Bug 1599971 - part 3: Mark `nsITextControlFrame::SetSelectionRange()` as `MOZ_CAN_RUN_SCRIPT` r=m_kato! draft
authorMasayuki Nakano <masayuki@d-toybox.com>
Tue, 03 Dec 2019 21:42:03 +0900
changeset 2514400 974adaa889bdcb3b266cb6a38a5d4cefbaeecbac
parent 2514399 a5472ee9c917b8d7a2460e6aec8c0618cf6c7d87
child 2514401 23a86617e5ae2a227ae654597bcce8b6c097c541
push id459907
push usermasayuki@d-toybox.com
push dateWed, 04 Dec 2019 12:49:29 +0000
treeherdertry@ee01a7f649cb [default view] [failures only]
reviewersm_kato
bugs1599971
milestone73.0a1
Bug 1599971 - part 3: Mark `nsITextControlFrame::SetSelectionRange()` as `MOZ_CAN_RUN_SCRIPT` r=m_kato! Similar to the previous patch, it may notify selection listeners of native anonymous tree in `<input>` and `<textarea>` element. Differential Revision: https://phabricator.services.mozilla.com/D55774
dom/html/TextControlState.cpp
dom/html/TextControlState.h
layout/forms/nsITextControlFrame.h
layout/forms/nsTextControlFrame.h
--- a/dom/html/TextControlState.cpp
+++ b/dom/html/TextControlState.cpp
@@ -150,17 +150,17 @@ class MOZ_STACK_CLASS AutoInputEventSupp
 
 class RestoreSelectionState : public Runnable {
  public:
   RestoreSelectionState(TextControlState* aState, nsTextControlFrame* aFrame)
       : Runnable("RestoreSelectionState"),
         mFrame(aFrame),
         mTextControlState(aState) {}
 
-  NS_IMETHOD Run() override {
+  MOZ_CAN_RUN_SCRIPT_BOUNDARY NS_IMETHOD Run() override {
     if (!mTextControlState) {
       return NS_OK;
     }
 
     AutoHideSelectionChanges hideSelectionChanges(
         mFrame->GetConstFrameSelection());
 
     if (mFrame) {
@@ -1986,16 +1986,17 @@ void TextControlState::SyncUpSelectionPr
   }
 }
 
 void TextControlState::SetSelectionProperties(
     TextControlState::SelectionProperties& aProps) {
   if (mBoundFrame) {
     mBoundFrame->SetSelectionRange(aProps.GetStart(), aProps.GetEnd(),
                                    aProps.GetDirection());
+    // The instance may have already been deleted here.
   } else {
     mSelectionProperties = aProps;
   }
 }
 
 void TextControlState::GetSelectionRange(uint32_t* aSelectionStart,
                                          uint32_t* aSelectionEnd,
                                          ErrorResult& aRv) {
--- a/dom/html/TextControlState.h
+++ b/dom/html/TextControlState.h
@@ -319,17 +319,17 @@ class TextControlState final : public Su
    private:
     uint32_t mStart, mEnd;
     bool mIsDirty = false;
     nsITextControlFrame::SelectionDirection mDirection;
   };
 
   bool IsSelectionCached() const;
   SelectionProperties& GetSelectionProperties();
-  void SetSelectionProperties(SelectionProperties& aProps);
+  MOZ_CAN_RUN_SCRIPT void SetSelectionProperties(SelectionProperties& aProps);
   void WillInitEagerly() { mSelectionRestoreEagerInit = true; }
   bool HasNeverInitializedBefore() const { return !mEverInited; }
   // Sync up our selection properties with our editor prior to being destroyed.
   // This will invoke UnbindFromFrame() to ensure that we grab whatever
   // selection state may be at the moment.
   MOZ_CAN_RUN_SCRIPT void SyncUpSelectionPropertiesBeforeDestruction();
 
   // Get the selection range start and end points in our text.
--- a/layout/forms/nsITextControlFrame.h
+++ b/layout/forms/nsITextControlFrame.h
@@ -19,18 +19,19 @@ class TextEditor;
 class nsITextControlFrame : public nsIFormControlFrame {
  public:
   NS_DECL_QUERYFRAME_TARGET(nsITextControlFrame)
 
   enum SelectionDirection { eNone, eForward, eBackward };
 
   NS_IMETHOD_(already_AddRefed<mozilla::TextEditor>) GetTextEditor() = 0;
 
