Created attachment 610699 [details] testcase (crashes Firefox when loaded) Might be a regression from bug 739694.
Hmph, apparently script->filename can be null.
Stack looks like a null deref (also noted in comment 2). Is there a worry about exploitability here or can we call this a DoS?
JS_HashString starts touching at offset 0, so safe low-memory fault.