Bug 276629

Summary: Konqueror hangs when trying ECMAScript Test262 test suite at test 3644 (S.15.4.4.12_A3_T1)
Product: [Applications] konqueror Reporter: Gérard Talbot (no longer involved) <browserbugs2>
Component: khtml ecmaAssignee: Konqueror Developers <konq-bugs>
Status: VERIFIED FIXED    
Severity: normal CC: kollix, nick
Priority: NOR    
Version: 4.6.3   
Target Milestone: ---   
Platform: Ubuntu   
OS: Linux   
Latest Commit: Version Fixed In: 4.8.3
Sentry Crash Report:

Description Gérard Talbot (no longer involved) 2011-06-27 18:26:57 UTC 
Version:           4.6.3 (using KDE 4.6.4) 
OS:                Linux

ECMAScript Test262
http://test262.ecmascript.org/
is a 10 thousands tests test suite for the ECMA-262, 5th Edition ECMAScript Language Specification.

On June 25th 2011, such test suite is at version: 0.7.3 and has 10,865 tests.

In order to keep up with new specifications (HTML5, CSS2.1, CSS3, DOM3, ECMAScript 5), Konqueror developers/testers/fans should visit and try public test suites and keep a record of its overal score, etc.

Right now, Konqueror 4.6.4 hangs at test S15.4.4.12_A3_T1 (index 3644 out of 10865): basically, this is why I am opening this bug report.

Reproducible: Always

Steps to Reproduce:
1- Go to http://test262.ecmascript.org/
2- Click the Run tab
3- Click the green Start button

Actual Results:  
At test S15.4.4.12_A3_T1 (index 3644 out of 10865), Konqueror application hangs: cpu % activity remains high, will remain high during minutes and Konqueror will not move onto next test. An infinite loop is strongly suspected here.

Expected Results:  
At test S15.4.4.12_A3_T1 (index 3644 out of 10875), Konqueror application should execute test, report result and move onto next test.

There is no bug report with regards to Konqueror so far listed in this list

https://bugs.ecmascript.org/buglist.cgi?query_format=advanced&resolution=---

I will create an account at
https://bugs.ecmascript.org/
and then file a bug report on this issue. What I wish to have is that single  S15.4.4.12_A3_T1 test so that we could examine what's blocking Konqueror or what is happening with that S15.4.4.12_A3_T1 test.

I have been able to run the whole test suite without a problem (no hang, no crash) in Firefox 5.0, Opera 11.11 and Chrome 12.0.742.100.

KDE Platform Version: 4.6.4
Konqueror version: 4.6.4
Qt Version: 4.7.2
Operating System: Linux 2.6.38-10-generic-pae i686
Distribution: Kubuntu 11.04
here.

