name changes.

svg/SVGAnimateElement.cpp:

(WebCore::isSVGAnimateElement): Moved here since we don't want to inline such
a long list of tag names.

svg/SVGAnimateElement.h: Marked a lot more virtual functions OVERRIDE.

Did predicate and ELEMENT_TYPE_CASTS changes, but did not make the predicate
be inlined.

svg/SVGElement.h: Did predicate and ELEMENT_TYPE_CASTS changes.
svg/SVGFilterPrimitiveStandardAttributes.h: Ditto.

svg/SVGGradientElement.cpp:

(WebCore::isSVGGradientElement): Moved here since we don't want to inline
the two tag names.

svg/SVGGradientElement.h: Did predicate and ELEMENT_TYPE_CASTS changes.
svg/SVGGraphicsElement.h: Ditto.

svg/SVGImageElement.cpp:

(WebCore::SVGImageElement::SVGImageElement): Took out assertion, since it
was asserting the class of the obejct we just created.

svg/SVGPolyElement.cpp:

(WebCore::isSVGPolyElement): Moved here since we don't want to inline the
two tag names.

svg/SVGPolyElement.h: Did predicate and ELEMENT_TYPE_CASTS changes.
svg/SVGTextContentElement.h: Ditto.

svg/animation/SVGSMILElement.cpp:

(WebCore::SVGSMILElement::connectConditions): Update for name changes,
to use references and nullptr, and to get rid of a non-helpful local.

svg/animation/SVGSMILElement.h: Added a virtual function to check if a

given SVGElement is an SVGSMILElement so we don't have to check a long list
of tag names instead. Also did the predicate and ELEMENT_TYPE_CASTS changes.

testing/Internals.cpp:

(WebCore::Internals::visiblePlaceholder): Updated to use references.

9:12 AM Changeset in webkit [157374] by andersca@apple.com

3 edits in trunk/Source/WTF

Change callOnMainThread to take an std::function
https://bugs.webkit.org/show_bug.cgi?id=122698

Reviewed by Darin Adler.

This will let us pass anything that can be converted to an std::function (including lambdas and
WTF::Function objects) to callOnMainThread.

wtf/MainThread.cpp:

(WTF::callOnMainThread):

wtf/MainThread.h:

9:00 AM Changeset in webkit [157373] by Antti Koivisto

13 edits in trunk/Source/WebCore

Text::renderer() should return RenderText
https://bugs.webkit.org/show_bug.cgi?id=122729

Reviewed by Andreas Kling.

Tighten typing.

8:57 AM Changeset in webkit [157372] by akling@apple.com

5 edits in trunk/Source/WebCore

Devirtualize RenderView::viewRect().
<https://webkit.org/b/122730>

Reviewed by Antti Koivisto.

There's no need for viewRect() to be a virtual RenderObject function.
The single call site that didn't already access it through RenderView
can just go via view().

8:56 AM Changeset in webkit [157371] by akling@apple.com

6 edits in trunk/Source/WebCore

Move setPseudoStyle() to RenderImage (from RenderElement.)
<https://webkit.org/b/122726>

Reviewed by Antti Koivisto.

Only RenderImages ever use setPseudoStyle() so move it there and
remove the non-image codepath.

8:04 AM Changeset in webkit [157370] by akling@apple.com

5 edits in trunk/Source/WebCore

CTTE: RenderSlider always has an HTMLInputElement.
<https://webkit.org/b/122728>

Reviewed by Anders Carlsson.

This renderer is never anonymous and always has a corresponding
HTMLInputElement. Tighten this up by having the constructor take
the element by reference, and override element() with a stronger
return type.

7:46 AM Changeset in webkit [157369] by akling@apple.com

4 edits in trunk/Source/WebCore

Remove two unused AX functions for getting a FrameView*.
<https://webkit.org/b/122724>

Reviewed by Anders Carlsson.

6:26 AM Changeset in webkit [157368] by Antti Koivisto

5 edits in trunk/Source/WebCore

Add traverseNextSkippingChildren to ElementIterators
https://bugs.webkit.org/show_bug.cgi?id=122727

Reviewed by Andreas Kling.

Also switch some code using ElementTraversal over to iterators.

4:39 AM Changeset in webkit [157367] by Antti Koivisto

11 edits in trunk/Source/WebCore

Rename InlineBox::remove() to removeFromParent
https://bugs.webkit.org/show_bug.cgi?id=122725

Reviewed by Andreas Kling.

Also make it clear from the code that all InlineTextBoxes have behavesLikeText set.

4:05 AM Changeset in webkit [157366] by Antti Koivisto

11 edits in trunk/Source/WebCore

Make absoluteQuads/Rects functions return Vectors
https://bugs.webkit.org/show_bug.cgi?id=122722

Reviewed by Andreas Kling.

dom/Document.cpp:

(WebCore::Document::adjustFloatQuadsForScrollAndAbsoluteZoomAndFrameScale):
(WebCore::Document::adjustFloatRectForScrollAndAbsoluteZoomAndFrameScale):

Take RenderStyle instead of RenderObject

dom/Document.h:
dom/Element.cpp:

(WebCore::Element::getClientRects):
(WebCore::Element::getBoundingClientRect):

dom/Range.cpp:

(WebCore::Range::textRects):
(WebCore::Range::textQuads):
(WebCore::Range::getBorderAndTextQuads):

Adapt to the changes.

rendering/RenderObject.h:

Removed unnecessary adjustFloatQuad/RectForAbsoluteZoom functions, inline code to
adjustFloatQuads/RectForScrollAndAbsoluteZoomAndFrameScale.

rendering/RenderText.cpp:

(WebCore::RenderText::absoluteRects):
(WebCore::RenderText::absoluteRectsForRange):
(WebCore::RenderText::absoluteQuadsClippedToEllipsis):
(WebCore::RenderText::absoluteQuads):
(WebCore::RenderText::absoluteQuadsForRange):

rendering/RenderText.h:
rendering/RenderTextLineBoxes.cpp:

(WebCore::RenderTextLineBoxes::absoluteRects):
(WebCore::RenderTextLineBoxes::absoluteRectsForRange):
(WebCore::RenderTextLineBoxes::absoluteQuads):
(WebCore::RenderTextLineBoxes::absoluteQuadsForRange):

rendering/RenderTextLineBoxes.h:

Use return value instead of an out-arg, except for the virtual versions.

