Opera Software upstreamed commits

Upstreamed commits in Chromium: 6822, V8: 54, Skia: 12, BoringSSL: 16.

Click message to expand


Author Message When
Include less from Node.h
Node.h is a popular header, so this affects compilation times.

Change-Id: Iea71e63f518885aa7c1552470f75b78a1e29a4cf
Reviewed-on: https://chromium-review.googlesource.com/668370
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Reviewed-by: Kent Tamura <tkent@chromium.org>
Commit-Queue: Kent Tamura <tkent@chromium.org>
Cr-Commit-Position: refs/heads/master@{#502493}
CHR-6375: Fixed crash on fallback from ANGLE to SwiftShader.
During fallback from ANGLE to SwiftShader it is required to unload
ANGLE libraries, otherwise SwiftShader will fail to load its own
libGLESv2 library.

Fixed ANGLE platform reset.

Fixed memory leak on X11 by fixing order in ShutdownGL.

Leak was occuring during fallback from libGL to software GL implementation
because ShutdownGL was cleaning GL implementation info before unloading
GL and therefore libGL was unloaded with known issue crbug.com/250813

Previous attempt with memory leak:

Reverted in:

Bug: 760063, 761930
Cq-Include-Trybots: master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
Change-Id: Ibea80f560aa50ba48cbff6f39a664095db38daaf
Reviewed-on: https://chromium-review.googlesource.com/668357
Reviewed-by: Jamie Madill <jmadill@chromium.org>
Reviewed-by: Antoine Labour <piman@chromium.org>
Commit-Queue: Jamie Madill <jmadill@chromium.org>
Cr-Commit-Position: refs/heads/master@{#502409}
[LayoutNG] Border and padding on multicol containers.
Code was missing both on the column fragment positioning side, and on
the legacy write-back side.

Moved the call to UpdateLegacyMultiColumnFlowThread() further
down. Apart from making sense (nice to have written back the size of
the multicol container before updating the flow thread), this became
necessary now, because otherwise ValidateColumnSets() would nuke the
logical width of the flow thread, now that the flow thread gets its
logical width set earlier.

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: I1f6906f488b0251d4a00117e66ae6e06649568d6
Reviewed-on: https://chromium-review.googlesource.com/668372
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Cr-Commit-Position: refs/heads/master@{#502406}
Enable Skia's SkImageGenerator implementation
The SkImageGenerator_none.cpp implementation of
SkImageGenerator::MakeFromEncodedImpl always produce empty output.

Bug: 758459
Change-Id: I0745e28c7c9f4aa09efbe0f0de7c88faab87f868
Reviewed-on: https://chromium-review.googlesource.com/668408
Reviewed-by: Leon Scroggins <scroggo@chromium.org>
Commit-Queue: Fredrik Söderquist <fs@opera.com>
Cr-Commit-Position: refs/heads/master@{#502401}
Propagate GlobalPaintFlags to EmbeddedContentView::Paint
The global paint flags - like the kGlobalPaintFlattenCompositingLayers
flag - were lost when descending into frames for painting. This would
cause composited layers to not be painted.
Add a GlobalPaintFlags argument to EmbeddedContentView::Paint, and pass
the flags carried by PaintInfo to it, and propagate as needed.

Bug: 765099
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_slimming_paint_v2
Change-Id: I8c824dd12e7caa4c65cfd0bf0c3ab8de69ddfcfb
Reviewed-on: https://chromium-review.googlesource.com/667160
Reviewed-by: Chris Harrelson <chrishtr@chromium.org>
Reviewed-by: Philip Rogers <pdr@chromium.org>
Commit-Queue: Fredrik Söderquist <fs@opera.com>
Cr-Commit-Position: refs/heads/master@{#502328}
[LayoutNG] Unbreakable content in block fragmentation.
This introduces limited support break-inside:avoid on in-flow block-level
elements. After layout, if we discover that we need to insert a break in front
a node, in order to honor break-inside:avoid, drop the fragment and retry at
the start of the next fragmentainer.

The constraint spaces now need to know the full fragmentainer block size, in
addition to what they have available. It's only when the available size is less
than the full fragmentainer size, that we can break before some node. Otherwise
there'd be no progress, and we'd end up with an infinite number of empty

Since I wanted to DCHECK that we only break before the first fragment of some
node, and therefore needed IsFirstFragment(), I moved that function along with
its friends from the anonymous namespace of ng_block_node.cc to a new
ng_fragmentation_utils.h file. There's some uncertainty as to how to treat
non-box fragments here, but we can figure that out later.

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: I0ad419177d174fdc787061206ee1abd86deb8943
Reviewed-on: https://chromium-review.googlesource.com/666816
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Cr-Commit-Position: refs/heads/master@{#502217}
Support jumbo in blink/platform (-20.5 CPU minutes)
Supporting jumbo in blink/platform saves about 20.5 CPU minutes on
the reference hardware.

A few files are still excluded and that is tracked in referenced bugs.


Bug: 761475
Change-Id: Ibdd1916f24c50c0ef2c62ca0b1c3b3e80643fb5d
Reviewed-on: https://chromium-review.googlesource.com/652998
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#502211}
Rebuild non-distributed children with separate WhitespaceAttacher.
We used to pass in the same WhitespaceAttacher to the pass over non-
distributed child nodes which caused DidVisitText() to mess up the
whitespace re-attachment of whitespace being the left-most node of the
distributed nodes. In particular if there was a ::before element
changing display type preceding that left-most space.

Instead, make a RebuildNonDistributedChildren() method which passes in
a separate WhitespaceAttacher.

Bug: 765090
Change-Id: I4fd3bd417d7a5d7accdcb8b6155991093ab05f50
Reviewed-on: https://chromium-review.googlesource.com/666681
Reviewed-by: nainar <nainar@chromium.org>
Reviewed-by: meade_UTC10 <meade@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#502202}
Always rebuild layout tree for shadow root when host is rebuilt.
We tried to do a light-weight search for the first in-flow or text
child of the shadow root when shadow root children didn't need a
rebuild. This was done to make the WhiteAttacher point to the correct
text node when re-attaching the ::before element.

This code did not properly handle slots and insertion points. Also,
supporting display:contents for ::after means we will have to traverse
shadow root children from its last node until we find the first in-flow
to properly attach a space inside an ::after element.

For simplicity, and correctness, walk the shadow root children using
RebuildChildrenLayoutTrees() instead.

Bug: 764686
Change-Id: Icb9f8db7172ea54bd876fd95ca722c2906b4c639
Reviewed-on: https://chromium-review.googlesource.com/667138
Reviewed-by: nainar <nainar@chromium.org>
Reviewed-by: meade_UTC10 <meade@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#502194}
Forward cflags/cflags_cc in fuzzer gn template
Forwarding more of the usual gn variables is likely less surprising
-- defines and include_dirs are already forwarded, so add cflags and
cflags_cc too so it takes less effort to suppress a stray warning when
writing a fuzzer test case.

Change-Id: I5a490e4f2520871bdf649fc3ea3b75bbea0653df
Reviewed-on: https://chromium-review.googlesource.com/663860
Reviewed-by: Oliver Chang <ochang@chromium.org>
Reviewed-by: Max Moroz <mmoroz@chromium.org>
Commit-Queue: Tomasz Sniatowski <tsniatowski@opera.com>
Cr-Commit-Position: refs/heads/master@{#501926}
[LayoutNG] Update multicol FlagExpectations for LayoutNG
Two multicol tests time out flakily, but if they don't, they pass.


Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: I63f2434629f833c6d52f0a4672faa1a3be1fa8a3
Reviewed-on: https://chromium-review.googlesource.com/666619
Reviewed-by: Koji Ishii <kojii@chromium.org>
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#501923}
LayoutNG] Calculate available fragmentainer space correctly.
When processing children, we forgot to subtract the BFC offset. We just used
the value returned from the constraint space's FragmentainerSpaceAvailable()
directly. Renamed that method in both the constraint space and the builder to
FragmentainerSpaceAtBfcStart(), to make it clear that this value doesn't
necessarily return the space available to the block currently being laid out.

Added FragmentainerSpaceAvailable() to the block algorithm instead, and also
moved IsOutOfSpace() into the class.

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: If1232a1a33dd4c7655339eed2a88104b98f06bc0
Reviewed-on: https://chromium-review.googlesource.com/664805
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Cr-Commit-Position: refs/heads/master@{#501750}
Rework normalization in LayoutSVGInlineText
When performing (whitespace) normalization in an OriginalText override,
we miss normalization when the layout object has its text content
Perform the normalization in the SetTextInternal override instead to
cover the text-content-update case as well.

Bug: 645597
Change-Id: Id65cbbe75dbcc636f4cde38b8bb8887d05caf1d7
Reviewed-on: https://chromium-review.googlesource.com/664812
Reviewed-by: Stephen Chenney <schenney@chromium.org>
Commit-Queue: Fredrik Söderquist <fs@opera.com>
Cr-Commit-Position: refs/heads/master@{#501678}
[LayoutNG] Detect breaks that occur at the exact start of blocks.
Such breaks used to go unnoticed and cause misery and assorted unpleasantries.
Upgraded test expectations. Added a unit test.

As long as we haven't both got an in-flow child that broke AND exceeded
available fragmentainer space, we need to continue and lay out its siblings. A
block of zero height at a fragmentainer boundary actually belongs in the former
fragmentainer, not the latter. A consequence of this change is that even
non-zero height blocks that start at a fragmentainer boundary gets a
zero-height fragment in the former fragmentainer, before it continues in the
next fragmentainer. We may want to avoid this, but I'm not sure what's more
correct yet (or if it matters at all).

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: I50e862d8c0dc787a47b799e2e639e5ca7ba57158
Reviewed-on: https://chromium-review.googlesource.com/663141
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#501588}
[LayoutNG] Prevent breaks from escaping the containing fragmentation context.
The call sites that call NGFragmentBuilder::AddChild() also need to explicitly
propagate breaks to their container, if that's what they want. The column
layout algoirithm *doesn't* want this.

Bug: 757767
Change-Id: I203c045fc85a65303dfe4c0cdad20eb60e64fba2
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Reviewed-on: https://chromium-review.googlesource.com/663859
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Cr-Commit-Position: refs/heads/master@{#501444}
Fix indentation in SVGImage::DataChanged
Change-Id: If895e92065d23e3da4f5d659c114abf024038b38
Reviewed-on: https://chromium-review.googlesource.com/663537
Commit-Queue: Fredrik Söderquist <fs@opera.com>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Reviewed-by: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#501319}
Make the forward declaration of ShapeResultSpacing correct.
The lack of PLATFORM_EXPORT on the forward declaration made the compiler
generate non-exported template instantiations which later caused linker
errors when those methods were missing.

R=drott@chromium.org, mstensho@opera.com

Bug: 764255
Change-Id: I2e03b924185dd7787d8129aa4c3c93716341cdbd
Reviewed-on: https://chromium-review.googlesource.com/663377
Reviewed-by: Dominik Röttsches <drott@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#501260}
Removed unused member variable in OpenTypeCapsSupport
Jumbo builds (where the compiler has more information) noticed that
run_ is unused and emitted a warning.


Change-Id: I4a975375cfc772e77dd5e9692c5cdc982a8453c1
Reviewed-on: https://chromium-review.googlesource.com/663179
Commit-Queue: Daniel Bratell <bratell@opera.com>
Commit-Queue: Dominik Röttsches <drott@chromium.org>
Reviewed-by: Dominik Röttsches <drott@chromium.org>
Cr-Commit-Position: refs/heads/master@{#501256}
[LayoutNG] Update test expectations to get rid of *some* of the unexpected passes.
All probably related to a recent change to TextIterator [1], which made legacy
layout dump text identically to what NG does.

[1] https://chromium-review.googlesource.com/c/chromium/src/+/653665


Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Bug: 758816
Change-Id: Idda7617e54d254d76bf170cb59c8cd7c9ddd16d6
Reviewed-on: https://chromium-review.googlesource.com/663037
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Koji Ishii <kojii@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#501234}
Avoid implicit conversion to CGRect and CGSize.
Implicit conversion to CGRect and CGSize can create extra conversion paths
(if known) between various rect/size types. Such extra conversion paths
can make the compiler fail to compile because of ambiguity.

Since conversions between CGRect and CGSize and internal types are lossy
both ways (float <-> int), it's best to avoid them anyway except when
they are really needed so this patch makes the cast operators explicit.

Short term, the implicit conversions break jumbo builds since the compiler
there knows "too much" and gets confused.

Bug: 761475
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_slimming_paint_v2
Change-Id: I7b29fba20d4dd836015a594081f4e6256bd42732
Reviewed-on: https://chromium-review.googlesource.com/657645
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#500928}
Adjustments for LayoutNG in LayoutBlockFlow line layout.
LayoutNG ignores LayoutMultiColumnFlowThread objects, so that the DOM
children of a multicol container become actual layout children of said
multicol container (on the NG side), without any intervening flow
thread block. However, the flow thread is still created even in NG (to
be able to paint and hit-test using the legacy layout structure), so
when NG invokes the legacy engine to lay out lines, we need to be able
to stop walking the ancestry when reaching the flow thread.

This fixes a bunch of crashing tests. They will now either pass or
fail (without crashing) instead.

Bug: 757767
Change-Id: I55693c34aefe53b47ceb7d7490059cc1182e5ff8
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Reviewed-on: https://chromium-review.googlesource.com/660297
Reviewed-by: Koji Ishii <kojii@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#500925}
Unduplicated test helper function compare_markers.
The 3 copies of compare_markers collided in jumbo builds.

Bug: 745732
Change-Id: I4363201af5e78dfa5ee59148c48d89feeeaa1a80
Reviewed-on: https://chromium-review.googlesource.com/653277
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#500918}
PlzNavigate: Fix multiple extra_headers in LoadUrlWithParams
NavigationControllerImpl operates on LoadURLParams, which state
"Extra headers for this load, separated by \n.", and on
NavigationEntryImpl, which state "Extra headers (separated by \r\n)
to send during the request". However, there is no conversion
from one form to the other, instead the extra headers are passed

This is not an issue when PlzNavigate is not enabled, because there
are more conversions on the way to and from the renderer, and things
end up working anyway. However, the shorter path of PlzNavigate
makes code further down choke on improper data when more than one
header is passed.

Fix by converting LF to CRLF when moving from LoadURLParams to
NavigationEntryImpl, and by adding a second header to a bunch of tests
that only sent one extra_header, thus not showing the problem.


Cq-Include-Trybots: master.tryserver.chromium.linux:linux_site_isolation
Change-Id: I3e492520c8bd059b0d00107b38cfdf6daa8d96f2
Reviewed-on: https://chromium-review.googlesource.com/659577
Commit-Queue: Tomasz Sniatowski <tsniatowski@opera.com>
Reviewed-by: Camille Lamy <clamy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#500905}
Fix jumbo build.
A static IsPositionValidFor() got added to two .cpp files almost at the same
time. Made them non-static and declared them in Position.h


Change-Id: I50d7006b20ddba2b7f58906eb167107cb38933e6
Reviewed-on: https://chromium-review.googlesource.com/659658
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#500887}
Avoid global "using namespace std"
Importing all of namespaces into the global level causes problems with
jumbo builds (and also coding style). This patch removes a few
using namespace std;
from WTF.

Bug: 761475
Change-Id: Ibdb073db243c960058d06433666f24c6880f40a8
Reviewed-on: https://chromium-review.googlesource.com/657642
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#500877}
Renamed IsValid in blink/platform/network unit tests
Both ParsedContentDispositionTest and ParsedContentTypeTest used a local
helper function named IsValid. That is normally no big deal
but in jumbo builds they can be compiled in the same translation unit
and then the function will collide. This patch gives the functions
unique names so that no tests have to be excluded from jumbo.

Bug: 745732
Change-Id: Icc591553e54062eb189d8c7df243191c3f75f42a
Reviewed-on: https://chromium-review.googlesource.com/657840
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#500860}
Reevaluate SVGImageElement 'href' when moving to a new document
This aligns the behavior of SVGImageElement to that of HTMLImageElement
for when the element is moved to a new document.

Bug: 720310
Change-Id: I2d78778a40de874fe45b710a0f284ded6cc8b84b
Reviewed-on: https://chromium-review.googlesource.com/657384
Reviewed-by: Stephen Chenney <schenney@chromium.org>
Commit-Queue: Fredrik Söderquist <fs@opera.com>
Cr-Commit-Position: refs/heads/master@{#500655}
[LayoutNG] Ignore block-start margin in subsequent fragments.
The block-start margin only matters in the first fragmentainer where the node
occurs. This used to trigger DCHECK failures.

The new unit test used to DCHECK-fail (but would pass with DCHECKs disabled).

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: I8ee47f0d08a989f121c5bd8f18806398a4d6d837
Reviewed-on: https://chromium-review.googlesource.com/657182
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#500614}
Include ComputedStyle.h from fewer header files.
Brings down the number of translation units that depend on ComputedStyle.h by
268 (from around 1250).

A recent CL, https://chromium-review.googlesource.com/648536 increased the
number of dependent translation units by 222, so this CL should cancel out the
build time slowdown introduced by that CL.

Change-Id: Ic3eef583dd9679c5e5f94d99b5366003f96b89d8
Reviewed-on: https://chromium-review.googlesource.com/656117
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: meade_UTC10 <meade@chromium.org>
Reviewed-by: Eric Willigers <ericwilligers@chromium.org>
Reviewed-by: Jia Meng <jiameng@chromium.org>
Cr-Commit-Position: refs/heads/master@{#500553}
Skip CharCategory alias since it was only used once
The CharCategory alias caused issues with jumbo builds. Too many
different interpretations of the symbol CharCategory triggered
compilation error. Since this alias really doesn't add any value,
it's easy to just drop it.

Bug: 761475
Change-Id: I8473fda6104a520f1464a88d49ba73599ea5fc62
Reviewed-on: https://chromium-review.googlesource.com/654838
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#500548}
Use Previous/NextSibling instead of Slow*Child().
The former methods should be faster.

Change-Id: I1fb5ae5eeaea78b561cffbe6a78594af0f7a75b6
Reviewed-on: https://chromium-review.googlesource.com/655078
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#500402}
Remove unused state from TextTrackLoader
Merge kIdle and kLoading using the name of the latter.

Bug: 466083
Change-Id: I51041fac66a18df6ff0801bcc9606c1f1c04126d
Reviewed-on: https://chromium-review.googlesource.com/652473
Reviewed-by: Philip Jägenstedt <foolip@chromium.org>
Commit-Queue: Fredrik Söderquist <fs@opera.com>
Cr-Commit-Position: refs/heads/master@{#500382}
Remove unused "using base::Time"
When experimenting with jumbo builds in content this Time conflicts
with other things, and since it's unused it's easy to just remove it.

Change-Id: I853e2da58963c875158b750839a706e49edad93e
Reviewed-on: https://chromium-review.googlesource.com/653161
Reviewed-by: Avi Drissman <avi@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#500370}
[LayoutNG] Customized fragment tree dumping, for use in unit tests.
Add a dump method to NGPhysicalFragment that returns a string, in addition to
the one we already have, that dumps to stderr. Add flags, so that callers can
pick exactly what to dump.

Change most of the column layout algorithm tests to compare a fragment dump
tree string to an expectation string. Maintaining and following what was going
on inside those tests was at the brink of what's humanly possible.

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: I3151509d0cfb189c2330557bf25ef16b1a78f478
Reviewed-on: https://chromium-review.googlesource.com/652467
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Reviewed-by: Aleks Totic <atotic@chromium.org>
Cr-Commit-Position: refs/heads/master@{#500353}
Avoid the name UnicodeRange in tests since it already exists
There is a platform/fonts type UnicodeRange so creating a function
with the same name causes confusion in jumbo builds where both
the type and the function will be known to the compiler at the same


Bug: 745732
Change-Id: Id8c9ebfb7289cd546979638814b3e67b169f6671
Reviewed-on: https://chromium-review.googlesource.com/655457
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#500320}
Deduplicate a couple of hash function in platform/fonts.
In jumbo builds the two implementations of AddToHash and
AddFloatToHash collided. The AddToHash implementations were identical
while AddFloatToHash were slightly different, but it seems better for
everyone to merge them to a single set of functions.

Bug: 761475
Change-Id: I547b432970a4f4f03e2fea7af1e7bfdf400de149
Reviewed-on: https://chromium-review.googlesource.com/651418
Reviewed-by: Dominik Röttsches <drott@chromium.org>
Reviewed-by: Nico Weber <thakis@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#500297}
Removing global "using namespace" in platform Mac code
Importing namespaces into the global namespace causes issues in jumbo
builds. This patch removes some that were not even used and replace
some with explicit namespaces.

Bug: 761475
Change-Id: Iaec529e8a4ea8a8572575fb546263946282d1c59
Reviewed-on: https://chromium-review.googlesource.com/654641
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#500296}
Reuse an existing WebCoreFloatToSkScalar instead of copying it
There is one WebCoreFloatToSkScalar in platform/graphics/skia and one
in platform/geometry. This patch makes platform/geometry use the one in

Bug: 761475
Change-Id: I32c938c5d3ea08d2cf3e7bfc2a0ff469006268b0
Reviewed-on: https://chromium-review.googlesource.com/653159
Reviewed-by: Stephen Chenney <schenney@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#500285}
Merge two implementations of operator<<(FloatPoint3D)
There were two implementations of
TextStream& operator<<(TextStream& ts, const FloatPoint3D& p)
in filter serialization and while that is a minor issue, they caused
conflicts in jumbo builds so rather than excluding files from jumbo,
this moves the implementation to FloatPoint3D.h.

Bug: 761475
Change-Id: I11eee18d33f3eb34b50fb5849bb0e72d6a9a8089
Reviewed-on: https://chromium-review.googlesource.com/651417
Commit-Queue: Daniel Bratell <bratell@opera.com>
Reviewed-by: Stephen Chenney <schenney@chromium.org>
Cr-Commit-Position: refs/heads/master@{#500252}
Forward-declare TextTrack in HTMLMediaElement.h
Change-Id: I535a633cdb7c31c632b61411bad00e5918d62e6c
Reviewed-on: https://chromium-review.googlesource.com/652548
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Fredrik Söderquist <fs@opera.com>
Cr-Commit-Position: refs/heads/master@{#500243}
Empty files should not succeed in loading (as WebVTT)
Empty files will naturally not have a valid signature, so should fail
the signature check. When there's no data, the loader will not get any
DataReceived() callback, and hence not create a VTTParser. The
NotifyFinished() callback only checked for any error on the resource,
and would flag success if there were no resource error.
Check for the presence of a parser to detect the case where there's no
data and infer failure from it.

Also move the flush of the VTTParser first in NotifyFinished() since
it could, in rare cases, end up setting |state_| to kFailed.

Bug: 761969
Change-Id: If6c17d50ec968625a98490e625c5f248761efe1a
Reviewed-on: https://chromium-review.googlesource.com/650291
Commit-Queue: Fredrik Söderquist <fs@opera.com>
Reviewed-by: Philip Jägenstedt <foolip@chromium.org>
Cr-Commit-Position: refs/heads/master@{#499925}
[LayoutNG] Skip more virtual test suites.
Test suites that aren't relevant to NG only slow down testing and increase


Change-Id: Ideb731da4441ba839a8d9c19d2fa532c8fd086d1
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Reviewed-on: https://chromium-review.googlesource.com/649655
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Cr-Commit-Position: refs/heads/master@{#499723}
NGLayoutAlgorithm::Node() doesn't need to be virtual
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: Iddc121dbcf39b0b7381ceb5485606a9a4fea9bdc
Reviewed-on: https://chromium-review.googlesource.com/649654
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Commit-Queue: Ian Kilpatrick <ikilpatrick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#499684}
[LayoutNG] Position multicol children in the legacy flow thread.
Previously we practically skipped positioning of direct multicol children. We
did actually attempt to position direct *floated* children, but that triggered
a DCHECK failure.

Re-enable and update the remaining disabled NGColumnLayoutAlgorithm unit tests.
They were all about floats, and therefore they used to trigger DCHECK failures.

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: If3b1d464501a6132254ed4c016886303f224a4f2
Reviewed-on: https://chromium-review.googlesource.com/649532
Reviewed-by: Emil A Eklund <eae@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#499675}
[LayoutNG] Comma instead of 'x' as separator between coordinates in ToString().
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: I96dcb6728816c030fffda7fa67a0a90eb7d1fe5f
Reviewed-on: https://chromium-review.googlesource.com/650255
Reviewed-by: Emil A Eklund <eae@chromium.org>
Commit-Queue: Emil A Eklund <eae@chromium.org>
Cr-Commit-Position: refs/heads/master@{#499654}
Enable jumbo compiling for modules unit test (-13 CPU minutes)
When use_jumbo_build=true this patch should save roughly 12.5
CPU minutes on my reference machine.

Bug: 713137
Change-Id: Icaa9e691ca6212f336691755aea83ddbdbe23a18
Reviewed-on: https://chromium-review.googlesource.com/648408
Commit-Queue: Daniel Bratell <bratell@opera.com>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Cr-Commit-Position: refs/heads/master@{#499651}
Remove residual Skips of WPT tests with absolute path
Absolute paths should be working now.

Bug: 498120
Change-Id: I21c69e34a7f9f17122a631b3e2a154c64974042b
Reviewed-on: https://chromium-review.googlesource.com/650248
Reviewed-by: Kent Tamura <tkent@chromium.org>
Commit-Queue: Fredrik Söderquist <fs@opera.com>
Cr-Commit-Position: refs/heads/master@{#499599}
Put local types in the anonymous namespace to be consistent.
BytesConsumerTestUtil.cpp imports BytesConsumer::Result as blink::Result
and BlobBytesConsumerTest.cpp imports BytesConsumer::Result as
blink::{anonymous namespace}::Result and for the Windows compiler that
causes a naming conflict in jumbo builds.

This patch puts both BytesConsumer::Result in the anonymous namespace so
that the compiler won't get confused.

Bug: 745732
Change-Id: I073a36fb71109be2e7fefff34268186d03a5547b
Reviewed-on: https://chromium-review.googlesource.com/649226
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#499595}
Use code path for V1 instead of V0 without shadow trees.
The result should not be different, but this change is using the Shadow
DOM v1 code path for matching CSS rules when we don't have any Shadow
DOM v0 roots. This means we'll use the same code path as we'll use when
Shadow DOM v0 is removed.

Bug: 760405
Change-Id: I90a140db91d1282e59c037a476fef8b95b4e36cc
Reviewed-on: https://chromium-review.googlesource.com/647755
Reviewed-by: Takayoshi Kochi <kochi@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#499570}
Don't compute pseudo element style on other pseudo elements.
Nested pseudo elements are not allowed. We tried to match selectors for
scrollbar pseudo elements on ::before/::after pseudo elements. This
caused DCHECK failure in v1 shadow dom code trying to find assigned
slot for the ::before/::after pseudo. Instead, return early trying to
compute pseudo element style on pseudo elements.

Bug: 761838
Change-Id: Iaa571c96701ad9f5eb87cb93f0cfb085f42c043e
Reviewed-on: https://chromium-review.googlesource.com/649611
Reviewed-by: nainar <nainar@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#499564}
Don't request style on element when pseudo element style is null.
StyleForLayoutObject returns nullptr for ::before and ::after pseudo
elements when the pseudo element should not generate any boxes. This
caused us to incorrectly request OriginStyleForElement as a fall-back
which caused DCHECKs to trigger when trying to match rules against the

Instead, call OriginalStyleForElement as a fall-back in
CustomStyleForElement for elements which do have custom style callbacks
but don't need a specialized CustomStyleForElement.

Bug: 760405
Test: shadow-dom/crashes/css-focus-recalc.html
Change-Id: Ib7bcd50fd624f1ebcefc716533cf7098c203a2f4
Reviewed-on: https://chromium-review.googlesource.com/648984
Reviewed-by: nainar <nainar@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#499558}
CHR-6375: [Windows] Fixed crash on fallback from ANGLE to SwiftShader.
During fallback from ANGLE to SwiftShader it is required to unload
ANGLE libraries, otherwise SwiftShader will fail to load its own

Fixed ANGLE platform reset.

Bug: 760063
Cq-Include-Trybots: master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
Change-Id: I02280b2c1cd6c3d81087c7e2befb412bb2a89510
Reviewed-on: https://chromium-review.googlesource.com/640992
Commit-Queue: Jamie Madill <jmadill@chromium.org>
Reviewed-by: Antoine Labour <piman@chromium.org>
Reviewed-by: Jamie Madill <jmadill@chromium.org>
Cr-Commit-Position: refs/heads/master@{#499529}
Avoid having two g_unique_id in blink/platform
In jumbo builds the two g_unique_id clashed so to avoid having to
exclude one of the files from jumbo builds, it's better to rename them.

With this patch they will be g_unique_media_stream_component_id and
g_unique_media_stream_descriptor_id instead. As a bonus that should help
when analyzing binaries if anyone ever encounter these symbols.

Bug: 761475
Change-Id: Ib6c7120a4ff428bceaf1197441c1d8e271b63d18
Reviewed-on: https://chromium-review.googlesource.com/648409
Commit-Queue: Daniel Bratell <bratell@opera.com>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Cr-Commit-Position: refs/heads/master@{#499518}
Avoid using "using namespace ..." in global scope
With jumbo (unity builds, merged translation units) a
"using namespace WTF" or "using namespace Unicode"
statement intended for just the local translation unit will affect
many other translation units which causes various issues.

There is also (with the current implementation of jumbo) a warning
about such usage that will prevent things from compiling.

Without this patch this file will have to be manually excluded from
jumbo builds and I am trying to avoid such exclusion lists for
performance and maintenance.

Bug: 761475
Change-Id: Ide7c7f90b2b2190362f279008e31dfcc31309ad7
Reviewed-on: https://chromium-review.googlesource.com/648407
Reviewed-by: Kent Tamura <tkent@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#499517}
[LayoutNG] Proper overflow legacy write-back inside multicol.
Only calculate overflow when at the last fragment. It's only then that we can
be sure that all children have been laid out. This used to trigger DCHECK
failures in legacy layout.

Also don't let a line break fool us into believing that the block fragmented
(by creating unfinished break tokens).

Re-enable and update unit test OverflowedBlock, now that overflow no longer
causes DCHECK failures in legacy layout.

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: I9a104c3a7392db66c251e6f8da8ea8c7e16ba357
Bug: 757767
Reviewed-on: https://chromium-review.googlesource.com/645968
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Reviewed-by: Koji Ishii <kojii@chromium.org>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Cr-Commit-Position: refs/heads/master@{#499503}
[LayoutNG] Skip assorted virtual test suites.
They don't seem relevant for NG.


Change-Id: Id701e9773cee3737cceb46440704125b9c9178e0
Reviewed-on: https://chromium-review.googlesource.com/647760
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#499495}
Support all of HTML's character entities in WebVTT
This updates the VTTTokenizer to align with the updated WebVTT tokenizer




The old states for handling "escapes" are removed, adding new ones per
above, for invoking the HTML parser's entity matcher.
A new WEBVTT_SWITCH_TO operation is also added so that state transitions
can be performed without advancing the input position. (Matches
mechanics of the HTML parser.)

The WPT test webvtt/parsing/cue-text-parsing/tests/entities.html is
updated since it had an incorrect expected result for the "&notit;"

Old, now incorrect and/or redundant, tests for entities are removed.

Bug: 761303
Change-Id: I8ffb4fb2da7169c2ba3c84eb8c3206daabefbb30
Reviewed-on: https://chromium-review.googlesource.com/647586
Reviewed-by: Philip Jägenstedt <foolip@chromium.org>
Commit-Queue: Fredrik Söderquist <fs@opera.com>
Cr-Commit-Position: refs/heads/master@{#499473}
Removing unused "using namespace icu".
Having global "using namespace ..." complicates things, or prevents,
jumbo builds but this one seems completely unused anyway.

Bug: 761475
Change-Id: I592035ec4030b575acbdbcf9ca11b24217380ed5
Reviewed-on: https://chromium-review.googlesource.com/647567
Commit-Queue: Kent Tamura <tkent@chromium.org>
Reviewed-by: Kent Tamura <tkent@chromium.org>
Cr-Commit-Position: refs/heads/master@{#499433}
Add NG support for quirky bottom margins plus minor fix for top margins.
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: Ib3b5e035955c0d1379f7c206ef283934a2c31eae
Reviewed-on: https://chromium-review.googlesource.com/645988
Commit-Queue: Karl Anders Øygard <karlo@opera.com>
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#499406}
Removed svg/as-image/svg-nested.html
The test is creating a 50000 nodes deep tree which at some point causes
a stack overflow in one of the recursive methods traversing the DOM
tree. Removing test as it arbitrarily causes a stack overflow.

Bug: 760904
Change-Id: Ib1b841a51cbe383bc630ca57b3dd07c8c859cee0
Reviewed-on: https://chromium-review.googlesource.com/647536
Reviewed-by: Philip Rogers <pdr@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#499392}
Deduplicated the Determinant function in platform/geometry.
Both FloatQuad and FloatPolygon wants to calculate the
determinant/cross product between two FontSize objects and they each
had a copy of such a function. In Jumbo builds those two identical symbols

Bug: 761475
Change-Id: I216b0ec2bf6fdb450ef81315692396fc395c3d6e
Reviewed-on: https://chromium-review.googlesource.com/647847
Commit-Queue: Daniel Bratell <bratell@opera.com>
Reviewed-by: Stephen Chenney <schenney@chromium.org>
Cr-Commit-Position: refs/heads/master@{#499322}
Undef local CONVOLVE_ONE_SAMPLE after use.
Since other code use equally named macros we get jumbo build collision
unless they are undefined (or renamed).

Bug: 761475
Change-Id: I650fe9651a55e9fd682340f6160e2212de024f58
Reviewed-on: https://chromium-review.googlesource.com/647715
Commit-Queue: Daniel Bratell <bratell@opera.com>
Reviewed-by: Raymond Toy <rtoy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#499264}
Adding missing include guard on blink header
VideoFrameResourceProvider.h was missing an include guard which happened
to work in normal builds, but not in jumbo builds.

R=haraken@chromium.org, lethalantidote@chromium.org

Change-Id: I72b9c9343ce6862f26d2ae89beaf3af3b084e0ed
Reviewed-on: https://chromium-review.googlesource.com/647538
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#499206}
[LayoutNG] Update FlagExpectations for LayoutNG
Just skip virtual/outofblink-cors/


Change-Id: Iaf28ead83625b01b1017f2a3cd2029299ed61b54
Reviewed-on: https://chromium-review.googlesource.com/645952
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Aleks Totic <atotic@chromium.org>
Cr-Commit-Position: refs/heads/master@{#499180}
Rename ArrayBufferContents::AllocationKind to GetAllocationKind.
Current name clashes with the name of the enum class the function is
supposed to return. Clang does not care, but gcc fails to compile the

Bug: 760070
Change-Id: I935d91493a3fc7b289d03f776c14b6ec4f3f622a
Reviewed-on: https://chromium-review.googlesource.com/645549
Reviewed-by: Yuta Kitamura <yutak@chromium.org>
Commit-Queue: Yuta Kitamura <yutak@chromium.org>
Cr-Commit-Position: refs/heads/master@{#499171}
Add include guards to ipc message headers
The solution without include guards isn't compatible with jumbo.

Bug: 746953
Cq-Include-Trybots: master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
Change-Id: Iaaea9654fa2c38c40ab458678693518abe555d34
Reviewed-on: https://chromium-review.googlesource.com/580868
Reviewed-by: Antoine Labour <piman@chromium.org>
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: dsinclair <dsinclair@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#499162}
Update :in-range/:out-of-range style when input type changes.
The :in-range/:out-of-range pseudo classes only matches for steppable
input typesi. We need to schedule style invalidations for these pseudo
classes when the input changes and at least one of them is steppable.
Changing between two steppable types may also need invalidation as
min/max/value need to be reparsed and their value may not be valid or
their interpretations may be different.

Bug: 751406
Change-Id: I0dc6517ded832fdaa63f1a3bdda161dcf2b3b448
Reviewed-on: https://chromium-review.googlesource.com/646327
Reviewed-by: Kent Tamura <tkent@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#499158}
Update :indeterminate style when input type changes.
The :indeterminate pseudo class only matches for certain input types.
We need to schedule style invalidations for :indeterminate when the
input changes between certain types.

Bug: 751406
Change-Id: I4cae67ce883ec0969119f788718db8b978f9a67d
Reviewed-on: https://chromium-review.googlesource.com/646168
Reviewed-by: Kent Tamura <tkent@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#499157}
Update :checked style when input type changes.
The :checked pseudo class only matches for certain input types. We need
to schedule style invalidations for :checked when the input changes
between certain types.

Bug: 751406
Change-Id: I818b498339a643766e0c619cb6b70bfd09c6efcb
Reviewed-on: https://chromium-review.googlesource.com/645987
Reviewed-by: Kent Tamura <tkent@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#499156}
Min-width takes precedence over max-width.
This also applies to intrinsic sizing, obviously. Clamp to max-width, THEN
min-width - not the other way around.

Bug: 754263
Change-Id: Ide083d3ba591b252cd1bfa28500be3c3c2324d79
Reviewed-on: https://chromium-review.googlesource.com/645306
Commit-Queue: Emil A Eklund <eae@chromium.org>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Cr-Commit-Position: refs/heads/master@{#499024}
Make SMIL interval position calculations more resilient
When 'dur' is mutated, all dependent state is not updated at once, but
rather lazily. This means that we can get into an inconsistent state
where some timing parameters have been applied while some have not, and
code that uses - and thus realizes - the state changes will be first to
observe them. This can for instance lead to an interval position of NaN
being computed, which would wreak havoc when computing values.

For the specific case, we'd first get an 'indefinite' simple duration
and compute an interval thereafter. When 'dur' is then modified to a
finite value the simple duration will not be updated until the next
frame is computed (triggered by mutation of 'end'), leaving us with
a valid/finite simple duration but an infinite interval. (This then
results in arithmetic with Inf, yielding a NaN value for |percent|.)

Properly updating all the interval computation state on mutations is a
somewhat involved task, so paper over it for now by computing the (last)
active duration differently depending on the case we're in. While this
change is a bit of a workaround, it should be a perfectly reasonable
change on its own.

Bug: 760057
Change-Id: I1878f06db500eb1251ef2ca1cd7f10e0c8f86a00
Reviewed-on: https://chromium-review.googlesource.com/645973
Reviewed-by: Stephen Chenney <schenney@chromium.org>
Reviewed-by: Philip Rogers <pdr@chromium.org>
Commit-Queue: Fredrik Söderquist <fs@opera.com>
Cr-Commit-Position: refs/heads/master@{#498911}
[LayoutNG] Skip siblings preceding the first break token.
When we resume layout in a next fragmentainer, assume that all siblings
preceding the one associated with the first break token have been finished.
Assuming the opposite - that all preceding siblings needed layout - caused
infinite loops.

<div style="columns:5; column-fill:auto; height:60px;">
    <div id="child1" style="height:100px;"></div>
    <div id="child2" style="height:100px;"></div>

After the first column, we'll have an unfinished break token for #child1, which
is what we'll resume with in the second column.
After the second column, we'll have a finished break token for #child1 and an
unfinished break token for #child2.
After the third column, we'll only have an unfinished break token for #child2,
since we skipped #child1 (it was finished).
The fourth column obviously only contains #child2. We shouldn't start at
#child1 just because it has no break token, or we'll get an infinite loop.

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: I845a75bb646615223f9acfcc51e2fab04b05b058
Bug: 757767
Reviewed-on: https://chromium-review.googlesource.com/639410
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#498817}
Add missing gurl.h include to sensor_permission_context.cc
Change-Id: I2988959a20acd595e046574773101b12135d0f1b
Reviewed-on: https://chromium-review.googlesource.com/640383
Reviewed-by: Raymes Khoury <raymes@chromium.org>
Commit-Queue: Tomasz Moniuszko <tmoniuszko@opera.com>
Cr-Commit-Position: refs/heads/master@{#498777}
Setup AttachContext correctly when attaching pseudo elements.
AttachContext.previous_in_flow was not set up correctly when attaching
pseudo elements. That caused incorrect whitespace attachment in some
cases. In order to do this, the AttachContext for children is set up in
Element instead of ContainerNode as ::before and ::after are attached
in Element before/after ContainerNode::AttachLayoutTree.

I have separated the creation and attachment of pseudo elements.
CreatePseudoElementIfNeeded now only creates the pseudo element.
Previously pseudo elements were sometimes attached as part of style
recalc, at which point we don't have a previous_in_flow to pass in.
This is also good for our goal of separating style recalc and layout
tree construction completely.

We still create pseudo elements when attaching a layout tree if these
pseudo elements are inside a subtree being (re-)attached. When we start
constructing ComputedStyle for elements in sub-trees being re-attached
in RecalcStyle instead of LayoutTreeBuilder, we can fully rely on
pseudo elements being generated for RecalcStyle.

The modified test expectations are actually a revert of what was
changed when landing the WhitespaceAttacher.

Bug: 759532
Change-Id: Ic9f0f61d8c78bc8df7c5e589444a54583c78d763
Reviewed-on: https://chromium-review.googlesource.com/643269
Reviewed-by: nainar <nainar@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#498767}
[LayoutNG] Update FlagExpectations for LayoutNG

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: I91ac1b71748f838b922d3e93ba59aa9d17b39bff
Reviewed-on: https://chromium-review.googlesource.com/643070
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#498488}
Fix Jumbo build.
InspectorCacheStorageAgent.cpp has recently got a "using" declaration of
blink::protocol::CacheStorage::Header, and that collided with the
forward-declaration of blink::Header FetchHeaderList.h. Just remove the
forward-declaration. It looks like there's no class named Header in this
district anymore.


Change-Id: I54e5f7ff3b53a388930b1101417e0dc1fa46af2b
Reviewed-on: https://chromium-review.googlesource.com/643127
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#498439}
Don't rely on the cached 'local' flag when resolving <use> target
Since the document URL can change between a <use> 'href' is set, and the
actual element reference is resolved (looked up by id), the notion of
being "local" to the document can change during this window as well.
To avoid this, we need to re-evaluate the "is local" state before
resolving the element reference. This appears to match what other UAs
are doing (but they could/do differ in other ways.) Keep the cached
"is local" state and use where applicable to avoid the full URL compare.

Bug: 749855
Change-Id: Ibbe9b1fb7e37f86b57f775d288203fbd9b3d5f4e
Reviewed-on: https://chromium-review.googlesource.com/641459
Commit-Queue: Fredrik Söderquist <fs@opera.com>
Reviewed-by: Stephen Chenney <schenney@chromium.org>
Reviewed-by: Philip Rogers <pdr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#498433}
No need for forced SetStyleInternal for unchanged ComputedStyle.
This was done to avoid use of out-dated ComputedStyle from the style
sharing cache.

Also, removed unnecessary DCHECKs for style sharing sanity and fixed a

Bug: 721517
Change-Id: I3a4117328b7a62dac84ef3e81017702f6f40315b
Reviewed-on: https://chromium-review.googlesource.com/628519
Reviewed-by: nainar <nainar@chromium.org>
Reviewed-by: Eric Willigers <ericwilligers@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#498417}
Invalidate matched properties cache when registering custom properties.
Not forcing SetStyleInternal in Element::RecalcOwnStyle triggered a
DCHECK fail for (!!value == !!parsed_value) in
SetResolvedInheritedVariable(). We were hitting the matched properties
cache to re-use the custom properties from the style recalc before and
after property registration. The property registration made the custom
property value invalid due to the given syntax.

It's possible this should be detected as a style propagation change in
RecalcOwnStyle (ComputedStyle::operator==), but clearing the matched
properties cache seemed like a good idea since all style is
recalculated on property registration anyway.

This CL is split out of:


Test: custom-properties/registered-property-cssom.html
Change-Id: I593f2fa1be788ce00872d46356924f6f5415174e
Reviewed-on: https://chromium-review.googlesource.com/635565
Reviewed-by: nainar <nainar@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#498393}
[LayoutNG] Move column layout algorithm tests to a separate file.
FragmentChildIterator and ConstructBlockLayoutTestConstraintSpace() are needed
by both block and column layout algorithm tests, so they needed a new home. Put
them in ng_base_layout_algorithm_test.h

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: I664c1f0a7b04e6096b25bfff344f0ebae9fa1bd0
Reviewed-on: https://chromium-review.googlesource.com/641150
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#498162}
Be more specific about namespace for Message in unit tests
There is a gtest namespace ::testing and a helper namespace in blink
called ::blink::testing. If both are visible to the compiler,
::blink::testing will be used first and classes in ::testing will not
be found. This happens in jumbo builds so we better be more specific.


Change-Id: I611b7afde07fb217978e90cf041e89ce7634fb8e
Reviewed-on: https://chromium-review.googlesource.com/640699
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#498080}
Missing comparison of timing functions for style recalc.
TransitionsMatchForStyleRecalc and AnimationsMatchForStyleRecalc did
not compare timing functions. Move common timing comparison into the
CSSTimingData class and add a test for timing functions.

This was discovered trying to remove a SetStyleInternal hack from

Element: :RecalcOwnStyle().
Change-Id: I11edf92a63653e44ca6384523d0dd4da7786dc25
Reviewed-on: https://chromium-review.googlesource.com/635723
Reviewed-by: Eric Willigers <ericwilligers@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#498047}
[LayoutNG] Make percent sizing work through anonymous constraint spaces.
Re-enable a unit test that now passes again. Also fixes a layout test.

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: Ic1d15dccaefc5773ae4305771808d328548007b4
Reviewed-on: https://chromium-review.googlesource.com/637910
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#498034}
Revert "Locate the correct flow thread for spanners and out-of-flow objects."
This reverts commit b71ac55bffca1c376d6ed4e540194436daccfbd1.

Reason for revert: Opened up a can of worms. Re-seal it.

Original change's description:
> Locate the correct flow thread for spanners and out-of-flow objects.
> LayoutFlowThread::LocateFlowThreadContainingBlockOf() used to just
> give up if the nearest ancestor flow thread of some object wasn't the
> containing flow thread.
> The machinery that maintains the special-objects
> (LayoutMultiColumnSet, LayoutMulticolumnSpannerPlaceholder) for
> multicol still needs to ignore out-of-flow objects and spanners,
> though, so I moved the check for this from
> LocateFlowThreadContainingBlockOf() to
> FlowThreadDescendantWasInserted() and
> FlowThreadDescendantWillBeRemoved().
> Checking on the paint side whether page logical height is known is
> no longer necessary.
> Bug: 757947
> Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_slimming_paint_v2
> Change-Id: Ief0492e9de52b01b08c3bc0318cb3c8abe67ccd3
> Reviewed-on: https://chromium-review.googlesource.com/632057
> Reviewed-by: Emil A Eklund <eae@chromium.org>
> Commit-Queue: Morten Stenshorne <mstensho@opera.com>
> Cr-Commit-Position: refs/heads/master@{#497437}


# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: 757947
Change-Id: Idf54d6cea2c03871c3a3443880f6b5b331cd7d30
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_slimming_paint_v2
Reviewed-on: https://chromium-review.googlesource.com/637870
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#497791}
Support ::before and ::after pseudo elements after ::slotted.
Allow pseudo elements after ::slotted() pseudo elements to allow for
scopes to which an element has been slotted to generate ::before /
::after pseudo elements.

The scoping spec[1] allows tree-abiding[2] pseudo elements after
::slotted. This CL adds support for ::before and ::after.

[1] https://drafts.csswg.org/css-scoping/#slotted-pseudo
[2] https://drafts.csswg.org/css-pseudo-4/#treelike

Bug: 754081
Change-Id: I95d91ea06d8fa75537cf8c845da477b2fb034a7d
Reviewed-on: https://chromium-review.googlesource.com/616042
Commit-Queue: Rune Lillesveen <rune@opera.com>
Reviewed-by: Takayoshi Kochi <kochi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#497742}
Include less from LayoutUnit.h.
This header is included in about 4500 compilation units.

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng;master.tryserver.chromium.linux:linux_layout_tests_slimming_paint_v2
Change-Id: Icd9996f634899877c84e130f67fdf497a01734a0
Reviewed-on: https://chromium-review.googlesource.com/635726
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Reviewed-by: Philip Rogers <pdr@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#497563}
[LayoutNG] Copy multicol layout back to the LayoutObject tree.
Stitch fragments generated from the same layout input node
together, so that the flow thread based multicol implementation
in legacy layout can perform painting, hit-testing and other
layout tree read operations like before.

The position will only be updated when at the first fragment for
each node. The position of subsequent fragments are only relevant
to LayoutNG. For legacy layout they just contribute to the
block-size of the LayoutObject. Currently, the position will
still be mostly wrong, unless the object starts in the first

One change to the break tokens was necessary: the final break
token also needs to set its used block size, just like the
preceding tokens, so that clients can tell that it's not the
first fragment of some node.

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: I4a1491262bb5a5284abfa27695ed90beb620a56d
Reviewed-on: https://chromium-review.googlesource.com/634223
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#497478}
Locate the correct flow thread for spanners and out-of-flow objects.
LayoutFlowThread::LocateFlowThreadContainingBlockOf() used to just
give up if the nearest ancestor flow thread of some object wasn't the
containing flow thread.

The machinery that maintains the special-objects
(LayoutMultiColumnSet, LayoutMulticolumnSpannerPlaceholder) for
multicol still needs to ignore out-of-flow objects and spanners,
though, so I moved the check for this from
LocateFlowThreadContainingBlockOf() to
FlowThreadDescendantWasInserted() and

Checking on the paint side whether page logical height is known is
no longer necessary.

Bug: 757947
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_slimming_paint_v2
Change-Id: Ief0492e9de52b01b08c3bc0318cb3c8abe67ccd3
Reviewed-on: https://chromium-review.googlesource.com/632057
Reviewed-by: Emil A Eklund <eae@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#497437}
Emacs jade rebranded to indium
Change-Id: Iff92857fcf7ef95578687dacb9309fcfad331e6d
Reviewed-on: https://chromium-review.googlesource.com/631720
Reviewed-by: Dominic Mazzoni <dmazzoni@chromium.org>
Commit-Queue: Dominic Mazzoni <dmazzoni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#497072}
Reland "Reland "[LayoutNG] Bring back native support for multicol.""
This is a reland of 3bb64d0c55ed57a6522cc09f5be97be220c81fc0
Original change's description:
> Reland "[LayoutNG] Bring back native support for multicol."
> This is a reland of b7e830ddf678c7daaa41a982fad87156b1bbbe4b
> Original change's description:
> > [LayoutNG] Bring back native support for multicol.
> > 
> > Still missing: Copy data back into the LayoutObject tree.
> > 
> > Some layout tests now fail, since we're not using the legacy engine to lay out
> > multicol. Quite a few crash or freeze, too.
> > 
> > Also brought back some of the unit tests. They needed some changes, because of
> > the following:
> > 
> > 1. We now create a fragment for each column, from an anonymous constraint
> > space. I.e. we have one more level of fragments, and it's the column fragments
> > that have their inline offset shifted to the correct column, rather than
> > setting it on the first child block, which is what we did last time these tests
> > worked.
> > 
> > 2. Mistakes introduced when converting test to using setBodyInnerHTML() rather
> > than building the layout trees programmatically:
> > https://codereview.chromium.org/2725773002
> > 
> > 3. New bugs. :)
> > 
> > Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
> > Change-Id: I4df85d684f0ddb8f7f0f75d15230a1ab61e9f9a0
> > Reviewed-on: https://chromium-review.googlesource.com/591429
> > Commit-Queue: Morten Stenshorne <mstensho@opera.com>
> > Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
> > Reviewed-by: Emil A Eklund <eae@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#496446}
> TBR=eae@chromium.org,ikilpatrick@chromium.org
> Change-Id: I479ea313e9ca9a56bdbbcad009a4c1b18a8b9e63
> Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
> Reviewed-on: https://chromium-review.googlesource.com/627358
> Commit-Queue: Morten Stenshorne <mstensho@opera.com>
> Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
> Reviewed-by: Koji Ishii <kojii@chromium.org>
> Reviewed-by: Morten Stenshorne <mstensho@opera.com>
> Cr-Commit-Position: refs/heads/master@{#496814}


Change-Id: Ic81481d78f216e45d437968090f76479326ad708
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Reviewed-on: https://chromium-review.googlesource.com/631816
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#497061}
[LayoutNG] Update FlagExpectations for LayoutNG

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: I187593e14a27bf76957055cceb0ec00cf3fae65d
Reviewed-on: https://chromium-review.googlesource.com/631776
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#497023}
Remove Internals.isStyleSharing().
Not in use and style sharing is removed.

Bug: 721517
Change-Id: I9eb72320ba001102f4c29f22240cf9dbd3a4f460
Reviewed-on: https://chromium-review.googlesource.com/628520
Reviewed-by: nainar <nainar@chromium.org>
Reviewed-by: meade_UTC10 <meade@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#496957}
Reland "[LayoutNG] Bring back native support for multicol."
This is a reland of b7e830ddf678c7daaa41a982fad87156b1bbbe4b
Original change's description:
> [LayoutNG] Bring back native support for multicol.
> Still missing: Copy data back into the LayoutObject tree.
> Some layout tests now fail, since we're not using the legacy engine to lay out
> multicol. Quite a few crash or freeze, too.
> Also brought back some of the unit tests. They needed some changes, because of
> the following:
> 1. We now create a fragment for each column, from an anonymous constraint
> space. I.e. we have one more level of fragments, and it's the column fragments
> that have their inline offset shifted to the correct column, rather than
> setting it on the first child block, which is what we did last time these tests
> worked.
> 2. Mistakes introduced when converting test to using setBodyInnerHTML() rather
> than building the layout trees programmatically:
> https://codereview.chromium.org/2725773002
> 3. New bugs. :)
> Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
> Change-Id: I4df85d684f0ddb8f7f0f75d15230a1ab61e9f9a0
> Reviewed-on: https://chromium-review.googlesource.com/591429
> Commit-Queue: Morten Stenshorne <mstensho@opera.com>
> Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
> Reviewed-by: Emil A Eklund <eae@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#496446}


Change-Id: I479ea313e9ca9a56bdbbcad009a4c1b18a8b9e63
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Reviewed-on: https://chromium-review.googlesource.com/627358
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Reviewed-by: Koji Ishii <kojii@chromium.org>
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#496814}
[LayoutNG] Update FlagExpectations for LayoutNG

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: Ib177fd2754c2f05d7d7765e7599e6e6bb5d4ceab
Reviewed-on: https://chromium-review.googlesource.com/628878
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#496740}
[LayoutNG] Update FlagExpectations for LayoutNG

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: I3c0967138e9f7dd81d052f2f5117ba815ad3249c
Reviewed-on: https://chromium-review.googlesource.com/626296
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#496640}
Remove style sharing workaround from StyleInvalidator.
Style sharing is no longer present in the codebase, so the SetStyle /
LocalStyleChange should no longer be necessary here.

Bug: 721517

Change-Id: I0437f3c3c3188101299b053d81b36a7542baf610
Reviewed-on: https://chromium-review.googlesource.com/625880
Reviewed-by: Eric Willigers <ericwilligers@chromium.org>
Reviewed-by: nainar <nainar@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#496597}
[LayoutNG] Bring back native support for multicol.
Still missing: Copy data back into the LayoutObject tree.

Some layout tests now fail, since we're not using the legacy engine to lay out
multicol. Quite a few crash or freeze, too.

Also brought back some of the unit tests. They needed some changes, because of
the following:

1. We now create a fragment for each column, from an anonymous constraint
space. I.e. we have one more level of fragments, and it's the column fragments
that have their inline offset shifted to the correct column, rather than
setting it on the first child block, which is what we did last time these tests

2. Mistakes introduced when converting test to using setBodyInnerHTML() rather
than building the layout trees programmatically:

3. New bugs. :)

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: I4df85d684f0ddb8f7f0f75d15230a1ab61e9f9a0
Reviewed-on: https://chromium-review.googlesource.com/591429
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Cr-Commit-Position: refs/heads/master@{#496446}
Removed leftover FIXME for whitespace attachment.
WhitespaceAttacher now handles this properly and it's done as part of
layout tree building, not style recalc.

Change-Id: I0fd970c86425c155429c008afdf280866b539a72
Reviewed-on: https://chromium-review.googlesource.com/626301
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#496438}
Saturated arithmetic when calculating multicol preferred widths.
With sufficiently large column-gap and high enough column-count, we'd
integer-overflow and end up with a negative gap_extra result, which is a value
that contributes to the preferred min/max preferred logical widths (which
therefore also could become negative). Let all values involved be of type
LayoutUnit, so that we get saturated arithmetic enabled.

Bug: 743230
Change-Id: I06d7d8f9c1214af35faf0b52f1652fc626cd67ef
Reviewed-on: https://chromium-review.googlesource.com/625624
Commit-Queue: Emil A Eklund <eae@chromium.org>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Cr-Commit-Position: refs/heads/master@{#496329}
[LayoutNG] Update FlagExpectations for LayoutNG

Change-Id: Ic03560b8ed7ceb89c9bf746c04320b6c655ca1b2
Reviewed-on: https://chromium-review.googlesource.com/625918
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#496293}
Setting DOMMatrix.m33 or m44 to 1 should preserve is2D
Per [1], setting a value other than one (1) should clear the is2D flag.
We had the logic reversed.

[1] https://drafts.fxtf.org/geometry/#dommatrix-attributes

Bug: 756789
Change-Id: I37fcd4e20fedee6ba29bb164e81cdf324971f9a1
Reviewed-on: https://chromium-review.googlesource.com/623410
Commit-Queue: Dominic Cooney <dominicc@chromium.org>
Reviewed-by: Dominic Cooney <dominicc@chromium.org>
Cr-Commit-Position: refs/heads/master@{#496224}
[LayoutNG] Clean up #includes.
NGLayoutResult needs to know about NGUnpositionedFloat, and
NGUnpositionedFloat needs to know about NGLayoutResult, so some
forward-declaring is necessary, to avoid circular dependencies.

Also got a dependency on the rather heavy ComputedStyle out of a header

Change-Id: I8f35bbb48bf39118abf093d8ffb6c8a44545ca57
Reviewed-on: https://chromium-review.googlesource.com/623651
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Cr-Commit-Position: refs/heads/master@{#496008}
Let LayoutView::StyleWillChange handle viewport invalidation.
Make sure we only do a single SetStyle for viewport ComputedStyle
to which we propagate certain documentElement/body styles. That way we
can do style invalidation diffing on SetStyle. The invalidation will
now be done on LayoutView::StyleWillChange instead of invalidating
LayoutView from LayoutBox::StyleWillChange for documentElement and body

The LayoutView invalidation does still use a limited repaint based on
propagated background changes.

Bug: 755539

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_slimming_paint_v2
Change-Id: I629098e0073827513801311b730c62fc98079db4
Reviewed-on: https://chromium-review.googlesource.com/609984
Commit-Queue: Rune Lillesveen <rune@opera.com>
Reviewed-by: Philip Rogers <pdr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#495573}
Check for HasNormalColumnGap() for LayoutView style changes.
PropagateStyleToViewport() propagated the absolute length of column-gap
only, and did not consider the "normal" keyword value. A change between
0 and "normal" was not detected as a change, hence the pages were not
laid out with the new value.

Bug: 756423
Change-Id: Idfe6c34b2e88fb741f25950c6d5a79290e33b728
Reviewed-on: https://chromium-review.googlesource.com/618926
Commit-Queue: Rune Lillesveen <rune@opera.com>
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#495256}
Add missing dependency to //base for target device_monitors
Because of lack of this dependency Build sometimes fails because of
missing file base/debug/debugging_flags.h:

[2017-08-17 10:18:12] [526/33287] CXX
[2017-08-17 10:18:12] >>BUILDBOT>>errors>>compile>>
[2017-08-17 10:18:12] FAILED:
[2017-08-17 10:18:12] ninja -t msvc -e environment.x64 --
c:\buildbot\clcache\bin/gomacc.exe "c:\program files (x86)\microsoft
visual studio 14.0\vc\bin\amd64/cl.exe" /nologo /showIncludes
/c ../../media/device_monitors/system_message_window_win.cc
[2017-08-17 10:18:12] CLCache Error: Failed to process compiler output
[2017-08-17 10:18:12] >>BUILDBOT>>errors>>compile>>
[2017-08-17 10:18:12] ../..\base/debug/stack_trace.h(14): fatal error
C1083: Cannot open include file: 'base/debug/debugging_flags.h':
No such file or directory

Bug: 756401
Change-Id: I5468361db2558e082828eaba81458039167e6ab1
Reviewed-on: https://chromium-review.googlesource.com/618571
Reviewed-by: Dale Curtis <dalecurtis@chromium.org>
Commit-Queue: Dale Curtis <dalecurtis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#495240}
[LayoutNG] Remove test failure expectation, now that they apparently pass.
One test doesn't fail anywhere. Three other tests only fail on Mac.

