Closed
Bug 1392891
Opened 7 years ago
Closed 7 years ago
nsContentUtils::GenerateStateKey() creates two nsContentLists for an input element added to a document unless if it has autocomplete=off
Categories
(Core :: DOM: Core & HTML, enhancement)
Core
DOM: Core & HTML
Tracking
()
Tracking | Status | |
---|---|---|
firefox57 | --- | fixed |
People
(Reporter: ehsan.akhgari, Assigned: ehsan.akhgari)
References
(Blocks 1 open bug)
Details
Attachments
(5 files)
9.01 KB,
patch
|
smaug
:
review+
|
Details | Diff | Splinter Review |
3.24 KB,
patch
|
smaug
:
review+
|
Details | Diff | Splinter Review |
6.97 KB,
patch
|
smaug
:
review+
|
Details | Diff | Splinter Review |
2.44 KB,
patch
|
smaug
:
review+
|
Details | Diff | Splinter Review |
1.56 KB,
patch
|
smaug
:
review+
|
Details | Diff | Splinter Review |
Here we create these two objects: https://searchfox.org/mozilla-central/rev/48ea452803907f2575d81021e8678634e8067fc2/dom/base/nsContentUtils.cpp#3039 Because of bug 1377560, we keep these mutation observers alive forever. :-(
Assignee | ||
Comment 1•7 years ago
|
||
Callstack: #0 0x00007f0902d99477 in nsContentList::nsContentList(nsINode*, int, nsIAtom*, nsIAtom*, bool) (this=0x7f08dc440b00, aRootNode=0x7f08dc417000, aMatchNameSpaceId=3, aHTMLMatchAtom=0x7f08fbeb0e80, aXMLMatchAtom=0x7f08fbeb0e80, aDeep=<error reading variable: access outside bounds of object referenced via synthetic pointer>) at /home/ehsan/moz/src.1347035/dom/base/nsContentList.cpp:426 #1 0x00007f0903a252b7 in non-virtual thunk to nsHTMLDocument::GetForms() () at /home/ehsan/moz/src.1347035/dom/html/nsHTMLDocument.cpp:2351 #2 0x00007f0902ca3960 in nsContentUtils::GenerateStateKey(nsIContent*, nsIDocument const*, nsACString&) (aContent=0x7f08db2bc240, aDocument=<optimized out>, aKey="0") at /home/ehsan/moz/src.1347035/dom/base/nsContentUtils.cpp:3039 #3 0x00007f0903a1729f in nsGenericHTMLFormElementWithState::GenerateStateKey() (this=0x7f08db2bc240) at /home/ehsan/moz/src.1347035/dom/html/nsGenericHTMLElement.cpp:2839 #4 0x00007f09039a2cc5 in mozilla::dom::HTMLInputElement::DoneCreatingElement() (this= 0x7f08db2bc240) at /home/ehsan/moz/src.1347035/dom/html/HTMLInputElement.cpp:6532 #5 0x00007f09028ec415 in nsHtml5TreeOperation::DoneCreatingElement(nsIContent*) (aNode=0x7f08dc440b00) at /home/ehsan/moz/src.1347035/parser/html/nsHtml5TreeOperation.cpp:727 #6 0x00007f09028ec415 in nsHtml5TreeOperation::Perform(nsHtml5TreeOpExecutor*, nsIContent**, bool*) (this=0x7f08f1132788, aBuilder= 0x7f08dc612000, aScriptElement=0x7ffc90066710, aInterrupted=0x7ffc90066727) at /home/ehsan/moz/src.1347035/parser/html/nsHtml5TreeOperation.cpp:939 #7 0x00007f09028ebbc1 in nsHtml5TreeOpExecutor::RunFlushLoop() (this=0x7f08dc612000) at /home/ehsan/moz/src.1347035/parser/html/nsHtml5TreeOpExecutor.cpp:465 #8 0x00007f09028fcead in nsHtml5ExecutorFlusher::Run() (this=<optimized out>) at /home/ehsan/moz/src.1347035/parser/html/nsHtml5StreamParser.cpp:128 #9 0x00007f0901d9f8f5 in mozilla::SchedulerGroup::Runnable::Run() (this=0x7f08dc608340) at /home/ehsan/moz/src.1347035/xpcom/threads/SchedulerGroup.cpp:387 #10 0x00007f0901dad3a8 in nsThread::ProcessNextEvent(bool, bool*) (this=0x7f08fbf1e8a0, aMayWait=<optimized out>, aResult=<optimized out>) at /home/ehsan/moz/src.1347035/xpcom/threads/nsThread.cpp:1040 #11 0x00007f0901dae73f in NS_ProcessNextEvent(nsIThread*, bool) (aThread=0x7f08dc440b00, aMayWait=<error reading variable: access outside bounds of object referenced via synthetic pointer>) at /home/ehsan/moz/src.1347035/xpcom/threads/nsThreadUtils.cpp:521 #12 0x00007f0902298ddd in mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*) (this=0x7f09114d3c90, aDelegate=0x7ffc90066e60) at /home/ehsan/moz/src.1347035/ipc/glue/MessagePump.cpp:125 #13 