4:01 AM Changeset in webkit [157365] by akling@apple.com

6 edits in trunk/Source/WebCore

LiveNodeList: rootNode() and document() should return references.
<https://webkit.org/b/122720>

Reviewed by Antti Koivisto.

Tighten up this code a bit by having rootNode() and document()
return references. Also replaced some handwritten traversal
with a call to Node::lastDescendant().

3:59 AM Changeset in webkit [157364] by akling@apple.com

2 edits in trunk/Source/WebCore

Document::createRenderTree() should assert that there is no arena.
<https://webkit.org/b/122723>

Reviewed by Antti Koivisto.

Calling createRenderTree() with a RenderArena already in place would
be a programming error.

3:16 AM Changeset in webkit [157363] by akling@apple.com

13 edits
5 deletes in trunk/Source

Remove dead ENABLE(CUSTOM_ELEMENTS) code.
<https://webkit.org/b/122721>

Reviewed by Antti Koivisto.

There are no ports building with this flag since April and the code
has bitrotted since. Remove it for now. If someone wants to resurrect
the feature someday, getting back to this point is trivial.

2:39 AM Changeset in webkit [157362] by Antti Koivisto

10 edits in trunk/Source/WebCore

Move absoluteRects/Quads to RenderTextLineBoxes
https://bugs.webkit.org/show_bug.cgi?id=122706

Reviewed by Andreas Kling.

rendering/RenderTextLineBoxes.cpp:

These move.

(WebCore::RenderTextLineBoxes::selectionRectForRange):
(WebCore::RenderTextLineBoxes::setSelectionState):

Also moved a few smaller functions.

2:02 AM Changeset in webkit [157361] by akling@apple.com

9 edits in trunk/Source

Remove dead code hiding behind ENABLE(TOUCH_EVENT_TRACKING).
<https://webkit.org/b/122719>

Reviewed by Antti Koivisto.

Nobody is building with this flag, and it has broken-looking code
behind it anyway. Nuke from orbit.

12:17 AM Changeset in webkit [157360] by akling@apple.com

2 edits in trunk/Source/WebCore

RenderLayer: Check SVG bit instead of element namespace in isTransparent().
<https://webkit.org/b/118171>

Reviewed by Darin Adler.

Replace the (virtual) namespaceURI() check with an isSVGElement() bit check.

rendering/RenderLayer.cpp:

(WebCore::RenderLayer::isTransparent):

12:08 AM Changeset in webkit [157359] by ap@apple.com

12 edits in trunk/Tools

Remove Chromium specific code from flakiness dashboard
https://bugs.webkit.org/show_bug.cgi?id=122714

Reviewed by Sam Weinig.

Also removed code related to GPU tests and virtual suites.
"Fallbacks map" was chromium only too, not sure why they needed special handling there.

TestResultServer/model/jsonresults_unittest.py:
TestResultServer/static-dashboards/builders.js:
TestResultServer/static-dashboards/dashboard_base.js:
TestResultServer/static-dashboards/flakiness_dashboard.html:
TestResultServer/static-dashboards/flakiness_dashboard.js:
TestResultServer/static-dashboards/flakiness_dashboard_tests.css:
TestResultServer/static-dashboards/flakiness_dashboard_unittests.js:
TestResultServer/static-dashboards/history.js:
TestResultServer/static-dashboards/loader.js:
TestResultServer/static-dashboards/ui.js:
TestResultServer/templates/uploadform.html:

Oct 12, 2013:

11:55 PM Changeset in webkit [157358] by Darin Adler

2 edits in trunk/Source/WebCore

Use nullptr in Document.cpp
https://bugs.webkit.org/show_bug.cgi?id=122715

Reviewed by Sam Weinig.

dom/Document.cpp:

