| author | Boris Zbarsky <bzbarsky@mit.edu> |
| Wed, 11 Oct 2017 22:19:10 -0400 | |
| changeset 386014 | 809626d33d7438458ead8017127161ddd3ebd54d |
| parent 386013 | ba805acca4e7e4c38026dd910264c139089fd165 |
| child 386015 | a4cba1dec3a6460c90f340a6201cead3e33574b3 |
| push id | 32673 |
| push user | archaeopteryx@coole-files.de |
| push date | Fri, 13 Oct 2017 09:13:17 +0000 |
| treeherder | mozilla-central@196dadb2fe50 [default view] [failures only] |
| perfherder | [talos] [build metrics] [platform microbench] (compared to previous push) |
| reviewers | smaug |
| bugs | 1324463 |
| milestone | 58.0a1 |
| first release with | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
| last release without | nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
|
--- a/dom/base/ShadowRoot.cpp +++ b/dom/base/ShadowRoot.cpp @@ -503,17 +503,17 @@ ShadowRoot::ContentAppended(nsIDocument* // Watch for new nodes added to the pool because the node // may need to be added to an insertion point. nsIContent* currentChild = aFirstNewContent; while (currentChild) { // Add insertion point to destination insertion points of fallback content. if (nsContentUtils::IsContentInsertionPoint(aContainer)) { HTMLContentElement* content = HTMLContentElement::FromContent(aContainer); - if (content->MatchedNodes().IsEmpty()) { + if (content && content->MatchedNodes().IsEmpty()) { currentChild->DestInsertionPoints().AppendElement(aContainer); } } if (IsPooledNode(currentChild, aContainer, GetHost())) { DistributeSingleNode(currentChild); } @@ -533,17 +533,17 @@ ShadowRoot::ContentInserted(nsIDocument* } // Watch for new nodes added to the pool because the node // may need to be added to an insertion point. if (IsPooledNode(aChild, aContainer, GetHost())) { // Add insertion point to destination insertion points of fallback content. if (nsContentUtils::IsContentInsertionPoint(aContainer)) { HTMLContentElement* content = HTMLContentElement::FromContent(aContainer); - if (content->MatchedNodes().IsEmpty()) { + if (content && content->MatchedNodes().IsEmpty()) { aChild->DestInsertionPoints().AppendElement(aContainer); } } DistributeSingleNode(aChild); } } @@ -558,17 +558,17 @@ ShadowRoot::ContentRemoved(nsIDocument* mInsertionPointChanged = false; return; } // Clear destination insertion points for removed // fallback content. if (nsContentUtils::IsContentInsertionPoint(aContainer)) { HTMLContentElement* content = HTMLContentElement::FromContent(aContainer); - if (content->MatchedNodes().IsEmpty()) { + if (content && content->MatchedNodes().IsEmpty()) { aChild->DestInsertionPoints().Clear(); } } // Watch for node that is removed from the pool because // it may need to be removed from an insertion point. if (IsPooledNode(aChild, aContainer, GetHost())) { RemoveDistributedNode(aChild);
new file mode 100644 --- /dev/null +++ b/dom/base/crashtests/1324463.html @@ -0,0 +1,16 @@ +<!DOCTYPE html> +<html> +<script> +// requires: user_pref("dom.webcomponents.enabled", true); +addEventListener("DOMContentLoaded", function(){ + let o_0 = document.createElement("span").createShadowRoot(); + let o_1 = document.createElementNS("http://www.mozilla.org/xbl", "binding"); + let o_2 = document.createElementNS("http://www.mozilla.org/xbl", "children"); + let o_3 = document.createTextNode(""); + o_0.appendChild(o_1); + o_1.appendChild(o_2); + o_2.appendChild(o_3); + o_2.removeChild(o_3); +}); +</script> +</html>
--- a/dom/base/crashtests/crashtests.list +++ b/dom/base/crashtests/crashtests.list @@ -226,8 +226,9 @@ load 1383478.html load 1383780.html pref(clipboard.autocopy,true) load 1385272-1.html load 1393806.html load 1396466.html load 1400701.html load 1403377.html load 1405771.html load 1406109-1.html +pref(dom.webcomponents.enabled,true) load 1324463.html