Closed Bug 454958 Opened 17 years ago Closed 16 years ago

TM: Firefox crashes when viewing youtube video in Google video with JIT enabled [@ nanojit::LIns::isop(nanojit::LOpcode)]

Categories

(Core :: JavaScript Engine, defect)

Product:
Core
Component:
JavaScript Engine
Platform:
x86
Windows Vista
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

()

Status:
VERIFIED WORKSFORME

People

(Reporter: chadwickgab+mozilla, Unassigned)

References

(
URL
)

Details

(Keywords: crash, regression, top100)

Crash Data

Firefox crashes when viewing a video in Google Video with JIT enabled. 1. Enable JIT. 2. Load http://video.google.ca/videosearch?q=bleeding+love&emb=0&aq=0&oq=bl# and click on a video. Firefox crashes and it should not. Build Mozilla/5.0 (Windows; U; Windows NT 6.0; fr; rv:1.9.1b1pre) Gecko/20080910043000 Minefield/3.1b1pre Crashes ids : http://crash-stats.mozilla.com/report/index/08f21311-8080-11dd-ab14-001a4bd43ed6?p=1 http://crash-stats.mozilla.com/report/index/908477ca-8080-11dd-ba76-001a4bd43ed6?p=1 http://crash-stats.mozilla.com/report/index/f7f3cec2-8082-11dd-9eb0-001cc45a2c28?p=1 http://crash-stats.mozilla.com/report/index/dc1850d1-8083-11dd-b03d-001cc45a2c28?p=1
Flags: blocking1.9.1?
Signature nanojit::LIns::isop(nanojit::LOpcode) UUID 08f21311-8080-11dd-ab14-001a4bd43ed6 Time 2008-09-11 21:05:04-07 Uptime 10 Product Firefox Version 3.1b1pre Build ID 20080910043000 OS Windows NT OS Version 6.0.6000 CPU x86 CPU Info AuthenticAMD family 15 model 72 stepping 2 Crash Reason EXCEPTION_ACCESS_VIOLATION Crash Address 0x0 Comments Crashing Thread Frame Module Signature Source 0 js3250.dll nanojit::LIns::isop 1 js3250.dll isi2f 2 js3250.dll isPromoteInt 3 js3250.dll TraceRecorder::writeBack 4 js3250.dll TraceRecorder::set 5 js3250.dll TraceRecorder::stack 6 js3250.dll js3250.dll@0x6455f 7 js3250.dll js_Invoke 8 js3250.dll fun_call 9 js3250.dll js_Interpret 10 js3250.dll js_Invoke 11 js3250.dll fun_call 12 js3250.dll js_Interpret 13 js3250.dll js_Invoke 14 js3250.dll js_fun_apply 15 js3250.dll js_Interpret 16 js3250.dll js_Invoke 17 xul.dll nsXPCWrappedJSClass::CallMethod
Summary: TM: Firefox crashes when viewing youtube video in Google video with JIT enabled → TM: Firefox crashes when viewing youtube video in Google video with JIT enabled [@ nanojit::LIns::isop(nanojit::LOpcode)]
There is some nesting of interpreters going on here. I wonder whether the most recent onTrace patch fixed this.
Bug 445177 may have made this worse since i seem to crash on more sites today
Google video didn't crash for me using today's nightly and Flash player 10.0.12.10 beta released on 9/15/08.. Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.1b1pre) Gecko/20080922032349 Minefield/3.1b1pre Firefox/3.0 ID:20080922032349 the link in comment #7 did crash however... http://crash-stats.mozilla.com/report/index/b7161ee6-88a5-11dd-8005-0013211cbf8a
Seems to work with the latest tracemonkey build. ftp://ftp.mozilla.org/pub/firefox/tinderbox-builds/tracemonkey-macosx/1222118468/ Please feel free to re-open if you can reproduce it with the TM builds. We will merge into mozilla trunk soon (24h or so).
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → WORKSFORME
Using Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1b1pre) Gecko/20080924033412 Minefield/3.1b1pre WORKS: http://video.google.ca/videosearch?q=bleeding+love&emb=0&aq=0&oq=bl# WORKS: http://www.liferay.com/ WORKS: http://www.editgrid.com/user/wargodriver/adr Yey!
Thanks for re-testing.
Verified with Mozilla/5.0 (Windows; U; Windows NT 6.0; fr; rv:1.9.1b1pre) Gecko/20080924033412 Minefield/3.1b1pre
Status: RESOLVED → VERIFIED
Flags: blocking1.9.1?
Crash Signature: [@ nanojit::LIns::isop(nanojit::LOpcode)]
You need to log in before you can comment on or make changes to this bug.