(WebCore::widgetForElement):
(WebCore::Document::Document):
(WebCore::Document::~Document):
(WebCore::Document::dropChildren):
(WebCore::Document::getElementByAccessKey):
(WebCore::Document::doctype):
(WebCore::Document::createElement):
(WebCore::Document::createElementNS):
(WebCore::Document::registerElement):
(WebCore::Document::createCDATASection):
(WebCore::Document::createProcessingInstruction):
(WebCore::Document::createEntityReference):
(WebCore::Document::importNode):
(WebCore::Document::adoptNode):
(WebCore::Document::webkitGetNamedFlows):
(WebCore::Document::elementFromPoint):
(WebCore::Document::caretRangeFromPoint):
(WebCore::Document::setTitle):
(WebCore::Document::removeTitle):
(WebCore::Document::view):
(WebCore::Document::page):
(WebCore::Document::settings):
(WebCore::Document::createNodeIterator):
(WebCore::Document::createTreeWalker):
(WebCore::Document::updateStyleIfNeeded):
(WebCore::Document::styleForElementIgnoringPendingStylesheets):
(WebCore::Document::disconnectFromFrame):
(WebCore::Document::destroyRenderTree):
(WebCore::Document::existingAXObjectCache):
(WebCore::Document::axObjectCache):
(WebCore::Document::scriptableDocumentParser):
(WebCore::Document::body):
(WebCore::Document::head):
(WebCore::Document::processBaseElement):
(WebCore::Document::findUnsafeParentScrollPropagationBoundary):
(WebCore::Document::cloneNode):
(WebCore::Document::styleResolverChanged):
(WebCore::Document::removeFocusedNodeOfSubtree):
(WebCore::Document::setFocusedElement):
(WebCore::Document::getWindowAttributeEventListener):
(WebCore::Document::createEvent):
(WebCore::Document::getOverrideStyle):
(WebCore::Document::ownerElement):
(WebCore::Document::setInPageCache):
(WebCore::Document::parentDocument):
(WebCore::Document::createAttributeNS):
(WebCore::Document::initSecurityContext):
(WebCore::Document::resetHiddenFocusElementTimer):
(WebCore::Document::getCSSCanvasContext):
(WebCore::Document::enqueuePopstateEvent):
(WebCore::Document::takeAnyMediaCanStartListener):
(WebCore::Document::requestFullScreenForElement):
(WebCore::Document::webkitExitFullscreen):
(WebCore::Document::webkitWillEnterFullScreenForElement):
(WebCore::Document::webkitDidExitFullScreenForElement):
(WebCore::Document::fullScreenRendererDestroyed):
(WebCore::Document::webkitPointerLockElement):
(WebCore::Document::seamlessParentIFrame):
(WebCore::Document::loader):
(WebCore::eventTargetElementForDocument):
(WebCore::nearestCommonHoverAncestor):
(WebCore::Document::ensureTemplateDocument):
Use nullptr in many places we were using 0.

11:54 PM Changeset in webkit [157357] by Darin Adler

17 edits in trunk/Source

Get rid of the toHTMLElement helper for casting FormAssociatedElement to HTMLElement
https://bugs.webkit.org/show_bug.cgi?id=122713

Reviewed by Sam Weinig.

Source/WebCore:

Since we are using the function name toHTMLElement for casting to an HTMLElement
from a Node or Element, it's awkward to also use it for a quite different type of
type conversion on a FormAssociatedElement. We already have an asHTMLElement member
function, so lets use that.

html/DOMFormData.cpp:

(WebCore::DOMFormData::DOMFormData): Use references instead of pointers, and
asHTMLElement instead of toHTMLElement.

html/FormAssociatedElement.cpp: Made FormAttributeTargetObserver FINAL, made

its private inheritance explicit, made its constructor public so we can use it
with make_unique and got rid of its creation function. Also use reference instead
of a pointer.
(WebCore::FormAssociatedElement::FormAssociatedElement): Use nullptr.
(WebCore::FormAssociatedElement::~FormAssociatedElement): Ditto.
(WebCore::FormAssociatedElement::didMoveToNewDocument): Use asHTMLElement instead
of toHTMLElement and use a reference instead of a pointer.
(WebCore::FormAssociatedElement::insertedInto): Ditto.
(WebCore::FormAssociatedElement::removedFrom): Ditto.
(WebCore::FormAssociatedElement::formRemovedFromTree): Ditto.
(WebCore::FormAssociatedElement::resetFormOwner): Ditto.
(WebCore::FormAssociatedElement::formAttributeChanged): Ditto.
(WebCore::FormAssociatedElement::customError): Ditto.
(WebCore::FormAssociatedElement::resetFormAttributeTargetObserver): Use make_unique
instead of create here.
(WebCore::FormAssociatedElement::name): Use asHTMLElement.
(WebCore::FormAttributeTargetObserver::FormAttributeTargetObserver): Ditto.
(WebCore::FormAttributeTargetObserver::idTargetChanged): Updated since m_element is
now a reference.

html/FormAssociatedElement.h: Removed some unneeded class declarations.

Made isFormAssociatedElement const. Use std::unique_ptr instead of OwnPtr.

html/FormNamedItem.h: Made asHTMLElement return a reference, and overloaded it

for both const and non-const. Made isFormAssociatedElement const.

html/HTMLFormControlElement.h: Updated for FormNamedItem changes. Removed an

unneeded class declaration.

html/HTMLFormControlsCollection.cpp:

(WebCore::HTMLFormControlsCollection::virtualItemAfter): Use references, asHTMLElement,
and nullptr.
(WebCore::firstNamedItem): Ditto.
(WebCore::HTMLFormControlsCollection::namedItem): Ditto.
(WebCore::HTMLFormControlsCollection::updateNameCache): Ditto.

html/HTMLFormElement.cpp:

(WebCore::HTMLFormElement::validateInteractively): Use asHTMLElement and references.
(WebCore::HTMLFormElement::getTextFieldValues): Ditto.
(WebCore::HTMLFormElement::formElementIndexWithFormAttribute): Ditto.
(WebCore::HTMLFormElement::formElementIndex): Ditto.
(WebCore::HTMLFormElement::assertItemCanBeInPastNamesMap): Ditto.
(WebCore::HTMLFormElement::elementFromPastNamesMap): Ditto, and nullptr.

html/HTMLImageElement.h: Updated for FormNamedItem changes.
html/HTMLObjectElement.h: Ditto.

loader/FormSubmission.cpp:

(WebCore::FormSubmission::create): Use asHTMLElement and references.

Source/WebKit/blackberry:

WebKitSupport/InputHandler.cpp:

(BlackBerry::WebKit::InputHandler::updateFormState): Use asHTMLElement.

Source/WebKit/mac:

WebView/WebHTMLRepresentation.mm:

(-[WebHTMLRepresentation elementWithName:inForm:]): Use asHTMLElement.
(-[WebHTMLRepresentation controlsInForm:]): Ditto.

Source/WebKit/win:

WebFrame.cpp:

(WebFrame::controlsInForm): Use asHTMLElement.