-  NS_IMETHOD SetSelectionRange(uint32_t aSelectionStart, uint32_t aSelectionEnd,
-                               SelectionDirection aDirection = eNone) = 0;
+  MOZ_CAN_RUN_SCRIPT NS_IMETHOD
+  SetSelectionRange(uint32_t aSelectionStart, uint32_t aSelectionEnd,
+                    SelectionDirection aDirection = eNone) = 0;
 
   NS_IMETHOD GetOwnedSelectionController(nsISelectionController** aSelCon) = 0;
   virtual nsFrameSelection* GetOwnedFrameSelection() = 0;
 
   /**
    * Ensure editor is initialized with the proper flags and the default value.
    * @throws NS_ERROR_NOT_INITIALIZED if mEditor has not been created
    * @throws various and sundry other things
--- a/layout/forms/nsTextControlFrame.h
+++ b/layout/forms/nsTextControlFrame.h
@@ -118,27 +118,28 @@ class nsTextControlFrame final : public 
   virtual void SetInitialChildList(ChildListID aListID,
                                    nsFrameList& aChildList) override;
 
   virtual void BuildDisplayList(nsDisplayListBuilder* aBuilder,
                                 const nsDisplayListSet& aLists) override;
 
   //==== BEGIN NSIFORMCONTROLFRAME
   virtual void SetFocus(bool aOn, bool aRepaint) override;
-  virtual nsresult SetFormProperty(nsAtom* aName,
-                                   const nsAString& aValue) override;
+  MOZ_CAN_RUN_SCRIPT_BOUNDARY virtual nsresult SetFormProperty(
+      nsAtom* aName, const nsAString& aValue) override;
 
   //==== END NSIFORMCONTROLFRAME
 
   //==== NSITEXTCONTROLFRAME
 
   MOZ_CAN_RUN_SCRIPT_BOUNDARY NS_IMETHOD_(already_AddRefed<mozilla::TextEditor>)
       GetTextEditor() override;
-  NS_IMETHOD SetSelectionRange(uint32_t aSelectionStart, uint32_t aSelectionEnd,
-                               SelectionDirection aDirection = eNone) override;
+  MOZ_CAN_RUN_SCRIPT NS_IMETHOD
+  SetSelectionRange(uint32_t aSelectionStart, uint32_t aSelectionEnd,
+                    SelectionDirection aDirection = eNone) override;
   NS_IMETHOD GetOwnedSelectionController(
       nsISelectionController** aSelCon) override;
   virtual nsFrameSelection* GetOwnedFrameSelection() override;
 
   /**
    * Ensure mEditor is initialized with the proper flags and the default value.
    * @throws NS_ERROR_NOT_INITIALIZED if mEditor has not been created
    * @throws various and sundry other things
@@ -295,22 +296,23 @@ class nsTextControlFrame final : public 
   mozilla::LogicalSize CalcIntrinsicSize(gfxContext* aRenderingContext,
                                          mozilla::WritingMode aWM,
                                          float aFontSizeInflation) const;
 
   nsresult ScrollSelectionIntoView() override;
 
  private:
   // helper methods
-  nsresult SetSelectionInternal(nsINode* aStartNode, uint32_t aStartOffset,
-                                nsINode* aEndNode, uint32_t aEndOffset,
-                                SelectionDirection aDirection = eNone);
-  nsresult SelectAllOrCollapseToEndOfText(bool aSelect);
-  nsresult SetSelectionEndPoints(uint32_t aSelStart, uint32_t aSelEnd,
-                                 SelectionDirection aDirection = eNone);
+  MOZ_CAN_RUN_SCRIPT nsresult SetSelectionInternal(
+      nsINode* aStartNode, uint32_t aStartOffset, nsINode* aEndNode,
+      uint32_t aEndOffset, SelectionDirection aDirection = eNone);
+  MOZ_CAN_RUN_SCRIPT nsresult SelectAllOrCollapseToEndOfText(bool aSelect);
+  MOZ_CAN_RUN_SCRIPT nsresult
+  SetSelectionEndPoints(uint32_t aSelStart, uint32_t aSelEnd,
+                        SelectionDirection aDirection = eNone);
 
   void FinishedInitializer() { DeleteProperty(TextControlInitializer()); }
 
   const nsAString& CachedValue() const { return mCachedValue; }
 
   void ClearCachedValue() { mCachedValue.SetIsVoid(true); }
 
   void CacheValue(const nsAString& aValue) { mCachedValue.Assign(aValue); }