Created attachment 610699 [details]
testcase (crashes Firefox when loaded)
Might be a regression from bug 739694.
Created attachment 610700 [details]
Hmph, apparently script->filename can be null.
Stack looks like a null deref (also noted in comment 2). Is there a worry about exploitability here or can we call this a DoS?
JS_HashString starts touching at offset 0, so safe low-memory fault.
Created attachment 614210 [details] [diff] [review]