11:32 PM Changeset in webkit [157356] by Darin Adler

2 edits in trunk/Source/WebCore

Use nullptr instead of 0 in TreeScope.cpp
https://bugs.webkit.org/show_bug.cgi?id=122711

Reviewed by Andreas Kling.

dom/TreeScope.cpp:

(WebCore::TreeScope::TreeScope):
(WebCore::TreeScope::~TreeScope):
(WebCore::TreeScope::clearDocumentScope):
(WebCore::TreeScope::getElementById):
(WebCore::TreeScope::getAllElementsById):
(WebCore::TreeScope::getElementByName):
(WebCore::TreeScope::ancestorInThisScope):
(WebCore::TreeScope::getImageMap):
(WebCore::nodeFromPoint):
(WebCore::TreeScope::labelElementForId):
(WebCore::TreeScope::getSelection):
(WebCore::TreeScope::findAnchor):
(WebCore::focusedFrameOwnerElement):
(WebCore::TreeScope::focusedElement):
(WebCore::commonTreeScope):
Use a lot more nullptr, and also rewrite one while loop as a for loop.

11:03 PM Changeset in webkit [157355] by Darin Adler

3 edits in trunk/Source/WebCore

Remove the not-much-used isShadowHost function from Element.h
https://bugs.webkit.org/show_bug.cgi?id=122710

Reviewed by Andreas Kling.

dom/Element.h: Removed isShadowHost, which just checks if shadowRoot is null.

page/FocusController.cpp:

(WebCore::FocusNavigationScope::focusNavigationScopeOwnedByShadowHost): Added
individual assertions instead of just asserting isShadowHost.
(WebCore::FocusNavigationScope::focusNavigationScopeOwnedByIFrame): Broke an
assertion with && in it into two assertions.
(WebCore::hasCustomFocusLogic): Changed argument type to be Element& and take
a reference instead of a pointer.
(WebCore::isNonFocusableShadowHost): Made arguments references instead of pointers.
Replaced isShadowHost check with a direct check of whether shadowRoot returns null
or not, which seems nearly as clear.
(WebCore::isFocusableShadowHost): Ditto.
(WebCore::adjustedTabIndex): Ditto.
(WebCore::shouldVisit): Ditto.
(WebCore::FocusController::findFocusableElementDescendingDownIntoFrameDocument):
Updated for changes above.
(WebCore::FocusController::advanceFocusInDocumentOrder): Ditto. Also some nullptr.
(WebCore::FocusController::findFocusableElementAcrossFocusScope): Ditto.
(WebCore::FocusController::findFocusableElementRecursively): Ditto.
(WebCore::FocusController::findElementWithExactTabIndex): Ditto.
(WebCore::nextElementWithGreaterTabIndex): Ditto.
(WebCore::previousElementWithLowerTabIndex): Ditto.
(WebCore::FocusController::nextFocusableElement): Ditto.
(WebCore::FocusController::previousFocusableElement): Ditto.

10:42 PM Changeset in webkit [157354] by Darin Adler

10 edits in trunk/Source/WebCore

Move querySelector from Node to ContainerNode and use references instead of pointers
https://bugs.webkit.org/show_bug.cgi?id=122709

Reviewed by Anders Carlsson.

dom/ContainerNode.cpp:

(WebCore::ContainerNode::querySelector): Moved here from Node. Pass a reference instead
of a pointer to SelectorQuery. Changed return types to RefPtr and raw pointer instead of
PassRefPtr.
(WebCore::ContainerNode::querySelectorAll): Ditto.

dom/ContainerNode.h: Added the new functions.

dom/Element.cpp:

(WebCore::Element::webkitMatchesSelector): Use && instead of an if statement and a reference rather than
a pointer.

dom/Node.cpp: Sorted includes, removed SelectorQuery.h, removed the querySelector functions.

(WebCore::Node::ownerDocument): Use document instead of doc and nullptr instead of 0.

dom/Node.h: Removed the querySelector functions.

dom/SelectorQuery.cpp:

(WebCore::SelectorDataList::selectorMatches): Take references instead of pointers.
(WebCore::SelectorDataList::matches): Ditto.
(WebCore::SelectorDataList::queryAll): Return a RefPtr instead of PassRefPtr.
(WebCore::SelectorDataList::queryFirst): Ditto. Also use nullptr.
(WebCore::selectorForIdLookup): Take references instead of pointers.
(WebCore::isTreeScopeRoot): Ditto.
(WebCore::SelectorDataList::executeFastPathForIdSelector): Ditto.
(WebCore::isSingleTagNameSelector): Ditto.
(WebCore::elementsForLocalName): Ditto. Also use iterators instead of traversal.
(WebCore::anyElement): Ditto.
(WebCore::SelectorDataList::executeSingleTagNameSelectorData): Ditto.
(WebCore::isSingleClassNameSelector): Ditto.
(WebCore::SelectorDataList::executeSingleClassNameSelectorData): Ditto.
(WebCore::SelectorDataList::executeSingleSelectorData): Ditto.
(WebCore::SelectorDataList::executeSingleMultiSelectorData): Ditto.
(WebCore::SelectorDataList::execute): Ditto.
(WebCore::SelectorQueryCache::add): Ditto.

dom/SelectorQuery.h: Update to use ContainerNode, references, and RefPtr and raw pointers

rather than PassRefPtr.

dom/TreeScope.cpp:

(WebCore::TreeScope::getElementById): Use nullptr instead of 0.
(WebCore::TreeScope::getAllElementsById): Ditto.
(WebCore::TreeScope::getElementByName): Ditto.
(WebCore::TreeScope::ancestorInThisScope): Ditto.

inspector/InspectorDOMAgent.cpp:

(WebCore::InspectorDOMAgent::assertNode): Use nullptr instead of 0.
(WebCore::InspectorDOMAgent::assertDocument): Ditto.
(WebCore::InspectorDOMAgent::assertElement): Ditto. Also use isElementNode instead of nodeType.
(WebCore::InspectorDOMAgent::assertEditableNode): Use nullptr instead of 0.
(WebCore::InspectorDOMAgent::assertEditableElement): Ditto.
(WebCore::InspectorDOMAgent::getDocument): Use document instead of doc.
(WebCore::InspectorDOMAgent::querySelector): Changed to pass a ContainerNode.
(WebCore::InspectorDOMAgent::querySelectorAll): Ditto.