regards, Gérard
Comment 1 Martin Koller 2011-07-15 21:08:15 UTC 
I can reproduce the problem with KDE 4.6.5.
starting konqi in gdb and breaking while it "hangs" (btw.: here it hangs after 3708 tests):
#0  0xb7ddc64e in malloc () from /lib/libc.so.6
#1  0xb62dac05 in operator new(unsigned int) () from /usr/lib/libstdc++.so.6
#2  0xb24d8d2e in KJS::UString::Rep::create (d=0xabec340, l=9) at /usr/src/debug/kdelibs-4.6.5/kjs/ustring.cpp:169
#3  0xb24d8de7 in KJS::UString::Rep::createCopying (d=0xbfffb96e, length=9)
    at /usr/src/debug/kdelibs-4.6.5/kjs/ustring.cpp:164
#4  0xb24d95fa in KJS::UString::UString (this=0xbfffb9c8, c=0xbfffb96e, length=9)
    at /usr/src/debug/kdelibs-4.6.5/kjs/ustring.cpp:459
#5  0xb24d9f2d in KJS::UString::from (u=<value optimized out>) at /usr/src/debug/kdelibs-4.6.5/kjs/ustring.cpp:587
#6  0xb251326e in from (this=0xaf138d40, exec=0xbfffbf4c, propertyName=176287591, slot=...)
    at /usr/src/debug/kdelibs-4.6.5/kjs/identifier.h:78
#7  KJS::JSObject::getOwnPropertySlot (this=0xaf138d40, exec=0xbfffbf4c, propertyName=176287591, slot=...)
    at /usr/src/debug/kdelibs-4.6.5/kjs/object.cpp:126
#8  0xb25134aa in KJS::JSObject::getPropertySlot (this=0xaf138d40, exec=0xbfffbf4c, propertyName=176287591, slot=...)
    at /usr/src/debug/kdelibs-4.6.5/kjs/object.cpp:111
#9  0xb2501c1e in KJS::getProperty (exec=0xbfffbf4c, obj=0xaf138d40, index=176287591)
    at /usr/src/debug/kdelibs-4.6.5/kjs/array_object.cpp:100
#10 0xb250286f in KJS::ArrayProtoFunc::callAsFunction (this=0xaf138d20, exec=0xbfffbf4c, thisObj=0xaf138d40, args=...)
    at /usr/src/debug/kdelibs-4.6.5/kjs/array_object.cpp:401
#11 0xb2530ccb in call (exec=0xbfffbf4c, codeBlock=..., parentExec=0xbfffc41c)
    at /usr/src/debug/kdelibs-4.6.5/kjs/object.h:626
#12 KJS::Machine::runBlock (exec=0xbfffbf4c, codeBlock=..., parentExec=0xbfffc41c) at codes.def:1223
#13 0xb250eaa6 in KJS::FunctionImp::callAsFunction (this=0xaf138e40, exec=0xbfffc41c, thisObj=0xafa90040, args=...)
    at /usr/src/debug/kdelibs-4.6.5/kjs/function.cpp:172
---Type <return> to continue, or q <return> to quit---
#14 0xb24f4ad6 in call (this=0xaf0bc040, exec=0xbfffc41c, thisObj=0xaf138e40, args=...)
    at /usr/src/debug/kdelibs-4.6.5/kjs/object.h:626
#15 KJS::FunctionProtoFunc::callAsFunction (this=0xaf0bc040, exec=0xbfffc41c, thisObj=0xaf138e40, args=...)
    at /usr/src/debug/kdelibs-4.6.5/kjs/function_object.cpp:139
#16 0xb2530ccb in call (exec=0xbfffc41c, codeBlock=..., parentExec=0xbfffc8dc)
    at /usr/src/debug/kdelibs-4.6.5/kjs/object.h:626
#17 KJS::Machine::runBlock (exec=0xbfffc41c, codeBlock=..., parentExec=0xbfffc8dc) at codes.def:1223
#18 0xb250eaa6 in KJS::FunctionImp::callAsFunction (this=0xaf20e800, exec=0xbfffc8dc, thisObj=0xaf20e840, args=...)
    at /usr/src/debug/kdelibs-4.6.5/kjs/function.cpp:172
#19 0xb2530ccb in call (exec=0xbfffc8dc, codeBlock=..., parentExec=0x0) at /usr/src/debug/kdelibs-4.6.5/kjs/object.h:626
#20 KJS::Machine::runBlock (exec=0xbfffc8dc, codeBlock=..., parentExec=0x0) at codes.def:1223
#21 0xb24e404c in KJS::FunctionBodyNode::execute (this=0xab8b668, exec=0xbfffc8dc)
    at /usr/src/debug/kdelibs-4.6.5/kjs/nodes.cpp:927
#22 0xb2517880 in KJS::Interpreter::evaluate (this=0x92440a0, sourceURL=..., startingLineNumber=257, code=0xabfc0a8, 
    codeLength=1402, thisV=0xafa90040) at /usr/src/debug/kdelibs-4.6.5/kjs/interpreter.cpp:564
#23 0xb2517a3a in KJS::Interpreter::evaluate (this=0x92440a0, sourceURL=..., startingLineNumber=257, code=..., thisV=
    0xafa90040) at /usr/src/debug/kdelibs-4.6.5/kjs/interpreter.cpp:504
#24 0xb29c3933 in KJSProxy::evaluate (this=0x9244e00, filename=..., baseLine=180373472, str=..., n=..., completion=0xbfffcadc)
    at /usr/src/debug/kdelibs-4.6.5/khtml/ecma/kjs_proxy.cpp:126
#25 0xb272dad3 in KHTMLPart::executeScript (this=0xab63040, filename=..., baseLine=57, n=..., script=...)
    at /usr/src/debug/kdelibs-4.6.5/khtml/khtml_part.cpp:1279
#26 0xb2802903 in khtml::HTMLTokenizer::scriptExecution (this=0xabc7440, str=..., scriptURL=..., baseLine=180373472)
    at /usr/src/debug/kdelibs-4.6.5/khtml/html/htmltokenizer.cpp:517
---Type <return> to continue, or q <return> to quit---
