279666 - Browser exits without cleaning up when running javascript loop

Status: RESOLVED DUPLICATE of bug 271716

(Firefox :: General, defect)

Description

[efrey2]

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0 StumbleUpon/1.999
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0 StumbleUpon/1.999

When the browser encounters the code 

<HTML>
</SCRIPT> a = new Array(); while (1) { (a = new Array(a)).sort(); } </SCRIPT>
</SCRIPT> a = new Array(); while (1) { (a = new Array(a)).sort(); } </SCRIPT>
</HTML> 

(this is broken on purpose) the browser exits gui but leaves instance running in
memory.  Any subsequent firefox instances that are run crash imediatly untill
the process is kill in the task manager.  I will test it tonight on linux to see
if I can reproduce it there as well.

Reproducible: Always

Steps to Reproduce:
1. Write the  following code:
<HTML>
</SCRIPT> a = new Array(); while (1) { (a = new Array(a)).sort(); } </SCRIPT>
</SCRIPT> a = new Array(); while (1) { (a = new Array(a)).sort(); } </SCRIPT>
</HTML> 
2. Open it in firefox.
Actual Results:  
Firefox crashed.  Upon opening new firefox instance, it crashed imediatly. Upon
inspecting running processes, firefox.exe was still running.  This was
reproduced on multiple windows xp service pack 2 machines with firefox 1.0 with
the same results

Expected Results:  
If firefox cant handle the javascript, i would expect it to timeout the script
or if it had to exit, to clean up after itself.

Comment 1

[efrey2]

when writing the 
</SCRIPT> a = new Array(); while (1) { (a = new Array(a)).sort(); } </SCRIPT>
lines in the poc, remove the slash in the first <SCRIPT> tag on both lines

</SCRIPT>code.......<SCRIPT>

to

<SCRIPT>code.......</SCRIPT>

im sure you know this, just didnt want you to miss it.

Comment 2

[Erik Fabert]

Same code as attachment 167017 [details].

*** This bug has been marked as a duplicate of 271716 ***