10:01 PM Changeset in webkit [157353] by Darin Adler

8 edits in trunk/Source/WebCore

Move code to find elements in slider shadow tree into RangeInputType class, since it creates that tree
https://bugs.webkit.org/show_bug.cgi?id=122708

Reviewed by Anders Carlsson.

accessibility/AccessibilitySlider.cpp:

(WebCore::AccessibilitySliderThumb::elementRect): Use HTMLInputElement::sliderThumbElement
to find the thumb, rather than using the sliderThumbElementOf function.

html/InputType.h: Use nullptr instead of 0. Tweak formatting a bit.

html/RangeInputType.cpp:

(WebCore::RangeInputType::handleMouseDownEvent): Use typedSliderThumbElement function.
(WebCore::RangeInputType::handleTouchEvent): Ditto.
(WebCore::RangeInputType::createShadowSubtree): Fixed assertion to match the code below.
(WebCore::RangeInputType::sliderTrackElement): Moved next to the createShadowSubtree function
since it is finding an element in that subtree. Changed to do the work here instead of calling
a function in another file.
(WebCore::RangeInputType::typedSliderThumbElement): Added. Finds the slider thumb element,
and returns it as a reference with a specific type.
(WebCore::RangeInputType::sliderThumbElement): Changed to call typedSliderThumbElement, loosening
the type, and returning a pointer Changed to call typedSliderThumbElement, loosening
the type, and returning a pointer.
(WebCore::RangeInputType::minOrMaxAttributeChanged): Use typedSliderThumbElement.
(WebCore::RangeInputType::setValue): Ditto.
(WebCore::RangeInputType::listAttributeTargetChanged): Ditto.

html/RangeInputType.h: Marked the class FINAL. Tweaked formatting a bit.

Added the typedSliderThumbElement function.

html/shadow/SliderThumbElement.cpp:

(WebCore::SliderThumbElement::setPositionFromPoint): Call the HTMLInputElement::sliderTrackElement
function instead of having the input element's shadow subtree hierarchy hard-coded here.
(WebCore::SliderThumbElement::cloneElementWithoutAttributesAndChildren): Moved here from the header,
since it's a virtual function that won't be inlined.

html/shadow/SliderThumbElement.h: Removed unneeded forward declarations. Made more virtual

functions private and added more OVERRIDE. Removed the toSliderThumbElement, sliderThumbElementOf,
and sliderTrackElementOf functions.

rendering/RenderSlider.cpp:

(WebCore::RenderSlider::layout): Use HTMLInputElement::sliderThumbElement.
(WebCore::RenderSlider::inDragMode): Ditto.

10:00 PM Changeset in webkit [157352] by Darin Adler

11 edits
1 delete in trunk/Source/WebCore

Remove unneeded extra memory allocation and indirection for ValidityState
https://bugs.webkit.org/show_bug.cgi?id=122705

Reviewed by Anders Carlsson.

CMakeLists.txt: Removed ValidityState.cpp.
GNUmakefile.list.am: Ditto.
WebCore.vcxproj/WebCore.vcxproj: Ditto.
WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
WebCore.xcodeproj/project.pbxproj: Ditto.

html/FormAssociatedElement.cpp: Removed ValidityState.h include and the

FormAssociatedElement::validity function. That function is now an inline
in the ValidityState.h header.

html/FormAssociatedElement.h: Added badInput function, the only function

from the ValidityState interface that was not already present here. Removed
m_validityState.

html/HTMLFormControlElement.cpp: Removed include of ValidityState.h.

(WebCore::HTMLFormControlElement::isValidFormControlElement): Use the valid
function directly instead of indirectly through the validity state.
(WebCore::HTMLFormControlElement::setNeedsValidityCheck): Ditto.

html/ValidityState.cpp: Removed.

html/ValidityState.h: Removed the body of the ValidityState class and

made it effectively a "typedef" for FormAssociatedElement. It's actually
a derived class that adds no members, which is not quite right but will
work just fine for this.
(WebCore::FormAssociatedElement::validity): Implemented; just returns the
FormAssociatedElement, which the bindings expose as a ValidityState.

html/ValidityState.idl: Use SkipVTableValidation instead of

ImplementationLacksVTable because FormAssociatedElement does have a vtable.

9:05 PM Changeset in webkit [157351] by aroben@webkit.org

2 edits in trunk/Source/WebKit/mac

WebViews inside OS X screen savers have large caches, but should not
https://bugs.webkit.org/show_bug.cgi?id=122604

We use WebCacheModelDocumentViewer by default for apps linked against
modern WebKit, and WebCacheModelDocumentBrowser for apps linked
against legacy WebKit. ScreenSaverEngine.app doesn't link against
WebKit at all, and thus falls into the legacy case by accident because
NSVersionOfLinkTimeLibrary("WebKit") returns -1.

But WebViews inside screen savers are almost certainly not being used
as browsers, so this large-ish cache specified by
WebCacheModelDocumentBrowser is wasteful. This is likely true for all
apps that don't directly link against WebKit, so now we use
WebCacheModelDocumentViewer by default for those apps.

Reviewed by Darin Adler.

