Learn JScript Bugs and Memory Management from me_javascript skills-JS Tutorial-php.cn

Home

Web Front-end

JS Tutorial

Learn JScript Bugs and Memory Management from me_javascript skills

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

May 16, 2016 pm 03:31 PM

bugjscriptMemory management

1. JScript Bug

IE's ECMAScript implementation of JScript seriously confuses named function expressions, causing many people to oppose named function expressions, and even the version that is still in use (version 5.8 used in IE8) still exists The following questions.

Let’s take a look at what mistakes IE made in its implementation. As the saying goes, only by knowing the enemy can you be invincible. Let’s take a look at the following examples:

Example 1: Identifier of function expression leaked to outer scope

var f = function g(){};
typeof g; // "function"

We said earlier that the identifier of a named function expression is invalid in the external scope, but JScript obviously violates this specification. The identifier g in the above example is parsed into a function object, which is messy. Yes, many hard-to-find bugs are caused by this reason.

Note: This problem seems to have been fixed in IE9

Example 2: Treat a named function expression as both a function declaration and a function expression

typeof g; // "function"
var f = function g(){};

In the feature environment, function declarations will be parsed before any expression. The above example shows that JScript actually treats the named function expression as a function declaration because it parses g before the actual declaration.

This example leads to the next one.

Example 3: Named function expressions create two completely different function objects!

var f = function g(){};
f === g; // false
f.expando = 'foo';
g.expando; // undefined

Seeing this, everyone will think that the problem is serious, because modifying any object will not change the other one. This is too evil. Through this example, we can find that creating two different objects, that is to say, if you want to modify the attribute of f to save certain information, and then use it as a matter of course by referencing the same name attribute of g of the same object, then there will be a big problem. Because it's simply impossible.

Let’s look at a slightly more complicated example:

Example 4: Only parse function declarations sequentially and ignore conditional statement blocks

var f = function g() {
  return 1;
};
if (false) {
 f = function g(){
 return 2;
 };
}
g(); // 2

This bug is much harder to find, but the cause of the bug is very simple. First, g is parsed as a function declaration. Since function declarations in JScript are not subject to conditional code blocks, in this nasty if branch, g is treated as another function function g(){ return 2 }, also It was just declared again. Then, all "regular" expressions are evaluated, and f is given a reference to another newly created object. Since the abominable if branch "" will never be entered when the expression is evaluated, f will continue to refer to the first function function g(){ return 1 }. After analyzing this, the problem is very clear: if If you are not careful enough and call g in f, an irrelevant g function object will be called

You may ask, what are the differences when comparing different objects with arguments.callee? Let’s take a look:

var f = function g(){
  return [
  arguments.callee == f,
  arguments.callee == g
  ];
};
f(); // [true, false]
g(); // [false, true]

As you can see, the reference of arguments.callee is always the called function. In fact, this is also a good thing, as will be explained later.

Another interesting example is using a named function expression in an assignment statement that does not contain a declaration:

(function(){
 f = function f(){};
})();

According to the code analysis, we originally wanted to create a global attribute f (be careful not to confuse it with the general anonymous function, which uses a named declaration). JScript made a mess here. First, it changed the expression The expression is parsed as a function declaration, so f on the left is declared as a local variable (the same as the declaration in a general anonymous function). Then when the function is executed, f is already defined, and the function f() on the right {} is directly assigned to the local variable f, so f is not a global attribute at all.

After understanding how abnormal JScript is, we must prevent these problems in time. First, prevent identifiers from leaking into external scopes. Secondly, identifiers used as function names should never be quoted; remember the one in the previous example The annoying identifier g? ——If we can pretend that g does not exist, how much unnecessary trouble can be avoided. Therefore, the key is to always refer to functions via f or arguments.callee. If you use named function expressions, you should only use that name when debugging. Finally, remember to clean up functions that were created incorrectly during the declaration of a named function expression.

2. JScript memory management

After knowing these non-standard code parsing bugs, if we use it, we will find that there is actually a problem with memory. Let’s look at an example:

var f = (function(){
 if (true) {
 return function g(){};
 }
 return function g(){};
})();

我们知道，这个匿名函数调用返回的函数（带有标识符g的函数），然后赋值给了外部的f。我们也知道，命名函数表达式会导致产生多余的函数对象，而该对象与返回的函数对象不是一回事。所以这个多余的g函数就死在了返回函数的闭包中了，因此内存问题就出现了。这是因为if语句内部的函数与g是在同一个作用域中被声明的。这种情况下，除非我们显式断开对g函数的引用，否则它一直占着内存不放。

var f = (function(){
 var f, g;
 if (true) {
 f = function g(){};
 }
 else {
 f = function g(){};
 }
 // 设置g为null以后它就不会再占内存了
 g = null;
 return f;
})();

通过设置g为null，垃圾回收器就把g引用的那个隐式函数给回收掉了，为了验证我们的代码，我们来做一些测试，以确保我们的内存被回收了。

测试

测试很简单，就是命名函数表达式创建10000个函数，然后把它们保存在一个数组中。等一会儿以后再看这些函数到底占用了多少内存。然后，再断开这些引用并重复这一过程。下面是测试代码：

function createFn(){
 return (function(){
 var f;
 if (true) {
  f = function F(){
  return 'standard';
  };
 }
 else if (false) {
  f = function F(){
  return 'alternative';
  };
 }
 else {
  f = function F(){
  return 'fallback';
  };
 }
 // var F = null;
 return f;
 })();
}

var arr = [ ];
for (var i=0; i < 10000; i++) {
 arr[i] = createFn();
}

通过运行在Windows XP SP2中的任务管理器可以看到如下结果：

IE7:

 without `null`: 7.6K -> 20.3K
 with `null`:  7.6K -> 18K

IE8:

 without `null`: 14K -> 29.7K
 with `null`:  14K -> 27K

如我们所料，显示断开引用可以释放内存，但是释放的内存不是很多，10000个函数对象才释放大约3M的内存，这对一些小型脚本不算什么，但对于大型程序，或者长时间运行在低内存的设备里的时候，这是非常有必要的。