0x00007f0902236c5b in MessageLoop::RunInternal() (this=0x7f08dc440b00) at /home/ehsan/moz/src.1347035/ipc/chromium/src/base/message_loop.cc:326 #14 0x00007f0902236c5b in MessageLoop::RunHandler() (this=<optimized out>) at /home/ehsan/moz/src.1347035/ipc/chromium/src/base/message_loop.cc:319 #15 0x00007f0902236c5b in MessageLoop::Run() (this=0x7f08dc440b00) at /home/ehsan/moz/src.1347035/ipc/chromium/src/base/message_loop.cc:299 #16 0x00007f09040d26d9 in nsBaseAppShell::Run() (this=0x7f08f60d99e0) at /home/ehsan/moz/src.1347035/widget/nsBaseAppShell.cpp:158 #17 0x00007f09057bbb84 in XRE_RunAppShell() () at /home/ehsan/moz/src.1347035/toolkit/xre/nsEmbedFunctions.cpp:865 #18 0x00007f0902236c5b in MessageLoop::RunInternal() (this=0x7f08dc440b00) at /home/ehsan/moz/src.1347035/ipc/chromium/src/base/message_loop.cc:326 #19 0x00007f0902236c5b in MessageLoop::RunHandler() (this=<optimized out>) at /home/ehsan/moz/src.1347035/ipc/chromium/src/base/message_loop.cc:319 #20 0x00007f0902236c5b in MessageLoop::Run() (this=0x7f08dc440b00) at /home/ehsan/moz/src.1347035/ipc/chromium/src/base/message_loop.cc:299
Assignee | ||
Updated•7 years ago
|
Assignee: nobody → ehsan
Updated•7 years ago
|
Attachment #8901529 -
Flags: review?(bugs) → review+
Comment 7•7 years ago
|
||
Comment on attachment 8901530 [details] [diff] [review] Part 2: Add an API to return nsHTMLDocument::mForms/mFormControls without creating a new nsContentList Could you make the methods non-virtual and just do a static_cast to nsHTMLDocument when needed. With that, r+.
Attachment #8901530 -
Flags: review?(bugs) → review+
Comment 8•7 years ago
|
||
Comment on attachment 8901531 [details] [diff] [review] Part 3: Avoid creating live nsContentList objects in nsContentUtils::GenerateStateKey() > nsHTMLDocument::GetForms() > { > if (!mForms) { >+ // Please keep this in sync with nsContentUtils::GenerateStateKey(). Add similar comment for mFormControls case too.
Attachment #8901531 -
Flags: review?(bugs) → review+
Comment 9•7 years ago
|
||
Comment on attachment 8901532 [details] [diff] [review] Part 4: Remove nsIHTMLDocument::GetFormControls() oh, this is the reason you didn't add the comment. ok good.
Attachment #8901532 -
Flags: review?(bugs) → review+
Updated•7 years ago
|
Attachment #8901533 -
Flags: review?(bugs) → review+
Comment 10•7 years ago
|
||
Pushed by eakhgari@mozilla.com: https://hg.mozilla.org/integration/mozilla-inbound/rev/46b74d58dc6f Part 1: Make it possible to create nsContentList objects that don't observe DOM mutations; r=smaug https://hg.mozilla.org/integration/mozilla-inbound/rev/9b0603208430 Part 2: Add an API to return nsHTMLDocument::mForms/mFormControls without creating a new nsContentList; r=smaug https://hg.mozilla.org/integration/mozilla-inbound/rev/81d0287a9a8c Part 3: Avoid creating live nsContentList objects in nsContentUtils::GenerateStateKey(); r=smaug https://hg.mozilla.org/integration/mozilla-inbound/rev/e0512200fe86 Part 4: Remove nsIHTMLDocument::GetFormControls(); r=smaug https://hg.mozilla.org/integration/mozilla-inbound/rev/ac41abda3dd9 Part 5: Devirtualize nsHTMLDocument::GetForms(); r=smaug
Comment 11•7 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/46b74d58dc6f https://hg.mozilla.org/mozilla-central/rev/9b0603208430 https://hg.mozilla.org/mozilla-central/rev/81d0287a9a8c https://hg.mozilla.org/mozilla-central/rev/e0512200fe86 https://hg.mozilla.org/mozilla-central/rev/ac41abda3dd9
Status: NEW → RESOLVED
Closed: 7 years ago
status-firefox57:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla57
Updated•6 years ago
|
Component: DOM → DOM: Core & HTML
Updated•3 years ago
|
Performance Impact: --- → ?
Whiteboard: [qf]
You need to log in
before you can comment on or make changes to this bug.
Description
•