Change-Id: I799cfdac2f3ea32f5fde97957a7053bfd0146195
Reviewed-on: https://chromium-review.googlesource.com/616730
Reviewed-by: Aleks Totic <atotic@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#495191}
Only need to repaint background for color changes with no image.
Implement a VisuallyEqual for backgrounds because computed style
comparison would trigger unnecessary repaints when background image
related properties changed when there were no images.

Bug: 754685
Change-Id: I4c687426905e9687b298549b3015ac1207dbbc17
Reviewed-on: https://chromium-review.googlesource.com/612089
Reviewed-by: meade_UTC10 <meade@chromium.org>
Reviewed-by: Philip Rogers <pdr@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#494738}
When main axis is logical y, lay out flex items before getting intrinsic size.
There's no other way to figure out an object's intrinsic logical height, than
to lay it out. We cannot use the logical height we found in the previous layout
pass as intrinsic size.

Bug: 752078
Change-Id: Ibfd9426752ea8489256ac40f0c16e1a31a74a377
Reviewed-on: https://chromium-review.googlesource.com/612179
Reviewed-by: Emil A Eklund <eae@chromium.org>
Reviewed-by: Rune Lillesveen <rune@opera.com>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#494488}
Removed unused InheritColumnPropertiesFrom.
Change-Id: I39641a2c8fe9045ba3611050c03fd909d18b9ef4
Reviewed-on: https://chromium-review.googlesource.com/613161
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#494086}
Remove ignore_manifest in android_aar_prebuilt
Manifest merging is now supported! \o/

Bug: 643967
Change-Id: I460e4635fc2dc34592f50aed03f4056a5f402364
Reviewed-on: https://chromium-review.googlesource.com/567078
Reviewed-by: Andrew Grieve <agrieve@chromium.org>
Reviewed-by: Brandon Jones <bajones@chromium.org>
Commit-Queue: Ingemar Ådahl <ingemara@opera.com>
Cr-Commit-Position: refs/heads/master@{#494041}
Propagate style to viewport after style recalc.
Since we are now propagating up to the viewport style and don't do any
inheritance after propagation, we can postpone the propagation until
after the style recalc has finished. That means we only have to call
StyleForElement on html and body elements once. It also means we can
remove the code to clear animation update from

InheritHtmlAndBodyElementStyles() has been renamed to
PropagateStyleToViewport() which better explains what the method does.

The rem unit style recalc still needs to be triggered right after the
documentElement has been recalculated, but that code is moved to
the StyleEngine called from Element::RecalcOwnStyle().

Change-Id: I3850aee300aa31174f022581e615e5d66205d674
Reviewed-on: https://chromium-review.googlesource.com/608028
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#493348}
[LayoutNG] Place the root fragment.
All fragments but the root one are already placed by the fragment builder, when
walking through the children of a node. However, the fragment established by
the root node was left unplaced.

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: I8233b49f271034d6af8b19ebf3fd59b226b59065
Reviewed-on: https://chromium-review.googlesource.com/602207
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#492946}
Apply :placeholder-shown and :read-write changes on input type change.
Whether :placeholder-shown, :read-only, and :read-write matches an html
input element depends on its type. Apply changes on type attribute
changes accordingly.

The placeholder text and visibility had to be updated sychronously,
otherwise the pseudo invalidation happens before the placeholder
visibility update as part of layout tree attachment.

Bug: 751406
Change-Id: Ic5bf1c62073cdf2648dfbf7876828323fecfe4be
Reviewed-on: https://chromium-review.googlesource.com/605252
Commit-Queue: Rune Lillesveen <rune@opera.com>
Reviewed-by: Kent Tamura <tkent@chromium.org>
Cr-Commit-Position: refs/heads/master@{#492935}
No need for recalc on viewport propagation.
Before the fix for issue 732349, we relied on propagation from body to
viewport to affect the computed style of the root element which was
handled through a subtree recalc after viewport propagation. This is no
longer necessary. In fact, when rtl was specified on body, but the
computed style of html was ltr, InheritHtmlAndBodyElementStyles would
always trigger a subtree recalc, which would happen every frame we had a
style recalc.

There's a hope this will fix performance issue 739133.

I think that InheritHtmlAndBodyElementStyles can be made into a
PropagateStyleToViewport method which can be called at the end of
style recalc to avoid calculating html and body style twice. I'll try
to do that in a separate CL.

Bug: 739133
Change-Id: I0beebcf850661434eedb8bd19405698c27b7ae89
Reviewed-on: https://chromium-review.googlesource.com/606007
Commit-Queue: Rune Lillesveen <rune@opera.com>
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#492889}
[LayoutNG] Physical fragment tree dump support.
Call NGPhysicalFragment::ShowFragmentTree() to dump the fragment tree.
The solution is inspired by NGLayoutInputNode::ShowNodeTree().

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: Ie256d74bb80f2be5f372ec57791b693e4f5bdeaf
Reviewed-on: https://chromium-review.googlesource.com/602227
Reviewed-by: Emil A Eklund <eae@chromium.org>
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#492575}
Remove redundant GMS version meta-data
The <meta-data> is merged into the final apk manifest from dependency

//third_party/android_tools:google_play_services_basement_java provides
the manifest and accompanying resource value.

Bug: 643967
Change-Id: I09590a6c060e4e92c45e928ad57d64546d90f7e3
Reviewed-on: https://chromium-review.googlesource.com/567138
Reviewed-by: Yuwei Huang <yuweih@chromium.org>
Reviewed-by: Ted Choc <tedchoc@chromium.org>
Commit-Queue: Ingemar Ådahl <ingemara@opera.com>
Cr-Commit-Position: refs/heads/master@{#492568}
Evaluation of :required and :optional changes on input type changes.
If an input element changes to or from hidden in the presence of a
"required" attribute, the evaluation of :required and :optional will
change. Schedule invalidation sets to update computed style

Bug: 751406
Change-Id: I64ccaaa58067594e4a150f80fe73aaf4c9f93c83
Reviewed-on: https://chromium-review.googlesource.com/602027
Commit-Queue: Rune Lillesveen <rune@opera.com>
Reviewed-by: Kent Tamura <tkent@chromium.org>
Cr-Commit-Position: refs/heads/master@{#492304}
[LayoutNG] Remove NGPhysicalFragment::NGFragmentType from NGFragmentBuilder.
It was always kFragmentBox, even for inline layout, so it was meaningless.

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: If03b39b4315b8165045488901dbd67225ff54e8a
Reviewed-on: https://chromium-review.googlesource.com/602245
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Reviewed-by: Koji Ishii <kojii@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#492292}
Add tests for scroll direction of propagated writing-mode from body.
Change-Id: Ief891686240dcf4c30012b6282b1616de0500878
Reviewed-on: https://chromium-review.googlesource.com/602240
Reviewed-by: Koji Ishii <kojii@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#492254}
Support unclosed parentheses at end of sizes attribute.
Instead of returning false, match unclosed left-parentheses and
function tokens. Fixes eight cases in the WPT.

Bug: 749381
Change-Id: I7b3f061ee026be1da9ab377488f83007a2a0689d
Reviewed-on: https://chromium-review.googlesource.com/599851
Reviewed-by: Renée Wright <rjwright@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#492235}
Causes problems for Jumbo builds.


Change-Id: If4a37cff9ae787ec0c750b652663fd2d8d6b1a66
Reviewed-on: https://chromium-review.googlesource.com/598090
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Nicholas Verne <nverne@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Commit-Queue: Nicholas Verne <nverne@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491391}
Need to #define EXPECT_RECT_EQ in a header file.
Multiple definitions in various .cpp files causes problems for Jumbo builds.


Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_slimming_paint_v2
Change-Id: I907fc4bbba428de44579c9466a8884270102483b
Reviewed-on: https://chromium-review.googlesource.com/598070
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Chris Harrelson <chrishtr@chromium.org>
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#491389}
Remove rulesets used for style sharing.
After style sharing code is removed, we no longer need the sibling and
uncommon attribute rulesets to reject style sharing. This also means
RuleFeatureSet no longer needs to be traced, so some oilpan cruft could
be removed.

The StyleEngine API UsesSiblingRules() relied on the size of the sibling
ruleset, but it was only used as what looked like an optimization for
:empty selector updates where :empty is found in non-rightmost compound
selectors. However, the presence of :empty itself would add a sibling
selector in the previous code, and :empty in non-rightmost compound not
followed by an adjacent selector would only have de-generate cases like
":empty span" which could never match anything, or ":not(:empty) span"
which would always be true if the whole selector matches. Therefore, it
makes sense to just drop the API/check.

Bug: 721517
Change-Id: I85100850cb8cec56b17947916d7755ebcf3f15ec
Reviewed-on: https://chromium-review.googlesource.com/597689
Reviewed-by: nainar <nainar@chromium.org>
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#491344}
Remove stats for style sharing.
Style sharing code is removed and these stats will always be 0.

Bug: 721517
Change-Id: Iae76778bd564ad22645d3d14709c1d8d13d796c6
Reviewed-on: https://chromium-review.googlesource.com/595744
Reviewed-by: nainar <nainar@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#490984}
Remove ununsed kSharingMode selector matching.
After style sharing code was removed, this mode is no longer in use.

Bug: 721517
Change-Id: Ia0997792f5641b722d86922f40d631613552c137
Reviewed-on: https://chromium-review.googlesource.com/595728
Reviewed-by: nainar <nainar@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#490958}
Retire sigbjornf@ ownerships.

Change-Id: I764c7f96d306867c8fd0e1dda4f498bfc1285f87
Reviewed-on: https://chromium-review.googlesource.com/593310
Reviewed-by: Sigbjørn Finne <sigbjornf@opera.com>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Sigbjørn Finne <sigbjornf@opera.com>
Cr-Commit-Position: refs/heads/master@{#490722}
[LayoutNG] MultiColumnFragmentainerGroup needs to know its height.
Otherwise DCHECKs will fail when attempting certain read operations on the
legacy layout tree.

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: I8f09461bf7404aab1ef9a369380542759bb05a53
Reviewed-on: https://chromium-review.googlesource.com/591567
Reviewed-by: Emil A Eklund <eae@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#490657}
Fix truncation from 'double' to 'float' warning in resource_prefetch_predictor.cc
Change-Id: I56e4ef0806162bb42bfc9edf47e8810499737ad6
Reviewed-on: https://chromium-review.googlesource.com/591367
Reviewed-by: Egor Pasko <pasko@chromium.org>
Commit-Queue: Egor Pasko <pasko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#490382}
[LayoutNG] HandleInflow() return a bool rather than WTF::Optional<>.
This way we won't need previous_inflow_position in Layout() to be optional, and
it makes the code more readable, and possibly more efficient too.

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: Id42f5b950cf2edec646d5bf8b594b8d4b9948449
Reviewed-on: https://chromium-review.googlesource.com/590427
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Cr-Commit-Position: refs/heads/master@{#490364}
InlineBlockBaseline() and friends now return LayoutUnit instead of int.
Add support for floating point baselines.  This patch retains integer
calculations for font ascender/descender, to avoid impacting too many
web pages.  Line painting is rounded to CSS pixels at the paint stage.


Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng;master.tryserver.chromium.linux:linux_layout_tests_slimming_paint_v2
Change-Id: I15850c55d54fbb0c885d4040be3c90ea2a51d7ca
Reviewed-on: https://chromium-review.googlesource.com/543141
Commit-Queue: Karl Anders Øygard <karlo@opera.com>
Reviewed-by: Javier Fernandez (OOO till Aug 4th) <jfernandez@igalia.com>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Cr-Commit-Position: refs/heads/master@{#490327}
Fix crash in spatnav when <area> looses its connected <img>
TEST=See above clusterfuzz bug for repro steps.

Change-Id: I9d2ee28c7dab9e5f9af875e3011b1d0acb13ae29
Reviewed-on: https://chromium-review.googlesource.com/586589
Reviewed-by: Takayoshi Kochi <kochi@chromium.org>
Reviewed-by: Kent Tamura <tkent@chromium.org>
Commit-Queue: Hugo Holgersson <hugoh@opera.com>
Cr-Commit-Position: refs/heads/master@{#490049}
[LayoutNG] Reduce variable span, for increased readability.
Also changed the child loop from "while" to "for".

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: Iabca756c82281525818f1d5f3f31613679bae211
Reviewed-on: https://chromium-review.googlesource.com/584755
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#489991}
Rename duplicate MockWebFrameClient classes.
Caused trouble for Jumbo builds, all of a sudden.


Change-Id: I226e3b78c4abe008765123c21ed72868ea3f9f4b
Reviewed-on: https://chromium-review.googlesource.com/588908
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#489888}
Remove sigbjornf@ from blink_dom watchlist.

Change-Id: Id8d1ff08ae2065243894803ece9e0b5da9b131d7
Reviewed-on: https://chromium-review.googlesource.com/588089
Reviewed-by: Sigbjørn Finne <sigbjornf@opera.com>
Commit-Queue: Sigbjørn Finne <sigbjornf@opera.com>
Cr-Commit-Position: refs/heads/master@{#489876}
Let CalculatePaginationStrutToFitContent() figure out the strut all on its own.
Remove the strut_to_next_page parameter, and let it calculate it on its own.

This is a preparatory patch for supporting repeated table footers. That will
break the "space left" == "pagination strut" invariant. Actually, this wasn't
truly an invariant even prior to this CL, because the next fragmentainer isn't
necessarily tall enough to hold the content (which will result in a pagination
strut larger than the amount of remaining space).

No behavior changes intended.

Change-Id: I4f3499d969d6f128077e281f2dd45826cd6d83fc
Reviewed-on: https://chromium-review.googlesource.com/583619
Commit-Queue: Robert Hogan <robhogan@gmail.com>
Reviewed-by: Robert Hogan <robhogan@gmail.com>
Cr-Commit-Position: refs/heads/master@{#489780}
Change jumbo chunk separation to ignore headers
Since jumbo chunks were divided before headers were filtered out, the
actual chunk sizes were not deterministic and much smaller than expected.

This patch filters headers first, and halves the chunk size to get the same
actual chunks.

Bug: 747368
Change-Id: Ia537af07f7226a87d8de1309bf494914789609e4
Reviewed-on: https://chromium-review.googlesource.com/581289
Reviewed-by: Bruce Dawson <brucedawson@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#489598}
Do not show I-beam when hovering 'user-select: none'
All elements now have 'user-select: auto' as their default
value (not 'user-select: text').

Spec: https://drafts.csswg.org/css-ui-4/#propdef-user-select

This default value has no effect; elements are styled as usual.
This is important because Blink needs a "no change" default
to be able to find cases where 'user-select' should affect
mouse pointer styling.


Above 3 tests failed before this patch.

Change-Id: I1ed0ad69daf6a1a1bd4b21623fcdb145ef596d88
Reviewed-on: https://chromium-review.googlesource.com/570246
Commit-Queue: Hugo Holgersson <hugoh@opera.com>
Reviewed-by: Yoshifumi Inoue <yosin@chromium.org>
Reviewed-by: David Bokan <bokan@chromium.org>
Reviewed-by: nainar <nainar@chromium.org>
Reviewed-by: Yoichi Osato <yoichio@chromium.org>
Cr-Commit-Position: refs/heads/master@{#489363}
Explicit namespace ::testing, to not confuse it with blink::testing
This fixes a merge mistake at

That CL overwrote parts of https://codereview.chromium.org/2970833002 ,
which broke Jumbo compilation.


Change-Id: I486a2c49032ffeef2bd81d5e230a9f9cf81b646f
Reviewed-on: https://chromium-review.googlesource.com/582611
Reviewed-by: Kouhei Ueno <kouhei@chromium.org>
Reviewed-by: Philip Rogers <pdr@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#489050}
Fix parsing of $GTK_MODULES
The AtkUtilAuraLinux::Initialize function checks whether accessibility
should be enabled. To do so, it calls PlatformShouldEnableAccessibility,
which parses the content of the environment variable GTK_MODULES. This
variable contains a list of colon-separated modules; the function parses
it as it were a whitespace-separated list, looking for a module called
`gail:atk-bridge`, while in fact, the module to look for is
`atk-bridge`. On systems having a more complex content for GTK_MODULES
(mine is `gail:atk-bridge:unity-gtk-module`), the parse fails, and the
initialization aborts.

Bug: 747393
Change-Id: I17d82331af1d117d0ed70520b4367c5915037316
Reviewed-on: https://chromium-review.googlesource.com/582807
Reviewed-by: Dominic Mazzoni <dmazzoni@chromium.org>
Commit-Queue: Dominic Mazzoni <dmazzoni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#489022}
Revert "Make border width rounding visible to js via getComputedStyle."
This reverts commit e87da780e04bf05f5ae863d7fda517ee6c03d534.

Reason for revert: This fix is a spec violation, and the previous behavior was more correct. A slightly inaccurate representation (off by less than 0.02px) is better than clamping it to 1px.

Original change's description:
> Make border width rounding visible to js via getComputedStyle.
> CL (https://chromium-review.googlesource.com/c/525536/) moved rounding of border 
> widths to the painting stage, hence rounding is no longer visible in js via 
> getComputedStyle. This cl makes rounding visible again to users via getComputedStyle.
> This cl contains the following changes
> * Implemented a ZoomAdjustedPixelValueWithRounding method.
> - This method is the same as ZoomAdjustedPixelValue except that it
> rounds pixel value to 1 if original value is between 0 and 1.0.
> * Changed ComputedStyle for border-[top|right|bottom|left] to use
> ZoomAdjustedPixelValueWithRounding so that getComputedStyle will
> display rounded pixels for these properties (and also border-width that
> is a shorthand of these 4 longhand properties).
> * Changed a layout test.
> Bug: 737962
> Change-Id: I0656f7ea1212fe32f866d95218995fb3de109e05
> Reviewed-on: https://chromium-review.googlesource.com/560917
> Commit-Queue: Jia Meng <jiameng@chromium.org>
> Reviewed-by: Alan Cutter <alancutter@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#487384}


# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: 737962
Change-Id: I03120da255990456614ffc3e0e3180eaa20a566a
Reviewed-on: https://chromium-review.googlesource.com/582608
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#488947}
Make sure CSSPropertyIdMap knows the CSSPropertyID traits.
CSSPropertyID has some custom traits and without knowing them the
HashTable will not be compiled as intended. This was noticed through
a warning in jumbo builds about the traits being instantiated implicitly
before they were instantiated explicitly (in a specialization).


Bug: 747408
Change-Id: I2dea24bec17c8d071cbe60e443834d440eebfb2a
Reviewed-on: https://chromium-review.googlesource.com/581447
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#488861}
Always relayout when an object gets or loses a PaintLayer.
This rids us of some crufty code, and also fixes bugs. The approach was also
broken for multicol, because we started UpdatePaginationRecursive() in the
middle of the tree without looking for a containing flow thread (pagination
layer). This would result in the new layer erroneously not becoming paginated.

Also had to update a unit test, to satisfy its requirement that the style change
won't trigger layout.


Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_slimming_paint_v2
Change-Id: I50ed61a7174e360259b7b786bab01cf74616fc32
Reviewed-on: https://chromium-review.googlesource.com/542915
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Steve Kobes <skobes@chromium.org>
Cr-Commit-Position: refs/heads/master@{#488768}
Deduplicated 3 JSON string constants, "null", "true" and "false"
Both JSONParser and JSONValues use constants for the strings
"null", "true" and "false". That is probably no problem since the
linker will merge identical strings, but since the constants had
the same names as well they caused collisions in jumbo builds.

This patch makes JSONParser use the JSONValues constants.

Change-Id: I27b01b354aa9cfeab0f8c636f22ecfbc2762a6bc
Reviewed-on: https://chromium-review.googlesource.com/577552
Reviewed-by: Ian Clelland <iclelland@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#488654}
Fix compilation for ATK (accessibility)
A variable wasn't given the right name inside the ATK support when
a patch consolidated 3 AX properties into single restrictions
property for accessibility objects.

R=aleventhal@chromium.org, jochen@chromium.org

Change-Id: I0c82e055e39614110cfc4f7a7299d226bd4e6ad2
Reviewed-on: https://chromium-review.googlesource.com/580927
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#488630}
Renamed CreateDecoder helper functions in Image decoder tests
All image decoder test have a helper function "CreateDecoder" which
conflicts in jumbo builds where the tests are merged. This patch renames
them "CreateBMPDecoder", "CreateJPEGDecoder" and so on.

Bug: 745732
Change-Id: I2cfd108c39ade76a09059d77778557ab44b82752
Reviewed-on: https://chromium-review.googlesource.com/576098
Reviewed-by: Noel Gordon <noel@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#488407}
Support jumbo builds in core unit tests (except editing)
This patch makes the build system for core unit tests support jumbo
builds (unity builds) which saves roughly 60 CPU minutes (5% of the
build time) on my computer. Currently jumbo is by default disabled so
this will have no direct effect unless you have
  use_jumbo_build = true
in your gn settings.

Bug: 713137
Change-Id: I376e62fb66738cba9135d02f8079d983cfe67495
Reviewed-on: https://chromium-review.googlesource.com/575055
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Reviewed-by: Dirk Pranke <dpranke@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#488238}
Make blink/modules support jumbo compilations (-60 CPU minutes)
Compiling browser code in blink/modules currently use
about 80 CPU minutes. That is about 7% of the total compilation time.
If you use jumbo compilation (merge many files into a single
translation unit) that time drops to about a fifth of that.

There are also unit_tests in modules that will be jumbofied in
a different patch.

Bug: 713137
Change-Id: I9155d2af0c9dce6b3178f77b9366062eb45d4560
Reviewed-on: https://chromium-review.googlesource.com/568302
Reviewed-by: Dirk Pranke <dpranke@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#488179}
Include less from platform/graphics/Image.h
Change-Id: I00ae6625688bb740ecf0235c98e25f41296b359f
Reviewed-on: https://chromium-review.googlesource.com/553298
Reviewed-by: Philip Rogers <pdr@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#487925}
Avoid using the name Function since it collides with WTF::Function
If a class named Function is created and the header
platform/wtf/Functional.h included, any attempt at using WTF::Function
will fail with a lot of strange template instantiation errors.

This can happen unexpectedly in jumbo builds so to avoid that error
this patch renames a testing class that used to be 
named Function, ReaderFunction.


Bug: 746343
Change-Id: I498ecf4f8cb293de634c40060a2df34c78a23e09
Reviewed-on: https://chromium-review.googlesource.com/574864
Commit-Queue: Daniel Bratell <bratell@opera.com>
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Cr-Commit-Position: refs/heads/master@{#487870}
Make multiple jumbo_* templates instead of just jumbo_target
Initially there was just one template, jumbo_target, but that
caused problems with default configurations and also made every
patch one line more verbose than necessary. Better to have multiple
templates and make the usage just a little bit simple.

Bug: 713137
Change-Id: I7e2b1f0c5216b4465bae331763d6aa5a08e1c996
Reviewed-on: https://chromium-review.googlesource.com/575058
Commit-Queue: Daniel Bratell <bratell@opera.com>
Reviewed-by: Dirk Pranke <dpranke@chromium.org>
Cr-Commit-Position: refs/heads/master@{#487823}
Deduplicate CreateIDBValue() used in indexeddb unit_tests
IDBRequestTest and IDBTransactionTest both had an identical helper
function CreateIDBValue. In jumbo builds those identical functions
collided so this patch moves the code to a shared helper file.

Bug: 745732

Change-Id: I36c658509c76deca4e03590858140e02a07f38d3
Reviewed-on: https://chromium-review.googlesource.com/575145
Commit-Queue: Daniel Bratell <bratell@opera.com>
Reviewed-by: Joshua Bell <jsbell@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Cr-Commit-Position: refs/heads/master@{#487547}
Avoid "using namespace blink" in global scope
With jumbo (unity builds, merged translation units) a "using blink"
statement intended for just the local translation unit will affect
many other translation units which causes various issues.

There is also (with jumbo) a warning about such usage that will prevent
things from compiling.

Without this patch this file will have to be manually excluded from
jumbo builds and I am trying to avoid such exclusion lists for
performance and maintenance.

Review-Url: https://codereview.chromium.org/2965323002
Cr-Commit-Position: refs/heads/master@{#487501}
Made test class names unique in media_controls unit tests
MediaControlsImplTest and MediaControlsOrientationLockDelegate use the
same class names for Mock classes. Such as MockChromeClient and
StubLocalFrameClient. That is normally no big deal but in jumbo builds
they can be compiled in the same translation unit and then the classes
will collide. This patch gives the class names unique suffixes so that
media_controls tests don't have to be excluded from jumbo.

Bug: 745732

Change-Id: I6c3a4d5d92ae690ece53aa093ffb4039eb79137e
Reviewed-on: https://chromium-review.googlesource.com/575140
Commit-Queue: Daniel Bratell <bratell@opera.com>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Cr-Commit-Position: refs/heads/master@{#487485}
Renamed MockEventListener in presentation and remoteplayback unit tests
Both PresentationReceiverTest and RemotePlaybackTest use a local test
class named MockEventListener. That is normally no big deal
but in jumbo builds they can be compiled in the same translation unit
and then the classes will collide. This patch gives the classes
unique prefixes so that no tests have to be excluded from jumbo.

Bug: 745732

Change-Id: Ic9a5e4e896b226d5ef7f99f2549cd3d4bb66fc42
Reviewed-on: https://chromium-review.googlesource.com/575141
Commit-Queue: Daniel Bratell <bratell@opera.com>
Reviewed-by: Mounir Lamouri <mlamouri@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Cr-Commit-Position: refs/heads/master@{#487479}
Renamed MockWebAudioDevice in webaudio unit tests
Both AudioContextTest and BaseAudioContextTest use a local test
class named MockWebAudioDevice. That is normally no big deal
but in jumbo builds they can be compiled in the same translation unit
and then the classes will collide. This patch gives the classes
unique prefixes so that no tests have to be excluded from jumbo.

Bug: 745732

Change-Id: Ie736a0541082c56af745d51061897a081d2d1da5
Reviewed-on: https://chromium-review.googlesource.com/575142
Commit-Queue: Daniel Bratell <bratell@opera.com>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Cr-Commit-Position: refs/heads/master@{#487475}
Made constant names unique in notification unit tests
NotificationDataTest, NotificationImageLoaderTest and
NotificationResourceLoaderTest all use constants, such as kBaseDir,
with the same name. That is normally no big deal but in jumbo builds they
can be compiled in the same translation unit and then the constants
will collide. This patch gives the constants unique prefixes so that
the tests don't have to be excluded from jumbo.

Change-Id: Ib01d88e75cdc876a58c52a6ee3b49a942ccb19ab
Reviewed-on: https://chromium-review.googlesource.com/576088
Reviewed-by: Peter Beverloo <peter@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#487458}
Renaming unit_test class MockHTMLResourcePreloader to not collide.
CSSPreloadScannerTest and HTMLPreloadScannerTest
both use a local MockHTMLResourcePreloader class for
testing. That is normally no big deal but in jumbo builds they
can be compiled in the same translation unit and then the classes
will collide. This patch gives the classes unique prefixes.


Change-Id: I29cd360e919c6b708a6021b6930b3347e5ae8194
Reviewed-on: https://chromium-review.googlesource.com/574707
Commit-Queue: Daniel Bratell <bratell@opera.com>
Reviewed-by: Charlie Harrison <csharrison@chromium.org>
Cr-Commit-Position: refs/heads/master@{#487242}
Renaming unit_test class MockLocalFrameClient to not collide.
Both FrameFetchContextTest and MixedContentCheckerTest deckare a class
named MockLocalFrameClient. That is normally no big deal
but in jumbo builds they can be compiled in the same translation unit
and then the functions will collide. This patch adds a prefix to
the class names to make them more unique.


Change-Id: I215f7edafa2fa0b229dc5847a1e158df825e8c27
Reviewed-on: https://chromium-review.googlesource.com/574708
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#487140}
Renaming unit_test class StubLocalFrameClient to not collide.
ElementVisibilityObserverTest, HTMLMediaElementEventListenersTest and
VideoPainterTest all use a local StubLocalFrameClient class for
testing. That is normally no big deal but in jumbo builds they
can be compiled in the same translation unit and then the classes
will collide. This patch gives the classes unique prefixes.


Change-Id: I47c7088486456e22ca776419a836f4e5d18be39c
Reviewed-on: https://chromium-review.googlesource.com/574605
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#487122}
Include less from Color.h
Moved the rarely used Blend() overload to a new file ColorBlend.h,
since it requires heavy stuff to be included.

This change caused Image.h to lose its inclusion of FloatSize.h. Removed the
default value from a FloatSize parameter.

Change-Id: I9b32e425c86b237b4c3a69ec53e601faa713f56f
Reviewed-on: https://chromium-review.googlesource.com/553139
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Philip Rogers <pdr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#487119}
Use more unique names for blink core TestCase classes
It is fairly common to have a help struct with test data and a fair
portion of the code call that struct TestCase and put it in a fairly
global namespace. In jumbo builds those structs will collide so this
patch renames them to more specific names such as
MediaQuerySetTestCase or SizesCalcTestCase.


Change-Id: Ic02ef5062782a0ec3862ad3bffdc462574ca8a61
Reviewed-on: https://chromium-review.googlesource.com/574600
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#487114}
Renaming unit_test class MockValidationTestClient to not collide.
Both DocumentTest and HTMLFormControlTest uses a local
MockValidationTestClient class for testing. That is normally no big deal
but in jumbo builds they can be compiled in the same translation unit
and then they will collide. This patch gives the classes unique


Change-Id: If1f2d22fca4c5f7b3ad662f6ae746cef4baf48c3
Reviewed-on: https://chromium-review.googlesource.com/574174
Commit-Queue: Daniel Bratell <bratell@opera.com>
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Cr-Commit-Position: refs/heads/master@{#487091}
Renaming unit_test class MockChromeClient to not collide.
LocalFrameViewTest, HTMLVideoElementPersistentTest and
PaintLayerScrollableTests all use a local MockChromeClient class for
testing. That is normally no big deal but in jumbo builds they
can be compiled in the same translation unit and then the classes
will collide. This patch gives the classes unique prefixes.


Change-Id: Ibd6c9d17e1e8dfbe42cbb254344e52a81ce48788
Reviewed-on: https://chromium-review.googlesource.com/574176
Commit-Queue: Daniel Bratell <bratell@opera.com>
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Cr-Commit-Position: refs/heads/master@{#487090}
Avoid using "using" in global scope
"using namespace" in global scope introduces a lot of symbols into the
current scope and does not work well with jumbo. In case of WTF you
can also equally well just write a WTF:: prefix.

Change-Id: Id615f60151e0bc46cfe2a5e9a6a9313c412f1344
Reviewed-on: https://chromium-review.googlesource.com/570446
Commit-Queue: Daniel Bratell <bratell@opera.com>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Cr-Commit-Position: refs/heads/master@{#487076}
Renaming unit_test function ConstructConstraintSpace to not collide
ng_block_layout_algorithm_test and ng_constraint_space both use a local
function ConstructConstraintSpace for testing. That is normally
no big deal but in jumbo builds they can be compiled in
the same translation unit and then the functions will collide.
This patch gives the functions unique names.


Change-Id: I3941094aad201b7ec6796d63664da8cfba8056c3
Reviewed-on: https://chromium-review.googlesource.com/574237
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#487072}
Move unit_test *_EQ macros to a shared file instead of repeating them
There are several classes in frame which have use of for instance
EXPECT_POINT_EQ and EXPECT_SIZE_EQ. The problem (beyond duplicating
code) is that in jumbo builds those defines collide.

This patch moves the shared macros to core/frame/FrameTestHelpers.h.

There are also equally named macros in cc/test/geometry_test_utils.h
but those work on gfx::Rect/gfx::RectF which is not quite API 
compatible (different character case).


Change-Id: I60cb7eff533e4dccc796937a027ec090071cd5c2
Reviewed-on: https://chromium-review.googlesource.com/574179
Commit-Queue: Daniel Bratell <bratell@opera.com>
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Cr-Commit-Position: refs/heads/master@{#487071}
Be more specific about namespace for _ in unit tests
There is a gtest namespace ::testing and a helper namespace in blink
called ::blink::testing. If both are visible to the compiler,
::blink::testing will be used first and classes in ::testing will not
be found. This happens in jumbo builds so we better be more specific.


Change-Id: I4da27383432226191b0fcb72f3c54784698f0262
Reviewed-on: https://chromium-review.googlesource.com/574488
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#487070}
Add support for jumbo_component.
Normal jumbo_target has the wrong default configs for components so this
adds a new jumbo_component that has the right default configs.

Bug: 713137
Change-Id: I32fd2d015162d85b7ff07d5515489b9e33cfb987
Reviewed-on: https://chromium-review.googlesource.com/571790
Reviewed-by: Dirk Pranke <dpranke@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#487068}
Deduplicate helper class SampleInterpolation in unit tests
Both InterpolableValueTest and InterpolationEffectTest use an
identical class for value testing. These classes collided in jumbo
builds where they were compiled in the same translation unit.

This patch moves the class to AnimationTestHelper.h and changes its
name to be more descriptive now when it isn't as close to where it
is used anymore.

Also changing the name of the kDuration constant that interfered
with blink::kDuration.


Change-Id: Ic90cec2972f5464d7932b2ba91994273968e87c4
Reviewed-on: https://chromium-review.googlesource.com/574489
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#487067}
Renaming unit_test classes Mock* to not collide
IdleDeadlineTest and ScriptedIdleTaskControllerTest both use similarly
names mock classes, MockScheduler, MockThread and MockPlatform which
collide in jumbo builds where they are merged into the
same translation unit.

This patch gives the classes unique names.


Change-Id: I305cb3fbdfbd3b3b6fc7c18e8c3ceccf89da863e
Reviewed-on: https://chromium-review.googlesource.com/574487
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#487066}
Renaming unit_test class MockCanvas to not collide.
PageOverlayTest and PrintContextTest both use a local mock
test class named MockCanvas for testing. That is normally
no big deal but in jumbo builds they can be compiled
in the same translation unit and then the classes
will collide. This patch gives the classes unique names.


Change-Id: Icfcb2b4b553e50e08cb6ac56712e4e9aa5f2b69e
Reviewed-on: https://chromium-review.googlesource.com/574349
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#487065}
Avoiding redefining LineBreakType in unit_tests.
There is blink enum class LineBreakType used to correctly layout text.
That makes it unsuitable to use the same name in a unit_test since they
may collide, and actually will collide in jumbo builds.

This patch changes LineBreakType to NewlineType


Change-Id: I3c5ae6ea5b6e199990c8b51c3a55eb1d17a8f19e
Reviewed-on: https://chromium-review.googlesource.com/574238
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#487064}
Renaming unit_test functions Ident and Dimension to not collide.
CSSTokenizerTest already uses functions named Ident and Dimension so to
avoid special casing in jumbo builds where the tests are compiled
together, rename them here.


Change-Id: I6b600c269463d897b6d56287e450e37d027b2911
Reviewed-on: https://chromium-review.googlesource.com/574173
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#487058}
Renaming unit_test class TestParam to not collide.
HTMLMediaElementTest and MediaCustomControlsFullscreenDetectorTest
both use a local TestParam struct/enum for testing.
That is normally no big deal but in jumbo builds they
can be compiled in the same translation unit and then the classes
will collide. This patch gives the classes unique prefixes.


Change-Id: I17a4d3a25e38bc0789071fcec31b066a385d34a0
Reviewed-on: https://chromium-review.googlesource.com/574178
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#487057}
Renaming unit_test function RegisterMockedURLLoad to not collide.
There is a shared RegisterMockedURLLoad in URLTestHelpers and a couple of
local ones imported with "using" or locally declared. That is
normally no big deal but in jumbo builds they
can be compiled in the same translation unit and then the functions
will collide. This patch removes a "using" and renames a function
to make the names more unique.


Change-Id: I6866f13bd1903e42269b7286645a9f07396b68a8
Reviewed-on: https://chromium-review.googlesource.com/574180
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#487056}
Renaming unit_test class PreconnectTestCase to not collide.
HTMLResourcePreloaderTest and HTMLPreloadScannerTest
both use a local PreconnectTestCase struct for
testing. That is normally no big deal but in jumbo builds they
can be compiled in the same translation unit and then the classes
will collide. This patch gives the classes unique prefixes.


Change-Id: I99f315843fd6908ba94595e852e6c1fac6acdedb
Reviewed-on: https://chromium-review.googlesource.com/574177
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Reviewed-by: Yoav Weiss <yoav@yoav.ws>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#487053}
Avoid using the function name Function in unit_tests.
There is a ::Function template in wtf/Functional.h and if someone else
defines a function with the same name that template will be harder to
use. This is more of a problem in jumbo builds where more code is
visible so that both the definitions becomes visible at the same time.


Change-Id: I0be2f2e2441f3e5db0049f65e1b4c0be8997d586
Reviewed-on: https://chromium-review.googlesource.com/574028
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#487050}
Be more specific about namespace for Message in unit tests
There is a gtest namespace ::testing and a helper namespace in blink
called ::blink::testing. If both are visible to the compiler,
::blink::testing will be used first and classes in ::testing will not
be found. This happens in jumbo builds so we better be more specific.


Change-Id: I912ed721a0ccae7b8e8b622020f87f15204362cf
Reviewed-on: https://chromium-review.googlesource.com/574027
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#487049}
don't forget to actually return the number of specified test jobs
TEST=Running browser_tests with the flags below, should print "Using 1 parallel jobs."
--run-manual --ui-test-action-max-timeout=350000 --test-launcher-jobs=1 --test-launcher-bot-mode --test-launcher-print-test-stdio=always

Change-Id: I33f2b4fc54b43ebec8a27c532da17146b42c07cd
Reviewed-on: https://chromium-review.googlesource.com/573380
Reviewed-by: Mostyn Bramley-Moore <mostynb@opera.com>
Commit-Queue: Mostyn Bramley-Moore <mostynb@opera.com>
Cr-Commit-Position: refs/heads/master@{#487014}
Use more unique names in fonts testcases
Many fonts tests use local helper classes TestRun, ExpectedRun and
helper macros DECLARE_RUNSVECTOR and CHECK_RUNS. With jumbo builds
those names start colliding so this patch gives the classes and
macros a prefix related to the actual test.

Change-Id: I494cfc182070ae37a87b68f08303fc8cc3ef9cfe
Reviewed-on: https://chromium-review.googlesource.com/570424
Commit-Queue: Emil A Eklund <eae@chromium.org>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Cr-Commit-Position: refs/heads/master@{#486866}
Explicit template forward declaration for platform/fonts
Doing an implicit template instantiation before doing an explicit
template instantiation in the same translation unit is a C++
violation. That happens if you jumbo compile blink platform but is
easy to avoid with a forward declaration such as the one this patch

Change-Id: I7b22e28b2bf8f2583598e97db69d68fa1613550e
Reviewed-on: https://chromium-review.googlesource.com/570444
Commit-Queue: Emil A Eklund <eae@chromium.org>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Cr-Commit-Position: refs/heads/master@{#486858}
Unduplicate SkiaScalarToHarfBuzzPosition
There were two implementation of SkiaScalarToHarfBuzzPosition and
in jumbo builds they collided. This patch merges them.

Change-Id: Ibea7aeffbfdf77eb3fd088949f912eb41e56c462
Reviewed-on: https://chromium-review.googlesource.com/570428
Commit-Queue: Emil A Eklund <eae@chromium.org>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Cr-Commit-Position: refs/heads/master@{#486856}
blink/platform: Be explicit about namespace testing to not mix it with blink::testing
There are two namespaces named testing used in Blink unit tests, one
from gtest and one internal helper namespace. If both are visible then
the gtest testing namespace won't be used unless prepended with ::, as
is already done in large parts of the code.


Change-Id: I48f6a3145886253576a53d1ad9c08307ceca0d52
Reviewed-on: https://chromium-review.googlesource.com/567143
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Daniel Bratell <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#486839}
Remove some jumbo exclusions no longer needed
The files listed in core_generated jumbo exclusions have since been
fixed so the exclusions are no longer necessary.


Bug: 713137
Change-Id: Ib9a9216147e9df7d8b196de761556d3f23997448
Reviewed-on: https://chromium-review.googlesource.com/571222
Commit-Queue: Daniel Bratell <bratell@opera.com>
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Cr-Commit-Position: refs/heads/master@{#486804}
Merge the two identical To16Bit functions in font tests
There are two very small, identical, To16Bit functions in
font shaping tests. Since they caused collisions in jumbo builds and
I didn't want to exclude the files from jumbo files I've merged them
into a utilities file.

Change-Id: I0c7e7d4ee708431a6401de7a01790f78c4e75e08
Reviewed-on: https://chromium-review.googlesource.com/570426
Commit-Queue: Emil A Eklund <eae@chromium.org>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Cr-Commit-Position: refs/heads/master@{#486794}
--gtest_filter should only change NumParallelJobs' default value

Change-Id: Ib95bd85e2f1ad14e27ba8fa76f8b52f8e137e830
Reviewed-on: https://chromium-review.googlesource.com/569159
Reviewed-by: Paweł Hajdan Jr. <phajdan.jr@chromium.org>
Commit-Queue: Mostyn Bramley-Moore <mostynb@opera.com>
Cr-Commit-Position: refs/heads/master@{#486773}
Clean out some "using namespace WTF".
Some global "using namspace WTF" caused problems with jumbo builds
and since WTF is also meant to be used without using namespace WTF
this patch just replaces them with explicit namespaces.

Change-Id: Ifc06e163c095de0e2ce5a8c69123578557ef0dee
Reviewed-on: https://chromium-review.googlesource.com/565413
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Commit-Queue: bratell at Opera <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#486735}
Fix error in error message concatenation in jumbo script.
Best to not try to add a string to a set without converting the set to
a string first.


Bug: 713137
Change-Id: Id4c632b1f944fcafdd046983b1ddd4678c44928f
Reviewed-on: https://chromium-review.googlesource.com/564939
Reviewed-by: Bruce Dawson <brucedawson@chromium.org>
Commit-Queue: bratell at Opera <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#486706}
Rename 5*ExtraDataContainer to SomethingExtraDataContainer
There are five different classes in
third_party/WebKit/Source/platform/exported named ExtraDataContainer.
They are only used as local internal classes so they don't normally
collide in the compiler, but they do so in jumbo builds.

This patch renames them so that the names are more unique.

Bug: 742337
Change-Id: Iad42e0d29f600fabd6ea9081687a7107d3043282
Reviewed-on: https://chromium-review.googlesource.com/570052
Reviewed-by: Philip Rogers <pdr@chromium.org>
Commit-Queue: bratell at Opera <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#486481}
Rename the two different TestClient classes in fetch unit tests
In jumbo the two different TestClient classes clashed so this patch
renames them to not collide so that these files can be included in
jumbo compilations.


Change-Id: Ieea187ba6928df04df0059ad357730d7a82022bc
Reviewed-on: https://chromium-review.googlesource.com/570040
Commit-Queue: bratell at Opera <bratell@opera.com>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Reviewed-by: Takeshi Yoshino <tyoshino@chromium.org>
Cr-Commit-Position: refs/heads/master@{#486367}
Let there be only one global class Result in fetch unit tests
Both BytesConsumer::Result and WebDataConsumerHandle::Result are
imported into global/blink namespace in fetch unit tests. That causes
collisions in jumbo builds so this removes the
WebDataConsumerHandle::Result in that namespace.


Change-Id: I52f860aa4ccd59b4be944f950c25797022582b68
Reviewed-on: https://chromium-review.googlesource.com/570042
Reviewed-by: Takeshi Yoshino <tyoshino@chromium.org>
Commit-Queue: bratell at Opera <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#486346}
Reduce the number of MockClient classes in fetch unit tests
Jumbo builds had the three different MockClient classes colliding. This
patch renames two of them so that they will not collide.


Change-Id: Ib646bdb3ed4e08cbf28b736a67d4fcb3646ede00
Reviewed-on: https://chromium-review.googlesource.com/570043
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Reviewed-by: Takeshi Yoshino <tyoshino@chromium.org>
Commit-Queue: bratell at Opera <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#486344}
Merge three identical ToString implementations in fetch unit tests
In jumbo builds the ToString implementations collided and since they
are identical anyway, this patch just merges them to one implementation.


Change-Id: I379a6e7bf759e12ae6f37347e8e2e80154a1079b
Reviewed-on: https://chromium-review.googlesource.com/570039
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Reviewed-by: Takeshi Yoshino <tyoshino@chromium.org>
Commit-Queue: bratell at Opera <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#486343}
Make the fetch unit test Command class not collide.
In jumbo builds the two Command classes in fetch unit_tests would collide
since they are both imported into the same global/blink scope with
"using" statements. This patch changed the "using" statements to give
the classes different names.


Bug: 742239
Change-Id: I37a783755049ff36ebd63f6b432a0e07bce4a4db
Reviewed-on: https://chromium-review.googlesource.com/570018
Commit-Queue: bratell at Opera <bratell@opera.com>
Reviewed-by: Takeshi Yoshino <tyoshino@chromium.org>
Cr-Commit-Position: refs/heads/master@{#486342}
Deflake two tests in svg/animations/mozilla/
Pause the timeline after adjusting the current time, similarly to how
it's done in other tests in this directory and in other places. This
avoids flakiness due to the timing of the first frame differing from
that of the 'load' event.


Change-Id: Id9753fc1d5b53a389a59f9b8f36a8965fb9597d0
Reviewed-on: https://chromium-review.googlesource.com/569619
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: Fredrik Söderquist <fs@opera.com>
Cr-Commit-Position: refs/heads/master@{#486323}
Show pointer (not I-beam) when mouse drags in the air
A bug surfaced when Blink started to allow hidden selections.
The condition "show I-beam if we have a non-empty selection"
became too generous.

We should show an I-beam when:
- Node is editable
- Node is selectable
- A link's text is being selected

Besides fixing the condition I moved its block into
ShouldShowIBeamForNode() to try to gather stray I-beam
logic into one place.



Change-Id: I5366462c713155754de39b0c5d11fa33656eb6e3
Reviewed-on: https://chromium-review.googlesource.com/566798
Reviewed-by: Yoshifumi Inoue <yosin@chromium.org>
Reviewed-by: David Bokan <bokan@chromium.org>
Commit-Queue: Hugo Holgersson <hugoh@opera.com>
Cr-Commit-Position: refs/heads/master@{#486308}
Remove kInitialFrameDelay from SMILTimeContainer::Start
This is an old hack to preserve behavior of certain tests. These tests
have since been fixed to not rely on this. Get rid of it and just call
UpdateAnimationsAndScheduleFrameIfNeeded(...) instead to schedule the
first frame just like any other.


Change-Id: I1ff2673a8d4b71ea237a2902f10599e08bcfb7d6
Reviewed-on: https://chromium-review.googlesource.com/564608
Reviewed-by: Philip Rogers <pdr@chromium.org>
Commit-Queue: Fredrik Söderquist <fs@opera.com>
Cr-Commit-Position: refs/heads/master@{#486115}
Drop inspector jumbo excludes as they are not needed
Some files excluded from jumbo compilation seems to compile just
fine in jumbo so this patch removes their special treatment.

Review-Url: https://codereview.chromium.org/2971153002
Cr-Commit-Position: refs/heads/master@{#486000}
Avoid duplicate functions: one AddStringToDigestor is enough
There are two implementation of AddStringToDigestor. Beyond being
one more than needed, they also conflict in jumbo builds.

This patch merges the two AddStringToDigestor and removes the
conflicting files from the jumbo exclusion list.

Review-Url: https://codereview.chromium.org/2800133003
Cr-Commit-Position: refs/heads/master@{#485992}
Rename a constant in editing unit tests to make it more unique.
kDescription is the name of two constants in editing unit_tests and
in jumbo builds those collides. This renames one of them
kTestDescription to make both constants have unique names.


Change-Id: I7fcb2fde1a6841ef92fe7d55a7b363da7c2c7fa0
Reviewed-on: https://chromium-review.googlesource.com/568146
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: bratell at Opera <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#485970}
Avoid naming conflict for Cache and Response in cachestorage
There are multiple Cache types and Response types so when importing
one of them into the global namespace you can easily get naming conflicts, especially with jumbo. This renames Cache and Protocol
locally to avoid such naming conflicts.

Review-Url: https://codereview.chromium.org/2968183002
Cr-Commit-Position: refs/heads/master@{#485939}
Also check jumbo_excluded_sources when jumbo is disabled
Since jumbo is still disabled by default and there is no active
bot that checks things, it is best to check that jumbo_excluded_sources
are correct also when jumbo is disabled.

Bug: 713137
Change-Id: I85bb92f283be240a704ce3ec0d5765933ba52016
Reviewed-on: https://chromium-review.googlesource.com/563683
Commit-Queue: bratell at Opera <bratell@opera.com>
Reviewed-by: Dirk Pranke <dpranke@chromium.org>
Cr-Commit-Position: refs/heads/master@{#485913}
Rename ToElement<>(ListedElement) to ToHTMLObjectElementFromListedElement
Having two sets of templates named ToElement caused compilation failures
when both templates were visible to the compiler at the same time.
Since one of the templates doesn't benefit from being a template
this patch renames it and makes it an ordinary function.

R=fs@opera.com, tkent@chromium.org

Bug: 738389
Change-Id: Ia6247ad0f794cc4094f3f73cd7492ad5d94407c2
Reviewed-on: https://chromium-review.googlesource.com/567141
Reviewed-by: Kent Tamura <tkent@chromium.org>
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: bratell at Opera <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#485904}
Avoid race at shutdown between browser process' IO thread and GPU thread
- When the GPU thread is *in-process* it runs inside the browser process.
- GpuChildThread is a ChildThreadImpl and a IPC::Listener.
- When GpuChildThread sees an error (or shutdown) of its IPC channel,
  it quits its message loop (= stops the thread).

The browser process' IOThread calls InProcessGpuThread::StopSoon()
while the in-process GPU thread destructs itself.

When InProcessGpuThread::StopSoon asks for task_runner() the in-process
GPU thread has - sometimes - already destructed itself and its
MessageQueue. The IOThread then sees task_runner() == null and crashes:

[FATAL:ref_counted.h(484)] Assert failed: ptr_ != nullptr.
0 base::debug::StackTrace::StackTrace()
1 base::debug::StackTrace::StackTrace()
2 logging::LogMessage::~LogMessage()
3 base::Thread::StopSoon()
4 base::Thread::Stop()
5 content::InProcessGpuThread::~InProcessGpuThread()
6 content::InProcessGpuThread::~InProcessGpuThread()
7 content::GpuProcessHost::~GpuProcessHost()
8 content::GpuProcessHost::~GpuProcessHost()
9 content::BrowserChildProcessHostImpl::TerminateAll()
10 content::BrowserProcessSubThread::IOThreadPreCleanUp()
11 content::BrowserProcessSubThread::CleanUp()
12 base::Thread::ThreadMain()
13 base::(anonymous namespace)::ThreadFunc()

If a thread runs in the browser process, only Thread::Stop should
stop its message loop. Otherwise, QuitWhenIdle could race Thread::Stop.


Review-Url: https://codereview.chromium.org/2973723003
Cr-Commit-Position: refs/heads/master@{#485895}
Avoid "using namespaces" when they might introduce colliding symbols.
SVGNames and HTMLNames share some symbols, like hrefAttr. When some
of the tests are compiled together in jumbo, having both
using namespace SVGNames and using namespace HTMLNames caused compilation


Change-Id: Id943efc79ac54a5b69b6095f622746f4e0fb0532
Reviewed-on: https://chromium-review.googlesource.com/567140
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: bratell at Opera <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#485652}
Use ::testing in tests to not mix with blink::testing
There are two namespaces testing, one in ::testing and one in
::blink::testing. If you are inside ::blink and the code knows about
both of them, it will use ::blink::testing first.

This causes issues with jumbo builds where more code is visible.


Change-Id: Ia879a40b1626ac6929fc74a0f31509614e6b7051
Reviewed-on: https://chromium-review.googlesource.com/567142
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: bratell at Opera <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#485650}
Rename one of two EXPECT_RECT_EQ.
Use the name EXPECT_RECT_APPROX_EQ for comparison of approximately
equal rects so that it doesn't collide with the other EXPECT_RECT_EQ
in jumbo builds.


Change-Id: I16815d32b06915db00f6a945883c7628cf343990
Reviewed-on: https://chromium-review.googlesource.com/567088
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: bratell at Opera <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#485648}
Make svg/W3C-SVG-1.1 animation tests "static"
These tests are animated, but has from a testing standpoint never gone
beyond sampling the frame at t=0. This is however partly by "accident"
because t=0 is just after 'load', while the frame dumped will have a
value of 't' greater than 0. To ensure t=0 is sampled, pause the

This commit was generated by a script (explaining the imperfect


Change-Id: I60bdd2d0fa30b09318b18d2eda39583821107199
Reviewed-on: https://chromium-review.googlesource.com/565723
Reviewed-by: Stephen Chenney <schenney@chromium.org>
Commit-Queue: Fredrik Söderquist <fs@opera.com>
Cr-Commit-Position: refs/heads/master@{#485618}
Change code to make jumbo exceptions unnecessary in core/html
In jumbo several compilation units are merged so you have to
have more unique names in each one, and don't #undef macros
needed by other compilation units.


Review-Url: https://codereview.chromium.org/2971683003
Cr-Commit-Position: refs/heads/master@{#485585}
Use the same sqlite header configuration in all of webdatabase
Some of third_party/WebKit/Source/webdatabase uses sqlite withq
internals exposed and some uses it with internals not exposed. That
mismatch causes issues in jumbo builds since it compiles several files
together and need headers to say the same thing.

This changes webdatabase so that it all compile with the


Bug: 740542
Change-Id: I0b5c66fde7d191afd7a7143ef32c9c6f1b21b9e2
Reviewed-on: https://chromium-review.googlesource.com/565502
Reviewed-by: Michael Nordman <michaeln@chromium.org>
Commit-Queue: bratell at Opera <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#485558}
Add missing includes to media_router_file_dialog.cc
Both Profile and Browser are used in code.


Review-Url: https://codereview.chromium.org/2966033002
Cr-Commit-Position: refs/heads/master@{#485557}
Only compile the PNG encoder once.
The PNG fuzzer included all of PNGImageDecoder.cpp and effectively
compiled it a second time. Since the fuzzer already depends on the
png encoder it will just be linked together anyway.

This double compilation caused jumbo errors because symbols appeared

Change-Id: I0ef1502ba90247e34c33055056bdeb808e0dbb89
Reviewed-on: https://chromium-review.googlesource.com/565411
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: bratell at Opera <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#485555}
Merge Android manifests when assembling apk
Merge all resource dependency manifests using the manifest merger from the
Android SDK, providing the functionality described in

Removing the nontrivial manifest guard in the android_aar_prebuilt() template
will be done in a follow-up change, as well as removing pre-merged manifest
tags, such as "com.google.android.gms.version" meta-data.

Bug: 643967
Change-Id: Ifdf9f3f76f5c80f1a2326dcd47045d032556936f
Reviewed-on: https://chromium-review.googlesource.com/558296
Reviewed-by: Bo Liu <boliu@chromium.org>
Reviewed-by: Andrew Grieve <agrieve@chromium.org>
Commit-Queue: Ingemar Ådahl <ingemara@opera.com>
Cr-Commit-Position: refs/heads/master@{#485303}
Avoid global using namespace statements in modules/sensor
global using namespace statements cause issues with jumbo builds so this
patch moves and removes two such occurances in modules/sensor.

An alternative is to import explicit symbols rather than the full


Change-Id: Iafc85a856b02b381dae6244b2fc3acedc37e30db
Reviewed-on: https://chromium-review.googlesource.com/565296
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: bratell at Opera <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#485277}
Renamed a local class Function in a test to not collide with WTF.
There is a Function<> template in WTF/Functional.h which is shadowed
or collides with any local definitions of Function. This is not always
a problem, but it caused problems in Jumbo builds so let us rename
it to something harmless.

Change-Id: Ib594b2673a1dce6b4647445d3377b1e1099849da
Reviewed-on: https://chromium-review.googlesource.com/563667
Commit-Queue: bratell at Opera <bratell@opera.com>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Cr-Commit-Position: refs/heads/master@{#485273}
Add include guards to some generated files in core/css.
A couple of files in core/css were missing include guards which broke
jumbo builds.


Change-Id: I1d50e8b62f4926c054d51b48ab4f4edf5df5b76d
Reviewed-on: https://chromium-review.googlesource.com/565291
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: bratell at Opera <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#485272}
Jumbo for blink/core generated files as well (saving 8 CPU minutes)
The target that compiles generated files does not use the same
template as other code in blink core so it didn't automatically become
jumbo enabled. Since it's a non-negliable part of the build time (~1%)
this patch enables jumbo for this target as well.


Review-Url: https://codereview.chromium.org/2973603003
Cr-Commit-Position: refs/heads/master@{#485267}
Add jumbo support for Blink/core generated files
Core generated files does not use the same template as most blink core
code so it needs to be explicitly turned on (note jumbo is still by
default disabled so normal builds are not yet affected).

This saves about 8 CPU minutes for me.

Bug: 713137
Change-Id: I73ad558021b245c8742672cd3903e27dfdf48ab5
Reviewed-on: https://chromium-review.googlesource.com/563682
Reviewed-by: Philip Rogers <pdr@chromium.org>
Commit-Queue: bratell at Opera <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#485232}
Deduplicate CopyBytes in modules/crypto
The two identical functions CopyBytes collided in a jumbo build so
this is primarily to avoid having to exclude one of the files from the
jumbo building.


Review-Url: https://codereview.chromium.org/2972023002
Cr-Commit-Position: refs/heads/master@{#485231}
Mojo: Be more explicit with namespace 'testing'
There are two namespaces named testing used in Blink unit tests, one
from gtest and one internal helper namespace. If both are visible then
the gtest testing namespace won't be used unless prepended with ::, as
is already done in large parts of the code.

This is more important for jumbo builds where the visibility of code


Change-Id: Iaed685c8750fbffbaac384aabc4e2a8f54bcf5c0
Reviewed-on: https://chromium-review.googlesource.com/563619
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Commit-Queue: bratell at Opera <bratell@opera.com>
Cr-Commit-Position: refs/heads/master@{#485226}
Some documentation for the jumbo feature.

Review-Url: https://codereview.chromium.org/2968963002
Cr-Commit-Position: refs/heads/master@{#485222}
Adjust svg/animations/animate-linear-discrete-additive*.svg
In these tests we want to sample animation values at a certain point in
time. We are however sampling the animations at the next frame that is
painted - at which point the timeline may have advanced, and hence we
sample at t+<framedelay> (or thereabout) instead. Currently this works
"fine" because the first animation frame follows special scheduling
rules, making sure the timeline won't advance within this time window.
Rather than relying on this, just pause the timeline instead.


Change-Id: I2314b435861050fd0163670928318563bd09f271
Reviewed-on: https://chromium-review.googlesource.com/563624
Commit-Queue: Fredrik Söderquist <fs@opera.com>
Reviewed-by: Philip Rogers <pdr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#485166}
Be explicit about namespace testing to not mix it with blink::testing
There are two namespaces named testing used in Blink unit tests, one
from gtest and one internal helper namespace. If both are visible then
the gtest testing namespace won't be used unless prepended with ::, as
is already done in large parts of the code.


Review-Url: https://codereview.chromium.org/2967013002
Cr-Commit-Position: refs/heads/master@{#484966}
Use unique variable names in gperf generated code
By default gperf generates code with the types and variables
stringpool_t and stringpool. If jumbo combines more than one gperf
generated file those collides.

This patch changes the variable names to something more unique.


Review-Url: https://codereview.chromium.org/2972193002
Cr-Commit-Position: refs/heads/master@{#484961}
Avoid PermissionDescriptor name collision.
Fix to allow us to skip a permissions exclusion for jumbo. Locally rename
one of them to MojoPermissionDescriptor.

