Index: webkitgtk-2.21.5/Source/WebCore/accessibility/AccessibilityObject.cpp
===================================================================
--- webkitgtk-2.21.5.orig/Source/WebCore/accessibility/AccessibilityObject.cpp	2018-07-03 11:11:27.000000000 +0200
+++ webkitgtk-2.21.5/Source/WebCore/accessibility/AccessibilityObject.cpp	2018-07-24 11:54:06.402075029 +0200
@@ -1783,7 +1783,7 @@ void AccessibilityObject::updateBackingS
     // Updating the layout may delete this object.
     RefPtr<AccessibilityObject> protectedThis(this);
     if (auto* document = this->document()) {
-        if (!document->view()->layoutContext().isInRenderTreeLayout() && !document->inRenderTreeUpdate() && !document->inStyleRecalc())
+        if (!document->view()->layoutContext().isInRenderTreeLayout() && !document->inRenderTreeUpdate() && document->isSafeToUpdateStyleOrLayout())
             document->updateLayoutIgnorePendingStylesheets();
     }
     updateChildrenIfNecessary();
Index: webkitgtk-2.21.5/Source/WebCore/dom/Document.cpp
===================================================================
--- webkitgtk-2.21.5.orig/Source/WebCore/dom/Document.cpp	2018-07-20 08:09:06.000000000 +0200
+++ webkitgtk-2.21.5/Source/WebCore/dom/Document.cpp	2018-07-24 11:54:06.434075417 +0200
@@ -1936,11 +1936,10 @@ bool Document::needsStyleRecalc() const
     return false;
 }
 
-static bool isSafeToUpdateStyleOrLayout(const Document& document)
+bool Document::isSafeToUpdateStyleOrLayout() const
 {
     bool isSafeToExecuteScript = ScriptDisallowedScope::InMainThread::isScriptAllowed();
-    auto* frameView = document.view();
-    bool isInFrameFlattening = frameView && frameView->isInChildFrameWithFrameFlattening();
+    bool isInFrameFlattening = view() && view()->isInChildFrameWithFrameFlattening();
     bool isAssertionDisabled = ScriptDisallowedScope::LayoutAssertionDisableScope::shouldDisable();
     return isSafeToExecuteScript || isInFrameFlattening || !isInWebProcess() || isAssertionDisabled;
 }
@@ -1963,7 +1962,7 @@ bool Document::updateStyleIfNeeded()
     }
 
     // The early exit above for !needsStyleRecalc() is needed when updateWidgetPositions() is called in runOrScheduleAsynchronousTasks().
-    RELEASE_ASSERT_WITH_SECURITY_IMPLICATION(isSafeToUpdateStyleOrLayout(*this));
+    RELEASE_ASSERT_WITH_SECURITY_IMPLICATION(isSafeToUpdateStyleOrLayout());
 
     resolveStyle();
     return true;
@@ -1979,7 +1978,7 @@ void Document::updateLayout()
         ASSERT_NOT_REACHED();
         return;
     }
-    RELEASE_ASSERT_WITH_SECURITY_IMPLICATION(isSafeToUpdateStyleOrLayout(*this));
+    RELEASE_ASSERT_WITH_SECURITY_IMPLICATION(isSafeToUpdateStyleOrLayout());
 
     RenderView::RepaintRegionAccumulator repaintRegionAccumulator(renderView());
 
Index: webkitgtk-2.21.5/Source/WebCore/dom/Document.h
===================================================================
--- webkitgtk-2.21.5.orig/Source/WebCore/dom/Document.h	2018-07-20 08:09:06.000000000 +0200
+++ webkitgtk-2.21.5/Source/WebCore/dom/Document.h	2018-07-24 11:54:06.434075417 +0200
@@ -1293,6 +1293,7 @@ public:
 
     bool inStyleRecalc() const { return m_inStyleRecalc; }
     bool inRenderTreeUpdate() const { return m_inRenderTreeUpdate; }
+    WEBCORE_EXPORT bool isSafeToUpdateStyleOrLayout() const;
 
     void updateTextRenderer(Text&, unsigned offsetOfReplacedText, unsigned lengthOfReplacedText);