Open Bug 1918280 Opened 24 days ago Updated 11 days ago

Crash in [@ js::jit::X86Encoding::BaseAssembler::linkJump]

Categories

(Core :: JavaScript Engine: JIT, defect, P5)

Other
Windows
defect

Tracking

()

Tracking Status
firefox132 --- affected

People

(Reporter: release-mgmt-account-bot, Unassigned, NeedInfo)

References

(Depends on 1 open bug, Blocks 1 open bug)

Details

(Keywords: crash)

Crash Data

Crash report: https://crash-stats.mozilla.org/report/index/58267e72-a9f6-4c31-8b60-8fb0a0240908

MOZ_CRASH Reason: MOZ_RELEASE_ASSERT(size_t(to.offset()) <= size())

Top 10 frames of crashing thread:

0  xul.dll  js::jit::X86Encoding::BaseAssembler::linkJump  js/src/jit/x86-shared/BaseAssembler-x86-shared.h:4677
0  xul.dll  js::jit::AssemblerX86Shared::bind  js/src/jit/x86-shared/Assembler-x86-shared.h:1015
1  xul.dll  js::jit::BaselineCompiler::emitBody  js/src/jit/BaselineCodeGen.cpp:6666
2  xul.dll  js::jit::BaselineCompiler::compile  js/src/jit/BaselineCodeGen.cpp:249
3  xul.dll  js::jit::BaselineCompile  js/src/jit/BaselineJIT.cpp:229
3  xul.dll  CanEnterBaselineJIT  js/src/jit/BaselineJIT.cpp:330
3  xul.dll  js::jit::CanEnterBaselineMethod<1>  js/src/jit/BaselineJIT.cpp:455
4  xul.dll  js::jit::MaybeEnterJit  js/src/jit/Jit.cpp:214
4  xul.dll  js::RunScript  js/src/vm/Interpreter.cpp:449
4  xul.dll  js::InternalCallOrConstruct  js/src/vm/Interpreter.cpp:613

By querying Nightly crashes reported within the last 2 months, here are some insights about the signature:

  • First crash report: 2024-07-04
  • Process type: Content
  • Is startup crash: No
  • Has user comments: No
  • Is null crash: No

The Bugbug bot thinks this bug should belong to the 'Core::JavaScript Engine: JIT' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.

Component: General → JavaScript Engine: JIT

Jan, could take a quick look at this to see if it is actionable?

Flags: needinfo?(jdemooij)
Severity: -- → S4
Depends on: sm-defects-crashes
Priority: -- → P5
You need to log in before you can comment on or make changes to this bug.