Review-Url: https://codereview.chromium.org/2965333002
Cr-Commit-Position: refs/heads/master@{#484953}
Drop a "using namespace WTF" in V8CSSStyleDeclarationCustom.cpp
global "using namespace WTF" causes compiler warnings in jumbo builds
and in general extend the global namespace a lot which increases the
risk of symbol conflicts.

This patch changes a "using namespace WTF" to an explicit
Review-Url: https://codereview.chromium.org/2975603002
Cr-Commit-Position: refs/heads/master@{#484938}
Changing XPathGrammer.y to not use global using blink
When using "using namespace Foo" at global level you will
introduce a lot of symbols into the global scope which will make
it harder for jumbo (unity builds/merged files) to compile without
symbol collisions.

Also, global using namespace statements will, with the current
implementation of jumbo not compile because of a compiler warning.

This patch changes to more explicit namespaces.


Review-Url: https://codereview.chromium.org/2974653002
Cr-Commit-Position: refs/heads/master@{#484928}
Make ElementFactory.cpp.tmpl generate unique names
ElementFactory is used for both SVG and HTML and some names it
exported were the same so in a jumbo build they would collide. By
making the name unique we don't have to exclude the generated files
from jumbo building.


Review-Url: https://codereview.chromium.org/2965343002
Cr-Commit-Position: refs/heads/master@{#484911}
remove the OS() macro
Replace OS(FOO) macro calls with defined(OS_FOO) and remove the OS macro.

This is mostly a mechanical change:

	for file in `git grep -w "OS($p)" | sed -e "s/:.*//" | uniq`
		sed -i -e "s/OS($p)/defined(OS_$p)/g" $file

Followed by some semi-automatic build/build_config.h inclusion
and clang format.


Cq-Include-Trybots: master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_layout_tests_slimming_paint_v2;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
Change-Id: I69e567334665c331b46e04be86a60aeca4a3e9c4
Reviewed-on: https://chromium-review.googlesource.com/561010
Commit-Queue: Mostyn Bramley-Moore <mostynb@opera.com>
Reviewed-by: Kent Tamura <tkent@chromium.org>
Cr-Commit-Position: refs/heads/master@{#484853}
Handle re-entrant AttachLayoutTree for the same node.
Lazy whitespace re-attachment introduced tracking of the last seen in-
flow box in AttachContext. We have three places where we may end up
calling AttachLayoutTree from AttachLayoutTree for the same element[1]
causing re-entrancy issues for AttachContext. The AttachContext would
keep a pointer to the LayoutObject created by the outer AttachLayoutTree
while that may have been deleted by the inner AttachLayoutTree.

Here we store the passed-in AttachContext on a SyncReattachContext stack
and pass it, with the previous in-flow restored, when re-entering

[1] This typically happens when we find out that a resource won't load
while attaching the layout object and we immediately decide to render
fallback content.

Bug: 738596
Change-Id: I978f77fbaa481a713b21ece92aabac39d37af450
Reviewed-on: https://chromium-review.googlesource.com/560836
Reviewed-by: meade_UTC10 <meade@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#484847}
Add command line flag to override suppression.xml path
Let the suppression script optionally write to a configuration file set
on the command line, rather than the default.

//build_overrides/build.gni can set a 'lint_suppressions_file' variable,
allowing different products to override the lint suppression
configuration. Updating this overriding suppression configuration can
otherwise be cumbersome.

Bug: 737897
Change-Id: I1551d7e6951f212e42ee79ffac568e9a5208aec9
Reviewed-on: https://chromium-review.googlesource.com/561137
Reviewed-by: Peter Wen <wnwen@chromium.org>
Reviewed-by: Andrew Grieve <agrieve@chromium.org>
Commit-Queue: Ingemar Ådahl <ingemara@opera.com>
Cr-Commit-Position: refs/heads/master@{#484621}
Use aggregated bindings for jumbo as well as for Windows.
If the builder requests a jumbo build, use aggregated bindings since
that is more or less the same thing.


Review-Url: https://codereview.chromium.org/2971713002
Cr-Commit-Position: refs/heads/master@{#484298}
Use cssvalue::CounterValue instead of blink::CSSCounterValue
A cleanup patch used the wrong namespace for CSSCounterValue. It still
works but it was not right.


Review-Url: https://codereview.chromium.org/2967163003
Cr-Commit-Position: refs/heads/master@{#484276}
Set Python shebang in build to /usr/bin/env python
A common solution for developers using Linux distributions were
/usr/bin/python is linked to /usr/bin/python3 is to put a python ->
python2 symlink earlier in the PATH when working with python2-only
projects. This doesn't work when shebangs bypasses any environment

The change was generated by executing:
  sed -i 's|#!/usr/bin/python|#!/usr/bin/env python|' \
    $(grep -rl '#!/usr/bin/python' build)

Change-Id: I2de77532fd31a0348ec58f4d9af4b7172dc1b9ed
Reviewed-on: https://chromium-review.googlesource.com/559347
Reviewed-by: John Budorick <jbudorick@chromium.org>
Commit-Queue: Ingemar Ådahl <ingemara@opera.com>
Cr-Commit-Position: refs/heads/master@{#484266}
Support C and Objective-C in jumbo base scripts.
Up until now only C++ files were merged. With this Objective-C
will also be merged and if there are any C files (there are only
a few spread out) then those will also be handled.


Review-Url: https://codereview.chromium.org/2972533002
Cr-Commit-Position: refs/heads/master@{#484230}
Escape '$' when generating lint suppression regexp
Java class names (for inner classes) may contain '$', which is a EOL
pattern marker in Java regexps. To ensure proper regexps are generated,
escape the marker to allow the regexp to match the entire path.

Bug: 737882
Change-Id: I935d06c197453b674bb0e493d0887e271fdd9610
Reviewed-on: https://chromium-review.googlesource.com/554750
Commit-Queue: Ingemar Ådahl <ingemara@opera.com>
Reviewed-by: Andrew Grieve <agrieve@chromium.org>
Cr-Commit-Position: refs/heads/master@{#484228}
Drop unused member loader_ in testing file SimRequest.h
This caused compilation errors (through a compiler warning) in
jumbo builds. I speculate that if the compiler (clang) sees both
an object creation and the full declaration it will complain about
members that are never accessed.


Review-Url: https://codereview.chromium.org/2969203002
Cr-Commit-Position: refs/heads/master@{#484224}
Be explicit about namespace testing to not mix it with blink::testing
There are two namespaces named testing used in Blink unit tests, one
from gtest and one internal helper namespace. If both are visible then
the gtest testing namespace won't be used unless prepended with ::, as
is already done in large parts of the code.


Review-Url: https://codereview.chromium.org/2970833002
Cr-Commit-Position: refs/heads/master@{#484087}
Scripts for unity/jumbo (default disabled) compilation.
To speed up compilation times, jumbo allows files to be compiled
together. This is a well known method ("unity builds") to both
compile faster and create a poor man's "full program optimization".
For Chromium we are only interested in the compile times.

This patch includes the basic scripts that do the source file merging
and changes Blink Core to use those scripts. If the gn configuration
includes: use_jumbo_build = true then Blink Core will use jumbo
compile. Otherwise it will compile as usual.

The expected speedup from using Jumbo on Blink Core (and nothing else)
is about 17% of the content_shell+blink_tests compilation CPU
time. This is about half an hour for people building with an ordinary
computer, but less both in percentage and minutes if using some kind
of build accelerator like goma.

More information in


Review-Url: https://codereview.chromium.org/2963733003
Cr-Commit-Position: refs/heads/master@{#483986}
(reland) base::LaunchUnitTestsSerially should not be overridable by cmdline
(reland) base::LaunchUnitTestsSerially should ignore the --test-launcher-jobs
command line switch, and never use parallel jobs.  To achieve this, change
callers of base::TestLauncher to pass the requested number of parallel test
jobs, instead of the default number of parallel test jobs.

And while we're at it, let's remove TestLauncherDelegate's
AdjustDefaultParallelJobs method, which no longer has any users.


Change-Id: I4085fb21c1dce467527210407e3913ff3b5e3bc6
Reviewed-on: https://chromium-review.googlesource.com/549342
Commit-Queue: Mostyn Bramley-Moore <mostynb@opera.com>
Reviewed-by: Henrik Kjellander <kjellander@chromium.org>
Reviewed-by: Alok Priyadarshi <alokp@chromium.org>
Reviewed-by: Paweł Hajdan Jr. <phajdan.jr@chromium.org>
Reviewed-by: Alex Clarke <alexclarke@chromium.org>
Cr-Commit-Position: refs/heads/master@{#483909}
add a bunch of missing header guards
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng;master.tryserver.chromium.linux:linux_layout_tests_slimming_paint_v2
Change-Id: I2175e7c672332c9046e8cc5d60f246a62f62478b
Reviewed-on: https://chromium-review.googlesource.com/558409
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Mostyn Bramley-Moore <mostynb@opera.com>
Cr-Commit-Position: refs/heads/master@{#483907}
remove a couple of vim modelines
We don't appear to use vim modelines in the codebase, and moreover
these conflict with our style guide.

Change-Id: Iac4a1c5dc7ac1b4b51b8862c2d943ffe0d038a7b
Reviewed-on: https://chromium-review.googlesource.com/558407
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Commit-Queue: Mostyn Bramley-Moore <mostynb@opera.com>
Cr-Commit-Position: refs/heads/master@{#483875}
Turn MediaLog usage from plain wrong into questionable
ReadConcatentatedBoxes() was handing out BoxReader instances that
referred to MediaLog objects that had gone out of scope.


Review-Url: https://codereview.chromium.org/2966493005
Cr-Commit-Position: refs/heads/master@{#483840}
Implement lazy (re-)attachment of whitespace.
The existing implementation of re-attachment of whitespace nodes had
performance issues because it tried to re-attach whitepace nodes as
early as possible, leading to multiple re-attachments of the same node
and multiple sibling-walks past the same out-of-flow elements.

Instead, this CL stores the last seen text node in a new
WhitespaceAttacher object and delays the re-attachment of that text
node until we know its need for a LayoutObject for the current layout
tree rebuild. In particular, we don't re-attach the whitespace node
when previous siblings are/become display:none or out-of-flow.

Contrary to what last_text_node did, the WhitespaceAttacher persist
the last seen text node in the flat tree order and across
display:contents and slot/content element which fixes various
correctness issues in addition to performance issues.

In addition to the last visited text node, we also store the last
seen display:contents element and only walk the display:contents
subtree when needed to find its first in-flow whitespace descendant.


Change-Id: Id397986c49a4bc75e831da1ff8b679f2043873c3
Reviewed-on: https://chromium-review.googlesource.com/517940
Commit-Queue: Rune Lillesveen <rune@opera.com>
Reviewed-by: Hayato Ito <hayato@chromium.org>
Reviewed-by: meade_UTC10 <meade@chromium.org>
Cr-Commit-Position: refs/heads/master@{#483683}
Allow outdirs when !enable_extensions and !enable_print_preview
This lets us generate outdirs for builds where enable_extensions
and enable_print_preview are false. This is a configuration that
is used by Opera's TV SDK.

This can be seen as a fixup to https://codereview.chromium.org/2904443004/ .


TEST=gn gen --args='enable_extensions=false enable_print_preview=false' out/GnTest

Review-Url: https://codereview.chromium.org/2958243002
Cr-Commit-Position: refs/heads/master@{#483654}
Include less from LayoutTheme.h
Change-Id: I034264c0fceec2155ef823717092d2cd36a2887b
Reviewed-on: https://chromium-review.googlesource.com/553140
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Kent Tamura <tkent@chromium.org>
Cr-Commit-Position: refs/heads/master@{#483338}
Don't include ComputedStyle.h where not needed.
Also removed unnecessary inclusions of core/dom/NodeComputedStyle.h

Because of this change, 13 more compilation units no longer include ComputedStyle.h

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng;master.tryserver.chromium.linux:linux_layout_tests_slimming_paint_v2
Change-Id: I2a647d891c7e0957e7ee0f96ebc6e2face6e0c14
Reviewed-on: https://chromium-review.googlesource.com/553259
Reviewed-by: Rune Lillesveen <rune@opera.com>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#483324}
Roll src/third_party/ffmpeg/ 06ac9ea36..88c555e9e (2 commits)

$ git log 06ac9ea36..88c555e9e --date=short --no-merges --format='%ad %ae %s'
2017-06-28 mostynb add ffmpeg_use_atomics_fallback gn arg
2017-06-06 jrummell Remove unused configs for linux-noasm/arm64

Created with:
  roll-dep src/third_party/ffmpeg

Change-Id: I33825f010c5a13026540e5c1454977961e9ec1b0
Reviewed-on: https://chromium-review.googlesource.com/553379
Reviewed-by: Dale Curtis <dalecurtis@chromium.org>
Commit-Queue: Mostyn Bramley-Moore <mostynb@opera.com>
Cr-Commit-Position: refs/heads/master@{#483211}
Include less from ComputedStyle.h (and ComputedStyleBase.h and SVGComputedStyle.h).
Change-Id: I42edad3643a1a9c76bb5281d5771045678304533
Reviewed-on: https://chromium-review.googlesource.com/553258
Reviewed-by: Rune Lillesveen <rune@opera.com>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#483315}
Don't include StyleResolverState.h where not needed.
It involves ComputedStyle.h, which is heavy.

Change-Id: I345d1c0fd69dfb68c0e96b5af0f932e1d67405f1
Reviewed-on: https://chromium-review.googlesource.com/553260
Reviewed-by: Fredrik Söderquist <fs@opera.com>
Reviewed-by: Rune Lillesveen <rune@opera.com>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#483310}
Include less from Length.h
Moved parts of Length::Blend() into the .cpp files, since it requires a heavy

Change-Id: I527d8cfb119e7475f00d2664ae4788e80cf4b479
Reviewed-on: https://chromium-review.googlesource.com/553299
Reviewed-by: Philip Rogers <pdr@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#483301}
Separate initial style and viewport/ICB style.
We store the initial containing block/viewport style on the Document
node. This style includes properties propagated from body/html like
writing-mode and overflow. It also sets things like z-index to a non-
auto value to establish a stacking context.

The problem was that this ComputedStyle was used for inheriting values
down to the root element as well, which is incorrect. The root element
should inherit initial values.

Instead, split StyleForDocument into InitialStyleForElement and a
StyleForViewport which applies viewport specific properties on top of
the initial values. Then use InitialStyleForElement as the style to
inherit from for the root element.

A bunch of writing-mode tests are modified to apply writing-mode on the
html element instead of body. The code change aligns with the spec and
how Gecko behaves by not propagating the writing-mode on body to the
html element. The intention of the modified tests was to have the effect
of setting the same writing-mode on the html element.

Bug: 732349,541529,590818,590835,731022
Change-Id: I4ff9c076c54483245db931ede6a2293ef5279cd2
Reviewed-on: https://chromium-review.googlesource.com/548379
Commit-Queue: Rune Lillesveen <rune@opera.com>
Reviewed-by: meade_UTC10 <meade@chromium.org>
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#482950}
Simplify OfflineAudioDestinationNode::DoOfflineRendering().
No need to track is-suspended state.


Review-Url: https://codereview.chromium.org/2959693002
Cr-Commit-Position: refs/heads/master@{#482417}
Retire audiosource-premature-gc.html test expectation.
Not needed following r482301.


Review-Url: https://codereview.chromium.org/2960733002
Cr-Commit-Position: refs/heads/master@{#482395}
Repost offline rendering task if GC prevents.

Review-Url: https://codereview.chromium.org/2959663002
Cr-Commit-Position: refs/heads/master@{#482301}
Move rounding up to 1.0f of border widths to the painting stage.

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_slimming_paint_v2
Change-Id: Id6226e1df033e8ee72ffa32cde4c0d12fc3cbf36
Reviewed-on: https://chromium-review.googlesource.com/525536
Commit-Queue: Karl Anders Øygard <karlo@opera.com>
Reviewed-by: Stephen Chenney <schenney@chromium.org>
Cr-Commit-Position: refs/heads/master@{#482233}
base::LaunchUnitTestsSerially should not be overridable
base::LaunchUnitTestsSerially should ignore the --test-launcher-jobs
command line switch, and never use parallel jobs.


Change-Id: I7e455a805b898f12e7adc91a41feb9627e008964
Reviewed-on: https://chromium-review.googlesource.com/543344
Commit-Queue: Mostyn Bramley-Moore <mostynb@opera.com>
Reviewed-by: Paweł Hajdan Jr. <phajdan.jr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#481990}
Store previous in-flow layout object in AttachContext.
This is split out of [1]. In order to avoid backtracking past out-of-
flow, display:none, and display:contents nodes of attached siblings
for whitespace re-attachment, we keep track of the last attached in-
flow box for an AttachLayoutTree().

The AttachContent is made non-const to pass on previous in-flow past
slot, content, and display:contents ancestors.

This CL does not have behavioral changes on its own.

[1] https://chromium-review.googlesource.com/c/517940/


Change-Id: I7bf5faaf3e9fe3d1b4f62c22076be6ad31790cfe
Reviewed-on: https://chromium-review.googlesource.com/543037
Reviewed-by: nainar <nainar@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#481853}
Hold global GC heap lock while making audio thread access.
For auxillary threads that rarely need to gain access to another
thread's GC heap, we have to ensure that this happens while the
heap-owning thread isn't concurrently GCing the heap. Otherwise there
is the possibility that heap objects might be relocated or mutated
while the auxillary thread tries to access.

A CrossThreadPersistent<T> (CTP) ensures reference liveness across
threads, but isn't sufficient to handle the wanted exclusive access
after a non-attached thread has deref'ed the persistent. So, for
this to happen, keep the global CTP lock while accessing a heap
object during offline audio rendering -- it specifically accessing
heap objects while a GC runs. As all GCs hold the lock on the global
CTP region while they run, this ensures exclusion.

It is clearly desirable to have all heap access be under the control
of the heap-owning thread, and threaded code should try hard to avoid
accessing another thread's heap objects. The CTP global lock is the
mechanism to use when that isn't practically feasible -- feel free to
add a "TODO(foo): avoid using" next to any instances that you end up

As regards audio thread cross-thread usage, the code needs auditing to
check if there are other places where setting up this CTP lock is


Review-Url: https://codereview.chromium.org/2951903003
Cr-Commit-Position: refs/heads/master@{#481809}
Update style for body when viewport defining element changes.
Whether the body box has scrolling overflow or not depends on the
computed overflow of the html element.

The HasOverflowClip flag, along with creating and removing a paint
layer on LayoutBlock is updated as part of SetStyle. However, if the
html element is recalculated, its overflow changing causing the
viewport defining element to change, but body did not need a recalc,
the overflow clip flag and paint layer is not updated for body.

This CL forces a SetStyle on the body LayoutObject to trigger the
necessary update after recalc when when the viewport defining element

This fixes scrollingElement.html in wpt/cssom-view.

Bug: 665927
Change-Id: I146c3e976edef28074bde6531fe4c6ec65ecb090
Reviewed-on: https://chromium-review.googlesource.com/544958
Commit-Queue: Rune Lillesveen <rune@opera.com>
Reviewed-by: Dave Tapuska <dtapuska@chromium.org>
Reviewed-by: Rick Byers <rbyers@chromium.org>
Cr-Commit-Position: refs/heads/master@{#481682}
Don't include ComputedStyle.h from Node.h
This caused it to be included in about 3400 compilation units. Removing this
dependency reduces the number to about 1000.

Compiling ComputedStyle.h takes almost 6 seconds here (which is worth an
investigation on its own).

Some changes elsewhere were required because of this, because they
inadvertently depended on things included via ComputedStyle.h . Keeping
Blob & co merely forward-declared in IDBValueWrapping.h required some
extra work.

The dependency was introduced here:

https: //codereview.chromium.org/2821193003
Change-Id: I5323c12821ae7e5408f6f5f1fee17222a0acf511
Reviewed-on: https://chromium-review.googlesource.com/543155
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Rune Lillesveen <rune@opera.com>
Reviewed-by: nainar <nainar@chromium.org>
Reviewed-by: Joshua Bell <jsbell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#481675}
No need to update layout for scrollingElement in compositing.
The style and layout is guaranteed to be clean at this point.

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_slimming_paint_v2
Change-Id: I28d877f2cafa9fe49e5ce922cf9b95d2e3fa8b2c
Reviewed-on: https://chromium-review.googlesource.com/540795
Reviewed-by: Chris harrelson <chrishtr@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#481440}
Element::ClientQuads() needs to take transforms into account.
In LayoutGeometryMap, when there's a non-uniform step (e.g. when inside
multicol), we fall back on doing it the slow way, i.e. we involve
LayoutObject::MapLocalToAncestor(). The mode flags initially passed from
ClientQuads() will just be echoed here, so we need to make sure that
kUseTransforms is specified.


Change-Id: I2a6fe83fb1332a19a581203d6c44c6924da3f027
Reviewed-on: https://chromium-review.googlesource.com/541339
Reviewed-by: Chris harrelson <chrishtr@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#481039}
[LayoutNG] Place floats correctly in non-physical writing modes.
Use logical offsets as much as we can, and have legacy layout convert
it for us when storing physical offsets in FloatingObject. Use
SetLogicalLeftForFloat() and SetLogicalTopForFloat() in
LayoutBlockFlow for this. They actually take inline and block offsets.

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_layout_ng
Change-Id: Iffd4aa759cb520f03a7642f15c1e40279e48c2b9
Reviewed-on: https://chromium-review.googlesource.com/541363
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#480995}
Update FlagExpectations for enable-slimming-paint-v2
Based on results from https://chromium-review.googlesource.com/c/539399/3

Cq-Include-Trybots: master.tryserver.chromium.linux:linux_layout_tests_slimming_paint_v2
Change-Id: I461903e9bc16ea85abf8f7cb80c7a6b468a37c51
Reviewed-on: https://chromium-review.googlesource.com/541298
Reviewed-by: Chris harrelson <chrishtr@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#480830}
Update HasOverflowClip for body after style recalc.
The HasOverflowClip flag on LayoutBlock is updated as part of SetStyle,
but for body, the flag may need to change as a result of changing the
overflow property on the root element.

This CL always updates the flag for body after a style recalc. It's
only strictly necessary to do this if the root element is recalculated
and changes overflow between visible and a non-visible overflow, and at
the same time, the body element does not need a style recalc. Those
checks would complicate the code with little gain, so left to be done

This fixes scrollingElement.html and HTMLBody-ScrollArea_quirksmode.html
in wpt/cssom-view. The latter had a bug that it didn't clear the
"scroll" values set to check if overflowY could be set, which caused a
subsequent test to incorrectly fail in both Blink and Gecko.


Change-Id: I72ea8c51f2ec52320aaacd7373bc1a6e8a80dbed
Reviewed-on: https://chromium-review.googlesource.com/540596
Reviewed-by: Dave Tapuska <dtapuska@chromium.org>
Reviewed-by: Rick Byers <rbyers@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#480824}
Null check PrimaryFont().
No known way to reproduce, but this null check fixes a crasher reported
to the Opera crash servers for the desktop version of Opera. There was
already a null check for PrimaryFont() on the first line style in the
same method. This fix has been shipped and confirmed to fix the issue
for Opera.

Only seeing crashes for Windows on our crash server, so it might be a
Windows-only issue.


Change-Id: Ifca144023a319e4b900da12c62900819ba09f777
Reviewed-on: https://chromium-review.googlesource.com/538758
Reviewed-by: Dominik Röttsches <drott@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#480406}
If min/max widths are already dirty during layout, don't recalculate.
Min/max widths are recalculated right before layout if they are dirty, but only
on those objects that actually need it, even if they are marked dirty. If the
object doesn't need min/max widths to figure out its own size, and no ancestor
needs this information either, the flag should just be left on indefinitely.
It's a waste of time to recalalculate the min/max widths for such objects, and
just leaving them dirty instead will also help the marking machinery cut off
earlier, since it will walk the containing block chain until it finds something
that's already marked.

If we get to layout and the flag is still set, it has to mean that nobody cares
about the min/max widths. This is a speculative fix for bug 732703, that
restores to the behavior we had prior to
https://chromium-review.googlesource.com/c/527640/ .


Change-Id: I146dd8e2d41712aece91fdb199a2254f1a24e43f
Reviewed-on: https://chromium-review.googlesource.com/538658
Reviewed-by: Emil A Eklund <eae@chromium.org>
Reviewed-by: Stefan Zager <szager@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#480774}
Need to dirty min/max widths on certain children, regardless of entry-point.
It doesn't matter whether it's during layout or not that we decide to
recalculate the min/max widths. If the min/max widths of a child is known to be
affected by changes in the containing block, we need to recalculate them
regardless of that.

This got broken by https://chromium-review.googlesource.com/527640 . It used to
work prior to that change, because then, dirty bits on the child of the
shrink-to-fit container were accidentally left behind from a previous layout
pass, so that min/max widths got properly recalculated the next time its parent
got marked dirty.


Change-Id: I011e2101d3913ac44284a6d18c16260a42ee7eee
Reviewed-on: https://chromium-review.googlesource.com/538694
Reviewed-by: Emil A Eklund <eae@chromium.org>
Reviewed-by: Stefan Zager <szager@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#480591}
add missing import for enable_extensions

Change-Id: I2c4b30ac5c93372952f7f3901929afc57bef6572
Reviewed-on: https://chromium-review.googlesource.com/537372
Reviewed-by: Mostyn Bramley-Moore <mostynb@opera.com>
Reviewed-by: Brett Wilson <brettw@chromium.org>
Commit-Queue: Mostyn Bramley-Moore <mostynb@opera.com>
Cr-Commit-Position: refs/heads/master@{#479784}
Allow generation of a chromium outdirs when enable_extensions=false
This allows us at Opera to patch chromium a little less before
building a downstream product that doesn't depend on extensions.

At the moment, the 'chrome' target does not compile when
enable_extensions=false - and this is fine since Chrome indeed
needs extensions. But other browser products that use
enable_extensions=false can now generate an outdir without
getting complaints from GN.


TEST=gn gen out/GnTest
TEST=gn gen --args='enable_extensions=false' out/GnTest
TEST=gn gen --args='is_component_build=true' out/GnTest
TEST=gn gen --args='is_component_build=true enable_extensions=false' out/GnTest
TEST=gn gen --args='target_os="android"' out/GnTest
TEST=gn gen --args='target_os="android" enable_extensions=false' out/GnTest
TEST=gn gen --args='target_os="chromeos"' out/GnTest
TEST=gn gen --args='target_os="chromeos" is_component_build=true' out/GnTest

Review-Url: https://codereview.chromium.org/2904443004
Cr-Commit-Position: refs/heads/master@{#479646}
Remove WebContentsDelegateAndroid::OnGoToEntryOffset
It was added by Opera in https://codereview.chromium.org/684133007, but
has since stopped being used downstream. There are no references to the
method in any upstream code.


Review-Url: https://codereview.chromium.org/2942553002
Cr-Commit-Position: refs/heads/master@{#479637}
Update LEGEND implementation to better match the spec.
Only rendered legends [1] should establish a new block formatting context and
shrink to fit.

[1] https://html.spec.whatwg.org/multipage/rendering.html#rendered-legend


Change-Id: I0aeddbd6d4b345bbe626be8ac2efd1fea501372e
Reviewed-on: https://chromium-review.googlesource.com/535595
Reviewed-by: Stefan Zager <szager@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#480791}
Check if we are going to create a new column row, instead of just assuming it.
Before attempting to guess what the height of the next column row is going to
be, make sure that we're actually going to create one. If we're not going to
create one, the height of the already existing row is what we should use.

This fixes a recently introduced DCHECK failure. It also makes us handle
overflowing columns in a nested fragmentation context properly. That has
probably never worked before, though.

Also shortened the name of a parameter, to prevent the code formatter from
creating soup.

Change-Id: I45ccc272312a0757630c0d97d1d023168756d51c
Reviewed-on: https://chromium-review.googlesource.com/535556
Reviewed-by: Emil A Eklund <eae@chromium.org>
Commit-Queue: Emil A Eklund <eae@chromium.org>
Cr-Commit-Position: refs/heads/master@{#479428}
Add missing #include <cerrno> in socket_options.cc
One of our toolchains does not expose |errno| in the global namespace.


Review-Url: https://codereview.chromium.org/2930873002
Cr-Commit-Position: refs/heads/master@{#479366}
Relax a DCHECK: Column indices out of bounds are fine here.
Just let MultiColumnFragmentainerGroup::LogicalHeightInFlowThreadAt() return
0 if the column index is past the end. The last column *within* bounds will
get its height clamped against the bottom of the flow thread, like before.


Change-Id: Icd0c8d77f73a02b69a27f24ca70b7b0a023c28dd
Reviewed-on: https://chromium-review.googlesource.com/533016
Reviewed-by: Emil A Eklund <eae@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#479436}
Made focus hightlight region calculation (outline-style:auto) multicol-aware.
Went for a very simplistic solution, at least for now. Just use the bounding
box of everything inside the multicol container.


Change-Id: Ie5ca0f747edc4ac3b384ecb784443592edee7379
Reviewed-on: https://chromium-review.googlesource.com/534473
Commit-Queue: Xianzhu Wang <wangxianzhu@chromium.org>
Reviewed-by: Xianzhu Wang <wangxianzhu@chromium.org>
Cr-Commit-Position: refs/heads/master@{#479406}
Let NextLogicalTopForUnbreakableContent() rely on PageLogicalHeightForOffset().
Due to poorly duplicated code (not consistently clamping against computed
height/max-height), the machinery was confused as to how tall a next
fragmentainer group (column group) would be, and would trick the line layout
code into incorrectly believing that there'd be enough space for a tall line,
if we just pushed it all the way past the current fragmentainer group. This
caused a DCHECK failure:

DCHECK_GT(page_logical_height, LayoutUnit()) in

LayoutBox: :PageLogicalHeightForOffset().
Change-Id: I1e34fe3e84d798f3679404589414d90a758a72ea
Reviewed-on: https://chromium-review.googlesource.com/532959
Reviewed-by: Emil A Eklund <eae@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#479305}
Stop assuming metadata contains at least one stream
It is valid for a media::Demuxer implementation to provide 0 streams in
GetAllStreams().  In this case, the metadata built by PipelineImpl is
empty too.  This should be handled, just like PipelineImpl already
handles absence of streams with PIPELINE_ERROR_COULD_NOT_RENDER.


Review-Url: https://codereview.chromium.org/2930333004
Cr-Commit-Position: refs/heads/master@{#479066}
Add ifdef guard to WorkletModuleTreeClient.h
We use "jumbo" compilation of blink in our project. The main idea is
to compile some number of cc files as one compilation unit. It
significantly speeds up compilation time of blink. With "jumbo"
enabled there is compilation error due to lack of ifdef
guard in file WorkletModuleTreeClient.h.


Review-Url: https://codereview.chromium.org/2935823003
Cr-Commit-Position: refs/heads/master@{#478967}
Avoid AudioBufferSourceHandler data race.
Following r478084, the main thread may contend with the audio thread
on accessing AudioBufferSourceNodeHandler's mutable state. Coordinate
such access by introducing a Mutex over |min_playback_rate_|.

Using atomic ops would be the natural choice for handling this, but
steering clear of those over doubles (cf. https://crrev.com/1256053006)
until std::atomic<> is allowed.


Review-Url: https://codereview.chromium.org/2929283002
Cr-Commit-Position: refs/heads/master@{#478679}
Better handling of min/max widths that depend on the containing block.
This is about how we behave when NeedsPreferredWidthsRecalculation()
is true. This is a rather rare situation, and also an unfortunate one,
since min/max width calculation should be strictly bottom-up.

If we mark min/max widths of an object as dirty, we need to guarantee
that they're actually going to be recalculated. Otherwise, if the
object is left around with dirty min/max widths, it will block
subsequent min/max dirtying of any descendant. We also need to make
sure that if we mark min/max widths as dirty due to
NeedsPreferredWidthsRecalculation(), we also need to mark the min/max
widths of every child with the same issue as dirty, recursively, since
any layout change may have affected the min/max widths there too.

Documented NeedsPreferredWidthsRecalculation(). Added one test that
has been failing for ages, and one that started to fail because of the
bug referenced. Both pass now.


Change-Id: I8b9325ba20a6da2329d28d21a6eca6bc1aa36c06
Reviewed-on: https://chromium-review.googlesource.com/527640
Reviewed-by: Stefan Zager <szager@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#478616}
Update HR implementation to match the spec.
Don't hardcode HR as establishing a new formatting context.
Set overflow:hidden in the UA stylesheet instead. [1]
Also specify unicode-bidi:isolate [2]

Some heavy test expectation rebaselining is necessary, since making
HR overflow:hidden entails that it will now establish a PaintLayer.

[1] https://html.spec.whatwg.org/multipage/rendering.html#the-hr-element-2
[2] https://html.spec.whatwg.org/multipage/rendering.html#bidi-rendering


Change-Id: I1734242d240cb236269b218283bcb16b4ca7c0e4
Reviewed-on: https://chromium-review.googlesource.com/521044
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Stefan Zager <szager@chromium.org>
Cr-Commit-Position: refs/heads/master@{#478611}
Avoid unsafe heap access from audio thread.
The audio thread tries to touch main thread Blink GCed objects in a
select few places, which isn't safe as a GC might concurrently run.

Avoid such cross off-thread usage, rearrange the processing of
finished nodes from the audio thread to the main thread.


Review-Url: https://codereview.chromium.org/2913303002
Cr-Commit-Position: refs/heads/master@{#478084}
Declare kAppendWholeFile as constexpr
kAppendWholeFile was dynamically initialized, causing it to be 0 at the
time of the initialization of the kMediaSourceADTSTests array when
built with VC 2015.  This resulted in an assertion failure in
MockMediaSource constructor.

std::numeric_limits::max() is constexpr in C++11, so fix that by
declaring kAppendWholeFile as constexpr too.

While we're here, let's change DCHECKs in mock_media_source.cc to
CHECKS, because there is no reason to prefer DCHECK over CHECK in
test-only code.

TEST=media_unittests --gtest_filter=ProprietaryCodecs/BasicMSEPlaybackTest.PlayToEnd/*

Review-Url: https://codereview.chromium.org/2920243002
Cr-Commit-Position: refs/heads/master@{#477755}
Floor widths in LayoutTable::BorderBefore() and BorderAfter().
LayoutTable::BorderBefore() and LayoutTable::BorderAfter() incorrectly
did not floor widths.  Borders in tables are not yet sub pixel, so all
border widths should be integers.


Change-Id: I7ca1a93b4a749c112100634a984ebe825c1570a8
Reviewed-on: https://chromium-review.googlesource.com/520385
Reviewed-by: David Grogan <dgrogan@chromium.org>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Commit-Queue: Karl Anders Øygard <karlo@opera.com>
Cr-Commit-Position: refs/heads/master@{#480402}
Tidy up SVGListPropertyHelper
Turn some iterations into range-based for-loops. Use operator== from
Vector<...> rather than re-implementing it. Remove FindItem (unused.)
Deduplicate some code, replace 0 with nullptr where appropriate and
simplify the padding loop.


Review-Url: https://codereview.chromium.org/2920103002
Cr-Commit-Position: refs/heads/master@{#476914}
De-virtualize HasRelativeLogical{Height,Width} in LayoutBox.
It's not overridden anywhere.

Change-Id: I5eb4be5ee121c726c5219854ed9e9408b3ac62e5
Reviewed-on: https://chromium-review.googlesource.com/522062
Reviewed-by: Stefan Zager <szager@chromium.org>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#476777}
No longer let 0 mean that fragmentainer height is unknown.
For multicol, PageLogicalHeightForOffset() would normally figure out what to
return by consulting the flow thread, which would find the appropriate column
set, which in turn would find the appropriate fragmentainer group and return
its height.

We used to treat a 0 value as "unknown" most of the time (but there were also
cases where we'd accept it as a column height). We now always have to call
IsPageLogicalHeightKnown() first to tell whether it's known or not. This is
reasonable, since the calling code always has to act upon the situation of not
knowing the height (typically skip some steps, since fragmentation is
impossible until height is known).

It is now forbidden to call PageLogicalHeightForOffset() if height is unknown
(there are DCHECKs). The height is unknown in many cases in the first multicol
balancing pass. The height will be known once we have made a column height
estimate. It doesn't have to be the final and correct height. This CL doesn't
change anything in that regard, but now we are required to be sure that we
have some clue at all before dealing with fragmentainer heights.

MultiColumnFragmentainerGroup now has a flag that tells whether the logical
height is known or not. We need the flag, because the logical height may
actually end up as 0, e.g. when a multicol container just has zero-height
content, or when the multicol container itself has a specified height of 0.
This unclamped height will be used as block progression for the column row,
which will contribute to the final height of the multicol container. The
actual column height will be clamped to not be less than 1px. This is in
accordance with the spec [1]. We previously used to treat truly zero-height
fragmentainer groups as having an unknown height in some parts of the code,
while in other parts of the code we'd just accept it and end up dividing by
it (to convert a flow thread offset to a column index, for instance).

This is a clean-up CL that happens to fix bugs.

[1] https://drafts.csswg.org/css-break/#breaking-rules


Change-Id: I63550d804bef073a5c24570d63bd55176ec5e396
Reviewed-on: https://chromium-review.googlesource.com/514049
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Reviewed-by: Emil A Eklund <eae@chromium.org>
Cr-Commit-Position: refs/heads/master@{#476270}
Remove svg/animations/animate-local-url.html from TestExpectations
No flakes observed after https://codereview.chromium.org/2907193002.


Review-Url: https://codereview.chromium.org/2917623002
Cr-Commit-Position: refs/heads/master@{#475869}
Always relayout children of LayoutView when printing.
We can normally trust UpdateLogicalWidth() to detect and report size changes,
but this is not the case when printing, because
FrameView::ForceLayoutForPagination() changes the logical width of the
LayoutView behind our back.


Review-Url: https://codereview.chromium.org/2908503003
Cr-Commit-Position: refs/heads/master@{#475862}
Do not prepend implicit type selectors to :host rules.
:host and :host-context() should not have implicit type selectors pre-
pended for universal rules with default @namespace. Default @namespace
applies to type and universal selectors inside :host() and
:host-context(), but a default @namespace rule should not affect :host.
That is, :host matches the host element regardless of any @namespace


Change-Id: I78d2919275aa6bdc4fdc5b02a4772d2352819258
Reviewed-on: https://chromium-review.googlesource.com/518019
Reviewed-by: Takayoshi Kochi <kochi@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#475834}
Put unqualified pseudos into the more specific rulesets.
We were incorrectly putting unqualified pseudo classes for :focus,
:visited, :-webkit-any-link and :link into the universal RuleSet which
meant we would match them for every element defeating the optimization
of having the separate rulesets.

This patch starts tracking the pseudos inside the extraction step to
make sure we put them into the right ruleset. It also adds some asserts
that the default UA sheet never adds any universal rules.

This removes one rule (:focus) from the set of rules for every element.

Bug: 721514
Change-Id: I4208e1c8c938aa0af7a736594f3c0059b6b28fcc
Reviewed-on: https://chromium-review.googlesource.com/517789
Commit-Queue: Rune Lillesveen <rune@opera.com>
Reviewed-by: Naina Raisinghani <nainar@chromium.org>
Cr-Commit-Position: refs/heads/master@{#475642}
Clean up creation of "detached" SVG* data type objects
Add CreateDetached helpers for the various objects (or, their tear-offs)
that can be created without having a context element. This is in
preparation for replacing some of these with their DOM* counterparts
from the Geometry specifications [1]. The "detached" term is borrowed from
the SVG2 specification [2].
Also drop all of the default arguments that pass QualifiedName::Null(),
and instead explicitly pass them where needed (for detached objects.)

[1] https://drafts.fxtf.org/geometry/
[2] https://svgwg.org/svg2-draft/struct.html#__svg__SVGSVGElement__createSVGNumber


Review-Url: https://codereview.chromium.org/2912663002
Cr-Commit-Position: refs/heads/master@{#475583}
Less duplicated code between AvoidsFloats() and CreatesNewFormattingContext().
In general there shouldn't really be any need for both. We could just remove
AvoidsFloats() and keep CreatesNewFormattingContext(). But then again, it might
be considered weird to say that replaced content creates a block formatting
context. So let's keep the both of them for now.

However, the following rule should always apply: If the object creates a new
formatting context, it implies that it also avoids floats. That's the reason for
declaring LayoutBlockFlow::AvoidsFloats() as final.

Furthermore, the only kind of LayoutBlock-type objects that DOESN'T create a
new formatting context, are certain LayoutBlockFlow (block container) objects.
So move the checks over from LayoutBlock to LayoutBlockFlow. Keep a virtual
true-returning CreatesNewFormattingContext() in LayoutBlock. We could actually
consider removing this, but there are 2-3 call sites that currently need it.

This CL causes a couple of minor rendering differences: Previously, HR elements
were told to avoid floats, but not to establish block formatting contexts.
Let's be consistent and return true for both. This makes us more compatible
with Edge. Test included. Turning HR elements into true block formatting
contexts also affects margin collapsing. Its top and bottom margins no longer
collapse. Had to make a change to the default style sheet for HR inside
SELECT because of this. Inside SELECT, HR loses its borders, so that its top
and bottom margins would previously collapse, but not anymore, now that it
establishes a block formatting context. To cancel out any rendering difference,
reduce margins in this particular case.

Similarly for RT (ruby text). LayoutRubyText objects are repositioned after
layout, which essentially requires them to contain all child floats, i.e.
establish a new block formatting context. Previously they achieved a
quasi-formatting context by returning true from AvoidFloats(). The screenshot
test fast/ruby/float-overhang-from-ruby-text.html would fail spectacularly if
they exposed child floats to their sibling ruby base. That test expectation
still requires a tiny update to its layout tree dump, though.

This CL also makes CreatesNewFormattingContext() return true for tables,
flexboxes, grids, and anything blocky that isn't LayoutBlockFlow. This
shouldn't be a web-exposable change, though, since no non-LayoutBlockFlow types
can contain float children (e.g. a float inside a table would have to be
wrapped inside either a table-cell or a table-caption (which both establish a
new block formatting context), and a float inside a flexbox would have to be
wrapped inside a flex item (which establishes a new block formatting context)).


Change-Id: If60c1fc636db73a7ff241471ea7bf95adf996512
Reviewed-on: https://chromium-review.googlesource.com/512824
Reviewed-by: Robert Hogan <robhogan@gmail.com>
Commit-Queue: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#475749}
Fixed flaky test snav-z-index.html.
requestAnimationFrame before initTest().

Without this change, repeat-each=10 caused failures most of the time.
With this change repeat-each=100 has been run locally a few times
without any failures (Linux x64).

Also converted some setTimeout => requestAnimationFrame for better


Change-Id: Ic1f27c3fda1ff7da063ab29286d707cb518ab7a6
Reviewed-on: https://chromium-review.googlesource.com/518163
Reviewed-by: Takayoshi Kochi <kochi@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#475429}
Attempt to fix flakiness in svg/animations/animate-local-url.html
SMIL animations start after the 'load' event has been dispatched, so
make sure to schedule the relevant timer after the 'load' event handler
has run.


Review-Url: https://codereview.chromium.org/2907193002
Cr-Commit-Position: refs/heads/master@{#475364}
Remove unused methods in SVGListPropertyHelper and SVGPropertyTearOff*
SVGPropertyTearOffBase: :GetType, and corresponding concretization in
Review-Url: https://codereview.chromium.org/2913513002
Cr-Commit-Position: refs/heads/master@{#475310}
Use LowerASCII instead of DeprecatedLower in css/
Incorrectly folded upper-case non-ascii characters into ascii for type,
attribute, id, and class selectors causing non-matching selectors to

Also fixed for media types and features.


Change-Id: I5a6f813b2722ee4efcff2ab933f5ad075faadcbb
Reviewed-on: https://chromium-review.googlesource.com/517105
Commit-Queue: Rune Lillesveen <rune@opera.com>
Reviewed-by: Morten Stenshorne <mstensho@opera.com>
Cr-Commit-Position: refs/heads/master@{#475021}
Drop author ::-internal-* pseudo at parse time.
The SelectorChecker already always failed, but the selector should be
invalid and the whole rule dropped. There is a single pseudo
::-internal-media-controls-overlay-cast-button which is still web-
facing. That is tracked by issue 678285.

Moved the update pseudo page in @page into a separate method.


Change-Id: Ifca8a0e593c4d11720b0b0822e4c753ff45fb52b
Reviewed-on: https://chromium-review.googlesource.com/512827
Commit-Queue: Rune Lillesveen <rune@opera.com>
Reviewed-by: Mounir Lamouri <mlamouri@chromium.org>
Cr-Commit-Position: refs/heads/master@{#474987}
Enable heap compaction on all 'container' arenas.
Reconcile indexing for compactable arenas to always be wrt
the arena index -- it was miscued on setting, using an
offset instead, thereby preventing vector[1-4] arenas from
being considered for compaction.


Review-Url: https://codereview.chromium.org/2908463002
Cr-Commit-Position: refs/heads/master@{#474966}
Stricter equality check for local refs in CSSURIValue
'local' references ("#foo") needn't even consider the absolute URL(s)
when being compared. In this particular case, the (redundant) comparison
ended up comparing equal because a base-URL-less parser context is used
when parsing the property (will be fixed separately.)
When |is_local_| is set, only consider the relative URLs during the


Review-Url: https://codereview.chromium.org/2905033003
Cr-Commit-Position: refs/heads/master@{#474717}
blink_gc_plugin: disallow WeakMember<> fields in off-heap objects.
Add missing check for WeakMember<> fields in non-managed classes;
not permitted just like Member<>.


Review-Url: https://codereview.chromium.org/2902563002
Cr-Commit-Position: refs/heads/master@{#474368}
When moving past a left-hand scrollbar, don't jump way outside the content box.
We handle rendering, scrolling and scrollbars quite poorly if a scrollbar is
actually wider than its containing block. See crbug.com/724255 for more info on
this corner-case.

We end up with negative values in parts of the code where they are not
expected. This CL is just a simple regression fix to at least make sure that
scrollWidth doesn't get messed up by left-hand scrollbars.

AngularJS depends on this.


Review-Url: https://codereview.chromium.org/2893833004
Cr-Commit-Position: refs/heads/master@{#474226}
Don't trigger full active style update on styleSheets access.
Element.styleSheets and ShadowRoot.styleSheets need to be made up-to-
date on access. We used to do a full active style update, but re-
collecting the stylesheet list should be enough, leaving the active
style dirty flags intact.

We introduce a dirty-flag for the stylesheet list in
StyleSheetCollection to avoid repeatedly re-collecting this list while
the active style is still dirty.

This coincidentally fixes issue 722826 since we do not collect
stylesheets in import shadow trees as part of the active style update,
but is now made up-to-date on request when accessing the styleSheets
collection on shadow roots inside import documents.

This fixes the performance issue 717506.


Review-Url: https://codereview.chromium.org/2884993002
Cr-Commit-Position: refs/heads/master@{#473846}
Correct logic "Should ContextMenu target the selection?"
If the selection doesn't have focus, it shouldn't be the target
of the context menu.

For example, an _unfocused_ range selection should not be the
context menu's target (the focused element should be the target).

BUG=725005, 725022

Review-Url: https://codereview.chromium.org/2880313002
Cr-Commit-Position: refs/heads/master@{#473842}
Get SVGLayoutTreeAsText shape values from ComputedStyle
The values from ComputedStyle better reflect what values are actually

Review-Url: https://codereview.chromium.org/2888603005
Cr-Commit-Position: refs/heads/master@{#473157}
Make CSSSelector::SelectorText() non-recursive.
Should fix the stack overflow issue for selectors with an excessive
amount of compound selectors.


Change-Id: I2a1cfb8cb2d00d96f8d46a6e7317c5871020c6cd
Reviewed-on: https://chromium-review.googlesource.com/506020
Reviewed-by: Eddy Mead <meade@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#473972}
Update styleSheets list in import without active style update.
Querying document.styleSheets should not need to do a full active style
update. This CL is implementing a light-weight update of the styleSheets
list querying document.styleSheets on html import documents.

We collect and swap style_sheets_for_style_sheet_list_ for the
collection of the import document without touching the active style or
the dirty flags for active style on the master document. This is
straightforward for import documents as they don't have an active
stylesheet list themselves. Doing this optimization for top level
documents and shadow trees is the next step, but we need to be more
careful for those cases to keep the dirtyness without having to re-
collect for the styleSheets api every time.


Review-Url: https://codereview.chromium.org/2880303002
Cr-Commit-Position: refs/heads/master@{#472751}
Remove SVGTextMetrics Width/Height getters
Remove said methods, replacing them with an additional Advance(...)
overload and a new method Extents() for the users that need those (all
in SVGTextQuery.)


Review-Url: https://codereview.chromium.org/2888623008
Cr-Commit-Position: refs/heads/master@{#472650}
Remove duplicate selector list serialization code.
CSSStyleRule::GenerateSelectorText() was identical to
CSSSelectorList::SelectorsText(). Removed the former.


Change-Id: Ia9432434c8a7943228a39fe5d1005b2fb49492bc
Reviewed-on: https://chromium-review.googlesource.com/506730
Reviewed-by: Alexis Menard <alexis.menard@intel.com>
Reviewed-by: Naina Raisinghani <nainar@chromium.org>
Commit-Queue: Rune Lillesveen <rune@opera.com>
Cr-Commit-Position: refs/heads/master@{#472627}
Clear document scope dirtiness in import StyleEngine.
This is part of the plan to fix 717506 by re-collect sheets for
style_sheets_for_style_sheet_list_  separately from updating all of
active style to make it more light-weight.

Some sanity checking and comment about document scope dirtiness in,
and clear dirtiness after updating active sheets for, html imports.

Also renamed to UpdateActiveStyleSheetsInImport() to make it clearer
what the method does.


Review-Url: https://codereview.chromium.org/2880263002
Cr-Commit-Position: refs/heads/master@{#472447}
Allocate CSSGlobalRuleSet on heap.
Avoids allocating the CSSGlobalRuleSet on html import StyleEngines.

Review-Url: https://codereview.chromium.org/2883003002
Cr-Commit-Position: refs/heads/master@{#472186}
Avoid synchronous stylesheet update on html import loaded.
A use counter was updating the styleSheets list, which updated all of
active style to figure out if an html import contains stylesheets.
Instead, do a simpler walk of the stylesheet candidate nodes and return
early if one of them has a sheet, or a sheet load is in progress.


Review-Url: https://codereview.chromium.org/2882983002
Cr-Commit-Position: refs/heads/master@{#472139}
Rename *Focus*-methods of FrameSelection to clarify its public API
As we've now added FS::SelectionHasFocus in [1], let's rename
FS::*IsFocused* to FS::*FrameIsFocused* to emphasize that these
methods give information about the Frame (in contrast to

TEST=No behavior change

[1] = crrev.com/2841093002

Review-Url: https://codereview.chromium.org/2876973003
Cr-Commit-Position: refs/heads/master@{#472129}
Don't try to set the empty string as the preferred set.
Noticed during debugging that we did an extra MarkDocumentDirty() for
active stylesheet update trying to change the preferred set from empty
string to empty string in a document where no sheets had a title

Guard the call sites which didn't check for emptiness and add a DCHECK
in the SetPreferredStylesheetSetNameIfNotSet implementation.

Review-Url: https://codereview.chromium.org/2879223002
Cr-Commit-Position: refs/heads/master@{#472039}
Use CorrespondingUseElement() in SVGElement::TreeScopeForIdResolution
For elements sourced non-locally, CorrespondingElement() will give the
TreeScope of the document it was sourced from rather than the TreeScope
of the <use> element. Until we are able to resolve references at
ComputedStyle resolution, attempt to use the host of the shadow tree,
i.e the (outermost) <use> element. (This will not work when external
paint servers are supported, or with a paint server defined in the
referenced document.)


Review-Url: https://codereview.chromium.org/2877973002
Cr-Commit-Position: refs/heads/master@{#471955}
Make context menu aware of hidden selection
When the frame's selection is hidden, the context menu should
use the focused element (not the selection) as context.


Expected: Context menu for <a>.
Review-Url: https://codereview.chromium.org/2869713003
Cr-Commit-Position: refs/heads/master@{#471719}
Nested <use>s can resolve against an external resource
Rather than using TargetElementFromIRIString(...) when resolving nested
<use> references, we should be using ResolveTargetElement(), since the
latter also considers a possible external resource.


Review-Url: https://codereview.chromium.org/2875303002
Cr-Commit-Position: refs/heads/master@{#471632}
Distinguish between row (fragmentainer group) height and column (fragmentainer) height.
TLDR; The spec [1] says that a fragmentainer height must always be 1px or
greater, to ensure progress. If we just do this, we'll avoid a lot of trouble
with limitations in the data types that we use.

While *column* heights will now be clamped to >= 1px, we still allow the height
of a *row* (fragmentainer group) to be less than 1px. We don't want the row to
take up more space than it should in its container.
E.g. <div style="columns:2; height:0.5px;"><div style="height:1px";></div></div>
will give a row height of 0.5px, as specified. The column height, on the other
hand, should be clamped up to 1px.

And here, for the nastiness that this CL aims to fix:
<div style="columns:2; height:0.25px;">
    <div style="height:10000000px;"></div>
The content to fragment is 10 million pixels tall, and the column height has
been specified as 0.25px. Internally in our code, heights are stored as
LayoutUnit, which is a fixed-point unit with 6 bits reserved for decimals. On
the other side of the decimal point we have room for 32-6 bits = 26 bits, which
is what we have for a signed integer. That's 25 bits for the absolute value.
That's just over 30 million. LayoutUnit uses saturated arithmetic so there'll
never be any integer overflow or underflow, but there may be other ill effects.
Like in this case, if we actually allow a column height of less than 1px (i.e.
0.25px), when the engine for example wants to figure out the *actual* column
count (column count was *specified* as 2, but there's no way we're going to be
able to fit a 10 millions pixels tall thing in two columns when the column
height is 0.25px, so the actual count will be way higher), we take the flow
thread portion (10000000px) and divide by the column height (0.25px). If we
divide something by something (positive) less than 1, we of course end up with
a quotient larger than the dividend. While the dividend may be small enough to
fit unclamped in a LayoutUnit (10000000px fits just fine), the quotient
(40000000) may not. So, while the actual column count really is 40 million (if
we allow columns to be shorter than 1px), the engine will clamp the 40 million
to fit inside a LayoutUnit. That's 33554431. This is the root of the problem,
and this incorrect column count value may in turn lead to other bad things,
even negative column heights in subsequent rows (and good luck calculating a
used column count off that!). It would probably be possible to cope with this,
if we only take extra care everywhere, when dealing with close-to-insane

Or we can just do what the spec says, and clamp column heights to >= 1px.

[1] https://drafts.csswg.org/css-break/#breaking-rules


Review-Url: https://codereview.chromium.org/2874933005
Cr-Commit-Position: refs/heads/master@{#471330}
Inherit [Unforgeable] attributes between components
Specifically, when an interface in modules/ inherits an interface in core/
that defines an [Unforgeable] attribute, the interface in modules/ should
still have the attribute.


Review-Url: https://codereview.chromium.org/2874153003
Cr-Commit-Position: refs/heads/master@{#471284}
Fix textPath textLength position adjustment for the spacing case
Follow-up to https://codereview.chromium.org/2870393002, adjusting the
<textPath> 'textLength' computation in the same way.


Review-Url: https://codereview.chromium.org/2868413003
Cr-Commit-Position: refs/heads/master@{#471248}
debug_fission does not depend on bundled binutils
Change-Id: Ic6cd79175a1ea51dcd8f6ba11bf48ed6f800db6b
Reviewed-on: https://chromium-review.googlesource.com/503011
Reviewed-by: Nico Weber <thakis@chromium.org>
Reviewed-by: Brett Wilson <brettw@chromium.org>
Commit-Queue: Mostyn Bramley-Moore <mostynb@opera.com>
Cr-Commit-Position: refs/heads/master@{#471243}
Improve LayoutMultiColumnFlowThread::IsPageLogicalHeightKnown().
Simply returning whether the last column set has a known height isn't really
sufficient. All column sets need to have known heights.

However, instead of asking each column set every time we call
LayoutMultiColumnFlowThread::IsPageLogicalHeightKnown(), use a flag.


Review-Url: https://codereview.chromium.org/2877703003
Cr-Commit-Position: refs/heads/master@{#471231}
Rebuild layout tree in flat tree order.
Marking the DOM for layout tree rebuild and the actual rebuilding is
now contained in the lifecycle update at a point where the shadow dom
distribution is up-to-date. We can therefore safely mark the flat-tree
ancestor chain without risking that it's broken by a distribution.

The point of doing RebuildLayoutTree in flat tree order is that layout
boxes can then be re-attached in the layout tree order which makes it
simpler to handle whitespace reattachment. For shadow trees and slotted
elements, when using the shadow-including tree order, we could have
elements rebuild their layout boxes in an order arbitrarily decided by
the slot assignments and slot positions in the shadow tree.

Note that while the RebuildLayoutTree traversal used to happen in the
shadow-including order, the layout attachment already happens in the
flat tree order.

See [1] for a plan to fix correctness and performance of whitespace

This CL is doing the following changes:

1. Modify MarkAncestorsWithChildNeedsReattachLayoutTree to mark flat
   tree ancestry.

2. Rebuild distributed children for InsertionPoint and HTMLSlotElement.
   These children were rebuilt after their host's shadow tree before
   this change.

3. Factored out RebuildLayoutTreeForChild() as common code for both
   walking light tree children in ContainerNode, and distributed
   children in InsertionPoint and HTMLSlotElement.

4. Made FinalDestinationSlot() a member of node instead of a static
   function as it is now needed in multiple files.

[1] http://bit.ly/2ozyBdx

Review-Url: https://codereview.chromium.org/2836753002
Cr-Commit-Position: refs/heads/master@{#471188}
remove superfluous size_t value >= 0 check
This assertion adds no value, and can trigger warnings (and errors if
you build with -Werror). I think it should be removed. If it is really
important, a comment where the variable is defined would suffice.

Patch submitted upstream:

https: //github.com/gperftools/gperftools/pull/885
Change-Id: Ife6de127928bfdd0c3861b65cdeb8e5ccbfee16d
Reviewed-on: https://chromium-review.googlesource.com/503034
Reviewed-by: Will Harris <wfh@chromium.org>
Commit-Queue: Mostyn Bramley-Moore <mostynb@opera.com>
Cr-Commit-Position: refs/heads/master@{#471054}
Merged all PointerToId functions into TraceHelper::PointerToString.
There are many places in scheduler/renderer that need to make a string
out of a pointer for tracing purposes. This creates a shared function
for them.

This was noticed while experimenting with jumbo builds which can not
handle reused symbol names in the global or global anonymous scope.

Review-Url: https://codereview.chromium.org/2837323002
Cr-Commit-Position: refs/heads/master@{#470948}
Check StyleSheetIsLoading before clearing LinkStyle sheet.
StyleSheetIsLoading() returns true if the top sheet is loaded but has
loading imports. If the top level sheet is cleared before we check the
loading status, we will not appropriately call RemovedPendingSheet()
which may block rendering indefinitely.


Review-Url: https://codereview.chromium.org/2873133002
Cr-Commit-Position: refs/heads/master@{#470943}
Fix textLength position adjustment for the "adjust spacing" case
There should be no advance adjustment after the last character (really,
"typographic unit"), so divide the excess space by the character count
minus one - i.e the number of gaps - rather than the character count.


Review-Url: https://codereview.chromium.org/2870393002
Cr-Commit-Position: refs/heads/master@{#470928}
Remove the SVGImageElement::needs_loader_uri_update_ flag
Since xml:base is no longer a thing, there's no reason to delay the
resource (image) load until the <image> element is in the document.

Remove the flag and initiate resource loads a way resembling
HTMLImageElement. This means a change in behavior, since it will now be
possible get the load to start before the image is inserted into the
document. The new behavior matches Gecko.

Also clean up the code a bit, remove some unused includes and add a TODO
for the document adopt case.


Review-Url: https://codereview.chromium.org/2868323002
Cr-Commit-Position: refs/heads/master@{#470898}
Fix compilation of heap compaction debug diagnostics code.