以上就是关于JScript的Bug与内存管理的全部介绍，希望对大家的学习有所帮助。

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

如何在 Windows 11 中增加虚拟内存（页面文件）May 13, 2023 pm 04:37 PM

如果您在运行高端应用程序或游戏时注意到一定的延迟，则可能是RAM/内存通常运行已满。这是增加Windows11中的虚拟内存或页面文件大小的地方。虚拟内存或页面文件是最容易被误解的概念之一，围绕它有很多神话。无论其他人说什么或做什么，都必须彻底了解如何从您的计算机中获得最佳性能。在以下部分中，我们将引导您完成在Windows11中增加虚拟内存的步骤，帮助您了解其重要性以及最佳虚拟内存大小。为什么需要虚拟内存？页面文件或虚拟内存基本上是用作RAM的硬盘的一部分。当内存已满且无法存储更多数据时

如何在 Windows 11 中重置虚拟内存（页面文件）？Apr 13, 2023 pm 11:28 PM

如果您的计算机没有足够的 RAM 或总是满的，您可以依靠虚拟内存从物理内存中卸载非活动文件。但是，如果这不太顺利，您可能需要在 Windows 11 中重置虚拟内存。我们经常看到我们的计算机滞后，最可能的情况是Windows 11 中的高 RAM 使用率。有很多方法可以降低 RAM 消耗，但这可能会影响您的体验。而且，这就是虚拟内存可以提供帮助的地方。有时需要在 Windows 11 中重置虚拟内存，因此，必须正确理解该概念和过程，我们在以下部分中进行了讨论。虚拟内存是如何工作的，为什么我需要重

Windows 11 停止代码内存管理：7 个修复May 04, 2023 pm 11:34 PM

如果您的PC出现内存管理错误，您需要查看这些Windows11停止代码内存管理修复程序。如果您的系统崩溃并出现蓝屏或BSOD，您可能已经看到了Windows11停止代码内存管理错误。它将在屏幕上显示MEMORY_MANAGEMENT，表明系统内存管理存在问题。例如，它可能（或可能不）伴随着停止代码，如0x0000001A。有时您可以通过基本重启来解决错误，但它通常涉及额外的故障排除步骤。如果您在Windows11PC上遇到错误，请应用以下修复程序并运行扫描以使您的系统重新启动并运

游戏bug是什么意思Feb 18, 2024 am 11:30 AM

游戏bug是什么意思在玩游戏的过程中，我们常常会遇到一些意想不到的错误或者问题，比如角色卡住、任务无法继续、画面闪烁等等。这些不正常的现象就被称为游戏bug，即游戏中的故障或错误。在本文中，我们将探讨游戏bug是什么意思以及对玩家和开发者的影响。游戏bug是指在游戏的开发或运行过程中出现的错误，导致游戏无法正常进行或者出现不符合预期的情况。这些错误可能是由于

Java开发如何提升图片处理效能？Jun 30, 2023 pm 02:09 PM

随着互联网的快速发展，图片处理在各种应用中扮演着重要的角色。而对于Java开发者来说，如何优化图片处理的性能是一个不可忽视的问题。本文将介绍一些优化图片处理性能的方法。首先，对于Java开发中的图片处理，我们可以考虑使用专门的图片处理库，例如JAI（JavaAdvancedImaging）和ImageIO。这些库提供了丰富的图片处理功能，并且经过了优化，

苹果iOS18bug汇总Jun 14, 2024 pm 01:48 PM

随着苹果WWDC发布会2024圆满落幕，不仅揭晓了macos15，其中最受关注的还是苹果iOS18新系统的更新，虽然有很多新功能出现，但是作为苹果iOS18首版不免让人纠结是否有必要升级苹果iOS18，在最新发布的苹果iOS18中又有哪些BUG存在呢？经过真实的使用测评，下面是苹果iOS18bug汇总，一起来看看吧。目前有许多iPhone用户都抢先升级到了iOS18.但各种系统Bug让人难受。有博主表示，升级iOS18要谨慎，因为“Bug多到飞起”。博主表示，如果你的iPhone是

如何处理Linux系统中出现的系统内存不足问题Jun 29, 2023 pm 12:13 PM

如何处理Linux系统中出现的系统内存不足问题摘要：Linux系统是一种稳定性强、安全性高的操作系统，但有时候会遇到系统内存不足的问题。本文将介绍一些常见的处理方法，帮助用户解决这一问题。关键词：Linux系统、系统内存、不足、处理方法正文：引言Linux系统作为一种开源的操作系统，被广泛应用于各种服务器和嵌入式设备中。然而，有时候我们会发现在运行过程中，系

PHP中的内存管理和垃圾回收技术May 11, 2023 am 08:33 AM

PHP作为一种广泛使用的脚本语言，为了在运行时保证高效执行，具有独特的内存管理和垃圾回收技术。本文将简单介绍PHP内存管理和垃圾回收的原理和实现方式。一、PHP内存管理的原理PHP的内存管理采用了引用计数（ReferenceCounting）来实现，这种方式是现代化的语言中比较常见的内存管理方式之一。当一个变量被使用时，PHP会为其分配一段内存，并将这段内

See all articles