Merge 95506 - [chromium] ContentLayer's texture updater deleted during paint when compositing tur...

Source/WebCore/platform/graphics/chromium/TiledLayerChromium.cpp

Index: Source/WebCore/platform/graphics/chromium/TiledLayerChromium.cpp
===================================================================
--- Source/WebCore/platform/graphics/chromium/TiledLayerChromium.cpp	(revision 95551)
+++ Source/WebCore/platform/graphics/chromium/TiledLayerChromium.cpp	(working copy)
@@ -428,6 +428,11 @@
     if (dirtyLayerRect.isEmpty())
         return;
 
+    // Calling prepareToUpdate() calls into WebKit to paint, which may have the side
+    // effect of disabling compositing, which causes our reference to the texture updater to be deleted.
+    // However, we can't free the memory backing the GraphicsContext until the paint finishes,
+    // so we grab a local reference here to hold the updater alive until the paint completes.
+    RefPtr<LayerTextureUpdater> protector(textureUpdater());
     textureUpdater()->prepareToUpdate(m_paintRect, m_tiler->tileSize(), m_tiler->hasBorderTexels());
 }