Review-Url: https://codereview.chromium.org/2871123005
Cr-Commit-Position: refs/heads/master@{#470893}
Reimplement [PutForwards] per spec
An attribute setter for an attribute X with [PutForwards=Y] should mostly
just do

  Set(Get(this, X), Y, value)

With the previous implementation, we instead essentially inlined both the
getting of X and setting of Y into the setter. This is unnecessary (both
will be implemented correctly separately) and also incorrect, since both
the getter for X and setter for Y could be overridden by a script.


Review-Url: https://codereview.chromium.org/2733763003
Cr-Commit-Position: refs/heads/master@{#470864}
Algorithm for deciding if a frame's selection should be hidden
Crrev.com/464698 introduced "hiding" of unfocused selections
in text controls. Hiding avoids clearing the selection upon change
of focus.

Now we only hide selections inside text controls.
Selections within content-editable elements must also be hidden.

Generalize previous work into an algorithm that, given current
DOM and its activeElement, determines whether a frame's selection
should be hidden.

See the algorithm in InHidden() for documentation and read its
unit tests in FrameSelectionTest.cpp.

BUG=715059, 715889

Review-Url: https://codereview.chromium.org/2841093002
Cr-Commit-Position: refs/heads/master@{#470822}
include what you use: errno.h in native_test_launcher.cc
Add missing errno.h include.

Review-Url: https://codereview.chromium.org/1428653003
Cr-Commit-Position: refs/heads/master@{#470564}
Counters are always generated content and cannot be selected.
Copying selection across generated ::before/::after with counter() did
not copy the contents, but the counter content was painted as selected
as if it was.

LayoutTextFragment was already overriding the implementation of
CanBeSelectionLeaf() to skip generated content, but LayoutCounter
inherits from LayoutText which returns always true. Return false for
LayoutCounter as it is always generated content.


Review-Url: https://codereview.chromium.org/2867083003
Cr-Commit-Position: refs/heads/master@{#470141}
Avoid duplicating the BleedAvoidanceIsClipping function in Blink paint
There were two copies of BleedAvoidanceIsClipping and that is not what
we want.

I noticed this while experimenting with jumbo builds where the two
identical symbols would collide.

Review-Url: https://codereview.chromium.org/2863083002
Cr-Commit-Position: refs/heads/master@{#469951}
The first table row is pushed down by border-spacing.
We need to make sure this happens *before* laying it out when inside a
fragmentation context.

Added tests fast/multicol/balance-table-with-border-spacing.html and
fragmentation/table-with-border-spacing.html for this.

This change also fixes breaking inside border-spacing adjacent to table
rows with break-inside:avoid set. There should be no reason to prevent
breaking inside border spacing, just because it's adjacent to such table
rows, but it looks like this was the behavior we got, by accident.
Updated printing/avoid-setting-header-offset-on-header.html accordingly
and threw in an additional test
fragmentation/border-spacing-break-before-unbreakable-row.html for this
collateral fix. It's hopefully correct, since we now match Edge's behavior.


Review-Url: https://codereview.chromium.org/2803383002
Cr-Commit-Position: refs/heads/master@{#469690}
Workaround for UCRT deadlock between gpu's main and watchdog threads
Deadlock is likely caused by UCRT lib bug that can be reproduced with
low-frequency in Opera Browser on Windows 7. Deadlock will permanently freeze
gpu process (watchdog will not intervene as, ironically, it's involved in a


Review-Url: https://codereview.chromium.org/2857743004
Cr-Commit-Position: refs/heads/master@{#469617}
Disable inheritance propagation for text-align.
The text-align property has an internal value -webkit-match-parent with
a dependency on the parent computed style used in the UA sheet for LI,
which means the independent inheritance optimization won't work.


Review-Url: https://codereview.chromium.org/2860743004
Cr-Commit-Position: refs/heads/master@{#469609}
Stop matching scrollbar pseudo element without a scrollbar.
While matching rules for elements, we mark elements as affected-by-* for
user action pseudo classes like hover. It means that when the element is
later hovered, we need to recalculate style to apply hover styles to
that element.

In general, we currently don't support pseudo classes after pseudo
elements, but for scrollbar pseudo elements we do:

  ::-webkit-scrollbar:hover {}

However, we do not want such rules to mark the element as affected-by-
hover. The hover style on scrollbar parts get their hover style updated
when hovered regardless of any flags, and making scrollbar pseudo
element rules affect hover updates on the actual elements causes
unnecessary style recalcs.


Review-Url: https://codereview.chromium.org/2850743003
Cr-Commit-Position: refs/heads/master@{#469309}
IsAccessWhiteListed(): avoid unnecessary stringification.
The origin whitelist may well be empty, so check that first
before taking on the stringification of the security origin.


Review-Url: https://codereview.chromium.org/2855133005
Cr-Commit-Position: refs/heads/master@{#469300}
allow_posix_link_time_opt and is_cfi are clang features
This is required for GCC builds with is_official_build=true.


Review-Url: https://codereview.chromium.org/2858723002
Cr-Commit-Position: refs/heads/master@{#469188}
Hoist layout update out of SVGGraphicsElement::GetBBox and overrides
Call Document::UpdateStyleAndLayoutIgnorePendingStylesheets() in the DOM
entrypoint instead of in each GetBBox implementation/override. Add
DCHECKs as needed in the GetBBox implementations instead to assert the
Adjust ResizeObservation::ComputeTargetSize (which shouldn't need to
update the layout anyway) to account for this.

Review-Url: https://codereview.chromium.org/2854123004
Cr-Commit-Position: refs/heads/master@{#469061}
Rename SVGPreserveAspectRatio::GetCTM to ComputeTransform
This method doesn't "get (a) CTM", it rather computes a transform that
maps from the (initial) viewport space to the viewbox space while
considering the value of 'preserveAspectRatio'.

Review-Url: https://codereview.chromium.org/2856863005
Cr-Commit-Position: refs/heads/master@{#469057}
Simplify the SVGGraphicsElement ...CTM methods
GetCTM() only has a single caller, so can be trivially folded. Similarly
GetScreenCTM which has one kAllowStyleUpdate and one
kDisallowStyleUpdate, so it can be folded while hoisting the call to
update style and layout.
This means that there are no longer a collision between internal methods
and the ones exposed in the DOM, so the "...FromJavascript" suffixes can
be dropped.

Review-Url: https://codereview.chromium.org/2858913002
Cr-Commit-Position: refs/heads/master@{#469055}
Don't update column position in StyleDidChange.
StyleDidChange set the first column position to the horizontal border
spacing value regardless of whether this value changed or not.

I am not familiar with how table layout works in Blink and haven't
debugged this extensively, but when we re-layout a table cell because
it has out-of-flow content which needs layout, the first effective
column position is set wrongly. It gets its initial value from the line
removed in this CL by a style recalc on the table element prior to the
re-layout, which is the h_spacing_, but the spacing is subtracted once
more in http://bit.ly/2pBB7x1


Review-Url: https://codereview.chromium.org/2855853002
Cr-Commit-Position: refs/heads/master@{#468920}
More targeted resource-switching mechanism for SVG selection painting
The mechanism by which resources are generated for painting using
selection style for SVG text is a bit too heavy-handed, and can end up
invalidating both layout and other things. All that is needed is looking
up any <paint> ('fill' or 'stroke') references and invalidating any
state from the non-selection style.

Use a reduced/tailored version of SVGResourcesCache::ClientStyleChanged
that only recreates/swaps the SVGResources object for the LayoutObject
and wrap that mechanism in a scope object.


Review-Url: https://codereview.chromium.org/2846513002
Cr-Commit-Position: refs/heads/master@{#468658}
getScreenCTM on <use> should not include the additional translation
This is a partial revert of https://codereview.chromium.org/2711503002,
preserving the fix from that bug (crbug.com/678167) while restoring the
LocalCoordinateSpaceTransform() infrastructure to compute the correct
CTM for <use> elements.


Review-Url: https://codereview.chromium.org/2853223002
Cr-Commit-Position: refs/heads/master@{#468657}
Revert "Verify that constant vectors aren't invalidated during iteration."
Back out the problem diagnosis CHECKs() added in r463124; condition not


Review-Url: https://codereview.chromium.org/2857503002
Cr-Commit-Position: refs/heads/master@{#468584}
Fix detached event listener attribute updating.
The parser will in some cases create new elements in documents that
have become frame-detached. Account for that -- no execution context
due to the document having become detached -- when processing the
event listeners of an event attribute.


Review-Url: https://codereview.chromium.org/2855443002
Cr-Commit-Position: refs/heads/master@{#468294}
Abort the SVG filter content recording if the FilterData was dropped
In the (rare) case of a recording being started and the FilterData
structure being yanked away (and destroyed) from under
SVGFilterPainter's feet, we need to put the PaintController in a
consistent state before destroying it.
Add a new method SVGFilterRecordingContext::Abort() and call that when
SVGFilterPainter::FinishEffect encounters a null FilterData for the


Review-Url: https://codereview.chromium.org/2847133002
Cr-Commit-Position: refs/heads/master@{#468092}
Refactor FilterData::state_ handling in SVGFilterPainter
Make FilterData::state_ only be checked and updated within
SVGFilterPainter, and not by SVGFilterRecordingContext or the local
painting helper.
Instead SVGFilterRecordingContext only manages the recording state, and
gets passed bounds while returning a paint record.
This simplifies some of the corner-cases with regards to how "aborted"
filters are handled, getting rid of some "FilterData is null" in many


Review-Url: https://codereview.chromium.org/2851753002
Cr-Commit-Position: refs/heads/master@{#468085}
Don't truncate the border-spacing before the table-header-group when fragmenting.

Review-Url: https://codereview.chromium.org/2848883002
Cr-Commit-Position: refs/heads/master@{#468055}
Proactively dispose image filters for SVG filter chains
Because of the spanning of multiple heaps by the resources associated
with FilterEffects [GCd] (SkImageFilter [mallocd]), the garbage
collector only observes a relatively slow growth, while resources tied
by or via the other heap can be substantial.

Since we have fairly good control of the lifetimes here, we can try to
dispose of our references to the resources on the other heap up front,
and prevent growth due to (dead) GCd objects in limbo.

Also rename FilterEffect::ClearResult to DisposeImageFilters to better
match it does nowadays.


Review-Url: https://codereview.chromium.org/2846593008
Cr-Commit-Position: refs/heads/master@{#467983}
Avoid sending double responding close control frames in WebSockets
This avoids sending a second ack close frame when we get a flow
control request from the renderer while waiting for the connection to
be closed.


Review-Url: https://codereview.chromium.org/2845033002
Cr-Commit-Position: refs/heads/master@{#467964}
Remove unused AttachContext parameter.
Review-Url: https://codereview.chromium.org/2844253002
Cr-Commit-Position: refs/heads/master@{#467904}
Merge two IsInDocument implementations.
There were two helper functions IsInDocument implementations in
core/input and this moves them to EventHandlingUtil so they can
be shared.


Review-Url: https://codereview.chromium.org/2845973002
Cr-Commit-Position: refs/heads/master@{#467684}
Remove unused "using" statements in WebKit/Source/platform.
Some "using" statements that were no longer used lingered in the
source code so let us remove them.

Review-Url: https://codereview.chromium.org/2841923002
Cr-Commit-Position: refs/heads/master@{#467654}
Better overflow handling for aspect-ratio MQ.
This change fixes two issues:

1. Clamp instead of casting double values from parser to internal
   unsigned storage.
2. Promote width/height/numerator/denominator multiplications to double
   to avoid integer overflow for large numerator/denominators.


Review-Url: https://codereview.chromium.org/2836613002
Cr-Commit-Position: refs/heads/master@{#467615}
Adding missing include guard for SharedGpuContext.h
Review-Url: https://codereview.chromium.org/2841933002
Cr-Commit-Position: refs/heads/master@{#467054}
Make //content/public/renderer dependency on //media public
There's following include chain:

Dependency chain must be also public to make sure that target that depends
on //content/public/renderer has include paths configured properly and
skia header inclusion doesn't cause 'include file not found' error during


Review-Url: https://codereview.chromium.org/2839623002
Cr-Commit-Position: refs/heads/master@{#467018}
Allow forced breaks inside floats.

Review-Url: https://codereview.chromium.org/2840443003
Cr-Commit-Position: refs/heads/master@{#466848}
Tidy up fragment loops in SVGInlineTextBoxPainter
Convert the loop in PaintTextFragments to a for-range, and remove the
unneeded local variable in CollectFragmentsInRange.


Review-Url: https://codereview.chromium.org/2843483002
Cr-Commit-Position: refs/heads/master@{#466696}
Removed superfluous custom style DCHECK.
Custom style callbacks are called during style recalc. There is no need
to check that ShadowRoot does not have such callbacks during layout
tree rebuild. There is already a check in ShadowRoot::RecalcStyle().


Review-Url: https://codereview.chromium.org/2833223002
Cr-Commit-Position: refs/heads/master@{#466551}
Add curly brackets to list of characters that gn needs to escape
Curly brackets {} needs to be escaped to avoid brace expansion
on systems using bash as the default shell.


Review-Url: https://codereview.chromium.org/2809633002
Cr-Commit-Position: refs/heads/master@{#466286}
Scopeless matching of :host rules for style sharing.
The kSharingRules mode for selector matching needs to bypass scope
checking in various places because we match selectors from the set of
global uncommon attribute rules for which the source scope is unknown.

We should really store these rules per scope, at least for Shadow DOM
v1, and pass the correct scope for matching.


Review-Url: https://codereview.chromium.org/2824853004
Cr-Commit-Position: refs/heads/master@{#465980}
Collect media query results for non-matching stylesheets.
Viewport and device dependent media query results are collected after
an active stylesheet update happen. The results are collected on the
ScopedStyleResolvers and propagated to the CSSGlobalRuleSet. It's
necessary that the active stylesheet update causes these media query
results to be up-to-date so that e.g. a viewport resize checks these
results to detect that we need an active stylesheet update for a given

That did not happen when we only added sheets for which the media
attrbute did not match, because adding a sheet with a null RuleSet does
not affect the computed style and the changed_rule_sets set was empty.

Now, if we add or remove a sheet which does not apply, and that sheet
has a viewport or device dependent media query, still return
kActiveSheetsAppended or kActiveSheetsChanged to trigger the re-
collection of those media query results.


Review-Url: https://codereview.chromium.org/2829873002
Cr-Commit-Position: refs/heads/master@{#465912}
Move the BreakCycle() method from the cycle solver to SVGResources
This means we can get rid of the SVGResources::ResetFoo methods, and
thus the "friend"-ship between SVGResourcesCycleSolver and SVGResources.
This also reduces the dependencies between the cycle solver and specific
resource types.
Choose a more "semantic" name (ClearReferencesTo), and also remove the

Review-Url: https://codereview.chromium.org/2821333002
Cr-Commit-Position: refs/heads/master@{#465535}
Update description of mouse-click-plugin-clears-selection.html
After crrev.com/2616623002, we now do expect the layout tree
to contain a selection (a selection that is hidden). So let's
update the test's inline description to reflect this exception.


Review-Url: https://codereview.chromium.org/2817073003
Cr-Commit-Position: refs/heads/master@{#464710}
Do not send redundant selectionchange-events (decouple focus)
This CL aims to remove redundant selectionchange-events
that were sent upon change of focus caused by element.focus(),
tab-navigation, spatnav and mouse-clicks.

1. Send == one selectionchange-event, not two, for each caret jump.
2. Send <= one selectionchange-event, not two, for each focus jump.

When you click/tab to an <input> text-field, a
ViewHostMsg_TextInputStateChanged-message is sent to browser-side.

With current logic, RenderFrameImpl::didChangeSelection is
called twice so two ViewHostMsg_TextInputStateChanged-messages
are sent to browser-side:
 (1) when focus leaves an <input>-field (unnecessary!).
 (2) when focus enters another <input>-field.

Worse, also the web page gets two selectionchange events.
The first one is immediately invalid so the webpage should
not react to it.

(1) happens because FocusController::setFocusedElement()
always clears the selection when a new element gets focus.

Do not clear selection when focus moves. To keep current visual
behavior when focus moves away from a text-field we need to hide
that field's selection (clicking outside a text-field hides its

Test updates:
1. Check for one selectionchange event, not two.
2. LayoutTests' trees now expect the "hidden" selection.
3. A new test in WebFrameTest.cpp tests tab-key navigation.

BUG=678601, 679635, 699015, 692898
TEST=In content_shell, select some text in an <input>-field,
     click another <input>-field (move focus).
     Notice: one selectionchange event is fired (as in Firefox).
TEST=In content_shell, select some text in an <input>-field,
     click on an <img>. Notice: selection gets hid and
     zero selectionchange events are fired (as in Firefox).

Review-Url: https://codereview.chromium.org/2616623002
Cr-Commit-Position: refs/heads/master@{#464698}
Add connected-paranoia in SVGElement::UpdateRelativeLengthsInformation
When (animated attribute) mutations are trigger by a 'id' change (via
an IdTargetObserver), relative lengths state may be revalidated while
the element are in the process of being removed from the document, but
has not yet been marked as such. If relative length state is updated in
such a case, the |elements_with_relative_lengths_| set could end up in
an inconsistent state.
Instead of only relying on the connected bit of the current element,
also check all the ancestors to make sure.


Review-Url: https://codereview.chromium.org/2817913002
Cr-Commit-Position: refs/heads/master@{#464408}
Fix disabling FFMpeg video decoders on non-Android platforms
If disable_ffmpeg_video_decoders is set to true on platfoms other
than Android ffmped_video_decoder.* is always included.
This patch removes those sources and fixes dependencies in code.

Review-Url: https://codereview.chromium.org/2808093008
Cr-Commit-Position: refs/heads/master@{#464394}
Avoid duplicate functions/code in core/inspector: isErrorStatusCode
While experimenting with unity builds I encountered a few duplicate
symbols and functions in core/inspector. One of them was
isErrorStatusCode, a one instruction function that was defined in both
NetworkResourcesData.cpp and InspectorNetworkAgent.cpp.

This patch renames one of them IsHTTPErrorStatusCode, a more suitable

Review-Url: https://codereview.chromium.org/2807533005
Cr-Commit-Position: refs/heads/master@{#464076}
Deduplicating compositing scrollingCoordinator helper
In the experiments with unity builds I ran into the
scrollingCoordinatorFromLayer function that was defined identically at
two different places. This patch moves the code to PaintLayer where
it is also available to PaintLayer itself.


Review-Url: https://codereview.chromium.org/2803013005
Cr-Commit-Position: refs/heads/master@{#464054}
Invalidate the "values cache" when resetting animated value state
When we revalidate the animated value, and the value 'source' is the
'values' attribute, we need to also reset the cached 'from' and 'to'
values kept in SVGAnimationElement. If not, a target change could clear
the animated from/to values and not notice that they are stale on
Companion to https://codereview.chromium.org/2763283002.


Review-Url: https://codereview.chromium.org/2817643003
Cr-Commit-Position: refs/heads/master@{#464037}
Strip only ASCII spaces from SMIL 'values' attributes
This is more consistent with other microsyntaxes used for attribute
parsing, while also making it consistent with the XSSAuditor.

BUG=709365, 710460

Review-Url: https://codereview.chromium.org/2807193003
Cr-Commit-Position: refs/heads/master@{#463662}
Support calc(...) in ConsumeAngleOrPercent / for conic-gradient
Because of the explicit check for <percentage-token>, calc(...) would
not be properly handled for percentages. CSSGradientValue also wasn't
checking for calc() values when evaluating stops.
Rewrite ConsumeAngleOrPercent in a vein similar to
Make CSSPrimitiveValue::IsAngle() consider resolved type, and update
CSSRotation TypedOM implementation to counter this.


Review-Url: https://codereview.chromium.org/2813583002
Cr-Commit-Position: refs/heads/master@{#463585}
Rename cleanup in comments in css/ directory.
After the renaming of methods and variables to match chromium style,
a bunch of comments were not correct.


Review-Url: https://codereview.chromium.org/2812743003
Cr-Commit-Position: refs/heads/master@{#463561}
Rename cleanup in comments in style/ directory.
After the renaming of methods and variables to match chromium style,
a bunch of comments were not correct.


Review-Url: https://codereview.chromium.org/2812593005
Cr-Commit-Position: refs/heads/master@{#463559}
kChildNeedsReattachLayoutTree should not be initially set.
This flag should have been dropped in [1] since we dropped setting
kNeedsReattachLayoutTree initially in that CL.

[1] https://codereview.chromium.org/2760233004


Review-Url: https://codereview.chromium.org/2807063003
Cr-Commit-Position: refs/heads/master@{#463421}
Use a ResizeObserver to determine default font-size for text tracks
Text track needs to derive the default font for the cues from the size
of the <video> area, and currently does this by updating style during
the call to layout() on the LayoutTextTrackContainer, violating the
document lifecycle.

To avoid mutating style during layout, hook up a ResizeObserver from
TextTrackContainer to HTMLVideoElement and rely on the ResizeObserver
logic to iterate on the style and layout.

This eliminates the need to have a special LayoutObject for
TextTrackContainer, so just use a LayoutBlockFlow and remove all traces
of LayoutTextTrackContainer.

The media/track/track-cue-rendering.html test is updated to check sizes
after layout and paint instead of a forced layout.


Review-Url: https://codereview.chromium.org/2803243002
Cr-Commit-Position: refs/heads/master@{#463280}
Verify that constant vectors aren't invalidated during iteration.
Clearing a heap vector while it is being iterated and on the stack is
unsafe, as it promptly releases the backing store.

Add CHECK()s to verify that this doesn't happen for a crasher involving
MediaQuerySets that's proving hard to pindown, but there are some
suggestions that the heap vector contents of MediaQuerySet::m_queries
is being mutated.


Review-Url: https://codereview.chromium.org/2806003002
Cr-Commit-Position: refs/heads/master@{#463124}
Avoiding name collisions between flexbox and grid
I'm still experimenting with unity builds and one of the name
collisions that you encounter when compiling layout is between flexbox
code and grid code. This patch changes top level functions to be
member functions.

No functional changes.

Review-Url: https://codereview.chromium.org/2803323002
Cr-Commit-Position: refs/heads/master@{#463059}
Avoid duplicate functions/code in core/editing: endTag
While experimenting with unity builds I encountered a few duplicate
symbols and functions in core/editing. This patch renames, moves
and unifies them.

elementCannotHaveEndTag is a utility function used in serializers
and since it is used in multiple places, and MarkupFormatter is
not a good place for it, let us put it in EditingUtilities.


Review-Url: https://codereview.chromium.org/2804943002
Cr-Commit-Position: refs/heads/master@{#462994}
A column-span:all element should always establish a new formatting context.
This also applies when the element isn't contained by a multicol container
(which means that we shouldn't require the spanner placeholder to be present).


Review-Url: https://codereview.chromium.org/2799363003
Cr-Commit-Position: refs/heads/master@{#462865}
Avoid converting an IntRect to IntRect via FloatRect
IntRects can be implictly converted to FloatRect so code managed
to call enclosingIntRect on an IntRect which then converted to
FloatRect and back for an expensive noop.


Review-Url: https://codereview.chromium.org/2805203003
Cr-Commit-Position: refs/heads/master@{#462848}
Use long timeout for the svg/interfaces.html test
Lots of interfaces, so can take a while to run. Use the 'long' timeout


Review-Url: https://codereview.chromium.org/2806513002
Cr-Commit-Position: refs/heads/master@{#462655}
Revert "Neuter the "screen scale factor" computation for SVG <text>"
This reverts commit 6f80957a6a5e7ec792a2f3cd7f06e2a744196d1d.

Clean revert, but a reference to FrameHost had to be changed to Page, and
an ASSERT was changed to a DCHECK.


Review-Url: https://codereview.chromium.org/2805043002
Cr-Commit-Position: refs/heads/master@{#462563}
Remove DCHECK in column balancer that failed because of flexbox bugs.
This DCHECK was useful (detects broken layout, but nothing more dangerous than
that). However, as long as we don't paginate flex items at their final block
position (see bug 606350), we cannot assert like this, because it's going to
fail under certain circumstances.


Review-Url: https://codereview.chromium.org/2797313003
Cr-Commit-Position: refs/heads/master@{#462447}
Avoid duplicate functions/code in core/editing: MatchResultICU
While experimenting with unity builds I encountered a few duplicate
symbols and functions in core/editing. This patch renames, moves
and unifies them.

There is a global MatchResult in css/SelectorChecker.h and if that one
is included anywhere in editing, then it will collide with a local
MatchResult used in iterators. Renaming the local one MatchResultICU
will both match the name of other symbols and avoid the collision.


Review-Url: https://codereview.chromium.org/2806433002
Cr-Commit-Position: refs/heads/master@{#462431}
Avoid duplicate functions/code in core/editing: kInvalidOffset
While experimenting with unity builds I encountered a few duplicate
symbols and functions in core/editing. This patch renames, moves
and unifies them.

kInvalidOffset is a name used both by PositionIterator and TextIterator.
This renames on of them kInvalidTextOffset to better match its use and
to avoid the name collision.


Review-Url: https://codereview.chromium.org/2798283002
Cr-Commit-Position: refs/heads/master@{#462428}
Avoid duplicate functions/code in core/editing: DirectionalSelection
While experimenting with unity builds I encountered a few duplicate
symbols and functions in core/editing. This patch renames, moves
and unifies them.

shouldAlwaysUseDirectionalSelection is a common helper function
and since it's not identicallty implemented everywhere it cannot
be merged. Instead make the one in SelectionModifier a member function
to move it out of global scope.


Review-Url: https://codereview.chromium.org/2798143003
Cr-Commit-Position: refs/heads/master@{#462427}
Avoid duplicate functions/code in core/editing: kUnsetCodePoint
While experimenting with unity builds I encountered a few duplicate
symbols and functions in core/editing. This patch renames, moves
and unifies them.

kInvalidCodePoint is used in both ForwardGraphemeBoundaryStateMachine and
BackwardGraphemeBoundaryStateMachine so to avoid clashes, use different
names for them.


Review-Url: https://codereview.chromium.org/2801893004
Cr-Commit-Position: refs/heads/master@{#462423}
Avoid duplicate functions/code in core/editing: computeDistance
While experimenting with unity builds I encountered a few duplicate
symbols and functions in core/editing. This patch renames, moves
and unifies them.

Several classes use computeDistanceToLeftGraphemeBoundary and instead
of copying the whole function, make a single copy in EditingUtilities.
Also move computeDistanceToRightGraphemeBoundary since those two functions
are too similar to split up.


Review-Url: https://codereview.chromium.org/2802953002
Cr-Commit-Position: refs/heads/master@{#462420}
Implement support for the 'transform-box' property


Intent to implement:


Implemented behind the CSSTransformBox Blink runtime flag.
Add some basic tests and a smoke test for the "legacy" transform-box
behavior. Existing tests are adjusted to be compatible with the new
The test svg/transforms/transform-origin-css-property.xhtml is "fixed"
by adding units when required (unitless numbers are not valid in inline


Review-Url: https://codereview.chromium.org/2786643003
Cr-Commit-Position: refs/heads/master@{#462266}
Document::hoverNode() is always an Element.
Make hoverNode(), hoverElement() and only mark Elements as hovered
using FlatTreeTraversal::parentElement() instead of parent(). This
means we can get rid of some checks for nodes being text or element
nodes. It means we also only mark elements as being hovered in the flat
tree ancestor chain.


Review-Url: https://codereview.chromium.org/2797173002
Cr-Commit-Position: refs/heads/master@{#462257}
Removing duplicate functions and symbol names in core/css
In the unity build experiment I encountered a few colliding duplicate
symbol names in core/css and this patch removes them by replacing
duplicated symbols with a single code and by doing some symbol

Review-Url: https://codereview.chromium.org/2797973002
Cr-Commit-Position: refs/heads/master@{#462256}
Allow display:contents elements in hover chain.
Document::updateHoverActiveState walked the shadow-including ancestor
path assuming no layoutObject meant display:none. Changed to walk flat
tree ancestors checking for display:contents style in addition.

ContainerNode::setHovered did not allow hover state to be changed when
setting hovered=true on elements without a layout object. Changed to
allow for display:contents here as well.


Review-Url: https://codereview.chromium.org/2790133002
Cr-Commit-Position: refs/heads/master@{#462199}
Rename duplicate symbols inside core/dom
While experimenting with unity builds I got into problems with
code that used the same symbol name for multiple purposes. This
renames those which also will make the life for symbol debugging
slightly easier.

kSupplementName: Name used in both CSSSelectorWatch.cpp and

WTF::Unicode symbols: Depending on how unity builds are created,
global "using" statements can affect more than intended and trigger
warnings and errors. Now global "using" statements are not allowed by
the Chromium coding standard so assuming it will eventually apply to
Blink as well, the using statements might as well be removed now.

previousAncestorSiblingPostOrder was a function in both
FlatTreeTraversal.cpp and NodeTraversal.cpp. Could easily be made
class local and the name collision was no more.

Review-Url: https://codereview.chromium.org/2802723002
Cr-Commit-Position: refs/heads/master@{#462123}
PagePopupController: handle frame-detached window usage.

Review-Url: https://codereview.chromium.org/2798863002
Cr-Commit-Position: refs/heads/master@{#462078}
Revert increased limit for m_selectorIndex.
If 2^13 simple selectors in a style rule was not enough, 2^14 will be
exceeded at some point. Leave the available bit for later use and avoid
regressions for m_selectorIndex when we need that bit.


Review-Url: https://codereview.chromium.org/2797953002
Cr-Commit-Position: refs/heads/master@{#462015}
Fewer reused duplicate symbol names in animation.
When experimenting with unity builds you get conflicts between
cpp files if they use the same symbol name for different things
(or the same thing). This make names more unique. No functional changes.

Formatted with git cl format (#includes moving around).


Review-Url: https://codereview.chromium.org/2794013002
Cr-Commit-Position: refs/heads/master@{#461755}
Remove duplicate using statement.
One "using namespace WTF::Unicode" is enough, and actually might be one
too many if the Chromium coding style is adapted in blink.

This caused a bit of a problem when experimenting with unity builds.


Review-Url: https://codereview.chromium.org/2792933003
Cr-Commit-Position: refs/heads/master@{#461686}
[LayoutNG] WIP on storing layout output in the legacy tree for multicol.
Painting NG fragment trees is still not supported, so in the meantime
we'll keep LayoutMultiColumnFlowThread and LayoutMultiColumnSet, and have
multicol painted and hit-tested in the old-fashioned way (just like
everything else, really).

Based on work by glebl.


Review-Url: https://codereview.chromium.org/2786923004
Cr-Commit-Position: refs/heads/master@{#461409}
Added available bit to m_selectorIndex.
Increased the max number of simple selectors for one style from 8192 to
16384 by moving one bit to the second 32-bit part to make space for
another bit. There is one bit left, but it cannot be utilized since the
bit field cannot span two 32 bit values. This doesn't really fix the
issue since it's not unlikely someone will use more than 16000 selectors
if they use more than 8000 selectors.


Review-Url: https://codereview.chromium.org/2785103004
Cr-Commit-Position: refs/heads/master@{#461389}
Implement Image::maybeAnimated for SVGImage
This CL renames SVGImage::hasAnimations to maybeAnimated, overriding
the implementation from the base class (Image.) The old method matches
the new one in certainty of the reply, and allows SVGImages to be paused
when being scrolled out of view etc.


Review-Url: https://codereview.chromium.org/2783133002
Cr-Commit-Position: refs/heads/master@{#461094}
Avoid duplicating the target name "svg".
It has not been possible to build just the svg code with
ninja -C out/Default svg
because of two other, minor, build targets named svg.
This commit renames those svg_layout and svg_style.

Review-Url: https://codereview.chromium.org/2783253002
Cr-Commit-Position: refs/heads/master@{#461073}
Rephrased documentation about VTT, ::cue, and custom pseudo scopes.
We should not make these rules part of boundary crossing rules as they
will go away when Shadow DOM v0 goes away. Adjusted the documentation
to not hint in that direction.


Review-Url: https://codereview.chromium.org/2787823002
Cr-Commit-Position: refs/heads/master@{#461059}
Removing unnecessary "using" statements.
In the Chromium code style using statements are not allowed and these
ones are not even needed/used so let us just drop them.

Review-Url: https://codereview.chromium.org/2788693002
Cr-Commit-Position: refs/heads/master@{#460866}
Remove unused variable layout_object.
clang triggered compilation errors about this unused variable when
experimenting with a unity build. Not sure why doesn't detect that it
is unused normally.


Review-Url: https://codereview.chromium.org/2785213002
Cr-Commit-Position: refs/heads/master@{#460862}
Adding missing include in svg/GradientAttributes.h
If you managed to include GradientAttributes.h before you included
SVGGradientElement.h you would have no definition of
SVGSpreadMethod and other types.


Review-Url: https://codereview.chromium.org/2790623002
Cr-Commit-Position: refs/heads/master@{#460791}
Pass nextTextSibling to ::before layout rebuild.
Correct whitespace re-attachment relies on the next text node being
tracked in order to re-attach when a previous sibling element changes
display type. We did that just while traversing light tree siblings or
slotted siblings.

::before pseudo element display type may affect following whitespace
text node, so we need to pass on the next text sibling result from the
descendant traversal.

As we traverse siblings from right-to-left, we should also rebuild
::after before DOM siblings, and ::before after DOM siblings.

This fixes the case where an element, whose left-most child, or shadow
root child, is a whitespace text node, changes its ::before element's
display type from block to inline.

The pseudo element layout tree rebuild is renamed from reattach* to
rebuild* to match the semantics of the rest of the methods.


Review-Url: https://codereview.chromium.org/2766163002
Cr-Commit-Position: refs/heads/master@{#460737}
Render focus-selection-textarea at constant font-size to avoid flakiness
When crrev.com/453211 updated FreeType on Linux, some glyphs
got bigger due to the new antialiasing and hinting settings.

Bigger glyphs made focus-selection-textarea.html layout differently.
With the new layout, scripted mouse clicks no longer hit the right spot.

After the manual rebaselining in crrev.com/453211, the expected result
on Linux started to include FAIL whereas other platforms still expected
PASS. This CL makes also Linux PASS.

BUG=706119, 274030

TEST=python third_party/WebKit/Tools/Scripts/run-webkit-tests -t\
     PcDebug LayoutTests/fast/forms/focus-selection-textarea.html

Review-Url: https://codereview.chromium.org/2786953002
Cr-Commit-Position: refs/heads/master@{#460732}
PaymentApp: Receive payment app responses in Android
This change adds a callback parameter to
ServiceWorkerPaymentInstrument.invokePaymentApp, so that the response
from the payment app can be passed back to the merchant.

Depends on https://codereview.chromium.org/2718013004/


Review-Url: https://codereview.chromium.org/2775933002
Cr-Commit-Position: refs/heads/master@{#460715}
Fix for performance regression on high dpi devices.
ComputedStyle::getRoundedInnerBorderFor() could generate negative
content boxes for boxes with no content and sub pixel borders that
round up (eg. 1.5px-1.99px).  Negative content boxes are illegal per
spec, and causes BoxBorderPainter::paintBorderFastPath() to bail,
and performance to be substantially degraded.

This issue would be evident on the paint-offset-changes perftest when
device pixel ratio was set to eg. 1.5.  The issue was introduced in


Review-Url: https://codereview.chromium.org/2782153002
Cr-Commit-Position: refs/heads/master@{#460534}
Deduplicate testharness test names in LayoutTests/svg/
Some tests were using non-unique names, which triggers a harness error
for "newer" versions of testharness.js.
Twiddle the relevant names a bit so that they become unique.


Review-Url: https://codereview.chromium.org/2782583002
Cr-Commit-Position: refs/heads/master@{#460447}
Corrected specificity for :not for default @namespace.
The argument to :not() consists of a universal, type, or a simple
selector. However, we prepend an implicit universal selector with the
default namespace URI to all compound selectors to correctly match only
elements in the default namespace. That is not necessary for compounds
inside pseudo argument lists, but we do in those cases as well.

When calculating the specificity for :not(), we assume its argument
consists of a single simple selectors, but in the case where we have a
default namespace, a namespaced universal selector is prepended. We
only added the specificity for the universal selector in that case.
Instead, walk all sub-selectors of the :not() compound when calculating
the specificity.


Review-Url: https://codereview.chromium.org/2777063007
Cr-Commit-Position: refs/heads/master@{#460355}
Reland: Do not send redundant selectionchange-events (decouple focus)
Reason for reland:
Update Win7/10 LayoutTests correctly: crbug.com/706119

Blink tells browser-side when a new <input>-element gets focus.
The information is passed in the

With current logic, RenderFrameImpl::didChangeSelection is
called twice so two ViewHostMsg_TextInputStateChanged-messages
are sent to browser-side:
 (1) when focus leaves an <input>-field (unnecessary!).
 (2) when focus enters another <input>-field.

Worse, also the web page gets two selectionchange events.
The first one is immediately invalid so the webpage should
not react to it.

(1) happens because FocusController::setFocusedElement()
always clears the selection when a new element gets focus.

When JavaScript moves focus to an element, element.focus(),
and when the user moves focus using tab-key navigation or
mouse, we don't clear the old selection (we hide it). This
means, we only send one selectionchange event, not two, for
each caret jump (as in Firefox).

Test updates:
1. Check for one selectionchange event, not two.
2. LayoutTests' trees now expect the "hidden" selection.
3. A new test in WebFrameTest.cpp tests tab-key navigation.

Follow-up will remove the remaining redundant clears:
crbug.com/692898 (tab jumps to non-editable elements).

BUG=678601, 679635, 699015
TEST=In content_shell, select some text in an <input>-field,
     click another <input>-field (move focus).
     Notice: one selectionchange event is fired.

Review-Url: https://codereview.chromium.org/2616623002
Cr-Commit-Position: refs/heads/master@{#460314}
Stop appending fragmentainer groups when flow thread offset approaches infinity.
The final column height is a function of the difference between the logical
bottom and logical top of the flow thread portion of a given fragmentainer
group. If the logical top is LayoutUnit::max(), we know for sure that the
bottom won't be any larger than that. Just give up in such cases (and keep
using the current fragmentainer group), rather than ending up dividing by zero.


Review-Url: https://codereview.chromium.org/2784493002
Cr-Commit-Position: refs/heads/master@{#460284}
Remove the wrapper functions content::RecordAction et al
content::RecordAction and content::RecordComputedAction no longer
add any value (they used to do thread hopping) so replace them with
direct calls to base::RecordAction and base::RecordComputedAction.

Also remove includes and using declarations from files not using the
functions at all.


Review-Url: https://codereview.chromium.org/2771233002
Cr-Commit-Position: refs/heads/master@{#460037}
Add separate trace events for recalcStyle and rebuildLayoutTree.
When style recalc and layout tree building is fully separated, it will
be valuable to measure them separately as well.


Review-Url: https://codereview.chromium.org/2779573002
Cr-Commit-Position: refs/heads/master@{#460027}
Do not send redundant selectionchange-events (decouple focus)
Blink tells browser-side when a new <input>-element gets focus.
The information is passed in the

With current logic, RenderFrameImpl::didChangeSelection is
called twice so two ViewHostMsg_TextInputStateChanged-messages
are sent to browser-side:
 (1) when focus leaves an <input>-field (unnecessary!).
 (2) when focus enters another <input>-field.

Worse, also the web page gets two selectionchange events.
The first one is immediately invalid so the webpage should
not react to it.

(1) happens because FocusController::setFocusedElement()
always clears the selection when a new element gets focus.

When JavaScript moves focus to an element, element.focus(),
and when the user moves focus using tab-key navigation or
mouse, we don't clear the old selection (we hide it). This
means, we only send one selectionchange event, not two, for
each caret jump (as in Firefox).

Test updates:
1. Check for one selectionchange event, not two.
2. LayoutTests' trees now expect the "hidden" selection.
3. A new test in WebFrameTest.cpp tests tab-key navigation.

Follow-up will remove the remaining redundant clears:
crbug.com/692898 (tab jumps to non-editable elements).

BUG=678601, 679635, 699015
TEST=In content_shell, select some text in an <input>-field,
     click another <input>-field (move focus).
     Notice: one selectionchange event is fired.

Review-Url: https://codereview.chromium.org/2616623002
Cr-Commit-Position: refs/heads/master@{#459984}
Fix for performance regression on high dpi devices.
ComputedStyle::getRoundedInnerBorderFor() could generate negative
content boxes for boxes with no content and sub pixel borders that
round up (eg. 1.5px-1.99px).  Negative content boxes are illegal per
spec, and causes BoxBorderPainter::paintBorderFastPath() to bail,
and performance to be substantially degraded.

This issue would be evident on the paint-offset-changes perftest when
device pixel ratio was set to eg. 1.5.  The issue was introduced in


Review-Url: https://codereview.chromium.org/2771093003
Cr-Commit-Position: refs/heads/master@{#459770}
Update :in-range/:out-of-range when steppable min/max/value changes.
We called pseudoStateChanged in a lot of cases where it wasn't
necessary. It should suffice to call it for the mentioned pseudo
classes when the min and max attributes changes, or the value is
changed, either as an attribute or as a result of user input.

This should fix the performance regressions in issue 704775.


Review-Url: https://codereview.chromium.org/2774723004
Cr-Commit-Position: refs/heads/master@{#459733}
blink_gc_plugin: retire warn-stack-allocated-trace-method option.
As a final(!) step in phasing in the check over trace() methods inside
of STACK_ALLOCATED() classes, remove the detection of the warning option.
It's always on.


Review-Url: https://codereview.chromium.org/2776033002
Cr-Commit-Position: refs/heads/master@{#459677}
Remove no-op blink-gc-plugin argument.
Following the clang roll in r455977, the clang blink_gc_plugin always
warns of STACK_ALLOCATED() classes having redundant trace() methods;
drop using the gc-plugin no-op option.


Review-Url: https://codereview.chromium.org/2776023002
Cr-Commit-Position: refs/heads/master@{#459676}
Clarify Beacon transmission limit checking.
The implementation of navigator.sendBeacon() imposes a cap on the size
of transmitted beacon payloads. The internal handling of that limit
was not as clear as could be, so attempt to clarify its representation
and handling.

Also clarify the interpretation of a negative cap limit: if a frame's
settings provide a negative value, no transmission limit is imposed.

R=mkwst, tyoshino

Review-Url: https://codereview.chromium.org/2753863003
Cr-Commit-Position: refs/heads/master@{#459564}
Make resource lookup more uniform in SVGResources::buildResources
Replace the pattern:

if (!ensureResources(resources).setFoo(

with a new pattern using a new attachToResource helper which folds in
the last step (addPendingResource) as well. This makes for less
callsites to adjust when modifying resource lookup.
This also makes the return value of the setFoo(...) methods unnecessary,
so make them return void.


Review-Url: https://codereview.chromium.org/2772773005
Cr-Commit-Position: refs/heads/master@{#459533}
Add SVGFitToViewBox::hasValidViewBox helper
This encapsulates the use of the 'is valid' flag of SVGRect. This both
makes for more readable code, and should make it easier to transition
away from the 'is valid' flag. (Note: !isSpecified() implies !isValid().)


Review-Url: https://codereview.chromium.org/2774753004
Cr-Commit-Position: refs/heads/master@{#459520}
PartitionDumpStats(): reduce stack consumption for 'light' reporting.
Following r456291's lead, avoid putting a large array on the stack for
light stats reporting in PartitionDumpStats(), where it isn't made use
of. This avoids running into stack pressure when sampling memory use
in production builds (on Windows, in particular.)


Review-Url: https://codereview.chromium.org/2771033006
Cr-Commit-Position: refs/heads/master@{#459498}
Clear out prefinalizer-allocated vector for conservative GC safety.
It is unsafe to revive dead objects by creating references to them
while in a finalizer, prefinalizer or not. Avoid doing so in
MediaStreamSource::setReadyState(), which MediaStreamComponent's
prefinalizer may end up running.

See associated comment for further details.


Review-Url: https://codereview.chromium.org/2776473003
Cr-Commit-Position: refs/heads/master@{#459390}
Simplify pre+post GC ThreadState steps.
No need to involve the ThreadHeap for these, as they're entirely
handled by the ThreadState now.


Review-Url: https://codereview.chromium.org/2774473003
Cr-Commit-Position: refs/heads/master@{#459373}
Revalidate SMIL animation value after target change
When a target moves in the tree, the animation value was invalidated,
but never revalidated again when the element was reinserted.
Make sure to signal a revalidation if there's an active interval and the
the animation is running after the target element was reinserted.


Review-Url: https://codereview.chromium.org/2763283002
Cr-Commit-Position: refs/heads/master@{#459150}
Use SVGResources in SVGLayoutTreeAsText writeResources
As the FIXME suggests, this should better reflect the actual state of
the resources resolution by including the cycle-solving step.

Some tests (recursive-clip/mask, clip-path-recursive-call-by-child)
needs to be updated to reflect the change to actually show cycles
having been broken. The rests of the tests are updated to reflect
that LayoutSVGInlineText can't have resources.


Review-Url: https://codereview.chromium.org/2763363002
Cr-Commit-Position: refs/heads/master@{#459119}
Notify inspector of stylesheet changes when removing tree scopes.
We did not update active stylesheet lists when removing a shadow since
there is no collection to update. However, the inspector expects a
notification since it receives a flat vector of active stylesheets from
all scopes.

Add a m_treeScopesRemoved member to not early return from
updateActiveStyleSheets and still call probe::activeStyleSheetsUpdated.
Unless other tree scopes are dirty, calling the inspector is all that


Review-Url: https://codereview.chromium.org/2766373002
Cr-Commit-Position: refs/heads/master@{#459039}
Update expat to 2.2.0 to fix CVE vulnerability.
Security fixes:
    CVE-2016-0718 -- Fix crash on malformed input
    CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 /
    CVE-2015-2716 introduced with Expat 2.1.1
    CVE-2016-5300 -- Use more entropy for hash initialization
        than the original fix to CVE-2012-0876
    CVE-2012-6702 -- Resolve troublesome internal call to srand
            that was introduced with Expat 2.1.0
            when addressing CVE-2012-0876 (issue #496)


Review-Url: https://codereview.chromium.org/2761253002
Cr-Commit-Position: refs/heads/master@{#459025}
Allow safe per-thread heap compaction UMA reporting.

Review-Url: https://codereview.chromium.org/2769113003
Cr-Commit-Position: refs/heads/master@{#459024}
No default value for AncestorSearchConstraint in locateFlowThreadContainingBlockOf().
The default used to be to bail out and return nullptr if it encountered
something unbreakable. It's better to let callers make a conscious choice here.
Tree-read operations (painting or hit testing, for instance) that call
LayoutObject::locateFlowThreadContainingBlock() are typically interested in
converting from flow thread coordinates to visual coordinates.

This is a defensive CL that only reverts unintended and bad changes from
https://codereview.chromium.org/2748973002 - added a TODO for cases where we
have LayoutState; if we are inside of layout, we should ideally stop at
strictly unbreakable ancestors.


Review-Url: https://codereview.chromium.org/2764883004
Cr-Commit-Position: refs/heads/master@{#458784}
Allow building the dump_syms tool on Windows
The Windows target was not ported from gyp, until now.
We're building dump_syms on Windows in Opera so I though I'd share the patch.


Review-Url: https://codereview.chromium.org/2712423002
Cr-Commit-Position: refs/heads/master@{#458759}
Revert of MediaStreamSource: verify unlocked state when finalizing. (patchset #1 id:1 of https://codereview.chromium.org/2741663004/ )
Reason for revert:
Diagnosis completed, reverting (cf. https://bugs.chromium.org/p/chromium/issues/detail?id=682945#c48 )

Original issue's description:
> MediaStreamSource: verify unlocked state when finalizing.
> To diagnose an audio thread crash condition, verify that the lock
> over audio consumers that MediaStreamSource keeps, isn't held when it is
> being finalized. If it is, then the audio thread is active using the
> MediaStreamSource object..which is not a well-formed state to be in.
> R=
> BUG=682945
> Review-Url: https://codereview.chromium.org/2741663004
> Cr-Commit-Position: refs/heads/master@{#456029}
> Committed: https://chromium.googlesource.com/chromium/src/+/c662576c8bb7cecef0dd9a699112fa5cc4b6ab79

# Not skipping CQ checks because original CL landed more than 1 days ago.

Review-Url: https://codereview.chromium.org/2765073004
Cr-Commit-Position: refs/heads/master@{#458744}
Revert of Lock out GCs while iterating over MediaStreamSource audio consumers. (patchset #1 id:1 of https://codereview.chromium.org/2761463002/ )
Reason for revert:
Revert this check, no longer needed (cf. https://bugs.chromium.org/p/chromium/issues/detail?id=682945#c48 )

Original issue's description:
> Lock out GCs while iterating over MediaStreamSource audio consumers.
> Attempt to diagnose a crash condition by locking out main thread GCs
> while the audio thread propagates consumeAudio() updates.
> R=haraken
> BUG=682945
> Review-Url: https://codereview.chromium.org/2761463002
> Cr-Commit-Position: refs/heads/master@{#457753}
> Committed: https://chromium.googlesource.com/chromium/src/+/e78674d2467706fa8634f8542251591d1d358b57

# Not skipping CQ checks because original CL landed more than 1 days ago.

Review-Url: https://codereview.chromium.org/2768683004
Cr-Commit-Position: refs/heads/master@{#458716}
Revert of Revert "Pull AudioDestinationConsumer off the Blink GC heap." (patchset #1 id:1 of https://codereview.chromium.org/2757883002/ )
Reason for revert:
Experiment finished, we do want bb9b04fe09 (cf. https://bugs.chromium.org/p/chromium/issues/detail?id=682945#c48 )

Original issue's description:
> Revert "Pull AudioDestinationConsumer off the Blink GC heap."
> This reverts commit bb9b04fe0965eeb09f229f7a727fe7235add810f,
> attempting to diagnose root crash cause.
> R=rtoy,haraken
> BUG=682945
> Review-Url: https://codereview.chromium.org/2757883002
> Cr-Commit-Position: refs/heads/master@{#457833}
> Committed: https://chromium.googlesource.com/chromium/src/+/937ebc1a2de7ac71ec1de4c6bb1ed7a6331e4683

# Not skipping CQ checks because original CL landed more than 1 days ago.

Review-Url: https://codereview.chromium.org/2762413004
Cr-Commit-Position: refs/heads/master@{#458700}
Make all setNeedsReattachLayoutTree happen from updateStyle.
The setNeedsReattachLayoutTree calls which were done outside of
updateStyle were all accompanied by a NeedsReattachStyleChange for the
node marking the ancestor chain for recalc. Therefore we can simply
mark for re-attachment inside the recalcStyle pass instead.

Enforce the invariant by introducing a DCHECK that the we are inside
updateStyleAndLayoutTree, and that the shadow DOM distribution is


Review-Url: https://codereview.chromium.org/2760233004
Cr-Commit-Position: refs/heads/master@{#458683}
OfflineAudioContext: add missing suspendIfNeeded() call.

Review-Url: https://codereview.chromium.org/2760323002
Cr-Commit-Position: refs/heads/master@{#458656}
Updating :in-range should not rely on validation.
m_validityIsDirty is not related to isInRange() and isOutOfRange().
This fixes sibling style invalidation using invalidation sets for
:in-range and :out-of-range changes when value changes through


Review-Url: https://codereview.chromium.org/2764023003
Cr-Commit-Position: refs/heads/master@{#458576}
Enable idle GC for worker thread heaps.
Idle task processing is now supported on threads other than
the main thread, hence go ahead and enable idle GCs for
worker thread heaps.


Review-Url: https://codereview.chromium.org/2765843002
Cr-Commit-Position: refs/heads/master@{#458405}
LinkedStack.h is no longer used, remove it

Review-Url: https://codereview.chromium.org/2761853003
Cr-Commit-Position: refs/heads/master@{#458376}
Check detached status before attempting to clear drag transfer state (reland.)
Speculatively try to address failing access of dragState() when
clearing out state after 'dragend' has been dispatched.


Review-Url: https://codereview.chromium.org/2759603002
Cr-Original-Commit-Position: refs/heads/master@{#457993}
Committed: https://chromium.googlesource.com/chromium/src/+/a995166eab58770b85268173bf9b34e4bc276171
Review-Url: https://codereview.chromium.org/2759603002
Cr-Commit-Position: refs/heads/master@{#458354}
MouseEventManager: reset drag state upon detaching.
If an ongoing drag detaches the frame of the dragged element, have
the MouseEventManager reset the drag state while handling the detachment
from the frame. Otherwise the DragState will retain a reference to
the drag source (and its document) for too long, triggering a reported
leak on shutdown.


Review-Url: https://codereview.chromium.org/2762613002
Cr-Commit-Position: refs/heads/master@{#458116}
getClientRects() shouldn't clip against any ancestors.
Inside multicol we used to clip against the column box of each fragment. Since
fragments don't really exist in our implementation (we rather have this tall
flow thread which we slice into columns, when appropriate), we still need to
clip in the block direction, to properly fake the fragments.

Removed fragmentainerInFlowThread(), since it's no longer used. Added a
parameter to the clip rectangle calculation code, to be able to only limit the
clip rectangles in the block direction.


Review-Url: https://codereview.chromium.org/2750153002
Cr-Commit-Position: refs/heads/master@{#458109}
Add include guards to header files in content missing them
Review-Url: https://codereview.chromium.org/2759103002
Cr-Commit-Position: refs/heads/master@{#458053}
Check detached status before attempting to clear drag transfer state.
Speculatively try to address failing access of dragState() when
clearing out state after 'dragend' has been dispatched.


Review-Url: https://codereview.chromium.org/2759603002
Cr-Commit-Position: refs/heads/master@{#457993}
Need to notify the multicol machinery when floats have been laid out.
We may have to trigger creation of additional fragmentainer groups, in case
there's no regular in-flow content that does it for us.

Review-Url: https://codereview.chromium.org/2762483002
Cr-Commit-Position: refs/heads/master@{#457978}
Rework SMIL animation target invalidation
The invalidation of a timed/animation element's target "tuple" (element,
attribute name, attribute type) is somewhat complex.
Rework it to use two methods that can be overridden rather than having
overrides for each setTargetElement/setAttribute{Name,Type}. This allows
to get rid of complicated things like the checkInvalidCSSAttributeType()
in SVGAnimateElement. It should also make the code slightly easier to
reason about when it comes to what state gets invalidated where.


Review-Url: https://codereview.chromium.org/2746013007
Cr-Commit-Position: refs/heads/master@{#457972}
Correctly track cross-thread pending FetchEvents.
ServiceWorkerGlobalScopeProxy is an object that resides on the
main thread heap, but is passed to the embedder and called
on the (service) worker thread. As the object is GC managed
by the main thread, the worker thread cannot update the proxy
object with references to heap objects residing in its heap,
as the per-thread heap design assumes that each heap only keeps
local heap references (via Member<T> and similar.) References
across heaps must instead be kept and handled by explicit
CrossThreadPersistent<> references.

This per-thread heap rule was not being followed for the tracking
of pending FetchEvents; adjust the map representation to do so.


Review-Url: https://codereview.chromium.org/2752203005
Cr-Commit-Position: refs/heads/master@{#457970}
Inherit 'viewBox' into view spec if it is valid
When constructing a view spec from a fragment identifier, the
(negated) hasEmptyViewBox() condition was used to determine if the
viewBox value should be set from the element. This condition however
will equate to:

  !(is-valid && is-empty) => !is-valid || !is-empty

meaning that invalid viewBox values would be transferred. In the case
where a <view> element without a 'viewBox' specified was referenced, the
'viewBox' value from the root could be overwritten by an invalid one.

Use only the validity of the 'viewBox' to determine if the value should
be inherited.


Review-Url: https://codereview.chromium.org/2753773009
Cr-Commit-Position: refs/heads/master@{#457921}
Consistent pagination strut propagation policies.
There's no break opportunity between a spanner and the next block in a column.
Also no break opportunity between a float and an in-flow block. The spec is a
bit vague here, but our implementation certainly doesn't support it.

We have to prevent strut propagation in such cases. If the first piece of
content inside the block (e.g. a line) doesn't fit inside the current
fragmentainer, it's the line that needs to be pushed, not the block.

One of the tests included here used to cause a DCHECK failure.

Review-Url: https://codereview.chromium.org/2746013010
Cr-Commit-Position: refs/heads/master@{#457888}
Always include flow thread overflow in the last column set.
Also do this if the last column set is followed by one or more column spanner
placeholders, or we'd just risk losing content in such situations.


Review-Url: https://codereview.chromium.org/2758663003
Cr-Commit-Position: refs/heads/master@{#457882}
Push the top margin of floats past all useless fragmentainers.
The top margin of a float is not to be split across fragmentainer boundaries if
it can be avoided. We had code to push the margin over to the next
fragmentainer if we were out of space, but we may actually have to push it all
the way to the next fragmentainer *group* (i.e column row) in some cases.

calculatePaginationStrutToFitContent() helps us get there. That's the method we
use to push oversize content (lines and unbreakable blocks) to a better place,
so let's use it for margins too.

Review-Url: https://codereview.chromium.org/2759693002
Cr-Commit-Position: refs/heads/master@{#457881}
Revert "Pull AudioDestinationConsumer off the Blink GC heap."
This reverts commit bb9b04fe0965eeb09f229f7a727fe7235add810f,
attempting to diagnose root crash cause.


Review-Url: https://codereview.chromium.org/2757883002
Cr-Commit-Position: refs/heads/master@{#457833}
Floats are also out-of-flow considering white-space.
When blocks in inlines break lines, we don't create LayoutObjects for
whitespace Text nodes following those blocks unless they are out-of-flow.
However, we incorrectly didn't skip floats looking for such blocks
which caused us to drop whitespace LayoutObjects after floats.


Review-Url: https://codereview.chromium.org/2757563006
Cr-Commit-Position: refs/heads/master@{#457762}
Lock out GCs while iterating over MediaStreamSource audio consumers.
Attempt to diagnose a crash condition by locking out main thread GCs
while the audio thread propagates consumeAudio() updates.


Review-Url: https://codereview.chromium.org/2761463002
Cr-Commit-Position: refs/heads/master@{#457753}
Skip ruleset invalidations for SubtreeStyleChange roots.
When the TreeScope invalidation root is already with SubtreeStyleChange
there is no need to schedule ruleset invalidations for that scope. We
did not end up scheduling the invalidation sets, but went through a lot
of unnecessary steps in scheduleInvalidationsForRuleSets(). Instead,
just return early.

Added some more tests and corrected typos from

Review-Url: https://codereview.chromium.org/2751193004
Cr-Commit-Position: refs/heads/master@{#457715}
Make the gdb Vector pretty-printer work with Python version >= 3.
In iterators it's now called __next__(), not next(), apparently.

Review-Url: https://codereview.chromium.org/2754473007
Cr-Commit-Position: refs/heads/master@{#457711}
Remove incorrect styleResolver() checks.
Whether the StyleResolver is created or not does no longer tell if we
have usable invalidation sets or not. Removing SubtreeStyleChange which
is presumably not necessary anymore.

Add a check for not scheduling any invalidation sets if the document is
already marked for full recalc.

Review-Url: https://codereview.chromium.org/2749273004
Cr-Commit-Position: refs/heads/master@{#457383}
Fix android key event timestamps
Pass a Java long to C++ as a jlong type, not a C++ long which can have a
different size to avoid broken / negative event timestamp values.
ImeAdapter's Java side uses "long" in SendKeyEvent, so the C++ side must
use a jlong or int64_t, and not a C++ long. Otherwise things don't work
well when system uptime is over 2^31ms (~25 days).

Additionally, do not do an extra divide-by-1000 when the used helper
function will do the milliseconds to seconds conversion already, so the
timestamps are correctly measured in milliseconds.

The resulting keyboard event timestamps end up nicely sane and positive,
and no longer clamped to 0 in PerformanceBase.cpp.


Review-Url: https://codereview.chromium.org/2755453004
Cr-Commit-Position: refs/heads/master@{#457369}
Strictly unbreakable objects need to prevent interaction with the outside.
A strictly unbreakable object (i.e. when getPaginationBreakability() ==
ForbidBreaks) has no valid break points inside. This is the case for e.g.
images, writing mode roots and scrollable objects. If such an object is in the
containing block chain between two nested multicol containers, column content
in multicol containers on the inside shouldn't interact with columns in the
enclosing multicol container.


