Bug 130653

Rolled out in http://trac.webkit.org/changeset/166680 due to issues with the PLT <rdar://problem/16481284> PLT stops loading on news.google.com

If you fix this bug and get rid of its companion updateStyleIfNeeded() in Document::finishedParsing(), you could get a ~3x speedup on PerformanceTests/Parser/html-parser.html Then we'd really be cooking :)

Committed r219824: <http://trac.webkit.org/changeset/219824>

Looks like the test failures are caused by DRT/WTR prematurely dumping the render tree. It's a long chain of calls, but the dumping is essentially driven by FrameLoaderClient::dispatchDidFinishLoad(), invoked by FrameLoader::checkLoadCompleteForThisFrame(). This gets called basically every time any resource finished loading or has an error, and has no protection against the delay-load-event counter on Document. FrameLoader decides that everything it cares about is finished, and so sounds the alarm. Simply adding this to the top of FrameLoader::checkLoadCompletedForThisFrame() should fix the failing tests: if (m_frame.document()->isDelayingLoadEvent()) return; But.. if we look at the start of FrameLoader::checkCompleted(), this is but one of many checks that we might care about in checkLoadCompleteForThisFrame(), too.

Wow, thanks! I will look into that.

For those of you following along (I’m looking at you Mr. Kling), now that I added the additional check in FrameLoader::checkLoadCompletedForThisFrame, we now have a few different categories of failing tests: Regressions: Unexpected timeouts media/track/track-in-band-duplicate-tracks-when-source-changes.html [ Timeout ] webgl/1.0.2/conformance/context/context-attributes-alpha-depth-stencil-antialias.html [ Timeout ] webgl/1.0.2/conformance/extensions/oes-texture-float-with-image-data.html [ Timeout ] webgl/1.0.2/conformance/textures/copy-tex-image-and-sub-image-2d.html [ Timeout ] webgl/1.0.2/conformance/textures/tex-image-and-sub-image-2d-with-image-data-rgb565.html [ Timeout ] webgl/1.0.2/conformance/textures/tex-image-and-sub-image-2d-with-image-data-rgba4444.html [ Timeout ] webgl/1.0.2/conformance/textures/tex-image-and-sub-image-2d-with-image-data-rgba5551.html [ Timeout ] webgl/1.0.2/conformance/textures/tex-image-and-sub-image-2d-with-image-data.html [ Timeout ] webgl/1.0.3/conformance/extensions/oes-texture-float-linear.html [ Timeout ] webgl/1.0.3/conformance/extensions/oes-texture-half-float-with-image-data.html [ Timeout ] ^^^ Without actually studying anything here and diagnosing, here is my guess: Given that my last change was to make FrameLoader::checkLoadCompletedForThisFrame decide the load is not completed in some cases, it’s likely that we need to pair that with a change that guarantees FrameLoader::checkLoadCompletedForThisFrame is called once the document is no longer delaying the load event. Regressions: Unexpected text-only failures webarchive/loading/video-in-webarchive.html [ Failure ] ^^^ The issue here seems to different ordering of "load completed" callbacks; to me it seems likely the new behavior is correct and my patch just needs to include new expected results for this test. Other failures seem likely unrelated to the patch; not sure what to do about those. Need some more "gardening" it seems.

(In reply to Darin Adler from comment #41) > Given that my last change was to make > FrameLoader::checkLoadCompletedForThisFrame decide the load is not completed > in some cases, it’s likely that we need to pair that with a change that > guarantees FrameLoader::checkLoadCompletedForThisFrame is called once the > document is no longer delaying the load event. Document::loadEventDelayTimerFired does call FrameLoader::checkLoadComplete, which calls FrameLoader::checkLoadCompleteForThisFrame on all the frames, not just the one with the document. Some possible (unlikely) holes in this: 1) If the document's frame get set to some other frame or to null, we might never call FrameLoader::checkLoadComplete. 2) If the frame's page gets set to null at just the wrong time, FrameLoader::checkLoadComplete might decide not to do anything. Given that my above guess doesn’t seem like it can be exactly right. Need to debug probably rather than just studying the code. Another possibility is that isDelayingLoadEvent should block when in FrameStateCommittedPage and FrameStateComplete but not FrameStateProvisional. Unlikely to actually be the issue in this case, but it seems in inappropriate for isDelayingLoadEvent to prevent a frame from moving from provisional to committed state.