WebView/WebPreferences.mm:

(cacheModelForMainBundle): Use WebCacheModelDocumentViewer by default
for apps that don't link against WebKit directly. Also converted to
use @autoreleasepool {} and early returns while I was in here.

6:18 PM Changeset in webkit [157350] by Darin Adler

10 edits in trunk/Source/WebCore

Rename toParentMediaElement to parentMediaElement, since it's not a type cast
https://bugs.webkit.org/show_bug.cgi?id=122707

Reviewed by Eric Carlson.

accessibility/AccessibilityMediaControls.cpp:

(WebCore::AccessibilityMediaControlsContainer::controllingVideoElement): Call the
function by its new name, and also remove unnecessary type casting.

html/shadow/MediaControlElementTypes.cpp:

(WebCore::parentMediaElement): Renamed from toParentMediaElement. Changed to use
nullptr. Removed an unnecessary null check.

html/shadow/MediaControlElementTypes.h: Renamed from toParentMediaElement.

Changed the argument to the RenderObject overload to be a reference rather than
a pointer since it doesn't handle null.

html/shadow/MediaControlElements.cpp:

(WebCore::MediaControlClosedCaptionsTrackListElement::defaultEventHandler):
(WebCore::MediaControlClosedCaptionsTrackListElement::updateDisplay):
(WebCore::MediaControlClosedCaptionsTrackListElement::rebuildTrackListMenu):
(WebCore::MediaControlFullscreenButtonElement::defaultEventHandler):
(WebCore::MediaControlTextTrackContainerElement::updateDisplay):
(WebCore::MediaControlTextTrackContainerElement::updateTimerFired):
(WebCore::MediaControlTextTrackContainerElement::clearTextTrackRepresentation):
(WebCore::MediaControlTextTrackContainerElement::updateSizes):
(WebCore::MediaControlTextTrackContainerElement::createTextTrackRepresentationImage):
Updated to use the new name. Also use nullptr.

html/shadow/MediaControlsBlackBerry.cpp:

(WebCore::MediaControlFullscreenFullscreenButtonElement::defaultEventHandler):
Updated to use the new name.

platform/blackberry/RenderThemeBlackBerry.cpp:

(WebCore::determineFullScreenMultiplier):
(WebCore::RenderThemeBlackBerry::adjustMediaControlStyle):
(WebCore::RenderThemeBlackBerry::paintMediaPlayButton):
(WebCore::RenderThemeBlackBerry::paintMediaRewindButton):
(WebCore::RenderThemeBlackBerry::paintMediaMuteButton):
(WebCore::RenderThemeBlackBerry::paintMediaFullscreenButton):
(WebCore::RenderThemeBlackBerry::paintMediaSliderTrack):
(WebCore::RenderThemeBlackBerry::paintMediaVolumeSliderTrack):
Updated to use the new name.

platform/efl/RenderThemeEfl.cpp:

(WebCore::RenderThemeEfl::paintMediaSliderTrack):
Updated to use the new name.

platform/gtk/RenderThemeGtk.cpp:

(WebCore::RenderThemeGtk::paintMediaSliderTrack):
(WebCore::RenderThemeGtk::paintMediaVolumeSliderTrack):
Updated to use the new name.

rendering/RenderMediaControls.cpp:

(WebCore::RenderMediaControls::paintMediaControlsPart):
Call the function by its new name and with a reference instead of a pointer.

3:33 PM Changeset in webkit [157349] by Antti Koivisto

6 edits in trunk/Source/WebCore

Move positionForPoint to RenderTextLineBoxes
https://bugs.webkit.org/show_bug.cgi?id=122703

Reviewed by Andreas Kling.

3:23 PM Changeset in webkit [157348] by akling@apple.com

4 edits in trunk/Source/WebCore

Remove unused ScrollingCoordinator hooks.
<https://webkit.org/b/122701>

Reviewed by Anders Carlsson.

Remove leftover ScrollingCoordinator hooks that were only used
by the Chromium port.

2:14 PM Changeset in webkit [157347] by zandobersek@gmail.com

2 edits in trunk/Source/WebCore

[Soup] The NeverDestroyed<std::unique_ptr<NetworkStorageSession>> variable in defaultSession() should be static
https://bugs.webkit.org/show_bug.cgi?id=122700

Reviewed by Anders Carlsson.

platform/network/soup/NetworkStorageSessionSoup.cpp:

(WebCore::defaultSession): The NeverDestroyed variable should be static to avoid its reinitialization every time
the function is called. This was exposed by r157337 and should fix the subsequent crashes.

1:33 PM Changeset in webkit [157346] by Antti Koivisto

4 edits in trunk/Source/WebCore

Move line dirtying code to RenderTextLineBoxes
https://bugs.webkit.org/show_bug.cgi?id=122699

Reviewed by Andreas Kling.

rendering/RenderTextLineBoxes.cpp:

(WebCore::RenderTextLineBoxes::removeAllFromParent):

Also moved the removal loop.

(WebCore::RenderTextLineBoxes::dirtyAll):
(WebCore::RenderTextLineBoxes::dirtyRange):

11:40 AM Changeset in webkit [157345] by Antti Koivisto

5 edits in trunk/Source/WebCore

Move more code to RenderTextLineBoxes
https://bugs.webkit.org/show_bug.cgi?id=122697

Reviewed by Andreas Kling.

rendering/RenderTextLineBoxes.cpp:

(WebCore::RenderTextLineBoxes::boundingBox):
(WebCore::RenderTextLineBoxes::visualOverflowBoundingBox):
(WebCore::RenderTextLineBoxes::hasRenderedText):
(WebCore::RenderTextLineBoxes::caretMinOffset):
(WebCore::RenderTextLineBoxes::caretMaxOffset):

Moved these.