Review-Url: https://codereview.chromium.org/2748973002
Cr-Commit-Position: refs/heads/master@{#457177}
Remove old flow-thread aware code from computeLogicalLocationForFloat().
CSS regions supported variable fragmentainer widths. However, multicol doesn't,
so the code is no longer necessary.

Review-Url: https://codereview.chromium.org/2748963002
Cr-Commit-Position: refs/heads/master@{#457149}
sendBeacon(): once transmission allowance has been reached, always fail.
Fix allowance checking logic for Beacon transmissions upon reaching
the limit. If the allowance limit was 'perfectly' exhausted after N
Beacon requests, subsequent Beacon requests would go ahead without
the (now zero) allowance limit imposed.


Review-Url: https://codereview.chromium.org/2751953002
Cr-Commit-Position: refs/heads/master@{#457088}
Accurate transfer of SerializedScriptValue allocation costs.
r456009 added transferring of allocation costs for a
SerializedScriptValue and any array buffers that it refers to,
transferring that cost from one v8 context to another as part
of a postMessage()

The handoff 'protocol' provided there fell short in that it could
fail to subtract transferable (array buffer contents) costs in
the source context, or end up doing it twice if the postMessage()
failed. Bookkeeping confusion resulted.

Rework the mechanism by instead having ArrayBufferContents keep
track of its external allocation cost registration status, so as
to prevent double discounting. Along with that, it is both safe
and accurate to unregister all allocation costs prior to
transfer. Should the value successfully be posted to its target
context, cost will be registered there. And if not, the value will
be destructed (..but without discounting allocation cost yet again.)


Review-Url: https://codereview.chromium.org/2741793003
Cr-Commit-Position: refs/heads/master@{#456800}
Pull AudioDestinationConsumer off the Blink GC heap.
The AudioDestinationConsumer interface and its single implementation
does not meet the bar for being on the Blink GC heap. It doesn't cause
harm to have them there, but in order to diagnose an unexplained
failure, pull these objects off the heap.

We may want to restore them to the Blink GC heap once the issue has
been resolved.


Review-Url: https://codereview.chromium.org/2748133003
Cr-Commit-Position: refs/heads/master@{#456736}
Dirty pres. attribute style on <svg> dimension change when not attached
When an <svg> wasn't attached, and it had its 'width'/'height' mutated
via the SVG DOM interfaces (SVG*Length), presentation attribute style
would not be dirtied. This could lead to an incorrect size being
computed in some cases.
Ensure that presentation attribute style is always updated if the <svg>
element is not attached.


Review-Url: https://codereview.chromium.org/2747153002
Cr-Commit-Position: refs/heads/master@{#456702}
Invalidate SVG 'transform' pres. attribute style even if not attached
When the 'transform' attribute was manipulated via its SVG DOM
representation (SVGTransformList), the
presentation-attribute-style-is-dirty flag would not be set unless the
element had been attached.
Reorder the contents of the 'transform' branch in
SVGGraphicsElement::svgAttributeChanged so that the presentation
attribute style is always dirtied regardless of attachment status.


Review-Url: https://codereview.chromium.org/2745053005
Cr-Commit-Position: refs/heads/master@{#456696}
Remove argument to LayoutSVGResourceGradient::collectGradientAttributes
We can assume that element() is non-null, and just cast it in the
overriding implementations.
Move the synchronizeAnimatedSVGAttribute(...) calls into actual
attribute collection, so that it applies to all elements in the
inheritance chain.
Also rewrite the lengthy comment, because gradient building has changed
significantly from what it describes, and attribute collection now
precedes the actual Gradient construction. Replicate the new comment to
the similar place for <pattern>s.


Review-Url: https://codereview.chromium.org/2749593002
Cr-Commit-Position: refs/heads/master@{#456662}
Add Gradient::addColorStops method
This seems a better fit on Gradient than on LayoutSVGResourceGradient.

Review-Url: https://codereview.chromium.org/2749583002
Cr-Commit-Position: refs/heads/master@{#456504}
Turn IDBTransaction into the ContextLifecycleObserver it needs to be.
Revert r453574's switch to using ContextClient for IDBTransaction,
going back to ContextLifecycleObserver. This is needed in order for
IDBTransaction's debug checks upon destruction to be able to safely access
the ExecutionContext.

While ContextClient keeps a weak reference to its ExecutionContext,
accessing it from a destructor assumes that weak processing for the
ContextClient will already have run (and cleared out the ExecutionContext
weak reference, if needs be.) This assumes that weak processing will
always run, which it won't if the ContextClient and ExecutionContext are
determined to be garbage during the same GC.

Update ContextLifecycleObserver comments to mention this subtle detail.


Review-Url: https://codereview.chromium.org/2742393002
Cr-Commit-Position: refs/heads/master@{#456432}
Remove <filter> from the chainableResourceTags set
We don't actually support inheritance for <filter>, so having it in the
set is of no use.


Review-Url: https://codereview.chromium.org/2743293002
Cr-Commit-Position: refs/heads/master@{#456380}
Refactor <paint> URL resolution in SVGResources
Hoist the has-url check out of paintingResourceFromSVGPaint(), and
remove |hasPendingResource| - consider all null-returns as having pending
resources. (This means "incorrect" <paint> URL references are considered
pending, just as URL references for other resource types.)


Review-Url: https://codereview.chromium.org/2746933002
Cr-Commit-Position: refs/heads/master@{#456374}
Move common gradient attribute collection to SVGGradientElement
Move the collection of attributes shared by both gradient types to the
base class (collectCommonAttributes.) Introduce a new helper for looking
up a potential element to inherit attributes from. Restructure the
"collection loop" a bit after the common code has been broken out.
This also means that buildStops() can be made private.


Review-Url: https://codereview.chromium.org/2741993002
Cr-Commit-Position: refs/heads/master@{#456371}
Use IdTargetObserver in SVGSMILElement
Move SVGSMILElement (target reference) and SVGSMILElement::Condition to
use IdTargetObserver via SVGURIReference::observeTarget.
Simplify the result to avoid needing the lookupEventBase helper.


Review-Url: https://codereview.chromium.org/2737403003
Cr-Commit-Position: refs/heads/master@{#456367}
PartitionAlloc: use less stack when dumping stats.
Avoid unnecessary stack usage in PartitionDumpStatsGeneric() for
the intermediate array of sizes used for full stats reporting.

Full stat dumps are currently only made use of by unit tests,
light reports do not make really use of an intermediate array and
allocation can be avoided for those. Addressing some reported
stack overflow failures (Windows.)

BUG=699893, 699922

Review-Url: https://codereview.chromium.org/2741853007
Cr-Commit-Position: refs/heads/master@{#456291}
Track lastTextNode during rebuildLayoutTree.
We keep track of last seen text node for more efficient whitespace
re-attachment. When style recalc and layout tree building was split,
the text node is still tracked during recalc, stored in a hash map, and
retreived when needed during layout tree building.

However, the text nodes are also traversed during layout tree building
so that we can track the nodes during that phase instead.
StyleReattachData is removed and this CL reverts back to using the
m_nonAttachedStyle map for ComputedStyle.

The comment about reversed traversal of children for avoiding n^2
performance is moved to rebuildChildrenLayoutTrees() since that's where
the issue is. We should be able to do the child recalc first-to-last
now if we want to.


Review-Url: https://codereview.chromium.org/2740823005
Cr-Commit-Position: refs/heads/master@{#456047}
Initial containing block for print not affected by page zoom.
The page zoom factor is not applied to the ICB for printing, yet the
ICB basis for media queries and viewport units were. Use 1 as a page
zoom factor in viewportSizeForViewportUnits and use that method to get
the size for the ICB for evaluating media queries.


Review-Url: https://codereview.chromium.org/2738173002
Cr-Commit-Position: refs/heads/master@{#456040}
MediaStreamSource: verify unlocked state when finalizing.
To diagnose an audio thread crash condition, verify that the lock
over audio consumers that MediaStreamSource keeps, isn't held when it is
being finalized. If it is, then the audio thread is active using the
MediaStreamSource object..which is not a well-formed state to be in.


Review-Url: https://codereview.chromium.org/2741663004
Cr-Commit-Position: refs/heads/master@{#456029}
Remove LayoutTests that test the now unsupported user-select: ignore

Review-Url: https://codereview.chromium.org/2740953004
Cr-Commit-Position: refs/heads/master@{#456028}
Stop assuming anything about result of MFStartup()
MFStartup() usually returns S_OK.  However, being a system library
function it doesn't have to, and we have no control over it.  It can
return an error when something goes wrong within Media Foundation, or
simply on an "N" edition of Windows that doesn't even have Media

Review-Url: https://codereview.chromium.org/2735783002
Cr-Commit-Position: refs/heads/master@{#456026}
postMessage(): transfer allocation costs along with value.
A MessageEvent's data value will in some cases hold on to significant
amounts of off-heap memory, so we take care of registering that
external allocation with v8, so that it can be taken into consideration
by the GC triggering logic.

However, when posting a message to another context, we must arrange for
its total 'external allocation' to be associated with the target context.
Including the sizes of any transferables (array buffers), so balance the
books more accurately by also transferring the external allocation cost
of those transferables.


Review-Url: https://codereview.chromium.org/2734173002
Cr-Commit-Position: refs/heads/master@{#456009}
Remove side-effects from the SVGTreeScopeResources constructor
SVGTreeScopeResources and SVGDocumentExtensions carries disjoint state,
so this side-effect is not required.

Review-Url: https://codereview.chromium.org/2739063004
Cr-Commit-Position: refs/heads/master@{#455826}
Fold SVGDocumentExtensions::reportError into only user
This method only had a single user, and it seems like it could just call
Document::addConsoleMessage directly.
Also remove a stray 'public' access specifier by moving the single
method in it up a bit in the file.

Review-Url: https://codereview.chromium.org/2738233002
Cr-Commit-Position: refs/heads/master@{#455802}
Remove some dated Member friendships.
CollectionBackingTraceTrait no longer exists, and Visitor only
needs to be friend with WeakMember<>.


Review-Url: https://codereview.chromium.org/2745433003
Cr-Commit-Position: refs/heads/master@{#455786}
Use IdTargetObserver in SVGUseElement
Change SVGUseElement to use the observeTarget() helper from
SVGURIReference. Since SVGUseElement has some additional requirements
for its reference management, a more low-level observeTarget() variant
is exposed.
To facilitate this change, clearShadowTree() is renamed to
clearResourceReference(), and the shadow tree tear-down is hoisted out
of it.


Review-Url: https://codereview.chromium.org/2744613002
Cr-Commit-Position: refs/heads/master@{#455769}
Use IdTargetObserver in SVGFEImageElement
Change SVGFEImageElement to use the observeTarget() helper from
A slight change in behavior for when a load is initiated for a potential
image resource is made. Instead of using a "failed element lookup and a
non-existing id" as the condition, use "failed element lookup and non-
local resource reference".
Also add a new method clearImageResource() and put the tear-down for
the image resource, and change a use of ownerDocument() to just


Review-Url: https://codereview.chromium.org/2740003003
Cr-Commit-Position: refs/heads/master@{#455765}
Disable virtual/gpu-rasterization/images/cross-fade-background-size.html
Minor differences on Windows bots.


Review-Url: https://codereview.chromium.org/2741693002
Cr-Commit-Position: refs/heads/master@{#455714}
Store element reference for event-bases too
Rather than using the (obviously "racy") technique of looking up the
event-base element again when disconnecting from it, store the reference
on connect (sharing storage with the sync-base element since they are
mutual exclusive) and use it to disconnect properly.


Review-Url: https://codereview.chromium.org/2739893002
Cr-Commit-Position: refs/heads/master@{#455699}
Text control elements should contain all (shadow DOM) children.
For instance, INPUT type="search" elements allow styling of the cancel button,
via a ::-webkit-search-cancel-button pseudo element selector. We don't want authors
to be able to escape the containing INPUT element by styling the cancel button as
position:absolute, etc.

Force INPUT and other text control elements to be in the containing block chain of
all its descendants. This should be a good idea in general (and at least harmless),
and there's also C++ code [1] that essentially assumes that it is so.

Since this change makes canContainFixedPositionObjects() in LayoutObject and
ComputedStyle even more different than they used to be, we need to change some
code from using the one in ComputedStyle to the one in LayoutObject.

Two existing tests in fast/forms/ had to be updated, since they were adding together
offsetLeft of an INPUT element and offsetLeft of something inside the INPUT element
in a way that used to work by accident. Use getBoundingClientRect() instead, since
the test ultimately wants absolute coordinates anyway.

[1] See ThemePainterDefault::paintSearchFieldCancelButton()


Review-Url: https://codereview.chromium.org/2733593002
Cr-Commit-Position: refs/heads/master@{#455644}
Add a new mechanism for watching SVGElement 'href' targets
This CL adds a new mechanism for watching elements referenced via 'href'
attributes. It uses IdTargetObserver as the basis adding a callback for
This is a step away from relying on SVGTreeScopeResources for tracking
of "pending" elements for these use cases. Each element is instead does
its own tracking via the relevant TreeScope. This will eventually mean
that the buildPendingResourcesIfNeeded mechanism can be removed.

SVGTextPathElement and SVGMPathElement are updated to use this new
scheme. Other uses will be replaced in future CLs.


Review-Url: https://codereview.chromium.org/2737653006
Cr-Commit-Position: refs/heads/master@{#455584}
Account for borders and padding when calculating background tile size.
This is required when sub-pixel borders and padding are used, otherwise
the tile size may become one pixel too small, causing rendering artifacts.
Test case attached.


Review-Url: https://codereview.chromium.org/2689993003
Cr-Commit-Position: refs/heads/master@{#455454}
Search the entire subtree when looking for the end of an inline continuation chain.
Inlines may be nested, so we may not find the last inline in the chain as a
direct child of the anonymous blocks. We need to search the entire subtree.
Don't do this with anonymous blocks that wrap block children (the block-level
DOM children of the inline-level objects), though. We're not going to find
anything interesting there.

This fix is speculative; the original bug report didn't come with a test case.


Review-Url: https://codereview.chromium.org/2738503004
Cr-Commit-Position: refs/heads/master@{#455420}
XMLHttpRequest: return null upon failing responseArrayBuffer allocation.
The allocation of a response ArrayBuffer may fail, a large enough
contiguous chunk of memory simply not being available from the
underlying allocator. The spec [1] now admits allocation failure as a
possibility, allowing the return of a null buffer if so.

Update our implementation accordingly, returning null rather than
failing hard with an OOM.

1 - https://xhr.spec.whatwg.org/#arraybuffer-response


Review-Url: https://codereview.chromium.org/2730943002
Cr-Commit-Position: refs/heads/master@{#455398}
Move ::selection invalidation to applyPseudoStyleChanges.
Removed need for separate StyleDifference constant for ::selection and
otherwise simplified the code.


Review-Url: https://codereview.chromium.org/2732113002
Cr-Commit-Position: refs/heads/master@{#455262}
Make ::first-line invalidation work when added or removed.
We were only invalidating ::first-line properly when both old and new
ComputedStyle contained ::first-line styles. Now, instead call
setNeedsLayoutAndPrefWidthsRecalc to trigger changes when either old or
new ComputedStyle does not have ::first-line style.

The ::first-line invalidation is moved from Element to LayoutObject,
and unnecessary traversal code removed.

I have not been able to come up with a case where we need to compare
PseudoIdFirstLineInherited style, so diffing that is removed.


Review-Url: https://codereview.chromium.org/2728383002
Cr-Commit-Position: refs/heads/master@{#455088}
Make HashTraits<QualifiedName>::emptyValue return a const reference
This avoids unnecessary construction of a temporary object, saving a few
cycles and some code-space (~2k on x86-64.)
Also inline QualifiedName::null for some additional savings.

Review-Url: https://codereview.chromium.org/2702403013
Cr-Commit-Position: refs/heads/master@{#455069}
Don't double-resolve URL in TextTrackLoader::load
The caller (HTMLTrackElement::loadTimerFired) will already have
resolved the URL.


Review-Url: https://codereview.chromium.org/2731953002
Cr-Commit-Position: refs/heads/master@{#455050}
Allow zero-height fragmentainers.
We used to assert against this, but we really can't, since there are
legitimiate reasons for a fragmentainer (and fragmentainer groups and column
sets) to have zero height, e.g. when its content is zero-height.


Review-Url: https://codereview.chromium.org/2737503002
Cr-Commit-Position: refs/heads/master@{#455040}
TestInterfaces: support delegate clearing.
Following r454834, the implementation of SetDelegate() also needs to
handle resetting of the test delegate.


Review-Url: https://codereview.chromium.org/2738513004
Cr-Commit-Position: refs/heads/master@{#455030}
Improve handling of duplicate id's for SVG resources
This CL attempts to fix the known issues with duplicate id's and SVG
resources. There are a variety of cases where this fails, and the added
tests attempt to cover those as well as possible.

The know bugs generally stem from:

 * Resources being registered in (layout) tree order after style
   recalc. This for instance mean that any later defined resources
   will shadow any earlier appearing resource (which would the correct

 * Removing a resource container does not consider that there could now
   be another resource that is no longer shadowed by the one removed.
   Together with the above, this also meant that removing a resource
   from the DOM could invalidate, and break, all occurences of said

This CL attempts to handle the above by factoring the result of
getElementById into the equation, considering it to be "the truth" when
possible/required. The new methods registerResource and
unregisterResource form the basis of this, codifying the two basic
operations on which the tracking is built. The tracking of the
'registered' flag from LayoutSVGResourceContainer is now handled by
SVGTreeScopeResources. While this flag could be considered an
optimization at this point, DCHECKs are added to attempt to keep it
true to it's purpose.


Review-Url: https://codereview.chromium.org/2722543002
Cr-Commit-Position: refs/heads/master@{#454951}
Stop casting HTMLInputElement to HTMLInputElement.
There can be some confusion which cast method to use, the
one for HTMLElements or the one for ListedElements so don't
even bother.

Review-Url: https://codereview.chromium.org/2728403003
Cr-Commit-Position: refs/heads/master@{#454899}
Add message loop to v8's unittests
When (at least some) v8 unittests are started in bigger batch
we hit v8 garbage collector's incremental marking hard limit.
When it happens v8's engine posts task and it causes crash as
there is no active message loop. This change creates message
loop for v8's unittests to fix this crash.


Review-Url: https://codereview.chromium.org/2735703003
Cr-Commit-Position: refs/heads/master@{#454898}
RenderFrameImpl: avoid creating many temporary WebDocuments.
Accessing a property off of a WebFrame's document will entail instantiating
a WebDocument, which implies a WebPrivatePtr<> holding a persistent reference.

Avoid the overhead via some manual CSEing.


Review-Url: https://codereview.chromium.org/2723083002
Cr-Commit-Position: refs/heads/master@{#454878}
Bit-mask incorrectly removed first-line pseudo bit.
The m_pseudoBits member only contains the 8 bits for the public pseudo
element bits, yet we used a mask to retrieve them. That mask was
incorrectly set to 0x1fe when it should have been 0xff. Anyway, that
mask is unnecessary and removed.

The mask issue caused StylePropagationDiff, returned from
diffPseudoStyles, to be NoChange for pure ::first-line changes. That
NoChange return were the only case which triggered first-line
invalidation properly.

Instead, always check for pseudo style changes in
pseudoStyleCacheIsInvalid. This fixes issue 698451.

The pseudoStyleCacheIsInvalid method has a weird name, has bugs, and
should be put on LayoutObject and called as part of setStyle instead.
That is for follow-up CLs.


Review-Url: https://codereview.chromium.org/2729373003
Cr-Commit-Position: refs/heads/master@{#454850}
Avoid fetching RFH from nav handle for not committed navigations.
For devtool use case there is only a need to check if hosts match,
so compareing frame tree node id instead of raw pointers will give
same result.


Review-Url: https://codereview.chromium.org/2730873002
Cr-Commit-Position: refs/heads/master@{#454849}
Calculate positioningArea and not just size, for tiling background.
Computing the correct background tiling size when sub-pixel border or
padding is used, requires calculating the full positioning area and not
just size. The actual fix for 686435 is in a followup cl.


Review-Url: https://codereview.chromium.org/2690053002
Cr-Commit-Position: refs/heads/master@{#454843}
WebViewTestProxyBase: clear out main test delegate upon destruction.
The first BlinkTestRunner created is set as the main delegate of test
interfaces along with being set as the delegate of the web view test
proxy object.

When that view test proxy goes away, unregister the main delegate at
the same time as it can no longer be safely accessed.


Review-Url: https://codereview.chromium.org/2734713002
Cr-Commit-Position: refs/heads/master@{#454834}
Isolate strictly unbreakable multicol containers that are nested.
A strictly unbreakable object (i.e. when getPaginationBreakability() ==
ForbidBreaks) has no valid break points inside. This is the case for e.g.
images, writing mode roots and scrollable objects. If such an object is an
inner multicol container, column content inside shouldn't interact with
enclosing columns.


Review-Url: https://codereview.chromium.org/2729903003
Cr-Commit-Position: refs/heads/master@{#454765}
Update views::Textfield cursor color on text color change
views::Textfield::SetTextColor should apply new color to the cursor as well.
Currently this will happen but only after Textfield::OnNativeThemeChanged
is triggered in some way.


Review-Url: https://codereview.chromium.org/2730623003
Cr-Commit-Position: refs/heads/master@{#454616}
Remove some unnecessary 'using namespace'
The construct "using namespace" is not allowed by the Chromium
coding style and since these are not even necessary I'm just
removing them.

Review-Url: https://codereview.chromium.org/2729093003
Cr-Commit-Position: refs/heads/master@{#454605}
The WebVTT 'line' settings should be parsed as a float
Per https://w3c.github.io/webvtt/#parse-the-webvtt-cue-settings .
Negative zero is transformed to positive zero.

Also make valid percentages outside of [0, 100] fail quicker.


Review-Url: https://codereview.chromium.org/2725313002
Cr-Commit-Position: refs/heads/master@{#454587}
Call getUncachedPseudoStyle on correct node for ::selection.
getUncachedSelectionStyle is typically called for the LayoutObject we
are currently painting. This might not be the node the ::selection
style is matched for. Specifically, we request getUncachedSelectionStyle
on LayoutText objects, but we need to match the ::selection style on its
parent element.

This already happened inside getUncachedPseudoStyle, but it's guarded by
a hasPseudoStyle() call for the pseudo element type. In the case where
we pass in a LayoutText, we are relying on the computed style with the
PseudoIdSelection bit set to be propagated down to the LayoutText object.
That does not happen if the style change for the element parent is
NoChange or NoInherit.

Instead find the element for which we are matching ::selection in
getUncachedSelectionStyle instead. The firstAncestorOrSelf() call is
still present in getUncachedPseudoStyle as there may be other pseudo
elements types where we rely on this.


Review-Url: https://codereview.chromium.org/2727253004
Cr-Commit-Position: refs/heads/master@{#454575}
Support XMLHttpRequest.send(URLSearchParams)
Update send()'s overloaded set to also include URLSearchParams,
mirroring a recent BodyInit spec addition,



Review-Url: https://codereview.chromium.org/2723583005
Cr-Commit-Position: refs/heads/master@{#454571}
needsPaintInvalidation() should not return true for selection.
In [1] we introduced a paint invalidation constant for repainting
selection. needsPaintInvalidation() started to also return true when
only the selection needed paint invalidation. Callers of that method
assumes that true will cause at least a full element repaint which made
us skip setting the diff to invalidate the object and only invalidate
the selection in some cases. Instead, only return true for
PaintInvalidationObject and PaintInvalidationSubtree.

[1] https://crrev.com/eff357ef


Review-Url: https://codereview.chromium.org/2727843004
Cr-Commit-Position: refs/heads/master@{#454564}
Remove some unnecessary using namespaces and add include guards
The Chromium Code Style doesn't allow using namespace and when
I looked at the code it seems some of them in layout are not
even needed. This removes the ones that are not needed and
adds explicit scoping at the one place it's needed.

Also adding a missing header guard and remove an unused enum.

Review-Url: https://codereview.chromium.org/2722313007
Cr-Commit-Position: refs/heads/master@{#454563}
Add View::AddedToWidget and RemovedFromWidget.
Many views implement ViewHierarchyChanged to perform some setup once a
Widget becomes available to them. This results with code duplication.
With these new methods there will be no need to implement
ViewHierarchyChanged for the common case.


Review-Url: https://codereview.chromium.org/2713643002
Cr-Commit-Position: refs/heads/master@{#454542}
Skip a few "using namespace" that we don't really need.
The Chromium coding style doesn't allow "using namespace" at all
and since the code will eventually adapt and they are causing
issues with some experiments I rather remove them now.

Review-Url: https://codereview.chromium.org/2729583004
Cr-Commit-Position: refs/heads/master@{#454449}
Respect constrained height on nested multicol containers.
If there's no more space in an inner multicol container (according to e.g. its
height or max-height), don't create any additional fragmentainer groups (i.e.
column rows).

The spec isn't clear here, but this change moves us closer to Edge, and also
eliminates cases where we'd previously end up with pathological numbers of
fragmentainer groups.

Also flipped the logic in hasFragmentainerGroupForColumnAt(), and renamed it to


Review-Url: https://codereview.chromium.org/2725943003
Cr-Commit-Position: refs/heads/master@{#454411}
Add a use-counter for transforms using the reference box on SVG element
For gauging the risk of implementing 'transform-box' proper - mostly
with an eye towards the initial value.


Review-Url: https://codereview.chromium.org/2725973003
Cr-Commit-Position: refs/heads/master@{#454408}
Avoid name collision for secondsPerHour/secondsPerMinute
There are other places declaring the names secondsPerHour
and secondsPerMinute. They don't collide right now, but by
moving these to a smaller namespace I can avoid collisions
in some experiments.

Review-Url: https://codereview.chromium.org/2730683004
Cr-Commit-Position: refs/heads/master@{#454384}
Fix core/frame PRESUBMIT for UseCounter changes
The start marker was missing a piece after

Review-Url: https://codereview.chromium.org/2728543006
Cr-Commit-Position: refs/heads/master@{#454312}
blink_gc_plugin: always enable warn_stack_allocated_trace_method check.

Review-Url: https://codereview.chromium.org/2730673003
Cr-Commit-Position: refs/heads/master@{#454307}
Enable Blink GC plugin check for stack allocated classes.
The latest clang roll (crbug.com/685244) included a GC plugin with
support for checking STACK_ALLOCATED() classes w/ unwanted trace
method definitions. Add support for that check to the build system,
unconditionally enabled.


Review-Url: https://codereview.chromium.org/2724353002
Cr-Commit-Position: refs/heads/master@{#454306}
Sync the FeatureObserver (UseCounter) metric in histograms.xml
Catching up with changes to Blink's

Review-Url: https://codereview.chromium.org/2729543004
Cr-Commit-Position: refs/heads/master@{#454280}
React to not committed render frame navigations in devtools.
Currently it was trying to handle only error pages or committed
navigations which lead to RenderFrameDevToolsAgentHost being stuck
in suspended state for navigations that did not commit (for example
downloads). This in turn caused webdriver to get stuck on further
interactions with such frames. This is regression caused by


Review-Url: https://codereview.chromium.org/2720823004
Cr-Commit-Position: refs/heads/master@{#454229}
Drop some "using namespace" in WebKit/Source/html.
Drop some "using namespace" that are not used or not allowed
by the coding standard.

Review-Url: https://codereview.chromium.org/2726603002
Cr-Commit-Position: refs/heads/master@{#453964}
Construct URLSearchParams from sequence initializer.
Follow up recent spec addition[1,2] and support sequence<sequence<USVString>>
initializers for URLSearchParams.

1 - https://github.com/whatwg/url/issues/27
2 - https://github.com/whatwg/url/pull/175


Review-Url: https://codereview.chromium.org/2725593003
Cr-Commit-Position: refs/heads/master@{#453903}
Move MarkupTokenizerInlines.h to core/html
This set of helpers is used by HTMLTokenizer and VTTTokenizer - both of
which reside in core/html.

Review-Url: https://codereview.chromium.org/2724593002
Cr-Commit-Position: refs/heads/master@{#453887}
Avoid conflict between 2 enums named Mode and 2 values named None.
If you include (directly or indirectly) forms/TypeAhead.h or
MediaFragmentURIParser.h or track/vtt/VTTRegion.h you get conflicts
either with the enum value None or the enum name Mode so give the
enum a less generic name.

Review-Url: https://codereview.chromium.org/2724533003
Cr-Commit-Position: refs/heads/master@{#453634}
bluetooth: show better error messages for services, characteristics and descriptors.
The error message now contains the UUID of the respective service, characteristic or descriptor.


Review-Url: https://codereview.chromium.org/2680783002
Cr-Commit-Position: refs/heads/master@{#453590}
Convert unnecessary ContextLifecycleObservers into ContextClients.
Convert remaining types that do not make use of |contextDestroyed()|
overriding, making them be context clients instead.


Review-Url: https://codereview.chromium.org/2721603005
Cr-Commit-Position: refs/heads/master@{#453574}
Use independent property inheritance fast-path for text-align.
This was originally attempted in [1], but the custom function for
applying text-align values did not clear the inherited bit.

Added a test to the framework to catch the case for trying to propagate
a value down to a descendant with the property explicitly set.

[1] https://codereview.chromium.org/2628503002/


Review-Url: https://codereview.chromium.org/2715213003
Cr-Commit-Position: refs/heads/master@{#453430}
Remove out-of-date comment about scoped style resolvers.
Collecting features is not longer connected to StyleResolver and the
comment is no longer correct in any way. The nullptr test is still
there because a TreeScope may have stylesheet candidates which do not
have style sheets. A candidate is causing the TreeScope to be added to
the active list, while it has to have at least one active stylesheet to
enforce a ScopedStyleResolver instance.


Review-Url: https://codereview.chromium.org/2716363002
Cr-Commit-Position: refs/heads/master@{#453427}
Rename SVGPaintContext::paintSubtree to paintResourceSubtree
To better reflect it's use and function.

Review-Url: https://codereview.chromium.org/2715513009
Cr-Commit-Position: refs/heads/master@{#453278}
Tidy up instance time handling in SVGSMILElement
Merge the addBeginTime and addEndTime methods into a single method
addInstanceTime (that takes a BeginOrEnd argument.) Migrate callers to
the new method, getting rid of SVGSMILElement::handleConditionEvent in
the process.
Also inline some trivial functions in SVGAnimationElement.


Review-Url: https://codereview.chromium.org/2712343004
Cr-Commit-Position: refs/heads/master@{#453233}
MessagePort: don't post repeated message dispatch tasks.
If a task has already been posted to drain the incoming queue of messages,
don't post another.


Review-Url: https://codereview.chromium.org/2716163002
Cr-Commit-Position: refs/heads/master@{#453205}
Allow flow thread portion logical bottom to be above its logical top.
We used to try to prevent this, as an attempt to make sure that no
fragmentainer group would have overlapping flow thread portion rectangles with
other fragmentainer groups. But that was already easily achievable with e.g. an
empty block between two column spanners anyway.

There is a legitimate reason for the flow thread portion bottom to be above the
top: negative margins.

Introduce MultiColumnFragmentainerGroup::logicalHeightInFlowThreadAt().
Less duplicated code. Some extra care is now needed, to make sure that we don't
end up with negative logical heights.


Review-Url: https://codereview.chromium.org/2709013007
Cr-Commit-Position: refs/heads/master@{#453201}
Add comment about SVGGraphicsElement.{nearest,farthest}ViewportElement
Move to bottom of interface per common practice.


Review-Url: https://codereview.chromium.org/2714123003
Cr-Commit-Position: refs/heads/master@{#453124}
Update VTTCue enum AlignSetting, "middle" -> "center"
Apparently this was missed in https://codereview.chromium.org/2683633006


Review-Url: https://codereview.chromium.org/2719513002
Cr-Commit-Position: refs/heads/master@{#453121}
Fold svgAttributeChanged into parseAttribute for SVGAnimateElement
This separation does not really give much in terms of benefits. Since
none of the SMIL-related attributes are exposed through SVG DOM, the
former method is always called after the latter. Move the code from the
former to the latter. This even avoids the attribute value lookup, for a
tiny perf gain...


Review-Url: https://codereview.chromium.org/2706243012
Cr-Commit-Position: refs/heads/master@{#452861}
Remove 'begin'/'end' processing from SVGSMILElement::svgAttributeChanged
The svgAttributeChanged hook is (with one exception) used for attributes
that are part of the SVG DOM representation ("object model".) 'begin'
and 'end' are not. Move handling to SVGSMILElement::parseAttribute


Review-Url: https://codereview.chromium.org/2719493002
Cr-Commit-Position: refs/heads/master@{#452858}
Tidy up event-/syncbase registration in SVGSMILElement
Move code for connect/disconnecting from event- and syncbase into the
Condition innerclass to improve readability.
Also make Condition::m_baseID and m_name be AtomicStrings (to avoid
casting and hashing all over the place), convert loops to range-syntax
and use references where it makes sense in related code-paths.


Review-Url: https://codereview.chromium.org/2714643007
Cr-Commit-Position: refs/heads/master@{#452857}
Avoid duplicating the CSS property mapping for SVG pres. attrs.
The attribute (object) -> CSS property mapping is specified at
construction and stored, so rather than having to repeat it, just read
and use the stored value.

Also add a cssValue() helper method to SVGAnimatedPath.

Review-Url: https://codereview.chromium.org/2708923011
Cr-Commit-Position: refs/heads/master@{#452839}
Remove LayoutSVGResourceContainer::m_id
By passing the old and new values to the idChanged() method, the only
"reload" of the value can be eliminated, and other instances can use
getIdAttribute() on the element. This makes the m_id field unused, so
it can be removed.


Review-Url: https://codereview.chromium.org/2714153002
Cr-Commit-Position: refs/heads/master@{#452838}
Verify that a new heap page isn't also marked as being off heap.
Attempt to diagnose a rare assert failure, where a conservative
GC stack scan finds a potential pointer in both the heap's
negative heap page cache and in the map of in-use heap pages.

Those two mapping should be mutually exclusive by construction,
and must be -- the negative page cache must not contain false
positives. Hence, add verification when a new page is committed
& used, it does not already have a mapping in that negative cache.


Review-Url: https://codereview.chromium.org/2715713005
Cr-Commit-Position: refs/heads/master@{#452833}
A per-heap RegionTree needs no lock.

Review-Url: https://codereview.chromium.org/2717613004
Cr-Commit-Position: refs/heads/master@{#452814}
Add header guards to CanvasAsyncBlobCreator.h

Review-Url: https://codereview.chromium.org/2711333002
Cr-Commit-Position: refs/heads/master@{#452812}
Cleanup the SVGTreeScopeResources interface
After some previous refactoring, some methods no longer need to be
public, and some methods can be folded into others to avoid some hash-
Also use HashMap::removeAll in removeElementFromPendingResources, change
some methods to use references and hide a longish typename with 'auto'.


Review-Url: https://codereview.chromium.org/2705163008
Cr-Commit-Position: refs/heads/master@{#452645}
Tidy ScriptRunner pending script handling.

Review-Url: https://codereview.chromium.org/2710233002
Cr-Commit-Position: refs/heads/master@{#452619}
Avoid negative content box sizes.
Negative values had two possible causes:

1. Subtracting the scrollbar size from the border box size. Scrollbars do not
affect the border box size, but they occupy space between some border edge and
padding edge. This means that the presence of a scrollbar on an object reduces
the size of the content box and the containing block established by said
object. This means that if e.g. the specified width of an object is 10px and it
has a vertical scrollbar that takes up more than that, e.g. 15px, the content
box width should become 0, not -5px.

2. Subtracting two huge (or even saturated) LayoutUnit values from one
LayoutUnit value. When we during layout convert a specified content-box width
to border-box (via padding-box), which is what LayoutBox::m_frameRect uses, we
may end up with saturated LayoutUnit values, so that:
LayoutUnit specified_content_box_width = <whatever, something nice, maybe>;
LayoutUnit left_padding = LayoutUnit::max() /*(or something huge, at least)*/;
LayoutUnit right_padding = LayoutUnit::max() /*(or something huge, at least);*/
LayoutUnit padding_box_width = content_box_width + left_padding + right_padding;
LayoutUnit content_box_width = padding_box_width - left_padding - right_padding;
Here, content_box_width won't be the same as specified_content_box_width,
because padding_box_width got saturated. That's kind of inevitable, with
saturated arithmetic and all, but what's worse is that we used to end up with a
negative value in content_box_width, which is illegal. So just clamp negative
values to 0 to avoid that.

Negative box sizes have various kinds of ill effects, such as inline-axis
misalignment and unwanted negative block direction progression. It was possible
to get negative padding (which is illegal) resolved from percentage values.
This in turn caused unnecessary assertion failures in multicol.

Attempted to come up with sensible layout tests that don't make assumptions
about how the engine deals with extreme values internally.


Review-Url: https://codereview.chromium.org/2716583002
Cr-Commit-Position: refs/heads/master@{#452578}
Merge overflowRectForFlowThreadPortion() into flowThreadPortionOverflowRectAt().
No need to keep this in LayoutMultiColumnSet anymore. Also got rid of
unused method LayoutMultiColumnSet::flowThreadPortionOverflowRect().

No behavior changes intended.

Review-Url: https://codereview.chromium.org/2711003005
Cr-Commit-Position: refs/heads/master@{#452537}
Avoid needless InstanceCounter.h inclusion.
Only needed if RefCounted<> is compiled specially.


Review-Url: https://codereview.chromium.org/2714703002
Cr-Commit-Position: refs/heads/master@{#452453}
Move SVGElement::buildPendingResourcesIfNeeded to SVGTreeScopeResources
Move notification of a resource "appearing" to SVGTreeScopeResources,
naming the method notifyResourceAvailable().
Simplify the handling of the pending resources map to avoid unnecessary
hash-lookups in some cases.


Review-Url: https://codereview.chromium.org/2710583005
Cr-Commit-Position: refs/heads/master@{#452187}
DisplayItemClient: avoid hash table temporaries when iterating.

Review-Url: https://codereview.chromium.org/2712703002
Cr-Commit-Position: refs/heads/master@{#452147}
Avoid unnecessary HashTable resizing during copy construction.
We do know the final table size, so reserve its size before starting
to copy over. Thereby avoiding intermediate table allocations.


Review-Url: https://codereview.chromium.org/2715473004
Cr-Commit-Position: refs/heads/master@{#452060}
Move LayoutSVGResourceContainer registration to SVGTreeScopeResources
Move LayoutSVGResourceContainer::registerResource to
SVGTreeScopeResources, renaming it to updateResource while getting rid
of addResource (since it's only called from updateResource.)
Simplify the interaction with the m_pendingResources set a bit, to
eliminate a hash-lookup in certain code-paths.


Review-Url: https://codereview.chromium.org/2714473002
Cr-Commit-Position: refs/heads/master@{#452050}
Remove unnecessary PagePool locks.
With per-thread heap (arenas), there will not be any contention
on adding and removing page pool entries.


Review-Url: https://codereview.chromium.org/2707193004
Cr-Commit-Position: refs/heads/master@{#452023}
Repaint selection when element with ::selection style is recalculated.
Selection was not repainted unless the selected text was repainted due
to other style changes. Now, if the ComputedStyle is recalculated for
an element and either the old or the new ComputedStyle had a bit set
for PseudoIdSelection, schedule paint invalidation for the selection
leaf children of that element.

Note that we don't need to traverse down the descendants because the
current implementation of ::selection in Blink only affects direct
children. The selection state is only propagated to containing block
ancestor, which is why we look for a containing block to check if any
of the children is selected.


Review-Url: https://codereview.chromium.org/2709693003
Cr-Commit-Position: refs/heads/master@{#451992}
Compute a more correct "screen scope" transform for SVGSVGElement
For getScreenCTM, only the position (translation) of the outermost svg
element was computed - any additional transform data was dropped.

Use LayoutObject::localToAbsoluteTransform to compute the full transform
rather than just the position of the layout box. Since using this method
works for any (attached) element, implement getScreenCTM without using
computeCTM, and get rid of the ScreenScope variant of the latter. This
also allows us to simplify SVGSVGElement::localCoordinateSpaceTransform
a bit, and drop the CTMScope argument from the
localCoordinateSpaceTransform declaration(s).

It's not clear from [1] how elements which are not in the rendering tree
(i.e has 'display: none' or similar) should be handled. With this
implementation we will return an identity matrix in those cases, which
doesn't seem unreasonable. (The option would be to return 'null', which
is how elements not in the document should be treated, but we don't have
that semantic implemented yet.)

[1] https://svgwg.org/svg2-draft/types.html#__svg__SVGGraphicsElement__getScreenCTM


Review-Url: https://codereview.chromium.org/2711503002
Cr-Commit-Position: refs/heads/master@{#451938}
Clean up the getLayoutSVGResource*ById helpers
Drop getLayoutSVGResourceContainerById helper, since we can just use
SVGTreeScopeResources::resourceById directly.

For getLayoutSVGResourceById, rather than calling through
TreeScope::ensureSVGTreeScopedResources, just pass the
SVGTreeScopeResources and do the lookup from there. Said object is
already available in the relevant places (only the layout tree dumping
needs to be updated wrt that.)


Review-Url: https://codereview.chromium.org/2708543003
Cr-Commit-Position: refs/heads/master@{#451839}
Disallow cross-thread Persistent<> read access.
A Persistent<> reference is belongs to the thread that created it,
read and write access must only be performed by that thread.

Debug verification have been in place for some time to verify that Persistent<>
updates only happen on its creation thread, and that the updated heap pointer
resides on that thread's heap. Extend the debug checks to also apply to read
access, checking that no other thread accesses the Persistent<>.

This requires converting a handful of Persistent<>s to CrossThreadPersistent<>s.


Review-Url: https://codereview.chromium.org/2702243003
Cr-Commit-Position: refs/heads/master@{#451753}
Gracefully handle navigator.getVRDisplays() in detached contexts.

Review-Url: https://codereview.chromium.org/2703283003
Cr-Commit-Position: refs/heads/master@{#451734}
Simplify MediaStreamAudioSourceNode ownerships.
The processing that happens on the audio thread for this object
doesn't access the MediaStream. Hence the reference to it and the
track can be kept directly on the node object, thereby avoiding the
use of a pair of Persistent<>s.


Review-Url: https://codereview.chromium.org/2699403002
Cr-Commit-Position: refs/heads/master@{#451726}
Make Editor::findEventTargetFrom() to align Clipboard API specification
This patch changes |Editor::findEventTargetFrom()| to return focused element if
selection start is not editable to align Clipboard API specification[1] for
improving interoperability.

[1] https://w3c.github.io/clipboard-apis/#to-fire-a-clipboard-event

TEST=webkit_unittests --gtest_filter=ClipboardEventFlowTest.*

Review-Url: https://codereview.chromium.org/2685723005
Cr-Commit-Position: refs/heads/master@{#451716}
Rewrite svg/zoom/page/zoom-get-screen-ctm.html to use testharness
In preparation for some future tweaks to this test.


Review-Url: https://codereview.chromium.org/2708493003
Cr-Commit-Position: refs/heads/master@{#451657}
Remove unused processedBlocks variable.

Review-Url: https://codereview.chromium.org/2702233003
Cr-Commit-Position: refs/heads/master@{#451651}
Disable flaky compositing/reflections/nested-reflection-* tests
The following two tests appear to produce slightly different results
(different offsets?) somewhat randomly:



Review-Url: https://codereview.chromium.org/2702343002
Cr-Commit-Position: refs/heads/master@{#451635}
Removed dated Persistent<>::checkPointer() assert.
Remove the ASan-only verification that a Persistent<> refers to a heap
object. Static asserts will ensure that Persistent<T> is only instantiated
for GCed types, so this verification adds little extra value.


Review-Url: https://codereview.chromium.org/2701273002
Cr-Commit-Position: refs/heads/master@{#451580}
Invalidate custom pseudo elements for RuleSet invalidations.
When we have selectors containing custom pseudo elements matching
elements inside the UA shadow, and no id, class, or attribute selectors
present, do like we do for type selectors and invalidate as part of an
invalidation set scheduled on the root node of the tree scope for
RuleSet invalidations.

We utilize the same invalidation set as for type invalidations and mark
it as invalidating custom pseudo elements as well as marking it as
tree-boundary-crossing to allow drilling into the UA shadow.

This means we will traverse into all shadow sub-trees, but it should at
least be better than the existing recalc all behavior.

The full recalc for custom pseudo elements caused a full recalc for one
of the stylesheets on facebook.com.


Review-Url: https://codereview.chromium.org/2700943003
Cr-Commit-Position: refs/heads/master@{#451578}
Add out-of-flow objects under the inline in a continuation chain, when possible.
The same goes for floating objects. Only when a floating or out-of-flow
positioned object is to be added between two block-level children should we add
it to the anonymous block box holding the block-level children. If the new
child is to be added before a block-level child, and this beforeChild is the
first block-level child, we should rather make the new child the last child of
the preceding inline, rather than the first child of the anonymous block
containing block-level children.

Also cleaned up and documented the code somewhat.


Review-Url: https://codereview.chromium.org/2698243002
Cr-Commit-Position: refs/heads/master@{#451525}
Schedule a type selector invalidation set for RuleSet invalidations.
We marked all elements which had a selector in the tagRules bucket for
style recalc for RuleSet invalidations. That means we would recalculate
style for all spans if we added a stylesheet containing a rule with an
"#id span" selector (but not for "#id span.class" as that ends up in
the classRules bucket).

Instead, use an invalidation set containing only tag names for the
selectors where there are no ids, classes, or attribute selectors, and
which have a type selector in the rightmost compound. This means that
"#id span" will not add "span" to that set, but "span" and "div span"
will. "div span" will not add "div", and "div *" will cause a full
scope recalc. In order to support invalidation for those, we would have
had to have one invalidation set for each tag name instead of a single
descendant invalidation set for all.

RuleSet invalidations schedule this typeRuleInvalidationSet on the root
of the TreeScope When doing ruleset invalidations.


Review-Url: https://codereview.chromium.org/2703643003
Cr-Commit-Position: refs/heads/master@{#451488}
Use unique id's in svg/filters/feBlend-all-modes.html
The same id's would be reused in all the three groups (color
combinations.) Add the group index to the id's to avoid this.


Review-Url: https://codereview.chromium.org/2703803003
Cr-Commit-Position: refs/heads/master@{#451483}
Avoid over-eager clipping of child layers in multicol.
Self-painting layers (caused by e.g. position:relative) don't contribute to
visual overflow in their parent layout object; see
LayoutBox::addOverflowFromChild(). We cannot use the visual overflow rectangle
set on the flow thread when calculating the bounding box of a fragment
established by a child layer.

Therefore, only clip in the flow thread's block direction in
overflowRectForFlowThreadPortion(), and leave the inline axis alone. I
simplified the implementation, since it's now way easier to start with an
infinite rectangle, and just limit the dimensions that need it afterwards.

Also got rid of an old check for hasOverflowClip(), which must have been
residue from the CSS regions implementation.

This also happened to fix some inaccuracies mostly invisible to the naked
eye, when it comes to transform:scale()d text with glyphs that have negative
left bearing or overflow the line box vertically. It looks like we measure and
lay out with the CSS computed font, and then switch to a scaled font when
painting, so that it looks crisp and nice. This may result in tiny
inaccuracies in the bounding box of the text, and
fast/borders/border-antialiasing.html exhibited this, and had to be
rebaselined. Added fast/multicol/scale-transform-text.html to better
demonstrate what we're fixing.

paint/invalidation/multicol-with-relpos.html also had to be rebaselined,
since it turns out that it has never painted its stuff correctly until now.


Review-Url: https://codereview.chromium.org/2699653002
Cr-Commit-Position: refs/heads/master@{#451376}
Remove stray method declaration in RuleFeatureSet.
Review-Url: https://codereview.chromium.org/2703693002
Cr-Commit-Position: refs/heads/master@{#451307}
Tidy DEFINE_(THREAD_SAFE_)STATIC_LOCAL() implementations.
Move the handling of static local singletons into the
WTF::StaticSingleton<T> wrapper class, including the "same thread"
debug verification.

Use it to also implement the "thread safe" variant also, which can
now be done in a straightforward manner after issue 686866 enabled
C++ thread safe statics.


Review-Url: https://codereview.chromium.org/2680843006
Cr-Commit-Position: refs/heads/master@{#451305}
Don't keep pointers to table sections when told to recalculate sections.
They may have been deleted.

We should ideally assert in header(), footer() and firstBody() in LayoutTable
that we're not waiting for a section recalc, but that's currently failing in one
trybot; see crbug.com/693212

This would have fixed the original use-after-free issue with bug 680224, but
before this CL landed, I found another fix that attacked the root cause instead.
Still no point in keeping potentially dead pointers around, though.


Review-Url: https://codereview.chromium.org/2636153002
Cr-Commit-Position: refs/heads/master@{#451257}
Add type selector invalidation set for ruleset invalidations.
We currently look at RuleSet::tagRules() to figure out if an element
needs a style recalc when adding a stylesheet. This recalculates too
much for rules like "#id span" which ends up in the tagRules bucket,
causing style recalcs for every span. The plan is to use an
m_typeRuleInvalidationSet which contains the tag names for rules which
don't contain other simple selectors which have associated invalidation

For instance, "#id span" will not add span to m_typeRuleInvalidationSet
since we can rely on the invalidation set for #id to invalidate spans.
However, "span" or "div span" will add span to that set.

This CL prepares for this by introducing the set and a way to collect
it. This new set will be scheduled on the root node of the TreeScope
when adding/removing a stylesheet. We did not support scheduling
invalidation sets on the document node, so this CL adds that
possibility as well.


Review-Url: https://codereview.chromium.org/2699883002
Cr-Commit-Position: refs/heads/master@{#451170}
document.lastModified: treat invalid dates like unknown ones.
If the value supplied via Last-Modified: is unparseable, treat the
modification date as unknown and return the current time (rather than
00-00-0000 00:00:00)

This aligns behavior with all other browsers.


Review-Url: https://codereview.chromium.org/2698773005
Cr-Commit-Position: refs/heads/master@{#451123}
Remove unused blink_gc_plugin_flags.py script.
Became unused with GN, now safe to remove.


Review-Url: https://codereview.chromium.org/2691943009
Cr-Commit-Position: refs/heads/master@{#451056}
Less code duplication in PaintLayer::collectFragments()

Review-Url: https://codereview.chromium.org/2691303004
Cr-Commit-Position: refs/heads/master@{#450737}
Don't clear 'web animations dirty' flag if we have no rare data
If an SVGElement has an instantiated ElementAnimations object and
animation time has progressed, but no actual animation has been applied
(and hence no SVGElementRareData has been created), we don't need to
clear the dirty bit in the rare data.
The initial trigger for this seems to be the Element.computedName
implementation for a detached node, which tries to compute style in
this case, triggering a DCHECK in Node::containingTreeScope when doing


Review-Url: https://codereview.chromium.org/2689713003
Cr-Commit-Position: refs/heads/master@{#450689}
Reorder setting of zooming, to prevent reflowing and size mismatch.
When zooming is applied to the document, the color suggestion picker can lose
or gain bottom pixels, which causes missing borders or rendering artifacts.

This appears to be caused by some unfortunate assumptions and interactions
in Source/web/resources/colorSuggestionPicker.js and friends.

The color picker is a separate window, and the contents of the window is
generated in ColorChooserPopupUIController.cpp.  colorSuggestionPicker.js
resizes the window to exactly fit the content, but the zoom factor is applied
afterwards, causing an additional reflow (see WebPagePopupImpl.cpp:329).
There is no guarantee that the zoomed contents will fit the window any more,
and much of the time it doesn't.

By setting zoom factor before forcing layout, the final size is reached the first
time around, and the window size should be correct.


Review-Url: https://codereview.chromium.org/2695723002
Cr-Commit-Position: refs/heads/master@{#450513}
Actually delegate in additional FilterEffectBuilder constructor
Because url(...) filters are ignored/dropped this will not have any
practical effect, but could avoid issues in the future.


Review-Url: https://codereview.chromium.org/2692883003
Cr-Commit-Position: refs/heads/master@{#450374}
Remove unused includes of SVGDocumentExtensions.h
Review-Url: https://codereview.chromium.org/2696803002
Cr-Commit-Position: refs/heads/master@{#450334}
ColumnBalancer: need to examine lines that protrude into the flow thread portion.
We cannot skip a line that starts before the flow thread portion of interest,
if it ends inside the portion.

Some extra care is needed to avoid regressions here: The part of a line that
starts before the multicol container itself needs to be ignored, or we risk
overstretching the multicol container.


Review-Url: https://codereview.chromium.org/2690863003
Cr-Commit-Position: refs/heads/master@{#450033}
Support subpixel layout of borders.
This cl implements subpixel layout of borders.  Painting of subpixel
borders now uses rounding to nearest CSS pixel, and is aligned with
Edge.  Handling of device pixel ratios > 1 isn't implemented here,
and is better covered in a separate task.

This does not implement subpixel borders for tables, as that interacts
with table layout width calculations, which would also need to be
adapted to subpixels.  Again, that's better dealt with in a separate

A number of test cases had to be rebaselined, due to minor changes in
layout and/or painting.  Most of these changes appear in tests that uses
zooming, and implicitly have fractional borders.

svg/zoom/page/zoom-replaced-intrinsic-ratio-001.htm now looks a bit
broken, but that's due to an unrelated issue with aspect ratio and
subpixels (in LayoutPart, if I recall correctly).


Review-Url: https://codereview.chromium.org/2640143005
Cr-Commit-Position: refs/heads/master@{#449943}
Fix partition_alloc unit tests.
BUG=691197, 684513

Review-Url: https://codereview.chromium.org/2689103002
Cr-Commit-Position: refs/heads/master@{#449892}
Tie DragState to DragController.
Clarify ownership & scope of DragState and have the page's
DragController own it.


Review-Url: https://codereview.chromium.org/2687193004
Cr-Commit-Position: refs/heads/master@{#449889}
Remove TextTrack.regions and VTTRegionList
Removed from the WebVTT spec https://github.com/w3c/webvtt/pull/31

Because we no longer need to track a list of regions in TextTrack, we
can also remove all the plumbing between the parser and the (loadable)


Review-Url: https://codereview.chromium.org/2685943004
Cr-Commit-Position: refs/heads/master@{#449791}
Various cleanups in VTTRegion
 * Eliminate single-use pseudo-id functions (and associated statics)

 * Avoid redundant calls to getBoundingClientRect, and use
   ClientRect::height where appropriate.

 * Allow using ElementTraversal::childrenOf in
   VTTRegion::displayLastVTTCueBox by putting a break after

 * Get rid of VTTRegion::m_settings and updateParametersFromRegion
   (they are not used.)

 * Replace 'long' with 'int' for lines, because that matches the
   WebIDL type better.

 * Remove unused includes (add more specific ones when needed.)

Review-Url: https://codereview.chromium.org/2689703002
Cr-Commit-Position: refs/heads/master@{#449790}
Specify orphans:1 and widows:1 in old multicol test.
The test and the ref rendered identically, but it didn't look as asserted by
the textual pass condition.

Review-Url: https://codereview.chromium.org/2692453002
Cr-Commit-Position: refs/heads/master@{#449637}
Implement VTTCue.region and sync the VTTRegion interface
This CL implements the VTTCue.region property, replacing 'regionId'. The
main implementation mechanism is a new map in VTTParser that tracks the
regions currently seen.

Rewrite the region parser test to be based on cues rather than the list
of regions. This will ease the removal of TextTrack.regions.

Sync the VTTRegion with the current spec by

 * renaming the 'height' property to 'lines',

 * adding and using the ScrollSetting IDL enumeration type and

 * dropping the 'id' and 'track' properties.

Update tests as needed to match the above changes.


Review-Url: https://codereview.chromium.org/2682333002
Cr-Commit-Position: refs/heads/master@{#449589}
Prevent icf/comdat folding for OOM_CRASH() entry points.
We have various OOM-failure entry points which call OOM_CRASH() but
not much more. These are all NO/NEVER_INLINEd, but that isn't sufficient
to prevent the linker from common'ing up these identical functions
(see associated bug for an example), leading to confused crash stacks.

Avoid invasive linker optimization by adopting r306650 to OOM_CRASH().


Review-Url: https://codereview.chromium.org/2683033008
Cr-Commit-Position: refs/heads/master@{#449582}
Move VisitorMarkingMode into Visitor.
Move this enum back into Visitor where it better belongs; recent
simplifications to the marking visitor implementation class types
makes that a trivial exercise.


Review-Url: https://codereview.chromium.org/2688083002
Cr-Commit-Position: refs/heads/master@{#449568}
Stay within the containing block when looking for a line to dirty.

Review-Url: https://codereview.chromium.org/2686913002
Cr-Commit-Position: refs/heads/master@{#449237}
Remove TextTrack.{add,remove}Region
Removed from the spec by https://github.com/w3c/webvtt/pull/31


Review-Url: https://codereview.chromium.org/2684993003
Cr-Commit-Position: refs/heads/master@{#449140}
blink_gc_plugin: warn of unused trace methods to stack allocated classes.
A STACK_ALLOCATED()-annotated class does not need a trace method; issue
a warning if encountered.


Review-Url: https://codereview.chromium.org/2685583002
Cr-Commit-Position: refs/heads/master@{#449046}
SVGTransformList.consolidate() should return null on an empty list
SVGTransformList.consolidate() returns an SVGTransform with type
"unknown", which is an invalid object that other parts of the code
couldn't cope with. The specification:


say that 'null' should be returned in this case though, so do that

Rewrite svg/dom/SVGTransformList-empty-list-consolidation.html to use
actually assert this part of the contract, and also convert it use
testharness.js while at it.

BUG=688306, 688303

Review-Url: https://codereview.chromium.org/2681803004
Cr-Commit-Position: refs/heads/master@{#448994}
Clear MatchedPropertiesCache on StyleRule changes.
CSSOM changes used to cause a FullStyleUpdate which cleared the whole
StyleResolver. With the new active stylesheet update using RuleSet-
based style invalidation, clearing the MatchedPropertiesCache was
missing. The reason it needs to be cleared, is that the hash key for
the cache entry is based on StylePropertySet pointers which don't
change when adding/removing declarations to a mutable StylePropertySet.


Review-Url: https://codereview.chromium.org/2679623002
Cr-Commit-Position: refs/heads/master@{#448939}
blink_gc_plugin: report illegal on-heap iterators as warnings/errors.
Fix classification bug, when encountered this should be reported as a
warning/error, not as a supplementary note.


Review-Url: https://codereview.chromium.org/2681753002
Cr-Commit-Position: refs/heads/master@{#448932}
Remove faulty assertion in LayoutSVGResourceContainer::registerResource
When notifying pending elements we don't know what resource type the
registration is for, so it's entirely plausible that the resource type
is one that a possible client isn't really interested in (like a 'mask'
ending up pointing to a <filter>, like in this particular case.)


Review-Url: https://codereview.chromium.org/2680683003
Cr-Commit-Position: refs/heads/master@{#448688}
Remove trace() methods for stack-only classes.
A class annotated with STACK_ALLOCATED() does not require a trace
method, as its heap references are reachable and kept alive by virtue
of being on the stack, should any conservative GC go ahead.


Review-Url: https://codereview.chromium.org/2685563002
Cr-Commit-Position: refs/heads/master@{#448627}
Track constant InputDeviceCapabilities objects per-window.
Do not keep global main thread Persistent<>s for the two
constant InputDeviceCapabilities objects, as that will
end up sharing wrapper objects across contexts.


Review-Url: https://codereview.chromium.org/2675793005
Cr-Commit-Position: refs/heads/master@{#448597}
Out-of-line trace() methods of editing template types.
With a simpler trace method infrastructure in place, we
can now define trace methods of the editing templates


Review-Url: https://codereview.chromium.org/2672413003
Cr-Commit-Position: refs/heads/master@{#448563}
Add missing documentation for Allocator.h macros + EAGERLY_FINALIZE().

Review-Url: https://codereview.chromium.org/2672273002
Cr-Commit-Position: refs/heads/master@{#448234}
Have SubframeLoadingDisabler singleton live off-heap.
Primarily to diagnose potential heap corruption, keep
track of the disabled set off-heap. The untraced references
added aren't unsafe, as they are all stack-reachable by


Review-Url: https://codereview.chromium.org/2667853006
Cr-Commit-Position: refs/heads/master@{#447682}
Disallow sequences with lengths exceeding max allocation supported.
Vector backing stores are limited in size by the maximum allowed by
their allocator. When converting incoming IDL sequence types into
native arrays, check if the requested size exceed that max limit and
throw a TypeError(), if needed.

