Beginning on October 25th, 2016, Persona will no longer be an option for authentication on BMO. For more details see Persona Deprecated.
Last Comment Bug 650574 - Crash with too much recursion in exn_toSource
: Crash with too much recursion in exn_toSource
: crash, regression, testcase
Product: Core
Classification: Components
Component: JavaScript Engine (show other bugs)
: Trunk
: All All
: -- critical (vote)
: mozilla6
Assigned To: Jeff Walden [:Waldo] (remove +bmo to email)
: Jason Orendorff [:jorendorff]
Depends on:
Blocks: 326633 645468
  Show dependency treegraph
Reported: 2011-04-16 19:16 PDT by Jesse Ruderman
Modified: 2013-01-19 13:50 PST (History)
8 users (show)
choller: in‑testsuite+
See Also:
Crash Signature:
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---

stack trace (66.33 KB, text/plain)
2011-04-16 19:16 PDT, Jesse Ruderman
no flags Details
Patch and test (2.18 KB, patch)
2011-04-26 12:08 PDT, Jeff Walden [:Waldo] (remove +bmo to email)
luke: review+
Details | Diff | Splinter Review

Description Jesse Ruderman 2011-04-16 19:16:59 PDT
Created attachment 526549 [details]
stack trace

var e = Error('');
e.fileName = e;

--> Crash with too much recursion in exn_toSource

The first bad revision is:
changeset:   0906d9490eaf
user:        Jeff Walden
date:        Mon Mar 28 20:01:53 2011 -0700
summary:     Bug 645468 - Remove js_TryMethod: its semantics aren't what most of its users want, and its utility is limited.  r=luke
Comment 1 Andreas Gal :gal 2011-04-16 19:26:42 PDT
Awesome testcase.
Comment 2 Jeff Walden [:Waldo] (remove +bmo to email) 2011-04-18 14:04:04 PDT
I reproduced this once, but now I can't reproduce it for some reason, and I'm not sure why.  Is anyone else seeing this still, and if not, could someone bisect and figure out how this went away?  It's not immediately obvious to me why it would have gone away, if it did.
Comment 3 Jesse Ruderman 2011-04-18 19:59:49 PDT
Still crashes for me with rev 59325b2ca38b (64-bit, debug, mac). Want me to catch it in gdb for you?
Comment 4 Jeff Walden [:Waldo] (remove +bmo to email) 2011-04-26 12:08:07 PDT
Created attachment 528390 [details] [diff] [review]
Patch and test

Nope, it reproduces easily now, not sure what I was doing differently then.
Comment 5 Luke Wagner [:luke] 2011-04-26 12:24:42 PDT
Comment on attachment 528390 [details] [diff] [review]
Patch and test

Review of attachment 528390 [details] [diff] [review]:

Ooh, I get to use splinter.  Unfortunately, I have no nits.
Comment 6 Steve Fink [:sfink] [:s:] 2011-04-26 12:49:51 PDT
Comment on attachment 528390 [details] [diff] [review]
Patch and test

Review of attachment 528390 [details] [diff] [review]:

::: js/src/tests/ecma_5/extensions/toSource-infinite-recursion.js
@@ +22,5 @@
+catch (e)
+  assertEq(e instanceof InternalError, true,
+           "should have thronw for over-recursion");

What do you mean, no nits? You souhld get ouyr eyes cehcked.
Comment 7 Jeff Walden [:Waldo] (remove +bmo to email) 2011-04-26 23:19:51 PDT
Comment 8 Chris Leary [:cdleary] (not checking bugmail) 2011-05-02 16:00:58 PDT
cdleary-bot mozilla-central merge info:
Comment 9 George Carstoiu 2011-07-28 05:56:06 PDT
Mozilla/5.0 (X11; Linux i686; rv:6.0) Gecko/20100101 Firefox/6.0

Verified on WinXP, Win7 x86, Ubuntu 11.04 x86 and Mac OS X 10.6 with the steps from comment 0. 

Returned error: InternalError: too much recursion

Setting status to Verified Fixed.
Comment 10 Christian Holler (:decoder) 2013-01-19 13:50:55 PST
Automatically extracted testcase for this bug was committed:

Note You need to log in before you can comment on or make changes to this bug.