diff options
| author | hashimoto@chromium.org <hashimoto@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-06-06 09:35:13 +0000 |
|---|---|---|
| committer | hashimoto@chromium.org <hashimoto@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-06-06 09:35:13 +0000 |
| commit | 4a1c4388a3ce5cf9ebfb76b18364f1d5421a3d1d (patch) | |
| tree | 4b12c036e110608b0ff87dffc218e919542f9544 /cc/layers/layer.cc | |
| parent | 76cae319c51b30c458b132938a8e2f80aa02df83 (diff) | |
| download | chromium_src-4a1c4388a3ce5cf9ebfb76b18364f1d5421a3d1d.zip chromium_src-4a1c4388a3ce5cf9ebfb76b18364f1d5421a3d1d.tar.gz chromium_src-4a1c4388a3ce5cf9ebfb76b18364f1d5421a3d1d.tar.bz2 | |
Revert 204442 "Split Layer::SetScrollOffset to two functions for..."
webkit_unit_tests gets broken after 20442.
Logs:
http://build.chromium.org/p/chromium.linux/builders/Android%20Tests%20%28dbg%29/builds/11442
http://build.chromium.org/p/chromium.linux/builders/Android%20Tests/builds/4910
> Split Layer::SetScrollOffset to two functions for different use
>
> Currently there are two callers to Layer::SetScrollOffset. One is from
> the Blink ScrollingCoordinator to setup scrolling parameters. The other
> one is from the threaded compositing commits to apply scroll deltas.
>
> After the patch we have Layer::SetScrollOffset for Blink. This version
> will setNeedsCommit(), but will not notify ScrollableArea (who initiated
> the scroll anyway) for the change. And a new function
> Layer::SetScrollOffsetFromImplSide for commits. This version will notify
> ScrollableArea about the change, but won't setNeedsCommit() for no reason.
>
> This fixes a use-after-free bug in Layer::SetScrollOffset, due to
> ScrollableArea destroying the layer during the process then the layer
> attempts to setNeedsCommit().
>
> R=jamesr@chromium.org
> BUG=245713,245987
> NOTRY=true
> TEST=cc_unittests:LayerTreeHostScrollTestLayerStructureChange.*
>
> Review URL: https://chromiumcodereview.appspot.com/15984005
TBR=trchen@chromium.org
Review URL: https://codereview.chromium.org/16460005
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@204461 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'cc/layers/layer.cc')
| -rw-r--r-- | cc/layers/layer.cc | 12 |
1 files changed, 1 insertions, 11 deletions
diff --git a/cc/layers/layer.cc b/cc/layers/layer.cc index 5ec0621..09e1a46 100644 --- a/cc/layers/layer.cc +++ b/cc/layers/layer.cc @@ -515,19 +515,9 @@ void Layer::SetScrollOffset(gfx::Vector2d scroll_offset) { if (scroll_offset_ == scroll_offset) return; scroll_offset_ = scroll_offset; - SetNeedsCommit(); -} - -void Layer::SetScrollOffsetFromImplSide(gfx::Vector2d scroll_offset) { - DCHECK(IsPropertyChangeAllowed()); - DCHECK(layer_tree_host_ && layer_tree_host_->CommitRequested()); - if (scroll_offset_ == scroll_offset) - return; - scroll_offset_ = scroll_offset; if (layer_scroll_client_) layer_scroll_client_->didScroll(); - // Note: didScroll() could potentially change the layer structure. - // "this" may have been destroyed during the process. + SetNeedsCommit(); } void Layer::SetMaxScrollOffset(gfx::Vector2d max_scroll_offset) { |