Only pathological inputs will run up against this limit and exception.


Review-Url: https://codereview.chromium.org/2657173002
Cr-Commit-Position: refs/heads/master@{#447466}
Remove unused declarations of pageLogicalHeight.

Review-Url: https://codereview.chromium.org/2664063003
Cr-Commit-Position: refs/heads/master@{#447323}
Change HeapCompaction feature status to stable.

Review-Url: https://codereview.chromium.org/2653413002
Cr-Commit-Position: refs/heads/master@{#447248}
Chromium doesn't compile with -Wglobal-constructors
We compile chromium with clang flag -Wglobal-constructors in our
project. We have following compilation error during compilation
of user_input_tracker.cc:

error: declaration requires a global constructor [-Werror,-Wglobal-constructors]
const int kRateLimitClampMillis = (kOldestAllowedEventAgeSeconds * 1000) /

In order to get rid of this global constructor I recommend to declare
static class variable UserInputTracker::kMaxTrackedEvents and global
variable kRateLimitClampMillis as constexpr which will be expanded to
numerical value during compilation.


Review-Url: https://codereview.chromium.org/2662803002
Cr-Commit-Position: refs/heads/master@{#447000}
Tidy generated toMemberNativeArray<>() invocations.

Review-Url: https://codereview.chromium.org/2654143006
Cr-Commit-Position: refs/heads/master@{#446662}
Cleanly detach XHR and other pending loader clients from Inspector.
If the XHR object is finalized without first being notified of
ExecutionContext destruction, its prefinalizer is responsible for making
up the difference and behave as if that did.

Do so by delegating to contextDestroyed(); this takes care of
releasing its resources promptly, along with unregistering as
a loader client (with its associated async loader and Inspector.)

Also make other Inspector loading clients cleanly detach when
finalized; prevents Inspector from keeping dead raw pointers to them.


Review-Url: https://codereview.chromium.org/2649323005
Cr-Commit-Position: refs/heads/master@{#446660}
Don't paint selections in <mask>s, <clipPath>s and <pattern>s
Painting a selection within a <mask>, <clipPath> or <pattern> can
trigger a client "style change" to update the resource cache with
whatever the selection style refers to. This "style change" signal will
trigger a layout on the resource's clients while painting.
Since painting selections within these types of resources, add a
PaintLayerFlag and use it to disable selection painting in these cases.
Include the painting of elements references from feImage as well under
the same umbrella.


Review-Url: https://codereview.chromium.org/2648343004
Cr-Commit-Position: refs/heads/master@{#446318}
Remove trace frame template specialization.
More tidying after r445993, only one instantiation of these method


Review-Url: https://codereview.chromium.org/2654243002
Cr-Commit-Position: refs/heads/master@{#446302}
Float32ImageData, PerformanceObserver: no finalization needed.

Review-Url: https://codereview.chromium.org/2652393002
Cr-Commit-Position: refs/heads/master@{#446289}
Emit trace(Visitor*) rather than a templated trace().
One trace() method will now suffice, simplify generated code.


Review-Url: https://codereview.chromium.org/2653153003
Cr-Commit-Position: refs/heads/master@{#446262}
blink_gc_plugin: retire overloaded traceImpl detection and handling.
With the specialized InlineGlobalMarkingVisitor gone (r445993), Blink no
longer use a templated traceImpl() method for its trace methods. Follow
up and remove the checks for it in the GC plugin.


Review-Url: https://codereview.chromium.org/2655933002
Cr-Commit-Position: refs/heads/master@{#446137}
Return ActiveSheetsChanged when rulesets change in common prefix.
When comparing old and new active sheets, we only append the added
sheets to the ScopedStyleResolver if the old sheet vector is a prefix
of the new sheets. However, that's not correct if any of the RuleSets
in the common prefix changed due to media query changes or cssom
modifications of a stylesheet.

I can confirm that this fixes 681472. The other two issues in the BUG
field look like duplicates, but I've not been able to reproduce them.


Review-Url: https://codereview.chromium.org/2650743002
Cr-Commit-Position: refs/heads/master@{#446008}
Revert of Add null check to animations for registered custom property initial values (patchset #2 id:20001 of https://codereview.chromium.org/2649863006/ )
Reason for revert:
This goes together with the revert https://codereview.chromium.org/2649103008/ ; looks like the two CLs didn't match up,


(Hope the double revert doesn't cause too much work.)

Original issue's description:
> Add null check to animations for registered custom property initial values
> After a recent change to CSSInterpolationType for registered custom properties
> it was assumed that all registered custom properties had initial CSSValues.
> This is not the case and null derefs were reachable. This patch fixes up
> the false assumption.
> BUG=684234
> Review-Url: https://codereview.chromium.org/2649863006
> Cr-Commit-Position: refs/heads/master@{#445969}
> Committed: https://chromium.googlesource.com/chromium/src/+/f2ec8922cbe5f632a937cf242faf5f23c0d1b3ff

# Skipping CQ checks because original CL landed less than 1 days ago.

Review-Url: https://codereview.chromium.org/2650403002
Cr-Commit-Position: refs/heads/master@{#445996}
Revert of Add smooth interpolation support for <color> custom properties (patchset #5 id:80001 of https://codereview.chromium.org/2564793002/ )
Reason for revert:
Added test is seen failing on the bots, e.g.,


Original issue's description:
> Add smooth interpolation support for <color> custom properties
> This change enables smooth interpolation for animations on
> custom properties registered as <color>.
> This does not add support for CSS Transitions, only CSS
> Animations and Web Animations.
> This does not add support for currentcolor for CSS Animations,
> supporting this may require further redesigns to style resolution.
> BUG=671904
> Review-Url: https://codereview.chromium.org/2564793002
> Cr-Commit-Position: refs/heads/master@{#445967}
> Committed: https://chromium.googlesource.com/chromium/src/+/96bee2c42c8df73523e971850215d29d1c40c15f

# Skipping CQ checks because original CL landed less than 1 days ago.

Review-Url: https://codereview.chromium.org/2649103008
Cr-Commit-Position: refs/heads/master@{#445994}
Devirtualize Visitor and remove inline visitor specialization.
The Blink GC infrastructure requires its managed objects to provide
a "trace()" method which will visit all the heap references it keeps
into the Blink GC heap, by calling the "trace()" method on each of
these via an incoming |visitor| argument (a Visitor.)

The Visitor interface is really only used for that, i.e., to perform GC
marking, so the flexibility it provides by way of overridable virtual
methods, is unused. And it slows down the GC marking phase, something
the specialized "inline visitor" (InlineGlobalMarkingVisitor) demonstrated,
which devirtualized the mark() method, with noticable improvements to
overall GC marking times.

Given that and Visitor's use, devirtualize Visitor entirely and make
it a GC marking visitor and nothing else. Besides removing code complexity,
this also allows the removal of InlineGlobalMarkingVisitor along with
all the specialized trace() implementation methods that we emit for each
Blink GC managed object.

Performance numbers show a ~10% improvement on marking times for
oilpan_gc_times.{tough_animation_cases, blink_perf_stress}; code size
(Android(ARM) official build, content shell) is 180k less.


Review-Url: https://codereview.chromium.org/2652923002
Cr-Commit-Position: refs/heads/master@{#445993}
Don't "repack" parameters in SVGElement::attributeChanged
Instead of making a AttributeModificationParams which always uses the
"directly" modification reason, just forward the original reason.
The 'reason' argument was added by [1] which did not indicate why SVG
elements would be subject to different treatment than regular elements.

[1] https://codereview.chromium.org/14234005

Review-Url: https://codereview.chromium.org/2652653002
Cr-Commit-Position: refs/heads/master@{#445698}
Merge list of orthogonal writing mode roots into depth-ordered layout list.
If we're going to perform a series of subtree layouts, rather than one layout
from LayoutView, and we at the same time have a list of orthogonal writing mode
roots that need to be laid out before their ancestors, we need to make sure
that subtrees are laid out in an overall tree depth ordered manner, or we risk
skipping layout of a subtree needing layout. That would cause trouble for the
column balancer (which examines the tree after layout and expects everything to
be laid out), and quite possibly other kinds of trouble elsewhere too.


Review-Url: https://codereview.chromium.org/2635143003
Cr-Commit-Position: refs/heads/master@{#445497}
Don't cancel out scroll offset when calculating the clip rectangle for multicol.
We still want the clip rect to be relative to the multicol container, but we
cannot get there by using the location() of the flow thread's PaintLayer,
because then we'll then cancel out the scroll offset that's also baked into

This CL will cause paint/invalidation/paged-with-overflowing-block-rl.html to
regress, but it turned out that it just passed by accident anyway. Having that
test broken is way less serious than barely being able to scroll at all in a
regular multicol container.


Review-Url: https://codereview.chromium.org/2643123004
Cr-Commit-Position: refs/heads/master@{#445478}
Move 'id'-related invalidation to SVGElement::attributeChanged
There's no reason for 'id'-related invalidation to reside in
SVGElement::svgAttributeChanged since it has no interaction with an
(animated) SVG DOM attribute. Move it to SVGElement::attributeChanged
This will also enable us to make use of the old/new value that is
available in attributeChanged().


Review-Url: https://codereview.chromium.org/2645383002
Cr-Commit-Position: refs/heads/master@{#445393}
SVG objects with same idrefs conflict when under different shadow root
When SVG idrefs are the same, even though the
LayoutSVGResourcesContainers are created under different shadow roots,
they conflict and only the last one is available. The problem is that,
currently, the HashMap mapping id's to LayoutSVGResourcesContainers are
owned/scoped to the document instead of the treeScope.
This CL moves that hash map from document to treeScope, so that
LayoutSVGResourcesContainers with the same id in different shadow roots
won't conflict.

Currently the following 2 maps (which are wrapped into the
SVGDocumentExtensions class) are owned by document instead of treeScope:

  HashMap<AtomicString, LayoutSVGResourceContainer*> m_resources;
  HeapHashMap<AtomicString, Member<SVGPendingElements>> m_pendingResources;

Thus when a new LayoutSVGResourcesContainer with the same id is created,
it is inserted into m_resources and overwrites the one with the same
key (id).

This CL separates these 2 maps from SVGDocumentExtensions and wrap them
into a new class (named SVGTreeScopeResources), and lets TreeScope have
them as a member variable (m_svgTreeScopedResources).
This CL also moves the corresponding methods accessing these 2 maps into
the new class.

To make this work together with <use>, we need to make sure to use the
TreeScope of the "original" element. Move the helper from LayoutSVGTextPath
to SVGElement::treeScopeForIdResolution and then use that for this.

Based on https://codereview.chromium.org/2107153002 by Taijin Tei.


Review-Url: https://codereview.chromium.org/2633143002
Cr-Commit-Position: refs/heads/master@{#445378}
PaymentApp: Implement invokePaymentApp for Android
This change implements the
ServiceWorkerPaymentAppBridge.invokePaymentApp() function along with the
corresponding native InvokePaymentApp() function.

The signature of PaymentInstrument.invokePaymentApp() has also been
changed to add the payment details modifiers field, and to align the
ordering and naming of the arguments with the definition of the
PaymentAppRequest dictionary in the specification:



Review-Url: https://codereview.chromium.org/2640743005
Cr-Commit-Position: refs/heads/master@{#445301}
Disable g++ inlining of eager-tracing mark() method.
Versions of g++ (with -Os) are over-eager about inlining the mark()
method that's used for all non-mixin Oilpan objects, resulting in
a code size increase that's unwanted (for Android official builds.)
Other compilers and g++ (with -O2/-O3) are more discriminate about
inlining the method, with no comparable code size increase delta.

Tuning the compiler's optimization option set to avoid the problem
hasn't proven successful, so bluntly address the problem by disabling
inlining for the method.


Review-Url: https://codereview.chromium.org/2643403003
Cr-Commit-Position: refs/heads/master@{#445288}
Initially load new_tab.css with a timestamp for chrome://apps.
This is what incognito_tab.html already does. Changing the url to add a
timestamp query on DOMContentLoaded caused a FoUC.


Review-Url: https://codereview.chromium.org/2647653002
Cr-Commit-Position: refs/heads/master@{#445285}
Have VisitorHelper<> handle moving object registration.
As the registration of objects is only done by a compacting
GC, there isn't any need to be indirect about registering
them - remove a layer of Visitor virtual methods and have
the VisitorHelper<> do the registration directly.


Review-Url: https://codereview.chromium.org/2642933005
Cr-Commit-Position: refs/heads/master@{#445245}
Enable more unittests for BlueZ and ChromeOS.
This patch fixes an issue with the DBUS naming needed for the generic unittests.
This again made it possible to enable a couple of more tests for BlueZ and

Review-Url: https://codereview.chromium.org/2640883002
Cr-Commit-Position: refs/heads/master@{#445117}
'*' is not a valid attribute selector
Per the CSS Selectors specification [1], a '*' is not allowed as the
name of an attribute.

[1] https://drafts.csswg.org/selectors-4/#typedef-attribute-selector


Review-Url: https://codereview.chromium.org/2646493002
Cr-Commit-Position: refs/heads/master@{#445046}
Stop requiring a reader in MultibufferDataSource::SetBitrateTask()
Callers of MultibufferDataSource::SetBitrate() must not be required to
be aware of whether or not there is a |reader_| available, because
that's internal MultibufferDataSource state that changes for several
reasons, some of which aren't necessarily visible to the client calling
SetBitrate(), e.g., OnBufferingHaveEnough().

Note that UpdateBufferSizes(), called from SetBitrate(), handles the
case of a null |reader_| gracefully.

Review-Url: https://codereview.chromium.org/2647483003
Cr-Commit-Position: refs/heads/master@{#444867}
Add SVGResources helper for resource-bounds invalidation
Add a new helper method removeClientFromCacheAffectingObjectBounds to
SVGResources to better describe the intention of code that performs this
operation (removeFromCacheAndInvalidateDependencies.) It also makes
LayoutSVGResourceContainer not depend on its derived classes.
Also make use of it in the generic SVGResources::removeClientFromCache.

Review-Url: https://codereview.chromium.org/2647443004
Cr-Commit-Position: refs/heads/master@{#444811}
Serialize type and attribute selectors as identifiers
Per [1], both the element name of a type selector and the attribute name
of an attribute selector - as well as their corresponding namespace
prefix (if any) - should be serialized as identifiers [2].

[1] https://drafts.csswg.org/cssom/#serialize-a-simple-selector
[2] https://drafts.csswg.org/cssom/#serialize-an-identifier


Review-Url: https://codereview.chromium.org/2645563002
Cr-Commit-Position: refs/heads/master@{#444766}
Adjust placement of non-compaction checks.
The registration of movable objects and their callbacks should be
ignored when running non-compaction GCs. Move the GC kind check one
level out.

At the same time, make these registration methods untyped -- the
Allocator interface for heap collections already provide a typed view,
so unnecessary to extend that one more level.


Review-Url: https://codereview.chromium.org/2645873002
Cr-Commit-Position: refs/heads/master@{#444760}
LocalFileSystem::deleteFileSystem() is no longer used.
This method stopped being used when DevTools retired
its FileSystem API support (crbug.com/588817); follow
through and remove the unused implementation.


Review-Url: https://codereview.chromium.org/2640963002
Cr-Commit-Position: refs/heads/master@{#444667}
[LayoutNG] Initial support for multicol, introducing NGBlockBreakToken.
We can now lay out block-level floats and in-flow blocks inside a multicol
container. Note that painting and hit testing doesn't work too well, since
those operations are still performed on the legacy LayoutObject tree, and
there's no way to fragment a LayoutObject.

No attempt has been made at integrating this with out-of-flow positioning or
inline-level layout.

Review-Url: https://codereview.chromium.org/2632523002
Cr-Commit-Position: refs/heads/master@{#444512}
Percent-width blocks cannot form a re-layout boundary.
A block with non-visible overflow can only form a re-layout boundary if both
width and height are fixed.

The block may be inside a shrink-to-fit container (there's no cheap and
reliable way to detect that), so that changes inside it may affect its width.


Review-Url: https://codereview.chromium.org/2643703002
Cr-Commit-Position: refs/heads/master@{#444467}
Split svg/dom/transform-parser.html
This CL splits the mentioned test into two to alleviate the potential
for test timeouts.
The bulk of the test is moved to a JS file, and the js-test dependency
is dropped since the only useful output of this test is the console log
The TestExpectations entry is dropped.


Review-Url: https://codereview.chromium.org/2646503002
Cr-Commit-Position: refs/heads/master@{#444418}
Leave out empty-valued Access-Control-Request-Headers: on preflights.
Following https://github.com/whatwg/fetch/issues/459 , the above
preflight header should not be included if the request following CORS
has no headers to enumerate in a preflight.


Review-Url: https://codereview.chromium.org/2633423003
Cr-Commit-Position: refs/heads/master@{#444303}
Resolve CSS url(...) non-<image> values against the correct base
In an external stylesheet, the url(...) should resolve against the URL of
the stylesheet. We were always resolving against the document base URL,
meaning that 'filter' url(...)'s referencing external files could resolve
to the wrong URL.
Besides this, add a more generic mechanism to determine whether a CSSValue
contains a URL (and hence may need to be re-resolved if it's within an
inline style declaration, and it's context element is moved to a different
Also adjust the <canvas> 'filter' implementation to resolve against the
elements document when applicable.


Review-Url: https://codereview.chromium.org/2625873010
Cr-Commit-Position: refs/heads/master@{#444179}
Split renderer.lib on Windows to avoid files larger than 2GB.
In certain configurations renderer.lib can exceed 2GB in size which is
too much for the 32 bit build tools. Splitting it avoids that problem.


Review-Url: https://codereview.chromium.org/2622583005
Cr-Commit-Position: refs/heads/master@{#444143}
Introduce LayoutObject::AncestorSkipInfo.
This replaces three optional parameters to container() and similar methods.

No behavioral changes intended.

Review-Url: https://codereview.chromium.org/2634493007
Cr-Commit-Position: refs/heads/master@{#444105}
Document::shutdown(): remove unnecessary static_cast<>.

Review-Url: https://codereview.chromium.org/2638883002
Cr-Commit-Position: refs/heads/master@{#444061}
Try to avoid working on zero-height column sets, when possible.
We may end up with an empty column set between two column spanners, if there is
zero-height column content "separating" them.

We typically have no business inside a zero-height column set, since
fragmentation is impossible there. Fragmentation requires a positive
fragmentainer block size to ensure content progression. So keep looking for a
column set that has a height, and use that one instead, as long as its flow
thread start offset is the same as the one we were requested to map to a
column set.


Review-Url: https://codereview.chromium.org/2631013002
Cr-Commit-Position: refs/heads/master@{#443998}
Do not initiate fetch() on a detached FetchManager.

Review-Url: https://codereview.chromium.org/2631153002
Cr-Commit-Position: refs/heads/master@{#443897}
Provide a CSSParserContext to CSSSyntaxDescriptor
Add a CSSParserContext* argument to CSSSyntaxDescriptor::parse to allow
CSSValues to be resolve against a proper parser context, and resolve
relative URLs and other sourcing sensitive data.
Provide parser contexts as available on call-sites, or use the
strictCSSParserContext() if none is available. Move the TODO up the
callstack as needed.


Review-Url: https://codereview.chromium.org/2632083002
Cr-Commit-Position: refs/heads/master@{#443882}
Remove PageVisibilityObserver contextDestroyed() notifications.
PageVisibilityObserver allows a Page's lifetime states to be
observed, but none of the observers need to be notified of Page

Adjust LifecycleNotifier<>::notifyContextDestroyed(), having it
call its corresponding LifecycleObserver's  contextDestroyed()
notification method if the observer implements it, but not require
that it does implement contextDestroyed(). With that in place,
only have the lifecycle observers that need a contextDestroyed()
notification (all but PageVisibilityObserver) declare it.

This allows the removal of all the empty
PageVisibilityObserver::contextDestroyed() overrides.


Review-Url: https://codereview.chromium.org/2634713002
Cr-Commit-Position: refs/heads/master@{#443816}
Fixed google::FindSymbol reading past end of a section
The symbol reading logic of google::FindSymbol was reading symbols in
blocks of N, not accounting for that a section might not have a multiple
of N symbols in it.

This makes it read in blocks of N or the number of symbols remaining,
whichever is smallest.


Review-Url: https://codereview.chromium.org/2566623003
Cr-Commit-Position: refs/heads/master@{#443571}
bluetooth: bluez: Fixed issue with missing notifications after reconnect.

Review-Url: https://codereview.chromium.org/2625013003
Cr-Commit-Position: refs/heads/master@{#443451}
Simplify visitor marking mode tracking.
Move the marking mode to VisitorHelper<>, so that
both Visitor and InlinedGlobalMarkingVisitor can access
and reuse it.

In order to do so, hoist out Visitor::MarkingMode as an
enum class.


Review-Url: https://codereview.chromium.org/2625363002
Cr-Commit-Position: refs/heads/master@{#443444}
Look for favicon URLs (and similar <link>s) in SVG documents
Previously we were only looking for <link>s with icons within <head>,
and since SVG document don't have those, no icons would be found.
Instead, for SVG documents (with a root/document element of <svg>), just
collect all <link> (HTMLLinkElement) elements, regardless of position in
the document, using a pre-order traversal. This appears to match the
behavior of Gecko.


Review-Url: https://codereview.chromium.org/2628873003
Cr-Commit-Position: refs/heads/master@{#443336}
Revert ExtendableMessageEvent same heap verification.
Revert r440390's debug instrumentation of ExtendableMessageEvent.


Review-Url: https://codereview.chromium.org/2623273004
Cr-Commit-Position: refs/heads/master@{#443299}
[LayoutNG] Make NGLayoutInputNode::AlgorithmForInputNode() more readable.
Use early returns and variables to avoid unwanted line breaks in statements.

Review-Url: https://codereview.chromium.org/2631513002
Cr-Commit-Position: refs/heads/master@{#443284}
[LayoutNG] Put #includes in alphabetical order.
Review-Url: https://codereview.chromium.org/2623423003
Cr-Commit-Position: refs/heads/master@{#443279}
Revert "Verify that FetchEvent::m_request holds same-thread reference."
Undo r440475's temporary use of SameThreadCheckedMember<>.


Review-Url: https://codereview.chromium.org/2629613002
Cr-Commit-Position: refs/heads/master@{#443257}
Try to do less work clearing the font-cache in StyleEngine::didDetach.
Clearing the whole font-cache without considering css-connected fonts
could be cheaper. This is a speculative fix for issue 677415.


Review-Url: https://codereview.chromium.org/2622673003
Cr-Commit-Position: refs/heads/master@{#443202}
Add missing url/gurl.h include
Functions declared in this file return GURL by value.


Review-Url: https://codereview.chromium.org/2627883003
Cr-Commit-Position: refs/heads/master@{#443187}
Add test for style 'transform' vs. presentation attribute 'transform'
The former should "win" over the latter.
Fixed by https://codereview.chromium.org/2478233002.


Review-Url: https://codereview.chromium.org/2621153005
Cr-Commit-Position: refs/heads/master@{#442980}
Update svg/wicd/test-rightsizing-b.xhtml Mac expectations
Less stale expectations (DRT format changes.)


Review-Url: https://codereview.chromium.org/2628893002
Cr-Commit-Position: refs/heads/master@{#442935}
Block animation of the SVGScriptElement
'href' should not be animatable for SVGScriptElements, but currently is.
This will "break" animation of 'className' on the same element.


Review-Url: https://codereview.chromium.org/2618323002
Cr-Commit-Position: refs/heads/master@{#442915}
Remove redefinitions of ExceptionCode.

Review-Url: https://codereview.chromium.org/2625053002
Cr-Commit-Position: refs/heads/master@{#442878}
Remove marking visitors' shouldMarkObject().
With per-thread heap handling being fully enabled, checking for any
cross-thread pointer marking (and not doing it), is no longer an issue.

Retire the should-mark predicate.


Review-Url: https://codereview.chromium.org/2617393004
Cr-Commit-Position: refs/heads/master@{#442554}
Drop MSVC pch warning avoidance.
Unable to reproduce the warning with VS2015; let's try to remove this
special case.


Review-Url: https://codereview.chromium.org/2621763002
Cr-Commit-Position: refs/heads/master@{#442368}
Handle repeated and overlapping (re)starts of mock speechrecognizer.

Review-Url: https://codereview.chromium.org/2617113002
Cr-Commit-Position: refs/heads/master@{#442337}
Added trace for scheduleInvalidationsForRuleSets.

Review-Url: https://codereview.chromium.org/2620673002
Cr-Commit-Position: refs/heads/master@{#442332}
Prefer ContextClient mixin over manual ExecutionContext handling.
The ContextClient mixin interface bundles up the safe handling of
references to ExecutionContexts. Prefer using it over keeping explicit
Member<ExecutionContext> references.


Review-Url: https://codereview.chromium.org/2622533002
Cr-Commit-Position: refs/heads/master@{#442250}
avoid GCC content::CacheStorage::kSizeUnknown redeclaration error
../../content/browser/cache_storage/cache_storage.cc:62:29: error: redeclaration 'content::CacheStorage::kSizeUnknown' differs in 'constexpr'


Review-Url: https://codereview.chromium.org/2607983002
Cr-Commit-Position: refs/heads/master@{#442242}
CrossOriginAccessControl: separate access checks and error message generation
The checking and construction of legible error messages can with benefit
be separated, having the security access checks return an error status
which then can be used to generate a suitable error message.

Along with separating the two, switch to using StringBuilders.


Review-Url: https://codereview.chromium.org/2616323002
Cr-Commit-Position: refs/heads/master@{#442236}
Add use_rtti gn arg to enable rtti globally in the build
Some sanitizer configs already enabled rtti, move the logic to the arg
default value to make experimenting easier. Can be useful when dealing
with some asan-instrumented build startup issued that may go away when
rtti is enabled globally, but don't fall into the existing enable-rtti

One example scenario I had was with a shared_library built with both rtti
and exceptions (in a downstream project) causing immediate asan failure
on startup around std::exception typeinfo alignment. Rebuilding with
rtti enabled globally made things work, so it helps if that's possible
with just a gn arg.

Note that targets that need rtti to be not disabled regardless of global
settings (e.g. third party libraries like icu that need rtti to build)
can still remove the //build/config/compiler:no_rtti config and add
//build/config/compiler:rtti in its place; this is unchanged.


Review-Url: https://codereview.chromium.org/2607903002
Cr-Commit-Position: refs/heads/master@{#442227}
Use setNeedsActiveStyleUpdate instead of markTreeScopeDirty.
setNeedsActiveStyleUpdate checks if the document is active before
calling markTreeScopeDirty. This avoids marking shadow root tree scopes
dirty for non-active documents which caused a DCHECK fail in


Review-Url: https://codereview.chromium.org/2611053004
Cr-Commit-Position: refs/heads/master@{#442028}
Enable type_traits fallback for all < gcc 5.0 releases.
Fixes compilation failures with various < gcc-5.0  toolchains lacking
std::is_trivially_copyable<T>. Without it, compile errors like

../../base/template_util.h:189:36: error: no type named 'is_trivially_copyable' in namespace 'std'
using is_trivially_copyable = std::is_trivially_copyable<T>;
../../base/template_util.h:189:57: error: expected ';' after alias declaration
using is_trivially_copyable = std::is_trivially_copyable<T>;
will be encountered.


Review-Url: https://codereview.chromium.org/2612933003
Cr-Commit-Position: refs/heads/master@{#441985}
Use master StyleEngine to evaluate MQ in html imports.
The StyleEngine for html import documents does not have a Frame which
means size media queries will always evaluate to true. We incorrectly
replaced a passed-in master document StyleEngine with the StyleEngine
from the DocumentStyleSheetCollection in https://crrev.com/90d4ea3d
That was wrong for evaluating media queries.


Review-Url: https://codereview.chromium.org/2618803002
Cr-Commit-Position: refs/heads/master@{#441899}
Added layout test for issue 318468.
Check that adding a type selector rule only invalidates elements with
that type.


Review-Url: https://codereview.chromium.org/2615713005
Cr-Commit-Position: refs/heads/master@{#441823}
Revert of Don't post multiple task for executing blocked scripts. (patchset #2 id:20001 of https://codereview.chromium.org/2609763002/ )
Reason for revert:
Regression in test for time to first meaningful paint: https://crbug.com/678584

Original issue's description:
> Don't post multiple task for executing blocked scripts.
> We may post a lot of tasks for executing blocked scripts in the case
> where we insert multiple shadow trees each containing a style element.
> When we start parsing a style element, we mark it as blocking and
> unblock script execution after finishing parsing. Check if the previous
> task is active before posting.
> Found while measuring performance for issue 603621.
> BUG=603621
> Committed: https://crrev.com/26cb3bdcd2a353402b78b716862567226317dff0
> Cr-Commit-Position: refs/heads/master@{#441110}

# Not skipping CQ checks because original CL landed more than 1 days ago.

Review-Url: https://codereview.chromium.org/2617763002
Cr-Commit-Position: refs/heads/master@{#441783}
eventTargetData(): pull (most of) this singleton off-heap.
Diagnose mutation of GCed object by pulling the collection
wrapper off heap also.


Review-Url: https://codereview.chromium.org/2616913002
Cr-Commit-Position: refs/heads/master@{#441668}
Need to clear viewport dependent units when switching print mode.
Switching between print and screen changes the size of the initial
containing block. Viewport dependent lengths need to be recalculated
and the cache for matched properties cleared.

Normally, notifyResizeForViewportUnits() is called from
performPreLayoutTasks when the initial containing block size changes.
That does not happen when laying out for printing and going back to
screen layout. We skip setting m_lastLayoutSize in
sendResizeEventIfNeeded. We probably do that to avoid triggering resize
events going back and forth between the print (preview) size.

Make sure we clear the matched properties cache from StyleResolver when
updating the media type.


Review-Url: https://codereview.chromium.org/2613733003
Cr-Commit-Position: refs/heads/master@{#441642}
Tidy up XMLHttpRequest::endLoading().

Review-Url: https://codereview.chromium.org/2610653002
Cr-Commit-Position: refs/heads/master@{#441618}
bluetooth: bluez: Implement BluetoothRemoteGattCharacteristicBluez::SubscribeToNotifications and UnsubscribeFromNotifications.

Review-Url: https://codereview.chromium.org/2613473002
Cr-Commit-Position: refs/heads/master@{#441456}
Simplify WorkerGlobalScope::m_eventListeners.
Switch to using a 'mere' HashSet<> for these event listeners. Mainly
done to diagnose GC instability, but removing the use of an involved
abstraction like HeapListHashSet<> is something wanted regardless.


Review-Url: https://codereview.chromium.org/2609413002
Cr-Commit-Position: refs/heads/master@{#441364}
Avoid unnecessary updateActiveStyle comparing shadow styles.
Found while checking performance for issue 603621.

Style sharing is done during style recalc at which point we know that
the active style is up-to-date. Instead of using the API for
document.styleSheets, compare active stylesheets in ScopedStyleResolver


Review-Url: https://codereview.chromium.org/2610513003
Cr-Commit-Position: refs/heads/master@{#441357}
Push attributeName handling down into SVGAnimateElement
SVGAnimateElement (and derived classes) is where 'attributeName' has any
meaning. Move setting/updating of the resolved 'attributeName' value
there. This allows setAttributeName to be devirtualized.
Storage is kept at the SVGSMILElement level because of how it's used at
schedule/unschedule time.


Review-Url: https://codereview.chromium.org/2602423002
Cr-Commit-Position: refs/heads/master@{#441356}
Enforce canCopyWithMemcpy constraint over TerminatedArray<T>.

Review-Url: https://codereview.chromium.org/2610113002
Cr-Commit-Position: refs/heads/master@{#441352}
Use ShadowData in DropShadowFilterOperation
This replaces the "open-coded" (and somewhat compacted) version of a
ShadowData structure within DropShadowFilterOperation with an actual
ShadowData. While this makes the structure slightly larger, it allows
for some additional code-reuse - mostly around style resolution. It's
also a first step against more correct handling of the 'currentcolor'
value within the drop-shadow(...) filter function.
There's a slight change in behavior since ShadowData stores the relevant
values as 'float' rather than as 'int' like the "open-coded" version.


Review-Url: https://codereview.chromium.org/2609803002
Cr-Commit-Position: refs/heads/master@{#441351}
Don't post multiple task for executing blocked scripts.
We may post a lot of tasks for executing blocked scripts in the case
where we insert multiple shadow trees each containing a style element.
When we start parsing a style element, we mark it as blocking and
unblock script execution after finishing parsing. Check if the previous
task is active before posting.

Found while measuring performance for issue 603621.


Review-Url: https://codereview.chromium.org/2609763002
Cr-Commit-Position: refs/heads/master@{#441110}
Always adjust container size when tracing HeapVectorBacking contents.

Review-Url: https://codereview.chromium.org/2602363002
Cr-Commit-Position: refs/heads/master@{#441107}
WindowAudioWorklet: gracefully handle detached use.

Review-Url: https://codereview.chromium.org/2607353002
Cr-Commit-Position: refs/heads/master@{#441094}
Add missing HeapCompact DCHECK().

Review-Url: https://codereview.chromium.org/2604403002
Cr-Commit-Position: refs/heads/master@{#441072}
No longer clean out main thread's heap for LSan's benefit.
The extra GCing that cleanupMainThread() appears to be redundant, as
LSan will have performed leak detection prior to the main thread shutting


Review-Url: https://codereview.chromium.org/2604413002
Cr-Commit-Position: refs/heads/master@{#441068}
Retire speechrecognition-restart-onend.html leak expectation.
No longer reported as leaking.


Review-Url: https://codereview.chromium.org/2603273002
Cr-Commit-Position: refs/heads/master@{#441066}
WorkerGlobalScope: verify same-heap event listeners.
To help narrow down failures during tracing of a WorkerGlobalScope's
event listeners, verify that the listeners added belong to the
same heap as the WorkerGlobalScope itself.


Review-Url: https://codereview.chromium.org/2608113002
Cr-Commit-Position: refs/heads/master@{#441058}
Remove ThreadState::callThreadShutdownHooks() declaration.
No longer provided and used.


Review-Url: https://codereview.chromium.org/2608933002
Cr-Commit-Position: refs/heads/master@{#441041}
Fix for building with ancient toolchain
At Opera we test our SDK on an old MIPS device with a
peculiar toolchain. To be able to compile ImageDocument.o,
we need to call std::round(), not just round().


Review-Url: https://codereview.chromium.org/2548783002
Cr-Commit-Position: refs/heads/master@{#440950}
PaymentApp: Implement nativeGetAllAppManifests
This change connects the ServiceWorkerPaymentAppBridge to the service
worker payment app code in content/browser/payments. This allows
installed service worker payment apps to show up in the Payment Request

I also replace "String scopeUrl" with "long registrationId" as the
identifier for service worker payment apps.

This code is protected by the kServiceWorkerPaymentApps feature flag.


Review-Url: https://codereview.chromium.org/2586213002
Cr-Commit-Position: refs/heads/master@{#440746}
Remove SVGAnimateElement::hasValidAttributeType
Incorporate said method into its only caller - hasValidTarget - and
override that one in SVGAnimateTransformElement instead.
Also fold animatedPropertyType() into hasValidTarget and get rid of
hasInvalidCSSAttributeType() in favor of "naked" access to the
underlying boolean flag.


Review-Url: https://codereview.chromium.org/2599853003
Cr-Commit-Position: refs/heads/master@{#440716}
Remove unwanted declaration of storage for NeedsAdjustAndMark<>.
This rolls back the change made in


We shouldn't have to do this if the class type has been fully
instantiated and "used". Traits used to direct compilation won't run
into this (as the expression will clearly have to be evaluated at
compile-time), but gtest usage of traits may end up evaluating their
predicate expressions in compiled code, thus requiring that the trait
has been instantiated in the compilation unit already. Declaring one
for all uses of NeedsAdjustAndMark<> is too strong, and isn't needed
really (now) -- retire, but avoid running into the issue for the
corresponding unit test.


Review-Url: https://codereview.chromium.org/2599643004
Cr-Commit-Position: refs/heads/master@{#440618}
Fold SVGAnimatedTypeAnimator into SVGAnimateElement
This folds the functionality of SVGAnimatedTypeAnimator, mostly
verbatim, into SVGAnimateElement. Some methods are renamed, and a new
interface is defined, which allows <animateTransform> to be more
isolated from the rest of the <animate> implementation.
SVGAnimateElement::m_animatedProperty is renamed to m_animatedValue, and
SVGAnimatedTypeAnimator::m_animatedProperty is renamed to
Dial down or remove some asserts in favor of other asserts.


Review-Url: https://codereview.chromium.org/2595393002
Cr-Commit-Position: refs/heads/master@{#440613}
Reschedule sibling invalidations as descendant on removal.
When removing elements we schedule sibling invalidations based on
element attributes and state as descendant invalidations when
necessary. However, that didn't work correctly if we removed an
attribute and then removed the element before the sibling invalidation
for the attribute was effectuated.

For instance, if you remove a class affecting succeeding siblings
through selectors, we schedule an invalidation set for that change, but
it will be cleared right after if we remove the element (see the added

Instead we reschedule sibling invalidations on the parent node before
the invalidations for the removed element are cleared.


Review-Url: https://codereview.chromium.org/2592423002
Cr-Commit-Position: refs/heads/master@{#440598}
Verify that FetchEvent::m_request holds same-thread reference.
To diagnose instability seen during GCs of FetchEvents, instrument
the m_request member, checking that we only create event object containing
references to Requests that reside in the current thread's heap.


Review-Url: https://codereview.chromium.org/2594423002
Cr-Commit-Position: refs/heads/master@{#440475}
Make use of ContextClient in modules/speech/
Switch to reusing ContextClient rather than have SpeechSynthesis{Utterance}
explicitly hold ExecutionContext member references.


Review-Url: https://codereview.chromium.org/2595323002
Cr-Commit-Position: refs/heads/master@{#440432}
Update TODO(s) in SVGTransform.idl
Update SVGMatrix vs. DOMMatrix{,ReadOnly} references to match


Review-Url: https://codereview.chromium.org/2599753002
Cr-Commit-Position: refs/heads/master@{#440400}
Verify that ExtendableMessageEvent's message ports reside on the same heap
To potentially help diagnose a GC crash (see associated bug), verify
that ExtendableMessageEvent's MessagePortArray and MessagePorts belong
to the same thread heap as the event object.


Review-Url: https://codereview.chromium.org/2589333005
Cr-Commit-Position: refs/heads/master@{#440390}
Clamp rgba(...) alpha value in the CSS fast-path parser
The general CSS parser will clamp the alpha value to the [0, 1] range,
while the fast-path parser does not. This means that large alpha values
will result in overflow in the cast to int, yielding the wrong color
Add a clamp to the [0, 1] range before converting to the [0, 256) range
and converting to int. Because negative values are handled separately,
we only need to apply the clamp for the range above zero.


Review-Url: https://codereview.chromium.org/2588293004
Cr-Commit-Position: refs/heads/master@{#440374}
Introduce ThreadState::isOnThreadHeap() helper predicate.
Simple helper to make testing for on-thread-heap conditions easier.


Review-Url: https://codereview.chromium.org/2599533002
Cr-Commit-Position: refs/heads/master@{#440370}
Even empty block intervals should be associated with a fragmentainer.
We need to visit the fragmentainer that a block lives in even if said block has
zero height. If we find a column set, don't perform initial bounds checking.


Review-Url: https://codereview.chromium.org/2597633002
Cr-Commit-Position: refs/heads/master@{#440361}
Improve separation between "SMIL times" and timestamps
The 'elapsed' time does not need to be a SMILTime in general - it can
only be non-finite in the case where the document is not active, and
then the timeline should not be running/animations updated.
Thread the double value further from SMILTimeContainer down into
SVGSMILElement. Simplify some computations.


Review-Url: https://codereview.chromium.org/2592103002
Cr-Commit-Position: refs/heads/master@{#440171}
fix mojom bindings generator exception error message
Followup to https://codereview.chromium.org/2171033002

Review-Url: https://codereview.chromium.org/2591123003
Cr-Commit-Position: refs/heads/master@{#440142}
SameThreadCheckedMember<>: verify same-thread usage of heap references.
In debug builds, Member<> checks that the heap references stored resides
in a heap belonging to the same thread as the Member<> itself. The check
carries some overhead, hence it is not enabled outside of checked builds.

In order to be able to diagnose and catch code that incorrectly stores
heap pointers belonging to other threads in a Member<>, add the
SameThreadCheckedMember<> variant of Member<>. A drop-in replacement
for Member<> that can be used to selectively diagnose.


Review-Url: https://codereview.chromium.org/2592063002
Cr-Commit-Position: refs/heads/master@{#440117}
Use double precision in SVGLengthContext::convertValueToUserUnits
This method does a bunch of <float> * <double> operations, which tickles
UBSANs float-overflow warning when the result is stored back into the
float (single precision) local variable.
We clamp the result to a narrow enough range already at the end (and
hence won't see any effects of the overflow, at least assuming IEEE754),
but might as well use a double precision local variable, since that
actually seems to save a few instructions while also avoiding the
overflowing conversion.


Review-Url: https://codereview.chromium.org/2591663003
Cr-Commit-Position: refs/heads/master@{#440056}
Clear active tree scopes on StyleEngine::didDetach().
clearResolver() is not only called on didDetach(). Make it private and
name it clearResolvers to reflect that it clears scoped resolvers as
well. The comments related to style resolver reconstructruction is
removed as that does not happen anymore.

Clearing m_treeBoundaryCrossingScopes is moved into didDetach()
which was a more natural place.

Clear active and dirty tree scopes in didDetach to not unnecessarily
hang on to any memory associated with them.

These changes were done investigating issue 675533, but won't
necessarily fix anything for that issue.


Review-Url: https://codereview.chromium.org/2593643002
Cr-Commit-Position: refs/heads/master@{#439973}
Clear CSSGlobalRuleSet on StyleEngine::didDetach().
This could free up memory sooner. Found while investigating 675533, but
not confirmed that this fixes that issue.


Review-Url: https://codereview.chromium.org/2589243002
Cr-Commit-Position: refs/heads/master@{#439935}
Need to be inside the flow thread before converting a visual point.
Before we can convert from a visual point to a flow thread point, we need the
input point to be exactly relative to the flow thread, or we might end up
mapping it to the wrong column.

In other words, we need to add the flow thread object's location before
converting into the flow thread coordinate space. While the flow thread indeed
is at 0,0 (or at least close enough to 0,0) relatively to the multicol
container in very many cases, this isn't true when the multicol container is in
rtl writing-mode, or when it's scrollable, or even when the multicol container
has borders and/or padding.


Review-Url: https://codereview.chromium.org/2593633002
Cr-Commit-Position: refs/heads/master@{#439855}
Disallow heap objects containing unsafe on-heap iterators.
Do not allow BlinkGC managed objects to include unsafe iterators of
other heap objects; that is, do not allow them to keep iterator
part objects as fields.

These iterators contain untraced references, which is in general
unsafe practice and breaks the general rule that all heap references
must be known to the GC infrastructure, and be marked and traced

This applies to all heap collection iterators but HeapListHashSet<>'s,
which can be safely traced. It is also the only collection iterator
which is kept as a field of an on-heap object (CSSSegmentedFontFace.)


Review-Url: https://codereview.chromium.org/2588943002
Cr-Commit-Position: refs/heads/master@{#439784}
Don't update global ruleset when active style is dirty.
CSSGlobalRuleSet should always be collected as part of the active style
update. RuleSets may have been cleared from StyleSheetContents as a
result of media query changes for instance.

For the given issue, we tried to limit to a global ruleset when lazy-
loading fullscreen UA style, but as part of going fullscreen we had
already cleared rule sets for stylesheets with media queries due to the
media feature change.


Review-Url: https://codereview.chromium.org/2590793003
Cr-Commit-Position: refs/heads/master@{#439781}
Make column snapping optional when translating to flow thread coordinates.
positionForPoint() wants this, but mapAncestorToLocal() requires that no
special behavior be applied.

While this CL doesn't fix bug 663062, it is a prerequisite for fixing it
without breaking existing tests (MulticolWithAbsPosNotContained in
MapCoordinatesTest unit test).


Review-Url: https://codereview.chromium.org/2590463002
Cr-Commit-Position: refs/heads/master@{#439758}
Tracing HeapListHashSet<> iterators.
The HeapListHashSet<> iterators keep a pair of heap references, which
really should be traced like any other such reference during GCs. This
isn't unsafe for the stack allocated uses of these iterators, but one
Blink object (CSSSegmentedFontFace) keeps an iterator as a field on the
heap, we really have to trace these on-heap part object iterators.

Add the needed infrastructure and use it for CSSSegmentedFontFace.


Review-Url: https://codereview.chromium.org/2583363002
Cr-Commit-Position: refs/heads/master@{#439748}
Removed expected Trusty dbg failure after fix.

Review-Url: https://codereview.chromium.org/2586393002
Cr-Commit-Position: refs/heads/master@{#439723}
Stricter float-to-int conversion in SVGIntegerOptionalInteger
SVGIntegerOptionalInteger parses values as floats but stores them as
integers. Add helpers to avoid issues with overflow and to make this
conversion the same way in all places it's needed.
The "normal" parsing code would truncate the float value while the parsing
code for animation values would round. Make them both use truncation (and the
avoid duplicating the code.)


Review-Url: https://codereview.chromium.org/2590433002
Cr-Commit-Position: refs/heads/master@{#439533}
Use a stricter limit for the exponent range in genericParseNumber
The exponent was being checked against numeric_limits<...>::max_exponent
which is the power-of-two limit. Use max_exponent10 instead. Also make
sure to apply any exponent sign prior to the range check so that
min_exponent10 can be used as the lower bound. This means computing the
base number before checking for/parsing the exponent part. This could
be slower in some cases, but reasonably only when an error is
encountered. Also, scientific notation should be fairly scarce to begin

Also move declarations of local variables closer to their first use (and
in the inner-most scope possible.) Unravel the handling of/accumulation
into 'frac' when computing the decimal part.


Review-Url: https://codereview.chromium.org/2588023002
Cr-Commit-Position: refs/heads/master@{#439522}
Get rid of @font-face resource leak.
Clear the StyleEngine of css connected fonts on detach().

This used to be saved by an active stylesheet update, it seems. With
the new active stylesheet update this is done more selectively and it
might have been done when document going inactive before. Clearing the
font cache on detach fixes the leak issues in css3/fonts.


Review-Url: https://codereview.chromium.org/2582413002
Cr-Commit-Position: refs/heads/master@{#439510}
Fixed flaky fullscreen video test.
The media controls are (at least sometimes) painted twice. The second
time after figuring out how many buttons fit into the available width.
At least one of the fullscreen tests were flaky because the first paint
was dumped instead of the second one. Adding a layoutAndPaintAsyncThen
in the full-screen-test.js framework seems to fix the issue.

Although the issue was filed after landing changes for issue 567021,
the flakiness is also seen locally without those changes running the
test with --repeat-each=30 in debug.


Review-Url: https://codereview.chromium.org/2586243002
Cr-Commit-Position: refs/heads/master@{#439483}
Clamp radii in FEMorphology::createImageFilter
Sk{Dilate,Erode}ImageFilter::Make take the radii as integers (int), so
make sure to convert the float FEMorphology stores avoiding overflow.


Review-Url: https://codereview.chromium.org/2585233002
Cr-Commit-Position: refs/heads/master@{#439474}
Fix HTML parser CDATA edge-case and sync state names with spec
When encountering a sequence of ']]]' at the end of a CDATA section, we
should only buffer one ']' (the first one) and "remember" the other two.

The states exists in the spec[1][2][3] nowadays, so sync the names and remove
the comment about the states not being in the spec.

Fixes two subtests of wpt/html/syntax/parsing/html5lib_tests21.html.

[1] https://html.spec.whatwg.org/multipage/syntax.html#cdata-section-state
[2] https://html.spec.whatwg.org/multipage/syntax.html#cdata-section-bracket-state
[3] https://html.spec.whatwg.org/multipage/syntax.html#cdata-section-end-state


Review-Url: https://codereview.chromium.org/2576373002
Cr-Commit-Position: refs/heads/master@{#439396}
Removed resolverChanged().
This method was now empty and has been replaced by asynchronous active
stylesheet update in updateActiveStyleSheets().


Review-Url: https://codereview.chromium.org/2559613002
Cr-Commit-Position: refs/heads/master@{#439142}
Setting preferred stylesheet simplified.
With active stylesheets being applied asynchronously, we no longer need
to avoid the synchronous stylesheet update during link processing. We
can just mark the treeScope dirty to trigger the preferred set to be
updated as part of updateActiveStyleSheets().


Review-Url: https://codereview.chromium.org/2552353003
Cr-Commit-Position: refs/heads/master@{#439115}
Remove unused lazyAppend from StyleResolver.
Active stylesheet update is now asynchronous and handled from


Review-Url: https://codereview.chromium.org/2557773004
Cr-Commit-Position: refs/heads/master@{#439102}
Removed unused StyleSheetInvalidationAnalysis class.

Review-Url: https://codereview.chromium.org/2546343006
Cr-Commit-Position: refs/heads/master@{#439097}
Remove ensureResolver before invalidation set scheduling.
ensureResolver() used to make sure the invalidation sets were up-to-
date with the currently active stylesheets. This is no longer necessary
as ruleset invalidation of changes in active stylesheets will make sure
changes are applied correctly.


Review-Url: https://codereview.chromium.org/2555083002
Cr-Commit-Position: refs/heads/master@{#439096}
Reland: Collect active stylesheets and and apply asynchronously.
This CL enables asynchronously updating the lists of active stylesheets
applying any style changes using rule set invalidations. This means we
more often avoid full style recalcs when we add or remove stylesheets
from the document as well as when the evaluation of media queries

In general, we now alway compare new and old stylesheets by comparing
their rulesets and schedule style invalidations for removed and added

When media queries changes, we used to give completely in and
recalculate all style once we discovered a media query changed its
evaluation. With this patch, we clear rule sets for sheets which
contain media queries which means we will invalidate rules for the sets
before and after the query change. This can be further refined by only
clearing rule sets when the sheets has a media query which actually did
change evaluation, and also just schedule invalidations for rules which
are inside @media rules.

TreeScopeStyleSheetCollectionTest.cpp is removed as it is replaced by
ActiveStyleSheetsTest.cpp which landed earlier.

updateActiveStyle() has been added a few places where
ensureStyleResolver() previously caused active stylesheets to be up-to-
date. ensureStyleResolver() is now merely a method which creates the
StyleResolver if necessary and returns it.

There are some cleanups and code removal which needs to be done after
this CL, but I have left those out to make this CL as small as
possible. For instance resolverChanged(), which synchronously updated
the active stylesheets, has an empty implementation instead of
including a lot of removals in this CL. The code for lazy-appending
stylesheets in StyleResolver is still there, but not in use.


Committed: https://crrev.com/9fb5b60edfb769134733009f9447bad3eaf347b0
Review-Url: https://codereview.chromium.org/2557533005
Cr-Original-Commit-Position: refs/heads/master@{#438148}
Cr-Commit-Position: refs/heads/master@{#439092}
Merge setTimeout calls with same timeout for webfont tests.
Landing async stylesheet update caused a regression in font-display
tests. The values "fallback" and "optional" block display for 100ms
according to the spec. The tests had a setTimeout call to trigger font
loading and a setTimeout call to trigger notifyDone() to render before
100ms has passed with the same timeout value. However, the timer for
allowing fallback display triggers before the notifyDone triggers in
Debug builds on Mac. Calling notifyDone from the same setTimeout
callback as triggering font loading.

The intention of the test is to trigger the screen dump when 0s has
passed, so this should be OK. I have not identified what exactly changed
with the async stylesheet patch and why the timeout methods are
interleaved with the timeout for enabling fallback rendering.

Removing one of the other tests or one of the font-display values from
the test array also makes the "fallback" and "optional" start passing
without this change, so there is clearly a timing issue here.


Review-Url: https://codereview.chromium.org/2584473002
Cr-Commit-Position: refs/heads/master@{#439026}
ActiveScriptWrappable: GC wrappers in detached ExecutionContexts.
Blink objects that implement (Active)ScriptWrappable have the ability
to keep their corresponding v8 wrapper object alive across GCs by
overriding and implementing ScriptWrappable::hasPendingActivity().

Once an ExecutionContext has become detached, we no longer want to
retain wrappers belonging to it, as that will lead to memory leaks.
With full bi-directional tracing of references across the v8 and Blink
heaps, it is possible to make the lifetime of objects "more accurate",
but not keeping a wrapper alive once in a detached setting, has proven
to work out well in practice.

Consequently, a ScriptWrappable in a detached ExecutionContext should
not be retained, even if hasPendingActivity() return |true|. That is,
we should simply ignore hasPendingActivity()'s result, freeing the
implementations of it from having to take care of this 'detached'

This behavior is already provided by the 'standard' Blink wrapper
visitors that v8 invokes during GC, but not with wrapper tracing,
which is what this CL brings.

It does so by extending ActiveScriptWrappable with a predicate for
checking if the object's ExecutionContext has signalled destruction.

(The natural(?) way to express that is to parameterize ActiveScriptWrappable<>
over the class that implements the interface. This makes for a CL
with a larger footprint.)

R=haraken, mlippautz

Review-Url: https://codereview.chromium.org/2577053002
Cr-Commit-Position: refs/heads/master@{#438967}
Ignore minimum font-size for SVG text
In some circumstances, the minimum font-size would be applied to the
"scaled font", messing up rendering. Because of how the font is scaled,
this would trigger much less than one might expect.
Change the useSmartMinimumForFontSize argument to the
FontSize::getComputedSizeFromSpecifiedSize function to be about entirely
ignoring the minimum font-sizes (this function only has two callsites.)
Refactor LayoutSVGInlineText::computeNewScaledFontForStyle a bit to deal
with this new flow. Also always keep the "original" font when we compute
a scale factor of 0 - it should be invisible regardless.


Review-Url: https://codereview.chromium.org/2575863002
Cr-Commit-Position: refs/heads/master@{#438794}
Signal no pending activity in destructed contexts.
Various hasPendingActivity() overrides weren't taking the state of the
ExecutionContext into account, only considering if event listeners were
registered. We're not interested in holding onto a script environment
after an execution context has been destroyed, so adjust the predicates
to return false if the ExecutionContext has been destructed.

The V8GCController wrapper visitors already check if hasPendingActivity()
implementations incorrectly return |true| when used inside of destroyed
ExecutionContexts, but that check is not handled by trace wrappers


Review-Url: https://codereview.chromium.org/2571193002
Cr-Commit-Position: refs/heads/master@{#438787}
Make LayoutSVGViewportContainer -> SVGSVGElement association obvious
This LayoutObject type is only used for non-outermost SVGSVGElements, so
no need to do runtime checks of the type.

Review-Url: https://codereview.chromium.org/2570293002
Cr-Commit-Position: refs/heads/master@{#438532}
Remove unused SVGTextMetrics constructor
Review-Url: https://codereview.chromium.org/2565173007
Cr-Commit-Position: refs/heads/master@{#438523}
Eagerly dispose of ScheduledActions (reland.)
The DOMTimer's ScheduledAction hold on to the script source and
state needed to execute the timer action. Let go of ShceduledAction's
resource early.

Apart from reducing the lifetime of script source, this is a speculative
fix for crashes reported in v8::PersistentValueVector::Clear() during
lazy sweeping of ScheduledAction objects.


Committed: https://crrev.com/11bd50343795ed1dc1977da91e9a1588687522fd
Review-Url: https://codereview.chromium.org/2552673002
Cr-Original-Commit-Position: refs/heads/master@{#436298}
Cr-Commit-Position: refs/heads/master@{#438503}
Only the first layout pass needs to go deep when pagination state changes.
Since we now re-use the LayoutState object in multipass layout (caused by
either fragmentation or the PaintLayerScrollableArea::FreezeScrollbarsScope
mechanism), we need to notify the LayoutState object when we have performed the
necessary deep layout pass, so that not all subsequent passes also go deep


Review-Url: https://codereview.chromium.org/2570643002
Cr-Commit-Position: refs/heads/master@{#438353}
PaymentApp: Implement the JNI bridge
Add two native methods to ServiceWorkerPaymentAppBridge, and implement
them in service_worker_payment_app_bridge.cc. The two methods are
GetAllAppManifests and InvokePaymentApp. At the moment, they are just
stubs, although GetAllAppManifest contains a bit of code, mainly
for illustration and to avoid compile errors for unused @CalledFromNative
methods in ServiceWorkerPaymentAppBridge.


Review-Url: https://codereview.chromium.org/2556753002
Cr-Commit-Position: refs/heads/master@{#438269}
Remove PreFinalizer{Callback} type aliases from view.
Internal types, no good reason to expose these to the outside.


Review-Url: https://codereview.chromium.org/2573783002
Cr-Commit-Position: refs/heads/master@{#438170}
Collect active stylesheets and and apply asynchronously.
This CL enables asynchronously updating the lists of active stylesheets
applying any style changes using rule set invalidations. This means we
more often avoid full style recalcs when we add or remove stylesheets
from the document as well as when the evaluation of media queries

In general, we now alway compare new and old stylesheets by comparing
their rulesets and schedule style invalidations for removed and added

When media queries changes, we used to give completely in and
recalculate all style once we discovered a media query changed its
evaluation. With this patch, we clear rule sets for sheets which
contain media queries which means we will invalidate rules for the sets
before and after the query change. This can be further refined by only
clearing rule sets when the sheets has a media query which actually did
change evaluation, and also just schedule invalidations for rules which
are inside @media rules.

TreeScopeStyleSheetCollectionTest.cpp is removed as it is replaced by
ActiveStyleSheetsTest.cpp which landed earlier.

updateActiveStyle() has been added a few places where
ensureStyleResolver() previously caused active stylesheets to be up-to-
date. ensureStyleResolver() is now merely a method which creates the
StyleResolver if necessary and returns it.

There are some cleanups and code removal which needs to be done after
this CL, but I have left those out to make this CL as small as
possible. For instance resolverChanged(), which synchronously updated
the active stylesheets, has an empty implementation instead of
including a lot of removals in this CL. The code for lazy-appending
stylesheets in StyleResolver is still there, but not in use.


Review-Url: https://codereview.chromium.org/2557533005
Cr-Commit-Position: refs/heads/master@{#438148}
Roll third_party/icu from 73e24736 to 9cd28287

One change in the range: deprecation warning suppresion for non-clang.


Review-Url: https://codereview.chromium.org/2575433002
Cr-Commit-Position: refs/heads/master@{#438139}
Retire ThreadState::registerPreFinalizer<T>()
The registration of the finalization callback now happens under-the-hood
and automatically.


Review-Url: https://codereview.chromium.org/2570463005
Cr-Commit-Position: refs/heads/master@{#438136}
Simple BlinkGC heap compaction.
This implements heap compaction for the Blink GC infrastructure
(Oilpan), compacting the arenas of the BlinkGC heap which are most
susceptible to becoming fragmented during actual use.

Fragmentation is a real problem and a growing one while browsing anything
but static pages: the amount of unused, but allocated, memory is
fluctuating higher over time.

To avoid leaving increasing amounts of unused holes in our heaps,
heap compaction will periodically squeeze out the unused portions,
packing together the live objects. The heap pages that are then
left as unused, are subsequently released and returned to the OS.

Due to a fortunate property of Blink heap collection types, providing
such compaction is within relatively easy reach. Experiments show that
the arenas which hold such collection objects ("backing stores") are
the ones that develop fragmentation the most & persistently. While not
a complete heap compactor of all Blink GC arenas, it addresses the
fragmentation problem where it is most pressing. More can be done, later.

Explainer / design document:



Review-Url: https://codereview.chromium.org/2531973002
Cr-Commit-Position: refs/heads/master@{#438125}
Remove SVGCursorElement
This allows significant cleanup of CSSCursorImageValue, so do that too.




Review-Url: https://codereview.chromium.org/2522443002
Cr-Commit-Position: refs/heads/master@{#438116}
Implicit prefinalizer registration.
Switch to implicit registration of prefinalizers along with removing
the ability to dynamically unregister a prefinalizer; the latter
being an unused feature.

