diff options
| author | David Deephanphongs <dpanpong@google.com> | 2011-05-01 16:18:52 -0700 |
|---|---|---|
| committer | Russell Brenner <russellbrenner@google.com> | 2011-05-05 14:45:14 -0700 |
| commit | f857ed8dbc23c83d412ae68f598ac2eedb429afc (patch) | |
| tree | 4d22f79a31e271eb28993638bee00780841f9008 /WebKit/android | |
| parent | 2d60bef786645e5b9e2da0e8374d3f06a40d0638 (diff) | |
| download | external_webkit-f857ed8dbc23c83d412ae68f598ac2eedb429afc.zip external_webkit-f857ed8dbc23c83d412ae68f598ac2eedb429afc.tar.gz external_webkit-f857ed8dbc23c83d412ae68f598ac2eedb429afc.tar.bz2 | |
DO NOT MERGE
Cherry-pick change I2ae80ddc from master:
Fix crash in font-handling code caused by repainting while a style recalculation was pending.
The Android FrameCache was being updated while a style recalculation
was pending. This would cause the cached fonts in the
FontFallbackList to be accessed, but that cache is not necessarily
consistant while a recalculation is pending.
A similar issue was occurring with recordPictureSet.
In updateFrameCache() and recordPictureSet(), early-abort if the document
is waiting for a style recalculation. In notifyProgressFinished(), remove
the call to updateFrameCache().
Bug: 4292199
Bug: 4291311
Change-Id: Ie8bc4cb0637ccb7aee37597ac08fd8abffc149cd
Diffstat (limited to 'WebKit/android')
| -rw-r--r-- | WebKit/android/jni/WebViewCore.cpp | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/WebKit/android/jni/WebViewCore.cpp b/WebKit/android/jni/WebViewCore.cpp index c038ccd..1d9c26b 100644 --- a/WebKit/android/jni/WebViewCore.cpp +++ b/WebKit/android/jni/WebViewCore.cpp @@ -569,6 +569,11 @@ void WebViewCore::recordPictureSet(PictureSet* content) DBG_SET_LOG("!m_mainFrame->document()"); return; } + // If there is a pending style recalculation, just return. + if (m_mainFrame->document()->isPendingStyleRecalc()) { + LOGW("recordPictureSet: pending style recalc, ignoring."); + return; + } if (m_addInval.isEmpty()) { DBG_SET_LOG("m_addInval.isEmpty()"); return; @@ -1116,9 +1121,7 @@ void WebViewCore::requestKeyboard(bool showKeyboard) void WebViewCore::notifyProgressFinished() { - DBG_NAV_LOG("call updateFrameCache"); m_check_domtree_version = true; - updateFrameCache(); sendNotifyProgressFinished(); } @@ -1515,6 +1518,18 @@ void WebViewCore::updateFrameCache() DBG_NAV_LOG("!m_frameCacheOutOfDate"); return; } + + // If there is a pending style recalculation, do not update the frame cache. + // Until the recalculation is complete, there may be internal objects that + // are in an inconsistent state (such as font pointers). + // In any event, there's not much point to updating the cache while a style + // recalculation is pending, since it will simply have to be updated again + // once the recalculation is complete. + // TODO: Do we need to reschedule an update for after the style is recalculated? + if (m_mainFrame && m_mainFrame->document() && m_mainFrame->document()->isPendingStyleRecalc()) { + LOGW("updateFrameCache: pending style recalc, ignoring."); + return; + } #ifdef ANDROID_INSTRUMENT TimeCounterAuto counter(TimeCounter::WebViewCoreBuildNavTimeCounter); #endif |