#27 0xb2806172 in khtml::HTMLTokenizer::scriptHandler (this=0xabc7440)
    at /usr/src/debug/kdelibs-4.6.5/khtml/html/htmltokenizer.cpp:470
#28 0xb2807c01 in khtml::HTMLTokenizer::parseRawContent (this=0xabc7440, src=...)
    at /usr/src/debug/kdelibs-4.6.5/khtml/html/htmltokenizer.cpp:379
#29 0xb280af3c in khtml::HTMLTokenizer::parseTag (this=0xabc7440, src=...)
    at /usr/src/debug/kdelibs-4.6.5/khtml/html/htmltokenizer.cpp:1527
#30 0xb280b5a6 in khtml::HTMLTokenizer::write (this=0xabc7440, str=..., appendData=false)
    at /usr/src/debug/kdelibs-4.6.5/khtml/html/htmltokenizer.cpp:1798
#31 0xb27b0c32 in DOM::DocumentImpl::write (this=0xab73680, text=...)
    at /usr/src/debug/kdelibs-4.6.5/khtml/xml/dom_docimpl.cpp:1687
#32 0xb2997af7 in KJS::HTMLDocFunction::callAsFunction (this=0xaf1dbb20, exec=0xbfffd3cc, thisObj=0xbfffd020, args=...)
    at /usr/src/debug/kdelibs-4.6.5/khtml/ecma/kjs_html.cpp:135
#33 0xb2530ccb in call (exec=0xbfffd3cc, codeBlock=..., parentExec=0xbfffd81c)
    at /usr/src/debug/kdelibs-4.6.5/kjs/object.h:626
#34 KJS::Machine::runBlock (exec=0xbfffd3cc, codeBlock=..., parentExec=0xbfffd81c) at codes.def:1223
#35 0xb250eaa6 in KJS::FunctionImp::callAsFunction (this=0xaf240cc0, exec=0xbfffd81c, thisObj=0xaf240be0, args=...)
    at /usr/src/debug/kdelibs-4.6.5/kjs/function.cpp:172
#36 0xb2530ccb in call (exec=0xbfffd81c, codeBlock=..., parentExec=0xbfffdc6c)
    at /usr/src/debug/kdelibs-4.6.5/kjs/object.h:626
#37 KJS::Machine::runBlock (exec=0xbfffd81c, codeBlock=..., parentExec=0xbfffdc6c) at codes.def:1223
#38 0xb250eaa6 in KJS::FunctionImp::callAsFunction (this=0xaf240f20, exec=0xbfffdc6c, thisObj=0xaf240d00, args=...)
    at /usr/src/debug/kdelibs-4.6.5/kjs/function.cpp:172
#39 0xb2530ccb in call (exec=0xbfffdc6c, codeBlock=..., parentExec=0x8d88858) at /usr/src/debug/kdelibs-4.6.5/kjs/object.h:626
---Type <return> to continue, or q <return> to quit---
#40 KJS::Machine::runBlock (exec=0xbfffdc6c, codeBlock=..., parentExec=0x8d88858) at codes.def:1223
#41 0xb250eaa6 in KJS::FunctionImp::callAsFunction (this=0xaf240de0, exec=0x8d88858, thisObj=0xafa90000, args=...)
    at /usr/src/debug/kdelibs-4.6.5/kjs/function.cpp:172
#42 0xb29ab578 in call (this=0xaf240de0, window=0xafa90000) at /usr/src/debug/kdelibs-4.6.5/kjs/object.h:626
#43 KJS::ScheduledAction::execute (this=0xaf240de0, window=0xafa90000)
    at /usr/src/debug/kdelibs-4.6.5/khtml/ecma/kjs_window.cpp:2283
#44 0xb29ba4f3 in KJS::WindowQObject::timerEvent (this=0x8cfdaf0)
    at /usr/src/debug/kdelibs-4.6.5/khtml/ecma/kjs_window.cpp:2458
#45 0xb6fd61c4 in QObject::event(QEvent*) () from /usr/lib/libQtCore.so.4
#46 0xb64566e4 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4
#47 0xb645f4a7 in QApplication::notify(QObject*, QEvent*) () from /usr/lib/libQtGui.so.4
#48 0xb74f50f1 in KApplication::notify (this=0xbfffe790, receiver=0x8cfdaf0, event=0xbfffe31c)
    at /usr/src/debug/kdelibs-4.6.5/kdeui/kernel/kapplication.cpp:311
#49 0xb6fc0d5e in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib/libQtCore.so.4
#50 0xb6ff214e in ?? () from /usr/lib/libQtCore.so.4
#51 0xb6feee12 in ?? () from /usr/lib/libQtCore.so.4
#52 0xb5b56b49 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0
#53 0xb5b57350 in ?? () from /usr/lib/libglib-2.0.so.0
#54 0xb5b5760e in g_main_context_iteration () from /usr/lib/libglib-2.0.so.0
#55 0xb6fef53b in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#56 0xb650d1ca in ?? () from /usr/lib/libQtGui.so.4
#57 0xb6fc003d in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
#58 0xb6fc0269 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib/libQtCore.so.4
---Type <return> to continue, or q <return> to quit---
#59 0xb6fc4d10 in QCoreApplication::exec() () from /usr/lib/libQtCore.so.4
#60 0xb64543e4 in QApplication::exec() () from /usr/lib/libQtGui.so.4
#61 0xb7f8638f in kdemain (argc=1, argv=0xbfffea44) at /usr/src/debug/kdebase-4.6.5/konqueror/src/konqmain.cpp:219
#62 0x0804860b in main (argc=1, argv=0xbfffea44) at /usr/src/debug/kdebase-4.6.5/build/konqueror/src/konqueror_dummy.cpp:3
Comment 2 Gérard Talbot (no longer involved) 2011-07-15 23:36:21 UTC 
Martin,

What this bug needs is the exact testcase where the "hang" happens so that we can reproduce, investigate, fix, etc. It's possible to "corner" this.

Also, the ECMAScript Test262 is now at version 5.1 and the hang occurs no longer at index 3644; it could be a test after S15.4.4.12_A3_T1 test.

Gérard
Comment 3 Gérard Talbot (no longer involved) 2011-07-15 23:40:19 UTC 
> it hangs after 3708 tests

We would need to have the code of test #3707 and the code of test #3708. Then we would be able to figure out and fix the problem.

Gérard
Comment 4 Gérard Talbot (no longer involved) 2011-08-29 01:11:08 UTC 
ECMAScript 5.1, approved in June 2011, is a maintenance revision of the ECMAScript 5 specification.

Version of ECMAScript test262 test suite: 0.7.5.3
Number of tests: 10927 tests
Date of test suite: 2011-07-18

Now, S15.4.4.12_A3_T1 is test 3704 I tried that version of test suite.
Konqueror 4.7.0 (KHTML rendering engine) under KDE 4.7.0 platform version had passed 3628 tests out of 3704 tests == 97.9% 
at that point.

-----------------

test262 discussion Archives mailing list
https://mail.mozilla.org/pipermail/test262-discuss/

test262 FAQ
http://wiki.ecmascript.org/doku.php?id=test262:faq

Ideally, one of the best person to contact in order to know what is the code of
S15.4.4.12_A3_T1
test would be Dave Fugate

regards, Gérard
Comment 5 Gérard Talbot (no longer involved) 2011-12-25 07:54:46 UTC 
Number of tests: 11108 tests
Date of test suite: 2011-11-28

Now, S15.4.4.12_A3_T1 is test 7553.
Konqueror 4.7.4 (KHTML rendering engine) under KDE 4.7.4 platform version had
passed 4153 tests out of 7553 tests achieving a performance score of 54.9% 
at that point.

Gérard
Comment 6 Bernd Buschinski 2012-04-16 22:35:20 UTC 
Git commit 5084dfd772ac39dbbb91044076f28cfe1be22a9d by Bernd Buschinski.
Committed on 17/04/2012 at 00:06.
Pushed by buschinski into branch 'KDE/4.8'.

kjs: Corretly get the begin and deleteCount for array.splice

The current implementation only allows max int values.
But ecmascript 15.4.4.12 allows max uint32 (via ToInteger(which is a double)
and limits it to the array length(uint32))

FIXED-IN: 4.8.3
REVIEW: 104104

M  +6    -5    kjs/array_object.cpp

http://commits.kde.org/kdelibs/5084dfd772ac39dbbb91044076f28cfe1be22a9d
Comment 7 Gérard Talbot (no longer involved) 2012-04-17 00:19:16 UTC 
Bernd,

This is great! I can't wait for 4.8.3 to be released!

Thanks for your time and expert knowledge of javascript! :)

Gérard
Comment 8 Gérard Talbot (no longer involved) 2012-06-21 19:13:36 UTC 
I took the ECMAScript Test262 test suite yesterday:
11570 tests, ES 5.1, Test Suite Date: 2012-05-18

PASS: 7306
FAIL:  4264

Success rate: 63.15%

I am using
KDE Platform Version: 4.8.4
Konqueror version: 4.8.4 (with KHTML rendering engine)
Qt Version: 4.8.1
Operating System: Linux 3.2.0-25-generic-pae i686 (32bits)
Distribution: Kubuntu 12.04 LTS
here.

Therefore, I am marking this bug as VERIFIED.

Gérard
Comment 9 Nick 2014-08-26 03:02:56 UTC 
Attempting with KDE 4.14.0 this test page no longer works. Consider reopening.
Comment 10 Gérard Talbot (no longer involved) 2014-08-26 18:31:21 UTC 
(In reply to nick from comment #9)
> Attempting with KDE 4.14.0 this test page no longer works. Consider
> reopening.

Nick,

Could you please create a new bug report for this? And please provide as much useful details as possible... so that the source of regression can be figured out.

Gérard
Comment 11 Nick 2014-08-26 18:34:00 UTC 
That's odd. Today it's working.
Yesterday it wouldn't even fully render the page.
Not sure what changed.
Comment 12 Nick 2014-08-26 18:36:24 UTC 
Is there any roadmap somewhere to track KJS ES5 support?