The requirement to manually register a prefinalizer has proven to be
a chore and a source of bugs. Case in point: HTMLCanvasElement
currently declares a prefinalizer, but doesn't register it. Simplify
the programming model by automatically registering prefinalizers.


Review-Url: https://codereview.chromium.org/2565983002
Cr-Commit-Position: refs/heads/master@{#438110}
Avoid conditional Animation prefinalizers.
Recast the conditionally-eager finalization of Animation objects - only
needed if the Animation object has a CompositorAnimationPlayer attached -
wrapping instead the player object inside an eagerly-finalized object.

By doing so, we remove the need to support explicit prefinalizer


Review-Url: https://codereview.chromium.org/2570503002
Cr-Commit-Position: refs/heads/master@{#438089}
Use hash set instead of vector for changed RuleSets.
That way, we don't have to consider the same RuleSet multiple times for
invalidation on active stylesheet update. This fixes a regression in
PerformanceTests/CSS/StyleSheetInsert.html which would have been
introduced by https://codereview.chromium.org/2557533005

This works because the same style element source text used multiple
times will make us use the same StyleSheetContents from the cache and
hence the same RuleSet for all 50 sheets added in that test. It's a bit
like cheating, but this will also make sure we don't invalidate for the
same RuleSet twice if we re-order stylesheets by removing/inserting a
style element where the CSSStyleSheet pointer will be different, but
the RuleSet stays the same.


Review-Url: https://codereview.chromium.org/2569733003
Cr-Commit-Position: refs/heads/master@{#438062}
Disable layout optimization when column height may be non-uniform.
We have no way of telling what changes beyond the first column break, so if we
cannot guarantee that the column height *is* and *was* non-uniform, we need to
re-lay out children that may stretch into the unknown.

Review-Url: https://codereview.chromium.org/2562273003
Cr-Commit-Position: refs/heads/master@{#437928}
Perform "zoom compensation" for 'transform' on <svg:text>
SVGElement::calculateTransform would not compensate for effective zoom
on 'transform' for SVG <text> elements.
Refactor the code a bit so that the different parameter configurations
are selected first, and then use the same code for both <text> and non-
<text>. This makes sure that effective zoom is factored into the
computed transform for <text> as well.


Review-Url: https://codereview.chromium.org/2565403002
Cr-Commit-Position: refs/heads/master@{#437927}
Revert of Eagerly dispose of ScheduledActions. (patchset #2 id:20001 of https://codereview.chromium.org/2552673002/ )
Reason for revert:
Speculative revert for reported perf decrease on system_health.memory_mobile, https://crbug.com/672098

Original issue's description:
> Eagerly dispose of ScheduledActions.
> The DOMTimer's ScheduledAction hold on to the script source and
> state needed to execute the timer action. Let go of ShceduledAction's
> resource early.
> Apart from reducing the lifetime of script source, this is a speculative
> fix for crashes reported in v8::PersistentValueVector::Clear() during
> lazy sweeping of ScheduledAction objects.
> R=
> BUG=
> Committed: https://crrev.com/11bd50343795ed1dc1977da91e9a1588687522fd
> Cr-Commit-Position: refs/heads/master@{#436298}

# Not skipping CQ checks because original CL landed more than 1 days ago.

Review-Url: https://codereview.chromium.org/2568103002
Cr-Commit-Position: refs/heads/master@{#437889}
PaymentApp: Make the PaymentAppFactory asynchronous
The code for fetching and filtering payment instruments in
PaymentRequestImpl is asynchronous anyway, so this change is not too
intrusive. The main thing is to insert an extra asynchronous step to
populate the mApps list before payment instrument filtering starts.

If we want to take this further, a good next step would be to start
showing apps as they are discovered, instead of waiting until we have
received all the payment apps. It would also be a good thing to
refactor some of this functionality out of the PaymentRequestImpl, as
it is growing quite complex.

Other changes that went into this commit:

* Change the PaymentAppFactory into a singleton, rather than being a
  holder class for static functions.

* Extend the AdditionalPaymentFactory functionality, so that the
  PaymentAppFactory can have many additional factories. This lets us
  make the ServiceWorkerPaymentAppBridge an additional factory, and
  normalize the relationship between the two classes.

* Add two unit tests for testing delayed payment app creation.


Review-Url: https://codereview.chromium.org/2559153002
Cr-Commit-Position: refs/heads/master@{#437843}
Simple BlinkGC heap compaction.
This implements heap compaction for the Blink GC infrastructure
(Oilpan), compacting the arenas of the BlinkGC heap which are most
susceptible to becoming fragmented during actual use.

Fragmentation is a real problem and a growing one while browsing anything
but static pages: the amount of unused, but allocated, memory is
fluctuating higher over time.

To avoid leaving increasing amounts of unused holes in our heaps,
heap compaction will periodically squeeze out the unused portions,
packing together the live objects. The heap pages that are then
left as unused, are subsequently released and returned to the OS.

Due to a fortunate property of Blink heap collection types, providing
such compaction is within relatively easy reach. Experiments show that
the arenas which hold such collection objects ("backing stores") are
the ones that develop fragmentation the most & persistently. While not
a complete heap compactor of all Blink GC arenas, it addresses the
fragmentation problem where it is most pressing. More can be done, later.

Explainer / design document:



Review-Url: https://codereview.chromium.org/2531973002
Cr-Commit-Position: refs/heads/master@{#437829}
Strength-reduce the "scale-factor changed" condition in LayoutSVGRoot
Spend some cycles examining the difference between the old and new
local-to-border-box transforms, and only signal scale-factor changes
if that part of the transform changed.
This also means that we now detect changes scale that we previously
didn't (like [1].)

[1] paint/invalidation/svg/absolute-sized-content-with-resources.xhtml


Review-Url: https://codereview.chromium.org/2559123003
Cr-Commit-Position: refs/heads/master@{#437767}
Rebaseline paint/invalidation/resize-iframe-text.html for Mac.

Review-Url: https://codereview.chromium.org/2557743008
Cr-Commit-Position: refs/heads/master@{#437567}
ImageResource: remove unnecessary vector copying during iteration.
Iterations that don't update the underlying collection, can be done


Review-Url: https://codereview.chromium.org/2555103004
Cr-Commit-Position: refs/heads/master@{#437482}
Hopefully deflake some tests, by preloading the Ahem font.

Review-Url: https://codereview.chromium.org/2560073002
Cr-Commit-Position: refs/heads/master@{#437423}
Missing style invalidation for :in-range and :out-of-range.
Added pseudoStateChanged calls for those pseudos where we already did
so for :valid and :invalid.


Review-Url: https://codereview.chromium.org/2556423002
Cr-Commit-Position: refs/heads/master@{#437415}
Fix path search-replace mistakes (?) that prevented resources from being loaded.
This was introduced in https://codereview.chromium.org/2321183002

Review-Url: https://codereview.chromium.org/2558263002
Cr-Commit-Position: refs/heads/master@{#437365}
Unify "contributes to" and "requires mask" for clip-path child iteration
Since contributesToClip(...) and requiresMask(...) have a lot of overlap,
refactor them into a new (set of) function(s) that return an enumeration
based on the requirements for the element in question.

Review-Url: https://codereview.chromium.org/2563613002
Cr-Commit-Position: refs/heads/master@{#437248}
Let LayoutBlockFlow::removeFloatingObject take LayoutUnit instead of int.
Review-Url: https://codereview.chromium.org/2559443002
Cr-Commit-Position: refs/heads/master@{#437221}
[LayoutNG] Remove unnecessary #includes

Review-Url: https://codereview.chromium.org/2561553002
Cr-Commit-Position: refs/heads/master@{#437217}
Make sure media query results are re-collected.
When media attributes change on style elements, we need to re-append
all sheets in the scope in order to collect the viewport and device
dependent media results correctly. This already done forced by the
FullStyleUpdate in parseAttribute, but we want to minimize the changes
here with async style update and ruleset based invalidations by marking
the treeScope dirty, and if nothing changed, invalidate no style.

However, we need to re-add global rule data, or at least the media
query results.

Example: say that we have a window width of 800px below. After the
media attribute has been changed, we don't need to recalculate any
styles, but we need to make sure we detect style changes crossing the
width of 2000px instead of 1000px.

<style media="(min-width: 1000px)"> ... </style>

  styleElement.setAttribute("media", "(min-width: 2000px");


Review-Url: https://codereview.chromium.org/2554193002
Cr-Commit-Position: refs/heads/master@{#437213}
Make setNeedsActiveStyleUpdate mark treescope dirty only.
Pass the treeScope instead of a stylesheet pointer and remove the
synchronous resolverChanged() call. Instead add the resolveChanged()
calls where currently necessary and mark them for removal.

This makes the setNeedsActiveStyleUpdate implementation like what we
want to end up with [1]. I've done it this way to make the following
CLs easier to review.

Also, setNeedsActiveStyleUpdate calls are removed where we call
removeStyleSheetCandidateNode() since that method already marks the
tree-scope dirty.

[1] https://codereview.chromium.org/1913833002/


Review-Url: https://codereview.chromium.org/2546393002
Cr-Commit-Position: refs/heads/master@{#437212}
Mark correct tree-scope dirty removing link in shadow.
Noticed while working on 567021, StyleElement found the correct
tree-scope in from of a shadow root when applicable while
HTMLLinkElement would just use the document. This is what kept us from
being able to use AnalyzedStyleUpdate for removedFrom() for link


Review-Url: https://codereview.chromium.org/2554873002
Cr-Commit-Position: refs/heads/master@{#437210}
Better isPageLogicalHeightKnown() implementation.
Need to consult the flow thread, if we have one. We may run into situations
where fragmentainer groups in the first column set have got their height
calculated, while later column sets still haven't calculated it [1]. So
checking if flow thread offset 0 is in a fragmentainer of known height isn't
good enough.

Also moved the implementation from LayoutBlock to LayoutBox, since it's pretty
coincidental that we currently don't need this particular method outside of

[1] LayoutMultiColumnSet::recalculateColumnHeight() may reset the column
heights if it detects that the column set has been moved since previous layout


Review-Url: https://codereview.chromium.org/2553133002
Cr-Commit-Position: refs/heads/master@{#437063}
Don't check 'visibility' in LayoutSVGResourceMasker
Since 'visibility' does not work in the same way as 'display', it's not
possible to "prune" subtrees based on non-'visible' values of the
property. Remove the check from the two methods that use it, and leave
to lower levels to handle it.


Review-Url: https://codereview.chromium.org/2558793002
Cr-Commit-Position: refs/heads/master@{#436996}
Don't allow <use> <text> references in clip-path fast-path
The fast-path can't handle <text>, but a <use> referencing <text> was
not properly checked resulting in an incorrect clip.
Make the requiresMask(...) helper handle <use> elements and check the
referenced element.


Review-Url: https://codereview.chromium.org/2560773002
Cr-Commit-Position: refs/heads/master@{#436941}
Use correct document for notifying of inserted import.
Notify the root document to update active stylesheets. If the import
child contains stylesheets, the StyleEngine for the import document
will be notified correctly.

Added a couple of sanity DCHECKs.


Review-Url: https://codereview.chromium.org/2551973003
Cr-Commit-Position: refs/heads/master@{#436887}
Never position a float after it has been placed.
When a float is marked as "placed" (which happens in
LayoutBlockFlow::placeNewFloats()), it means that it has been added to a float
interval tree. It is not allowed to move a float afterwards (unless we remove
and re-insert the floats somehow, e.g. by re-laying out its containing block).
Otherwise, the interval tree may get out of sync with reality, and we may fail
to find the reference to a FloatingObject in the interval tree when deleting a
FloatingObject, so that we end up deleting the FloatingObject, but not the
reference to it in the interval tree (which will remain there, pointing to a
now dead object).

This could happen when LayoutBlockFlow::removeFloatingObjectsBelow() was called
during pagination. We sometimes need to re-lay out a line because the line or
floats next to the line get pushed to the next fragmentainer. As part of that,
we also need to get rid of the floats that we thought would sit beside the
line, and re-position them.


Review-Url: https://codereview.chromium.org/2553923003
Cr-Commit-Position: refs/heads/master@{#436776}
Rework SVGViewSpec<->SVGSVGElement integration
This turns SVGViewSpec into a more independent component, by moving
parsing (case) logic into it, and changing adding an accessor interface
on SVGSVGElement that allows access to, and handles invalidation of the
SVGSVGElement's view properties.

The m_useCurrentView is done away with, and instead the code just checks
if there's an SVGViewSpec attached. Naturally this also means that care
needs to be taken to "detach" the old SVGViewSpec when needed.

Review-Url: https://codereview.chromium.org/2552513002
Cr-Commit-Position: refs/heads/master@{#436704}
Unify predicates for elements "contributing" to a <clipPath>
LayoutSVGResourceClipper has four loops that iterate the child elements
that contribute to the clip path. They are however all subtly different.

To remedy this and make it more obvious that the same set of elements
are iterated, add a helper contributesToClip(...) that handles the
checking of if an element is considered to be contributing to the clip
path or not. This yields four loops with a very similar structure.

Also move path-extraction to a helper, use helpers from Traversal<...>
for basic iteration, drop LayoutObject/ComputedStyle related checks
from the SVGUseElement helper (now handled elsewhere) and hoist the
PaintInfo out of the loop in createContentPicture since it is invariant.

Review-Url: https://codereview.chromium.org/2560513002
Cr-Commit-Position: refs/heads/master@{#436703}
Don't fail clip-paths with empty bounds
An empty nested clip-path should result in an empty clip-path (clipping
away everything.)


Review-Url: https://codereview.chromium.org/2555483003
Cr-Commit-Position: refs/heads/master@{#436605}
Properly simulate self-closing tags when in "foreign content" mode
When background parsing, a tag that "opens" foreign content mode and had
the "self-closing" flag set (<svg/> and <math/>), would place the
simulator in foreign content mode without a chance to get out of it.
Run the "end tag" steps in this case too, to properly balance the
namespace stack.


Review-Url: https://codereview.chromium.org/2546373002
Cr-Commit-Position: refs/heads/master@{#436569}
Refactor layoutBlock() and layoutBlockFlow(). Happens to fix bugs.
Move what only needs to be done once into layoutBlock(). Rename
layoutBlockFlow() to layoutChildren(). Establish LayoutState once, and compare
with the actual previous height to properly detect height changes.

This fixes two issues with the PaintLayerScrollableArea::FreezeScrollbarsScope
mechanism. Tests added.

1. We used to push LayoutState for the same object twice when freezing
scrollbars, which confused the fragmentation machinery.

2. We failed to detect height changes when freezing scrollbars, because we were
unable to compare against the original height (we compared against the height
we had when entering the second layout pass, rather than comparing against the
one we had when entering the first layout pass). We might therefore end up
skipping necessary re-layout of absolutely positioned descendants.


Review-Url: https://codereview.chromium.org/2553833002
Cr-Commit-Position: refs/heads/master@{#436414}
Disallow off-heap containers containing raw on-heap pointers.

Review-Url: https://codereview.chromium.org/2553673002
Cr-Commit-Position: refs/heads/master@{#436351}
Eagerly dispose of ScheduledActions.
The DOMTimer's ScheduledAction hold on to the script source and
state needed to execute the timer action. Let go of ShceduledAction's
resource early.

Apart from reducing the lifetime of script source, this is a speculative
fix for crashes reported in v8::PersistentValueVector::Clear() during
lazy sweeping of ScheduledAction objects.


Review-Url: https://codereview.chromium.org/2552673002
Cr-Commit-Position: refs/heads/master@{#436298}
PaymentApp: Add classes for supporting Web Based Payment Apps
This adds an application class, an instrument class and a skeleton
bridging class which can later be implemented to communicate with the
service worker class in C++.

The app factory class has been extended to create instances of the new
web based payment apps in addition to the existing autofill payment app.


Review-Url: https://codereview.chromium.org/2526293003
Cr-Commit-Position: refs/heads/master@{#436274}
Fix Firefox bookmarks import.
Firefox abandoned usage of the moz_bookmarks_roots table since v. 30 and
removed the table in v. 31 in favor of storing relevant info in the
'guid' column of the moz_bookmarks table.


Review-Url: https://codereview.chromium.org/2296633002
Cr-Commit-Position: refs/heads/master@{#436262}
Schedule layout tree update for dirty tree scopes.
In preparation for async stylesheet update, schedule a layout tree
update when marking tree scopes dirty for active style sheets. This is
necessary to trigger a beginFrame which will in turn call
updateActiveStyle as part of the lifecycle update.


Review-Url: https://codereview.chromium.org/2547883002
Cr-Commit-Position: refs/heads/master@{#436248}
Correctly re-collect active style for html imports.
- Need to re-collect active stylesheets when inserting already cached
  import documents.

- Missing markDocumentDirty() when inserting import documents.

- Added test for missing coverage of the need for marking for re-
  collection from HTMLImportChild::ownerInserted().

The fact that we need to recollect sheets in the document scope and
recalculate style for the whole document is not a perf regression, this
is how it used to be before considering the async stylesheet update
with ruleset invalidations, but ideally we would like to do better.
It's unlikely a common use case as html imports are typically loaded in
head as script and rendering blocking.


Review-Url: https://codereview.chromium.org/2551473002
Cr-Commit-Position: refs/heads/master@{#436238}
Complete layout even if a block needs relayout due to widows or column balancing.
We cannot just abort in the middle of layoutBlockFlow() when we detect that we
need another layout pass (due to new column height or because we want an
earlier break to satisfy the widows requirement). We might miss our only
opportunity to detect size changes that way, and thus skip necessary layout and
repositioning of absolutely positioned descendants.


Review-Url: https://codereview.chromium.org/2471623003
Cr-Commit-Position: refs/heads/master@{#436192}
Drop SVGElement::accessDocumentSVGExtensions()
This method has a single user into which it can be folded without any
issues. The comment in the method seem to no longer apply.

Also drop an unused friend declaration while at it.

Review-Url: https://codereview.chromium.org/2548573003
Cr-Commit-Position: refs/heads/master@{#436051}
Returned MediaQuerySet should be const.
The MediaQuerySet is never modified outside the class. We don't have
any evidence that this fixes the mentioned issue though.


Review-Url: https://codereview.chromium.org/2547713003
Cr-Commit-Position: refs/heads/master@{#436031}
Don't include ComputedStyle.h where not needed.
This reduces the dependency on ComputedStyle.h from more than 2000 compilation
units to less than 1000.

Review-Url: https://codereview.chromium.org/2539363003
Cr-Commit-Position: refs/heads/master@{#435928}
Don't include CachedUAStyle.h from StyleResolver.h
Eliminates another 40+ compilation unit dependencies on ComputedStyle.h

Review-Url: https://codereview.chromium.org/2545953003
Cr-Commit-Position: refs/heads/master@{#435925}
Make updateStyleInvalidationIfNeeded() private.
It is not invoked outside of Document.

This is split out of the larger CL for 567021.


Review-Url: https://codereview.chromium.org/2537863006
Cr-Commit-Position: refs/heads/master@{#435922}
Remove MediaQuerySet:createOffMainThread.
The implementation is identical to MediaQuerySet::create.
Removed old cruft from the unit test from when we had two media query
parsing implementation.


Review-Url: https://codereview.chromium.org/2545663005
Cr-Commit-Position: refs/heads/master@{#435920}
Margins that start at fragmentainer boundaries should be collapsed away.
This only applies if the fragmentainer break is unforced. If it's forced, the
margin is to be preserved.
See https://drafts.csswg.org/css-break/#break-margins

Get rid of LayoutBlock::nextPageLogicalTop(), since nobody calls it anymore.


Review-Url: https://codereview.chromium.org/2542723002
Cr-Commit-Position: refs/heads/master@{#435917}
Avoid repeating ourselves in SVGAnimatedEnumerationBase::setBaseVal
After performing the range checks on the value, we can call our "generic"
setBaseVal and avoid repeating this code-sequence.

Review-Url: https://codereview.chromium.org/2548533003
Cr-Commit-Position: refs/heads/master@{#435715}
Only communicate CSSPrimitiveValue references from SVGLength
Make asCSSPrimitiveValue() return a reference to a CSSPrimitiveValue,
rather than a pointer. The CSSPrimitiveValue contained in the SVGLength
can/should never be null.
Add a helper to SVGAnimatedLength to cut down on some boilerplate for
accessing the current CSSValue.

Review-Url: https://codereview.chromium.org/2549563002
Cr-Commit-Position: refs/heads/master@{#435688}
Neuter the "screen scale factor" computation for SVG <text>
This removes the PaintLayer-factor and DSF from the "screen scale factor",
leaving only the transform to the <svg> root and the "content transform" (used
by <pattern>, <mask> and <clipPath>.)


Review-Url: https://codereview.chromium.org/2492013004
Cr-Commit-Position: refs/heads/master@{#435599}
PaymentApp: Allow multiple payment method names for one instrument.
This changes the name and signature of the
PaymentInstrument.getInstrumentMethodName method to:

    Set<String> getInstrumentMethodNames()

This is to match the "enabledMethods" field in the PaymentAppOption
dictionary in the Payment Apps specification, which is defined to be a
sequence of strings.

See: https://w3c.github.io/webpayments-payment-apps-api/#payment-app-options

I also change the name of PaymentInstrument.getInstrumentDetails to
"invokePayment" in order to convey better that this is where the payment
method specific stuff happens. For a Web Based Payment App, this method
is an appropriate point to launch the payment request event into the
service worker.


Review-Url: https://codereview.chromium.org/2530793002
Cr-Commit-Position: refs/heads/master@{#435587}
Cleanup after removal of the SVGViewSpec interface
With DOM requirements gone, we can turn this into something a bit simpler.
Remove the SVGFitToViewBox inheritance in favor of direct references to
the relevant objects. Similarly drop/unwrap the SVGAnimatedTransformList.

The above gets rid of the only users of SVGAnimatedProperty::setReadOnly
and associated state, as well as the corresponding state in the tear-off.

Also drop an unused methods from SVGSVGElement and rename currentView()
to ensureViewSpec(), making it private in the process.

Review-Url: https://codereview.chromium.org/2537223006
Cr-Commit-Position: refs/heads/master@{#435485}
Introduce resetLayout(), to offload layoutBlockFlow().
Review-Url: https://codereview.chromium.org/2529423003
Cr-Commit-Position: refs/heads/master@{#435471}
Avoid rogue line float re-layout.
We cannot just lay out an object without setting its position first. That would
confuse the fragmenation machinery. Fortunately, it's not even necessary to lay
out here. Changed the comment, as an attempt to explain why.


Review-Url: https://codereview.chromium.org/2539813002
Cr-Commit-Position: refs/heads/master@{#435442}
Remove android build dir nesting restriction
It appears that android builds no longer have to be nested exactly two
levels under //. A build with one level works, so the assert in gn is
no longer helpful.


Review-Url: https://codereview.chromium.org/2544493002
Cr-Commit-Position: refs/heads/master@{#435410}
CSSSelectorWatch: avoid unnecessary hash table lookups.
Review-Url: https://codereview.chromium.org/2541853002
Cr-Commit-Position: refs/heads/master@{#435361}
Rename 'interface' parameter
It conflicts with define from combaseapi.h from Windows SDK.


Review-Url: https://codereview.chromium.org/2524733003
Cr-Commit-Position: refs/heads/master@{#435169}
Use the right point for marker orientation when closing a subpath
Path::apply doesn't pass a point along for the PathElementCloseSubpath
command. This would yield the wrong orientation on the last marker-mid
on the path (see crbug.com/633012#c1 for an example.)
Use m_subpathStart where needed instead.


Review-Url: https://codereview.chromium.org/2539763002
Cr-Commit-Position: refs/heads/master@{#434988}
Cleanup SVGMarkerData::updateFromPathElement
Make the updateFromPathElement "closure" a simple thunk-style function,
to make it a little less unwieldy. Also pass PathElement& rather than


Review-Url: https://codereview.chromium.org/2540513005
Cr-Commit-Position: refs/heads/master@{#434987}
[LayoutNG] Correct inline size for children of multicol containers.
This will lay out multicol containers in one single tall column, without any
support for fragmentation or column balancing.

Also had to disable creation of the anonymous LayoutMultiColumnFlowThread child
of multicol containers, since that's not going to be used in LayoutNG.

The algorithm for calculating the used values of column-width and column-count
can be found here: https://drafts.csswg.org/css-multicol-1/#pseudo-algorithm

Review-Url: https://codereview.chromium.org/2528203002
Cr-Commit-Position: refs/heads/master@{#434971}
Position a float before laying it out.
We'll no longer perform inaccurate layout from insertFloatingObject(), but
defer all layout to positionAndLayoutFloat(). We need to do this correctly
everywhere. One crucial thing is also to pay attention to the resulting
pagination strut before the float, if any. There's only one place where we do
this, and that's in positionAndLayoutFloat().

At most call sites, insertFloatingObject() is followed by a call to
placeNewFloats(), which will call positionAndLayoutFloat(). There are
exceptions to this in line layout, though. In some cases we just insert floats
without laying them out and placing them. This happens when we need to figure
out the height of the current line before we can place floats below it. In
order to figure out if a float fits on the current line, though, we first need
to lay it out without marking it as placed.

We lacked some test coverage, so I added
float-pushed-to-next-fragmentainer-by-floats.html . This also passed prior to
this CL, but I nearly broke it while working on this.


Review-Url: https://codereview.chromium.org/2532573003
Cr-Commit-Position: refs/heads/master@{#434969}
[LayoutNG] No need to search for inline children inside a block-children block.
Also type-check that we're dealing with a LayoutBlockFlow before casting.

Review-Url: https://codereview.chromium.org/2527393002
Cr-Commit-Position: refs/heads/master@{#434968}
No longer store page logical height in LayoutState.
That height may not be uniform throughout the entire fragmentation context
anyway, so it's not reliable to do it like this. For multicol, the value was
only used as a flag (0=unknown height, 1=known height).

Move calculation of available column height to LayoutMultiColumnFlowThread. It
no longer needs to live in LayoutBlockFlow.

Review-Url: https://codereview.chromium.org/2529073002
Cr-Commit-Position: refs/heads/master@{#434965}
Update svg/wicd/test-rightsizing-b.xhtml expectations
Attempt to compensate for some recent changes to DRT output. Also try
to get some more "correct" reference images.


Review-Url: https://codereview.chromium.org/2537083003
Cr-Commit-Position: refs/heads/master@{#434962}
Introduce markAllTreeScopesDirty.
When we need to recollect active stylesheets for all scopes, have an
explicit markAllTreeScopesDirty method instead of relying on
FullStyleUpdate which will go away for async active stylesheet updates.

This CL does not contain functional changes.


Review-Url: https://codereview.chromium.org/2534863002
Cr-Commit-Position: refs/heads/master@{#434940}
Make 'transform' a presentation attribute on SVG elements
This makes 'transform', 'gradientTransform' and 'patternTransform'
presentation attributes on SVGGraphicsElements, SVGGradientElements
and SVGPatternElements respectively.



Salvaged from https://codereview.chromium.org/423093014, but takes a
different approach to bridge the syntax gap and avoid crbug.com/577219.

The strategy taken here is to use the SVGTransformList to generate a
CSSValue for the presentation attribute style, and hence postponing
both support for the full transform syntax and a way around the bug
mentioned above. Essentially softening the blow. These two "features"
are expected to be implemented eventually, so this is just a "first


Review-Url: https://codereview.chromium.org/2478233002
Cr-Commit-Position: refs/heads/master@{#434934}
Fix speech-synthesis-speak-multiple.html flakiness.
Follow up on r420711 (crbug.com/589632) and adjust the expected lower
bound on ".elapsedTime" to also include zero for 'start' events.


Review-Url: https://codereview.chromium.org/2540623002
Cr-Commit-Position: refs/heads/master@{#434931}
Handle overlapping uses of MockWebSpeechRecognizer.
More than one speech recognition object may exist at the same time,
all sharing a single MockWebSpeechRecognizer underneath when
running layout tests.

Overlapping uses of speech recognizer objects weren't something
the mock object was designed to gracefully handle, hence fuzzer
inputs would leave the mock object in an invalid state and crash,
when they attempted to do so.

Rather than try to ignore and prevent overlapping uses from going
ahed, we extend MockWebSpeechRecognizer with support for handling
them, queueing recognizer context switching tasks that will run
upon completion of the currently ongoing sequence of tasks that
a speech recognizer object expects.


Review-Url: https://codereview.chromium.org/2525933002
Cr-Commit-Position: refs/heads/master@{#434777}
Rework the "rules for parsing dimension values" implementation
This CL reworks the current implementation of the "rules for parsing
dimension values" [1] (HTMLElement::addHTMLLengthToStyle) into a
separate function and moves it to HTMLDimension.{cpp,h}.
In general, behavior deviating from the specced version is kept with the
following exceptions:

 * Allow all of the "space characters" [2], rather than just U+0020.

 * Cases with multiple full stops (ex: "1.2.3") now parse the same as
   "1.2" rather than failing.

Comments are added where the implementation is known to deviate from the

This also makes it possible to avoid calling into the CSS parser for
actual parsing, which should reduce the amount of special-cases needed
there. This requires a mechanism for disallowing percentage values
though, to properly handle 'cellspacing' on <table>.

[1] https://html.spec.whatwg.org/multipage/infrastructure.html#rules-for-parsing-dimension-values
[2] https://html.spec.whatwg.org/multipage/infrastructure.html#space-character


Review-Url: https://codereview.chromium.org/2528673003
Cr-Commit-Position: refs/heads/master@{#434678}
[LayoutNG] Remove all mentions of NGBox and NGInlineBox.
It's called NGBlockNode and NGInlineNode now.

Also removed an old TODO about common base class for NGBlockNode and
NGInlineNode. They do have a common base class now.

Review-Url: https://codereview.chromium.org/2530083003
Cr-Commit-Position: refs/heads/master@{#434630}
Remove spurious Ctrl+Y character from paint invalidation test.
This caused the test to fail for me, when run locally.

Review-Url: https://codereview.chromium.org/2529843002
Cr-Commit-Position: refs/heads/master@{#434579}
[LayoutNG] Simplify NGBox::CanUseNewLayout().
Review-Url: https://codereview.chromium.org/2535533002
Cr-Commit-Position: refs/heads/master@{#434555}
[LayoutNG] Typos in ComputeMinAndMaxContentSizes() documentation.
Review-Url: https://codereview.chromium.org/2526223004
Cr-Commit-Position: refs/heads/master@{#434525}
[LayoutNG] Unit tests for MinAndMaxContentSizes::ShrinkToFit().
Also DCHECK in the implementation that max_content isn't less than min_content.

Review-Url: https://codereview.chromium.org/2528433006
Cr-Commit-Position: refs/heads/master@{#434458}
Check for styleResolver() in preparation for async style update.
Currently, active stylesheets are appended to ScopedStyleResolver
through the StyleResolver. When we move to async stylesheet update with
ActiveStyleSheets being appended from StyleEngine, styleResolver() is
typically null the first time we update the active stylesheets.

Add a null check before accessing styleResolver() when adding
@font-face rules.


Review-Url: https://codereview.chromium.org/2522423002
Cr-Commit-Position: refs/heads/master@{#434437}
Set the inline position of floats a bit later.
No need to do it so early, since nobody cares about its position at this point.
This means that there's also no need to update it after having been pushed down
by pagination. As long as we set it before positioning subsequent floats or
other types of content, we're good.

Also store margins as local variables. No huge gain, apart from prettier code
with fewer breaks.

No behavior changes intended.

Review-Url: https://codereview.chromium.org/2511283003
Cr-Commit-Position: refs/heads/master@{#434388}
Move MediaQueryResults to RuleFeatureSet.
The existing code only cleared the query results on the StyleResolver
when the StyleResolver was cleared. That meant we could end up in a
situation where the result list was ever-growing. That wasn't a big
issue in practice as the StyleResolver would be cleared quite often on
stylesheet changes. However, that will change when the RuleSet based
style invalidation is enabled.

We move the media query results to RuleFeatureSet so that:

- Results for @media rules are stored in RuleFeatureSet instead of
- Results for media attributes are stored in the ScopedStyleResolver
  when added instead of appending them directly to StyleResolver.
- Accumulated results for all scopes are stored in CSSGlobalRuleSet
  on StyleEngine instead of StyleResolver and are accumulated with
  other rule features in ScopedStyleResolver::collectFeaturesTo().

This CL introduces StyleEngine::ruleSetForSheet() for evaluating the
media attribute of the stylesheet node and create the RuleSet if the
media attribute matches. That way we are able to make the
MediaQueryEvaluator private to StyleEngine. Also, this method is
required when we start using ActiveStyleSheets.


Review-Url: https://codereview.chromium.org/2528633003
Cr-Commit-Position: refs/heads/master@{#434383}
Force adding sheets and recalc for html import re-ordering.
When we remove an import link and re-insert it into the document, the
import Document and CSSStyleSheet pointers are persisted. That means the
comparison of active stylesheets is not able to figure out that the
order of the stylesheets have changed after insertion.

We fall back to re-add all sheets to the scoped resolver and recalculate
style for the whole document if we remove an import in case it is re-
inserted into the document. The assumption is that removing html imports
is very rare.

For re-ordering of link rel=stylesheet the CSSStyleSheet object is
cleared on removal and recreated on insertion. Since the active
stylesheet list keeps references to CSSStyleSheet, CSSStyleSheet
pointers will not be re-used.


Review-Url: https://codereview.chromium.org/2519393002
Cr-Commit-Position: refs/heads/master@{#434374}
Check explicitly for style invalidation/recalc in @font-face test.
needsLayoutTreeUpdate will return true for needing to update the global
ruleset for async style update. Even if the test only tries to add a
@font-face rule, we unconditionally recollect the CSSGlobalRuleSet when
stylesheets are added or removed.

Instead check that adding a @font-face rule in a shadow tree does not
cause style invalidation or recalc.


Review-Url: https://codereview.chromium.org/2520263002
Cr-Commit-Position: refs/heads/master@{#434367}
Adjust VideoRendererAlgorithm for |frame_dropping_disabled_|
This makes video frame hashing in tests immune to timing variations that
are inherent in the rendering algorithm.

TEST=media_unittests pass, new unit test VideoRendererAlgorithmTest.EffectiveFramesQueuedWithoutFrameDropping

Review-Url: https://codereview.chromium.org/2502093002
Cr-Commit-Position: refs/heads/master@{#434350}
EDisplay enum class: Rename [Inline]Box to Webkit[Inline]Box.
The "box" and "inline-box" values (or rather: "-webkit-box" and
"-webkit-inline-box") for "display" are for an early-stage version of the
flexbox spec, which the web embraced before the flexbox spec got around to
going CR (which uses the values "flex" and "inline-flex" instead).

Furthermore: Having both EDisplay::InlineBox enum value and the InlineBox class
(in Source/core/layout/line/InlineBox.h) confuses the symbol lookup in gdb,
which causes a ~40 seconds freeze [1] when working on something that involves the
InlineBox class.

[1] For component builds with gdb_index set to true in gn


Review-Url: https://codereview.chromium.org/2524903003
Cr-Commit-Position: refs/heads/master@{#434316}
No need to force relayout of children when page logical height changes.
Also removed an ignored out-parameter hasSpecifiedPageLogicalHeight from

Review-Url: https://codereview.chromium.org/2509323005
Cr-Commit-Position: refs/heads/master@{#434290}
Move MediaQueryEvaluator from StyleResolver to StyleEngine.
The plan is to move active stylesheet update and viewport/device-
dependent media query results from StyleResolver to StyleEngine which
means it makes sense to move the MediaQueryEvaluator there as well.
That means that the StyleResolver will temporarily ask the StyleEngine
for the evaluator when needed.

See https://codereview.chromium.org/1913833002/ for planned changes.


Review-Url: https://codereview.chromium.org/2521063005
Cr-Commit-Position: refs/heads/master@{#434144}
Apply the font scale factor when generating stroke geometry for <text>
Because of the special font scale factor applied to <svg:text> to bring
it into a pseudo "host" transform, the stroke geometry would end up
being generated in/relative to the wrong coordinate space.
Apply the same scale to dash-related properties as was previously
applied to stroke-width.


Review-Url: https://codereview.chromium.org/2513343005
Cr-Commit-Position: refs/heads/master@{#434135}
Make auto-scrollbar shrink-to-fit test more evil.
Be sure to have laid out before making style changes.

Review-Url: https://codereview.chromium.org/2521193002
Cr-Commit-Position: refs/heads/master@{#434128}
invalidateColumnSets() doesn't need to mark anything for layout.
Review-Url: https://codereview.chromium.org/2522453003
Cr-Commit-Position: refs/heads/master@{#433952}
Add test for line float that removes a tall unbreakable block child.
Review-Url: https://codereview.chromium.org/2521963002
Cr-Commit-Position: refs/heads/master@{#433910}
Move stuff from layoutBlockFlow() into new method addOverhangingFloatsFromChildren().
+ some cleanup in the vicinity.

Review-Url: https://codereview.chromium.org/2515303003
Cr-Commit-Position: refs/heads/master@{#433886}
Drop finalization for ElementShadows.
The empty destructor serves no purpose now, so let it go.


Review-Url: https://codereview.chromium.org/2485373003
Cr-Commit-Position: refs/heads/master@{#433844}
XMLHttpRequest.abort(): follow spec wrt readyState transitions.
readyState is now only set to UNSENT if abort() is called on an object
with readyState in a DONE state.


Review-Url: https://codereview.chromium.org/2517173002
Cr-Commit-Position: refs/heads/master@{#433840}
Enable precompiled headers for Blink on Windows.
One reason Blink is slow to compile is that there is a lot of code
included in every compilation unit. This is partly because everything
depends on either LayoutObject.h or Document.h and those in turn
include huge portions of the rest of Blink.

By precompiling LayoutObject.h and Document.h, the compilation of
core/ and modules/ in Blink can be considerably reduced;
some numbers:

@ r433149       config      build (mins)  size (Kb)
master:         Debug       149:30        9410487
master:         Release     176:16        6118938

opera-pch[2]:   Debug       134:59        9337121
opera-pch[2]:   Release     160:42        6110812

opera-pch[3]:   Debug        93:06        8935714
opera-pch[3]:   Release     108:34        5029242

This for a clean build of target 'blink_tests', i.e., building
both chromium and blink parts. The gains are all local to Blink,
clearly. Host is an i7-3770 (4 phys cores); 32G + 256 SSD -
Win7 Pro.

The precompiled header file is judiciously (and forcefully) included
while compiling the core/ + web/ (and some of modules/) sources. Except
for some name disambiguation trivia when compiling the XPath grammar,
no source changes are needed to make this work out.

Note that distributed compilation system disables precompiled headers
globally so this will *not* make trybots faster. But many developers
don't have access to such super powers.

This already landed[1] in the gyp/VS2013 world some time ago but
unclear & unexplained bot failures caused a revert. Now with gn and
VS2015 the world should be a better place. This CL actually takes over
where [2] got stuck / ran out of time, extending its scope quite
considerably (i.e., 40 mins faster builds wrt the above pch numbers.)

[1] https://codereview.chromium.org/1167523007/
[2] https://codereview.chromium.org/2152783002/
[3] this CL.

Note sheriffs: should unexplained Windows build errors surface on the bots,
similar to the ones seen in crbug.com/511945, then please consider this CL a suspect.
This was with GYP and earlier MSVC toolchains; we have no reason to believe the problem
was fixed with GN and MSVC2015, we're just hoping for the best.


Review-Url: https://codereview.chromium.org/2520863002
Cr-Commit-Position: refs/heads/master@{#433832}
Repaint SVG subtree on viewport changes (resize)
When the (outermost) <svg> is sized using percentages, and an ancestor
changes size, the LayoutSVGRoot will be marked for layout (even though
the dimension/initial viewport changes.)
Since changed dimensions can imply a new scale factor (for instance from
interactions with a viewBox) or previously clipped content being
exposed, we need to issue paint invalidations for the entire SVG.


Review-Url: https://codereview.chromium.org/2511353002
Cr-Commit-Position: refs/heads/master@{#433622}
HashTable: bring per-table stats tracking back to life.
Recording per-hash table stats (DUMP_HASHTABLE_STATS_PER_TABLE)
broke with the introduction of Oilpan, as the feature depended
on finalizable HashTable<>s, something Oilpan heap hash tables
are not.

If the hash table resides on the Oilpan heap, arrange for the
stats object to also reside there.

While here, also unify the handling of global HashTable stats
recording and the per-table representation.


Review-Url: https://codereview.chromium.org/2511983003
Cr-Commit-Position: refs/heads/master@{#433494}
DOMMatrix: add missing propagation of exceptions.

Review-Url: https://codereview.chromium.org/2514453005
Cr-Commit-Position: refs/heads/master@{#433449}
Force re-layout of a float when we just became unfragmented.
We need to re-lay out a float if we cease to be fragmented, in order to remove
any pagination struts that may previously have been set inside.

This is an addition to https://codereview.chromium.org/2454083002 , which fixed
something similar for regular in-flow blocks.

Review-Url: https://codereview.chromium.org/2512163002
Cr-Commit-Position: refs/heads/master@{#433221}
If an object's containing block is in a flow thread, so is the object.
Remove harmful condition in LayoutState that the object not be out-of-flow.

Boring details:

In simplified layout of an absolutely positioned object inside a multicol
container we'd fail to realize that we were paginated, and therefore wouldn't
insert pagination struts. This was only problematic for simplified layout. In
normal non-simplified layout, we'd pass a non-zero page logical height to
LayoutState() when entering the flow thread, and, even if the LayoutState of
the absolutely positioned descendant would have no flow thread associated with
it, it would still become m_paginated, thanks to the non-zero page logical
height. Which was enough to get the machinery to insert struts.


Review-Url: https://codereview.chromium.org/2516463003
Cr-Commit-Position: refs/heads/master@{#433220}
Improve strut handling in initial column balancing pass.
Only use the pagination strut from the first object or line (in each parallel
flow [1]) that we find at a page break. When we need to break before some
content, we may end up setting the pagination strut on some ancestor of said
content, rather than on the content (layout object or line box). This happens
when there's no break opportunity (class A, B or C break point [2]) before the
content that doesn't fit in its current fragmentainer (there's no break
opportunity before the first line in a block, for instance). In such cases we
need to propagate the strut to some ancestor that comes after a valid break
opportunity. In such situations, there'll be severeal layout objects or line
boxes that start at the exact top of the next fragmentainer. Only the first
object in layout tree order will have the strut. Subsequent objects (children,
typically) or lines that also are flush with the top of the fragmentainer will
have a strut of 0. We shouldn't overwrite the actual strut with 0, or we risk
overstretching the columns. At each break we need to know the exact amount of
space that was "wasted" because of the break, and subtract it, in order to
calculate a minimal column height.

[1] https://www.w3.org/TR/css-break-3/#parallel-flows
[2] https://www.w3.org/TR/css-break-3/#possible-breaks

We also need to make sure that we associate breaks with the right column when
balancing, i.e. the former column, not the latter. This distinction matters if
the pagination strut is 0 and we're at the exact top/bottom of some column.

This CL also enables using specified column height even when balancing a
multicol container. It may be that the final column height will actually be the
same as the specified height, which means that if we set it right away, we
might be able to eliminate a subsequent layout pass [1]. Almost more importantly,
doing this will exercise code in the column balancer that was previously only
used when balancing inside nested multicol. This in turn means that it will
become less cumbersome to write tests for this code, and hopefully more
difficult for bugs to hide in there as well.

[1] LayoutTests/paint/invalidation/column-rules-fixed-height.html no longer
requires the contents of the multicol container to be relaid out when
column-rule changes.

Review-Url: https://codereview.chromium.org/2509813004
Cr-Commit-Position: refs/heads/master@{#433166}
XMLHttpRequest: check if 'loadstart' handler cancelled send().
'loadstart' is dispatched to both 'download' and upload event handlers
while initiating a send() operation. Should those event handlers cause
the ongoing send operation to be aborted/stopped/cancelled, this outer
send() operation shouldn't proceed upon return.


Review-Url: https://codereview.chromium.org/2507773002
Cr-Commit-Position: refs/heads/master@{#433157}
isPageLogicalHeightKnown() doesn't need a parameter.
If page logical height is (un)known, it's (un)known throughout the entire
fragmentation context, so location doesn't matter.

Review-Url: https://codereview.chromium.org/2514573002
Cr-Commit-Position: refs/heads/master@{#433145}
Introduce adjustFloatLogicalTopForPagination(), to offload positionAndLayoutFloat().
Also renamed a variable from childBox to child in positionAndLayoutFloat().


Review-Url: https://codereview.chromium.org/2513643002
Cr-Commit-Position: refs/heads/master@{#433143}
Rename positionNewFloats() to placeNewFloats().
This will distinguish it better from the method named "positionAndLayoutFloat".

Also be explicit about the fact that we use the top margin edge when
positioning floats, as opposed to the top border edge, which is common for all
other object types. So "logicalTop" usually means the logical top of the border
edge. Therefore, use "logicalTopMarginEdge" for floats.

No behavioral changes, just cleanup.


Review-Url: https://codereview.chromium.org/2505943003
Cr-Commit-Position: refs/heads/master@{#432895}
Let lowestFloatLogicalBottom() take EClear instead of FloatingObject::Type
Review-Url: https://codereview.chromium.org/2505853004
Cr-Commit-Position: refs/heads/master@{#432801}
DOMParser: handle use from contexts without an "active document".
Handle detached uses of parseFromString(), where there is no context
document to inherit the security origin from.

Relevant spec reference,



Review-Url: https://codereview.chromium.org/2509813002
Cr-Commit-Position: refs/heads/master@{#432782}
No forced active stylesheet recollect when pending sheets reach 0.
We forced a FullStyleUpdate which causes an active stylesheet update
for all tree scopes in the presence of placeholder style. What we need
to do for placeholder style is to trigger a full style recalc. For
instance, we don't need to update active stylesheets in shadow trees
if the last blocking resource that finishes loading is a document scope
stylesheet or import.


Review-Url: https://codereview.chromium.org/2500923002
Cr-Commit-Position: refs/heads/master@{#432630}
When placing a float, pay attention to its final logical top.
Subsequent floats may not be placed above this location.


Review-Url: https://codereview.chromium.org/2504173002
Cr-Commit-Position: refs/heads/master@{#432503}
Let querySelector(All) match (nth-)last with unclosed parent.
While parsing, we don't match :last*, :nth-last* etc until we finish
parsing children to avoid alternating between different computed styles
during loading. For querying selectors, however, we should. I couldn't
find this explicitly mentioned in w3c or whatwg specs for
querySelector(All), but Firefox and IE does this.

This could happen if you have:


Adding expectations file for a wpt which now fails. The modifications
to the test has been upstreamed to the github repo. See PR [1].

[1] https://github.com/w3c/web-platform-tests/pull/4216


Review-Url: https://codereview.chromium.org/2505543004
Cr-Commit-Position: refs/heads/master@{#432493}
Add missing include of errno.h
This allows us to build the object file independently.


Review-Url: https://codereview.chromium.org/2501323002
Cr-Commit-Position: refs/heads/master@{#432459}
Media element: avoid v8 allocations in hasPendingActivity().
Blink code is not allowed to allocate objects on the v8
heap while its GC calls out to hasPendingActivity();
re-entrancy is not supported.

Hence, disable 'officialPlaybackPosition' updates while
in hasPendingActivity(), as that will trigger v8
allocations by way of microtask allocations.


Review-Url: https://codereview.chromium.org/2498033002
Cr-Commit-Position: refs/heads/master@{#432453}
Use an SVGElementProxy in ReferenceClipPathOperation
This transforms ReferenceClipPathOperation into using the SVGElementProxy
mechanism. Currently only for PaintLayer clients.

PaintLayerFilterInfo is generalized to PaintLayerResourceInfo and used as
the proxy/resource client for the 'clip-path' property. This enables change
notifications to flow back to the PaintLayer from the <clipPath> subtree.

The SVGElementProxySet is made a little bit generic by moving it to
SVGElementRareData, however it's still only made available for the few element
types that are used with it.


Review-Url: https://codereview.chromium.org/2484153003
Cr-Commit-Position: refs/heads/master@{#432193}
Make updateStyleAndLayoutTree ready for async stylesheet update.
Introduce Document::updateActiveStyle() and corresponding
updateActiveStyle()/updateActiveStyleSheets() methods in StyleEngine to
prepare for doing active stylesheet updates as part of

We move updateViewport() to updateActiveStyle() as the first step. This
is done by removing the synchronous calls to ViewportStyleResolver::
updateViewport() and instead schedule a layout tree update. In order to
trigger actual work to be done when the layout tree update happens, we
need to return true from Document::needsFullLayoutTreeUpdate() when we
need an active style update (for viewport atm).


Review-Url: https://codereview.chromium.org/2484863003
Cr-Commit-Position: refs/heads/master@{#432182}
Tidy up ScriptLoader (MIME) type matching.
MIME is case-insensitively handled within Blink, so remove some
unnecessary normalization of MIME type (and "language=") strings
in ScriptLoader.


Review-Url: https://codereview.chromium.org/2497873002
Cr-Commit-Position: refs/heads/master@{#432162}
XMLHttpRequest: implement "send() flag" tracking and updating per spec.
The implementation has until now tracked/approximated the spec's
"send() flag"[1] by checking if the XMLHttpRequest object had an active
loader. That object does not have lifetime equal to what the spec
requires for the "send() flag", nor is the loader set for sync XHR

There's no good reason to hold out on tracking this flag per spec,
so introduce it here.

[1] - https://xhr.spec.whatwg.org/#send-flag


Review-Url: https://codereview.chromium.org/2496933002
Cr-Commit-Position: refs/heads/master@{#432148}
ContentSecurityPolicy: avoid defining static String singletons.
As CSP is used by multiple threads, we cannot define string literals
in terms of DEFINE_STATIC_LOCAL(). Follow what is done elsewhere
for ContentSecurityPolicy and resort to using plain string literals.


Review-Url: https://codereview.chromium.org/2497543003
Cr-Commit-Position: refs/heads/master@{#431956}
Refactor CSS property mapping for SMIL Animation
Currently the SMIL code relies on 'attributeName' mapping 1:1 to the
CSS property name. This would not work with for instance with
'gradientTransform', which is supposed to map to the 'transform'

To support this, store a CSS property id in SVGAnimatedTypeAnimator, and
use the CSS property id stored in SVGAnimatedProperty to populate it when
possible (using the current method in other cases.)

While doing this, also remove the stored 'context element' from
SVGAnimatedTypeAnimator, since it's only used in the reset(...) method,
and hence can simply be passed as an argument.

Also cleanup the uses of a CSSPropertyID in SVGAnimateElement (the sole
user of SVGAnimatedTypeAnimator) by using the stored CSS property id.

Make SVGAnimateElement::shouldApplyAnimation return bool, and use the
data from the SVGAnimatedTypeAnimator instead to determine which
animation code-path to use.


Review-Url: https://codereview.chromium.org/2496583002
Cr-Commit-Position: refs/heads/master@{#431862}
gn: Include source files outside the source root for Xcode workspace
This change unifies Xcode workspaces with projects for other IDEs.


Review-Url: https://codereview.chromium.org/2489673004
Cr-Commit-Position: refs/heads/master@{#431856}
Remove Deque<>::findIf<>().
This function template is unused, and any future uses are
better served by using <algorithm>'s std::find_if().


Review-Url: https://codereview.chromium.org/2500763002
Cr-Commit-Position: refs/heads/master@{#431855}
Internals.setValueForUser(): add argument type check.

Review-Url: https://codereview.chromium.org/2500793002
Cr-Commit-Position: refs/heads/master@{#431845}
InitialColumnHeightFinder needs to take all expected rows into account.
When a balanced multicol is nested inside another balanced multicol, it will
not be able to create any fragmentainer groups in the first layout pass, since
the height of the outer columns is still unknown.

We need to detect this situation, so that we don't limit the number of content
runs (content portions without explicit breaks) to the used value of
column-count. We are going to need ALL content runs, and group them into
imaginary rows, to figure out a minimal height of the entire inner multicol
container in the first balancing pass.

This will help set a better initial outer column height, and, more importantly,
set some sensible height on the inner multicol container right away, so that
we're not going to believe that it's super-short, which might prevent us from
marking it for re-layout when the outer coulmns have been sized.
childNeedsRelayoutForPagination() would simply fail to see that it's actually
going to cross outer column boundaries, and just bail.

We also treat tallestUnbreakableLogicalHeight() somewhat differently in such
situations. We require that the last "row" alone (rather than the entire
multicol container) be at least as tall as this.

Broke a newFragmentainerGroupsAllowed() out of
appendNewFragmentainerGroupIfNeeded(), since the column balancer code now also
needs to know when we're nested but are not allowed to create fragmentainer

Some, but not all, new tests used to fail before the code changes in this CL.
The passing ones are there to point out regressions that I nearly introduced
while working on this CL.

This is a patch in preparation for removing the relayoutChildren = true thing
in LayoutBlockFlow::layoutBlockFlow() when page logical height changes.

Review-Url: https://codereview.chromium.org/2493833004
Cr-Commit-Position: refs/heads/master@{#431844}
Make FileReader.abort() (synchronously) follow the spec.
It is problematic to cancel a ThreadableLoader (by way of FileReaderLoader)
while it is on the stack, which is one of the steps involved when
abort()ing a reader (as part of the "terminate" step.) To avoid such
potential trouble, the loader termination is done asynchronously.

However, there's no good reason to delay performing the other (user
visible) abort() steps, so arrange for that to happen and align with
the spec & others.


Review-Url: https://codereview.chromium.org/2491363003
Cr-Commit-Position: refs/heads/master@{#431639}
Match camelCased SVG attributes selectors in html documents.
Attribute names are stored lower-case in stylesheets in HTML documents.
SVG attribute names are normalized to the camelCase form in HTML
documents. That meant SVG attributes with camelCase like viewBox never
matched in HTML documents.

We had the same issue for camelCased element names in [1]. In that CL
we decided to allow insensitive matching for non-html elements in order
to avoid having to store the tag names twice in CSSSelector, even if
that is wrong according to the HTML spec. This CL does exactly the same
for attribute selectors.

[1] https://crrev.com/bab4aa7b9


Review-Url: https://codereview.chromium.org/2490393002
Cr-Commit-Position: refs/heads/master@{#431544}
Support fetching attribute listeners from outside v8 context scopes.
A number of the <body> element's event handler attributes represent
and expose event handlers on the window object, hence the parser
will update & replace attribute event listeners while parsing the
attributes. This may well happen while executing outside any v8
context; adjust the lookup of attribute event listeners
to support such usage.


Review-Url: https://codereview.chromium.org/2492793002
Cr-Commit-Position: refs/heads/master@{#431509}
Skip independent inherited property propagation to pseudo elements.
UpdatePseudoElements and IndependentInherit conflict in the following
way. If we both have an independent inherit change on the actual dom
element, and we detect that we need to update the style for the pseudo
element we need to signal the inheritance propagation to the real dom
children and signal the pseudo element recalc to the pseudo element
children. If we return IndependentInherit, we lose the information
about the need for a pseudo element recalc, and if we return
UpdatePseudoElement, we lose the inheritance propagation for the actual
dom children.

We could introduce a new IndependentInheritAndUpdatePseudoElements, but
if there exists pseudo element, we would always return this constant,
so instead just force recalc on pseudo elements on IndependentInherit.


Review-Url: https://codereview.chromium.org/2492783002
Cr-Commit-Position: refs/heads/master@{#431430}
Split positionAndLayoutFloat() off positionNewFloats().
Float layout is somewhat broken when it comes to fragmentation (multicol,
printing). We're going to have to make sure that we always position the
float before laying it out, and, after layout, insert a break before it if
needed. This is a preparatory CL for that.

We currently lay out a float e.g. in insertFloatingObject() without
worrying about setting the position first.

No behavior changes intended.


Review-Url: https://codereview.chromium.org/2486413002
Cr-Commit-Position: refs/heads/master@{#431422}
IDBObserver does not need to be GC finalizable.

Review-Url: https://codereview.chromium.org/2493713002
Cr-Commit-Position: refs/heads/master@{#431268}
Reland of "Tracking reference filter mutation via SVGElementProxy"
This introduces SVGElementProxy - a new piece with the functionality of
DocumentResourceReference and the ReferenceFilterBuilder merged. It
provides the means to track clients of a certain element (only
SVGFilterElements for now, but will likely be extended to other types if
it ends up sticking.) An SVGElementProxy is created, and primarily
owned, by CSSURIValue. The proxy also handles loading of a resource
document, if requested.

Clients are SVGResourceClients, like before, with methods/callbacks
renamed. Some of the old functionality of SVGResourceClient has either
been moved to clients, to the proxy or been replaced with different

Mutations to the element/subtree is signaled separately from any
potential changes to the actual reference (anything that might
invalidate the element reference.)

Fixed an issue from [1] where an observer would be removed too early if
there was several clients sharing it, causing crashes.

[1] https://codereview.chromium.org/2401343002


Review-Url: https://codereview.chromium.org/2490163002
Cr-Commit-Position: refs/heads/master@{#431235}
Store CSSPropertyID in SVGAnimatedPropertyBase
With an increasing amount of SVG attributes being "promoted" to
presentation attributes, it makes sense to try to keep the property
mapping with the other attribute related data.
To make room for these additional bits in SVGAnimatedPropertyBase, pack
some of its fields into a bitfield:

 * m_isReadOnly only needs a single bit.
 * m_type only need room for 21 different values, so 5 bits should

With this new field in place, plumb it through for SVG element
attributes, then, as a start, use the SVG property map to simplify the
implementations of isPresentationAttributeWithSVGDOM and

This could also be used to provide storage for attribute initial values
in the future (crbug.com/225807.)


Review-Url: https://codereview.chromium.org/2485663002
Cr-Commit-Position: refs/heads/master@{#431229}
Moved applyRuleSetChanges functions to StyleEngine.
A lot of the side effects were calls to StyleEngine, so moved the
method there instead. Also fixed the TODO for adding the call to make
CSSGlobalRuleSet dirty.


Review-Url: https://codereview.chromium.org/2487653002
Cr-Commit-Position: refs/heads/master@{#431227}
Let positionNewFloats() take a logicalTop parameter.
It seemed ugly to temporarily change the logical height before calling
positionNewFloats(), just to make the method behave.

Review-Url: https://codereview.chromium.org/2483023002
Cr-Commit-Position: refs/heads/master@{#431115}
Fix a subtle proguard incremental build error
Prevent a confusing incremental build failure where proguard would
read and write to the same file accidentally, failing hard. Can
happen after switching the build from not using proguard, where the
output jar is a gn-copy hardlink to the input jar, to using proguard,
where the output is written to by a script reading from the input jar.

Fix by checking if the output is not a hardlink to the input in the
wrapper script.

NB. The build normally uses proguard on an apk, but makes it possible
to try and only proguard a single jar, and the bug potentially only
happens in this case.

Review-Url: https://codereview.chromium.org/2485663003
Cr-Commit-Position: refs/heads/master@{#430890}
Before turning objects into spanners, check that they are not already spanners.
During style recalculation, we may end up in a situation where we think that we
go from a state where an object couldn't contain spanners, to being able to
contain them, while in reality, the object was able to contain spanners all

This happens when changing the writing mode on the multicol container and all
objects in the parent chain between the spanner and the multicol container (and
there is nothing that prevents the descendant from being a spanner). The
problem is that when determining whether an object is a writing mode root, we
compare the object's writing mode to that of its parent. If they are different,
we decide that it's a writing mode root. However, if we're in styleWillChange()
for said object, and its writing mode is actually about to change to the same
value as that of the parent, there'll be no writing mode root in the end.
Still, we're going to think that we used to be a writing mode root (i.e. not be
able to contain spanners).

It would be possible to fix it for writing mode roots, to provide a reliable
implementation of isWritingModeRoot(), by using a bit in LayoutObject to
specify whether it's a writing mode root, rather than using current computed
style to determine that. Using computed style during style recalculation is
risky. That said, it's probably better to be fault-tolerant for such situations
in toggleSpannersInSubtree() instead, especially since may be other (unknown,
at the time being) scenarios where this situation may occur.


