Closed
Bug 714587
Opened 13 years ago
Closed 12 years ago
"ASSERTION: unexpected disconnected nodes" with full screen, selectAllChildren
Categories
(Core :: DOM: Core & HTML, defect)
Core
DOM: Core & HTML
Tracking
()
RESOLVED
FIXED
mozilla12
People
(Reporter: jruderman, Assigned: MatsPalmgren_bugz)
Details
(Keywords: assertion, testcase)
Attachments
(2 files)
|
375 bytes,
text/html
|
Details | |
|
1.10 KB,
patch
|
smaug
:
review+
|
Details | Diff | Splinter Review |
Sometimes, this testcase causes an assertion during shutdown. Moving the mouse while Firefox enters full-screen might make it more likely. ###!!! ASSERTION: unexpected disconnected nodes: 'mIsDetached', file content/base/src/nsRange.cpp, line 796 nsRange::Reset [content/base/src/nsRange.cpp:839] nsRange::cycleCollection::Unlink [content/base/src/nsRange.cpp:347] nsCycleCollector::CollectWhite [xpcom/base/nsCycleCollector.cpp:2145] nsCycleCollector::FinishCollection [xpcom/base/nsCycleCollector.cpp:2973] nsCycleCollector::Collect [xpcom/base/nsCycleCollector.cpp:2821] nsCycleCollector::Shutdown [xpcom/base/nsCycleCollector.cpp:3049] nsCycleCollector_shutdown [xpcom/base/nsCycleCollector.cpp:3764] mozilla::ShutdownXPCOM [xpcom/build/nsXPComInit.cpp:672] ScopedXPCOMStartup::~ScopedXPCOMStartup [toolkit/xre/nsAppRunner.cpp:1114] XRE_main [nsCOMPtr.h:809] main [browser/app/nsBrowserApp.cpp:201]
|
Assignee | |
Comment 1•13 years ago
|
||
http://mxr.mozilla.org/mozilla-central/source/content/base/src/nsRange.cpp#779 this assertion can only occur if IsInSelection() is true. We need to make sure the range is removed from the Selection before Unlink is called.
|
|
Assignee | |
Comment 2•13 years ago
|
||
I guess I thought the nsTypedSelection UNLINK handler would be called before the nsRange's (since there is a strong pointer from the selection to the range), but I guess my assumption was wrong and that there is no guaranteed ordering of these calls. http://mxr.mozilla.org/mozilla-central/source/layout/generic/nsSelection.cpp#3438 http://mxr.mozilla.org/mozilla-central/source/content/base/src/nsRange.cpp#345
Assignee: nobody → matspal
Attachment #585382 -
Flags: review?(bugs)
|
||
Updated•13 years ago
|
Attachment #585382 -
Flags: review?(bugs) → review+
|
||
Comment 3•13 years ago
|
||
(In reply to Mats Palmgren [:mats] from comment #2) > I guess I thought the nsTypedSelection UNLINK handler would be called > before the nsRange's (since there is a strong pointer from the > selection to the range), but I guess my assumption was wrong and that > there is no guaranteed ordering of these calls. The CC computes everything that is dead in a single go, which can include something and the things that it strongly holds. If two things are identified as garbage in a single CC, then the order their unlinks are called in is arbitrary.
|
|
Assignee | |
Comment 4•12 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/0529bd4e33bd
Component: DOM: Events → DOM: Traversal-Range
Flags: in-testsuite?
OS: Mac OS X → All
QA Contact: events → traversal-range
Hardware: x86_64 → All
Whiteboard: [inbound]
|
||
Comment 5•12 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/0529bd4e33bd
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Whiteboard: [inbound]
Target Milestone: --- → mozilla12
|
||
Updated•11 years ago
|
Component: DOM: Traversal-Range → DOM: Core & HTML
You need to log in
before you can comment on or make changes to this bug.
Description
•