Closed
Bug 595706
Opened 14 years ago
Closed 14 years ago
JM: Unresponsive Script Warning on mootools-1.2-core.js?cb=20080614
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
VERIFIED
FIXED
Tracking | Status | |
---|---|---|
blocking2.0 | --- | betaN+ |
People
(Reporter: ezra, Assigned: dmandelin)
References
()
Details
(Whiteboard: fixed-in-tracemonkey)
Attachments
(1 file)
(deleted),
patch
|
cdleary
:
review+
|
Details | Diff | Splinter Review |
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:2.0b6pre) Gecko/20100912 Firefox/4.0b6pre
Build Identifier: Mozilla/5.0 (Windows NT 5.1; rv:2.0b6pre) Gecko/20100912 Firefox/4.0b6pre
When loading the page with javascript.options.methodjit.content = true. The script on www.moviemeter.nl will become unresponsive.
Tested this with methodjit on and off and on a clean profile. The script works fine when methodjit.content is false.
Reproducible: Always
Steps to Reproduce:
1. Use Nightly build with methodjid.content = true
2. Navigate to http://moviemeter.nl
3. Wait till the browser responds again.
Actual Results:
Minefield will show an Unresponsive Script warning dialog.
Expected Results:
Executed the script without problems
Comment 1•14 years ago
|
||
Script:
http://www.moviemeter.nl/libs/mootools-1.2-core.js?cb=20080614 (Line 51):
for(var B=0,A=this.length;B<A;B++){var C=$type(this[B]);if(!C){continue;}D=D.concat((C=="array"||C=="collection"||C=="arguments")?Array.flatten(this[B]):this[B]);
Assignee: nobody → general
Severity: major → normal
Component: General → JavaScript Engine
Product: Firefox → Core
QA Contact: general → general
Summary: JaegerMonkey causes Unresponsive Script → JM: Unresponsive Script Warning on mootools-1.2-core.js?cb=20080614
Version: unspecified → Trunk
Updated•14 years ago
|
Status: UNCONFIRMED → NEW
Ever confirmed: true
Updated•14 years ago
|
blocking2.0: --- → betaN+
Assignee | ||
Comment 5•14 years ago
|
||
Disabling PICs for JSOP_LENGTH makes the bug go away.
Assignee | ||
Comment 6•14 years ago
|
||
This is basically a typo bug in the PIC for length of args objects. The arguments object PIC was guarding that the object was a slow array. Thus, if the program had |a.length| where a was an arguments object the first time through, then we would get incorrect results on any successive call where a was a slow array.
There was actually a second bug there as well: the args object PIC wasn't shifting out the override bit, so if the length was 3, we would end up saying 6 instead.
Thanks to everyone that reported a version of this bug: obviously it was affecting at least 4 sites, but I suspect it may have been causing intermittent errors in other places as well.
Comment 7•14 years ago
|
||
Comment on attachment 474857 [details] [diff] [review]
Patch
Two nits: might want to use a slow array with a different expected value that's not a pow2-multiple, and I think our JS follows useArg2 cap style.
Attachment #474857 -
Flags: review?(cdleary) → review+
Assignee | ||
Comment 8•14 years ago
|
||
(In reply to comment #7)
> Comment on attachment 474857 [details] [diff] [review]
> Patch
>
> Two nits: might want to use a slow array with a different expected value that's
> not a pow2-multiple,
Not sure what you mean: the expected result is 3.
>and I think our JS follows useArg2 cap style.
Fixed.
http://hg.mozilla.org/tracemonkey/rev/614c81c9fda4
Whiteboard: fixed-in-tracemonkey
Comment 9•14 years ago
|
||
(In reply to comment #8)
> Not sure what you mean: the expected result is 3.
Just meant that you're charging the PIC with a result value that is expected to be 3 for the arguments, maybe you'd want to use a different number of values (like... 5) in the slow array case. No biggie!
Comment 12•14 years ago
|
||
Status: ASSIGNED → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 13•14 years ago
|
||
Mozilla/5.0 (Windows NT 5.1; rv:2.0b7pre) Gecko/20100917 Firefox/4.0b7pre ID:20100917041014
Sites are working correctly now with methodjit enabled!
VERIFIED
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•