Review-Url: https://codereview.chromium.org/2485173002
Cr-Commit-Position: refs/heads/master@{#430887}
Build v8 snapshot with correct default float configuration on Linux ARM
V8 currently defaults to arm_float_abi="hard" and arm_use_neon=true but
the V8 snapshot defaults to arm_float_abi="softfp" and arm_use_neon=false
on Linux ARM builds.

This patch makes both targets default to hard + neon by changing the
"is simulator build" check from comparing current_cpu with v8_current_cpu
to comparing target_cpu with v8_target_cpu instead. Similarly to how it is
checked in v8/BUILD.gn.


Review-Url: https://codereview.chromium.org/2483153004
Cr-Commit-Position: refs/heads/master@{#430776}
Tracking reference filter mutation via SVGElementProxy
This introduces SVGElementProxy - a new piece with the functionality of
DocumentResourceReference and the ReferenceFilterBuilder merged. It
provides the means to track clients of a certain element (only
SVGFilterElements for now, but will likely be extended to other types if
it ends up sticking.) An SVGElementProxy is created, and primarily owned,
by CSSURIValue. The proxy also handles loading of a resource document, if

Clients are SVGResourceClients, like before, with methods/callbacks
renamed. Some of the old functionality of SVGResourceClient has either
been moved to clients, to the proxy or been replaced with different

Mutations to the element/subtree is signaled separately from any
potential changes to the actual reference (anything that might invalidate
the element reference.)


Review-Url: https://codereview.chromium.org/2401343002
Cr-Commit-Position: refs/heads/master@{#430550}
There should never be unplaced floats from other blocks.
When positioning new floats in a block, all unplaced floats should belong to
said block. If we find unplaced floats from other blocks, someone somewhere
must have forgotten to place them on their own.

No need for code to skip such floats. DCHECK instead.

Review-Url: https://codereview.chromium.org/2479173002
Cr-Commit-Position: refs/heads/master@{#430544}
Use range-based for in toCompositorTransformOperations
Avoids the awkward-looking indexing expressions. Make casted operations
const while at it.

Review-Url: https://codereview.chromium.org/2473013002
Cr-Commit-Position: refs/heads/master@{#430247}
Don't use url from ImageResource for computed style.
ImageResource objects are shared between urls which only differ in
fragment identifier. The fragment identifier of the first requested url
is stored on ImageResource. That gave incorrect results when requesting
computed style values of backgroundImage for pseudo elements.

Use the url which is stored on StyleFetchedImage instead.


Review-Url: https://codereview.chromium.org/2474093003
Cr-Commit-Position: refs/heads/master@{#430246}
Don't include LayoutObject-derived headers where not needed.
Or, if a LayoutObject-derived header is still required, pick the most generic
one possible.

Review-Url: https://codereview.chromium.org/2474603002
Cr-Commit-Position: refs/heads/master@{#430165}
Descendants may become or cease to be spanners when an ancestor changes style.
When building the tree, when inserting something that looks like a
column spanner, we first examine all the parents all the way up to the
multicol container, to make sure that they are all valid spanner
containers. This already works fine.

In our implementation, a valid column spanner container is, roughly, a
"regular" in-flow block. Among other things, it may not establish a
new block formatting context. Nor transforms. And a few other

If the style of a valid column spanner container changes, it may end
up as no longer being a valid spanner container, and vice versa: an
invalid spanner container may become a valid spanner container, all of
a sudden.

Detect this during style change. If a block ceases to be a valid
spanner container, we need to check its subtree for spanners, and turn
them into regular column content. And, vice versa, if a block is
turned into a valid spanner container, we need to check its subtree
for column-span:all objects, which may have to be changed from regular
column content into spanners.


Review-Url: https://codereview.chromium.org/2479873002
Cr-Commit-Position: refs/heads/master@{#430005}
Link stylesheets in shadow trees do not belong to document scope.
We have incorrectly kept DCHECKs checking that stylesheets in shadow
trees come from style elements. That is no longer true, and modifying
link elements in shadow trees would trigger some of these DCHECKs.

Also, we simply used Document as the TreeScope handling link elements.
Always use the treeScope() from the associated node instead. Using the
wrong TreeScope in these cases would cause missing updates of active
stylesheets in ShadowTreeStyleSheetCollections for AnalyzedStyleUpdate.
I have not been able to find a triggering test case for this.


Review-Url: https://codereview.chromium.org/2472973002
Cr-Commit-Position: refs/heads/master@{#429877}
Add missing web_contents.h include

Review-Url: https://codereview.chromium.org/2473793002
Cr-Commit-Position: refs/heads/master@{#429853}
Mark TranslateTransformOperation final
Nothing derives from it. This also allows devirtualization of the call
to apply() for the 'translate' (independent) property.


Review-Url: https://codereview.chromium.org/2468303005
Cr-Commit-Position: refs/heads/master@{#429840}
Remove ShadowRoot::numberOfStyles().
This probably used to be an optimization which made sense when we had
<style scoped> implemented. Now, it should be equally cheap to just
check the ScopedStyleResolver member. The ScopedStyleResolver is null
when there are no active stylesheets in the tree-scope.

This also caused issue 659596 because we only registered style elements
and not link elements, which lead the code to believe there were no
rules to match from the scope when there were only link stylesheets


Review-Url: https://codereview.chromium.org/2472613004
Cr-Commit-Position: refs/heads/master@{#429824}
Properly avoid breaking inside a float's top margin.
We used to depend on stumbling upon unbreakable content (such as lines) at
column boundaries for this to work, but we failed in the really simple cases
(where there was no content at all, for instance).

Move the logic for this to float-specific code, so that we don't have to be
aware of it at several other locations in the code.

Doing this correctly during layout also helps the balancer find the right
column height. Added a test for something that used to fail in this area.

Review-Url: https://codereview.chromium.org/2479483002
Cr-Commit-Position: refs/heads/master@{#429641}
Don't let a column spanner affect the self-margin-collapsing state of the parent.
When a spanner is removed from the tree, we mark the container chain for
layout, just like we do when removing any other kind of object. The container
of a spanner is the multicol container, though, so the direct parent of the
spanner may not be marked for layout. And that should not be necessary either,
since the spanner is essentially taken out of normal flow.

We get some marking for layout for free in layoutBlockFlow(), if
pageLogicalHeightChanged, but that only goes one level deep. Eliminate the need
for layout in situations like this.

Prior to this change, we'd fail on an assert that required that the cached
state of self-collapsing be in sync with reality.

Review-Url: https://codereview.chromium.org/2473953003
Cr-Commit-Position: refs/heads/master@{#429638}
logicalHeightWithVisibleOverflow() needs to include overhanging floats.
Otherwise we might end up skipping layout of blocks that contain floats
that really need to be relaid out.

We get some marking for layout for free in layoutBlockFlow(), if
pageLogicalHeightChanged, but that only goes one level deep.

Review-Url: https://codereview.chromium.org/2474883002
Cr-Commit-Position: refs/heads/master@{#429611}
Tidy up ComputedStyle::applyTransform
Use range-based for-loops when iterating transform operations (also in
ComputedStyle::requireTransformOrigin), since it's both tidier and
avoids unnecessary index-checks (in operator[].)
Move computation of offsetX/offsetY closer to their point of usage.
Extract the size of the bounding box once, and also drop some unneeded
qualifications of enumeration values.


Review-Url: https://codereview.chromium.org/2474043002
Cr-Commit-Position: refs/heads/master@{#429598}
Make offsetTop/Left handle a relative positioned inline offsetParent correctly.
offsetTop and offsetLeft happily ignored the fact that offsetParent could
be a relative positioned inline.

I used the opportunity to change some variable names in
LayoutBoxModelObject::adjustedPositionRelativeTo() in order to hopefully
make it clearer what's going on.


Review-Url: https://codereview.chromium.org/2414683002
Cr-Commit-Position: refs/heads/master@{#429571}
Fix a bunch of generated file build flakes in //extensions
Several files in //extensions could randomly fail to build due to
missing dependencies on header generator targets, mostly mojo
and grit. Add the dependencies so builds are not flaky.


Review-Url: https://codereview.chromium.org/2452943003
Cr-Commit-Position: refs/heads/master@{#429543}
adjustedPositionRelativeTo() couldn't find offsetParent.
LayoutBoxModelObject::adjustedPositionRelativeTo() could get confused
by inline continuations, and could fail if offsetParent itself was a split
continuation.  If the child belongs to the second part of the continuation,
we'll instead race to the root of the tree.  By comparing with the node instead,
we correctly identify the offsetParent and stop the search.


Review-Url: https://codereview.chromium.org/2454693003
Cr-Commit-Position: refs/heads/master@{#429541}
Simplify SVG pending resource (re)validation
The contents of the m_pendingResourcesForRemoval map has a lifespan that
does not extend beyond the scope of SVGElement's
buildPendingResourcesIfNeeded() method.
So instead of passing through the map in SVGDocumentExtensions, just
take the corresponding set for the pending 'id' and iterate that
directly, avoiding indirection and complicated removal sequence.
This also allow SVGDocumentExtensions::removeElementFromPendingResources
to be simplified, so do that, and then remove the
m_pendingResourcesForRemoval map from SVGDocumentExtensions.


Review-Url: https://codereview.chromium.org/2473483004
Cr-Commit-Position: refs/heads/master@{#429539}
Remove pageLogicalHeightChanged() from LayoutState.
It was only used from insertFloatingObject(), and in a bogus manner at that.
Added a TODO instead. We haven't even positioned the float at this point, so
attempting layout for pagination here is essentially bad.

We make sure to relayout correctly for pagination when we get to
positionNewFloats() later, anyway.

Review-Url: https://codereview.chromium.org/2467353003
Cr-Commit-Position: refs/heads/master@{#429533}
Reland of Improve how the column balancer handles top margins on floats. (patchset #1 id:1 of https://codereview.chromium.org/2468193002/ )
Reason for revert:
csspaint/invalidation-background-image.html was also failing (flaky) before landing this CL.

Original issue's description:
> Revert of Improve how the column balancer handles top margins on floats. (patchset #3 id:40001 of https://codereview.chromium.org/2465363003/ )
> Reason for revert:
> Speculative revert to fix csspaint/invalidation-background-image.html failure on "WebKit Win7 (dbg)" bot.
> Failed build:
> https://build.chromium.org/p/chromium.webkit/builders/WebKit%20Win7%20%28dbg%29/builds/7961
> Original issue's description:
> > Improve how the column balancer handles top margins on floats.
> >
> > Float margins do not collapse with column boundaries, so we should make room
> > for them after the break, if the border box of the float starts in the next
> > column.
> >
> > Let the balancer work on the margin box of the float (and the border box for
> > all other objects). For floats, we want to insert breaks before the
> > margin-before edge, not the border-before edge. This lets us remove
> > some special-code for unbreakable floats in InitialColumnHeightFinder, which
> > was the only place that previously bothered about this.
> >
> > Changed how we determine which objects to process. We used to include the
> > overflow both before and after the border box, but we really don't have to
> > bother with content preceding it, since that shouldn't undergo fragmentation
> > anyway.
> >
> > Discovered (one test regressed) that logicalHeightIncludingOverflow() also
> > included clipped overflow, which certainly wasn't the intention. This didn't
> > make much of a difference as long as the method was only called to check if we
> > could skip re-layout. But now we also use it to determine the column height.
> > Fixed it to only include visible overflow and renamed it to
> > logicalHeightWithVisibleOverflow().
> >
> > Committed: https://crrev.com/7c82da727f64121aa34aa1decf82452c37ef7a2d
> > Cr-Commit-Position: refs/heads/master@{#429245}
> TBR=eae@chromium.org,mstensho@opera.com
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOTRY=true
> Committed: https://crrev.com/58f81484437d367285de9f0fc1fdd4034eb5c333
> Cr-Commit-Position: refs/heads/master@{#429265}

# Skipping CQ checks because original CL landed less than 1 days ago.

Review-Url: https://codereview.chromium.org/2471933002
Cr-Commit-Position: refs/heads/master@{#429415}
Move LayerHitTestRects to a separate file.
This way, ScrollingCoordinator.h doesn't need to include LayoutObject.h

Review-Url: https://codereview.chromium.org/2468073002
Cr-Commit-Position: refs/heads/master@{#429311}
Move MapCoordinatesMode and MapCoordinatesFlags to a separate header.
This way, LayoutGeometryMap.h doesn't need to include LayoutObject.h

Review-Url: https://codereview.chromium.org/2472573002
Cr-Commit-Position: refs/heads/master@{#429294}
Improve how the column balancer handles top margins on floats.
Float margins do not collapse with column boundaries, so we should make room
for them after the break, if the border box of the float starts in the next

Let the balancer work on the margin box of the float (and the border box for
all other objects). For floats, we want to insert breaks before the
margin-before edge, not the border-before edge. This lets us remove
some special-code for unbreakable floats in InitialColumnHeightFinder, which
was the only place that previously bothered about this.

Changed how we determine which objects to process. We used to include the
overflow both before and after the border box, but we really don't have to
bother with content preceding it, since that shouldn't undergo fragmentation

Discovered (one test regressed) that logicalHeightIncludingOverflow() also
included clipped overflow, which certainly wasn't the intention. This didn't
make much of a difference as long as the method was only called to check if we
could skip re-layout. But now we also use it to determine the column height.
Fixed it to only include visible overflow and renamed it to

Review-Url: https://codereview.chromium.org/2465363003
Cr-Commit-Position: refs/heads/master@{#429245}
Make siblingRules and uncommonAttributeRules private.
These vectors only need to be modified inside the RuleFeatureSet class.
Added methods for const access.


Review-Url: https://codereview.chromium.org/2469143002
Cr-Commit-Position: refs/heads/master@{#429220}
Don't always have to relayout a child when fragmentainer height is unknown.
Fragmentainer height is unknown in the first multicol layout pass, before
the initial balancing attempt. It also happens when we have to restart the
column balancing algorithm (due to dynamic content change, containing block
logical width change, etc.). In this case we only need to relayout if the child
did previously break (because then there may be pagination stuts inside that we
need to clear).

Review-Url: https://codereview.chromium.org/2473433002
Cr-Commit-Position: refs/heads/master@{#429135}
Avoid unnecessary relayout of floats when not paginated.
Made a mistake when excluding floats from being considered for pagination
relayout skipping, by ALWAYS marking them for layout, EVEN WHEN NOT PAGINATED.
Make sure that we check that we're paginated first. No need to slow down layout
when not paginated.

Broke the logic for determining whether we need layout or not into a separate
method, so that we don't need a quarter of a dozen calls to
setChildNeedsLayout(). The logic is now reversed; rather than checking if we
don't need layout, we check if we DO need layout. Tried to make the code a bit
clearer, and document what goes on at each step.

Review-Url: https://codereview.chromium.org/2459293004
Cr-Commit-Position: refs/heads/master@{#429051}
Reduce CSSStyleSheet size by moving bool member.
Grouping bool members together saved 8 bytes from 120 to 112 on 64 bit

Also started using class initializers, removed unnecessary nullptr
initialization of Member<>, and a 0 -> nullptr.


Review-Url: https://codereview.chromium.org/2469693002
Cr-Commit-Position: refs/heads/master@{#428977}
Rewrite css3/filters/effect-reference-delete.html
Make sure we get a layout+paint before removing the <svg> (w/ descendant
filter) so that we test a proper transition.

Review-Url: https://codereview.chromium.org/2453403002
Cr-Commit-Position: refs/heads/master@{#428706}
Make sure to always reset the cached filter in ReferenceFilterOperation

Review-Url: https://codereview.chromium.org/2453033004
Cr-Commit-Position: refs/heads/master@{#428678}
Be more restrictive about forcing relayout of children for pagination.
Avoid full subtree re-layouts that could especially occur in tables. This could
slow down printing and multicol by a lot.

This change makes PerformanceTests/Layout/multicol/deeply-nested-tables.html
about 1300 times faster (from 5.1 runs/s to 6813 runs/s when tested
locally). The test in bug 487026 will now show print preview instantly, rather
than taking a couple of minutes to finish.

Store the amount of space used (including the trailing strut) before the first
break (if any) instead of the offset from the top of the first fragmentainer.
We'll use this information in markChildForPaginationRelayoutIfNeeded() to
determine if we really need to force re-layout of some child. We really only
need to force re-layout of a child if there's a chance that it needs to
recalculate its pagination struts. It won't need to recalculate anything if we
know that there were no fragmentainer breaks AND that there won't be any if
we re-lay out. Even if there ARE fragmentainer breaks in there, we can still
skip layout if we know that the breaks will remain at the exact same locations
relative to the child. Store this information after layout by calling
updateFragmentationInfoForChild(). We need to include the overflow portion
after the bottom border edge of the child, since overflow also gets fragmented.

The old implementation of markChildForPaginationRelayoutIfNeeded() re-laid out
everything as long as LayoutState's pageLogicalHeightChanged() was true.
However, this flag is only set when entering layout of some fragmentation
context. Some objects, such as tables, requires multi-pass layout. If the flag
was true the first time the object was laid out, it's going to be true in all
subsequent re-layouts as well, potentially resulting in numerous deep layouts.


Review-Url: https://codereview.chromium.org/2462643002
Cr-Commit-Position: refs/heads/master@{#428626}
Add missing generator dependencies in content/renderer/mus
Building //content/renderer/mus could fail due to transitive
dependencies on header generators pulled in via render_frame_impl.h
and render_thread_impl.h (building render_widget_mus_connection.cc
or compositor_mus_connection.cc could fail).

Unfortunately //content/renderer deps on //content/renderer/mus,
so there's no easy way to get these deps for free (cyclic dep).


Review-Url: https://codereview.chromium.org/2461643002
Cr-Commit-Position: refs/heads/master@{#428428}
Add a //chrome/common dep to //chrome/browser/devtools
Devtools include chrome/common headers which include the generated
features header, so without the dep the build is flaky.


Review-Url: https://codereview.chromium.org/2454943004
Cr-Commit-Position: refs/heads/master@{#428413}
Move Document global rule data to CSSGlobalRuleSet.
This CL is split out from [1] with some modifications.

Instead of storing these data in the StyleResolver, create a new class
to store them in StyleEngine instead. See the design document linked
from issue 401359 which talks about moving this content off of
StyleResolver. Also made a note that we should further try to contain
as much of this data as possible per TreeScope to avoid the need for
constantly having to update these meta data for shadow tree

We get rid of some of the duplicate storing of some of these features.
See what was previously set on StyleEngine (resetCSSFeatureFlags()).

This is also in preparation for async stylesheet update (issue 567021).
There are few places where we synchronously update this new rule set
directly after marking it as dirty which will happen later when all
parts of [1] lands.

Another synchronous update we will be able to remove later is making
the RuleFeatureSet up-to-date when scheduling style invalidations
(marked as TODOs for sync calls to ensureResolver()). The need for
these calls is supported by the added invalidation tests which would
otherwise fail.

[1] https://codereview.chromium.org/1913833002/


Review-Url: https://codereview.chromium.org/2451893003
Cr-Commit-Position: refs/heads/master@{#428327}
Missing document null pointer check in Internals.
updateLayoutIgnorePendingStylesheetsAndRunPostLayoutTasks did not check
if the document was null before using it.


Review-Url: https://codereview.chromium.org/2461633002
Cr-Commit-Position: refs/heads/master@{#428312}
Use StyleEngine::resetAuthorStyle instead of clearScopedStyleResolver.
The former will make sure the shadow root is removed from
treeBoundaryCrossingScopes appropriately.

This code is not in production yet, so there were no observable bug.


Review-Url: https://codereview.chromium.org/2456753003
Cr-Commit-Position: refs/heads/master@{#428275}
Provide a dedicated getter for the offset to a repeatable THEAD.
pageLogicalOffset() is otherwise only used as an optimization during layout,
and the way we're optimizing for fragmenting is soon going to change.

Review-Url: https://codereview.chromium.org/2455733003
Cr-Commit-Position: refs/heads/master@{#428203}
Don't establish LayoutState for LayoutTableRow objects.
Table rows are not the containing block of anything. The real containing block
of a table cell is their table section, not the table row.

With this change, we no longer need to pass the object's location to
LayoutState(). Just call locationOffset() on the object in the constructor
instead, rather than doing it at all call sites.

Review-Url: https://codereview.chromium.org/2458823002
Cr-Commit-Position: refs/heads/master@{#428190}
Need to remove line pagination struts when no longer fragmented.
We only used to recalculate pagination struts on lines when we were inside a
fragmentation context, but if said fragmentation context ceases to be one, we
need one final strut recalculation pass, to get rid of them all.


Review-Url: https://codereview.chromium.org/2460673002
Cr-Commit-Position: refs/heads/master@{#428161}
Add a couple of regression tests for float fragmentation.
These tests change the fragmentainer heights, so that the float will fit in the
first fragmentainer afterwards, rather than in the second one.

Review-Url: https://codereview.chromium.org/2445193007
Cr-Commit-Position: refs/heads/master@{#428160}
Need a deep layout pass when becoming (un)fragmented.
When an object ceases to be fragmented (e.g. when leaving print preview), there
may be pagination struts that need to be removed. Therefore, we need to lay out
all descendants of a block that ceased to establish a fragmentation context.

Similarly, when becoming fragmented (e.g. when entering print preview), we need
to go through every descendant. There may both be implicit and forced breaks to


Review-Url: https://codereview.chromium.org/2454083002
Cr-Commit-Position: refs/heads/master@{#428062}
Allow pagination struts to push objects below the exact top of the next column.
The top margin of a float may push its border box below the top of the next

Similarly, a repeated table header may do the same to the first row in the next
column, to make room for itself above it.

The column balancer had assertions to boom at such situations, but it's pretty
clear now that it's an unreasonable requirements that sturts take us to the
exact top of the next column.

Added visual tests that crashed before (in debug). No behavioral changes here,
apart from the fact that the tests no longer crash.

Review-Url: https://codereview.chromium.org/2456003002
Cr-Commit-Position: refs/heads/master@{#428047}
Removed unused StyleEngine::didRemoveShadowRoot().
Also tried to figure out and document why we are clearing
ScopedStyleResolvers for shadow trees in clearResolver().


Review-Url: https://codereview.chromium.org/2454903002
Cr-Commit-Position: refs/heads/master@{#427950}
Removed unnecessary rule feature reset when no ScopedStyleResolver.
Resetting rule features when a shadow tree did not contain any
stylesheets, and hence didn't have a ScopedStyleResolver, caused a
performance regression in the select-single-remove performance test.

UA shadow trees typically don't have any stylesheets.

This is a regression from [1].

[1] https://codereview.chromium.org/2443933002


Review-Url: https://codereview.chromium.org/2452733004
Cr-Commit-Position: refs/heads/master@{#427949}
LayoutState doesn't need to store both layout and pagination offset.
We only ever used those two in combination to figure out how far away we were
from the start of the pagination context. So, let's just store that directly instead.
This allows us to clean up quite a bit. Also changed LayoutState() to do more
early returns, when we have no more work left to do.

Also consolidated two sections that disabled pagination for unsupported content
(one for SVG and one for other unbreakable content).

Review-Url: https://codereview.chromium.org/2444193009
Cr-Commit-Position: refs/heads/master@{#427945}
Clear m_treeBoundaryCrossingScopes when reconstructing StyleResolver.
When m_treeBoundaryCrossingScopes were part of StyleResolver, they were
cleared when the StyleResolver was cleared. Now that they outlive the
StyleResolver, they need to be cleared separately.


Review-Url: https://codereview.chromium.org/2450353002
Cr-Commit-Position: refs/heads/master@{#427912}
Fix a large number of missing dependencies in the blink gn build
Make all blink_core_sources targets public_dep on all the code
generators in core to ensure required headers are always generated first
and a successful build does not depend on lucky ordering. Manually fix
similar dep issues in core/inspector.

There are now more dependencies than strictly necessary, but they will
only trigger the generators with no effect on build commands (tested by
checking that the patch doesn't trigger a rebuild of any c++ code).

The end result is that the total number of targets that don't have proper
deps in the 'chrome' target build goes down from over 1800 to about 40,
and no missing dependencies on gen/blink files exist.


Review-Url: https://codereview.chromium.org/2452473004
Cr-Commit-Position: refs/heads/master@{#427856}
The column balancer needs to look inside inlines.
There may be floats there.

Split traverseSubtree() into traverseLines() and traverseChildren(), so that
traverseChildren() can easily be called directly when at inlines.


Review-Url: https://codereview.chromium.org/2453743002
Cr-Commit-Position: refs/heads/master@{#427724}
Fix some mojo dependencies in blink
Several places in blink were using mojo headers without a dependency on
mojo targets that generate said headers, causing build flakiness.


Review-Url: https://codereview.chromium.org/2453653003
Cr-Commit-Position: refs/heads/master@{#427659}
No longer mark two tests in ietestcenter/css3/multicolumn as failing.
They pass now, probably because of the fix for bug 291616.


Review-Url: https://codereview.chromium.org/2446023003
Cr-Commit-Position: refs/heads/master@{#427370}
Call willInsertBody() in MediaDocument::createDocumentStructure()
Follow up on https://codereview.chromium.org/1343493002 and add the same
willInsertBody() call that ImageDocument has.

Review-Url: https://codereview.chromium.org/2427563002
Cr-Commit-Position: refs/heads/master@{#427312}
Don't assume python is in /usr/bin in js_minify.py

Review-Url: https://codereview.chromium.org/2438293002
Cr-Commit-Position: refs/heads/master@{#427304}
Deal with canceled requests when flushing deferred messages.
Flushing deferred messages might lead to a request being canceled
(e.g. when an ImageResource loads a corrupt image). The code didn't
fully take this into account which would cause crashes (and resource
leaks if it would have survived).


Review-Url: https://codereview.chromium.org/2425173003
Cr-Commit-Position: refs/heads/master@{#427298}
Move TreeBoundaryCrossingScopes to StyleEngine.
This is split out of the work for async stylesheet updates [1], but is
also part of the work on componentized style resolving in general.

The moved resetAuthorStyle method on StyleEngine may soon be gone
altogether as it does so in [1].

The plan is that TreeBoundaryCrossingScopes will also be completely
gone when we remove support for Shadow DOM v0. For Shadow DOM v1 we can
look up the scoped resolvers for the affecting scopes directly like we
already do in StyleResolver::matchScopedRules for the pure v1 case.

The documentation of the special casing of VTT and custom pseudo
elements is updated to not suggest that these rules are handled as part
of boundary crossing scopes as the current solution is better once v0
shadows go away.

[1] https://codereview.chromium.org/1913833002


Review-Url: https://codereview.chromium.org/2443933002
Cr-Commit-Position: refs/heads/master@{#427284}
Fix more null-checks in SVGLengthContext::convertValueFrom*
The following methods in SVGLengthContext:


needs the same treatment as convertValueFromCHSToUserUnits got in


Review-Url: https://codereview.chromium.org/2449433002
Cr-Commit-Position: refs/heads/master@{#427080}
Remove unused hasPendingResourceUpdate bit from LayoutObject.
Also recounted, updated and corrected total bit count.

Review-Url: https://codereview.chromium.org/2442283002
Cr-Commit-Position: refs/heads/master@{#427050}
Rename collectTreeBoundaryCrossingRules.
Include V0Cascade order to reflect that this is the legacy code for
Shadow DOM V0 cascading order in pure V0 documents.


Review-Url: https://codereview.chromium.org/2445673002
Cr-Commit-Position: refs/heads/master@{#427042}
Use a converter for building style value for 'transform'
Also change TransformBuilder::createTransformOperations to return the
TransformOperations rather than use an out argument.

Review-Url: https://codereview.chromium.org/2435413002
Cr-Commit-Position: refs/heads/master@{#427036}
Avoid copying value in ComputedStyle CoW comparions (compareEqual)
Because of the cast of the RHS, |u|, a copy would be generated, with
code and cycle bloat as the result. In some cases this can even have
prevented inlining. Particularly nasty examples:

 bool compareEqual(const Vector<LengthPoint>&, const Vector<LengthPoint>&) [210 bytes]
 bool compareEqual(const Vector<CSSPropertyID>&, const Vector<CSSPropertyID>&) [274 bytes]
 bool compareEqual(const Vector<GridTrackSize>&, const Vector<GridTrackSize>&) [182 bytes]
 bool compareEqual(const HashMap<String, GridArea>&, const HashMap<String, GridArea>&) [308 bytes]
 bool compareEqual(const TransformOperations&, const TransformOperations&) [441 bytes]
 bool compareEqual(const LengthBox&, const LengthBox&) [249 bytes]

Remove the U->T cast in compareEqual to avoid the copies. Nothing seems
to require this coercion (anymore?) This eliminates the above symbols
entirely. A total binary size reduction of >30k (x86-64; non-official) also
indicates even the simpler cases/types may have benefited.

Review-Url: https://chromiumcodereview.appspot.com/2438353002
Cr-Commit-Position: refs/heads/master@{#426990}
Always evaluate media features to true without MediaValues.
Having a constructor taking bool made it possible to construct a
MediaQueryEvaluator passing a pointer to an object of an arbitrary
type as the pointer was converted to a bool without a warning.

By closer inspection, the use of the m_expectedResult value had two
purposes. One was to return true for matching media type ignoring the
rest of the media query. The other cases were for testing purposes
where there was no media rules to match, so the result didn't matter.

Since there are no useful applications for returning false for media
queries containing expressions in addition to type, we can safely
return true for all query expression when no MediaValues object is

There is one place we change the behavior. The StyleResolver
constructor has a fallback evaluator when we have no FrameView. That
should never happen, though, and it would yield incorrect results
regardless of whether we would always return true or false for media
query expressions.


Review-Url: https://chromiumcodereview.appspot.com/2432153005
Cr-Commit-Position: refs/heads/master@{#426752}
Fix NULL pointer dereference in FinishedAsyncCopyRequest()
Due to undefined (favorably right to left) argument evaluation order,
the tracker might have been passed and set to NULL before the window
is looked up which results in a NULL pointer dereference.


Review-Url: https://chromiumcodereview.appspot.com/2435033002
Cr-Commit-Position: refs/heads/master@{#426748}
MediaValuesInitialViewport passed to MediaQueryEvaluator as bool.
The test coverage for [1] was not good enough. We tried to pass a
MediaValues pointer into the MediaQueryEvaluator constructor, but since
none of the constructors took such a type, it was converted into a bool
for which there was a constructor.

I'm planning to change the bool parameter to an enum in a follow-up CL
to avoid such mistakes in the future.

[1] https://codereview.chromium.org/2414343002/


Review-Url: https://chromiumcodereview.appspot.com/2430923005
Cr-Commit-Position: refs/heads/master@{#426747}
Pay attention to tall rowspanned cells in the first layout pass.
If a rowspanned cell gets fragmented, and this cell needs to stretch the table
rows in order to fit, only stretch the last row (i.e. the one we're currently
laying out). That's the only thing we can do if we don't want mess up
fragmentation (pagination struts) of earlier content.

Furthermore, to leave those rows completely alone, don't let a subsequent
rowspanned cell that shares at least one row with the previous rowspanned cell
stretch those rows, either, as that would lead to unfair height distribution
anyway (since the last row has already got all the extra space).
table-overlapping-rowspan.html tests this.


Review-Url: https://chromiumcodereview.appspot.com/2433403002
Cr-Commit-Position: refs/heads/master@{#426590}
Clean up LayoutTableSection::calcRowLogicalHeight() a bit.
Since nobody apparently wants to deal with a rowspanned cell unless we're at
its first row, just skip that cell for subsequent rows, instead of having
checks for this everywhere.

Also removed a debug hashmap that was just used to assert that we didn't add
duplicate cells to a vector. Check the vector directly instead.

Review-Url: https://chromiumcodereview.appspot.com/2434033003
Cr-Commit-Position: refs/heads/master@{#426555}
Remove last-minute row height stretching for pagination.
This code no longer has any effect, since we now fragment and set the correct
row heights way BEFORE cell alignment and flexing. It was also buggy, in that
it didn't recalculate intrinsic padding after resizing the row.


Review-Url: https://chromiumcodereview.appspot.com/2433413002
Cr-Commit-Position: refs/heads/master@{#426512}
Performance test for deeply nested tables inside multicol.
This is similar to printing deeply nested tables, and we have serious
performance issues with this.

Landing the performance test separately from the actual fix, so that we can
observe the improvement when the fix eventually lands.


Review-Url: https://chromiumcodereview.appspot.com/1695193006
Cr-Commit-Position: refs/heads/master@{#426461}
Specified row height should be applied during initial section layout.

Review-Url: https://chromiumcodereview.appspot.com/2434543004
Cr-Commit-Position: refs/heads/master@{#426441}
Remove first-line-in-cell strut subtraction workaround.
This is no longer needed. In fact, it was causing some trouble.


Review-Url: https://chromiumcodereview.appspot.com/2438613004
Cr-Commit-Position: refs/heads/master@{#426435}
Simplify SVGAnimated* initialization
In several cases, all initial values are the same, so callers of
SVGAnimated<TYPE>::create can be relieved of the duty of calling
SVG<TYPE>::create() explicitly.

This affects:

  SVGAnimatedString and

These should hopefully also all reset to the correct value when
encountering an invalid (string) value.


Review-Url: https://chromiumcodereview.appspot.com/2436793002
Cr-Commit-Position: refs/heads/master@{#426429}
Collect @viewport before constructing RuleSets.
- Move ViewportStyleResolver to StyleEngine.

- Only create a ViewportStyleResolver for top level documents.

- Collect @viewport rules via the DocumentStyleSheetCollection.

- Use the initial viewport size for resolving viewport relative

- Introduce initialViewportChanged() and viewportRulesChanged() in
  StyleEngine to trigger re-collection and resolution of the actual
  viewport. These currently trigger an immediate call to updateViewport
  which will later be a part of the document lifecycle phase for
  updating active stylesheets.

This finally fixes issues 332763, 455136, and 463098.


Review-Url: https://chromiumcodereview.appspot.com/2420413005
Cr-Commit-Position: refs/heads/master@{#426427}
Initial viewport is not the same as FrameView rect.
FrameView rect is also changed by the visual viewport.

Set the initial viewport size on FrameView whenever it changes in
WebViewImpl and use it for matching media queries when collecting
@viewport rules. See [2] for spec reference.

This is fixing what was introduced in [1].

[1] https://codereview.chromium.org/2414343002/
[2] https://www.w3.org/TR/css-device-adapt-1/#media-queries


Review-Url: https://chromiumcodereview.appspot.com/2431613002
Cr-Commit-Position: refs/heads/master@{#426424}
Move table row pagination strut insertion to the first layout pass.
Pagination struts are inserted before a table row, when we should avoid
breaking inside it, and it doesn't fit as a whole in its current fragmentainer.
We should avoid breaking inside rows when their break-inside is "avoid", or
when there are repeating table headers (which turns on break-inside:avoid for
all rows in the table).

This CL also includes the code that deals with repeating headers, since it
proved hard to separate it from the rest.

We need to make sure to subtract the struts from previous rows' height now;
just like we don't include border spacing in the rows, we should also omit the
pagination strut of the next row. In order to be consistent about this,
layoutRows() in LayoutTableSection now uses the rows' logical heighs more
extensively than before (rather than using the m_rowPos array to calculate
heights). This has an implication for rowspanned cells. We now need to wait
until we are at their last row before processing them, since we calculate row
heights on the fly. There's a small fix here. Previously, the strut wasn't
baked into the logical top of a table row, unlike all other layout objects.
This resulted in wrong offsets for table rows after fragmentainer breaks,
but the cells in there still had correct offsets, so it wasn't possible
to observe this bug in any visual test. It does affect a couple of
dump-render-tree printing tests, though. Added a couple of tests for this
on my own, which use offsetTop and offsetHeight.

table-disable-fragmentation.html is just a regression test. We need to be
careful to ignore struts when not fragmented. It passed before and it passes
now, but I nearly broke it while working on this.


Review-Url: https://chromiumcodereview.appspot.com/2433473002
Cr-Commit-Position: refs/heads/master@{#426265}
Clean up break-inside restriction propagation from table headers.
If a table header has break-inside:avoid, our implementation currently
propagates that to all table rows in the table. Make this more obvious (and
consistent) with a getPaginationBreakability() override in LayoutTableRow,
rather than checking it at only one place (paginationStrutForRow()), although
that may very well have been the only place that needed to care.

No behavioral changes expected.

Review-Url: https://chromiumcodereview.appspot.com/2426553004
Cr-Commit-Position: refs/heads/master@{#426020}
Set logical top and height of table rows and cells in the first layout pass.
This gives the fragmentation machinery an opportunity to insert breaks at the
right places. We previously assumed that all cells were at the top of their
table section, so break insertion was completely bogus. While we'd get a second
chance to break correctly in the second layout pass, this doesn't always work
too well. There's currently some code in layoutRows() in LayoutTableSection
that attempts to adjust the row height when we change where we break inside a
table cell, but it doesn't re-align cells vertically after this adjustment.
That code must die, and this CL is a preparatory step.


Review-Url: https://chromiumcodereview.appspot.com/2423403002
Cr-Commit-Position: refs/heads/master@{#426015}
Removed unused includes from Internals.cpp.

Review-Url: https://codereview.chromium.org/2428543004
Cr-Commit-Position: refs/heads/master@{#425945}
Implement collection of @viewport rules from DocumentStyleCollection.
The @viewport rules will be recollected and re-resolved from a new
updateViewport() method. Rule will need to be re-collected when
stylesheets are added, or when media queries change. Re-resolution
needs to happen when the viewport descriptors contain vh/vw units, or
after a re-collection of rules.

Store the viewport and device dependent mq results on the
ViewportStyleResolver as these may be different from the results
collected when constructing the rulesets because of the initial/actual
viewport difference. The device dependent will not be different, but
nested media queries may cause some media queries to be skipped for
ruleset construction which would not be skipped for @viewport rule

We also change the existing code to lazily reset() in preparation for
the re-collect/re-resolve distinction.


Review-Url: https://codereview.chromium.org/2424823002
Cr-Commit-Position: refs/heads/master@{#425942}
Separate method for calculating logical height based on CSS properties.
Move it out of LayoutTable::layout(), since that method is more than crowded
enough as it is.

Had to make convertStyleLogicalHeightToComputedHeight() a const method, since I
decided to make the new method const. Constified
convertStyleLogicalWidthToComputedWidth() as well, for the sake of consistency.

Review-Url: https://codereview.chromium.org/2422103003
Cr-Commit-Position: refs/heads/master@{#425757}
Disable row stretching for tables crossing fragmentainer boundaries.
Edge also does this.

Allowing rows to be stretched and thus moved after fragmentation would require
us to re-fragment (since the fragmentainer boundaries would be elsewhere, due
to row stretching), then re-stretch, the re-re-fragment, and so on (cyclic


Review-Url: https://codereview.chromium.org/2421133002
Cr-Commit-Position: refs/heads/master@{#425705}
Add missing exclusive_access_manager.h includes

Review-Url: https://codereview.chromium.org/2424773002
Cr-Commit-Position: refs/heads/master@{#425670}
Spell-checking and proof-reading WhitespaceLayoutObjects.md.

Review-Url: https://codereview.chromium.org/2423963002
Cr-Commit-Position: refs/heads/master@{#425663}
Removed incorrect comment about raw pointer.
LocalFrame now traced as Member of MediaValuesDynamic.


Review-Url: https://codereview.chromium.org/2417973002
Cr-Commit-Position: refs/heads/master@{#425629}
Implement MediaValues for initial viewport.
Viewport-dependent media queries evaluate in the context of the initial
viewport when collecting @viewport rules as specified in [1]. Implement
a MediaValuesInitialViewport which returns the initial viewport
dimensions instead of the actual viewport. This change doesn't fix
issue 332763 until we start collecting author @viewport rules before
creating RuleSets.

[1] https://www.w3.org/TR/css-device-adapt-1/#media-queries


Review-Url: https://codereview.chromium.org/2414343002
Cr-Commit-Position: refs/heads/master@{#425628}
Lay out table children in visual order, and set position and size.
Set caption and section positions before the first layout pass, and set the
logical height right after. This will help the fragmentation code break at the
right places.

By doing it in visual order right away we can also get rid of some code that
dealt with sections being moved after layout.


Review-Url: https://codereview.chromium.org/2421613002
Cr-Commit-Position: refs/heads/master@{#425425}
Correctly check if we have a valid page height before checking remaining space.
LayoutState::pageLogicalHeight() is bogus, and the sooner we convince it to
take a long walk on the short pier, the better. :(

Additionally, bail out earlier from fragmentation-specific code. No need to
waste time on calling crossesPageBoundary() when not fragmented.


Review-Url: https://codereview.chromium.org/2413413003
Cr-Commit-Position: refs/heads/master@{#425420}
Simpler viewportAndroid.css setup for WebFrameTests.
Enable use of viewportAndroid.css by setting WebViewportStyle::Mobile
instead of explicitly parsing the sheet as part of the tests.

Also corrected some typos.


Review-Url: https://codereview.chromium.org/2423463002
Cr-Commit-Position: refs/heads/master@{#425355}
Clean up SVGViewSpec::parseViewSpecInternal
Make this function slightly more readable by partitioning it as:
  1) Parse outer function ("svgView")
  2) For all functions:
  2.1) Match/parse "function name"
  2.2) Parse arguments to said function

This gets rid of a lot of the parameter list boilerplate that every case
shares. (I.e handling '(' and ')'.)

Also change to use skipExactly and skipUntil from ParsingUtilities.h.

Review-Url: https://codereview.chromium.org/2421863002
Cr-Commit-Position: refs/heads/master@{#425315}
Don't generate RuleSets for viewport UA sheets.
Start collecting UA @viewport rules from the StyleSheetContents instead
of the RuleSet. The reason is that we need to collect viewport rules
before creating the RuleSet in order to use the correct actual viewport
for evaluating media queries. This is split out from [1].

Also introducing a separate MediaQueryEvaluator in the
ViewportStyleResolver which should eventually be based on the initial
viewport and not the actual viewport as described in the CSS Device
Adaptation spec.

[1] https://codereview.chromium.org/2405143003


Review-Url: https://codereview.chromium.org/2410283005
Cr-Commit-Position: refs/heads/master@{#425284}
Add hasViewportRule() flag to StyleSheetContents.
This is a pre-requisite for collecting viewport rules before generating
the RuleSet. The RuleSet contents depends on media query evaluation,
which in turn depends on viewport size resolution, which means we are
currently may generate the RuleSet, and recalculate style, twice in the
presence of both @media and @viewport.

This CL is split out from [1] which in turn is split out from [2].

[1] https://codereview.chromium.org/2405143003/
[2] https://codereview.chromium.org/1913833002/


Review-Url: https://codereview.chromium.org/2408353003
Cr-Commit-Position: refs/heads/master@{#425273}
Support margin-top for legend in fieldset.
The implementation aligns with Edge, Gecko centers the legend+margins, which
looks undesirable to me.  The specs say nothing about this.

The new behaviour causes two tests to change, both have been rebaselined. One
was additionally modified to not trigger the scrollbar, which in turn would
render differently on various platforms.


Review-Url: https://codereview.chromium.org/2396813002
Cr-Commit-Position: refs/heads/master@{#425127}
Top-align table cells in rows that cross fragmentainer boundaries.
Ignore whatever vertical-align says and force everything to be top aligned in
those cases. Edge also behaves like this.

Doing both fragmentation and vertical alignment for table parts could cause
unresolvable situations (cyclic dependencies).

Two tests that depended on vertical alignment working under such circumstances
are now invalid, and were therefore removed.


Review-Url: https://codereview.chromium.org/2412923002
Cr-Commit-Position: refs/heads/master@{#425112}
Make HarfBuzzFace release SimpleFontData.
HarfBuzzFace did a retained look up of SimpleFontData from the
FontDataCache but never released the SimpleFontData. This caused the
SimpleFontData to remain in the cache, indefinitely holding on to
SkFontFaces and all associated data. This fix makes HarfBuzzFace
release the SimpleFontData when deleted.


Review-Url: https://codereview.chromium.org/2411643002
Cr-Commit-Position: refs/heads/master@{#424993}
Add the Ahem font license
Review-Url: https://codereview.chromium.org/2397303003
Cr-Commit-Position: refs/heads/master@{#424769}
documentStyleSheetCollection() is always non-null.
Return a reference instead of a pointer to make that clear.


Review-Url: https://codereview.chromium.org/2405793002
Cr-Commit-Position: refs/heads/master@{#424706}
Push hasValidAttributeName/Type down into SVGAnimateElement
Introduce a new "validator" method for SVGSMILElements - hasValidTarget.
With this new method in place, the hasValidAttributeType and
hasValidAttributeName methods can be pushed down the hierarchy to where
they belong, namely SVGAnimateElement.
As a bonus, some conditions and assertions can be simplified.


Review-Url: https://codereview.chromium.org/2408913002
Cr-Commit-Position: refs/heads/master@{#424389}
Consolidate FilterOperation and FilterEffect mapRect implementations
The FilterOperations and FilterEffects for drop-shadow and gaussian blur
has very similar but slightly different implementations.
Restructure the code a bit so that the entire thing can be shared/reused
between the two different code-paths. The new canonical location is the
corresponding FilterEffect (FEGaussianBlur and FEDropShadow.)

Review-Url: https://codereview.chromium.org/2393993004
Cr-Commit-Position: refs/heads/master@{#424263}
Remove davve@ from OWNERS files
Recently I haven't had, and don't expect to get, much time to
contribute to Blink.


Review-Url: https://codereview.chromium.org/2406823002
Cr-Commit-Position: refs/heads/master@{#424130}
Document LayoutObject generation for whitespace nodes.

Review-Url: https://codereview.chromium.org/2402653002
Cr-Commit-Position: refs/heads/master@{#423947}
Don't break before a first in-flow block container.
There's no break opportunity there, but break-inside:avoid used to trick us
into inserting a break there anyway in some cases.

As part of this work, we need allowsPaginationStrut() to check better if a
strut is allowed, or it might just end up getting eaten and forgotten about by
a first in-flow block further up in the tree. This matters for monolithic
content [1], such as lines and image blocks. We should never break inside
those, so allow breaking before them, even if they are the first piece of
content inside some block (just like we did before this change).
break-before-first-line-in-first-child.html and image-block-as-first-child.html
test that we don't regress in this regard.

Also removed a FIXME about checking for sufficient height. This would be
incorrect to fix. If there's no break point here, we have to propagate the
strut, if we're allowed to.

Had to update some tests, and even rename one, because they relied on the old
buggy behavior.

[1] https://drafts.csswg.org/css-break-3/#possible-breaks


Review-Url: https://codereview.chromium.org/2400083003
Cr-Commit-Position: refs/heads/master@{#423926}
A forced break inside a break-inside:avoid object may make it fit where it is.
If an object with break-inside:avoid is taller than what fits in the current
fragmentainer, but it has a forced break before we get to the end of the
fragmentainer, we don't have to push the object to the next one, since what's
before the forced break fits fine where it is.


Review-Url: https://codereview.chromium.org/2401753002
Cr-Commit-Position: refs/heads/master@{#423884}
Move isTargetAttributeCSSProperty to SVGAnimateElement
SVGAnimateElement is the only user. Move it and make it a free function.


Review-Url: https://codereview.chromium.org/2395793004
Cr-Commit-Position: refs/heads/master@{#423817}
Apply RuleSet changes for active stylesheet changes.
Introduce an applyRuleSetChanges method which will take the old and new
ActiveStyleSheetVector use the existing comparison method and apply the
RuleSet diff to invalidate style for the document.

The normal mode for style rules is to schedule RuleSet invalidations
which will decide what to recalculate based on the invalidation sets.
Universal selectors, the presence of Shadow DOM v0 combinators, or
@font-face rules for the document scope, will cause a subtree recalc
for the TreeScope.

@keyframes rules utilizes the existing functionality for invalidating
style in the TreeScope and the host TreeScope for running and
unresolved animations.

This CL introduces appendActiveStyleSheets which will eventually
replace the combination of the lazy appending of sheets in
StyleResolver and appending pending sheets into the ScopedStyleResolver
through appendCSSStyleSheet.

This CL is split out of https://codereview.chromium.org/1913833002 and
re-worked a bit.

The functionality is not yet in use.


Review-Url: https://codereview.chromium.org/2394353003
Cr-Commit-Position: refs/heads/master@{#423810}
Allow active sheets to have nullptr for RuleSet.
CSSStyleSheets which have a non-matching media attribute may have a
nullptr for RuleSet since it's not needed. Handle that in active style-
sheet diffing. That means adding a sheet with non-matching media should
not cause any style recalculations.


Review-Url: https://codereview.chromium.org/2401573002
Cr-Commit-Position: refs/heads/master@{#423804}
Skip reflowed comments css/parser for git-blame.

Review-Url: https://codereview.chromium.org/2396433006
Cr-Commit-Position: refs/heads/master@{#423712}
Adjust some includes around SVGResourceClient and FilterOperation
Also drop an unused include of ReferenceFilterBuilder.h.


Review-Url: https://codereview.chromium.org/2400663002
Cr-Commit-Position: refs/heads/master@{#423708}
Store physical location in LayoutTableRow, just like in all other objects.

Review-Url: https://codereview.chromium.org/2399633002
Cr-Commit-Position: refs/heads/master@{#423701}
Add missing dependencies to extensions BUILD.gns
Some files from guest_view include (not directly) file
extensions/common/api/events.h which is generated by target
//extensions/common/api. This dependency is missing and
sometimes it causes compilation errors. Build will fail if
no target which depends on //extensions/common/api is built
before guest_view. It happens quite rarely: it failed once
on ~10 rebuilds on my mac.


Review-Url: https://codereview.chromium.org/2402453002
Cr-Commit-Position: refs/heads/master@{#423613}
Skip reflowed comments css/invalidation for git-blame.

Review-Url: https://codereview.chromium.org/2393393002
Cr-Commit-Position: refs/heads/master@{#423503}
Reflow comments in core/css/parser

Review-Url: https://codereview.chromium.org/2398013002
Cr-Commit-Position: refs/heads/master@{#423482}
Move handling of 'attributeType' to SVGAnimateElement
Another animation property that applies only to the SVGAnimateElement
part/subtree of the element hierarchy. Move it down for continued
"unlocking" of the structure.


Review-Url: https://codereview.chromium.org/2391993006
Cr-Commit-Position: refs/heads/master@{#423467}
Reflow comments in core/css/invalidation.

Review-Url: https://codereview.chromium.org/2398833004
Cr-Commit-Position: refs/heads/master@{#423441}
Move table cell height flexing into a separate method.
TableSection::layoutRows() is long enough as it is. :)

Review-Url: https://codereview.chromium.org/2392353002
Cr-Commit-Position: refs/heads/master@{#423248}
Move shouldApplyAnimation to SVGAnimateElement
Only used by SVGAnimateElement.


Review-Url: https://codereview.chromium.org/2394583002
Cr-Commit-Position: refs/heads/master@{#422935}
Hoist target element null-checks out of SVGAnimateElement::calculate*
The calculateFromAndToValues, calculateFromAndByValues and
calculateDistance share a common entrypoint (startedActiveInterval), so
we can tighten this code-path a bit checking for a target element up
front. (No target element makes for pretty useless animations anyway...)
calculateAnimatedValue gets similar treatment in its updateAnimation
(sole) entrypoint.

Also refill comments to 80 columns in SVGAnimateMotionElement.cpp.


Review-Url: https://codereview.chromium.org/2386013002
Cr-Commit-Position: refs/heads/master@{#422484}
Push animation value 'inherit' handling into SVGAnimateElement
Handling of 'inherit' doesn't need to live on SVGAnimationElement,
because only SVGAnimateElement makes use of it. Move it down the
class structure and simplify.

Also refill/wrap comments in the files touched to 80 columns.


Review-Url: https://codereview.chromium.org/2384013002
Cr-Commit-Position: refs/heads/master@{#422446}
remove obsolete(?) git attributes from old top-level WebKit settings
It is a little surprising (for automated scripts, mostly) for files to
be export-ignore'd from subdirectories.  This patch removes some old WebKit
export-ignore attributes that I suspect are no longer useful.

This was the original patch that added the attributes, I have not been able
to locate details of the review or why it was originally required:

Review-Url: https://codereview.chromium.org/2387033002
Cr-Commit-Position: refs/heads/master@{#422412}
Add WebRange test for explicit empty ranges creation.
This is followup of https://codereview.chromium.org/2373613005/.

Review-Url: https://codereview.chromium.org/2385643002
Cr-Commit-Position: refs/heads/master@{#422405}
Use ceil() when integerizing pagination struts before table rows.
Subpixel rendering is not supported in table parts, so everything needs to be
integers. However, instead of rounding the pagination strut down to the nearest
integer, round it up. This way we at least make sure that we manage to push all
the content over to the designated fragmentainer, rather than leaving one tiny
strip behind in the previous fragmentainer. There'll still be off-by-one
errors, but at least all the content is in the right fragmentainer.

Updated some tests to not use subpixel multicol heights, since what they
required cannot really be satisfied without adding full subpixel support to

Also added a new test that *does* use subpixel multicol height. This test
merely makes sure that nothing is left behind in the previous fragmentainer at
breaks, without worrying about the exact top position of the objects.

This problem was discovered while working on bug 487026, which is about
reducing the amount of forced re-layouts that we do for fragmentation, and it
turns out that table layout in general, and perhaps strut calculation there in
particular, tends to need more layout passes it explicitly asks for (so it
depends on other parts of the system dealing out layout passes for free). Added
body { overflow:hidden; } declarations to some tests, to reduce the number of
layout passes you get for free, i.e. make the tests more evil.


Review-Url: https://codereview.chromium.org/2382043003
Cr-Commit-Position: refs/heads/master@{#422312}
Fold bits of SVGAnimatedTypeAnimator into SVGAnimateElement
This folds non-property-construction methods from
SVGAnimatedTypeAnimator into SVGAnimateElement and gets rid of simple
forwarding methods. This leaves SVGAnimatedTypeAnimator as a property-
value factory.


Review-Url: https://codereview.chromium.org/2387513002
Cr-Commit-Position: refs/heads/master@{#422188}
Don't allow form-feed (U+000C) as a WebVTT signature separator
Per the WebVTT parser algorithm [1], only space, tab or newline (after
normalization) are allowed to follow the "WEBVTT" signature.

[1] https://w3c.github.io/webvtt/#webvtt-parser-algorithm


Review-Url: https://codereview.chromium.org/2382173002
Cr-Commit-Position: refs/heads/master@{#422093}
Don't use absolute bounding boxes in LayoutVTTCue
LayoutVTTCue was using absoluteContentBox()/absoluteBoundingBoxRect()
during overlap resolution. This would mean that boxes were computed
relative to the containing frame. The former also doesn't take
transforms into account, which would mean that the basic overlap check
against the title area would fail if a transform was present.

Instead compute the various bounding boxes relative to a common
ancestor, namely the text track container (which is also the containing
block of the cues.) Adjust the controls rect similarly to get it into the
same coordinate space.


Review-Url: https://codereview.chromium.org/2377193003
Cr-Commit-Position: refs/heads/master@{#422072}
Introduce markChildForPaginationRelayoutIfNeeded().
No behavioral changes intended.

This replaces markForPaginationRelayoutIfNeeded(). Since the method was always
called when it was the container that was being laid out, this is more
"correct", and in the same spirit as e.g.
updateBlockChildDirtyBitsBeforeLayout(), adjustBlockChildForPagination(), and
so on.

This is a preparatory patch to allow for calling
offsetFromLogicalTopOfFirstPage(), which uses LayoutState more heavily.
When using LayoutState, you generally need to be laying out the very same
object as the one LayoutState points to.


Review-Url: https://codereview.chromium.org/2382733002
Cr-Commit-Position: refs/heads/master@{#421815}
Move FilterOperation*.{cpp,h} to core/style/
Move the FilterOperation(s) structures to core/style to make them a
"style type". This is in preparation for an improved mechanism for
signaling mutations to "reference" filters.

This is essentially a pure move, with only minor modifications to fix
some presubmit issues and to facilitate (fix) building.


Review-Url: https://codereview.chromium.org/2375453002
Cr-Commit-Position: refs/heads/master@{#421796}
Avoid creating consecutive whitespace renderers.
In textLayoutObjectIsNeeded(), return false if we are a whitespace-only
text node, and our previous LayoutObject sibling is a whitespace
renderer. This avoids for instance creating a consecutive list of
whitespace renderers when we have multiple display:none sibling

This change makes [1] take ~900ms instead of ~2600ms on my computer.

[1] https://bugs.chromium.org/p/chromium/issues/attachmentText?aid=8037


Review-Url: https://codereview.chromium.org/2369963005
Cr-Commit-Position: refs/heads/master@{#421794}
Adding @keyframes rules only affects TreeScope plus host.
@keyframes rules may apply to animations in the same TreeScope as the
rule and the host element if the TreeScope is a shadow tree. Instead of
invalidating all keyframe animations or recalculating every element in
the document, limit such changes to the relevant TreeScopes.

Currently, this doesn't have an effect since analyzed style update only
happens in the document TreeScope, but that will change with RuleSet
invalidation for crbug.com/567021


Review-Url: https://codereview.chromium.org/2361733004
Cr-Commit-Position: refs/heads/master@{#421781}
Support for multiple block fragments in getClientRects().
Objects crossing column boundaries, for instance, should create one rectangle
for each column they live in.

Two old tests had to be updated, because they depended on the old and incorrect
behavior (pick the bigger / center column and create one huge rectangle there).

Add fragmentainerInFlowThread() to FragmentainerIterator. Removed the
updateOutput() thing. Instead, have the getters compute what they need on the
fly. This makes more sense now, since none of the (2) FragmentainerIterator
users need to calculate everything. Also don't require a clip rectangle.

Some extra attention is required when processing objects with a zero-height
bounding box now. Previously, we didn't need to worry about those, since no
bounding box means no painting, hit-testing, etc. But now, with
getBoundingClientRect(), life is different.


Review-Url: https://codereview.chromium.org/2360913004
Cr-Commit-Position: refs/heads/master@{#421643}
Add use counters for SVGCursorElement
This adds one counter for presence of an SVGCursorElement, and one for
if any ComputedStyle references the element (==the SVGCursorElement has
a client.)


Review-Url: https://codereview.chromium.org/2376613004
Cr-Commit-Position: refs/heads/master@{#421630}
Speculative fix for SelectorFilter crash.
It looks from the crash log that the string impl() is nullptr. Found no
possible way for a null string to be added to the SpaceSplitString, but
let's add a null check to see if it helps.


Review-Url: https://codereview.chromium.org/2376703002
Cr-Commit-Position: refs/heads/master@{#421492}
Update DCHECK in WebRange constructor.
Currently creating empty range (0,0) triggers it, judging by
the comment it was intende to check null range only.

Review-Url: https://codereview.chromium.org/2373613005
Cr-Commit-Position: refs/heads/master@{#421252}
Reland of Force U.S. English keyboard layout for TextfieldTest.KeysWithModifiersTest
Reverted in

Reason for revert:
Tests are failing on Mac ASAN builder. See details here:


Review-Url: https://codereview.chromium.org/2353333002
Cr-Commit-Position: refs/heads/master@{#421191}
Fix GDI leak in NativeThemeWin::PaintIndirect
There was a GDI leak when hovering input elements. Reaching 10000 GDI objects
would cause process to crash.

Fixed by deleting HBITMAP that was selected onto the HDC. Deleting HDC does not
take care of that.

The skia utility function was removed and replaced with a custom scoped object
at call site as it was used only in one place and making it safe to use for
others would be a bit tricky as bitmap needs to be deleted before HDC and there
is no easy access to the bitmap after utility function returns HDC.



Review-Url: https://codereview.chromium.org/2365903002
Cr-Commit-Position: refs/heads/master@{#421142}
Missing sibling invalidation across removed element.
When removing B from siblings A B C, we scheduled invalidations for
features of A requiring two adjacent combinators to schedule an
invalidation at all. That is fine for rules already affecting C, but
for rules kicking in after B is removed, a single combinator is enough.
For instance ".a + .c".


Review-Url: https://codereview.chromium.org/2362463004
Cr-Commit-Position: refs/heads/master@{#421124}
Make SVGAnimatedBoolean.h less popular
SVGAnimatedBoolean is only used by/for SVGFEConvolveMatrix, but was
being included in a lot of places. Remove the unnecessary includes of
SVGAnimatedBoolean.h, and also remove some other obvious unnecessary
includes in the vicinity.