$ obj-aarch64-unknown-freebsd11.0/dist/bin/jsapi-tests testGCAllocator testGCAllocator Segmentation fault (lldb) bt jsapi-tests was compiled with optimization - stepping may behave oddly; variables may not be available. * thread #1: tid = 101021, 0x00000000004764ac jsapi-tests`cls_testGCAllocator::mapMemoryAt(this=0x00000000018cf850, desired=0x0000070000200000, length=8388608) + 36 at testGCAllocator.cpp:318, stop reason = signal SIGSEGV: invalid address (fault address: 0x0) frame #0: 0x00000000004764ac jsapi-tests`cls_testGCAllocator::mapMemoryAt(this=0x00000000018cf850, desired=0x0000070000200000, length=8388608) + 36 at testGCAllocator.cpp:318 [opt] (lldb) bt * thread #1: tid = 101021, 0x00000000004764ac jsapi-tests`cls_testGCAllocator::mapMemoryAt(this=0x00000000018cf850, desired=0x0000070000200000, length=8388608) + 36 at testGCAllocator.cpp:318, stop reason = signal SIGSEGV: invalid address (fault address: 0x0) * frame #0: 0x00000000004764ac jsapi-tests`cls_testGCAllocator::mapMemoryAt(this=0x00000000018cf850, desired=0x0000070000200000, length=8388608) + 36 at testGCAllocator.cpp:318 [opt] frame #1: 0x00000000004762ec jsapi-tests`cls_testGCAllocator::testGCAllocatorUp(this=0x00000000018cf850, PageSize=<unavailable>) + 128 at testGCAllocator.cpp:131 [opt] frame #2: 0x0000000000475a80 jsapi-tests`cls_testGCAllocator::run(this=0x00000000018cf850, global=<unavailable>) + 84 at testGCAllocator.cpp:57 [opt] frame #3: 0x000000000051c52c jsapi-tests`main(argc=<unavailable>, argv=<unavailable>) + 220 at tests.cpp:128 [opt] frame #4: 0x000000000042ad20 jsapi-tests`__start + 360 frame #5: 0x0000000040df1630 ld-elf.so.1 at rtld_start.S:41 (lldb) re r General Purpose Registers: x0 = 0x00000000018cf850 jsapi-tests`cls_testGCAllocator_instance x1 = 0x0000070000200000 x2 = 0x0000000000800000 jsapi-tests`js::jit::ValueNumberer::ValueNumberer(js::jit::MIRGenerator*, js::jit::MIRGraph&) + 4 [inlined] js::jit::MIRGraph::alloc() const at ValueNumbering.cpp:1206 jsapi-tests`js::jit::ValueNumberer::ValueNumberer(js::jit::MIRGenerator*, js::jit::MIRGraph&) + 4 at ValueNumbering.cpp:1206 x3 = 0x0000000000001002 x4 = 0x00000000ffffffff x5 = 0x0000000000000000 x6 = 0x0000000000000000 x7 = 0x0000000000000000 x8 = 0x0000000000000000 x9 = 0x00000000018d48e8 jsapi-tests`gMozCrashReason x10 = 0x0000000000d20bd4 x11 = 0x000000000000013e x12 = 0x0000000000000004 x13 = 0x0000000000000427 x14 = 0x0000ffffffffe564 x15 = 0x0000000000000000 x16 = 0x0000000000e65a50 jsapi-tests`symbol stub for: munmap x17 = 0x00000000410d6d34 libc.so.7`munmap x18 = 0x0000000048239fc0 x19 = 0x00000000018cf850 jsapi-tests`cls_testGCAllocator_instance x20 = 0x00000000008ff000 jsapi-tests`js::Proxy::className(JSContext*, JS::Handle<JSObject*>)+ 180 [inlined] js::BaseProxyHandler::className(JSContext*, JS::Handle<JSObject*>) const + 20 at Proxy.cpp:557 jsapi-tests`js::Proxy::className(JSContext*, JS::Handle<JSObject*>) + 160 at Proxy.cpp:557 x21 = 0x0000000000000000 x22 = 0x00000000018cf850 jsapi-tests`cls_testGCAllocator_instance x23 = 0x0000000000d28e03 x24 = 0x0000000000d28e18 x25 = 0x0000000000d28dd0 x26 = 0x0000000000d20b60 x27 = 0x0000000000000000 x28 = 0x0000000000000000 fp = 0x0000ffffffffea60 lr = 0x00000000004762ec jsapi-tests`cls_testGCAllocator::testGCAllocatorUp(unsigned long) +128 [inlined] AnnotateMozCrashReason(char const*) at testGCAllocator.cpp:379 jsapi-tests`cls_testGCAllocator::testGCAllocatorUp(unsigned long) + 128 [inlined] cls_testGCAllocator::unmapPages(void*, unsigned long) at testGCAllocator.cpp:125 jsapi-tests`cls_testGCAllocator::testGCAllocatorUp(unsigned long) + 128 at testGCAllocator.cpp:125 sp = 0x0000ffffffffea60 pc = 0x00000000004764ac jsapi-tests`cls_testGCAllocator::mapMemoryAt(void*, unsigned long) + 36 at testGCAllocator.cpp:318 cpsr = 0x40000000

--disable-ion fails to build, so relation to bug 1323115 is unknown.

Hmm, I cannot reproduce on Firefox 55 anymore. $ .../jsapi-tests testGCAllocator testGCAllocator TEST-PASS | testGCAllocator | ok Passed: ran 1 tests.

Bisecting first good is mozilla-central changeset 042d975f9355, parentheses in testGCAllocator.cpp to be specific.