>I’m looking at you Mr. Kling Oh jeez, guess I better hop to it! >2) If the frame's page gets set to null at just the wrong time, FrameLoader::checkLoadComplete might decide not to do anything. This is the correct guess! Some frames are now unloaded before they get a chance to fire a load event in their documents, and so the Document::frame() is null when we get to decrementLoadEventDelayCount(). Here's a backtrace for Document::detachFromFrame() when running webgl/1.0.3/conformance/extensions/oes-texture-float-linear.html WebCore::Document::detachFromFrame() <-- WebCore::Document::prepareForDestruction() WebCore::Frame::setView(WTF::RefPtr<WebCore::FrameView>&&) WebCore::FrameLoader::closeAndRemoveChild(WebCore::Frame&) WebCore::FrameLoader::detachFromParent() 0x10ffab7c6 WebCore::FrameLoader::frameDetached() WebCore::HTMLFrameOwnerElement::disconnectContentFrame() WebCore::disconnectSubframes(WebCore::ContainerNode&, WebCore::SubframeDisconnectPolicy) WebCore::willRemoveChildren(WebCore::ContainerNode&) WebCore::ContainerNode::removeChildren() WebCore::replaceChildrenWithFragment(WebCore::ContainerNode&, WTF::Ref<WebCore::DocumentFragment>&&) WebCore::Element::setInnerHTML(WTF::String const&) WebCore::setJSElementInnerHTML(JSC::ExecState*, long long, long long) JSC::callCustomSetter(JSC::ExecState*, JSC::JSValue, bool, JSC::JSObject*, JSC::JSValue, JSC::JSValue) JSC::JSObject::putInlineSlow(JSC::ExecState*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&) llint_slow_path_put_by_id llint_entry vmEntryToJavaScript JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) JSC::Interpreter::executeProgram(JSC::SourceCode const&, JSC::ExecState*, JSC::JSObject*) JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&, WebCore::ExceptionDetails*) WebCore::ScriptElement::executeClassicScript(WebCore::ScriptSourceCode const&) WebCore::LoadableClassicScript::execute(WebCore::ScriptElement&) WebCore::ScriptElement::executeScriptAndDispatchEvent(WebCore::LoadableScript&) WebCore::ScriptRunner::timerFired() WebCore::ThreadTimers::sharedTimerFiredInternal() WebCore::timerFired(__CFRunLoopTimer*, void*) I think what happens is that a <script> is inserted somewhere via modifying innerHTML. ScriptRunner sets up a zero-timer and executes the script in the callback. At the end of ScriptRunner::timerFired(), we call decrementLoadEventDelayCount(), but by then it's too late, the script made the document detach from the frame. :/

Something is off here though, looking at the webgl test harness code: LayoutTests/webgl/1.0.3/resources/webkit-webgl-test-harness.js It appears to me that this test uses testRunner.waitUntilDone() / testRunner.notifyDone() and so shouldn't depend on the whimsy of our load event. I think maybe it's something else that's broken here.

The problem is caused by the increment/decrementLoadEventDelayCount in ScriptRunner. By the time decrementLoadEventDelayCount is called, the document's frame is already null.

That’s because the script overwrites the frame’s content with a pass/fail result. I have a fix, but it’s pretty peculiar.

To fix one of the failing tests, I had to make a change to HTMLMediaElement. I made it after reading the HTML specification text; the fix makes us match the specification. But I do want some media loading experts to look, not so much because I doubt the correctness of the change in the patch, but because the FIXME I am adding points to some other similar changes we might want to make.

Maybe we should add some new tests for this media loading fix.

After years of trying and lots of craziness, looks like this is ready for review again. Antti reviewed the original applet/embed/frame/iframe/object element loading change, and there is a little more to the patch now because of bugs I had to fix in five or six regression tests, in a small part of the load event logic in document, document loader, and frame loader, in the "when to dump" logic in WebKitTestRunner, and in the load event delay machinery in one small place in the media element. But patch still didn’t get giant. And this one is likely to pass all the EWS tests.

Created attachment 316750 [details] Patch

Comment on attachment 316750 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=316750&action=review Looks like the change log is missing quite a few of the changes. I’ll likely upload a new patch later with a better change log. > Source/WebCore/html/HTMLPlugInImageElement.cpp:295 > + document().incrementLoadEventDelayCount(); Style-wise should probably be newDocument rather than document(), although I don’t see how that can matter given we assert they are the same. My patch predated the addition of the newDocument argument.

Comment on attachment 316750 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=316750&action=review r=me, nice > Source/WebCore/dom/Document.cpp:6228 > + // FIXME: Should the call to FrameLoader::checkLoadComplete be moved inside Document::checkCompleted? > + // FIXME: Should this also call DocumentLoader::checkLoadComplete? > + // FIXME: Not obvious why checkCompleted needs to go first. The order these are called is > + // visible to WebKit clients, but it's more like a race than a well-defined relationship. This logic should be cleaned up at some point. It feels as if the original intent of the differnt check/loadCompleted/isLoading functions has been lost at some point and they are now being called without rhyme or reason.

(In reply to Antti Koivisto from comment #75) > This logic should be cleaned up at some point. It feels as if the original > intent of the differnt check/loadCompleted/isLoading functions has been lost > at some point and they are now being called without rhyme or reason. My thought exactly. Basically there is one concept here from KHTMLPart (checkComplete) and one from the Objective-C WebKit framework (checkLoadComplete). We never reconciled the two when we put them together in the same framework.

I have this ready to land now with a better ChangeLog. Will land after I confirm that the EWS succeeds.

Comment on attachment 316750 [details] Patch Attachment 316750 [details] did not pass mac-ews (mac): Output: http://webkit-queues.webkit.org/results/4225801 New failing tests: fast/images/large-size-image-crash.html

Created attachment 316751 [details] Archive of layout-test-results from ews101 for mac-elcapitan The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews101 Port: mac-elcapitan Platform: Mac OS X 10.11.6

Committed r220052: <http://trac.webkit.org/changeset/220052>

Great work! 32% speedup on PerformanceTests/Parser/HTML5-8266-FullRender.html :) https://perf.webkit.org/v3/#/charts?since=1500879248694&zoom=(1501396022165.3025-1501482250189.8582)&paneList=((18-311-null-null-(5-2.5-500)))

Wow!

Great! 1-3% page load progression is observed.

This caused bug 174988. I'm somewhat hesitant to roll back right away, but I may have to, as there quite a few new failures over the weekend, and we need to make bots green soon.

I suggest skipping the test to make the bots green. I absolutely will fix this bug and reenable the test, and I think a rollout is unnecessary.

This caused bug: https://bugs.webkit.org/show_bug.cgi?id=175107

Another regression: bug 175329.

<rdar://problem/34191442>