[webkit-dev] x86-64 JIT
Maciej Stachowiak
mjs at apple.com
Thu Mar 19 09:43:36 PDT 2009
On Mar 18, 2009, at 1:47 PM, Mike Hommey wrote:
> On Wed, Mar 18, 2009 at 01:07:51PM -0700, Gavin Barraclough wrote:
>> On Mar 18, 2009, at 11:06 AM, Mike Hommey wrote:
>>
>>> An earlier call to JSC::JITStubs::cti_op_call_NotJSFunction works
>>> and a
>>> lot
>>> of other stub functions are called before the crash, so it means
>>> most
>>> of
>>> the JIT works, but it is failing in a subtle way.
>>
>> I'd suggest trying to produce a reduction of the test case your
>> looking
>> at – JIT crashers can usually be reduced down to a very small test
>> case.
>> You may then want to step though the JIT code to see where the bogus
>> value is coming from. Adding calls to breakpoint() from
>> JIT::privateCompile and JIT::privateCompileMainPass can help with
>> this,
>> inserting breakpoints into the JIT code that the debugger will then
>> hit.
>
> Apparently, any javascript containing page is enough to trigger the
> crash. The default homepage, google.com does trigger it, and the much
> simpler alert() testcase i found with a quick search crashes too.
> http://liblearn.osu.edu/tutor/jscript.html
>
> I'll give a try to breakpoints when I'll have the occasion.
It may be easier to debug using the command-line jsc tool and simple
script that's not in a Web page.
- Maciej
More information about the webkit-dev
mailing list