[webkit-dev] x86-64 JIT

Maciej Stachowiak mjs at apple.com
Thu Mar 19 09:43:36 PDT 2009

On Mar 18, 2009, at 1:47 PM, Mike Hommey wrote:

> On Wed, Mar 18, 2009 at 01:07:51PM -0700, Gavin Barraclough wrote:
>> On Mar 18, 2009, at 11:06 AM, Mike Hommey wrote:
>>> An earlier call to JSC::JITStubs::cti_op_call_NotJSFunction works  
>>> and a
>>> lot
>>> of other stub functions are called before the crash, so it means  
>>> most
>>> of
>>> the JIT works, but it is failing in a subtle way.
>> I'd suggest trying to produce a reduction of the test case your  
>> looking
>> at – JIT crashers can usually be reduced down to a very small test  
>> case.
>> You may then want to step though the JIT code to see where the bogus
>> value is coming from.  Adding calls to breakpoint() from
>> JIT::privateCompile and JIT::privateCompileMainPass can help with  
>> this,
>> inserting breakpoints into the JIT code that the debugger will then  
>> hit.
> Apparently, any javascript containing page is enough to trigger the
> crash. The default homepage, google.com does trigger it, and the much
> simpler alert() testcase i found with a quick search crashes too.
> http://liblearn.osu.edu/tutor/jscript.html
> I'll give a try to breakpoints when I'll have the occasion.

It may be easier to debug using the command-line jsc tool and simple  
script that's not in a Web page.

  - Maciej

More information about the webkit-dev mailing list