11:34 AM Changeset in webkit [157344] by ap@apple.com

8 edits in trunk/Source

Add a feature define for SubtleCrypto
https://bugs.webkit.org/show_bug.cgi?id=122683

Reviewed by Anders Carlsson.

Source/JavaScriptCore:

Configurations/FeatureDefines.xcconfig:

Source/WebCore:

Configurations/FeatureDefines.xcconfig:

Source/WebKit/mac:

Configurations/FeatureDefines.xcconfig:

Source/WebKit2:

Configurations/FeatureDefines.xcconfig:

11:26 AM Changeset in webkit [157343] by akling@apple.com

3 edits in trunk/Source/WebCore

Generate tighter isFooElement() functions for HTML elements.
<https://webkit.org/b/122696>

Reviewed by Antti Koivisto.

Specialize HTML element type checking helpers to only compare the
localName and not the fully qualified tag name.

11:16 AM Changeset in webkit [157342] by akling@apple.com

27 edits in trunk/Source

Replace static cast ASSERTs with ASSERT_WITH_SECURITY_IMPLICATION
https://bugs.webkit.org/show_bug.cgi?id=120803

Patch by Jessica Pease <jessica_n_pease@apple.com> on 2013-09-27
Reviewed by Andreas Kling.

No new tests because we're just changing assertions.

Source/WebCore:

accessibility/AccessibilityMockObject.h:

(WebCore::toAccessibilityMockObject):

bindings/js/JSCanvasRenderingContextCustom.cpp:

(WebCore::toJS):

bindings/js/ScheduledAction.cpp:

(WebCore::ScheduledAction::execute):

css/CSSGradientValue.cpp:

(WebCore::CSSGradientValue::image):

css/DeprecatedStyleBuilder.cpp:

(WebCore::ApplyPropertyTextUnderlinePosition::applyValue):

dom/Element.cpp:

(WebCore::Element::elementRareData):
(WebCore::Element::synchronizeAttribute):

dom/FocusEvent.h:

(WebCore::toFocusEvent):

dom/MouseEvent.h:

(WebCore::toMouseEvent):

dom/Node.cpp:

(WebCore::Node::rareData):

dom/StyledElement.cpp:

(WebCore::StyledElement::ensureMutableInlineStyle):

dom/TouchEvent.h:

(WebCore::toTouchEvent):

editing/CompositeEditCommand.h:

(WebCore::toCompositeEditCommand):

html/HTMLObjectElement.cpp:

(WebCore::HTMLObjectElement::shouldAllowQuickTimeClassIdQuirk):

html/track/AudioTrack.h:

(WebCore::toAudioTrack):

html/track/TextTrack.h:

(WebCore::toTextTrack):

html/track/VideoTrack.h:

(WebCore::toVideoTrack):

inspector/InspectorCSSAgent.cpp:

(WebCore::InspectorCSSAgent::buildObjectForAttributesStyle):

loader/cache/CachedResourceClientWalker.h:

(WebCore::CachedResourceClientWalker::next):

page/FrameView.h:

(WebCore::toFrameView):

rendering/InlineBox.cpp:

(WebCore::InlineBox::root):

rendering/RenderBlockLineLayout.cpp:

(WebCore::RenderBlock::createLineBoxesFromBidiRuns):

rendering/svg/SVGPathData.cpp:

(WebCore::updatePathFromEllipseElement):
(WebCore::updatePathFromLineElement):
(WebCore::updatePathFromPolygonElement):
(WebCore::updatePathFromPolylineElement):

workers/WorkerMessagingProxy.cpp:

(WebCore::WorkerMessagingProxy::startWorkerGlobalScope):

xml/XMLHttpRequest.cpp:

(WebCore::XMLHttpRequest::document):

Source/WebKit2:

Shared/Plugins/NPObjectProxy.h:

(WebKit::NPObjectProxy::toNPObjectProxy):

WebProcess/Plugins/Netscape/NPJSObject.h:

(WebKit::NPJSObject::toNPJSObject):

11:03 AM Changeset in webkit [157341] by akling@apple.com

27 edits in trunk/Source

Replace bounds checking ASSERTs with ASSERT_WITH_SECURITY_IMPLICATION
https://bugs.webkit.org/show_bug.cgi?id=120893

Patch by Jessica Pease <jessica_n_pease@apple.com> on 2013-09-06
Reviewed by Darin Adler.

Source/WebCore:

Modules/indexeddb/IDBKeyPath.cpp:

(WebCore::IDBKeyPathLexer::lex):

Modules/indexeddb/IDBLevelDBCoding.cpp:

(WebCore::IDBLevelDBCoding::compareEncodedIDBKeys):

bindings/js/JSCSSStyleDeclarationCustom.cpp:

(WebCore::cssPropertyIDForJSCSSPropertyName):

css/CSSFontSelector.cpp:

(WebCore::compareFontFaces):

css/CSSParser.cpp:

(WebCore::CSSParser::rewriteSpecifiers):

html/HTMLCollection.cpp:

(WebCore::traverseMatchingElementsForwardToOffset):
(WebCore::LiveNodeListBase::traverseChildNodeListForwardToOffset):
(WebCore::HTMLCollection::traverseForwardToOffset):

html/HTMLFontElement.cpp:

(WebCore::parseFontSize):

html/parser/HTMLParserIdioms.cpp:

(WebCore::parseHTMLIntegerInternal):
(WebCore::parseHTMLNonNegativeIntegerInternal):

inspector/InspectorStyleSheet.h:

(WebCore::InspectorStyleProperty::setRawTextFromStyleDeclaration):

platform/graphics/StringTruncator.cpp:

(WebCore::centerTruncateToBuffer):
(WebCore::rightTruncateToBuffer):
(WebCore::truncateString):

platform/graphics/TextRun.h:

