[FrameView::layout cleanup] Use SetForScope to protect m_needsFullRepaint's value...
authorzalan@apple.com <zalan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 18 Oct 2017 22:27:55 +0000 (22:27 +0000)
committerzalan@apple.com <zalan@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 18 Oct 2017 22:27:55 +0000 (22:27 +0000)
https://bugs.webkit.org/show_bug.cgi?id=178479
<rdar://problem/35056950>

Reviewed by Simon Fraser.

No change in functionality.

* page/FrameView.cpp:
(WebCore::FrameView::layout):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@223633 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebCore/ChangeLog
Source/WebCore/page/FrameView.cpp

index 66ac0e1..9c1cf99 100644 (file)
@@ -1,5 +1,18 @@
 2017-10-18  Zalan Bujtas  <zalan@apple.com>
 
+        [FrameView::layout cleanup] Use SetForScope to protect m_needsFullRepaint's value on reentrancy
+        https://bugs.webkit.org/show_bug.cgi?id=178479
+        <rdar://problem/35056950>
+
+        Reviewed by Simon Fraser.
+
+        No change in functionality.
+
+        * page/FrameView.cpp:
+        (WebCore::FrameView::layout):
+
+2017-10-18  Zalan Bujtas  <zalan@apple.com>
+
         [FrameView::layout cleanup] Remove InPreLayoutStyleUpdate.
         https://bugs.webkit.org/show_bug.cgi?id=178483
         <rdar://problem/35058800>
index 3ca358a..5e41780 100644 (file)
@@ -1517,23 +1517,17 @@ void FrameView::layout(bool allowSubtreeLayout)
         m_subtreeLayoutRoot = nullptr;
         // Close block here to end the scope of changeSchedulingEnabled and SubtreeLayoutStateMaintainer.
     }
-
-    m_layoutPhase = InViewSizeAdjust;
-
-    bool neededFullRepaint = m_needsFullRepaint;
-
     if (!isSubtreeLayout && !downcast<RenderView>(*layoutRoot).printing()) {
+        // This is to protect m_needsFullRepaint's value when layout() is getting re-entered through adjustViewSize().
+        SetForScope<bool> needsFullRepaint(m_needsFullRepaint);
+        m_layoutPhase = InViewSizeAdjust;
         adjustViewSize();
         // FIXME: Firing media query callbacks synchronously on nested frames could produced a detached FrameView here by
         // navigating away from the current document (see webkit.org/b/173329).
         if (hasOneRef())
             return;
     }
-
     m_layoutPhase = InPostLayout;
-
-    m_needsFullRepaint = neededFullRepaint;
-
     // Now update the positions of all layers.
     if (m_needsFullRepaint)
         layoutRoot->view().repaintRootContents();