MantisBT - NetSurf
View Issue Details
0002413NetSurfRISC OS-specificpublic2016-01-26 07:322016-02-16 14:08
ReporterDavid Pitt 
Assigned ToJohn-Mark Bell 
PrioritynormalSeveritymajorReproducibilityalways
StatusclosedResolutionfixed 
PlatformRISC OSOSRISC OSOS VersionOS5.23
Product Version3.3 
Target Version3.4Fixed in Version3.4 
Fixed in CI build #3329
Reported in CI build #3307
URL of problem pagehttp://www.bbc.co.uk
Summary0002413: BBC home page endless javascript loop
DescriptionAttempting to load the BBC's home page with Javascript enabled results in an endless hourglass and NetSurf has to be alt-breaked.
Steps To ReproduceClick on http://www.bbc.co.uk
Additional InformationThe loop is :-

(142.860000) javascript/duktape/dukky.c:57 dukky_populate_object: RuhRoh, couldn't find a prototype, HTMLUnknownElement it is
(142.860000) javascript/duktape/dukky.c:73 dukky_populate_object: Call the init function
TagsNo tags attached.
Attached Fileszip beeb-loop.zip (147,842) 2016-01-26 07:32
https://bugs.netsurf-browser.org/mantis/file_download.php?file_id=402&type=bug

Notes
(0001160)
Dave Higton   
2016-01-27 22:53   
Confirmed reproducible with CI #3315
(0001161)
Michael Drake   
2016-01-30 12:22   
Test case, thanks to jmb:

<!DOCTYPE html>
<script type="text/javascript">
var x = document.createElement("p");
for (var g = ['modernizr','tspan']; !x.style;) { x.modElem =
document.createElement(g.shift()); x.style = x.modElem.style;
}
</script>
(0001162)
John-Mark Bell   
2016-01-30 23:18   
Here's a less-minified version (which also reflects reality better than the above):

<script type="text/javascript">
var modElem = { elem: document.createElement('modernizr') };
var mStyle = { style: modElem.elem.style };
var elems = [ 'modernizr', 'tspan' ];

while (!mStyle.style) {
    mStyle.modElem = document.createElement(elems.shift());
    mStyle.style = mStyle.modElem.style;
}
</script>

So, the actual problem here is that HTMLElement.style is unimplemented so, whenever it is read, we return undefined. This results in the loop above never terminating, and disappointment.

The test case Michael posted also exposes another bug:

document.createElement("p") should create an HTMLParagraphElement -- it doesn't, as dukky_push_node_klass asks for PROTO(HTML) + P + ELEMENT (i.e. PROTO(HTMLPELEMENT), rather than PROTO(HTMLPARAGRAPHELEMENT).
(0001165)
David Pitt   
2016-01-31 15:37   
I see some work has been done on this bug. With #3330 neither the BBC home page nor the test case 1161 above go into an endless loop as previously.

(For some reason I am not getting email notifications from the bug tracker of additions to the threads. I shall have to pay attention manually.)
(0001167)
John-Mark Bell   
2016-01-31 19:48   
2420 tracks the bogus prototype stuff, so closing.
(0001240)
Vincent Sanders   
2016-02-16 14:08   
Confirmed fixed in 3.4 release

Issue History
2016-01-26 07:32David PittNew Issue
2016-01-26 07:32David PittFile Added: beeb-loop.zip
2016-01-27 22:53Dave HigtonNote Added: 0001160
2016-01-27 22:53Dave HigtonStatusnew => acknowledged
2016-01-30 12:22Michael DrakeNote Added: 0001161
2016-01-30 23:18John-Mark BellNote Added: 0001162
2016-01-31 15:37David PittNote Added: 0001165
2016-01-31 19:48John-Mark BellFixed in CI build # => 3329
2016-01-31 19:48John-Mark BellNote Added: 0001167
2016-01-31 19:48John-Mark BellAssigned To => John-Mark Bell
2016-01-31 19:48John-Mark BellStatusacknowledged => resolved
2016-01-31 19:48John-Mark BellResolutionopen => fixed
2016-01-31 19:48John-Mark BellFixed in Version => 3.4
2016-01-31 19:48John-Mark BellTarget Version => 3.4
2016-02-16 14:08Vincent SandersNote Added: 0001240
2016-02-16 14:08Vincent SandersStatusresolved => closed