(WebCore::TextRun::subRun):

platform/text/BidiRunList.h:

(WebCore::::reverseRuns):

rendering/svg/SVGInlineTextBox.cpp:

(WebCore::SVGInlineTextBox::selectionRectForTextFragment):
(WebCore::SVGInlineTextBox::mapStartEndPositionsIntoFragmentCoordinates):

rendering/svg/SVGTextChunkBuilder.cpp:

(WebCore::SVGTextChunkBuilder::buildTextChunks):

rendering/svg/SVGTextLayoutEngine.cpp:

(WebCore::SVGTextLayoutEngine::currentLogicalCharacterMetrics):

rendering/svg/SVGTextQuery.cpp:

(WebCore::SVGTextQuery::mapStartEndPositionsIntoFragmentCoordinates):

svg/SVGAnimationElement.cpp:

(WebCore::SVGAnimationElement::currentValuesForValuesAnimation):

svg/SVGPathByteStreamSource.h:

(WebCore::SVGPathByteStreamSource::readType):

Source/WebKit2:

Shared/Plugins/PluginQuirks.h:

(WebKit::PluginQuirks::add):

Source/WTF:

wtf/BumpPointerAllocator.h:

(WTF::BumpPointerPool::ensureCapacity):
(WTF::BumpPointerPool::alloc):
(WTF::BumpPointerPool::ensureCapacityCrossPool):

wtf/FastMalloc.cpp:

(WTF::TCMalloc_ThreadCache::CreateCacheIfNecessary):

wtf/StringPrintStream.cpp:

(WTF::StringPrintStream::increaseSize):

wtf/dtoa/utils.h:

(WTF::double_conversion::BufferReference::SubBufferReference):

wtf/text/WTFString.cpp:

(WTF::String::fromUTF8):

10:41 AM Changeset in webkit [157340] by Antti Koivisto

9 edits
2 adds in trunk/Source/WebCore

Factor line box code from RenderText to a class
https://bugs.webkit.org/show_bug.cgi?id=122694

Reviewed by Andreas Kling.

Create RenderTextLineBoxes and move some line box specific code there.

8:15 AM Changeset in webkit [157339] by commit-queue@webkit.org

2 edits in trunk/Source/JavaScriptCore

Fix potential register trampling in JIT since r157313.
https://bugs.webkit.org/show_bug.cgi?id=122691

Patch by Julien Brianceau <jbriance@cisco.com> on 2013-10-12
Reviewed by Michael Saboff.

jit/CCallHelpers.h:

(JSC::CCallHelpers::setupArgumentsWithExecState):

7:51 AM Changeset in webkit [157338] by Antti Koivisto

5 edits in trunk/Source/WebCore

Replace RenderText::renderedTextLength with hasRenderedText
https://bugs.webkit.org/show_bug.cgi?id=122693

Reviewed by Andreas Kling.

7:15 AM Changeset in webkit [157337] by Darin Adler

37 edits in trunk/Source

Use unique_ptr instead of delete in a few places
https://bugs.webkit.org/show_bug.cgi?id=122639

Reviewed by Anders Carlsson.

Source/WebCore:

Modules/webdatabase/DatabaseBackendBase.cpp:

(WebCore::guidToDatabaseMap): Use NeverDestroyed instead of DEFINE_STATIC_LOCAL.
(WebCore::guidForOriginAndName): Ditto.
(WebCore::DatabaseBackendBase::DatabaseBackendBase): Removed unneeded initialization
of m_guid, which is set in the body of the constructor explicitly anyway. Use emptyString.
Use unique_ptr for the values in the map. Use the add idiom instead of the get/set idiom.
(WebCore::DatabaseBackendBase::closeDatabase): Use the find/remove idiom instead of the
get/remove idiom.
(WebCore::DatabaseBackendBase::performOpenAndVerify): Use auto here to avoid having to
use the map type by name.

loader/cache/CachedFont.cpp:

(WebCore::CachedFont::CachedFont): Don't initialize m_fontData to 0; unique_ptr will do that.
(WebCore::CachedFont::~CachedFont): Don't delete m_fontData. unique_ptr will do that.
(WebCore::CachedFont::ensureCustomFontData): Add a get.
(WebCore::CachedFont::allClientsRemoved): Don't delete m_fontData. Use nullptr instead of 0.

loader/cache/CachedFont.h: Changed m_fontData to a unique_ptr.

platform/graphics/BitmapImage.cpp:

(WebCore::BitmapImage::BitmapImage): Don't initialize m_frameTimer to 0; unique_ptr will do that.
(WebCore::BitmapImage::startAnimation): Use make_unique to create the timer.
(WebCore::BitmapImage::stopAnimation): Don't delete m_frameTimer. Use nullptr instead of 0.

platform/graphics/BitmapImage.h: Changed m_FrameTimer to a unique_ptr.
platform/graphics/cg/BitmapImageCG.cpp:

(WebCore::BitmapImage::BitmapImage): Don't initialize m_frameTimer to 0; unique_ptr will do that.

platform/graphics/mac/FontCustomPlatformData.cpp:

(WebCore::FontCustomPlatformData::~FontCustomPlatformData): Don't call CGFontRelease on m_cgFont.
(WebCore::FontCustomPlatformData::fontPlatformData): Use get on m_cgFont.
(WebCore::createFontCustomPlatformData): Use nullptr instead of 0, and make_unique instead of new.

platform/graphics/mac/FontCustomPlatformData.h: Chnaged m_cgFont to be a RetainPtr, and the

return value from createFontCustomPlatformData to be a unique_ptr.

platform/graphics/blackberry/FontCustomPlatformData.h:
platform/graphics/blackberry/FontCustomPlatformDataBlackBerry.cpp: