Bug 14757

Here is the implementation: bool HTMLTokenizer::processingData() const { return m_timer.isActive(); } The problem is that this function can be called from within m_timer's fired callback. A non-repeating timer that is being fired is not active (maybe *this* is the real bug?). However, the tokenizer actually is processing data while inside its Timer::fired callback. This function returns an incorrect result in that case. I saw this problem surface when loading a page with frames on a slow machine. Here's the sequence of events: - The parsing of the HTML was deferred and put on a timer (HTMLTokenizer::m_timer). - When that timer fired, one of the subframes was created. - Initializing that subframe caused the FrameLoaders to do a recursiveCheckLoadComplete. - Since HTMLTokenizer::processingData returned false incorrectly, the toplevel frame was assumed to have been done loading, and marked as such incorrectly. - Frame load events were then dispatched out of order (dispatchDidFinishLoad was called for the toplevel frame before subframes). And here's the corresponding sample callstack from a run of Safari on Mac: #0 WebCore::TimerBase::isActive (this=0x28bded8) at /Users/mpcomplete/src/WebKit/WebCore/platform/Timer.cpp:188 #1 0x0101e13a in WebCore::HTMLTokenizer::processingData (this=0x28bde00) at /Users/mpcomplete/src/WebKit/WebCore/html/HTMLTokenizer.cpp:1497 #2 0x0138dcd6 in WebCore::DocumentLoader::isLoadingInAPISense (this=0x2926200) at /Users/mpcomplete/src/WebKit/WebCore/loader/DocumentLoader.cpp:468 #3 0x01383ac2 in WebCore::FrameLoader::checkLoadCompleteForThisFrame (this=0x281fa00) at /Users/mpcomplete/src/WebKit/WebCore/loader/FrameLoader.cpp:2777 #4 0x01383d38 in WebCore::FrameLoader::recursiveCheckLoadComplete (this=0x281fa00) at /Users/mpcomplete/src/WebKit/WebCore/loader/FrameLoader.cpp:2899 #5 0x01383dd6 in WebCore::FrameLoader::checkLoadComplete (this=0x2927c00) at /Users/mpcomplete/src/WebKit/WebCore/loader/FrameLoader.cpp:2910 #6 0x01388e72 in WebCore::FrameLoader::checkCompleted (this=0x2927c00) at /Users/mpcomplete/src/WebKit/WebCore/loader/FrameLoader.cpp:1185 #7 0x0138b93f in WebCore::FrameLoader::endIfNotLoadingMainResource (this=0x2927c00) at /Users/mpcomplete/src/WebKit/WebCore/loader/FrameLoader.cpp:1006 #8 0x0138b9b5 in WebCore::FrameLoader::end (this=0x2927c00) at /Users/mpcomplete/src/WebKit/WebCore/loader/FrameLoader.cpp:978 #9 0x0138f85c in WebCore::DocumentLoader::finishedLoading (this=0x28c4800) at /Users/mpcomplete/src/WebKit/WebCore/loader/DocumentLoader.cpp:319 #10 0x0138bbb2 in WebCore::FrameLoader::init (this=0x2927c00) at /Users/mpcomplete/src/WebKit/WebCore/loader/FrameLoader.cpp:265 #11 0x010b6d58 in WebCore::Frame::init (this=0x15e74360) at /Users/mpcomplete/src/WebKit/WebCore/page/Frame.cpp:219 #12 0x0032b4b4 in -[WebFrameBridge finishInitializingWithPage:frameName:frameView:ownerElement:] (self=0x15e35410, _cmd=0x3ac664, page=0x2148060, name=0x15e6d0f0, frameView=0x15e6dc10, ownerElement=0x15e758e0) at /Users/mpcomplete/src/WebKit/WebKit/WebCoreSupport/WebFrameBridge.mm:147 #13 0x00327f1c in -[WebFrameBridge initSubframeWithOwnerElement:frameName:frameView:] (self=0x15e35410, _cmd=0x3ac6d0, ownerElement=0x15e758e0, name=0x15e6d0f0, frameView=0x15e6dc10) at /Users/mpcomplete/src/WebKit/WebKit/WebCoreSupport/WebFrameBridge.mm:162 #14 0x0032b21f in -[WebFrameBridge createChildFrameNamed:withURL:referrer:ownerElement:allowsScrolling:marginWidth:marginHeight:] (self=0x2147160, _cmd=0x3ac834, frameName=0x15e6d0f0, URL=0x15e75970, referrer=@0xbfffe49c, ownerElement=0x15e758e0, allowsScrolling=1 '\001', width=-1, height=-1) at /Users/mpcomplete/src/WebKit/WebKit/WebCoreSupport/WebFrameBridge.mm:349 #15 0x003900a3 in WebFrameLoaderClient::createFrame (this=0x21464d0, url=@0xbfffe56c, name=@0x15e75954, ownerElement=0x15e758e0, referrer=@0xbfffe49c, allowsScrolling=1, marginWidth=-1, marginHeight=-1) at /Users/mpcomplete/src/WebKit/WebKit/WebCoreSupport/WebFrameLoaderClient.mm:1163 #16 0x0138c045 in WebCore::FrameLoader::loadSubframe (this=0x281fa00, ownerElement=0x15e758e0, url=@0xbfffe56c, name=@0x15e75954, referrer=@0x281fb24) at /Users/mpcomplete/src/WebKit/WebCore/loader/FrameLoader.cpp:452 #17 0x0138d32b in WebCore::FrameLoader::requestFrame (this=0x281fa00, ownerElement=0x15e758e0, urlString=@0x15e75950, frameName=@0x15e75954) at /Users/mpcomplete/src/WebKit/WebCore/loader/FrameLoader.cpp:422 #18 0x0136c092 in WebCore::HTMLFrameElementBase::openURL (this=0x15e758e0) at /Users/mpcomplete/src/WebKit/WebCore/html/HTMLFrameElementBase.cpp:107 #19 0x0136c5af in WebCore::HTMLFrameElementBase::openURLCallback (n=0x15e758e0) at /Users/mpcomplete/src/WebKit/WebCore/html/HTMLFrameElementBase.cpp:158 #20 0x010d72f5 in WebCore::ContainerNode::attach (this=0x15e758e0) at /Users/mpcomplete/src/WebKit/WebCore/dom/ContainerNode.cpp:605 #21 0x0122f338 in WebCore::Element::attach (this=0x15e758e0) at /Users/mpcomplete/src/WebKit/WebCore/dom/Element.cpp:664 #22 0x0136b7e7 in WebCore::HTMLFrameElementBase::attach (this=0x15e758e0) at /Users/mpcomplete/src/WebKit/WebCore/html/HTMLFrameElementBase.cpp:192 #23 0x0126ee31 in WebCore::HTMLFrameElement::attach (this=0x15e758e0) at /Users/mpcomplete/src/WebKit/WebCore/html/HTMLFrameElement.cpp:66 #24 0x0101d18d in WebCore::HTMLParser::insertNode (this=0x15e3e8a0, n=0x15e758e0, flat=false) at /Users/mpcomplete/src/WebKit/WebCore/html/HTMLParser.cpp:328 #25 0x0101da35 in WebCore::HTMLParser::parseToken (this=0x15e3e8a0, t=0x28bde14) at /Users/mpcomplete/src/WebKit/WebCore/html/HTMLParser.cpp:250 #26 0x0101f818 in WebCore::HTMLTokenizer::processToken (this=0x28bde00) at /Users/mpcomplete/src/WebKit/WebCore/html/HTMLTokenizer.cpp:1641 #27 0x010229ed in WebCore::HTMLTokenizer::parseTag (this=0x28bde00, src=@0x28be304, state={static EntityShift = 4, m_bits = 0}) at /Users/mpcomplete/src/WebKit/WebCore/html/HTMLTokenizer.cpp:1206 #28 0x010233c4 in WebCore::HTMLTokenizer::write (this=0x28bde00, str=@0xbfffebdc, appendData=true) at /Users/mpcomplete/src/WebKit/WebCore/html/HTMLTokenizer.cpp:1437 #29 0x0101f20b in WebCore::HTMLTokenizer::timerFired (this=0x28bde00) at /Users/mpcomplete/src/WebKit/WebCore/html/HTMLTokenizer.cpp:1517 #30 0x014a7b57 in WebCore::Timer<WebCore::HTMLTokenizer>::fired (this=0x28bded8) at Timer.h:96 #31 0x011f1026 in WebCore::TimerBase::fireTimers (fireTime=1185310107.954752, firingTimers=@0xbfffecbc) at /Users/mpcomplete/src/WebKit/WebCore/platform/Timer.cpp:336 #32 0x011f10c3 in WebCore::TimerBase::sharedTimerFired () at /Users/mpcomplete/src/WebKit/WebCore/platform/Timer.cpp:353 #33 0x011f0763 in timerFired () at /Users/mpcomplete/src/WebKit/WebCore/platform/mac/SharedTimerMac.cpp:48