I think this is a crash in JIT code unrelated to LiveSavedFrameCache. The one in comment 0 is a SIGILL / ILL_ILLOPC crash in the code below. Lars, this should be valid code right? I wonder if there's a problem with invalidating the instruction cache. 7f37c714b8: 52800022 mov w2, #0x1 // #1 7f37c714bc: d2901910 mov x16, #0x80c8 // #32968 7f37c714c0: f2a55fd0 movk x16, #0x2afe, lsl #16 7f37c714c4: f2c00ff0 movk x16, #0x7f, lsl #32 7f37c714c8: f9400209 ldr x9, [x16] 7f37c714cc: f9400120 ldr x0, [x9] 7f37c714d0: d63f0000 blr x0 7f37c714d4: 9100639c add x28, x28, #0x18 7f37c714d8: f81c82e2 stur x2, [x23, #-56] 7f37c714dc: d2ffff53 mov x19, #0xfffa000000000000 // #-1688849860263936 7f37c714e0: d2901b10 mov x16, #0x80d8 // #32984 7f37c714e4: f2a55fd0 movk x16, #0x2afe, lsl #16 7f37c714e8: f2c00ff0 movk x16, #0x7f, lsl #32 7f37c714ec: f9400209 ldr x9, [x16] 7f37c714f0: f9400120 ldr x0, [x9] 7f37c714f4: d63f0000 blr x0 7f37c714f8: d100239f sub sp, x28, #0x8 7f37c714fc: f81f8f82 str x2, [x28, #-8]! 7f37c71500: d2808510 mov x16, #0x428 // #1064 ^^^^^^^^^^^^^ ^^^^^^^^^ ^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^ 7f37c71504: f2a5c050 movk x16, #0x2e02, lsl #16 7f37c71508: f2c00ff0 movk x16, #0x7f, lsl #32 7f37c7150c: f9400211 ldr x17, [x16] 7f37c71510: 91000631 add x17, x17, #0x1 7f37c71514: f9000211 str x17, [x16] 7f37c71518: f8408782 ldr x2, [x28], #8 7f37c7151c: 936ffc50 asr x16, x2, #47 7f37c71520: 31003a1f cmn w16, #0xe 7f37c71524: 540000e0 b.eq 0x7f37c71540 // b.none 7f37c71528: d2901d10 mov x16, #0x80e8 // #33000 7f37c7152c: f2a55fd0 movk x16, #0x2afe, lsl #16 7f37c71530: f2c00ff0 movk x16, #0x7f, lsl #32 7f37c71534: f9400209 ldr x9, [x16] 7f37c71538: f9400120 ldr x0, [x9]
Bug 1521158 Comment 3 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
I think this is a crash in JIT code unrelated to LiveSavedFrameCache. The one in comment 0 is a SIGILL / ILL_ILLOPC crash in the code below. Lars, this should be valid code right? I wonder if there's a problem with invalidating the instruction cache. ``` 7f37c714b8: 52800022 mov w2, #0x1 // #1 7f37c714bc: d2901910 mov x16, #0x80c8 // #32968 7f37c714c0: f2a55fd0 movk x16, #0x2afe, lsl #16 7f37c714c4: f2c00ff0 movk x16, #0x7f, lsl #32 7f37c714c8: f9400209 ldr x9, [x16] 7f37c714cc: f9400120 ldr x0, [x9] 7f37c714d0: d63f0000 blr x0 7f37c714d4: 9100639c add x28, x28, #0x18 7f37c714d8: f81c82e2 stur x2, [x23, #-56] 7f37c714dc: d2ffff53 mov x19, #0xfffa000000000000 // #-1688849860263936 7f37c714e0: d2901b10 mov x16, #0x80d8 // #32984 7f37c714e4: f2a55fd0 movk x16, #0x2afe, lsl #16 7f37c714e8: f2c00ff0 movk x16, #0x7f, lsl #32 7f37c714ec: f9400209 ldr x9, [x16] 7f37c714f0: f9400120 ldr x0, [x9] 7f37c714f4: d63f0000 blr x0 7f37c714f8: d100239f sub sp, x28, #0x8 7f37c714fc: f81f8f82 str x2, [x28, #-8]! 7f37c71500: d2808510 mov x16, #0x428 // #1064 ^^^^^^^^^^^^^ ^^^^^^^^^ ^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^ 7f37c71504: f2a5c050 movk x16, #0x2e02, lsl #16 7f37c71508: f2c00ff0 movk x16, #0x7f, lsl #32 7f37c7150c: f9400211 ldr x17, [x16] 7f37c71510: 91000631 add x17, x17, #0x1 7f37c71514: f9000211 str x17, [x16] 7f37c71518: f8408782 ldr x2, [x28], #8 7f37c7151c: 936ffc50 asr x16, x2, #47 7f37c71520: 31003a1f cmn w16, #0xe 7f37c71524: 540000e0 b.eq 0x7f37c71540 // b.none 7f37c71528: d2901d10 mov x16, #0x80e8 // #33000 7f37c7152c: f2a55fd0 movk x16, #0x2afe, lsl #16 7f37c71530: f2c00ff0 movk x16, #0x7f, lsl #32 7f37c71534: f9400209 ldr x9, [x16] 7f37c71538: f9400120 ldr x0, [x9] ```