| Summary: | load event can fire prematurely for frameless documents (affects Acid3?) | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Geoffrey Garen <ggaren> |
| Component: | Page Loading | Assignee: | Nobody <webkit-unassigned> |
| Status: | NEW --- | ||
| Severity: | Normal | CC: | ap, beidson, kling, mmaxfield, schenney, simon.fraser |
| Priority: | P2 | ||
| Version: | 523.x (Safari 3) | ||
| Hardware: | Mac | ||
| OS: | OS X 10.4 | ||
I think this might be related to our @font-face load-event problems with Acid3. I'm not certain of that though. Is this still an issue? Could you please attach a test case? This code still appears in a crash stack. Load http://www.speckproducts.com/ in a debug build of Chrome (and probably Safari too) and you will hit an assert due to an onload event firing during an SVG font load. I have yet to reduce it to a Layout test, and as I am unfamiliar with how all this works, I find it rather challenging. On the other hand, just because the code goes through this path does not mean it's a problem. There should not be any onload event until after the font has loaded _and_ the calling code has finished layout, which seems impossible to track. We also believe that an SVG font externally loaded should not be able to invoke script in the first place. This causes a crash in CSSSegmentedFontFace::getFontData() due to the function getting called inside itself. (The load events run Javascript which causes a layout which ends up calling the function again) Frameless documents can't load subresources, so I think that the comment is incorrect, and the bug is invalid.
What Myles is referring to is that implicitClose() dispatches pending load events on ALL documents, as it calls these static functions:
ImageLoader::dispatchPendingBeforeLoadEvents();
ImageLoader::dispatchPendingLoadEvents();
ImageLoader::dispatchPendingErrorEvents();
HTMLLinkElement::dispatchPendingLoadEvents();
HTMLStyleElement::dispatchPendingLoadEvents();
This is outright crazy, and does cause problems due to running JS at inopportune time. I'm not sure whether the frameLoader->checkCompleted() code path has the same problem (i.e. whether it ends up synchronously calling implicitClose() too).
(In reply to comment #6) > Frameless documents can't load subresources, so I think that the comment is incorrect, and the bug is invalid. > > What Myles is referring to is that implicitClose() dispatches pending load events on ALL documents, as it calls these static functions: > > ImageLoader::dispatchPendingBeforeLoadEvents(); > ImageLoader::dispatchPendingLoadEvents(); > ImageLoader::dispatchPendingErrorEvents(); > > HTMLLinkElement::dispatchPendingLoadEvents(); > HTMLStyleElement::dispatchPendingLoadEvents(); Could we pass the Document* to these things and make them dispatch document-local events only? Would that solve the issue? I don't understand why they work globally. The SVG issue is now tracked as bug 136269. |
FrameLoader tracks loading progress. Without a FrameLoader, a Document doesn't know whether loading is in progress. Therefore, a Document might end up dispatching the load event too early. This is the responsible code, in Document.cpp: void Document::close() { Frame* frame = this->frame(); if (frame) { // This code calls implicitClose() if all loading has completed. FrameLoader* frameLoader = frame->loader(); frameLoader->endIfNotLoadingMainResource(); frameLoader->checkCompleted(); } else { // Because we have no frame, we don't know if all loading has completed, // so we just call implicitClose() immediately. FIXME: This might fire // the load event prematurely. implicitClose(); } } I don't know if this is a real-world problem or not.