[webkit-changes] [WebKit/WebKit] 38e913: [content-visibility] Crash under Document::updateI...
Rob Buis
noreply at github.com
Sat Jan 6 07:54:43 PST 2024
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 38e913315a0977689bf84b8d774ca23f7bb67022
https://github.com/WebKit/WebKit/commit/38e913315a0977689bf84b8d774ca23f7bb67022
Author: Rob Buis <rbuis at igalia.com>
Date: 2024-01-06 (Sat, 06 Jan 2024)
Changed paths:
M Source/WebCore/dom/Document.cpp
M Source/WebCore/page/LocalFrameView.cpp
Log Message:
-----------
[content-visibility] Crash under Document::updateIntersectionObservations()
https://bugs.webkit.org/show_bug.cgi?id=263902
Reviewed by Tim Nguyen.
Document::updateResizeObservations can call determineInitialVisibleContentVisibility
which can call updateIntersectionObservations. However there is no actual guarantee
(on Release) that Page::layoutIfNeeded leaves the main view in an actual laid out
state (LocalFrameView::updateLayoutAndStyleIfNeededRecursive asserts for this at
the end of the method but there have been bugs where the ASSERT is hit).
To avoid this potential problem make sure updateIntersectionObservations always checks for
view/RenderView existing and not needing layout. If not the determineInitialVisibleContentVisibility
functionality will be postponed but not crash.
This patch also fixes a call in LocalFrameView::maintainScrollPositionAtAnchor that
unnecessarily created the contentVisibilityDocumentState member on Document.
* Source/WebCore/dom/Document.cpp:
(WebCore::Document::updateIntersectionObservations):
* Source/WebCore/page/LocalFrameView.cpp:
(WebCore::LocalFrameView::maintainScrollPositionAtAnchor):
Canonical link: https://commits.webkit.org/272732@main
More information about the webkit-changes
mailing list