Closed
Bug 464001
Opened 16 years ago
Closed 16 years ago
crash on startup with javascript.options.jit.chrome turned on [@ nanojit::LirBufWriter::insLink(nanojit::LOpcode, nanojit::LIns*) ]
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 467007
mozilla1.9.1b2
People
(Reporter: steffen.wilberg, Unassigned)
References
()
Details
(Keywords: crash, regression, topcrash)
Crash Data
I can't start the latest 3.1b2pre nightly on Windows Vista 64 anymore, it crashes instantly:
http://crash-stats.mozilla.com/report/index/792c5894-af11-11dd-9a59-001a4bd43e5c
|
Reporter | |
Comment 1•16 years ago
|
||
Only happens with javascript.options.jit.chrome turned on.
Summary: crash on startup [@ nanojit::LirBufWriter::insLink(nanojit::LOpcode, nanojit::LIns*) ] → crash on startup with javascript.options.jit.chrome turned on [@ nanojit::LirBufWriter::insLink(nanojit::LOpcode, nanojit::LIns*) ]
|
|
Reporter | |
Comment 2•16 years ago
|
||
Buils ID is Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1b2pre) Gecko/20081109 Minefield/3.1b2pre, built from http://hg.mozilla.org/mozilla-central/rev/229683caa4c3.
Severity: blocker → critical
|
||
Comment 3•16 years ago
|
||
0 js3250.dll nanojit::LirBufWriter::insLink js/src/nanojit/LIR.cpp:438
1 js3250.dll nanojit::LirBufWriter::ensureReferenceable js/src/nanojit/LIR.cpp:267
2 js3250.dll nanojit::LirBufWriter::ins2 js/src/nanojit/LIR.cpp:344
3 js3250.dll nanojit::CseFilter::ins2 js/src/nanojit/LIR.cpp:1944
4 js3250.dll nanojit::ExprFilter::ins2 js/src/nanojit/LIR.cpp:931
5 js3250.dll FuncFilter::ins2 js/src/jstracer.cpp:742
6 js3250.dll TraceRecorder::unbox_jsval js/src/jstracer.cpp:4736
7 js3250.dll TraceRecorder::record_IteratorNextComplete js/src/jstracer.cpp:6668
8 js3250.dll js_Interpret js/src/jsinterp.cpp:3208
9 js3250.dll js_Invoke js/src/jsinterp.cpp:1324
|
|
Reporter | |
Comment 4•16 years ago
|
||
Can this be fixed for Beta 2, or is jit.chrome not considered important enough since the jit.chrome pref is disabled by default anyway?
This bug is bad to hit because you either have to start the profile with an earlier version which doesn't crash, or edit prefs.js manually to disable jit.chrome.
Target Milestone: --- → mozilla1.9.1b2
|
||
Comment 5•16 years ago
|
||
related (or dupe?) of bug 460272?
|
|
Reporter | |
Comment 6•16 years ago
|
||
WFM with Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1b2pre) Gecko/20081116 Firefox/3.1b2pre.
Status: NEW → RESOLVED
Closed: 16 years ago
Flags: blocking1.9.1?
Resolution: --- → WORKSFORME
Mmm... seems to be still a topcrash in current trunk according to:
http://crash-stats.mozilla.com/report/list?product=Firefox&version=Firefox%3A3.1b2&version=Firefox%3A3.1b2pre&version=Firefox%3A3.1b3pre&query_search=signature&query_type=contains&query=&date=&range_value=1&range_unit=weeks&do_query=1&signature=nanojit%3A%3ALirBufWriter%3A%3AinsLink%28nanojit%3A%3ALOpcode%2C%20nanojit%3A%3ALIns*%29
Status: RESOLVED → REOPENED
Resolution: WORKSFORME → ---
|
|
||
Comment 8•16 years ago
|
||
duping to bug 467007 which contains a testcase
Status: REOPENED → RESOLVED
Closed: 16 years ago → 16 years ago
Resolution: --- → DUPLICATE
|
||
Updated•13 years ago
|
Crash Signature: [@ nanojit::LirBufWriter::insLink(nanojit::LOpcode, nanojit::LIns*) ]
You need to log in
before you can comment on or make changes to this bug.
Description
•