long sequence/comma operator expression fails
Reported by
asyn...@gmail.com,
Apr 11 2016
|
||||
Issue description
UserAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2705.0 Safari/537.36
Example URL:
Steps to reproduce the problem:
1. Run JS that uses repeated comma (,) operator, e.g.
<script>
var s = '1';
for (var i = 0; i < 10000; i++) {
s += ',a[' + i + '] = "' + i + '"';
}
var fn = new Function('a', s);
fn({});
</script>
What is the expected behavior?
No failure when run
What went wrong?
Failed with "Maximum call stack size exceeded"
Does it occur on multiple sites: Yes
Is it a problem with a plugin? No
Did this work before? N/A
Does this work in other browsers? N/A
Chrome version: 52.0.2705.0 Channel: canary
OS Version: OS X 10.11.3
Flash Version: Shockwave Flash 21.0 r0
This kind of code is likely to be produced by Uglify (with `{compress: {sequence: true}}` default option)
Multiple reports at:
- http://stackoverflow.com/questions/36540566/warning-error-during-font-loading-maximum-call-stack-size-exceeded-error-with
- https://github.com/mozilla/pdf.js/issues/7044
,
Apr 13 2016
Tested the issue on Mac 10.10.5, Windows 7, Ubuntu 14.04 using 52.0.2705.0, stable 49.0.2623.112, latest canary 52.0.2707.0 with below steps: 1.Opened chrome-dev tools->console. 2.Given code and run. 3.Observed the error 'Uncaught SyntaxError: Unexpected token <'. Please find attached screenshot and update if anything missed here in triaging the issue. async5y@Could you please provide expected behavior screenshot for further triaging the issue.
,
Apr 13 2016
You need to leave out the <script> tag.
,
Apr 14 2016
This is almost certainly related to the same stack growth issues we've seen elsewhere in parsing due to our ExpressionClassifier. |
||||
►
Sign in to add a comment |
||||
Comment 1 by cbiesin...@chromium.org
, Apr 12 2016