fix nav layer bugs
Clip the nodes inside the layer to the layer's bounds
Don't crash if the layer with the matching id can't be found.
http://b/2453945
diff --git a/WebKit/android/nav/CacheBuilder.cpp b/WebKit/android/nav/CacheBuilder.cpp
index 27ac00a..9643e68 100644
--- a/WebKit/android/nav/CacheBuilder.cpp
+++ b/WebKit/android/nav/CacheBuilder.cpp
@@ -1242,12 +1242,17 @@
// FIXME: does not work for area rects
LayerAndroid* layer = layerTracker.last().mLayer;
if (layer) {
+ const IntRect& layerClip = layerTracker.last().mBounds;
+ if (!cachedNode.clip(layerClip)) {
+ DBG_NAV_LOGD("skipped on layer clip %d", cacheIndex);
+ continue; // skip this node if outside of the clip
+ }
isInLayer = true;
isUnclipped = true; // FIXME: add clipping analysis before blindly setting this
CachedLayer cachedLayer;
cachedLayer.reset();
cachedLayer.setCachedNodeIndex(cachedFrame->size());
- cachedLayer.setOffset(layerTracker.last().mPosition);
+ cachedLayer.setOffset(layerClip.location());
cachedLayer.setUniqueId(layer->uniqueId());
cachedFrame->add(cachedLayer);
}
@@ -2749,10 +2754,11 @@
layerTracker.grow(layerTracker.size() + 1);
LayerTracker& indexTracker = layerTracker.last();
indexTracker.mLayer = aLayer;
- indexTracker.mPosition = nodeRenderer->absoluteBoundingBoxRect().location();
+ indexTracker.mBounds = nodeRenderer->absoluteBoundingBoxRect();
indexTracker.mLastChild = lastChild ? OneAfter(lastChild) : 0;
- DBG_NAV_LOGD("layer=%p [%d] pos=(%d,%d)", aLayer, aLayer->uniqueId(),
- indexTracker.mPosition.x(), indexTracker.mPosition.y());
+ DBG_NAV_LOGD("layer=%p [%d] bounds=(%d,%d,w=%d,h=%d)", aLayer,
+ aLayer->uniqueId(), indexTracker.mBounds.x(), indexTracker.mBounds.y(),
+ indexTracker.mBounds.width(), indexTracker.mBounds.height());
}
#endif
diff --git a/WebKit/android/nav/CacheBuilder.h b/WebKit/android/nav/CacheBuilder.h
index 9ce91a2..b7c283f 100644
--- a/WebKit/android/nav/CacheBuilder.h
+++ b/WebKit/android/nav/CacheBuilder.h
@@ -197,7 +197,7 @@
};
struct LayerTracker : Tracker {
LayerAndroid* mLayer;
- IntPoint mPosition;
+ IntRect mBounds;
};
struct TabIndexTracker : Tracker {
int mTabIndex;
diff --git a/WebKit/android/nav/WebView.cpp b/WebKit/android/nav/WebView.cpp
index 8ec4cca..bba6a1e 100644
--- a/WebKit/android/nav/WebView.cpp
+++ b/WebKit/android/nav/WebView.cpp
@@ -535,9 +535,13 @@
const CachedNode* oldCursorNode = m_frameCacheUI ?
m_frameCacheUI->currentCursor(&oldCursorFrame) : 0;
#if USE(ACCELERATED_COMPOSITING)
- int layerId = oldCursorNode && oldCursorNode->isInLayer() ?
- oldCursorFrame->layer(oldCursorNode)->layer(
- m_frameCacheUI->rootLayer())->uniqueId() : -1;
+ int layerId = -1;
+ if (oldCursorNode && oldCursorNode->isInLayer()) {
+ const LayerAndroid* cursorLayer = oldCursorFrame->layer(oldCursorNode)
+ ->layer(m_frameCacheUI->rootLayer());
+ if (cursorLayer)
+ layerId = cursorLayer->uniqueId();
+ }
#endif
// get id from old layer and use to find new layer
const CachedNode* oldFocus = m_frameCacheUI ? m_frameCacheUI->currentFocus() : 0;
@@ -558,7 +562,8 @@
getViewMetrics(&viewMetrics);
LayerAndroid* layer = const_cast<LayerAndroid*>(
m_frameCacheUI->rootLayer()->findById(layerId));
- layer->updatePosition(viewMetrics);
+ if (layer)
+ layer->updatePosition(viewMetrics);
}
#endif
fixCursor();
